CHAPTER 3

Ideal Theory

!c W W L Chen, 1984, 2013.

This chapter originates from material used by the author
at Imperial College London between 1981 and 1990.
It is available free to all individuals,
on the understanding that it is not to be used for financial gain,
and may be downloaded and/or photocopied,
with or without permission from the author.
However, this document may not be kept on any information storage and retrieval system
without permission from the author,
unless such system is not accessible to any individuals other than its owners.

3.1. Introduction
√ √
Let us examine the ring of integers in the algebraic number field Q( 15). This is simply Z[ 15] by
Theorem 2.24. Consider, in particular, the two factorizations of the algebraic integer 10 into products
of primes, given by
√ √
10 = 2 · 5 = (5 + 15)(5 − 15).
Clearly we do not have uniqueness of factorization into products of primes in this algebraic number
field. √ √ √
The numbers 5 and 3 are not in the algebraic number field Q( 15), but let us introduce these
numbers into the argument nevertheless. Then
√ √ √ √ √ √ √ √
5 + 15 = 5( 5 + 3) and 5 − 15 = 5( 5 − 3),
and note that
√ √ √ √
2 = ( 5 + 3)( 5 − 3).
Hence the two factorizations of the algebraic integer 10 are obtained by grouping the terms in the
“factorization”
√ √ √ √ √ √
10 = 5 5( 5 + 3)( 5 − 3)
√
in two different ways. It therefore appears that in the algebraic number field Q( √15), the primes
are√not√necessarily the “building blocks”. It seems necessary√ to
√ enlarge the field Q( 15) to perhaps
Q( 3, 5) in order to include “ideal numbers” such as 5 ± 3.
Our hope is then the following: Suppose that there is no uniqueness of factorization of algebraic
integers into products of primes in an algebraic number field K. Is it then possible to extend K to
an algebraic number field L such that the algebraic integers in K factorize in some unique way into
products of algebraic integers in L? But then how do we attempt to find such an algebraic √ number
field L, if it exists? Or, returning to our example, what numbers should we add to Q( 15)?
Let K be a given algebraic number field. Suppose that ξ is a “common factor” to two relatively
prime algebraic integers in K. Let a denote the set of all algebraic integers in K that are “divisible”
by ξ. If α, β ∈ a, then clearly λα + µβ ∈ a for all algebraic integers λ and µ in K. But this is precisely
the definition of an ideal in the ring of integers O of the algebraic number field K.
Let us consider an ideal a in an algebraic number field K. Suppose that we can find an algebraic
integer ξ, not necessarily in K, such that a is the set of all algebraic integers in K which are “divisible”
by ξ, and that ξ is in some sense unique, then we have characterized the missing algebraic integers in
K by means of ideals. In this case, the problem of factorization of algebraic integers then becomes
the problem of factorization of ideals. Our aim is to show that there is a satisfactory solution to the
latter. This is known as Kummer theory.
23
24 3. IDEAL THEORY

Remarks. (i) The origin of Kummer theory goes back to the famous Fermat’s last theorem, that
for all natural numbers n > 2, the diophantine equation
xn + y n = z n
has no solutions in non-zero integers x, y and z.
(ii) The problem can be simplified somewhat. First of all, we may restrict the solutions to pairwise
coprime non-zero integers x, y and z. Secondly, it clearly suffices to study the problem when the
exponent n is equal to 4 or is an odd prime.
(iii) When n = 2, the solutions of the equation x2 + y 2 = z 2 with pairwise coprime integers x, y
and z are given parametrically by
±x = r2 − s2 , ±y = 2rs, ±z = r2 + s2 ,
or with x and y interchanged, where r and s are coprime integers and exactly one of them is odd.
Clearly it is sufficient to consider positive x, y and z, and not all three of them can be odd. Since
they are pairwise coprime, exactly one of them is even. This cannot be z, for otherwise
2 ≡ x2 + y 2 = z 2 ≡ 0 mod 4.
We may therefore assume that y is even, and that x and z are odd. In this case,
(3.1) y 2 = z 2 − x2 = (z + x)(z − x),
where y, z − x and z + x are all even and positive. Writing y = 2u, z + x = 2v and z − x = 2w, we
then have u2 = vw. It is not difficult to see that v and w are coprime, so factorizing u, v and w into
prime factors, it is easily seen that both v and w are squares. Let v = r2 and w = s2 . Then r and s
are coprime, and
z = v + w = r2 + s2 , x = v − w = r2 − s2 .
Furthermore, since both x and z are odd, precisely one of r and s is odd. Finally, it follows from
(3.1) that y 2 = (r2 + s2 )2 − (r2 − s2 )2 = 4r2 s2 , so that y = 2rs.
(iv) The case n = 4 of the problem can now be handled relatively easily by showing that the
equation
x4 + y 4 = z 2
has no solutions in non-zero integers x, y and z. Suppose on the contrary that such a solution exists.
We may assume that x, y and z are all positive, and that z is minimal among all such solutions. Then
x, y and z are coprime. In view of (iii) above, there exist coprime r and s, precisely one of which is
even and such that
x2 = r2 − s2 , y 2 = 2rs, z = r2 + s2 .
Furthermore, x and z are odd and y is even. Clearly
x2 + s2 = r2 ,
where x and s are coprime. In view of (iii) above, there exist coprime a and b, precisely one of which
is even and such that
x = a2 − b2 , s = 2ab, r = a2 + b2 .
Substitution gives y 2 = 4ab(a2 + b2 ). On writing y = 2k, we have
k 2 = ab(a2 + b2 ).
It is not difficult to see that a, b and a2 + b2 are pairwise coprime. Hence there exist u, v and w such
that a = u2 , b = v 2 and a2 + b2 = w2 , so that
u4 + v 4 = w 2 .
Now w ! a2 + b2 = r < z, contradicting the minimality of z.
(v) Summarizing the above, it now follows that Fermat’s last theorem is reduced to showing that
the diophantine equation
(3.2) xp + y p = z p
 3.2. IDEALS IN AN ALGEBRAIC NUMBER FIELD 25

for any fixed odd prime p has no solutions in pairwise coprime non-zero integers x, y and z. Suppose
on the contrary that such a solution to the equation (3.2) exists. Writing ζ = e2πi/p for a primitive
p-th root of unity, we obtain
(3.3) (x + y)(x + ζy) . . . (x + ζ p−1 y) = z n ,
and factorization takes place in the cyclotomic number field Q(ζ). If x and y are coprime, then the
factors on the left hand side of (3.3) have no common factors, and so “must” each be a p-th power.
However, this last step assumes uniqueness of factorization in a subtle way!
(vi) In Chapter 5, we establish a special case of Fermat’s last theorem due to Kummer – for primes
p which are “regular”.
(vii) The proof of Fermat’s last theorem in 1994 is due to Wiles with assistence from Taylor.

