3E28 Galois Theory

Shaun Stevens

Spring Semester 2007

Contents

0 Recollections 3

1 Fields and polynomials 4

1.1 Polynomials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

1.2 Factorizing polynomials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2 Splitting fields 12

2.1 Extension fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

2.2 Algebraic extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

2.3 Simple extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

2.4 Splitting fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

2.5 Normality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

2.6 Separability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

3 Galois theory 28

3.1 Automorphisms of field extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

3.2 The Galois correspondence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

3.3 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

3.4 Further results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

4 Solving polynomials by radicals 41

4.1 Cubic and quartic polynomials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

4.2 Kummer theory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

4.3 Soluble groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

4.4 Galois’s solvability criterion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

4.5 An insolvable polynomial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

5 Finite fields 55

1

5.1 Galois groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

5.2 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

6 Further topics 59

6.1 Constructibility revisited . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

2

0 Recollections

This section will appear as and when we need to recall things for the course, so check here againfor updates.

3

1 Fields and polynomials

1.1 Polynomials

Let F be a field. We consider the ring F [X] of polynomials with coefficients in F in more detail.If f is a non-zero polynomial in F [X] then we can write

f(X) = anXn + · · ·+ a1X + a0, ai ∈ F, an 6= 0.

Then the degree of f is deg(f) = n.

Note that the zero polynomial 0 does not have degree 0 – it is non-zero constant polynomials whichhave degree 0. Depending on your preference, the zero polynomial should either have undefineddegree, or have degree −∞.

In F [X] we have a Division Algorithm: Let f, g be polynomials in F [X], with f 6= 0. Then thereexist polynomials q, r ∈ F [X] (q for quotient, r for remainder) with

g(X) = q(X)f(X) + r(X), and either r = 0 or deg(r) < deg(f).

This can be proved by induction on the degree of g.

For example, if f(X) = X2 + 1 and g(X) = 2X3 + 3X2 + 1 in Q[X] then

g(X) = (X2 + 1)(2X + 3) + (−2X − 2),

so q(X) = 2X + 3 and r(X) = −2X − 2.

Definition 1.1. Let f, g, h be polynomials in F [X]

(i) We say g divides f (and write g|f) if there exists q ∈ F [X] such that f = gq.

(ii) A greatest common divisor of f and g is a polynomial h ∈ F [X] which divides both f andg, and such that, if q is any polynomial dividing both f and g then q divides h. Note thatgcd(f, g) is well-defined only up to units in F [X], that is up to multiplication by a non-zeroscalar.

(iii) We say that f, g are coprime if gcd(f, g) = 1. [Note that this really means gcd(f, g) is aconstant, since it could be any non-zero constant.]

(iv) We say f is irreducible if it is non-constant and, whenever we have a factorization f = gh,either g or h is a unit (i.e. either g or h is constant); otherwise f is reducible.

Notice that, if f is an irreducible polynomial and g is any polynomial, then there are only twopossibilities for the greatest common divisor of f and g:

gcd(f, g) =

{f, if f |g,1, otherwise.

One important consequence of the Division Algorithm is that F [X] has a Euclidean Algorithm:Let f, g be non-zero polynomials and q = gcd(f, g); then there exist polynomials u, v ∈ F [X] suchthat

q(X) = u(X)f(X) + v(X)g(X).

4

This can be used to prove that any irreducible polynomial f ∈ F [X] is actually prime: that is, if fdivides gh, for some polynomials g, h ∈ F [X], then either f divides g or f divides h. From this itfollows that F [X] is a unique factorization domain: any polynomial in F [X] can be factorized asa product of irreducible polynomials, and this factorization is unique up to the order of the factorsand multiplication of the factors by non-zero scalars.

Example. Consider again f(X) = X2 + 1 and g(X) = 2X3 + 3X2 + 1 in Q[X]. We can show thatthese are coprime in two different ways:

(i) First we notice that f is irreducible: if not then it would have to factorize as a product oftwo linear (degree 1) factors, f would have a root in Q; but f(α) = α2 + 1 ≥ 1, for all α ∈ Q,so f has no roots in Q.

Now we saw above that

g(X) = (2X + 3)f(X) + (−2X − 2),

so f does not divide g. Hence (see the remarks after Definition 1.1), gcd(f, g) = 1.

(ii) Alternatively, we can use the Euclidean algorithm:

2X3 + 3X2 + 1 = (X2 + 1)(2X + 3) + (−2X − 2)X2 + 1 = (−2X − 2)(−1

2X + 12) + 2

−2X − 2 = 2(−X − 1) + 0

so gcd(f, g) = 2 (the last non-zero remainder), which is the same as gcd(f, g) = 1.

The advantage of this method is that we can use back-substitution in this calculation to findpolynomials u, v such that uf + vg = 1:

2 = (X2 + 1)− (−2X − 2)(−12X + 1

2)= f(X)− (g(X)− (2X + 3)f(X))(−1

2X + 12)

= (12X −

12)g(X) + [1 + (2X + 3)(−1

2X + 12)]f(X).

Dividing by 2 and simplifying, we get

1 =[

14(X − 1)

]g(X)−

[14(2X2 +X − 5)

]f(X).

1.2 Factorizing polynomials

We will mostly be concerned with factorizing polynomials in Q[X], but also sometimes over finitefields Fp. Note also that factorization of polynomials in C[X] is (in theory) straightforward: theFundamental Theorem of Algebra says that any polynomial in C[X] factorizes completely, into aproduct of linear factors – so the only irreducible polynomials in C[X] are those of degree 1.

Proposition 1.2. Suppose α = r/s ∈ Q, with r, s ∈ Z coprime, is a root of

f(X) = anXn = · · ·+ a1X + a0, ai ∈ Z.

Then r|a0 and s|an.

5

Note that this is particularly useful for monic polynomials: If an = 1 then any root of f(X) in Qis actually an integer dividing a0.

Proof. We substitute α = r/s into f(α) = 0 and clear the denominators:

0 = snf(r/s) = anrn + an−1r

n−1s+ · · ·+ a1rsn−1 + a0s

n.

Now r divides every term except possibly the last; so it divides the last term also, that is r|a0sn.

But r is coprime to s, so this implies r|a0.

Similarly, we get s|anrn and, since s is coprime to r, s|an. �

We can already use this to check irreducibility of quadratic and cubic polynomials: if such apolynomial factorizes then one of the factors must have degree 1 so the polynomial must have aroot in Q.

Example. (i) f(X) = 3X2−3X−1 is irreducible in Q[X]: the only possible roots are ±1,±1/3and we can easily check that

f(1) = −1, f(−1) = 5, f(1/3) = −5/3, f(−1/3) = 1/3.

So f has no roots and is irreducible.

(ii) g(X) = X3 − 2 is irreducible in Q[X]: the only possible roots are ±1,±2, and we check

g(1) = −1, g(−1) = −3, g(2) = 6, g(−2) = −10,

so g has no roots and is irreducible.

(iii) Note that this does not work for quartics (and higher degree). For example, h(X) = X4 +X3 + 2X2 +X + 1 has no roots in Q (since neither 1 nor −1 is a root) but is reducible since

h(X) = (X2 + 1)(X2 +X + 1).

That is, h factorizes as a product of two irreducible quadratics.

The following proposition (valid for any field F ) says that irreducibility is unaffected by a linearchange of variables.

Proposition 1.3. Let f be a polynomial in F [X], let α ∈ F , let β ∈ F×, and put g(X) = f(βX+α).Then

f is irreducible ⇐⇒ g is irreducible.

Proof. Suppose f is reducible, so f = rs, with r, s ∈ F [X] non-constant. Then, putting r′(X) =r(βX + α) and s′(X) = s(βX + α), we have

g = r′s′, with r′, s′ ∈ F [X] non-constant,

that is, g is reducible. The converse follows by symmetry, since f(X) = g(β−1X − β−1α). �

Example. f(X) = 8X3 − 12X2 + 6X − 3 is irreducible in Q[X]: writing g(X) = X3 − 2, we havef(X) = (2X − 1)3 − 2 = g(2X − 1); since g is irreducible (from the Example above), so is f , byProposition 1.3.

6

Reduction modulo p

In this section we look at polynomials with rational (especially integer) coefficients. Indeed, theseare the same question: if f ∈ Q[X] then we can obtain from it a polynomial with integer coeffi-cients by clearing the denominators (multiplying by some scalar); since scalars are units, the newpolynomial is irreducible if and only if f is irreducible.

Let p be a prime number; then we have a map

φ : Z → Fp

a 7→ a = a (mod p),

the reduction modulo p map. This is a ring homomorphism, since

φ(a+ b) = a+ b = a+ b = φ(a) + φ(b),φ(ab) = ab = ab = φ(a)φ(b).

This induces a map on polynomials

φ∗ : Z[X] → Fp[X]f(X) = anX

n + · · ·+ a0 7→ f(X) = anXn + · · ·+ a0.

(That is, we reduce all the coefficients modulo p.) Then a dull exercise shows that φ∗ is also a ringhomomorphism.

Example. With p = 5, we have

f(X) = X4 + 10X2 + 11X − 2 ∈ Z[X],f(X) = X4 +X − 2 ∈ F5[X].

Proposition 1.4 (Gauss’s Lemma). Let f be a polynomial in Z[X]. If f factorizes (non-trivially)in Q[X] then it factorizes (non-trivially) in Z[X].

We note that this is not obvious: it could be that f factorizes as a product of two polynomialswith rational coefficients but the denominators somehow cancel when we multiply them together.Indeed, this does happen:

X2 − 1 = (23X −

23)(3

2X + 32).

The point here is that, whenever we have something in the denominator of one of the terms, itappears in the numerator of the other so, by multiplying the two factors by scalars, we can find afactorization with integral coefficients:

X2 − 1 = (X − 1)(X + 1).

The idea of the proof of Gauss’s Lemma is the same.

Proof. Suppose f = gh in Q[X], with g, h non-constant. Let m be the least common multiple ofthe denominators of the coefficients of g, so that

g1(X) = mg(X) ∈ Z[X].

7

Similarly, let n be the least common multiple of the denominators of the coefficients of h, so that

h1(X) = nh(X) ∈ Z[X].

Then, in Z[X], we haveg1(X)h1(X) = mnf(X). (∗)

Suppose a prime number p divides mn. Reducing (∗) modulo p, we get

g1(X)h1(X) = 0 in Fp[X].

Now Fp[X] is an integral domain, so either g1 = 0 or h1 = 0; without loss of generality, supposeg1 = 0. Then p divides all the coefficients of g1 so g1(X) = pg2(X), for some g2 ∈ Z[X]. But then

g2(X)h1(X) =mn

pf(X),

which is the same as (∗) but with mn replaced by mnp . Continuing, we may remove all the prime

factors of mn from (∗), and so we end with

g∗(X)h∗(X) = f(X),

with g∗, h∗ ∈ Z[X]. Moreover, g∗ and h∗ are constant multiples of g and h respectively, so neitheris a constant polynomial; that is, the factorization is non-trivial. �

A similar proof shows the following:

Proposition 1.5. Suppose f ∈ Z[X] is monic, g ∈ Q[X] is monic, and g|f . Then g ∈ Z[X].

Proof. We have f = gh, with h ∈ Q[X] monic. Let m (respectively n) be the least commonmultiple of the denominators of the coefficients of g (respectively h), so that g1(X) = mg(X) andh1(X) = nh(X) have integer coefficients. Then

mbf(X) = g1(X)h1(X).

Suppose mn 6= 1 so some prime number p divides mn. Then, reducing modulo p as in the proofof Gauss’s Lemma, we see that p divides all the coefficients of either g1 or h1; without loss ofgenerality, we may assume it is g1. But the leading coefficient of g1 is m so p divides m also. Butthen

(mp

)g(X) = 1

pg1(X) ∈ Z[X], contradicting the definition of m.

Hence mn = 1 so m = n = 1 and g ∈ Z[X], as required. �

Example. We can use this to prove that f(X) = X4 + 1 is irreducible in Q[X]. Firstly, f has nolinear factors since, by Proposition 1.2, the only possible roots are ±1 but f(±1) = 2 6= 0. Hence,if f factorizes in Q[X] it must do so as a product of two irreducible quadratics. By scaling, we mayassume these two quadratics are monic and then, by Proposition 1.5, they have integral coefficients.So we try writing a factorization:

X4 + 1 = (X2 + aX + b) (X2 + cX + d),

8

with a, b, c, d ∈ Z. Expanding out and comparing coefficients, we get the following equationsinvolving the coefficients:

a+ c = 0;b+ ac+ d = 0;bc+ ad = 0;bd = 1.

The last of these gives b = d = ±1 (since b, d are both integers), while the first gives c = −a.Substituting these into the second gives a2 = ±2, which is absurd.

Remark. Proposition 1.5 implies that factorizing a polynomial f of degree d in Q[X] can be donein finite time as follows:

• Firstly we can multiply f by a scalar in Q so that it is monic, and, setting m to be the leastcommon multiple of the denominators of the coefficients of f , we can use Proposition 1.3 toreplace f by mdf(d−1X), which is monic with integer coefficients.

• Any monic factor g of f has integer coefficients, and these coefficients are bounded in termsof the coefficients of f : If

f(X) = Xd + ad−1XD−1 + · · ·+ a1X + a0

then put A = max{1, |a0|, . . . , |ad−1|}. Then the coefficients of g are bounded (in absolutevalue) by (dA)d so there are only finitely many monic polynomials d which one need try todivide into f .

This method of proving irreducibility is rather cumbersome already for quartic polynomials, letalone for higher degree. The next proposition gives us the first instance of an irreducibility criterionapplicable to polynomials of any degree:

Proposition 1.6 (Eisenstein’s criterion). Let f(X) = anXn + · · · + a0 ∈ Z[X] and suppose there

exists a prime number p such that

(i) p 6 | an;

(ii) p | ai, for i = 0, ..., n− 1;

(iii) p2 6 | a0.

Then f is irreducible in Q[X].

Proof. Suppose f factorizes in Q[X], hence in Z[X] by Gauss’s Lemma:

f(X) = g(X)h(X),

{g(X) = brX

r + · · ·+ 0,h(X) = csX

s + · · ·+ 0,

with r, s ≥ 1, brcs 6= 0. Reducing modulo p, we get

f(X) = g(X)h(X).

But f(X) = anXn 6= 0 and the only possible factorization of this is

anXn = brX

rcsXs.

Hence p|b0 and p|c0; but then p2|b0c0 = a0, contradicting (iii). �

9

Example. (i) f(X) = X5 +3X2 +9X+6 is irreducible in Q[X] by Eisenstein’s criterion appliedwith p = 3.

(ii) Eisenstein’s criterion gives another (quicker) way of proving that g(X) = X4+1 is irreducible:we note that

g(X + 1) = (X + 1)4 + 1 = X4 + 4X3 + 6X2 + 4X + 2,

which is irreducible by Eisenstein’s criterion applied with p = 2. But then g is irreduciblealso, by Proposition 1.3.

(iii) Similarly h(X) = X4 +X3 +X2 +X + 1 is irreducible over Q:

h(X + 1) = (X + 1)4 + (X + 1)3 + (X + 1)2 + (X + 1) + 1= X4 + 4X3 + 6X2 + 4X + 1

+ X3 + 3X2 + 3X + 1+ X2 + 2X + 1

+ X + 1+ 1

= X4 + 5X3 + 10X2 + 10X + 5,

which is irreducible in Q[X] by Eisenstein’s criterion with p = 5.

Note that (X − 1)h(X) = X5 − 1. This example is a special case of:

Lemma 1.7. Let p be a prime number and put

φp(X) = Xp−1 +Xp−2 + · · ·+ 1, the pth cyclotomic polynomial

Then φp(X) is irreducible over Q.

Proof. We have φp(X) =Xp − 1X − 1

so

φp(X + 1) =(X + 1)p − 1(X + 1)− 1

=Xp + ( p

p−1)Xp−1 + · · ·+ (p

1)X + 1− 1X

= Xp−1 + pXp−2 + · · ·+ (pi )X

i−1 + · · ·+ p.

Now (pi ) = p!

i!(p−i)! so p divides (pi ), for 1 ≤ i ≤ p − 1. On the other hand p2 does not divide p so

Eisenstein’s criterion is satisfied with p and φp(X + 1), so φp(X) is irreducible in Q[X]. �

Remark. What are the roots (in C) of φp(X)? They satisfy (X − 1)φp(X) = Xp − 1 so they arethe pth roots of unity (except 1):

ζ = e2πi/p, ζ2 = e4πi/p, ..., ζp−1 = e2(p−1)πi/p.

We can also use the reduction modulo p map to prove irreducibility directly. Suppose f is a monicpolynomial in Z[X] and f = gh in Z[X] is a non-trivial factorization. Then, reducing modulo p,we get f = gh and, since deg(f) = deg f , this is a non-trivial factorization. Hence, if f is reduciblein Q[X] then f ∈ Fp[X] is reducible for all primes p. The contrapositive of this is quite useful:

10

Lemma 1.8. Let f be a monic polynomial in Z[X]. If f is irreducible in Fp[X] for some p, thenf is irreducible in Q[X].

Remarks. (i) The converse of Lemma 1.8 is false: there are monic irreducible polynomials fsuch that f is reducible in Fp[X] for all primes p – see the problem sheet.

(ii) There is also the following weaker result: if f is a monic polynomial in Z[X] which has a rootin Q (so in Z), then f has a root in Fp for all primes p. The converse is again false but we dohave: if f has a root in Fp for all primes p then f is reducible in Q[X]. (This is HARD.)

We end this section by looking more closely at the problem of irreducibility in Fp[X]. Note thatthis is a finite problem, since there are only pn monic polynomials of degree n. Also, a reduciblemonic polynomial f of degree n must have an irreducible monic factor of degree at most bn2 c, sowe need only try dividing all irreducible monic polynomials of degree at most bn2 c. Checking forroots is also easy, since there are only p possible roots.

Example. We look at polynomials in F3[X]; we will write the elements of F3 as 0, 1,−1. All degree1 polynomials are irreducible:

X, X + 1, X − 1.

Any reducible degree 2 polynomial must have a root so we can just write down all 32 = 9 monicquadratics and check for roots:

X2 = XX

X2 + 1X2 − 1 = (X − 1)(X + 1)X2 +X = X(X + 1)X2 +X + 1 = (X − 1)2

X2 +X − 1X2 −X = X(X − 1)X2 −X + 1 = (X + 1)2

X2 −X − 1

Hence the only irreducible quadratics are:

X2 + 1, X2 +X − 1, X2 −X − 1.

