Rocco Chirivì · Ilaria Del Corso Roberto Dvornicich ...webéducation.com/wp-content/uploads/2020/03/La...1 Fundamentals 1.1 Sets The concept of a set is a primitive notion; we shall

Selected Exercises in AlgebraVolume 1

Rocco Chirivì · Ilaria Del Corso Roberto Dvornicich

UNITEXT 119

UNITEXT - La Matematica per il 3+2

Volume 119

Editor-in-ChiefAlfio Quarteroni, Politecnico di Milano, Milan, Italy; EPFL, Lausanne,Switzerland

Series EditorsLuigi Ambrosio, Scuola Normale Superiore, Pisa, ItalyPaolo Biscari, Politecnico di Milano, Milan, ItalyCiro Ciliberto, Università di Roma “Tor Vergata”, Rome, ItalyCamillo De Lellis, Institute for Advanced Study, Princeton, NJ, USAVictor Panaretos, Institute of Mathematics, EPFL, Lausanne, SwitzerlandWolfgang J. Runggaldier, Università di Padova, Padova, Italy

The UNITEXT - La Matematica per il 3+2 series is designed for undergraduateand graduate academic courses, and also includes advanced textbooks at a researchlevel. Originally released in Italian, the series now publishes textbooks in Englishaddressed to students in mathematics worldwide. Some of the most successful booksin the series have evolved through several editions, adapting to the evolution ofteaching curricula. Submissions must include at least 3 sample chapters, a table ofcontents, and a preface outlining the aims and scope of the book, how the book fitsin with the current literature, and which courses the book is suitable for.

More information about this subseries at http://www.springer.com/series/5418

Rocco Chirivı • Ilaria Del Corso •Roberto Dvornicich

Selected Exercisesin AlgebraVolume 1

Rocco ChirivıDipartimento di Matematica e FisicaUniversity of SalentoLecce, Italy

Ilaria Del CorsoDipartimento di MatematicaUniversity of PisaPisa, Italy

Roberto DvornicichDipartimento di MatematicaUniversity of PisaPisa, Italy

Translated byAlessandra CaraceniOxford, UK

ISSN 2038-5714 ISSN 2532-3318 (electronic)UNITEXTISSN 2038-5722 ISSN 2038-5757 (electronic)La Matematica per il 3+2ISBN 978-3-030-36155-6 ISBN 978-3-030-36156-3 (eBook)https://doi.org/10.1007/978-3-030-36156-3

© Springer Nature Switzerland AG 2020This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part ofthe material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,broadcasting, reproduction on microfilms or in any other physical way, and transmission or informationstorage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodologynow known or hereafter developed.The use of general descriptive names, registered names, trademarks, service marks, etc. in this publicationdoes not imply, even in the absence of a specific statement, that such names are exempt from the relevantprotective laws and regulations and therefore free for general use.The publisher, the authors and the editors are safe to assume that the advice and information in this bookare believed to be true and accurate at the date of publication. Neither the publisher nor the authors orthe editors give a warranty, expressed or implied, with respect to the material contained herein or for anyerrors or omissions that may have been made. The publisher remains neutral with regard to jurisdictionalclaims in published maps and institutional affiliations.

This Springer imprint is published by the registered company Springer Nature Switzerland AG.The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

“The nice thing about mathematics is doingmathematics.”

—Pierre Deligne

To Andrea, who knows what mathematics isRocco

To Francesca, with a wish that she will beable to find and nurture her passions

IlariaTo young people who already love or mightcome to love mathematics

Roberto

Preface

This is a book of exercises in algebra, accompanied by notes covering the relevanttheory to be used as a reference for the solutions proposed. It is the result of severaldecades of experience of teaching the subject at the University of Pisa. It collectsexam questions set over the years, along with their solutions.

The reason for us to write this book is the idea that Mathematics can only belearned by rediscovering it, which is most effectively done by working out one’sown solutions. Moreover, we believe these exercises possess some features thatdifferentiate them from those of most other books. The first is the lack of “duplicate”questions: there are no exercises that only differ by the value of certain parameters,and whose solutions are hence essentially the same. The second—and perhapscrucial—characteristic is that here no exercise is solved mechanically, by rote. Onthe contrary, solving each exercise requires a clever idea.

Anyone who has grappled with mathematics knows that this approach has adramatic impact on both the level of challenge posed by a problem, and also on itsintrinsic value. The insight gained by solving an exercise which requires an originalidea is infinitely superior to what comes from merely applying methods we havelearnt. We also like to think of the ideas necessary for solving our exercises as ratherwell assorted, a fact we believe is one of the main strengths of the book. In view ofall this, one might wish to describe the present text as a collection of problems inalgebra rather than exercises.

Because of the peculiar history of the University of Pisa, whose courses are alsoattended by students of the Scuola Normale Superiore, these exercises might at timesbe more difficult than the average exam questions at other Italian universities. This,however, is not at odds with the aim of the work, which is to develop problem-solving skills and prepare students for the study of algebra in the best way possible.We therefore hope that the reader will take this very important advice to heart:do not give in to temptation and look up the solution to a problem if you havenot spent a long time trying to solve it yourself. Understanding a ready-madesolution, even an elegant one, does not foster real mathematical growth. As we

ix

x Preface

have already mentioned, in order to learn mathematics one must do mathematics.Actively seeking a solution is what expands our understanding and what lets usdiscover the links between concepts, the web of connections that are fundamentalfor true learning. We also hope to intrigue students and prompt them to dig deeperinto the topics that are only briefly mentioned in each question.

The book’s structure mirrors the way that algebra is taught during the firstyears of a maths degree at the University of Pisa. This structure is the result ofhistorical developments starting from the time when all basic notions in algebrawere bundled into a single first-year course. Following the split of Bachelor’s andMaster’s degrees, those contents were divided into two: one part resulted in the first-year “Arithmetic” course, and the other, initially taught under the name “AlgebraicStructures”, now constitutes the second-year “Algebra 1” course. The two blockscorrespond exactly to the two volumes of this book.

The volume dedicated to “Arithmetic” is mostly concerned with elementary toolssuch as induction, elements of combinatorics, integer numbers and congruences,followed by an introduction to the basic properties of algebraic structures: Abeliangroups, rings, polynomials and their roots, field extensions and finite fields. Inthe second volume, which corresponds to the “Algebraic Structures” and “Algebra1” courses, we delve deeper into the theory of groups, commutative rings—witha particular emphasis on unique factorisation—and field extensions, as well asintroducing the fundamentals of Galois theory.

Each part is accompanied by notes on the theory. Although exhaustive, they donot attempt to make up for an algebra textbook, but rather provide the necessaryframework to the exercises. They should, in particular, recall relevant results withoutproviding any proofs. (For further information the reader may instead turn, forexample, to Herstein’s “Topics in Algebra”, Wiley & Sons, or Artin’s “Algebra”,Pearson.)

This book also includes a series of preliminary exercises. These should be tackledfirst since their results will often be needed in subsequent problems. We also stressthat all solutions provided do not require any theoretical tools other than thoserecalled in the introductory chapters and the preliminary exercises. Invoking moreadvanced theorems would simplify certain solutions and occasionally render anexercise trivial, but doing so would be contrary to the very spirit of this work.

Acknowledgements We wish to thank Ciro Ciliberto for the support, FrancescaBonadei at Springer Italia for the precious assistance and all the students whoattended our lectures and busied themselves with the exercises during exams.

Updates We warmly invite readers to provide us with feedback and point outmistakes (which, in a book containing the detailed solutions to 250+ exercises,are almost inevitably to be found) by contacting us at the addresses: [email protected] or [email protected] or [email protected].

Preface xi

Updates and corrections will appear on the web page http://www.dmf.unisalento.it/~chirivi/libroEserciziAlgebra.html.

Lecce, Italy Rocco ChirivìPisa, Italy Ilaria Del CorsoPisa, Italy Roberto DvornicichJune 2017

Preface to the English Edition

This is the English translation of our book Esercizi Scelti di Algebra, Volume 1. Wehave taken the opportunity of the translation to correct some typos and inaccuraciespresent in the first edition in Italian.

We would like to express our deep gratitude to our translator AlessandraCaraceni; her impressive work, based on profound mathematical competence, hasgone far beyond an impeccable translation.

Lecce, Italy Rocco ChirivìPisa, Italy Ilaria Del CorsoPisa, Italy Roberto DvornicichOctober 2019

xiii

Contents

1 Theory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Fundamentals .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

1.1 Sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.2 Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.3 Relations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51.4 The Principle of Induction .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71.5 Operations .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81.6 Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

2 Combinatorics .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 Integers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

3.1 Divisibility of Integers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153.2 Congruences.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173.3 Modular Arithmetic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

4 Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244.1 Definition and Basic Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244.2 Subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254.3 Product of Subgroups .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264.4 Cosets of a Subgroup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274.5 Normal Subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284.6 The Symmetric Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294.7 Group Homomorphisms .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304.8 Direct Product of Groups .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

5 Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345.1 Definition and Basic Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345.2 Subrings, Ideals and Quotients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355.3 Polynomial Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375.4 Divisibility of Polynomials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395.5 Polynomial Factorisation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415.6 Quotients of Polynomial Rings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

xv

xvi Contents

6 Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456.1 Characteristic of a Field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456.2 Multiplicative Group.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466.3 Field Extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466.4 Splitting Field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486.5 Finite Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

7 Preliminary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

2 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 Sequences.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692 Combinatorics .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 713 Congruences .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 774 Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 855 Rings and Fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

3 Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 991 Sequences.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 992 Combinatorics .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1063 Congruences .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1344 Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1745 Rings and Fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235

Chapter 1Theory

1 Fundamentals

1.1 Sets

The concept of a set is a primitive notion; we shall neither attempt to define it norgive an axiomatic presentation of set theory. We shall instead adopt the naïve viewof a set as a collection of objects, called its elements. The only property one canascribe to a set X is that it is possible to determine whether or not an object x is anelement of X: if it is, we write x ∈ X and say that x belongs to X. If x is not anelement of X, we write x �∈ X and say that x does not belong to X. Also, two setsX and Y are said to be equal if they contain the same elements. There is but one setcontaining no elements, that is, the empty set, denoted by ∅.

A set X is a subset of a set Y if every element of X is an element of Y , in whichcase we write X ⊆ Y ; conversely, by X � Y we mean that X is not a subset of Y .The empty set is a subset of every set X (that is, ∅ ⊆ X), and naturally we also haveX ⊆ X. The family of all subsets of X is denoted by P(X) and is called the powerset of X. The sets ∅ and X are therefore elements of P(X).

A subset X of a set Y is often defined by means of some property p; we shallwrite

X.= {y ∈ Y |p(y)}

to mean that X is the set of elements of Y that satisfy property p.The union X ∪ Y of two sets X and Y is the set of all elements that belong to X

or to Y ; that is,

x ∈ X ∪ Y if and only if x ∈ X or x ∈ Y.

© Springer Nature Switzerland AG 2020R. Chirivì et al., Selected Exercises in Algebra, UNITEXT 119,https://doi.org/10.1007/978-3-030-36156-3_1

1

2 1 Theory

Note that the word “or” is used here as an inclusive disjunction: an element of X∪Y

may belong to both X and Y . In this sense the connective “or” is akin to the Latinconjunction vel.

The intersection X ∩ Y is the set of elements belonging to both X and Y :

x ∈ X ∩ Y if and only if x ∈ X and x ∈ Y.

One can take unions and intersections of any number of sets: if F is a family ofsets, we have

x ∈⋃

X∈FX if and only if there exists a set X in F such that x ∈ X

and, similarly,

x ∈⋂

X∈FX if and only if for all X in F we have x ∈ X.

Proposition 1.1 Union and intersection are distributive over each other: giventhree sets X, Y and Z we have

X ∩ (Y ∪ Z) = (X ∩ Y ) ∪ (X ∩ Z) and X ∪ (Y ∩ Z) = (X ∪ Y ) ∩ (X ∪ Z).

Two sets X, Y with no element in common, i.e. such that X ∩ Y = ∅, are calleddisjoint. Each subset X of Y is disjoint from its complement Y \X, which is the setof elements of Y that do not belong to X. If two sets X and Y are disjoint we shallsometimes write X � Y for their union, and hence call it a disjoint union.

Operations on sets are related in a straightforward manner to logical operationson propositions, as clarified by the following

Proposition 1.2 Given a set Z and two subsets X = {x ∈ Z |p(x)} and Y = {y ∈Z | q(y)} of Z we have

(i) X ∪ Y = {z ∈ Z |p(z) or q(z)},(ii) X ∩ Y = {z ∈ Z |p(z) and q(z)},

(iii) Z \X = {z ∈ Z | not p(z)},(iv) X ⊆ Y if and only if p(z) implies q(z) for all z in Z.

Proposition 1.3 Given a set Z and two subsets X and Y of Z, De Morgan’s lawshold:

Z \ (X ∪ Y ) = (Z \X) ∩ (Z \ Y ) and Z \ (X ∩ Y ) = (Z \X) ∪ (Z \ Y );

that is, taking the complement changes unions into intersections and vice-versa.

The set of all ordered pairs (x, y), where x is an element of X and y an elementof Y , is denoted by X × Y and called the Cartesian product of X and Y . The same

1 Fundamentals 3

construction can be performed on any number of sets: X1 × X2 × · · · × Xn is theset of ordered n-tuples (x1, x2, . . . , xn) with x1 ∈ X1, x2 ∈ X2, . . ., xn ∈ Xn. Weshall, for the sake of brevity, denote by Xn the Cartesian product of n copies of X.

1.2 Maps

A map from a set X to a set Y is some recipe that assigns to each element of X

a unique element of Y . More formally, a map f from X to Y is a subset of theCartesian product X×Y with the property that for each x ∈ X there exists a uniquey ∈ Y such that (x, y) ∈ f ; the set X is called the domain of f and Y is the

codomain of f . We shall write f : X −→ Y or Xf−→ Y to express that f ⊆

X × Y is a map from X to Y , and always use the functional notations f (x) = y or

f : x −→ y or xf−→ y rather than (x, y) ∈ f .

When f (x) = y we shall say interchangeably that y is the image of x, or that f

sends or maps x to y, or even that y is obtained from x via f . The subset Im(f ) ={f (x) | x ∈ X} ⊆ Y of elements of Y reached by f starting from some x in X iscalled the image of f . Notice that, as implied by the definition, two maps f andg are equal if and only if they have same domain and codomain and are such thatf (x) = g(x) for all x in the domain.

Given a subset A of X we call f (A) the image of A under f , that is, the set of allelements of the form f (a) for some a in A. Conversely, given a subset B of Y , wedenote by f−1(B) the set of x in X such that f (x) ∈ B, and call it the pre-imageof B under f . Taking images and pre-images of sets is in a sense compatible withtaking unions and intersections, as detailed by the following

Proposition 1.4 Taking pre-images commutes with unions and intersections

f−1(A ∪ B) = f−1(A) ∪ f−1(B), f−1(A ∩ B) = f−1(A) ∩ f−1(B)

while taking images only commutes with unions

f (A ∪ B) = f (A) ∪ f (B).

Moreover,

f (A ∩ B) ⊆ f (A) ∩ f (B);

note that in this case we only have an inclusion rather than an equality: the setf (A ∩ B) can be a proper subset of f (A) ∩ f (B).

4 1 Theory

Given two maps Xf−→ Y and Y

g−→ Z, the composite g ◦ f of f and g is themap from X to Z defined by the rule

X � xg◦f−→ g(f (x)) ∈ Z.

Proposition 1.5 The composition of maps is associative: given maps f , g and h

such that the composites g ◦ f and h ◦ g are well defined, we have h ◦ (g ◦ f ) =(h ◦ g) ◦ f .

A map which sends any two distinct elements of X to distinct elements of Y iscalled injective or one-to-one . In order to stress the injectivity of a map from X toY , we may write X ↪−→ Y . A map such that every element y of Y is the image ofsome x in X is said to be surjective or onto; equivalently, f : X→ Y is surjectivewhen Im(f ) = Y . A surjective map is denoted by X −→→ Y . When a map f is bothinjective and surjective we shall say that f is bijective, and occasionally express thisby writing f : X ∼

�� Y .

Proposition 1.6 The composite of injective maps is injective and the compositeof surjective maps is surjective. In particular, the composite of bijective maps isbijective.

When X is a subset of a set Y we may define the inclusion map X � xiX−→

x ∈ Y , which is clearly injective. In particular, the inclusion of X into X itself iscalled the identity map and is denoted by IdX, or simply Id when not ambiguous;the identity is a bijective map.

Given a subset X of a set Y and a map f from Y to a set Z, the restriction of f

to X is the map X � xf|X−→ f (x) ∈ Z; clearly, we have f|X = f ◦ iX

Given a map f from a set X to a set Y , an inverse of f is a map Yg−→ X such

that g ◦ f = IdX and f ◦ g = IdY . A map for which an inverse exists is calledinvertible. Not all maps admit an inverse, and in fact

Proposition 1.7 A map is invertible if and only if it is bijective. Moreover, if a mapis invertible then its inverse is unique.

For an invertible map f we shall denote by f−1 the unique inverse of f .

Given a map Xf−→ X we denote by Xf the set of fixed points of f , that is,

Xf = {x ∈ X | f (x) = x}; we shall also use the notation Fix(f ).A bijective map from a set X to itself is called a permutation. The set of

permutations S(X) of X will assume an important role in our study of algebra.In general, the set of all maps X −→ Y is denoted by YX.

A diagramme of sets and maps is said to be commutative if composing mapsalong any two paths of arrows starting and ending at common places yields the

1 Fundamentals 5

same map. For example, the following diagramme

Xf

g

Y

h

Ai

B

is commutative if and only if (h ◦ f )x = (i ◦ g)x for all x in X.

1.3 Relations

Let X be a set and R a subset of the Cartesian product X×X. The set R correspondsto the relation ∼R, or simply ∼ when no ambiguity arises, defined on X by settingx ∼R y if and only if (x, y) ∈ R. Of particular importance are equivalence relations.A relation ∼ is an equivalence relation if it satisfies the following properties:

(i) reflexivity: x ∼ x for all x ∈ X,(ii) symmetry: if x ∼ y then y ∼ x,

(iii) transitivity: if x ∼ y and y ∼ z then x ∼ z.

Notice that equality itself is an equivalence relation; as a matter of fact, it might helpto think of general equivalence relations as “weaker” versions of equality. Given anelement x ∈ X and an equivalence relation ∼ on X, the equivalence class of x isthe set C�(x) of y ∈ X such that x ∼ y. Any two distinct equivalence classes aredisjoint and the union of all equivalence classes of elements of X is the set X itself.

Let us now introduce further terminology closely linked to relations. A partitionof a set X is a family P of nonempty subsets of X satisfying the followingproperties:

(i) any two distinct sets in P are disjoint,(ii) the union of all sets in P is X.

There is a perfect correspondence between equivalence relations and partitions inthe sense of the following

Theorem 1.8 Given an equivalence relation∼ on a set X, the family of equivalenceclasses under ∼ is a partition of X. Conversely, given a partition P of a set X, therelation ∼ defined by

x ∼ y if and only if there exists C ∈ P such that x, y ∈ C

is an equivalence relation on X whose equivalence classes are the sets of thepartition P .

6 1 Theory

The family of the equivalence classes under a relation∼ on X is called the quotientset of X by ∼ and is denoted by X/∼. Moreover, the map

X � xπ−→ C�(x) ∈ X/∼

which sends any element x to its equivalence class is called the quotient map.

A map Xf−→ Y is said to be compatible with the equivalence relation∼ on X if

f (x) = f (y) for all x, y ∈ X such that x ∼ y. If f is compatible with∼, then thereexists a unique map f such that f = f ◦ π ; in other words, f makes the followingdiagramme commutative:

Xf

π

Y.

X/

f

The same property may be expressed by saying that f passes to the quotient. Weshall sometimes define a map f directly as C�(x) −→ f (x); when doing so, oneneeds to check that f is well defined, that is, that f is compatible with ∼.

When two relations ∼ and ∼′ on a set X are such that x ∼ y implies x ∼′ y,the partition P induced by ∼ is finer than the partition P ′ induced by ∼′: in otherwords, for each class C ∈ P there exists a class C′ ∈ P ′ such that C ⊆ C′. Theassociation C −→ C′ thus defined is a surjective map ε that renders the followingdiagramme commutative:

X

π π

X/ X/ .

A set of representatives R for an equivalence relation ∼ on X is a subset ofX such that restricting the projection map to R yields a bijection between R andX/∼. That is, R has been assembled by selecting, for each equivalence class, aunique representative in X.

Other important relations we shall frequently use are order relations, or simplyorders. An order relation on a set X is a relation ≤ which is

(i) reflexive: x ≤ x for all x ∈ X,(ii) anti-symmetric : if x ≤ y and y ≤ x then x = y,

(iii) transitive if x ≤ y and y ≤ z then x ≤ z.

1 Fundamentals 7

Notice we do not require all elements of X to be comparable to each other: it mayindeed be that neither x ≤ y nor y ≤ x for some x, y in X. If for all x, y ∈ X we dohave x ≤ y or y ≤ x then the relation is a total order. Sometimes, when we need toemphasise that a certain order relation might not be a total order, we shall call it apartial order .

A strict order is a relation < on X which is

(i) irreflexive: there is no x ∈ X such that x < x, and(ii) transitive: if x < y and y < z then x < z.

Each order relation corresponds to a strict order and vice-versa. Indeed, given anorder ≤, by setting x < y whenever x ≤ y and x �= y, we create a strict order <;conversely, given a strict order < we may set x ≤ y whenever x < y or x = y

to recover an order relation. This correspondence between ≤ and < will be tacitlyexploited throughout the book.

1.4 The Principle of Induction

We shall denote by N the set of natural numbers {0, 1, 2, . . .}; we will not givean axiomatic presentation of natural numbers but rather take their basic propertiesas a given. Let us only mention that one possible formalisation is the one due toGiuseppe Peano, and briefly remind the reader of its fundamental fifth axiom, theso-called induction principle:

Axiom 1.9 (Induction Principle) Let p(n) be a property depending on a naturalnumber n; suppose that p(0) holds and that for all m in N we have that p(m) impliesp(m+ 1). Then p(n) holds for all n.

When using this principle to prove a statement, verifying that p(0) holds is oftencalled the base (of the induction), while proving that p(m) implies p(m + 1)

constitutes the inductive step. The principle of induction may be stated under variousequivalent forms. For example,

Proposition 1.10 (Induction Principle—Second Form) Let p(n) be a propertydepending on a natural number n; suppose that p(0) holds and that for all naturalnumbers m we have that p(m + 1) is implied by the conjunction of p(0), p(1), . . .,p(m− 1), p(m). Then p(n) holds for all n.

In this second version we may assume that p(0), p(1), . . ., p(m) all hold in orderto prove p(m+ 1) in the inductive step.

Another equivalent formulation which can prove useful is the so-called well-ordering principle

Proposition 1.11 (Well-Ordering Principle) Every nonempty subset A of N con-tains a least element, i.e. an element a ∈ A such that a ≤ b for all b ∈ A.

8 1 Theory

We shall call a sequence in a set X a map N −→ X; we will use the notation(an)n rather than n −→ an when dealing with sequences.

We now wish to define a sequence (an)n in X by choosing its initial value a0 =x ∈ X and, for each n, by somehow constructing the term an+1 from the precedingterms a0, a1, . . . , an−1, an. This may be done by considering maps fn : Xn −→ X

with n ≥ 1 and setting an+1 = fn+1(a0, a1, . . . , an−1, an) for each n. When asequence (an)n is constructed in this way, we shall say it is recursive or definedby recursion. The fact that the process of recursion is well-founded constitutes yetanother equivalent form of the principle of induction:

Proposition 1.12 (Principle of Recursion) Let X be a set and x an element of X;suppose we are given, for each n ∈ N, a map fn : Xn −→ X. Then there is aunique sequence (an)n for which a0 = x and an+1 = fn+1(a0, a1, . . . , an−1, an)

for all n ∈ N.

An example of a recursive definition is given by the sequence (Fn)n of Fibonaccinumbers: these are defined so that F0 = 0, F1 = 1 and, for all n ≥ 1, Fn+1 =Fn + Fn−1. The first few terms of the sequence are

0, 1, 1, 2, 3, 5, 8, 13, 21, . . .

This definition befits the framework of the proposition above by taking X = N,x = 0, f1(a0) = 1 and fn+1(a0, a1, a2, . . . , an) = an−1 + an for all n ≥ 1.

1.5 Operations

Our study of algebra is mainly concerned with sets on which operations havingcertain properties can be defined in a natural way. An operation on a set X is amap from the Cartesian product X × X to X. Instead of denoting operations as wegenerally denote maps, we shall typically indicate the result of some operation ◦,applied to an ordered pair (x, y) of elements of X, by x ◦ y; the operation ◦ is thusthe map

X ×X � (x, y)◦−→ x ◦ y ∈ X.

We shall also say that x ◦ y is the composition of x and y via the operation ◦.An operation ◦ is said to be associative if (x◦y)◦z = x◦(y◦z) for all x, y, z ∈ X.

Given n elements x1, x2, . . . , xn of X and an associative operation ◦, one can givean unambiguous meaning to the expression x1 ◦ x2 ◦ · · · ◦ xn; indeed, pairing upelements arbitrarily will always yield the same final result.

An operation ◦ is said to be commutative if x ◦ y = y ◦ x for all x, y ∈ X. If anoperation is both commutative and associative then the composition x1 ◦x2 ◦ · · ·◦xn

does not depend on the order of its terms.

1 Fundamentals 9

A neutral element e for an operation ◦ on a set X is an element of X such thate ◦ x = x ◦ e = x for all x ∈ X. One can easily prove that, if an operation admits aneutral element, then such an element is unique.

When an operation ◦ admits a neutral element e, we say that y is a left inverse ofx if y ◦x = e. Similarly, a right inverse of x is an element y such that x ◦y = e and,finally, an inverse of x is an element which is both a left inverse and a right inverseof x.

Given an operation ◦ on a set X and a subset Y of X, we say that Y is closedunder ◦ if for all pairs of elements y1, y2 in Y we have y1 ◦ y2 ∈ Y . If Y is closedunder ◦, then we may restrict ◦ to an operation on Y by setting Y×Y � (y1, y2) −→y1 ◦ y2 ∈ Y . Usually, the operation restricted to Y is denoted by the same symbol asthe operation on X.

Given two operations ◦ and + on a set X, we say ◦ distributes over + if for allx, y, z ∈ X we have (x+y)◦z = (x ◦z)+ (y ◦z) and x ◦ (y+z) = (x ◦y)+ (x ◦z).

1.6 Numbers

Throughout the book we shall use several number sets, mostly as examples ofalgebraic structures. These can all be constructed from the set of natural numbersintroduced in Sect. 1.4. For instance, the set Z of integers can be seen as “naturalnumbers endowed with a sign” and can be formally defined as N × N modulo theequivalence relation ∼ such that (n,m) ∼ (h, k) if and only if n + k = m + h.Indeed, the equivalence class of (n,m) under ∼ is the integer n −m. Addition andmultiplication of natural numbers can be extended to integers. Moreover, while theequation x + a = b can be solved within the set of natural numbers if and only ifa ≤ b, it always admits the solution b − a in the set of integers.

The set Q of rational numbers can be constructed in a similar way, by takingZ × (Z \ {0}) modulo the equivalence relation ∼, where we set (n,m) ∼ (h, k) ifnk = mh; the equivalence class of (n,m) is the rational number n/m. Once more,the operations on Z can be extended to Q. While the equation ax = b is solvable inZ if and only if b is a multiple of a, it is always possible to find a solution in Q aslong as a �= 0: in particular, one has the rational solution b/a. There are, however,equations that do not admit rational solutions, such as x2 − 2 = 0.

One may perform another extension and introduce the set R of real numbers.Constructing the set R proves rather more complicated. Although the Greeks hadalready understood several properties of real numbers, which they investigatedwithin the scope of what they called the “theory of proportions”, it was not untilthe end of the 19th century that a formal definition was given. Here we shall merelymention that several different routes are possible; for example, employing Cauchysequences of rationals or Dedekind cuts. Both options involve “completing” Q

by including all quantities that may be approximated with arbitrary precision byrational numbers, but do not belong to Q. For example, R contains the number

√2,

which is a solution to the equation x2 − 2 = 0 above. Even at this juncture the task

10 1 Theory

of rendering all polynomial equations solvable is not yet complete: the equationx2 + 1 = 0, for example, still has no solution even over the reals, since the squareof a real number can never be negative.

We shall now spend a few words discussing the next step in this sequenceof extensions, i.e. complex numbers. The definition does not pose any seriousdifficulty, once the set of real numbers has been constructed. Indeed, we shallcall any ordered pair (a, b) of real numbers a complex number. Traditionally, thecomplex number (a, b) is denoted by a + ib; the symbol i is called the imaginaryunit, the number a is called the real part and the number b the imaginary part.Addition and multiplication of complex numbers are defined as follows:

(a + ib)+ (c+ id) = (a + c)+ i(b + d)

(a + ib)(c+ id) = (ac− bd)+ i(ad + bc).

By considering complex numbers of the form a + i · 0, one immediately findsthat the set of real numbers can be naturally identified with a subset of the set C ofcomplex numbers. One can easily show that, under this identification, the operationson C extend the operations on real numbers. The definition given above for theproduct of two complex numbers is devised in order to have i2 = (0+ i · 1)2 = −1:the number −1 now has a square root. In other words, the equation x2 + 1 = 0admits the two complex solutions ±i.

A complex number of the form 0+ib is called (purely) imaginary. It is sometimesuseful to think of complex numbers as points in a Cartesian plane, called the complexplane, whose x-axis is that of real numbers and whose y-axis contains purelyimaginary numbers: a complex number a + ib has abscissa a and ordinate b inthe complex plane. According to this representation, the origin corresponds to thenumber 0 = 0 + i · 0, which is the addition’s neutral element. The notation forcomplex numbers we have been discussing so far is called algebraic form.

Given a complex number z = a + ib we shall call the number z = a − ib

the complex conjugate of z. The point corresponding to z is the symmetric pointof z with respect to the real axis in the complex plane. The distance between thepoint z and the origin is given by the quantity |z| = √a2 + b2 and is called themodulus of z. Notice that we have |z|2 = z · z; from this, one can obtain the formula1/z = z/|z|2 for the inverse of a nonzero complex number z. In particular, fora complex number whose modulus is equal to 1 (a point on the unit circle in thecomplex plane), z−1 = z.

If z �= 0, we denote by θ the argument of z, that is, the angle between the positivereal axis and the segment joining the point z to the origin 0; we then have

z = |z|(cos θ + i sin θ).

Euler’s formula

eiθ = cos θ + i sin θ,

1 Fundamentals 11

is the fundamental relationship between the complex exponential map and thetrigonometric functions. It allows us to express a complex number z in its polarform

z = |z|eiθ .

When z = 0 the argument θ is not defined, but whenever z �= 0 the polar formfor z is unique up to adding integer multiples of 2π to θ . Notice that, as θ varies,the complex number |z|eiθ moves along the circle with centre 0 and radius |z|. Inparticular, by Euler’s formula we know that the map θ −→ eiθ parametrises the unitcircle.

The polar form is especially well suited to compute powers of a complex number.Indeed, we can immediately obtain that, given a complex number z = |z|eiθ and aninteger n, we have

zn = |z|neinθ ;

in other words, zn is the complex number whose modulus is |z|n and whoseargument is nθ . Analogously we can find the nth roots of z, i.e. the complex numbersζ such that ζ n = z, by

n√|z|ei θ+2kπ

n , with k = 0, 1, 2, . . . , n− 1.

Notice that, when z �= 0, the number of distinct nth roots of z is n. If we set z = 1,the formula above gives the nth roots of unity, which will be especially importantfor our purposes:

e2πik/n = cos2πk

n+ i sin

2πk

n, with k = 0, 1, 2, . . . , n− 1.

Also notice that, setting ζn = e2πi/n, all nth roots of unity can be obtained as 1, ζn,ζ 2n , . . ., ζ n−1

n .We shall conclude this brief introduction to number sets by remarking that every

equation of the form

anxn + an−1x

n−1 + · · · + a1x + a0 = 0,

where a0, a1, . . . , an−1, an are complex numbers and an �= 0, admits a solution inC if n > 0: there is no further need to extend the set of numbers to solve polynomialequations. Throughout the rest of the book we shall study polynomial equationsin detail, focusing on the process—encountered several times in this section—ofextending number sets by adding solutions to certain equations.

Finally, notice that the familiar addition and multiplication between integer,rational, real and complex numbers are associative and commutative. In all cases theneutral element for the addition operation is always the number 0 and the additive

12 1 Theory

inverse of a number a is denoted by −a. The multiplication operation has 1 asneutral element and distributes over addition.

2 Combinatorics

A set X is finite if it has a finite number of elements; we call this number thecardinality of X and denote it by |X|. When X is not finite we say it is infiniteand has infinite cardinality. Two finite sets have the same cardinality if and only ifthere is a bijection between them. In particular, X is finite with cardinality n if andonly if there is a bijective map between {1, 2, . . . , n} and X; in that case, we canenumerate the elements of X and write X = {x1, x2, . . . , xn}.

With a finer definition, one could distinguish between different cardinalities forinfinite sets; this, however, would go beyond the scope of this work: we shall becontent with the ability to distinguish infinite sets from finite ones.

A first remark one can make about finite sets is the following:

Remark 2.1 A map X −→ Y between finite sets with the same cardinality isinjective if and only if it is surjective, if and only if it is bijective.

Given two finite sets X = {x1, x2, . . . , xn} and Y = {y1, y2, . . . , ym}, theCartesian product X×Y consists of all pairs of the form (xi, yj ) with i = 1, 2, . . . , n

and j = 1, 2, . . . ,m. We therefore have

Remark 2.2 If X and Y are finite sets then

|X × Y | = |X| · |Y |.

On the other hand, if one of the two sets is infinite and the other is nonempty, thentheir Cartesian product is also infinite.

A map f : X −→ Y , where X has cardinality n, can be described completely byan n-tuple of elements of Y ; that is, there is a bijection between YX and Yn. Inparticular,

Remark 2.3 Given two finite sets X and Y that are not both empty, the cardinalityof the set YX of maps from X to Y is given by

|YX| = |Y ||X|.

On the other hand, if one of the two sets is infinite and the other one is nonempty,then YX is also infinite.

Each subset A of X has a corresponding characteristic function χA : X −→ {0, 1},constructed so that χA(x) = 1 if x ∈ A and χA(x) = 0 if x �∈ A. Subsets of X arein bijection with the set of their corresponding characteristic functions, so that

2 Combinatorics 13

Remark 2.4 If X is a finite set then the cardinality of its power set P(X) is

|P(X)| = 2|X|;

on the other hand, if X is infinite then P(X) is also infinite.

The number of injective maps from a set X with n elements to a set Y with m

elements is easy to find; one need only notice that an injective map corresponds tothe choice of n distinct elements of Y , in some order.

Remark 2.5 Let |X| = n and |Y | = m. If n > m then there are no injective mapsfrom X to Y . If n ≤ m then the number of injective maps from X to Y is m(m −1)(m− 2) · · · (m− n+ 1).

The content of this remark for n > m is sometimes expressed as follows:

Remark 2.6 (Pigeonhole Principle) If n items are put into m boxes and n > m thenthere is a box that contains more than one item.

The factorial n! of a natural number n is recursively defined by 0! = 1 and, forall n ≥ 0, (n + 1)! = (n + 1) · n!. Clearly, this is equivalent to setting n! =n · (n − 1) · · · 2 · 1. Thanks to Remark 2.1, a special case of the formula above forthe number of injective functions is given by

Remark 2.7 The number of permutations of a set of n elements is n!.As we will see later, permutations of a set with n elements form a fundamentalobject in group theory; if X = {1, 2, . . . , n}, then the set S(X) of permutationsof X is simply denoted by Sn. Thanks to the remark we just made, we know that|Sn| = n!.

The power set P(X) of a set X consisting of n elements can be partitionedaccording to the cardinality of its elements, as follows:

P(X) =n⊔

k=0

{A ⊆ X | |A| = k}.

Moreover, from the above we immediately obtain

Remark 2.8 If |X| = n and 0 ≤ k ≤ n, then the number of subsets of X havingcardinality k is

n · (n− 1) · · · (n− k + 1)

k! .

This is a fact of great importance in combinatorics. Given n ≥ 0 and 0 ≤ k ≤ n weshall define the binomial coefficient indexed by n, k as

(n

k

)= n · (n− 1) · · · (n− k + 1)

k! = n!k!(n− k)! .

14 1 Theory

Note that, in particular,(n0

) = 1: indeed, the only zero-element subset of X is theempty set. Moreover, we have

(nn

) = 1, and indeed the only n-element subset of X isX itself. It is sometimes useful to extend the meaning of the symbol

(nk

)by defining

it as 0 for all k < 0 and k > n.Binomial coefficients satisfy several useful identities; two of the main ones are

Remark 2.9 For all n ≥ 0 we have

(n

n− k

)=(

n

k

)

and also(

n+ 1

k

)=(

n

k

)+(

n

k − 1

).

The second identity can be used as a recursive definition for binomial coefficients ifwe first set

(00

) = 1 and(0k

) = 0 for all k �= 0.From the partition of P(X) according to cardinalities we obtain one more

identity:

Remark 2.10 For all natural numbers n we have

n∑

k=0

(n

k

)= 2n.

It is common to arrange binomial coefficients into a triangle whose rows consist ofthe values of

(nk

)for a fixed n. The first six rows of this triangle, called Pascal’s

triangle, are

11 1

1 2 11 3 3 1

1 4 6 4 11 5 10 10 5 1

Binomial coefficients appear in the algebraic expansion of the powers of binomials.

Theorem 2.11 (Binomial Theorem) Given two numbers a and b and a non-negative integer n, we have

(a + b)n =n∑

k=0

(n

k

)akbn−k.

3 Integers 15

Actually, the formula above holds for all elements a, b of any commutative ring: wewill mention this again in the chapter about rings.

Given two subsets X1 and X2 of a set X such that X = X1 ∪X2, we have

|X| = |X1| + |X2| − |X1 ∩X2|.

This is because elements of X1∩X2 belong to both subsets and are therefore countedtwice in the sum |X1| + |X2|. The formula above is a special case of the following

Proposition 2.12 (Inclusion-Exclusion Principle) If X is a finite set andX1,X2, . . . , Xk are subsets of X such that X1 ∪ X2 ∪ · · · ∪ Xk = X then wehave

|X| =∑

(−1)h+1|Xi1 ∩Xi2 ∩ · · · ∩Xih |,

where the sum is over h = 1, . . . , k and all h-tuples (i1, i2, . . . , ih) with 1 ≤ i1 <

i2 < · · · < ih ≤ n.

For example, the case k = 3 of the inclusion-exclusion formula above is

|X| = |X1| + |X2| + |X3| − |X1 ∩X2| − |X1 ∩X3| − |X2 ∩X3| + |X1 ∩X2 ∩X3|.

Naturally, if we assume that {X1,X2, . . . , Xk} is a partition of the set X, then wehave

|X| = |X1| + |X2| + . . .+ |Xk|.

3 Integers

3.1 Divisibility of Integers

At the foundation of integer arithmetic is the concept of Euclidean division, whichwe recall in the following

Proposition 3.1 (Euclidean Division) Given an integer a and a positive integer m,there exist a unique integer q , called the quotient, and a unique non-negative integerr , called the remainder, such that a = q ·m+ r and 0 ≤ r < m.

If, when performing Euclidean division, we find that r = 0, then we have a = q ·mand we write m | a: we shall say that a is a multiple of m or that m is divisible by a

and we shall call m a divisor of a. If m does not divide a, then we write m � a. Onlythe integers±1 divide 1, whereas every nonzero integer divides 0.

Given two integers a and b at least one of which is nonzero, we shall call greatestcommon divisor of a and b any positive integer m such that: m is a divisor of a and

16 1 Theory

a divisor of b and, if n is a common divisor of a and b, then n divides m. UsingEuclidean division, one can show

Proposition 3.2 The greatest common divisor m of two integers at least one ofwhich is nonzero exists and is unique. Moreover, there exist two integers x and y

such that m = xa + yb; this identity is called Bézout’s identity.

We shall write (a, b) for the greatest common divisor of a and b. Remark that(a, b) = (|a|, |b|), that is, we may always assume that a and b are non-negative.In order to compute the greatest common divisor, one can use

Proposition 3.3 (Euclid’s Algorithm) Suppose a and b are non-negative integerswith a ≥ b; set r0 = a, r1 = b. If for k ≥ 1 we have rk > 0 then define rk+1recursively as the remainder in the Euclidean division of rk−1 by rk . Since r0 >

r1 > r2 > . . . ≥ 0, after a finite number of steps (n, say) we have rn = 0. Then(a, b) = rn−1.

This algorithm can be used to produce an explicit solution (x, y) of Bézout’sidentity. Iteratively replacing rk with its expression in terms of preceding remaindersuntil one gets back to the equation a = qb + r1 yields an identity involving only a,b and the last nonzero remainder rn−1 = (a, b).

Two integers are said to be relatively prime when (a, b) = 1; this, in turn, holdsif and only if there exist integers x, y such that xa + yb = 1.

Remark 3.4 (Euclid’s Lemma) If m divides the integer product a ·b and integers m

and a are relatively prime, then m divides b.

Thanks to Euclid’s lemma, we can easily find all solutions of Bézout’s identity:

Proposition 3.5 Let a, b be two integers at least one of which is nonzero; let m betheir greatest common divisor and let (x0, y0) be a solution of Bézout’s identity fora, b. Then all pairs of integers satisfying Bézout’s identity are given by

(x0 + kb

m, y0 − k

a

m), k ∈ Z.

We call linear Diophantine equation in the two integer indeterminates x and y

an equation of the form ax + by = c with integer coefficients a, b and c. Moregenerally, any equation with integer coefficients for which we seek integer solutionis called a Diophantine equation. Solving such equations is quite different fromsolving equations in the reals and usually turns out to be very difficult. We mightalmost say that the Mathematics of today is only adequate for solving linear andquadratic Diophantine equations; cubic equation already cross into a new intricateand fascinating algebraic world inhabited by such objects as elliptic curves.

In Preliminary Exercise 7, we deal with the linear case by means of Bézout’sidentity, which we use to prove

Proposition 3.6 The Diophantine equation ax + by = c has a solution if and onlyif the greatest common divisor m = (a, b) divides the constant term c. In that case,

3 Integers 17

given a solution (x0, y0), all solutions are of the form

(x0 + kb

m, y0 − k

a

m), k ∈ Z.

Let us now present the central definition in integer arithmetic. A positive integerp is said to be prime if it has exactly two positive divisors, that is, 1 and p. Notethat 1 is not prime. Given an integer n and a prime p, the greatest common divisor(p, n) can only be p (if p divides n) or 1 (if p does not divides n). It immediatelyfollows that

Remark 3.7 If a prime p divides an integer product a · b and p does not divide a,then p divides b.

A classical result from ancient Greek arithmetic states that each integer can bewritten as a product of primes in an essentially unique way; it is the

Theorem 3.8 (Fundamental Theorem of Arithmetic) Given a positive integern > 1 there exist (not necessarily distinct) primes p1, p2, . . . , pr , unique up toreordering, such that n = p1p2 · · ·pr .

Given a prime p and an integer n, we say that a power pe exactly divides n if pe

divides n and pe+1 does not divide n. In other words, pe exactly divides n if andonly if the prime p appears in the factorisation of n with exponent e.

Given two integers a and b at least one of which is nonzero, we shall definetheir least common multiple, denoted by [a, b], as a common multiple of a and b

that is divisible by every common multiple of a and b. Analogously to the greatestcommon divisor, the least common multiple exists and is unique; moreover, we have(a, b)[a, b] = ab if ab ≥ 0. The definition of least common multiple is the dual ofthat of greatest common divisor, thus the two objects share many similar properties.

3.2 Congruences

In his 1801 book “Disquisitiones Arithmeticae”, Carl Friedrich Gauss introducedwhat would turn out to be one of the most important relations between integers inelementary arithmetic. We say that an integer a is congruent to an integer b modulon, and write a ≡ b (mod n), if a − b is a multiple of n. It is easy to show that therelation of “congruence” is an equivalence relation.

The equivalence class of an integer a, that is, the set of all integers congruent toa, is denoted by [a]n and consists of the set {a + kn | k ∈ Z}. In other words, [a]nis the set of all integers having the same remainder as a in the division by n. If themodulus n can be inferred from the context, we may alternatively denote the class[a]n by a.

As is the case with all equivalence relations, congruence classes modulo n forma partition of Z. A possible set of representatives is {0, 1, 2, . . . , n − 1}: these are

18 1 Theory

called residues modulo n. Note that, in particular, the number of equivalence classesis n; naturally, any set of n integers with different remainders in the division by n isa set of representatives for the congruence classes modulo n. Remark that any set ofn consecutive integers is a set of representatives.

The quotient of Z by the congruence relation modulo n is denoted by Z/nZ. Weshall find out later, when discussing groups, the reason behind this specific notation:for now, we shall interpret it as a reminder that we are identifying integers that differby a multiple of n, that is, by an element of nZ.

Here are some properties of the relation of congruence modulo n.

Proposition 3.9 Let a and b be integers such that a ≡ b (mod n). We have

(i) (a, n) = (b, n),(ii) if m | n then a ≡ b (mod m),

(iii) if we also have a ≡ b (mod m) then a ≡ b (mod [n,m]).The second property is equivalent to the following: if n is a multiple of m then thepartition given by the congruence classes modulo n is a finer partition than that givenby the congruence classes modulo m. Indeed, we have

[a]m =⊔

h=0,1,..., nm−1

[a +mh]n.

Thus, when n is a multiple of m, there is a map from Z/nZ to Z/mZ sending theclass [a]n to [a]m, which renders the following diagramme commutative

a

a n a m

as remarked in the section about relations.The relation of congruence modulo n is compatible with integer addition and

multiplication.

Proposition 3.10 Given integers a, b, a′ and b′ such that a ≡ b (mod n) anda′ ≡ b′ (mod n), we have a + a′ ≡ b + b′ (mod n) and a · a′ ≡ b · b′ (mod n).

In particular, if we have a ≡ b (mod n) and k is any integer, then we haveka ≡ kb (mod n). Let us also explicitly note that the converse of our previousremark is false in general: for example, 2 · 2 ≡ 2 · 0 (mod 4), but 2 �≡ 0 (mod 4).A weaker but accurate converse statement is the following

Proposition 3.11 Given integers a, b and k with k �= 0,

ka ≡ kb (mod n) implies a ≡ b (modn

(n, k)).

3 Integers 19

In particular, if the factor k and the modulus n are relatively prime, then

ka ≡ kb (mod n) if and only if a ≡ b (mod n).

In particular, in the example above what we can correctly deduce from 2 · 2 ≡ 2 · 0(mod 4) is that 2 ≡ 0 (mod 2), because 4/(4, 2) = 2.

What has been recalled so far, though elementary, already has some con-sequences that are not completely trivial. For example, by using the base 10representation of the integers together with congruences modulo 3, one can deducethe well-known divisibility rule for 3, which easily follows from 10 ≡ 1 (mod 3).One can similarly deduce divisibility rules for 2, 4, 5, 9, 11 and 25, and moreelaborate rules for 7 and 13.

A first nontrivial fact about residue classes modulo a prime is the following

Theorem 3.12 (Freshman’s Dream) Given a prime p, for all pairs of integers a

and b we have

(a + b)p ≡ ap + bp (mod p).

The proof of this theorem is immediate if one notices that all binomial coefficients(ph

), where p is prime and 1 ≤ h ≤ p − 1, are divisible by p.Using Theorem 3.12, one can prove by induction

Theorem 3.13 (Fermat’s Theorem) Given a prime p, we have

ap ≡ a (mod p)

for all integers a.

An immediate corollary of the theorem above is among the first nontrivial resultsabout prime numbers to appear after Euclid’s time:

Corollary 3.14 (Fermat’s Little Theorem) Given a prime p and an integer a suchthat a and p are relatively prime, we have ap−1 ≡ 1 (mod p).

Finding the solution of a linear congruence, that is, of an equation of the typeax ≡ b (mod n), where x is the indeterminate and a, b are integers, amounts tosolving the Diophantine equation ax + ny = b in the indeterminates x and y. Oneimmediately obtains

Proposition 3.15 The linear congruence ax ≡ b (mod n) has a solution if andonly if m = (a, n) divides b, in which case, given a solution x0, all solutions aregiven by

[x0 + kn

m]n for k = 0, 1, . . . ,m− 1.

In particular, there are m solutions modulo n.

20 1 Theory

In order to solve systems of linear congruences, the following theorem is offundamental importance.

Theorem 3.16 (Chinese Remainder Theorem) Given r nonzero integersn1, n2, . . . , nr that are pairwise relatively prime and r integers a1, a2, . . . , ar ,the system of congruences

⎧⎪⎪⎪⎨

⎪⎪⎪⎩

x ≡ a1 (mod n1)

x ≡ a2 (mod n2)...

x ≡ ar (mod nr)

has a unique solution modulo n1n2 · · · nr .

At the end of the next section, we will see how the solution of such a system canbe computed.

3.3 Modular Arithmetic

The properties of compatibility for the congruence relation modulo a nonzerointeger n that were discussed in the previous section allow us to define twooperations on the quotient set Z/nZ of residue classes modulo n.

We shall define the addition+ and the multiplication · on pairs of residue classes[a]n, [b]n by

[a]n + [b]n = [a + b]n [a]n · [b]n = [ab]n.

These operations are well defined: their result does not depend on the representativesa and b chosen in Z for the classes [a]n and [b]n, but only on the residue classesthemselves; this follows directly from Proposition 3.10.

From standard properties of the integers, one obtains the following correspondingresults:

Theorem 3.17

(i) The operations+ and · are associative, that is,

([a]n+[b]n)+[c]n = [a]n+([b]n+[c]n), ([a]n·[b]n)·[c]n = [a]n·([b]n·[c]n)

for all [a]n, [b]n, [c]n ∈ Z/nZ.(ii) The operations+ and · are commutative, that is,

[a]n + [b]n = [b]n + [a]n, [a]n · [b]n = [b]n · [a]nfor all [a]n, [b]n ∈ Z/nZ.

3 Integers 21

(iii) The addition’s neutral element is the class [0]n and the multiplication’s neutralelement is the class [1]n. Moreover, the inverse of the element [a]n ∈ Z/nZ

with respect to the operation+ is the element [−a]n ∈ Z/nZ.(iv) The operation · distributes over the operation+, that is,

[a]n · ([b]n + [c]n) = [a]n · [b]n + [a]n · [c]nfor all [a]n, [b]n, [c]n ∈ Z/nZ.

As opposed to the addition, not all classes do have an inverse for the multiplica-tion: for instance, [2]4 does not have an inverse in Z/4Z. The classes [a]n such thattheir inverse for the multiplication does exist are called invertible. The class [a]n isinvertible if there exists a class [b]n such that [a]n[b]n = [1]n. The set of invertibleclasses modulo n is denoted by (Z/nZ)∗.

The criterion for the existence of solutions of a linear congruence implies that aclass [a]n is invertible if and only if (a, n) = 1. Therefore, it is clear that the productof two invertible classes is itself invertible. In other words, the multiplication can berestricted to the subset (Z/nZ)∗ and induces an operation on (Z/nZ)∗ which willstill be denoted by ·. In the special case of congruences modulo p, where p is prime,we have (Z/pZ)∗ = Z/pZ \ {[0]p}, that is, every nonzero class is invertible.

In order to compute the inverse of a class [a]n one can use Bézout’s identity.Indeed, from (a, n) = 1 it follows that there are integers b and c, which onecan compute explicitly by means of Euclid’s algorithm, such that ab + nc = 1.Considering this equality modulo n yields ab ≡ 1 (mod n), so [b]n is the inverseof [a]n.

One may state the Chinese remainder theorem for systems of congruences in anequivalent form involving residue classes:

Theorem 3.18 Given two nonzero, relatively prime integers m and n, the map

Z/mnZ � [a]mn −→ ([a]m, [a]n) ∈ Z/mZ× Z/nZ

is bijective.

The following is a direct corollary:

Corollary 3.19 Let m and n be relatively prime, nonzero integers. The class [a]mn

is invertible if and only if [a]m and [a]n are both invertible. Moreover, the map[a]mn −→ ([a]m, [a]n) from (Z/mnZ)∗ to (Z/mZ)∗ × (Z/nZ)∗ is bijective.

The so-called Euler’s totient function n −→ φ(n) maps the integer n to thenumber φ(n) of integers between 1 and n that are coprime to n. This map playsa very important role in modular arithmetic. As seen above, φ(n) is equal to thenumber of invertible classes modulo n, that is, φ(n) also represents the cardinalityof (Z/nZ)∗. For instance, we have φ(p) = p − 1.

A map f defined on N is said to be multiplicative if, for all pairs of relativelyprime natural numbers n and m, we have f (nm) = f (n)f (m). The corollary above

22 1 Theory

implies that Euler’s totient function is multiplicative. By considering the numbersbetween 1 and pe that are not divisible by p, it is easy to see that φ(pe) = (p −1)pe−1 for all integers e ≥ 1. We have thus shown the following formula:

Remark 3.20 If n = pe11 p

e22 · · ·per

r is the prime factorisation of n, with pi �= pj fori �= j and ei ≥ 1 for all i, then

φ(n) =r∏

i=1

(pi − 1)pei−1i .

Corollary 3.14 can also be expressed as follows: if p is prime and a is notdivisible by p, then aφ(p) ≡ 1 (mod p). This form can be generalised to become

Theorem 3.21 (Euler’s Theorem) Given an integer a which is coprime to themodulus n, we have aφ(n) ≡ 1 (mod n).

We shall conclude this discussion of congruences by illustrating in detail somemethods one can use to solve linear systems of congruences whose equations havecoprime moduli, as in the statement of the Chinese remainder theorem. Consider thesystem of two congruences

{x ≡ a1 (mod n1)

x ≡ a2 (mod n2)

where n1 and n2 are relatively prime. Solving this system amounts to findingintegers u and v such that x = a1 + un1 and x = a2 + vn2. In other words, u

and v must be solutions of the linear Diophantine equation

n1u− n2v = a2 − a1.

The solution of equations of this type is fully worked out in Preliminary Exercise 7.Once we have u and v, the solution of the original system is the residue class ofx0 = a1 + un1 = a2 + vn2 modulo n1n2. We know that the solution is uniquemodulo n1n2. Equivalently, all solutions are of the form x0 + hn1n2, for h in Z.

Let us now move on to system consisting of r linear congruences, for some r ≥ 2,of the form

⎧⎪⎪⎪⎪⎪⎨

⎪⎪⎪⎪⎪⎩

x ≡ a1 (mod n1)

x ≡ a2 (mod n2)

x ≡ a3 (mod n3)...

x ≡ ar (mod nr)

3 Integers 23

where n1, n2, . . . , nr are pairwise relatively prime. The subsystem given by the firsttwo congruences can be solved with the method described above, which gives us aunique solution x0 modulo n1n2. We can then consider the equivalent system

⎧⎪⎪⎪⎨

⎪⎪⎪⎩

x ≡ x0 (mod n1n2)

x ≡ a3 (mod n3)...

x ≡ ar (mod nr)

which consists of r − 1 congruences. We repeatedly solve the first two congruencesand decrease the number of congruences in the system until we find the solution.

Let us now discuss a different method for solving the system above. We knowthat the solution is unique modulo n1n2 · · · nr . In order to produce the solution, weshall first find integers x1, x2, . . . , xr such that, for i = 1, 2, . . . , r , we have xi ≡ 0(mod nj ) for all j �= i and xi ≡ 1 (mod ni). In other words, x1, x2, . . . , xr aresolutions of the systems

⎧⎪⎪⎪⎨

⎪⎪⎪⎩

x1 ≡ 1 (mod n1)

x1 ≡ 0 (mod n2)...

x1 ≡ 0 (mod nr)

⎧⎪⎪⎪⎨

⎪⎪⎪⎩

x2 ≡ 0 (mod n1)

x2 ≡ 1 (mod n2)...

x2 ≡ 0 (mod nr)

. . .

⎧⎪⎪⎪⎨

⎪⎪⎪⎩

xr ≡ 0 (mod n1)

xr ≡ 0 (mod n2)...

xr ≡ 1 (mod nr).

Once we have solved each of these systems, it is clear that the solution of the originalsystem is given by

x0 ≡ a1x1 + a2x2 + . . .+ arxr (mod n1n2 · · ·nr).

In order to find the integer x1 (and similarly x2, . . . , xr ) it is enough to remarkthat we must have x1 = y1n2 · · · nr for some integer y1. Moreover, n2 · · · nr is aninvertible class modulo n1, given our assumptions about the moduli n1, n2, . . . , nr .We can therefore obtain y1 by solving the equation y1(n2 · · · nr) ≡ 1 (mod n1) or,equivalently, y1 ≡ (n2 · · · nr)

−1 (mod n1). This congruence is again equivalent toa linear Diophantine equation which we can solve explicitly.

This second method for solving linear systems via the auxiliary solutionsx1, x2, . . . , xr can prove especially efficient when we wish to solve several systemswhose equations have the same moduli n1, n2, . . . , nr but different constant termsa1, a2, . . . , ar .

The remarks we just made about explicit ways of computing the solutions ofa system of linear congruences will be used repeatedly, often without referencingthem, in the solutions of the exercises.

24 1 Theory

4 Groups

4.1 Definition and Basic Properties

One of the fundamental structures in algebra is that of a group. Though simpleenough to be defined in a few lines, groups truly play a crucial role: all of the morecomplex structures we will encounter throughout the book will be based on groups.

A nonempty set G endowed with an operation · is called a group if

(i) the operation · is associative,(ii) there exists an element e in G, called the neutral element, such that g ·e = g =

e · g for all g in G,(iii) for each element g of G there exists an element h ∈ G, called the inverse of g,

such that g · h = e = h · g.

Throughout the book we will say that (G, ·) is a group to mean that · is anoperation on the set G which makes it a group. When the operation is clear fromthe context we will simply say that G is a group. We shall occasionally also omitthe group operation symbol · when composing elements and simply write gh for thecomposition g · h of g and h in G.

There are innumerable examples of groups: the set Z of integers, endowed withthe addition operation; the set Q

∗ of nonzero rational numbers, endowed withmultiplication; the set R∗ of nonzero real numbers, as well as the set C∗ of nonzerocomplex numbers, endowed with multiplication; the set Sn of all permutations of n

elements, endowed with the composition operation.It is very easy to show that the neutral element in a group is unique. It is also

easy to show that, given g in a group, the inverse of g is unique: we will denote itby g−1.

In general, given a positive integer n and an element g in a group, we define gn

as the composition of g with itself performed n times, and set g−n = (gn)−1. Theusual rules for powers still hold in this context, namely we have gn · gm = gn+m

and (gn)m = gnm for all natural numbers n and m.Given two elements g and h in a group, we say they commute if gh = hg. If

the operation on G is commutative, that is, if gh = hg for all g and h in G (everytwo elements commute), we say that the group itself is commutative or Abelian.It is customary to denote the operation of an Abelian group by +, or to use theadditive notation. When using the additive notation, we write −g for the inverse ofan element g and ng for the composition gn. Clearly, we have (n+m)g = ng+mg

and (nm)g = n(mg) for all natural numbers n and m.The order of a group G is the cardinality of the set G and is denoted by |G|. The

order of G is the number of elements in G if G is finite and is infinite otherwise.The order of a single element g is the smallest positive integer n such that gn = e,if such an integer exists; if gn �= e for all positive n then we say that g has infiniteorder. We denote the order of g by ord(g).

4 Groups 25

Note that the set Z/nZ of all congruence classes modulo a nonzero naturalnumber n is a group when endowed with the operation + of addition betweenclasses; this immediately follows from Theorem 3.17. Clearly, such a group isAbelian of order n. The set (Z/nZ)∗ of invertible classes modulo n is itself anAbelian group when endowed with the operation · of multiplication between classes;its order is φ(n).

Our first remark about groups, which immediately follows from the definition ofa group, is

Remark 4.1 (Cancellation Laws) If, given elements g, h, k in a group G, we havegh = gk, then h = k; similarly, if hg = kg then h = k.

4.2 Subgroups

A subset H of a group G is a subgroup if the group operation · of G can be restrictedto an operation on H that makes H into a group. We write H ≤ G to indicate thatH is a subgroup of G. In order to check whether a nonempty subset H is a subgroupit is enough to check that for all h and k in H we have h · k ∈ H and that for all h

in H we have h−1 ∈ H .For instance, the subset 2Z of even numbers is a subgroup of Z, as is the subset

nZ of all multiples of a fixed integer n. The subset {±1} is a subgroup of Q∗, whichis itself a subgroup of R

∗. The subset of permutations fixing the element 1 is asubgroup of Sn.

The subset {e} is always a subgroup for any group G and is often called the trivialsubgroup; the group G itself is also a subgroup of G, though not a proper subgroup.We will refer to subgroups of G other than these two as proper nontrivial subgroups.

Given a group G, the subset Z(G) of elements z of G such that zg = gz for allg in G is called the centre of G; an element z belongs to the centre if it commuteswith all elements of the group.

Remark 4.2 The centre Z(G) is a subgroup of G.

From now on, we will often mention the centre. The centre of a group is anindicator of “how non-Abelian” the group is; for instance, G is Abelian if and onlyif Z(G) = G.

Remark that the intersection of two subgroups is a subgroup, but the union of twosubgroups is not necessarily a subgroup. Given a subset X of a group G, we shalldenote by 〈X〉 the subgroup generated by X in G, that is, the intersection of allsubgroups of G that contain X. Remark that such a subgroup always exists, becauseG always contains X. We say that X is a set of generators for the group 〈X〉. Thesubgroup 〈X〉 generated by X in G can also equivalently be defined as the smallestsubgroup of G that contains X.

A group G is cyclic if there exists an element g in G such that G = 〈g〉. In thiscase, the element g is a generator of G. Clearly, if G is cyclic then it is Abelian.

26 1 Theory

Moreover, if its generator g has finite order n then G = {e, g, g2, . . . , gn−1}, thatis, the cyclic group generated by g has order n. Similarly, if the order of g is infinitethen we have G = {. . . , g−2, g−1, e, g, g2, . . .}.

For example, Z is an infinite cyclic group, because Z = 〈1〉. The group nZ = 〈n〉is also an infinite cyclic group, and Z/nZ = 〈[1]n〉 is a cyclic group of order n.

Using Euclidean division one can easily show

Remark 4.3 Any subgroup of a cyclic group is cyclic.

This remark yields a description of all subgroups of Z:

Corollary 4.4 If H is a subgroup of Z then H = nZ for some non-negative integern.

As we recalled above, Z/nZ is also a cyclic group, and we will later see that itis, in some sense, the prototype for all finite cyclic groups. In order to classify allof its subgroups, the following remark, which follows from standard properties ofcongruences, will be useful.

Remark 4.5 For all integers a the order of [a]n in Z/nZ is

ord([a]n) = n

(a, n).

As we can immediately see from the formula above, ord([a]n) always divides n =|Z/nZ|; this, as we will see in the next section, is an example of a more generalphenomenon. Other important consequences are those of

Remark 4.6 For each divisor d of a positive integer n, the group Z/nZ containsexactly φ(d) elements of order d; moreover, there is a unique subgroup of order d

in Z/nZ, generated by the class [n/d]n. The above is an exhaustive description ofall subgroups of Z/nZ.

Another interesting consequence follows if we list elements of Z/nZ according totheir order:

Remark 4.7 If n is a positive integer, then∑

d | n φ(d) = n.

4.3 Product of Subgroups

Given two subsets H and K of a group G, let HK be the set of all products hk,where h is an element of H and k an element of K . Even when H and K aresubgroups, the subset HK of G is not necessarily a subgroup of G. If G is Abelian,then HK is indeed a subgroup. More generally, we have

Proposition 4.8 The product HK of two subgroups H and K of a group G is asubgroup of G if and only if HK = KH .

4 Groups 27

In general, even when HK is not a subgroup, we do have some information aboutits cardinality. Indeed, it is easy to see that each element of HK can be written inthe form hk for exactly |H ∩K| pairs (h, k) in H ×K . Therefore, we have

Remark 4.9 Let H and K be finite subgroups of a group G. The order of HK is|H ||K|/|H ∩K|.

4.4 Cosets of a Subgroup

Given a subgroup H of a group G, we introduce a relation ∼H on G as follows:g ∼H k if and only if g−1k ∈ H , in which case we shall say that g is congruent tok modulo H , or that g and k are congruent modulo H . It is easy to prove that ∼H

is an equivalence relation. In particular, note that for all nonzero natural numbers n,the relation of congruence modulo the subgroup nZ of the group Z is the same ascongruence of integers as defined previously.

We call the equivalence classes for ∼H left cosets of H in G; the name comesfrom the fact that the equivalence class of g is the subset gH = {gh | h ∈ H }.Clearly, we can define a “right” version of the relation by letting g H∼ k if andonly if gk−1 ∈ H . Equivalence classes for this relation are the right cosets Hg ={hg | h ∈ H }. Evidently, the two relations are exactly the same in an Abelian group,where a subset is a right coset if and only if it is a left coset.

The quotient of G with respect to the relation ∼H is denoted by G/H . Whenquotienting by H∼, we write H\G instead. Note that gH −→ Hg is a bijectivecorrespondence between G/H and H\G.

We define the index [G : H ] of the subgroup H in G as the cardinality of thequotient G/H . By our previous remarks, this is the same as the cardinality of H\G.We shall mention the index of a subgroup almost exclusively when it is finite.

We shall now deduce an important property of the subgroups of a finite group.The map h −→ gh is a bijection between H and its left coset gH ; in particular,every left coset has the same cardinality as H . Since ∼H induces a partition of G,we immediately have

Theorem 4.10 (Lagrange’s Theorem) The order of every subgroup of a finitegroup divides of the order of the group.

This yields

Corollary 4.11 The order of every element in a group divides the order of thegroup. In particular, if a finite group G has order n then gn = e holds for allg ∈ G.

This statement directly implies Euler’s theorem (Theorem 3.21) if we remark thatthe order of (Z/nZ)∗ is φ(n).

28 1 Theory

Another immediate consequence concerns groups whose order is prime. Givenan element g which is not the neutral element in a group G with prime order p, theorder of g must divide p, and thus must be p itself. We therefore have

Corollary 4.12 Any group whose order is prime is a cyclic group.

Finally, given a finite group G and a subgroup H of G, we have that [G : H ] =|G|/|H |; in particular, the index of a subgroup of a finite group is also a divisor ofthe order of the group.

4.5 Normal Subgroups

We have remarked in the previous section that, given a subgroup of an Abeliangroup, its right cosets coincide with its left cosets. This is a key property: subgroupsenjoying this property are of fundamental importance, as the mathematician ÉvaristeGalois was the first to realise.

Given a group G and an element h of G, elements of the form ghg−1 are calledconjugates of h. Given a subset H of G we denote by gHg−1 the set of elements ofthe form ghg−1 for some h in H . A subgroup H is called normal if gHg−1 = H forall g in G. Clearly, all subgroups of an Abelian group are normal, since ghg−1 = h

for all h and g. Remark that we can also write the normality condition for H asgH = Hg for all g ∈ G. Therefore, a subgroup is normal if and only if each of itsright cosets is a left coset.

The trivial subgroup {e} and the subgroup G are both normal. Another exampleof a normal subgroup is the centre: indeed, gZ(G) = Z(G)g because all elementsof Z(G) commute with all elements of G, in particular with the element g.

Moreover, if H is a normal subgroup then for all pairs of elements g1, g2 in G

we have g1Hg2H = g1g2HH = g1g2H ; that is, the product of any two left cosets,seen as subsets of G, is again a left coset.

This suggests introducing an operation on the quotient G/H by setting (g1H) ·(g2H) = (g1g2)H . The result of the operation on cosets g1H , g2H only depends onthe cosets and not on the chosen representatives g1 and g2. The requirement that thisoperation is well posed is precisely equivalent to the condition that H is a normalsubgroup of G. But we can say something much stronger:

Theorem 4.13 Given a normal subgroup H of G, the operation g1H · g2H =(g1g2)H endows the quotient set G/H with a group structure. The resulting grouphas order [G : H ].We shall say that the group structure on G/H is induced by the group structure of G.Let us go back to the Abelian group Z and its subgroup nZ, which is clearly normal.The addition operation defined on residue classes is exactly the structure inducedby the usual addition on Z on the quotient Z/nZ. This finally gives a completemotivation for the notation Z/nZ we introduced for the set of residue classes.

4 Groups 29

Endowing the quotient set with a group structure is a very useful procedure.Though on the one hand information on G is lost when constructing G/H , inthe sense that elements of G that differ by an element of H are identified, onthe other hand G/H can be “simpler” than G and easier to study. The value ofthe construction is that we can sometimes deduce useful information on G frominformation on G/H .

We remarked before that all subgroups of an Abelian group are normal; theconverse, however, is not true. As an example of a non-Abelian group all of whosesubgroups are normal, we can construct the group Q8 of unit quaternions , whichis defined as follows. The elements of Q8 are ±1, ±i, ±j and ±k, where 1 isthe neutral element; multiplication by −1 switches the sign of an element, andi2 = j2 = k2 = −1, ij = k = −j i, jk = i = −kj , ki = j = −ik. It iseasy to show that Q8 has the following subgroups

Q8

i 1,±i} j 1,±j } k 1,±k}

Z(Q8) = {±1}

1

where two subgroups are connected if the lower one is a subgroup of the one above.Normality of the subgroups of Q8 follows from general principles: we need only

realise that any nontrivial proper subgroup either has index 2 or is the centre. But,by our previous remark, the centre is always a normal subgroup, and moreover

Remark 4.14 Any subgroup of index 2 is normal.

4.6 The Symmetric Group

Given a natural number n, the set Sn of permutations of {1, 2, . . . , n}, endowedwith the operation of composition of maps, is a group called the symmetric groupon n elements. Indeed, the composite of bijective maps is bijective, the compositionoperation is associative, the identity map is its neutral element, and every bijectivemap is invertible. Moreover, we have remarked before that Sn has n! elements.

Given a permutation σ ∈ Sn and elements i1, i2, . . . , in such that σ(k) = ik fork = 1, 2, . . . , n, we denote σ as

(1 2 · · · n

i1 i2 · · · in)

.

30 1 Theory

Given distinct integers k1, k2, . . . , k� from the set {1, 2, . . . , n}, the permutationσ for which

σ(kt ) = kt+1 for t = 1, 2, . . . , �− 1,σ(k�) = k1,σ(j) = j for all j ∈ {1, 2, . . . , n} \ {k1, k2, . . . , k�}

is called a cycle of length �, or an �-cycle. We shall denote this cycle σ by(k1, k2, . . . , k�).

Notice that the order of a cycle is the same as its length. For instance, if n ≥ 3then the cycle (1, 2, 3) in Sn has order 3. A cycle (i, j) of length 2 is called atransposition: it exchanges i and j and fixes all other elements of {1, 2, . . . , n}.

The symmetric group Sn is not Abelian for any n ≥ 3. Indeed, we have forexample

(123)(12) = (13) �= (23) = (12)(123).

As we shall see in later sections, not only are symmetric groups not Abelian, butthey are complex enough that any finite group can be constructed as a subgroup ofa sufficiently large symmetric group.

4.7 Group Homomorphisms

We shall now introduce group homomorphisms, that is, maps that preserve the groupstructure. Homomorphisms allow us to compare groups by relating them to oneanother, which will prove very fruitful as a general approach.

Let G, H be groups whose operations are · and ◦, respectively. A map f : G −→H from one to the other is a homomorphism if f (g1 · g2) = f (g1) ◦ f (g2) for allelements g1, g2 in G.

It is immediate from the definition that a homomorphism will send the neutralelement of G to the neutral element of H , that is, f (eG) = eH . Moreover, f (g−1) =f (g)−1 and ord(f (g)) | ord(g). Subgroups are sent to subgroups, as stated by thefollowing

Proposition 4.15 Let Gf−→ H be a group homomorphism. If G′ is a subgroup

of G then f (G′) is a subgroup of H ; if H ′ is a subgroup of H then f−1(H ′) is asubgroup of G.

In particular, the image f (G) of f is a subgroup of H ; it is called a homomorphicimage of G. The inverse image of the trivial subgroup {eH } of H is of fundamentalimportance; it is called the kernel of f and denoted by Ker(f ). In other words, wehave

Ker(f ) = {g ∈ G | f (g) = eH }.

4 Groups 31

The kernel is a measure of the extent to which the homomorphism fails to beinjective. Indeed,

Proposition 4.16 The kernel of a group homomorphism is a normal subgroup of G.Moreover, for all h in Im(f ) we have f−1(h) = g Ker(f ) where g is any elementof f−1(h). In particular, f is injective if and only if Ker(f ) is trivial.

Not only is the kernel of a homomorphism a normal subgroup, but every normalsubgroup is the kernel of some homomorphism: if H is a normal subgroup of G,then H is the kernel of the projection homomorphism G −→ G/H . We expressthis remark in the following

Proposition 4.17 A subgroup of a group is normal if and only if it is the kernel ofa group homomorphism.

The most important theorem concerning group homomorphisms is the

Theorem 4.18 (Fundamental Homomorphism Theorem) Given a group homo-

morphism Gf−→ H , and letting G

π−→ G/ Ker(f ) be the quotient homomorphism,there exists a unique homomorphism f , necessarily injective, that renders thefollowing diagramme commutative

Gf

π

H

G/Ker(f )

f

A bijective homomorphism is called an isomorphism. If there exists an isomorphismbetween groups G and H then we say the two groups are isomorphic and writeG � H . In particular, the theorem above implies

Corollary 4.19 If f is surjective then f is an isomorphism between G/ Ker(f )

and H .

This corollary allows us to conclude that the homomorphic images of the groupG are quotients of G and can therefore be constructed using only G itself. Moreover,every group homomorphism f : G −→ H factors as follows: first, the projectionπ : G −→ G/ Ker(f ), followed by the isomorphism f : G/ Ker(f ) −→ Im(f )

and finally the inclusion Im(f ) ↪−→ H . That is, we have the following commutativediagramme:

Gf

π

H

G/Ker(f )f

Im(f )

i

32 1 Theory

Let G be a group; the isomorphisms from G to itself are called automorphismsand the set of automorphisms of G is denoted by Aut(G). Clearly, the identity isan automorphism, the composition of two automorphisms is an automorphism, andthe inverse of an automorphism is an automorphism. In other words, the set Aut(G)

endowed with the composition of maps is a group.The quotient homomorphism π corresponding to a normal subgroup H of G can

be used to further refine Proposition 4.15.

