UNITEXT 119

Rocco Chirivì · Ilaria Del Corso

Roberto Dvornicich

Selected
Exercises
in Algebra
Volume 1
UNITEXT - La Matematica per il 3+2

Volume 119

Editor-in-Chief
Alfio Quarteroni, Politecnico di Milano, Milan, Italy; EPFL, Lausanne,
Switzerland

Series Editors
Luigi Ambrosio, Scuola Normale Superiore, Pisa, Italy
Paolo Biscari, Politecnico di Milano, Milan, Italy
Ciro Ciliberto, Università di Roma “Tor Vergata”, Rome, Italy
Camillo De Lellis, Institute for Advanced Study, Princeton, NJ, USA
Victor Panaretos, Institute of Mathematics, EPFL, Lausanne, Switzerland
Wolfgang J. Runggaldier, Università di Padova, Padova, Italy
The UNITEXT - La Matematica per il 3+2 series is designed for undergraduate
and graduate academic courses, and also includes advanced textbooks at a research
level. Originally released in Italian, the series now publishes textbooks in English
addressed to students in mathematics worldwide. Some of the most successful books
in the series have evolved through several editions, adapting to the evolution of
teaching curricula. Submissions must include at least 3 sample chapters, a table of
contents, and a preface outlining the aims and scope of the book, how the book fits
in with the current literature, and which courses the book is suitable for.

More information about this subseries at http://www.springer.com/series/5418

Rocco Chirivı̀ • Ilaria Del Corso •
Roberto Dvornicich

Selected Exercises
in Algebra
Volume 1
Rocco Chirivı̀ Ilaria Del Corso
Dipartimento di Matematica e Fisica Dipartimento di Matematica
University of Salento University of Pisa
Lecce, Italy Pisa, Italy

Roberto Dvornicich
Dipartimento di Matematica
University of Pisa
Pisa, Italy

Translated by
Alessandra Caraceni
Oxford, UK

ISSN 2038-5714 ISSN 2532-3318 (electronic)

UNITEXT
ISSN 2038-5722 ISSN 2038-5757 (electronic)
La Matematica per il 3+2
ISBN 978-3-030-36155-6 ISBN 978-3-030-36156-3 (eBook)
https://doi.org/10.1007/978-3-030-36156-3

© Springer Nature Switzerland AG 2020

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of
the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology
now known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book
are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or
the editors give a warranty, expressed or implied, with respect to the material contained herein or for any
errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional
claims in published maps and institutional affiliations.

This Springer imprint is published by the registered company Springer Nature Switzerland AG.
The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
“The nice thing about mathematics is doing
mathematics.”
—Pierre Deligne
To Andrea, who knows what mathematics is
Rocco
To Francesca, with a wish that she will be
able to find and nurture her passions
Ilaria
To young people who already love or might
come to love mathematics
Roberto
Preface

This is a book of exercises in algebra, accompanied by notes covering the relevant

theory to be used as a reference for the solutions proposed. It is the result of several
decades of experience of teaching the subject at the University of Pisa. It collects
exam questions set over the years, along with their solutions.
The reason for us to write this book is the idea that Mathematics can only be
learned by rediscovering it, which is most effectively done by working out one’s
own solutions. Moreover, we believe these exercises possess some features that
differentiate them from those of most other books. The first is the lack of “duplicate”
questions: there are no exercises that only differ by the value of certain parameters,
and whose solutions are hence essentially the same. The second—and perhaps
crucial—characteristic is that here no exercise is solved mechanically, by rote. On
the contrary, solving each exercise requires a clever idea.
Anyone who has grappled with mathematics knows that this approach has a
dramatic impact on both the level of challenge posed by a problem, and also on its
intrinsic value. The insight gained by solving an exercise which requires an original
idea is infinitely superior to what comes from merely applying methods we have
learnt. We also like to think of the ideas necessary for solving our exercises as rather
well assorted, a fact we believe is one of the main strengths of the book. In view of
all this, one might wish to describe the present text as a collection of problems in
algebra rather than exercises.
Because of the peculiar history of the University of Pisa, whose courses are also
attended by students of the Scuola Normale Superiore, these exercises might at times
be more difficult than the average exam questions at other Italian universities. This,
however, is not at odds with the aim of the work, which is to develop problem-
solving skills and prepare students for the study of algebra in the best way possible.
We therefore hope that the reader will take this very important advice to heart:
do not give in to temptation and look up the solution to a problem if you have
not spent a long time trying to solve it yourself. Understanding a ready-made
solution, even an elegant one, does not foster real mathematical growth. As we

ix
x Preface

have already mentioned, in order to learn mathematics one must do mathematics.

Actively seeking a solution is what expands our understanding and what lets us
discover the links between concepts, the web of connections that are fundamental
for true learning. We also hope to intrigue students and prompt them to dig deeper
into the topics that are only briefly mentioned in each question.
The book’s structure mirrors the way that algebra is taught during the first
years of a maths degree at the University of Pisa. This structure is the result of
historical developments starting from the time when all basic notions in algebra
were bundled into a single first-year course. Following the split of Bachelor’s and
Master’s degrees, those contents were divided into two: one part resulted in the first-
year “Arithmetic” course, and the other, initially taught under the name “Algebraic
Structures”, now constitutes the second-year “Algebra 1” course. The two blocks
correspond exactly to the two volumes of this book.
The volume dedicated to “Arithmetic” is mostly concerned with elementary tools
such as induction, elements of combinatorics, integer numbers and congruences,
followed by an introduction to the basic properties of algebraic structures: Abelian
groups, rings, polynomials and their roots, field extensions and finite fields. In
the second volume, which corresponds to the “Algebraic Structures” and “Algebra
1” courses, we delve deeper into the theory of groups, commutative rings—with
a particular emphasis on unique factorisation—and field extensions, as well as
introducing the fundamentals of Galois theory.
Each part is accompanied by notes on the theory. Although exhaustive, they do
not attempt to make up for an algebra textbook, but rather provide the necessary
framework to the exercises. They should, in particular, recall relevant results without
providing any proofs. (For further information the reader may instead turn, for
example, to Herstein’s “Topics in Algebra”, Wiley & Sons, or Artin’s “Algebra”,
Pearson.)
This book also includes a series of preliminary exercises. These should be tackled
first since their results will often be needed in subsequent problems. We also stress
that all solutions provided do not require any theoretical tools other than those
recalled in the introductory chapters and the preliminary exercises. Invoking more
advanced theorems would simplify certain solutions and occasionally render an
exercise trivial, but doing so would be contrary to the very spirit of this work.
Acknowledgements We wish to thank Ciro Ciliberto for the support, Francesca
Bonadei at Springer Italia for the precious assistance and all the students who
attended our lectures and busied themselves with the exercises during exams.
Updates We warmly invite readers to provide us with feedback and point out
mistakes (which, in a book containing the detailed solutions to 250+ exercises,
are almost inevitably to be found) by contacting us at the addresses: rocco.
chirivi@unisalento.it or ilaria.delcorso@unipi.it or roberto.dvornicich@unipi.it.
Preface xi

Updates and corrections will appear on the web page http://www.dmf.unisalento.

it/~chirivi/libroEserciziAlgebra.html.

Lecce, Italy Rocco Chirivì

Pisa, Italy Ilaria Del Corso
Pisa, Italy Roberto Dvornicich
June 2017
Preface to the English Edition

This is the English translation of our book Esercizi Scelti di Algebra, Volume 1. We
have taken the opportunity of the translation to correct some typos and inaccuracies
present in the first edition in Italian.
We would like to express our deep gratitude to our translator Alessandra
Caraceni; her impressive work, based on profound mathematical competence, has
gone far beyond an impeccable translation.

Lecce, Italy Rocco Chirivì

Pisa, Italy Ilaria Del Corso
Pisa, Italy Roberto Dvornicich
October 2019

xiii
Contents

1 Theory . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 1
1 Fundamentals .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 1
1.1 Sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 1
1.2 Maps .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 3
1.3 Relations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 5
1.4 The Principle of Induction .. . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 7
1.5 Operations .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 8
1.6 Numbers .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 9
2 Combinatorics .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 12
3 Integers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 15
3.1 Divisibility of Integers .. . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 15
3.2 Congruences.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 17
3.3 Modular Arithmetic .. . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 20
4 Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 24
4.1 Definition and Basic Properties . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 24
4.2 Subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 25
4.3 Product of Subgroups .. . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 26
4.4 Cosets of a Subgroup . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 27
4.5 Normal Subgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 28
4.6 The Symmetric Group . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 29
4.7 Group Homomorphisms .. . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 30
4.8 Direct Product of Groups .. . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 33
5 Rings .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 34
5.1 Definition and Basic Properties . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 34
5.2 Subrings, Ideals and Quotients . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 35
5.3 Polynomial Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 37
5.4 Divisibility of Polynomials .. . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 39
5.5 Polynomial Factorisation . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 41
5.6 Quotients of Polynomial Rings. . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 43

xv
xvi Contents

6 Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 45
6.1 Characteristic of a Field . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 45
6.2 Multiplicative Group .. . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 46
6.3 Field Extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 46
6.4 Splitting Field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 48
6.5 Finite Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 50
7 Preliminary Exercises .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 52
2 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 69
1 Sequences.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 69
2 Combinatorics .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 71
3 Congruences .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 77
4 Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 85
5 Rings and Fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 93
3 Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 99
1 Sequences.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 99
2 Combinatorics .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 106
3 Congruences .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 134
4 Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 174
5 Rings and Fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 201

Index . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 235
Chapter 1
Theory

1 Fundamentals

1.1 Sets

The concept of a set is a primitive notion; we shall neither attempt to define it nor
give an axiomatic presentation of set theory. We shall instead adopt the naïve view
of a set as a collection of objects, called its elements. The only property one can
ascribe to a set X is that it is possible to determine whether or not an object x is an
element of X: if it is, we write x ∈ X and say that x belongs to X. If x is not an
element of X, we write x ∈ X and say that x does not belong to X. Also, two sets
X and Y are said to be equal if they contain the same elements. There is but one set
containing no elements, that is, the empty set, denoted by ∅.
A set X is a subset of a set Y if every element of X is an element of Y , in which
case we write X ⊆ Y ; conversely, by X  Y we mean that X is not a subset of Y .
The empty set is a subset of every set X (that is, ∅ ⊆ X), and naturally we also have
X ⊆ X. The family of all subsets of X is denoted by P(X) and is called the power
set of X. The sets ∅ and X are therefore elements of P(X).
A subset X of a set Y is often defined by means of some property p; we shall
write
.
X = {y ∈ Y | p(y)}

to mean that X is the set of elements of Y that satisfy property p.

The union X ∪ Y of two sets X and Y is the set of all elements that belong to X
or to Y ; that is,

x ∈X∪Y if and only if x ∈ X or x ∈ Y.

© Springer Nature Switzerland AG 2020 1

R. Chirivì et al., Selected Exercises in Algebra, UNITEXT 119,
https://doi.org/10.1007/978-3-030-36156-3_1
2 1 Theory

Note that the word “or” is used here as an inclusive disjunction: an element of X ∪Y
may belong to both X and Y . In this sense the connective “or” is akin to the Latin
conjunction vel.
The intersection X ∩ Y is the set of elements belonging to both X and Y :

x ∈X∩Y if and only if x ∈ X and x ∈ Y.

One can take unions and intersections of any number of sets: if F is a family of
sets, we have

x∈ X if and only if there exists a set X in F such that x ∈ X
X∈F

and, similarly,

x∈ X if and only if for all X in F we have x ∈ X.
X∈F

Proposition 1.1 Union and intersection are distributive over each other: given
three sets X, Y and Z we have

X ∩ (Y ∪ Z) = (X ∩ Y ) ∪ (X ∩ Z) and X ∪ (Y ∩ Z) = (X ∪ Y ) ∩ (X ∪ Z).

Two sets X, Y with no element in common, i.e. such that X ∩ Y = ∅, are called
disjoint. Each subset X of Y is disjoint from its complement Y \ X, which is the set
of elements of Y that do not belong to X. If two sets X and Y are disjoint we shall
sometimes write X  Y for their union, and hence call it a disjoint union.
Operations on sets are related in a straightforward manner to logical operations
on propositions, as clarified by the following
Proposition 1.2 Given a set Z and two subsets X = {x ∈ Z | p(x)} and Y = {y ∈
Z | q(y)} of Z we have
(i) X ∪ Y = {z ∈ Z | p(z) or q(z)},
(ii) X ∩ Y = {z ∈ Z | p(z) and q(z)},
(iii) Z \ X = {z ∈ Z | not p(z)},
(iv) X ⊆ Y if and only if p(z) implies q(z) for all z in Z.
Proposition 1.3 Given a set Z and two subsets X and Y of Z, De Morgan’s laws
hold:

Z \ (X ∪ Y ) = (Z \ X) ∩ (Z \ Y ) and Z \ (X ∩ Y ) = (Z \ X) ∪ (Z \ Y );

that is, taking the complement changes unions into intersections and vice-versa.
The set of all ordered pairs (x, y), where x is an element of X and y an element
of Y , is denoted by X × Y and called the Cartesian product of X and Y . The same
1 Fundamentals 3

construction can be performed on any number of sets: X1 × X2 × · · · × Xn is the

set of ordered n-tuples (x1 , x2 , . . . , xn ) with x1 ∈ X1 , x2 ∈ X2 , . . ., xn ∈ Xn . We
shall, for the sake of brevity, denote by Xn the Cartesian product of n copies of X.

1.2 Maps

A map from a set X to a set Y is some recipe that assigns to each element of X
a unique element of Y . More formally, a map f from X to Y is a subset of the
Cartesian product X × Y with the property that for each x ∈ X there exists a unique
y ∈ Y such that (x, y) ∈ f ; the set X is called the domain of f and Y is the
f
codomain of f . We shall write f : X −→ Y or X −→ Y to express that f ⊆
X × Y is a map from X to Y , and always use the functional notations f (x) = y or
f
f : x −→ y or x −→ y rather than (x, y) ∈ f .
When f (x) = y we shall say interchangeably that y is the image of x, or that f
sends or maps x to y, or even that y is obtained from x via f . The subset Im(f ) =
{f (x) | x ∈ X} ⊆ Y of elements of Y reached by f starting from some x in X is
called the image of f . Notice that, as implied by the definition, two maps f and
g are equal if and only if they have same domain and codomain and are such that
f (x) = g(x) for all x in the domain.
Given a subset A of X we call f (A) the image of A under f , that is, the set of all
elements of the form f (a) for some a in A. Conversely, given a subset B of Y , we
denote by f −1 (B) the set of x in X such that f (x) ∈ B, and call it the pre-image
of B under f . Taking images and pre-images of sets is in a sense compatible with
taking unions and intersections, as detailed by the following
Proposition 1.4 Taking pre-images commutes with unions and intersections

f −1 (A ∪ B) = f −1 (A) ∪ f −1 (B), f −1 (A ∩ B) = f −1 (A) ∩ f −1 (B)

while taking images only commutes with unions

f (A ∪ B) = f (A) ∪ f (B).

Moreover,

f (A ∩ B) ⊆ f (A) ∩ f (B);

note that in this case we only have an inclusion rather than an equality: the set
f (A ∩ B) can be a proper subset of f (A) ∩ f (B).
4 1 Theory

f g
Given two maps X −→ Y and Y −→ Z, the composite g ◦ f of f and g is the
map from X to Z defined by the rule

g◦f
X x −→ g(f (x)) ∈ Z.

Proposition 1.5 The composition of maps is associative: given maps f , g and h

such that the composites g ◦ f and h ◦ g are well defined, we have h ◦ (g ◦ f ) =
(h ◦ g) ◦ f .
A map which sends any two distinct elements of X to distinct elements of Y is
called injective or one-to-one . In order to stress the injectivity of a map from X to
Y , we may write X −→ Y . A map such that every element y of Y is the image of
some x in X is said to be surjective or onto; equivalently, f : X → Y is surjective
when Im(f ) = Y . A surjective map is denoted by X −→ → Y . When a map f is both
injective and surjective we shall say that f is bijective, and occasionally express this
by writing f : X / Y.
∼

Proposition 1.6 The composite of injective maps is injective and the composite
of surjective maps is surjective. In particular, the composite of bijective maps is
bijective.
iX
When X is a subset of a set Y we may define the inclusion map X x −→
x ∈ Y , which is clearly injective. In particular, the inclusion of X into X itself is
called the identity map and is denoted by IdX , or simply Id when not ambiguous;
the identity is a bijective map.
Given a subset X of a set Y and a map f from Y to a set Z, the restriction of f
f|X
to X is the map X x −→ f (x) ∈ Z; clearly, we have f|X = f ◦ iX
g
Given a map f from a set X to a set Y , an inverse of f is a map Y −→ X such
that g ◦ f = IdX and f ◦ g = IdY . A map for which an inverse exists is called
invertible. Not all maps admit an inverse, and in fact
Proposition 1.7 A map is invertible if and only if it is bijective. Moreover, if a map
is invertible then its inverse is unique.
For an invertible map f we shall denote by f −1 the unique inverse of f .
f
Given a map X −→ X we denote by Xf the set of fixed points of f , that is,
X = {x ∈ X | f (x) = x}; we shall also use the notation Fix(f ).
f

A bijective map from a set X to itself is called a permutation. The set of

permutations S(X) of X will assume an important role in our study of algebra.
In general, the set of all maps X −→ Y is denoted by Y X .
A diagramme of sets and maps is said to be commutative if composing maps
along any two paths of arrows starting and ending at common places yields the
1 Fundamentals 5

same map. For example, the following diagramme

f
X Y
g h
i
A B

is commutative if and only if (h ◦ f )x = (i ◦ g)x for all x in X.

1.3 Relations

Let X be a set and R a subset of the Cartesian product X ×X. The set R corresponds
to the relation ∼R , or simply ∼ when no ambiguity arises, defined on X by setting
x ∼R y if and only if (x, y) ∈ R. Of particular importance are equivalence relations.
A relation ∼ is an equivalence relation if it satisfies the following properties:
(i) reflexivity: x ∼ x for all x ∈ X,
(ii) symmetry: if x ∼ y then y ∼ x,
(iii) transitivity: if x ∼ y and y ∼ z then x ∼ z.
Notice that equality itself is an equivalence relation; as a matter of fact, it might help
to think of general equivalence relations as “weaker” versions of equality. Given an
element x ∈ X and an equivalence relation ∼ on X, the equivalence class of x is
the set C(x) of y ∈ X such that x ∼ y. Any two distinct equivalence classes are
disjoint and the union of all equivalence classes of elements of X is the set X itself.
Let us now introduce further terminology closely linked to relations. A partition
of a set X is a family P of nonempty subsets of X satisfying the following
properties:
(i) any two distinct sets in P are disjoint,
(ii) the union of all sets in P is X.
There is a perfect correspondence between equivalence relations and partitions in
the sense of the following
Theorem 1.8 Given an equivalence relation ∼ on a set X, the family of equivalence
classes under ∼ is a partition of X. Conversely, given a partition P of a set X, the
relation ∼ defined by

x∼y if and only if there exists C ∈ P such that x, y ∈ C

is an equivalence relation on X whose equivalence classes are the sets of the

partition P.
6 1 Theory

The family of the equivalence classes under a relation ∼ on X is called the quotient
set of X by ∼ and is denoted by X/∼. Moreover, the map
π
X x −→ C(x) ∈ X/∼

which sends any element x to its equivalence class is called the quotient map.
f
A map X −→ Y is said to be compatible with the equivalence relation ∼ on X if
f (x) = f (y) for all x, y ∈ X such that x ∼ y. If f is compatible with ∼, then there
exists a unique map f such that f = f ◦ π; in other words, f makes the following
diagramme commutative:

f
X Y.
π
f

X/

The same property may be expressed by saying that f passes to the quotient. We
shall sometimes define a map f directly as C(x) −→ f (x); when doing so, one
needs to check that f is well defined, that is, that f is compatible with ∼.
When two relations ∼ and ∼ on a set X are such that x ∼ y implies x ∼ y,
the partition P induced by ∼ is finer than the partition P induced by ∼ : in other
words, for each class C ∈ P there exists a class C ∈ P such that C ⊆ C . The
association C −→ C thus defined is a surjective map  that renders the following
diagramme commutative:

X
π π

X/ X/ .

A set of representatives R for an equivalence relation ∼ on X is a subset of

X such that restricting the projection map to R yields a bijection between R and
X/∼. That is, R has been assembled by selecting, for each equivalence class, a
unique representative in X.
Other important relations we shall frequently use are order relations, or simply
orders. An order relation on a set X is a relation ≤ which is
(i) reflexive: x ≤ x for all x ∈ X,
(ii) anti-symmetric : if x ≤ y and y ≤ x then x = y,
(iii) transitive if x ≤ y and y ≤ z then x ≤ z.
1 Fundamentals 7

Notice we do not require all elements of X to be comparable to each other: it may

indeed be that neither x ≤ y nor y ≤ x for some x, y in X. If for all x, y ∈ X we do
have x ≤ y or y ≤ x then the relation is a total order. Sometimes, when we need to
emphasise that a certain order relation might not be a total order, we shall call it a
partial order .
A strict order is a relation < on X which is
(i) irreflexive: there is no x ∈ X such that x < x, and
(ii) transitive: if x < y and y < z then x < z.
Each order relation corresponds to a strict order and vice-versa. Indeed, given an
order ≤, by setting x < y whenever x ≤ y and x = y, we create a strict order <;
conversely, given a strict order < we may set x ≤ y whenever x < y or x = y
to recover an order relation. This correspondence between ≤ and < will be tacitly
exploited throughout the book.

1.4 The Principle of Induction

We shall denote by N the set of natural numbers {0, 1, 2, . . .}; we will not give
an axiomatic presentation of natural numbers but rather take their basic properties
as a given. Let us only mention that one possible formalisation is the one due to
Giuseppe Peano, and briefly remind the reader of its fundamental fifth axiom, the
so-called induction principle:
Axiom 1.9 (Induction Principle) Let p(n) be a property depending on a natural
number n; suppose that p(0) holds and that for all m in N we have that p(m) implies
p(m + 1). Then p(n) holds for all n.
When using this principle to prove a statement, verifying that p(0) holds is often
called the base (of the induction), while proving that p(m) implies p(m + 1)
constitutes the inductive step. The principle of induction may be stated under various
equivalent forms. For example,
Proposition 1.10 (Induction Principle—Second Form) Let p(n) be a property
depending on a natural number n; suppose that p(0) holds and that for all natural
numbers m we have that p(m + 1) is implied by the conjunction of p(0), p(1), . . .,
p(m − 1), p(m). Then p(n) holds for all n.
In this second version we may assume that p(0), p(1), . . ., p(m) all hold in order
to prove p(m + 1) in the inductive step.
Another equivalent formulation which can prove useful is the so-called well-
ordering principle
Proposition 1.11 (Well-Ordering Principle) Every nonempty subset A of N con-
tains a least element, i.e. an element a ∈ A such that a ≤ b for all b ∈ A.
8 1 Theory

We shall call a sequence in a set X a map N −→ X; we will use the notation

(an )n rather than n −→ an when dealing with sequences.
We now wish to define a sequence (an )n in X by choosing its initial value a0 =
x ∈ X and, for each n, by somehow constructing the term an+1 from the preceding
terms a0 , a1 , . . . , an−1 , an . This may be done by considering maps fn : Xn −→ X
with n ≥ 1 and setting an+1 = fn+1 (a0 , a1 , . . . , an−1 , an ) for each n. When a
sequence (an )n is constructed in this way, we shall say it is recursive or defined
by recursion. The fact that the process of recursion is well-founded constitutes yet
another equivalent form of the principle of induction:
Proposition 1.12 (Principle of Recursion) Let X be a set and x an element of X;
suppose we are given, for each n ∈ N, a map fn : Xn −→ X. Then there is a
unique sequence (an )n for which a0 = x and an+1 = fn+1 (a0 , a1 , . . . , an−1 , an )
for all n ∈ N.
An example of a recursive definition is given by the sequence (Fn )n of Fibonacci
numbers: these are defined so that F0 = 0, F1 = 1 and, for all n ≥ 1, Fn+1 =
Fn + Fn−1 . The first few terms of the sequence are

0, 1, 1, 2, 3, 5, 8, 13, 21, . . .

This definition befits the framework of the proposition above by taking X = N,

x = 0, f1 (a0 ) = 1 and fn+1 (a0 , a1 , a2 , . . . , an ) = an−1 + an for all n ≥ 1.

1.5 Operations

Our study of algebra is mainly concerned with sets on which operations having
certain properties can be defined in a natural way. An operation on a set X is a
map from the Cartesian product X × X to X. Instead of denoting operations as we
generally denote maps, we shall typically indicate the result of some operation ◦,
applied to an ordered pair (x, y) of elements of X, by x ◦ y; the operation ◦ is thus
the map
◦
X×X (x, y) −→ x ◦ y ∈ X.

We shall also say that x ◦ y is the composition of x and y via the operation ◦.
An operation ◦ is said to be associative if (x◦y)◦z = x◦(y◦z) for all x, y, z ∈ X.
Given n elements x1 , x2 , . . . , xn of X and an associative operation ◦, one can give
an unambiguous meaning to the expression x1 ◦ x2 ◦ · · · ◦ xn ; indeed, pairing up
elements arbitrarily will always yield the same final result.
An operation ◦ is said to be commutative if x ◦ y = y ◦ x for all x, y ∈ X. If an
operation is both commutative and associative then the composition x1 ◦ x2 ◦ · · · ◦ xn
does not depend on the order of its terms.
1 Fundamentals 9

A neutral element e for an operation ◦ on a set X is an element of X such that

e ◦ x = x ◦ e = x for all x ∈ X. One can easily prove that, if an operation admits a
neutral element, then such an element is unique.
When an operation ◦ admits a neutral element e, we say that y is a left inverse of
x if y ◦ x = e. Similarly, a right inverse of x is an element y such that x ◦ y = e and,
finally, an inverse of x is an element which is both a left inverse and a right inverse
of x.
Given an operation ◦ on a set X and a subset Y of X, we say that Y is closed
under ◦ if for all pairs of elements y1 , y2 in Y we have y1 ◦ y2 ∈ Y . If Y is closed
under ◦, then we may restrict ◦ to an operation on Y by setting Y ×Y (y1 , y2 ) −→
y1 ◦ y2 ∈ Y . Usually, the operation restricted to Y is denoted by the same symbol as
the operation on X.
Given two operations ◦ and + on a set X, we say ◦ distributes over + if for all
x, y, z ∈ X we have (x + y) ◦ z = (x ◦ z) + (y ◦ z) and x ◦ (y + z) = (x ◦ y) + (x ◦ z).

1.6 Numbers

Throughout the book we shall use several number sets, mostly as examples of
algebraic structures. These can all be constructed from the set of natural numbers
introduced in Sect. 1.4. For instance, the set Z of integers can be seen as “natural
numbers endowed with a sign” and can be formally defined as N × N modulo the
equivalence relation ∼ such that (n, m) ∼ (h, k) if and only if n + k = m + h.
Indeed, the equivalence class of (n, m) under ∼ is the integer n − m. Addition and
multiplication of natural numbers can be extended to integers. Moreover, while the
equation x + a = b can be solved within the set of natural numbers if and only if
a ≤ b, it always admits the solution b − a in the set of integers.
The set Q of rational numbers can be constructed in a similar way, by taking
Z × (Z \ {0}) modulo the equivalence relation ∼, where we set (n, m) ∼ (h, k) if
nk = mh; the equivalence class of (n, m) is the rational number n/m. Once more,
the operations on Z can be extended to Q. While the equation ax = b is solvable in
Z if and only if b is a multiple of a, it is always possible to find a solution in Q as
long as a = 0: in particular, one has the rational solution b/a. There are, however,
equations that do not admit rational solutions, such as x 2 − 2 = 0.
One may perform another extension and introduce the set R of real numbers.
Constructing the set R proves rather more complicated. Although the Greeks had
already understood several properties of real numbers, which they investigated
within the scope of what they called the “theory of proportions”, it was not until
the end of the 19th century that a formal definition was given. Here we shall merely
mention that several different routes are possible; for example, employing Cauchy
sequences of rationals or Dedekind cuts. Both options involve “completing” Q
by including all quantities that may be approximated with arbitrary precision√by
rational numbers, but do not belong to Q. For example, R contains the number 2,
which is a solution to the equation x 2 − 2 = 0 above. Even at this juncture the task
10 1 Theory

of rendering all polynomial equations solvable is not yet complete: the equation
x 2 + 1 = 0, for example, still has no solution even over the reals, since the square
of a real number can never be negative.
We shall now spend a few words discussing the next step in this sequence
of extensions, i.e. complex numbers. The definition does not pose any serious
difficulty, once the set of real numbers has been constructed. Indeed, we shall
call any ordered pair (a, b) of real numbers a complex number. Traditionally, the
complex number (a, b) is denoted by a + ib; the symbol i is called the imaginary
unit, the number a is called the real part and the number b the imaginary part.
Addition and multiplication of complex numbers are defined as follows:

(a + ib) + (c + id) = (a + c) + i(b + d)

(a + ib)(c + id) = (ac − bd) + i(ad + bc).

By considering complex numbers of the form a + i · 0, one immediately finds

that the set of real numbers can be naturally identified with a subset of the set C of
complex numbers. One can easily show that, under this identification, the operations
on C extend the operations on real numbers. The definition given above for the
product of two complex numbers is devised in order to have i 2 = (0 + i · 1)2 = −1:
the number −1 now has a square root. In other words, the equation x 2 + 1 = 0
admits the two complex solutions ±i.
A complex number of the form 0+ib is called (purely) imaginary. It is sometimes
useful to think of complex numbers as points in a Cartesian plane, called the complex
plane, whose x-axis is that of real numbers and whose y-axis contains purely
imaginary numbers: a complex number a + ib has abscissa a and ordinate b in
the complex plane. According to this representation, the origin corresponds to the
number 0 = 0 + i · 0, which is the addition’s neutral element. The notation for
complex numbers we have been discussing so far is called algebraic form.
Given a complex number z = a + ib we shall call the number z = a − ib
the complex conjugate of z. The point corresponding to z is the symmetric point
of z with respect to the real axis in the complex plane.√The distance between the
point z and the origin is given by the quantity |z| = a 2 + b 2 and is called the
modulus of z. Notice that we have |z|2 = z · z; from this, one can obtain the formula
1/z = z/|z|2 for the inverse of a nonzero complex number z. In particular, for
a complex number whose modulus is equal to 1 (a point on the unit circle in the
complex plane), z−1 = z.
If z = 0, we denote by θ the argument of z, that is, the angle between the positive
real axis and the segment joining the point z to the origin 0; we then have

z = |z|(cos θ + i sin θ ).

Euler’s formula

eiθ = cos θ + i sin θ,

1 Fundamentals 11

is the fundamental relationship between the complex exponential map and the
trigonometric functions. It allows us to express a complex number z in its polar
form

z = |z|eiθ .

When z = 0 the argument θ is not defined, but whenever z = 0 the polar form
for z is unique up to adding integer multiples of 2π to θ . Notice that, as θ varies,
the complex number |z|eiθ moves along the circle with centre 0 and radius |z|. In
particular, by Euler’s formula we know that the map θ −→ eiθ parametrises the unit
circle.
The polar form is especially well suited to compute powers of a complex number.
Indeed, we can immediately obtain that, given a complex number z = |z|eiθ and an
integer n, we have

zn = |z|n einθ ;

in other words, zn is the complex number whose modulus is |z|n and whose
argument is nθ . Analogously we can find the nth roots of z, i.e. the complex numbers
ζ such that ζ n = z, by
 θ +2kπ
n
|z|ei n , with k = 0, 1, 2, . . . , n − 1.

Notice that, when z = 0, the number of distinct nth roots of z is n. If we set z = 1,

the formula above gives the nth roots of unity, which will be especially important
for our purposes:

2πk 2πk
e2πik/n = cos + i sin , with k = 0, 1, 2, . . . , n − 1.
n n

Also notice that, setting ζn = e2πi/n , all nth roots of unity can be obtained as 1, ζn ,
ζn2 , . . ., ζnn−1 .
We shall conclude this brief introduction to number sets by remarking that every
equation of the form

an x n + an−1 x n−1 + · · · + a1 x + a0 = 0,

where a0 , a1 , . . . , an−1 , an are complex numbers and an = 0, admits a solution in

C if n > 0: there is no further need to extend the set of numbers to solve polynomial
equations. Throughout the rest of the book we shall study polynomial equations
in detail, focusing on the process—encountered several times in this section—of
extending number sets by adding solutions to certain equations.
Finally, notice that the familiar addition and multiplication between integer,
rational, real and complex numbers are associative and commutative. In all cases the
neutral element for the addition operation is always the number 0 and the additive
12 1 Theory

inverse of a number a is denoted by −a. The multiplication operation has 1 as

neutral element and distributes over addition.

2 Combinatorics

A set X is finite if it has a finite number of elements; we call this number the
cardinality of X and denote it by |X|. When X is not finite we say it is infinite
and has infinite cardinality. Two finite sets have the same cardinality if and only if
there is a bijection between them. In particular, X is finite with cardinality n if and
only if there is a bijective map between {1, 2, . . . , n} and X; in that case, we can
enumerate the elements of X and write X = {x1 , x2 , . . . , xn }.
With a finer definition, one could distinguish between different cardinalities for
infinite sets; this, however, would go beyond the scope of this work: we shall be
content with the ability to distinguish infinite sets from finite ones.
A first remark one can make about finite sets is the following:
Remark 2.1 A map X −→ Y between finite sets with the same cardinality is
injective if and only if it is surjective, if and only if it is bijective.
Given two finite sets X = {x1 , x2 , . . . , xn } and Y = {y1 , y2 , . . . , ym }, the
Cartesian product X×Y consists of all pairs of the form (xi , yj ) with i = 1, 2, . . . , n
and j = 1, 2, . . . , m. We therefore have
Remark 2.2 If X and Y are finite sets then

|X × Y | = |X| · |Y |.

On the other hand, if one of the two sets is infinite and the other is nonempty, then
their Cartesian product is also infinite.
A map f : X −→ Y , where X has cardinality n, can be described completely by
an n-tuple of elements of Y ; that is, there is a bijection between Y X and Y n . In
particular,
Remark 2.3 Given two finite sets X and Y that are not both empty, the cardinality
of the set Y X of maps from X to Y is given by

|Y X | = |Y ||X| .

On the other hand, if one of the two sets is infinite and the other one is nonempty,
then Y X is also infinite.
Each subset A of X has a corresponding characteristic function χA : X −→ {0, 1},
constructed so that χA (x) = 1 if x ∈ A and χA (x) = 0 if x ∈ A. Subsets of X are
in bijection with the set of their corresponding characteristic functions, so that
2 Combinatorics 13

Remark 2.4 If X is a finite set then the cardinality of its power set P(X) is

|P(X)| = 2|X| ;

on the other hand, if X is infinite then P(X) is also infinite.

The number of injective maps from a set X with n elements to a set Y with m
elements is easy to find; one need only notice that an injective map corresponds to
the choice of n distinct elements of Y , in some order.
Remark 2.5 Let |X| = n and |Y | = m. If n > m then there are no injective maps
from X to Y . If n ≤ m then the number of injective maps from X to Y is m(m −
1)(m − 2) · · · (m − n + 1).
The content of this remark for n > m is sometimes expressed as follows:
Remark 2.6 (Pigeonhole Principle) If n items are put into m boxes and n > m then
there is a box that contains more than one item.
The factorial n! of a natural number n is recursively defined by 0! = 1 and, for
all n ≥ 0, (n + 1)! = (n + 1) · n!. Clearly, this is equivalent to setting n! =
n · (n − 1) · · · 2 · 1. Thanks to Remark 2.1, a special case of the formula above for
the number of injective functions is given by
Remark 2.7 The number of permutations of a set of n elements is n!.
As we will see later, permutations of a set with n elements form a fundamental
object in group theory; if X = {1, 2, . . . , n}, then the set S(X) of permutations
of X is simply denoted by Sn . Thanks to the remark we just made, we know that
|Sn | = n!.
The power set P(X) of a set X consisting of n elements can be partitioned
according to the cardinality of its elements, as follows:


n
P(X) = {A ⊆ X | |A| = k}.
k=0

Moreover, from the above we immediately obtain

Remark 2.8 If |X| = n and 0 ≤ k ≤ n, then the number of subsets of X having
cardinality k is

n · (n − 1) · · · (n − k + 1)
.
k!
This is a fact of great importance in combinatorics. Given n ≥ 0 and 0 ≤ k ≤ n we
shall define the binomial coefficient indexed by n, k as
 
n n · (n − 1) · · · (n − k + 1) n!
= = .
k k! k!(n − k)!
14 1 Theory


Note that, in particular, n0 = 1: indeed, the only zero-element subset of X is the

empty set. Moreover, we have nn = 1, and indeed the only n-element subset of X is

X itself. It is sometimes useful to extend the meaning of the symbol nk by defining
it as 0 for all k < 0 and k > n.
Binomial coefficients satisfy several useful identities; two of the main ones are
Remark 2.9 For all n ≥ 0 we have
   
n n
=
n−k k

and also
     
n+1 n n
= + .
k k k−1

The secondidentity can be used as a recursive definition for binomial coefficients if
we first set 00 = 1 and 0k = 0 for all k = 0.
From the partition of P(X) according to cardinalities we obtain one more
identity:
Remark 2.10 For all natural numbers n we have
n  
n
= 2n .
k
k=0

It is common to
 arrange binomial coefficients into a triangle whose rows consist of
the values of nk for a fixed n. The first six rows of this triangle, called Pascal’s
triangle, are

1
1 1
1 2 1
1 3 3 1
1 4 6 4 1
1 5 10 10 5 1

Binomial coefficients appear in the algebraic expansion of the powers of binomials.

Theorem 2.11 (Binomial Theorem) Given two numbers a and b and a non-
negative integer n, we have
n  
n k n−k
(a + b) = n
a b .
k
k=0
3 Integers 15

Actually, the formula above holds for all elements a, b of any commutative ring: we
will mention this again in the chapter about rings.
Given two subsets X1 and X2 of a set X such that X = X1 ∪ X2 , we have

|X| = |X1 | + |X2 | − |X1 ∩ X2 |.

This is because elements of X1 ∩X2 belong to both subsets and are therefore counted
twice in the sum |X1 | + |X2 |. The formula above is a special case of the following
Proposition 2.12 (Inclusion-Exclusion Principle) If X is a finite set and
X1 , X2 , . . . , Xk are subsets of X such that X1 ∪ X2 ∪ · · · ∪ Xk = X then we
have

|X| = (−1)h+1 |Xi1 ∩ Xi2 ∩ · · · ∩ Xih |,

where the sum is over h = 1, . . . , k and all h-tuples (i1 , i2 , . . . , ih ) with 1 ≤ i1 <
i2 < · · · < ih ≤ n.
For example, the case k = 3 of the inclusion-exclusion formula above is

|X| = |X1 | + |X2 | + |X3 | − |X1 ∩ X2 | − |X1 ∩ X3 | − |X2 ∩ X3 | + |X1 ∩ X2 ∩ X3 |.

Naturally, if we assume that {X1 , X2 , . . . , Xk } is a partition of the set X, then we

have

|X| = |X1 | + |X2 | + . . . + |Xk |.

3 Integers

3.1 Divisibility of Integers

At the foundation of integer arithmetic is the concept of Euclidean division, which

we recall in the following
Proposition 3.1 (Euclidean Division) Given an integer a and a positive integer m,
there exist a unique integer q, called the quotient, and a unique non-negative integer
r, called the remainder, such that a = q · m + r and 0 ≤ r < m.
If, when performing Euclidean division, we find that r = 0, then we have a = q · m
and we write m | a: we shall say that a is a multiple of m or that m is divisible by a
and we shall call m a divisor of a. If m does not divide a, then we write m  a. Only
the integers ±1 divide 1, whereas every nonzero integer divides 0.
Given two integers a and b at least one of which is nonzero, we shall call greatest
common divisor of a and b any positive integer m such that: m is a divisor of a and
16 1 Theory

a divisor of b and, if n is a common divisor of a and b, then n divides m. Using

Euclidean division, one can show
Proposition 3.2 The greatest common divisor m of two integers at least one of
which is nonzero exists and is unique. Moreover, there exist two integers x and y
such that m = xa + yb; this identity is called Bézout’s identity.
We shall write (a, b) for the greatest common divisor of a and b. Remark that
(a, b) = (|a|, |b|), that is, we may always assume that a and b are non-negative.
In order to compute the greatest common divisor, one can use
Proposition 3.3 (Euclid’s Algorithm) Suppose a and b are non-negative integers
with a ≥ b; set r0 = a, r1 = b. If for k ≥ 1 we have rk > 0 then define rk+1
recursively as the remainder in the Euclidean division of rk−1 by rk . Since r0 >
r1 > r2 > . . . ≥ 0, after a finite number of steps (n, say) we have rn = 0. Then
(a, b) = rn−1 .
This algorithm can be used to produce an explicit solution (x, y) of Bézout’s
identity. Iteratively replacing rk with its expression in terms of preceding remainders
until one gets back to the equation a = qb + r1 yields an identity involving only a,
b and the last nonzero remainder rn−1 = (a, b).
Two integers are said to be relatively prime when (a, b) = 1; this, in turn, holds
if and only if there exist integers x, y such that xa + yb = 1.
Remark 3.4 (Euclid’s Lemma) If m divides the integer product a · b and integers m
and a are relatively prime, then m divides b.
Thanks to Euclid’s lemma, we can easily find all solutions of Bézout’s identity:
Proposition 3.5 Let a, b be two integers at least one of which is nonzero; let m be
their greatest common divisor and let (x0 , y0 ) be a solution of Bézout’s identity for
a, b. Then all pairs of integers satisfying Bézout’s identity are given by

b a
(x0 + k , y0 − k ), k ∈ Z.
m m
We call linear Diophantine equation in the two integer indeterminates x and y
an equation of the form ax + by = c with integer coefficients a, b and c. More
generally, any equation with integer coefficients for which we seek integer solution
is called a Diophantine equation. Solving such equations is quite different from
solving equations in the reals and usually turns out to be very difficult. We might
almost say that the Mathematics of today is only adequate for solving linear and
quadratic Diophantine equations; cubic equation already cross into a new intricate
and fascinating algebraic world inhabited by such objects as elliptic curves.
In Preliminary Exercise 7, we deal with the linear case by means of Bézout’s
identity, which we use to prove
Proposition 3.6 The Diophantine equation ax + by = c has a solution if and only
if the greatest common divisor m = (a, b) divides the constant term c. In that case,
3 Integers 17

given a solution (x0 , y0 ), all solutions are of the form

b a
(x0 + k , y0 − k ), k ∈ Z.
m m
Let us now present the central definition in integer arithmetic. A positive integer
p is said to be prime if it has exactly two positive divisors, that is, 1 and p. Note
that 1 is not prime. Given an integer n and a prime p, the greatest common divisor
(p, n) can only be p (if p divides n) or 1 (if p does not divides n). It immediately
follows that
Remark 3.7 If a prime p divides an integer product a · b and p does not divide a,
then p divides b.
A classical result from ancient Greek arithmetic states that each integer can be
written as a product of primes in an essentially unique way; it is the
Theorem 3.8 (Fundamental Theorem of Arithmetic) Given a positive integer
n > 1 there exist (not necessarily distinct) primes p1 , p2 , . . . , pr , unique up to
reordering, such that n = p1 p2 · · · pr .
Given a prime p and an integer n, we say that a power pe exactly divides n if pe
divides n and pe+1 does not divide n. In other words, pe exactly divides n if and
only if the prime p appears in the factorisation of n with exponent e.
Given two integers a and b at least one of which is nonzero, we shall define
their least common multiple, denoted by [a, b], as a common multiple of a and b
that is divisible by every common multiple of a and b. Analogously to the greatest
common divisor, the least common multiple exists and is unique; moreover, we have
(a, b)[a, b] = ab if ab ≥ 0. The definition of least common multiple is the dual of
that of greatest common divisor, thus the two objects share many similar properties.

3.2 Congruences

In his 1801 book “Disquisitiones Arithmeticae”, Carl Friedrich Gauss introduced

what would turn out to be one of the most important relations between integers in
elementary arithmetic. We say that an integer a is congruent to an integer b modulo
n, and write a ≡ b (mod n), if a − b is a multiple of n. It is easy to show that the
relation of “congruence” is an equivalence relation.
The equivalence class of an integer a, that is, the set of all integers congruent to
a, is denoted by [a]n and consists of the set {a + kn | k ∈ Z}. In other words, [a]n
is the set of all integers having the same remainder as a in the division by n. If the
modulus n can be inferred from the context, we may alternatively denote the class
[a]n by a.
As is the case with all equivalence relations, congruence classes modulo n form
a partition of Z. A possible set of representatives is {0, 1, 2, . . . , n − 1}: these are
18 1 Theory

called residues modulo n. Note that, in particular, the number of equivalence classes
is n; naturally, any set of n integers with different remainders in the division by n is
a set of representatives for the congruence classes modulo n. Remark that any set of
n consecutive integers is a set of representatives.
The quotient of Z by the congruence relation modulo n is denoted by Z/nZ. We
shall find out later, when discussing groups, the reason behind this specific notation:
for now, we shall interpret it as a reminder that we are identifying integers that differ
by a multiple of n, that is, by an element of nZ.
Here are some properties of the relation of congruence modulo n.
Proposition 3.9 Let a and b be integers such that a ≡ b (mod n). We have
(i) (a, n) = (b, n),
(ii) if m | n then a ≡ b (mod m),
(iii) if we also have a ≡ b (mod m) then a ≡ b (mod [n, m]).
The second property is equivalent to the following: if n is a multiple of m then the
partition given by the congruence classes modulo n is a finer partition than that given
by the congruence classes modulo m. Indeed, we have

[a]m = [a + mh]n .
n
h=0,1,..., m −1

Thus, when n is a multiple of m, there is a map from Z/nZ to Z/mZ sending the
class [a]n to [a]m , which renders the following diagramme commutative

a n a m

as remarked in the section about relations.

The relation of congruence modulo n is compatible with integer addition and
multiplication.
Proposition 3.10 Given integers a, b, a and b such that a ≡ b (mod n) and
a ≡ b (mod n), we have a + a ≡ b + b (mod n) and a · a ≡ b · b (mod n).
In particular, if we have a ≡ b (mod n) and k is any integer, then we have
ka ≡ kb (mod n). Let us also explicitly note that the converse of our previous
remark is false in general: for example, 2 · 2 ≡ 2 · 0 (mod 4), but 2 ≡ 0 (mod 4).
A weaker but accurate converse statement is the following
Proposition 3.11 Given integers a, b and k with k = 0,
n
ka ≡ kb (mod n) implies a ≡ b (mod ).
(n, k)
3 Integers 19

In particular, if the factor k and the modulus n are relatively prime, then

ka ≡ kb (mod n) if and only if a ≡ b (mod n).

In particular, in the example above what we can correctly deduce from 2 · 2 ≡ 2 · 0

(mod 4) is that 2 ≡ 0 (mod 2), because 4/(4, 2) = 2.
What has been recalled so far, though elementary, already has some con-
sequences that are not completely trivial. For example, by using the base 10
representation of the integers together with congruences modulo 3, one can deduce
the well-known divisibility rule for 3, which easily follows from 10 ≡ 1 (mod 3).
One can similarly deduce divisibility rules for 2, 4, 5, 9, 11 and 25, and more
elaborate rules for 7 and 13.
A first nontrivial fact about residue classes modulo a prime is the following
Theorem 3.12 (Freshman’s Dream) Given a prime p, for all pairs of integers a
and b we have

(a + b)p ≡ a p + b p (mod p).

The
p proof of this theorem is immediate if one notices that all binomial coefficients
h , where p is prime and 1 ≤ h ≤ p − 1, are divisible by p.
Using Theorem 3.12, one can prove by induction
Theorem 3.13 (Fermat’s Theorem) Given a prime p, we have

a p ≡ a (mod p)

for all integers a.

An immediate corollary of the theorem above is among the first nontrivial results
about prime numbers to appear after Euclid’s time:
Corollary 3.14 (Fermat’s Little Theorem) Given a prime p and an integer a such
that a and p are relatively prime, we have a p−1 ≡ 1 (mod p).
Finding the solution of a linear congruence, that is, of an equation of the type
ax ≡ b (mod n), where x is the indeterminate and a, b are integers, amounts to
solving the Diophantine equation ax + ny = b in the indeterminates x and y. One
immediately obtains
Proposition 3.15 The linear congruence ax ≡ b (mod n) has a solution if and
only if m = (a, n) divides b, in which case, given a solution x0 , all solutions are
given by
n
[x0 + k ]n for k = 0, 1, . . . , m − 1.
m
In particular, there are m solutions modulo n.
20 1 Theory

In order to solve systems of linear congruences, the following theorem is of

fundamental importance.
Theorem 3.16 (Chinese Remainder Theorem) Given r nonzero integers
n1 , n2 , . . . , nr that are pairwise relatively prime and r integers a1 , a2 , . . . , ar ,
the system of congruences
⎧
⎪ x ≡ a1 (mod n1 )
⎪
⎪
⎨ x ≡ a2 (mod n2 )
⎪ ..
⎪
⎪ .
⎩
x ≡ ar (mod nr )

has a unique solution modulo n1 n2 · · · nr .

At the end of the next section, we will see how the solution of such a system can
be computed.

3.3 Modular Arithmetic

The properties of compatibility for the congruence relation modulo a nonzero

integer n that were discussed in the previous section allow us to define two
operations on the quotient set Z/nZ of residue classes modulo n.
We shall define the addition + and the multiplication · on pairs of residue classes
[a]n , [b]n by

[a]n + [b]n = [a + b]n [a]n · [b]n = [ab]n.

These operations are well defined: their result does not depend on the representatives
a and b chosen in Z for the classes [a]n and [b]n , but only on the residue classes
themselves; this follows directly from Proposition 3.10.
From standard properties of the integers, one obtains the following corresponding
results:
Theorem 3.17
(i) The operations + and · are associative, that is,

([a]n +[b]n)+[c]n = [a]n +([b]n +[c]n), ([a]n ·[b]n)·[c]n = [a]n ·([b]n ·[c]n )

for all [a]n , [b]n , [c]n ∈ Z/nZ.

(ii) The operations + and · are commutative, that is,

[a]n + [b]n = [b]n + [a]n , [a]n · [b]n = [b]n · [a]n

for all [a]n , [b]n ∈ Z/nZ.

3 Integers 21

(iii) The addition’s neutral element is the class [0]n and the multiplication’s neutral
element is the class [1]n . Moreover, the inverse of the element [a]n ∈ Z/nZ
with respect to the operation + is the element [−a]n ∈ Z/nZ.
(iv) The operation · distributes over the operation +, that is,

[a]n · ([b]n + [c]n ) = [a]n · [b]n + [a]n · [c]n

for all [a]n , [b]n , [c]n ∈ Z/nZ.

As opposed to the addition, not all classes do have an inverse for the multiplica-
tion: for instance, [2]4 does not have an inverse in Z/4Z. The classes [a]n such that
their inverse for the multiplication does exist are called invertible. The class [a]n is
invertible if there exists a class [b]n such that [a]n [b]n = [1]n . The set of invertible
classes modulo n is denoted by (Z/nZ)∗ .
The criterion for the existence of solutions of a linear congruence implies that a
class [a]n is invertible if and only if (a, n) = 1. Therefore, it is clear that the product
of two invertible classes is itself invertible. In other words, the multiplication can be
restricted to the subset (Z/nZ)∗ and induces an operation on (Z/nZ)∗ which will
still be denoted by ·. In the special case of congruences modulo p, where p is prime,
we have (Z/pZ)∗ = Z/pZ \ {[0]p }, that is, every nonzero class is invertible.
In order to compute the inverse of a class [a]n one can use Bézout’s identity.
Indeed, from (a, n) = 1 it follows that there are integers b and c, which one
can compute explicitly by means of Euclid’s algorithm, such that ab + nc = 1.
Considering this equality modulo n yields ab ≡ 1 (mod n), so [b]n is the inverse
of [a]n .
One may state the Chinese remainder theorem for systems of congruences in an
equivalent form involving residue classes:
Theorem 3.18 Given two nonzero, relatively prime integers m and n, the map

Z/mnZ [a]mn −→ ([a]m , [a]n ) ∈ Z/mZ × Z/nZ

is bijective.
The following is a direct corollary:
Corollary 3.19 Let m and n be relatively prime, nonzero integers. The class [a]mn
is invertible if and only if [a]m and [a]n are both invertible. Moreover, the map
[a]mn −→ ([a]m , [a]n ) from (Z/mnZ)∗ to (Z/mZ)∗ × (Z/nZ)∗ is bijective.
The so-called Euler’s totient function n −→ φ(n) maps the integer n to the
number φ(n) of integers between 1 and n that are coprime to n. This map plays
a very important role in modular arithmetic. As seen above, φ(n) is equal to the
number of invertible classes modulo n, that is, φ(n) also represents the cardinality
of (Z/nZ)∗ . For instance, we have φ(p) = p − 1.
A map f defined on N is said to be multiplicative if, for all pairs of relatively
prime natural numbers n and m, we have f (nm) = f (n)f (m). The corollary above
22 1 Theory

implies that Euler’s totient function is multiplicative. By considering the numbers

between 1 and pe that are not divisible by p, it is easy to see that φ(pe ) = (p −
1)pe−1 for all integers e ≥ 1. We have thus shown the following formula:
Remark 3.20 If n = p1e1 p2e2 · · · prer is the prime factorisation of n, with pi = pj for
i = j and ei ≥ 1 for all i, then


r
φ(n) = (pi − 1)piei −1 .
i=1

Corollary 3.14 can also be expressed as follows: if p is prime and a is not

divisible by p, then a φ(p) ≡ 1 (mod p). This form can be generalised to become
Theorem 3.21 (Euler’s Theorem) Given an integer a which is coprime to the
modulus n, we have a φ(n) ≡ 1 (mod n).
We shall conclude this discussion of congruences by illustrating in detail some
methods one can use to solve linear systems of congruences whose equations have
coprime moduli, as in the statement of the Chinese remainder theorem. Consider the
system of two congruences

x ≡ a1 (mod n1 )
x ≡ a2 (mod n2 )

where n1 and n2 are relatively prime. Solving this system amounts to finding
integers u and v such that x = a1 + un1 and x = a2 + vn2 . In other words, u
and v must be solutions of the linear Diophantine equation

n1 u − n2 v = a2 − a1 .

The solution of equations of this type is fully worked out in Preliminary Exercise 7.
Once we have u and v, the solution of the original system is the residue class of
x0 = a1 + un1 = a2 + vn2 modulo n1 n2 . We know that the solution is unique
modulo n1 n2 . Equivalently, all solutions are of the form x0 + hn1 n2 , for h in Z.
Let us now move on to system consisting of r linear congruences, for some r ≥ 2,
of the form
⎧
⎪
⎪x ≡ a1 (mod n1 )
⎪
⎪
⎪
⎨x ≡ a2 (mod n2 )
x ≡ a3 (mod n3 )
⎪
⎪ ..
⎪
⎪
⎪
⎩
.
x ≡ ar (mod nr )
3 Integers 23

where n1 , n2 , . . . , nr are pairwise relatively prime. The subsystem given by the first
two congruences can be solved with the method described above, which gives us a
unique solution x0 modulo n1 n2 . We can then consider the equivalent system
⎧
⎪
⎪ x ≡ x0 (mod n1 n2 )
⎪
⎨ x ≡ a3 (mod n3 )
⎪ ..
⎪
⎪ .
⎩
x ≡ ar (mod nr )

which consists of r − 1 congruences. We repeatedly solve the first two congruences

and decrease the number of congruences in the system until we find the solution.
Let us now discuss a different method for solving the system above. We know
that the solution is unique modulo n1 n2 · · · nr . In order to produce the solution, we
shall first find integers x1 , x2 , . . . , xr such that, for i = 1, 2, . . . , r, we have xi ≡ 0
(mod nj ) for all j = i and xi ≡ 1 (mod ni ). In other words, x1 , x2 , . . . , xr are
solutions of the systems
⎧ ⎧ ⎧
⎪
⎪ x1 ≡ 1 (mod n1 ) ⎪
⎪ x2 ≡ 0 (mod n1 ) ⎪
⎪ xr ≡ 0 (mod n1 )
⎪
⎨ x1 ≡ 0 (mod n2 ) ⎪
⎨ x2 ≡ 1 (mod n2 ) ⎪
⎨ xr ≡ 0 (mod n2 )
.. .. ... ..
⎪
⎪ . ⎪
⎪ . ⎪
⎪ .
⎪
⎩ ⎪
⎩ ⎪
⎩
x1 ≡ 0 (mod nr ) x2 ≡ 0 (mod nr ) xr ≡ 1 (mod nr ).

Once we have solved each of these systems, it is clear that the solution of the original
system is given by

x0 ≡ a1 x1 + a2 x2 + . . . + ar xr (mod n1 n2 · · · nr ).

In order to find the integer x1 (and similarly x2 , . . . , xr ) it is enough to remark

that we must have x1 = y1 n2 · · · nr for some integer y1 . Moreover, n2 · · · nr is an
invertible class modulo n1 , given our assumptions about the moduli n1 , n2 , . . . , nr .
We can therefore obtain y1 by solving the equation y1 (n2 · · · nr ) ≡ 1 (mod n1 ) or,
equivalently, y1 ≡ (n2 · · · nr )−1 (mod n1 ). This congruence is again equivalent to
a linear Diophantine equation which we can solve explicitly.
This second method for solving linear systems via the auxiliary solutions
x1 , x2 , . . . , xr can prove especially efficient when we wish to solve several systems
whose equations have the same moduli n1 , n2 , . . . , nr but different constant terms
a1 , a2 , . . . , ar .
The remarks we just made about explicit ways of computing the solutions of
a system of linear congruences will be used repeatedly, often without referencing
them, in the solutions of the exercises.
24 1 Theory

4 Groups

4.1 Definition and Basic Properties

One of the fundamental structures in algebra is that of a group. Though simple

enough to be defined in a few lines, groups truly play a crucial role: all of the more
complex structures we will encounter throughout the book will be based on groups.
A nonempty set G endowed with an operation · is called a group if
(i) the operation · is associative,
(ii) there exists an element e in G, called the neutral element, such that g · e = g =
e · g for all g in G,
(iii) for each element g of G there exists an element h ∈ G, called the inverse of g,
such that g · h = e = h · g.
Throughout the book we will say that (G, ·) is a group to mean that · is an
operation on the set G which makes it a group. When the operation is clear from
the context we will simply say that G is a group. We shall occasionally also omit
the group operation symbol · when composing elements and simply write gh for the
composition g · h of g and h in G.
There are innumerable examples of groups: the set Z of integers, endowed with
the addition operation; the set Q∗ of nonzero rational numbers, endowed with
multiplication; the set R∗ of nonzero real numbers, as well as the set C∗ of nonzero
complex numbers, endowed with multiplication; the set Sn of all permutations of n
elements, endowed with the composition operation.
It is very easy to show that the neutral element in a group is unique. It is also
easy to show that, given g in a group, the inverse of g is unique: we will denote it
by g −1 .
In general, given a positive integer n and an element g in a group, we define g n
as the composition of g with itself performed n times, and set g −n = (g n )−1 . The
usual rules for powers still hold in this context, namely we have g n · g m = g n+m
and (g n )m = g nm for all natural numbers n and m.
Given two elements g and h in a group, we say they commute if gh = hg. If
the operation on G is commutative, that is, if gh = hg for all g and h in G (every
two elements commute), we say that the group itself is commutative or Abelian.
It is customary to denote the operation of an Abelian group by +, or to use the
additive notation. When using the additive notation, we write −g for the inverse of
an element g and ng for the composition g n . Clearly, we have (n + m)g = ng + mg
and (nm)g = n(mg) for all natural numbers n and m.
The order of a group G is the cardinality of the set G and is denoted by |G|. The
order of G is the number of elements in G if G is finite and is infinite otherwise.
The order of a single element g is the smallest positive integer n such that g n = e,
if such an integer exists; if g n = e for all positive n then we say that g has infinite
order. We denote the order of g by ord(g).
4 Groups 25

Note that the set Z/nZ of all congruence classes modulo a nonzero natural
number n is a group when endowed with the operation + of addition between
classes; this immediately follows from Theorem 3.17. Clearly, such a group is
Abelian of order n. The set (Z/nZ)∗ of invertible classes modulo n is itself an
Abelian group when endowed with the operation · of multiplication between classes;
its order is φ(n).
Our first remark about groups, which immediately follows from the definition of
a group, is
Remark 4.1 (Cancellation Laws) If, given elements g, h, k in a group G, we have
gh = gk, then h = k; similarly, if hg = kg then h = k.

4.2 Subgroups

A subset H of a group G is a subgroup if the group operation · of G can be restricted

to an operation on H that makes H into a group. We write H ≤ G to indicate that
H is a subgroup of G. In order to check whether a nonempty subset H is a subgroup
it is enough to check that for all h and k in H we have h · k ∈ H and that for all h
in H we have h−1 ∈ H .
For instance, the subset 2Z of even numbers is a subgroup of Z, as is the subset
nZ of all multiples of a fixed integer n. The subset {±1} is a subgroup of Q∗ , which
is itself a subgroup of R∗ . The subset of permutations fixing the element 1 is a
subgroup of Sn .
The subset {e} is always a subgroup for any group G and is often called the trivial
subgroup; the group G itself is also a subgroup of G, though not a proper subgroup.
We will refer to subgroups of G other than these two as proper nontrivial subgroups.
Given a group G, the subset Z(G) of elements z of G such that zg = gz for all
g in G is called the centre of G; an element z belongs to the centre if it commutes
with all elements of the group.
Remark 4.2 The centre Z(G) is a subgroup of G.
From now on, we will often mention the centre. The centre of a group is an
indicator of “how non-Abelian” the group is; for instance, G is Abelian if and only
if Z(G) = G.
Remark that the intersection of two subgroups is a subgroup, but the union of two
subgroups is not necessarily a subgroup. Given a subset X of a group G, we shall
denote by X the subgroup generated by X in G, that is, the intersection of all
subgroups of G that contain X. Remark that such a subgroup always exists, because
G always contains X. We say that X is a set of generators for the group X. The
subgroup X generated by X in G can also equivalently be defined as the smallest
subgroup of G that contains X.
A group G is cyclic if there exists an element g in G such that G = g. In this
case, the element g is a generator of G. Clearly, if G is cyclic then it is Abelian.
26 1 Theory

Moreover, if its generator g has finite order n then G = {e, g, g 2 , . . . , g n−1 }, that
is, the cyclic group generated by g has order n. Similarly, if the order of g is infinite
then we have G = {. . . , g −2 , g −1 , e, g, g 2 , . . .}.
For example, Z is an infinite cyclic group, because Z = 1. The group nZ = n
is also an infinite cyclic group, and Z/nZ = [1]n  is a cyclic group of order n.
Using Euclidean division one can easily show
Remark 4.3 Any subgroup of a cyclic group is cyclic.
This remark yields a description of all subgroups of Z:
Corollary 4.4 If H is a subgroup of Z then H = nZ for some non-negative integer
n.
As we recalled above, Z/nZ is also a cyclic group, and we will later see that it
is, in some sense, the prototype for all finite cyclic groups. In order to classify all
of its subgroups, the following remark, which follows from standard properties of
congruences, will be useful.
Remark 4.5 For all integers a the order of [a]n in Z/nZ is
n
ord([a]n ) = .
(a, n)

As we can immediately see from the formula above, ord([a]n ) always divides n =
|Z/nZ|; this, as we will see in the next section, is an example of a more general
phenomenon. Other important consequences are those of
Remark 4.6 For each divisor d of a positive integer n, the group Z/nZ contains
exactly φ(d) elements of order d; moreover, there is a unique subgroup of order d
in Z/nZ, generated by the class [n/d]n . The above is an exhaustive description of
all subgroups of Z/nZ.
Another interesting consequence follows if we list elements of Z/nZ according to
their order:

Remark 4.7 If n is a positive integer, then d | n φ(d) = n.

4.3 Product of Subgroups

Given two subsets H and K of a group G, let H K be the set of all products hk,
where h is an element of H and k an element of K. Even when H and K are
subgroups, the subset H K of G is not necessarily a subgroup of G. If G is Abelian,
then H K is indeed a subgroup. More generally, we have
Proposition 4.8 The product H K of two subgroups H and K of a group G is a
subgroup of G if and only if H K = KH .
4 Groups 27

In general, even when H K is not a subgroup, we do have some information about

its cardinality. Indeed, it is easy to see that each element of H K can be written in
the form hk for exactly |H ∩ K| pairs (h, k) in H × K. Therefore, we have
Remark 4.9 Let H and K be finite subgroups of a group G. The order of H K is
|H ||K|/|H ∩ K|.

4.4 Cosets of a Subgroup

Given a subgroup H of a group G, we introduce a relation ∼H on G as follows:

g ∼H k if and only if g −1 k ∈ H , in which case we shall say that g is congruent to
k modulo H , or that g and k are congruent modulo H . It is easy to prove that ∼H
is an equivalence relation. In particular, note that for all nonzero natural numbers n,
the relation of congruence modulo the subgroup nZ of the group Z is the same as
congruence of integers as defined previously.
We call the equivalence classes for ∼H left cosets of H in G; the name comes
from the fact that the equivalence class of g is the subset gH = {gh | h ∈ H }.
Clearly, we can define a “right” version of the relation by letting g H ∼ k if and
only if gk −1 ∈ H . Equivalence classes for this relation are the right cosets H g =
{hg | h ∈ H }. Evidently, the two relations are exactly the same in an Abelian group,
where a subset is a right coset if and only if it is a left coset.
The quotient of G with respect to the relation ∼H is denoted by G/H . When
quotienting by H ∼, we write H \G instead. Note that gH −→ H g is a bijective
correspondence between G/H and H \G.
We define the index [G : H ] of the subgroup H in G as the cardinality of the
quotient G/H . By our previous remarks, this is the same as the cardinality of H \G.
We shall mention the index of a subgroup almost exclusively when it is finite.
We shall now deduce an important property of the subgroups of a finite group.
The map h −→ gh is a bijection between H and its left coset gH ; in particular,
every left coset has the same cardinality as H . Since ∼H induces a partition of G,
we immediately have
Theorem 4.10 (Lagrange’s Theorem) The order of every subgroup of a finite
group divides of the order of the group.
This yields
Corollary 4.11 The order of every element in a group divides the order of the
group. In particular, if a finite group G has order n then g n = e holds for all
g ∈ G.
This statement directly implies Euler’s theorem (Theorem 3.21) if we remark that
the order of (Z/nZ)∗ is φ(n).
28 1 Theory

Another immediate consequence concerns groups whose order is prime. Given

an element g which is not the neutral element in a group G with prime order p, the
order of g must divide p, and thus must be p itself. We therefore have
Corollary 4.12 Any group whose order is prime is a cyclic group.
Finally, given a finite group G and a subgroup H of G, we have that [G : H ] =
|G|/|H |; in particular, the index of a subgroup of a finite group is also a divisor of
the order of the group.

4.5 Normal Subgroups

We have remarked in the previous section that, given a subgroup of an Abelian

group, its right cosets coincide with its left cosets. This is a key property: subgroups
enjoying this property are of fundamental importance, as the mathematician Évariste
Galois was the first to realise.
Given a group G and an element h of G, elements of the form ghg −1 are called
conjugates of h. Given a subset H of G we denote by gH g −1 the set of elements of
the form ghg −1 for some h in H . A subgroup H is called normal if gH g −1 = H for
all g in G. Clearly, all subgroups of an Abelian group are normal, since ghg −1 = h
for all h and g. Remark that we can also write the normality condition for H as
gH = H g for all g ∈ G. Therefore, a subgroup is normal if and only if each of its
right cosets is a left coset.
The trivial subgroup {e} and the subgroup G are both normal. Another example
of a normal subgroup is the centre: indeed, gZ(G) = Z(G)g because all elements
of Z(G) commute with all elements of G, in particular with the element g.
Moreover, if H is a normal subgroup then for all pairs of elements g1 , g2 in G
we have g1 H g2 H = g1 g2 H H = g1 g2 H ; that is, the product of any two left cosets,
seen as subsets of G, is again a left coset.
This suggests introducing an operation on the quotient G/H by setting (g1 H ) ·
(g2 H ) = (g1 g2 )H . The result of the operation on cosets g1 H , g2 H only depends on
the cosets and not on the chosen representatives g1 and g2 . The requirement that this
operation is well posed is precisely equivalent to the condition that H is a normal
subgroup of G. But we can say something much stronger:
Theorem 4.13 Given a normal subgroup H of G, the operation g1 H · g2 H =
(g1 g2 )H endows the quotient set G/H with a group structure. The resulting group
has order [G : H ].
We shall say that the group structure on G/H is induced by the group structure of G.
Let us go back to the Abelian group Z and its subgroup nZ, which is clearly normal.
The addition operation defined on residue classes is exactly the structure induced
by the usual addition on Z on the quotient Z/nZ. This finally gives a complete
motivation for the notation Z/nZ we introduced for the set of residue classes.
4 Groups 29

Endowing the quotient set with a group structure is a very useful procedure.
Though on the one hand information on G is lost when constructing G/H , in
the sense that elements of G that differ by an element of H are identified, on
the other hand G/H can be “simpler” than G and easier to study. The value of
the construction is that we can sometimes deduce useful information on G from
information on G/H .
We remarked before that all subgroups of an Abelian group are normal; the
converse, however, is not true. As an example of a non-Abelian group all of whose
subgroups are normal, we can construct the group Q8 of unit quaternions , which
is defined as follows. The elements of Q8 are ±1, ±i, ±j and ±k, where 1 is
the neutral element; multiplication by −1 switches the sign of an element, and
i 2 = j 2 = k 2 = −1, ij = k = −j i, j k = i = −kj , ki = j = −ik. It is
easy to show that Q8 has the following subgroups

Q8

i 1, ±i} j 1, ±j } k 1, ±k}

Z(Q8 ) = {±1}

where two subgroups are connected if the lower one is a subgroup of the one above.
Normality of the subgroups of Q8 follows from general principles: we need only
realise that any nontrivial proper subgroup either has index 2 or is the centre. But,
by our previous remark, the centre is always a normal subgroup, and moreover
Remark 4.14 Any subgroup of index 2 is normal.

4.6 The Symmetric Group

Given a natural number n, the set Sn of permutations of {1, 2, . . . , n}, endowed

with the operation of composition of maps, is a group called the symmetric group
on n elements. Indeed, the composite of bijective maps is bijective, the composition
operation is associative, the identity map is its neutral element, and every bijective
map is invertible. Moreover, we have remarked before that Sn has n! elements.
Given a permutation σ ∈ Sn and elements i1 , i2 , . . . , in such that σ (k) = ik for
k = 1, 2, . . . , n, we denote σ as
 
1 2 ··· n
.
i1 i2 · · · in
30 1 Theory

Given distinct integers k1 , k2 , . . . , k from the set {1, 2, . . . , n}, the permutation
σ for which
σ (kt ) = kt +1 for t = 1, 2, . . . ,  − 1,
σ (k ) = k1 ,
σ (j ) = j for all j ∈ {1, 2, . . . , n} \ {k1 , k2 , . . . , k }
is called a cycle of length , or an -cycle. We shall denote this cycle σ by
(k1 , k2 , . . . , k ).
Notice that the order of a cycle is the same as its length. For instance, if n ≥ 3
then the cycle (1, 2, 3) in Sn has order 3. A cycle (i, j ) of length 2 is called a
transposition: it exchanges i and j and fixes all other elements of {1, 2, . . . , n}.
The symmetric group Sn is not Abelian for any n ≥ 3. Indeed, we have for
example

(123)(12) = (13) = (23) = (12)(123).

As we shall see in later sections, not only are symmetric groups not Abelian, but
they are complex enough that any finite group can be constructed as a subgroup of
a sufficiently large symmetric group.

4.7 Group Homomorphisms

We shall now introduce group homomorphisms, that is, maps that preserve the group
structure. Homomorphisms allow us to compare groups by relating them to one
another, which will prove very fruitful as a general approach.
Let G, H be groups whose operations are · and ◦, respectively. A map f : G −→
H from one to the other is a homomorphism if f (g1 · g2 ) = f (g1 ) ◦ f (g2 ) for all
elements g1 , g2 in G.
It is immediate from the definition that a homomorphism will send the neutral
element of G to the neutral element of H , that is, f (eG ) = eH . Moreover, f (g −1 ) =
f (g)−1 and ord(f (g)) | ord(g). Subgroups are sent to subgroups, as stated by the
following
f
Proposition 4.15 Let G −→ H be a group homomorphism. If G is a subgroup
of G then f (G ) is a subgroup of H ; if H is a subgroup of H then f −1 (H ) is a
subgroup of G.
In particular, the image f (G) of f is a subgroup of H ; it is called a homomorphic
image of G. The inverse image of the trivial subgroup {eH } of H is of fundamental
importance; it is called the kernel of f and denoted by Ker(f ). In other words, we
have

Ker(f ) = {g ∈ G | f (g) = eH }.
4 Groups 31

The kernel is a measure of the extent to which the homomorphism fails to be

injective. Indeed,
Proposition 4.16 The kernel of a group homomorphism is a normal subgroup of G.
Moreover, for all h in Im(f ) we have f −1 (h) = g Ker(f ) where g is any element
of f −1 (h). In particular, f is injective if and only if Ker(f ) is trivial.
Not only is the kernel of a homomorphism a normal subgroup, but every normal
subgroup is the kernel of some homomorphism: if H is a normal subgroup of G,
then H is the kernel of the projection homomorphism G −→ G/H . We express
this remark in the following
Proposition 4.17 A subgroup of a group is normal if and only if it is the kernel of
a group homomorphism.
The most important theorem concerning group homomorphisms is the
Theorem 4.18 (Fundamental Homomorphism Theorem) Given a group homo-
f π
morphism G −→ H , and letting G −→ G/ Ker(f ) be the quotient homomorphism,
there exists a unique homomorphism f , necessarily injective, that renders the
following diagramme commutative

f
G H
π

f
G/ Ker(f )

A bijective homomorphism is called an isomorphism. If there exists an isomorphism

between groups G and H then we say the two groups are isomorphic and write
G  H . In particular, the theorem above implies
Corollary 4.19 If f is surjective then f is an isomorphism between G/ Ker(f )
and H .
This corollary allows us to conclude that the homomorphic images of the group
G are quotients of G and can therefore be constructed using only G itself. Moreover,
every group homomorphism f : G −→ H factors as follows: first, the projection
π : G −→ G/ Ker(f ), followed by the isomorphism f : G/ Ker(f ) −→ Im(f )
and finally the inclusion Im(f ) −→ H . That is, we have the following commutative
diagramme:

f
G H
π
i
f
G/ Ker(f ) Im(f )
32 1 Theory

Let G be a group; the isomorphisms from G to itself are called automorphisms

and the set of automorphisms of G is denoted by Aut(G). Clearly, the identity is
an automorphism, the composition of two automorphisms is an automorphism, and
the inverse of an automorphism is an automorphism. In other words, the set Aut(G)
endowed with the composition of maps is a group.
The quotient homomorphism π corresponding to a normal subgroup H of G can
be used to further refine Proposition 4.15.
Proposition 4.20 There is a bijective correspondence between the set of all
subgroups of G/H and the set of subgroups of G that contain H , given by the
maps K −→ π −1 (K ) and G −→ π(G ). Moreover, normal subgroups of G/H
correspond to normal subgroups of G.
It is now easy to obtain the details of the structure of any cyclic group. Indeed,
if G = g is cyclic then Z k −→ g k ∈ G is a surjective homomorphism. By
applying the results above we obtain
Theorem 4.21 (Structure Theorem for Cyclic Groups) Given a cyclic group G,
if G is infinite then we have G  Z, whereas if its order |G| is finite and equal to n
then G  Z/nZ. Moreover, if G = g is infinite then its subgroups are all those of
the form g k , where k is any positive integer. If |G| = n < ∞ then G has a unique
subgroup of order d for each divisor d of n.
Note that the part of the theorem concerning subgroups of a finite cyclic group is
a consequence of the bijective correspondence between subgroups of Z/nZ and
subgroups of Z containing nZ. That is, we have a new way of proving Remark 4.6.
We know that in a finite group the order of each element divides the order of the
group. It is not necessarily true, however, that for each divisor d of the order of G
there is an element of order d in G. This does hold when d is a prime divisor and, if
G is an Abelian group, it can be sown by applying the fundamental homomorphism
theorem and setting up a simple induction.
Theorem 4.22 (Cauchy’s Theorem) Given a finite group G and a prime p that
divides the order of G, there exists an element of order p in G.
The order of any subgroup is also a divisor of the order of the group; however, as
for single elements, we cannot say in general whether there exists a subgroup whose
order is a certain divisor of the order of the group. We do know that a cyclic group
has exactly one subgroup for each divisor of its order, but this case is very special:
indeed, we have
Remark 4.23 Given a finite group G which has exactly one subgroup of order d for
each divisor d of |G|, the group G is cyclic.
4 Groups 33

4.8 Direct Product of Groups

Given two groups G and H whose operations are · and ◦, respectively, we can
endow the Cartesian product G × H with an operation given by (g1 , h1 )(g2 , h2 ) =
(g1 · g2 , h1 ◦ h2 ) for all g1 , g2 ∈ G and h1 , h2 ∈ H . It is easy to show that this
operation makes the set G × H into a group, which we call the direct product of the
groups G and H .
We shall see that many properties of the group G × H can easily be inferred
from the properties of the groups G and H . We shall often find that some group,
however defined, is isomorphic to a direct product of groups, and thus will obtain
information about the group from information about its factors.
The cardinality of the set G × H is the product of the cardinalities of G and H :
if G and H are both finite, then G × H has order |G| · |H |, whereas if at least one
of the two groups is infinite then G × H is infinite. As for the order of its elements,
we have the following
Remark 4.24 Given g ∈ G of finite order m and h ∈ H of finite order n, the order
of the element (g, h) of G × H is the least common multiple of m and n.
The centre of G × H is easy to describe in terms of G and H : one can check that
Z(G × H ) = Z(G) × Z(H ). In particular,
Remark 4.25 The group G × H is Abelian if and only if G and H are both Abelian.
Given a subgroup G of a group G and a subgroup H of a group H , the group
G × H is a subgroup of G × H in a natural way; note, however, that a subgroup of
G × H need not be the direct product of two subgroups. For instance, the diagonal
subgroup {(g, g) | g ∈ G} of G × G is not a product of two subgroups if G has more
than one element.
We shall now give a consequence of our remark about the order of elements in a
direct product of groups. We immediately obtain
Remark 4.26 A direct product of cyclic groups of order m and n is itself cyclic if
and only if m and n are relatively prime.
In particular, for the cyclic groups given by the residue classes Z/mZ and Z/nZ,
the homomorphism

Z/mnZ [a]mn −→ ([a]m , [a]n ) ∈ Z/mZ × Z/nZ

is an isomorphism if and only if m and n are relatively prime. Moreover, this

homomorphism can be restricted to (Z/mnZ)∗ , yielding a homomorphism between
multiplicative structures

(Z/mnZ)∗ [a]mn −→ ([a]m , [a]n ) ∈ (Z/mZ)∗ × (Z/nZ)∗ .

