Chapter5 - University of Guelpheldar.mathstat.uoguelph.ca/.../math4140/pdf/Chapter5.pdfChapter5 Rings Nothingprovesmoreclearlythatthemind seekstruth,andnothingreﬂectsmoreglory uponit,thanthedelightittakes,sometimes

Chapter 5

Rings

Nothing proves more clearly that the mindseeks truth, and nothing reflects more gloryupon it, than the delight it takes, sometimesin spite of itself, in the driest and thorniestresearches of algebra.- Bernard de Fontenelle

This chapter introduces what is in some ways the nextlogical structure in modern or abstract algebra: thering. The ring we know best at this point is the inte-gers under addition and multiplication. It is in manyways the quintessential ring, in the sense that thestrangeness of other rings is measured by the proper-ties they fail to share with the integers.

5.1 Definitions and Examples

Definition 5.1 A ring is a set R with two opera-tions, called addition, denoted +, and multiplica-tion, denoted · or ×, which obey the following rules:

• (R,+) is a commutative group.

• Multiplication is associative.

• The left and right distributive laws:

a× (b + c) = (a× b) + (a× c)

(b+ c)× a = (b× a) + (c× a)

hold.

Definition 5.2 For a ring (R,+,×) the group(R,+) is called the additive group of R. The iden-tity of this group is called the zero of the ring. It isusually denoted 0.

Definition 5.3 If for a ring (R,+,×) multiplicationis commutative then we say R is a commutativering.

Definition 5.4 If for a ring (R,+,×) there is anidentity element for multiplication we call R a ringwith identity or a ring with one. The multiplica-tive identity of the ring is also called the one of thering, if it exists.

Example 5.1 Both (Z,+,×) and (Zn,+,×) are ex-amples of commutative rings with one. Notice that allof the ring properties are properties we are alreadyfamiliar with for the integers and that the integers(mod n) inherit these properties by applying Propo-sition 3.11.

Example 5.2 A ring consisting only of the elementzero is called the trivial ring.

Example 5.3 The n×n matrices over R form a non-commutative ring with one using matrix addition andmultiplication. The one of this ring is the identitymatrix In. This ring is denoted Rn×n.

Proposition 5.1 Let

F(R,R) = f : R → R

be the set of functions from the real numbers to thereal numbers. We know how to add and multiply suchfunctions from our experience in introductory calcu-lus classes (the result is simply the standard multipli-cation and addition of R on the output values of thefunctions at the point at which they are evaluated).Under these forms of addition and multiplication thefunctions from R to itself form a commutative ringwith one.

123

124 CHAPTER 5. RINGS

Proof:

We know that addition and multiplication of func-tions is associative by noticing that at each value ofx ∈ R we are performing associative addition andmultiplication of real numbers; the function in totalfollows these individual associative operations. Theadditive identity is the function f(x) = 0 and the ad-ditive inverse of an element f(x) is −f(x) and so wehave assembled the additive group. The distributivelaw for functions follows from the distributive law foreach individual x ∈ R. We now know that F is aring. The one is f(x) = 1 and commutativity resultsfrom commutativity of multiplication of functions ateach x ∈ R.

Proposition 5.2 Suppose that (R,+,×) is a ring.Then for any r ∈ R

0× r = r × 0 = 0

Proof:

Let a, r ∈ R and compute:

(a+ 0)× r = (a× r) + (0 × r)

(a× r) = (a× r) + (0 × r)

(a× r) − (a× r) = (a× r)− (a× r) + (0 × r)

0 = 0× r

Which gives us half of the proposition. The other halfis proved in the same manner.

The following proposition demonstrates that the ad-ditive inverse in a ring behaves as we would expect itto with respect to multiplication.

Proposition 5.3 Suppose that (R,+,×) is a ring.Then for any a, b ∈ R

−(a× b) = (−a)× b = a× (−b)

Proof:

Using the left distributive law and proposition 5.2 wehave:

a× 0 = 0

a× (b+ (−b)) = 0

a× b+ a× (−b) = 0

a× (−b) = −(a× b)

Which gives us half of the proposition, the other halfis proved in a similar manner using the right distribu-tive law.

Small rings can be efficiently summarized by givingthe addition and multiplication tables.

Example 5.4 Below are both the addition and mul-tiplication tables for (Z3,+,×).

+ 0 1 2

0 0 1 21 1 2 02 2 0 1

× 0 1 2

0 0 0 01 0 1 22 0 2 1

We have already encountered zero divisors in Chap-ter 1, Definition 3.22 defined them for the integers(mod n) and we now repeat the definition generallyfor rings.

Definition 5.5 Suppose that (R,+,×) is a ring andthat x, y ∈ R. If x × y = 0 and we have that x = 0and y = 0 then we call x a left zero divisor and ya right-zero divisor. If an element of the ring isboth a left zero divisor and a right zero divisor it issaid to be a zero divisor. Zero itself is not a zerodivisor.

Note that for a commutative ring, an element is aleft zero divisor iff it is a right zero divisor, as sucha commutative ring that has no zero divisors has noleft and no right zero divisors and vice versa. This isnot true in general for non-commutative rings.

We now define a type of ring that is extremely wellbehaved and typified by the integers.

Definition 5.6 An integral domain is a commu-tative ring with one that has no zero divisors.

Example 5.5 The ring (Z,+,×) (or the ring Z) isan integral domain.

Proposition 5.4 The Left cancellation lawIf (I,+,×) is an integral domain and a = 0 is anelement of I then when a × b = a × c we have thatb = c.

5.1. DEFINITIONS AND EXAMPLES 125

Proof:First note that:

(a× c) + (a× (−c)) = a× (c− c)

(a× c) + (a× (−c)) = 0

So −(a× c) = a× (−c).Then compute:

a× b = a× c

(a× b)− (a× c) = 0

a× (b − c) = 0

Since I is an integral domain, there are no zero divi-sors. Since a = 0 this forces b − c = 0 which in turntells us that b = c.

There is also a right cancellation law, the proof ofwhich is left as Exercise 5.1.

Example 5.6 The three familiar arithmetic systemsQ, R and C are all examples of integral domains.

Henceforth we will say the ring R rather than thering (R,+,×) and will write a × b as ab in order toenhance the clarity of presentation of the material.

Proposition 5.5 The ring Zn is an integral domainiff n is prime.

Proof: the proof of this proposition is an exercise.

Definition 5.7 Suppose that R is a ring and the S ⊂R. Then we say S is a subring of R if S is a ringusing the same operations as R.

Notice that every ring is a subring of itself.

Proposition 5.6 A non-empty subset S of a ring Ris a subring if

(i) S is closed under the addition of R.

(ii) S is closed under the multiplication of R.

(iii) S is closed under negation.

Proof: the proof of this proposition is an exercise

If S is a subring of R then we write S ≤ R. It isimplicit in Proposition 5.6 that negation, which as-sociates an element of the ring with its inverse in theadditive group of the ring, is a unary operation onthe ring.

Example 5.7 Notice that the even integers areclosed under addition, multiplication, and negation.The even integers are thus a subring of Z. They forman example of a commutative ring without one.

Proposition 5.7 Suppose that R is a ring with one.Then the one is unique.

Proof:

Suppose that there exist two elements e and f thatboth act as multiplicative identities. This means thatan element of R multiplied by either of these elementsreturns that same element ofR. Then we have e·e = eand e ·f = e. Subtracting these two equations we get:

e · e− e · f = e− e

e · (e − f) = 0

e− f = 0

e = f

Definition 5.8 Suppose that R is a commutativering with one. We define R∗ to be the subset of Rso that for each a ∈ R∗ there exists b ∈ R such thatab = 1. The subset R∗ is called the units of R.

Proposition 5.8 If R is a commutative ring with 1then the set of units R∗ form a commutative groupunder the multiplication operation of the ring.

Proof:

The first step is to prove that multiplication is evenan operation on the putative group of units. Thisrequires that we prove they are closed. Let a, b beunits. Then there exist c, d so that ac = 1 and bd = 1.Notice that

(ab)(dc) = a(bd)c = a(1)c = ac = 1

so ab is also a unit. We have that the multiplicationoperation is commutative since we are dealing with acommutative ring. We now check the group axioms.G1 is inherited from the definition of a ring: ringmultiplication is associative. G2 is satisfied by 1.G3 is satisfied by the definition of a unit, since a ∈R∗ implies that there exists some b ∈ R such thatab = 1, since R is commutative ab = ba = 1, andhence b ∈ R∗.


Recall that in Definition 4.7 we defined how to mul-tiply an element of an additive group by a naturalnumber or its negative. There is a very similar defini-tion for multiplying a natural number or its negativeby an element of a ring.

Definition 5.9 If n is a natural number and r is anelement of a ring then we define:

• 0 · r = 0, that is the natural number zero multi-plied by r is equal to the zero of the ring.

• n · r = r + (n− 1) · r.

• (−n) · r = n · (−r).

This definition permits us to make a definition thatplaces rings into different categories.

Definition 5.10 The characteristic of a ring R isthe smallest positive natural number n so that n·r = 0for all r ∈ R. If no such n exists then we say thering has characteristic zero. The notation for thecharacteristic of a ring R is char(R).

Example 5.8 The ring Zn is an example of a ringof characteristic n while Z is an example of a ring ofcharacteristic zero.

Definition 5.11 Suppose R is a commutative ringwith one such that the nonzero elements of R form agroup under multiplication. Then we call R a field.We insist that there be at least one nonzero elementand so fields have size at least 2.

Example 5.9 The rings Q, R, C, and Zp when p isprime are all examples of fields.

Notice that another way to define a field is to say acommutative ring with one in which all nonzero ele-ments are units. you are asked to prove that this isan equivalent way to define a field in Problem 5.16.

Proposition 5.9 Every field is an integral domain.

Proof:

Suppose that F is a field and that ab = 0. If a is zerowe are done. If a = 0 then a−1ab = 1 · b = b = 0 andwe see that b is zero. We deduce that F has no zerodivisors and so is an integral domain.

Proposition 5.10 Every finite integral domain is afield.

Proof:

An integral domain is a commutative ring with 1.This means that it is a field if its nonzero elementsform a group. Proposition 5.8 tells us that this can bedone by proving that all nonzero elements are units.Let I be a finite integral domain. Proposition 5.4tells us that, for non-zero a, if ab = ac then b = c inI; but this means that left multiplication by a = 0 isa 1 to 1 map from I to I. Since I is finite this meansthat left multiplication by a is a bijection of I withitself. From this we may deduce that for some d ∈ I,ad = 1 and so a is a unit. The proposition follows.

Proposition 5.10 demonstrates the assertion in Exam-ple 5.9 that Zp is a field when p is prime, assumingthat the student has done Problem 5.6.

Definition 5.12 Let S ⊂ R be a subset of a ring R.We define

S

to be a subring of R that contains S, such that for allsubrings T ≤ R where S ⊂ T , we have that S ≤ T .S is called the subring of R generated by S.

When R is a finite ring the subring generated by asubset S may be thought of as the result of closingS under the operations addition, multiplication andnegation.

One of the most efficient methods of generating moregroups from the groups we already had was the directproduct of groups. Rings have a similar notion.

Definition 5.13 If (R,+,×) and (S,⊕, ·) are ringsthen the set

R× S = (r, s) : r ∈ R, s ∈ S

with the operations

(r, s) + (r, s) = (r + r, s⊕ s)

(r, s)× (r, s) = (r × r, s · s)

is the direct product of R and S.

Proposition 5.11 The direct product of rings is aring.


Proof:

Note that the direct product of the additive groupsis a commutative group and so there is no problemwith the addition operator. Associativity of multi-plication is inherited component-wise. Likewise thedistributive laws work in each component of the di-rect product and so work overall.

The direct product of rings lets us build a fairly sub-stantial variety of rings. The next construction per-mits us to make rings with an extraordinary varietyof properties. Warning: vast amounts of fiddly cal-culation lie ahead.

Definition 5.14 Let G be a group and R be a ring.We define the group ring of R over G to be the setof formal sums :

R[G] =

g∈G

rg · g : rg ∈ R

The ring R is called the coefficient ring of the groupring.

Proposition 5.12 Let

x =

g∈G

rg · g

andy =

g∈G

sg · g

be members of R[G]. Define:

x+ y =

g∈G

(rg + sg) · g

x · y =

g∈G

h∈G

(rgsh)gh

Then (R[G],+, ·) is a ring.

Proof:

Addition in R and the formal addition of R[G]are both associative and so the addition given is as-sociative. Let z =

g∈G 0 · g. Then it is easy to see

that z + x = x + z = x and so z is the zero of R[G].Notice that

g∈G rg · g +

g∈G−rg · g = z so every

element has an additive inverse and we see (R[G],+)is a group. That it is a commutative group followsfrom the fact that R is commutative.

Let

x =

g∈G

rg · g,

y =

g∈G

sg · g,

and

w =

g∈G

tg · g

Then

x · (y · w) =

x ·

h∈G

k∈G

(shtk)hk =

g∈G

h∈G

k∈G

(rgshtk)ghk =

g∈G

h∈G

(rgsh)gh · w =

(x · y) · w

and we see that the multiplication is associative.

Now Compute:

x · (y + w) =

g∈G

h∈G

(rg(sh + th))gh =

g∈G

h∈G

(rgsh)gh+

g∈G

h∈G

(rgth)gh =

x · y + x · w

so the left distributive law holds. The right distribu-tive law is proved in a very similar manner.

It should be noted that during group ring multi-plication when group multiplication yields a group el-ement which does not explicitly have a ring coefficientwe assign the zero of the ring to be that group ele-ments coefficient. The following example illustrateshow group ring addition and multiplication opera-tions work.


Example 5.10 Give the addition and multiplicationtable for the group ring of the ring integers (mod 2)over the group Z2. In other words

R = Z2[Z2]

Let the group Z2 = e, α. Then the elements of Rare:

z = 0 · e+ 0 · αo = 1 · e+ 0 · αa = 0 · e+ 1 · αb = 1 · e+ 1 · α

Following the definition of addition and multiplica-tion in the group ring we get:

+ z o a b

z z o a bo o z b aa a b z ob b a o z

· z o a b

z z z z zo z o a ba z a o bb z b b z

The group ring is a somewhat bizarre construction,but it provides a vast library of examples of rings. Inthe problems we will demonstrate that some of theproperties of R can be inherited by R[G], dependingon the choice of group.