Proposition 4.20 There is a bijective correspondence between the set of allsubgroups of G/H and the set of subgroups of G that contain H , given by themaps K ′ −→ π−1(K ′) and G′ −→ π(G′). Moreover, normal subgroups of G/H

correspond to normal subgroups of G.

It is now easy to obtain the details of the structure of any cyclic group. Indeed,if G = 〈g〉 is cyclic then Z � k −→ gk ∈ G is a surjective homomorphism. Byapplying the results above we obtain

Theorem 4.21 (Structure Theorem for Cyclic Groups) Given a cyclic group G,if G is infinite then we have G � Z, whereas if its order |G| is finite and equal to n

then G � Z/nZ. Moreover, if G = 〈g〉 is infinite then its subgroups are all those ofthe form 〈gk〉, where k is any positive integer. If |G| = n <∞ then G has a uniquesubgroup of order d for each divisor d of n.

Note that the part of the theorem concerning subgroups of a finite cyclic group isa consequence of the bijective correspondence between subgroups of Z/nZ andsubgroups of Z containing nZ. That is, we have a new way of proving Remark 4.6.

We know that in a finite group the order of each element divides the order of thegroup. It is not necessarily true, however, that for each divisor d of the order of G

there is an element of order d in G. This does hold when d is a prime divisor and, ifG is an Abelian group, it can be sown by applying the fundamental homomorphismtheorem and setting up a simple induction.

Theorem 4.22 (Cauchy’s Theorem) Given a finite group G and a prime p thatdivides the order of G, there exists an element of order p in G.

The order of any subgroup is also a divisor of the order of the group; however, asfor single elements, we cannot say in general whether there exists a subgroup whoseorder is a certain divisor of the order of the group. We do know that a cyclic grouphas exactly one subgroup for each divisor of its order, but this case is very special:indeed, we have

Remark 4.23 Given a finite group G which has exactly one subgroup of order d foreach divisor d of |G|, the group G is cyclic.

4 Groups 33

4.8 Direct Product of Groups

Given two groups G and H whose operations are · and ◦, respectively, we canendow the Cartesian product G×H with an operation given by (g1, h1)(g2, h2) =(g1 · g2, h1 ◦ h2) for all g1, g2 ∈ G and h1, h2 ∈ H . It is easy to show that thisoperation makes the set G×H into a group, which we call the direct product of thegroups G and H .

We shall see that many properties of the group G × H can easily be inferredfrom the properties of the groups G and H . We shall often find that some group,however defined, is isomorphic to a direct product of groups, and thus will obtaininformation about the group from information about its factors.

The cardinality of the set G ×H is the product of the cardinalities of G and H :if G and H are both finite, then G ×H has order |G| · |H |, whereas if at least oneof the two groups is infinite then G×H is infinite. As for the order of its elements,we have the following

Remark 4.24 Given g ∈ G of finite order m and h ∈ H of finite order n, the orderof the element (g, h) of G×H is the least common multiple of m and n.

The centre of G×H is easy to describe in terms of G and H : one can check thatZ(G×H) = Z(G)× Z(H). In particular,

Remark 4.25 The group G×H is Abelian if and only if G and H are both Abelian.

Given a subgroup G′ of a group G and a subgroup H ′ of a group H , the groupG′ ×H ′ is a subgroup of G×H in a natural way; note, however, that a subgroup ofG×H need not be the direct product of two subgroups. For instance, the diagonalsubgroup {(g, g) | g ∈ G} of G×G is not a product of two subgroups if G has morethan one element.

We shall now give a consequence of our remark about the order of elements in adirect product of groups. We immediately obtain

Remark 4.26 A direct product of cyclic groups of order m and n is itself cyclic ifand only if m and n are relatively prime.

In particular, for the cyclic groups given by the residue classes Z/mZ and Z/nZ,the homomorphism

Z/mnZ � [a]mn −→ ([a]m, [a]n) ∈ Z/mZ× Z/nZ

is an isomorphism if and only if m and n are relatively prime. Moreover, thishomomorphism can be restricted to (Z/mnZ)∗, yielding a homomorphism betweenmultiplicative structures

(Z/mnZ)∗ � [a]mn −→ ([a]m, [a]n) ∈ (Z/mZ)∗ × (Z/nZ)∗.

34 1 Theory

Again, this is an isomorphism if and only if m and n are relatively prime. Notethat this discussion further specifies the content of Theorem 3.18 and of itsCorollary 3.19.

5 Rings

5.1 Definition and Basic Properties

Rings are sets endowed with two operations whose properties are analogous to thoseof integer addition and multiplication. A set A endowed with two operations+ and· is a ring if

(i) A, endowed with the operation+, is an Abelian group,(ii) the operation · is associative,

(iii) the operation · distributes over the operation+.

We shall call the operation + addition and the operation · multiplication. Theaddition’s neutral element is denoted by 0 and called the zero of the ring A. Remarkthat a neutral element for · need not exist; if it does, then we say that A is a ring withidentity or a unitary ring. In a unitary ring, the identity 1 is necessarily unique, andis often called the one of the ring. Note that we can have 0 = 1, in which case it iseasy to prove that A = {0} and A is called the zero ring. If the multiplication of A

is commutative then the ring itself is called commutative.The basic rules of integer arithmetic still hold for rings; indeed, we have

Remark 5.1 Given a ring A, for all a and b in A we have: a0 = 0a = 0, a(−b) =(−a)b = −(ab), (−a)(−b) = ab. Moreover, if A is a unitary ring then (−1)a =−a and (−1)(−1) = 1.

The most standard example of a ring is of course Z, which is a commutativeunitary ring. Thanks to Theorem 3.17, the set Z/nZ of residue classes modulo apositive integer n is also a commutative unitary ring whose zero is 0 + nZ andwhose one is 1+ nZ.

An element a of a commutative ring A is a zero divisor if there exists an elementb �= 0 in A such that ab = 0. We denote the set of zero divisors of A by D(A).Naturally, zero is a zero divisor in any nonzero commutative ring. A commutativering with no zero divisors other than 0 is called an integral domain. The ring ofintegers is an integral domain, whereas Z/nZ is an integral domain if and only ifn is prime. This is a consequence of Proposition 3.11, which tells us that the zerodivisors in Z/nZ are the classes a + nZ such that (a, n) �= 1.

An element a of a ring is nilpotent if there exists a positive integer k such thatak = 0. For instance, assuming the prime factorisation of n is n = p

e11 p

e22 · · ·per

r , aclass a in Z/nZ is nilpotent if and only if p1p2 · · ·pr divides a in Z.

Throughout the rest of the book, we shall often make use of the following remark,which is essentially equivalent to the definition of an integral domain.

5 Rings 35

Remark 5.2 (Principle of Zero Products) Given two elements a, b in an integraldomain, if ab = 0 then a = 0 or b = 0.

An element a of a unitary ring A is invertible if there exists an element b ∈ A

such that ab = ba = 1. We shall write A∗ for the set of all invertible elements inA. For the ring Z we have Z∗ = {1,−1}; the sets Q, R and C are also commutativeunitary rings, and we have Q

∗ = Q \ {0}, R∗ = R \ {0} and C∗ = C \ {0}. One

immediately obtains from Proposition 3.15 that the class a + nZ is invertible inZ/nZ if and only if (a, n) = 1.

Remark 5.3 Given a unitary ring A, the set A∗ of its invertible elements endowedwith multiplication is a group; it is an Abelian group if A is commutative. Moreover,we always have A∗ ∩D(A) = ∅.

In the case of a finite ring we can say something more:

Remark 5.4 Given a finite unitary ring A, we have A = A∗ � D(A); that is, everyelement of A is either invertible or a zero divisor.

If K is a nonzero commutative unitary ring whose nonzero elements are allinvertible, we say that K is a field. In other words, K �= {0} is a field if and only ifK∗ = K \ {0}; in this case, the set K∗ = K \ {0} endowed with multiplication is

an Abelian group. Remark that every field is an integral domain, so the principle ofzero products does hold for fields. Some examples of fields are Q, R and C. Onecan also construct fields with a finite number of elements: given a prime p, the ringZ/pZ is actually a field, because every nonzero class is invertible modulo p.

In a commutative ring, one can develop powers of a binomial in a similar way asone does in Z.

Remark 5.5 (Binomial Theorem) Given two elements a and b of a commutativering A, for all positive integers n we have

(a + b)n =n∑

k=0

(n

k

)akbn−k.

5.2 Subrings, Ideals and Quotients

A subset B of a ring A is a subring if the operations + and · can be restricted toB and their restrictions make B itself a ring. Clearly, in order to check whether anonempty subset B is a subring it is enough to check that b1+ b2 and b1 · b2 belongto B for all b1 and b2 in B, and that −b ∈ B for all b ∈ B. An equivalent definitionwould be that a subset B is a subring if it is a subgroup under addition and is closedunder multiplication.

Now, let A′ be a ring containing the ring A and let X be a subset of A′. It isevident that an intersection of subrings of A′ is itself a subring. We can thus define

36 1 Theory

the ring generated by X over A as the intersection of all subrings of A′ that containA∪X. We denote such a ring by A[X]: it is the smallest subring of A′ that containsA ∪ X. Given a commutative ring A, it is easy to show that the ring A[X] is the setof all possible sums

a1y1 + a2y2 + · · · + akyk

where k is any natural number, a1, a2, . . . , ak are elements of A and y1, y2, . . . , yr

are products of elements of X. If the set X is finite, say X = {x1, x2, . . . , xr},then we may write A[x1, x2, . . . , xr ] for A[X]. In particular, if X = {x} and A iscommutative, then A[x] is the set of all sums of the form

k∑

h=0

akxk

where k is a natural number and a0, a1, . . . , ak are elements of A.

A ring homomorphism is a map Af−→ B from a ring A to a ring B such that

f (a1 + a2) = f (a1) + f (a2) and f (a1a2) = f (a1)f (a2) for all a1, a2 ∈ A.Moreover, in the case of A and B being unitary rings, we require that a ringhomomorphism f from A to B send the identity 1A of A to the identity 1B of B, thatis, we impose f (1A) = 1B . A ring isomorphism is a bijective ring homomorphism.As we did for groups, we write A � B if there exists a ring isomorphism from A toB; in this case, we say that A and B are isomorphic.

Given a commutative unitary ring A, there is exactly one way to extend thepairing Z � 1 −→ 1A ∈ A to a ring homomorphism. In particular, we canalways think of the integers as elements of A. Note, however, that the resultinghomomorphism is not necessarily injective.

A ring homomorphism is also a group homomorphism between the additivegroups (A,+) and (B,+). We can therefore define the kernel Ker(f ) of a ringhomomorphism f as the kernel of the corresponding homomorphism betweenadditive groups. The kernel Ker(f ) is the set of elements of A whose image underf is 0B :

Ker(f ) = {a ∈ A | f (a) = 0B}.

The set Ker(f ) is not only a subring of A, but also such that a1 · a2 ∈ Ker(f ) if a1belongs to Ker(f ) or a2 belongs to Ker(f ): we say that Ker(f ) absorbs multipli-cation. More generally, any additive subgroup I of A that absorbs multiplication iscalled an ideal.

An ideal is to a ring what a normal subgroup is to a group. Indeed, since (A,+)

is an Abelian group, an ideal I is a normal subgroup of (A,+). Moreover, if weconsider the quotient set A/I given by all additive cosets a + I of the ideal I ,

5 Rings 37

that is,

A/I = {a + I | a ∈ A},

this is of course an Abelian group if endowed with the addition of cosets inducedby the operation+ of A. But we can also endow A/I with a multiplication given by(a1+ I) · (a2+ I) = a1a2+ I and thus make it into a ring. In other words, given anideal I of A, the operations + and · of A pass to the quotient A/I and make it intoa ring. The quotient map

A � a −→ a + I ∈ A/I

is a surjective ring homomorphism. So, similarly to subgroups, ideals are exactlythe kernels of ring homomorphisms.

We now give another definition which will prove very important. An ideal M �=A is maximal if it is not properly contained in any ideal other than A itself.

Let A be a ring and let X be a subset of A. The ideal generated by X is theintersection of all ideals of A that contain X. We denote this ideal by (X): it is thesmallest ideal of A that contains X. In a commutative ring A, the ideal X is the setof all sums

a1x1 + a2x2 + · · · + akxk

where k is any natural number, a1, a2, . . . , ak belong to A and x1, x2, . . . , xk

belong to X. If the set X is finite, say X = {x1, x2, . . . , xr}, then we may write(x1, x2, . . . , xr) for (X). In particular, if X = {x} and A is commutative then theideal (x) generated by x is the subset A · x of A consisting of all multiples of theform ax for some a ∈ A.

5.3 Polynomial Rings

We now give the definition of a polynomial with coefficients in a commutative ringA. We choose to take an informal approach and rely on the reader’s intuition of whata polynomial is rather than give a rigorous but heavy account involving for instancethe machinery of eventually zero sequences.

Let x be a symbol which we call indeterminate; we shall also use the symbols1 = x0, x = x1, x2, x3, . . ., which we call powers of the indeterminate x. Given anatural number n and elements a0, a1, a2, . . . , an of a ring A, the formal sum

f (x) = a0 + a1x + a2x2 + · · · + anx

n

is a polynomial in the indeterminate x with coefficients a0, a1, . . . , an in the ring A.For convenience, we shall think of f (x) as having coefficients an+1, an+2, . . . equal

38 1 Theory

to zero. The coefficient a0 is called the constant coefficient of the polynomial. Thezero polynomial, which we denote by 0, corresponds to the choice of n = 0 anda0 = 0; all of its coefficients are zero. Two polynomials a0 + a1x + · · · + anx

n andb0 + b1x + · · · + bmxm are equal if their corresponding coefficients are equal, thatis, if a0 = b0, a1 = b1 and so on.

Given a nonzero polynomial f (x) = a0+ a1x + · · · + anxn, the degree of f (x),

denoted by deg(f ), is the smallest integer r such that the coefficients ar+1, ar+2, . . .

are all equal to zero. Remark that we are purposefully not defining the degree of thezero polynomial. For a polynomial f (x) of degree r , the coefficient ar is called theleading coefficient of f (x). If A is a unitary ring, a polynomial with coefficients in A

is called monic if its leading coefficient is 1. A constant polynomial is a polynomialwhich is zero or has degree 0: the polynomial f (x) is constant if and only if f (x) =a0 for some a0 ∈ A.

The set of polynomials in the indeterminate x with coefficients in A is denoted byA[x]. We will now discuss how to use the operations of A to construct operations onA[x] that make A[x] into a ring. Given polynomials f (x) = a0+ a1x+ a2x

2+ · · ·and g(x) = b0 + b1x + b2x

2 + · · · , we define the sum of f (x) and g(x) as

f (x)+ g(x) = (a0 + b0)+ (a1 + b1)x + (a2 + b2)x2 + · · ·

It is easy to see that this addition operation makes A[x] into an Abelian group wherethe neutral element is the zero polynomial and the additive inverse of a0 + a2x +a2x

2 + · · · is the polynomial−a0 − a1x − a2x2 − · · · .

In order to construct the multiplication of polynomials, we first describe productsof powers of the indeterminate: we set xn · xm = xn+m for all natural numbers n

and m. We then extend this operation in a bilinear way: given the polynomials f (x)

and g(x) above, we set

f (x) · g(x) = (a0 + a1x + a2x2 + · · · ) · (b0 + b1x + b2x

2 + · · · )= a0b0 + (a0b1 + a1b0)x + (a0b2 + a1b1 + a2b0)x

2 + · · ·=∑k(

∑kh=0 ahbk−h)x

k.

It is very easy to show that the operation · is commutative and associative and that,if A is a unitary ring, then the polynomial 1 is the multiplication’s neutral element.Moreover, as we can immediately see from the definition, the multiplicationdistributes over the addition. We therefore have

Proposition 5.6 Given a commutative ring A, the set A[x] of polynomials withcoefficients in A is a commutative ring. Moreover, if A is a unitary ring then A[x] isas well.

The degree of polynomials has two important properties in relation to additionand multiplication.

5 Rings 39

Remark 5.7 Given two polynomials f (x) and g(x) in A[x], we have

(i) if f (x)+ g(x) is not the zero polynomial then

deg(f + g) ≤ max{deg(f ), deg(g)},

(ii) if A is an integral domain and f (x), g(x) �= 0, then f (x) · g(x) �= 0 anddeg(f · g) = deg(f ) deg(g); in particular, A[x] is an integral domain.

Thanks to the remark above we can immediately identify all invertible elements ofA[x] when A is a unitary integral domain.

Corollary 5.8 If A is a unitary integral domain, then A[x]∗ = A∗.

Throughout the rest of the book, we shall often evaluate polynomials at elementsof a ring; we now explain what this procedure entails. Let a be a fixed element ofA. There exists a unique ring homomorphism

A[x] � f (x)va−→ f (a) ∈ A

called evaluation at a, which replaces all occurrences of x in f (x) with a. A root off (x) is an element a of A such that f (a) = 0. Clearly, given a subring A of a ringB, the ring A[x] is a subring of B[x]. We can thus evaluate polynomials in A[x]at elements of B. In particular, we can look for roots of a polynomial among theelements of a ring that contains the ring of its coefficients. It is clear that the imageof A[x] in B via the map of evaluation at a is the subring A[a] of B generated by a

over A.

Given a ring homomorphism Af−→ B, we can introduce a map between the

corresponding polynomial rings by setting

A[x] � a0 + a1x + · · · + anxn −→ f (a0)+ f (a1)x + · · · + f (an)x

n ∈ B[x].

It immediately follows from the definition of the addition and multiplication ofpolynomials that this map is a ring homomorphism. Remark that this homomor-phism never increases the degree of a polynomial, and in particular, if the leadingcoefficient an of a polynomial p(x) does not belong to the kernel of f , then thehomomorphism leaves the degree of p(x) unchanged.

5.4 Divisibility of Polynomials

The next few sections will be devoted to the study of the ring K[x] of polynomialswith coefficients in a field K. The ring K[x] bears a strong resemblance to the ringof integers: for instance, we have a version of Euclidean division for polynomials inK[x] where the degree plays the role of the absolute value.

40 1 Theory

Proposition 5.9 (Euclidean Division of Polynomials) Given two polynomialsf (x), g(x) in K[x], where f (x) is nonzero, there exist two unique polynomialsq(x), r(x) ∈ K[x] such that g(x) = q(x)f (x) + r(x) and r(x) = 0 or deg(r) <

deg(f ).

As with integers, q(x) is called the quotient of the division of g(x) by f (x), andr(x) is called the remainder. If r(x) = 0, in which case g(x) = q(x)f (x), thenwe say that f (x) divides g(x), or that g(x) is a multiple of f (x). We denote this byf (x) | g(x).

Theorem 5.10 (Ruffini’s Theorem) The element a ∈ K is a root of f (x) ∈ K[x]if and only if x − a divides f (x).

Using Ruffini’s theorem, we can define the multiplicity of a root a of the polynomialf (x) as the natural number k such that (x − a)k divides f (x) but (x − a)k+1 doesnot divide f (x). A root of multiplicity 1 is called a simple root, whereas a root ofmultiplicity strictly greater than 1 is called a multiple root.

If the roots of the polynomial f (x) are a1, a2, . . . , ar with multiplicities givenby k1, k2, . . ., kr respectively, then the number of roots of f (x) counted withmultiplicity is k1 + k2 + · · · + kr . By comparing the degree of the polynomial withthe number of factors of the form x − a, where a is a root, we obtain

Corollary 5.11 A nonzero polynomial f (x) ∈ K[x] has at most deg(f ) roots in K,counted with multiplicity.

Let f (x) and g(x) be polynomials in K[x], not both zero; we call greatestcommon divisor of f (x) and g(x) any polynomial p(x) with the followingproperties:

(i) p(x) divides both f (x) and g(x),(ii) if q(x) is a polynomial that divides both f (x) and g(x) then q(x) divides p(x).

In exactly the same way as for the integers, we can show that the greatest commondivisor does exist and prove Bézout’s identity.

Proposition 5.12 Given polynomials f (x), g(x), not both zero, there exists agreatest common divisor m(x) of f (x) and g(x) in K[x]. Moreover, there existh(x), k(x) ∈ K[x] such that m(x) = h(x)f (x)+ k(x)g(x).

We can immediately see that Euclid’s algorithm works for polynomials exactlyas it did for integers, by simply replacing integer division with Euclidean divisionof polynomials. This allows us to compute a greatest common divisor of twopolynomials explicitly and to obtain Bézout’s identity.

Note that the greatest common divisor of two polynomials is not unique;however, if h(x) and k(x) are greatest common divisors of f (x) and g(x), thenthere exists λ ∈ K

∗ such that h(x) = λ · k(x). We can therefore say that the greatestcommon divisor is unique up to nonzero constant factors. In particular, there is aunique monic greatest common divisor, which is often referred to as the greatestcommon divisor and denoted by (f (x), g(x)).

5 Rings 41

As with integers, we say that two polynomials are relatively prime if their greatestcommon divisor is 1.

5.5 Polynomial Factorisation

We continue to explore the analogy between the ring of integers and the ring K[x]of polynomials with coefficients in a field K. A non-constant polynomial f (x) isirreducible if f (x) = g(x)h(x) implies that g(x) is constant or h(x) is constant. Itwill soon become clear that irreducible polynomials in K[x] are analogous to primesin Z, and enjoy similar properties. For example, by arguments similar to those usedfor integers and by replacing the absolute value with the degree, we find

Theorem 5.13 Every non-constant polynomial has a factorisation in irreduciblepolynomials; such a factorisation is unique up to the order of the factors, as long aspolynomials that differ by a nonzero constant factor are identified.

Let us now discuss how to factor polynomials with coefficients in some particularfields. We start with polynomials with complex coefficients, for which we have

Theorem 5.14 (Fundamental Theorem of Algebra) Every non-constant polyno-mial with complex coefficients has a complex root.

In spite of its name, there is no purely algebraic proof of this theorem: thecompleteness of the reals, or some other analytic or topological property, is essentialfor any proof of this fact.

We shall now list some immediate consequences of the theorem that concernirreducible polynomials with complex or real coefficients.

Corollary 5.15

(i) A polynomial in C[x] is irreducible if and only if its degree is 1;(ii) every polynomial in C[x] has a factorisation as a product of degree 1

polynomials;(iii) any nonzero polynomial f (x) ∈ C[x] has exactly deg(f ) roots, counted with

multiplicity;(iv) a polynomial is irreducible in R[x] if and only if it has degree 1 or it has degree

2 and is of the form x2 + ax + b with a2 − 4b < 0.

Let us now consider how to factor polynomials with rational coefficients; notethat establishing whether or not a polynomial with coefficients in Q is irreducible ismuch harder than it is for polynomials with coefficients in R or C. First of all, letus see how we can relate polynomials with rational coefficients to polynomials withinteger coefficients.

Given a nonzero polynomial f (x) = a0 + a1x + · · · + anxn with integer

coefficients, the content c(f ) of f (x) is the greatest common divisor of thecoefficients a0, a1, . . . , an. A nonzero polynomial with content 1 is called primitive.

42 1 Theory

Naturally, every polynomial with integer coefficients can be expressed as f (x) =c(f ) · f1(x), where f1(x) is primitive. The key fact that will allow us to pass fromQ to Z is the following

Lemma 5.16 (Gauss’s Lemma) The product of two primitive polynomials isprimitive.

Gauss’s lemma yields the corollaries

Corollary 5.17 Given f (x), g(x) ∈ Z[x] \ {0} we have c(f · g) = c(f )c(g).

Corollary 5.18 Given f (x), g(x) ∈ Z[x], assume that f (x) is primitive and thatit divides g(x) in Q[x]. Then f (x) divides g(x) in Z[x].Now remark that, given f (x) ∈ Q[x], we can always write f (x) = cf1(x)

for some rational number c and some primitive polynomial f1(x) ∈ Z[x]. So,when attempting to factor f (x), it is enough to find a factorisation in Q[x] of theprimitive polynomial f1(x), which has integer coefficients. The following result willguarantee that we can look for a factorisation of f1(x) in Z[x] rather than Q[x].Corollary 5.19 A primitive polynomial in Z[x] is irreducible in Q[x] if and only ifit is irreducible in Z[x].

Let us now discuss some criteria for whether or not a polynomial is irreduciblein Z[x]. The first allows us to check whether or not the polynomial has roots: ofcourse, by Ruffini’s theorem, a nonzero polynomial with a root is irreducible if andonly if its degree is one.

Remark 5.20 Let f (x) = a0 + a1x + a2x2 + · · · + anx

n be a polynomial withinteger coefficients; any rational root of f (x) can be expressed as a/b for someinteger divisor a of a0 and some integer divisor b of an.

This criterion can be used to determine whether or not f (x) has a rational rootwithin a finite number of steps: it is enough to check all rational numbers a/b

satisfying the requirements of the remark, of which there is only a finite number.The next criterion involves reducing the coefficients of the polynomial modulo a

prime. Let f (x), as above, be a polynomial in Z[x] and let p be a prime that does notdivide the leading coefficient of f (x). The quotient homomorphism Z −→ Z/pZ

induces a homomorphism π : Z[x] −→ (Z/pZ)[x] for which f (x) is not in thekernel.

Remark 5.21 If π(f ) is irreducible in (Z/pZ)[x] then f (x) is irreducible in Z[x].This remark is especially useful because Z/pZ has p elements: in particular, it isfinite, hence the number of polynomials of any fixed degree with coefficients inZ/pZ is finite. This can make it easy to prove that a polynomial is irreducible in(Z/pZ)[x]. Do note, however, that there exist polynomials that are irreducible inZ[x] but are reducible modulo p for all primes p, so the remark above does nothave a viable converse statement.

5 Rings 43

A useful criterion for showing the irreducibility of a polynomial with integercoefficients is the following

Proposition 5.22 (Eisenstein’s Criterion) Let f (x) = a0 + a1x + · · · + anxn be

a polynomial with integer coefficients; if there exists a prime p that does not dividean but divides a0, a1, . . . , an−1 and such that p2 does not divide a0, then f (x) isirreducible in Z[x], hence it is irreducible in Q[x].Eisenstein’s criterion applies in particular to polynomials of the form xn − p forsome natural number n and some prime p. As a consequence, we have

Remark 5.23 For all natural numbers n there is an infinite number of irreduciblepolynomials of degree n in Q[x].

Here is another application of Eisenstein’s criterion. Fix a prime p and considerthe polynomial

f (x) = xp−1 + xp−2 + · · · + x + 1 = xp − 1

x − 1,

which is called the pth cyclotomic polynomial. Remark that the polynomial g(x) =f (x + 1) =∑p−1

k=0

(p

k+1

)xk has constant coefficient p and that all of its coefficients

are divisible by p except for the leading coefficient, which is 1. We can thus applyEisenstein’s criterion to obtain that g(x) is irreducible. But then f (x) must also beirreducible, because the map

Z[x] � h(x) −→ h(x + 1) ∈ Z[x]

is a ring isomorphism. We have thus shown

Remark 5.24 For all primes p the polynomial xp−1+xp−2+· · ·+x+1 is irreduciblein Q[x].

5.6 Quotients of Polynomial Rings

Let f (x) be a polynomial in K[x], where K is a field, and let (f (x)) = K[x] ·f (x) be the ideal generated by f (x) in K[x]. We wish to study the quotient ringK[x]/(f (x)). In order to accomplish this goal, for the sake of completeness, weneed to remind the reader of some definitions and results concerning vector spaces.

A vector space over the field K is an Abelian group (V ,+) endowed with a map

K× V � (λ, v) −→ λ · v ∈ V,

44 1 Theory

which we call multiplication by scalars, with the following properties:

(i) (λ+ μ) · v = λ · v + μ · v for all λ,μ ∈ K and v ∈ V ,(ii) λ · (u+ v) = λ · u+ λ · v for all λ ∈ K and u, v ∈ V ,

(iii) (λμ) · v = λ · (μ · v) for all λ,μ ∈ K and v ∈ V ,(iv) 1 · v = v for all v ∈ V .

In the context of vector spaces, elements of the field K are called scalars andelements of V are called vectors. In particular, the neutral element of V for theoperation + is called the zero vector and is denoted, as is customary in Abeliangroups, by 0.

A natural example of a vector space is the set of column vectors, that is, theset Kn, where n is some fixed positive integer, endowed with the addition and themultiplication by scalars given by

⎛

⎜⎜⎜⎝

x1

x2...

xn

⎞

⎟⎟⎟⎠+

⎛

⎜⎜⎜⎝

y1

y2...

yn

⎞

⎟⎟⎟⎠ =

⎛

⎜⎜⎜⎝

x1 + y1

x2 + y2...

xn + yn

⎞

⎟⎟⎟⎠ , λ ·

⎛

⎜⎜⎜⎝

x1

x2...

xn

⎞

⎟⎟⎟⎠ =

⎛

⎜⎜⎜⎝

λx1

λx2...

λxn

⎞

⎟⎟⎟⎠ .

Given k vectors v1, v2, . . . , vk in a vector space V , a linear combination of themis a vector of the form

λ1v1 + λ2v2 + · · · + λkvk

where λ1, λ2, . . . , λk are scalars. If the only way to obtain the zero vector as a linearcombination of v1, v2, . . . , vk is to have λ1 = λ2 = · · · = λk = 0, then the vectorsare linearly independent; otherwise, we call them linearly dependent.

The vectors v1, v2, . . . , vk are a set of generators for the vector space V if everyvector of V is a linear combination of v1, v2, . . . , vk .

A basis of a vector space V is a set of generators that are linearly independent.It follows from the definitions that a set v1, v2, . . . , vk is a basis of V if and only ifevery vector v ∈ V can be expressed as a linear combination of v1, v2, . . . , vk in aunique way. One can show

Theorem 5.25 Every vector space has a basis. Moreover, any two bases of the samevector space have the same cardinality.

The common cardinality of all bases of V is called the dimension of V and is denotedby dim V . For instance, it is easy to prove that the dimension of Kn is n.

We shall now make a general remark. Given a ring A containing a field K as asubring, if we consider the ring addition of A and the restriction to K × A −→ A

of the ring multiplication of A, then the ring A becomes a vector space over K. Inparticular, if we take A to be the quotient ring K[x]/(f (x)), we have

Proposition 5.26 The quotient set K[x]/(f (x)) is a commutative unitary ring. Aset of representatives for the classes modulo (f (x)) is given by 0 together with

6 Fields 45

all polynomials of degree strictly less than deg(f ). Moreover, K[x]/(f (x)) is avector space over K of dimension n = deg(f ). A basis of K[x]/(f (x)) is given by1+ (f (x)), x + (f (x)), . . ., xn−1 + (f (x)).

It is possible to give an explicit description of zero divisors, invertible elementsand nilpotent elements in K[x]/(f (x)), exactly as we did in the rings Z/nZ.

Remark 5.27 The class g(x) + (f (x)) is a zero divisor in the ring K[x]/(f (x)) ifand only if g(x) and f (x) are not relatively prime. It is invertible if and only if g(x)

and f (x) are relatively prime, and it is nilpotent if and only if g(x) is divisible byevery irreducible factor of f (x) in K[x].

We conclude this section with one last analogy between rings of the formK[x]/(f (x)) and quotients Z/nZ.

Corollary 5.28 The ring K[x]/(f (x)) is a field if and only if f (x) is irreducible inK[x].

6 Fields

6.1 Characteristic of a Field

Given a field K, consider the unique ring homomorphism Zϕ−→ K such that Z �

1 −→ 1 ∈ K. It is easy to show that there are only two possibilities for its kernel:either ϕ is injective or there is a prime p such that Ker(ϕ) = pZ.

In the first case, Z is isomorphic to a subring of K and so K (being a field)contains an isomorphic copy of Q: we say that K has characteristic zero.

If Ker(ϕ) = pZ then K contains an isomorphic copy of the field Z/pZ: we saythat K has characteristic p or has positive characteristic. Remark that in this case

p · a = a + a + . . .+ a︸ ︷︷ ︸p times

= 0

for all a inK. It is clear that a field with a finite number of elements has characteristicp for some prime p, since it does not contain the infinite set Q and therefore cannothave characteristic 0.

For a field of characteristic p, the binomial theorem takes an especially simpleform when applied with exponent p.

Theorem 6.1 (Freshman’s Dream) Given a field K of positive characteristic p,we have

(a + b)p = ap + bp

46 1 Theory

for all a, b ∈ K.

In the special case of the field Z/pZ, this is Theorem 3.12 about congruencesmodulo p.

An immediate consequence of the theorem is the fact that, given a finite field K

of characteristic p, the map

K � aF−→ ap ∈ K

is an automorphism of K, that is, an isomorphism from K to itself; it is called theFrobenius automorphism.

6.2 Multiplicative Group

Given a field K, the set K∗ = K \ {0} endowed with the field multiplication is agroup with a very special structure. Remark that, given a ∈ K

∗ whose order is adivisor of some positive integer n, the element a is a root of the polynomial xn − 1.This implies that K∗ cannot contain more than n elements whose order is a divisorof n. It follows immediately from Remark 4.23 that we have

Proposition 6.2 Any finite subgroup of the multiplicative group K∗ of a field K is

cyclic.

In particular, for finite fields we have

Corollary 6.3 The multiplicative group K∗ of a finite field K is a cyclic group of

order |K| − 1.

6.3 Field Extensions

Given two fields K and F, we say that F is an extension of K if K ⊆ F, that is, if Kis a subfield of F. We will sometimes write F/K to mean that F is an extension ofK. As we remarked before, given a field extension F/K we have that F is a vectorspace over the field K. The degree of the extension F/K, denoted by [F : K], is thedimension dimK F of F as a vector space over K. We call the extension F/K finiteif it has finite degree.

A tower of extensions is a sequence of successive field extensions. In a tower ofextensions, the degree is multiplicative:

Proposition 6.4 Given field extensions L/F and F/K we have

[L : K] = [L : F] · [F : K].

6 Fields 47

Let F/K be a field extension and let X be a subset of F. Since, as for rings,an intersection of subfields of F is still a subfield, we can define K(X) as theintersection of all subfields of F that contain K ∪ X. The result is the smallestsubfield of F that contains K ∪ X, that is, the set of all quotients of elementsin the subring K[X] of F generated by X over K. When the set X is finite, sayX = {a1, a2, . . . , ak}, we may write K(a1, a2, . . . , ak) for K(X).

In particular, given a ∈ F, the subfield K(a) generated by a over K is the set ofall quotients of the form

f (a)

g(a)

for some f (x) and g(x) in K[x], subject to the condition that g(a) �= 0.An element a of an extension F of K is algebraic over K if there exists a nonzero

polynomial f (x) with coefficients in K such that f (a) = 0. A non-algebraicelement is called transcendental. For instance, the number

√2 is an element of

R that is algebraic over Q, because it is a root of x2 − 2 ∈ Q[x]. In 1882, theGerman mathematician Ferdinand von Lindemann gave the first proof that π istranscendental over Q.

Given a field L, a subfield K of L and two field extensions E,F of K in L, thecomposite of E and F is E · F = E(F) = F(E); in other words, E · F is the smallestextension of K in L that contains both E and F.

A field extension F/K is algebraic if all elements of F are algebraic over K. It iseasy to show that Q(

√2)/Q is an algebraic extension; on the contrary, the extension

R/Q is clearly not algebraic, since π ∈ R is not algebraic over Q.We can determine whether an element is algebraic or transcendental by studying

the evaluation homomorphism at that element. We have

Remark 6.5 Let F/K be a field extension and consider a ∈ F. The element a isalgebraic over K if and only if the evaluation homomorphism

K[x] � f (x)va−→ f (a) ∈ F

has a nontrivial kernel. Equivalently, a is transcendental if and only if the abovehomomorphism is injective.

Given an element a ∈ F that is algebraic over K, let μ(x) be a monic polynomialof minimal degree in the kernel Ker(va) of the evaluation at a.

Proposition 6.6 If a ∈ F is algebraic over K then μ is irreducible in K[x]and generates the kernel Ker(va) of the evaluation at a. Moreover, μ is the onlyirreducible monic polynomial to have evaluation zero at a.

Because of this proposition, we call μ(x) the minimal polynomial of a over K. Weknow from the definition that Ker(va) = (μ(x)) = μ(x) ·K[x], and therefore

48 1 Theory

Remark 6.7 Given an element a ∈ F that is algebraic over K, the ring K[a] isisomorphic to K[x]/(μ(x)).

Moreover, since μ(x) is irreducible, we can use Bézout’s identity to obtain theinverse of every nonzero element of K[a] and conclude that K[a] is a field.Therefore,

Corollary 6.8 If a ∈ F is algebraic over K then K(a) = K[a].Another consequence of Remark 6.5 is the way that the degree of an extensiondepends on whether its elements are algebraic or transcendental:

Corollary 6.9 The element a ∈ F is algebraic over K if and only if K(a)/K is afinite extension. If this is the case then the degree [K(a) : K] is equal to the degreeof the minimal polynomial of a over K.

It is therefore clear that a finite extension does not contain any transcendentalelements:

Corollary 6.10 Any finite extension F/K is algebraic.

Another important property of algebraic extensions, which is essentially aconsequence of the corollary above and of the fact that the degree is multiplicativein towers, is the following

Proposition 6.11 Given algebraic field extensions L/F and F/K, the extensionL/K is algebraic.

In particular, we have

Remark 6.12 Given elements a1, a2, . . . , ak in F that are algebraic over K, the ringK[a1, a2, . . . , ak] is a field of finite degree over K.

Let us now discuss how the greatest common divisor of polynomials is affectedby field extensions. Given a field extension F/K and two polynomials f (x) andg(x) in K[x], we can compute the greatest common divisor of f (x) and g(x) bothin K[x] and in F[x]. We have

Remark 6.13 The greatest common divisor of f (x) and g(x) in K[x] is the same astheir greatest common divisor in F[x].We can therefore conclude that polynomials that are relatively prime in K[x] remainrelatively prime in F[x].

6.4 Splitting Field

A field K is algebraically closed if all non-constant polynomials in K[x] have a rootin K. For example, C is algebraically closed but R is not, because the polynomialx2 + 1 does not have any roots in R. Remark that if K is algebraically closed, then

6 Fields 49

by Ruffini’s theorem the existence of one root of f (x) implies that f (x) factors asa product of degree one polynomials in K[x].

An extension Ω of a field K is an algebraic closure of K if Ω/K is an algebraicextension and Ω is algebraically closed. For example, C is the algebraic closure ofR, but it is not an algebraic closure of Q because C/Q is not an algebraic extension:not even the subextension R/Q is algebraic.

In order to prove the following fact about algebraic closures, some ratheradvanced notions in mathematical logic are essential.

Theorem 6.14 Every field has an algebraic closure. Any two algebraic closures ofthe same field K are isomorphic, and there is an isomorphism between them thatfixes every point of K.

We now wish to state a criterion for a polynomial to have a multiple root, andin order to do this we need to introduce the concept of derivative. We shall give adefinition that does not rely on the idea of limit we are familiar with from Analysis,and thus does not require a topology on the field K of the coefficients. Given apolynomial f (x) = a0 + a1x + · · · + anx

n in K[x], its derivative is f ′(x) =a1+2a2x+· · ·+nanx

n−1. This definition coincides with the standard definition fromAnalysis for polynomials with real coefficients. It therefore should not be surprisingthat the following properties hold:

(i) (f (x)+ g(x))′ = f ′(x)+ g′(x) for all f (x), g(x) ∈ K[x],(ii) (λf (x))′ = λf ′(x) for all λ ∈ K and f (x) ∈ K[x],

(iii) (f (x)g(x))′ = f ′(x)g(x)+ f (x)g′(x) for all f (x), g(x) ∈ K[x].The last property is Leibniz’s rule for the derivative of a product. It implies that, if anelement a in the algebraic closure Ω of a field K is a multiple root of a polynomialf (x) ∈ K[x], then (x − a) is a common factor of f (x) and f ′(x) in Ω[x]. But,since the greatest common divisor is unaffected by field extensions, f (x) and f ′(x)

must also have a common factor in K[x].Remark 6.15 (Derivative Criterion for Multiple Roots) A polynomial f (x) in K[x]has a multiple root in the algebraic closure of K if and only if f (x) and its derivativeare not relatively prime in K[x].

Now, let f (x) ∈ K[x] be a polynomial and let Ω be an algebraic closure of K.In particular, Ω contains all roots a1, a2, . . . , ak of f (x). The splitting field of f (x)

in Ω is the field K(a1, a2, . . . , ak), whose degree over K is at most deg(f )!.The splitting field of f (x) is the smallest subfield of Ω in which the polynomial

f (x) factors as a product of linear polynomials. Once the algebraic closure Ω isfixed, the splitting field is uniquely determined by the polynomial f (x). Moreover,the choice of the field Ω is just a technical step: splitting fields constructed fromdifferent algebraic closures are isomorphic.

As an example, we will describe the splitting field of the polynomial xn− 1 overQ. The complex roots of this polynomial are of course the nth roots of unity: if weset ζn = e2πi/n = cos(2π/n)+ i sin(2π/n), the roots are 1, ζn, ζ

2n , . . . , ζ n−1

n . Notethat this set of roots is a cyclic subgroup of order n of the group C

∗; a generator of

50 1 Theory

this group – for example, ζn—is called a primitive nth root of unity. Clearly, thereare φ(n) primitive nth roots of unity, all of them of the form ζ h

n with (h, n) = 1.In conclusion, the splitting field of xn − 1 over Q is the field Q(ζn), which is

called the nth cyclotomic extension of Q. For instance, for n = 4 we get Q(i) and,since x2 + 1 is the minimal polynomial of i over Q, the degree of Q(i) over Q is 2.

6.5 Finite Fields

Remember that a field is finite if it has a finite number of elements. As remarkedpreviously, a finite field cannot have characteristic zero and thus always has positivecharacteristic, which will henceforth be denoted by p.

Let F be a finite field. Note that Z/pZ is a subfield of F; in particular, [F :Z/pZ] = r < ∞ for some r and F has pr elements. This implies that F∗ is a(necessarily cyclic) group with pr − 1 elements, so apr−1 = 1 for all a �= 0, andthus apr − a = 0 for all elements a in F.

Another useful fact to remark is that the algebraic closures of F and Z/pZ mustcoincide, because F is a finite extension of Z/pZ.

Now, consider the polynomial xpr − x; having fixed an algebraic closure Ω ofZ/pZ, we find that the field F is the set of all roots of this polynomial in Ω . Wealso know that xpr − x has no multiple roots by the derivative criterion, and thusRemark 4.23 yields a proof of

Theorem 6.16 Given a prime p and a natural number r , there exists a field withpr elements, which is the splitting field of the polynomial xpr − x in some algebraicclosure Ω of Z/pZ. It is the unique subfield of Ω having pr elements.

Having fixed an algebraic closure Ω , we denote by Fpr its unique subfield with pr

elements. It is customary to set q = pr , and from here on we will make frequentuse of this convention, even without saying so explicitly.

Lest any confusion arise, remark that Fp � Z/pZ but that in general Fq is notisomorphic to Z/qZ if r is greater than 1; indeed, Z/qZ is not even a field: the classp + qZ is a zero divisor.

The uniqueness of the splitting field implies

Corollary 6.17 Any two finite fields with the same number of elements are isomor-phic.

Inside Ω we have all of the fields Fpr , where r takes all possible natural values.The next proposition states that the relation of inclusion between these subfieldsmimics the relation of divisibility between integers.

Proposition 6.18 We have the inclusion Fpr ⊆ Fps if and only if r divides s.

We shall now discuss splitting fields of polynomials over finite fields. Let f (x)

be an irreducible polynomial of degree r in Fq [x] and let a be a root of f (x) in analgebraic closure Ω of Fp. Since f (x) is irreducible, Fq(a) has degree r over Fq .

6 Fields 51

But there is only one subfield of Ω with qr elements, so Fq(a) contains all the rootsof f (x). We therefore have

Proposition 6.19 Given an irreducible polynomial f (x) ∈ Fq [x] of degree r and aroot a of f (x) in some algebraic closure, the field Fq(a) = Fqr is the splitting fieldof f (x).

As a corollary, we obtain a description of the splitting field of any polynomial.

Corollary 6.20 Given a polynomial f (x) with coefficients in Fq such that

f (x) = f1(x)f2(x) · · ·fk(x)

where the factors are irreducible, the splitting field of f (x) is Fqm , wherem is the least common multiple of the degrees of the irreducible factorsf1(x), f2(x), . . . , fk(x).

We shall now discuss an application of the theory developed so far: given anatural number n and a prime p, we shall study the splitting field of the polynomialxn−1 over Fp. If n = pe ·n′, where p does not divide n′, then xn−1 = (xn′ −1)p

e

by Theorem 6.1, so the polynomials xn′ − 1 and (xn′ − 1)pe

have the same splittingfield. We can therefore assume without loss of generality that p does not divide n.The following simple remark is of fundamental importance:

Remark 6.21 Let n be an integer that is not divisible by p and let Ω be an algebraicclosure of Fp. The roots of the polynomial xn − 1 form a cyclic subgroup of ordern of Ω∗.

Consequently, the polynomial xn − 1 factors in Fpr if and only if F∗pr contains anelement of order n, that is, if and only if n divides pr − 1. Therefore, we have

Theorem 6.22 (Cyclotomic Extensions in Positive Characteristic) Let n be aninteger that is not divisible by the prime p. The splitting field of xn−1 is Fpr , wherer is the order of p in the multiplicative group (Z/nZ)∗.

We now move on to another application. Studying the solvability of quadraticequations in Fp is already quite interesting from a mathematical standpoint; the factthat this was the first case to be tackled also makes it of some historical interest.

If p = 2 then the only quadratic polynomials are: x2, x2 + 1 = (x + 1)2,x2 + x = x(x + 1) and x2 + x + 1. Among these, only the last one, which has noroots, is irreducible. From now on, we will assume that p �= 2.

The well-known quadratic formula still holds in Fp if p �= 2: the solutions of theequation ax2 + bx + c = 0 are

−b ±√Δ

2a

if Δ = b2 − 4ac is a square in Fp, and there are no solutions in Fp otherwise.The problem is thus that of determining which a ∈ Fp are squares (the quadratic

52 1 Theory

residues) and which are not (the quadratic non-residues). In order to do this, weintroduce the Legendre symbol

F∗p � a −→

(a

p

)={+1 if a is a quadratic residue,−1 if a is a quadratic non-residue.

It is easy to determine whether or not −1 is a quadratic residue; we have

(−1

p

)= (−1)

p−12

for all odd primes p, and clearly −1 = 1 is a quadratic residue in F2. The proofof this fact can be found in Preliminary Exercise 18. A similar, slightly more

complicated formula exists for(

2p

). Finally, a crucial instrument for computing

Legendre symbols is the law of quadratic reciprocity, conjectured by Euler andLagrange and proven by Gauss in 1796, which establishes a remarkable symmetry

of(

qp

)when p and q are both odd primes.

7 Preliminary Exercises

This section contains several preliminary exercises, which are meant to be solvedbefore those taken from exam papers. Their statements and the techniques used intheir solutions will often serve as useful tools to solve later exercises.

Exercise 1 Let X be a nonempty finite set. Show that the number of subsets ofX whose cardinality is even is the same as the number of subsets of X whosecardinality is odd.

Solution 1 We shall prove this by induction on the cardinality n of the set X. Thebase case is n = 1, where the only subset of even cardinality is the empty set andthe only subset of odd cardinality is X itself. So the claim does hold for n = 1.

Assume that the statement holds for |X| = n; we shall prove it for |X| = n+ 1.A set X of n + 1 elements can be written in the form X = Y ∪ {z}, where Y is aset of n elements and z �∈ Y . The subsets A of X are of two types: either z ∈ A orz �∈ A. In other words, any subset A of X is of the form A = B ∪ Z, where B is asubset of Y and Z = ∅ or Z = {z}.

It is clear that the cardinality of A is even in the following two cases: if B haseven cardinality and Z = ∅, or B has odd cardinality and Z = {z}. The inductionhypothesis implies that each case covers 2n−1 subsets, so we have 2 · 2n−1 = 2n

subsets of even cardinality. Since 2n = 12 · 2n+1 is half of the total number of

subsets of X, the number of subsets of even cardinality is the same as the number ofsubsets of odd cardinality.

7 Preliminary Exercises 53

Solution 2 Let us count the subsets of X according to their cardinality and use thebinomial expansion

(a + b)n =n∑

k=0

(n

k

)akbn−k.

If we set a = 1 and b = −1 we get

0 = 0n = (1− 1)n =n∑

k=0

(−1)n−k

(n

k

).

The sum of the binomial coefficients with even k in the expression above, whichcorresponds to the number of subsets of even cardinality, is the same as the sum ofthose with odd k, which corresponds to the number of subsets of odd cardinality.

Exercise 2 Find the number of permutations σ of {1, . . . , n} such that σ(x) �= x

for all x ∈ {1, . . . , n}.Solution The best way to solve this exercise is via the inclusion-exclusion principle.The total number of permutations of {1, . . . , n} is n!. We shall count permutationsσ that do not satisfy the requirement, that is, permutations such that there is x forwhich σ(x) = x. The correct answer will be the difference between n! and thenumber obtained.

For i = 1, 2, . . . , n, let Pi be the set of permutations σ of {1, . . . , n} such thatσ(i) = i. What we wish to find is the number of elements in P1 ∪ · · · ∪ Pn, that is,permutations for which some x is such that σ(x) = x.

We compute the cardinality |P1∪· · ·∪Pn| using the inclusion-exclusion principle.For i = 1, . . . , n (that is, for each of n possible values) the cardinality of Pi is

(n − 1)!, because the permutations σ in Pi are such that σ(i) = i and all elementsj �= i can be permuted with no constraints.

For each pair {i, j } ⊆ {1, . . . n} (that is, in each of(n2

)cases) the cardinality of

Pi ∩Pj is (n− 2)!, because every σ ∈ Pi ∩Pj satisfies σ(i) = i and σ(j) = j , butthe other n− 2 elements can be permuted with no constraints.

Applying this argument to all possible intersections of the Pi ’s, one gets theformula

|P1 ∪ · · · ∪ Pn| = n(n− 1)! −(

n

2

)(n− 2)! +

(n

3

)(n− 3)! + · · ·

· · · + (−1)n−2(

n

n− 1

)1! + (−1)n−1

(n

n

)0!

= n!(

1

1! −1

2! +1

3! + · · · + (−1)n−1 1

n!)

.

54 1 Theory

The cardinality we want is therefore given by the difference

n!(

1

2! −1

3! + · · · + (−1)n1

n!)= n!

(1

0! −1

1! +1

2! −1

3! + · · · + (−1)n1

n!)

.

[[This exercise has a fascinating alternative formulation, known as the matching problem.Suppose someone gives a secretary the task of mailing n letters to n different addresses, withouttelling them which letter has to go to which address. What is the probability that no letter is mailedto the correct address?

It is known that the series

∞∑

k=0

(−1)k1

k!

converges to the value 1/e, where e is Euler’s number. Therefore, the probability we are

considering tends to the limit 1/e for large n. ]]

Exercise 3 Let X be a set of m elements and let Y be a set of n elements. Find thenumber of surjective maps X −→ Y .

Solution Again, we will use the inclusion-exclusion principle. The total number ofmaps from X to Y is nm. We shall find the number of maps that are not surjectiveand then take the difference to obtain the number of surjective maps.

Let Y = {y1, . . . , yn}. A map f : X → Y is not surjective if there is at leastone element yi ∈ Y that does not belong to its image. In other words, the set ofnon-surjective maps f : X→ Y is the union of the sets F1, . . . , Fn, where Fi is theset of maps whose image does not contain yi .

The cardinality of each set Fi (there are n such sets, one for each value of i) isthe number of maps from X to the set Y \ {yi} and therefore equal to (n− 1)m. Thecardinality of each of the

(n2

)sets Fi ∩ Fj is the number of maps from X to the set

Y \ {yi, yj }, that is, (n− 2)m, and so on. In conclusion, we have

|F1 ∪ · · · ∪ Fn| = n(n− 1)m −(

n

2

)(n− 2)m + · · · + (−1)n−1

(n

n− 1

)1m

and therefore the number of surjective maps is given by the difference

nm − n(n− 1)m +(

n

2

)(n− 2)m + · · · + (−1)n

(n

n− 1

)1m .

[[It is interesting and nontrivial to note that for m < n the formula above gives a result of zero,

that is, it confirms that there are no surjective maps f : X→ Y . ]]

Exercise 4 Let n and k be positive integers. Find the number of solutions of theequation

x1 + · · · + xk = n ,

where all xi’s are positive integers.

7 Preliminary Exercises 55

Solution There is a bijective correspondence between solutions (x1, . . . , xk) of theequation above and k-tuples (y1, y2, . . . , yk) constructed as

y1 = x1

y2 = x1 + x2

...

yk−1 = x1 + x2 + · · · + xk−1

yk = x1 + x2 + · · · + xk = n.

Since y1 < y2 < · · · < yk = n and yk is fixed, the desired k-tuples are as manyas the subsets {y1, . . . , yk−1} of the set {1, . . . , n− 1}, that is,

(n−1k−1

). The answer is

therefore(n−1k−1

).

[[There are many possible variants of this exercise and all of them can be solved by similarmethods. For example, one can consider the equation

x1 + · · · + xk ≤ n .

In this case, the k-tuples {y1, . . . , yk} no longer need to satisfy the requirement that yk = n, sothey correspond to the subsets of k elements of a set of n elements, and thus there are

(nk

)of them.

One can also consider the solutions of the equation

x1 + · · · + xk = n ,

where the xi ’s are non-negative integers. Setting yi = xi + 1, we find that yi > 0 and that, sinceeach yi is increased by 1 with respect to the previous construction, the sum y1+. . .+yk is increasedby k, that is,

y1 + · · · + yk = n+ k .

Therefore, the number of solutions in this case is(n+k−1k−1

). ]]

Exercise 5 Find the number of positive divisors of the positive integer n in termsof its prime factorisation.

Solution Let n = pa11 · · ·pak

k be the factorisation of n as a product of powers of

distinct primes p1, . . . , pk . Any divisor d of n will factor as d = pb11 · · ·pbk

k wherethe integers bi satisfy the inequality 0 ≤ bi ≤ ai . So there are ai+1 possible choicesfor each exponent bi , and thus the number of positive divisors of n is

k∏

i=1

(a1 + 1) .

Exercise 6 Let n be a positive integer, let p be a prime and, given a real numberx, let �x� be the integer part of x, that is, the largest integer m such that m ≤ x.

56 1 Theory

Show that

∞∑

h=0

⌊n

ph

⌋

is the power of p that exactly divides n!.Solution First of all, remark that the sum above has a finite number of nonzeroterms, as clearly we have n

ph < 1 and thus � nph � = 0 for h large enough.

Instead of counting the number of times that p divides each integer k with 1 ≤k ≤ n, for each h we count the number of integers between 1 and n that are divisibleby ph. Summing the quantities obtained in this way, the integer k contributes 1 foreach integer h such that ph | k, that is, it is counted as many times as the exponentof the largest power of p that divides it.

For each h, the number of integers k with 1 ≤ k ≤ n such that ph | k is equal to

⌊n

ph

⌋

so, by the trick described, the desired formula follows.

Exercise 7 Let a, b, c be integers, with a, b not both zero. Describe the set ofsolutions (x, y) ∈ Z

2 of the equation ax + by = c.

Solution Let us first determine for which integers c the equation has at least onesolution. From Bézout’s identity, we know that there exists a pair (x0, y0) of integerssuch that ax0 + by0 = m, where m = (a, b) is the greatest common divisor of a

and b. If c is a multiple of m, say c = km, then multiplying this identity by k yieldsa(kx0)+ b(ky0) = km = c, so the equation has a solution.

Conversely, assume that the equation has a solution (x1, y1). Then ax1+by1 = c

and, since m | a and m | b, we have that m must also divide c. In conclusion, theequation has at least a solution if and only if (a, b) | c.

Now assume that (a, b) | c and write a = ma1, b = mb1, c = mc1, so that(a1, b1) = 1. By simplifying, we get the equation a1x + b1x = c1. We can producea solution (x0, y0) of the equation a1x+ b1y = 1 using Euclid’s algorithm; we thenhave a particular solution of ax1 + by1 = c1: for example, (x, y) = (c1x0, c1y0).Letting (x ′, y ′) be any solution of ax1+ by1 = c1, by subtracting the two equations

a1x′ + b1y

′ = c1

a1x0 + b1y0 = c1

we get

a1(x′ − x0) = b1(y0 − y ′).

7 Preliminary Exercises 57

Since (a1, b1) = 1, this implies a1 | y0 − y ′ and b1 | x ′ − x0. So we can write x ′ −x0 = kb1 for some integer k, and necessarily y ′ − y0 = −ka1. On the other hand,substituting the values

x ′ = x0 + kb1, y ′ = y0 − ka1

into the original equation, it is easy to see that it is satisfied.The general solution is therefore given by

{x = x0 + kb1

y = y0 − ka1.

Exercise 8 Let m/n be a rational number with (m, n) = 1 and with n = 2e5f n′for some integer n′ such that (10, n′) = 1. Show that the decimal expansion of m/n

is eventually periodic with a transient of length max{e, f }.Solution Since (n′, 2e5f ) = 1, the linear Diophantine equation

2e5f x + n′y = m

has a solution. Let (a, b) be one such solution; since (m, n) = 1, we necessarilyhave (a, n′) = (b, 2e5f ) = 1. Dividing by n, we get

a

n′+ b

2e5f= m

n.

We perform the Euclidean division of a by n′ and obtain a = sn′ + r . Note that(r, n′) = 1. The digits after the decimal point of a/n′ are exactly the same as thoseof r/n′. Remember that, with the usual process of division, the (i + 1)th digit afterthe decimal point in r/n′ is completely determined by the remainder of the divisionof 10ir by n′.

Since (10, n′) = 1, the sequence (10i)i is eventually periodic modulo n′; in fact,it is periodic, that is, it has no preperiodic part, and its period is the multiplicativeorder h of 10 modulo n′. Multiplying by r , we find that the sequence (10ir)i is alsoperiodic modulo n′, with a period h′ that divides h. If we set r ′ to be the inverse ofr modulo n′, the sequence (10irr ′)i is periodic modulo n′, so the period h dividesh′. It follows that h′ = h.

Now, set k = max{e, f }; the number β = b/2e5f can be written as b′/10k, withb′ ∈ Z, and has exactly k digits after the decimal point, because 10kβ ∈ Z, whereas10k−1β �∈ Z.

Sum a/n′ and β: the former has a periodic decimal expansion and the latter hasexactly k digits after the decimal point in its decimal expansion. Therefore, theirsum has a transient of length k after the decimal point, and then the digits willrepeat periodically.

58 1 Theory

Exercise 9 Let g be an element of order n in a group. Show that for each positiveinteger k the order of gk is n/(k, n).

Solution Given a positive integer m, we have (gk)m = e if and only if km ≡

0 (mod n), that is, if and only if m ≡ 0 (mod n/(k, n)). Therefore, the smallestpositive integer m such that (gk)

m = e is n/(k, n).

Exercise 10 Show that if an Abelian group contains an element of order m and anelement of order n then it contains an element of order [m,n].Solution Let G be an Abelian group as in the statement, let g ∈ G be an elementof order m and let h ∈ G be an element of order n. First, assume that (m, n) = 1,which implies [m,n] = mn; we show that z = gh has order mn. Indeed, we havezmn = gmnhmn = e ·e = e, so ord(z) |mn. Moreover, the orders of the subgroups ofG generated by g and by h are relatively prime, so their intersection consists of theidentity only. If zk = e, that is, if gkhk = e, then gk = h−k and thus gk = h−k = e.It follows that m | k and n | k, hence mn | k, that is, mn | ord(z).

Now we deal with the general case: assume that the prime factorisations of m

and n are

m =∏

p

pμp , n =∏

p

pνp ,

hence [m,n] =∏p pγp , where γp = max{μp, νp}. For each prime p, we have thatpγp divides the order of g (if μp ≥ νp) or the order of h (if μp < νp), so there mustbe an element zp of order pγp in the subgroup generated by g or in the subgroupgenerated by h. The element z =∏p zp has order [m,n].Exercise 11 Let p be a prime and k be a positive integer. For each a with 0 ≤ a ≤k, find the number of subgroups of order pa of the additive group (Z/pZ)k .

Solution The group G = (Z/pZ)k has a natural vector space structure over Fp, asthe multiplication by scalars can be defined in term of the group addition: we setλ · x = x + · · · + x, with λ copies of the summand. Analogously, every subgroupof G has a natural vector space structure. Listing the subgroups of G of order pa istherefore equivalent to listing the vector subspaces of (Z/pZ)k of dimension a.

Each a-tuple (v1, . . . , va) of linearly independent vectors generates a subspaceof dimension a. The number of ordered a-tuples of linearly independent vectorsis (pk − 1)(pk − p) · · · (pk − pa−1): we have pk − 1 choices for the vector v1(all nonzero vectors), pk − p choices for v2 (all vectors but the p multiples of v1),pk−p2 choices for v3 (all vectors but the p2 linear combinations of v1 and v2), andso on.

On the other hand, every subspace of dimension a can be generated by an ordereda-tuple of linearly independent vectors (v1, . . . , va) in (pa − 1)(pa − p) · · · (pa −pa−1) different ways. Indeed, there are pa −1 choices for v1 (all nonzero vectors inthe subspace), pa −p choices for v2 (all vectors in the subspace but the p multiplesof v1), and so on.

7 Preliminary Exercises 59

It follows that the number of subspaces of dimension a of (Z/pZ)k , and thus thenumber of subgroups of order pa , is

(pk − 1)(pk − p) · · · (pk − pa−1)

(pa − 1)(pa − p) · · · (pa − pa−1).

[[Notice that the argument of the solution implies that the fraction above is always an integer.

Moreover, if we replace a with k − a, it is not difficult to show that the formula gives the same

result. An interpretation of this symmetry is that there is a bijective correspondence pairing each

subspace with its orthogonal subspace, and if a subspace has dimension a, then its orthogonal has

dimension k − a. ]]

Exercise 12 Find all possible orders of elements in S3 and describe its subgroups.

Solution The group S3 has six elements, so their orders must divide 6. We knowthat S3 is not Abelian, so it does not have elements of order 6: if it did, it would notjust be Abelian, but cyclic.

Clearly the neutral element, that is, the identity permutation, has order 1. Thethree transpositions (12), (13) and (23) have order 2 and the 2 three-cycles (123) and(132) have order 3. We have listed six different permutations, so we have exhaustedthe elements of S3 and computed the order of each of them.

Now, let G be a subgroup of S3. If G has order 1 or 6 then it is the trivial subgroupor S3, respectively. Since by Lagrange’s theorem the order of G must be a divisorof 6, there are only two other possibilities: either G has order 2 or G has order 3.

If G has order 2 then it contains the neutral element and one transposition.Therefore, there are three subgroups of order 2: {e, (12)}, {e, (13)} e {e, (23)}.

If G has order 3 then it contains the neutral element and two elements of order3: it must therefore be G = {e, (123), (132)}. This completes the description of allsubgroups of S3.

Exercise 13 Given a cyclic group G, describe the homomorphisms from G to itselfand the group of automorphisms of G.

Solution We use the additive notation for G and let g be some fixed generator of G.First of all, we show that the choice of g induces a bijective correspondence betweenelements of G and homomorphisms from G to itself.

Indeed, given an element h of G, let ϕh be the map given by ϕh(ng) = nh.Remark that, since g is a generator, we must have h = kg for some k ∈ Z; so ifng = 0 then we also have nh = nkg = kng = k · 0 = 0. This shows that ϕh iswell defined. Moreover, we have ϕh(ng + mg) = ϕh((n + m)g) = (n + m)h =nh+mh = ϕh(ng)+ ϕh(mg) and so ϕh is a homomorphism.

On the other hand, given an homomorphism ϕ from G to itself, it is clear thatϕ = ϕh for h = ϕ(g). This concludes the proof that the set of homomorphismsfrom G to itself is in bijection with G.

Let us now describe the automorphisms of G. Since Im(ϕh) = 〈h〉, thehomomorphism ϕh is surjective if and only if h is a generator of G.

60 1 Theory

If G is infinite then by the structure theorem for cyclic groups we have G � Z,so the only generators of G are g and −g. In particular, for h = g and h = −g

we have ϕ2h = IdG; this shows that ϕg and ϕ−g are automorphisms and the map

Z/2Z � {±1} � k −→ ϕkg ∈ Aut(G) is a group isomorphism.Finally, assume that G is finite, in which case any surjective homomorphism from

G to itself is also injective. In particular, since the generators of Z/nZ are the classesk such that (k, n) = 1, we find that the map (Z/nZ)∗ � k −→ ϕkg ∈ Aut(G) is anisomorphism.

Exercise 14 Describe the nilpotent elements in Z/nZ in terms of the primefactorisation of n.

Solution Let n = pe11 · · ·pek

k be the prime factorisation of n, where p1, . . . , pk

are distinct and ei > 0 for i = 1, . . . , k. A nilpotent element x ∈ Z/nZ is theresidue class of an integer x for which there is a positive integer m such that xm ≡ 0(mod n), that is, n | xm.

Since pi | n for i = 1, . . . k, we must have pi | xm and thus (by definition of aprime) pi | x. Conversely, if p1 | x, . . . , pk | x, which implies p1 · · ·pk | x, then wehave n | xm for m ≥ max{e1, . . . , ek}.

In conclusion, the nilpotent elements of Z/nZ are the classes represented bymultiples of p1 · · ·pk .

Exercise 15 Let K be a field of characteristic different from 2. Show that

(i) every extension of K of degree 2 is of the form K(√

a) for some a ∈ K;(ii) if [K(

√a) : K] = [K(

√b) : K] = 2, then K(

√a) = K(

√b) if and only if ab is

the square of an element of K.

Solution

(i) An extension F of K of degree 2 is of the form F = K(α) for some algebraicelement α whose minimal polynomial over K has degree 2. Suppose that theminimal polynomial of α overK is μα(x) = x2+rx+s. Since the characteristicof K is not 2, the solutions of the equation μα(x) = 0 can be computed usingthe quadratic formula

x1, x2 = −r ±√r2 − 4s

2,

because 2 is invertible in K. It is now clear that, setting a = r2−4s, the solutionsof the equation are contained in K(

√a) and, conversely, a is contained in K(α).

(ii) We first show that if K(√

a) = K(√

b) then ab is the square of an element ofK. Since in particular we have K(

√a) ⊆ K(

√b), there exist elements c, d ∈ K

such that√

a = c + d√

b. By squaring we obtain

a = c2 + d2b + 2cd√

b.

7 Preliminary Exercises 61

By the linear independence over K of the elements 1 and√

b and because thecharacteristic of K is different from 2, we must have cd = 0, so c = 0 or d = 0.If c = 0 then a = d2b, hence ab = d2b2 as wanted. If d = 0 then a = c2,which contradicts the assumption that the degree [K(

√a) : K] is 2.

Conversely, suppose ab is the square of an element of K, that is, ab = c2 forsome c ∈ K. By hypothesis, a and b are nonzero, so

√a = ± c√

b∈ K(√

b) and√b = ± c√

a∈ K(√

a).

Exercise 16 For each positive integer k, let fk(x) = xk − 1 ∈ Q[x]. Show that forall m,n > 0 the greatest common divisor of fm(x) and fn(x) is fd(x), where d isthe greatest common divisor of m and n.

Solution Let d = (n,m); assume m = da and n = db. Clearly,

xd ≡ 1 (mod xd − 1),

and raising both sides of the congruence to the ath power and to the bth powerwe get xm ≡ (xd)a ≡ 1 (mod xd − 1) and xn ≡ (xd)b ≡ 1 (mod xd − 1), soxd − 1 | (xm − 1, xn − 1).

Conversely, let f (x) = (xm− 1, xn− 1). Each root α ∈ C of f (x) is both a rootof xm−1 and a root of xn−1, so αm = αn = 1. This implies that the multiplicativeorder of α divides both m and n, so it divides their greatest common divisor d . Inother word, every root of f (x) is also a root of xd − 1. By the derivative criterionfor multiple roots, all roots of xm − 1 are simple, so the same is true for f (x); wethus obtain that f (x) | xd−1. Therefore, f (x) and xd −1 divide each other, which,since they are both monic, implies that they coincide.

Exercise 17 Let f (x) = x2 + a be a polynomial with rational coefficients and letf (x) be its class in the ring Q[x]/(x3 − x2). Find the values of a for which f (x) isinvertible and compute its inverse.

Solution . We know that the class of f (x) is invertible in A = Q[x]/(x3 − x2) ifand only if the greatest common divisor of f (x) and x3 − x2 is 1. Since x3 − x2 =x2(x − 1), the two polynomials are coprime if and only if 0 and 1 are not roots off (x). We therefore impose the conditions f (0) = a �= 0 and f (1) = a+1 �= 0: theclass f (x) is invertible in A if and only if a �= 0,−1, whereas if a = 0 or a = −1then it is a zero divisor.

Suppose a �= 0,−1; we use Euclid’s algorithm to compute the inverse of f (x).We have

x3 − x2 = (x2 + a)(x − 1)− a(x − 1)

x2 + a = a(x − 1)(1

ax + 1

a)+ a + 1

62 1 Theory

from which we obtain

a+1 = (x2+a)−a(x−1)(1

ax+ 1

a) = (x2+a)(1− 1

a(x2−1))+ 1

a(x+1)(x3−x2)

and thus

(x2 + a)

(− 1

a(a + 1)x2 + 1

a

)≡ 1 (mod x3 − x2).

We conclude that the inverse of f (x) in A is the class of

− 1

a(a + 1)x2 + 1

a.

Exercise 18 Let p be a prime different from 2. Show that

(i) the elements a ∈ F∗p that are squares form a subgroup of F∗p of order (p−1)/2;

(ii) the Legendre symbol

F∗p � a −→

(a

p

)∈ {±1}

is a surjective group homomorphism, and in particular the product of two non-squares is a square;

(iii) −1 is the square of an element in F∗p if and only if p ≡ 1 (mod 4), that is, we

have(−1

p

)= (−1)

p−12 .

Solution

(i) The map F∗p � a

f−→ a2 ∈ F∗p is clearly a homomorphism, because f (ab) =

(ab)2 = a2b2 = f (a)f (b). The kernel of f is the set {a ∈ F∗p | a2 = 1}.

Since Fp is a field, the only solutions of x2 = 1 are±1, so Ker(f ) = {±1}. Bythe fundamental homomorphism theorem, the image of f is thus a subgroupof F∗p of order (p− 1)/2. Since Im(f ) is the set of squares F∗p, we have shownthe required statement.

(ii) We saw above that the subset Q of all squares in F∗p is a subgroup of order

(p − 1)/2. The quotient F∗p/Q has therefore two elements, and the compositemap F

∗p −→ F

∗p/Q −→ {±1} is a group homomorphism. The result of the

composition is clearly

F∗p � a −→

(a

p

)∈ {±1}.

7 Preliminary Exercises 63

We thus find that the Legendre symbol is multiplicative and, in particular, thatthe product of two non-squares is a square.

(iii) Assume that there exists a ∈ F∗p such that a2 = −1. We have a4 = (−1)2 = 1,

so the order of a must be a divisor of 4; on the other hand, it cannot be less than4 because a2 = −1 �= 1. It follows that 4 must divide the order of the group,that is, 4 |p − 1.Conversely, suppose 4 |p − 1. Since F

∗p is a cyclic group of order p − 1, F∗p

has a subgroup of order d for each divisor d of p − 1. In particular, F∗p has acyclic subgroup of order 4 and thus an element a of order 4. But, if a has order4, then b = a2 �= 1 and b2 = a4 = 1, which implies b = −1 because −1 isthe only element of order 2 in F

∗p.

Exercise 19 Factor x8 − 1 in K[x] for K = C, R, Q, F17 and F43.

Solution Remark that, if a field K is contained in a field F, then any factorisationof a polynomial in K[x] is also valid in F[x]; in particular, the factorisation of thepolynomial in F[x] refines its factorisation in K[x]. In other words, the factorisationin K[x] is obtained by possibly grouping together some of the factors in F[x].

Moreover, remark that every factorisation of a polynomial in Z[x] is also validin (Z/mZ)[x] for every positive integer m.

By the fundamental theorem of algebra, the polynomial x8 − 1 factors in C[x]as a product of eight linear factors, which correspond to eighth roots of unity. If wedenote by ζ a primitive eighth root of unity (that is, one of order exactly 8, such asfor example ζ = (1+ i)/

√2), the factorisation of x8 − 1 in C[x] is

x8 − 1 =7∏

h=0

(x − ζ h).

Every polynomial with real coefficient having a complex root also has its complexconjugate as a root. Therefore, from the factorisation in C[x] we can obtain thefactorisation in R[x] by preserving the factors x−1 e x+1 and pairing together thefactors that correspond to complex conjugate roots. We obtain

(x − ζ )(x − ζ−1) = x2 −√2x + 1,

(x − ζ 2)(x − ζ−2) = x2 + 1,

(x − ζ 3)(x − ζ−3) = x2 +√2x + 1.

Therefore, the factorisation of x8 − 1 in R[x] is

x8 − 1 = (x − 1)(x + 1)(x2 −√2x + 1)(x2 + 1)(x2 +√2x + 1).

The factors x − 1, x + 1 and x2 + 1 have rational coefficients and are irreducible inR[x], so they are irreducible in Q[x]. The factors x2 −√2x + 1 and x2 +√2x +1, which do not have rational coefficients, must be grouped together: (x2 − √2x

64 1 Theory

+ 1)(x2 +√2x + 1) = x4 + 1. Therefore, the factorisation of x8 − 1 in Q[x] is

x8 − 1 = (x − 1)(x + 1)(x2 + 1)(x4 + 1).

By Gauss’s lemma, a primitive polynomial is irreducible in Z[x] if and only if itis irreducible in Q[x], so the factorisation of x8 − 1 in Z[x] coincides with that inQ[x].

Now consider the field K = F17. The multiplicative group of K is cyclic of order16, so it has a unique cyclic subgroup of order 8. An element α ∈ K

∗ belongs tothis subgroup if and only if α8 = 1; so the polynomial x8 − 1 has eight roots inF17, namely, the elements of this cyclic subgroup. Simple calculations show that agenerator of this cyclic group is given by the class of 2 modulo 17. This yields thefactorisation

x8 − 1 = (x − 2)(x − 4)(x − 8)(x + 1)(x + 2)(x + 4)(x + 8)(x − 1).

