Course 311: Hilary Term 2000

Part III: Introduction to Galois Theory

D. R. Wilkins

Contents
3 Introduction to Galois Theory 2
3.1 Rings and Fields . . . . . . . . . . . . . . . . . . . . . . . . . 2
3.2 Ideals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.3 Quotient Rings and Homomorphisms . . . . . . . . . . . . . . 5
3.4 The Characteristic of a Ring . . . . . . . . . . . . . . . . . . . 7
3.5 Polynomial Rings . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.6 Gauss’s Lemma . . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.7 Eisenstein’s Irreducibility Criterion . . . . . . . . . . . . . . . 12
3.8 Field Extensions and the Tower Law . . . . . . . . . . . . . . 12
3.9 Algebraic Field Extensions . . . . . . . . . . . . . . . . . . . . 14
3.10 Ruler and Compass Constructions . . . . . . . . . . . . . . . . 16
3.11 Splitting Fields . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.12 Normal Extensions . . . . . . . . . . . . . . . . . . . . . . . . 24
3.13 Separability . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
3.14 Finite Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.15 The Primitive Element Theorem . . . . . . . . . . . . . . . . . 30
3.16 The Galois Group of a Field Extension . . . . . . . . . . . . . 31
3.17 The Galois correspondence . . . . . . . . . . . . . . . . . . . . 33
3.18 Quadratic Polynomials . . . . . . . . . . . . . . . . . . . . . . 35
3.19 Cubic Polynomials . . . . . . . . . . . . . . . . . . . . . . . . 35
3.20 Quartic Polynomials . . . . . . . . . . . . . . . . . . . . . . . 36
3.21 The Galois group of the polynomial x4 − 2 . . . . . . . . . . . 37
3.22 The Galois group of a polynomial . . . . . . . . . . . . . . . . 39
3.23 Solvable polynomials and their Galois groups . . . . . . . . . . 39
3.24 A quintic polynomial that is not solvable by radicals . . . . . 43

1
3 Introduction to Galois Theory
3.1 Rings and Fields
Definition A ring consists of a set R on which are defined operations of
addition and multiplication satisfying the following axioms:
• x+y = y+x for all elements x and y of R (i.e., addition is commutative);
• (x + y) + z = x + (y + z) for all elements x, y and z of R (i.e., addition
is associative);
• there exists an an element 0 of R (known as the zero element) with the
property that x + 0 = x for all elements x of R;
• given any element x of R, there exists an element −x of R with the
property that x + (−x) = 0;
• x(yz) = (xy)z for all elements x, y and z of R (i.e., multiplication is
associative);
• x(y + z) = xy + xz and (x + y)z = xz + yz for all elements x, y and z
of R (the Distributive Law ).

Lemma 3.1 Let R be a ring. Then x0 = 0 and 0x = 0 for all elements x of

R.

Proof The zero element 0 of R satisfies 0 + 0 = 0. Using the Distributive

Law, we deduce that x0 + x0 = x(0 + 0) = x0 and 0x + 0x = (0 + 0)x = 0x.
Thus if we add −(x0) to both sides of the identity x0 + x0 = x0 we see that
x0 = 0. Similarly if we add −(0x) to both sides of the identity 0x + 0x = 0x
we see that 0x = 0.

Lemma 3.2 Let R be a ring. Then (−x)y = −(xy) and x(−y) = −(xy) for
all elements x and y of R.

Proof It follows from the Distributive Law that xy +(−x)y = (x+(−x))y =

0y = 0 and xy + x(−y) = x(y + (−y)) = x0 = 0. Therefore (−x)y = −(xy)
and x(−y) = −(xy).

A subset S of a ring R is said to be a subring of R if 0 ∈ S, a + b ∈ S,

−a ∈ S and ab ∈ S for all a, b ∈ S.
A ring R is said to be commutative if xy = yx for all x, y ∈ R. Not every
ring is commutative: an example of a non-commutative ring is provided by
the ring of n × n matrices with real or complex coefficients when n > 1.

2
 A ring R is said to be unital if it possesses a (necessarily unique) non-zero
multiplicative identity element 1 satisfying 1x = x = x1 for all x ∈ R.

Definition A unital commutative ring R is said to be an integral domain if

the product of any two non-zero elements of R is itself non-zero.

Definition A field consists of a set K on which are defined operations of

addition and multiplication satisfying the following axioms:

• x+y = y+x for all elements x and y of K (i.e., addition is commutative);

• (x + y) + z = x + (y + z) for all elements x, y and z of K (i.e., addition

is associative);

• there exists an an element 0 of K known as the zero element with the

property that x + 0 = x for all elements x of K;

• given any element x of K, there exists an element −x of K with the

property that x + (−x) = 0;

• xy = yx for all elements x and y of K (i.e., multiplication is commuta-

tive);

• x(yz) = (xy)z for all elements x, y and z of K (i.e., multiplication is

associative);

• there exists a non-zero element 1 of K with the property that 1x = x

for all elements x of K;

• given any non-zero element x of K, there exists an element x−1 of K

with the property that xx−1 = 1;

• x(y + z) = xy + xz and (x + y)z = xz + yz for all elements x, y and z

of K (the Distributive Law ).

An examination of the relevant definitions shows that a unital commuta-

tive ring R is a field if and only if, given any non-zero element x of R, there
exists an element x−1 of R such that xx−1 = 1. Moreover a ring R is a field
if and only if the set of non-zero elements of R is an Abelian group with
respect to the operation of multiplication.

Lemma 3.3 A field is an integral domain.

3
Proof A field is a unital commutative ring. Let x and y be non-zero elements
of a field K. Then there exist elements x−1 and y −1 of K such that xx−1 = 1
and yy −1 = 1. Then xyy −1 x−1 = 1. It follows that xy 6= 0, since 0(y −1 x−1 ) =
0 and 1 6= 0.

The set Z of integers is an integral domain with respect to the usual

operations of addition and multiplication. The sets Q, R and C of rational,
real and complex numbers are fields.

3.2 Ideals
Definition Let R be a ring. A subset I of R is said to be an ideal of R if
0 ∈ I, a + b ∈ I, −a ∈ I, ra ∈ I and ar ∈ I for all a, b ∈ I and r ∈ R. An
ideal I of R is said to be a proper ideal of R if I 6= R.

Note that an ideal I of a unital ring R is proper if and only if 1 6∈ I.

Indeed if 1 ∈ I then r ∈ I for all r ∈ R, since r = r1.

Lemma 3.4 A unital commutative ring R is a field if and only if the only
ideals of R are {0} and R.

Proof Suppose that R is a field. Let I be a non-zero ideal of R. Then

there exists x ∈ I satisfying x 6= 0. Moreover there exists x−1 ∈ R satisfying
xx−1 = 1 = x−1 x. Therefore 1 ∈ I, and hence I = R. Thus the only ideals
of R are {0} and R.
Conversely, suppose that R is a unital commutative ring with the property
that the only ideals of R are {0} and R. Let x be a non-zero element of R,
and let Rx denote the subset of R consisting of all elements of R that are of
the form rx for some r ∈ R. It is easy to verify that Rx is an ideal of R. (In
order to show that yr ∈ Rx for all y ∈ Rx and r ∈ R, one must use the fact
that the ring R is commutative.) Moreover Rx 6= {0}, since x ∈ Rx. We
deduce that Rx = R. Therefore 1 ∈ Rx, and hence there exists some element
x−1 of R satisfying x−1 x = 1. This shows that R is a field, as required.

The intersection of any collection of ideals of a ring R is itself an ideal

of R. For if a and b are elements of R that belong to all the ideals in the
collection, then the same is true of 0, a + b, −a, ra and ar for all r ∈ R.
Let X be a subset of the ring R. The ideal of R generated by X is defined
to be the intersection of all the ideals of R that contain the set X. Note that
this ideal is well-defined and is the smallest ideal of R containing the set X
(i.e., it is contained in every other ideal that contains the set X).

4
 We denote by (f1 , f2 , . . . , fk ) the ideal of R generated by any finite subset
{f1 , f2 , . . . , fk } of R. We say that an ideal I of the ring R is finitely generated
if there exists a finite subset of I which generates the ideal I.

Lemma 3.5 Let R be a unital commutative ring, and let X be a subset of

R. Then the ideal generated by X coincides with the set of all elements of
R that can be expressed as a finite sum of the form r1 x1 + r2 x2 + · · · + rk xk ,
where x1 , x2 , . . . , xk ∈ X and r1 , r2 , . . . , rk ∈ R.

Proof Let I be the subset of R consisting of all these finite sums. If J is any
ideal of R which contains the set X then J must contain each of these finite
sums, and thus I ⊂ J. Let a and b be elements of I. It follows immediately
from the definition of I that 0 ∈ I, a + b ∈ I, −a ∈ I, and ra ∈ I for all
r ∈ R. Also ar = ra, since R is commutative, and thus ar ∈ I. Thus I
is an ideal of R. Moreover X ⊂ I, since the ring R is unital and x = 1x
for all x ∈ X. Thus I is the smallest ideal of R containing the set X, as
required.

Each integer n generates an ideal nZ of the ring Z of integers. This ideal

consists of those integers that are divisible by n.

Lemma 3.6 Every ideal of the ring Z of integers is generated by some non-
negative integer n.

Proof The zero ideal is of the required form with n = 0. Let I be some
non-zero ideal of Z. Then I contains at least one strictly positive integer
(since −m ∈ I for all m ∈ I). Let n be the smallest strictly positive integer
belonging to I. If j ∈ I then we can write j = qn + r for some integers q
and r with 0 ≤ r < n. Now r ∈ I, since r = j − qn, j ∈ I and qn ∈ I.
But 0 ≤ r < n, and n is by definition the smallest strictly positive integer
belonging to I. We conclude therefore that r = 0, and thus j = qn. This
shows that I = nZ, as required.

3.3 Quotient Rings and Homomorphisms

Let R be a ring and let I be an ideal of R. If we regard R as an Abelian
group with respect to the operation of addition, then the ideal I is a (normal)
subgroup of R, and we can therefore form a corresponding quotient group
R/I whose elements are the cosets of I in R. Thus an element of R/I is of
the form I + x for some x ∈ R, and I + x = I + x0 if and only if x − x0 ∈ I. If

5
x, x0 , y and y 0 are elements of R satisfying I + x = I + x0 and I + y = I + y 0
then
(x + y) − (x0 + y 0 ) = (x − x0 ) + (y − y 0 ),
xy − x0 y 0 = xy − xy 0 + xy 0 − x0 y 0 = x(y − y 0 ) + (x − x0 )y 0 .

But x − x0 and y − y 0 belong to I, and also x(y − y 0 ) and (x − x0 )y 0 belong

to I, since I is an ideal. It follows that (x + y) − (x0 + y 0 ) and xy − x0 y 0
both belong to I, and thus I + x + y = I + x0 + y 0 and I + xy = I + x0 y 0 .
Therefore the quotient group R/I admits well-defined operations of addition
and multiplication, given by
(I + x) + (I + y) = I + x + y, (I + x)(I + y) = I + xy
for all I +x ∈ R/I and I +y ∈ R/I. One can readily verify that R/I is a ring
with respect to these operations. We refer to the ring R/I as the quotient of
the ring R by the ideal I.

Example Let n be an integer satisfying n > 1. The quotient Z/nZ of the

ring Z of integers by the ideal nZ generated by n is the ring of congruence
classes of integers modulo n. This ring has n elements, and is a field if and
only if n is a prime number.

Definition A function ϕ: R → S from a ring R to a ring S is said to be a

homomorphism (or ring homomorphism) if and only if ϕ(x+y) = ϕ(x)+ϕ(y)
and ϕ(xy) = ϕ(x)ϕ(y) for all x, y ∈ R. If in addition the rings R and S are
unital then a homomorphism ϕ: R → S is said to be unital if ϕ(1) = 1 (i.e.,
ϕ maps the identity element of R onto that of S).

Let R and S be rings, and let ϕ: R → S be a ring homomorphism. Then

the kernel ker ϕ of the homomorphism ϕ is an ideal of R, where
ker ϕ = {x ∈ R : ϕ(x) = 0}.
The image ϕ(R) of the homomorphism is a subring of S; however it is not
in general an ideal of S.
An ideal I of a ring R is the kernel of the quotient homomorphism that
sends x ∈ R to the coset I + x.

Definition An isomorphism ϕ: R → S between rings R and S is a ho-

momorphism that is also a bijection between R and S. The inverse of an
isomorphism is itself an isomorphism. Two rings are said to be isomorphic
if there is an isomorphism between them.

6
 The verification of the following result is a straightforward exercise.

Proposition 3.7 Let ϕ: R → S be a homomorphism from a ring R to a

ring S, and let I be an ideal of R satisfying I ⊂ ker ϕ. Then there exists a
unique homomorphism ϕ: R/I → S such that ϕ(I + x) = ϕ(x) for all x ∈ R.
Moreover ϕ: R/I → S is injective if and only if I = ker ϕ.

Corollary 3.8 Let ϕ: R → S be ring homomorphism. Then ϕ(R) is isomor-

phic to R/ ker ϕ.

