# Algebraic Number Theory

**Algebraic number theory** is the study of roots of polynomials with rational or integral coefficients. These numbers lie in algebraic structures with many similar properties to those of the integers.

The historical motivation for the creation of the subject was solving certain Diophantine equations, most notably Fermat's famous conjecture, which was eventually proved by Wiles et al. in the 1990s:

If \(n \) is a positive integer \( \ge 3 \), and \( x^n+y^n=z^n \) for integers \( x,y,z \), then \( xyz = 0 \).

The main idea is that an expression like \( z^n-y^n \) will not factor completely over the rational numbers, but will factor into linear factors if the coefficients are allowed to include the primitive \(n^\text{th}\) roots of unity \( \zeta_n \). That is, instead of working over \( \mathbb Q \), the problem is better analyzed by working in \( {\mathbb Q}(\zeta_n) \), the set of linear combinations of powers of \( \zeta_n \) with coefficients in \( \mathbb Q \). The next question becomes "Which properties of the rational numbers and integers will carry over into this larger field?" This is the focus of classical algebraic number theory.

Ironically, the efforts of many 19\(^\text{th}\) century mathematicians to establish a proof of the above theorem along these lines proved eventually fruitless; the successful proof brought together many very deep results from other areas. But their failed efforts nevertheless created a beautiful and useful new area of mathematics in its own right.

#### Contents

## Algebraic Numbers and Algebraic Integers

The first step is to characterize the complex numbers like \( \zeta_n \) that will be the subjects of study.

A complex number \( \alpha \) is an

algebraic numberif it is a root of a monic polynomial with rational coefficients. It is analgebraic integerif is a root of a monic polynomial with integer coefficients.

\( \sqrt{2} \) is an algebraic integer, as it is a root of the polynomial \( f(x) = x^2-2\).

\( \sqrt[3]{\frac12\, } \) is an algebraic number, as it is a root of the polynomial \( f(x) = x^3-\frac12 \). It is not an algebraic integer, although this is not immediately obvious.

The primitive \(n^\text{th}\) root of unity \( \zeta_n = e^{2\pi i/n} = \cos \frac{2\pi}{n} + i\sin \frac{2\pi}{n} \) is an algebraic integer.

\(\pi\) is not an algebraic number. This is not at all obvious--it was proved by Lindemann in 1882. Numbers that are not algebraic are called transcendental, and proving that a number is transcendental is usually quite difficult.

As will become more clear, algebraic number theory deals with the *algebraic* aspects of these numbers, forgetting that they are real or complex numbers (or more precisely forgetting where they are located amongst other real or complex numbers). What matters is the algebraic relations that these numbers satisfy. While it is convenient to imagine \( \zeta_n\) as the "first" \(n^\text{th}\) root of unity \(e^{2\pi i/n}\), one could equally imagine it to be the \(k^\text{th}\), so long as \(k\) is coprime to \(n\).

## Minimal Polynomial

Any algebraic number (or algebraic integer) \(\alpha\) is a root of many polynomials with rational (or integral) coefficients; for instance, \( \sqrt{2} \) is also a root of \( x^4-5x^2+6 \). But there is one polynomial that is, in a sense, *the* polynomial of which \( \alpha \) is a root.

The

minimal polynomialof an algebraic number \( \alpha \) is the monic polynomial with rational coefficients of minimal degree of which \( \alpha \) is a root.

Recall that a **monic polynomial** is a polynomial whose leading coefficient is \( 1.\)

Let \( \alpha \) be an algebraic number and let \( f(x) \) be its minimal polynomial. Then the following are true:

- If \( g(\alpha) = 0 \) and \( g(x) \) has rational coefficients, then \( f(x)\big|g(x) \).
- \( f(x) \) is
irreducible, i.e. it cannot be factored as the product of two polynomials with rational coefficients of smaller degree: \[ f(x) = a(x)b(x) \text{ with } \text{deg}(a), \text{deg}(b) < \text{deg}(f). \]- If \( g(\alpha) = 0 \), \( g(x) \) is monic with rational coefficients, and \( g(x) \) is irreducible, then \( g(x) = f(x) \).
- \( f \) has integer coefficients if and only if \( \alpha \) is an algebraic integer.

