Galois Theory

Willem A. de Graaf Contents

Preface 1

1 Galois Theory 3 1.1 How it all began ...... 3 1.1.1 Cardano and the others ...... 3 1.1.2 Lagrange ...... 4 1.1.3 Ruﬃni and Abel ...... 5 1.1.4 Galois ...... 6 1.2 Separable polynomials ...... 6 1.3 Separable, normal and Galois extensions ...... 9 1.4 The Galois correspondence ...... 12 1.5 Cyclotomic ﬁelds ...... 17 1.5.1 Cyclotomic polynomials ...... 18 1.5.2 The Galois group of a cyclotomic extension ...... 20 1.6 Solvability of polynomial equations by radicals ...... 23 1.6.1 Solvable groups ...... 23 1.6.2 Radical extensions ...... 26 1.6.3 A polynomial not solvable by radicals ...... 31 1.6.4 The discriminant of a polynomial ...... 32 1.6.5 Casus irreducibilis ...... 33

2 Applications of Galois theory 35 2.1 The fundamental theorem of algebra ...... 35 2.2 Proving that certain primitive functions are not elementary ...... 35 2.3 Galois descent ...... 41 2.4 Galois cohomology ...... 45

Index 53

Bibliography 54 Preface

Galois theory started, now about two hundred years ago, with the work of Galois (1811-1832) on root of polynomials. His goal was to give a criterion for deciding whether a given polynomial was solvable by radicals or not. The criterion he came up with involved a (for his time) new algebraic structure, namely groups. Galois introduced them to study the symmetries that exist between the roots of a polynomial. For this reason Galois theory was a very important step in the development of algebra as we know it today. Moreover the theory of Galois provided a striking example of the power of group actions. After the publication of Galois’ work (in 1846) his theory has seeen a tremendous development and is now key to understanding various areas of algebra and geometry. The theory found in Galois’ work is rather different from the way it is done nowadays. One of the reasons for this is the development that mathematics and in particular algebra has undergone since the times of Galois. When Galois was alive there was no group theory (indeed, the origin of this concept lies in his work) and almost no field or ring theory. To mention just one main difference between Galois’ and the modern approach: Galois used permutations of the roots of a polynomial, whereas nowadays we use automorphisms of a splitting field. For a thorough account of the history of the study of the roots of a polynomial we refer to the book by Tignol, [Tig01]. In these notes we describe some of the basic concepts and constructions of modern Galois theory, focusing on field extensions of finite degree. (The infinite case is very important and interesting as well, but requires a lot more technical tools.) We will need many basic results from algebra, and for these I will refer to my course notes on algebra, available at

http://www.science.unitn.it/~degraaf/algnotes/algebranotes.pdf

A reference like 3(Algebra refers to Chapter 3 of the algebra notes. The main concepts that we need from basic algebra are groups (3(Algebra) and ﬁeld extensions (Chapter 4(Algebra)). From the latter especially the concept of splitting ﬁeld (Section 4.6(Algebra)) will play a major role. There are a great many great books on Galois theory (most of them with the same title as these notes). We cannot list all of them, so we just mention [Bos18], [Cox12]. 2 CONTENTS Chapter 1

Galois Theory

We start with a very brief description of the historical roots of Galois theory; here we see how the concept and use of symmetry has been developed.

1.1 How it all began

Galois theory is concerned with roots of polynomials. The main problem that led Galois to invent his theory was the one of ﬁnding radical expressions for the roots of a polynomial (or proving that no such expressions can be found). This problem has a rather long history as demonstrated by certain clay tablet dating back to at least 1500 BC, and found in current Iraq:

This shows that the ancient Babylonians knew how to solve an equation of degree two, in modern notation: x2 + bx + c = 0. Given this knowledge the question comes up whether we can ﬁnd formulas for the roots of polynomials of higher degree, for example of degree three: x3 + ax2 + bx + c = 0. The history regarding those equations starts rather spectacularly in the italian renaissance.

1.1.1 Cardano and the others In the sixteenth century mathematicians from northern Italy found magnificent formulas for finding the roots of polynomial equations of degree three and four. The main players in this story are Scipione del Ferro (1465-1526, from Bologna), NicolòFontana, called il Tartaglia (1499-1557, from Brescia) and Girolamo Cardano (1501-1576, from Milano).

Scipione del Ferro Nicol`oTartaglia Girolamo Cardano 4 Galois Theory

Scipione del Ferro was the first to find a formula for the roots of polynomials of degree 3. However, he did not publish it in any form, preferring to keep his discovery to himself, written down in a little notebook. Apparently the mathematicians of those days had a bit of a habit to keep their discoveries to themselves. The reason for this tendency to secrecy was that they often tried to impress other people with their mathematical skill, and even fought mathematical duels between each other. It is clear that the person with more secrets was more likely to excell at such events. However, in the centuries after del Ferro’s death his notebook was lost, so we do not know exactly what he discovered. Before he passed away del Ferro revealed the secret of his formula for the cubic equation to a student of his, Antonio Maria del Fiore. Antionio del Fiore went round in mathematical circles bragging about his knowledge. Tartaglia, who was interested in the problem of solving cubic equations himself, heard about it, and accepted a cartello di matematica disfida from Antonio del Fiore. This was a mathematical duel where each contestant gave thirty mathematical problems to his opponent. The winner would be the one who managed to solve more problems. Tartaglia proposed thirty problems of various nature, whereas del Fiore wrote down thirty cubic equations. However, in the meantime Tartaglia had on his own discovered the formula for solving the cubic, so he easily won the contest. At around that time Girolamo Cardano was writing a book, called the Ars Magma (or in full Artis Magnae, Sive de Regulis Algebraicis Liber Unus), on algebra. He learned about the contest won by Tartaglia and was very keen on including the formula for the cubic in his book. However, Tartaglia, like Scipione del Ferro, wanted to keep the secret to himself, and only revealed the formula to Cardano when the latter promised not to publish it. Lodovico Ferrari (1522-1565), who was a collaborator of Cardano, then also found a way to solve equations of degree four. One step of his method consisted in solving an equation of degree 3. So without Tartaglia’s formula Cardano and Ferrari could not publish their new discovery either. At this point Cardano and Ferrari recalled the contest with Antionio del Fiore, who had obtained the solution to the cubic from his bolgnese master Scipione del Ferro. They went to Bologna where they found del Ferro’s notebook that had been kept by Annibale della Nave, who was his successor at the university of Bologna. Because he had now found the formula also from a different source, Cardano found that he was no longer bound by the promise made to Tartaglia and published the formulas for the cubic and quartic equations in his Ars Magna. Cardano did write that the formulas for the cubic were due to del Ferro and Tartaglia. But the latter was extremely annoyed just the same.

1.1.2 Lagrange After the publication of the Ars Magna the obvious question arose whether a formula could be found to solve equations of degree 5. The ﬁrst to systematically investigate this question was Joseph-Louis Lagrange (1736-1813)

Joseph-Louis Lagrange

who in his great book Réflexionssur la résolutionalgébriquedes équations devised a method for solving polynomial equations of arbitrary degree. For degrees 2,3,4 his method yielded the known formulas, but for degree 5 the method failed. Here we have a short look at Lagrange’s method. Consider, for example, an equation of degree 3, 3 2 x + ax + bx + c = 0. Let α1, α2, α3 be its solutions. Lagrange considered symmetric expressions in these αi; these are polynomials in the αi that remain invariant when we permute the αi. For example

2 2 α1α2α3 + α1α2α3 1.1 How it all began 5

is not symmetric because if we interchange α1, α2 the expression becomes

2 2 2 2 α2α1α3 + α2α1α3 = α1α2α3 + α1α2α3 which is not equal to the original expression. On the other hand,

4 4 4 α1α2α3 + α1α2α3 + α1α2α3 is symmetric. A fundamental fact concerning these symmetric expressions (known before Lagrange) is the following: a symmetric expression in α1, α2, α3 can be computed as a polynomial in a, b, c. For example, 4 4 4 3 2 α1α2α3 + α1α2α3 + α1α2α3 = a c − 3abc + 3c . √ −1+ −3 3 Now let ω = 2 , then ω ∈ C has the property ω 6= 1 but ω = 1. Set 1 2 z1 = 3 (α1 + ωα2 + ω α3) 1 2 z2 = 3 (α1 + ωα3 + ω α2) 1 2 z3 = 3 (α2 + ωα1 + ω α3) 1 2 z4 = 3 (α2 + ωα3 + ω α3) 1 2 z5 = 3 (α3 + ωα1 + ω α2) 1 2 z6 = 3 (α3 + ωα2 + ω α1),

and define the so called resolvent polynomial r = (x − z1)(x − z2)(x − z3)(x − z4)(x − z5)(x − z6). Because permuting the αi means that we permute the zi it follows that the coefficients of r are symmetric expressions in the αi. In particular, they can be expressed as polynomials in a, b, c. In fact, 6 3 p3 2a3 ab a2 a small calculation shows that r = x + qx − 27 where q = 27 − 3 + c and p = − 3 + b. We see that by some miracle r has a form that it makes it easy to find its roots: it is a quadratic polynomial 3 in x . So by finding its roots we find the zj and from there we can find the αi. This then yields the same formulas as found by del Ferro and Tartaglia. One of the main reasons why Lagrange’s method is important is his use of symmetric expressions. It is one of the the first occasions that symmetry, understood as invariance under some transformations (in this case they are permutations of the roots) is used in a systematic way.

1.1.3 Ruﬃni and Abel

Paolo Ruﬃni Niels Henrik Abel

Paolo Ruffini (1765-1822) was an italian mathematician and medical doctor. In 1799 he published a book, entitled Teoria generale delle equazioni, with a proof of the impossibility of resolving equations of degree five by radicals. He sent a copy of the book to Lagrange but never received an answer. His argument was a valid attempt at proving the impossibility of resolving the quintic, but in the end it was not quite correct. Niels Henrik Abel (1802-1829) was a norwegian mathematician who in 1824 gave the first fully accepted proof that it is not possible to solve the quintic by radicals. He used a similar strategy as Ruffini and essentially closed the gap in Ruffini’s proof. Abel, like Lagrange, used permutations of the 6 Galois Theory roots of a general equation of degree 5. One essential step in his proof was the following fact (stated in modern language): let the symmetric group S5 act on the set X, then the orbit of an x ∈ X cannot have 3 or 4 elements.

1.1.4 Galois

Evariste´ Galois

Evariste´ Galois (1811-1832) was a french mathematician and revolutionary. He died in a duel, of which the circumstances are not exactly known, at the age of 20. By that time he had written a paper entitled Mémoire sur les conditions de résolubilitédes équationspar radicaux on the problem of solving polynomial equations by radicals. He submitted several versions of it to the french academy of sciences, but some were lost and the final one, submitted in 1831, was rejected on the grounds that it was hard to read and did not have a criterion that could easily be applied to a given polynomial. (In fact, in order to apply the theory of Galois to a polynomial one first has to compute its splitting field, which can be rather difficult.) When Galois started to work on solving polynomial equations he probably considered the question as to the solvability of the general equation of degree 5 as closed (and settled by Abel). However, there obviously are polynomials of degree 5 that can be solved by radicals; for a trivial example consider x5 − 2. So Galois considered a different question: when is a given polynomial solvable by radicals? In his solution he went far beyond the mathematics of people such as Lagrange and Abel. For example, Lagrange had considered all permutations of the roots of a polynomial, but one of the main results of Galois was that there is a group Gf of permutations of the roots of a polynomial f such that 1) every expression in the roots that is invariant under these permutations is rational (that is, lies in Q), 2) every expression in the roots that is rational is invariant under these permutations. It is important to remark here that Galois used a notion of invariance different from Lagrange’s: while Lagrange was only considered with the form of an expression (that is, he saw them as expressions in formal indeterminates), Galois was concerned with the value of the expression (i.e., the exact numerical value). In 1842, so ten years after Galois’ death, Joseph Liouville somehow received Galois’ papers and started reading them. A year later he communicated to the french academy that he would publish the work of Galois, which he did in 1846.

1.2 Separable polynomials

Let F be a field and f ∈ F [x] an irreducible polynomial. Then we say that f is separable if the roots of f in a splitting field of f all have multiplicity one (in other words, when f has exactly deg f distinct roots in its splitting field). Because two different splitting field of f are isomorphic via an isomorphism whose restriction to F is the identity (Corollary 4.6.8(Algebra)), this notion does not depend on the choice of splitting field. More generally we say that a not necessarily irreducible f ∈ F [x] is separable if its irreducible factors are separable.

Remark 1.2.1 Opinion seems to be divided as to what the best definition of separability for reducible polynomials should be. Many authors use a simpler definition, and define a polynomial to be separable if it has roots of multiplicity one in its splitting field. With this definition the polynomial x4 + 2x3 + 2 2 2 3x + 2x + 1 ∈ Q[x] is not separable as it is equal to (x + x + 1) , whereas with our definition it 1.2 Separable polynomials 7 is separable. This difference usually does not lead to confusion, because the only polynomials whose separability is of interest are the irreducible ones. There is a simple criterion for deciding whether a given polynomial is separable or not based on Lemma 4.7.2(Algebra). Let f ∈ F [x] be irreducible and suppose that it is not separable. Then the mentioned lemma says that f and f 0 have a common root. That means that gcd(f, f 0) (which lies in F [x]!) has degree at least 1. As f is irreducible that implies that f = gcd(f, f 0). Hence f divides f 0 0 m which, because of their respective degrees, is only possible when f = 0. Write f = a0+a1x+···+amx ; 0 m−1 0 then f = a1 + 2a2x + ··· + mamx . So f = 0 if and only if iai = 0 for i ≥ 1. That implies that the characteristic of F is a prime p > 0 and ai = 0 whenever p does not divide i. In other words, we have p kp f = a0 + apx + ··· + akpx , that is f is a polynomial in xp. This shows one implication of the following lemma.

Lemma 1.2.2 Let F be a ﬁeld and let f ∈ F [x] be irreducible. Then f is not separable if and only if the characteristic of F is a prime p and f is a polynomial in xp. Proof. We still need to prove the other direction. Suppose that the characteristic of F is a prime p and f is a polynomial in xp. Then f 0 = 0. Consider a root α of f in a splitting ﬁeld E. Then f = (x−α)g for some g ∈ E[x]. Hence f 0 = g +(x−α)g0 and as f 0 = 0 it follows that f = −(x−α)2g0, so that f is not separable. 2

4 2 Remark 1.2.3 We expand a little on remark 1.2.1. Consider f = x + x + 1 ∈ F2[x]. This is a polynomial in x2, but f = (x2 + x + 1)2 so f is reducible. Now x2 + x + 1 is not a polynomial in x2 so it is separable. Therefore, according to our definition, f is separable as well. The following rather technical theorem will play an important role for us. In flavour it is similar to the theorem that says that two splitting fields are isomorphic (Theorem 4.6.7(Algebra)). Also in this case we start with two base fields F , F that are isomorphic via the map a 7→ a¯. But now, on the left we do not take a splitting field but an extension of F of the form E = F (α1, . . . , αn). On the right we take a field L such that the minimal polynomial of each αi splits into linear factors over L (or, equivalently, such that L contains a splitting field of the product of these polynomials). The theorem counts the number of injective field homomorphisms σ : E → L that extend a 7→ a¯. From Section 4.6(Algebra) we recall that the isomorphism F → F extends to an isomorphism F [x] → F [x], f 7→ f¯.

Theorem 1.2.4 Let F ⊂ M be fields and let α1, . . . , αn ∈ M be algebraic over F . Let fi ∈ F [x] be the minimal polynomial of αi. We suppose that each fi is separable. Let E = F (α1, . . . , αn) and let L ⊃ F be an extension such that each f¯i splits into linear factors over L. Then the number of injective field homomorphisms σ : E → L¯ with σ(a) =a ¯ for a ∈ F is exactly [E : F ]. Proof. We prove this theorem by induction on n. If n = 0 then E = F so there exists only one σ (given by σ(a) =a ¯ for a ∈ F ) and [E : F ] = 1. So the statement is trivial in this case. Now let α1, . . . , αn+1 ∈ M be algebraic over F with separable minimal polynomials f1, . . . , fn+1. Let E = F (α1, . . . , αn+1) and let L ⊃ F be an extension containing a splitting field of f¯1 ··· f¯n+1. First note that f¯1 ∈ F [x] is separable as well (this follows immediately from Lemma 1.2.2). So it has t = deg f1 distinct roots β1, . . . , βt ∈ L. By Lemma 4.6.6(Algebra) for 1 ≤ i ≤ t we have a unique injective homomorphism ψi : F (α1) → L with ψi(a) =a ¯ for a ∈ F and ψi(α1) = βi. Let A = {σ : E → L | σ is an injective field homomorphism and σ(a) =a ¯ for all a ∈ F }. t Let σ ∈ A and write f1 = a0 + a1x + ··· + atx with ai ∈ F . Then t f¯1(σ(α1)) =a ¯0 +a ¯1σ(α1) + ··· +a ¯tσ(α1) t = σ(a0) + σ(a1)σ(α1) + ··· + σ(at)σ(α1) t = σ(a0 + a1α1 + ··· + atα1) = σ(f1(α1)) = σ(0) = 0. 8 Galois Theory

It follows that σ(α1) = βi for a certain i. Therefore the restriction of σ to F (α1) is equal to a ψi. So A = A1 ∪ · · · ∪ At (disjoint union) where

Ai = {σ ∈ A | σ|F (α1) = ψi}.

Let g2, . . . , gn+1 ∈ F (α1)[x] be the minimal polynomials of respectively α2, . . . , αn+1 over F (α1). Then gj divides fj (4.3.4(Algebra)). Hence if we letg ˆj be the image of gj under ψi, theng ˆj divides f¯j. We see that L is an extension of F (βi) such that the polynomialsg ˆ2,..., gˆn+1 split into linear factors over L. So by induction we have |Ai| = [E : F (α1)]. Hence

|A| = |A1| + ··· + |At|

= [E : F (α1)] + ··· + [E : F (α1)]

= t[E : F (α1)] = [E : F (α1)][F (α1): F ] = [E : F ]

(by the degree formula, Theorem 4.3.3(Algebra)). 2

√ √ 4 Example 1.2.5 Let i = −1 ∈ C and ω = 2 ∈ R. Using the degree formula (Theorem 4.3.3(Alge- bra)) one sees that [Q(i, ω): Q] = 8. So by the previous theorem it follows that there are 8 injective ﬁeld homomorphisms σ : Q(i, ω) → Q(i, ω) with σ(a) = a for all a ∈ Q. Let σ be such a homomorphism. Viewing Q(i, ω) as an 8-dimensional vector space over Q we have that σ is a linear map. But as σ is injective it has to be surjective as well. It follows that σ is an automorphism. We can actually describe all these automorphisms. For that note that an automorphism σ : Q(i, ω) → Q(i, ω) with σ(a) = a for a ∈ Q is uniquely determined by the values σ(i), σ(ω). But σ(i) has to be a root of x2 + 1 and σ(ω) is a root of x4 − 2. In other words, σ(i) can be ±i and σ(ω) can be ±ω, ±iω. So we have 8 choices for the pair (σ(i), σ(ω)). Because we need 8 automorphisms it follows that each of these choices yields an automorphism. Note that without using Theorem 1.2.4 we would only be able to conclude that we have at most 8 automorphisms. To prove that we have exactly 8 of them (without using the theorem) would involve checking that each choice in fact deﬁnes an automorphism, a rather laborious task.

Lemma 1.2.6 Let E ⊃ F be a field extension of finite degree. Then E is not equal to the union of a finite number of fields E1,...,Es with F ⊂ Ei ( E.

∗ ∗ Proof. If E is finite then E is a cyclic group (Proposition 3.7.9(Algebra)). Also each Ei is a cyclic group. Because these are strictly smaller, they cannot contain an element of order |E∗|. So the lemma follows in this case. Now suppose that E is infinite and write [E : F ] = n. Then E is an n-dimensional vector space over F and the Ei are finite dimensional subspaces. Let α1, . . . , αn be a basis of E over F . Each Ei is contained in a (generally not unique) (n − 1)-dimensional subspace Vi ⊂ E. Since Vi has codimension 1, there are ei,1, . . . , ei,n ∈ F such that

Vi = {a1α1 + ··· + anαn | ai ∈ F, ei,1a1 + ··· + ei,nan = 0}.

P In other words, if hi = ei,1x1 + ··· + ei,nxn ∈ F [x1, . . . , xn], then Vi consists of those i aiαi such P that hi(a1, . . . , an) = 0. let h = h1 ··· hs. Then h(a1, . . . , an) = 0 if and only if i aiαi lies in the union of the Vi. But h is not the zero polynomial. So since F is inﬁnite, there are b1, . . . , bn ∈ F with P h(b1, . . . , bn) 6= 0. But then i biαi lies outside the union of the Vi, hence outside the union of the Ei. 2

Theorem 1.2.7 (Primitive Element Theorem) Let F ⊂ M be ﬁelds and α1, . . . , αn ∈ M algebraic over F . Set E = F (α1, . . . , αn). Suppose that the minimal polynomial of each αi is separable. Then there is an α ∈ E such that E = F (α). 1.3 Separable, normal and Galois extensions 9

Proof. Let fi be the minimal polynomial of αi over F . Let L be an extension of F containing a splitting ﬁeld of each fi over F . According to Theorem 1.2.4 there are t = [E : F ] injective ﬁeld homomorphisms σi : E → L with σi(a) = a for a ∈ F (for 1 ≤ i ≤ t). For 1 ≤ i < j ≤ t set

Ei,j = {α ∈ E | σi(α) = σj(α)}.

These are proper subﬁelds of E. So by Lemma 1.2.6 there is an α ∈ E lying outside all Ei,j, i.e., such that σi(α) 6= σj(α) for i 6= j. In other words, σ1(α), . . . , σt(α) are all distinct. Let f be the minimal polynomial of α. Then a small calculation (very similar to the one performed in the proof of Theorem 1.2.4) shows that σi(α) is a root of f. Hence deg(f) ≥ t. So [F (α): F ] ≥ t. But as [E : F ] = t and F (α) ⊂ E it follows that F (α) = E. 2

An α ∈ E as in the theorem is called a primitive element of E. Note that in the case of a ﬁnite ﬁeld this term is used for elements with a substantially stronger property (they have to generate the multiplicative group E∗, Section 4.7.3(Algebra)). √ √ √ √ √ √ Example 1.2.8 Let E = Q( 2, 3). Then also E = Q( 2 + 3), so 2 + 3 is a primitive element of E.

Remark 1.2.9 From the proof of the primitive element theorem we see that if α ∈ E is such that σ1(α), . . . , σt(α) are distinct, then α is a primitive element. Consider for example the ﬁeld Q(i, ω) from Example 1.2.5. Let α = i + ω. Then the images of α are ±i ± ω, ±i ± iω. These are all distinct, hence α is a primitive element.

1.3 Separable, normal and Galois extensions

A ﬁeld extension E ⊃ F is said to be algebraic if every element of E is algebraic over F . We leave it as an exercise to show that extensions of ﬁnite degree are automatically algebraic.

