sign in sign up
<<
Home , Euclidean domain

Euclidean and the Gaussian : An Application

Shreejit Bandyopadhyay July 28, 2013

Abstract is essentially the study of commutative rings and in this paper, we shed some light on a highly important class of such rings - the Euclidean . We then show that the of Gaussian integers is an example of such a domain and thereby prove a famous theorem in number theory, due to Fermat, which states that any prime number p, of the form 4n + 1, can be expressed as the sum of squares of two integers while no prime of the form 4n + 3 can be so expressed.

1 Introduction

Before we begin our study of Euclidean domains, we’d like to give a few defini- tions to begin our discussion. Definition. A ring is a set R in which are defined two operations, often called the sum and product, and denoted by + and . respectively, which satisfy the following axioms :

1. With respect to the operation +, R is an abelian . So R has an additive identity, denoted by 0, and for every a 6= 0 ∈ R, −a ∈ R too. The + operation is both associative and commutative.

2. The operation . in R is associative and has the identity element 1.

3. The distributive law a.(b + c) = a.b + a.c holds for all a, b, c ∈ R. If, in addition, the operation . in R is commutative, R is said to be a . All rings we consider in this paper will be commutative. Definition. An element a 6= 0 in a commutative ring R is said to be a zero divisor if there exists a b 6= 0 in R, such that ab = 0. Definition. A commutative ring R is said to be an if it has no zero divisors, i.e, if in R, ab = 0 implies either a = 0 or b = 0 (or both).

1 Definition. An element a 6= 0 in a commutative ring R is said to be a unit if it has a multiplicative inverse in R, an element b 6= 0 such that ab = ba = 1, in R. Definition. An integral domain R is said to be an Euclidean domain if in R there is defined, for every a 6= 0, an d(a) ≥ 0 satisfying :

(i) For all a, b ∈ R, d(a) ≤ d(ab), equality holding iff b is a unit in R.

(ii) ( ) For all a, b ∈ R, there exist q, r ∈ R satisfying a = qb+r with r = 0 or d(r) < d(b). With these definitions in our hand, we now embark on a brief study of Euclidean domains in general and the domain of Gaussian integers in particular, which would eventually enable us to prove the so-called two-square theorem of Fermat.

2 Euclidean Domains

In this section, we review some properties of Euclidean domains which will carry over to the ring of Gaussian integers, which, as we shall see, is an example of such a domain. Before we carry on, however, a few more definitions will be necessary. As we’ve already specified, all rings we discuss will be commutative ones. Definition. An I of a ring R is a subset of R satisfying the following conditions :

1. With respect to the operation +, I is a subgroup of R.

2. For all a ∈I and all r ∈R, ra ∈I (and hence, by commutativity, ar ∈I, too).

Definition. Given an ideal I of a ring R, a set (a1, a2, ..., an) of elements of I is said to generate I if every a ∈I can be written as a linear combination of P these ais with coefficients in R, i.e., a = riai with ri ∈R, for some i. In this case, we write I=(a1, a2, ..., an). Definition. An integral domain R is said to be a domain (PID) if every ideal of R is generated by one element, i.e, if for any ideal I of R, there is an a ∈I such that the elements of I are precisely the elements ra, r ∈ R. Theorem. An Euclidean domain is a . Proof. Let I be an ideal of an Euclidean domain R. If I contains only the element 0, there’s nothing to prove. Otherwise, I has an element a0 6= 0. We choose the non-zero element a in I with the least d-value, i.e, with the least value of d(a). Note that since the d-values are non-negative integers, this is always possible.

2 We now show that all elements in I are actually multiples of a. Since the very definition of ideal forces every multiple of a to be in I, it will show that I=(a), proving the theorem.

Let b ∈I be an arbitrary element. Then b = qa + r, for some q, r ∈I, with r = 0 or d(r) < d(a). Since a ∈I, so is qa and b ∈I also holds. So, by the definition of an ideal, r = b − qa ∈I too. But then, by our choice of a, d(r) < d(a) is impossible. So, r = 0 and b = qa is a multiple of a. Definition. Let R be a commutative ring. Given a, b ∈R, a of a and b in R, denoted by (a, b), is an element d ∈R such that

1. d|a and d|b in R.

2. If c|a and c|b in R, c|d in R as well. Theorem. Let R be an Euclidean domain. Any two elements a, b ∈R has a greatest common divisor in R. Moreover, d = pa + qb, for some p, q ∈R.