Now that we know all irreducibles of degree up to 2, we can detect the irreducibility of any poly-nomial of degree at most 5. For example,

f(X) = X5 +X3 +X − 1

is irreducible in F3[X]: firstly, it has no roots since

f(0) = −1, f(1) = 2 = −1, f(−1) = −4 = −1;

it also has no irreducible quadratic factor, since

f(X) = (X2 + 1)(X3) + (X − 1)= (X2 +X − 1)(X3 −X2 − 1) + (−X + 1)= (X2 −X − 1)(X3 +X2 + 1) + (−X + 1).

As an application of this, we see, for example, that g(X) = X5 +4X3−3X2−5X+2 is irreduciblein Q[X], since g = f is irreducible in F3[X].

11

2 Splitting fields

2.1 Extension fields

Let F be a field.

Definition 2.1. A (field) extension of F is a field E containing F . We will write “E/F is a fieldextension.”

For example, the following are all field extensions:

C/R, C/Q, Q/Q, Q(√−2)/Q.

Note that, if E is a field containing F then, for all e ∈ E and λ ∈ F , the product λe is defined inE; thus we have a scalar multiplication by F on E. Looking at the axioms for E to be a vectorspace over F , we see that they are all special cases of the axioms for E to be a field; hence E isindeed a vector space over F and it has a basis and a dimension over F .

Definition 2.2. Let E/F be a field extension. If E is finite dimensional as a vector space over Fthen we say that E/F is a finite extension; otherwise it is infinite. If it is finite then the degree ofE/F is [E : F ] = dim F (E).

For example, for the extensions above we have:

• C/R is finite of degree [C : R] = 2, because {1, i} is a basis for C as a R-vector space;

• C/Q is infinite;

• Q/Q is finite of degree [Q : Q] = 1, because {q} is a basis, for any q ∈ Q×;

• Q(√−2)/Q is finite of degree 2, because B = {1,

√−2} is a basis. In this case, it is clear that

B spans Q(√−2), since Q(

√−2) = {a+ b

√−2 : a, b,∈ Q} (see the Introduction). To see that

B is linearly independent over Q, suppose

a+ b√−2 = 0, for some a, b ∈ Q.

If b 6= 0 then√−2 = a/b ∈ Q, which is absurd. Hence b = 0 and so a = 0 also.

The following Proposition will prove to be very useful when we are trying to compute the degreesof extension fields. It will allow us to break down the problem of finding the degree of some bigextension into smaller steps.

Proposition 2.3 (Tower Law). Let E/F be a field extension and let L/E be another field extension.Then L/F is a finite extension if and only if both L/E and E/F are finite, in which case

[L : F ] = [L : E][E : F ].

Writing m = [L : E] and n = [E : F ], the picture you shouldimagine with this is the following:

This is a “tower” of extensions, and Proposition 2.3 says thatthe degree of the total extension L/F is the product of thedegrees of the steps in the tower: it is mn.

L

m

E

n

F

12

Proof. Suppose first L/E and E/F are both finite; we set m = [L : E] and n = [E : F ]. LetL = {l1, ..., lm} be a basis for L/E and let E = {e1, ..., en} be a basis for E/F . Set

B = {liej : 1 ≤ i ≤ m, 1 ≤ j ≤ n} .

We claim that B is a basis for L/F .

Linear independence: Suppose we have scalars λij ∈ F such that∑i,j

λij(liej) = 0.

We reorder the sum to getm∑

i=1

n∑j=1

λijej

li = 0.

This is a linear dependence for L over E and, since L is linearly independent, all the coefficientsmust be zero:

n∑j=1

λijej = 0, for each i = 1, ...,m.

Again, since E is linearly independent over F , we get

λij = 0, for each i = 1, ...,m, j = 1, ..., n,

as required.

Spanning: Let l ∈ L. Then, since L spans L/E, there exist µ1, ..., µm ∈ E such that

l =m∑

i=1

µili.

Again, since E spans E/F , for each i = 1, ...,m there exist λi1, ..., λin ∈ F such that

µi =n∑

j=1

λijej .

Putting these together, we get

l =m∑

i=1

n∑j=1

λijej

li =∑i,j

λij(liej),

as required. �

2.2 Algebraic extensions

Definition 2.4. Let E/F be a field extension and α ∈ E.

(i) α is algebraic over F if there is a non-zero polynomial f ∈ F [X] such that f(α) = 0; otherwiseα is transcendental over F .

13

(ii) The algebraic closure of F in E is

F = {α ∈ E : α is algebraic over F}.

(iii) The extension E/F is algebraic if every element of E is algebraic over F ; equivalently ifF = E.

For example,√−2 is algebraic over Q, since it is a root of X2 + 2. On the other hand π is

transcendental over Q, though this is not obvious.

If α ∈ E× is algebraic over F then we can set

I = {f ∈ F [X] : f(α) = 0}.

It is straightforward to check that I is an ideal of F [X]. Indeed, it is a prime ideal: if f, g ∈ F [X]are such that fg ∈ I then f(α)g(α) = 0 so either f(α) = 0 or g(α) = 0 and hence either f ∈ I org ∈ I.Since F [X] is a principal ideal domain, I is the ideal generated by some monic polynomial mα(X),and since the ideal is prime, this polynomial is irreducible. The polynomial mα(X) is the monicpolynomial of least degree such that mα(α) = 0 and is called the minimum polynomial of α overF .

Since I is generated by mα, if ever we have a polynomial g ∈ F [X] such that g(α) = 0 then wehave g ∈ I so that mα divides g. In particular, if we find a monic irreducible polynomial g ∈ F [X]with g(α) = 0 then g must actually be the minimum polynomial.

Example. (i)√−2 has minimum polynomial X2 +2 over Q, since X2 +2 is irreducible in Q[X].

(ii)√−2 has minimum polynomial X −

√−2 over C.

(iii) Set α =√

2+ 3√

2. We can see that α is algebraic over Q by explicitly computing a polynomialof which α is a root. We have (α−

√2) = 3

√2 so, cubing both sides, we get

α3 + 6α− (3α2 + 2)√

2 = 2 (∗)

Gathering the terms in√

2 on the right, and the other terms on the left, and then squaring,we get

(α3 + 6α− 2)2 = 2(3α2 + 2)2

which rearranges to give

α6 − 6α4 − 4α3 + 12α2 − 24α− 4 = 0.

Hence α is a root of g(X) = X6− 6X4− 4X3 +12X2− 24X − 4. On the other hand, it is notclear whether or not this is the minimum polynomial, since our techniques do not (at least,not obviously) show that g is irreducible in Q[X].

Lemma 2.5. Let E/F be a field extension and let α ∈ E be algebraic over F , with minimumpolynomial mα(X) of degree n. Then

F [α] := {f(α) : f ∈ F [X]}

is a finite field extension of F of degree n.

14

Proof. It is clear that F [α] is a ring, so we need only check that every non-zero element is invertible.So let f ∈ F [X] and suppose f(α) 6= 0. Then mα does not divide f so, since mα is irreducible, mα

is coprime to f . By the Euclidean algorithm, there exist u, v ∈ F [X] such that

mαu+ fv = 1.

Hence mα(α)u(α) + f(α)v(α) = 1 and, since mα(α) = 0, we get

f(α)v(α) = 1,

i.e. v(α) is a multiplicative inverse for f(α).

To prove that the degree of the extension is n, we show that B = {1, α, ..., αn−1} is a basis forF [α]/F .

Linear independence: Suppose we have ai ∈ F such that

a01 + a1α+ · · ·+ an−1αn−1 = 0.

Then α is a root of the polynomial f(X) =∑n−1

i=0 aiXi ∈ F [X] and hence mα divides f . But

deg(mα) = n while, if f 6≡ 0, deg(f) < n. This is impossible so we must have f ≡ 0, and henceai = 0 for i = 0, ..., n− 1.

Spanning: Let f ∈ F [X] and consider f(α); we may as well assume f(α) 6= 0, so mα does notdivide f . By the division algorithm in F [X], there exist polynomials q, r ∈ F [X], with deg(r) <deg(ma) = n, such that f = qmα + r. But then

f(α) = q(α)mα(α) + r(α) = r(α)

and, since deg(r) ≤ n− 1, r(α) is a linear combination of 1, α, ..., αn−1. �

Example. We can now return to the example of α =√

2+ 3√

2 above. Put K = Q[α]. Notice that,by (∗),

√2 ∈ K since all other terms are in K and 3α2 + 2 is non-zero (since, for example, α ∈ R

so 3α2 + 2 ≥ 2) so it is invertible. Hence also 3√

2 = α−√

2 is in K.Set L = Q[

√2] and E = Q[ 3

√2], which are both extensions of

Q contained in K. We get the following picture:

Note that, by Lemma 2.5, [L : Q] = 2 since√

2 has minimumpolynomial X2 − 2, and [E : Q] = 3 since 3

√2 has minimum

polynomial X3 − 2.

Now the tower law says [K : Q] = [K : L][L : Q] = 2[K : L]so 2 divides [K : Q].

K

~~~~

~~~

AAAA

AAA

L

2 ????

????

