Algorithmic Algebraic Number Theory [1 ed.] 0521330602, 9780521330602

Table of contents :
Contents
Preface
List of symbols used in the text
1 Basics of constructive algebraic number theory
2 The group of an equation
3 Methods from the geometry of numbers
4 Embedding of commutative orders into the maximal order
5 Units in algebraic number fields
6 The class group of algebraic number fields
7 Recent developments
Appendix: Numerical tables
Algorithms
References
Index

Citation preview

ENCYCLOPEDIA OF MATHEMATICS AND ITS APPLICATIONS EDITED BY G.-C. ROTA

Algorithmic algebraic number theory

ENCYCLOPEDIA OF MATHEMATICS AND ITS APPLICATIONS 6 H. Mine Permanents 18 H. O. Fattorini The Cauchy problem 19 G. G. Lorentz, K. Jetter, and S. D. Riemenschneider Birkhoff interpolation 22 J. R. Bastida Field extensions and Galois theory 23 J. R. Cannon The one-dimensional heat equation 25 A. Salomaa Computation and automata 27 N. H. Bingham, C. M. Goldie, and J. L. Teugels Regular variation 28 P. P. Petrushev and V. A. Popov Rational approximation of real functions 29 N. White (ed.) Combinatorial geometries 30 M. Pohst and H. Zassenhaus Algorithmic algebraic number theory 31 J. Aczel and J. Dhombres Functional equations containing several variables 32 M. Kuczma, B. Chozewski, and R. Ger Iterative functional equations 33 R. V. Ambartzumian Factorization calculus and geometric probability 34 G. Gripenberg, S.-O. Londen, and O. Staffans Volterra integral and functional equations 35 G. Gasper and M. Rahman Basic hypergeometric series 36 E. Torgersen Comparison of statistical experiments 37 A. Neumaier Interval methods for systems of equations 38 N. Korneichuk Exact constants in approximation theory 39 R. A. Brualdi and H. J. Ryser Combinatorial matrix theory 40 N. White (ed.) Matroid applications 41 S. Sakai Operator algebras in dynamical systems 42 W. Hodges Model theory 43 H. Stahl and V. Totik General orthogonal polynomials 44 R. Schneider Convex bodies 45 G. Da Prato and J. Zabczyk Stochastic equations in infinite dimensions 46 A. Bjorner, M. Las Vergnas, B. Sturmfels, N. White, and G. Ziegler Oriented matroids 47 E. A. Edgar and L. Sucheston Stopping times and directed processes 48 C. Sims Computation with finitely presented groups 49 T. Palmer Banach algebras and the general theory of *-algebras I 50 F. Borceux Handbook of categorical algebra I 51 F. Borceux Handbook of categorical algebra II 52 F. Borceux Handbook of categorical algebra III 54 A. Katok and B. Hasselblatt Introduction to the modern theory of dynamical systems 55 V. N. Sachkov Combinatorial methods in discrete mathematics 56 V. N. Sachkov Probabilistic methods in combinatorial analysis 57 P.M.Cohn Skew fields 58 Richard J. Gardner Geometric tomography 59 George A. Baker, Jr., and Peter Graves-Morris Pade approximants 60 Jan Krajicek Bounded arithmetic, propositional logic, and complexity theory 61 H. Groemer Geometric applications of Fourier series and spherical harmonics 62 H. O. Fattorini Infinite dimensional optimization and control theory 63 A. C. Thompson Minkowski geometry 64 R. B. Bapat and T. E. S. Raghavan Nonnegative matrices and applications 66 D. Cvetkovic, P. Rowlinson and S. Simic Eigenspaces of graphs

ENCYCLOPEDIA OF MATHEMATICS AND ITS APPLICATIONS

Algorithmic algebraic number theory M. POHST University of Dusseldorf

H. ZASSENHAUS Late, Ohio State University

CAMBRIDGE

UNIVERSITY PRESS

PUBLISHED BY THE PRESS SYNDICATE OF THE UNIVERSITY OF CAMBRIDGE

The Pitt Building, Trumpington Street, Cambridge CB2 1RP, United Kingdom CAMBRIDGE UNIVERSITY PRESS