Finally, consider the case of K = F43. Given the factorisation in Z[x], wecertainly can write x8−1 = (x−1)(x+1)(x2+1)(x4+1) in F43[x]. The polynomialx2 + 1 is still irreducible over K: it has no roots in K because any root would haveorder 4 in K

∗, but 4 does not divide 42, which is the order of K∗.The polynomial x4+1 also has no roots, since a root would have order 8. Remark,

however, that the order of F∗432 is divisible by 8, so it contains all roots of x8 − 1.

The degree of the splitting field of a polynomial with coefficients in a finite field isthe least common multiple of the degrees of its irreducible factors, so the irreduciblefactors of x4 + 1 must have degree 2.

In order to explicitly compute the factorisation, we write

x4 + 1 = (x2 + ax + b)(x2 + cx + d)

which needs to be satisfied for some a, b, c, d ∈ K. Equating the correspondingcoefficients on the two sides we obtain

⎧⎪⎪⎪⎪⎨

⎪⎪⎪⎪⎩

a + c = 0

b + ac+ d = 0

ad + bc = 0

bd = 1

and, substituting c = −a,

⎧⎪⎪⎨

⎪⎪⎩

b + d − a2 = 0

a(d − b) = 0

bd = 1.

7 Preliminary Exercises 65

The second equation of this system implies that a = 0 or d = b. If a = 0 thenb + d = 0 and bd = 1, that is, (x − b)(x − d) = x2 + 1; but, as seen before, theequation x2+ 1 has no roots in K, so this case yields no solutions. If d = b then weget 2b − a2 = 0 and b2 = 1, that is, b = ±1 and a2 = ±2.

Note that 27 = 128 ≡ −1 (mod 43), hence (−2)8 ≡ −2 (mod 43) and soa = ±16 is a solution of the system and we have d = b = 1 and c = ∓16. Thesevalues yield the factorisation x4+1 = (x2+16x−1)(x2−16x−1). It is now clearthat there is no solution such that b = −1, which would imply a2 = 2, since therecannot be four factors of degree 2 of the polynomial x4 + 1 by unique factorisation.

In conclusion, the factorisation of x8 − 1 in F43[x] is

x8 − 1 = (x − 1)(x + 1)(x2 + 1)(x2 + 16x − 1)(x2 − 16x − 1).

[[We can also show that a2 = 2 has no solutions in F43 in the following way. From the fact

that 27 ≡ −1 (mod 43) we find that the order of 2 in F∗43 is 14. But then 2 is not a square in

F43, because the nonzero squares form the image of F∗43 � x −→ x2 ∈ F∗43, which has order

(43− 1)/2 = 21, not divisible by 14.]]

Exercise 20 LetK be a field and let f (x) = anxn+· · ·+a0 ∈ K[x] be a polynomial

of degree n; we call the reciprocal polynomial of f (x) the polynomial f (x) =a0x

n + · · · + an. Show that if f (0) �= 0 then f (x) is irreducible in K[x] if and onlyif f (x) is irreducible in K[x].Solution For this solution, we shall assume that all polynomials mentioned have anonzero constant coefficient.

First of all, remark that f (x) = xnf (1/x) with n = deg f ; it followsimmediately that the reciprocal polynomial of f (x)g(x) is f (x)g(x). Moreover,

deg(f (x)) = deg(f ) and ˆf (x) = f (x).The statement we need to prove is equivalent to the following: f (x) is reducible

in K[x] if and only if f (x) is reducible in K[x]. Suppose that f (x) is reducible andfactors as f (x) = g(x)h(x); we then have that f (x) = g(x)h(x) is also reducible.

The opposite implication is a consequence of ˆf (x) = f (x).

Exercise 21 Find all irreducible polynomials of degree up to 5 in F2[x].Solution The polynomials of degree 1 are clearly irreducible; they are x and x + 1.

Remark that the only roots a polynomial can have in F2 = Z/2Z are 0 and 1.Now, a polynomial has 0 as a root if and only if its constant coefficient is zero, andit has 1 as a root in F2 if and only if it is the sum of an even number of monomials.Since polynomials of degree 2 or 3 are irreducible if and only if they have no roots,it follows from our remark that the irreducible polynomials of degree 2 or 3 arethose with constant coefficient 1 and with an odd number of monomials, namely,x2 + x + 1, x3 + x + 1 and x3 + x2 + 1.

A polynomial of degree 4 or 5 is irreducible if it has no roots and no irreduciblefactors of degree 2. Because of our argument above, the polynomials of degree 4that have no roots are x4+x3+x2+x+1, x4+x3+1, x4+x+1 and x4+x2+1.

66 1 Theory

In order to find which of them are irreducible we need to exclude those that factoras a product of irreducible polynomials of degree 2. Since there is only one suchpolynomial, the only polynomial we need to exclude is (x2+x+1)2 = x4+x2+1.Therefore, the irreducible polynomials of degree 4 are x4+x3+x2+x+1, x4+x3+1and x4 + x + 1.

We can argue in a similar way for polynomials of degree 5: those with no rootshave constant coefficient 1 and an odd number of monomials. In order to obtain theirreducible ones, we need to exclude those that factor as a product of x2+x+1 andan irreducible polynomial of degree 3: these are (x2+x+1)(x3+x+1) = x5+x4+1and (x2+ x+ 1)(x3+ x2+ 1) = x5+ x+ 1. The irreducible polynomials of degree5 are therefore x5 + x3 + x2 + x + 1, x5 + x4 + x2 + x + 1, x5 + x4 + x3 + x + 1,x5 + x4 + x3 + x2 + 1, x5 + x3 + 1 and x5 + x2 + 1.

Exercise 22 Find the number of irreducible polynomials in F2[x] of degree up to6.

Solution Denote by F2 a fixed algebraic closure of F2. The roots in F2 ofirreducible polynomials of degree d in F2[x] are precisely the elements of degree d

in F2, that is, the elements of the field F2d that do not belong to any of its propersubfields. Since an irreducible polynomial of degree d in F2[x] has d different rootsin F2, we can compute the number of irreducible polynomials of degree d using theinclusion-exclusion principle. In particular, letting nd be the number of irreduciblepolynomials of degree d , we find that

n1 = |F2| = 2,

n2 = 1

2|F22 \ F2| = 22 − 2

2= 1,

n3 = 1

3|F23 \ F2| = 23 − 2

3= 2,

n4 = 1

4|F24 \ F22| = 24 − 22

4= 3,

n5 = 1

5|F25 \ F2| = 25 − 2

5= 6,

n6 = 1

6|F26 \ (F23 ∪ F22)| = (26 − (23 + 22 − 2))

6= 9.

Exercise 23 Factor the following polynomials in Q[x](i) 4x3 + 11x2 + 19x + 21;

(ii) x4 + 8x2 − 5.

Solution

(i) The polynomial f (x) = 4x3+ 11x2+ 19x+ 21 has degree 3, so it is reducibleif and only if it has a root. Any rational root of f (x) must be of the form a/b,

7 Preliminary Exercises 67

where a is a divisor of 21 and b is a divisor of 4. The possible rational roots arethus

±1, ±1

2, ±1

4, ±3, ±3

2, ±3

4, ±7, ±7

2, ±7

4, ±21, ±21

2, ±21

4.

By substituting these values into the polynomial, we find that f (−7/4) = 0. ByRuffini’s theorem, f (x) is thus divisible by x + 7/4 in Q[x]. Moreover, sincef (x) has integer coefficients, by Gauss’ lemma it is divisible by the polynomialobtained from x + 7/4 by eliminating denominators, namely, 4x + 7. If weperform the division, we find that

4x3 + 11x2 + 19x + 21 = (4x + 7)(x2 + x + 3).

Since the polynomial x2 + x + 3 has no rational roots, the expression above isindeed the factorisation of f (x) in Q[x].

(ii) First of all, we look for rational roots. By the same argument as above, theonly potential rational roots are ±1,±5. Substituting these values into g(x) =x4 + 8x2 − 5 we never get zero, so g(x) has no rational roots; equivalently, byRuffini’s theorem, g(x) has no irreducible linear factors.As for irreducible factors of degree 2, remark that the polynomial gives abiquadratic equation. Setting y = x2, we find that the roots of the polynomialy2 + 8y − 5 are −4±√21, so the roots of g(x) are

±√−4+√21, ±

√−4−√21 = ±i

√4+√21.

The first two roots are real, the other two are imaginary, and they are complexconjugates. Therefore, if g(x) has irreducible factors of degree 2 in Q[x] (whichmust in particular be in R[x]), one must have both complex conjugate roots, soit must be

(x − i

√4+√21)(x + i

√4+√21) = x2 + 4+√21.

But this polynomial does not have rational coefficients, so it is not a factor ofg(x) in Q[x]. It follows that g(x) is irreducible in Q[x].

Exercise 24 Factor the polynomial x4 + x3 + x2 + 1 in Q[x].Solution By Gauss’s lemma, f (x) = x4 + x3 + x2 + 1 is irreducible in Q[x]if and only if it is irreducible in Z[x]. Any factorisation of f (x) in Z[x] yieldsa factorisation modulo p (whose factors are not necessarily irreducible) for eachprime p. The class of f (x) modulo 2 factors as (x + 1)(x3 + x + 1), with bothfactors being irreducible in (Z/2Z)[x]. Consequently, either f (x) is irreducible inZ[x], or it has a root in Z. The only possible roots are ±1, but f (±1) �= 0, so f (x)

is irreducible.

68 1 Theory

Exercise 25 Find the minimal polynomial of α2 over a field K knowing theminimal polynomial of α.

Solution Let n be the degree of α over K. Degrees are multiplicative in towers,hence [K(α) : K] = [K(α) : K(α2)][K(α2) : K]. Since α satisfies the equationx2 − α2 = 0 over K(α2), the first of the two factors is either 1 or 2, and the secondis either n or n/2.

Let μα(x) = xn + an−1xn−1 + · · · + a1x + a0 be the minimal polynomial of

α over K. By separating terms of even and odd degree, we can write μα(x) =p(x2) + xd(x2), where p(x2) is the sum of the even degree monomials in μα(x)

and xd(x2) is the sum of the odd degree monomials.We have two cases.1 The polynomial d(x) is zero, so μα(x) = p(x2). We have p(α2) = 0 and

deg p = n/2, so p(x) is the minimal polynomial of α2 over K.2 The polynomial d(x) is nonzero. In this case, α = −p(α2)/d(α2), so α2 has

degree n over K because K(α) ⊆ K(α2) ⊆ K(α).Remark that the polynomial

g(x2) = (p(x2)− xd(x2))(p(x2)+ xd(x2)) = p(x2)2 − x2d(x2)2

is zero when evaluated at α and has degree 2n. Therefore, g(x) is zero whenevaluated at α2 and has degree n; moreover, its leading coefficient is (−1)n. Itfollows that the minimal polynomial of α2 over K is (−1)ng(x).

Chapter 2Exercises

1 Sequences

1 Let a0, a1, a2, . . . be the sequence defined by recurrence as

⎧⎨

⎩a0 = 2, a1 = 3;an+1 = an + an−1

6for n ≥ 1.

(i) Show that for all n ≥ 2 we have an = bn/6n−1 with bn ≡ −1 (mod 6).(ii) For each n ≥ 0, set cn = 5an + (−1)n4/3n−1. Show that for all n ≥ 0 we have

cn = 22 · 2−n.

2 Let a0, a1, a2, . . . be the sequence defined by recurrence as

{a0 = 0, a1 = 1;an+1 = 5an − 6an−1 for n ≥ 1.

Show that

(i) (an, 6) = 1 for all n > 0;(ii) 5 | an if and only if n is even.

3 Let a1, a2, a3, . . . be the sequence defined by recurrence as

{a1 = 1, a2 = 2;an+1 = 1

2an + an−1 for n ≥ 2.

(i) Show that an+1 ≥ an for all n ≥ 1.(ii) Show that a2n+2 = 9a2n/4− a2n−2 for all n ≥ 2.

© Springer Nature Switzerland AG 2020R. Chirivì et al., Selected Exercises in Algebra, UNITEXT 119,https://doi.org/10.1007/978-3-030-36156-3_2

69

70 2 Exercises

4 Consider the sequence a0, a1, a2, . . . defined by recurrence as

{a0 = 2, a1 = 1;an+1 = an + an−1 for n ≥ 1.

Show that

(i) a20 + a2

1 + · · · + a2n = anan+1 + 2 for all n ≥ 0;

(ii) an is even if and only if n ≡ 0 (mod 3).

5 Let k > 0 be a natural number. Show that there exists a unique sequence of realnumbers a0, a1, a2, . . . such that

{a0 = 0, ak = 1;an+1 = an + an−1 for n ≥ 1

and that for this sequence we have a1 = 1/Fk , where Fk is the kth Fibonaccinumber.

6 Let a0, a1, a2, . . . be the sequence defined by the recurrence relation

{a0 = 9, a1 = 12, a2 = 38;an+2 = 7an − 6an−1 for n ≥ 1.

(i) Find all values of n for which 3 | an.(ii) Find all values of n for which we have an+1 > an.

7 We set inductively a0 = 31, an+1 = a3n for n ≥ 0. Show that there exists a

positive integer k such that for all n we have an+k ≡ an (mod 44) and find theminimum such k.

8 Given k ∈ N, let a1, a2, a3, . . . be the sequence of natural numbers given by

{a1 = k,

an+1 = an + (202, an) for n ≥ 1.

Show that there exists n0 ∈ N such that for all n ≥ n0 we have 202 | an.

9 Let a be an integer not divisible by 3 and let a0, a1, a2 . . . be the sequence definedby

{a0 = 1, a1 = a;an+1 = 5an + 3an−1 for n ≥ 1.

Show that (an+1, an) = 1 for all n ≥ 1.

2 Combinatorics 71

10 For each integer n ≥ 0, set an = 3n + 5n.

(i) Find real numbers h, k such that an+1 = han + kan−1 for all n ≥ 1.(ii) Determine whether or not there exists n such that 7 | an.

11 Let a0, a1, a2, . . . be the sequence defined by

{a0 = 2, a1 = 3, a2 = 5;an+1 = an − an−1 + 2an−2 for n ≥ 2.

Show that an < an+1 for all n ≥ 0.

12 Let h, k be integers such that (h, k) = 1 and let a0, a1, a2 . . . be the sequencedefined by

{a0 = 1, a1 = 1;an+1 = han + kan−1 for n ≥ 1.

(i) Show that (an, an+1) = 1 for all n ≥ 0.(ii) Having set h = 35 and k = 71, find the greatest common divisor of all numbers

in the set {a2n − 1 | n = 0, 1, 2, . . . }.

13 Denote by Fn, for n ≥ 0, the nth Fibonacci number. Show the following:

(i)(n0

)F1 +

(n1

)F2 + · · · +

(n

n−1

)Fn +

(nn

)Fn+1 = F2n+1;

(ii)(n1

)F1 +

(n2

)F2 + · · · +

(n

n−1

)Fn−1 +

(nn

)Fn = F2n.

14 Consider the sequence a1, a2, a3, . . . of natural numbers defined by

{a1 = 1, a2 = 4;an+1 = an + 3an−1 for n ≥ 2.

(i) Show that there exist real constants α, β such that for all n ≥ 1

an = α

(1+√13

2

)n

+ β

(1−√13

2

)n

.

(ii) Find all values of n for which an is even.

2 Combinatorics

15 Let X = {1, 2, . . . , n}.(i) How many ordered triples (A,B,C) of disjoint subsets of X are such that A ∪

B ∪ C = X?

72 2 Exercises

(ii) Show that the number of ordered triples (A,B,C) of subsets of X such thatA ∪ B ∪ C = X is 7n.

16 Let X be the set of all pairs (m, n) of relatively prime integers such that 1 ≤m,n ≤ 100. Show that |X| + 1 = 2

∑100k=1 φ(k).

17 Find the cardinality of the set X = {1 ≤ n ≤ 10000 | (n, 18) = 6 and n ≡ 2(mod 7)}.18 Find the number of positive divisors of 340 · 525 that are congruent to 1 modulo7.

19 Find all positive integers n such that φ(n) = 12.

20 Find the number of triples (x, y, n) of integers such that 0 ≤ x, y < 50, n ∈ N

and x + y = n2.

21 Find all positive integers n such that

φ(n) = 2

5n.

22 For each positive integer n, let d(n) be the number of its positive divisors.

(i) Show that d(n)+ φ(n) ≤ n+ 1 for all positive integers n.(ii) Find all positive integers n such that d(n)+ φ(n) = n.

23 Find all natural numbers n ≤ 120 such that (n, φ(n)) = 3.

24 Find the number of ordered triples of integers (a, b, c) with the followingproperties: 1 ≤ a, b, c ≤ 60, exactly two among a, b, c are even and exactly oneamong a, b, c is divisible by 3.

25 Given a positive integer m, let ω(m) be the number of distinct prime factors ofm. Show that

φ(m)

m≥ 1

ω(m)+ 1.

26 Find the number of integers n satisfying all of the following properties: 1000 <

n < 10000, none of the digits in the decimal representation of n is equal to 9 and atleast two digits are the same.

27 For each integer n > 0, let Sn be the set of permutations of {1, . . . , n}.(i) Find the cardinality of the set

{f ∈ Sn | f (i) ≤ i + 1 for 1 ≤ i ≤ n}.(ii) Show that the cardinality of the set

{f ∈ Sn | i − 1 ≤ f (i) ≤ i + 1 for 1 ≤ i ≤ n}is given by the (n+ 1)th Fibonacci number.

2 Combinatorics 73

28 Let X = {1, 2, . . . , 100}.(i) Find the number of all subsets of X having exactly three elements, at least two

of which are congruent modulo 5.(ii) Find the number of maps f : X −→ X such that f (n) ≡ n + 1 (mod 5) for

all n ∈ X.

29 Let X = {1, 2, . . . , 100}. Find the cardinality of the following sets:

(i) {(x, y) ∈ X2 | (xy, 6) = 1};(ii) {(x, y) ∈ X2 | x < y + 6}.30 Let X = {1, 2, . . . , 100}. Find the cardinality of the following sets:

(i) A = {f : X −→ X| f is injective and f 2(x) ≡ f (x) (mod 2) ∀x ∈ X };(ii) B = {f : X −→ X| f 2(x) = 1 ∀x ∈ X }.31 Find the cardinality of the following sets:

(i) X = {d ∈ N | d | 144000 and d has an even number of divisors};(ii) Y = {d ∈ N | d | 144000 and d is a perfect square but not a perfect cube}.32 Let X = {1, 2, . . . , 100}. Find the cardinality of the following sets:

(i) A = {A ⊆ X| ∑a∈A a ≡ 0 (mod 2)};

(ii) B = {A ⊆ X| ∏a∈A a ≡ 0 (mod 8)}.

33 Find the number of integers n, with 2 ≤ n ≤ 1000, such that φ(n) | n.

34 A single player game consists in tossing a coin indefinitely. For each coin toss,the probability of heads is the same as that of tails. The player’s initial score is 0and, for each toss, the player is awarded two points for tails and one point for heads.For each k ≥ 1, let xk be the player’s score after k coin tosses.

Show that for all n ≥ 1 the probability pn that there exists k such that xk = n isequal to

2

3+ (−1)n

3 · 2n.

35 For each bijection f : {1, 2, . . . , 10} −→ {1, 2, . . . , 10}, set

S(f ) =10∑

i=1

|f (i)− i|.

Find the number of bijections such that

(i) S(f ) = 2;(ii) S(f ) = 3;

(iii) S(f ) = 4.

74 2 Exercises

36 Let X = {1, 2, . . . , 100}. Find the number of subsets A of X such that

(i) A has 96 elements and the sum of all elements of A is even;(ii) A has 97 elements and the sum of all elements of A is divisible by 3.

37 Find the cardinalities of the three following sets:

A = {f : {1, . . . , 5} → {1, . . . , 100} | f (i) < f (i + 1) ∀ i = 1, 2, 3, 4},B = {f ∈ A | ∃i with f (i + 1) > f (i)+ 1},C = {f ∈ A | f (i + 1) > f (i)+ 1 ∀ i = 1, 2, 3, 4}.

38

(i) Given 4n people, how many ways are there to form n bridge teams, eachconsisting of four people?

(ii) Given 4n people, 2n men and 2n women, how many ways are there to form n

bridge teams, each consisting of two men and two women?

39 Let f be a permutation of {1, 2, . . . , n}. Suppose that for all x, y ∈ {1, 2, . . . , n}the following holds: x divides y if and only if f (x) divides f (y).

(i) Is it always true that f sends the product of any k distinct primes to the productof k distinct primes?

(ii) Is it always true that f sends powers of a prime to powers of a prime?(iii) If n = 10, how many possibilities are there for f ? And if n = 13?

40 Consider a deck of 40 playing cards, 10 for each of four suits—coins, swords,clubs and cups.

(i) How many orderings of the deck are such that the cards of each suit appear inincreasing order?

(ii) How many orderings of the deck are such that all coins cards precede all swordscards?

41 Given a positive integer n, how many subsets of {1, 2, 3, . . . , n} contain at leastthree numbers of the same parity?

42 A four-colouring of Z/40Z is a map c : Z/40Z → {0, 1, 2, 3}. How manyfour-colourings c : Z/40Z → {0, 1, 2, 3} are such that for all x ∈ Z we havec(x) �= c(x + 10)?

43 Consider an n× n table, each cell of which is coloured either black or white.

(i) How many colourings are such that no row is completely black or completelywhite?

(ii) How many colourings are such that each row and each column contains exactlyone black cell?

(iii) Assume that n is even; how many colourings are such that every row containsthe same number of white cells as of black cells?

2 Combinatorics 75

44 Show that for all n ≥ 1 we have

(i)n∑

k=0k(nk

) = n2n−1;

(ii)n∑

k=0k2(nk

) = (n+ n2)2n−2.

45 Find the cardinality of the set

{(a1, . . . , a30) ∈ {0, 1}30 | a1 + a3 + · · · + a29 ≤ 2 and a2 + a4 + · · · + a30 ≤ 2}.

46 Let X = {1, 2, . . . , 100}.(i) Find the number of three-element subsets of X containing two elements whose

sum is 10.(ii) Find the number of three-element subsets of X containing at least two elements

that are divisible by 5.

47 Find the number of ordered pairs (x, y) ∈ Z/2100Z×Z/2100

Z such that xy = 0.

48 Consider the set X of all possible teams of four you can form from a set of 13people.

(i) Having fixed two people p and q , pick a team from X at random; what is theprobability that p and q do not both belong to that team?

(ii) Find the cardinality of any subset of X with the following property: given anytwo people, they must appear together in exactly one team belonging to thesubset.

49 Find the number of all positive divisors d of 21003100 such that d ≡ 4 (mod 5).

50 Let X = {1, 2, . . . , 100}.(i) Find the number of two-element subsets of X such that the sum of their

elements is divisible by 4.(ii) Find the number of three-element subsets of X containing no consecutive

numbers.

51 Let X be the set of maps from {1, 2, . . . , 10} to itself and, for each f ∈ X, let

Mf = max{f (x) | 1 ≤ x ≤ 10}, mf = min{f (x) | 1 ≤ x ≤ 10}.

(i) Find the number of all maps f ∈ X such that Mf −mf = 1.(ii) Find the number of all maps f ∈ X such that Mf = 10 and mf = 1.

52 Find all natural numbers n such that φ(n) = n− 8.

53 Let X = {1, 2, . . . , 100}.(i) Find the number of maps f : X −→ X with exactly ten fixed points, that is,

ten elements x ∈ X such that f (x) = x.

76 2 Exercises

(ii) Find the number of maps f : X −→ X such that

∑

x∈X|f (x)− x| = 2.

54 Let X = {1, 2, . . . , 20}.(i) Find the number of all ordered pairs (A,B) of subsets of X such that |A| = 5

and |A ∪ B| = 12.(ii) Find the number of all ordered triples (A,B,C) of subsets of X such that |(A∪

B) ∩ C| = 8.

55

(i) How many strings (a0, . . . , a9), with ai ∈ {0, 1, 2, 3, 4} for each i, are such thatthere are fewer odd ai’s than even ai’s?

(ii) Find the number of all strings (a0, . . . , a9), with ai ∈ {0, 1, 2, 3, 4} for each i,such that

9∑

i=0

(−1)iai ≡ 0 (mod 6).

56 Let N = {1, 2, . . . , 100}. Find the cardinality of the following sets:

(i) X = {A ⊆ N | max A−min A = 60};(ii) Y = {f : N −→ N | f (1) · f (2) · · ·f (100) �≡ 0 (mod 10)}.57 Let W be the set of words of length 3 one can form with 26 letters. Find thenumber of pairs (α, β) with α, β ∈ W such that α, β do not have any letters incommon.

58 Let X = {1, 2, . . . , 100}. Find the number of

(i) all ordered pairs (A,B) of subsets of X with |A ∪ B| = 40 and |A| = 10;(ii) all subsets A of X with |A| = 5 and

∏x∈A x ≡ 0 (mod 9).

59 Consider a six-sided die whose faces are numbered from 1 to 6; to each die rollassign a score given by the value of the face the die lands on. Find the probabilitythat, after rolling the same die n times, the sum of the scores obtained is a multipleof 7.

60

(i) Find the number of positive integer solutions (x, y) of the equation 2x + 3y =100.

(ii) Find the number of all three-element subsets A of {1, 2, . . . , 100} such that thesum of their elements is equal to 100.

61 Find all natural numbers a such that there exists a natural number n for which

φ(n) = a

43n.

3 Congruences 77

62 Let X = {1, 2, . . . , 100}.(i) Find the number of all two-element subsets {a, b} of X such that ab ≡ a + b

(mod 3).(ii) Find the number of all two-element subsets {a, b} of X such that ab(a+b) ≡ 0

(mod 3).

63 Let X = {1, . . . , 100} and let S(X) be the set of permutations of X.

(i) Given σ ∈ S(X) and i ∈ {0, 1, 2}, let Xi,σ = {x ∈ X | σ(x) − x ≡ i

(mod 3)}. Show that, for all σ ∈ S(X), we have |X1,σ | ≡ |X2,σ | (mod 3).(ii) Find the number of all permutations σ ∈ S(X) such that σ ◦σ(x) ≡ x (mod 2)

for all x ∈ X.

64 Find the number of all ordered triples (x, y, z) of positive integers such that

(i) xyz = 10100;(ii) x2yz = 10100.

65 Let X = {1, 2, . . . , 10}. Find the number of maps f : X −→ X such that forall a, b in X, the number f (a) · f (b) is not prime.

66 Consider a set of n pairs of twins.

(i) How many ways are there to form a team of six people containing exactly twopairs of twins?

(ii) Let n = 12. How many ways are there to partition the 24 people into four teamsof 6 in such a way that at least one pair of twins ends up separated into differentteams?

67 Let X = {1, 2, . . . , 100}. Find the cardinality of the following sets:

(i) {A ∈ P(X) |∑x∈A x100 ≡ 0 (mod 2)};(ii) {(A,B) ∈ P(X)2 | 4 exactly divides

∏x∈A∩B x}.

3 Congruences

68 Find, as a function of the integer a, all solutions of the following system ofcongruences:

{2ax ≡ 13 (mod 17)

(x − a)(x − 2) ≡ 0 (mod 4).

69 Find all integer values of a for which the following system has a solution:

{2x ≡ a (mod 9)

x ≡ a2 (mod 3).

78 2 Exercises

70 Find all integer values of a for which the following system has a solution:

{2x ≡ 3a (mod 7)

4x2 ≡ a2 (mod 24).

71 Find all values of a ∈ Z such that the following system has a solution, thensolve it:

{3x2−1 ≡ 2a (mod 13)

x − 1 ≡ 0 (mod 3).

72 Find all solutions of the following system of congruences:

{2x ≡ x (mod 7)

x2 ≡ 1 (mod 15).

73 Find all natural values of n such that the following system is satisfied:

{(n3

) ≡ 0 (mod 2)(n4

) ≡ 0 (mod 2).

74 Solve the following system of congruences:

{x2 ≡ 4 (mod 14)

x ≡ 3 (mod 5).

75 Solve the following system of congruences:

{x660 ≡ 1 (mod 847)

x ≡ 11 (mod 13).

76 Find all a ∈ Z for which the congruence x3 − a3 ≡ 0 (mod 85) has solutionsother than x ≡ a (mod 85).

77 Solve the congruence 2x ≡ 5 (mod 33). Then solve the systems

{2x ≡ 5 (mod 33)

x ≡ 2 (mod 15),

{2x ≡ 5 (mod 34)

x ≡ 3 (mod 15).

78

(i) For which integers b does the congruence 81x ≡ b (mod 125) have a solution?(ii) Assume that 81x ≡ b0 (mod 125) has a solution x0 and describe the set of all

solutions.

3 Congruences 79

79 Solve the congruence 2x ≡ 3 (mod 125). How could one solve the congruence2x ≡ 3 (mod 625)?

80 Solve the system of congruences

{5x ≡ 3 (mod 11)

x2 ≡ −3 (mod 21).

81 For each a ∈ Z, find all integer values of x such that

1

3x3 − 8

21ax2 + 3

7x + 1

7a

is an integer.

82 Find the number of solutions modulo 77 of the congruence x15 ≡ x27

(mod 77).

83 Find, for each k ∈ N, all solutions of the following system of congruences:

{xk ≡ x (mod 7)

x3 �≡ x (mod 7).

84 Find all integer values of a for which the following system has a solution

{ax ≡ 4 (mod 25)

x2 + a ≡ 0 (mod 15)

and find all solutions for a = −1.

85 For each a ∈ Z, solve the following system of congruences:

{ax ≡ 1 (mod 9)

ax ≡ 1 (mod 9).

86 For each integer a, find all solutions of the system

{(6a − 1)x ≡ 1 (mod 21)

x ≡ a (mod 35).

87 Find all integer values of a for which the following system of congruences hasa solution

{9ax ≡ 1 (mod 34)

x2 − 9ax ≡ 6 (mod 15)

and solve it for a = 4.

80 2 Exercises

88 For each integer a, determine whether the following system of congruences hasany solutions and, if so, find them:

{3x ≡ a (mod 42)

6x ≡ 1 (mod 35).

89 Solve the following system of congruences:

{5x ≡ 9 (mod 24)

x2 + 2x + 8 ≡ 0 (mod 176).

90 Find all integer values of a such that the following system has a solution:

{x2 ≡ 5a (mod 120)

6x ≡ a (mod 21).

Find all solutions of the system for a = 45.

91 Find the number of solutions of the congruence x100 ≡ a (mod 77) for eachinteger a.

92

(i) Find, for each integer a, the number of solutions of the congruence xa ≡ 1(mod 92).

(ii) For each integer a, solve the following system of congruences:

{xa ≡ 1 (mod 92)

6x ≡ 8 (mod 23).

93 For each integer a, find the number of solutions of the following system ofcongruences:

{2x ≡ a (mod 22)

x2 ≡ 7a (mod 84).

94 For each integer a, solve the following system of congruences:

{ax ≡ 3 (mod 8)

x2a ≡ 4 (mod 9).

95 Find the number of all ordered pairs (x, y) ∈ Z/100Z × Z/100Z such thatxy = 0.

3 Congruences 81

96 For each integer a, find the number of solutions of the following system ofcongruences:

{6x ≡ 4a (mod 72)

5x ≡ 2 (mod 39).

97 Solve the following system of congruences:

{8x2−1 ≡ −1 (mod 27)

x22 + 2x ≡ 8 (mod 44).

98 For each a ∈ Z, find the number of solutions of the following system ofcongruences modulo an appropriate integer:

{3x ≡ 2a (mod 5)

x3 ≡ a + 2 (mod 24).

99 For each a ∈ Z, find all solutions of the following system of congruences:

{ax ≡ 3 (mod 7)

x2 ≡ a (mod 8).

100 For each a ∈ Z, find all solutions of the following system of congruences:

{ax ≡ 1 (mod 5)

ax ≡ 2 (mod 8).

101 For each a ∈ Z, find all solutions of the following system of congruences:

{5x2−1 ≡ 2a (mod 13)

x3 ≡ 0 (mod 64).

102 Find all integer values of a for which the following system has a solution:

{ax ≡ 11 (mod 14)

xa ≡ 1 (mod 9).

103

(i) Find all x ∈ Z such that 3x ≡ 7 (mod 10).(ii) Find all x ∈ Z such that 3x ≡ 4+ x (mod 10).

82 2 Exercises

104 Find all solutions of the following system of congruences:

{x2x+1 ≡ 1 (mod 7)

4x ≡ 7 (mod 15).

105

(i) Let k be a natural number. Find the number of x ∈ Z with 0 ≤ x ≤ k such thatx ≡ 1 (mod n) for all n with 1 ≤ n ≤ 10.

(ii) How many integers x are such that x ≡ −1 (mod n) for all positive integersn?

(iii) How many integers x are such that x ≡ n (mod 2n) for all positive integers n?

106 Find all pairs of positive integers (x, n) that satisfy the congruence xn ≡ 39(mod 10x).

107 For each n ∈ Z, find the number of solutions of the congruence

x5n ≡ 1 (mod 55).

108

(i) Solve the congruence x2 − x + 43 ≡ 0 (mod 55).

(ii) For each integer a, solve the following system of congruences:

{x2 − x + 43 ≡ 0 (mod 55)

x114 ≡ xa (mod 5).

109 Solve the following two congruences:

(i) x2 + 2x + 5 ≡ 0 (mod 65);(ii) 32x + 2 · 3x + 5 ≡ 0 (mod 65).

110 Solve the following system of congruences:

{x2 + 2x + 2 ≡ 0 (mod 10)

7x ≡ 20 (mod 22).

111 For each integer a, find the number of solutions modulo 180 of the followingsystem of congruences:

{ax ≡ 2 (mod 12)

9x ≡ a2 + 2a − 3 (mod 81).

112 Solve the following system of congruences:

{x131 ≡ x (mod 55)

x6 + x ≡ 0 (mod 125).

3 Congruences 83

113 For each integer a, determine whether the following system has any solutionsand, if so, find them:

{ax ≡ 12 (mod 77)

13x ≡ 25 (mod 133).

114 Find all possible integer values of a for which the following system has asolution

⎧⎨

⎩

x80 ≡ 2 (mod 7)

80x ≡ 2 (mod 7)

7x ≡ a (mod 10)

and find its solutions as a function of a.

115 Find all solutions of the following system of congruences:

{x41 ≡ x (mod 700)

45x ≡ 25 (mod 700).

116 Find all solutions of the congruence xx+1 ≡ 1 (mod 27).

117 Find all integer values of a for which the system of congruences

{ax ≡ 12 (mod 27)

a3x2 ≡ 9 (mod 39)

has a solution.

118 Let a be an integer; consider the system of congruences

{x2 − 7a ≡ 0 (mod 5)

ax ≡ 3 (mod 35).

(i) Find all values of a for which the system has a solution.(ii) Find, for each value of a, the number of solutions of the system expressed as

congruence classes for an appropriate modulus.

119 Find all integer values of a for which the system of congruences

{x2 + x + 1 ≡ 0 (mod 13)

ax ≡ 27 (mod 78)

has a solution, then solve it.

84 2 Exercises

120 Solve the following system of congruences:

{x2 − 4x + 3 ≡ 0 (mod 15)

30x ≡ −6 (mod 81).

121 Find the number of solutions modulo 1001 of the congruence x101 ≡ x

(mod 1001).

122 Find the number of solutions modulo 210 of the congruence x5 − 16x ≡ 0(mod 210).

123 Find all integer values of a for which the following system of congruences hasa solution:

{2x ≡ 3x+a2

(mod 17)

3x ≡ a23 (mod 24).

124 For each integer a, find the number of solutions modulo 90 of the followingsystem of congruences:

{3x ≡ a + 1 (mod 9)

(x − 1)(x − a) ≡ 0 (mod 15).

125 Find all integer values of a for which the following system of congruences hasa solution, then solve it:

⎧⎨

⎩

x27 ≡ x2 (mod 144)

10x ≡ a (mod 25)

2x−1 ≡ 4 (mod 11).

126 Find all integer pairs (x, y) such that

⎧⎪⎨

⎪⎩

22y2−5y+4 ≡ 2 (mod 36)

(2x2 + 17)(2x2 + xy + 4x + 2y)−1 ≡ 1 (mod 592)

x23 + 1 ≡ 0 (mod 100).

127 For each a ∈ Z, find all solutions of the following system of congruences:

{ax ≡ 1 (mod 77)

ax ≡ 1 (mod 10).

4 Groups 85

128 For each a ∈ Z, find all integer solutions of the system

{7x ≡ a (mod 8)

(x + a)4 ≡ 0 (mod 200).

129 For each a ∈ Z, find all integer solutions of the system

{7ax ≡ a (mod 49)

xa ≡ 1 (mod 3).

130 Find the number of integer solutions of the system

{x3 ≡ 8 (mod 1000)

x ≡ 2 (mod 3)

with 0 ≤ x < 3001.

131

(i) Find all solutions of

x36 ≡ x (mod 9).

(ii) Solve the following system of congruences:

{x36 ≡ x (mod 9)

x2 − x ≡ 0 (mod 64).

132 For each a ∈ N, find the number of solutions modulo 584 of the congruence

xa+5 − xa − x5 + 1 ≡ 0 (mod 584).

133 Solve the following congruence and find the number of its solutions modulo1010:

x5 − 4x + 400 ≡ 0 (mod 1010).

4 Groups

134 Let (G,+), (G′,+) be Abelian groups. Let H be a proper nontrivial subgroupof G and let H ′ be a proper nontrivial subgroup of G′. Moreover, let

Hom(G,G′) = {f : G→ G′ | f is a group homomorphism}

86 2 Exercises

be the group of all homomorphisms from G to G′, with the operation + given by(f + g)(x) = f (x)+ g(x) for all x ∈ G. Determine whether the following subsetsare subgroups of Hom(G,G′):

A = {f ∈ Hom(G,G′) | Ker(f ) ⊆ H };B = {f ∈ Hom(G,G′) | Ker(f ) ⊇ H };C = {f ∈ Hom(G,G′) | f (G) ⊆ H ′};D = {f ∈ Hom(G,G′) | f (G) ⊇ H ′}.

135 Let G = Z/6Z× Z/20Z.

(i) How many elements of G have order 60?(ii) How many cyclic subgroups of order 30 does G have?

(iii) How many injective homomorphisms f : Z/12Z −→ G are there?

136 Let G be the group of all bijective maps f : Z/72Z −→ Z/72Z of the formf (x) = ax with (a, 72) = 1 and let H = {f ∈ G | f (12) = 12}.(i) Show that H is a subgroup of G and find the order of H .

(ii) Is the subgroup H cyclic?

137 Let G = Z/12Z and let a, b be elements of G. Moreover, let f : G −→G ×G, g : G ×G −→ G be the homomorphisms given by f (x) = (ax, bx) andg(y, z) = y + z.

(i) How many pairs (a, b) correspond to an injective homomorphism f ?(ii) How many pairs (a, b) are such that g ◦ f is injective?

138 Given any prime p, show that the group (Z/p2Z)∗ contains both elements of

order p and elements of order p − 1.

139 Let G be a group and let H,K be normal subgroups of G. Show that HK ={hk | h ∈ H, k ∈ K} is a normal subgroup of G.

140 Let G be a group and let f : G −→ G be a homomorphism such that f ◦ f =f . Show that

(i) Ker(f ) ∩ Im(f ) = {e};(ii) G = Ker(f ) · Im(f ).

141

(i) Find the number of elements of order 2 and the number of elements of order 3in the group (Z/49Z)∗.

(ii) How many group homomorphisms are there from Z/6Z to (Z/49Z)∗?

142 Let G be a group, let H be a subgroup of G and let Z(H) = {g ∈ G | gh =hg ∀h ∈ H } be the centraliser of H in G. Show that

(i) Z(H) is a subgroup of G;(ii) if H is normal in G then Z(H) is as well;

4 Groups 87

(iii) for all group homomorphisms f : G −→ G′ we have f (Z(H)) ⊆ Z(f (H)).(iv) Find an example of a group homomorphism f : G −→ G′ and a subgroup H

of G such that Z(H) = G and Z(f (H)) �= G′.

143 Let G be an Abelian group and let H be the subset of elements of G whoseorder is finite.

(i) Show that H is a subgroup of G and find an example where H is infinite.(ii) Show that every element of G/H other than the neutral element has infinite

order.(iii) Show that G/H is isomorphic to G if and only if H is trivial.(iv) Show that the kernel of every homomorphism G −→ Z contains H .

144 Let G1 and G2 be groups and let G1 × G2 be their direct product. Let π1 :G1×G2 −→ G1 and π2 : G1×G2 −→ G2 be the two projection maps. Show thefollowing:

(i) if H1 is a normal subgroup of G1 and H2 is a normal subgroup of G2 thenH1 ×H2 is a normal subgroup of G1 ×G2;

(ii) if H is a subgroup of G1 ×G2 then H ⊆ π1(H)× π2(H);(iii) if |G1| = m, |G2| = n and (m, n) = 1 then for all subgroups H of G1 × G2

we have H = π1(H)× π2(H).

145 Given two finite groups G1 and G2, let f : G1 −→ G2 be a grouphomomorphism and let H be a subgroup of G1 that contains the kernel of f .

(i) Show that [G1 : H ] = [f (G1) : f (H)].(ii) Does the above equality hold even if we drop the requirement that Ker(f ) ⊆

H ?(iii) Does the above equality hold if G1 = Z and G2 is a finite group?

146 Given a group G, a subgroup M of G is maximal if M �= G and, for allsubgroups H of G such that M � H ⊆ G, we have H = G. We shall denote theintersection of all maximal subgroups of G by N .

(i) Show that N is a normal subgroup of G.(ii) Let G = Z/nZ. Show that N = {0} if and only if n is squarefree.

(iii) Find N for G = Z/100Z.

147 Given a group G, let N be a normal subgroup of G. Let f be an automorphismof G such that f (N) = N. For each g ∈ G, set ϕ(gN) = f (g)N : is ϕ anautomorphism of G/N?

148 Let G = (Z/35Z)∗.

(i) For each positive integer n, find the number of elements of order n in G.(ii) Find the number of subgroups of G whose order is 6.

149 Given a group G, let f, g : G −→ Z/12Z be two group homomorphisms.

(i) Show that the set {x ∈ G | f (x) = g(x)} is a normal subgroup of G.

88 2 Exercises

(ii) Assume G = S3 × Z/2Z and H = 〈((123), 0)〉; find all homomorphismsf : G −→ Z/12Z such that f (h) = 0 for all h ∈ H .

150 Given two primes p, q with p < q let G = (Z/pqZ)∗, G(2) = {x2 | x ∈ G}and G(3) = {x3 | x ∈ G}.(i) Find the order of each of the subgroups G(2) and G(3).

(ii) Find all p, q for which the subgroup G(2) is cyclic.(iii) Find all p, q for which the subgroup G(3) is cyclic.

151 Let (G,+) be an Abelian group and let H,K be subgroups of G such that|G/H | = m and |G/K| = n, where (m, n) = 1. Show that

(i) G = H +K;(ii) G/(H ∩K) � G/H ×G/K .

152 Let G = Z/20Z× Z/8Z. Find the number of homomorphisms f : G −→ G.Moreover, for each n ∈ N, let fn : G → G be the homomorphism given byfn(x) = nx for all x ∈ G.

(i) For which values of n is the kernel of fn a cyclic group?(ii) For which values of n is the image of fn a cyclic group?

153 Let G be a finite Abelian group and let H be a cyclic subgroup of G such thatG/H is also cyclic. Let m = ord(H), n = ord(G/H).

(i) Show that if (m, n) = 1 then G is cyclic.(ii) Give an example where (m, n) > 1 and G is not cyclic.

154 Given a positive integer n, let G be a group of order n and let fk : G −→ G

be the map defined by fk(x) = xk for all x ∈ G.

(i) Show that if fn−1 is a homomorphism then G is Abelian.(ii) Show that if n = 62 and f8 is a homomorphism then G is Abelian.

(iii) Give an example of a finite group and an integer k such that fk is not ahomomorphism.

155 Let G be a finite Abelian group of order n. For each prime divisor p of n, letGp be the set of elements of G whose order is a power of p.

(i) Show that Gp is a subgroup of G of order a power of p.(ii) Show that the order of every element of G/Gp is coprime to p.

(iii) Show that, if n = paqb, where p, q are distinct primes and a, b ∈ N, thenG/Gp is isomorphic to Gq .

156 Let L be the additive subgroup of rational numbers consisting of elements thatcan be written in the form m/10n for some m ∈ Z, n ∈ N. For each positive integerk, find

(i) the number of elements of order k in Q/L;(ii) the number of solutions of the equation kx = 0 in Q/L.

4 Groups 89

157 Let G be the group of rigid transformations of three dimensional space thatsend a cube to itself.

(i) Determine whether or not G has any subgroups of order 3.(ii) Cut each face of the cube with a line segment as in the figure. Compute the

index of the subgroup H of G that sends the figure to itself.(iii) Is H normal in G?

158 Let G be the group Z/6Z× Z/6Z.

(i) Find the number of cyclic subgroups of G.(ii) Find the number of elements x ∈ G such that G/〈x〉 is a cyclic group.

159 Let G be the set of bijections f : Z/60Z −→ Z/60Z such that for all x ∈ Z

we have f (x) ≡ x (mod 20).

(i) Show that G, endowed with the composition operation, is a group; compute itscardinality.

(ii) For each m ∈ {6, 8, 10, 12}, determine whether G has a subgroup of order m

and whether it has a cyclic subgroup of order m.

160 Let (G,+) be a finite Abelian group such that 3G = {3x | x ∈ G} is a cyclicsubgroup of G. Show that every subgroup of G whose order is coprime to 3 is cyclic.

161 For each natural number n, find the number of homomorphisms and thenumber of injective homomorphisms from Z/nZ to Z/10× Z/20Z.

162 Denote by G the group Z/5Z× Z/10Z× Z/36Z and let f : G −→ G be thehomomorphism given by f (g) = 78g for all g ∈ G.

(i) Find the cardinalities of the kernel and of the image of f .(ii) Find the largest possible order of an element in the image of f .

90 2 Exercises

163 Let (G,+) be an Abelian group and let Q = {2g | g ∈ G}.(i) Show that Q is a subgroup of G.

(ii) For which values of m ∈ {1, 2, 3, 4} is it possible that |G/Q| = m? For eachm ∈ {1, 2, 3, 4}, either give an example where this equality holds or show thatit cannot.

164 Let G be the group Z/99Z× Z/33Z.

(i) Find the number of elements of order 11 and the number of subgroups of order11 in G.

(ii) Determine whether or not there exists a subgroup H of G of order 11 such thatG/H is cyclic.

(iii) Determine whether or not there exists a surjective homomorphism from G toZ/121Z.

165 Let G be a group, let H be a normal subgroup of G of order n and let m be apositive integer coprime to n. Show that G/H contains an element of order m if andonly if G does.

166 Consider the group G = Z/8Z× Z/12Z.

(i) Find all subgroups of G whose order is 4.(ii) Find all subgroups of G whose order is 48.

167 Let p be a prime and let G1 = (Z/pZ)∗, G2 = (Z/p2Z)∗.

(i) Are there any surjective homomorphisms from G2 to G1?(ii) Are there any injective homomorphisms from G1 to G2?

168 Let (G,+) be a finite Abelian group, let p be a prime and let a be a naturalnumber such that pa exactly divides |G|.(i) Show that H = {x ∈ G |pax = 0} is a subgroup of G.

(ii) Show that G/H does not contain any elements of order p.(iii) Show that |H | = pa .

169 Given positive integers m,n, let G be the group Z/mZ× Z/nZ and let C∗ bethe multiplicative group of nonzero complex numbers.

(i) Denote by Hom(G,C∗) the set of homomorphisms from G to C∗. Show that

for all f and g in Hom(G,C∗) the map G � x −→ (fg)(x).= f (x) · g(x) ∈

C∗ is a homomorphism and that the operation (f, g) −→ fg makes the set

Hom(G,C∗) into a group.(ii) Find all pairs (m, n) for which the set Hom(G,C∗) contains an injective

homomorphism.

170 Let (G,+) be a finite Abelian group of order n and, for each prime p, let pG

be the subgroup of G given by pG = {px | x ∈ G}. Show that

(i) if p and q are different primes, then G = pG+ qG;(ii) if p and q are different primes, then G = pG ∪ qG if and only if pq � n;

4 Groups 91

(iii) if p, q, r are different odd primes, then G = pG ∪ qG ∪ rG if and only ifpqr � n.

171 Find the minimum and maximum possible number of elements whose order isprime in a group G as G varies among all Abelian groups of order 200.

172 Let G be an Abelian group of order n and let p, q be two distinct prime divisorsof n. Let hp, hq and hpq be the number of subgroups of G of order p, q and pq ,respectively. Similarly, let mp, mq and mpq be the number of elements of G of orderp, q and pq , respectively.

Show that hpq = hphq and mpq = mpmq .

173 Let G be a group, let p be a prime and let H and K be two distinct normalsubgroups of G of index p such that H ∩K = {e}.(i) Show that G is isomorphic to Z/pZ × Z/pZ.

(ii) Find the number of subgroups of order p in G.

174 Let G be an Abelian group, let k be a positive integer, and set Gk = {gk | g ∈G}.(i) Show that Gk is a subgroup of G and that all elements of G/Gk have finite

order.(ii) Assuming G is a cyclic group of order n, find the cardinality of G/Gk .

(iii) Give an example of a group G such that G/G10 � Z/2Z× Z/10Z.

175 Given positive integers m and n, denote by Hom(Z/mZ,Z/nZ) the group ofhomomorphisms from Z/mZ to Z/nZ, endowed with the addition operation.

(i) Show that Hom(Z/mZ,Z/nZ) � Z/dZ, where d is the greatest commondivisor of m and n.

(ii) Describe the subgroup of order 12 of Hom(Z/360Z,Z/420Z).

176 Let G be a group and let Δ = {(x, x) | x ∈ G}.(i) Show that Δ is a subgroup of G×G.

(ii) Show that Δ is normal in G×G if and only if G is Abelian.(iii) Show that if G is Abelian then (G×G)/Δ is isomorphic to G.

177 Let (G,+) be a finite Abelian group of order n. Show that

(i) for all primes p that divide n, the set

Gp = {x ∈ G | ∃k ∈ N such that pkx = 0}

is a subgroup of G;(ii) given x, y ∈ G of order a and b, respectively, with (a, b) = 1, we have ord(x+

y) = ab;(iii) G is cyclic if and only if for all prime divisors p of n the set Gp is a cyclic

subgroup of G.

92 2 Exercises

178 Let G = Z/18Z× Z/12Z, G′ = Z/36Z.

(i) Show that, given homomorphisms f, g ∈ Hom(G,G′), the map f + g givenby (f + g)(x) = f (x) + g(x) for all x ∈ G is a homomorphisms from G toG′, and the operation

Hom(G,G′)×Hom(G,G′) � (f, g) −→ f + g ∈ Hom(G,G′)

makes the set Hom(G,G′) into a group. Find the cardinality of Hom(G,G′).(ii) Find the number of surjective homomorphism from G to G′.

(iii) Show that for all (a, b) ∈ G the map ϕ(a,b) : Hom(G,G′) −→ G′ given byϕ(a,b)(f ) = f (a, b) is a homomorphism. Find the cardinalities of the kerneland of the image of ϕ(1,1).

179 Let (G,+) be an Abelian group and let H,K be subgroups of G such that[G : H ] = m, [G : K] = n. Set d = [G : H ∩K]. Show that

(i) d ≤ mn;(ii) d |mn;

(iii) d = mn if and only if H +K = G.

180 Let G be the subgroup of the additive group Q of rational numbers given by

G = {ab| a ∈ Z, (b, 10) = 1}.

(i) Show that G does not contain any subgroups isomorphic to Z× Z.(ii) Show that G has an infinite number of cyclic quotients.

(iii) Show that G does not have any cyclic quotients of order 3.

181 Let G and H be nontrivial cyclic groups and let f : G −→ H be an injectivehomomorphism. Show that the following conditions are necessary and sufficient forthe existence of a homomorphism g : H −→ G such that g ◦ f is an isomorphism.

(i) If G is finite then H is finite and, letting |G| = a, |H | = b, we have a | b and(a, b/a) = 1.

(ii) If G is infinite then H � Z and f is surjective.

182 A subgroup M of a group G is maximal if M �= G and for all subgroups L ofG such that M � L ⊆ G we have L = G.

(i) Let K,M be subgroups of a group G such that K � G and K ⊆ M . Show thatM is a maximal subgroup of G if and only if M/K is a maximal subgroup ofG/K .

(ii) Show that in a finite Abelian group G every subgroup H �= G is contained ina maximal subgroup of G.

(iii) Show that in a finite nontrivial Abelian group a subgroup is maximal if andonly if its index is prime.

5 Rings and Fields 93

183

(i) Find the number of homomorphisms and the number of injective homomor-phisms from Z/12Z to the group Z/4Z× S3.

(ii) Describe all homomorphisms ϕ : Z/12Z −→ Z/4Z× S3 such that ϕ(10) hasorder 3.

184 Let G = (Z/1000Z)∗.(i) Show that G is not a cyclic group.

(ii) Let H = {g ∈ G | ord(g) is a power of 2}; show that H is a subgroup of G

and compute its order.(iii) Show that G contains an element of order 25 and deduce that G/H is cyclic.

185 Let G be an Abelian group and, for each k ∈ N, set Gk = {gk | g ∈ G}.(i) Show that for all k the set Gk is a subgroup of G.

(ii) Assuming that G is finite of order n, find all integers k such that Gk = G.(iii) Give an example of a group G such that Gk �= G for all k > 1.

(iv) Give an example of a nontrivial group G such that Gk = G for all k ≥ 1.

186 Let G = Z/3Z× S3, with the direct product group structure.

(i) Find all possible orders of subgroups of G.(ii) Find the number of cyclic subgroups of G.

5 Rings and Fields

187 Let f (x) = x4 + x3 − 3 ∈ F7[x]. Find the number of zero divisors and theinverse of x + 1 in F7[x]/(f (x)).

188 For each integer m, find the degree of the splitting field of the polynomial(x2 −m)(x4 − 25) over Q.

189 Let f (x) = x3 + 3x − 1, g(x) = x2 − 2.

(i) Letting α be a complex root of f (x), find the minimal polynomial of 1/(α+ 2)

over Q.(ii) Find all primes p such that the polynomials f (x), g(x), considered as elements

of Fp[x], have a common root.

190 Let f (x) = x6 + 4x3 + 2.

(i) Letting α be a complex root of f (x), find the minimal polynomial of 1/α2 overQ.

(ii) Find the splitting field of f (x) over F7.

191 Find the degree of the splitting field of x6 − 4 over Q and over F11.

192 Find all primes p for which the polynomial x6 + 1 ∈ Fp[x] has at least oneroot in Fp.

94 2 Exercises

193 Let α be a complex root of x4 − 2x3 + x − 1.

(i) Find a polynomial g(x) ∈ Q[x] such that α2g(α) = 1.(ii) For each integer k, compute the degree [Q(α2 + kα) : Q].194 Let α ∈ C be a root of the polynomial x4 + 2x2 + 2. Compute the minimalpolynomial of α2 + 1 and of 1/(α + 2) over Q.

195 Compute the degree of the splitting field of (x3 − 2)(x4 − 3) over Q, over F3and over F11.

196 Let α = √5+ i ∈ C.

(i) Find the minimal polynomial f (x) of α over Q.(ii) Compute the degree of the splitting field of the polynomial f (x) over Q and

over F7.

197 Let α ∈ C be a root of the polynomial x4−x−1. Find the minimal polynomialof 2α − 1 and of α2 over Q.

198 Find the degree of the splitting field of x4 − 6x2 − 3 over Q and over F13.

199 Let α =√

2+√7 ∈ C.

(i) Find the degree of Q(α) over Q.(ii) Find the degree of the splitting field of the minimal polynomial of α over Q.

200 Let α =√

2+ i√

2.

(i) Find the minimal polynomial of α and the minimal polynomial of α2 + 1 overQ.

(ii) Find a polynomial f (x) ∈ Q[x] such that f (α) = (α2 + 2α)−1.

201 Find the degree of the splitting field of x8 − 4 over Q and over F3.

202 Find the degree of the splitting field of x4 + 26 over Q, over F5 and over F7.

203 Find the degree of the splitting field of x6 − 12x3 + 27 over Q and over F5.

204 Find the minimal polynomial of√

2+√3 overQ and the degree of its splittingfield.

205 Let f (x) be the polynomial (x3 − 7)(x2 + 3).

(i) Find the degree of the splitting field of f (x) over Q.(ii) Find the number of zero divisors in F5[x]/(f (x)).

206 Find the degree of the splitting field of 2x4 + 6x2 − 5 over Q and over F19.

207 Let K ⊆ F be fields, let f (x) = x5 + 3x + 3 ∈ K[x] and let α be a root off (x) in F. Compute all possible values of [K(α) : K] and [K(α7) : K] for K = Q

and K = F2.

208 Let K be a field and f (x) ∈ K[x] a polynomial of positive degree, and set.Show that every zero divisor in K[x]/(f (x)) is nilpotent if and only if f (x) is apower of a single irreducible polynomial.

5 Rings and Fields 95

209 Find the number of zero divisors in the ring F5[x]/(x3 − 2x + 1) that are notnilpotent.

210 Let x4 − a ∈ Z[x] be a reducible polynomial. Show that

(i) if a > 0 then there is b ∈ N such that a = b2;(ii) if a < 0 then there is c ∈ N such that a = −c2; moreover, there is d ∈ N such

that c = 2d2.

211 Compute the degree of the splitting field of x4+ 5x2+ 5 over Q and over F11.

212 Let α ∈ C be a root of the polynomial x3−x2−2x−1 and set β = α4−3α2.Find

(i) the minimal polynomial of β over Q;(ii) a polynomial g(x) with rational coefficients such that βg(α) = 1.

213 Find the degree of the splitting field of the polynomial (x2 + 3)(x3 − 5) overQ.

214 Let f (x) be the polynomial x15 − 1.

(i) Find the irreducible factors of f (x) and the degree of its splitting field, firstover F3 and then over F5.

(ii) What are the possible degrees of the splitting field K of f (x) over Fp, wherep is a prime other than 3 or 5?

(iii) For each degree d from the previous question, give an explicit example of aprime p other than 3 or 5 for which [K : Fp] = d .

215 Find the degree of the splitting field of the polynomial (x2 + 2)(x4 − 2) overQ and over F7.

216 Let K be a field and let α, β be roots in an algebraic closure of K of thepolynomials x2 − 5 and x2 + 5, respectively.

(i) Compute the degree of the minimal polynomial of α + β over K, for K = Q.(ii) Assume K = Fp; what are the possible degrees of the minimal polynomial of

α + β over Fp, as p varies among all primes? For each possible degree, givean example.

(iii) Compute the degree of the minimal polynomial of α + β over F2011.

217 Let K be a field and let α be a root of f (x) = x4 − 3 in an algebraic closureof K.

(i) Compute the degree of K(α) over K, first for K = Q and then for K =Q(√−3).

(ii) Compute the degree of the splitting field of f (x) over K for K = Q and forK = Q(

√−3).

96 2 Exercises

218 Let f (x) = x5 + x2 − x + 4.

(i) Determine the splitting field of f (x) over F2 and over F3.(ii) For each positive integer k, find the degrees of the irreducible factors of f (x)

as a polynomial in F3k [x].219 Let α be a root of the polynomial x4 + 2x3 + 2x2 + x + 3. Find the minimalpolynomial of α + 1 and of α2 + α over Q.

220 Let f (x) = x4 + 3x2 + 1 ∈ Q[x] and let α ∈ C be a complex root of f (x).Find

(i) the degree [Q(α) : Q];(ii) the degree of the splitting field of f (x) over Q;

(iii) the minimal polynomial of 1/(α + 1) over Q.

221 Find the degree of the splitting field of x4 − 4x2 + 2 over Q, over Q(i) andover F7.

222 Let K,E,F be the splitting fields over Q of x24 − 1, of x8 − 1 and of x3 − 1,respectively.

(i) Show that K = EF.(ii) Find a basis of K ∩ R as a vector space over Q.

223

(i) Find the values of n ∈ N for which the polynomial x2n + xn + 1 is divisible byx2 + x + 1 in Q[x].

(ii) Compute the degree of the splitting field x8 + x4 + 1 over Q and over F7.

224 Let α be a complex root of x4− x3+ x2− x + 1; for each c ∈ Q, compute thedegree [Q(α + cα−1) : Q].225 Let f (x) = x3 + 3x + 1.

(i) Find the degree of the splitting field of f (x) over Q.(ii) Find all primes p for which f (x), considered as a polynomial in Fp[x], has a

multiple root in Fp.

226 Let f (x) = x9 − 1.

(i) Show that f (x) has an irreducible factor of degree 6 over F11.(ii) Find the degree of the splitting field of f (x) over Q and over Q(ζ ), where

ζ ∈ C is a primitive third root of unity.

227 Let α ∈ C be a root of the polynomial f (x) = x4 + x + 1.

(i) Find the minimal polynomial of 1/(α + 1) and the minimal polynomial of α2

over Q.(ii) Find the splitting field of the polynomial f (x) over F5.

5 Rings and Fields 97

228 Given a prime p, consider a ∈ F∗p and let f (x) = (x4 − a)(x4 + a) ∈ Fp[x].

(i) Show that if p ≡ 3 (mod 4) then the splitting field of f (x) over Fp has degree2.

(ii) Show that one can choose a and p with p ≡ 1 (mod 4) so that the splittingfield of f (x) over Fp has degree 1, 2 or 4.

229 Let p be an odd prime and let f (x) = x6 + ax3 + b ∈ Fp[x].(i) Show that the degree of the splitting field of f (x) over Fp2 can only be 1 or 3.

(ii) Show that the degree of the splitting field of f (x) over Fp can neither be 4 nor5.

(iii) Show that if p ≡ 2 (mod 3) then the degree of the splitting field of f (x) overFp cannot be 3.

230 Let f (x) = (x15 − 1)(x12 − 1).

(i) Find the degree of the splitting field of f (x) over F2 and over F7.(ii) Find all possible degrees of the splitting field of f (x) overFp as p varies among

all primes.

231 Find the number of solutions of 2x4 − 41x3 + 201x2 − 71x − 91 = 0 inZ/1635Z and list at least six distinct solutions.

232 Let α ∈ C be a root of x3 − x − 1.

(i) Write 1/(α + 2) as a polynomial in α with rational coefficients.(ii) Compute the degrees [Q(α2) : Q] and [Q(α3) : Q].233 Let α ∈ C be a root of the polynomial f (x) = x4 − 3x − 5.

(i) Show that f (x) is irreducible in Q[x].(ii) Find the minimal polynomial of 2α − 3 over Q.

(iii) Find the minimal polynomial of α2 over Q.

234 Show that the ring Z[x]/(2x2 + 17, x2 + 6) is a vector space of dimension 2over F5.

235 Let K be the field Q(3√

2, i).

(i) Compute the degree [K : Q].(ii) Is it true that K = Q(

3√

2+ i)?(iii) Find the minimal polynomial of 3

√2+ i over Q.

236

(i) Compute the degrees [Q(√

3,√

5) : Q] and [Q(√

3−√5) : Q].(ii) Find the minimal polynomials of

√3−√5 and

√√3−√5− 1 over Q.

237 Factor the polynomial x7 + x6 + x5 + x4 + x3 + x2 + x + 1 as a product ofirreducible factors in C[x], Z[x], F5[x] and F17[x].

98 2 Exercises

238 Let f (x) = x4 + 5x3 + 5x2 − x + 4.

(i) Factor f (x) in F7[x].(ii) Find the number of zero divisors and the number of invertible elements in the

ring F7[x]/(f (x)).

239 Let α = 2+√

5+√−5 ∈ C. Compute [Q(α) : Q] and [Q(α2) : Q].240 Let f (x) = x4 + 3x3 + x + 1.

(i) For each positive integer k, find the degree of the splitting field of f (x) overF2k and over F3k .

(ii) Letting α ∈ C be a root of f (x), compute [Q(α) : Q].241 Find the degree of the splitting field of x4 − 2 over Q, over F3 and over F17.

Chapter 3Solutions

1 Sequences

1

(i) We proceed by induction. Since the inductive step relies on the previous twocases, we shall first prove the statement for both n = 2 and n = 3. If n = 2,then we have a2 = 5/6 and therefore the statement holds with b2 = 5 ≡ −1(mod 6). For n = 3 we have a3 = 23/36, so the statement holds with b3 =23 ≡ −1 (mod 6).Let us now assume that am = bm/6m−1, where bm ≡ −1 (mod 6), for allm ≤ n; we shall show that an+1 can be written in the same form. From thedefinition we have

an+1 = an + an−1

6= 1

6

( bn

6n−1 +bn−1

6n−2

) = bn + 6bn−1

6n.

We can thus simply set bn+1 = bn + 6bn−1 and we also have bn+1 ≡ bn ≡ −1(mod 6).

(ii) We proceed by induction and again begin by checking the statement in the firsttwo cases. For n = 0 we have c0 = 5a0 + (−1)04/3−1 = 22 and for n = 1 wehave c1 = 5a1 + (−1)14/30 = 15− 4 = 11; the statement is therefore true forthe first two possible values of n. Let us now suppose that cm = 22 · 2−m for

© Springer Nature Switzerland AG 2020R. Chirivì et al., Selected Exercises in Algebra, UNITEXT 119,https://doi.org/10.1007/978-3-030-36156-3_3

99

100 3 Solutions

all m ≤ n. Then we have

cn+1 = 5an+1 + (−1)n+1 4

3n

= 1

6(5an + 5an−1)− (−1)n

4

3n

= 1

6

(cn − (−1)n

4

3n−1 + cn−1 − (−1)n−1 4

3n−2

)− (−1)n4

3n

= 22

6(2−n + 2−(n−1))+ (−1)n

(− 2

3n+ 2

3n−1 −4

3n

)

= 22

2n+1

as required.

2

(i) Proceed by induction on n. If n = 1, then a1 = 1 and therefore the statementholds. Assume that the statement holds for n; then we have

(an+1, 6) = (5an − 6an−1, 6) = (5an, 6) = (an, 6) = 1.

(ii) By induction on n: for n = 0, 1 the statement holds by definition of a0, a1. Nowassume that the statement holds for all ai with i ≤ n. From the definition

an+1 = 5an − 6an−1

we get that 5 | an+1 if and only if 5 | an−1. This concludes the proof.

3

(i) Both the required statement and the additional inequality an ≥ 12an+1 will be

shown by induction on n.For n = 1, both inequalities immediately follow from the fact that a1 = 1 anda2 = 2.Suppose both inequalities hold for n− 1. Since an+1 = an/2+ an−1, from theinduction hypothesis an−1 ≥ an/2 it follows that an+1 ≥ an. Furthermore, wecan use the hypothesis that an−1 ≤ an to obtain that an+1 ≤ 3an/2; the latteris less than 2an because, since a1 ≤ a2 ≤ · · · ≤ an, the number an is strictlypositive.[[As an alternative, we can show the required inequality directly, using the induction

hypothesis for two consecutive values of n. We have to check the statement for two initial

values: a2 = 2 ≥ 1 = a1 and a3 = 2 ≥ 2 = a2. Assuming the statement holds for n − 1 and

n, we have an+1 = an/2+ an−1 ≥ an−1/2+ an−2 = an.]]

1 Sequences 101

(ii) In order to show the required statement we shall rely on the three recurrencerelations

a2n = 1

2a2n−1 + a2n−2,

a2n+1 = 1

2a2n + a2n−1,

a2n+2 = 1

2a2n+1 + a2n,

which are all satisfied for n ≥ 2. Isolating a2n−1 in the first equation andsubstituting its value into the second one we obtain that a2n+1 = 5a2n/2 −2a2n−2. Substituting this expression for a2n+1 into the third equation yields thedesired equality.

4

(i) Proceed by induction on n. For n = 0 and n = 1 the required equality is easilychecked. Assume it holds for n; we then have a2

0 + a21 + · · · + a2

n + a2n+1 =

anan+1+ 2+ a2n+1 = an+1(an+ an+1)+ 2 = an+1an+2+ 2, that is, the desired

equality for n+ 1.(ii) Proceed by induction on n. For n = 0, 1, 2 the statement can be checked

directly. Assume it holds for all ai with i ≤ n. By employing the recurrencerelation twice we obtain that an+3 = 2an+1+ an for all n ≥ 0, hence 2 | an+3 ifand only if 2 | an, that is, if and only if n ≡ 0 (mod 3).

5 The sequence an = Fn/Fk does satisfy the requirements, since we have a0 =F0/Fk = 0, ak = Fk/Fk = 1 and

an+1 = Fn+1

Fk

= Fn + Fn−1

Fk

= an + an−1 for n ≥ 1.

A sequence satisfying the requirements of the problem does therefore exist.We shall now show that any such sequence must also satisfy a1 = 1/Fk. Indeed,

assume a0, a1, . . . is a sequence satisfying the required conditions; we shall showby induction that this sequence coincides with the sequence bn = a1Fn.

The above equality holds for n = 0 and n = 1 by construction. Assume it doesfor all natural numbers up to n; we have an+1 = an + an−1 = a1Fn + a1Fn−1 =a1Fn+1. It follows that we necessarily have 1 = ak = bk = a1Fk , that is, a1 = 1/Fk .

Finally, we can show uniqueness: since any sequence satisfying the requirementsis such that a0 = 0 and a1 = 1/Fk , the induction above shows that an = Fn/Fk forall n.

6

(i) Because of the initial conditions, 3 | a0, 3 | a1, 3 � a2. Assume now that n ≥ 1and notice that 3 | 6an−1 for all n. If 3 | an then 3 | 7an and therefore 3 | 7an −

102 3 Solutions

6an−1 = an+2. Conversely, if 3 | an+2 then 3 | an+2 + 6an−1 = 7an; since 3is prime and 3 � 7 this entails that 3 | an. Consequently, for n ≥ 1, 3 | an if andonly if 3 | an+2, so the values of n we are looking for are zero and all odd naturalnumbers.

(ii) For n = 0 we have a1 > a0. We shall show by induction that, for all n ≥ 1, wehave an+1 > an if n is odd and an+1 < an if n is even.Consider the first three cases: the recursion yields a3 = 30 and a4 = 194, so wehave a2 > a1, a3 < a2 and a4 > a3. Now suppose n ≥ 2; from the recursionwe obtain

an+2−an+1 = 7an−6an−1−7an−1+6an−2 = 7(an−an−1)−6(an−1−an−2).

If n + 1 is odd, n − 1 is also odd and the induction hypothesis implies an −an−1 > 0, while n − 2 is even and, again by the induction hypothesis, we havean−1−an−2 < 0. It follows that an+2−an+1 is the sum of two positive numbersand is therefore positive.Conversely, if n+ 1 is even then the induction hypothesis yields an− an−1 < 0and an−1 − an−2 > 0, so an+2 − an+1 is the sum of two negative numbers andtherefore negative.

7 First of all we shall show by induction on n that an = 313nfor all n. For n = 0

one can check that 3130 = 311 = 31 = a0. If we assume the statement for n, thenwe have that an+1 = a3

n = (313n)3 = 313n+1

.Since (31, 44) = 1, powers of 31 are periodic modulo 44, with period given by

the multiplicative order of 31 in the group (Z/44Z)∗, which is a divisor of φ(44) =20. The order in question is the least common multiple of the multiplicative orderof 31 modulo 4 and modulo 11.

Now, 31 ≡ −1 (mod 4), so the former is 2. We also have 31 ≡ −2 (mod 11)

and, since −2 �≡ 1 (mod 11) while (−2)5 = −32 ≡ 1 (mod 11), the latter is 5.Consequently, the order of 31 in (Z/44Z)∗ is 10.

Therefore, we have 313n+k ≡ 313n(mod 44) if and only if 3n+k ≡ 3n (mod 10).

Since the order of 3 in (Z/10Z)∗ is 4, the sequence an = 313nis periodic modulo

44 with period 4.[[Since the order of 3 in (Z/20Z)∗ is 4 as well, just observing that the order of 31 in (Z/44Z)∗

divides 20 is enough to conclude that k is at most 4, and one could simply exclude k = 1 and k = 2

via a direct check to obtain the desired result.]]

8 Remark that 202 = [2, 101] | an if and only if 2 | an and 101 | an.Moreover, for p = 2 and for p = 101, if p | an0 then p | an for all n ≥ n0. We

can show this by induction on n: it holds by assumption for n = n0 and, if p | an,then we have p | (202, an) and therefore p | an+1 = an + (202, an).

It is thus enough to show the existence of m and n such that 2 | am and 101 | an.Consider the prime 2: if k is even then (202, k) is also even, and if k is odd then

(202, k) is also odd; therefore, a2 = k + (202, k) is always even.

1 Sequences 103

Let us now find n such that 101 | an. Given n ≥ 2, if 101 � an, which as explainedbefore implies 101 � am for all m ≤ n, one easily obtains that an+1 = a2+2(n−1).Since the equation 2(n−1)+a2 ≡ 0 (mod 101) admits n ≡ −51a2+1 (mod 101)

as a solution, any n ≥ 0 for which the congruence holds is such that 101 | an+1.

9 First of all, remark that 3 � an for all n ≥ 0: for n = 0 and n = 1 this is trueby hypothesis; for n > 1 it holds by induction, since, if we had that 3 | an+1, wewould also have that 3 | 5an and thus (because (3, 5) = 1) 3 | an, which would be acontradiction.

Let us now prove the problem statement, again by induction on n. If n = 1 thenwe have a2 = 5a+3, which implies (a2, a1) = (5a+3, a) = (3, a) = 1. Let us nowassume (an, an−1) = 1 for some n ≥ 2, and let d be a common divisor of an+1 andan. The integer d must also be a divisor of an+1 − 5an = 3an−1. But, since d | an,we have (d, 3) = 1 and thus d | an−1. Finally, this yields that d | (an, an−1) = 1.

10

(i) Via direct calculations, one finds a0 = 2, a1 = 8, a2 = 34, a3 = 152. Any realnumbers h and k satisfying the requirements must therefore also satisfy

{34 = 8h+ 2k

152 = 34h+ 8k.

The only solution to the system above is h = 8, k = −15. And indeed, thosevalues for h and k satisfy the original requirement for all n ≥ 1, because

8(3n+5n)−15(3n−1+5n−1) = (3+5)(3n+5n)−5 ·3n−3 ·5n = 3n+1+5n+1.

