AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS

Size: px

Start display at page:

Download "AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS"

Rodger Johns
5 years ago
Views:

1 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS The integers are the set 1. Groups, Rings, and Fields: Basic Examples Z := {..., 3, 2, 1, 0, 1, 2, 3,...}, and we can add, subtract, and multiply elements of this set and stay within it. Really though, we should consider subtraction as being the addition of negative numbers, i.e. 1 3 should be thought of as 1+( 3), so there are two operations: + and. If you want to get fancy (and you should), addition and multiplication are really maps, or functions, with domain Z Z and codomain Z. Here s how that works: +: Z Z Z : Z Z Z (a, b) a + b (a, b) a b The important role that negative numbers play (or positive numbers, I don t want to play favorites) is that they are inverses under addition to positive numbers. The easy way to think of this is that if you add 0 to a number, you get the number back, so 0 is the additive identity in Z. To get the additive identity from a number, you add its negative, i.e. a + ( a) = 0. You can rephrase this in the language of functions, but we don t need to get that fancy. OK, so if 0 is the additive identity, and we have an inverse operation for addition, what about multiplication? The multiplicative identity is 1, since 1 times any integer equals itself. So for every a Z, is there an element b Z such that ab = 1? In words, does every integer have a multiplicative inverse? Well, no, not in the integers: We would need to extend our world to include fractions. There are only two integers which do have inverses under multiplication, and those are ±1. We call these elements units. So the integers have many wonderful properties, but they also lack some properties we might like. The algebraic object which generalizes the properties of the integers is a commutative ring. Rings do not need to be commutative, and there are certainly plenty of wonderful noncommutative rings (like rings of matrices), but we will not be considering them. I do want to mention though that the commutative adjective refers to the fact that ab = ba for all a, b Z. For a general ring, addition is always commutative. Now, what if we really wanted to restrict ourselves to the integers which have multiplicative inverses. Well, there are only two of those: {1, 1}. The set of units in a ring will always form a group. What s a group? A group is a set that is closed under one operation and has an identity and inverses with respect to that operation (we also assume that the operation is associative, but not necessarily commutative). In this case, the operation is multiplication, and we have that 1 is the identity element (and its own inverse) and the inverse of 1 is 1, since 1 1 = 1. In this case, the group operation is commutative, since 1 1 = 1 1 = 1, but for groups we like to use the word abelian instead of commutative. So this is an example of an abelian group. If a group is finite, as this one is, and its size is n, then it is true that for any element a of that group, a n = a a a }{{} n times 1 = 1.

2 2 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS In this case, n = 2, and if we take 1 and multiply it by itself 2 times, we get the element 1. Sometimes we can do it fewer than n times, like with 1, which is already the identity, 1 1 = 1. The size of the group is called the order of the group, and the smallest n such that a n = 1 is called the order of a. So 1 has order 2 in this group (since ( 1) 1 1) and 1 has order 1. While looking at the group of units is wonderful, we ve now lost half of our operations! What if we wanted the best of both worlds: inverses in both addition and multiplication. Well, we can remedy this in a number of ways. The most natural way would be to throw in the multiplicative inverses and see what happens. So, we ve got the integer 2, and if we want its multiplicative inverse, we need to throw 1/2 into our set. We also have 2, so we need 1/2, and so on. So at this point we have Z {..., 13, 12, 12, 13 },.... Is this new set closed under addition and multiplication? Nope! If we add 1/3 to itself, we get 2/3, which is not in that set. Alternatively, we would get 2/3 from multiplying 2 and 1/3. So now we need to throw in all of the things in Z times all of the things in the other set, and we end up with, drum roll please, the rational numbers! This is the set Q := { a b : a Z, b Z }. You should convince yourself that this set is now closed under addition and multiplication, and that every element has both an additive and multiplicative inverse. The rational numbers form an object called a field. A quick way to define a field is that it s a commutative ring in which every nonzero element is a unit. So, just by studying the integers, we ve come across examples of (commutative) rings, (abelian) groups, and fields. We re going to mostly focus on abelian groups and fields. BUT, we have not yet seen an example of a finite field! To do that, we need to look at a different ring, namely Z/nZ, or the ring of integers modulo n. If you have seen ring theory before, this is the quotient of Z by the ideal nz. If you have no idea what that means, here s a vague idea of how it works. Inside the integers, we have these sets which are not quite rings, but they have this wonderful other property, which is that they like to absorb everything else. They re the pacmen of rings. So, for example, we have the set of even integers 2Z = {..., 4, 2, 0, 2, 4,...}. This set is not only closed under multiplication and addition, but it has the property that if you take any integer at all, say 3, and you multiply it by something in that set, you get something in that set, e.g. 3 4 = 12 2Z. This is an example of an ideal. We can define a similar ideal for any integer n, so we get these infinitely many ideals nz := {..., 2n, n, 0, n, 2n,...} = {an : a Z} sitting inside the integers. Of course, n and n will give you the same ideal, but we get a unique one for each positive integer. Then the quotient ring Z/nZ is defined to be the ring where you put this extra condition that two elements are the same if their difference is in nz. So, for example, Z/2Z is the ring of integers where a = b if a b 2Z, i.e. if a b is a multiple of 2. Things get mighty confusing if we use a regular equal sign, so we re going to use the sign a b to say that they are equal, or congruent, in this ring, or, to keep track of what n is in our heads, we will say a b mod n.