The Edinburgh Building, Cambridge CB2 2RU, United Kingdom 40 West 20th Street, New York, NY 10011-4211, USA 10 Stamford Road, Oakleigh, Melbourne 3166, Australia © Cambridge University Press 1989 This book is in copyright. Subject to statutory exception and to the provisions of relevant collective licensing agreements, no reproduction of any part may take place without the written permission of Cambridge University Press. First published 1989 Reprinted 1990, 1993 First paperback edition 1997 Typeset in Times 10/13 pt A catalogue record for this book is available from the British Library Library of Congress Cataloguing in Publication data Pohst, M. Algorithmic algebraic number theory/M. Pohst and H. Zassenhaus. p. cm. Bibliography: p. Includes index. ISBN 0 521 33060 2 1. Algebraic number theory. 2. Algorithms. I. Zassenhaus, Hans. II. Title QA247.P58 1989 512/.74—dcl9 88-2960 CIP ISBN 0 521 33060 2 hardback ISBN 0 521 59669 6 paperback

Transferred to digital printing 2002

CONTENTS

1 1.1 1.2 1.3 1.4 1.5 1.6 2 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11 2.12

Preface List of symbols used in the text

vii xi

Basics of constructive algebraic number theory Introduction The main task of constructive algebra On the construction of overmodules and overrings The ring of an equation The Gaussian integer ring Z[i] Factorial monoids and divisor cascades

1 1 4 7 13 15 23

The group of an equation Splitting rings The fixed subring of the permutation automorphisms Symmetric polynomials Indecomposable splitting rings Finite fields The main theorem of Galois theory Minimal splitting fields The Lagrange resolvent The group of an equation How to determine the group of a separable equation over a The cyclotomic equation Normal bases

3 Methods from the geometry of numbers 3.1 Introduction 3.2 Free modules over principal entire rings 3.3 Lattices and basis reduction 3.4 Minkowski's convex body theorem

field

29 29 37 48 63 69 87 91 97 108 135 157 163 177 177 177 186 212

vi

Contents

4 Embedding of commutative orders into the maximal order 4.1 Introduction 4.2 The algebraic background 4.3 Valuation theory 4.4 Eisenstein polynomials 4.5 Dedekind rings and orders 4.6 Embedding algorithm

219 219 222 230 255 264 313

5 5.1 5.2 5.3 5.4 5.5 5.6 5.7 5.8

327 327 329 336 343 350 359 367 372

6 6.1 6.2 6.3 6.4 6.5 7 7.1 7.2 7.3 7.4 7.5 7.6 7.7 7.8 7.9 7.10

Units in algebraic number Introduction The Dirichlet theorem On solving norm equations I Computation of roots of unity Computation of independent units Regulator bounds and index estimates Computation of fundamental units Remarks on computerization

fields

The class group of algebraic number fields Introduction The ring oF of algebraic integers as a Dedekind ring Ideal calculus On solving norm equations II Computation of the class group Recent developments Introduction Galois groups Integral basis Unit group and class group Examples and applications Relative extensions I: Kummer extensions Relative extensions II: Hilbert class fields Computation of subfields KANT and the KANT shell KASH Examples

377 377 381 396 408 413 427 427 428 429 429 434 436 443 445 450 453

Appendix: Numerical tables

459

Algorithms

487

References

488

Index

493

PREFACE

This book is a first step in a new direction: to modify existing theory from a constructive point of view and to stimulate the readers to make their own computational experiments. We are thoroughly convinced that their observations will help to build a new basis from which to venture into new theory on algebraic numbers. History shows that in the long run, number theory always followed the cyclic movement from theory to construction to experiment to conjecture to theory. Consequently, this book is addressed to all lovers of number theory. On the one hand, it gives a comprehensive introduction to (constructive) algebraic number theory and is therefore especially suited as a textbook for a course on that subject. On the other hand, many parts go far beyond an introduction and make the user familiar with recent research in the field. For experimental number theoreticians we developed new methods and obtained new results (e.g., in the tables at the end of the book) of great importance for them. Both computer scientists interested in higher arithmetic and in the basic makeup of digital computers, and amateurs and teachers liking algebraic number theory will find the book of value. Many parts of the book have been tested in courses independently by both authors. However, the outcome is not presented in the form of lectures, but, rather, in the form of developed methods and problems to be solved. Algorithms occur frequently throughout the presentation. Though we do not give a thorough definition of an algorithm (but just a rough explanation in 1.1), the underlying idea is that a definite output is obtained from prescribed input data by certain arithmetical rules in a finite number of computational steps. Clearly, an upper bound for the number of those computational steps depending on the input data should be desirable in each case. However, the bounds obtainable for many well-known, frequently used algorithms are completely unrealistic. Hence, we usually do without a complexity analysis.

