Chapter 4. Characters and Gauss sums. 4.1 Characters on finite abelian groups

Chapter 4 Characters and Gauss sums 4.1 Characters on finite abelian groups In what follows, abelian groups are multiplicatively written, and the unit element of an abelian group A is denoted by 1 or 1 A. We denote the order (number of elements of A by A. Let A be a finite abelian group. A character on A is a group homomorphism χ : A C (i.e., C \ {0} with multiplication. If A = n then a n = 1 A, hence χ(a n = 1 for each a A and each character on A. Therefore, a character on A maps A to the roots of unity. The product χ 1 χ 2 of two characters χ 1, χ 2 on A is defined by (χ 1 χ 2 (a = χ 1 (aχ 2 (a for a A. With this product, the characters on A form an abelian group, the so-called character group of A, which we denote by Â. The unit element of  is the trivial character χ(a 0 that maps A to 1. Since any character on A maps A to the roots of unity, the inverse χ 1 : a χ(a 1 of a character χ is equal to its complex conjugate χ : a χ(a. Lemma 4.1. Let A be a cyclic group of order n. Then order n.  is also a cyclic group of Proof. Let A =< a >= {1, a, a 2,..., a n 1 } and a n = 1. Choose a primitive n-th root of unity ρ 1. Then χ 1 given by χ 1 (a k = ρ k 1 for k Z defines a character on A. 71

Further, χ j 1 (j = 0,..., n 1 define different characters on A, and χ n 1 is the trivial character χ (A 0. Conversely, let χ  be arbitrary. Then χ(an = 1, hence χ(a = ρ j 1 for some integer j, and so χ = χ j 1. It follows that  =< χ 1 > is a cyclic group of order n. Lemma 4.2. Let the abelian group A be a direct product of cyclic groups of orders n 1, n 2,..., n r. Then  is also a direct product of cyclic groups of orders n 1, n 2,..., n r. Proof. By assumption, A is the direct product of cyclic groups < g 1 >,..., < g r > of orders n 1,..., n r. This means that A =< g 1 > < g r >= {g k 1 1 g kr r : k i Z}, where g k 1 1 g kr r = 1 if and only if k i 0 (mod n i for i = 1,..., r. Clearly, for any roots of unity ρ i with ρ n i i = 1 for i = 1,..., r, there is a unique character χ  with χ(g i = ρ i for i = 1,..., r. Now for i = 1,..., r let ρ i be a primitive n i -th root of unity, and define the character χ i by χ i (g i = ρ i, χ i (g j = 1 for j i. Clearly, χ i has order n i in Â. k 1,..., k r Z such that χ = r i=1 χk i i, and moreover, that if r i=1 χk i i One easily shows that for any χ Â, there are = χ (A 0 for some k i Z, then k i 0 (mod n i for i = 1,..., r, by evaluating the identities at g 1,..., g r. Hence  =< χ 1 > < χ r >. This proves our Lemma. Proposition 4.3. Every finite abelian group is isomorphic to a direct product of cyclic groups. Proof. See S. Lang, Algebra, Chap.1, 10. Theorem 4.4. Let A be a finite abelian group. Then there exists an isomorphism from A to Â. In particular,  = A. Proof. Obvious from Lemma 4.2 and Proposition 4.3. 72

Remark. The isomorphism in Theorem 4.4 is non-canonical, i.e., it depends on a choice. For we have A = C n1 C nr and  = C n 1 C n r, where C ni, C n i denote cyclic groups of order n i, for i = 1,..., r. We can now establish an isomorphism from A to  by mapping a generator of C n i to a generator of C n i, for i = 1,..., r. Of course, this isomorphism depends on the choices of the generators. Let A be a finite abelian group. For a subgroup H of A, we define H := {χ  : χ(h = 1} = {χ  : χ(a = 1 for a H}. Any homomorphism of abelian groups ϕ : A B defines a homomorphism between the character groups in the reverse direction, ϕ : B  : χ χ ϕ. Theorem 4.5. Let ϕ : A B be a surjective homomorphism of abelian groups. Then ϕ : B  is injective, and ϕ ( B = (Ker ϕ. In particular, if ϕ is an isomorphism from A to B, then ϕ is an isomorphism from B to Â. Proof. We prove that ϕ is injective. Let χ Ker ϕ, i.e., χ ϕ = χ (A 0. Let b B and choose a A with ϕ(a = b. Then χ(b = χ(ϕ(a = 1. Hence χ = χ (B As for the image, let H := Ker ϕ. If χ = ϕ χ for some χ B, then for a H we have χ(a = χ (ϕ(a = 1, hence χ H. Conversely, if χ H, then χ(a 1 = χ(a 2 for any two a 1, a 2 with ϕ(a 1 = ϕ(a 2. Hence χ : b χ(a for any a A with ϕ(a = b gives a well-defined character on B with χ = ϕ ϕ. So χ ϕ ( B. It follows that ϕ ( B = H. Corollary 4.6. Let A be a finite abelian group, and a A with a 1. Then there is χ  with χ(a 1. Proof. Let B := A/ < a > and let ϕ : A B be the canonical homomorphism. Then by the previous Theorem, ϕ establishes an isomorphism from B to < a > = {χ  : χ(a = 1}. Hence < a > = B = B = A / < a > < A. This shows that there is χ  with χ(a 1. 73 0.