E

3~~~~

~~~~

Q

Similarly, [K : Q] = [K : E][E : Q] = 3[K : E] so 3 divides [K : Q]. Hence 6 divides [K : Q].

But we have already found a polynomial of degree 6 of which α is a root so deg(mα) ≤ 6 and[K : Q] ≤ 6 (by Lemma 2.5 again). Hence we must have [K : Q] = 6, so the minimum polynomialmα has degree 6 and hence it is

g(X) = X6 − 6X4 − 4X3 + 12X2 − 24X − 4.

Notice that this implies that g is irreducible!

We can also get a useful criterion for determining when an element is algebraic:

15

Lemma 2.6. Let E/F be an extension and let α ∈ E. Then α is algebraic over F if and only ifthere is a finite extension L/F with α ∈ L.

Proof. If α is algebraic over F , then Lemma 2.5 says that L = F [α] will do.

Conversely, suppose L/F is finite of degree n and α ∈ L. Consider the elements 1, α, ..., αn ∈ L.Since these are n+1 elements in an n-dimensional space, they are linearly dependent so there existai ∈ F , not all zero, such that

∑ni=0 aiα

i = 0. But then α is a root of the non-zero polynomialf(X) =

∑ni=0 aiX

i ∈ F [X], so α is algebraic over F . �

In particular, this applies in the following situation:

Lemma 2.7. Let E/F be an extension and α, β ∈ E, β 6= 0. If α, β are both algebraic over F thenso are α+ β, αβ and α/β.

Proof. Put K = F [α], which is a finite extension of F . Since β is algebraic over F , it is certainlyalgebraic over K, so L = K[β] is a finite extension of K. By the tower law, L/F is then a finiteextension, and it contain α + β, αβ and α/β (since it is a field containing α and β). Then, byLemma 2.6, these are all algebraic over F . �

2.3 Simple extensions

Let E/F be a field extension and α ∈ E×. Inside E we have the simple extension F (α) of F :

F (α) ={p(α)q(α)

: p, q ∈ F [X], q(α) 6= 0}

a field

∪F [α] = {p(α) : p ∈ F [X]} a ring

We also have the “evaluation” homomorphism

F [X]ϕ−−→ F [α],

p(X) 7→ p(α).

By definition of F [α], this map is surjective, but it may not be injective. We consider two cases:

(i) ϕ is injective: then it is an isomorphism F [X] ' F [α] so p(α) 6= 0 for all p ∈ F [X] and α istranscendental over F . Then ϕ extends to an isomorphism

F (X)ϕ−−→ F (α),

p(X)q(X)

7→ p(α)q(α)

.

(ii) ϕ is not injective: so p(α) = 0 for some p ∈ F [X] and α is algebraic over F . We saw that

I = kerϕ = {p ∈ F [X] : p(α) = 0}

is the ideal of F [X] generated by the minimum polynomial mα of α over F . We writeI = (mα). Then, by the First Isomorphism Theorem for rings, we have an isomorphism

F [X]/I ' F [α].

Note also that, in this situation, F (α) = F [α] since, by Lemma 2.5, every non-zero q(α) ∈ F [α]is invertible so any p(α)/q(α) is actually in F [α].

16

Definition 2.8. E/F is a simple extension if it is generated by a single element, i.e. there is anα ∈ E such that E = F (α).

The discussion above proves the following

Theorem 2.9 (Classification of simple extensions). Let E/F be a simple extension generated byα. Then either

(i) α is transcendental over F and E is isomorphic to F (X) as an extension of F , i.e. there isan isomorphism ϕ : F (X) ∼−→ E such that the following diagram commutes:

F� � i //� q

j""FF

FFFF

FFF F (X)

ϕ

�����

E

or

(ii) α is algebraic over F and, writing f(X) for the minimum polynomial of α over F , E isisomorphic to the quotient F (X)/(f(X)) as an extension of F , i.e. there is an isomorphismϕ : F (X)/(f(X)) ∼−→ E such that the following diagram commutes:

F� � i //� s

j&&MMMMMMMMMMMMM F (X)/(f(X))

ϕ

�����

E

Notice that, in the second case, F [X]/(f(X)) refers only to the minimum polynomial f of α, notto α itself, or even to the field E... yet it gives a field containing a root α of f(X). This is theinspiration for how to construct a field extension which has a root of a given polynomial in it.

Lemma 2.10. Let F be a field and let f ∈ F [X] be an irreducible polynomial of degree n. Then

E := F [X]/ (f(X))

is a finite extension of F of degree n which contains a root α := X + (f(X)) of f .

Proof. Put I = (f(X)) so E = F [X]/I and we have the projection homomorphism

π : F [X] → E,

g 7→ g + I.

Since it is a quotient ring, E is certainly a commutative ring containing F . To show that E isa field extension of F , we need only show that every non-zero element of E has a multiplicativeinverse in E.

Let g ∈ F [X] be such that g+ I is a non-zero element of E. (Remember that the elements of E arecosets of I.) This means that g 6∈ I, so that f does not divide g. Since f is irreducible, this impliesthat f, g are coprime so, by the Euclidean algorithm, there exist polynomials r, s ∈ F [X] such that

gr + fs = 1.

17

But then(g + I)(r + I) = gr + I = (gr + fs) + I = 1 + I,

where we have used that fs ∈ I. Hence r + I is a multiplicative inverse for g + I and E is a fieldcontaining F .

Now, using the fact that projection map π : F [X]→ E is a homomorphism, we have

f(α) = f(π(X)) = π(f(X)) = f(X) + I = 0 + I,

since f ∈ I. Hence α is a root of f in E, as required.

To finish, we notice that F [α] = {g(α) : g ∈ F [X]} = {g(X) + I : g ∈ F [X]}, which is precisely E.Since E = F [α] and α is algebraic over F with minimum polynomial f , we can apply Lemma 2.5to see that E/F is finite of degree n. �

Example. (i) A familiar example: Let f ∈ Q[X] be irreducible. By the Fundamental Theo-rem of Algebra, f certainly has a root α ∈ C. Then

Q(α) ' Q[X]/ (f(X))

is a field extension of Q. The advantage of working with the LHS here is that we are inside C,which we understand; one disadvantage is that it relies on having the Fundamental Theoremof Algebra so it only works for fields like Q which are contained in C. On the other hand, theadvantage of working with the RHS is that it shows us how to do algebra in the extension:

For example, suppose f(X) = X5 + 4X + 2, which is irreducible by Eisenstein’s criterion.This has a root in C (indeed, it has five distinct roots) but we don’t know what it is! So,instead, set I = (f(X)) and E = Q[X]/I, and put α = X + I so that E = Q[α]. Then wecan, for example, find the inverse in E of

β = α3 + α.

We do this by following the recipe outlined in the proof of Lemma 2.10. Set g(X) = X3 +Xand perform the Euclidean algorithm with f and g:

X5 + 4X + 2 = (X3 +X)(X2 − 1) + (5X + 2)

X3 +X = (5X + 2)(

15X

2 − 225X + 29

25

)+ 58

25

so

1 = 2558

(g(X)− (5X + 2)

(15X

2 − 225X + 29

25

))= 25

58

(g(X)− (f(X)− (X2 − 1)g(X))

(15X

2 − 225X + 29

25

))= = 1

58

(5X4 − 2X3 + 24X2 + 2X − 4

)g(X)− 1

58

(5X2 − 2X + 29

)f(X).

Hence the inverse of g(α) = α3 − α is 158(5α4 − 2α3 + 24α2 + 2α− 4).

18

(ii) A less familiar example: The polynomial f(X) = X2 + X + 1 is irreducible in F2[X],so E = F2[X]/ (f(X)) is an extension of F2 of degree 2. It has basis {1, α}, where α =X + (f(X)), so

E = {0, 1, α, 1 + α},i.e. E is a field with 4 elements.

Warning: E is not Z/4Z, the ring of integers modulo 4; the ring Z/4Z is certainly not a fieldas 2 is not invertible in it. In E, on the other hand 2 = 1+1 = 0 (that is, E has characteristic0).

We can still do algebra in E; for example:

α2 = (α2 + α+ 1) + (α+ 1) = α+ 1,(α+ 1)2 = (α2 + α+ 1) + α = α,

α(α+ 1) = (α2 + α+ 1) + 1 = 1,

since f(α) = α2 + α+ 1 = 0 in E.

Similarly, we saw that g(X) = X5 +X3 +X−1 is irreducible in F3[X] so K = F3[X]/ (g(X))is a field extension of F3 of degree 5. Since a basis for K/F3 has 5 elements and any elementof K can be written uniquely as a linear combination of these basis elements, with coefficientsin F3, the field K has |F3|5 = 35 = 243 elements.

2.4 Splitting fields

Definition 2.11. Let F be a field, let f ∈ F [X] and let E/F be an extension.

(i) We say that f splits over E if it factorizes completely in E[X], i.e. it can be expressed as aproduct of linear factors

f(X) = a0(X − α1) · · · (X − αn), with α1, . . . , αn ∈ E, a0 ∈ F×.

(ii) We say that E is a splitting field for f over F if f splits over E but not over any intermediateextension L, E ) L ⊇ F .

Remark. If f splits over E as above, then we can describe a splitting field for f over F quite easily.Recall that F (α1) is the subfield of E of rational functions in α1 with coefficients in F (equivalently,it is the smallest subfield of E containing F and α1). Inductively we can define

F (α1, . . . , αn) = F (α1, . . . , αn−1)(αn),

since E is (inductively) a field extension of F (α1, . . . , αn−1). Then F (α1, . . . , αn) is the smallestfield containing F and all the roots α1, . . . , αn of f , so it is a splitting for f over F .

By the Fundamental Theorem of Algebra, this applies, in particular, to the case F = Q and E = C.

The following theorem says that, given any polynomial f with coefficients in a field F , there is asplitting field for f over F and, moreover, it is unique. The existence is not hard: we already knowhow to construct an extension of F in which f has a root; then we put in all the other roots one byone – the only subtlety is that we need to be careful about how f factorizes (as our Lemma 2.10on the construction of simple extensions is for irreducible polynomials only. On the other hand,the uniqueness statement is a little trickier, though the principle is the same: we have a uniquenessstatement in the classification of simple extensions (Theorem 2.9) and we need to extend this ateach stage that we add another root.

19

Theorem 2.12. Let F be a field and f ∈ F [X] a polynomial of degree n. Then there exists asplitting field E for f over F , and [E : F ] ≤ n!.

Moreover, if E′ is another splitting field for f over F then E is isomorphic to E′ as extensions ofF , i.e. there is an isomorphism ϕ : E ∼−→ E′ such that the following diagram commutes:

F� � i //� p

j !!BBB

BBBB

B E

ϕ

�����

E′

[That is, ϕ(x) = x for all x ∈ F .]

Proof of Existence. By the Remark above, it is enough to find an extension of degree at most n! inwhich f splits. We proceed by induction on n, noting that when n = 1 the polynomial f alreadyfactorizes over F and [F : F ] = 1!. So we turn to the inductive step and start by factorizing f overF :

f(X) = p1(X) · · · pr(X) in F [X],

where each pi is irreducible in F [X] and deg(p1) ≤ deg(p2) ≤ · · · ≤ deg(pr).

Put F1 = F [X]/(p1(X)), an extension of F of degree deg(p1) ≤ n which contains a root α1 ofp1(X). Since α1 is also a root of f , we can factorize

f(X) = (X − α1)f1(X) in F1[X].

Now deg(f1) = n − 1 so we can apply the inductive hypothesis to find an extension E of F1 ofdegree at most (n− 1)! in which f1 splits. But then f also splits in E and, by the Tower Law,

[E : F ] = [E : F1][F1 : F ] ≤ (n− 1)!n = n!,

as required. �

Before proving the uniqueness part, we give some examples:

Example. Find the degrees of the splitting fields of

(i) X3 − 1 over Q,

(ii) X3 − 2 over Q,

(iii) X3 − 2 over F5,

(iv) X3 − 3 over F13.

Solutions. Always remember to factorize the polynomial first.

(i) We have X3 − 1 = (X − 1)(X2 + X + 1), and the second factor is irreducible as the onlypossible roots are ±1 but neither is a root. Let ω = e2πi/3 be a root of X2 + X + 1 in C.Then Q(ω) is a splitting field, since

X3 − 1 = (X − 1)(X − ω)(X − ω2),

and [Q(ω) : Q] = 2, since ω has minimal polynomial X2 +X + 1 over Q, of degree 2.

20

(ii) In this case, X3 − 2 is irreducible by Eisenstein’s criterion with p = 2. The roots in C are3√

2, ω 3√

2 and ω2 3√

2, so the splitting field (in C) must contain ω = ω 3√23√2

. The splitting field

in C is Q( 3√

2, ω 3√

2, ω2 3√

2) = Q( 3√

2, ω) and we have a diagram:

E = Q( 3√

2, ω)

qqqqqqqqqqq

NNNNNNNNNNN

Q(ω)

2NNNNNNNNNNNNN Q( 3

√2)

3ooooooooooooo

Q

Note that here [Q( 3√

2) : Q] = 3 as 3√

2 has minimal polynomial X3 − 2. Then, by the TowerLaw, 6 divides [E : Q]. But, since X3 − 2 has degree 3, we know that its splitting field overQ has degree at most 3! = 6. Hence the degree is 6.

(iii) By trial and error, we find that −2 = 3 is the only root of X3 − 2 in F5 so we have afactorization

(X3 − 2) = (X + 2)(X2 − 2X − 1) in F5[X].

Moreover, the quadratic factor is irreducible since −2 is not a root so it has no roots in F5.Let β be a root of X2 − 2X − 1 in some extension of F5. Then the splitting field is F5(β),since

X3 − 2 = (X + 2)(X − β)(X − (2− β)) in F5(β)[X].

The degree is [F5(β) : F5] = 2, since β has minimal polynomial of degree 2 over F5.

(iv) Trial and error shows that X3 − 3 has no roots in F13 so X3 − 3 is irreducible in F13[X]. Ifα is a root in some extension, then so are 3α and 9α, because

(3α)3 = 27α3 = α3 and (9α)3 = 729α3 = α3

(since 13 = 0). Hence F13(α) is a splitting field:

X3 − 3 = (X − α)(X − 3α)(X − 9α) in F13(α)[X].

The degree is [F13(α) : F13] = 3, since α has minimal polynomial of degree 3 over F13.

�

Now we return to the proof of uniqueness of splitting fields. The problem with proving uniquenessby induction is the following: if we have a second splitting field constructed in the same way then, ateach stage in the construction, we have an isomorphic field (but not the same field) to which we willthen adjoin more roots. So we will need the following Lemma, which generalizes the classificationof algebraic simple extensions, to allow us to have two different (but isomorphic) base fields. It willalso prove very important later, when we look at automorphisms of fields.

Lemma 2.13. Let F1, F2 be fields and let φ : F1 → F2 be an isomorphism. Let f1 ∈ F1[X] be anirreducible polynomial and let f2 ∈ F2[X] be the (irreducible) polynomial obtained by applying φ tothe coefficients of f1. For i = 1, 2, let αi be a root of fi in some extension of Fi. Then there is aunique isomorphism

φ̂ : F1(α1) → F2(α2)

which extends φ and such that φ̂(α1) = α2.

21

Proof. By the classification of simple extensions (Theorem 2.9) we have isomorphisms

j1 : F1(α1)∼−→ F1[X]/ (f1(X))

g(α1) 7→ g(X) + (f1(X))

and

j−12 : F2[X]/ (f2(X)) ∼−→ F2(α2)

g(X) + (f2(X)) 7→ g(α2)(†)

Note that we have j1(α1) = X + (f1(X)) and j−12 (X + (f2(X))) = α2.

We are given the isomorphism φ : F1∼−→F2 and it extends to an isomorphism φ∗ : F1[X] ∼−→F2[X],

by applying φ to the coefficients of a polynomial; in particular, f2 = φ∗f1. We consider the map

ρ : F1[X]φ∗ // F2[X] π // F2[X]/ (f2(X))

g(X) � // φ∗g(X) + (f2(X)) ,

where π is the natural projection map. Then ρ is certainly a surjective homomorphism of rings sowe find its kernel:

ker (ρ) = {g ∈ F1[X] : φ∗g ∈ (f2(X))}= {g ∈ F1[X] : φ∗g = f2h for some h ∈ F2[X]}=

{g ∈ F1[X] : g = f1φ

−1∗ (h) for some h ∈ F2[X]

}= (f1(X)) ,

as φ is an isomorphism. By the First Isomorphism Theorem for rings, we get an isomorphism

ρ : F1[X]/ (f1(X)) ∼−→F2[X]/ (f2(X)) .

Putting this together with (†), we get the required isomorphism:

φ̂ : F1(α1)j1 // F1[X]/ (f1(X))

ρ // F2[X]/ (f2(X))j−12 // F2(α2)

g(α) � // g(X) + (f1(X)) � // φ∗g(X) + (f2(X)) � // φ∗g(α2).

Notice that, with g(X) = λ a constant in F1, we have φ∗g(X) = φ(λ) so φ̂(λ) = φ(λ) and φ̂ doesindeed extend φ. Moreover, with g(X) = X we have φ∗g(X) = φ(1)X = X also, so that φ̂(α1) = α2

as required. �

Finally, we are ready to prove the uniqueness of splitting fields. In fact, we will prove the following,slightly more general result:

Proposition 2.14. Let F1, F2 be fields and let φ : F1 → F2 be an isomorphism. Let f1 ∈ F1[X] bea polynomial and let f2 ∈ F2[X] be the polynomial obtained by applying φ to the coefficients of f1.For i = 1, 2, let Ei be a splitting field for fi over Fi. Then there is an isomorphism φ̂ : E1 → E2

which extends φ.

The uniqueness of splitting field follows by applying this Proposition with F1 = F2 = F , φ = id,the identity map, and f1 = f (so that f2 = f also); the conclusion of the Proposition is that anytwo splitting fields E1, E2 for f over F are isomorphic as extensions of F .

22

Proof. We proceed by induction on the degree n = [E1 : F1]. If n = 1 then E1 = F1 so f1 splitsalready over F1; then f2 also splits over F2 so E2 = F2 and we can take φ̂ = φ.

So suppose n > 1; then, in the factorization of f into irreducibles

f1(X) = p1(X) · · · pr(X) in F1[X],

with deg(p1) ≤ · · · ≤ deg(pr), we must have deg(pr) > 1. Notice that f2 has correspondingfactorization

f2(X) = q1(X) · · · qr(X) in F2[X],

where qi = φ∗pi. Let α1 be a root in E1 of pr(X) and let α2 be a root in E2 of qr(X) = φ∗pr(X).By Lemma 2.13, there is an isomorphism φ′ : F1(α1)

∼−→F2(α2) extending φ, and (by the TowerLaw) we have

[E1 : F1(α1)] =[E1 : F1]

[F1(α1) : F1]< [E1 : F1],

since [F1(α1) : F1] > 1. Since each Ei is a splitting field for fi over Fi(αi), we can apply theinductive hypothesis (with φ′ : F1(α1)

∼−→F2(α2) in place of φ : F1∼−→F2) to get an isomorphism

φ̂ : E1 → E2 which extends φ′. Since φ′ extends φ, this isomorphism φ̂ is as required. �

2.5 Normality

Definition 2.15. A finite extension E/F is normal if any irreducible polynomial f ∈ F [X] whichhas a root in E splits completely over E.

Note that normality is a property of the extension, not of the field. Also note that, to show thatan extension E/F is not normal, one need only find an irreducible polynomial in F [X] which hasa root in E but does not split over E. On the other hand, to prove that an extension is normal weneed some other characterization; this is given by the following Proposition:

Proposition 2.16. A finite extension E/F is normal if and only if E is the splitting field over Fof some polynomial in F [X].

Example. (i) Q( 3√

2) is not a normal extension of Q: the irreducible polynomial f(X) = X3−2has a root 3

√2 in Q( 3

√2) but does not split in Q( 3

√2), since the other roots of f in C are not

real.

(ii) Q( 3√

2, ω) is a normal extension of Q, since we have seen that it is the splitting field over Qof X3 − 2.

(iii) Q(√

2,√

3) is a normal extension of Q, since it is the splitting field over Q of (X2−2)(X2−3).

Proof of Proposition 2.16. Suppose E/F is normal and let {α1, . . . , αn} be a basis for E/F . Thencertainly E = F (α1, . . . , αn).