The first statement is a standard application of the division algorithm for polynomials: let \( g(x) = f(x)q(x)+r(x) \) with \( \text{deg}(r) < \text{deg}(f) \) or \( r(x) = 0 \). Then plugging in \(\alpha \) gives \( r(\alpha) = 0 \), which contradicts minimality of \( f \) unless \( r(x) = 0 \). So \( r(x) = 0 \) and \( f(x)\big|g(x) \).

For the second statement, if \( f(x) = a(x)b(x) \), we may assume that \( a \) and \( b \) are monic (by multiplying them by the appropriate rational numbers); then \( 0 = f(\alpha) = a(\alpha)b(\alpha) \), so \( \alpha\) is a root of either \( a \) or \( b \), which contradicts the minimality of \( f\).

The third statement follows from the first: since \( f(x)\big|g(x) \) and \( g \) is irreducible, the degrees of \( f \) and \( g \) must be the same, so \( g \) is a constant times \( f\). But they are both monic, so the constant must be \( 1 \). (This shows that the minimal polynomial is unique.)

The fourth statement is not as easy; if \( f \) has integer coefficients, then \( \alpha \) is an algebraic integer by definition, but the other direction requires some work. If \( \alpha \) is an algebraic integer, then there is some monic polynomial \( g(x) \) with integer coefficients of which \(\alpha \) is a root. Then \( f(x)\big|g(x) \) by (1), so \( f(x)h(x) = g(x) \) for some monic polynomial \( h \) with rational coefficients. The idea is to show that \(f \) \((\)and \( h) \) actually have integer coefficients; this is a special case of Gauss's lemma. \(_\square\)

\( \sqrt[3]{\frac12\, } \) is not an algebraic integer, because its minimal polynomial is \( x^3-\frac12 \), which does not have integer coefficients. \((\)To see that this is its minimal polynomial, note that \( x^3-\frac12 \) is irreducible because it has no rational roots.\()\)

\( \zeta_n \) is an algebraic integer, as it is a root of \( x^n-1 \). But if \( n \ge 2\), this is not the minimal polynomial of \( \zeta_n \), because it is not irreducible \((\)it is divisible by \( x-1). \) The minimal polynomial of \( \zeta_n \) is called the \(n^\text{th}\) cyclotomic polynomial \( \Phi_n(x)\), which has many interesting properties.

The

degreeof an algebraic number \( \alpha \) is the degree of its minimal polynomial.

The degree of \(\sqrt{2}\) is \( 2\). The degree of \( \sqrt[3]{\frac12\, } \) is \( 3 \).

The degree of \(\zeta_n\), which is the degree of the \(n^\text{th}\) cyclotomic polynomial, is \( \phi(n) \), where \( \phi \) is the Euler totient function. For example, \( \zeta_5 \) is a root of \( \frac{x^5-1}{x-1} = x^4+x^3+x^2+x+1 \), which can be proved to be irreducible by a trick involving Eisenstein's irreducibility criterion (see the wiki for details). So the degree of \( \zeta_5 \) is \(4 \).

## Ring of Integers

The sets of algebraic numbers and algebraic integers have some helpful structure. For example, they are closed under addition and multiplication:

Let \( \alpha\) and \(\beta \) be algebraic numbers. Then \( \frac1{\alpha}\) \((\)if \( \alpha \ne 0), \) \( \alpha + \beta \), and \( \alpha\beta \) are also algebraic numbers. If \( \alpha\) and \( \beta \) are algebraic integers, then so are \(\alpha + \beta \) and \( \alpha\beta \).

To discuss the theorem, it will help to introduce some terminology:

Let \( \alpha \) be a complex number. Then define \( {\mathbb Q}(\alpha) \) to be

the set of all polynomials in \( \alpha \) with rational coefficients: that is, expressions of the form \( a_0 + a_1 \alpha + \cdots + a_k \alpha^k \) for some \( k \), where all the \( a_i \) are rational.Define \( {\mathbb Z}[\alpha] \) to be

the set of all polynomials in \( \alpha \) with integer coefficients.