When computing products in a group ring there aresome conventions (besides the coefficient zero conven-tion mentioned above). First of all, elements that aremultiplied by the zero of the ring are not displayed sothat 0 ·α+r ·β is written simply as r ·β. The elementwith all coefficients zero is written 0 and is the zeroof the group ring. Second, if R is a ring with onethen we write elements or parts of elements of theform 1 · α as just α, suppressing the writing of theone of R. Third, elements of the form r · e where e isthe identity of G are written r with the element 1 · ewritten as 1; it is the one of the group ring. Fourth,all the coefficients of a given element of the group areadded. So, for example, if we have Z[G] with α ∈ G,the element 2 · α+ 5 · α is written 7 · α.

Example 5.11 Compute the multiplication table ofthe group ring Z3[Z2].

Lets let the elements of the group Z2 be e, a. Usingthe conventions above the elements are 0, 1, 2, a,

1 + a, 2 + a, 2a, 1 + 2a, and 2 + 2a. The table isshown in Figure 5.1.

Problems

Problem 5.1 Review Proposition 5.4 and then stateand prove the right cancellation law.

Problem 5.2 In the same fashion as Example 5.4give the addition and multiplication tables for the ring(Z4,+,×)

Problem 5.3 Give an example of a finite non-commutative ring with one.

Problem 5.4 Give an example of a non-commutative ring without one.

Problem 5.5 Let (G,+) be a commutative groupwith identity 0. If we define g · h = 0 for all g, h ∈ Gthen is the resulting object a ring?

Problem 5.6 Prove Proposition 5.5. Hint: most ofthis problem can be done by citing an example.

Problem 5.7 Examine the object below, given byan addition and multiplication table on the setR = 0, 1, q, v:

+ 0 1 q v

0 0 1 q v1 1 0 v qq q v 0 1v v q 1 0

× 0 1 q v

0 0 0 0 01 0 1 q vq 0 q v 1v 0 v 1 q

Prove that this structure is a ring using the fol-lowing steps:

(i) Demonstrate that (R,+) is a group by findingwhich group it is isomorphic to.

(ii) Prove that the non-zero elements of R forma group under multiplication and identify thatgroup.

(iii) Using (ii) prove that multiplication is associa-tive. This is not too hard if you deal with zerosensibly.


· 0 1 2 a 1+a 2+a 2a 1+2a 2+2a

0 0 0 0 0 0 0 0 0 0

1 0 1 2 a 1+a 2+a 2a 1+2a 2+2a

2 0 2 1 2a 2+2a 1+2a a 2+a 1+a

a 0 a 2a 1 1+a 1+2a 2 2+a 2+2a

1+a 0 1+a 2+2a 1+a 2+2a 0 2+2a 0 1+a

2+a 0 2+a 1+2a 1+2a 0 2+a 2+a 1+2a 0

2a 0 2a a 2 2+2a 2+a 1 1+2a 1+a

1+2a 0 1+2a 2+a 2+a 0 1+2a 1+2a 2+a 0

2+2a 0 2+2a 1+a 2+2a 1+a 0 1+a 0 2+2a

Figure 5.1: The multiplication table of Z3[Z2]

(iv) Remembering to use Proposition 5.2 liberally,prove that the left distributive law holds: a× (b+c) = a× b+ a× c.

(v) Prove that the multiplication is commutative andfrom this deduce the right distributive law.

Problem 5.8 Prove that the ring in Problem 5.7 isan integral domain.

Problem 5.9 Prove Proposition 5.6. Hint: remem-ber that you already have propositions for subgroups.

Problem 5.10 State and prove a result that lists allpossible subrings of the integers. Start with example5.7.

Problem 5.11 Prove that every subring of the inte-gers is generated by a single integer.

Problem 5.12 Suppose we take the matrix

M =

0 11 1

with entries from Z2. Find the set of matrices Mgenerated by closing the set M under both matrixaddition and matrix multiplication. Make addition

and multiplication tables. Is the resulting subring ofthe ring Z2×2

2 of 2× 2 matrices over Z2:

(i) a commutative ring with one?

(ii) an integral domain?

(iii) a field?

Prove your answers.


M =

0 12 0

with entries from Z3. Find the set of matrices Mgenerated by closing the set M under both matrixaddition and matrix multiplication (there are 9 ofthem). Make addition and multiplication tables. Isthe resulting subring of the ring Z2×2

3 of 2× 2 matri-ces over Z3:

(i) a commutative ring with one?

(ii) an integral domain?

(iii) a field?

Prove your answers.


Problem 5.14 Find all subrings of Z8.

Problem 5.15 Suppose that p is prime. Find allsubrings of the ring Zp.

Problem 5.16 Prove that if R is a commutativering with one for which all nonzero elements are unitsthen R is a field.

Problem 5.17 Suppose that F is a field of charac-teristic p for some prime integer p. Show that F con-tains a subring that is identical to the ring Zp.

Problem 5.18 Prove that the direct product of twocommutative rings is commutative.

Problem 5.19 Prove that the direct product of tworings with one is a ring with one.

Problem 5.20 Suppose that R = S × T is a directproduct of rings with S and T each having size inexcess of 2. Prove that R has zero divisors.

Problem 5.21 Compute the characteristic of Zn ×Zm.

Problem 5.22 Suppose that G is a group with n ele-ments. How many elements does the group ring Z2[G]contain?

Problem 5.23 Prove that every ring is isomorphicto a group ring. Hint: this is really easy.

Problem 5.24 Prove that if R is a commutativering and G is a commutative group then the groupring R[G] is a commutative ring.

Problem 5.25 Prove that if R is a ring with oneand G is a group then the group ring R[G] is a ringwith one.

Problem 5.26 Prove that if R is a ring with at leastone nonzero element and G is a noncommutativegroup then R[G] is a non-commutative ring.

Problem 5.27 Let G be a group. Prove that if R isa ring of characteristic n then so is R[G].

Problem 5.28 Make an addition and multiplicationtable for the group ring Z2[Z3]. Note that this groupring has 8 elements.

Problem 5.29 Prove or disprove Z2[Z3] is an inte-gral domain.

Problem 5.30 Find the group of units of Z3[Z2].

Problem 5.31 Prove that Z3[Z2] ∼= Z3 × Z3.

5.2 Homomorphisms and

Ideals

Definition 5.15 If R and S are rings and f : R→ Sis a function so that

(i) f(r + r) = f(r) + f(r), and

(ii) f(r · r) = f(r) · f(r).

then we say that f is a ring homomorphism.

Definition 5.16 If g : R → S is a ring homomor-phism then we call the image of g a homomorphicimage of R.

Proposition 5.13 Any homomorphic image of aring is a ring.

Proof:

Let R and S be rings and let g : R → S be a ringhomomorphism. Note that (R,+) and (S,+) areboth commutative groups and g is a group homo-morphism. Thus image(g) is a commutative groupand the remaining ring properties (associative mul-tiplication, and left and right distributive laws) areinherited from R via the ring homomorphism prop-erties: g(ab) = g(a)g(b) and g(a + b) = g(a) + g(b).

Proposition 5.14 Any homomorphic image of aring with 1 is a ring with 1.

Proof:

Let R be a ring with 1 and let g : R → S be a ringhomomorphism. Set Q = image(g), the image of g.By the previous proposition Q is a ring. Let e = g(1).Let a ∈ Q. Then there must be some b ∈ R so thatg(b) = a. Note that:

1 · b = b = b · 1

g(1 · b) = g(b) = g(b · 1)

g(1) · g(b) = g(b) = g(b) · g(1)

e · a = a = e · a

Since a was chosen arbitrarily, it follows that e is amultiplicative identity of Q.

5.2. HOMOMORPHISMS AND IDEALS 131

A point that may make the above proposition a littleconfusing is the way we proved e was an identity ofQ when g was a function from R to S. A naturalquestion for those not yet fully Zen with abstract al-gebra is “what happened to S?” The problem solvedby using Q is that g need not be a surjection and soQ = image(g) ⊆ S. It is possible to construct ex-amples so that e is the identity of Q, Q is a propersubset of S, and e is not an identity of S. In fact weask you to find this example in an exercise.

Corollary 5.1 If R is a ring with 1 and π : R → Sis a surjective ring homomorphism then S is a ringwith one and π(1) is the identity of S.

Proof:

Making π surjective forces S = Q = image(π) in theproof of Proposition 5.14 and the corollary followsfrom the proof of Proposition 5.14.

Proposition 5.15 The homomorphic image of acommutative ring is a commutative ring.

Proof: this proof is left as an exercise.

A group homomorphism was a map between groupsthat preserved the group operation. A ring homo-morphism, similarly, is a map between rings that pre-serves the ring operations. Notice that if f : R→ S isa ring homomorphism then f is also a homomorphismof the additive groups of R and S

Example 5.12 The map

πn : Z → Zn,

given by i → [i]n is a ring homomorphism. This fol-lows from Proposition 3.11.

One use we made of group homomorphisms was defin-ing the idea of isomorphism that told us when two al-gebraic structures were the same as groups. A similarnotion is available for rings.

Definition 5.17 A bijective ring homomorphism iscalled a ring isomorphism. If f : R → S is a ringisomorphism we say the rings R and S are isomor-phic. This is denoted R ∼= S.

Definition 5.18 Suppose that R and S are rings andg : R→ S is a ring homomorphism. Then

Ig = r ∈ R : g(r) = 0S

is called the kernel of g. We denote the kernel of aring homomorphism g by ker(g).

Example 5.13 From Example 5.12 we know thatπ2 : Z → Z2, is a ring homomorphism. The kernel ofthis map consists of the even integers.

Proposition 5.16 Let F be the ring of functionsspecified in Proposition 5.1. Let r ∈ R be a real num-ber. Then the map

r : F → R

given by f(x) → f(r) is a ring homomorphism.

Proof:

Recall that addition and multiplication of functionsare defined by (f+g)(x) = f(x)+g(x) and (f ·g)(x) =f(x)g(x). Given this:

r(f + g) = f(r) + g(r)

= r(f) + r(g)

r(f · g) = f(r)g(r)

= r(f)r(g)

and we have that r is a ring homomorphism.

Many of the facts we proved about groups implyproperties of rings.

Proposition 5.17 If f : R→ S is a ring homomor-phism then f(0R) = 0S, where 0R and 0S are thezeros of R and S, respectively.

Proof:

Apply proposition 4.14 to the additive groups of Rand S.

Definition 5.19 Suppose that I is a non-empty sub-set of a ring R so that:

(i) (I,+) is a subgroup of (R,+).

(ii) For all x ∈ R and y ∈ I we have xy ∈ I andyx ∈ I.


Then we say I is an ideal of the ring. We write IRwhen I is an ideal of R.

Proposition 5.18 If R is a ring and IR then 0 ∈I.

Proof:

Since I is nonempty by definition there is some a ∈ I.Let b ∈ R. Then b ·a ∈ I and −b ·a ∈ I by the secondideal property. The sum of these two elements is zeroand so 0 ∈ I.

Proposition 5.19 Every ring R contains the twoideals R and 0.

Proof:the proof that these are ideals is an exercise.

The next proposition gives an important family ofideals.

Proposition 5.20 Let R be a commutative ring andfor r ∈ R let I = rx : x ∈ R. Then I R.

Check the two ideal properties. If a, b ∈ I, a = rxand b = ry so a+ b = rx+ ry = r(x+ y) ∈ I and I isclosed under addition, if a = rx ∈ I then r(−x) ∈ I,noting that rx + r(−x) = we have that I is closedunder negation so (I,+) is a subgroup of (R,+) andwe have the first ideal property. Suppose a ∈ I andc ∈ R then a = rx and ca = c(rx) = r(cx) ∈ I andthe proposition follows.

Definition 5.20 For a commutative ring R and anelement r ∈ R, the ideal

I = rx : x ∈ R

consisting of all multiples of r is called a principalideal. The element r ∈ R is called the principleof the ideal. Proposition 5.20 demonstrates I is anideal. We also call the principle of a principle idealits generator.

Definition 5.21 If R is a ring and S ⊆ R then theideal generated by S is the ideal of R denoted byS such that S ⊆ S, and for any ideal I of R suchthat S ⊆ I we have that S ⊆ I. If S is a singletonset then this ideal is a principle ideal.

Definition 5.22 A principle ideal domain is anintegral domain in which all the ideals are principle.

Example 5.14 The ring of integers, Z is a princi-ple ideal domain. To see this note that an ideal ofthe integers is closed under greatest common divisors,forcing any ideal to be generated by its least positiveelement (or zero if the ideal contains no other ele-ments).

As we will see in the next proposition, ideals in ringsplay a very similar role to normal subgroups in grouptheory.

Proposition 5.21 If g : R→ S is a ring homomor-phism then ker(g) R.

Proof:

Suppose that x, y ∈ ker(g) and that z ∈ R. Theng(x + y) = g(x) + g(y) = 0 + 0 = 0 showing thatx + y ∈ ker(g) and so we have property (i) requiredfor an ideal. g(zx) = g(z)g(x) = g(z) · 0 = 0 sothat zx ∈ ker(g), similarly xz ∈ ker(g), giving usproperty (ii).

As with groups, in the domain of rings it turns outthat any ideal is the kernel of some homomorphism.

Proposition 5.22 Let R be a ring and let I R.Define a relation on R by r ∼ s if r− s ∈ I. Then ∼is an equivalence relation.


Now that we know that differing by an element of anideal is an equivalence relation we may define a ringstructure on the equivalence classes.

Definition 5.23 If R is a ring and I R let R/Ibe the set of equivalence classes on R induced by theequivalence relation given in Proposition 5.22. Wedenote the equivalence classes by r+I for each r ∈ R.These equivalence classes are also called cosets of I.

