In our previous article on cyclotomic fields we were talking about why the Galois group G of ℚ(μn)/ℚ is isomorphic to (ℤ/nℤ)×, where n∈ℤ and μn is the group of nth roots of unity, the roots of xn-1=0 in some extension of ℚ. (Check here for a list of previous articles on algebraic number theory.)
So far we've shown that G is isomorphic to a subgroup of (ℤ/nℤ)×. We still need to show it is actually isomorphic to the whole group, or equivalently that |G|, the order of G, which is equal to the degree of the field extension, [ℚ(μn):ℚ], actually equals |(ℤ/nℤ)×|, which is φ(n), the number of positive integers less than and relatively prime to n.
The group μn is cyclic. Any generator of the group is, by definition, a primitive nth root of unity. We let ζ be an arbitrary but fixed such generator. Then ℚ(μn)=ℚ(ζ). Let f(x) be the minimal polynomial of ζ. f(x)∈ℚ[x] is irreducible over ℚ. All other elements of μn are of the form ζa for some a∈ℤ, where a is well-defined modulo n. Further, ζa is a primitive nth root of unity if and only if a is relatively prime to n, i. e. the greatest common divisor (a,n)=1. The degree of f(x) equals [ℚ(μn):ℚ] and |G|. At this point, all we know about these numbers is that they divide φ(n) (since |G| does).
The group homomorphism j:G→(ℤ/nℤ)× was defined by the relation σ(ζ)=ζj(σ), for σ∈G. We showed that j(σ) is injective and independent of the choice of ζ. Hence G is isomorphic to a subgroup of (ℤ/nℤ)×, and therefore the degree of f(x) (and [ℚ(μn):ℚ] and |G|) is ≤φ(n). G is isomorphic to a proper subgroup of (ℤ/nℤ)×, i. e. not the whole group, if j is not surjective and the degree of f(x) is strictly less than φ(n).
As we noted last time, the problem here is that we don't yet know that all φ(n) primitive nth roots of unity are zeroes of f(x), so that |G| and the degree of f(x) equal φ(n), and hence G(ℚ(μn)/ℚ) ≅ (ℤ/nℤ)×. Stated another way, we don't yet know that the field homomorphism on ℚ(μn) induced by mapping ζ to ζa is actually an automorphism of the field, hence an element of the Galois group. It could fail to be if, say, the minimal polynomial of ζa is different from that of ζ, which could happen if the degree of f(x) is less than φ(n) because not all primitive nth roots of unity are zeroes of f(x). In order to rule out this possibility, we will show that the degree of f(x) is ≥φ(n).
There are various ways to prove the isomorphism, and even a number of ways to prove that f(x) has φ(n) distinct roots, so its degree is ≥φ(n). Many of these proofs use machinery (such as discriminants, factorization and ramification of primes, etc.) that we haven't extensively discussed yet, so I'll avoid using such things in the proof. However, we'll get to these topics eventually, and also show a way to construct the automorphisms σ∈G explicitly – after finishing the proof that G(ℚ(μn)/ℚ) ≅ (ℤ/nℤ)×.
So let's get started. The roots of the minimal polynomial f(x)∈ℚ[x] are all conjugates σ(ζ) for σ∈G, so f(x)=Πσ∈G(x-σ(ζ)). Hence f(x) is monic (leading coefficient 1). The coefficients of f(x) are symmetric functions of all conjugates of ζ, so the coefficients are all left fixed by all σ∈G. f(x) divides xn-1, so all its roots – the conjugates of ζ – are algebraic integers. So the coefficients are also algebraic integers (sums of products of powers of algebraic integers) – members of the ring of integers Oℚ(ζ). They are also in the base field, since they're left fixed by G. A basic fact is that Oℚ(ζ)∩ℚ = ℤ – any algebraic integer that lies in the base field is necessarily an integer of the base field. Hence f(x)∈ℤ[x].
Suppose that for any a∈ℤ relatively prime to n, i. e. (a,n)=1, ζa is also a root of f(x): f(ζa)=0. Since these ζa with 1≤a<n are distinct primitive nth roots of unity if ζ is, and there are φ(n) of them, the degree of f(x), and hence |G|, is ≥ φ(n). But we already showed |G|≤φ(n), hence |G|=φ(n). Since G is isomorphic to a subgroup of (ℤ/nℤ)×, we must actually have an isomorphism: G ≅ (ℤ/nℤ)×.