Proof. Let I=(ma + nb : m, n ∈R). We claim that I is an ideal of R. This holds because if x = m1a+n1b and y = m2a+n2b are in I, x+y = (m1 +m2)a+(n1 + n2)b ∈I since (m1 + m2), (n1 + n2) ∈R. Also, if r ∈R, rx = (rm1)a + (rn1)b ∈I since rm1, rn1 ∈R. Once I has been shown to be an ideal of R, by the previous theorem, we can conclude that I=(d) for some d ∈R. All elements of I are then multiples of this d. Since 0 ∈R and 1 ∈R, 1.a + 0.b ∈I and 0.a + 1.b ∈I both hold, i.e, a, b ∈I. So, both a and b must be multiples of d, that is, d|a and d|b. Also, d being an element of I, d = pa + qb for some p, q ∈R. So, if for some c ∈R, c|a and c|b, then c|pa + qb, i.e., c|d. So d certainly satisfies both conditions for being the greatest common divisor of a and b, proving the assertion of the theorem.

Note that in this theoem we make no comments about the uniqueness of the gcd of the two elements. Indeed, it need not be unique at all, but there is a relation between two different gcds of two elements of an Euclidean domain. What this relation is will be seen in the following lemma. Definition. Let R be a commutative ring. Then two elements a and b in R are said to be associates if b = ca and the element c is a unit in R. Lemma 1. In an Euclidean domain R, any two greatest common divisors of two elements a and b are associates of each other. Conversely, any associate of a greatest common divisor of a and b is itself a greatest common divisor of these two elements.

Proof. Let c and d be two gcds of a and b in R. Then, by condition 2 for gcd above, c|d and d|c. So, c = dk and d = cl for some k, l ∈R. So, d = cl = (dk)l = d(kl). Since d 6= 0 and R is an integral domain, kl = 1 and so k is a unit in R. Since c = dk, we see that c and d are indeed associates of each other.

3 Conversely, let d be a gcd of a and b in R and let c be an associate of d, i.e, c = du, where u is a unit in R. Then, d being a gcd of a and b, d|a and d|b, i.e, a = dp and b = dq for some p, q ∈R. But, u being invertible in R, this means that a = c(u−1p) and b = c(u−1q) and (u−1p), (u−1q) ∈R. So, c|a and c|b in R also hold. Again, if g|a and g|b, then since d is a gcd of a and b, d|g, i.e, g = dm for some m ∈R. But then, g = c(u−1m) and so c|g. So, c satisfies both conditions for being the gcd of a and b. In an Euclidean domain, if the gcd of a and b is a unit, we say that a and b are relatively prime. Since any associate of a gcd is a a gcd and 1 is an associate of any unit in a ring, if a and b are relatively prime, we may safely assume that (a, b)=1 and conversely. Definition. In an Euclidean domain R, an element a ∈R is said to be a prime element if it’s not a unit in R and if it can’t be expressed as a product of two non-units in R. That is, whenever a = bc, either b or c is always a unit in R. Theorem. Let p be a prime element of an Euclidean domain R. Suppose that for some a, b ∈R. p|ab. Then p|a or p|b (or both). Proof. If p|a, there’s nothing to prove. So we assume that p doesn’t divide a. Consider (p, a). By definition, (p, a)|p. So, p = (p, a).c for some c ∈R. Since p is a prime in R, one of (p, a) or c must be a unit in R. Since 1 is an associate of any unit, we may assume without loss of generality that (p, a) = 1 or c = 1 must hold.

If c = 1, (p, a) = p and since, by definition, (p, a)|a, it follows that p|a, con- tradicting our assumption. So, (p, a) = 1. But then, since (p, a) = ka + lp for some k, l ∈R, ka + lp = 1. So, kab + lpb = b and we note that p|kab (since p|ab) and p|lpb. So, p must divide kab + lpb, i.e, p|b must also be true, proving the theorem.

3 The Gaussian Integers

Having built up some important theory about the Euclidean domains, in this section we’ll have a look at the ring of Gaussian integers. This ring, denoted by Z[i], is defined to be the set of all complex numbers a + bi, where both a and b are integers. But before talking about any ring as an Euclidean domain, we must first define a d−function for it, i.e, we must, for all a 6= 0 in the ring, define a value for d(a) satisfying the required properties. For the ring Z[i], we do it now.

Given any x 6= 0 in Z[i], we define d(x) to be |x|2, where, by |x|, we mean the usual of the complex number x. So, if a + bi ∈Z[i], we define d(a + bi) = a2 + b2. Clearly, for every non-zero element x of Z[i], d(x) will be a non-negative integer.