Deﬁnition 1.3.1 Let E ⊃ F be an algebraic ﬁeld extension. This extension is called

separable if the minimal polynomial of every element of E over F is separable,

normal if every irreducible polynomial in F [x] that has one root in E splits as a product of linear factors over E (that is, has all its roots in E),

Galois if it is both separable and normal.

Let E be a ﬁeld then we let Aut(E) be the set of all ﬁeld automorphisms of E. This set is called the automorphism group of E. We note that with respect to the composition of functions Aut(E) is indeed a group because

composition of functions is associative,

the identity map is an automorphism, and serves as neutral element of Aut(E),

if σ, τ are automorphisms of E then σ ◦ τ is an automorphism as well (so Aut(E) is closed under composition),

if σ is an automorphism of E then so is its inverse σ−1 (indeed, let α, β ∈ E; then there are α0, β0 ∈ E with α = σ(α0), β = σ(β0) and hence σ−1(α + β) = σ−1(σ(α0) + σ(β0)) = σ−1(σ(α0 + β0)) = α0 + β0 = σ−1(α) + σ−1(β) and in the same way, σ−1(αβ) = σ−1(α)σ−1(β)).

Example 1.3.2 Consider the ﬁeld Q(i, ω) as in Example 1.2.5. Let σ be an automorphism of Q(i, ω). It is straightforward to see that σ(a) = a for a ∈ Q (this essentially follows from σ(1) = 1). So from Example 1.2.5 it follows that Aut(Q(i, ω)) has 8 elements. These are described in the mentioned 10 Galois Theory example. More in detail, we have Aut(Q(i, ω)) = {σ1, . . . , σ8} where σj(i), σj(ω) are as in the following table σ1 σ2 σ3 σ4 σ5 σ6 σ7 σ8 i i i i i −i −i −i −i ω ω iω −ω −iω ω iω −ω −iω

We can use this to compute product relations between the σj. For example, σ4σ7(i) = σ4(σ7(i)) = σ4(−i) = −i and σ4σ7(ω) = σ4(σ7(ω)) = σ4(−ω) = iω; it follows that σ4σ7 = σ6. Also σ7σ4(i) = σ7(i) = −i and σ7σ4(ω) = σ7(−iω) = σ7(−i)σ7(ω) = i · −ω = −iω; so that σ7σ4 = σ8. Continuing like this we can complete the multiplication table:

σ1 σ2 σ3 σ4 σ5 σ6 σ7 σ8 σ1 σ1 σ2 σ3 σ4 σ5 σ6 σ7 σ8 σ2 σ2 σ3 σ4 σ1 σ6 σ7 σ8 σ5 σ3 σ3 σ4 σ1 σ2 σ7 σ8 σ5 σ6 σ4 σ4 σ1 σ2 σ3 σ8 σ5 σ6 σ7 σ5 σ5 σ8 σ7 σ6 σ1 σ4 σ3 σ2 σ6 σ6 σ5 σ8 σ7 σ2 σ1 σ4 σ3 σ7 σ7 σ6 σ5 σ8 σ3 σ2 σ1 σ4 σ8 σ8 σ7 σ6 σ5 σ4 σ3 σ2 σ1 Let E be a ﬁeld and let G ⊂ Aut(E) be a subgroup. Then we set

EG = {α ∈ E | σ(α) = α for all σ ∈ G}.

It is straightforward to see that this is a subﬁeld of E. So we have an extension E ⊃ EG.

Lemma 1.3.3 Let E be a ﬁeld, G ⊂ Aut(G) a ﬁnite subgroup and F = EG. Furthermore, for α ∈ E set Aα = {σ(α) | σ ∈ G}. Then the minimal polynomial of α over F is Y (x − β).

β∈Aα

In particular, E/F is algebraic.

Proof. For τ ∈ G we deﬁneτ ˜ : E[x] → E[x] by

m m τ˜(a0 + ··· + amx ) = τ(a0) + ··· + τ(am)x .

It is straightforward to see thatτ ˜ is a ring automorphism (that is, it is bijective and respects multiplication and addition). Let Y g = (x − β).

β∈Aα Q Thenτ ˜(g) = β(x − τ(β)). As G is a group we have that {τσ | σ ∈ G} = G. Hence {τ(β) | β ∈ m Aα} = Aα. Soτ ˜(g) = g, and writing g = a0 + ··· + amx it follows that τ(ai) = ai for all i. As this G holds for all τ ∈ G we get that ai ∈ E = F . In other words, g ∈ F [x]. Since α ∈ Aα we see that g(α) = 0. Hence α is algebraic over F . Let f ∈ F [x] be its minimal m polynomial. By Proposition 4.3.4(Algebra), f divides g. Writing f = b0 + ··· + bmx with bi ∈ F , we compute for σ ∈ G,

m m f(σ(α)) = b0 + b1σ(α) + ··· + bmσ(α) = σ(b0 + ··· + bmα ) = σ(f(α)) = 0.

(Where we use that σ(a) = a for all a ∈ F .) Hence all β ∈ Aα are roots of f and therefore g divides f. Because both polynomials are monic we have f = g. 2 1.3 Separable, normal and Galois extensions 11

Example 1.3.4 Consider the ﬁeld Q(i, ω) as in Examples 1.2.5, 1.3.2. Let G = Aut(E), then as we G will see later we have E = Q. Let α = i + ω. By using the description of the automorphisms in Example 1.2.5 we see that Aα consits of ±i ± ω, ± i ± iω.

So Aα has 8 elements and therefore the minimal polynomial of α has degree 8. In particular α is a primitive element. Now let β = ω + iω. Then Aβ consists of the elements ±ω ± iω. It has four elements and therefore the minimal polynomial of ω + iω has degree 4.

Proposition 1.3.5 Let E be a field, G ⊂ Aut(E) a finite subgroup and F = EG. Then E/F is a Galois extension and [E : F ] = |G|. Proof. Let α ∈ E. By Lemma 1.3.3 we see that its minimal polynomial splits into linear factors over E and that its roots all have multiplicity one. It follows that E/F is normal and separable, and hence Galois. For the second statement, we note that [E : F ] = 1 if and only if G consists just of the identity (as F = EG). So we may assume that [E : F ] > 1 and |G| > 1. Now define a sequence α1, α2,... ∈ E in the following way. We let α1 ∈ E \ F . Suppose that α1, . . . , αm are defined. If F (α1, . . . , αm) = E then the sequence stops, otherwise we let αm+1 be any element of E \ F (α1, . . . , αm). We note that [F (α1, . . . , αn): F ] is finite as all αi are algebraic over F . Secondly, by the degree formula,

[F (α1, . . . , αn+1): F ] = [F (α1, . . . , αn+1): F (α1, . . . , αn)][F (α1, . . . , αn): F ].

Because αn+1 6∈ F (α1, . . . , αn) we have that the ﬁrst factor is greater than 1. Hence we see that

[F (α1, . . . , αn+1): F ] > [F (α1, . . . , αn): F ].

On the other hand, by the theorem of the primitive element (Theorem 1.2.7) there are βn ∈ E such that F (α1, . . . , αn) = F (βn). However, by Lemma 1.3.3 the minimal polynomial of βn has degree at most |G|. Hence [F (βn): F ] ≤ |G| and we see that the sequence is ﬁnite. In particular, E = F (α1, . . . , αk) = F (βk), for a certain k. As just noted, this also implies that [E : F ] ≤ |G|. In the same way as in the proof of Theorem 1.2.7 we see that there is a β ∈ F such that σ(β) 6= τ(β) for σ, τ ∈ G, σ 6= τ. By Lemma 1.3.3 the minimal polynomial of β has degree |G|. It follows that also [E : F ] ≥ |G|. 2

For a ﬁeld extension E/F we deﬁne its Galois group as

Gal(E/F ) = {σ ∈ Aut(E) | σ(a) = a for all a ∈ F }.

Let σ, τ ∈ Gal(E/F ). It is obvious that σ(τ(a)) = a for a ∈ F , so that στ ∈ Gal(E/F ) as well. Applying σ−1 to the equality σ(a) = a we see that also σ−1 ∈ Gal(E/F ). The identity obviously lies in Gal(E/F ). Hence the latter is a subgroup of Aut(E).

Remark 1.3.6 Let E/F be an extension of finite degree. Then Gal(E/F ) is a finite group. Indeed, let α1, . . . , αn be a basis of E over F . Then a σ ∈ Gal(E/F ) is completely determined by the values σ(αi) for 1 ≤ i ≤ n. But each αi is algebraic over F and σ(αi) is a root of the minimal polynomial of αi over F . Therefore σ(αi) can only take a finite number of values. Hence there are only a finite number of possible σ.

Theorem 1.3.7 Let E/F be an extension of ﬁnite degree and set G = Gal(E/F ). The following are equivalent:

(i) E/F is a Galois extension, 12 Galois Theory

(ii) E is the splitting ﬁeld over F of a separable f ∈ F [x],

(iii)[ E : F ] = |G|,

(iv) F = EG.

Proof. Suppose that E/F is Galois, that is, separable and normal. Because E/F is of finite degree there are α1, . . . , αn ∈ E with E = F (α1, . . . , αn). But then by Theorem 1.2.7 there is an α ∈ E with E = F (α). Let f ∈ F [x] be its minimal polynomial. As E/F is normal, f splits into linear factors over E. So E contains a splitting field of f over F . Obviously this splitting field must contain α and therefore is equal to F (α) = E. Next suppose that (ii) holds. We use Theorem 1.2.4 with F = F ,a ¯ = a for all a ∈ F , L = E. Note that an injective field homomorphism E → E is automatically an isomorphism (indeed: we only need to show surjectivity, but the image of the map is a subspace of E of the same dimension as E, therefore it is equal to E). Hence the conclusion of the theorem translates to |G| = [E : F ]. Suppose that (iii) holds. Set K = EG. From the definition of Galois group we see that F ⊂ K. By Proposition 1.3.5 we see that [E : K] = |G|. So by applying the degree formula (Theorem 4.3.3(Algebra)) we get [K : F ] = 1 implying K = F . Finally, by Remark 1.3.6 we have that G is finite. So it is immediate from Proposition 1.3.5 that (iv) implies (i). 2

Example 1.3.8 Consider the ﬁeld Q(i, ω) as in Examples 1.2.5, 1.3.2, 1.3.4. From these examples it immediately follows that |Gal(Q(i, ω)/Q| = 8 = [Q(i, ω): Q]. Hence it is a Galois extension. In fact, 4 Q(i, ω) is a splitting ﬁeld of x − 2 over Q.

1.4 The Galois correspondence

The Galois correspondence is the main technical tool for applications of Galois groups, linking, as it does, the intermediate fields of a field extension to the subgroup structure of its Galois group. Let E/F be an extension of fields. Let K be a field with F ⊆ K ⊆ E. Then we say that K is an intermediate field of the extension E/F . If it is clear with which extension we are working then we also simply say that K is an intermediate field.

Remark 1.4.1 Let E/F be a Galois extension of finite degree, and let K be an intermediate field. Then E/K is a Galois extension as well. This can be seen in several ways. We do it just by using the definition of Galois extension. Let f ∈ K[x] be irreducible with a root α ∈ E. Because E is of finite degree over F we have that α is algebraic over F . Let g be its minimal polynomial ovcer F . Then f divides g by Proposition 4.3.4(Algebra) But E/F is normal, hence g splits as a product of linear factors over E. Hence the same is true for f. Furthermore, g is separable, hence f is separable as well.

Lemma 1.4.2 Let E/F be a Galois extension of ﬁnite degree and set G = Gal(E/F ).

(i) Let H ⊂ G be a subgroup and set K = EH . Then K is an intermediate ﬁeld and Gal(E/K) = H.

(ii) Let K be an intermediate ﬁeld and set H = Gal(E/K). Then H is a subgroup of G and K = EH .

Proof. By definition of Galois group we have F ⊂ K so that K is an intermediate field. By Proposition 1.3.5 we see that [E : K] = |H|. By Theorem 1.3.7(iii) we see that [E : K] = |Gal(E/K)|. From the definition of Galois group it is immediate that H ⊂ Gal(E/K). Hence |H| = |Gal(E/K)| shows that H = Gal(E/K). It is obvious that H in (ii) is a subgroup of G. By part (iv) of Theorem 1.3.7 we conclude that K = EH . 2 1.4 The Galois correspondence 13

Theorem 1.4.3 (Galois correspondence) Let E/F be a Galois extension of ﬁnite degree and set G = Gal(E/F ). Deﬁne

A = { subgroups H of G } B = { ﬁelds K with F ⊆ K ⊆ E }.

Then we have bijective maps α : A → B, β : B → A given by α(H) = EH , β(K) = Gal(E/K). We have that α, β are each other’s inverses and they invert the inclusion relation, that is

H1 H2 H1 ⊂ H2 =⇒ E ⊃ E

K1 ⊂ K2 =⇒ Gal(E/K1) ⊃ Gal(E/K2).

Proof. From Lemma 1.4.2(i) we see that β(α(H)) = H and Lemma 1.4.2(ii) states that α(β(K)) = K. This also immediately implies that α, β are bijective. H For the last statement, suppose that H1 ⊂ H2 and let α ∈ E 2 . Then σ(α) = α for all σ ∈ H2. H Hence σ(α) = α for all σ ∈ H1, so that α ∈ E 1 . The second implication is shown in an analogous manner. 2

The bijective maps of the theorem are together called the Galois correspondence. With this correspondence it is possible to translate field theoretical problems to group theoretical problems. It has proved to be an extremely potent tool in a number of contexts. An immediate question is the following. Let’s fix a property P of (sub-) groups, and take the set of all subgroups of a given Galois group that have P ; is it possible to characterize the intermediate fields corresponding to these subgroups? (An analogous question can be formulated by starting with a property of intermediate fields.) The next proposition has the answer to this question (and a bit more) when P is the property to be a normal subgroup. Subgroups of this kind turn out to correspond to intermediate fields that are stable.

Deﬁnition 1.4.4 Let E/F be a Galois extension and G = Gal(E/F ). An intermediate ﬁeld K (so we have F ⊆ K ⊆ E) is said to be stable if for all σ ∈ G and α ∈ K we have σ(α) ∈ K (in other words, if σ sends K to K).

Proposition 1.4.5 Let E/F be a Galois extension of ﬁnite degree and G = Gal(E/F ). Let H ⊂ G be a subgroup and K = EH the corresponding intermediate ﬁeld. The following are equivalent

(i) H is a normal subgroup,

(ii) K is a stable intermediate ﬁeld,

(iii) K/F is a Galois extension.

Furthermore, if one of these (and hence all three) conditions is satisﬁed then Gal(K/F ) =∼ G/H.

Proof. Suppose that H is normal and let α ∈ K, σ ∈ G. Then for τ ∈ H we have σ−1τσ ∈ H so that σ−1τσ(α) = α, which is the same as τ(σ(α)) = σ(α). Since this holds for all τ ∈ H it follows that σ(α) ∈ K. We conclude that K is stable. We show that (ii) implies (iii). So suppose that K is stable and set G = Gal(K/F ). We will show that KG = F . Because K is stable we can restrict a σ ∈ G to K and immediately get that G G σ|K : K → K is an element of G. Suppose that K ) F and let a ∈ K , a 6∈ F . Then because E/F is a Galois extension it follows that there is a σ ∈ G with σ(a) 6= a. But then σ|K is an element of G not leaving invariant a. This is a contradiction and it follows that KG = F . By Theorem 1.3.7 we see that K/F is Galois. Now suppose that (iii) holds, i.e., K/F is Galois. We want to show (i), but in order to do that we ﬁrst show (ii). Let α ∈ K and σ ∈ G. Let f ∈ F [x] be the minimal polynomial of α. Then σ(α) is a root of f as well. Now f is an irreducible polynomial in F [x] having a root in K, so as K/F is normal 14 Galois Theory it follows that f splits into linear factors over K. In particular σ(α) ∈ K as well, and we see that K is stable. Because of this we can deﬁne a group homomorphism

Ψ: G → Gal(K/F ), Ψ(σ) = σ|K . (Note that it is obvious that this is a group homomorphism.) We consider its kernel. A σ ∈ G lies in ker Ψ if and only if σ(α) = α for all α ∈ K. But that is the same as saying that σ ∈ Gal(E/K). By the Galois correspondence the latter is equal to H. We see that ker Ψ = H and therefore H is a normal subgroup of G (Theorem 3.4.7(Algebra)). Finally, suppose that the three conditions are satisﬁed. Again we consider the homomorphism ∼ |G| Ψ. Again using Theorem 3.4.7(Algebra) we see that Ψ(G) = G/N so that |Ψ(G)| = |H| . On the other hand, by the degree formula (Theorem 4.3.3(Algebra)) we have [E : F ] = [E : K][K : F ]. Furthermore, [E : F ] = |G|,[E : K] = |H|,[K : F ] = |Gal(K/F )| by Theorem 1.3.7. Hence |Ψ(G)| = |Gal(K/F )| from which it follows that Ψ(G) = Gal(K/F ). By Theorem 3.4.7(Algebra) we conclude that G/H =∼ Gal(K/F ). 2

Example 1.4.6 Consider the field Q(i, ω) as in Example 1.3.8. In that example we have observed that it is a Galois extension of degree 8 of Q. In Example 1.3.2 we determined the multiplication table of Gal(Q(i, ω)). Now we first find all its subgroups and then the corresponding intermediate fields. For finding the subgroups of a group we use the following observations: The order of a subgroup of a finite group G divides the order of G (Corollary 3.2.7(Algebra)). Let g be an element of order m of a group. Then {1, g, g2, . . . , gm−1} is the smallest subgroup containing g (Lemma 3.7.2(Algebra)). Let H be a group of prime order p. Let h ∈ H, h 6= 1. Then the order of h is p and H = {1, h, . . . , hp−1} (this follows immediately from Proposition 3.7.4(Algebra)).

Write G = Gal(Q(i, ω)/Q); then |G| = 8 so that a subgroup of G can have order 1, 2, 4, 8. There is only one subgroup of order 1, namely {σ1}. Similarly, there is only one subgroup of order 8, namely G itself. For the other subgroups we need to work a bit harder. First consider the subgroups of order 2. By the observation above they have the form {σ1, τ} 2 where τ is of order 2, i.e., τ = σ1. From the table in Example 1.3.2 we immediately see that we get the subgroups {σ1, σi} for i = 3, 5, 6, 7, 8. Now we look at the subgroups of order 4. We first try to find the cyclic subgroups of order 4. For that we need elements of order 4. From the multiplication table of G we see that σ2, σ4 have order 4 (whereas σ1 has order 1 and all other elements have order 2). But the subgroups generated by these two elements are both equal to {σ1, σ2, σ3, σ4}. So we find only one cyclic subgroup of order 4. If a subgroup of order 4 is not cyclic then it is of the form {σ1, τ1, τ2, τ3} where the elements τi have order 2. (Indeed, a τi cannot have order 1 as then τi = σ1, it cannot have order 3 as 3 does not divide 4, and it cannot have order 4 as then the subgroup would be cyclic.) So we have to find all sets of three elements of order 2 lying in a subgroup of order 4. If we take τ1 = σ3, τ2 = σ5 then we see that in fact we get the subgroup {σ1, σ3, σ5, σ7}. If we take τ1 = σ3, τ2 = σ6 then we get the subgroup {σ1, σ3, σ6, σ8}. The choices τ1 = σ3, τ2 = σ7 and τ1 = σ3, τ2 = σ8 yield the subgroups that we have seen already. If we take τ1 = σ5, τ2 = σ6 then because σ5σ6 = σ4 we do not get a subgroup of order 4. Continuing like this we see that either we get a subgroup that we have already seen, or we get no subgroup at all. Concluding, we found one subgroup of order 1, five subgroups of order 2, three subgroups of order 4 and one subgroup of order 8. They are displayed, along with their inclusion relations in Figure 1.3. Now we find the intermediate field corresponding to each of these subgroups. Because σ1 is {σ } the identity we obviously have Q(i, ω) 1 = Q(i, ω). Because Q(i, ω) is a Galois extension of Q it G immediately follows that Q(i, ω) = Q (Theorem 1.3.7). For the other subgroups we can always compute the intermediate field by solving a set of linear equations. This is also illustrated below. However, we also have some tricks that sometimes help to find the corresponding intermediate field with much less effort: 1.4 The Galois correspondence 15

Figure 1.3: Subgroups of Gal(Q(i, ω)/Q).

Gal(Q(i, ω)/Q) PP PP PP PP PP PP {σ1, σ3, σ5, σ7}{σ1, σ2, σ3, σ4}{σ1, σ3, σ6, σ8} PP ¡A PP ¡A ¡ A PP ¡ A PP ¡ A PP ¡ A ¡ A PP ¡ A {σ1, σ5}{σ1, σ7}{{σ1, σ3} σ1, σ6}{σ1, σ8} X XX PP XX PP XXX PP XXX PP XX PP XXXP {σ1}

We note the following fact, whose proof we leave as an exercise. Let E/F be a Galois extension, G = Gal(E/F ) and let H ⊂ G be a subgroup. Let K ⊂ E be an intermediate ﬁeld such that H |G| H H K ⊂ E and [K : F ] = |H| . Then K = E . So if we guess a candidate K for E and it happens to be of the correct degree over F then we have our intermediate ﬁeld.

We can start from the “ﬁeld side” and list some obvious intermediate ﬁelds, and try and identify the subgroups to which they correspond.

Now we look at the subgroups of order 2, starting with {σ1, σ3}. By looking at the action of σ3 it 2 is obvious that i is fixed. But also ω is fixed (as ω is sent to −ω). So a candidate for the intermediate√ 2 2 2 2 field is K = Q(i, ω ). For its degree we have [K : Q] = [K : Q(ω )] · [Q(ω ): Q]. Now ω = 2 so 2 2 2 2 [Q(ω ): Q] = 2. Furthermore, Q(ω ) ⊂ R so that x +1 has no roots in Q(ω ) and hence is irreducible 2 2 |G| in Q(ω )[x]. It follows that [K : Q(ω )] = 2 and [K : Q] = 4 which is equal to |H| . We conclude that {σ ,σ } K = Q(i, ω) 1 3 . Also the other subgroups of order 2 correspond to intermediate fields of degree 4 over Q. But we also immediately see some intermediate fields of degree 4, namely the fields Q(α) where α runs over the roots of x4 − 2. However, here ω, −ω and iω, −iω give the same fields. So we immediately have two fields, namely Q(ω) and Q(iω). By checking which order 2 subgroups leave these fields fixed we {σ ,σ } {σ ,σ } immediately get Q(ω) = Q(i, ω) 1 5 , Q(iω) = Q(i, ω) 1 7 . For the remaining two groups of order 2 it is perhaps not immediately clear to which field they belong, so we resort to linear equations. For this we first describe a basis of Q(i, ω) over Q. We have 2 3 2 that 1, ω, ω , ω is a basis of Q(ω) over Q. Since x + 1 is irreducible over Q(ω) we have that 1, i is a basis of Q(i, ω) over Q(ω). Using the argument in the proof of the degree formula (Proposition 2 3 2 3 4.3.3(Algebra)) we see that 1, ω, ω , ω , i, iω, iω , iω is a basis of Q(i, ω) over Q. Now consider the 2 3 2 3 subgroup {σ1, σ6} and let a = a1 + a2ω + a3ω + a4ω + a5i + a6iω + a7iω + a8iω with ai ∈ Q be an element of Q(i, ω). Then 2 3 2 3 σ6(a) = a1 + a2iω − a3ω − a4iω − a5i + a6ω + a7iω − a8ω .

