Extra Facts

Statements and proofs of some important extra facts.

Cyclic Groups

It is easy to prove that if a finite group is cyclic then it has at most one subgrup of each order (dividing its order, by Lagrange, in which case this subgrup exists). The converse is also true, and useful for studying fields.

This is an alternative, somewhat simpler, to my taste, proof of Corollary 8.10. The book’s proof by way of Lemma 8.11 is still quite interesting, though – one can use 8.11(b) as a starting point for proving the fundamental theorem of finite abelian groups. Compare also Theorem 9.57.

Note that field theory is what suggests an induction using an element of minimal order here, rather than maximal order, as in the book’s proof.

Theorem 1 Let $G$ be a finite group of order $n$. Suppose that $G$ has at most $1$ subgroup of each order $d\leq n$. Then $G$ is cyclic.

Proof. We proceed by induction on the order $n$; if $n$ is prime then we are done. Note that the hypothesis on $G$ is inherited by subgroups. Therefore, we may assume that all proper subgroups of $G$ are cyclic. It is also useful to observe that the assumption of the theorem implies every subgroup of $G$ is normal: the conjugate of a subgroup has the same order, and hence coincides with the original.

Let $g$ be a non-identity element of minimal order, so its order is a prime $p$. By induction, $G/\langle g \rangle$ is cyclic and therefore generated by the image of some $h$ in $G$, from which it follows that $G$ is generated by $g$ and $h$. Let $d$ be the order of $h$.

If $p$ divides the order of $h$ then $h^{d/p}$ has order $p$, and so $\langle g\rangle$ and $\langle h^{d/p}\rangle$ are subgroups of $G$ of the same order, which implies $g$ is in $\langle h \rangle$ and therefore \[G = \langle g,h \rangle = \langle h \rangle\] is cyclic.

Otherwise, $p$ does not divide $d$. By Lagrange, then, the intersection of $\langle h\rangle$ and $\langle g \rangle$ is trivial. Since the two subgroups are normal, this implies $g$ and $h$ commute and moreover that \[G = \langle g,h\rangle \cong \langle g \rangle \times \langle h \rangle.\] But the product of cyclic groups of coprime order is cyclic, so again $G$ is cyclic!

Corollary 1 The multiplicative group $\mathbb F_q^*$ of a finite field is cyclic. In particular, it has an element of order $d$ if and only if $d$ divides $q-1$.

Exercise: adapt the argument to show that any finite multipicative subgroup of a field is cyclic.

Proof. Let $H$ be a subgroup of $\mathbb F_q^*$ of order $d$. By Lagrange’s theorem, every element of $H$ is a root of $x^d - 1$. That polynomial has at most $d$ roots, and so its roots are precisely the subgroup $H$ – so $H$ is determined entirely by the integer $d$, and hence $\mathbb F_q^*$ has at most one subgroup of each order $d$, according to whether or not $x^d - 1$ splits completely.

Therefore, Theorem 1 implies the group $\mathbb F_q^*$ is cyclic.

Corollary 2 The Galois group of $\mathbb F_{q^s}$ over $\mathbb F_q$ is cyclic of order $s$.

Proof. We have established that there is at most one finite field of each order, hence at most one of each degree, contained in $\mathbb F_{q^s}$, hence at most one extension of $\mathbb F_q$ contained in $\mathbb F_{q^s}$. Therefore, the Galois correspondence tells us that there is at most one subgroup of this Galois group of each order and so Theorem 1 tells us that the Galois group is cyclic!

Linear Algebra

We’ll use the following handy lemma a few times.

Lemma 1 Let $V$ be a vector space over an infinite field $K$. Then $V$ is not the union of a finite number of proper subspaces.

Proof. Suppose, for contradiction, that $V$ can be written as such a union, and let $W_1,..., W_n$ be a minimal collection of proper subspaces of $V$ whose union is $V$. Enlarging $W_1$ if necessary, we may further assume that $W_1$ has codimension $1$.