viii

Preface

(The derivation of rough estimates is a good exercise for the reader interested in that topic, however.) This approach is justified by the fact that the algorithms under consideration yield good to excellent results for number fields of small degree and not too large discriminants. In those cases O-estimates are not very helpful in general. Rather, our intention is to make the readers conscious of weak performances of (parts of) algorithms and to strengthen their ability to improve them. From our experiences those weak links in the chain of operations can be detected often only by numerical computation. Hence, we highly recommend the interaction of developing algorithms, observing their performance in practical application, followed by improving them. Moreover, new algorithms are used to replace older proofs of theorems by means of using their output to show the existence of certain mathematical objects, such as the shortest vector in a lattice, or of a polynomial in the elementary symmetric functions representing an arbitrary symmetric function (principal theorem on symmetric functions). Any such algorithm respectively, its performance for specified data-yields new observations, giving rise to new conjectures and thus to an improvement of the theory. That is one of the major goals of this book since many of the available numerical invariants of algebraic numberfieldswere already obtained without the use of modern electronic computers. So there is still very little known about algebraic number fields other than abelian extensions of the rational number field. The contents of the book are divided into six chapters. The first chapter serves as a kind of an introduction. Some basic material (e.g. the Euclidean algorithm, quadratic extensions, Gaussian integers) is to stimulate the readers and to make them curious for more systematic theory. The second chapter gives a self-contained account of Galois theory and elementary prerequisites (e.g. a good knowledge of finite field theory). The reader is introduced to E. Galois' idea of studying the algebraic relations between the roots of a given algebraic equation and thus to recognition of the algebraic background generated by the solutions. Eventually, a method of determining the Galois group of an equation is developed. The third chapter contains an independent introduction to those parts of the geometry of numbers which will be used in later chapters. Most of Minkowski's classical theorems are presented, as well as some recent reduction methods. The fourth chapter discusses the problem of embedding an equation order into its maximal order, thereby establishing the arithmetical background of a given equation. An algorithm for the computation of an integral basis of an algebraic number field is included. A local account (using valuation theory and the theory of algebraically ordered fields) of the Hilbert-Dedekind-Krull ideal theory is part of the exposition.

Preface

ix

The last two chapters deal with the main difference between arithmetics of the rational numbers and of the higher algebraic number fields. Chapter 5 gives a logarithm free proof of Dirichlet's famous unit theorem. It is followed \yy developing several methods (some new ones) for the computation of the roots of unity and of a full system of fundamental units of an order. In chapter 6 the maximal order of an algebraic number Held is studied as a Dedekind ring. We then present efficient methods for the computation of the class number and the class group of an algebraic number field. Primarily they are based on a normal presentation of an ideal by two elements and a fast method for solving norm equations, both of them developed only recently. As an Appendix we present several tables with numerical data concerning the calculation of Galois groups, integral bases, unit groups and class groups. Chapters 1-4 are essentially self-contained, using only formal results but no conceptual theory of other chapters. The last two chapters rely on the knowledge of parts of chapters 3 and 4; chapter 6 also on parts of chapter 5. Throughout this book, we only assume that the readers have a proper basic knowledge of algebra. Should they not be familiar with some topic supposed to be known they will certainly find it in the book on algebra by S. Lang to which we refer quite frequently in the early chapters. We have also provided a bibliography for each chapter at the end of the book. We hope to succeed in encouraging some of our readers to engage in enlightened experimentation with numbers and obtain deeper insights into their structure. M. Pohst H. Zassenhaus 1987

Preface to paperback edition Since the first edition of this book in 1989 algorithmic algebraic number theory has developed rapidly. In order to keep the changes to a minimum I have mainly corrected the many typos and errors which have been found. The new developments are sketched in a new chapter with numerous references. Unfortunately, my coauthor Hans Zassenhaus, one of the pioneers of computational algebraic number theory, passed away on 21 November, 1991. The mathematical community lost one of its outstanding members and a great person. M. Pohst

ACKNOWLEDGEMENTS

We are much indebted to many students and colleagues for valuable suggestions, criticisms and incentives to do better. In particular we wish to acknowledge the help of D. Shanks, John McKay and J. Buchmann. We wish to acknowledge the generous support of the production of the manuscript and the research which went into it which we received from the Department of the Ohio State University, the Mathematical Institute of the University of Dusseldorf, the National Science and Engineering Council of Canada and the Centre de Recherches Mathematiques, Universite de Montreal. Our thanks go out to the continued support and interest by the editors of Cambridge University Press, M. Gilchrist and D. Tranah, as well as to the production staff of the Encyclopedia of Mathematics and its Applications. We would also like to acknowledge the help in proof reading we received from U. Schroter, M. Slawik, J. von Schmettow and essentially by U. Halbritter, and we thank the many secretaries who typed parts of the manuscript. We were constantly encouraged in completing the work by the support and understanding of our wives Christel and Lieselotte. My thanks go to Katherine Roegner and to the members of the KANT group, who helped me in locating most of the errors of thefirstedition. I also thank Cambridge University Press for their kind support during the preparation of the paperback edition.