Notice that the cosets of an ideal I are also cosets ofI as a subgroup of the additive group of R.

Proposition 5.23 Let R be a ring and let I R.Define operations on R/I by

(i) (r + I) + (s+ I) = (r + s) + I, and

(ii) (r + I) · (s+ I) = (r · s) + I.

5.2. HOMOMORPHISMS AND IDEALS 133

Then (R/I,+, ·) is a ring called the factor ring of Rby I. Note that if R is a ring with one then (R/I,+, ·)is a ring with one.

Proof:

Notice that I is a subgroup of (R,+). Since thisgroup is commutative it follows that I is a normalsubgroup and so R/I is a factor group and all of theneeded properties for addition in R/I follow. Asso-ciativity of multiplication is inherited from R, as arethe right and left distributive laws. The identity ofR/I is 1 + I, if the ring R has an identity to startwith.

Corollary 5.2 Let R be a ring. The map πI : R →R/I given by r → r + I is a ring homomorphism.This homomorphism is called the canonical homo-morphism or natural quotient map.

Proof:

Once it has been established that R/I is a ring thisfollows directly from the definitions of + and · onR/I.

Note that the kernel of a canonical homomorphismis an ideal. We now know that every ring homomor-phism has an ideal as its kernel and that all idealsare kernels of ring homomorphisms. There is thus amatching of kernels and homomorphisms with eachuniquely specifying the other.

Next we will look at some of the properties ofideals.

Definition 5.24 Suppose that R is a ring and thatI and J are ideals of R. Then the sum of I and Jis:

I + J = a+ b : a ∈ I, b ∈ J

Proposition 5.24 If R is a ring and I and J areideals of R then I + J is also an ideal of R.

Proof:

Suppose that x, y ∈ I + J then for some a, b ∈ I andc, d ∈ J , x = a+ c and y = b+ d. This means that

x+ y = (a+ c) + (b+ d) = (a+ b) + (c+ d)

Notice that a+ b ∈ I and c+ d ∈ J meaning x+ y ∈I + J and so we have shown I + J is closed underaddition. If x ∈ I + J , with x = a + c where a ∈ I

and c ∈ J , then since I and J are subgroups of R(with respect to addition), we have that −a ∈ I and−c ∈ J and hence (−a) + (−c) = −x ∈ I + J . ThusI + J is closed under negation, and hence I + J is asubgroup of R. Let r ∈ R. Then:

r · x = r(a + c) = r · a+ r · c

Since a ∈ I, ra ∈ I and since c ∈ J , rc ∈ J and sowe see that rx ∈ I + J . In a similar manner it canbe shown that xr ∈ I + J . This completes the proofthat I + J is an ideal.

Definition 5.25 Suppose that R is a ring and that Iand J are ideals of R. Then we define the productof I and J to be the set of all finite sums of the form

i1j1 + i2j2 + · · ·+ injn

for ik ∈ I and jm ∈ J . The product of I and J isdenoted IJ .

Proposition 5.25 If R is a ring and I and J areideals of R then IJ is also an ideal of R.

Proof: The sum of two finite sums of the given form

is a finite sum of the given form and so IJ is closedunder addition. Suppose that r ∈ R and i1j1+ i2j2+· · ·+ injn ∈ IJ . Then

r(i1j1 + i2j2 + · · ·+ injn) =

(ri1)j1 + (ri2)j2 + · · ·+ (rin)jn

Each rik ∈ I because I R and so the result ofmultiplying R by any element of IJ is an element ofIJ (and vice versa). Finally note that for i1j1+i2j2+· · ·+ injn ∈ IJ , with ik ∈ I and jm ∈ J we have that−ik ∈ I for each ik and so (−i1)j1 + (−i2)j2 + · · ·+(−in)jn ∈ IJ . Thus we have that IJ is an ideal.

When an ideal is generated by a set x we often say,for the sake of simplicity, that the ideal is generatedby x.

Definition 5.26 An ideal I of a commutative ringR is prime if for all a, b ∈ R, if ab ∈ I then a ∈ Ior b ∈ I.

Proposition 5.26 If P is a prime ideal of a commu-tative ring with 1, R, then R/P is an integral domain.


Proof:

LetR be a commutative ring with 1 and let PR be aprime ideal. Set Q = R/P and let πP : R→ Q be thecanonical homomorphism. The definition of factorrings ensures that πP is surjective which permits usto apply Corollary 5.1 to deduce Q is a ring withone. Proposition 5.15 tells us that Q is commutative.Recall that P is the equivalence class of elements of Rthat is the zero of Q. Suppose that a+P, b+P ∈ Q.Then if (a + P ) · (b + P ) = 0 it follows that ab ∈ P .Since P is a prime ideal we see that a ∈ P or b ∈ Pand so a+P = P or b+P = P . But this means thatif any two elements of Q have zero as a product thenone of these elements must be zero. This means thatQ has no zero divisors. We have shown that Q is acommutative ring with one that has no zero divisors.This is the definition of an integral domain and theproposition follows.

Notice that the notion of being a prime ideal gener-alizes, in a sense, the notion of being a prime num-ber. The prime ideals of the integers are, for example,exactly those that are principle ideals generated byprime numbers. You are asked to verify this fact inan exercise.

Definition 5.27 An ideal I of a ring is said to bemaximal if it is a proper ideal and is contained inno other proper ideal.

Proposition 5.27 If R is a commutative ring with1 and M R is a maximal ideal of R then M is alsoa prime ideal of R.

Proof:

Let ab ∈ M . If a ∈ M or b ∈ M then we are doneso assume neither is in M . Let A = a and B = bbe the principal ideals generated by a and b. Sincea, b /∈M the idealsM+A andM+B containM andso must be R since M is maximal. Since R is a ringwith 1, R·R = R meaning that (M+A)(M+B) = R.Since R is commutative AB ⊆ ab. Since ab ∈M wehave that the ideal ab ⊆M . This means AB ⊆M .Now consider:

R = (M +A)(M +B) =M2 +AM +MB +AB

The second ideal property tells us that M2, AM ,and MB = BM are all subsets of M and we know

that AB ⊆ M so that tells us R ⊆ M . This con-tradicts the definition of maximal ideal and thus wehave proved by contradiction that at least one of a orb must be in M . It follows that M is a prime ideal.

Proposition 5.28 If R is a commutative ring withone and M R is a maximal ideal then R/M is afield.

Proof:

Let F = R/M and let πM : R → F be the canonicalhomomorphism. By Proposition 5.27 we know M isa prime ideal and so Proposition 5.26 tells us F isan integral domain. Let a ∈ R −M . Then, since Mis maximal, we see that a ∪M = R. The imageunder πM of any element of a ∪M is in πM (a)and so it follows that π(a) = F . This means thatF = πM (a) · x : x ∈ F. This means that for someb ∈ F , πM (a) · b = 1. Since a was chosen to be anyelement of R that is not in M it follows that everynon-zero element of F is a unit. This is sufficient todemonstrate that F is a field.

Problems

Problem 5.32 Prove Proposition 5.15.

Problem 5.33 Find an example of a ring R with 1and a ring homomorphism

f : R→ S

so that f(1) is not the identity of S. Hint: Proposi-tion 5.14 implies that f cannot be surjective.



Problem 5.36 Define the map

ι : R → C

by r → r + 0i. Prove that this map is a ring homo-morphism.

Problem 5.37 Find an injective ring homomor-phism from R into Rn×n.

5.3. POLYNOMIAL RINGS 135

Problem 5.38 Prove that the ring given in Problem5.7 is not isomorphic, as a ring, to Z4.

Problem 5.39 Prove that the ring given in Problem5.7 is isomorphic, as a ring, to the ring you found inProblem 5.12.

Problem 5.40 Prove that the group of units of Z3×Z3 is isomorphic to the Klein-4 group.


M =

0 12 1

with entries from Z3. Let R the ring of matricesM generated by closing the set M under bothmatrix addition and matrix multiplication. Prove thatthis ring is isomorphic to Z3 × Z3,

Problem 5.42 Suppose that F is a field. Prove thatF has only two ideals.

Problem 5.43 Examine S = 12, 18 ⊆ Z. For I =S Z find the principle of I.

Problem 5.44 Let R = Zn ×Zm be the direct prod-uct of the integers modulo n and m for n,m > 1.Find n and m so that there is an ideal of R that isnot principle. Demonstrate this by giving the ideal.

Problem 5.45 Prove that a field is a principle idealdomain.

Problem 5.46 Prove that if π : Z → R is a surjec-tive ring homomorphism then R is one of Z or Zn.

Problem 5.47 List all the ideals of Z12 and proveyour list is complete.

Problem 5.48 Find, up to isomorphism, all homo-morphic images of Z12.

Problem 5.49 Suppose that F is a field and

f : F → R

is a surjective ring homomorphism. Prove that R isthe trivial ring or R ∼= F .

Problem 5.50 Let CR be the set of continuous func-tions from the real numbers to the real numbers.

(i) Prove that CR is a subring of the ring given inExample 5.1.

(ii) Prove that the evaluation map r defined is Ex-ample 5.16, when restricted to CR, is a surjectivehomomorphism.

(iii) Describe ker(2).

Problem 5.51 Generalize Examples 5.1 and 5.16 inthe following manner. Given the usual definitions(f + g)(x) = f(x) + g(x) and (fg)(x) = f(x) · g(x)and assuming R is a ring prove:

(i) The set of all functions from R to itself form aring.

(ii) The evaluation map r for r ∈ R is a surjectivegroup homomorphism.

Problem 5.52 Let Q = R×S be a direct product ofrings. Show that the sets IR = (r, 0) : r ∈ R andIS = (0, s) : s ∈ S are both ideals of Q.

Problem 5.53 Suppose that R is a commutativering. Prove that the product of principle ideals is aprinciple ideal.

Problem 5.54 Prove that all prime ideals of the in-tegers are those generated by prime numbers.

Problem 5.55 Find a maximal ideal in Z5 × Z5.

Problem 5.56 List all the maximal ideals of Z24

and prove your list is correct.

5.3 Polynomial Rings

We are already familiar with polynomials, over thereal numbers, from our earlier studies in elementaryalgebra and calculus. In this section we will look atpolynomials over arbitrary rings and derive some oftheir properties.

Definition 5.28 If R is a ring then a polynomialis a finite sum of the form

p(x) = r0 + r1x+ r2x2 + · · · rnx

n

where ri ∈ R, n is a natural number, and x is anunknown. We call the values ri the coefficients of


the polynomial. The unknown x is called the vari-able and the number n is called the degree of thepolynomial. We use the notation deg(p) = n for thedegree of p(x).

Strictly speaking in the above definition of de-gree, we require that the coefficient of xn be non-zero, so that the degree of a polynomial is the largestk such that the coefficient of xk is non-zero, (in thecase of p(x) = 0 we say that deg(p) = 0).

Definition 5.29 A polynomial of degree zero iscalled a constant polynomial. A polynomial of de-gree one or more is called a non-constant polyno-mial.

Definition 5.30 If R is a ring and x is an unknownthen we denote the set of all polynomials with coeffi-cients in R by R[x]. This set is called the polyno-mials over R.

Example 5.15

f(x) =1

2x3 −

2

3x2 + 4x−

1

7

is an example of a polynomial over the rational num-bers: f(x) ∈ Q[x].

g(x) = πx2 + e ∈ R[x]

is a polynomial over the real numbers.

If we have two polynomials p(x) and q(x) of degreen and m with n < m then we may “pad” p(x) withterms like 0xk for n < k ≤ m to enable us to act asif they are of the same degree. This zero padding isused in many of the remaining definitions and proofsin this section to permit clarity of exposition.

Definition 5.31 We define addition and multiplica-tion of polynomials in the usual way:

n

i=0

rixi +

n

i=0

sixi =

n

i=0

(ri + si)xi

and

n

i=0

rixi ·

n

i=0

sixi =

2n

i=0

j+k=i

rjsk

xi

Example 5.16 Suppose that f(x) = x2 + x+ 1 andg(x) = x3 − 5x+2 are polynomials with integer coef-ficients. Then

f(x) + g(x) = x3 + x2 − 4x+ 3

f(x) · g(x) = x5 + x4 − 4x3 − 3x2 − 3x+ 2

f(x)2 = x4 + 2x3 + 3x2 + 2x+ 1

Proposition 5.29 If R is a ring then so is R[x] withthe addition and multiplication given in Definition5.31.


Proposition 5.30 If R is a ring with 1, then so isR[x].

Proof:

The polynomial 1 ·x0 is a multiplicative identityusing the multiplication given in Definition 5.31.

Proposition 5.31 If R is a commutative ring, thenso is R[x].

Proof:

Let

p(x) =

n

i=0

rixi and q(x) =

m

j=0

sjxj ,

then:

p(x) · q(x) =

n

i=0

rixi

·

m

j=0

sjxj

=n+m

k=0

i+j=k

risj

xk

=n+m

k=0

i+j=k

sjri

xk

=

m

i=0

sixi

·

n

j=0

rjxj

= q(x) · p(x)

Notice that the key to the above calculations is thatrisj = sjri, permitting R[x] to inherit the commuta-tivity of R.


Proposition 5.32 If R is an integral domain thenso is R[x].

Proof:

Propositions 5.30 and 5.31 already demonstratethat R[x] is a commutative ring with one. It remainsto show that R[x] contains no zero divisors. Supposefor p(x), q(x) ∈ R[x] we have that p(x) ·q(x) = 0. Letpi and qj be the non-zero coefficients of smallest de-gree in p(x) and q(x) respectively. Such coefficientsexist by the well ordering principle unless the respec-tive polynomials are zero. Then if r(x) = p(x) · q(x)we see that piqjx

i+j is the non-zero coefficient in r(x)of least degree. Since p(x) · q(x) = 0 it follows thatpi · qj = 0. Since R is an integral domain this meansthat either pi = 0 (and hence p(x) = 0) or qj = 0(and hence q(x) = 0). This permits us to deducethat R[x] contains no zero divisors, completing theproof that R[x] is an integral domain.