34 1 Theory

Again, this is an isomorphism if and only if m and n are relatively prime. Note
that this discussion further specifies the content of Theorem 3.18 and of its
Corollary 3.19.

5 Rings

5.1 Definition and Basic Properties

Rings are sets endowed with two operations whose properties are analogous to those
of integer addition and multiplication. A set A endowed with two operations + and
· is a ring if
(i) A, endowed with the operation +, is an Abelian group,
(ii) the operation · is associative,
(iii) the operation · distributes over the operation +.
We shall call the operation + addition and the operation · multiplication. The
addition’s neutral element is denoted by 0 and called the zero of the ring A. Remark
that a neutral element for · need not exist; if it does, then we say that A is a ring with
identity or a unitary ring. In a unitary ring, the identity 1 is necessarily unique, and
is often called the one of the ring. Note that we can have 0 = 1, in which case it is
easy to prove that A = {0} and A is called the zero ring. If the multiplication of A
is commutative then the ring itself is called commutative.
The basic rules of integer arithmetic still hold for rings; indeed, we have
Remark 5.1 Given a ring A, for all a and b in A we have: a0 = 0a = 0, a(−b) =
(−a)b = −(ab), (−a)(−b) = ab. Moreover, if A is a unitary ring then (−1)a =
−a and (−1)(−1) = 1.
The most standard example of a ring is of course Z, which is a commutative
unitary ring. Thanks to Theorem 3.17, the set Z/nZ of residue classes modulo a
positive integer n is also a commutative unitary ring whose zero is 0 + nZ and
whose one is 1 + nZ.
An element a of a commutative ring A is a zero divisor if there exists an element
b = 0 in A such that ab = 0. We denote the set of zero divisors of A by D(A).
Naturally, zero is a zero divisor in any nonzero commutative ring. A commutative
ring with no zero divisors other than 0 is called an integral domain. The ring of
integers is an integral domain, whereas Z/nZ is an integral domain if and only if
n is prime. This is a consequence of Proposition 3.11, which tells us that the zero
divisors in Z/nZ are the classes a + nZ such that (a, n) = 1.
An element a of a ring is nilpotent if there exists a positive integer k such that
a k = 0. For instance, assuming the prime factorisation of n is n = p1e1 p2e2 · · · prer , a
class a in Z/nZ is nilpotent if and only if p1 p2 · · · pr divides a in Z.
Throughout the rest of the book, we shall often make use of the following remark,
which is essentially equivalent to the definition of an integral domain.
5 Rings 35

Remark 5.2 (Principle of Zero Products) Given two elements a, b in an integral

domain, if ab = 0 then a = 0 or b = 0.
An element a of a unitary ring A is invertible if there exists an element b ∈ A
such that ab = ba = 1. We shall write A∗ for the set of all invertible elements in
A. For the ring Z we have Z∗ = {1, −1}; the sets Q, R and C are also commutative
unitary rings, and we have Q∗ = Q \ {0}, R∗ = R \ {0} and C∗ = C \ {0}. One
immediately obtains from Proposition 3.15 that the class a + nZ is invertible in
Z/nZ if and only if (a, n) = 1.
Remark 5.3 Given a unitary ring A, the set A∗ of its invertible elements endowed
with multiplication is a group; it is an Abelian group if A is commutative. Moreover,
we always have A∗ ∩ D(A) = ∅.
In the case of a finite ring we can say something more:
Remark 5.4 Given a finite unitary ring A, we have A = A∗  D(A); that is, every
element of A is either invertible or a zero divisor.
If K is a nonzero commutative unitary ring whose nonzero elements are all
invertible, we say that K is a field. In other words, K = {0} is a field if and only if
K∗ = K \ {0}; in this case, the set K∗ = K \ {0} endowed with multiplication is
an Abelian group. Remark that every field is an integral domain, so the principle of
zero products does hold for fields. Some examples of fields are Q, R and C. One
can also construct fields with a finite number of elements: given a prime p, the ring
Z/pZ is actually a field, because every nonzero class is invertible modulo p.
In a commutative ring, one can develop powers of a binomial in a similar way as
one does in Z.
Remark 5.5 (Binomial Theorem) Given two elements a and b of a commutative
ring A, for all positive integers n we have
n  
n k n−k
(a + b) =
n
a b .
k
k=0

5.2 Subrings, Ideals and Quotients

A subset B of a ring A is a subring if the operations + and · can be restricted to

B and their restrictions make B itself a ring. Clearly, in order to check whether a
nonempty subset B is a subring it is enough to check that b1 + b2 and b1 · b2 belong
to B for all b1 and b2 in B, and that −b ∈ B for all b ∈ B. An equivalent definition
would be that a subset B is a subring if it is a subgroup under addition and is closed
under multiplication.
Now, let A be a ring containing the ring A and let X be a subset of A . It is
evident that an intersection of subrings of A is itself a subring. We can thus define
36 1 Theory

the ring generated by X over A as the intersection of all subrings of A that contain
A ∪ X. We denote such a ring by A[X]: it is the smallest subring of A that contains
A ∪ X. Given a commutative ring A, it is easy to show that the ring A[X] is the set
of all possible sums

a1 y1 + a2 y2 + · · · + ak yk

where k is any natural number, a1 , a2 , . . . , ak are elements of A and y1 , y2 , . . . , yr

are products of elements of X. If the set X is finite, say X = {x1 , x2 , . . . , xr },
then we may write A[x1, x2 , . . . , xr ] for A[X]. In particular, if X = {x} and A is
commutative, then A[x] is the set of all sums of the form

k
ak x k
h=0

where k is a natural number and a0 , a1 , . . . , ak are elements of A.

f
A ring homomorphism is a map A −→ B from a ring A to a ring B such that
f (a1 + a2 ) = f (a1 ) + f (a2 ) and f (a1 a2 ) = f (a1 )f (a2 ) for all a1 , a2 ∈ A.
Moreover, in the case of A and B being unitary rings, we require that a ring
homomorphism f from A to B send the identity 1A of A to the identity 1B of B, that
is, we impose f (1A ) = 1B . A ring isomorphism is a bijective ring homomorphism.
As we did for groups, we write A  B if there exists a ring isomorphism from A to
B; in this case, we say that A and B are isomorphic.
Given a commutative unitary ring A, there is exactly one way to extend the
pairing Z 1 −→ 1A ∈ A to a ring homomorphism. In particular, we can
always think of the integers as elements of A. Note, however, that the resulting
homomorphism is not necessarily injective.
A ring homomorphism is also a group homomorphism between the additive
groups (A, +) and (B, +). We can therefore define the kernel Ker(f ) of a ring
homomorphism f as the kernel of the corresponding homomorphism between
additive groups. The kernel Ker(f ) is the set of elements of A whose image under
f is 0B :

Ker(f ) = {a ∈ A | f (a) = 0B }.

The set Ker(f ) is not only a subring of A, but also such that a1 · a2 ∈ Ker(f ) if a1
belongs to Ker(f ) or a2 belongs to Ker(f ): we say that Ker(f ) absorbs multipli-
cation. More generally, any additive subgroup I of A that absorbs multiplication is
called an ideal.
An ideal is to a ring what a normal subgroup is to a group. Indeed, since (A, +)
is an Abelian group, an ideal I is a normal subgroup of (A, +). Moreover, if we
consider the quotient set A/I given by all additive cosets a + I of the ideal I ,
5 Rings 37

that is,

A/I = {a + I | a ∈ A},

this is of course an Abelian group if endowed with the addition of cosets induced
by the operation + of A. But we can also endow A/I with a multiplication given by
(a1 + I ) · (a2 + I ) = a1 a2 + I and thus make it into a ring. In other words, given an
ideal I of A, the operations + and · of A pass to the quotient A/I and make it into
a ring. The quotient map

A a −→ a + I ∈ A/I

is a surjective ring homomorphism. So, similarly to subgroups, ideals are exactly

the kernels of ring homomorphisms.
We now give another definition which will prove very important. An ideal M =
A is maximal if it is not properly contained in any ideal other than A itself.
Let A be a ring and let X be a subset of A. The ideal generated by X is the
intersection of all ideals of A that contain X. We denote this ideal by (X): it is the
smallest ideal of A that contains X. In a commutative ring A, the ideal X is the set
of all sums

a1 x1 + a2 x2 + · · · + ak xk

where k is any natural number, a1 , a2 , . . . , ak belong to A and x1 , x2 , . . . , xk

belong to X. If the set X is finite, say X = {x1 , x2 , . . . , xr }, then we may write
(x1 , x2 , . . . , xr ) for (X). In particular, if X = {x} and A is commutative then the
ideal (x) generated by x is the subset A · x of A consisting of all multiples of the
form ax for some a ∈ A.

5.3 Polynomial Rings

We now give the definition of a polynomial with coefficients in a commutative ring

A. We choose to take an informal approach and rely on the reader’s intuition of what
a polynomial is rather than give a rigorous but heavy account involving for instance
the machinery of eventually zero sequences.
Let x be a symbol which we call indeterminate; we shall also use the symbols
1 = x 0 , x = x 1 , x 2 , x 3 , . . ., which we call powers of the indeterminate x. Given a
natural number n and elements a0 , a1 , a2 , . . . , an of a ring A, the formal sum

f (x) = a0 + a1 x + a2 x 2 + · · · + an x n

is a polynomial in the indeterminate x with coefficients a0 , a1 , . . . , an in the ring A.

For convenience, we shall think of f (x) as having coefficients an+1 , an+2 , . . . equal
38 1 Theory

to zero. The coefficient a0 is called the constant coefficient of the polynomial. The
zero polynomial, which we denote by 0, corresponds to the choice of n = 0 and
a0 = 0; all of its coefficients are zero. Two polynomials a0 + a1 x + · · · + an x n and
b0 + b1 x + · · · + bm x m are equal if their corresponding coefficients are equal, that
is, if a0 = b0 , a1 = b1 and so on.
Given a nonzero polynomial f (x) = a0 + a1 x + · · · + an x n , the degree of f (x),
denoted by deg(f ), is the smallest integer r such that the coefficients ar+1 , ar+2 , . . .
are all equal to zero. Remark that we are purposefully not defining the degree of the
zero polynomial. For a polynomial f (x) of degree r, the coefficient ar is called the
leading coefficient of f (x). If A is a unitary ring, a polynomial with coefficients in A
is called monic if its leading coefficient is 1. A constant polynomial is a polynomial
which is zero or has degree 0: the polynomial f (x) is constant if and only if f (x) =
a0 for some a0 ∈ A.
The set of polynomials in the indeterminate x with coefficients in A is denoted by
A[x]. We will now discuss how to use the operations of A to construct operations on
A[x] that make A[x] into a ring. Given polynomials f (x) = a0 + a1 x + a2 x 2 + · · ·
and g(x) = b0 + b1 x + b2 x 2 + · · · , we define the sum of f (x) and g(x) as

f (x) + g(x) = (a0 + b0 ) + (a1 + b1 )x + (a2 + b2 )x 2 + · · ·

It is easy to see that this addition operation makes A[x] into an Abelian group where
the neutral element is the zero polynomial and the additive inverse of a0 + a2 x +
a2 x 2 + · · · is the polynomial −a0 − a1 x − a2 x 2 − · · · .
In order to construct the multiplication of polynomials, we first describe products
of powers of the indeterminate: we set x n · x m = x n+m for all natural numbers n
and m. We then extend this operation in a bilinear way: given the polynomials f (x)
and g(x) above, we set

f (x) · g(x) = (a0 + a1 x + a2 x 2 + · · · ) · (b0 + b1 x + b2 x 2 + · · · )

= a0 b0 + (a0 b1 + a1 b0 )x + (a0 b2 + a1 b1 + a2 b0 )x 2 + · · ·
 
= k ( kh=0 ah bk−h )x k .

It is very easy to show that the operation · is commutative and associative and that,
if A is a unitary ring, then the polynomial 1 is the multiplication’s neutral element.
Moreover, as we can immediately see from the definition, the multiplication
distributes over the addition. We therefore have
Proposition 5.6 Given a commutative ring A, the set A[x] of polynomials with
coefficients in A is a commutative ring. Moreover, if A is a unitary ring then A[x] is
as well.
The degree of polynomials has two important properties in relation to addition
and multiplication.
5 Rings 39

Remark 5.7 Given two polynomials f (x) and g(x) in A[x], we have
(i) if f (x) + g(x) is not the zero polynomial then

deg(f + g) ≤ max{deg(f ), deg(g)},

(ii) if A is an integral domain and f (x), g(x) = 0, then f (x) · g(x) = 0 and
deg(f · g) = deg(f ) deg(g); in particular, A[x] is an integral domain.
Thanks to the remark above we can immediately identify all invertible elements of
A[x] when A is a unitary integral domain.
Corollary 5.8 If A is a unitary integral domain, then A[x]∗ = A∗ .
Throughout the rest of the book, we shall often evaluate polynomials at elements
of a ring; we now explain what this procedure entails. Let a be a fixed element of
A. There exists a unique ring homomorphism
va
A[x] f (x) −→ f (a) ∈ A

called evaluation at a, which replaces all occurrences of x in f (x) with a. A root of

f (x) is an element a of A such that f (a) = 0. Clearly, given a subring A of a ring
B, the ring A[x] is a subring of B[x]. We can thus evaluate polynomials in A[x]
at elements of B. In particular, we can look for roots of a polynomial among the
elements of a ring that contains the ring of its coefficients. It is clear that the image
of A[x] in B via the map of evaluation at a is the subring A[a] of B generated by a
over A.
f
Given a ring homomorphism A −→ B, we can introduce a map between the
corresponding polynomial rings by setting

A[x] a0 + a1 x + · · · + an x n −→ f (a0 ) + f (a1 )x + · · · + f (an )x n ∈ B[x].

It immediately follows from the definition of the addition and multiplication of

polynomials that this map is a ring homomorphism. Remark that this homomor-
phism never increases the degree of a polynomial, and in particular, if the leading
coefficient an of a polynomial p(x) does not belong to the kernel of f , then the
homomorphism leaves the degree of p(x) unchanged.

5.4 Divisibility of Polynomials

The next few sections will be devoted to the study of the ring K[x] of polynomials
with coefficients in a field K. The ring K[x] bears a strong resemblance to the ring
of integers: for instance, we have a version of Euclidean division for polynomials in
K[x] where the degree plays the role of the absolute value.
40 1 Theory

Proposition 5.9 (Euclidean Division of Polynomials) Given two polynomials

f (x), g(x) in K[x], where f (x) is nonzero, there exist two unique polynomials
q(x), r(x) ∈ K[x] such that g(x) = q(x)f (x) + r(x) and r(x) = 0 or deg(r) <
deg(f ).
As with integers, q(x) is called the quotient of the division of g(x) by f (x), and
r(x) is called the remainder. If r(x) = 0, in which case g(x) = q(x)f (x), then
we say that f (x) divides g(x), or that g(x) is a multiple of f (x). We denote this by
f (x) | g(x).
Theorem 5.10 (Ruffini’s Theorem) The element a ∈ K is a root of f (x) ∈ K[x]
if and only if x − a divides f (x).
Using Ruffini’s theorem, we can define the multiplicity of a root a of the polynomial
f (x) as the natural number k such that (x − a)k divides f (x) but (x − a)k+1 does
not divide f (x). A root of multiplicity 1 is called a simple root, whereas a root of
multiplicity strictly greater than 1 is called a multiple root.
If the roots of the polynomial f (x) are a1 , a2 , . . . , ar with multiplicities given
by k1 , k2 , . . ., kr respectively, then the number of roots of f (x) counted with
multiplicity is k1 + k2 + · · · + kr . By comparing the degree of the polynomial with
the number of factors of the form x − a, where a is a root, we obtain
Corollary 5.11 A nonzero polynomial f (x) ∈ K[x] has at most deg(f ) roots in K,
counted with multiplicity.
Let f (x) and g(x) be polynomials in K[x], not both zero; we call greatest
common divisor of f (x) and g(x) any polynomial p(x) with the following
properties:
(i) p(x) divides both f (x) and g(x),
(ii) if q(x) is a polynomial that divides both f (x) and g(x) then q(x) divides p(x).
In exactly the same way as for the integers, we can show that the greatest common
divisor does exist and prove Bézout’s identity.
Proposition 5.12 Given polynomials f (x), g(x), not both zero, there exists a
greatest common divisor m(x) of f (x) and g(x) in K[x]. Moreover, there exist
h(x), k(x) ∈ K[x] such that m(x) = h(x)f (x) + k(x)g(x).
We can immediately see that Euclid’s algorithm works for polynomials exactly
as it did for integers, by simply replacing integer division with Euclidean division
of polynomials. This allows us to compute a greatest common divisor of two
polynomials explicitly and to obtain Bézout’s identity.
Note that the greatest common divisor of two polynomials is not unique;
however, if h(x) and k(x) are greatest common divisors of f (x) and g(x), then
there exists λ ∈ K∗ such that h(x) = λ · k(x). We can therefore say that the greatest
common divisor is unique up to nonzero constant factors. In particular, there is a
unique monic greatest common divisor, which is often referred to as the greatest
common divisor and denoted by (f (x), g(x)).
5 Rings 41

As with integers, we say that two polynomials are relatively prime if their greatest
common divisor is 1.

5.5 Polynomial Factorisation

We continue to explore the analogy between the ring of integers and the ring K[x]
of polynomials with coefficients in a field K. A non-constant polynomial f (x) is
irreducible if f (x) = g(x)h(x) implies that g(x) is constant or h(x) is constant. It
will soon become clear that irreducible polynomials in K[x] are analogous to primes
in Z, and enjoy similar properties. For example, by arguments similar to those used
for integers and by replacing the absolute value with the degree, we find
Theorem 5.13 Every non-constant polynomial has a factorisation in irreducible
polynomials; such a factorisation is unique up to the order of the factors, as long as
polynomials that differ by a nonzero constant factor are identified.
Let us now discuss how to factor polynomials with coefficients in some particular
fields. We start with polynomials with complex coefficients, for which we have
Theorem 5.14 (Fundamental Theorem of Algebra) Every non-constant polyno-
mial with complex coefficients has a complex root.
In spite of its name, there is no purely algebraic proof of this theorem: the
completeness of the reals, or some other analytic or topological property, is essential
for any proof of this fact.
We shall now list some immediate consequences of the theorem that concern
irreducible polynomials with complex or real coefficients.
Corollary 5.15
(i) A polynomial in C[x] is irreducible if and only if its degree is 1;
(ii) every polynomial in C[x] has a factorisation as a product of degree 1
polynomials;
(iii) any nonzero polynomial f (x) ∈ C[x] has exactly deg(f ) roots, counted with
multiplicity;
(iv) a polynomial is irreducible in R[x] if and only if it has degree 1 or it has degree
2 and is of the form x 2 + ax + b with a 2 − 4b < 0.
Let us now consider how to factor polynomials with rational coefficients; note
that establishing whether or not a polynomial with coefficients in Q is irreducible is
much harder than it is for polynomials with coefficients in R or C. First of all, let
us see how we can relate polynomials with rational coefficients to polynomials with
integer coefficients.
Given a nonzero polynomial f (x) = a0 + a1 x + · · · + an x n with integer
coefficients, the content c(f ) of f (x) is the greatest common divisor of the
coefficients a0 , a1 , . . . , an . A nonzero polynomial with content 1 is called primitive.
42 1 Theory

Naturally, every polynomial with integer coefficients can be expressed as f (x) =

c(f ) · f1 (x), where f1 (x) is primitive. The key fact that will allow us to pass from
Q to Z is the following
Lemma 5.16 (Gauss’s Lemma) The product of two primitive polynomials is
primitive.
Gauss’s lemma yields the corollaries
Corollary 5.17 Given f (x), g(x) ∈ Z[x] \ {0} we have c(f · g) = c(f )c(g).
Corollary 5.18 Given f (x), g(x) ∈ Z[x], assume that f (x) is primitive and that
it divides g(x) in Q[x]. Then f (x) divides g(x) in Z[x].
Now remark that, given f (x) ∈ Q[x], we can always write f (x) = cf1 (x)
for some rational number c and some primitive polynomial f1 (x) ∈ Z[x]. So,
when attempting to factor f (x), it is enough to find a factorisation in Q[x] of the
primitive polynomial f1 (x), which has integer coefficients. The following result will
guarantee that we can look for a factorisation of f1 (x) in Z[x] rather than Q[x].
Corollary 5.19 A primitive polynomial in Z[x] is irreducible in Q[x] if and only if
it is irreducible in Z[x].
Let us now discuss some criteria for whether or not a polynomial is irreducible
in Z[x]. The first allows us to check whether or not the polynomial has roots: of
course, by Ruffini’s theorem, a nonzero polynomial with a root is irreducible if and
only if its degree is one.
Remark 5.20 Let f (x) = a0 + a1 x + a2 x 2 + · · · + an x n be a polynomial with
integer coefficients; any rational root of f (x) can be expressed as a/b for some
integer divisor a of a0 and some integer divisor b of an .
This criterion can be used to determine whether or not f (x) has a rational root
within a finite number of steps: it is enough to check all rational numbers a/b
satisfying the requirements of the remark, of which there is only a finite number.
The next criterion involves reducing the coefficients of the polynomial modulo a
prime. Let f (x), as above, be a polynomial in Z[x] and let p be a prime that does not
divide the leading coefficient of f (x). The quotient homomorphism Z −→ Z/pZ
induces a homomorphism π : Z[x] −→ (Z/pZ)[x] for which f (x) is not in the
kernel.
Remark 5.21 If π(f ) is irreducible in (Z/pZ)[x] then f (x) is irreducible in Z[x].
This remark is especially useful because Z/pZ has p elements: in particular, it is
finite, hence the number of polynomials of any fixed degree with coefficients in
Z/pZ is finite. This can make it easy to prove that a polynomial is irreducible in
(Z/pZ)[x]. Do note, however, that there exist polynomials that are irreducible in
Z[x] but are reducible modulo p for all primes p, so the remark above does not
have a viable converse statement.
5 Rings 43

A useful criterion for showing the irreducibility of a polynomial with integer

coefficients is the following
Proposition 5.22 (Eisenstein’s Criterion) Let f (x) = a0 + a1 x + · · · + an x n be
a polynomial with integer coefficients; if there exists a prime p that does not divide
an but divides a0 , a1 , . . . , an−1 and such that p2 does not divide a0 , then f (x) is
irreducible in Z[x], hence it is irreducible in Q[x].
Eisenstein’s criterion applies in particular to polynomials of the form x n − p for
some natural number n and some prime p. As a consequence, we have
Remark 5.23 For all natural numbers n there is an infinite number of irreducible
polynomials of degree n in Q[x].
Here is another application of Eisenstein’s criterion. Fix a prime p and consider
the polynomial

xp − 1
f (x) = x p−1 + x p−2 + · · · + x + 1 = ,
x−1

which is called the pth cyclotomic polynomial. Remark that the polynomial g(x) =
p−1  p k
f (x + 1) = k=0 k+1 x has constant coefficient p and that all of its coefficients
are divisible by p except for the leading coefficient, which is 1. We can thus apply
Eisenstein’s criterion to obtain that g(x) is irreducible. But then f (x) must also be
irreducible, because the map

Z[x] h(x) −→ h(x + 1) ∈ Z[x]

is a ring isomorphism. We have thus shown

Remark 5.24 For all primes p the polynomial x p−1 +x p−2 +· · ·+x+1 is irreducible
in Q[x].

5.6 Quotients of Polynomial Rings

Let f (x) be a polynomial in K[x], where K is a field, and let (f (x)) = K[x] ·
f (x) be the ideal generated by f (x) in K[x]. We wish to study the quotient ring
K[x]/(f (x)). In order to accomplish this goal, for the sake of completeness, we
need to remind the reader of some definitions and results concerning vector spaces.
A vector space over the field K is an Abelian group (V , +) endowed with a map

K×V (λ, v) −→ λ · v ∈ V ,
44 1 Theory

which we call multiplication by scalars, with the following properties:

(i) (λ + μ) · v = λ · v + μ · v for all λ, μ ∈ K and v ∈ V ,
(ii) λ · (u + v) = λ · u + λ · v for all λ ∈ K and u, v ∈ V ,
(iii) (λμ) · v = λ · (μ · v) for all λ, μ ∈ K and v ∈ V ,
(iv) 1 · v = v for all v ∈ V .
In the context of vector spaces, elements of the field K are called scalars and
elements of V are called vectors. In particular, the neutral element of V for the
operation + is called the zero vector and is denoted, as is customary in Abelian
groups, by 0.
A natural example of a vector space is the set of column vectors, that is, the
set Kn , where n is some fixed positive integer, endowed with the addition and the
multiplication by scalars given by
⎛ ⎞ ⎛ ⎞ ⎛ ⎞ ⎛ ⎞ ⎛ ⎞
x1 y1 x1 + y1 x1 λx1
⎜ x2 ⎟ ⎜ y2 ⎟ ⎜ x2 + y2 ⎟ ⎜ x2 ⎟ ⎜ λx2 ⎟
⎜ ⎟ ⎜ ⎟ ⎜ ⎟ ⎜ ⎟ ⎜ ⎟
⎜ . ⎟+⎜ . ⎟=⎜ .. ⎟, λ · ⎜ . ⎟ = ⎜ . ⎟.
⎝ .. ⎠ ⎝ .. ⎠ ⎝ . ⎠ ⎝ .. ⎠ ⎝ .. ⎠
xn yn xn + yn xn λxn

Given k vectors v1 , v2 , . . . , vk in a vector space V , a linear combination of them

is a vector of the form

λ1 v1 + λ2 v2 + · · · + λk vk

where λ1 , λ2 , . . . , λk are scalars. If the only way to obtain the zero vector as a linear
combination of v1 , v2 , . . . , vk is to have λ1 = λ2 = · · · = λk = 0, then the vectors
are linearly independent; otherwise, we call them linearly dependent.
The vectors v1 , v2 , . . . , vk are a set of generators for the vector space V if every
vector of V is a linear combination of v1 , v2 , . . . , vk .
A basis of a vector space V is a set of generators that are linearly independent.
It follows from the definitions that a set v1 , v2 , . . . , vk is a basis of V if and only if
every vector v ∈ V can be expressed as a linear combination of v1 , v2 , . . . , vk in a
unique way. One can show
Theorem 5.25 Every vector space has a basis. Moreover, any two bases of the same
vector space have the same cardinality.
The common cardinality of all bases of V is called the dimension of V and is denoted
by dim V . For instance, it is easy to prove that the dimension of Kn is n.
We shall now make a general remark. Given a ring A containing a field K as a
subring, if we consider the ring addition of A and the restriction to K × A −→ A
of the ring multiplication of A, then the ring A becomes a vector space over K. In
particular, if we take A to be the quotient ring K[x]/(f (x)), we have
Proposition 5.26 The quotient set K[x]/(f (x)) is a commutative unitary ring. A
set of representatives for the classes modulo (f (x)) is given by 0 together with
6 Fields 45

all polynomials of degree strictly less than deg(f ). Moreover, K[x]/(f (x)) is a
vector space over K of dimension n = deg(f ). A basis of K[x]/(f (x)) is given by
1 + (f (x)), x + (f (x)), . . ., x n−1 + (f (x)).
It is possible to give an explicit description of zero divisors, invertible elements
and nilpotent elements in K[x]/(f (x)), exactly as we did in the rings Z/nZ.
Remark 5.27 The class g(x) + (f (x)) is a zero divisor in the ring K[x]/(f (x)) if
and only if g(x) and f (x) are not relatively prime. It is invertible if and only if g(x)
and f (x) are relatively prime, and it is nilpotent if and only if g(x) is divisible by
every irreducible factor of f (x) in K[x].
We conclude this section with one last analogy between rings of the form
K[x]/(f (x)) and quotients Z/nZ.
Corollary 5.28 The ring K[x]/(f (x)) is a field if and only if f (x) is irreducible in
K[x].

6 Fields

6.1 Characteristic of a Field

ϕ
Given a field K, consider the unique ring homomorphism Z −→ K such that Z
1 −→ 1 ∈ K. It is easy to show that there are only two possibilities for its kernel:
either ϕ is injective or there is a prime p such that Ker(ϕ) = pZ.
In the first case, Z is isomorphic to a subring of K and so K (being a field)
contains an isomorphic copy of Q: we say that K has characteristic zero.
If Ker(ϕ) = pZ then K contains an isomorphic copy of the field Z/pZ: we say
that K has characteristic p or has positive characteristic. Remark that in this case

p · a = a +a +...+ a = 0
  
p times

for all a in K. It is clear that a field with a finite number of elements has characteristic
p for some prime p, since it does not contain the infinite set Q and therefore cannot
have characteristic 0.
For a field of characteristic p, the binomial theorem takes an especially simple
form when applied with exponent p.
Theorem 6.1 (Freshman’s Dream) Given a field K of positive characteristic p,
we have

(a + b)p = a p + b p
46 1 Theory

for all a, b ∈ K.
In the special case of the field Z/pZ, this is Theorem 3.12 about congruences
modulo p.
An immediate consequence of the theorem is the fact that, given a finite field K
of characteristic p, the map

F
K a −→ a p ∈ K

is an automorphism of K, that is, an isomorphism from K to itself; it is called the

Frobenius automorphism.

6.2 Multiplicative Group

Given a field K, the set K∗ = K \ {0} endowed with the field multiplication is a
group with a very special structure. Remark that, given a ∈ K∗ whose order is a
divisor of some positive integer n, the element a is a root of the polynomial x n − 1.
This implies that K∗ cannot contain more than n elements whose order is a divisor
of n. It follows immediately from Remark 4.23 that we have
Proposition 6.2 Any finite subgroup of the multiplicative group K∗ of a field K is
cyclic.
In particular, for finite fields we have
Corollary 6.3 The multiplicative group K∗ of a finite field K is a cyclic group of
order |K| − 1.

6.3 Field Extensions

Given two fields K and F, we say that F is an extension of K if K ⊆ F, that is, if K

is a subfield of F. We will sometimes write F/K to mean that F is an extension of
K. As we remarked before, given a field extension F/K we have that F is a vector
space over the field K. The degree of the extension F/K, denoted by [F : K], is the
dimension dimK F of F as a vector space over K. We call the extension F/K finite
if it has finite degree.
A tower of extensions is a sequence of successive field extensions. In a tower of
extensions, the degree is multiplicative:
Proposition 6.4 Given field extensions L/F and F/K we have

[L : K] = [L : F] · [F : K].
6 Fields 47

Let F/K be a field extension and let X be a subset of F. Since, as for rings,
an intersection of subfields of F is still a subfield, we can define K(X) as the
intersection of all subfields of F that contain K ∪ X. The result is the smallest
subfield of F that contains K ∪ X, that is, the set of all quotients of elements
in the subring K[X] of F generated by X over K. When the set X is finite, say
X = {a1 , a2 , . . . , ak }, we may write K(a1, a2 , . . . , ak ) for K(X).
In particular, given a ∈ F, the subfield K(a) generated by a over K is the set of
all quotients of the form

f (a)
g(a)

for some f (x) and g(x) in K[x], subject to the condition that g(a) = 0.
An element a of an extension F of K is algebraic over K if there exists a nonzero
polynomial f (x) with coefficients in K such that f (a) =√0. A non-algebraic
element is called transcendental. For instance, the number 2 is an element of
R that is algebraic over Q, because it is a root of x 2 − 2 ∈ Q[x]. In 1882, the
German mathematician Ferdinand von Lindemann gave the first proof that π is
transcendental over Q.
Given a field L, a subfield K of L and two field extensions E, F of K in L, the
composite of E and F is E · F = E(F) = F(E); in other words, E · F is the smallest
extension of K in L that contains both E and F.
F/K is algebraic if all elements of F are algebraic over K. It is
A field extension √
easy to show that Q( 2)/Q is an algebraic extension; on the contrary, the extension
R/Q is clearly not algebraic, since π ∈ R is not algebraic over Q.
We can determine whether an element is algebraic or transcendental by studying
the evaluation homomorphism at that element. We have
Remark 6.5 Let F/K be a field extension and consider a ∈ F. The element a is
algebraic over K if and only if the evaluation homomorphism
va
K[x] f (x) −→ f (a) ∈ F

has a nontrivial kernel. Equivalently, a is transcendental if and only if the above

homomorphism is injective.
Given an element a ∈ F that is algebraic over K, let μ(x) be a monic polynomial
of minimal degree in the kernel Ker(va ) of the evaluation at a.
Proposition 6.6 If a ∈ F is algebraic over K then μ is irreducible in K[x]
and generates the kernel Ker(va ) of the evaluation at a. Moreover, μ is the only
irreducible monic polynomial to have evaluation zero at a.
Because of this proposition, we call μ(x) the minimal polynomial of a over K. We
know from the definition that Ker(va ) = (μ(x)) = μ(x) · K[x], and therefore
48 1 Theory

Remark 6.7 Given an element a ∈ F that is algebraic over K, the ring K[a] is
isomorphic to K[x]/(μ(x)).
Moreover, since μ(x) is irreducible, we can use Bézout’s identity to obtain the
inverse of every nonzero element of K[a] and conclude that K[a] is a field.
Therefore,
Corollary 6.8 If a ∈ F is algebraic over K then K(a) = K[a].
Another consequence of Remark 6.5 is the way that the degree of an extension
depends on whether its elements are algebraic or transcendental:
Corollary 6.9 The element a ∈ F is algebraic over K if and only if K(a)/K is a
finite extension. If this is the case then the degree [K(a) : K] is equal to the degree
of the minimal polynomial of a over K.
It is therefore clear that a finite extension does not contain any transcendental
elements:
Corollary 6.10 Any finite extension F/K is algebraic.
Another important property of algebraic extensions, which is essentially a
consequence of the corollary above and of the fact that the degree is multiplicative
in towers, is the following
Proposition 6.11 Given algebraic field extensions L/F and F/K, the extension
L/K is algebraic.
In particular, we have
Remark 6.12 Given elements a1 , a2 , . . . , ak in F that are algebraic over K, the ring
K[a1, a2 , . . . , ak ] is a field of finite degree over K.
Let us now discuss how the greatest common divisor of polynomials is affected
by field extensions. Given a field extension F/K and two polynomials f (x) and
g(x) in K[x], we can compute the greatest common divisor of f (x) and g(x) both
in K[x] and in F[x]. We have
Remark 6.13 The greatest common divisor of f (x) and g(x) in K[x] is the same as
their greatest common divisor in F[x].
We can therefore conclude that polynomials that are relatively prime in K[x] remain
relatively prime in F[x].

6.4 Splitting Field

A field K is algebraically closed if all non-constant polynomials in K[x] have a root

in K. For example, C is algebraically closed but R is not, because the polynomial
x 2 + 1 does not have any roots in R. Remark that if K is algebraically closed, then
6 Fields 49

by Ruffini’s theorem the existence of one root of f (x) implies that f (x) factors as
a product of degree one polynomials in K[x].
An extension Ω of a field K is an algebraic closure of K if Ω/K is an algebraic
extension and Ω is algebraically closed. For example, C is the algebraic closure of
R, but it is not an algebraic closure of Q because C/Q is not an algebraic extension:
not even the subextension R/Q is algebraic.
In order to prove the following fact about algebraic closures, some rather
advanced notions in mathematical logic are essential.
Theorem 6.14 Every field has an algebraic closure. Any two algebraic closures of
the same field K are isomorphic, and there is an isomorphism between them that
fixes every point of K.
We now wish to state a criterion for a polynomial to have a multiple root, and
in order to do this we need to introduce the concept of derivative. We shall give a
definition that does not rely on the idea of limit we are familiar with from Analysis,
and thus does not require a topology on the field K of the coefficients. Given a
polynomial f (x) = a0 + a1 x + · · · + an x n in K[x], its derivative is f (x) =
a1 +2a2 x+· · ·+nan x n−1 . This definition coincides with the standard definition from
Analysis for polynomials with real coefficients. It therefore should not be surprising
that the following properties hold:
(i) (f (x) + g(x)) = f (x) + g (x) for all f (x), g(x) ∈ K[x],
(ii) (λf (x)) = λf (x) for all λ ∈ K and f (x) ∈ K[x],
(iii) (f (x)g(x)) = f (x)g(x) + f (x)g (x) for all f (x), g(x) ∈ K[x].
The last property is Leibniz’s rule for the derivative of a product. It implies that, if an
element a in the algebraic closure Ω of a field K is a multiple root of a polynomial
f (x) ∈ K[x], then (x − a) is a common factor of f (x) and f (x) in Ω[x]. But,
since the greatest common divisor is unaffected by field extensions, f (x) and f (x)
must also have a common factor in K[x].
Remark 6.15 (Derivative Criterion for Multiple Roots) A polynomial f (x) in K[x]
has a multiple root in the algebraic closure of K if and only if f (x) and its derivative
are not relatively prime in K[x].
Now, let f (x) ∈ K[x] be a polynomial and let Ω be an algebraic closure of K.
In particular, Ω contains all roots a1 , a2 , . . . , ak of f (x). The splitting field of f (x)
in Ω is the field K(a1 , a2 , . . . , ak ), whose degree over K is at most deg(f )!.
The splitting field of f (x) is the smallest subfield of Ω in which the polynomial
f (x) factors as a product of linear polynomials. Once the algebraic closure Ω is
fixed, the splitting field is uniquely determined by the polynomial f (x). Moreover,
the choice of the field Ω is just a technical step: splitting fields constructed from
different algebraic closures are isomorphic.
As an example, we will describe the splitting field of the polynomial x n − 1 over
Q. The complex roots of this polynomial are of course the nth roots of unity: if we
set ζn = e2πi/n = cos(2π/n) + i sin(2π/n), the roots are 1, ζn , ζn2 , . . . , ζnn−1 . Note
that this set of roots is a cyclic subgroup of order n of the group C∗ ; a generator of
50 1 Theory

this group – for example, ζn —is called a primitive nth root of unity. Clearly, there
are φ(n) primitive nth roots of unity, all of them of the form ζnh with (h, n) = 1.
In conclusion, the splitting field of x n − 1 over Q is the field Q(ζn ), which is
called the nth cyclotomic extension of Q. For instance, for n = 4 we get Q(i) and,
since x 2 + 1 is the minimal polynomial of i over Q, the degree of Q(i) over Q is 2.

6.5 Finite Fields

Remember that a field is finite if it has a finite number of elements. As remarked

previously, a finite field cannot have characteristic zero and thus always has positive
characteristic, which will henceforth be denoted by p.
Let F be a finite field. Note that Z/pZ is a subfield of F; in particular, [F :
Z/pZ] = r < ∞ for some r and F has pr elements. This implies that F∗ is a
(necessarily cyclic) group with pr − 1 elements, so a p −1 = 1 for all a = 0, and
r

r
thus a p − a = 0 for all elements a in F.
Another useful fact to remark is that the algebraic closures of F and Z/pZ must
coincide, because F is a finite extension of Z/pZ.
r
Now, consider the polynomial x p − x; having fixed an algebraic closure Ω of
Z/pZ, we find that the field F is the set of all roots of this polynomial in Ω. We
r
also know that x p − x has no multiple roots by the derivative criterion, and thus
Remark 4.23 yields a proof of
Theorem 6.16 Given a prime p and a natural number r, there exists a field with
r
pr elements, which is the splitting field of the polynomial x p − x in some algebraic
closure Ω of Z/pZ. It is the unique subfield of Ω having p elements.
r

Having fixed an algebraic closure Ω, we denote by Fpr its unique subfield with pr
elements. It is customary to set q = pr , and from here on we will make frequent
use of this convention, even without saying so explicitly.
Lest any confusion arise, remark that Fp  Z/pZ but that in general Fq is not
isomorphic to Z/qZ if r is greater than 1; indeed, Z/qZ is not even a field: the class
p + qZ is a zero divisor.
The uniqueness of the splitting field implies
Corollary 6.17 Any two finite fields with the same number of elements are isomor-
phic.
Inside Ω we have all of the fields Fpr , where r takes all possible natural values.
The next proposition states that the relation of inclusion between these subfields
mimics the relation of divisibility between integers.
Proposition 6.18 We have the inclusion Fpr ⊆ Fps if and only if r divides s.
We shall now discuss splitting fields of polynomials over finite fields. Let f (x)
be an irreducible polynomial of degree r in Fq [x] and let a be a root of f (x) in an
algebraic closure Ω of Fp . Since f (x) is irreducible, Fq (a) has degree r over Fq .
6 Fields 51

But there is only one subfield of Ω with q r elements, so Fq (a) contains all the roots
of f (x). We therefore have
Proposition 6.19 Given an irreducible polynomial f (x) ∈ Fq [x] of degree r and a
root a of f (x) in some algebraic closure, the field Fq (a) = Fq r is the splitting field
of f (x).
As a corollary, we obtain a description of the splitting field of any polynomial.
Corollary 6.20 Given a polynomial f (x) with coefficients in Fq such that

f (x) = f1 (x)f2 (x) · · · fk (x)

where the factors are irreducible, the splitting field of f (x) is Fq m , where
m is the least common multiple of the degrees of the irreducible factors
f1 (x), f2 (x), . . . , fk (x).
We shall now discuss an application of the theory developed so far: given a
natural number n and a prime p, we shall study the splitting field of the polynomial
e
x n − 1 over Fp . If n = pe · n , where p does not divide n , then x n − 1 = (x n − 1)p
e
by Theorem 6.1, so the polynomials x n − 1 and (x n − 1)p have the same splitting
field. We can therefore assume without loss of generality that p does not divide n.
The following simple remark is of fundamental importance:
Remark 6.21 Let n be an integer that is not divisible by p and let Ω be an algebraic
closure of Fp . The roots of the polynomial x n − 1 form a cyclic subgroup of order
n of Ω ∗ .
Consequently, the polynomial x n − 1 factors in Fpr if and only if F∗pr contains an
element of order n, that is, if and only if n divides pr − 1. Therefore, we have
Theorem 6.22 (Cyclotomic Extensions in Positive Characteristic) Let n be an
integer that is not divisible by the prime p. The splitting field of x n − 1 is Fpr , where
r is the order of p in the multiplicative group (Z/nZ)∗ .
We now move on to another application. Studying the solvability of quadratic
equations in Fp is already quite interesting from a mathematical standpoint; the fact
that this was the first case to be tackled also makes it of some historical interest.
If p = 2 then the only quadratic polynomials are: x 2 , x 2 + 1 = (x + 1)2 ,
x + x = x(x + 1) and x 2 + x + 1. Among these, only the last one, which has no
2

roots, is irreducible. From now on, we will assume that p = 2.

The well-known quadratic formula still holds in Fp if p = 2: the solutions of the
equation ax 2 + bx + c = 0 are
√
−b ± Δ
2a

if Δ = b2 − 4ac is a square in Fp , and there are no solutions in Fp otherwise.

The problem is thus that of determining which a ∈ Fp are squares (the quadratic
52 1 Theory

residues) and which are not (the quadratic non-residues). In order to do this, we
introduce the Legendre symbol
  
a +1 if a is a quadratic residue,
F∗p a −→ =
p −1 if a is a quadratic non-residue.

It is easy to determine whether or not −1 is a quadratic residue; we have

 
−1 p−1
= (−1) 2
p

for all odd primes p, and clearly −1 = 1 is a quadratic residue in F2 . The proof
of this fact can be found in Preliminary
  Exercise 18. A similar, slightly more
complicated formula exists for p2 . Finally, a crucial instrument for computing
Legendre symbols is the law of quadratic reciprocity, conjectured by Euler and
Lagrange
  and proven by Gauss in 1796, which establishes a remarkable symmetry
of pq when p and q are both odd primes.

7 Preliminary Exercises

This section contains several preliminary exercises, which are meant to be solved
before those taken from exam papers. Their statements and the techniques used in
their solutions will often serve as useful tools to solve later exercises.
Exercise 1 Let X be a nonempty finite set. Show that the number of subsets of
X whose cardinality is even is the same as the number of subsets of X whose
cardinality is odd.
Solution 1 We shall prove this by induction on the cardinality n of the set X. The
base case is n = 1, where the only subset of even cardinality is the empty set and
the only subset of odd cardinality is X itself. So the claim does hold for n = 1.
Assume that the statement holds for |X| = n; we shall prove it for |X| = n + 1.
A set X of n + 1 elements can be written in the form X = Y ∪ {z}, where Y is a
set of n elements and z ∈ Y . The subsets A of X are of two types: either z ∈ A or
z ∈ A. In other words, any subset A of X is of the form A = B ∪ Z, where B is a
subset of Y and Z = ∅ or Z = {z}.
It is clear that the cardinality of A is even in the following two cases: if B has
even cardinality and Z = ∅, or B has odd cardinality and Z = {z}. The induction
hypothesis implies that each case covers 2n−1 subsets, so we have 2 · 2n−1 = 2n
subsets of even cardinality. Since 2n = 12 · 2n+1 is half of the total number of
subsets of X, the number of subsets of even cardinality is the same as the number of
subsets of odd cardinality.
7 Preliminary Exercises 53

Solution 2 Let us count the subsets of X according to their cardinality and use the
binomial expansion
n  
n k n−k
(a + b) =
n
a b .
k
k=0

If we set a = 1 and b = −1 we get

n  
n
0 = 0n = (1 − 1)n = (−1)n−k .
k
k=0

The sum of the binomial coefficients with even k in the expression above, which
corresponds to the number of subsets of even cardinality, is the same as the sum of
those with odd k, which corresponds to the number of subsets of odd cardinality.
Exercise 2 Find the number of permutations σ of {1, . . . , n} such that σ (x) = x
for all x ∈ {1, . . . , n}.
Solution The best way to solve this exercise is via the inclusion-exclusion principle.
The total number of permutations of {1, . . . , n} is n!. We shall count permutations
σ that do not satisfy the requirement, that is, permutations such that there is x for
which σ (x) = x. The correct answer will be the difference between n! and the
number obtained.
For i = 1, 2, . . . , n, let Pi be the set of permutations σ of {1, . . . , n} such that
σ (i) = i. What we wish to find is the number of elements in P1 ∪ · · · ∪ Pn , that is,
permutations for which some x is such that σ (x) = x.
We compute the cardinality |P1 ∪· · ·∪Pn | using the inclusion-exclusion principle.
For i = 1, . . . , n (that is, for each of n possible values) the cardinality of Pi is
(n − 1)!, because the permutations σ in Pi are such that σ (i) = i and all elements
j = i can be permuted with no constraints. 
For each pair {i, j } ⊆ {1, . . . n} (that is, in each of n2 cases) the cardinality of
Pi ∩ Pj is (n − 2)!, because every σ ∈ Pi ∩ Pj satisfies σ (i) = i and σ (j ) = j , but
the other n − 2 elements can be permuted with no constraints.
Applying this argument to all possible intersections of the Pi ’s, one gets the
formula
   
n n
|P1 ∪ · · · ∪ Pn | = n(n − 1)! − (n − 2)! + (n − 3)! + · · ·
2 3
   
n n
· · · + (−1)n−2 1! + (−1)n−1 0!
n−1 n
 
1 1 1 n−1 1
= n! − + + · · · + (−1) .
1! 2! 3! n!
54 1 Theory

The cardinality we want is therefore given by the difference

   
1 1 n 1 1 1 1 1 n 1
n! − + · · · + (−1) = n! − + − + · · · + (−1) .
2! 3! n! 0! 1! 2! 3! n!

[[This exercise has a fascinating alternative formulation, known as the matching problem.
Suppose someone gives a secretary the task of mailing n letters to n different addresses, without
telling them which letter has to go to which address. What is the probability that no letter is mailed
to the correct address?
It is known that the series
∞
1
(−1)k
k!
k=0

converges to the value 1/e, where e is Euler’s number. Therefore, the probability we are
considering tends to the limit 1/e for large n. ]]

Exercise 3 Let X be a set of m elements and let Y be a set of n elements. Find the
number of surjective maps X −→ Y .
Solution Again, we will use the inclusion-exclusion principle. The total number of
maps from X to Y is nm . We shall find the number of maps that are not surjective
and then take the difference to obtain the number of surjective maps.
Let Y = {y1 , . . . , yn }. A map f : X → Y is not surjective if there is at least
one element yi ∈ Y that does not belong to its image. In other words, the set of
non-surjective maps f : X → Y is the union of the sets F1 , . . . , Fn , where Fi is the
set of maps whose image does not contain yi .
The cardinality of each set Fi (there are n such sets, one for each value of i) is
the number of maps from X to the set Y \ {yi } and therefore equal to (n − 1)m . The
cardinality of each of the n2 sets Fi ∩ Fj is the number of maps from X to the set
Y \ {yi , yj }, that is, (n − 2)m , and so on. In conclusion, we have
   
n n
|F1 ∪ · · · ∪ Fn | = n(n − 1)m − (n − 2)m + · · · + (−1)n−1 1m
2 n−1

and therefore the number of surjective maps is given by the difference

   
n n
nm − n(n − 1)m + (n − 2)m + · · · + (−1)n 1m .
2 n−1

[[It is interesting and nontrivial to note that for m < n the formula above gives a result of zero,
that is, it confirms that there are no surjective maps f : X → Y . ]]

Exercise 4 Let n and k be positive integers. Find the number of solutions of the
equation

x1 + · · · + xk = n ,

where all xi ’s are positive integers.

7 Preliminary Exercises 55

Solution There is a bijective correspondence between solutions (x1 , . . . , xk ) of the

equation above and k-tuples (y1 , y2 , . . . , yk ) constructed as

y1 = x1
y2 = x1 + x2
..
.
yk−1 = x1 + x2 + · · · + xk−1
yk = x1 + x2 + · · · + xk = n.

Since y1 < y2 < · · · < yk = n and yk is fixed, the desired k-tuples  are as many
as the subsets {y1 , . . . , yk−1 } of the set {1, . . . , n − 1}, that is, n−1 . The answer is
n−1 k−1
therefore k−1 .
[[There are many possible variants of this exercise and all of them can be solved by similar
methods. For example, one can consider the equation

x1 + · · · + xk ≤ n .

In this case, the k-tuples {y1 , . . . , yk } no longer need to satisfy the requirement that yk = n, so
they correspond to the subsets of k elements of a set of n elements, and thus there are nk of them.
One can also consider the solutions of the equation

x1 + · · · + xk = n ,

where the xi ’s are non-negative integers. Setting yi = xi + 1, we find that yi > 0 and that, since
each yi is increased by 1 with respect to the previous construction, the sum y1 +. . .+yk is increased
by k, that is,

y1 + · · · + yk = n + k .
n+k−1
Therefore, the number of solutions in this case is k−1 . ]]

Exercise 5 Find the number of positive divisors of the positive integer n in terms
of its prime factorisation.
Solution Let n = p1a1 · · · pkak be the factorisation of n as a product of powers of
distinct primes p1 , . . . , pk . Any divisor d of n will factor as d = p1b1 · · · pkbk where
the integers bi satisfy the inequality 0 ≤ bi ≤ ai . So there are ai +1 possible choices
for each exponent bi , and thus the number of positive divisors of n is


k
(a1 + 1) .
i=1

Exercise 6 Let n be a positive integer, let p be a prime and, given a real number
x, let x be the integer part of x, that is, the largest integer m such that m ≤ x.
56 1 Theory

Show that
∞  
n
ph
h=0

is the power of p that exactly divides n!.

Solution First of all, remark that the sum above has a finite number of nonzero
terms, as clearly we have pnh < 1 and thus  pnh  = 0 for h large enough.
Instead of counting the number of times that p divides each integer k with 1 ≤
k ≤ n, for each h we count the number of integers between 1 and n that are divisible
by ph . Summing the quantities obtained in this way, the integer k contributes 1 for
each integer h such that ph | k, that is, it is counted as many times as the exponent
of the largest power of p that divides it.
For each h, the number of integers k with 1 ≤ k ≤ n such that ph | k is equal to
 
n
ph

so, by the trick described, the desired formula follows.

Exercise 7 Let a, b, c be integers, with a, b not both zero. Describe the set of
solutions (x, y) ∈ Z2 of the equation ax + by = c.
Solution Let us first determine for which integers c the equation has at least one
solution. From Bézout’s identity, we know that there exists a pair (x0 , y0 ) of integers
such that ax0 + by0 = m, where m = (a, b) is the greatest common divisor of a
and b. If c is a multiple of m, say c = km, then multiplying this identity by k yields
a(kx0) + b(ky0) = km = c, so the equation has a solution.
Conversely, assume that the equation has a solution (x1 , y1 ). Then ax1 + by1 = c
and, since m | a and m | b, we have that m must also divide c. In conclusion, the
equation has at least a solution if and only if (a, b) | c.
Now assume that (a, b) | c and write a = ma1 , b = mb1 , c = mc1 , so that
(a1 , b1 ) = 1. By simplifying, we get the equation a1 x + b1 x = c1 . We can produce
a solution (x0 , y0 ) of the equation a1 x + b1 y = 1 using Euclid’s algorithm; we then
have a particular solution of ax1 + by1 = c1 : for example, (x, y) = (c1 x0 , c1 y0 ).
Letting (x , y ) be any solution of ax1 + by1 = c1 , by subtracting the two equations

a 1 x + b 1 y = c1
a 1 x 0 + b 1 y 0 = c1

we get

a1 (x − x0 ) = b1 (y0 − y ).
7 Preliminary Exercises 57

Since (a1 , b1 ) = 1, this implies a1 | y0 − y and b1 | x − x0 . So we can write x −

x0 = kb1 for some integer k, and necessarily y − y0 = −ka1. On the other hand,
substituting the values

x = x0 + kb1 , y = y0 − ka1

into the original equation, it is easy to see that it is satisfied.

The general solution is therefore given by

x = x0 + kb1
y = y0 − ka1 .

Exercise 8 Let m/n be a rational number with (m, n) = 1 and with n = 2e 5f n

for some integer n such that (10, n ) = 1. Show that the decimal expansion of m/n
is eventually periodic with a transient of length max{e, f }.
Solution Since (n , 2e 5f ) = 1, the linear Diophantine equation

2e 5f x + n y = m

has a solution. Let (a, b) be one such solution; since (m, n) = 1, we necessarily
have (a, n ) = (b, 2e 5f ) = 1. Dividing by n, we get

a b m
+ e f = .
n 2 5 n

We perform the Euclidean division of a by n and obtain a = sn + r. Note that

(r, n ) = 1. The digits after the decimal point of a/n are exactly the same as those
of r/n . Remember that, with the usual process of division, the (i + 1)th digit after
the decimal point in r/n is completely determined by the remainder of the division
of 10i r by n .
Since (10, n ) = 1, the sequence (10i )i is eventually periodic modulo n ; in fact,
it is periodic, that is, it has no preperiodic part, and its period is the multiplicative
order h of 10 modulo n . Multiplying by r, we find that the sequence (10i r)i is also
periodic modulo n , with a period h that divides h. If we set r to be the inverse of
r modulo n , the sequence (10i rr )i is periodic modulo n , so the period h divides
h . It follows that h = h.
Now, set k = max{e, f }; the number β = b/2e 5f can be written as b /10k , with
b ∈ Z, and has exactly k digits after the decimal point, because 10k β ∈ Z, whereas
10k−1 β ∈ Z.
Sum a/n and β: the former has a periodic decimal expansion and the latter has
exactly k digits after the decimal point in its decimal expansion. Therefore, their
sum has a transient of length k after the decimal point, and then the digits will
repeat periodically.
58 1 Theory

Exercise 9 Let g be an element of order n in a group. Show that for each positive
integer k the order of g k is n/(k, n).
m
Solution Given a positive integer m, we have (g k ) = e if and only if km ≡
0 (mod n), that is, if and only if m ≡ 0 (mod n/(k, n)). Therefore, the smallest
m
positive integer m such that (g k ) = e is n/(k, n).
Exercise 10 Show that if an Abelian group contains an element of order m and an
element of order n then it contains an element of order [m, n].
Solution Let G be an Abelian group as in the statement, let g ∈ G be an element
of order m and let h ∈ G be an element of order n. First, assume that (m, n) = 1,
which implies [m, n] = mn; we show that z = gh has order mn. Indeed, we have
zmn = g mn hmn = e ·e = e, so ord(z) | mn. Moreover, the orders of the subgroups of
G generated by g and by h are relatively prime, so their intersection consists of the
identity only. If zk = e, that is, if g k hk = e, then g k = h−k and thus g k = h−k = e.
It follows that m | k and n | k, hence mn | k, that is, mn | ord(z).
Now we deal with the general case: assume that the prime factorisations of m
and n are
 
m= pμp , n= p νp ,
p p

!
hence [m, n] = p pγp , where γp = max{μp , νp }. For each prime p, we have that
pγp divides the order of g (if μp ≥ νp ) or the order of h (if μp < νp ), so there must
be an element zp of order pγp in! the subgroup generated by g or in the subgroup
generated by h. The element z = p zp has order [m, n].
Exercise 11 Let p be a prime and k be a positive integer. For each a with 0 ≤ a ≤
k, find the number of subgroups of order pa of the additive group (Z/pZ)k .
Solution The group G = (Z/pZ)k has a natural vector space structure over Fp , as
the multiplication by scalars can be defined in term of the group addition: we set
λ · x = x + · · · + x, with λ copies of the summand. Analogously, every subgroup
of G has a natural vector space structure. Listing the subgroups of G of order pa is
therefore equivalent to listing the vector subspaces of (Z/pZ)k of dimension a.
Each a-tuple (v1 , . . . , va ) of linearly independent vectors generates a subspace
of dimension a. The number of ordered a-tuples of linearly independent vectors
is (pk − 1)(pk − p) · · · (pk − pa−1 ): we have pk − 1 choices for the vector v1
(all nonzero vectors), pk − p choices for v2 (all vectors but the p multiples of v1 ),
pk − p2 choices for v3 (all vectors but the p2 linear combinations of v1 and v2 ), and
so on.
On the other hand, every subspace of dimension a can be generated by an ordered
a-tuple of linearly independent vectors (v1 , . . . , va ) in (pa − 1)(pa − p) · · · (pa −
pa−1 ) different ways. Indeed, there are pa − 1 choices for v1 (all nonzero vectors in
the subspace), pa − p choices for v2 (all vectors in the subspace but the p multiples
of v1 ), and so on.
7 Preliminary Exercises 59

It follows that the number of subspaces of dimension a of (Z/pZ)k , and thus the
number of subgroups of order pa , is

(pk − 1)(pk − p) · · · (pk − pa−1 )

.
(pa − 1)(pa − p) · · · (pa − pa−1 )

[[Notice that the argument of the solution implies that the fraction above is always an integer.
Moreover, if we replace a with k − a, it is not difficult to show that the formula gives the same
result. An interpretation of this symmetry is that there is a bijective correspondence pairing each
subspace with its orthogonal subspace, and if a subspace has dimension a, then its orthogonal has
dimension k − a. ]]

Exercise 12 Find all possible orders of elements in S3 and describe its subgroups.
Solution The group S3 has six elements, so their orders must divide 6. We know
that S3 is not Abelian, so it does not have elements of order 6: if it did, it would not
just be Abelian, but cyclic.
Clearly the neutral element, that is, the identity permutation, has order 1. The
three transpositions (12), (13) and (23) have order 2 and the 2 three-cycles (123) and
(132) have order 3. We have listed six different permutations, so we have exhausted
the elements of S3 and computed the order of each of them.
Now, let G be a subgroup of S3 . If G has order 1 or 6 then it is the trivial subgroup
or S3 , respectively. Since by Lagrange’s theorem the order of G must be a divisor
of 6, there are only two other possibilities: either G has order 2 or G has order 3.
If G has order 2 then it contains the neutral element and one transposition.
Therefore, there are three subgroups of order 2: {e, (12)}, {e, (13)} e {e, (23)}.
If G has order 3 then it contains the neutral element and two elements of order
3: it must therefore be G = {e, (123), (132)}. This completes the description of all
subgroups of S3 .
Exercise 13 Given a cyclic group G, describe the homomorphisms from G to itself
and the group of automorphisms of G.
Solution We use the additive notation for G and let g be some fixed generator of G.
First of all, we show that the choice of g induces a bijective correspondence between
elements of G and homomorphisms from G to itself.
Indeed, given an element h of G, let ϕh be the map given by ϕh (ng) = nh.
Remark that, since g is a generator, we must have h = kg for some k ∈ Z; so if
ng = 0 then we also have nh = nkg = kng = k · 0 = 0. This shows that ϕh is
well defined. Moreover, we have ϕh (ng + mg) = ϕh ((n + m)g) = (n + m)h =
nh + mh = ϕh (ng) + ϕh (mg) and so ϕh is a homomorphism.
On the other hand, given an homomorphism ϕ from G to itself, it is clear that
ϕ = ϕh for h = ϕ(g). This concludes the proof that the set of homomorphisms
from G to itself is in bijection with G.
Let us now describe the automorphisms of G. Since Im(ϕh ) = h, the
homomorphism ϕh is surjective if and only if h is a generator of G.
60 1 Theory

If G is infinite then by the structure theorem for cyclic groups we have G  Z,

so the only generators of G are g and −g. In particular, for h = g and h = −g
we have ϕh2 = IdG ; this shows that ϕg and ϕ−g are automorphisms and the map
Z/2Z  {±1} k −→ ϕkg ∈ Aut(G) is a group isomorphism.
Finally, assume that G is finite, in which case any surjective homomorphism from
G to itself is also injective. In particular, since the generators of Z/nZ are the classes
k such that (k, n) = 1, we find that the map (Z/nZ)∗ k −→ ϕkg ∈ Aut(G) is an
isomorphism.
Exercise 14 Describe the nilpotent elements in Z/nZ in terms of the prime
factorisation of n.
e
Solution Let n = p1e1 · · · pkk be the prime factorisation of n, where p1 , . . . , pk
are distinct and ei > 0 for i = 1, . . . , k. A nilpotent element x ∈ Z/nZ is the
residue class of an integer x for which there is a positive integer m such that x m ≡ 0
(mod n), that is, n | x m .
Since pi | n for i = 1, . . . k, we must have pi | x m and thus (by definition of a
prime) pi | x. Conversely, if p1 | x, . . . , pk | x, which implies p1 · · · pk | x, then we
have n | x m for m ≥ max{e1 , . . . , ek }.
In conclusion, the nilpotent elements of Z/nZ are the classes represented by
multiples of p1 · · · pk .
Exercise 15 Let K be a field of characteristic different from 2. Show that
√
extension of K of
(i) every √ √ K( a) for
√degree 2 is of the form √ some a ∈ K;
(ii) if [K( a) : K] = [K( b) : K] = 2, then K( a) = K( b) if and only if ab is
the square of an element of K.
Solution
(i) An extension F of K of degree 2 is of the form F = K(α) for some algebraic
element α whose minimal polynomial over K has degree 2. Suppose that the
minimal polynomial of α over K is μα (x) = x 2 +rx +s. Since the characteristic
of K is not 2, the solutions of the equation μα (x) = 0 can be computed using
the quadratic formula
√
−r ± r 2 − 4s
x1 , x2 = ,
2

because 2 is invertible in K. It is now

√clear that, setting a = r −4s, the solutions
2

√ in K( √a) and, conversely, a is contained in K(α).

of the equation are contained
(ii) We first show that if K( a) = K( √ b) then√ab is the square of an element of
K. Since in
√ particular we
√ have K( a) ⊆ K( b), there exist elements c, d ∈ K
such that a = c + d b. By squaring we obtain
√
a = c2 + d 2 b + 2cd b.
7 Preliminary Exercises 61

√
By the linear independence over K of the elements 1 and b and because the
characteristic of K is different from 2, we must have cd = 0, so c = 0 or d = 0.
If c = 0 then a = d 2 b, hence ab = d 2 b2 as wanted. √ If d = 0 then a = c ,
2

which contradicts the assumption that the degree [K( a) : K] is 2.

Conversely, suppose ab is the square of an element √ of K, that is, ab = 2
√ c for
some c ∈ K. By hypothesis, a and b are nonzero, so a = ± √ ∈ K( b) and
c
√ √ b
b = ± √ca ∈ K( a).

Exercise 16 For each positive integer k, let fk (x) = x k − 1 ∈ Q[x]. Show that for
all m, n > 0 the greatest common divisor of fm (x) and fn (x) is fd (x), where d is
the greatest common divisor of m and n.
Solution Let d = (n, m); assume m = da and n = db. Clearly,

x d ≡ 1 (mod x d − 1),

and raising both sides of the congruence to the ath power and to the bth power
we get x m ≡ (x d )a ≡ 1 (mod x d − 1) and x n ≡ (x d )b ≡ 1 (mod x d − 1), so
x d − 1 | (x m − 1, x n − 1).
Conversely, let f (x) = (x m − 1, x n − 1). Each root α ∈ C of f (x) is both a root
of x m − 1 and a root of x n − 1, so α m = α n = 1. This implies that the multiplicative
order of α divides both m and n, so it divides their greatest common divisor d. In
other word, every root of f (x) is also a root of x d − 1. By the derivative criterion
for multiple roots, all roots of x m − 1 are simple, so the same is true for f (x); we
thus obtain that f (x) | x d − 1. Therefore, f (x) and x d − 1 divide each other, which,
since they are both monic, implies that they coincide.
Exercise 17 Let f (x) = x 2 + a be a polynomial with rational coefficients and let
f (x) be its class in the ring Q[x]/(x 3 − x 2 ). Find the values of a for which f (x) is
invertible and compute its inverse.
Solution . We know that the class of f (x) is invertible in A = Q[x]/(x 3 − x 2 ) if
and only if the greatest common divisor of f (x) and x 3 − x 2 is 1. Since x 3 − x 2 =
x 2 (x − 1), the two polynomials are coprime if and only if 0 and 1 are not roots of
f (x). We therefore impose the conditions f (0) = a = 0 and f (1) = a + 1 = 0: the
class f (x) is invertible in A if and only if a = 0, −1, whereas if a = 0 or a = −1
then it is a zero divisor.
Suppose a = 0, −1; we use Euclid’s algorithm to compute the inverse of f (x).
We have

x 3 − x 2 = (x 2 + a)(x − 1) − a(x − 1)

1 1
x 2 + a = a(x − 1)( x + ) + a + 1
a a
62 1 Theory

from which we obtain

1 1 1 1
a +1 = (x 2 +a)−a(x −1)( x + ) = (x 2 +a)(1− (x 2 −1))+ (x +1)(x 3 −x 2 )
a a a a
and thus
 
1 1
(x 2 + a) − x2 + ≡ 1 (mod x 3 − x 2 ).
a(a + 1) a

We conclude that the inverse of f (x) in A is the class of

1 1
− x2 + .
a(a + 1) a

Exercise 18 Let p be a prime different from 2. Show that

(i) the elements a ∈ F∗p that are squares form a subgroup of F∗p of order (p −1)/2;
(ii) the Legendre symbol
 
a
F∗p a −→ ∈ {±1}
p

is a surjective group homomorphism, and in particular the product of two non-

squares is a square;
(iii) −1 is the square of an element in F∗p if and only if p ≡ 1 (mod 4), that is, we
have
 
−1 p−1
= (−1) 2 .
p

Solution
f
(i) The map F∗p a −→ a 2 ∈ F∗p is clearly a homomorphism, because f (ab) =
(ab)2 = a 2 b2 = f (a)f (b). The kernel of f is the set {a ∈ F∗p | a 2 = 1}.
Since Fp is a field, the only solutions of x 2 = 1 are ±1, so Ker(f ) = {±1}. By
the fundamental homomorphism theorem, the image of f is thus a subgroup
of F∗p of order (p − 1)/2. Since Im(f ) is the set of squares F∗p , we have shown
the required statement.
(ii) We saw above that the subset Q of all squares in F∗p is a subgroup of order
(p − 1)/2. The quotient F∗p /Q has therefore two elements, and the composite
map F∗p −→ F∗p /Q −→ {±1} is a group homomorphism. The result of the
composition is clearly
 
a
F∗p a −→ ∈ {±1}.
p
7 Preliminary Exercises 63

We thus find that the Legendre symbol is multiplicative and, in particular, that
the product of two non-squares is a square.
(iii) Assume that there exists a ∈ F∗p such that a 2 = −1. We have a 4 = (−1)2 = 1,
so the order of a must be a divisor of 4; on the other hand, it cannot be less than
4 because a 2 = −1 = 1. It follows that 4 must divide the order of the group,
that is, 4 | p − 1.
Conversely, suppose 4 | p − 1. Since F∗p is a cyclic group of order p − 1, F∗p
has a subgroup of order d for each divisor d of p − 1. In particular, F∗p has a
cyclic subgroup of order 4 and thus an element a of order 4. But, if a has order
4, then b = a 2 = 1 and b2 = a 4 = 1, which implies b = −1 because −1 is
the only element of order 2 in F∗p .
Exercise 19 Factor x 8 − 1 in K[x] for K = C, R, Q, F17 and F43 .
Solution Remark that, if a field K is contained in a field F, then any factorisation
of a polynomial in K[x] is also valid in F[x]; in particular, the factorisation of the
polynomial in F[x] refines its factorisation in K[x]. In other words, the factorisation
in K[x] is obtained by possibly grouping together some of the factors in F[x].
Moreover, remark that every factorisation of a polynomial in Z[x] is also valid
in (Z/mZ)[x] for every positive integer m.
By the fundamental theorem of algebra, the polynomial x 8 − 1 factors in C[x]
as a product of eight linear factors, which correspond to eighth roots of unity. If we
denote by ζ a primitive eighth
√ root of unity (that is, one of order exactly 8, such as
for example ζ = (1 + i)/ 2), the factorisation of x 8 − 1 in C[x] is


7
x8 − 1 = (x − ζ h ).
h=0

Every polynomial with real coefficient having a complex root also has its complex
conjugate as a root. Therefore, from the factorisation in C[x] we can obtain the
factorisation in R[x] by preserving the factors x − 1 e x + 1 and pairing together the
factors that correspond to complex conjugate roots. We obtain
√
(x − ζ )(x − ζ −1 ) = x 2 − 2x + 1,
(x − ζ 2 )(x − ζ −2 ) = x 2 + 1,
√
(x − ζ 3 )(x − ζ −3 ) = x 2 + 2x + 1.

Therefore, the factorisation of x 8 − 1 in R[x] is

√ √
x 8 − 1 = (x − 1)(x + 1)(x 2 − 2x + 1)(x 2 + 1)(x 2 + 2x + 1).

The factors x − 1, x + 1 and x 2 + 1 have rational coefficients

√ and are irreducible
√ in
R[x], so they are irreducible in Q[x]. The factors x 2 − 2x + 1 and x 2 + 2x √+
1, which do not have rational coefficients, must be grouped together: (x 2 − 2x
64 1 Theory

√
+ 1)(x 2 + 2x + 1) = x 4 + 1. Therefore, the factorisation of x 8 − 1 in Q[x] is

x 8 − 1 = (x − 1)(x + 1)(x 2 + 1)(x 4 + 1).

By Gauss’s lemma, a primitive polynomial is irreducible in Z[x] if and only if it

is irreducible in Q[x], so the factorisation of x 8 − 1 in Z[x] coincides with that in
Q[x].
Now consider the field K = F17 . The multiplicative group of K is cyclic of order
16, so it has a unique cyclic subgroup of order 8. An element α ∈ K∗ belongs to
this subgroup if and only if α 8 = 1; so the polynomial x 8 − 1 has eight roots in
F17 , namely, the elements of this cyclic subgroup. Simple calculations show that a
generator of this cyclic group is given by the class of 2 modulo 17. This yields the
factorisation

x 8 − 1 = (x − 2)(x − 4)(x − 8)(x + 1)(x + 2)(x + 4)(x + 8)(x − 1).

Finally, consider the case of K = F43 . Given the factorisation in Z[x], we

certainly can write x 8 −1 = (x −1)(x +1)(x 2 +1)(x 4 +1) in F43 [x]. The polynomial
x 2 + 1 is still irreducible over K: it has no roots in K because any root would have
order 4 in K∗ , but 4 does not divide 42, which is the order of K∗ .
The polynomial x 4 +1 also has no roots, since a root would have order 8. Remark,
however, that the order of F∗432 is divisible by 8, so it contains all roots of x 8 − 1.
The degree of the splitting field of a polynomial with coefficients in a finite field is
the least common multiple of the degrees of its irreducible factors, so the irreducible
factors of x 4 + 1 must have degree 2.
In order to explicitly compute the factorisation, we write

x 4 + 1 = (x 2 + ax + b)(x 2 + cx + d)

which needs to be satisfied for some a, b, c, d ∈ K. Equating the corresponding

coefficients on the two sides we obtain
⎧
⎪
⎪ a+c =0
⎪
⎪
⎨b + ac + d = 0
⎪ad + bc = 0
⎪
⎪
⎪
⎩
bd = 1

and, substituting c = −a,

⎧
⎪
⎨b + d − a = 0
⎪ 2

a(d − b) = 0
⎪
⎪
⎩bd = 1.
7 Preliminary Exercises 65

The second equation of this system implies that a = 0 or d = b. If a = 0 then

b + d = 0 and bd = 1, that is, (x − b)(x − d) = x 2 + 1; but, as seen before, the
equation x 2 + 1 has no roots in K, so this case yields no solutions. If d = b then we
get 2b − a 2 = 0 and b2 = 1, that is, b = ±1 and a 2 = ±2.
Note that 27 = 128 ≡ −1 (mod 43), hence (−2)8 ≡ −2 (mod 43) and so
a = ±16 is a solution of the system and we have d = b = 1 and c = ∓16. These
values yield the factorisation x 4 + 1 = (x 2 + 16x − 1)(x 2 − 16x − 1). It is now clear
that there is no solution such that b = −1, which would imply a 2 = 2, since there
cannot be four factors of degree 2 of the polynomial x 4 + 1 by unique factorisation.
In conclusion, the factorisation of x 8 − 1 in F43 [x] is

x 8 − 1 = (x − 1)(x + 1)(x 2 + 1)(x 2 + 16x − 1)(x 2 − 16x − 1).

