The primitive root theorem

Size: px

Start display at page:

Download "The primitive root theorem"

Meredith Burke
5 years ago
Views:

1 The primitive root theorem Mar Steinberger First recall that if R is a ring, then a R is a unit if there exists b R with ab = ba = 1. The collection of all units in R is denoted R and forms a group under the multiplication of R. The ring R is a field if its multiplication is commutative and if every nonzero element of R is a unit. The primitive root theorem is the special case of the following theorem in which the field F is Z p. Theorem 1. Let F be a finite field. Then the unit group F is cyclic. This is an immediate consequence of the following more general result. Theorem 2. Let F be any field and let H be a finite subgroup of F. Then H is cyclic. A ey ingredient of the proof is a familiar theorem from calculus. Recall that a is a root of the polynomial f = a 0 + a 1 x + + a n x n if f(a) = 0, i.e., if a 0 + a 1 a + + a n a n = 0. Theorem 3 (D Alembert s Theorem). Let n > 0 and let f = a 0 + a 1 x + + a n x n be a polynomial of degree n (i.e., a n 0) with coefficients in a field F. Then f has at most n roots in F. Proof. See Theorem 5 in Chapter 14 of [1]. Recall that if G is a group and g G, then the integer is said to be an exponent of g if g = 1, where 1 is the identity element of G. We say that g has finite order if it has a positive exponent. We then define the order g, denoted g to be the smallest positive exponent of g. If g does not have a positive exponent, we say g =. Recall that the cyclic subgroup g generated by g is g = {g Z}. It is the smallest subgroup of G containing g. A basic result about powers is the following. Lemma 4. Let g be an element of order n < in the group G. Then: (1) g = 1 if and only if n. (2) g = g l if and only if l mod n. (3) g has exactly n distinct elements: {g 0 < n}. 1

2 2 MARK STEINBERGER Proof. For (1) we use the division theorem (see [1, Theorem 1 of Chapter 3]). Write = nq + r with q, r Z and 0 r < n. Then g = g nq+r = (g n ) q g r = 1 q g r = g r. So g = 1 if and only if g r = 1. But n is the smallest positive number whose associated power of g is 1, and 0 r < n, so g r = 1 if and only if r = 0. Finally, by the uniqueness part of the division theorem, r = 0 if and only if n divides. (2) follows, as g = g l g l = 1 n ( l) l mod n. (3) now follows, as every integer is congruent mod n to exactly one of 0,..., n 1. We write (a, b) for the greatest common divisor of the intergers a and b. Lemma 5. Let d = (a, b), where a and b are not both 0. Write a = rd, b = sd. Then (r, s) = 1. Proof. Let > 0 divide both r and s. Then d divides both a and b, so d divides (a, b) by [1, Corollary 7 of Chapter 3]. Thus, d d, so = 1. Proposition 6. Let g be an element of order n < in the group G and let Z. Then g = g ( g, ). Proof. Let n = g and let d = (n, ). Write n = dr and = ds. We wish to show g = r. It is easy to see r is an exponent of g : (g ) r = g r = g sdr = g sn = (g n ) s = 1. Thus, it suffices to show that any exponent of g is divisible by r, so suppose (g ) l = 1. Then g l = 1, so n l = dsl. Since n = dr, this gives r sl. But (r, s) = 1 by Lemma 5, so r l by [1, Corollary 8 of Chapter 3]. We write X for the number of elements in a set X (we write X = when X is infinite, ignoring the varying cardinalities of infinite sets). For a group G, we call G the order of G. By Lemma 4 (3), if g G has finite order, then g = g. We ve been implicitly using the following.

3 THE PRIMITIVE ROOT THEOREM 3 Definition 7. A group H is cyclic if H = g for some g H. In this case g is said to generate H. Since g = g, this occurs if and only if the element g H has order H. Thus, Theorem 2 is equivalent to showing that any finite subgroup H of the unit group of a field contains an element of order H. For a finite field F we shall refer to a generator of F as a primitive element of F. The following is now immediate from Proposition 6. Corollary 8. Let g be an element of order n < in the group G. Then the set of generators of g is {g 0 < < n and (n, ) = 1}. In particular, the number of generators of g is { Z 0 < < n and (n, ) = 1} = φ(n), the well-nown Euler φ-function of n. In other words, there are exactly φ(n) elements of order n in a cyclic group of order n. Let us now consider the implications of D Alembert s theorem (Theorem 3) for elements of finite order in the unit group of a field. Let H be any subgroup of F and define H n = {x H x n = 1}. Then H n is the set of roots of x n 1 in H, so by D Alembert s theorem. Lemma 9. H n is a subgroup of H. H n n Proof. For x, y H n, (xy) n = x n y n = 1 and (x 1 ) n = x n = (x n ) 1 = 1. In particular, if x H n, then x H n. By Lemma 4 (1), H n = {x H x n}, and if x H has order n, then n = x = x = H n. Thus: Lemma 10. If x H has order n, then x = H n. In particular, if x and y in H both have order n, then x = y = H n, and hence y generates x. Corollary 8 now gives: Corollary 11. If H contains an element of order n, then there are exactly φ(n) elements of order n in H. Each generates H n. The following is ey.