For each i, let fi be the minimal polynomial of αi over F ; since fi(X) is irreducible in F [X] andhas a root αi in E, it splits completely over E (by the normality of E/F ).

Put f(X) = f1(X) · · · fn(X), which splits completely in E. Moreover, E is generated over F by theroots of f , so f does not split in any intermediate field. Hence E is the splitting field of f over F .

23

Conversely, suppose E is the splitting field of f over F , and let α1, . . . , αn be the roots of f in A.Let p ∈ F [X] be irreducible with a root β ∈ E. We must show that p splits over E; to do this, wewill show that, if γ is a root of p in some extension of E, then in fact γ ∈ E.

We have the following diagram of fields:

Since p is irreducible and is the minimal polynomial ofβ and γ, we have F (β) ' F (γ). Also, E is the splittingfield of f over F (β), while E(γ) is the splitting field of fover F (γ) so, by applying Proposition 2.14, we see thatE and E(γ) are isomorphic.

Now we compare degrees:

[E : F ] = [E : F (β)][F (β) : F ]= [E(γ) : F (γ)][F (γ) : F ] = [E(γ) : F ].

Hence [E(γ) : E] = 1 so γ ∈ E.

E(γ)

vvvvvvvvv

5555

5555

5555

555

E

F (β)

HHHHHHHHH∼

F (γ)

wwwwwwwww

F

�

Remark. Suppose E/F is a finite extension of fields and E = F (α1, . . . αn), for some αi ∈ E. (Forexample, {α1, ..., αn} could be a basis for E over F .) For each i, let fi be the minimal polynomialof αi over F , and put f(X) = f1(X) · · · fn(X).

Let L be a splitting field for f over E. Note that L is also a splitting field for f over F : certainlyf splits over L so L contains a splitting field K for f over F ; but K must contain α1, . . . , αn socontain E and then K is a splitting field for f over E also, and K = L.

Then L/F is a normal extension containing E. Moreover, it is the smallest such extension, sinceany normal extension of F containing E must also contain all the roots of f .

This is extension L is called a normal closure of E/F . From the properties of splitting fields, wesee that it is unique upto isomorphism, as an extension of E.

For example, E = Q( 3√

2) is not a normal extension of Q. But X3 − 2 is the minimal polynomialof 3√

2 over Q, and the splitting field of X3 − 2 is Q( 3√

2, ω), where ω = e2πi/3. This field is then anormal closure for E/F .

2.6 Separability

Let f ∈ F [X] be a monic polynomial. In any splitting field, we can factorize

f(X) = (X − α1)m1 · · · (X − αr)mr ,

where α1, . . . , αr are the distinct roots of f and the mi are their multiplicities. The root αi is calleda simple root of f if it has multiplicity mi = 1. Note that, by the uniqueness of splitting fields,the multiplicities are independent of the choice of splitting field. We would like to know when apolynomial has only simple roots.

Definition 2.17. Let f ∈ F [X] be the polynomial

f(X) = anXn + · · ·+ a1X + a0.

24

The formal derivative f ′ ∈ F [X] is the polynomial

f ′(X) = nanXn−1 + · · ·+ a1.

The usual chain rule and product rule are valid for the formal derivative.

Proposition 2.18. Let f ∈ F [X] be a non-constant polynomial. The roots of f (in some splittingfield) are all simple if and only if f is coprime to its derivative f ′.

Proof. Let E be a splitting field for f over F and suppose α ∈ E is a root of f with multiplicitym, so we can write

f(X) = (X − α)mg(X), with g ∈ E[X] and g(α) 6= 0.

Thenf ′(X) = m(X − α)m−1g(X) + (X − α)mg′(X)

so

f ′(α) =

{0 if m > 1,g(α) 6= 0 if m = 1.

So α is a root of both f and f ′ if and only if it is not a simple root. Hence f and f ′ have a commonroot in E if and only if f has a multiple root. Since f splits over E, this says that f, f ′ are notcoprime in E[X] if and only if f has a multiple root. To finish we just need:

Lemma 2.19. Let f, g ∈ F [X] be polynomials and let E/F be an extension. Then the greatestcommon divisor rF of f, g in F [X] is the same as the greatest common divisor rE of f, g in E[X](up to scalars).

Proof. Since rF ∈ F [X]⊆E[X] is a common divisor of f, g in E[X], we certainly have that rFdivides rE . On the other hand, by the Euclidean algorithm in F [X], there are u, v ∈ F [X] suchthat fu+ gv = rF ; since rE divides f and g, it also divides rF . �

This also completes the proof of Proposition 2.18. �

Definition 2.20. A non-constant polynomial f ∈ F [X] is separable over F if all its irreduciblefactors over F have only simple roots (in any splitting field); otherwise, it is inseparable over F .

Proposition 2.18 shows that, if f ∈ F [X] is irreducible, then f is separable over F if and only if fis coprime to its derivative f ′. In fact, we can be more precise:

Proposition 2.21. Suppose f ∈ F [X] is irreducible and inseparable over F . Then charF = p, forsome prime number p, and there is a polynomial g ∈ F [X] such that f(X) = g(Xp).

Proof. Since f is inseparable over F , it is not coprime to its derivative f ′. Since f is irreducible,the greatest derivative of f, f ′ must be f . But, if f ′ 6≡ 0 then deg(f ′) < deg(f) so we cannot havef dividing f ′.

Hence we must have f ′ ≡ 0. Writing

f(X) = anXn + · · ·+ a1X + a0, an 6= 0

f ′(X) = nanXn−1 + · · ·+ a1 ≡ 0,

25

all the coefficients of f ′ must be 0. From the coefficient of Xn we get nan = 0 so that n = 0, sincean 6= 0; hence charF = p, for some p dividing n, and n = kp.

Now, from the coefficient of Xm−1 with p 6 |m, we get mam = 0 and, since m 6= 0, we must haveam = 0. Hence

f(X) = akpXkp + · · ·+ apX

p + a0 = g(Xp),

where g(X) = akpXk + · · ·+ apX + a0 ∈ F [X]. �

In particular, this implies that all polynomials over Q are separable. A good question we mightnow ask is: Are there any inseparable polynomials at all? To find one, Proposition 2.21 tells us weshould be looking at a field of positive characteristic.

So let F be a field of characteristic p 6= 0. Then the map

σ : F → F

x 7→ xp

is a homomorphism:

(xy)p = xpyp

(x+ y)p = xp + ( p1 )xp−1y + · · ·+ ( p

p−1)xyp−1 + yp = xp + yp

since p divides ( pi ) for 1 ≤ i ≤ p − 1. The map σ is called the Frobenius map. It is certainly

injective: if xp = 0 then x = 0.

If F is a finite field then (since any injective map between finite sets of the same cardinality isbijective) it is also surjective. [Indeed, if F = Fp, then σ is the identity map, by Fermat’s LittleTheorem.]

Suppose for now that σ is bijective and f(X) = g(Xp) = akXkp + · · · + a1X

p + a0 is a candidatefor an inseparable irreducible polynomial. Since σ is surjective, there exist bi ∈ F such thatai = σ(bi) = bpi , and then

f(X) = bpkXkp + · · ·+ bp1X

p + bp0 = (bkXk + · · ·+ b1X + b0)p

is not irreducible (which is absurd). Hence there is no inseparable polynomial in F [X].

Conversely, suppose every polynomial in F [X] is separable. Let a ∈ F and let E be the splittingfield over F of Xp− a. If b ∈ E is a root, then Xp− a = (X − b)p has a multiple root, so Xp− a isreducible in F [X]. Indeed, any irreducible factor in F [X] has only simple roots so must be X − b.Hence b ∈ F and σ(b) = bp = a. Therefore σ is surjective, and hence bijective.

We have proved:

Proposition 2.22. Let F be a field of characteristic p 6= 0. Then the Frobenius map σ is bijectiveif and only if every polynomial in F [X] is separable over F .

So we are still left with the question: Are there any inseparable polynomials? We certainly needa field of characteristic p which is not finite, and the simplest such field is F = Fp(t), the field ofrational functions over Fp. Here, we have

σ

(h(t)k(t)

)=

h(tp)k(tp)

26

so Im(σ) = Fp(tp), which is not the whole of F . Hence there are inseparable polynomials in F [X]and, to find one, we choose a polynomial of the form g(Xp) with coefficients not all in the imageof σ. The simplest such is

f(X) = Xp − t.

Note that this has no root in F , since t 6∈ Im(σ): if σ(

hk

)= t then h(tp) = tk(tp) which, on

comparing degrees, is absurd. If s is a root of f in some splitting field then Xp − t = (X − s)p sothe minimal polynomial over F of s is irreducible, but has s as a multiple root. Since this minimalpolynomial is an irreducible factor of f , the polynomial f is inseparable over F .

[In fact, a pleasant exercise shows that Xp − t is irreducible in F [X].]

Definition 2.23. Let E/F be an algebraic extension and let α ∈ E.

(i) α is separable over F if its minimal polynomial over F is separable over F .

(ii) E/F is separable if every element of E is separable over F .

(iii) F is perfect if every algebraic extension of F is separable

Putting together the results from above, we have a characterization of perfect fields:

Proposition 2.24. F is perfect if and only if: either charF = 0; or charF = p and the Frobeniusmap σ is bijective.

Proof. Suppose charF = 0, or charF = p and σ is bijective. Let E/F be an algebraic exten-sion, let α ∈ E×, and let f be the minimal polynomial over F of α. Then f is separable (byPropositions 2.21, 2.22), so E/F is separable and F is perfect.

Conversely, suppose F is perfect. Then every irreducible polynomial f ∈ F [X] is separable (sinceits splitting field is separable over F ) so, by Propositions 2.21, 2.22, either charF = 0, or charF = pand σ is bijective. �

We end with the following Lemma on towers of extensions, which you should compare with thesituation for normality (see Problem Sheet).

Lemma 2.25. Let E/F be a separable extension and let E ⊇ L ⊇ F be an intermediate extension.Then E/L and L/F are both separable.

Proof. If α ∈ L then α ∈ E so (by separability of E/F ) the minimal polynomial over F of α isseparable. Hence L/F is separable.

If α ∈ E, let mF be the minimal polynomial over F of α, which has only simple roots since E/F isseparable. Let mL be the minimal polynomial over L of α. Since mF ∈ F [X]⊆L[X], we have thatmL divides mF , so mL also has only simple roots. Hence E/L is separable. �

27

3 Galois theory

3.1 Automorphisms of field extensions

Definition 3.1. Let E/F be a field extension. An F -automorphism of E is an isomorphismσ : E → E such that σ(x) = x for all x ∈ F . We write Aut(E/F ) for the set of F -automorphismsof E.

Note that Aut(E/F ) is actually a group, with composition:

• If σ, τ ∈ Aut(E/F ) then so is στ = σ ◦ τ : it is certainly an isomorphism from E to itself,while στ(x) = σ(τ(x)) = σ(x) = x, for x ∈ F .

• The map 1 : E → E, given by 1(e) = e for all e ∈ E, is the identity element of Aut(E/F ).

• If σ ∈ Aut(E/F ) then σ−1 ∈ Aut(E/F ) as σ−1(x) = σ−1(σ(x)) = 1(x) = x, for x ∈ F .

An easy example is given by Aut(C/R), which is a group with two elements: the identity mapand complex conjugation. We have also seen another example: if F has characteristic p and theFrobenius map σ is bijective, then it is an Fp-automorphism of F .

Lemma 3.2. Let E/F be a field extension, let α ∈ E be algebraic over F , and let σ ∈ Aut(E/F ).Then σ(α) ∈ E is a root of the minimum polynomial of α over F .

Proof. Let f(X) = Xn + an1Xn−1 + · · ·+ a1X + a0 ∈ F [X] be the minimum polynomial over F of

α. Then

f(σ(α)) = (σ(α))n + an1(σ(α))n−1 + · · ·+ a1σ(α) + a0

= σ(αn) + σ(an1)σ(αn−1) + · · ·+ σ(a1)σ(α) + σ(a0)= σ(αn + an1α

n−1 + · · ·+ a1α+ a0)= σ(f(α)) = σ(0) = 0.

�

Now suppose that E = F (α1, . . . , αn) is a finite extension of F . Then

• any σ ∈ Aut(E/F ) must map each αi to a root of its minimum polynomial over F ;

• σ ∈ Aut(E/F ) is uniquely determined by specifying σ(α1), . . . , σ(αn), since any element ofE can be written in terms of α1, . . . , αn and elements of F , while σ is a homomorphism.

Example. (i) Aut(Q(√−2)/Q) has at most two elements, since

√−2 must be mapped to either

±√−2 (as these are the roots of X2 + 2, the minimum polynomial of

√2 over Q), and

specifying which one of these occurs determines the automorphism. Indeed, there are two:the identity map 1, and the map σ given by

σ(a+ b√−2) = a− b

√−2.

Note that we do need to check that σ is a homomorphism (Exercise).

28

(ii) Aut(Q( 3√

2)/Q) has only the identity map, as 3√

2 has minimum polynomial X3 − 2 over Q,whose only root in Q( 3

√2) is 3

√2 and hence 3

√2 can only be mapped to itself.

(iii) Put F = Fp(t) and let E be the splitting field over F of Xp−t. Then E = F (s), where sp = t,since Xp− t = (X− s)p splits in F (s). The minimum polynomial over F of s is Xp− t, whichhas only the root s in E. Hence any F -automorphism of E maps s to itself, so must be theidentity, i.e. Aut(E/F ) = {1}.

Notice that, in (ii), we have few automorphisms as the extension is not normal: the other roots ofX3 − 2 are not there for us to map 3

√2 to.

In (iii), we have few automorphisms as the extension is not separable: there are no other roots ofXp − t for us to map s to.

Since the problem in (ii) was that the extension is not normal, this suggests that we might want tolook at Aut(Q( 3

√2, ω)/Q), since this extension is normal (it is the splitting field over Q of X3− 2).

For this we need to recall Lemma 2.13:

Lemma 2.13. Let F1, F2 be fields and let φ : F1 → F2 be an isomorphism. Let f1 ∈ F1[X] be anirreducible polynomial and let f2 ∈ F2[X] be the (irreducible) polynomial obtained by applying φ tothe coefficients of f1. For i = 1, 2, let αi be a root of fi in some extension of Fi. Then there is aunique isomorphism

φ̂ : F1(α1) → F2(α2)

which extends φ and such that φ̂(α1) = α2.

We have the following tower of fields:

We consider this tower because Q(ω)/Q is normal, whichis not true of Q( 3

√2)/Q; this normality makes the follow-

ing work easier.

Since ω has minimum polynomial X2 + X + 1 over Q,with roots ω, ω2, we can apply Lemma 2.13 to:

E = Q( 3√

2, ω)

3

F = Q(ω)

2

Q

F1 = F2 = Q, φ = 1, f1(X) = f2(X) = X2 +X + 1, α1 = ω, α2 = ω or ω2.

Notice that Q(ω2) = Q(ω) = F . Then the two choices for α2 give us two Q-automorphisms of F ,1 and c, where

1 : ω 7→ ω, c : ω 7→ ω2.

These are, of course, the only possibilities, since the minimum polynomial of ω has just the tworoots ω, ω2. (Notice also that c is just complex conjugation.)

Now we apply Lemma 2.13 again, to

F1 = F2 = F, φ = 1 or c, f1(X) = f2(X) = X3 − 2, α1 = 3√

2, α2 = 3√

2 or ω 3√

2 or ω2 3√

2.

Note that this is valid, since X3 − 2 is irreducible in F [X] (since E = F ( 3√

2) has degree 3 over F )and applying c to the coefficients of X3 − 2 does not change it.

For each choice of φ and each choice of α2, we get an isomorphism ψ : E ∼−→E which extends φand maps α1 to α2. Since φ extends 1 : F → F , each of these maps ψ is an F -automorphism of E.

29

Altogether, we get 6 such automorphisms, given by

1 : ω → ω,3√

2→ 3√

2 τ : ω → ω2,3√

2→ 3√

2σ : ω → ω,

3√

2→ ω3√

2 ρ : ω → ω2,3√

2→ ω3√

2ν : ω → ω,

3√

2→ ω2 3√

2 λ : ω → ω2,3√

2→ ω2 3√

2

Moreover, this is all the automorphisms since there are only 2 choices for the image of ω and only3 for the image of 3

√2, and these two images determine a Q-automorphism uniquely so there are at

most 3 ∗ 2 = 6 automorphisms.

Now that we know the size of Aut(E/F ), we can ask about its structure as a group. There are (upto isomorphism) only two groups of order 6: the cyclic group C6 and the symmetric group S3. Wenotice that

τ2 : ω τ−→ ω2 τ−→ (τ(ω))2 = ω4 = ω,3√

2 τ−→ 3√

2 τ−→ 3√

2

so τ2 = 1. Similarly, we see that σ2 = ν, σ3 = 1, τσ = λ = σ2τ and τσ2 = ρ = στ . Hence

Aut(E/Q) = {1, σ, σ2, τ, στ, στ2},

where σ3 = τ2 = 1 and στ = τσ2. This is non-abelian so cannot by C6, and we can see an explicitisomorphism with S3 by mapping

σ ↔ (1 2 3), τ ↔ (2 3).

Remark. In general, suppose F is a field, f ∈ F [X] and E is the splitting field over F of f . Letα1, . . . , αn be the roots of f in E, so that E = F (α1, . . . , αn). Then any F -automorphism of Emust permute the roots α1, . . . , αn and, moreover, it is uniquely determined by this permutation.Hence we get an injective homomorphism

Aut(E/F ) ↪→ Sn

by mapping σ ∈ Aut(E/F ) to the permutation s given by σ(αi) = αs(i). (You should check this is ahomomorphism.) Writing H for the image of this map, we see that H ' Aut(E/F ), i.e. Aut(E/F )is isomorphic to a subgroup of Sn.

We could have used this in the previous example: Aut(E/Q) has 6 elements and is isomorphic toa subgroup of S3, which itself has 6 elements. This subgroup must then be the whole of S3 soAut(E/Q) ∼= S3.

We return to some general theory. Let E/F be an extension of degree n and let σ ∈ Aut(E/F ).Notice then that σ is an F -linear map from E to E: for λ ∈ F and e1, e2 ∈ E,

σ(λe1 + e2) = σ(λ)σ(e1) + σ(e2) = λσ(e1) + σ(e2),

as σ is a homomorphism and fixes every element of F .

Write EndF (E) for the set of all F -linear maps from E to E. This is a vector space over F ofdimension dim F (EndF (E)) = n2, but it is also a vector space over E: for φ ∈ EndF (E) and e ∈ E,we can define eφ ∈ EndF (E) by

(eφ)(x) = eφ(x), for x ∈ E.

[It is an easy exercise to check that this map eφ is still F -linear and that this scalar multiplicationmakes EndF (E) into a vector space over E.]

Claim As a vector space over E, the dimension of EndF (E) is dim E(EndF (E)) = n.

30

Proof. Let {e1, . . . , en} be an F -basis for E, with e1 = 1. For i = 1, . . . , n, define φi ∈ EndF (E) by

φi(ej) = δij =

{1 if j = i;0 otherwise.

We claim that {φ1, . . . , φn} is an E-basis for EndF (E).

Linear Independence Suppose λi ∈ E are such that∑n

i=1 λiφi = 0 (the zero map). Evaluatingat ej , we get

0 =n∑

i=1

λiφi(ej) =n∑

i=1

λiδij = λj .

Spanning Let φ ∈ EndF (E) and put λi = φ(ei) ∈ E. Then we claim φ =∑n

i=1 λiφi; we check thisby evaluating at each ej :

n∑i=1

λiφi(ej) =n∑

i=1

λiδij = λj = φ(ej).

�

Lemma 3.3 (Dedekind’s Lemma). Any set of distinct automorphisms of E is linearly independentover E.

Since we have seen that dim E(EndF (E)) = [E : F ], we immediately get:

Corollary 3.4. Suppose E/F is a field extension of degree n. Then there are at most n distinctf-automorphisms of E.

Proof of Lemma 3.3. Let {σi} be a set of distinct automorphisms of E and suppose they are linearlydependent. Take a minimal linearly dependent subset {σ1, . . . , σn} so that we can write

