# ORDERS OF ELEMENTS IN A GROUP

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 ORDERS OF ELEMENTS IN A GROUP KEITH CONRAD 1. Introduction Let G be a group and g G. We say g has finite order if g n = e for some positive integer n. For example, 1 and i have finite order in C, since ( 1) 2 = 1 and i 4 = 1. The powers of g repeat themselves every n turns: for any integers a and k, g a+nk = g a g nk = g a (g n ) k = g a. Thus the sequence of powers of g looks like {e, g, g 2,..., g n 1, e, g, g 2,... }. The least n 1 such that g n = e is called the order of g. If there is no such n (that is, g n e for every n 1), we say g has infinite order. For example, in the group C, 1 has order 2, i has order 4, and 7 has infinite order. For any positive integer n, the complex number cos 2π n + i sin 2π n is an example of an element of C with order n. If G is a finite group, every g G has finite order. The proof is as follows. Since the set of powers {g a : a Z} is a subset of G and the exponents a run over all integers, an infinite set, there must be a repetition: g a = g b for some a < b in Z. Then g b a = e, so g has finite order. (Taking the contrapositive, if g has infinite order its integral powers have no repetitions: g a = g b = a = b.) There are three questions about elements of finite order that we want to address: (1) When g G has a known finite order, how can we tell when two powers g k and g l are the same directly in terms of the exponents k and l? (2) When g has finite order, how is the order of a power g k related to the order of g? (3) When two elements g 1 and g 2 of a group have finite order, how is the order of their product g 1 g 2 related to the orders of g 1 and g 2? We will find essentially complete answers to the first two questions, and only a partial answer to the third question. In the case of finite abelian groups, we will see that the order of any element divides the size of the group. 1 Then, as application of that divisibility relation, we will derive some classical congruences from number theory that can be used to test efficiently whether or not a large integer is prime without having to factor it. (This is very important in cryptography.) The most important theorems to understand well are Theorems 3.2, 3.4, and This result is also true in the non-abelian case, but not by the proof we will give here for abelian groups. 1

2 2 KEITH CONRAD 2. Examples We have already seen that 1 and i in C have orders 2 and 4, respectively. Let s look at the meaning of the order of an element in the groups (Z/(m)) and S m. Example 2.1. An integer modulo m lies in (Z/(m)) precisely when it is relatively prime to m, which can be effectively determined using Euclid s algorithm. To say a mod m has order n in (Z/(m)) means a n 1 mod m, a j 1 mod m for 1 j < n. There is no simple-minded formula for the order of a random element of (Z/(m)) ; it just is what it is and you have to make computations to figure it out. For instance, 2 and 2 2 are not 1 mod 7 and mod 7, so 2 has order 3 in (Z/(7)). Since 2 j 1 mod 23 for 1 j < 11 and mod 23, 2 has order 11 in (Z/(23)). For any m 3, 1 has order 2 in (Z/(m)) since ( 1) 2 1 mod m while 1 1 mod m. Watch out for m = 2: since 1 1 mod 2, in the group (Z/(2)), which is actually a group with only one element, 1 has order 1, not 2! Example 2.2. In a symmetric group S m, let σ = (a 1 a 2 a r ) be an r-cycle. The n-th power σ n shifts each a i by n terms. (A power of a cycle need not be a cycle, e.g., (1234) 2 = (13)(24).) The least n 1 such that σ n is the identity is n = r. That is, an r-cycle has order r. For instance, any transposition has order 2. Armed with this information about orders of cycles, we will compute the order of a general permutation in S m, using its disjoint cycle decomposition, in Theorem Basic Properties of Orders Let G be a group, written multiplicatively. For g G, the subgroup generated by g is g = {g k : k Z}. This is easily seen to be a subgroup: it is closed under multiplication and inversion. Theorem 3.1. To say g has finite order in G is equivalent to saying g is a finite group. Proof. If g has finite order, suppose g n = e for some n > 0. Consider a general power of g, say g k with k Z. By the division theorem in Z, there are integers q and r such that k = nq + r with 0 r < n. Then so g k = g nq g r = g r, g = {e, g, g 2,, g n 1 }, which shows g is a finite group. Conversely, suppose g is a finite group. Then g certainly has just a finite number of different powers. As k runs through the integers, the powers g k must repeat: g k 1 = g k 2 for different integers k 1 and k 2. We may take k 1 < k 2 without loss of generality. Then g k 2 k 1 = e, with k 2 k 1 a positive integer, so g has finite order.

3 ORDERS OF ELEMENTS IN A GROUP 3 When g n = e, n might not be as small as possible, so the repetition in the powers of g may really occur more often than every n turns. For example, ( 1) 4 = 1, so Theorem 3.1 says the only powers of 1 are ( 1) k for k {0, 1, 2, 3}, but we know that in fact a more economical list is ( 1) k for k {0, 1}. This is connected with the fact that ( 1) 2 = 1. This observation leads to a strengthening of Theorem 3.1: the order of g is the size of the group g when g has finite order. Theorem 3.2. Let g n = e for some n 1, with n chosen as small as possible. Then (1) g = {e, g, g 2,..., g n 1 }. (2) # g = n. That is, the powers listed in part (1) are different from each other. Proof. First we show (1). Given an arbitrary power g k, write k = nq + r where 0 r n 1. Then g k = g r, just as in the previous proof, so every power of g is some g r where 0 r n 1. This means g = {e, g, g 2,..., g n 1 }, which establishes (1). So far we have not used the minimality of n. Now we prove (2). We already have a list of n powers that exhaust g, namely g r for 0 r n 1. To prove # g = n, we must prove these powers are all distinct. Here is where the minimality of n is going to be used. If our list of powers contains any repetitions, then g i = g j where 1 i < j n 1. (Be attentive to the inequalities here.) Then (3.1) g j i = e, and 0 < j i < n. This contradicts the definition of n, since we found a power of g equal to e where the exponent j i is a positive integer less than n, while n is the minimal positive integer satisfying g n = e. Hence we have a contradiction, so the powers among {e, g, g 2,..., g n 1 } are distinct from one another. Thus # g = n. Remark 3.3. When G is a finite group, every element must have finite order. However, the converse is false: there are infinite groups where each element has finite order. For example, in the group of all roots of unity in C each element has finite order. Theorem 3.2 gives a nice combinatorial interpretation of the order of g, when it is finite: the order of g is the size of the group g. In fact, this even works when g has infinite order (then g is an infinite group), so the order of g is always the size of g. The finite order of an element is linked to periodicity in its powers, as follows. Theorem 3.4. Let g G and g have order n. Then g k = e if and only if n k. This is the most fundamental property of the order of an element in a group. Be sure you really understand the ideas in the proof! Try it out on powers of i in C (having order n = 4). Proof. If n k, say k = nm, then g k = g nm = (g n ) m = e. For the converse direction, we use the division theorem. Supposing that g k = e, write k = nq + r with integers q and r such that 0 r < n. Then e = g k = (g n ) q g r = g r. Since 0 r < n, the minimality built into n as the order of g forces r to be zero (why?). Thus k = nq, so n k.