3 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS 3 What does the ring Z/2Z look like? Well, let s start picking out elements from the integers and sorting them into piles. When we get one that s congruent to one we ve already come up with, we ll put it in that pile. First, we ve got 0. Then we ve got 1. Is 1 0 mod 2? No, because 1 0 = 1, which is not a multiple of 2. OK, so we ve got two distinct elements so far. Now, what about 2. Is 2 congruent to 0? Yes, it is! OK, what about 3? It s not congruent to 0, but it is congruent to 1 because 3 1 = 2. Let s turn to some negative numbers. What about 1? Well, 1 0 = 1, so it s not congruent to 0, but 1 1 = 2, which is a multiple of 2, so it is congruent to 1. As you go through the integers, you see that these are the only two possibilities. Every integer is congruent to either 0 or 1 in Z/2Z. In fact, this process partitions the integers into two equal sets: those which are multiples of 2 (congruent to 0), and those which differ by 1 from a multiple of 2 (congruent to 1). Yes, yes, I could say even and odd, but that doesn t generalize as well. When we get to 3Z, there are no longer 2 types, there are 3 types, depending on whether they differ from a multiple of three by 0, 1, or 2. Below are some examples of how these ideals partition the integers. You should think of the circles below as being a single element of the ring. Z/2Z mod 2 1 mod 2 Z/3Z mod 3 1 mod 3 2 mod 3 Remark. I m brushing A LOT under the rug here about equivalence relations and how they work. In general, they have to satisfy certain properties in order to partition a set, and while there is plenty more to say on the subject, this is the only example we will be coming across.

4 4 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS Because we have infinitely many integers which are equivalent to one another for any one of these rings, we choose our favorite one when we write down the elements of the ring, of which there are only finitely many. These favorite elements are called representatives and the standard choice is to use {0, 1, 2,..., n 1} as the representatives for the elements of Z/nZ. So, to summarize, elements of Z/nZ are really equivalence classes or congruence classes of elements of Z, and there are n equivalence classes. While I can still think of 73 as an element of Z/2Z, I m going to represent it by the element 1, which it is congruent to, so they are not two different elements. So far I ve only talked about the elements, and I ve said nothing about the operations! How do these elements interact with one another? Again, since we are thinking of these rings as coming from the integers, we can still add and multiply integers as we normally would and then consider their representatives. So in Z/3Z, we can take the element 2 and multiply it by itself and get 2 2 = 4 in the integers, but in Z/3Z, the element 4 is the same element as 1, so 2 2 = 1 in this ring, or mod 3. In other words, let a, b Z and let + and be the addition and multiplication operations on Z. We will also use them to denote addition and multiplication in the ring Z/nZ, because we have the property that (a + b) mod n is equal to (a mod n) + (b mod n), and (a b) mod n is equal to (a mod n) (b mod n), where on the left side the addition/multiplication takes place in Z, and on the right side the addition/multiplication takes place in Z/nZ. So how do we get from finite rings to finite fields? Well, now that we ve got some rings, and we want to get fields, let s see if every nonzero element is a unit; that is, does every nonzero element have a multiplicative inverse? As a set, we have Z/2Z = {0, 1}, so it only has one nonzero element, namely 1. This element is its own inverse (this will always be true for the multiplicative identity element), so we re done. That means that Z/2Z has the structure of a field of two elements. Now let s look at Z/3Z. As a set, we have Z/3Z = {0, 1, 2}, remembering that these elements live in a world where a b mod 3 if a b is a multiple of 3. So, again, 1 is its own inverse, but we also have that 2 2 = 4 and 4 1 mod 3. So 2 is its own inverse, because 2 2 returns the multiplicative identity. Now let s try Z/4Z and see if it too is a field. As a set, Z/4Z = {0, 1, 2, 3}, and we have that mod 4, and mod 4,