3.4 The Characteristic of a Ring

Let R be a ring, and let r ∈ R. We may define n.r for all natural numbers n
by recursion on n so that 1.r = r and n.r = (n − 1).r + r for all n > 0. We
define also 0.r = 0 and (−n).r = −(n.r) for all natural numbers n. Then

(m + n).r = m.r + n.r, n.(r + s) = n.r + n.s,

(mn).r = m.(n.r), (m.r)(n.s) = (mn).(rs)

for all integers m an n and for all elements r and s of R.
In particular, suppose that R is a unital ring. Then the set of all integers n
satisfying n.1 = 0 is an ideal of Z. Therefore there exists a unique non-
negative integer p such that pZ = {n ∈ Z : n.1 = 0} (see Lemma 3.6). This
integer p is referred to as the characteristic of the ring R, and is denoted by
charR.

Lemma 3.9 Let R be an integral domain. Then either charR = 0 or else

charR is a prime number.

Proof Let p = charR. Clearly p 6= 1. Suppose that p > 1 and p = jk, where
j and k are positive integers. Then (j.1)(k.1) = (jk).1 = p.1 = 0. But R is
an integral domain. Therefore either j.1 = 0, or k.1 = 0. But if j.1 = 0 then
p divides j and therefore j = p. Similarly if k.1 = 0 then k = p. It follows
that p is a prime number, as required.

3.5 Polynomial Rings

Let R be a ring. A polynomial in an indeterminate x with coefficients in the
ring R is an expression f (x) of the form

a0 + a1 x + a2 x 2 + a3 x 3 + · · · ,

7
where the coefficients a0 , a1 , a2 , a3 , . . . of the polynomial are elements of the
ring R and only finitely many of these coeffients are non-zero. If ak = 0 then
the term ak xk may be omitted when writing down the expression defining
the polynomial. Therefore every polynomial can therefore be represented by
an expression of the form

a0 + a1 x + a2 x 2 + · · · + am x m

in which the number of terms is finite. If am 6= 0 then the polynomial

a0 + a1 x + a2 x 2 + · · · + am x m

is said to be of degree m, and the non-zero coefficient am is referred to as the

leading coefficient of the polynomial.
We see from the definition of a polynomial given above that each polyno-
mial with coefficients in a ring R determines and is determined by an infinite
sequence a0 , a1 , a2 , . . . of elements of the ring R, where ak is the coefficient
of xk in the polynomial. An infinite sequence a0 , a1 , a2 , . . . of elements of R
determines a polynomial a0 + a1 x + a2 x2 + · · · if and only if the number of
values of k for which ak 6= 0 is finite. If the polynomial is non-zero then its
degree is the largest value of m for which am 6= 0.
One can add and multiply polynomials in the usual fashion. Thus if

f (x) = a0 + a1 x + a2 x2 + a3 x3 + · · ·

and
g(x) = b0 + b1 x + b2 x2 + b3 x3 + · · ·
then

f (x) + g(x) = (a0 + b0 ) + (a1 + b1 )x + (a2 + b2 )x2 + (a3 + b3 )x3 + · · · ,

and
f (x)g(x) = u0 + u1 x + u2 x2 + u3 x3 + · · ·
where, for each integer i, the coefficient ui of xi in f (x)g(x) is the sum
of the products aj bk for all pairs (j, k) of non-negative integers satisfying
j + k = i. (Thus u0 = a0 b0 , u1 = a0 b1 + a1 b0 , u2 = a0 b2 + a1 b1 + a2 b0
etc.). Straightforward calculations show that the set R[x] of polynomials
with coefficients in a ring R is itself a ring with these operations of addition
and multiplication. The zero element of this ring is the polynomial whose
coefficients are all equal to zero.
We now consider various properties of polynomials whose coefficients be-
long to a field K (such as the field of rational numbers, real numbers or
complex numbers).

8
Lemma 3.10 Let K be a field, and let f ∈ K[x] be a non-zero polynomial
with coefficients in K. Then, given any polynomial h ∈ K[x], there exist
unique polynomials q and r in K[x] such that h = f q + r and either r = 0
or else deg r < deg f .
Proof If deg h < deg f then we may take q = 0 and r = h. In general we
prove the existence of q and r by induction on the degree deg h of h. Thus
suppose that deg h ≥ deg f and that any polynomial of degree less than deg h
can be expressed in the required form. Now there is some element c of K
for which the polynomials h(x) and cf (x) have the same leading coefficient.
Let h1 (x) = h(x) − cxm f (x), where m = deg h − deg f . Then either h1 = 0
or deg h1 < deg h. The inductive hypothesis then ensures the existence
of polynomials q1 and r such that h1 = f q1 + r and either r = 0 or else
deg r < deg f . But then h = f q + r, where q(x) = cxm + q1 (x). We now
verify the uniqueness of q and r. Suppose that f q + r = f q + r, where
q, r ∈ K[x] and either r = 0 or deg r < deg f . Then (q − q)f = r − r. But
deg((q − q)f ) ≥ deg f whenever q 6= q, and deg(r − r) < deg f whenever
r 6= r. Therefore the equality (q − q)f = r − r cannot hold unless q = q and
r = r. This proves the uniqueness of q and r.
Any polynomial f with coefficients in a field K generates an ideal (f )
of the polynomial ring K[x] consisting of all polynomials in K[x] that are
divisible by f .
Lemma 3.11 Let K be a field, and let I be an ideal of the polynomial ring
K[x]. Then there exists f ∈ K[x] such that I = (f ), where (f ) denotes the
ideal of K[x] generated by f .
Proof If I = {0} then we can take f = 0. Otherwise choose f ∈ I such
that f 6= 0 and the degree of f does not exceed the degree of any non-zero
polynomial in I. Then, for each h ∈ I, there exist polynomials q and r in K[x]
such that h = f q + r and either r = 0 or else deg r < deg f . (Lemma 3.10).
But r ∈ I, since r = h − f q and h and f both belong to I. The choice of f
then ensures that r = 0 and h = qf . Thus I = (f ).
Definition Polynomials f1 , f2 , . . . , fk with coefficients in some field K. are
said to be coprime if there is no non-constant polynomial that divides all of
them.
Theorem 3.12 Let f1 , f2 , . . . , fk be coprime polynomials with coefficients in
some field K. Then there exist polynomials g1 , g2 , . . . , gk with coefficients in
K such that
f1 (x)g1 (x) + f2 (x)g2 (x) + · · · + fk (x)gk (x) = 1.

9
Proof Let I be the ideal in K[x] generated by f1 , f2 , . . . , fk . It follows from
Lemma 3.11 that the ideal I is generated by some polynomial d. Then d
divides all of f1 , f2 , . . . , fk and is therefore a constant polynomial, since these
polynomials are coprime. It follows that I = K[x]. The existence of the
required polynomials g1 , g2 , . . . , gk then follows using Lemma 3.5.

Definition A non-constant polynomial f with coefficients in a ring K is said

to be irreducible over K if there does not exist any non-constant polynomial
that divides f whose degree is less than that of f .

Proposition 3.13 Let f , g and h be polynomials with coefficients in some

field K. Suppose that f is irreducible over K and that f divides the product
gh. Then either f divides g or else f divides h.

Proof Suppose that f does not divide g. We must show that f divides
h. Now the only polynomials that divide f are constant polynomials and
multiples of f . No multiple of f divides g. Therefore the only polynomials
that divide both f and g are constant polynomials. Thus f and g are coprime.
It follows from Proposition 3.12 that there exist polynomials u and v with
coefficients in K such that 1 = ug + vf . Then h = ugh + vf h. But f divides
ugh + vf h, since f divides gh. It follows that f divides h, as required.

Proposition 3.14 Let K be a field, and let (f ) be the ideal of K[x] generated
by an irreducible polynomial f with coefficients in K. Then K[x]/(f ) is a
field.

Proof Let I = (f ). Then the quotient ring K[x]/I is commutative and has
a multiplicative identity element I +1. Let g ∈ K[x]. Suppose that I +g 6= I.
Now the only factors of f are constant polynomials and constant multiples
of f , since f is irreducible. But no constant multiple of f can divide g, since
g 6∈ I. It follows that the only common factors of f and g are constant
polynomials. Thus f and g are coprime. It follows from Proposition 3.12
that there exist polynomials h, k ∈ K[x] such that f h + gk = 1. But then
(I +k)(I +g) = I +1 in K[x]/I, since f h ∈ I. Thus I +k is the multiplicative
inverse of I + g in K[x]/I. We deduce that every non-zero element of K[x]/I
is invertible, and thus K[x]/I is a field, as required.

3.6 Gauss’s Lemma

We shall show that a polynomial with integer coefficients is irreducible over
Q if and only if it cannot be expressed as a product of polynomials of lower
degree with integer coefficients.

10
Definition A polynomial with integer coefficients is said to be primitive if
there is no prime number that divides all the coefficients of the polynomial

Lemma 3.15 (Gauss’s Lemma) Let g and h be polynomials with integer

coefficients. If g and h are both primitive then so is gh.

Proof Let g(x) = b0 + b1 x + b2 x2 + · · · + br xr and h(x) = c0 + c1 x + c2 x2 +

· · · + cs xs , and let g(x)h(x) = a0 + a1 x + a2 x2 + · · · + ar+s xr+s . Let p be a
prime number. Then the polynomials g and h must both have at least one
coefficient that is not divisible by p. Let j and k be the smallest values of i
for which p does not divide bi and ci respectively. Then aj+k −bj ck is divisible
j−1
P k−1
P
by p, since aj+k − bj ck = bi cj+k−i + bj+k−i ci , where p divides bi for all
i=0 i=0
i < j and p divides ci for all i < k. But p does not divide bj ck since p does
not divide either bj or ck . Therefore p does not divide the coefficient aj+k of
gh. This shows that the polynomial gh is primitive, as required.

Proposition 3.16 A polynomial with integer coefficients is irreducible over

the field Q of rational numbers if and only if it cannot be factored as a product
of polynomials of lower degree with integer coefficients.

Proof Let f be a polynomial with integer coefficients. If f is irreducible

over Q then f clearly cannot be factored as a product of polynomials of
lower degree with integer coefficients. Conversely suppose that f cannot be
factored in this way. Let f (x) = g(x)h(x), where g and h are polynomials
with rational coefficients. Then there exist positive integers r and s such that
the polynomials rg(x) and sh(x) have integer coefficients. Let the positive
integers u and v be the highest common factors of the coefficients of the
polynomials rg(x) and sh(x) respectively. Then rg(x) = ug∗ (x) and sh(x) =
vh∗ (x), where g∗ and h∗ are primitive polynomials with integer coefficients.
Then (rs)f (x) = (uv)g∗ (x)h∗ (x). We now show that f (x) = mg∗ (x)h∗ (x)
for some integer m. Let l be the smallest divisor of rs such that lf (x) =
mg∗ (x)h∗ (x) for some integer m. We show that l = 1. Suppose that it
were the case that l > 1. Then there would exist a prime factor p of l.
Now p could not divide m, since otherwise (l/p)f (x) = (m/p)g∗ (x)h∗ (x),
which contradicts the definition of l. Theorefore p would have to divide each
coefficient of g∗ (x)h∗ (x), which is impossible, since it follows from Gauss’s
Lemma (Lemma 3.15) that the product g∗ h∗ of the primitive polynomials
g∗ and h∗ is itself a primitive polynomial. Therefore l = 1 and f (x) =
mg∗ (x)h∗ (x). Now f does not factor as a product of polynomials of lower
degree with integer coefficients. Therefore either deg f = deg g∗ = deg g, or
else deg f = deg h∗ = deg h, Thus f is irreducible over Q, as required.

11
3.7 Eisenstein’s Irreducibility Criterion
Proposition 3.17 (Eisenstein’s Irreducibility Criterion) Let
f (x) = a0 + a1 x + a2 x2 + · · · + an xn
be a polynomial of degree n with integer coefficients, and let p be a prime
number. Suppose that
• p does not divide an ,
• p divides a0 , a1 , . . . , an−1 ,
• p2 does not divide a0 .
Then the polynomial f is irreducible over the field Q of rational numbers.
Proof Suppose that f (x) = g(x)h(x), where g and h are polynomials with
integer coefficients. Let g(x) = b0 + b1 x + b2 x2 + · · · + br xr and h(x) =
c0 +c1 x+c2 x2 +· · ·+cs xs . Then a0 = b0 c0 . Now a0 is divisible by p but is not
divisible by p2 . Therefore exactly one of the coefficients b0 and c0 is divisible
by p. Suppose that p divides b0 but does not divide c0 . Now p does not divide
all the coefficients of g(x), since it does not divide all the coefficients of f (x).
Let j be the smallest value of i for which p does not divide bi . Then p divides
j−1
P
aj − bj c0 , since aj − bj c0 = bi cj−i and bi is divisible by p when i < j. But
i=0
bj c0 is not divisible by p, since p is prime and neither bj nor c0 is divisible by
p. Therefore aj is not divisible by p, and hence j = n and deg g ≥ n = deg f .
Thus deg g = deg f and deg h = 0. Thus the polynomial f does not factor
as a product of polynomials of lower degree with integer coefficients, and
therefore f is irreducible over Q (Proposition 3.16).

3.8 Field Extensions and the Tower Law

Let K be a field. An extension L: K of K is an embedding of K in some
larger field L.
Definition Let L: K and M : K be field extensions. A K-homomorphism
θ: L → M is a homomorphism of fields which satisfies θ(a) = a for all a ∈ K.
A K-monomorphism is an injective K-homomorphism. A K-isomorphism is
a bijective K-homomorphism. A K-automorphism of L is a K-isomorphism
mapping L onto itself.
Two extensions L1 : K and L2 : K of a field K are said to be K-isomorphic
(or isomorphic) if there exists a K-isomorphism ϕ: L1 → L2 between L1 and
L2 .