4 4 KEITH CONRAD Corollary 3.5. Let g G have order n. For k, l Z, g k = g l if and only if k l mod n. Proof. Write the condition g k = g l as g k l = e. Now use Theorem 3.4. Here is a concrete application of Theorem 3.4: we find a formula for the order of a permutation in a symmetric group. In Example 2.2, we saw that an r-cycle has order r. Now we deal with a general permutation, which is not necessarily a cycle. Theorem 3.6. For σ S m, write it as a product of disjoint cycles: σ = σ 1 σ 2 σ t, where σ i is a cycle with length r i, 1 i t. The order of σ is the least common multiple [r 1, r 2,..., r t ]. Proof. Since disjoint cycles commute, σ a = σ a 1σ a 2 σ a t. Because the σ i s permute elements from disjoint sets, σ a is the identity if and only if each σ a i is the identity. (Be sure you understand that.) As σ i has order r i, σ a i is the identity if and only if r i a (by Theorem 3.4). Therefore σ a = (1) each σ a i = (1), r i a for all i, [r 1, r 2,..., r t ] a, where [r 1, r 2,..., r t ] denotes the least common multiple of the r i s, which are the lengths of the disjoint cycles σ i. Therefore the order of σ is [r 1, r 2,..., r t ]. Example 3.7. Consider σ = ( )( ). The cycles appearing here are disjoint. The order of σ is [4, 6] = 12. If σ is not written as a product of disjoint cycles, determine its disjoint cycle decomposition first in order to compute the order of σ. Example 3.8. Consider σ = (123)(241). The 3-cycles here each have order 3, but σ does not have order [3, 3] = 3. The cycles are not disjoint. The disjoint cycle decomposition of σ is so the order of σ is 2. σ = (13)(24) Corollary 3.9. A permutation σ S n has prime order p if and only if it is a product of disjoint p-cycles. Proof. Let the decomposition of σ into disjoint cycles be σ 1 σ 2 σ t, and we can assume the σ i s are all nontrivial cycles. (We allow t = 1: a single cycle is a product of 1 disjoint cycle.) Letting r i be the order of σ i, r i > 1 and computing the order of this product tells us p = [r 1,..., r t ]. Therefore each r i is a factor of p and is greater than 1, so every r i is p. Conversely, if each r i is p then of course their least common multiple is p. So σ has order p if and only if it is a disjoint product of p-cycles.

5 ORDERS OF ELEMENTS IN A GROUP 5 This theorem is not saying an element of order p is a p-cycle. It s a disjoint product of p-cycles. For example, (12)(34)(56) has order 2 and (123)(456) has order 3. Remark Do not confuse the parity of a permutation being even or odd with the order of a permutation being even or odd: they are separate concepts. For example, (12) is an odd permutation with even order 2, (123) is an even permutation with odd order 3, and (12)(34) is an even permutation with even order 2. There is no odd permutation with odd order: if σ m = (1) and m is odd, then taking the sign of both sides shows sgn(σ) m = 1. An odd power of 1 is 1, so we must have sgn(σ) = 1. Thus an odd permutation (such as (12) or (12)(23)(34) = (1234)) always has even order. Returning to general groups G, we compare the orders of g and g k when g has finite order. Let g have order n. Since (g k ) n = (g n ) k = e, the order of g k divides n by Theorem 3.4. Which factor of n is it? Example Suppose g has order 12, so any power of g has order that is a factor of 12. It is plausible that g 2 has order 6: since g takes 12 powers until it first cycles around to the identity, g 2 takes only 6 powers to get there. Thus g 2 has order 6 = 12/2. On the other hand, it is absurd to say g 8 has order 12/8, as 12/8 is not an integer. The successive powers of g 8 are g 8 e, (g 8 ) 2 = g 16 = g 4 e, (g 8 ) 3 = g 24 = g 12 3 = e, so g 8 has order 3, which we can write as 12/4. What we divide 12 by to get the order of g 8 is not 8, but the largest factor that 8 has in common with 12, namely 4. Theorem Let g have order n in a group and k be an integer. (1) If k n then g k has order n/k. (2) If (k, n) = 1 then g k has order n. That is, raising g to a power relatively prime to its order doesn t change the order. (3) For general k Z, g k has order n/(k, n). The third part includes the first two parts as special cases (if k n then n/(k, n) = n/k, and if (k, n) = 1 then n/(k, n) = n), but we state those special cases separately because they are worth knowing on their own and because they can be proved independently of the general case. Understanding the proof of the first two parts of the theorem will help you better understand the proof of the third part. Basic to everything will be Theorem 3.4. Proof. Let t be the (unknown) order of g k, so (g k ) t = e and t is the minimal positive exponent that fits this equation. We want to show t = n/k if k n, t = n if (k, n) = 1, and t = n/(k, n) in general. 1) We assume k n. The condition (g k ) t = e is the same as g kt = e, so n kt by Theorem 3.4. Thus n kt, so n/k t. We also have the reverse inequality: since (g k ) n/k = g k(n/k) = g n = e, t n/k by the definition of what the order of an element is. From t n/k and n/k t, we have t = n/k. 2) We assume (k, n) = 1 and want to show g k has order n. The key idea we will need is that if a bc and (a, b) = 1, then a c. It would be good to review how that is proved if you don t recall the argument. The equation (g k ) t = e is the same as g kt = e, so n kt by Theorem 3.4. Since n and k are relatively prime, from n kt we conclude that n t, so n t. We have the reverse inequality too: (g k ) n = g kn = (g n ) k = e k = e, so t n by the definition of the order of an element. Therefore t = n.

6 6 KEITH CONRAD 3) In the general case, for any k, we want to show t = n/(k, n). The equation (g k ) t = e is the same as g kt = e, so n kt by Theorem 3.4. Write kt = nm for some m Z. Factor (n, k) out of both n and k: n = (n, k)n and k = (n, k)k, so (n, k ) = 1. Notice n = n/(n, k), so we want to show t = n. In the equation kt = nm we can cancel (n, k) from both sides: kt = nm = (k, n)k t = (k, n)n m = k t = n m, so n k t. Since n and k are relatively prime, from n k t we get n t, so n t. We have the reverse inequality too: (g k ) n = g kn! = g nk = (g n ) k = e k = e. Let s explain the equality with the exclamation point. The exponents kn and nk are equal since they are each the same as kn/(n, k). From (g k ) n = e we have t n. Earlier we saw n t, so t = n = n/(k, n) and we are done. Example If g has order 12, here is a list of orders of the initial powers of g. The order of g k is equal to 12/(k, 12). Compute successive powers of g k for each k to verify directly that the values in the table are correct. k order of g k Example If g has order n, then g 1 has order n, since (n, 1) = 1. This result can also be seen directly, since the powers of g 1 are the same as the powers of g, but simply appear in reverse order when written out (why?). Example If g has order 12, g k has order 12 precisely when (k, 12) = 1. Look at the table above and notice 12 appears under k = 1, 5, 7, 11, which are relatively prime to Order of products How is the order of a product g 1 g 2 related to the orders of the individual factors g 1 and g 2? In this generality not much can be said! Example 4.1. We saw in Example 3.8 that in S 4, (123) and (241) each have order 3 while their product (123)(241) = (13)(24) has order 2. Example 4.2. Suppose g has order 5. Then g 1 has order 5 and g 2 has order 5, but the product gg 1 = e has order 1 while the product gg 2 = g 3 has order 5. Example 4.3. Two elements can have finite order while their product has infinite order. Consider, in GL 2 (R), the matrices ( ) ( ) A = and B = Check yourself that A 2 and B 2 equal the identity matrix, so A and B both have order 2. Meanwhile, ( ) 1 1 AB =, 0 1 which has infinite order: (AB) n = ( 1 0 n 1 ), which is the identity matrix only for n = 0. The product BA = ( ) = (AB) 1 also has infinite order.