[[We can also show that a2 = 2 has no solutions in F43 in the following way. From the fact
that 27 ≡ −1 (mod 43) we find that the order of 2 in F∗43 is 14. But then 2 is not a square in
F43 , because the nonzero squares form the image of F∗43 x −→ x 2 ∈ F∗43 , which has order
(43 − 1)/2 = 21, not divisible by 14.]]

Exercise 20 Let K be a field and let f (x) = an x n +· · ·+a0 ∈ K[x] be a polynomial

of degree n; we call the reciprocal polynomial of f (x) the polynomial fˆ(x) =
a0 x n + · · · + an . Show that if f (0) = 0 then f (x) is irreducible in K[x] if and only
if fˆ(x) is irreducible in K[x].
Solution For this solution, we shall assume that all polynomials mentioned have a
nonzero constant coefficient.
First of all, remark that fˆ(x) = x n f (1/x) with n = deg f ; it follows
immediately that the reciprocal polynomial of f (x)g(x) is fˆ(x)ĝ(x). Moreover,
ˆ
deg(fˆ(x)) = deg(f ) and fˆ(x) = f (x).
The statement we need to prove is equivalent to the following: f (x) is reducible
in K[x] if and only if fˆ(x) is reducible in K[x]. Suppose that f (x) is reducible and
factors as f (x) = g(x)h(x); we then have that fˆ(x) = ĝ(x)ĥ(x) is also reducible.
The opposite implication is a consequence of fˆˆ(x) = f (x).
Exercise 21 Find all irreducible polynomials of degree up to 5 in F2 [x].
Solution The polynomials of degree 1 are clearly irreducible; they are x and x + 1.
Remark that the only roots a polynomial can have in F2 = Z/2Z are 0 and 1.
Now, a polynomial has 0 as a root if and only if its constant coefficient is zero, and
it has 1 as a root in F2 if and only if it is the sum of an even number of monomials.
Since polynomials of degree 2 or 3 are irreducible if and only if they have no roots,
it follows from our remark that the irreducible polynomials of degree 2 or 3 are
those with constant coefficient 1 and with an odd number of monomials, namely,
x 2 + x + 1, x 3 + x + 1 and x 3 + x 2 + 1.
A polynomial of degree 4 or 5 is irreducible if it has no roots and no irreducible
factors of degree 2. Because of our argument above, the polynomials of degree 4
that have no roots are x 4 + x 3 + x 2 + x + 1, x 4 + x 3 + 1, x 4 + x + 1 and x 4 + x 2 + 1.
66 1 Theory

In order to find which of them are irreducible we need to exclude those that factor
as a product of irreducible polynomials of degree 2. Since there is only one such
polynomial, the only polynomial we need to exclude is (x 2 + x + 1)2 = x 4 + x 2 + 1.
Therefore, the irreducible polynomials of degree 4 are x 4 +x 3 +x 2 +x+1, x 4 +x 3 +1
and x 4 + x + 1.
We can argue in a similar way for polynomials of degree 5: those with no roots
have constant coefficient 1 and an odd number of monomials. In order to obtain the
irreducible ones, we need to exclude those that factor as a product of x 2 + x + 1 and
an irreducible polynomial of degree 3: these are (x 2 +x+1)(x 3 +x+1) = x 5 +x 4 +1
and (x 2 + x + 1)(x 3 + x 2 + 1) = x 5 + x + 1. The irreducible polynomials of degree
5 are therefore x 5 + x 3 + x 2 + x + 1, x 5 + x 4 + x 2 + x + 1, x 5 + x 4 + x 3 + x + 1,
x 5 + x 4 + x 3 + x 2 + 1, x 5 + x 3 + 1 and x 5 + x 2 + 1.
Exercise 22 Find the number of irreducible polynomials in F2 [x] of degree up to
6.
Solution Denote by F2 a fixed algebraic closure of F2 . The roots in F2 of
irreducible polynomials of degree d in F2 [x] are precisely the elements of degree d
in F2 , that is, the elements of the field F2d that do not belong to any of its proper
subfields. Since an irreducible polynomial of degree d in F2 [x] has d different roots
in F2 , we can compute the number of irreducible polynomials of degree d using the
inclusion-exclusion principle. In particular, letting nd be the number of irreducible
polynomials of degree d, we find that

n1 = |F2 | = 2,

1 22 − 2
n2 = |F22 \ F2 | = = 1,
2 2
1 23 − 2
n3 = |F23 \ F2 | = = 2,
3 3
1 24 − 22
n4 = |F24 \ F22 | = = 3,
4 4
1 25 − 2
n5 = |F25 \ F2 | = = 6,
5 5
1 (26 − (23 + 22 − 2))
n6 = |F26 \ (F23 ∪ F22 )| = = 9.
6 6

Exercise 23 Factor the following polynomials in Q[x]

(i) 4x 3 + 11x 2 + 19x + 21;
(ii) x 4 + 8x 2 − 5.
Solution
(i) The polynomial f (x) = 4x 3 + 11x 2 + 19x + 21 has degree 3, so it is reducible
if and only if it has a root. Any rational root of f (x) must be of the form a/b,
7 Preliminary Exercises 67

where a is a divisor of 21 and b is a divisor of 4. The possible rational roots are

thus
1 1 3 3 7 7 21 21
±1, ± , ± , ±3, ± , ± , ±7, ± , ± , ±21, ± , ± .
2 4 2 4 2 4 2 4
By substituting these values into the polynomial, we find that f (−7/4) = 0. By
Ruffini’s theorem, f (x) is thus divisible by x + 7/4 in Q[x]. Moreover, since
f (x) has integer coefficients, by Gauss’ lemma it is divisible by the polynomial
obtained from x + 7/4 by eliminating denominators, namely, 4x + 7. If we
perform the division, we find that

4x 3 + 11x 2 + 19x + 21 = (4x + 7)(x 2 + x + 3).

Since the polynomial x 2 + x + 3 has no rational roots, the expression above is

indeed the factorisation of f (x) in Q[x].
(ii) First of all, we look for rational roots. By the same argument as above, the
only potential rational roots are ±1, ±5. Substituting these values into g(x) =
x 4 + 8x 2 − 5 we never get zero, so g(x) has no rational roots; equivalently, by
Ruffini’s theorem, g(x) has no irreducible linear factors.
As for irreducible factors of degree 2, remark that the polynomial gives a
biquadratic equation. Setting
√ y = x 2 , we find that the roots of the polynomial
y + 8y − 5 are −4 ± 21, so the roots of g(x) are
2

" " "

√ √ √
± −4 + 21, ± −4 − 21 = ±i 4 + 21.

The first two roots are real, the other two are imaginary, and they are complex
conjugates. Therefore, if g(x) has irreducible factors of degree 2 in Q[x] (which
must in particular be in R[x]), one must have both complex conjugate roots, so
it must be
" "
√ √ √
(x − i 4 + 21)(x + i 4 + 21) = x 2 + 4 + 21.

But this polynomial does not have rational coefficients, so it is not a factor of
g(x) in Q[x]. It follows that g(x) is irreducible in Q[x].
Exercise 24 Factor the polynomial x 4 + x 3 + x 2 + 1 in Q[x].
Solution By Gauss’s lemma, f (x) = x 4 + x 3 + x 2 + 1 is irreducible in Q[x]
if and only if it is irreducible in Z[x]. Any factorisation of f (x) in Z[x] yields
a factorisation modulo p (whose factors are not necessarily irreducible) for each
prime p. The class of f (x) modulo 2 factors as (x + 1)(x 3 + x + 1), with both
factors being irreducible in (Z/2Z)[x]. Consequently, either f (x) is irreducible in
Z[x], or it has a root in Z. The only possible roots are ±1, but f (±1) = 0, so f (x)
is irreducible.
68 1 Theory

Exercise 25 Find the minimal polynomial of α 2 over a field K knowing the

minimal polynomial of α.
Solution Let n be the degree of α over K. Degrees are multiplicative in towers,
hence [K(α) : K] = [K(α) : K(α 2 )][K(α 2 ) : K]. Since α satisfies the equation
x 2 − α 2 = 0 over K(α 2 ), the first of the two factors is either 1 or 2, and the second
is either n or n/2.
Let μα (x) = x n + an−1 x n−1 + · · · + a1 x + a0 be the minimal polynomial of
α over K. By separating terms of even and odd degree, we can write μα (x) =
p(x 2 ) + xd(x 2 ), where p(x 2 ) is the sum of the even degree monomials in μα (x)
and xd(x 2 ) is the sum of the odd degree monomials.
We have two cases.
1 The polynomial d(x) is zero, so μα (x) = p(x 2 ). We have p(α 2 ) = 0 and
deg p = n/2, so p(x) is the minimal polynomial of α 2 over K.
2 The polynomial d(x) is nonzero. In this case, α = −p(α 2 )/d(α 2 ), so α 2 has
degree n over K because K(α) ⊆ K(α 2 ) ⊆ K(α).
Remark that the polynomial

g(x 2 ) = (p(x 2 ) − xd(x 2 ))(p(x 2 ) + xd(x 2)) = p(x 2 )2 − x 2 d(x 2 )2

is zero when evaluated at α and has degree 2n. Therefore, g(x) is zero when
evaluated at α 2 and has degree n; moreover, its leading coefficient is (−1)n . It
follows that the minimal polynomial of α 2 over K is (−1)n g(x).
Chapter 2
Exercises

1 Sequences

1 Let a0 , a1 , a2 , . . . be the sequence defined by recurrence as

⎧
⎨a0 = 2, a1 = 3;
a + an−1
⎩an+1 = n for n ≥ 1.
6

(i) Show that for all n ≥ 2 we have an = bn /6n−1 with bn ≡ −1 (mod 6).
(ii) For each n ≥ 0, set cn = 5an + (−1)n 4/3n−1 . Show that for all n ≥ 0 we have
cn = 22 · 2−n .
2 Let a0 , a1 , a2 , . . . be the sequence defined by recurrence as

a0 = 0, a1 = 1;
an+1 = 5an − 6an−1 for n ≥ 1.

Show that
(i) (an , 6) = 1 for all n > 0;
(ii) 5 | an if and only if n is even.
3 Let a1 , a2 , a3 , . . . be the sequence defined by recurrence as

a1 = 1, a2 = 2;
an+1 = 12 an + an−1 for n ≥ 2.

(i) Show that an+1 ≥ an for all n ≥ 1.

(ii) Show that a2n+2 = 9a2n /4 − a2n−2 for all n ≥ 2.

© Springer Nature Switzerland AG 2020 69

R. Chirivì et al., Selected Exercises in Algebra, UNITEXT 119,
https://doi.org/10.1007/978-3-030-36156-3_2
70 2 Exercises

4 Consider the sequence a0 , a1 , a2 , . . . defined by recurrence as

a0 = 2, a1 = 1;
an+1 = an + an−1 for n ≥ 1.

Show that
(i) a02 + a12 + · · · + an2 = an an+1 + 2 for all n ≥ 0;
(ii) an is even if and only if n ≡ 0 (mod 3).
5 Let k > 0 be a natural number. Show that there exists a unique sequence of real
numbers a0 , a1 , a2 , . . . such that

a0 = 0, ak = 1;
an+1 = an + an−1 for n ≥ 1

and that for this sequence we have a1 = 1/Fk , where Fk is the kth Fibonacci
number.
6 Let a0 , a1 , a2 , . . . be the sequence defined by the recurrence relation

a0 = 9, a1 = 12, a2 = 38;
an+2 = 7an − 6an−1 for n ≥ 1.

(i) Find all values of n for which 3 | an .

(ii) Find all values of n for which we have an+1 > an .
7 We set inductively a0 = 31, an+1 = an3 for n ≥ 0. Show that there exists a
positive integer k such that for all n we have an+k ≡ an (mod 44) and find the
minimum such k.
8 Given k ∈ N, let a1 , a2 , a3 , . . . be the sequence of natural numbers given by

a1 = k,
an+1 = an + (202, an ) for n ≥ 1.

Show that there exists n0 ∈ N such that for all n ≥ n0 we have 202 | an.
9 Let a be an integer not divisible by 3 and let a0 , a1 , a2 . . . be the sequence defined
by

a0 = 1, a1 = a;
an+1 = 5an + 3an−1 for n ≥ 1.

Show that (an+1 , an ) = 1 for all n ≥ 1.

2 Combinatorics 71

10 For each integer n ≥ 0, set an = 3n + 5n .

(i) Find real numbers h, k such that an+1 = han + kan−1 for all n ≥ 1.
(ii) Determine whether or not there exists n such that 7 | an .
11 Let a0 , a1 , a2 , . . . be the sequence defined by

a0 = 2, a1 = 3, a2 = 5;
an+1 = an − an−1 + 2an−2 for n ≥ 2.

Show that an < an+1 for all n ≥ 0.

12 Let h, k be integers such that (h, k) = 1 and let a0 , a1 , a2 . . . be the sequence
defined by

a0 = 1, a1 = 1;
an+1 = han + kan−1 for n ≥ 1.

(i) Show that (an , an+1 ) = 1 for all n ≥ 0.

(ii) Having set h = 35 and k = 71, find the greatest common divisor of all numbers
in the set {an2 − 1 | n = 0, 1, 2, . . . }.
13 Denote by Fn , for n ≥ 0, the nth Fibonacci number. Show the following:
   n 
(i) n0 F1 + n1 F2 + · · · + n−1 Fn + nn Fn+1 = F2n+1 ;
   n 
(ii) n1 F1 + n2 F2 + · · · + n−1 Fn−1 + nn Fn = F2n .
14 Consider the sequence a1 , a2 , a3 , . . . of natural numbers defined by

a1 = 1, a2 = 4;
an+1 = an + 3an−1 for n ≥ 2.

(i) Show that there exist real constants α, β such that for all n ≥ 1
# √ $n # √ $n
1+ 13 1− 13
an = α +β .
2 2

(ii) Find all values of n for which an is even.

2 Combinatorics

15 Let X = {1, 2, . . . , n}.

(i) How many ordered triples (A, B, C) of disjoint subsets of X are such that A ∪
B ∪ C = X?
72 2 Exercises

(ii) Show that the number of ordered triples (A, B, C) of subsets of X such that
A ∪ B ∪ C = X is 7n .
16 Let X be the set of all pairs (m,n) of relatively prime integers such that 1 ≤
m, n ≤ 100. Show that |X| + 1 = 2 100 k=1 φ(k).
17 Find the cardinality of the set X = {1 ≤ n ≤ 10000 | (n, 18) = 6 and n ≡ 2
(mod 7)}.
18 Find the number of positive divisors of 340 · 525 that are congruent to 1 modulo
7.
19 Find all positive integers n such that φ(n) = 12.
20 Find the number of triples (x, y, n) of integers such that 0 ≤ x, y < 50, n ∈ N
and x + y = n2 .
21 Find all positive integers n such that
2
φ(n) = n.
5

22 For each positive integer n, let d(n) be the number of its positive divisors.
(i) Show that d(n) + φ(n) ≤ n + 1 for all positive integers n.
(ii) Find all positive integers n such that d(n) + φ(n) = n.
23 Find all natural numbers n ≤ 120 such that (n, φ(n)) = 3.
24 Find the number of ordered triples of integers (a, b, c) with the following
properties: 1 ≤ a, b, c ≤ 60, exactly two among a, b, c are even and exactly one
among a, b, c is divisible by 3.
25 Given a positive integer m, let ω(m) be the number of distinct prime factors of
m. Show that
φ(m) 1
≥ .
m ω(m) + 1

26 Find the number of integers n satisfying all of the following properties: 1000 <
n < 10000, none of the digits in the decimal representation of n is equal to 9 and at
least two digits are the same.
27 For each integer n > 0, let Sn be the set of permutations of {1, . . . , n}.
(i) Find the cardinality of the set

{f ∈ Sn | f (i) ≤ i + 1 for 1 ≤ i ≤ n}.

(ii) Show that the cardinality of the set

{f ∈ Sn | i − 1 ≤ f (i) ≤ i + 1 for 1 ≤ i ≤ n}

is given by the (n + 1)th Fibonacci number.

2 Combinatorics 73

28 Let X = {1, 2, . . . , 100}.

(i) Find the number of all subsets of X having exactly three elements, at least two
of which are congruent modulo 5.
(ii) Find the number of maps f : X −→ X such that f (n) ≡ n + 1 (mod 5) for
all n ∈ X.
29 Let X = {1, 2, . . . , 100}. Find the cardinality of the following sets:
(i) {(x, y) ∈ X2 | (xy, 6) = 1};
(ii) {(x, y) ∈ X2 | x < y + 6}.
30 Let X = {1, 2, . . . , 100}. Find the cardinality of the following sets:
(i) A = {f : X −→ X| f is injective and f 2 (x) ≡ f (x) (mod 2) ∀x ∈ X };
(ii) B = {f : X −→ X| f 2 (x) = 1 ∀x ∈ X }.
31 Find the cardinality of the following sets:
(i) X = {d ∈ N | d | 144000 and d has an even number of divisors};
(ii) Y = {d ∈ N | d | 144000 and d is a perfect square but not a perfect cube}.
32 Let X = {1, 2, . . . , 100}. Find the cardinality of the following sets:
%  &
(i) A = % A ⊆ X| ! a∈A a ≡ 0 (mod 2)& ;
(ii) B = A ⊆ X| a∈A a ≡ 0 (mod 8) .
33 Find the number of integers n, with 2 ≤ n ≤ 1000, such that φ(n) | n.
34 A single player game consists in tossing a coin indefinitely. For each coin toss,
the probability of heads is the same as that of tails. The player’s initial score is 0
and, for each toss, the player is awarded two points for tails and one point for heads.
For each k ≥ 1, let xk be the player’s score after k coin tosses.
Show that for all n ≥ 1 the probability pn that there exists k such that xk = n is
equal to

2 (−1)n
+ .
3 3 · 2n
35 For each bijection f : {1, 2, . . . , 10} −→ {1, 2, . . . , 10}, set

10
S(f ) = |f (i) − i|.
i=1

Find the number of bijections such that

(i) S(f ) = 2;
(ii) S(f ) = 3;
(iii) S(f ) = 4.
74 2 Exercises

36 Let X = {1, 2, . . . , 100}. Find the number of subsets A of X such that

(i) A has 96 elements and the sum of all elements of A is even;
(ii) A has 97 elements and the sum of all elements of A is divisible by 3.
37 Find the cardinalities of the three following sets:

A = {f : {1, . . . , 5} → {1, . . . , 100} | f (i) < f (i + 1) ∀ i = 1, 2, 3, 4},

B = {f ∈ A | ∃i with f (i + 1) > f (i) + 1},
C = {f ∈ A | f (i + 1) > f (i) + 1 ∀ i = 1, 2, 3, 4}.

38
(i) Given 4n people, how many ways are there to form n bridge teams, each
consisting of four people?
(ii) Given 4n people, 2n men and 2n women, how many ways are there to form n
bridge teams, each consisting of two men and two women?
39 Let f be a permutation of {1, 2, . . . , n}. Suppose that for all x, y ∈ {1, 2, . . . , n}
the following holds: x divides y if and only if f (x) divides f (y).
(i) Is it always true that f sends the product of any k distinct primes to the product
of k distinct primes?
(ii) Is it always true that f sends powers of a prime to powers of a prime?
(iii) If n = 10, how many possibilities are there for f ? And if n = 13?
40 Consider a deck of 40 playing cards, 10 for each of four suits—coins, swords,
clubs and cups.
(i) How many orderings of the deck are such that the cards of each suit appear in
increasing order?
(ii) How many orderings of the deck are such that all coins cards precede all swords
cards?
41 Given a positive integer n, how many subsets of {1, 2, 3, . . . , n} contain at least
three numbers of the same parity?
42 A four-colouring of Z/40Z is a map c : Z/40Z → {0, 1, 2, 3}. How many
four-colourings c : Z/40Z → {0, 1, 2, 3} are such that for all x ∈ Z we have
c(x) = c(x + 10)?
43 Consider an n × n table, each cell of which is coloured either black or white.
(i) How many colourings are such that no row is completely black or completely
white?
(ii) How many colourings are such that each row and each column contains exactly
one black cell?
(iii) Assume that n is even; how many colourings are such that every row contains
the same number of white cells as of black cells?
2 Combinatorics 75

44 Show that for all n ≥ 1 we have


n 
(i) k nk = n2n−1 ;
k=0
n n
(ii) k2 k = (n + n2 )2n−2 .
k=0
45 Find the cardinality of the set

{(a1 , . . . , a30 ) ∈ {0, 1}30 | a1 + a3 + · · · + a29 ≤ 2 and a2 + a4 + · · · + a30 ≤ 2}.

46 Let X = {1, 2, . . . , 100}.

(i) Find the number of three-element subsets of X containing two elements whose
sum is 10.
(ii) Find the number of three-element subsets of X containing at least two elements
that are divisible by 5.
47 Find the number of ordered pairs (x, y) ∈ Z/2100 Z×Z/2100 Z such that xy = 0.
48 Consider the set X of all possible teams of four you can form from a set of 13
people.
(i) Having fixed two people p and q, pick a team from X at random; what is the
probability that p and q do not both belong to that team?
(ii) Find the cardinality of any subset of X with the following property: given any
two people, they must appear together in exactly one team belonging to the
subset.
49 Find the number of all positive divisors d of 21003100 such that d ≡ 4 (mod 5).
50 Let X = {1, 2, . . . , 100}.
(i) Find the number of two-element subsets of X such that the sum of their
elements is divisible by 4.
(ii) Find the number of three-element subsets of X containing no consecutive
numbers.
51 Let X be the set of maps from {1, 2, . . . , 10} to itself and, for each f ∈ X, let

Mf = max{f (x) | 1 ≤ x ≤ 10}, mf = min{f (x) | 1 ≤ x ≤ 10}.

(i) Find the number of all maps f ∈ X such that Mf − mf = 1.

(ii) Find the number of all maps f ∈ X such that Mf = 10 and mf = 1.
52 Find all natural numbers n such that φ(n) = n − 8.
53 Let X = {1, 2, . . . , 100}.
(i) Find the number of maps f : X −→ X with exactly ten fixed points, that is,
ten elements x ∈ X such that f (x) = x.
76 2 Exercises

(ii) Find the number of maps f : X −→ X such that

|f (x) − x| = 2.
x∈X

54 Let X = {1, 2, . . . , 20}.

(i) Find the number of all ordered pairs (A, B) of subsets of X such that |A| = 5
and |A ∪ B| = 12.
(ii) Find the number of all ordered triples (A, B, C) of subsets of X such that |(A ∪
B) ∩ C| = 8.
55
(i) How many strings (a0 , . . . , a9 ), with ai ∈ {0, 1, 2, 3, 4} for each i, are such that
there are fewer odd ai ’s than even ai ’s?
(ii) Find the number of all strings (a0 , . . . , a9 ), with ai ∈ {0, 1, 2, 3, 4} for each i,
such that
9
(−1)i ai ≡ 0 (mod 6).
i=0

56 Let N = {1, 2, . . . , 100}. Find the cardinality of the following sets:

(i) X = {A ⊆ N | max A − min A = 60};
(ii) Y = {f : N −→ N | f (1) · f (2) · · · f (100) ≡ 0 (mod 10)}.
57 Let W be the set of words of length 3 one can form with 26 letters. Find the
number of pairs (α, β) with α, β ∈ W such that α, β do not have any letters in
common.
58 Let X = {1, 2, . . . , 100}. Find the number of
(i) all ordered pairs (A, B) of subsets of!X with |A ∪ B| = 40 and |A| = 10;
(ii) all subsets A of X with |A| = 5 and x∈A x ≡ 0 (mod 9).
59 Consider a six-sided die whose faces are numbered from 1 to 6; to each die roll
assign a score given by the value of the face the die lands on. Find the probability
that, after rolling the same die n times, the sum of the scores obtained is a multiple
of 7.
60
(i) Find the number of positive integer solutions (x, y) of the equation 2x + 3y =
100.
(ii) Find the number of all three-element subsets A of {1, 2, . . . , 100} such that the
sum of their elements is equal to 100.
61 Find all natural numbers a such that there exists a natural number n for which
a
φ(n) = n.
43
3 Congruences 77

62 Let X = {1, 2, . . . , 100}.

(i) Find the number of all two-element subsets {a, b} of X such that ab ≡ a + b
(mod 3).
(ii) Find the number of all two-element subsets {a, b} of X such that ab(a + b) ≡ 0
(mod 3).
63 Let X = {1, . . . , 100} and let S(X) be the set of permutations of X.
(i) Given σ ∈ S(X) and i ∈ {0, 1, 2}, let Xi,σ = {x ∈ X | σ (x) − x ≡ i
(mod 3)}. Show that, for all σ ∈ S(X), we have |X1,σ | ≡ |X2,σ | (mod 3).
(ii) Find the number of all permutations σ ∈ S(X) such that σ ◦σ (x) ≡ x (mod 2)
for all x ∈ X.
64 Find the number of all ordered triples (x, y, z) of positive integers such that
(i) xyz = 10100;
(ii) x 2 yz = 10100.
65 Let X = {1, 2, . . . , 10}. Find the number of maps f : X −→ X such that for
all a, b in X, the number f (a) · f (b) is not prime.
66 Consider a set of n pairs of twins.
(i) How many ways are there to form a team of six people containing exactly two
pairs of twins?
(ii) Let n = 12. How many ways are there to partition the 24 people into four teams
of 6 in such a way that at least one pair of twins ends up separated into different
teams?
67 Let X = {1, 2, . . . , 100}. Find the cardinality of the following sets:

(i) {A ∈ P(X) | x∈A x 100 ≡ 0 (mod 2)}; !
(ii) {(A, B) ∈ P(X)2 | 4 exactly divides x∈A∩B x}.

3 Congruences

68 Find, as a function of the integer a, all solutions of the following system of

congruences:

2ax ≡ 13 (mod 17)
(x − a)(x − 2) ≡ 0 (mod 4).

69 Find all integer values of a for which the following system has a solution:

2x ≡ a (mod 9)
x ≡ a 2 (mod 3).
78 2 Exercises

70 Find all integer values of a for which the following system has a solution:

2x ≡ 3a (mod 7)
4x 2 ≡ a 2 (mod 24).

71 Find all values of a ∈ Z such that the following system has a solution, then
solve it:

3x −1 ≡ 2a (mod 13)
2

x − 1 ≡ 0 (mod 3).

72 Find all solutions of the following system of congruences:


2x ≡ x (mod 7)
x 2 ≡ 1 (mod 15).

73 Find all natural values of n such that the following system is satisfied:
 n
≡ 0 (mod 2)
n3
4 ≡ 0 (mod 2).

74 Solve the following system of congruences:


x 2 ≡ 4 (mod 14)
x ≡ 3 (mod 5).

75 Solve the following system of congruences:


x 660 ≡ 1 (mod 847)
x ≡ 11 (mod 13).

76 Find all a ∈ Z for which the congruence x 3 − a 3 ≡ 0 (mod 85) has solutions
other than x ≡ a (mod 85).
77 Solve the congruence 2x ≡ 5 (mod 33 ). Then solve the systems
 
2x ≡ 5 (mod 33 ) 2x ≡ 5 (mod 34 )
x ≡ 2 (mod 15), x ≡ 3 (mod 15).

78
(i) For which integers b does the congruence 81x ≡ b (mod 125) have a solution?
(ii) Assume that 81x ≡ b0 (mod 125) has a solution x0 and describe the set of all
solutions.
3 Congruences 79

79 Solve the congruence 2x ≡ 3 (mod 125). How could one solve the congruence
2x ≡ 3 (mod 625)?
80 Solve the system of congruences

5x ≡ 3 (mod 11)
x ≡ −3 (mod 21).
2

81 For each a ∈ Z, find all integer values of x such that

1 3 8 3 1
x − ax 2 + x + a
3 21 7 7
is an integer.
82 Find the number of solutions modulo 77 of the congruence x 15 ≡ x 27
(mod 77).
83 Find, for each k ∈ N, all solutions of the following system of congruences:

x k ≡ x (mod 7)
x 3 ≡ x (mod 7).

84 Find all integer values of a for which the following system has a solution

ax ≡ 4 (mod 25)
x 2 + a ≡ 0 (mod 15)

and find all solutions for a = −1.

85 For each a ∈ Z, solve the following system of congruences:

ax ≡ 1 (mod 9)
a x ≡ 1 (mod 9).

86 For each integer a, find all solutions of the system


(6a − 1)x ≡ 1 (mod 21)
x ≡ a (mod 35).

87 Find all integer values of a for which the following system of congruences has
a solution

9ax ≡ 1 (mod 34)
x − 9ax ≡ 6 (mod 15)
2

and solve it for a = 4.

80 2 Exercises

88 For each integer a, determine whether the following system of congruences has
any solutions and, if so, find them:

3x ≡ a (mod 42)
6x ≡ 1 (mod 35).

89 Solve the following system of congruences:


5x ≡ 9 (mod 24 )
x 2 + 2x + 8 ≡ 0 (mod 176).

90 Find all integer values of a such that the following system has a solution:

x 2 ≡ 5a (mod 120)
6x ≡ a (mod 21).

Find all solutions of the system for a = 45.

91 Find the number of solutions of the congruence x 100 ≡ a (mod 77) for each
integer a.
92
(i) Find, for each integer a, the number of solutions of the congruence x a ≡ 1
(mod 92).
(ii) For each integer a, solve the following system of congruences:

x a ≡ 1 (mod 92)
6x ≡ 8 (mod 23).

93 For each integer a, find the number of solutions of the following system of
congruences:

2x ≡ a (mod 22)
x 2 ≡ 7a (mod 84).

94 For each integer a, solve the following system of congruences:


a x ≡ 3 (mod 8)
x 2a ≡ 4 (mod 9).

95 Find the number of all ordered pairs (x, y) ∈ Z/100Z × Z/100Z such that
xy = 0.
3 Congruences 81

96 For each integer a, find the number of solutions of the following system of
congruences:

6x ≡ 4a (mod 72)
5x ≡ 2 (mod 39).

97 Solve the following system of congruences:

8x −1 ≡ −1 (mod 27)
2

x + 2x ≡ 8
22 (mod 44).

98 For each a ∈ Z, find the number of solutions of the following system of

congruences modulo an appropriate integer:

3x ≡ 2a (mod 5)
x ≡ a + 2 (mod 24).
3

99 For each a ∈ Z, find all solutions of the following system of congruences:


a x ≡ 3 (mod 7)
x 2 ≡ a (mod 8).

100 For each a ∈ Z, find all solutions of the following system of congruences:

a x ≡ 1 (mod 5)
ax ≡ 2 (mod 8).

101 For each a ∈ Z, find all solutions of the following system of congruences:

2 −1
5x ≡ 2a (mod 13)
x3 ≡ 0 (mod 64).

102 Find all integer values of a for which the following system has a solution:

a x ≡ 11 (mod 14)
x a ≡ 1 (mod 9).

103
(i) Find all x ∈ Z such that 3x ≡ 7 (mod 10).
(ii) Find all x ∈ Z such that 3x ≡ 4 + x (mod 10).
82 2 Exercises

104 Find all solutions of the following system of congruences:


x 2x+1 ≡ 1 (mod 7)
4x ≡ 7 (mod 15).

105
(i) Let k be a natural number. Find the number of x ∈ Z with 0 ≤ x ≤ k such that
x ≡ 1 (mod n) for all n with 1 ≤ n ≤ 10.
(ii) How many integers x are such that x ≡ −1 (mod n) for all positive integers
n?
(iii) How many integers x are such that x ≡ n (mod 2n) for all positive integers n?
106 Find all pairs of positive integers (x, n) that satisfy the congruence x n ≡ 39
(mod 10x).
107 For each n ∈ Z, find the number of solutions of the congruence

x 5n ≡ 1 (mod 55).

108
(i) Solve the congruence x 2 − x + 43 ≡ 0 (mod 55).
(ii) For each integer a, solve the following system of congruences:

x 2 − x + 43 ≡ 0 (mod 55)
4
x 11 ≡ x a (mod 5).

109 Solve the following two congruences:

(i) x 2 + 2x + 5 ≡ 0 (mod 65);
(ii) 32x + 2 · 3x + 5 ≡ 0 (mod 65).
110 Solve the following system of congruences:

x 2 + 2x + 2 ≡ 0 (mod 10)
7x ≡ 20 (mod 22).

111 For each integer a, find the number of solutions modulo 180 of the following
system of congruences:

ax ≡ 2 (mod 12)
9x ≡ a 2 + 2a − 3 (mod 81).

112 Solve the following system of congruences:


x 131 ≡ x (mod 55)
x6 + x ≡ 0 (mod 125).
3 Congruences 83

113 For each integer a, determine whether the following system has any solutions
and, if so, find them:

ax ≡ 12 (mod 77)
13x ≡ 25 (mod 133).

114 Find all possible integer values of a for which the following system has a
solution
⎧ 80
⎨ x ≡ 2 (mod 7)
80x ≡ 2 (mod 7)
⎩
7x ≡ a (mod 10)

and find its solutions as a function of a.

115 Find all solutions of the following system of congruences:

x 41 ≡ x (mod 700)
45x ≡ 25 (mod 700).

116 Find all solutions of the congruence x x+1 ≡ 1 (mod 27).

117 Find all integer values of a for which the system of congruences

ax ≡ 12 (mod 27)
a 3 x 2 ≡ 9 (mod 39)

has a solution.
118 Let a be an integer; consider the system of congruences

x 2 − 7a ≡ 0 (mod 5)
a x ≡ 3 (mod 35).

(i) Find all values of a for which the system has a solution.
(ii) Find, for each value of a, the number of solutions of the system expressed as
congruence classes for an appropriate modulus.
119 Find all integer values of a for which the system of congruences

x 2 + x + 1 ≡ 0 (mod 13)
ax ≡ 27 (mod 78)

has a solution, then solve it.

84 2 Exercises

120 Solve the following system of congruences:


x 2 − 4x + 3 ≡ 0 (mod 15)
30x ≡ −6 (mod 81).

121 Find the number of solutions modulo 1001 of the congruence x 101 ≡ x
(mod 1001).
122 Find the number of solutions modulo 210 of the congruence x 5 − 16x ≡ 0
(mod 210 ).
123 Find all integer values of a for which the following system of congruences has
a solution:
2
2x ≡ 3x+a (mod 17)
3x ≡ a 23 (mod 24).

124 For each integer a, find the number of solutions modulo 90 of the following
system of congruences:

3x ≡ a + 1 (mod 9)
(x − 1)(x − a) ≡ 0 (mod 15).

125 Find all integer values of a for which the following system of congruences has
a solution, then solve it:
⎧ 27
⎨ x ≡ x 2 (mod 144)
10x ≡ a (mod 25)
⎩ x−1
2 ≡ 4 (mod 11).

126 Find all integer pairs (x, y) such that

⎧
⎪
⎨ 22y −5y+4 ≡ 2 (mod 36)
2

(2x 2 + 17)(2x 2 + xy + 4x + 2y)−1 ≡ 1 (mod 592)

⎪
⎩ x 23 + 1 ≡ 0 (mod 100).

127 For each a ∈ Z, find all solutions of the following system of congruences:

a x ≡ 1 (mod 77)
ax ≡ 1 (mod 10).
4 Groups 85

128 For each a ∈ Z, find all integer solutions of the system


7x ≡ a (mod 8)
(x + a)4 ≡ 0 (mod 200).

129 For each a ∈ Z, find all integer solutions of the system


7ax ≡ a (mod 49)
x a ≡ 1 (mod 3).

130 Find the number of integer solutions of the system


x 3 ≡ 8 (mod 1000)
x ≡ 2 (mod 3)

with 0 ≤ x < 3001.

131
(i) Find all solutions of

x 36 ≡ x (mod 9).

(ii) Solve the following system of congruences:


x 36 ≡ x (mod 9)
x2 − x ≡ 0 (mod 64).

132 For each a ∈ N, find the number of solutions modulo 584 of the congruence

x a+5 − x a − x 5 + 1 ≡ 0 (mod 584).

133 Solve the following congruence and find the number of its solutions modulo
1010:

x 5 − 4x + 400 ≡ 0 (mod 1010 ).

4 Groups

134 Let (G, +), (G , +) be Abelian groups. Let H be a proper nontrivial subgroup
of G and let H be a proper nontrivial subgroup of G . Moreover, let

Hom(G, G ) = {f : G → G | f is a group homomorphism}

86 2 Exercises

be the group of all homomorphisms from G to G , with the operation + given by

(f + g)(x) = f (x) + g(x) for all x ∈ G. Determine whether the following subsets
are subgroups of Hom(G, G ):

A = {f ∈ Hom(G, G ) | Ker(f ) ⊆ H };
B = {f ∈ Hom(G, G ) | Ker(f ) ⊇ H };
C = {f ∈ Hom(G, G ) | f (G) ⊆ H };
D = {f ∈ Hom(G, G ) | f (G) ⊇ H }.

135 Let G = Z/6Z × Z/20Z.

(i) How many elements of G have order 60?
(ii) How many cyclic subgroups of order 30 does G have?
(iii) How many injective homomorphisms f : Z/12Z −→ G are there?
136 Let G be the group of all bijective maps f : Z/72Z −→ Z/72Z of the form
f (x) = ax with (a, 72) = 1 and let H = {f ∈ G | f (12) = 12}.
(i) Show that H is a subgroup of G and find the order of H .
(ii) Is the subgroup H cyclic?
137 Let G = Z/12Z and let a, b be elements of G. Moreover, let f : G −→
G × G, g : G × G −→ G be the homomorphisms given by f (x) = (ax, bx) and
g(y, z) = y + z.
(i) How many pairs (a, b) correspond to an injective homomorphism f ?
(ii) How many pairs (a, b) are such that g ◦ f is injective?
138 Given any prime p, show that the group (Z/p2 Z)∗ contains both elements of
order p and elements of order p − 1.
139 Let G be a group and let H, K be normal subgroups of G. Show that H K =
{hk | h ∈ H, k ∈ K} is a normal subgroup of G.
140 Let G be a group and let f : G −→ G be a homomorphism such that f ◦ f =
f . Show that
(i) Ker(f ) ∩ Im(f ) = {e};
(ii) G = Ker(f ) · Im(f ).
141
(i) Find the number of elements of order 2 and the number of elements of order 3
in the group (Z/49Z)∗ .
(ii) How many group homomorphisms are there from Z/6Z to (Z/49Z)∗ ?
142 Let G be a group, let H be a subgroup of G and let Z(H ) = {g ∈ G | gh =
hg ∀h ∈ H } be the centraliser of H in G. Show that
(i) Z(H ) is a subgroup of G;
(ii) if H is normal in G then Z(H ) is as well;
4 Groups 87

(iii) for all group homomorphisms f : G −→ G we have f (Z(H )) ⊆ Z(f (H )).

(iv) Find an example of a group homomorphism f : G −→ G and a subgroup H
of G such that Z(H ) = G and Z(f (H )) = G .
143 Let G be an Abelian group and let H be the subset of elements of G whose
order is finite.
(i) Show that H is a subgroup of G and find an example where H is infinite.
(ii) Show that every element of G/H other than the neutral element has infinite
order.
(iii) Show that G/H is isomorphic to G if and only if H is trivial.
(iv) Show that the kernel of every homomorphism G −→ Z contains H .
144 Let G1 and G2 be groups and let G1 × G2 be their direct product. Let π1 :
G1 × G2 −→ G1 and π2 : G1 × G2 −→ G2 be the two projection maps. Show the
following:
(i) if H1 is a normal subgroup of G1 and H2 is a normal subgroup of G2 then
H1 × H2 is a normal subgroup of G1 × G2 ;
(ii) if H is a subgroup of G1 × G2 then H ⊆ π1 (H) × π2 (H);
(iii) if |G1 | = m, |G2 | = n and (m, n) = 1 then for all subgroups H of G1 × G2
we have H = π1 (H) × π2 (H).
145 Given two finite groups G1 and G2 , let f : G1 −→ G2 be a group
homomorphism and let H be a subgroup of G1 that contains the kernel of f .
(i) Show that [G1 : H ] = [f (G1 ) : f (H )].
(ii) Does the above equality hold even if we drop the requirement that Ker(f ) ⊆
H?
(iii) Does the above equality hold if G1 = Z and G2 is a finite group?
146 Given a group G, a subgroup M of G is maximal if M = G and, for all
subgroups H of G such that M  H ⊆ G, we have H = G. We shall denote the
intersection of all maximal subgroups of G by N.
(i) Show that N is a normal subgroup of G.
(ii) Let G = Z/nZ. Show that N = {0} if and only if n is squarefree.
(iii) Find N for G = Z/100Z.
147 Given a group G, let N be a normal subgroup of G. Let f be an automorphism
of G such that f (N) = N. For each g ∈ G, set ϕ(gN) = f (g)N: is ϕ an
automorphism of G/N?
148 Let G = (Z/35Z)∗ .
(i) For each positive integer n, find the number of elements of order n in G.
(ii) Find the number of subgroups of G whose order is 6.
149 Given a group G, let f, g : G −→ Z/12Z be two group homomorphisms.
(i) Show that the set {x ∈ G | f (x) = g(x)} is a normal subgroup of G.
88 2 Exercises

(ii) Assume G = S3 × Z/2Z and H = ((123), 0); find all homomorphisms

f : G −→ Z/12Z such that f (h) = 0 for all h ∈ H .
150 Given two primes p, q with p < q let G = (Z/pqZ)∗ , G(2) = {x 2 | x ∈ G}
and G(3) = {x 3 | x ∈ G}.
(i) Find the order of each of the subgroups G(2) and G(3) .
(ii) Find all p, q for which the subgroup G(2) is cyclic.
(iii) Find all p, q for which the subgroup G(3) is cyclic.
151 Let (G, +) be an Abelian group and let H, K be subgroups of G such that
|G/H | = m and |G/K| = n, where (m, n) = 1. Show that
(i) G = H + K;
(ii) G/(H ∩ K)  G/H × G/K.
152 Let G = Z/20Z × Z/8Z. Find the number of homomorphisms f : G −→ G.
Moreover, for each n ∈ N, let fn : G → G be the homomorphism given by
fn (x) = nx for all x ∈ G.
(i) For which values of n is the kernel of fn a cyclic group?
(ii) For which values of n is the image of fn a cyclic group?
153 Let G be a finite Abelian group and let H be a cyclic subgroup of G such that
G/H is also cyclic. Let m = ord(H ), n = ord(G/H ).
(i) Show that if (m, n) = 1 then G is cyclic.
(ii) Give an example where (m, n) > 1 and G is not cyclic.
154 Given a positive integer n, let G be a group of order n and let fk : G −→ G
be the map defined by fk (x) = x k for all x ∈ G.
(i) Show that if fn−1 is a homomorphism then G is Abelian.
(ii) Show that if n = 62 and f8 is a homomorphism then G is Abelian.
(iii) Give an example of a finite group and an integer k such that fk is not a
homomorphism.
155 Let G be a finite Abelian group of order n. For each prime divisor p of n, let
Gp be the set of elements of G whose order is a power of p.
(i) Show that Gp is a subgroup of G of order a power of p.
(ii) Show that the order of every element of G/Gp is coprime to p.
(iii) Show that, if n = pa q b , where p, q are distinct primes and a, b ∈ N, then
G/Gp is isomorphic to Gq .
156 Let L be the additive subgroup of rational numbers consisting of elements that
can be written in the form m/10n for some m ∈ Z, n ∈ N. For each positive integer
k, find
(i) the number of elements of order k in Q/L;
(ii) the number of solutions of the equation kx = 0 in Q/L.
4 Groups 89

157 Let G be the group of rigid transformations of three dimensional space that
send a cube to itself.
(i) Determine whether or not G has any subgroups of order 3.
(ii) Cut each face of the cube with a line segment as in the figure. Compute the
index of the subgroup H of G that sends the figure to itself.
(iii) Is H normal in G?

158 Let G be the group Z/6Z × Z/6Z.

(i) Find the number of cyclic subgroups of G.
(ii) Find the number of elements x ∈ G such that G/x is a cyclic group.
159 Let G be the set of bijections f : Z/60Z −→ Z/60Z such that for all x ∈ Z
we have f (x) ≡ x (mod 20).
(i) Show that G, endowed with the composition operation, is a group; compute its
cardinality.
(ii) For each m ∈ {6, 8, 10, 12}, determine whether G has a subgroup of order m
and whether it has a cyclic subgroup of order m.
160 Let (G, +) be a finite Abelian group such that 3G = {3x | x ∈ G} is a cyclic
subgroup of G. Show that every subgroup of G whose order is coprime to 3 is cyclic.
161 For each natural number n, find the number of homomorphisms and the
number of injective homomorphisms from Z/nZ to Z/10 × Z/20Z.
162 Denote by G the group Z/5Z × Z/10Z × Z/36Z and let f : G −→ G be the
homomorphism given by f (g) = 78g for all g ∈ G.
(i) Find the cardinalities of the kernel and of the image of f .
(ii) Find the largest possible order of an element in the image of f .
90 2 Exercises

163 Let (G, +) be an Abelian group and let Q = {2g | g ∈ G}.

(i) Show that Q is a subgroup of G.
(ii) For which values of m ∈ {1, 2, 3, 4} is it possible that |G/Q| = m? For each
m ∈ {1, 2, 3, 4}, either give an example where this equality holds or show that
it cannot.
164 Let G be the group Z/99Z × Z/33Z.
(i) Find the number of elements of order 11 and the number of subgroups of order
11 in G.
(ii) Determine whether or not there exists a subgroup H of G of order 11 such that
G/H is cyclic.
(iii) Determine whether or not there exists a surjective homomorphism from G to
Z/121Z.
165 Let G be a group, let H be a normal subgroup of G of order n and let m be a
positive integer coprime to n. Show that G/H contains an element of order m if and
only if G does.
166 Consider the group G = Z/8Z × Z/12Z.
(i) Find all subgroups of G whose order is 4.
(ii) Find all subgroups of G whose order is 48.
167 Let p be a prime and let G1 = (Z/pZ)∗ , G2 = (Z/p2 Z)∗ .
(i) Are there any surjective homomorphisms from G2 to G1 ?
(ii) Are there any injective homomorphisms from G1 to G2 ?
168 Let (G, +) be a finite Abelian group, let p be a prime and let a be a natural
number such that pa exactly divides |G|.
(i) Show that H = {x ∈ G | pa x = 0} is a subgroup of G.
(ii) Show that G/H does not contain any elements of order p.
(iii) Show that |H | = pa .
169 Given positive integers m, n, let G be the group Z/mZ × Z/nZ and let C∗ be
the multiplicative group of nonzero complex numbers.
(i) Denote by Hom(G, C∗ ) the set of homomorphisms from G to C∗ . Show that
.
for all f and g in Hom(G, C∗ ) the map G x −→ (fg)(x) = f (x) · g(x) ∈
C∗ is a homomorphism and that the operation (f, g) −→ fg makes the set
Hom(G, C∗ ) into a group.
(ii) Find all pairs (m, n) for which the set Hom(G, C∗ ) contains an injective
homomorphism.
170 Let (G, +) be a finite Abelian group of order n and, for each prime p, let pG
be the subgroup of G given by pG = {px | x ∈ G}. Show that
(i) if p and q are different primes, then G = pG + qG;
(ii) if p and q are different primes, then G = pG ∪ qG if and only if pq  n;
4 Groups 91

(iii) if p, q, r are different odd primes, then G = pG ∪ qG ∪ rG if and only if

pqr  n.
171 Find the minimum and maximum possible number of elements whose order is
prime in a group G as G varies among all Abelian groups of order 200.
172 Let G be an Abelian group of order n and let p, q be two distinct prime divisors
of n. Let hp , hq and hpq be the number of subgroups of G of order p, q and pq,
respectively. Similarly, let mp , mq and mpq be the number of elements of G of order
p, q and pq, respectively.
Show that hpq = hp hq and mpq = mp mq .
173 Let G be a group, let p be a prime and let H and K be two distinct normal
subgroups of G of index p such that H ∩ K = {e}.
(i) Show that G is isomorphic to Z/pZ × Z/pZ.
(ii) Find the number of subgroups of order p in G.
174 Let G be an Abelian group, let k be a positive integer, and set Gk = {g k | g ∈
G}.
(i) Show that Gk is a subgroup of G and that all elements of G/Gk have finite
order.
(ii) Assuming G is a cyclic group of order n, find the cardinality of G/Gk .
(iii) Give an example of a group G such that G/G10  Z/2Z × Z/10Z.
175 Given positive integers m and n, denote by Hom(Z/mZ, Z/nZ) the group of
homomorphisms from Z/mZ to Z/nZ, endowed with the addition operation.
(i) Show that Hom(Z/mZ, Z/nZ)  Z/dZ, where d is the greatest common
divisor of m and n.
(ii) Describe the subgroup of order 12 of Hom(Z/360Z, Z/420Z).
176 Let G be a group and let Δ = {(x, x) | x ∈ G}.
(i) Show that Δ is a subgroup of G × G.
(ii) Show that Δ is normal in G × G if and only if G is Abelian.
(iii) Show that if G is Abelian then (G × G)/Δ is isomorphic to G.
177 Let (G, +) be a finite Abelian group of order n. Show that
(i) for all primes p that divide n, the set

Gp = {x ∈ G | ∃k ∈ N such that pk x = 0}

is a subgroup of G;
(ii) given x, y ∈ G of order a and b, respectively, with (a, b) = 1, we have ord(x +
y) = ab;
(iii) G is cyclic if and only if for all prime divisors p of n the set Gp is a cyclic
subgroup of G.
92 2 Exercises

178 Let G = Z/18Z × Z/12Z, G = Z/36Z.

(i) Show that, given homomorphisms f, g ∈ Hom(G, G ), the map f + g given
by (f + g)(x) = f (x) + g(x) for all x ∈ G is a homomorphisms from G to
G , and the operation

Hom(G, G ) × Hom(G, G ) (f, g) −→ f + g ∈ Hom(G, G )

makes the set Hom(G, G ) into a group. Find the cardinality of Hom(G, G ).
(ii) Find the number of surjective homomorphism from G to G .
(iii) Show that for all (a, b) ∈ G the map ϕ(a,b) : Hom(G, G ) −→ G given by
ϕ(a,b)(f ) = f (a, b) is a homomorphism. Find the cardinalities of the kernel
and of the image of ϕ(1,1) .
179 Let (G, +) be an Abelian group and let H, K be subgroups of G such that
[G : H ] = m, [G : K] = n. Set d = [G : H ∩ K]. Show that
(i) d ≤ mn;
(ii) d | mn;
(iii) d = mn if and only if H + K = G.
180 Let G be the subgroup of the additive group Q of rational numbers given by
a
G={ | a ∈ Z, (b, 10) = 1}.
b
(i) Show that G does not contain any subgroups isomorphic to Z × Z.
(ii) Show that G has an infinite number of cyclic quotients.
(iii) Show that G does not have any cyclic quotients of order 3.
181 Let G and H be nontrivial cyclic groups and let f : G −→ H be an injective
homomorphism. Show that the following conditions are necessary and sufficient for
the existence of a homomorphism g : H −→ G such that g ◦ f is an isomorphism.
(i) If G is finite then H is finite and, letting |G| = a, |H | = b, we have a | b and
(a, b/a) = 1.
(ii) If G is infinite then H  Z and f is surjective.
182 A subgroup M of a group G is maximal if M = G and for all subgroups L of
G such that M  L ⊆ G we have L = G.
(i) Let K, M be subgroups of a group G such that K  G and K ⊆ M. Show that
M is a maximal subgroup of G if and only if M/K is a maximal subgroup of
G/K.
(ii) Show that in a finite Abelian group G every subgroup H = G is contained in
a maximal subgroup of G.
(iii) Show that in a finite nontrivial Abelian group a subgroup is maximal if and
only if its index is prime.
5 Rings and Fields 93

183
(i) Find the number of homomorphisms and the number of injective homomor-
phisms from Z/12Z to the group Z/4Z × S3 .
(ii) Describe all homomorphisms ϕ : Z/12Z −→ Z/4Z × S3 such that ϕ(10) has
order 3.
184 Let G = (Z/1000Z)∗ .
(i) Show that G is not a cyclic group.
(ii) Let H = {g ∈ G | ord(g) is a power of 2}; show that H is a subgroup of G
and compute its order.
(iii) Show that G contains an element of order 25 and deduce that G/H is cyclic.
185 Let G be an Abelian group and, for each k ∈ N, set Gk = {g k | g ∈ G}.
(i) Show that for all k the set Gk is a subgroup of G.
(ii) Assuming that G is finite of order n, find all integers k such that Gk = G.
(iii) Give an example of a group G such that Gk = G for all k > 1.
(iv) Give an example of a nontrivial group G such that Gk = G for all k ≥ 1.
186 Let G = Z/3Z × S3 , with the direct product group structure.
(i) Find all possible orders of subgroups of G.
(ii) Find the number of cyclic subgroups of G.

5 Rings and Fields

187 Let f (x) = x 4 + x 3 − 3 ∈ F7 [x]. Find the number of zero divisors and the
inverse of x + 1 in F7 [x]/(f (x)).
188 For each integer m, find the degree of the splitting field of the polynomial
(x 2 − m)(x 4 − 25) over Q.
189 Let f (x) = x 3 + 3x − 1, g(x) = x 2 − 2.
(i) Letting α be a complex root of f (x), find the minimal polynomial of 1/(α + 2)
over Q.
(ii) Find all primes p such that the polynomials f (x), g(x), considered as elements
of Fp [x], have a common root.
190 Let f (x) = x 6 + 4x 3 + 2.
(i) Letting α be a complex root of f (x), find the minimal polynomial of 1/α 2 over
Q.
(ii) Find the splitting field of f (x) over F7 .
191 Find the degree of the splitting field of x 6 − 4 over Q and over F11 .
192 Find all primes p for which the polynomial x 6 + 1 ∈ Fp [x] has at least one
root in Fp .
94 2 Exercises

193 Let α be a complex root of x 4 − 2x 3 + x − 1.

(i) Find a polynomial g(x) ∈ Q[x] such that α 2 g(α) = 1.
(ii) For each integer k, compute the degree [Q(α 2 + kα) : Q].
194 Let α ∈ C be a root of the polynomial x 4 + 2x 2 + 2. Compute the minimal
polynomial of α 2 + 1 and of 1/(α + 2) over Q.
195 Compute the degree of the splitting field of (x 3 − 2)(x 4 − 3) over Q, over F3
and over F11 .
√
196 Let α = 5 + i ∈ C.
(i) Find the minimal polynomial f (x) of α over Q.
(ii) Compute the degree of the splitting field of the polynomial f (x) over Q and
over F7 .
197 Let α ∈ C be a root of the polynomial x 4 −x −1. Find the minimal polynomial
of 2α − 1 and of α 2 over Q.
198 Find the degree of the splitting field of x 4 − 6x 2 − 3 over Q and over F13 .
 √
199 Let α = 2 + 7 ∈ C.
(i) Find the degree of Q(α) over Q.
(ii) Find the degree of the splitting field of the minimal polynomial of α over Q.
 √
200 Let α = 2 + i 2.
(i) Find the minimal polynomial of α and the minimal polynomial of α 2 + 1 over
Q.
(ii) Find a polynomial f (x) ∈ Q[x] such that f (α) = (α 2 + 2α)−1 .
201 Find the degree of the splitting field of x 8 − 4 over Q and over F3 .
202 Find the degree of the splitting field of x 4 + 26 over Q, over F5 and over F7 .
203 Find the degree of the splitting field of x 6 − 12x 3 + 27 over Q and over F5 .
 √
204 Find the minimal polynomial of 2 + 3 over Q and the degree of its splitting
field.
205 Let f (x) be the polynomial (x 3 − 7)(x 2 + 3).
(i) Find the degree of the splitting field of f (x) over Q.
(ii) Find the number of zero divisors in F5 [x]/(f (x)).
206 Find the degree of the splitting field of 2x 4 + 6x 2 − 5 over Q and over F19 .
207 Let K ⊆ F be fields, let f (x) = x 5 + 3x + 3 ∈ K[x] and let α be a root of
f (x) in F. Compute all possible values of [K(α) : K] and [K(α 7 ) : K] for K = Q
and K = F2 .
208 Let K be a field and f (x) ∈ K[x] a polynomial of positive degree, and set.
Show that every zero divisor in K[x]/(f (x)) is nilpotent if and only if f (x) is a
power of a single irreducible polynomial.
5 Rings and Fields 95

209 Find the number of zero divisors in the ring F5 [x]/(x 3 − 2x + 1) that are not
nilpotent.
210 Let x 4 − a ∈ Z[x] be a reducible polynomial. Show that
(i) if a > 0 then there is b ∈ N such that a = b2 ;
(ii) if a < 0 then there is c ∈ N such that a = −c2; moreover, there is d ∈ N such
that c = 2d 2 .
211 Compute the degree of the splitting field of x 4 + 5x 2 + 5 over Q and over F11 .
212 Let α ∈ C be a root of the polynomial x 3 − x 2 − 2x − 1 and set β = α 4 − 3α 2 .
Find
(i) the minimal polynomial of β over Q;
(ii) a polynomial g(x) with rational coefficients such that βg(α) = 1.
213 Find the degree of the splitting field of the polynomial (x 2 + 3)(x 3 − 5) over
Q.
214 Let f (x) be the polynomial x 15 − 1.
(i) Find the irreducible factors of f (x) and the degree of its splitting field, first
over F3 and then over F5 .
(ii) What are the possible degrees of the splitting field K of f (x) over Fp , where
p is a prime other than 3 or 5?
(iii) For each degree d from the previous question, give an explicit example of a
prime p other than 3 or 5 for which [K : Fp ] = d.
215 Find the degree of the splitting field of the polynomial (x 2 + 2)(x 4 − 2) over
Q and over F7 .
216 Let K be a field and let α, β be roots in an algebraic closure of K of the
polynomials x 2 − 5 and x 2 + 5, respectively.
(i) Compute the degree of the minimal polynomial of α + β over K, for K = Q.
(ii) Assume K = Fp ; what are the possible degrees of the minimal polynomial of
α + β over Fp , as p varies among all primes? For each possible degree, give
an example.
(iii) Compute the degree of the minimal polynomial of α + β over F2011.
217 Let K be a field and let α be a root of f (x) = x 4 − 3 in an algebraic closure
of K.
(i) Compute
√ the degree of K(α) over K, first for K = Q and then for K =
Q( −3).
(ii) Compute√the degree of the splitting field of f (x) over K for K = Q and for
K = Q( −3).
96 2 Exercises

218 Let f (x) = x 5 + x 2 − x + 4.

(i) Determine the splitting field of f (x) over F2 and over F3 .
(ii) For each positive integer k, find the degrees of the irreducible factors of f (x)
as a polynomial in F3k [x].
219 Let α be a root of the polynomial x 4 + 2x 3 + 2x 2 + x + 3. Find the minimal
polynomial of α + 1 and of α 2 + α over Q.
220 Let f (x) = x 4 + 3x 2 + 1 ∈ Q[x] and let α ∈ C be a complex root of f (x).
Find
(i) the degree [Q(α) : Q];
(ii) the degree of the splitting field of f (x) over Q;
(iii) the minimal polynomial of 1/(α + 1) over Q.
221 Find the degree of the splitting field of x 4 − 4x 2 + 2 over Q, over Q(i) and
over F7 .
222 Let K, E, F be the splitting fields over Q of x 24 − 1, of x 8 − 1 and of x 3 − 1,
respectively.
(i) Show that K = EF.
(ii) Find a basis of K ∩ R as a vector space over Q.
223
(i) Find the values of n ∈ N for which the polynomial x 2n + x n + 1 is divisible by
x 2 + x + 1 in Q[x].
(ii) Compute the degree of the splitting field x 8 + x 4 + 1 over Q and over F7 .
224 Let α be a complex root of x 4 − x 3 + x 2 − x + 1; for each c ∈ Q, compute the
degree [Q(α + cα −1 ) : Q].
225 Let f (x) = x 3 + 3x + 1.
(i) Find the degree of the splitting field of f (x) over Q.
(ii) Find all primes p for which f (x), considered as a polynomial in Fp [x], has a
multiple root in Fp .
226 Let f (x) = x 9 − 1.
(i) Show that f (x) has an irreducible factor of degree 6 over F11 .
(ii) Find the degree of the splitting field of f (x) over Q and over Q(ζ ), where
ζ ∈ C is a primitive third root of unity.
227 Let α ∈ C be a root of the polynomial f (x) = x 4 + x + 1.
(i) Find the minimal polynomial of 1/(α + 1) and the minimal polynomial of α 2
over Q.
(ii) Find the splitting field of the polynomial f (x) over F5 .
5 Rings and Fields 97

228 Given a prime p, consider a ∈ F∗p and let f (x) = (x 4 − a)(x 4 + a) ∈ Fp [x].
(i) Show that if p ≡ 3 (mod 4) then the splitting field of f (x) over Fp has degree
2.
(ii) Show that one can choose a and p with p ≡ 1 (mod 4) so that the splitting
field of f (x) over Fp has degree 1, 2 or 4.
229 Let p be an odd prime and let f (x) = x 6 + ax 3 + b ∈ Fp [x].
(i) Show that the degree of the splitting field of f (x) over Fp2 can only be 1 or 3.
(ii) Show that the degree of the splitting field of f (x) over Fp can neither be 4 nor
5.
(iii) Show that if p ≡ 2 (mod 3) then the degree of the splitting field of f (x) over
Fp cannot be 3.
230 Let f (x) = (x 15 − 1)(x 12 − 1).
(i) Find the degree of the splitting field of f (x) over F2 and over F7 .
(ii) Find all possible degrees of the splitting field of f (x) over Fp as p varies among
all primes.
231 Find the number of solutions of 2x 4 − 41x 3 + 201x 2 − 71x − 91 = 0 in
Z/1635Z and list at least six distinct solutions.
232 Let α ∈ C be a root of x 3 − x − 1.
(i) Write 1/(α + 2) as a polynomial in α with rational coefficients.
(ii) Compute the degrees [Q(α 2 ) : Q] and [Q(α 3 ) : Q].
233 Let α ∈ C be a root of the polynomial f (x) = x 4 − 3x − 5.
(i) Show that f (x) is irreducible in Q[x].
(ii) Find the minimal polynomial of 2α − 3 over Q.
(iii) Find the minimal polynomial of α 2 over Q.
234 Show that the ring Z[x]/(2x 2 + 17, x 2 + 6) is a vector space of dimension 2
over F5 .
√
235 Let K be the field Q( 3 2, i).
(i) Compute the degree [K √ : Q].
(ii) Is it true that K = Q( 3 2 + i)? √
(iii) Find the minimal polynomial of 3 2 + i over Q.
236
√ √ √ √
(i) Compute the degrees [Q( 3, 5) : Q] and [Q( 3 − 5) : Q].
√ √ √ √
(ii) Find the minimal polynomials of 3 − 5 and 3 − 5 − 1 over Q.
237 Factor the polynomial x 7 + x 6 + x 5 + x 4 + x 3 + x 2 + x + 1 as a product of
irreducible factors in C[x], Z[x], F5 [x] and F17 [x].
98 2 Exercises

238 Let f (x) = x 4 + 5x 3 + 5x 2 − x + 4.

(i) Factor f (x) in F7 [x].
(ii) Find the number of zero divisors and the number of invertible elements in the
ring F7 [x]/(f (x)).
 √
239 Let α = 2 + 5 + −5 ∈ C. Compute [Q(α) : Q] and [Q(α 2 ) : Q].
240 Let f (x) = x 4 + 3x 3 + x + 1.
(i) For each positive integer k, find the degree of the splitting field of f (x) over
F2k and over F3k .
(ii) Letting α ∈ C be a root of f (x), compute [Q(α) : Q].
241 Find the degree of the splitting field of x 4 − 2 over Q, over F3 and over F17 .
Chapter 3
Solutions

1 Sequences

1
(i) We proceed by induction. Since the inductive step relies on the previous two
cases, we shall first prove the statement for both n = 2 and n = 3. If n = 2,
then we have a2 = 5/6 and therefore the statement holds with b2 = 5 ≡ −1
(mod 6). For n = 3 we have a3 = 23/36, so the statement holds with b3 =
23 ≡ −1 (mod 6).
Let us now assume that am = bm /6m−1 , where bm ≡ −1 (mod 6), for all
m ≤ n; we shall show that an+1 can be written in the same form. From the
definition we have
an + an−1 1  bn bn−1 bn + 6bn−1
an+1 = = + n−2 = .
6 6 6n−1 6 6n
We can thus simply set bn+1 = bn + 6bn−1 and we also have bn+1 ≡ bn ≡ −1
(mod 6).
(ii) We proceed by induction and again begin by checking the statement in the first
two cases. For n = 0 we have c0 = 5a0 + (−1)0 4/3−1 = 22 and for n = 1 we
have c1 = 5a1 + (−1)1 4/30 = 15 − 4 = 11; the statement is therefore true for
the first two possible values of n. Let us now suppose that cm = 22 · 2−m for

© Springer Nature Switzerland AG 2020 99

R. Chirivì et al., Selected Exercises in Algebra, UNITEXT 119,
https://doi.org/10.1007/978-3-030-36156-3_3
100 3 Solutions

all m ≤ n. Then we have

4
cn+1 = 5an+1 + (−1)n+1
3n
1 4
= (5an + 5an−1 ) − (−1)n n
6 3
1 4 4 4
= cn − (−1)n n−1 + cn−1 − (−1)n−1 n−2 − (−1)n n
6 3 3 3
22 −n  2 2 4
= (2 + 2−(n−1) ) + (−1)n − n + n−1 − n
6 3 3 3
22
= n+1
2
as required.
2
(i) Proceed by induction on n. If n = 1, then a1 = 1 and therefore the statement
holds. Assume that the statement holds for n; then we have

(an+1 , 6) = (5an − 6an−1 , 6) = (5an , 6) = (an , 6) = 1.

(ii) By induction on n: for n = 0, 1 the statement holds by definition of a0 , a1 . Now

assume that the statement holds for all ai with i ≤ n. From the definition

an+1 = 5an − 6an−1

we get that 5 | an+1 if and only if 5 | an−1 . This concludes the proof.
3
(i) Both the required statement and the additional inequality an ≥ 12 an+1 will be
shown by induction on n.
For n = 1, both inequalities immediately follow from the fact that a1 = 1 and
a2 = 2.
Suppose both inequalities hold for n − 1. Since an+1 = an /2 + an−1 , from the
induction hypothesis an−1 ≥ an /2 it follows that an+1 ≥ an . Furthermore, we
can use the hypothesis that an−1 ≤ an to obtain that an+1 ≤ 3an /2; the latter
is less than 2an because, since a1 ≤ a2 ≤ · · · ≤ an , the number an is strictly
positive.
[[As an alternative, we can show the required inequality directly, using the induction
hypothesis for two consecutive values of n. We have to check the statement for two initial
values: a2 = 2 ≥ 1 = a1 and a3 = 2 ≥ 2 = a2 . Assuming the statement holds for n − 1 and
n, we have an+1 = an /2 + an−1 ≥ an−1 /2 + an−2 = an .]]
1 Sequences 101

(ii) In order to show the required statement we shall rely on the three recurrence
relations
1
a2n = a2n−1 + a2n−2 ,
2
1
a2n+1 = a2n + a2n−1 ,
2
1
a2n+2 = a2n+1 + a2n ,
2
which are all satisfied for n ≥ 2. Isolating a2n−1 in the first equation and
substituting its value into the second one we obtain that a2n+1 = 5a2n /2 −
2a2n−2 . Substituting this expression for a2n+1 into the third equation yields the
desired equality.
4
(i) Proceed by induction on n. For n = 0 and n = 1 the required equality is easily
checked. Assume it holds for n; we then have a02 + a12 + · · · + an2 + an+1 2 =
an an+1 + 2 + an+1
2 = an+1 (an + an+1 ) + 2 = an+1 an+2 + 2, that is, the desired
equality for n + 1.
(ii) Proceed by induction on n. For n = 0, 1, 2 the statement can be checked
directly. Assume it holds for all ai with i ≤ n. By employing the recurrence
relation twice we obtain that an+3 = 2an+1 + an for all n ≥ 0, hence 2 | an+3 if
and only if 2 | an , that is, if and only if n ≡ 0 (mod 3).
5 The sequence an = Fn /Fk does satisfy the requirements, since we have a0 =
F0 /Fk = 0, ak = Fk /Fk = 1 and

Fn+1 Fn + Fn−1
an+1 = = = an + an−1 for n ≥ 1.
Fk Fk

A sequence satisfying the requirements of the problem does therefore exist.

We shall now show that any such sequence must also satisfy a1 = 1/Fk . Indeed,
assume a0 , a1 , . . . is a sequence satisfying the required conditions; we shall show
by induction that this sequence coincides with the sequence bn = a1 Fn .
The above equality holds for n = 0 and n = 1 by construction. Assume it does
for all natural numbers up to n; we have an+1 = an + an−1 = a1 Fn + a1 Fn−1 =
a1 Fn+1 . It follows that we necessarily have 1 = ak = bk = a1 Fk , that is, a1 = 1/Fk .
Finally, we can show uniqueness: since any sequence satisfying the requirements
is such that a0 = 0 and a1 = 1/Fk , the induction above shows that an = Fn /Fk for
all n.
6
(i) Because of the initial conditions, 3 | a0, 3 | a1, 3  a2 . Assume now that n ≥ 1
and notice that 3 | 6an−1 for all n. If 3 | an then 3 | 7an and therefore 3 | 7an −
102 3 Solutions

6an−1 = an+2 . Conversely, if 3 | an+2 then 3 | an+2 + 6an−1 = 7an ; since 3

is prime and 3  7 this entails that 3 | an . Consequently, for n ≥ 1, 3 | an if and
only if 3 | an+2 , so the values of n we are looking for are zero and all odd natural
numbers.
(ii) For n = 0 we have a1 > a0 . We shall show by induction that, for all n ≥ 1, we
have an+1 > an if n is odd and an+1 < an if n is even.
Consider the first three cases: the recursion yields a3 = 30 and a4 = 194, so we
have a2 > a1 , a3 < a2 and a4 > a3 . Now suppose n ≥ 2; from the recursion
we obtain

an+2 −an+1 = 7an −6an−1 −7an−1 +6an−2 = 7(an −an−1 )−6(an−1 −an−2 ).

If n + 1 is odd, n − 1 is also odd and the induction hypothesis implies an −

an−1 > 0, while n − 2 is even and, again by the induction hypothesis, we have
an−1 −an−2 < 0. It follows that an+2 −an+1 is the sum of two positive numbers
and is therefore positive.
Conversely, if n + 1 is even then the induction hypothesis yields an − an−1 < 0
and an−1 − an−2 > 0, so an+2 − an+1 is the sum of two negative numbers and
therefore negative.
n
7 First of all we shall show by induction on n that an = 313 for all n. For n = 0
0
one can check that 313 = 311 = 31 = a0 . If we assume the statement for n, then
n n+1
we have that an+1 = an3 = (313 )3 = 313 .
Since (31, 44) = 1, powers of 31 are periodic modulo 44, with period given by
the multiplicative order of 31 in the group (Z/44Z)∗ , which is a divisor of φ(44) =
20. The order in question is the least common multiple of the multiplicative order
of 31 modulo 4 and modulo 11.
Now, 31 ≡ −1 (mod 4), so the former is 2. We also have 31 ≡ −2 (mod 11)
and, since −2 ≡ 1 (mod 11) while (−2)5 = −32 ≡ 1 (mod 11), the latter is 5.
Consequently, the order of 31 in (Z/44Z)∗ is 10.
n+k n
Therefore, we have 313 ≡ 313 (mod 44) if and only if 3n+k ≡ 3n (mod 10).
Since the order of 3 in (Z/10Z)∗ is 4, the sequence an = 313 is periodic modulo
n

44 with period 4.
[[Since the order of 3 in (Z/20Z)∗ is 4 as well, just observing that the order of 31 in (Z/44Z)∗
divides 20 is enough to conclude that k is at most 4, and one could simply exclude k = 1 and k = 2
via a direct check to obtain the desired result.]]

8 Remark that 202 = [2, 101] | an if and only if 2 | an and 101 | an.
Moreover, for p = 2 and for p = 101, if p | an0 then p | an for all n ≥ n0 . We
can show this by induction on n: it holds by assumption for n = n0 and, if p | an ,
then we have p | (202, an ) and therefore p | an+1 = an + (202, an ).
It is thus enough to show the existence of m and n such that 2 | am and 101 | an.
Consider the prime 2: if k is even then (202, k) is also even, and if k is odd then
(202, k) is also odd; therefore, a2 = k + (202, k) is always even.
1 Sequences 103

Let us now find n such that 101 | an. Given n ≥ 2, if 101  an , which as explained
before implies 101  am for all m ≤ n, one easily obtains that an+1 = a2 + 2(n − 1).
Since the equation 2(n−1)+a2 ≡ 0 (mod 101) admits n ≡ −51a2 +1 (mod 101)
as a solution, any n ≥ 0 for which the congruence holds is such that 101 | an+1.
9 First of all, remark that 3  an for all n ≥ 0: for n = 0 and n = 1 this is true
by hypothesis; for n > 1 it holds by induction, since, if we had that 3 | an+1 , we
would also have that 3 | 5an and thus (because (3, 5) = 1) 3 | an, which would be a
contradiction.
Let us now prove the problem statement, again by induction on n. If n = 1 then
we have a2 = 5a +3, which implies (a2 , a1 ) = (5a +3, a) = (3, a) = 1. Let us now
assume (an , an−1 ) = 1 for some n ≥ 2, and let d be a common divisor of an+1 and
an . The integer d must also be a divisor of an+1 − 5an = 3an−1 . But, since d | an ,
we have (d, 3) = 1 and thus d | an−1 . Finally, this yields that d | (an , an−1 ) = 1.
10
(i) Via direct calculations, one finds a0 = 2, a1 = 8, a2 = 34, a3 = 152. Any real
numbers h and k satisfying the requirements must therefore also satisfy

34 = 8h + 2k
152 = 34h + 8k.

The only solution to the system above is h = 8, k = −15. And indeed, those
values for h and k satisfy the original requirement for all n ≥ 1, because

8(3n +5n )−15(3n−1 +5n−1 ) = (3 +5)(3n +5n )−5 ·3n −3 ·5n = 3n+1 +5n+1 .

(ii) Notice that 5 is the multiplicative inverse of 3 modulo 7, so that 7 | an is

equivalent to 3n + 3−n ≡ 0 (mod 7). In other words, since 3 is invertible
modulo 7, the divisibility condition is the same as 32n + 1 ≡ 0 (mod 7). When
examining remainders of the powers of 3, one finds that 3k + 1 ≡ 0 (mod 7)
if and only if k ≡ 3 (mod 6). In particular, all admissible values for k are odd,
while we must have k = 2n in order for 7 to divide an . Consequently, no integer
possesses the required property.
[[Alternatively, one could observe that (Z/7Z)∗ has six elements and, by evaluating 3n + 3−n
(mod 7) for n = 0, 1, 2, 3, 4, 5, conclude that there is no n such that 7 | an .]]