12
 If L: K is a field extension then we can regard L as a vector space over
the field K. If L is a finite-dimensional vector space over K then we say that
the extension L: K is finite. The degree [L: K] of a finite field extension L: K
is defined to be the dimension of L considered as a vector space over K.

Proposition 3.18 (The Tower Law) Let M : L and L: K be field extensions.

Then the extension M : K is finite if and only if M : L and L: K are both
finite, in which case [M : K] = [M : L][L: K].

Proof Suppose that M : K is a finite field extension. Then L, regarded as a

vector space over K, is a subspace of the finite-dimensional vector space M ,
and therefore L is itself a finite-dimensional vector space over K. Thus L: K
is finite. Also there exists a finite subset of M which spans M as a vector
space over K, since M : K is finite, and this finite subset must also span M
over L, and thus M : L must be finite.
Conversely suppose that M : L and L: K are both finite extensions. Let
x1 , x2 , . . . , xm be a basis for L, considered as a vector space over the field K,
and let y1 , y2 , . . . , yn be a basis for M , considered as a vector space over the
field L. Note that m = [L: K] and n = [M : L]. We claim that the set of
all products xi yj with i = 1, 2, . . . , m and j = 1, 2, . . . , n is a basis for M ,
considered as a vector space over K.
First we show that the elements xi yj are linearly independent over K.
m P
P n
Suppose that λij xi yj = 0, where λij ∈ K for all i and j. Then
i=1 j=1
m
P
λij xi ∈ L for all j, and y1 , y2 , . . . , yn are linearly independent over L,
i=1
m
P
and therefore λij xi = 0 for j = 1, 2, . . . , n. But x1 , x2 , . . . , xm are linearly
i=1
independent over K. It follows that λij = 0 for all i and j. This shows that
the elements xi yj are linearly independent over K.
Now y1 , y2 , . . . , yn span M as a vector space over L, and therefore any
Pn
element z of M can be written in the form z = µj yj , where µj ∈ L for
j=1
m
P
all j. But each µj can be written in the form µj = λij xi , where λij ∈ K
i=1
m P
P n
for all i and j. But then z = λij xi yj . This shows that the products
i=1 j=1
xi yj span M as a vector space over K, and thus

{xi yj : 1 ≤ i ≤ m and 1 ≤ j ≤ n}

13
is a basis of M , considered as a vector space over K. We conclude that the
extension M : K is finite, and

[M : K] = mn = [M : L][L: K],

as required.

Let L: K be a field extension. If A is any subset of L, then the set K ∪ A

generates a subfield K(A) of L which is the intersection of all subfields of L
that contain K ∪ A. (Note that any intersection of subfields of L is itself a
subfield of K.) We say that K(A) is the field obtained from K by adjoining
the set A.
We denote K({α1 , α2 , . . . , αk }) by K(α1 , α2 , . . . , αk ) for any finite subset
{α1 , α2 , . . . , αk } of L. In particular K(α) denotes the field obtained by ad-
joining some element α of L to K. A field extension L: K is said to be simple
if there exists some element α of L such that L = K(α).

3.9 Algebraic Field Extensions

Definition Let L: K be a field extension, and let α be an element of L. If
there exists some non-zero polynomial f ∈ K[x] with coefficients in K such
that f (α) = 0, then α is said to be algebraic over K; otherwise α is said to
be transcendental over K. A field extension L: K is said to be algebraic if
every element of L is algebraic over K.

Lemma 3.19 A finite field extension is algebraic.

Proof Let L: K be a finite field extension, and let n = [L: K]. Let α ∈ L.
Then either the elements 1, α, α2 , . . . , αn are not all distinct, or else these
elements are linearly dependent over the field K (since a linearly inde-
pendent subset of L can have at most n elements.) Therefore there exist
c0 , c1 , c2 , . . . , cn ∈ K, not all zero, such that

c0 + c1 α + c2 α2 + · · · + cn αn = 0.

Thus α is algebraic over K. This shows that the field extension L: K is

algebraic, as required.

Definition A polynomial f with coefficients in some field or unital ring is

said to be monic if its leading coefficient (i.e., the coefficient of the highest
power of x occurring in f (x) with a non-zero coefficient) is equal to 1.

14
Lemma 3.20 Let K be a field and let α be an element of some extension
field L of K. Suppose that α is algebraic over K. Then there exists a unique
irreducible monic polynomial m ∈ K[x], with coefficients in K, characterized
by the following property: f ∈ K[x] satisfies f (α) = 0 if and only if m divides
f in K[x].

Proof Let I = {f ∈ K[x] : f (α) = 0}. Then I is a non-zero ideal of K[x].

Now there exists some polynomial m with coefficients in K which generates
the ideal I (Lemma 3.11). Moreover, by dividing m by its leading coefficient,
if necessary, we can ensure that m is a monic polynomial. Then f ∈ K[x]
satisfies f (α) = 0 if and only if m divides f .
Suppose that m = gh where g, h ∈ K[x]. Then 0 = m(α) = g(α)h(α).
But then either g(α) = 0, in which case m divides g, or else h(α) = 0, in
which case m divides h. The polynomial m is thus irreducible over K.
The polynomial m is uniquely determined since if some monic polyno-
mial m also satisfies the required conditions then m and m divide one another
and therefore m = m.

Definition Let K be a field and let L be an extension field of K. Let α be

an element of L that is algebraic over K. The minimum polynomial m of α
over K is the unique irreducible monic polynomial m ∈ K[x] with coefficients
in K characterized by the following property: f ∈ K[x] satisfies f (α) = 0 if
and only if m divides f in K[x].

Note that if f ∈ K[x] is an irreducible monic polynomial, and if α is a

root of f in some extension field L of K, then f is the minimum polynomial
of α over K.

Theorem 3.21 A simple field extension K(α): K is finite if and only if α

is algebraic over K, in which case [K(α): K] is the degree of the minimum
polynomial of α over K.

Proof Suppose that the field extension K(α): K is finite. It then follows
from Lemma 3.19 that α is algebraic over K.
Conversely suppose that α is algebraic over K. Let R = {f (α) : f ∈
K[x]}. Now f (α) = 0 if and only if the minimum polynomial m of α over
K divides f . It follows that f (α) = 0 if and only if f ∈ (m), where (m) is
the ideal of K[x] generated by m. The ring homomorphism from K[x] to R
that sends f ∈ K[x] to f (α) therefore induces an isomorphism between the
quotient ring K[x]/(m) and the ring R. But K[x]/(m) is a field, since m is
irreducible (Proposition 3.14). Therefore R is a subfield of K(α) containing
K ∪ {α}, and hence R = K(α).

15
 Let z ∈ K(α). Then z = g(α) for some g ∈ K[x]. But then there exist
polynomials l and f belonging to K[x] such that g = lm + f and either f = 0
or deg f < deg m (Lemma 3.10). But then z = f (α) since m(α) = 0.
Suppose that z = h(α) for some polynomial h ∈ K[x], where either h = 0
or deg h < deg m. Then m divides h−f , since α is a zero of h−f . But if h−f
were non-zero then its degree would be less than that of m, and thus h − f
would not be divisible by m. We therefore conclude that h = f . Thus any
element z of K(α) can be expressed in the form z = f (α) for some uniquely
determined polynomial f ∈ K[x] satisfying either f = 0 or deg f < deg m.
Thus if n = deg m then 1, α, α2 . . . , αn−1 is a basis of K(α) over K. It follows
that the extension K(α): K is finite and [K(α): K] = deg m, as required.

Corollary 3.22 A field extension L: K is finite if and only if there exists

a finite subset {α1 , α2 , . . . , αk } of L such that αi is algebraic over K for
i = 1, 2, . . . , k and L = K(α1 , α2 , . . . , αk ).

Proof Suppose that the field extension L: K is a finite. Then it is algebraic

(Lemma 3.19). Thus if {α1 , α2 , . . . , αk } is a basis for L, considered as a vector
space over K, then each αi is algebraic and L = K(α1 , α2 , . . . , αk ).
Conversely suppose that L = K(α1 , α2 , . . . , αk ), where αi is algebraic over
K for i = 1, 2, . . . , k. Let Ki = K(α1 , α2 , . . . , αi ) for i = 1, 2, . . . , k. Clearly
Ki−1 (αi ) ⊂ Ki for all i > 1, since Ki−1 ⊂ Ki and αi ∈ Ki . Also Ki ⊂
Ki−1 (αi ), since Ki−1 (αi ) is a subfield of L containing K ∪ {α1 , α2 , . . . , αi }
We deduce that Ki = Ki−1 (αi ) for i = 2, 3, . . . , k. Moreover αi is clearly
algebraic over Ki−1 since it is algebraic over K, and K ⊂ Ki−1 . It follows
from Theorem 3.21 that the field extension Ki : Ki−1 is finite for each i. Using
the Tower Law (Proposition 3.18), we deduce that L: K is a finite extension,
as required.

3.10 Ruler and Compass Constructions

One can make use of the Tower Law in order to prove the impossibility of
performing a number of geometric constructions in a finite number of steps
using straightedge and and compasses alone. These impossible constructions
include the following:

• the trisection of an arbitrary angle;

• the construction of the edge of a cube having twice the volume of some
given cube;

• the construction of a square having the same area as a given circle.

16
Definition Let P0 and P1 be the points of the Euclidean plane given by
P0 = (0, 0) and P1 = (1, 0). We say that a point P of the plane is constructible
using straightedge and compasses alone if P = Pn for some finite sequence
P0 , P1 , . . . , Pn of points of the plane, where P0 = (0, 0), P1 = (1, 0) and, for
each j > 1, the point Pj is one of the following:—

• the intersection of two distinct straight lines, each passing through at

least two points belonging to the set {P0 , P1 , . . . , Pj−1 };

• the point at which a straight line joining two points belonging to the
set {P0 , P1 , . . . , Pj−1 } intersects a circle which is centred on a point of
this set and passes through another point of the set;

• the point of intersection of two distinct circles, where each circle is

centred on a point of the set {P0 , P1 , . . . , Pj−1 } and passes through
another point of the set.

Constructible points of the plane are those that can be constructed from
the given points P0 and P1 using straightedge (i.e., unmarked ruler) and
compasses alone.

Theorem 3.23 Let (x, y) be a constructible point of the Euclidean plane.

Then [Q(x, y): Q] = 2r for some non-negative integer r.

Proof Let P = (x, y) and let P0 , P1 , . . . , Pn be a finite sequence of points

of the plane with the properties listed above. Let K0 = K1 = Q and
Kj = Kj−1 (xj , yj ) for j = 2, 3, . . . , n, where Pj = (xj , yj ). Straightforward
coordinate geometry shows that, for each j, the real numbers xj and yj are
both roots of linear or quadratic polynomials with coefficients in Kj−1 . It fol-
lows that [Kj−1 (xj ): Kj−1 ] = 1 or 2 and [Kj−1 (xj , yj ): Kj−1 (xj )] = 1 or 2 for
each j. It follows from the Tower Law (Proposition 3.18) that [Kn : Q] = 2s
for some non-negative integer s. But [Kn : Q] = [Kn : Q(x, y)][Q(x, y): Q]. We
deduce that [Q(x, y): Q] divides 2s , and therefore [Q(x, y): Q] = 2r for some
non-negative integer r.

One can apply this criterion to show that there is no geometrical con-
struction that enables one to trisect an arbitrary angle using straightedge
and compasses alone. The same method can be used to show the impos-
sibility of ‘duplicating a cube’ or ‘squaring a circle’ using straightedge and
compasses alone.

17
Example We show that there is no geometrical construction for the trisec-
tion of an angle of π3 radians (i.e., 60◦ ) using straightedge and compasses
alone. Let a = cos π9 and b = sin π9 . Now the point (cos π3 , sin π3 ) (i.e, the
√
point ( 12 , 12 3)) is constructible. Thus if an angle of π3 radians could be tri-
sected using straightedge and compasses alone, then the point (a, b) would
be constructible. Now

cos 3θ = cos θ cos 2θ − sin θ sin 2θ = cos θ(cos2 θ − sin2 θ) − 2 sin2 θ cos θ
= 4 cos3 θ − 3 cos θ

for any angle θ. On setting θ = π9 we deduce that 4a3 − 3a = 12 and thus

8a3 − 6a − 1 = 0. Now 8a3 − 6a − 1 = f (2a − 1), where f (x) = x3 + 3x2 − 3.
An immediate application of Eisenstein’s criterion for irreducibility shows
that the polynomial f is irreducible over the field Q of rational numbers, and
thus [Q(a): Q] = [Q(2a − 1): Q] = 3. It now follows from Theorem 3.23 that
the point (cos π9 , sin π9 ) is not constructible using straightedge and compasses
alone. Therefore it is not possible to trisect an angle of π3 radians using
straightedge and compasses alone. It follows that there is no geometrical
construction for the trisection of an arbitrary angle using straightedge and
compasses alone.