Lemma:

- If \( \alpha \) is an algebraic number, then \( {\mathbb Q}(\alpha) \) equals the set of all expressions \( a_0+a_1\alpha + \cdots + a_{d-1} \alpha^{d-1}, \) where \( d = \text{deg}(\alpha)\) and the \( a_i \) are rational. \((\)In the language of linear algebra, \( {\mathbb Q}(\alpha) \) is a vector space over \( \mathbb Q \) of dimension \( d.)\)
- If \( \alpha \) is an algebraic integer, then \( {\mathbb Z}[\alpha] \) equals the set of all expressions \( a_0+a_1\alpha+\cdots+a_{d-1}\alpha^{d-1} ,\) where the \( a_i \) are integers. \((\)In the language of group theory, \( {\mathbb Z}[\alpha]\) is a
finitely generated abelian group\(.)\)

The point is that higher powers of \( \alpha \) can be "reduced" using the minimal polynomial; since \( \alpha^d + c_{d-1}\alpha^{d-1} + \cdots + c_0 = 0 \) for some coefficients \( c_i \), \( \alpha^d \) can be rewritten as a linear combination of lower powers of \( \alpha \). This can similarly be done for \( \alpha^{d+1}, \alpha^{d+2},\) and so on. \(_\square\)

\( {\mathbb Q}\left(\sqrt[3]{\frac12\, }\right) \) is the set of expressions of the form \( a+b\sqrt[3]{\frac12\, } + c\sqrt[3]{\frac14\, }\), because \( \sqrt[3]{\frac18\, } = \frac12 \) can be absorbed into the \( a\) term, \( \sqrt[3]{\frac1{16}\, } = \frac12 \sqrt[3]{\frac12\, } \) can be absorbed into the \( b \) term, and so on.

\( {\mathbb Z}[\zeta_5] \) is the set of expressions of the form \( a_0+ a_1\zeta_5 + a_2\zeta_5^2 +a_3 \zeta_5^3 \), where the \( a_i \) are integers, because \( \zeta_5^4 = -\zeta_5^3-\zeta_5^2-\zeta_5-1 \) and higher powers of \( \zeta_5 \) can similarly be reduced to a linear combination of lower powers.

The proof of the theorem uses some linear algebra to explicitly find polynomials that \( \alpha+\beta\) and \( \alpha\beta\) satisfy. The idea is to look at \( {\mathbb Q}(\alpha,\beta) \) or \( {\mathbb Z}[\alpha,\beta] \), and establish a dependency relation between the powers of \( \alpha+\beta \) \((\)or the powers of \( \alpha\beta).\) Rather than developing the machinery necessary to do the proof in general, it is easiest to look at an explicit example.

Find the minimal polynomial of \( \sqrt{2}+\sqrt{3} \).

Consider the powers of \( \alpha = \sqrt{2}+\sqrt{3}: \)

\[ \begin{align} \alpha^0 &= 1+0\sqrt{2} + 0\sqrt{3} + 0\sqrt{6} \\ \alpha^1 &= 0+1\sqrt{2}+ 1\sqrt{3} + 0\sqrt{6} \\ \alpha^2 &= 5+0\sqrt{2}+ 0 \sqrt{3} + 2\sqrt{6} \\ \alpha^3 &= 0+11\sqrt{2}+ 9\sqrt{3} + 0 \sqrt{6} \\ \alpha^4 &= 49+0\sqrt{2}+0\sqrt{3} + 20\sqrt{6}. \end{align} \]

Setting some linear combination of these powers equal to \( 0 \) yields four linear equations in five unknowns; this will always have a nontrivial solution. In this case, it's not hard to see that \( \alpha^4-10\alpha^2+1 = 0 \). So the minimal polynomial is \( x^4-10x^2+1. \) (Minimality is an exercise for the reader--one way to do it is to show that there is no nontrivial linear combination of the first four powers that yields 0.) \(_\square\)

## Unique Factorization

A nice property of \( \mathbb Z \) is the fundamental theorem of arithmetic that every integer factors essentially uniquely as the product of primes. It would be quite useful if this property extended to rings like \( \mathbb Z\big[\sqrt{d}\,\big]; \) here is an example due to Fermat that illustrates this.

Find all solutions in integers to \( y^2 = x^3-2 \).

Write \( x^3 = y^2+2 = \big(y+\sqrt{-2}\big)\big(y-\sqrt{-2}\big) \). It is a fact that every element in \( {\mathbb Z}\big[\sqrt{-2}\,\big]\) can be factored uniquely as a product of irreducible elements \((\)unique up to reordering and multiplying by \( \pm 1).\) Here an irreducible element is one that cannot be factored into a product of two other elements unless one of the factors is \( \pm 1 \).

