Advanced Mathematics

Algebraic Number Theory: Fields, Ideals, and Factorization

Algebraic number theory studies number fields — finite extensions of the rationals — and the arithmetic of their rings of integers. It explains why unique factorization sometimes fails, replaces it with a perfect factorization theory for ideals, and connects classical problems like Fermat's Last Theorem to deep structural results.

Learning Objectives

After working through this guide, you will be able to:

  • Define number fields, compute degree, minimal polynomials, embeddings, norm, and trace
  • Describe the ring of integers of a number field and compute integral bases and discriminants
  • Explain why unique factorization of elements fails and how Dedekind's ideal theory restores it
  • Compute the ideal class group and class number using the Minkowski bound
  • Apply Dirichlet's unit theorem to determine the structure of the unit group
  • Classify how rational primes split, remain inert, or ramify in quadratic fields
  • Understand cyclotomic fields and Kummer's approach to Fermat's Last Theorem
  • Work with p-adic numbers, the p-adic absolute value, and Hensel's lemma

1. Number Fields

A number field is the fundamental object of study in algebraic number theory. Informally, it is a field you get by adjoining an algebraic number to the rationals Q.

Algebraic Numbers and Minimal Polynomials

A complex number alpha is algebraic over Q if it satisfies some nonzero polynomial with rational coefficients. Every algebraic number has a unique minimal polynomial: the monic polynomial of smallest degree with rational coefficients that has alpha as a root. This polynomial is always irreducible over Q.

Examples of Algebraic Numbers

  • sqrt(2): minimal polynomial x^2 - 2, degree 2
  • i = sqrt(-1): minimal polynomial x^2 + 1, degree 2
  • cbrt(2): minimal polynomial x^3 - 2, degree 3
  • zeta_5 = e^(2*pi*i/5): minimal polynomial x^4 + x^3 + x^2 + x + 1, degree 4
  • Every rational number q: minimal polynomial x - q, degree 1

Definition and Degree

A number field K is a field extension of Q that is finite-dimensional as a Q-vector space. The dimension [K : Q] is called the degree of K. If alpha is algebraic over Q with minimal polynomial of degree n, then Q(alpha) is a number field of degree n with Q-basis 1, alpha, alpha^2, ..., alpha^(n-1).

Quadratic Fields

K = Q(sqrt(d)) where d is a squarefree integer, d not equal to 1. Degree [K : Q] = 2. Every element has the form a + b*sqrt(d) with a, b in Q. These are the simplest non-trivial number fields and illustrate most key phenomena cleanly.

Cyclotomic Fields

K = Q(zeta_n) where zeta_n = e^(2*pi*i/n) is a primitive n-th root of unity. Degree [K : Q] = phi(n), Euler's totient function. These fields are Galois over Q with abelian Galois group, making them central to class field theory.

Embeddings

An embedding of K into C is a field homomorphism sigma: K to C fixing Q pointwise. A number field of degree n has exactly n embeddings. These come in two types: real embeddings (image lies in R) and complex embeddings (image not in R). Complex embeddings always come in conjugate pairs. If K has r1 real embeddings and 2*r2 complex conjugate pairs, then r1 + 2*r2 = n = [K : Q].

Signature of a Number Field

The pair (r1, r2) is called the signature of K. For Q(sqrt(5)): r1 = 2, r2 = 0, since both embeddings send sqrt(5) to plus or minus sqrt(5), both real. For Q(sqrt(-5)): r1 = 0, r2 = 1, since the two embeddings send sqrt(-5) to plus or minus i*sqrt(5), both non-real. The signature governs the shape of Dirichlet's unit theorem.

Norm and Trace

For an element alpha in a number field K of degree n, the norm N(alpha) and trace Tr(alpha) are defined using all n embeddings sigma_1, ..., sigma_n of K into C:

  • N(alpha) = sigma_1(alpha) * sigma_2(alpha) * ... * sigma_n(alpha) (product of all conjugates)
  • Tr(alpha) = sigma_1(alpha) + sigma_2(alpha) + ... + sigma_n(alpha) (sum of all conjugates)
  • Both N(alpha) and Tr(alpha) are rational numbers
  • N(alpha * beta) = N(alpha) * N(beta) (norm is multiplicative)
  • Tr(alpha + beta) = Tr(alpha) + Tr(beta) (trace is additive)

For Q(sqrt(d)), the norm and trace of alpha = a + b*sqrt(d) are: N(a + b*sqrt(d)) = a^2 - d*b^2 and Tr(a + b*sqrt(d)) = 2a. The norm is the determinant and the trace is the trace of the multiplication-by-alpha map viewed as a Q-linear map on K.

2. The Ring of Integers

Just as Z sits inside Q, every number field K contains a canonical subring called the ring of integers, denoted O_K. This is where the arithmetic of the number field lives.

Algebraic Integers

An element alpha in K is an algebraic integer if it satisfies a monic polynomial with integer coefficients: alpha^n + c_(n-1)*alpha^(n-1) + ... + c_1*alpha + c_0 = 0 with all c_i in Z. The ring of integers O_K is the set of all algebraic integers in K.