Hence σ6(a) = a if and only if a3 = a5 = 0, a2 = a6 and a4 = −a8. It follows that

{σ1,σ6} 3 2 3 Q(i, ω) = {a1 + a2ω + a4ω + a2iω + a7iω − a4iω | ai ∈ Q}. Since the minimal polynomial of ω + iω has degree 4 (Example 1.3.4) we see that this ﬁeld is equal to Q(ω + iω). 16 Galois Theory

The subgroup {σ1, σ8} is treated similarly. Now we compute

2 3 2 3 σ8(a) = a1 − a2iω − a3ω + a4iω − a5i − a6ω + a7iω + a8ω and σ8(a) = a if and only if −a2 = a6, a3 = a5 = 0, a4 = a8. Therefore

{σ1,σ8} 3 2 3 Q(i, ω) = {a1 + a2ω + a4ω − a2iω + a7iω + a4iω | ai ∈ Q}.

Moreover, in the same way as for ω + iω it is seen that the minimal polynomal of ω − iω has degree 4 and the above field is equal to Q(ω − iω). The subgroups of order 4 correspond to intermediate fields of degree 2. For the subgroup {σ1, σ2, σ3, σ4} we immediately see that its fixed field is Q(i) (it is fixed, and has degree 2 over Q). The intermediate fields corresponding to the other two groups of order 4 can be determined by solving a set of linear equations. Consider the subgroup {σ1, σ3, σ6, σ8}, write a as above and compute

2 3 2 3 σ3(a) = a1 − a2ω + a3ω − a4ω + a5i − a6iω + a7iω − a8iω 2 3 2 3 σ6(a) = a1 + a2iω − a3ω − a4iω − a5i + a6ω + a7iω − a8ω .

Because σ8 = σ3σ6 we have that σ3(a) = σ6(a) = a implies that σ8(a) = a. So

{σ1,σ3,σ6,σ8} Q(i, ω) = {a ∈ Q(i, ω) | σ3(a) = σ6(a) = a}.

Now from the above equations we see that σ3(a) = a if and only if a2 = a4 = a6 = a8 = 0. Secondly, σ6(a) = a if and only if a3 = a5 = 0, a2 = a6 and a4 = −a8. We see that all coefficients are 0 except 2 a7 which can be chosen freely. Hence the intermediate field we are after is {a1 + a7iω | a1, a7 ∈ Q} = 2 2 Q(iω ). In the same way we see that the field corresponding to the last remaining group is Q(ω ). 2 2 Of course, if we had seen that Q(iω ), Q(ω ) are intermediate fields of degree 2, then we could have associated them directly to these groups. We can put the intermediate fields in a diagram, see Figure 1.4, obtaing the “same” picture as the one with the subgroups, with the difference that the inclusion relations go the other way. Note that the Galois correspondence implies that this figure contains all subfields of Q(i, ω), a result which is not easily obtained otherwise.

Figure 1.4: Intermediate ﬁelds of Q(i, ω)/Q.

Q PP PP PP PP PP PP 2 2 Q(ω ) Q(i) Q(iω ) PP ¡A PP ¡A ¡ A PP ¡ A PP ¡ A PP ¡ A ¡ A PP ¡ A 2 Q(ω) Q(iω) Q(i, ω ) Q(ω + iω) Q(ω − iω) X P XXX PP XX PP XXX P XX PP XX PP XXXP Q(i, ω) 1.5 Cyclotomic ﬁelds 17

Example 1.4.7 Let f = x4 − 4x2 + 2. By Eisenstein’s criterion (Theorem 2.5.14(Algebra)) f is irreducible. Hence E = Q[x]/hfi is a field (Proposition 4.4.1(Algebra)). Writing α = [x] we have that 2 3 2 3 the elements 1, α, α , α form a basis of E over Q so that E = {a0 + a1α + a2α + a3α | ai ∈ Q}. 4 2 3 3 We have f(α) = 0 or α = 4α −2. We claim that α1 = α, α2 = −α, α3 = α −3α, α4 = −(α −3α) are roots of f in E. For α1 we have already seen this. For α2 it is also obvious since f involves only 6 2 4 4 2 2 even powers of x. For α3 we first compute α = α · α = 4α − 2α = 14α − 8 and (α3 − 3α)2 = α6 − 6α4 + 9α2 = −α2 + 4 and (α3 − 3α)4 = (−α2 + 4)2 = −4α2 + 14. 4 2 So we see that indeed α3 − 4α3 + 2 = 0. Then immediately α4 = −α3 is also a root of f. It follows that E contains a splitting field of f. But since the smallest subfield of E containing Q and the αi obviously contains E itself, we see that E is a splitting field of f. Hence E/Q is a Galois extension (Theorem 1.3.7). Now we determine the Galois group Gal(E/Q). First note that a σ ∈ Gal(E/Q) is completely determined by the value of σ(α). Secondly, σ(α) must be a root of f, so we have at most four possibilities: σ(α) = αi, 1 ≤ i ≤ 4. On the other hand, because E/Q is Galois, we have |Gal(E/Q)| = [E : Q] = 4 (Theorem 1.3.7). It follows that each choice σ(α) = αi must yield an element of Gal(E/Q). We conclude that Gal(E/Q) = {σ1, σ2, σ3, σ4}, where σi(α) = αi. 3 We can compute products between the σi. For example, σ3σ3(α) = σ3(σ3(α)) = σ3(α − 3α) = (α3 − 3α)3 − 3(α3 − 3α). As seen above we have (α3 − 3α)2 = −α2 + 4, and hence (α3 − 3α)3 = (α3 − 3α)(−α2 + 4) = −α5 + 7α3 − 12α = 3α3 − 10α.

It follows that σ3σ3(α) = −α so that σ3σ3 = σ2. In an analogous manner we ﬁnd the other products, and compute the multiplication table:

σ1 σ2 σ3 σ4 σ1 σ1 σ2 σ3 σ4 σ2 σ2 σ1 σ4 σ3 σ3 σ3 σ4 σ2 σ1 σ4 σ4 σ3 σ1 σ2

In this case a proper nontrivial subgroup can only have order 2, and must be of the form {σ1, τ} 2 with τ = σ1. We see that we only have {σ1, σ2}. So together with the obvious subgroups {σ1} and Gal(E/Q) we have three subgroups. The intermediate fields corresponding to {σ1}, Gal(E/Q) are E and Q respectively (the latter because E/Q is a Galois extension). It remains to find the intermediate field corresponding to {σ1, σ2}. 2 3 Let a = a0 + a1α + a2α + a3α ∈ E; then 2 3 σ2(a) = a0 − a1α + a2α − a3α .

{σ ,σ } 2 2 Hence σ2(a) = a if and only if a1 = a3 = 0. It follows that E 1 2 = {a0 + a2α | ai ∈ Q} = Q(α ).

1.5 Cyclotomic ﬁelds

Let F be a ﬁeld and n ≥ 1 an integer. An ω ∈ F with ωn = 1 is called an n-th root of unity in F . It is primitive if ωk 6= 1 for 1 ≤ k ≤ n − 1. We can reformulate these concepts in group theoretical language by considering the group F ∗ = F \{0}. A root of unity is an element of ﬁnite order. It is an n-th root of unity if its order divides n. It is a primitive n-th root of unity if its order is exactly n.

Example 1.5.1 Let ω = √1 (1 + i) ∈ . Then 2 C

ω2 = i, ω3 = √1 (−1 + i), ω4 = −1, ω5 = √1 (−1 − i), ω6 = −i, ω7 = √1 (1 − i), ω8 = 1. 2 2 2 Hence ω is a primitive 8-th root of unity. 18 Galois Theory

It is clear that not all fields have primitive n-th roots of unity. For example, the only roots of unity in Q are ±1. In order to make a meaningful study of roots of unity we must work with fields that contain enough of them, that is, fields containing a splitting field of xn − 1. Now we have a lemma collecting some immediate properties of the set of n-th roots of unity; in order to prove it we need a little lemma.

Lemma 1.5.2 Let G be a group and g ∈ G of ﬁnite order n. Let i be an integer, i ≥ 1. Then the i n order of g is gcd(n,i) . Proof. Let k be the order of gi. Set d = gcd(n, i) and write i = i0d. Then (gi)n/d = (gn)i0 = 1. n ik i k Hence k divides d (Lemma 3.7.6(Algebra)). Also we have g = (g ) = 1. Hence again by Lemma n n 3.7.6(Algebra), n divides ik. But that implies that d divides k. It follows that k = d . 2

Lemma 1.5.3 Let F be a ﬁeld and let E ⊃ F be an extension containing a splitting ﬁeld of xn − 1. Set n Un(E) = {ω ∈ E | ω = 1}. Suppose that the characteristic of F is 0, or a prime not dividing n.

∗ (i) Un(E) is a cyclic subgroup of E of order n.

(ii) A ζ ∈ Un(E) generates Un(E) (that is, every element of Un(E) can be written as a power of ζ) if and only if it is a primitive n-th root of unity.

i (iii) Let ζ ∈ Un(E) be a primitive n-th root of unity. For i ≥ 1 we have that ζ is also a primitive n-th root of unity if and only if gcd(n, i) = 1. Proof. Set f = xn − 1. Then f 0 = nxn−1 which is nonzero because of our hypothesis on the characteristic. The only root of f 0 is 0, which is not a root of f. Therefore f only has roots of multiplicity 1 in its splitting ﬁeld (Lemma 4.7.2(Algebra)). Hence |Un(E)| = n. It is obvious that ∗ Un(E) is a subgroup of E and it is cyclic by Proposition 3.7.9(Algebra). Let ζ ∈ Un(E) and denote its order by |ζ|. The cyclic subgroup of Un(E) generated by ζ has order exactly |ζ|. So ζ generates Un(E) if and only if |ζ| = n if and only if ζ is a primitive n-th root of unity. The last item follows by (ii) together with Lemma 1.5.2. 2

s Remark 1.5.4 If the characteristic p divides n then we write n = p n0 where p does not divide n0. Let α be an n-th root of unity in some extension of F . Then by Lemma 4.7.1(Algebra) we have n n ps n ps 0 = α − 1 = (α 0 ) − 1 = (α 0 − 1) . It follows that α is an n0-th root of unity. So we lose nothing if we restrict our study to n-th roots of unity where the characteristic of the ground ﬁeld does not divide n.

1.5.1 Cyclotomic polynomials

Let Pn be the set of primitive n-th roots of unity in C. Deﬁne Y Φn = (x − ζ),

ζ∈Pn which a-priori is a polynomial in C[x]. It is called the n-th cyclotomic polynomial. In this section we will describe a method for computing Φn without ﬁrst computing all elements of Pn and evaluating the product. Then we will show that Φn ∈ Z[x] and that Φn is irreducible in Q[x].

Lemma 1.5.5 Let D(n) be the set of all positive divisors of n (including 1 and n). Then

n Y x − 1 = Φd. d∈D(n) 1.5 Cyclotomic ﬁelds 19

∗ Proof. Consider the group Un(C) ⊂ C of order n (Lemma 1.5.3). For d ∈ D(n) we have that Pd is exactly the set of elements of Un(C) that have order d. So Un(C) is the disjoint union of the sets Pd where d runs through D(n). Hence

n Y Y Y Y x − 1 = (x − ζ) = (x − ζ) = Φd. ζ∈Un(C) d∈D(n) ζ∈Pd d∈D(n) 2

We can use this lemma inductively to compute Φn for n ≥ 1. Indeed, we have Φ1 = x−1, Φ2 = x+1 x3−1 2 4 2 x4−1 2 and Φ3 = x−1 = x + x + 1. Also Φ1Φ2Φ4 = x − 1, and Φ1Φ2 = x − 1 so that Φ4 = x2−1 = x + 1. 9 3 x9−1 6 3 For another example, Φ1Φ3Φ9 = x − 1 and Φ1Φ3 = x − 1 and therefore Φ9 = x3−1 = x + x + 1.

Proposition 1.5.6 Φn ∈ Z[x].

Proof. We prove this by induction on n. The induction hypothesis is that Φm ∈ Z[x] for all m < n. Let g be the product of all Φd for d a divisor of n, d 6= n. By the induction hypothesis g ∈ Z[x]. By s the previous lemma gΦn ∈ Z[x]. Suppose that Φn 6∈ Z[x] and write Φn = a0 + ··· + asx , ai ∈ C. Let t u+t u be maximal with au 6∈ Z. Write g = b0 + ··· + btx where bi ∈ Z. Let c be the coeﬃcient of x in gΦn. Then c = btau + (bt−1au+1 + bt−2au+2 + ··· ).

The term in brackets lies in Z. So because c ∈ Z and bt = 1 it follows au ∈ Z which is a contradiction. We conclude that Φn ∈ Z[x]. 2

Theorem 1.5.7 Φn is irreducible in Q[x].

Proof. Fix a primitive n-th root of unity ζ0 in C and let f ∈ Q[x] be its minimal polynomial. Then f divides Φn by Proposition 4.3.4(Algebra). So there is a g ∈ Q[x] with Φn = fg. Because Φn, f are monic the same holds for g. By Gauss’ lemma (Lemma 2.5.13(Algebra)) there are rational numbers α, β such that αf, βg lie in Z[x] and Φn = (αf)(βg). But f is monic, so αf ∈ Z[x] implies α = ±1. Similarly we get β = ±1. We conclude that f, g ∈ Z[x]. Now let ζ ∈ Pn be a root of f (there is at least one such ζ). Let p be a prime not dividing n. Then p p by Lemma 1.5.3(iii) ζ ∈ Pn. We claim that ζ is also a root of f. Suppose that this is not the case, then ζp is a root of g and hence ζ is a root of h = g(xp). Therefore f and h have a nontrivial common factor. Consider the homomorphism ψp : Z[x] → Fp[y] given by

s s ψp(a0 + ··· + asx ) = [a0]p + [a1]py + ··· + [as]py .

Since f and h have a nontrivial common factor the same holds for ψp(f), ψp(h). Also ψp(h) = p p ψp(g)(y ) = (ψp(g)) (where the last equality follows from Lemma 4.7.1(Algebra), along with the p fact that [a]p = [a]p for all a ∈ Z, see Theorem 2.5.22(Algebra)). Hence ψp(f), ψp(g) must have a n nontrivial common factor. But fg divides x − 1 so ψp(fg) = ψp(f)ψp(g) implies that ψp(f)ψp(g) n divides y − [1]p. Thus the latter polynomial has a root of multiplicity at least 2 in some extension n n−1 of Fp. But that is excluded by Lemma 4.7.2(Algebra) as the derivative of y − [1]p is [n]py which p only has [0]p as a root because [n]p 6= [0]p. We conclude that ζ must be a root of f. i Finally, let ω ∈ Pn and write ω = ζ0 with gcd(n, i) = 1 (Lemma 1.5.3(iii)). Then i = p1 ··· pk, where the pj are primes not dividing n. By repeatedly applying the claim above we get that

p1 p1p2 p1 p2 i p1···pk ζ0 , ζ0 = (ζ0 ) , . . . , ζ0 = ζ0 are roots of f. In other words, all elements of Pn are roots of f and hence Φn divides f. It follows that f = Φn and Φn is irreducible. 2 20 Galois Theory

1.5.2 The Galois group of a cyclotomic extension Let F be a field and let E ⊃ F be a splitting field of xn − 1. Then we say that E is a cyclotomic extension of F . By Remark 1.5.4 we may assume that the characteristic of F does not divide n. Then we have that E = F (ζ), where ζ is any primitive n-th root of unity in E. Indeed, by Lemma 1.5.3(ii) F (ζ) contains all roots of xn − 1. Furthermore, as xn − 1 has roots of multiplicity 1 in E we have that E/F is Galois (Theorem 1.3.7). Now we briefly introduce a class of groups that will play an important role in the sequel. For n ≥ 1 we set ∗ (Z/nZ) = {[a]n ∈ Z/nZ | gcd(a, n) = 1}. ∗ If gcd(a, n) = gcd(b, n) = 1 then also gcd(ab, n) = 1 so that [a]n[b]n = [ab]n lies in (Z/nZ) . Further- more, if gcd(a, n) = 1 then there exist u, v ∈ Z with ua + vn = 1. Hence [u]n[a]n = [1]n. It follows ∗ that (Z/nZ) is a multiplicative group. Its order is denoted ϕ(n); the function ϕ : N → N is called Euler’s ϕ-function.

Theorem 1.5.8 Let n ≥ 1. Let F be a ﬁeld of characteristic 0 or of characteristic p > 0 where p is a prime not dividing n. Let E be a splitting ﬁeld of xn − 1 over F . Then

(i) For σ ∈ Gal(E/F ) there is a unique iσ ∈ Z with 1 ≤ iσ ≤ n − 1, gcd(iσ, n) = 1 such that iσ σ(ω) = ω for all ω ∈ Un(E).

(ii) The map ∗ ψ : Gal(E/F ) → (Z/nZ) deﬁned by ψ(σ) = [iσ]n is an injective group homomorphism.

(iii) ψ is surjective if and only if Φn is irreducible in F [x].

Proof. Fix a primitive n-th root of unity ζ ∈ Un(E). Let σ ∈ Gal(E/F ); then σ(ζ) is also a primitive iσ n n-th root of unity. Hence by Lemma 1.5.3 σ(ζ) = ζ for some iσ with gcd(iσ, n) = 1. Because ζ = 1 j iσ we may assume that 1 ≤ iσ ≤ n − 1. Then iσ is uniquely determined by σ for ζ = ζ implies that k j ≡ iσ mod n (because ζ has order n). Finally, if ω ∈ Un(E) then ω = ζ for a certain k. Hence σ(ω) = σ(ζk) = (ζiσ )k = ωiσ . Let σ, τ ∈ Gal(E/F ). Then σ(τ(ζ)) = στ(ζ) implies iσiτ ≡ iστ mod n. So [iσ]n[iτ ]n = [iσiτ ]n = [iστ ]n, which is another way of saying that ψ(σ)ψ(τ) = ψ(στ). We see that ψ is a group homorphism. Since E = F (ζ) we have that a σ ∈ Gal(E/F ) is uniquely determined by the value of σ(ζ). Therefore ψ is injective. By Lemma 1.5.3(iii) it follows that |Pn| = ϕ(n). Thus deg Φn = ϕ(n). Secondly, ζ is a root of n Φn. Indeed: it is a root of x − 1 so by Lemma 1.5.5 it is a root of a Φd for a divisor d of n. But we cannot have d < n as otherwise ζ would be a root of xd − 1 as well, and it therefore would not be primitive. Now ψ is surjective if and only if |Gal(E/F )| = ϕ(n) if and only if [E : F ] = ϕ(n) (Theo- rem 1.3.7(iii)) if and only if the minimal polynomial of ζ is Φn if and only if Φn is irreducible in F [x]. 2

For the base ﬁeld Q we summarize our ﬁndings in the following corollary.

n Corollary 1.5.9 Let E be the splitting ﬁeld of x − 1 over Q. Then E = Q(ζ) where ζ is a primitive n-th root of unity. The minimal polynomial of ζ is Φn. Furthermore, Gal(E/Q) is isomorphic to ∗ ∗ i (Z/nZ) and the isomorphism sends [i]n ∈ (Z/nZ) to σi ∈ Gal(E/Q) where σ(ζ) = ζ .

2πi Remark 1.5.10 Let ζ = e n ∈ C, then ζ is a primitive n-th root of unity. Hence Q(ζ) is a splitting n ﬁeld of x − 1 over Q. By the previous corollary the Galois group Gal(Q(ζ)/Q) contains an element σ with σ(ζ) = ζn−1. We have σ2(ζ) = ζ so that σ2 = 1 and H = {1, σ} is a subgroup of order 2πi − 2. Furthermore, since σ(ζ) = e n we see that σ is the restriction of complex conjugation to Q(ζ). H ϕ(n) Therefore Q(ζ) = Q(ζ) ∩ R. So for instance it follows that [Q(ζ) ∩ R : Q] = 2 . 1.5 Cyclotomic ﬁelds 21

Example 1.5.11 Let ζ ∈ C be a primitive 15-th root of unity and consider the extension Q(ζ)/Q. Here we determine its Galois group and explicitly describe its Galois correspondence. From Theorem 1.5.7 it follows that Φ15 is the minimal polynomial of ζ. By Lemma 1.5.5 we see 15 5 2 15 5 3 that x −1 = Φ1Φ3Φ5Φ15. Now Φ1Φ5 = x −1 and Φ3 = x +x+1. Furthermore, x −1 = (x ) −1 = 5 5 2 5 x10+x5+1 8 7 5 4 3 (x − 1)((x ) + x + 1), so that Φ15 = x2+x+1 = x − x + x − x + x − x + 1. From this it follows 2 7 8 7 5 4 3 that [Q(ζ): Q] = 8, that 1, ζ, ζ , . . . , ζ is a basis of Q(ζ) over Q and ζ = ζ − ζ + ζ − ζ + ζ − 1. Theorem 1.5.8 says that

Gal(Q(ζ)/Q) = {σ1, σ2, σ4, σ7, σ8, σ11, σ13, σ14}

i where σi(ζ) = ζ and σiσj = σij mod 15. This yields the following multiplication table

σ1 σ2 σ4 σ7 σ8 σ11 σ13 σ14 σ1 σ1 σ2 σ4 σ7 σ8 σ11 σ13 σ14 σ2 σ2 σ4 σ8 σ14 σ1 σ7 σ11 σ13 σ4 σ4 σ8 σ1 σ13 σ2 σ14 σ7 σ11 σ7 σ7 σ14 σ13 σ4 σ11 σ2 σ1 σ8 σ8 σ8 σ1 σ2 σ11 σ4 σ13 σ14 σ7 σ11 σ11 σ7 σ14 σ2 σ13 σ1 σ8 σ4 σ13 σ13 σ11 σ7 σ1 σ14 σ8 σ4 σ2 σ14 σ14 σ13 σ11 σ8 σ7 σ4 σ2 σ1

We determine the subgroups of Gal(Q(ζ)/Q). The orders of the elements σ1, σ2, . . . , σ14 are respectively 1, 4, 2, 4, 4, 2, 4, 2. Hence we have three subgroups of order 2: H1 = {σ1, σ4}, H2 = {σ1, σ11}, H3 = {σ1, σ14}. A subgroup of order 4 is either cyclic or consists of three elements of order 2 apart from σ1. We immediately see that we get H4 = {σ1, σ2, σ4, σ8}, H5 = {σ1, σ4, σ7, σ13} (the cyclic subgroups), and H6 = {σ1, σ4, σ11, σ14}.

Figure 1.5: Subgroups of Gal(Q(ζ)/Q).