σ1 =n∑

i=2

eiσi, for some ei ∈ E×

but σ2, . . . , σn are linearly independent.

From the above, we have

σ1(x) =n∑

i=2

eiσi(x), for all x ∈ E. (∗)

Let y ∈ E. Replacing x by xy in (∗), we get

σ1(x)σ1(y) =n∑

i=2

eiσi(x)σi(y), for all x ∈ E, (†)

and, doing σ1(y)(∗)−(†), we get

0 =n∑

i=2

ei (σ1(y)− σi(y))σi(x), for all x ∈ E.

31

But then the linear independence of σ2, . . . , σn implies that

ei (σ1(y)− σi(y)) = 0, for i = 2, . . . , n.

Moreover, this is true for all y ∈ E and, since σi 6= σ1, for each i = 2, . . . , n, there is some y ∈ Esuch that σi(y) 6= σ1(y). Hence ei = 0, for i = 2, . . . , n and, substituting back into the originallinear dependence, we get σ1 = 0, which is absurd. [The zero map 0 is not an isomorphism!] �

Now we know that, if E/F is an extension of degree n, the group Aut(E/F ) has at most n elements.We would like a criterion to determine when it indeed has n elements. This is given by the nextTheorem.

Theorem 3.5. Let E/F be an extension of degree n. If E/F is normal and separable then thereare n distinct F -automorphisms of E.

Remark. There is also a converse to this Theorem: if |Aut(E/F )| = [E : F ] then E/F is normaland separable. The proof is no harder than other proofs in this course but is nevertheless omitted– you can look it up in a book.

Theorem 3.5 is in fact an immediate corollary of the following more general result, applied withF1 = F2 = F , φ the identity map, and E1 = E2 = E:

Proposition 3.6. Let φ : F1∼−→F2 be an isomorphism, E1/F1 an extension of degree n, and E2/F2

an isomorphic extension (that is, there is an isomorphism φ̂ : E1∼−→E2 which extends φ). If E1/F1

is normal and separable, then there are n distinct isomorphisms E1∼−→E2 which extend φ.

Proof. The proof is by induction on n, the base case n = 1 being trivial. So suppose n > 1 andchoose α ∈ E1 \F1. Let f1(X) be the minimum polynomial over F1 of α, of degree r = deg(f1) > 1,and put f2 = φ∗f1, the polynomial in F2[X] obtained by applying φ to the coefficients of f1.

Since E2/F2 is isomorphic to E1/F1, it is normal and separable, so f2 has r distinct roots β1, . . . , βr

in E2. By Lemma 2.13, there are r (distinct) isomorphisms f1(α) ∼−→F2(βi) extending φ.

Now we need:

Lemma 3.7. Let φ : F1∼−→F2 be an isomorphism, E1/F1 a normal extension and E2/F2 an

isomorphic extension. Let L1/F1 be a subfield of E1 and let L2 be a subfield of E2 such that thereexists ψ : L1

∼−→L2 extending φ. Then there is an isomorphism E1∼−→E2 which extends ψ.

Proof. This is almost immediate from Proposition 2.14. By Proposition 2.16, E1 is the splittingfield over F1 of some polynomial f1(X). Then E2 is the splitting field over F2 of f2(X) = φ∗f1(X).But then, also, Ei is the splitting field over Li of fi(X), for i = 1, 2. Moreover, since ψ extends φ,we have ψ∗f1(X) = φ∗f1(X) = f2(X). Now Proposition 2.14 tells us that there is an isomorphismψ̂ : E1

∼−→E2 which extends ψ. �

We return to the proof of Proposition 3.6. By Lemma 3.7, the extensions E1/F1(α) and E2/F2(βi)are isomorphic, for each i = 1, . . . , r. Moreover, E1/F1(α) is normal (by q.14(ii) on the problemsheet) and separable (by Lemma 2.25) of degree n/r < n so we can apply the inductive hypothe-sis: each isomorphism F1(α) ∼−→F2(βi) extends in n/r distinct ways to an isomorphism E1

∼−→E2.Altogether, this gives us (n/r)r = n isomorphisms E1

∼−→E2 which extend φ. �

32

3.2 The Galois correspondence

Let E/F be an extension and put G = Aut(E/F ).

• Given L an intermediate field E ⊇ L ⊇ F , we can consider

H = Aut(E/L) = {σ ∈ G : σ(l) = l for all l ∈ L},

which is clearly a subgroup of Aut(E/F ).

• Conversely, given a subgroup H of G, we can consider

EH = {x ∈ E : σ(x) = x for all σ ∈ H}.

This is a subfield of E containing F : if x, y ∈ EH and σ ∈ H then

σ(xy) = σ(x)σ(y) = xy; σ(x+y) = σ(x)+σ(y) = x+y; σ(x−1) = σ(x)−1 = x−1.

These correspondences have the following properties:

(i) They are order-reversing:

• if E ⊇ L1 ⊇ L2 ⊇ F then Aut(E/L1)⊆Aut(E/L2);• if H1 ≤ H2 ≤ G then EH1 ⊇ EH2 .

(ii) We haveEAut(E/L) ⊃ L and Aut(E/EH) ⊃ H.

We would like to know when we actually have equalities in (ii), for then we would have a bijectionbetween intermediate fields and subgroups of G. For the second one we have:

Theorem 3.8 (Artin’s Theorem). Let E be a field and G a finite group of automorphisms of E.Then

[E : EG] = |G|.

In particular, since G⊆Aut(E/EG), we have

|G| ≤ |Aut(E/EG)| ≤ [E : EG] = |G|.

Hence we have equality throughout and Aut(E/EG) = G.

Proof. Put F = EG. Certainly G⊆Aut(E/F ) so, by Corollary 3.4, we have [E : F ] ≥ |G|.Put r = |G| and suppose, for contradiction, that [E : F ] > r; hence there are r + 1 elementse0, . . . , er ∈ E which are linearly independent over F . Consider the r homogeneous linear equations(one for each choice of σ ∈ G) in r + 1 variables xi given by

σ(e0)x0 + · · ·+ σ(er)xr = 0, for σ ∈ G. (‡)

Since there are more variables than equations, these have a non-trivial solutions xj = aj ∈ E. Wemay assume we have picked the non-trivial solution with the fewest non-zero terms; similarly (byrelabelling), we may assume a0 6= 0. Then rearranging (‡) and setting bj = −aj/a0, we get

σ(e0) =r∑

j=1

bjσ(ej), for all σ ∈ G. (§)

33

Putting σ = 1, the identity map, we get

e0 =r∑

j=1

bjej .

Since {e0, . . . , er} are linearly independent over F , not all bj are in F so, by reordering again, wemay assume b1 6∈ F .

Since F = EG and b1 6∈ F , there exists τ ∈ G such that τ(b1) 6= b1. Now we apply τ to (§) and get

τσ(e0) =r∑

j=1

τ(bj)τσ(ej), for all σ ∈ G.

But, as σ runs through the elements of G, so does τσ. Hence, replacing σ by τ−1σ, we get

σ(e0) =r∑

j=1

τ(bj)σ(ej), for all σ ∈ G. (¶)

Now we subtract (¶) from (§) to get

0 =r∑

j=1

(bj − τ(bj))σ(ej), for all σ ∈ G.

But, since (b1−τ(b1)) 6= 0, this gives us a non-trivial solution to our original system of equations (‡)with fewer non-zero terms, a contradiction. �

For the other containment, we have:

Proposition 3.9. Suppose E/F is a finite extension of degree n. If E/F is normal and separablethen F = EAut(E/F ).

In fact, the converse is also true, though we will not use it.

Proof. Since E/F is normal and separable, |Aut(E/F )| = [E : F ] = n, by Theorem 3.5. Onthe other hand, by Artin’s Theorem 3.8, [E : EAut(E/F )] = |Aut(E/F )| = n. Then, since F ⊆EAut(E/F ), the Tower Law give us

[EAut(E/F )] =[E : F ]

[E : EAut(E/F )]=

n

n= = 1,

so EAut(E/F ) = F . �

Definition 3.10. We say that a finite extension is Galois if it is normal and separable. In thecase, we write Gal(E/F ) for Aut(E/F ), and call it the Galois group of E/F .

We have now proved most of the main Theorem of the course:

Theorem 3.11 (Fundamental Theorem of Galois Theory). Let E/F be a Galois extension of fieldsand put G = Gal(E/F ).

34

(i) The maps

L 7−→ Gal(E/L)EH ←− H

are mutually inverse order-reversing bijections between

{intermediate fields F ⊆ L ⊆ E} ←→ {subgroups of G} .

(ii) If F ⊆ L ⊆ E is an intermediate extension, then [E : L] = |Gal(E/L)|.

(iii) If F ⊆ L ⊆ E is an intermediate extension, then the extension L/F is Galois if and only ifN = Gal(E/L) is a normal subgroup of G, in which case Gal(L/F ) ∼= G/N .

Proof. (i) and (ii) are given by Artin’s Theorem 3.8 and Proposition 3.9. For (iii), we need twolemmas:

Lemma 3.12. In the situation of Theorem 3.11, L/F is normal if and only if σ(L) = L for allσ ∈ G.

Proof. Note that σ(L) is always some intermediate field between F and E.

(⇒) If α ∈ L ⊆ E then, since L/F is normal and the minimum polynomial f of α over F has aroot in L, it splits completely in L and all its roots are in L. But σ(α) is one of the roots of f , soσ(α) ∈ L. This shows σ(L) ⊆ L, for all σ ∈ G, but then also σ−1(L) ⊆ L so

L = σ(σ−1(L)) ⊆ σ(L) ⊆ L,

and we have equalities.

(⇐) Suppose f ∈ F [X] is irreducible and has a root α ∈ L. Let β ∈ E be any other root of f .(Note that f splits over E since E/F is normal.) There is then an isomorphism σ@F (α) → F (β)such that σ(α) = β and, since E/F is normal, this extends to some σ̂ ∈ Gal(E/F ), by Lemma 3.7.Hence β = σ̂(α) ∈ σ̂(L) = L. Since this is true for all roots, f splits over L. �

Lemma 3.13. In the situation of Theorem 3.11, let H be a subgroup of G, put L = EH , and letσ ∈ G. Then σ(L) = EσHσ−1

(or, equivalently, Gal(E/σ(L)) = σHσ−1).

Proof.

σ(L) = {x ∈ E : x = σ(l) for some l ∈ L}= {x ∈ E : σ−1(x) ∈ L}= {x ∈ E : ∀τ ∈ H, τ(σ−1(x)) = σ−1(x)}= {x ∈ E : ∀τ ∈ H, στσ−1(x) = x}= {x ∈ E : ∀ϕ ∈ σHσ−1, ϕ(x) = x}= EσHσ−1

.

�

35

Now we can complete the proof of Theorem 3.11(iii). Firstly,

L = EN is normal iff σ(L) = l, ∀ σ ∈ G (by Lemma 3.12)iff Gal(E/σ(L)) = Gal(E/L), ∀ σ ∈ G (since we have a bijection in (i))iff σNσ−1 = N, ∀ σ ∈ G (by Lemma 3.13)iff N is normal in G.

For the final part, we define a homomorphism ρ : G→ Gal(L/F ) simple by restriction (as L ⊆ E).Given any φ̄ ∈ Gal(L/F ), we can (by Lemma 3.7) extend it to φ ∈ Gal(E/F ) (since E/F is normal)so the map ρ is surjective.

On the other hand

Ker (ρ) = {σ ∈ G : σ|L = 1} = {σ ∈ G : σ(l) = L ∀ l ∈ L} = Gal(E/L) = N.

So, by the First Isomorphism Theorem, Gal(L/F ) ∼= G/Ker (ρ) ∼= G/N . �

If f ∈ F [X] and E is a splitting field for f over F , then we sometimes call Gal(E/F ) the Galoisgroup of f over F . Note that this is independent (up to isomorphism) of the choice of splittingfield E, since all splitting fields are isomorphic as extensions of F .

3.3 Examples

For each of the following polynomials f ∈ Z[X], we find: a splitting field E over Q; the Galoisgroup of f over Q; and all intermediate fields Q ⊆ L ⊆ E. We also,identify those subfields forwhich L/Q is Galois and, in that case, find Gal(L/Q).

(i) f(X) = X4 − 2

The splitting field is E = Q(ξ, i), where ξ = 4√

2, since the roots of X4 − 2 are ±ξ,±iξ. This hasdegree 8 over Q so, writing G = Gal(E/Q), we have |G| = 8.

Any automorphism is uniquely determined by its action on ξ and i, and it must map i to ±i andξ to one of the four roots of X4 − 2. Hence there are at most 8 possible automorphisms. Since wealready know there are exactly 8 automorphisms, each of the possibilities must occur. Hence thereare automorphism σ, τ ∈ G with:

σ(i) = i, σ(ξ) = iξ; τ(i) = −i, τ(ξ) = ξ.

Then we can easily check that

G = {1, σ, σ2, σ3, τ, τσ, τσ2, τσ3}= 〈σ, τ : σ4 = 1, τ2 = 1, τσ = σ3τ〉' D8

the dihedral group with 8 elements.

Remark Since G is a subgroup of S4, we could ask to identify it as such. Numbering the rootsξ, iξ,−ξ,−iξ as 1, 2, 3, 4 respectively, we see that

σ = (1 2 3 4), τ = (2 4)

36

andG = {1, (1 2 3 4), (1 3)(2 4), (1 4 3 2), (2 4), (1 4)(2 3), (1 3), (1 2)(3 4)}.

Advanced Remark Since |G| is a power of 2 and |S4|/|G| = 3 is coprime to 2, the group G is aSylow 2-subgroup of S4. Then Sylow’s Theorem says that all Sylow 2-subgroups of S4 are conjugate(so isomorphic) so G is isomorphic to D8.

The subgroups of G = D8 are as follows:

• Order 8 G = D8.

• Order 4 A = 〈σ〉, B = 〈σ2, τ〉, C = 〈σ2, τσ〉.

• Order 2 D = 〈σ2〉, J = 〈τ〉, F = 〈τσ〉, H = 〈τσ2〉, K = 〈τσ3〉.

• Order 1 {1}.

The normal subgroups are A,B,C,D. Then we have subgroup and subfield lattices:

{1}

ooooooooooooooo

}}}}

}}}}

AAAA

AAAA

OOOOOOOOOOOOOO E

llllllllllllllll

{{{{

{{{{

CCCC

CCCC

QQQQQQQQQQQQQQQQQ

H

????

????

J D

||||

||||

BBBB

BBBB

F K

����

����

EH

FFFFFFFF EJ ED

zzzz

zzzz

DDDD

DDDD

EF EK

zzzz

zzzz

B

BBBB

BBBB

A C

||||

||||

EB

DDDD

DDDD

EA EC

zzzz

zzzz

G Q

Degree 2 There are some obvious subfields of degree 2 over Q, namely Q(i), Q(√

2) since ξ2 =√

2,and Q(i

√2). To identify which is which, we see by which elements of G they are fixed:

σ(i) = i, so i is fixed by A = 〈σ〉 and Q(i) = EA.

Similarly, since√

2 = ξ2 and τ(ξ) = ξ, we have τ(√

2) =√

2; since τ ∈ B but τ 6∈ C, we must haveQ(√

2) = EB. Hence the last one is Q(i√

2) = EC .

Degree 4 Again, there are some obvious subfields of degree 4 over Q, namely Q(ξ) and Q(iξ). Sinceτ(ξ) = ξ, we have Q(ξ) = EJ ; similarly, τσ2(iξ) = iξ so Q(iξ) = EH .

To find ED, we notice that is contains EA, EB and EC , so it contains i and√

2. Then ED =Q(i,√

2), since this field has degree 4 over Q.

To find EF , we look for elements in E which are fixed by τσ. We notice that τσ(ξ) = τ(iξ) =τ(i)τ(ξ) = −iξ so (since τσ has order 2), ξ − iξ is fixed by τσ. Hence

EF ⊇ L = Q((1− i)ξ).

To see that we actually have equality, we notice that E = L(i), since ξ =(1− i)ξ1− i

∈ L(i), so that

[E : L] ≤ 2. Since also [E : EF ] = 2 and L ⊆ EF , we get L = EF , as required.

Similarly, we get EK = Q((1 + i)ξ).

37

Altogether, we get the subfield lattice:

E

iiiiiiiiiiiiiiiiiiiiii

rrrrrrrrrrr

NNNNNNNNNNNNN

WWWWWWWWWWWWWWWWWWWWWWWWWW

Q(iξ)

HHHHHHHHHQ(ξ) Q(i,

√2)

ttttttttt

MMMMMMMMMMQ((1− i)ξ) Q((1 + i)ξ)

ooooooooooo

Q(√

2)

KKKKKKKKKKKQ(i) Q(i

√2)

pppppppppppp

Q

As remarked above, the normal subgroups are A,B,C,D. The quotient groups G/A, G/B andG/C all have 2 elements so must be cyclic of order 2. The quotient group G/D = Gal(ED/Q) hasorder 4 so could be either the cyclic group C4 or the Klein 4-group V4; there are several ways tosee that it is in fact V4:

• We have G/D = {D, τD, σD, τσD} and we notice that (τD)2 = τ2D = 1D = D and(σD)2 = σ2D = D, since σ2 ∈ D; hence all non-identity elements have order 2 and G/D ' V4.

• ED has three subfields of index 2 so the group G/D has three subgroups of order 2; but C4

has only one subgroup of order 2 so G/D ' V4.

(ii) f(X) = X9 − 1

The roots of f in C are the ninth roots of unity: writing ζ = e2πi/9, the roots are 1, ζ, ζ2, ..., ζ8.Hence the splitting field is E = Q(ζ). To find its degree, we need to find the minimum polynomialof ζ. Notice that f factorizes as

f(X) = (X3 − 1)(X6 +X3 + 1),

with 1, ζ3, ζ6 roots of the first factor. Moreover, the second factor g(X) = X6+X3+1 is irreduciblesince

g(X + 1) = X6 + 6X5 + 154 + 21X3 + 18X2 + 9X + 3

is irreducible by Eisenstein’s criterion with p = 3. Hence g(X) is the minimum polynomial of ζand E = Q(ζ) has degree 6 over Q. Put G = Gal(E/Q), of order 6.

Since any automorphism in G is determined by its action on ζ, and since ζ must be sent to one ofthe roots of g(X), which are ζ, ζ2, ζ4, ζ5, ζ7, ζ8, each of these 6 possibilities must occur. Let σ bethe automorphism in G with σ(ζ) = ζ2. Then

σ : ζ 7→ ζ2 7→ ζ4 7→ ζ8 7→ ζ16 = ζ7 7→ ζ14 = ζ5 7→ ζ10 = ζ

so σ has order 6 and

G = {1, σ, σ2, σ3, σ4, σ5} = 〈σ : σ6 = 1〉 ' C6

is cyclic of order 6.

Remark Notice that σ : ζ 7→ ζ2 and 2 is a generator of (Z/9Z)×, the multiplicative group modulo9.

38

We have subgroup and subfield lattices:

{1}3

uuuuuuuuu2

IIIIIIIII E

3

ttttttttttt2

JJJJJJJJJJJ

H = 〈σ2〉

2 JJJJJJJJJJ〈σ3〉 = J

3uuuuuuuuuu

EH

2 KKKKKKKKKKK EJ

3sssssssssss

G Q

We look for elements of E fixed by H – that is, fixed by σ2. We have

σ2 : ζ 7→ ζ4 7→ ζ7 7→ ζ

so σ2 fixes ζ + ζ4 + ζ7. But, unfortunately, ζ + ζ4 + ζ7 = ζ(1 + ζ3 + ζ6) = ζg(ζ) = 0, so this doesnot help. However, σ2 also fixes ζ.ζ4.ζ7 = ζ12 = ζ3 = ω, which is not zero. Since ω has minimalpolynomial X2 +X + 1, we have [Q(ω) : Q] = 2 and EH = Q(ω).

Since G is abelian, all subgroups are normal. We have Gal(Q(ω)/Q) = G/H which has 2 elements,so it is cyclic of order 2.

Now we look for elements of E fixed by σ3; since σ3(ζ) = ζ8 we have η = ζ + ζ8 fixed by σ3 andEJ ⊇ L = Q(η). On the other hand, E = L(ζ) and ζ is a root of

(X − ζ)(X − ζ8) = X2 − ηX + 1 ∈ L[X].

Hence [E : L] ≤ 2 and, since [E : EJ ] = 2, we have EJ = Q(η).

Here Gal(Q(η)/Q) = G/J has 3 elements, so is cyclic of order 3.

Remark Since Q(η) has degree 3 over Q, η must have minimal polynomial of degree 3. In orderto find it, we notice that

η3 = (ζ + ζ8)3 = ζ3 + 3ζ + 3ζ8 + ζ6 = 3η − 1

since ζ6 + ζ3 = −1. Hence η is a root of

X3 − 3X + 1.

Note that this is then a cubic irreducible polynomial with Galois group C3.

3.4 Further results

We have seen that several small groups can be obtained as Galois groups of polynomials. We alsoknow that the Galois group of a polynomial of degree n is a subgroup of Sn. But can any subgroupof Sn be a Galois group?

Example 3.14 (The General Polynomial of degree n). Let F be a field and E = F (t1, . . . , tn) ={rational functions in indeterminates t1, . . . , tn}. Clearly, G = Sn acts on E by permuting theindeterminates t1, . . . , tn. Put K = EG, the field of symmetric rational functions of t1, . . . , tn. ByArtin’s Theorem 3.8, we have [E : K] = |G| = n!.

On the other hand, we have the elementary symmetric functions si defined by

f(X) = (X − t1) · · · (X − tn) = Xn − s1Xn−1 + s2Xn−2 − · · ·+ (−1)nsn

39

with

s1 = t1 + t2 + · · ·+ tn,

s2 =∑

1≤i<j≤n

titj ,

...sn = t1 · · · tn.

Put L = F (s1, ..., sn) ⊆ K. Notice that E is the splitting field over L of f(X) ∈ L[X], so[E : L] ≤ n!. Hence L = K, the degree [E : L] = n! and Gal(E/L) = Sn.

Remarks. (i) This also shows that any subgroup of Sn can be obtained as a Galois group: IfH ≤ G = Sn then put M = EH ; then Gal(E/M) = H and, since E/M is normal, it isthe splitting field of some polynomial in M [X]. Moreover, Cayley’s Theorem says that everyfinite group is a subgroup of some Sn so this means that every finite group can be obtainedas a Galois group.

(ii) On the other hand, this still leaves open the question of which Galois groups can be obtainedif we fix the base field. For example, which groups can be obtained as Gal(E/Q)? This iscalled the Inverse Galois Problem and is still an open question.

We finish this section with a criterion for the irreducibility of a polynomial f(X) ∈ F [X] in termsof its Galois group G over F . We say that G acts transitively on the roots of f if, for all roots α, βof f , there is an automorphism σ ∈ G such that σ(α) = β – that is, the roots of f form a singleorbit under the action of G.

Lemma 3.15. Let F be a polynomial in F [X] with no repeated roots. Then f is irreducible overF if and only if its Galois group acts transitively on the roots of f .