3.2. Ideals in an Algebraic Number Field

Let K be an algebraic number field, with ring of integers O. A subset a of O is an ideal in K if
the following condition is satisfied: If α, β ∈ a, then λα + µβ ∈ a for every λ, µ ∈ O.
We denote by %0& = {0} the zero ideal.
The following result can be considered a generalization of Theorem 2.22.
Theorem 3.1. Suppose that K is an algebraic number field of degree n, with ring of integers O.
Then every non-zero ideal a in K has a Z-basis {α1 , . . . , αn }.
Proof. We first of all show that if a has a Z-basis {α1 , . . . , αr }, then we must have r = n. Clearly
r ! n. On the other hand, let {β1 , . . . , βn } be an integral basis for O. If α ∈ a is non-zero, then
αβ1 , . . . , αβn ∈ a and are linearly independent over Q, and hence also over Z. It follows that we
must have r = n. It remains to prove that a has a Z-basis. To do this, we imitate the proof of
Theorem 2.22. Let L be the set of all bases of K whose elements are all in a. Then L = ' ∅, for
{αβ1 , . . . , αβn } ∈ L. By Theorem 2.21, ∆[α1 , . . . , αn ] ∈ Z \ {0} for every element {α1 , . . . , αn } ∈ L,
and so there exists {α1 , . . . , αn } ∈ L for which |∆[α1 , . . . , αn ]| is minimal. This is a Z-basis for a by
similar arguments as in the proof of Theorem 2.22, and noting that b1 α1 + . . . + bn αn ∈ a for every
b1 , . . . , bn ∈ Z. )
Before we study some basic properties of ideals, we need to make a few definitions. Throughout,
K denotes an algebraic number field, with ring of integers O.
An ideal a in K is said to be generated by α1 , . . . , αs , denoted by a = %α1 , . . . , αs &, if a consists of
all sums of the form λ1 α1 + . . . + λs αs , where λ1 , . . . , λs ∈ O.
Clearly, if {α1 , . . . , αn } is a Z-basis for a, then a = %α1 , . . . , αn &.
An ideal a in K is said to be principal if a is generated by a single element; in other words, if
a = {α} for some α ∈ O.
Let a = %α1 , . . . , αs & and b = %β1 , . . . , βt & be ideals in K. By the product ab, we mean the ideal
%α1 β1 , . . . , αi βj , . . . , αs βt &.
Suppose that a and b are ideals in K. Then we say that a divides b, denoted by a | b, if there
exists an ideal c such that b = ac. In this case, we also say that a is a factor of b.
Theorem 3.2. Suppose that K is an algebraic number field. Then the following statements hold:
(i) If a and b are ideals in K satisfying a | b, then b ⊆ a.
(ii) A non-zero rational integer belongs to at most a finite number of ideals in K.
(iii) Every non-zero ideal in K contains a non-zero rational integer.
(iv) A non-zero ideal in K has only a finite number of divisors.
Proof. (i) If a | b, then b = ac for some ideal c in K. Let a = %α1 , . . . , αs & and c = %γ1 , . . . , γt &.
Then every β ∈ b is of the form
 
!s ! t s
! ! t
β= λij αi γj =  λij γj  αi ,
i=1 j=1 i=1 j=1

where λij ∈ O for every i = 1, . . . , s and j = 1, . . . , t. Hence β ∈ a, since clearly