So all we have to show is f(ζa)=0 for 1≤a<n and (a,n)=1. The first thing to note is that it suffices to prove this just for primes p with (p,n)=1. For suppose we had that. For general a with (a,n)=1, let p be a prime that divides a. Then (p,n)=1. Consider ζa/p. Since (a/p,n)=1, ζa/p is a primitive nth root of unity with one fewer prime divisor in the exponent than ζa. So by induction on the number of prime divisors of the exponent f(ζa/p)=0. But if the result is true for prime powers of primitive nth roots of unity that satisfy f(x)=0, then f(ζa)=0 since ζa=(ζa/p)p. Alternatively, you can recall that (according to a theorem of Dirichlet), there are infinitely many primes p in the arithmetic progression a+nk for (a,n)=1 and k∈ℤ. Since ζn=1, ζa=ζp for all such p.
So let p be prime and (p,n)=1. Then note that f(x)p-f(xp)∈pℤ[x] for any f(x)∈ℤ[x]. This can be proved by induction on the degree of f(x). Suppose the highest degree term of f(x) is Axm, with p∤A. Then (Axm)p-Axmp∈pℤ[x] because Ap≡A (mod p), because (ℤ/pℤ)× is cyclic of order p-1 (Fermat's theorem). So if h(x)=f(x)-Axn, then we just have to show h(x)p-h(xp)∈pℤ[x]. But that can be assumed true by induction, unless the degree of h(x) is 1. In the latter case, if h(x)=Ax+B, we need (Ax+B)p-(Axp+B)∈pℤ[x]. But all the coefficients in (Ax+B)p except the first and last contain binomial coefficients divisible by p, and the remaining terms are handled with Fermat's theorem as before.
Finally, then, suppose the opposite of what we want to show, namely that there is a prime p with p∤n and f(ζp)≠0. By what we just showed, f(ζp) is divisible by p in Oℚ(ζ). We have f(x)=Πi∈I(x-ζi) for I={i∈ℤ: 1≤i<n and (i,n)=1}. So f(ζp) divides a product of nonzero factors ζp-ζi. By a lemma we'll prove in a moment, if J={(i,j): i,j∈ℤ, 0≤i,j<n, i≠j}, Π(i,j)∈J(ζi-ζj) = (-1)n-1nn. Hence f(ζp) divides nn and p|n, contrary to assumption. This contradiction means f(ζp)=0, as required. We've now shown f(x) has at least φ(n) roots, hence G(ℚ(μn)/ℚ) ≅ (ℤ/nℤ)×.
Now for the last lemma: We have xn-1=Π0≤i<n(x-ζi). Equating the constant terms gives (-1)n-1=Π0≤i<nζi. And by taking derivatives of both sides, nxn-1=Σ0≤i<nΠ0≤j<n, j≠i(x-ζj). Substituting x=ζk, nζk(n-1)=Π0≤j<n, j≠k(ζk-ζj). Taking products of this for 0≤k<n gives, with the set J as above, Π(i,j)∈J(ζi-ζj) = nn(Π0≤k<nζk)n-1. But the last product on the right side was evaluated above, so finally we are left with (-1)n-1nn on the right (since n-1 has the same even/odd parity as its square).
Well, that was a bit of work, wasn't it? But nothing too esoteric, apart from a little Galois theory and some classic number theoretical facts. (Thanks to [1, pp 96-8] for the bulk of the proof.)
Actually, it is possible to do this without the lemma, using the theorem on primes in an arithmetic progression. Suppose f(x) is any polynomial in ℤ[x] such that f(ζ)=0 when ζ is a primitive nth root of unity. Then for any a∈ℤ with (a,n)=1, since f(x)p-f(xp)∈pℤ[x] for any prime p∈ℤ, we have 0=f(ζ)p≡f(ζp) mod pOℚ(ζ). But there are infinitely many primes p≡a mod n, and for such p, ζp=ζa. Consequently, f(ζa) is a member of an infinite number of distinct prime ideals, which is possible only if f(ζa)=0. Hence f(x) has degree ≥φ(n), which is the crucial fact we found before.
We can now define the cyclotomic polynomial Φn(x)=Π0<i<n, (i,n)=1(x-ζi), for any primitive nth root of unity ζ. From the foregoing, we know a lot about Φn(x): its roots are precisely all the primitive nth roots of unity (in ℂ), its degree is φ(n), it is irreducible (over ℚ), its coefficients are in ℤ, and it is the minimal polynomial of ζ. The notation Φn(x) is on account of its relation to the Euler function φ(n).