Gal(Q(ζ)/Q) PP PP PP PP PP PP H4 H5 H6 PP PP A PP A PP PP A PP A H1 H2 H3 ! !! !! ! !! !! ! !! {σ1}

Now we determine the intermediate fields corresponding to these subgroups. First we look around 3 3 for some obvious intermediate fields. We see that ζ is a primitive fifth root of unity so Q(ζ ) is a field extension of degree 4 of Q. Hence it corresponds to a subgroup of order 2. By looking at the 3 H 5 available subgroups of that order we see that it must be H2, that is, Q(ζ ) = Q(ζ) 2 . Secondly, ζ 5 is a primitive third root of unity, so that [Q(ζ ): Q] = 2 and this field corresponds to a subgroup 5 of order 4. By looking at which of those groups leave ζ invariant we see that it must be H5, i.e., 5 H Q(ζ ) = Q(ζ) 5 . 22 Galois Theory

We deal with the other groups by solving sets of linear equations. First consider H1. Let a = 7 a0 + a1ζ + ··· + a7ζ . Then

2 3 σ4(a) =(a0 − a2 − a6 + a7) + (a2 + a4 − a7)ζ + (−a3 + a6)ζ + (−a2 − a6)ζ 4 5 6 7 + (a1 + a2 − a7)ζ + (−a2 + a5 + a7)ζ − a6ζ + (a2 − a3 + a6 − a7)ζ .

Hence σ4(a) = a if and only if

−a2 − a6 + a7 = 0

−a1 + a2 + a4 − a7 = 0

−a2 − a3 + a6 = 0

−a2 − a3 − a6 = 0

a1 + a2 − a4 − a7 = 0

−a2 + a7 = 0

−2a6 = 0

a2 − a3 + a6 − 2a7 = 0, which are equivalent to a6 = 0, a2 = −a3 = a7, a1 = a4. Hence

H1 2 3 4 5 7 Q(ζ) = {a0 + a1ζ + a2ζ − a2ζ + a1ζ + a5ζ + a2ζ | ai ∈ Q}.

4 The element ζ + ζ has exactly four diﬀerent images under Gal(Q(ζ)/Q). Therefore its minimal H polynomial over Q has degree 4 (Lemma 1.3.3) and consequently it is a primitive element of Q(ζ) 1 , H 4 that is, Q(ζ) 1 = Q(ζ + ζ ). The computation for H3 is analogous, therefore we omit the details. Here the linear equations on the ai are equivalent to

a1 + a2 − a5 − a6 − a7 = 0

a4 + a5 + a6 = 0

a2 + a3 − a5 = 0

a1 + 2a2 + 2a3 + a4 = 0, so that

H3 2 3 4 5 6 7 Q(ζ) = {a0+a1ζ+a2ζ +a3ζ +(−a1−2a2−2a3)ζ +(a2+a3)ζ +(a1+a2+a3)ζ +(−a2−2a3)ζ | ai ∈ Q}.

Again using Lemma 1.3.3 we see that the minimal polynomial of ζ − ζ4 + ζ6 has degree 4, so that H 4 6 Q(ζ) 3 = Q(ζ − ζ + ζ ). H Note that H4 is cyclic and generated by σ2. Hence a ∈ Q(ζ) 4 if and only if σ2(a) = a. The linear equations equivalent to that reduce to a1 = a4 = −2a5, a2 = −a3 = a7 = −a5, a6 = 0, so that

H4 2 3 4 5 7 Q(ζ) = {a0 − 2a5ζ − a5ζ + a5ζ − 2a5ζ + a5ζ − a5ζ | a5 ∈ Q}.

H 2 3 4 5 7 In this case it is obvious that Q(ζ) 4 = Q(θ) with θ = 2ζ + ζ − ζ + 2ζ − ζ + ζ (in fact, it can be shown the the minimal polynomial of θ is x2 − 3x + 6). H Finally, σ4σ14 = σ11 and hence a ∈ Q(ζ) 6 if and only if σ4(a) = σ14(a) = a. But the linear equations corresponding to σ4(a) = a and σ14(a) = a have already been studied above. Together they amount to a1 = a4 = a5 = a6 = 0, a2 = −a3 = a7. So

H6 2 3 7 2 3 7 Q(ζ) = {a0 + a2ζ − a2ζ + a2ζ | a2 ∈ Q} = Q(ζ − ζ + ζ ).

(The minimal polynomial of ζ2 − ζ3 + ζ7 is x2 − x − 1.) Figure 1.6 has the subﬁelds together with the inclusions between them. 1.6 Solvability of polynomial equations by radicals 23

Figure 1.6: Subﬁelds of Q(ζ).

Q PP PP PP PP PP PP 5 2 3 7 Q(θ) Q(ζ ) Q(ζ − ζ + ζ ) PP PP A PP A PP PP A PP A (ζ + ζ4) (ζ3) (ζ − ζ4 + ζ6) Q Q Q ! !! !! ! !! !! ! !! Q(ζ)

1.6 Solvability of polynomial equations by radicals

In this section we look at Galois’ main application of his theory: a criterion for deciding whether the roots of a given polynomial can be expressed by radicals. The criterion says that this happens precisely when the Galois group of the splitting field of the polynomial is solvable. The latter is a property of groups which we study first. Then we derive Galois’ criterion and use it to find a polynomial of degree 5 whose roots cannot be expressed by radicals. Then after an intermezzo on discriminants we come to the final topic of this chapter, the so-called irreducible case, which explains why, when expressing the roots of a polynomial of degree 3 by radicals we always need square roots of negative numbers, also if all roots lie in R.

1.6.1 Solvable groups

Deﬁnition 1.6.1 A group G is called solvable if there is a series of subgroups G = G1 ⊃ G2 ⊃ · · · ⊃ Gm = {1} such that Gi+1 is a normal subgroup of Gi and Gi/Gi+1 is abelian for 1 ≤ i ≤ m − 1.

For example abelian groups are solvable. Slightly less trivially, the dihedral groups Dn (Section 3.1.2(Algebra)) are solvable. Indeed, let G2 ⊂ Dn be the subgroup consisting of the σ[i]. As seen in Example 3.3.2(Algebra) this is a normal subgroup. As Dn/G2 has order 2 it is abelian. Secondly, G2 is abelian as well, so our series is Dn ⊃ G2 ⊃ G3 = {σ[0]}. In order to show that a given group is solvable it suffices to find a series of subgroups as in the definition. Proving that a given group is not solvable seems much more difficult. It is our next objective to derive a criterion for doing that. Let G be a group and A ⊂ G. Let H be the intersection of all subgroups of G that contain A. It is obvious that H is a subgroup of G, and that every subgroup of G that contains A must also contain H. We say that H is the subgroup of G generated by A.

Deﬁnition 1.6.2 Let G be a group. For g, h ∈ G we set [g, h] = g−1h−1gh, which is called the commutator of g, h. Let A be the set of all commutators of all elements of G then by [G, G] we denote the subgroup of G generated by A. It is called the commutator subgroup of G.

We note that [g, h] = 1 if and only if gh = hg, i.e., if and only if g, h commute. It follows that G is abelian if and only if [G, G] is the trivial subgroup. 24 Galois Theory

Lemma 1.6.3 Let G be a group. Then [G, G] is a normal subgroup and the quotient G/[G, G] is abelian. Moreover, for a normal subgroup N ⊂ G we have that G/N is abelian if and only if N contains [G, G].

Proof. Let h ∈ [G, G] and g ∈ G then ghg−1 = hh−1ghg−1 = h[h, g−1]. We see that ghg−1 ∈ [G, G] and therefore it is a normal subgroup. Let N be a normal subgroup of G and for g ∈ G writeg ¯ for the coset gN. The deﬁnition of the multiplication in quotient groups implies that [¯g, h¯] = [g, h]. Furthermore, G/N is abelian if and only if [¯g, h¯] = 1¯ for all g, h ∈ G. But this is the same as [g, h] = 1,¯ which in turn is equivalent to [g, h] ∈ N. We conclude that G/N is abelian if and only if [g, h] ∈ N for all g, h ∈ G. The latter is obviously equivalent to [G, G] ⊂ N. 2

Deﬁnition 1.6.4 Let G be a group and deﬁne G(1) = G and for k ≥ 1, G(k+1) = [G(k),G(k)]. The series G = G(1) ⊃ G(2) ⊃ · · · is called the derived series of G.

Proposition 1.6.5 Let G be a group. Then G is solvable if and only if there is an s ≥ 1 with G(s) = {1}.

Proof. First of all, if G(s) = {1} then using Lemma 1.6.3 we see that the derived series is a series satisfying Deﬁnition 1.6.1. Hence G is solvable. If G is solvable then let G = G1 ⊃ G2 ⊃ · · · ⊃ Gm = {1} be a series as in Deﬁnition 1.6.1. By (k) induction we show that G ⊂ Gk. This is certainly true for k = 1. Suppose it holds for a certain k ≥ 1. Because Gk/Gk+1 is abelian we have [Gk,Gk] ⊂ Gk+1 by Lemma 1.6.3. Hence

(k+1) (k) (k) G = [G ,G ] ⊂ [Gk,Gk] ⊂ Gk+1.

The conclusion is that G(m) = {1}. 2

Corollary 1.6.6 Subgroups and quotients of solvable groups are solvable.

Proof. Let G be a solvable group and H a subgroup. By induction it is straightforward to see that H(k) ⊂ G(k). So by the previous proposition, H is solvable as well. Let N ⊂ G be a normal subgroup. Let π : G → G/N be the surjective homomorphism with π(g) = gN. We claim that π(G(k)) ⊃ (G/N)(k) for k ≥ 1. For k = 1 this is obvious, so suppose k ≥ 1 and π(G(k)) ⊃ (G/N)(k). As in the proof of Lemma 1.6.3 we writeg ¯ for the coset gN. Letg, ¯ h¯ ∈ (G/N)(k); then we may assume that g, h ∈ G(k). Then [¯g, h¯] = [g, h] = π([g, h]) and hence [¯g, h¯] ∈ π(G(k+1)). It follows that π(G(k+1)) is a subgroup of G/N containing all [¯g, h¯] for g,¯ h¯ ∈ (G/N)(k). Hence it contains (G/N)(k+1). Our claim is proved, and it immediately implies that G/N is solvable. 2

Now we investigate the solvability of the symmetric groups Sn introduced in Section 3.1.1(Algebra). As shown there we can write every element of Sn as a product of disjoint cycles. Because

(i1, . . . , ik) = (i1, i2)(i2, i3) ··· (ik−1, ik) we can also write every element as a product of 2-cycles. However, this way of writing is far from unique. For example (1, 2)(2, 3)(1, 2) = (1, 3). We see that not even the number of 2-cycles that appear in diﬀerent expressions for a given π ∈ Sn is always the same. But we can prove that the parity of the number of 2-cycles is constant. For this we deﬁne an inversion of a π ∈ Sn to be a pair (i, j) with i < j but π(i) > π(j). We let inv(π) be the number of inversions of π. For example, π = (1, 2, 3) ∈ S3 has inversions (1, 3), (2, 3) so that inv(π) = 2.

Lemma 1.6.7 Let π, σ ∈ Sn. Then inv(πσ) ≡ inv(π) + inv(σ) mod 2. 1.6 Solvability of polynomial equations by radicals 25

Proof. Set A = {(i, j) | 1 ≤ i < j ≤ n, σ(i) < σ(j), πσ(i) < πσ(j)} B = {(i, j) | 1 ≤ i < j ≤ n, σ(i) < σ(j), πσ(i) > πσ(j)} C = {(i, j) | 1 ≤ i < j ≤ n, σ(i) > σ(j), πσ(i) < πσ(j)} D = {(i, j) | 1 ≤ i < j ≤ n, σ(i) > σ(j), πσ(i) > πσ(j)}. Then inv(πσ) = |B| + |D|, inv(π) = |B| + |C|, inv(σ) = |C| + |D|. The lemma follows. 2

Corollary 1.6.8 Let π ∈ Sn and write π = π1 ··· πk = σ1 ··· σl, where the πi, σj are 2-cycles. Then k ≡ l mod 2. Proof. Note that the number of inversions of a 2-cycle is odd. So using the previous lemma we see that inv(π) ≡ k mod 2 and inv(π) ≡ l mod 2. 2

The elements of Sn that can be written as a product of an even number of 2-cycles are called even. The others are called odd. It is obvious that the set of even permutations forms a subgroup of Sn. It is called the alternating group, and denoted An. Consider the 2-cycle (1, 2). It is immediate that Sn 1 1 is the disjoint union of An and (1, 2)An. Hence |An| = 2 |Sn| = 2 n!. Now we show that [Sn,Sn] = An. For that we ﬁrst need a little lemma.

Lemma 1.6.9 Let A ⊂ Sn be the set consisting of all 3-cycles. Then An is generated by A.

Proof. Let H ⊂ Sn denote the group generated by A. We have (i, j, k) = (i, j)(j, k) so that 3-cycles are even and hence H is contained in An. Now consider two 2-cycles, π = (i, j), σ = (k, l). If {i, j} = {k, l} then πσ = 1. If {i, j}∩{k, l} consists of one element, say j = k, then πσ = (i, j, l). If {i, j}, {k, l} are disjoint then πσ = (i, k, j)(k, l, i). We conclude that πσ lies in H. Hence every even permutation lies in H, in other words, An ⊂ H. 2

Proposition 1.6.10 [Sn,Sn] = An. −1 −1 −1 Proof. For π ∈ Sn we have that π and π have the same parity. Hence [π, σ] = π σ πσ is even. It follows that [Sn,Sn] ⊂ An. On the other hand, [(i, j), (i, k)] = (i, j)(i, k)(i, j)(i, k) = (i, j, k).

Hence [Sn,Sn] contains every 3-cycle and therefore it contains An be the previous lemma. 2

Theorem 1.6.11 The group Sn is solvable for n = 2, 3, 4 and not solvable otherwise.

Proof. We have that S2 is abelian and hence solvable. The group A3 is of order 3 and abelian, hence [A3,A3] = {1}. Using Propositions 1.6.10, 1.6.5 we conclude that S3 is solvable. Let

V4 = {1, (1, 2)(3, 4), (1, 3)(2, 4), (1, 4)(2, 3)}. −1 For π ∈ Sn we have π(i, j)(k, l)π = (π(i), π(j))(π(k), π(l)). It follows that V4 is a normal subgroup of A4 (even of S4). The quotient A4/V4 has order 3 and hence is abelian. So S4 ⊃ A4 ⊃ V4 ⊃ {1} is a series as in Deﬁnition 1.6.1. So S4 is solvable as well. Now suppose that n ≥ 5. Let i, j, k, s, t be distinct elements of {1, . . . , n}. Then [(i, s, j), (i, t, k)] = (j, s, i)(k, t, i)(i, s, j)(i, t, k) = (i, j, k).

Hence [An,An] contains every 3-cycle and by Proposition 1.6.10 we see that [An,An] = An. By Propo- sition 1.6.5 Sn is not solvable. 2

Now we want to show that a ﬁnite solvable group has a descending series of subgroups such that the successive quotients have prime order. For this we need a theorem due to Cauchy. 26 Galois Theory

Theorem 1.6.12 (Cauchy) Let G be a ﬁnite group and p a prime dividing |G|. Then G has an element of order p.

Proof. Let T be the set of all p-tuples (g1, . . . , gp) where gi ∈ G and g1 ··· gp = 1. Note that the ﬁrst p−1 elements of such a p-tuple can be chosen arbitrarily in G, and then the last element is determined −1 p−1 by gp = (g1 ··· gp−1) . Hence |T | = |G| and in particular we see that p divides |T |. p Let T0 be the subset of T consisting of the tuples (g, . . . , g) with g = 1. Of course T0 contains p (1,..., 1). Hence the theorem is equivalent to the statement |T0| > 1. (Indeed, if g = 1 and g 6= 1 then the order of g is p by Lemma 3.7.6(Algebra).) For (g1, . . . , gp) ∈ T set ϕ(g1, . . . , gp) = (gp, g1, . . . , gp−1). Because −1 −1 gpg1 ··· gp−1 = gpg1 ··· gp−1gpgp = gpgp = 1 we see that ϕ maps T to T . Note that it has an obvious inverse and hence ϕ is a bijection. Furthermore, ϕ maps T0 and T1 = T \ T0 to themselves. p k Let t ∈ T1. Observe that ϕ (t) = t. Let k ≥ 1 be minimal with ϕ (t) = t. Then k ≤ p and write p = qk + r with 0 ≤ r < k. Then t = ϕp(t) = ϕr((ϕk)q(t)) = ϕr(t), and it follows that r = 0 and k = p because p is prime. It follows that the elements t, ϕ(t), . . . , ϕp−1(t) p−1 are all distinct. So T1 is the disjoint union of subsets {t, ϕ(t), . . . , ϕ (t)}. It follows that p divides |T1|. As p divides |T | we see that it must divide |T0| as well and wqe are done. 2

Remark 1.6.13 We can reformulate this proof using the language of group actions (see Section 3.5(Algebra)). Let G = {1, ϕ, . . . , ϕp−1}. Then G is a group of order p (it is a subgroup of the group

ST1 of all permutations of T1). It naturally acts on T1. The stabilizer of a t ∈ T1 is a subgroup of G. However, because this group has p elements, its only subgroups are {1} and G itself. Hence the stabilizer of each t ∈ T1 is trivial. So by the orbit-stabilizer theorem (Corollary 3.5.13(Algebra)) it follows that each orbit of G on T1 has p elements.

Theorem 1.6.14 Let G be a ﬁnite solvable group. Then G has a series of subgroups G = G1 ⊃ G2 ⊃ · · · ⊃ Gm = {1} such that Gi+1 is a normal subgroup of Gi and Gi/Gi+1 is abelian and of prime order. Proof. The proof is by induction on |G|. The induction hypothesis is that all solvable groups of cardinality less than |G| have a series as in the theorem. Because G is solvable it has a normal subgroup N such that G 6= N and G/N is abelian. Write H = G/N. If the order of H is not prime then write |H| = ps, where p is a prime and s > 1 an integer. By Theorem 1.6.12 H has an element of order p, and thus it has a subgroup M of order p. Since H is abelian, M is automatically normal. Now consider the homomorphisms π1 : G → H, π1(g) = gN, and π2 : H → H/M, π2(h) = hM and 0 0 let π = π2 ◦ π1. Then π is a group homomorphism and let N = ker(π) be its kernel. Then N is not 0 all of G because π1 is surjective and the kernel of π2 is not all of H. We have that N strictly contains N and G/N 0 is abelian as well (this follows for example from Lemma 1.6.3). We can continue this process and eventually we ﬁnd a normal subgroup N 00 of G such that N 00 6= G, G/N 00 is abelian and 00 00 G/N is of prime order. Set G2 = N . By Corollary 1.6.6 we have that G2 is solvable. So by the induction hypothesis there is a series of subgroups G2 ⊃ G3 ⊃ · · · ⊃ Gm = {1} with the properties stated in the theorem. It follows that G has such a series as well. 2

1.6.2 Radical extensions In this section we prove an amazing theorem by Galois: there are expressions for the roots of a given polynomial, involving arithmetic operations and taking n-th roots (for n ≥ 2) if and only if the Galois group of the spliting field of the polynomial is solvable. In order to be able to do that we first translate the existence of the mentioned expressions into a property of the splitting field. In this section all fields are of characteristic 0. 1.6 Solvability of polynomial equations by radicals 27

Definition 1.6.15 A field extension E/F is said to be radical if there is a tower of fields F = F1 ⊂ F2 ⊂ · · · ⊂ Fm+1 = E such that for 1 ≤ i ≤ m we have Fi+1 = Fi(αi) where αi ∈ Fi+1 satisfies ni αi ∈ Fi for some ni > 0.

mi With the notation of this deﬁnition write βi = αi . Then βi ∈ Fi and αi can be thought of as an ni-th root of βi.

Definition 1.6.16 Let F be a field and f ∈ F [x]. Then f is called solvable by radicals if there is a radical extension E/F such that E contains a splitting field of f. Note that solvability by radicals exactly means that there are expressions for the roots of f involving √ the arithmetic operations, elements of F and n-th roots n . Also we remark that it is not enough to require that the splitting field itself is a radical extension, as there are examples of splitting fields that are contained in radical extensions but are not radical extensions themselves.

Proposition 1.6.17 Let E/F be a radical extension. Then there is an extension K/E such that K/F is radical and Galois.

Proof. Because E/F is radical there is a tower as in Definition 1.6.15. In particular E = F (α1, . . . , αm). Let fi be the minimal polynomial of αi over F . Set f = f1 . . . fm and let K ⊃ E be a splitting field of f over E. Since the αi are roots of f we have that K is also a splitting field of f over F . The extension K/F is Galois by Theorem 1.3.7 (note that f is automatically separable because the characteristic is 0). Write Gal(K/F ) = {σ1, . . . , σn}, where σ1 is the identity. Using Lemma 1.3.3 we see that for each root β of fi there is a σj with β = σj(αi). Hence K = F (σj(αi) | 1 ≤ i ≤ m, 1 ≤ j ≤ n). Set

Fi,j = F (σ1(α1), . . . , σ1(αm), σ2(α1), . . . , σ2(αm), σ3(α1), . . . , σj(α1), . . . , σj(αi)).

ni+1 ni+1 Then for 1 ≤ i ≤ m − 1 we have Fi+1,j = Fi,j(σj(αi+1)). Now σj(αi+1) = σj(αi+1 ). But ni+1 ni+1 αi+1 ∈ Fi+1 = F (α1, . . . , αi). Hence αi+1 can be written in terms of elements of F and α1, . . . , αi ni+1 (and arithmetic operations). It follows that σj(αi+1 ) lies in F (σj(α1), . . . , σj(αi)) ⊂ Fi,j. n1 n1 n1 Secondly, for 1 ≤ j ≤ n − 1 we have F1,j+1 = Fm,j(σj+1(α1)) and σj+1(α1) = σj+1(α1 ) = α1 ∈ F ⊂ Fm,j. We conclude that we have the tower

F ⊂ F1,1 ⊂ F2,1 ⊂ · · · ⊂ Fm,1 ⊂ F1,2 ⊂ F2,2 ⊂ · · · ⊂ Fm,2 ⊂ · · · ⊂ Fm,n = K and therefore K/F is radical. 2

Lemma 1.6.18 Let K/F be an extension such that there is an α ∈ K with K = F (α) and αn ∈ F for some n > 0. Suppose that F contains a primitive n-th root of unity. Then K/F is Galois and Gal(K/F ) is abelian. Proof. Let ω ∈ F be a primitive m-th root of unity. Consider the polynomial f = xn − αn ∈ F [x]. The roots of f in K are α, ωα, . . . , ωn−1α and they are all distinct as ω is primitive. Therefore f splits into linear factors in K[x] and we see that K is a splitting ﬁeld of f over F . So by Theorem 1.3.7 K/F is Galois. A σ ∈ Gal(K/F ) is uniquely determined by the value of σ(α), which has to be a root of f. Hence σ(α) = ωiα for a certain i with 0 ≤ i < n. Let τ be a second element of Gal(K/F ) and write τ(α) = ωjα. Because ω ∈ F we have σ(ω) = τ(ω) = ω implying that

στ(α) = ωi+jα = τσ(α).