4 4 MARK STEINBERGER Lemma 12. Let x and y have finite order in the abelian group G, with ( x, y ) = 1. Then the order of xy is x y. Proof. Let x = m and y = n. Then (xy) mn = (x m ) n (y n ) m = 1, so the order of xy divides mn. It suffices to show that if (xy) = 1, then mn. If (xy) = 1, then 1 = (xy) = x y, so x = y. By Proposition 6, the order of x divides the order of x and the order of y divides the order of y, so the order of x divides ( x, y ) = 1. But the only element of order 1 is the identity element, 1. So x = y = 1, But this says x divides and y divides and hence also divides, so the least common multiple of x and y divides. Since ( x, y ) = 1, the least common multiple of x and y is x y, and the result follows. An easy induction now shows the following. Corollary 13. Let G be an abelian group and let x 1,..., x have pairwise relatively prime finite orders, i.e., ( x i, x j ) = 1 for i j. Then x 1 x = x 1 x. We shall mae repeated use of the following, which is equivalent, by Lemma 4 (1), to Theorem 1 in Chapter 11 of [1]. Theorem 14. Let G be a finite abelian group and let g G. divides G. We can now prove our main theorem. Proof of Theorem 2. Let H be a finite subgroup of F with Then g H = p r 1 1 pr, where 1, p 1 < < p are primes, and r i > 0 for i = 1,...,. For each i, let p s i i be the highest power of p i that occurs as the order of an element of H. By Theorem 14, s i r i. Let y i H have order p s i i. Let y = y 1 y. Then by Corollary 13, y = p s 1 1 ps. We denote y by n. We claim y = H, and hence s i = r i for all i and H = n. To see this, note that by Lemma 10, y = H n is the set of all roots of x n 1 in H. Thus, if z H has order dividing n, then z y. So it suffices to show that if z H, then z divides n.

5 Let z H. By Theorem 14, with t i r i for all i. Let THE PRIMITIVE ROOT THEOREM 5 z = p t 1 1 p t m i = z. By Proposition 6, z m i = p t i i. By the maximality of ps i i, t i s i for all i. But then z divides n, so the result follows. We shall give a second proof of Theorem 2 after introducing a new concept. Definition 15. Let p be a prime and n > 0. We say the p-part of n is p r if n = p r with (p, ) = 1. Since p does not divide, p r is the highest power of p dividing n by uniqueness of prime decomposition. In particular, if n = p r pr l l with p 1 < < p l prime and r i 0 for all i, and if p n, then p = p i for some i, the p-part of n is p r i i and = p r pr i 1 i 1 pr i+1 i+1... pr l l, again by uniqueness of prime decomposition. Of course, if p n, the p-part of n is p 0 = 1. The following elementary application of uniqueness of prime decomposition may be found, for instance, as Proposition 5 in Chapter 4 of [1]. Lemma 16. Let n = p r pr and m = p s ps with p 1 < < p prime and r i, s i 0 for all i. Then m n if and only if s i r i for all i. The following is now immediate. Corollary 17. Let m, n > 0. Then m n if and only if there is a prime p such that the p-part of m is greater than the p-part of n. Second proof of Theorem 2. We have a subgroup H F of order n <. Let m be the largest order of an element in H and let g H of order m. We claim that g = H, and hence m = n. By Lemma 10, g = H m, the set of all elements of H whose order divides m. In particular, if g H, then there exists h H such that h does not divide m. By Corollary 17, there exists a prime p such that the p-part of h is greater than the p-part of m. Write m = p r with (p, ) = 1 and let h = p s l with (p, l) = 1. Then p s > p r. Let x = g pr and let y = h l. Then x = y = g ( g, p r ) = h ( h, l) = p t i i pr (p r, p r ) =, ps l (p s l, l) = ps, by Proposition 6. Since (p, ) = 1, ( x, y ) = 1 so xy = x y = p s > p r = m, as p s > p r. But this contradicts our assumption that m was the largest order of an element of H, so g = H as claimed.