We also have this factorization of xn-1 in ℤ[x]: xn-1 = Πd|nΦd(x). This holds, since the roots of each Φd(x) are precisely the roots of unity in the cyclic group μn that have exact order d for each d that divides n. (Each root has one and only one exact order d satisfying d|n.) This relation is occasionally useful, and it yields interesting facts such as Σd|nφ(d) = n (by taking degrees of polynomials on both sides).
It turns out that the irreducibility of Φn(x) is relatively easy to prove for certain n, namely those that are powers of a single prime. So let p be prime and q=pr for an integer r≥1. Let f(x)=Φq(x). The roots of f(x) are primitive qth roots of unity, namely ζ∈μq such that ζ has order q. There are φ(q) of these and φ(q)=q-q/p=q(1-1/p)=(p-1)pr-1 (because every pth element of the set {0,1,...,q-1} is divisible by p). So clearly f(x)=(xq-1)/(xq/p-1). Let g(x)=(xp-1)/(x-1) and h(x)=g(x+1)=((x+1)p-1)/x=xp-1+Σ0<j<p(p j)xj-1, where (p j) is a binomial coefficient, which is divisible by p if 0<j<p. Finally, consider the polynomial h(xq/p)=g(xq/p+1).
Suppose f(x) splits in ℚ[x]. Then since f(x)=g(xq/p), the latter splits, and consequently g(xq/p+1)=h(xq/p) does too. But h(xq/p) is what's known as an Eisenstein polynomial, because the leading coefficient is not divisible by p, the constant term is p (not divisible by p2), and all other nonzero coefficients (the binomial coefficients) are divisible by p. However, Eisenstein polynomials are irreducible over ℚ. This contradiction means f(x) must be irreducible over ℚ. QED.
The fact that Φq(x) is irreducible if q=pr, and hence G(ℚ(μq)/ℚ)≅(ℤ/qℤ)×, can be used as the basis for yet another proof of this isomorphism for arbitrary n, by considering prime power divisors q of n, the corresponding extensions ℚ(μq)/ℚ, and their Galois groups in building up the full extension ℚ(μn)/ℚ and its Galois group. But we won't go into that now.
In the next installment, we'll discuss many more fun facts about cyclotomic fields.
References:
[1] Goldstein, Larry Joel - Analytic Number Theory
So far we've shown that G is isomorphic to a subgroup of (ℤ/nℤ)×. We still need to show it is actually isomorphic to the whole group, or equivalently that |G|, the order of G, which is equal to the degree of the field extension, [ℚ(μn):ℚ], actually equals |(ℤ/nℤ)×|, which is φ(n), the number of positive integers less than and relatively prime to n.
The group μn is cyclic. Any generator of the group is, by definition, a primitive nth root of unity. We let ζ be an arbitrary but fixed such generator. Then ℚ(μn)=ℚ(ζ). Let f(x) be the minimal polynomial of ζ. f(x)∈ℚ[x] is irreducible over ℚ. All other elements of μn are of the form ζa for some a∈ℤ, where a is well-defined modulo n. Further, ζa is a primitive nth root of unity if and only if a is relatively prime to n, i. e. the greatest common divisor (a,n)=1. The degree of f(x) equals [ℚ(μn):ℚ] and |G|. At this point, all we know about these numbers is that they divide φ(n) (since |G| does).
The group homomorphism j:G→(ℤ/nℤ)× was defined by the relation σ(ζ)=ζj(σ), for σ∈G. We showed that j(σ) is injective and independent of the choice of ζ. Hence G is isomorphic to a subgroup of (ℤ/nℤ)×, and therefore the degree of f(x) (and [ℚ(μn):ℚ] and |G|) is ≤φ(n). G is isomorphic to a proper subgroup of (ℤ/nℤ)×, i. e. not the whole group, if j is not surjective and the degree of f(x) is strictly less than φ(n).
As we noted last time, the problem here is that we don't yet know that all φ(n) primitive nth roots of unity are zeroes of f(x), so that |G| and the degree of f(x) equal φ(n), and hence G(ℚ(μn)/ℚ) ≅ (ℤ/nℤ)×. Stated another way, we don't yet know that the field homomorphism on ℚ(μn) induced by mapping ζ to ζa is actually an automorphism of the field, hence an element of the Galois group. It could fail to be if, say, the minimal polynomial of ζa is different from that of ζ, which could happen if the degree of f(x) is less than φ(n) because not all primitive nth roots of unity are zeroes of f(x). In order to rule out this possibility, we will show that the degree of f(x) is ≥φ(n).