Now suppose \( \gamma \) is a factor of \( y+\sqrt{-2} \) and \( y-\sqrt{-2} \). Then \( \gamma \) divides the difference, \( 2\sqrt{-2} = -\big(\sqrt{-2}\big)^3\), so \( \gamma \) is \( \pm \) a power of \( \sqrt{-2} \). Then it is impossible for \( \gamma \) to divide \( y+\sqrt{-2} \) unless \( y = 0 \), which is not a solution, or \( \gamma \) is \( \pm 1 \).

So the two factors are relatively prime; hence they are both cubes since their product is.

Write \( \big(a+b\sqrt{-2}\big)^3 = y+\sqrt{-2} \). Expanding and equating coefficients of \( \sqrt{-2} \) gives \( 3a^2b-2b^3 = 1 \), so \( b\big(3a^2-2b^2\big) = 1 \). Since \( b\big|1,\) \( b = \pm 1 \), and plugging back in leads to two solutions \( (a,b) = (\pm 1, 1) \). Since \( y = a^3-6ab^2\), this gives \( y = \pm 5 \), which gives \( x = 3 \). So \( (3,\pm 5 ) \) are the only two solutions. \(_\square\)

There is an extremely significant subtlety in the above argument. It appears to be applicable to equations like \( y^2=x^3-d \) in more generality, but something goes wrong:

Find all solutions in integers to \( y^2=x^3-61 \).

Proceed along the same lines as the above example. Get that \( y+\sqrt{-61}\) is a cube in \( {\mathbb Z}\big[\sqrt{-61}\,\big] \) and write \( \big(a+b\sqrt{-61}\big)^3 = y+\sqrt{-61} \). Equate coefficients to get \( y = a^3-183ab^2 \) and \( 1 = 3a^2b-61b^3 \). As before, \( b = \pm 1 \), but plugging back into the latter equation yields \( 3a^2 = 62 \) or \( 60 \), which has no solutions. So there are no solutions. \(_\square\)

There must be something wrong with this argument, because \( (5,8) \) is clearly a solution. What is going on?

The problem is that **unique factorization into irreducibles does not hold** in \( {\mathbb Z}\big[\sqrt{-61}\,\big] \). Indeed,

\[ 5^3 = \big(8+\sqrt{-61}\big)\big(8-\sqrt{-61}\big) \]

and \( 5, 8+\sqrt{-61}, 8-\sqrt{-61} \) are all irreducible.

On the other hand, the first example does furnish a correct proof, because \( {\mathbb Z}\big[\sqrt{-2}\,\big] \) does have the unique factorization property. The difference is that there is a division algorithm in \( {\mathbb Z}\big[\sqrt{-2}\,\big] \), which is the foundation that the fundamental theorem of arithmetic is based on. For a nice account of this chain of reasoning for \( {\mathbb Z}\big[\sqrt{-1}\,\big] \), see the wiki on the Gaussian integers. Note that the same division algorithm works in \( {\mathbb Z}\big[\sqrt{-2}\,\big] \) because

\[ \sqrt{\left( \frac12 \right)^2+2\left(\frac12\right)^2} = \frac{\sqrt{3}}2 < 1. \]

Now, you might just wonder,"For which \(d\) is \( {\mathbb Z}\big[\sqrt{-d}\,\big]\) going to be a **unique factorization domain** (or in short **UFD**)?" There is only a finite number of such \(d\) 's, or to be more explicit, there are only \(9\) of them: \(1,2,3,7,11,19,43,67,163.\) These numbers are called **Heegner number** after Kurt Heegner.
Note that when \(d=1\), we are talking about \( {\mathbb Z}\big[\sqrt{i}\,\big]\) or **Gaussian integers**.

## Rings and Ideals in Algebraic Number Theory

The sets \( {\mathbb Z}[\alpha] \) considered above are special cases of a general algebraic object called a ring. A ring is a set equipped with two operations, addition and multiplication, satisfying various natural properties (commutativity, distributivity, etc.). Rings with division algorithms are called **Euclidean rings.** As discussed above, Euclidean rings have some form of unique factorization into irreducibles.