Example 5.17 Proposition 5.32 tells us that thepolynomials over the integers Z[X ] form an integraldomain.

Corollary 5.3 The ring of polynomials over a fieldis an integral domain.

Proof:

Proposition 5.9 tells us that fields are integraldomains and so we may prove the corollary by citingProposition 5.32.

There are some very small rings, e.g. Z2, but poly-nomial rings (other than one special case) are alwaysinfinite. The only polynomial ring which is finite isof course the polynomials over the trivial ring. It iseasy to see this, pick any non-zero element a of thering R, then the polynomials of the form axk wherek ∈ N form a countably infinite set of polynomials.

Definition 5.32 Let R be a ring. We define scalarmultiplication of a polynomial p(x) ∈ R[x] by s ∈ Ras follows. If

p(x) =n

i=0

rixi

then

s · p(x) =

n

i=0

(s · ri)xi

Definition 5.33 Suppose that R is a commutativering with one and that p(x), q(x) ∈ R[x]. Then ifthere is some unit u ∈ R∗ so that p(x) = u · q(x) wesay that p and q are associated by u or that p andq are associates.

Definition 5.34 Suppose that R is a ring with 1.We say that a polynomial in R[x] is monic if thecoefficient of the highest power of x is 1.

Proposition 5.33 If F is a field then every nonzeropolynomial is the associate of a unique monic polyno-mial.

Proof:

Let p(x) ∈ F [x] be a non-zero polynomial with

p(x) =

n

i=0

aixi

Let b be the member of F so that b · an = 1. Sucha unit exists because F is a field. Let q(x) = b · p(x)then for

q(x) =

n

i=0

(b · ai)xi

the coefficient of xn is 1. We see that q(x) is a monicassociate of p(x). It remains to demonstrate unique-ness. Suppose that c · p(x) is also monic. Thenc = a−1

n but, because inverses in the group (F ∗, ·)are unique, we have c = b. This tells us that q(x) isthe unique monic associate of p(x).

There are a number of strong analogies between theintegers and the polynomial ring over a field. At thispoint we begin to develop this analogy, starting withthe idea of divisibility.

Definition 5.35 We say that a polynomial a(x)divides a polynomial b(x) if there exists a polyno-mial c(x) so that

b(x) = a(x)c(x)

We write a(x)|b(x) when a(x) divides b(x).

Proposition 5.34 Let F be a field and letf(x), g(x) ∈ F [x] be non-zero polynomials.If f(x)|g(x) and deg(f) = deg(g) then f(x) and g(x)are associates.


Proof: the proof is left as an exercise.

Proposition 5.35 Division Algorithm for Poly-nomials Let F be a field and let a(x), b(x) ∈ F [x] bemonic polynomials with deg(b) ≤ deg(a). Then thereexists a unique monic polynomial q(x) and a uniquepolynomial r(x) with deg(r) < deg(b) so that

a(x) = b(x) · q(x) + r(x)

Proof:

Let

Q = a(x)− b(x)s(x) : s(x) ∈ F [x]

Then the set of degrees of elements of Q form a non-empty non-negative set of integers. By the well order-ing principle there is a least degree of elements in Q.Choose q(x) and r(x) so that r(x) = a(x)− b(x)q(x)is a witness to this least degree. Then a(x) =b(x) · q(x) + r(x). Since a and b are monic it fol-lows that q is as well, to permit cancellation of thehighest order term. To see that the degree of r isstrictly less than the degree of b, notice that we canmodify the coefficients of q to, in effect, subtract oradd additional multiples of b until any coefficient ina(x)− b(x) ·q(x) for a term of degree at least as greatas the degree of b is zero. This adjustment of the coef-ficients of q is possible because every nonzero memberF is a multiple of every other non-zero member of F .This gives us the proposition, except that it remainsto demonstrate uniqueness.

Suppose that

a(x) = b(x)q1(x) + r1(x) = b(x)q2(x) + r2(x)

both satisfy the proposition. Then:

b(x)q1(x) + r1(x) = b(x)q2(x) + r2(x)

b(x)q1(x) − b(x)q2(x) = r2(x)− r1(x)

b(x)(q1(x) − q2(x)) = r2(x)− r1(x)

Minimality tells us that deg(r1) = deg(r2); let thisdegree be m. The definition of polynomial additiontells us that deg(r2(x) − r1(x)) ≤ m. Since m <deg(b), the fact that equal polynomials have equaldegrees tells us that the last of the three equationsabove require q1(x)−q2(x) = 0 and r2(x)−r1(x) = 0.

This follows from the fact that R[x] is an integral do-main (Proposition 5.32) and hence lacks zero divisors.We thus see that q and r are unique.

We now continue the analogy between the integersand the polynomials of a field by defining the GCDand showing that a version of Euclid’s algorithmholds.

Definition 5.36 If we have three polynomials a(x),b(x), and c(x) such that a(x)|b(x) and a(x)|c(x) thenwe say a(x) is a common divisor of b(x) and c(x).

Definition 5.37 Suppose that R = F [X ] is the ringof polynomials over a field. The greatest commondivisor of two polynomials is a monic common divi-sor that is divisible by all other common divisors.

Proposition 5.36 Let F be a field. The greatestcommon divisor of any two nonzero polynomials a(x)and b(x) in F [x] exists and is unique.

Proof:Let

I = s(x)a(x) + t(x)b(x) : s, t ∈ F [X ]

Then the set of degrees of members of I, which arenot identically zero, is a nonempty set of non-negativeintegers and so has a least value n by the well orderingprinciple. Let d(x) be a monic polynomial of degreen in I; Proposition 5.33 permits us to assume thatd(x) is monic (since we have insisted that identicallyzero polynomials are not permitted). Then d(x) =s(x)a(x) + t(x)b(x) for some choice of s(x) and t(x).Note that deg(d) ≤ deg(a) and deg(d) ≤ deg(b), sincea, b ∈ I. Set

a(x) = q(x)d(x) + r(x)

by applying the division algorithm. Compute:

a(x) = q(x)d(x) + r(x)

= q(x) (s(x)a(x) + t(x)b(x)) + r(x)

so that

r(x) = (1− q(x)s(x))a(x) − t(x)b(x)

which implies that r(x) ∈ I. This tells us thatdeg(r(x)) ≥ deg(d(x)), an impossibility because the


division algorithm forces the opposite, unless r(x) =0. This then yields the result that a(x) = q(x)d(x)and so d(x)|a(x). By repeating the above argumentwith a(x) and b(x) exchanged we see that it is also thecase that d(x)|b(x). If follows that d(x) is a commondivisor of a(x) and b(x).

Let c(x) be any common divisor of a(x) andb(x). Then we can find w(x) and z(x) so thata(x) = c(x)w(x) and b(x) = c(x)z(x). This meansthat, for arbitrary f(x) and g(x) that

f(x)a(x) + g(x)b(x)

= f(x)(c(x)w(x)) + g(x)(c(x)z(x))

= c(x)(f(x)w(x) + g(x)z(x))

and we see that, since f(x) and g(x) were chosen ar-bitrarily, that c(x) divides every member of I, in par-ticular c(x)|d(x) and so we see that d(x) is a greatestcommon divisor of a(x) and b(x). Uniqueness followsfrom Propositions 5.34 and 5.33, given that any twoGCD’s of a(x) and b(x) must divide one another.

The following pair of corollaries are extracted directlyfrom the proof of Proposition 5.36 and so no explicitproof is given.

Corollary 5.4 Suppose that F is a field and thata(x), b(x) ∈ F [X ] are non-zero polynomials. ThenGCD(a(x), b(x)) is the minimal degree monic mem-ber of the set

I = s(x)a(x) + t(x)b(x) : s, t ∈ F [X ]

Corollary 5.5 Suppose that F is a field and thata(x), b(x) ∈ F [X ] are non-zero polynomials. Thenif c(x) is a common divisor of a(x) and b(x) then itdivides every member of

I = s(x)a(x) + t(x)b(x) : s, t ∈ F [X ]

Continuing the analogy with the integers, we nowproduce a version of Euclid’s algorithm for polyno-mials. Since the division algorithm for polynomialsrequires that a(x) and b(x) be monic, we will need torepeatedly correct the remainders in the Euclideanalgorithm to be monic. We adopt the conventionthat if f(x) is a polynomial over a field then f (x)is the unique monic associate of f(x) guaranteed byProposition 5.33. Check carefully when using the al-gorithm that the associates do in fact “come out inthe laundry” properly.

Algorithm 5.1 Polynomial Euclid’s AlgorithmLet F be a field and assume a(x), b(x) ∈ F [x] aremonic polynomials of positive degree. Apply the di-vision algorithm repeatedly. The following series ofequations:

a(x) = b(x)q(x)1 + r1(x)

b(x) = r1(x)q2(x) + r2(x)

r1(x) = r2(x)q3(x) + r3(x)

· · ·

ri(x) = ri+1(x)qi+1(x) + ri+2(x)

· · ·

rn−2(x) = rn−1(x)qn(x) + 0

eventually produces a remainder rn = 0. In this casern−1(x) = GCD(a(x), b(x)).

Proof:Notice that the remainders have the property

that deg(ri(x)) > deg(ri+1(x)) ≥ deg(0). If a re-mainder is not zero then the next remainder can becomputed. The process thus stops when a remainderof zero is found. Since a(x) and b(x) are of finite de-gree, it follows that a finite number of remainders arecomputed. We see from this that there is a smallestpositive remainder, rn−1(x). If we set a(x) = r−1(x)and b(x) = r0(x) then each remainder from the firstone is a linear combination of the two remainderspreceding it and hence all are linear combinations ofa(x) and b(x). This means, by Corollary 3.2 that ev-ery common divisor of a(x) and b(x) divides each ofthe remainders.

Notice that the last equation shows that rn−1(x)divides rn−2(x). Since rn−3(x) is a linear combina-tion of rn−1(x) and rn−2(x), we see rn−1(x) also di-vides rn−3(x). Following the equations back in likefashion we see that rn−1(x) divides all the remaindersand, as we reach the top of the stack of equations,a(x) and b(x) as well. This means that rn−1(x) isa common divisor of a(x) and b(x). The polynomialrn−1(x) thus satisfies the definition of the greatestcommon divisor of a(x) and b(x) and the algorithmworks as claimed.

By tracing back though the equations generated whilerunning the Euclidean algorithm it is possible to ac-tually find the polynomial coefficients s(x) and t(x)


Example Find the GCD of x3+4x2+7x+6 and x3+3x2+3x+2 in Q[x] and find the polynomial coefficientsthat realize the GCD.Solution:

x3 + 4x2 + 7x+ 6 = (1)(x3 + 3x2 + 3x+ 2) + (x2 + 4x+ 4)

x3 + 3x2 + 3x+ 2 = (x− 1)(x2 + 4x+ 4) + (3x+ 6)

x2 + 4x+ 4 =1

3(x + 2)(3x+ 6) + 0

and we have computed GCD(x3 +4x2+7x+6, x3 +3x2+3x+2) = 3x+6 or x+2 since we usually expressthe result as the unique monic associate. It remains to trace back:

3x+ 6 = (x3 + 3x2 + 3x+ 2)− (x− 1)(x2 + 4x+ 4)

= (x3 + 3x2 + 3x+ 2)− (x− 1)(x3 + 4x2 + 7x+ 6)− (x3 + 3x2 + 3x+ 2)

= [1 + (x− 1)](x3 + 3x2 + 3x+ 2)− (x− 1)(x3 + 4x2 + 7x+ 6)

= (x)(x3 + 3x2 + 3x+ 2)− (x− 1)(x3 + 4x2 + 7x+ 6)

and so, passing to the associate, we have

(x+ 2) =1

3(x)(x3 + 3x2 + 3x+ 2)−

1

3(x− 1)(x3 + 4x2 + 7x+ 6)

with s(x) = 13x and t(x) = − 1

3 (x− 1)

Figure 5.2: An example of the polynomial Euclidean algorithm, including traceback.

such that

GCD(a(x), b(x)) = s(x)a(x) + t(x)b(x)

An example of such a traceback appears in Figure5.2.

Our next step is to define the polynomial analog to aprime number.

Definition 5.38 Let F be a field. A polynomial inF [x] is irreducible if all its divisors are units orassociates.

Notice that the units of F [x] are precisely the non-zero constant polynomials, i.e. all non-zero polyno-mials of degree zero.

Example 5.18 The polynomials x, x+1, x2+x+1,x3+x+1, and x3+x2+1 are examples of irreduciblesin Z2[x]. The polynomial x2 + 1 = (x + 1)2 in Z2[x]and so is not irreducible. On the other hand x2 + 1is irreducible in Q[x].

Proposition 5.37 Let F be a field. All polynomialsof degree one in F [x] are irreducible.

Proof:

If a polynomial is of degree one its divisors are ofdegree 0 (and hence units) or 1 (and hence associates,by Proposition 5.34).

Proposition 5.38 Suppose that F is a field andthat p(x) ∈ F [x] is an irreducible polynomial. Iff(x) ∈ F [x] is a polynomial such that p(x) f(x)then GCD(p(x), f(x)) = 1.

Proof:

The only divisors of p(x) are associates of p(x) andunits. Since p(x) f(x) it follows that the only com-mon divisors of p(x) and f(x) are units, making theirgreatest common divisor 1.

Proposition 5.39 Suppose that F is a field. Ifp(x) ∈ F [x] is irreducible and a(x) and b(x) are poly-


nomials such that p(x)|a(x)b(x) then either p(x)|a(x)or p(x)|b(x).

Proof:

If p(x)|a(x) then we are done so assume thatp(x) a(x). In this case Proposition 5.38 tells usGCD(p(x), a(x)) = 1 and Corollary 5.4 tells us thatwe can find s(x) and t(x) so that

1 = s(x)p(x) + t(x)a(x)

Multiplying this expression through by b(x) yields

b(x) = b(x)s(x)p(x) + b(x)t(x)a(x)

Since p(x)|a(x)b(x) we have that for some c(x),p(x)c(x) = a(x)b(x) and so we may substitute to ob-tain

b(x) = b(x)s(x)p(x) + t(x)c(x)p(x)

= p(x)(b(x)s(x) + t(x)c(x))

which implies that p(x)|b(x).