There are various ways to prove the isomorphism, and even a number of ways to prove that f(x) has φ(n) distinct roots, so its degree is ≥φ(n). Many of these proofs use machinery (such as discriminants, factorization and ramification of primes, etc.) that we haven't extensively discussed yet, so I'll avoid using such things in the proof. However, we'll get to these topics eventually, and also show a way to construct the automorphisms σ∈G explicitly – after finishing the proof that G(ℚ(μn)/ℚ) ≅ (ℤ/nℤ)×.
So let's get started. The roots of the minimal polynomial f(x)∈ℚ[x] are all conjugates σ(ζ) for σ∈G, so f(x)=Πσ∈G(x-σ(ζ)). Hence f(x) is monic (leading coefficient 1). The coefficients of f(x) are symmetric functions of all conjugates of ζ, so the coefficients are all left fixed by all σ∈G. f(x) divides xn-1, so all its roots – the conjugates of ζ – are algebraic integers. So the coefficients are also algebraic integers (sums of products of powers of algebraic integers) – members of the ring of integers Oℚ(ζ). They are also in the base field, since they're left fixed by G. A basic fact is that Oℚ(ζ)∩ℚ = ℤ – any algebraic integer that lies in the base field is necessarily an integer of the base field. Hence f(x)∈ℤ[x].
Suppose that for any a∈ℤ relatively prime to n, i. e. (a,n)=1, ζa is also a root of f(x): f(ζa)=0. Since these ζa with 1≤a<n are distinct primitive nth roots of unity if ζ is, and there are φ(n) of them, the degree of f(x), and hence |G|, is ≥ φ(n). But we already showed |G|≤φ(n), hence |G|=φ(n). Since G is isomorphic to a subgroup of (ℤ/nℤ)×, we must actually have an isomorphism: G ≅ (ℤ/nℤ)×.
So all we have to show is f(ζa)=0 for 1≤a<n and (a,n)=1. The first thing to note is that it suffices to prove this just for primes p with (p,n)=1. For suppose we had that. For general a with (a,n)=1, let p be a prime that divides a. Then (p,n)=1. Consider ζa/p. Since (a/p,n)=1, ζa/p is a primitive nth root of unity with one fewer prime divisor in the exponent than ζa. So by induction on the number of prime divisors of the exponent f(ζa/p)=0. But if the result is true for prime powers of primitive nth roots of unity that satisfy f(x)=0, then f(ζa)=0 since ζa=(ζa/p)p. Alternatively, you can recall that (according to a theorem of Dirichlet), there are infinitely many primes p in the arithmetic progression a+nk for (a,n)=1 and k∈ℤ. Since ζn=1, ζa=ζp for all such p.
So let p be prime and (p,n)=1. Then note that f(x)p-f(xp)∈pℤ[x] for any f(x)∈ℤ[x]. This can be proved by induction on the degree of f(x). Suppose the highest degree term of f(x) is Axm, with p∤A. Then (Axm)p-Axmp∈pℤ[x] because Ap≡A (mod p), because (ℤ/pℤ)× is cyclic of order p-1 (Fermat's theorem). So if h(x)=f(x)-Axn, then we just have to show h(x)p-h(xp)∈pℤ[x]. But that can be assumed true by induction, unless the degree of h(x) is 1. In the latter case, if h(x)=Ax+B, we need (Ax+B)p-(Axp+B)∈pℤ[x]. But all the coefficients in (Ax+B)p except the first and last contain binomial coefficients divisible by p, and the remaining terms are handled with Fermat's theorem as before.
Finally, then, suppose the opposite of what we want to show, namely that there is a prime p with p∤n and f(ζp)≠0. By what we just showed, f(ζp) is divisible by p in Oℚ(ζ). We have f(x)=Πi∈I(x-ζi) for I={i∈ℤ: 1≤i<n and (i,n)=1}. So f(ζp) divides a product of nonzero factors ζp-ζi. By a lemma we'll prove in a moment, if J={(i,j): i,j∈ℤ, 0≤i,j<n, i≠j}, Π(i,j)∈J(ζi-ζj) = (-1)n-1nn. Hence f(ζp) divides nn and p|n, contrary to assumption. This contradiction means f(ζp)=0, as required. We've now shown f(x) has at least φ(n) roots, hence G(ℚ(μn)/ℚ) ≅ (ℤ/nℤ)×.