t
!
λij γj ∈ O, i = 1, . . . , s.
j=1
26 3. IDEAL THEORY

(ii) Suppose that a is a non-zero rational integer which belongs to an ideal a. We may assume,
without loss of generality, that a > 0. Let {ω1 , . . . , ωn } be an integral basis for O. Then every α ∈ O
can be written in the form α = c1 ω1 + . . . + cn ωn , where c1 , . . . , cn ∈ Z. For every i = 1, . . . , n, we
can write ci = aqi + ri , where qi , ri ∈ Z and 0 ! ri < a. Then
α = (aq1 + r1 )ω1 + . . . + (aqn + rn )ωn = a(q1 ω1 + . . . + qn ωn ) + (r1 ω1 + . . . + rn ωn ).
Clearly γ = q1 ω1 + . . . + qn ωn ∈ O and β = r1 ω1 + . . . + rn ωn ∈ B, where B is a finite set. Suppose
now that a = %α1 , . . . , αs &. Since a ∈ a, we can write
a = %α1 , . . . , αs , a&.
Using the above observation, we can write
a = %aγ1 + β1 , . . . , aγs + βs , a&,
where γ1 , . . . , γs ∈ O and β1 , . . . , βs ∈ B. Clearly a = %β1 , . . . , βs , a&, and so the conclusion follows.
(iii) Let α ∈ a be non-zero, and let α(1) , . . . , α(n) be the K-conjugates of α, with the convention
that α = α(1) . Then α(2) . . . α(n) is an algebraic integer and
N (α)
α(2) . . . α(n) =∈ K.
α
Hence α(2) . . . α(n) ∈ O. It now follows that N (α) = αα(2) . . . α(n) ∈ a.
(iv) Let α ∈ a be non-zero. By part (iii), N (α) ∈ a. It follows from part (i) that N (α) belongs to
any divisor of a. The conclusion now follows from part (ii). )
To establish a theory of factorization, we make the following two definitions.
An ideal a in K is said to be maximal if a '= O and satisfies the following condition: If b is an ideal
in K satisfying a ⊆ b ⊆ O, then b = a or b = O; in other words, there are no ideals in K strictly
between a and O.
An ideal a in K is said to be prime if a '= O and satisfies the following condition: If b and c are
ideals in K satisfying bc ⊆ a, then b ⊆ a or c ⊆ a.
Theorem 3.3. Every maximal ideal in an algebraic number field K is prime.
Proof. Suppose that a is maximal, and that b and c are ideals in K satisfying bc ⊆ a. Suppose
further that b '⊆ a. We need to show that c ⊆ a. Since b '⊆ a, there exists β ∈ b such that
β '∈ a. Let a = %α1 , . . . , αs &. Then a ! %α1 , . . . , αs , β& ⊆ O. Since a is maximal, it follows that
%α1 , . . . , αs , β& = O, and so there exist λ1 , . . . , λs , µ ∈ O such that
1 = λ1 α1 + . . . + λs αs + µβ.
Hence for every γ ∈ c, we have
γ = γ1 = (γλ1 )α1 + . . . + (γλs )αs + µ(βγ).
Since γλ1 , . . . , γλs , µ ∈ O and α1 , . . . , αs , βγ ∈ a, it follows that γ ∈ a. )
Our aim in the next two sections is to give two proofs of the following important result.
Theorem 3.4 (Unique factorization theorem). Suppose that K is an algebraic number field, with
ring of integers O. Suppose further that a is an ideal in K such that a '= %0& and a '= O. Then a can
be written as a product of prime ideals in K, uniquely up to the order of factors.
In Section 3.3, we give a classical proof based on the ideas of Hurwitz. In Section 3.4, we then give
a modern proof based on the ideas of Noether. We emphasize that Section 3.4 does not depend on
any result in Section 3.3 not established also within Section 3.4.

3.3. The Classical Proof of the Unique Factorization Theorem

The crucial step in the classical proof of the Unique factorization theorem is summarized by the
following result.
Theorem 3.5. Suppose that K is an algebraic number field. Then for any non-zero ideal a in K,
there exists a non-zero ideal b in K such that ab = %a& for some a ∈ Z.
An immediate consequence is the following result.
 3.3. THE CLASSICAL PROOF OF THE UNIQUE FACTORIZATION THEOREM 27

Theorem 3.6. Suppose that a, b and c are ideals in an algebraic number field K. Then the following
statements hold:
(i) If ab = ac and a '= %0&, then b = c.
(ii) If b ⊆ a, then a | b.
Proof. By Theorem 3.5, there exists an ideal d in K such that ad = %a& for some a ∈ Z.
(i) We have abd = acd, so that %a&b = %a&c. The conclusion follows easily.
(ii) Since b ⊆ a, we have bd ⊆ ad. Let bd = %β1 , . . . , βm &. Then for every i = 1, . . . , m, we have
βi ∈ ad = %a&, and so βi = λi a for some λi ∈ O. It follows that bd = %a&%λ1 , . . . , λm & = ad%λ1 , . . . , λm &,
and so b = a%λ1 , . . . , λm &, in view of part (i). )
We postpone the proof of Theorem 3.5 to the latter part of this section. To deduce Theorem 3.4,
we also need the following result.
Theorem 3.7. Suppose that K is an algebraic number field. Then every ideal a in K such that
a '= O is contained in a maximal ideal in K.
Proof. We assume that a is non-zero. Then it follows from Theorem 3.2(iv) that a has only a
finite number of divisors. Clearly any divisor b of a which is different from O has fewer divisors
than a. Among the divisors of a which are different from O, let p be one with the smallest number
of divisors. We now claim that p is maximal in K. Suppose not. Then there exists an ideal q in K
such that p ! q ! O. It then follows from Theorem 3.6(ii) that q | p, and so must have fewer divisors
than p. )
Proof of Theorem 3.4. Let a be an ideal in K such that a '= %0& and a '= O.
We first of all exhibit a factorization of a into a product of maximal ideals. This is trivial if a is
maximal. If a is not maximal, then it follows from Theorem 3.7 that a ⊆ p1 for some maximal ideal
p1 in K. It then follows from Theorem 3.6(ii) that p1 | a, so that a = p1 a1 for some ideal a1 in K. If
a1 is maximal, then we stop; otherwise we repeat the process with a replaced by a1 , so that a1 = p2 a2 ,
where p2 and a2 are ideals in K and p2 is maximal. If a2 is maximal, then we stop; otherwise we
repeat the process again, and so on. This process must stop, in view of Theorem 3.2(iv) and the
observation that a1 ! a2 ! . . . . We can therefore conclude that a = p1 . . . pr , a product of maximal
ideals in K. Furthermore, the ideals p1 , . . . , pr are prime, in view of Theorem 3.3.
To prove uniqueness of factorization, suppose that
a = p 1 . . . p r = q1 . . . qs ,
where p1 , . . . , pr are maximal, and hence prime, ideals in K and where q1 , . . . , qs are prime ideals
in K. Clearly q1 | p1 . . . pr . It therefore follows from Theorem 3.2(i) that p1 . . . pr ⊆ q1 . Since q1
is prime, there exists some j = 1, . . . , r such that pj ⊆ q1 . Renumbering p1 , . . . , pr if necessary, we
may assume that p1 ⊆ q1 . Since p1 is maximal and q1 is prime, we must then have p1 = q1 . It then
follows from Theorem 3.6(i) that p2 . . . pr = q2 . . . qs . Repeating this argument, we clearly have r = s
and uniqueness of factorization. )
Remark. Note that in the proof of Theorem 3.4, we have not used the fact that the ideals q1 , . . . , qs
are maximal, only that they are prime. However, we have used the fact that the ideals p1 , . . . , pr are
maximal. This is clearly possible, since we have first established that the ideal a has a factorization
into a product of maximal ideals. What we have not studied so far is whether a prime ideal is also
maximal. In fact, we can deduce this fact from the proof of Theorem 3.4. Note that if p is a prime
ideal in K, then p = p1 . . . pr , where p1 , . . . , pr are maximal, and hence prime, ideals in K. Uniqueness
of factorization then gives r = 1 and p = p1 is maximal.
Our proof of Theorem 3.5 is based on the following generalization of Gauss’s lemma given in
Theorem 1.6.
Theorem 3.8. Suppose that p(t) = αp tp + . . . + α0 and q(t) = βq tq + . . . + β0 are polynomials such
that αp βq '= 0 and all coefficients are algebraic integers, and that r(t) = p(t)q(t) = γr tr + . . . + γ0 . If
δ is an algebraic integer such that γk /δ is an algebraic integer for every k = 0, . . . , r, then αi βj /δ is
also an algebraic integer for every i = 0, . . . , p and j = 0, . . . , q.
To establish this generalization, we need the following intermediate result.
28 3. IDEAL THEORY