It turns out that unique factorization can be recovered in some weaker sense for the rings \( {\mathbb Z}[\alpha]\) which are not Euclidean, by passing to *ideals*. These were introduced in the \(19^\text{th}\) century by Ernst Kummer, a number theorist who worked on Fermat's conjecture.

An

ideal\( (\beta_1,\beta_2,\ldots,\beta_k) \) in \( R = {\mathbb Z}[\alpha]\) is the set\[\{ \beta_1 r_1 + \cdots + \beta_k r_k \colon r_i \in R \}.\]

The ideal is said to be

generated by\( \beta_1, \ldots, \beta_k \).

Note that an ideal is closed under addition and "swallows up" under multiplication: if \( \alpha \in I \) and \( r \in R\), then \( \alpha r \in I \). (These two properties are used for a more general definition of an ideal for a general ring, but this down-to-earth definition is equivalent to the general one for the rings considered here.)

An ideal is

principalif it is generated by a single element. A ring is aprincipal ideal ringif every ideal in the ring is principal.

Now the chain of reasoning used to develop the unique factorization property in Euclidean rings shows the following:

Every Euclidean ring is a principal ideal ring.

**Proof**: In a Euclidean ring, there is a sense of size (since the remainder via division has to be "smaller than" the quotient). Given an ideal \( I \), take the smallest nonzero element \( \beta. \) Let \( \gamma\) be another element in \( I\) and write \( \gamma = \beta q + r \), where \( r\) is smaller than \( \beta \). But then \( r = \gamma-\beta q \) is in \( I \) as well, but \( \beta \) was supposed to be the smallest nonzero element, so the only possibility is that \( r = 0 \) and \( \gamma = \beta q \). So \( \gamma \) is in the ideal generated by \( \beta \). \(_\square\)

Now, \( {\mathbb Z}\big[\sqrt{-61}\,\big] \) is not a principal ideal ring. The ideal \( \big(5,8+\sqrt{-61}\big) \) is not principal. But it turns out that rings of algebraic integers like \( {\mathbb Z}\big[\sqrt{-61}\,\big]\) satisfy the nice property that **every ideal factors uniquely as a product of prime ideals.** Here a prime ideal is defined to be an ideal \( I \) such that if \( \alpha\beta \in I \), then \( \alpha \in I \) or \( \beta\in I\). \((\)The name is reasonable: the prime ideals in the principal ideal ring \( {\mathbb Z} \) are the ones generated by a prime number, since \( p|ab \Leftrightarrow p|a \) or \( p|b.) \)

So \( (5) \) is not a prime ideal in \( {\mathbb Z}\big[\sqrt{-61}\,\big], \) because \( \big(8+\sqrt{-61}\big)\big(8-\sqrt{-61}\big) = 125 \in (5) \), but neither \( 8+\sqrt{-61} \) nor \( 8-\sqrt{-61} \) lies in \( (5) \). But the factorization

\[(5) = \big(5,8+\sqrt{-61}\big)\big(5,8-\sqrt{-61}\big)\]

shows that \( (5) \) can be written as a product of prime ideals.

## Return to Fermat's Conjecture

If \( p \) is an odd prime, the equation \( x^p + y^p = z^p \) can be factored in \( {\mathbb Z}\big[\zeta_p\big]\) as

\[z^p = (x+y)(x+y\zeta_p)\big(x+y\zeta_p^2\big)\ldots\big(x+y\zeta_p^{p-1}\big).\]

This factorization can be used in a way that is somewhat similar to the examples \( y^2=x^3-d \) above, to derive a contradiction under a technical assumption on \( p \) which involves the structure of the ideals in \( {\mathbb Z}\big[\zeta_p\big].\) Kummer called the primes satisfying this assumption **regular primes**, and he was able to prove Fermat's conjecture for regular primes.

Unfortunately, it is known that there are infinitely many irregular primes, and it is not even known whether there are infinitely many regular primes! (Heuristics suggest that about 61% of primes are regular.)

While this approach to Fermat's conjecture proved to be somewhat of a dead end, the theory that it helped create is a triumph of modern mathematics.

## See Also

**Cite as:**Algebraic Number Theory.

*Brilliant.org*. Retrieved from https://brilliant.org/wiki/algebraic-number-theory/