For a finite abelian group A, let  denote the character group of Â. Each element a A gives rise to a character â on Â, given by â(χ := χ(a. Theorem 4.7 (Duality. a â defines a canonical isomorphism from A to Â. Proof. The map ϕ : a â obviously defines a group homomorphism from A to Â. We show that it is injective. Let a Ker(ϕ; then â(χ = 1 for all χ Â, i.e., χ(a = 1 for all χ Â, which by the previous Corollary implies that a = 1. So indeed, ϕ is injective. But then ϕ is surjective as well, since by Theorem 4.4,  =  = A. Hence ϕ is an isomorphism. Theorem 4.8 (Orthogonality relations. Let A be a finite abelian group. (i For χ 1, χ 2  we have { A if χ1 = χ χ 1 (aχ 2 (a = 2 ; 0 if χ 1 χ 2. a A (ii For a, b A we have χ(aχ(b = χ  { A if a = b; 0 if a b. Proof. (i Let χ = χ 1 χ 1 2. Then χ 1 (aχ 2 (a = χ 1 (aχ 2 (a 1 = χ(a, hence the left-hand side is equal to S := χ(a. a A Clearly, if χ 1 = χ 2 then χ(a = 1 for all a A, hence S = A. Suppose that χ 1 χ 2. Then χ is not the trivial character, hence there is c A with χ(c 1. Now χ(cs = χ(ac = χ(a = S, a A a A hence S = 0. (ii Apply (i with  instead of A. Then by Theorem 4.7 we get for a, b A, χ(aχ(b = {  = A if a = b, â(χ b(χ = 0 if a b. χ  χ  74

4.2 Dirichlet characters Let q Z 2. Denote the residue class of a mod q by a. Recall that the prime residue classes mod q, (Z/qZ = {a : gcd(a, q = 1} form a group of order ϕ(q under multiplication of residue classes. We can lift any character χ on (Z/qZ to a map χ : Z C by setting χ(a := Notice that χ has the following properties: (i χ(1 = 1; (ii χ(ab = χ(aχ(b for a, b Z; (iii χ(a = χ(b if a b (mod q; (iv χ(a = 0 if gcd(a, q > 1. { χ(a if gcd(a, q = 1; 0 if gcd(a, q > 1. Any map χ : Z C with properties (i (iv is called a (Dirichlet character modulo q. Conversely, from a character mod q χ one easily obtains a character χ on (Z/qZ by setting χ(a := χ(a for a Z with gcd(a, q = 1. Let G(q be the set of characters modulo q. We define the product χ 1 χ 2 of χ 1, χ 2 G(q by (χ 1 χ 2 (a = χ 1 (aχ 2 (a for a Z. With this operation, G(q becomes a group, with unit element the principal character modulo q given by { χ (q 1 if gcd(a, q = 1; 0 (a = 0 if gcd(a, q > 1. The inverse of χ G(q is its complex conjugate χ : a χ(a. It is clear, that this makes G(q into a group that is isomorphic to the character group of (Z/qZ. One of the advantages of viewing characters as maps from Z to C is that this allows to multiply characters of different moduli: if χ 1 is a character mod q 1 and χ 2 a character mod q 2, their product χ 1 χ 2 is a character mod lcm(q 1, q 2. We can easily translate the orthogonality relations for characters of (Z/qZ into orthogonality relations for Dirichlet characters modulo q. Recall that a complete 75