Now for the last lemma: We have xn-1=Π0≤i<n(x-ζi). Equating the constant terms gives (-1)n-1=Π0≤i<nζi. And by taking derivatives of both sides, nxn-1=Σ0≤i<nΠ0≤j<n, j≠i(x-ζj). Substituting x=ζk, nζk(n-1)=Π0≤j<n, j≠k(ζk-ζj). Taking products of this for 0≤k<n gives, with the set J as above, Π(i,j)∈J(ζi-ζj) = nn(Π0≤k<nζk)n-1. But the last product on the right side was evaluated above, so finally we are left with (-1)n-1nn on the right (since n-1 has the same even/odd parity as its square).
Well, that was a bit of work, wasn't it? But nothing too esoteric, apart from a little Galois theory and some classic number theoretical facts. (Thanks to [1, pp 96-8] for the bulk of the proof.)
Actually, it is possible to do this without the lemma, using the theorem on primes in an arithmetic progression. Suppose f(x) is any polynomial in ℤ[x] such that f(ζ)=0 when ζ is a primitive nth root of unity. Then for any a∈ℤ with (a,n)=1, since f(x)p-f(xp)∈pℤ[x] for any prime p∈ℤ, we have 0=f(ζ)p≡f(ζp) mod pOℚ(ζ). But there are infinitely many primes p≡a mod n, and for such p, ζp=ζa. Consequently, f(ζa) is a member of an infinite number of distinct prime ideals, which is possible only if f(ζa)=0. Hence f(x) has degree ≥φ(n), which is the crucial fact we found before.
We can now define the cyclotomic polynomial Φn(x)=Π0<i<n, (i,n)=1(x-ζi), for any primitive nth root of unity ζ. From the foregoing, we know a lot about Φn(x): its roots are precisely all the primitive nth roots of unity (in ℂ), its degree is φ(n), it is irreducible (over ℚ), its coefficients are in ℤ, and it is the minimal polynomial of ζ. The notation Φn(x) is on account of its relation to the Euler function φ(n).
We also have this factorization of xn-1 in ℤ[x]: xn-1 = Πd|nΦd(x). This holds, since the roots of each Φd(x) are precisely the roots of unity in the cyclic group μn that have exact order d for each d that divides n. (Each root has one and only one exact order d satisfying d|n.) This relation is occasionally useful, and it yields interesting facts such as Σd|nφ(d) = n (by taking degrees of polynomials on both sides).
It turns out that the irreducibility of Φn(x) is relatively easy to prove for certain n, namely those that are powers of a single prime. So let p be prime and q=pr for an integer r≥1. Let f(x)=Φq(x). The roots of f(x) are primitive qth roots of unity, namely ζ∈μq such that ζ has order q. There are φ(q) of these and φ(q)=q-q/p=q(1-1/p)=(p-1)pr-1 (because every pth element of the set {0,1,...,q-1} is divisible by p). So clearly f(x)=(xq-1)/(xq/p-1). Let g(x)=(xp-1)/(x-1) and h(x)=g(x+1)=((x+1)p-1)/x=xp-1+Σ0<j<p(p j)xj-1, where (p j) is a binomial coefficient, which is divisible by p if 0<j<p. Finally, consider the polynomial h(xq/p)=g(xq/p+1).
Suppose f(x) splits in ℚ[x]. Then since f(x)=g(xq/p), the latter splits, and consequently g(xq/p+1)=h(xq/p) does too. But h(xq/p) is what's known as an Eisenstein polynomial, because the leading coefficient is not divisible by p, the constant term is p (not divisible by p2), and all other nonzero coefficients (the binomial coefficients) are divisible by p. However, Eisenstein polynomials are irreducible over ℚ. This contradiction means f(x) must be irreducible over ℚ. QED.
The fact that Φq(x) is irreducible if q=pr, and hence G(ℚ(μq)/ℚ)≅(ℤ/qℤ)×, can be used as the basis for yet another proof of this isomorphism for arbitrary n, by considering prime power divisors q of n, the corresponding extensions ℚ(μq)/ℚ, and their Galois groups in building up the full extension ℚ(μn)/ℚ and its Galois group. But we won't go into that now.
In the next installment, we'll discuss many more fun facts about cyclotomic fields.
References:
[1] Goldstein, Larry Joel - Analytic Number Theory