Hence Gal(K/F ) is abelian. 2

Proposition 1.6.19 Let F be a ﬁeld and f ∈ F [x]. Let E be a splitting ﬁeld of f over F . If f is solvable by radicals then Gal(E/F ) is solvable. 28 Galois Theory

Proof. By Definition 1.6.16 E is contained in a field K such that K/F is radical. By Proposition 1.6.17 we may assume that K/F is Galois as well. Let F = F1 ⊂ · · · ⊂ Fm+1 = K be a tower of ni extensions such that Fi+1 = Fi(αi), αi ∈ Fi. We now would like to apply the Galois correspondence and obtain a series of subgroups of the Galois group. However, in order to conclude anything on these subgroups we need the previous lemma that assumes that the base field contains certain roots of unity. The trick is to add all needed roots of unity and to put them at the bottom of the tower. n Set n = n1 ··· nm and let L be the splitting field of x − 1 over K. Since K/F is Galois it is the splitting field of some h ∈ F [x]. Hence L is the splitting field of h(xn − 1) over F and we see that L/F is Galois. Furthermore, as remarked in Section 1.5.2 we have L = K(ω) where ω is a primitive n-th root of unity. So L = F (α1, . . . , αm, ω) and we consider the tower

F ⊂ F (ω) ⊂ F (ω, α1) ⊂ F (ω, α1, α2) ⊂ · · · ⊂ F (ω, α1, . . . , αm) = L.

Set G = Gal(L/F ). To the ﬁelds in the tower we apply the Galois correspondence, that is, we set Gi = Gal(L/F (ω, α1, . . . , αi)) (so that G0 = Gal(L/F (ω))). Note that all ﬁelds, from F (ω) onwards, contain a primitive ni-th root of unity for all i. (Indeed, if s we set si = n/ni then ω i is a primitive ni-th root of unity.) For 0 ≤ i ≤ m − 1 consider the extensions

F (ω, α1, . . . , αi) ⊂ F (ω, α1, . . . , αi, αi+1) ⊂ L.

By Lemma 1.6.18 the first of these is Galois with abelian Galois group. So by Proposition 1.4.5 we have that Gi+1 is normal in Gi and the quotient is abelian. Furthermore, F (ω) is the splitting field of xn − 1 over F so that F (ω)/F is Galois with abelian Galois group (the latter by Theorem 1.5.8(ii)). Again using Proposition 1.4.5 we see that G0 is normal in G with abelian quotient. So we have a series of subgroups G ⊃ G0 ⊃ · · · ⊃ Gm = {1} satisfying the requirements of Definition 1.6.1. Hence G is solvable. But that is not the group that we were interested in! Consider the extensions F ⊂ E ⊂ L. Here E/F is Galois, so that N = Gal(L/E) is a normal subgroup and Gal(E/F ) =∼ G/N (again by Propo- sition 1.4.5). Now with Corollary 1.6.6 we conclude that Gal(E/F ) is solvable. 2

Lemma 1.6.20 Let K/F be a Galois extension of prime degree p. Suppose that F contains a primitive p-th root of unity. Then there is an α ∈ K such that K = F (α) and αp ∈ F .

Proof. Write H = Gal(K/F ) then |H| = p by Theorem 1.3.7. Let σ ∈ H be diﬀerent from the identity. Then σ has order p by Proposition 3.7.4(Algebra). Hence σ generates H, that is

H = {1, σ, σ2, . . . , σp−1}.

Now we view K as a vector space over F and σ : K → K as a linear map. Let λ be an eigenvalue of σ (this λ could lie in an extension of F ). Then σp = 1 implies that λp = 1 and because of the assumption on F we see that F contains all eigenvalues of σ. Now suppose that the only eigenvalue of σ is 1. Then the characteristic polynomial of σ is f = (x − 1)p. The Cayley-Hamilton theorem now p p implies that f(σ) = 0, that is, (σ − IK ) = 0, where IK is the identity map on K. Because σ = 1 we also have that g(σ) = 0 with g = xp − 1. Furthermore gcd(f, g) = x − 1 so there are u, v ∈ F [x] with uf + vg = x − 1 (Theorem 2.3.11(Algebra)). But that implies that σ = 1, which is not the case. Hence σ has an eigenvalue λ not equal to 1. Let α ∈ E be a corresponding eigenvector, i.e., σ(α) = λα. Then α 6∈ F (as otherwise σ(α) = α). Because [K : F ] = p there are no intermediate ﬁelds other than F and K. Hence K = F (α). Finally, σ(αp) = (λα)p = λpαp = αp and as σ generates H we have that αp ∈ KH = F . 2

Proposition 1.6.21 Let F be a ﬁeld and f ∈ F [x]. Let E be a splitting ﬁeld of f over F . Suppose that Gal(E/F ) is solvable. Then f is solvable by radicals. 1.6 Solvability of polynomial equations by radicals 29

Proof. Write G = Gal(E/F ). By Theorem 1.6.14 G has a normal subgroup N such that G/N is abelian of prime order p. Let E0 ⊃ E be a splitting ﬁeld of xp − 1. In the same way as in the proof of Proposition 1.6.19 we see that E0 = E(ω) where ω is a primitive p-th root of unity and that E0/F is Galois. Since also E/F is Galois we have that σ(E) = E for all σ ∈ Gal(E0/F ) (Proposition 1.4.5). So we can deﬁne the homomorphism

0 ψ : Gal(E /F (ω)) → G with ψ(σ) = σ|E.

(Note that Gal(E0/F (ω)) is a subgroup of Gal(E0/F ).) We have that ψ is injective. Indeed, let σ ∈ Gal(E0/F (ω)) be such that ψ(σ) = 1. Then σ(α) = α for α ∈ E. Furthermore, σ(ω) = ω is automatic from σ ∈ Gal(E0/F (ω)). Hence σ is the identity on E0. So the kernel of ψ is trivial and hence ψ is injective. It follows that Gal(E0/F (ω)) is isomorphic to a subgroup of G. We prove the theorem by induction on |G|. The induction hypothesis is that for all Galois extensions L/K with Gal(L/K) solvable and of order less than |G| we have that L is contained in a radical extension of K. We consider two cases. In the ﬁrst case we have |Gal(E0/F (ω))| < |G|. By the induction hypothesis E0 is contained in a radical extension M of F (ω). But since F ⊂ F (ω) is radical, M is also a radical extension of F . In the second case we have |Gal(E0/F (ω))| = |G|. Then Gal(E0/F (ω)) is isomorphic to G and it follows that Gal(E0/F (ω)) also has a normal subgroup H0 such that the quotient is abelian of order p. Let M be the corresponding intermediate ﬁeld, that is,

0 M = E0H = {α ∈ E0 | σ(α) = α for all σ ∈ H0}.

By the Galois correspondence (more precisely Lemma 1.4.2(i)) we have that H0 = Gal(E0/M). Now we apply Proposition 1.4.5 and ﬁnd that M/F (ω) is a Galois extension with Galois group isomorphic to Gal(E0/F (ω))/H0 which has p elements. Hence [M : F (ω)] = p and from Lemma 1.6.20 we see that there is an α ∈ M with M = F (ω, α) and αp ∈ F (ω). As |Gal(E0/M)| = |H0| < |G| we infer by induction that there is a radical extension R of M with E0 ⊂ R. But we have just seen that M is a radical extension of F , so that R is also a radical extension of F . Because it contains E the theorem is proved. 2

We unite the two previous propositions in the following theorem due to Galois.

Theorem 1.6.22 (Galois) Let F be a ﬁeld and let f ∈ F [x] have splitting ﬁeld E over F . Then f is solvable by radicals if and only if Gal(E/F ) is solvable.

Example 1.6.23 We can use the strategy of the proof of Proposition 1.6.21 to find radical expressions for the roots of a given f ∈ F [x] such that the Galois group G of its splitting field E is solvable. This works especially well when we have a series of subgroups G = G1 ⊃ G2 ⊃ · · · ⊃ Gs = {1} with Gi+1 G normal in Gi and Gi/Gi+1 abelian of order 2. Ideed, let Fi = E i ; then E = Fs ⊃ Fs−1 ⊃ · · · ⊃ F1 = F 2 where [Fi : Fi−1] = 2. Write Gal(Fi/Fi−1) = {τ0, τ1} where τ0 is the identity and τ1 = τ0. Note that Fi−1 contains a primitive second root of unity, namely -1. So by Lemma 1.6.20, Fi = Fi−1(αi−1) with 2 αi−1 ∈ Fi−1. Finally, by the proof of the mentioned lemma, finding such an αi−1 amounts to solving the equation τ1(αi−1) = −αi−1. So we can construct a radical tower and in the end find an expression for a root of f using only square roots. 15 We illustrate this in the case of f = x − 1 ∈ Q[x]. The Galois correspondence for its splitting field is described in Example 1.5.11. Consider the subgroups

G ⊃ H5 = {σ1, σ4, σ7, σ13} ⊃ H1 = {σ1, σ4} ⊃ {σ1}

5 4 corresponding to the chain of subﬁelds Q ⊂ Q(ζ ) ⊂ Q(ζ + ζ ) ⊂ Q(ζ). In order to execute the above procedure we need the groups

5 4 5 4 Gal(Q(ζ )/Q), Gal(Q(ζ + ζ )/Q(ζ )), Gal(Q(ζ)/Q(ζ + ζ )). 30 Galois Theory

4 5 By the Galois correspondence (Lemma 1.4.2(i)) we have that Gal(Q(ζ)/Q(ζ+ζ )) = H1 and Gal(Q(ζ)/Q(ζ )) = H5. Since G is abelian, all subgroups are normal and in particular H1 is a normal subgroup of H5. So 4 5 4 5 by Proposition 1.4.5 we see that Q(ζ + ζ )/Q(ζ ) is Galois and Gal(Q(ζ + ζ )/Q(ζ )) is isomorphic to H1/H5. The latter group consists of the cosets σ1H5, σ7H5. The proof of Proposition 1.4.5 now 4 5 4 shows that Gal(Q(ζ + ζ )/Q(ζ )) = {σ¯1, σ¯7}, whereσ ¯i denotes the restriction of σi to Q(ζ + ζ ). 5 In the same way we see that Gal(Q(ζ )/Q) is isomorphic to G/H5. This group consists of the 5 cosets σ1H5 and σ2H5. Hence Gal(Q(ζ )/Q) = {σˆ1, σˆ2}, whereσ î denotes the restriction of σi to 5 Q(ζ ). 5 Now we write the chain of subfields as a radical tower. We start with Q(ζ ) ⊃ Q. Finding 5 5 2 5 α ∈ Q(ζ ) with Q(ζ ) = Q(α) and α ∈ Q amounts to solvingσ ˆ2(α) = −α. Write α = a + bζ with 10 5 a, b ∈ Q. Thenσ ˆ2(α) = a + bζ = a − b − bζ . Soσ ˆ2(α) = −α is the same as 2a = b. We choose a = 1, b = 2 and hence α = 1 + 2ζ5. (Then α2 = −3.) 4 5 4 7 28 4 5 Next we consider Q(ζ + ζ ) ⊃ Q(ζ ). Write θ = ζ + ζ thenσ ¯7(θ) = ζ + ζ = 1 − ζ − ζ + ζ = 5 2 5 1 + ζ − θ. To find a β ∈ Q(θ) with Q(θ) = Q(β) and β ∈ Q(ζ ) amounts to finding a β ∈ Q(θ) with 5 5 σ¯7(β) = −β. Write β = a + bθ with a, b ∈ Q(ζ ). Thenσ ¯7(β) = a + (1 + ζ )b − bθ. Soσ ¯7(β) = −β amounts to 2a + (ζ5 + 1)b = 0. We choose a = ζ5 + 1 and b = −2 so that β = 1 + ζ5 − 2(ζ + ζ4). (Then β2 = 5ζ5.) 4 Finally we look at Q(ζ) ⊃ Q(ζ +ζ ). We first compute the minimal polynomial of ζ over the second field. According to Lemma 1.3.3 the minimal polynomial of ζ is (x − ζ)(x − σ4(ζ)), which is equal to x2 − (ζ + ζ4)z + ζ5. In particular we have the relation ζ2 = (ζ + ζ4)ζ − ζ5. (Which, of course, is also 5 4 4 easy to see directly.) Write γ = a+bζ with a, b ∈ Q(ζ +ζ ). Then σ4(γ) = a+bζ = a+b(ζ +ζ )−ζ). 4 4 4 So σ4(γ) = −γ amounts to 2a + (ζ + ζ )b = 0. We choose a = ζ + ζ , b = −2 so that γ = (ζ + ζ ) − 2ζ. (Then γ2 = (ζ + ζ4)2 − 4ζ(ζ + ζ4) + 4ζ2 = (ζ + ζ4)2 − 4ζ5.) Now we construct an injective homomorphism Q(ζ) → C in the following way. We start with the identity homomorphism ψ0 : Q → C. By Lemma 4.6.6(Algebra) there√ exists a unique injective homomorphism ψ : (α) → with ψ (a) = a for a ∈ and ψ (α) = −3. Note that ζ5 = α−1 , so √ 1 Q C 1 Q 1 2 5 −3−1 that ψ1(ζ ) = . So by the same lemma there exists an injective homomorphism ψ2 : Q(α, β) → C 2 √ q 5 4 1 5 such that ψ2(a) = ψ1(a) for all a ∈ Q(α) and ψ2(β) = 2 ( −3 − 1). We have ζ +ζ = 2 (ζ +1−β) = α+1−2β 4 and therefore √ q 5 √ 1 + −3 − 2 2 ( −3 − 1) ψ (ζ + ζ4) = . 2 4

Again by Lemma 4.6.6(Algebra) we get an injective homomorphism ψ3 : Q(α, β, γ) → C with γ2(a) = a for all a ∈ Q(α, β) and v u √ q √ 2 u 1 + −3 − 2 5 ( −3 − 1) u 2 √ ψ2(γ) = t − 2( −3 − 1).  4 

1 4 We have ζ = 2 (ζ + ζ − γ). So we also get a radical expression for ψ3(ζ). After some manipulation it is seen to be r ! 1 √ q √ √ √ q √ q √ 1 + −3 − 10( −3 − 1) − 20 − 20 −3 − 2 −3 10( −3 − 1) − 2 10( −3 − 1) . 8

√ (Here we have to be a bit careful as something like u can indicate two complex numbers. With ψ1 √ q √ √ q √ we fix a choice for −3; with ψ2 we fix 10( −3 − 1). Then −3 10( −3 − 1) is the product of q √ these two. If we would write this as −30( −3 − 1) then we would introduce another choice, not necessarily compatible with the first two.) 1.6 Solvability of polynomial equations by radicals 31

1.6.3 A polynomial not solvable by radicals

Here we give a polynomial of degree five whose roots are not expressible by radicals. By Theorem 1.6.22 along with Theorem 1.6.11 a polynomial whose splitting field has Galois group isomorphic to S5 has this property. The main problem now is to show that the splitting field of a given polynomial has this Galois group. Indeed, because |S5| = 120 we cannot simply list its elements and compute a multiplication table. We need to resort to some tricks to show that the Galois group is isomorphic to S5. For this we first show how to identify a Galois group with a permutation group, a construction that is of wider interest. Let F be a field, f ∈ F [x] a separable polynomial and E ⊃ F its splitting field. Let α1, . . . , αn ∈ E be the roots of f without repetitions (that is, we just take the roots of the irreducible factors of f). Then by definition E = F (α1, . . . , αn) (Definition 4.6.1(Algebra)). Let σ ∈ Gal(E/F ). For 1 ≤ i ≤ n we have that σ(αi) is a root of f, hence equal to an αj. Moreover, for i1 6= i2 we cannot have

σ(αi1 ) = σ(αi2 ) because σ is injective. It follows that there is a πσ ∈ Sn with

σ(αi) = απσ(i) for 1 ≤ i ≤ n.

Deﬁne a map ψ : Gal(E/F ) → Sn by ψ(σ) = πσ.

Lemma 1.6.24 ψ is an injective group homomorphism.

Proof. Let σ, τ ∈ Gal(E/F ). Then στ(αi) = σ(τ(αi)) translates to

απστ (i) = απσπτ (i) so that πστ (i) = πσπτ (i) for all i. In other words, πστ = πσπτ , which just means that ψ is a group homomorphism. If ψ(σ) = ψ(τ) then σ(αi) = τ(αi) for all i, and because E = F (α1, . . . , αn) this implies that σ = τ. We see that ψ is injective. 2

Let H = ψ(Gal(E/F )). Then H is a subgroup of Sn and ψ : Gal(E/F ) → H is an isomorphism. So Gal(E/F ) is isomorphic to a subgroup of Sn. 5 Now let f = x − 6x + 3 ∈ Q[x] with splitting field E ⊂ C. By Eisenstein’s criterion (Theorem 2.5.14(Algebra)) f is irreducible. So it has five distinct roots in C and by the above construction we have that Gal(E/Q) is isomorphic to a subgroup H of S5. With a few steps we prove that this subgroup is equal to S5. H contains a 5-cycle. Let α ∈ E be a root of f then [Q(α): Q] = 5, so since [E : Q] = [E : Q(α)][Q(α): Q] (Theorem 4.3.3(Algebra)) we have that [E : Q] is divisible by 5. Because |Gal(E/Q)| = [E : Q] we have the same for the order of the Galois group. Hence by Theorem 1.6.12 H contains an element of order 5. Now the order of a k-cycle in Sn is k. By listing the various possible decompositions of an element of S5 as a product of disjoint cycles and using Proposition 3.7.7(Algebra) it is seen that an element of order 5 must be a 5-cycle, denote it π5. H contains a 2-cycle. By computing the derivative of f we see that the graph of f (seen as a function R → R) has one positive maximum and one negative minimum. Therefore f has exactly three real roots, denoted α3, α4, α5, and hence exactly two non-real roots, denoted α1, α2. The latter are complex conjugates. Let σ : C → C be complex conjugation, i.e., σ(x + iy) = x − iy for x, y ∈ R. Then σ permutes the roots of f and therefore maps E to itself. Furthermore, σ is an automorphism of C and hance its restriction to E is as well. We have σ(α1) = α2, σ(α2) = α1, σ(αi) = αi for i = 3, 4, 5. Hence πσ = (1, 2). 2 3 4 Write π5 = (1, i2, i3, i4, i5). Then π5 = (1, i3, i5, i2, i4), π5 = (1, i4,...), π5 = (1, i5,...). We see that H contains the 5-cycle (1, 2, j3, j4, j5). By relabelling the αi for i = 3, 4, 5 we now may assume that jk = k and that H contains (1, 2, 3, 4, 5). Finally, (1, 2) and (1, 2, 3, 4, 5) generate S5 (we leave this verification as an exercise). The conclusion is that H = S5. 32 Galois Theory

1.6.4 The discriminant of a polynomial

Let F be a ﬁeld and f ∈ F [x]. Let E be a splitting ﬁeld of f and write f = γ(x − α1) ··· (x − αn) where γ ∈ F and αi ∈ E. Then 2n−2 Y 2 D(f) = γ (αi − αj) 1≤i

2 b c Example 1.6.25 Let f = ax + bx + c = a(x − α1)(x − α2). Then α1 + α2 = − a , α1α2 = a . Hence b2 c (α − α )2 = (α + α )2 − 4α α = − 4 . 1 2 1 2 1 2 a2 a 2 2 2 It follows that D(f) = a (α1 − α2) = b − 4ac.

Example 1.6.26 The discriminant of a polynomial is a symmetric polynomial in the roots of f (this means that it is unchanged when we permute the roots in any way). It can be shown that this implies that the discriminant of a monic polynomial can be expressed as a polynomial in the coeﬃcients of f. For example, if f = x3 + ax2 + bx + c then D(f) = a2b2 − 4a3c + 18abc − 4b3 − 27c2. So it is possible to decide whether f has a root of multiplicity at least 2 without computing any of the roots explicitly!

Proposition 1.6.27 Let f be a ﬁeld and f ∈ F [x]. Suppose that f is separable and square-free. Let α1, . . . , αn be the (necessarily distict) roots of f in its splitting ﬁeld E. Consider the injective group homomorphism ψ : Gal(E/F ) → Sn constructed in Section 1.6.3. Then (i) D(f) ∈ F ,

(ii) ψ(Gal(E/F )) is contained in the alternating group An if and only if D(f) is a square in F .

Proof. Let P = {(i, j) | 1 ≤ i < j ≤ n}. For π ∈ Sn deﬁne the mapπ ˜ : P → P by ( (π(i), π(j)) if π(i) < π(j) π˜(i, j) = . (π(j), π(i)) if π(i) > π(j) The inverse ofπ ˜ isτ ˜, where τ = π−1. In particular it follows thatπ ˜ is bijective. For (i, j) ∈ P we set δ(i,j) = αi − αj. Then δπ˜(i,j) = απ(i) − απ(j) if (i, j) is not an inversion of π and it is equal to −(απ(i) − απ(j)) if (i, j) is an inversion of π. Q Now let σ ∈ Gal(E/F ) and write ψ(σ) = πσ. Let ∆ = (i,j)∈P δ(i,j). Then

Y inv(πσ) Y inv(πσ) σ(∆) = (απσ(i) − απσ(j)) = (−1) δπ˜σ(i,j) = (−1) ∆. (i,j)∈P (i,j)∈P (Where inv(π) is the number of inversions of π, see Section 1.6.1.) Hence σ(∆2) = σ(∆)2 = ((−1)inv(πσ)∆)2 = ∆2. We conclude that ∆2 is fixed under all σ ∈ Gal(E/F ) so that ∆2 ∈ F . So the same holds for D(f) = γ2n−2∆2 where γ is the leading coefficient of f. Secondly it follows that σ(∆) = ∆ if and only if inv(πσ) is even. By definition that is the same as πσ ∈ An. It follows that ψ(Gal(E/F )) ⊂ An if and only if ∆ ∈ F . But the latter is obviously equivalent to D(f) being a square in F . 2

Remark 1.6.28 Note that when f has roots of multiplicity at least 2 then D(f) = 0 and in particular, D(f) ∈ F . 1.6 Solvability of polynomial equations by radicals 33

1.6.5 Casus irreducibilis

Let f ∈ Q[x] be of degree 3 with real roots. Then when using the known formulas for ﬁnding a root of f one invariably ﬁnds square roots of negative numbers along the way. This phenomenon was extensively studied by the bolognese mathematician Rafael Bombelli, who in the 1572 edition of his 3 book √L’Algebra looks at the following example. Let f = x − 15x − 4. The roots of f are 4 and −2 ± 3. However, the formulas give as one of the solutions √ √ 3 2 + 11i + 3 2 − 11i.

Bombelli noticed that (2 + i)3 = 2 + 11i, (2 − i)3 = 2 − 11i so that the sum above reduces to (2 + i) + (2 − i) = 4. As Bombelli put it: “Somma 4; e tanto vale la Cosa.” (The sum is 4 and that is the value of the thing.) Here we prove the “irreducible case”: if f is irreducible then there always must appear square roots of negative numbers in a radical expression for a root of f.

