144 Normat 59:3-4, 144–177 (2011)

Galois groups and number theory

Juliusz Brzeziński

Mathematical Sciences
University of Gothenburg and Chalmers University of Technology
S–41296 Göteborg, Sweden
[email protected]

1 Introduction

Galois theory grew up as a theory of solving polynomial equations. Solutions of

polynomial equations, especially equations with integer or rational coefficients, de-
fine different interesting sets of numbers whose investigation has always been of
great interest in mathematics. One purpose of this article is to show how Galois
groups are related to number theory. In fact, Galois groups are defined by the zeros
of polynomial equations and can be used in many different ways for solving deep
problems related to numbers. Galois groups are present in many parts of mathe-
matics and even if their role in the original theory of equations belongs to great
achievements of 19th century, their role in mathematics is extremely active and
central. The other purpose of this article is to convince the Reader about impor-
tance of Galois groups in solving many of the old and new problems in number
theory.
The first three sections contain a number of introductory notions concerning in-
tegers in algebraic number fields and Galois groups. Then we explain some fun-
damental results of class field theory which counts as the biggest achievement of
mathematics in the beginning of 20th century and shows a close relation between
Galois groups and arithmetic of algebraic number fields in the abelian case (field
extensions with abelian Galois groups). Different attempts to generalize class field
theory to the non-abelian field extensions led after a half century to what is known
as the Langlands Program formulated around 1970. The evidence of the conjec-
tures formulated by Robert Langlands was amazingly limited when his program
was created (like a reconstruction of a dinosaur given a few of his bones). Nev-
ertheless, the foresightedness of Langlands ideas has already led to a long series
of results which strongly support his program. Through possible generalizations
of some central theorems of class field theory, like the Kronecker-Weber Theorem,
we touch one of the Langlands conjectures and show how the proof of Fermat’s
Last Theorem given by Andrew Wiles can be considered as a confirmation of the
Langlands Program.
Normat 3-4/2011 Juliusz Brzeziński 145

2 Why extend the integers?

Number theory is one the oldest branches of mathematics primarily interested
in the properties of integers and rational numbers, but as a direct consequence
of this, it is also interested in properties of all other numbers and mathematical
object, which appear in different ways when questions concerning the integers and
rational numbers are studied. This is closely related to the fact that when a possible
solution of a problem concerning, for example, the integers is considered, a method
to handle it may be to extend the integers to a bigger set of numbers. Let us look
at some examples.
An old question concerning existence of the Pythagorean triangles, that is, the
triples of positive integers (x, y, z) solving the equation x2 + y 2 = z 2 , may be
transformed to a question about the existence of complex numbers x + yi such that

(x + yi)(x − yi) = z 2 .

If in such a triple, the integers x, y have only 1 as a common divisor (that is, are
relatively prime) and are of different parity (which is the case when all x, y, z have
no a common divisor > 1), then it is possible to check that x + yi, x − yi considered
as elements of the bigger ring Z[i] of the Gaussian integers a + bi, where a, b ∈ Z,
also have only 1 as a common divisor (up to the “sign” which here can be ±1 as
well as ±i). Assuming ”naively” that in Z[i], like in the integers Z, a product of
two relatively prime numbers is a square only if both factors are squares, we get
that it must exist two integers m, n such that

x + yi = (m + ni)2 .

This gives x = m2 − n2 , y = 2mn, z = m2 + n2 . If we assume that m > n and m, n

are relatively prime of different parities, we get in fact all Pythagorean triples and
each triple only once. The “only” not motivated assumption is that the Gaussian
integers behave like the integers and have unique factorization in “prime” factors.
We return to the Gaussian primes in a moment, but let us note that we really have
a unique factorization of Gaussian integers as products of the Gaussian primes and
the above method of solving the Pythagorean equation is correct (even if it could
be more formalized and in fact, could be replaced by many other arguments leading
to the same answer).
Not so strange that other similar problems were treated in a similar way. If we
want to find all positive integer triples such that x3 + y 3 = z 3 , then we can also
try to factorize:

z 3 − y 3 = (z − y)(z − εy)(z − ε2 y) = x3 ,

2πi
√
where ε = e 3 = −1+2 −3 (we have ε3 = 1 and ε 6= 1). The last factorization can
be considered as a product in the ring Z[ε] of so called Eisenstein integers. It is
also a ring with unique factorization into primes of this ring. It is well known that
146 Juliusz Brzeziński Normat 3-4/2011

there are no positive integers solving this famous Fermat’s cubic equation. A very
beautiful proof of this fact is given in the book by Nagell [N] (Chap. VII, Sec. 64)
using just the arithmetic of the Eisenstein integers.
At early stages, the development of algebraic number theory was highly motivated
by the ideas to solve the general Fermat’s equation xn + y n = z n for n > 2 using
a similar technique, that is, factorizing the left hand side as a product of integers
2πi
in the ring Z[ε], where ε = e n (we have εn = 1 and εm 6= 1 for 1 ≤ m <
n). The method is really fruitful for very small n, and at the beginning of 19th
century some general “proofs” were presented in which the property of the unique
factorization was attributed to the ring Z[ε] for every n (sometimes by well-known
mathematicians). Unfortunately, this is not the case and very soon mathematicians
recognized that it is necessary to use much deeper properties of similar rings trying
to study the Fermat equations or many other similar problems in number theory.
This leads us to the general theory of algebraic numbers and the Galois groups of
the algebraic number fields.

3 Algebraic numbers and Galois groups

The general situation can be described in the following way. We start with the ring
of integers Z and its field of quotients Q – the field of rational numbers. As in the
case of Pythagorean triples or the solutions of Fermat’s equation, we want to study
bigger sets of numbers like Z[i] or Z[ε]. This means that we move to a number
field L ⊃ Q, which is defined by solutions of a polynomial equation. In the case of
Pythagorean triples, it is the field Q(i) or in general for Fermat’s equations, these
2πi
are the fields Q(ε), where ε = e n , that is, the fields containing all solutions of
xn − 1 = 0 for n = 2, 3, . . ..
In general, algebraic number theory is interested in studying the algebraic num-
bers. Those are solutions of polynomial equations with rational coefficients. All
such solutions form a subfield Q of the complex numbers and algebraic number
fields are exactly its subfields L whose dimension as vector spaces over the rational
numbers is finite1 .
In the field Q, we are interested in algebraic integers. Those are the numbers
α ∈ Q such that α satisfies an equation with integer coefficients and the highest
coefficient equal to 1. The integers form a subring of Q, which will be denoted by
Z. If L is a field of algebraic numbers, then the integers in it form the ring Z ∩ L,
which will be denoted by OL .
Usually, we start with an algebraic number field K ⊂ Q instead of Q, and consider
polynomials f (x) with coefficients in K. Using the solutions α1 , α2 , . . . , αn of the
equation f (x) = 0 in Q, we consider the least subfield L = Kf of Q containing K
and all these solutions. Thus L = Kf = K(α1 , . . . , αn ) ⊂ Q (by K(α) we denote
the least subfield of Q containing both K and α ∈ Q). It is clear that the same
field L may be defined by many different polynomials f .
1 Using the term algebraic number field, we shall always mean a number field of finite dimension
over the rational numbers.
Normat 3-4/2011 Juliusz Brzeziński 147

The fields L = Kf defined by polynomials f (x) ∈ K[x] are particulary important

and play very central role in algebraic number theory. They are exactly the (finite)
Galois extensions of the field K. In general, if K is an algebraic number field, then
its (finite) Galois extensions are the fields L such that L = Kf = K(α1 , . . . , αn ),
where α1 , . . . , αn are all solutions of an equation f (x) = 0, where f (x) is a polyno-
mial of degree n with coefficients in K. We say that L is a splitting field of f (x)
over K. The Galois group G(L/K) is the group consisting of all automorphisms of
L over K, that is, bijective functions σ : L → L such that σ(α + β) = σ(α) + σ(β),
σ(αβ) = σ(α)σ(β) for α, β ∈ L and σ(a) = a for a ∈ K. The Galois exten-
sions K ⊆ L are characterized by the property that the order of the Galois group
G(L/K), that is, the number of automorphisms of L over K equals the dimension
of L as a vector space over K. In the sequel, we will not use this more general
context assuming that K = Q. Thus, a typical situation will be that we look at
finite field extensions K ⊇ Q.
All automorphisms σ : Q → Q form the Galois group G(Q/Q) of Q over Q and it
is not difficult to check that if K is a Galois extension of Q, then the restriction
of automorphisms σ ∈ G(Q/Q) to K gives a homomorphism G(Q/Q) → G(K/Q).
Let’s look at some specific examples.