By minimality, we can take some $w\in W_1$ which is not in $W_j$ for any $j\neq i$. By properness of $W_1$, we can also find some $v$ not in $W_1$. Consider sums \[v + aw\] for $a\in K$. Since $K$ is infinite, there are infinitely many such sums, and because $v$ is not in $W_1$, none of them are in $W_1$, so some $W_j$ contains $v+aw$ and $v+bw$ for some $a\neq b$… but then $(a-b)w$ is in $W_j$, hence $w$ is in $W_j$, a contradiction!

Corollary 3 If an extension $K/k$ has only finitely many sub-extensions, then $K/k$ is a primitive extension.

Conversely, if $K/k$ is primitive, then it has finitely many subfields.

Proof. There is nothing to prove if $k$ is finite, so assume it is infinite.

A proper subextension field is also a proper subspace of $K$ as a vector space over $k$. If there are only finitely many proper subfields, then their union cannot cover $K$. By Lemma 1, there is some $\alpha$ in $K$ not contained in any of those proper subextensions, and so $k(\alpha)$ must be all of $K$.

In the other direction, suppose $K = k(\alpha)$ with minimal polynomial $f(x)$. Let $L$ be an intermediate extension and let $g(x)$ be the minimal polynomial of $\alpha$ over $L$. Since $K/k$ must be finite, so too is $K/L$. Observe that the extension $L'$ obtained by adjoining the coefficients of $g$ to $k$ is a subfield of $L$, but the degree of $\alpha$ over $L'$ is at most that of $\alpha$ over the larger field $L$, so $L=L'$. But there are only finitely many such $L'$ because $f(x)$ has finitely many divisors.

Gauss’s Lemma

This proof is a small variation on the one in the book. It works over any UFD, but I’ll just prove it for the integers – the main fact one needs to generalize it to a UFD is that irreducible elements generate prime ideals in UFDs. The rest is identical.

Lemma 2 Let $f(x) \in \mathbb Z[x]$ and suppose that it factors in $\mathbb Q[x]$ \[f(x) = g(x) h(x).\]

Then, in fact, there is a factorization \[f(x) = \hat g(x) \hat h(x)\] where $\hat g$ and $\hat h$ are in $\mathbb Z[x]$ and have the same degrees as $g$ and $h$, respectively.

The basic idea is that denominators in $g$ have to be canceled by extra factors in $h$ for the product to end up in $f$. The difficulty is that things like \[\frac 1 2 = \frac 5 {10}\] makes it hard to pick out “strictly necessary denominators”.

Instead, we just clear all denominators arbitrarily, then “realize” that the denominators didn’t really have to be cleared, and it’s just that it gave us an excuse to move factors around.

Proof. Let $c$ be an integer such that multiplying by $c$ clears the denominators. In other words, we can write $c=ab$ in such a way that $\hat g = ag$ and $\hat h = bh$ have integer coefficients, so that \[c f = \hat g \hat h\] is a factorization in $\mathbb Z[x]$. Note that $\deg \hat g = \deg g$ and $\deg \hat h = \deg h$.

We now describe an inductive process for removing $c$ from such a factorization. If $c = \pm 1$ there is nothing to do. Otherwise, let $p$ be a prime divisor of $c$.

Since the equation above is in $\mathbb Z[x]$, we can reduce it mod $p$ to obtain an equation in $\mathbb F_p[x]$. The entire left hand side is zero: \[0 = \hat g \hat h \mod p.\] Since $\mathbb F_p[x]$ is an integral domain, this implies either $\hat g$ or $\hat h$ is zero mod $p$, which is to say that $p$ divides all of its coefficients. In either case, we can cancel the factor of $p$ from $c$ and the factor of $p$ from the appropriate polynomial on the right hand side. This leaves us with \[\frac c p f = \left(\frac {\hat g} p\right) \hat h \] or \[\frac c p f = \hat g \left(\frac{\hat h } p\right),\] where all the polynomials are still in $\mathbb Z[x]$ and have the same degrees as the original. Now, however, $c$ has one fewer factor. Repeating the process on the (finitely many) remaining factors of $c$ yields the claim.