Proof. Let α1, . . . , αn be the roots of f in some splitting field E and put G = Gal(E/F ).

Suppose first that f is irreducible in F [X], so f is the minimum polynomial of αi, for each i. ByLemma 2.13, for any i, j there is an isomorphism σ : F [αi]

∼−→F [αj ] such that σ(αi) = αj and, byLemma 3.7, this can be extended to σ̂ ∈ G (which maps αi to αj). Hence G acts transitively onthe roots of f .

Conversely, suppose G acts transitively on the roots of f and let m(X) be the minimum polynomialover F of α1. Let σi ∈ G be such that σ(α1) = αi; then, since m ∈ F [X] and σi fixes F ,

m(αi) = m(σi(α1)) = σi(m(α1)) = σi(0) = 0.

Hence all of α1, . . . , αn are roots of m and, since the roots are distinct, f divides m. But m isirreducible so f must be a scalar multiple of m and, since m is irreducible, f is irreducible also. �

For example, we saw in the example on the splitting field of X4−2 that G = Gal(Q(i,√

2)/Q) ' V4,with automorphisms given by

1 :√

2 7→√

2, i 7→ i, τ :√

2 7→√

2, i 7→ −i,σ2 :

√2 7→ −

√2, i 7→ i, τσ2 :

√2 7→ −

√2, i 7→ −i.

Now Q(√

2, i) is the splitting field over Q of (X2 − 2)(X2 + 1) = X4 −X2 − 2, which is reducible,and G does not act transitively on the roots – there are two orbits {±

√2} and {±i}.

40

4 Solving polynomials by radicals

A polynomial f in F [X] is said to be solvable by radicals over F if all the roots can be obtained byfield operations and extracting nth roots (for various n).

For example, any quadratic polynomial is solvable by radicals over Q, since we have a quadraticformula: f(X) = X2 + aX + b has roots

−a±√a2 − 4b

2.

We have also seen that X3 − 3X + 1 is solvable by radicals, since its roots are

ζ + ζ8, ζ2 + ζ7, ζ4 + ζ5,

where ζ is a cube root of ω = −1+√−3

2 .

Definition 4.1. (i) A simple radical extension is an extension F (α)/F , where α is a root of anirreducible polynomial Xn − a ∈ F [X] and n is coprime to charF , if charF > 0.

(ii) An extension E/F is called radical is there is a finite chain of fields (called a root tower)

F = F0 ( F1 ( · · · ( Fr = E

such that Fi/Fi−1 is simple radical, for i = 1, . . . , r.

So E = F (α1, . . . , αr), where αnii ∈ F (α1, . . . , αi−1), for i = 1, . . . , r (for some ni).

Notice that any quadratic extension E/F is simple radical when charF 6= 2: if β ∈ E \F then β isa root of some irreducible quadratic polynomial X2 +aX+ b; but then, from the quadratic formulawe have α =

√a2 − 4b ∈ E \ F so E = F (α) with α2 ∈ F .

Definition 4.2. A polynomial f(X) ∈ F [X] is solvable by radicals over F if the splitting field overF of f is contained in some radical extension E of F .

Note The splitting field itself need not be radical; in fact, the cubic polynomial X3− 3X + 1 givesan example of this.

4.1 Cubic and quartic polynomials

In this section, we look at solving cubic and quartic polynomials. We begin by looking at thegeneral theory of cubic equations.

So let f ∈ Q[X] be a cubic polynomial with roots α1, α2, α3 in C. We set F = Q(ω), whereω = e2πi/3, and let E = F (α1, α2, α3) be the splitting field over F of f in C. The Galois groupG = Gal(E/F ) is then a subgroup of S3.

Note first that, if (1 2 3) 6∈ G then |G| ≤ 2 so E/F is at most quadratic and, from the remarksabove, E/F is simple radical. Since F/Q is also simple radical, we see that E/Q is radical, so f issolvable by radicals.

So suppose now that (1 2 3) ∈ G, in which case G contains A3 = {1, (1 2 3), (1 3 2)}, and indeed A3

is a normal subgroup of G. Consider

θ = α1 + ωα2 + ω2α3 ∈ E.

41

Then, with σ = (1 2 3),σ(θ) = α2 + ωα3 + ω2α1 = ω2θ

soσ(θ3) = (ω2θ)3 = ω6θ3 = θ3.

Hence, if we put L = EA3 , we have θ3 ∈ L but θ 6∈ L. Since [E : L] = 3 is prime, we then haveE = L(θ) and E/L is simple radical. On the other hand, [L : F ] ≤ 2 so L/F is also simple radical.Hence

Q ⊆ F ⊆ L ⊆ E

is a root tower for E and, since E contains all the roots of f , the polynomial f is solvable byradicals over Q.

We note that we have used in quite a fundamental way that S3 has subgroups

{1} / A3 / S3,

which we will see again later.

Although this shows us theoretically that any cubic is solvable, and indeed can be used to computethe roots, there are other (easier?) methods. Here we show (by example) a method which I knowas the “p+ q” method, though I am sure it has a proper name.

We find the roots off(X) = X3 + 6X2 + 3X + 6,

which we note is irreducible by Eisenstein’s criterion with p = 3. We first simplify this by eliminatingthe term in X2 (this is rather like completing the square):

f(X) = (X + 2)3 − 9(X + 2) + 16

so we substitute Y = X + 2 and consider

g(Y ) = Y 3 − 9Y + 16.

Now we use an identity. We write Y = p+ q and consider

Y 3 = (p+ q)3 = p3 + 3p2q + 3pq2 + q3,

soY 3 − 3pqY − (p3 + q3) = 0.

Comparing this to g(Y ), we see that we need

pq = 3, p3 + q3 = −16.

Then p3q3 = 27 so p3, q3 are the roots of the quadratic polynomial

h(Z) = Z2 + 16Z + 27.

Now we can solve h(Z) using the quadratic formula, to get

p3 =√

37− 8

42

[Note that there is symmetry between p and q so we can choose which of the two roots we want p3

to be.] Then, putting ξ = 3√√

37− 8 (the real cube root) we have

p = ξ, ωξ, ω2ξ,

where ω = e2πi/3. Since q = 3/p, Y = p+ q and X = Y − 2, we get roots

3

√√37− 8 +

33√√

37− 8− 2, ω

3

√√37− 8 +

3ω2

3√√

37− 8− 2, ω2 3

√√37− 8 +

3ω3√√

37− 8− 2.

Now we turn to quartic polynomials: let f be a quartic polynomial in Q[X], with roots α1, α2, α3, α4

in its splitting field E⊆C. We write

f(X) = X4 − s1X3 + s2X2 − s3X + s4 = (X − α1)(X − α2)(X − α3)(X − α4).

Let G ≤ S4 be the Galois group Gal(E/Q). Note that S4 has the useful subgroups

V4 = {1, (1 2)(3 4), (1 3)(2 4), (1 4)(2 3)},A4 = {even permutations},

which can be put in the series

{1} / {1, (1 2)(3 4)} / V4 / A4 / S4.

The Klein 4-group V4 is particularly useful, since it is normal in S4. Inspired by it, we consider

β1 = (α1 + α2)(α3 + α4), β2 = (α1 + α3)(α2 + α4), β3 = (α1 + α4)(α2 + α3).

Note that any permutation in S4 (so any permutation in G) permutes β1, β2, β3 so any symmetricfunction in β1, β2, β3 lies in EG = Q. In particular, the coefficients of the cubic polynomial

g(X) = (X − β1)(X − β2)(X − β3)

lie in Q. [This cubic is called the resolvent cubic.] We have seen that we can find β1, β2, β3 usingradicals. Now

s1 = (α1 + α2) + (α3 + α4) ∈ Q[X]

so α1 + α2 and α3 + α4 are roots of the quadratic polynomial

X2 − s1X + β1

and we can find them using radicals. Similarly, we can find α1 + α3, α1 + α4, etc. Finally, we canfind α1 as

α1 = 12 ((α1 + α2) + (α1 + α3) + (α1 + α4)− s1) ,

and the other roots similarly. In particular, the polynomial is solvable by radicals.

Exercise If f(X) = X4 + aX2 + bX + c, show that the resolvent cubic is

X3 − 2aX2 + (a2 − 4c)X − b2.

43

4.2 Kummer theory

Definition 4.3. A primitive nth root of unity is a ζ such that ζn = 1 but ζm 6= 1 for any 1 ≤ m ≤ n.[So ζ has order n for multiplication.]

By question 15 on the problem sheet, if a field F contains a primitive root of unity and F hascharacteristic p 6= 0, then p - n.

Theorem 4.4. Let F be a field containing a primitive nth root of unity. Then an extension ofdegree n is simple radical if and only if it is a Galois extension with cyclic Galois group.

Proof. Let ζ be a primitive nth root of unity in F .

Suppose E/F is simple radical, so E = F (α) and α is a root of Xn − a ∈ F [X], an irreduciblepolynomial. Then the roots of Xn − a are

α, αζ, αζ2, . . . , αζn−1,

all of which are distinct and lie in E. Hence E is a splitting field of the separable polynomial Xn−aand E/F is Galois of degree n. Any automorphism σ ∈ G = Gal(E/F ) is given by

σ(α) = αζi(σ), for some (unique) i(σ) ∈ Z/nZ ' Cn.

This defines for us a mapπ : G → Z/nZ, σ 7→ i(σ).

Moreover, for σ, τ ∈ G,

στ(α) = σ(αζi(τ)

)= σ(α)ζi(τ) = αζi(σ)ζi(τ) = αζi(σ)+i(τ).

Hence στ 7→ i(σ)+i(τ) and the map π is a homomorphism. Further, it is injective: if σ(α) = αζ0 =α then σ = 1. Since both groups have n elements, it is also surjective, and hence an isomorphism.

Conversely, suppose E/F is Galois of degree n and G = Gal(E/F ) is cyclic, with generator σ. Forx ∈ E, we consider

α = x+ ζ−1σ(x) + · · ·+ ζ1−nσn−1(x)

and notice thatσ(α) = σ(x) + ζ−1σ2(x) + · · ·+ ζ1−nx = ζα

soσ (αn) = σ(α)n = ζnαn = αn.

[You should notice that what we did for solving cubics was a special case of this.] Hence αn = a ∈EG = F . Note that we could have α = 0 but, by Dedekind’s Lemma 3.3, the distinct automorphisms1, σ, . . . , σn−1 are linearly independent over E so there is some choice of x ∈ E such that α 6= 0.Finally, the roots of Xn − a are α, αζ, . . . , αζn−1 and σi(α) = αζi so that G acts transitively onthe roots. Hence Xn − a is irreducible, by Lemma 3.15. �

Notice that Theorem 4.4 requires us to have all nth roots of unity in F so we need to know somethingabout what happens when we adjoin such a root to a field – after all, Q contains no primitive nth

root of unity for n ≥ 3. Since we will need no more, we content ourselves with:

44

Lemma 4.5. Let ζ = ζn = e2πi/n, a primitive nth root of unity in C, with n ≥ 2. Then Gal(Q(ζ)/Q)is abelian of degree at most n− 1.

Proof. Since ζ is a root of

Xn − 1 = (X − 1)(Xn−1 +Xn−2 + · · ·+X + 1)

and ζ 6= 1, the minimal polynomial over Q of ζ has degree at most n − 1. Moreover, the roots ofXn − 1 are 1, ζ, ζ2, . . . , ζn−1, which are all in Q(ζ), so this is the splitting field of Xn − 1 and istherefore a Galois extension.

Now any σ ∈ G = Gal(Q(ζ)/Q) is given by

σ(ζ) = ζi(σ), for some (unique)i(σ) ∈ Z/nZ,

since σ(ζ) is a root of Xn − 1. Then, for τ, σ ∈ G,

τσ(ζ) = τ(ζi(σ)

)= τ(ζ)i(σ) = ζi(τ)i(σ) = ζ(i(σ)i(τ) = στ(ζ) (by symmetry)

so τσ = στ . �

Remarks. We could get much more with a little more work:

(i) We could replace Q by any field F with charF - n.

(ii) We can also say exactly what Gal(Q(ζ)/Q) is, though this depends very much on having Qrather than any other field F .

(iii) There is an amazing converse, the Kronecker-Weber Theorem: If E/Q is Galois withabelian Galois group, then there is some n such that E⊆Q(ζn).

If E/F is simple radical then E = F (α) with αn ∈ F and [E : F ] = n. Note that if p | n then,putting β = αp, we can split the extension into the tower

F ( F (β) ( E = F (α)

and βn/p = αn ∈ F , while αp = β ∈ F (β). Moreover, the tower law implies that [F (β) : F ] = n/pand [E : F (β)] = p so each of these extensions is simple radical. In particular, we can continue toget a root tower with each step simple radical of prime degree. Hence we only need to considerpolynomials of the form Xp − a, with p prime.

Theorem 4.6. Let F be a field, p a prime with p 6= charF , and let a ∈ F . Then Xp−a is reduciblein F [X] if and only if a has a pth root in F .

In fact, the condition p 6= charF is not needed for this Theorem.

Proof. If a = αp, with α ∈ F , then (X − α) is a factor of Xp − a so it is clearly reducible.

Conversely, suppose Xp−a is reducible in F [X] and let E be a splitting field over F of Xp−a. ThenE = F (α, ζ), where α is such that αp = a and ζ is a primitive pth root of unity. By assumption,we have a factorization in F [X]

Xp − a = f(X)g(X),

45

with f, g ∈ F [X] monic of degrees r, s ≥ 1 respectively, with r + s = p. Since we also have afactorization in E[X]

Xp − a = (X − α)(X − αζ) · · · (X − αζp−1),

the constant term of f is a product of r roots αζmi (for various mi). In particular, it is of the formb = αrζ1, where ζp

1 = 1. Thenbp = αpr = ar.

Since 1 ≤ r < p, the Euclidean algorithm means there exist u, v ∈ Z such that ru + pv = 1. Butthen

a = aruapv = bpuapv = (buav)p

so a has a pth root buav in F . �

We will need one more general theorem:

Theorem 4.7. Let f be a separable polynomial in F [X] and L afield containing F . Let K be the splitting field over L of f , andE⊆K the splitting field over F of f . Then Gal(K/L) is isomorphicto a subgroup of Gal(E/F ).

The following diagram shows the relationships between the fields:

K

wwww

wwww

w

E

E ∩ L L

wwwwwwwww

F

Proof. Let α1, . . . , αn be the roots of f in K so K = L(α1, . . . , αn) and E = F (α1, . . . , αn). Weregard the Galois groups H = Gal(K/L) and G = Gal(E/F ) as subgroups of Sn by permuting theroots α1, . . . , αn.

Given σ ∈ G, its restriction σ0 = σ|E is an automorphism of E, since E/F is normal; also σ0 fixesE ∩ L ⊇ F . Hence we have a homomorphism

H → G, σ 7→ σ0.

Moreover, this map is injective: if σ0 = 1, then σ0 leaves each αi fixed so σ does also and σ = 1.Hence H is isomorphic to a subgroup of G. �

4.3 Soluble groups

Definition 4.8. A finite group G is called soluble (or solvable) if we can find a chain of subgroups(called a composition series)

{1} = G0 / G1 / · · · / Gn = G

such that Gi/Gi−1 is cyclic of prime order, for i = 1, . . . , n.

For example, S3 is soluble, since it has composition series

{1} / {1, (1 2 3), (1 3 2)} / S3.

46

Likewise, S4 is soluble, since it has composition series

{1} / {1, (1 2)(3 4)} / V4 / A4 / S4.

Of course, any cyclic group of prime order G is soluble, since it has composition series {1} / G.

Lemma 4.9. Let G be a group, let H be a subgroup of G and let N be a normal subgroup of G.

(i) If G is soluble then H is soluble.

(ii) If G is soluble then G/N is soluble.

(iii) If N and G/N are soluble then G is soluble.

Sketch. (i),(ii) We have a composition series

{1} = G0 / G1 / · · · / Gn = G

with each Gi/Gi−1 is cyclic of prime order. For (i) we intersect this with H

{1} = G0 ∩H / G1 ∩H / · · · / Gn ∩H = H

and delete repetitions. For (ii) we quotient by N

{1} = N/N / G1N/N / · · · / GnN/N = G/N

and delete repetitions.

(iii) We have composition series

{1} = N0 / N1 / · · · / Nr = N and N/N / J1 / · · · / Js = G/N

with each quotient cyclic of prime order. Write π for the projection homomorphism G → G/Ngiven by π(g) = gN and, for J a subgroup of G/N , put π−1(J) = {g ∈ G : π(g) ∈ J}. Then weput

Gi =

{Ni for 1 ≤ i ≤ r,π−1(Ji−r) for r + 1 ≤ i ≤ r + s.

Then this gives a composition series as required. �

Corollary 4.10. Every finite abelian group is soluble.

Proof. The proof is by induction on |G|, the base case being trivial. So suppose |G| > 1, choosea ∈ G \ {1}, and let m be the order of a. Let p be a prime dividing m and put α = am/p, whichhas order p. Then N = 〈α〉 is cyclic of order p (so soluble) and normal in G as G is abelian.Moreover, G/N is abelian of order smaller than |G| so soluble by the inductive hypothesis. Hence,by Lemma 4.9(iii), G is soluble. �

47

4.4 Galois’s solvability criterion

Now we are finally ready for our big Theorem:

Theorem 4.11 (Galois). Let f ∈ Q[X]. Then f is solvable by radicals over Q if and only if theGalois group over Q of f is soluble.

This Theorem is in fact true with Q replaced by any field of characteristic 0. Also note that, sincewe have seen that S3 and S4 are soluble, this again shows that every cubic and quartic polynomialis solvable by radical over Q.

Proof. Suppose first that f has soluble Galois group G over Q, of order n. We prove by inductionon n that f is solvable by radicals over Q, the base case n = 1 being trivial. So we assume that,if g is any polynomial with soluble Galois group of order strictly less than n, then g is solvable byradicals over Q.

The first step is to show that we can enlarge Q so that it contains all the nth roots of unity. SinceXn − 1 has abelian Galois group of order at most n − 1 (by Lemma 4.5), and since all abeliangroups are soluble (by Corollary 4.10), the inductive hypothesis tells us that Xn − 1 is solvable byradicals over Q, and we have a root tower

(∗) Q = F0 ⊆ F1 ⊆ · · · ⊆ Fn = Q(ζn) = E.

Let K denote the splitting field of f over E. Then, by Theorem 4.7, the Galois group H =Gal(K/E) is a subgroup of G, so is also soluble (by Lemma 4.9(i)). It therefore has a compositionseries

{1} = H0 / H1 / · · · / Hs = H,

with each Hi/Hi−1 cyclic of prime order pi; moreover, each prime pi divides |Hi| so, since Hi is asubgroup of G, we have pi | n = |G|. From the Fundamental Theorem of Galois Theory 3.11, weget a tower of fields

(†) E = KH ⊆ KHs−1 ⊆ · · · ⊆ KH1 ⊆ KH0 = K.

Now E contains a primtive dth root of unity, for each divisor d of n; in particular, it contains aprimitive pth

i root of unity, for each i. Hence (by Theorem 4.4) each extension in this tower is simpleradical. Putting the tower (∗), (†) together, we get a root tower from Q to K; since K contains allthe roots of f , we deduce that f is solvable by radicals over Q.

Conversely, suppose now that f is solvable by radicals over Q, and consider a root tower

(§) Q = F0 ⊆ F1 ⊆ · · · ⊆ Fr,

such that f splits in Fr, and each pi = [Fi : Fi−1] is prime. We would like to be able to apply theFundamental Theorem of Galois Theory to this tower, but the problem is that Fr/Q may not beGalois and, even if it is, the intermediate extensions Fi/Fi−1 in the tower may not be Galois. Theidea is roughly to replace Fr by its normal closure, but first we must adjoin a root of unity.

Put n = [Fr : Q], so that each pi divides n (by the Tower Law). We put ζ = e2πi/n and replace thetower (§) by

Q ⊆ E0 = Q(ζ) ⊆ E1 = F1(ζ) ⊆ · · · ⊆ Er = Fr(ζ).

48

By Theorem 4.6, the steps in this tower which have not become trivial are still simple radical ofprime degree, since every Ei−1 contains a primitive pth

i root of unity (since pi | n). Moreover, byTheorem 4.4, each Ei/Ei−1 is Galois.

Now the problem is to replace this tower by one in which the final field is a Galois extension of Q(since Er/Q need not be Galois itself). The algorithm to do this is as follows:

Certainly E0/Q is Galois, since it is the splitting field of Xn− 1 over Q. Moreover, E1/Q is Galois:if F1/Q is generated by a root of Xp1 − a1, where a1 ∈ Q, then E1 is the splitting field over Q of(Xn − 1)(Xp1 − a1).