11 The recurrence relation tells us that an < an+1 if and only if −an−1 + 2an−2 >
0, that is, an−1 < 2an−2 . We shall show by induction that both an < an+1 and
an+1 < 2an hold for all n ≥ 0. The initial assigned values immediately yield both
inequalities for n = 0, 1. Now assume both inequalities hold for all indices strictly
smaller than n; we shall show them for n by means of the recurrence relation.
By the induction hypothesis we have an−1 < 2an−2 , which implies an+1 =
an − an−1 + 2an−2 > an − 2an−2 + 2an−2 = an and therefore an < an+1 .
Also by the induction hypothesis, an−2 < an−1 < an , hence an+1 = an − an−1 +
2an−2 < an − an−1 + 2an−1 = an + an−1 < 2an , which yields an+1 < 2an .
104 3 Solutions

12
(i) We shall show the statement by induction on n. For n = 0 we have (a0 , a1 ) =
(1, 1) = 1, so the statement holds. Now, given n > 0, assume the statement
holds for all natural numbers strictly less than n. We have

(an , an+1 ) = (an , han + kan−1 ) = (an , kan−1 ) = (an , k),

where the last equality is implied by the induction hypothesis. It is therefore

enough to show that (an , k) = 1 for all n ≥ 0. Again, we can do this by
induction on n.
If n = 0, 1, then (a0 , k) = (a1 , k) = (1, k) = 1. Let us assume the result up to
n and show it is true for n + 1. We have

(an+1 , k) = (han + kan−1 , k) = (han , k) = (h, k) = 1

where the second to last equality holds by induction hypothesis. This completes
the proof.
(ii) By computing the fist values of bn = an2 − 1 we get b0 = 0, b1 = 0, b2 =
1062 −1 = 105 ·107, so the greatest common divisor we are looking for divides
105 · 107. Moreover, we have a2 ≡ 1 (mod 105), while a2 ≡ −1 (mod 107).
When considering the congruence modulo 105 one immediately obtains by
induction on n that an+1 = 35an + 71an−1 ≡ 35 + 71 ≡ 1 (mod 105), hence
bn ≡ 12 − 1 ≡ 0 (mod 105) for all n ≥ 0.
The congruence modulo 107 yields

a3 ≡ −35 + 71 ≡ 36 (mod 107)

so that b3 ≡ 362 − 1 ≡ 35 · 37 ≡ 0 (mod 107) and, since 107 is prime,

(b3 , 107) = 1.
The greatest common divisor we were after is therefore 105.
13 We shall show both statements by induction. If n = 0, then (i) and (ii)
correspond to F1 = F1 and 0 = F0 respectively, so they both trivially hold.
. . , n, and let us show each for n + 1.
Now assume both (i) and (ii) hold for 0, 1, .
In order to show (i), we want to prove that n+1 i=0
n+1
i Fi+1 = F2n+3 . We have:

n+1   n+1    
n+1 n n
Fi+1 = + Fi+1
i i i−1
i=0 i=0
n+1   n+1  
n n
= Fi+1 + Fi+1 .
i i−1
i=0 i=0
1 Sequences 105

 n  
Since n+1 = 0, the fist sum above is ni=0 ni Fi+1 , that is, F2n+1 . As for the
n
second sum, setting j = i − 1 and remarking that −1 = 0, we find

n+1   n   n  
n n n
Fi+1 = Fj +2 = (Fj + Fj +1 )
i−1 j j
i=0 j =0 j =0
n   n  
n n
= Fj + Fj +1
j j
j =0 j =0

= F2n + F2n+1 .

Putting all of this together, we obtain

n+1  
n+1
Fi+1 = F2n+1 + F2n + F2n+1 = F2n+2 + F2n+1 = F2n+3 .
i
i=0

For (ii), we have

n+1   n    
n+1 n+1 n+1
Fi = Fi + Fn+1
i i n+1
i=1 i=1
n      
n n n
= + Fi + Fn+1
i i−1 n
i=1
n   n  
n n
= Fi + Fj +1 = F2n + F2n+1 = F2n+2 .
i j
i=1 j =0

14
(i) Fist of all, notice that the system
⎧
⎨α + β√ = a1 = 1 √
⎩ 1 + 13 1 − 13
α+ β = a2 = 4
2 2
obtained for n = 1 and n = 2 does have a solution, since the two equations are
independent. √
[[Carrying
√
out the computations explicitly one immediately finds α = 1 + 13/26 and β =
1 − 13/26.]]
Let us now show the values α and β that solve this system also satisfy the
requirement of the problem for all n ≥ 1. The base cases n = 1 and n = 2
106 3 Solutions

obviously work. For the inductive step, let n ≥ 2 and let us assume the statement
for all positive integers up to n. We then have
√ √
1+ 13 n−1 1 + 13
an + 3an−1 = α( ) ( + 3) +
2 2
√ √
1 − 13 n−1 1 − 13
β( ) ( + 3)
2 2
√ √ √ √
1 + 13 n−1 7 + 13 1 − 13 n−1 7 − 13
= α( ) ( ) + β( ) ( )
2 2 2 2
√ √
1 + 13 n+1 1 − 13 n+1
= α( ) + β( )
2 2
so the statement holds for n + 1.
(ii) We show that an is even if and only if n ≡ 2 (mod 3). Indeed, using the
recurrence relation yields that an = 4an−2 + 3an−3 for all n ≥ 4. Therefore, an
is even if and only if an−3 is even; in other words, the parity of an only depends
on the remainder of n modulo 3. In conclusion, the statement is immediately
proven by remarking that, if a1 is odd, then a2 is even and a3 = a2 + 3a1 = 7
is, again, odd.

2 Combinatorics

15
(i) Each element x ∈ X must belong either to A, or to B, or to C; the three options,
since A, B and C have pairwise empty intersections, are mutually exclusive.
The number of possible triples is therefore 3n .
(ii) We can argue as above: each element x ∈ X must belong to one of the sets

A \ (B ∪ C), B \ (A ∪ C), C \ (A ∪ B), (A ∩ B) \ C,

(A ∩ C) \ B, (B ∩ C) \ A, A ∩ B ∩ C.

The fact that these seven option are mutually exclusive is obvious. The number
of triples is therefore 7n , as claimed.
16 First of all, remark that the only pair in X consisting of two copies of the same
integer is (1, 1). We can therefore partition X into the following disjoint subsets:
{(1, 1)}, X1 = {(m, n) | 1 ≤ m < n ≤ 100, (m, n) = 1} and X2 = {(m, n) | 1 ≤
n < m ≤ 100, (m, n) = 1}.
It is also clear that X1 and X2 contain the same number of elements, since X1
(m, n) −→ (n, m) ∈ X2 is a bijection between the two sets.
2 Combinatorics 107

Moreover, by grouping together all elements whose second component is n for

n = 1, 2, . . . , 100, we obtain that |X1 | = 100n=2 φ(n).
Wecan therefore conclude
 that, indeed, |X| = 1 + |X1 | + |X2 | = 1 + 2|X1 | =
1 + 2 100
n=2 φ(n) = 2
100
n=1 φ(n) − 1.
17 First, let us consider the set of all n satisfying the conditions (n, 18) = 6 and
n ≡ 2 (mod 7); that is, let us set aside for the moment the further restriction given
by the inequalities in the statement.
The first condition is equivalent to 6 dividing n and 9 not dividing n, that is,
n = 6h and h ≡ 0 (mod 3) for some integer h. The second condition now becomes
6h ≡ 2 (mod 7), that is, h ≡ −2 (mod 7), so we must have h = 7k − 2 for
some integer k. Using what we just proved, we can now rewrite h ≡ 0 (mod 3)
as 7k − 2 ≡ 0 (mod 3), that is, k ≡ −1 (mod 3), so we must have k = 3u or
k = 3u + 1 for some integer u. Substituting into previous expressions we obtain
n = 6h = 6(7k − 2) = 6(7 · 3u − 2) = 126u − 12 or n = 6h = 6(7k − 2) =
6(7 · (3u + 1) − 2) = 126u + 30.
Let us now impose the condition 1 ≤ n ≤ 10000: in the first case, this gives
1 ≤ 126u − 12 ≤ 10000 and so 1 ≤ u ≤ 79, which yields 79 solutions in total;
in the second case, 1 ≤ 126u + 30 ≤ 10000 so 0 ≤ u ≤ 79, hence another 80
solutions.
In conclusion, the set in the problem statement contains 79 + 80 = 159 elements.
18 The positive divisors of 340 · 525 are the integers of the form 3n 5m with 0 ≤ n ≤
40, 0 ≤ m ≤ 25.
The required congruence then becomes 3n 5m ≡ 1 (mod 7). Powers of 3 modulo
7 are congruent to 1, 3, 2, −1, −3 and −2, in this order, and then cycle back to 1. In
particular, 5 ≡ −2 ≡ 35 (mod 7). We may therefore rewrite the requirement for n
and m as 3n+5m ≡ 1 (mod 7).
We just saw that 3 has multiplicative order 6 modulo 7, hence n + 5m ≡ 0
(mod 6), that is, n ≡ m (mod 6).
In order to obtain the required cardinality we must find the number of pairs (n, m)
such that 0 ≤ n ≤ 40, 0 ≤ m ≤ 25 and n ≡ m (mod 6).
Since 40 = 6 · 6 + 4, we have 7 = 6 + 1 solutions for each m congruent to 0, . . . , 4
modulo 6 and, since 25 = 4 · 6 + 1, there are 22 such m, which amounts to 154
solutions.
We must now count solutions such that m ≡ 5 (mod 6): each such m gives six
possibilities for n and, since m can only be 5, 11, 17 or 23, this yields another 24
solutions.
In conclusion, the required cardinality is 154 + 24 = 178.
19
Solution 1 We shall proceed in several steps.
If n were a power of 2, n = 2a say, then φ(n) = 2a−1 would be as well. There
must therefore be an odd prime factor of n.
Given a prime p that divides n, the number p −1 divides 12, so p −1 can only be
1, 2, 3, 4, 6 or 12. But, since p is prime, the only options are p = 2, 3, 5, 7, 13.
108 3 Solutions

Given a prime q such that q 2 divides n, q must also divide φ(n): such a prime
can only be 2 or 3.
If five divides n, then 52 does not divide n thanks to the remark above, so we must
have n = 5m with (5, m) = 1. But then 12 = φ(n) = 4φ(m) and so φ(m) = 3,
which is impossible since the only odd value that Euler’s totient function takes is 1.
If seven divides n, then 72 does not divide n, so n = 7m with (7, m) = 1. Then
12 = φ(n) = 6φ(m) and so φ(m) = 2.
Let now q be a prime that divides m; then q − 1 divides φ(m) = 2, so the only
possibilities are q = 2 and q = 3. Moreover, 9 cannot divide m or 3 would divide
φ(m) = 2. Similarly, 8 cannot divide m or 4 would divide φ(m). We thus have
m = 2a 3b with a = 0, 1, 2 and b = 0, 1. Checking these six values directly yields
φ(m) = 2 for m = 3, 4, 6.
We have ended up with the three possibilities n = 21, n = 28 and n = 42.
If 13 divides n, then 132 does not divide n, so n = 13m with (13, m) = 1. Then
12 = φ(n) = 12φ(m) and so φ(m) = 1, which gives m = 1 or m = 2. This yields
the solutions n = 13 and n = 26.
If none of the above holds then n = 2a 3b for natural numbers a and b with b > 0.
In this case, 12 = φ(n) = 2a−1 · 2 · 3b−1 = 2a 3b−1 , so a = 2 and b = 2, that is,
n = 36.
Finally, we can conclude that φ(n) = 12 if and only if n belongs to the set
{13, 21, 26, 28, 36, 42}.
Solution 2 Let n = p1α1 · · · pkαk be the prime factorisation of n. Since Euler’s totient
! α α α
function is multiplicative, we have φ(n) = ki=1 φ(pi i ). Unless pi i = 2, φ(pi i ) =
αi
(pi − 1)pi is even, so we can only decompose 12 as 1 · 2 · 6, 2 · 6, 1 · 12 or 12,
where the factor 1 only appears if 2|n and 4  n.
α α
Consider the case where φ(pi i ) = 2: if pi = 2 then pi i = 4; if not, then
αi
pi = 3.
α α
If φ(pi i ) = 6, then if pi = 3 we must have pi i = 9; the only other possibility
αi
is pi = 7.
α
Finally, consider the case where φ(pi i ) = 12: one can immediately check that
α
pi = 2, 3, so we must have pi − 1 = 12, that is, pi i = 13.
αi
Taking into account the fact that factors pi must be pairwise relatively prime, we
are left with only the following possibilities for n: 4 · 9 = 36, 4 · 7 = 28, 3 · 7 = 21,
2 · 3 · 7 = 42, 13, 2 · 13 = 26. These all satisfy the required condition.
20 Since n2 = x + y ≤ 49 + 49 = 98 we have n ≤ 9. We shall first deal with the
case n ≤ 7.
In this case, all triples (h, n2 − h, n) with h = 0, . . . , n2 satisfy the conditions.
We therefore have n2 + 1 triples for each n ≤ 7.
If n = 8 then we get the triples (h, 64 − h, 8) with h = 15, . . . , 49, where the
values of h are those for which 0 ≤ x, y < 50; this yields 49 − 15 + 1 = 35 triples.
Similarly, for n = 9 we get the triples (h, 81 − h, 9) with h = 32, . . . , 49, which
are 49 − 32 + 1 = 18.
2 Combinatorics 109

The total number of triples is therefore 1+2+5+10+17+26+37+50+35+18 =

201.
21 We can write the expression for Euler’s totient function φ as

φ(n)  p − 1
= .
n p
p|n

Suppose q is the largest prime divisor of n; q is then also the largest prime divisor of
the denominator of φ(n)/n: this is because q divides the denominator of (q − 1)/q
and cannot cancel out with any factor of q dividing the numerator of (p − 1)/p,
since we have p − 1 < q.
Consequently, if φ(n)/n = 2/5, then the largest prime factor of n must be 5.
Consider all integers n for which this is true. If n is divisible by 2 and by 5 but not
by 3, then

φ(n) 1 4 2
= · =
n 2 5 5
and the condition is satisfied. In all other cases, that is, when n is not divisible by 2
or is divisible by 3, it is easily checked that the desired equality does not hold.
22 Set D = {1 ≤ d ≤ n | d divides n} and Φ = {1 ≤ k ≤ n | (k, n) = 1}. If
x ∈ D ∩ Φ then x = (x, n) = 1, hence |D ∩ Φ| = 1.
Statement (i) is a simple consequence of the inclusion-exclusion principle: we
have

|D| + |Φ| = |D ∪ Φ| + |D ∩ Φ| = |D ∪ Φ| + 1 ≤ n + 1.

As for (ii), remark that the required equality holds if and only if |D ∪ Φ| = n − 1,
that is, if and only if there is exactly one integer k, with 1 ≤ k ≤ n, which is not a
divisor of n nor is it coprime to n.
If n is prime, then d(n) = 2 and φ(n) = n − 1, thus d(n) + φ(n) = n + 1.
It is therefore enough to consider composite numbers. If n = ab with a > 1 and
b > 4, then there are at least two numbers, that is, a(b − 1) and a(b − 2), that are
not divisors of n nor coprime to n, so no such n satisfies the required equality.
Assume that n = p1 . . . pk is the prime factorisation of n, with p1 ≤ p2 ≤
· · · ≤ pk not necessarily distinct. If we set a = p1 and b = p2 . . . pk , we can
use what we showed above to obtain that we can only have p2 . . . pk = 2, 3, 4,
so n = 4, 6, 9, 8. Direct verification shows that the case n = 4 must be excluded,
because d(4) + φ(4) = 3 + 2 = 5, while all other values are indeed solutions:

d(6) + φ(6) = 4 + 2 = 6, d(9) + φ(9) = 3 + 6 = 9, d(8) + φ(8) = 4 + 4 = 8.

23 Remark that all natural numbers with the required property must be multiples
of 3, so can be written in the form n = 3a m, where (m, 3) = 1. We must also have
110 3 Solutions

a ≤ 2, otherwise both n and φ(n) = 2 · 3a−1 φ(m) would be multiples of 9. Now, n

must be odd, because from 3 | n we obtain that 2 | φ(n) and therefore if n were even
2 would divide (n, φ(n)). Finally, all primes p > 3 that divide n must appear in the
prime factorisation of n with an exponent of 1, because if that were not the case we
would have p | (n, φ(n)). Two separate cases present themselves:
1 The integer n is a multiple of 9, that is, n = 9m with (m, 3) = 1 and m odd
and squarefree. Then n ≤ 120 implies that m ≤ 13. If p | m then 3  p − 1, or
we would have 9 | (n, φ(n)). The only admissible values for m are therefore m =
1, 5, 11, which yield the solutions n = 9, 45, 99.
2 Conversely, suppose that n is not a multiple of 9, that is, n = 3m with
(m, 3) = 1 and m odd and squarefree. If n = 3p for some prime p, then
φ(n) = 2(p − 1) and the required condition is equivalent to 3 | p − 1. Since we ask
that n ≤ 120, we must have p ≤ 40: the only primes satisfying the requirements are
7, 13, 19, 31, 37, and from those we get the solutions n = 21, 39, 57, 93, 111.
Finally, if n = 3m where m is the product of at least two distinct primes, each of
which must be strictly greater 3, the fact that m ≤ 40 implies that the only possibility
for m is m = 5 · 7, that is, n = 105.
24 There are three possible configurations of remainders modulo 2 for a triple
(a, b, c) satisfying the requirements: (0, 0, 1), (0, 1, 0) and (0, 0, 1). There are 12
possibilities for the triple’s remainders modulo 3: (0, x, y), (x, 0, y) or (x, y, 0),
where x and y are nonzero remainders.
There are therefore 36 possible configurations modulo 6 for the triples under
consideration. For each configuration modulo 6, there are 103 = 1000 triples
pertaining to it, since we have 60/6 = 10. Hence, the total number of triples
satisfying the requirements is 36 · 1000 = 36000.
25 We shall show the statement by induction on k = ω(m). We have k = 0 if and
only if m = 1, in which case

φ(1) 1
1= ≥ = 1.
1 0+1

Now assume the statement for ω(m) = k; we shall show it for ω(m) = k + 1.
αk+1
Suppose m = p1α1 · · · pk+1 with p1 < p2 < · · · < pk+1 and αi > 0 for all i. Set
α1 αk
n = p1 · · · pk .
By the induction hypothesis, φ(n)/n ≥ 1/(k + 1); moreover, it is clear that
pi ≥ i + 1 for all i, so in particular

1 1 k+1
1− ≥1− = .
pk+1 k+2 k+2

Therefore, we have
 
φ(m) φ(n) 1 1 k+1 1
= · 1− ≥ · = .
m n pk+1 k+1 k+2 k+2
2 Combinatorics 111

26 There are 8 · 9 · 9 · 9 − 1 integers satisfying the first two requirements: indeed,

there are eight possibilities for the first digit and nine for each of the other digits,
except that the number 1000 must be excluded. Among these integers, those that do
not satisfy the last requirement are exactly those whose digits are all different: there
are eight possibilities for the first digit; eight possibilities for the second (9 minus
the one value already chosen for the first digit); seven for the third (9 minus the
values used for the first two digits) and six for the fourth (9 minus the values used
for the first three digits).
Numbers of this type are therefore 8 · 8 · 7 · 6. Consequently, there are 8 · 9 · 9 ·
9 − 1 − 8 · 8 · 7 · 6 = 3143 integers satisfying the original requirements.
27
(i) There are two possibilities for f (1): f (1) = 1 and f (1) = 2. Suppose 2 ≤
i ≤ n; given the values of f (1), . . . , f (i − 1), which we know must belong to
{1, . . . i} and be distinct, there are two possibilities for f (i), given by the two
elements of {1, . . . , i + 1} \ {f (1), . . . , f (i − 1)}. Finally, given the values of
f (1), . . . , f (n−1), there is but one possible value for f (n), that is, the element
of {1, . . . , n} different from f (1), . . . , f (n − 1). The cardinality we are looking
for is therefore 2n−1 .
(ii) Let xn be the cardinality of the set in the statement, which we shall denote by
Xn . For n = 1, 2 all permutations satisfy the requirement, so x1 = 1 = F2 and
x2 = 2 = F3 .
In order to show the claim it is therefore enough to show that xn+1 = xn + xn−1
for n ≥ 2. Since we necessarily have f (n + 1) = n + 1 or f (n + 1) = n, let us
partition the set Xn+1 into two subsets: Yn+1 = {f ∈ Xn+1 | f (n + 1) = n + 1}
and Zn+1 = {f ∈ Xn+1 | f (n + 1) = n}.
Elements of Yn+1 can be made to bijectively correspond to elements of Xn , so
|Yn+1 | = xn . On the other hand, if f ∈ Zn+1 then the fact that f (i) ≤ n for
i = 1, . . . , n − 1 implies that necessarily f (n) = n + 1. It follows that Zn+1 is
in bijection with Xn−1 and therefore has xn−1 elements.
28
(i) The number of all subsets satisfying the requirements can be obtained as the
sum of the number N of all subsets of X consisting of three elements that are
all congruent modulo 5, and the number M of all subsets of X consisting of
three elements, exactly two of which are congruent modulo 5. Since X has
20 elements in each congruence class modulo 5, the number N is given by
the number of possible classes modulo five times the number of three-element
subsets of the chosen class, that is, N = 5 · 20 3 . Similarly, M is given by
the number of possible choices of a class modulo five times the number of
possible two-element subsets of the chosen class, times thenumber of ways we
can choose a third element outside that class, so M = 5 · 20 2 · 80. Taking the
sum we obtain N + M = 81700.
112 3 Solutions

[[The same result could be obtained by subtracting the number


of subsets of X consisting of

5 100
three elements from distinct congruence classes, that is, 3 203 , from the number 3 of all
possible subsets of X with three elements.]]
(ii) The set X contains 20 elements from each congruence class modulo 5. Maps
from X to X satisfying the requirement send each of the 100 elements n ∈ X
to one of the 20 elements of X in the congruence class of n + 1 modulo 5. The
number we want is therefore 20100.
29
(i) The condition (xy, 6) = 1 is equivalent to (x, 6) = 1 and (y, 6) = 1, so
we have to find the number of ordered pairs of elements of X such that both
components are coprime to 6. Now, set Xi = {x ∈ X | x ≡ i (mod 6)} for
i ∈ {1, 2, 3, 4, 5, 6}; we have X = 6i=1 Xi and for each x ∈ Xi we have
(x, 6) = (i, 6). It follows that x ∈ X is coprime to 6 if and only if x ∈ X1 or
x ∈ X5 . Since 100 = 16 · 6 + 4, we get |X1 | = 17 and |X5 | = 16. Therefore,
X has 33 elements that are coprime to 6.
The number of ordered pairs of elements in X such that both components are
coprime to 6 is thus 332.
(ii) Let A = {(x, y) ∈ X2 | x < y + 6}. For y = 1, 2, . . . , 95, set Xy = {1, . . . , y +
5}, and, for 96 ≤ y ≤ 100, set Xy = X. Clearly, we have


100
A= Xy × {y}
y=1

and so, this being a disjoint union,

100
|A| = |Xy |
y=1
95
= y=1 + 5) + 5 · 100
(y
= 500 + 100y=6 y
= 500 + 100 · 101/2 − (1 + 2 + 3 + 4 + 5)
= 5535.

30
(i) Maps in the set A are bijective, so for all y ∈ X, there is x ∈ X such that y =
f (x). The condition f 2 (x) ≡ f (x) (mod 2) implies that f (y) ≡ y (mod 2)
for all y ∈ X, so the elements of A are exactly those bijections from X to
X sending even numbers to even numbers and odd numbers to odd numbers.
Consequently, |A| = 50!50!.
(ii) Given f ∈ B, set Y = f −1 (1); the set Y cannot be empty, because 1 ∈ f (X).
Moreover, f (Y ) = {1} and 1 ∈ f (X \ Y ). It is easy to check that the condition
f 2 (X) = {1} is equivalent to {1} = f (Y ) ⊆ Y and f (X \ Y ) ⊆ Y , which,
because of the argument above, implies f (X \ Y ) ⊆ Y \ {1}.
2 Combinatorics 113

Maps in B having f −1 (1) = Y for some fixed subset Y of X such that 1 ∈ Y

and |Y | = k +1 are therefore as many as all possible maps from X \Y to Y \{1},
that is, k 99−k . For each k ≥ 0 there are 99
k subsets Y of X that have cardinality
k + 1 and contain 1, so

99  
99 99−k
|B| = k .
k
k=0

31
(i) Clearly, d | 144000 = 27 32 53 if and only if d = 2a 3b 5c with 0 ≤ a ≤ 7,
0 ≤ b ≤ 2, and 0 ≤ c ≤ 3. The number of divisors of an integer d as above is
(a + 1)(b + 1)(c + 1), so it is even if and only if at least one among a, b, c is
odd. The number of values for d such that this holds can be obtained as a sum
by considering the following cases: a is odd and b, c have no further constraints,
4 · 3 · 4 = 48 possibilities; a is even, b is odd and c has no further constraints,
4·1·4 = 16 possibilities; finally, a and b are both even and c is odd, 4·2·2 = 16
possibilities.
So X has 80 elements.
[[The same result could be obtained by subtracting from the number of all divisors of 144000,
that is, 8 · 3 · 4 = 96, the number of those having an odd number of divisors, so those given
by a, b, c all even, that is, 4 · 2 · 2 = 16.]]
(ii) As for the set Y , remark that a number is both a perfect square and a perfect
cube if and only if it is a 6th power. It follows that d = 2a 3b 5c ∈ Y if and
only if a, b, c are all even, but not all divisible by 6. Therefore, we have |Y | =
4 · 2 · 2 − 2 · 1 · 1 = 14.
32
(i) Consider X0 = {x ∈ X | x ≡ 0 (mod 2)} and X1 = {x ∈ X | x ≡ 1 (mod 2)}.
 all A ⊆ X, setting Ai = A ∩ Xi for i = 0, 1, we have A = A0 ∪ A1 and
For
a∈A a ≡ |A1 | (mod 2).
Therefore, A belongs to A if and only if the cardinality of A1 is even. So, sets
A ∈ A are obtained by choosing a subset A0 of X0 , which can be done in
250 ways, and a subset A1 of X1 with an even number of elements in one of
 25 50
k=0 2k = 2 ways. It follows that |A| = 2 .
49 99

(ii) Using the notation we introduced in order to answer the previous question, first
remark that the condition A ∈ B does not impose any constraints on A1 , which
can be any subset of X1 : we have 250 possibilities for A1 . The subset A0 can be
of one of the following types.  50 50
It can have at least three elements: |A0 | ≥ 3, which gives 250 − 50 0 − 1 − 2
possibilities. Or we have |A0 | = 2, in which case at least one of its two elements
must be divisible by 4; equivalently, we must choose two elements of X0 that
do not both lie in the subset
25 containing the 25 elements divisible by 2 but not
by 4, which gives 50 2 − 2 possibilities. Or, finally, |A0 | = 1 and the element
114 3 Solutions

it contains must be one of the 12 elements of X0 that are divisible by 8, which

gives 12 possibilities.  50 25
In conclusion, |B| = 250(250 − 50 0 − 1 − 2 + 12) = 2 (2 − 339).
50 50

33 Let X = {2, . . . , 1000} and consider n ∈ X. We shall write n = 2a p1e1 · · · prer

with p1 , . . . pr distinct odd primes, ei ≥ 1 and a ≥ 0. Moreover, since φ(n) is even
for all n > 2, the required divisibility implies that n must be even, that is, a ≥ 1. It
follows that


r 
r 
r
φ(n) = 2a−1 piei −1 (pi − 1) | n ⇐⇒ (pi − 1) | 2 pi .
i=1 i=1 i=1
!
odd, we have 2r | ri=1 (pi − 1): but then, we must have r = 0
Since the pi ’s are!
r
or r = 1, because 2 i=1 pi cannot be a multiple of 4.
If r = 0, then n = 2a with a ≥ 1: there are exactly nine integers of this form in
the set X and all of them satisfy the condition φ(n) | n.
On the other hand, if r = 1 then we have n = 2a pe for some odd prime p and
some a, e ≥ 1: the condition φ(n) | n is equivalent to p − 1 | 2p, so to p − 1 | 2,
since (p − 1, p) = 1. The only possibility is that p = 3.
Integers of the form n = 2a 3e , with a, e ≥ 1, in the set X can be enumerated as
follows: we have 2a 3e ∈ X if and only if 2a ≤ 1000/3e , which immediately yields
eight possible values of a for e = 1, plus 6 values for e = 2, plus 5 for e = 3, plus
3 for e = 4, plus 2 for e = 5, while there are none for e ≥ 6.
In conclusion, the number of integers n satisfying the required conditions is 9 +
8 + 6 + 5 + 3 + 2 = 33.
34 We shall check the formula by induction on n. For n = 1 we clearly have
p1 = 1/2, that is the probability that the outcome of the first coin toss is heads, and
indeed 1/2 = 2/3 + (−1)/(3 · 2). For n = 2 we have p2 = 1/2 · 1/2 + 1/2 = 3/4,
that is, x2 is given by the probability of the first two outcomes being heads, plus the
probability that the first outcome is tails; and indeed, 3/4 = 2/3 + 1/(3 · 22 ).
Now assume the formula from the statement is valid for all m < n; we shall show
it for n. Notice that there are two mutually exclusive ways to obtain a score xk = n
for some k: either there is k such that xk−1 = n − 1 and that the outcome of the kth
coin toss is heads, or there is k such that xk−1 = n − 2 and that the outcome of the
kth coin toss is tails.
By the induction hypothesis, the probability of the first event is
 
1 2 (−1)n−1
+
2 3 3 · 2n−1

and the probability of the second event is

 
1 2 (−1)n−2
+ .
2 3 3 · 2n−2
2 Combinatorics 115

By summing the two, we find that the probability of having xk = n for some k is
equal to

2 1 (−1)n 2 (−1)n
+ · (−1 + 2) = +
3 2 3 · 2n−1 3 3 · 2n
as required.
35 We shall write S(f ) = S+ (f ) + S− (f ), where

S+ (f ) = (f (i) − i), S− (f ) = − (f (i) − i).

i | f (i)>i i | f (i)<i


Since we clearly have 10 i=1 (f (i) − i) = 0, it follows that S+ (f ) = S− (f ) and thus
S(f ) = 2S+ (f ) is always even. This implies that the answer to the second question
is 0.
As for the first question, S(f ) = 2 implies S+ (f ) = S− (f ) = 1, so there is
exactly one index i for which f (i) = i+1 and exactly one j for which f (j ) = j −1,
whereas for all other indices k different from i, j we have f (k) = k. The map f
must therefore exchange two consecutive numbers and keep all others fixed. There
are exactly nine pairs of consecutive integers in {1, 2, . . . , 10}, so the answer is 9.
For the third question, we must have S+ (f ) = S− (f ) = 2. We shall distinguish
three cases.
1 There is exactly one i such that f (i) = i + 2 and exactly one j for which
f (j ) = j − 2. This case can be dealt with in the same way as question (i), by
noticing that there are eight pairs of integers in {1, 2, . . . , 10} whose difference is 2.
2 There are exactly two indices i for which f (i) = i +1 and exactly two indices
j for which f (j ) = j −1. In this case, the map f must exchange the numbers within
each of two pairs of consecutive integers. In order to find the number of such maps,
remark that, if the smallest pair—that is, the pair whose integers are smaller—is
{1, 2}, then there are seven ways to choose the other pair; if the smallest pair is
{2, 3}, then there are six ways to choose the other pair, and so on. We thus have
7 + 6 + · · · + 1 = 28 possibilities for f .
3 There are exactly two indices i for which f (i) = i + 1 and there is one index
j such that f (j ) = j − 2, or vice versa. We shall only discuss the first case, since
the second is symmetric.
The permutation f can only be of the form (i, i + 1, i + 2), that is, it must
cycle three consecutive integers. There are 8 possible triples of consecutive integers,
which, by symmetry, yields a total of 16 possibilities for f .
The answer to the third question is obtained by summing the three results above:
we get 8 + 28 + 16 = 52.
36 The sum of all integers from 1 to 100 (inclusive) is 5050.
(i) Choosing a subset A containing 96 elements is equivalent to choosing its
complement B containing 4 elements. Since 5050 is even, the sum of all
116 3 Solutions

elements in A is even if and only if the sum of all elements in B is even. We

have the following possible cases:
1 The 4 numbers are all even, that is, B is a four-element subset of the set of

the 50 even numbers between 1 and 100; in this case, there are 50 4 choices for
B. 50
2 The four numbers are all odd; like before, there are 4 choices for B.
3 Two of the 4 numbers are even, two are odd; in this case B consists of a
two-element subset of a set of 50 even numbers
50 and a two-element subset of a
set of 50 odd numbers; this yields 50 2 · 2 possibilities for B.
 50 2
There are therefore 2 504 + 2 possibilities in total.
(ii) As before, rather than choosing the subset A we shall choose its three-element
complement C. Since 5050 ≡ 1 (mod 3), the sum of all elements in A is
divisible by 3 if and only if the sum of all elements in C is congruent to 1
modulo 3.
Remark that, among the numbers from 1 to 100, there are 33 congruent to zero
modulo 3, 34 congruent to 1 and 33 congruent to 2. Suppose C = {a, b, c}. Up
to reordering the labels a, b, c, there are three possibilities: 1 a ≡ b ≡ 0, c ≡

1 (mod 3), in which case {a, b} can be chosen in 33 2 ways and c in 34 ways;
34
2 a ≡ b ≡ 1, c ≡ 2 (mod 3), in which case {a, b} can be chosen in 2 ways
and c in 33 ways; or, finally, 3 a ≡ b ≡ 2, c ≡ 0 (mod 3), in which case

{a, b} can be chosen in 33 ways and c in 33 ways.
33 2  33
We thus get a total of 2 · 34 + 34 2 · 33 + 2 · 33 possibilities for A.

37 The set A is in bijection with the set of all possible five-element subsets
of {1, . . . , 100}: indeed, we can make each f ∈ A correspond to the set of its
values {f (1), f (2), f (3), f (4), f (5)}. The cardinality of A is therefore equal to
the
100number of ways one can choose 5 elements in a set of 100 elements, that is,
5 .
The set B is obtained from the set A by excluding all maps such that f (i + 1) =
f (i) + 1 for all i = 1, 2, 3, 4, that is, by subtracting the set of maps such that
f (1) = a, f (2) = a + 1, f (3) = a + 2, f (4) = a + 3, f (5) = a + 4 with
a ∈ {1, . . . , 96}. Therefore, |B| = 100
5 − 96.
In order to find the cardinality of C, remark that the condition that defines it is
equivalent to the following: the map g(i) = f (i) − i is strictly increasing and takes
values in {0, . . . , 95}. Indeed, we have

f (i + 1) > f (i) + 1 ⇐⇒ f (i + 1) − (i + 1) > f (i) + 1 − (i + 1) = f (i) − i

and, moreover,

f (1) ≥ 1 ⇐⇒ g(1) ≥ 0 and f (100) ≤ 100 ⇔ g(100) ≤ 95.

2 Combinatorics 117

So in order to find the cardinality of C it is enough to find the number of strictly

increasing maps taking values in {0, . . . ,95}. By the same argument used for finding
the cardinality of A, we find that C has 96 5 elements.
38
(i) First, consider the problem of forming an ordered sequence of n teams of four.
In order to form the first team, we must choose four people from a set of 4n
people, which can be done in 4n 4 ways. Players for the second team will be

chosen among 4n − 4 people, so the team can be formed in 4n−4 4 ways. We
can iterate this argument to obtained that the ordered list of n teams can be
formed in
    
4n 4n − 4 4 (4n)!
··· =
4 4 4 (4!)n

ways. Finally, since the same n teams can be ordered in n! distinct ways, the
answer is
(4n)!
.
(4!)n · n!

(ii) Again, we shall first form the n teams in order. In order to form the first team,
we must choose two men and two women in the respective 2n-element sets: this
 2
can be done in 2n 2 ways. By a procedure similar to the one from before, an
ordered list of n teams can be formed in
 2    2
2n 2n − 2 2 2 (2n)!2
··· = 2n
2 2 2 2

ways, hence a non-ordered set of n teams can be formed in

(2n)!2
22n n!
ways.
39 Notice that x and f (x) must have the same number of divisors and the same
number of multiples in the interval under consideration. It follows that 1, which is
the only number with exactly one divisor, must be sent to 1, and any prime must
be sent to a prime, since primes are those natural numbers that have exactly two
divisors.
In general, the number of divisors of an integer m can be obtained from the prime
a
factorisation p1a1 · · · pk k of m as the product (a1 +1) · · · (ak +1); indeed, each prime
pi may appear in the prime factorisation of a divisor of m with an exponent ranging
from 0 to ai , so there are ai + 1 choices for each i = 1, . . . , k.
118 3 Solutions

Consider in particular the case where all ai are equal to 1, that is, m =
p1 p2 · · · pk . In this case, m has exactly 2k divisors. Now, since pi divides m, its
image qi = f (pi ) must be a prime dividing f (m). Moreover, the qi ’s must be
distinct because f is injective. Therefore, f (m) must be a multiple of q1 q2 · · · qk ,
and since it must have the same number of divisors as m (that is, 2k ), it must be
equal to the product in question. This shows (i).
As for (ii), remark that powers of primes can be characterised as those natural
numbers that do not have two distinct prime factors. Since we already showed that
primes are sent to primes and that distinct primes are sent to distinct primes, it
follows that any power pn of a single prime p must be sent to some power of the
corresponding prime q = f (p). But we can say more: pn must be sent to q n , that
is, maintain the same exponent n, otherwise pn , which has n + 1 divisors, would not
have the same number of divisors as its image under f . This concludes the proof of
(ii).
More generally, we shall show by induction on m that if the prime pi is sent to
qi = f (pi ) for i = 1, . . . , k, then m = p1a1 · · · pkak is sent to q1a1 · · · qkak .
This has just been proven for k = 1, so assume k > 1. We may ! also assume
a
that exponents ai are positive; by the induction hypothesis, m/p1a1 = j =1 pj j is
! a
sent to j =1 qj j . Since m/p1a1 divides m, f (m/p1a1 ) must divide f (m). Hence in
a
particular qj j divides f (m) for all j = 1. A similar argument, where 1 is exchanged
with another index, shows that q1a1 also divides f (m). Therefore, f (m) must be a
a
multiple of q1a1 · · · qk k and, since it must have the same number of divisors as m,
must actually coincide with that number.
We have thus shown that f is actually fixed once the image of all prime numbers
is fixed, that is, once we know how it permutes the primes. Let us now show that,
for n = 10, the only possible f is the identity. It is enough to show that each prime
must be sent to itself. The primes up to 10 are 2, 3, 5, 7. If 2 were sent to 3, 23 would
have to be sent to 33 , but this cannot be the case because 33 > 10. The possibilities
f (2) = 5 and f (2) = 7 are excluded in a similar way, and we have to conclude that
2 is sent to 2. Similarly, 3 is sent to 3, or we would not be able to assign an image
to 32 . The only possibilities for f (5) are then 5 and 7, but, since 2 is sent to 2, 2 · 5
must be sent to 2 · f (5), which excludes the case f (5) = 7. Indeed, every prime is
sent to itself and f is the identity.
For n = 13, a similar argument shows that f can apply any permutation to the
three primes 7, 11, 13 but must keep other primes fixed, so we have six possibilities.
40
(i) We may just consider the four sets of ten positions that cards of each suit will
occupy, because the order of the cards in each set is fixed. There are 40
10 ways
30
to choose the ten positions occupied by coins; we are left with 10 choices for

the positions occupied by swords, then 2010 choices for the positions occupied
2 Combinatorics 119

by clubs, and finally the positions occupied by cups are all those that remain.
The number we are looking for is therefore
     
40 30 20 40!
· · = .
10 10 10 (10!)4

(ii) Let us choose the 20 positions that will be occupied by coins or swords: this
can be done in 40 20 ways. Now, coins must necessarily occupy the fist 10
of these positions, while swords will occupy the remaining 10. Within their
assigned ten positions, both coins and swords can assume any order among the
10! available. Finally, cups and clubs can be distributed freely among the 20
remaining positions, in any of 20! possible ways. The answer is therefore
 
40 40! · (10!)2
· (10!)2 · 20! = .
20 20!

41 First, suppose n = 2m with m ≥ 1; partition the n numbers into two m-

element subsets E and O, containing all of the even numbers and all of the odd
numbers respectively. If a subset X does not have at least three numbers of the same
parity, then it contains at most two elements of E and at most two elements of O.
Accounting for the cases of X containing 0, 1 or 2 even numbers, we find we can
choose the even elements of X in
     
m m m m2 + m + 2
+ + =
0 1 2 2

ways. The same argument can be made regarding the number of ways we can choose
odd elements of X, so the number of subsets of X that do not contain three elements
of the same parity is
 2
m2 + m + 2
.
2

If n = 2m − 1 with m ≥ 1 (that is, if n is odd), the subset of odd numbers has

cardinality m while the subset of even numbers has cardinality m − 1. Therefore,
the expression for the number of subsets of X with no three elements of the same
parity becomes

m2 + m + 2 m2 − m + 2
· .
2 2
120 3 Solutions

We obtain the final answer by subtracting the number of subsets with no three
elements of the same parity from the number of all possible subsets of {1, . . . , n};
that is,
⎧  2 2
⎪
⎪ m +m+2
⎪
⎨2 −
2m
if n = 2m,
2
⎪
⎪
⎩22m−1 − m + m + 2 · m − m + 2 if n = 2m − 1.
2 2
⎪
2 2
42 Given an element x ∈ Z/40Z we shall call c(x) ∈ {0, 1, 2, 3} the colour of x.
Partition the set Z/40Z into ten subsets A0 , . . . , A9 , each containing four elements,
with Ai being the set of elements of Z/40Z that are congruent to i modulo 10.
No conditions are imposed on the colours of elements belonging to different Ai ’s,
so we may colour elements in each Ai independently.
Let us consider the number of possible colourings of Ai = {i, i + 10, i + 20,
i + 30} that satisfy the given requirement. There are two possibilities: either 1 i
and i + 20 are assigned the same colour or 2 i and i + 20 are assigned different
colours.
1 In the first case, there are four ways to choose the colour of i and i + 20; the
other two elements must be assigned a different colour than the one chosen: we can
assign any of the remaining three colours to each of the two independently. There
are in this case 4 · 32 = 36 valid colourings.
2 In the second case, there are four ways to choose the colour of i and three
ways to choose the colour of i + 20 (one for each colour that is, not the one chosen
for i). The other two elements can be coloured independently of each other, each
with any one of the two remaining colours. We get 4 · 3 · 22 = 48 valid colourings.
The total number of ways to colour a single Ai is thus 36 + 48 = 84. Since there
are ten sets Ai and each can be coloured independently, the total number of legal
colourings is 8410.
43
(i) There are two ways to colour a row completely white or completely black,
so 2n − 2 ways to colour it so that it is neither. Moreover, we can choose
row colourings independently of each other. Thus, the number of possible
colourings is (2n − 2)n .
(ii) We need to choose n cells in such a way that there is exactly one per row
and one per column, and colour them black. In other words, if in the ith row
we choose the cell belonging to the σ (i)th column, we require the mapping
i −→ σ (i) to be a permutation of the set {1, . . . , n}. This yields n! possibilities.
(iii) In each row, we shall choose n/2 cells which will  n be coloured white; all
remaining cells will be coloured black. There are n/2 ways to colour each
row. Since rows can be coloured
n n independently of each other, the required total
number of colourings is n/2 .
2 Combinatorics 121

44
Solution 1 We shall first solve the problem by means of some properties of
binomial coefficients.
Both sums have a null summand given by k = 0: we may of course disregard
  it. It
immediately follows from the definition of binomial coefficients that k nk = n n−1
k−1 .
Hence, we have:
n  n  n 
  n−1
n−1
(i) k nk = k nk = n n−1
k−1 = n h = n2n−1 .
k=0 k=1 k=1 h=0
n 
2 n

n  
n−1 n−1  n−1
n−1  n−1
n−1
(ii) k k = kn n−1
k−1 = n (h + 1) h = n h h + n h .
k=0 k=1 h=0 h=0 h=0
By using the first identity for n − 1 ≥ 1 and by a direct check for n − 1 = 0,
we finally obtain
n  
2n
k = n(n − 1)2n−2 + n2n−1 = (n2 + n)2n−2 .
k
k=0

Solution 2 We also propose a solution by induction.

 
(i) Set p(n) : nk=0 k nk = n2n−1 ; we shall show that p(n) holds for n ≥ 1 by
  
induction on n. For n = 1 we have 1k=0 k nk = 11 = 1 so p(1) holds.
Now assume that n ≥ 1 and that p(n) holds; we shall show p(n + 1). We have
n+1 n+1    n 
k=0 k k = nk=1 k( nk + k−1 ) + (n + 1) n+1
n+1
    
= nk=1 k nk + nk=0 (k + 1) nk − (n + 1) nn + n + 1
   
= n2n−1 + nk=0 k nk + nk=0 nk
= n2n−1 + n2n−1 + 2n
= (n + 1)2n
 
where we have used the fact that p(n) holds, that is, nk=0 k nk = n2n−1 , and
n n
that k=0 k = 2n . This concludes our proof that p(n + 1) holds.
(ii) Again, we
nshall2 proceed by induction on n, this time to prove the proposition
n
q(n) : k=0 k k = n(n + 1)2n−2 . Again, q(1) holds trivially, so we may
assume that n ≥ 1 and q(n) holds. Using what was proved in (i) we have
n+1 2 n n 
2 n
 n 
2 n+1
k=0 k k = k=1 k ( k + k−1 ) + (n + 1) n+1
    
= nk=1 k 2 nk + nk=0 (k + 1)2 nk − (n + 1)2 nn + (n + 1)2
     
= n(n + 1)2n−2 + nk=0 k 2 nk + 2 nk=0 k nk + nk=0 nk
= n(n + 1)2n−1 + n2n + 2n
= (n + 1)(n + 2)2n−1

so q(n + 1) also holds.

122 3 Solutions

Solution 3 Here is a more combinatorial solution.

.
(i) Let X be the set {1, 2, . . . , n} and let F = {(A, a) | a ∈ A ⊆ X}, that is, the set
of all subsets A of X equipped with a distinguished element a of A. We shall
compute the cardinality of F in two separate ways. 
First, choose a subset A of X with cardinality k: there are nk ways to do this;
next, there are k ways to choose a distinguished elementa in A. Thus, since A
can have cardinality 0, 1, . . . , n, the cardinality of F is nk=0 k nk .
Alternatively, we can choose an element a of X in n possible ways, then choose
a subset A of X containing a. Since X has cardinality n and a must be an
element of A, we have 2n−1 possibilities for A. Thus, the cardinality of F is
n2n−1 . This shows the required identity.
(ii) We will argue as before, this time for the set G = {(A, a, b) | a, b ∈ A ⊆ X}
of all subsets A of X with two distinguished elements a and b, which may
coincide. 
We can choose a k-subset A of X in nk ways and we then have k 2 ways to
 
choose a and b in A. So the cardinality of G is nk=0 k 2 nk .
On the other hand, we can also proceed as follows. First, consider the case
a = b: we can choose the distinguished element in n ways, after which there
are 2n−1 ways to choose the subset A of X in such a way that it contains a.
As for the case a = b, we can choose a in n ways, b in n − 1 ways and
then A in 2n−2 ways (it must contain both a and b). This gives a cardinality of
n2n−1 + n(n − 1)2n−2 = n(n + 1)2n−2 for G, hence the required identity.
Solution 4 In this final solution we will use the binomial theorem.
Let R[x] be the ring of polynomials in the variable x. Write D : R[x] −→ R[x]
ν
for the operation of taking the derivative and R[x] f (x) −→ f (1) ∈ R for
evaluation in 1.
.
(i) Consider the polynomial p(x) = (1 + x)n and evaluate its derivative in 1: we
have ν(D(p(x))) = ν(n(1 + x)n−1 ) = n2n−1 . But we  may also write out the
development given by the binomial theorem, p(x) = nk=0 nk x k , which yields

n   n  
n k−1 n
ν(D(p(x))) = ν( k x )= k
k k
k=1 k=1

from which the desired identity follows.

μ
(ii) Also consider the mapping R[x] f (x) −→ xf (x) ∈ R[x] given by
multiplication by x. Apply νDμD to the polynomial p(x) = (1 + x)n . We
have

νDμD(1 + x)n = νD(nx(1 + x)n−1 )

= nν((1 + x)n−1 + (n − 1)x(1 + x)n−2 )
= n(2n−1 + (n − 1)2n−2 )
= n(n + 1)2n−2 .
2 Combinatorics 123

By the binomial theorem, we also have

 
νDμD(1 + x)n = νDμD( nk=0 nk x k )
 
= nk=0 nk νDμD(x k )
 
= nk=0 nk νD(kx k )
 
= nk=0 nk ν(k 2 x k−1 )
 
= nk=0 k 2 nk

which proves the identity.

45 Remark that the we are imposing independent and entirely symmetric
requirements on digits at even places and digits at odd places. If we had N
possibilities for the digits at odd places, then the cardinality we are looking would
be N 2 .
It is therefore enough to find the number of 15-tuples (a1 , a3 , . . . , a29 ) of 0s and
1s such that their sum is at most 2. In particular, the sum can be 0, 1 or 2. A sum
of 0 is obtained only for a1 = a3 = · · · = a29 = 0. In order for the sum to be
1, all digits except for exactly one must be 0, so there are 15 possibilities. Finally,
in order for the sum to be 2 all digits must be 0 except for two,  which must be 1
and need to be chosen among 15 places, which can be done in 15 2 ways. This gives
1 + 15 + 105 = 121 = 112 possibilities in total.
In conclusion, the required cardinality is 114 .
46
(i) We wish to find the number of sets A = {a, b, c} ⊆ X such that a + b = 10.
The equality a + b = 10 with a = b in X is satisfied if and only if {a, b} is one
of the following two-element sets: {1, 9}, {2, 8}, {3, 7} or {4, 6}; thus there are
four ways to choose the set {a, b}. The set A is obtained by choosing a set from
the list above and adding an element c that does not already belong to it. This
can be done in 98 ways, regardless of which of the 4 sets has been chosen. The
sets constructed in this way are all distinct, so we obtain 4 · 98 = 392 in total.
(ii) Let X5 be the subset of X consisting of all multiples of 5; clearly, |X5 | = 20.
The sets A = {a, b, c} we are considering either consist of 3 multiples of 5 or
contain exactly 2 multiples
 of 5. Those of the first type are all three-element
subsets of X5 : there are 20
3 ; those of the second type can be constructed by
20
choosing two elements in X5 and one outside, and so there are 2 · 80. The
 20
total number of sets with the required property is 20 3 + 2 · 80.

47 Given an element x of Z/2100 Z, write it as x = 2α x1 with x1 odd and 0 ≤

α ≤ 100. For α = 100 we have x = 0; given α < 100, choosing x is equivalent to
choosing x1 among all odd residue classes modulo 2100−α ; there are φ(2100−α ) =
299−α such classes.
124 3 Solutions

Now let x = 2α x1 , with x1 odd; the equation xy = 0 can be rewritten as

1 y ≡ 0 (mod 2
2α x 100 ). Solutions y are residue classes modulo 2100 such that y ≡ 0

(mod 2 100−α ): there are 2α .

In conclusion, for 0 ≤ α ≤ 99 there are 299−α · 2α = 299 pairs (2α x1 , y) as
required; for α = 100, we have x = 0 and the equation is satisfied by all possible
values of y. The total number of solutions is therefore

99
299 + 2100 = 100 · 299 + 2100 = 51 · 2100.
α=0

48

(i) The number of teams of 4 one can form from a set of 13 people is 13 . Among
114
these teams, those that include any two fixed people p and q are 2 (2 of the
4 people on the team are p and q; the 2 remaining people are selected among
the other 11
 available).
13 The probability of p and q being in the chosen team is
therefore 112 / 4 = 1/13. The probability that p and q do not both belong to
the team is 12/13. 
(ii) Let n be the number we are looking for. One can form 42 = 6 possible
unordered
 pairs of people from a team; since the total number of unordered
pairs is 13
2 = 78, we must have 78 = 6n, hence n = 13.

49 Let X = {0, 1, . . . , 100}. We know that the positive divisors d of 2100 3100 are
the numbers of the form 2x 3y with x, y ∈ X; we must find out which of those satisfy
the congruence

2x 3y ≡ 4 (mod 5).

Remark that 3 ≡ 2−1 (mod 5), so the congruence above can be rewritten as
2x−y ≡ 22 (mod 5). Its solutions are given by x − y ≡ 2 (mod 4) since the
multiplicative order of 2 modulo 5 is 4.
Since the set X has 26 elements congruent to 0 modulo 4 and 25 elements in
each of the other classes modulo 4, the number of pairs (x, y) ∈ X × X such that
x ≡ y + 2 (mod 4) is 26 · 25 + 25 · 25 + 25 · 26 + 25 · 25 = 2550.
50
(i) Let A = {x, y} be a two-element subset of X. In order for x + y to be divisible
by 4 we must have one of the following: x and y are both divisible by 4; x and
y are both congruent to 2 modulo 4; or, finally, one among x and y is congruent
to 1 modulo 4 and the other to 3 modulo 4.
In the first case, A must be contained in the subset  of X consisting of all
multiples of 4, which has 25 elements; this leads to 25
2 possibilities. Similarly,

the second case also leads to 25
2 possibilities.
2 Combinatorics 125

In the last case, A can contain any of the 25 elements congruent to 1 and any of
the 25 congruent to 3 modulo 4, so it can be chosen in 252 ways.
Summing the results obtained so far yields the answer 2 · 25 2 + 25 .
2

(ii) Let A = {a, b, c} be a three-element subset of X. We may assume a < b < c.

There are x = a − 1 numbers in X that are strictly less than a; there are y =
b − a − 1 strictly between a and b and z = c − b − 1 strictly between b and c;
there are t = 100 − c strictly larger than c.
Clearly, the subset A is entirely determined by the choice of x, y, z, t. Moreover,
we must have x + y + z + t = 97. By assumption, y and z are both positive.
Setting x = x + 1 and t = t + 1 we have that x and t are also positive; the
condition on x , y, z, t becomes x + y + z + t = 99, which has 98 3 solutions
in the positive integers.
51
(i) There are nine possibilities for the pair (mf , Mf ), that is, (1, 2), (2, 3), . . . ,
(9, 10). Each of them corresponds to maps taking only two possible values,
under the condition that both values are actually attained. Once we fix the pair
that a map takes values in, all we have to do is exclude the constant maps, so
we have 210 − 2 possibilities. Given the nine possible choices of (mf , Mf ), the
number of maps with the required property is 9 · (210 − 2).
(ii) The set of maps from {1, 2, . . . , 10} to itself consists of 1010 elements. We
need to remove from this set all maps such that Mf = 10 or mf = 1. Let
A = {f ∈ X | Mf = 10}, B = {f ∈ X | mf = 1}. Both A and B are the sets
of all maps from a set of ten elements to a certain set of nine elements, while
A ∩ B is the set of maps from a ten-element set to a set of eight elements. It
follows that

|A ∪ B| = 910 + 910 − 810 ,

so the cardinality we want is 1010 − 2 · 910 + 810 .

52 We can rewrite the equation as n − φ(n) = 8. Clearly, n cannot be equal to 1,
so it must have prime divisors.
First, assume that only one prime appears in the prime factorisation of n, so
n = pa for some prime p and some exponent a ≥ 1. Then n − φ(n) = pa − (pa −
pa−1 ) = pa−1 , hence pa−1 = 8, that is, p = 2, a − 1 = 3, which gives the solution
n = 24 = 16.
Next, assume that n = pa q b has exactly two distinct prime factors p and q, with
p < q. Then n − φ(n) = pa q b − (pa − pa−1 )(q b − q b−1 ) = pa−1 q b−1 (p + q − 1).
It follows that pa−1 q b−1 | 8.
If pa−1 q b−1 = 1, then p + q − 1 = 8 and so, since p + q = 9 is odd, one of
the two summands must be even: we must have p = 2 and q = 7. This yields the
solution n = 14.
126 3 Solutions

If pa−1 q b−1 = 2, then p + q − 1 = 4, which has the unique solution p = 2,

q = 3. This yields the solution n = 22 · 3 = 12.
If pa−1 q b−1 ≥ 4, then p + q − 1 ≤ 2, which is clearly impossible.
Finally, assume n has at least three distinct prime factors p, q, r, with p < q < r.
Then the set of integers {1 ≤ x ≤ n | p divides x} contains at least qr ≥ 3 · 5 = 15
numbers that are not coprime to n, so n − φ(n) ≥ 15.
In conclusion, the solutions of the given equation are n = 12, 14, 16.
53
(i) The set of fixed
 points is a 10-element subset of a set of 100 elements, so it can
be chosen in 100
10 ways. The other 90 elements must not be fixed, so each can
be sent to 99 possible elements, all but the element itself. The number of maps
with the required property is therefore
 
100
· 9990.
10

(ii) There are two ways to obtain x∈X |f (x) − x| = 2: either there is only one
element x which is not fixed by f and we have |f (x) − x| = 2, or there are
exactly two elements x, y not fixed by f and we have |f (x)−x| = |f (y)−y| =
1.
In the first case, there are two possibilities for f (x) if x = 1, 2, 99, 100 and
one otherwise. In the second case, there are two possibilities for the image of
each element of the pair x, y, unless at least one of the elements belongs to
A = {1, 100}.
If only one of the two belongs to A, then there is one way to choose its image
and there are two choices for the image of the other element. If the set {x, y} is
A then there is only one choice for the two images.
In conclusion, the number of maps we are looking for is
 
98
2 · 100 − 4 + · 4 + 2 · 98 · 2 + 1 = 19601.
2

54

(i) The number of all five-element subsets of X is 20 5 . For each subset A
containing five elements, the subset B must have exactly seven elements that
do not belong to A and any number of elements in common with A. Therefore,
once we fix A, the number of choices for B is 15
7 · 2 5 . The answer is thus

   
20 15
· · 25 .
5 7
2 Combinatorics 127


(ii) We can choose the set Y = (A ∪ B) ∩ C in 20 8 ways. Given an element of
Y , it can belong to A \ B, B \ A or A ∩ B; consequently, we have 38 ways to
distribute the elements of Y among A and B.
By a similar argument, each element of X \ Y can be assigned to any one of five
sets: X \ (A ∪ B ∪ C), A \ (B ∪ C), B \ (A ∪ C), C \ (A ∪ B) or (A ∩ B) \ C.
This gives 512 ways to place elements of X \ Y .
We have
 
20
· 38 · 512.
8

choices in total.
55

(i) The strings with k even components are 10 k ·3 ·2
k 10−k . Indeed, they can be

constructed by choosing k positions among the ten available and assigning them
even values, that is, 0, 2 or 4, whereas the remaining 10 − k positions are
assigned odd values, that is, 1 or 3. The strings we want are those with 6, 7,
8, 9 or 10 even components and are therefore

10  
10
· 3k · 210−k = 37 · 2827.
k
k=6

(ii) We can interpret strings as sequences of digits in the base 5 representation of

a natural number: (a0 , . . . , a9 ) −→ a0 + a1 5 + · · · + a9 59 . By remarking that
5 ≡ −1 (mod 6), we obtain that the strings we have to count are those such
that
9
a0 + a1 5 + · · · + a9 59 ≡ (−1)i a1 ≡ 0 (mod 6),
i=0

that is, all those that correspond to a multiple of 6. Strings with ten components
correspond to natural numbers between 0 and 510 − 1 (inclusive); among these,
there are "510/6# multiples of 6.
[[Since 52≡ 1 (mod 6), we have 510 ≡ 1 (mod 6). It follows that "510 /6# = 1 + (510 −
1)/6 = 1 + (55 − 1)(55 + 1)/6 = 1 + (55 − 1)(5 + 1)(54 − 53 + 52 − 5 + 1)/6 =
1 + (55 − 1)(54 − 53 + 52 − 5 + 1) = 59 − 58 + 57 − 56 + 55 − 54 + 53 − 52 + 5.]]

56
(i) Let A ∈ X, a = min A and b = max A. We have b = 60 + a, so, since b ≤ 100,
there are 40 possible values for a, that is, the integers from 1 to 40. Sets A ∈ X
with min A = a and max A = b are constructed by choosing A \ {a, b} to be
any subset of {a + 1, . . . , a + 59}, in one of 259 possible ways. We therefore
have |X| = 40 · 259 = 262 · 5.
128 3 Solutions

(ii) Let N2 and N5 be the subsets of N consisting of all elements that are not
multiples of 2, and not multiples of 5, respectively. Set Yi = {f ∈ Y | f (N) ⊆
Ni } for i = 2, 5. We have Y = Y2 ∪Y5 and Y2 ∩Y5 = {f ∈ Y | f (N) ⊆ N2 ∩N5 },
so |Y | = |Y2 ∪ Y5 | = |Y2 | + |Y5| − |Y2 ∩ Y5 | = |N2 |100 + |N5 |100 − |N2 ∩ N5 |100 .
Now |N2 | = 50, |N5 | = 80 and |N2 ∩ N5 | = 40, because half of the non-
multiples of 5 are odd and half are even. We therefore have |Y | = 50100 +
80100 − 40100.
57 In order to count pairs (α, β) satisfying the required conditions we shall
distinguish three cases.
1 The word α is spelled with only one letter: there are 26 words of this type,
one for each letter in the alphabet, and in this case β is any word of length 3 formed
with the 25 remaining letters, so there are 253 possible choices for β.
26
2 The word α is spelled with two letters: there are 2 · 6 words of this type, as
many as the ways one can choose two letters from the alphabet, times the number
of words of length 3 one can form using both letters. In this case, β is any word of
length 3 formed with the 24 remaining letters, so we have 243 possible choices for
β.
3 Finally, assume that the word α is spelled with three different letters: there

are 263 · 3! words of this type, as many as the ways to choose three letters from the
alphabet, times the number of possible permutations of three letters. In this case β is
any word of length 3 formed with the 23 remaining letters, so there are 233 possible
choices for β.
The total number of pairs satisfying the required condition is
   
3 26 3 26
26 · 25 + · 6 · 24 + · 3! · 233 .
2 3

58
(i) We can construct
 the required pairs (A, B) by choosing the 40 elements of A∪B
in one of 100 ways, then selecting 10 of those elements to be the elements
40 
of A, which can be done in 40 10 ways, and, finally, choosing the subset of A
representing the intersection with which we have 210 choices. It follows
100B,40for 10
that the cardinality we want is 40 10 2 .
(ii) Call Γ the set of all subsets with the required
! properties and let Σ be the set of
five-element subsets A of X such that x∈A x ≡ 0 (mod 9). We have |Γ | =
100
5 − |Σ|.
In order to compute the cardinality of Σ, consider the partition given by:
' ! &
Σ3 = {A ⊆ X ' |A| = 5, x∈A x ≡
 0 (mod 3)
' ! ! &
Σ9 = {A ⊆ X ' |A| = 5, x∈A x ≡ 0 (mod 3), x∈A x ≡ 0 (mod 9) .

Now, |Σ3 | = 100−33 since we can choose the five elements of A among the
5 
100 − 33 elements that are not divisible by 3. Moreover, |Σ9 | = 100−33
4 · 22:
2 Combinatorics 129

we need to choose four elements that are not divisible by 3 and a fifth that is
divisible by 3 but not by 9, for which we have 22 choices (there are 33 multiples
of 3, 11 of which are also multiples of 9).
We thus obtain
     
100 100 − 33 100 − 33
|Γ | = − − · 22.
5 5 4

59 Denote by Tk the score after the first k rolls, and by Pk the probability that Tk is
divisible by 7; we wish to compute Pn . Clearly, Tn = Tn−1 +i, where i ∈ {1, . . . , 6}
is the score of the nth die roll, so Tn ≡ 0 (mod 7) if and only if i ≡ −Tn−1
(mod 7). It follows that if Tn−1 ≡ 0 (mod 7) then it is not possible to obtain a
multiple 7, whereas if Tn−1 ≡ 0 (mod 7) then there is a unique value of i which
would yield a multiple of 7.
What we have just shown is that Pn satisfies the recurrence relation Pn = (1 −
Pn−1 )/6.
Keeping in mind that P1 = 0, one can easily show by induction that
 
1 (−1)n
Pn = 1 + n−1 .
7 6

60
(i) Since (2, 3) = 1, the equation does have integer solutions. One particular
solution of the equation 2x + 3y = 1 is x = −1, y = 1, so a particular solution
of 2x + 3y = 100 is x = −100, y = 100, and a general solution (with x, y
integers) has the form x = −100 + 3k, y = 100 − 2k, where k ∈ Z.
We have x > 0 if and only if −100 + 3k > 0, that is, 3k > 100, or equivalently
k ≥ 34. We have y > 0 if and only if 100 − 2k > 0, that is, 2k < 100, or in
other words k < 50.
We thus have a solution in the positive integers for each k with 34 ≤ k < 50,
so there are 16 such solutions. 
(ii) The equation x + y + z = 100 where x, y, z are positive integers has 99 2
solutions; these are in bijection with the subsets {x, x + y} of {1, 2, . . . , 99}.
Naturally, all these solutions are ordered triples (x, y, z) with x, y, z ∈
{1, 2, . . . , 100}, but only those such that x, y, z are all different correspond to
three-element subsets of {1, 2, . . . , 100}. To be more precise, six solutions of
this type correspond to a single three-element subset, whose elements can be
ordered in 3! = 6 ways.
Solution triples with exactly two equal values are of the form (x, x, y), (x, y, x)
or (y, x, x), with 2x + y = 100. Since we must have y = 100 − 2x, the value
of y is determined by the value of x, and the inequalities x > 0, y > 0 give
0 < x < 50, that is, 49 possible values for x. By considering the three possible
forms of the solutions, one obtains 3 · 49 solutions of this type.
There are no solutions where the three unknowns take the same value, since
3x = 100 has no integer solutions.
130 3 Solutions

Therefore,
99 the solutions with the unknowns taking three different values are
2 − 3 · 49 = 96 · 49 and the number of sets we want is 96 · 49/6 = 784.
61 For n = 1 we have φ(n) = 1, so for a = 43 the equation has a solution.
From now on, assume n > 1, so that φ(n) < n, that is, a < 43. By rearranging the
formula for Euler’s totient function φ we obtain

φ(n)  p−1 a
= = ,
n p 43
p|n

where the product ranges over all primes that divide n. The largest prime q that
divides n certainly appears in the denominator of φ(n)/n, so q = 43. If 43 is the
only prime that divides n then n = 43k for some positive integer k and φ(n)/n =
42/43, so a = 42.
Now assume there is at least another prime that divides n and let q1 be the largest
such prime. If q1  42, then q1 appears in the denominator of φ(n)/n, which gives
a contradiction. We therefore have q1 = 2, 3 or 7. Also remark that 5  n, because,
even if we had q1 = 7, if 5 were a divisor of n then the denominator of φ(n)/n
would be divisible by 5, hence a contradiction.
If follows that n can only be of the form n = 2x 3y 7z 43t , with x, y, z ≥ 0 and
t > 0. By considering the eight different cases given by each among x, y and z
being either equal to or strictly greater than 0, one obtains the eight possible values
of a that are less than 43, that is: 42, 36, 28, 24, 21, 18, 14, 12.
62
(i) We can rewrite the congruence in the statement as (a − 1)(b − 1) = ab − a −
b + 1 ≡ 1 (mod 3). We are therefore considering all subsets {a, b} of X with
a − 1 ≡ b − 1 ≡ 1 (mod 3) or a − 1 ≡ b − 1 ≡ −1 (mod 3). If the first holds
then a ≡ b ≡ 2 (mod 3) and if the second does then a ≡ b ≡ 0 (mod 3). The
number of elements of X that are congruent to 2 modulo 3 is 33, the same as
the number of elements of X congruent to zero modulo 3. Hence there are 33
 2
subsets of each of the two types and the answer is 2 · 33 2 = 33 · 32 = 1056.
(ii) Let S be the family of all subsets {a, b} of X such that ab ≡ 0 (mod 3), and
let T be the family of all subsets {a, b} of X such that a + b ≡ 0 (mod 3).
The number we want is |S ∪ T |; by the inclusion-exclusion principle, we have
|S ∪ T | = |S| + |T | − |S ∩ T |.
The subsets in S are those that contain at least one multiple of 3, so the
complement of S among all two-element subsets of X comprises  all subsets
that do not contain a multiple of 3. It follows that |S| = 100 2 − 2
67
=
50 · 99 − 67 · 33 = 33 · 83.
The subsets in T are those for which  b ≡ −a (mod 3). So we must either have
a ≡ b ≡ 0 (mod 3), and there are 33 2 subsets of this type, or one element must
be congruent to 1 and the other to −1 modulo 3, and there are 34 · 33 subsets of
this second type. In total, |T | = 33 · 16 + 33 · 34 = 33 · 50.
2 Combinatorics 131

The subsets in S ∩ T are those with both elements divisible by 3: there must be
one multiple of 3 because the subset belongs to S, and therefore both elements
33 be multiples of 3 in order for the subset to belong to T . Hence |S ∩ T | =
must
2 = 33 · 16.
In conclusion, |S ∪ T | = 33 · (83 + 50 − 16) = 33 · 97 = 3201.
63
(i) For each σ ∈ S(X) we clearly have

100 100 100

(σ (i) − i) = σ (i) − i = 0,
i=1 i=1 i=1

hence
100
(σ (i) − i) ≡ 0 · |X0,σ | + 1 · |X1,σ | + 2 · |X2,σ | ≡ 0 (mod 3),
i=1

that is, |X1,σ | ≡ −2 · |X2,σ | ≡ |X2,σ | (mod 3).

(ii) Partition the set X as X0  X1 , where X0 is the subset of even numbers in X
and X1 the subset of odd numbers. Given a permutation σ , partition X0 and X1
as follows: X0 = X0,0 σ  X σ and X = X σ  X σ , where X σ = {x ∈ X |
0,1 1 1,0 1,1 i,j i
σ (x) ∈ Xj } for i, j = 0, 1.
It is clear that |X0,1
σ | can be any integer k with 0 ≤ k ≤ 50 and that, if |X σ | =
0,1
k, then |X1,0σ | = k and |X σ | = |X σ | = 50 − k. We therefore have 50
0,0 1,1 k
independent choices for X0,1σ and for X σ , whereas the two sets X σ and X σ
1,0 0,0 1,1
are fixed once the first two are chosen, as they are their complements.
Moreover, the condition in the statement is satisfied if and only if the fol-
lowing requirements hold: σ (X0,1 σ ) = X σ , which corresponds to k! choices;
1,0
σ (X1,0 ) = X0,1 , with k! choices; σ (X0,0
σ σ σ ) = X σ , with (50 − k)! choices,
0,0
and finally σ (X1,1σ ) = X σ , with (50 − k)!. It follows that the number of
1,1
permutations with the required property is

50   50
50 2
(k!)2 · ((50 − k)!)2 = (50!)2 = 50!2 · 51!
k
k=0 k=0

64
(i) Let us write x = 2α1 5β1 , y = 2α2 5β2 , z = 2α3 5β3 , where α1 , α2 , α3 and
β1 , β2 , β3 are non-negative integers. The condition on x, y, z is equivalent to
the system

α1 + α2 + α3 = 100
β1 + β2 + β3 = 100.
132 3 Solutions

The two equations are independent and each has as many solutions as the non-
negative integer solutions of the equation t1 + t2 + t3 = 100, that is, 102
2 .
102 2
Therefore the required number of triples is 2 .
(ii) The condition is equivalent to the system

2α1 + α2 + α3 = 100
2β1 + β2 + β3 = 100

and again the two equations are independent. By symmetry, we may count the
solutions of the first equation, which is equivalent to the inequality

2α1 + α2 ≤ 100;

indeed, the inequality holds for any solution of the original equation and, if
α1 , α2 satisfy the inequality, there is a unique α3 such that 2α1 +α2 +α3 = 100.
The inequality has 101 − 2α1 solutions for each possible value of α1 between 0
and 50 inclusive. In total we have
50
(101 − 2α1 ) = 512
α1 =0

solutions, and thus the number of possible triples is 512 · 512 = 514 .
65 We shall consider two separate types of maps: 1 those for which 1 ∈ Im(f )
and 2 those for which 1 ∈ Im(f ).
1 If 1 ∈ Im(f ), then f (a) = 1 and f (b) = 1, so the number f (a) · f (b) cannot
be a prime for any choice of a and b in X \ {1}. Since |X \ {1}| = 9, there are 910
maps of this type.
2 If 1 ∈ Im(f ), then there exists c ∈ X such that f (c) = 1. Consequently, in
order for the map f to fulfil the requirement, f (a) cannot be a prime for any a in
X; indeed, if this weren’t the case then the number f (a) · f (c) = f (a) would be
prime. On the other hand, if f (a) is a composite number for all a in X such that
f (a) = 1 then the map f does satisfy the condition.
What we have to do is find the number of all maps such that their image is
contained in X \ {2, 3, 5, 7} and 1 ∈ Im(f ). In order to do this, we can count maps
from X to X \ {2, 3, 5, 7} and subtract the number of maps such that 1 ∈ Im(f ),
that is, maps from X to X \ {1, 2, 3, 5, 7}. There are 610 maps X → X \ {2, 3, 5, 7}
and 510 maps X −→ X \ {1, 2, 3, 5, 7}, hence 610 − 510 maps of this second type.
2 Combinatorics 133

Summing the numbers obtained for case 1 and case 2 yields 910 +610 −510 maps
in total.
[[In order to count maps of the second type, that is, maps X −→ X \ {2, 3, 5, 7} such that 1 ∈
Im(f ), we may also count maps with |f −1 (1)| = k for each k ≥ 1 and then sum over all possible
cardinalities. Indeed, the number we want is equal to
10 10 10
k=1 |{f : X −→ X \ {2, 3, 5, 7} | |f −1 (1)| = k} = k=1 k 510−k
10 10 10
= k=0 k 5
10−k − 0 510
= 610 − 510 .

]]
66
(i) Teams that satisfy the requirement can be constructed by choosing two pairs of
twins among the n available, which can be done in n2 ways, then completing
the team with two people that are not twins, selected from the remaining n − 2
pairs. The latter selection amounts to choosing
 two pairs of twins among the
remaining n − 2, which can be done in n−2 2 ways, then choosing one twin
from each, which can be done in 22 ways. In conclusion, there are
  
n n−2 2
2 = n(n − 1)(n − 2)(n − 3)
2 2

teams satisfying the requirements.