Example 1 (a) In case of the Pythagorean triples (the Fermat equation of degree
2), we extended Q by the solutions α1 = i, α2 = −i of f (x) = x2 +1 = 0. In this case,
we have K = Qf = Q(i, −i) = Q(i). This field consists of all numbers a + bi, where
a, b ∈ Q. The field K is of course a Galois extension of the rational numbers and
has degree 2 over Q (quadratic extension). The Galois group G(K/Q) consists of
two elements – the identity and the complex conjugation, that is, σ(a + bi) = a − bi.
The integers in the field K = Qf are the numbers α, which satisfy equations of
degree at most 2 with integer coefficients and the highest coefficient 1. Thus, if
α = a + bi, where a, b ∈ Q is an integer in Q(i), then if it is not simply “the
old” integer a (which satisfies the equation x − a = 0), it satisfies the equation
x2 − 2ax + a2 + b2 = 0 with integer coefficients 2a and a2 + b2 . It is easy to check
that it implies that a, b must be rational integers. We get that the integers in Q(i)
are exactly the Gaussian integers a + bi, where a, b ∈ Z which form the ring Z[i].
(b) It is a little more difficult to find the integers in the field used for the studies
of the Fermat equation xn + y n = z n when n > 2. As we noted, in this case, we
2πi
take f (x) = xn − 1 = 0. If ε = εn = e n , then all solutions of f (x) = 0 are εk
for k = 1, . . . , n and K = Qf = Q(ε, ε2 , . . . , εn ) = Q(ε). The field K is of course a
Galois extension of the rational numbers, but it is not evident (even if intuitively
clear) that its degree over Q is ϕ(n) – the value of the Euler function at n. In fact,
the Galois group consists of the ϕ(n) automorphisms σk (ε) = εk , where k and n
are relatively prime (that is, εk must be a generator of the cyclic group of order
n generated by ε). Thus the Galois group G(Q(ε)/Q) is the group of residues k
modulo n relatively prime with n, that is, the group (Z/nZ)∗ . It is a little more
difficult to show that in this case, the integers OK = Z ∩ K form the ring Z[ε],
that is, every integer in Q(ε) has the form α = a0 + a1 ε + · · · + an−2 εn−2 , where
2πi
a0 , . . . , an−2 ∈ Z. The fields Q(ε), where ε = e n (n > 2) play an extremely
important role in number theory and are called cyclotomic fields (over Q).
148 Juliusz Brzeziński Normat 3-4/2011

(c) In general, it is not easy to describe the integers in the field Qf , when f (x) ∈ Z[x]
is given. The situation in the examples above √ shouldn’t mislead. An important
example in this text are quadratic fields Q( d), where d is square-free √
integer. The
integers in such a field are a + bω, where a, b ∈ Z and ω = ∆+2 ∆ , where ∆ = d
when d = 1 (mod 4) and ∆ =√4d when d = 2 or 3 (mod 4). The number ∆ is called
the discriminant of K = Q( d) (see the general definition of the discriminant in
section 6). 2