residue system modulo q is a set, consisting of precisely one integer from every residue class modulo q, e.g., {3, 5, 11, 22, 104} is a complete residue system modulo 5. Theorem 4.9. Let q Z 2, and let S q be a complete residue system modulo q. (i Let χ 1, χ 2 G(q. Then a S q χ 1 (aχ 2 (a = { ϕ(q if χ1 = χ 2 ; 0 if χ 1 χ 2. (ii Let a, b Z. Then ϕ(q if gcd(ab, q = 1, a b (mod q; χ(aχ(b = 0 if gcd(ab, q = 1, a b (mod q; χ G(q 0 if gcd(ab, q > 1. Proof. Exercise. Let χ be a character mod q and d a positive divisor of q. We say that q is induced by a character χ mod d if χ(a = χ (a for every a Z with gcd(a, q = 1. Equivalently stated, χ is induced by χ if χ = χ χ (q 0. Notice that if gcd(a, d = 1 and gcd(a, q > 1, then χ (a 0 but χ(a = 0. The character χ is called primitive if it is not induced by a character mod d for any divisor d < q of q. The conductor f χ of a χ is the gcd of all divisors d of q such that χ is induced by a character modulo d. If we allow the character mod 1, given by χ (1 0 (a = 1 for a Z, we see that for q 2 the principal character mod q has conductor 1. The next lemma gives a method to verify if a character χ is induced by a character mod d. Theorem 4.10. Let χ be a character mod q, and d a divisor of q. Then the following assertions are equivalent: (i χ(a = 1 for all a Z with a 1 (mod d and gcd(a, q = 1; (ii χ is induced by a character mod d. Moreover, if (ii holds, the character mod d by which χ is induced is uniquely determined. 76

Proof. We first observe that if a is an integer coprime with d then there is an integer b with b a (mod d such that b is coprime with q. Indeed, write q = q 1 q 2, where q 1 is composed of the primes occurring in the factorization of d, and where q 2 is composed of primes not dividing d. By the Chinese Remainder Theorem, there is b Z with b a (mod d, b 1 (mod q 2. This integer b is coprime with d, hence with q 1, and also coprime with q 2, so it is coprime with q. The remaining part of the proof is a simple application of Theorem 4.5. Our above observation implies that ϕ d : (Z/qZ (Z/dZ : a(mod q a(mod d is a surjective homomorphism. The kernel of ϕ d is H d := {a(mod q (Z/qZ : a 1 (mod d}. Now χ is induced by a character χ mod d if and only if χ = χ ϕ d = ϕ d χ, where χ is the character on (Z/qZ corresponding to χ, and χ is the character on (Z/dZ corresponding to χ. By Theorem 4.5, such a character χ exists, and if it does is unique, if and only if χ(h d = 1. But this is precisely the equivalence (i (ii in another language. Theorem 4.11. Let χ be a character mod q. Suppose χ is induced by a character mod d 1 and by a character mod d 2. Then χ is induced by a character mod gcd(d 1, d 2. We need the following lemma. Lemma 4.12. Let d = gcd(d 1, d 2. Let a be an integer with gcd(a, q = 1 and a 1 (mod d. Then there are integers u, v such that a = 1 + ud 1 + vd 2 and gcd(1 + ud 1, q = 1. Proof. Write q = q 1 q 2, where q 1 is composed of primes dividing d 2, and q 2 is composed of primes not dividing d 2. Then gcd(q 2 d 1, d 2 = d. There are integers t, x, y such that a = 1 + td and d = xq 2 d 1 + yd 2. This implies a = 1 + txq 2 d 1 + tyd 2 = 1 + ud 1 + vd 2 with u = txq 2, v = ty. 77