5 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS 5 but when we get to the element 2, we can t find a multiplicative inverse. Let s check: mod mod mod 4. The reason that 2 doesn t have an inverse in this ring turns out the be equivalent to the fact that 2 2 returns 0. This is a phenomenon that doesn t occur in the integers or the rational numbers, because the only way to get ab = 0 is if a = 0 or b = 0. This property does not hold in general for rings, and nonzero elements a with the property that ab = 0 for some b 0 are called zero divisors. So, Z/2Z and Z/3Z are fields, but Z/4Z is not. When do we expect Z/nZ to have zero divisors? Well, the problem is that if n is composite (not prime), then it can be decomposed as n = ab in the integers, and both a and b will be zero divisors in Z/nZ. This can t happen when p is prime because its only divisors are 1 and p. So, if p is a prime number, Z/pZ is a field, and to differentiate it from the ring Z/pZ, or the group Z/pZ (which I haven t mentioned yet, but it s the same as the ring if you pretend multiplication doesn t exist), we call it F p. This gives us an infinite number of finite fields which have prime order, and we have two important facts about finite fields: (1) Up to renaming the elements, there is exactly one field of order p, namely F p. (2) In fact, a finite field must have prime power order, meaning every finite field has order p n for some prime p and positive integer n, and there is exactly one field of that order, which we call F p n. According to the second fact, there is a finite field of order 2 2 = 4, but that field is not Z/4Z, because that is not a field. Here s what that field looks like. As a set, let F 4 = {0, 1, a, a + 1} and, as with F 2, we impose that = 2 = 0. We also impose the relation a 2 = a + 1. Otherwise, addition behaves normally, and 0 and 1 behave as you expect, in that 1 is a multiplicative identity, 0 is an additive identity, and 0 times anything is 0 (so, namely, 2 times anything is 0). So, for example (a + 1) 2 = a 2 + 2a + 1 = a 2 + 1, since 2a = 0 = a , since a 2 = a + 1 = a, since = 0, and a(a + 1) = a 2 + a, = a a, since a 2 = a + 1 = 1, since 2a = 0. This should convince you that this is in fact a field of order 4. There is a systematic way to produce these fields, and you should check out this link if you d like more information on it: For the time being, let s stick to F p and list some important properties.

6 6 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS (1) For any a 0 in F p, we have a p 1 = 1. This is because p 1 is the order of the group of units in Z/pZ, as I will state below. (2) For any a, b F p, we have (a + b) p = a p + b p. (3) There are exactly p+1 2 elements a F p such that a = b 2 for some b F p. (4) The units of F p, which are just the p 1 nonzero elements, form a group (as we stated earlier) of order p 1 which can be generated by a single element. In other words, there exists an element a F p such that {a, a 2, a 3,..., a p 1 = 1} is the set of nonzero elements of F p. We denote the unit group (also called the multiplicative group) by F p. In fact, there are many generators for F p : there is one generator for every positive integer n < p 1 which is relatively prime to p 1. So, for example, if p = 7, then p 1 = 6 and there are 2 positive numbers less than 6 which are relatively prime to it, namely 1 and 5. This means there are two generators of F 7. Warning: This does not mean that the generators have to be relatively prime to p 1. For example, 3 generates F 7, as we can see below. 3 1 = = 9 = = (3 2 ) 3 = 2 3 = = (3 2 ) 2 = 2 2 = = (3 4 ) 3 = 4 3 = 12 = = (3 3 ) 2 = 6 2 = 36 = 1. Notice that once you have a generator, it is very easy to find inverses. For example, the inverse of 3 is 3 5 = 5 since = 3 6 = 1. Warning: Although in F 7 we have that 6 and 1 represent the same element, do not mistake exponents for being elements of F 7 (As we will say later you can think of them, however, as elements of Z/6Z). You cannot say, for example, that 3 6 = 3 1 because 6 = 1, as this is simply not true, as we saw above. For a positive integer n, we define a n to be a a a n times. We further define a 1 to be the multiplicative inverse of a in the ring/field. This allows us to define a n for a positive integer n to be (a 1 ) n, which is now a well defined object. So 3 1 = 5 in F 7. In a sense, we are giving 1/3 a meaning in F 7, and 1/3 = 5. While we will not explicitly be dealing with general finite fields F p n (and we will be using a computer to do most of our calculations for us), it s worth noting the properties that hold for general finite fields. In particular, (1) The unit group F p (which as a set is just everything apart from 0) has order n pn 1 and can be generated by a single element. (2) This implies that for any nonzero a F p n we have that a pn 1 = 1. (3) For any a, b F p n, we have (a + b) p = a p + b p. (4) For any a F p n, we have pa = a + + a (p times) equals 0. As we can see in the last two items, the prime is very important to keep track of, and we call it the characteristic of the finite field. So F 2, F 4, F 8, F 16, and so on, are fields of characteristic 2. Remember,