(ii) In order to find the number of valid partitions we shall first find the number of
all possible partitions into four teams of six and then subtract the number of all
partitions such that each pair of twins is on the same team. Forming 4 teams of
6 with 24 people is the same as partitioning a 24-element set into 4 subsets with
6 elements each. The number of such partitions is
    
1 24 18 12 6 24!
= .
4! 6 6 6 6 4!7204

We need to subtract the number of partitions such that each pair of twins is on
the same team, that is
    
1 12 9 6 3 12!
= .
4! 3 3 3 3 4!64

24! 12!
The answer is therefore 4
− .
4!720 4!64
67
(i) For all x ∈ N the integers x 100 and x have the same parity, so we must find
the number of all subsets A of X = {1, . . . , 100} such that a∈A a is even. A
134 3 Solutions

subset A satisfies this condition if and only if it contains an even number of odd
elements.
Consider the partition of X given by the sets X0 = {2, 4, . . . , 100} and X1 =
{1, 3, . . . , 99}, which contain 50 elements each. As with all nonempty sets, there
are as many subsets of X1 with even cardinality as with odd cardinality; there
are therefore 249 subsets of X1 with an even number of elements. It follows that
the cardinality we are looking for is 250 · 249 = 299 .
(ii) Let (A, B) be a pair of subsets of X satisfying the requirements; consider the
partition of A ∪ B given by A = A \ (A ∩ B), B = B \ (A ∩ B) and C =
A ∩ B. According to the conditions on (A, B), A and B can be any disjoint
sets, whereas the set C, which is also disjoint from A and B , must be chosen
to satisfy one of the following: 1 C contains exactly one element which is a
multiple of 4 but not of 8, 2 C contains exactly two elements which are even
but not multiples of 4.
Remark that X contains 25 = 50 −25 elements that are multiples of 2 but not of
4 and 13 = 25 − 12 elements that are multiples of 4 but not of 8. Constructing a
pair (A, B) is equivalent to constructing a triple (A , B , C) and, in order to find
the number of such triples, we shall consider case 1 and case 2 separately.
In case 1 we have 13 ways to choose the one multiple of 4 appearing in C. We
then have three choices for each of the 49 even elements of X, each of which
can be put in A , in B or in neither of the two sets. Finally, each of the 50 odd
elements of X can be chosen to be a member of A , B , C or of none of the
three sets, so we have four possible choices for each. This yields 13 · 349 · 450
possibilities in total. 
Similarly, in case 2 we have 25 2 choices for the pair of even elements we
assign to C. Each of the remaining 48 even elements of X can be assigned
to A , to B or to neither and, finally, each of the 50 odd elements  of X can
be assigned to A , B , C or to none of the three sets. We have 25 2 · 348 · 450
possibilities.
Summing the numbers obtained in the two cases we get the answer
 
25
13 · 349 · 450 + · 348 · 450 = 113 · 349 · 2100.
2

3 Congruences

68 Remark that 13 ≡ 64 ≡ 26 (mod 17) and thus the first equation becomes 2ax ≡
26 (mod 17). Since the order of 2 in (Z/17Z)∗ is 8, we have ax ≡ 6 (mod 8). This
equation implies that a and x cannot both be even; indeed, if they were we would
have both ax ≡ 0 (mod 4) and ax ≡ 2 (mod 4), impossible. We shall distinguish
the cases a even and a odd.
3 Congruences 135

1 If a is even then (as we just showed) x is odd, so x − 2 is invertible modulo

4. From the second equation we get x ≡ a (mod 4) which is impossible because it
implies x even.
2 If a is odd, then x is even, say x = 2y, from which the first equation becomes
2ay ≡ 6 (mod 8), hence ay ≡ 3 (mod 4). Now, from a being odd we obtain
a 2 ≡ 1 (mod 4), so the first equation becomes y ≡ −a (mod 4); hence y is odd.
Substitute x = 2y into the second equation to obtain (2y −a)(2y −2) ≡ 0 (mod 4),
that is, y − 1 ≡ 0 (mod 2), which holds because y is odd.
In conclusion, for a odd, the solution is x ≡ −2a (mod 8).
69 Since 2 ∈ (Z/9Z)∗ , we must also have a ≡ 2x ∈ (Z/9Z)∗ . So a ≡ 0 (mod 3),
hence x ≡ a 2 ≡ 1 (mod 3).
The order of (Z/9Z)∗ is 6 and 2 is a generator. Moreover, x ≡ 1 (mod 3) implies
that x can be congruent to 1 or to 4 modulo 6. In the first case, a ≡ 2x ≡ 2 (mod 9),
whereas in the second case a ≡ 2x ≡ −2 (mod 9). So the condition a ≡ ±2
(mod 9) is necessary.
On the other hand, if a ≡ 2 (mod 9) then x ≡ 1 (mod 3) is a solution of the
system, whereas if a ≡ −2 (mod 9) then x ≡ 4 (mod 6) is a solution.
70 From the second congruence we get that 4 = (4, 24) divides a 2 and thus a is
even, say a = 2b. The second congruence becomes x 2 ≡ b 2 (mod 6).
The first congruence can be rewritten as 2x ≡ 32b ≡ (32 )b ≡ 2b (mod 7). It is
equivalent to x ≡ b (mod 3) because 3 is the order of 2 in (Z/7Z)∗ . For a = 2b
even, the system is therefore equivalent to

x 2 ≡ b2 (mod 6)
x ≡ b (mod 3).

From the first equation we get x ≡ x 2 ≡ b2 ≡ b (mod 2); we thus must have
x ≡ b (mod 6). But this condition is clearly sufficient. In conclusion, the system
has solutions for all even a.
71 Remark that the order of 2 in (Z/13Z)∗ is 12, that is, 2 is a generator of that
group, and that 3 ≡ 24 (mod 13). The second congruence yields that x − 1 = 3y
for some integer y. Then the first congruence becomes

(24 )3y(3y+2) = 212y(3y+2) ≡ 1 ≡ 2a (mod 13).

Such a congruence has a solution if and only if a ≡ 0 (mod 12), in which case
x ≡ 1 (mod 3) is the solution of the system.
72 First of all remark that 2 has order 3 in (Z/7Z)∗ , so 2x only depends on
the residue class modulo 3 of x. Moreover, the second equation is equivalent
to the systems x ≡ ±1 (mod 3), x ≡ ±1 (mod 5), where signs are chosen
independently. In particular, x is not congruent to 0 modulo 3. Therefore, if x ≡ 1
136 3 Solutions

(mod 3) then x ≡ 2x ≡ 2 (mod 7), whereas if x ≡ −1 (mod 3) then x ≡ 2x ≡ −3

(mod 7).
The system is thus equivalent to the union of the four systems
⎧ ⎧
⎨x ≡ 1 (mod 3) ⎨ x ≡ −1 (mod 3)
x≡2 (mod 7) x ≡ −3 (mod 7)
⎩ ⎩
x ≡ ±1 (mod 5), x ≡ ±1 (mod 5).

Straightforward computations lead to the conclusion that the original system has as
solutions the classes 16, −26, 11 and −31 modulo 105.
73 From the definition of binomial coefficient we get

n(n−1)(n−2)
6 ≡ 0 (mod 2)
n(n−1)(n−2)(n−3)
24 ≡ 0 (mod 2)

hence, eliminating factors that are invertible modulo 2,


n(n − 1)(n − 2) ≡ 0 (mod 4)
n(n − 1)(n − 2)(n − 3) ≡ 0 (mod 16).

The first equation is clearly solved by all n congruent to 0, 1 or 2 modulo 4, whereas

n is not a solution if it is congruent to −1 modulo 4.
In order to solve the second equation, remark that exactly two among the factors
n, n − 1, n − 2, n − 3 are even, and that they are consecutive even numbers. Given
two consecutive even numbers, only one can be divisible by 4, while the other is
divisible by 2 but not by 4. Therefore, if the product must be divisible by 16, then
the number which is a multiple of 4 must actually be divisible by 8. It follows that
the second equation is solved by n congruent to 0, 1, 2, 3 modulo 8.
Since n congruent to a modulo 8 implies n congruent to a modulo 4, the solutions
of the system are given by n congruent to 0, 1, 2 modulo 8.
74 The congruence x 2 ≡ 4 (mod 14) is equivalent to the system of two
congruences x 2 ≡ 0 (mod 2) and x 2 ≡ 4 (mod 7). Moreover, we can rewrite the
first of these as x ≡ 0 (mod 2), because x 2 is always congruent to x modulo 2.
The second one in turn becomes (x − 2)(x + 2) ≡ 0 (mod 7) and, since 7 is
prime, is solved by x ≡ 2 (mod 7) or x ≡ −2 (mod 7).
So the solutions of the original system are given by the union of the solutions of
the two systems
⎧ ⎧
⎨ x ≡ 0 (mod 2) ⎨x ≡ 0 (mod 2)
x ≡ 2 (mod 7) x ≡ −2 (mod 7)
⎩ ⎩
x ≡ 3 (mod 5), x≡3 (mod 5).
3 Congruences 137

Straightforward calculations yield that the solutions of the original system are given
by the residue classes −12 and −2 modulo 70.
75 Let us consider the prime factorisation 7·112 of 847 and replace the first equation
with the system of congruences x 660 ≡ 1 (mod 7) and x 660 ≡ 1 (mod 112 ).
We shall examine the first of these. If 7 were a divisor of x, then 7 would obvi-
ously divide x 660, which contradicts the condition x 660 ≡ 1 (mod 7). Conversely, if
7 does not divide x then we have x 6 ≡ 1 (mod 7) by Fermat’s little theorem, hence
x 660 = (x 6 )110 ≡ 1110 ≡ 1 (mod 7). We have thus shown that the first congruence
is solved by all x that are not divisible by 7.
As for the second congruence, we will employ a similar argument. If 11 were
2
a divisor of x then it would also divide x 660, which is not possible. So x φ(11 ) =
x 110 ≡ 1 (mod 11) and thus x 660 = (x 110)6 ≡ 16 ≡ 1 (mod 112 ). The second
congruence is therefore solved by all x that are not divisible by 11.
We can rewrite the original system as
⎧
⎨ x ≡ 0 (mod 7)
x ≡ 0 (mod 11)
⎩
x ≡ 11 (mod 13).

The solutions of the third equation are clearly given by all integers of the form
x = 11 + 13k, where k is any integer. By imposing the condition that x is neither
divisible by 7 nor by 11 we find that k can neither be congruent to 4 modulo 7 nor
to 0 modulo 11.
76 By considering the factorisation 85 = 5 · 17 we obtain that the congruence is
equivalent to the system

x 3 − a 3 ≡ 0 (mod 5)
x 3 − a 3 ≡ 0 (mod 17).

Now let p be either 5 or 17. If a ≡ 0 (mod p) then we have x 3 ≡ 0 (mod p) and

so, since p is prime, x ≡ 0 ≡ a (mod p). If a ≡ 0 (mod p), then a is invertible
modulo p, so we can rewrite the congruence as (x/a)3 ≡ 1 (mod p).
Since 0 cannot be a solution and 3 does not divide p − 1, the only possible
solution is x/a ≡ 1 (mod p), that is, x ≡ a (mod p).
So the system is in any case equivalent to

x ≡ a (mod 5)
x ≡ a (mod 17)

and, since x ≡ a (mod 85) is a solution, it must be the unique solution by the
Chinese remainder theorem.
In conclusion, we have that for each a the congruence x 3 − a 3 ≡ 0 (mod 85)
has the unique solution x ≡ a (mod 85).
138 3 Solutions

3
77 Remark that 2 is coprime with 33 and so 2φ(3 ) = 218 ≡ 1 (mod 33 ). Since
9 and 6 are the only maximal proper divisors of 18, we shall compute 29 and 26
modulo 33 . We find that 29 ≡ −1 (mod 33 ) and 26 ≡ 10 (mod 33 ). This implies
that 2 has multiplicative order 18 modulo 33 . Moreover, 25 = 32 ≡ 5 (mod 33 ).
We can now rewrite the initial congruence as 2x ≡ 25 (mod 33 ) and conclude
that it is equivalent to x ≡ 5 (mod 18).
We can thus rewrite the first of the two systems as

x ≡ 5 (mod 18)
x ≡ 2 (mod 15).

By the Chinese remainder theorem, by taking prime factorisations, one obtains

⎧
⎪
⎪ x ≡ 5 (mod 9)
⎨
x ≡ 1 (mod 2)
⎪
⎪ x ≡ 2 (mod 3)
⎩
x ≡ 2 (mod 5).

Notice that the first congruence implies the third, which can thus be ignored.
Straightforward computations yield the solutions −13 + 90k, where k is any integer.
Let us now show that the second system in the problem statement has no
solutions. If 2x ≡ 5 (mod 34 ) then in particular we have 2x ≡ 5 (mod 33 ), so
x ≡ 5 (mod 18) because of the argument above. Then x ≡ −1 (mod 3), which is
incompatible with the last congruence, as that one implies x ≡ 0 (mod 3).
78
(i) If 81x ≡ b (mod 125) then we must have 81x ≡ b (mod 5), that is, b ≡ 1
(mod 5). Hence, in order for a solution to exist, the residue class of b modulo
125 must be one of the 25 classes congruent to 1 modulo 5. Let us show that
this condition is sufficient.
Remark that 81 is coprime to 125; let us compute its multiplicative order. Since
φ(125) = 100, such an order must be a divisor of 100. We start by computing
815 modulo 125.
We have 81 = 1 + 16 · 5, so 815 = (1 + 16 · 5)5 ≡ 1 + 5 · 16 · 5 + 10 · 162 ·
52 + · · · ≡ 1 + 16 · 52 ≡ 1 + 52 (mod 125), where we omitted terms containing
higher powers of 5, which are 0 modulo 125. Thus the multiplicative order of
81 modulo 125 cannot be a divisor of 5.
Similarly, we have 8125 = (815 )5 ≡ (1+52 )5 ≡ 1+5·52 +· · · ≡ 1 (mod 125).
So the order we want must be a divisor of 25 and, since it cannot be 1 or 5, it
must be equal to 25.
It follows that the powers of 81 modulo 125 must take 25 different values. Since
our congruence has a solution if and only if b is a power of 81 modulo 125 we
just showed that the condition we found initially is sufficient.
3 Congruences 139

(ii) Given a solution x0 , we have 81x0 ≡ b0 (mod 125). The equation becomes
81x ≡ 81x0 (mod 125) and, since 81 has multiplicative order 25 modulo 125,
all solutions are given by x0 + 25 · k, where k is any integer.
79 First of all, let us compute the order of 2 modulo 125, which is a divisor of
φ(125) = 100.
Remark that if 2n ≡ 1 (mod 125) then 2n ≡ 1 (mod 5). It follows that, since
the multiplicative order of 2 modulo 5 is 4, the order of 2 modulo 125 is a multiple
of 4, that is, one among 4, 20, 100.
We have 24 = 16 = 1 + 3 · 5, hence, by using the binomial development, we get
2 = (24 )5 = (1 + 3 · 5)5 ≡ 1 + 3 · 52 (mod 53 ). Thus the multiplicative order of
20

2 modulo 53 cannot be a divisor of 20, so it must be 100.

Since 27 = 128 ≡ 3 (mod 125), 7 is a solution of the original congruence. In
particular, the congruence amounts to 2x ≡ 27 (mod 125) and, because of what we
just showed, its solutions are given by 7 + 100k, where k is any integer.
Let us now solve the congruence modulo 625 = 54 . We have already remarked
that 24·5 ≡ 1 + 3 · 52 (mod 53 ), that is, 24·5 = 1 + 3 · 52 + h · 53 for some integer
2
h. Using the binomial development again, we have 24·5 = (1 + 3 · 52 + h · 53 )5 =
(1 + (3 + 5h)52 )5 ≡ 1 + 5(3 + 5h)52 ≡ 1 + 3 · 53 (mod 54 ). Any solution of
2x ≡ 3 (mod 54 ) is also a solution of 2x ≡ 3 (mod 53 ), so it must be of the form
x = 7 + 100k because of the argument above.
By combining the two facts 27 = 3 + 53 and 2100k ≡ (1 + 3 · 53 )k ≡ 1 + 3k53
(mod 54 ) we obtain 2x = 27+100k ≡ (3+53)(1+3k53) ≡ 3+(1+9k)53 (mod 54 ).
So x is a solution if and only if k ≡ 1 (mod 5). In conclusion, x ≡ 107 (mod 500).
80 By examining powers of 5 modulo 11 we find that 5 has multiplicative order 5
modulo 11 and that 3 ≡ 52 (mod 11). The first congruence can thus be rewritten as
5x ≡ 52 (mod 11) and is equivalent to x ≡ 2 (mod 5).
By the Chinese remainder theorem, the second congruence is equivalent to the
system

x2 ≡ 0 (mod 3)
x ≡ −3 (mod 7).
2

The first of these congruences is equivalent to x ≡ 0 (mod 3) because 3 is prime.

The second is equivalent to x ≡ ±2 (mod 7) because 7 is prime and (±2)2 ≡ −3
(mod 7).
We can thus rewrite the original system as
⎧
⎨x ≡ 0 (mod 3)
x≡2 (mod 5)
⎩
x ≡ ±2 (mod 7).

Straightforward computations yield that the solutions are given by the classes of 12
and 72 modulo 105.
140 3 Solutions

81 The condition in the problem statement is equivalent to the congruence

7x 3 − 8ax 2 + 9x + 3a ≡ 0 (mod 21)

which is itself equivalent to the system


7x 3 − 8ax 2 + 9x + 3a ≡ 0 (mod 3)
7x 3 − 8ax 2 + 9x + 3a ≡ 0 (mod 7).

By reducing the coefficients of the above equations modulo 3 and 7 one obtains

x 3 + ax 2 ≡ 0 (mod 3)
−ax 2 + 2x + 3a ≡ 0 (mod 7).

Since x 3 + ax 2 = x 2 (x + a) and 3 is prime, the solutions of the first equation are

x ≡ 0 (mod 3) and x ≡ −a (mod 3).
As for whether or not the second equation has any solutions, we have
x ≡ 0 (mod 7) is a solution $⇒ a ≡ 0 (mod 7);
x ≡ 1 (mod 7) is a solution $⇒ a ≡ −1 (mod 7);
x ≡ 2 (mod 7) is a solution $⇒ a ≡ −3 (mod 7);
x ≡ 3 (mod 7) is a solution $⇒ a ≡ 1 (mod 7);
x ≡ −3 (mod 7) is a solution $⇒ a ≡ −1 (mod 7);
x ≡ −2 (mod 7) is a solution $⇒ a ≡ 3 (mod 7);
x ≡ −1 (mod 7) is a solution $⇒ a ≡ 1 (mod 7).
The list above can be rearranged according to the possible values of a, as:
if a ≡ 0 (mod 7) then x ≡ 0 (mod 7);
if a ≡ 1, −1, 3 (mod 7) then a solution is x ≡ a + 2 (mod 7);
if a ≡ 1, −1, −3 (mod 7) then a solution is x ≡ a − 2 (mod 7);
if a ≡ ±2 (mod 7) then there are no solutions.
If both equations in the system have a solution, then the system itself does,
because (3, 7) = 1. By solving the various systems which do have solutions, we
obtain
if a ≡ 0 (mod 7), then x ≡ 0, −a (mod 21);
if a ≡ 1, −1, 3 (mod 7), then the solutions are x ≡ 15a + 9, 8a + 9 (mod 21);
if a ≡ 1, −1, −3 (mod 7), then the solutions are x ≡ 15a + 12, 8a + 12
(mod 21).
82 By the Chinese remainder theorem, the congruence is equivalent to the system

x 15 ≡ x 27 (mod 7)
x 15 ≡ x 27 (mod 11)
3 Congruences 141

which can be rewritten as


x 15(x 12 − 1) ≡ 0 (mod 7)
x 15(x 12 − 1) ≡ 0 (mod 11).

Clearly, x ≡ 0 (mod 7) and x ≡ 0 (mod 11) are solutions of the first and second
equation, respectively. If (x, 7) = 1, then by Fermat’s little theorem we have x 6 ≡ 1
(mod 7) and therefore x 12 ≡ 1 (mod 7). So the first equation is satisfied for all
integers x, that is, it has seven solutions modulo 7.
As for the second equation, Fermat’s little theorem implies that, if (x, 11) =
1, then x 10 ≡ 1 (mod 11); such values of x are solutions if and only if x 2 ≡ 1
(mod 11), that is, (x +1)(x −1) ≡ 0 (mod 11). Since 11 is prime, the only solutions
are x ≡ ±1 (mod 11). Including the solution x ≡ 0 (mod 11), there are three
solutions modulo 11.
The number of solutions modulo 77 is given by all possible combinations of
solutions modulo 7 and solutions modulo 11 and is therefore equal to 7 · 3 = 21.
83 Because of the second condition, integers x such that x 3 ≡ x (mod 7) cannot be
solutions of the system. Now, x 3 ≡ x (mod 7) is equivalent to x(x − 1)(x + 1) ≡
0 (mod 7) and, since 7 is prime, the solutions of this equation are x ≡ 0, 1, −1
(mod 7).
In particular, given that the class 0 modulo 7 cannot be a solution of the system,
we may rewrite the first equation as x k−1 ≡ 1 (mod 7). A class a solves the latter
equation if and only if k − 1 is a multiple of the multiplicative order of a modulo 7.
One can check that the multiplicative order of classes 2 and 4 is 3, whereas that of
classes 3 and 5 is 6. Therefore, if k ≡ 1 (mod 6) then the solutions are x ≡ 2, 3, 4, 5
(mod 7); if k ≡ 1 (mod 3) but k ≡ 1 (mod 6), that is, if k ≡ 4 (mod 6), then the
solutions are x ≡ 2, 4 (mod 7), and finally if k ≡ 1 (mod 3) then there are no
solutions.
84 In order for the first equation to have solutions, it is necessary and sufficient that
(a, 25) | 4, or in other words that (a, 25) = 1. The second equation is equivalent to
the system

x 2 + a ≡ 0 (mod 5)
x 2 + a ≡ 0 (mod 3)

and one can check that this has solutions if and only if a ≡ 0, ±1 (mod 5) and
a ≡ 0, −1 (mod 3). Therefore, both initial equations have a solution for a ≡ ±1
(mod 5) and a ≡ 0, −1 (mod 3).
However, because the greatest common divisor of the two moduli is (25, 15) = 5,
the original system has a solution if and only if its two equations have solutions that
are congruent modulo 5.
If a ≡ 1 (mod 5) then the solutions of the first equation are congruent to
−1 (mod 5), whereas those of the second equation are ±2 (mod 5). If a ≡ −1
142 3 Solutions

(mod 5) then the solutions of the first equation are congruent to 1 (mod 5) and
those of the second equation to ±1 (mod 5). Consequently, the system has a
solution if and only if a ≡ −1 (mod 5) and a ≡ 0, −1 (mod 3), that is, if and
only if a ≡ −1, 9 (mod 15).
Now consider the case a = −1. The first equation yields x ≡ −4 (mod 25); this
fixes the class of solutions modulo 5, that is, x ≡ 1 (mod 5). Moreover, we know by
the argument above that solutions of the second equation satisfying this condition do
exist. What is left to do is to find out which of them also satisfy x 2 −1 ≡ 0 (mod 3),
that is, x ≡ ±1 (mod 3). By considering both the solutions modulo 25 and those
modulo 3, we find that the solutions of the system are x ≡ −4, −29 (mod 75).
85 Both equations have a solution if and only if (a, 9) = 1. Solutions of the first
equation are given by x ≡ a −1 (mod 9), so are coprime to 9. The solution of the
second equation is given by x ≡ 0 (mod ord(a)), where ord(a) is the order of a in
the multiplicative group (Z/9Z)∗ and so is a divisor of φ(9) = 6. In order for the
system to have a solution we must therefore have that ord(a) is not a multiple of 3,
that is, ord(a) = 1, 2.
If ord(a) = 1 then a ≡ 1 (mod 9) and the solution of the first equation is x ≡ 1
(mod 9), while the second equation is satisfied for all x. So the solution of the
system is x ≡ 1 (mod 9).
If ord(a) = 2, then a ≡ 1 (mod 9) and a 2 ≡ 1 (mod 9), that is, 9 | a 2 − 1 =
(a + 1)(a − 1). In particular, three divides one of the factors a + 1, a − 1 but
cannot divide both, since their difference is 2. It follows that 9 must divide one of
the factors; having excluded a ≡ 1 (mod 9), we must have a ≡ −1 (mod 9).
In conclusion, the solution of the first equation is x ≡ −1 (mod 9) and that of
the second equation is x ≡ 0 (mod 2). The solution of the system is therefore x ≡ 8
(mod 18).
86 The first equation has a solution if and only if (6a − 1, 21) = 1, that is, if and
only if 3  6a − 1 and 7  6a − 1. Since 3 | 6a for all a, we have 3  6a − 1 for
all a, whereas 7 | 6a − 1 if and only if a ≡ −1 (mod 7). So the first equation has a
solution if and only if a ≡ −1 (mod 7).
The second equation always has a solution, which is expressed by the equation
itself.
The greatest common divisor of the moduli of the two equations is 7, so assuming
that the first equation does have a solution the system does if and only if there are
solutions of the two equations that coincide modulo 7. Substituting the value for x
given by the second equation into the first, one obtains the condition (6a − 1)a ≡ 1
(mod 7), whose solutions are a ≡ 2, 4 (mod 7).
Now remark that if a ≡ 2, 4 (mod 7) then the solution of the system is a
congruence class modulo the least common multiple of the moduli, which is 105.
Because of the second equation we know its congruence class modulo 35, so it is
enough to glean its congruence class modulo 3 from the first equation, which clearly
3 Congruences 143

gives x ≡ −1 (mod 3). We thus obtain the system


x ≡ −1 (mod 3)
x≡a (mod 35)

whose solution is x ≡ 36a + 35 (mod 105), as one can easily find.

87 By the Chinese remainder theorem, the first equation is equivalent to a system
of two congruences, one modulo 2 and one modulo 17. Since 9 ≡ 1 (mod 2),
the congruence modulo 2 is satisfied for all possible values of a and x and can
therefore be disregarded. As for the congruence modulo 17, one can check that the
multiplicative order of 9 modulo 17 is 8, so the congruence is satisfied if and only if
ax ≡ 0 (mod 8). In particular, it has a solution for all possible values of a, and the
solution is x ≡ 0 (mod 8/(a, 8)).
Similarly, we can replace the second equation by two congruences, one modulo
3 and one modulo 5. The congruence modulo 3 reduces to x 2 ≡ 0 (mod 3), which
does not depend on a and whose solution is x ≡ 0 (mod 3). The congruence
modulo 5 reduces to x 2 + ax − 1 ≡ 0 (mod 5), which has a solution if and only
if a 2 + 4 is a square modulo 5, that is, if and only if a ≡ 0, 1, −1 (mod 5). The
solutions are, respectively, x ≡ ±1, 2, −2 (mod 5).
In conclusion, the system has a solution if and only if a ≡ 0, 1, −1 (mod 5).
For a = 4 in particular, as per remarks made so far, the solution can be found via
the system
⎧
⎨x ≡ 0 (mod 2)
x≡0 (mod 3)
⎩
x ≡ −2 (mod 5).

Simple calculations yield x ≡ 18 (mod 30).

88 The first equation has solutions if and only if (3, 42) = 3 | a, that is, if and only
if a = 3b for some b ∈ Z, in which case the equation becomes x ≡ b (mod 14).
Since 6 is the inverse of 6 modulo 35, the second equation is equivalent to x ≡ 6
(mod 35). By using the Chinese remainder theorem, we can turn the system into
⎧
⎪
⎪ x ≡b (mod 2)
⎨
x ≡b (mod 7)
⎪
⎪ x ≡6 (mod 7)
⎩
x ≡1 (mod 5)

which has solutions if and only if b ≡ 6 (mod 7), that is, if and only if a ≡ 18
(mod 21).
144 3 Solutions

When this condition on a is satisfied, the system is equivalent to


x ≡ b (mod 2)
x ≡ 6 (mod 35)

whose solution is x ≡ 6 + 35b (mod 70).

In conclusion, the original system has a solution if and only if a ≡ 18 (mod 21).
When that is the case, its solution is x ≡ 6 (mod 70) if a ≡ 18 (mod 42) and
x ≡ 41 (mod 70) if a ≡ 39 (mod 42).
89 The multiplicative order of the class of 5 modulo 24 is 4 and 52 ≡ 9 (mod 24 ),
so the first equation is equivalent to x ≡ 2 (mod 4).
By means of the Chinese remainder theorem, split the second equation into a
congruence modulo 11 and one modulo 16. Since 11 is an odd prime, the equation
x 2 + 2x + 8 ≡ 0 (mod 11) can be solved using the quadratic formula, which yields
the solutions x ≡ 1, −3 (mod 11).
Now consider the subsystem

x ≡ 2 (mod 4)
x 2 + 2x + 8 ≡ 0 (mod 16);

if we substitute the value for x obtained from the first congruence, that is, x = 2+4t,
into the second, we obtain the equation

(2 + 4t)2 + 2(2 + 4t) + 8 ≡ 8t ≡ 0 (mod 16),

which is satisfied if and only if t ≡ 0 (mod 2), so the solution of the subsystem is
x ≡ 2 (mod 8).
So the original system is equivalent to the union of the two systems
 
x ≡ 1 (mod 11) x ≡ −3 (mod 11)
x ≡ 2 (mod 8), x≡2 (mod 8)

whose solutions are easily computed and given by x ≡ 34 (mod 88) and x ≡ −14
(mod 88), respectively.
90 The second equation has a solution if and only if 3 | a, so let a = 3b. The
congruence 6x ≡ 3b (mod 21) is equivalent to x ≡ 4b (mod 7).
The first congruence becomes x 2 ≡ 15b (mod 120) and is equivalent by the
Chinese remainder theorem to a system of two congruences, one modulo 8 and one
modulo 15. Keeping in mind that x 2 ≡ 0 (mod 15) if and only if x ≡ 0 (mod 15),
we obtain the system
⎧ 2
⎨ x ≡ −b (mod 8)
x≡0 (mod 15)
⎩
x ≡ 4b (mod 7).
3 Congruences 145

The three moduli are pairwise relatively prime, so the system has a solution if and
only if each equation does. In order for that to be the case, since we already have
the solutions of the second and third equation, we just need to ensure that the first
equation can be solved, i.e. that −b is a square modulo 8; equivalently, that b ≡
0, −1, 4 (mod 8).
In conclusion, the system has a solution if and only if a = 3b ≡ 0, −3, 12
(mod 24).
For a = 45 ≡ −3 (mod 24), that is, for b = 15 (where b is defined as above),
the system does have a solution and becomes
⎧ 2
⎨ x ≡ 1 (mod 8)
x ≡ 0 (mod 15)
⎩
x ≡ 4 (mod 7).

It is easy to check that the subsystem given by the second and third equation has
the solution x ≡ 60 (mod 105) and that the first equation has the solutions x ≡
1, 3, 5, 7 (mod 8), that is, x ≡ 1 (mod 2). The system is therefore equivalent to

x ≡ 1 (mod 2)
x ≡ 60 (mod 105)

whose solution is x ≡ 165 (mod 210).

91 By the Chinese remainder theorem, the equation in the problem statement is
equivalent to the system

x 100 ≡ a (mod 7)
x 100 ≡ a (mod 11).

Let us find the number of solutions of each equation.

If a ≡ 0 (mod 7), then the congruence x 100 ≡ a (mod 7) has the unique
solution x ≡ 0 (mod 7).
Let now a ≡ 0 (mod 7); then x ≡ 0 (mod 7) is not a solution and any potential
solution will satisfy x 6 ≡ 1 (mod 7). Since 100 = 16 · 6 + 4, the equation we
need to solve is equivalent to x 4 ≡ a (mod 7). The fourth powers in (Z/7Z)∗ are
1, 2, 4, and so if a ≡ 3, 5, 6 (mod 7) then the equation has no solutions, whereas if
a ≡ 1, 2, 4 (mod 7) then it has two.
For a ≡ 0 (mod 11), the congruence x 100 ≡ a (mod 11) has the unique solution
x ≡ 0 (mod 11).
Let now a ≡ 0 (mod 11); in this case x ≡ 0 (mod 11) is not a solution and any
solution will satisfy x 10 ≡ 1 (mod 11), hence also x 100 ≡ 1 (mod 11). It follows
that the equation has ten solutions if a ≡ 1 (mod 11) and no solutions if a ≡ 0, 1
(mod 11).
Let us now combine the information above.
146 3 Solutions

For a ≡ 0 (mod 7) and a ≡ 0 (mod 11), that is, for a ≡ 0 (mod 77), the
system has the unique solution x ≡ 0 (mod 77).
For a ≡ 0 (mod 7) and a ≡ 1 (mod 11), that is, for a ≡ −21 (mod 77), the
first equation has one solution and the second one has 10, so there are ten solutions
modulo 77.
For a ≡ 1, 2, 4 (mod 7) and a ≡ 0 (mod 11), that is, for a ≡ 22, 44, 11
(mod 77), the first equation has two solutions and the second one has 1, so there
are two solutions modulo 77.
Finally, for a ≡ 1, 2, 4 (mod 7) and a ≡ 1 (mod 11), that is, for a ≡ 1, 23, 67
(mod 77), the first equation has two solutions and the second one has 10, so there
are 20 solutions modulo 77.
If a does not belong to any of the above classes modulo 77 then the equation has
no solutions.
92
(i) By the Chinese remainder theorem, we can split x a ≡ 1 (mod 92) into a
congruence modulo 4 and one modulo 23.
The congruence x a ≡ 1 (mod 23) is solved by all elements of (Z/23Z)∗
whose order divides a, and is thus equivalent to x d ≡ 1 (mod 23), where
d = (a, φ(23)). Since 23 is prime, the group (Z/23Z)∗ is cyclic of order
φ(23) = 22. We conclude that the congruence x a ≡ 1 (mod 23) has d =
(a, 22) solutions modulo 23.
By the same argument, we obtain that x a ≡ 1 (mod 4) has (a, 2) solutions
modulo 4.
In conclusion, the equation in the problem statement has (a, 2)·(a, 22) solutions
modulo 92.
Remark that the number of solutions can also be expressed as a function of the
class of a modulo 22.
If a ≡ 1, 3, 5, 7, 9, 13, 15, 17, 19, 21 (mod 22), that is, if (a, 2) = 1 and
(a, 22) = 1, then the equation has a unique solution modulo 92.
If a ≡ 2, 4, 6, 8, 10, 12, 14, 16, 18, 20 (mod 22), that is, (a, 2) = 2 and
(a, 22) = 2, then the equation has four solutions modulo 92.
If a ≡ 11 (mod 22), that is, (a, 2) = 1 and (a, 22) = 11, then the equation has
11 solutions modulo 92.
Finally, if a ≡ 0 (mod 22), that is, (a, 2) = 2 and (a, 22) = 22, then the
equation has 44 solutions modulo 92.
(ii) By solving the second equation and splitting the first into an equation modulo 4
and one modulo 23 we get
⎧ a
⎨ x ≡ 1 (mod 4)
x a ≡ 1 (mod 23)
⎩
x ≡ 9 (mod 23).

Remark that the set of squares in (Z/23Z)∗ coincides with the subgroup of order
11. Since 11 is prime, all elements of such a subgroup except for 1 have order
3 Congruences 147

11. Now, 9 is a square and therefore its order in (Z/23Z)∗ is 11. Thus, if a ≡ 0
(mod 11) then the system has no solutions, whereas if a ≡ 0 (mod 11) then
the system is equivalent to

x a ≡ 1 (mod 4)
x ≡ 9 (mod 23).

The equation x a ≡ 1 (mod 4) has the unique solution x ≡ 1 (mod 4) if a ≡ 1

(mod 2) and the solutions x ≡ ±1 (mod 4) if a ≡ 0 (mod 2). Solving the
corresponding systems, one obtains: if a ≡ 11 (mod 22) then the solution
is x ≡ 9 (mod 92); if a ≡ 0 (mod 22) then the solutions are x ≡ 9, 55
(mod 92).
93 The first congruence has a solution if and only if a ≡ 0 (mod 2), in which case
it has a unique solution modulo 11. By the Chinese remainder theorem, the second
congruence is equivalent to the system
⎧ 2
⎨x ≡ a (mod 3)
x 2 ≡ −a (mod 4)
⎩ 2
x ≡0 (mod 7).

The congruence x 2 ≡ 0 (mod 7) has the unique solution x ≡ 0 (mod 7) for each
possible value of a.
The congruence x 2 ≡ −a (mod 4) has the two solutions x ≡ 0, 2 (mod 4) if
a ≡ 0 (mod 4) and has no solutions if a ≡ 2 (mod 4); as seen above, we need not
consider the classes of 1 and 3 as we may assume a is even.
Finally, x 2 ≡ a (mod 3) has the unique solution x ≡ 0 (mod 3) if a ≡ 0
(mod 3), the two solutions x ≡ ±1 (mod 3) if a ≡ 1 (mod 3) and no solution if
a ≡ 2 (mod 3).
In conclusion, we have the following:
1 If a ≡ 1 (mod 2) then the first equation, and therefore the system, has no
solutions.
2 If a ≡ 0 (mod 4) and a ≡ 0 (mod 3), that is, if a ≡ 0 (mod 12), then x 2 ≡
7a (mod 84) has two solutions modulo 84 and the equation 2x ≡ a (mod 22) has
a unique solution modulo 11, so the system has two solutions modulo 84 · 11 = 924.
3 Finally, if a ≡ 0 (mod 4) and a ≡ 1 (mod 3), that is, if a ≡ 4 (mod 12),
then x 2 ≡ 7a (mod 84) has four solutions modulo 84 and the equation 2x ≡ a
(mod 22) has a unique solution modulo 11, so the system has four solutions modulo
84 · 11 = 924.
In all remaining cases the system has no solutions because the second equation
has none.
94 Let us consider the first congruence: remark that it has no solutions when a is
even, so we must have a ≡ 1 (mod 2). In this case, a x ≡ 1 (mod 8) if x is even
148 3 Solutions

and a x ≡ a (mod 8) if x is odd, so the congruence has a solution if and only if

a ≡ 3 (mod 8), and that solution is x ≡ 1 (mod 2).
So let a = 3 + 8b. The second congruence becomes x 6+16b ≡ 4 (mod 9). Note
that solutions to this congruence must be sought in (Z/9Z)∗ : indeed, any solution
will have among its powers the class of 4, which is invertible in Z/9Z. In particular,
x 6 ≡ 1 (mod 9), so the equation becomes x 4b ≡ 4 (mod 9).
By again using the fact that sixth powers are 1 in (Z/9Z)∗ , we obtain that if b ≡ 0
(mod 3) then the equation has no solutions; if b ≡ 1 (mod 3) then it is equivalent to
x 4 ≡ 4 (mod 9) and has the solutions x ≡ ±4 (mod 9); finally, if b ≡ 2 (mod 3)
then the equation is equivalent to x 2 ≡ 4 (mod 9) and has the solutions x ≡ ±2
(mod 9).
In conclusion, we have the following cases:
1 If a ≡ 11 (mod 24) then the solution of the first equation is x ≡ 1 (mod 2)
and those of the second are x ≡ ±4 (mod 9), so the solutions of the system are
x ≡ 5, 13 (mod 18).
2 If a ≡ 19 (mod 24) then the solution of the first equation is x ≡ 1 (mod 2)
and those of the second are x ≡ ±2 (mod 9), so the solutions of the system are
x ≡ 7, 11 (mod 18).
Finally, if a ≡ 11, 19 (mod 24) then one of the two equations, and therefore the
system, has no solutions.
95 The problem is equivalent to finding the number of solutions modulo 100 of
the equation xy ≡ 0 (mod 100), which, by the Chinese remainder theorem, is
equivalent to the system

xy ≡ 0 (mod 4)
xy ≡ 0 (mod 25).

More generally, consider the equation xy ≡ 0 (mod p2 ), where p is a prime, that

is, consider the condition p2 | xy. The condition is satisfied when one of the two
factors is divisible by p2 , that is, congruent to zero modulo p2 , and the other factor
is any integer, or when both factors are divisible by p.
There are p2 pairs of the form (x, 0) and p2 of the form (0, y). But, since (0, 0)
is of both forms, the total number of pairs of this type is 2p2 − 1.
Pairs of integers that are both divisible by p and not by p2 are represented by
residue classes of the form (pa, pb) with 1 ≤ a, b ≤ p − 1, and thus there are
(p − 1)2 of them. We therefore have 2p2 − 1 + (p − 1)2 = 3p2 − 2p pairs in total.
By substituting the values p = 2 and p = 5, one obtains the values 8 and
65, respectively. Again by the Chinese remainder theorem, the equation xy ≡ 0
(mod 100) has 8 · 65 = 520 solutions.
96 The first congruence in the system has a solution if and only if 6 = (6, 72) | 4a,
that is, if and only if 3 | a. If that is the case, let a = 3b: we may divide by 6 and
obtain x ≡ 2b (mod 12).
3 Congruences 149

Since 1 = (5, 39) | 2, the second congruence always has the unique solution
x ≡ 16 (mod 39).
However, since (12, 39) = 3, the system itself has a solution if and only if the
solutions of the two congruences coincide modulo 3, that is, if and only if 2b ≡ 16
(mod 3), or equivalently b ≡ 2 (mod 3). If this is the case, then the solution is
unique modulo the least common multiple of the two moduli, that is, modulo 156.
In conclusion, there is a unique solution modulo 156 if a ≡ 6 (mod 9) and there
are no solutions otherwise.
97 In order to solve the first equation, one must find the order of 8 in the group
(Z/27Z)∗ , which will be a divisor of φ(27) = 18. We have 82 ≡ 10, 83 ≡
−1, 86 ≡ 1 (mod 27), so the order in question is 6. Since 83 ≡ −1 (mod 27), the
solutions of the first equation are the same as the solutions of x 2 − 1 ≡ 3 (mod 6).
We can solve the equation modulo 2 and modulo 3 and obtain

x≡0 (mod 2)
x ≡ ±1 (mod 3).

Analogously, the second equation is equivalent to the system


x 22 + 2x ≡ 8 (mod 4)
x 22 + 2x ≡ 8 (mod 11).

The first equation of the latter system can be rewritten as x 22 + 2x ≡ 0 (mod 4).
Since x 22 ≡ x (mod 2), we have that x must be even. On the other hand, if x is
even, then both x 22 and 2x are divisible by 4, so we get a solution. The solution of
the first equation is therefore x ≡ 0 (mod 2).
One can check that x ≡ 0 (mod 11) is not a solution of the second equation.
But, if x ≡ 0 (mod 11), then by Fermat’s little theorem x 10 ≡ x 20 ≡ 1 (mod 11),
so the solutions of the second equation are the same as the solutions of x 2 + 2x ≡ 8
(mod 11).
Since this quadratic equation has solutions 2, −4 in Z, its solutions modulo 11
must be the classes of 2 and −4, because 11 is prime.
Finally, since the solutions of the two equations in the original system coincide
modulo 2, we are left with
⎧
⎨x ≡ 0 (mod 2)
x ≡ ±1 (mod 3)
⎩
x ≡ 2, −4 (mod 11),

which yields four solutions modulo 2 · 3 · 11 = 66. By performing simple

calculations, one finds that the solutions are x ≡ 2, 40, 46, 62 (mod 66).
150 3 Solutions

98 By computing powers of 3 modulo 5, one finds that 33 ≡ 2 (mod 5) and that the
multiplicative order of 3 modulo 5 is 4. We can therefore rewrite the first equation
as 3x ≡ 33a (mod 5), whose solution is x ≡ 3a ≡ −a (mod 4).
The second equation splits into two equations, one modulo 3 and one modulo 8.
The equation modulo 3 always has a unique solution modulo 3, because x 3 ≡ x
(mod 3) for all x. As for the equation modulo 8, there are two separate possibilities.
1 If a is even, then x must also be even; now, for all even x we have x 3 ≡ 0
(mod 8); so there is one solution modulo 2, that is, four solutions modulo 8, if a ≡ 6
(mod 8), and no solution otherwise.
2 If a is odd, then x must also be odd; in this case, since x 2 ≡ 1 and x 3 ≡ x
(mod 8), there is always a unique solution modulo 8.
So the system has no solution for a ≡ 0, 2, 4 (mod 8). In all other cases,
solutions to the system exist if the solution of the equation modulo 4 and that of
the equation modulo 2 or 8 are compatible.
If a is odd, that is, if a ≡ 6 (mod 8), then the equation modulo 4 has the solution
x ≡ 2 (mod 4), which is indeed compatible with the solution x ≡ 0 (mod 2). In
this case, we have a unique solution modulo 12.
If a is odd then the equations are still compatible: indeed, we have remarked that
the solutions modulo 8 are x ≡ a + 2 and a + 2 ≡ −a (mod 4) for a odd. There is
therefore a unique solution modulo 24.
99 The first congruence has a solution if and only if 3 belongs to the subrgroup
of (Z/7Z)∗ generated by a, that is, if and only if the subgroup generated by 3
is contained in the subgroup generated by a. Since 3 is a generator of the group
(Z/7Z)∗ (one can check that its order is 6) the argument above shows that the first
congruence has a solution if and only if a is also a generator of the group.
i
Since 3 is a generator, all other generators are of the form 3 with 0 ≤ i < 6
5 −1
and (i, 6) = 1, so they are 3 and 3 = 3 = 5. Any generator has order 6 and
we have 31 ≡ 3, 55 ≡ 3 (mod 7), so the first equation has the following solutions:
for a ≡ 3 (mod 7), the solution x ≡ 1 (mod 6); for a ≡ 5 (mod 7), the solution
x ≡ 5 (mod 6).
As for the second congruence in the system, remark that the square of an even
number is divisible by 4, whereas the square of an odd number is always congruent
to 1 modulo 8. Though the second congruence has solutions for a ≡ 0, 4 (mod 8),
we may very well disregard those, because they necessarily have x ≡ 0 (mod 2),
which is incompatible with the first congruence.
It is therefore enough to consider the case where a ≡ 1 (mod 8), in which
the solution is x ≡ 1 (mod 2), which is a condition already enforced by the first
congruence. In conclusion, if a ≡ 3 (mod 7) and a ≡ 1 (mod 8), that is, if a ≡ 17
(mod 56), then the solution is x ≡ 1 (mod 6); if a ≡ 5 (mod 7), a ≡ 1 (mod 8),
that is, if a ≡ 33 (mod 56), then the solution is x ≡ 5 (mod 6).
For all other values of a we have no solutions.
3 Congruences 151

100 The first equation has a solution if and only if a ≡ 0 (mod 5). If a ≡ 1
(mod 5), then all integers are solutions; if a ≡ −1 (mod 5), that is, if the order of
a in (Z/5Z)∗ is 2, then the solution is x ≡ 0 (mod 2); if a ≡ 2, 3 (mod 5), that is,
if and only if the order of a in (Z/5Z)∗ is 4, the solution is x ≡ 0 (mod 4).
The second equation has a solution if and only if (a, 8) | 2, that is, if and only
if a ≡ 0 (mod 4). If a is odd, then we have a −1 ≡ a (mod 8), so the solution
is x ≡ 2a (mod 8); note that in this case we have 2a ≡ ±2 (mod 8). If a ≡ 2
(mod 4), that is, if a = 2b with b odd, the solution is x ≡ b (mod 4).
By comparing the solutions of the two equations, we conclude the following.
When a is odd: for a ≡ 2, 3 (mod 5) the two equations have no common
solutions, whereas for a ≡ ±1 (mod 5), that is, for a ≡ ±1 (mod 10), solutions of
the second equation also satisfy the first, so the solutions of the system are exactly
those of the second equation.
When a ≡ 2 (mod 4): the two equations have no solutions in common except
for when a ≡ 1 (mod 5); in this case, that is, when a ≡ 6 (mod 20), solutions of
the second equation also satisfy the first, so they are the solutions of the original
system.
101 One can immediately check that the order of 2 in the multiplicative group
(Z/13Z)∗ is 12 and that 5 ≡ 29 (mod 13). The first equation can thus be rewritten
as 29(x −1) ≡ 2a (mod 13), which is equivalent to 9(x 2 − 1) ≡ a (mod 12). This
2

implies that a must be a multiple of 3 in order for the equation to have any solutions.
So, let a = 3b; cancelling common factors yields 3(x 2 − 1) ≡ b (mod 4), that
is, x 2 ≡ 1 − b (mod 4). Squares of integers can only be 0 or 1 modulo 4 (0 if the
integer is even and 1 if the integer is odd). Consequently, the last equation above
has a solution if and only if b ≡ 0, 1 (mod 4), with the solution being x ≡ 1, 0
(mod 2), respectively.
The second equation in the system is equivalent to 64 = 26 | x 3 and therefore to
2 |x, that is, x ≡ 0 (mod 4); hence we have, in particular, x ≡ 0 (mod 2). In order
2

for the system to have a solution, it is enough to have b ≡ 1 (mod 4), that is, a ≡ 3
(mod 12); when this is the case, the solution is x ≡ 0 (mod 4).
102 By the Chinese remainder theorem, the first equation is equivalent to the
system

a x ≡ 1 (mod 2)
a x ≡ 4 (mod 7).

The first of these two equations has a solution if and only if a ≡ 1 (mod 2), in
which case all integers x are solutions.
As for the second equation in the system above, note that it has no solutions
in the following cases: when a ≡ 0 (mod 7), because a x ≡ 0 (mod 7) for all x;
when a ≡ 1 (mod 7), because a x ≡ 1 (mod 7) for all x; when a ≡ −1 (mod 7),
because a x ≡ ±1 (mod 7) for all x.
In all other cases, the equation does have a solution, which is listed below.
152 3 Solutions

When a ≡ 2 (mod 7), since we have 22 ≡ 4 (mod 7) and the order of 2 modulo
7 is 3, the solution is x ≡ 2 (mod 3).
When a ≡ 3 (mod 7), since we have 34 ≡ 4 (mod 7) and the order of 3 modulo
7 is 6, the solution is x ≡ 4 (mod 6); equivalently, x ≡ 0 (mod 2) and x ≡ 1
(mod 3).
When a ≡ 4 (mod 7), since we have 41 ≡ 4 (mod 7) and the order of 4 modulo
7 is 3, the solution is x ≡ 1 (mod 3).
When a ≡ 5 (mod 7), since we have 52 ≡ 4 (mod 7) and the order of 5 modulo
7 is 6, the solution is x ≡ 2 (mod 6); equivalently, x ≡ 0 (mod 2) and x ≡ 2
(mod 3).
Now consider the equation x a ≡ 1 (mod 9), which is satisfied for all pairs (x, a)
such that (x, 9) = 1 (or equivalently (x, 3) = 1) and a is a multiple of the order of
x modulo 9.
As shown before, the first equation in the original system has a solution if
and only if a is odd, so the only potential solutions are integers x with an odd
multiplicative order mudulo 9, that is, x ≡ 1, 4, 7 (mod 9). To be more specific,
since 1 has order 1 whereas 4 and 7 have order 3, x ≡ 1 (mod 9) is a solution for
all a, whereas x ≡ 4, 7 (mod 9) are solutions only if 3 | a.
In any case, solutions can only be congruent to 1 modulo 3, so we must have
a ≡ 3, 4 (mod 7) in order to ensure compatibility modulo 7.
This condition is indeed sufficient: for all a in these classes the congruence
modulo 9 has among its solutions x ≡ 1 (mod 9), which is compatible with
solutions of the congruence modulo 7.
To conclude, the system has a solution if and only if a ≡ 1 (mod 2) and a ≡ 3, 4
(mod 7), that is, if and only if a ≡ 3, 11 (mod 14).
103
(i) Consider the periodic sequence of all powers of 3 modulo 10:

31 = 3 ≡ 3, 32 = 9 ≡ 9, 33 = 27 ≡ 7, 34 = 81 ≡ 1.

The sequence is periodic with period 4 and the solution of the equation in the
problem statement is x ≡ 3 (mod 4).
(ii) Since powers of 3 are odd and 10 is even, x can be a solution only if 4 + x is
odd, that is, if x itself is odd. Moreover, as discussed above, the residue class
modulo 10 of a power of 3 only depends on the class modulo 4 of the exponent.
We have the following two cases:
1 If x ≡ 1 (mod 4) then 3x ≡ 3 (mod 10) and the equation reduces to
3 ≡ 4 + x (mod 10), that is, x ≡ 9 (mod 10). By combining this with the
congruence modulo 4, we obtain the solution x ≡ 9 (mod 20).
2 If x ≡ 3 (mod 4) then 3x ≡ 7 (mod 10) and the equation reduces to
7 ≡ 4 + x (mod 10), that is, x ≡ 3 (mod 10). By combining this with the
congruence modulo 4, we obtain the solution x ≡ 3 (mod 20).
3 Congruences 153

104 Clearly, the first equation cannot have a solution congruent to 0 modulo 7.
But, if x ≡ 0 (mod 7), then the exponents n for which x n ≡ 1 (mod 7) are exactly
the multiples of the order of x in (Z/7Z)∗ . This order must be a divisor of the order
of the group (Z/7Z)∗ , which is 6. Moreover, since the exponent 2x + 1 is odd, the
order of x must be odd, so it can only be 1 (in which case x ≡ 1 (mod 7)) or 3 (in
which case we either have x ≡ 2 or x ≡ 4 (mod 7)).
Any x ≡ 1 (mod 7) is a solution of the first equation, because 12x+1 ≡ 1
(mod 7). In order for x ≡ 2, 4 (mod 7) to be a solution, the exponent must be a
multiple of 3, so we must have 2x + 1 ≡ 0 (mod 3), that is, x ≡ 1 (mod 3).
The second equation does have a solution, because (4, 15) | 7; its solution is x ≡
13 (mod 15), which is equivalent to the system consisting of the two congruences
x ≡ 1 (mod 3), x ≡ 3 (mod 5).
Note that the congruence modulo 3 coming from the second equation is always
compatible with the solution of the first equation, so the original system does have
solutions, which are given by the following system:
⎧
⎨ x ≡ 1, 2, 4 (mod 7)
x≡1 (mod 3)
⎩
x≡3 (mod 5).

Simple calculations yield x ≡ 43, 58, 88 (mod 105).

105
(i) The system of equations
⎧
⎪
⎪ x ≡ 1 (mod 1)
⎪
⎨ x ≡ 1 (mod 2)
⎪ ..
⎪
⎪ .
⎩
x ≡ 1 (mod 10)

does have solutions, because x = 1 satisfies all the required congruences. Now,
if such a system of congruences has a solution, then it is given by a congruence
class modulo the least common multiple of all the moduli of its equations.
Let M be the least common multiple of all integers between 1 and 10, that is,
M = 23 · 32 · 5 · 7; the solution of the system is x ≡ 1 (mod M). The number
of integers between 0 and k that do satisfy this congruence is "k/M#.
(ii) If x ≡ −1 (mod n) for all positive integers n then n | x + 1 for all positive
integers n. However, the only number that is divisible by all positive integers
is 0, so the only solution is given by x + 1 = 0, that is, x = −1.
(iii) If x ≡ n (mod 2n) then x = n + 2hn = n(2h + 1) for some integer h; in
particular, the requirement of the question implies that x is divisible by every
integer n. As before, this implies x = 0; but this time 0 is not a solution, for
example because we may take n = 1 and check that 0 ≡ 1 (mod 2). So there
are no solutions in this case.
154 3 Solutions

106 The pair (x, n) is a solution of the congruence if and only if there exists an
integer t such that x n = 39+10xt. In the latter equation x divides both x n and 10xt,
so a necessary condition for it to be a solution is that x divides 39. Let us consider
all possible divisors of 39.
If x = 1, then we get 1n ≡ 39 (mod 10) which clearly has no solutions.
If x = 3, then we get the equation 3n ≡ 39 (mod 30) which is equivalent to the
system

3n ≡ 0 (mod 3)
3n ≡ 9 (mod 10).

The first equation is satisfied for all n ≥ 1 whereas the second one is satisfied for
n ≡ 2 (mod 4), because 3 has order 4 in (Z/10Z)∗ .
If x = 13, then by a similar argument we obtain the system

13n ≡ 0 (mod 13)
3n ≡ 9 (mod 10)

whose solution is again n ≡ 2 (mod 4).

If x = 39, then the system we get is

39n ≡ 0 (mod 39)
9n ≡ 9 (mod 10)

whose solution is n ≡ 1 (mod 2).

107 By the Chinese remainder theorem, the congruence is equivalent to the system

x 5n ≡ 1 (mod 5)
x 5n ≡ 1 (mod 11).

Consider the first equation. By Fermat’s little theorem, it is equivalent to x n ≡ 1

(mod 5). The solutions of this equation are those elements of (Z/5Z)∗ whose order
is a divisor of n. The possible orders of elements x of (Z/5Z)∗ are

1, if x = 1; 2, if x = −1; 4, if x = ±2.

Therefore, for n ≡ 0 (mod 4) there are four solutions, because n is a multiple of

the order of each element. For n ≡ 2 (mod 4) there are two solutions, because n is
a multiple of the order of the two elements ±1. Finally, for n odd there is a unique
solution, because n is only a multiple of the order of 1.
Now consider the second equation. Similarly to what we just established, the
solutions of this equation are those elements of (Z/11Z)∗ whose order is a divisor
of 5n. Since the group (Z/11Z)∗ is cyclic, its elements have order 1, 2, 5 or 10 and
the number of elements of order d is φ(d). So there is a single element of order 1, a
3 Congruences 155

single element of order 2, and there are four elements of order 5 and four elements
of order 10.
[[It is easy to check that 1 is the only element of order 1, −1 is the only element of order 2, and
that 3, 4, 5, 9 are the elements of order 5 and 2, 6, 7, 8 are the elements of order 10.]]
As before, an element satisfies the equation if and only if its order is a divisor
of 5n. If n is even then 5n is a multiple of 10, so all ten elements of (Z/11Z)∗
are solutions; if n is odd, then the solutions are given by elements whose order is a
divisor of 5: they are 1 and the elements of order 5, so we get five solutions in total.
We can summarise our findings as follows.
If n ≡ 0 (mod 4) then we have four solutions modulo 5 and ten solutions modulo
11, so 40 solutions in total.
If n ≡ 2 (mod 4) then we have two solutions modulo 5 and ten solutions modulo
11, so 20 solutions in total
Finally, if n is odd then there is a unique solution modulo 5 and there are five
solutions modulo 11, so five solutions in total.
108
(i) Let f (x) be the quadratic polynomial x 2 −x+43; the congruence in the problem
statement is equivalent to the system consisting of f (x) ≡ 0 (mod 5) and
f (x) ≡ 0 (mod 11), by the Chinese remainder theorem. Since 5 and 11 are
odd primes, we can solve both congruences by means of the usual quadratic
formula.
For the congruence modulo 5, we find that the discriminant of f (x) is 32
(modulo 5), so f (x) has the two roots 2 and −1 modulo 5. As for the
congruence modulo 11, the discriminant is congruent to 42 and the two roots
are −3 and 4.
Now, remark that x1 = 11 and x2 = −10 are solutions of the systems
x1 ≡ 1 (mod 5), x1 ≡ 0 (mod 11) and x2 ≡ 0 (mod 5), x2 ≡ 1 (mod 11),
respectively. This implies that the original equation has four solutions, which
are given by

−3 ≡ 2x1 − 3x2 (mod 55)

19 ≡ −x1 − 3x2 (mod 55)
−18 ≡ 2x1 + 4x2 (mod 55)
4≡ −x1 + 4x2 (mod 55).

(ii) In order to solve the system we must check that the residue classes modulo 5
of the solutions of the first equation are compatible with the second equation.
The solutions of the first equation belong to the classes of 2 and −1 modulo
5. In order for a solution in the class of 2 to satisfy the second equation, we
must have 211 ≡ 2a (mod 5). Since 2 has order 4 in (Z/5Z)∗ and we have
4

114 ≡ (−1)4 ≡ 1 (mod 4), the second equation becomes 2 ≡ 2a (mod 5),
which has a solution if and only if a ≡ 1 (mod 4). So the classes of −3 and −18
modulo 55 are solutions of the original system if and only if a ≡ 1 (mod 4).
156 3 Solutions

4
In the case of a solution congruent to −1 modulo 5, we must have (−1)11 =
−1 ≡ (−1)a (mod 5), which has a solution if and only if a ≡ 1 (mod 2). So
the classes of 19 and 4 modulo 55 are solutions of the original system if and
only if a ≡ 1 (mod 2).
We may thus conclude that if a ≡ 0 (mod 2) then the system has no solutions.
If a ≡ 1 (mod 2) then the system does have solutions. In particular, if we
split the class a ≡ 1 (mod 2) into the classes a ≡ −1 (mod 4) and a ≡ +1
(mod 4), then we have the following: if a ≡ −1 (mod 4) then the solutions are
the classes of 19 and 4 modulo 55; if a ≡ 1 (mod 4) then all solutions of the
first equation satisfy the second, so the solutions of the system are the classes
of −3, −18, 19, 4 modulo 55.
109
(i) The equation if equivalent to the system consisting of the two congruences x 2 +
2x + 5 ≡ 0 (mod 5) and x 2 + 2x + 5 ≡ 0 (mod 13). Since both moduli are
prime, each has at most two roots. The first clearly has the solutions 0 and
−2 modulo 5. As for the second, we can solve it by means of the quadratic
formula: the discriminant is −4 ≡ 32 (mod 13), so the solutions are the classes
of 2 and −4 modulo 13. The solutions of the equation in the problem statement
are therefore those of the four systems
 
x ≡ 0 (mod 5) x ≡ −2 (mod 5)
x ≡ 2 (mod 13), x≡2 (mod 13),
 
x≡0 (mod 5) x ≡ −2 (mod 5)
x ≡ −4 (mod 13), x ≡ −4 (mod 13).

It is easy to check that the solutions of the two systems

 
x ≡ 1 (mod 5) x ≡ 0 (mod 5)
x ≡ 0 (mod 13), x ≡ 1 (mod 13).

are x1 ≡ 26 (mod 65) and x2 ≡ −25 (mod 65), respectively; it follows that
the solutions of the four system above, and therefore the solutions of the original
equation, are: 0 · x1 + 2 · x2 ≡ 15, −2 · x1 + 2 · x2 ≡ −37, 0 · x1 − 4 · x2 ≡ −30
and −2 · x1 − 4 · x2 ≡ −17 (mod 65).
(ii) Letting y = 3x , we are asking for y to be a solution of the previous equation.
In particular, since 3x ≡ 0 modulo 5 and since the powers of 3 modulo 13 are
1, 3 and −4, we must have 3x = y ≡ −2 ≡ 3 (mod 5) and 3x = y ≡ −4
(mod 13). The first of these two equations is equivalent to x ≡ 1 (mod 4)
and the second to x ≡ 2 (mod 3). In conclusion, the solution of the original
equation is given by the class of 5 modulo 12.
110 The first congruence in the system is equivalent to the two congruences x 2 +
2x + 2 ≡ 0 (mod 2) and x 2 + 2x + 2 ≡ 0 (mod 5) by the Chinese remainder
theorem. The first of these two is clearly equivalent to x ≡ 0 (mod 2), while the
3 Congruences 157

second√has discriminant Δ = 1 − 2 = −1 ≡ 22 (mod 5) and so its solutions are

−1 ± Δ = −1 ± 2, that is, 1 and 2.
As for the second equation, 7 and 22 are relatively prime, so 7 is invertible
modulo 22; moreover, its inverse is the class of −3. The equation can therefore be
rewritten as x ≡ −60 ≡ 6 (mod 22), and in particular it implies x ≡ 0 (mod 2):
since this is equivalent to the first of the two equations discussed in the previous
paragraph, we may disregard that equation and only consider the one modulo 5. We
thus need to solve the two systems

x ≡ 1, 2 (mod 5)
x≡6 (mod 22).

Their solutions are 6 and −38 modulo 110, respectively.

111 We can split the first congruence in the system into a congruence modulo 4
and one modulo 3, thus obtaining
⎧
⎨ ax ≡ 2 (mod 4)
ax ≡ 2 (mod 3)
⎩
9x ≡ a + 2a − 3 (mod 81).
2

Let us first consider the subsystem formed by the last two equations, both of
which have a modulus that is a power of 3. The congruence ax ≡ 2 (mod 3) has a
solution if and only if a ≡ 1, 2 (mod 3), in which case its solution is x ≡ 2a −1 ≡
2a (mod 3).
The congruence 9x ≡ a 2 + 2a − 3 (mod 81) has a solution if and only if a 2 +
2a − 3 ≡ 0 (mod 9). Now, a 2 + 2a − 3 = (a − 1)(a + 3) ≡ 0 (mod 9) if and
only if a ≡ 1 (mod 9) or a ≡ 3 (mod 9), or a ≡ 1 (mod 3) and a ≡ 0 (mod 3),
though clearly the last condition can never be satisfied.
By imposing all conditions necessary to guarantee the existence of solution for
both equations, we find that, in order for the system to have a solution, we need
a ≡ 1 (mod 9).
So, let a = 1 + 9k, with k ∈ Z. We have a 2 + 2a − 3 = 9k(4 + 9k) and the
subsystem becomes

x ≡ 2 (mod 3)
x ≡ 4k (mod 9).

This system has a solution if and only if the two congruences are compatible, that
is, if 4k ≡ 2 (mod 3). So we have a solution if and only if k ≡ 2 (mod 3), that is,
a ≡ 19 (mod 27), and that solution is unique modulo 9.
The congruence ax ≡ 2 (mod 4) has no solutions when a ≡ 0 (mod 4), has one
solution modulo 4 when a ≡ 1, 3 (mod 4), and has one solution modulo 2 when
a ≡ 2 (mod 4).
158 3 Solutions

Since (4, 9) = 1, the Chinese remainder theorem allows us to reach the following
conclusions.
For a ≡ 1, 3 (mod 4) and a ≡ 19 (mod 27), that is, for a ≡ 73, 19 (mod 108),
the system has a unique solution modulo 36, so 180/36 = 5 solutions modulo 180.
For a ≡ 2 (mod 4) and a ≡ 19 (mod 27), that is, for a ≡ 46 (mod 108), the
system has a unique solution modulo 18, so 180/18 = 10 solutions modulo 180.
Finally, for all other values of a the system has no solutions.
112 By the Chinese remainder theorem, the first equation in the system can be
replaced by

x 131 ≡ x (mod 11)
x 131 ≡ x (mod 5).

We can rewrite the first of the equations above as x(x 130 − 1) ≡ 0 (mod 11), hence,
since 11 is prime, we have x ≡ 0 (mod 11) or x 130 ≡ 1 (mod 11). By Fermat’s
little theorem, we have a 10 ≡ 1 (mod 11) for all a ∈ Z such that (a, 11) = 1. So
the solutions of x 130 ≡ 1 (mod 11) are given by all of the classes in (Z/11Z)∗ . It
follows that the congruence x 131 ≡ x (mod 11) is satisfied for all integers x.
Similarly, x 131 ≡ x (mod 5) if and only if x(x 130 − 1) ≡ 0 (mod 5), that is,
if and only if x ≡ 0 (mod 5) or x 130 ≡ 1 (mod 5). The solutions of x 130 ≡ 1
(mod 5) are the classes in (Z/5Z)∗ for which x 4 ≡ 1 (mod 5). We therefore have
x 130 ≡ (x 4 )32 x 2 ≡ x 2 ≡ 1 (mod 5), and the solutions are given by x ≡ ±1
(mod 5). We conclude that the solutions of the equation x 131 ≡ x (mod 5) are x ≡
0, ±1 (mod 5), and the original system is equivalent to the union of the systems

x ≡ 0 (mod 5)
x(x 5 + 1) ≡ 0 (mod 125),

x ≡ 1 (mod 5)
x(x 5 + 1) ≡ 0 (mod 125),

x ≡ −1 (mod 5)
x(x 5 + 1) ≡ 0 (mod 125).

If x ≡ 0 (mod 5) then x 5 + 1 ∈ (Z/125Z)∗ , so the solution of the first system is

x ≡ 0 (mod 125).
If x ≡ 1 (mod 5) then both x and x 5 + 1 are coprime to 5 and hence invertible
in Z/125Z. So their product cannot be congruent to 0 modulo 125, and the second
system has no solutions.
Suppose x ≡ −1 (mod 5), that is, x = −1 + 5y with y ∈ Z. Such an x is
invertible modulo 125, so the second equation in the third system is equivalent to
(−1 + 5y)5 + 1 ≡ 0 (mod 125). By carrying out the necessary computations we
obtain

(−1 + 5y)5 + 1 ≡ 52 y ≡ 0 (mod 125),

3 Congruences 159

whose solution is y ≡ 0 (mod 5). So all solutions of the third system are given
by integers of the form x = −1 + 25t with t ∈ Z, that is, by the class x ≡ −1
(mod 25)
In conclusion, the solutions of the original system are x ≡ 0 (mod 125) and
x ≡ −1 (mod 25).
113 By means of the Chinese remainder theorem and by inverting 13 modulo 7
and modulo 19, we may rewrite the system as
⎧
⎪
⎪ ax ≡1 (mod 11)
⎨
ax ≡5 (mod 7)
⎪
⎪ x ≡3 (mod 7)
⎩
x ≡ −1 (mod 19).

The first equation has a solution if and only if (a, 11) = 1, that is, a ≡ 0 (mod 11),
in which case its solution is x ≡ a −1 (mod 11). In order for the original system to
have a solution, its two equations must also be compatible modulo 7, from which
one obtains the condition 3a ≡ 5 (mod 7), that is, a ≡ 4 (mod 7). The original
system has a solution if and only if

a≡ 0 (mod 11)
a ≡ 4 (mod 7)

or equivalently if and only if a ≡ 4, 18, 25, 32, 39, 46, 53, 60, 67, 74 (mod 77).
When a belongs to one of those classes, letting b be any representative of the class
of a −1 modulo 11, the system becomes
⎧
⎨x ≡ b (mod 11)
x≡3 (mod 7)
⎩
x ≡ −1 (mod 19)

from which we get


x≡b (mod 11)
x ≡ −39 (mod 133).

The equation that corresponds to this system is 133t − 11s = b + 39.

We can use Euclid’s algorithm to obtain that 133(1) − 11(12) = 1; we can then
multiply by b + 39 to find that t = b + 39, s = 12b + 468 is a particular solution
of the equation. The solution of the system is therefore x ≡ −39 + 133(b + 39)
(mod 133 · 11), that is, x ≡ 759 + 133b (mod 1463) with b ≡ a −1 (mod 77) and
a belonging to one of the classes listed above.
160 3 Solutions

114 First of all, let us determine for which values of a each equation has a solution.
When solving the first equation, we may immediately exclude that x ≡ 0
(mod 7). If x ≡ 0 (mod 7), then by Fermat’s little theorem we have x 6 ≡ 1
(mod 7). Since 80 = 13 · 6 + 2, the equation is equivalent to x 2 ≡ 2 (mod 7).
One can check that the solutions of this equation are x ≡ ±3 (mod 7).
Thanks to the equality 80 = 11 · 7 + 3, the second equation can be rewritten
as 3x ≡ 2 (mod 7). By examining powers of 3 modulo 7, one finds that 32 ≡ 2
(mod 7) and that residue classes of powers repeat with a period of 6. So the solution
of the second equation is x ≡ 2 (mod 6).
The third equation has a solution for all a, because (7, 10) = 1 | a. The inverse
of 7 modulo 10 is 3, so its solution is x ≡ 3a (mod 10).
Now let us consider whether or not the whole system has a solution. The greatest
common divisor of the moduli of the last two equations is 2, so we must check that
the solutions are compatible modulo 2. The solution of the second equation implies
x ≡ 0 (mod 2), whereas the solution of the third equation implies x ≡ a (mod 2).
So the system has a solution if and only if a ≡ 0 (mod 2).
Now let a = 2b and let us solve the system. The third equation can be rewritten as
x ≡ 6b (mod 10), or simply as x ≡ b (mod 5), given that the correct congruence
modulo 2 is already being enforced by the previous equation. We now have three
equations whose moduli are pairwise relatively prime, so by the Chinese remainder
theorem we will find solutions modulo the product of the three moduli.
Easy computations yield the solutions 10 − 42a and 80 − 42a modulo 210.
115 Since 700 = 22 · 52 · 7, the Chinese remainder theorem implies that the first
equation can be replaced by the following system:
⎧ 41
⎨ x ≡ x (mod 4)
x 41 ≡ x (mod 25)
⎩ 41
x ≡ x (mod 7).

Now, remark that x 41 − x = x · (x 40 − 1) and that (x, x 40 − 1) = 1. Therefore, for

each modulus m, the corresponding equation leads to two cases: x ≡ 0 (mod m) or
x 40 − 1 ≡ 0 (mod m).
For m = 4 we have the solutions x ≡ 0 (mod 4) and (x, 2) = 1. Indeed, if
(x, 2) = 1 then x φ(4) = x 2 ≡ 1 (mod 4), hence x 40 = (x 2 )20 ≡ 1 (mod 4).
Similarly, for m = 25 we have the solutions x ≡ 0 (mod 25) and (x, 5) = 1.
Indeed, if (x, 5) = 1 then x φ(25) = x 20 ≡ 1 (mod 25) and thus x 40 ≡ 1 (mod 25).
Finally, consider the case m = 7. As before, x ≡ 0 (mod 7) is a solution.
If (x, 7) = 1 then we have x 6 ≡ 1 (mod 7) by Fermat’s little theorem, hence
x 36 ≡ 1 (mod 7) and so the equation becomes x 4 ≡ 1 (mod 7). The solutions of
this equation are the elements of (Z/7Z)∗ whose order divides 4; but, because all
elements of this group have an order that divides 6, the elements in question are
those whose order divides (4, 6) = 2, that is, the solutions of x 2 ≡ 1 (mod 7),
which are x ≡ ±1 (mod 7).
3 Congruences 161

Let us now solve the second equation of the original system. Consider it modulo
4: it reduces to x ≡ 1 (mod 4). When considered modulo 25, it reduces to −5x ≡ 0
(mod 25), whose solution is x ≡ 0 (mod 5). Finally, it reduces modulo 7 to 3x ≡
−3 (mod 7), whose solution is x ≡ −1 (mod 7).
By combining all conditions obtained from the first and second equation, we can
turn the original system into the following:
⎧
⎨x ≡ 1 (mod 4)
x≡0 (mod 25)
⎩
x ≡ −1 (mod 7).

A few computations lead to the solution x ≡ 125 (mod 700).