Theorem 3.9. Suppose that f (t) = δm tm + . . . + δ0 is a polynomial such that δm '= 0 and all
coefficients are algebraic integers.
(i) If f (ρ) = 0, then every coefficient of the polynomial f (t)/(t − ρ) is an algebraic integer.
(ii) If f (t) = δm (t − ρ1 ) . . . (t − ρm ), then for every k = 1, . . . , m, δm ρ1 . . . ρk is an algebraic
integer.
Proof. (i) Clearly δm ρ is an algebraic integer by Theorem 2.18 – why? The result is obvious
in the case m = 1, so suppose that it is true for all polynomials of degree less than m. Now
g(t) = f (t) − δm tm−1 (t − ρ) is of degree less than m, and g(ρ) = 0. By the induction hypothesis,
g(t) f (t)
= − δm tm−1
t−ρ t−ρ
is a polynomial all of whose coefficients are algebraic integers. Clearly this is also the case for
f (t)/(t − ρ).
(ii) This follows by repeated application of part (i). )
Proof of Theorem 3.8. Let us suppose that
p(t) = αp (t − ν1 ) . . . (t − νp ) and q(t) = βq (t − ω1 ) . . . (t − ωq ).
Then the coefficients of the polynomial
r(t) αp βq
= (t − ν1 ) . . . (t − νp )(t − ω1 ) . . . (t − ωq )
δ δ
are algebraic integers, and so by Theorem 3.9(ii), every product of the form
αp βq
(3.4) νm1 . . . νmi ωn1 . . . ωnj
δ
is an algebraic integer. On the other hand, αi /αp and βj /βq are elementary symmetric functions in
ν1 , ldots, νp and in ω1 , . . . , ωq respectively. It follows that
αi βj αp βq αi βj
=
δ δ αp βq
is a sum of terms of the form (3.4), hence an algebraic integer. )
(1) (n)
Proof of Theorem 3.5. Let a = %α1 , . . . , αs &. For each j = 1, . . . , s, let αj , . . . , αj denote
(1) (i) (i)
the K-conjugates of αj with αj = αj . For each i = 1, . . . , n, let fi (t) = α1 t + . . . + αs ts , and write
!
F (t) = f1 (t) . . . fn (t) = ck tk .
k
(i)
Now each coefficient ck is a sum of products of algebraic integers αj , symmetric with respect to
permutation of the variable i. Application of Theorem 1.8 shows that each ck is a rational integer.
Furthermore, F (t) = f1 (t)h(t), where h(t) = f2 (t) . . . fn (t) has coefficients which are algebraic integers
in K. Suppose that h(t) = β1 t + . . . + βm tm . Now let a be the greatest common divisor of all the ck ,
and let b = %β1 , . . . , βm &. We show that ab = %a&. By Theorem 3.8, αi βj /a is an algebraic integer for
every i = 1, . . . , s and j = 1, . . . , m. Since ab = %α1 β1 , . . . , αi βj , . . . , αs βm &, we must have ab ⊆ %a&.
To show that %a& ⊆ ab, note that there exist rational integers xk such that
!
a= xk ck .
k
Now each ck is of the form
!
λijk αi βj ,
i,j

where λijk ∈ {0, 1}. Hence a is of the form

& '
! !
xk λijk αi βj ,
i,j k

so that a ∈ ab. The result follows. )