(you will note that the book’s proof also, implicitly, uses - or proves, really - that $\mathbb F_p[x]$ is a domain)

Lifting Lemma

This is a handy improvement of the lifting lemma from the book. It doesn’t have a name, but I call it the “normal lifting lemma”, or often just “[the] lifting lemma”. The adjective “normal” just means “splitting field”. Sometimes I’ll abbreviate it as the (H)LL.

Lemma 3 Let $K/k$ be a finite extension, generated by $\alpha_1,...,\alpha_n$ with minimal polynomials $g_1,...,g_n$. Let $\sigma: k \to \k'$ some field isomorphism and $g_i' = g_i^\sigma$ the polynomial obtained by applying $\sigma$ to the coefficients of $g_i$. Let $L'/k'$ be any extension of $K'$ containing a splitting field of the $g_i'$.

Then there is an extension $\tilde \sigma$ of $\sigma$ to $K$ whose image is in $L'$.

Proof. We’ll induct on the number of generators, using the book’s lifting lemma. The point is that $L'$ has “every possible copy” of the roots of the $g_i$, so the lift at each step can be induced from an evaluation map landing in $L$.

To wit, we can carry out one step of the lift, from $k$ to $k(\alpha_1)$ with the standard lifting lemma, obtaining a map $\sigma_1$ extending $\sigma$ and taking $\alpha_1$ to some $\alpha_1' \in L'$ a root of $g_1^\sigma$. This bring us to a finite extension $K/k(\alpha)$ with an isomorphism $\sigma_1$ from $k(\alpha_1)$ to $k'(\alpha_1')$. Note that the minimal polynomials of each $\alpha_i'$ over $k'(\alpha_1')$ need not be the original $g_i'$, but they do still divide the $g_i'$, and hence $L'$ still contains the splitting field. By induction, finish the extension to $K = k(\alpha_1)(\alpha_2,...,\alpha_n)$. At each step, we produce a $\sigma_i$ extending $\sigma_{i-1}$, hence extending $\sigma$, so the final map $\sigma_n$ extends $\sigma$ and takes $K$ to $L$.

It’s worth noting that this lemma extends to $K/k$ algebraic, not just finite, as long as $L'/k'$ also has “enough roots”: the minimal polynomial over $k$ of any $\alpha \in K$ splits completely in $L$. Keep this in mind as we go to the next section, and define normal extensions!

Also, although we haven’t rigorously constructed the algebraic closure, it’s worth noting because the algebraic closure contains every splitting field, the lemma says that any finite (or algebraic) extension of $k$ has an embedding into the algebraic closure. In other words, every extension of $k$ can be “placed” into the algebraic closure and compared within it, rather than leaving them floating around independently.

Normality

We introduce the following definition(s).

Definition 1 Let $K/k$ be a finite extension. We say it is normal if it satisfies any of the following conditions (which we will soon prove equivalent):

(N1) $K$ is the splitting field of some polynomial in $k[x]$.
(N2) if $L$ is any field containing $K$, then every embedding of $K$ into $L$ over $k$ takes $K$ to itself.
(N2’) if $L$ is an algebraic closure of $\bar k$ containing $L$, then every embedding of $K$ into $L$ over $k$ takes $K$ to itself.
(N3) given any $\alpha \in K$ the minimal polynomial $g$ of $\alpha$ over $k$ factors completely into a product of linear polynomials in $K[x]$ (i.e. $K$ contains all the roots of $g$).

Note that one usually proves that (N1) implies (N2) implies (N2’) implies (N3) implies (N1) which you’re likely to see in other texts, but since we haven’t rigorously constructed the algebraic closure, we will skip (N2’) and point out how it can be included. It’s easy to see (N2) implies (N2’) by letting $L$ be an algebraic closure, and in the argument that (N2) implies (N3), all one needs is an overfield with a lot of roots, and the algebraic closure is certainly up to this task.

Lemma 4 The conditions (N1), (N2), and (N3) are equivalent.