SYMBOLS USED IN THE TEXT

Symbols used throughout the book are listed in connection with the mathematical terms with which they are associated in the text. Arithmetic

Sij is Kronecker's symbol; it is one for / =y, zero otherwise; sign(x) is one for x > 0, minus one for x < 0, 0 for x = 0, |x| = sign(x)x; [ x j denotes the largest integer less than or equal to x; [x~] denotes the smallest integer greater than or equal to x; {x} denotes the integer closest to x, for x + jeZ it is either x + ^ or x — ^; a\b means that there is an element c satisfying b = ac; ajb means that there is no element c satisfying b = ac\ pk\\b means that pk\b and p* + 1Jfc; gcd denotes the greatest common divisor; lcm denotes the least common multiple; gib denotes the greatest lower bound; a = bmodc means that c\(a — b); a = Q(a9b)b + R(a,b) denotes division with remainder in a Euclidean ring; gcd (a, b) = X(a, b)a + Y(at b)b denotes a presentation of the gcd in a Euclidean ring; Re(a),Im(a) real, respectively imaginary part of aeC; max{ 0 (i.e. r is positive) 0 if r = 0

(1.2)

— 1 if r < 0 (i.e. r is negative). As an introductory but very instructive example for an algorithm, we present Euclid's algorithm for rational integers. For a better understanding of algorithms it is useful to present the underlying ideas in advance. The theory of Euclid's algorithm in Z is easily explained. For two natural numbers a, b with a ^ b there exists a third natural number c subject to Hence, there exists a non-negative integer d such that a = bc + d and 0^d deg (B\ then deg (Q(A, B)) = deg (L(/i, B)A) - deg (£), but if deg (L(^, B)A) < deg (B), then Q(A, B) = 0. For a detailed discussion of pseudodivision we refer to Knuth's book [1]. We just note that the reason for adopting the (deg (A) - deg(£) + l)th power of l(B) lies in the number of degree reductions by 1 which can be necessary to obtain deg{R(A, B)) < deg(B). We observe that pseudo-division assumes the previous form (3.11a) in case B is monic (see exercise 2). Long division or division with remainder of polynomials is used similarly as long division of rational integers in order to bring about a pseudoEuclidean division algorithm which similarly as in section 1 leads to an equation F(A, B) = X(Ay B)A + Y(A, B)B,

(3.13)

where F(A9 B) is a well-determined polynomial which always divides the product of A and some other leading coefficients as well as the product of B and some other leading coefficients, but F(A, B) does not necessarily divide A or B themselves. Only in case R is a field, we can be sure that F(A, B) is a common divisor of A,B and then (3.13) tells us that F(A, B) is even a greatest common divisor. 5. Specializations Let R be a unital commutative ring. The K-homomorphisms (j> (i.e., A subject to (f>(t) = x, 4>(r) = r for all reR,

(3.14a)

we have

*f finite £ ')/

I

finite

'

(3.14b)

See Horner's algorithm (2.3) for the evaluation of a polynomial / at x. It provides the 'value' /(x) of feR[t] at x. If / specializes to 0 at x, but / itself is not zero, then x is said to be a root or zero of / in A. The equation /M =0

(3.15a)

is tantamount to the statement R(/, t - x)(x) = 0 (to be computed in A[f]) for any x of A, which implies f(x) = R(f,t-x)(x).

(3.15b) (3.15c)

Taking for granted a knowledge of elementary properties of ideals and kernels (as expounded in S. Lang, Algebra, for example), the kernel of the specialization A[f]->A:*»-»x is the principal ideal of A[>] generated by t - x. It consists of 0 and of all polynomials with root x. Its factor ring is represented by A. The factorring of /*[*] modulo the principal ideal fR[t] generated by a non-constant monic polynomial / has an K-basis formed by the deg(/) residue classes l//,f//,...,(r//) d e ^>- 1 ,

(3.16)

where we denote by A/f the residue class of R[t~\ modulo the principal ideal fR[t\ which is represented by AeR[f]. The polynomials of degree less than deg(/) may be taken as a representative system for R[t]/fR[t] in case of / being monic and non-constant. We will use this construction in later sections frequently.