Example It is not difficult to see √ that if it were possible to

√ construct two
3 3
points in the plane a distance 2 apart, then the point ( 2, 0) would be
constructible.
√ But it follows from Theorem 3.23 that this is impossible,
since
√
3
2 is a root of the irreducible monic polynomial x3 − 2, and therefore
3
[Q( 2), Q] = 3. We conclude that there is no geometric construction using
straightedge and compasses alone that will construct from a line segment
in the plane a second line segment such that a cube with the second line
segment as an edge will have twice the volume of a cube with the first line
segment as an edge.

Example It can be shown

√ that π is not algebraic over the field Q of rational
numbers. Therefore π is not algebraic over Q. It then follows from Theo-
rem 3.23 it is not possible to give a geometrical construction for obtaining a
square with the same area as a given circle, using straightedge and compasses
alone. (Thus it is not possible to ‘square the circle’ using straightedge and
compasses alone.)

Lemma 3.24 If the endpoints of any line segment in the plane are con-
structible, then so is the midpoint.

18
Proof Let P and Q be constructible points in the plane. Let S and T be the
points where the circle centred on P and passing through Q intersects the
circle centred on Q and passing through P . Then S and T are constructible
points in the plane, and the point R at which the line ST intersects the
line P Q is the midpoint of the line segment P Q. Thus this midpoint is a
constructible point.

Lemma 3.25 If any three vertices of a parallelogram in the plane are con-
structible, then so is the fourth vertex.

Proof Let the vertices of the parallelogram listed in anticlockwise (or in

clockwise) order be A, B, C and D, where A, B and D are constructible
points. We must show that C is also constructible. Now the midpoint E of
the line segment BD is a constructible point, and the circle centred on E
and passing though A will intersect the line AE in the point C. Thus C is a
constructible point, as required.

Theorem 3.26 Let K denote the set of all real numbers x for which the
point (x, 0) is constructible using straightedge and compasses alone. Then K
is a subfield of the field of real numbers, and a point (x, y) of the plane is
constructible using straightedge and compass √ alone if and only if x ∈ K and
y ∈ K. Moreover if x ∈ K and x > 0 then x ∈ K.

Proof Clearly 0 ∈ K and 1 ∈ K. Let x and y be real numbers belonging to

K. Then (x, 0) and (y, 0) are constructible points of the plane. Let M be the
midpoint of the line segment whose endpoints are (x, 0) and (y, 0). Then M
is constructible (Lemma 3.24), and M = ( 21 (x + y), 0). The circle centred on
M and passing through the origin intersects the x-axis at the origin and at
the point (x + y, 0). Therefore (x + y, 0) is a constructible point, and thus
x + y ∈ K. Also the circle centred on the origin and passing through (x, 0)
intersects the x-axis at (−x, 0). Thus (−x, 0) is a constructible point, and
thus −x ∈ K.
We claim that if x ∈ K then the point (0, x) is constructible. Now if x ∈ K
and x 6= 0 then (x, 0) and (−x, 0) are constructible points, and the circle
centred on (x, 0) and passing through (−x, 0) intersects the circle centred on
(−x, 0) and passing through
√ (x, 0) in two
√ points that lie on the y-axis. These
two points (namely (0, 3x) and (0, − 3x)) are constructible, and therefore
the circle centred on the origin and passing though (x, 0) intersects the y-axis
in two constructible points which are (0, x) and (0, −x). Thus if x ∈ K then
the point (0, x) is constructible.
Let x and y be real numbers belonging to K. Then the points (x, 0),
(0, y) and (0, 1) are constructible. The point (x, y − 1) is then constructible,

19
since it is the fourth vertex of a parallelogram which has three vertices at the
constructible points (x, 0), (0, y) and (0, 1) (Lemma 3.25). But the line which
passes through the two constructible points (0, y) and (x, y − 1) intersects
the x-axis at the point (xy, 0). Therefore the point (xy, 0) is constructible,
and thus xy ∈ K.
Now suppose that x ∈ K, y ∈ K and y 6= 0. The point (x, 1 − y) is
constructible, since it is the fourth vertex of a parallelogram with vertices
at the constructible points (x, 0), (0, y) and (0, 1). The line segment joining
the constructible points (0, 1) and (x, 1 − y) intersects the x-axis at the point
(xy −1 , 0). Thus xy −1 ∈ K.
The above results show that K is a subfield of the field of real numbers.
Moreover if x ∈ K and y ∈ K then the point (x, y) is constructible, since it is
the fourth vertex of a rectangle with vertices at the constructible points (0, 0),
(x, 0) and (0, y). Conversely, suppose that the point (x, y) is constructible.
We claim that the point (x, 0) is constructible and thus x ∈ K. This result is
obviously true if y = 0. If y 6= 0 then the circles centred on the points (0, 0)
and (1, 0) and passing through (x, y) intersect in the two points (x, y) and
(x, −y). The point (x, 0) is thus the point at which the line passing through
the constructible points (x, y) and (x, −y) intersects the x-axis, and is thus
itself constructible. The point (0, y) is then the fourth vertex of a rectangle
with vertices at the constructible points (0, 0), (x, 0) and (x, y), and thus is
itself constructible. The circle centred on the origin and passing though (0, y)
intersects the x-axis at (y, 0). Thus (y, 0) is constructible, and thus y ∈ K.
We have thus shown that a point (x, y) is constructible using straightedge
and compasses alone if and only if x ∈ K and y ∈ K.
Suppose that x ∈ K and that x > 0. Then 21 (1 − x) ∈ K. Thus if
C = (0, 12 (1 − x)) then C is a constructible point. Let (u, 0) be the point at
which the circle centred on C and passing through the constructible point
(0, 1) intersects the x-axis. (The circle does intersect the x-axis since it passes
through (0, 1) and (0, −x), and x > 0.) The radius of this circle is 12 (1 + x)),
and therefore 14 (1 − x)2 + u2 = 14 (1 + x)2 (Pythagoras’ Theorem.) But then
2
√ = x. But (u, 0) is a constructible point. Thus if x ∈ K and x > 0 then
u
x ∈ K, as required.

The above theorems can be applied to the problem of determining whether

or not it is possible to construct a regular n-sided polygon with a straightedge
and compass, given its centre and one of its vertices. The impossibility
of trisecting an angle of 60◦ shows that a regular 18-sided polygon is not
constructible using straightedge and compass. Now if one can construct a
regular n-sided polygon then one can easily construct a regular 2n-sided
polygon by bisecting the angles of the n-sided polygon. Thus the problem

20
reduces to that of determining which regular polygons with an odd number
of sides are constructible. Moreover it is not difficult to reduce down to the
case where n is a power of some odd prime number.
Gauss discovered that a regular 17-sided polygon was constructible in
1796, when he was 19 years old. Techniques of Galois Theory show that the
regular n-sided polygon is constructible using straightedge and compass if
and only if n = 2s p1 p2 · · · pt , where p1 , p2 , . . . , pt are distinct Fermat primes:
a Fermat prime is a prime number that is of the form 2k +1 for some integer k.
If k = uv, where u and v are positive integers and v is odd, then 2k + 1 =
wv + 1 = (w + 1)(wv−1 − wv−2 + · · · − w + 1), where w = 2u , and hence
m
2k + 1 is not prime. Thus any Fermat prime is of the form 22 + 1 for some
non-negative integer m. Fermat observed in 1640 that Fm is prime when
m ≤ 4. These Fermat primes have the values F0 = 3, F1 = 5, F2 = 17,
F3 = 257 and F4 = 65537. Fermat conjectured that all the numbers Fm were
prime. However it has been shown that Fm is not prime for any integer m
between 5 and 16. Moreover F16 = 265536 + 1 ≈ 1020000 . Note that the five
Fermat primes 3, 5, 17, 257 and 65537 provide only 32 constructible regular
polygons with an odd number of sides.
It is not difficult to see that the geometric problem of constructing a
regular n-sided polygon using straightedge and compasses is equivalent to
the algebraic problem of finding a formula to express the nth roots of unity
in the complex plane in terms of integers or rational numbers by means of
algebraic formulae which involve finite addition, subtraction, multiplication,
division and the successive extraction of square roots. Thus the problem is
closely related to that of expressing the roots of a given polynomial in terms
of its coefficients by means of algebraic formulae which involve only finite
addition, subtraction, multiplication, division and the successive extraction
of pth roots for appropriate prime numbers p.

3.11 Splitting Fields

Definition Let L: K be a field extension, and let f ∈ K[x] be a polynomial
with coefficients in K. The polynomial f is said to split over L if f is a
constant polynomial or if there exist elements α1 , α2 , . . . , αn of L such that

f (x) = c(x − α1 )(x − α2 ) · · · (x − αn ),

where c ∈ K is the leading coefficient of f .

We see therefore that a polynomial f ∈ K[x] splits over an extension

field L of K if and only if f factors in L[x] as a product of constant or linear
factors.

21
Definition Let L: K be a field extension, and let f ∈ K[x] be a polynomial
with coefficients in K. The field L is said to be a splitting field for f over K
if the following conditions are satisfied:—

• the polynomial f splits over L;

• the polynomial f does not split over any proper subfield of L that
contains the field K.

Lemma 3.27 Let M : K be a field extension, and let f ∈ K[x] be a polyno-

mial with coefficients in K. Suppose that the polynomial f splits over M .
Then there exists a unique subfield L of M which is a splitting field for f
over K.

Proof Let L be the intersection of all subfields M 0 of M containing K with

the property that the polynomial f splits over M 0 . One can readily verify
that L is the unique splitting field for f over K contained in M .

The Fundamental Theorem of Algebra ensures that a polynomial f ∈ Q[x]

with rational coefficients always splits over the field C of complex numbers.
Thus some unique subfield L of C is a splitting field for f over Q.
Note that if the polynomial f ∈ K[x] splits over an extension field M of
K, and if α1 , α2 , . . . , αn are the roots of the polynomial f in M , then the
unique splitting field of f over K contained in M is the field K(α1 , α2 , . . . , αn )
obtaining on adjoining the roots of f to K.
√
Example The field Q( 2) is a splitting field for the polynomial x2 − 2 over
Q.

We shall prove below that splitting fields always exist and that any two
splitting field extensions for a given polynomial over a field K are isomorphic.
Given any homomorphism σ: K → M of fields, we define

σ∗ (a0 + a1 x + · · · + an xn ) = σ(a0 ) + σ(a1 )x + · · · + σ(an )xn

for all polynomials a0 + a1 x + · · · + an xn with coefficients in K. Note that

σ∗ (f + g) = σ∗ (f ) + σ∗ (g) and σ∗ (f g) = σ∗ (f )σ∗ (g) for all f, g ∈ K[x].

Theorem 3.28 (Kronecker) Let K be a field, and let f ∈ K[x] be a non-

constant polynomial with coefficients in K. Then there exists an extension
field L of K and an element α of L for which f (α) = 0.

22
Proof Let g be an irreducible factor of f , and let L = K[x]/(g), where (g)
is the ideal of K[x] generated by g. For each a ∈ K let i(a) = a + (g). Then
i: K → L is a monomorphism. We embed K in L on identifying a ∈ K with
i(a).
Now L is a field, since g is irreducible (Proposition 3.14). Let α = x+(g).
Then g(α) is the image of the polynomial g under the quotient homomor-
phism from K[x] to L, and therefore g(α) = 0. But g is a factor of the
polynomial f . Therefore f (α) = 0, as required.

Corollary 3.29 Let K be a field and let f ∈ K[x]. Then there exists a
splitting field for f over K.

Proof We use induction on the degree deg f of f . The result is trivially true
when deg f = 1 (since f then splits over K itself). Suppose that the result
holds for all fields and for all polynomials of degree less than deg f . Now it
follows from Theorem 3.28 that there exists a field extension K1 : K of K and
an element α of K1 satisfying f (α) = 0. Moreover f (x) = (x − α)g(x) for
some polynomial g with coefficients in K(α). Now deg g < deg f . It follows
from the induction hypothesis that there exists a splitting field L for g over
K(α). Then f splits over L.
Suppose that f splits over some field M , where K ⊂ M ⊂ L. Then
α ∈ M and hence K(α) ⊂ M . But M must also contain the roots of g,
since these are roots of f . It follows from the definition of splitting fields
that M = L. Thus L is the required splitting field for the polynomial f over
K.

Any two splitting fields for a given polynomial with coefficients in a field K
are K-isomorphic. This result is a special case of the following theorem.

Theorem 3.30 Let K1 and K2 be fields, and let σ: K1 → K2 be an isomor-

phism between K1 and K2 . Let f ∈ K1 [x] be a polynomial with coefficients
in K1 , and let L1 and L2 be splitting fields for f and σ∗ (f ) over K1 and K2
respectively. Then there exists an isomorphism τ : L1 → L2 which extends
σ: K1 → K2 .

Proof We prove the result by induction on [L1 : K1 ]. The result is trivially

true when [L1 : K1 ] = 1. Suppose that [L1 : K1 ] > 1 and the result holds for
splitting field extensions of lower degree. Choose a root α of f in L1 \K1 , and
let m be the minimum polynomial of α over K1 . Then m divides f and σ∗ (m)
divides σ∗ (f ), and therefore σ∗ (m) splits over L2 . Moreover the polynomial
σ∗ (m) is irreducible over K2 , since σ: K1 → K2 induces an isomorphism
between the polynomial rings K1 [x] and K2 [x]. Choose a root β of σ∗ (m).