7 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS 7 a field comes equipped with both addition and multiplication, and while the multiplicative group can be generated by a single element via multiplication, the additive group of F p n requires n distinct generators. To understand these groups better, as well as the groups that we re going to be talking about shortly, we need the classification of finite abelian groups. Before we do that, let s explicitly write down the definitions that came up above. 2. Definitions Definition. A group (G, ) is a set G together with an operation, also called the group law, : G G G satisfying the following: (1) (Identity) There exists an element e G, called the identity element, such that e g = g e = g for any g G. (2) (Inverses) For any g G there exists an element h G such that g h = h g = e. We call h the inverse of g. (3) (Associativity) For any a, b, c G we have (a b) c = a (b c). If, moreover, g h = h g for every g, h G we say that G is abelian. We call the number of elements of G the order of G, denoted G, where if G is infinite we say that it has infinite order. Let g G and define the order of g to be the smallest positive integer n such that g g = e. If there is no such n, we say that g has infinite order. Remark. Our operations will always be either addition or multiplication, and both will always be commutative. To make the notation more compact, we adopt the following conventions. If G is a group under multiplication, we let g n = g g (n times) for a positive integer n. We also define g 1 to be the inverse of g and set g 0 = 1, where 1 is the identity in G. We often use and interchangeably for the operation, but I ll try to restrict to here. If G is a group under addition, we let ng = g + + g (n times) for a positive integer n. We also define g to be the inverse of g and set 0 g = 0, where 0 is the identity in G. Example. (1) The set of integers, denoted Z, forms an abelian group of infinite order under the operation + with identity 0. (2) The set of integers does not form a group under the operation with identity 1 because only ±1 have inverses. (3) The set of integers modulo n, denoted Z/nZ, forms an abelian group of order n under the operation + with identity 0. (4) The set of nonzero integers modulo p, denoted (Z/pZ), forms an abelian group of order p 1 under the operation with identity 1. (5) The set of n n matrices with real entries, denoted M n (R), form an abelian group under matrix addition (entry-wise addition). (6) The set of n n matrices with real entries does not form a group under matrix multiplication, but the set of invertible matrices (those with nonzero determinant), denoted GL n (R), does form a nonabelian group.

8 8 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS Theorem 1. Let G be a group of order n. Then for any g G, the order of g divides n. For example, the group Z/4Z under addition has order 4. Its elements are {0, 1, 2, 3}, and 0 has order 1 (because it is the identity), 1 has order 4, 2 has order 2, and 3 has order 4. So the only orders which can occur are 1, 2, and 4. Definition. Let (G, ) be a group. An element g G is said to generate G if G = {g n : n Z}. If G is generated by a single element, then G is called a cyclic group. Remark. (1) If instead we look at (G, +), then g generates the group if G = {ng : n Z}. (2) Even though we are raising g to infinitely many powers, if G = m, then g m = 1, so eventually the elements will just start repeating, since g m+n = g m g n. (3) The order of a generator is necessarily the order of the group. Example. Consider Z/nZ under the operation +. Then 1 generates Z/nZ because the elements are exactly So (Z/nZ, +) is a cylic group of order n. 1 = = = = 0 }{{} n times. Important Fact: Every cyclic group of order n is essentially Z/nZ, up to relabeling. This type of relationship is called a group isomorphism. If you prefer to think of your cyclic group of order n as having multiplication as its operation, then we let a be a generator and call the elements a 1, a 2,..., a n = 1. This is essentially the same as Z/nZ if we just think of 1 in the additive example as corresponding to the exponent 1 in the second example, and so on. So if we call this second group C n (for cyclic group of order n), we would say that C n is isomorphic to Z/nZ and denote this as C n Z/nZ. Notice that this allows us to think of the exponents as elements of Z/nZ, so an exponent of 1 (which gives the inverse) is the same as an exponent of n 1, because the two are congruent modulo n. Definition. A ring (R, +, ) is a set R together with two operations +: R R R and : R R R such that (R, +) is an abelian group and the following conditions are satisfied: (1) (Multiplicative identity) There exists an element 1 R such that for every a R we have a 1 = 1 a = a. (2) (Associativity) For every a, b, c R we have (a b) c = a (b c).