(ii) Notice that 5 is the multiplicative inverse of 3 modulo 7, so that 7 | an isequivalent to 3n + 3−n ≡ 0 (mod 7). In other words, since 3 is invertiblemodulo 7, the divisibility condition is the same as 32n+ 1 ≡ 0 (mod 7). Whenexamining remainders of the powers of 3, one finds that 3k + 1 ≡ 0 (mod 7)

if and only if k ≡ 3 (mod 6). In particular, all admissible values for k are odd,while we must have k = 2n in order for 7 to divide an. Consequently, no integerpossesses the required property.[[Alternatively, one could observe that (Z/7Z)∗ has six elements and, by evaluating 3n+ 3−n

(mod 7) for n = 0, 1, 2, 3, 4, 5, conclude that there is no n such that 7 | an.]]

11 The recurrence relation tells us that an < an+1 if and only if−an−1 + 2an−2 >

0, that is, an−1 < 2an−2. We shall show by induction that both an < an+1 andan+1 < 2an hold for all n ≥ 0. The initial assigned values immediately yield bothinequalities for n = 0, 1. Now assume both inequalities hold for all indices strictlysmaller than n; we shall show them for n by means of the recurrence relation.

By the induction hypothesis we have an−1 < 2an−2, which implies an+1 =an − an−1 + 2an−2 > an − 2an−2 + 2an−2 = an and therefore an < an+1.

Also by the induction hypothesis, an−2 < an−1 < an, hence an+1 = an−an−1+2an−2 < an − an−1 + 2an−1 = an + an−1 < 2an, which yields an+1 < 2an.

104 3 Solutions

12

(i) We shall show the statement by induction on n. For n = 0 we have (a0, a1) =(1, 1) = 1, so the statement holds. Now, given n > 0, assume the statementholds for all natural numbers strictly less than n. We have

(an, an+1) = (an, han + kan−1) = (an, kan−1) = (an, k),

where the last equality is implied by the induction hypothesis. It is thereforeenough to show that (an, k) = 1 for all n ≥ 0. Again, we can do this byinduction on n.If n = 0, 1, then (a0, k) = (a1, k) = (1, k) = 1. Let us assume the result up ton and show it is true for n+ 1. We have

(an+1, k) = (han + kan−1, k) = (han, k) = (h, k) = 1

where the second to last equality holds by induction hypothesis. This completesthe proof.

(ii) By computing the fist values of bn = a2n − 1 we get b0 = 0, b1 = 0, b2 =

1062−1 = 105 ·107, so the greatest common divisor we are looking for divides105 · 107. Moreover, we have a2 ≡ 1 (mod 105), while a2 ≡ −1 (mod 107).When considering the congruence modulo 105 one immediately obtains byinduction on n that an+1 = 35an + 71an−1 ≡ 35+ 71 ≡ 1 (mod 105), hencebn ≡ 12 − 1 ≡ 0 (mod 105) for all n ≥ 0.The congruence modulo 107 yields

a3 ≡ −35+ 71 ≡ 36 (mod 107)

so that b3 ≡ 362 − 1 ≡ 35 · 37 �≡ 0 (mod 107) and, since 107 is prime,(b3, 107) = 1.The greatest common divisor we were after is therefore 105.

13 We shall show both statements by induction. If n = 0, then (i) and (ii)correspond to F1 = F1 and 0 = F0 respectively, so they both trivially hold.

Now assume both (i) and (ii) hold for 0, 1, . . . , n, and let us show each for n+ 1.In order to show (i), we want to prove that

∑n+1i=0

(n+1

i

)Fi+1 = F2n+3. We have:

n+1∑

i=0

(n+ 1

i

)Fi+1 =

n+1∑

i=0

((n

i

)+(

n

i − 1

))Fi+1

=n+1∑

i=0

(n

i

)Fi+1 +

n+1∑

i=0

(n

i − 1

)Fi+1 .

1 Sequences 105

Since(

nn+1

) = 0, the fist sum above is∑n

i=0

(ni

)Fi+1, that is, F2n+1. As for the

second sum, setting j = i − 1 and remarking that(

n−1

) = 0, we find

n+1∑

i=0

(n

i − 1

)Fi+1 =

n∑

j=0

(n

j

)Fj+2 =

n∑

j=0

(n

j

)(Fj + Fj+1)

=n∑

j=0

(n

j

)Fj +

n∑

j=0

(n

j

)Fj+1

= F2n + F2n+1 .

Putting all of this together, we obtain

n+1∑

i=0

(n+ 1

i

)Fi+1 = F2n+1 + F2n + F2n+1 = F2n+2 + F2n+1 = F2n+3 .

For (ii), we have

n+1∑

i=1

(n+ 1

i

)Fi =

n∑

i=1

(n+ 1

i

)Fi +

(n+ 1

n+ 1

)Fn+1

=n∑

i=1

((n

i

)+(

n

i − 1

))Fi +

(n

n

)Fn+1

=n∑

i=1

(n

i

)Fi +

n∑

j=0

(n

j

)Fj+1 = F2n + F2n+1 = F2n+2.

14

(i) Fist of all, notice that the system

⎧⎨

⎩

α + β = a1 = 11+√13

2α + 1−√13

2β = a2 = 4

obtained for n = 1 and n = 2 does have a solution, since the two equations areindependent.[[Carrying out the computations explicitly one immediately finds α = 1 +√13/26 and β =1−√13/26.]]Let us now show the values α and β that solve this system also satisfy therequirement of the problem for all n ≥ 1. The base cases n = 1 and n = 2

106 3 Solutions

obviously work. For the inductive step, let n ≥ 2 and let us assume the statementfor all positive integers up to n. We then have

an + 3an−1 = α(1 +√13

2)n−1(

1+√13

2+ 3)+

β(1−√13

2)n−1(

1−√13

2+ 3)

= α(1 +√13

2)n−1(

7+√13

2)+ β(

1−√13

2)n−1(

7−√13

2)

= α(1 +√13

2)n+1 + β(

1−√13

2)n+1

so the statement holds for n+ 1.(ii) We show that an is even if and only if n ≡ 2 (mod 3). Indeed, using the

recurrence relation yields that an = 4an−2 + 3an−3 for all n ≥ 4. Therefore, an

is even if and only if an−3 is even; in other words, the parity of an only dependson the remainder of n modulo 3. In conclusion, the statement is immediatelyproven by remarking that, if a1 is odd, then a2 is even and a3 = a2 + 3a1 = 7is, again, odd.

2 Combinatorics

15

(i) Each element x ∈ X must belong either to A, or to B, or to C; the three options,since A,B and C have pairwise empty intersections, are mutually exclusive.The number of possible triples is therefore 3n.

(ii) We can argue as above: each element x ∈ X must belong to one of the sets

A \ (B ∪ C), B \ (A ∪ C), C \ (A ∪ B), (A ∩ B) \ C,

(A ∩ C) \ B, (B ∩ C) \A, A ∩ B ∩ C.

The fact that these seven option are mutually exclusive is obvious. The numberof triples is therefore 7n, as claimed.

16 First of all, remark that the only pair in X consisting of two copies of the sameinteger is (1, 1). We can therefore partition X into the following disjoint subsets:{(1, 1)}, X1 = {(m, n) | 1 ≤ m < n ≤ 100, (m, n) = 1} and X2 = {(m, n) | 1 ≤n < m ≤ 100, (m, n) = 1}.

It is also clear that X1 and X2 contain the same number of elements, since X1 �(m, n) −→ (n,m) ∈ X2 is a bijection between the two sets.

2 Combinatorics 107

Moreover, by grouping together all elements whose second component is n forn = 1, 2, . . . , 100, we obtain that |X1| =∑100

n=2 φ(n).We can therefore conclude that, indeed, |X| = 1 + |X1| + |X2| = 1 + 2|X1| =

1+ 2∑100

n=2 φ(n) = 2∑100

n=1 φ(n)− 1.

17 First, let us consider the set of all n satisfying the conditions (n, 18) = 6 andn ≡ 2 (mod 7); that is, let us set aside for the moment the further restriction givenby the inequalities in the statement.

The first condition is equivalent to 6 dividing n and 9 not dividing n, that is,n = 6h and h �≡ 0 (mod 3) for some integer h. The second condition now becomes6h ≡ 2 (mod 7), that is, h ≡ −2 (mod 7), so we must have h = 7k − 2 forsome integer k. Using what we just proved, we can now rewrite h �≡ 0 (mod 3)

as 7k − 2 �≡ 0 (mod 3), that is, k �≡ −1 (mod 3), so we must have k = 3u ork = 3u + 1 for some integer u. Substituting into previous expressions we obtainn = 6h = 6(7k − 2) = 6(7 · 3u − 2) = 126u − 12 or n = 6h = 6(7k − 2) =6(7 · (3u+ 1)− 2) = 126u+ 30.

Let us now impose the condition 1 ≤ n ≤ 10000: in the first case, this gives1 ≤ 126u − 12 ≤ 10000 and so 1 ≤ u ≤ 79, which yields 79 solutions in total;in the second case, 1 ≤ 126u + 30 ≤ 10000 so 0 ≤ u ≤ 79, hence another 80solutions.

In conclusion, the set in the problem statement contains 79+80 = 159 elements.

18 The positive divisors of 340 ·525 are the integers of the form 3n5m with 0 ≤ n ≤40, 0 ≤ m ≤ 25.

The required congruence then becomes 3n5m ≡ 1 (mod 7). Powers of 3 modulo7 are congruent to 1, 3, 2,−1,−3 and −2, in this order, and then cycle back to 1. Inparticular, 5 ≡ −2 ≡ 35 (mod 7). We may therefore rewrite the requirement for n

and m as 3n+5m ≡ 1 (mod 7).We just saw that 3 has multiplicative order 6 modulo 7, hence n + 5m ≡ 0

(mod 6), that is, n ≡ m (mod 6).In order to obtain the required cardinality we must find the number of pairs (n,m)

such that 0 ≤ n ≤ 40, 0 ≤ m ≤ 25 and n ≡ m (mod 6).Since 40 = 6 · 6+ 4, we have 7 = 6+ 1 solutions for each m congruent to 0, . . . , 4modulo 6 and, since 25 = 4 · 6 + 1, there are 22 such m, which amounts to 154solutions.We must now count solutions such that m ≡ 5 (mod 6): each such m gives sixpossibilities for n and, since m can only be 5, 11, 17 or 23, this yields another 24solutions.

In conclusion, the required cardinality is 154+ 24 = 178.

19

Solution 1 We shall proceed in several steps.If n were a power of 2, n = 2a say, then φ(n) = 2a−1 would be as well. There

must therefore be an odd prime factor of n.Given a prime p that divides n, the number p−1 divides 12, so p−1 can only be

1, 2, 3, 4, 6 or 12. But, since p is prime, the only options are p = 2, 3, 5, 7, 13.

108 3 Solutions

Given a prime q such that q2 divides n, q must also divide φ(n): such a primecan only be 2 or 3.

If five divides n, then 52 does not divide n thanks to the remark above, so we musthave n = 5m with (5,m) = 1. But then 12 = φ(n) = 4φ(m) and so φ(m) = 3,which is impossible since the only odd value that Euler’s totient function takes is 1.

If seven divides n, then 72 does not divide n, so n = 7m with (7,m) = 1. Then12 = φ(n) = 6φ(m) and so φ(m) = 2.

Let now q be a prime that divides m; then q − 1 divides φ(m) = 2, so the onlypossibilities are q = 2 and q = 3. Moreover, 9 cannot divide m or 3 would divideφ(m) = 2. Similarly, 8 cannot divide m or 4 would divide φ(m). We thus havem = 2a3b with a = 0, 1, 2 and b = 0, 1. Checking these six values directly yieldsφ(m) = 2 for m = 3, 4, 6.

We have ended up with the three possibilities n = 21, n = 28 and n = 42.If 13 divides n, then 132 does not divide n, so n = 13m with (13,m) = 1. Then

12 = φ(n) = 12φ(m) and so φ(m) = 1, which gives m = 1 or m = 2. This yieldsthe solutions n = 13 and n = 26.

If none of the above holds then n = 2a3b for natural numbers a and b with b > 0.In this case, 12 = φ(n) = 2a−1 · 2 · 3b−1 = 2a3b−1, so a = 2 and b = 2, that is,n = 36.

Finally, we can conclude that φ(n) = 12 if and only if n belongs to the set{13, 21, 26, 28, 36, 42}.Solution 2 Let n = p

α11 · · ·pαk

k be the prime factorisation of n. Since Euler’s totient

function is multiplicative, we have φ(n) =∏ki=1 φ(p

αi

i ). Unless pαi

i = 2, φ(pαi

i ) =(pi − 1)p

αi

i is even, so we can only decompose 12 as 1 · 2 · 6, 2 · 6, 1 · 12 or 12,where the factor 1 only appears if 2|n and 4 � n.

Consider the case where φ(pαi

i ) = 2: if pi = 2 then pαi

i = 4; if not, thenp

αi

i = 3.If φ(p

αi

i ) = 6, then if pi = 3 we must have pαi

i = 9; the only other possibilityis p

αi

i = 7.Finally, consider the case where φ(p

αi

i ) = 12: one can immediately check thatpi �= 2, 3, so we must have pi − 1 = 12, that is, p

αi

i = 13.Taking into account the fact that factors p

αi

i must be pairwise relatively prime, weare left with only the following possibilities for n: 4 · 9 = 36, 4 · 7 = 28, 3 · 7 = 21,2 · 3 · 7 = 42, 13, 2 · 13 = 26. These all satisfy the required condition.

20 Since n2 = x + y ≤ 49+ 49 = 98 we have n ≤ 9. We shall first deal with thecase n ≤ 7.

In this case, all triples (h, n2 − h, n) with h = 0, . . . , n2 satisfy the conditions.We therefore have n2 + 1 triples for each n ≤ 7.

If n = 8 then we get the triples (h, 64 − h, 8) with h = 15, . . . , 49, where thevalues of h are those for which 0 ≤ x, y < 50; this yields 49− 15+ 1 = 35 triples.

Similarly, for n = 9 we get the triples (h, 81− h, 9) with h = 32, . . . , 49, whichare 49− 32+ 1 = 18.

2 Combinatorics 109

The total number of triples is therefore 1+2+5+10+17+26+37+50+35+18=201.

21 We can write the expression for Euler’s totient function φ as

φ(n)

n=∏

p|n

p − 1

p.

Suppose q is the largest prime divisor of n; q is then also the largest prime divisor ofthe denominator of φ(n)/n: this is because q divides the denominator of (q − 1)/q

and cannot cancel out with any factor of q dividing the numerator of (p − 1)/p,since we have p − 1 < q .

Consequently, if φ(n)/n = 2/5, then the largest prime factor of n must be 5.Consider all integers n for which this is true. If n is divisible by 2 and by 5 but notby 3, then

φ(n)

n= 1

2· 4

5= 2

5

and the condition is satisfied. In all other cases, that is, when n is not divisible by 2or is divisible by 3, it is easily checked that the desired equality does not hold.

22 Set D = {1 ≤ d ≤ n | d divides n} and Φ = {1 ≤ k ≤ n | (k, n) = 1}. Ifx ∈ D ∩Φ then x = (x, n) = 1, hence |D ∩Φ| = 1.

Statement (i) is a simple consequence of the inclusion-exclusion principle: wehave

|D| + |Φ| = |D ∪Φ| + |D ∩Φ| = |D ∪Φ| + 1 ≤ n+ 1.

As for (ii), remark that the required equality holds if and only if |D ∪ Φ| = n − 1,that is, if and only if there is exactly one integer k, with 1 ≤ k ≤ n, which is not adivisor of n nor is it coprime to n.

If n is prime, then d(n) = 2 and φ(n) = n − 1, thus d(n) + φ(n) = n + 1.It is therefore enough to consider composite numbers. If n = ab with a > 1 andb > 4, then there are at least two numbers, that is, a(b − 1) and a(b − 2), that arenot divisors of n nor coprime to n, so no such n satisfies the required equality.

Assume that n = p1 . . . pk is the prime factorisation of n, with p1 ≤ p2 ≤· · · ≤ pk not necessarily distinct. If we set a = p1 and b = p2 . . . pk , we canuse what we showed above to obtain that we can only have p2 . . . pk = 2, 3, 4,so n = 4, 6, 9, 8. Direct verification shows that the case n = 4 must be excluded,because d(4)+ φ(4) = 3+ 2 = 5, while all other values are indeed solutions:

d(6)+φ(6) = 4+2 = 6, d(9)+φ(9) = 3+6 = 9, d(8)+φ(8) = 4+4 = 8.

23 Remark that all natural numbers with the required property must be multiplesof 3, so can be written in the form n = 3am, where (m, 3) = 1. We must also have

110 3 Solutions

a ≤ 2, otherwise both n and φ(n) = 2 · 3a−1φ(m) would be multiples of 9. Now, n

must be odd, because from 3 | n we obtain that 2 |φ(n) and therefore if n were even2 would divide (n, φ(n)). Finally, all primes p > 3 that divide n must appear in theprime factorisation of n with an exponent of 1, because if that were not the case wewould have p | (n, φ(n)). Two separate cases present themselves:

1 The integer n is a multiple of 9, that is, n = 9m with (m, 3) = 1 and m oddand squarefree. Then n ≤ 120 implies that m ≤ 13. If p |m then 3 � p − 1, orwe would have 9 | (n, φ(n)). The only admissible values for m are therefore m =1, 5, 11, which yield the solutions n = 9, 45, 99.

2 Conversely, suppose that n is not a multiple of 9, that is, n = 3m with(m, 3) = 1 and m odd and squarefree. If n = 3p for some prime p, thenφ(n) = 2(p− 1) and the required condition is equivalent to 3 |p− 1. Since we askthat n ≤ 120, we must have p ≤ 40: the only primes satisfying the requirements are7, 13, 19, 31, 37, and from those we get the solutions n = 21, 39, 57, 93, 111.

Finally, if n = 3m where m is the product of at least two distinct primes, each ofwhich must be strictly greater 3, the fact that m ≤ 40 implies that the only possibilityfor m is m = 5 · 7, that is, n = 105.

24 There are three possible configurations of remainders modulo 2 for a triple(a, b, c) satisfying the requirements: (0, 0, 1), (0, 1, 0) and (0, 0, 1). There are 12possibilities for the triple’s remainders modulo 3: (0, x, y), (x, 0, y) or (x, y, 0),where x and y are nonzero remainders.

There are therefore 36 possible configurations modulo 6 for the triples underconsideration. For each configuration modulo 6, there are 103 = 1000 triplespertaining to it, since we have 60/6 = 10. Hence, the total number of triplessatisfying the requirements is 36 · 1000 = 36000.

25 We shall show the statement by induction on k = ω(m). We have k = 0 if andonly if m = 1, in which case

1 = φ(1)

1≥ 1

0+ 1= 1.

Now assume the statement for ω(m) = k; we shall show it for ω(m) = k + 1.Suppose m = p

α11 · · ·pαk+1

k+1 with p1 < p2 < · · · < pk+1 and αi > 0 for all i. Setn = p

α11 · · ·pαk

k .By the induction hypothesis, φ(n)/n ≥ 1/(k + 1); moreover, it is clear that

pi ≥ i + 1 for all i, so in particular

1− 1

pk+1≥ 1− 1

k + 2= k + 1

k + 2.

Therefore, we have

φ(m)

m= φ(n)

n·(

1− 1

pk+1

)≥ 1

k + 1· k + 1

k + 2= 1

k + 2.

2 Combinatorics 111

26 There are 8 · 9 · 9 · 9 − 1 integers satisfying the first two requirements: indeed,there are eight possibilities for the first digit and nine for each of the other digits,except that the number 1000 must be excluded. Among these integers, those that donot satisfy the last requirement are exactly those whose digits are all different: thereare eight possibilities for the first digit; eight possibilities for the second (9 minusthe one value already chosen for the first digit); seven for the third (9 minus thevalues used for the first two digits) and six for the fourth (9 minus the values usedfor the first three digits).

Numbers of this type are therefore 8 · 8 · 7 · 6. Consequently, there are 8 · 9 · 9 ·9− 1− 8 · 8 · 7 · 6 = 3143 integers satisfying the original requirements.

27

(i) There are two possibilities for f (1): f (1) = 1 and f (1) = 2. Suppose 2 ≤i ≤ n; given the values of f (1), . . . , f (i − 1), which we know must belong to{1, . . . i} and be distinct, there are two possibilities for f (i), given by the twoelements of {1, . . . , i + 1} \ {f (1), . . . , f (i − 1)}. Finally, given the values off (1), . . . , f (n−1), there is but one possible value for f (n), that is, the elementof {1, . . . , n} different from f (1), . . . , f (n−1). The cardinality we are lookingfor is therefore 2n−1.

(ii) Let xn be the cardinality of the set in the statement, which we shall denote byXn. For n = 1, 2 all permutations satisfy the requirement, so x1 = 1 = F2 andx2 = 2 = F3.In order to show the claim it is therefore enough to show that xn+1 = xn+xn−1for n ≥ 2. Since we necessarily have f (n+ 1) = n+ 1 or f (n+ 1) = n, let uspartition the set Xn+1 into two subsets: Yn+1 = {f ∈ Xn+1 | f (n+ 1) = n+ 1}and Zn+1 = {f ∈ Xn+1 | f (n+ 1) = n}.Elements of Yn+1 can be made to bijectively correspond to elements of Xn, so|Yn+1| = xn. On the other hand, if f ∈ Zn+1 then the fact that f (i) ≤ n fori = 1, . . . , n− 1 implies that necessarily f (n) = n+ 1. It follows that Zn+1 isin bijection with Xn−1 and therefore has xn−1 elements.

28

(i) The number of all subsets satisfying the requirements can be obtained as thesum of the number N of all subsets of X consisting of three elements that areall congruent modulo 5, and the number M of all subsets of X consisting ofthree elements, exactly two of which are congruent modulo 5. Since X has20 elements in each congruence class modulo 5, the number N is given bythe number of possible classes modulo five times the number of three-elementsubsets of the chosen class, that is, N = 5 · (20

3

). Similarly, M is given by

the number of possible choices of a class modulo five times the number ofpossible two-element subsets of the chosen class, times the number of ways wecan choose a third element outside that class, so M = 5 · (20

2

) · 80. Taking thesum we obtain N +M = 81700.

112 3 Solutions

[[The same result could be obtained by subtracting the number of subsets of X consisting of

three elements from distinct congruence classes, that is,(5

3

)203, from the number

(1003

)of all

possible subsets of X with three elements.]](ii) The set X contains 20 elements from each congruence class modulo 5. Maps

from X to X satisfying the requirement send each of the 100 elements n ∈ X

to one of the 20 elements of X in the congruence class of n+ 1 modulo 5. Thenumber we want is therefore 20100.

29

(i) The condition (xy, 6) = 1 is equivalent to (x, 6) = 1 and (y, 6) = 1, sowe have to find the number of ordered pairs of elements of X such that bothcomponents are coprime to 6. Now, set Xi = {x ∈ X | x ≡ i (mod 6)} fori ∈ {1, 2, 3, 4, 5, 6}; we have X = �6

i=1Xi and for each x ∈ Xi we have(x, 6) = (i, 6). It follows that x ∈ X is coprime to 6 if and only if x ∈ X1 orx ∈ X5. Since 100 = 16 · 6 + 4, we get |X1| = 17 and |X5| = 16. Therefore,X has 33 elements that are coprime to 6.The number of ordered pairs of elements in X such that both components arecoprime to 6 is thus 332.

(ii) Let A = {(x, y) ∈ X2 | x < y+6}. For y = 1, 2, . . . , 95, set Xy = {1, . . . , y+5}, and, for 96 ≤ y ≤ 100, set Xy = X. Clearly, we have

A =100⊔

y=1

Xy × {y}

and so, this being a disjoint union,

|A| =∑100y=1 |Xy |

=∑95y=1(y + 5)+ 5 · 100

= 500+∑100y=6 y

= 500+ 100 · 101/2− (1+ 2+ 3+ 4+ 5)

= 5535.

30

(i) Maps in the set A are bijective, so for all y ∈ X, there is x ∈ X such that y =f (x). The condition f 2(x) ≡ f (x) (mod 2) implies that f (y) ≡ y (mod 2)

for all y ∈ X, so the elements of A are exactly those bijections from X toX sending even numbers to even numbers and odd numbers to odd numbers.Consequently, |A| = 50!50!.

(ii) Given f ∈ B, set Y = f−1(1); the set Y cannot be empty, because 1 ∈ f (X).Moreover, f (Y ) = {1} and 1 �∈ f (X \ Y ). It is easy to check that the conditionf 2(X) = {1} is equivalent to {1} = f (Y ) ⊆ Y and f (X \ Y ) ⊆ Y , which,because of the argument above, implies f (X \ Y ) ⊆ Y \ {1}.

2 Combinatorics 113

Maps in B having f−1(1) = Y for some fixed subset Y of X such that 1 ∈ Y

and |Y | = k+1 are therefore as many as all possible maps from X\Y to Y \{1},that is, k99−k. For each k ≥ 0 there are

(99k

)subsets Y of X that have cardinality

k + 1 and contain 1, so

|B| =99∑

k=0

(99

k

)k99−k.

31

(i) Clearly, d | 144000 = 273253 if and only if d = 2a3b5c with 0 ≤ a ≤ 7,

0 ≤ b ≤ 2, and 0 ≤ c ≤ 3. The number of divisors of an integer d as above is(a + 1)(b + 1)(c + 1), so it is even if and only if at least one among a, b, c isodd. The number of values for d such that this holds can be obtained as a sumby considering the following cases: a is odd and b, c have no further constraints,4 · 3 · 4 = 48 possibilities; a is even, b is odd and c has no further constraints,4·1·4 = 16 possibilities; finally, a and b are both even and c is odd, 4·2·2 = 16possibilities.So X has 80 elements.[[The same result could be obtained by subtracting from the number of all divisors of 144000,

that is, 8 · 3 · 4 = 96, the number of those having an odd number of divisors, so those given

by a, b, c all even, that is, 4 · 2 · 2 = 16.]](ii) As for the set Y , remark that a number is both a perfect square and a perfect

cube if and only if it is a 6th power. It follows that d = 2a3b5c ∈ Y if andonly if a, b, c are all even, but not all divisible by 6. Therefore, we have |Y | =4 · 2 · 2− 2 · 1 · 1 = 14.

32

(i) Consider X0 = {x ∈ X | x ≡ 0 (mod 2)} and X1 = {x ∈ X | x ≡ 1 (mod 2)}.For all A ⊆ X, setting Ai = A ∩ Xi for i = 0, 1, we have A = A0 ∪ A1 and∑

a∈A a ≡ |A1| (mod 2).Therefore, A belongs to A if and only if the cardinality of A1 is even. So, setsA ∈ A are obtained by choosing a subset A0 of X0, which can be done in250 ways, and a subset A1 of X1 with an even number of elements in one of∑25

k=0

(502k

) = 249 ways. It follows that |A| = 299.(ii) Using the notation we introduced in order to answer the previous question, first

remark that the condition A ∈ B does not impose any constraints on A1, whichcan be any subset of X1: we have 250 possibilities for A1. The subset A0 can beof one of the following types.It can have at least three elements: |A0| ≥ 3, which gives 250−(50

0

)−(501

)−(502

)

possibilities. Or we have |A0| = 2, in which case at least one of its two elementsmust be divisible by 4; equivalently, we must choose two elements of X0 thatdo not both lie in the subset containing the 25 elements divisible by 2 but notby 4, which gives

(502

)− (252

)possibilities. Or, finally, |A0| = 1 and the element

114 3 Solutions

it contains must be one of the 12 elements of X0 that are divisible by 8, whichgives 12 possibilities.In conclusion, |B| = 250(250 − (50

0

)− (501

)− (252

)+ 12) = 250(250 − 339).

33 Let X = {2, . . . , 1000} and consider n ∈ X. We shall write n = 2ape11 · · ·per

r

with p1, . . . pr distinct odd primes, ei ≥ 1 and a ≥ 0. Moreover, since φ(n) is evenfor all n > 2, the required divisibility implies that n must be even, that is, a ≥ 1. Itfollows that

φ(n) = 2a−1r∏

i=1

pei−1i (pi − 1) | n ⇐⇒

r∏

i=1

(pi − 1) | 2r∏

i=1

pi.

Since the pi ’s are odd, we have 2r | ∏ri=1(pi − 1): but then, we must have r = 0

or r = 1, because 2∏r

i=1 pi cannot be a multiple of 4.If r = 0, then n = 2a with a ≥ 1: there are exactly nine integers of this form in

the set X and all of them satisfy the condition φ(n) | n.On the other hand, if r = 1 then we have n = 2ape for some odd prime p and

some a, e ≥ 1: the condition φ(n) | n is equivalent to p − 1 | 2p, so to p − 1 | 2,since (p − 1, p) = 1. The only possibility is that p = 3.

Integers of the form n = 2a3e, with a, e ≥ 1, in the set X can be enumerated asfollows: we have 2a3e ∈ X if and only if 2a ≤ 1000/3e, which immediately yieldseight possible values of a for e = 1, plus 6 values for e = 2, plus 5 for e = 3, plus3 for e = 4, plus 2 for e = 5, while there are none for e ≥ 6.

In conclusion, the number of integers n satisfying the required conditions is 9+8+ 6+ 5+ 3+ 2 = 33.

34 We shall check the formula by induction on n. For n = 1 we clearly havep1 = 1/2, that is the probability that the outcome of the first coin toss is heads, andindeed 1/2 = 2/3 + (−1)/(3 ·2). For n = 2 we have p2 = 1/2 · 1/2+1/2 = 3/4,that is, x2 is given by the probability of the first two outcomes being heads, plus theprobability that the first outcome is tails; and indeed, 3/4 = 2/3 + 1/(3 · 22).

Now assume the formula from the statement is valid for all m < n; we shall showit for n. Notice that there are two mutually exclusive ways to obtain a score xk = n

for some k: either there is k such that xk−1 = n− 1 and that the outcome of the kthcoin toss is heads, or there is k such that xk−1 = n − 2 and that the outcome of thekth coin toss is tails.

By the induction hypothesis, the probability of the first event is

1

2

(2

3+ (−1)n−1

3 · 2n−1

)

and the probability of the second event is

1

2

(2

3+ (−1)n−2

3 · 2n−2

).

2 Combinatorics 115

By summing the two, we find that the probability of having xk = n for some k isequal to

2

3+ 1

2· (−1)n

3 · 2n−1 (−1+ 2) = 2

3+ (−1)n

3 · 2n

as required.

35 We shall write S(f ) = S+(f )+ S−(f ), where

S+(f ) =∑

i | f (i)>i

(f (i)− i), S−(f ) = −∑

i | f (i)<i

(f (i)− i).

Since we clearly have∑10

i=1(f (i)− i) = 0, it follows that S+(f ) = S−(f ) and thusS(f ) = 2S+(f ) is always even. This implies that the answer to the second questionis 0.

As for the first question, S(f ) = 2 implies S+(f ) = S−(f ) = 1, so there isexactly one index i for which f (i) = i+1 and exactly one j for which f (j) = j−1,whereas for all other indices k different from i, j we have f (k) = k. The map f

must therefore exchange two consecutive numbers and keep all others fixed. Thereare exactly nine pairs of consecutive integers in {1, 2, . . . , 10}, so the answer is 9.

For the third question, we must have S+(f ) = S−(f ) = 2. We shall distinguishthree cases.

1 There is exactly one i such that f (i) = i + 2 and exactly one j for whichf (j) = j − 2. This case can be dealt with in the same way as question (i), bynoticing that there are eight pairs of integers in {1, 2, . . . , 10} whose difference is 2.

2 There are exactly two indices i for which f (i) = i+1 and exactly two indicesj for which f (j) = j−1. In this case, the map f must exchange the numbers withineach of two pairs of consecutive integers. In order to find the number of such maps,remark that, if the smallest pair—that is, the pair whose integers are smaller—is{1, 2}, then there are seven ways to choose the other pair; if the smallest pair is{2, 3}, then there are six ways to choose the other pair, and so on. We thus have7+ 6+ · · · + 1 = 28 possibilities for f .

3 There are exactly two indices i for which f (i) = i+ 1 and there is one indexj such that f (j) = j − 2, or vice versa. We shall only discuss the first case, sincethe second is symmetric.

The permutation f can only be of the form (i, i + 1, i + 2), that is, it mustcycle three consecutive integers. There are 8 possible triples of consecutive integers,which, by symmetry, yields a total of 16 possibilities for f .

The answer to the third question is obtained by summing the three results above:we get 8+ 28+ 16 = 52.

36 The sum of all integers from 1 to 100 (inclusive) is 5050.

(i) Choosing a subset A containing 96 elements is equivalent to choosing itscomplement B containing 4 elements. Since 5050 is even, the sum of all

116 3 Solutions

elements in A is even if and only if the sum of all elements in B is even. Wehave the following possible cases:1 The 4 numbers are all even, that is, B is a four-element subset of the set of

the 50 even numbers between 1 and 100; in this case, there are(50

4

)choices for

B.2 The four numbers are all odd; like before, there are

(504

)choices for B.

3 Two of the 4 numbers are even, two are odd; in this case B consists of atwo-element subset of a set of 50 even numbers and a two-element subset of aset of 50 odd numbers; this yields

(502

) · (502

)possibilities for B.

There are therefore 2(50

4

)+ (502

)2possibilities in total.

(ii) As before, rather than choosing the subset A we shall choose its three-elementcomplement C. Since 5050 ≡ 1 (mod 3), the sum of all elements in A isdivisible by 3 if and only if the sum of all elements in C is congruent to 1modulo 3.Remark that, among the numbers from 1 to 100, there are 33 congruent to zeromodulo 3, 34 congruent to 1 and 33 congruent to 2. Suppose C = {a, b, c}. Upto reordering the labels a, b, c, there are three possibilities: 1 a ≡ b ≡ 0, c ≡1 (mod 3), in which case {a, b} can be chosen in

(332

)ways and c in 34 ways;

2 a ≡ b ≡ 1, c ≡ 2 (mod 3), in which case {a, b} can be chosen in(34

2

)ways

and c in 33 ways; or, finally, 3 a ≡ b ≡ 2, c ≡ 0 (mod 3), in which case{a, b} can be chosen in

(332

)ways and c in 33 ways.

We thus get a total of(33

2

) · 34+ (342

) · 33+ (332

) · 33 possibilities for A.

37 The set A is in bijection with the set of all possible five-element subsetsof {1, . . . , 100}: indeed, we can make each f ∈ A correspond to the set of itsvalues {f (1), f (2), f (3), f (4), f (5)}. The cardinality of A is therefore equal tothe number of ways one can choose 5 elements in a set of 100 elements, that is,(100

5

).

The set B is obtained from the set A by excluding all maps such that f (i + 1) =f (i) + 1 for all i = 1, 2, 3, 4, that is, by subtracting the set of maps such thatf (1) = a, f (2) = a + 1, f (3) = a + 2, f (4) = a + 3, f (5) = a + 4 witha ∈ {1, . . . , 96}. Therefore, |B| = (100

5

)− 96.In order to find the cardinality of C, remark that the condition that defines it is

equivalent to the following: the map g(i) = f (i)− i is strictly increasing and takesvalues in {0, . . . , 95}. Indeed, we have

f (i + 1) > f (i)+ 1⇐⇒ f (i + 1)− (i + 1) > f (i)+ 1− (i + 1) = f (i)− i

and, moreover,

f (1) ≥ 1⇐⇒ g(1) ≥ 0 and f (100) ≤ 100⇔ g(100) ≤ 95.

2 Combinatorics 117

So in order to find the cardinality of C it is enough to find the number of strictlyincreasing maps taking values in {0, . . . , 95}. By the same argument used for findingthe cardinality of A, we find that C has

(965

)elements.

38

(i) First, consider the problem of forming an ordered sequence of n teams of four.In order to form the first team, we must choose four people from a set of 4n

people, which can be done in(4n

4

)ways. Players for the second team will be

chosen among 4n − 4 people, so the team can be formed in(4n−4

4

)ways. We

can iterate this argument to obtained that the ordered list of n teams can beformed in

(4n

4

)(4n− 4

4

)· · ·(

4

4

)= (4n)!

(4!)n

ways. Finally, since the same n teams can be ordered in n! distinct ways, theanswer is

(4n)!(4!)n · n! .

(ii) Again, we shall first form the n teams in order. In order to form the first team,we must choose two men and two women in the respective 2n-element sets: this

can be done in(2n

2

)2ways. By a procedure similar to the one from before, an

ordered list of n teams can be formed in

(2n

2

)2(2n− 2

2

)2

· · ·(

2

2

)2

= (2n)!222n

ways, hence a non-ordered set of n teams can be formed in

(2n)!222nn!

ways.

39 Notice that x and f (x) must have the same number of divisors and the samenumber of multiples in the interval under consideration. It follows that 1, which isthe only number with exactly one divisor, must be sent to 1, and any prime mustbe sent to a prime, since primes are those natural numbers that have exactly twodivisors.

In general, the number of divisors of an integer m can be obtained from the primefactorisation p

a11 · · ·pak

k of m as the product (a1+1) · · · (ak+1); indeed, each primepi may appear in the prime factorisation of a divisor of m with an exponent rangingfrom 0 to ai , so there are ai + 1 choices for each i = 1, . . . , k.

118 3 Solutions

Consider in particular the case where all ai are equal to 1, that is, m =p1p2 · · ·pk . In this case, m has exactly 2k divisors. Now, since pi divides m, itsimage qi = f (pi) must be a prime dividing f (m). Moreover, the qi’s must bedistinct because f is injective. Therefore, f (m) must be a multiple of q1q2 · · · qk ,and since it must have the same number of divisors as m (that is, 2k), it must beequal to the product in question. This shows (i).

As for (ii), remark that powers of primes can be characterised as those naturalnumbers that do not have two distinct prime factors. Since we already showed thatprimes are sent to primes and that distinct primes are sent to distinct primes, itfollows that any power pn of a single prime p must be sent to some power of thecorresponding prime q = f (p). But we can say more: pn must be sent to qn, thatis, maintain the same exponent n, otherwise pn, which has n+1 divisors, would nothave the same number of divisors as its image under f . This concludes the proof of(ii).

More generally, we shall show by induction on m that if the prime pi is sent toqi = f (pi) for i = 1, . . . , k, then m = p

a11 · · ·pak

k is sent to qa11 · · · qak

k .This has just been proven for k = 1, so assume k > 1. We may also assume

that exponents ai are positive; by the induction hypothesis, m/pa11 =

∏j �=1 p

aj

j is

sent to∏

j �=1 qaj

j . Since m/pa11 divides m, f (m/p

a11 ) must divide f (m). Hence in

particular qaj

j divides f (m) for all j �= 1. A similar argument, where 1 is exchanged

with another index, shows that qa11 also divides f (m). Therefore, f (m) must be a

multiple of qa11 · · · qak

k and, since it must have the same number of divisors as m,must actually coincide with that number.

We have thus shown that f is actually fixed once the image of all prime numbersis fixed, that is, once we know how it permutes the primes. Let us now show that,for n = 10, the only possible f is the identity. It is enough to show that each primemust be sent to itself. The primes up to 10 are 2, 3, 5, 7. If 2 were sent to 3, 23 wouldhave to be sent to 33, but this cannot be the case because 33 > 10. The possibilitiesf (2) = 5 and f (2) = 7 are excluded in a similar way, and we have to conclude that2 is sent to 2. Similarly, 3 is sent to 3, or we would not be able to assign an imageto 32. The only possibilities for f (5) are then 5 and 7, but, since 2 is sent to 2, 2 · 5must be sent to 2 · f (5), which excludes the case f (5) = 7. Indeed, every prime issent to itself and f is the identity.

For n = 13, a similar argument shows that f can apply any permutation to thethree primes 7, 11, 13 but must keep other primes fixed, so we have six possibilities.

40

(i) We may just consider the four sets of ten positions that cards of each suit willoccupy, because the order of the cards in each set is fixed. There are

(4010

)ways

to choose the ten positions occupied by coins; we are left with(30

10

)choices for

the positions occupied by swords, then(20

10

)choices for the positions occupied

2 Combinatorics 119

by clubs, and finally the positions occupied by cups are all those that remain.The number we are looking for is therefore

(40

10

)·(

30

10

)·(

20

10

)= 40!

(10!)4 .

(ii) Let us choose the 20 positions that will be occupied by coins or swords: thiscan be done in

(4020

)ways. Now, coins must necessarily occupy the fist 10

of these positions, while swords will occupy the remaining 10. Within theirassigned ten positions, both coins and swords can assume any order among the10! available. Finally, cups and clubs can be distributed freely among the 20remaining positions, in any of 20! possible ways. The answer is therefore

(40

20

)· (10!)2 · 20! = 40! · (10!)2

20! .

41 First, suppose n = 2m with m ≥ 1; partition the n numbers into two m-element subsets E and O , containing all of the even numbers and all of the oddnumbers respectively. If a subset X does not have at least three numbers of the sameparity, then it contains at most two elements of E and at most two elements of O .Accounting for the cases of X containing 0, 1 or 2 even numbers, we find we canchoose the even elements of X in

(m

0

)+(

m

1

)+(

m

2

)= m2 +m+ 2

2

ways. The same argument can be made regarding the number of ways we can chooseodd elements of X, so the number of subsets of X that do not contain three elementsof the same parity is

(m2 +m+ 2

2

)2

.

If n = 2m − 1 with m ≥ 1 (that is, if n is odd), the subset of odd numbers hascardinality m while the subset of even numbers has cardinality m − 1. Therefore,the expression for the number of subsets of X with no three elements of the sameparity becomes

m2 +m+ 2

2· m

2 −m+ 2

2.

120 3 Solutions

We obtain the final answer by subtracting the number of subsets with no threeelements of the same parity from the number of all possible subsets of {1, . . . , n};that is,

⎧⎪⎪⎪⎨

⎪⎪⎪⎩

22m −(

m2 +m+ 2

2

)2

if n = 2m,

22m−1 − m2 +m+ 2

2· m

2 −m+ 2

2if n = 2m− 1.

42 Given an element x ∈ Z/40Z we shall call c(x) ∈ {0, 1, 2, 3} the colour of x.Partition the set Z/40Z into ten subsets A0, . . . , A9, each containing four elements,with Ai being the set of elements of Z/40Z that are congruent to i modulo 10.

No conditions are imposed on the colours of elements belonging to different Ai’s,so we may colour elements in each Ai independently.

Let us consider the number of possible colourings of Ai = {i, i + 10, i + 20,i + 30} that satisfy the given requirement. There are two possibilities: either 1 i

and i + 20 are assigned the same colour or 2 i and i + 20 are assigned differentcolours.

1 In the first case, there are four ways to choose the colour of i and i + 20; theother two elements must be assigned a different colour than the one chosen: we canassign any of the remaining three colours to each of the two independently. Thereare in this case 4 · 32 = 36 valid colourings.

2 In the second case, there are four ways to choose the colour of i and threeways to choose the colour of i + 20 (one for each colour that is, not the one chosenfor i). The other two elements can be coloured independently of each other, eachwith any one of the two remaining colours. We get 4 · 3 · 22 = 48 valid colourings.

The total number of ways to colour a single Ai is thus 36+ 48 = 84. Since thereare ten sets Ai and each can be coloured independently, the total number of legalcolourings is 8410.

43

(i) There are two ways to colour a row completely white or completely black,so 2n − 2 ways to colour it so that it is neither. Moreover, we can chooserow colourings independently of each other. Thus, the number of possiblecolourings is (2n − 2)n.

(ii) We need to choose n cells in such a way that there is exactly one per rowand one per column, and colour them black. In other words, if in the ith rowwe choose the cell belonging to the σ(i)th column, we require the mappingi −→ σ(i) to be a permutation of the set {1, . . . , n}. This yields n! possibilities.

(iii) In each row, we shall choose n/2 cells which will be coloured white; allremaining cells will be coloured black. There are

(n

n/2

)ways to colour each

row. Since rows can be coloured independently of each other, the required totalnumber of colourings is

(n

n/2

)n.

2 Combinatorics 121

44

Solution 1 We shall first solve the problem by means of some properties ofbinomial coefficients.

Both sums have a null summand given by k = 0: we may of course disregard it. Itimmediately follows from the definition of binomial coefficients that k

(nk

) = n(n−1k−1

).

Hence, we have:

(i)n∑

k=0k(nk

) =n∑

k=1k(nk

) = nn∑

k=1

(n−1k−1

) = nn−1∑h=0

(n−1h

) = n2n−1.

(ii)n∑

k=0k2(nk

) =n∑

k=1kn(n−1k−1

) = nn−1∑h=0

(h + 1)(n−1h

) = nn−1∑h=0

h(n−1h

) + nn−1∑h=0

(n−1h

).

By using the first identity for n − 1 ≥ 1 and by a direct check for n − 1 = 0,we finally obtain

n∑

k=0

k2(

n

k

)= n(n− 1)2n−2 + n2n−1 = (n2 + n)2n−2.

Solution 2 We also propose a solution by induction.

(i) Set p(n) : ∑nk=0 k

(nk

) = n2n−1; we shall show that p(n) holds for n ≥ 1 by

induction on n. For n = 1 we have∑1

k=0 k(nk

) = (11) = 1 so p(1) holds.

Now assume that n ≥ 1 and that p(n) holds; we shall show p(n+ 1). We have

∑n+1k=0 k

(n+1k

) =∑nk=1 k(

(nk

)+ ( nk−1

))+ (n+ 1)

(n+1n+1

)

=∑nk=1 k

(nk

)+∑nk=0(k + 1)

(nk

)− (n+ 1)(nn

)+ n+ 1

= n2n−1 +∑nk=0 k

(nk

)+∑nk=0

(nk

)

= n2n−1 + n2n−1 + 2n

= (n+ 1)2n

where we have used the fact that p(n) holds, that is,∑n

k=0 k(nk

) = n2n−1, andthat

∑nk=0

(nk

) = 2n. This concludes our proof that p(n+ 1) holds.(ii) Again, we shall proceed by induction on n, this time to prove the proposition

q(n) : ∑nk=0 k2

(nk

) = n(n + 1)2n−2. Again, q(1) holds trivially, so we mayassume that n ≥ 1 and q(n) holds. Using what was proved in (i) we have

∑n+1k=0 k2

(nk

) =∑nk=1 k2(

(nk

)+ ( nk−1

))+ (n+ 1)2

(n+1n+1

)

=∑nk=1 k2

(nk

)+∑nk=0(k + 1)2

(nk

)− (n+ 1)2(nn

)+ (n+ 1)2

= n(n+ 1)2n−2 +∑nk=0 k2

(nk

)+ 2∑n

k=0 k(nk

)+∑nk=0

(nk

)

= n(n+ 1)2n−1 + n2n + 2n

= (n+ 1)(n+ 2)2n−1

so q(n+ 1) also holds.

122 3 Solutions

Solution 3 Here is a more combinatorial solution.

(i) Let X be the set {1, 2, . . . , n} and let F .= {(A, a) | a ∈ A ⊆ X}, that is, the setof all subsets A of X equipped with a distinguished element a of A. We shallcompute the cardinality of F in two separate ways.First, choose a subset A of X with cardinality k: there are

(nk

)ways to do this;

next, there are k ways to choose a distinguished element a in A. Thus, since A

can have cardinality 0, 1, . . . , n, the cardinality of F is∑n

k=0 k(nk

).

Alternatively, we can choose an element a of X in n possible ways, then choosea subset A of X containing a. Since X has cardinality n and a must be anelement of A, we have 2n−1 possibilities for A. Thus, the cardinality of F isn2n−1. This shows the required identity.

(ii) We will argue as before, this time for the set G = {(A, a, b) | a, b ∈ A ⊆ X}of all subsets A of X with two distinguished elements a and b, which maycoincide.We can choose a k-subset A of X in

(nk

)ways and we then have k2 ways to

choose a and b in A. So the cardinality of G is∑n

k=0 k2(nk

).

On the other hand, we can also proceed as follows. First, consider the casea = b: we can choose the distinguished element in n ways, after which thereare 2n−1 ways to choose the subset A of X in such a way that it contains a.As for the case a �= b, we can choose a in n ways, b in n − 1 ways andthen A in 2n−2 ways (it must contain both a and b). This gives a cardinality ofn2n−1 + n(n− 1)2n−2 = n(n+ 1)2n−2 for G, hence the required identity.

Solution 4 In this final solution we will use the binomial theorem.Let R[x] be the ring of polynomials in the variable x. Write D : R[x] −→ R[x]

for the operation of taking the derivative and R[x] � f (x)ν−→ f (1) ∈ R for

evaluation in 1.

(i) Consider the polynomial p(x).= (1 + x)n and evaluate its derivative in 1: we

have ν(D(p(x))) = ν(n(1 + x)n−1) = n2n−1. But we may also write out thedevelopment given by the binomial theorem, p(x) =∑n

k=0

(nk

)xk , which yields

ν(D(p(x))) = ν(

n∑

k=1

k

(n

k

)xk−1) =

n∑

k=1

k

(n

k

)

from which the desired identity follows.

(ii) Also consider the mapping R[x] � f (x)μ−→ xf (x) ∈ R[x] given by

multiplication by x. Apply νDμD to the polynomial p(x) = (1 + x)n. Wehave

νDμD(1 + x)n = νD(nx(1 + x)n−1)

= nν((1+ x)n−1 + (n− 1)x(1+ x)n−2)

= n(2n−1 + (n− 1)2n−2)

= n(n+ 1)2n−2.

2 Combinatorics 123

By the binomial theorem, we also have

νDμD(1 + x)n = νDμD(∑n

k=0

(nk

)xk)

=∑nk=0

(nk

)νDμD(xk)

=∑nk=0

(nk

)νD(kxk)

=∑nk=0

(nk

)ν(k2xk−1)

=∑nk=0 k2

(nk

)

which proves the identity.

45 Remark that the we are imposing independent and entirely symmetricrequirements on digits at even places and digits at odd places. If we had N

possibilities for the digits at odd places, then the cardinality we are looking wouldbe N2.

It is therefore enough to find the number of 15-tuples (a1, a3, . . . , a29) of 0s and1s such that their sum is at most 2. In particular, the sum can be 0, 1 or 2. A sumof 0 is obtained only for a1 = a3 = · · · = a29 = 0. In order for the sum to be1, all digits except for exactly one must be 0, so there are 15 possibilities. Finally,in order for the sum to be 2 all digits must be 0 except for two, which must be 1and need to be chosen among 15 places, which can be done in

(152

)ways. This gives

1+ 15+ 105 = 121 = 112 possibilities in total.In conclusion, the required cardinality is 114.

46

(i) We wish to find the number of sets A = {a, b, c} ⊆ X such that a + b = 10.The equality a + b = 10 with a �= b in X is satisfied if and only if {a, b} is oneof the following two-element sets: {1, 9}, {2, 8}, {3, 7} or {4, 6}; thus there arefour ways to choose the set {a, b}. The set A is obtained by choosing a set fromthe list above and adding an element c that does not already belong to it. Thiscan be done in 98 ways, regardless of which of the 4 sets has been chosen. Thesets constructed in this way are all distinct, so we obtain 4 · 98 = 392 in total.

(ii) Let X5 be the subset of X consisting of all multiples of 5; clearly, |X5| = 20.The sets A = {a, b, c} we are considering either consist of 3 multiples of 5 orcontain exactly 2 multiples of 5. Those of the first type are all three-elementsubsets of X5: there are

(203

); those of the second type can be constructed by

choosing two elements in X5 and one outside, and so there are(20

2

) · 80. The

total number of sets with the required property is(20

3

)+ (202

) · 80.

47 Given an element x of Z/2100Z, write it as x = 2αx1 with x1 odd and 0 ≤

α ≤ 100. For α = 100 we have x = 0; given α < 100, choosing x is equivalent tochoosing x1 among all odd residue classes modulo 2100−α; there are φ(2100−α) =299−α such classes.

124 3 Solutions

Now let x = 2αx1, with x1 odd; the equation xy = 0 can be rewritten as2αx1y ≡ 0 (mod 2100). Solutions y are residue classes modulo 2100 such that y ≡ 0(mod 2100−α): there are 2α.

In conclusion, for 0 ≤ α ≤ 99 there are 299−α · 2α = 299 pairs (2αx1, y) asrequired; for α = 100, we have x = 0 and the equation is satisfied by all possiblevalues of y. The total number of solutions is therefore

99∑

α=0

299 + 2100 = 100 · 299 + 2100 = 51 · 2100.

48

(i) The number of teams of 4 one can form from a set of 13 people is(13

4

). Among

these teams, those that include any two fixed people p and q are(11

2

)(2 of the

4 people on the team are p and q; the 2 remaining people are selected amongthe other 11 available). The probability of p and q being in the chosen team istherefore

(112

)/(13

4

) = 1/13. The probability that p and q do not both belong tothe team is 12/13.

(ii) Let n be the number we are looking for. One can form(4

2

) = 6 possibleunordered pairs of people from a team; since the total number of unorderedpairs is

(132

) = 78, we must have 78 = 6n, hence n = 13.

49 Let X = {0, 1, . . . , 100}. We know that the positive divisors d of 21003100 arethe numbers of the form 2x3y with x, y ∈ X; we must find out which of those satisfythe congruence

2x3y ≡ 4 (mod 5).

Remark that 3 ≡ 2−1 (mod 5), so the congruence above can be rewritten as2x−y ≡ 22 (mod 5). Its solutions are given by x − y ≡ 2 (mod 4) since themultiplicative order of 2 modulo 5 is 4.

Since the set X has 26 elements congruent to 0 modulo 4 and 25 elements ineach of the other classes modulo 4, the number of pairs (x, y) ∈ X × X such thatx ≡ y + 2 (mod 4) is 26 · 25+ 25 · 25+ 25 · 26+ 25 · 25 = 2550.

50

(i) Let A = {x, y} be a two-element subset of X. In order for x + y to be divisibleby 4 we must have one of the following: x and y are both divisible by 4; x andy are both congruent to 2 modulo 4; or, finally, one among x and y is congruentto 1 modulo 4 and the other to 3 modulo 4.In the first case, A must be contained in the subset of X consisting of allmultiples of 4, which has 25 elements; this leads to

(252

)possibilities. Similarly,

the second case also leads to(25

2

)possibilities.

2 Combinatorics 125

In the last case, A can contain any of the 25 elements congruent to 1 and any ofthe 25 congruent to 3 modulo 4, so it can be chosen in 252 ways.Summing the results obtained so far yields the answer 2 · (25

2

)+ 252.(ii) Let A = {a, b, c} be a three-element subset of X. We may assume a < b < c.

There are x = a − 1 numbers in X that are strictly less than a; there are y =b − a − 1 strictly between a and b and z = c − b − 1 strictly between b and c;there are t = 100− c strictly larger than c.Clearly, the subset A is entirely determined by the choice of x, y, z, t . Moreover,we must have x + y + z + t = 97. By assumption, y and z are both positive.Setting x ′ = x + 1 and t ′ = t + 1 we have that x ′ and t ′ are also positive; thecondition on x ′, y, z, t ′ becomes x ′ + y + z+ t ′ = 99, which has

(983

)solutions

in the positive integers.

51

(i) There are nine possibilities for the pair (mf ,Mf ), that is, (1, 2), (2, 3), . . . ,(9, 10). Each of them corresponds to maps taking only two possible values,under the condition that both values are actually attained. Once we fix the pairthat a map takes values in, all we have to do is exclude the constant maps, sowe have 210− 2 possibilities. Given the nine possible choices of (mf ,Mf ), thenumber of maps with the required property is 9 · (210 − 2).

(ii) The set of maps from {1, 2, . . . , 10} to itself consists of 1010 elements. Weneed to remove from this set all maps such that Mf �= 10 or mf �= 1. LetA = {f ∈ X |Mf �= 10}, B = {f ∈ X |mf �= 1}. Both A and B are the setsof all maps from a set of ten elements to a certain set of nine elements, whileA ∩ B is the set of maps from a ten-element set to a set of eight elements. Itfollows that

|A ∪ B| = 910 + 910 − 810,

so the cardinality we want is 1010 − 2 · 910 + 810.

52 We can rewrite the equation as n − φ(n) = 8. Clearly, n cannot be equal to 1,so it must have prime divisors.

First, assume that only one prime appears in the prime factorisation of n, son = pa for some prime p and some exponent a ≥ 1. Then n− φ(n) = pa − (pa −pa−1) = pa−1, hence pa−1 = 8, that is, p = 2, a− 1 = 3, which gives the solutionn = 24 = 16.

Next, assume that n = paqb has exactly two distinct prime factors p and q , withp < q . Then n−φ(n) = paqb− (pa−pa−1)(qb−qb−1) = pa−1qb−1(p+q−1).It follows that pa−1qb−1 | 8.

If pa−1qb−1 = 1, then p + q − 1 = 8 and so, since p + q = 9 is odd, one ofthe two summands must be even: we must have p = 2 and q = 7. This yields thesolution n = 14.

126 3 Solutions

If pa−1qb−1 = 2, then p + q − 1 = 4, which has the unique solution p = 2,q = 3. This yields the solution n = 22 · 3 = 12.

If pa−1qb−1 ≥ 4, then p + q − 1 ≤ 2, which is clearly impossible.Finally, assume n has at least three distinct prime factors p, q, r , with p < q < r .

Then the set of integers {1 ≤ x ≤ n | p divides x} contains at least qr ≥ 3 · 5 = 15numbers that are not coprime to n, so n− φ(n) ≥ 15.

In conclusion, the solutions of the given equation are n = 12, 14, 16.

53

(i) The set of fixed points is a 10-element subset of a set of 100 elements, so it canbe chosen in

(10010

)ways. The other 90 elements must not be fixed, so each can

be sent to 99 possible elements, all but the element itself. The number of mapswith the required property is therefore

(100

10

)· 9990.

(ii) There are two ways to obtain∑

x∈X |f (x) − x| = 2: either there is only oneelement x which is not fixed by f and we have |f (x) − x| = 2, or there areexactly two elements x, y not fixed by f and we have |f (x)−x| = |f (y)−y| =1.In the first case, there are two possibilities for f (x) if x �= 1, 2, 99, 100 andone otherwise. In the second case, there are two possibilities for the image ofeach element of the pair x, y, unless at least one of the elements belongs toA = {1, 100}.If only one of the two belongs to A, then there is one way to choose its imageand there are two choices for the image of the other element. If the set {x, y} isA then there is only one choice for the two images.In conclusion, the number of maps we are looking for is

2 · 100− 4+(

98

2

)· 4+ 2 · 98 · 2+ 1 = 19601.

54

(i) The number of all five-element subsets of X is(20

5

). For each subset A

containing five elements, the subset B must have exactly seven elements thatdo not belong to A and any number of elements in common with A. Therefore,once we fix A, the number of choices for B is

(157

) · 25. The answer is thus

(20

5

)·(

15

7

)· 25.

2 Combinatorics 127

(ii) We can choose the set Y = (A ∪ B) ∩ C in(20

8

)ways. Given an element of

Y , it can belong to A \ B, B \ A or A ∩ B; consequently, we have 38 ways todistribute the elements of Y among A and B.By a similar argument, each element of X \Y can be assigned to any one of fivesets: X \ (A∪B ∪C), A \ (B ∪C), B \ (A∪C), C \ (A∪ B) or (A ∩B) \C.This gives 512 ways to place elements of X \ Y .We have

(20

8

)· 38 · 512.

choices in total.

55

(i) The strings with k even components are(10

k

) · 3k · 210−k. Indeed, they can beconstructed by choosing k positions among the ten available and assigning themeven values, that is, 0, 2 or 4, whereas the remaining 10 − k positions areassigned odd values, that is, 1 or 3. The strings we want are those with 6, 7,8, 9 or 10 even components and are therefore

10∑

k=6

(10

k

)· 3k · 210−k = 37 · 2827.

(ii) We can interpret strings as sequences of digits in the base 5 representation ofa natural number: (a0, . . . , a9) −→ a0 + a15 + · · · + a959. By remarking that5 ≡ −1 (mod 6), we obtain that the strings we have to count are those suchthat

a0 + a15+ · · · + a959 ≡9∑

i=0

(−1)ia1 ≡ 0 (mod 6),

that is, all those that correspond to a multiple of 6. Strings with ten componentscorrespond to natural numbers between 0 and 510− 1 (inclusive); among these,there are "510/6# multiples of 6.[[Since 52 ≡ 1 (mod 6), we have 510 ≡ 1 (mod 6). It follows that "510/6# = 1 + (510 −1)/6 = 1 + (55 − 1)(55 + 1)/6 = 1 + (55 − 1)(5 + 1)(54 − 53 + 52 − 5 + 1)/6 =1+ (55 − 1)(54 − 53 + 52 − 5+ 1) = 59 − 58 + 57 − 56 + 55 − 54 + 53 − 52 + 5.]]

56

(i) Let A ∈ X, a = min A and b = max A. We have b = 60+a, so, since b ≤ 100,there are 40 possible values for a, that is, the integers from 1 to 40. Sets A ∈ X

with min A = a and max A = b are constructed by choosing A \ {a, b} to beany subset of {a + 1, . . . , a + 59}, in one of 259 possible ways. We thereforehave |X| = 40 · 259 = 262 · 5.

128 3 Solutions

(ii) Let N2 and N5 be the subsets of N consisting of all elements that are notmultiples of 2, and not multiples of 5, respectively. Set Yi = {f ∈ Y | f (N) ⊆Ni} for i = 2, 5. We have Y = Y2∪Y5 and Y2∩Y5 = {f ∈ Y | f (N) ⊆ N2∩N5},so |Y | = |Y2∪Y5| = |Y2|+ |Y5|− |Y2∩Y5| = |N2|100+|N5|100−|N2∩N5|100.Now |N2| = 50, |N5| = 80 and |N2 ∩ N5| = 40, because half of the non-multiples of 5 are odd and half are even. We therefore have |Y | = 50100 +80100 − 40100.

57 In order to count pairs (α, β) satisfying the required conditions we shalldistinguish three cases.

1 The word α is spelled with only one letter: there are 26 words of this type,one for each letter in the alphabet, and in this case β is any word of length 3 formedwith the 25 remaining letters, so there are 253 possible choices for β.

2 The word α is spelled with two letters: there are(26

2

) · 6 words of this type, asmany as the ways one can choose two letters from the alphabet, times the numberof words of length 3 one can form using both letters. In this case, β is any word oflength 3 formed with the 24 remaining letters, so we have 243 possible choices forβ.

3 Finally, assume that the word α is spelled with three different letters: thereare

(263

) · 3! words of this type, as many as the ways to choose three letters from thealphabet, times the number of possible permutations of three letters. In this case β isany word of length 3 formed with the 23 remaining letters, so there are 233 possiblechoices for β.

The total number of pairs satisfying the required condition is

26 · 253 +(

26

2

)· 6 · 243 +

(26

3

)· 3! · 233.

58

(i) We can construct the required pairs (A,B) by choosing the 40 elements of A∪B

in one of(100

40

)ways, then selecting 10 of those elements to be the elements

of A, which can be done in(40

10

)ways, and, finally, choosing the subset of A

representing the intersection with B, for which we have 210 choices. It followsthat the cardinality we want is

(10040

)(4010

)210.

(ii) Call Γ the set of all subsets with the required properties and let Σ be the set offive-element subsets A of X such that

∏x∈A x �≡ 0 (mod 9). We have |Γ | =(100

5

)− |Σ|.In order to compute the cardinality of Σ , consider the partition given by:

Σ3 = {A ⊆ X∣∣ |A| = 5,

∏x∈A x �≡ 0 (mod 3)

}

Σ9 = {A ⊆ X∣∣ |A| = 5,

∏x∈A x ≡ 0 (mod 3),

∏x∈A x �≡ 0 (mod 9)

}.

Now, |Σ3| =(100−33

5

)since we can choose the five elements of A among the

100− 33 elements that are not divisible by 3. Moreover, |Σ9| =(100−33

4

) · 22:

2 Combinatorics 129

we need to choose four elements that are not divisible by 3 and a fifth that isdivisible by 3 but not by 9, for which we have 22 choices (there are 33 multiplesof 3, 11 of which are also multiples of 9).We thus obtain

|Γ | =(

100

5

)−(

100− 33

5

)−(

100− 33

4

)· 22.

59 Denote by Tk the score after the first k rolls, and by Pk the probability that Tk isdivisible by 7; we wish to compute Pn. Clearly, Tn = Tn−1+ i, where i ∈ {1, . . . , 6}is the score of the nth die roll, so Tn ≡ 0 (mod 7) if and only if i ≡ −Tn−1(mod 7). It follows that if Tn−1 ≡ 0 (mod 7) then it is not possible to obtain amultiple 7, whereas if Tn−1 �≡ 0 (mod 7) then there is a unique value of i whichwould yield a multiple of 7.

What we have just shown is that Pn satisfies the recurrence relation Pn = (1 −Pn−1)/6.

Keeping in mind that P1 = 0, one can easily show by induction that

Pn = 1

7

(1+ (−1)n

6n−1

).

60

(i) Since (2, 3) = 1, the equation does have integer solutions. One particularsolution of the equation 2x + 3y = 1 is x = −1, y = 1, so a particular solutionof 2x + 3y = 100 is x = −100, y = 100, and a general solution (with x, y

integers) has the form x = −100+ 3k, y = 100− 2k, where k ∈ Z.We have x > 0 if and only if−100+ 3k > 0, that is, 3k > 100, or equivalentlyk ≥ 34. We have y > 0 if and only if 100 − 2k > 0, that is, 2k < 100, or inother words k < 50.We thus have a solution in the positive integers for each k with 34 ≤ k < 50,so there are 16 such solutions.

(ii) The equation x + y + z = 100 where x, y, z are positive integers has(99

2

)

solutions; these are in bijection with the subsets {x, x + y} of {1, 2, . . . , 99}.Naturally, all these solutions are ordered triples (x, y, z) with x, y, z ∈{1, 2, . . . , 100}, but only those such that x, y, z are all different correspond tothree-element subsets of {1, 2, . . . , 100}. To be more precise, six solutions ofthis type correspond to a single three-element subset, whose elements can beordered in 3! = 6 ways.Solution triples with exactly two equal values are of the form (x, x, y), (x, y, x)

or (y, x, x), with 2x + y = 100. Since we must have y = 100− 2x, the valueof y is determined by the value of x, and the inequalities x > 0, y > 0 give0 < x < 50, that is, 49 possible values for x. By considering the three possibleforms of the solutions, one obtains 3 · 49 solutions of this type.There are no solutions where the three unknowns take the same value, since3x = 100 has no integer solutions.

130 3 Solutions

Therefore, the solutions with the unknowns taking three different values are(992

)− 3 · 49 = 96 · 49 and the number of sets we want is 96 · 49/6 = 784.

61 For n = 1 we have φ(n) = 1, so for a = 43 the equation has a solution.From now on, assume n > 1, so that φ(n) < n, that is, a < 43. By rearranging theformula for Euler’s totient function φ we obtain

φ(n)

n=∏

p | n

p − 1

p= a

43,

where the product ranges over all primes that divide n. The largest prime q thatdivides n certainly appears in the denominator of φ(n)/n, so q = 43. If 43 is theonly prime that divides n then n = 43k for some positive integer k and φ(n)/n =42/43, so a = 42.

Now assume there is at least another prime that divides n and let q1 be the largestsuch prime. If q1 � 42, then q1 appears in the denominator of φ(n)/n, which givesa contradiction. We therefore have q1 = 2, 3 or 7. Also remark that 5 � n, because,even if we had q1 = 7, if 5 were a divisor of n then the denominator of φ(n)/n

would be divisible by 5, hence a contradiction.If follows that n can only be of the form n = 2x3y7z43t , with x, y, z ≥ 0 and

t > 0. By considering the eight different cases given by each among x, y and z

being either equal to or strictly greater than 0, one obtains the eight possible valuesof a that are less than 43, that is: 42, 36, 28, 24, 21, 18, 14, 12.

62

(i) We can rewrite the congruence in the statement as (a − 1)(b − 1) = ab − a −b + 1 ≡ 1 (mod 3). We are therefore considering all subsets {a, b} of X witha − 1 ≡ b− 1 ≡ 1 (mod 3) or a − 1 ≡ b− 1 ≡ −1 (mod 3). If the first holdsthen a ≡ b ≡ 2 (mod 3) and if the second does then a ≡ b ≡ 0 (mod 3). Thenumber of elements of X that are congruent to 2 modulo 3 is 33, the same asthe number of elements of X congruent to zero modulo 3. Hence there are

(332

)

subsets of each of the two types and the answer is 2 · (332

) = 33 · 32 = 1056.(ii) Let S be the family of all subsets {a, b} of X such that ab ≡ 0 (mod 3), and

let T be the family of all subsets {a, b} of X such that a + b ≡ 0 (mod 3).The number we want is |S ∪ T |; by the inclusion-exclusion principle, we have|S ∪ T | = |S| + |T | − |S ∩ T |.The subsets in S are those that contain at least one multiple of 3, so thecomplement of S among all two-element subsets of X comprises all subsetsthat do not contain a multiple of 3. It follows that |S| = (100

2

) − (672

) =50 · 99− 67 · 33 = 33 · 83.The subsets in T are those for which b ≡ −a (mod 3). So we must either havea ≡ b ≡ 0 (mod 3), and there are

(332

)subsets of this type, or one element must

be congruent to 1 and the other to−1 modulo 3, and there are 34 · 33 subsets ofthis second type. In total, |T | = 33 · 16+ 33 · 34 = 33 · 50.

2 Combinatorics 131

The subsets in S ∩ T are those with both elements divisible by 3: there must beone multiple of 3 because the subset belongs to S, and therefore both elementsmust be multiples of 3 in order for the subset to belong to T . Hence |S ∩ T | =(33

2

) = 33 · 16.In conclusion, |S ∪ T | = 33 · (83+ 50− 16) = 33 · 97 = 3201.

63

(i) For each σ ∈ S(X) we clearly have

100∑

i=1

(σ (i)− i) =100∑

i=1

σ(i)−100∑

i=1

i = 0,

hence

100∑

i=1

(σ (i)− i) ≡ 0 · |X0,σ | + 1 · |X1,σ | + 2 · |X2,σ | ≡ 0 (mod 3),

that is, |X1,σ | ≡ −2 · |X2,σ | ≡ |X2,σ | (mod 3).(ii) Partition the set X as X0 � X1, where X0 is the subset of even numbers in X

and X1 the subset of odd numbers. Given a permutation σ , partition X0 and X1as follows: X0 = Xσ

0,0 � Xσ0,1 and X1 = Xσ

1,0 � Xσ1,1, where Xσ

i,j = {x ∈ Xi |σ(x) ∈ Xj } for i, j = 0, 1.It is clear that |Xσ

0,1| can be any integer k with 0 ≤ k ≤ 50 and that, if |Xσ0,1| =

k, then |Xσ1,0| = k and |Xσ

0,0| = |Xσ1,1| = 50 − k. We therefore have

(50k

)

independent choices for Xσ0,1 and for Xσ

1,0, whereas the two sets Xσ0,0 and Xσ

1,1are fixed once the first two are chosen, as they are their complements.Moreover, the condition in the statement is satisfied if and only if the fol-lowing requirements hold: σ(Xσ

0,1) = Xσ1,0, which corresponds to k! choices;

σ(Xσ1,0) = Xσ

0,1, with k! choices; σ(Xσ0,0) = Xσ

0,0, with (50 − k)! choices,and finally σ(Xσ

1,1) = Xσ1,1, with (50 − k)!. It follows that the number of

permutations with the required property is

50∑

k=0

(50

k

)2

(k!)2 · ((50− k)!)2 =50∑

k=0

(50!)2 = 50!2 · 51!

64

(i) Let us write x = 2α15β1 , y = 2α25β2 , z = 2α35β3 , where α1, α2, α3 andβ1, β2, β3 are non-negative integers. The condition on x, y, z is equivalent tothe system

{α1 + α2 + α3 = 100β1 + β2 + β3 = 100.

132 3 Solutions

The two equations are independent and each has as many solutions as the non-negative integer solutions of the equation t1 + t2 + t3 = 100, that is,

(1022

).

Therefore the required number of triples is(102

2

)2.

(ii) The condition is equivalent to the system

{2α1 + α2 + α3 = 1002β1 + β2 + β3 = 100

and again the two equations are independent. By symmetry, we may count thesolutions of the first equation, which is equivalent to the inequality

2α1 + α2 ≤ 100;

indeed, the inequality holds for any solution of the original equation and, ifα1, α2 satisfy the inequality, there is a unique α3 such that 2α1+α2+α3 = 100.The inequality has 101− 2α1 solutions for each possible value of α1 between 0and 50 inclusive. In total we have

50∑

α1=0

(101− 2α1) = 512

solutions, and thus the number of possible triples is 512 · 512 = 514.

65 We shall consider two separate types of maps: 1 those for which 1 �∈ Im(f )

and 2 those for which 1 ∈ Im(f ).1 If 1 �∈ Im(f ), then f (a) �= 1 and f (b) �= 1, so the number f (a) ·f (b) cannot

be a prime for any choice of a and b in X \ {1}. Since |X \ {1}| = 9, there are 910

maps of this type.2 If 1 ∈ Im(f ), then there exists c ∈ X such that f (c) = 1. Consequently, in

order for the map f to fulfil the requirement, f (a) cannot be a prime for any a inX; indeed, if this weren’t the case then the number f (a) · f (c) = f (a) would beprime. On the other hand, if f (a) is a composite number for all a in X such thatf (a) �= 1 then the map f does satisfy the condition.

What we have to do is find the number of all maps such that their image iscontained in X \ {2, 3, 5, 7} and 1 ∈ Im(f ). In order to do this, we can count mapsfrom X to X \ {2, 3, 5, 7} and subtract the number of maps such that 1 �∈ Im(f ),that is, maps from X to X \ {1, 2, 3, 5, 7}. There are 610 maps X→ X \ {2, 3, 5, 7}and 510 maps X −→ X \ {1, 2, 3, 5, 7}, hence 610 − 510 maps of this second type.

2 Combinatorics 133

Summing the numbers obtained for case 1 and case 2 yields 910+610−510 mapsin total.[[In order to count maps of the second type, that is, maps X −→ X \ {2, 3, 5, 7} such that 1 ∈Im(f ), we may also count maps with |f−1(1)| = k for each k ≥ 1 and then sum over all possiblecardinalities. Indeed, the number we want is equal to

∑10k=1 |{f : X −→ X \ {2, 3, 5, 7} | |f−1(1)| = k} = ∑10

k=1

(10k

)510−k

= ∑10k=0

(10k

)510−k − (10

0

)510

= 610 − 510.