4 Factorization in rings of algebraic integers

When we extend the integers Z to a bigger ring of integers in an algebraic number

field K, then the central problem is what happens with the prime numbers. We
take a prime number p and consider it as an element in the ring of the integers
OK . One can ask whether it is possible to factorize p as a product of numbers in
OK and how such factorizations can be described. It appears that there are some
unexpected difficulties, since in general, the unique factorization property of the
integers can not be expected in rings of integers of algebraic number fields. Before
we look at some examples, let us start with a few general definitions.
Let K be an algebraic number field. In general, we say that a number β ∈ OK
divides a number α ∈ OK if there is γ ∈ OK such that α = βγ. The usual
notation is: β | α. A number of OK is a unit if its inverse is also in OK (for
example in Z the only units are ±1). We say that a nonzero number α ∈ OK is
irreducible if it is not a unit and when α = βγ, where β, γ ∈ OK , then β or γ
is a unit. We say that α 6= 0 has a nontrivial factorization if α = βγ, where
β, γ ∈ OK and both factors are not units. We can also define a prime in OK as a
non-unit which divides a product βγ if and only if it divides one of its factors β or
γ. If π is a prime, then επ, where ε is a unit, is also a prime. Two primes π and επ
are called associated. We say that a ring OK has unique factorization if every
nonzero number in OK , which is not a unit, can be written as a product of primes
(in OK ) uniquely up to the order of the factors and their associations.
Let us look at some examples. If K = Q(i), then OK = Z[i] is the ring of Gaussian
integers. It is well-known that this ring has unique factorization. We shall not prove
this fact but we look at some of its manifestations. We see that 2 = (1 + i)(1 − i),
5 = (1 + 2i)(1 − 2i), 13 = (2 + 3i)(2 − 3i) can be factorized. But is not difficult to
prove that 3, 7, 11 can not be represented in a similar way. In fact, if p is a prime
and p = (x + yi)(z + ti) where x, y, z, t are integers, then taking the square of the
absolute value, we get p2 = (x2 +y 2 )(z 2 +t2 ). Hence, either x2 +y 2 = z 2 +t2 = p and
then p = (x + yi)(x − yi) or one of the factors x2 + y 2 , z 2 + t2 is 1 and the other one
p2 . In the last case, one of the numbers x + yi, z + ti is ±1 or ±i. Thus the possible
representations of p as a product of two Gaussian integers, are up to a “sign”, that
is, up to a factor ±1, ±i, either p = (x + yi)(x − yi) (nontrivial factorization) or
p = p · 1 (trivial factorization). In the first case, we have p = x2 + y 2 , that is, p
is a sum of two integer squares. Thus p has a nontrivial factorization in Gaussian
integers if and only if p is a sum of two integer squares. But 3, 7, 11 are not sums
Normat 3-4/2011 Juliusz Brzeziński 149

of two integer squares, which one checks immediately. Hence 3, 7, 11 can not be
factorized in Z[i] in a nontrivial way.

Remark 1 As we see, the question concerning possibility to factorize prime num-

bers in Z[i] is closely related to an interesting mathematical problem. In fact, this
problem – which prime numbers can be written as sums of two integer squares
– was studied by Fermat who formulated the answer and Euler, who gave a first
documented proof of Fermat’s statement (for history of the problem see [C], pp.
8–12). The answer given by Fermat is:

Theorem 1 (Fermat) A prime number p is a sum of two integer squares if and

only if p = 2 or p = 1 (mod 4).

Fermat’s theorem and the considerations which precede the Remark show the fol-
lowing:

Corollary 1 A prime p has a nontrivial factorization in Gaussian integers if and

only if p = 2 or p = 1 (mod 4).

We prove Fermat’s theorem in the Appendix. 2

Let us look at another example, which shows that the problem of factorization is
somewhat delicate.
√ In the quadratic extension√ defined by f (x) = x2 + 5, that is, in
K = Qf = Q( −5), the integers are a+b√ −5, a, b ∈ Z (see the end of section 3). It
is easy to check that the only units of Z( −5) (the numbers which have the inverse
in this ring) are ±1 (they are the integer solutions of the equation x2 + 5y 2 = 1).
√ √
If a prime number p is reducible, then p = (x + y −5)(z + t −5) where x, y, z, t
2 2
are integers. Taking squares of the absolute values, we get √ p = (x √ +5y 2 )(z 2 +5t2 ).
Hence, either x +5y = z +5t = p and then p = (x+y −5)(x−y −5) = x2 +5y 2
2 2 2 2
2
or one of the factors x√ +5y 2 , z 2 +5t
√
2
is 1 and the other one p2 . In the last case, one
of the numbers
√ x + y −5, z + t −5 must be ±1. Thus √ the possible√ factorizations
of p in Z[ −5], are up to a sign, either p = (x + y −5)(x − y −5) = x2 + 5y 2
(nontrivial factorization) or p = p · 1 (trivial factorization). So for example the
primes 2 and 3 are irreducible, since they can not be written in the form x2 + 5y 2 .
But this is not “all the truth”. Consider the following equality:

√ √
(1) 9 = 3 · 3 = (2 + −5)(2 − −5).
√
It is easy to check that all the numbers 3, 2 ± −5 are irreducible. But they do
not have the√most important
√ property of primes, since for example 3 divides the
product (2+ −5)(2− −5), but of course, neither of its factors. The integer prime
3 remains irreducible, but looses the property which is fundamental in the proof of
the unique √factorization of integers into a product of primes. It is not a prime in
the ring Z[ −5]. Thus this ring does not have unique factorization. The number
9 can be written as a product of irreducible numbers in two essentially different
ways.
150 Juliusz Brzeziński Normat 3-4/2011

Remark 2 There are many rings of algebraic integers which have unique factor-
ization. It is not difficult to prove that in any ring of algebraic integers OK every
non-unit which is nonzero can be written as a product of irreducible numbers. If
only every irreducible number √ is prime, then the unique factorization holds. This
is true for the integers in Q( d) for d = −1, −2, −3, −7, −11, −19, −43, −67, −163
(and for no other negative square-free d) and there is a conjecture of Gauss saying
that it holds for infinitely many positive square-free d, but it is a longstanding
old (since more than 200 years) open question. Many other rings OK have unique
factorization, but the number of known such rings is so far finite. 2

The lack of unique factorization was a motivation for development of much more
subtle and very deep ideas during the 19th century very often in connection with
different attacks on the Fermat’s question concerning his equation. One of the
main contributors was Edward Kummer who solved Fermat’s problem for many
exponents n introducing a new notion of “ideal numbers”, which later in the works
of Richard Dedekind, received the new name “ideals”. They were “ideal” since they
rescued the unique factorization, but in somewhat different terms – not the terms
of “specific numbers” but rather some distinguished sets of numbers.
Dedekind looked at sums of multiples of fixed irreducible numbers. Later the notions
crystalized and an ideal in the ring OK was defined as all sums of multiples of
arbitrary fixed numbers. So if we fix α1 , . . . , αk ∈ OK , then an ideal is the set of
all sums r1 α1 + · · · + rk αk , where r1 , . . . , rk ∈ OK . We shall write I = hα1 , . . . , αk i.
Ideals with one generator, that is, ideals I = hαi (all multiples of α) are called
principal ideals. Notice that β ∈ hαi means that there is γ ∈ OK such that
β = αγ, which means that α divides β, denoted by α | β. Thus the equality
hαi = hβi means that α | β and β | α, which is equivalent to β = εα, where ε is a
unit in OK .
Ideals can be multiplied. If J = hβ1 , . . . , βl i, then IJ is defined as the ideal which
consists of sums of multiples of all elements of I multiplied by the elements of J.
With the notations above IJ = hα1 β1 , . . . , αi βj , . . . αk βl i. Among all ideals in OK
some play especially important role and replace prime numbers. They are called
prime ideals. An ideal p in OK is called prime if p 6= OK (we say p is proper)
and for any two numbers α, β ∈ OK if αβ ∈ p, then α ∈ p or β ∈ p. This is exactly
the divisibility property of primes translated to ideals (if p|ab, then p|a or p|b) when
the ideal p is principal.
√
Consider our example in which the unique factorization failed: Z[ −5]. Take the
two prime ideals (it is not difficult to check that they are prime):

√ √
p1 = h3, 1 + −5i, p2 = h3, 1 − −5i.