Key Facts About Algebraic Integers

  • O_K is a ring: sums and products of algebraic integers are algebraic integers
  • O_K intersect Q = Z: the only rational algebraic integers are ordinary integers
  • O_K is a free Z-module of rank n = [K : Q]
  • Every element of K can be written as alpha / m for some alpha in O_K and m in Z

Rings of Integers for Quadratic Fields

For K = Q(sqrt(d)) with d squarefree, the ring of integers is:

  • O_K = Z[sqrt(d)] = (a + b*sqrt(d) : a, b in Z) when d is congruent to 2 or 3 mod 4
  • O_K = Z[(1 + sqrt(d))/2] when d is congruent to 1 mod 4
  • Example: d = -3 (congruent to 1 mod 4): O_K = Z[(1 + sqrt(-3))/2] = Z[omega], omega = e^(2*pi*i/3)
  • Example: d = 5 (congruent to 1 mod 4): O_K = Z[(1 + sqrt(5))/2] = Z[phi], phi = golden ratio
  • Example: d = -5 (congruent to 3 mod 4): O_K = Z[sqrt(-5)]

Integral Basis and Discriminant

Since O_K is a free Z-module of rank n, it has a Z-basis called an integral basis: elements omega_1, ..., omega_n in O_K such that every element of O_K can be written uniquely as m_1*omega_1 + ... + m_n*omega_n with all m_i in Z.

The discriminant of K (or of the basis) is disc(K) = det(Tr(omega_i * omega_j))^2, the square of the determinant of the trace form matrix. The discriminant is a nonzero integer that encodes how the field ramifies over Q. A prime p ramifies in K (meaning pO_K is not a product of distinct prime ideals) if and only if p divides disc(K).

Q(sqrt(-1))

disc = -4. Only prime 2 ramifies. O_K = Z[i] (Gaussian integers)

Q(sqrt(-5))

disc = -20. Primes 2 and 5 ramify. Class number h = 2, so unique factorization fails

Q(sqrt(5))

disc = 5. Only prime 5 ramifies. Class number h = 1, so O_K is a PID

3. Unique Factorization and its Failure

The fundamental theorem of arithmetic guarantees unique factorization in Z. The whole thrust of algebraic number theory begins with the observation that this can fail in rings of integers of number fields, and then the heroic effort to repair it.

The Failure in Z[sqrt(-5)]

In the ring Z[sqrt(-5)], which is O_K for K = Q(sqrt(-5)), consider the number 6. It factors in two genuinely different ways:

Two Distinct Factorizations of 6

6 = 2 * 3 = (1 + sqrt(-5)) * (1 - sqrt(-5))

Each factor is irreducible in Z[sqrt(-5)] — none can be written as a product of two non-unit elements. You can verify this using norms: N(2) = 4, N(3) = 9, N(1 + sqrt(-5)) = 1 + 5 = 6. If 2 = alpha * beta, then N(2) = 4 = N(alpha) * N(beta), so one norm is 1 (a unit) or we need norms 2 and 2 — but x^2 + 5*y^2 = 2 has no integer solutions. Hence 2 is irreducible. Similarly for the others. But these are two different factorizations, so unique factorization fails.

Irreducible vs. Prime

In a UFD, irreducible elements are the same as prime elements. In Z[sqrt(-5)], the elements 2, 3, 1 + sqrt(-5), 1 - sqrt(-5) are irreducible but not prime. An element p is prime if whenever p divides a*b, then p divides a or p divides b. The element 2 divides (1 + sqrt(-5))*(1 - sqrt(-5)) = 6, but 2 does not divide 1 + sqrt(-5) or 1 - sqrt(-5) in Z[sqrt(-5)].

Dedekind Domains

Richard Dedekind's great insight (1871) was to shift attention from elements to ideals. A Dedekind domain is an integral domain that is:

  • 1.Noetherian: every ideal is finitely generated
  • 2.Integrally closed: if alpha in the fraction field satisfies a monic polynomial over the domain, then alpha is already in the domain
  • 3.Every nonzero prime ideal is maximal

The ring of integers O_K of any number field is always a Dedekind domain. In a Dedekind domain, every nonzero proper ideal factors uniquely as a product of prime ideals. This is the correct generalization of unique factorization to rings of integers.

Restoring Unique Factorization

In Z[sqrt(-5)], the ideal (6) = (2, 1 + sqrt(-5))^2 * (3, 1 + sqrt(-5)) * (3, 1 - sqrt(-5)). The two element factorizations 2*3 and (1 + sqrt(-5))*(1 - sqrt(-5)) correspond to grouping these prime ideals differently. At the ideal level, there is only one factorization. The elements "look different" because each prime ideal is non-principal — it cannot be generated by a single element.

4. Ideal Theory in Dedekind Domains

Ideals in O_K behave like generalized integers, with a complete theory of multiplication, divisibility, and factorization.

Prime Ideals and Maximal Ideals

In a Dedekind domain, every nonzero prime ideal is maximal. A prime ideal p in O_K corresponds to a prime in the ring — the quotient O_K / p is a finite field (a field with p^f elements for some rational prime p and some positive integer f). The rational prime p lying below p is determined by p intersect Z = (p).