 3.4. THE MODERN PROOF OF THE UNIQUE FACTORIZATION THEOREM 29

3.4. The Modern Proof of the Unique Factorization Theorem

We proceed in a sequence of steps.
Theorem 3.10. Suppose that a is an ideal in an algebraic number field K such that whenever
β, γ ∈ O and βγ ∈ a, we have β ∈ a or γ ∈ a. Then a is maximal in K.
Proof. Let b be an ideal in K such that a ! b. We must show that b = O. To do this, it is
sufficient to show that 1 ∈ b. Recall Theorem 3.2(iii), that a contains a positive rational integer a.
Then, as in the proof of Theorem 3.2(ii), every element of O can be written in the form aγ + β, where
γ ∈ O and β ∈ B, where B is a finite set. Let α ∈ b such that α '∈ a. Then for every j ∈ N, we have
αj = aγj + βj ,
where γj ∈ O and βj ∈ B. Hence αj − aγj ∈ B, and can only have finitely many different values. It
follows that there exist k, + ∈ N such that k > + and
αk − aγk = α" − aγ" .
Note that α" (αk−" − 1) = αk − α" = a(γk − γ" ) ∈ a, so that by the hypothesis on a, either α" ∈ a or
αk−" − 1 ∈ a. Clearly α" '∈ a, for otherwise α ∈ a. Hence αk−" − 1 ∈ a ⊂ b. Since α ∈ b, we conclude
that αk−" ∈ b, and so 1 ∈ b. )
Theorem 3.11. Suppose that a is an ideal in an algebraic number field K such that a '= %0& and
a '= O. Then there exist maximal ideals p1 , . . . , pr in K such that p1 . . . pr ⊆ a and a ⊆ pi for every
i = 1, . . . , r.
Proof. If a is maximal, then there is nothing to prove. If a is not maximal, then it follows from
Theorem 3.10 that there exist β, γ ∈ O such that β '∈ a, γ '∈ a and βγ ∈ a. If a = %α1 , . . . , αs &,
let b = %α1 , . . . , αs , β& and c = %α1 , . . . , αs , γ&. Then a ⊆ b, a ⊆ c and bc ⊆ a. We now repeat this
procedure with b and c. By Theorem 3.2, a has only a finite number of divisors, and so is contained
in at most a finite number of ideals in K. Our procedure must therefore end, so that we end up with
maximal ideals. )
For an algebraic number field K with ring of integers O, and for every ideal a of K, we define
a−1 = {γ ∈ K : γa ⊆ O}.
Theorem 3.12. Suppose that p is a maximal ideal in an algebraic number field K. Then p−1
contains a number which is not an algebraic integer.
Proof. Let α ∈ p, with α '= 0. By Theorem 3.11, we can choose a minimal natural number r
subject to the existence of maximal ideals p1 , . . . , pr in K such that p1 . . . pr ⊆ %α& ⊆ p. Now p is
prime by Theorem 3.3, so that pi ⊆ p for some i = 1, . . . , r. Without loss of generality, assume that
p1 ⊆ p. Since p1 is maximal, we must have p1 = p. By the minimality of r, we have p2 . . . pr '⊆ %α&.
It follows that there exists β ∈ p2 . . . pr \ %α&. But βp ⊆ %α&, so that βα−1 p ⊆ O and so βα−1 ∈ p−1 .
Since β '∈ %α&, we must have βα−1 '∈ O. )
Let A and B be sets. By the product AB, we mean the set of all finite sums of products αβ, where
α ∈ A and β ∈ B. Note that this coincides with the definition of the product of two ideals in an
algebraic number field.
Theorem 3.13. Suppose that p is a maximal ideal in an algebraic number field K. Then pp−1 = O.
Proof. Let a = pp−1 . Then a is an ideal in K – why? Since 1 ∈ p−1 , we have p ⊆ a ⊆ O.
Since p is maximal in K, we must have a = O or a = p. Suppose on the contrary that a = p. Let
{ω1 , . . . , ωn } be a Z-basis for p, and let α ∈ p−1 such that α '∈ O, in view of Theorem 3.12. Clearly for
each i = 1, . . . , n, the product αωi ∈ a = p, so that αωi = ai1 ω1 + . . . + ain ωn , where ai1 , . . . , ain ∈ Z.
Then the system of simultaneous linear equations
(a11 − α)t1 + a12 t2 + . . . + a1n tn = 0,
a21 t1 + (a22 − α)t2 + . . . + a2n tn = 0,
..
.
an1 t1 + an2 t2 + . . . + (ann − α)tn = 0,
30 3. IDEAL THEORY

has a non-trivial solution (ω1 , . . . , ωn ), so that the determinant

( (
( a11 − α a12 ... a1n(
( (
( a21 a −α ... a2n(
( 22 (
( .. .. ..( = 0.
( . . .(
( (
( an1 an2 . . . ann − α (
It follows that α satisfies a monic polynomial equation with integral coefficients, and so is an algebraic
integer. This is a contradiction. Hence we must have a = O, and this completes the proof. )
Proof of Theorem 3.4. Let a be an ideal in an algebraic number field K such that a '= %0& and
a '= O.
We first of all show that a can be written as a product of maximal ideals. By Theorem 3.11, there
exist maximal ideals p1 , . . . pr in K, with minimal r, such that p1 . . . pr ⊆ a and a ⊆ pi for every
i = 1, . . . , r. We now proceed by induction on r. If r = 1, then a = p1 and the proof is complete.
Suppose now that every ideal in K that satisfies Theorem 3.11 with fewer than r maximal ideals
is a product of maximal ideals. Since p1 . . . pr ⊆ a, we have p1 . . . pr−1 ⊆ ap−1 r by Theorem 3.13.
Since a ⊆ pr , it is not difficult to see that ap−1 r is an ideal in K. By the induction hypothesis, we
have ap−1r = q 1 . . . q k , where q 1 , . . . , q k are maximal ideals in K. By Theorem 3.13 again, we have
a = q1 . . . qk pr , and the result follows.
The uniqueness of factorization is now established in precisely the same way as in Section 3.3,
noting that every maximal ideal in K is prime. )

3.5. Consequences of the Unique Factorization Theorem

Suppose that a and b are two ideals in an algebraic number field K. Then an ideal g in K is said
to be a greatest common divisor of a and b if
(i) g | a and g | b; and
(ii) if g# is an ideal in K such that g# | a and g# | b, then g# | g.
In view of the result below, we write g = (a, b).
Theorem 3.14. Suppose that a and b are two ideals in an algebraic number field K and not both
zero. Then (a, b) exists and is unique.
Proof. Suppose that a = %α1 , . . . , αr & and b = %β1 , . . . , βs &. Let us write
g = %α1 , . . . , αr , β1 , . . . , βs &.
We claim that g = (a, b). Clearly we have a ⊆ g and b ⊆ g, so that g | a and g | b by Theorem 3.6(ii).
Suppose now that g# is an ideal in K such that g# | a and g# | b. Then a ⊆ g# and b ⊆ g# by
Theorem 3.2(i), so that g ⊆ g# , whence g# | g by Theorem 3.6(ii). )
Recall that any ideal in an algebraic number field can be generated by a finite number of elements,
for instance, those in a Z-basis. We now show that, in fact, two generators will suffice.
Theorem 3.15. Suppose that K is an algebraic number field. Suppose further that a is a non-zero
ideal in K, and that 0 '= β ∈ a. Then there exists α ∈ a such that a = %α, β&.
We deduce this from the following intermediate result.
Theorem 3.16. Suppose that a and b are non-zero ideals in an algebraic number field K, with ring
of integers O. Then there exists α ∈ a such that (%α&a−1 , b) = O.
Note that if α ∈ a, then %α& ⊆ a, so that a | %α&. It follows that %α&a−1 is the ideal x satisfying
ax = %α&.
Proof of Theorem 3.15. Let b = %β&a−1 . By Theorem 3.16, there exists α ∈ a such that
(%α&a−1 , %β&a−1 ) = O. Let c and d be ideals in K such that %α& = ac and %β& = ad. Then (c, d) = O,
so that (%α&, %β&) = a. This gives %α, β& = a – see the proof of Theorem 3.14. )
Proof of Theorem 3.16. Let p1 , . . . , pr be the distinct prime ideals dividing b. Since every
prime ideal that divides b must also divide at least one of p1 , . . . , pr , it is sufficient to choose α ∈ a
such that (αa−1 , pi ) = O for every i = 1, . . . , r. Since each pi is prime in K, it is also maximal in K.
 3.5. CONSEQUENCES OF THE UNIQUE FACTORIZATION THEOREM 31