We have

√ √
(2) p1 p2 = h9, 3(1 − −5), 3(1 + −5)i = h3i
Normat 3-4/2011 Juliusz Brzeziński 151

√ √ √ √ √ √
p21 = h9, 3(1 + −5), (1 + −5)2 i = h1 + −5ih1 − −5, 3, 1 + −5i = h1 + −5i

√ √ √
(it is easy to check that h1− −5, 3, 1+ −5i = h1i), and similarly, p22 = h1− −5i.
Hence, the left hand side in (1) gives

h9i = h3ih3i = p1 p2 · p1 p2 = p21 p22 ,

while the right hand side

√ √
h9i = h1 + −5ih1 − −5i = p21 p22 .

Thus even if the number 9 has two different presentation as products of irreducible
numbers, the ideal h9i has exactly one presentation as a product of prime ideals (up
to the order of the factors). The argument above is not a proof, but it is possible
to prove that in all rings of integers OK in the fields K this is the case (see [C], p.
100):

Theorem 2 Let K be a field of algebraic numbers and OK its ring of integers.

Then every proper nonzero ideal I in OK is a product of prime ideals, which is
unique up to the order of the factors:

I = pe11 · · · perr ,

where pi are different prime ideals in OK .

Example 2 Let us return to the Gaussian integers Z[i]. This ring is Euclidean
(with respect to the absolute value) and as such has unique factorization. This
implies that each ideal is principal (generated by one number). As we already
noticed, prime numbers behave in three different ways in this ring.
If p = 1 (mod 4), then p = (x+yi)(x−yi) by Theorem 1. It is not difficult to check
that the ideals p1 = hx + yii and p2 = hx − yii are prime and different. Of course,
we have hpi = p1 p2 , so hpi splits into a product of two different prime ideals.
If p = 3 (mod 4) and if we have hpi = hx + yiihz + tii for some integers x, y, z, t,
then p = ε(x + yi)(z + ti), where ε is a unit in Z[i]. As we know, such an equality
implies that either p = x2 + y 2 = z 2 + t2 is a sum of two integer squares or some
of x + yi, z + ti is a unit. By Theorem 1, it must be the second possibility, since p
is not a sum of integer squares. This means that the ideal hpi remains prime – can
not be split into a product of other proper ideals (notice that hεi = Z[i] for any
unit ε).
Of course, for the prime 2, we have h2i = p2 , where p = h1 − ii, since 2 = i(1 − i)2 .
2
152 Juliusz Brzeziński Normat 3-4/2011

5 An important example
The three possible behaviors of primes in the Gaussian integers are in fact typical
in general situations. But in this section, we look closer at the Gaussian integers,
since they have more interesting properties, which illustrate the general notions.
From the last example, we know that if p = 1 (mod 4), then hpi = p1 p2 is a product
of two different prime ideals, while for p = 3 (mod 4) the ideal hpi remains prime
in Z[i]. Such primes p are unramified in Z[i], while < 2 >= p2 for a prime ideal
p and in the presence of the exponent bigger than 1, we say that 2 is ramified
in Z[i]. Moreover, we say that the primes p = 1 (mod 4) split completely. We
formulate these notions in full generality in the next section.
This behavior of primes p in the Gaussian integers can be explained by the behavior
of the equation x2 + 1 = 0 (mod p). As we know, the residues Zp = {0, 1, 2, . . . , p −
1} of the integers modulo p form a field (with addition and multiplication modulo
p). The nonzero residues in Zp form a multiplicative group of order p − 1 and
according to Lagrange’s theorem xp−1 = 1 for each nonzero x (this is simply
Fermat’s Little Theorem). Thus the equation xp−1 − 1 = 0 has p − 1 different
solutions in Zp . In this field, we have the factorization:
 p−1   p−1 
xp−1 − 1 = x 2 − 1 x 2 + 1 ,

which gives that half of the residues are zeros of the second factor. If now p = 1
(mod 4) and a is any zero of the second factor, then