Factorization of Ideals

Every nonzero proper ideal I in O_K factors uniquely as:

I = p_1^(e_1) * p_2^(e_2) * ... * p_r^(e_r)

where p_1, ..., p_r are distinct prime ideals and e_1, ..., e_r are positive integers. This factorization is unique up to reordering. Divisibility of ideals is defined by: p divides I if and only if I is contained in p.

Norm of an Ideal

The norm of an ideal I, written N(I), is the cardinality of the quotient ring O_K / I. For a principal ideal (alpha), N((alpha)) = |N_K/Q(alpha)|. The norm is multiplicative: N(I * J) = N(I) * N(J). For a prime ideal p lying over the rational prime p, N(p) = p^f where f is the residue degree (the degree of the residue field extension).

Dedekind's Theorem on Factorization of Primes

Suppose O_K = Z[alpha] for some alpha with minimal polynomial f(x) over Z. Let p be a rational prime that does not divide the index [O_K : Z[alpha]]. Factor f(x) mod p as:

f(x) congruent to f_1(x)^(e_1) * f_2(x)^(e_2) * ... * f_r(x)^(e_r) (mod p)

where f_i are distinct irreducible polynomials mod p. Then:

p*O_K = p_1^(e_1) * ... * p_r^(e_r)

where p_i = (p, f_i(alpha)). The residue degree of p_i is deg(f_i). The prime p ramifies when some e_i is greater than 1, splits completely when r = n and all e_i = 1, and is inert when r = 1 and e_1 = 1.

Ramification, Inertia, and Splitting

For a prime ideal p lying over a rational prime p in a degree n field K:

  • p*O_K = p_1^(e_1) * ... * p_r^(e_r), each p_i with residue degree f_i
  • Fundamental identity: e_1*f_1 + e_2*f_2 + ... + e_r*f_r = n
  • Unramified: all e_i = 1
  • Ramified: some e_i greater than 1 (equivalently, p divides disc(K/Q))
  • Totally split: r = n, all e_i = 1, all f_i = 1
  • Inert: r = 1, e_1 = 1, f_1 = n (prime stays prime)

5. Class Group and Class Number

The ideal class group measures precisely how far O_K is from being a principal ideal domain — and hence how badly unique factorization of elements fails.

Fractional Ideals and the Class Group

A fractional ideal of K is a nonzero O_K-submodule I of K such that d*I is contained in O_K for some nonzero d in O_K. Fractional ideals form a group under multiplication, with the principal fractional ideals (alpha) = alpha * O_K forming a normal subgroup. The quotient:

Cl(K) = (fractional ideals) / (principal fractional ideals)

is the ideal class group of K. Elements are equivalence classes of ideals, where I and J are equivalent if I = (alpha)*J for some alpha in K*. The class number h(K) = |Cl(K)| is the order of this group. When h(K) = 1, every ideal is principal, so O_K is a PID and unique factorization holds for elements.

The Minkowski Bound

Minkowski proved that every ideal class contains an integral ideal of norm at most the Minkowski bound M_K:

M_K = (n! / n^n) * (4/pi)^(r2) * sqrt(|disc(K)|)

where n = [K : Q] is the degree, r2 is the number of complex conjugate pairs of embeddings, and disc(K) is the discriminant. To compute Cl(K), you need only consider prime ideals of norm at most M_K — a finite and computable set. This proves h(K) is always finite.

Computing the Class Group: Example

For K = Q(sqrt(-5)), we have n = 2, r1 = 0, r2 = 1, disc = -20. The Minkowski bound is M_K = (2/pi) * sqrt(20) approximately 2.85. So we only need to check prime ideals of norm 1 or 2.

  • The prime 2 ramifies: 2*O_K = p^2 where p = (2, 1 + sqrt(-5))
  • N(p) = 2, so p is the only prime ideal to check
  • Is p principal? We need a + b*sqrt(-5) with N = a^2 + 5*b^2 = 2
  • No integer solution, so p is not principal
  • p^2 = (2) is principal, so the class [p] has order 2 in Cl(K)
  • Therefore Cl(Q(sqrt(-5))) = Z/2Z and h = 2

Class Numbers of Imaginary Quadratic Fields

Gauss conjectured, and Heegner, Baker, and Stark eventually proved, that there are exactly 9 imaginary quadratic fields Q(sqrt(d)) with class number 1 (i.e., unique factorization holds):

d = -1, -2, -3, -7, -11, -19, -43, -67, -163

For all other negative squarefree d, the ring Z[sqrt(d)] (or its integral closure) has class number greater than 1, meaning unique factorization fails. This result, resolved in the 1960s, was one of the major achievements of twentieth century number theory.

6. Units and Dirichlet's Unit Theorem

A unit in O_K is an element with a multiplicative inverse also in O_K, equivalently an element of norm plus or minus 1. Units are the "trivial" ambiguity in factorization. Dirichlet's unit theorem gives the complete structure of the unit group O_K*.