7 ORDERS OF ELEMENTS IN A GROUP 7 Example 4.4. There is a finite group containing two elements with order 2 whose product has any desired finite order greater than 2. Pick m 3 and view the matrices A and B from Example 4.3 as having entries that are integers mod m. Then A and B are now interpreted in the finite group GL 2 (Z/(m)). Since 1 1 mod m, both A and B have order 2 in GL 2 (Z/(m)). Their product AB = ( ) in GL 2(Z/(m)) has order m. The moral of the last two examples is that in general nothing can be said about the order of the product of two elements of finite order: it might be anything at all. However, if the two elements commute with each other, we can say a lot. (In the last three examples, the pair of elements do not commute.) What is special about commuting elements is that the product of commuting elements that each have finite order also has finite order: if g n 1 1 = e, g n 2 2 = e, and g 1 g 2 = g 2 g 1, then (g 1 g 2 ) n 1n 2 = g n 1n 2 1 g n 1n 2 2 = ee = e. For example, if g1 6 = e and g2 4 = e then (g 1g 2 ) 24 = g1 24g24 2 = e. So when g 1 has order dividing 6 and g 2 has order dividing 4 and g 1 g 2 = g 2 g 1, g 1 g 2 has order dividing 24. Actually, we can bound the order of g 1 g 2 by something a little bit better in general than the product n 1 n 2. The least common multiple [n 1, n 2 ] is divisible by n 1 and n 2, so (g 1 g 2 ) [n 1,n 2 ] = g [n 1,n 2 ] 1 g [n 1,n 2 ] 2 = e. For example, if g1 6 = e and g4 2 = e then (g 1g 2 ) 12 = g1 12g12 2 = e. So when g 1 has order dividing 6 and g 2 has order dividing 4 and g 1 g 2 = g 2 g 1, g 1 g 2 has order dividing 12, not just 24. When the orders of g 1 and g 2 are relatively prime, we can say exactly what the order of g 1 g 2 is: Theorem 4.5. Let g 1 and g 2 commute, where g 1 has order n 1 and g 2 has order n 2, with (n 1, n 2 ) = 1. Then g 1 g 2 has order n 1 n 2. In words, for commuting elements with relatively prime orders, the order of their product is the product of their orders. Proof. Since (g 1 g 2 ) n 1n 2 = g n 1n 2 1 g n 1n 2 2 = (g n 1 1 )n 2 (g n 2 2 )n 1 = e, we see g 1 g 2 has finite order, which must divide n 1 n 2 by Theorem 3.4. Let n be the order of g 1 g 2. In particular, (g 1 g 2 ) n = e. From this we will show n 1 n and n 2 n. Since g 1 and g 2 commute, (4.1) g n 1 g n 2 = e. Raising both sides of (4.1) to the power n 2 (to kill off the g 2 factor) gives g nn 2 1 = e. Therefore n 1 nn 2 by Theorem 3.4. Since (n 1, n 2 ) = 1, we conclude n 1 n. Now raising both sides of (4.1) to the power n 1 gives g nn 1 2 = e, so n 2 nn 1 by Theorem 3.4, and thus n 2 n. Since n 1 n, n 2 n and (n 1, n 2 ) = 1, we conclude that n 1 n 2 n. Since we already showed n n 1 n 2 (in the first paragraph of the proof), we conclude n = n 1 n 2. Example 4.6. In (Z/(21)), 1 has order 2 and 4 has order 3. Therefore 4 = 17 has order 6. Example 4.7. If g 1 has order 5, g 2 has order 8, and g 1 and g 2 commute, then g 1 g 2 has order 40. Example 4.8. For noncommuting elements with relatively prime orders, Theorem 4.5 can fail. In S 5, (123) has order 3 and (15342) has order 5 while (123)(15342) = (15)(34) has order 2, not 3 5 = 15.

8 8 KEITH CONRAD The least common multiple is not just an upper bound on the order of a product of commuting elements, but can be realized as the order of some product of their powers: Corollary 4.9. Let g 1 and g 2 commute, where g 1 has order n 1 and g 2 has order n 2. For some integers a 1 and a 2, g a 1 1 ga 2 2 has order [n 1, n 2 ]. Proof. The basic idea is to write [n 1, n 2 ] as a product of two relatively prime factors and then find exponents a 1 and a 2 such that g a 1 1 and g a 2 2 have orders equal to those factors. Then the order of g a 1 1 and g a 2 2 will be equal to the product of the factors (Theorem 4.5), which is [n 1, n 2 ] by design. Here are the details. Factor n 1 and n 2 into primes: n 1 = p e 1 1 per r, n 2 = p f 1 1 pfr r. We use the same list of (distinct) primes in these factorizations, and use an exponent 0 on a prime that is not a factor of one of the integers. The least common multiple is [n 1, n 2 ] = p max(e 1,f 1 ) 1 p max(er,fr) r. Break this into a product of two factors, one being a product of the prime powers where e i f i and the other using prime powers where e i < f i. Call these two numbers k 1 and k 2 : k 1 = k 2 = p ei i, e i f i p fi i. e i <f i Then [n 1, n 2 ] = k 1 k 2 and (k 1, k 2 ) = 1 (since k 1 and k 2 have no common prime factors). By construction, k 1 n 1 and k 2 n 2. Then g n 1/k 1 1 has order k 1 and g n 2/k 2 2 has order k 2. Since these orders are relatively prime and the two powers of g 1 and g 2 commute with each other, g n 1/k 1 1 g n 2/k 2 2 has order k 1 k 2 = [n 1, n 2 ]. Example Suppose g 1 has order n 1 = 60 = and g 2 has order n 2 = 630 = Then [n 1, n 2 ] = We can write this as (2 2 5) (3 2 7), where the first factor appears in n 1, the second in n 2, and the factors are relatively prime. Then g1 3 has order and g2 10 has order These orders are relatively prime, so g1 3g10 2 has order = [n 1, n 2 ]. Since the same power of 5 appears in both n 1 and n 2, there is another factorization of [n 1, n 2 ] we can use: placing the 5 in the second factor, we have [n 1, n 2 ] = (2 2 )( ). Then g1 15 has order 22 and g2 2 has order These orders are relatively prime, so g1 15g2 2 has order = [n 1, n 2 ]. 5. Finite Abelian Groups and Primality Testing The equivalence in the next theorem will lead us to an interesting way to distinguish prime numbers from composite numbers. Theorem 5.1. The following conditions on a finite group G of size N are equivalent: (a) For all g G, g N = e. (b) For all g G, the order of g divides N. Proof. (a) (b): If g N = e then the order of g divides N by Theorem 3.4. (b) (a): Let g have order n. If n N, say N = nn, then g N = (g n ) n = e n = e.