9 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS 9 (3) (Distributive law) For every a, b, c R we have a (b + c) = (a b) + (a c) and (b + c) a = (b a) + (c a). Furthermore, if for every a, b R we have a b = b a then we call R a commutative ring. An element a R which has a multiplicative identity, i.e. there exists b R such that ab = ba = 1, is called a unit. The set of units in R forms a group under called the group of units or multiplicative group of R, denoted R. Example. (1) The integers, denoted Z, form a commutative ring under + and. (2) The integers modulo n, denoted Z/nZ, form a commutative ring under + and. (3) The set of n n matrices with real entries, denoted M n (R), forms a noncommutative ring under matrix addition and multiplication. (4) The set of rational numbers, denoted Q, forms a commutative ring under + and. Remark. As noted above, the convention is to refer to 0 as the additive identity and 1 as the multiplicative identity. The only ring in which 0 = 1 is the trivial ring or zero ring (a ring with one element). In a nontrivial ring, the 0 element can never be a unit. This also means that if R is not the zero ring, then (R, ) can never be a group, because 0 will never have an inverse with respect to multiplication. The best we can ask for is for (R {0}, ) to be a group. When this happens, R is called a division ring, but we will not discuss these structures as we will only work under the stronger assumption that R is also commutative, in which case R is a field. Definition. A field F is a commutative ring in which every nonzero element is a unit. Example. (1) The rational numbers Q. (2) The finite fields F p (the ring Z/pZ), or more generally, F p n. 3. Classification of Finite Abelian Groups Before we can state the classification, we need to talk about products of groups. Let (G, ) be a group with identity e G and let (H, ) be a group with identity e H. We can combine these groups in very formal way to create a new group, called G H. As a set it is exactly the Cartesian product G H, and the group laws on G and H act independently. So we define the group law on G H to be : (G H) (G H) G H ((g, h), (g, h )) (g g, h h ). Notice that if G and H are both abelian, then so is G H (you should convince yourself of this).

10 10 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS For example, let s look at the group Z/2Z Z/2Z under addition. The elements of Z/2Z are just {0, 1} and the group law says that = 0. So the elements of Z/2Z Z/2Z are the pairs {(0, 0), (0, 1), (1, 0), (1, 1)}. By the definition above, the group law says that (0, 0) + (a, b) = (0 + a, 0 + b) = (a, b), so (0, 0) is the identity element. Furthermore, we have (0, 1) + (0, 1) = (0 + 0, 1 + 1) = (0, 0) (0, 1) + (1, 0) = (0 + 1, 1 + 0) = (1, 1) (1, 0) + (1, 0) = (1 + 1, 0 + 0) = (0, 0) (1, 1) + (1, 1) = (1 + 1, 1 + 1) = (0, 0). This shows that (0, 1), (1, 0), and (1, 1) all have order 2 in this group. So in particular, Z/2Z Z/2Z is not a cyclic group, because if it were, there would be some element a such that a, 2a, 3a, and 4a give unique elements of the group. On the other hand, we can get the entire group if we use two generators. In other words, there exist a, b Z/2Z Z/2Z such that Z/2Z Z/2Z = {na + mb : n, m Z}. In particular we can pick a = (0, 1) and b = (1, 0). This is identical to how in linear algebra you might need multiple vectors to span a vector space. Now let s look at Z/2Z Z/3Z under addition. Now we have that in the first component, = 0, but in the second component, = 0. So the elements are {(0, 0), (0, 1), (0, 2), (1, 0), (1, 1), (1, 2)}. You should verify that (1, 0) has order 2, but (0, 1) and (0, 2) have order 3. But what happens with (1, 1)? (1, 1) + (1, 1) = (2, 2) = (0, 2) (1, 1) + (1, 1) + (1, 1) = (3, 3) = (1, 0) 4 (1, 1) = (4, 4) = (0, 1) 5 (1, 1) = (5, 5) = (1, 2) 6 (1, 1) = (6, 6) = (0, 0). So (1, 1) is an element of order 6, and in particular, it generates the entire group! This shows us that Z/2Z Z/3Z is a cyclic group! Not only that, but it s a cyclic group of order 6, so it must be isomorphic to the group Z/6Z. Now, you might ask what went wrong before that didn t in this example. Maybe the problem is that we chose two copies of the same group before. Well, that s part of the problem, but there s a weaker condition. It turns out that, for example, Z/2Z Z/4Z will not be cyclic either. The problem is when the orders are not relatively prime.