Roots of Unity

The torsion subgroup of O_K* consists of the roots of unity in K — elements zeta with zeta^n = 1 for some positive integer n. In most number fields, the only roots of unity are plus and minus 1. Special fields contain more: Q(i) contains (plus or minus 1, plus or minus i) (4th roots of unity), and Q(zeta_3) contains all 6th roots of unity.

The Rank Formula

Dirichlet's unit theorem states: if K has r1 real embeddings and r2 pairs of complex embeddings, then:

O_K* is isomorphic to mu(K) times Z^(r1 + r2 - 1)

where mu(K) is the finite cyclic group of roots of unity in K. The integer r = r1 + r2 - 1 is called the rank of the unit group. A generating set (u_1, ..., u_r) for the free part is called a system of fundamental units.

Imaginary Quadratic Fields

(r1, r2) = (0, 1), rank = 0 + 1 - 1 = 0. Only finitely many units, just the roots of unity in K. For Q(sqrt(-5)): units are just plus and minus 1. For Q(sqrt(-1)): units are (1, -1, i, -i). For Q(sqrt(-3)): units are the 6th roots of unity.

Real Quadratic Fields

(r1, r2) = (2, 0), rank = 2 + 0 - 1 = 1. One fundamental unit epsilon such that all units are plus or minus epsilon^n. For Q(sqrt(2)): fundamental unit is 1 + sqrt(2). For Q(sqrt(5)): fundamental unit is the golden ratio (1 + sqrt(5))/2.

Regulator

The regulator R_K is the absolute value of the determinant of the (r1 + r2 - 1) by (r1 + r2 - 1) matrix of logarithmic embeddings of fundamental units. It measures the "size" of the unit group in a precise sense. The analytic class number formula connects h(K), R_K, disc(K), and the Dedekind zeta function of K.

7. Quadratic Fields and Quadratic Reciprocity

Quadratic fields Q(sqrt(d)) are the simplest nontrivial number fields and illustrate all the main phenomena of algebraic number theory in a concrete setting. The splitting of rational primes in these fields is governed by classical results in elementary number theory.

Discriminant of a Quadratic Field

For K = Q(sqrt(d)) with d squarefree, the discriminant is:

  • disc(K) = d if d is congruent to 1 mod 4
  • disc(K) = 4d if d is congruent to 2 or 3 mod 4

The discriminant determines which primes ramify. A rational prime p ramifies in K if and only if p divides disc(K).

The Legendre Symbol

For an odd prime p and an integer a not divisible by p, the Legendre symbol (a/p) is defined to be:

  • (a/p) = 1 if a is a quadratic residue mod p (x^2 congruent to a mod p has a solution)
  • (a/p) = -1 if a is a quadratic non-residue mod p
  • (a/p) = 0 if p divides a

Euler's criterion: (a/p) congruent to a^((p-1)/2) mod p.

Splitting of Primes in Q(sqrt(d))

For an odd prime p not dividing d, the behavior of p in O_K is completely determined by the Legendre symbol (d/p):

  • Split:(d/p) = 1: p*O_K = p1 * p2 with two distinct prime ideals, each of norm p
  • Inert:(d/p) = -1: p*O_K remains prime in O_K, a prime ideal of norm p^2
  • Ramified:(d/p) = 0, i.e., p divides d: p*O_K = p^2 for a prime ideal p of norm p

Quadratic Reciprocity

The law of quadratic reciprocity, proved by Gauss, relates the Legendre symbols (p/q) and (q/p) for distinct odd primes p and q:

(p/q) * (q/p) = (-1)^((p-1)/2 * (q-1)/2)

Equivalently: (p/q) = (q/p) unless both p and q are congruent to 3 mod 4, in which case (p/q) = -(q/p). The supplementary laws handle the primes 2 and -1: (-1/p) = (-1)^((p-1)/2) and (2/p) = (-1)^((p^2-1)/8).

Example: Does 3 split in Q(sqrt(7))?

We need (7/3). Since 7 congruent to 1 mod 3, we have 7 congruent to 1 mod 3, and 1 is a perfect square, so (7/3) = (1/3) = 1. Therefore 3 splits in Q(sqrt(7)): 3*O_K = p1 * p2.

8. Cyclotomic Fields and Kummer's Work

Cyclotomic fields are formed by adjoining roots of unity to Q. They have exceptionally rich structure: they are always Galois over Q with abelian Galois group, and their arithmetic is completely governed by classical results in elementary number theory.

Primitive Roots of Unity and the Cyclotomic Field

Let zeta_n = e^(2*pi*i/n) be a primitive n-th root of unity. The cyclotomic field Q(zeta_n) has degree [Q(zeta_n) : Q] = phi(n), where phi is Euler's totient function. The ring of integers is Z[zeta_n].

Examples

  • Q(zeta_3): degree phi(3) = 2, the same as Q(sqrt(-3))
  • Q(zeta_4) = Q(i): degree phi(4) = 2
  • Q(zeta_5): degree phi(5) = 4, ramified only at 5
  • Q(zeta_p): degree p-1, ramified only at p

Galois Group

The Galois group Gal(Q(zeta_n)/Q) is isomorphic to (Z/nZ)*, the multiplicative group of units mod n. Each automorphism sigma_a is determined by sigma_a(zeta_n) = zeta_n^a for a in (Z/nZ)*. This group is abelian, which is why cyclotomic fields are central to abelian class field theory. The Kronecker-Weber theorem states that every abelian extension of Q is contained in a cyclotomic field.