]]

66

(i) Teams that satisfy the requirement can be constructed by choosing two pairs oftwins among the n available, which can be done in

(n2

)ways, then completing

the team with two people that are not twins, selected from the remaining n− 2pairs. The latter selection amounts to choosing two pairs of twins among theremaining n − 2, which can be done in

(n−2

2

)ways, then choosing one twin

from each, which can be done in 22 ways. In conclusion, there are

(n

2

)(n− 2

2

)22 = n(n− 1)(n− 2)(n− 3)

teams satisfying the requirements.(ii) In order to find the number of valid partitions we shall first find the number of

all possible partitions into four teams of six and then subtract the number of allpartitions such that each pair of twins is on the same team. Forming 4 teams of6 with 24 people is the same as partitioning a 24-element set into 4 subsets with6 elements each. The number of such partitions is

1

4!(

24

6

)(18

6

)(12

6

)(6

6

)= 24!

4!7204 .

We need to subtract the number of partitions such that each pair of twins is onthe same team, that is

1

4!(

12

3

)(9

3

)(6

3

)(3

3

)= 12!

4!64 .

The answer is therefore24!

4!7204 −12!4!64 .

67

(i) For all x ∈ N the integers x100 and x have the same parity, so we must findthe number of all subsets A of X = {1, . . . , 100} such that

∑a∈A a is even. A

134 3 Solutions

subset A satisfies this condition if and only if it contains an even number of oddelements.Consider the partition of X given by the sets X0 = {2, 4, . . . , 100} and X1 ={1, 3, . . . , 99}, which contain 50 elements each. As with all nonempty sets, thereare as many subsets of X1 with even cardinality as with odd cardinality; thereare therefore 249 subsets of X1 with an even number of elements. It follows thatthe cardinality we are looking for is 250 · 249 = 299.

(ii) Let (A,B) be a pair of subsets of X satisfying the requirements; consider thepartition of A ∪ B given by A′ = A \ (A ∩ B),B ′ = B \ (A ∩ B) and C =A ∩ B. According to the conditions on (A,B), A′ and B ′ can be any disjointsets, whereas the set C, which is also disjoint from A′ and B ′, must be chosento satisfy one of the following: 1 C contains exactly one element which is amultiple of 4 but not of 8, 2 C contains exactly two elements which are evenbut not multiples of 4.Remark that X contains 25 = 50−25 elements that are multiples of 2 but not of4 and 13 = 25−12 elements that are multiples of 4 but not of 8. Constructing apair (A,B) is equivalent to constructing a triple (A′, B ′, C) and, in order to findthe number of such triples, we shall consider case 1 and case 2 separately.In case 1 we have 13 ways to choose the one multiple of 4 appearing in C. Wethen have three choices for each of the 49 even elements of X, each of whichcan be put in A′, in B ′ or in neither of the two sets. Finally, each of the 50 oddelements of X can be chosen to be a member of A′, B ′, C or of none of thethree sets, so we have four possible choices for each. This yields 13 · 349 · 450

possibilities in total.Similarly, in case 2 we have

(252

)choices for the pair of even elements we

assign to C. Each of the remaining 48 even elements of X can be assignedto A′, to B ′ or to neither and, finally, each of the 50 odd elements of X canbe assigned to A′, B ′, C or to none of the three sets. We have

(252

) · 348 · 450

possibilities.Summing the numbers obtained in the two cases we get the answer

13 · 349 · 450 +(

25

2

)· 348 · 450 = 113 · 349 · 2100.

3 Congruences

68 Remark that 13 ≡ 64 ≡ 26(mod 17) and thus the first equation becomes 2ax ≡26 (mod 17). Since the order of 2 in (Z/17Z)∗ is 8, we have ax ≡ 6 (mod 8). Thisequation implies that a and x cannot both be even; indeed, if they were we wouldhave both ax ≡ 0 (mod 4) and ax ≡ 2 (mod 4), impossible. We shall distinguishthe cases a even and a odd.

3 Congruences 135

1 If a is even then (as we just showed) x is odd, so x − 2 is invertible modulo4. From the second equation we get x ≡ a (mod 4) which is impossible because itimplies x even.

2 If a is odd, then x is even, say x = 2y, from which the first equation becomes2ay ≡ 6 (mod 8), hence ay ≡ 3 (mod 4). Now, from a being odd we obtaina2 ≡ 1 (mod 4), so the first equation becomes y ≡ −a (mod 4); hence y is odd.Substitute x = 2y into the second equation to obtain (2y−a)(2y−2)≡ 0 (mod 4),that is, y − 1 ≡ 0 (mod 2), which holds because y is odd.

In conclusion, for a odd, the solution is x ≡ −2a (mod 8).

69 Since 2 ∈ (Z/9Z)∗, we must also have a ≡ 2x ∈ (Z/9Z)∗. So a �≡ 0 (mod 3),hence x ≡ a2 ≡ 1 (mod 3).

The order of (Z/9Z)∗ is 6 and 2 is a generator. Moreover, x ≡ 1 (mod 3) impliesthat x can be congruent to 1 or to 4 modulo 6. In the first case, a ≡ 2x ≡ 2 (mod 9),whereas in the second case a ≡ 2x ≡ −2 (mod 9). So the condition a ≡ ±2(mod 9) is necessary.

On the other hand, if a ≡ 2 (mod 9) then x ≡ 1 (mod 3) is a solution of thesystem, whereas if a ≡ −2 (mod 9) then x ≡ 4 (mod 6) is a solution.

70 From the second congruence we get that 4 = (4, 24) divides a2 and thus a iseven, say a = 2b. The second congruence becomes x2 ≡ b2 (mod 6).

The first congruence can be rewritten as 2x ≡ 32b ≡ (32)b ≡ 2b (mod 7). It isequivalent to x ≡ b (mod 3) because 3 is the order of 2 in (Z/7Z)∗. For a = 2b

even, the system is therefore equivalent to

{x2 ≡ b2 (mod 6)

x ≡ b (mod 3).

From the first equation we get x ≡ x2 ≡ b2 ≡ b (mod 2); we thus must havex ≡ b (mod 6). But this condition is clearly sufficient. In conclusion, the systemhas solutions for all even a.

71 Remark that the order of 2 in (Z/13Z)∗ is 12, that is, 2 is a generator of thatgroup, and that 3 ≡ 24 (mod 13). The second congruence yields that x − 1 = 3y

for some integer y. Then the first congruence becomes

(24)3y(3y+2) = 212y(3y+2) ≡ 1 ≡ 2a (mod 13).

Such a congruence has a solution if and only if a ≡ 0 (mod 12), in which casex ≡ 1 (mod 3) is the solution of the system.

72 First of all remark that 2 has order 3 in (Z/7Z)∗, so 2x only depends onthe residue class modulo 3 of x. Moreover, the second equation is equivalentto the systems x ≡ ±1 (mod 3), x ≡ ±1 (mod 5), where signs are chosenindependently. In particular, x is not congruent to 0 modulo 3. Therefore, if x ≡ 1

136 3 Solutions

(mod 3) then x ≡ 2x ≡ 2 (mod 7), whereas if x ≡ −1 (mod 3) then x ≡ 2x ≡ −3(mod 7).

The system is thus equivalent to the union of the four systems

⎧⎨

⎩

x ≡ 1 (mod 3)

x ≡ 2 (mod 7)

x ≡ ±1 (mod 5),

⎧⎨

⎩

x ≡ −1 (mod 3)

x ≡ −3 (mod 7)

x ≡ ±1 (mod 5).

Straightforward computations lead to the conclusion that the original system has assolutions the classes 16, −26, 11 and−31 modulo 105.

73 From the definition of binomial coefficient we get

{n(n−1)(n−2)

6 ≡ 0 (mod 2)n(n−1)(n−2)(n−3)

24 ≡ 0 (mod 2)

hence, eliminating factors that are invertible modulo 2,

{n(n− 1)(n− 2) ≡ 0 (mod 4)

n(n− 1)(n− 2)(n− 3) ≡ 0 (mod 16).

The first equation is clearly solved by all n congruent to 0, 1 or 2 modulo 4, whereasn is not a solution if it is congruent to −1 modulo 4.

In order to solve the second equation, remark that exactly two among the factorsn, n − 1, n− 2, n− 3 are even, and that they are consecutive even numbers. Giventwo consecutive even numbers, only one can be divisible by 4, while the other isdivisible by 2 but not by 4. Therefore, if the product must be divisible by 16, thenthe number which is a multiple of 4 must actually be divisible by 8. It follows thatthe second equation is solved by n congruent to 0, 1, 2, 3 modulo 8.

Since n congruent to a modulo 8 implies n congruent to a modulo 4, the solutionsof the system are given by n congruent to 0, 1, 2 modulo 8.

74 The congruence x2 ≡ 4 (mod 14) is equivalent to the system of twocongruences x2 ≡ 0 (mod 2) and x2 ≡ 4 (mod 7). Moreover, we can rewrite thefirst of these as x ≡ 0 (mod 2), because x2 is always congruent to x modulo 2.

The second one in turn becomes (x − 2)(x + 2) ≡ 0 (mod 7) and, since 7 isprime, is solved by x ≡ 2 (mod 7) or x ≡ −2 (mod 7).

So the solutions of the original system are given by the union of the solutions ofthe two systems

⎧⎨

⎩

x ≡ 0 (mod 2)

x ≡ 2 (mod 7)

x ≡ 3 (mod 5),

⎧⎨

⎩

x ≡ 0 (mod 2)

x ≡ −2 (mod 7)

x ≡ 3 (mod 5).

3 Congruences 137

Straightforward calculations yield that the solutions of the original system are givenby the residue classes −12 and −2 modulo 70.

75 Let us consider the prime factorisation 7·112 of 847 and replace the first equationwith the system of congruences x660 ≡ 1 (mod 7) and x660 ≡ 1 (mod 112).

We shall examine the first of these. If 7 were a divisor of x, then 7 would obvi-ously divide x660, which contradicts the condition x660 ≡ 1 (mod 7). Conversely, if7 does not divide x then we have x6 ≡ 1 (mod 7) by Fermat’s little theorem, hencex660 = (x6)110 ≡ 1110 ≡ 1 (mod 7). We have thus shown that the first congruenceis solved by all x that are not divisible by 7.

As for the second congruence, we will employ a similar argument. If 11 werea divisor of x then it would also divide x660, which is not possible. So xφ(112) =x110 ≡ 1 (mod 11) and thus x660 = (x110)6 ≡ 16 ≡ 1 (mod 112). The secondcongruence is therefore solved by all x that are not divisible by 11.

We can rewrite the original system as

⎧⎨

⎩

x �≡ 0 (mod 7)

x �≡ 0 (mod 11)

x ≡ 11 (mod 13).

The solutions of the third equation are clearly given by all integers of the formx = 11 + 13k, where k is any integer. By imposing the condition that x is neitherdivisible by 7 nor by 11 we find that k can neither be congruent to 4 modulo 7 norto 0 modulo 11.

76 By considering the factorisation 85 = 5 · 17 we obtain that the congruence isequivalent to the system

{x3 − a3 ≡ 0 (mod 5)

x3 − a3 ≡ 0 (mod 17).

Now let p be either 5 or 17. If a ≡ 0 (mod p) then we have x3 ≡ 0 (mod p) andso, since p is prime, x ≡ 0 ≡ a (mod p). If a �≡ 0 (mod p), then a is invertiblemodulo p, so we can rewrite the congruence as (x/a)3 ≡ 1 (mod p).

Since 0 cannot be a solution and 3 does not divide p − 1, the only possiblesolution is x/a ≡ 1 (mod p), that is, x ≡ a (mod p).

So the system is in any case equivalent to

{x ≡ a (mod 5)

x ≡ a (mod 17)

and, since x ≡ a (mod 85) is a solution, it must be the unique solution by theChinese remainder theorem.

In conclusion, we have that for each a the congruence x3 − a3 ≡ 0 (mod 85)

has the unique solution x ≡ a (mod 85).

138 3 Solutions

77 Remark that 2 is coprime with 33 and so 2φ(33) = 218 ≡ 1 (mod 33). Since9 and 6 are the only maximal proper divisors of 18, we shall compute 29 and 26

modulo 33. We find that 29 ≡ −1 (mod 33) and 26 ≡ 10 (mod 33). This impliesthat 2 has multiplicative order 18 modulo 33. Moreover, 25 = 32 ≡ 5 (mod 33).

We can now rewrite the initial congruence as 2x ≡ 25 (mod 33) and concludethat it is equivalent to x ≡ 5 (mod 18).

We can thus rewrite the first of the two systems as

{x ≡ 5 (mod 18)

x ≡ 2 (mod 15).

By the Chinese remainder theorem, by taking prime factorisations, one obtains

⎧⎪⎪⎨

⎪⎪⎩

x ≡ 5 (mod 9)

x ≡ 1 (mod 2)

x ≡ 2 (mod 3)

x ≡ 2 (mod 5).

Notice that the first congruence implies the third, which can thus be ignored.Straightforward computations yield the solutions−13+90k, where k is any integer.

Let us now show that the second system in the problem statement has nosolutions. If 2x ≡ 5 (mod 34) then in particular we have 2x ≡ 5 (mod 33), sox ≡ 5 (mod 18) because of the argument above. Then x ≡ −1 (mod 3), which isincompatible with the last congruence, as that one implies x ≡ 0 (mod 3).

78

(i) If 81x ≡ b (mod 125) then we must have 81x ≡ b (mod 5), that is, b ≡ 1(mod 5). Hence, in order for a solution to exist, the residue class of b modulo125 must be one of the 25 classes congruent to 1 modulo 5. Let us show thatthis condition is sufficient.Remark that 81 is coprime to 125; let us compute its multiplicative order. Sinceφ(125) = 100, such an order must be a divisor of 100. We start by computing815 modulo 125.We have 81 = 1 + 16 · 5, so 815 = (1 + 16 · 5)5 ≡ 1 + 5 · 16 · 5 + 10 · 162 ·52+· · · ≡ 1+16 ·52 ≡ 1+52 (mod 125), where we omitted terms containinghigher powers of 5, which are 0 modulo 125. Thus the multiplicative order of81 modulo 125 cannot be a divisor of 5.Similarly, we have 8125 = (815)5 ≡ (1+52)5 ≡ 1+5·52+· · · ≡ 1 (mod 125).So the order we want must be a divisor of 25 and, since it cannot be 1 or 5, itmust be equal to 25.It follows that the powers of 81 modulo 125 must take 25 different values. Sinceour congruence has a solution if and only if b is a power of 81 modulo 125 wejust showed that the condition we found initially is sufficient.

3 Congruences 139

(ii) Given a solution x0, we have 81x0 ≡ b0 (mod 125). The equation becomes81x ≡ 81x0 (mod 125) and, since 81 has multiplicative order 25 modulo 125,all solutions are given by x0 + 25 · k, where k is any integer.

79 First of all, let us compute the order of 2 modulo 125, which is a divisor ofφ(125) = 100.

Remark that if 2n ≡ 1 (mod 125) then 2n ≡ 1 (mod 5). It follows that, sincethe multiplicative order of 2 modulo 5 is 4, the order of 2 modulo 125 is a multipleof 4, that is, one among 4, 20, 100.

We have 24 = 16 = 1+ 3 · 5, hence, by using the binomial development, we get220 = (24)5 = (1+ 3 · 5)5 ≡ 1+ 3 · 52 (mod 53). Thus the multiplicative order of2 modulo 53 cannot be a divisor of 20, so it must be 100.

Since 27 = 128 ≡ 3 (mod 125), 7 is a solution of the original congruence. Inparticular, the congruence amounts to 2x ≡ 27 (mod 125) and, because of what wejust showed, its solutions are given by 7+ 100k, where k is any integer.

Let us now solve the congruence modulo 625 = 54. We have already remarkedthat 24·5 ≡ 1+ 3 · 52 (mod 53), that is, 24·5 = 1+ 3 · 52 + h · 53 for some integerh. Using the binomial development again, we have 24·52 = (1+ 3 · 52 + h · 53)5 =(1 + (3 + 5h)52)5 ≡ 1 + 5(3 + 5h)52 ≡ 1 + 3 · 53 (mod 54). Any solution of2x ≡ 3 (mod 54) is also a solution of 2x ≡ 3 (mod 53), so it must be of the formx = 7+ 100k because of the argument above.

By combining the two facts 27 = 3 + 53 and 2100k ≡ (1 + 3 · 53)k ≡ 1 + 3k53

(mod 54) we obtain 2x = 27+100k ≡ (3+53)(1+3k53) ≡ 3+(1+9k)53 (mod 54).So x is a solution if and only if k ≡ 1 (mod 5). In conclusion, x ≡ 107 (mod 500).

80 By examining powers of 5 modulo 11 we find that 5 has multiplicative order 5modulo 11 and that 3 ≡ 52 (mod 11). The first congruence can thus be rewritten as5x ≡ 52 (mod 11) and is equivalent to x ≡ 2 (mod 5).

By the Chinese remainder theorem, the second congruence is equivalent to thesystem

{x2 ≡ 0 (mod 3)

x2 ≡ −3 (mod 7).

The first of these congruences is equivalent to x ≡ 0 (mod 3) because 3 is prime.The second is equivalent to x ≡ ±2 (mod 7) because 7 is prime and (±2)2 ≡ −3(mod 7).

We can thus rewrite the original system as

⎧⎨

⎩

x ≡ 0 (mod 3)

x ≡ 2 (mod 5)

x ≡ ±2 (mod 7).

Straightforward computations yield that the solutions are given by the classes of 12and 72 modulo 105.

140 3 Solutions

81 The condition in the problem statement is equivalent to the congruence

7x3 − 8ax2 + 9x + 3a ≡ 0 (mod 21)

which is itself equivalent to the system

{7x3 − 8ax2 + 9x + 3a ≡ 0 (mod 3)

7x3 − 8ax2 + 9x + 3a ≡ 0 (mod 7).

By reducing the coefficients of the above equations modulo 3 and 7 one obtains

{x3 + ax2 ≡ 0 (mod 3)

−ax2 + 2x + 3a ≡ 0 (mod 7).

Since x3 + ax2 = x2(x + a) and 3 is prime, the solutions of the first equation arex ≡ 0 (mod 3) and x ≡ −a (mod 3).

As for whether or not the second equation has any solutions, we have

x ≡ 0 (mod 7) is a solution $⇒ a ≡ 0 (mod 7);x ≡ 1 (mod 7) is a solution $⇒ a ≡ −1 (mod 7);x ≡ 2 (mod 7) is a solution $⇒ a ≡ −3 (mod 7);x ≡ 3 (mod 7) is a solution $⇒ a ≡ 1 (mod 7);x ≡ −3 (mod 7) is a solution $⇒ a ≡ −1 (mod 7);x ≡ −2 (mod 7) is a solution $⇒ a ≡ 3 (mod 7);x ≡ −1 (mod 7) is a solution $⇒ a ≡ 1 (mod 7).

The list above can be rearranged according to the possible values of a, as:

if a ≡ 0 (mod 7) then x ≡ 0 (mod 7);if a ≡ 1,−1, 3 (mod 7) then a solution is x ≡ a + 2 (mod 7);if a ≡ 1,−1,−3 (mod 7) then a solution is x ≡ a − 2 (mod 7);if a ≡ ±2 (mod 7) then there are no solutions.

If both equations in the system have a solution, then the system itself does,because (3, 7) = 1. By solving the various systems which do have solutions, weobtain

if a ≡ 0 (mod 7), then x ≡ 0,−a (mod 21);if a ≡ 1,−1, 3 (mod 7), then the solutions are x ≡ 15a+9, 8a+9 (mod 21);if a ≡ 1,−1,−3 (mod 7), then the solutions are x ≡ 15a + 12, 8a + 12(mod 21).

82 By the Chinese remainder theorem, the congruence is equivalent to the system

{x15 ≡ x27 (mod 7)

x15 ≡ x27 (mod 11)

3 Congruences 141

which can be rewritten as

{x15(x12 − 1) ≡ 0 (mod 7)

x15(x12 − 1) ≡ 0 (mod 11).

Clearly, x ≡ 0 (mod 7) and x ≡ 0 (mod 11) are solutions of the first and secondequation, respectively. If (x, 7) = 1, then by Fermat’s little theorem we have x6 ≡ 1(mod 7) and therefore x12 ≡ 1 (mod 7). So the first equation is satisfied for allintegers x, that is, it has seven solutions modulo 7.

As for the second equation, Fermat’s little theorem implies that, if (x, 11) =1, then x10 ≡ 1 (mod 11); such values of x are solutions if and only if x2 ≡ 1(mod 11), that is, (x+1)(x−1)≡ 0 (mod 11). Since 11 is prime, the only solutionsare x ≡ ±1 (mod 11). Including the solution x ≡ 0 (mod 11), there are threesolutions modulo 11.

The number of solutions modulo 77 is given by all possible combinations ofsolutions modulo 7 and solutions modulo 11 and is therefore equal to 7 · 3 = 21.

83 Because of the second condition, integers x such that x3 ≡ x (mod 7) cannot besolutions of the system. Now, x3 ≡ x (mod 7) is equivalent to x(x − 1)(x + 1) ≡0 (mod 7) and, since 7 is prime, the solutions of this equation are x ≡ 0, 1,−1(mod 7).

In particular, given that the class 0 modulo 7 cannot be a solution of the system,we may rewrite the first equation as xk−1 ≡ 1 (mod 7). A class a solves the latterequation if and only if k − 1 is a multiple of the multiplicative order of a modulo 7.One can check that the multiplicative order of classes 2 and 4 is 3, whereas that ofclasses 3 and 5 is 6. Therefore, if k ≡ 1 (mod 6) then the solutions are x ≡ 2, 3, 4, 5(mod 7); if k ≡ 1 (mod 3) but k �≡ 1 (mod 6), that is, if k ≡ 4 (mod 6), then thesolutions are x ≡ 2, 4 (mod 7), and finally if k �≡ 1 (mod 3) then there are nosolutions.

84 In order for the first equation to have solutions, it is necessary and sufficient that(a, 25) | 4, or in other words that (a, 25) = 1. The second equation is equivalent tothe system

{x2 + a ≡ 0 (mod 5)

x2 + a ≡ 0 (mod 3)

and one can check that this has solutions if and only if a ≡ 0,±1 (mod 5) anda ≡ 0,−1 (mod 3). Therefore, both initial equations have a solution for a ≡ ±1(mod 5) and a ≡ 0,−1 (mod 3).

However, because the greatest common divisor of the two moduli is (25, 15) = 5,the original system has a solution if and only if its two equations have solutions thatare congruent modulo 5.

If a ≡ 1 (mod 5) then the solutions of the first equation are congruent to−1 (mod 5), whereas those of the second equation are ±2 (mod 5). If a ≡ −1

142 3 Solutions

(mod 5) then the solutions of the first equation are congruent to 1 (mod 5) andthose of the second equation to ±1 (mod 5). Consequently, the system has asolution if and only if a ≡ −1 (mod 5) and a ≡ 0,−1 (mod 3), that is, if andonly if a ≡ −1, 9 (mod 15).

Now consider the case a = −1. The first equation yields x ≡ −4 (mod 25); thisfixes the class of solutions modulo 5, that is, x ≡ 1 (mod 5). Moreover, we know bythe argument above that solutions of the second equation satisfying this condition doexist. What is left to do is to find out which of them also satisfy x2−1 ≡ 0 (mod 3),that is, x ≡ ±1 (mod 3). By considering both the solutions modulo 25 and thosemodulo 3, we find that the solutions of the system are x ≡ −4,−29 (mod 75).

85 Both equations have a solution if and only if (a, 9) = 1. Solutions of the firstequation are given by x ≡ a−1 (mod 9), so are coprime to 9. The solution of thesecond equation is given by x ≡ 0 (mod ord(a)), where ord(a) is the order of a inthe multiplicative group (Z/9Z)∗ and so is a divisor of φ(9) = 6. In order for thesystem to have a solution we must therefore have that ord(a) is not a multiple of 3,that is, ord(a) = 1, 2.

If ord(a) = 1 then a ≡ 1 (mod 9) and the solution of the first equation is x ≡ 1(mod 9), while the second equation is satisfied for all x. So the solution of thesystem is x ≡ 1 (mod 9).

If ord(a) = 2, then a �≡ 1 (mod 9) and a2 ≡ 1 (mod 9), that is, 9 | a2 − 1 =(a + 1)(a − 1). In particular, three divides one of the factors a + 1, a − 1 butcannot divide both, since their difference is 2. It follows that 9 must divide one ofthe factors; having excluded a ≡ 1 (mod 9), we must have a ≡ −1 (mod 9).

In conclusion, the solution of the first equation is x ≡ −1 (mod 9) and that ofthe second equation is x ≡ 0 (mod 2). The solution of the system is therefore x ≡ 8(mod 18).

86 The first equation has a solution if and only if (6a − 1, 21) = 1, that is, if andonly if 3 � 6a − 1 and 7 � 6a − 1. Since 3 | 6a for all a, we have 3 � 6a − 1 forall a, whereas 7 | 6a − 1 if and only if a ≡ −1 (mod 7). So the first equation has asolution if and only if a �≡ −1 (mod 7).

The second equation always has a solution, which is expressed by the equationitself.

The greatest common divisor of the moduli of the two equations is 7, so assumingthat the first equation does have a solution the system does if and only if there aresolutions of the two equations that coincide modulo 7. Substituting the value for x

given by the second equation into the first, one obtains the condition (6a − 1)a ≡ 1(mod 7), whose solutions are a ≡ 2, 4 (mod 7).

Now remark that if a ≡ 2, 4 (mod 7) then the solution of the system is acongruence class modulo the least common multiple of the moduli, which is 105.Because of the second equation we know its congruence class modulo 35, so it isenough to glean its congruence class modulo 3 from the first equation, which clearly

3 Congruences 143

gives x ≡ −1 (mod 3). We thus obtain the system

{x ≡ −1 (mod 3)

x ≡ a (mod 35)

whose solution is x ≡ 36a + 35 (mod 105), as one can easily find.

87 By the Chinese remainder theorem, the first equation is equivalent to a systemof two congruences, one modulo 2 and one modulo 17. Since 9 ≡ 1 (mod 2),the congruence modulo 2 is satisfied for all possible values of a and x and cantherefore be disregarded. As for the congruence modulo 17, one can check that themultiplicative order of 9 modulo 17 is 8, so the congruence is satisfied if and only ifax ≡ 0 (mod 8). In particular, it has a solution for all possible values of a, and thesolution is x ≡ 0 (mod 8/(a, 8)).

Similarly, we can replace the second equation by two congruences, one modulo3 and one modulo 5. The congruence modulo 3 reduces to x2 ≡ 0 (mod 3), whichdoes not depend on a and whose solution is x ≡ 0 (mod 3). The congruencemodulo 5 reduces to x2 + ax − 1 ≡ 0 (mod 5), which has a solution if and onlyif a2 + 4 is a square modulo 5, that is, if and only if a ≡ 0, 1,−1 (mod 5). Thesolutions are, respectively, x ≡ ±1, 2,−2 (mod 5).

In conclusion, the system has a solution if and only if a ≡ 0, 1,−1 (mod 5).For a = 4 in particular, as per remarks made so far, the solution can be found via

the system

⎧⎨

⎩

x ≡ 0 (mod 2)

x ≡ 0 (mod 3)

x ≡ −2 (mod 5).

Simple calculations yield x ≡ 18 (mod 30).

88 The first equation has solutions if and only if (3, 42) = 3 | a, that is, if and onlyif a = 3b for some b ∈ Z, in which case the equation becomes x ≡ b (mod 14).Since 6 is the inverse of 6 modulo 35, the second equation is equivalent to x ≡ 6(mod 35). By using the Chinese remainder theorem, we can turn the system into

⎧⎪⎪⎨

⎪⎪⎩

x ≡ b (mod 2)

x ≡ b (mod 7)

x ≡ 6 (mod 7)

x ≡ 1 (mod 5)

which has solutions if and only if b ≡ 6 (mod 7), that is, if and only if a ≡ 18(mod 21).

144 3 Solutions

When this condition on a is satisfied, the system is equivalent to

{x ≡ b (mod 2)

x ≡ 6 (mod 35)

whose solution is x ≡ 6+ 35b (mod 70).In conclusion, the original system has a solution if and only if a ≡ 18 (mod 21).

When that is the case, its solution is x ≡ 6 (mod 70) if a ≡ 18 (mod 42) andx ≡ 41 (mod 70) if a ≡ 39 (mod 42).

89 The multiplicative order of the class of 5 modulo 24 is 4 and 52 ≡ 9 (mod 24),so the first equation is equivalent to x ≡ 2 (mod 4).

By means of the Chinese remainder theorem, split the second equation into acongruence modulo 11 and one modulo 16. Since 11 is an odd prime, the equationx2+ 2x+ 8 ≡ 0 (mod 11) can be solved using the quadratic formula, which yieldsthe solutions x ≡ 1,−3 (mod 11).

Now consider the subsystem

{x ≡ 2 (mod 4)

x2 + 2x + 8 ≡ 0 (mod 16);

if we substitute the value for x obtained from the first congruence, that is, x = 2+4t ,into the second, we obtain the equation

(2+ 4t)2 + 2(2+ 4t)+ 8 ≡ 8t ≡ 0 (mod 16),

which is satisfied if and only if t ≡ 0 (mod 2), so the solution of the subsystem isx ≡ 2 (mod 8).

So the original system is equivalent to the union of the two systems

{x ≡ 1 (mod 11)

x ≡ 2 (mod 8),

{x ≡ −3 (mod 11)

x ≡ 2 (mod 8)

whose solutions are easily computed and given by x ≡ 34 (mod 88) and x ≡ −14(mod 88), respectively.

90 The second equation has a solution if and only if 3 | a, so let a = 3b. Thecongruence 6x ≡ 3b (mod 21) is equivalent to x ≡ 4b (mod 7).

The first congruence becomes x2 ≡ 15b (mod 120) and is equivalent by theChinese remainder theorem to a system of two congruences, one modulo 8 and onemodulo 15. Keeping in mind that x2 ≡ 0 (mod 15) if and only if x ≡ 0 (mod 15),we obtain the system

⎧⎨

⎩

x2 ≡ −b (mod 8)

x ≡ 0 (mod 15)

x ≡ 4b (mod 7).

3 Congruences 145

The three moduli are pairwise relatively prime, so the system has a solution if andonly if each equation does. In order for that to be the case, since we already havethe solutions of the second and third equation, we just need to ensure that the firstequation can be solved, i.e. that −b is a square modulo 8; equivalently, that b ≡0,−1, 4 (mod 8).

In conclusion, the system has a solution if and only if a = 3b ≡ 0,−3, 12(mod 24).

For a = 45 ≡ −3 (mod 24), that is, for b = 15 (where b is defined as above),the system does have a solution and becomes

⎧⎨

⎩

x2 ≡ 1 (mod 8)

x ≡ 0 (mod 15)

x ≡ 4 (mod 7).

It is easy to check that the subsystem given by the second and third equation hasthe solution x ≡ 60 (mod 105) and that the first equation has the solutions x ≡1, 3, 5, 7 (mod 8), that is, x ≡ 1 (mod 2). The system is therefore equivalent to

{x ≡ 1 (mod 2)

x ≡ 60 (mod 105)

whose solution is x ≡ 165 (mod 210).

91 By the Chinese remainder theorem, the equation in the problem statement isequivalent to the system

{x100 ≡ a (mod 7)

x100 ≡ a (mod 11).

Let us find the number of solutions of each equation.If a ≡ 0 (mod 7), then the congruence x100 ≡ a (mod 7) has the unique

solution x ≡ 0 (mod 7).Let now a �≡ 0 (mod 7); then x ≡ 0 (mod 7) is not a solution and any potential

solution will satisfy x6 ≡ 1 (mod 7). Since 100 = 16 · 6 + 4, the equation weneed to solve is equivalent to x4 ≡ a (mod 7). The fourth powers in (Z/7Z)∗ are1, 2, 4, and so if a ≡ 3, 5, 6 (mod 7) then the equation has no solutions, whereas ifa ≡ 1, 2, 4 (mod 7) then it has two.

For a ≡ 0 (mod 11), the congruencex100 ≡ a (mod 11) has the unique solutionx ≡ 0 (mod 11).

Let now a �≡ 0 (mod 11); in this case x ≡ 0 (mod 11) is not a solution and anysolution will satisfy x10 ≡ 1 (mod 11), hence also x100 ≡ 1 (mod 11). It followsthat the equation has ten solutions if a ≡ 1 (mod 11) and no solutions if a �≡ 0, 1(mod 11).

Let us now combine the information above.

146 3 Solutions

For a ≡ 0 (mod 7) and a ≡ 0 (mod 11), that is, for a ≡ 0 (mod 77), thesystem has the unique solution x ≡ 0 (mod 77).

For a ≡ 0 (mod 7) and a ≡ 1 (mod 11), that is, for a ≡ −21 (mod 77), thefirst equation has one solution and the second one has 10, so there are ten solutionsmodulo 77.

For a ≡ 1, 2, 4 (mod 7) and a ≡ 0 (mod 11), that is, for a ≡ 22, 44, 11(mod 77), the first equation has two solutions and the second one has 1, so thereare two solutions modulo 77.

Finally, for a ≡ 1, 2, 4 (mod 7) and a ≡ 1 (mod 11), that is, for a ≡ 1, 23, 67(mod 77), the first equation has two solutions and the second one has 10, so thereare 20 solutions modulo 77.

If a does not belong to any of the above classes modulo 77 then the equation hasno solutions.

92

(i) By the Chinese remainder theorem, we can split xa ≡ 1 (mod 92) into acongruence modulo 4 and one modulo 23.The congruence xa ≡ 1 (mod 23) is solved by all elements of (Z/23Z)∗whose order divides a, and is thus equivalent to xd ≡ 1 (mod 23), whered = (a, φ(23)). Since 23 is prime, the group (Z/23Z)∗ is cyclic of orderφ(23) = 22. We conclude that the congruence xa ≡ 1 (mod 23) has d =(a, 22) solutions modulo 23.By the same argument, we obtain that xa ≡ 1 (mod 4) has (a, 2) solutionsmodulo 4.In conclusion, the equation in the problem statement has (a, 2)·(a, 22) solutionsmodulo 92.Remark that the number of solutions can also be expressed as a function of theclass of a modulo 22.If a ≡ 1, 3, 5, 7, 9, 13, 15, 17, 19, 21 (mod 22), that is, if (a, 2) = 1 and(a, 22) = 1, then the equation has a unique solution modulo 92.If a ≡ 2, 4, 6, 8, 10, 12, 14, 16, 18, 20 (mod 22), that is, (a, 2) = 2 and(a, 22) = 2, then the equation has four solutions modulo 92.If a ≡ 11 (mod 22), that is, (a, 2) = 1 and (a, 22) = 11, then the equation has11 solutions modulo 92.Finally, if a ≡ 0 (mod 22), that is, (a, 2) = 2 and (a, 22) = 22, then theequation has 44 solutions modulo 92.

(ii) By solving the second equation and splitting the first into an equation modulo 4and one modulo 23 we get

⎧⎨

⎩

xa ≡ 1 (mod 4)

xa ≡ 1 (mod 23)

x ≡ 9 (mod 23).

Remark that the set of squares in (Z/23Z)∗ coincides with the subgroup of order11. Since 11 is prime, all elements of such a subgroup except for 1 have order

3 Congruences 147

11. Now, 9 is a square and therefore its order in (Z/23Z)∗ is 11. Thus, if a �≡ 0(mod 11) then the system has no solutions, whereas if a ≡ 0 (mod 11) thenthe system is equivalent to

{xa ≡ 1 (mod 4)

x ≡ 9 (mod 23).

The equation xa ≡ 1 (mod 4) has the unique solution x ≡ 1 (mod 4) if a ≡ 1(mod 2) and the solutions x ≡ ±1 (mod 4) if a ≡ 0 (mod 2). Solving thecorresponding systems, one obtains: if a ≡ 11 (mod 22) then the solutionis x ≡ 9 (mod 92); if a ≡ 0 (mod 22) then the solutions are x ≡ 9, 55(mod 92).

93 The first congruence has a solution if and only if a ≡ 0 (mod 2), in which caseit has a unique solution modulo 11. By the Chinese remainder theorem, the secondcongruence is equivalent to the system

⎧⎨

⎩

x2 ≡ a (mod 3)

x2 ≡ −a (mod 4)

x2 ≡ 0 (mod 7).

The congruence x2 ≡ 0 (mod 7) has the unique solution x ≡ 0 (mod 7) for eachpossible value of a.

The congruence x2 ≡ −a (mod 4) has the two solutions x ≡ 0, 2 (mod 4) ifa ≡ 0 (mod 4) and has no solutions if a ≡ 2 (mod 4); as seen above, we need notconsider the classes of 1 and 3 as we may assume a is even.

Finally, x2 ≡ a (mod 3) has the unique solution x ≡ 0 (mod 3) if a ≡ 0(mod 3), the two solutions x ≡ ±1 (mod 3) if a ≡ 1 (mod 3) and no solution ifa ≡ 2 (mod 3).

In conclusion, we have the following:1 If a ≡ 1 (mod 2) then the first equation, and therefore the system, has no

solutions.2 If a ≡ 0 (mod 4) and a ≡ 0 (mod 3), that is, if a ≡ 0 (mod 12), then x2 ≡

7a (mod 84) has two solutions modulo 84 and the equation 2x ≡ a (mod 22) hasa unique solution modulo 11, so the system has two solutions modulo 84 ·11 = 924.

3 Finally, if a ≡ 0 (mod 4) and a ≡ 1 (mod 3), that is, if a ≡ 4 (mod 12),then x2 ≡ 7a (mod 84) has four solutions modulo 84 and the equation 2x ≡ a

(mod 22) has a unique solution modulo 11, so the system has four solutions modulo84 · 11 = 924.

In all remaining cases the system has no solutions because the second equationhas none.

94 Let us consider the first congruence: remark that it has no solutions when a iseven, so we must have a ≡ 1 (mod 2). In this case, ax ≡ 1 (mod 8) if x is even

148 3 Solutions

and ax ≡ a (mod 8) if x is odd, so the congruence has a solution if and only ifa ≡ 3 (mod 8), and that solution is x ≡ 1 (mod 2).

So let a = 3+ 8b. The second congruence becomes x6+16b ≡ 4 (mod 9). Notethat solutions to this congruence must be sought in (Z/9Z)∗: indeed, any solutionwill have among its powers the class of 4, which is invertible in Z/9Z. In particular,x6 ≡ 1 (mod 9), so the equation becomes x4b ≡ 4 (mod 9).

By again using the fact that sixth powers are 1 in (Z/9Z)∗, we obtain that if b ≡ 0(mod 3) then the equation has no solutions; if b ≡ 1 (mod 3) then it is equivalent tox4 ≡ 4 (mod 9) and has the solutions x ≡ ±4 (mod 9); finally, if b ≡ 2 (mod 3)

then the equation is equivalent to x2 ≡ 4 (mod 9) and has the solutions x ≡ ±2(mod 9).

In conclusion, we have the following cases:1 If a ≡ 11 (mod 24) then the solution of the first equation is x ≡ 1 (mod 2)

and those of the second are x ≡ ±4 (mod 9), so the solutions of the system arex ≡ 5, 13 (mod 18).

2 If a ≡ 19 (mod 24) then the solution of the first equation is x ≡ 1 (mod 2)

and those of the second are x ≡ ±2 (mod 9), so the solutions of the system arex ≡ 7, 11 (mod 18).

Finally, if a �≡ 11, 19 (mod 24) then one of the two equations, and therefore thesystem, has no solutions.

95 The problem is equivalent to finding the number of solutions modulo 100 ofthe equation xy ≡ 0 (mod 100), which, by the Chinese remainder theorem, isequivalent to the system

{xy ≡ 0 (mod 4)

xy ≡ 0 (mod 25).

More generally, consider the equation xy ≡ 0 (mod p2), where p is a prime, thatis, consider the condition p2 | xy. The condition is satisfied when one of the twofactors is divisible by p2, that is, congruent to zero modulo p2, and the other factoris any integer, or when both factors are divisible by p.

There are p2 pairs of the form (x, 0) and p2 of the form (0, y). But, since (0, 0)

is of both forms, the total number of pairs of this type is 2p2 − 1.Pairs of integers that are both divisible by p and not by p2 are represented by

residue classes of the form (pa, pb) with 1 ≤ a, b ≤ p − 1, and thus there are(p− 1)2 of them. We therefore have 2p2 − 1+ (p− 1)2 = 3p2 − 2p pairs in total.

By substituting the values p = 2 and p = 5, one obtains the values 8 and65, respectively. Again by the Chinese remainder theorem, the equation xy ≡ 0(mod 100) has 8 · 65 = 520 solutions.

96 The first congruence in the system has a solution if and only if 6 = (6, 72) | 4a,that is, if and only if 3 | a. If that is the case, let a = 3b: we may divide by 6 andobtain x ≡ 2b (mod 12).

3 Congruences 149

Since 1 = (5, 39) | 2, the second congruence always has the unique solutionx ≡ 16 (mod 39).

However, since (12, 39) = 3, the system itself has a solution if and only if thesolutions of the two congruences coincide modulo 3, that is, if and only if 2b ≡ 16(mod 3), or equivalently b ≡ 2 (mod 3). If this is the case, then the solution isunique modulo the least common multiple of the two moduli, that is, modulo 156.

In conclusion, there is a unique solution modulo 156 if a ≡ 6 (mod 9) and thereare no solutions otherwise.

97 In order to solve the first equation, one must find the order of 8 in the group(Z/27Z)∗, which will be a divisor of φ(27) = 18. We have 82 ≡ 10, 83 ≡−1, 86 ≡ 1 (mod 27), so the order in question is 6. Since 83 ≡ −1 (mod 27), thesolutions of the first equation are the same as the solutions of x2 − 1 ≡ 3 (mod 6).We can solve the equation modulo 2 and modulo 3 and obtain

{x ≡ 0 (mod 2)

x ≡ ±1 (mod 3).

Analogously, the second equation is equivalent to the system

{x22 + 2x ≡ 8 (mod 4)

x22 + 2x ≡ 8 (mod 11).

The first equation of the latter system can be rewritten as x22 + 2x ≡ 0 (mod 4).Since x22 ≡ x (mod 2), we have that x must be even. On the other hand, if x iseven, then both x22 and 2x are divisible by 4, so we get a solution. The solution ofthe first equation is therefore x ≡ 0 (mod 2).

One can check that x ≡ 0 (mod 11) is not a solution of the second equation.But, if x �≡ 0 (mod 11), then by Fermat’s little theorem x10 ≡ x20 ≡ 1 (mod 11),so the solutions of the second equation are the same as the solutions of x2+ 2x ≡ 8(mod 11).

Since this quadratic equation has solutions 2,−4 in Z, its solutions modulo 11must be the classes of 2 and −4, because 11 is prime.

Finally, since the solutions of the two equations in the original system coincidemodulo 2, we are left with

⎧⎨

⎩

x ≡ 0 (mod 2)

x ≡ ±1 (mod 3)

x ≡ 2,−4 (mod 11),

which yields four solutions modulo 2 · 3 · 11 = 66. By performing simplecalculations, one finds that the solutions are x ≡ 2, 40, 46, 62 (mod 66).

150 3 Solutions

98 By computing powers of 3 modulo 5, one finds that 33 ≡ 2 (mod 5) and that themultiplicative order of 3 modulo 5 is 4. We can therefore rewrite the first equationas 3x ≡ 33a (mod 5), whose solution is x ≡ 3a ≡ −a (mod 4).

The second equation splits into two equations, one modulo 3 and one modulo 8.The equation modulo 3 always has a unique solution modulo 3, because x3 ≡ x

(mod 3) for all x. As for the equation modulo 8, there are two separate possibilities.1 If a is even, then x must also be even; now, for all even x we have x3 ≡ 0

(mod 8); so there is one solution modulo 2, that is, four solutions modulo 8, if a ≡ 6(mod 8), and no solution otherwise.

2 If a is odd, then x must also be odd; in this case, since x2 ≡ 1 and x3 ≡ x

(mod 8), there is always a unique solution modulo 8.So the system has no solution for a ≡ 0, 2, 4 (mod 8). In all other cases,

solutions to the system exist if the solution of the equation modulo 4 and that ofthe equation modulo 2 or 8 are compatible.

If a is odd, that is, if a ≡ 6 (mod 8), then the equation modulo 4 has the solutionx ≡ 2 (mod 4), which is indeed compatible with the solution x ≡ 0 (mod 2). Inthis case, we have a unique solution modulo 12.

If a is odd then the equations are still compatible: indeed, we have remarked thatthe solutions modulo 8 are x ≡ a + 2 and a + 2 ≡ −a (mod 4) for a odd. There istherefore a unique solution modulo 24.

99 The first congruence has a solution if and only if 3 belongs to the subrgroupof (Z/7Z)∗ generated by a, that is, if and only if the subgroup generated by 3is contained in the subgroup generated by a. Since 3 is a generator of the group(Z/7Z)∗ (one can check that its order is 6) the argument above shows that the firstcongruence has a solution if and only if a is also a generator of the group.

Since 3 is a generator, all other generators are of the form 3i

with 0 ≤ i < 6

and (i, 6) = 1, so they are 3 and 35 = 3

−1 = 5. Any generator has order 6 andwe have 31 ≡ 3, 55 ≡ 3 (mod 7), so the first equation has the following solutions:for a ≡ 3 (mod 7), the solution x ≡ 1 (mod 6); for a ≡ 5 (mod 7), the solutionx ≡ 5 (mod 6).

As for the second congruence in the system, remark that the square of an evennumber is divisible by 4, whereas the square of an odd number is always congruentto 1 modulo 8. Though the second congruence has solutions for a ≡ 0, 4 (mod 8),we may very well disregard those, because they necessarily have x ≡ 0 (mod 2),which is incompatible with the first congruence.

It is therefore enough to consider the case where a ≡ 1 (mod 8), in whichthe solution is x ≡ 1 (mod 2), which is a condition already enforced by the firstcongruence. In conclusion, if a ≡ 3 (mod 7) and a ≡ 1 (mod 8), that is, if a ≡ 17(mod 56), then the solution is x ≡ 1 (mod 6); if a ≡ 5 (mod 7), a ≡ 1 (mod 8),that is, if a ≡ 33 (mod 56), then the solution is x ≡ 5 (mod 6).

For all other values of a we have no solutions.

3 Congruences 151

100 The first equation has a solution if and only if a �≡ 0 (mod 5). If a ≡ 1(mod 5), then all integers are solutions; if a ≡ −1 (mod 5), that is, if the order ofa in (Z/5Z)∗ is 2, then the solution is x ≡ 0 (mod 2); if a ≡ 2, 3 (mod 5), that is,if and only if the order of a in (Z/5Z)∗ is 4, the solution is x ≡ 0 (mod 4).

The second equation has a solution if and only if (a, 8) | 2, that is, if and onlyif a �≡ 0 (mod 4). If a is odd, then we have a−1 ≡ a (mod 8), so the solutionis x ≡ 2a (mod 8); note that in this case we have 2a ≡ ±2 (mod 8). If a ≡ 2(mod 4), that is, if a = 2b with b odd, the solution is x ≡ b (mod 4).

By comparing the solutions of the two equations, we conclude the following.When a is odd: for a ≡ 2, 3 (mod 5) the two equations have no common

solutions, whereas for a ≡ ±1 (mod 5), that is, for a ≡ ±1 (mod 10), solutions ofthe second equation also satisfy the first, so the solutions of the system are exactlythose of the second equation.

When a ≡ 2 (mod 4): the two equations have no solutions in common exceptfor when a ≡ 1 (mod 5); in this case, that is, when a ≡ 6 (mod 20), solutions ofthe second equation also satisfy the first, so they are the solutions of the originalsystem.

101 One can immediately check that the order of 2 in the multiplicative group(Z/13Z)∗ is 12 and that 5 ≡ 29 (mod 13). The first equation can thus be rewrittenas 29(x2−1) ≡ 2a (mod 13), which is equivalent to 9(x2 − 1) ≡ a (mod 12). Thisimplies that a must be a multiple of 3 in order for the equation to have any solutions.

So, let a = 3b; cancelling common factors yields 3(x2 − 1) ≡ b (mod 4), thatis, x2 ≡ 1 − b (mod 4). Squares of integers can only be 0 or 1 modulo 4 (0 if theinteger is even and 1 if the integer is odd). Consequently, the last equation abovehas a solution if and only if b ≡ 0, 1 (mod 4), with the solution being x ≡ 1, 0(mod 2), respectively.

The second equation in the system is equivalent to 64 = 26 | x3 and therefore to22|x, that is, x ≡ 0 (mod 4); hence we have, in particular, x ≡ 0 (mod 2). In orderfor the system to have a solution, it is enough to have b ≡ 1 (mod 4), that is, a ≡ 3(mod 12); when this is the case, the solution is x ≡ 0 (mod 4).

102 By the Chinese remainder theorem, the first equation is equivalent to thesystem

{ax ≡ 1 (mod 2)

ax ≡ 4 (mod 7).

The first of these two equations has a solution if and only if a ≡ 1 (mod 2), inwhich case all integers x are solutions.

As for the second equation in the system above, note that it has no solutionsin the following cases: when a ≡ 0 (mod 7), because ax ≡ 0 (mod 7) for all x;when a ≡ 1 (mod 7), because ax ≡ 1 (mod 7) for all x; when a ≡ −1 (mod 7),because ax ≡ ±1 (mod 7) for all x.

In all other cases, the equation does have a solution, which is listed below.

152 3 Solutions

When a ≡ 2 (mod 7), since we have 22 ≡ 4 (mod 7) and the order of 2 modulo7 is 3, the solution is x ≡ 2 (mod 3).

When a ≡ 3 (mod 7), since we have 34 ≡ 4 (mod 7) and the order of 3 modulo7 is 6, the solution is x ≡ 4 (mod 6); equivalently, x ≡ 0 (mod 2) and x ≡ 1(mod 3).

When a ≡ 4 (mod 7), since we have 41 ≡ 4 (mod 7) and the order of 4 modulo7 is 3, the solution is x ≡ 1 (mod 3).

When a ≡ 5 (mod 7), since we have 52 ≡ 4 (mod 7) and the order of 5 modulo7 is 6, the solution is x ≡ 2 (mod 6); equivalently, x ≡ 0 (mod 2) and x ≡ 2(mod 3).

Now consider the equation xa ≡ 1 (mod 9), which is satisfied for all pairs (x, a)

such that (x, 9) = 1 (or equivalently (x, 3) = 1) and a is a multiple of the order ofx modulo 9.

As shown before, the first equation in the original system has a solution ifand only if a is odd, so the only potential solutions are integers x with an oddmultiplicative order mudulo 9, that is, x ≡ 1, 4, 7 (mod 9). To be more specific,since 1 has order 1 whereas 4 and 7 have order 3, x ≡ 1 (mod 9) is a solution forall a, whereas x ≡ 4, 7 (mod 9) are solutions only if 3 | a.

In any case, solutions can only be congruent to 1 modulo 3, so we must havea ≡ 3, 4 (mod 7) in order to ensure compatibility modulo 7.

This condition is indeed sufficient: for all a in these classes the congruencemodulo 9 has among its solutions x ≡ 1 (mod 9), which is compatible withsolutions of the congruence modulo 7.

To conclude, the system has a solution if and only if a ≡ 1 (mod 2) and a ≡ 3, 4(mod 7), that is, if and only if a ≡ 3, 11 (mod 14).

103

(i) Consider the periodic sequence of all powers of 3 modulo 10:

31 = 3 ≡ 3, 32 = 9 ≡ 9, 33 = 27 ≡ 7, 34 = 81 ≡ 1.

The sequence is periodic with period 4 and the solution of the equation in theproblem statement is x ≡ 3 (mod 4).

(ii) Since powers of 3 are odd and 10 is even, x can be a solution only if 4 + x isodd, that is, if x itself is odd. Moreover, as discussed above, the residue classmodulo 10 of a power of 3 only depends on the class modulo 4 of the exponent.We have the following two cases:1 If x ≡ 1 (mod 4) then 3x ≡ 3 (mod 10) and the equation reduces to

3 ≡ 4 + x (mod 10), that is, x ≡ 9 (mod 10). By combining this with thecongruence modulo 4, we obtain the solution x ≡ 9 (mod 20).2 If x ≡ 3 (mod 4) then 3x ≡ 7 (mod 10) and the equation reduces to

7 ≡ 4 + x (mod 10), that is, x ≡ 3 (mod 10). By combining this with thecongruence modulo 4, we obtain the solution x ≡ 3 (mod 20).

3 Congruences 153

104 Clearly, the first equation cannot have a solution congruent to 0 modulo 7.But, if x �≡ 0 (mod 7), then the exponents n for which xn ≡ 1 (mod 7) are exactlythe multiples of the order of x in (Z/7Z)∗. This order must be a divisor of the orderof the group (Z/7Z)∗, which is 6. Moreover, since the exponent 2x + 1 is odd, theorder of x must be odd, so it can only be 1 (in which case x ≡ 1 (mod 7)) or 3 (inwhich case we either have x ≡ 2 or x ≡ 4 (mod 7)).

Any x ≡ 1 (mod 7) is a solution of the first equation, because 12x+1 ≡ 1(mod 7). In order for x ≡ 2, 4 (mod 7) to be a solution, the exponent must be amultiple of 3, so we must have 2x + 1 ≡ 0 (mod 3), that is, x ≡ 1 (mod 3).

The second equation does have a solution, because (4, 15) | 7; its solution is x ≡13 (mod 15), which is equivalent to the system consisting of the two congruencesx ≡ 1 (mod 3), x ≡ 3 (mod 5).

Note that the congruence modulo 3 coming from the second equation is alwayscompatible with the solution of the first equation, so the original system does havesolutions, which are given by the following system:

⎧⎨

⎩

x ≡ 1, 2, 4 (mod 7)

x ≡ 1 (mod 3)

x ≡ 3 (mod 5).

Simple calculations yield x ≡ 43, 58, 88 (mod 105).

105

(i) The system of equations

⎧⎪⎪⎪⎨

⎪⎪⎪⎩

x ≡ 1 (mod 1)

x ≡ 1 (mod 2)...

x ≡ 1 (mod 10)

does have solutions, because x = 1 satisfies all the required congruences. Now,if such a system of congruences has a solution, then it is given by a congruenceclass modulo the least common multiple of all the moduli of its equations.Let M be the least common multiple of all integers between 1 and 10, that is,M = 23 · 32 · 5 · 7; the solution of the system is x ≡ 1 (mod M). The numberof integers between 0 and k that do satisfy this congruence is "k/M#.

(ii) If x ≡ −1 (mod n) for all positive integers n then n | x + 1 for all positiveintegers n. However, the only number that is divisible by all positive integersis 0, so the only solution is given by x + 1 = 0, that is, x = −1.

(iii) If x ≡ n (mod 2n) then x = n + 2hn = n(2h + 1) for some integer h; inparticular, the requirement of the question implies that x is divisible by everyinteger n. As before, this implies x = 0; but this time 0 is not a solution, forexample because we may take n = 1 and check that 0 �≡ 1 (mod 2). So thereare no solutions in this case.

154 3 Solutions

106 The pair (x, n) is a solution of the congruence if and only if there exists aninteger t such that xn = 39+10xt . In the latter equation x divides both xn and 10xt ,so a necessary condition for it to be a solution is that x divides 39. Let us considerall possible divisors of 39.

If x = 1, then we get 1n ≡ 39 (mod 10) which clearly has no solutions.If x = 3, then we get the equation 3n ≡ 39 (mod 30) which is equivalent to the

system

{3n ≡ 0 (mod 3)

3n ≡ 9 (mod 10).

The first equation is satisfied for all n ≥ 1 whereas the second one is satisfied forn ≡ 2 (mod 4), because 3 has order 4 in (Z/10Z)∗.

If x = 13, then by a similar argument we obtain the system

{13n ≡ 0 (mod 13)

3n ≡ 9 (mod 10)

whose solution is again n ≡ 2 (mod 4).If x = 39, then the system we get is

{39n ≡ 0 (mod 39)

9n ≡ 9 (mod 10)

whose solution is n ≡ 1 (mod 2).

107 By the Chinese remainder theorem, the congruence is equivalent to the system

{x5n ≡ 1 (mod 5)

x5n ≡ 1 (mod 11).

Consider the first equation. By Fermat’s little theorem, it is equivalent to xn ≡ 1(mod 5). The solutions of this equation are those elements of (Z/5Z)∗ whose orderis a divisor of n. The possible orders of elements x of (Z/5Z)∗ are

1, if x = 1; 2, if x = −1; 4, if x = ±2.

Therefore, for n ≡ 0 (mod 4) there are four solutions, because n is a multiple ofthe order of each element. For n ≡ 2 (mod 4) there are two solutions, because n isa multiple of the order of the two elements ±1. Finally, for n odd there is a uniquesolution, because n is only a multiple of the order of 1.

Now consider the second equation. Similarly to what we just established, thesolutions of this equation are those elements of (Z/11Z)∗ whose order is a divisorof 5n. Since the group (Z/11Z)∗ is cyclic, its elements have order 1, 2, 5 or 10 andthe number of elements of order d is φ(d). So there is a single element of order 1, a

3 Congruences 155

single element of order 2, and there are four elements of order 5 and four elementsof order 10.

[[It is easy to check that 1 is the only element of order 1, −1 is the only element of order 2, and

that 3, 4, 5, 9 are the elements of order 5 and 2, 6, 7, 8 are the elements of order 10.]]As before, an element satisfies the equation if and only if its order is a divisor

of 5n. If n is even then 5n is a multiple of 10, so all ten elements of (Z/11Z)∗are solutions; if n is odd, then the solutions are given by elements whose order is adivisor of 5: they are 1 and the elements of order 5, so we get five solutions in total.

We can summarise our findings as follows.If n ≡ 0 (mod 4) then we have four solutions modulo 5 and ten solutions modulo

11, so 40 solutions in total.If n ≡ 2 (mod 4) then we have two solutions modulo 5 and ten solutions modulo

11, so 20 solutions in totalFinally, if n is odd then there is a unique solution modulo 5 and there are five

solutions modulo 11, so five solutions in total.

108

(i) Let f (x) be the quadratic polynomial x2−x+43; the congruence in the problemstatement is equivalent to the system consisting of f (x) ≡ 0 (mod 5) andf (x) ≡ 0 (mod 11), by the Chinese remainder theorem. Since 5 and 11 areodd primes, we can solve both congruences by means of the usual quadraticformula.For the congruence modulo 5, we find that the discriminant of f (x) is 32

(modulo 5), so f (x) has the two roots 2 and −1 modulo 5. As for thecongruence modulo 11, the discriminant is congruent to 42 and the two rootsare −3 and 4.Now, remark that x1 = 11 and x2 = −10 are solutions of the systemsx1 ≡ 1 (mod 5), x1 ≡ 0 (mod 11) and x2 ≡ 0 (mod 5), x2 ≡ 1 (mod 11),respectively. This implies that the original equation has four solutions, whichare given by

−3 ≡ 2x1 − 3x2 (mod 55)

19 ≡ −x1 − 3x2 (mod 55)

−18 ≡ 2x1 + 4x2 (mod 55)

4 ≡ −x1 + 4x2 (mod 55).

(ii) In order to solve the system we must check that the residue classes modulo 5of the solutions of the first equation are compatible with the second equation.The solutions of the first equation belong to the classes of 2 and −1 modulo5. In order for a solution in the class of 2 to satisfy the second equation, wemust have 2114 ≡ 2a (mod 5). Since 2 has order 4 in (Z/5Z)∗ and we have114 ≡ (−1)4 ≡ 1 (mod 4), the second equation becomes 2 ≡ 2a (mod 5),which has a solution if and only if a ≡ 1 (mod 4). So the classes of−3 and−18modulo 55 are solutions of the original system if and only if a ≡ 1 (mod 4).

156 3 Solutions

In the case of a solution congruent to −1 modulo 5, we must have (−1)114 =−1 ≡ (−1)a (mod 5), which has a solution if and only if a ≡ 1 (mod 2). Sothe classes of 19 and 4 modulo 55 are solutions of the original system if andonly if a ≡ 1 (mod 2).We may thus conclude that if a ≡ 0 (mod 2) then the system has no solutions.If a ≡ 1 (mod 2) then the system does have solutions. In particular, if wesplit the class a ≡ 1 (mod 2) into the classes a ≡ −1 (mod 4) and a ≡ +1(mod 4), then we have the following: if a ≡ −1 (mod 4) then the solutions arethe classes of 19 and 4 modulo 55; if a ≡ 1 (mod 4) then all solutions of thefirst equation satisfy the second, so the solutions of the system are the classesof −3, −18, 19, 4 modulo 55.

109

(i) The equation if equivalent to the system consisting of the two congruences x2+2x + 5 ≡ 0 (mod 5) and x2 + 2x + 5 ≡ 0 (mod 13). Since both moduli areprime, each has at most two roots. The first clearly has the solutions 0 and−2 modulo 5. As for the second, we can solve it by means of the quadraticformula: the discriminant is−4 ≡ 32 (mod 13), so the solutions are the classesof 2 and −4 modulo 13. The solutions of the equation in the problem statementare therefore those of the four systems

{x ≡ 0 (mod 5)

x ≡ 2 (mod 13),

{x ≡ −2 (mod 5)

x ≡ 2 (mod 13),{

x ≡ 0 (mod 5)

x ≡ −4 (mod 13),

{x ≡ −2 (mod 5)

x ≡ −4 (mod 13).

It is easy to check that the solutions of the two systems

{x ≡ 1 (mod 5)

x ≡ 0 (mod 13),

{x ≡ 0 (mod 5)

x ≡ 1 (mod 13).

are x1 ≡ 26 (mod 65) and x2 ≡ −25 (mod 65), respectively; it follows thatthe solutions of the four system above, and therefore the solutions of the originalequation, are: 0 · x1+ 2 · x2 ≡ 15,−2 · x1+ 2 · x2 ≡ −37, 0 · x1− 4 · x2 ≡ −30and −2 · x1 − 4 · x2 ≡ −17 (mod 65).

(ii) Letting y = 3x , we are asking for y to be a solution of the previous equation.In particular, since 3x �≡ 0 modulo 5 and since the powers of 3 modulo 13 are1, 3 and −4, we must have 3x = y ≡ −2 ≡ 3 (mod 5) and 3x = y ≡ −4(mod 13). The first of these two equations is equivalent to x ≡ 1 (mod 4)

and the second to x ≡ 2 (mod 3). In conclusion, the solution of the originalequation is given by the class of 5 modulo 12.

110 The first congruence in the system is equivalent to the two congruences x2 +2x + 2 ≡ 0 (mod 2) and x2 + 2x + 2 ≡ 0 (mod 5) by the Chinese remaindertheorem. The first of these two is clearly equivalent to x ≡ 0 (mod 2), while the

3 Congruences 157

second has discriminant Δ = 1 − 2 = −1 ≡ 22 (mod 5) and so its solutions are−1±√Δ = −1± 2, that is, 1 and 2.

As for the second equation, 7 and 22 are relatively prime, so 7 is invertiblemodulo 22; moreover, its inverse is the class of −3. The equation can therefore berewritten as x ≡ −60 ≡ 6 (mod 22), and in particular it implies x ≡ 0 (mod 2):since this is equivalent to the first of the two equations discussed in the previousparagraph, we may disregard that equation and only consider the one modulo 5. Wethus need to solve the two systems

{x ≡ 1, 2 (mod 5)

x ≡ 6 (mod 22).

Their solutions are 6 and −38 modulo 110, respectively.

111 We can split the first congruence in the system into a congruence modulo 4and one modulo 3, thus obtaining

⎧⎨

⎩

ax ≡ 2 (mod 4)

ax ≡ 2 (mod 3)

9x ≡ a2 + 2a − 3 (mod 81).

Let us first consider the subsystem formed by the last two equations, both ofwhich have a modulus that is a power of 3. The congruence ax ≡ 2 (mod 3) has asolution if and only if a ≡ 1, 2 (mod 3), in which case its solution is x ≡ 2a−1 ≡2a (mod 3).

The congruence 9x ≡ a2 + 2a − 3 (mod 81) has a solution if and only if a2 +2a − 3 ≡ 0 (mod 9). Now, a2 + 2a − 3 = (a − 1)(a + 3) ≡ 0 (mod 9) if andonly if a ≡ 1 (mod 9) or a ≡ 3 (mod 9), or a ≡ 1 (mod 3) and a ≡ 0 (mod 3),though clearly the last condition can never be satisfied.

By imposing all conditions necessary to guarantee the existence of solution forboth equations, we find that, in order for the system to have a solution, we needa ≡ 1 (mod 9).

So, let a = 1 + 9k, with k ∈ Z. We have a2 + 2a − 3 = 9k(4 + 9k) and thesubsystem becomes

{x ≡ 2 (mod 3)

x ≡ 4k (mod 9).

This system has a solution if and only if the two congruences are compatible, thatis, if 4k ≡ 2 (mod 3). So we have a solution if and only if k ≡ 2 (mod 3), that is,a ≡ 19 (mod 27), and that solution is unique modulo 9.

The congruence ax ≡ 2 (mod 4) has no solutions when a ≡ 0 (mod 4), has onesolution modulo 4 when a ≡ 1, 3 (mod 4), and has one solution modulo 2 whena ≡ 2 (mod 4).

158 3 Solutions

Since (4, 9) = 1, the Chinese remainder theorem allows us to reach the followingconclusions.

For a ≡ 1, 3 (mod 4) and a ≡ 19 (mod 27), that is, for a ≡ 73, 19 (mod 108),the system has a unique solution modulo 36, so 180/36 = 5 solutions modulo 180.

For a ≡ 2 (mod 4) and a ≡ 19 (mod 27), that is, for a ≡ 46 (mod 108), thesystem has a unique solution modulo 18, so 180/18 = 10 solutions modulo 180.

Finally, for all other values of a the system has no solutions.

112 By the Chinese remainder theorem, the first equation in the system can bereplaced by

{x131 ≡ x (mod 11)

x131 ≡ x (mod 5).

We can rewrite the first of the equations above as x(x130−1) ≡ 0 (mod 11), hence,since 11 is prime, we have x ≡ 0 (mod 11) or x130 ≡ 1 (mod 11). By Fermat’slittle theorem, we have a10 ≡ 1 (mod 11) for all a ∈ Z such that (a, 11) = 1. Sothe solutions of x130 ≡ 1 (mod 11) are given by all of the classes in (Z/11Z)∗. Itfollows that the congruence x131 ≡ x (mod 11) is satisfied for all integers x.

Similarly, x131 ≡ x (mod 5) if and only if x(x130 − 1) ≡ 0 (mod 5), that is,if and only if x ≡ 0 (mod 5) or x130 ≡ 1 (mod 5). The solutions of x130 ≡ 1(mod 5) are the classes in (Z/5Z)∗ for which x4 ≡ 1 (mod 5). We therefore havex130 ≡ (x4)32x2 ≡ x2 ≡ 1 (mod 5), and the solutions are given by x ≡ ±1(mod 5). We conclude that the solutions of the equation x131 ≡ x (mod 5) are x ≡0,±1 (mod 5), and the original system is equivalent to the union of the systems

{x ≡ 0 (mod 5)

x(x5 + 1) ≡ 0 (mod 125),{

x ≡ 1 (mod 5)

x(x5 + 1) ≡ 0 (mod 125),{

x ≡ −1 (mod 5)

x(x5 + 1) ≡ 0 (mod 125).

If x ≡ 0 (mod 5) then x5 + 1 ∈ (Z/125Z)∗, so the solution of the first system isx ≡ 0 (mod 125).

If x ≡ 1 (mod 5) then both x and x5 + 1 are coprime to 5 and hence invertiblein Z/125Z. So their product cannot be congruent to 0 modulo 125, and the secondsystem has no solutions.

Suppose x ≡ −1 (mod 5), that is, x = −1 + 5y with y ∈ Z. Such an x isinvertible modulo 125, so the second equation in the third system is equivalent to(−1 + 5y)5 + 1 ≡ 0 (mod 125). By carrying out the necessary computations weobtain

(−1+ 5y)5 + 1 ≡ 52y ≡ 0 (mod 125),

3 Congruences 159

whose solution is y ≡ 0 (mod 5). So all solutions of the third system are givenby integers of the form x = −1 + 25t with t ∈ Z, that is, by the class x ≡ −1(mod 25)

In conclusion, the solutions of the original system are x ≡ 0 (mod 125) andx ≡ −1 (mod 25).

113 By means of the Chinese remainder theorem and by inverting 13 modulo 7and modulo 19, we may rewrite the system as

⎧⎪⎪⎨

⎪⎪⎩

ax ≡ 1 (mod 11)

ax ≡ 5 (mod 7)

x ≡ 3 (mod 7)

x ≡ −1 (mod 19).

The first equation has a solution if and only if (a, 11) = 1, that is, a �≡ 0 (mod 11),in which case its solution is x ≡ a−1 (mod 11). In order for the original system tohave a solution, its two equations must also be compatible modulo 7, from whichone obtains the condition 3a ≡ 5 (mod 7), that is, a ≡ 4 (mod 7). The originalsystem has a solution if and only if

{a �≡ 0 (mod 11)

a ≡ 4 (mod 7)

or equivalently if and only if a ≡ 4, 18, 25, 32, 39, 46, 53, 60, 67, 74 (mod 77).When a belongs to one of those classes, letting b be any representative of the classof a−1 modulo 11, the system becomes

⎧⎨

⎩

x ≡ b (mod 11)

x ≡ 3 (mod 7)

x ≡ −1 (mod 19)

from which we get

{x ≡ b (mod 11)

x ≡ −39 (mod 133).

The equation that corresponds to this system is 133t − 11s = b + 39.We can use Euclid’s algorithm to obtain that 133(1)− 11(12) = 1; we can then

multiply by b + 39 to find that t = b + 39, s = 12b + 468 is a particular solutionof the equation. The solution of the system is therefore x ≡ −39 + 133(b + 39)

(mod 133 · 11), that is, x ≡ 759+ 133b (mod 1463) with b ≡ a−1 (mod 77) anda belonging to one of the classes listed above.

160 3 Solutions

114 First of all, let us determine for which values of a each equation has a solution.When solving the first equation, we may immediately exclude that x ≡ 0

(mod 7). If x �≡ 0 (mod 7), then by Fermat’s little theorem we have x6 ≡ 1(mod 7). Since 80 = 13 · 6 + 2, the equation is equivalent to x2 ≡ 2 (mod 7).One can check that the solutions of this equation are x ≡ ±3 (mod 7).

Thanks to the equality 80 = 11 · 7 + 3, the second equation can be rewrittenas 3x ≡ 2 (mod 7). By examining powers of 3 modulo 7, one finds that 32 ≡ 2(mod 7) and that residue classes of powers repeat with a period of 6. So the solutionof the second equation is x ≡ 2 (mod 6).

The third equation has a solution for all a, because (7, 10) = 1 | a. The inverseof 7 modulo 10 is 3, so its solution is x ≡ 3a (mod 10).

Now let us consider whether or not the whole system has a solution. The greatestcommon divisor of the moduli of the last two equations is 2, so we must check thatthe solutions are compatible modulo 2. The solution of the second equation impliesx ≡ 0 (mod 2), whereas the solution of the third equation implies x ≡ a (mod 2).So the system has a solution if and only if a ≡ 0 (mod 2).

Now let a = 2b and let us solve the system. The third equation can be rewritten asx ≡ 6b (mod 10), or simply as x ≡ b (mod 5), given that the correct congruencemodulo 2 is already being enforced by the previous equation. We now have threeequations whose moduli are pairwise relatively prime, so by the Chinese remaindertheorem we will find solutions modulo the product of the three moduli.

Easy computations yield the solutions 10− 42a and 80− 42a modulo 210.

115 Since 700 = 22 · 52 · 7, the Chinese remainder theorem implies that the firstequation can be replaced by the following system:

⎧⎨

⎩

x41 ≡ x (mod 4)

x41 ≡ x (mod 25)

x41 ≡ x (mod 7).

Now, remark that x41 − x = x · (x40 − 1) and that (x, x40 − 1) = 1. Therefore, foreach modulus m, the corresponding equation leads to two cases: x ≡ 0 (mod m) orx40 − 1 ≡ 0 (mod m).

For m = 4 we have the solutions x ≡ 0 (mod 4) and (x, 2) = 1. Indeed, if(x, 2) = 1 then xφ(4) = x2 ≡ 1 (mod 4), hence x40 = (x2)20 ≡ 1 (mod 4).

Similarly, for m = 25 we have the solutions x ≡ 0 (mod 25) and (x, 5) = 1.Indeed, if (x, 5) = 1 then xφ(25) = x20 ≡ 1 (mod 25) and thus x40 ≡ 1 (mod 25).

Finally, consider the case m = 7. As before, x ≡ 0 (mod 7) is a solution.If (x, 7) = 1 then we have x6 ≡ 1 (mod 7) by Fermat’s little theorem, hencex36 ≡ 1 (mod 7) and so the equation becomes x4 ≡ 1 (mod 7). The solutions ofthis equation are the elements of (Z/7Z)∗ whose order divides 4; but, because allelements of this group have an order that divides 6, the elements in question arethose whose order divides (4, 6) = 2, that is, the solutions of x2 ≡ 1 (mod 7),which are x ≡ ±1 (mod 7).

3 Congruences 161

Let us now solve the second equation of the original system. Consider it modulo4: it reduces to x ≡ 1 (mod 4). When considered modulo 25, it reduces to−5x ≡ 0(mod 25), whose solution is x ≡ 0 (mod 5). Finally, it reduces modulo 7 to 3x ≡−3 (mod 7), whose solution is x ≡ −1 (mod 7).

By combining all conditions obtained from the first and second equation, we canturn the original system into the following:

⎧⎨

⎩

x ≡ 1 (mod 4)

x ≡ 0 (mod 25)

x ≡ −1 (mod 7).

A few computations lead to the solution x ≡ 125 (mod 700).

116 The equation can be solved only if (x, 27) = 1, since x must be invertible inZ/27Z; in that case, the exponent must be x + 1 ≡ 0 (mod k), where k is the orderof x in (Z/27Z)∗.