One of the biggest results in Section 3 was the uniquefactorization theorem for primes. There is an analo-gous theorem for polynomials.

Theorem 5.1 (Unique Factorization Theorem)Let F be a field. A polynomial of degree at least

one in F [x] may be factored into irreducibles, someof which may be repeated, uniquely up to the order ofthe factors and choice of associate for each factor.

Proof:

Let S be the set of positive integers greater than0 for which a polynomial of that degree fails tofactor into irreducibles. By well ordering, if S isnonempty, then it has a least member m. Supposep(x) is a polynomial of degree m that does not fac-tor into irreducibles. If p(x) is irreducible then itfactors into itself, yielding a factorization into irre-ducibles. It follows that p(x) has two factors, a(x)and b(x) with degrees strictly between 0 and m sothat p(x) = a(x)b(x). The minimality property ofm ensures that a(x) and b(x) both factor into irre-ducibles. But the product of the irreducible factoriza-tions of a(x) and b(x) is equal to p(x) and so forms anirreducible factorization of p(x). It follows that ourhypothesis that S is nonempty is false and all polyno-mials in F [x] of degree greater than zero factor intoirreducibles. It remains to demonstrate uniqueness.

Suppose that p(x) = r1(x)r2(x) · · · rk(x) =q1(x)q2(x) · · · ql(x) are two factorizations of p(x) intoirreducibles. Then by Proposition 5.39 we see thatr1(x)|q1(x)q2(x) · · · ql(x) which implies that r1(x) =qi(x) for some i. We can renumber the members ofthe second factorization so that r1(x) = q

i(x). This

tells us that r2(x) · · · rk(x) = u · q2(x) · · · ql(x) whereu is a unit. We may continue in like fashion obtain-ing both ri(x) = qi(x) and, as we eliminate primesin pairs, that k = l. It follows that the factoriza-tion into irreducibles is unique up to the order of theirreducible factors and a unit factor.

As we will see later, both prime integers and irre-ducible polynomials over a field are instances of amore general class of objects all of whose factors areunits or unit multiples of themselves. Even more ofthe interesting properties of the integers are sharedby the ring of polynomials over a field.

Proposition 5.40 If F is a field then F [x] is a prin-ciple ideal domain.

Proof:

Let F be a field and let I F [x]. If I = 0 thenI is a principle with principle 0. If I contains a unitthen I = F [x] and is principle with principle 1. Ifneither of these situations obtain I then I contains amonic polynomial p(x) of least positive degree m bythe well ordering principle. If there exists s(x) ∈ Ithat is not an associate of p(x) then the minimalityof m tells us that GCD(p(x), s(x)) = 1, which wouldmean I contained a unit, a case we have already dealtwith and dismissed. This means that all membersof I of degree m can be assumed to be associatesof m and so, by proposition 5.33 p(x) is the uniquemonic polynomial of degree m in I. Suppose thatf(x) ∈ I is of degree n > m. Then applying thedivision algorithm yields

f(x) = p(x)q(x) + r(x)

Since r(x) = f(x) − p(x)q(x), r(x) ∈ I anddeg(r(x)) < deg(p(x)) or r(x) = 0. Since the formeris impossible for a member of I due to the minimal-ity of m it follows that r(x) = 0 and we see thatp(x)|f(x). This means that all members of I aremultiples of p(x) and so I is a principle ideal withprinciple p(x).


Corollary 5.6 If F is a finite field and IF [x] thenI is generated by the unique monic member of I ofleast degree.

Proof:

This is proved in the proof of Proposition 5.40.

In the previous section we found that prime and max-imal ideals are ideals that yield interesting homomor-phic images when you mod out by them. We now lookat what the prime and maximal ideals are in the ringof polynomials over a field.

Proposition 5.41 If F is a field then I F [x] is aprime ideal iff its generator is an irreducible polyno-mial.

Proof:

(⇒) Suppose that I is a prime ideal. Proposition 5.40says that I is a principle ideal: let p(x) be the prin-ciple of I. The definition of prime ideal tells us thatif a(x)b(x) ∈ I then a(x) ∈ I or b(x) ∈ I. Examinethe factorization into irreducibles of f(x) ∈ I. Thenthe definition of prime ideal tells us that one of theirreducible factors of f(x) must be a member of I.This means that this irreducible g(x) is a multiple ofp(x) and so, g(x) = c(x)p(x), but g(x) is irreducibleso either p(x) is an associate of g(x) and hence irre-ducible, or p(x) is a unit and hence irreducible, thusp(x) is an irreducible polynomial.

(⇐) Suppose that the principle of I is an irreduciblepolynomial p(x). Then if a(x)b(x) ∈ I it follows thatp(x)|a(x)b(x). Proposition 5.39 tells us that p(x)|a(x)or p(x)|b(x). But this is equivalent to a(x) ∈ I orb(x) ∈ I, depending on which one is divisible by p(x).We may deduce that I is a prime ideal.

Proposition 5.42 Proper prime ideals in F [x] aremaximal.

Proof:

Suppose that I F [x] is a proper prime ideal. ThenProposition 5.41 tells us I = p(x) where p(x) isirreducible. Let f(x) ∈ F [x] − I be an otherwisearbitrary element. Then, since f(x) /∈ I it followsthat GCD(p(x), f(x)) = 1. This means that

1 ∈ f(x), p(x)

and so F [x] = f(x), p(x). This means that I iscontained in no other proper ideal of F [x] and so ismaximal.

Definition 5.39 Let R be a ring and let f(x) =ni=0 rix

i be an element of R[x]. If c ∈ R then theevaluation of f(x) at c is

f(c) =

n

i=0

rici

Definition 5.40 Let R be a ring and let c ∈ R. Theevaluation map at c

c : R[x]→ R

is given byf(x) → f(c)

Proposition 5.43 The evaluation map c is a ringhomomorphism.


Definition 5.41 If F is a field, p(x) ∈ F [x], and forc ∈ F we have f(c) = 0 then we call c a root of p(x).

Proposition 5.44 (The Root-factor theorem)Let F be a field and let p(x) ∈ F [x]. Then c is a rootof p(x) iff (x− c)|p(x).

Proof:

(⇒) Suppose that p(c) = 0, then p(x) ∈ ker(c). Itis also obvious that (x − c) ∈ ker(c). Since (x − c)is a monic irreducible either ker(c) is F [x] or it is(x− c). Let g(x) = (x − c+ 1). Then c(g(x)) = 1and so ker(c) is a proper ideal of F [x]. This permitsus to deduce that (x − c) is the principle of ker(c).This in turn tells us that (x− c)|p(x).

(⇐) Suppose that (x− c)|p(x). Then

p(x) = (x − c) · b(x)

for some b(x) ∈ F [x]. Then

c(p(x)) = c(x− c) · c(b(x))

= (c− c) · b(c)

= 0 · b(c)

= 0

Which means that p(c) = 0.


Corollary 5.7 If F is a field and f(x) ∈ F [x] is ofdegree 2 or 3 then f(x) is an irreducible iff f(x) hasno roots.

Proof:

If f(x) is irreducible it can have no factors of degreeone and so, by Proposition 5.44 it cannot have a root.If f(x) is reducible then it must have factors of lowerpositive degree. A polynomial of degree 2 must thenhave two factors of degree one, which are associatesof x− c for some c, and so f(x) has a root. If f(x) isof degree three then if could factor into irreduciblesof degree two and one or into three irreducibles ofdegree one. In either case it must have a root.

Example 5.19 At this point we have developedenough machinery to make some connections. Wealready know that the complex numbers can be repre-sented with two real coordinates

C = a+ bι : a, b ∈ R

where ι =√−1. Notice that x2 + 1 has no roots

in R and so Proposition 5.7 tells us that x2 + 1 isirreducible and so, by Propositions 5.41 and 5.42, theideal x2 +1 is a maximal ideal of R[x]. Proposition5.28 then tells us that

R[x]/x2 + 1

is a field. Since x2 + 1 is in the kernel of the naturalhomomorphism we see that x2 + 1 = 0 in the factorring and so x2 = −1. This means that x, in the factorring, behaves exactly like ι =

√−1 in C. In fact

C ∼= R[x]/x2 + 1

This example sketches the proof of the following re-sult.

Proposition 5.45 If F is a field and p(x) ∈ F [x] isirreducible then

F [x]/p(x)

is a field.


Problems

Problem 5.57 Prove proposition 5.29. While thisis not a difficult exercise, it is a long one: you mustcarefully check several definitions.


Problem 5.59 Prove that if char(R) = n thenchar(R[x]) = n.

Problem 5.60 Suppose that R is a ring. Find, interms of R∗, the units of the ring R[x].

Problem 5.61 For each of the following polynomialsover a field, find the unique monic associate as perProposition 5.33.

(i) 2x3 + x2 + 2x+ 1 ∈ Z3[x],

(ii) 27x

2 + 13x+ 4 ∈ Q[x],

(iii) (3x+ 1)(2x+ 1)(x+ 1) ∈ Z5[x], and

(iv) (1 + ι)x3 + (2− ι)x− (5 + 3ι) ∈ C[x].

Problem 5.62 Apply the division algorithm to thefollowing pairs of polynomials over the stated field.

(i) x4 + 3x2 + 2x+ 1 and x2 + x+ 3 over Q,

(ii) x4 + x3 + 1 and x2 + x+ 1 over Z2,

(iii) x8 + 1 and x3 + x+ 1 over Z2, and

(iv) x9 + 2x and x2 + 2x+ 1 over Z3.

Problem 5.63 Suppose that R is a finite ring withzero divisors. Prove that R[x] contains an infinitenumber of zero divisors.

Problem 5.64 Prove that Z4[x] contains an infinitenumber of units.

Problem 5.65 Let p be a prime number. Find anexample of an infinite integral domain of character-istic p.

Problem 5.66 Use the Euclidean algorithm to find

GCD(a(x), b(x)) = s(x)a(x) + b(x)t(x)

for the following pairs of polynomials over the desig-nated field.


(i) a(x) = x3 + 2x2 + 2x+ 5 and b(x) = x3 − 2x2 +3x− 2 over Q.

(ii) a(x) = x4 + x2 +1 and b(x) = x4 +2x3 +2x+1over Z3.

(iii) a(x) = x4+x3+1 and b(x) = x2 +x+1 over Q.

(iv) a(x) = x8 + x and b(x) = x3 + x2 + x + 1 overZ2.

Problem 5.67 Prove that every polynomial in Q[x]is an associate of a polynomial with integer coeffi-cients.

Problem 5.68 If F is a field then we know F [x] isan integral domain. Prove that it is not a field.

Problem 5.69 Provide the factorization of the fol-lowing into irreducibles.

(i) x3 + 6x2 + 11x+ 6 ∈ Q[x],

(ii) x4 + x ∈ Z2[x],

(iii) x6 + x4 + x2 + 1 ∈ Z3[x], and

(iv) x4 − 1 ∈ C[x]

Problem 5.70 Prove proposition 5.43.

Problem 5.71 Prove, possibly using techniquesfrom calculus, that in R[x] there are no irreduciblepolynomials of odd degree greater than 1.

Problem 5.72 Suppose that R is a finite ring.Prove that R[x] is a countably infinite ring.

Problem 5.73 Prove that the field from Problem 5.7is isomorphic to

Z2[x]/x2 + x+ 1

Problem 5.74 Find a quadratic irreducible in F [x]for each of the fields Z2,Z3,Z5, and Z7.


Problem 5.76 Prove that there is a quadratic irre-ducible in Zp[x] for p prime.

Problem 5.77 Read Problem 5.76 and prove thatthere is a field of size p2 for all primes p.

Problem 5.78 Let I = x2, 2x, 4Z[x]. Prove thatI is not a principle ideal and compute the size of thefactor ring, Z[x]/I.

5.4 Finite Fields

Section 5.3 already gave us the tools needed to pro-duce finite fields. In this section we will give a clas-sification of all finite fields up to isomorphism anddevelop a good deal of structural information aboutfinite fields.

Proposition 5.46 The only possible characteristicfor a field is 0 or a prime number p.

Proof:

Recall that if m is an integer and 1 is the multiplica-tive identity of a field thenm·1 means 1+1+. . .+1 (mtimes). Suppose F is a field of characteristic n = 0.If n = ab with 1 < a, b < n then examine the fieldelements x = a · 1 and y = b · 1.

Note that if k · 1 = 0 for some natural numberk > 0. Then (k) · (1 · a) = 0 · a = 0 for all a ∈ F ,and hence the characteristic of F must be less thanor equal to k. Thus the characteristic of a ring with1 is the smallest integer multiple of 1 that is zero, thefact that a, b < n means that neither x or y is zero.But

x · y = (a · 1) · (b · 1) = (ab) · 1 = n · 1 = 0

which means that x and y are zero divisors. Proposi-tion 5.9 tells us that fields are integral domains andhence lack zero divisors. It follow that the factors aand b of n cannot exist while satisfying 1 < a, b < nand so n is prime.

Example 5.20 An example of a field of character-istic zero is Q while Zp is an example of a field ofcharacteristic p. As we will see, these are in a senseminimal canonical examples of fields of their givencharacteristic.

Definition 5.42 Suppose that F is a field, K is afield, and K ≤ F then we say K is a subfield of F .

Definition 5.43 A field with no proper subfields iscalled a prime field.

Proposition 5.47 The only prime fields are thoseisomorphic to Q and Zp.

Proof:

5.4. FINITE FIELDS 145

Problem 5.17 asked you to prove that every field ofprime characteristic p contains a subfield isomorphicto Zp. This means that Zp are the only candidates tobe prime fields of prime characteristic. If we considerthe group (Zp,+) we know from our work in grouptheory that it is generated by any nonzero element.This means that the only subring of ZP is the trivialring which is not a field. This is because we require0 = 1 in a field. If follows that each Zp has no propersubfields and hence is a prime field. It remains todeal with fields of characteristic zero.