Proof. Assume (N1), so $K$ is the splitting field of some polynomial $f(x) \in k[x]$. If $L$ is a field containing $K$, then it contains all the roots $\alpha_1,...,\alpha_n$ of $f$, and the splitting field is $K = k(\alpha_1,...,\alpha_n)$. The image of any other embedding of $K$ is still a splitting field for $f$, and hence coincides with $K$. The point is that a splitting field is determined entirely by information in $k$ (the polynomial $f$) which is fixed by an embedding.

Next, assume (N2). Let $\alpha \in K$ over $k$, with $g$ its minimal polynomial over $k$. Let $\alpha_i$ be generators of $K$ over $k$, with minimal polynomial $g_i$ over $k$. Let $E$ be the splitting field of the product of $g$ and all the $g_i$. Take $\alpha'$ some root of $g$ in $E$.

We will construct an embedding of $K$ into $E$ which sends $\alpha$ to $\alpha'$, so the image of that embedding will contain $\alpha'$. Meanwhile, (N2) tells us that the image is still $K$, so that $\alpha'$ must have been in $K$. Since $\alpha'$ was arbitrary, all roots of $g$ are in $K$, and hence it factors completely.

Since $g$ is irreducible and $\alpha,\alpha'$ roots of it, there is an isomorphism $\sigma: k(\alpha) \to k(\alpha')$ over $k$ which takes $\alpha$ to $\alpha'$. Sine $K$ is still generated by the $\alpha_i$ over the larger field $k(\alpha_i)$ and $E$ contains all the roots of their minimal polynomials, we can apply the normal lifting lemma to $K/k(\alpha)$ and $\sigma$ to produce an embedding of $K$ into $E$.

Now assume (N3). Let $\alpha_1,...,\alpha_n$ be generators for $K$ over $k$, meaning $K=K(\alpha_1,...,\alpha_n)$. By (N3), the minimal polynomial $g_i$ of $\alpha_i$ over $k$ splits completely in $K$. It follows that $K$ contains a splitting field of the product of the $g_i$; the reverse containment is immediate because each $\alpha_i$ is among the roots of $g$.

Note that in (N2) and (N2’), any map which takes $K$ to itself must be an isomorphism. Field homomorphisms are injective, and a field homomorphism over $k$ is also a homomorphism of $k$-vector spaces. Every injective map between $k$-vector spaces of the same finite dimension is an isomorphism.

Separability

As before, we define a few conditions that we will prove are equivalent:

Definition 2 Let $\alpha$ be algebraic over $k$. We say that $is separable if its minimal polynomial over $k$ has no repeated roots.

Let $K/k$ be a finite extension. We say that it is separable if it satisfies any of the following:

(S1) $K=k(\alpha)$ and the minimal polynomial of $\alpha$ has no repeated roots.
(S2) $K$ has $[K:k]$ distinct embeddings into any normal extension containing it.
(S2’) $K$ has $[K:k]$ distinct embeddings into any algebraic closure of $K$.
(S3) every element of $K$ is separable over $k$

We will split up the proof of the equivalence because (S3) implies (S1) is a major result on its own, known as the primitive element theorem (an extension of the form $k(\alpha)/k$, with a single generator) is called primitive.

To ease exposition, we make the following definition:

Definition 3 Let $K/k$ be a finite extension and $L/k$ some normal extension containing $K$. The separability degree of $K/k$ is the number of embeddings of $K$ into $L$. It is denoted $[K:k]_s$. Exercise: prove that it is independent of $L$; take two normal extensions $L$ and $M$, which can be embedded them both into a larger normal extension $N$ using the HLL, then verify that the number of embeddings of $K$ into $N$ is the same as the number into $L$ and $M$.

We recall a remark from the book:

If $k(\alpha)/k$ is a primitive extension, with minimal polynomial $g$, and $L/k$ any extension containing a splitting field for $g$, then the number of embeddings of $k(\alpha)/k$ into $L$ is precisely the number of distinct roots of $g$. In other words, $[k(\alpha):k]_s$ is the number of distinct roots of $g$.