Since φ(27) = 18, the order of each element of (Z/27Z)∗ is a divisor of 18.If x+1 ≡ 0 (mod 18), that is, if x ≡ −1 (mod 18), then x is not divisible by 3,

and so by Euler’s theorem xx+1 ≡ 1 (mod 27). So x ≡ −1 (mod 18) is a solution.Let us now consider all other possible values for the order of an element

(Z/27Z)∗ in order to check whether there are any additional solutions.If k = 9 then thanks to our initial remarks we must have x + 1 ≡ 0 (mod 9).

In particular, this equation implies that x ≡ −1 (mod 3). In this case, the orderof x modulo 3, hence its order modulo 27, is even. However, this contradicts ourassumption that the order is 9, so in this case we have no solutions.

If k = 6 then we must have x + 1 ≡ 0 (mod 6), that is, x = 6a − 1 for somea ∈ Z. If a ≥ 0, then by the binomial theorem we have (6a − 1)6a ≡ −36a2 + 1(mod 27). So (6a − 1)6a ≡ 1 (mod 27) if and only if a ≡ 0 (mod 3), that is, ifx ≡ −1 (mod 18). Again, we have no solutions. The case a < 0 can be dealt withby a similar argument, this time developing (6a − 1)−6a .

If we have k = 3 then, similarly to the case k = 9, we must have x ≡ −1(mod 3), so the order of x must be even, that is, x+1 ≡ 0 (mod 6); by the argumentabove, there are no solutions.

If k = 2 then, since the only element of order 2 in (Z/27Z)∗ is x ≡ −1(mod 27), any solution must satisfy x+1 ≡ 0 (mod 2) and thus x ≡ −1 (mod 54).Again, this yields no additional solutions.

Finally, the only element of order 1, i.e. such that k = 1, is x ≡ 1 (mod 27),which is clearly a solution.

In conclusion, the solutions are x ≡ −1 (mod 18) and x ≡ 1 (mod 27).

117 The first congruence in the system has a solution if and only if (a, 27) | 12, thatis, if (a, 27) = 1, 3. The second congruence can be split into the two congruencesa3x2 ≡ 9 (mod 3) and a3x2 ≡ 9 (mod 13). The first of those always has at leastthe solution x ≡ 0 (mod 3). As for the second, in order for it to have a solution itis necessary that a �≡ 0 (mod 13).

162 3 Solutions

Now, let g be a generator of the group (Z/13Z)∗; let a = gi , x = gj , 3 = gk . Wemust have 3i + 2j ≡ 2k (mod 12), hence i = 2i ′ must be even, that is, a must bea square modulo 13. Moreover, if i = 2i ′ then the congruence becomes 3i ′ + j ≡ k

(mod 6), whose solution is clearly j ≡ k − 3i ′ (mod 6).Let us now solve the system. By the Chinese remainder theorem, if each of

the two congruences has a solution then the only obstruction to the existence ofa solution of the system is the fact that the solutions may be incompatible modulo(27, 39) = 3. If (a, 27) = 1 then the solution of the first equation is x ≡ 12a−1

(mod 27), so in particular x ≡ 0 (mod 3), which agrees with the second equation.If (a, 27) = 3 then let a = 3b with (b, 3) = 1; the second congruence becomes27b3x2 ≡ 9 (mod 39), which, when considered modulo 3, is satisfied by allintegers.

In conclusion, the whole system has a solution if and only if each of the equationsdoes, that is, if (a, 27) = 1, 3 (i.e. a �≡ 0 (mod 9)) and a ≡ ±1,±3,±4 (mod 13)

(i.e. a is a nonzero square modulo 13).

118 First of all, let us solve each equation separately.The first congruence has a solution if and only if 2a is a square modulo 5. Since

the squares modulo 5 are 0,±1, the congruence has a solution if and only if a ≡ 0(mod 5) (one solution, namely, x ≡ 0 (mod 5)) or a ≡ ±2 (mod 5) (two solutionsin each case, namely, the two square roots of 2a).

The second congruence has a solution if and only if it does both modulo 5and modulo 7 and the solutions obtained for the two moduli are compatible. Thetwo congruences modulo 5 and 7 have a solution if the class of 3 belongs to themultiplicative subgroup generated by the class of a.

Since 3 is a generator in (Z/5Z)∗, the congruence ax ≡ 3 (mod 5) has a solutionif and only if a itself is a generator, that is, if and only if a ≡ ±2 (mod 5). Bothcases yield a unique solution modulo 4 = φ(5); moreover, the class that solvesthe congruence must be odd, otherwise ax would be a square and therefore not agenerator.

[[For a ≡ 2 (mod 5) we can find the solution x ≡ 3 (mod 4), whereas the solution for a ≡ −2

(mod 5) is x ≡ 1 (mod 4).]]Similarly, since 3 is a generator of (Z/7Z)∗, the congruence ax ≡ 3 (mod 7)

has a solution if and only if a is a generator, that is, if and only if a ≡ 3, 5(mod 7). Again, we have a unique solution modulo 6 = φ(7); moreover, by thesame argument as before, the solution must be an odd class modulo 6.

[[For a ≡ 3 (mod 7) we can find the solution x ≡ 1 (mod 6), whereas for a ≡ 5 (mod 7) the

solution is x ≡ 5 (mod 6).]]It follows that the second equation has a solution if and only if a ≡ ±2 (mod 5)

and a ≡ 3, 5 (mod 7), that is, a ≡ 3, 12, 17, 33 (mod 35): we have shown thatthis is a necessary condition, but it is also sufficient; indeed, we have remarked thatsolutions are odd, hence compatible modulo 2 = (4, 6). The solution is uniquemodulo 12, which is the least common multiple of 4 and 6.

To summarise, since the moduli of the two equations are relatively prime, thesystem has a solution if and only if both equations do, that is, if a ≡ 3, 12, 17, 33

3 Congruences 163

(mod 35). So the system can be solved for all a in the classes listed above and wehave two solutions modulo 5 for the first equation and one solution modulo 12 forthe second equation, so two solutions of the system modulo 60, which is the leastcommon multiple of 5 and 12.

119 Because 13 is an odd prime, the first equation can be solved by means ofthe usual quadratic formula (or even by trial and error): its solutions are x ≡ 3, 9(mod 13).

The second equation has a solution if and only if (a, 78) | 27. Since 78 = 2 ·3 ·13and 27 = 33, the condition is equivalent to (a, 2) = (a, 13) = 1. Let us split theequation into separate equations modulo 2, 13 and 3. For values of a that satisfythe conditions modulo 2 and modulo 13 we get the solutions x ≡ 1 (mod 2) andx ≡ a−1 (mod 13). As for the congruence modulo 3, it imposes no conditions ona; however, if (a, 3) = 1 then the only solution is x ≡ 0 (mod 3), whereas if 3 | athen all integers x are solutions.

In order for the system to have a solution, we must have solutions of the firstequation that also satisfy the second. In order for the solution x ≡ 3 (mod 13)

to satisfy the second equation we must have 3a ≡ 27 (mod 13), that is, a ≡ 9(mod 13). In order for the solution x ≡ 9 (mod 13) to satisfy the second equation,we must have 9a ≡ 27 (mod 13), that is, a ≡ 3 (mod 13).

In conclusion, the system has a solution if and only if a ≡ 1 (mod 2) anda ≡ 9, 3 (mod 13), that is, if and only if a ≡ 9, 3 (mod 26). If (a, 3) = 1(that is, if a ≡ 35, 61 (mod 78) or a ≡ 29, 55 (mod 78)), then the solutionssatisfy x ≡ 1 (mod 2), x ≡ 3, 9 (mod 13), x ≡ 0 (mod 3), so they are x ≡ 3, 9(mod 78), respectively. Finally, if 3 | a (that is, if a ≡ 9, 3 (mod 78)) then there areno constraints on the class of x modulo 3 and the solutions are x ≡ 3, 9 (mod 26),respectively.

120 By the Chinese remainder theorem, we can split the first congruence into

⎧⎨

⎩

x2 + x + 3 ≡ 0 (mod 5)

x2 − x ≡ 0 (mod 3)

30x ≡ −6 (mod 81).

Let us solve each congruence separately.Since 5 is prime, the quadratic formula yields the solutions 1 and 3 modulo 5 for

the equation x2 + x + 3 ≡ 0 (mod 5).Since 3 is prime, the solutions of x2 − x = x(x − 1) ≡ 0 (mod 3) are 0 and 1,

by the principle of zero products (or by direct verification).Dividing by 6, we obtain that 30x ≡ −6 (mod 81) is equivalent to 5x ≡ −1

(mod 27) and, multiplying by 11 which is the inverse of 5, we get x ≡ 16 (mod 27).The original system is therefore equivalent to the union of the systems

⎧⎨

⎩

x ≡ 1, 3 (mod 5)

x ≡ 0, 1 (mod 3)

x ≡ 16 (mod 27).

164 3 Solutions

If x ≡ 0 (mod 3) then the subsystem consisting of the last two equations, and thusthe system itself, has no solutions. The subsystem

{x ≡ 1 (mod 3)

x ≡ 16 (mod 27),

on the contrary, has the solution x ≡ 16 (mod 27).The solutions of the original system are therefore those classes modulo 5 · 27 =

135 that satisfy either of the two systems

{x ≡ 1, 3 (mod 5)

x ≡ 16 (mod 27).

It is easy to check that the solutions are x ≡ 16 (mod 135) and x ≡ 43 (mod 135).

121 By the Chinese remainder theorem, the congruence in the problem statementis equivalent to the system

⎧⎨

⎩

x(x100 − 1) ≡ 0 (mod 7)

x(x100 − 1) ≡ 0 (mod 11)

x(x100 − 1) ≡ 0 (mod 13).

Let p be a prime, and let us find the number of solutions of the equation x(x100 −1) ≡ 0 (mod p). Since p is prime, the product is 0 if and only if one of the twofactors is 0, so we have x ≡ 0 (mod p) or x100 ≡ 1 (mod p). The solutions ofthe equation x100 ≡ 1 (mod p) are given by the elements of (Z/pZ)∗ whose orderdivides 100. Since the order of each element is a divisor of the order of the group,the solutions are given by those elements whose order divides (100, p − 1). Weknow that (Z/pZ)∗ is cyclic and has order a multiple of (100, p− 1), so it containsexactly (100, p − 1) solutions of the equation x100 ≡ 1 (mod p). Therefore, theinitial equation has (100, p − 1)+ 1 solutions.

It follows that the three equations in the system have (100, 6)+ 1 = 3 solutionsmodulo 7, (100, 10)+ 1 = 11 solutions modulo 11 and (100, 12)+ 1 = 5 solutionsmodulo 13, respectively.

We obtain the solutions of the systems by combining any solution modulo 7with any solution modulo 11 and any solution modulo 13; they are the solutions of3 · 11 · 5 = 165 systems of the form

⎧⎨

⎩

x ≡ a (mod 7)

x ≡ b (mod 11)

x ≡ c (mod 13).

3 Congruences 165

By the Chinese remainder theorem, each of these systems has a unique solutionmodulo 7 · 11 · 13 = 1001; no two systems can have the same solution, so theoriginal equation has 165 solutions.

122 If we consider the congruence modulo 2, we find that all solutions x must beeven, so we may set x = 2y. The equation becomes 25y5− 25y = 25y(y4− 1) ≡ 0(mod 210), hence y(y4 − 1) ≡ 0 (mod 25). Remark that exactly one among y andy4 − 1 is even, so we either have y ≡ 0 (mod 25) or y4 − 1 ≡ 0 (mod 25).

The solutions of the congruence y ≡ 0 (mod 25) are given by x ≡ 0 (mod 26),so by 24 residue classes modulo 210.

Consider now the congruence y4 − 1 ≡ 0 (mod 25). We can factor thepolynomial and obtain y4 − 1 = (y − 1)(y + 1)(y2 + 1) ≡ 0 (mod 25).

If y is a solution then it is odd and the three factors y−1, y+1 and y2+1 are alleven. On the other hand, an immediate check yields that y2 + 1 ≡ 2 (mod 4), thatis, y2 + 1 is divisible by 2 but not by 4; the congruence is therefore equivalent to(y−1)(y+1) ≡ 0 (mod 24). Now, since y−1 and y+1 are two consecutive evennumbers, one is exactly divisible by 2, so the solutions are y ≡ 1 (mod 23) andy ≡ −1 (mod 23). In other words, in this case we have the solutions x = 2y ≡ ±2(mod 24), that is, 2 · 26 = 27 solutions modulo 210.

The congruence in the problem statement thus has 24 + 27 = 144 solutionsmodulo 210.

123 Let us start by solving the first congruence. One can check that, in (Z/17Z)∗,we have ord(2) = 8, ord(3) = 16 and 2 = 314. The first congruence in the systemis thus the same as 314x ≡ 3x+a2

(mod 17), which is equivalent to 14x ≡ x + a2

(mod 16). The solution is x ≡ 5a2 (mod 16).The congruence 3x ≡ a23 (mod 24) has a solution if and only if 3 =

(3, 24) | a23, that is, if and only if a ≡ 0 (mod 3). When that is the case, by theChinese remainder theorem the original system is equivalent to

⎧⎨

⎩

x ≡ 5a2 (mod 16)

3x ≡ a23 (mod 3)

3x ≡ a23 (mod 8).

Since the second equation is always satisfied and the third has the solution x ≡ 3a23

(mod 8), the system itself has a solution if and only if 8 = (16, 8) | 5a2− 3a23, thatis, if and only if 5a2 − 3a23 ≡ 0 (mod 8).

Now, the congruence a2(5−3a21) ≡ 0 (mod 8) is satisfied if and only if a2 ≡ 0(mod 8) or 5 − 3a21 ≡ 0 (mod 8), because the two factors always have differentparity. Let us solve these two equations separately. For the first one, we have a2 ≡ 0(mod 8) if and only if a ≡ 0 (mod 4); for the second one, 5 − 3a21 ≡ 0 (mod 8)

if and only if a21 ≡ −1 (mod 8), which, since we have a2 ≡ 1 (mod 8) becauseof a being odd, is equivalent to a ≡ −1 (mod 8).

166 3 Solutions

By combining the conditions found above, we obtain that the system has asolution if and only if

{a ≡ 0 (mod 3)

a ≡ 0 (mod 4)or

{a ≡ 0 (mod 3)

a ≡ −1 (mod 8).

In other words, the system has a solution if and only if a ≡ 0, 12, 15 (mod 24) andit has no solution if a belongs to any of the remaining residue classes modulo 24.

124 The first equation has a solution if and only if 3 = (3, 9) | a + 1, that is, ifand only if a ≡ 2 (mod 3). So if a �≡ 2 (mod 3) then the system has no solutions.Assume that a ≡ 2 (mod 3) and let a = 2 + 3b with b ∈ Z. The first equationbecomes x ≡ b + 1 (mod 3).

By the Chinese remainder theorem, the second equation is equivalent to thesystem

{(x − 1)(x − a) ≡ 0 (mod 3)

(x − 1)(x − a) ≡ 0 (mod 5).

Since 3 and 5 are primes, by the principle of zero products the solutions of the firstequation are x ≡ 1 (mod 3) and x ≡ a ≡ 2 (mod 3), and those of the secondequation are x ≡ 1 (mod 5) and x ≡ a ≡ 2+ 3b (mod 5). We have found that thesystem is equivalent to

⎧⎨

⎩

x ≡ b + 1 (mod 3)

x ≡ 1, 2 (mod 3)

x ≡ 1, 3b+ 2 (mod 5)

and so it has a solution if and only if the two equations modulo 3 are compatible. Inparticular, if b ≡ 2 (mod 3) (that is, if a ≡ 8 (mod 9)) then there are no solutions;if b ≡ 0 (mod 3) (that is, if a ≡ 2 (mod 9)) then the system is equivalent to

{x ≡ 1 (mod 3)

x ≡ 1, 3b + 2 (mod 5);

finally, if b ≡ 1 (mod 3) (that is, if a ≡ 5 (mod 9)) then the system is equivalentto

{x ≡ 2 (mod 3)

x ≡ 1, 3b + 2 (mod 5).

Let us find the number of solutions of the first of these last two systems: if the twosolutions of the equation modulo 5 coincide, that is, if 2 + 3b ≡ 1 (mod 5), orequivalently if b ≡ 3 (mod 5), then the system has a unique solution modulo 15,so six solutions modulo 90. If b �≡ 3 (mod 5) then the system has two solutions

3 Congruences 167

modulo 15, so 12 solutions modulo 90. The same argument also applies to thesecond system.

As for the system in the problem statement, we come to the following conclusionby combining the information above: if a ≡ 0, 1 (mod 3) then the first equation,and thus the system itself, has no solutions; if a ≡ 2 (mod 3) then there are a fewcases to consider.

1 If a ≡ 8 (mod 9) then the equations are not compatible modulo 3, so thesystem has no solutions. 2 If a ≡ 2 (mod 9) then the system has either sixsolutions modulo 90 (when a ≡ 11 (mod 45)) or 12 solutions modulo 90 (whena ≡ 2, 20, 29, 38 (mod 45)). 3 Finally, if a ≡ 5 (mod 9) then the system haseither six solutions modulo 90 (when a ≡ −4 (mod 45)) or 12 solutions modulo90 (when a ≡ 5, 14, 23, 32 (mod 45)).

125 First of all, let us solve each equation separately. The first equation is x2(x25−1) ≡ 0 (mod 144) which, by the Chinese remainder theorem, is equivalent to thesystem

{x2(x25 − 1) ≡ 0 (mod 16)

x2(x25 − 1) ≡ 0 (mod 9).

Notice that x2 and x25 − 1 are relatively prime for all integers x. In the first ofthe two equations above, this implies that we either have x2 ≡ 0 (mod 16), hencex ≡ 0 (mod 4), or x25 ≡ 1 (mod 16), hence in particular (x, 2) = 1. In the lattercase, since φ(16) = 8, Euler’s theorem implies x8 ≡ 1 (mod 16), which yieldsx25 = x1+3·8 ≡ x (mod 16) and therefore the solution x ≡ 1 (mod 16).

Similarly, for the second equation we either have x2 ≡ 0 (mod 9), hence x ≡ 0(mod 3) or, using the fact that φ(9) = 6, we have x25 = x1+6·4 ≡ x (mod 9),which yields the additional solution x ≡ 1 (mod 9).

Consider the second equation in the original system, that is, 10x ≡ a (mod 25)

with a ∈ Z. In order for this equation to have a solution we must have 5 = (25, 10) |a, so a = 5b for some b ∈ Z. Dividing by five yields the equivalent equation 2x ≡ b

(mod 5), hence the solution x ≡ 2−1b ≡ 3b (mod 5).Finally, consider the third equation, that is, 2x−1 ≡ 4 (mod 11). Since we have

22 ≡ 4 (mod 11), the equation always has a solution. Let us find the multiplicativeorder of 2 (mod 11); we have 22 ≡ 4 and 25 ≡ −1 (mod 11), so 2d �≡ 1 (mod 11)

for all maximal divisors of 10 = φ(11), hence the order we want is 10. Therefore,the solution of the equation is x − 1 ≡ 2 (mod 10), that is, x ≡ 3 (mod 10). Bythe Chinese remainder theorem, this solution can be expressed as the solution of thesystem

{x ≡ 1 (mod 2)

x ≡ 3 (mod 5).

168 3 Solutions

Let us now turn back to the original system. Again by the Chinese remaindertheorem, the solutions of its equations are certainly compatible when their resultingmoduli are relatively prime. The compatibilities we need to check are the following.

The first equation implies x ≡ 0 (mod 4) or x ≡ 1 (mod 16), whereas fromthe third we get x ≡ 1 (mod 2). We must therefore exclude the case where x ≡ 0(mod 4) and, since x ≡ 1 (mod 16) implies x ≡ 1 (mod 2), the condition to keepis x ≡ 1 (mod 16).

Moreover, from the second equation we obtain that x ≡ 3b (mod 5), whereasx ≡ 3 (mod 5) because of the third equation. The two are compatible for b ≡ 1(mod 5) and they give the condition x ≡ 3 (mod 5).

To summarise: a necessary and sufficient condition for the system to have asolution is a = 5b with b ≡ 1 (mod 5), that is, a ≡ 5 (mod 25). When thisholds, the solutions are those of the two systems

⎧⎨

⎩

x ≡ 1 (mod 16)

x ≡ 0 (mod 3)

x ≡ 3 (mod 5)

⎧⎨

⎩

x ≡ 1 (mod 16)

x ≡ 1 (mod 9)

x ≡ 3 (mod 5).

Simple calculations yield the solutions x ≡ 33 (mod 240) and x ≡ 433(mod 720).

126 We can simplify the first equation by dividing it by 2, which yields

22y2−5y+3 ≡ 1 (mod 18).

So 22y2−5y+3 must be invertible (mod 18), hence (22y2−5y+3, 18) = 1. This is thecase if and only if 2y2−5y+3 = (y−1)(2y−3) = 0, which, since we are lookingfor integer solutions, implies y = 1.

Now consider the third equation. One can immediately check that x ≡ −1(mod 100) is a solution. On the other hand, if x is a solution then we must have(x, 100) = 1, and so by Euler’s theorem xφ(100) = x40 ≡ 1 (mod 100). Sincethe inverse of 23 modulo 40 is 7, the equation x23 ≡ −1 (mod 100) impliesx ≡ x23·7 ≡ (−1)7 ≡ −1 (mod 100). It follows that the only solution of thethird equation is x ≡ −1 (mod 100). It will be useful later to express this solution,by means of the Chinese remainder theorem, in the form of the system

{x ≡ −1 (mod 4)

x ≡ −1 (mod 25).

Finally, consider the second equation. We can substitute the value y = 1, whichyields (2x2 + 17)(2x2 + 5x + 2)−1 ≡ 1 (mod 592).

By factoring, we get 592 = 24 · 37 and 2x2 + 5x + 2 = (x + 2)(2x + 1). So2x2+5x+2 is invertible modulo 592 if and only if x+2 and 2x+1 are both invertiblemodulo 2 and modulo 37. The condition x ≡ −1 (mod 100), which implies that x

is odd, ensures that both x + 2 and 2x + 1 are invertible modulo 2. Invertibility

3 Congruences 169

modulo 37 is equivalent to x + 2 �≡ 0 (mod 37), that is, x �≡ −2 (mod 37), and2x + 1 �≡ 0 (mod 37), that is, x �≡ 18 (mod 37).

If these conditions are satisfied, then (2x2+17)(2x2+5x+2)−1 ≡ 1 (mod 592)

is equivalent to x ≡ 3 (mod 592), which is compatible with both x ≡ −1 (mod 4)

and x �≡ −2, 18 (mod 37). It follows that (x, 1) is a solution of the original systemif and only if x is a solution of the system of congruences

⎧⎨

⎩

x ≡ 3 (mod 16)

x ≡ 3 (mod 37)

x ≡ −1 (mod 25).

A few calculations show that the system above is equivalent to x ≡ 7699(mod 14800), so the solutions of the original system are all pairs of the form(7699+ 14800t, 1) with t ∈ Z.

127 The second congruence has a solution if and only if (a, 10) = 1, in which caseits solution is x ≡ a−1 (mod 10); in particular, we have (x, 10) = 1.

The first congruence is equivalent to the system

{ax ≡ 1 (mod 11)

ax ≡ 1 (mod 7).

A necessary condition for the two equations in the system above to have a solution isthat a �≡ 0 (mod 11) and a �≡ 0 (mod 7). Both conditions are definitely compatiblewith (a, 10) = 1, because (10, 77) = 1.

Assume that a �≡ 0 (mod 11); by Fermat’s little theorem, we have a10 ≡ 1(mod 11). But, in order for the system to have a solution, we must also have ax ≡ 1(mod 11) for some x such that (x, 10) = 1. Therefore, the order of a in (Z/11Z)∗must be a divisor of (x, 10) = 1, so we must have a ≡ 1 (mod 11). If this holds,then all integers x satisfy the equation ax ≡ 1 (mod 11).

Assuming that a �≡ 0 (mod 7), the fact that solutions of the second equationmust be odd implies that the order of a in (Z/7Z)∗ must be a divisor of an oddinteger, and therefore be odd itself. Since the order of every element of (Z/7Z)∗ is adivisor of 6, we must either have ord(a) = 1, that is, a ≡ 1 (mod 7), or ord(a) = 3,that is, a ≡ 2, 4 (mod 7). If a ≡ 1 (mod 7) then the equation ax ≡ 1 (mod 7) issatisfied for all integers x. If a ≡ 2, 4 (mod 7) then the solution of the equationax ≡ 1 (mod 7) is x ≡ 0 (mod 3). This solution is guaranteed to be compatiblewith x ≡ a−1 (mod 10) because (3, 10) = 1.

To summarise, in order for the system to have a solution we must have: (a, 10) =1, a ≡ 1 (mod 11), a ≡ 1, 2, 4 (mod 7).

First, consider the case of a ≡ 1 (mod 7). All integers x are solutions of the firstequation, so the solution of the system is x ≡ a−1 (mod 10). Depending on the

170 3 Solutions

value of a, we have

a ≡ 1 (mod 10) $⇒ a ≡ 1 (mod 770), x ≡ 1 (mod 10),

a ≡ 3 (mod 10) $⇒ a ≡ 463 (mod 770), x ≡ 7 (mod 10),

a ≡ 7 (mod 10) $⇒ a ≡ 617 (mod 770), x ≡ 3 (mod 10),

a ≡ 9 (mod 10) $⇒ a ≡ 309 (mod 770), x ≡ 9 (mod 10).

Now consider the case of a ≡ 2, 4 (mod 7). We have

a ≡ 1 (mod 10) $⇒ a ≡ 331, 221 (mod 770), x ≡ 21 (mod 30),

a ≡ 3 (mod 10) $⇒ a ≡ 23, 683 (mod 770), x ≡ 27 (mod 30),

a ≡ 7 (mod 10) $⇒ a ≡ 177, 67 (mod 770), x ≡ 3 (mod 30),

a ≡ 9 (mod 10) $⇒ a ≡ 639, 529 (mod 770), x ≡ 9 (mod 30).

128 By the Chinese remainder theorem, we can split the equation modulo 200 intoone modulo 8 and one modulo 25, thus obtaining the following system

⎧⎨

⎩

7x ≡ a (mod 8)

(x + a)4 ≡ 0 (mod 8)

(x + a)4 ≡ 0 (mod 25)

which is equivalent to the original one.A necessary condition for the first equation above to have a solution is that a ≡

±1 (mod 8); in particular, a must be odd. This implies that in the second equationx must also be odd. On the other hand, if both a and x are odd, then 2 | a + x,so 16 | (a + x)4 and thus the second equation is satisfied. Going back to the firstequation, x being odd implies a ≡ 7 (mod 8). Conversely, if a ≡ 7 (mod 8) thenthe first two equations have the unique solution x ≡ 1 (mod 2).

The third equation has a solution for each value of a, namely x ≡ −a (mod 5):as before, if 5 | x + a then 54 | (x + a)4.

In conclusion, the system has a solution if and only if a ≡ 7 (mod 8), and thesolutions are the following.

If a ≡ 0 (mod 5), that is, if a ≡ 15 (mod 40), then x ≡ 0 (mod 5) and x ≡ 1(mod 2), that is, x ≡ 5 (mod 10).

If a ≡ 1 (mod 5), that is, if a ≡ 31 (mod 40), then x ≡ 4 (mod 5) and x ≡ 1(mod 2), that is, x ≡ 9 (mod 10).

If a ≡ 2 (mod 5), that is, if a ≡ 7 (mod 40), then x ≡ 3 (mod 5) and x ≡ 1(mod 2), that is, x ≡ 3 (mod 10).

If a ≡ 3 (mod 5), that is, if a ≡ 23 (mod 40), then x ≡ 2 (mod 5) and x ≡ 1(mod 2), that is, x ≡ 7 (mod 10).

If a ≡ 4 (mod 5), that is, if a ≡ 39 (mod 40), then x ≡ 1 (mod 5) and x ≡ 1(mod 2), that is, x ≡ 1 (mod 10).

3 Congruences 171

129 Consider the first equation. In order for it to have a solution we must have(7a, 49) | a. The greatest common divisor (7a, 49) can take one of two possiblevalues.

If 7 � a then (7a, 49) = 7 and the necessary condition 7 | a is not satisfied, so wehave no solutions. If 7 | a then (7a, 49) = 49 and the necessary condition becomes49 | a, that is, a ≡ 0 (mod 49). The equation 7ax ≡ a (mod 49) becomes 0 ≡ a

(mod 49), which is always satisfied in this case.To summarise, the first equation has a solution if and only if a ≡ 0 (mod 49), in

which case it is satisfied for all integers.As for the second equation, we shall distinguish three separate cases.1 If x ≡ 0 (mod 3) then we have xa ≡ 0a ≡ 0 (mod 3) for all a > 0; the

equation cannot be satisfied for a = 0 or a < 0, because x is not invertible modulo3. So in this case we have no solutions for any value of a. 2 If x ≡ 1 (mod 3)

then the equation is satisfied for all a ∈ Z. 3 Finally, if x ≡ 2 (mod 3) then theequation becomes 2a ≡ 1 (mod 3), which is satisfied if and only if a ≡ 0 (mod 2).

So the solution of the second equation is x ≡ 1 (mod 3) for all a ∈ Z, and wehave the additional solution x ≡ 2 (mod 3) if a ≡ 0 (mod 2).

In conclusion, the solutions of the original system can be described as follows.If a ≡ 0 (mod 49) and a ≡ 0 (mod 2), that is, if a ≡ 0 (mod 98), then we have

the solutions x ≡ 1, 2 (mod 3). If a ≡ 0 (mod 49) and a �≡ 0 (mod 2), that is, ifa ≡ 49 (mod 98), then we have the solution x ≡ 1 (mod 3). For all other valuesof a ∈ Z there are no solutions, because there are no solutions of the first equation.

130 Let us solve the first equation. Since we have 1000 = 8 · 125, by the Chineseremainder theorem the equation is equivalent to the system

{x3 ≡ 0 (mod 8)

x3 ≡ 23 (mod 125).

The solutions of x3 ≡ 0 (mod 8) are obviously given by all even x. As for thesecond equation in the system above, remark that 2 is invertible modulo 125, so x isas well. We may thus solve the equation in (Z/125Z)∗ by rewriting it as (x/2)3 ≡ 1(mod 125); since 3 does not divide |(Z/125Z)∗| = φ(125) = 100, we get x/2 ≡ 1(mod 125). We can therefore conclude that the equation x3 ≡ 8 (mod 125) has theunique solution x ≡ 2 (mod 125).

We can combine the solutions via the system

{x ≡ 2 (mod 125)

x ≡ 0 (mod 2)

whose solutions are x ≡ 2, 252, 502, 752 (mod 1000). So we obtain the foursystems

{x ≡ 0, 252, 502, 752 (mod 1000)

x ≡ 2 (mod 3)

172 3 Solutions

with the additional constraint that 0 ≤ x < 3001. Again by the Chinese remaindertheorem, each system has a unique solution modulo 3000, so we have exactly foursolutions.

131

(i) Let us solve the congruence x36 ≡ x (mod 9) by distinguishing two cases.1 If (x, 3) �= 1 then x = 3y for some y ∈ Z. Consequently, x36 = (3y)36 ≡

336y36 ≡ 0 (mod 9), so x ≡ x36 ≡ 0 (mod 9).2 If (x, 3) = 1 then x ∈ (Z/9Z)∗. In this case the equation is equivalent to

x35 ≡ 1 (mod 9). By Euler’s theorem we have xφ(9) = x6 ≡ 1 (mod 9) andthus x35 ≡ x−1 (mod 9). The equation becomes x−1 ≡ 1 (mod 9), that is,x ≡ 1 (mod 9).In conclusion, the congruence has the two solutions x ≡ 0, 1 (mod 9).

(ii) Let us now solve the congruence x2 − x = x(x − 1) ≡ 0 (mod 64). Clearly, x

and x − 1 are relatively prime, so the only solutions are x ≡ 0 (mod 64) andx ≡ 1 (mod 64).The solutions of the original system are therefore those of the four systems

{x ≡ 0 or 1 (mod 9)

x ≡ 0 or 1 (mod 64).

Carrying out the necessary calculations yields x ≡ 0, 1, 64, 513 (mod 576).

132 If a = 0 then the equation is an identity and is satisfied by all classes modulo584; we shall therefore assume that a > 0. We have 584 = 23 · 73 and xa+5− xa −x5+1 = (xa−1)(x5−1). By the Chinese remainder theorem, the original equationis equivalent to the system

{(x5 − 1)(xa − 1) ≡ 0 (mod 8)

(x5 − 1)(xa − 1) ≡ 0 (mod 73).

Consider the first equation in the system. First of all, remark that it is not satisfiedfor any even number. Moreover, since the square of any odd number is congruent to1 modulo 8, assuming x is odd we have x5 ≡ x (mod 8), whereas xa is congruentto 1 if a is even and to x if a is odd.

Therefore, if a ≡ 0 (mod 2) then

(x5 − 1)(xa − 1) ≡ 0 (mod 8) ⇐⇒ x ≡ 1 (mod 2),

whereas if a ≡ 1 (mod 2) then

(x5 − 1)(xa − 1) ≡ 0 (mod 8) ⇐⇒ (x − 1)2 ≡ 0 (mod 8)

⇐⇒ x ≡ 1 (mod 4).

3 Congruences 173

Let us now move on to the second equation. The number 73 is prime, so theprinciple of zero products holds modulo 73; we have

(x5 − 1)(xa − 1) ≡ 0 (mod 73) ⇐⇒ x5 ≡ 1 (mod 73) or xa ≡ 1 (mod 73).

Now, x5 ≡ 1 (mod 73) if and only if the order x in (Z/73Z)∗ divides 5. Since theorder of x must also divide φ(73) = 72 and (5, 72) = 1, we have x5 ≡ 1 (mod 73)

if and only if x ≡ 1 (mod 73). By the same argument, xa ≡ 1 (mod 73) if andonly if x(a,72) ≡ 1 (mod 73). Since (Z/73Z)∗ is cyclic, this equation has exactly(a, 72) solutions modulo 73. In particular, the unique solution x ≡ 1 (mod 73) ofx5 − 1 ≡ 0 (mod 73) is also a solution of xa − 1 ≡ 0 (mod 73).

Going back to the original system, its second equation has (a, 72) solutionsmodulo 73 and its first equation has one solution modulo 2 (that is, four solutionsmodulo 8) if a is even, and one solution modulo 4 (that is, two solutions modulo 8)if a is odd. By the Chinese remainder theorem, we conclude that there are 4(a, 72)

solutions modulo 584 if a is even and 2(a, 72) solutions if a is odd.

133 By the Chinese remainder theorem, the congruence is equivalent to thefollowing system:

{x5 − 4x + 400 ≡ 0 (mod 210)

x5 − 4x + 400 ≡ 0 (mod 510).

The first equation implies x ≡ 0 (mod 4). By letting x = 4y, we have x5 ≡210y5 ≡ 0 (mod 210), hence y ≡ 25 (mod 26), so x ≡ 100 (mod 28).

The second equation in the system implies x5 − 4x + 400 ≡ 0 (mod 52), fromwhich we get x(x4 + 1) ≡ 0 (mod 25). Now, either x4 + 1 ≡ 1 or x4 + 1 ≡ 2(mod 5) by Fermat’s little theorem; in particular, x4+1 is always invertible modulo25. It follows that we have x(x4+1) ≡ 0 (mod 25) if and only if x ≡ 0 (mod 25),that is, if and only if x = 52t for some t ∈ Z. By substituting this condition into theinitial equation we obtain

510t5 − 2252t + 2452 ≡ −2252t + 2452 ≡ 0 (mod 510)

which yields t ≡ 4 (mod 58) and x ≡ 100 (mod 510). The initial system becomes

{x ≡ 100 (mod 28)

x ≡ 100 (mod 510)

whose solution is x ≡ 100 (mod 28·510). In conclusion, we have 1010/(28·510) = 4solutions modulo 1010.

174 3 Solutions

4 Groups

134 We show that B and C are subgroups of Hom(G,G′), whereas A and D arenot.

The neutral element in Hom(G,G′) is the zero homomorphism, that is, thehomomorphism e such that e(x) = 0 for all x ∈ G. The additive inverse of ahomomorphism f is the homomorphism −f such that (−f )x = −f (x) for allx ∈ G.

We have e ∈ B, because Ker(e) = G ⊇ H . If f, g ∈ B and h ∈ H thenf (h) = g(h) = 0, so (f + g)(h) = 0 and f + g ∈ B. Finally, if f ∈ B and h ∈ H

then f (h) = 0, so (−f )(h) = 0 and thus −f ∈ B.Therefore, B is a subgroup of Hom(G,G′). Similarly, C is a subgroup of

Hom(G,G′). Indeed, we have e ∈ C, because e(G) = 0 ∈ H ′. Moreover, iff, g ∈ C and x ∈ G then f (x), g(x) ∈ H ′, hence f (x) + g(x) ∈ H ′ andthus f + g ∈ C. Finally, if f ∈ C and x ∈ G then f (x) ∈ H ′, hence(−f )(x) = −f (x) ∈ H ′ and thus −f ∈ C.

Remark that, since H and H ′ are proper nontrivial subgroups of G and G′, thezero homomorphism e of Hom(G,G′) does not belong to A nor to D, so thosecannot be subgroups of Hom(G,G′).

135

(i) Since Z/mnZ � Z/mZ× Z/nZ when m and n are relatively prime, we have

G ∼= (Z/2Z× Z/4Z)× Z/3Z× Z/5Z.

Let G2 = Z/2Z × Z/4Z, G3 = Z/3Z, G5 = Z/5Z. Given (x, y, z) ∈ G2 ×G3 ×G5, we have o(x, y, z) = [o(x), o(y), o(z)] = o(x)o(y)o(z).Therefore, (x, y, z) has order 60 if and only if o(x) = 4, o(y) = 3, o(z) = 5.There are four elements of order 4 in G2, that is, all elements of G2 exceptfor the four pairs (x1, x2) such that 2(x1, x2) = (0, 0). There are two elementsof order 3 in G3: all elements of G3 except for the identity. Finally, there arefour elements of order 5 in G5: all of them except for the identity. So there are4 · 2 · 4 = 32 elements of order 60 in G.

(ii) As before, (x, y, z) has order 30 if and only if o(x) = 2, o(y) = 3, o(z) = 5.There are three pairs (x1, x2) ∈ G2 of order 2, that is, the four pairs such that2(x1, x2) = (0, 0), except for the identity. So the number of elements of G

having order 30 is 24.Now, each element of order 30 generates a cyclic subgroup of order 30. On theother hand, the same cyclic subgroup of order 30 can be generated by any ofits elements of order 30, of which there are φ(30) = 8. So the number of allcyclic subgroups of G whose order is 30 is 24/8 = 3.

(iii) All homomorphisms f : Z/12Z −→ G are of the form f (n) = ng for someg ∈ G. Indeed, if f (1) = g then by the homomorphism property we havef (n) = f (1 + · · · + 1) = g + · · · + g = ng. Clearly any such map, if

4 Groups 175

well defined, is a homomorphism, because we have f (m+ n) = (m+ n)g =mg + ng = f (m)+ f (n).The condition for the map to be well defined is m = n⇒ mg = ng. If we alsoask that the resulting homomorphism is injective, the condition becomes

m = n⇐⇒ mg = ng.

This condition is satisfied if and only if ord(g) = 12. Again, (x, y, z) has order12 if and only if ord(x) = 4, ord(y) = 3, ord(z) = 1. Previous calculationsimply that there are eight elements of order 12 in G, so the number of allinjective homomorphisms f : Z/12Z −→ G is 8.

136

(i) The identity map Id : Z/72Z −→ Z/72Z, Id(x) = x, which is the neutralelement of G, belongs to H , because Id(12) = 12.Given f, g ∈ H of the form f (x) = ax and g(x) = bx with (a, 72) =(b, 72) = 1, their composition is f ◦ g(x) = abx and, since we also have(ab, 72) = 1 and f ◦ g(12) = f (12) = 12, it does belong to H .Given f ∈ H of the form f (x) = ax with (a, 72) = 1, pick a′ such thataa′ ≡ 1 (mod 72). We have (a′, 72) = 1 and the map g given by g(x) = a′xis the inverse of f ; since f (12) = 12 implies f−1(12) = 12, g belongs to H .Therefore, H is a subgroup of G.To find the order of H , remark that f (12) = 12 is equivalent to 12a ≡ 12(mod 72), that is, a ≡ 1 (mod 6). There are exactly 12 classes modulo 72 thatare congruent to 1 modulo 6 and they are all coprime to 72, because they arecoprime to 6, which has the same prime factors. So the order of H is 12.

(ii) The subgroup H is not cyclic. This is because, given any f ∈ H of the formf (x) = ax with a ≡ 1 (mod 6), we have f 6(x) = a6x and a ≡ 1 (mod 2)

implies a2 ≡ 1 (mod 8), hence a6 ≡ 1 (mod 8). Similarly, a ≡ 1 (mod 3)

implies a3 ≡ 1 (mod 9), hence a6 ≡ 1 (mod 9).What we have just shown is that a6 ≡ 1 (mod 72), so the order of every mapin H is a divisor of 6.

137

(i) A homomorphism is injective if and only if its kernel consists of only the neutralelement. The kernel of the map f (x) = (ax, bx) is {x ∈ G | (ax, bx) = (0, 0)}.Let u, v be integer representatives of the residue classes a, b, respectively. Wehave ax = 0 if and only if the order of x is a divisor of (u, 12), and bx = 0 ifand only if the order of x is a divisor of (v, 12). So the kernel of f is the set ofelements whose order is a divisor of (u, v, 12), that is, f is injective if and onlyif (u, v, 12) = 1.Let Y be the set of pairs satisfying the desired condition and, for each divisor d

of 12, let Yd be the set of pairs (a, b) such that d | u and d | v. We have

|Y | = 122 − |Y2 ∪ Y3| = 122 − |Y2| − |Y3| + |Y6| = 122 − 62 − 42 + 22 = 96.

176 3 Solutions

(ii) Using the same notation as above, we have g ◦ f (x) = (a+ b)x and thus g ◦ f

is injective if and only if (u + v, 12) = 1. For each a ∈ G there are exactlyφ(12) = 4 values of b for which (u+ v, 12) = 1, so the answer is 12 · 4 = 48pairs.

138 Let G = (Z/p2Z)∗; we shall show that H = {x ∈ G | x ≡ 1 (mod p)} =

{1 + tp | t = 0, 1, . . . , p − 1} is a subgroup of G. Indeed, we have 1 ∈ H , and ifx, y ≡ 1 (mod p) then we also have xy ≡ 1 (mod p) and x−1 ≡ 1 (mod p). Thesubgroup H has p elements, so all of its elements except for the identity have orderp. In particular, the element a = p + 1 has order p.

Let b ∈ G be an element such that the class of b modulo p is a generator of thecyclic group (Z/pZ)∗. If bn ≡ 1 (mod p2) then we also have bn ≡ 1 (mod p) andso n ≡ 0 (mod p − 1); so the order of b in G is a multiple of p − 1.

But then the cyclic subgroup generated by b has order divisible by p − 1, so ithas a cyclic subgroup of order p − 1. A generator of this subgroup is an element ofG of order p − 1.

139 Let us first show that HK is a subgroup of G. First of all, we do have e ∈ HK:indeed, e = e · e, and e ∈ H, e ∈ K because H,K are subgroups of G. Now, givenhk, h′k′ ∈ HK , the fact that H is a normal subgroup of G implies that kH = Hk,so there exists h′′ ∈ H such that kh′ = h′′k; we thus have hkh′k′ = hh′′kk′ ∈ HK

because, H and K being subgroups of G, we have hh′′ ∈ H and kk′ ∈ K . Finally,if hk ∈ HK then (hk)−1 = k−1h−1 and, because H is normal, we have k−1h−1 =h′k−1 ∈ HK for some h′ ∈ H .

Now we show that HK is a normal subgroup of G. For all g ∈ G, h ∈ H andk ∈ K we have ghkg−1 = (ghg−1)(gkg−1); the latter does belong to HK because,since H and K are normal, we have ghg−1 ∈ H and gkg−1 ∈ K .

140

(i) The set Ker(f ) ∩ Im(f ) is a subgroup of G, so it contains the neutral elementof G. Conversely, let x ∈ Ker(f ) ∩ Im(f ); the fact that x ∈ Ker(f ) impliesf (x) = e, whereas from x ∈ Im(f ) we obtain that there is an element y ∈ G

such that x = f (y). It follows that x = f (y) = f ◦ f (y) = f (x) = e.(ii) It is clear that Ker(f ) · Im(f ) ⊆ G. Conversely, for each x ∈ G, we can

write x = xf (x−1) · f (x). We have f (xf (x−1)) = f (x) · f ◦ f (x−1) =f (x) · f (x−1) = e, hence xf (x−1) ∈ Ker(f ). Since naturally f (x) ∈ Im(f )

we have proved the desired result.

141

(i) We have |(Z/49Z)∗| = φ(49) = 42. The elements of order 2 and those of order3 are the solutions other than 1 of the congruence x2 ≡ 1 (mod 49) and thecongruence x3 ≡ 1 (mod 49), respectively.The condition x2 − 1 = (x − 1)(x + 1) ≡ 0 (mod 49) implies that one ofthe following must be satisfied: x − 1 ≡ 0 (mod 49), whose solution is class 1(which we excluded), or x + 1 ≡ 0 (mod 49), whose solution is the class −1

4 Groups 177

which does have order 2, or the system of two equations x − 1 ≡ 0 (mod 7)

and x + 1 ≡ 0 (mod 7), which has no solutions.In conclusion, the class −1 is the only element of order 2 in (Z/49Z)∗.If x3 ≡ 1 (mod 49) then in particular x3 ≡ 1 (mod 7), so x ≡ 1, 2,−3(mod 7) (one can check that those classes satisfy the condition and all othersdo not). It follows that the solutions of the original congruence modulo 49 areintegers of the form x = a + 7t with a = 1, 2 or −3 and t ∈ Z. Now, remarkthat (a + 7t)3 ≡ a3 + 21a2t (mod 49); substituting the three possible valuesof a yields the solutions x ≡ 1,−19, 18 (mod 49) for the equation x3 ≡ 1(mod 49). In conclusion, there are exactly two elements of order 3 in (Z/49Z)∗.

(ii) There are as many homomorphisms from Z/6Z to (Z/49Z)∗ as elements of(Z/49Z)∗ whose order divides 6. Such elements are the solutions modulo 49 ofx6 ≡ 1 (mod 49).If x is an integer solution of the congruence above, then x6 ≡ 1 (mod 7),that is, x is of the form x = a + 7t with a ∈ {1, 2, 3, 4, 5, 6} and t ∈ Z.Substituting yields (a + 7t)6 ≡ a6 + 42a5t ≡ 1 (mod 49). Since 7 | a6 − 1,the equation becomes 6a5t ≡ b (mod 7), where b = (a6 − 1)/7. Now, since6a5 is invertible modulo 7 for all a in the set we are considering, there is aunique solution modulo 7 for t . We can thus conclude that the equation x6 ≡ 1(mod 7) has six solutions modulo 49.There are therefore six homomorphisms from Z/6Z to (Z/49Z)∗.

142

(i) We have Z(H) �= ∅ because the neutral element of G does belong to Z(H). Ifx, y ∈ Z(H) then for all h ∈ H we have (xy)h = x(yh) = x(hy) = (xh)y =(hx)y = h(xy), so xy ∈ Z(H); moreover, if x ∈ Z(H) then xh = hx for allh ∈ H , hence hx−1 = x−1xhx−1 = x−1hxx−1 = x−1h and so x−1 ∈ Z(H).Therefore, Z(H) is a subgroup of G.

(ii) Assume H is a normal subgroup of G and consider x ∈ Z(H) and g ∈ G. Weshall show that gxg−1 ∈ Z(H). Indeed, for all h in H we have

(gxg−1)h(gx−1g−1) = gx(g−1hg)x−1g−1 = g(g−1hg)xx−1g−1 = h

because g−1hg ∈ H and x ∈ Z(H). This shows that Z(H) is a normalsubgroup of G.

(iii) Given x ∈ Z(H), we have f (x)f (h) = f (xh) = f (hx) = f (h)f (x)

for all h ∈ H , so the equality holds for all f (h) ∈ f (H). In other words,f (Z(H)) commutes with all elements of f (H), that is, f (Z(H)) ⊆ Z(f (H))

as required.(iv) We can take G = Z/2Z, G′ = S3, f (0) = Id, f (1) = σ where σ(1) =

2, σ (2) = 1 and σ(3) = 3, and H = G. One can check that Z(f (G)) ={Id, σ } �= G′.

178 3 Solutions

143

(i) First, let us show that H is a subgroup of G. Clearly, e ∈ H because the neutralelement has order 1. Let a, b ∈ H and suppose ord(a) = m, ord(b) = n; then(ab)mn = amnbmn = e, so ab has finite order and therefore belongs to H .Finally, if a ∈ H then a−1 ∈ H because ord(a) = ord(a−1), so H is indeed asubgroup.Let G = C

∗: we have H = {z ∈ C∗ | zn = 1 for some n}. Since for all n ∈ N

the polynomial xn−1 has n roots in C and those belong to H , we have |H | ≥ n

for all n ∈ N, so H is infinite.(ii) Let gH be an element of finite order in G/H and let n be its order. From

gnH = H we get that gn ∈ H , so there exists an integer d such that (gn)d =gnd = e, that is, g ∈ H . This implies gH = H , that is, only the neutral elementhas finite order in G/H .

(iii) Any group isomorphism sends elements of finite order to elements of finiteorder. We have just shown that the only element of finite order in G/H is theneutral element, so the subgroup of elements of G having finite order must beH = {e}.

(iv) Given a homomorphism ϕ : G −→ Z, consider an element x ∈ H such thatn = ord(x). We must have ord(ϕ(x)) | n, that is, ϕ(x) is an element of Z offinite order. However, 0 is the only element of finite order in Z, so necessarilyϕ(x) = 0, that is, x ∈ Ker(ϕ).

144

(i) Both H1 × H2 and G1 × G2, endowed with the appropriate componentwiseoperations, are groups. Since the operations of H1 and H2 are the restrictionsof those of G1 and G2, the subset H1 ×H2 is a subgroup of G1 ×G2.Given (x, y) ∈ G1 × G2, we have (x, y)(H1 × H2)(x, y)−1 = (x, y)(H1 ×H2)(x

−1, y−1) = xH1x−1 × yH2y

−1 = H1 × H2 because H1 is a normalsubgroup of G1 and H2 is a normal subgroup of G2. Therefore, H1 × H2 is anormal subgroup of G1 ×G2.

(ii) For all (x, y) ∈ H we have x = π1(x, y) ∈ π1(H) and y = π2(x, y) ∈ π2(H),

so (x, y) ∈ π1(H)× π2(H).(iii) Given (x, y) ∈ π1(H) × π2(H) there exist a ∈ G1 and b ∈ G2 such that

(x, b), (a, y) ∈ H. Let h, k ∈ Z be such that hm + kn = 1. Letting e1 ande2 be the neutral elements of G1 and G2, we have (x, b)kn = (xkn, bkn) =(x1−hm, e2) = (x, e2) ∈ H and (a, y)hm = (ahm, y1−kn) = (e1, y) ∈ H. Itfollows that (x, y) = (x, e2)(e1, y) ∈ H. This, together with the containmentshown above, yields the desired equality.

145

(i) Because the groups are finite we have [G1 : H ] = |G1|/|H | and also[f (G1) : f (H)] = |f (G1)|/|f (H)|. The fundamental homomorphismtheorem, when applied to f : G1 −→ G2 and its restriction to H , that is,f|H : H −→ G2, yields that f (G1) � G1/ Ker(f ) and f (H) � H/ Ker(f|H ).

4 Groups 179

Since Ker(f )⊆ H , we have Ker(f|H ) = Ker(f ), and thus

[f (G1) : f (H)] = |f (G1)|/|f (H)|= (|G1|/|Ker(f )|)(Ker(f )|/|H |)= |G1|/|H | = [G1 : H ].

(ii) If Ker(f ) �⊆ H then the equality from the first question does not hold ingeneral. For instance, consider G1 = G2 = Z/2Z, H = {0} and let f bethe zero homomorphism. We have [G1 : H ] = 2, whereas [f (G1) : f (H)] =[{0} : {0}] = 1.

(iii) If G1 = Z and G2 is a finite group then we have Ker(f ) = nZ for some n > 0.

Letting H = mZ, the fact that H ⊇ Ker(f ) implies that m | n, and in particularwe obtain |H/ Ker(f )| = n/m as well as [G1 : H ] = |G1/H | = m. Similarlyto our first answer, we have

[f (G1) : f (H)] = |f (G1)|/|f (H)|= (|G1/ Ker(f )|) : (|H/ Ker(f )|)= nm/n

= m

= [G1 : H ].

Therefore, the desired equality does hold in this case.

146

(i) Since N is an intersection of subgroups, it is itself a subgroup of G. Consideran element g ∈ G and let M be a subgroup of G. The subgroup M is maximalif and only if gMg−1 is maximal: we have M � H if and only if gMg−1

�

gHg−1, and we have H = G if and only if gHg−1 = G. This implies thatthe set of all maximal subgroups of G is invariant by conjugation, so theirintersection N must be as well, that is, N is a normal subgroup of G.

(ii) The subgroups of Z/nZ are the groups dZ/nZ, where d | n. Since dZ/nZ ⊆mZ/nZ if and only if m | d , the maximal subgroups of Z/nZ are the groupspZ/nZ, where p is a prime divisor of n. It follows that, assuming n =p

e11 . . . p

err , we have

N =r⋂

i=1

piZ/nZ = p1 . . . prZ/nZ.

In particular, N is trivial if and only if p1p2 · · ·pr = n, that is, if and only if n

is squarefree.(iii) The answer above immediately yields that for n = 100 we have N =

10Z/100Z.

180 3 Solutions

147 Let π : G −→ G/N be the projection homomorphism, that is, the map givenby π(g) = gN for all g ∈ G, and set F = π ◦ f : G −→ G/N .

The map F , being a composition of surjective homomorphisms, is itself asurjective homomorphism. Moreover, we have Ker(F ) = {g ∈ G|F(g) =f (g)N = N} = N because f (g) ∈ N if and only if g ∈ N .

By the fundamental homomorphism theorem applied to F , the map ϕ :G/N −→ G/N given by ϕ(gN) = f (g)N is well defined and is, indeed, anisomorphism.

148

(i) The group G is isomorphic to (Z/5Z)∗ × (Z/7Z)∗. Moreover, since 5 and 7 areprime, we have G � Z/4Z×Z/6Z and, since (2, 3) = 1, we have G � H×K ,with H = Z/4Z× Z/2Z and K = Z/3Z.The order of any element (h, k) ∈ H × K is the least common multiple of theorders of h and k in H and K , respectively.Every element h = (h1, h2) ∈ H obviously satisfies 4h = (0, 0). The equation2h = (0, 0) has four solutions: (0, 0), (0, 1), (2, 0), (2, 1). Finally, the neutralelement (0, 0) has order 1. Therefore, H has 8 − 4 = 4 elements of order 4,4− 1 = 3 elements of order 2 and one element of order 1.The group K has two elements of order 3 and one element of order 1 (the neutralelement).Consequently, G contains 4 · 2 = 8 elements of order 12, 4 · 1 = 4 elements oforder 4, 3 · 2 = 6 elements of order 6, 3 · 1 = 3 elements of order 2, 1 · 2 = 2elements of order 3 and a single element of order 1. There are no elements oforder n for n �= 1, 2, 3, 4, 6, 12.

(ii) We shall first show that a subgroup C of G of order 6 must be cyclic. Indeed,let us assume by contradiction that C has no elements of order 6: the order ofits elements other than the neutral element must be a divisor of 6, and thereforecan only be 2 or 3.Elements of C other than the neutral element cannot all have order 2, otherwiseC would be a subgroup of H × {0}, which cannot be the case because 6 � 8.Similarly, they cannot all have order 3, or C would be a subgroup {0} × K ,which has order 3.So C must contain both an element of order 2, which is of the form (h, 0) withh ∈ H , and an element of order 3, of the form (0, k) with k ∈ K . But then theelement (h, k) ∈ C has order 6, which contradicts our assumption.Since any cyclic group of order 6 contains exactly φ(6) = 2 elements of order6 and since there are six elements of order 6 in G, the group G has 6/2 = 3subgroups of order 6.

149

(i) Let N = {x ∈ G | f (x) = g(x)} and let e be the neutral element of G. Firstof all, remark that f (e) = g(e) = 0, so e ∈ N . Moreover, if x, y ∈ N ,that is, if f (x) = g(x) and f (y) = g(y), then f (xy) = f (x) + f (y) =g(x)+ g(y) = g(xy), hence xy ∈ N . Finally, if x ∈ N , that is, if f (x) = g(x),

4 Groups 181

then f (x−1) = −f (x) = −g(x) = g(x−1) and thus x−1 ∈ N . We have justshown that N is a subgroup of G.Now, consider y ∈ G, x ∈ N ; the fact that Z/12Z is Abelian implies thatf (yxy−1) = f (y) + f (x) − f (y) = f (x) = g(x) = g(y) + g(x) − g(y) =g(yxy−1), hence yxy−1 ∈ N .[[The proof above would still work if we replaced Z/12Z by any Abelian group.]]

(ii) Note that H is a normal subgroup of G, because 〈(123)〉 is normal in S3, as ithas index 2. The condition that f (h) = 0 for all h ∈ H can be rewritten asH ⊆ Ker(f ). The homomorphisms that satisfy this condition are in bijectionwith the homomorphisms ϕ : G/H −→ Z/12Z.Now, we have G/H � 〈(12)〉 × 〈1〉 � Z/2Z× Z/2Z.Consequently, the homomorphisms ϕ : G/H −→ Z/12Z correspond bijec-tively to the homomorphisms ψ : Z × Z −→ Z/12Z whose kernel contains2Z× 2Z.The homomorphisms ψ : Z × Z −→ Z/12Z are exactly those of the formψ(m, n) = ma + nb with a, b ∈ Z/12Z. The kernel of such a homomorphismcontains 2Z × 2Z if and only if ψ(2, 0) = ψ(0, 2) = 0, that is, if and onlyif 2a = 2b = 0, or equivalently a = 6a′, b = 6b′ for some a′, b′ ∈ {0, 1}.So there are four homomorphisms satisfying the requirement of the problemstatement, and each can be constructed from one of the four possible pairs(a′, b′).

150 First of all, remark that G � H ×K = (Z/pZ)∗ × (Z/qZ)∗, that is, G is thedirect product of two cyclic groups whose orders are p − 1 and q − 1, respectively.Thanks to the group structure of the direct product, we have G(2) � H(2) × K(2)

and G(3) � H(3)×K(3), where H(2), H (3), K(2), K(3) are defined for H and K inthe same way as G(2), G(3) are defined for G.

Denote by ϕ and ψ the homomorphisms from H to itself given by ϕ(x) = x2,ψ(x) = x3: note that we shall then replicate the same argument starting with K . Thesubgroups H(2), H (3) are the images of these homomorphisms. As for the kernels,they consist of the solutions of x2 ≡ 1 (mod p) and x3 ≡ 1 (mod p), respectively.The solutions of the first equation are x ≡ ±1 (mod p) and the second equationhas either three solutions or a single solution, depending on whether H containselements of order 3 or not, that is, on whether 3 divides p−1 or not. We should alsoremark that for p = 2 the two solutions of the first equation actually coincide.

From the known relation between the kernel and the image of a homomorphismand the fact that every subgroup of a cyclic group is cyclic, we deduce that H(2) isa cyclic group of order (p − 1)/2 if p > 2 and of order one if p = 2, whereas H(3)

is a cyclic group of order (p − 1)/(3, p − 1).We come to the following conclusions. The order of G(2) is (p−1)/2 · (q−1)/2

if p > 2 and (q − 1)/2 if p = 2, and the order of G(3) is (p− 1)/(3, p− 1) · (q −1)/(3, q−1). The subgroup G(2), which is a direct product of cyclic groups, is itselfcyclic if and only if the orders of the two groups are relatively prime, that is, if andonly if ((p − 1)/2, (q − 1)/2) = 1 if p > 2 and for all q if p = 2. Similarly, G(3)

is cyclic if and only if the orders of its factors are relatively prime. Note, however,

182 3 Solutions

that those orders are both even except for the case where p = 2, which yields a firstfactor of order 1. So the group G(3) is cyclic for p = 2 and is not cyclic for p > 2.

151

(i) Since G is a group, it is clear that H + K ⊆ G. As for the opposite inclusion,consider x ∈ G and let xH be its projection in G/H . We have mxH = eH

because G/H has order m. This implies that mx ∈ H and, similarly, nx ∈ K .Now, let a, b be integers such that am+ bn = 1; we have x = amx + bnx ∈H +K , which yields the desired equality.

(ii) Consider the map f : G −→ G/H ×G/K given by f (x) = (xH , xK), whichis clearly a homomorphism. The kernel of f is the set of elements x such that(xH , xK) = (eH , eK), so it is equal to H ∩K .Moreover, f is surjective. This is because, given (xH , yK) ∈ G/H × G/K

and a, b as above, we have bn ≡ 1 (mod m), bn ≡ 0 (mod n) and am ≡0 (mod m), am ≡ 1 (mod n), which implies f (bnx + amy) = f (bnx) +f (amy) = (xH , eK)+ (eH , yK) = (xH , yK).The fundamental homomorphism theorem yields the desired isomorphism.

152 A homomorphism f : G −→ G is induced by a homomorphism g : Z×Z −→G such that 20Z × 8Z ⊆ Ker(g). Moreover, given x, y in G, there is a uniquehomomorphism g : Z × Z −→ G such that g(1, 0) = x and g(0, 1) = y, which isgiven by g(a, b) = ax + by.

The condition on the kernel of g is equivalent to g(20, 0) = 20x = (0, 0) andg(0, 8) = 8y = (0, 0).

In order for this condition to be satisfied, x must be represented by a pair ofintegers (x1, x2) such that 20x1 ≡ 0 (mod 20) and 20x2 ≡ 0 (mod 8). The firstequation is satisfied for all integers x1, whereas the second one is satisfied if andonly if x2 ≡ 0 (mod 2), that is, for four residue classes modulo 8. The total numberof possible values for x is therefore 20 · 4 = 80.

Similarly, y must be represented by an integer pair (y1, y2) such that 8y1 ≡ 0(mod 20) and 8y2 ≡ 0 (mod 8). The first equation is equivalent to y1 ≡ 0 (mod 5),so it has four solutions modulo 20, and the second equation is always satisfied. Sothere are 4 · 8 = 32 possible values for y.

The number of homomorphisms from G to itself is therefore 80 · 32 = 2560.

(i) The kernel of fn consists of the pairs (x1, x2) such that nx1 ≡ 0 (mod 20)

and nx2 ≡ 0 (mod 8). The solution of the first equation is x1 ≡ 0(mod 20/(n, 20)) and the solution of the second equation is x2 ≡ 0(mod 8/(n, 8)).The kernel of fn is thus the direct product of a cyclic group of order (n, 20) anda cyclic group of order (n, 8). The direct product of two finite cyclic groups iscyclic if and only if the orders of the two factors are relatively prime.In our case, if n is odd then the order of the second factor is 1, whereas if n iseven then both orders are even. Therefore, our group is cyclic if and only if n isodd.

4 Groups 183

(ii) By the fundamental homomorphism theorem, the image of fn is isomorphic toG/ Ker(fn), that is, to the product of two cyclic groups of order 20/(n, 20) and8/(n, 8), respectively. Since (20, 8) = 4, these orders are relatively prime if andonly if 4 divides both (n, 20) and (n, 8), that is, if and only if 4 | n.

153

(i) Let x ∈ G be such that its projection x in G/H is a generator of G/H . Inparticular, we have ord(x) = n, so the fact that ord(x) | ord(x) implies ord(x) =nk for some positive integer k.Now, let y be a generator of H and let z = xk. We have ord(y) = m, ord(z) = n

and we wish to show that ord(yz) = mn, that is, that yz is a generator of G.Since yz ∈ G, it is clear that ord(yz) |mn = |G|.Let d be a positive integer such that (yz)d = e. Since G is Abelian, we canwrite ydzd = e as well as yd = z−d .Notice that yd belongs to H and z−d belongs to the subgroup generated byz, and that the intersection of these two groups, their orders being relativelyprime, consists of the identity only. So the equality above implies yd = e andzd = e−1 = e. Since the orders of y and z are m and n, respectively, we musthave m | d and n | d; since (m, n) = 1, this implies that mn | d , hence the factthat G is cyclic.

(ii) A family of examples is given by groups of the form Z/mZ × Z/nZ with(m, n) > 1. By setting H = Z/mZ× {e} we have that G/H ∼= Z/nZ. Indeed,Z/nZ is the image of the canonical projection of G onto the second factor,whose kernel is precisely H . So H and G/H are cyclic but G, thanks to theassumption that (m, n) > 1, is not.In particular, we can give the single example G = Z/2Z× Z/2Z.

154

(i) Since in a group of order n every element’s nth power is the neutral element,we have fn−1(x) = xn−1 = x−1. If fn−1 is a homomorphism, then for allx, y ∈ G we have (xy)−1 = x−1y−1. Taking the inverse of both sides of theequality, we get xy = yx.

(ii) If f8 is a homomorphism, then f8 ◦ f8 = f64 is as well. Now, the fact thatfor all x ∈ G we have x62 = e implies that f64(x) = f2(x) = x2. If f2is a homomorphism, then for all x, y ∈ G we have (xy)2 = x2y2, that is,xyxy = xxyy. Multiplying by x−1 on the left and by y−1 on the right yieldsyx = xy.

(iii) Let G = S3 and k = 2. In this case we have f2((12)(13)) = f2((132)) =(132)2 = (123), whereas f ((12))f ((13)) = (12)2(13)2 = e · e = e.

155 We shall use the additive notation and denote by 0 the neutral element of G.

(i) First of all, we show that Gp is a subgroup of G. The neutral element belongsto Gp because ord(0) = 1.

184 3 Solutions

Given x, y ∈ Gp, suppose ord(x) = pk , ord(y) = ph. Setting m = max{k, h},we have pm(x + y) = pmx + pmy = 0, so the order of x + y is a divisor ofpm hence a power of p.Finally, for each integer r we have rx = 0 if and only if r(−x) = 0. We havethus proven that Gp is a subgroup.Now, let q be a prime that divides the order of Gp. By Cauchy’s theorem, thereexists an element x ∈ Gp of order q , but then the definition of Gp implies thatq = p, so the order of Gp must be a power of p.

(ii) Let x+Gp be an element of the quotient group G/Gp and assume ord(x) = r .Write r in the form r = pkm, with (m, p) = 1. We have pk(mx) = 0, hencemx ∈ Gp. It follows that m(x + Gp) = mx + Gp = Gp is the class of theidentity in G/Gp, that is, ord(x +Gp) is a divisor of m, which implies it mustbe coprime to p.

(iii) We have |Gp| = pa′ and |Gq | = qb′ for some a′, b′ ∈ N. Since Gp and Gq

are subgroups of G, we have a′ ≤ a, b′ ≤ b. Consider the homomorphismf : G→ G given by f (x) = pax. We show that Ker(f ) = Gp: if x belongsto Ker(f ) then its order is a divisor of pa and, conversely, if x ∈ Gp thenpa′x = 0 and thus pax = 0. By the fundamental homomorphism theorem,the image of f is isomorphic to G/Gp, which, by (ii), only contains elementswhose orders are powers of q . Therefore, Im(f ) ≤ Gq . In particular, | Im(f )|is a power of q , say | Im(f )| = qb′′ for some b′′ ∈ N. We have

paqb = |G| = |Ker(f )| · | Im(f )| = pa′qb′′,

hence a = a′ and b = b′′. Since b′′ ≤ b′ ≤ b, we also have b′′ = b′ = b andthus G/Gp � Im(f ) = Gq .

156 Let q = a/b be a rational number with (a, b) = 1 and b = 2r5sh for somer, s ≥ 0 and some h > 0 such that (h, 10) = 1. From the definition of L we havethat mq ∈ L if and only if h |m, since the factor m must simplify with every primefactor other than 2 and 5 appearing in the denominator of q . In particular, x = q+L

has order k in Q/L if and only if h = k; moreover, x is a solution of kx = 0 if andonly if h | k.

We shall first endeavour to answer (i) and (ii) in the case where (k, 10) = 1.Note that 1/k + L has order k in Q/L by our previous remarks. Moreover, all

elements of the cyclic group G generated by 1/k + L in Q/L satisfy the equationkx = 0.

Conversely, let x be a solution; we wish to show that x ∈ G. By our previousremarks, we have x = q + L, where q = a/(2r5sh) and h | k.

Consider the congruence ht + a ≡ 0 (mod 2r5s) in the indeterminate t . Since(h, 10) = 1, there exists a solution t0 ∈ Z. Suppose ht0 + a = c2r5s for somec ∈ Z. We have

q − c

h= a

2r5sh− ht0 + a

2r5sh= t0

2r5s∈ L

4 Groups 185

and so x = q +L = c/h+L belongs to the subgroup of G generated by 1/h+ L.We have thus proven that G is the set of solutions of kx = 0 in Q/L, so there are k

such solutions. Moreover, the number of elements of order k is φ(k), because G isa cyclic group.

Finally, let us consider the case where (k, 10) > 1. We can write k = 2r5sk1 with(k1, 10) = 1. Our initial discussion about the order of elements in Q/L implies thatevery element has order coprime to 10. In particular, there are no elements of orderk and the equation kx = 0 has the same solutions as k1x = 0; it therefore has k1solutions.

157

(i) Yes, there are subgroups of order 3: one is given by the rotations by a multipleof 2π/3 around some fixed axis passing through opposite vertices of the cube.

(ii) There are two types of transformations in G: those that preserve the figure andthose that rotate all the line segments within the faces by π/2. It is easy tosee that, if one of the line segments is rotated, those of adjacent faces must berotated as well, because the endpoints of line segments within adjacent facesnever coincide.The subgroup H is that of transformations of the first type. Note that transfor-mations of the second type do exists: for instance, the rotation by π/2 aroundan axis joining the centres of two opposite faces. Moreover, transformations ofthe second type form a coset of H . Indeed, given two transformations of thesecond type α and β, the transformation α ◦ β−1 does send the figure to itself,so α ◦ β−1 ∈ H .Therefore, the index of H in G is 2.

(iii) We know that H is a subgroup of index 2 in G, so H is a normal subgroupof G.

158

(i) Every element of G generates a cyclic subgroup. Moreover, a cyclic subgroupof order d can be generated by φ(d) distinct elements. It follows that the numberof cyclic subgroups of a finite group G is given by the expression

∑

d | |G|

1

φ(d)· (number of elements of orderd).

In our case (that is, G = Z/6Z × Z/6Z) every x ∈ G satisfies 6x = 0, so theorder of an element can only be 1, 2, 3, or 6. The only element of order 1 isthe identity. Any element x = (a, b) of order 2 must satisfy (2a, 2b) = (0, 0),whose solutions are a = 0, 3, b = 0, 3. If we exclude the neutral element,which is the only solution that does not have order 2, we find that there are4− 1 = 3 elements of order 2.

186 3 Solutions

Elements of order 3 are counted analogously: there are 9 − 1 = 8 in total. Allother 36−1−3−8 = 24 elements have order 6. The expression above becomes

1

φ(1)+ 3

φ(2)+ 8

φ(8)+ 24

φ(6)= 1+ 3+ 2+ 12 = 18.

(ii) Clearly, if ord(x) = 1, 2, 3, 6 then |G/〈x〉| is equal to 36, 18, 12, 6, respectively.Suppose that G/〈x〉 is cyclic.Remember that, if we let π : G −→ G/〈x〉 be the canonical projection, wehave ord(π(y)) | ord(y) for all y ∈ G (simply because π is a homomorphism).Since G has no elements of order 36, 18, 12, the only possibility is ord(x) =|G/〈x〉| = 6. If this is the case, then G/〈x〉 is necessarily cyclic, since itcontains an element a of order 2 and an element b of order 3, and their suma + b has order 6. The answer is therefore given by the number of elements ofG whose order is 6, which, as seen above, is 24.

159

(i) Partition Z/60Z into the twenty disjoint sets A0, A1, . . . , A19, where Ah ={h, h+ 20, h+ 40} for h = 1, 2, . . . , 19.The set G consists of all permutations of Z/60Z that send Ah to itself for h =1, 2, . . . , 19. From this description of the set G, it is clear that G is a groupisomorphic to the direct product S(A0) × S(A1) × · · · × S(A19) � S×20

3 ,whose factors are the groups of permutations of A0, A1, . . . , A19. In particular,G has 620 elements.

(ii) It is clear that G has no subgroups of order 10, because 10 is not a divisor of620.Remark that the order of an element in a direct product is the least commonmultiple of the orders of its components. Since the elements of S3 have order1, 2, or 3, G does have cyclic subgroups of order 6 but contains no cyclicsubgroups of order 8 or 12.There are, however, (non-cyclic) subgroups of order 8: let H be a subgroup oforder 2 in S3; the subgroup H × H × H × Id× Id× · · · × Id has order 8 inS×20

3 . Similarly, given a subgroup K of order 3 in S3, the subgroup K × H ×H × Id× · · · × Id of S×20

3 has order 12.

160 Let ϕ : G −→ 3G be the map given by ϕ(x) = 3x for all x ∈ G. Remarkthat ϕ is a homomorphism: since G is Abelian, we have ϕ(x + y) = 3(x + y) =3x + 3y = ϕ(x)+ ϕ(y).

Let H be a subgroup of G such that (|H |, 3) = 1; consider the map ψ = ϕ|H ,that is, the restriction to H of the homomorphism ϕ. The kernel of ψ is the set ofelements h ∈ H such that 3h = 0, that is, the set of elements of H whose order is adivisor of 3. Since 3 does not divide the order of H , the group H does not containany elements of order 3, so the kernel of ψ contains the identity only. It follows thatψ is injective, hence H is isomorphic to its image ψ(H). But ψ(H) is a subgroupof a cyclic group, so it is cyclic, and thus H itself must be cyclic.

4 Groups 187

161 A homomorphism f : Z/nZ −→ Z/10Z×Z/20Z is determined by the choiceof f (1) = (a, b) ∈ Z/10Z× Z/20Z, provided the condition ord(a, b) | n = ord(1)

is satisfied. What we need to find is therefore the number of elements (a, b) ∈Z/10Z× Z/20Z such that n(a, b) = 0.