p−1
 p−1 2
a 2 +1= a 4 + 1 = 0,

p−1
so x = ±a 4 are (different) solutions of the equation x2 +1 = 0 modulo p. Observe
that proving this statement, we have used the assumption p = 1 (mod 4) (and this
is the decisive point).
Assume now that p = 3 (mod 4), say p = 4k +3 for an integer k, and x is a solution
of x2 + 1 = 0 modulo p. Then xp−1 = x2(2k+1) = (−1)2k+1 = −1, which contradicts
Fermat’s Little Theorem. Thus the equation x2 + 1 = 0 can not be solved modulo
p when p = 3 (mod 4).
If p = 2, then x2 + 1 = (x + 1)2 = 0 of course has a solution x = 1 (and it has
multiplicity 2).
We can formulate our conclusions in the following way:

Lemma 1 The polynomial f (x) = x2 + 1 modulo p is irreducible if p = 3 (mod 4),

a product of two linear factors if p = 1 (mod 4), and a square if p = 2.

Thus the factorization of prime numbers p in the Gaussian integers can be perfectly
explained by different patterns of factorizations of the polynomial x2 + 1 modulo
p: The ideal hpi remains prime if x2 + 1 is irreducible, is a product of two different
Normat 3-4/2011 Juliusz Brzeziński 153

prime ideals when x2 + 1 is a product of two linear factors and is a square of a

prime ideal when x2 + 1 is a square.
If p is an odd prime, then the solvability of the equation x2 +1 = 0 (mod p), that is,
x2 = −1 (mod p) is usually expressed in terms of the Legendre symbol. In this
case −1p . This is defined as 1, when the equation is solvable and −1 otherwise.
For odd primes p, Lemma 1 says:

 
−1 p−1
= (−1) 2 ,
p

which is a special case of the law of quadratic reciprocity for the Legendre
symbol. For more about the symbol see the Appendix.
Thus we conclude that the behavior of odd primes in the Gaussian integers depends
on the residues 1, 3 modulo 4. This residues modulo 4 form a group (Z/4Z)∗ = {1, 3}
– the group of residues modulo 4 relatively prime with 4. There is a nontrivial
homomorphism of this group (in fact injection) χ4 : (Z/4Z)∗ → C∗ , where χ4 (1) =
1, χ4 (3) = −1. It is the Dirichlet character with conductor 4 (see the Remark
on Dirichlet characters at the end of this section). Notice that

   
−4 −1 p−1
χ4 (p) = = = (−1) 2 .
p p

Now we turn to the Galois group G(Q(i)/Q) = {1, σ}, where σ(z) = z̄ is the
complex conjugation. The question is: Is there a relation between different prime
numbers and the elements of the Galois group as regards the behavior with respect
to factorization? If p is a prime having a factorization p = (x + yi)(x − yi), then
the conjugation shifts the factors if only p is odd. If p remains prime then both
automorphisms in the Galois group fix the factors of the trivial factorization p =
p · 1. But we already know that we should look at factorizations of ideals rather
than on factorizations of primes.
If we now look at the action of the automorphism on the ideals rather than on the
factors, we see that if p = 1 (mod 4), then only the identity in the Galois group
maps the ideals p1 = hx + yii and p2 = hx − yii (factors of hpi) onto itself (the
conjugation shifts them). If p = 3 (mod 4), then both automorphism in the Galois
group map the prime factors of hpi (there is only one – hpi) onto itself.
Thus we attach the automorphism 1 to the primes p = 1 (mod 4), and the auto-
morphism σ to p = 3 (mod 4). The attached element of the Galois group (in fact,
the generator of the group which fixes the factors of the factorizations of hpi) is
called the Frobenius automorphism corresponding to p and denoted by F rp .
Thus F rp = 1 if p = 1 (mod 4), and F rp = σ if p = 3 (mod 4) (we assume that
p 6= 2). We shall see in a moment that the definition of F rp is very natural and still
better motivated but the case of Gaussian integers is too simple to see the whole
picture.
154 Juliusz Brzeziński Normat 3-4/2011