Now, if E2/E1 is the splitting field of Xp2 − a2 ∈ E1[X], then we adjoin successively all the rootsof all the (finitely many) equations

Xp2 − σ(a2), for σ ∈ Gal(E1/Q)

This gives a Galois extension K2 of Q which contains E2 and can be reached by a root tower – itis the splitting field over Q of the polynomial

(Xn − 1)(Xp1 − a1)∏

σ∈Gal(E1/Q)

(Xp2 − σ(a2)) .

Notice that this polynomial really does have rational coefficients: it certainly has coefficients in E1

but the polynomial is fixed by any τ ∈ Gal(E1/Q) so the coefficients lie in EGal(E1/Q)1 = Q.

We continue in this way, considering E3/E2 etc., and arrive at a Galois extension Kr of Q whichcontains Er and can be reached by a root tower from E0, as required. So suppose the root tower is

(‡) Q ⊆ E0 = L0 ⊆ L1 · · · ⊆ Ls = Kr,

with E0 = Q(ζn) and each Li/Li−1 of prime order dividing n; in particular (by Theorem 4.4)each Li/Li−1 is Galois with Galois group cyclic of prime order. Writing J = Gal(Kr/Q), theFundamental Theorem of Galois Theory 3.11 applied to the tower (‡) gives us a chain of subgroups

{1} = Js = Gal(Ls/Ls) / · · · / J1 = Gal(Ls/L1) / J0 = Gal(Ls/L0) / J = Gal(Ls/Q),

where each quotient Ji/Ji−1 is cyclic of prime order; in particular, J0 is soluble. But also J/J0 'Gal(E0/Q), which is abelian (by Lemma 4.5) since E0 = Q(ζ). By Corollary 4.10, J/J0 is thensoluble so, since J0 is also soluble, Lemma 4.9(iii) implies that J is soluble.

Finally, let M⊆Kr be a splitting field for f over Q, so that M/Q is a normal extension. Then Mis a normal intermediate subfield of the extension Fr/Q so, by the Fundamental Theorem of GaloisTheory 3.11, the corresponding subgroup N = Gal(Fr/M) is a normal subgroup of J with quotientJ/N ' Gal(M/Q) = G. In particular, G is (isomorphic to) a quotient of the soluble group J so,by Lemma 4.9(ii), it is soluble. �

4.5 An insolvable polynomial

Galois’s criterion shows that, to find a polynomial which is not solvable by radicals over Q, wemust find an insoluble group G and then find a polynomial with Galois group G. Since we havealready seen that every polynomial of degree at most 4 is solvable, our first candidate will be aquintic polynomial, which has Galois group a subgroup of S5. So we begin by showing that S5 isnot soluble.

49

Definition 4.12. A finite group G 6= {1} is called simple if it has no proper normal subgroup, i.e.there is no normal subgroup N with {1} 6= N 6= G.

Notice then that a finite group G is both simple and soluble if and only if it is cyclic of prime orderp. We will show that the subgroup A5 of S5 is simple; since it has order 60, which is not prime, A5

is then not soluble so, by Lemma 4.9(i), S5 is not soluble either.

In order to show that A5 is simple, we need a way of detecting normal subgroups. We note that asubgroup N of a group G is normal if and only if

xnx−1 ∈ N, for all x ∈ G,n ∈ N.

Now, for g ∈ G, we define the conjugacy class in G of g to be

ClG(g) = {xgx−1 : x ∈ G},

and the stabilizer in G of g to be

StabG(g) = {x ∈ G : xgx−1 = g}.

Then we have the following:

• The conjugacy classes partition G – that is, the distinct conjugacy classes in G are disjoint.Moreover, the Orbit-Stabilizer Theorem says that, for any g ∈ G

|ClG(g)| |StabG(g)| = |G|.

We will not prove this here.

• A subgroup N of G is normal if and only if, for all n ∈ N , the conjugacy class ClG(n)⊆G.Hence any normal subgroup is a union of conjugacy classes including {1} such that |N | dividesG. The converse of this is false, but it does give us a way of looking for candidates for normalsubgroups.

• For σ ∈ Sn, we have

ClSn(σ) = {all permutations of the same cycle type as σ}.

This is straightforward to prove, by noting that, if (a1 a2 . . . ak) is a k-cycle and τ ∈ Sn, then

τ(a1 a2 . . . ak)τ−1 = (τ(a1) τ(a2) . . . τ(ak)).

We can use this last property to compute the sizes of the conjugacy classes in Sn, and then lookfor normal subgroups. We do this for n = 3, 4, 5. Note that we can count the number of elementswith a given cycle type: for example, the number of k-cycles in Sn is (k− 1)!.(n

k), since we choose knumbers to appear in the cycle, and there are (k−1)! ways to order them to give different k-cycles.

Similarly, the number of elements with cycle type 22 is(n2 )(n−2

2 )2!

, since we can order the two 2-cyclesin 2! ways. We get the following tables:

50

S4:

cycle type number of elements(conjugacy class)

1 12 33 2

Notice that, taking the identity togetherwith the 3-cycles, we get a subset N oforder 3, which divides |S3| = 6. Thisis the only candidate for a normal sub-group of S3, and indeed it is: N = A3,the subgroup of even permutations.

S3:

cycle type number of elements(conjugacy class)

1 12 63 84 622 3

In this case, there are two candidatesfor normal subgroups: the identity to-gether with the elements of cycle type22 (which gives the proper normal sub-group V4) and these together with the3-cycles (which gives the proper nor-mal subgroup A4).

S5:

cycle type number of elements(conjugacy class)

1 12 103 204 305 2422 15

2131 20

This time, there are two candidates forproper normal subgroups: the iden-tity together with the elements of cy-cle type 51, 22 or 2131 – which doesn’tform a group at all; and the identitytogether with 3- and 5-cycle and theelements of cycle type 22 – which givesthe proper normal subgroup A5.

What about conjugacy classes in A5? For this we need to observe the following facts:

• For h ∈ A5,StabA5(h) = {x ∈ A5 : xhx−1 = h} = StabS5(h) ∩A5.

• For h ∈ A5,

ClA5(h) = {xhx−1 : x ∈ A5} ⊆ {xhx−1 : x ∈ S5} = ClS5(h).

Using this we can first find the stabilizer of h ∈ A5 and then compute the size of its conjugacyclass.

3-cycles For example, h = (1 2 3). Then, from the Orbit-Stabilizer Theorem we get

|StabS5(h)| =|S5|

|ClS5(h)|=

12020

= 6.

Then we easily see that

StabS5(h) = {1, h, h2, (4 5), h(4 5), h2(4 5)}

51

since the stabilizer certainly contains these six elements but also has order 6. Then

StabA5(h) = {1, h, h2}

so

|ClA5(h)| =|A5|

|StabA5(h)|=

603

= 20.

Since ClA5(h)⊆ClS5(h) and both have 20 elements, we see that the conjugacy class of h in A5 is all3-cycles.

22-cycles For example, h = (1 2)(3 4). Then, from the Orbit-Stabilizer Theorem we get

|StabS5(h)| =|S5|

|ClS5(h)|=

12015

= 8.

Then we easily see that

StabS5(h) = {1, (1 2), (3 4), h, (1 3)(2 4), (1 4)(2 3), (1 3 2 4), (1 4 2 3)}

since the stabilizer certainly contains these eight elements but also has order 8. Then

StabA5(h) = {1, h, (1 3)(2 4), (1 4)(2 3)}

so

|ClA5(h)| =|A5|

|StabA5(h)|=

604

= 15.

Since ClA5(h)⊆ClS5(h) and both have 15 elements, we see that the conjugacy class of h in A5 is all22-cycles.

5-cycles For example, h = (1 2 3 4 5). Then, from the Orbit-Stabilizer Theorem we get

|StabS5(h)| =|S5|

|ClS5(h)|=

12024

= 5.

Then we easily see thatStabS5(h) = {1, h, h2, h3, h4}

since the stabilizer certainly contains these five elements but also has order 5. Then

StabA5(h) = {1, h, h2, h3, h4}

so

|ClA5(h)| =|A5|

|StabA5(h)|=

605

= 12.

Since ClA5(h)⊆ClS5(h) we see that the conjugacy class of h in A5 is exactly half of the 5-cycles.The remaining 5-cycles form another conjugacy class (which contains, for example (2 1 3 4 5).)

Hence we get the following table of conjugacy classes:

52

A5:

cycle type number of elements(conjugacy class)

1 13 2022 155a 125b 12

Now when we look for candidates forproper normal subgroups, we quicklysee there are none, because no propercombination of 1, 12, 12, 15, 20 includ-ing 1 has a sum dividing 60: for exam-ple, if we include 20 then we alreadyhave 21 elements and including anyother number in the list gives morethan 30.

In particular, this counting has shown that A5 is simple. Since |A5| = 60 is not prime, this meansthat A5 is not soluble and, since A5 ≤ S5, Lemma 4.9(i) implies that S5 is not soluble either.

Remark. Indeed, since A5 ≤ An ≤ Sn, for any n ≥ 5, this means that An and Sn are not solublefor any n ≥ 5. In fact, An is simple for any n ≥ 5, but this requires a different proof.

So now we just need to find a quintic polynomial in Z[X] with Galois group S5. For this we willneed the following two lemmas:

Lemma 4.13. (i) Sn is generated by the 2-cycles (1 2), (2 3), . . . , (n− 1 n).

(ii) Sn is generated by τ = (1 2) and the n-cycle σ = (1 2 · · · n).

Proof. (i) can be proved by an easy induction on n. [Exercise.]

For (ii), we notice that

στσ−1 = (2 3), σ2τσ−2 = (3 4), . . . , σn−1τσ1−n = (n− 1 n),

and apply (i). �

Lemma 4.14 (Cauchy’s Theorem). Let G be a finite group and p a prime number such that pdivides |G|. Then G contains an element of order p.

Proof. �

Finally, we are ready to give an example of an insolvable polynomial:

Example 4.15. f(X) = X5 − 4X + 2 is not solvable by radicals over Q.

Proof. Let E ( C be a splitting field for f over Q and set G = Gal(E/Q) ≤ S5.

We first consider f as a function R → R. Since f ′(x) = 5x4 − 4, we see that f has 2 stationary

points in R (at ± 4

√45) so, by Rolle’s Theorem, at most three real roots. But we compute

f(−2) = −22 < 0, f(0) = 2 > 0, f(1) = −1 < 0, f(2) = 26 > 0,

so, by the Intermediate Value Theorem, there are at least 3 real roots (one in each of the intervals(−2, 0), (0, 1) and (1, 2)). Hence there are one pair of complex conjugate roots α1, α2 and three realroots α3, α4, α5. In particular, complex conjugation c is a non-trivial automorphism of E, whichacts on the roots as the 2-cycle (1 2).

53

On the other hand, f is irreducible in Q[X] (by Eisenstein’s criterion with p = 5) so [Q(α1) : Q] = 5and, by the Tower Law, 5 divides [E : Q]. Then 5 divides |G| so, by Cauchy’s Theorem 4.14, Gcontains an element σ of order 5. Moreover, σ must be a 5-cycle, since these are the only elements oforder 5 in S5. Then some power of σ maps 1 7→ 2 so (after renumbering the real roots if necessary)it is the 5-cycle (1 2 3 4 5).

Hence G contains (1 2) and (1 2 3 4 5) so G = S5, by Lemma 4.13. Since S5 is not solvable, f is notsolvable by radicals over Q, by Theorem 4.11. �

54

5 Finite fields

The fields Fp (the integers modulo p with addition and multiplication modulo p) are quite familiarobjects but we have seen, for example, that the splitting field E of X3− 3X +1 over F7 has degree3 – so it too is a finite field. So what other finite fields are there?

Suppose F is a finite field with q elements. Then charF = p for some prime p and F contains acopy of Fp. So F is a finite extension of Fp, of degree f say. If u1, . . . , uf is a basis for F/Fp, then

F = {α1u1 + · · ·+ αfuf : α1, . . . , αf ∈ Fp}

so |F | = pf . Hence the number of elements in a finite field F is certainly a prime power q = pf ,where p = charF . But can every prime power occur?

Notice that the multiplicative group F× has q − 1 elements so, by Lagrange’s Theorem, everyα ∈ F× satisfies αq−1 = 1. Hence every element of F is a root of f(X) = Xq −X, and f(X) splitsin F (since it has q distinct roots in F ). Moreover, since F is the set of roots of f , it is the splittingfield over Fp of f .

Conversely, let E be the splitting field over Fp of f(X) = Xq −X, where q = pf . Since f ′(X) =qXq−1 − 1 = −1 is coprime to f , the polynomial f has q distinct roots in E. But the roots of falready form a field: if aq = a and bq = b then

abq = aqbq = ab,

(a−1)q = (aq)−1 = a−1,

(a+ b)q = aq + bq = a+ b,

where the last equality is because all the other terms in the binomial expansion of (a+ b)q are zero,since p|(q

i ), for 1 ≤ i ≤ q − 1. Hence E, being the smallest field containing all the roots of f , isprecisely the set of roots of f and |E| = q.

Since splitting fields are unique up to isomorphism, we have proved:

Theorem 5.1. For each prime p and f ≥ 1, there is exactly one (up to isomorphism) field withq = pf elements, namely the splitting field over Fp of Xq −X, and these are the only finite fields.

We write Fq for the finite field with q elements. (Some authors write GF(q), for “Galois Field”.)

Since Xq −X is a separable polynomial, we also get

Corollary 5.2. Let E/F be a finite extension of finite fields. Then E/F is a Galois extension.

Proof. If |E| = q then E is the splitting field over F of Xq −X. �

5.1 Galois groups

Now we can ask what the Galois group is. Note that it is enough for us to find G = Gal(E/Fp)since, if [E : F ] = n, then Gal(E/F ) is the unique subgroup of G of order n.

We already know one element of Gal(E/Fp), namely the Frobenius automorphism φ : E → E givenby φ(α) = αp, for α ∈ E. Iterating φ, we get automorphisms φr : E → E, given by φr(α) = αpr

.

55

Notice that φr(α) = α if and only if α is a root of Xpr − X, that is, α ∈ Fpr . In particular, if|E| = pf then, for any r < f , not all elements of E are fixed by φr, while φf (α) = α, for all α ∈ E.Hence

1, φ, . . . , φf−1

are distinct automorphisms and

Gal(E/Fp) = 〈φ : φf = 1〉 ' Cf

the cyclic group of order f , with generator the Frobenius automorphism φ.

Now the subgroups of Cf are precisely one for each divisor n of f : if f = nd then the subgroupgenerated by φd is cyclic of degree n. This gives us:

Theorem 5.3. Let q = pf . The subfields of Fq correspond to the divisors of f : that is, Fpd ⊆ Fq ifand only if d|f . When this is the case, Gal(Fq/Fpd) is cyclic of order f/d, generated by φd : α 7→ αpd

.

In particular, every finite extension of finite fields is Galois with cyclic Galois group.

This still leaves the question of the Galois group of a polynomial in Fq[X]. This is settled by:

Theorem 5.4. Suppose f(X) ∈ Fq[X] is irreducible of degree n. Then the Galois group of f overFq is cyclic of degree n.

Note that the polynomial f must be irreducible in Fq[X].

Proof. Let E be the splitting field over Fq of f , so E = Fqd , where d = [E : Fq]. We know thatthe Galois group G = Gal(E/Fq) is then cyclic of degree d, with generator σ : x 7→ xq. Since f isirreducible, Lemma 3.15 implies that G acts transitively on the roots; so, if α ∈ E is a root, then

α, σ(α) = αq, σ2(α) = αq2, . . . , σd−1(α) = αqd−1

must include all the roots of f . Hence E = Fq(α), which has degree n over Fq. �

5.2 Examples

In each of the following examples, we will find the Galois group and describe the action of theGalois group on the roots of the polynomial.

(i) X3 − 3 over F5

First we try to factorize the polynomial which, since it is cubic, means looking for roots. Some trialand error soon finds that 23 − 3 = 5 = 0 so we have a factor (X − 2):

X3 − 3 = (X − 2)(X2 + 2X − 1).

On the other hand, we quickly check that X2 + 2X − 1 has no roots in F5 so is irreducible. Thenthe splitting field E over F5 of X3−3 is the splitting field of X2 +2X−1 over F5, which has degree2 and Galois group C2, generated by φ : x 7→ x5.

If α is one of the roots ofX2+2X−1 in E, then all the roots ofX3−3 are 2, α, β = −2−α = − 1α = α5

and φ acts byφ : 2 7→ 2, α 7→ β 7→ α.

56

So, if we number the roots 1, 2, 3, then φ is the permutation (1)(2 3).

(ii) X3 − 3 over F169

Since 169 = 132, we do this over F13 first. Trial and error shows that X3 − 3 has no roots in F13

so it is irreducible in F13[X] and its splitting field L over F13 has degree 3 over F13. If α is a rootof X3 − 3 in L, then all the roots are α, α13 = (α3)4α = 34α = 3α and α169 = 9α.Let E be the splitting field over F169 of X3 − 3, which is thesmallest field containing both F169 and L. Then we have thefollowing diagram:

Then, by the tower law, [E : F13] = 6 and, in particular,[E : F169] = 3. Then G = Gal(E/F169) is cyclic of order 3with generator φ : x 7→ x169, which acts on the roots by

φ : α 7→ 9α 7→ 3α 7→ α.

E

yyyyyyyy

BBBB

BBBB

F169

2 EEEE

EEEE

L

3}}}}

}}}}

F13

So, if we number the roots 1, 2, 3, then φ is the permutation (1 2 3).

(iii) X4 + 1 over F5

We begin by factorizing X4 + 1 = (X2 − 2)(X2 + 2), with both quadratic factors irreducible. Thesplitting field over F5 of X2 − 2 has degree 2, as does the splitting field over F5 of X2 − 2. Sincethere is a unique field F25 of degree 2 over F5, both these fields are the same. So the splitting fieldover F5 of X4 + 1 is E = F25 and G = Gal(E/F5) is cyclic of order 2, with generator φ : x 7→ x5. Ifα is a root of X2−2 then the other root is α5 = −α and the roots of X2 +2 are ±β, with β = 1/α.Then φ acts on the roots by:

φ : α 7→ −α 7→ α, β 7→ −β 7→ β.

So, if we number the roots 1, 2, 3, 4, then φ is the permutation (1 2)(3 4).

(iv) X6 +X5 +X4 +X3 + 1 over F2

This has no roots in F2 but does factorize as

X6 +X5 +X4 +X3 + 1 = (X2 +X + 1)(X4 +X + 1),

with both factors irreducible. The splitting field over F2 of X2 +X+1 has degree 2, so is F22 , whilethat of X4 + X + 1 has degree 4, so is F24 . Since 2 divides 4, we have F22⊆F24 , so the splittingfield E of X6 +X5 +X4 +X3 + 1 over F2 has degree 4, and G = Gal(E/F2) is cyclic of degree 4,with generator φ : x 7→ x2. If α is a root of X4 + X + 1 then the other roots are α2, α4 = α + 1and α8 = α2 + 1. The roots of X2 +X + 1 are β = α2 + α and β2 = β + 1 = α2 + α+ 1. Then φacts on the roots by:

φ : α 7→ α2 7→ α+ 1 7→ α2 + 1 7→ α, β 7→ β + 1 7→ β.

So, if we number the roots 1, . . . , 6, then φ is the permutation (1 2 3 4)(5 6).

(v) X7 +X5 +X3 +X2 + 1 over F2

Again, this has no roots in F2 but factorizes as

X7 +X5 +X3 +X2 + 1 = (X3 +X + 1)(X4 +X + 1),

57

with both factors irreducible. Write E for the splitting field over F2 of X7 +X5 +X3 +X2 + 1, Kfor the splitting field over F2 of X3 +X + 1, and L for the splitting field over F2 of X4 +X + 1.Then [K : F2] = 3 and [L : F2] = 4 so we have a diagram offields:

Since E is the smallest field containing both K and L, by thetower law we have [E : F2] = 12 and G = Gal(E/F2) is cyclicof order 12 with generator φ : x 7→ x2.

If α is a root of X3 +X + 1, then the other roots are α2 andα4 = α2 + α; if β is a root of X4 + X + 1, then the otherroots are β2, β4 = β + 1 and β8 = β2 + 1. Then φ acts onthe roots by

E

||||

||||

AAAA

AAAA

K

3 AAAA

AAA L

4~~~~