For n = 0, that is, when counting homomorphisms from Z to Z/10Z× Z/20Z,all elements (a, b) satisfy the requirement, so there are 200 homomorphisms. Noneof them is injective because Z is infinite whereas the codomain is finite.

Assume n ≥ 1. We need to count the elements (a, b) ∈ Z/10Z × Z/20Z suchthat na = 0 and nb = 0, that is, the solutions of the congruences na ≡ 0 (mod 10)

and nb ≡ 0 (mod 20). We have

na ≡ 0 (mod 10) ⇐⇒ a ≡ 0 (mod10

(n, 10))

and the latter equation has exactly (n, 10) solutions in Z/10Z. Similarly, the equa-tion nb ≡ 0 (mod 20) has exactly (n, 20) solutions in Z/20Z. This yields a totalof (n, 10)(n, 20) pairs (a, b) satisfying the requirement, so we have (n, 10)(n, 20)

homomorphisms in total.In order for the homomorphism given by f (1) = (a, b) ∈ Z/10Z × Z/20Z to

be injective, we must have ord(a, b) = ord(1) = n: there are as many injectivehomomorphisms as there are elements of order n in Z/10Z × Z/20Z. A necessarycondition for the existence of injective homomorphism is therefore that n | 20: wemust have n = 1, 2, 4, 5, 10, 20.

Let us assume n takes one of those values and find the number dn of elements(a, b) ∈ Z/10Z× Z/20Z of order n. Remember that ord(a, b) is the least commonmultiple of ord(a) and ord(b) and that, if d |m, then there are φ(d) elements oforder d in Z/mZ.

The only element of order 1 in any group is the neutral element, so d1 = 1.All elements (a, b) of order 2 satisfy 2(a, b) = 0. We have two possible choices

for a and two for b, so four solutions in total; the neutral element is the only solutionwe need to exclude, so d2 = 3.

Similarly, we exclude the neutral element from the 25 solutions of the equation5(a, b) = 0 and obtain d5 = 24 elements of order 5.

In order to compute d10, we find the number of solutions of 10(a, b) = 0 andsubtract the number of elements of order 1, 2 and 5: we have d10 = 100−d1−d2−d5 = 100− 1− 3− 24 = 72.

An element (a, b) has order 4 if and only if b has order 4 and ord(a) | (4, 10) =2. There are two possible choices for the element b, because there are φ(4) = 2elements of order 4 in Z/20Z, and there are two possible choices for a, since thereare two elements of order 1 or 2 in Z/10Z. We thus have d4 = 4.

Finally, we can obtain d20 as the difference d20 = 10·20−d1−d2−d4−d5−d10 =200− 1− 3− 4− 24− 72 = 96.

[[We can also compute d20 by remarking that (a, b) has order 20 if and only if b has order 20,

or b has order 4 and a has order 5 or 10. There are φ(20) = 8 possibilities for b and 10 for a in the

first case, whereas in the second case we have two possible values for b and 8 = φ(5)+ φ(10) for

a, so 16 possibilities. We find d20 = 80 + 16 = 96.]]

188 3 Solutions

162

(i) Let g = (g1, g2, g3) be an element of G with g1 ∈ Z/5Z, g2 ∈ Z/10Z andg3 ∈ Z/36Z. The element g is in the kernel of f if and only if f (g) =78(g1, g2, g3) = (3g1,−2g2, 6g3) = (0, 0, 0); in other words, f (g) = (0, 0, 0)

if and only if g1 ≡ 0 (mod 5), g2 ≡ 0 (mod 5) and g3 ≡ 0 (mod 6).We therefore conclude that Ker(f ) has 1 ·2 ·6 = 12 elements. This implies thatIm(f ) � G/ Ker(f ) has |G|/|Ker(f )| = 5 · 10 · 36/12 = 150 elements.

(ii) Given g ∈ G, we have ord(f (g)) | (| Im(f )|, ord(g)) = (150, ord(g)).Moreover, if g = (g1, g2, g3) ∈ G then we have

ord(g) = [ord(g1), ord(g2), ord(g3)] | [5, 10, 36] = 180.

This implies that ord(f (g)) | (180, 150) = 30 for all g ∈ G.On the other hand, for g = (1, 1, 1) we have f (g) = (3,−2, 6) and thereforeord(f (g)) = [5, 5, 6] = 30, so 30 is the largest possible order.

163

(i) Remark that 0G = 2 · 0G ∈ Q. Moreover, if x1, x2 ∈ Q then x1 = 2g1 andx2 = 2g2 for some g1, g2 ∈ G, so x1 + x2 = 2g1 + 2g2 = 2(g1 + g2) ∈ Q;finally,−x1 = −2g1 = 2(−g1) ∈ Q. This shows that Q is a subgroup of G.[[Another way to show that Q is a subgroup is to remark that, since G is Abelian, the map

ϕ : G −→ G given by ϕ(g) = 2g is a homomorphism and that Q = Im(ϕ).]](ii) The map G � g

ϕ−→ 2g ∈ G is a homomorphism because G is Abelian;moreover, we have Q = Im(ϕ) and |G/Q| = |Ker(ϕ)|. Now, Ker(ϕ) ={g ∈ G | 2g = 0G}, so all elements in Ker(ϕ) other than 0G have order 2.By Cauchy’s theorem, if |G/Q| = |Ker(ϕ)| is finite then it is a power of 2.This shows that we cannot have m = 3.Let us now give examples of groups G for which |G/Q| is 1, 2 and 4. SetG = Z/3Z; since Z/3Z has no elements of order 2, we have Ker(ϕ) = {0}, so|G/Q| = 1. For G = Z/2Z we have Im(ϕ) = 0, so m = 2. Finally, considerG = Z/2Z × Z/2Z; all elements of G have order 1 or 2, so ϕ is the zerohomomorphism and |G/Q| = |G| = 4.

164

(i) Given (a, b) ∈ G, we have that ord(a, b) = [ord(a), ord(b)] is 11 if and only iford(a) | 11, ord(b) | 11 and (a, b) �= (0, 0). Since for each divisor d of m thereare d elements in Z/mZ whose order divides d , the number of pairs (a, b)

satisfying the requirements is 11 · 11− 1 = 120.Since 11 is prime, all subgroups of order 11 are cyclic; their number is givenby the number of elements of order 11, divided by the number of generators ina cyclic group with 11 elements, which is φ(11). So we have 12 subgroups oforder 11.

(ii) For every subgroup H of order 11 we have |G/H | = |G|/|H | = 33 ·11 = 297;if G/H were cyclic, it would contain an element of order 297. But this cannot

4 Groups 189

be the case, because every element of G has an order that divides 99 and for allx ∈ G we have ord(x +H) | ord(x).

(iii) There are no surjective homomorphisms from G to Z/121Z. If f were one,there would be an element x ∈ G such that ord(f (x)) = 121; but this is notpossible because ord(f (x)) | ord(x) and for every element x of G we haveord(x) | 99.

165 Let π : G � x −→ xH ∈ G/H be the projection onto the quotient. Since π isa homomorphism we have ord(xH) | ord(x). Assume that G/H contains an elementxH of order m; we have ord(x) = mk and thus ord(xk) = m.

Conversely, let x ∈ G be an element of order m; we have ord(xH) = d |m,hence (xH)d = H and thus xd ∈ H. By Lagrange’s theorem, we have xdn = e, som = ord(x) | nd . The fact that (n,m) = 1 implies that m | d hence, finally, d = m.

166

(i) All elements x = (a, b) of a subgroup of order 4 must have an order thatdivides 4, so they must satisfy 4x = (4a, 4b) = (0, 0). The solutions of thesecongruences are given by a ≡ 0 (mod 2), that is, a ∈ {0, 2, 4, 6}, and b ≡ 0(mod 3), that is, b ∈ {0, 3, 6, 9}.Among the 4 · 4 = 16 elements above, 4 also satisfy the equation (2a, 2b) =(0, 0)—that is, the elements (0, 0), (0, 6), (4, 0), (4, 6)—whereas the other 12elements have order exactly 4. Each of these 12 elements generates a cyclicsubgroup of order 4, and each cyclic subgroup of order 4 contains two elementsof order 4, so the total number of cyclic subgroups of order 4 is 12/2 = 6.We can list them explicitly by choosing one generator from each, for example:(0, 3), (2, 0), (2, 3), (2, 6), (2, 9), (4, 3).The set of solutions of (2a, 2b) = (0, 0) is also a subgroup of order 4, thoughit is not cyclic. Indeed, (0, 0) belongs to the set; moreover, if (a, b) and (a′, b′)are solutions, then (a + b, a′ + b′) is a solution, because 2(a + b, a′ + b′) =2(a, b) + 2(a′, b′) = (0, 0); finally, if (a, b) is a solution then −(a, b) is asolution, because 2(−(a, b)) = −2(a, b) = (0, 0).

(ii) Let H be a subgroup of G of order 48. Since G is Abelian, H is necessarilya normal subgroup of G, so the quotient G/H has a group structure, and itis clearly isomorphic to Z/2Z. Since we have 2(gH) = (2g)H = H for allg ∈ G, we have that 2G ⊆ H .The subgroups that contain 2G are in bijection with the subgroups of G/2G =(Z/8Z × Z/12Z)/(2Z/8Z × 2Z/12Z) � Z/2Z × Z/2Z. Now, 2G has order8/2 × 12/2 = 24, so any subgroup H of G whose order is 48 corresponds toa subgroup of G/2G whose order is 2, which must consist of the identity andone of the three elements of order 2 in G/2G. It follows that G has exactlythree subgroups of order 48, each given by the union of 2G with a coset x+2G

of order 2 in G/2G. We may choose as representatives of these three cosets inG/2G the elements x = (1, 0), (0, 1), (1, 1).

190 3 Solutions

167 The answer to both questions is yes: let us see why.

(i) Let π : (Z/p2Z)∗ → (Z/pZ)∗ be the map given by [x]p2 −→ [x]p, which

is well defined because if x ≡ y (mod p2) then a fortiori x ≡ y (mod p).The map π is a homomorphism because [xy]p2 = [x]p2[y]p2 and thus [xy]p =[x]p[y]p. Finally, π is surjective, because if (x, p) = 1 then (x, p2) = 1.

(ii) The group G1 is cyclic of order p− 1, because p is prime. Let x be a generatorof G1, let π be the map defined above and let y ∈ G2 be such that π(y) = x. Wehave that p−1 = ord(x) | ord(y). Assume that ord(y) = k(p−1); this impliesord(yk) = p − 1 and so the map G1 � xh → ykh ∈ G2 is an isomorphismbetween the two cyclic groups G1 = 〈x〉 and 〈yk〉 ⊆ G2. In particular, it is aninjective homomorphism from G1 to G2.

168

(i) Let us check that H is a subgroup of G: 0 ∈ H because pa0 = 0; if x, y ∈ H ,then pa(x+y) = pax+pay because G is Abelian, so pa(x+y) = 0+0 = 0;finally, if x ∈ H then pa(−x) = −pax = 0, so −x ∈ H .

(ii) Suppose by contradiction that x + H ∈ G/H is an element of order p. Inparticular, we have p(x +H) = px +H = H , that is, px ∈ H . By definitionof H , this implies pa(px) = 0, so the order of x is a divisor of pa+1. On theother hand, the order of x must be a divisor of the order G, so it must alsodivide (pa+1, |G|) = pa . It follows that pax = 0, that is, x ∈ H and the classx +H is the class H which has order 1, but this contradicts our assumption.

(iii) The order of every element of H is a divisor of pa . Therefore, if the order ofx ∈ H is prime, then ord(x) = p. By Cauchy’s theorem, the order of H mustbe a power of p: if this were not the case, there would be a different prime q

that divides |H | and thus there would be an element of order q in H . So, let|H | = pb for some natural number b; we then have that pb | |G| because, byLagrange’s theorem, the order of a subgroup divides the order of the group.Therefore, b ≤ a and, if we had b < a, the order of the group G/H would bea multiple of p; again by Cauchy’s theorem, this would imply the existence ofan element of order p in that group, which contradicts what we showed above.

169

(i) Given two homomorphisms f, g from G to C∗, the map fg is a homomorphism

because (fg)(x + y) = f (x + y)g(x + y) = f (x)f (y)g(x)g(y) =f (x)g(x)f (y)g(y) = (fg)(x) · (fg)(y). We can therefore define the operation(f, g) −→ fg in Hom(G,C∗).This operation is associative because the multiplication of C

∗ is. The setHom(G,C∗) has a neutral element, that is, the map e : G � x −→ 1 ∈C∗. Finally, every homomorphism f ∈ Hom(G,C∗) has an inverse: letting

f−1 : G → C∗ be the map given by f−1(x) = f (x)−1 for all x ∈ G, we

have f−1(xy) = (f (xy))−1 = f (x)−1f (y)−1 = f−1(x)f−1(y), so f−1 ∈Hom(G,C∗). Moreover, (ff−1)(x) = (f−1f )(x) = f (x)−1f (x) = 1 = e(x)

for all x ∈ G, so ff−1 = f−1f = e.

4 Groups 191

(ii) If ϕ is an injective homomorphism in Hom(G,C∗) then ϕ(G) � G. But ϕ(G)

is a multiplicative subgroup of a field, so it is cyclic. It follows that G must becyclic, that is, we must have (m, n) = 1.On the other hand, if (m, n) = 1 then G = Z/mZ × Z/nZ is cyclic of ordermn. Let g be a generator of G and let ζ = ζmn be an mnth primitive root ofunity in C

∗. Consider the map f : G→ C∗ given by f (gk) = ζ k.

This map is well defined because, if k ≡ h (mod mn), then ζ k = ζ h. It is ahomomorphism because f (gkgh) = f (gk+h) = ζ k+h = ζ kζ h = f (gk)f (gh).Moreover, it is injective because ζ k = 1 implies k ≡ 0 (mod mn) and thusgk = id .

170

(i) It is clear that pG and qG are both contained in G, so pG + qG ⊆ G.Conversely, let x ∈ G and let a, b be integers such that pa + qb = 1. Wehave x = pax + qbx ∈ pG+ qG, so G ⊆ pG+ qG.

(ii) If pq � n then at least one among p, q does not divide n; by symmetry, let usassume that p � n. The map f : G→ G given by f (x) = px is an injectivehomomorphism, because there are no elements of order p in G. Since G is afinite group, f must also be surjective: its image pG is equal to G. This ofcourse implies that G = pG+ qG.Now assume that pq | n, that is, p | n and q | n. By Cauchy’s theorem, G

has an element of order p and an element of order q , so the kernels of thehomomorphisms x −→ px and x −→ qx are both nontrivial. It follows thatthe images pG and qG of these homomorphisms are both different from G.But the union of two subgroups of a given group is itself a subgroup if andonly if one of the two subgroups contains the other. In this case, since bothsubgroups are proper, even if their union were indeed a subgroup, it would notbe all of G.

(iii) As above, if pqr � n then at least one of the primes, say p, does not divide n,so G = pG. On the other hand, if pqr | n then G has an element x of order p,so the homomorphism x −→ px has a kernel of order at least p and its imagepG has at most n/p elements. Similarly, |qG| ≤ n/q and |rG| ≤ n/r , so

|pG ∪ qG ∪ rG| ≤(

1

p+ 1

q+ 1

r

)n ≤

(1

3+ 1

5+ 1

7

)n < n = |G|.

It follows that we cannot have pG ∪ qG ∪ rG = G.

171 We shall use the additive notation. If the order of x ∈ G is a prime p, then thisprime must be a divisor of 200, that is, p = 2, 5. By Cauchy’s theorem, G containsboth elements of order 2 and elements of order 5. An element x of order 2 generatesa subgroup of order 2 where x itself is the only element of order 2; an element y

of order 5 generates a subgroup of order 5 that contains four elements of order 5,namely, y, 2y, 3y, 4y. Consequently, every group G of order 200 contains at least1 + 4 = 5 elements whose order is prime. This minimum is actually achieved by

192 3 Solutions

the cyclic group Z/200Z, which contains φ(d) elements of order d for each divisord of 200. The desired minimum is therefore 5.

Any element of order 2 will belong to the subgroup G2 = {x ∈ G | 2x = 0}whose order is, by Cauchy’s theorem, a power of 2. Moreover, since the order of G2must divide the order of G, we have that |G2| must divide 8. Any group of order m

has at most m − 1 elements of order 2—all elements except for the identity—so G

can have at most seven elements of order 2.Similarly, any element of order 5 must belong to the subgroup G5 = {x ∈

G | 5x = 0}, which has at most 25 elements and therefore at most 24 elementsof order 5.

It follows that the maximum possible number of elements whose order is primein a group G of order 200 cannot be more than 7 + 24 = 31. If we have G ∼=Z/2Z × Z/2Z × Z/2Z × Z/5Z × Z/5Z then we do have equality, so 31 is thedesired maximum.

172 By Cauchy’s theorem, G contains both elements of order p and elements oforder q . Let x be an element of order p and let y be an element of order q . Theelement xy has order pq: indeed, we have (xy)pq = xpqypq = e and for properdivisors of pq we clearly have (xy)1 = xy �= 1, (xy)p = yp �= 1, (xy)q = xq �= 1.On the other hand, any subgroup of order pq must contain both an element of orderp and an element of order q; it follows that it must be cyclic and is generated bytwo such elements.

Set H = 〈x〉 and K = 〈y〉, so that HK = 〈xy〉. The map (H,K) −→ HK

is a bijection between the set of pairs (H,K) of subgroups of orders p and q ,respectively, and the set of subgroups of order pq . The fact that this map is surjectivefollows from the fact that every subgroup of order pq contains a cyclic subgroup oforder p and a cyclic subgroup of order q . Moreover, the map is injective, becauseeach subgroup of order pq contains exactly one subgroup of order p and exactlyone subgroup of order q . Therefore, hpq = hphq .

As for the second equality, it is enough to remark that mpq = φ(pq)hpq , mp =φ(p)hp , mq = φ(q)hq . Substituting and using the identity φ(pq) = φ(p)φ(q)

yields the desired formula.

173

(i) By assumption, the groups G/H and G/K have order p, so they are isomorphicto Z/pZ. In order to show the desired isomorphism, it is enough to show thatG � G/H ×G/K .Let ϕ : G −→ G/H ×G/K be the map given by g −→ (gH, gK), which is ahomomorphism because

ϕ(xy) = (xyH, xyK)

= (xHyH, xKyK)

= (xH, xK)(yH, yK)

= ϕ(x)ϕ(y).

4 Groups 193

Since Ker(ϕ) = {g ∈ G | (gH, gK) = (H,K)} = H ∩ K = {e}, thehomomorphism ϕ is injective.In order to show that ϕ is surjective, it is enough to show that |G| = p2. SinceG embeds into G/H × G/K which has cardinality p2, all we have to do isshow that we cannot have |G| = p, which is true because G has two distinctsubgroups of index p.

(ii) Since p is prime, all subgroups of order p are cyclic, so their number is equalto the number of elements of order p in G, divided by φ(p).Moreover, since isomorphisms preserve the order of elements, we may as wellcount elements of order p in Z/pZ × Z/pZ. Clearly, all elements of Z/pZ ×Z/pZ other than the identity have order p, so their number is p2 − 1.We can therefore conclude that G contains (p2 − 1)/φ(p) = p + 1 subgroupsof order p.[[Since Z/pZ × Z/pZ � F

2p as Abelian groups, the number of subgroups of order p in F

2p ,

and therefore in G, is the number of vector subspaces of dimension 1, that is, the number of

lines through the origin in F2p . These are clearly p + 1.]]

174

(i) We first show that Gk is a subgroup of G. We have e = ek ∈ Gk; for allak, bk ∈ Gk we have akbk = (ab)k because G is Abelian, so akbk = (ab)k ∈Gk; finally, ak ∈ Gk implies (ak)−1 = (a−1)k ∈ Gk . Moreover the fact that G

is Abelian implies that Gk is normal in G.Consider the quotient G/Gk and let xGk be one of its elements. We have(xGk)k = xkGk = Gk , so the order of any element in G/Gk is a divisorof k and therefore finite.

(ii) Assuming G ∼= Z/nZ, we have that Gk � 〈[k]n〉 is a cyclic group of orderord([k]n) = n/(n, k). It follows that |G/Gk| = |G|/|Gk| = (n, k).[[We also know that G/Gk must be cyclic because it is a quotient of a cyclic group, so

G/Gk � Z/(n, k)Z.]](iii) Consider the group G = Z/2Z× Z/10Z; we have G10 = {(0, 0)} because for

all (a, b) ∈ G we have 10(a, b) = (10a, 10b) = (0, 0). In this case we clearlyhave G/G10 = G = Z/2Z× Z/10Z.[[More generally, if G = Z/mZ × Z/nZ then we have Gk = {(ka, kb) | (a, b) ∈ G} =Z/(m/(m, k))Z ×Z/(n/(n, k))Z and G/Gk � Z/(m, k)Z × Z/(n, k)Z. It follows that, for

G = Z/mZ × Z/nZ, we have G/G10 ∼= Z/2Z × Z/10Z if and only if (m, 10) = 2 and

(n, 10) = 10.]]

175

(i) Since Z/mZ is cyclic and generated by 1, a homomorphism ϕ : Z/mZ −→Z/nZ is completely determined once one sets ϕ(1) = a for some a suchthat ord(a) |m; the homomorphism ϕ is then given by k −→ ϕ(k) = ka.Since a ∈ Z/nZ, the requirement that ord(a) |m is equivalent to the conditionord(a) | (m, n) = d . The number of homomorphisms is therefore the number ofelements of Z/nZ whose order divides d . There are thus d homomorphisms, allof them of the form ϕ(k) = ka for some a ∈ Z/nZ such that ord(a) | d .

194 3 Solutions

It follows that the image of the map Φ : Hom(Z/mZ,Z/nZ) −→ Z/nZ

given by Φ(ϕ) = ϕ(1) is the subgroup of order d in Z/nZ. In order toshow the desired statement, it is enough to show that Φ is an injectivehomomorphism. The fact that Φ is a homomorphism is clear: for all pairs ϕ1, ϕ2in Hom(Z/mZ,Z/nZ) we have Φ(ϕ1+ϕ2) = (ϕ1+ϕ2)(1) = ϕ1(1)+ϕ2(1) =Φ(ϕ1)+Φ(ϕ2). To show that Φ is injective, remark that Φ(ϕ) = 0 if and onlyif ϕ(1) = 0, that is, if and only if ϕ(k) = k0 = 0 for all k ∈ Z/mZ, which isequivalent to ϕ being the zero homomorphism.

(ii) Since 12 | (360, 420) = 60 = |Hom(Z/360Z,Z/420Z)|, the proof aboveshows that there is a unique subgroup of order 12, which is the one thatcorresponds via the isomorphism Φ to the subgroup of order 12 in Z/420Z,that is, to 〈35〉. The required subgroup thus consists of the homomorphismsϕ : Z/360Z −→ Z/420Z given by ϕ(1) = a with a ≡ 0 (mod 35).

176

(i) Let e ∈ G be the neutral element; (e, e) is the neutral element of G × G andbelongs to Δ. Given (x, x) and (y, y) ∈ Δ, clearly (x, x)(y, y) = (xy, xy) ∈Δ. Finally, given (x, x) ∈ Δ, its inverse in G × G is the element (x−1, x−1),which is again an element of Δ . This shows that Δ is a subgroup of G×G.

(ii) If G is Abelian then G×G is also Abelian, so all of its subgroups are normal.Conversely, assume Δ is normal in G×G; then for all g ∈ G and for all x ∈ G

we have (g, e)(x, x)(g−1, e) = (gxg−1, x) ∈ Δ, which implies that for allg, x ∈ G we have gxg−1 = x, that is, G is Abelian.

(iii) Consider the map ϕ : G×G −→ G given by ϕ(x, y) = xy−1. If G is Abelianthen ϕ is a homomorphism, since ϕ((x, y)(u, v)) = ϕ(xu, yv) = xu(yv)−1 =xuv−1y−1 = xy−1uv−1 = ϕ(x, y)ϕ(u, v). Moreover, ϕ is surjective becausewe have ϕ(x, e) = x for all x ∈ G. Remark that Ker(ϕ) = {(x, y) | xy−1 =e} = Δ; by the fundamental homomorphism theorem, we obtain that (G ×G)/Δ � G.

177

(i) First of all, we have 0 ∈ Gp because p00 = 1 · 0 = 0. Consider x, y ∈ Gp

and k, h ∈ N such that pkx = 0, phy = 0; if we set m = max{k, h} we havepm(x + y) = pmx + pmy = 0 + 0 = 0, so x + y ∈ Gp. Finally, if x ∈ Gp

and pkx = 0 then we also have pk(−x) = −pkx = 0, so −x ∈ Gp. We haveshown that Gp is a subgroup of G.

(ii) If ord(x) = a then kax = 0 for all k ∈ N. Similarly, if ord(y) = b thenhby = 0 for all h ∈ N. So ab(x+ y) = abx+ aby = 0+ 0 = 0, and thereforeord(x + y) | ab.Now assume that s(x + y) = 0, that is, sx = −sy. The left hand side is anelement of the subgroup generated by x, while the right hand side is an elementof the subgroup generated by y. But the intersection of these subgroups is 0, asit must be a subgroup whose order divides both a and b, and thus also divides1 = (a, b). Consequently, we must have sx = 0, so a | s, and sy = 0, so b | s.Since (a, b) = 1, this implies ab | s, so ab | ord(x + y).

4 Groups 195

(iii) One implication is clear: if G is cyclic then all its subgroups are cyclic, andin particular all the groups Gp are cyclic. As for the opposite implication, weshall first show that, if pa is the largest power of p that divides n, then the orderof Gp is pa .By Cauchy’s theorem, the order of Gp must be a power of p. Consider thequotient G/Gp; we show that it cannot contain any elements of order p.Indeed, assume by contradiction that x + Gp ∈ G/Gp is an element of orderp; we have p(x + Gp) = Gp, that is, px = y ∈ Gp, so there is an integer k

such that pky = pk+1x = 0, hence x ∈ Gp. It follows that the coset x+Gp isactually the class of the neutral element in the quotient and therefore has order1, which is a contradiction.Now, since G/Gp does not have any elements of order p, again by Cauchy’stheorem we have that p cannot divide the order of G/Gp. But, since |G| =|Gp| · |G/Gp|, this yields the desired equality |Gp| = pa .Now, let n = p

e11 · · ·pek

k be the prime factorisation of n and let xi ∈ G, fori = 1, . . . , k, be an element of Gpi of order p

ei

i . We show by induction on k

that x1 + · · · + xk has order pe11 · · ·pek

k . If k = 0 there is nothing to prove.Assuming the desired result for k − 1, set x = x1 + · · · + xk−1, y = xk ,a = p

e11 · · ·pek−1

k−1 , b = pek

k . Because of our argument above, the order of x+ y

is ab = n, that is, it is the same as the order of G, which implies that G iscyclic.

178

(i) We start by showing that f + g : G −→ G′ is a homomorphism: we have(f +g)(u+v) = f (u+v)+g(u+v) = f (u)+f (v)+g(u)+g(v) = f (u)+g(u)+f (v)+g(v) = (f+g)(u)+(f+g)(v) because G′ is Abelian. Moreover,the operation (f, g) −→ f + g on Hom(G,G′) is associative because theaddition of G′ is. The neutral element is the homomorphism G � u −→ 0 ∈G′. The additive inverse of a homomorphism G � u −→ f (u) ∈ G′ is themap G � u −→ −f (u) ∈ G′, which one can immediately show to be ahomomorphism.A homomorphism f : G −→ G′ induces two restricted homomorphisms f1 :Z/18Z −→ G′ and f2 : Z/12Z −→ G′ given by f1(x) = f (x, 0) andf2(y) = f (0, y). Conversely, given two homomorphisms f1 : Z/18Z −→ G′and f2 : Z/12Z −→ G′ we can construct a homomorphism G � (x, y) −→f (x, y) = f1(x)+f2(y) ∈ G′. It follows that the set of homomorphisms fromG to G′ is in bijection with Hom(Z/18Z,Z/36Z)×Hom(Z/12Z,Z/36Z) andthus has cardinality 18 · 12 = 216, because 18 = (18, 36) and 12 = (12, 36).

(ii) Suppose f (1, 0) = r and f (0, 1) = s. We must have r = 2r1 and s = 3s1,because the order of r and the order of s must divide 18 and 12, respectively.The homomorphism f is given by f (x, y) = r · x + s · y and is surjective ifand only if there are x, y such that r · x + s · y is a generator of Z/36Z, that is,if and only if there are x, y such that (2r1x + 3s1y, 36) = 1.In order for this to hold, a necessary condition is that 3 � r1 and 2 � s1, asotherwise all numbers of the form 2r1x+3s1y would be multiples of 3 or of 2.

196 3 Solutions

But this condition is also sufficient because, if 3 � r1 and 2 � s1, then 2r1 + 3s1neither divisible by 3 nor by 2, so it is coprime to 36 and thus its residue classmodulo 36 is a generator of Z/36Z.We have shown that the number of surjective homomorphisms is the numberof pairs (2r1, 3s1) ∈ G′ ×G′ such that 3 � r1 and 2 � s1 and is therefore equalto 12 · 6 = 72.

(iii) We have ϕ(a,b)(f + g) = (f + g)(a, b) = f (a, b) + g(a, b) = ϕ(a,b)(f ) +ϕ(a,b)(g), so ϕ(a.b) is a homomorphism. Using the same notation as above, setr = −2 and s = 3; we have that −2 + 3 = 1 is in the image of the homo-morphism. Since 1 is a generator of Z/36Z, the homomorphism is surjective.Finally, by the fundamental homomorphism theorem its image is isomorphic toHom(G,G′)/ Ker(ϕ(1,1)), so we have |Ker(ϕ(1,1))| = |Hom(G,G′)|/|G′| =216/36 = 6.

179

(i) It is clear that the second bullet point implies the first, but we shall prove itindependently for the sake of completeness.Let x1 +H, . . . , xm +H be three cosets of H and let y1 +K, . . . , yn +K bethe cosets of K . Clearly,

G =m⋃

i=1

(xi +H) =n⋃

j=1

(yj +K) =⋃

i=1,...,mj=1,...,n

(xi +H) ∩ (yj +K).

The last expression above is a union of mn subsets; if we showed that eachof them is contained in a single coset of H ∩ K then the desired inequalitywould follow. We shall now prove that, for all i and j and all elements a, b ∈(xi + H) ∩ (yj + K), we have a + H ∩ K = b + H ∩ K . Indeed, we havea − b ∈ H, a − b ∈ K , so a − b ∈ H ∩K , which is equivalent to the claim.

(ii) Consider the map f : G −→ G/H ×G/K given by f (x) = (x +H, x +K),which is a homomorphism because its components are the projections of G

onto G/H and G/K . The kernel of f is {x ∈ G | x ∈ H, x ∈ K} =H ∩ K . By the fundamental homomorphism theorem, f induces an injectivehomomorphism from G/(H∩K) to G/H×G/K , so d = |G/(H∩K)| divides|G/H | · |G/K| = mn.

(iii) The statement is equivalent to showing that the homomorphism f definedabove is surjective if and only if H + K = G. Suppose that H + K = G

and consider an element (a +H, b +K) ∈ G/H ×G/K . By assumption wecan write a− b = h+ k for some h ∈ H , k ∈ K . Now, set g = a− h = b+ k.We have f (g) = (g+H, g+K) = (a+H, b+K), so f is indeed surjective.Conversely, assume that f is surjective; then for all x ∈ G there is g ∈ G suchthat f (g) = (x+H,K). This implies g+H = x+H , that is, x−g = h ∈ H ,and g + K = K , that is, g ∈ K . It follows that x = h + g ∈ H + K , soG ⊆ H +K . The reverse inclusion is clear.

4 Groups 197

180

(i) Given any two cyclic subgroups of G that are isomorphic to Z, say H1 =〈a1/b1〉 and H2 = 〈a2/b2〉, they have the element a1a2 = a2b1 · a1/b1 =a1b2 · a2/b2 in common; this element is nonzero because a1/b1 and a2/b2are nonzero. Therefore, there cannot be a subgroup of G that is isomorphic toZ× Z.

(ii) Take for example the subgroups

Hm = 2mG = {2m a

b| a

b∈ G} with m ≥ 0

and consider the quotients Gm = G/Hm.The coset 1 + Hm has order 2m, because k · 1 ∈ Hm if and only if k is of theform 2ma/b with (b, 10) = 1, that is, if and only if kb is a multiple of 2m.Since (b, 2m) = 1, this is equivalent to the condition that 2m | k.Moreover, every coset a/b+Hm is a multiple of 1+Hm, since if c is an integersuch that cb ≡ a (mod 2m) then c − a/b ∈ Hm, so c(1 + Hm) = c + Hm =a/b +Hm.It follows that Gm is cyclic of order 2m.

(iii) Suppose by contradiction that G has a cyclic quotient of order 3, that is, thatthere is a subgroup H of G such that |G/H | = 3. Every element of G/H musthave an order that divides 3: for all x ∈ G we must have 3(x +H) = H , thatis, 3x ∈ H , so ultimately we get 3G ⊆ H . However, we have 3G = G becausefor all y ∈ G we have y = 3 · y/3 ∈ 3G, hence a contradiction.

181

(i) Assume that G is finite; we shall show that the conditions in the problemstatement are necessary.If f is an injective homomorphism then f (G) � G and, since f (G) is asubgroup of H , we must have that H is finite and that a | b.Now, let b = ac. Suppose by contradiction that (a, c) > 1; then there is aprime p and there are positive integers α, β with α < β such that pα and pβ

are the largest powers of p that divide a and b, respectively. Let Gp � Z/pαZ

and Hp � Z/pβZ be the unique subgroups of G and H of order pα and pβ ,

respectively, and set γ = β − α. We necessarily have that f (Gp) is the uniquesubgroup of Hp of order pα , that is, f (Gp) = pγ Hp. In particular, given agenerator x of Gp, its image f (x) is not a generator of Hp, so f (x) = py forsome y ∈ Hp. But then g ◦ f (x) = pg(y) cannot be a generator of Gp, whichcontradicts the assumption that g ◦ f is an isomorphism.We now show that the conditions are sufficient. If b = ac and (a, c) = 1 thenH � Z/aZ × Z/cZ and f (G) is the unique subgroup of H of order a, thatis, Z/aZ× {0}. Setting g to be the canonical projection of Z/aZ× Z/cZ ontoZ/aZ, we have g ◦ f (G) = G, so g ◦ f is surjective.Since g ◦ f is a surjective map between two sets of the same cardinality it isalso injective, so it is an isomorphism.

198 3 Solutions

(ii) Assume now that G is infinite; first of all, we prove that the condition in theproblem statement is necessary. Remark that there are no injective maps froman infinite set into a finite one, so H must be a cyclic infinite group, that is, itmust be isomorphic to Z. Assume by contradiction that f is not surjective; wewould then have f (1) = k for some k �= ±1. But then g(k) = kg(1) wouldbe divisible by k and so g(k) = g ◦ f (1) �= ±1. It follows that the map g ◦ f

would send the generator 1 of Z to an element that is not a generator, so themap would not be an isomorphism.Let us now show that the condition is sufficient. If H � Z then without loss ofgenerality we can assume G = H = Z, f (x) = ±x and, setting g(x) = ±x,we have that g ◦ f (x) = x is an isomorphism.

182 Given a subgroup H of a group G, we shall call intermediate between H andG any subgroup L such that H � L � G.

(i) The projection G � gπ−→ gK ∈ G/K induces an inclusion-preserving

bijection between the set of subgroups of G that contain K and the set ofsubgroups of G/K . Since the subgroups of G that contain M also contain K ,there is an intermediate subgroup between M and G if and only if there is anintermediate subgroup between M/K and G/K , hence the conclusion.

(ii) Suppose by contradiction that the statement does not hold, that is, that G hassubgroups that are not contained in any maximal subgroup. Let H be such asubgroup of G. Since the order of G is finite, we can assume that H is ofmaximal order among all such subgroups.Since H cannot be maximal, there is an intermediate subgroup L between H

and G. But |L| > |H | and so L must be contained in a maximal subgroup M ,hence H ⊆M , which contradicts our assumption.

(iii) We shall use the statement we proved above and the fact that all subgroups ofan Abelian group are normal.If [G : K] = p is a prime then K/K is a maximal subgroup of G/K ∼= Z/pZ

because the only subgroups of a group of order p are the trivial subgroup andthe group itself.If [G : K] = |G/K| = m is not prime then, given a prime p that divides m,by Cauchy’s theorem there is a cyclic subgroup of order p in G/K , which isclearly intermediate between K/K and G/K . But then there is an intermediatesubgroup between K and G, so K is not maximal.

183

(i) The group Z/12Z is a cyclic group of order 12 generated by 1. We know thata homomorphism ϕ : Z/12Z −→ Z/4Z × S3, since Z/12Z is a cyclic group,is completely determined by the image of 1, which only needs to satisfy thecondition ord(ϕ(1)) | ord(1) = 12. Therefore, the image of 1 can be anyelement whose order is a divisor of 12 in Z/4Z× S3.The elements of the group Z/4Z × S3 are the pairs (a, σ ), where a ∈ Z/4Zand σ ∈ S3. We know that ord(a, σ ) = [ord(a), ord(σ )]. But ord(a) | 4 and

4 Groups 199

ord(b) | 6, so ord(a, σ ) | [4, 6] = 12. We can therefore choose any element ofZ/4Z× S3 to be the image of 1, hence there are 24 homomorphisms in total.The homomorphism ϕ is injective if and only if ord(ϕ(1)) = ord(1) = 12;counting injective homomorphisms is the same as counting elements of order12 in Z/4Z× S3. The order of an element in Z/4Z can be 1, 2 or 4, while theorder of an element in S3 can be 1, 2 or 3. Consequently, a pair (a, σ ) has order12 if and only if ord(a) = 4 and ord(σ ) = 3. Since Z/4Z contains φ(4) = 2elements of order 4, namely, 1 and 3, and S3 contains two elements of order3, namely, the 2 three-cycles (123) and (132), there are 2 · 2 = 4 injectivehomomorphisms in total.

(ii) Because of our previous remarks, a homomorphism ϕ is completely determinedby the image of 1. Let ϕ(1) = (a, σ ); we have ϕ(10) = 10ϕ(1) = (10a, σ 10).It follows that the order of ϕ(10) is equal to 3 if and only if we have[ord(10a), ord(η10)] = 3. Since the order of an element in Z/4Z is 1, 2 or4 and the order of an element in S3 is 1, 2 or 3, in order for the order of ϕ(10)

to be 3 we must have ord(10a) = 1 and ord(σ 10) = 3.Now, we have 10a ≡ 0 (mod 4) if and only if 2a ≡ 0 (mod 4), that is, a ≡ 0(mod 2). The two solutions of this equation are a = 0, 2. As for σ ∈ S3, remarkthat ord(σ 10) = 3 implies 3 | ord(σ ) and, since σ �= e, the element σ must beone of the 2 three-cycles of S3, which clearly satisfy ord(σ 10) = 3.It follows that the homomorphisms ϕ such that ord(ϕ(10)) = 3 are exactlythose that send 1 to an element (a, σ ) with a = 0 or a = 2 and σ = (123) orσ = (132). That is, there are four such homomorphisms.

184

(i) By the Chinese remainder theorem, since 1000 = 8 · 125 and (8, 125) = 1, weknow that

(Z/1000Z)∗ ∼= (Z/8Z)∗ × (Z/125Z)∗.

Therefore, the group G has a subgroup isomorphic to (Z/8Z)∗. Since(Z/8Z)∗ = {±1,±3} � Z/2Z × Z/2Z is not cyclic, G itself cannot becyclic, because every subgroup of a cyclic group is cyclic.

(ii) Clearly, the identity belongs to H , because it has order 1 = 20. Given g, h ∈ H ,letting 2a = max{ord(g), ord(h)}, we have (gh)2a = g2a

h2a = e, so the orderof gh is a power of 2 as it divides 2a . It follows that gh ∈ H . Since H is finite,this is enough to show that H is a subgroup of G.Let us now compute the order of H . By Lagrange’s theorem, |H | divides |G| =φ(1000) = 24 · 52. Moreover, since the order of every element in H is a powerof 2, by Cauchy’s theorem 2 is the only prime divisor of the order of H , so |H |divides 24. We now show that |H | = 24 by arguing that |G/H | = 24 · 52/|H |is odd.Indeed, if |G/H | were even, Cauchy’s theorem would yield a coset gH oforder 2 in G/H , that is, such that gH �= H and (gH)2 = H , or equivalentlythat g �∈ H and g2 ∈ H . But this is not possible, because it would imply that

200 3 Solutions

the order of g2 is a power of 2, and so the order of g would be a power of 2 andg would belong to H . This concludes the proof that |H | = 24.

(iii) It is enough to show that (Z/125Z)∗ contains an element of order 25, that is,that there are solutions of the congruence x25 ≡ 1 (mod 125) that are notsolutions of x5 ≡ 1 (mod 125). For example, set x = 6 ∈ Z/125Z; we havex25 = (1 + 5)25 ≡ 1 + 25 · 5 ≡ 1 (mod 125), whereas x5 = (1 + 5)5 ≡1 + 5 · 5 = 26 �≡ 1 (mod 125) and so x does not satisfy x5 ≡ 1 (mod 125).We have thus shown that the order of x is 25.We know that |G/H | = 25; in order to show that G/H is cyclic, it is enoughto remark that, letting x = 6, the coset xH has order 25 in G/H . Let d =ord(xH) be the smallest positive integer such that xd ∈ H . By the definition ofH , the order of every element in H is a power of 2, so ord(xd) = 25/(d, 25) =2k for some k. But this is possible only if k = 0 and d = 25.

185

(i) Since G is Abelian, for all g, h ∈ G we have gkhk = (gh)k , so the mapϕk : G −→ G given by ϕk(g) = gk is a group homomorphism and we haveGk = ϕk(G). Since the image of a homomorphism is always a subgroup, Gk

is a subgroup of G.

(ii) Again, consider the homomorphism G � gϕk−→ gk ∈ G. We have Gk = G

if and only if ϕk is surjective; since G is finite, this is equivalent to ϕk beinginjective. We therefore need to identify the values of k for which Ker(ϕk) ={e}.First, let us suppose that (n, k) > 1. Let p be a prime that divides (n, k); byCauchy’s theorem, there is an element g of order p in G, and since k = pd forsome integer d we have gk = (gp)d = e, so the kernel of ϕk is nontrivial andthe homomorphism is not surjective.Now suppose that (n, k) = 1. We have gk = e if and only if the order ofg divides k, but since k must also divide the order of the group n, the onlypossibility is g = e. So ϕk is injective and surjective. In conclusion, Gk = G

if and only if (k, n) = 1.(iii) Consider for example G = Z. Clearly, Gk is the subgroup kZ of all multiples

of k. But then 1 is not an element of Gk for any k > 1, so Gk �= G for allk > 1.[[Another easy example is given by the multiplicative group Q

∗, where 2 �∈ Q∗k if k > 1, as

one can show by generalising the proof of the fact that√

2 �∈ Q.]](iv) Consider the additive group Q of rational numbers: for all k ≥ 1 and for all

rationals a/b we have

a

b= k

a

kb∈ kQ,

so kQ = Q.[[One can give other examples by letting G be the set of all roots of unity or the set of

points of the unit circle in C (that is, complex numbers of modulus 1), endowed with the

5 Rings and Fields 201

multiplication of C∗. In both cases it is easy to show that G is a group and that every g ∈ G

is a square of some element of G, the cube of some element of G, the fourth power of some

element of G, and so on. ]]

186

(i) The order of G is 3·6 = 18, so by Lagrange’s theorem the order of any subgroupof G must divide 18.On the other hand, if H is a subgroup of Z/3Z and K is a subgroup of S3then H × K is a subgroup of G of order |H | · |K|. We can take H to bethe trivial subgroup, which has one element, or the group Z/3Z, which hasthree. The group S3 has a one-element subgroup (the trivial subgroup), a two-element subgroup (any subgroup generated by a transposition), a three-elementsubgroup (generated by a three-cycle) and a six-element subgroup (the wholegroup S3). We can therefore choose K of order 1, 2, 3 and 6. This allows us toconclude that we can construct a subgroup of G of order d for all divisors d of18.

(ii) In order to find the number of cyclic subgroups of some fixed order n, wecount the elements of order n and divide the result by φ(n). This is becauseevery cyclic subgroup of order n contains φ(n) elements of order n, and if twosubgroups have an element of order n in common then, since that element is agenerator for both, they must coincide.Each element of G has an order that divides 6, since the order of a pair in adirect product is the least common multiple of the orders of its components. Itfollows that there cannot be any cyclic subgroups of order 9 or 18.The elements of order 2 are those of the form (0, σ ) where σ is one of thetranspositions (12), (13), (23) in S3. There are therefore 3 = 3/φ(2) cyclicsubgroups of order 2.The elements of G whose order is 3 are those of the form (a, σ ) �= (0, e), wherea = 0, 1, 2 and σ is one of the 2 three-cycles (123) and (132), or the neutralelement. We therefore have 3 · 3 − 1 = 8 elements of order 3 in total, hence4 = 8/φ(3) cyclic subgroups of order 3.Finally, there are 3 cyclic subgroups of order 6: there 6 elements of order 6,namely, the elements of the form (a, σ ), where a = 1, 2 and σ is one of thethree transpositions of S3, and we have φ(6) = 2.In conclusion, G has 1+ 3+ 4+ 3 = 11 cyclic subgroups.

5 Rings and Fields

187 First of all, let us factor f (x) as a product of irreducible polynomials. One cancheck, using Ruffini’s theorem, that f (x) is divisible by both x−2 and x−3, henceby their product. By performing the division we obtain

f (x) = (x − 2)(x − 3)(x2 − x + 3)

202 3 Solutions

where the last factor, which is of degree 2 and has no roots in F7, is irreducible.Elements of F7[x]/(f (x)) can be written in the form g(x), where g(x) is apolynomial of degree at most 3. The element g(x) is a zero divisor if and only if(g(x), f (x)) �= 1 and is invertible if and only if (g(x), f (x)) = 1.

The set of zero divisors is therefore the union of the sets of multiples of x − 2,multiples of x−3, and multiples of x2−x+3. The multiples of degree at most 3 ofa polynomial of degree d are as many as the polynomials of degree at most 3 − d ,that is, 74−d . By the inclusion-exclusion principle, this implies that the number ofzero divisors is

73 + 73 + 72 − 72 − 7− 7+ 1 = 673.

By the remark above, x + 1 is invertible. In order to find its inverse, note that

0 = x4 + x3 − 3 = x + 1 · x3 − 3.

We therefore have x + 1 · x3 = 3, hence x + 1 · 5x3 = 1, and so 5x3 is the inverseof x + 1.

188 First of all, remark that x4−25 = (x2−5)(x2+5) and that the two polynomialsx2 − 5 and x2 + 5 are irreducible in Q[x], because their degree is 2 and they haveno rational roots.

The splitting field of x4−25 over Q is F = Q(√

5,√−5). Since [Q(

√5) : Q] =

[Q(√−5) : Q] = 2 and

√−5 /∈ Q(√

5) (because√−5 /∈ R whereas Q(

√5) ⊆ R),

we have [F : Q] = 4. Moreover, a basis of F as a vector space over Q is given by1,√

5,√−5,

√−25 = 5i, or alternatively simply by 1,√

5, i, i√

5.Let K be the splitting field of fm(x) = (x2 − m)(x4 − 25). If m is of the form

±n2 or of the form ±5n2 for some n ∈ N, then√

m = ±n,±in,±√5n,±i√

5n

belongs to F, so K = F has degree 4 over Q.Assume now that m is not of one of the two forms in the previous paragraph.

The field K contains both√

m and i√

m: therefore, it contains√|m|, where |m| �=

n2, 5n2. Let us show that√|m| /∈ F. If we had

√|m| ∈ F we would have√|m| =

a + b√

5+ ci + di√

5 for some a, b, c, d ∈ Q.Since

√|m| ∈ R, we must have c = d = 0, and therefore√|m| = a + b

√5.

Taking the square of both sides, |m| = a2 + 5b2 + 2ab√

5, hence

{ |m| = a2 + 5b2

2ab = 0

because 1 and√

5 are linearly independent over Q.The second equation implies that a = 0 or b = 0. If a = 0 then |m| = 5b2 and if

b = 0 then |m| = a2, contradicting our assumptions on n.We can thus conclude that, if m is neither of the form±n2 nor of the form±5n2

for any n ∈ Z, then K = F(√|m|) and

√|m| /∈ F, so [K : Q] = 8.

5 Rings and Fields 203

189

(i) The polynomial f (x) is irreducible in Q[x]: its degree is 3, so it is irreducible ifand only if it has no rational roots; since any rational root must have a numeratorthat divides the constant coefficient and a denominator that divides the leadingcoefficient, it is enough to check that f (±1) �= 0. We thus have [Q(α) : Q] = 3.Clearly, 1/(α+ 2) ∈ Q(α) and α ∈ Q(1/(α+ 2)), so Q(1/(α+ 2)) = Q(α). Itfollows that the minimal polynomial of 1/(α + 2) over Q has degree 3.Set β = α + 2 and γ = 1/β = 1/(α + 2). Since α is a root of f (x) we havethat β is a root of f (x − 2) = (x − 2)3− 3(x− 2)+ 1 = x3− 6x2+ 15x− 15,that is, β3 − 6β2 + 15β − 15 = 0. Multiplying by on both sides 1/(15β3) �= 0yields

γ 3 − γ 2 + 2

5γ − 1

15= 0,

so γ is a root of the monic polynomial with rational coefficients

x3 − x2 + 2

5x − 1

15.

Since this polynomial has degree 3, it must be the minimal polynomial of γ

over Q.(ii) Suppose β is a common root of f (x) and g(x) in an algebraic closure of Fp.

The fact that β2 = 2 implies that β3 + 3β − 1 = 5β − 1 = 0, so 5β = 1 and1 = (5β)2 = 25β2 = 25 · 2 = 50. But 1 = 50 implies p | 50− 1 = 49, that is,p = 7. Conversely, if p = 7 then we have the common root β = 3.

190

(i) First of all, remark that f (x) is irreducible in Z[x] by Eisenstein’s criterionfor the prime 2. By Gauss’s lemma, f (x) is then irreducible in Q[x]. We haveα6+ 2 = −4α3 and, by taking the square of both sides, α12+ 4α6+ 4 = 16α6,so α2 is a root of the polynomial g(x) = x6 − 12x3 + 4.Let us show that g(x) is irreducible. Since Q(α2) ⊆ Q(α) and [Q(α) :Q(α2)] ≤ 2, we have that [Q(α2) : Q] = 3, 6, so it is enough to check thatg(x) does not factor as the product of two polynomials of degree 3.By Gauss’s lemma, we may assume by contradiction that g(x) = p(x)q(x) forsome monic polynomials p and q of degree 3 with integer coefficients.Considering the reduction modulo 2 of the equality above, we necessarily havethat p = q = x3, so all coefficients of p and q except for the leading coefficientmust be even. In particular, the constant coefficients must both be equal to 2or both be equal to −2. If we write p(x) = x3 + ux2 + vx ± 2, q(x) =x3 + u′x2 + v′x ± 2 and equate the corresponding coefficients of g(x) andp(x)q(x) we immediately obtain that u′ = −u, v′ = −v (from the terms of

204 3 Solutions

degree 5 and 1) and u2 = v2 = 0 (from the terms of degree 4 and 2), hence acontradiction.We thus have Q(α2) = Q(α) and so Q(1/α2) = Q(α2) has degree 6 over Q.Since 4(1/α2)6 − 12(1/α2)3 + 1 = 0, the minimal polynomial of 1/α2 over Qis

h(x) = x6 − 3x3 + 1

4.

(ii) If we consider the coefficients as elements of F7, we have f (x) = (x3−1)(x3−2). We can check for roots of the degree 3 factors and obtain that x3 − 1 =(x − 1)(x − 2)(x − 4), while x3 − 2 is irreducible. Since the least commonmultiple of the degrees of the irreducible factors of f (x) is 3, the splitting fieldof f (x) is F73.

191 We have f (x) = x6 − 4 = (x3 + 2)(x3 − 2). Note that α is a root of the firstfactor if and only if −α is a root of the second factor, so the splitting field of f (x)

is the same as the splitting field of g(x) = x3 − 2.The polynomial g(x) is irreducible in Q[x] by Eisenstein’s criterion; it has one

real root, namely, 3√

2, and two complex conjugate roots. The degree of the splittingfield K of g(x) over Q is at most 3! = 6 and is a multiple of [Q(

3√

2) : Q] = 3.Moreover, it cannot be 3 because Q(

3√

2) ⊆ R and K �⊆ R, so [K : Q] = 6.The polynomial g(x) does not have multiple roots in F11, because its roots

are nonzero and g′(x) = 3x2 is zero only for x = 0. The multiplicative groupF∗11 is cyclic and has ten elements. Since (3, 10) = 1, the map x −→ x3 is an

isomorphism. In particular, it is bijective. It follows that there is a unique element a

such that a3 = 2, that is, a unique root of g(x) in F11, which is simple. Therefore,the irreducible factors of g(x) are a polynomial of degree 1 and a polynomial ofdegree 2, so the degree of the splitting field of g(x) over F11 is 2.

192 Given a root α of f (x) = x6+ 1, we have α6 = −1 and α12 = 1, so the orderord(α) of α in F

∗p is a divisor of 12.

If ord(α) = 1, then 16 + 1 = 0 and so p = 2.Assume now that p �= 2: we have−1 �= 1 in Fp, so ord(α) � 6. We thus have the

two possibilities ord(α) = 4 and ord(α) = 12. But, if there exists α ∈ Fp of order 4then α is a root of the polynomial x2+ 1 = (x4− 1)/(x2− 1), which divides f (x),so α is also a root of f (x). Similarly, if there exists α ∈ Fp of order 12 then α is aroot of the polynomial f (x) = (x12 − 1)/(x6 − 1).

So f (x) has a root in Fp if and only if F∗p, which is a cyclic group of order

p − 1, contains an element of order 4 or an element of order 12, that is, if and onlyif 4 |p − 1 or 12 |p − 1. Since the second condition implies the first, the primessatisfying these requirements are 2 and all primes p with p ≡ 1 (mod 4).

5 Rings and Fields 205

193

(i) By using the fact that α is a root of f (x) = x4 − 2x3 + x − 1, we obtain that

α4 − 2α3 + α = 1

(α4 − 2α3 + α)2 = α8 − 4α7 + 4α6 + 2α5 − 4α4 + α2 = 1

α2(α6 − 4α5 + 4α4 + 2α3 − 4α2 + 1) = 1.

It follows that g(x) = x6−4x5+4x4+2x3−4x2+1 has the required property.[[The polynomial g(x) given above is not an example with minimal degree: we have

1/α2 ∈ Q(α) and every element of Q(α) can be expressed as a polynomial in α with integer

coefficients of degree ≤ 3.]](ii) The polynomial f (x) is irreducible in Q[x]. In order to show this, by Gauss’s

lemma it is enough to show that it is irreducible in Z[x]. By reducing modulo 2,we find that the polynomial x4+ x+ 1 is irreducible in F2[x], because it has noroots in F2 and is not the square of the unique irreducible polynomial of degree2 with coefficients in F2, namely, x2 + x + 1. So f (x) is irreducible in Z[x].Therefore, f (x) is the minimal polynomial of α, we have [Q(α) : Q] = 4 and,since β = α2 + kα ∈ Q(α), d = [Q(β) : Q] is a divisor of 4.The degree d cannot be 1, otherwise we would have β ∈ Q and α would be theroot of a polynomial with rational coefficients of degree 2 < 4.We have d = 2 if and only if there are rationals a, b such that β2+ aβ+ b = 0,that is,

α4 + 2kα3 + (k2 + a)α2 + kaα + b = 0.

This is the case if and only if x4 + 2kx3 + (k2 + a)x2 + kax + b is a multipleof f (x). Since both polynomials are monic and have the same degree, this isequivalent to 2k = −2, k2 + a = 0, ka = 1, b = 1, that is, k = −1, a = −1,b = 1.In conclusion, the degree [Q(α2 + kα) : Q] is 2 for k = −1 and 4 for all othervalues of k.

194 First of all, remark that f (x) = x4 + 2x2 + 2 is irreducible over Q byEisenstein’s criterion for the prime 2, so [Q(α) : Q] = 4.

The minimal polynomial of α2 is x2+2x+2, because it is monic, has α2 as a rootand is irreducible. So the minimal polynomial of α2+1 is (x−1)2+2(x−1)+2 =x2 + 1.

The polynomial (x−2)4+2(x−2)2+2 = x4−8x3+26x2−40x+26 has α+2as a root, so its reciprocal polynomial 26x4 − 40x3 + 26x2 − 8x + 1 has 1/(α + 2)

as a root.

206 3 Solutions

Remark that Q(1/(α + 2)) = Q(α + 2) = Q(α); therefore, the minimalpolynomial of 1/(α + 2) has degree 4. We can thus conclude that this minimalpolynomial is

x4 − 20

13x3 + x2 − 4

13x + 1

26.

195 The polynomial x3 − 2 is irreducible in Q[x] because its degree is 3 and it

has no rational roots. Its roots in C are 3√

2,3√

2ζ,3√

2ζ 2, where ζ = −12 +

√−32 is a

primitive third root of unity.

K = Q(3 2, 4 3, i)

Q(3√2, 4

√3) ⊆ R

Q(3√2)

3

Q(4√3)

4

The polynomial x4 − 3 is irreducible overQ by Eisenstein’s criterion for the prime 3and by Gauss’s lemma, and its roots in C are4√

3, i4√

3,− 4√

3,−i4√

3. It is easy to check that thesplitting field of f (x) = (x3 − 2)(x4 − 3) over Qis thus K = Q(

3√

2,4√

3, i).We know that [Q(

3√

2) : Q] = 3 and that [Q(4√

3) :Q] = 4, so 12 = [3, 4] divides [Q(

3√

2,4√

3) :Q] ≤ 12. It follows that [Q(

3√

2,4√

3) : Q] = 12.Moreover, [K : Q(

3√

2,4√

3)] = 2 because K isobtained by adding i to the real field Q(

3√

2,4√

3).In conclusion, [K : Q] = 24.

In F3 we have f (x) = (x − 2)3x4, so the splitting field is F3 itself. In F11the polynomial x3 − 2 factors as the product of a polynomial of degree 1 andan irreducible polynomial of degree 2: to see this, it is enough to remark that theendomorphism of F∗11 given by a → a3 is an automorphism. On the other hand,x4 − 3 factors as (x2 − 5)(x2 + 5) so, independently of whether these factors areirreducible or not, the least common multiple of the degrees of the irreducible factorsof f (x) is 2. The splitting field of f (x) is therefore F112 .

196

(i) A simple calculation yields α2 − 4 = 2i√

5, so (α2 − 4)2 = −20, that is,α4 − 8α2 + 36 = 0. So α is a root of the polynomial f (x) = x4 − 8x2 + 36.The polynomial f (x) is irreducible in Q[x]: it has α and α = √5 − i as rootsand, since its monomials all have even degree, −α = −√5 − i and −α =−√5+ i are also roots f (x).It follows that f (x) has no rational roots and that it has no factors of degree 2with rational coefficients, because its degree 2 factors with real coefficients are(x−α)(x−α) = x2−2

√5x+6 and (x+α)(x+α) = x2+2

√5x+6, which

are not in Q[x]. So f (x) is the minimal polynomial of α.

5 Rings and Fields 207

(ii) The splitting field of f (x) over Q is K = Q(α, α,−α,−α).

K = Q( 5, i)

2

Q(√5) ⊆ R

2

One can immediately check that K = Q(√

5, i): clearly,K ⊆ Q(

√5, i), and moreover

√5 = (α + α)/2, i = (α −

α)/2 ∈ K. Remark that [Q(√

5) : Q] = 2 because x2−5 isirreducible by Eisenstein’s criterion and has

√5 as a root.

Moreover, [Q(√

5)(i) : Q(√

5)] = 2 because i is a root ofx2 + 1, but Q(

√5) ⊆ R and i �∈ R. Therefore, [K : Q] =

[Q(√

5)(i) : Q(√

5)][Q(√

5) : Q] = 2 · 2 = 4.

In F7[x] we have f (x) = x4 − x2 + 1 = (x2 − 3)(x2 − 5). Since the squaresin F7 are 0, 1, 2, 4, the polynomials x2 − 3 and x2 − 5 are irreducible, so thesplitting field of f (x) is F72 .

197 The polynomial f (x) = x4 − x − 1 is irreducible in F2[x]: it has no rootsbecause it is not zero when evaluated at the classes of 0 and 1, and it is not theproduct of irreducible factors of degree 2 because it is not the square of x2 + x + 1,which is the unique irreducible polynomial of degree 2 in F2[x]. It follows thatf (x) is irreducible in Z[x] and hence, by Gauss’s lemma, in Q[x]. We can thereforeconclude that f (x) is the minimal polynomial of α over Q and that [Q(α) : Q] = 4.

Since Q(α) = Q(2α − 1), the minimal polynomial of 2α − 1 over Q has degree4. So the polynomial g(x) = 24f ((x + 1)/2) = x4 + 4x3 + 6x2 − 4x − 23, whichhas 2α−1 as a root, is monic and has degree 4, is the minimal polynomial of 2α−1.

Let β = α2; we have Q ⊆ Q(β) ⊆ Q(α) and we can easily compute β2 = α +1, β3 = α3 + α2 and β4 = α2+ 2α+ 1. Since 1, α, α2, α3 are linearly independentover Q, it is immediate to check that 1, β, β2, β3 must be as well. In particular, β

has degree 4 over Q.Now, from α4 − 1 = α, by squaring both sides, we get α8 − 2α4 + 1 = α2, that

is, β is a root of the polynomial h(x) = x4 − 2x2 − x + 1. Since h(x) is monic ofdegree 4, it is the minimal polynomial of β.

198 Since the polynomial f (x) = x4 − 6x2 − 3 gives a biquadratic equation, onecan compute the roots of f (x) by means of the quadratic formula and find that they

are±√

3± 2√

3. The splitting field of f (x) over Q is therefore K = Q(√

3+ 2√

3,√3− 2

√3), and [K : Q] = [K : Q(

√3+ 2

√3)][Q(

√3+ 2

√3) : Q].

K = Q( 3 + 2 3, 3 − 2 3)

Q( 3 + 2√3) ⊆ R

The polynomial f is irreducible inZ[x] by Eisenstein’s criterion for theprime 3, so by Gauss’s lemma it is alsoirreducible in Q[x]. It is therefore theminimal polynomial of its roots; in par-

ticular, [Q(√

3+ 2√

3) : Q] = 4.

Moreover, remark that 3 − 2√

3 = (√

3− 2√

3)2 ∈ Q(√

3− 2√

3) and that√3− 2

√3 �∈ Q(

√3+ 2

√3), because

√3− 2

√3 �∈ R and Q(

√3+ 2

√3) ⊆ R.

It follows that [K : Q(√

3+ 2√

3)] = 2, so [K : Q] = 8.

208 3 Solutions

In F13[x] we have f (x) = (x2 − 8)(x2 + 2) and the two factors are irreduciblebecause 8 and −2 are not squares in F13. The splitting field of f (x) over F13 istherefore F132 and we have [F132 : F13] = 2.

199

(i) By taking the square of α we obtain that α2−2 = √7, hence α4−4α2−3 = 0,so α is a root of the polynomial f (x) = x4 − 4x2 − 3. If we show that f (x) isirreducible in Q[x] we find that it is the minimal polynomial of α and therefore[Q(α) : Q] = 4.Since the polynomial f (x) gives a biquadratic equation, it is easy to compute its

roots, namely,±√

2±√7, which are not rational: if ±√

2±√7 were rational,then by taking its square we would have that

√7 is rational, but this is of course

not the case. Moreover, ±√

2+√7 are real whereas ±√

2−√7 are non-realcomplex conjugates.If f (x) were the product of two irreducible polynomials of degree 2, one of the

two factors would have to be (x−√

2−√7)(x+√

2−√7), whose coefficientsare not rationals (its constant coefficient, for example, is −2+√7 �∈ Q).

(ii) Let K be the splitting field of f (x) over Q.

K = Q( 2 + 7, 2 − 7)

Q( 2 + √7) ⊆ R

4

By our previous remarks, we have

K = Q(√

2+√7,√

2−√7) so [K :Q] = [K : Q(α)][Q(α) : Q]. Notethat [K : Q(α)] = 2: we have K =Q(α)(

√2−√7) and (

√2−√7)2 = 2−√

7 ∈ Q(α), and moreover since K is notreal it cannot coincide with Q(α), whichis contained in R. It follows that [K :Q] = 8.

200

(i) By taking the square of both sides of the equation defining α we get α2 =2 + i

√2, hence α2 − 2 = i

√2. Squaring again, we have α4 − 4α2 + 4 = −2

and so α is a root of the polynomial h(x) = x4 − 4x2 + 6.By Eisenstein’s criterion for the prime 2, h(x) is irreducible in Z[x] and thus,by Gauss’s lemma, in Q[x]. Since it is monic, h(x) is the minimal polynomialof α over Q.From the expression above, we get that α2 is a root of p(x) = x2 − 4x + 6. Itfollows that the polynomial q(x) = p(x − 1) = (x − 1)2 − 4(x − 1) + 6 =x2−6x+11 has α2+1 as a root. The polynomial q(x) is monic and irreduciblein Q[x] (its roots are not real, so they are not rational). It follows that q(x) isthe minimal polynomial of α2 + 1 over Q.

(ii) From h(α) = 0 we obtain (α2 + 2α)(α2 − 2α) = α4 − 4α2 = −6, hence(α2 + 2α)−1 = −(α2 − 2α)/6.Consequently, the polynomial f (x) = −(x2 − 2x)/6 satisfies the requiredcondition.

5 Rings and Fields 209

201 The splitting field of a polynomial of the form xn − a over a field K ofcharacteristic zero, or of (positive) characteristic coprime to n, is given by F =K(α, ζ ), where α is an nth root of a and ζ is a primitive nth root of 1.

K = Q(4 2, i)

Q(4√2) ⊆ R

4

In our case, we can choose α = 8√

4 = 4√

2 and ζ =e2πi/8 =

√2

2 (1 + i). Since α is a root of the polynomialx4 − 2, which is irreducible in Q[x] by Gauss’s lemmaand Eisenstein’s criterion for the prime 2, we have [Q(α) :Q] = 4. Remark that Q(α) ⊆ R and ζ is not real, soQ(α) �= F, that is, [F : Q(α)] > 1. Moreover,

√2 = α2 ∈

Q(α) so F ⊆ Q(α, i). The imaginary unit i is a root of thepolynomial x2 + 1 ∈ Q(α)[x], so [F : Q(α)] ≤ [Q(α, i) :Q(α)] ≤ 2.

It follows that [F : Q] = [F : Q(α)][Q(α) : Q] = 2 · 4 = 8.Over K = F3 we can write the polynomial as x8−1, so its splitting field is F3(ζ ).

A field F3n contains ζ if and only if its multiplicative group F∗3n , which is cyclic and

has order 3n − 1, contains a subgroup of order 8, that is, if and only if 8 | 3n − 1.The least n for which this holds is n = 2; therefore, the splitting field in question isF9 and has degree 2 over F3.

202 The polynomial f (x) = x4 + 26 is irreducible in Q[x] by Gauss’s lemma,because it is irreducible in Z[x] by Eisenstein’s criterion for the prime 2. Therefore,given a complex root α of f (x) and letting K = Q(α), we have [K : Q] = 4. Theroots of f (x) are ±α,±iα, so the splitting field of f (x) over Q is F = K(i). Sincei has degree 2 over Q, we have [F : K] ≤ 2.

F = Q( 4 −26, i)

E(i) K = Q( 4√−26)

Q(i)

2

E = Q(√−26)

2

Now consider β = i√

26; let E =Q(β) and set α = ±√β. Clearly, [E :Q] = 2 and [K : E] = 2. Remarkthat E �= Q(i) = Q(

√−1). This isbecause two extensions of the same fieldobtained by adding the square roots oftwo elements coincide if and only if theproduct of the two elements is a squarein the field, whereas (−1)(−26) = 26 isnot the square of a rational number. Con-sequently, both K and E(i) are quadraticextensions of E.

By the same argument, K and E(i) are distinct, since (−1)(i√

26) is not a square inE: a square root of−i

√26 is a root of f (x), so it has degree 4 over Q and therefore

cannot belong to E. So i �∈ K and thus [F : Q] = [F : K][K : Q] = 2 · 4 = 8.As for the splitting field of f (x) over a finite field, its degree is given by the least

common multiple of the degrees of the irreducible factors of f (x) over the field inquestion.

In F5[x] we have x4 + 26 = x4 − 4 = (x2 − 2)(x2 + 2), with the degree 2factors being irreducible because they have no roots in F5. Therefore, the degree ofthe splitting field over F5 is 2.

210 3 Solutions

In F7[x] we have x4 + 26 = x4 − 9 = (x2 + 3)(x2 − 3) = (x2 − 4)(x2 − 3) =(x+2)(x−2)(x2−3), and the degree 2 factor is irreducible because it has no rootsin F7. Therefore, the degree of the splitting field over F7 is 2.

203 We have f (x) = x6 − 12x3 + 27 = (x3 − 3)(x3 − 9).

K = Q(3 3, ζ )

Q(3√3) ⊆ R

3

The polynomial x3 − 3 is irreducible in Z[x] by Eisen-stein’s criterion for the prime 3; it is therefore irreduciblein Q[x] bu Gauss’s lemma. Denote by K the splitting fieldof x3 − 3. We have K = Q(

3√

3, ζ ), where ζ is a primitivethird root of 1. The fact that x3 − 3 is irreducible impliesthat [Q(

3√

3) : Q] = 3. Since we have Q(3√

3) ⊆ R and ζ

is not real, the degree of K over Q must be strictly greaterthan 3. Finally, since this degree is at most 3! = 6, we findit must be 6.

Similarly, the splitting field F of the polynomial x3 − 9 is Q(3√

9, ζ ). However,

we have 3√

9 = 3√

32 ∈ K and ζ ∈ K, so F ⊆ K. In conclusion, the splitting field of

f (x) over Q is equal to K and therefore has degree 6 over Q.In F5[x]we have f (x) = (x3−3)(x3−9) = (x−2)(x2+2x−1)(x+1)(x2−x+1)

because 23 ≡ 3 and (−1)3 ≡ 9 (mod 5). Moreover, x2 + 2x − 1 and x2 − x + 1are irreducible because they have no roots in F5.

Therefore, the degree of the splitting field of f (x) over F5 is 2, that is, the leastcommon multiple of the degrees of the irreducible factors of f (x).

204 By taking the square of α =√

2+√3 we obtain α2 = 2 + √3, henceα2 − 2 = √3; squaring again yields α4 − 4α2 + 4 = 3. It follows that α is a root ofthe polynomial f (x) = x4 − 4x2 + 1.

Remark that applying the same procedure to β =√

2−√3 yields the samepolynomial f (x), so the roots of f (x) are ±α and ±β.

The factorisation of f (x) in C[x] is therefore (x − α)(x + α)(x − β)(x + β).Since the squares of ±α and ±β are clearly irrational, the numbers±α and ±β arethemselves irrational; therefore, f (x) has no factors of degree 1 in Q[x].

If f (x) were the product of factors of degree 2, the factor having α as a rootwould have to be one of the following: (x−α)(x+α), (x−α)(x−β), (x−α)(x+β).

The first of the polynomials above does not have rational coefficients becauseα2 is irrational. The second does not have rational coefficients because (α + β)2 =(√

2+√3 +√

2−√3)2 = 6, so α + β �∈ Q. Finally, the third does not because

(α − β)2 = (√

2+√3−√

2−√3)2 = 2.The splitting field of f (x) is K = Q(α, β), because clearly −α,−β ∈ K. Note,

however, that αβ = 1, so β = 1/α ∈ Q(α). We therefore have K = Q(α) and,since the minimal polynomial of α over Q has degree 4, we have [K : Q] = 4.

5 Rings and Fields 211

205

(i) It is easy to check that the polynomial x3−7 is irreducible in Q[x]: it has degree3 and, since ±1 and ±7 are not roots, it has no rational roots. In fact, its rootsare 3√

7,3√

7ζ,3√

7ζ 2, where ζ = (−1+√−3)/2 is a primitive third root of 1.

K = Q(3 7, ζ )

Q(3√7) ⊆ R

3

Let K be the splitting field of x3 − 7 over Q; since thepolynomial has degree 3 we have [K : Q] ≤ 3! = 6,and since it is irreducible we have [Q(

3√

7) : Q] = 3.But Q(

3√

7) ⊆ K and the inclusion is actually strict,because Q(

3√

7) ⊆ R whereas K contains the two non-real roots of the polynomial. Therefore, we must have[K : Q] = 6. The polynomial x2 + 3 is also irreduciblein Q[x], and its splitting field is clearly Q(

√−3). Now, thefact that

√−3 = ζ − ζ 2 implies that√−3 ∈ K and so

Q(√−3)⊆ K.

In conclusion, the splitting field of f (x) coincides with K and has degree 6over Q.

(ii) We know that we can represent every element of A = F5[x]/(f (x)) as theclass of a polynomial of degree at most 4, and the class of a polynomial g(x)

is a zero divisor in A if and only if g(x) and f (x) are not relatively prime. Bychecking for possible roots, we find that the factorisation of f (x) in F5[x] isf (x) = (x − 3)(x2 + 3x − 1)(x2 + 3).Remark that the classes that are multiples of some fixed h(x) of degree d areof the form h(x)k(x), where k(x) is any polynomial of degree 4 − d; there aretherefore 55−d such classes. Thanks to this remark and the inclusion-exclusionprinciple, we can find the number of zero divisors by counting the multiples ofx − 3, the multiples of x2 + 3x − 1 and the multiples of x2 + 3, subtractingthe number of multiples of (x − 3)(x2 + 3x − 1), of (x − 3)(x2 + 3) andof (x2 + 3x − 1)(x2 + 3), and finally summing the number of multiples of(x − 3)(x2 + 3x − 1)(x2 + 3). We find that the number of zero divisors in A is

54 + 53 + 53 − (52 + 52 + 5)+ 1 = 821.

206 First of all, we show that f (x) = 2x4 + 6x2 − 5 is irreducible in Q[x].In C[x] we have f (x) = 2(x2 − α)(x2 − β) = 2(x − a)(x + a)(x − b)(x + b),

where α = (−3+√19)/2 and β = (−3−√19)/2 are the solutions of the equation2y2 + 6y − 5 = 0, and a2 = α, b2 = β. Since α and β are not rational numbers,neither are a and b, so f (x) has no irreducible factors of degree 1 in Q[x].