23
 Let g and h be polynomials with coefficients in K1 . Now g(α) = h(α)
if and only if m divides g − h. Similarly σ∗ (g)(β) = σ∗ (h)(β) if and only if
σ∗ (m) divides σ∗ (g) − σ∗ (h). Therefore σ∗ (g)(β) = σ∗ (h)(β) if and only if
g(α) = h(α), and thus there is a well-defined isomorphism ϕ: K1 (α) → K2 (β)
which sends g(α) to σ∗ (g)(β) for any polynomial g with coefficients in K.
Now L1 and L2 are splitting fields for the polynomials f and σ∗ (f ) over the
fields K1 (α) and K2 (β) respectively, and [L1 : K1 (α)] < [L1 : K1 ]. The induc-
tion hypothesis therefore ensures the existence of an isomorphism τ : L1 → L2
extending ϕ: K1 (α) → K2 (β). Then τ : L1 → L2 is the required extension of
σ: K1 → K2 .

Corollary 3.31 Let L: K be a splitting field extension, and let α and β be

elements of L. Then there exists a K-automorphism of L sending α to β if
and only if α and β have the same minimum polynomial over K.

Proof Suppose that there exists a K-automorphism σ of L which sends α

to β. Then h(β) = σ(h(α)) for all polynomials h ∈ K[x] with coefficients in
K. Therefore h(α) = 0 if and only if h(β) = 0. It follows that α and β must
have the same minimum polynomial over K.
Conversely suppose that α and β are elements of L that have the same
minimum polynomial m over K. Let h1 and h2 be polynomials with coef-
ficients in K. Now h1 (α) = h2 (α) if and only if h1 − h2 is divisible by the
minimum polynomial m. It follows that h1 (α) = h2 (α) if and only if h1 (β) =
h2 (β). Therefore there is a well-defined K-isomorphism ϕ: K(α) → K(β)
that sends h(α) to h(β) for all polynomials h with coefficients in K. Then
ϕ(α) = β.
Now L is the splitting field over K for some polynomial f with coefficients
in K. The field L is then a splitting field for f over both K(α) and K(β). It
follows from Theorem 3.30 that the K-isomorphism ϕ: K(α) → K(β) extends
to a K-automorphism τ of L that sends α to β, as required.

3.12 Normal Extensions

Definition A field extension L: K is said to be normal if every irreducible
polynomial in K[x] with at least one root in L splits over L.

Note that a field extension L: K is normal if and only if, given any ele-
ment α of L, the minimum polynomial of α over K splits over L.

Theorem 3.32 Let K be a field, and let L be an extension field of K. Then

L is a splitting field over K for some polynomial with coefficients in K if and
only if the field extension L: K is both finite and normal.

24
Proof Suppose that L: K is both finite and normal. Then there exist alge-
braic elements α1 , α2 , . . . , αn of L such that L = K(α1 , α2 , . . . , αn ) (Corol-
lary 3.22). Let f (x) = m1 (x)m2 (x) · · · mn (x), where mj ∈ K[x] is the mini-
mum polynomial of αj over K for j = 1, 2, . . . , n. Then mj splits over L since
mj is irreducible and L: K is normal. Thus f splits over L. It follows that
L is a splitting field for f over K, since L is obtained from K by adjoining
roots of f .
Conversely suppose that L is a splitting field over K for some polynomial
f ∈ K[x]. Then L is obtained from K by adjoining the roots of f , and
therefore the extension L: K is finite. (Corollary 3.22).
Let g ∈ K[x] be irreducible, and let M be a splitting field for the polyno-
mial f g over L. Then L ⊂ M and the polynomials f and g both split over
M . Let β and γ be roots of g in M . Now the polynomial f splits over the
fields L(β) and L(γ). Moreover if f splits over any subfield of M containing
K(β) then that subfield must contain L (since L is a splitting field for f over
K) and thus must contain L(β). We deduce that L(β) is a splitting field for
f over K(β). Similarly L(γ) is a splitting field for f over K(γ).
Now there is a well-defined K-isomorphism σ: K(β) → K(γ) which sends
h(β) to h(γ) for all polynomials h with coefficients in K, since two such poly-
nomials h1 and h2 take the same value at a root of the irreducible polyno-
mial g if and only if their difference h1 −h2 is divisible by g. This isomorphism
σ: K(β) → K(γ) extends to an K-isomorphism τ : L(β) → L(γ) between L(β)
and L(γ), since L(β) and L(β) are splitting fields for f over the field K(β) and
K(γ) respectively (Theorem 3.30). Thus the extensions L(β): K and L(γ): K
are isomorphic, and [L(β): K] = [L(γ): K]. But [L(β): K] = [L(β): L][L: K]
and [L(γ): K] = [L(γ): L][L: K] by the Tower Law (Theorem 3.18). It follows
that [L(β): L] = [L(γ): L]. In particular β ∈ L if and only if γ ∈ L. This
shows that that any irreducible polynomial with a root in L must split over
L, and thus L: K is normal, as required.

3.13 Separability
Let K be a field. We recall that nk is defined inductively for all integers n
and for all elements k of K so that 0k = 0 and (n + 1)k = nk + k for all
n ∈ Z and k ∈ K. Thus 1k = k, 2k = k + k, 3k = k + k + k etc., and
(−n)k = −(nk) for all n ∈ Z.

Definition Let K be a field, and let f ∈ K[x] be a polynomial with coeffi-

n
cj xj . The formal derivative Df
P
cients c0 , c1 , . . . , cn in K, where f (x) =
j=0

25
 n
jcj xj−1 .
P
of f is defined by the formula (Df )(x) =
j=1

(The definition of formal derivative given above is a purely algebraic def-

inition, applying to polynomials with coefficients in any field whatsoever,
which corresponds to the formula for the derivative of a polynomial with real
coefficients obtained by elementary calculus.)
Let K be a field. One can readily verify by straightforward calculation
that D(f + g) = Df + Dg and D(f g) = (Df )g + f (Dg) for all f ∈ K[x]. If
f is a constant polynomial then Df = 0.
Let K be a field, and let f ∈ K[x]. An element α of an extension field L
of K is said to be a repeated zero if (x − α)2 divides f (x).

Proposition 3.33 Let K be a field, and let f ∈ K[x]. The polynomial f

has a repeated zero in a splitting field for f over K if and only if there exists
a non-constant polynomial with coefficients in K that divides both f and its
formal derivative Df in K[x].

Proof Suppose that f ∈ K[x] has a repeated root α in a splitting field L.

Then f (x) = (x − α)2 h(x) for some polynomial h ∈ L[x]. But then

(Df )(x) = 2(x − α)h(x) + (x − α)2 (Dh)(x)

and hence (Df )(α) = 0. It follows that the minimum polynomial of α over
K is a non-constant polynomial with coefficients in K which divides both f
and Df .
Conversely let f ∈ K[x] be a polynomial with the property that f and
Df are both divisible by some non-constant polynomial g ∈ K[x]. Let L be
a splitting field for f over K. Then g splits over L (since g is a factor of f ).
Let α ∈ L be a root of g. Then f (α) = 0, and hence f (x) = (x − α)e(x)
for some polynomial e ∈ L[x]. On differentiating, we find that (Df )(x) =
e(x) + (x − α)De(x). But (Df )(α) = 0, since g(α) = 0 and g divides Df
in K[x]. It follows that e(α) = (Df )(α) = 0, and thus e(x) = (x − α)h(x)
for some polynomial h ∈ L[x]. But then f (x) = (x − α)2 h(x), and thus the
polynomial f has a repeated root in the splitting field L, as required.

Definition Let K be a field. An irreducible polynomial in K[x] is said to

be separable over K if it does not have repeated roots in a splitting field. A
polynomial in K[x] is said to separable over K if all its irreducible factors
are separable over K. A polynomial is said to be inseparable if it is not
separable.

26
Corollary 3.34 Let K be a field. An irreducible polynomial f is inseparable
if and only if Df = 0.

Proof Let f ∈ K[x] be an irreducible polynomial. Suppose that f is in-

separable. Then f has a repeated root in a splitting field, and it follows
from Proposition 3.33 that there exists a non-constant polynomial g in K[x]
dividing both f and its formal derivative Df . But then g = cf for some
non-zero element c of K, since f is irreducible, and thus f divides Df . But
if Df were non-zero then deg Df < deg f , and thus f would not divide Df .
Thus Df = 0.
Conversely if Df = 0 then f divides both f and Df . It follows from
Proposition 3.33 that f has a repeated root in a splitting field, and is thus
inseparable.

Definition A field extension L: K is said to be separable over K if the

minimum polynomial of each element of L is separable over K.

Suppose that K is a field of characteristic zero. Then n.k 6= 0 for all

n ∈ Z and k ∈ K satisfying n 6= 0 and k 6= 0. It follows from the definition
of the formal derivative that Df = 0 if and only if f ∈ K[x] is a constant
polynomial. The following result therefore follows immediately from Corol-
lary 3.34.

Corollary 3.35 Suppose that K is a field of characteristic zero. Then every

polynomial with coefficients in K is separable over K, and thus every field
extension L: K of K is separable.

3.14 Finite Fields

Lemma 3.36 Let K be a field of characteristic p, where p > 0. Then (x +
y)p = xp + y p and (xy)p = xp y p for all x, y ∈ K. Thus the function x 7→ xp
is a monomorphism mapping the field K into itself.
p  
p
X p
Proof The Binomial Theorem tells us that (x + y) = xj y p−j , where
j=0
j
   
p p p(p − 1) · · · (p − j + 1)
= 1 and = for j = 1, 2, . . . , p. The de-
0 j j!
nominator of each binomial coefficient must divide the numerator, since this
coefficient is an integer. Now the characteristic p of K is a prime number.
Moreover if 0 < j < p then p is a factor of the numerator but is not a factor
of the denominator. It follows from the Fundamental Theorem of Arithmetic

27
  
p
that p divides for all j satisfying 0 < j < p. But px = 0 for all x ∈ K,
j
since charK = p. Therefore (x + y)p = xp + y p for all x, y ∈ K. The identity
(xy)p = xp y p is immediate from the commutativity of K.

Let K be a field of characteristic p, where p > 0. The monomorphism

x 7→ xp is referred to as the Frobenius monomorphism of K. If K is finite then
this monomorphism is an automorphism of K, since any injection mapping
a finite set into itself must be a bijection.

Theorem 3.37 A field K has pn elements if and only if it is a splitting field

for the polynomial xp − x over its prime subfield Fp , where Fp ∼
n
= Z/pZ.

Proof Suppose that K has q elements, where q = pn . If α ∈ K \ {0} then

αq−1 = 1, since the set of non-zero elements of K is a group of order q − 1
with respect to multiplication. It follows that αq = α for all α ∈ K. Thus
all elements of K are roots of the polynomial xq − x. This polynomial must
therefore split over K, since its degree is q and K has q elements. Moreover
the polynomial cannot split over any proper subfield of K. Thus K is a
splitting field for this polynomial.
Conversely suppose that K is a splitting field for the polynomial f over
Fp , where f (x) = xq − x and q = pn . Let σ(α) = αq for all α ∈ K.
Then σ: K → K is a monomorphism, being the composition of n successive
applications of the Frobenius monomorphism of K. Moreover an element α
of K is a root of f if and only if σ(α) = α. It follows from this that
the roots of f constitute a subfield of K. This subfield is the whole of
K, since K is a splitting field. Thus K consists of the roots of f . Now
Df (x) = qxq−1 − 1 = −1, since q is divisible by the characteristic p of Fp . It
follows from Proposition 3.33 that the roots of f are distinct. Therefore f
has q roots, and thus K has q elements, as required.

Let K be a finite field of characteristic p. Then K has pn elements, where

n = [K: Fp ], since any vector space of dimension n over a field of order p must
have exactly pn elements. The following result is now a consequence of the
existence of splitting fields (Corollary 3.29) and the uniqueness of splitting
fields up to isomorphism (Theorem 3.30)

Corollary 3.38 There exists a finite field GF(pn ) of order pn for each prime
number p and positive integer n. Two finite fields are isomorphic if and only
if they have the same number of elements.

28
 The field GF(pn ) is referred to as the Galois field of order pn .
The non-zero elements of a field constitute a group under multiplication.
We shall prove that all finite subgroups of the group of non-zero elements of
a field are cyclic. It follows immediately from this that the group of non-zero
elements of a finite field is cyclic.
For each positive integer n, we denote by ϕ(n) the number of integers
X x
satisfying 0 ≤ x < n that are coprime to n. We show that the sum ϕ(d)
d|n
of ϕ(d) taken over all divisors of a positive integer n is equal to n.
X
Lemma 3.39 Let n be a positive integer. Then ϕ(d) = n.
d|n

Proof If x is an integer satisfying X0 ≤ x < n then (x, n) = n/d for some

divisor d of n. It follows that n = nd , where nd is the number of integers x
d|n
satisfying 0 ≤ x < n for which (x, n) = n/d. Thus it suffices to show that
nd = ϕ(d) for each divisor d of n.
Let d be a divisor of n, and let a = n/d. Given any integer x satisfying
0 ≤ x < n that is divisible by a, there exists an integer y satisfying 0 ≤ y < d
such that x = ay. Then (x, n) = (ay, ad) = a(y, d). It follows that the
integers x satisfying 0 ≤ x < n for which (x, n) = a are those of the form
ay, where y is an integer, 0 ≤ y < d and (y, d) = 1. It follows that there
are exactly ϕ(d) integersX x satisfying 0 ≤ x < n for which (x, n) = n/d, and
thus nd = ϕ(d) and n = ϕ(d), as required.
d|n

The set of all non-zero elements of a field is a group with respect to the
operation of multiplication.