In fact, the book remarked more, which we will now prove:

Lemma 5 Consider a tower $L/K/k$ of finite extensions. Then $[L:k]_s = [L:K]_s[K:k]_s$ – separable degree multiplies in towers, in other words.

Moreover, $[L:k]_s \leq [L:k]$.

Proof. We induct on the (usual) degree. There’s nothing to do if any of the degrees are $1$, so we assume otherwise. Since $L/K$ is finite, it can be written as $K(\alpha_1,...,\alpha_n)$. Let $n$ be minimal. Then $E = K(\alpha_1,...,\alpha_{n-1}) \neq L$. This gives us a tower $L=E(\alpha_n)/E/K/k$

By induction, we have both \[[E:k]_s = [E:K]_s[K:k]_s.\] and \[[L:K]_s = [E(\alpha_n):E]_s[E:K]_s.\]

From the lifting lemma/remark, we know that each embedding of $E$ into a sufficiently large normal extension has $[E(\alpha_n):E]_s$ extensions to $E(\alpha_n) = L$, hence \[[L:k]_s = [E(\alpha_n):E]_s[E:k]_s.\]

Simplifying with the the two inductive expressions eliminates $E$ and $E(\alpha_n)$, leaving the desired equality.

As for the final claim, we know it is true for primitive extensions by the remark. The finite extension $L$ can be obtained as a sequence of primitive extensions $k(\alpha_1)/k$, $k(\alpha_1,\alpha_2)/k(\alpha_1)$,…, so multiplicativity extends the inequality to the whole tower.

Note that multiplicativity implies that in a tower $L/K/k$, the whole extension $L/k$ is separable if and only if both $L/K$ and $K/k$ are separable.

Lemma 6 (S1) implies (S2) and (S2) implies (S3).

Proof. (S1) implies (S2) is part of the remark from the book.

Rather than (S2) implies (S3), we verify the contrapositive. Suppose $\alpha \in K$ is not separable over $k, so $[k(\alpha):k]_s < [k(\alpha):k]$. Applying our degree formulae to the tower $K/k(\alpha)/k$, this would lead to \[[K:k]_s = [K:k(\alpha)]_s [k(\alpha):k]_s \leq [K:k(\alpha)] [k(\alpha):k]_s < [K:k(\alpha)] [k(\alpha):k].\]

As in the case of normality, one can incorporate (S2’), the algebraic closure, by observing that any algebaic closure contains a sufficiently large finite normal extension to carry out the necessary arguments.

Finally, we prove (S3) implies (S1), better known as the primitive element theorem.

Theorem 2 Suppose $K/k$ is a finite extension satisfying (S3), meaning every element is separable over $k$. Then $K$ is primitive over $k$, meaning there is some $\gamma \in K$ such that $K = k(\gamma)$.

Proof. If $k$ is finite, so is $K$, and we can let $\gamma$ be a generator of the multiplicative subgroup. So we may assume $k$ is infinite.

By a straightforward induction, we can reduce to the case $K=k(\alpha,\beta)$. We will show that an element of the form \[\gamma = \alpha + c\beta\] will generate $K$ for all but finitely many $c$ in $k$; we excluded the case of $k$ finite to ensure that there will always be at least one usable $c$.

We observed above that $[k(\gamma):k] \geq [k(\gamma):k]_s$, and by assumption $[K:k] = [K:k]_s$. Since $k(\gamma)$ is a subfield of $K$, therefore, it suffices to show $[k(\gamma):k]_s \geq [K:k]_s$.

Let $\sigma\neq \tau$ be two embeddings of $K$ into some large normal extension. Our aim is to show that, if $c$ is chosen well, then $\sigma(\gamma)\neq \tau(\gamma)$.