11 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS 11 Theorem 2. If n and m are relatively prime, then Z/nZ Z/mZ is cyclic of order nm. In other words, Z/nZ Z/mZ Z/nmZ. You should try to convince yourself of this, as it s not that difficult to see. Hint: If gcd(a, b) = d then there exist integers m, n such that ma + nb = d. Using the definition of a product of two groups, we can easily define the product of a finite number of groups: If G, H, and J are three groups, we can define G H J to be the product of the group G H with the group J. This allows us to state the following awesome theorem. Theorem 3. Let G be a finite abelian group. Then G Z/p e1 1 Z Z/pen n Z, where p 1,..., p n are (not necessarily distinct) primes, the e i are positive integers, and p e1 1 pen n = G. For example, up to isomorphism, there is only one finite abelian group of order 6 because 6 factors as 2 3, and by Theorem 2, Z/2Z Z/3Z Z/6Z. So a finite abelian group of order 6 is necessarily cyclic. On the other hand, a finite abelian group of order 8 = 2 3 can be any one of the three groups (1) Z/2 3 Z (2) Z/2 2 Z Z/2Z (3) Z/2Z Z/2Z Z/2Z up to isomorphism, because by Theorem 3, these are the only possibilities. You should convince yourself that these are not isomorphic to one another, and moreover that they have 1, 2, and 3 generators, respectively. The easiest way to differentiate between different finite abelian groups of the same order is by looking at orders of elements. For example, we can differentiate between Z/2Z Z/2Z and the cylic group Z/4Z by checking whether there is an element of order 4. The former has the property that every element has order 1 or 2 and the latter has elements of orders 1, 2, and 4. In particular, a cylic group will necessarily have an element of order equal to the order of the group, but a product of cylic groups might not. In general, the group Z/n 1 Z Z/n k Z will have an element of order at most lcm(n 1,..., n k ), where lcm is the least common multiple. So I know that the group Z/2Z Z/4Z Z/6Z, which has order = 48, can have an element of order 12 = lcm(2, 4, 6), but not of order 24 or 48. This is more obvious if we use Theorem 2 to write down the isomorphic group Z/2Z Z/4Z Z/6Z Z/2Z Z/12Z Z/2Z, using the fact that Z/6Z Z/2Z Z/3Z and Z/4Z Z/3Z Z/12Z. In fact, now we see that it must have an element of order 12, because we can just pick a generator for Z/12Z and make the Z/2Z components trivial, meaning that the element (0, 1, 0) will have order 12. As we can see, it would be nice to have a unique way to write down these groups so we know that we re not missing something obvious like this. So we can put these ideas together into the following classification theorem.