Exercises 1. Write an algorithm for the multiplication of two polynomials of Z[f]. 2. Write an algorithm for the pseudo-division of polynomials over a unital commutative ring R. Specialize it to the case where the divisor polynomial is monic. 3. Using exercise 2, transfer algorithm (1.14) to the case of polynomial rings with pseudo-division, i.e. develop an algorithm for determining F(A, £), X(A, B\ Y(A, B) of (3.13) for any two polynomials /t, B ^ 0 of R[t], R a unital commutative ring. Test the algorithm for /!(*) = 2*4 + 5t3 + 6f2 + 8f + 10, B(t) = 4t2 + 6f + 3 and R = Z, Z/2Z, Z/8Z, Z/12Z.

The ring of an equation

13

4. Prove that polynomial rings are functorial in the following sense: Let R, A be unital commutative rings and A a ring homomorphism. Then extends uniquely to a homomorphism 0:/?[r]->A[r] such that $\R = y (t) = t. Moreover, for any non-constant polynomial /(f)eR[r] there is a unique homomorphism * / : * M / / R W - A W / 0 ( / ) A [ f ] satisfying ,(*//) = */£(/). 5. Let A be a unital overring of R with K-basis B. Let M be a A-module with A-basis B'. Prove that BB':— {bb'\beB,b'eB'} is an K-basis of M considered as an R-module. (This is the so-called degree theorem.) 6. Let R be a unital commutative ring. (a) Let /?[£,] be the polynomial ring in t{ over R and /?[*,][*,] * ne polynomial ring in tj over R[f,] (ij = l,2,...,n, i/y;we^l). Show that there is precisely one (standard) isomorphism of /?[r,][r7] on /?[fy][fj fixing R elementwise and mapping r, on th tj on t}. (Write R[thtj] or /?[^,f,].) (b) Similarly for /*[*,][*,,**] and /*[*,,*,][**]. Write K[r ( ,^,fJ. (c) Interpret the meaning of/?[f,,r 2 ,...,r M ] =/? [fK|,f,,2>'••»**»] where n is any permutation of 1,2,...,«. (This is the polynomial ring in n variables t,, 12,..., tn over R.) 7. Let R be a unital commutative ring. Construct a unital commutative overring A of R such that 1A ^ 1K. Show that it contains a divisor of zero.

1.4. The ring of an equation We now consider equation (1.1) over a unital commutative ring R (instead of Z). It implies the equation (aox)n + n

1

fll(fl0xr-

+ -+a/o"

1

=0

(4.1a)

l

upon multiplication by a 0~ . In case a 0 is not a zero divisor, any solution y of the equation y" + fr1/"1 + - + frll = 0

(4.1b)

in K with coefficients

fe^rf1

(Ui0,gcd(a,6)

= 1),

(4.2a)

14

Basics

which leads to the equation rfl + M " " l 6 + - + *«fr" = 0,

(4.2b)

n

implying b\a and hence because of (4.2a) b\a, i.e. b = 1 and yeZ. It suffices to look for the integral solutions y of (4.1b) which - as we know - are among the finitely many divisors of bn. They yield all rational solutions of (1.1) in the form (4.Id). Thus we are led to narrow down the discussion of algebraic equations (1.1) to the monic case. Hence, in the sequel we assume a o = l.

(4.3)

In section 3 we saw that any solution of (1.1) in any commutative overring A of R is a root of the corresponding monic polynomial / ( 0 = '" + and we have Pi/Q = M*,Q. In that case the minimal equation is simply We conclude this discussion by showing that the identity and a are the only automorphisms of Q(i). Proposition The automorphism group of Q(i) consists of idQU) and a.

(5.11)

Proof

Any automorphism p of Q(i) must satisfy /?(1) = 1, hence p(n) = n for all neN. Furthermore we conclude /}(-n)= -n and finally P(p/q) = p/q for all p, qeZ, q^O. Applying /? to the equation i2 = - 1 we obtain P(i)2 = - 1 and therefore P(i) = ± i. Thus either P = idQU) or p = a. • We note that proposition (5.11) does not merely follow from the 2dimensionality of Q(i) over Q, as exercise 1 shows. 3. Algebraic background of the 8th roots of unity

The algebraic background of the Gaussian integers shows a group theoretic feature which is revealed in even greater detail in the equation ring of the polynomial t4 -I- leZ[f]. It has four basis elements l : = l / « 4 + l ) , C8 = (5.14b) The relative norm is multiplicative and homogeneous of degree 2: (5.14c) (5.14d) The relative norm vanishes only trivially. Namely, NQ(C8)/0(l)(£) = 0 implies { = 0 or (x/y)2 = i. In the latter case we obtain x/y = a + ibeQ(i) and (a2 - b 2 ) + ilab = i. But then a = ± b (a9beQl) yielding ±2a2 = l which is impossible over Q. As above we conclude that every non-zero element of Q((s) has the inverse for