Ramification in Cyclotomic Fields

For K = Q(zeta_p) with p an odd prime, only the prime p ramifies, and it ramifies totally: p*Z[zeta_p] = (1 - zeta_p)^(p-1). This is because zeta_p - 1 is a uniformizer (an element of valuation 1) at the unique prime above p. All other rational primes are unramified, and the splitting of a prime l not equal to p is determined by the order of l in (Z/pZ)*.

Kummer's Approach to Fermat's Last Theorem

Fermat's Last Theorem asserts that x^n + y^n = z^n has no positive integer solutions for n greater than or equal to 3. The problem reduces to showing this for prime exponents p. Kummer's strategy over Q(zeta_p):

  1. 1.Factor: x^p + y^p = product over j = 0 to p-1 of (x + zeta_p^j * y) in Z[zeta_p]
  2. 2.These factors are pairwise coprime as ideals (when x, y, z are pairwise coprime)
  3. 3.So each factor ideal (x + zeta_p^j * y) must be a p-th power of an ideal
  4. 4.If p does not divide h(Q(zeta_p)) (p is a regular prime), then these ideals must actually be p-th powers of principal ideals, enabling a descent argument
  5. 5.Kummer proved FLT for all regular primes (p less than 100: only 37, 59, 67 are irregular)

Regular vs. Irregular Primes

A prime p is regular if p does not divide the class number h(Q(zeta_p)). Irregular primes (37, 59, 67, 101, ...) require separate treatment. It is conjectured that infinitely many irregular primes exist, and it is known (but not proved) that infinitely many regular primes exist. Wiles' 1995 proof of FLT bypassed the regular prime approach entirely, using elliptic curves and modular forms instead.

9. p-adic Numbers

The p-adic numbers Q_p provide a different completion of Q from the real numbers. While R completes Q with respect to the usual absolute value, Q_p completes Q with respect to the p-adic absolute value. These completions are fundamentally different and each reveals different arithmetic structure.

The p-adic Absolute Value

For a prime p and a rational number x = p^n * (a/b) with p not dividing a or b, define the p-adic valuation v_p(x) = n and the p-adic absolute value:

|x|_p = p^(-v_p(x))

Numbers divisible by high powers of p have small p-adic absolute value. The p-adic absolute value is non-archimedean: it satisfies |x + y|_p is at most max(|x|_p, |y|_p) (the ultrametric inequality, stronger than the triangle inequality). For example: |p|_p = 1/p, |p^2|_p = 1/p^2, |1|_p = 1, |p + 1|_p = 1.

The Field Q_p

The field Q_p is the completion of Q with respect to the p-adic metric. Every nonzero element of Q_p can be written uniquely in the form:

x = p^n * (a_0 + a_1*p + a_2*p^2 + ...)

where n is an integer, each a_i is in (0, 1, ..., p-1), and a_0 is not zero. This is an infinite series in p that converges in the p-adic topology. Unlike power series in analysis, p-adic series converge whenever the terms go to zero — the ultrametric inequality makes convergence much easier.

p-adic Integers

The ring of p-adic integers Z_p consists of elements of Q_p with p-adic absolute value at most 1, equivalently elements with non-negative p-adic valuation:

Z_p = (a_0 + a_1*p + a_2*p^2 + ... : each a_i in (0, 1, ..., p-1))

Z_p is a compact, local ring with unique maximal ideal (p). The ordinary integers Z sit densely in Z_p. The units of Z_p are elements with a_0 not equal to 0. By the Chinese Remainder Theorem, Z_p / p^n*Z_p is isomorphic to Z / p^n * Z.

Hensel's Lemma

Hensel's lemma is the p-adic analogue of Newton's method. It allows lifting approximate solutions to exact solutions:

Hensel's Lemma (Basic Form)

Let f(x) be a polynomial with Z_p coefficients. If a_0 in Z_p satisfies f(a_0) congruent to 0 mod p and f'(a_0) is not congruent to 0 mod p, then there exists a unique a in Z_p such that f(a) = 0 and a is congruent to a_0 mod p. In other words, a simple root mod p lifts uniquely to a root in Z_p.

Example: Square Roots in Q_p

Does 7 have a square root in Q_5? We need x^2 congruent to 7 mod 5, i.e., x^2 congruent to 2 mod 5. Testing: 1^2 = 1, 2^2 = 4, 3^2 = 4, 4^2 = 1 mod 5. None equal 2, so there is no square root of 7 in Q_5. Now does 7 have a square root in Q_3? We need x^2 congruent to 7 congruent to 1 mod 3, and x = 1 works. Moreover 2*1 = 2 is not congruent to 0 mod 3, so Hensel's lemma applies and 7 has a square root in Q_3.