Lemma 1.6.29 Let F be a field of characteristic 0 and f ∈ F [x] be monic and irreducible of degree 3. Let E √⊃ F be a splitting field and write D = D(f). Let α ∈ E be one of the roots of f. Then E = F (α, D). Proof. Let β, γ ∈ E be the other two roots of f. Of course, α ∈ E and √ D = ±(α − β)(α − γ)(β − γ) √ also lies in E. Hence√ F (α, D) ⊂ E. Let K = F (α, D). We now show that β, γ ∈ K. First of all, in K[x] we have a factorization f = (x − α)g, where g ∈ K[x] is of degree 2. But g = (x − β)(x − γ). Hence β + γ ∈ K. Next we observe that g(α) = (α − β)(α − γ) also lies in K. So K contains √ D ±(α − β)(α − γ)(β − γ) = = ±(β − γ). g(α) (α − β)(α − γ) Since β + γ and β − γ both lie in K, so do β, γ. So K is a subfield of E containing F and the roots of f. It follows that K = E. 2

Lemma 1.6.30 Let F be a field and p a prime. Let a ∈ F . If the polynomial xp − a is reducible in F [x] then it has a root in F . Proof. We may assume a 6= 0. Let E ⊃ F be a splitting field of f = xp − a. Let α ∈ E be a root of f. Let β ∈ E be a second p β p root of f. Then α = 1 so that β = αω where ω ∈ E satisfies ω = 1. It follows that αω1, . . . , αωp p are the roots of f where ωi = 1. Suppose that f = gh with g, h ∈ F [x] and deg(g), deg(h) ≥ 1. Write k = deg(g); hence

g = (x − ωi1 α) ··· (x − ωik α). p k k Let ζ = ωi1 ··· ωik then ζ = 1 and the constant coeﬃcient of g is ±ζα . So ζα ∈ F . Moreover, gcd(p, k) = 1 and hence there are integers u, v with up + vk = 1 (Theorem 2.2.3(Alge- bra)). But (ζαk)p = (αp)k = ak hence

a = a1 = (au)p(ak)v = (au)p(ζαk)p = (auζαk)p.

We conclude that a = βp for a β ∈ F and f has a root in F . 2

Theorem 1.6.31 (Casus irreducibilis) Let f ∈ Q[x] be of degree 3 and irreducible. Suppose that f has three real roots. Let E ⊂ R be a splitting ﬁeld of f. Let K ⊃ E be a radical extension of Q contained in C. Then K is not contained in R. 34 Galois Theory

Note that the radical extension K exists by Theorem 1.6.22. Indeed, by the construction in Section 1.6.3 we see that the Galois group Gal(E/Q) is isomorphic to a subgroup of S3 which is solvable. Proof. Suppose that K ⊂ R. We will derive a contradiction from that. mi By deﬁnition we have a tower Q = F1 ⊂ F2 ⊂ · · · ⊂ Fm+1 = K with Fi+1 = Fi(αi) and αi ∈ Fi for 1 ≤ i ≤ m. We observe that we may assume that each mi is prime. Indeed, suppose that mi = ps where p is a prime and s > 1. Then we replace Fi ⊂ Fi+1 in the tower by Fi ⊂ Fi(β) ⊂ Fi+1 where s p s β = αi : we have β ∈ Fi and Fi+1 = Fi(β, αi) with αi ∈ Fi(β). Continuing this process we arrive at a longer tower where all exponents are prime.√ Let D be the discriminant√ of f. Since D ∈ K (by Lemma 1.6.29)√ we can also consider the intermediate ﬁelds Li = Q( D, α1, . . . , αi) for 0 ≤ i ≤ m (so L0 = Q( D)). This yields the tower

Q ⊂ L0 ⊂ L1 ⊂ · · · ⊂ Lm = K.

We note that f is irreducible in L0[x]. Indeed, otherwise f has a root β in L0√because f is of degree 3. But [Q(β): Q] = 3 because f is irreducible. Since D ∈ Q we have that [Q( D): Q] ≤ 2, and that is a contradiction (a field extension of degree 2 cannot contain an extension of degree 3). Now f is reducible in Lm[x]. Hence there is an i ≥ 0 such that f is irreducible in Li[x] but reducible p in Li+1[x]. Writing α = αi+1, p = mi+1 we have Li+1 = Li(α) with α ∈ Li where p is prime. p p 2 p−1 Set h = x − α ∈ Li[x]. The roots of h in C are α, ζα, ζ α, . . . , ζ α, where ζ ∈ C is a primitive p-th root of unity. If p = 2 then these are α, −α which are not contained in Li. If p > 2 then except α none of the roots of h are real, so that again we conclude that Li contains no root of h. By Lemma 1.6.30 we see that h is irreducible in Li[x]. Hence h is the minimal polynomial of α and [Li+1 : Li] = p. In particular, there are no intermediate fields M with Li ( M ( Li+1 (by the degree formula).√ Because f is reducible in Li+1[x] we have that Li+1 contains a root γ of f. But since E = Q( D, γ) (Lemma 1.6.29) we see that E is contained in Li+1. In particular, Li+1 contains all three roots of f, and therefore Li+1 contains a splitting field of f over Li. From the remark on the intermediate fields it now follows that Li+1 is a splitting field of f over Li. Also Li(γ) is an intermediate field and as γ 6∈ Li it follows that Li+1 = Li(γ). As f is irreducible in Li[x] it is the minimal polynomial of γ over Li. Hence [Li+1 : Li] = 3 and we have that p = 3. 2 Now we turn back to h. Its roots in C are α, ζα, ζ α. By hypothesis α is real, also implying that the other two are not real. But Li+1 is the splitting field of f over Li, and in particular the extension Li+1/Li is normal. Because h is irreducible and has a root in Li+1 it must have all its roots in Li+1. But that contradicts our assumption that K is contained in R. So we have obtained a contradiction, and it follows that K cannot be contained in R. 2 Chapter 2

Applications of Galois theory

2.1 The fundamental theorem of algebra

The so-called fundamental theorem of algebra states that every polynomial in C[x] has a root in C (or, in other words, that C is algebraically closed). This theorem has a long history and many proofs exist. Here we describe a proof using Galois theory. First we show that it is enough to prove that every polynomial in R[x] has a root in C. For z = x+iy ∈ C (with x, y ∈ R) letz ¯ = x−iy denote its complex conjugate. Then z 7→ z¯ is an automorphism m of C. We extend this to an autmorphism of C[x] by mapping a polynomial a0 + a1x + ··· + amx to m ¯ ¯ ¯ ¯ a¯0 +a ¯1x + ··· +a ¯mx . Let f ∈ C[x]; then ff = ff = ff so that ff ∈ R[x]. But if α ∈ C is a root of ff¯ then it has to be a root of f or of f¯. In the second caseα ¯ is a root of f. So if we know that every polynomial in R[x] has a root in C then the same follows for every polynomial in C[x]. Secondly we remark that every polynomial of degree 2 in C[x] has a root in C. Because of the quadratic formula this is equivalent to each element of C having a square root in C. So let 2 2 2 2 z = x + iy ∈ C, where x, y ∈ R. Furthermore (u + iv) = (u − v ) + 2uvi; hence z = (u + iv) with 2 2 p u, v ∈ R if and only if u − v = x, 2uv = y over R. Because x2 + y2 ≥ |x| there are u, v ∈ R with 1 1p 1 1p u2 = x + x2 + y2, v2 = − x + x2 + y2. 2 2 2 2 If we choose u to be positive and the sign of v equal to the sign of y then these u, v are solutions to the original equations, and hence z = (u + iv)2. Now let f ∈ R[x] and suppose that it has no roots in C. Let E/C be its splitting field over C. 2 Hence [E : C] > 1. Then E/R is the splitting field of the polynomial f(x + 1). Let G = Gal(E/R) and write |G| = 2sm with m odd. Now by Sylow’s theorem in group theory (see for example [DF04], s H §4.5, Theorem 18) there is a subgroup H of G of order 2 . Set K = E . Then [K : R] = m which is odd. Let α ∈ K, then the degree of the minimal polynomial of α over R is [R(α): R] which must be odd as well by the degree formula. It is an elementary fact of analysis that every polynomial of odd degree in R[x] has a root in R. Hence the minimal polynomial of α over R can only be irreducible if its degree is 1. Therefore we must have m = 1 and |G| = 2s. t Write G = Gal(E/C). Then G is a subgroup of G so that |G| = 2 for some t > 0. It can be shown that groups of prime power order are solvable (let P be such a group; one first shows that the centre Z of P is non-trivial ([DF04], §6.1, Theorem 1); then P/Z is solvable by induction, and as Z is solvable the same follows for P ). Hence by Theorem 1.6.14 G has a normal subgroup H with [G : H] = 2. Set H L = E . Then [L : C] = 2. Let α ∈ L \ C. Then its minimal polynomial over C has degree 2. As we have seen above, each such a polynomial has a root in C. Hence we have a contradiction and it follows that f has a root in C.

2.2 Proving that certain primitive functions are not elementary

R 3 1 4 R R x2 1 x2 We know, for example, that x dx = 4 x , sin(x) dx = − cos(x), xe dx = 2 e . However, we R x2 have never seen a nice expression for e dx. Of course, we can deﬁne the function p : R≥0 → R by 36 Applications of Galois theory

R x t2 R x2 0 x2 p(x) = 0 e dt with which we have e dx = p(x) (or, in other words, p (x) = e ). But by doing it this way we do not feel that we have really solved the problem because we define the solution in terms of an integral. Indeed, by writing R f(x) dx we ask for a primitive function of f(x), or, in other words, a function whose derivative is f(x). By using the function p we say nothing other than “a primitve of ex2 exists and it is called p”. In fact, we could use this “method” also in other cases, for example R x 3 0 3 1 4 defining q(x) = 0 t dt we also have that q (x) = x . Here it is obvious that the expression q(x) = 4 x gives much more information on the function q. Here we will show that for R ex2 dx there does not exist a “nice” expression. In order to prove this, and to arrive at a satisfactory definition of what a “nice” expression is, we will consider functions as formal objects, that is as elements of a field to which we can apply arithmetical operations. The only extra property, not generally satisfied by field elements, is that we have a notion of derivative, which also is a formal operation. For convenience all fields that we consider in this section are of characteristic 0.

Definition 2.2.1 A differential field is a field F together with an operation 0 : F → F (called the derivation of F ) such that (a + b)0 = a0 + b0 and (ab)0 = a0b + ab0 for all a, b ∈ F .

Example 2.2.2 Let z be an indeterminate over C and consider the ﬁeld p (z) = | p, q ∈ [z], q 6= 0 . C q C

0 d For we can take the “normal” dz , i.e., p0 p0q − pq0 = , q q2 where p0, q0 are deﬁned as in Section 4.7.1(Algebra). d We remark that it is possible to consider also other derivations, such as z dz .

0 Lemma 2.2.3 Let F be a diﬀerential ﬁeld with derivation . Then we have the following (for a, b, a1, . . . , an ∈ F ∗)

(i)1 0 = 0,

1 0 a0 (ii)( a ) = − a2 ,

a 0 a0b−ab0 (iii)( b ) = b2 , n 0 0 n−1 (iv)( a ) = na a for n ∈ Z,

ν1 νn 0 0 0 (a1 ···an ) a1 an (v) ν1 νn = ν1 a + ··· + νn a for all ν1, . . . , νn ∈ Z. a1 ···an 1 n Proof. Using Deﬁnition 2.2.1 we see that 10 = (1 · 1)0 = 10 · 1 + 1 · 10 = 10 + 10 implying that 10 = 0. 0 1 0 0 1 1 0 Therefore 0 = 1 = (a · a ) = a · a + a · ( a ) which implies (ii). a 0 1 0 0 1 b0 Continuing, ( b ) = (a · b ) = a · b + a · (− b2 ) from which we get (iii). n 1 −n The proof of (iv) for n > 0 is a straightforward induction. For n < 0 we write a = ( a ) . Since n 0 1 −n−1 a0 0 n−1 −n > 0 we see that (a ) = −n( a ) (− a2 ) = na a . ν1 ν2 0 0 ν1−1 ν2 The last statement is perhaps best proved ﬁrst for n = 2. Then we have (a1 a2 ) = ν1a1a1 a2 + ν1 0 ν2−1 ν2a1 a2a2 immediately implying the formula. The general case works in the same way. Alterna- tively it can be shown by induction on n. 2

Keep the notation of the previous lemma and set

C(F ) = {a ∈ F | a0 = 0}.

The lemma immediately implies that this is a subﬁeld of F . It is called the ﬁeld of constants of F . 2.2 Proving that certain primitive functions are not elementary 37

Let E,F be differential fields with F ⊂ E. Then we say that E is a differential field extension of F if E/F is a field extension and the restriction of the derivation of E to F is equal to the derivation of F (so, denoting the derivations of F and E by 0 and ∂ respectively, we have ∂(a) = a0 for all a ∈ F ). Let F be a differential field and E a differential field extension of F . Let t ∈ E. Then we say 0 a0 0 0 that t is the logarithm of a ∈ F if t = a and we say that t is the exponential of a ∈ F if t = a t. Furthermore, E is said to be an elementary extension of F if there is a tower of differential field extensions F = F1 ⊂ F2 ⊂ · · · ⊂ Fm+1 = E (2.2.1) with Fi+1 = Fi(ti) where ti ∈ Fi+1 is algebraic over Fi or the logarithm of an element of Fi or the exponential of an element of Fi (note the similarity with Definition 1.6.15). 0 d Let F = C(z) with derivation = dz (see Example 2.2.2). Let Ω ⊂ C be open and connected. A function f :Ω → C is said to be meromorphic if its singularities in Ω are poles, and every singularity is isolated. If f and g are two meromorphic functions on Ω then the sum f + g, product fg and quotient f/g are meromorphic again, the latter of course only if g 6= 0. Hence the set of meromorphic functions on Ω forms a field denoted M(Ω) (see [J93],¨ §4.2). If f is holomorphic on Ω then so is its derivative 0 f . Hence M(Ω) is a differential field. Moreover, the elements of F = C(z) are meromorphic on C so that M(Ω) is a differential extension of F . An elementary function is a meromorphic function δ :Ω → C where Ω is a connected open subset of C, such that F (δ) is an elementary extension of F (note that F (δ) is a well-defined subfield of M(Ω)).

Example 2.2.4 Here are some examples of elementary functions

r 1 e z2+1 , log(z3 − z − 1), sin(z).

eiz−e−iz Here the ﬁrst function is meromorphic on C \ {±i}. For the last one note that sin(z) = 2i . Now we have some technical facts on diﬀerential extensions.

Lemma 2.2.5 Let F be a differential field of characteristic 0 with derivation 0. Let E be an extension of F of finite degree. Then there exists a unique derivation ∂ of E with ∂(a) = a0 for all a ∈ F .

Proof. Let x be an indeterminate and consider the polynomial ring F [x]. Deﬁne two maps D0,D1 : F [x] → F [x] by

m m X i X 0 i D0( aix ) = aix i=0 i=0 m m X i X i−1 D1( aix ) = iaix . i=0 i=1

First suppose that a derivation ∂ as in the lemma exists. Then for f ∈ F [x] and α ∈ E we have ∂(f(α)) = D0(f)(α) + D1(f)(α)∂(α). Now let f be the minimal polynomial of α, then D1(f)(α) 6= 0 (as D1(f) has smaller degree) and hence

D (f)(α) ∂(α) = − 0 . D1(f)(α)

We see that ∂ is uniquely determined. Now we prove the existence of ∂. By the theorem of the primitive element (Theorem 1.2.7) we have E = F (α) for a certain α ∈ E. Let g ∈ F [x] and deﬁne Dg : F [x] → F [x] by Dg(f) = D0(f) + gD1(f). Then for f1, f2 ∈ F [x] we have

Dg(f1 + f2) = Dg(f1) + Dg(f2),Dg(f1f2) = Dg(f1)f2 + f1Dg(f2), 38 Applications of Galois theory

because these relations hold with D0 and D1 in place of Dg. Now let f ∈ F [x] be the minimal D0(f)(α) polynomial of α and set β = − . Because E = F (α) there is a g0 ∈ F [x] with g0(α) = β. But D1(f)(α) then Dg0 (f)(α) = 0.

Let γ ∈ E then γ = h(α) for a certain h ∈ F [x]. Then we set ∂(γ) = Dg0 (h)(α). We need to check that this is independent of the choice of h. So let hˆ ∈ F [x] be a second polynomial with hˆ(α) = γ. Then (h − hˆ)(α) = 0 so that f divides h − hˆ (Proposition 4.3.4(Algebra)), or h = hˆ + qf for some ˆ ˆ q ∈ F [x]. But then Dg0 (h) = Dg0 (h) + Dg0 (q)f + qDg0 (f) and it follows that Dg0 (h)(α) = Dg0 (h)(α).

So ∂ is well-defined. The relations satisfied by Dg0 show that ∂ is a derivation of E. It obviously satisfies the required property. 2

Lemma 2.2.6 Let F be a differential field and E a differential extension of F of finite degree. Denote the derivation of both fields by 0. Let σ ∈ Gal(E/F ). Then σ(α0) = σ(α)0 for all α ∈ E. Proof. Define ∂ : E → E by ∂(α) = σ−1(σ(α)0). It is straightforward to check that ∂ is a derivation of E. For a ∈ F we have ∂(a) = a0, so that by the uniqueness part of Lemma 2.2.5 it follows that ∂ =0. Hence α0 = σ−1(σ(α)0) for all α ∈ E. By applying σ to both sides we get the result. 2

Proposition 2.2.7 Let E be a differential extension of the differential field F , and let the derivation of both fields be denoted 0. We suppose that the field of constants of E is equal to the field of constants of F . Let α ∈ E be transcendental over F .

0 n (i) Suppose that α ∈ F . Let f = anx + ··· + a0 ∈ F [x] be a polynomial of degree n > 0. There is 0 a g ∈ F [x] with f(α) = g(α). Moreover deg(g) = n if an is not a constant and deg(g) = n − 1 if an is a constant.

α0 (ii) Suppose that α ∈ F . Let f ∈ F [x] be of degree > 0. Then there is a g ∈ F [x] with deg(g) = 0 n deg(f) and f(α) = g(α). Moreover, g = µf for a certain µ ∈ F if and only if f = anx , an ∈ F .

0 0 n 0 0 n−1 Proof. We start with (i). Using Lemma 2.2.3 we see that f(α) = anα + (nanα + an−1)α + ··· . 0 0 Hence g exists. If an 6= 0 (that is, an is not a constant) then deg(g) = n. Suppose that an = 0. If 0 0 0 nanα + an−1 = 0 as well then (nanα + an−1) = 0 and by the hypothesis on the ﬁelds of constants it follows that nanα + an−1 ∈ F . But that implies α ∈ F contrary to the hypothesis that α is 0 0 transcendental over F . Hence nanα + an−1 6= 0 and we have deg(g) = n − 1. α0 For (ii) write α = γ ∈ F . Then for a ∈ F , a 6= 0 we have (aαn)0 = (a0 + naγ)αn.

If a0 + naγ = 0 then (aαn)0 = 0 and aαn ∈ F contrary to the hypothesis on α. Hence (aαn)0 = bαn for n a certain b ∈ F . Hence g exists. It is also obvious that if f = anx then g = µf. Conversely, suppose k l that g = µf and that f has more than one monomial. Then we can write f = akx + alx + ··· 0 k 0 l where ak, al 6= 0. Also from the above it follows that g = (ak + kakγ)x + (al + lalγ)x + ··· . So 0 0 0 0 0 0 ak α al α a + kakγ = µak and a + lalγ = µal, so that + k = + l . A small computation shows that k l ak α al α this is entails k 0 akα l = 0. alα But that implies that the term in brackets lies in F , contrary to the hypothesis on γ. We conclude n that f = anx . 2

Now we have a short intermezzo on partial fraction decompositions of rational functions. We start with a lemma treating a special case, followed by the main theorem.

Lemma 2.2.8 Let F be a ﬁeld and f, p ∈ F [x] with deg(p) > 0 and deg(f) < s deg(p) for some s > 0. f a1 a2 as Then there are unique ai ∈ F [x] with deg(ai) < deg(p) and ps = p + p2 + ··· + ps . 2.2 Proving that certain primitive functions are not elementary 39

Proof. The existence of the ai follows from the division with remainder theorem (Proposition 2.3.8(Al- gebra)). Indeed, deﬁne q0 = f, and for i ≥ 1, supposing that q0, . . . , qi−1 have been deﬁned, let qi, as+1−i be the unique elements of F [x] with qi−1 = qip + as+1−i and deg(as+1−i) < deg(p). The sequence stops when i = m with qm = 0. Then for j ≥ 1 we have

j−1 j X k f = qjp + as−kp . k=0

Let 0 ≤ t < s be such that t deg(p) ≤ deg(f) < (t + 1) deg(p). Then qt+1 = 0 and f = as + as−1p + t s ··· + as−tp . Dividing by p we see that the ai exist. Secondly, if we have ai as in the lemma, then it is clear that as+1−i is the remainder of qi−1 upon division by p. Therefore it is uniquely determined. 2

n1 nr Theorem 2.2.9 Let f, g ∈ F [x] with deg(g) > 0. Write g = p1 ··· pr , where the pi are irreducible and distinct. Then there are unique h, ai,j ∈ F [x] with deg(ai,j) < deg(pi) and

r ni f X X ai,j = h + . g j i=1 j=1 pi

Proof. Let g1, g2 ∈ F [x] be such that gcd(g1, g2) = 1. Then there are a, b ∈ F [x] with ag1 + bg2 = 1 (Theorem 2.3.11(Algebra)). Hence f = fb + fa . Applying this repeatedly we see that there are g1g2 g1 g2 f f1 fr ni fi ∈ F [x] with g = n1 + ··· + nr . Write fi = hipi + vi, where hi, vi ∈ F [x] and deg(vi) < ni deg(pi). p1 pr vi Setting h = h1 + ··· + hr and applying the previous lemma to the quotients ni we see that the pi polynomials of the theorem exist. ai,j Now we come to the uniqueness part. Note that g j is a polynomial of degree < deg(g). So pi multiplying by g we see that h is a quotient of f upon division by g. Hence h is uniquely determined. By taking all terms with denominator equal to a power of pi together and putting them in a single fraction we get bi ∈ F [x] with deg(bi) < deg(pi) and

r f X bi − h = . g pni i=1 i

We ﬁrst show that these bi are uniquely determined. Suppose that

r r X bi X ci = . pni pni i=1 i i=1 i

g Fix j with 1 ≤ j ≤ r and set q = nj . Then pj

r X bi bj X bi bj u ni = nj + ni = nj + q pi p pi p i=1 j i6=j j

Pr ci cj v nj for some u ∈ F [x]. Similarly, n = n + for some v ∈ F [x]. Then (b − c )q = (v − u)p . i=1 p i j q j j j i pj nj nj But since gcd(pj , q) = 1 this implies that pj divides bj − cj which, because of the degrees, implies that bj − cj = 0. It follows that the bi are uniquely determined. We now get the uniqueness of the ai,j by applying bi the previous lemma to the quotient ni . 2 pi

Theorem 2.2.10 Let F be a differential field with derivation 0. Let a ∈ F and suppose that there exists an elementary extension E of F , with the same field of constants, and such that there exists a 40 Applications of Galois theory

0 y ∈ E with y = a. Then there are c1, . . . , cn, u1, . . . , un, v in F , where c1, . . . , cn are constants and such that n X u0 a = c i + v0. i u i=1 i