9 ORDERS OF ELEMENTS IN A GROUP 9 Theorem 5.1 is not saying (a) is true or (b) is true for a group G, but only that one is true for G if and only if the other is true for G. By a trick that depends on commutativity, we will show (a) is true when G is abelian. Theorem 5.2. For any finite abelian group G of size N, g N = e for all g G. Proof. Write out the elements of G, say G = {g 1, g 2,..., g N }. Now consider the product of each with g: (5.1) {gg 1, gg 2,..., gg N }. Since gg i = gg j if and only if g i = g j, sending g i to gg i is a one-to-one function from G to itself. As G is finite, the function is onto as well. That means (5.1) is just another listing of the elements of G, except perhaps in a different order: G = {g 1, g 2,..., g N } = {gg 1, gg 2,..., gg N }. Since G is abelian, we can multiply the elements in both lists and equate: g 1 g 2 g N = (gg 1 )(gg 2 ) (gg N ) Now cancel every g i from both sides: g N = e. = g N (g 1 g 2 g N ). Corollary 5.3. In a finite abelian group with size N, each element has order dividing N. Proof. This is immediate from Theorem 5.2 and (a) (b) in Theorem 5.1. Remark 5.4. For a general finite group, (a) and (b) in Theorem 5.1 are true, but to prove this for non-abelian groups requires a different approach: prove (b) first, and then (a) follows from Theorem 5.1. The proof of (b) uses cosets and we don t discuss it here. What does Theorem 5.2 say for the groups (Z/(p)), where p is prime? Every non-zero congruence class modulo p is invertible, so #(Z/(p)) = p 1. Theorem 5.2 in this case is a result going back to Fermat, called Fermat s little theorem (which got this whole business started). Theorem 5.5 (Fermat). If p is prime and a is any integer with a 0 mod p, a p 1 1 mod p. Example 5.6. Let p = 7. As the following table shows, the first time an element of (Z/(7)) has a power equal to 1 may vary, but all powers hit 1 at exponent 6 = p 1. k k mod k mod k mod k mod k mod k mod What is the analogue of Fermat s little theorem for (Z/(m)) when m is composite? It is most definitely not that a m 1 1 mod m for any a with (a, m) = 1. Indeed, the exponent in Theorem 5.2 is the size of the group, and (Z/(m)) does not have size m 1 when m is

10 10 KEITH CONRAD composite (non-trivial factors of m are not relatively prime to m). The size of (Z/(m)) is an irregularly growing function of m. It is traditionally denoted ϕ(m): ϕ(m) = #(Z/(m)) = #{1 a m : (a, m) = 1}. For instance, ϕ(p) = p 1 when p is prime. The following table lists ϕ(m) for m 15. m ϕ(m) Using the group (Z/(m)) in Theorem 5.2, we get a generalization of Fermat s little theorem, which is due to Euler. Theorem 5.7 (Euler). For any positive integer m, a ϕ(m) 1 mod m for every a that is relatively prime to m. Example 5.8. Taking m = 15, Euler s theorem says any a that is relatively prime to 15 satisfies a 8 1 mod 15. When m is composite, ϕ(m) < m 1, so the exponent in Euler s theorem is not m 1. This suggests (but does not prove) that, for composite m, a m 1 1 mod m for some a between 1 and m 1. In practice such a are often (but not always!) easy to find. This is a simple but powerful way to prove an integer m is composite: find some a in {1, 2,..., m 1} such that a m 1 1 mod m. If there is even one such a, then m violates the conclusion of Fermat s little theorem (which is about every a from 1 to m 1 when m is prime), so m must be composite. Example 5.9. Take m = 15. What is 2 14 mod 15? The powers of 2 mod 15 are 2, 4, 8, 1, 2, 4, 8, 1,..., repeating with period 4, so mod 15. Therefore 15 is not a prime number. This might seem like a dumb example: you already know 15 is composite because you know it factors as 3 5. The Fermat way of proving 15 is composite is different, since it tells us 15 is composite without telling us anything about its factorization. This teaches us something surprising: proving compositeness is not the same as finding a non-trivial factor (even though it appears otherwise from the definition of composite numbers). Example Let m = Since 2 m mod m, m is composite. The congruence does not tell us an explicit non-trivial factor of m. It only tells us that m does not satisfy the conclusion of Fermat s little theorem, and that suffices to know m is composite. The computation of a m 1 mod m can be carried out very quickly on a computer (writing the exponent in base 2, the exponentiation reduces to repeated squaring, which can be done modulo m rapidly, while real exponentiation can explode), so it is feasible in practice to prove the compositeness of large numbers by finding counterexamples to Fermat s little theorem for modulus m. Moreover, if one choice of a doesn t violate Fermat s little theorem, we can pick another a and try again. (Fermat s little theorem is about all a from 1 to m 1.) Example Let m = 341. Then mod 341. This does not tell us anything; just because it is consistent with Fermat s little theorem (if m were prime), it does not prove m is prime. We try another base, 3. Since mod 341, Fermat s little theorem is not true for 341, so 341 is composite.

11 ORDERS OF ELEMENTS IN A GROUP 11 Definition If a 0 mod m and a m 1 1 mod m, we say a is a (Fermat) witness to the compositeness of m. As soon as we find one witness, m is provably composite. Using some further group theory, it can be shown that if there is even one Fermat witness that is relatively prime to m, then at least 50% of the numbers from 1 to m 1 are Fermat witnesses. With those kinds of percentages, we can expect to get a Fermat witness pretty quickly; probably no more than a handful of tests will be needed before we find a witness. The 50% lower bound on the proportion of Fermat witnesses was based on the assumption that m has a Fermat witness that is relatively prime to m. Often such witnesses exist, and one of them is found after just a few trials. However, there do exist composite m for which all Fermat witnesses have a factor in common with m. These numbers are called Carmichael numbers, and the Fermat test will run about as slowly as trial division for these numbers. There are infinitely many Carmichael numbers, but in practice one doesn t run across them too often. In addition to its greater speed over trial division in proving a number is composite, the Fermat test has another advantage over trial division: failures of the test are informative. If we do 10 trial divisions and find no factors of m, we still are uncertain about whether m is prime or composite and we haven t learned anything since we expect most numbers less than m aren t factors of m anyway. But if we do 10 Fermat tests and find no example with a m 1 1 mod m, we are morally convinced m is a prime (the probability it is not prime is at most (1/2) ), although we get no proof it really is prime by this method (maybe m is a Carmichael number). The upshot of this discussion is that Fermat s little theorem provides a method of proving an integer is composite that does not search for factors. Instead, it uses algebra in the groups (Z/(m)) to attempt to distinguish between prime m and composite m. 6. Appendix: A Converse to Theorem 4.5 While Theorem 4.5 shows that a product of commuting elements with relatively prime orders has a predictable order, we can ask what can be said if we start with g G of order n and write n = n 1 n 2 where (n 1, n 2 ) = 1. Can we express g as a product of commuting elements with orders n 1 and n 2? If so, are the commuting elements unique? Yes and Yes. That is, Theorem 4.5 admits a strong kind of converse, as follows. Theorem 6.1. Let g G have order n, where n = n 1 n 2 with (n 1, n 2 ) = 1. Then we can write g = g 1 g 2 where g 1 has order n 1, g 2 has order n 2, and g 1 g 2 = g 2 g 1. Moreover, such g 1 and g 2 are unique in the group G. Example 6.2. To concretely illustrate the construction we will give in the proof, we give an example first. Suppose g has order 40 = 5 8. Then g = g 1 g 2 where g 1 = g 16 and g 2 = g 15 have respective orders 5 and 8 (using Theorem 3.12). Since g 1 and g 2 are powers of g, they commute! Remark 6.3. The group in Theorem 6.1 is arbitrary, possibly non-abelian. Proof. Since (n 1, n 2 ) = 1, n 1 x + n 2 y = 1 for some integers x and y. In particular, n 1 x 1 mod n 2 and n 2 y 1 mod n 1. Then g = g 1 = g n 1x g n 2y.