Let F be a field of characteristic zero. Considerthe subring K = 1. We see that K contains allinteger multiples n ·1 of 1. It is easy to verify that ι :Z → K given by ι(n) = n · 1 is both an injection anda ring homomorphism. This shows that K contains asubring isomorphic to the integers. Since K is a field,each image of an integer (other than zero) under ι hasa multiplicative inverse. This means that K contains,for any a, b ∈ Z, b = 0, the number

ι(a) · ι(b)−1

Let τ : Q → K be given by

τa

b

= ι(a) · ι(b)−1

It is easy to verify that τ is a ring homomorphism.If we recall that unique rationals are defined whenGCD(a, b) = 1, we see that τ is an injection and,since all a and b = 0 are available, a surjection. Thismeans that Q is isomorphic to K with τ being theisomorphism. This means that F contains a subfieldisomorphic to Q. We deduce that the only candidatefor a prime field of characteristic zero is one, like K,that is isomorphic to Q. To see Q contains no propersubfields, notice that the preceding argument demon-strates that 1 ∈ Q generates Q. Since any subfieldof Q must contain 1 and hence all of Q we deduce Qhas no proper subfields and hence is a prime field.

Another way to say what is said in Proposition 5.47is to say that prime fields are those generated by theelement one inside of other fields. This leads to thefollowing corollary, whose proof is embedded in theproof of Proposition 5.47.

Corollary 5.8 Every field of characteristic p, prime,contains a subfield isomorphic to Zp while every fieldof characteristic 0 contains a subfield isomorphic toQ.

We have a good start on identifying all finite fields.Every finite field is of characteristic p (the charac-teristic 0 fields contain a copy of Q and so are infi-nite) and also contains a subfield isomorphic to Zp.We have the examples ZP of finite fields, but whatother finite fields are there? Proposition 5.45 tells usthat if p(x) is an irreducible polynomial in F [x] thenF [x]/p(x) is a field. Are such fields finite?

Proposition 5.48 Let p(x) ∈ Zp[x] be an irreduciblepolynomial of degree n. Then

Q = Zp[x]/p(x)

is a field with pn elements.

Proof:

If follows from Proposition 5.45 that Q is a field, so itremains to compute its size. Since it is a factor ring,it follows that Q is a collection of equivalence classes,

Q = [f ] : f ∈ Zp[x]

where the equivalence relation says two polynomialsare related if their difference is divisible by p(x). Let[f ] ∈ Q and let g(x) be a member of [f ] of minimaldegree; such a polynomial g(x) exists by the well or-dering principle. The process of choosing g(x) canbe done for each equivalence class and so establishesan injection from members of Q to members of Zp[x].Call the polynomial selected from each equivalenceclass the representative of that equivalence class. Therepresentatives have, by minimality of degree, degreesless than that of p(x). Given this constraint, if anyof the representatives are different, they differ by apolynomial whose degree is less than deg(p(x)) andso do not differ by a multiple of p(x). This meansthat the number of polynomials of degree less than nis equal to the number of equivalence classes, whichis the size of Q. A polynomial of degree less than nis of the form

g(x) = an−1xn−1 + · · ·+ a1x+ a0

Since there are |Zp| = p independent choices of valuefor each ai and we see that |Q| = pn.

Notice that if the higher degree ais are zero then therepresentative polynomials in the proof of Proposi-tion 5.48 can have degree less than n− 1.


+ 0 1 x x + 1 x2

x2

+ 1 x2+ x x

2+ x + 1

0 0 1 x x + 1 x2

x2

+ 1 x2+ x x

2+ x + 1

1 1 0 x + 1 x x2+ 1 x

2x

2+ x + 1 x

2+ x

x x x + 1 0 1 x2+ x x

2+ x + 1 x

2x

2+ 1

x + 1 x + 1 x 1 0 x2+ x + 1 x

2+ x x

2+ 1 x

2

x2

x2

x2+ 1 x

2+ x x

2+ x + 1 0 1 x x + 1

x2+ 1 x

2+ 1 x

2x

2+ x + 1 x

2+ x 1 0 x + 1 x

x2+ x x

2+ x x

2+ x + 1 x

2x

2+ 1 x x + 1 0 1

x2+ x + 1 x

2+ x + 1 x

2+ x x

2+ 1 x

2x + 1 x 1 0

· 0 1 x x + 1 x2

x2+ 1 x

2+ x x

2+ x + 1

0 0 0 0 0 0 0 0 0

1 0 1 x x + 1 x2

x2+ 1 x

2+ x x

2+ x + 1

x 0 x x2

x2+ x x + 1 1 x

2+ x + 1 x

2+ 1

x + 1 0 x + 1 x2+ x x

2+ 1 x

2+ x + 1 x

21 x

x2

0 x2

x + 1 x2

+ x + 1 x2

+ x x x2

+ 1 1

x2

+ 1 0 x2+ 1 1 x

2x x

2+ x + 1 x + 1 x

2+ x

x2+ x 0 x

2+ x x

2+ x + 1 1 x

2+ 1 x + 1 x x

2

x2+ x + 1 0 x

2+ x + 1 x

2+ 1 x 1 x

2+ x x

2x + 1

Figure 5.3: Addition and Multiplication tables for Q = Z2/x3 + x+ 1

Example 5.21 The polynomial x3 + x + 1 is irre-ducible in Z2[x]. We saw this in Example 5.18. Thismeans that

Q = Z2/x3 + x+ 1

is a finite field. Its addition and multiplication tables,are shown in Figure 5.3. We represent equivalenceclasses in Q by their smallest degree member.

Proposition 5.49 Suppose that F is a finite field ofcharacteristic p with q elements. Then q = pk forsome k > 0.

Proof:

Consider the additive group (F,+). Every element ofthis group, other than the identity, has order p. Thisfollows from the fact that char(F ) = p. Knowingthis, Proposition 4.76 tells us that that (F,+) is ap-group and so has size pk for some k > 0.

We now know that the only possible size for a finitefield is pk for k > 0 and that there are finite fields ofsize pk for any k that is the degree of an irreduciblepolynomial. The next logical step is to show thatthere are irreducibles of each degree but we will getthere by a roundabout path. Look over Example 5.19.We took an irreducible polynomial over R, x2 + 1,

added in a symbol i that is a root of that polynomial- but a root outside of R - and closed the system toobtain a larger field C. It turns out this is possiblefor any irreducible over any field.

Suppose for a field F that p(x) ∈ F [x] is irreducible.Then we know that Q = F [x]/p(x) is also a field.The members of this field are equivalence classes[q(x)] of polynomials q(x) ∈ F [x] “modulo p(x)”. Aswe saw in the proof of Theorem 5.48 each of theseequivalence classes has a unique representative withdegree less than the degree of p(x). This means thatwe can represent Q as polynomials in F [x] exceptthat after each addition and multiplication we reducethe result with the polynomial division algorithm tothe remainder after dividing by p(x). This thinkingenables the following proposition which is called Kro-necker’s construction.

Proposition 5.50 Kronecker’s constructionLet F be a field and let p(x) ∈ F [x] be an irreduciblepolynomial of degree one or more with

Q = F [x]/p(x)

Let θ be an abstract root of the polynomial p(x) (asi is a root of x2 + 1 ∈ R[x]). Then F [θ] is defined


to be the closure of F and θ under multiplication andaddition. We claim that

F [θ] ∼= Q

Proof:

Let π : F [x] → F [θ] be defined as follows: letπ(q(x)) = q(θ). Notice that all π does is changethe name of the variable symbol in the polynomialand so it preserves both addition and multiplicationof polynomials and hence is a homomorphism. Ev-ery possible q(θ) occurs and so we also see that π isa surjection. Since in F [θ] we have that p(θ) = 0we see that p(x) ∈ ker(π). Suppose that for someq(x) ∈ F [x] of degree one or more that q(θ) = 0.Then q(x) ∈ ker(π). We know by Proposition 5.40that F [x] is a principle ideal domain. If q(x) haslower degree than p(x) it follows that their commondivisor is a unit; recall that p(x) is irreducible. Thiscommon divisor must also be in ker(π), this followsfrom Algorithm 5.1 by using traceback. This meansthat ker(π) contains a unit, making it equal to F [x]and so, since π is a surjection, makes F [θ] the trivialring. We know F [θ] contains a copy of F (the im-ages of the constant polynomials). We thus see, bycontradiction, that deg(q) > deg(p). From this wesee that p(x) is of minimal degree so that p(θ) = 0,forcing it to be the generator of ker(π). This meansthat ker(π) = p(x) and so we see that, aside fromthe symbol x being replaced by the symbol θ thatQ = F [x]/p(x) and F [θ] are identical. It followsthat Q ∼= F [θ].

What Kronecker’s construction says is that if we takea field and throw in the root of an irreducible polyno-mial then we get the same field we would get by tak-ing the ring of polynomials over the field and factor-ing out the ideal generated by the irreducible polyno-mial. This is fairly cool but also implacably abstract.Clearly is it time for an example.

Example 5.22 Notice that x2 + x + 1 ∈ Z2[x] isirreducible. To see this notice that neither 0 or 1 is aroot showing, by the root-factor theorem, that it hasno first-degree factors. Let

Q = Z2[x]/x2 + x+ 1

Then Q ∼= Z2[θ] where θ2+θ+1 = 0. Converting this

equation into a form useful for reducing powers we get

θ2 = θ + 1. With this identity it is easy to constructthe addition and multiplication tables for Q.

+ 0 1 θ θ + 10 0 1 θ θ + 11 1 0 θ + 1 θθ θ θ + 1 0 1θ + 1 θ + 1 θ 1 0

· 0 1 θ θ + 10 0 0 0 01 0 1 θ θ + 1θ 0 θ θ + 1 1θ + 1 0 θ + 1 1 θ

In agreement with Proposition 5.48 the size of thefield is 22 = 4.

Definition 5.44 Suppose that F ≤ Q are both fieldsso that F is a subfield of Q. Then for α ∈ Q wedefine the minimal polynomial of α over F tobe a monic polynomial of least degree in F [x] so thatp(α) = 0. Notice that the computations needed toverify that p(α) = 0 take place in Q. We denote theminimal polynomial of α by mα(x).

For the next proposition it may be valuable to reviewDefinition 4.40.

Proposition 5.51 Adopt the conditions of Defini-tion 5.44. Then if the index [(Q,+) : (F,+)] is finitethen mα(x) exists.

Proof:

Since F ≤ Q it is clear that (F,+) ≤ (Q,+) andso the index may be computed. Notice that if welet K be the closure of F and α under the additionand multiplication of Q then K = F [α], the set of allpolynomials with coefficients in F and α as a variable.Notice that elements of the formDn = fαn : f ∈ Fform subgroups of (Q,+) and that if m = n thatDn∩Dm = 0. It is not hard to verify that the con-ditions of Proposition 4.77 hold with respect to suchpairs of subgroups. This means that (Q,+) containsa direct product of copies of (F,+), one for each dis-tinct power of α in K. Since the index of the additivegroup of Q over the additive group of F is finite, itfollows that the number of distinct powers of α are


also finite. This means that some αk must be a sumof multiples (in F ) of smaller powers of α. But thisis equivalent to saying that α satisfies (is the root of)some polynomial f(x) ∈ F [x]. Since at least one suchpolynomial exists, it follows that the set of degrees ofpolynomials for which α is a root is nonempty. Bywell ordering, least degree members of this set exists.Choosing the monic associate from the least degreemembers yields mα(x).

Proposition 5.52 Adopt the conditions of Defini-tion 5.44. Then mα(x) is irreducible.


The following proposition is key to understandingmany structural properties of finite fields.

Proposition 5.53 Suppose that Q is a finite field oforder pn for some prime p. Then every element of Qsatisfies the polynomial

xpn

− x ∈ Zp[x]

Proof:

Notice that |(Q∗, ·)| = pn − 1. Proposition 4.38 tellsus that for any q ∈ Q∗ that the order of q under mul-tiplication divides pn−1. This means that qp

n−1 = 1for all nonzero q ∈ Q. This means that all nonzero qsatisfy xpn−1 − 1 = 0. If we multiply through by xwe obtain the polynomial xpn

− x = 0 which is alsosatisfied by zero. Thus all q ∈ Q satisfy xpn

− x.

Corollary 5.9 The polynomial

xpn

− x =

α∈F

(x − α)

in F [x].

Proof:

This follows immediately from the root factor theo-rem and by considering the degree of the polynomial.

Example 5.23 Notice that when n = 1 the corollarytells us that every element of Zp is a root of xp − x.This means, for example, that

x(x − 1)(x− 2)(x− 3)(x− 4) = x5 − x

in Z5[x].

Notice that the corollary tells us that every element ofF is a root of xpn

−x, with multiplicity one. We needthe following technical lemma for the next result.

Lemma 5.1 The polynomial xm − 1 divides xn − 1iff m|n.

Proof:

(⇐) Suppose that n = mk, then the finite geometricseries formula tells us that

xmk − 1

xm − 1= 1 + xm + · · ·+ x(k−1)m

and so

xmk − 1 = (xm − 1) · (1 + xm + · · ·+ x(k−1)m)

xn − 1 = (xm − 1) · (1 + xm + · · ·+ x(k−1)m)

(⇒) Assume that m does not divide n. Apply thedivision algorithm to obtain n = qm+r with 0 < r <m. Then the quotient of xn − 1 divided by xm − 1,extracted by polynomial division, is

xn−m + xn−2m + · · ·+ xr

with remainder xr − 1. Thus we have the forwardimplication by contrapositive.

Proposition 5.54 (xpk

− x)|(xpn

− x) iff k|n.

Proof:

First divide both the polynomials by x and we see

that it is equivalent to prove that (xpk−1−1)|(xpn−1−1) iff pm− 1|pn− 1. Applying Lemma 5.1 we see thatpk − 1|pn − 1 iff k|n and so we have the proposition.