Ostrowski's Theorem

Ostrowski's theorem classifies all absolute values on Q: every nontrivial absolute value on Q is either the usual absolute value |*| or the p-adic absolute value |*|_p for some prime p. This means the completions of Q are exactly R and the Q_p. The slogan in number theory is "Q embeds into R and into Q_p for every prime p, and these are the only completions."

10. Applications and Connections

Fermat's Last Theorem: The Full Story

The complete proof of Fermat's Last Theorem by Andrew Wiles in 1995 (with the final gap filled by Taylor and Wiles) does not directly use algebraic number theory in Kummer's style. Instead, it proceeds by:

  1. 1.Associate to a hypothetical solution (a, b, c) of a^p + b^p = c^p the Frey elliptic curve E: y^2 = x(x - a^p)(x + b^p)
  2. 2.Ribet's theorem (1986): if E exists, it cannot be modular
  3. 3.Wiles proved: every semistable elliptic curve over Q is modular (the Modularity Theorem for semistable curves)
  4. 4.Contradiction: E cannot both be non-modular and modular, so the hypothetical solution cannot exist

The Birch and Swinnerton-Dyer Conjecture

One of the seven Millennium Prize Problems, BSD concerns elliptic curves over Q. An elliptic curve E: y^2 = x^3 + ax + b has a group of rational points E(Q). The rank of E(Q) (the number of independent infinite-order points) is hard to compute. BSD conjectures:

The L-function L(E, s) (a complex analytic function encoding the number of points of E over each finite field F_p) satisfies:

rank(E(Q)) = ord_(s=1) L(E, s)

The rank of E over Q equals the order of vanishing of L(E, s) at s = 1. This connects the arithmetic of E (rational solutions) to the analytic behavior of L(E, s). Algebraic number theory provides the framework for understanding these L-functions.

Lattice-Based Cryptography

Algebraic number theory, particularly the theory of ideal lattices in rings like Z[x] / (x^n + 1) (related to cyclotomic fields), underlies many post-quantum cryptographic schemes. The hardness assumptions rely on:

  • Ring Learning With Errors (RLWE): hard to recover a secret ring element from noisy linear combinations, with hardness tied to shortest vector problems in ideal lattices
  • NTRU: a lattice-based public key system using polynomial rings
  • These schemes are believed to be secure against quantum computers, unlike RSA and elliptic curve cryptography

Class Field Theory

Class field theory is the crowning achievement of early twentieth century algebraic number theory. It classifies all abelian extensions of a number field K in terms of the arithmetic of K itself. The main theorem:

There is a canonical bijection between abelian extensions of K and certain subgroups of the idele class group of K. For K = Q, this recovers the Kronecker-Weber theorem (every abelian extension of Q lies in a cyclotomic field). The Artin reciprocity law is the master reciprocity law that generalizes quadratic reciprocity.

Practice Problems

Problem 1 — Number Fields and Norms

Let K = Q(cbrt(2)), where cbrt(2) is the real cube root of 2. (a) What is [K : Q]? (b) List the embeddings of K into C. (c) Compute N(1 + cbrt(2)). (d) Is K Galois over Q?

Show Solution

(a) The minimal polynomial of cbrt(2) over Q is x^3 - 2, which is irreducible by Eisenstein at p = 2. So [K : Q] = 3.

(b) The three embeddings send cbrt(2) to the three cube roots of 2: cbrt(2) (real), omega*cbrt(2) (complex), omega^2*cbrt(2) (complex), where omega = e^(2*pi*i/3). So r1 = 1, r2 = 1 and the signature is (1, 1).

(c) N(1 + cbrt(2)) = (1 + cbrt(2)) * (1 + omega*cbrt(2)) * (1 + omega^2*cbrt(2)). This equals the value at x = -1 of the polynomial whose roots are cbrt(2), omega*cbrt(2), omega^2*cbrt(2), which is x^3 - 2. So N(1 + cbrt(2)) = (-1)^3 - 2 = -1 - 2 = -3. (Or: evaluating the norm polynomial f(-x) at x = 1 where f(x) = x^3 - 2 gives (-x)^3 - 2 = -x^3 - 2, and taking the negative because the leading coefficient changes: N(1 + alpha) = f(-1) evaluated appropriately gives |N| = 3.)

(d) K is NOT Galois over Q. A Galois extension of degree 3 would need the Galois group to be Z/3Z, requiring all roots of x^3 - 2 to lie in K. But K = Q(cbrt(2)) is contained in R, while omega*cbrt(2) is not real. So K does not contain all roots of its minimal polynomial.

Problem 2 — Ring of Integers

Find the ring of integers O_K for K = Q(sqrt(21)). Then find an integral basis and compute the discriminant.

Show Solution

21 = 3 * 7. Check: 21 mod 4 = 1, since 21 = 5*4 + 1. Since 21 is congruent to 1 mod 4, the ring of integers is O_K = Z[(1 + sqrt(21))/2].

Let omega = (1 + sqrt(21))/2. An integral basis is (1, omega) = (1, (1 + sqrt(21))/2).