Hence it suffices to choose α ∈ a such that αa−1 '= pi for every i = 1, . . . , r. In other words, it suffices
to choose α ∈ a \ api for every i = 1, . . . , r. For r = 1, this is trivial, for ap1 ! a by uniqueness of
factorization. Suppose now that r > 1. For every i = 1, . . . , r, let
ai = ap1 . . . pi−1 pi+1 . . . pr .
Again ai pi ! ai , so that there exists αi ∈ ai \ ai pi for every i = 1, . . . , r. Clearly αi ∈ a for every
i = 1, . . . , r, so that α = α1 + . . . + αr ∈ a. On the other hand, for every i = 1, . . . , r, we have α '∈ api ,
for otherwise, noting that αj ∈ aj ⊆ api for every j '= i, we would have
αi = α − α1 − . . . − αi−1 − αi+1 − . . . − αr ∈ api ,
a contradiction. )
We round off this section by establishing a result on the relationship between factorization of
elements and factorization of ideals.
Theorem 3.17. Suppose that K is an algebraic number field, with ring of integers O. Then
factorization of elements of O into primes is unique to within order and units if and only if every
ideal in K is principal.
We need the following intermediate result.
Theorem 3.18. Suppose that K is an algebraic number field, with ring of integers O. Suppose
further that γ is a prime in O.
(i) If every ideal in K is principal, then %γ& is prime.
(ii) If factorization of elements of O into primes is unique to within order and units, then %γ&
is prime.
Proof. (i) Suppose that %γ& = b1 b2 , where b1 and b2 are ideals in K. Since b1 and b2 are both
principal, there exist β1 , β2 ∈ O such that b1 = %β1 & and b2 = %β2 &. Then %β1 β2 & = %γ&, so that β1 β2
and γ are associates. Hence one of β1 or β2 is a unit, so that b1 = O or b2 = O.
(ii) We first of all show that if γ | αβ, then γ | α or γ | β. If γ | αβ, then there exists δ ∈ O
such that γδ = αβ. We now factorize each of α, β and δ into a product of primes. Uniqueness of
factorization then gives the conclusion that the representation of αβ as a product of primes contains
an associate of γ. This must have come from the factorization of α or that of β, establishing our
claim. To show that %γ& is prime, suppose that a and b are ideals in K such that ab ⊆ %γ& and
a '⊂ %γ&. We must then show that b ⊆ %γ&. Since a '⊂ %γ&, there exists α1 ∈ a such that α1 '∈ %γ&, so
that γ " α1 . By Theorem 3.15, we have a = %α1 , α2 & for some α2 ∈ a. Let b = %β1 , . . . , βs &. Then
ab = %α1 β1 , . . . , α1 βs , α2 β1 , . . . , α2 βs & ⊆ %γ&.
It follows that γ | α1 βj and thus γ | βj for every j = 1, . . . , s. Hence b ⊆ %γ&. )
Proof of Theorem 3.17. (⇐) Assume first of all that every ideal in K is principal. Suppose
that α is an element of O, not zero or a unit, and has factorization in primes
α = γ1 . . . γr = δ1 . . . δs .
In view of Theorem 3.18(i), this gives rise to a factorization of %α& into prime ideals
%α& = %γ1 & . . . %γr & = %δ1 & . . . %δs &.
Uniqueness of factorization of ideals gives r = s and, after a suitable rearrangement, %γi & = %δi & for
every i = 1, . . . , r. Hence the primes γi and δi are associates for every i = 1, . . . , r.
(⇒) Suppose now that factorization of elements in O into primes is unique to within order and
units. To prove that every ideal in K is principal, it clearly suffices to prove that every prime ideal
in K is principal. Let p be a prime ideal in K. By Theorem 3.2(iii), there exists a non-zero rational
integer N ∈ p. Let N = γ1 . . . γs , where γ1 , . . . , γs are primes in O. Then %N & = %γ1 & . . . %γs & ⊆ p. It
follows that p | %γ& for some γ in O. By Theorem 3.18(ii), the ideal %γ& is prime. It follows from the
uniqueness of factorization of ideals that p = %γ&, so that p is principal. )
32 3. IDEAL THEORY

3.6. Norm of an Ideal

Throughout this section, K is an algebraic number field, with ring of integers O, and a is an ideal
in K.
We say that two numbers α, β ∈ O are congruent modulo a, written α ≡ β mod a, if α − β ∈ a. It
is not difficult to show that congruence modulo a is an equivalence relation on O. The equivalence
classes that arise are called residue classes modulo a.
Theorem 3.19. Suppose that a is a non-zero ideal in an algebraic number field K. Then the
number of distinct residue classes modulo a is finite.
Proof. We use ideas in the proof of Theorem 3.2. Let a ∈ a be a non-zero rational integer. Since
%a& ⊆ a, it follows that for every µ, ν ∈ O that satisfy µ ≡ ν mod %a&, we must have µ ≡ ν mod a.
Hence the number of distinct residue classes modulo a cannot exceed the number of distinct residue
classes modulo %a&. On the other hand, every α ∈ O can be written in the form α = aγ + β, where
γ ∈ O and β ∈ B, where B is a finite set. It follows that the number of distinct residue classes
modulo %a& is finite. )
By the norm of an ideal a in an algebraic number field K, denoted by N (a), we mean the number
of distinct residue classes modulo a. Note that if O is the ring of integers in K, then N (a) = |O/a|.
By a complete set of residues modulo a, we mean a set of N (a) elements in O which are pairwise
incongruent modulo a, so that every element in O is congruent to precisely one of these modulo a.
Theorem 3.20. Suppose that a is a non-zero ideal in an algebraic number field K, and that
{α1 , . . . , αn } is a Z-basis for a. Then
( (1
( ∆[α1 , . . . , αn ] ( 2
(
N (a) = ( ( ,
∆ (