12 12 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS Theorem 4. Let G be a finite abelian group. Then G can be written uniquely as G Z/n 1 Z Z/n k Z, such that n i+1 n i, 1 i k 1. If G is as above, then we say that G has type (n 1,..., n k ). By this notation, n 1 will be divisible by all of the other n k, and so it will be the lcm(n 1,..., n k ). This shows that not only is this the largest order that we can get, but we will necessarily have an element of that order. Moreover, we now have the following helpful theorem which summarizes the discussion of orders above. Theorem 5. Let G be a finite abelian group of type (n 1,..., n k ). Then G contains an element of order m if and only if m divides n Subgroups Finally, we need to talk a little bit about subgroups. Let s look at the group Z/6Z. On the one hand, this is a cylic group, but on the other hand, it also decomposes as Z/2Z Z/3Z. In particular, if we consider the element (1, 0) of this product and add it to itself, we get the set {(1, 0), (0, 0)} which is itself closed under addition. Similarly, if we take the element (0, 1) and keep adding it to itself, we get {(0, 1), (0, 2), (0, 0)}, which is also closed under addition. These are examples of subgroups, and they are very easy to spot when we can write our group as a product, but they are not always that obvious. Definition. Let (G, ) be a group with identity e and let H be a subset of G. Then H is called a subgroup of G, denoted H G, if e H and the restriction of to H H defines a group law on H. In other words, if H denotes the restriction of to H H, then (H, H ) is a group with identity e. If G H is a product of groups, then it has a subgroup isomorphic to G and a subgroup isomorphic to H, because we can just ignore the other component. We list some important facts about subgroups in the following theorem. Theorem 6. Let G be a group and let H be a subgroup of G. (1) If G is finite, then the order of H divides the order of G. (2) If G is cyclic, then so is H. Example. (1) If G is a cyclic group of order n, then for any k dividing n, there is a unique subgroup of order k. (2) If G is any group, then for any g G we can define a subgroup g called the cyclic subgroup generated by g. If we use multiplication for our operation, as a set it is {g n : n Z}. If g has order k, then it s just the set {1, g, g 2,..., g k 1 }. (3) If G is a finite group, then G contains a cyclic group of order p for every p dividing G. (This is because G contains an element of order p). (4) If G is a finite group of order p a m, where p is a prime not dividing m, then G has a subgroup of order p a.

13 AN ALGEBRA PRIMER WITH A VIEW TOWARD CURVES OVER FINITE FIELDS 13 Since we are going to be focusing exclusively on finite abelian groups, cyclic subgroups play an important role, since we just saw that every finite abelian group is a product of cyclic groups. Many of the subgroups of these groups will also be cyclic, but many will not be. Still, by computing orders, it is relatively easy to tell whether the group is cyclic or not. To conclude, I want to give an example of the types of subgroups we will be focusing on. Let G be an abelian group (not necessarily finite or cyclic), and for now we will assume the operation is addition and the identity is 0. We define the torsion subgroup of G, denoted G tors to be the group of all g G such that ng = 0 for some nonzero n Z. In other words, g G has finite order (You should convince yourself that this is a subgroup). If G is finite, then the torsion subgroup is simply G, which is not very interesting. If G is a group like Z under addition, then the torsion subgroup is just the trivial group {0}, which is also not interesting. But there is something in between, and these are groups like, for example, G Z Z Z/2Z Z/3Z. This is an example of a finitely generated abelian group, and while it has some infinite cyclic groups living inside it, it also has some finite ones. For this example, we have that G tors Z/2Z Z/3Z, and as a set it is the elements {(0, 0, 1, 0), (0, 0, 1, 1), (0, 0, 1, 2), (0, 0, 0, 1), (0, 0, 0, 2), (0, 0, 0, 0)}. In other words, it is the subgroup where we ignore all of the infinite components. A finitely generated abelian group is exactly what it sounds like: an abelian group that can be generated by a finite number of elements. It turns out that every finitely generated abelian group is of the form Z r T, where Z r means Z Z (r times) and T is some finite abelian group. The number r is called the rank, and T is the torsion subgroup. We will mainly be focusing on the case where G is finite, so the torsion subgroup is exactly G. This makes it a much less interesting subgroup, so instead we want to consider some smaller subgroups. Instead of asking for all of the elements of finite order, we want to ask for the ones which have a particular order. However, if we restrict to the set of elements of order n, for some n, we don t necessarily get a subgroup, so instead we want the elements of order dividing n. In other words, we define G[n] := {g G : ng = 0}, and we call this the n-torsion subgroup of G. So, for example, if G Z 2 Z/2Z Z/6Z, then G[2] Z/2Z Z/2Z, G[3] Z/3Z, and G[6] Z/6Z. These are the main objects that we will be studying, and specifically, we will want to know about G[p n ], where p is a prime and n is a positive integer.

MATH 25 CLASS 21 NOTES, NOV Contents. 2. Subgroups 2 3. Isomorphisms 4

MATH 25 CLASS 21 NOTES, NOV Contents. 2. Subgroups 2 3. Isomorphisms 4 MATH 25 CLASS 21 NOTES, NOV 7 2011 Contents 1. Groups: definition 1 2. Subgroups 2 3. Isomorphisms 4 1. Groups: definition Even though we have been learning number theory without using any other parts