The trace form matrix: Tr(1*1) = 2, Tr(1 * omega) = Tr(omega) = 1 (since the two conjugates of omega are (1 + sqrt(21))/2 and (1 - sqrt(21))/2, summing to 1), Tr(omega * omega) = Tr(omega^2). Now omega^2 = (1 + sqrt(21))^2 / 4 = (22 + 2*sqrt(21))/4 = (11 + sqrt(21))/2. Tr(omega^2) = 11.

The trace matrix is [[2, 1], [1, 11]], with determinant 2*11 - 1 = 21. The discriminant is disc(K) = det = 21. This matches the formula: d congruent to 1 mod 4 gives disc = d = 21. Primes 3 and 7 ramify.

Problem 3 — Unique Factorization Failure

In Z[sqrt(-6)], show that 10 has at least two distinct factorizations into irreducibles. Then factor the ideal (10) into prime ideals in O_K where K = Q(sqrt(-6)).

Show Solution

Element factorizations: 10 = 2 * 5 = (2 + sqrt(-6)) * (2 - sqrt(-6)). Check the second: (2 + sqrt(-6))(2 - sqrt(-6)) = 4 + 6 = 10. Correct.

Verify irreducibility using norms: N(2) = 4, N(5) = 25, N(2 + sqrt(-6)) = 4 + 6 = 10. If 2 = alpha * beta then N(alpha)*N(beta) = 4, so norms are (1,4) or (2,2). But x^2 + 6y^2 = 2 has no integer solution. So 2 is irreducible. Similarly for 5 and 2 +/- sqrt(-6).

Ideal factorization: disc(-6) = 4*(-6) = -24. We have: (2)*O_K = p_2^2, (3)*O_K = p_3^2, (5)*O_K = p_5,1 * p_5,2 (since -6 mod 5 = 4 = 2^2, so (-6/5) = (4/5) = 1).

(10) = (2) * (5) = p_2^2 * p_5,1 * p_5,2. This is the unique ideal factorization. The two element factorizations represent different groupings of these prime ideals into principal elements.

Problem 4 — Class Number Computation

Compute the class number of K = Q(sqrt(-23)). Use the Minkowski bound to identify which prime ideals to check.

Show Solution

K = Q(sqrt(-23)): n = 2, r1 = 0, r2 = 1. Since -23 is congruent to 1 mod 4, disc(K) = -23 and O_K = Z[(1 + sqrt(-23))/2].

Minkowski bound: M_K = (2/pi) * sqrt(23) approximately (2/3.14) * 4.80 approximately 3.05. So we check prime ideals of norm 2 and 3 only.

Prime 2: (-23/2): is -23 congruent to 1 mod 8? -23 congruent to -23 + 24 = 1 mod 8. Yes! So 2 splits: (2) = p_1 * p_2 with N(p_1) = N(p_2) = 2.

Is p_1 principal? Need a^2 + ab + 6b^2 = 2 (using the norm form for O_K = Z[(1+sqrt(-23))/2], norm of a + b*(1+sqrt(-23))/2 is a^2 + ab + 6b^2). Testing small values: (1,0) gives 1, (1,1) gives 8, no solution with norm 2. So p_1 is not principal, [p_1] has order greater than 1 in Cl(K).

Prime 3: (-23 mod 3) = 1, and (1/3) = 1, so 3 splits: (3) = q_1 * q_2. Need norm form = 3: a^2 + ab + 6b^2 = 3, try (1, 0): 1, (2,0): 4, (1,1): 8. No solution. q_1 not principal.

Since p_1^3 and q_1^2 can be checked to be non-principal but p_1^3 = q_1 (checking the ideal product), and p_1^3 is principal (one shows (p_1)^3 = (2, (1+sqrt(-23))/2)^3 = ((1+sqrt(-23))/2)), the class of p_1 has order 3. Therefore h(Q(sqrt(-23))) = 3 and Cl(K) = Z/3Z.

Problem 5 — Dirichlet's Unit Theorem

For K = Q(sqrt(2)), find the fundamental unit and describe the full unit group O_K*. Then show that 3 + 2*sqrt(2) is a unit.

Show Solution

K = Q(sqrt(2)): r1 = 2, r2 = 0 (both embeddings are real: sqrt(2) to sqrt(2) and sqrt(2) to -sqrt(2)). Rank = r1 + r2 - 1 = 1. The unit group has the form (plus or minus 1) times Z, generated by a fundamental unit epsilon.

The ring of integers is Z[sqrt(2)] (since 2 is congruent to 2 mod 4). A unit epsilon = a + b*sqrt(2) satisfies N(epsilon) = a^2 - 2b^2 = plus or minus 1. The smallest positive unit greater than 1: try a=1,b=1: 1-2=-1. Yes! epsilon = 1 + sqrt(2) is a unit with norm -1.

So the fundamental unit is epsilon = 1 + sqrt(2), and the full unit group is: O_K* = (plus or minus (1 + sqrt(2))^n : n in Z).

Check 3 + 2*sqrt(2): N(3 + 2*sqrt(2)) = 9 - 2*4 = 9 - 8 = 1. Yes, it is a unit. In fact (1 + sqrt(2))^2 = 1 + 2*sqrt(2) + 2 = 3 + 2*sqrt(2). So 3 + 2*sqrt(2) is the square of the fundamental unit.