Proof. By definition there exists a tower of differential extensions F = F1 ⊂ · · · ⊂ Fm+1 = E as in (2.2.1). We use induction on m ≥ 0. If m = 0 then E = F and we can take ci = 0, ui = 1, v = y. Now suppose m ≥ 1 and and that the theorem holds when the tower consists of m fields. Applying the induction hypothesis to the tower F2 ⊂ · · · ⊂ Fm+1 = E we see that there are c1, . . . , cn, u0 u , . . . , u , v ∈ F such that a = Pn c i + v0. Moreover F = F (α) where α is algebraic over F or 1 n 2 i=1 i ui 2 it is the logarithm or the exponential of an element of F . Accordingly we distinguish three cases. Case I: α is algebraic over F . Then there exist f1, . . . , fn, g ∈ F [x] with ui = fi(α), v = g(α). (Note that ci ∈ F because they are constants.) Let K ⊃ F2 be the splitting field of the minimal polynomial of α over F . By Lemma 2.2.5 there exists a unique derivation (which we also denote 0) of K extending the derivation of F . Write G = Gal(K/F ) and let β1, . . . , βs be the distinct elements of {σ(α) | σ ∈ G}. Fix a βj and let σ ∈ G be such that σ(α) = βj. Using Lemma 2.2.6 we see that 0 0 0 σ(fi(α) ) = σ(fi(α)) = fi(βj) . So because σ(a) = a we get

n 0 X fi(βj) a = c + g(β )0. i f (β ) j i=1 i j

1 Ps Applying s j=1 to both sides and using Lemma 2.2.3(v) we obtain

n 0 0 X ci (fi(β1) ··· fi(βs)) g(β1) + ··· + g(βs) a = + . s f (β ) ··· f (β ) s i=1 i 1 i s

As fi(β1) ··· fi(βs) and g(β1) + ··· + g(βs) are ﬁxed by all elements of G they lie in F . Hence we have found an expression of the required form. Now we have a small intermezzo concerning some generalities on the case where α is transcendental f(α) over F . In that case for each w ∈ F (α) there are f, g ∈ F [x] with gcd(f, g) = 1 and w = g(α) .A w0 f(α)0 g(α)0 small calculation shows that w = f(α) − g(α) . So we may assume that there exist polynomials fi ∈ F [x] such that ui = fi(α). Furthermore, because of Lemma 2.2.3(v) we may assume that the fi are irreducible and monic. By the partial fractions theorem (Theorem 2.2.9) there are h, pj, qj ∈ F [x] with qj monic and irreducible, deg(pj) < deg(qj) and

t X pj(α) v = h(α) + . qrj (α) j=1 j

We say that this is the partial fractions expansion of v. 0 b0 Case II: α is transcendental and the logarithm of b ∈ F . The latter means that α = b . In 0 particular α ∈ F . So by Proposition 2.2.7(i) we have that there is a ki ∈ F [x] with deg(ki) = deg(fi)−1 0 0 ui ki(α) ki ki and fi(α) = ki(α). Hence = . Moreover, the partial fractions expansion of is simply . ui fi(α) fi fi pj (α) Now if rj appears in the partial fractions expansion of v, then the partial fractions expansion of qj (α) 0 rj +1 v contains a fraction with denominator qj (α). But rj + 1 ≥ 2 so such a fraction can never cancel u0 against a a ki(α) . Furthermore P i + v0 ∈ F . Hence the partial fractions expansion of v cannot have fi(α) i ui ki(α) such terms, whence v = h(α). But then we cannot have deg(fi) > 0 as otherwise the fraction fi(α) 0 does not cancel. It follows that ui ∈ F for all i. But then also v ∈ F so that v = dα + e for certain u0 0 d, e ∈ F . Hence α = Pn c i + d b + e0 is an expression of the required form. i=1 i ui b α0 0 Case III: α is transcendental and the exponential of b ∈ F . Then α = b . From Proposition 2.2.7(ii) we get that if f ∈ F [x] is monic, irreducible, and f 6= x then f(α)0 is a polynomial in α u0 of the same degree, and it is not a scalar multiple of f(α). Hence i = ki(α) where in this case ui fi(α) 2.3 Galois descent 41 deg(k ) = deg(f ). So if f 6= x then the partial fractions expansion of ki is of the form m + li where i i i fi i fi u0 m ∈ F and l ∈ F [x], deg(l ) < deg(f). On the other hand, if f = x then i = b0 ∈ F . Again, if in i i i i ui pj (α) the partial fractions decomposition of v we have a term rj with qj 6= x, then in the partial fractions qj (α) 0 rj +1 decomposition of v we will have a term with denominator qj (α), which cannot cancel against any 0 ui P j of the . It follows that we can only have qj = x and therefore v = ajt where aj ∈ F . But ui j∈Z u0 then we also must have u ∈ F if f 6= x. In particular i ∈ F for all i so that v0 ∈ F as well. Note i i ui j 0 j that (ajα ) = bjα for a certain bj ∈ F which cannot be zero because α is transcendental. Therefore we must have v ∈ F . If every ui lies in F then we are done. But if one ui, say u1, is equal to α then 0 u0 u0 we have α = c α +Pn c i +v0 = Pn c i +(c b+v)0 and again we have the required expression. 2 1 α i=2 i ui i=2 i ui 1

R g Theorem 2.2.11 (Liouville) Let f, g ∈ C(z). Then fe dz is elementary if and only if there is an 0 0 a ∈ C(z) with f = a + ag . Proof. Firstly, if such an a exists then R feg dz = aeg. g R g For the other implication let E = C(z, t) where t = e . Suppose that fe dz is elementary. By deﬁnition that means that there exists an elementary extension of E containing an element y with 0 y = ft. By the previous theorem it follows that there are c1, . . . , cn ∈ C, u1, . . . , un, v ∈ E with n X u0 tf = c i + v0. i u i=1 i

0 Set F = C(z). Then E = F (t) and t = gt. We now perform exactly the same analysis as in the third case of the proof of Theorem 2.2.10. Again we obtain that v = P b tj and u ∈ F or u = t for j∈Z j i i 0 0 P 0 0 j Pn ui precisely one i. Then v = (b + jg bj)t and ci ∈ F . Hence j∈Z j i=1 ui

n 0 X ui 0 X 0 0 j tf = ( ci + b0) + (bj + jg bj)t . ui i=1 j6=0

It follows that the ﬁrst term has to be zero, whereas each term in the second summation is zero except 0 0 0 0 for j = 1. Hence tf = (b1 + g b1)t from which it follows f = b1 + b1g and we see that we can take a = b1. 2

Corollary 2.2.12 R ez2 dz is not elementary. Proof. We apply the previous theorem with f = 1, g = z2. According to the theorem the integral is 0 p elementary if and only if there is an a ∈ C(z) with 1 = a + 2az. Write a = q with p, q ∈ C[z] and gcd(p, q) = 1. Then a0 + 2az = 1 amounts to p0q − q0p + 2zpq = q2. It follows that q|q0p, which because p, q are coprime, implies that q|q0 and hence q = 1. So a = p is a polynomial. But then we cannot have a0 + 2az = 1 because deg(2az) = deg(a0) + 2. 2

2.3 Galois descent

In this section we let E/F be a Galois extension of ﬁnite degree. Let V be a vector space over E. Then V is also a vector space over F .A U ⊂ V is said to be an F -subspace if u+v ∈ U for all u, v ∈ U and αu ∈ U for all α ∈ F , u ∈ U (that is, if U is a subspace of V when the latter is considered as a vector space over F ).

2 Example 2.3.1 Let E = C, F = R, V = C , whose elements we write as row vectors. Let U1 be the R-subspace spanned by (1, i), (1, −i). Let U2 be the R-subspace spanned by (1, 1), (i, i). Both 42 Applications of Galois theory spaces (as vector spaces over R) have dimension 2. For i = 1, 2 let CUi denote the vector space over C spanned by the same vectors as Ui. Then we see that dim CU1 = 2 whereas dim CU2 = 1. We express this by saying that U1 is an R-form of V , whereas U2 is not.

Deﬁnition 2.3.2 The F -subspace U of V is called an F -form of V if there is a basis of U that is also a basis of V .

By the next lemma, if there is a basis of U that is not a basis of V then U is not an F -form of V .

Lemma 2.3.3 Let V be a vector space over E and U an F -form of V . Then every basis of U is also a basis of V .

Proof. Let u1, u2,... be a basis of U that is also a basis of V . Let v1, v2,... be a second basis of U. Let v ∈ V then v is a linear combination (with coeﬃcients in E) of some of the ui. Writing these as linear combinations of the vj we see that v is a linear combination of the vj. Consider v1, . . . , vm for some m ≥ 1. There is an n such that each vi lies in the space (over F ) Pn spanned by u1, . . . , un. Write vi = j=1 cijuj with cij ∈ F . Set ci = (ci1, . . . , cin). Then the vectors ci are linearly independent over F . By elementary linear algebra that implies that they are linearly independent over E. But that means that v1, . . . , vm is linearly indepedent over E. It follows that v1, v2,... is a basis of V . 2

Constructing F -forms of V is called descent. The main question is which F -forms a given V can have. Of course, this depends very strongly on the given data (E, F , V ). This question is most interesting if the vector spaces have an extra structure, for example that of an algebra. But for the moment we will just focus on vector spaces. Let V be a vector space over E and let U be an F -form of V . Let u1, u2,... be a basis of U over F . Then by Lemma 2.3.3 this is a basis of V as well. Write G = Gal(E/F ). Then for σ ∈ G we P P define a map Tσ : V → V by Tσ( i αiui) = i σ(αi)ui (where, if the set of ui is infinite, all but a finite number of the αi are zero). This map does not depend on the choice of the basis. Indeed, let 0 v1, v2,... be a second basis of U over F and let Tσ be the corresponding map. There are δij ∈ F with P ui = j δijvj. Hence

0 X 0 X X X X X X X X Tσ( αiui) = Tσ( ( αiδij)vj) = σ(αiδij)vj = σ(αi)δijvj = σ(αi)ui = Tσ( αiui). i j i j i j i i i

The maps Tσ have the following properties:

Tσ(u + v) = Tσ(u) + Tσ(v) for σ ∈ G, u, v ∈ V

Tσ(αu) = σ(α)Tσ(u) for σ ∈ G, u ∈ V, α ∈ E (2.3.1) Tσ ◦ Tτ = Tστ for σ, τ ∈ G

T1 = IV .

(Here IV denotes the identity map on V .) Moreover, we obviously have U = {u ∈ V | Tσ(u) = u for all σ ∈ G}. Hence we have the following lemma.

Lemma 2.3.4 Let V be a vector space over E and let U be an F -form of V . Then there is a set of maps {Tσ : V → V | σ ∈ G} with (2.3.1) such that U = {u ∈ V | Tσ(u) = u for all σ ∈ G}.

We also have the converse of this. In order to prove it we need a lemma on Galois extensions that is of independent interest.

Lemma 2.3.5 Let E/F be a Galois extension of ﬁnite degree n. Write Gal(E/F ) = {σ1, . . . , σn} and let α1, . . . , αn ∈ E be a basis of E over F . Then the matrix (σi(αj))1≤i,j≤n is invertible. 2.3 Galois descent 43

Proof. Consider the system of linear equations  σ (α )x + σ (α )x + ··· + σ (α )x = 0  1 1 1 1 2 2 1 n n   σ2(α1)x1 + σ2(α2)x2 + ··· + σ2(αn)xn = 0 .  .   σn(α1)x1 + σn(α2)x2 + ··· + σn(αn)xn = 0 The given matrix is invertible if and only if this system only has the trivial solution. So suppose that there are nontrivial solutions, and let (λ1, . . . , λn) be such a solution with the minimal number of nonzero coordinates. We may assume that λ1, . . . , λr 6= 0, λr+1, . . . , λn = 0. After dividing we may assume that λ1 = 1. Not all λi are in F as otherwise the αi are linearly dependent over F (note that there is a j such that σj is the identity). So we may assume that λ2 6∈ F . As E/F is Galois there is a σj with σj(λ2) 6= λ2. We have the equations

σi(α1) + σi(α2)λ2 + ··· + σi(αr)λr = 0 for 1 ≤ i ≤ n. (2.3.2)

To thse equations we apply σj and use the fact that σjσi = σk and σk runs over Gal(E/F ) if σi does so. Therefore we also have

σk(α1) + σk(α2)σj(λ2) + ··· + σk(αr)σj(λr) = 0 for 1 ≤ k ≤ n. (2.3.3) Now we subtract (2.3.3) for k = i from (2.3.2) and we see that we get a nontrivial solution with fewer nonzero coordinates. This is a contradiction and the lemma is proved. 2

Lemma 2.3.6 Let V be a vector space over E. Let {Tσ | σ ∈ G} be a set of maps Tσ : V → V satisfying (2.3.1). Set U = {u ∈ V | Tσ(u) = u for all σ ∈ G}. Then U is an F -form of V . Proof. It is immediate that U is an F -subspace of V . P Let v ∈ V . Then for α ∈ E we set vα = σ∈G σ(α)Tσ(v). Then vα ∈ U because for τ ∈ G we P have Tτ (vα) = σ∈G τσ(α)Tτσ(v), which is equal to vα. Let α1, . . . , αn ∈ E be a basis of E over F . Write G = {σ1, . . . , σn}. By Lemma 2.3.5 the matrix A = (σj(αi))1≤i,j≤n is invertible. Furthermore Pn we have vαi = j=1 σj(αi)Tσj (v), so the inverse of the matrix A allows us to express the Tσi (v) as

E-linear combinations of the vαi . Since there is an i with σi = 1 we see in particular that v itself is an E-linear combination of the vαi . But the latter lie in U. Hence V is spanned by the elements of U. Let u1, u2,... be a basis of U and suppose that it is linearly dependent over E. Let v1, . . . , vr be a E-linearly dependent subset of the ui of smallest cardinality. (In other words, there are no sets of ui of cardinality < r that are E-linearly dependent.) By hypothesis there are λi ∈ E such that λ1v1 + ··· + λrvr = 0. By the minimality of r no λi can be zero, and after dividing we have λ1 = 1. At least one λi does not lie in F ; we may assume that λ2 6∈ F . Then there is a σ ∈ G with σ(λ2) 6= λ2. After applying Tσ to the above relation we get

v1 + σ(λ2)v2 + σ(λ3)v3 + ··· + σ(λr)vr = 0.

So after subtracting we get a nontrivial linear dependency (λ2 − σ(λ2))v2 + ··· + (λr − σ(λr))vr = 0. But this involves fewer than r elements, and hence we have a contradiction. 2

Theorem 2.3.7 Let V be a vector space over E. There is a bijection between the set of F -forms of V and the set of sets of maps {Tσ : V → V | σ ∈ G} satisfying (2.3.1). Proof. The maps between these sets are given by Lemma’s 2.3.4, 2.3.6. Lemma 2.3.4 also says that if we start with an F -form U and consider the corresponding set of transformations {Tσ}, then the F -form corresponding to that set is precisely U. Secondly, let {Tσ} be a set of transformations with (2.3.1) and let U be the corresponding F -form. Let u1, u2,... be a basis of U. Then the transfor- 0 P P 0 mations corresponding to U are deﬁned by Tσ( i αiui) = i σ(αi)ui. But then obviously Tσ = Tσ. 2 44 Applications of Galois theory

As an application we sketch the a theorem from algebraic geometry. Let R = E[x1, . . . , xn], V = En. Then for a subset A ⊂ R we consider the set of the common zeros V(A) = {v ∈ V | f(v) = 0 for all f ∈ A}. This is called an affine variety. It is clear that V(A) = V(I), where I is the ideal of R generated by A. Secondly, given a set X ⊂ V we define its vanishing ideal I(X) = {f ∈ R | f(v) = 0 for all v ∈ X}. An affine variety X = V(A) is said to be defined over F if I(X) is generated (as ideal) by polynomials in F [x1, . . . , xn]. Note that G acts on V by σ · (v1, . . . , vn) = (σ(v1), . . . , σ(vn)).

Theorem 2.3.8 X = V(A) is deﬁned over F if and only if σ(X) ⊂ X for all σ ∈ G.

Proof. Suppose that X is defined over F . Set I = I(X); then also X = V(I). Let f ∈ F [x1, . . . , xn] be a generator of I. Because f has coefficients in F we see that for σ ∈ G and v ∈ V we have f(σ · v) = σ(f(v)). Hence if v ∈ X we get f(σ(v)) = σ(f(v)) = σ(0) = 0. Because this holds for all f ∈ I we obtain σ(v) ∈ X. Now suppose that σ(X) ⊂ X for all σ ∈ G. As σ ∈ G is invertible this implies that σ(X) = X for all σ ∈ G. For σ ∈ G and f ∈ R we let Tσ(f) be the polynomial obtained from f by letting σ act on the coefficients of f. Then the maps {Tσ} satisfy (2.3.1). Furthermore, for v ∈ V and f ∈ R we have σ(f(v)) = Tσ(f)(σ · v). Let v ∈ X and σ ∈ G and let w ∈ X be such that w = σ(v). Then for f ∈ I we have 0 = σ(f(v)) = Tσ(f)(w). So since w runs through all of X if v does so, we see that Tσ(f) ∈ I. Because the Tσ are invertible we get that Tσ(I) = I for all σ ∈ G. Hence by Theorem 2.3.7, {f ∈ I | Tσ(f) = f for σ ∈ G} is an F -form of I. On the other hand it is clear that this is I ∩ F [x1, . . . , xn]. In particular it follows that I ∩ F [x1, . . . , xn] generates I, and therefore X is defined over F . 2

Now we have a look at F -forms of algebras. An algebra over a ﬁeld K is a vector space A over K together with a bilinear map m : A × A → A. The map m is called the multiplication and often we write a · b (or simply ab) instead of m(a, b). The algebra A is called associative if a · (b · c) = (a · b) · c for all a, b, c ∈ A. One of the main examples of associative algebras are the matrix algebras Mn(K) consisting of the n × n-matrices with coeﬃcients in K. Here the product is the ordinary matrix product. Let A be an algebra over E. An F -form of A is an F -form of the vector space A that is closed under taking products.

Example 2.3.9 Consider the algebra M2(C). Then M2(R) is a R-form of it. Let H be the R-span of the following matrices 1 0 i 0 0 −1 0 −i , , , . 0 1 0 −i 1 0 −i 0 It is straightforward to show that H is closed under taking products (it is enough to check that the product of two basis elements again lies in H). Moreover, the given matrices obviously form a basis of M2(C). So H is another R-form of M2(C). We have that H is the algebra of quaternions. It is not isomorphic to M2(R) (that is, there is no bijective linear map ψ : M2(R) → H with ψ(XY ) = ψ(X)ψ(Y ) for all X,Y ∈ M2(R)). This can be proved by showing that every nonzero element in H has a multiplicative inverse, whereas M2(R) obviously does not have that property. k Let U ⊂ A be an F -form of A. Let u1, u2,... be a basis of U, then there are γij ∈ F with P k k ui · uj = k γijuk (where, as always, only a ﬁnite number of the γij are non-zero). For σ ∈ G deﬁne, P P P P as before, Tσ : A → A by Tσ( i ciui) = i σ(ci)ui. Let a = i αiui, b = j βjuj be two elements of P P k A (so αi, βj ∈ E); then a · b = k i,j αiβjγij uk and therefore   !   X X k X X Tσ(a · b) =  σ(αi)σ(βj)γij uk = σ(αi)ui ·  σ(βj)uj = Tσ(a) · Tσ(b). k i,j i j 2.4 Galois cohomology 45

So the Tσ corresponding to U are multiplicative, that is, they satisfy Tσ(a · b) = Tσ(a) · Tσ(b) for all a, b ∈ A. Conversely, let {Tσ} be a set of multiplicative maps A → A with (2.3.1). Let U = {a ∈ A | Tσ(a) = a for all σ ∈ G} (i.e., U is the vector space F -form of A corresponding to {Tσ}). From the multiplicativity of the Tσ it now immediately follows that U is closed under taking products, and therefore is an F -form of A. We conclude that the F -forms of A correspond bijectively to the sets of multiplicative maps {Tσ} satisfying (2.3.1). Now let U, V be two F -forms of A corresponding to the maps {Tσ}, {Sσ} respectively. Let ψ : U → V be an isomorphism; that is ψ is a bijective F -linear map respecting the multiplication. P P 0 −1 Extend ψ to a map ψ : A → A by ψ( i γiui) = i γiψ(ui), where γi ∈ E. Set Sσ = ψTσψ . Then 0 0 0 the Sσ satisfy (2.3.1) and are multiplicative. Hence V = {a ∈ A | Sσ(a) = a for all σ ∈ G} is an 0 −1 −1 F -form of A. But Sσ(a) = a (for all σ) is equivalent to Tσ(ψ (a)) = ψ (a) (for all σ), which is equivalent to ψ−1(a) ∈ U, which in turn is equivalent to a ∈ V . We see that V 0 = V and therefore 0 −1 Sσ = Sσ by Theorem 2.3.7. Conversely, if ψ is an automorphism of A with Sσ = ψTσψ for all σ ∈ G then it is immediate that ψ maps U onto V and therefore restricts to an isomorphism ψ : U → V . The conclusion is that the F -forms U, V are isomorphic if and only if there is an automorphism ψ of −1 A such that Sσ = ψTσψ for all σ ∈ G.

2.4 Galois cohomology

Galois cohomology offers another perspective on classification problems like the one considered at the end of the previous section. There it is shown that classfying all F -forms of a given algebra A over E up to isomorphism is equivalent to classifying, up to conjugacy by the group Aut(A), all sets of maps {Tσ | σ ∈ G} that are multiplicative and satisfy (2.3.1). However, dealing with these maps is not so easy because they are not linear, indeed, we have Tσ(αa) = σ(α)Tσ(a) for σ ∈ G, α ∈ E, a ∈ A. Galois cohomology provides a way of dealing with sets like the ones above, with the difference that the elements are automorphisms.

Example 2.4.1 Consider the set up of Example 2.3.9. Let G = Gal(C/R) and write G = {1, γ}, where γ denotes complex conjugation, γ(z) =z ¯ for z ∈ C. Let Γ : M2(C) → M2(C) be the map deﬁned by a b a¯ ¯b Γ = . c d c¯ d¯

Then G acts on Aut(M2(C)) by γ ·ψ = ΓψΓ (indeed, we have γ ·(γ ·ψ) = ΓΓψΓΓ = ψ). Let {T1,Tγ} be a set of multiplicative maps with (2.3.1) and deﬁne α : G → Aut(M2(C)) by α(1) = Id, α(γ) = TγΓ. Then it is straightforward to see that

α(στ) = α(σ)(σ · α(τ)) for all σ, τ ∈ G. (2.4.1)

2 Conversely, let α : G → Aut(M2(C)) satisfy (2.4.1). Then α(1) = α(1 · 1) = α(1)1 · α(1) = α(1) , implying that α(1) = Id. Secondly, from α(γγ) = α(γ)γ ·α(γ) it follows that (α(σ)Γ)2 = Id. Therefore putting T1 = Id, Tγ = α(γ)Γ we obtain a set of multiplicative maps {Tσ : M2(C) → M2(C) | σ ∈ G} with (2.3.1). 0 −1 −1 Furthermore, if α : G → Aut(M2(C)) is the map corresponding to the set {ψT1ψ , ψTγψ } (where ψ ∈ Aut(M2(C))) then

α0(σ) = ψα(σ)(σ · ψ−1) for all σ ∈ G. (2.4.2)

0 Conversely, let α, α : G → Aut(M2(C)) be two maps with (2.4.1) and suppose that the relation (2.4.2) 0 0 0 0 −1 holds. Set T1 = T1 = Id and Tγ = α(γ)Γ, Tγ = α (γ)Γ. Then Tσ = ψTσψ for all σ ∈ G. We conclude that the R-forms of M2(C) correspond to maps α : G → Aut(M2(C)) with (2.4.1). 0 Furthermore, two R-forms, corresponding to the maps α, α , are isomorphic if and only if the relation (2.4.2) holds. 46 Applications of Galois theory

Now we take a step back and consider a more general situation. Let G be a ﬁnite group. Let A be a group on which G acts by homomorphisms. That means that we have a map G × A → A, (σ, a) 7→ σ · a as in Section 3.5(Algebra), and for each σ ∈ G the map A → A, a 7→ σ · a is a group homomorphsim (i.e., σ · (ab) = (σ · a)(σ · b) for all a, b ∈ A). Then a 1-cocyle with values in A is a map α : G → A with α(στ) = α(σ)(σ · α(τ)) for all σ, τ ∈ G. (2.4.3)

By Z1(G, A) we denote the set of all 1-cocycles with values in A. We remark the following:

If α is a 1-cocycle then α(1) = α(1 · 1) = α(1)(1 · α(1)) = α(1)2 implying α(1) = 1 (where the second 1 denotes the neutral element of A).