12 12 KEITH CONRAD By Theorem 3.12, g n 1 has order n/n 1 = n 2. Since (x, n 2 ) = 1 (why?), (g n 1 ) x = g n1x has order n 2 by Theorem Similarly, g n2y has order n 1. Let g 1 = g n2y and g 2 = g n1x. These satisfy the conclusion of the theorem. In particular, g 1 and g 2 commute, since they are powers of g. Now we treat uniqueness. Suppose g = g 1 g 2 = g 1g 2, where g 1, g 2 G and g 1, g 2 G have the relevant properties: g 1 has order n 1, g 2 has order n 2, g 1 g 2 = g 2 g 1, and likewise for g 1 and g 2. We want to show g 1 = g 1 and g 2 = g 2. Since g 1 g 2 = g 1 g 2, raising to the power n 1 implies g n 1 2 = (g 2 )n 1 (here we need commutativity of g 1 with g 2 and g 1 with g 2 ). Raising further to the power x gives gn 1x 2 = (g 2 )n1x. Since g 2 and g 2 both have order n 2 and n 1 x 1 mod n 2, we can replace the exponent n 1 x with 1 and find that g 2 = g 2. Then the equation g 1g 2 = g 1 g 2 implies g 1 = g 1. Corollary 6.4. The unique elements g 1 and g 2 from Theorem 6.1 are powers of g. Proof. In the constructive part of the proof of Theorem 6.1, we defined g 1 and g 2 as suitable powers of g. Since the choice of commuting g 1 and g 2 is unique, we re done. That g 1 and g 2 commute in Theorem 6.1 is essential in the proof of their uniqueness, and without commutativity we can find additional pairs satisfying the other conditions. For example, in S 9 let g = (124)(35)(6789). The cycles here are disjoint, so g has order [3, 2, 4] = 12. We can write 12 as 3 4, and here are two ways of writing g as a product g 1 g 2 of an element g 1 of order 3 and an element g 2 of order 4: g 1 = (124), g 2 = (35)(6789) and g 1 = (123), g 2 = (2435)(6789). The first pair commutes while the second pair does not. It is the first pair that is constructed in Theorem 6.1. Notice (124) = g 4 and (35)(6789) = g 3.

### DIHEDRAL GROUPS II KEITH CONRAD

DIHEDRAL GROUPS II KEITH CONRAD We will characterize dihedral groups in terms of generators and relations, and describe the subgroups of D n, including the normal subgroups. We will also introduce an infinite

### SUBGROUPS OF CYCLIC GROUPS. 1. Introduction In a group G, we denote the (cyclic) group of powers of some g G by

SUBGROUPS OF CYCLIC GROUPS KEITH CONRAD 1. Introduction In a group G, we denote the (cyclic) group of powers of some g G by g = {g k : k Z}. If G = g, then G itself is cyclic, with g as a generator. Examples

### CYCLICITY OF (Z/(p))

CYCLICITY OF (Z/(p)) KEITH CONRAD 1. Introduction For each prime p, the group (Z/(p)) is cyclic. We will give seven proofs of this fundamental result. A common feature of the proofs that (Z/(p)) is cyclic

### CONSEQUENCES OF THE SYLOW THEOREMS

CONSEQUENCES OF THE SYLOW THEOREMS KEITH CONRAD For a group theorist, Sylow s Theorem is such a basic tool, and so fundamental, that it is used almost without thinking, like breathing. Geoff Robinson 1.

ISOMORPHISMS KEITH CONRAD 1. Introduction Groups that are not literally the same may be structurally the same. An example of this idea from high school math is the relation between multiplication and addition

### LARGE PRIME NUMBERS (32, 42; 4) (32, 24; 2) (32, 20; 1) ( 105, 20; 0).

LARGE PRIME NUMBERS 1. Fast Modular Exponentiation Given positive integers a, e, and n, the following algorithm quickly computes the reduced power a e % n. (Here x % n denotes the element of {0,, n 1}

GENERATING SETS KEITH CONRAD 1 Introduction In R n, every vector can be written as a unique linear combination of the standard basis e 1,, e n A notion weaker than a basis is a spanning set: a set of vectors

### CONJUGATION IN A GROUP

CONJUGATION IN A GROUP KEITH CONRAD 1. Introduction A reflection across one line in the plane is, geometrically, just like a reflection across any other line. That is, while reflections across two different

### * 8 Groups, with Appendix containing Rings and Fields.

* 8 Groups, with Appendix containing Rings and Fields Binary Operations Definition We say that is a binary operation on a set S if, and only if, a, b, a b S Implicit in this definition is the idea that

### 7.2 Applications of Euler s and Fermat s Theorem.

7.2 Applications of Euler s and Fermat s Theorem. i) Finding and using inverses. From Fermat s Little Theorem we see that if p is prime and p a then a p 1 1 mod p, or equivalently a p 2 a 1 mod p. This

### GALOIS GROUPS OF CUBICS AND QUARTICS (NOT IN CHARACTERISTIC 2)

GALOIS GROUPS OF CUBICS AND QUARTICS (NOT IN CHARACTERISTIC 2) KEITH CONRAD We will describe a procedure for figuring out the Galois groups of separable irreducible polynomials in degrees 3 and 4 over

### Fermat s Last Theorem for Regular Primes

Fermat s Last Theorem for Regular Primes S. M.-C. 22 September 2015 Abstract Fermat famously claimed in the margin of a book that a certain family of Diophantine equations have no solutions in integers.

### THE GAUSSIAN INTEGERS

THE GAUSSIAN INTEGERS KEITH CONRAD Since the work of Gauss, number theorists have been interested in analogues of Z where concepts from arithmetic can also be developed. The example we will look at in

### MATH 2200 Final Review

MATH 00 Final Review Thomas Goller December 7, 01 1 Exam Format The final exam will consist of 8-10 proofs It will take place on Tuesday, December 11, from 10:30 AM - 1:30 PM, in the usual room Topics

### 2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Chapter 3: Theory of Modular Arithmetic 25 SECTION C Solving Linear Congruences By the end of this section you will be able to solve congruence equations determine the number of solutions find the multiplicative

### Fermat s Little Theorem. Fermat s little theorem is a statement about primes that nearly characterizes them.

Fermat s Little Theorem Fermat s little theorem is a statement about primes that nearly characterizes them. Theorem: Let p be prime and a be an integer that is not a multiple of p. Then a p 1 1 (mod p).