It is clear that 1 + ud 1 is coprime with q 2. Further, it is coprime with d 2, since 1 + ud 1 = a vd 2, and since a is coprime with q, hence with d 2. So 1 + ud 1 is coprime with q 1. It follows that 1 + ud 1 is coprime with q 1 q 2 = q. Proof of Theorem 4.11. Let a be any integer with gcd(a, q = 1 and a 1 (mod d. Choose integers u, v such that a = 1 + ud 1 + vd 2 and gcd(1 + ud 1, q = 1. Using subsequently that χ is induced by characters mod d 2, d 1, it follows that χ(a = χ(1 + ud 1 = χ(1 = 1. Now by Theorem 4.10, χ is induced by a character mod d. Corollary 4.13. Let χ be a character mod q. Then there is a unique character mod f χ that induces χ. Proof. Obvious. The orthogonality relations in Theorem 4.9 will play a crucial role in the proof of the Prime Number Theorem for arithmetic progressions. Theorem 4.9 is in fact the special case A = (Z/qZ of Theorem 4.8, and in the proof of this last theorem, we used a rather involved result from algebra, which we stated without proof, that is, that every finite abelian group is a direct product of cyclic groups. For the orthogonality relations in Theorem 4.9 we need only that (Z/qZ is a direct product of cyclic groups. This is an easy consequence of the result below. We denote by a the residue class a (mod q, if from the context it is clear which integer q we are considering. Theorem 4.14. (i Let q = p k 1 1 p kt t, where the p i are distinct primes and the k i positive integers. Then (Z/qZ = (Z/p k 1 1 Z (Z/p kt t Z. (ii Let p be a prime 3. Then (Z/p k Z is cyclic of order p k 1 (p 1. (iii (Z/4Z is cyclic of order 2. Further, if k 3 then (Z/2 k Z =< 1 > < 5 > is the direct product of a cyclic group of order 2 and a cyclic group of order 2 k 2. 78

We skip the proof of (i and the proof of the case k = 1 of (ii, which belong to a basic algebra course. For the proof of the remaining parts, we need a lemma. For a prime number p, and for a Z \ {0}, we denote by ord p (a the largest integer k such that p k divides a. Lemma 4.15. Let p be a prime number and a an integer such that ord p (a 1 1 if p 3 and ord p (a 1 2 if p = 2. Then ord p (a pk 1 = ord p (a 1 + k. Proof. We prove the assertion only for k = 1; then the general statement follows easily by induction on k. Our assumption on a implies that a = 1 + p t b, where t 1 if p 3, t 2 if p = 2, and where b is an integer not divisible by p. Now by the binomial formula, a p 1 = k j=1 ( p (p t b j = p t+1 b j + p t+2 (. j Here we have used that all binomial coefficients ( p j are divisible by p except the last. But the last term (p t b p is divisible by p pt, and the exponent pt is larger than t + 1 (the assumption t 2 for p = 2 is needed to ensure this. This shows that ord p (a p 1 = t + 1. Proof of Theorem 4.14. (ii We take for granted that (Z/pZ is cyclic of order p 1, and assume that k 2. We construct a generator for (Z/p k Z. Let g be an integer such that g (mod p is a generator of (Z/pZ. We show that we can choose g such that ord p (g p 1 1 = 1. Indeed, assume that ord p (g p 1 1 2 and take g + p. Then p 1 ( p 1 (g + p p 1 1 = g p 1 j p j = (p 1g p 2 p + p 2 ( j j=1 = = g p 2 p + p 2 ( hence ord p ((g + p p 1 1 = 1. So, replacing g by g + p if need be, we get an integer g such that g (mod p generates (Z/pZ and ord p (g p 1 1 = 1. We show that g := g (mod p k generates (Z/p k Z. Let n be he order of g in (Z/p k Z ; that is, n is the smallest positive integer with g n 1 (mod p k. On the 79

one hand, g n 1 (mod p, hence p 1 divides n. On the other hand, n divides the order of (Z/p k Z, that is, p k 1 (p 1. So n = p s (p 1 with s k 1. By Lemma 4.15 we have ord p (g n 1 = ord p (g p 1 1 + s = s + 1. This has to be equal to k, so s = k 1. Hence n = p k 1 (p 1 is equal to the order of (Z/p k Z. It follows that (Z/p k Z =< g >. (iii Assume that k 3. Define the subgroup of index 2, H := {a (Z/2 k Z : a 1 (mod 4}. Then (Z/2 k Z = H ( H = {( 1 k a : k {0, 1}, a H} and ( 1 k a = 1 if and only if k = 0 and a = 1. Hence (Z/2 k Z =< 1 > H. Similarly as above, one shows that H is cyclic of order 2 k 2, and that H =< 5 >. 4.3 Gauss sums Let q Z 2. For a character χ mod q and for b Z, we define the Gauss sum τ(b, χ := x S q χ(xe 2πibx/q, where S q is a full system of representatives modulo q. This does not depend on the choice of S q. Gauss sums occur for instance in functional equations for L-functions L(s, χ = n=1 χ(nn s (later. We prove some basic properties for Gauss sums. Theorem 4.16. Let q Z 2 and let χ be a character mod q. Further, let b Z. (i If gcd(b, q = 1, then τ(b, χ = χ(b τ(1, χ. (ii If gcd(b, q > 1 and χ is primitive, then τ(b, χ = χ(b τ(1, χ = 0. Proof. (i Suppose gcd(b, q = 1. If x runs through a complete residue system S q mod q, then bx runs to another complete residue system S q mod q. Write y = bx. 80