Theorem 3.40 Let G be a finite subgroup of the group of non-zero elements

of a field. Then the group G is cyclic.

Proof Let n be the order of the group G. It follows from Lagrange’s Theorem
that the order of every element of G divides n. For each divisor dX
of n, let ψ(d)
denote the number of elements of G that are of order d. Clearly ψ(d) = n.
d|n
Let g be an element of G of order d, where d is a divisor of n. The elements
1, g, g 2 , . . . , g d−1 are distinct elements of G and are roots of the polynomial
xd − 1. But a polynomial of degree d with coefficients in a field has at most
d roots in that field. Therefore every element x of G satisfying xd = 1 is g k

29
for some uniquely determined integer k satisfying 0 ≤ k < d. If k is coprime
to d then g k has order d, for if (g k )n = 1 then d divides kn and hence d
divides n. Conversely if g k has order d then d and k are coprime, for if e is
a common divisor of k and d then (g k )d/e = g d(k/e) = 1, and hence e = 1.
Thus if there exists at least one element g of G that is of order d then the
elements of G that are of order d are the elements g k for those integers k
satisfying 0 ≤ k < d that are coprime to d. It follows that if ψ(d) > 0 then
ψ(d) = ϕ(d), where ϕ(d) is the number of integers k satisfying 0 ≤ k < d
that are coprime to d. X
Now 0 ≤ ψ(d) ≤ ϕ(d) for each divisor d of n. But ψ(d) = n and
d|n
X
ϕ(d) = n. It follows that ψ(d) = φ(d) for each divisor d of n. In
d|n
particular ψ(n) = ϕ(n) ≥ 1. Thus there exists an element of G whose order
is the order n of G. This element generates G, and thus G is cyclic, as
required.

Corollary 3.41 The group of non-zero elements of a finite field is cyclic.

3.15 The Primitive Element Theorem

Theorem 3.42 (Primitive Element Theorem) Every finite separable field
extension is simple.

Proof Let L: K be a finite separable field extension. Suppose that K is a

finite field. Then L is also a finite field, since it is a finite-dimensional vector
space over K. The group of non-zero elements of L is therefore generated by
a single non-zero element θ of L (Corollary 3.41). But then L = K(θ) and
thus L: K is simple. This proves the Primitive Element Theorem in the case
where the field K is finite.
Next suppose that L = K(β, γ), where K is infinite, β and γ are algebraic
over K and L: K is separable. Let N be a splitting field for the polynomial
f g, where f and g are the minimum polynomials of β and γ respectively over
K. Then f and g both split over N . Let β1 , β2 , . . . , βq be the roots of f in
N , and let γ1 , γ2 , . . . , γr be the roots of g in N , where β1 = β and γ1 = γ.
The separability of L: K ensures that γk 6= γj when k 6= j.
Now K is infinite. We can therefore choose c ∈ K so that c 6= (βi −
β)/(γ − γj ) for any i and j with j 6= 1. Let h(x) = f (θ − cx), where
θ = β + cγ. Then h is a polynomial in the indeterminate x with coefficients
in K(θ) which satisfies h(γ) = f (β) = 0. Moreover h(γj ) 6= 0 whenever
j 6= 1, since θ − cγj 6= βi for all i and j with j 6= 1. Thus γ is the only

30
common root of g and h. It follows that x − γ is a highest common factor of
g and h in the polynomial ring K(θ)[x], and therefore γ ∈ K(θ). But then
β ∈ K(θ), since β = θ − cγ and c ∈ K. It follows that L = K(θ).
It now follows by induction on m that if L = K(α1 , α2 , . . . , αm ), where K
is infinite, α1 , α2 , . . . , αm are algebraic over K, and L: K is separable, then
the extension L: K is simple. Thus all finite separable field extensions are
simple, as required.

3.16 The Galois Group of a Field Extension

Definition The Galois group Γ(L: K) of a field extension L: K is the group
of all automorphisms of the field L that fix all elements of the subfield K.

Lemma 3.43 If L: K is a finite separable field extension then |Γ(L: K)| ≤

[L: K].

Proof It follows from the Primitive Element Theorem (Theorem 3.42) that
there exists some element α of L such that L = K(α). Let λ be an element
of L. Then λ = g(α) for some polynomial g with coefficients in K. But then
σ(λ) = g(σ(α)) for all σ ∈ Γ(L: K), since the coefficients of G are fixed by
σ. It follows that each automorphism σ in Γ(L: K) is uniquely determined
once σ(α) is known
If f be the minimum polynomial of α over K then f (σ(α)) = σ(f (α)) = 0
for all σ ∈ Γ(L: K) since the coefficients of f are in K and are therefore fixed
by σ. Thus σ(α) is a root of f . It follows that the order |Γ(L: K)| of the
Galois group is bounded above by the number of roots of f that belong to
L, and is thus bounded above by the degree deg f of f . But deg f = [L: K]
(Theorem 3.21). Thus |Γ(L: K)| ≤ [L: K], as required.

Definition Let L be a field, and let G be a group of automorphisms of L.

The fixed field of G is the subfield K of L defined by

K = {a ∈ L : σ(a) = a for all σ ∈ G}.

Proposition 3.44 Let L be a field, let G be a finite group of automorphisms

of L, and let K be the fixed field of G. Then each element α of L is algebraic
over K, and the minimum polynomial of α over K is the polynomial

(x − α1 )(x − α2 ) · · · (x − αk ),

where α1 , α2 , . . . , αk are distinct and are the elements of the orbit of α under
the action of G on L.

31
Proof Let f (x) = (x − α1 )(x − α2 ) · · · (x − αm ). Then the polynomial f is
invariant under the action of G, since each automorphism in the group G
permutes the elements α1 , α2 , . . . , αk and therefore permutes the factors of
f amongst themselves. It follows that the coefficients of the polynomial f
belong to the fixed field K of G. Thus α is algebraic over K, as it is a root
of the polynomial f .
Now, given any root αi of f , there exists some σ ∈ G such that αi =
σ(α). Thus if g ∈ K[x] is a polynomial with coefficients in K which satisfies
g(α) = 0 then g(αi ) = σ(g(α)) = 0, since the coefficients of g are fixed by σ.
But then f divides g. Thus f is the minimum polynomial of α over K, as
required.

Definition A field extension is said to be a Galois extension if it is finite,

normal and separable.

Theorem 3.45 Let L be a field, let G be a finite subgroup of the group of

automorphisms of L, and let K be the fixed field of G. Then the field extension
L: K is a Galois extension. Moreover G is the Galois group Γ(L: K) of L: K
and |G| = [L: K].

Proof It follows from Proposition 3.44 that, for each α ∈ L, the minimum
polynomial of α over K splits over L and has no multiple roots. Thus the
extension L: K is both normal and separable.
Let M be any field satisfying K ⊂ M ⊂ L for which the extension M : K
is finite. The extension M : K is separable, since L: K is separable. It follows
from the Primitive Element Theorem (Theorem 3.42) that the extension
M : K is simple. Thus M = K(α) for some α ∈ L. But then [M : K] is equal
to the degree of the minimum polynomial of α over K (Theorem 3.21). It
follows from Proposition 3.44 that [M : K] is equal to the number of elements
in the orbit of α under the action of G on L. Therefore [M : K] divides |G|
for any intermediate field M for which the extension M : K is finite.
Now let the intermediate field M be chosen so as to maximize [M : K].
If λ ∈ L then λ is algebraic over K, and therefore [M (λ): M ] is finite. It
follows from the Tower Law (Theorem 3.18) that [M (λ): K] is finite, and
[M (λ): K] = [M (λ): M ][M : K]. But M has been chosen so as to maximize
[M : K]. Therefore [M (λ): K] = [M : K], and [M (λ): M ] = 1. Thus λ ∈ M .
We conclude that M = L. Thus L: K is finite and [L: K] divides |G|.
The field extension L: K is a Galois extension, since it has been shown to
be finite, normal and separable. Now G ⊂ Γ(L: K) and |Γ(L: K)| ≤ [L: K]
(Lemma 3.43). Therefore |Γ(L: K)| ≤ [L: K] ≤ |G| ≤ |Γ(L: K)|, and thus
G = Γ(L: K) and |G| = [L: K], as required.

32
Theorem 3.46 Let Γ(L: K) be the Galois group of a finite field extension
L: K. Then |Γ(L: K)| divides [L: K]. Moreover |Γ(L: K)| = [L: K] if and only
if L: K is a Galois extension, in which case K is the fixed field of Γ(L: K).
Proof Let M be the fixed field of Γ(L: K). It follows from Theorem 3.45
that L: M is a Galois extension and |Γ(L: K)| = [L: M ]. Now [L: K] =
[L: M ][M : K] by the Tower Law (Theorem 3.18). Thus |Γ(L: K)| divides
[L: K]. If |Γ(L: K)| = [L: K] then M = K. But then L: K is a Galois
extension and K is the fixed field of Γ(L: K).
Conversely suppose that L: K is a Galois extension. We must show that
|Γ(L: K)| = [L: K]. Now the extension L: K is both finite and separable. It
follows from the Primitive Element Theorem (Theorem 3.42) that there exists
some element θ of L such that L = K(θ). Let f be the minimum polynomial
of θ over K. Then f splits over L, since f is irreducible and the extension
L: K is normal. Let θ1 , θ2 , . . . , θn be the roots of f in L, where θ1 = θ and
n = deg f . If σ is a K-automorphism of L then f (σ(θ)) = σ(f (θ)) = 0, since
the coefficients of the polynomial f belong to K and are therefore fixed by
σ. Thus σ(θ) = θj for some j. We claim that, for each root θj of f , there is
exactly one K-automorphism σj of L satisfying σj (θ) = θj .
Let g(x) and h(x) be polynomials with coefficients in K. Suppose that
g(θ) = h(θ). Then g − h is divisible by the minimum polynomial f of θ.
It follows that g(θj ) = h(θj ) for any root θj of f . Now every element of
L is of the form g(θ) for some g ∈ K[x], since L = K(θ). We deduce
therefore that there is a well-defined function σj : L → L with the property
that σj (g(θ)) = g(θj ) for all g ∈ K[x]. The definition of this function ensures
that it is the unique automorphism of the field L that fixes each element of
K and sends θ to θj .
Now the roots of the polynomial f in L are distinct, since f is irreducible
and L: K is separable. Moreover the order of the Galois group Γ(L: K) is
equal to the number of roots of f , since each root determines a unique element
of the Galois group. Therefore |Γ(L: K)| = deg f . But deg f = [L: K] since
L = K(θ) and f is the minimum polynomial of θ over K (Theorem 3.21).
Thus |Γ(L: K)| = [L: K], as required.

3.17 The Galois correspondence

Proposition 3.47 Let K, L and M be fields satisfying K ⊂ M ⊂ L. Sup-
pose that L: K is a Galois extension. Then so is L: M . If in addition M : K
is normal, then M : K is a Galois extension.
Proof Let α ∈ L and let fK ∈ K[x] and fM ∈ M [x] be the minimum
polyomials of α over K and M respectively. Then fK splits over L, since fK

33
is irreducible over K and L: K is a normal extension. Also the roots of fK in
L are distinct, since L: K is a separable extension. But fM divides fK , since
fK (α) = 0 and the coefficients of fK belong to M . It follows that fM also
splits over L, and its roots are distinct. We deduce that the finite extension
L: M is both normal and separable, and is therefore a Galois extension.
The finite extension M : K is clearly separable, since L: K is separable.
Thus if M : K is a normal extension then it is a Galois extension.

Theorem 3.48 (The Galois Correspondence) Let L: K be a Galois extension

of a field K. Then there is a natural bijective correspondence between fields M
satisfying K ⊂ M ⊂ L and subgroups of the Galois group Γ(L: K) of the
extension L: K. If M is a field satisfying K ⊂ M ⊂ L then the subgroup
of Γ(L: K) corresponding to M is the Galois group Γ(L: M ) of the extension
L: M . If G is a subgroup of Γ(L: K) then the subfield of L corresponding to
G is the fixed field of G. Moreover the extension M : K is normal if and only
if Γ(L: M ) is a normal subgroup of the Galois group Γ(L: K), in which case
Γ(M : K) ∼ = Γ(L: K)/Γ(L: M ).

Proof Let M be a subfield of L containing K. Then L: M is a Galois exten-

sion (Proposition 3.47). The existence of the required bijective correspon-
dence between fields M satisfying K ⊂ M ⊂ L and subgroups of the Galois
group Γ(L: K) follows immediately from Theorem 3.45 and Theorem 3.46.
Let M be a field satisfying K ⊂ M ⊂ L. Now the extension M : K is
normal if and only if, for each α ∈ M , the minimum polynomial of α over
K splits over M . But K is the fixed field of the Galois group Γ(L: K),
and therefore the roots of the minimum polynomial of α over K are the
elements of the orbit of α under the action of Γ(L: K) on L (Proposition 3.44).
Thus M : K is normal if and only if σ(M ) = M for all σ ∈ Γ(L: K). Let
H = Γ(L: M ). Then M = σ(M ) if and only if H = σHσ −1 , since M and
σ(M ) are the fixed fields of H and σHσ −1 respectively. Thus the extension
M : K is normal if and only if Γ(L: M ) is a normal subgroup of Γ(L: K).
Finally suppose that M : K is a normal extension. For each σ ∈ Γ(L: K),
let ρ(σ) be the restriction σ|M of σ to M . Then ρ: Γ(L: K) → Γ(M : K) is a
group homomorphism whose kernel is Γ(L: M ). We can apply Theorem 3.45
to the extension M : K to deduce that ρ(Γ(L: K)) = Γ(M : K), since the
fixed field of ρ(Γ(L: K)) is K. Therefore the homomorphism ρ: Γ(L: K) →
Γ(M : K) induces the required isomorphism between Γ(L: K)/Γ(L: M ) and
Γ(M : K).