116 The equation can be solved only if (x, 27) = 1, since x must be invertible in
Z/27Z; in that case, the exponent must be x + 1 ≡ 0 (mod k), where k is the order
of x in (Z/27Z)∗ .
Since φ(27) = 18, the order of each element of (Z/27Z)∗ is a divisor of 18.
If x + 1 ≡ 0 (mod 18), that is, if x ≡ −1 (mod 18), then x is not divisible by 3,
and so by Euler’s theorem x x+1 ≡ 1 (mod 27). So x ≡ −1 (mod 18) is a solution.
Let us now consider all other possible values for the order of an element
(Z/27Z)∗ in order to check whether there are any additional solutions.
If k = 9 then thanks to our initial remarks we must have x + 1 ≡ 0 (mod 9).
In particular, this equation implies that x ≡ −1 (mod 3). In this case, the order
of x modulo 3, hence its order modulo 27, is even. However, this contradicts our
assumption that the order is 9, so in this case we have no solutions.
If k = 6 then we must have x + 1 ≡ 0 (mod 6), that is, x = 6a − 1 for some
a ∈ Z. If a ≥ 0, then by the binomial theorem we have (6a − 1)6a ≡ −36a 2 + 1
(mod 27). So (6a − 1)6a ≡ 1 (mod 27) if and only if a ≡ 0 (mod 3), that is, if
x ≡ −1 (mod 18). Again, we have no solutions. The case a < 0 can be dealt with
by a similar argument, this time developing (6a − 1)−6a .
If we have k = 3 then, similarly to the case k = 9, we must have x ≡ −1
(mod 3), so the order of x must be even, that is, x +1 ≡ 0 (mod 6); by the argument
above, there are no solutions.
If k = 2 then, since the only element of order 2 in (Z/27Z)∗ is x ≡ −1
(mod 27), any solution must satisfy x +1 ≡ 0 (mod 2) and thus x ≡ −1 (mod 54).
Again, this yields no additional solutions.
Finally, the only element of order 1, i.e. such that k = 1, is x ≡ 1 (mod 27),
which is clearly a solution.
In conclusion, the solutions are x ≡ −1 (mod 18) and x ≡ 1 (mod 27).
117 The first congruence in the system has a solution if and only if (a, 27) | 12, that
is, if (a, 27) = 1, 3. The second congruence can be split into the two congruences
a 3 x 2 ≡ 9 (mod 3) and a 3 x 2 ≡ 9 (mod 13). The first of those always has at least
the solution x ≡ 0 (mod 3). As for the second, in order for it to have a solution it
is necessary that a ≡ 0 (mod 13).
162 3 Solutions

Now, let g be a generator of the group (Z/13Z)∗ ; let a = g i , x = g j , 3 = g k . We

must have 3i + 2j ≡ 2k (mod 12), hence i = 2i must be even, that is, a must be
a square modulo 13. Moreover, if i = 2i then the congruence becomes 3i + j ≡ k
(mod 6), whose solution is clearly j ≡ k − 3i (mod 6).
Let us now solve the system. By the Chinese remainder theorem, if each of
the two congruences has a solution then the only obstruction to the existence of
a solution of the system is the fact that the solutions may be incompatible modulo
(27, 39) = 3. If (a, 27) = 1 then the solution of the first equation is x ≡ 12a −1
(mod 27), so in particular x ≡ 0 (mod 3), which agrees with the second equation.
If (a, 27) = 3 then let a = 3b with (b, 3) = 1; the second congruence becomes
27b 3x 2 ≡ 9 (mod 39), which, when considered modulo 3, is satisfied by all
integers.
In conclusion, the whole system has a solution if and only if each of the equations
does, that is, if (a, 27) = 1, 3 (i.e. a ≡ 0 (mod 9)) and a ≡ ±1, ±3, ±4 (mod 13)
(i.e. a is a nonzero square modulo 13).
118 First of all, let us solve each equation separately.
The first congruence has a solution if and only if 2a is a square modulo 5. Since
the squares modulo 5 are 0, ±1, the congruence has a solution if and only if a ≡ 0
(mod 5) (one solution, namely, x ≡ 0 (mod 5)) or a ≡ ±2 (mod 5) (two solutions
in each case, namely, the two square roots of 2a).
The second congruence has a solution if and only if it does both modulo 5
and modulo 7 and the solutions obtained for the two moduli are compatible. The
two congruences modulo 5 and 7 have a solution if the class of 3 belongs to the
multiplicative subgroup generated by the class of a.
Since 3 is a generator in (Z/5Z)∗ , the congruence a x ≡ 3 (mod 5) has a solution
if and only if a itself is a generator, that is, if and only if a ≡ ±2 (mod 5). Both
cases yield a unique solution modulo 4 = φ(5); moreover, the class that solves
the congruence must be odd, otherwise a x would be a square and therefore not a
generator.
[[For a ≡ 2 (mod 5) we can find the solution x ≡ 3 (mod 4), whereas the solution for a ≡ −2
(mod 5) is x ≡ 1 (mod 4).]]
Similarly, since 3 is a generator of (Z/7Z)∗ , the congruence a x ≡ 3 (mod 7)
has a solution if and only if a is a generator, that is, if and only if a ≡ 3, 5
(mod 7). Again, we have a unique solution modulo 6 = φ(7); moreover, by the
same argument as before, the solution must be an odd class modulo 6.
[[For a ≡ 3 (mod 7) we can find the solution x ≡ 1 (mod 6), whereas for a ≡ 5 (mod 7) the
solution is x ≡ 5 (mod 6).]]
It follows that the second equation has a solution if and only if a ≡ ±2 (mod 5)
and a ≡ 3, 5 (mod 7), that is, a ≡ 3, 12, 17, 33 (mod 35): we have shown that
this is a necessary condition, but it is also sufficient; indeed, we have remarked that
solutions are odd, hence compatible modulo 2 = (4, 6). The solution is unique
modulo 12, which is the least common multiple of 4 and 6.
To summarise, since the moduli of the two equations are relatively prime, the
system has a solution if and only if both equations do, that is, if a ≡ 3, 12, 17, 33
3 Congruences 163

(mod 35). So the system can be solved for all a in the classes listed above and we
have two solutions modulo 5 for the first equation and one solution modulo 12 for
the second equation, so two solutions of the system modulo 60, which is the least
common multiple of 5 and 12.
119 Because 13 is an odd prime, the first equation can be solved by means of
the usual quadratic formula (or even by trial and error): its solutions are x ≡ 3, 9
(mod 13).
The second equation has a solution if and only if (a, 78) | 27. Since 78 = 2 · 3 · 13
and 27 = 33 , the condition is equivalent to (a, 2) = (a, 13) = 1. Let us split the
equation into separate equations modulo 2, 13 and 3. For values of a that satisfy
the conditions modulo 2 and modulo 13 we get the solutions x ≡ 1 (mod 2) and
x ≡ a −1 (mod 13). As for the congruence modulo 3, it imposes no conditions on
a; however, if (a, 3) = 1 then the only solution is x ≡ 0 (mod 3), whereas if 3 | a
then all integers x are solutions.
In order for the system to have a solution, we must have solutions of the first
equation that also satisfy the second. In order for the solution x ≡ 3 (mod 13)
to satisfy the second equation we must have 3a ≡ 27 (mod 13), that is, a ≡ 9
(mod 13). In order for the solution x ≡ 9 (mod 13) to satisfy the second equation,
we must have 9a ≡ 27 (mod 13), that is, a ≡ 3 (mod 13).
In conclusion, the system has a solution if and only if a ≡ 1 (mod 2) and
a ≡ 9, 3 (mod 13), that is, if and only if a ≡ 9, 3 (mod 26). If (a, 3) = 1
(that is, if a ≡ 35, 61 (mod 78) or a ≡ 29, 55 (mod 78)), then the solutions
satisfy x ≡ 1 (mod 2), x ≡ 3, 9 (mod 13), x ≡ 0 (mod 3), so they are x ≡ 3, 9
(mod 78), respectively. Finally, if 3 | a (that is, if a ≡ 9, 3 (mod 78)) then there are
no constraints on the class of x modulo 3 and the solutions are x ≡ 3, 9 (mod 26),
respectively.
120 By the Chinese remainder theorem, we can split the first congruence into
⎧ 2
⎨x + x + 3 ≡ 0 (mod 5)
x2 − x ≡ 0 (mod 3)
⎩
30x ≡ −6 (mod 81).

Let us solve each congruence separately.

Since 5 is prime, the quadratic formula yields the solutions 1 and 3 modulo 5 for
the equation x 2 + x + 3 ≡ 0 (mod 5).
Since 3 is prime, the solutions of x 2 − x = x(x − 1) ≡ 0 (mod 3) are 0 and 1,
by the principle of zero products (or by direct verification).
Dividing by 6, we obtain that 30x ≡ −6 (mod 81) is equivalent to 5x ≡ −1
(mod 27) and, multiplying by 11 which is the inverse of 5, we get x ≡ 16 (mod 27).
The original system is therefore equivalent to the union of the systems
⎧
⎨ x ≡ 1, 3 (mod 5)
x ≡ 0, 1 (mod 3)
⎩
x ≡ 16 (mod 27).
164 3 Solutions

If x ≡ 0 (mod 3) then the subsystem consisting of the last two equations, and thus
the system itself, has no solutions. The subsystem

x ≡ 1 (mod 3)
x ≡ 16 (mod 27),

on the contrary, has the solution x ≡ 16 (mod 27).

The solutions of the original system are therefore those classes modulo 5 · 27 =
135 that satisfy either of the two systems

x ≡ 1, 3 (mod 5)
x ≡ 16 (mod 27).

It is easy to check that the solutions are x ≡ 16 (mod 135) and x ≡ 43 (mod 135).
121 By the Chinese remainder theorem, the congruence in the problem statement
is equivalent to the system
⎧
⎨ x(x 100 − 1) ≡ 0 (mod 7)
x(x 100 − 1) ≡ 0 (mod 11)
⎩
x(x 100 − 1) ≡ 0 (mod 13).

Let p be a prime, and let us find the number of solutions of the equation x(x 100 −
1) ≡ 0 (mod p). Since p is prime, the product is 0 if and only if one of the two
factors is 0, so we have x ≡ 0 (mod p) or x 100 ≡ 1 (mod p). The solutions of
the equation x 100 ≡ 1 (mod p) are given by the elements of (Z/pZ)∗ whose order
divides 100. Since the order of each element is a divisor of the order of the group,
the solutions are given by those elements whose order divides (100, p − 1). We
know that (Z/pZ)∗ is cyclic and has order a multiple of (100, p − 1), so it contains
exactly (100, p − 1) solutions of the equation x 100 ≡ 1 (mod p). Therefore, the
initial equation has (100, p − 1) + 1 solutions.
It follows that the three equations in the system have (100, 6) + 1 = 3 solutions
modulo 7, (100, 10) + 1 = 11 solutions modulo 11 and (100, 12) + 1 = 5 solutions
modulo 13, respectively.
We obtain the solutions of the systems by combining any solution modulo 7
with any solution modulo 11 and any solution modulo 13; they are the solutions of
3 · 11 · 5 = 165 systems of the form
⎧
⎨ x ≡ a (mod 7)
x ≡ b (mod 11)
⎩
x ≡ c (mod 13).
3 Congruences 165

By the Chinese remainder theorem, each of these systems has a unique solution
modulo 7 · 11 · 13 = 1001; no two systems can have the same solution, so the
original equation has 165 solutions.
122 If we consider the congruence modulo 2, we find that all solutions x must be
even, so we may set x = 2y. The equation becomes 25 y 5 − 25 y = 25 y(y 4 − 1) ≡ 0
(mod 210 ), hence y(y 4 − 1) ≡ 0 (mod 25 ). Remark that exactly one among y and
y 4 − 1 is even, so we either have y ≡ 0 (mod 25 ) or y 4 − 1 ≡ 0 (mod 25 ).
The solutions of the congruence y ≡ 0 (mod 25 ) are given by x ≡ 0 (mod 26 ),
so by 24 residue classes modulo 210 .
Consider now the congruence y 4 − 1 ≡ 0 (mod 25 ). We can factor the
polynomial and obtain y 4 − 1 = (y − 1)(y + 1)(y 2 + 1) ≡ 0 (mod 25 ).
If y is a solution then it is odd and the three factors y − 1, y + 1 and y 2 + 1 are all
even. On the other hand, an immediate check yields that y 2 + 1 ≡ 2 (mod 4), that
is, y 2 + 1 is divisible by 2 but not by 4; the congruence is therefore equivalent to
(y − 1)(y + 1) ≡ 0 (mod 24 ). Now, since y − 1 and y + 1 are two consecutive even
numbers, one is exactly divisible by 2, so the solutions are y ≡ 1 (mod 23 ) and
y ≡ −1 (mod 23 ). In other words, in this case we have the solutions x = 2y ≡ ±2
(mod 24 ), that is, 2 · 26 = 27 solutions modulo 210.
The congruence in the problem statement thus has 24 + 27 = 144 solutions
modulo 210 .
123 Let us start by solving the first congruence. One can check that, in (Z/17Z)∗ ,
we have ord(2) = 8, ord(3) = 16 and 2 = 314 . The first congruence in the system
2
is thus the same as 314x ≡ 3x+a (mod 17), which is equivalent to 14x ≡ x + a 2
(mod 16). The solution is x ≡ 5a 2 (mod 16).
The congruence 3x ≡ a 23 (mod 24) has a solution if and only if 3 =
(3, 24) | a 23, that is, if and only if a ≡ 0 (mod 3). When that is the case, by the
Chinese remainder theorem the original system is equivalent to
⎧
⎨ x ≡ 5a 2 (mod 16)
3x ≡ a 23 (mod 3)
⎩
3x ≡ a 23 (mod 8).

Since the second equation is always satisfied and the third has the solution x ≡ 3a 23
(mod 8), the system itself has a solution if and only if 8 = (16, 8) | 5a 2 − 3a 23, that
is, if and only if 5a 2 − 3a 23 ≡ 0 (mod 8).
Now, the congruence a 2 (5 − 3a 21) ≡ 0 (mod 8) is satisfied if and only if a 2 ≡ 0
(mod 8) or 5 − 3a 21 ≡ 0 (mod 8), because the two factors always have different
parity. Let us solve these two equations separately. For the first one, we have a 2 ≡ 0
(mod 8) if and only if a ≡ 0 (mod 4); for the second one, 5 − 3a 21 ≡ 0 (mod 8)
if and only if a 21 ≡ −1 (mod 8), which, since we have a 2 ≡ 1 (mod 8) because
of a being odd, is equivalent to a ≡ −1 (mod 8).
166 3 Solutions

By combining the conditions found above, we obtain that the system has a
solution if and only if
 
a ≡ 0 (mod 3) a≡0 (mod 3)
or
a ≡ 0 (mod 4) a ≡ −1 (mod 8).

In other words, the system has a solution if and only if a ≡ 0, 12, 15 (mod 24) and
it has no solution if a belongs to any of the remaining residue classes modulo 24.
124 The first equation has a solution if and only if 3 = (3, 9) | a + 1, that is, if
and only if a ≡ 2 (mod 3). So if a ≡ 2 (mod 3) then the system has no solutions.
Assume that a ≡ 2 (mod 3) and let a = 2 + 3b with b ∈ Z. The first equation
becomes x ≡ b + 1 (mod 3).
By the Chinese remainder theorem, the second equation is equivalent to the
system

(x − 1)(x − a) ≡ 0 (mod 3)
(x − 1)(x − a) ≡ 0 (mod 5).

Since 3 and 5 are primes, by the principle of zero products the solutions of the first
equation are x ≡ 1 (mod 3) and x ≡ a ≡ 2 (mod 3), and those of the second
equation are x ≡ 1 (mod 5) and x ≡ a ≡ 2 + 3b (mod 5). We have found that the
system is equivalent to
⎧
⎨x ≡ b + 1 (mod 3)
x ≡ 1, 2 (mod 3)
⎩
x ≡ 1, 3b + 2 (mod 5)

and so it has a solution if and only if the two equations modulo 3 are compatible. In
particular, if b ≡ 2 (mod 3) (that is, if a ≡ 8 (mod 9)) then there are no solutions;
if b ≡ 0 (mod 3) (that is, if a ≡ 2 (mod 9)) then the system is equivalent to

x≡1 (mod 3)
x ≡ 1, 3b + 2 (mod 5);

finally, if b ≡ 1 (mod 3) (that is, if a ≡ 5 (mod 9)) then the system is equivalent
to

x≡2 (mod 3)
x ≡ 1, 3b + 2 (mod 5).

Let us find the number of solutions of the first of these last two systems: if the two
solutions of the equation modulo 5 coincide, that is, if 2 + 3b ≡ 1 (mod 5), or
equivalently if b ≡ 3 (mod 5), then the system has a unique solution modulo 15,
so six solutions modulo 90. If b ≡ 3 (mod 5) then the system has two solutions
3 Congruences 167

modulo 15, so 12 solutions modulo 90. The same argument also applies to the
second system.
As for the system in the problem statement, we come to the following conclusion
by combining the information above: if a ≡ 0, 1 (mod 3) then the first equation,
and thus the system itself, has no solutions; if a ≡ 2 (mod 3) then there are a few
cases to consider.
1 If a ≡ 8 (mod 9) then the equations are not compatible modulo 3, so the
system has no solutions. 2 If a ≡ 2 (mod 9) then the system has either six
solutions modulo 90 (when a ≡ 11 (mod 45)) or 12 solutions modulo 90 (when
a ≡ 2, 20, 29, 38 (mod 45)). 3 Finally, if a ≡ 5 (mod 9) then the system has
either six solutions modulo 90 (when a ≡ −4 (mod 45)) or 12 solutions modulo
90 (when a ≡ 5, 14, 23, 32 (mod 45)).
125 First of all, let us solve each equation separately. The first equation is x 2 (x 25 −
1) ≡ 0 (mod 144) which, by the Chinese remainder theorem, is equivalent to the
system

x 2 (x 25 − 1) ≡ 0 (mod 16)
x 2 (x 25 − 1) ≡ 0 (mod 9).

Notice that x 2 and x 25 − 1 are relatively prime for all integers x. In the first of
the two equations above, this implies that we either have x 2 ≡ 0 (mod 16), hence
x ≡ 0 (mod 4), or x 25 ≡ 1 (mod 16), hence in particular (x, 2) = 1. In the latter
case, since φ(16) = 8, Euler’s theorem implies x 8 ≡ 1 (mod 16), which yields
x 25 = x 1+3·8 ≡ x (mod 16) and therefore the solution x ≡ 1 (mod 16).
Similarly, for the second equation we either have x 2 ≡ 0 (mod 9), hence x ≡ 0
(mod 3) or, using the fact that φ(9) = 6, we have x 25 = x 1+6·4 ≡ x (mod 9),
which yields the additional solution x ≡ 1 (mod 9).
Consider the second equation in the original system, that is, 10x ≡ a (mod 25)
with a ∈ Z. In order for this equation to have a solution we must have 5 = (25, 10) |
a, so a = 5b for some b ∈ Z. Dividing by five yields the equivalent equation 2x ≡ b
(mod 5), hence the solution x ≡ 2−1 b ≡ 3b (mod 5).
Finally, consider the third equation, that is, 2x−1 ≡ 4 (mod 11). Since we have
2 ≡ 4 (mod 11), the equation always has a solution. Let us find the multiplicative
2

order of 2 (mod 11); we have 22 ≡ 4 and 25 ≡ −1 (mod 11), so 2d ≡ 1 (mod 11)

for all maximal divisors of 10 = φ(11), hence the order we want is 10. Therefore,
the solution of the equation is x − 1 ≡ 2 (mod 10), that is, x ≡ 3 (mod 10). By
the Chinese remainder theorem, this solution can be expressed as the solution of the
system

x ≡ 1 (mod 2)
x ≡ 3 (mod 5).
168 3 Solutions

Let us now turn back to the original system. Again by the Chinese remainder
theorem, the solutions of its equations are certainly compatible when their resulting
moduli are relatively prime. The compatibilities we need to check are the following.
The first equation implies x ≡ 0 (mod 4) or x ≡ 1 (mod 16), whereas from
the third we get x ≡ 1 (mod 2). We must therefore exclude the case where x ≡ 0
(mod 4) and, since x ≡ 1 (mod 16) implies x ≡ 1 (mod 2), the condition to keep
is x ≡ 1 (mod 16).
Moreover, from the second equation we obtain that x ≡ 3b (mod 5), whereas
x ≡ 3 (mod 5) because of the third equation. The two are compatible for b ≡ 1
(mod 5) and they give the condition x ≡ 3 (mod 5).
To summarise: a necessary and sufficient condition for the system to have a
solution is a = 5b with b ≡ 1 (mod 5), that is, a ≡ 5 (mod 25). When this
holds, the solutions are those of the two systems
⎧ ⎧
⎨ x ≡ 1 (mod 16) ⎨ x ≡ 1 (mod 16)
x ≡ 0 (mod 3) x ≡ 1 (mod 9)
⎩ ⎩
x ≡ 3 (mod 5) x ≡ 3 (mod 5).

Simple calculations yield the solutions x ≡ 33 (mod 240) and x ≡ 433

(mod 720).
126 We can simplify the first equation by dividing it by 2, which yields
2 −5y+3
22y ≡ 1 (mod 18).

So 22y −5y+3 must be invertible (mod 18), hence (22y −5y+3 , 18) = 1. This is the
2 2

case if and only if 2y 2 − 5y + 3 = (y − 1)(2y − 3) = 0, which, since we are looking

for integer solutions, implies y = 1.
Now consider the third equation. One can immediately check that x ≡ −1
(mod 100) is a solution. On the other hand, if x is a solution then we must have
(x, 100) = 1, and so by Euler’s theorem x φ(100) = x 40 ≡ 1 (mod 100). Since
the inverse of 23 modulo 40 is 7, the equation x 23 ≡ −1 (mod 100) implies
x ≡ x 23·7 ≡ (−1)7 ≡ −1 (mod 100). It follows that the only solution of the
third equation is x ≡ −1 (mod 100). It will be useful later to express this solution,
by means of the Chinese remainder theorem, in the form of the system

x ≡ −1 (mod 4)
x ≡ −1 (mod 25).

Finally, consider the second equation. We can substitute the value y = 1, which
yields (2x 2 + 17)(2x 2 + 5x + 2)−1 ≡ 1 (mod 592).
By factoring, we get 592 = 24 · 37 and 2x 2 + 5x + 2 = (x + 2)(2x + 1). So
2x +5x+2 is invertible modulo 592 if and only if x+2 and 2x+1 are both invertible
2

modulo 2 and modulo 37. The condition x ≡ −1 (mod 100), which implies that x
is odd, ensures that both x + 2 and 2x + 1 are invertible modulo 2. Invertibility
3 Congruences 169

modulo 37 is equivalent to x + 2 ≡ 0 (mod 37), that is, x ≡ −2 (mod 37), and

2x + 1 ≡ 0 (mod 37), that is, x ≡ 18 (mod 37).
If these conditions are satisfied, then (2x 2 +17)(2x 2 +5x +2)−1 ≡ 1 (mod 592)
is equivalent to x ≡ 3 (mod 592), which is compatible with both x ≡ −1 (mod 4)
and x ≡ −2, 18 (mod 37). It follows that (x, 1) is a solution of the original system
if and only if x is a solution of the system of congruences
⎧
⎨x ≡ 3 (mod 16)
x≡3 (mod 37)
⎩
x ≡ −1 (mod 25).

A few calculations show that the system above is equivalent to x ≡ 7699

(mod 14800), so the solutions of the original system are all pairs of the form
(7699 + 14800t, 1) with t ∈ Z.
127 The second congruence has a solution if and only if (a, 10) = 1, in which case
its solution is x ≡ a −1 (mod 10); in particular, we have (x, 10) = 1.
The first congruence is equivalent to the system

a x ≡ 1 (mod 11)
a x ≡ 1 (mod 7).

A necessary condition for the two equations in the system above to have a solution is
that a ≡ 0 (mod 11) and a ≡ 0 (mod 7). Both conditions are definitely compatible
with (a, 10) = 1, because (10, 77) = 1.
Assume that a ≡ 0 (mod 11); by Fermat’s little theorem, we have a 10 ≡ 1
(mod 11). But, in order for the system to have a solution, we must also have a x ≡ 1
(mod 11) for some x such that (x, 10) = 1. Therefore, the order of a in (Z/11Z)∗
must be a divisor of (x, 10) = 1, so we must have a ≡ 1 (mod 11). If this holds,
then all integers x satisfy the equation a x ≡ 1 (mod 11).
Assuming that a ≡ 0 (mod 7), the fact that solutions of the second equation
must be odd implies that the order of a in (Z/7Z)∗ must be a divisor of an odd
integer, and therefore be odd itself. Since the order of every element of (Z/7Z)∗ is a
divisor of 6, we must either have ord(a) = 1, that is, a ≡ 1 (mod 7), or ord(a) = 3,
that is, a ≡ 2, 4 (mod 7). If a ≡ 1 (mod 7) then the equation a x ≡ 1 (mod 7) is
satisfied for all integers x. If a ≡ 2, 4 (mod 7) then the solution of the equation
a x ≡ 1 (mod 7) is x ≡ 0 (mod 3). This solution is guaranteed to be compatible
with x ≡ a −1 (mod 10) because (3, 10) = 1.
To summarise, in order for the system to have a solution we must have: (a, 10) =
1, a ≡ 1 (mod 11), a ≡ 1, 2, 4 (mod 7).
First, consider the case of a ≡ 1 (mod 7). All integers x are solutions of the first
equation, so the solution of the system is x ≡ a −1 (mod 10). Depending on the
170 3 Solutions

value of a, we have

a ≡1 (mod 10) $⇒ a ≡ 1 (mod 770), x ≡1 (mod 10),

a ≡3 (mod 10) $⇒ a ≡ 463 (mod 770), x ≡7 (mod 10),
a ≡7 (mod 10) $⇒ a ≡ 617 (mod 770), x ≡3 (mod 10),
a ≡9 (mod 10) $⇒ a ≡ 309 (mod 770), x ≡9 (mod 10).

Now consider the case of a ≡ 2, 4 (mod 7). We have

a ≡1 (mod 10) $⇒ a ≡ 331, 221 (mod 770), x ≡ 21 (mod 30),

a ≡3 (mod 10) $⇒ a ≡ 23, 683 (mod 770), x ≡ 27 (mod 30),
a ≡7 (mod 10) $⇒ a ≡ 177, 67 (mod 770), x ≡ 3 (mod 30),
a ≡9 (mod 10) $⇒ a ≡ 639, 529 (mod 770), x ≡ 9 (mod 30).

128 By the Chinese remainder theorem, we can split the equation modulo 200 into
one modulo 8 and one modulo 25, thus obtaining the following system
⎧
⎨ 7x ≡ a (mod 8)
(x + a)4 ≡ 0 (mod 8)
⎩
(x + a)4 ≡ 0 (mod 25)

which is equivalent to the original one.

A necessary condition for the first equation above to have a solution is that a ≡
±1 (mod 8); in particular, a must be odd. This implies that in the second equation
x must also be odd. On the other hand, if both a and x are odd, then 2 | a + x,
so 16 | (a + x)4 and thus the second equation is satisfied. Going back to the first
equation, x being odd implies a ≡ 7 (mod 8). Conversely, if a ≡ 7 (mod 8) then
the first two equations have the unique solution x ≡ 1 (mod 2).
The third equation has a solution for each value of a, namely x ≡ −a (mod 5):
as before, if 5 | x + a then 54 | (x + a)4 .
In conclusion, the system has a solution if and only if a ≡ 7 (mod 8), and the
solutions are the following.
If a ≡ 0 (mod 5), that is, if a ≡ 15 (mod 40), then x ≡ 0 (mod 5) and x ≡ 1
(mod 2), that is, x ≡ 5 (mod 10).
If a ≡ 1 (mod 5), that is, if a ≡ 31 (mod 40), then x ≡ 4 (mod 5) and x ≡ 1
(mod 2), that is, x ≡ 9 (mod 10).
If a ≡ 2 (mod 5), that is, if a ≡ 7 (mod 40), then x ≡ 3 (mod 5) and x ≡ 1
(mod 2), that is, x ≡ 3 (mod 10).
If a ≡ 3 (mod 5), that is, if a ≡ 23 (mod 40), then x ≡ 2 (mod 5) and x ≡ 1
(mod 2), that is, x ≡ 7 (mod 10).
If a ≡ 4 (mod 5), that is, if a ≡ 39 (mod 40), then x ≡ 1 (mod 5) and x ≡ 1
(mod 2), that is, x ≡ 1 (mod 10).
3 Congruences 171

129 Consider the first equation. In order for it to have a solution we must have
(7a, 49) | a. The greatest common divisor (7a, 49) can take one of two possible
values.
If 7  a then (7a, 49) = 7 and the necessary condition 7 | a is not satisfied, so we
have no solutions. If 7 | a then (7a, 49) = 49 and the necessary condition becomes
49 | a, that is, a ≡ 0 (mod 49). The equation 7ax ≡ a (mod 49) becomes 0 ≡ a
(mod 49), which is always satisfied in this case.
To summarise, the first equation has a solution if and only if a ≡ 0 (mod 49), in
which case it is satisfied for all integers.
As for the second equation, we shall distinguish three separate cases.
1 If x ≡ 0 (mod 3) then we have x a ≡ 0a ≡ 0 (mod 3) for all a > 0; the
equation cannot be satisfied for a = 0 or a < 0, because x is not invertible modulo
3. So in this case we have no solutions for any value of a. 2 If x ≡ 1 (mod 3)
then the equation is satisfied for all a ∈ Z. 3 Finally, if x ≡ 2 (mod 3) then the
equation becomes 2a ≡ 1 (mod 3), which is satisfied if and only if a ≡ 0 (mod 2).
So the solution of the second equation is x ≡ 1 (mod 3) for all a ∈ Z, and we
have the additional solution x ≡ 2 (mod 3) if a ≡ 0 (mod 2).
In conclusion, the solutions of the original system can be described as follows.
If a ≡ 0 (mod 49) and a ≡ 0 (mod 2), that is, if a ≡ 0 (mod 98), then we have
the solutions x ≡ 1, 2 (mod 3). If a ≡ 0 (mod 49) and a ≡ 0 (mod 2), that is, if
a ≡ 49 (mod 98), then we have the solution x ≡ 1 (mod 3). For all other values
of a ∈ Z there are no solutions, because there are no solutions of the first equation.
130 Let us solve the first equation. Since we have 1000 = 8 · 125, by the Chinese
remainder theorem the equation is equivalent to the system

x 3 ≡ 0 (mod 8)
x 3 ≡ 23 (mod 125).

The solutions of x 3 ≡ 0 (mod 8) are obviously given by all even x. As for the
second equation in the system above, remark that 2 is invertible modulo 125, so x is
as well. We may thus solve the equation in (Z/125Z)∗ by rewriting it as (x/2)3 ≡ 1
(mod 125); since 3 does not divide |(Z/125Z)∗ | = φ(125) = 100, we get x/2 ≡ 1
(mod 125). We can therefore conclude that the equation x 3 ≡ 8 (mod 125) has the
unique solution x ≡ 2 (mod 125).
We can combine the solutions via the system

x ≡ 2 (mod 125)
x ≡ 0 (mod 2)

whose solutions are x ≡ 2, 252, 502, 752 (mod 1000). So we obtain the four
systems

x ≡ 0, 252, 502, 752 (mod 1000)
x≡2 (mod 3)
172 3 Solutions

with the additional constraint that 0 ≤ x < 3001. Again by the Chinese remainder
theorem, each system has a unique solution modulo 3000, so we have exactly four
solutions.
131
(i) Let us solve the congruence x 36 ≡ x (mod 9) by distinguishing two cases.
1 If (x, 3) = 1 then x = 3y for some y ∈ Z. Consequently, x 36 = (3y)36 ≡
336 y 36 ≡ 0 (mod 9), so x ≡ x 36 ≡ 0 (mod 9).
2 If (x, 3) = 1 then x ∈ (Z/9Z)∗ . In this case the equation is equivalent to
x 35 ≡ 1 (mod 9). By Euler’s theorem we have x φ(9) = x 6 ≡ 1 (mod 9) and
thus x 35 ≡ x −1 (mod 9). The equation becomes x −1 ≡ 1 (mod 9), that is,
x ≡ 1 (mod 9).
In conclusion, the congruence has the two solutions x ≡ 0, 1 (mod 9).
(ii) Let us now solve the congruence x 2 − x = x(x − 1) ≡ 0 (mod 64). Clearly, x
and x − 1 are relatively prime, so the only solutions are x ≡ 0 (mod 64) and
x ≡ 1 (mod 64).
The solutions of the original system are therefore those of the four systems

x ≡ 0 or 1 (mod 9)
x ≡ 0 or 1 (mod 64).

Carrying out the necessary calculations yields x ≡ 0, 1, 64, 513 (mod 576).
132 If a = 0 then the equation is an identity and is satisfied by all classes modulo
584; we shall therefore assume that a > 0. We have 584 = 23 · 73 and x a+5 − x a −
x 5 + 1 = (x a − 1)(x 5 − 1). By the Chinese remainder theorem, the original equation
is equivalent to the system

(x 5 − 1)(x a − 1) ≡ 0 (mod 8)
(x 5 − 1)(x a − 1) ≡ 0 (mod 73).

Consider the first equation in the system. First of all, remark that it is not satisfied
for any even number. Moreover, since the square of any odd number is congruent to
1 modulo 8, assuming x is odd we have x 5 ≡ x (mod 8), whereas x a is congruent
to 1 if a is even and to x if a is odd.
Therefore, if a ≡ 0 (mod 2) then

(x 5 − 1)(x a − 1) ≡ 0 (mod 8) ⇐⇒ x ≡ 1 (mod 2),

whereas if a ≡ 1 (mod 2) then

(x 5 − 1)(x a − 1) ≡ 0 (mod 8) ⇐⇒ (x − 1)2 ≡ 0 (mod 8)

⇐⇒ x ≡ 1 (mod 4).
3 Congruences 173

Let us now move on to the second equation. The number 73 is prime, so the
principle of zero products holds modulo 73; we have

(x 5 − 1)(x a − 1) ≡ 0 (mod 73) ⇐⇒ x 5 ≡ 1 (mod 73) or x a ≡ 1 (mod 73).

Now, x 5 ≡ 1 (mod 73) if and only if the order x in (Z/73Z)∗ divides 5. Since the
order of x must also divide φ(73) = 72 and (5, 72) = 1, we have x 5 ≡ 1 (mod 73)
if and only if x ≡ 1 (mod 73). By the same argument, x a ≡ 1 (mod 73) if and
only if x (a,72) ≡ 1 (mod 73). Since (Z/73Z)∗ is cyclic, this equation has exactly
(a, 72) solutions modulo 73. In particular, the unique solution x ≡ 1 (mod 73) of
x 5 − 1 ≡ 0 (mod 73) is also a solution of x a − 1 ≡ 0 (mod 73).
Going back to the original system, its second equation has (a, 72) solutions
modulo 73 and its first equation has one solution modulo 2 (that is, four solutions
modulo 8) if a is even, and one solution modulo 4 (that is, two solutions modulo 8)
if a is odd. By the Chinese remainder theorem, we conclude that there are 4(a, 72)
solutions modulo 584 if a is even and 2(a, 72) solutions if a is odd.
133 By the Chinese remainder theorem, the congruence is equivalent to the
following system:

x 5 − 4x + 400 ≡ 0 (mod 210 )
x 5 − 4x + 400 ≡ 0 (mod 510 ).

The first equation implies x ≡ 0 (mod 4). By letting x = 4y, we have x 5 ≡

210 y 5 ≡ 0 (mod 210 ), hence y ≡ 25 (mod 26 ), so x ≡ 100 (mod 28 ).
The second equation in the system implies x 5 − 4x + 400 ≡ 0 (mod 52 ), from
which we get x(x 4 + 1) ≡ 0 (mod 25). Now, either x 4 + 1 ≡ 1 or x 4 + 1 ≡ 2
(mod 5) by Fermat’s little theorem; in particular, x 4 + 1 is always invertible modulo
25. It follows that we have x(x 4 + 1) ≡ 0 (mod 25) if and only if x ≡ 0 (mod 25),
that is, if and only if x = 52 t for some t ∈ Z. By substituting this condition into the
initial equation we obtain

510 t 5 − 22 52 t + 24 52 ≡ −22 52 t + 24 52 ≡ 0 (mod 510 )

which yields t ≡ 4 (mod 58 ) and x ≡ 100 (mod 510 ). The initial system becomes

x ≡ 100 (mod 28 )
x ≡ 100 (mod 510 )

whose solution is x ≡ 100 (mod 28 ·510). In conclusion, we have 1010/(28 ·510) = 4

solutions modulo 1010.
174 3 Solutions

4 Groups

134 We show that B and C are subgroups of Hom(G, G ), whereas A and D are
not.
The neutral element in Hom(G, G ) is the zero homomorphism, that is, the
homomorphism e such that e(x) = 0 for all x ∈ G. The additive inverse of a
homomorphism f is the homomorphism −f such that (−f )x = −f (x) for all
x ∈ G.
We have e ∈ B, because Ker(e) = G ⊇ H . If f, g ∈ B and h ∈ H then
f (h) = g(h) = 0, so (f + g)(h) = 0 and f + g ∈ B. Finally, if f ∈ B and h ∈ H
then f (h) = 0, so (−f )(h) = 0 and thus −f ∈ B.
Therefore, B is a subgroup of Hom(G, G ). Similarly, C is a subgroup of
Hom(G, G ). Indeed, we have e ∈ C, because e(G) = 0 ∈ H . Moreover, if
f, g ∈ C and x ∈ G then f (x), g(x) ∈ H , hence f (x) + g(x) ∈ H and
thus f + g ∈ C. Finally, if f ∈ C and x ∈ G then f (x) ∈ H , hence
(−f )(x) = −f (x) ∈ H and thus −f ∈ C.
Remark that, since H and H are proper nontrivial subgroups of G and G , the
zero homomorphism e of Hom(G, G ) does not belong to A nor to D, so those
cannot be subgroups of Hom(G, G ).
135
(i) Since Z/mnZ  Z/mZ × Z/nZ when m and n are relatively prime, we have

G∼
= (Z/2Z × Z/4Z) × Z/3Z × Z/5Z.

Let G2 = Z/2Z × Z/4Z, G3 = Z/3Z, G5 = Z/5Z. Given (x, y, z) ∈ G2 ×

G3 × G5 , we have o(x, y, z) = [o(x), o(y), o(z)] = o(x)o(y)o(z).
Therefore, (x, y, z) has order 60 if and only if o(x) = 4, o(y) = 3, o(z) = 5.
There are four elements of order 4 in G2 , that is, all elements of G2 except
for the four pairs (x1 , x2 ) such that 2(x1 , x2 ) = (0, 0). There are two elements
of order 3 in G3 : all elements of G3 except for the identity. Finally, there are
four elements of order 5 in G5 : all of them except for the identity. So there are
4 · 2 · 4 = 32 elements of order 60 in G.
(ii) As before, (x, y, z) has order 30 if and only if o(x) = 2, o(y) = 3, o(z) = 5.
There are three pairs (x1 , x2 ) ∈ G2 of order 2, that is, the four pairs such that
2(x1 , x2 ) = (0, 0), except for the identity. So the number of elements of G
having order 30 is 24.
Now, each element of order 30 generates a cyclic subgroup of order 30. On the
other hand, the same cyclic subgroup of order 30 can be generated by any of
its elements of order 30, of which there are φ(30) = 8. So the number of all
cyclic subgroups of G whose order is 30 is 24/8 = 3.
(iii) All homomorphisms f : Z/12Z −→ G are of the form f (n) = ng for some
g ∈ G. Indeed, if f (1) = g then by the homomorphism property we have
f (n) = f (1 + · · · + 1) = g + · · · + g = ng. Clearly any such map, if
4 Groups 175

well defined, is a homomorphism, because we have f (m + n) = (m + n)g =

mg + ng = f (m) + f (n).
The condition for the map to be well defined is m = n ⇒ mg = ng. If we also
ask that the resulting homomorphism is injective, the condition becomes

m = n ⇐⇒ mg = ng.

This condition is satisfied if and only if ord(g) = 12. Again, (x, y, z) has order
12 if and only if ord(x) = 4, ord(y) = 3, ord(z) = 1. Previous calculations
imply that there are eight elements of order 12 in G, so the number of all
injective homomorphisms f : Z/12Z −→ G is 8.
136
(i) The identity map Id : Z/72Z −→ Z/72Z, Id(x) = x, which is the neutral
element of G, belongs to H , because Id(12) = 12.
Given f, g ∈ H of the form f (x) = ax and g(x) = bx with (a, 72) =
(b, 72) = 1, their composition is f ◦ g(x) = abx and, since we also have
(ab, 72) = 1 and f ◦ g(12) = f (12) = 12, it does belong to H .
Given f ∈ H of the form f (x) = ax with (a, 72) = 1, pick a such that
aa ≡ 1 (mod 72). We have (a , 72) = 1 and the map g given by g(x) = a x
is the inverse of f ; since f (12) = 12 implies f −1 (12) = 12, g belongs to H .
Therefore, H is a subgroup of G.
To find the order of H , remark that f (12) = 12 is equivalent to 12a ≡ 12
(mod 72), that is, a ≡ 1 (mod 6). There are exactly 12 classes modulo 72 that
are congruent to 1 modulo 6 and they are all coprime to 72, because they are
coprime to 6, which has the same prime factors. So the order of H is 12.
(ii) The subgroup H is not cyclic. This is because, given any f ∈ H of the form
f (x) = ax with a ≡ 1 (mod 6), we have f 6 (x) = a 6 x and a ≡ 1 (mod 2)
implies a 2 ≡ 1 (mod 8), hence a 6 ≡ 1 (mod 8). Similarly, a ≡ 1 (mod 3)
implies a 3 ≡ 1 (mod 9), hence a 6 ≡ 1 (mod 9).
What we have just shown is that a 6 ≡ 1 (mod 72), so the order of every map
in H is a divisor of 6.
137
(i) A homomorphism is injective if and only if its kernel consists of only the neutral
element. The kernel of the map f (x) = (ax, bx) is {x ∈ G | (ax, bx) = (0, 0)}.
Let u, v be integer representatives of the residue classes a, b, respectively. We
have ax = 0 if and only if the order of x is a divisor of (u, 12), and bx = 0 if
and only if the order of x is a divisor of (v, 12). So the kernel of f is the set of
elements whose order is a divisor of (u, v, 12), that is, f is injective if and only
if (u, v, 12) = 1.
Let Y be the set of pairs satisfying the desired condition and, for each divisor d
of 12, let Yd be the set of pairs (a, b) such that d | u and d | v. We have

|Y | = 122 − |Y2 ∪ Y3 | = 122 − |Y2 | − |Y3 | + |Y6 | = 122 − 62 − 42 + 22 = 96.

176 3 Solutions

(ii) Using the same notation as above, we have g ◦ f (x) = (a + b)x and thus g ◦ f
is injective if and only if (u + v, 12) = 1. For each a ∈ G there are exactly
φ(12) = 4 values of b for which (u + v, 12) = 1, so the answer is 12 · 4 = 48
pairs.
138 Let G = (Z/p2 Z)∗ ; we shall show that H = {x ∈ G | x ≡ 1 (mod p)} =
{1 + tp | t = 0, 1, . . . , p − 1} is a subgroup of G. Indeed, we have 1 ∈ H , and if
x, y ≡ 1 (mod p) then we also have xy ≡ 1 (mod p) and x −1 ≡ 1 (mod p). The
subgroup H has p elements, so all of its elements except for the identity have order
p. In particular, the element a = p + 1 has order p.
Let b ∈ G be an element such that the class of b modulo p is a generator of the
cyclic group (Z/pZ)∗ . If b n ≡ 1 (mod p2 ) then we also have bn ≡ 1 (mod p) and
so n ≡ 0 (mod p − 1); so the order of b in G is a multiple of p − 1.
But then the cyclic subgroup generated by b has order divisible by p − 1, so it
has a cyclic subgroup of order p − 1. A generator of this subgroup is an element of
G of order p − 1.
139 Let us first show that H K is a subgroup of G. First of all, we do have e ∈ H K:
indeed, e = e · e, and e ∈ H, e ∈ K because H, K are subgroups of G. Now, given
hk, h k ∈ H K, the fact that H is a normal subgroup of G implies that kH = H k,
so there exists h ∈ H such that kh = h k; we thus have hkh k = hh kk ∈ H K
because, H and K being subgroups of G, we have hh ∈ H and kk ∈ K. Finally,
if hk ∈ H K then (hk)−1 = k −1 h−1 and, because H is normal, we have k −1 h−1 =
h k −1 ∈ H K for some h ∈ H .
Now we show that H K is a normal subgroup of G. For all g ∈ G, h ∈ H and
k ∈ K we have ghkg −1 = (ghg −1 )(gkg −1 ); the latter does belong to H K because,
since H and K are normal, we have ghg −1 ∈ H and gkg −1 ∈ K.
140
(i) The set Ker(f ) ∩ Im(f ) is a subgroup of G, so it contains the neutral element
of G. Conversely, let x ∈ Ker(f ) ∩ Im(f ); the fact that x ∈ Ker(f ) implies
f (x) = e, whereas from x ∈ Im(f ) we obtain that there is an element y ∈ G
such that x = f (y). It follows that x = f (y) = f ◦ f (y) = f (x) = e.
(ii) It is clear that Ker(f ) · Im(f ) ⊆ G. Conversely, for each x ∈ G, we can
write x = xf (x −1 ) · f (x). We have f (xf (x −1 )) = f (x) · f ◦ f (x −1 ) =
f (x) · f (x −1 ) = e, hence xf (x −1 ) ∈ Ker(f ). Since naturally f (x) ∈ Im(f )
we have proved the desired result.
141
(i) We have |(Z/49Z)∗ | = φ(49) = 42. The elements of order 2 and those of order
3 are the solutions other than 1 of the congruence x 2 ≡ 1 (mod 49) and the
congruence x 3 ≡ 1 (mod 49), respectively.
The condition x 2 − 1 = (x − 1)(x + 1) ≡ 0 (mod 49) implies that one of
the following must be satisfied: x − 1 ≡ 0 (mod 49), whose solution is class 1
(which we excluded), or x + 1 ≡ 0 (mod 49), whose solution is the class −1
4 Groups 177

which does have order 2, or the system of two equations x − 1 ≡ 0 (mod 7)

and x + 1 ≡ 0 (mod 7), which has no solutions.
In conclusion, the class −1 is the only element of order 2 in (Z/49Z)∗ .
If x 3 ≡ 1 (mod 49) then in particular x 3 ≡ 1 (mod 7), so x ≡ 1, 2, −3
(mod 7) (one can check that those classes satisfy the condition and all others
do not). It follows that the solutions of the original congruence modulo 49 are
integers of the form x = a + 7t with a = 1, 2 or −3 and t ∈ Z. Now, remark
that (a + 7t)3 ≡ a 3 + 21a 2t (mod 49); substituting the three possible values
of a yields the solutions x ≡ 1, −19, 18 (mod 49) for the equation x 3 ≡ 1
(mod 49). In conclusion, there are exactly two elements of order 3 in (Z/49Z)∗ .
(ii) There are as many homomorphisms from Z/6Z to (Z/49Z)∗ as elements of
(Z/49Z)∗ whose order divides 6. Such elements are the solutions modulo 49 of
x 6 ≡ 1 (mod 49).
If x is an integer solution of the congruence above, then x 6 ≡ 1 (mod 7),
that is, x is of the form x = a + 7t with a ∈ {1, 2, 3, 4, 5, 6} and t ∈ Z.
Substituting yields (a + 7t)6 ≡ a 6 + 42a 5t ≡ 1 (mod 49). Since 7 | a 6 − 1,
the equation becomes 6a 5t ≡ b (mod 7), where b = (a 6 − 1)/7. Now, since
6a 5 is invertible modulo 7 for all a in the set we are considering, there is a
unique solution modulo 7 for t. We can thus conclude that the equation x 6 ≡ 1
(mod 7) has six solutions modulo 49.
There are therefore six homomorphisms from Z/6Z to (Z/49Z)∗ .
142
(i) We have Z(H ) = ∅ because the neutral element of G does belong to Z(H ). If
x, y ∈ Z(H ) then for all h ∈ H we have (xy)h = x(yh) = x(hy) = (xh)y =
(hx)y = h(xy), so xy ∈ Z(H ); moreover, if x ∈ Z(H ) then xh = hx for all
h ∈ H , hence hx −1 = x −1 xhx −1 = x −1 hxx −1 = x −1 h and so x −1 ∈ Z(H ).
Therefore, Z(H ) is a subgroup of G.
(ii) Assume H is a normal subgroup of G and consider x ∈ Z(H ) and g ∈ G. We
shall show that gxg −1 ∈ Z(H ). Indeed, for all h in H we have

(gxg −1 )h(gx −1 g −1 ) = gx(g −1 hg)x −1 g −1 = g(g −1 hg)xx −1 g −1 = h

because g −1 hg ∈ H and x ∈ Z(H ). This shows that Z(H ) is a normal

subgroup of G.
(iii) Given x ∈ Z(H ), we have f (x)f (h) = f (xh) = f (hx) = f (h)f (x)
for all h ∈ H , so the equality holds for all f (h) ∈ f (H ). In other words,
f (Z(H )) commutes with all elements of f (H ), that is, f (Z(H )) ⊆ Z(f (H ))
as required.
(iv) We can take G = Z/2Z, G = S3 , f (0) = Id, f (1) = σ where σ (1) =
2, σ (2) = 1 and σ (3) = 3, and H = G. One can check that Z(f (G)) =
{Id, σ } = G .
178 3 Solutions

143
(i) First, let us show that H is a subgroup of G. Clearly, e ∈ H because the neutral
element has order 1. Let a, b ∈ H and suppose ord(a) = m, ord(b) = n; then
(ab)mn = a mn bmn = e, so ab has finite order and therefore belongs to H .
Finally, if a ∈ H then a −1 ∈ H because ord(a) = ord(a −1 ), so H is indeed a
subgroup.
Let G = C∗ : we have H = {z ∈ C∗ | zn = 1 for some n}. Since for all n ∈ N
the polynomial x n −1 has n roots in C and those belong to H , we have |H | ≥ n
for all n ∈ N, so H is infinite.
(ii) Let gH be an element of finite order in G/H and let n be its order. From
g n H = H we get that g n ∈ H , so there exists an integer d such that (g n )d =
g nd = e, that is, g ∈ H . This implies gH = H , that is, only the neutral element
has finite order in G/H .
(iii) Any group isomorphism sends elements of finite order to elements of finite
order. We have just shown that the only element of finite order in G/H is the
neutral element, so the subgroup of elements of G having finite order must be
H = {e}.
(iv) Given a homomorphism ϕ : G −→ Z, consider an element x ∈ H such that
n = ord(x). We must have ord(ϕ(x)) | n, that is, ϕ(x) is an element of Z of
finite order. However, 0 is the only element of finite order in Z, so necessarily
ϕ(x) = 0, that is, x ∈ Ker(ϕ).
144
(i) Both H1 × H2 and G1 × G2 , endowed with the appropriate componentwise
operations, are groups. Since the operations of H1 and H2 are the restrictions
of those of G1 and G2 , the subset H1 × H2 is a subgroup of G1 × G2 .
Given (x, y) ∈ G1 × G2 , we have (x, y)(H1 × H2 )(x, y)−1 = (x, y)(H1 ×
H2 )(x −1 , y −1 ) = xH1 x −1 × yH2 y −1 = H1 × H2 because H1 is a normal
subgroup of G1 and H2 is a normal subgroup of G2 . Therefore, H1 × H2 is a
normal subgroup of G1 × G2 .
(ii) For all (x, y) ∈ H we have x = π1 (x, y) ∈ π1 (H) and y = π2 (x, y) ∈ π2 (H),
so (x, y) ∈ π1 (H) × π2 (H).
(iii) Given (x, y) ∈ π1 (H) × π2 (H) there exist a ∈ G1 and b ∈ G2 such that
(x, b), (a, y) ∈ H. Let h, k ∈ Z be such that hm + kn = 1. Letting e1 and
e2 be the neutral elements of G1 and G2 , we have (x, b)kn = (x kn , b kn ) =
(x 1−hm , e2 ) = (x, e2 ) ∈ H and (a, y)hm = (a hm , y 1−kn ) = (e1 , y) ∈ H. It
follows that (x, y) = (x, e2 )(e1 , y) ∈ H. This, together with the containment
shown above, yields the desired equality.
145
(i) Because the groups are finite we have [G1 : H ] = |G1 |/|H | and also
[f (G1 ) : f (H )] = |f (G1 )|/|f (H )|. The fundamental homomorphism
theorem, when applied to f : G1 −→ G2 and its restriction to H , that is,
f|H : H −→ G2 , yields that f (G1 )  G1 / Ker(f ) and f (H )  H / Ker(f|H ).
4 Groups 179

Since Ker(f )⊆ H , we have Ker(f|H ) = Ker(f ), and thus

[f (G1 ) : f (H )] = |f (G1 )|/|f (H )|

= (|G1 |/| Ker(f )|)(Ker(f )|/|H |)
= |G1 |/|H | = [G1 : H ].

(ii) If Ker(f ) ⊆ H then the equality from the first question does not hold in
general. For instance, consider G1 = G2 = Z/2Z, H = {0} and let f be
the zero homomorphism. We have [G1 : H ] = 2, whereas [f (G1 ) : f (H )] =
[{0} : {0}] = 1.
(iii) If G1 = Z and G2 is a finite group then we have Ker(f ) = nZ for some n > 0.
Letting H = mZ, the fact that H ⊇ Ker(f ) implies that m | n, and in particular
we obtain |H / Ker(f )| = n/m as well as [G1 : H ] = |G1 /H | = m. Similarly
to our first answer, we have

[f (G1 ) : f (H )] = |f (G1 )|/|f (H )|

= (|G1 / Ker(f )|) : (|H / Ker(f )|)
= nm/n
= m
= [G1 : H ].

Therefore, the desired equality does hold in this case.

146
(i) Since N is an intersection of subgroups, it is itself a subgroup of G. Consider
an element g ∈ G and let M be a subgroup of G. The subgroup M is maximal
if and only if gMg −1 is maximal: we have M  H if and only if gMg −1 
gH g −1 , and we have H = G if and only if gH g −1 = G. This implies that
the set of all maximal subgroups of G is invariant by conjugation, so their
intersection N must be as well, that is, N is a normal subgroup of G.
(ii) The subgroups of Z/nZ are the groups dZ/nZ, where d | n. Since dZ/nZ ⊆
mZ/nZ if and only if m | d, the maximal subgroups of Z/nZ are the groups
pZ/nZ, where p is a prime divisor of n. It follows that, assuming n =
p1e1 . . . prer , we have


r
N= pi Z/nZ = p1 . . . pr Z/nZ.
i=1

In particular, N is trivial if and only if p1 p2 · · · pr = n, that is, if and only if n

is squarefree.
(iii) The answer above immediately yields that for n = 100 we have N =
10Z/100Z.
180 3 Solutions

147 Let π : G −→ G/N be the projection homomorphism, that is, the map given
by π(g) = gN for all g ∈ G, and set F = π ◦ f : G −→ G/N.
The map F , being a composition of surjective homomorphisms, is itself a
surjective homomorphism. Moreover, we have Ker(F ) = {g ∈ G| F (g) =
f (g)N = N} = N because f (g) ∈ N if and only if g ∈ N.
By the fundamental homomorphism theorem applied to F , the map ϕ :
G/N −→ G/N given by ϕ(gN) = f (g)N is well defined and is, indeed, an
isomorphism.
148
(i) The group G is isomorphic to (Z/5Z)∗ × (Z/7Z)∗ . Moreover, since 5 and 7 are
prime, we have G  Z/4Z × Z/6Z and, since (2, 3) = 1, we have G  H × K,
with H = Z/4Z × Z/2Z and K = Z/3Z.
The order of any element (h, k) ∈ H × K is the least common multiple of the
orders of h and k in H and K, respectively.
Every element h = (h1 , h2 ) ∈ H obviously satisfies 4h = (0, 0). The equation
2h = (0, 0) has four solutions: (0, 0), (0, 1), (2, 0), (2, 1). Finally, the neutral
element (0, 0) has order 1. Therefore, H has 8 − 4 = 4 elements of order 4,
4 − 1 = 3 elements of order 2 and one element of order 1.
The group K has two elements of order 3 and one element of order 1 (the neutral
element).
Consequently, G contains 4 · 2 = 8 elements of order 12, 4 · 1 = 4 elements of
order 4, 3 · 2 = 6 elements of order 6, 3 · 1 = 3 elements of order 2, 1 · 2 = 2
elements of order 3 and a single element of order 1. There are no elements of
order n for n = 1, 2, 3, 4, 6, 12.
(ii) We shall first show that a subgroup C of G of order 6 must be cyclic. Indeed,
let us assume by contradiction that C has no elements of order 6: the order of
its elements other than the neutral element must be a divisor of 6, and therefore
can only be 2 or 3.
Elements of C other than the neutral element cannot all have order 2, otherwise
C would be a subgroup of H × {0}, which cannot be the case because 6  8.
Similarly, they cannot all have order 3, or C would be a subgroup {0} × K,
which has order 3.
So C must contain both an element of order 2, which is of the form (h, 0) with
h ∈ H , and an element of order 3, of the form (0, k) with k ∈ K. But then the
element (h, k) ∈ C has order 6, which contradicts our assumption.
Since any cyclic group of order 6 contains exactly φ(6) = 2 elements of order
6 and since there are six elements of order 6 in G, the group G has 6/2 = 3
subgroups of order 6.
149
(i) Let N = {x ∈ G | f (x) = g(x)} and let e be the neutral element of G. First
of all, remark that f (e) = g(e) = 0, so e ∈ N. Moreover, if x, y ∈ N,
that is, if f (x) = g(x) and f (y) = g(y), then f (xy) = f (x) + f (y) =
g(x) + g(y) = g(xy), hence xy ∈ N. Finally, if x ∈ N, that is, if f (x) = g(x),
4 Groups 181

then f (x −1 ) = −f (x) = −g(x) = g(x −1 ) and thus x −1 ∈ N. We have just

shown that N is a subgroup of G.
Now, consider y ∈ G, x ∈ N; the fact that Z/12Z is Abelian implies that
f (yxy −1) = f (y) + f (x) − f (y) = f (x) = g(x) = g(y) + g(x) − g(y) =
g(yxy −1), hence yxy −1 ∈ N.
[[The proof above would still work if we replaced Z/12Z by any Abelian group.]]
(ii) Note that H is a normal subgroup of G, because (123) is normal in S3 , as it
has index 2. The condition that f (h) = 0 for all h ∈ H can be rewritten as
H ⊆ Ker(f ). The homomorphisms that satisfy this condition are in bijection
with the homomorphisms ϕ : G/H −→ Z/12Z.
Now, we have G/H  (12) × 1  Z/2Z × Z/2Z.
Consequently, the homomorphisms ϕ : G/H −→ Z/12Z correspond bijec-
tively to the homomorphisms ψ : Z × Z −→ Z/12Z whose kernel contains
2Z × 2Z.
The homomorphisms ψ : Z × Z −→ Z/12Z are exactly those of the form
ψ(m, n) = ma + nb with a, b ∈ Z/12Z. The kernel of such a homomorphism
contains 2Z × 2Z if and only if ψ(2, 0) = ψ(0, 2) = 0, that is, if and only
if 2a = 2b = 0, or equivalently a = 6a , b = 6b for some a , b ∈ {0, 1}.
So there are four homomorphisms satisfying the requirement of the problem
statement, and each can be constructed from one of the four possible pairs
(a , b ).
150 First of all, remark that G  H × K = (Z/pZ)∗ × (Z/qZ)∗ , that is, G is the
direct product of two cyclic groups whose orders are p − 1 and q − 1, respectively.
Thanks to the group structure of the direct product, we have G(2)  H (2) × K (2)
and G(3)  H (3) × K (3), where H (2), H (3), K (2), K (3) are defined for H and K in
the same way as G(2), G(3) are defined for G.
Denote by ϕ and ψ the homomorphisms from H to itself given by ϕ(x) = x 2 ,
ψ(x) = x 3 : note that we shall then replicate the same argument starting with K. The
subgroups H (2), H (3) are the images of these homomorphisms. As for the kernels,
they consist of the solutions of x 2 ≡ 1 (mod p) and x 3 ≡ 1 (mod p), respectively.
The solutions of the first equation are x ≡ ±1 (mod p) and the second equation
has either three solutions or a single solution, depending on whether H contains
elements of order 3 or not, that is, on whether 3 divides p − 1 or not. We should also
remark that for p = 2 the two solutions of the first equation actually coincide.
From the known relation between the kernel and the image of a homomorphism
and the fact that every subgroup of a cyclic group is cyclic, we deduce that H (2) is
a cyclic group of order (p − 1)/2 if p > 2 and of order one if p = 2, whereas H (3)
is a cyclic group of order (p − 1)/(3, p − 1).
We come to the following conclusions. The order of G(2) is (p −1)/2 · (q −1)/2
if p > 2 and (q − 1)/2 if p = 2, and the order of G(3) is (p − 1)/(3, p − 1) · (q −
1)/(3, q − 1). The subgroup G(2) , which is a direct product of cyclic groups, is itself
cyclic if and only if the orders of the two groups are relatively prime, that is, if and
only if ((p − 1)/2, (q − 1)/2) = 1 if p > 2 and for all q if p = 2. Similarly, G(3)
is cyclic if and only if the orders of its factors are relatively prime. Note, however,
182 3 Solutions

that those orders are both even except for the case where p = 2, which yields a first
factor of order 1. So the group G(3) is cyclic for p = 2 and is not cyclic for p > 2.
151
(i) Since G is a group, it is clear that H + K ⊆ G. As for the opposite inclusion,
consider x ∈ G and let x H be its projection in G/H . We have mx H = eH
because G/H has order m. This implies that mx ∈ H and, similarly, nx ∈ K.
Now, let a, b be integers such that am + bn = 1; we have x = amx + bnx ∈
H + K, which yields the desired equality.
(ii) Consider the map f : G −→ G/H × G/K given by f (x) = (x H , x K ), which
is clearly a homomorphism. The kernel of f is the set of elements x such that
(x H , x K ) = (eH , eK ), so it is equal to H ∩ K.
Moreover, f is surjective. This is because, given (x H , y K ) ∈ G/H × G/K
and a, b as above, we have bn ≡ 1 (mod m), bn ≡ 0 (mod n) and am ≡
0 (mod m), am ≡ 1 (mod n), which implies f (bnx + amy) = f (bnx) +
f (amy) = (x H , eK ) + (eH , y K ) = (x H , y K ).
The fundamental homomorphism theorem yields the desired isomorphism.
152 A homomorphism f : G −→ G is induced by a homomorphism g : Z×Z −→
G such that 20Z × 8Z ⊆ Ker(g). Moreover, given x, y in G, there is a unique
homomorphism g : Z × Z −→ G such that g(1, 0) = x and g(0, 1) = y, which is
given by g(a, b) = ax + by.
The condition on the kernel of g is equivalent to g(20, 0) = 20x = (0, 0) and
g(0, 8) = 8y = (0, 0).
In order for this condition to be satisfied, x must be represented by a pair of
integers (x1 , x2 ) such that 20x1 ≡ 0 (mod 20) and 20x2 ≡ 0 (mod 8). The first
equation is satisfied for all integers x1 , whereas the second one is satisfied if and
only if x2 ≡ 0 (mod 2), that is, for four residue classes modulo 8. The total number
of possible values for x is therefore 20 · 4 = 80.
Similarly, y must be represented by an integer pair (y1 , y2 ) such that 8y1 ≡ 0
(mod 20) and 8y2 ≡ 0 (mod 8). The first equation is equivalent to y1 ≡ 0 (mod 5),
so it has four solutions modulo 20, and the second equation is always satisfied. So
there are 4 · 8 = 32 possible values for y.
The number of homomorphisms from G to itself is therefore 80 · 32 = 2560.

(i) The kernel of fn consists of the pairs (x1 , x2 ) such that nx1 ≡ 0 (mod 20)
and nx2 ≡ 0 (mod 8). The solution of the first equation is x1 ≡ 0
(mod 20/(n, 20)) and the solution of the second equation is x2 ≡ 0
(mod 8/(n, 8)).
The kernel of fn is thus the direct product of a cyclic group of order (n, 20) and
a cyclic group of order (n, 8). The direct product of two finite cyclic groups is
cyclic if and only if the orders of the two factors are relatively prime.
In our case, if n is odd then the order of the second factor is 1, whereas if n is
even then both orders are even. Therefore, our group is cyclic if and only if n is
odd.
4 Groups 183

(ii) By the fundamental homomorphism theorem, the image of fn is isomorphic to

G/ Ker(fn ), that is, to the product of two cyclic groups of order 20/(n, 20) and
8/(n, 8), respectively. Since (20, 8) = 4, these orders are relatively prime if and
only if 4 divides both (n, 20) and (n, 8), that is, if and only if 4 | n.
153
(i) Let x ∈ G be such that its projection x in G/H is a generator of G/H . In
particular, we have ord(x) = n, so the fact that ord(x) | ord(x) implies ord(x) =
nk for some positive integer k.
Now, let y be a generator of H and let z = x k . We have ord(y) = m, ord(z) = n
and we wish to show that ord(yz) = mn, that is, that yz is a generator of G.
Since yz ∈ G, it is clear that ord(yz) | mn = |G|.
Let d be a positive integer such that (yz)d = e. Since G is Abelian, we can
write y d zd = e as well as y d = z−d .
Notice that y d belongs to H and z−d belongs to the subgroup generated by
z, and that the intersection of these two groups, their orders being relatively
prime, consists of the identity only. So the equality above implies y d = e and
zd = e−1 = e. Since the orders of y and z are m and n, respectively, we must
have m | d and n | d; since (m, n) = 1, this implies that mn | d, hence the fact
that G is cyclic.
(ii) A family of examples is given by groups of the form Z/mZ × Z/nZ with
(m, n) > 1. By setting H = Z/mZ × {e} we have that G/H ∼ = Z/nZ. Indeed,
Z/nZ is the image of the canonical projection of G onto the second factor,
whose kernel is precisely H . So H and G/H are cyclic but G, thanks to the
assumption that (m, n) > 1, is not.
In particular, we can give the single example G = Z/2Z × Z/2Z.
154
(i) Since in a group of order n every element’s nth power is the neutral element,
we have fn−1 (x) = x n−1 = x −1 . If fn−1 is a homomorphism, then for all
x, y ∈ G we have (xy)−1 = x −1 y −1 . Taking the inverse of both sides of the
equality, we get xy = yx.
(ii) If f8 is a homomorphism, then f8 ◦ f8 = f64 is as well. Now, the fact that
for all x ∈ G we have x 62 = e implies that f64 (x) = f2 (x) = x 2 . If f2
is a homomorphism, then for all x, y ∈ G we have (xy)2 = x 2 y 2 , that is,
xyxy = xxyy. Multiplying by x −1 on the left and by y −1 on the right yields
yx = xy.
(iii) Let G = S3 and k = 2. In this case we have f2 ((12)(13)) = f2 ((132)) =
(132)2 = (123), whereas f ((12))f ((13)) = (12)2(13)2 = e · e = e.
155 We shall use the additive notation and denote by 0 the neutral element of G.
(i) First of all, we show that Gp is a subgroup of G. The neutral element belongs
to Gp because ord(0) = 1.
184 3 Solutions

Given x, y ∈ Gp , suppose ord(x) = pk , ord(y) = ph . Setting m = max{k, h},

we have pm (x + y) = pm x + pm y = 0, so the order of x + y is a divisor of
pm hence a power of p.
Finally, for each integer r we have rx = 0 if and only if r(−x) = 0. We have
thus proven that Gp is a subgroup.
Now, let q be a prime that divides the order of Gp . By Cauchy’s theorem, there
exists an element x ∈ Gp of order q, but then the definition of Gp implies that
q = p, so the order of Gp must be a power of p.
(ii) Let x +Gp be an element of the quotient group G/Gp and assume ord(x) = r.
Write r in the form r = pk m, with (m, p) = 1. We have pk (mx) = 0, hence
mx ∈ Gp . It follows that m(x + Gp ) = mx + Gp = Gp is the class of the
identity in G/Gp , that is, ord(x + Gp ) is a divisor of m, which implies it must
be coprime to p.
(iii) We have |Gp | = pa and |Gq | = q b for some a , b ∈ N. Since Gp and Gq
are subgroups of G, we have a ≤ a, b ≤ b. Consider the homomorphism
f : G → G given by f (x) = pa x. We show that Ker(f ) = Gp : if x belongs
to Ker(f ) then its order is a divisor of pa and, conversely, if x ∈ Gp then
pa x = 0 and thus pa x = 0. By the fundamental homomorphism theorem,
the image of f is isomorphic to G/Gp , which, by (ii), only contains elements
whose orders are powers of q. Therefore, Im(f ) ≤ Gq . In particular, | Im(f )|
is a power of q, say | Im(f )| = q b for some b ∈ N. We have

pa q b = |G| = | Ker(f )| · | Im(f )| = pa q b ,

hence a = a and b = b . Since b ≤ b ≤ b, we also have b = b = b and

thus G/Gp  Im(f ) = Gq .
156 Let q = a/b be a rational number with (a, b) = 1 and b = 2r 5s h for some
r, s ≥ 0 and some h > 0 such that (h, 10) = 1. From the definition of L we have
that mq ∈ L if and only if h | m, since the factor m must simplify with every prime
factor other than 2 and 5 appearing in the denominator of q. In particular, x = q + L
has order k in Q/L if and only if h = k; moreover, x is a solution of kx = 0 if and
only if h | k.
We shall first endeavour to answer (i) and (ii) in the case where (k, 10) = 1.
Note that 1/k + L has order k in Q/L by our previous remarks. Moreover, all
elements of the cyclic group G generated by 1/k + L in Q/L satisfy the equation
kx = 0.
Conversely, let x be a solution; we wish to show that x ∈ G. By our previous
remarks, we have x = q + L, where q = a/(2r 5s h) and h | k.
Consider the congruence ht + a ≡ 0 (mod 2r 5s ) in the indeterminate t. Since
(h, 10) = 1, there exists a solution t0 ∈ Z. Suppose ht0 + a = c2r 5s for some
c ∈ Z. We have
c a ht0 + a t0
q− = r s − r s = r s ∈L
h 2 5h 2 5h 2 5
4 Groups 185

and so x = q + L = c/ h + L belongs to the subgroup of G generated by 1/ h + L.

We have thus proven that G is the set of solutions of kx = 0 in Q/L, so there are k
such solutions. Moreover, the number of elements of order k is φ(k), because G is
a cyclic group.
Finally, let us consider the case where (k, 10) > 1. We can write k = 2r 5s k1 with
(k1 , 10) = 1. Our initial discussion about the order of elements in Q/L implies that
every element has order coprime to 10. In particular, there are no elements of order
k and the equation kx = 0 has the same solutions as k1 x = 0; it therefore has k1
solutions.
157
(i) Yes, there are subgroups of order 3: one is given by the rotations by a multiple
of 2π/3 around some fixed axis passing through opposite vertices of the cube.
(ii) There are two types of transformations in G: those that preserve the figure and
those that rotate all the line segments within the faces by π/2. It is easy to
see that, if one of the line segments is rotated, those of adjacent faces must be
rotated as well, because the endpoints of line segments within adjacent faces
never coincide.
The subgroup H is that of transformations of the first type. Note that transfor-
mations of the second type do exists: for instance, the rotation by π/2 around
an axis joining the centres of two opposite faces. Moreover, transformations of
the second type form a coset of H . Indeed, given two transformations of the
second type α and β, the transformation α ◦ β −1 does send the figure to itself,
so α ◦ β −1 ∈ H .
Therefore, the index of H in G is 2.
(iii) We know that H is a subgroup of index 2 in G, so H is a normal subgroup
of G.
158
(i) Every element of G generates a cyclic subgroup. Moreover, a cyclic subgroup
of order d can be generated by φ(d) distinct elements. It follows that the number
of cyclic subgroups of a finite group G is given by the expression

1
· (number of elements of orderd).
φ(d)
d | |G|

In our case (that is, G = Z/6Z × Z/6Z) every x ∈ G satisfies 6x = 0, so the

order of an element can only be 1, 2, 3, or 6. The only element of order 1 is
the identity. Any element x = (a, b) of order 2 must satisfy (2a, 2b) = (0, 0),
whose solutions are a = 0, 3, b = 0, 3. If we exclude the neutral element,
which is the only solution that does not have order 2, we find that there are
4 − 1 = 3 elements of order 2.
186 3 Solutions

Elements of order 3 are counted analogously: there are 9 − 1 = 8 in total. All

other 36−1−3−8 = 24 elements have order 6. The expression above becomes

1 3 8 24
+ + + = 1 + 3 + 2 + 12 = 18.
φ(1) φ(2) φ(8) φ(6)

(ii) Clearly, if ord(x) = 1, 2, 3, 6 then |G/x| is equal to 36, 18, 12, 6, respectively.
Suppose that G/x is cyclic.
Remember that, if we let π : G −→ G/x be the canonical projection, we
have ord(π(y)) | ord(y) for all y ∈ G (simply because π is a homomorphism).
Since G has no elements of order 36, 18, 12, the only possibility is ord(x) =
|G/x| = 6. If this is the case, then G/x is necessarily cyclic, since it
contains an element a of order 2 and an element b of order 3, and their sum
a + b has order 6. The answer is therefore given by the number of elements of
G whose order is 6, which, as seen above, is 24.
159
(i) Partition Z/60Z into the twenty disjoint sets A0 , A1 , . . . , A19 , where Ah =
{h, h + 20, h + 40} for h = 1, 2, . . . , 19.
The set G consists of all permutations of Z/60Z that send Ah to itself for h =
1, 2, . . . , 19. From this description of the set G, it is clear that G is a group
isomorphic to the direct product S(A0 ) × S(A1 ) × · · · × S(A19 )  S×20 3 ,
whose factors are the groups of permutations of A0 , A1 , . . . , A19 . In particular,
G has 620 elements.
(ii) It is clear that G has no subgroups of order 10, because 10 is not a divisor of
620 .
Remark that the order of an element in a direct product is the least common
multiple of the orders of its components. Since the elements of S3 have order
1, 2, or 3, G does have cyclic subgroups of order 6 but contains no cyclic
subgroups of order 8 or 12.
There are, however, (non-cyclic) subgroups of order 8: let H be a subgroup of
order 2 in S3 ; the subgroup H × H × H × Id × Id × · · · × Id has order 8 in
S×20
3 . Similarly, given a subgroup K of order 3 in S3 , the subgroup K × H ×
H × Id × · · · × Id of S×203 has order 12.
160 Let ϕ : G −→ 3G be the map given by ϕ(x) = 3x for all x ∈ G. Remark
that ϕ is a homomorphism: since G is Abelian, we have ϕ(x + y) = 3(x + y) =
3x + 3y = ϕ(x) + ϕ(y).
Let H be a subgroup of G such that (|H |, 3) = 1; consider the map ψ = ϕ|H ,
that is, the restriction to H of the homomorphism ϕ. The kernel of ψ is the set of
elements h ∈ H such that 3h = 0, that is, the set of elements of H whose order is a
divisor of 3. Since 3 does not divide the order of H , the group H does not contain
any elements of order 3, so the kernel of ψ contains the identity only. It follows that
ψ is injective, hence H is isomorphic to its image ψ(H ). But ψ(H ) is a subgroup
of a cyclic group, so it is cyclic, and thus H itself must be cyclic.
4 Groups 187

161 A homomorphism f : Z/nZ −→ Z/10Z×Z/20Z is determined by the choice

of f (1) = (a, b) ∈ Z/10Z × Z/20Z, provided the condition ord(a, b) | n = ord(1)
is satisfied. What we need to find is therefore the number of elements (a, b) ∈
Z/10Z × Z/20Z such that n(a, b) = 0.
For n = 0, that is, when counting homomorphisms from Z to Z/10Z × Z/20Z,
all elements (a, b) satisfy the requirement, so there are 200 homomorphisms. None
of them is injective because Z is infinite whereas the codomain is finite.
Assume n ≥ 1. We need to count the elements (a, b) ∈ Z/10Z × Z/20Z such
that na = 0 and nb = 0, that is, the solutions of the congruences na ≡ 0 (mod 10)
and nb ≡ 0 (mod 20). We have

10
na ≡ 0 (mod 10) ⇐⇒ a ≡ 0 (mod )
(n, 10)

and the latter equation has exactly (n, 10) solutions in Z/10Z. Similarly, the equa-
tion nb ≡ 0 (mod 20) has exactly (n, 20) solutions in Z/20Z. This yields a total
of (n, 10)(n, 20) pairs (a, b) satisfying the requirement, so we have (n, 10)(n, 20)
homomorphisms in total.
In order for the homomorphism given by f (1) = (a, b) ∈ Z/10Z × Z/20Z to
be injective, we must have ord(a, b) = ord(1) = n: there are as many injective
homomorphisms as there are elements of order n in Z/10Z × Z/20Z. A necessary
condition for the existence of injective homomorphism is therefore that n | 20: we
must have n = 1, 2, 4, 5, 10, 20.
Let us assume n takes one of those values and find the number dn of elements
(a, b) ∈ Z/10Z × Z/20Z of order n. Remember that ord(a, b) is the least common
multiple of ord(a) and ord(b) and that, if d | m, then there are φ(d) elements of
order d in Z/mZ.
The only element of order 1 in any group is the neutral element, so d1 = 1.
All elements (a, b) of order 2 satisfy 2(a, b) = 0. We have two possible choices
for a and two for b, so four solutions in total; the neutral element is the only solution
we need to exclude, so d2 = 3.
Similarly, we exclude the neutral element from the 25 solutions of the equation
5(a, b) = 0 and obtain d5 = 24 elements of order 5.
In order to compute d10 , we find the number of solutions of 10(a, b) = 0 and
subtract the number of elements of order 1, 2 and 5: we have d10 = 100 − d1 − d2 −
d5 = 100 − 1 − 3 − 24 = 72.
An element (a, b) has order 4 if and only if b has order 4 and ord(a) | (4, 10) =
2. There are two possible choices for the element b, because there are φ(4) = 2
elements of order 4 in Z/20Z, and there are two possible choices for a, since there
are two elements of order 1 or 2 in Z/10Z. We thus have d4 = 4.
Finally, we can obtain d20 as the difference d20 = 10·20−d1−d2 −d4 −d5 −d10 =
200 − 1 − 3 − 4 − 24 − 72 = 96.
[[We can also compute d20 by remarking that (a, b) has order 20 if and only if b has order 20,
or b has order 4 and a has order 5 or 10. There are φ(20) = 8 possibilities for b and 10 for a in the
first case, whereas in the second case we have two possible values for b and 8 = φ(5) + φ(10) for
a, so 16 possibilities. We find d20 = 80 + 16 = 96.]]
188 3 Solutions

162
(i) Let g = (g1 , g2 , g3 ) be an element of G with g1 ∈ Z/5Z, g2 ∈ Z/10Z and
g3 ∈ Z/36Z. The element g is in the kernel of f if and only if f (g) =
78(g1 , g2 , g3 ) = (3g1 , −2g2 , 6g3 ) = (0, 0, 0); in other words, f (g) = (0, 0, 0)
if and only if g1 ≡ 0 (mod 5), g2 ≡ 0 (mod 5) and g3 ≡ 0 (mod 6).
We therefore conclude that Ker(f ) has 1 · 2 · 6 = 12 elements. This implies that
Im(f )  G/ Ker(f ) has |G|/| Ker(f )| = 5 · 10 · 36/12 = 150 elements.
(ii) Given g ∈ G, we have ord(f (g)) | (| Im(f )|, ord(g)) = (150, ord(g)).
Moreover, if g = (g1 , g2 , g3 ) ∈ G then we have

ord(g) = [ord(g1 ), ord(g2 ), ord(g3 )] | [5, 10, 36] = 180.