Then χ(y = χ(bχ(x, hence χ(x = χ(bχ(y. Therefore, τ(b, χ = x S q χ(xe 2πibx/q = y S q = χ(bτ(1, χ. χ(bχ(ye 2πiy/q (ii We use the following observation: if q 1 is any divisor of q with 1 q 1 q, then there is c Z such that c 1 (mod q 1, gcd(c, q = 1, and χ(c 1. Indeed, this is obvious if q 1 = q. If q 1 < q, then Theorem 4.10 implies that if there is no such integer c then χ is induced by a character mod q 1, contrary to our assumption that χ is primitive. Now let d := gcd(b, q, put b 1 := b/d, q 1 := q/d, and choose c according to the observation. Then χ(cτ(b, χ = x S q χ(cxe 2πibx/q. If x runs through a complete residue system S q mod q, then y := cx runs through another complete residue system S q mod q. Further, since c 1 (mod q 1 we have e 2πixb/q = e 2πixb 1/q 1 = e 2πicxb 1/q 1 = e 2πiyb/q. Hence χ(cτ(b, χ = y S q χ(ye 2πiby/q = τ(b, χ. Since χ(c 1 this implies that τ(b, χ = 0. Theorem 4.17. Let q Z 2 and let χ be a primitive character mod q. Then τ(1, χ = q. 81

Proof. We have by Theorem 4.16, τ(1, χ 2 = τ(1, χ τ(1, χ = χ(xe 2πix/q τ(1, χ = = ( e 2πix/q τ(x, χ = e 2πix/q χ(ye 2πixy/q ( χ(ye 2πix(y 1/q y=0 y=0 = χ(y ( e 2πix(y 1/q = χ(ys(y, say. y=0 y=0 If y = 1, then S(y = 1 = q, while if y 1, then Hence τ(1, χ 2 = χ(1q = q. S(y = e2πi(y 1 1 e 2πi(y 1/q 1 = 0. Remark. Theorem 4.17 implies that ε χ := τ(1, χ/ q lies on the unit circle. Gauss gave a simple expression for ε χ in the case that ε χ is a primitive real character mod q, i.e., χ(a {±1} if gcd(a, q = 1. There is no general method known to compute ε χ for non-real characters χ modulo large values of q. 4.4 Quadratic reciprocity For the interested reader, we give a proof of Gauss Quadratic Reciprocity Theorem using Gauss sums. This section requires a little bit more algebraic background. Let p > 2 be a prime number. For a Z, we define the Legendre symbol ( a 1 if x := p 2 a (mod p is solvable in x Z and p a; 1 if x 2 a (mod p is not solvable in x Z; 0 if p a. 82

( Lemma 4.18. p is a character mod p, and ( a a p (p 1/2 (mod p for a Z. Proof. The group (Z/pZ is cyclic of order p 1. Let g(mod p be a generator of this group, and take a Z with gcd(a, p = 1. Then there is t Z such that a g t (mod p. Now clearly, x 2 a (mod p is solvable in x Z if and only if t is ( even. Hence a p ( = ( 1 t. This implies that p is a character mod p. Note that (g (p 1/2 2 1 (mod p, hence g (p 1/2 ±1 (mod p. But g (p 1/2 1 (mod p since g (mod p is a generator of (Z/pZ. Hence g (p 1/2 1 (mod p. It follows that ( a a (p 1/2 ( 1 t (mod p. p Gauss Quadratic Reciprocity Theorem is as follows: Theorem 4.19. Let p, q be distinct primes > 2. Then ( p ( { q 1 if p q 3 (mod 4, = ( 1 q p (p 1(/4 = 1 otherwise. We first make some preparations and then prove some lemmas. Let Q[X] denote the ring of polynomials with coefficients in Q. A number α C is called algebraic if there is a non-zero polynomial f Q[X] such that f(α = 0. Among all non-zero polynomials from Q[X] having α as a zero, we choose one of minimal degree. By multiplying such a polynomial with a suitable constant, we obtain one which is monic, i.e., of which the coefficient of the highest power of X is 1. There is only one monic polynomial in Q[X] of minimal degree having α as a zero, for if there were two, their difference would give a non-zero polynomial in Q[X] of smaller degree having α as a zero. This unique monic polynomial in Q[X] of minimal degree having α as a zero is called the minimal polynomial of α, denoted by f α. We observe that f α must be irreducible in Q[X], that is, not a product of two non-constant polynomials from Q[X]. For otherwise, α would be a zero of one of these polynomials, which has degree smaller than that of f α. 83