6 6 MARK STEINBERGER Note that Corollaries 8 and 11 were not used in the proof of Theorem 2, but they are important in understanding the structure of cyclic groups and of the unit groups of fields. We can say more: Proposition 18. Let g be an element of order n < in the group G. Let d divide n. Then there are exactly φ(d) elements of order d in g. In consequence, n = φ(d). d n Proof. If g has order d, then (n, ) = n d by Proposition 6. Write n d = l so that n = dl, and = sl for some s, as l = (n, ). Again by Proposition 6, g l has order d, and g g l. Moreover, g generates g l, which has exactly φ(d) generators. The result now follows since the order of any element of g divides n. Since φ(2) = 1, we obtain the following. Corollary 19. A cyclic group g of even order n contains exactly one element of order 2: g n 2. In Z p, p an odd prime, the unique element of order 2 is 1. We obtain: Corollary 20. Let p be an odd prime and let ā be a generator of Z p. Then ā p 1 2 = 1. Thus a p mod p. Proof. For every element ā Z p, (ā p 1 2 ) 2 = ā p 1 = 1, so the order of ā p 1 2 divides 2. If ā p 1 2 has order 1, then ā p 1 2 = 1, and the order of ā p 1 2 divides p 1 2, so ā does not generate Z p. since we ve assumed that ā does generate Z p, ā p 1 2 must have order 2, so ā p 1 2 = 1 by Corollary 19. The converse is false. See Exercise 9, below. We can also use powers to determine which elements of Z p have nth roots. We need the following standard result, which may be found as Theorem 2.17 in [2]. Proposition 21. Let a, b, m Z with m > 0. The congruence ax b mod m has a solution x Z if and only if (a, m) divides b. If there are any solutions, there are exactly (a, m) congruence classes of solutions, mod m. Corollary 22. Let p be an odd prime and let ā Z p and let = (n, p 1). Then ā has an nth root in Z p if and only if ā p 1 = 1. If ā does have an nth root, it has exactly of them. Proof. Let b be a generator of Z p and let ā = b i. Then if c = b x we have c n = ā if and only if nx i mod p 1. By Proposition 21, this has a solution x if and only if (n, p 1) = divides i, and if it has one solution, it has

7 THE PRIMITIVE ROOT THEOREM 7 exactly solutions mod p 1. By Lemma 4 (2) this gives exactly nth roots of ā in Z p. Thus, it suffices to show that divides i if and only if ā p 1 = 1. Now, ā p 1 = b i p 1, and this is 1 if and only if p 1 divides i p 1, i.e., if and only if l(p 1) = i(p 1) for some l. Dividing through by p 1 we see this holds if and only if divides i. In fact, the exact same argument gives the following generalization. Corollary 23. Let G be a cyclic group of order m and let a G. Then a has an nth root in G if and only if a m = 1, where = (m, n). If a has any nth roots in G, then it has exactly of them. An interesting special case of Corollary 22 is where n = 2 in this case, we can determine ā (p 1) for all ā. Corollary 24 (Euler s criterion). Let p be an odd prime and let ā Z p. Then ā has a square root if and only if ā p 1 2 = 1. If it has a squre root, it has two. If ā p 1 2 1, then ā p 1 2 = 1. Proof. Since p is odd, p 1 is even, hence = (2, p 1) = 2, and we simply apply Corollary 22. Now (ā p 1 2 ) 2 = ā p 1 = 1, and the result follows, since 1 is the unique element in Z p of order 2. Exercises. 1. Let x and y be units of finite order in the field F, with x = m and y = n. Let x, y = {x y l, l Z}. (a) Show that x, y is a finite subgroup of F whose elements all have order dividing [ x, y ], the least common multiple of x and y. (b) Deduce from Theorem 2 that x, y is cyclic of order [ x, y ]. 2. Let ζ n = cos ( ) ( 2π n + i sin 2π ) n C, where C is the complex numbers. Show that ζ n has order n in C. 3. Show that if n is odd, then 1, ζ n = ζ 2n. 4. For n = 3, 5, 7, express ζ n as a power of ζ 2n. 5. Give a general formula for ζ n as a power of ζ 2n when n is odd. 6. What are the elements of finite order in R? 7. Find generators for Z p for all primes p Find generators for all the cyclic subgroups of Z 61.

8 8 MARK STEINBERGER 9. Let p be an odd prime, let ā Z p, and let b be a generator of Z p. Show that ā p 1 2 = 1 if and only if ā is an odd power of b. 10. For p = 61, find an element ā Z p with a p mod p but such that ā does not generate Z p. References [1] Childs, Lindsay N. A concrete introduction to higher algebra. Third edition. Undergraduate Texts in Mathematics. Springer, Berlin, [2] Niven, Ivan; Zucerman, Herbert; Montgomery, Hugh. The theory of numbers (Fifth edition). John Wiley & Sons, New Yor, 1991.

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element. The first exam will be on Monday, June 8, 202. The syllabus will be sections. and.2 in Lax, and the number theory handout found on the class web site, plus the handout on the method of successive squaring