Problem 6 — p-adic Numbers

(a) Compute |72|_3 and |72|_2. (b) Does x^2 = 7 have a solution in Q_5? (c) Is the sequence 1, 1+3, 1+3+9, 1+3+9+27, ... convergent in Q_3? If so, what is its limit?

Show Solution

(a) 72 = 8 * 9 = 2^3 * 3^2. So v_3(72) = 2, |72|_3 = 3^(-2) = 1/9. And v_2(72) = 3, |72|_2 = 2^(-3) = 1/8.

(b) We need x^2 congruent to 7 mod 5. 7 congruent to 2 mod 5. Check: 1^2=1, 2^2=4, 3^2=4, 4^2=1 mod 5. None equal 2. So x^2 = 7 has no solution in Q_5 (Hensel's lemma cannot start since there is no approximate solution mod 5).

(c) The partial sums are s_n = 1 + 3 + 9 + ... + 3^n = (3^(n+1) - 1) / (3 - 1) = (3^(n+1) - 1)/2. In Q_3, |3^(n+1)|_3 = 3^(-(n+1)) goes to 0, so 3^(n+1) goes to 0 in Q_3. Therefore s_n goes to -1/2 in Q_3. The series converges to -1/2! This is consistent: 1 + 3 + 9 + ... = 1/(1-3) = -1/2 as a formal geometric series, and in Q_3 this converges because |3|_3 = 1/3 less than 1.

Exam Tips and Common Mistakes

Tip 1: Irreducible Does Not Mean Prime in General Rings

In Z, irreducible and prime coincide. In a general ring of integers, they may not. An element can be irreducible (not factoring into non-units) without being prime (not having the divisibility property p|ab implies p|a or p|b). Always check both conditions separately.

Tip 2: Apply the Correct O_K Formula for Quadratic Fields

For Q(sqrt(d)) with d squarefree: O_K = Z[sqrt(d)] when d is congruent to 2 or 3 mod 4, and O_K = Z[(1 + sqrt(d))/2] when d is congruent to 1 mod 4. Forgetting the mod 4 case is a common error that leads to wrong discriminants and wrong class numbers.

Tip 3: Use Norms to Prove Irreducibility

To show an element alpha in O_K is irreducible, show that N(alpha) cannot be written as a product of two norms each greater than 1 in a way that corresponds to a factorization. If N(alpha) is a rational prime, then alpha is irreducible automatically.

Tip 4: The Fundamental Identity e_1*f_1 + ... + e_r*f_r = n Always Holds

When factoring a rational prime p in O_K, always verify that the ramification indices e_i and inertia degrees f_i of the prime ideal factors p_i satisfy e_1*f_1 + e_2*f_2 + ... + e_r*f_r = [K : Q]. This is a consistency check that will catch errors in ideal factorizations.

Tip 5: p-adic Convergence Is Easier Than Real Convergence

In Q_p, a series sum of a_n converges if and only if a_n approaches 0 in the p-adic metric (the terms going to zero is sufficient, not just necessary). This is because Q_p is complete and its absolute value is ultrametric. Contrast with R where sum of 1/n diverges even though 1/n goes to 0.

Tip 6: Check if h = 1 Before Trying to Factor Elements

If the class number of K is 1, then O_K is a PID and unique factorization of elements holds — you can factor elements exactly as in Z. If h is greater than 1, you must work with ideals instead of elements. Always compute h first (using the Minkowski bound) before attempting any arithmetic in O_K.

Key Theorems Quick Reference

Unique Ideal Factorization

In any Dedekind domain, every nonzero proper ideal factors uniquely as a product of prime ideals. O_K is always a Dedekind domain.

Finiteness of Class Number

For any number field K, the class number h(K) is finite. The Minkowski bound gives an explicit finite set of primes to check.

Dirichlet's Unit Theorem

O_K* is isomorphic to mu(K) times Z^(r1 + r2 - 1), where (r1, r2) is the signature of K and mu(K) is the roots of unity in K.

Quadratic Reciprocity

(p/q)(q/p) = (-1)^((p-1)/2 * (q-1)/2) for distinct odd primes p and q. Governs splitting in quadratic fields.

Dedekind's Theorem

Factoring f(x) mod p gives the prime ideal factorization of p*O_K, when O_K = Z[alpha] and p does not divide the index.

Hensel's Lemma

A simple root of f mod p lifts uniquely to a root in Z_p. The p-adic analogue of Newton's method for finding roots.

Kronecker-Weber Theorem

Every abelian extension of Q is contained in a cyclotomic field Q(zeta_n) for some positive integer n.

Ostrowski's Theorem

Every nontrivial absolute value on Q is equivalent to the usual absolute value or to the p-adic absolute value for exactly one prime p.

Related Topics

Abstract Algebra

Groups, rings, fields, modules, and Galois theory — the algebraic foundations underlying all of algebraic number theory

Number Theory

Elementary number theory including divisibility, congruences, the Chinese Remainder Theorem, and quadratic residues

Analytic Number Theory

Riemann zeta function, Dirichlet L-functions, prime number theorem, and the analytic side of class field theory