The Gaussian integer ring Z[i]

19

Therefore Q(( 8 ) is a field which we knew already from t* + 1 being irreducible in Q[Q. Next we consider the automorphism group of Q((8). Any automorphism a) of Q(( 8 ) fixes Q. Application of co to i2 + 1 = 0 yields co(0 = ± i and to Cl — i = 0 yields o>(C8) = Ci (;e{l,3,5,7}). Hence, idR, P,CT,T are the only automorphisms of R = Q((8). We determine the fixed field for each automorphism. For = -

(a,j?eZ[/],/?#O,gcd(a,/?)=l).

(5.22)

This presentation is unique up to equivalence. Analogously as in the beginning of section 4 it is shown that any root of a monic polynomial of Z[f] in Q(0 is already in Z[i] (see exercise 5). In particular the elements of Z[i] are characterized among the elements of Q(/) by the property that they occur as roots of monic polynomials of in , see (5.19)), irreducible elements, divisibility (a\b), and unique factorization into

24

Basics

irreducible elements can be transferee! to arbitrary commutative monoids M; exercises 1 and 2 show that the usual properties of divisibility hold there, too. A commutative monoid M is said to be factorial if every non-zero element of M has a unique factorization into irreducible elements. Two elements a, b of a factorial monoid M are called associate if a\b and b\a (i.e. a ~ b). (We note that we have to assume that the set of irreducible elements of M does not contain associate elements, otherwise all factorizations into irreducible elements are unique up to equivalence only.) Using the same arguments as S. Lang in his book, chapter II, section 4, we conclude that a (commutative) monoid M is factorial if and only if every properly ascending chain atM c a2M a •.•(a j eM, /eN) is finite, (6.1a) and for every irreducible element p e M which divides ab (a.beM) either p\a orp\b. (6.1b) In the sequel let M be a factorial monoid. Arithmetic in M can be done via the unique presentation of non-zero elements aeM in the form a = u f[ Pi (ue U (M), reZ* °, p(eM irreducible (1 < / ^ r)).

(6.2)

(See also exercises 1,2.) However, it is usually difficult to obtain such a factorization, even in the case M = N. We shall therefore develop a kind of substitute for (6.2). Let S be a finite subset of M. A (finite!) subset B(S) of M is called a basis of S if any aeS has a unique presentation beB(S)

(mbeZ>0,ueU(M)).

(6.3)

For example, all irreducible elements of M dividing at least one aeS form a basis B(S). But in general we can obtain a basis which consists of less elements and is easier to determine than by factorizing all aeS into irreducible elements. As an example let M = N and 5 = {14700, 5040}, then B(S) = {12, 35} will do as we shall see below. The instrument for computing 'nice' bases are divisor cascades, by which we derive from S a set 5(S) which is closed under division and gcd-formation. Definition (6.4) Let S be a non-empty finite subset of a factorial monoid M and 0$S. Then a divisor cascade S(S) ofS is a smallest subset of M with the properties: 1 eS(S); (ii) Ifa,bed(S)9 then S(S) also contains an element c, c~gcd(a,b). (iii) If a, be8(S) and a\b, then S(S) contains an element c ~ b/a.

Factorial monoids and divisor cascades

25

It is clear that a basis B(S) of S is obtained from those elements of S(S) which are not in U(M) and are not divisible by any other yed(S), y^b, yeU(M). Any xeS(S) then has a presentation (6.3). Example (6.5) Let M = N and 5 = {14700,5040}. In accordance with (6.4) we compute gcd(14700, 5040) = 420, 14700/420 = 35, 5040/420=12, 14700/12=1225, 5040/35= 144 yielding d(S) = {14700, 5040, 420, 35, 12, 1225, 144, 1}. The following diagram needs no further explanation: 14700

5040

/ 1225

Indeed, we have B(S) = {12, 35} = B(5(S)). Hence, a basis for a finite subset of M can be computed just by forming quotients and gcds but without any factorization into irreducible elements. In the sequel we assume that we can calculate gcds. In praxis M would have to be a subset of a Euclidean ring for this purpose. We note that for computing 8(S) associate elements of S should be eliminated. Algorithm for computation of a divisor cascade

(6.6)

Input. Let S = {s!,...,s r } (reN) a subset of a factorial monoid not containing 0. Output: S(S).