### MATH EXAMPLES: GROUPS, SUBGROUPS, COSETS

MATH 370 - EXAMPLES: GROUPS, SUBGROUPS, COSETS DR. ZACHARY SCHERR There seemed to be a lot of confusion centering around cosets and subgroups generated by elements. The purpose of this document is to supply

### GROUPS OF ORDER p 3 KEITH CONRAD

GROUPS OF ORDER p 3 KEITH CONRAD For any prime p, we want to describe the groups of order p 3 up to isomorphism. From the cyclic decomposition of finite abelian groups, there are three abelian groups of

### Section 10: Counting the Elements of a Finite Group

Section 10: Counting the Elements of a Finite Group Let G be a group and H a subgroup. Because the right cosets are the family of equivalence classes with respect to an equivalence relation on G, it follows

### 2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Chapter 3: Theory of Modular Arithmetic 25 SECTION C Solving Linear Congruences By the end of this section you will be able to solve congruence equations determine the number of solutions find the multiplicative

### THE MINIMAL POLYNOMIAL AND SOME APPLICATIONS

THE MINIMAL POLYNOMIAL AND SOME APPLICATIONS KEITH CONRAD. Introduction The easiest matrices to compute with are the diagonal ones. The sum and product of diagonal matrices can be computed componentwise

### Exercises on chapter 1

Exercises on chapter 1 1. Let G be a group and H and K be subgroups. Let HK = {hk h H, k K}. (i) Prove that HK is a subgroup of G if and only if HK = KH. (ii) If either H or K is a normal subgroup of G

PYTHAGOREAN TRIPLES KEITH CONRAD 1. Introduction A Pythagorean triple is a triple of positive integers (a, b, c) where a + b = c. Examples include (3, 4, 5), (5, 1, 13), and (8, 15, 17). Below is an ancient

### Homework #5 Solutions

Homework #5 Solutions p 83, #16. In order to find a chain a 1 a 2 a n of subgroups of Z 240 with n as large as possible, we start at the top with a n = 1 so that a n = Z 240. In general, given a i we will

### 3 The language of proof

3 The language of proof After working through this section, you should be able to: (a) understand what is asserted by various types of mathematical statements, in particular implications and equivalences;

### Algebra SEP Solutions

Algebra SEP Solutions 17 July 2017 1. (January 2017 problem 1) For example: (a) G = Z/4Z, N = Z/2Z. More generally, G = Z/p n Z, N = Z/pZ, p any prime number, n 2. Also G = Z, N = nz for any n 2, since

### GALOIS GROUPS AS PERMUTATION GROUPS

GALOIS GROUPS AS PERMUTATION GROUPS KEITH CONRAD 1. Introduction A Galois group is a group of field automorphisms under composition. By looking at the effect of a Galois group on field generators we can

### A Guide to Arithmetic

A Guide to Arithmetic Robin Chapman August 5, 1994 These notes give a very brief resumé of my number theory course. Proofs and examples are omitted. Any suggestions for improvements will be gratefully

### Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

The first exam will be on Monday, June 8, 202. The syllabus will be sections. and.2 in Lax, and the number theory handout found on the class web site, plus the handout on the method of successive squaring

### Definitions, Theorems and Exercises. Abstract Algebra Math 332. Ethan D. Bloch

Definitions, Theorems and Exercises Abstract Algebra Math 332 Ethan D. Bloch December 26, 2013 ii Contents 1 Binary Operations 3 1.1 Binary Operations............................... 4 1.2 Isomorphic Binary

### Lecture 3: Latin Squares and Groups

Latin Squares Instructor: Padraic Bartlett Lecture 3: Latin Squares and Groups Week 2 Mathcamp 2012 In our last lecture, we came up with some fairly surprising connections between finite fields and Latin

### 11 Division Mod n, Linear Integer Equations, Random Numbers, The Fundamental Theorem of Arithmetic

11 Division Mod n, Linear Integer Equations, Random Numbers, The Fundamental Theorem of Arithmetic Bezout s Lemma Let's look at the values of 4x + 6y when x and y are integers. If x is -6 and y is 4 we

GROUP ACTIONS KEITH CONRAD 1. Introduction The symmetric groups S n, alternating groups A n, and (for n 3) dihedral groups D n behave, by their very definition, as permutations on certain sets. The groups

### Rings If R is a commutative ring, a zero divisor is a nonzero element x such that xy = 0 for some nonzero element y R.

Rings 10-26-2008 A ring is an abelian group R with binary operation + ( addition ), together with a second binary operation ( multiplication ). Multiplication must be associative, and must distribute over

### The Integers. Math 3040: Spring Contents 1. The Basic Construction 1 2. Adding integers 4 3. Ordering integers Multiplying integers 12

Math 3040: Spring 2011 The Integers Contents 1. The Basic Construction 1 2. Adding integers 4 3. Ordering integers 11 4. Multiplying integers 12 Before we begin the mathematics of this section, it is worth

### 1 First Theme: Sums of Squares

I will try to organize the work of this semester around several classical questions. The first is, When is a prime p the sum of two squares? The question was raised by Fermat who gave the correct answer

### Private Key Cryptography. Fermat s Little Theorem. One Time Pads. Public Key Cryptography

Fermat s Little Theorem Private Key Cryptography Theorem 11 (Fermat s Little Theorem): (a) If p prime and gcd(p, a) = 1, then a p 1 1 (mod p). (b) For all a Z, a p a (mod p). Proof. Let A = {1, 2,...,

### NONABELIAN GROUPS WITH PERFECT ORDER SUBSETS

NONABELIAN GROUPS WITH PERFECT ORDER SUBSETS CARRIE E. FINCH AND LENNY JONES Abstract. Let G be a finite group and let x G. Define the order subset of G determined by x to be the set of all elements in

### Contribution of Problems

Exam topics 1. Basic structures: sets, lists, functions (a) Sets { }: write all elements, or define by condition (b) Set operations: A B, A B, A\B, A c (c) Lists ( ): Cartesian product A B (d) Functions

The Adjoint Functor Theorem. Kevin Buzzard February 7, 2012 Last modified 17/06/2002. 1 Introduction. The existence of free groups is immediate from the Adjoint Functor Theorem. Whilst I ve long believed

### Answers in blue. If you have questions or spot an error, let me know. 1. Find all matrices that commute with A =. 4 3

Answers in blue. If you have questions or spot an error, let me know. 3 4. Find all matrices that commute with A =. 4 3 a b If we set B = and set AB = BA, we see that 3a + 4b = 3a 4c, 4a + 3b = 3b 4d,

### PUTNAM TRAINING NUMBER THEORY. Exercises 1. Show that the sum of two consecutive primes is never twice a prime.

PUTNAM TRAINING NUMBER THEORY (Last updated: December 11, 2017) Remark. This is a list of exercises on Number Theory. Miguel A. Lerma Exercises 1. Show that the sum of two consecutive primes is never twice

### Algebra: Groups. Group Theory a. Examples of Groups. groups. The inverse of a is simply a, which exists.

Group Theory a Let G be a set and be a binary operation on G. (G, ) is called a group if it satisfies the following. 1. For all a, b G, a b G (closure). 2. For all a, b, c G, a (b c) = (a b) c (associativity).