4 We will now show that this ring Z[i] is indeed an Euclidean domain by demon- strating that this d-function does satisfy the two required properties we stated before. It’s to this end that the next theorem is devoted. Theorem. The ring Z[i] of Gaussian integers is an Euclidean domain.

Proof. Let a, b ∈Z[i], with a 6= 0, b 6= 0. Then, a = c1 + id1 and b = c2 + id2, 2 2 for some integers c1, c2, d1, d2. So, d(a) = c1 + d1 and since we have that 2 2 ab = (c1c2 − d1d2) + (c1d2 + c2d1)i, d(ab) = (c1c2 − d1d2) + (c1d2 + c2d1) follows.

2 2 2 2 2 2 2 2 2 2 2 2 So, d(ab) = c1c2 + d1d2 + c1d2 + c2d1 = (c1 + d1)(c2 + d2).

2 2 2 2 Since b 6= 0, c2 + d2 ≥ 1 and hence, it follows that d(ab) ≥ c1 + d1 = d(a), proving that our d-function satisfies at least the first of the two properties re- quired of it.

The other thing we need to establish to complete the proof of the fact that Z[i] is an Euclidean domain is that for any x, y ∈Z[i], there exist q, r ∈Z[i] such that y = qx + r with r = 0 or d(r) < d(x).

First, we show this assuming that x is a positive integer n. Let y = a+bi. Then, n by the in Z, a = un + u1 and b = vn + v1 with |u1| ≤ 2 and n |v1| ≤ 2 . Then, y = a+bi = un+u1 +(vn+v1)i = (u+vi)n+(u1 +v1i) = qn+r 2 2 n2 n2 2 where q = u + vi and r = u1 + v1i = 0 or d(r) = u1 + v1 ≤ 4 + 4 < n = d(n). So, this case is settled.

If x is an arbitrary element in Z[i], however, xx¯ is a positive integer, where x¯ is the complex conjugate of x. So, we put xx¯ = n. Then, applying the first part to yx¯ and n, we get yx¯ = qn + r with r = 0 or d(r) < d(n). But, d(r) < d(n) =⇒ d(yx¯ − qn) < d(n) =⇒ d(yx¯ − qxx¯) < d(n) =⇒ d(y − qx)d(¯x) < d(n) = d(x)d(¯x), which holds because d(ab) = d(a)d(b) for any a, b ∈ Z[i] since for any two complex numbers x and y, |xy| = |x||y| and d(a) = |a|2 for any a ∈ Z[i]. But, since x 6= 0,x ¯ 6= 0 and so, d(¯x) 6= 0. So, this implies that d(y − qx) < d(x), on cancelling d(¯x) from both sides.

So, writing y = qx + (y − qx), we see that since y − qx = 0 or d(y − qx) < d(x) always holds, y = qx + r holds with r = y − qx. But, this proves that the given d-function also satisfies the second condition and, hence that Z[i] is indeed an Euclidean domain. Once we have defined a d-function for Z[i] and proved it to be an Euclidean domain, we’d like to apply some of the results of a general Euclidean domain that we proved in the last section to it. This is exactly what we do in the next section when we prove the well-known two-square theorem of Fermat.

5 4 Fermat’s Two Square Theorem

In this section, we prove the theorem in number theory usually known as the two-square theorem. Before doing so, however, we’d like to have a proof of Wilson’s theorem in our hand. Theorem. (Wilson) Let p be a prime number. Then (p − 1)! ≡ −1 (mod p). Proof. Let 1 ≤ a ≤ p − 1 be an integer. We consider the set (a modp, a2 modp, ...). Since there are infinitely many values for the exponenet of a and only finitely many (to be exact, p) remainders modulo p, there must be two integers r and s such that armodp = asmodp, i.e, ar−s ≡ 1 (mod p). So, a.ar−s−1 ≡ 1 (mod p), or in other words, we can look upon ar−s−1 as the inverse of a, modulo p. Unless a member of the set (1, 2, ..., p − 1) is its own inverse modulo p, we can thus pair it up with its inverse in the product 1.2...p−1 and get 1 modulo p.