This implies that ord(f (g)) | (180, 150) = 30 for all g ∈ G.

On the other hand, for g = (1, 1, 1) we have f (g) = (3, −2, 6) and therefore
ord(f (g)) = [5, 5, 6] = 30, so 30 is the largest possible order.
163
(i) Remark that 0G = 2 · 0G ∈ Q. Moreover, if x1 , x2 ∈ Q then x1 = 2g1 and
x2 = 2g2 for some g1 , g2 ∈ G, so x1 + x2 = 2g1 + 2g2 = 2(g1 + g2 ) ∈ Q;
finally, −x1 = −2g1 = 2(−g1 ) ∈ Q. This shows that Q is a subgroup of G.
[[Another way to show that Q is a subgroup is to remark that, since G is Abelian, the map
ϕ : G −→ G given by ϕ(g) = 2g is a homomorphism and that Q = Im(ϕ).]]
ϕ
(ii) The map G g −→ 2g ∈ G is a homomorphism because G is Abelian;
moreover, we have Q = Im(ϕ) and |G/Q| = | Ker(ϕ)|. Now, Ker(ϕ) =
{g ∈ G | 2g = 0G }, so all elements in Ker(ϕ) other than 0G have order 2.
By Cauchy’s theorem, if |G/Q| = | Ker(ϕ)| is finite then it is a power of 2.
This shows that we cannot have m = 3.
Let us now give examples of groups G for which |G/Q| is 1, 2 and 4. Set
G = Z/3Z; since Z/3Z has no elements of order 2, we have Ker(ϕ) = {0}, so
|G/Q| = 1. For G = Z/2Z we have Im(ϕ) = 0, so m = 2. Finally, consider
G = Z/2Z × Z/2Z; all elements of G have order 1 or 2, so ϕ is the zero
homomorphism and |G/Q| = |G| = 4.
164
(i) Given (a, b) ∈ G, we have that ord(a, b) = [ord(a), ord(b)] is 11 if and only if
ord(a) | 11, ord(b) | 11 and (a, b) = (0, 0). Since for each divisor d of m there
are d elements in Z/mZ whose order divides d, the number of pairs (a, b)
satisfying the requirements is 11 · 11 − 1 = 120.
Since 11 is prime, all subgroups of order 11 are cyclic; their number is given
by the number of elements of order 11, divided by the number of generators in
a cyclic group with 11 elements, which is φ(11). So we have 12 subgroups of
order 11.
(ii) For every subgroup H of order 11 we have |G/H | = |G|/|H | = 33 ·11 = 297;
if G/H were cyclic, it would contain an element of order 297. But this cannot
4 Groups 189

be the case, because every element of G has an order that divides 99 and for all
x ∈ G we have ord(x + H ) | ord(x).
(iii) There are no surjective homomorphisms from G to Z/121Z. If f were one,
there would be an element x ∈ G such that ord(f (x)) = 121; but this is not
possible because ord(f (x)) | ord(x) and for every element x of G we have
ord(x) | 99.
165 Let π : G x −→ xH ∈ G/H be the projection onto the quotient. Since π is
a homomorphism we have ord(xH ) | ord(x). Assume that G/H contains an element
xH of order m; we have ord(x) = mk and thus ord(x k ) = m.
Conversely, let x ∈ G be an element of order m; we have ord(xH ) = d | m,
hence (xH )d = H and thus x d ∈ H. By Lagrange’s theorem, we have x dn = e, so
m = ord(x) | nd. The fact that (n, m) = 1 implies that m | d hence, finally, d = m.
166
(i) All elements x = (a, b) of a subgroup of order 4 must have an order that
divides 4, so they must satisfy 4x = (4a, 4b) = (0, 0). The solutions of these
congruences are given by a ≡ 0 (mod 2), that is, a ∈ {0, 2, 4, 6}, and b ≡ 0
(mod 3), that is, b ∈ {0, 3, 6, 9}.
Among the 4 · 4 = 16 elements above, 4 also satisfy the equation (2a, 2b) =
(0, 0)—that is, the elements (0, 0), (0, 6), (4, 0), (4, 6)—whereas the other 12
elements have order exactly 4. Each of these 12 elements generates a cyclic
subgroup of order 4, and each cyclic subgroup of order 4 contains two elements
of order 4, so the total number of cyclic subgroups of order 4 is 12/2 = 6.
We can list them explicitly by choosing one generator from each, for example:
(0, 3), (2, 0), (2, 3), (2, 6), (2, 9), (4, 3).
The set of solutions of (2a, 2b) = (0, 0) is also a subgroup of order 4, though
it is not cyclic. Indeed, (0, 0) belongs to the set; moreover, if (a, b) and (a , b )
are solutions, then (a + b, a + b ) is a solution, because 2(a + b, a + b ) =
2(a, b) + 2(a , b ) = (0, 0); finally, if (a, b) is a solution then −(a, b) is a
solution, because 2(−(a, b)) = −2(a, b) = (0, 0).
(ii) Let H be a subgroup of G of order 48. Since G is Abelian, H is necessarily
a normal subgroup of G, so the quotient G/H has a group structure, and it
is clearly isomorphic to Z/2Z. Since we have 2(gH ) = (2g)H = H for all
g ∈ G, we have that 2G ⊆ H .
The subgroups that contain 2G are in bijection with the subgroups of G/2G =
(Z/8Z × Z/12Z)/(2Z/8Z × 2Z/12Z)  Z/2Z × Z/2Z. Now, 2G has order
8/2 × 12/2 = 24, so any subgroup H of G whose order is 48 corresponds to
a subgroup of G/2G whose order is 2, which must consist of the identity and
one of the three elements of order 2 in G/2G. It follows that G has exactly
three subgroups of order 48, each given by the union of 2G with a coset x + 2G
of order 2 in G/2G. We may choose as representatives of these three cosets in
G/2G the elements x = (1, 0), (0, 1), (1, 1).
190 3 Solutions

167 The answer to both questions is yes: let us see why.

(i) Let π : (Z/p2 Z)∗ → (Z/pZ)∗ be the map given by [x]p2 −→ [x]p , which
is well defined because if x ≡ y (mod p2 ) then a fortiori x ≡ y (mod p).
The map π is a homomorphism because [xy]p2 = [x]p2 [y]p2 and thus [xy]p =
[x]p [y]p . Finally, π is surjective, because if (x, p) = 1 then (x, p2 ) = 1.
(ii) The group G1 is cyclic of order p − 1, because p is prime. Let x be a generator
of G1 , let π be the map defined above and let y ∈ G2 be such that π(y) = x. We
have that p − 1 = ord(x) | ord(y). Assume that ord(y) = k(p − 1); this implies
ord(y k ) = p − 1 and so the map G1 x h → y kh ∈ G2 is an isomorphism
between the two cyclic groups G1 = x and y k  ⊆ G2 . In particular, it is an
injective homomorphism from G1 to G2 .
168
(i) Let us check that H is a subgroup of G: 0 ∈ H because pa 0 = 0; if x, y ∈ H ,
then pa (x + y) = pa x + pa y because G is Abelian, so pa (x + y) = 0 + 0 = 0;
finally, if x ∈ H then pa (−x) = −pa x = 0, so −x ∈ H .
(ii) Suppose by contradiction that x + H ∈ G/H is an element of order p. In
particular, we have p(x + H ) = px + H = H , that is, px ∈ H . By definition
of H , this implies pa (px) = 0, so the order of x is a divisor of pa+1 . On the
other hand, the order of x must be a divisor of the order G, so it must also
divide (pa+1 , |G|) = pa . It follows that pa x = 0, that is, x ∈ H and the class
x + H is the class H which has order 1, but this contradicts our assumption.
(iii) The order of every element of H is a divisor of pa . Therefore, if the order of
x ∈ H is prime, then ord(x) = p. By Cauchy’s theorem, the order of H must
be a power of p: if this were not the case, there would be a different prime q
that divides |H | and thus there would be an element of order q in H . So, let
|H | = pb for some natural number b; we then have that pb | |G| because, by
Lagrange’s theorem, the order of a subgroup divides the order of the group.
Therefore, b ≤ a and, if we had b < a, the order of the group G/H would be
a multiple of p; again by Cauchy’s theorem, this would imply the existence of
an element of order p in that group, which contradicts what we showed above.
169
(i) Given two homomorphisms f, g from G to C∗ , the map fg is a homomorphism
because (fg)(x + y) = f (x + y)g(x + y) = f (x)f (y)g(x)g(y) =
f (x)g(x)f (y)g(y) = (fg)(x) · (fg)(y). We can therefore define the operation
(f, g) −→ fg in Hom(G, C∗ ).
This operation is associative because the multiplication of C∗ is. The set
Hom(G, C∗ ) has a neutral element, that is, the map e : G x −→ 1 ∈
C∗ . Finally, every homomorphism f ∈ Hom(G, C∗ ) has an inverse: letting
f −1 : G → C∗ be the map given by f −1 (x) = f (x)−1 for all x ∈ G, we
have f −1 (xy) = (f (xy))−1 = f (x)−1 f (y)−1 = f −1 (x)f −1 (y), so f −1 ∈
Hom(G, C∗ ). Moreover, (ff −1 )(x) = (f −1 f )(x) = f (x)−1 f (x) = 1 = e(x)
for all x ∈ G, so ff −1 = f −1 f = e.
4 Groups 191

(ii) If ϕ is an injective homomorphism in Hom(G, C∗ ) then ϕ(G)  G. But ϕ(G)

is a multiplicative subgroup of a field, so it is cyclic. It follows that G must be
cyclic, that is, we must have (m, n) = 1.
On the other hand, if (m, n) = 1 then G = Z/mZ × Z/nZ is cyclic of order
mn. Let g be a generator of G and let ζ = ζmn be an mnth primitive root of
unity in C∗ . Consider the map f : G → C∗ given by f (g k ) = ζ k .
This map is well defined because, if k ≡ h (mod mn), then ζ k = ζ h . It is a
homomorphism because f (g k g h ) = f (g k+h ) = ζ k+h = ζ k ζ h = f (g k )f (g h ).
Moreover, it is injective because ζ k = 1 implies k ≡ 0 (mod mn) and thus
g k = id.
170
(i) It is clear that pG and qG are both contained in G, so pG + qG ⊆ G.
Conversely, let x ∈ G and let a, b be integers such that pa + qb = 1. We
have x = pax + qbx ∈ pG + qG, so G ⊆ pG + qG.
(ii) If pq  n then at least one among p, q does not divide n; by symmetry, let us
assume that p  n. The map f : G → G given by f (x) = px is an injective
homomorphism, because there are no elements of order p in G. Since G is a
finite group, f must also be surjective: its image pG is equal to G. This of
course implies that G = pG + qG.
Now assume that pq | n, that is, p | n and q | n. By Cauchy’s theorem, G
has an element of order p and an element of order q, so the kernels of the
homomorphisms x −→ px and x −→ qx are both nontrivial. It follows that
the images pG and qG of these homomorphisms are both different from G.
But the union of two subgroups of a given group is itself a subgroup if and
only if one of the two subgroups contains the other. In this case, since both
subgroups are proper, even if their union were indeed a subgroup, it would not
be all of G.
(iii) As above, if pqr  n then at least one of the primes, say p, does not divide n,
so G = pG. On the other hand, if pqr | n then G has an element x of order p,
so the homomorphism x −→ px has a kernel of order at least p and its image
pG has at most n/p elements. Similarly, |qG| ≤ n/q and |rG| ≤ n/r, so
   
1 1 1 1 1 1
|pG ∪ qG ∪ rG| ≤ + + n≤ + + n < n = |G|.
p q r 3 5 7

It follows that we cannot have pG ∪ qG ∪ rG = G.

171 We shall use the additive notation. If the order of x ∈ G is a prime p, then this
prime must be a divisor of 200, that is, p = 2, 5. By Cauchy’s theorem, G contains
both elements of order 2 and elements of order 5. An element x of order 2 generates
a subgroup of order 2 where x itself is the only element of order 2; an element y
of order 5 generates a subgroup of order 5 that contains four elements of order 5,
namely, y, 2y, 3y, 4y. Consequently, every group G of order 200 contains at least
1 + 4 = 5 elements whose order is prime. This minimum is actually achieved by
192 3 Solutions

the cyclic group Z/200Z, which contains φ(d) elements of order d for each divisor
d of 200. The desired minimum is therefore 5.
Any element of order 2 will belong to the subgroup G2 = {x ∈ G | 2x = 0}
whose order is, by Cauchy’s theorem, a power of 2. Moreover, since the order of G2
must divide the order of G, we have that |G2 | must divide 8. Any group of order m
has at most m − 1 elements of order 2—all elements except for the identity—so G
can have at most seven elements of order 2.
Similarly, any element of order 5 must belong to the subgroup G5 = {x ∈
G | 5x = 0}, which has at most 25 elements and therefore at most 24 elements
of order 5.
It follows that the maximum possible number of elements whose order is prime
in a group G of order 200 cannot be more than 7 + 24 = 31. If we have G ∼ =
Z/2Z × Z/2Z × Z/2Z × Z/5Z × Z/5Z then we do have equality, so 31 is the
desired maximum.
172 By Cauchy’s theorem, G contains both elements of order p and elements of
order q. Let x be an element of order p and let y be an element of order q. The
element xy has order pq: indeed, we have (xy)pq = x pq y pq = e and for proper
divisors of pq we clearly have (xy)1 = xy = 1, (xy)p = y p = 1, (xy)q = x q = 1.
On the other hand, any subgroup of order pq must contain both an element of order
p and an element of order q; it follows that it must be cyclic and is generated by
two such elements.
Set H = x and K = y, so that H K = xy. The map (H, K) −→ H K
is a bijection between the set of pairs (H, K) of subgroups of orders p and q,
respectively, and the set of subgroups of order pq. The fact that this map is surjective
follows from the fact that every subgroup of order pq contains a cyclic subgroup of
order p and a cyclic subgroup of order q. Moreover, the map is injective, because
each subgroup of order pq contains exactly one subgroup of order p and exactly
one subgroup of order q. Therefore, hpq = hp hq .
As for the second equality, it is enough to remark that mpq = φ(pq)hpq , mp =
φ(p)hp , mq = φ(q)hq . Substituting and using the identity φ(pq) = φ(p)φ(q)
yields the desired formula.
173
(i) By assumption, the groups G/H and G/K have order p, so they are isomorphic
to Z/pZ. In order to show the desired isomorphism, it is enough to show that
G  G/H × G/K.
Let ϕ : G −→ G/H × G/K be the map given by g −→ (gH, gK), which is a
homomorphism because

ϕ(xy) = (xyH, xyK)

= (xHyH, xKyK)
= (xH, xK)(yH, yK)
= ϕ(x)ϕ(y).
4 Groups 193

Since Ker(ϕ) = {g ∈ G | (gH, gK) = (H, K)} = H ∩ K = {e}, the

homomorphism ϕ is injective.
In order to show that ϕ is surjective, it is enough to show that |G| = p2 . Since
G embeds into G/H × G/K which has cardinality p2 , all we have to do is
show that we cannot have |G| = p, which is true because G has two distinct
subgroups of index p.
(ii) Since p is prime, all subgroups of order p are cyclic, so their number is equal
to the number of elements of order p in G, divided by φ(p).
Moreover, since isomorphisms preserve the order of elements, we may as well
count elements of order p in Z/pZ × Z/pZ. Clearly, all elements of Z/pZ ×
Z/pZ other than the identity have order p, so their number is p2 − 1.
We can therefore conclude that G contains (p2 − 1)/φ(p) = p + 1 subgroups
of order p.
[[Since Z/pZ × Z/pZ  F2p as Abelian groups, the number of subgroups of order p in F2p ,
and therefore in G, is the number of vector subspaces of dimension 1, that is, the number of
lines through the origin in F2p . These are clearly p + 1.]]

174
(i) We first show that Gk is a subgroup of G. We have e = ek ∈ Gk ; for all
a k , b k ∈ Gk we have a k bk = (ab)k because G is Abelian, so a k bk = (ab)k ∈
Gk ; finally, a k ∈ Gk implies (a k )−1 = (a −1 )k ∈ Gk . Moreover the fact that G
is Abelian implies that Gk is normal in G.
Consider the quotient G/Gk and let xGk be one of its elements. We have
(xGk )k = x k Gk = Gk , so the order of any element in G/Gk is a divisor
of k and therefore finite.
(ii) Assuming G ∼ = Z/nZ, we have that Gk  [k]n  is a cyclic group of order
ord([k]n ) = n/(n, k). It follows that |G/Gk | = |G|/|Gk | = (n, k).
[[We also know that G/Gk must be cyclic because it is a quotient of a cyclic group, so
G/Gk  Z/(n, k)Z.]]
(iii) Consider the group G = Z/2Z × Z/10Z; we have G10 = {(0, 0)} because for
all (a, b) ∈ G we have 10(a, b) = (10a, 10b) = (0, 0). In this case we clearly
have G/G10 = G = Z/2Z × Z/10Z.
[[More generally, if G
= Z/mZ × Z/nZ then we have Gk = {(ka, kb) | (a, b) ∈ G} =
Z/(m/(m, k))Z ×Z/(n/(n, k))Z and G/Gk  Z/(m, k)Z × Z/(n, k)Z. It follows that, for
G = Z/mZ × Z/nZ, we have G/G10 ∼ = Z/2Z × Z/10Z if and only if (m, 10) = 2 and
(n, 10) = 10.]]

175
(i) Since Z/mZ is cyclic and generated by 1, a homomorphism ϕ : Z/mZ −→
Z/nZ is completely determined once one sets ϕ(1) = a for some a such
that ord(a) | m; the homomorphism ϕ is then given by k −→ ϕ(k) = ka.
Since a ∈ Z/nZ, the requirement that ord(a) | m is equivalent to the condition
ord(a) | (m, n) = d. The number of homomorphisms is therefore the number of
elements of Z/nZ whose order divides d. There are thus d homomorphisms, all
of them of the form ϕ(k) = ka for some a ∈ Z/nZ such that ord(a) | d.
194 3 Solutions

It follows that the image of the map Φ : Hom(Z/mZ, Z/nZ) −→ Z/nZ

given by Φ(ϕ) = ϕ(1) is the subgroup of order d in Z/nZ. In order to
show the desired statement, it is enough to show that Φ is an injective
homomorphism. The fact that Φ is a homomorphism is clear: for all pairs ϕ1 , ϕ2
in Hom(Z/mZ, Z/nZ) we have Φ(ϕ1 +ϕ2 ) = (ϕ1 +ϕ2 )(1) = ϕ1 (1)+ϕ2(1) =
Φ(ϕ1 ) + Φ(ϕ2 ). To show that Φ is injective, remark that Φ(ϕ) = 0 if and only
if ϕ(1) = 0, that is, if and only if ϕ(k) = k0 = 0 for all k ∈ Z/mZ, which is
equivalent to ϕ being the zero homomorphism.
(ii) Since 12 | (360, 420) = 60 = | Hom(Z/360Z, Z/420Z)|, the proof above
shows that there is a unique subgroup of order 12, which is the one that
corresponds via the isomorphism Φ to the subgroup of order 12 in Z/420Z,
that is, to 35. The required subgroup thus consists of the homomorphisms
ϕ : Z/360Z −→ Z/420Z given by ϕ(1) = a with a ≡ 0 (mod 35).
176
(i) Let e ∈ G be the neutral element; (e, e) is the neutral element of G × G and
belongs to Δ. Given (x, x) and (y, y) ∈ Δ, clearly (x, x)(y, y) = (xy, xy) ∈
Δ. Finally, given (x, x) ∈ Δ, its inverse in G × G is the element (x −1 , x −1 ),
which is again an element of Δ . This shows that Δ is a subgroup of G × G.
(ii) If G is Abelian then G × G is also Abelian, so all of its subgroups are normal.
Conversely, assume Δ is normal in G × G; then for all g ∈ G and for all x ∈ G
we have (g, e)(x, x)(g −1 , e) = (gxg −1 , x) ∈ Δ, which implies that for all
g, x ∈ G we have gxg −1 = x, that is, G is Abelian.
(iii) Consider the map ϕ : G × G −→ G given by ϕ(x, y) = xy −1 . If G is Abelian
then ϕ is a homomorphism, since ϕ((x, y)(u, v)) = ϕ(xu, yv) = xu(yv)−1 =
xuv −1 y −1 = xy −1uv −1 = ϕ(x, y)ϕ(u, v). Moreover, ϕ is surjective because
we have ϕ(x, e) = x for all x ∈ G. Remark that Ker(ϕ) = {(x, y) | xy −1 =
e} = Δ; by the fundamental homomorphism theorem, we obtain that (G ×
G)/Δ  G.
177
(i) First of all, we have 0 ∈ Gp because p0 0 = 1 · 0 = 0. Consider x, y ∈ Gp
and k, h ∈ N such that pk x = 0, ph y = 0; if we set m = max{k, h} we have
pm (x + y) = pm x + pm y = 0 + 0 = 0, so x + y ∈ Gp . Finally, if x ∈ Gp
and pk x = 0 then we also have pk (−x) = −pk x = 0, so −x ∈ Gp . We have
shown that Gp is a subgroup of G.
(ii) If ord(x) = a then kax = 0 for all k ∈ N. Similarly, if ord(y) = b then
hby = 0 for all h ∈ N. So ab(x + y) = abx + aby = 0 + 0 = 0, and therefore
ord(x + y) | ab.
Now assume that s(x + y) = 0, that is, sx = −sy. The left hand side is an
element of the subgroup generated by x, while the right hand side is an element
of the subgroup generated by y. But the intersection of these subgroups is 0, as
it must be a subgroup whose order divides both a and b, and thus also divides
1 = (a, b). Consequently, we must have sx = 0, so a | s, and sy = 0, so b | s.
Since (a, b) = 1, this implies ab | s, so ab | ord(x + y).
4 Groups 195

(iii) One implication is clear: if G is cyclic then all its subgroups are cyclic, and
in particular all the groups Gp are cyclic. As for the opposite implication, we
shall first show that, if pa is the largest power of p that divides n, then the order
of Gp is pa .
By Cauchy’s theorem, the order of Gp must be a power of p. Consider the
quotient G/Gp ; we show that it cannot contain any elements of order p.
Indeed, assume by contradiction that x + Gp ∈ G/Gp is an element of order
p; we have p(x + Gp ) = Gp , that is, px = y ∈ Gp , so there is an integer k
such that pk y = pk+1 x = 0, hence x ∈ Gp . It follows that the coset x + Gp is
actually the class of the neutral element in the quotient and therefore has order
1, which is a contradiction.
Now, since G/Gp does not have any elements of order p, again by Cauchy’s
theorem we have that p cannot divide the order of G/Gp . But, since |G| =
|Gp | · |G/Gp |, this yields the desired equality |Gp | = pa .
Now, let n = p1e1 · · · pkek be the prime factorisation of n and let xi ∈ G, for
i = 1, . . . , k, be an element of Gpi of order piei . We show by induction on k
that x1 + · · · + xk has order p1e1 · · · pkek . If k = 0 there is nothing to prove.
Assuming the desired result for k − 1, set x = x1 + · · · + xk−1 , y = xk ,
ek−1
a = p1e1 · · · pk−1 , b = pkek . Because of our argument above, the order of x + y
is ab = n, that is, it is the same as the order of G, which implies that G is
cyclic.
178
(i) We start by showing that f + g : G −→ G is a homomorphism: we have
(f + g)(u + v) = f (u + v) + g(u + v) = f (u) + f (v) + g(u) + g(v) = f (u) +
g(u)+f (v)+g(v) = (f +g)(u)+(f +g)(v) because G is Abelian. Moreover,
the operation (f, g) −→ f + g on Hom(G, G ) is associative because the
addition of G is. The neutral element is the homomorphism G u −→ 0 ∈
G . The additive inverse of a homomorphism G u −→ f (u) ∈ G is the
map G u −→ −f (u) ∈ G , which one can immediately show to be a
homomorphism.
A homomorphism f : G −→ G induces two restricted homomorphisms f1 :
Z/18Z −→ G and f2 : Z/12Z −→ G given by f1 (x) = f (x, 0) and
f2 (y) = f (0, y). Conversely, given two homomorphisms f1 : Z/18Z −→ G
and f2 : Z/12Z −→ G we can construct a homomorphism G (x, y) −→
f (x, y) = f1 (x) + f2 (y) ∈ G . It follows that the set of homomorphisms from
G to G is in bijection with Hom(Z/18Z, Z/36Z) × Hom(Z/12Z, Z/36Z) and
thus has cardinality 18 · 12 = 216, because 18 = (18, 36) and 12 = (12, 36).
(ii) Suppose f (1, 0) = r and f (0, 1) = s. We must have r = 2r1 and s = 3s1 ,
because the order of r and the order of s must divide 18 and 12, respectively.
The homomorphism f is given by f (x, y) = r · x + s · y and is surjective if
and only if there are x, y such that r · x + s · y is a generator of Z/36Z, that is,
if and only if there are x, y such that (2r1 x + 3s1 y, 36) = 1.
In order for this to hold, a necessary condition is that 3  r1 and 2  s1 , as
otherwise all numbers of the form 2r1 x + 3s1 y would be multiples of 3 or of 2.
196 3 Solutions

But this condition is also sufficient because, if 3  r1 and 2  s1 , then 2r1 + 3s1
neither divisible by 3 nor by 2, so it is coprime to 36 and thus its residue class
modulo 36 is a generator of Z/36Z.
We have shown that the number of surjective homomorphisms is the number
of pairs (2r1 , 3s1 ) ∈ G × G such that 3  r1 and 2  s1 and is therefore equal
to 12 · 6 = 72.
(iii) We have ϕ(a,b)(f + g) = (f + g)(a, b) = f (a, b) + g(a, b) = ϕ(a,b)(f ) +
ϕ(a,b)(g), so ϕ(a.b) is a homomorphism. Using the same notation as above, set
r = −2 and s = 3; we have that −2 + 3 = 1 is in the image of the homo-
morphism. Since 1 is a generator of Z/36Z, the homomorphism is surjective.
Finally, by the fundamental homomorphism theorem its image is isomorphic to
Hom(G, G )/ Ker(ϕ(1,1) ), so we have | Ker(ϕ(1,1) )| = | Hom(G, G )|/|G | =
216/36 = 6.
179
(i) It is clear that the second bullet point implies the first, but we shall prove it
independently for the sake of completeness.
Let x1 + H, . . . , xm + H be three cosets of H and let y1 + K, . . . , yn + K be
the cosets of K. Clearly,


m 
n 
G= (xi + H ) = (yj + K) = (xi + H ) ∩ (yj + K).
i=1 j =1 i=1,...,m
j=1,...,n

The last expression above is a union of mn subsets; if we showed that each

of them is contained in a single coset of H ∩ K then the desired inequality
would follow. We shall now prove that, for all i and j and all elements a, b ∈
(xi + H ) ∩ (yj + K), we have a + H ∩ K = b + H ∩ K. Indeed, we have
a − b ∈ H, a − b ∈ K, so a − b ∈ H ∩ K, which is equivalent to the claim.
(ii) Consider the map f : G −→ G/H × G/K given by f (x) = (x + H, x + K),
which is a homomorphism because its components are the projections of G
onto G/H and G/K. The kernel of f is {x ∈ G | x ∈ H, x ∈ K} =
H ∩ K. By the fundamental homomorphism theorem, f induces an injective
homomorphism from G/(H ∩K) to G/H ×G/K, so d = |G/(H ∩K)| divides
|G/H | · |G/K| = mn.
(iii) The statement is equivalent to showing that the homomorphism f defined
above is surjective if and only if H + K = G. Suppose that H + K = G
and consider an element (a + H, b + K) ∈ G/H × G/K. By assumption we
can write a − b = h + k for some h ∈ H , k ∈ K. Now, set g = a − h = b + k.
We have f (g) = (g + H, g + K) = (a + H, b + K), so f is indeed surjective.
Conversely, assume that f is surjective; then for all x ∈ G there is g ∈ G such
that f (g) = (x + H, K). This implies g + H = x + H , that is, x − g = h ∈ H ,
and g + K = K, that is, g ∈ K. It follows that x = h + g ∈ H + K, so
G ⊆ H + K. The reverse inclusion is clear.
4 Groups 197

180
(i) Given any two cyclic subgroups of G that are isomorphic to Z, say H1 =
a1 /b1  and H2 = a2 /b2 , they have the element a1 a2 = a2 b1 · a1 /b1 =
a1 b2 · a2 /b2 in common; this element is nonzero because a1 /b1 and a2 /b2
are nonzero. Therefore, there cannot be a subgroup of G that is isomorphic to
Z × Z.
(ii) Take for example the subgroups
a a
Hm = 2m G = {2m | ∈ G} with m ≥ 0
b b
and consider the quotients Gm = G/Hm .
The coset 1 + Hm has order 2m , because k · 1 ∈ Hm if and only if k is of the
form 2m a/b with (b, 10) = 1, that is, if and only if kb is a multiple of 2m .
Since (b, 2m ) = 1, this is equivalent to the condition that 2m | k.
Moreover, every coset a/b + Hm is a multiple of 1 + Hm, since if c is an integer
such that cb ≡ a (mod 2m ) then c − a/b ∈ Hm , so c(1 + Hm ) = c + Hm =
a/b + Hm .
It follows that Gm is cyclic of order 2m .
(iii) Suppose by contradiction that G has a cyclic quotient of order 3, that is, that
there is a subgroup H of G such that |G/H | = 3. Every element of G/H must
have an order that divides 3: for all x ∈ G we must have 3(x + H ) = H , that
is, 3x ∈ H , so ultimately we get 3G ⊆ H . However, we have 3G = G because
for all y ∈ G we have y = 3 · y/3 ∈ 3G, hence a contradiction.
181
(i) Assume that G is finite; we shall show that the conditions in the problem
statement are necessary.
If f is an injective homomorphism then f (G)  G and, since f (G) is a
subgroup of H , we must have that H is finite and that a | b.
Now, let b = ac. Suppose by contradiction that (a, c) > 1; then there is a
prime p and there are positive integers α, β with α < β such that pα and pβ
are the largest powers of p that divide a and b, respectively. Let Gp  Z/pα Z
and Hp  Z/pβ Z be the unique subgroups of G and H of order pα and pβ ,
respectively, and set γ = β − α. We necessarily have that f (Gp ) is the unique
subgroup of Hp of order pα , that is, f (Gp ) = pγ Hp . In particular, given a
generator x of Gp , its image f (x) is not a generator of Hp , so f (x) = py for
some y ∈ Hp . But then g ◦ f (x) = pg(y) cannot be a generator of Gp , which
contradicts the assumption that g ◦ f is an isomorphism.
We now show that the conditions are sufficient. If b = ac and (a, c) = 1 then
H  Z/aZ × Z/cZ and f (G) is the unique subgroup of H of order a, that
is, Z/aZ × {0}. Setting g to be the canonical projection of Z/aZ × Z/cZ onto
Z/aZ, we have g ◦ f (G) = G, so g ◦ f is surjective.
Since g ◦ f is a surjective map between two sets of the same cardinality it is
also injective, so it is an isomorphism.
198 3 Solutions

(ii) Assume now that G is infinite; first of all, we prove that the condition in the
problem statement is necessary. Remark that there are no injective maps from
an infinite set into a finite one, so H must be a cyclic infinite group, that is, it
must be isomorphic to Z. Assume by contradiction that f is not surjective; we
would then have f (1) = k for some k = ±1. But then g(k) = kg(1) would
be divisible by k and so g(k) = g ◦ f (1) = ±1. It follows that the map g ◦ f
would send the generator 1 of Z to an element that is not a generator, so the
map would not be an isomorphism.
Let us now show that the condition is sufficient. If H  Z then without loss of
generality we can assume G = H = Z, f (x) = ±x and, setting g(x) = ±x,
we have that g ◦ f (x) = x is an isomorphism.
182 Given a subgroup H of a group G, we shall call intermediate between H and
G any subgroup L such that H  L  G.
π
(i) The projection G g −→ gK ∈ G/K induces an inclusion-preserving
bijection between the set of subgroups of G that contain K and the set of
subgroups of G/K. Since the subgroups of G that contain M also contain K,
there is an intermediate subgroup between M and G if and only if there is an
intermediate subgroup between M/K and G/K, hence the conclusion.
(ii) Suppose by contradiction that the statement does not hold, that is, that G has
subgroups that are not contained in any maximal subgroup. Let H be such a
subgroup of G. Since the order of G is finite, we can assume that H is of
maximal order among all such subgroups.
Since H cannot be maximal, there is an intermediate subgroup L between H
and G. But |L| > |H | and so L must be contained in a maximal subgroup M,
hence H ⊆ M, which contradicts our assumption.
(iii) We shall use the statement we proved above and the fact that all subgroups of
an Abelian group are normal.
If [G : K] = p is a prime then K/K is a maximal subgroup of G/K ∼ = Z/pZ
because the only subgroups of a group of order p are the trivial subgroup and
the group itself.
If [G : K] = |G/K| = m is not prime then, given a prime p that divides m,
by Cauchy’s theorem there is a cyclic subgroup of order p in G/K, which is
clearly intermediate between K/K and G/K. But then there is an intermediate
subgroup between K and G, so K is not maximal.
183
(i) The group Z/12Z is a cyclic group of order 12 generated by 1. We know that
a homomorphism ϕ : Z/12Z −→ Z/4Z × S3 , since Z/12Z is a cyclic group,
is completely determined by the image of 1, which only needs to satisfy the
condition ord(ϕ(1)) | ord(1) = 12. Therefore, the image of 1 can be any
element whose order is a divisor of 12 in Z/4Z × S3 .
The elements of the group Z/4Z × S3 are the pairs (a, σ ), where a ∈ Z/4Z
and σ ∈ S3 . We know that ord(a, σ ) = [ord(a), ord(σ )]. But ord(a) | 4 and
4 Groups 199

ord(b) | 6, so ord(a, σ ) | [4, 6] = 12. We can therefore choose any element of

Z/4Z × S3 to be the image of 1, hence there are 24 homomorphisms in total.
The homomorphism ϕ is injective if and only if ord(ϕ(1)) = ord(1) = 12;
counting injective homomorphisms is the same as counting elements of order
12 in Z/4Z × S3 . The order of an element in Z/4Z can be 1, 2 or 4, while the
order of an element in S3 can be 1, 2 or 3. Consequently, a pair (a, σ ) has order
12 if and only if ord(a) = 4 and ord(σ ) = 3. Since Z/4Z contains φ(4) = 2
elements of order 4, namely, 1 and 3, and S3 contains two elements of order
3, namely, the 2 three-cycles (123) and (132), there are 2 · 2 = 4 injective
homomorphisms in total.
(ii) Because of our previous remarks, a homomorphism ϕ is completely determined
by the image of 1. Let ϕ(1) = (a, σ ); we have ϕ(10) = 10ϕ(1) = (10a, σ 10 ).
It follows that the order of ϕ(10) is equal to 3 if and only if we have
[ord(10a), ord(η10 )] = 3. Since the order of an element in Z/4Z is 1, 2 or
4 and the order of an element in S3 is 1, 2 or 3, in order for the order of ϕ(10)
to be 3 we must have ord(10a) = 1 and ord(σ 10 ) = 3.
Now, we have 10a ≡ 0 (mod 4) if and only if 2a ≡ 0 (mod 4), that is, a ≡ 0
(mod 2). The two solutions of this equation are a = 0, 2. As for σ ∈ S3 , remark
that ord(σ 10 ) = 3 implies 3 | ord(σ ) and, since σ = e, the element σ must be
one of the 2 three-cycles of S3 , which clearly satisfy ord(σ 10 ) = 3.
It follows that the homomorphisms ϕ such that ord(ϕ(10)) = 3 are exactly
those that send 1 to an element (a, σ ) with a = 0 or a = 2 and σ = (123) or
σ = (132). That is, there are four such homomorphisms.
184
(i) By the Chinese remainder theorem, since 1000 = 8 · 125 and (8, 125) = 1, we
know that

(Z/1000Z)∗ ∼
= (Z/8Z)∗ × (Z/125Z)∗ .

Therefore, the group G has a subgroup isomorphic to (Z/8Z)∗ . Since

(Z/8Z)∗ = {±1, ±3}  Z/2Z × Z/2Z is not cyclic, G itself cannot be
cyclic, because every subgroup of a cyclic group is cyclic.
(ii) Clearly, the identity belongs to H , because it has order 1 = 20 . Given g, h ∈ H ,
a a a
letting 2a = max{ord(g), ord(h)}, we have (gh)2 = g 2 h2 = e, so the order
of gh is a power of 2 as it divides 2a . It follows that gh ∈ H . Since H is finite,
this is enough to show that H is a subgroup of G.
Let us now compute the order of H . By Lagrange’s theorem, |H | divides |G| =
φ(1000) = 24 · 52 . Moreover, since the order of every element in H is a power
of 2, by Cauchy’s theorem 2 is the only prime divisor of the order of H , so |H |
divides 24 . We now show that |H | = 24 by arguing that |G/H | = 24 · 52 /|H |
is odd.
Indeed, if |G/H | were even, Cauchy’s theorem would yield a coset gH of
order 2 in G/H , that is, such that gH = H and (gH )2 = H , or equivalently
that g ∈ H and g 2 ∈ H . But this is not possible, because it would imply that
200 3 Solutions

the order of g 2 is a power of 2, and so the order of g would be a power of 2 and

g would belong to H . This concludes the proof that |H | = 24 .
(iii) It is enough to show that (Z/125Z)∗ contains an element of order 25, that is,
that there are solutions of the congruence x 25 ≡ 1 (mod 125) that are not
solutions of x 5 ≡ 1 (mod 125). For example, set x = 6 ∈ Z/125Z; we have
x 25 = (1 + 5)25 ≡ 1 + 25 · 5 ≡ 1 (mod 125), whereas x 5 = (1 + 5)5 ≡
1 + 5 · 5 = 26 ≡ 1 (mod 125) and so x does not satisfy x 5 ≡ 1 (mod 125).
We have thus shown that the order of x is 25.
We know that |G/H | = 25; in order to show that G/H is cyclic, it is enough
to remark that, letting x = 6, the coset xH has order 25 in G/H . Let d =
ord(xH ) be the smallest positive integer such that x d ∈ H . By the definition of
H , the order of every element in H is a power of 2, so ord(x d ) = 25/(d, 25) =
2k for some k. But this is possible only if k = 0 and d = 25.
185

(i) Since G is Abelian, for all g, h ∈ G we have g k hk = (gh)k , so the map

ϕk : G −→ G given by ϕk (g) = g k is a group homomorphism and we have
Gk = ϕk (G). Since the image of a homomorphism is always a subgroup, Gk
is a subgroup of G.
ϕk
(ii) Again, consider the homomorphism G g −→ g k ∈ G. We have Gk = G
if and only if ϕk is surjective; since G is finite, this is equivalent to ϕk being
injective. We therefore need to identify the values of k for which Ker(ϕk ) =
{e}.
First, let us suppose that (n, k) > 1. Let p be a prime that divides (n, k); by
Cauchy’s theorem, there is an element g of order p in G, and since k = pd for
some integer d we have g k = (g p )d = e, so the kernel of ϕk is nontrivial and
the homomorphism is not surjective.
Now suppose that (n, k) = 1. We have g k = e if and only if the order of
g divides k, but since k must also divide the order of the group n, the only
possibility is g = e. So ϕk is injective and surjective. In conclusion, Gk = G
if and only if (k, n) = 1.
(iii) Consider for example G = Z. Clearly, Gk is the subgroup kZ of all multiples
of k. But then 1 is not an element of Gk for any k > 1, so Gk = G for all
k > 1.
[[Another easy example is given by the multiplicative group Q∗ , where 2 ∈ Q∗k if k > 1, as
√
one can show by generalising the proof of the fact that 2 ∈ Q.]]
(iv) Consider the additive group Q of rational numbers: for all k ≥ 1 and for all
rationals a/b we have
a a
=k ∈ kQ,
b kb
so kQ = Q.
[[One can give other examples by letting G be the set of all roots of unity or the set of
points of the unit circle in C (that is, complex numbers of modulus 1), endowed with the
5 Rings and Fields 201

multiplication of C∗ . In both cases it is easy to show that G is a group and that every g ∈ G
is a square of some element of G, the cube of some element of G, the fourth power of some
element of G, and so on. ]]

186
(i) The order of G is 3·6 = 18, so by Lagrange’s theorem the order of any subgroup
of G must divide 18.
On the other hand, if H is a subgroup of Z/3Z and K is a subgroup of S3
then H × K is a subgroup of G of order |H | · |K|. We can take H to be
the trivial subgroup, which has one element, or the group Z/3Z, which has
three. The group S3 has a one-element subgroup (the trivial subgroup), a two-
element subgroup (any subgroup generated by a transposition), a three-element
subgroup (generated by a three-cycle) and a six-element subgroup (the whole
group S3 ). We can therefore choose K of order 1, 2, 3 and 6. This allows us to
conclude that we can construct a subgroup of G of order d for all divisors d of
18.
(ii) In order to find the number of cyclic subgroups of some fixed order n, we
count the elements of order n and divide the result by φ(n). This is because
every cyclic subgroup of order n contains φ(n) elements of order n, and if two
subgroups have an element of order n in common then, since that element is a
generator for both, they must coincide.
Each element of G has an order that divides 6, since the order of a pair in a
direct product is the least common multiple of the orders of its components. It
follows that there cannot be any cyclic subgroups of order 9 or 18.
The elements of order 2 are those of the form (0, σ ) where σ is one of the
transpositions (12), (13), (23) in S3 . There are therefore 3 = 3/φ(2) cyclic
subgroups of order 2.
The elements of G whose order is 3 are those of the form (a, σ ) = (0, e), where
a = 0, 1, 2 and σ is one of the 2 three-cycles (123) and (132), or the neutral
element. We therefore have 3 · 3 − 1 = 8 elements of order 3 in total, hence
4 = 8/φ(3) cyclic subgroups of order 3.
Finally, there are 3 cyclic subgroups of order 6: there 6 elements of order 6,
namely, the elements of the form (a, σ ), where a = 1, 2 and σ is one of the
three transpositions of S3 , and we have φ(6) = 2.
In conclusion, G has 1 + 3 + 4 + 3 = 11 cyclic subgroups.

5 Rings and Fields

187 First of all, let us factor f (x) as a product of irreducible polynomials. One can
check, using Ruffini’s theorem, that f (x) is divisible by both x − 2 and x − 3, hence
by their product. By performing the division we obtain

f (x) = (x − 2)(x − 3)(x 2 − x + 3)

202 3 Solutions

where the last factor, which is of degree 2 and has no roots in F7 , is irreducible.
Elements of F7 [x]/(f (x)) can be written in the form g(x), where g(x) is a
polynomial of degree at most 3. The element g(x) is a zero divisor if and only if
(g(x), f (x)) = 1 and is invertible if and only if (g(x), f (x)) = 1.
The set of zero divisors is therefore the union of the sets of multiples of x − 2,
multiples of x − 3, and multiples of x 2 − x + 3. The multiples of degree at most 3 of
a polynomial of degree d are as many as the polynomials of degree at most 3 − d,
that is, 74−d . By the inclusion-exclusion principle, this implies that the number of
zero divisors is

73 + 73 + 72 − 72 − 7 − 7 + 1 = 673.

By the remark above, x + 1 is invertible. In order to find its inverse, note that

0 = x 4 + x 3 − 3 = x + 1 · x 3 − 3.

We therefore have x + 1 · x 3 = 3, hence x + 1 · 5x 3 = 1, and so 5x 3 is the inverse

of x + 1.
188 First of all, remark that x 4 −25 = (x 2 −5)(x 2 +5) and that the two polynomials
x 2 − 5 and x 2 + 5 are irreducible in Q[x], because their degree is 2 and they have
no rational roots. √ √ √
√ splitting field of x√ − 25 over√Q is F = Q( √5, −5). Since [Q( √5) : Q] =
The 4

[Q( −5) : Q] = 2 and −5 ∈ / Q( 5) (because −5 ∈ / R whereas Q( 5) ⊆ R),

we√have√[F : √ Q] = 4. Moreover, a basis of F as a vector √ space√over Q is given by
1, 5, −5, −25 = 5i, or alternatively simply by 1, 5, i, i 5.
Let K be the splitting field of fm (x) = (x 2 − √m)(x 4 − 25). If m is
√of the form
√
±n or of the form ±5n for some n ∈ N, then m = ±n, ±in, ± 5n, ±i 5n
2 2

belongs to F, so K = F has degree 4 over Q.

Assume now that m is √ not of one√of the two forms in the previous
√ paragraph.
The field K contains both √ m and i m: therefore, √ it contains |m|, √|m| =
where
2 . Let us show that |m| ∈
n2 , 5n√ / F. If we had |m| ∈ F we would have |m| =
√
a + b 5√ + ci + di 5 for some a, b, c, d ∈ Q. √ √
Since |m| ∈ R, we must have c = d = 0, and therefore √ |m| = a + b 5.
Taking the square of both sides, |m| = a 2 + 5b 2 + 2ab 5, hence

|m| = a 2 + 5b 2
2ab = 0
√
because 1 and 5 are linearly independent over Q.
The second equation implies that a = 0 or b = 0. If a = 0 then |m| = 5b2 and if
b = 0 then |m| = a 2 , contradicting our assumptions on n.
We can thus conclude that,√ if m is neither
√ of the form ±n2 nor of the form ±5n2
for any n ∈ Z, then K = F( |m|) and |m| ∈ / F, so [K : Q] = 8.
5 Rings and Fields 203

189
(i) The polynomial f (x) is irreducible in Q[x]: its degree is 3, so it is irreducible if
and only if it has no rational roots; since any rational root must have a numerator
that divides the constant coefficient and a denominator that divides the leading
coefficient, it is enough to check that f (±1) = 0. We thus have [Q(α) : Q] = 3.
Clearly, 1/(α + 2) ∈ Q(α) and α ∈ Q(1/(α + 2)), so Q(1/(α + 2)) = Q(α). It
follows that the minimal polynomial of 1/(α + 2) over Q has degree 3.
Set β = α + 2 and γ = 1/β = 1/(α + 2). Since α is a root of f (x) we have
that β is a root of f (x − 2) = (x − 2)3 − 3(x − 2) + 1 = x 3 − 6x 2 + 15x − 15,
that is, β 3 − 6β 2 + 15β − 15 = 0. Multiplying by on both sides 1/(15β 3) = 0
yields

2 1
γ3 − γ2 + γ − = 0,
5 15
so γ is a root of the monic polynomial with rational coefficients

2 1
x3 − x2 + x − .
5 15
Since this polynomial has degree 3, it must be the minimal polynomial of γ
over Q.
(ii) Suppose β is a common root of f (x) and g(x) in an algebraic closure of Fp .
The fact that β 2 = 2 implies that β 3 + 3β − 1 = 5β − 1 = 0, so 5β = 1 and
1 = (5β)2 = 25β 2 = 25 · 2 = 50. But 1 = 50 implies p | 50 − 1 = 49, that is,
p = 7. Conversely, if p = 7 then we have the common root β = 3.
190
(i) First of all, remark that f (x) is irreducible in Z[x] by Eisenstein’s criterion
for the prime 2. By Gauss’s lemma, f (x) is then irreducible in Q[x]. We have
α 6 + 2 = −4α 3 and, by taking the square of both sides, α 12 + 4α 6 + 4 = 16α 6 ,
so α 2 is a root of the polynomial g(x) = x 6 − 12x 3 + 4.
Let us show that g(x) is irreducible. Since Q(α 2 ) ⊆ Q(α) and [Q(α) :
Q(α 2 )] ≤ 2, we have that [Q(α 2 ) : Q] = 3, 6, so it is enough to check that
g(x) does not factor as the product of two polynomials of degree 3.
By Gauss’s lemma, we may assume by contradiction that g(x) = p(x)q(x) for
some monic polynomials p and q of degree 3 with integer coefficients.
Considering the reduction modulo 2 of the equality above, we necessarily have
that p = q = x 3 , so all coefficients of p and q except for the leading coefficient
must be even. In particular, the constant coefficients must both be equal to 2
or both be equal to −2. If we write p(x) = x 3 + ux 2 + vx ± 2, q(x) =
x 3 + u x 2 + v x ± 2 and equate the corresponding coefficients of g(x) and
p(x)q(x) we immediately obtain that u = −u, v = −v (from the terms of
204 3 Solutions

degree 5 and 1) and u2 = v 2 = 0 (from the terms of degree 4 and 2), hence a
contradiction.
We thus have Q(α 2 ) = Q(α) and so Q(1/α 2 ) = Q(α 2 ) has degree 6 over Q.
Since 4(1/α 2 )6 − 12(1/α 2 )3 + 1 = 0, the minimal polynomial of 1/α 2 over Q
is
1
h(x) = x 6 − 3x 3 + .
4

(ii) If we consider the coefficients as elements of F7 , we have f (x) = (x 3 −1)(x 3 −

2). We can check for roots of the degree 3 factors and obtain that x 3 − 1 =
(x − 1)(x − 2)(x − 4), while x 3 − 2 is irreducible. Since the least common
multiple of the degrees of the irreducible factors of f (x) is 3, the splitting field
of f (x) is F73 .
191 We have f (x) = x 6 − 4 = (x 3 + 2)(x 3 − 2). Note that α is a root of the first
factor if and only if −α is a root of the second factor, so the splitting field of f (x)
is the same as the splitting field of g(x) = x 3 − 2.
The polynomial√g(x) is irreducible in Q[x] by Eisenstein’s criterion; it has one
real root, namely, 3 2, and two complex conjugate roots. The degree√of the splitting
field K of g(x) over Q is at most 3!√= 6 and is a multiple of [Q( 3 2) : Q] = 3.
Moreover, it cannot be 3 because Q( 3 2) ⊆ R and K ⊆ R, so [K : Q] = 6.
The polynomial g(x) does not have multiple roots in F11, because its roots
are nonzero and g (x) = 3x 2 is zero only for x = 0. The multiplicative group
F∗11 is cyclic and has ten elements. Since (3, 10) = 1, the map x −→ x 3 is an
isomorphism. In particular, it is bijective. It follows that there is a unique element a
such that a 3 = 2, that is, a unique root of g(x) in F11 , which is simple. Therefore,
the irreducible factors of g(x) are a polynomial of degree 1 and a polynomial of
degree 2, so the degree of the splitting field of g(x) over F11 is 2.
192 Given a root α of f (x) = x 6 + 1, we have α 6 = −1 and α 12 = 1, so the order
ord(α) of α in F∗p is a divisor of 12.
If ord(α) = 1, then 16 + 1 = 0 and so p = 2.
Assume now that p = 2: we have −1 = 1 in Fp , so ord(α)  6. We thus have the
two possibilities ord(α) = 4 and ord(α) = 12. But, if there exists α ∈ Fp of order 4
then α is a root of the polynomial x 2 + 1 = (x 4 − 1)/(x 2 − 1), which divides f (x),
so α is also a root of f (x). Similarly, if there exists α ∈ Fp of order 12 then α is a
root of the polynomial f (x) = (x 12 − 1)/(x 6 − 1).
So f (x) has a root in Fp if and only if F∗p , which is a cyclic group of order
p − 1, contains an element of order 4 or an element of order 12, that is, if and only
if 4 | p − 1 or 12 | p − 1. Since the second condition implies the first, the primes
satisfying these requirements are 2 and all primes p with p ≡ 1 (mod 4).
5 Rings and Fields 205

193
(i) By using the fact that α is a root of f (x) = x 4 − 2x 3 + x − 1, we obtain that

α 4 − 2α 3 + α = 1
(α 4 − 2α 3 + α)2 = α 8 − 4α 7 + 4α 6 + 2α 5 − 4α 4 + α 2 = 1
α 2 (α 6 − 4α 5 + 4α 4 + 2α 3 − 4α 2 + 1) = 1.

It follows that g(x) = x 6 −4x 5 +4x 4 +2x 3 −4x 2 +1 has the required property.
[[The polynomial g(x) given above is not an example with minimal degree: we have
1/α 2 ∈ Q(α) and every element of Q(α) can be expressed as a polynomial in α with integer
coefficients of degree ≤ 3.]]
(ii) The polynomial f (x) is irreducible in Q[x]. In order to show this, by Gauss’s
lemma it is enough to show that it is irreducible in Z[x]. By reducing modulo 2,
we find that the polynomial x 4 + x + 1 is irreducible in F2 [x], because it has no
roots in F2 and is not the square of the unique irreducible polynomial of degree
2 with coefficients in F2 , namely, x 2 + x + 1. So f (x) is irreducible in Z[x].
Therefore, f (x) is the minimal polynomial of α, we have [Q(α) : Q] = 4 and,
since β = α 2 + kα ∈ Q(α), d = [Q(β) : Q] is a divisor of 4.
The degree d cannot be 1, otherwise we would have β ∈ Q and α would be the
root of a polynomial with rational coefficients of degree 2 < 4.
We have d = 2 if and only if there are rationals a, b such that β 2 + aβ + b = 0,
that is,

α 4 + 2kα 3 + (k 2 + a)α 2 + kaα + b = 0.

This is the case if and only if x 4 + 2kx 3 + (k 2 + a)x 2 + kax + b is a multiple

of f (x). Since both polynomials are monic and have the same degree, this is
equivalent to 2k = −2, k 2 + a = 0, ka = 1, b = 1, that is, k = −1, a = −1,
b = 1.
In conclusion, the degree [Q(α 2 + kα) : Q] is 2 for k = −1 and 4 for all other
values of k.
194 First of all, remark that f (x) = x 4 + 2x 2 + 2 is irreducible over Q by
Eisenstein’s criterion for the prime 2, so [Q(α) : Q] = 4.
The minimal polynomial of α 2 is x 2 +2x +2, because it is monic, has α 2 as a root
and is irreducible. So the minimal polynomial of α 2 + 1 is (x − 1)2 + 2(x − 1) + 2 =
x 2 + 1.
The polynomial (x −2)4 +2(x −2)2 +2 = x 4 −8x 3 +26x 2 −40x +26 has α +2
as a root, so its reciprocal polynomial 26x 4 − 40x 3 + 26x 2 − 8x + 1 has 1/(α + 2)
as a root.
206 3 Solutions

Remark that Q(1/(α + 2)) = Q(α + 2) = Q(α); therefore, the minimal

polynomial of 1/(α + 2) has degree 4. We can thus conclude that this minimal
polynomial is

20 3 4 1
x4 − x + x2 − x + .
13 13 26

195 The polynomial x 3 − 2 is irreducible in Q[x] because its degree is √3 and it

√ √ √ −3
has no rational roots. Its roots in C are 3 2, 3 2ζ, 3 2ζ 2 , where ζ = −1 2 + 2 is a
primitive third root of unity.
The polynomial x 4 − 3 is irreducible over
Q by Eisenstein’s criterion for the prime 3
K = Q( 3 2, 4 3, i)
and
√ by
√ Gauss’s
√ lemma, √ and its roots in C are
4
3, i 4 3, − 4 3, −i 4 3. It is easy to check that the
√ √
Q( 3 2, 4 3) ⊆ R splitting field of√f (x)
√ = (x 3 − 2)(x 4 − 3) over Q
is thus K = Q( 2, 3
√
4
3, i). √
√ √ We know that [Q( 3
2) : Q] = 3 and that√[Q(√4 3) :
3 4
Q( 2) Q( 3) Q] = 4, so 12 = [3, 4] divides √ √ [Q( 3 2, 4 3) :
Q] ≤ 12. It follows √ that √[Q( 2, 3) : Q] = 12.
3 4

3 4 Moreover, [K : Q( 3 2, 4 3)] = 2 because K is

√ √
obtained by adding i to the real field Q( 3 2, 4 3).
In conclusion, [K : Q] = 24.
In F3 we have f (x) = (x − 2)3 x 4 , so the splitting field is F3 itself. In F11
the polynomial x 3 − 2 factors as the product of a polynomial of degree 1 and
an irreducible polynomial of degree 2: to see this, it is enough to remark that the
endomorphism of F∗11 given by a → a 3 is an automorphism. On the other hand,
x 4 − 3 factors as (x 2 − 5)(x 2 + 5) so, independently of whether these factors are
irreducible or not, the least common multiple of the degrees of the irreducible factors
of f (x) is 2. The splitting field of f (x) is therefore F112 .
196
√
(i) A simple calculation yields α 2 − 4 = 2i 5, so (α 2 − 4)2 = −20, that is,
α 4 − 8α 2 + 36 = 0. So α is a root of the polynomial f (x) = x√ 4 − 8x 2 + 36.

The polynomial f (x) is irreducible in Q[x]: it has α and α√= 5 − i as roots

√ since its monomials all have even degree, −α = − 5 − i and −α =
and,
− 5 + i are also roots f (x).
It follows that f (x) has no rational roots and that it has no factors of degree 2
with rational coefficients,√because its degree 2 factors with real√coefficients are
(x − α)(x − α) = x 2 − 2 5x + 6 and (x + α)(x + α) = x 2 + 2 5x + 6, which
are not in Q[x]. So f (x) is the minimal polynomial of α.
5 Rings and Fields 207

(ii) The splitting field of f (x) over Q is K = Q(α, α, −α, −α). √

One can√ immediately check √ that K = Q( 5, i): clearly,
K = Q( 5, i)
K ⊆ Q( 5, i), and moreover √ 5 = (α + α)/2, i =2 (α −
2 α)/2 ∈ K. Remark that [Q( 5) : Q] = 2 because√ x −5 is
√
Q( 5) ⊆ R irreducible by √
Eisenstein’s √
criterion and has 5 as a root.
Moreover, [Q( √5)(i) : Q( 5)] = 2 because i is a root of
2
x2 +√1, but Q( √5) ⊆ R √ and i ∈ R. Therefore, [K : Q] =
[Q( 5)(i) : Q( 5)][Q( 5) : Q] = 2 · 2 = 4.
In F7 [x] we have f (x) = x 4 − x 2 + 1 = (x 2 − 3)(x 2 − 5). Since the squares
in F7 are 0, 1, 2, 4, the polynomials x 2 − 3 and x 2 − 5 are irreducible, so the
splitting field of f (x) is F72 .
197 The polynomial f (x) = x 4 − x − 1 is irreducible in F2 [x]: it has no roots
because it is not zero when evaluated at the classes of 0 and 1, and it is not the
product of irreducible factors of degree 2 because it is not the square of x 2 + x + 1,
which is the unique irreducible polynomial of degree 2 in F2 [x]. It follows that
f (x) is irreducible in Z[x] and hence, by Gauss’s lemma, in Q[x]. We can therefore
conclude that f (x) is the minimal polynomial of α over Q and that [Q(α) : Q] = 4.
Since Q(α) = Q(2α − 1), the minimal polynomial of 2α − 1 over Q has degree
4. So the polynomial g(x) = 24 f ((x + 1)/2) = x 4 + 4x 3 + 6x 2 − 4x − 23, which
has 2α −1 as a root, is monic and has degree 4, is the minimal polynomial of 2α −1.
Let β = α 2 ; we have Q ⊆ Q(β) ⊆ Q(α) and we can easily compute β 2 = α +
1, β 3 = α 3 + α 2 and β 4 = α 2 + 2α + 1. Since 1, α, α 2 , α 3 are linearly independent
over Q, it is immediate to check that 1, β, β 2, β 3 must be as well. In particular, β
has degree 4 over Q.
Now, from α 4 − 1 = α, by squaring both sides, we get α 8 − 2α 4 + 1 = α 2 , that
is, β is a root of the polynomial h(x) = x 4 − 2x 2 − x + 1. Since h(x) is monic of
degree 4, it is the minimal polynomial of β.
198 Since the polynomial f (x) = x 4 − 6x 2 − 3 gives a biquadratic equation, one
can compute
 the roots of f (x) by means of the quadratic formula and find
 that they
√ √
 ± 3√± 2 3. The splitting field of
are over Q istherefore K = Q( 3 + 2 3,
 f (x) √ √
3 − 2 3), and [K : Q] = [K : Q( 3 + 2 3)][Q( 3 + 2 3) : Q].

The polynomial f is irreducible in

K = Q( 3 + 2 3, 3 − 2 3)
Z[x] by Eisenstein’s criterion for the
prime 3, so by Gauss’s lemma it is also
√ irreducible in Q[x]. It is therefore the
Q( 3 + 2 3) ⊆ R
minimal polynomial
 of its roots; in par-
√
ticular, [Q( 3 + 2 3) : Q] = 4.

√  √  √
Moreover,
 remarkthat 3 − 2 3 = ( 3 − 2 3)2 ∈ Q( 3 − 2 3) and that
√ √ √ √
3 − 2 3 ∈ Q( 3 +2 3), because 3 − 2 3 ∈ R and Q( 3 + 2 3) ⊆ R.
√
It follows that [K : Q( 3 + 2 3)] = 2, so [K : Q] = 8.
208 3 Solutions

In F13 [x] we have f (x) = (x 2 − 8)(x 2 + 2) and the two factors are irreducible
because 8 and −2 are not squares in F13 . The splitting field of f (x) over F13 is
therefore F132 and we have [F132 : F13 ] = 2.
199
√
(i) By taking the square of α we obtain that α 2 − 2 = 7, hence α 4 − 4α 2 − 3 = 0,
so α is a root of the polynomial f (x) = x 4 − 4x 2 − 3. If we show that f (x) is
irreducible in Q[x] we find that it is the minimal polynomial of α and therefore
[Q(α) : Q] = 4.
Since the polynomial
 f√ (x) gives a biquadratic equation,it is easy to compute its
√
roots, namely, ± 2 ± 7, which are not rational: √ if ± 2 ± 7 were rational,
then by taking its square wewould have that 7 is rational,  but√ this is of course
√
not the case. Moreover, ± 2 + 7 are real whereas ± 2 − 7 are non-real
complex conjugates.
If f (x) were the product of two irreducible
 polynomials
 of degree 2, one of the
√ √
two factors would have to be (x − 2 − 7)(x + 2 − 7), whose √ coefficients
are not rationals (its constant coefficient, for example, is −2 + 7 ∈ Q).
(ii) Let K be the splitting field of f (x) over Q.
By ourprevious remarks, we have
√ √
K = Q( 2 + 7, 2 − 7) K = Q( 2 + 7, 2 − 7) so [K :
Q] = [K : Q(α)][Q(α) : Q]. Note
√ that [K
 : Q(α)] =  2: we have K =
Q( 2 + 7) ⊆ R √ √
Q(α)( 2 − 7) and ( 2 − 7)2 = 2 −
√
4 7 ∈ Q(α), and moreover since K is not
real it cannot coincide with Q(α), which
is contained in R. It follows that [K :
Q] = 8.
200
(i) By taking
√ the square of both√ sides of the equation defining α we get α 2 =
2 + i 2, hence α − 2 = i 2. Squaring again, we have α − 4α 2 + 4 = −2
2 4

and so α is a root of the polynomial h(x) = x 4 − 4x 2 + 6.

By Eisenstein’s criterion for the prime 2, h(x) is irreducible in Z[x] and thus,
by Gauss’s lemma, in Q[x]. Since it is monic, h(x) is the minimal polynomial
of α over Q.
From the expression above, we get that α 2 is a root of p(x) = x 2 − 4x + 6. It
follows that the polynomial q(x) = p(x − 1) = (x − 1)2 − 4(x − 1) + 6 =
x 2 − 6x + 11 has α 2 + 1 as a root. The polynomial q(x) is monic and irreducible
in Q[x] (its roots are not real, so they are not rational). It follows that q(x) is
the minimal polynomial of α 2 + 1 over Q.
(ii) From h(α) = 0 we obtain (α 2 + 2α)(α 2 − 2α) = α 4 − 4α 2 = −6, hence
(α 2 + 2α)−1 = −(α 2 − 2α)/6.
Consequently, the polynomial f (x) = −(x 2 − 2x)/6 satisfies the required
condition.
5 Rings and Fields 209

201 The splitting field of a polynomial of the form x n − a over a field K of

characteristic zero, or of (positive) characteristic coprime to n, is given by F =
K(α, ζ ), where α is an nth root of a and ζ is a primitive nth root of 1.
√ √
In our case,
√ we can choose α = 8 4 = 4 2 and ζ =
K = Q( 4 2, i) e2πi/8 = 22 (1 + i). Since α is a root of the polynomial
x 4 − 2, which is irreducible in Q[x] by Gauss’s lemma
√ and Eisenstein’s criterion for the prime 2, we have [Q(α) :
Q( 4 2) ⊆ R Q] = 4. Remark that Q(α) ⊆ R and ζ is not √ real,2 so
4 Q(α) =
 F, that is, [F : Q(α)] > 1. Moreover, 2=α ∈
Q(α) so F ⊆ Q(α, i). The imaginary unit i is a root of the
polynomial x 2 + 1 ∈ Q(α)[x], so [F : Q(α)] ≤ [Q(α, i) :
Q(α)] ≤ 2.
It follows that [F : Q] = [F : Q(α)][Q(α) : Q] = 2 · 4 = 8.
Over K = F3 we can write the polynomial as x 8 −1, so its splitting field is F3 (ζ ).
A field F3n contains ζ if and only if its multiplicative group F∗3n , which is cyclic and
has order 3n − 1, contains a subgroup of order 8, that is, if and only if 8 | 3n − 1.
The least n for which this holds is n = 2; therefore, the splitting field in question is
F9 and has degree 2 over F3 .
202 The polynomial f (x) = x 4 + 26 is irreducible in Q[x] by Gauss’s lemma,
because it is irreducible in Z[x] by Eisenstein’s criterion for the prime 2. Therefore,
given a complex root α of f (x) and letting K = Q(α), we have [K : Q] = 4. The
roots of f (x) are ±α, ±iα, so the splitting field of f (x) over Q is F = K(i). Since
i has degree 2 over Q, we have [F : K] ≤ 2. √
Now consider β =√ i 26; let E =
F = Q( 4 −26, i) Q(β) and set α = ± β. Clearly, [E :
Q] = 2 and [K : E] √ = 2. Remark
that E = Q(i) = Q( −1). This is
√
E(i) K = Q( 4 −26) because two extensions of the same field
obtained by adding the square roots of
√ two elements coincide if and only if the
Q(i) E = Q( −26) product of the two elements is a square
in the field, whereas (−1)(−26) = 26 is
2 2
not the square of a rational number. Con-
sequently, both K and E(i) are quadratic
extensions of E. √
By the same argument,√K and E(i) are distinct, since (−1)(i 26) is not a square in
E: a square root of −i 26 is a root of f (x), so it has degree 4 over Q and therefore
cannot belong to E. So i ∈ K and thus [F : Q] = [F : K][K : Q] = 2 · 4 = 8.
As for the splitting field of f (x) over a finite field, its degree is given by the least
common multiple of the degrees of the irreducible factors of f (x) over the field in
question.
In F5 [x] we have x 4 + 26 = x 4 − 4 = (x 2 − 2)(x 2 + 2), with the degree 2
factors being irreducible because they have no roots in F5 . Therefore, the degree of
the splitting field over F5 is 2.
210 3 Solutions

In F7 [x] we have x 4 + 26 = x 4 − 9 = (x 2 + 3)(x 2 − 3) = (x 2 − 4)(x 2 − 3) =

(x + 2)(x − 2)(x 2 − 3), and the degree 2 factor is irreducible because it has no roots
in F7 . Therefore, the degree of the splitting field over F7 is 2.
203 We have f (x) = x 6 − 12x 3 + 27 = (x 3 − 3)(x 3 − 9).
The polynomial x 3 − 3 is irreducible in Z[x] by Eisen-
3 stein’s criterion for the prime 3; it is therefore irreducible
K = Q( 3, ζ )
in Q[x] bu Gauss’s lemma. Denote
√ by K the splitting field
of x 3 − 3. We have K = Q( 3 3, ζ ), where ζ is a primitive
√
Q( 3 3) ⊆ R third root
√ of 1. The fact that x 3 − 3 is irreducible
√ implies
3
that [Q( 3
3) : Q] = 3. Since we have Q( 3
3) ⊆ R and ζ
is not real, the degree of K over Q must be strictly greater
than 3. Finally, since this degree is at most 3! = 6, we find
it must be 6. √
Similarly, the splitting field F of the polynomial x 3 − 9 is Q( 3 9, ζ ). However,
√ √ 2
we have 3 9 = 3 3 ∈ K and ζ ∈ K, so F ⊆ K. In conclusion, the splitting field of
f (x) over Q is equal to K and therefore has degree 6 over Q.
In F5 [x] we have f (x) = (x 3 −3)(x 3−9) = (x−2)(x 2+2x−1)(x+1)(x 2−x+1)
because 23 ≡ 3 and (−1)3 ≡ 9 (mod 5). Moreover, x 2 + 2x − 1 and x 2 − x + 1
are irreducible because they have no roots in F5 .
Therefore, the degree of the splitting field of f (x) over F5 is 2, that is, the least
common multiple of the degrees of the irreducible factors of f (x).
 √ √
204 By √ taking the square of α = 2 + 3 we obtain α 2 = 2 + 3, hence
α 2 − 2 = 3; squaring again yields α 4 − 4α 2 + 4 = 3. It follows that α is a root of
the polynomial f (x) = x 4 − 4x 2 + 1.  √
Remark that applying the same procedure to β = 2 − 3 yields the same
polynomial f (x), so the roots of f (x) are ±α and ±β.
The factorisation of f (x) in C[x] is therefore (x − α)(x + α)(x − β)(x + β).
Since the squares of ±α and ±β are clearly irrational, the numbers ±α and ±β are
themselves irrational; therefore, f (x) has no factors of degree 1 in Q[x].
If f (x) were the product of factors of degree 2, the factor having α as a root
would have to be one of the following: (x −α)(x +α), (x −α)(x −β), (x −α)(x +β).
The first of the polynomials above does not have rational coefficients because
α2 is irrational. The second does not have rational coefficients because (α + β)2 =
√  √
( 2 + 3 +  2 − 3)2  = 6, so α + β ∈ Q. Finally, the third does not because
√ √
(α − β)2 = ( 2 + 3 − 2 − 3)2 = 2.
The splitting field of f (x) is K = Q(α, β), because clearly −α, −β ∈ K. Note,
however, that αβ = 1, so β = 1/α ∈ Q(α). We therefore have K = Q(α) and,
since the minimal polynomial of α over Q has degree 4, we have [K : Q] = 4.
5 Rings and Fields 211

205
(i) It is easy to check that the polynomial x 3 −7 is irreducible in Q[x]: it has degree
3 and, √ ±1
√ since √ and ±7 are not roots, it√has no rational roots. In fact, its roots
are 3 7, 3 7ζ, 3 7ζ 2 , where ζ = (−1 + −3)/2 is a primitive third root of 1.
Let K be the splitting field of x 3 − 7 over Q; since the
polynomial has degree 3 we have [K : √Q] ≤ 3! = 6,
K = Q( 3 7, ζ ) and since it is irreducible we have [Q( 3 7) : Q] = 3.
√
But Q( 7)√⊆ K and the inclusion is actually strict,
3

√ because Q( 3 7) ⊆ R whereas K contains the two non-

Q( 3 7) ⊆ R
real roots of the polynomial. Therefore, we must have
3 [K : Q] = 6. The polynomial x 2 + 3 is √ also irreducible
in Q[x], and
√ its splitting field is clearly Q(
√ −3). Now, the
fact√that −3 = ζ − ζ 2 implies that −3 ∈ K and so
Q( −3)⊆ K.
In conclusion, the splitting field of f (x) coincides with K and has degree 6
over Q.
(ii) We know that we can represent every element of A = F5 [x]/(f (x)) as the
class of a polynomial of degree at most 4, and the class of a polynomial g(x)
is a zero divisor in A if and only if g(x) and f (x) are not relatively prime. By
checking for possible roots, we find that the factorisation of f (x) in F5 [x] is
f (x) = (x − 3)(x 2 + 3x − 1)(x 2 + 3).
Remark that the classes that are multiples of some fixed h(x) of degree d are
of the form h(x)k(x), where k(x) is any polynomial of degree 4 − d; there are
therefore 55−d such classes. Thanks to this remark and the inclusion-exclusion
principle, we can find the number of zero divisors by counting the multiples of
x − 3, the multiples of x 2 + 3x − 1 and the multiples of x 2 + 3, subtracting
the number of multiples of (x − 3)(x 2 + 3x − 1), of (x − 3)(x 2 + 3) and
of (x 2 + 3x − 1)(x 2 + 3), and finally summing the number of multiples of
(x − 3)(x 2 + 3x − 1)(x 2 + 3). We find that the number of zero divisors in A is

54 + 53 + 53 − (52 + 52 + 5) + 1 = 821.

206 First of all, we show that f (x) = 2x 4 + 6x 2 − 5 is irreducible in Q[x].

In C[x] we have√f (x) = 2(x 2 − α)(x 2 − √β) = 2(x − a)(x + a)(x − b)(x + b),
where α = (−3 + 19)/2 and β = (−3 − 19)/2 are the solutions of the equation
2y 2 + 6y − 5 = 0, and a 2 = α, b2 = β. Since α and β are not rational numbers,
neither are a and b, so f (x) has no irreducible factors of degree 1 in Q[x].
Moreover, b is not real, so any polynomial with rational coefficients that has b
as a root must also have among its roots the complex conjugate b = −b of b. It
follows that the only potential factorisation of f (x) as a product of two quadratic
polynomials with rational coefficients is 2(x 2 − α)(x 2 − β). But this is not a
factorisation in Q[x], since α and β are not rational numbers.
212 3 Solutions

√
Set L = Q(α) = Q(β) = Q( 19), E = Q(a),
K =E·F F = Q(b), K = EF = Q(a, b).
Clearly, K is the splitting field of f (x). As f (x)
is irreducible we have [E : Q] = [F : Q] = 4,
E = Q(a) F = Q(b) hence [E : L] = [F : L] = 2. Since EF = E(b)
and b has degree 2 over L, the degree of b over E
√ is at most 2; in particular, it is 1 if b ∈ E, that is, if
L = Q( 19) E = F, and √ 2 otherwise.
4 4 √
2 But E = L( α) and F = L( β), so E = F if and
only if αβ = −5/2 is a square in L. This is clearly
Q
not the case, because L ⊆ R and squares in R are
non-negative.
In conclusion, E = F and [EF : E] = 2, so [K : Q] = [EF : E][E : Q] =
2 · 4 = 8.
[[One could alternatively show that"[E(b) : E] > 1 by remarking that E = Q(a) =
" √ √
Q( (−3 + 19)/2) ⊆ R, whereas b = (−3 − 19)/2 ∈ R.]]
Our initial computation of α and β shows that in F19 [x] we have f (x) = 2(x 2 +
3 · 2−1 )2 = 2(x 2 − 8)2 . We can easily check that x 2 − 8 has no roots in F19 , so
f (x) factors as a product of irreducible factors of degree 2 in F19 [x]. Therefore, the
degree of the splitting field of f (x) over F19 is 2.
207 The polynomial f (x) is irreducible in Q[x] by Eisenstein’s criterion for the
prime 3. We therefore have [Q(α) : Q] = 5. Since α 7 ∈ Q(α), we have Q ⊆
Q(α 7 ) ⊆ Q(α) and so [Q(α 7 ) : Q] | 5. If [Q(α 7 ) : Q] were 1, then α 7 would be a
rational number. But the fact that α 5 + 3α + 3 = 0 implies that α 7 = −3α 3 − 3α 2 ,
and the latter is not a rational number because 1, α 2 , α 3 are linearly independent
over Q (since [Q(α) : Q] = 5). We thus also have [Q(α 7 ) : Q] = 5.
Let us factor f (x) in F2 [x]. It is clear that f (x) has no roots; on the other hand,
it is divisible by the unique irreducible polynomial of degree 2, namely, x 2 + x + 1,
hence f (x) = (x 2 + x + 1)(x 3 + x 2 + 1). It follows that [F2 (α) : F2 ] is either 2 or
3, depending on whether α is a root of the first or the second factor.
Remark that in the first case α ∈ F∗4 , which is a cyclic group with three elements;
so α 7 = α and [F2 (α 7 ) : F2 ] = 2. In the second case we have α ∈ F∗8 , which is a
cyclic group with seven elements, so α 7 = 1 and [F2 (α 7 ) : F2 ] = 1.
208 We know that an element g(x) ∈ K[x]/(f (x)) is a zero divisor if and only if
(g(x), f (x)) = 1. In other words, an element g(x) is a zero divisor if and only if
g(x) is divisible by at least one of the irreducible factors of f (x).
Moreover, we know that g(x) is nilpotent if and only if g(x) is divisible by all
irreducible factors of f (x).
To summarise, if f (x) = p(x)k is a power of a single irreducible polynomial,
then every zero divisor is represented by a polynomial g(x) which is a multiple of
p(x) and therefore nilpotent. Conversely, if f (x) is divisible by at least two distinct
irreducible polynomials p(x), q(x), then the element p(x) is a zero divisor and is
not nilpotent.
5 Rings and Fields 213

209 The factorisation of f (x) in F5 [x] is

x 3 − 2x + 1 = (x − 1)(x − 2)2 .