Step 1. (Eliminate associate elements and units.) Set fc

b2 = a;2a2.

(2.5a) (2.5b)

Just like the pure monic polynomial it depends only on one parameter, viz. b2. If we apply a translation now, say, C = >/ + *,

(2.5c)

then the second coefficient stays 1, but the last coefficient is modified by the summand a2 + a: C2 + C + />2 + a2 + a = 0.

(2.5d)

For example over R = Z/2Z we have the pure normal form x 2 = 0,

(2.6a)

and the following Artin-Schreier normal forms x 2 + x 4- 1 = 0,

(2.6b)

x2 + x = 0,

(2.6c)

which is irreducible, and which is reducible. For equations of 5th degree defined over a field R of zero characteristic there is the Bring-Jerrard normal form [7] x5-x + a = 0

(2.7)

which can be obtained upon adjunction of specified radicals of degree < 5 for any 5th degree equation even if it cannot be solved by radicals. D. Hilbert

40

The group of an equation

analyzed the question how many coefficients aua2,-" can be transformed into 0 for given degree n [6]. But in general the question which normal forms can be devised for equations of degree n > 6 after 'trivial' adjunctions (any adjunction of degree < n) and a suitable Tschirnhausen transformation and how to construct them, is still unsolved. E. Galois's approach to the task of solving an algebraic equation is radically different, as we shall see. 2. Normal forms of monic quadratic equations over Z Thirdly, we remark that our treatment of monic quadratic equations yields the following normal forms for R = Z after suitable translations: /. Inseparable equations: x2 = 0.

(2.8a)

//. Separable equations: (a) x2 — j = 0 if d = 0 mod 4, (b) x2 - x + -^— 4

if d = 1 mod 4.

We observe that d = d(f) is invariant under translation and that the corresponding factorizations are f = t2

I. II.

(2.9a)

(a) f •• (2.9b)

(b) / = (t - (1 + '2> • «>'d *n n independent variables tl9 t2i...ytn over a unital commutative ring Ro. Let g(t) = tn -t,t*-' + t2t»-2 + - +{-\)\eRn\t]

(3.1a)

be the 'generic' monic polynomial of degree n over Ro. Then S(g/Rn) = K«[£i >• • • > £ J is a polynomial ring in the variables £i ,...,£„ over Ro: % / / O = K0Ki,..,£,]>

where

(3.1b) (3.1c)

g{t)=f\(t-td i=l

in S(g/Rn). The polynomials in ^ , . . . , £ „ over Ro which are fixed by the n\ permutation automorphisms of S(g/Rn) are said to be the symmetric polynomials in Zt,..., £n over JR0. According to theorem (2.18) they belong to Rn for [0/2] = 0. In the sequel we shall show that the restriction [0/2] = 0 is superfluous. One of the symmetric polynomials is

As a matter of fact setting Ro = Z we obtain an identity of the form ["] ( £ , - & ) 2 = ?„(*!,... , 0 ,

(3.3a)

where PneZ[t j , . . . , r j

(3.3b)

and '/=

I

«j,«ia-«i,

(1 1^ a^di

(0^/^n),

6 , ^ ^ . (O^y^m)

(3.32b)

leads to a polynomial expression Res(>i,B) = Resnm(>l,5) in a o ,...,a n ,

Symmetric polynomials

57

b o ,...,6 m with coefficients contained in the subring of R generated by 1^ (the prime ring of R\ which is said to be resultant of A, B. For any overring A of R which is a splitting ring of both A, B in accordance with

= aof[(t-xi),

B(t) = bof\(t-yj)

i=i

(3.33a)

i=i

the specialization (3.32b) can be uniquely extended to the specialization A-»A via

1 Z H>1 A ;

doh^a^x^Xi

0 4, B) as common denominator relative to R. Hence, there is a unique presentation Xl(A,B)A + Yl(A9B)B = Res(A9B)9

(3.38b)

in terms of polynomials Xly Y^eRlf] of degrees m— \,n— 1, respectively. As a consequence of the irreducibility of Res (A,B) it follows that any presentation (3.39a)

Symmetric polynomials

59

is a multiple of (3.38b) so that. for some kER. (3.39b)

X2 = XXl9 Y2 = XYli R^ARes&B)

Thus, for example, there hold equations (compare chapter 1 (3.13)) Y(AiB)=Yl(A,B)L(AiB), F(AiB)

=

R e s ( A

i

>

(3.39c)

B ) )

which upon specialization assume the form

Yl(AiB)B.