We now summarize several facts demonstrated in thissection. We know that (i) if there is an irreduciblef(x) of degree n over Zp then there is a field

Q ∼= Zp[x]/f(x)

of size q = pn. In addition we know that every ele-ment of Q satisfies the polynomial xq − x.

Proposition 5.55 Let F be a field of characteristicp and size |F | = pn with α ∈ F and let mα(x) ∈Zp[X ] be the minimal polynomial of α over Zp. Then

mα(x)|(xpn

− x)


Proof:

Since α ∈ F it follows that α satisfies (xpn

− x).Examine the evaluation homomorphism

α : Zp[x]→ F

f(x) → f(α)

We know from Proposition 5.43 that this is a homo-morphism. Both xpn

−x and mα(x) are in the kernelof this homomorphism. Proposition 5.40 tells us thatZp[x] is a principle ideal domain and so, since mα(x)is irreducible (by Proposition 5.52), we see that ei-ther mα(x) is the principle of the ideal ker(α) orthe ideal contains a unit. Since none of the constantpolynomials are in the kernel, it follows that mα(x)is the principle and so divides xpn

− x.

Proposition 5.56 Let F be a field of characteristicp and size |F | = pn. Then the minimal polynomial ofany element of F in Zp[x] has a degree dividing n.

Proof:

For any element of F the minimal polynomial of thatelement is an irreducible p(x) of degree k so that there

is a field Zp[x]/p(x) of size pk that satisfies xpk

−x.By using Kronecker’s construction we see that thisfield is isomorphic to a sub-field of F . This tells usthat

(xpk

− x)|(xpn

− x)

and so by Proposition 5.54, k|n.

Proposition 5.57 All irreducible divisors of xpn

−xin Zp[x] have degrees dividing n.

Proof:

Assume that n is a minimal counterexample to thisproposition. If the proposition is not true there are nthat are counterexamples and so, by well ordering, aminimal counterexample. Let p(x) be an irreducibledivisor of f(x) = xpn

− x of degree m < n in Zp[x].Then we can construct a field Q = Zp[x]/p(x). No-tice that each member of Q satisfies g(x) = xpm

− x.Using the division algorithm we obtain

n = qm+ r

Using the polynomial division algorithm we obtain

xpn

− x = q1(x)xpm

− x+ xpr

− x

View this application of the division algorithm as thefirst step of a polynomial Euclid’s algorithm. Theexponents generate successive remainders. In the endwe obtain

p(x)|xpGCD(m,n)

− x

This follows from Proposition 5.55 since p(x) is theminimal polynomial of x ∈ Q. Since n was a min-imal counterexample to the proposition it followsthat deg(p(x))|GCD(n,m). This, however, meansthat deg(p(x))|n. This demonstrates that no minimalcounterexample exists and the proposition follows.

Lemma 5.2 Any irreducible p(x) ∈ Zp[x] withdeg(p(x))|n divides xpn

− x.

Proof:

Let F = Zp[x]/p(x). Then p(x) has a root θ =x + p(x) ∈ F , derived from Kronecker’s construc-tion. We also have that mθ(x) = p(x) since p(x) isirreducible. But then Proposition 5.55 gives us theproposition.

Proposition 5.58 Let S be the set of all irreduciblepolynomials in Zp[x] that have degrees dividing n.Then

xpn

− x =

p(x)∈S

p(x)

Proof:

Lemma 5.2 tells us that the product above dividesxpn

− x while Proposition 5.57 tells us that xpn

− xhas no other divisors.

Proposition 5.58 is similar to Proposition 5.9, but ittells us how the linear factors in the larger field fittogether to make irreducibles in the smaller field. itis also key to attacking the next proposition.

Proposition 5.59 There are irreducibles of all de-grees in Zp[x].

Sketch of Proof:

The proof of this proposition requires a techniquecalled inclusion exclusion that is part of a field ofmathematics called combinatorics. The essence ofthe proof is to count the number of irreducibles ofdegree n and show that the number is greater than


zero. In lieu of fully developing inclusion exclusionwe will use Proposition 5.58 to count the number ofirreducibles of several small degrees.

Example 5.24 Compute the number of monic irre-ducibles of degree 1, 2, and 3 in Zp[x]

Solution: All first degree irreducibles divide xp1

−x =xp − x and so there must be p of them, and in factthey are the monic linear polynomials (x−a), a ∈ Zp.

All irreducibles with degree dividing 2 divide xp2

− xin Zp[x]. The degree one irreducibles use up p de-grees leaving p2 − p degrees for the second degree ir-reducibles. Since each of these has degree 2 the total

number of them is p2−p2 .

All irreducibles with degree dividing 3 divide xp3

− xin Zp[x]. The degree one irreducible use up p degreesleaving p3 − p degrees for the third degree irreducible.Since each of these has degree 3 the total number of

them is p3−p3 .

Example 5.24 shows that it is easy to count thenumber of irreducibles whose degree is a prime num-ber. We explore other degrees in the homework prob-lems. We now move on to some other interestingproperties of finite fields.

Proposition 5.60 Two finite fields that are thesame size are isomorphic.

Proof:

Let F and Q be fields of characteristic p and sizeq = pn. Corollary 5.9 tells us that every member ofF and every member of Q satisfy f(x) = xpn

− x,but they do so in F and Q respectively. We alsoknow that from Proposition 5.55 that the minimalpolynomial of each element of F and Q divide f(x).This permits us to deduce, by comparing size of fieldsto degree of f(x) that every irreducible factor of f(x)is a minimal polynomial of both an element of F andan element of Q. Proposition 5.58 permits us to pickp(x) ∈ Zp[x] that is of degree n and which dividesf(x). But then applying Kronecker’s construction top(x) in first F and then Q yields the result that

F ∼= Zp[x]/p(x) ∼= Q

and we see that F ∼= Q.

Proposition 5.60 tells us that there is, up to isomor-phism, exactly one finite field of size q = pn for eachprime p and each natural number n > 1. With thisfact in hand we may now define a name for the uniquefinite field of a given size.

Definition 5.45 We denote the unique finite field oforder q = pn, p prime, by Fq

Proposition 5.61 The group (F∗q , ·) is a cyclicgroup.

Proof: Note that the case F2 is trivially satisfied. Let

m = pr11 p

r22 · · · prk

k

be the prime factorization of the order of F∗q for q >2. For each prime divisor pi of m the polynomialxm/pi − 1 has at most m

pi< m roots and so there are

elements of F∗q that are not roots of this polynomial.Let a ∈ F∗q be such an element.

Set bi = am/

prii . It is easy to see that b

prii

i =am = 1 and so the order of bi is a divisor of pri

i . On

the other hand bp

rii −1

i = bi−1 = 1 and we see that the

order of bi is exactly pri

i . Set g = b1 · b2 · · · · · bk. Since(F∗q , ·) is commutative it is easy to see that the orderof g is m. If follows that (F∗q , ·) is cyclic because itcontains an element whose order equals its size.

Proposition 5.62 Let q = pn, then the group(Fq,+) is isomorphic to the direct product of (Zp,+)with itself n times.

Proof:

The fact that Fq has characteristic p demonstratesthat all non-identity elements of the group have orderat most p. If the k-fold sum of any element were zerofor k < p then using the distributive law on the sumto factor out the k-fold sum of one would demonstratea zero divisor and so all elements have order exactlyp. Then Proposition 4.79 gives us the proposition.

Proposition 5.61 tells us that all nonzero elements ofa finite field are powers of some one element, any gen-erator of the multiplicative group. It is remarkablyconvenient if the equivalence class of the polynomialx generates the multiplicative group.


Definition 5.46 Let q = pn, p prime. An irre-ducible polynomial p(x) of degree n in Zp is said tobe primitive if in

Q = Zp[x]/p(x)

we have that x + p(x) is a generator of the multi-plicative group.

Example 5.25 The polynomial x2 + x + 1 ∈ Z2[x]is primitive. To see this examine Example 5.22. Themultiplicative group is of order 3 and so generatedby every non-identity element of the multiplicativegroup. In particular x + x2 + x + 1 is a generatorand so x2 + x+1 satisfy the definition of a primitivepolynomial.

If Q is a finite field of size q then there are qq func-tions from Q to itself. This is not hard to see, itfollows from the fact that a value from Q must bechosen as the functions value for each value in Q. Inany case the set of all functions from Q to Q is finite.The set Q[x] on the other hand is infinite. In calcu-lus each polynomial in R[x] corresponds to a uniquefunction f : R → R. The polynomials in Q[x] haveno such property. Each function from Q to Q thatresults from evaluating a polynomial results from in-finitely many polynomials. This follows directly fromthe fact that xq −x evaluates to the zero function onQ. Adding multiples of xq−x to any polynomial doesnot change which function the polynomial generateswhen evaluated.

Definition 5.47 A function f : Q → Q is said tobe a polynomial function if f(c) = p(c) for somepolynomial p(x).

Example 5.26 The function f : Z5 → Z5 obtainedby evaluating x3 has values f(0) = 0, f(1) = 1,f(2) = 3, f(3) = 2, and f(4) = 4. Since it is ob-tained by evaluating x3, f is a polynomial function.

5.4.1 Easier Multiplication in Finite

Fields

The multiplication table in Example 5.21 looks likea bit of a nightmare. There is a trick that can beused to make constructing such tables much easier:logarithms. We are going to exploit the fact that

the multiplicative group is cyclic. Examine the fol-lowing table for F8 constructed using the primitiveirreducible x3+x+1. Since x3+x+1 = 0 we get thesimplifying rule x3 = x+ 1 in F8. This means that:

x0=1x1=xx2=x2

x3=x3 = x+ 1x4=x2 + xx5=x3 + x2 = x2 + x+ 1x6=x3 + x2 + x = x2 + 1x7=x3 + x = 1

This is an example of a logarithm table, it is a logtable for F8. If we want to multiply we look up thepowers of x involved. Since the multiplicative groupis cyclic of order 7 the exponents add (mod 7).

Example 5.27

(x2 + 1)(x2 + x+ 1) = x6 · x5 = x11 = x4 = x2 + x

(x2 + x)25 = (x4)25 = x100 = x2

A logarithm table can be constructed for any finitefield, but it only works properly if constructed witha primitive irreducible.

Problems

Problem 5.79 Prove that if Q is a finite field thenQ[x] contains an infinite number of irreducible poly-nomials.

Problem 5.80 Look at the field of order 8 generatedin Example 5.21. List all the generators for the mul-tiplicative group of the field.

Problem 5.81 Proposition 5.60 demonstrates thattwo finite fields are isomorphic if they are the samesize. Find two different quadratic irreducibles over F3

use them to construct F9 and find an explicit isomor-phism between the different representations of F9.

Problem 5.82 A polynomial p(x) ∈ Q[x] is called apermutation polynomial if the function c → p(c)is a permutation of Q. Find all permutation polyno-mials of Z3.


Problem 5.83 Read Problem 5.82. If Q is a finitefield, prove that all polynomials f(x) = ax+ b, a = 0are permutation polynomials of Q.

Problem 5.84 Read Problem 5.82. If Q is a finitefield, prove that there are no quadratic permutationpolynomials in Q[x].

Problem 5.85 Let F = Z2[x]/x3+x+1. Find the

minimal polynomial in Z2[x] for each element of F .Some of these are almost trivial.

Problem 5.86 Find the minimal polynomial of1+√

52 in Q[x].

Problem 5.87 Find a primitive quadratic irre-ducible in Z3[x] and use it to construct addition andmultiplication tables for a field of order 9.

Problem 5.88 Prove that if p is prime, p5 − p is amultiple of 5.

Problem 5.89 Let f(x) = xpn

−x ∈ Zp[x]. Supposethat p(x) ∈ Zp[x]. Prove that f(x)|f(p(x)).


Problem 5.91 Compute the greatest common divi-sor in Zp[x] of x

pn

− x and xpm

− x.

Problem 5.92 Compute the minimal degree of anirreducible polynomial in Z2[x] that is not primitive.

Problem 5.93 Prove that if p and h are prime num-bers then the number of monic irreducible polynomialsof degree h in Zp[x] is

ph − p

h

Problem 5.94 Suppose that p, q, and r are all primenumbers. Compute the number of irreducibles of de-gree qr in Zp[x].

Problem 5.95 Suppose that p and q are prime num-bers. Compute the number of irreducibles of degree q2

in Zp[x].

Problem 5.96 Let F(Q) be the set of all functionfrom Q to Q. Let Q be a finite field and define

Ω : Q[x]→ F(Q)

where Ω is given by Ω(p(x)) takes q ∈ Q to p(q).Prove that Ω is a surjective ring homomorphism andfind the principle of ker(Ω).

Problem 5.97 Show that there are three irreduciblesof degree 4 in Z2[x]. Determine which are primitive.

Problem 5.98 Explain why a logarithm table for afinite field requires a primitive irreducible.

Problem 5.99 Using the primitive irreducible x2 +2x+2 in Z3[x] construct a logarithm table for F9 anduse it to compute and simplify:

(i) (x+ 1)(2x+ 1)(x+ 2)

(ii) (2x+ 1)5

(iii) (x+ 2)127

Problem 5.100 Find all the generators of the mul-tiplicative group of Z23 and use the smallest one toconstruct a logarithm table for the field.

Problem 5.101 Using the primitive irreducible x4+x+1 in Z2[x] construct a logarithm table for F16 anduse it to compute and simplify:

(i) (x2 + x+ 1)(x3 + x+ 1)

(ii) x(x+ 1)(x2 + x+ 1)(x3 + x2 + x+ 1)

(iii) (x3 + x2)12

(iv) (x3 + x2 + x+ 1)75

Problem 5.102 Find a quadratic irreducible inF4[x].

Problem 5.103 Prove that there are functions fromZ4 to Z4 that are not the result of evaluating anypolynomial in Z4[x].

Problem 5.104 Using the techniques from Section5.4.1 compute 565 ∈ Z991.

5.5 Finite Fields: Applications

The last section was aggressively theoretical andbought us a great deal of understanding of the struc-ture of finite fields. In this section we give some ofthe applications of finite fields.