The map α : G → A with α(σ) = 1 for all σ ∈ G is a 1-cocycle, called the trvial cocycle. In the sequel we denote it by 1.

Let α ∈ Z1(G, A) and a ∈ A. Deﬁne αa : G → A by αa(σ) = aα(σ)(σ · a−1) (compare (2.4.2)). Then a short calculation shows that αa is a 1-cocycle as well.

Two 1-cocycles α, α0 ∈ Z1(G, A) are said to be cohomologous if there is an a ∈ A with α0 = αa. 0 1 0 a In this situation we write α ∼ α . This is an equivalence relation. (Indeed: α = α . If α = α then α = (α0)a−1 . If α0 = αa, α00 = (α0)b, then α00 = αba.) The set of equivalence classes is denoted H1(G, A) and called the first cohomology set of G with coefficients in A. One problem with these cohomolgy sets is that they are difficult to compute. A generalization of a famous theorem of Hilbert gives these sets for an important class of groups.

Theorem 2.4.2 (Hilbert 90) Let E/F be a Galois extension of ﬁnite degree, G = Gal(E/F ). Note that G acts naturally on the matrix group GL(n, E) (by letting a σ ∈ G act on the coeﬃcients of a matrix in GL(n, E)). We have that H1(G, GL(n, E)) = 1 (where the latter denotes the set consisting of the class of the trivial coclycle only).

n Proof. Set U = E . Let u ∈ U and write u = (u1, . . . , un). Then for a σ ∈ G we set σ · u = 1 α α (σ(u1), . . . , σ(un)). Let α ∈ Z (G, GL(n, E)) and for σ ∈ G deﬁne the map Tσ : U → U by Tσ (u) = α α(σ)(σ · u). It is straightforward to see that the set {Tσ | σ ∈ G} satisﬁes (2.3.1). Hence

α α U = {u ∈ U | Tσ (u) = u for all σ ∈ G}

α is an F -form of U (Lemma 2.3.6). Let v1, . . . , vn be an F -basis of U . Let P ∈ GL(n, E) be the matrix α with columns v1, . . . , vn. For σ ∈ G the matrix σ · P has columns σ · v1, . . . , σ · vn. But vi ∈ U , so that for σ ∈ G we have α vi = Tσ (vi) = α(σ)(σ · vi), which implies that P = α(σ)(σ · P ) (a product of two elements in GL(n, E)). But then

P −1 −1 −1 α (σ) = P α(σ)(σ · P ) = P P = IU .

We conclude that α is cohomologous to the trivial cocycle. 2

Deﬁnition 2.4.3 A pointed set is a set S with a ﬁxed distinguished element s ∈ S, which is called the base point of S. Let S, T be pointed sets with base points s, t respectively. A map of pointed sets is a map f : S → T with f(s) = t. Its kernel is ker(f) = {x ∈ S | f(x) = t}.

Our main example of a pointed set is the ﬁrst cohomology set H1(G, A) whose base point is the class of the trivial cocycle. In the next bit we describe a construction of maps of pointed sets between cohomology sets. 2.4 Galois cohomology 47

Deﬁnition 2.4.4 Let G, G0 be ﬁnite groups acting by homomorphisms on the groups A, A0 respectively. Let ϕ : G0 → G, f : A → A0 be group homomorphisms. Then we say that ϕ and f are compatible if

f(ϕ(σ0) · a) = σ0 · f(a) for all a ∈ A, σ0 ∈ G0.

Remark 2.4.5 We use the notation from the previous deﬁnition and suppose ϕ, f are compatible. Write AG = {a ∈ A | σ · a = a for all σ ∈ G}. The obviously f(AG) ⊂ (A0)G.

Proposition 2.4.6 We use the notation from Definition 2.4.4 and suppose that ϕ, f are compatible. Let α, α0 ∈ Z1(G, A) and define β : G0 → A0 by β(σ0) = f(α(ϕ(σ0))) and define β0 similarly using α0. 0 1 0 0 0 0 Then β, β ∈ Z (G ,A ). Moreover, if α ∼ α then β ∼ β . Proof. We have

β(σ0τ 0) = f(α(ϕ(σ0)ϕ(τ 0))) = f(α(ϕ(σ0))(ϕ(σ0) · α(ϕ(τ 0)))) = f(α(ϕ(σ0)))f(ϕ(σ0) · α(ϕ(τ 0))) = f(α(ϕ(σ0))) σ0 · f(α(ϕ(τ 0))) = β(σ0)(σ0 · β(τ 0)).

Suppose that there is an a ∈ A such that α0 = αa, i.e., α0(σ) = aα(σ)(σ · a−1). We write this with ϕ(σ0) in place of σ and apply f to obtain

β0(σ0) = f(a)β(σ0)(σ0 · f(a)−1).

So we see that β0 = βf(a). 2

By the previous proposition we get a map

1 1 0 0 f∗ : H (G, A) → H (G ,A ) by f∗([α]) = [β]. The proposition states that this map is well-deﬁned. It obviously maps the class of the trivial cocycle to the class of the trivial cocycle. Hence it is a map of pointed sets. Consider a sequence of maps of pointed sets

fi−1 fi fi+1 fi+2 ... −−−→ Ai −→ Ai+1 −−−→ Ai+2 −−−→ ...

The sequence is said to be exact at Ai if im(fi−1) = ker(fi). The sequence is exact if it is exact at each Ai. In the next part we work with three pointed sets A, B, C on which G acts. The distinguished element will in all cases be denoted 1. We suppose further

A, B are groups on which G acts by homomorphisms,

we have an exact sequence of pointed sets

f g 1 → A −→ B −→ C → 1 (2.4.4)

(that is, ker(f) = {1}, im(f) = ker(g), g is surjective),

f is a group homomorphism (so that it is injective),

f, g commute with the action of G, that is f(σ · a) = σ · f(a) for all a ∈ A, σ ∈ G, and similarly for g, 48 Applications of Galois theory

for all b, b0 ∈ B we have g(b) = g(b0) if and only if b0 = bf(a) for a certain a ∈ A (that is, g is constant on the cosets bf(A) - note that f(A) is a subgroup of B- and takes diﬀerent values on diﬀerent cosets).

We write AG, BG, CG for the subsets of A, B, C respectively, consisting of all elements that are ﬁxed under all σ ∈ G. So AG consists of all a ∈ A with σ · a = a for all σ ∈ G. Because f, g commute with the action of G we have f(AG) ⊂ BG and f(BG) ⊂ CG. Now let c ∈ CG. As g is surjective there exist b ∈ B with g(b) = c; ﬁx such a b. Then g(σ ·b) = g(b) for all σ ∈ G. By the assumption on g this implies that for each σ ∈ G there exists an aσ ∈ A with −1 σ(b) = bf(aσ). But this is the same as f(aσ) = b σ(b). Note that aσ is uniquely determined by b because f is injective.

1 1 Lemma 2.4.7 Deﬁne α : G → A by α(σ) = aσ. Then α ∈ Z (G, A) and its class in H (G, A) does not depend on the choice of b.

−1 Proof. Let σ, τ ∈ G. On the one hand we have f(aστ ) = b (στ · b). On the other hand,

−1 −1 −1 f(aσ(σ · aτ )) = f(aσ)(σ · f(aτ )) = b (σ · b)(σ · (b (τ · b))) = b (σ · (τ · b)).

1 As f is injective it follows that aστ = aσ(στ · aτ ) and α ∈ Z (G, A). 0 0 0 0 0 −1 0 Let b ∈ B be a second element with g(b ) = c. This yields an aσ ∈ A with f(aσ) = (b ) σ · b . Since g(b0) = g(b), the assumption on g provides an a0 ∈ A with b0 = bf(a0). But then

0 −1 0 0 −1 −1 0 0 −1 0 (b ) σ · b = f(a ) b (σ · b)(σ · f(a )) = f((a ) aσ(σ · a )).

0 0 −1 0 Because f is injective it follows that aσ = (a ) aσ(σ · a ). But that means that the cocycles deﬁned by b and b0 are cohomologous. 2

By the previous lemma we get a well-deﬁned map

δ0 : CG → H1(G, A) with δ0(c) = [α], where α ∈ Z1(G, A) is deﬁned by f(α(σ)) = b−1σ · b, where b ∈ B is any element with g(b) = c.

Theorem 2.4.8 The following sequence is exact

f g 0 f 1 → AG −→ BG −→ CG −→δ H1(G, A) −→∗ H1(G, B).

Proof. The exactness at AG immediately follows from the fact that the kernel of the homomorphism f : A → B is {1}. We have f(AG) ⊂ ker(g) by the exactness of (2.4.4). Let now b ∈ BG be such that g(b) = 1. Then again by the exactness of (2.4.4) there is an a ∈ A with b = f(a). For σ ∈ G we have f(a) = b = σ · b = σ · f(a) = g(σ · a), so that a ∈ AG as f is injective. Hence b ∈ f(AG). Now we consider the exactness of the sequence at CG. Let b ∈ BG and set c = g(b). For σ ∈ G −1 −1 let aσ ∈ A be the element determined by b as above. Then f(aσ) = b σ · b = b b = 1. Hence δ0(c) is the class of the trivial cocycle and we have shown that g(BG) ⊂ ker(δ0). Now let c ∈ CG, 0 −1 set α = δ (c) and suppose that α ∼ 1. Let b ∈ B be such that g(b) = c; then f(α(σ)) = b σ · b −1 for all σ ∈ G. Furthermore, α ∼ 1 means that there is an a ∈ A with α(σ) = aσ · a . Then b−1σ · b = f(α(σ)) = f(aσ · a−1) = f(a)σ · f(a)−1, which is equivalent to f(a)−1b−1 = σ · (f(a)−1b−1). We see that f(a)−1b−1 and therefore also bf(a) lie in BG. But g(f(a)) = 1 by exactness of (2.4.4), so g(bf(a)) = g(b) = c and we have shown that ker(δ0) ⊂ f(BG). Finally we deal with exactness at H1(G, A). Let c ∈ CG and set α = δ0(c). Let b ∈ B be such −1 −1 that g(b) = c; then f(α(σ)) = b σ · b for all σ ∈ G. Set β = f∗(α); then β(σ) = f(α(σ)) = b σ · b. 1 It follows that β ∼ 1. Now let α ∈ Z (G, A) and set β = f∗(α), i.e., β(σ) = f(α(σ) for σ ∈ G. −1 Suppose that β ∼ 1, that is, there is a b ∈ B with β(σ) = b σ · b for all σ ∈ G. Let σ ∈ G. Then 2.4 Galois cohomology 49 b−1σ · b = f(α(σ)) whence σ · b = bf(α(σ)). Therefore σ · g(b) = g(σ · b) = g(bf(α(σ))) = g(b) (again by exactness of (2.4.4)). We see that g(b) ∈ CG. Moreover, because f(α(σ)) = b−1σ · b and g(b) = c we have by deﬁnition of δ0 that δ0(c) = [α]. 2

As an application of this theorem we have the following result.

Proposition 2.4.9 Let the notation be as in Theorem 2.4.2. Let SL(n, E) be the subgroup of GL(n, E) consisting of the matrices of determinant 1. Then H1(G, SL(n, E)) = 1.

Proof. We have the following exact sequence

1 → SL(n, E) −→i GL(n, E) −−→det E∗ → 1

(here i simply maps a matrix to itself) and the maps satisfy all our hypotheses. Then by the previous theorem 0 f GL(n, F ) −−→det F ∗ −→δ H1(G, SL(n, E)) −→∗ H1(G, GL(n, E)) is exact. But by Theorem 2.4.2 the last set in this sequence is trivial. Hence δ0(F ∗) = H1(G, SL(n, E)). Furthermore, det : GL(n, F ) → F ∗ is surjective, so that ker(δ0) = F ∗. In other words, δ0(F ∗) = {[1]}. Putting the two things together proves the proposition. 2

We have already seen how classification of real forms of a complex algebra is equivalent to computing a Galois cohomology set (Example 2.4.1). Now we show how Galois cohomology can also be of interest in certain situations for the classification of orbits. We define an action of BG on CG. Let b ∈ BG and c ∈ CG. There is a b0 ∈ B with g(b0) = c. We define b · c = g(bb0).

Lemma 2.4.10 We have that g(bb0) does not depend on the choice of b0. This indeed deﬁnes an action of BG on CG.

Proof. Let b00 ∈ B be such that g(b00) = c. Then by hypothesis b00 = b0f(a) for a certain a ∈ A. Hence g(bb00) = g(bb0f(a)) = g(bb0). We show that b · c ∈ CG. Let σ ∈ G, then σ · g(bb0) = g((σ · b)(σ · b0)) = g(bσ · b0). But g(σ · b0) = σ · g(b0) = σ · c = c, so by the ﬁrst part of the proof, g(bσ · b0) = g(bb0). It follows that b · c ∈ CG. 0 0 Let b1, b2 ∈ B. We show that b1 · (b2 · c) = (b1b2) · c. Let b2 ∈ B be such that g(b2) = c, so that 0 0 0 0 0 0 b2 · c = g(b2b2). Let b1 ∈ B be such that g(b1) = g(b2b2), which is equivalent to b1 = b2b2f(a) for a 0 0 0 certain a ∈ A. We now infer b1 · (b2 · c) = g(b1b1) = g(b1b2b2f(a)) = g(b1b2b2) = (b1b2) · c. 2

Theorem 2.4.11 Let CG/BG denote the set of orbits of BG on CG. Sending BG · c to δ0(c) yields a G G 1 well-defined map from C /B to ker(f∗) ⊂ H (G, A). Moreover, this map is a bijection. Proof. We first show that the map is well-defined. Suppose that c, c0 ∈ CG lie in the same BG-orbit, that is, there is a b ∈ BG with c0 = b · c = g(bb0), where b0 ∈ B is such that g(b0) = c. Then δ0(c) = [α] where f(α(σ)) = (b0)−1σ · b0 and δ0(c0) = [α0] where f(α0(σ)) = (bb0)−1σ · (bb0). But σ · b = b and therefore (bb0)−1σ · (bb0) = (b0)−1b−1σ · bσ · b0 = (b0)−1σ · b0 = f(α(σ)). As f is injective it follows that α = α0. Theorem 2.4.8 directly shows that the map is surjective. So it remains to show injectivity. Let 0 G 0 0 0 0 0 c, c ∈ C , write δ (c) = α, δ (c ) = α and suppose that α ∼ α , that is, there is an a ∈ A with α0(σ) = aα(σ)σ · a−1 for all σ ∈ G. Let b, b0 ∈ B be such that g(b) = c, g(b0) = c0. Then f(α(σ)) = b−1σ · b, f(α0(σ)) = (b0)−1σ · b0 for all σ ∈ G. Let σ ∈ G, then

(b0)−1σ · b0 = f(α0(σ)) = f(a)f(α(σ))f(σ · a−1) = f(a)b−1(σ · b)(σ · f(a)). 50 Applications of Galois theory

But this is equivalent to b0f(a)b−1 = σ · (b0f(a)b−1). So if we set ˆb = b0f(a)b−1 then we have ˆb ∈ BG. Furthermore b0f(a) = ˆbb, so that c0 = g(b0) = g(b0f(a)) = g(ˆbb) = ˆb · c. We conclude that c and c0 lie in the same BG-orbit. 2

Example 2.4.12 Let F be a ﬁeld. We consider the space M2(F ) consisting of the 2 × 2-matrices with coeﬃcients in F . Let GL(2,F ) be the group consisting of the invertible elements of M2(F ). Furthermore, SL(2,F ) is the group consisting of the elements of M2(F ) of determinant 1. Both these groups act on M2(F ) by conjugation, that is, for T ∈ GL(2,F ) (respectively SL(2,F )) and M ∈ M2(F ) we set T · M = TMT −1. m An N ∈ M2(F ) is said to be nilpotent if there is an m > 0 with N = 0; it can be shown that this 2 is the case if and only if N = 0. Let N ∈ M2(F ) be nilpotent and nonzero. Then there is a nonzero v ∈ F 2 such that Nv 6= 0. We have that v, Nv is a basis of F 2 with respect to which the linear map corresponding to N has matrix 0 0 N = . 0 1 0

It follows that N is GL(2,F )-conjugate to N0. In other words, the set of nonzero nilpotent elements of M2(F ) is a single GL(2,F )-orbit. When we consider the group SL(2,F ) the situation is a bot diﬀerent. First let F = C and let −1 1 T ∈ GL(2, ) be such that TNT = N0. Set λ = √ and S = λT . Then S ∈ SL(2, ) and C det(T ) C −1 SNS = N0. So also in this case there is a single orbit of nonzero nilpotent matrices. Second, let F = R. Then if det(T ) > 0 we can do the same thing. However, if det(T ) < 0 then we set λ = √ 1 and − det(T ) 1 0 S = λ T. 0 −1 −1 Then again S ∈ SL(2, R), but this time SNS = −N0. Furthermore it is straightforward to see that N0 and −N0 are not SL(2, R)-conjugate. So here we get two orbits of nilpotent nonzero matrices. Now we reinterpret this in terms of Galois cohomology. Let G = Gal(C/R) = {1, γ}. Here γ is complex conjugation and acts on M2(C) by the map Γ from Example 2.4.1. B = SL(2, C), A = {T ∈ B | T ·N0 = N0} (that is, A is the stabilizer of N0 in SL(2, C)), C = B·N0 = {T ·N0 | T ∈ B} (that is, C is the orbit of N0). Then a small calculation shows that

ε 0 A = | ε = ±1, c ∈ . c ε C

Moreover, if we let f : A → B be the inclusion map (so simply f(T ) = T for T ∈ A) and define g : B → C by g(T ) = T · N0 then we get an exact sequence as in (2.4.4). Furthermore, all hypotheses on the sequence (2.4.4) are satisfied. For the last one suppose that g(S) = g(T ). This is equivalent to −1 S · N0 = T · N0, which amounts to S T ∈ A, or T = SU for a U ∈ A. G G G We have B = SL(2, R) and C = SL(2, C) · N0 ∩ M2(R), so C is the set of nonzero nilpotent G G G G elements of M2(R). We now look at the action of B on C defined above. Let T ∈ B and M ∈ C 0 0 then we denote this action by T ◦ M. Let T ∈ B be such that T · N0 = M. Then by definition 0 0 0 0 T ◦ M = g(TT ). But the latter is equal to g(TT ) = TT · N0 = T · (T · N0) = T · M (which by definition equals TMT −1). So we see that the ◦ action of BG on CG is nothing other than the action G G we had already defined. We see that the orbits of B on C are the orbits of SL(2, R) on the set of nonzero nilpotent elements of M2(R). 1 1 By Proposition 2.4.9 we have that H (G, B) = 1. Therefore by Theorem 2.4.8, ker f∗ = H (G, A). We conclude by Theorem 2.4.11 that the orbits of SL(2, R) on the set of nonzero nilpotent elements 1 of M2(R) are in bijection with H (G, A). 1 Now we compute H (G, A). Let α : G → A be a cocycle. Then α(1) = I2 (the 2 × 2-identity matrix) and α(γ) = T with ε 0 T = c ε 2.4 Galois cohomology 51

with ε = ±1. We have that α is a cocycle if and only if T T = I2. A straightforward computation shows that this happens if and only if c +c ¯ = 0, that is, when c = iu for some u ∈ R. Now let S ∈ A and write δ 0 S c0 δ −1 where δ = ±1. Then αS(γ) = ST S , which is equal to

ε 0 . δε(c0 − c¯0) + iu ε

1 We see that by choosing c0 = − 2 δεui the term in the (2, 1) position vanishes. So we have two cocycles, the trivial one, and the one sending γ to −I2. Therefore we recover the fact that there are two SL(2, R)-orbits in the set of nonzero nilpotent elements of M2(R).

Remark 2.4.13 In the previous example it may seem that Galois cohomology is a way to transform easy problems into more diﬃcult ones. However, there are also situations, analogous to the one considered in the example, where it is not possible to list the real orbits directly. In those cases the approach via Galois cohomology can be very useful. We refer to [Djo83] for an example. 52 Applications of Galois theory Index

∗ (Z/nZ) , 20 polynomial, 6 An, 25 solvable by radicals, 27 F -form, 42 subgroup [G, G], 23 generated by subset, 23 [g, h], 23 Aut(E), 9 Φn, 18 1-cocycle, 46 algebra, 44 alternating group, 25 automorphism group of a ﬁeld, 9 commutator, 23 commutator subgroup, 23 cyclotomic polynomial, 18 derived series, 24 discriminant of a polynomial, 32

Euler’s ϕ-function, 20 extension cyclotomic, 20 Galois, 9 normal, 9 radical, 27 separable, 9

ﬁeld diﬀerential, 36 of constants, 36

Galois group, 11 group solvable, 23 intermediate ﬁeld, 12 stable, 13 inversion, 24 permutation even, odd, 25 primitive element, 9 root of unity, 17 primitive, 17 separable 54 Bibliography Bibliography

[Bos18] Siegfried Bosch. Algebra. Birkh¨auser,2018.

[Cox12] David A. Cox. Galois Theory. John Wiley & Sons, 2012.

[DF04] David S. Dummit and Richard M. Foote. Abstract algebra. John Wiley & Sons, Inc., Hoboken, NJ, third edition, 2004.

[Djo83] Dragomir Z.ˇ Djokovic. Classiﬁcation of trivectors of an eight-dimensional real vector space. Linear and Multilinear Algebra, 13(1):3–39, 1983.

[J93]¨ Klaus J¨anich. Funktionentheorie. Springer-Lehrbuch. [Springer Textbook]. Springer-Verlag, Berlin, third edition, 1993. Eine Einf¨uhrung.[An introduction].

[Tig01] Jean-Pierre Tignol. Galois’ Theory of Algebraic Equations. World Scientiﬁc Publishing, 2001.