(3.39e)

Examples show that F(A,B) and Res (/!,£) need not concide. Example (3.40) Let Ax(t) = B(t) = t5 -1 + 1, A2(t) = /l(r) = 5r4 - 1. Then 25A.it) = 5tA2(t) + A3(t) for A3(t)= - 2 0 r + 25, and Res(/1,£) = Res(/I 2 ,^ 1 ) = 25~ 4 Res(/4 2 ,25^ 1 ) = 5~4Res(>42,/l3). In the next step we obtain ( - 20)4A2(t) = ( - 40000f3 - 50000*2 - 62 500t - 79 125M3 + A4 for A4 = 1 797 125 and therefore Res (A2, ^ 3 ) = ( - 20)" 4 Res(( - 20)4A2, A3) = ( - 20)~4( - 20) 4 Res(l 797 125, A3) On the other hand, Res (At B) = 2869 and thus L(Ay B) = 625, X^A, B)=- 320t4 - 400f3 - 500t2 - 625t + 256, Y{(Ay B)=- \600t3 - 2000f2 - 2500t - 3125. If R is a factorial ring and the non-zero polynomials A, BeR[t] have no common divisor, then there are polynomials X, YeR[t] with deg (X) < deg(B), deg(y) < deg(/4) such that XA + YB=\.

(3.41)

As the example ,4(0 = t2 + l, B(t) = t2 + 4 with Res(4,£) = 9 shows, any divisor of Res(/4, B) has a presentation in the form XA + YB in that case. See also exercise 4. We conclude our discussion of resultants by presenting an algorithm for their computation.

60

The group of an equation

Algorithm for computing resultants

(3.42)

Input. A,BeR[t], deg(/l)^deg(£)>0,R a. unital commutative entire ring (or R = K 0 [a 0 ,..., dtn 5 0 ,..., 5,,,]). Output. Res(A9B)eR and polynomials Xi,YleR[t'] satisfying (3.39e), respectively (3.38b). Step 1. (Initialization). Set Res(/4,£)*-1, F hence e(S(f/R) is a splitting ring of ej over etR. Since e^f/R) is generated by the n\ elements e^e^" -^"(O^ij A mapping ffc onto xk (1 ^k^ri). Under this epimorphism, the equation 1 =Z?=i^i becomes

66

The group of an equation

1 A = Z;= 1 efo), where e(e,) e(ej) = e(e,^) = beB

beB

and therefore lcm(ord(x), ord(y)) = UbeBbmax{flx4ly}. Hence, for beB fix ** fly

1

beB I'y^l'x

j

the elements x , y have orders ord(x')= FI b"x> ord(yj) = f [ ^ y beB f'x^t'y

beB Hy>Hx

(Obviously, for /|ord(x) we have ord (x1) = ord (x)/i.) Therefore the product x V has the desired order since ord (x1), ord (yj) are now coprime. D Remarks (i) It is clear that the method of the proof also applies to elements of a finite abelian group. (ii) For an efficient performance of Gauss' algorithm we remark that for each new element xt we first test whether xj"1"1 = 1 already. In that case x, is of no help in increasing m,_ x and we proceed to xJ + j with m, = m,_ j. Especially, xf = 1 and x, = — 1 (for 21m/-!) can be omitted. (iii) It should be pointed out once again that the algorithm of Gauss can also be used to establish the existence of a primitive root. The field property of F is invoked at the point when we obtained a power product of xi,..., xk of order mk = q — 1, since there cannot be more than q — 1 solutions of the equation xq~l = 1 in F. On the other hand, if one is not sure whether a finite unital commutative ring R is a field, then Gauss' algorithm forms the basis for many tests. The main difficulty in that case is to establish equations xe = 1 (eeN) for any x ^ 0 of R. This method is used, for example, to decide whether

72

The group of an equation

a given large number x is a prime number. It turns out to be easier to search for a primitive element than for a zero divisor. (iv) For F = Z/2 the unit element is the primitive root. For F = Z/p (p > 2) Gauss used the sequence xl = — 1, x 2 = 2, x 3 = 3, x 4 = 5, — Experience shows that this procedure yields a primitive root in about logp steps, though with the present knowledge of analytic number theory no comparable estimate is demonstrable. (v) If FpM is given as Tp[t]/ffp[t]9 where / is a monic irreducible polynomial of degree n > 1 of F p [f], then one may arrange such that linear polynomials 1}- 0 < ' < k\

with Z>(.= 1 exactly for the indices /, (W) Z 9(e) d\n

\

/

il\n

r |!i

d\n

eil\n

by (a).

il\n