The zero divisors in F5 [x]/(x 3 − 2x + 1) are given by the union of classes of

polynomials that are multiples of x − 1 and polynomials that are multiples of
x − 2. The classes of multiples of x − 1 are represented by polynomials of the
form (x − 1)(ax + b) with a, b ∈ F5 , so there are 25, as many as the ways to choose
the pair (a, b). Similarly, there are 25 classes of multiples of x − 2. The intersection
of classes of multiples of x − 1 and x − 2 is the set of classes of polynomials that
are multiples of (x − 1)(x − 2), that is, classes represented by c(x − 1)(x − 2)
with c ∈ F5 : there are 5 of them. By the inclusion-exclusion principle, we have
25 + 25 − 5 = 45 zero divisors.
The nilpotent elements are the classes of polynomials that are multiples of every
irreducible factor of f (x), that is, the five classes of multiples of (x − 1)(x − 2).
The answer is therefore 45 − 5 = 40.
210
(i) Let α be the positive fourth root of a. In C[x] the polynomial f (x) = x 4 − a
factors as f (x) = (x − α)(x + α)(x − iα)(x + iα). We know that f (x) is
reducible in Z[x]. There are two possibilities: either f (x) has a root in Z or
f (x) factors as the product of two irreducible quadratic polynomials in Z[x].
In the first case, since ±iα are not real numbers, the only possible roots are ±α
and in fact, if one of the two is an integer then the other must be as well. But if
α = k ∈ N then a = α 4 = k 4 , so we have a = b2 for some b = k 2 ∈ N.
In the second case, the degree 2 factors must be x 2 − α 2 and x 2 + α 2 , because
the factor that has a non-real root must also have its complex conjugate as a
root. It follows that α 2 = b ∈ N and again a = α 4 = b2.
(ii) Let α be the positive fourth root of −a. The polynomial f (x) factors in C[x]
3 √
as f (x) = (x − ζ α)(x − ζ α)(x − ζ 3 α)(x − ζ α), where ζ = (1 + i)/ 2 is a
primitive eighth root of 1. In this case the polynomial has no real roots: the only
potential factorisation with integer coefficients comes from pairing√ up complex
conjugate roots to obtain the factors (x − ζ α)(x − ζ α) = x 2 − 2αx + α 2
3 √
and (x − ζ 3 α)(x − ζ α) = x 2 + 2αx + α 2 . Again α 2 = c must be a √ natural
number and we must have −a √ = α 4 = c2 . Moreover, the condition that 2α is
an integer yields that α = d / 2 for some d ∈ N. By squaring both sides we
obtain c = d 2 /2, so d must be even, say d = 2d with d ∈ N, and c = 2d 2 .
211 First of all, remark that the polynomial f (x) = x 4 + 5x 2 + 5 is irreducible
in Q[x] by Gauss’s lemma and by Eisenstein’s criterion for the prime 5. By the
√ polynomial g(y) = y + 5y + 5 is irreducible. Its
same argument, the 2
√ roots are
α1 , α2 = (−5 ± 5)/2, and its splitting field is F = Q(α1 , α2 ) = Q( 5), which
has degree 2 over Q.
√ √
The splitting field of f (x) is thus K = F( α1 , α2 ). Remark that α1 α2 , being
the product of the two roots of g(x), is equal to 5, which is a square in F. So the two
214 3 Solutions

√ √
extensions F( α1 )/F and F( α2 )/F coincide and the degree of the splitting field
K over Q is at most 4.
On the other hand, since f (x) is irreducible in Q[x], the degree of its splitting
field is a multiple of 4, which is the degree of the extension obtained by adding a
single root of f (x). Therefore, [K : Q] = 4.
In F11 [x] the polynomial f (x) can be written as x 4 −6x 2 +5 = (x 2 −1)(x 2 −5) =
(x + 1)(x − 1)(x 2 − 5). Since 5 ≡ 42 (mod 11), we have x 2 − 5 = (x + 4)(x − 4),
so f (x) = (x + 1)(x − 1)(x + 4)(x − 4) and thus the degree of the splitting field
over F11 is 1.
212
(i) Since α is a root of f (x) = x 3 − x 2 − 2x − 1, we have α 3 = α 2 + 2α + 1.
Multiplying both sides by α and substituting into the expression for β yields

β = α 4 − 3α 2
= α 3 + 2α 2 + α − 3α 2
= α3 − α2 + α
= α 2 + 2α + 1 − α 2 + α
= 3α + 1.

Now, remark that the polynomial f (x) has no rational roots because f (±1) =
0. So, since its degree is 3, f (x) is irreducible in Q[x]. It follows that [Q(α) :
Q] = 3.
Clearly, β ∈ Q(α) and α = (β − 1)/3 ∈ Q(β), so Q(β) = Q(α) and therefore
the degree of the minimal polynomial of β over Q is 3.
Substituting x = (y − 1)/3 into the polynomial f (x), we find that the
polynomial
 3  2
y−1 y−1 y−1 1 3 2 2 1 13
− − −1= y − y − y−
3 3 3 27 9 3 27

has β as a root, so y 3 − 6y 2 − 9y − 13 is the minimal polynomial of β over Q.

(ii) Using the minimal polynomial of β, we have that β 3 − 6β 2 − 9β = 13. By
dividing both sides of the equality by 13, we obtain

β 2 − 6β − 9
β = 1;
13
substituting β = 3α + 1 yields

β 2 − 6β − 9 9α 2 − 12α − 14
= .
13 13
5 Rings and Fields 215

It follows that g(x) = (9x 2 − 12x − 14)/13 satisfies the requirements of the
problem.
[[The second part of the problem can also be solved as follows. Every element of Q(α) can be
written in the form u2 α 2 + u1 α + u0 for some u0 , u1 , u2 ∈ Q. In order to find a polynomial
g(x) such that βg(α) = 1, we can simply compute h = (3α + 1)(u2 α 2 + u1 α + u0 ) − 1 and
solve the linear system in u0 , u1 , u2 obtained by setting h = 0.]]
√ √ √ √
213 The roots of x 2 +√ 3 are ± −3 and the roots of x − 5 are 5, 5ζ, 5ζ .,
3 3 3 3 2

where
√ ζ √ = (−1 + −3)/2. The splitting field in question is therefore K =
Q( −3, 3 5, ζ ). √ √ √ √
Remark that K = Q(√ −3, 3 5): clearly, √ we have Q( −3, √
3
5) ⊆√K, and
moreover
√ √ ζ = (−1 + −3)/2 ∈ Q( −3) so we also have 3
5ζ, 3 5ζ 2 ∈
Q( −3, 5).
3

√ field K √
The contains the two subextensions
Q( −3) and Q( 3 5), whose degrees over Q are 2
K and 3, respectively. Indeed, the respective minimal
polynomials of their generators are x 2 + 3 e x 3 − 5,
√ √
Q( −3) Q( 3 5) and both polynomials are irreducible in Q[x] because
they have no rational roots and their degrees are at
2 3 most 3. This implies that 2 | [K : Q] and 3 | [K : Q],
6 | [K : Q].
so √ √ On the other hand, [K : Q] = [K :
Q( 3 5)][Q( 3 5) : Q] ≤ 2 · 3 = 6, and therefore
[K : Q] = 6.
214
(i) For p = 3 we have x 15 − 1 = (x 5 − 1)3 , so factoring f (x) is the same as
factoring x 5 − 1. Since 5 and 3 are relatively prime, the splitting field of x 5 − 1
over F3 is F3d , where d is the multiplicative order of 3 modulo 5. We have
d = 4 and (x − 1)3 (x 4 + x 3 + x 2 + x + 1)3 is the factorisation of f (x) as a
product of irreducible factors.
For p = 5 the argument is similar: f (x) = (x 3 − 1)5 and the splitting field
is F52 , because 5 has order 2 in F∗3 . The factorisation if f (x) as a product of
irreducible factors is given by f (x) = (x − 1)5 (x 2 + x + 1)5 .
(ii) If p is neither 3 nor 5 then 15 and p are relatively prime. We can find the
splitting field of f (x) as before: it is Fpd , where d is the multiplicative order
of p modulo 15. Since (Z/15Z)∗  (Z/3Z)∗ × (Z/5Z)∗  Z/2Z × Z/4Z, the
order of p in (Z/15Z)∗ is a divisor of 4.
(iii) For p = 31 we have d = 1 because 31 ≡ 1 (mod 15), for p = 11 we have
d = 2 because 112 = 121 ≡ 1 (mod 15), and for p = 2 we have d = 4
because the multiplicative order of 2 modulo 15 is 4.
215 First, consider the case of the field F7 . One can check that x 2 + 2 has no
roots in F7 and is therefore irreducible; moreover, x 4 − 2 = (x 2 − 3)(x 2 + 3).
So, independently of whether or not the two polynomials x 2 − 3 and x 2 + 3 are
irreducible, the least common multiple of the degrees of the irreducible factors of
(x 2 +2)(x 4 −2) is 2. The splitting field of the polynomial over F7 has thus degree 2.
216 3 Solutions

√ √ √
The roots in C of the polynomial (x√ 2 + 2)(x 4 − 2) are ±i 2, ± 4 2 and ±i 4 2,
√ √ √
so its splitting field over Q is K = Q(i 2, 2, i 2) = Q( 2, i).
4 4 4

In order to compute the √degree [K √ : Q], consider the tower

K = Q( 4 2, i) of extensions Q ⊆ Q( 4 2) ⊆ Q( 4 2)(i) = K. The first
extension
√ has degree 4 because the minimal polynomial of
√
4
2 over Q is x 4 − 2: it is an irreducible polynomial in Z[x]
Q( 4 2) ⊆ R by Eisenstein’s criterion for the prime 2 and therefore is also
4 irreducible in Q[x] by Gauss’s lemma. The second extension
has degree 2 because√i is a root of x 2 +1 and the extension is
nontrivial, since Q( 4 2) ⊆ R and i ∈ R. We therefore have
[K : Q] = 8.
216
√ √
(i) Let F = Q( 5, √−5) = Q(α, β). Consider the
extensions Q ⊆ Q( 5) ⊆ F. The first has degree
F = Q( 5, −5)
2 over Q and is a subextension of R/Q; the√second
√ √ 2: it is obtained by adding −5 to
has√degree at most
Q( 5) ⊆ R Q( 5), where −5 has degree
√ 2 over Q and therefore
degree at most 2 over Q( 5). However, the degree of
2
the second
√ extension
√ cannot
√ be 1, otherwise we would
have Q( 5) = Q( √ 5, √ −5), which cannot be the case
because the field Q( 5, −5) is not real.
We have thus proven that F has degree 4 over Q. Clearly, α + β ∈ F. We want
to show that, in fact, Q(α + β) = F, and thus that the minimal polynomial of
α + β over Q has degree 4.
Remark that i = (α+β)2 /10 ∈ Q(α+β) and so the element −α+β = i(α+β)
also belongs to Q(α + β). But then it is clear that α, β ∈ Q(α + β), that is,
Q(α + β) = Q(α, β) = F.
(ii) The degree of Fp (α)/Fp is at most 2, as is the degree of Fp (β)/Fp , so both
Fp (α) and Fp (β) are contained in Fp2 because any fixed algebraic closure of
Fp contains a unique extension of Fp of degree 2. So α + β ∈ Fp2 and thus the
minimal polynomial of α + β has degree at most 2 over Fp .
For example, if p = 5 then√ α = β = 0 and α + β obviously has degree 1 over
F5 . If p = 3 then α = ± 2 ∈ F32 \ F3 , whereas β = ±1, so α + β ∈ F32 \ F3
and α + β has degree 2 over F3 .
(iii) Since 2011 is congruent to 3 modulo 4, we have that −1 is not a square in
F2011. So exactly one among 5 and −5 is a square in F2011: one of the two
extensions F2011(α) and F2011(β) has degree 1 and the other has degree 2. In
any case, the degree of the minimal polynomial of α + β is 2.
217 The polynomial f (x) is irreducible over Q by Eisenstein’s criterion, so it is
the minimal polynomial of each of its roots. It follows
√ that [Q(α) : Q] = 4. The
√
roots of f (x) in an algebraic
√ √closure of Q
√ are ± 4
3, ±i 4
3, so the splitting field of
f (x) over Q is F = Q( 3, i 3) = Q( 3, i).
4 4 4
5 Rings and Fields 217

Using the fact that the degree is multi-

F = Q( 4 3, i) = K( 4 3) plicative
√ in towers,
√ we √ have [F : Q] =
[Q( 4 3)(i) : Q( 4 3)][Q( 4 3) : Q] = 2 · 4 =
√ √ 8. Indeed,
√ we already found the degree of
Q( 4 3) ⊆ R K = Q( −3) Q( 4 3)/Q, and the other degree is 2: it is
at most
√ 2 because i is a root of x 2 + 1 ∈
4 2
Q( 3)[x],
4
√ and it is more than 1 because
i ∈ Q( 4 3) ⊆ R.
√ √ √
Now,
√ let K = Q( −3) √
√ = Q(i 3). Since √ i √3 is not real we have that
[Q( 4 3, i 3) : Q] = 8, so [K( 4 3) : K] = [Q( 4 3, i 3) : Q]/[K : Q] = 8/2 = 4.
It follows that the polynomial f (x) is also irreducible in K[x], and thus every
root α of√f (x) has degree 4 over K. As √ before, the√splitting field√of f√(x) over
K √ is K( 4 3, i). On the other
√ hand,
√ K( 4
3) = K( 4 3, i) = Q(i 3, 4 3, i) =
Q( 3, i) = F√because i 3 = i( 3) ∈ F, so the degree we are computing is
4 4 2

[F : K] = [K( 4 3) : K] = 4.
218
(i) Remember that the splitting field of a polynomial over a finite field Fpn is Fpnd ,
where d is the least common multiple of the degrees of the irreducible factors
of f (x) in Fpn [x].
In F2 [x] we have f (x) = x(x 4 + x + 1); moreover, the polynomial x 4 + x + 1 is
irreducible because it has no roots and it is not the square of the unique degree 2
irreducible polynomial in F2 [x], namely, x 2 + x + 1. The splitting field of f (x)
over F2 is therefore F24 .
In F3 [x] we have f (x) = (x 2 + 1)(x 3 − x + 1) and each of the two factors
is irreducible because it has no roots. The splitting field of f (x) over F3 is
therefore F36 .
(ii) We need to check whether or not x 2 +1 and x 3 −x +1 are irreducible in F3k [x].
The roots of x 2 + 1 generate F32 , so the polynomial factors in F3k [x] if and only
if F32 ⊆ F3k , that is, if and only if 2 | k. Similarly, x 3 − x + 1 factors in F3k [x]
if and only if 3 | k.
In conclusion, if k ≡ 0 (mod 6) then f (x) factors as a product of degree 1
polynomials in F3k [x]. If k ≡ 2, 4 (mod 6) then f (x) has two roots in F3k and
an irreducible factor of degree 3. If k ≡ 3 (mod 6) then f (x) has three roots
and an irreducible factor of degree 2. Finally, if k ≡ 1, 5 (mod 6) then f (x)
has an irreducible factor of degree 2 and one of degree 3 in F3k [x] (as in F3 [x]).
219 Reducing the polynomial f (x) = x 4 + 2x 3 + 2x 2 + x + 3 modulo 2 yields
x 4 + x + 1, which is irreducible because it has no roots in F2 and is not a square of
x 2 + x + 1, which is the only irreducible quadratic polynomial in F2 [x]. Therefore,
f (x) is irreducible in Z[x] and hence, by Gauss’s lemma, in Q[x].
This implies that f (x) is the minimal polynomial of α over Q, so [Q(α) : Q] = 4.
Since Q(α + 1) = Q(α), the minimal polynomial of α + 1 over Q also has degree
4. Clearly, the polynomial f (x − 1) = x 4 − 2x 3 + 2x 2 − x + 3 has α + 1 as a root,
218 3 Solutions

so it must be a multiple of the minimal polynomial of α + 1; since it is monic and

has degree 4, it is the polynomial we are looking for.
We now set out to find the minimal polynomial of α 2 + α over Q. Since Q(α 2 +
α) ⊆ Q(α), the degree of α 2 + α over Q is a divisor of 4. It cannot be 1 because that
would imply α 2 + α = q ∈ Q and thus x 2 + x − q would be a degree 2 polynomial
of Q[x] that has α as a root, which contradicts the fact that the degree of α over Q
is 4. The degree of α 2 + α is therefore either 2 or 4: it is 2 if and only if (α 2 + α)2 ,
(α 2 +α) and 1 are linearly dependent over Q. What we need to determine is whether
there are solutions a, b ∈ Q of

(α 2 + α)2 + a(α 2 + α) + b = 0.

Simple calculations yield the equation α 4 + 2α 3 + (a + 1)α 2 + aα + b = 0 and, by

replacing α 4 with the expression obtained from f (α) = 0, we get

(a − 1)α 2 + (a − 1)α + b − 3 = 0

whose solution is a = 1, b = 3. This shows that the polynomial h(x) = x 2 + x + 3

has α 2 + α as a root and, since it has the least possible degree, it is the desired
minimal polynomial.
220
(i) Let us show that f (x) is irreducible in Q[x]. First of all, it has no rational roots,
as we can see by checking that f (1) and f (−1) are both nonzero. By Gauss’s
lemma, it is enough to prove that f (x) is irreducible in Z[x]. Now, if in Z[x]
the polynomial f (x) were a product of two quadratic factors, which we may
assume to be monic, we would have f (x) = (x 2 + ax + b)(x 2 + cx + d)
for some a, b, c, d ∈ Z. By equating the terms of degree three of the left and
right hand side, we get a + c = 0, while for the constant coefficients we have
bd = 1, hence c = −a and d = b = ±1. So we would have

f (x) = (x 2 +ax +b)(x 2 −ax +b) = (x 2 +b)2 −(ax)2 = x 4 +(2b −a 2)x 2 +1.

Finally the terms of degree two give the equality 2b − a 2 = 3, that is, 2b − 3 =
a 2 . But if b ∈ {1, −1} then 2b − 3 ∈ {−1, −5} so it can’t be the square of an
integer. It follows that f (x) is irreducible, and since it is also monic it is the
minimal polynomial of α over Q. Therefore, [Q(α) : Q] = 4.
(ii) Let β1 , β2 be the roots of the quadratic polynomial y 2 + 3y + 1. The field
E = Q(β1 ) = Q(β2 ) has degree 2 over Q: we have already checked that this
polynomial has √ no √rational roots. If we let√K be the splitting
√ field of f (x), we
have K = E( β1 , β2 ). But the fields E(√ β1 ) and E( β2 ) coincide (because
β1 β2 = 1 is a square in E), so K = E( β1 ). Without loss of generality, we
may assume that K = Q(α) and obtain [K : Q] = 4.
(iii) The polynomial f (x −1) = (x −1)4 +3(x −1)2 +1 = x 4 −4x 3 +9x 2 −10x +5
vanishes at α +1. Its reciprocal polynomial, that is, g(x) = 5x 4 −10x 3 +9x 2 −
5 Rings and Fields 219

4x + 1, vanishes at 1/(α + 1). Moreover, it is clear that Q(α) = Q(1/(α + 1)),

so the minimal polynomial of 1/(α + 1) over Q has degree 4. It follows that
the minimal polynomial we want is g(x)/5.
221 The polynomial f (x) = x 4 − 4x 2 + 2 is irreducible in Q[x] by Gauss’s lemma
√4 over Q.
and by Eisenstein’s criterion for the prime 2, so each of its roots has degree
The complex solutions of the equation y 2 − 4y √ + 2 = 0 are 2 ±√ 2, so the
complex roots of f (x) are ±α, ±β, where α 2 = 2 + √2 and β 2 = 2 − 2. Clearly,
both Q(α) and √ Q(β) are√ degree 2 extensions of √ Q( 2). Moreover, they coincide
because (2 + 2)(2 − 2) = 2 is a square in Q( 2). So the splitting field of f (x)
over Q is K = Q(±α, ±β) and we have [K : Q] = 4.
Remark that the roots of f (x) are all real
K(i) because they are the square roots of positive
numbers, so i ∈ K. It follows that [K(i) :
√ K] = 2 and, since the degree is multiplicative
Q(i) K = Q( 2 + 2) ⊆ R
in towers, [K(i) : Q] = 8. On the other
2 4 hand, K(i) = Q(i, α, β) is the splitting field
of f (x) over Q(i), so [K(i) : Q(i)] = [K(i) :
Q]/[Q(i) : Q] = 8/2 = 4.
In F7 we have (±3)2 = 2, so the roots of y 2 − 4y + 2 = 0 are 2 ± 3 = −1, 5. It
follows that y 2 − 4y + 2 = (y + 1)(y − 5) and x 4 − 4x 2 + 2 = (x 2 + 1)(x 2 − 5).
One can check that x 2 + 1 and x 2 − 5 have no roots in F7 , so they are irreducible in
F7 [x]. Therefore, the degree of the splitting field of f (x) over F7 is 2.
222
(i) We show that EF ⊆ K. The roots of x 8 − 1 and of x 3 − 1 are also roots of
x 24 − 1, so the generators of E and F belong to K.
Let ζ8 = e2πi/8 and ζ3 = e2πi/3 be a primitive eighth and third root of unity in
C, respectively. The product ζ8 · ζ3 is a primitive 24th root of unity, so we also
have K ⊆ EF.
(ii) √ eighth roots of 1 are ±1,
The √ ±i, (±1 ±
E = Q( 2, i) i)/ 2, so E is contained in Q( 2, i). On the
other
√ hand, E must √ contain the root i and also
√ 2 = √(1 + i) 2/(1 + i),
√ so E coincides
R ⊇ Q( 2) Q(i) with Q( 2, i). Note that Q( 2) and Q(i) are
different extensions of Q of degree 2 (one is a
2 2
subextension of the reals and the other is not)
and therefore we have [E : Q] = 4.
√ √
√ (−1√± −3)/2, so F = Q( −3) and [F : Q] = 2. It
The third roots of 1 are
follows that K = Q(√ 2, i, √ −3). √
Remark that both 2 and √ 3 √ = i · −3 belong to K and therefore we have
K = T(i), where T = Q( 2, 3) is a subfield of R. Since 2 · 3 = 6 is not a
square in Q, we have [T : Q] = 4, while K is an extension of degree 2 of T, so
[K : Q] = 8.
220 3 Solutions

Finally, T ⊆ K ∩ R ⊆ K and, since [T : Q] = 4 and [K : Q] = 8, we have

K ∩ R = T or K ∩ R = K. Since K ∩ R ⊆ R whereas K ⊆ R, we must have
K ∩ R = T.
We can√ find a basis of K ∩ √
R by taking the products of the elements
√ √ of a √
basis
of Q( 2) and a basis of Q( 3); for instance, one is given by 1, 2, 3, 6.

K = Q( 2, i, −3)

√ √
R ⊇ T = Q( 2, 3) E

√ √ √
Q( 3) Q( 2) Q(i) F = Q( −3)

223
(i) The roots of the polynomial x 2 + x + 1 are ζ, ζ 2 , where ζ ∈ C is a primitive
third root of 1. In order to have the required divisibility, ζ and ζ 2 must also be
roots of f (x) = x 2n + x n + 1. In fact, it is enough to check that one of them is
a root, because the two are complex conjugates; if one is a root then the other
one must be as well. Let us evaluate f (x) at ζ . We have
⎧
⎪
⎨1 + 1 + 1 = 3
⎪ if n ≡ 0 (mod 3);
f (ζ ) = ζ + ζ + 1 = 0 if n ≡ 1 (mod 3);
2
⎪
⎪
⎩ζ + ζ 2 + 1 = 0 if n ≡ 2 (mod 3).

So the values we want are the natural numbers n ≡ 0 (mod 3).

(ii) The equality

x 12 − 1
= x8 + x4 + 1
x4 − 1

implies that the splitting field of x 8 + x 4 + 1, both over Q and over F7 , is

generated by a primitive 12th root of unity. Indeed, the roots of the polynomial
x 12 − 1 form a cyclic group of order 12, and those of the denominator are a
subgroup of order 4 of the cyclic group in question. On the other hand, adding
to the base field any 12th root of unity also adds its powers, and so all other 12th
roots of unity.
5 Rings and Fields 221

In order to find the degree of the splitting field over Q, let us compute the
complex roots of the polynomial; they are
√ √
±1 ± 3i ± 3 ± i
,
2 2
√
√ splitting field is Q( 3, i). Indeed, the splitting field must be contained in
so the
Q( 3, i) given the form of the roots; moreover, the opposite inclusion
√ follows
from
√ the fact that summing the two complex conjugate roots ( 3 ± i)/2 yields
3, and taking their difference shows that i is in the splitting field as well.
The degree of the splitting field of x 8 + x 4 + 1 over F7 is the least positive
integer k for which F7k contains the 12th roots of 1; in other words, it is the
least positive integer k for which 12 | 7k − 1, that is, k = 2.
224 We first show that f (x) = x 4 − x 3 + x 2 − x + 1 is irreducible in Q[x]. We can
check that f (x) has no rational roots: it is enough to see that f (±1) = 0. Moreover,
by Gauss’s lemma it is enough to check that f (x) is irreducible in Z[x]. Suppose
by contradiction that

f (x) = (x 2 + ax + b)(x 2 + cx + d),

that is, that f (x) factors as the product of two quadratic polynomials in Z[x]. By
computing the coefficients of the right hand side, we get
⎧
⎪
⎪ a+c = −1
⎨
b + d + ac = 1
⎪
⎪ ad + bc = −1
⎩
bd = 1.

The last equation implies that b = d = ±1. Substituting into the third equation, we
find that we must have b = d = 1, otherwise the first equation has no solutions. On
the other hand, the solutions of the first two equations a + c = −1 and ac = −1
are solutions of t 2 + t − 1 = 0, but it is clear that the latter polynomial in t has no
integer roots.
[[One could also show that f (x) is irreducible in Z[x] by considering its coefficients modulo
2. The reduction yields the polynomial x 4 + x 3 + x 2 + x + 1 which clearly has no roots in F2 and
is not the square of x 2 + x + 1, which is the only irreducible polynomial of degree 2 in F2 [x].]]
The degree [Q(α) : Q] is thus 4, and the degree d = [Q(α + cα −1 ) : Q] is a
divisor of 4 because α + cα −1 ∈ Q(α). We can immediately remark that d = 1,
because if we had d = 1 we would have α+cα −1 = q ∈ Q, that is, α 2 −qα+c = 0;
the element α would then satisfy an equation of degree 2 with rational coefficients,
which would contradict the fact that [Q(α) : Q] = 4. So we have d = 2 or d = 4.
We have d = 2 if and only if the elements (α + cα −1 )2 , α + cα −1 , 1 are linearly
dependent over Q. Multiplying by α 2 , the condition becomes that (α 2 + c)2 , α 3 +
cα, α 2 are linearly dependent over Q.
222 3 Solutions

Let us write all the terms as linear combinations of 1, α, α 2 , α 3 . The vectors

α3 + cα, α 2 are already expressed in terms of this basis, and we have (α 2 + c)2 =
α +2cα 2 +c2 = α 3 +(2c−1)α 2 +α +(c2 −1). By looking at the coefficients of α 3
4

we find that a linear combination r(α 3 +(2c−1)α 2 +α+(c2 −1))+s(α 3 +cα)+tα 2

can be 0 only if r = −s. If r = −s = 0 we also get t = 0, so the coefficients are
all zero. If r = −s = 0 then setting the coefficient of α to zero yields c = 1, hence
t = −r, which is a solution.
In conclusion, d = 2 if c = 1 and d = 4 if c = 1.
225
(i) Since f (x) has degree 3, it is irreducible in Q[x] if and only if it has no rational
roots; moreover, the only potential roots are ±1. Since neither 1 nor −1 is a
root, f (x) is irreducible in Q[x]. Let α be a real root of f (x); we have [Q(α) :
Q] = 3. Now, since f (x) is irreducible and has degree 3, the degree of its
splitting field K over Q is a divisor 3! = 6. But we have chosen α ∈ R and,
since the derivative f (x) = 3x 2 + 3 is always positive, there is a unique real
root of f (x), so K is not contained in R, that is, [K : Q] = 6.
(ii) By the derivative criterion, f (x) ∈ Fp [x] has multiple roots in Fp if and only if
(f (x), f (x)) = 1. For p = 3, the polynomial f (x) = x 3 +1 = (x +1)3 has the
triple root 1. For p = 3, since f (x) = 3x 2 + 3 = 3(x 2 + 1) and 3 is invertible
modulo p, we can take the greatest common divisor of f (x) and x 2 + 1. The
first division of Euclid’s algorithm yields x 3 + 3x + 1 = x(x 2 + 1) + (2x + 1).
Remark that for p = 2 the polynomial f (x) is irreducible, because its degree
is 3 and it has no roots. We can therefore assume that p = 2 and multiply
the polynomial x 2 + 1 by the invertible constant 4, thus obtaining 4x 2 + 4 =
(2x − 1)(2x + 1) + 5 from the next Euclidean division. It follows that the
greatest common divisor of f (x) and f (x) is not 1 if and only if p = 3 or
p = 5. Indeed, for p = 5 we have f (x) = (x − 1)(x − 2)2 .
In conclusion, f (x) has a multiple root in Fp if and only if p = 3 or p = 5.
226
(i) The polynomial f (x) = x 9 − 1 factors in Z[x] as f (x) = (x − 1)(x 2 + x +
1)(x 6 +x 3 +1); we therefore need to show that h(x) = x 6 +x 3 +1 is irreducible
in F11 [x].
By the theorem about cyclotomic extensions of finite fields, the splitting field
of f (x) over F11 is F11d , where d is the multiplicative order of 11 modulo 9;
we find that d = 6. It follows that, denoting by C the set of roots of f (x) in
some fixed algebraic closure of F11 , we have F11 (C) = F116 . Moreover, we
know that C is a finite multiplicative group, so it is cyclic; letting C = α, we
have F116 = F11 (α). This implies that the minimal polynomial of α, which is a
divisor of f (x), has degree 6; it is therefore h(x), which is thus irreducible.
(ii) By our arguments above, x 2 + x + 1 has no roots in F11 , so the factors in
f (x) = (x − 1)(x 2 + x + 1)(x 6 + x 3 + 1) are irreducible in Z[x] because
they are irreducible modulo 11. Moreover, by Gauss’s lemma they are also
irreducible in Q[x]. Let η ∈ C be a primitive ninth root of 1; the roots of f (x)
5 Rings and Fields 223

are 1, η, η2 , . . . , η8 . The splitting field of f (x) over Q is therefore Q(η), and

its degree is the degree of the minimal polynomial μ(x) of η over Q. We know
that μ(x) | f (x) and we have η3 = 1, so μ(x) | f (x)/(x 3 − 1) = x 6 + x 3 + 1.
Since the latter polynomial is irreducible, we have μ(x) = x 6 + x 3 + 1 so the
degree of the splitting field of f (x) over Q is 6.
Letting K = Q(ζ ), the splitting field of f (x) over K is K(η) = Q(η). Since the
minimal polynomial of ζ over Q is x 2 + x + 1 we have [K : Q] = 2, and thus
[Q(η) : K] = 3.
227
(i) We show that the polynomial f (x) is irreducible modulo 2. It is obvious that 0
and 1 are not roots of the polynomial in F2 , so f (x) has no factors of degree 1.
If it were reducible it would be the product of two irreducible factors of degree
2, but the only irreducible polynomial of degree 2 in F2 [x] is x 2 + x + 1, and
we have (x 2 + x + 1)2 = x 4 + x 2 + 1 = f (x), so f (x) is irreducible.
Since it is irreducible modulo 2, the polynomial f (x) is also irreducible in
Z[x] and, by Gauss’s lemma, in Q[x]. This implies that f (x) is the minimal
polynomial of α, so [Q(α) : Q] = 4; since Q(1/(α + 1)) = Q(α), the minimal
polynomial of 1/(α + 1) also has degree 4. The minimal polynomial of α + 1 is
f (x − 1) = (x − 1)4 + (x − 1) + 1 = x 4 − 4x 3 + 6x 2 − 3x + 1, so the minimal
polynomial of 1/(α + 1) is its reciprocal polynomial x 4 − 3x 3 + 6x 2 − 4x + 1.
Remark that Q(α) = Q(α 2 ): clearly, we have Q(α 2 ) ⊆ Q(α), and the equality
f (α) = 0 yields α = −α 4 − 1 ∈ Q(α 2 ), which implies the opposite inclusion.
Consequently, the minimal polynomial of α 2 over Q has degree 4. There are
many ways to compute this minimal polynomial. We can, for example, remark
that α 4 + 1 = −α, hence by squaring both sides α 8 + 2α 4 + 1 = α 2 , so the
polynomial x 4 + 2x 2 − x + 1 vanishes at α 2 , and since it has degree 4 it is the
minimal polynomial of α 2 .
[[Here is a different way to compute the minimal polynomial of α2 : we know that it is of
the form μ(x) = x 4 + ax 3 + bx 2 + cx + d and we must find a, b, c, d ∈ Q such that
μ(α) = α 8 + aα 6 + bα 4 + cα 2 + d = 0. The expression given by the minimal polynomial
of α yields that α 4 = −α − 1, α 6 = −α 3 − α 2 and α 8 = α 2 + 2α + 1. We therefore have
μ(α 2 ) = −aα 3 + (1 − a + c)α 2 + (2 − b)α + 1 − b + d = 0. Since the vectors 1, α, α 2 , α 3
over Q are linearly independent, the equation is satisfied if and only if a = 0, b = 2, c = −1
e d = 1.]]
(ii) The splitting field of f (x) over F5 is F5d , where d is the least common multiple
of the degrees of the irreducible factors of f (x) in F5 [x]. Evaluating the
polynomial at 0, ±1, ±2 yields that the only root in F5 is −2. By Ruffini’s
theorem, x+2 | f (x) and one immediately gets f (x) = (x+2)(x 3 +3x 2 −x+3).
The only possible roots of the factor of degree 3 are those of f (x), so the only
potential root −2; but we have (−2)3 +3(−2)−(−2)+3 = 0, so x 3 +3x 2 −x+3
has no roots in F5 and therefore is irreducible. The splitting field of f (x) over
F5 is thus F53 .
224 3 Solutions

228
(i) Let α be a root of f (x) in an algebraic closure of Fp ; we have α 4 = ±a ∈ F∗p ,
so ord(α) | 4(p−1) | p2 −1, where the last divisibility follows by the assumption
that p ≡ 3 (mod 4). We therefore have that every root α of f (x) belongs to
Fp2 . All that is left to show is that f (x) does not have all of its roots in Fp .
Indeed, x 4 − a has a root in Fp if and only if a = b4 for some b ∈ Fp , in which
case −a is not a fourth power in Fp : it is not even a square, because −1 is not
a square in Fp for p ≡ 3 (mod 4). A similar argument can be applied after
exchanging a and −a, so the splitting field of f (x) is Fp2 .
(ii) If a = 1, then f (x) = x 8 − 1 and its splitting field over Fp is Fpk , where k is
the order of p in (Z/8Z)∗ . It follows that, for p ≡ 1 (mod 8), for example for
p = 17, we have k = 1, and for p ≡ 5 (mod 8), for example p = 5, we have
k = 2.
We need to show that one can find a and p for which the splitting field has
degree 4. Consider a = 2 and p = 5; we have f (x) = (x 4 − 2)(x 4 + 2). Since
neither 2 nor −2 are squares modulo 5, they are not fourth powers, so f (x) has
no roots in F5 . We need to exclude the possibility that both polynomials x 4 − 2
and x 4 + 2 factor as the product of two irreducible polynomials of degree 2. In
fact, neither polynomial does, as we can show by a direct computation.
Suppose that x 4 ± 2 = (x 2 + ax + b)(x 2 + cx + d) = x 4 + (a + c)x 3 + (b +
ac + d)x 2 + (ad + bc)x + bd con a, b, c, d ∈ F5 . Equating coefficients on the
two sides yields
⎧
⎪
⎪ a+c =0
⎨
b + ac + d =0
⎪
⎪ ad + bc =0
⎩
bd = ±2

and some calculations show that neither system has any solutions in F5 .
[[Another way to show that x 4 − 2 and x 4 + 2 are irreducible is to remark that, given a root
α ∈ F5k of f (x), we have α 4 = ±2, hence ord(α 4 ) = 4 and so ord(α) = 4r. The formula
ord(α 4 ) = ord(α)/(4, ord(α)) yields r = 4, that is, ord(α) = 16. It follows that 16 | 5k − 1
and so k = 4.]]

229
√ √
(i) Set √Δ = a − 4b2, α = (−a + Δ)/2 and β = (−a − Δ)/2. We have
Fp ( Δ) ⊆ Fp2 , so f (x) = (x 3 − α)(x 3 − β) in Fp2 [x]. Remark that a
polynomial of the form x 3 − γ in Fp2 [x] is either irreducible or the product of
three factors of degree 1. Indeed, if p = 3 then x 3 − γ = (x − γ 3 )3 . If p > 3
then 3 | p2 − 1, so the homomorphism F∗p2 z −→ z3 ∈ F∗p2 , is a 3-to-1 map,
that is, cubes have three distinct third roots in Fp2 . We can therefore conclude
that the degree of the splitting field of f (x) over Fp2 is 1 if both α and β are
cubes, and 3 otherwise.
5 Rings and Fields 225

(ii) Let Fpk be the splitting field of f (x) over Fp . Because of the previous
argument, the splitting field of f (x) over Fp2 is contained in Fp6 , so the one
over Fp is as well. The inclusion Fpk ⊆ Fp6 implies k | 6, and in particular
k = 4, 5.
(iii) As before, let Fpk be the splitting field of f (x) over Fp . We have seen that
√ √
Fp ( Δ) ⊆ Fpk , so if we had k = 3 we would have Δ ∈ Fp , and f (x) =
(x 3 − α)(x 3 − β) in Fp [x]. For p ≡ 2 (mod 3), the map z −→ z3 is an
isomorphism in F∗p , so both x 3 − α and x 3 − β factor as a product of a linear
factor and an irreducible factor of degree 2, so in this case the splitting field
cannot have degree 3.
230 Remember that, by the theorem about cyclotomic extensions of finite fields, if
(n, p) = 1 then the degree of the splitting field of the polynomial x n − 1 over Fp
coincides with the multiplicative order of p modulo n. It follows that if p = 2, 3, 5
then the degree of the splitting field of f (x) = (x 15 −1)(x 12 −1) over Fp is the least
common multiple of the multiplicative order of p modulo 15 and the multiplicative
order of p modulo 12, that is, the smallest positive solution of the system

px ≡ 1 (mod 15)
px ≡ 1 (mod 12).

By the Chinese remainder theorem, the system is equivalent to

⎧ x
⎨ p ≡ 1 (mod 3)
px ≡ 1 (mod 4)
⎩ x
p ≡ 1 (mod 5).

One can immediately check that x = 4 is a solution of the system, so the minimal
solution is a divisor of 4. We now show that all divisors of 4 are possible degrees.
For p = 7, by the arguments above, one can immediately see that the degree of
the splitting field is 4.
The degree of the splitting field over Fp is 2 if p ≡ −1 (mod 5): indeed, p2 ≡ 1
(mod 3) and p2 ≡ 1 (mod 4) for all primes larger than 3, for example for p = 19.
The degree of the splitting field is 1 if and only if 3 | p − 1, 4 | p − 1 and 5 | p − 1
that is, if and only if 60 | p − 1. Since 61 is prime, the splitting field of f (x) over
F61 has degree 1.
The last case to discuss is p = 2. In F2 [x] we have f (x) = (x 15 − 1)(x 3 − 1)4
and, since 3 | 15, we have x 3 − 1 | x 15 − 1, so the degree of the splitting field of f (x)
is the order of 2 in (Z/15Z)∗ , which one can easily show to be 4.
[[In order to cover every prime, we could also discuss 3 and 5. For p = 3 we have f (x) =
(x 5 − 1)3 (x 4 − 1)3 and, since the multiplicative order of 3 modulo 5 is 4 and its multiplicative
order modulo 4 is 2, the degree of the splitting field is 4. Finally, for p = 5 we have f (x) =
(x 3 − 1)5 (x 12 − 1) and a similar argument yields that the degree of the splitting field is 2.]]
226 3 Solutions

231 The prime factorisation of 1635 is 3 · 5 · 109, so Z/1635Z is not a field and
the equation can have more than four solutions. By the Chinese remainder theorem,
Z/1635Z  Z/3Z × Z/5Z × Z/109Z.
Let us now look for a factorisation of f (x) = 2x 4 − 41x 3 + 201x 2 − 71x − 91 in
Z[x], which will induce factorisations in Z/3Z[x], Z/5Z[x], Z/109Z[x] by passing
to the quotient.
Since 91 = 13 · 7, any rational root of f is of the form a/b, where a is a divisor
of 91 and b is a divisor of 2. It is easy to check that f (1) = f (7) = f (13) = 0 and
so we have that (x − 1)(x − 7)(x − 13) divides f (x). By performing the division we
obtain that f (x) = (x −1)(x −7)(x −13)(2x +1) in Z[x], and so −1/2 is also a root.
This factorisation yields: f (x) = −(x −1)4 in Z/3Z[x], f (x) = (x −1)(x −2)2 (x −
3) in Z/5Z[5] and (x −1)(x −7)(x −13)(2x +1) in Z/109Z[x]. Since Z/3Z, Z/5Z
and Z/109Z are fields, these factorisations immediately give us the respective sets
of roots: we have x = 1, of multiplicity 4, in Z/3Z[x]; x = 1, −2, 2, where 2 has
multiplicity 2, in Z/5Z[x], and finally x = −1/2, 1, 7, 13 in Z/109Z[x] (and it is
easy to check that these roots are distinct in Z/109Z). We therefore have 1·3·4 = 12
distinct solutions in Z/3Z × Z/5Z × Z/109Z and thus in Z/1635Z.
Since the factorisation in Z[x] remains valid in the quotient ring Z/1635Z[x],
three roots of f (x) are immediately found and are x ≡ 1, 7, 13 (mod 1635).
Moreover, remark that (2, 1635) = 1, so the element 2 is invertible in Z/1635Z
and we have the solution x = −1/2 ≡ 817 ∈ Z/1635Z, which is clearly different
from the previous ones.
We need to construct two more solutions and we may do it using the Chinese
remainder theorem, for example from the triples of solutions (1, 1, 7) and (1, 2, 13)
in Z/3Z × Z/5Z × Z/109Z. Simple calculations yield that 661 and 667 are the
corresponding classes modulo 1635, and are thus roots of f (x).
[[For the sake of completeness, by remarking that −1/2 ≡ 54 (mod 109), we can give the full
correspondence between solution triples in Z/3Z × Z/5Z × Z/109Z and solutions in Z/1635Z:

(1, 1, 1) ←→ 1 (1, 1, 7) ←→ 661

(1, 1, 13) ←→ 1321 (1, 1, 54) ←→ 1471
(1, 2, 1) ←→ 982 (1, 2, 7) ←→ 7
(1, 2, 13) ←→ 667 (1, 2, 54) ←→ 817
(1, 3, 1) ←→ 328 (1, 3, 7) ←→ 988
(1, 3, 13) ←→ 13 (1, 3, 54) ←→ 163.

]]
232
(i) First of all, we show that f (x) is irreducible in Q[x]. Since deg(f ) = 3, it is
enough to show that f (x) has no rational roots. Any rational root must have a
numerator that divides the constant coefficient, which is −1, and a denominator
that divides the leading coefficient, which is 1; it is therefore enough to check
that ±1 are not roots. But f (1) = f (−1) = −1, so the polynomial has no
rational roots and is therefore irreducible.
5 Rings and Fields 227

It is now clear that the field Q(α) has degree 3 over Q and thus each of its
elements can be expressed as a linear combination of 1, α and α 2 with rational
coefficients. We write 1/(α + 2) = aα 2 + bα + c, where a, b, c are rational
numbers to be determined. We get

1 = (aα 2 + bα + c)(α + 2) = aα 3 + bα 2 + cα + 2aα 2 + 2bα + 2c

= (b + 2a)α 2 + (a + c + 2b)α + (a + 2c)

where we used α 3 = α + 1 to obtain the last equality. Equating coefficients of

the basis vectors on the two sides yields the system
⎧
⎨ b + 2a = 0
a + c + 2b = 0
⎩
a + 2c = 1

whose unique solution is a = 1/7, b = −2/7, c = 3/7. In conclusion, 1/(α +

2) = (α 2 − 2α + 3)/7.
[[Alternatively, we could divide the polynomial x 3 −x −1 by x +2 and obtain that x 3 −x −1 =
(x 2 − 2x + 3)(x + 2) − 7. Replacing x with α, we have (α 2 − 2α + 3)(α + 2) − 7 = 0, so
dividing by 7(α + 2) yields the desired expression.]]
(ii) We have the obvious inclusions Q(α 2 ) ⊆ Q(α) and Q(α 3 ) ⊆ Q(α), so the
degrees to be computed are at most 3, and moreover they are divisors of 3
(because degrees are multiplicative in towers), so each is either 1 or 3.
If we had [Q(α 2 ) : Q] = 1 then we would have α 2 = c ∈ Q and so α would
be a root of the degree 2 polynomial x 2 − c ∈ Q[x], which contradicts the fact
that the minimal polynomial of α is x 3 − x − 1 and has degree 3. Therefore,
[Q(α 2 ) : Q] = 3.
From the equation α 3 = α + 1 we get that α = α 3 − 1 ∈ Q(α 3 ), so Q(α) =
Q(α 3 ) and [Q(α 3 ) : Q] = 3.
233
(i) Reducing the polynomial f (x) modulo 2 yields x 4 + x + 1, which clearly has
no roots and is not the square of the unique irreducible polynomial of degree 2
in F2 [x], namely, x 2 + x + 1. The polynomial f (x) is thus irreducible modulo
2 and so irreducible in Z[x]. By Gauss’s lemma, it is also irreducible in Q[x].
(ii) Since it is irreducible, f (x) is the minimal polynomial of α over Q, so [Q(α) :
Q] = 4. It is clear that 2α − 3 ∈ Q(α); on the other hand, α = (2α − 3)/2 +
3/2 ∈ Q(2α − 3), hence Q(2α − 3) = Q(α) and [Q(2α − 3) : Q] = 4. The
minimal polynomial of 2α − 3 over Q has thus degree 4, and is the unique
monic polynomial of degree 4 in Q[x] that vanishes at 2α − 3. The polynomial
 
x+3 1 4
g(x) = f = (x + 12x 3 + 54x 2 + 84x − 71)
2 16
228 3 Solutions

has degree 4, and clearly g(2α − 3) = 0. The minimal polynomial of 2α − 3

over Q is thus 16g(x) = x 4 + 12x 3 + 54x 2 + 84x − 71.
(iii) Clearly, α 2 ∈ Q(α). On the other hand, the equality α 4 − 3α − 5 = 0 implies
that α = (α 4 − 5)/3 = ((α 2 )2 − 5)/3 ∈ Q(α 2 ).
So we have Q(α 2 ) = Q(α) and thus [Q(α 2 ) : Q] = 4, and the minimal
polynomial of α 2 is the unique monic polynomial of degree 4 that vanishes at
α 2 . Squaring both sides of α 4 − 5 = 3α, we immediately obtain that x 4 −
10x 2 − 9x + 25 has α 2 as a root, so it is the minimal polynomial in question.
234 We have 5 = 2x 2 + 17 − 2(x 2 + 6) and so 5 ∈ I = (2x 2 + 17, x 2 + 6); in
fact, we have I = (5, x 2 + 1).
The map F5 a −→ a + I ∈ A = Z[x]/I is well defined, because the ideal
generated by 5 in Z[x] is contained in I ; moreover, it is a ring homomorphism. In
order to show it is injective, remark that I ∩ Z is an ideal of Z that contains 5Z; it is
therefore either 5Z or Z. But if we had I ∩ Z = Z then we would have 1 ∈ I , that
is, 1 ∈ (x 2 + 1) in F5 [x], which is not the case. Therefore, if a + I = a + I then
we have a − a ∈ I ∩ Z = 5Z, so a = a .
Having shown that F5 ⊆ A, we conclude that A is a vector space over F5 .
We now show that 1, x form a basis of A as a vector space over F5 . It is clear that
they generate A, because every element of A can be expressed in the form ax + b
for some a, b ∈ Z. In order to show that they are linearly independent, suppose that
ax + b = 0 in A = Z[x]/(5, x 2 + 1). We then have ax + b ∈ (5, x 2 + 1) in Z[x]
and so ax + b ∈ (x 2 + 1) in F5 [x], which implies a = b = 0 in F5 .
Since it has a basis consisting of two elements, A is isomorphic to F25 , as are all
vector spaces of dimension 2 over F5 .
235
(i) Since degrees√are multiplicative
√ √ have [K :
in towers, we
Q] = [K : Q( 3 2)][Q( 3 2) : Q]. Now, [Q( 3 2) : Q] =
Q( 3 2, i) 3; this is because the polynomial x 3 − 2 is irreducible in
Z[x] by Eisenstein’s criterion, hence
√ by Gauss’s lemma it
√ is irreducible in Q[x], and
√ it has 3
2 as a root, so it is the
Q( 3 2) minimal √ polynomial of 3 2 over Q. In order to compute
3 [K : Q(√3 2)], we shall find the minimal polynomial of i
over Q( 3 2). Since we know how to factor x 2 + 1 in C[x],
we can immediately
√ see that it is irreducible in R[x] and
therefore in Q( 3 2)[x] ⊆ R[x].
√
Since the irreducible polynomial x√ 2 + 1 ∈ Q( 3 2)[x] does have i as a root, it
√
is its minimal polynomial over Q( 3 2), and we have [K : Q( 3 2)] = 2.
In conclusion, [K : Q] = √ 2 · 3 = 6. √ √ √
(ii) We show that√K = Q( 3 2,√ i) = Q( 3 2 + i). Since 3 2 + i ∈ Q( 3 2, i), it is
clear that Q( 3 2 + i) ⊆ Q( 3 2, i).
5 Rings and Fields 229

√ √
Let u = 2 + i. By taking the cube of both sides of the equality u − i = 2
3 3

we get

u3 − 3u − 2 √3
i= ∈ Q(u) = Q( 2 + i).
3u − 1
2

√ √ √ √
Moreover, 3 2 = u − i ∈ Q( 3 2 + i) and thus √ Q( 3 2, i) ⊆ Q( 3 2 + i).
(iii) We need to find the minimal polynomial of 2+i over Q. By the results shown
3

above, we know that its degree must be 6. It is thus enough to √ find a monic
polynomial of degree √ 6 with rational coefficients that vanishes at 3
2 + i. √
As before,
√ let u = 3
2 + i. Squaring both sides of the equality i = u − 3 2,
isolating 2 and taking cubes, we immediately get that u6 +3u4 −4u3 +3u2 +
3

12u + 5 = 0, so the polynomial√x 6 + 3x 4 − 4x 3 + 3x 2 + 12x + 5 ∈ Q(x)

is monic, has degree
√ 6 and has 3 2 + i as a root. It is therefore the minimal
polynomial of 2 + i over Q.
3

236
√ √ √
(i) Consider the extensions Q ⊆ Q( 3) ⊆ Q( 3, 5).
Q( 3, 5) Since − 3 and x 2 − 5 are the minimal polynomials of
x 2√
√
3 and 5 over Q, the first extension has√degree 2√and
√
Q( 3) √ had 5 ∈ Q( 3),
the second has degree√at most 2. If we
then we would have 5 = a + b 3 for some nonzero
2 rationals √
a and b. But squaring
√ the expression gives 5 =
a 2 + 2ab 3 + 3b2, that is, 3 = (5 − a 2 − 3b2)/2ab ∈ Q,
which
√ is a contradiction.
√ √ √
[[Another way to prove that √ 5 ∈ Q(3) is the following. If we had 5 ∈ Q( 3) then the
√
two quadratic extensions Q( 3) and Q( 5) would coincide; but this is not the case, because
3 · 5 = 15 is not a square in Q.]]
This implies that the second extension has degree 2 and thus
√ √ √ √ √ √
[Q( 3, 5) : Q] = [Q( 3, 5) : Q( 3)][Q( 3) : Q] = 4.
√ √ √ √ √ √
Now consider the extensions Q ⊆ Q( 3 − 5) ⊆ Q( 3, 5). Since 3 − 5
is irrational (its square is irrational) the first extension has degree at least
√ √ 2 and
thus can have degree 2 or 4, since its degree must be a divisor of [Q( 3, 5) :
Q] = 4.
Suppose it has degree √ 2, that
√ is, there exists a polynomial√f (x) √ = x 2 + ax √+b ∈
Q[x]
√ such that f ( 3 − 5)√ = 0. This
√ would
√ imply ( 3 − 5) 2 + a( 3 −
√
5)+b√= √ 0, hence 3 +5 −2 15+a 3−a 5+b = 0, that is, 8 +b +a √3 =
(a +√2 3) 5. Squaring both √ sides yields 64 + b2 + 3a 2 + 16b + 16a √ 3+
2ab 3√= 5a + 60 + 20a 3, hence b + 16b − 2a 2 + 4 + (2ab − 4a) 3 = 0.
2 2

Since 3 is irrational, this implies 2ab − 4a = 0, that is, a = 0 or b = 2. In

the first case we get b2 + 16b + 4 = 0 and in the second a 2 = 20, but neither
equation has any√rational√ solutions. In conclusion, such a polynomial does not
exist, hence [Q( 3 − 5) : Q] = 4.
230 3 Solutions

√ √ √
(ii) Set α = 3√− 5. Taking the square yields α 2 = 3 + 5 − 2 √ 15, that
√ is,
α 2 − 8 = −2 15. Squaring again, we have α 4 − 16α 2 + 4√= 0, so √ 3 − 5 is
a root of the polynomial x 4 − 16x 2 + 4 ∈ Q[x]. Since [Q( 3 − 5) √ : Q] =√4,
this polynomial is irreducible and is thus the minimal polynomial of 3 − 5
over Q. √ √
Consider now 3− 5 − 1. Setting f (x) = x 8 − 16x 4 + 4 ∈ Q[x], it is
√ √
easy to see that f ( 3 − 5) = 0, so the polynomial √ g(x)√= f (x + 1) =
(x + 1) − 16(x + 1) + 4 ∈ Q[x] is monic and has
8 4 3− 5 − 1 as a root.
√ √
In order to show that g(x) is the minimal polynomial of 3 − 5 − 1 over
Q, we need
√to show that g(x) isirreducible, or equivalently that the extension
√ √ √
Q ⊆ Q( 3 − 5 − 1) = Q( 3 − 5) has degree 8.
√ √
Q(β) Set β = 3 − 5.√Since√we know√that
[Q(β)
√ : Q] = [Q(β) : √ Q( 3 √ − 5)] · [Q( 3 −
√ √ 5) : Q] and that [Q( 3 − 5) : Q] = √ 4, we
Q( 3 − 5) ⊆ R have
√ that [Q(β) : Q] = 8 is equivalent to Q( 3−
4
5) = Q(β). But
√ this
√ immediately follows from
the fact that Q( 3 − 5) is a subextension
√ of R,
Q √
whereas Q(β) is not, since β = 3 − 5 is the
square root of a negative number.
237 Set f (x) = x 7 +x 6 +x 5 +x 4 +x 3 +x 2 +x +1; notice that (x −1)f (x) = x 8 −1.
It is thus clear that in C[x] the roots of the polynomial f (x) are all the 8th roots of
unity except for 1, that is,

1+i −1 + i −1 − i 1−i
f (x) = (x − √ )(x − i)(x − √ )(x + 1)(x − √ )(x + i)(x − √ ).
2 2 2 2

In Z[x] we can factor x 8 − 1 as (x − 1)(x + 1)(x 2 + 1)(x 4 + 1), as one immediately

finds by repeatedly factoring differences of squares. This factorisation also holds in
F5 [x] and F13 [x], because both rings are quotients of Z[x].
Now, remark that x 2 + 1 is irreducible in Z[x] because it has no real roots and is
monic. The polynomial (x + 1)4 + 1 = x 4 + 4x 3 + 6x 2 + 4x + 2 is irreducible by
Eisenstein’s criterion for the prime 2, so x 4 + 1 is also irreducible. The factorisation
of f (x) in irreducible factors in Z[x] is therefore

f (x) = (x + 1)(x 2 + 1)(x 4 + 1).

2
In F5 we have 2 = −1, whereas ±2 are not squares. So x 2 + 1 = (x − 2)(x + 2)
and x 4 + 1 = (x 2 − 2)(x 2 + 2), and the two quadratic factors are irreducible because
they have no roots. So f (x) factors in F5 [x] as

f (x) = (x + 1)(x − 2)(x + 2)(x 2 − 2)(x 2 + 2).

5 Rings and Fields 231

2
In F17 we have 4 = −1, so x 2 + 1 = (x − 4)(x + 4) and x 4 + 1 = (x 2 − 4)(x 2 +
4) = (x − 2)(x + 2)(x − 8)(x + 8). The polynomial is therefore a product of linear
factors:

f (x) = (x + 1)(x − 4)(x + 4)(x − 2)(x + 2)(x − 8)(x + 8).

238
(i) Remark that 1 is a root of f (x) over F7 , so we can divide f (x) by x − 1 and
obtain f (x) = (x −1)(x 3 −x 2 −3x +3). Since 1 is also a root of x 3 −x 2 −3x +3,
we divide once again to get f (x) = (x − 1)2 (x 2 − 3).
In order to check whether x 2 −3 is irreducible, we compute all squares in F∗7 : we
have (±1)2 = 1, (±2)2 = −3, (±3)2 = 2, so 3 is not a square and therefore
x 2 − 3 is irreducible. The factorisation of f (x) in irreducible factors is thus
(x − 1)2 (x 2 − 3).
(ii) Since F7 [x]/(f (x)) is a finite ring, its elements are either invertible or zero
divisors; we can therefore just count zero divisors. We know that each zero
divisor is represented by a polynomial of degree less than 4 that is not coprime
to f (x). The set of zero divisors is thus in bijection with the set of polynomials
of degree at most 3 that are multiples of x − 1 or of x 2 − 3. By the inclusion-
exclusion principle,

|{zero divisors}| = |{multiples of x − 1}| + |{multiples of x 2 − 3}|

−|{multiples of (x − 1)(x 2 − 3)}|.

The multiples of x − 1 are represented by polynomials of the form (a2 x 2 +

a1 x + a0 )(x − 1), with no conditions on a0 , a1 , a2 ∈ F7 , so there are 73 = 343
of them. Similarly, there are 72 = 49 multiples of x 2 − 3 and 7 multiples of
(x − 1)(x 2 − 3).
Therefore, there are 73 + 72 − 7 = 385 zero divisors in F7 [x]/(f (x))|, and the
number of invertible elements is

|F7 [x]/(f (x))| − 385 = 74 − 385 = 2016.

239 Let us find the minimal polynomial of α over Q. By repeatedly isolating square
roots and squaring we get
 √
α =2+ 5+−5
√
(α − 2)2 = 5 + −5
((α − 2)2 − 5)2 = −5
α 4 − 8α 3 + 14α + 8α + 6 = 0,
232 3 Solutions

so α is a root of the polynomial f (x) = x 4 −8x 3 +14x 2 +8x +6. Now, f (x) ∈ Z[x]
is irreducible in Z[x] by Eisenstein’s criterion for p = 2. By Gauss’s lemma, f (x)
is also irreducible in Q[x] and, being monic, it is the minimal polynomial of α over
Q. It follows that [Q(α) : Q] = deg(f ) = 4.
Consider the tower of extensions Q ⊆ Q(α 2 ) ⊆ Q(α).
Q(α) We know that [Q(α) : Q] = 4 and that [Q(α) : Q(α 2 )] ≤ 2,
because α is a root of the polynomial x 2 − α 2 , which has
degree 2 and whose coefficients are in Q(α 2 ).
4 Q(α )
2
The fact that the degree is multiplicative in towers implies
that [Q(α 2 ) : Q] is either 2 or 4. If we had [Q(α 2 ) : Q] = 2
then the minimal polynomial of α 2 over Q would be of the
Q form x 2 + ax + b for some a and b in Q, so α would be a
root of the polynomial g(x) = x 4 + ax 2 + b ∈ Q[x].
But then g(x) would be a multiple of f (x). In order for this to be the case, since
f and g are monic polynomial of the same degree, they would need to coincide: but
this is not possible because g gives a biquadratic equation, whereas f does not. In
conclusion, [Q(α 2 ) : Q] = 4.
240
(i) In F2 [x] we have

f (x) = x 4 + 3x 3 + x + 1
= x4 + x3 + x + 1
= (x + 1)2 (x 2 + x + 1)

and the latter is a product of irreducible factors because x 2 + x + 1 has degree

2 and no roots in F2 .
Similarly, in F3 [x] we have f (x) = (x −1)(x 3 +x 2 +x −1) and x 3 +x 2 +x −1
is an irreducible polynomial in F3 [x], because it has degree 3 and no roots in
F3 .
It follows that the splitting field of f (x) over F2 is F22 and the splitting field of
f (x) over F3 is F33 .
The splitting field of f (x) over F2k is, by definition, the smallest extension of
F2k that contains the roots of f (x). Now, an extension of F2k contains the roots
of f (x) if and only if it contains the extension that they generate over F2 , so
what we need to find is the degree of the smallest extension of F2k that contains
F22 . From the theory concerning inclusions of finite fields, we know that the
degree of the splitting field in question is 2/(k, 2), that is, 1 if k is even and 2 if
k is odd.
Similarly, the splitting field of f (x) over F3k is the smallest extension of F3k
that contains F33 , which has thus degree 3/(k, 3).
(ii) We have [Q(α) : Q] = 4 because f (x) is an irreducible polynomial over Q.
Indeed, f (x) has no roots in Q, because the only candidates are ±1 and one can
check that f (±1) = 0. So if f (x) were reducible over Q it would be the product
5 Rings and Fields 233

of two irreducible factors of degree 2, but this contradicts the factorisation found
over F3 .
[[Alternatively, we can remark that if f (x) factored over Q as the product of two irreducible
polynomials of degree 2, we would have

x 4 + 3x 3 + x + 1 = (x 2 + ax ± 1)(x 2 + bx ± 1)

for some a, b ∈ Z. Looking at the coefficients of x and x 3 , we would have a + b = ±1 and

a + b = 3, which are clearly incompatible. ]]

241 First of all, remark that the polynomial f (x) = x 4 − 2 is irreducible over Q by
Eisenstein’s√criterion for the prime 2 and Gauss’s√ lemma. Its complex roots are the
numbers i k 4 2 for k = 0, 1, 2, 3. Setting α = 4 2, we have that the splitting field of
f (x) over Q is given by Q(i, α).
Q(α, i) Consider the tower of extensions Q ⊆ Q(α) ⊆ Q(α, i). The
first extension has degree 4 because f (x) is irreducible. The
second extension has degree 2: its degree is at most 2 because
Q(α) the polynomial x 2 + 1 has coefficients in Q(α) and has i as a
4 root; moreover, its degree is not 1 because Q(α) is contained in
R, so it cannot coincide with Q(α, i). In particular, the degree
Q
of the splitting field of f (x) over Q is 8.
In F3 [x] we have

f (x) = x 4 − 2 = x 4 + 4 = (x 4 + 4x 2 + 4) − (2x)2 = (x 2 − 2x + 2)(x 2 + 2x + 2)

and the polynomials x 2 ± 2x + 2 are irreducible over F3 because their discriminant

is −1, and therefore not a square in F3 . In particular, the degree of the splitting field
of f (x) over F3 is 2.
In F17 [x] we have

f (x) = x 4 − 2 = x 4 − 36 = (x 2 − 6)(x 2 + 6).

The polynomials x 2 ± 6 are irreducible over F17 because 6 and −6 are not squares
in F17 , as one can check by listing all squares of F17 . In particular, the degree of the
splitting field of f (x) over F17 is 2.
[[The factorisation a4 + 4b4 = (a2 + 2b2 + 2ab)(a2 + 2b2 − 2ab), which we used above
with b = 1 and over F3 , is called Sophie Germain’s identity, in honour of the famous French
mathematician.
We could have alternatively computed the degree over F17 by remarking that, since 2 has order
8 in (Z/17Z)∗ , any root α of f (x) in the algebraic closure of F17 is such that (α 4 )8 = 28 = 1,
so we have α 32 = 1 and α 16 = 1. What we have to compute is therefore the degree of the field
generated by the 32nd roots of unity over F17 ; this field is F17d , where d is the order of 17 in
(Z/32Z)∗ . Since 17 ≡ 1 (mod 32) and 172 ≡ 1 (mod 32), we have d = 2. ]]
Index

A Chinese, – remainder theorem, 20

Abelian, – group, 24 Class(es)
Algebraic equivalence, 5
element, 47 invertible residue, 21
extension, 47 Closed, – subset, 9
Algorithm Closure, algebraic – of a field, 49
Euclid’s, 16 Codomain, 3
Euclid’s – for polynomials, 40 Coefficient
Argument, – of a complex number, 10 binomial, 13
Arithmetic constant, 38
fundamental theorem of, 17 leading, 38
modular, 20 Combinatorics, 12
Automorphism Commutative
field, 46 diagramme, 4
Frobenius, 46 group, 24
group, 32 ring, 34
Complement, 2
Complex
B algebraic form of a – number, 10
Basis, 44 argument of a – number, 10
Bézout imaginary – number, 10
’s identity, 16 imaginary part of a – number, 10
’s identity for polynomials, 40 modulus of a – number, 10
Binomial numbers, 10
theorem, 14, 35 plane, 10
polar form of a – number, 11
real part of a – number, 10
C Composite
Cardinality, – of a set, 12 extension, 47
Cauchy, –’s theorem, 32 map, 4
Centre, 25 Composition, 8
Characteristic of maps, 4
of a field, 45 Congruence, 17
positive, 45 Congruent, 17, 27
zero, 45 Conjugate, 28

© Springer Nature Switzerland AG 2020 235

R. Chirivì et al., Selected Exercises in Algebra, UNITEXT 119,
https://doi.org/10.1007/978-3-030-36156-3
236 Index

complex, 10 Euclid
Constant, – polynomial, 38 ’s algorithm, 16
Content, – of a polynomial, 41 ’s algorithm for polynomials, 40
Coset(s), 27 ’s lemma, 16
left – of a subgroup, 27 Euler
right – of a subgroup, 27 ’s formula, 10
Criterion ’s theorem, 22
derivative – for multiple roots, 49 ’s totient function, 21
Eisenstein’s, 43 Evaluation, – of a polynomial, 39
Cycle, 30 Exactly divides, 17
length of a, 30 Extension(s)
Cyclic algebraic, 47
group, 25 composite, 47
structure theorem for – groups, 32 cyclotomic, 50
Cyclotomic degree of an, 46
extension over Q, 50 field, 46
polynomial, 43 finite, 46
theorem of – extensions, 51 tower of, 46

D F
Degree Factorial, 13
of an extension, 46 Factorisation, polynomial, 41
of a polynomial, 38 Fermat, –’s theorem, 19
De Morgan, –’s law, 2 Fibonacci, – numbers, 8
Dependent, linearly, 44 Field(s), 35, 45
Derivative algebraic closure of a, 49
criterion for multiple roots, 49 algebraically closed, 48
of a polynomial, 49 automorphism, 46
Dimension, 44 characteristic of a, 45
Diophantine, linear – equation, 16 extension, 46
Divisibility, – of polynomials, 39 finite, 50
Division Finite, – field, 50
Euclidean, 15 Form
Euclidean – of polynomials, 40 algebraic – of a complex number, 10
Divisor, 15 polar – of a complex number, 11
zero, 34 Formula, Euler’s, 10
Domain, 3 Freshman’s dream, 19, 45
integral, 34 Frobenius, – automorphism, 46
Function
characteristic, 12
E Euler’s totient, 21
Eisenstein, –’s criterion, 43
Element
algebraic, 47 G
invertible – in a ring, 35 Gauss, –’s lemma, 42
neutral – for an operation, 9 Generator(s)
neutral – of a group, 24 set of, 25
nilpotent, 34 for a vector space, 44
transcendental, 47 Greatest common divisor, 15
Equation, linear Diophantine, 16 Group(s), 24
Equivalence Abelian, 24
class, 5 automorphism, 32
relation, 5 centre of a, 25
Index 237

commutative, 24 Inverse
cyclic, 25 group, 24
direct product of, 33 left – for an operation, 9
homomorphic image of a, 30 for an operation, 9
homomorphism, 30 right – for an operation, 9
isomorphism, 31 Invertible
multiplicative – of a field, 46 element in a ring, 35
neutral element of a, 24 residue class, 21
order of a, 24 Irreducible, – polynomial, 41
quotient, 28 Isomorphism
quotient of, 27 group, 31
structure theorem for cyclic, 32 ring, 36
symmetric, 29
of unit quaternions, 29
K
Kernel
H of a group homomorphism, 30
Homomorphism of a ring homomorphism, 36
fundamental – theorem, 31
group, 30
kernel of a group, 30 L
kernel of a ring, 36 Lagrange, –’s theorem, 27
ring, 36 Law(s)
associative – for composition of maps, 4
cancellation, 25
I De Morgan, 2
Ideal, 36 Least common multiple, 17
generated, 37 Legendre, – symbol, 52
maximal, 37 Leibniz, –’s rule, 49
Identity Lemma
Bézout’s, 16 Euclid’s, 16
Bézout’s – for polynomials, 40 Gauss’s, 42
map, 4 Length, – of a cycle, 30
Image Linear combination, 44
of an element, 3 Linearly
homomorphic – of a group, 30 dependent, 44
of a map, 3 independent, 44
of a set, 3
Imaginary
number, 10 M
part of a complex number, 10 Map(s), 3
unit, 10 associative law for composition of, 4
Independent, linearly, 44 bijective, 4
Indeterminate, 37 codomain of a, 3
Index, – of a subgroup, 27 commutative diagramme of, 4
Induction compatible with an equivalence relation, 6
principle, 7 composite, 4
Integer(s) composition of, 4
congruent, 17 domain of a, 3
numbers, 9 fixed points of a, 4
prime, 17 identity, 4
relatively prime, 16 image of a, 3
Integral, – domain, 34 inclusion, 4
Intersection, 2 injective, 4
238 Index

inverse, 4 Permutation, 4
invertible, 4 Plane, complex, 10
multiplicative, 21 Polynomial(s), 37
one-to-one, 4 constant, 38
onto, 4 constant coefficient of a, 38
quotient, 6 content of a, 41
restriction of a, 4 cyclotomic, 43
surjective, 4 degree of a, 38
Maximal, – ideal, 37 derivative of a, 49
Minimal, – polynomial, 47 divisibility of, 39
Modulus, – of a complex number, 10 Euclidean division of, 40
Monic, – polynomial, 38 evaluation of a, 39
Multiple, 15 factorisation, 41
Multiple, – of a polynomial, 40 indeterminate of a, 37
Multiplication, – by scalars, 44 irreducible, 41
Multiplicative, – map, 21 leading coefficient of a, 38
Multiplicity, – of a root, 40 minimal, 47
monic, 38
N multiple of a, 40
Nilpotent, – element, 34 primitive, 41
Normal, – subgroup, 28 quotient of a division between, 40
Number(s), 9 quotient of – rings, 43
complex, 10 remainder of a division between, 40
Fibonacci, 8 root of a, 39
integer, 9 zero, 38
natural, 7 Pre-image, 3
rational, 9 Prime
real, 9 integers, 17
relatively – integers, 16
O relatively – polynomials, 41
One, – of a ring, 34 Primitive, – polynomial, 41
Operation, 8 Principle
associative, 8 inclusion-exclusion, 15
closed subset under an, 9 of induction, 7
commutative, 8 pigeonhole, 13
distributive, 9 recursion, 8
inverse for an, 9 well-ordering, 7
left inverse for an, 9 of zero products, 35
neutral element for an, 9 Product
in the quotient of groups, 28 Cartesian—of sets, 2
restriction of an, 9 direct – of groups, 33
right inverse for an, 9 of subgroups, 26
Order Property
of an element, 24 anti-symmetry, 6
of a group, 24 irreflexivity, 7
partial – relation, 7 reflexivity, 5, 6
relation, 6 symmetry, 5
strict – relation, 7 transitivity, 5–7
total – relation, 7

P Q
Partition(s), 5 Quaternions, group of unit, 29
finer, 6 Quotient, 15
Pascal’s triangle, 14 of a division between polynomials, 40
Index 239

of groups, 27, 28 characteristic function of a, 12

of polynomial rings, 43 closed – under an operation, 9
of a ring, 37 complement of a, 2
set, 6 disjoint, 2
finite, 12
of generators, 25
R image of a, 3
Rational, – numbers, 9 infinite, 12
Real, – numbers, 9 intersection of, 2
Real part, – of a complex number, 10 pre-image of a, 3
Recursive, 8 quotient, 6
Relation(s), 5 of representatives, 6
equivalence, 5 union of, 1
equivalence class of a, 5 Space, vector, 43
order, 6 Subgroup(s), 25
partial order, 7 cosets of a, 27
quotient by a, 6 generated, 25
strict order, 7 index of a, 27
total order, 7 normal, 28
Remainder, 15 product of, 26
of a division between polynomials, 40 Subring(s), 35
Representative(s) Symbol, Legendre, 52
set of, 6 Symmetric, – group, 29
Residue(s), 18
quadratic, 52
Restriction, – of an operation, 9 T
Ring(s), 34 Theorem
commutative, 34 binomial, 14, 35
generated, 36 Cauchy’s, 32
homomorphism, 36 Chinese remainder, 20
with identity, 34 of cyclotomic extensions, 51
isomorphism, 36 Euler’s, 22
one of a, 34 Fermat’s, 19
polynomial, 37 freshman’s dream, 19, 45
quotient, 37 fundamental – of algebra, 41
unitary, 34 fundamental – of arithmetic, 17
zero, 34 fundamental homomorphism, 31
zero of a, 34 Lagrange’s, 27
Root Ruffini’s, 40
multiple, 40 structure – for cyclic groups, 32
multiplicity of a, 40 Tower, – of extensions, 46
of a polynomial, 39 Transcendental, – element, 47
primitive – of unity, 11, 50 Transposition, 30
simple, 40
of unity, 49
Ruffini, –’s theorem, 40 U
Rule, Leibniz’s, 49 Union, 1
disjoint, 2
Unit
S imaginary, 10
Scalar, 44 of a ring, 34
Sequence, 8 quaternions, 29
Set(s), 1 Unitary, – ring, 34
cardinality of a, 12
240 Index

V Z
Vector, 44 Zero
column, 44 characteristic, 45
space, 43 of a ring, 34
zero, 44