Reorganizing, we see that we want \[0 \neq \gamma^\sigma - \gamma^\tau = (\alpha^\sigma - \alpha^\tau)+ c (\beta^\sigma - \beta^\tau)\]

If the coefficient of $c$ were zero, then $\beta^\sigma = \beta^\tau$ and hence $\alpha^\sigma \neq \alpha^\tau$, else $\sigma = \tau$, so the above non-equality would hold regardless of $c$. So assume otherwise, and rearrange further: \[c \neq \frac{\alpha^\tau - \alpha^\sigma}{\beta^\sigma - \beta^\tau}.\]

The right hand side describes only finitely many elements, because there are only finitely many choices for each $\alpha^\tau,\alpha^\sigma$ resp. $\beta^\sigma,\beta^\tau$, as they’re all roots of the minimal polynomial of $\alpha$ resp. $\beta$ over $k$.

Galois Theory

One can summarize pieces of our results on finite normal and separable extensions in two slogans:

$K/k$ is normal when every embedding is an automorphism.

$K/k$ is separable when it has as many embeddings as it should (its degre).

A finite extension is called Galois if it is both normal and separable:

$K/k$ is Galois when it has as many automorphisms as it should (its degree).

Indeed, our characterizations of normality and separability furnish

Theorem 3 Let $K/k$ be a finite extension. It is Galois if and only if it has $[K:k]$ automorphisms over $k$.

It may be worth noting that one can give a very pared-down development of normality and separability to define Galois extensions quite quickly: a version of the PET can be proven without reference to embeddings, and will just tell you that the splitting field of a separable polynomial is of the form $k(\gamma)/k$, avoiding separable degree and so on. The facts we proved about normal extensions are much simpler for primitive extensions, which after all formed the base case for our inductions. But inseparable normal extensions are really interesting, so it’s better to develop a theory which includes them!

However, the proofs are worth the detour, and having a variety of equivalent definitions is helpful. As I’ve organized them, (N1) and (S1) are each to check in concrete cases, while (N2) and (S2) are often useful for proving general facts or checking extensions not concretely associated to polynomials, and (N3) and (S3) tell you about properties of field elements based on the extension plus lend themselves to inductive arguments. When we prove the funmental theorem(s) of Galois theory, all of them will find uses!

Algebraic Closure / Lifting Lemma

This version of the lifting lemma is usually the most useful version, but unfortunately we avoid its use because don’t rigorously construct the algebraic closure. Nevertheless, it will be good for you to know.

Lemma 7 Let $K/k$ be a finite extension and $E$ an algebraically closed field with an embedding $\iota$ from $k$ into $E$. Then there is an embedding $\sigma$ of $K$ into $E$ which extends $\iota$.

Proof. By induction on the degree of the extension $K/k$. Let $\alpha \in K$ with minimal polynomial $f(x) \in k[x]$. We may as well assume $\alpha \not \in K$. Applying $\iota$ to the coefficients of $f$, we obtain a polynomial $g(x)$ in $\iota(k)[x]$, a subring of $E[x]$. Since $E$ is algebraically closed, $g(x)$ has some root $\beta$ in $E$.

Using the lifting lemma from class, we can extend $\iota$ to an embedding $\tilde \iota$ of $k(\alpha)$ into $E$ which sends $\alpha$ to $\beta$. Concretely, the first isomorphism theorem shows us that $k(\alpha) \cong k[x]/f$ and $\iota(k)(\beta) \cong \iota(k)[x]/g \cong k[x]/f$ by using evaluation maps.

This now gives us an extension $K/k(\alpha)$ and an embeding $\tilde \iota$ into the algebraically closed field $E$. We chose $\alpha \not \in k$, so $K/k(\alpha)$ has strictly smaller degree. By induction, then, we extend $\tilde \iota$ the rest of the way up to $K$

In fact, the lemma is true with “algebraic” in place of finite, because an algebraic extension is a union of all its finite sub-extensions. Filling in the details requires some technicalities with Zorn’s Lemma that we would rather avoid.

Note, however, that if you accept this generalization, it’s easy to show any two algebraic closures are isomorphic: if $E_1/k$ and $E_2/k$ are algebraic closures, llifting the identity produces a map from $E_1$ to $E_2$. The image is still algebraically closed, so it must be $E_2$, and therefore the map is an isomorphism!