### Primes in arithmetic progressions

(September 26, 205) Primes in arithmetic progressions Paul Garrett garrett@math.umn.edu http://www.math.umn.edu/ garrett/ [This document is http://www.math.umn.edu/ garrett/m/mfms/notes 205-6/06 Dirichlet.pdf].

### D-MATH Algebra I HS 2013 Prof. Brent Doran. Solution 3. Modular arithmetic, quotients, product groups

D-MATH Algebra I HS 2013 Prof. Brent Doran Solution 3 Modular arithmetic, quotients, product groups 1. Show that the functions f = 1/x, g = (x 1)/x generate a group of functions, the law of composition

### Cosets and Lagrange s theorem

Cosets and Lagrange s theorem These are notes on cosets and Lagrange s theorem some of which may already have been lecturer. There are some questions for you included in the text. You should write the

### Finite Fields: An introduction through exercises Jonathan Buss Spring 2014

Finite Fields: An introduction through exercises Jonathan Buss Spring 2014 A typical course in abstract algebra starts with groups, and then moves on to rings, vector spaces, fields, etc. This sequence

### MATH 61-02: PRACTICE PROBLEMS FOR FINAL EXAM

MATH 61-02: PRACTICE PROBLEMS FOR FINAL EXAM (FP1) The exclusive or operation, denoted by and sometimes known as XOR, is defined so that P Q is true iff P is true or Q is true, but not both. Prove (through

### INTRODUCTION TO THE GROUP THEORY

Lecture Notes on Structure of Algebra INTRODUCTION TO THE GROUP THEORY By : Drs. Antonius Cahya Prihandoko, M.App.Sc e-mail: antoniuscp.fkip@unej.ac.id Mathematics Education Study Program Faculty of Teacher

EXTERIOR POWERS KEITH CONRAD 1. Introduction Let R be a commutative ring. Unless indicated otherwise, all modules are R-modules and all tensor products are taken over R, so we abbreviate R to. A bilinear

### What can you prove by induction?

MEI CONFERENCE 013 What can you prove by induction? Martyn Parker M.J.Parker@keele.ac.uk Contents Contents iii 1 Splitting Coins.................................................. 1 Convex Polygons................................................

### Roberto s Notes on Linear Algebra Chapter 4: Matrix Algebra Section 7. Inverse matrices

Roberto s Notes on Linear Algebra Chapter 4: Matrix Algebra Section 7 Inverse matrices What you need to know already: How to add and multiply matrices. What elementary matrices are. What you can learn

### Math 416, Spring 2010 Matrix multiplication; subspaces February 2, 2010 MATRIX MULTIPLICATION; SUBSPACES. 1. Announcements

Math 416, Spring 010 Matrix multiplication; subspaces February, 010 MATRIX MULTIPLICATION; SUBSPACES 1 Announcements Office hours on Wednesday are cancelled because Andy will be out of town If you email

### Modern Algebra I. Circle the correct answer; no explanation is required. Each problem in this section counts 5 points.

1 2 3 style total Math 415 Please print your name: Answer Key 1 True/false Circle the correct answer; no explanation is required. Each problem in this section counts 5 points. 1. Every group of order 6

### UMA Putnam Talk LINEAR ALGEBRA TRICKS FOR THE PUTNAM

UMA Putnam Talk LINEAR ALGEBRA TRICKS FOR THE PUTNAM YUFEI ZHAO In this talk, I want give some examples to show you some linear algebra tricks for the Putnam. Many of you probably did math contests in

### Math 396. Quotient spaces

Math 396. Quotient spaces. Definition Let F be a field, V a vector space over F and W V a subspace of V. For v, v V, we say that v v mod W if and only if v v W. One can readily verify that with this definition

### 1. multiplication is commutative and associative;

Chapter 4 The Arithmetic of Z In this chapter, we start by introducing the concept of congruences; these are used in our proof (going back to Gauss 1 ) that every integer has a unique prime factorization.

### Introduction to finite fields

Chapter 7 Introduction to finite fields This chapter provides an introduction to several kinds of abstract algebraic structures, particularly groups, fields, and polynomials. Our primary interest is in

### Corollary 4.2 (Pepin s Test, 1877). Let F k = 2 2k + 1, the kth Fermat number, where k 1. Then F k is prime iff 3 F k 1

4. Primality testing 4.1. Introduction. Factorisation is concerned with the problem of developing efficient algorithms to express a given positive integer n > 1 as a product of powers of distinct primes.

### And for polynomials with coefficients in F 2 = Z/2 Euclidean algorithm for gcd s Concept of equality mod M(x) Extended Euclid for inverses mod M(x)

Outline Recall: For integers Euclidean algorithm for finding gcd s Extended Euclid for finding multiplicative inverses Extended Euclid for computing Sun-Ze Test for primitive roots And for polynomials

### DIFFERENTIAL EQUATIONS

DIFFERENTIAL EQUATIONS Basic Concepts Paul Dawkins Table of Contents Preface... Basic Concepts... 1 Introduction... 1 Definitions... Direction Fields... 8 Final Thoughts...19 007 Paul Dawkins i http://tutorial.math.lamar.edu/terms.aspx

### HOW TO CREATE A PROOF. Writing proofs is typically not a straightforward, algorithmic process such as calculating

HOW TO CREATE A PROOF ALLAN YASHINSKI Abstract We discuss how to structure a proof based on the statement being proved Writing proofs is typically not a straightforward, algorithmic process such as calculating

### 4 PRIMITIVE ROOTS Order and Primitive Roots The Index Existence of primitive roots for prime modulus...

PREFACE These notes have been prepared by Dr Mike Canfell (with minor changes and extensions by Dr Gerd Schmalz) for use by the external students in the unit PMTH 338 Number Theory. This booklet covers

### THE DIVISION THEOREM IN Z AND R[T ]

THE DIVISION THEOREM IN Z AND R[T ] KEITH CONRAD 1. Introduction In both Z and R[T ], we can carry out a process of division with remainder. Theorem 1.1. For any integers a and b, with b nonzero, there

### Homework 10 M 373K by Mark Lindberg (mal4549)

Homework 10 M 373K by Mark Lindberg (mal4549) 1. Artin, Chapter 11, Exercise 1.1. Prove that 7 + 3 2 and 3 + 5 are algebraic numbers. To do this, we must provide a polynomial with integer coefficients

### CYCLOTOMIC POLYNOMIALS

CYCLOTOMIC POLYNOMIALS 1. The Derivative and Repeated Factors The usual definition of derivative in calculus involves the nonalgebraic notion of limit that requires a field such as R or C (or others) where

### The Symmetric Groups

Chapter 7 The Symmetric Groups 7. Introduction In the investigation of finite groups the symmetric groups play an important role. Often we are able to achieve a better understanding of a group if we can

### MATH CSE20 Homework 5 Due Monday November 4

MATH CSE20 Homework 5 Due Monday November 4 Assigned reading: NT Section 1 (1) Prove the statement if true, otherwise find a counterexample. (a) For all natural numbers x and y, x + y is odd if one of

### Some practice problems for midterm 2

Some practice problems for midterm 2 Kiumars Kaveh November 14, 2011 Problem: Let Z = {a G ax = xa, x G} be the center of a group G. Prove that Z is a normal subgroup of G. Solution: First we prove Z is