Let q be a prime number > 2. We write ζ q := e 2πi/q. Define { r } R q := Z[ζ q ] = a i ζq i : a i Z, r 0. This set is closed under addition and multiplication, hence it is a ring. Lemma 4.20. R q Q = Z. i=0 Proof. We use without proof, that the minimal polynomial of ζ q is (X q 1/(X 1 = X + + X + 1. Hence ζq = q 2 j=0 ζj q. By repeatedly substituting this into an expression r i=0 a iζq i with a i Z, we eventually get an expression q 2 j=0 b jζq j with b j Z for all j. Hence all elements of R q can be expressed in this form. Now if α R q Q, we get q 2 α = b j ζq j j=0 with α Q and b j Z for all j. This implies that ζ q is a zero of the polynomial b q 2 X q 2 + + b 0 α. Since the minimal polynomial of ζ q has degree q 1, this is possible only if b 0 = α and b 1 = = b q 2 = 0. Hence α Z. Given α, β R q and n Z >0, we write α β (mod n in R q if (α β/n R q. Further, we write α β (mod n in Z if (α β/n Z. By the Lemma we just proved, for α, β Z we have that α β (mod n in R q if and only if α β (mod n in Z. Lemma 4.21. Let p be any prime number. Then for α 1,..., α r R q we have (α 1 + + α r p α p 1 + + α p r (mod p in R q. Proof. By the multinomial theorem, (α 1 + + α r p = i 1 + +i r=p p! i 1! i r! αi 1 1 α ir r. All multinomial coefficients are divisible by p, except those where one index i j = p and the others are 0. ( For notational convenience we write χ q for 84 q. We now invoke Gauss sums.

Lemma 4.22. τ(1, χ q 2 = ( 1 (/2 q. Proof. The proof is almost the same as that of Theorem 4.17. The character χ q is primitive, since q is a prime and χ q χ (q 0. Using Theorem 4.16 we have, since χ q is a real character, τ(1, χ q 2 = χ q (xe 2πix/q τ(1, χ q = e 2πix/q τ(x, χ q. The same reasoning as in the proof of Theorem 4.17, but with e 2πix/q instead of e 2πix/q gives τ(1, χ q 2 = χ(y y=0 ( e 2πix(y+1/q = χ(ys (y, y=0 where S (y = q if y = 1, and S (y = 0 otherwise. Hence τ(1, χ q 2 = χ q ( 1 q = ( 1 (/2 q. Proof of Theorem 4.19. We work in the ring R q. Notice that by Lemma 4.21 and Theorem 4.16, τ(1, χ q p χ q (x p ζq px χ q (xζ px q τ(p, χ q On multiplying with τ(1, χ q and applying Lemma 4.22, we obtain ( p τ(1, χ q p+1 ( 1 (/2 q (mod p in R q. q On the other hand, by Lemmas 4.22, 4.20, ( p q τ(1, χ q (mod p in R q. τ(1, χ q p+1 = ( 1 ((p+1/4 q (p+1/2 = ( 1 (/2 q ( 1 ((p 1/4 q (p 1/2 ( q ( 1 (/2 q ( 1 (p 1(/4 (mod p in R q. p As a consequence, ( p ( q ( 1 (/2 q ( 1 (/2 q ( 1 ((p 1/4 (mod p in Z. q p 85

Since q is coprime with p, this gives ( p ( q ( 1 (p 1(/4 (mod p in Z. q p Since integers equal to ±1 can be congruent modulo p only if they are equal, this implies Theorem 4.19. We finish with the following result. Theorem 4.23. Let p be a prime > 2. Then ( 2 = p { 1 if p ±1 (mod 8, 1 if p ±3 (mod 8. Proof. Exercise. You have to follow the proof given above, but instead of R q, χ q, you have to use the ring R 8 = Z[ζ 8 ] where ζ 8 = e 2πi/8, and the character χ 8 mod 8, given by 1 if a ±1 (mod 8, χ 8 (a = 1 if a ±3 (mod 8, 0 if a 0 (mod 2. 86