34
3.18 Quadratic Polynomials
We consider the problem of expressing the roots of a polynomial of low degree
in terms of its coefficients. Then the well-known procedure for locating the
roots of a quadratic polynomial with real or complex coefficients generalizes
to quadratic polynomials with coefficients in a field K whose characteristic
does not equal 2. Given a quadratic polynomial ax2 + bx + c with coefficients
a and b belonging to some such field K, let us adjoin to K an element δ sat-
isfying δ 2 = b2 − 4ac. Then the polynomial splits over K(δ), and its roots are
(−b ± δ)/(2a). We shall describe below analogous procedures for expressing
the roots of cubic and quartic polynomials in terms of their coefficients.

3.19 Cubic Polynomials

Consider a cubic polynomial x3 + ax2 + bx + c, where the coefficients a, b and
c belong to some field K of characteristic zero. If f (x) = x3 + ax2 + bx + c
then f (x − 31 a) = x3 − px − q, where p = 13 a2 − b and q = 13 ba − 27
2 3
a − c. It
therefore suffices to restrict our attention to cubic polynomials of the form
x3 − px − q, where p and q belong to K.
Let f (x) = x3 − px − q, and let u and v be elements of some splitting
field for f over Q. Then

f (u + v) = u3 + v 3 + (3uv − p)(u + v) − q.

Suppose that 3uv = p. Then f (u + v) = u3 + p3 /(27u3 ) − q. Thus f (u +

p/(3u)) = 0 if and only if u3 is a root of the quadratic polynomial x2 − xu +
p3 /27. Now the roots of this quadratic polynomial are
r
q q2 p3
± − ,
2 4 27
and the product of these roots is p3 /27. Thus if one of these roots is equal to
u3 then the other is equal to v 3 , where v = p/(3u). It follows that the roots
of the cubic polynomial f are
s r s r
3 q q 2 p 3 3 q q2 p3
+ − + − −
2 4 27 2 4 27

where the two cube roots must be chosen so as to ensure that their product
is equal to 13 p. It follows that the cubic polynomial x3 − px − q splits over the
field K(, ξ, ω), where 2 = 14 q 2 − 27
1 3
p and ξ 3 = 12 q +  and where ω satisfies

35
ω 3 = 1 and ω 6= 1. The roots of the polynomial in this extension field are α,
β and γ, where
p p p
α=ξ+ , β = ωξ + ω 2 , γ = ω2ξ + ω3 .
3ξ 3ξ 3ξ
Now let us consider the possibilities for the Galois group Γ(L: K), where
L is a splitting field for f over K. Now L = K(α, β, γ), where α, β and γ
are the roots of f . Also a K-automorphism of L must permute the roots
of f amongst themselves, and it is determined by its action on these roots.
Therefore Γ(L: K) is isomorphic to a subgroup of the symmetric group Σ3
(i.e., the group of permutations of a set of 3 objects), and thus the possibilities
for the order of Γ(L: K) are 1, 2, 3 and 6. It follows from Corollary 3.31 that
f is irreducible over K if and only if the roots of K are distinct and the
Galois group acts transitively on the roots of K. By considering all possible
subgroups of Σ3 it is not difficult to see that f is irreducible over K if and
only if |Γ(L: K)| = 3 or 6. If f splits over K then |Γ(L: K)| = 1. If f factors
in K[x] as the product of a linear factor and an irreducible quadratic factor
then |Γ(L: K)| = 2.
Let δ = (α−β)(α−γ)(β −γ). Then δ 2 is invariant under any permutation
of α β and γ, and therefore δ 2 is fixed by all automorphisms in the Galois
group Γ(L: K). Therefore δ 2 ∈ K. The element δ 2 of K is referred to as
the discriminant of the polynomial f . A straightforward calculation shows
that if f (x) = x3 − px − q then δ 2 = 4p3 − 27q 2 . Now δ changes sign under
any permutation of the roots α, β and γ that transposes two of the roots
whilst leaving the third root fixed. But δ ∈ K if and only if δ is fixed by all
elements of the Galois group Γ(L: K), in which case the Galois group must
induce only cyclic permutations of the roots α, β and γ. Therefore Γ(L: K)
is isomorphic to the cyclic group of order 3 if and only if f is irreducible
and the discriminant 4p3 − 27q 2 of f has a square root in the field K. If f
is irreducible but the discriminant does not have a square root in K then
Γ(L: K) is isomorphic to the symmetric group Σ3 , and |Γ(L: K)| = 6.

3.20 Quartic Polynomials

We now consider how to locate the roots of a quartic polynomial with coeffi-
cients in a field K of characteristic zero. A substitution of the form x 7→ x−c,
where c ∈ K, will reduce the problem to that of locating the roots α, β, γ
and δ of a quartic polynomial f of the form f (x) = x4 − px2 − qx − r in some
splitting field L. These roots satisfy α + β + γ + δ = 0, since the coefficient
of x3 in f (x) equals zero. Define
λ = (α + β)(γ + δ) = −(α + β)2 ,

36
 µ = (α + γ)(β + δ) = −(α + γ)2 ,
ν = (α + δ)(β + γ) = −(α + δ)2 .

A straightforward, if tedious, calculation shows that (α+β)(α+γ)(α+δ)

√ √ = q.
1 √
One can then verify that the roots of f take the form 2 ( −λ+ −µ+ −ν),
√ √ √
where these square roots are chosen to ensure that −λ −µ −ν = q.
(It should be noted that there are four possible ways in which the square
roots can be chosen to satisfy this condition; these yield all four roots of the
polynomial f .) We can therefore determine the roots of f in an appropriate
splitting field once we have expressed the quantities λ, µ and ν in terms of
the coefficients of the polynomial.
Let the cubic polynomial g be given by g(x) = (x − λ)(x − µ)(x − ν).
(This polynomial g is referred to as the resolvent cubic of the given quartic
polynomial.) Now any permutation of the roots of the given quartic will
permute the quantities λ, µ and ν amonst themselves and will therefore
permute the factors of g. Therefore the coefficients of g are fixed by all
elements of the Galois group Γ(L: K) and therefore belong to the ground
field K. Straightforward calculations show that

λ + µ + ν = −2p, λµ + λν + µν = p2 + 4r, λµν = −q 2 .

It follows that g(x) = x3 + 2px2 + (p2 + 4r)x + q 2 . We can use the formulae
for the roots of a cubic polynomial to express the roots λ, µ and ν of g in
terms of the coefficients of f , and thus determine the roots α, β, γ and δ of
f in terms of the coefficients of f .

3.21 The Galois group of the polynomial x4 − 2

We shall apply the Galois correspondence to investigate the structure of the
splitting field for the polynomial x4 − 2 over the field Q of rational numbers.
A straightforward application of Eisenstein’s Irreducibility Criterion (Propo-
sition 3.17) shows that the polynomial x4 − 2 is irreducible over Q. Let ξ be
the unique positive real number satisfying ξ 4 = 2. Then the roots of x√ 4
−2
in the field C of complex numbers are ξ, iξ, −ξ and −iξ, where i = −1.
Thus if L = Q(ξ, i) then L is a splitting field for the polynomial x4 − 2 over
Q.
Now the polynomial x4 − 2 is the minimum polynomial of ξ over Q, since
this polynomial is irreducible. We can therefore apply Theorem 3.21 to de-
duce that [Q(ξ): Q] = 4. Now i does not belong to Q(ξ), since Q(ξ) ⊂
R. Therefore the polynomial x2 + 1 is the minimum polynomial of i over

37
Q(ξ). Another application of Theorem 3.21 now shows that [L: Q(ξ)] =
[Q(ξ, i): Q(ξ)] = 2. It follows from the Tower Law (Theorem 3.18) that
[L: Q] = [L: Q(ξ)][Q(ξ): Q] = 8. Moreover the extension L: Q is a Galois
extension, and therefore its Galois group Γ(L: Q) is a group of order 8 (The-
orem 3.46).
Another application of the Tower Law now shows that [L: Q(i)] = 4,
since [L: Q] = [L: Q(i)][Q(i): Q] and [Q(i): Q] = 2. Therefore the minimum
polynomial of ξ over Q(i) is a polynomial of degree 4 (Theorem 3.21). But ξ is
a root of x4 −2. Therefore x4 −2 is irreducible over Q(i), and is the minimum
polynomial of ξ over Q(i). Corollary 3.31 then ensures the existence of an
automorphism σ of L that sends ξ ∈ L to iξ and fixes each element of Q(i).
Similarly there exists an automorphism τ of L that sends i to −i and fixes
each element of Q(ξ). (The automorphism τ is in fact the restriction to L
of the automorphism of C that sends each complex number to its complex
conjugate.)
Now the automorphisms σ, σ 2 , σ 3 and σ 4 fix i and therefore send ξ to
iξ, −ξ, −iξ and ξ respectively. Therefore σ 4 = ι, where ι is the identity
automorphism of L. Similarly τ 2 = ι. Straightforward calculations show
that τ σ = σ 3 τ , and (στ )2 = (σ 2 τ )2 = (σ 3 τ )2 = ι. It follows easily from this
that Γ(L: Q) = {ι, σ, σ 2 , σ 3 , τ, στ, σ 2 τ, σ 3 τ }, and Γ(L: Q) is isomorphic to the
dihedral group of order 8 (i.e., the group of symmetries of a square in the
plane).
The Galois correspondence is a bijective correspondence between the sub-
groups of Γ(L: Q) and subfields of L that contain Q. The subfield of L cor-
responding to a given subgroup of Γ(L: Q) is set of all elements of L that
are fixed by all the automorphisms in the subgroup. One can verify that
the correspondence between subgroups of Γ(L: Q) and their fixed fields is as
follows:—
Subgroup of Γ(L: Q) Fixed field
Γ(L: K) Q
{ι, σ, σ 2 , σ 3 } Q(i)
√
{ι, σ 2 , τ, σ 2 τ } Q( √2)
{ι, σ 2 , στ, σ 3 τ } √ 2)
Q(i
{ι, σ 2 } Q( 2, i)
{ι, τ } Q(ξ)
{ι, σ 2 τ } Q(iξ)
{ι, στ } Q((1 − i)/ξ)
{ι, σ 3 τ } Q((1 + i)/ξ)
{ι} Q(ξ, i)

38
3.22 The Galois group of a polynomial
Definition Let f be a polynomial with coefficients in some field K. The
Galois group ΓK (f ) of f over K is defined to be the Galois group Γ(L: K) of
the extension L: K, where L is some splitting field for the polynomial f over
K.

We recall that all splitting fields for a given polynomial over a field K
are K-isomorphic (see Theorem 3.30), and thus the Galois groups of these
splitting field extensions are isomorphic. The Galois group of the given poly-
nomial over K is therefore well-defined (up to isomorphism of groups) and
does not depend on the choice of splitting field.

Lemma 3.49 Let f be a polynomial with coefficients in some field K and

let M be an extension field of K. Then ΓM (f ) is isomorphic to a subgroup
of ΓK (f ).

Proof Let N be a splitting field for f over M . Then N contains a splitting

field L for f over K. Each K-automorphism of N must map the field L
into itself. Therefore there is an injective homomorphism from Γ(N : M ) to
Γ(L: K) which sends an automorphism σ ∈ Γ(N : M ) to its restriction σ|L
to L. The result then follows from the definition of the Galois group of a
polynomial.

Let f be a polynomial with coefficients in some field K and let the roots
of f is some splitting field L be α1 , α2 , . . . , αn . An element σ of Γ(L: K) is
a K-automorphism of L, and therefore σ permutes the roots of f . Moreover
two automorphism σ and τ in the Galois group Γ(L: K) are equal if and only
if σ(αj ) = τ (αj ) for j = 1, 2, . . . , n, since L = K(α1 , α2 , . . . , αn ). Thus the
Galois group of a polynomial can be represented as a subgroup of the group
of permutations of its roots. We deduce immediately the following result.

Lemma 3.50 Let f be a polynomial with coefficients in some field K. Then

the Galois group of f over K is isomorphic to a subgroup of the symmetric
group Σn , where n is the degree of f .

3.23 Solvable polynomials and their Galois groups

Definition We say that a polynomial with coefficients in a given field is
solvable by radicals if the roots of the polynomial in a splitting field can be
constructed from its coefficients in a finite number of steps involving only the
operations of addition, subtraction, multiplication, division and extraction
of nth roots for appropriate natural numbers n.