### Foundations Revision Notes

oundations Revision Notes hese notes are designed as an aid not a substitute for revision. A lot of proofs have not been included because you should have them in your notes, should you need them. Also,

### x by so in other words ( )

Math 154. Norm and trace An interesting application of Galois theory is to help us understand properties of two special constructions associated to field extensions, the norm and trace. If L/k is a finite

### MA441: Algebraic Structures I. Lecture 18

MA441: Algebraic Structures I Lecture 18 5 November 2003 1 Review from Lecture 17: Theorem 6.5: Aut(Z/nZ) U(n) For every positive integer n, Aut(Z/nZ) is isomorphic to U(n). The proof used the map T :

### Introduction to Number Theory

INTRODUCTION Definition: Natural Numbers, Integers Natural numbers: N={0,1,, }. Integers: Z={0,±1,±, }. Definition: Divisor If a Z can be writeen as a=bc where b, c Z, then we say a is divisible by b or,

### Isomorphisms and Well-definedness

Isomorphisms and Well-definedness Jonathan Love October 30, 2016 Suppose you want to show that two groups G and H are isomorphic. There are a couple of ways to go about doing this depending on the situation,

### . As the binomial coefficients are integers we have that. 2 n(n 1).

Math 580 Homework. 1. Divisibility. Definition 1. Let a, b be integers with a 0. Then b divides b iff there is an integer k such that b = ka. In the case we write a b. In this case we also say a is a factor

### 2) e = e G G such that if a G 0 =0 G G such that if a G e a = a e = a. 0 +a = a+0 = a.

Chapter 2 Groups Groups are the central objects of algebra. In later chapters we will define rings and modules and see that they are special cases of groups. Also ring homomorphisms and module homomorphisms

### Linear Congruences. The equation ax = b for a, b R is uniquely solvable if a 0: x = b/a. Want to extend to the linear congruence:

Linear Congruences The equation ax = b for a, b R is uniquely solvable if a 0: x = b/a. Want to extend to the linear congruence: ax b (mod m), a, b Z, m N +. (1) If x 0 is a solution then so is x k :=

### MA554 Assessment 1 Cosets and Lagrange s theorem

MA554 Assessment 1 Cosets and Lagrange s theorem These are notes on cosets and Lagrange s theorem; they go over some material from the lectures again, and they have some new material it is all examinable,

### GROUPS AND THEIR REPRESENTATIONS. 1. introduction

GROUPS AND THEIR REPRESENTATIONS KAREN E. SMITH 1. introduction Representation theory is the study of the concrete ways in which abstract groups can be realized as groups of rigid transformations of R

### Chapter 2. Mathematical Reasoning. 2.1 Mathematical Models

Contents Mathematical Reasoning 3.1 Mathematical Models........................... 3. Mathematical Proof............................ 4..1 Structure of Proofs........................ 4.. Direct Method..........................

### 1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

Contents 1 Recommended Reading 1 2 Public Key/Private Key Cryptography 1 2.1 Overview............................................. 1 2.2 RSA Algorithm.......................................... 2 3 A Number

### CHAPTER 3: THE INTEGERS Z

CHAPTER 3: THE INTEGERS Z MATH 378, CSUSM. SPRING 2009. AITKEN 1. Introduction The natural numbers are designed for measuring the size of finite sets, but what if you want to compare the sizes of two sets?

### RECOGNIZING GALOIS GROUPS S n AND A n

RECOGNIZING GALOIS GROUPS S n AND A n KEITH CONRAD 1. Introduction If f(x) K[X] is a separable irreducible polynomial of degree n and G f is its Galois group over K (the Galois group of the splitting field

### x by so in other words ( )

Math 210B. Norm and trace An interesting application of Galois theory is to help us understand properties of two special constructions associated to field extensions, the norm and trace. If L/k is a finite

### Math 430 Exam 2, Fall 2008

Do not distribute. IIT Dept. Applied Mathematics, February 16, 2009 1 PRINT Last name: Signature: First name: Student ID: Math 430 Exam 2, Fall 2008 These theorems may be cited at any time during the test

### The group (Z/nZ) February 17, In these notes we figure out the structure of the unit group (Z/nZ) where n > 1 is an integer.

The group (Z/nZ) February 17, 2016 1 Introduction In these notes we figure out the structure of the unit group (Z/nZ) where n > 1 is an integer. If we factor n = p e 1 1 pe, where the p i s are distinct

### 2. Two binary operations (addition, denoted + and multiplication, denoted

Chapter 2 The Structure of R The purpose of this chapter is to explain to the reader why the set of real numbers is so special. By the end of this chapter, the reader should understand the difference between

### Chapter 5. A Formal Approach to Groups. 5.1 Binary Operations

Chapter 5 A Formal Approach to Groups In this chapter we finally introduce the formal definition of a group. From this point on, our focus will shift from developing intuition to studying the abstract

### Examples: The (left or right) cosets of the subgroup H = 11 in U(30) = {1, 7, 11, 13, 17, 19, 23, 29} are

Cosets Let H be a subset of the group G. (Usually, H is chosen to be a subgroup of G.) If a G, then we denote by ah the subset {ah h H}, the left coset of H containing a. Similarly, Ha = {ha h H} is the

### CS 360, Winter Morphology of Proof: An introduction to rigorous proof techniques

CS 30, Winter 2011 Morphology of Proof: An introduction to rigorous proof techniques 1 Methodology of Proof An example Deep down, all theorems are of the form If A then B, though they may be expressed

Section 5.1 Section Summary Mathematical Induction Examples of Proof by Mathematical Induction Mistaken Proofs by Mathematical Induction Guidelines for Proofs by Mathematical Induction Climbing an Infinite

### SL 2 (Z) KEITH CONRAD

SL 2 Z KEITH CONRAD 1 Introduction The group SL 2 Z, which lies discretely in SL 2 R, has a role somewhat like that of Z inside of R It is the most basic example of a discrete nonabelian group Two particular

### COLLEGE ALGEBRA. Paul Dawkins

COLLEGE ALGEBRA Paul Dawkins Table of Contents Preface... iii Outline... iv Preliminaries... 7 Introduction... 7 Integer Exponents... 8 Rational Exponents...5 Radicals... Polynomials...30 Factoring Polynomials...36

### SEPARABLE EXTENSIONS OF DEGREE p IN CHARACTERISTIC p; FAILURE OF HERMITE S THEOREM IN CHARACTERISTIC p

SEPARABLE EXTENSIONS OF DEGREE p IN CHARACTERISTIC p; FAILURE OF HERMITE S THEOREM IN CHARACTERISTIC p JIM STANKEWICZ 1. Separable Field Extensions of degree p Exercise: Let K be a field of characteristic

### CSCI3390-Lecture 16: Probabilistic Algorithms: Number Theory and Cryptography

CSCI3390-Lecture 16: Probabilistic Algorithms: Number Theory and Cryptography 1 Two Problems Problem 1. Generate Primes Find a prime number p of between 200 and 1000 decimal digits that has never been

### QUADRATIC RINGS PETE L. CLARK

QUADRATIC RINGS PETE L. CLARK 1. Quadratic fields and quadratic rings Let D be a squarefree integer not equal to 0 or 1. Then D is irrational, and Q[ D], the subring of C obtained by adjoining D to Q,