Proposition 5.63 If Q is a finite field then all func-tions from Q to itself are polynomial functions.

5.5. FINITE FIELDS: APPLICATIONS 153

Proof:

Let F be a finite field of order q = pn. Let a ∈ Fand define fa(x) =

xq−xx−a . Then Corollary 5.9 tells us

thatfa(x) =

b∈Fb=a

(x− b)

so that fa(a) = c = 0 but fa(b) = 0 for all a = b.

Given this define fa(x) = c−1 fa(x). Then fa(a) = 1

and fa(b) = 0 for a = b.

Let g : F → F be any function from F to itself. Let

h(x) =

a∈F

fa(x) · g(a)

Then h(x) is polynomial because it is a sum of con-stant multiples polynomial functions. On the otherhand h(a) = fa(a)·g(a) = 1·g(a) = g(a). This meansthat h(x) evaluates to the function g demonstratingthat g(x) is a polynomial function.

The fact that all functions from a finite field F toitself are polynomial means that this ring of func-tions is pretty simple. On the other hand, the ring offunctions from a finite field to itself is manifestly notisomorphic to the ring of polynomial F [x]. This isobvious because F [x] is infinite while a simple count-ing argument tells us that the number of functionsfrom F to itself is qq where q = |F |.

Definition 5.48 Let F be a field. Two polynomi-als g(x), h(x) ∈ F [x] are functionally equivalent ifg(a) = h(a) for every a ∈ F .

Proposition 5.64 If F is a finite field then beingfunctionally equivalent is an equivalence relation onF [x].


The next step is to construct a single, unique poly-nomial corresponding to each function from a finitefield to itself.

Definition 5.49 If R is an equivalence relation ona set S then a system of distinct representativesof the set of equivalence classes is a choice of onemember from each equivalence class.

Proposition 5.65 Let F be a finite field of size q.Then a system of distinct representatives for the func-tional equivalence relation on F [x] is the set of poly-nomials of degree less than q.

Proof:

Notice that the polynomials constructed in Proposi-tion 5.63 are all of degree at most q − 1, because thepolynomials fa(x) are all of degree exactly q−1. Thismeans that every function from F to itself is the re-sult of evaluating a polynomial of degree less than q.It remains to show that all polynomials of degree lessthan q evaluate to distinct functions. Suppose thatg(x) and h(x) are polynomials that evaluate to thesame function. Then f(x) = g(x)−h(x) is a functionthat evaluates to zero everywhere on F . If f(x) = 0then g(x) = h(x) and there is no problem. If f(x) isnot the zero polynomial then the root factor theoremtells us that it is divisible by (x − a) for all a ∈ F .This means that (x) has q distinct first degree factorsand so deg(f) ≥ q. Since addition and subtraction ofpolynomials cannot increase degree, a polynomial ofdegree q or more could not result from computingg(x) − h(x) and so we deduce that g(x) = h(x). Itfollows that any two polynomials of degree less thanq in F [x] evaluate to distinct functions.

Example 5.28 Let g : Z7 → Z7 be given by g(0) =0, g(1) = 2, g(2) = 3, g(3) = 2, g(4) = 5, g(5) = 4,g(6) = 5 . Then if f(x) = x3 + x notice that f(a) =g(a) for each a ∈ Z7.

Proposition 5.65 yields a neat set of polynomials thatrepresent every possible function from a finite field toitself, but there is an algebraic point of view for thisresult as well.

Definition 5.50 Recall that F(F, F ) is the ring offunctions from F to itself. Define

: F [x]→ F(F, F )

to be the evaluation map that takes f(x) to a →f(a).

Proposition 5.66 The evaluation map : F [x] →F(F, F ) is a surjective ring homomorphism.

Proof:


Let f(x), g(x) ∈ F [x] and compute:

((f + g)(x)) = a → (f + g)(a)

= a → f(a) + g(a)

= (f(x)) + (g(x))

Which is the first homomorphism property, the multi-plication homomorphism property is proved in a sim-ilar manner. Proposition 5.63 demonstrates that allfunctions are polynomial which makes a surjectivering homomorphism.

Proposition 5.67 Let be the evaluation map de-fined in Proposition 5.66 for a finite field F of size q.Then

ker() = xq − x

Proof:

We already know, from Proposition 5.40, that thering of polynomials over a field are a principle idealdomain and that ker() is an ideal so it must have aprinciple. Corollary 5.6 tells us this principle is themonic member of the kernel of least degree. Propo-sition 5.65 tells us that this degree must be at leastq. Corollary 5.9 tells us that xq − x is in the kernelof and so is thus forced to be the generator of thekernel.

Corollary 5.10 If F is a finite field of size q, f(x) ∈F [x], and g = (f) then the representative polynomialof degree less than q that evaluates to g is the remain-der when f(x) is divided by h(x) = xq − x.

Proof:

Let f(x) = h(x)q(x) + r(x) be the result of applyingthe division algorithm. Then:

g = (f(x))

= (h(x)q(x) + r(x))

= (h(x))(q(x)) + (r(x))

= 0 · (q(x)) + (r(x))

= (r(x))

Since r(x) must have a degree less than q, it is a mem-bers of the system of distinct representatives locatedin Proposition 5.65.

Definition 5.51 A permutation polynomial is apolynomial that evaluates to a permutation.

Example 5.29 Examine f(x) = x3 ∈ Z5[x]. Thenf(0) = 0, f(1) = 1, f(2) = 3, f(3) = 2, f(4) = 4 sothe function that f(x) evaluates to is the permutation(2 3) of the set 0, 1, 2, 3, 4.

A permutation can be useful as a pseudo-randomnumber generator, as a cryptosystem, or simply as atechnique for shuffling a set. If a permutation polyno-mial has a small number of non-zero coefficients thenit can be a very fast method of computing a permu-tation. A permutation polynomial with few nonzerocoefficients is called a sparse permutation polynomial.The polynomial in Example 5.29 is very sparse (onenon-zero coefficient) but it only permutes a set withonly five elements and so it’s not too useful. Per-mutation polynomials over large finite fields that aresparse are very useful.

We now turn to a tool that is useful for manipulatingpolynomials in general, not just over finite fields.

Definition 5.52 Suppose that R is a ring with oneand that f : R→ R is a function. Define

∆f(x) = f(x+ 1)− f(x)

The function ∆f(x) is called the difference of f .We call ∆ the difference operator.

It is possible to take multiple differences and if weapply the difference operator n times to f(x) this isdenoted ∆nf(x).

Proposition 5.68 Suppose that F is a field andf(x) ∈ F [x]. Then if deg(f(x)) > 1, deg(∆f(x)) =deg(f(x))− 1.


Definition 5.53 A Latin square is an n × n ar-ray with entries from an n-element set such that eachsymbol appears once in each row and column.

Example 5.30 The Cayley table of a group is anexample of a Latin square.


Proposition 5.69 If F is a finite field and we fill anarray of symbols whose rows and columns are indexedby F with the values of the function f(x, y) = ax +by + c for a, b, c ∈ F , a, b = 0 at position x, y thenthe result is a Latin square.

Proof:

Suppose that x1, x2 ∈ F . Then if ax1 + by + c =ax2 + by + c we can solve to show that x1 = x2 sono two entries of a row of the array contain the samevalue. Similarly, using y1 and y2, we can show nocolumn contains a repeated value. Since only as manyvalues are available as rows or columns we see eachmust be used once and the resulting array is a Latinsquare.

We denote the Latin square generated by thefunction f(x, y) = ax+ by + c by L(a, b, c).

Proposition 5.70 If the rows or columns of a Latinsquare are permuted (re-ordered) then the result isstill a Latin square.


Definition 5.54 Suppose that X and Y are Latinsquares on the same set of symbols. If every pair(x, y) ∈ S × S appears in the form x = Xi,j andy = Yi,j then we say X and Y are orthogonal.

Example 5.31 Two orthogonal Latin squares on thesymbol set Z3

0 1 21 2 02 0 1

0 1 22 0 11 2 0

Proposition 5.71 Suppose that a = d are elementsof a finite field F . Then the Latin squares L(a, b, c)and L(d, b, c) are orthogonal.

Proof:

Let (u, v) ∈ F × F . We know that L(a, b, c) andL(d, b, c) are Latin squares by Proposition 5.69. Thetwo Latin squares are orthogonal if we can solve thesystem of linear equations

u = ax+ by + c

v = dx+ by + c

no matter what values u and v take on. Solving, weget

x =u− v

a− d

and

by + c =av − du

a− d,

and hence

y = b−1 av − du

a− d− b−1c

both of which exist because a = d, and b = 0. Itfollows that the two squares are orthogonal.

Definition 5.55 A system of mutually orthog-onal Latin squares is a set of Latin squares so thatany two are orthogonal.

Corollary 5.11 If F is a finite field of order q thenthere exists a system of mutually orthogonal Latinsquares with q − 1 members.

Proof:

If follows directly from Proposition 5.71 thatL(ai, 1, 0) for ai ∈ F

∗q is a system of mutually or-

thogonal Latin squares with q − 1 members.

Example 5.32 The construction given in Corollary5.11 yields:

0 1 2 3 4 0 2 4 1 3 0 3 1 4 2 0 4 3 2 1

1 2 3 4 0 1 3 0 2 4 1 4 2 0 3 1 0 4 3 2

2 3 4 0 1 2 4 1 3 0 2 0 3 1 4 2 1 0 4 3

3 4 0 1 2 3 0 2 4 1 3 1 4 2 0 3 2 1 0 4

4 0 1 2 3 4 1 3 0 2 4 2 0 3 1 4 3 2 1 0

when it is applied to the field Z5.

The problem of finding sets of mutually orthogo-nal Latin squares (MOLS) is a difficult one. The easycase is the one that occurs when a finite field is avail-able to help. It is fairly obvious (and a homeworkproblem) that n − 1 MOLS on a symbol set of sizen is a large as can be hoped for. It has been provedthat the only two n for which there are not even twomutually orthogonal Latin squares are n = 2, 6. Twois obvious and six was first proved by exhaustive enu-meration with a computer.


Problems


Problem 5.106 Read the proof of proposition 5.63and, for each α ∈ Z5 compute fα(x), the polynomialthat is zero for each member of Z5 that is not equalto α and which is one at α.

Problem 5.107 Do Problem 5.106 except for F4 in-stead of Z5. Use the version of F4 in Example 5.22to do this problem.

Problem 5.108 If F is a finite field of size q provethat f0(x) = 1−xq−1 where fα(x) is defined in Propo-sition 5.63.

Problem 5.109 If F is a finite field of size q provethat deg(fα(x)) = q − 1 for all α ∈ F . The functionf0(x) is defined in Proposition 5.63.

Problem 5.110 Find the distinct representative ofthe function that f(x) = x9 ∈ Z5[x] evaluates to inthe sense of Proposition 5.65.

Problem 5.111 Let f(x) = x3 and g(x) = x+ 1 beelements of Z5[x]. Suppose we close the set f, g un-der functional composition to obtain the set S. Prove(i) every function in S is a permutation polynomialand (ii) every permutation of Z5 is the result of eval-uating a function in S.

Problem 5.112 Suppose that f : Z7 → Z7 yields thevalues 1,4,0,4,6,6,0. Find a polynomial g(x) ∈ Z7(x)that evaluates to the function f .

Problem 5.113 Suppose that PF ⊂ F [x] are the setof all permutation polynomials in F [x]. This meansthat the evaluation map is a bijection of PF withSym(F ), the group of all permutations of F . Provethat the permutations that are the evaluation of firstdegree polynomials form a sub-group.

Problem 5.114 Let F be a finite field of size q.Prove that if there is one permutation polynomial ofdegree n < q then there must be at least q(q − 1) ofthem.

Problem 5.115 Let F be a finite field of size q andlet g(x) = xq − x ∈ F [x]. If p(x) ∈ F [x] prove thatg(x)|p(g(x)).

Problem 5.116 Suppose that F ≤ Q are finitefields. Let PQ ⊂ Q[x] be the set of all permutationpolynomials in Q[x]. Prove that those members ofPQ whose coefficients are in F form a subgroup.


Problem 5.118 Suppose that F is a field and thatf(x) ∈ F [x] is a polynomial of degree n. Prove that∆nf(x) is a constant function (evaluates to a con-stant) and that ∆n+1f(x) evaluates to zero.

Problem 5.119 Suppose that F is a field and thatf(x), g(x) ∈ F [x]. Prove that the following productrule for differences holds:

∆(f(x) · g(x)) = f(x+ 1)∆g(x) + g(x)∆f(x)

Problem 5.120 Prove that there are Latin squaresthat cannot be the Cayley table of a group no matterwhat bijection of the symbols in the table is made witha group of the same order.


Problem 5.122 Construct a pair of mutually or-thogonal Latin squares on the symbols sets Jack,Queen, King, Ace, and Clubs, Diamonds, Hearts,Spades by placing sixteen appropriate cards in a 4×4array.

Problem 5.123 Find a set of three mutually orthog-onal Latin squares on four symbols.

Problem 5.124 Prove that a set of mutually orthog-onal Latin squares on n symbols can have at mostn− 1 members.

Problem 5.125 Show that if there are m MOLS ona symbol set of size n and q MOLS on a symbol setof size k then there are at least min(m, q) MOLS ona symbol set of size nk. Hint: find a construction.

Problem 5.126 Let R be a relation defined on theset of all Latin squares on n symbols in which(A,B) ∈ R if A can be obtained from B by permutingrows, columns, or both. Prove that R is an equiva-lence relation. We call the relation R permutationequivalence.


Problem 5.127 Read Problem 5.126. Prove that ifF is a finite field with its elements listed in someorder σ then any Latin square on the symbol set Fis permutation equivalent to one whose first row andcolumn list the elements in the order σ.


Documents

Chapter5 - University of Guelpheldar.mathstat.uoguelph.ca/.../math4140/pdf/Chapter5.pdfChapter5 Rings Nothingprovesmoreclearlythatthemind seekstruth,andnothingreﬂectsmoreglory uponit,thanthedelightittakes,sometimes