39
 It follows from the definition above that a polynomial with coefficients in
a field K is solvable by radicals if and only if there exist fields K0 , K1 , . . . , Km
such that K0 = K, the polynomial f splits over Km , and, for each integer i
between 1 and m, the field Ki is obtained on adjoining to Ki−1 an element αi
with the property that αipi ∈ Ki−1 for some positive integer pi . Moreover we
can assume, without loss of generality that p1 , p2 , . . . , pm are prime numbers,
since an nth root α of an element of a given field can be adjoined that field
by successively adjoining powers αn1 , αn2 , . . . , αnk of α chosen such that n/n1
is prime, ni /ni−1 is prime for i = 2, 3, . . . , k, and nk = 1.
We shall prove that a polynomial with coefficients in a field K of charac-
teristic zero is solvable by radicals if and only if its Galois group ΓK (f ) over
K is a solvable group.
Let L be a field, and let p be a prime number that is not equal to the
characteristic of L. Suppose that the polynomial xp − 1 splits over L. Then
the polynomial xp − 1 has distinct roots, since its formal derivative pxp−1 is
non-zero at each root of xp − 1. An element ω of L is said to be a primitive
pth root of unity if ω p = 1 and ω 6= 1. The primitive pth roots of unity are
the roots of the polynomial xp−1 +xp−2 +· · ·+1, since xp −1 = (x −1)(xp−1 +
xp−2 + · · · + 1). Also the group of pth roots of unity in L is a cyclic group
over order p which is generated by any primitive pth root of unity.

Lemma 3.51 Let K be a field, and let p be a prime number that is not
equal to the characteristic of K. If ω is a primitive pth root of unity in
some extension field of K then the Galois group of the extension K(ω): K is
Abelian.

Proof Let L = K(ω). Then L is a splitting field for the polynomial xp − 1.

Let σ and τ be K-automorphisms of L. Then σ(ω) and τ (ω) are roots of
xp −1 (since the automorphisms σ and τ permute the roots of this polynomial)
and therefore there exist non-negative integers q and r such that σ(ω) = ω q
and τ (ω) = ω r . Then σ(τ (ω)) = ω qr = τ (σ(ω)). But there is at most one
K-automorphism of L sending ω to ω qr . It follows that σ ◦ τ = τ ◦ σ. Thus
the Galois group Γ(L: K) is Abelian, as required.

Lemma 3.52 Let K be a field of characteristic zero and let M be a splitting

field for the polynomial xp − c over K, where p is some prime number and
c ∈ K. Then the Galois group Γ(M : K) of the extension M : K is solvable.

Proof The result is trivial when c = 0, since M = K in this case.

Suppose c 6= 0. The roots of the polynomial xp − c are distinct, and each
pth root of unity is the ratio of two roots of xp − c. Therefore M = K(α, ω),

40
where αp = c and ω is some primitive pth root of unity. Now K(ω): K
is a normal extension, since K(ω) is a splitting field for the polynomial
xp − 1 over K (Theorem 3.32). On applying the Galois correspondence
(Theorem 3.48), we see that Γ(M : K(ω)) is a normal subgroup of Γ(M : K),
and Γ(M : K)/Γ(M : K(ω)) is isomorphic to Γ(K(ω): K). But Γ(K(ω): K) is
Abelian (Lemma 3.51). It therefore suffices to show that Γ(M : K(ω)) is also
Abelian.
Now the field M is obtained from K(ω) by adjoining an element α sat-
isfying αp = c. Therefore each automorphism σ in Γ(M : K(ω)) is uniquely
determined by the value of σ(α). Moreover σ(α) is also a root of xp − c, and
therefore σ(α) = αω j for some integer j. Thus if σ and τ are automorphisms
of M belonging to Γ(M : K(ω)), and if σ(α) = αω j and τ (α) = αω k , then
σ(τ (α)) = τ (σ(α)) = αω j+k , since σ(ω) = τ (ω) = ω. Therefore σ ◦ τ = τ ◦ σ.
We deduce that Γ(M : K(ω)) is Abelian, and thus Γ(M : K) is solvable, as
required.

Lemma 3.53 Let f be a polynomial with coefficients in a field K of char-

acteristic zero, and let K 0 = K(α), where α ∈ K 0 satisfies αp ∈ K for some
prime number p. Then ΓK (f ) is solvable if and only if ΓK 0 (f ) is solvable.

Proof Let N be a splitting field for the polynomial f (x)(xp − c) over K,

where c = αp . Then N contains a splitting field L for f over K and a
splitting field M for xp − c over K. Then N : K, L: K and M : K are Galois
extensions. The Galois correspondence (Theorem 3.48) ensures that Γ(N : L)
and Γ(N : M ) are normal subgroups of Γ(N : K). Moreover Γ(L: K) is isomor-
phic to Γ(N : K)/Γ(N : L), and Γ(M : K) is isomorphic to Γ(N : K)/Γ(N : M ).
Now M and N are splitting fields for the polynomial xp − c over the fields K
and L respectively. It follows from Lemma 3.52 that Γ(M : K) and Γ(N : L)
are solvable. But if H is a normal subgroup of a finite group G then G is solv-
able if and only both H and G/H are solvable (Proposition 2.49). Therefore
Γ(N : K) is solvable if and only if Γ(N : M ) is solvable. Also Γ(N : K) is solv-
able if and only if Γ(L: K) is solvable. It follows that Γ(N : M ) is solvable if
and only if Γ(L: K) is solvable. But Γ(N : M ) ∼ = ΓM (f ) and Γ(L: K) ∼ = ΓK (f ),
since L and N are splitting fields for f over K and M respectively. Thus
ΓM (f ) is solvable if and only if ΓK (f ) is solvable.
Now M is also a splitting field for the polynomial xp − c over K 0 , since
K 0 = K(α), where α is a root of the polynomial xp − c. The above argu-
ment therefore shows that ΓM (f ) is solvable if and only if ΓK 0 (f ) is solvable.
Therefore ΓK (f ) is solvable if and only if ΓK 0 (f ) is solvable, as required.

41
Theorem 3.54 Let f be a polynomial with coefficients in a field K of char-
acteristic zero. Suppose that f is solvable by radicals. Then the Galois group
ΓK (f ) of f is a solvable group.

Proof The polynomial f is solvable by radicals. Therefore there exist fields

K0 , K1 , . . . , Km such that K0 = K, the polynomial f splits over Km , and, for
each integer i between 1 and m, the field Ki is obtained on adjoining to Ki−1
an element αi with the property that αipi ∈ Ki−1 for some prime number pi .
Now ΓKm (f ) is solvable, since it is the trivial group consisting of the identity
automorphism of Km only. Also Lemma 3.53 ensures that, for each i > 0,
ΓKi (f ) is solvable if and only if ΓKi−1 (f ) is solvable. It follows that ΓK (f ) is
solvable, as required.

Lemma 3.55 Let p be a prime number, let K be a field whose characteristic

is not equal to p, and let L: K be a Galois extension of K of degree p. Suppose
that the polynomial xp − 1 splits over K. Then there exists α ∈ L such that
L = K(α) and αp ∈ K.

Proof The Galois group Γ(L: K) is a cyclic group of order p, since its order is
equal to the degree p of the extension L: K. Let σ be a generator of Γ(L: K),
let β be an element of L \ K, and let

αj = β0 + ω j β1 + ω 2j β2 + · · · + ω (p−1)j βp−1

for j = 0, 1, . . . , p − 1, where β0 = β, βi = σ(βi−1 ) for i = 1, 2, . . . , p − 1,

and ω is a primitive pth root of unity contained in K. Now σ(αj ) = ω −j αj
for j = 0, 1, . . . , p − 1, since σ(ω) = ω, σ(βp−1 ) = β0 and ω p = 1. Therefore
σ(αjp ) = αjp and hence αjp ∈ K for j = 0, 1, 2, . . . , p − 1. But

α0 + α1 + α2 + · · · + αp−1 = pβ,

since ω j is a root of the polynomial 1 + x + x2 + · · · + xp−1 for all integers

j that are not divisible by p. Moreover pβ ∈ L \ K, since β ∈ L \ K and
p 6= 0 in K. Therefore at least one of the elements α0 , α1 , . . . , αp−1 belongs
to L \ K. Let α = αj , where αj ∈ L \ K. It follows from the Tower Law
(Theorem 3.18) that [K(α), K] divides [L: K]. But [L: K] = p and p is prime.
It follows that L = K(α). Moreover αp ∈ K, as required.

Theorem 3.56 Let f be a polynomial with coefficients in a field K of char-

acteristic zero. Suppose that the Galois group ΓK (f ) of f over K is solvable.
Then f is solvable by radicals.

42
Proof Let ω be a primitive pth root of unity. Then ΓK(ω) (f ) is isomorphic
to a subgroup of ΓK (f ) (Lemma 3.49) and is therefore solvable (Proposi-
tion 2.49). Moreover f is solvable by radicals over K if and only if f is
solvable by radicals over K(ω), since K(ω) is obtained from K by adjoining
an element ω whose pth power belongs to K. We may therefore assume,
without loss of generality, that K contains a primitive pth root of unity for
each prime p that divides |ΓK (f )|.
The result is trivial when |ΓK (f )| = 1, since the polynomial f splits over
K. We prove the result by induction on the degree |ΓK (f )| of the Galois
group. Thus suppose that the result holds when the order of the Galois group
is less than |ΓK (f )|. Let L be a splitting field for f over K. Then L: K is
a Galois extension and Γ(L: K) ∼ = ΓK (f ). Now the solvable group Γ(L: K)
contains a normal subgroup H for which the corresponding quotient group
Γ(L: K)/H is a cyclic group of order p for some prime number p dividing
Γ(L: K). Let M be the fixed field of H. Then Γ(L: M ) = H and Γ(M : K) ∼ =
Γ(L: K)/H. (Theorem 3.48), and therefore [M : K] = |Γ(L: K)/H| = p. It
follows from Lemma 3.55 that M = K(α) for some element α ∈ M satisfying
αp ∈ K. Moreover ΓM (f ) ∼ = H, and H is solvable, since any subgroup of
a solvable group is solvable (Proposition 2.49). The induction hypothesis
ensures that f is solvable by radicals when considered as a polynomial with
coefficients in M , and therefore the roots of f lie in some extension field of
M obtained by successively adjoining radicals. But M is obtained from K by
adjoining the radical α. Therefore f is solvable by radicals, when considered
as a polynomial with coefficients in K, as required.

On combining Theorem 3.54 and Theorem 3.56, we see that a polynomial

with coefficients in a field K of characteristic zero is solvable by radicals if
and only if its Galois group ΓK (f ) over K is a solvable group.

3.24 A quintic polynomial that is not solvable by rad-

icals
Lemma 3.57 Let p be a prime number and let f be a polynomial of order p
with rational coefficients. Suppose that f has exactly p − 2 real roots and is
irreducible over the field Q of rational numbers. Then the Galois group of f
over Q is isomorphic to the symmetric group Σp .

Proof If α is a root of f then [Q(α): Q] = p since f is irreducible and

deg f = p (Theorem 3.21). Thus if L is a splitting field extension for f over
Q then [L: Q] = [L: Q(α)][Q(α): Q] by the Tower Law (Proposition 3.18) and
therefore [L: Q] is divisible by p. But [L: Q] is the order of the Galois group G

43
of f , and therefore |G| is divisible by p. It follows from a theorem of Cauchy
(Theorem 2.42) that G has an element of order p. Moreover an element of
G is determined by its action on the roots of f . Thus an element of G is of
order p if and only if it cyclically permutes the roots of f .
The irreducibility of f ensures that f has distinct roots (Corollary 3.35).
Let α1 and α2 be the two roots of f that are not real. Then α1 and α2 are
complex conjugates of one another, since f has real coefficients. We have
already seen that G contains an element of order p which cyclically permutes
the roots of f . On taking an appropriate power of this element, we obtain
an element σ of G that cyclically permutes the roots of f and sends α1 to
α2 . We label the real roots α3 , α4 , . . . , αp of f so that αj = σ(αj−1 ) for
j = 2, 3, 4, . . . , p. Then σ(αp ) = α1 . Now complex conjugation restricts to a
Q-automorphism τ of L that interchanges α1 and α2 but fixes αj for j > 2.
But if 2 ≤ j ≤ p then σ 1−j τ σ j−1 transposes the roots αj−1 and αj and fixes
the remaining roots. But transpositions of this form generate the whole of
the group of permutations of the roots. Therefore every permutation of the
roots of f is realised by some element of the Galois group G of f , and thus
G∼ = Σp , as required.

Example Consider the quintic polynomial f where f (x) = x5 − 6x + 3.

Eisenstein’s Irreducibility Criterion (Proposition 3.17) can be used to show
that f is irreducible over Q. Now f (−2) = −17, f (−1) = 8, f (1) = −2
and f (2) = 23. The Intermediate Value Theorem ensures that f has at
least 3 distinct real roots. If f had at least 4 distinct real roots then Rolle’s
Theorem would ensure that the number of distinct real roots of f 0 and f 00
would be at least 3 and 2 respectively. But zero is the only root of f 00 since
f 00 (x) = 20x3 . Therefore f must have exactly 3 distinct real roots. It follows
from Lemma 3.57 that the Galois group of f is isomorphic to the symmetric
group Σ5 . This group is not solvable. Theorem 3.54 then ensures that the
polynomial f is not solvable by radicals over the field of rational numbers.

The above example demonstrates that there cannot exist any general
formula for obtaining the roots of a quintic polynomial from its coefficients in
a finite number of steps involving only addition, subtraction, multiplication,
division and the extraction of nth roots. For if such a general formula were
to exist then every quintic polynomial with rational coefficients would be
solvable by radicals.

44