where ∆ is the discriminant of K, i.e. the discriminat of any integral basis of the ring of integers O.
To establish Theorem 3.20, we first of all exhibit the existence of a Z-basis for a of a particular
kind.
Theorem 3.21. Suppose that {ω1 , . . . , ωn } is an integral basis for the ring of integers O of an
algebraic number field K. Then every non-zero ideal a of K has a Z-basis {α1 , . . . , αn } of the form
α1 = a11 ω1 ,
α2 = a21 ω1 + a22 ω2 ,
..
.
αn = an1 ω1 + an2 ω2 + . . . + ann ωn ,
where the coefficients aij ∈ Z and aii > 0 for every i = 1, . . . , n.
Proof. Clearly aωi ∈ a for every non-zero rational integer a ∈ a and every i = 1, . . . , n. Let an
integer m satisfying 1 ! m ! n be fixed. Clearly the set
(3.5) {a1 ω1 + . . . + am ωm ∈ a : a1 , . . . , am ∈ Z, am > 0}
is non-empty, since a contains a non-zero rational integer a, and so aωm and −aωm are in a. Let αm
be the element in the set (3.5) with minimal am , and write
αm = am1 ω1 + . . . + amm ωm .
We claim that the set {α1 , . . . , αn } has the required properties. Note, first of all, that {α1 , . . . , αn }
is a basis for K, since the determinant
( (
( a11 (
( (
( a21 a22 (
( (
( .. .. . . ( '= 0.
( .
( . . (
(
( an1 an2 . . . ann (
 3.6. NORM OF AN IDEAL 33

We now show that {α1 , . . . , αn } is a Z-basis for a. Let α ∈ a. Then there exists b1 , . . . , bn ∈ Z such
that α = b1 ω1 + . . . + bn ωn . Consider the number bn . There exist integers hn and rn such that
bn = ann hn + rn and 0 ! rn < ann . Then there exist b#1 , . . . , b#n−1 ∈ Z such that
α − hn αn = b#1 ω1 + . . . + b#n−1 ωn−1 + rn ωn ∈ a.
If rn > 0, then rn < ann contradicts the minimality of ann . It follows that rn = 0, and so
α − hn αn = b#1 ω1 + . . . + b#n−1 ωn−1 .
Repeating this procedure, we conclude that there exist hn−1 , b##1 , . . . , b##n−2 ∈ Z such that
α − hn αn − hn−1 αn−1 = b##1 ω1 + . . . + b##n−2 ωn−2 .
And so on. After finitely many repetitions of this procedure, we conclude that α can be expressed as
a linear combination of α1 , . . . , αn with rational integer coefficients. This expression is unique, since
{α1 , . . . , αn } is a basis for K. )
Proof of Theorem 3.20. Note that a consequence of the proof of Theorem 3.1 is that the
discriminant of any Z-basis for a is the same, so that we may take {α1 , . . . , αn } to be defined in
Theorem 3.21. Then by Theorem 2.19,
( (2
( a11 (
( (
( a21 a22 (
( (
∆[α1 , . . . , αn ] = ( . .. .. ( ∆[ω1 , . . . , ωn ],
( .. . . (
( (
( an1 an2 . . . ann (

so that ∆[α1 , . . . , αn ] = (a11 . . . ann )2 ∆. To complete the proof, it is therefore sufficient to show that
N (a) = a11 . . . ann ; in other words, that the number of distinct residue classes modulo a is a11 . . . ann .
We achieve this by showing that the numbers r1 ω1 + . . . + rn ωn , where ri ∈ Z and 0 ! ri < aii for
every i = 1, . . . , n, form a complete set of residues modulo a. We therefore need to show that (i) they
are pairwise incongruent modulo a; and (ii) every element in O is congruent to one of these numbers
modulo a.
(i) Suppose that
r1# ω1 + . . . + rn# ωn ≡ r1## ω1 + . . . + rn## ωn mod a,
where 0 ! ri# , ri## < aii for every i = 1, . . . , n. Then
(r1# − r1## )ω1 + . . . + (rn# − rn## )ωn ∈ a.
We may assume, without loss of generality, that rn# " rn## . Then 0 ! rn# − rn## < ann , and so rn# = rn##
in view of the minimality of ann . Thus
(r1# − r1## )ω1 + . . . + (rn−1
# ##
− rn−1 )ωn−1 ∈ a.
Repetition of this argument gives ri# = ri## for every i = 1, . . . , n.
(ii) Every number α ∈ O is of the form α = b1 ω1 + . . . + bn ωn , where the coefficients b1 , . . . , bn ∈ Z.
Let bn = ann hn + rn , where hn , rn ∈ Z and 0 ! rn < ann . Then there exist b#1 , . . . , b#n−1 ∈ Z such
that
α − hn αn = b#1 ω1 + . . . + b#n−1 ωn−1 + rn ωn .
Repeating this procedure, we conclude that there exist h1 , . . . , hn ∈ Z such that
α − hn αn − . . . − h1 α1 = r1 ω1 + . . . + rn ωn ,
where 0 ! ri < aii for every i = 1, . . . , n. Clearly α ≡ r1 ω1 + . . . + rn ωn mod a. )
It is now easy to deduce the following result.
Theorem 3.22. Suppose that K is an algebraic number field, and that the ideal a = %α& '= %0& is
principal in K. Then N (a) = |N (α)|.
34 3. IDEAL THEORY