Now, if x is its own inverse modulo p, x2 ≡ 1 (mod p) =⇒ p|x2 − 1 =⇒ p|(x + 1)(x − 1) =⇒ x ≡ ±1 (mod p). So, only 1 and -1 are self-inverses modulo p. Noting that the others give 1 modulo p on being paired up with their inverses, we conclude that the product (p − 1)!=1.2....p − 1 ≡ 1.(−1) ≡ −1 (mod p), proving Wilson’s theorem. There are also other proofs of Wilson’s theorem. The proof we’ve given relies on the existence of multiplicative inverses modulo a prime, and also goes to show that the set (1, 2, ..., p − 1) of remainders modulo a prime p, often denoted by Fp, is a field, that is a ring in which every non-zero element has a multiplicative inverse. We now go on to the proof of the two-square theorem. Theorem. (Fermat) Let p be a prime number of the form 4n + 1. Then p is expressible as the sum of the squares of two integers, i.e., p = a2 + b2 for some integers a, b. Proof. First, we put x = 1.2....(2n). Since p = 4n + 1, for some n, the congru- ences 2n+1 ≡ −2n (mod p), 2n+2 ≡ −(2n − 1) (mod p), 2n+3 ≡ −(2n − 2) (mod p), ..., 4n ≡ −1 (mod p) all hold. So, x2 ≡ 1.2.3...(2n)(−1)(−2)...(−2n) ≡ 1.2.3...(2n)(2n+1)(2n+2)...(4n) ≡ (4n)! ≡ (p−1)! ≡ −1 (mod p), by Wilson’s theorem.

So, x2 + 1 = cp for some integer c. Since all congruences are modulo p, we p 2 may assume that |x| < p and since, if x > 2 satisfies x ≡ −1 (mod p), so p does y = p − x, the bound |x| ≤ 2 for x can also be assumed without loss of generality. So, it follows that x2 + 1 < p2 and so p2 doesn’t divide x2 + 1.

Now, if p is a prime element of Z[i], then since p|x2 + 1 = (x + i)(x − i), at least one of p|x + i and p|x − i must hold. If p|x + i, then x + i = p(m + ni), for some integers m, n, implying that x = pm and 1 = pn. But then, x − i = p(m − ni) and so, p|x − i also. So, p2|(x + i)(x − i), i.e, p2|x2 + 1, contradicting our as- sumption. So, p can’t be a prime in Z[i].

6 So, in Z[i], p = (a + bi)(c + di), with neither of the factors a unit in Z[i]. But, if p = (a + bi)(c + di), then, on comparing real and imaginary parts, it fol- lows readily that p = (a−bi)(c−di) whence p2 = (a+bi)(a−bi)(c+di)(c−di) = (a2 + b2)(c2 + d2).

But, this means that a2 + b2 = 1, p or p2. If, however, a2 + b2 = 1, (a, b) = (1, 0) or (0,1), i.e., a + ib = 1 or i, both of which are units in Z[i], contradicting our assumption of a + bi being a non-unit.

So, a2 + b2 6= 1 and since, c + id is also a non-unit in Z[i], c2 + d2 6= 1 also holds, i.e., a2 + b2 6= p2. So, a2 + b2 6= 1 or p2 and hence a2 + b2 = p must be the case, proving the assertion of the theorem. The converse of this theorem, that is any prime expressible as the sum of two squares must be of the form 4n + 1 is true unless p = 2. That’s because any odd prime not of the form 4n + 1, i.e, not congruent to 1 modulo 4, must be congruent to 3 modulo 4 (since numbers congruent to 0 or 2 modulo 4 are always even) and, since a square is always congruent to 0 or 1 modulo 4, the sum of two squares can’t be congruent to 3 modulo 4.

5 Conclusion

Just as we proved Fermat’s theorem stating that any prime of the form 4n+1 is a sum of two squares by invoking results derived for general Euclidean domains to the ring of Gaussian integers, it can be established by invoking these very results, and slight variations thereof, to the ring of the so-called Hurwitz inte- gers or integral quarternions, that every integer is a sum of four squares. This second theorem, attributed to Lagrange, is often called the four-square theorem in number theory. The very fact that the abstract concept of the Euclidean domain, generalised from the (which, evidently, is an example of one), can lead to results deep enough to prove two such non-trivial classics in number theory, speaks volumes about the strength and necessity of the ab- straction that pervades modern mathematics.

There is also a related problem, often referred to as the Waring Problem in number theory, which asks if every integer can be expressed as a sum of a fixed number of some fixed powers of integers. There are results which tell us that any integer is a sum of nine cubes, nineteen fourth powers and so on. Most of these results can be proved by just establishing their truth in case of prime integers, from which the general case usually follows. The Waring problem has also been a topic of much research, most notably by Hilbert.

7 References

[1] I.N. Herstein, Topics in Algebra, 2nd edition, Wiley-India, 2006 [2] John Stillwell, Elements of Number Theory, Springer, 2003 [3] Michael Artin, Algebra, 2nd edition, PHI Learning, 2011 [4] J.S. Milne, , Version 3.04, April 16, 2012

8