~~~

F2

φ : α 7→ α2 7→ α2 + α 7→ α, β 7→ β2 7→ β + 1 7→ β2 + 1 7→ β.

So, if we number the roots 1, . . . , 7, then φ is the permutation (1 2 3)(4 5 6 7).

58

6 Further topics

6.1 Constructibility revisited

In researching and writing your essays on constructibility, you will have seen a Theorem which saidsomething like:

Theorem 6.1. A real number α is constructible from a subfield F of R if and only if there is atower of fields

F = E0 ⊆ E1 ⊆ · · · ⊆ En = E,

such that α ∈ E and [Ei : Ei−1] = 2, for i = 1, ..., n.

Sketch. If α is constructible then we construct it by a succession of intersections of lines and circles.At each stage, we need to solve an (at worst) quadratic equation so we get a field extension of degree1 (which we ignore) or 2.

Conversely, if we have a tower as above then choose αi ∈ Ei \ Ei−1, so that Ei = Ei−1(αi). Thenαi is a root of some quadratic polynomial X2 + bX + c ∈ Ei−1[X] so, from the quadratic formula

αi =−b±

√b2 − 4c

2,

which is constructible from Ei−1 since square roots are constructible. Hence Ei is constructiblefrom Ei−1 and, by induction, E is constructible from F . �

As a corollary to this, you will have seen that, if α ∈ R is constructible from Q then [Q(α) : Q]must be a power of 2. The converse of this is actually false, but the following Theorem gives thecorrect result:

Theorem 6.2. Let α ∈ R be algebraic over Q, with minimum polynomial f(X) ∈ Q[X]. Let E bea splitting field of f over Q. Then α is constructible from Q if and only if [E : Q] is a power of 2.

Proof. (⇒) Suppose α is constructible from Q so, by Theorem 6.1, there is a tower

(†) Q = F0 ⊆ F1 ⊆ · · · ⊆ Fn = F,

such that α ∈ F and [Fi : Fi−1] = 2, for i = 1, ..., n. Let L be the normal closure of F/Q (thesmallest field L containing F such that L/Q is normal). Note that, since α ∈ F , the field L containsa splitting field E of f over Q.

Let β ∈ E be any other root of f . Since f is irreducible, there is some σ ∈ Gal(E/Q) such thatσ(α) = β (by Lemma 3.15) and, since L/Q is normal, Lemma 3.7 implies that σ extends to someσ̂ ∈ Gal(L/Q). Then, applying σ̂ to (†), we get

Q = σ̂(F0) ⊆ σ̂(F1) ⊆ · · · ⊆ σ̂(Fn) = σ̂(F ) ⊆ L,

another tower of fields with [σ̂(Fi) : σ̂(Fi−1)] = 2. Since β = σ̂(α) ∈ σ̂(F ), Theorem 6.1 applied tothis tower implies that β is constructible from Q. Note that this applies to all roots of f .

Finally, if α = α1, α2, . . . , αn are the roots of f , we get a tower

Q ⊆ Q(α1) ⊆ Q(α1, α2) ⊆ · · · ⊆ Q(α1, . . . αn) = E ⊆ L.

59

Since each αi is constructible from Q, it is certainly constructible from Q(α1, . . . αi−1), so the degree[Q(α1, . . . αi−1, αi) : Q(α1, . . . αi−1)] is a power of 2. By the tower law, we get that [E : Q] is also apower of 2, as required.

(⇐) For the converse, we write G = Gal(E/Q). Then the assumption is that |G| is a power of 2.We need the following Lemma:

Lemma 6.3. Let p be a prime number, let e ∈ N and let G be a group of order pe. Then G issoluble.

Using this Lemma, we complete the proof of Theorem 6.2. Since |G| = 2n, for some n, and 2 isprime, Lemma 6.3 implies that G has a composition series

{1} = G0 / G1 / · · · / Gn = G,

with each Gi/Gi−1 cyclic of order 2. Then, applying the Fundamental Theorem of Galois The-ory 3.11, we get a tower of fields

E = EG0 ⊃ EG1 ⊃ · · · ⊃ EGn = EG = Q,

with each [EGi−1 : EGi ] = |Gi/Gi−1| = 2. Then, since α ∈ E, it is constructible from Q byTheorem 6.1. �

Finally, to finish we must prove Lemma 6.3:

Proof of Lemma 6.3. We suppose |G| = pe and proceed by induction on e, noticing that the casee = 1 is trivial since G is then already itself cyclic of prime order. For the inductive step, we recallthat G can be written as a (disjoint) union of its conjugacy classes and that, for each g ∈ G,

|ClG(g)| |StabG(g)| = |G| = pe,

so that the order of each conjugacy class is a power of p. Counting the elements of G by using theconjugacy classes, we get

pe = |G| =∑

orders of the distinct conjugacy classes

= #{conjugacy classes of order 1}

+∑

orders of the distinct conjugacy classes of order > 1︸ ︷︷ ︸divisible by p

.

The final term is divisible by p since each term in the sum is a power of p. In particular, this showsthat the number of conjugacy classes of order 1 is divisible by p. Moreover,

ClG(1) = {x1x−1 : x ∈ G} = {1}

has order 1. Hence the number of conjugacy classes of order 1 is at least p.

Now we define the centre Z = Z(G) of G to be

Z = {g ∈ G : ClG(g) = {g}}= {g ∈ G : xgx−1 = g for all x ∈ G}= {g ∈ G : xg = gx for all x ∈ G}.

60

It is easy to check [Exercise!] that Z is an abelian normal subgroup of G. We have also seen that|Z| ≥ p. Hence the quotient G/Z has order |G/Z| = pe′ , for some e′ ≤ e − 1. By the inductivehypothesis, G/Z is soluble, while Z is soluble because it is abelian (using Corollary 4.10). Hence,by Lemma 4.9(iii), G is soluble. �

Now we have a nice criterion to determine constructibility in terms of splitting fields, we apply itto the following example:

Example. Let α ∈ R be the positive real root of f(X) = X4 −X − 1. Is α constructible from Q?

Solution. In fact, we will do much more than answer this question: we will also determine theGalois group of the splitting field of f over Q.

First we should decide whether or not f is irreducible in Q[X]. Here there are two possibilities:

(i) The only possible roots in Q are the divisors of −1, which are ±1; but f(1) = −1 andf(−1) = 1 so neither is a root. This leaves the possibility that f factorizes as a product ofirreducible quadratics:

f(X) = X4 −X − 1 = (X2 + aX + b)(X2 + cX + d),

for some a, b, c, d ∈ Z. Comparing coefficients, we get

a+ c = 0b+ ac+ d = 0bc+ ad = −1

bd = −1.

From the first we get c = −a and from the last d = −b = ±1. Substituting these into thethird we get −2ab = −1, which is impossible since a, b are integers. Hence f is irreducible inQ[X].

(ii) We reduce modulo 2, to get f(X) = X4 +X + 1 ∈ F2[X]. Again, f has no roots in F2, sincef(0) = f(1) = 1 6= 0, but f could still factorize as a product of two irreducible quadratics.However, the only irreducible quadratic in F2[X] is X2 +X + 1, and

(X2 +X + 1)(X2 +X + 1) = X4 +X2 + 1 6= f(X).

Hence f is irreducible in F2[X] and so f is irreducible in Q[X].

In particular, this implies that f is the minimum polynomial of α over Q and so [Q(α) : Q] = 4.Then, if E denotes the splitting field of f over Q, the tower law gives us that 4 divides [E : Q].

Now we use the method described in Section 4.1 to try to solve f and find out something about itsGalois group G = Gal(E/Q). Let α, β, γ, δ denote the four roots of f in E. Then we put

η = αβ + γδ, θ = αγ + βδ, ζ = αδ + βγ.

Recall that we saw in Section 4.1 that these are the roots of the cubic equation

g(X) = (X − η)(X − θ)(X − ζ),

61

which has coefficients in Q.

Note that, from the equation

f(X) = X4 −X − 1 = (X − α)(X − β)(X − γ)(X − δ),

we get (by comparing coefficients)

s1 =∑

α = 0,

s2 =∑

αβ = 0,

s3 =∑

αβγ = 1,

s4 = αβγδ = −1.

Note that we are using some shorthand notation here: by∑αβ we mean the sum over all roots of

terms like αβ, that is ∑αβ = αβ + αγ + αδ + βγ + βδ + γδ.

We will use similar notation for the roots of g. To find the coefficients of g we need to find:

•∑

η = η + θ + ζ =∑

αβ = s2 = 0;

•∑

ηθ = (αβ + γδ)(αγ + βδ) + ηζ + θζ

= α2βγ + αγ2δ + αβ2δ + γβ2δ + ηζ + θζ

=∑

α2βγ.

Nows1s3 =

(∑α) (∑

αβγ)

=∑

α2βγ + 4αβγδ.

Hence ∑ηθ =

∑α2βγ = s1s3 − 4s4 = 4.

• ηθζ = (αβ + γδ)(αγ + βδ)(αδ + βγ)

=∑

α3βγδ +∑

α2β2γ2

= αβγδ∑

α2 +∑

(αβγ)2. (∗)

Nows21 =

(∑α)2

=∑

α2 + 2∑

αβ

while

s23 =(∑

αβγ)2

=∑

α2β2γ2 + 2∑

α2β2γδ =∑

α2β2γ2 + 2(αβγδ)∑

αβ.

Substituting back into (∗), we get

ηθζ = s4(s21 − 2s2) + (s23 − 2s4s2) = 1.

Hence η, θ, ζ are the roots ofg(X) = X3 + 4X − 1.

62

Remark. This cubic polynomial is called the resolvent cubic of f . As an exercise (which is mostlydone above) you could show that the resolvent cubic of the quartic polynomial X4 + aX3 + bX2 +cX + d is

X3 − bX2 + (ac− 4d)X + (4bd− c2 − da2).

Returning to our problem, now let F be the splitting field over Q of g inside E. (Note that theroots of g are indeed in E so E does contain a splitting field for g.) Since F/Q is a splitting field,it is a normal extension so the corresponding subgroup N = Gal(E/F ) is a normal subgroup of G,and G/N ' Gal(F/Q).

So what can we say about F/Q? Firstly notice that g is irreducible, since g(1) = 4 6= 0 andg(−1) = −6 6= 0 so g has no roots in Q. Also g has one real and two complex (conjugate) roots:we have

g′(x) = 3x2 + 4 > 0, for all x ∈ R

so g has no turning points and hence at most one real root; but it has at least one since there is aroot in the interval (−1, 1), by the Intermediate Value Theorem. Say η is the real root and θ, ζ arethe complex roots; then, from the tower

Q ⊆ Q(η) ⊆ F,

we get that [F : Q] = 6. Since Gal(F/Q) is a subgroup of S3 (since F is a splitting field of a degree3 polynomial), we deduce that Gal(F/Q) ' S3.

Finally, what can we conclude about G? Certainly G is a subgroup of S4, since it is the Galoisgroup of a polynomial of degree 4. We also know that G has a normal subgroup N = Gal(E/F )such that G/N ' Gal(F/Q) = S3.

On the other hand, we have seen that 4 divides |G|, while we also have that 6 = [F : Q] divides[E : Q] = |G| by the tower law, since F is a subfield of E. Hence 12 divides |G| and we are leftwith two possibilities:

|G| = 12 In this case G = A4 and we would have a normal subgroup N of A4 with G/N ' S3;in particular, we would have |N | = |G|/|S3| = 2. But A4 has no normal subgroup of order 2 (theonly normal subgroups are {1}, V4 and A4). Hence we must have:

|G| = 24 Then G = S4. In particular, |G| is not a power of 2, so α is not constructible from Q. �

Remark. (i) If we were only looking to determine whether or not α is constructible then, assoon as we knew that the resolvent cubic g was irreducible, we could have finished, since then3 divides [F : Q], which divides [E : Q], so [E : Q] is not a power of 2.

(ii) There was also another way we could have determined whether or not G = A4 at the end ofthe example, using the discriminant of the polynomial f :

Suppose f ∈ Q[X] has degree n, with distinct roots α1, . . . , αn ins some splitting field E. We definethe discriminant of f to be

∆ =∏

1≤i<j≤n

(αi − αj)2.

Suppose σ ∈ G = Gal(E/Q) ≤ Sn. Since σ permutes the roots, it must permute the factors(αi − αj)2, noting that the signs do not change since (αi − αj)2 = (αj − αi)2. Hence ∆ ∈ EG = Q.

63

Now put

δ =∏

1≤i<j≤n

(αi − αj),

which is clearly a square root of ∆. Again σ permutes the factors (αi−αj), but this time we mustbe careful about possible changes of sign. A straightforward exercise shows that, if τ = (1 2), thenτ(δ) = −δ. (The point is that (αi − αj) is fixed, if i, j 6∈ {1, 2}, while (α1 − αj)(α2 − αj) is fixed ifj 6∈ {1, 2} but τ(α1 − α2) = −(α1 − α2).) By symmetry, the same is true for any 2-cycle so we get

σ(δ) =

{δ if σ ∈ An

−δ if σ 6∈ An.

In particular δ ∈ Q if and only if it is fixed by every element of G, which is if and only if G ≤ An,i.e. the Galois group is a subgroup of An if and only if the discriminant is a square in Q.

Now we will check below that the discriminant of X4 + aX + b is ∆ = 44b3 − 33a4. In particular,for f(X) = X4 −X − 1, we have discriminant ∆ = −283, which certainly has no square root in Q.Hence the Galois group of f(X) is not a subgroup of A4.

It remains only to prove the claim concerning the discriminant of X4 + aX + b, whose roots welabel α1, . . . , α4. As before, by comparing coefficients we get

s1 =∑

αi = 0,

s2 =∑

αiαj = 0,

s3 =∑

αiαjαk = −a,s4 = α1α2α3α4 = b.

Now we use the Vandermonde determinant (from 1st year Linear Algebra) to compute the discrim-inant. We have

∆ = δ2 = det

1 1 1 1α1 α2 α3 α4

α21 α2

2 α23 α2

4

α31 α3

2 α33 α3

4

2

= det

1 1 1 1α1 α2 α3 α4

α21 α2

2 α23 α2

4

α31 α3

2 α33 α3

4

1 α1 α21 α3

1

1 α2 α22 α3

2

1 α3 α23 α3

3

1 α4 α24 α3

4

= det

4

∑αi

∑α2

i

∑α3

i∑αi

∑α2

i

∑α3

i

∑α4

i∑α2

i

∑α3

i

∑α4

i

∑α5

i∑α3

i

∑α4

i

∑α5

i

∑α6

i

.

64

Then we compute ∑αi = s1 = 0,∑α2

i =(∑

αi

)2− 2

∑αiαj = s21 − 2s2 = 0,∑

α3i =

(∑αi

)3− 3

∑α2

iαj − 6∑

αiαjαk

= s31 − 3[(∑

αi

) (∑αiαj

)− 3

∑αiαjαk

]− 6s3

= s31 − 3s1s2 + 3s3 = −3a.

For the remaining calculations, we use the fact that each αi is a root of X4 + aX + b, so thatα4

i = −aαi − b and, similarly, α5i = −aα2

i − bαi etc. Hence, using the calculations above,∑α4

i = −a∑

αi − b∑

1 = −as1 − 4b = −4b,∑α5

i = −a∑

α2i − b

∑αi = 0,∑

α6i = −a

∑α3

i − b∑

α2i = 3a2.

Finally we can substitute into the determinant to get

∆ = det

4 0 0 −3a0 0 −3a −40 −3a −4 0−3a −4 03a2

= 4det

0 −3a −4−3a −4 0−4 03a2

− 0 + 0− (−3a)det

0 0 −3a0 −3a −4−3a −4 0

= 4

[43b3 − 33a4

]+ 3a(33a3)

= 44b3 − 33a4.

65