Proof. Let {ω1 , . . . , ωn } be a Z-basis for O. Then clearly {αω1 , . . . , αωn } is a Z-basis for a = %α&.
By Theorem 3.20,
( (1 ( (
( ∆[αω1 , . . . , αωn ] ( 2 ( |(α(i) ω (i) )| (
( j (
N (a) = (( ( =( ( = |α(1) . . . α(n) |
∆[ω1 , . . . , ωn ] ( ( |(ω (i) )| (
j

as required. )
A useful property of the norm is the following.
Theorem 3.23. Suppose that a and b are non-zero ideals in an algebraic number field K. Then
N (ab) = N (a)N (b).
To establish this, we need the following result on congruences.
Theorem 3.24. Suppose that a is a non-zero ideal in an algebraic number field K, and α, β ∈ O,
the ring of integers in K.
(i) Suppose further that (%α&, a) = O. Then the congruence αξ ≡ β mod a has a solution ξ ∈ O
which is unique modulo a.
(ii) Suppose further that (%α&, a) = d. Then the congruence αξ ≡ β mod a has a solution ξ ∈ O
if and only if β ∈ d. If there is a solution, then it is unique modulo d−1 a.
Proof. (i) Let {ξ1 , . . . , ξN (a) } be a complete set of residues modulo a. Since (%α&, a) = O, the set
{αξ1 , . . . , αξN (a) } is also a complete set of residues modulo a. To see this, note that if αξi ≡ αξj mod a,
then α(ξi − ξj ) ∈ a, so that a | %α&%ξi − ξj &. The condition (%α&, a) = O then ensures that a | %ξi − ξj &,
so that ξi − ξj ∈ a, whence ξi ≡ ξj mod a. From the set {αξ1 , . . . , αξN (a) }, clearly precisely one
element is congruent to β modulo a.
(ii) Suppose first of all that αξ ≡ β mod a. Then αξ − β ∈ a ⊆ d. Since d = (%α&, a), we must
have d | %α&, so that α ∈ d, and so αξ ∈ d, whence β ∈ d. Next, suppose that β ∈ d. Recall that
d = %α, α1 , . . . , αs &, where %α1 , . . . , αs & = a. It follows that there exists αξ ∈ %α& and λ ∈ a such
that β = αξ + λ. Clearly we have αξ ≡ β mod a. Finally suppose that αξ # ≡ αξ ## ≡ β mod a. Then
a | %α&%ξ # − ξ ## &. If a = da1 and %α& = da2 , where a1 and a2 are ideals in K, then a1 | a2 %ξ # − ξ ## &.
Since (a1 , a2 ) = O, we must have a1 | %ξ # − ξ ## &, and so ξ # ≡ ξ ## mod a1 . )
Proof of Theorem 3.23. By Theorem 3.16, there exists γ ∈ a such that (%γ&a−1 , b) = O, so
that (%γ&, ab) = a. Let {α1 , . . . , αN (a) } and {β1 , . . . , βN (b) } be complete sets of residues modulo a
and b respectively. We claim that the numbers αi + γβj , where i = 1, . . . , N (a) and j = 1, . . . , N (b),
form a complete set of residues modulo ab. We therefore have to show that (i) these numbers are
pairwise incongruent modulo ab; and (ii) every integer in K is congruent to one of these numbers
modulo ab. The proof will then be complete since a complete set of residues modulo ab has precisely
N (ab) elements.
(i) Let α# , α## ∈ {α1 , . . . , αN (a) } and β # , β ## ∈ {β1 , . . . , βN (b) }. Suppose that
α# + γβ # ≡ α## + γβ ## mod ab.
Then clearly α# + γβ # ≡ α## + γβ ## mod a. Since γ ∈ a, we must have α# ≡ α## mod a, and so α# = α## .
Then γβ # ≡ γβ ## mod ab, so that ab | %γ&%β # − β ## &. Write %γ& = ac. Then b | c%β # − β ## &. Since
(c, b) = O, it follows that b | %β # − β ## &, and so β # ≡ β ## mod b, whence β # = β ## .
(ii) Let α be an integer in K. Choose αi ≡ α mod a. Then the congruence γξ ≡ α − αi mod ab
has a solution ξ by Theorem 3.24(ii). Moreover, ξ can be chosen uniquely modulo a−1 ab, so that ξ
is one of the βj . Clearly α ≡ αi + γβ + j mod ab. )
We complete this chapter by making a few simple deductions from earlier results.
Theorem 3.25. Suppose that K is an algebraic number field.
(i) If a is an ideal in K and N (a) is prime, then a is a prime ideal.
(ii) If a is a non-zero ideal in K, then N (a) ∈ a.
(iii) There are only a finite number of ideals in K of a given norm.
(iv) If a is a prime ideal in K, then a contains exactly one rational prime p, and N (a) = pm for
some natural number m ! n = [K : Q].
 3.6. NORM OF AN IDEAL 35

Proof. (i) This is obvious from Theorem 3.23.

(ii) If {α1 , . . . , αN (a) } is a complete set of residues modulo a, then so is the set {α1 +1, . . . , αN (a) +1}.
Then
α1 + . . . + αN (a) ≡ (α1 + 1) + . . . + (αN (a) + 1) mod a.
The result follows immediately.
(iii) Note that the norm is a non-zero rational integer and quote Theorem 3.2(ii).
(iv) Note that N (a) '= 1, since a '= O. It follows that N (a) = pm1 . . . pr , where p1 , . . . , pr are
1 mr

rational primes and m1 , . . . , mr ∈ N. Since N (a) ∈ a, we have a | %p1 & . . . %pr &mr . We therefore
m1

conclude that a | %p& for some rational prime p. Suppose now that p# and p## are distinct rational
primes and p# , p## ∈ a. Since there exists rational integers u and v such that 1 = up# + vp## ∈ a, it
follows that a = O, a contradiction. Hence a contains precisely one rational prime p. Since %p& ⊆ a,
we must have N (a) | N (%p&) = pn , and the last assertion follows. )