Moreover, b is not real, so any polynomial with rational coefficients that has b

as a root must also have among its roots the complex conjugate b = −b of b. Itfollows that the only potential factorisation of f (x) as a product of two quadraticpolynomials with rational coefficients is 2(x2 − α)(x2 − β). But this is not afactorisation in Q[x], since α and β are not rational numbers.

212 3 Solutions

K = E · F

E = Q(a)

4

F =

=

Q(b)

4

L Q(√19)

2

Q

Set L = Q(α) = Q(β) = Q(√

19), E = Q(a),F = Q(b), K = EF = Q(a, b).Clearly, K is the splitting field of f (x). As f (x)

is irreducible we have [E : Q] = [F : Q] = 4,hence [E : L] = [F : L] = 2. Since EF = E(b)

and b has degree 2 over L, the degree of b over Eis at most 2; in particular, it is 1 if b ∈ E, that is, ifE = F, and 2 otherwise.But E = L(

√α) and F = L(

√β), so E = F if and

only if αβ = −5/2 is a square in L. This is clearlynot the case, because L ⊆ R and squares in R arenon-negative.

In conclusion, E �= F and [EF : E] = 2, so [K : Q] = [EF : E][E : Q] =2 · 4 = 8.

[[One could alternatively show that [E(b) : E] > 1 by remarking that E = Q(a) =Q(

√(−3+√19)/2) ⊆ R, whereas b =

√(−3−√19)/2 �∈ R.]]

Our initial computation of α and β shows that in F19[x] we have f (x) = 2(x2+3 · 2−1)2 = 2(x2 − 8)2. We can easily check that x2 − 8 has no roots in F19, sof (x) factors as a product of irreducible factors of degree 2 in F19[x]. Therefore, thedegree of the splitting field of f (x) over F19 is 2.

207 The polynomial f (x) is irreducible in Q[x] by Eisenstein’s criterion for theprime 3. We therefore have [Q(α) : Q] = 5. Since α7 ∈ Q(α), we have Q ⊆Q(α7) ⊆ Q(α) and so [Q(α7) : Q] | 5. If [Q(α7) : Q] were 1, then α7 would be arational number. But the fact that α5 + 3α + 3 = 0 implies that α7 = −3α3 − 3α2,and the latter is not a rational number because 1, α2, α3 are linearly independentover Q (since [Q(α) : Q] = 5). We thus also have [Q(α7) : Q] = 5.

Let us factor f (x) in F2[x]. It is clear that f (x) has no roots; on the other hand,it is divisible by the unique irreducible polynomial of degree 2, namely, x2+ x + 1,hence f (x) = (x2 + x + 1)(x3 + x2 + 1). It follows that [F2(α) : F2] is either 2 or3, depending on whether α is a root of the first or the second factor.

Remark that in the first case α ∈ F∗4, which is a cyclic group with three elements;

so α7 = α and [F2(α7) : F2] = 2. In the second case we have α ∈ F

∗8, which is a

cyclic group with seven elements, so α7 = 1 and [F2(α7) : F2] = 1.

208 We know that an element g(x) ∈ K[x]/(f (x)) is a zero divisor if and only if(g(x), f (x)) �= 1. In other words, an element g(x) is a zero divisor if and only ifg(x) is divisible by at least one of the irreducible factors of f (x).

Moreover, we know that g(x) is nilpotent if and only if g(x) is divisible by allirreducible factors of f (x).

To summarise, if f (x) = p(x)k is a power of a single irreducible polynomial,then every zero divisor is represented by a polynomial g(x) which is a multiple ofp(x) and therefore nilpotent. Conversely, if f (x) is divisible by at least two distinctirreducible polynomials p(x), q(x), then the element p(x) is a zero divisor and isnot nilpotent.

5 Rings and Fields 213

209 The factorisation of f (x) in F5[x] is

x3 − 2x + 1 = (x − 1)(x − 2)2.

The zero divisors in F5[x]/(x3 − 2x + 1) are given by the union of classes ofpolynomials that are multiples of x − 1 and polynomials that are multiples ofx − 2. The classes of multiples of x − 1 are represented by polynomials of theform (x−1)(ax+b) with a, b ∈ F5, so there are 25, as many as the ways to choosethe pair (a, b). Similarly, there are 25 classes of multiples of x− 2. The intersectionof classes of multiples of x − 1 and x − 2 is the set of classes of polynomials thatare multiples of (x − 1)(x − 2), that is, classes represented by c(x − 1)(x − 2)

with c ∈ F5: there are 5 of them. By the inclusion-exclusion principle, we have25+ 25− 5 = 45 zero divisors.

The nilpotent elements are the classes of polynomials that are multiples of everyirreducible factor of f (x), that is, the five classes of multiples of (x − 1)(x − 2).The answer is therefore 45− 5 = 40.

210

(i) Let α be the positive fourth root of a. In C[x] the polynomial f (x) = x4 − a

factors as f (x) = (x − α)(x + α)(x − iα)(x + iα). We know that f (x) isreducible in Z[x]. There are two possibilities: either f (x) has a root in Z orf (x) factors as the product of two irreducible quadratic polynomials in Z[x].In the first case, since ±iα are not real numbers, the only possible roots are±α

and in fact, if one of the two is an integer then the other must be as well. But ifα = k ∈ N then a = α4 = k4, so we have a = b2 for some b = k2 ∈ N.In the second case, the degree 2 factors must be x2 − α2 and x2 + α2, becausethe factor that has a non-real root must also have its complex conjugate as aroot. It follows that α2 = b ∈ N and again a = α4 = b2.

(ii) Let α be the positive fourth root of −a. The polynomial f (x) factors in C[x]as f (x) = (x − ζα)(x − ζα)(x − ζ 3α)(x − ζ

3α), where ζ = (1 + i)/

√2 is a

primitive eighth root of 1. In this case the polynomial has no real roots: the onlypotential factorisation with integer coefficients comes from pairing up complexconjugate roots to obtain the factors (x − ζα)(x − ζα) = x2 − √2αx + α2

and (x − ζ 3α)(x − ζ3α) = x2 +√2αx + α2. Again α2 = c must be a natural

number and we must have−a = α4 = c2. Moreover, the condition that√

2α isan integer yields that α = d ′/

√2 for some d ′ ∈ N. By squaring both sides we

obtain c = d ′2/2, so d ′ must be even, say d ′ = 2d with d ∈ N, and c = 2d2.

211 First of all, remark that the polynomial f (x) = x4 + 5x2 + 5 is irreduciblein Q[x] by Gauss’s lemma and by Eisenstein’s criterion for the prime 5. By thesame argument, the polynomial g(y) = y2 + 5y + 5 is irreducible. Its roots areα1, α2 = (−5 ± √5)/2, and its splitting field is F = Q(α1, α2) = Q(

√5), which

has degree 2 over Q.The splitting field of f (x) is thus K = F(

√α1,√

α2). Remark that α1α2, beingthe product of the two roots of g(x), is equal to 5, which is a square in F. So the two

214 3 Solutions

extensions F(√

α1)/F and F(√

α2)/F coincide and the degree of the splitting fieldK over Q is at most 4.

On the other hand, since f (x) is irreducible in Q[x], the degree of its splittingfield is a multiple of 4, which is the degree of the extension obtained by adding asingle root of f (x). Therefore, [K : Q] = 4.

In F11[x] the polynomial f (x) can be written as x4−6x2+5 = (x2−1)(x2−5) =(x + 1)(x− 1)(x2− 5). Since 5 ≡ 42 (mod 11), we have x2− 5 = (x + 4)(x− 4),so f (x) = (x + 1)(x − 1)(x + 4)(x − 4) and thus the degree of the splitting fieldover F11 is 1.

212

(i) Since α is a root of f (x) = x3 − x2 − 2x − 1, we have α3 = α2 + 2α + 1.Multiplying both sides by α and substituting into the expression for β yields

β = α4 − 3α2

= α3 + 2α2 + α − 3α2

= α3 − α2 + α

= α2 + 2α + 1− α2 + α

= 3α + 1.

Now, remark that the polynomial f (x) has no rational roots because f (±1) �=0. So, since its degree is 3, f (x) is irreducible in Q[x]. It follows that [Q(α) :Q] = 3.Clearly, β ∈ Q(α) and α = (β − 1)/3 ∈ Q(β), so Q(β) = Q(α) and thereforethe degree of the minimal polynomial of β over Q is 3.Substituting x = (y − 1)/3 into the polynomial f (x), we find that thepolynomial

(y − 1

3

)3

−(

y − 1

3

)2

− y − 1

3− 1 = 1

27y3 − 2

9y2 − 1

3y − 13

27

has β as a root, so y3 − 6y2 − 9y − 13 is the minimal polynomial of β over Q.(ii) Using the minimal polynomial of β, we have that β3 − 6β2 − 9β = 13. By

dividing both sides of the equality by 13, we obtain

ββ2 − 6β − 9

13= 1;

substituting β = 3α + 1 yields

β2 − 6β − 9

13= 9α2 − 12α − 14

13.

5 Rings and Fields 215

It follows that g(x) = (9x2 − 12x − 14)/13 satisfies the requirements of theproblem.[[The second part of the problem can also be solved as follows. Every element of Q(α) can be

written in the form u2α2 + u1α + u0 for some u0, u1, u2 ∈ Q. In order to find a polynomial

g(x) such that βg(α) = 1, we can simply compute h = (3α + 1)(u2α2 + u1α + u0)− 1 and

solve the linear system in u0, u1, u2 obtained by setting h = 0.]]

213 The roots of x2 + 3 are ±√−3 and the roots of x3 − 5 are 3√

5,3√

5ζ,3√

5ζ 2,where ζ = (−1 + √−3)/2. The splitting field in question is therefore K

.=Q(√−3,

3√

5, ζ ).Remark that K = Q(

√−3,3√

5): clearly, we have Q(√−3,

3√

5) ⊆ K, andmoreover ζ = (−1 + √−3)/2 ∈ Q(

√−3) so we also have 3√

5ζ,3√

5ζ 2 ∈Q(√−3,

3√

5).

K

Q(√−3)

2

Q(3√5)

3

The field K contains the two subextensionsQ(√−3) and Q(

3√

5), whose degrees over Q are 2and 3, respectively. Indeed, the respective minimalpolynomials of their generators are x2 + 3 e x3 − 5,and both polynomials are irreducible in Q[x] becausethey have no rational roots and their degrees are atmost 3. This implies that 2 | [K : Q] and 3 | [K : Q],so 6 | [K : Q]. On the other hand, [K : Q] = [K :Q(

3√

5)][Q(3√

5) : Q] ≤ 2 · 3 = 6, and therefore[K : Q] = 6.

214

(i) For p = 3 we have x15 − 1 = (x5 − 1)3, so factoring f (x) is the same asfactoring x5−1. Since 5 and 3 are relatively prime, the splitting field of x5−1over F3 is F3d , where d is the multiplicative order of 3 modulo 5. We haved = 4 and (x − 1)3(x4 + x3 + x2 + x + 1)3 is the factorisation of f (x) as aproduct of irreducible factors.For p = 5 the argument is similar: f (x) = (x3 − 1)5 and the splitting fieldis F52, because 5 has order 2 in F

∗3. The factorisation if f (x) as a product of

irreducible factors is given by f (x) = (x − 1)5(x2 + x + 1)5.(ii) If p is neither 3 nor 5 then 15 and p are relatively prime. We can find the

splitting field of f (x) as before: it is Fpd , where d is the multiplicative orderof p modulo 15. Since (Z/15Z)∗ � (Z/3Z)∗ × (Z/5Z)∗ � Z/2Z×Z/4Z, theorder of p in (Z/15Z)∗ is a divisor of 4.

(iii) For p = 31 we have d = 1 because 31 ≡ 1 (mod 15), for p = 11 we haved = 2 because 112 = 121 ≡ 1 (mod 15), and for p = 2 we have d = 4because the multiplicative order of 2 modulo 15 is 4.

215 First, consider the case of the field F7. One can check that x2 + 2 has noroots in F7 and is therefore irreducible; moreover, x4 − 2 = (x2 − 3)(x2 + 3).So, independently of whether or not the two polynomials x2 − 3 and x2 + 3 areirreducible, the least common multiple of the degrees of the irreducible factors of(x2+2)(x4−2) is 2. The splitting field of the polynomial over F7 has thus degree 2.

216 3 Solutions

The roots in C of the polynomial (x2 + 2)(x4 − 2) are ±i√

2, ± 4√

2 and ±i4√

2,so its splitting field over Q is K = Q(i

√2,

4√

2, i4√

2) = Q(4√

2, i).

K = Q(4 2, i)

Q(4√2) ⊆ R

4

In order to compute the degree [K : Q], consider the towerof extensions Q ⊆ Q(

4√

2) ⊆ Q(4√

2)(i) = K. The firstextension has degree 4 because the minimal polynomial of4√

2 over Q is x4 − 2: it is an irreducible polynomial in Z[x]by Eisenstein’s criterion for the prime 2 and therefore is alsoirreducible in Q[x] by Gauss’s lemma. The second extensionhas degree 2 because i is a root of x2+1 and the extension isnontrivial, since Q(

4√

2) ⊆ R and i �∈ R. We therefore have[K : Q] = 8.

216

(i)

F = Q( 5, −5)

Q(√5) ⊆ R

2

Let F = Q(√

5,√−5) = Q(α, β). Consider the

extensions Q ⊆ Q(√

5) ⊆ F. The first has degree2 over Q and is a subextension of R/Q; the secondhas degree at most 2: it is obtained by adding

√−5 toQ(√

5), where√−5 has degree 2 over Q and therefore

degree at most 2 over Q(√

5). However, the degree ofthe second extension cannot be 1, otherwise we wouldhave Q(

√5) = Q(

√5,√−5), which cannot be the case

because the field Q(√

5,√−5) is not real.

We have thus proven that F has degree 4 over Q. Clearly, α + β ∈ F. We wantto show that, in fact, Q(α + β) = F, and thus that the minimal polynomial ofα + β over Q has degree 4.Remark that i = (α+β)2/10 ∈ Q(α+β) and so the element−α+β = i(α+β)

also belongs to Q(α + β). But then it is clear that α, β ∈ Q(α + β), that is,Q(α + β) = Q(α, β) = F.

(ii) The degree of Fp(α)/Fp is at most 2, as is the degree of Fp(β)/Fp, so bothFp(α) and Fp(β) are contained in Fp2 because any fixed algebraic closure ofFp contains a unique extension of Fp of degree 2. So α+β ∈ Fp2 and thus theminimal polynomial of α + β has degree at most 2 over Fp.For example, if p = 5 then α = β = 0 and α + β obviously has degree 1 overF5. If p = 3 then α = ±√2 ∈ F32 \F3, whereas β = ±1, so α+ β ∈ F32 \F3and α + β has degree 2 over F3.

(iii) Since 2011 is congruent to 3 modulo 4, we have that −1 is not a square inF2011. So exactly one among 5 and −5 is a square in F2011: one of the twoextensions F2011(α) and F2011(β) has degree 1 and the other has degree 2. Inany case, the degree of the minimal polynomial of α + β is 2.

217 The polynomial f (x) is irreducible over Q by Eisenstein’s criterion, so it isthe minimal polynomial of each of its roots. It follows that [Q(α) : Q] = 4. Theroots of f (x) in an algebraic closure of Q are ± 4

√3,±i

4√

3, so the splitting field off (x) over Q is F = Q(

4√

3, i4√

3) = Q(4√

3, i).

5 Rings and Fields 217

F = Q(4 3, i) = K(

4 3)

Q(4√3) ⊆ R

4

K = Q(√−3)

2

Using the fact that the degree is multi-plicative in towers, we have [F : Q] =[Q(

4√

3)(i) : Q(4√

3)][Q(4√

3) : Q] = 2 · 4 =8. Indeed, we already found the degree ofQ(

4√

3)/Q, and the other degree is 2: it isat most 2 because i is a root of x2 + 1 ∈Q(

4√

3)[x], and it is more than 1 becausei �∈ Q(

4√

3) ⊆ R.

Now, let K = Q(√−3) = Q(i

√3). Since i

√3 is not real we have that

[Q(4√

3, i√

3) : Q] = 8, so [K(4√

3) : K] = [Q(4√

3, i√

3) : Q]/[K : Q] = 8/2 = 4.It follows that the polynomial f (x) is also irreducible in K[x], and thus everyroot α of f (x) has degree 4 over K. As before, the splitting field of f (x) overK is K(

4√

3, i). On the other hand, K(4√

3) = K(4√

3, i) = Q(i√

3,4√

3, i) =Q(

4√

3, i) = F because i√

3 = i(4√

3)2 ∈ F, so the degree we are computing is[F : K] = [K(

4√

3) : K] = 4.

218

(i) Remember that the splitting field of a polynomial over a finite field Fpn is Fpnd ,where d is the least common multiple of the degrees of the irreducible factorsof f (x) in Fpn[x].In F2[x]we have f (x) = x(x4+x+1); moreover, the polynomial x4+x+1 isirreducible because it has no roots and it is not the square of the unique degree 2irreducible polynomial in F2[x], namely, x2+ x+ 1. The splitting field of f (x)

over F2 is therefore F24 .In F3[x] we have f (x) = (x2 + 1)(x3 − x + 1) and each of the two factorsis irreducible because it has no roots. The splitting field of f (x) over F3 istherefore F36 .

(ii) We need to check whether or not x2+1 and x3−x+1 are irreducible in F3k [x].The roots of x2+1 generate F32 , so the polynomial factors in F3k [x] if and onlyif F32 ⊆ F3k , that is, if and only if 2 | k. Similarly, x3 − x + 1 factors in F3k [x]if and only if 3 | k.In conclusion, if k ≡ 0 (mod 6) then f (x) factors as a product of degree 1polynomials in F3k [x]. If k ≡ 2, 4 (mod 6) then f (x) has two roots in F3k andan irreducible factor of degree 3. If k ≡ 3 (mod 6) then f (x) has three rootsand an irreducible factor of degree 2. Finally, if k ≡ 1, 5 (mod 6) then f (x)

has an irreducible factor of degree 2 and one of degree 3 in F3k [x] (as in F3[x]).219 Reducing the polynomial f (x) = x4 + 2x3 + 2x2 + x + 3 modulo 2 yieldsx4 + x + 1, which is irreducible because it has no roots in F2 and is not a square ofx2 + x + 1, which is the only irreducible quadratic polynomial in F2[x]. Therefore,f (x) is irreducible in Z[x] and hence, by Gauss’s lemma, in Q[x].

This implies that f (x) is the minimal polynomial of α overQ, so [Q(α) : Q] = 4.Since Q(α + 1) = Q(α), the minimal polynomial of α + 1 over Q also has degree4. Clearly, the polynomial f (x − 1) = x4 − 2x3 + 2x2− x + 3 has α + 1 as a root,

218 3 Solutions

so it must be a multiple of the minimal polynomial of α + 1; since it is monic andhas degree 4, it is the polynomial we are looking for.

We now set out to find the minimal polynomial of α2 + α over Q. Since Q(α2 +α) ⊆ Q(α), the degree of α2+α over Q is a divisor of 4. It cannot be 1 because thatwould imply α2 + α = q ∈ Q and thus x2 + x − q would be a degree 2 polynomialof Q[x] that has α as a root, which contradicts the fact that the degree of α over Qis 4. The degree of α2 + α is therefore either 2 or 4: it is 2 if and only if (α2 + α)2,(α2+α) and 1 are linearly dependent over Q. What we need to determine is whetherthere are solutions a, b ∈ Q of

(α2 + α)2 + a(α2 + α)+ b = 0.

Simple calculations yield the equation α4 + 2α3 + (a+ 1)α2 + aα+ b = 0 and, byreplacing α4 with the expression obtained from f (α) = 0, we get

(a − 1)α2 + (a − 1)α + b − 3 = 0

whose solution is a = 1, b = 3. This shows that the polynomial h(x) = x2 + x + 3has α2 + α as a root and, since it has the least possible degree, it is the desiredminimal polynomial.

220

(i) Let us show that f (x) is irreducible in Q[x]. First of all, it has no rational roots,as we can see by checking that f (1) and f (−1) are both nonzero. By Gauss’slemma, it is enough to prove that f (x) is irreducible in Z[x]. Now, if in Z[x]the polynomial f (x) were a product of two quadratic factors, which we mayassume to be monic, we would have f (x) = (x2 + ax + b)(x2 + cx + d)

for some a, b, c, d ∈ Z. By equating the terms of degree three of the left andright hand side, we get a + c = 0, while for the constant coefficients we havebd = 1, hence c = −a and d = b = ±1. So we would have

f (x) = (x2+ax+b)(x2−ax+b)= (x2+b)2−(ax)2 = x4+(2b−a2)x2+1.

Finally the terms of degree two give the equality 2b−a2 = 3, that is, 2b−3 =a2. But if b ∈ {1,−1} then 2b − 3 ∈ {−1,−5} so it can’t be the square of aninteger. It follows that f (x) is irreducible, and since it is also monic it is theminimal polynomial of α over Q. Therefore, [Q(α) : Q] = 4.

(ii) Let β1, β2 be the roots of the quadratic polynomial y2 + 3y + 1. The fieldE = Q(β1) = Q(β2) has degree 2 over Q: we have already checked that thispolynomial has no rational roots. If we let K be the splitting field of f (x), wehaveK = E(

√β1,√

β2). But the fields E(√

β1) andE(√

β2) coincide (becauseβ1β2 = 1 is a square in E), so K = E(

√β1). Without loss of generality, we

may assume that K = Q(α) and obtain [K : Q] = 4.(iii) The polynomial f (x−1) = (x−1)4+3(x−1)2+1 = x4−4x3+9x2−10x+5

vanishes at α+1. Its reciprocal polynomial, that is, g(x) = 5x4−10x3+9x2−

5 Rings and Fields 219

4x+ 1, vanishes at 1/(α+ 1). Moreover, it is clear that Q(α) = Q(1/(α+ 1)),so the minimal polynomial of 1/(α + 1) over Q has degree 4. It follows thatthe minimal polynomial we want is g(x)/5.

221 The polynomial f (x) = x4−4x2+2 is irreducible in Q[x] by Gauss’s lemmaand by Eisenstein’s criterion for the prime 2, so each of its roots has degree 4 overQ.

The complex solutions of the equation y2 − 4y + 2 = 0 are 2 ± √2, so thecomplex roots of f (x) are±α,±β, where α2 = 2+√2 and β2 = 2−√2. Clearly,both Q(α) and Q(β) are degree 2 extensions of Q(

√2). Moreover, they coincide

because (2+√2)(2−√2) = 2 is a square in Q(√

2). So the splitting field of f (x)

over Q is K = Q(±α,±β) and we have [K : Q] = 4.

K(i)

Q(i)

2

K = Q( 2 + √2) ⊆ R

4

Remark that the roots of f (x) are all realbecause they are the square roots of positivenumbers, so i �∈ K. It follows that [K(i) :K] = 2 and, since the degree is multiplicativein towers, [K(i) : Q] = 8. On the otherhand, K(i) = Q(i, α, β) is the splitting fieldof f (x) over Q(i), so [K(i) : Q(i)] = [K(i) :Q]/[Q(i) : Q] = 8/2 = 4.

In F7 we have (±3)2 = 2, so the roots of y2 − 4y + 2 = 0 are 2 ± 3 = −1, 5. Itfollows that y2 − 4y + 2 = (y + 1)(y − 5) and x4 − 4x2 + 2 = (x2 + 1)(x2 − 5).One can check that x2 + 1 and x2− 5 have no roots in F7, so they are irreducible inF7[x]. Therefore, the degree of the splitting field of f (x) over F7 is 2.

222

(i) We show that EF ⊆ K. The roots of x8 − 1 and of x3 − 1 are also roots ofx24 − 1, so the generators of E and F belong to K.Let ζ8 = e2πi/8 and ζ3 = e2πi/3 be a primitive eighth and third root of unity inC, respectively. The product ζ8 · ζ3 is a primitive 24th root of unity, so we alsohave K ⊆ EF.

(ii)E = Q( 2, i)

R ⊇ Q(√2)

2

Q(i)

2

The eighth roots of 1 are ±1,±i, (±1 ±i)/√

2, so E is contained in Q(√

2, i). On theother hand, E must contain the root i and also√

2 = (1 + i)√

2/(1 + i), so E coincideswith Q(

√2, i). Note that Q(

√2) and Q(i) are

different extensions of Q of degree 2 (one is asubextension of the reals and the other is not)and therefore we have [E : Q] = 4.

The third roots of 1 are (−1 ±√−3)/2, so F = Q(√−3) and [F : Q] = 2. It

follows that K = Q(√

2, i,√−3).

Remark that both√

2 and√

3 = i · √−3 belong to K and therefore we haveK = T(i), where T = Q(

√2,√

3) is a subfield of R. Since 2 · 3 = 6 is not asquare in Q, we have [T : Q] = 4, while K is an extension of degree 2 of T, so[K : Q] = 8.

220 3 Solutions

Finally, T ⊆ K ∩ R ⊆ K and, since [T : Q] = 4 and [K : Q] = 8, we haveK ∩ R = T or K ∩ R = K. Since K ∩ R ⊆ R whereas K �⊆ R, we must haveK ∩ R = T.We can find a basis of K ∩ R by taking the products of the elements of a basisof Q(

√2) and a basis of Q(

√3); for instance, one is given by 1,

√2,√

3,√

6.

K = Q( 2, i, −3)

R ⊇ T = Q(√2,

√3) E

Q(√3) Q(

√2) Q(i) F = Q(

√−3)

223

(i) The roots of the polynomial x2 + x + 1 are ζ, ζ 2, where ζ ∈ C is a primitivethird root of 1. In order to have the required divisibility, ζ and ζ 2 must also beroots of f (x) = x2n + xn + 1. In fact, it is enough to check that one of them isa root, because the two are complex conjugates; if one is a root then the otherone must be as well. Let us evaluate f (x) at ζ . We have

f (ζ ) =

⎧⎪⎪⎨

⎪⎪⎩

1+ 1+ 1 = 3 if n ≡ 0 (mod 3);ζ 2 + ζ + 1 = 0 if n ≡ 1 (mod 3);ζ + ζ 2 + 1 = 0 if n ≡ 2 (mod 3).

So the values we want are the natural numbers n �≡ 0 (mod 3).(ii) The equality

x12 − 1

x4 − 1= x8 + x4 + 1

implies that the splitting field of x8 + x4 + 1, both over Q and over F7, isgenerated by a primitive 12th root of unity. Indeed, the roots of the polynomialx12 − 1 form a cyclic group of order 12, and those of the denominator are asubgroup of order 4 of the cyclic group in question. On the other hand, addingto the base field any 12th root of unity also adds its powers, and so all other 12throots of unity.

5 Rings and Fields 221

In order to find the degree of the splitting field over Q, let us compute thecomplex roots of the polynomial; they are

±1±√3i

2,±√3± i

2

so the splitting field is Q(√

3, i). Indeed, the splitting field must be contained inQ(√

3, i) given the form of the roots; moreover, the opposite inclusion followsfrom the fact that summing the two complex conjugate roots (

√3± i)/2 yields√

3, and taking their difference shows that i is in the splitting field as well.The degree of the splitting field of x8 + x4 + 1 over F7 is the least positiveinteger k for which F7k contains the 12th roots of 1; in other words, it is theleast positive integer k for which 12 | 7k − 1, that is, k = 2.

224 We first show that f (x) = x4−x3+x2−x+1 is irreducible in Q[x]. We cancheck that f (x) has no rational roots: it is enough to see that f (±1) �= 0. Moreover,by Gauss’s lemma it is enough to check that f (x) is irreducible in Z[x]. Supposeby contradiction that

f (x) = (x2 + ax + b)(x2 + cx + d),

that is, that f (x) factors as the product of two quadratic polynomials in Z[x]. Bycomputing the coefficients of the right hand side, we get

⎧⎪⎪⎨

⎪⎪⎩

a + c = −1b + d + ac = 1

ad + bc = −1bd = 1.

The last equation implies that b = d = ±1. Substituting into the third equation, wefind that we must have b = d = 1, otherwise the first equation has no solutions. Onthe other hand, the solutions of the first two equations a + c = −1 and ac = −1are solutions of t2 + t − 1 = 0, but it is clear that the latter polynomial in t has nointeger roots.

[[One could also show that f (x) is irreducible in Z[x] by considering its coefficients modulo

2. The reduction yields the polynomial x4 + x3 + x2 + x + 1 which clearly has no roots in F2 and

is not the square of x2 + x + 1, which is the only irreducible polynomial of degree 2 in F2[x].]]The degree [Q(α) : Q] is thus 4, and the degree d = [Q(α + cα−1) : Q] is a

divisor of 4 because α + cα−1 ∈ Q(α). We can immediately remark that d �= 1,because if we had d = 1 we would have α+cα−1 = q ∈ Q, that is, α2−qα+c = 0;the element α would then satisfy an equation of degree 2 with rational coefficients,which would contradict the fact that [Q(α) : Q] = 4. So we have d = 2 or d = 4.

We have d = 2 if and only if the elements (α+ cα−1)2, α+ cα−1, 1 are linearlydependent over Q. Multiplying by α2, the condition becomes that (α2 + c)2, α3 +cα, α2 are linearly dependent over Q.

222 3 Solutions

Let us write all the terms as linear combinations of 1, α, α2, α3. The vectorsα3 + cα, α2 are already expressed in terms of this basis, and we have (α2 + c)2 =α4+2cα2+c2 = α3+(2c−1)α2+α+(c2−1). By looking at the coefficients of α3

we find that a linear combination r(α3+(2c−1)α2+α+(c2−1))+s(α3+cα)+tα2

can be 0 only if r = −s. If r = −s = 0 we also get t = 0, so the coefficients areall zero. If r = −s �= 0 then setting the coefficient of α to zero yields c = 1, hencet = −r , which is a solution.

In conclusion, d = 2 if c = 1 and d = 4 if c �= 1.

225

(i) Since f (x) has degree 3, it is irreducible in Q[x] if and only if it has no rationalroots; moreover, the only potential roots are ±1. Since neither 1 nor −1 is aroot, f (x) is irreducible in Q[x]. Let α be a real root of f (x); we have [Q(α) :Q] = 3. Now, since f (x) is irreducible and has degree 3, the degree of itssplitting field K over Q is a divisor 3! = 6. But we have chosen α ∈ R and,since the derivative f ′(x) = 3x2 + 3 is always positive, there is a unique realroot of f (x), so K is not contained in R, that is, [K : Q] = 6.

(ii) By the derivative criterion, f (x) ∈ Fp[x] has multiple roots in Fp if and only if(f (x), f ′(x)) �= 1. For p = 3, the polynomial f (x) = x3+1 = (x+1)3 has thetriple root 1. For p �= 3, since f ′(x) = 3x2 + 3 = 3(x2 + 1) and 3 is invertiblemodulo p, we can take the greatest common divisor of f (x) and x2 + 1. Thefirst division of Euclid’s algorithm yields x3 + 3x + 1 = x(x2+ 1)+ (2x + 1).Remark that for p = 2 the polynomial f (x) is irreducible, because its degreeis 3 and it has no roots. We can therefore assume that p �= 2 and multiplythe polynomial x2 + 1 by the invertible constant 4, thus obtaining 4x2 + 4 =(2x − 1)(2x + 1) + 5 from the next Euclidean division. It follows that thegreatest common divisor of f (x) and f ′(x) is not 1 if and only if p = 3 orp = 5. Indeed, for p = 5 we have f (x) = (x − 1)(x − 2)2.In conclusion, f (x) has a multiple root in Fp if and only if p = 3 or p = 5.

226

(i) The polynomial f (x) = x9 − 1 factors in Z[x] as f (x) = (x − 1)(x2 + x +1)(x6+x3+1); we therefore need to show that h(x) = x6+x3+1 is irreduciblein F11[x].By the theorem about cyclotomic extensions of finite fields, the splitting fieldof f (x) over F11 is F11d , where d is the multiplicative order of 11 modulo 9;we find that d = 6. It follows that, denoting by C the set of roots of f (x) insome fixed algebraic closure of F11, we have F11(C) = F116. Moreover, weknow that C is a finite multiplicative group, so it is cyclic; letting C = 〈α〉, wehave F116 = F11(α). This implies that the minimal polynomial of α, which is adivisor of f (x), has degree 6; it is therefore h(x), which is thus irreducible.

(ii) By our arguments above, x2 + x + 1 has no roots in F11, so the factors inf (x) = (x − 1)(x2 + x + 1)(x6 + x3 + 1) are irreducible in Z[x] becausethey are irreducible modulo 11. Moreover, by Gauss’s lemma they are alsoirreducible in Q[x]. Let η ∈ C be a primitive ninth root of 1; the roots of f (x)

5 Rings and Fields 223

are 1, η, η2, . . . , η8. The splitting field of f (x) over Q is therefore Q(η), andits degree is the degree of the minimal polynomial μ(x) of η over Q. We knowthat μ(x) | f (x) and we have η3 �= 1, so μ(x) | f (x)/(x3 − 1) = x6 + x3 + 1.Since the latter polynomial is irreducible, we have μ(x) = x6 + x3 + 1 so thedegree of the splitting field of f (x) over Q is 6.Letting K = Q(ζ ), the splitting field of f (x) over K is K(η) = Q(η). Since theminimal polynomial of ζ over Q is x2 + x + 1 we have [K : Q] = 2, and thus[Q(η) : K] = 3.

227

(i) We show that the polynomial f (x) is irreducible modulo 2. It is obvious that 0and 1 are not roots of the polynomial in F2, so f (x) has no factors of degree 1.If it were reducible it would be the product of two irreducible factors of degree2, but the only irreducible polynomial of degree 2 in F2[x] is x2 + x + 1, andwe have (x2 + x + 1)2 = x4 + x2 + 1 �= f (x), so f (x) is irreducible.Since it is irreducible modulo 2, the polynomial f (x) is also irreducible inZ[x] and, by Gauss’s lemma, in Q[x]. This implies that f (x) is the minimalpolynomial of α, so [Q(α) : Q] = 4; since Q(1/(α + 1)) = Q(α), the minimalpolynomial of 1/(α+ 1) also has degree 4. The minimal polynomial of α+ 1 isf (x− 1) = (x− 1)4+ (x− 1)+ 1 = x4− 4x3+ 6x2− 3x+ 1, so the minimalpolynomial of 1/(α+ 1) is its reciprocal polynomial x4− 3x3+ 6x2− 4x + 1.Remark that Q(α) = Q(α2): clearly, we have Q(α2) ⊆ Q(α), and the equalityf (α) = 0 yields α = −α4 − 1 ∈ Q(α2), which implies the opposite inclusion.Consequently, the minimal polynomial of α2 over Q has degree 4. There aremany ways to compute this minimal polynomial. We can, for example, remarkthat α4 + 1 = −α, hence by squaring both sides α8 + 2α4 + 1 = α2, so thepolynomial x4 + 2x2 − x + 1 vanishes at α2, and since it has degree 4 it is theminimal polynomial of α2.[[Here is a different way to compute the minimal polynomial of α2: we know that it is of

the form μ(x) = x4 + ax3 + bx2 + cx + d and we must find a, b, c, d ∈ Q such that

μ(α) = α8 + aα6 + bα4 + cα2 + d = 0. The expression given by the minimal polynomial

of α yields that α4 = −α − 1, α6 = −α3 − α2 and α8 = α2 + 2α + 1. We therefore have

μ(α2) = −aα3 + (1− a + c)α2 + (2− b)α + 1− b + d = 0. Since the vectors 1, α, α2, α3

over Q are linearly independent, the equation is satisfied if and only if a = 0, b = 2, c = −1

e d = 1.]](ii) The splitting field of f (x) over F5 is F5d , where d is the least common multiple

of the degrees of the irreducible factors of f (x) in F5[x]. Evaluating thepolynomial at 0, ±1, ±2 yields that the only root in F5 is −2. By Ruffini’stheorem, x+2 | f (x) and one immediately gets f (x) = (x+2)(x3+3x2−x+3).The only possible roots of the factor of degree 3 are those of f (x), so the onlypotential root−2; but we have (−2)3+3(−2)−(−2)+3 �= 0, so x3+3x2−x+3has no roots in F5 and therefore is irreducible. The splitting field of f (x) overF5 is thus F53 .

224 3 Solutions

228

(i) Let α be a root of f (x) in an algebraic closure of Fp; we have α4 = ±a ∈ F∗p,

so ord(α) | 4(p−1) |p2−1, where the last divisibility follows by the assumptionthat p ≡ 3 (mod 4). We therefore have that every root α of f (x) belongs toFp2 . All that is left to show is that f (x) does not have all of its roots in Fp.Indeed, x4− a has a root in Fp if and only if a = b4 for some b ∈ Fp, in whichcase −a is not a fourth power in Fp: it is not even a square, because −1 is nota square in Fp for p ≡ 3 (mod 4). A similar argument can be applied afterexchanging a and −a, so the splitting field of f (x) is Fp2 .

(ii) If a = 1, then f (x) = x8 − 1 and its splitting field over Fp is Fpk , where k isthe order of p in (Z/8Z)∗. It follows that, for p ≡ 1 (mod 8), for example forp = 17, we have k = 1, and for p ≡ 5 (mod 8), for example p = 5, we havek = 2.

We need to show that one can find a and p for which the splitting field hasdegree 4. Consider a = 2 and p = 5; we have f (x) = (x4 − 2)(x4 + 2). Sinceneither 2 nor−2 are squares modulo 5, they are not fourth powers, so f (x) hasno roots in F5. We need to exclude the possibility that both polynomials x4 − 2and x4 + 2 factor as the product of two irreducible polynomials of degree 2. Infact, neither polynomial does, as we can show by a direct computation.Suppose that x4 ± 2 = (x2 + ax + b)(x2 + cx + d) = x4 + (a + c)x3 + (b +ac+ d)x2 + (ad + bc)x + bd con a, b, c, d ∈ F5. Equating coefficients on thetwo sides yields

⎧⎪⎪⎨

⎪⎪⎩

a + c = 0b + ac+ d = 0

ad + bc = 0bd = ±2

and some calculations show that neither system has any solutions in F5.[[Another way to show that x4 − 2 and x4 + 2 are irreducible is to remark that, given a root

α ∈ F5k of f (x), we have α4 = ±2, hence ord(α4) = 4 and so ord(α) = 4r . The formula

ord(α4) = ord(α)/(4, ord(α)) yields r = 4, that is, ord(α) = 16. It follows that 16 | 5k − 1

and so k = 4.]]

229

(i) Set Δ = a − 4b2, α = (−a + √Δ)/2 and β = (−a − √Δ)/2. We haveFp(√

Δ) ⊆ Fp2 , so f (x) = (x3 − α)(x3 − β) in Fp2[x]. Remark that apolynomial of the form x3 − γ in Fp2[x] is either irreducible or the product ofthree factors of degree 1. Indeed, if p = 3 then x3 − γ = (x − γ 3)3. If p > 3then 3 |p2 − 1, so the homomorphism F

∗p2 � z −→ z3 ∈ F

∗p2 , is a 3-to-1 map,

that is, cubes have three distinct third roots in Fp2 . We can therefore concludethat the degree of the splitting field of f (x) over Fp2 is 1 if both α and β arecubes, and 3 otherwise.

5 Rings and Fields 225

(ii) Let Fpk be the splitting field of f (x) over Fp. Because of the previousargument, the splitting field of f (x) over Fp2 is contained in Fp6 , so the oneover Fp is as well. The inclusion Fpk ⊆ Fp6 implies k | 6, and in particulark �= 4, 5.

(iii) As before, let Fpk be the splitting field of f (x) over Fp. We have seen that

Fp(√

Δ) ⊆ Fpk , so if we had k = 3 we would have√

Δ ∈ Fp, and f (x) =(x3 − α)(x3 − β) in Fp[x]. For p ≡ 2 (mod 3), the map z −→ z3 is anisomorphism in F

∗p, so both x3 − α and x3 − β factor as a product of a linear

factor and an irreducible factor of degree 2, so in this case the splitting fieldcannot have degree 3.

230 Remember that, by the theorem about cyclotomic extensions of finite fields, if(n, p) = 1 then the degree of the splitting field of the polynomial xn − 1 over Fp

coincides with the multiplicative order of p modulo n. It follows that if p �= 2, 3, 5then the degree of the splitting field of f (x) = (x15−1)(x12−1) over Fp is the leastcommon multiple of the multiplicative order of p modulo 15 and the multiplicativeorder of p modulo 12, that is, the smallest positive solution of the system

{px ≡ 1 (mod 15)

px ≡ 1 (mod 12).

By the Chinese remainder theorem, the system is equivalent to

⎧⎨

⎩

px ≡ 1 (mod 3)

px ≡ 1 (mod 4)

px ≡ 1 (mod 5).

One can immediately check that x = 4 is a solution of the system, so the minimalsolution is a divisor of 4. We now show that all divisors of 4 are possible degrees.

For p = 7, by the arguments above, one can immediately see that the degree ofthe splitting field is 4.

The degree of the splitting field over Fp is 2 if p ≡ −1 (mod 5): indeed, p2 ≡ 1(mod 3) and p2 ≡ 1 (mod 4) for all primes larger than 3, for example for p = 19.

The degree of the splitting field is 1 if and only if 3 |p−1, 4 |p−1 and 5 |p−1that is, if and only if 60 |p − 1. Since 61 is prime, the splitting field of f (x) overF61 has degree 1.

The last case to discuss is p = 2. In F2[x] we have f (x) = (x15 − 1)(x3 − 1)4

and, since 3 | 15, we have x3−1 | x15−1, so the degree of the splitting field of f (x)

is the order of 2 in (Z/15Z)∗, which one can easily show to be 4.[[In order to cover every prime, we could also discuss 3 and 5. For p = 3 we have f (x) =

(x5 − 1)3(x4 − 1)3 and, since the multiplicative order of 3 modulo 5 is 4 and its multiplicative

order modulo 4 is 2, the degree of the splitting field is 4. Finally, for p = 5 we have f (x) =(x3 − 1)5(x12 − 1) and a similar argument yields that the degree of the splitting field is 2.]]

226 3 Solutions

231 The prime factorisation of 1635 is 3 · 5 · 109, so Z/1635Z is not a field andthe equation can have more than four solutions. By the Chinese remainder theorem,Z/1635Z � Z/3Z× Z/5Z× Z/109Z.

Let us now look for a factorisation of f (x) = 2x4−41x3+201x2−71x−91 inZ[x], which will induce factorisations in Z/3Z[x], Z/5Z[x], Z/109Z[x] by passingto the quotient.

Since 91 = 13 · 7, any rational root of f is of the form a/b, where a is a divisorof 91 and b is a divisor of 2. It is easy to check that f (1) = f (7) = f (13) = 0 andso we have that (x−1)(x−7)(x−13) divides f (x). By performing the division weobtain that f (x) = (x−1)(x−7)(x−13)(2x+1) in Z[x], and so−1/2 is also a root.This factorisation yields: f (x) = −(x−1)4 in Z/3Z[x], f (x) = (x−1)(x−2)2(x−3) in Z/5Z[5] and (x−1)(x−7)(x−13)(2x+1) in Z/109Z[x]. Since Z/3Z, Z/5Zand Z/109Z are fields, these factorisations immediately give us the respective setsof roots: we have x = 1, of multiplicity 4, in Z/3Z[x]; x = 1,−2, 2, where 2 hasmultiplicity 2, in Z/5Z[x], and finally x = −1/2, 1, 7, 13 in Z/109Z[x] (and it iseasy to check that these roots are distinct in Z/109Z). We therefore have 1·3·4 = 12distinct solutions in Z/3Z× Z/5Z× Z/109Z and thus in Z/1635Z.

Since the factorisation in Z[x] remains valid in the quotient ring Z/1635Z[x],three roots of f (x) are immediately found and are x ≡ 1, 7, 13 (mod 1635).Moreover, remark that (2, 1635) = 1, so the element 2 is invertible in Z/1635Zand we have the solution x = −1/2 ≡ 817 ∈ Z/1635Z, which is clearly differentfrom the previous ones.

We need to construct two more solutions and we may do it using the Chineseremainder theorem, for example from the triples of solutions (1, 1, 7) and (1, 2, 13)

in Z/3Z × Z/5Z × Z/109Z. Simple calculations yield that 661 and 667 are thecorresponding classes modulo 1635, and are thus roots of f (x).

[[For the sake of completeness, by remarking that −1/2 ≡ 54 (mod 109), we can give the fullcorrespondence between solution triples in Z/3Z× Z/5Z× Z/109Z and solutions in Z/1635Z:

(1, 1, 1) ←→ 1 (1, 1, 7) ←→ 661(1, 1, 13) ←→ 1321 (1, 1, 54) ←→ 1471(1, 2, 1) ←→ 982 (1, 2, 7) ←→ 7

(1, 2, 13) ←→ 667 (1, 2, 54) ←→ 817(1, 3, 1) ←→ 328 (1, 3, 7) ←→ 988

(1, 3, 13) ←→ 13 (1, 3, 54) ←→ 163.

]]

232

(i) First of all, we show that f (x) is irreducible in Q[x]. Since deg(f ) = 3, it isenough to show that f (x) has no rational roots. Any rational root must have anumerator that divides the constant coefficient, which is −1, and a denominatorthat divides the leading coefficient, which is 1; it is therefore enough to checkthat ±1 are not roots. But f (1) = f (−1) = −1, so the polynomial has norational roots and is therefore irreducible.

5 Rings and Fields 227

It is now clear that the field Q(α) has degree 3 over Q and thus each of itselements can be expressed as a linear combination of 1, α and α2 with rationalcoefficients. We write 1/(α + 2) = aα2 + bα + c, where a, b, c are rationalnumbers to be determined. We get

1 = (aα2 + bα + c)(α + 2) = aα3 + bα2 + cα + 2aα2 + 2bα + 2c

= (b + 2a)α2 + (a + c + 2b)α + (a + 2c)

where we used α3 = α + 1 to obtain the last equality. Equating coefficients ofthe basis vectors on the two sides yields the system

⎧⎨

⎩

b + 2a = 0a + c + 2b = 0

a + 2c = 1

whose unique solution is a = 1/7, b = −2/7, c = 3/7. In conclusion, 1/(α +2) = (α2 − 2α + 3)/7.[[Alternatively, we could divide the polynomial x3−x−1 by x+2 and obtain that x3−x−1 =(x2 − 2x + 3)(x + 2) − 7. Replacing x with α, we have (α2 − 2α + 3)(α + 2) − 7 = 0, so

dividing by 7(α + 2) yields the desired expression.]](ii) We have the obvious inclusions Q(α2) ⊆ Q(α) and Q(α3) ⊆ Q(α), so the

degrees to be computed are at most 3, and moreover they are divisors of 3(because degrees are multiplicative in towers), so each is either 1 or 3.If we had [Q(α2) : Q] = 1 then we would have α2 = c ∈ Q and so α wouldbe a root of the degree 2 polynomial x2 − c ∈ Q[x], which contradicts the factthat the minimal polynomial of α is x3 − x − 1 and has degree 3. Therefore,[Q(α2) : Q] = 3.

From the equation α3 = α + 1 we get that α = α3 − 1 ∈ Q(α3), so Q(α) =Q(α3) and [Q(α3) : Q] = 3.

233

(i) Reducing the polynomial f (x) modulo 2 yields x4 + x + 1, which clearly hasno roots and is not the square of the unique irreducible polynomial of degree 2in F2[x], namely, x2 + x + 1. The polynomial f (x) is thus irreducible modulo2 and so irreducible in Z[x]. By Gauss’s lemma, it is also irreducible in Q[x].

(ii) Since it is irreducible, f (x) is the minimal polynomial of α over Q, so [Q(α) :Q] = 4. It is clear that 2α − 3 ∈ Q(α); on the other hand, α = (2α − 3)/2 +3/2 ∈ Q(2α − 3), hence Q(2α − 3) = Q(α) and [Q(2α − 3) : Q] = 4. Theminimal polynomial of 2α − 3 over Q has thus degree 4, and is the uniquemonic polynomial of degree 4 in Q[x] that vanishes at 2α− 3. The polynomial

g(x) = f

(x + 3

2

)= 1

16(x4 + 12x3 + 54x2 + 84x − 71)

228 3 Solutions

has degree 4, and clearly g(2α − 3) = 0. The minimal polynomial of 2α − 3over Q is thus 16g(x) = x4 + 12x3 + 54x2 + 84x − 71.

(iii) Clearly, α2 ∈ Q(α). On the other hand, the equality α4 − 3α − 5 = 0 impliesthat α = (α4 − 5)/3 = ((α2)2 − 5)/3 ∈ Q(α2).So we have Q(α2) = Q(α) and thus [Q(α2) : Q] = 4, and the minimalpolynomial of α2 is the unique monic polynomial of degree 4 that vanishes atα2. Squaring both sides of α4 − 5 = 3α, we immediately obtain that x4 −10x2 − 9x + 25 has α2 as a root, so it is the minimal polynomial in question.

234 We have 5 = 2x2 + 17 − 2(x2 + 6) and so 5 ∈ I = (2x2 + 17, x2 + 6); infact, we have I = (5, x2 + 1).

The map F5 � a −→ a + I ∈ A = Z[x]/I is well defined, because the idealgenerated by 5 in Z[x] is contained in I ; moreover, it is a ring homomorphism. Inorder to show it is injective, remark that I ∩Z is an ideal of Z that contains 5Z; it istherefore either 5Z or Z. But if we had I ∩ Z = Z then we would have 1 ∈ I , thatis, 1 ∈ (x2 + 1) in F5[x], which is not the case. Therefore, if a + I = a′ + I thenwe have a − a′ ∈ I ∩ Z = 5Z, so a = a′.

Having shown that F5 ⊆ A, we conclude that A is a vector space over F5.We now show that 1, x form a basis of A as a vector space over F5. It is clear that

they generate A, because every element of A can be expressed in the form ax + b

for some a, b ∈ Z. In order to show that they are linearly independent, suppose thatax + b = 0 in A = Z[x]/(5, x2 + 1). We then have ax + b ∈ (5, x2 + 1) in Z[x]and so ax + b ∈ (x2 + 1) in F5[x], which implies a = b = 0 in F5.

Since it has a basis consisting of two elements, A is isomorphic to F25, as are all

vector spaces of dimension 2 over F5.

235

(i)

Q(3

, i)

Q(3√2

2

)

3

Since degrees are multiplicative in towers, we have [K :Q] = [K : Q(

3√

2)][Q(3√

2) : Q]. Now, [Q(3√

2) : Q] =3; this is because the polynomial x3 − 2 is irreducible inZ[x] by Eisenstein’s criterion, hence by Gauss’s lemma itis irreducible in Q[x], and it has 3

√2 as a root, so it is the

minimal polynomial of 3√

2 over Q. In order to compute[K : Q(

3√

2)], we shall find the minimal polynomial of i

over Q(3√

2). Since we know how to factor x2 + 1 in C[x],we can immediately see that it is irreducible in R[x] andtherefore in Q(

3√

2)[x] ⊆ R[x].Since the irreducible polynomial x2 + 1 ∈ Q(

3√

2)[x] does have i as a root, itis its minimal polynomial over Q(

3√

2), and we have [K : Q(3√

2)] = 2.In conclusion, [K : Q] = 2 · 3 = 6.

(ii) We show that K = Q(3√

2, i) = Q(3√

2 + i). Since 3√

2 + i ∈ Q(3√

2, i), it isclear that Q(

3√

2+ i) ⊆ Q(3√

2, i).

5 Rings and Fields 229

Let u = 3√

2 + i. By taking the cube of both sides of the equality u − i = 3√

2we get

i = u3 − 3u− 2

3u2 − 1∈ Q(u) = Q(

3√

2+ i).

Moreover, 3√

2 = u− i ∈ Q(3√

2+ i) and thus Q(3√

2, i) ⊆ Q(3√

2+ i).(iii) We need to find the minimal polynomial of 3

√2+i overQ. By the results shown

above, we know that its degree must be 6. It is thus enough to find a monicpolynomial of degree 6 with rational coefficients that vanishes at 3

√2+ i.

As before, let u = 3√

2 + i. Squaring both sides of the equality i = u − 3√

2,isolating 3

√2 and taking cubes, we immediately get that u6+3u4−4u3+3u2+

12u + 5 = 0, so the polynomial x6 + 3x4 − 4x3 + 3x2 + 12x + 5 ∈ Q(x)

is monic, has degree 6 and has 3√

2 + i as a root. It is therefore the minimalpolynomial of 3

√2+ i over Q.

236

(i)Q( 3, )

Q(√3)

2

5Consider the extensions Q ⊆ Q(

√3) ⊆ Q(

√3,√

5).Since x2 − 3 and x2 − 5 are the minimal polynomials of√

3 and√

5 over Q, the first extension has degree 2 andthe second has degree at most 2. If we had

√5 ∈ Q(

√3),

then we would have√

5 = a + b√

3 for some nonzerorationals a and b. But squaring the expression gives 5 =a2+2ab

√3+3b2, that is,

√3 = (5−a2−3b2)/2ab ∈ Q,

which is a contradiction.[[Another way to prove that

√5 �∈ Q(

√3) is the following. If we had

√5 ∈ Q(

√3) then the

two quadratic extensions Q(√

3) and Q(√

5) would coincide; but this is not the case, because

3 · 5 = 15 is not a square in Q.]]This implies that the second extension has degree 2 and thus

[Q(√

3,√

5) : Q] = [Q(√

3,√

5) : Q(√

3)][Q(√

3) : Q] = 4.

Now consider the extensions Q ⊆ Q(√

3−√5) ⊆ Q(√

3,√

5). Since√

3−√5is irrational (its square is irrational) the first extension has degree at least 2 andthus can have degree 2 or 4, since its degree must be a divisor of [Q(

√3,√

5) :Q] = 4.Suppose it has degree 2, that is, there exists a polynomial f (x) = x2+ax+b ∈Q[x] such that f (

√3 − √5) = 0. This would imply (

√3 − √5)2 + a(

√3 −√

5)+b = 0, hence 3+5−2√

15+a√

3−a√

5+b = 0, that is, 8+b+a√

3 =(a + 2

√3)√

5. Squaring both sides yields 64 + b2 + 3a2 + 16b + 16a√

3 +2ab√

3 = 5a2+ 60+ 20a√

3, hence b2+ 16b− 2a2+ 4+ (2ab− 4a)√

3 = 0.Since

√3 is irrational, this implies 2ab − 4a = 0, that is, a = 0 or b = 2. In

the first case we get b2 + 16b + 4 = 0 and in the second a2 = 20, but neitherequation has any rational solutions. In conclusion, such a polynomial does notexist, hence [Q(

√3−√5) : Q] = 4.

230 3 Solutions

(ii) Set α = √3 − √5. Taking the square yields α2 = 3 + 5 − 2√

15, that is,α2 − 8 = −2

√15. Squaring again, we have α4 − 16α2+ 4 = 0, so

√3−√5 is

a root of the polynomial x4 − 16x2 + 4 ∈ Q[x]. Since [Q(√

3−√5) : Q] = 4,this polynomial is irreducible and is thus the minimal polynomial of

√3 −√5

over Q.Consider now

√√3−√5 − 1. Setting f (x) = x8 − 16x4 + 4 ∈ Q[x], it is

easy to see that f (√√

3−√5) = 0, so the polynomial g(x) = f (x + 1) =(x + 1)8 − 16(x + 1)4 + 4 ∈ Q[x] is monic and has

√√3−√5− 1 as a root.

In order to show that g(x) is the minimal polynomial of√√

3−√5 − 1 overQ, we need to show that g(x) is irreducible, or equivalently that the extension

Q ⊆ Q(√√

3−√5− 1) = Q(√√

3−√5) has degree 8.

Q(β)

Q(√

3−√5) ⊆ R

4

Q

Set β =√√

3−√5. Since we know that[Q(β) : Q] = [Q(β) : Q(

√3 −√5)] · [Q(

√3 −√

5) : Q] and that [Q(√

3 − √5) : Q] = 4, wehave that [Q(β) : Q] = 8 is equivalent to Q(

√3−√

5) �= Q(β). But this immediately follows fromthe fact that Q(

√3 −√5) is a subextension of R,

whereas Q(β) is not, since β =√√

3−√5 is thesquare root of a negative number.

237 Set f (x) = x7+x6+x5+x4+x3+x2+x+1; notice that (x−1)f (x) = x8−1.It is thus clear that in C[x] the roots of the polynomial f (x) are all the 8th roots ofunity except for 1, that is,

f (x) = (x − 1+ i√2

)(x − i)(x − −1+ i√2

)(x + 1)(x − −1− i√2

)(x + i)(x − 1− i√2

).

In Z[x] we can factor x8− 1 as (x− 1)(x+ 1)(x2+ 1)(x4+ 1), as one immediatelyfinds by repeatedly factoring differences of squares. This factorisation also holds inF5[x] and F13[x], because both rings are quotients of Z[x].

Now, remark that x2 + 1 is irreducible in Z[x] because it has no real roots and ismonic. The polynomial (x + 1)4 + 1 = x4 + 4x3 + 6x2 + 4x + 2 is irreducible byEisenstein’s criterion for the prime 2, so x4+ 1 is also irreducible. The factorisationof f (x) in irreducible factors in Z[x] is therefore

f (x) = (x + 1)(x2 + 1)(x4 + 1).

In F5 we have 22 = −1, whereas±2 are not squares. So x2+1 = (x−2)(x+2)

and x4+1 = (x2−2)(x2+2), and the two quadratic factors are irreducible becausethey have no roots. So f (x) factors in F5[x] as

f (x) = (x + 1)(x − 2)(x + 2)(x2 − 2)(x2 + 2).

5 Rings and Fields 231

In F17 we have 42 = −1, so x2+1 = (x−4)(x+4) and x4+1 = (x2−4)(x2+

4) = (x − 2)(x + 2)(x − 8)(x + 8). The polynomial is therefore a product of linearfactors:

f (x) = (x + 1)(x − 4)(x + 4)(x − 2)(x + 2)(x − 8)(x + 8).

238

(i) Remark that 1 is a root of f (x) over F7, so we can divide f (x) by x − 1 andobtain f (x) = (x−1)(x3−x2−3x+3). Since 1 is also a root of x3−x2−3x+3,we divide once again to get f (x) = (x − 1)2(x2 − 3).In order to check whether x2−3 is irreducible, we compute all squares in F

∗7: we

have (±1)2 = 1, (±2)2 = −3, (±3)2 = 2, so 3 is not a square and thereforex2 − 3 is irreducible. The factorisation of f (x) in irreducible factors is thus(x − 1)2(x2 − 3).

(ii) Since F7[x]/(f (x)) is a finite ring, its elements are either invertible or zerodivisors; we can therefore just count zero divisors. We know that each zerodivisor is represented by a polynomial of degree less than 4 that is not coprimeto f (x). The set of zero divisors is thus in bijection with the set of polynomialsof degree at most 3 that are multiples of x − 1 or of x2 − 3. By the inclusion-exclusion principle,

|{zero divisors}| = |{multiples of x − 1}| + |{multiples of x2 − 3}|−|{multiples of (x − 1)(x2 − 3)}|.

The multiples of x − 1 are represented by polynomials of the form (a2x2 +

a1x + a0)(x − 1), with no conditions on a0, a1, a2 ∈ F7, so there are 73 = 343of them. Similarly, there are 72 = 49 multiples of x2 − 3 and 7 multiples of(x − 1)(x2 − 3).Therefore, there are 73 + 72 − 7 = 385 zero divisors in F7[x]/(f (x))|, and thenumber of invertible elements is

|F7[x]/(f (x))| − 385 = 74 − 385 = 2016.

239 Let us find the minimal polynomial of α over Q. By repeatedly isolating squareroots and squaring we get

α = 2+√

5+√−5

(α − 2)2 = 5+√−5

((α − 2)2 − 5)2 = −5

α4 − 8α3 + 14α + 8α + 6 = 0,

232 3 Solutions

so α is a root of the polynomial f (x) = x4−8x3+14x2+8x+6. Now, f (x) ∈ Z[x]is irreducible in Z[x] by Eisenstein’s criterion for p = 2. By Gauss’s lemma, f (x)

is also irreducible in Q[x] and, being monic, it is the minimal polynomial of α overQ. It follows that [Q(α) : Q] = deg(f ) = 4.

Q(α)

Q(α2)

Q

4

Consider the tower of extensions Q ⊆ Q(α2) ⊆ Q(α).We know that [Q(α) : Q] = 4 and that [Q(α) : Q(α2)] ≤ 2,because α is a root of the polynomial x2 − α2, which hasdegree 2 and whose coefficients are in Q(α2).The fact that the degree is multiplicative in towers impliesthat [Q(α2) : Q] is either 2 or 4. If we had [Q(α2) : Q] = 2then the minimal polynomial of α2 over Q would be of theform x2 + ax + b for some a and b in Q, so α would be aroot of the polynomial g(x) = x4 + ax2 + b ∈ Q[x].

But then g(x) would be a multiple of f (x). In order for this to be the case, sincef and g are monic polynomial of the same degree, they would need to coincide: butthis is not possible because g gives a biquadratic equation, whereas f does not. Inconclusion, [Q(α2) : Q] = 4.

240

(i) In F2[x] we have

f (x) = x4 + 3x3 + x + 1= x4 + x3 + x + 1= (x + 1)2(x2 + x + 1)

and the latter is a product of irreducible factors because x2 + x + 1 has degree2 and no roots in F2.Similarly, in F3[x]we have f (x) = (x−1)(x3+x2+x−1) and x3+x2+x−1is an irreducible polynomial in F3[x], because it has degree 3 and no roots inF3.It follows that the splitting field of f (x) over F2 is F22 and the splitting field off (x) over F3 is F33.The splitting field of f (x) over F2k is, by definition, the smallest extension ofF2k that contains the roots of f (x). Now, an extension of F2k contains the rootsof f (x) if and only if it contains the extension that they generate over F2, sowhat we need to find is the degree of the smallest extension of F2k that containsF22. From the theory concerning inclusions of finite fields, we know that thedegree of the splitting field in question is 2/(k, 2), that is, 1 if k is even and 2 ifk is odd.Similarly, the splitting field of f (x) over F3k is the smallest extension of F3k

that contains F33, which has thus degree 3/(k, 3).(ii) We have [Q(α) : Q] = 4 because f (x) is an irreducible polynomial over Q.

Indeed, f (x) has no roots in Q, because the only candidates are±1 and one cancheck that f (±1) �= 0. So if f (x) were reducible overQ it would be the product

5 Rings and Fields 233

of two irreducible factors of degree 2, but this contradicts the factorisation foundover F3.[[Alternatively, we can remark that if f (x) factored over Q as the product of two irreduciblepolynomials of degree 2, we would have

x4 + 3x3 + x + 1 = (x2 + ax ± 1)(x2 + bx ± 1)

for some a, b ∈ Z. Looking at the coefficients of x and x3, we would have a + b = ±1 and

a + b = 3, which are clearly incompatible. ]]

241 First of all, remark that the polynomial f (x) = x4−2 is irreducible over Q byEisenstein’s criterion for the prime 2 and Gauss’s lemma. Its complex roots are thenumbers ik

4√

2 for k = 0, 1, 2, 3. Setting α = 4√

2, we have that the splitting field off (x) over Q is given by Q(i, α).

Q(α, i)

Q(α)

4

Q

Consider the tower of extensions Q ⊆ Q(α) ⊆ Q(α, i). Thefirst extension has degree 4 because f (x) is irreducible. Thesecond extension has degree 2: its degree is at most 2 becausethe polynomial x2 + 1 has coefficients in Q(α) and has i as aroot; moreover, its degree is not 1 because Q(α) is contained inR, so it cannot coincide with Q(α, i). In particular, the degreeof the splitting field of f (x) over Q is 8.

In F3[x] we have

f (x) = x4 − 2 = x4 + 4 = (x4 + 4x2+ 4)− (2x)2 = (x2− 2x + 2)(x2+ 2x + 2)

and the polynomials x2 ± 2x + 2 are irreducible over F3 because their discriminantis −1, and therefore not a square in F3. In particular, the degree of the splitting fieldof f (x) over F3 is 2.

In F17[x] we have

f (x) = x4 − 2 = x4 − 36 = (x2 − 6)(x2 + 6).

The polynomials x2 ± 6 are irreducible over F17 because 6 and −6 are not squaresin F17, as one can check by listing all squares of F17. In particular, the degree of thesplitting field of f (x) over F17 is 2.

[[The factorisation a4 + 4b4 = (a2 + 2b2 + 2ab)(a2 + 2b2 − 2ab), which we used abovewith b = 1 and over F3, is called Sophie Germain’s identity, in honour of the famous Frenchmathematician.

We could have alternatively computed the degree over F17 by remarking that, since 2 has order

8 in (Z/17Z)∗, any root α of f (x) in the algebraic closure of F17 is such that (α4)8 = 28 = 1,

so we have α32 = 1 and α16 �= 1. What we have to compute is therefore the degree of the field

generated by the 32nd roots of unity over F17; this field is F17d , where d is the order of 17 in

(Z/32Z)∗. Since 17 �≡ 1 (mod 32) and 172 ≡ 1 (mod 32), we have d = 2. ]]

Index

AAbelian, – group, 24Algebraic

element, 47extension, 47

AlgorithmEuclid’s, 16Euclid’s – for polynomials, 40

Argument, – of a complex number, 10Arithmetic

fundamental theorem of, 17modular, 20

Automorphismfield, 46Frobenius, 46group, 32

BBasis, 44Bézout

’s identity, 16’s identity for polynomials, 40

Binomialtheorem, 14, 35

CCardinality, – of a set, 12Cauchy, –’s theorem, 32Centre, 25Characteristic

of a field, 45positive, 45zero, 45

Chinese, – remainder theorem, 20Class(es)

equivalence, 5invertible residue, 21

Closed, – subset, 9Closure, algebraic – of a field, 49Codomain, 3Coefficient

binomial, 13constant, 38leading, 38

Combinatorics, 12Commutative

diagramme, 4group, 24ring, 34

Complement, 2Complex

algebraic form of a – number, 10argument of a – number, 10imaginary – number, 10imaginary part of a – number, 10modulus of a – number, 10numbers, 10plane, 10polar form of a – number, 11real part of a – number, 10

Compositeextension, 47map, 4

Composition, 8of maps, 4

Congruence, 17Congruent, 17, 27Conjugate, 28

© Springer Nature Switzerland AG 2020R. Chirivì et al., Selected Exercises in Algebra, UNITEXT 119,https://doi.org/10.1007/978-3-030-36156-3

235

236 Index

complex, 10Constant, – polynomial, 38Content, – of a polynomial, 41Coset(s), 27

left – of a subgroup, 27right – of a subgroup, 27

Criterionderivative – for multiple roots, 49Eisenstein’s, 43

Cycle, 30length of a, 30

Cyclicgroup, 25structure theorem for – groups, 32

Cyclotomicextension over Q, 50polynomial, 43theorem of – extensions, 51

DDegree

of an extension, 46of a polynomial, 38

De Morgan, –’s law, 2Dependent, linearly, 44Derivative

criterion for multiple roots, 49of a polynomial, 49

Dimension, 44Diophantine, linear – equation, 16Divisibility, – of polynomials, 39Division

Euclidean, 15Euclidean – of polynomials, 40

Divisor, 15zero, 34

Domain, 3integral, 34

EEisenstein, –’s criterion, 43Element

algebraic, 47invertible – in a ring, 35neutral – for an operation, 9neutral – of a group, 24nilpotent, 34transcendental, 47

Equation, linear Diophantine, 16Equivalence

class, 5relation, 5

Euclid’s algorithm, 16’s algorithm for polynomials, 40’s lemma, 16

Euler’s formula, 10’s theorem, 22’s totient function, 21

Evaluation, – of a polynomial, 39Exactly divides, 17Extension(s)

algebraic, 47composite, 47cyclotomic, 50degree of an, 46field, 46finite, 46tower of, 46

FFactorial, 13Factorisation, polynomial, 41Fermat, –’s theorem, 19Fibonacci, – numbers, 8Field(s), 35, 45

algebraic closure of a, 49algebraically closed, 48automorphism, 46characteristic of a, 45extension, 46finite, 50

Finite, – field, 50Form

algebraic – of a complex number, 10polar – of a complex number, 11

Formula, Euler’s, 10Freshman’s dream, 19, 45Frobenius, – automorphism, 46Function

characteristic, 12Euler’s totient, 21

GGauss, –’s lemma, 42Generator(s)

set of, 25for a vector space, 44

Greatest common divisor, 15Group(s), 24

Abelian, 24automorphism, 32centre of a, 25

Index 237

commutative, 24cyclic, 25direct product of, 33homomorphic image of a, 30homomorphism, 30isomorphism, 31multiplicative – of a field, 46neutral element of a, 24order of a, 24quotient, 28quotient of, 27structure theorem for cyclic, 32symmetric, 29of unit quaternions, 29

HHomomorphism

fundamental – theorem, 31group, 30kernel of a group, 30kernel of a ring, 36ring, 36

IIdeal, 36

generated, 37maximal, 37

IdentityBézout’s, 16Bézout’s – for polynomials, 40map, 4

Imageof an element, 3homomorphic – of a group, 30of a map, 3of a set, 3

Imaginarynumber, 10part of a complex number, 10unit, 10

Independent, linearly, 44Indeterminate, 37Index, – of a subgroup, 27Induction

principle, 7Integer(s)

congruent, 17numbers, 9prime, 17relatively prime, 16

Integral, – domain, 34Intersection, 2

Inversegroup, 24left – for an operation, 9for an operation, 9right – for an operation, 9

Invertibleelement in a ring, 35residue class, 21

Irreducible, – polynomial, 41Isomorphism

group, 31ring, 36

KKernel

of a group homomorphism, 30of a ring homomorphism, 36

LLagrange, –’s theorem, 27Law(s)

associative – for composition of maps, 4cancellation, 25De Morgan, 2

Least common multiple, 17Legendre, – symbol, 52Leibniz, –’s rule, 49Lemma

Euclid’s, 16Gauss’s, 42

Length, – of a cycle, 30Linear combination, 44Linearly

dependent, 44independent, 44

MMap(s), 3

associative law for composition of, 4bijective, 4codomain of a, 3commutative diagramme of, 4compatible with an equivalence relation, 6composite, 4composition of, 4domain of a, 3fixed points of a, 4identity, 4image of a, 3inclusion, 4injective, 4

238 Index

inverse, 4invertible, 4multiplicative, 21one-to-one, 4onto, 4quotient, 6restriction of a, 4surjective, 4

Maximal, – ideal, 37Minimal, – polynomial, 47Modulus, – of a complex number, 10Monic, – polynomial, 38Multiple, 15Multiple, – of a polynomial, 40Multiplication, – by scalars, 44Multiplicative, – map, 21Multiplicity, – of a root, 40

NNilpotent, – element, 34Normal, – subgroup, 28Number(s), 9

complex, 10Fibonacci, 8integer, 9natural, 7rational, 9real, 9

OOne, – of a ring, 34Operation, 8

associative, 8closed subset under an, 9commutative, 8distributive, 9inverse for an, 9left inverse for an, 9neutral element for an, 9in the quotient of groups, 28restriction of an, 9right inverse for an, 9

Orderof an element, 24of a group, 24partial – relation, 7relation, 6strict – relation, 7total – relation, 7

PPartition(s), 5

finer, 6Pascal’s triangle, 14

Permutation, 4Plane, complex, 10Polynomial(s), 37

constant, 38constant coefficient of a, 38content of a, 41cyclotomic, 43degree of a, 38derivative of a, 49divisibility of, 39Euclidean division of, 40evaluation of a, 39factorisation, 41indeterminate of a, 37irreducible, 41leading coefficient of a, 38minimal, 47monic, 38multiple of a, 40primitive, 41quotient of a division between, 40quotient of – rings, 43remainder of a division between, 40root of a, 39zero, 38

Pre-image, 3Prime

integers, 17relatively – integers, 16relatively – polynomials, 41

Primitive, – polynomial, 41Principle

inclusion-exclusion, 15of induction, 7pigeonhole, 13recursion, 8well-ordering, 7of zero products, 35

ProductCartesian—of sets, 2direct – of groups, 33of subgroups, 26

Propertyanti-symmetry, 6irreflexivity, 7reflexivity, 5, 6symmetry, 5transitivity, 5–7

QQuaternions, group of unit, 29Quotient, 15

of a division between polynomials, 40

Index 239

of groups, 27, 28of polynomial rings, 43of a ring, 37set, 6

RRational, – numbers, 9Real, – numbers, 9Real part, – of a complex number, 10Recursive, 8Relation(s), 5

equivalence, 5equivalence class of a, 5order, 6partial order, 7quotient by a, 6strict order, 7total order, 7

Remainder, 15of a division between polynomials, 40

Representative(s)set of, 6

Residue(s), 18quadratic, 52

Restriction, – of an operation, 9Ring(s), 34

commutative, 34generated, 36homomorphism, 36with identity, 34isomorphism, 36one of a, 34polynomial, 37quotient, 37unitary, 34zero, 34zero of a, 34

Rootmultiple, 40multiplicity of a, 40of a polynomial, 39primitive – of unity, 11, 50simple, 40of unity, 49

Ruffini, –’s theorem, 40Rule, Leibniz’s, 49

SScalar, 44Sequence, 8Set(s), 1

cardinality of a, 12

characteristic function of a, 12closed – under an operation, 9complement of a, 2disjoint, 2finite, 12of generators, 25image of a, 3infinite, 12intersection of, 2pre-image of a, 3quotient, 6of representatives, 6union of, 1

Space, vector, 43Subgroup(s), 25

cosets of a, 27generated, 25index of a, 27normal, 28product of, 26

Subring(s), 35Symbol, Legendre, 52Symmetric, – group, 29

TTheorem

binomial, 14, 35Cauchy’s, 32Chinese remainder, 20of cyclotomic extensions, 51Euler’s, 22Fermat’s, 19freshman’s dream, 19, 45fundamental – of algebra, 41fundamental – of arithmetic, 17fundamental homomorphism, 31Lagrange’s, 27Ruffini’s, 40structure – for cyclic groups, 32

Tower, – of extensions, 46Transcendental, – element, 47Transposition, 30

UUnion, 1

disjoint, 2Unit

imaginary, 10of a ring, 34quaternions, 29

Unitary, – ring, 34

240 Index

VVector, 44

column, 44space, 43zero, 44

ZZero

characteristic, 45of a ring, 34