Finally we come to a relation between the two aspects of the Fermat’s question.
The Galois group G(Q(i)/Q) = {1, σ} has one nontrivial representation – the
only nontrivial homomorphism ρ : G(Q(i)/Q) → C∗ . It is given by ρ(1) = 1 and
ρ(σ) = −1. Hence the two observations concerning the behavior of different primes
can be expressed in the following way:

(3) ρ(F rp ) = χ4 (p)

for every odd prime p. In order to gather the information for all primes p, we can
define suitable “generating functions” – one defined by the representation ρ called
Artin L-function, and the other defined by the character χ4 called Dirichlet
L-function:

Y
L(ρ, s) = (1 − ρ(F rp )p−s )−1
p

and

Y
L(χ4 , s) = (1 − χ4 (p)p−s )−1
p

The equalities (3) translate now to the equality:

L(ρ, s) = L(χ4 , s).

But the result about the behavior of primes manifests a property of all abelian
Galois extensions of rational numbers and, as we shall see, at least conjecturally,
all finite Galois extensions of algebraic number fields (see sections 9 and 10).

Remark 3 We shall meet several times homomorphisms χ : (Z/nZ)∗ → C∗ like χ4

in the text above. Such homomorphisms are called Dirichlet characters (see [IK],
§3.2). A character χ is called primitive if it not possible to find a proper divisor d |
n such that χ is a composition of the natural homomorphism (Z/nZ)∗ → (Z/dZ)∗
and a character ψ : (Z/dZ)∗ → C∗ . If χ is primitive, then n is called its conductor.
Thus 4 is conductor for χ4 above, since this character can not be obtained as a
composition of the natural homomorphism (Z/4Z)∗ → (Z/2Z)∗ = {1} and the
(only trivial) mapping of the last group in C∗ . 2

6 What happens with prime numbers in Galois extensions?

The observations from the example presented in the previous section are in fact
rather typical as regards behavior of prime numbers in the rings of integers of
Galois extensions. The general result is as follows (see [C], p. 101):
Normat 3-4/2011 Juliusz Brzeziński 155

Theorem 3 If K is a Galois extension of Q of degree n, then for any prime number

p, we have

pOK = (p1 · · · pr )e ,

where pi are different prime ideals in OK and ref = n, where f is the degree of
the field OK /p over Z/pZ and p is any of the ideals pi .

We say that p is ramified if e > 1, and unramified if e = 1. It is split completely

if e = 1 and r = n, where n = [K : Q]. The number of ramified primes is always
finite. This terminology applies also to arbitrary algebraic extensions K but then
as we know

pOK = pe11 · · · perr ,

and the exponents ei may be different. We say that pi is ramified or unramified

depending on ei > 1 or ei = 1. A prime p is completely split if all ei = 1 and r = n.
There is only a finite number of primes p for which it may happen that ei > 1 (see
the Remark at the end of this section).
How to find factorization of a prime number in a Galois extension K of the rational
numbers? There are several results, which give computationally practical methods.
One of them, we use in the examples below (see [C], p. 100, [Ko], p. 81):

Theorem 4 Let K = Q(α) be a Galois field over the rational numbers and assume
that α is an integer in K having the minimal polynomial f (x) ∈ Z[x]. If p is a
prime number such that the polynomial f (x) modulo p has all different zeros (as
a polynomial over the finite field Z/pZ ), then p is unramified in K. Moreover, if
f (x) = f1 (x) · · · fr (x) is a product of irreducible polynomials in (Z/pZ)[x], then all
fi have the same degree and

pOK = p1 · · · pr ,

where pi are prime ideals, pi = hp, fi (α)i in OK . Thus p splits completely in K if

and only if f (x) has a factor of degree 1 modulo p, that is, the equation f (x) = 0
modulo p has a solution in OK .
√ √
Example 3 (a) Let K = Q( −5). √ Take α = −5 with minimal polynomial
f (x) = x2 + 5. We have OK = Z[ −5]. As we already noticed above, the prime
3 splits (see (2)), and now we easily check that x2 + 5 = (x − 1)(x + 1) modulo
3. According to√ the theorem above (and √ as we noted before) h3i = p1 p2 , where
p1 = h3, 1 + −5i and√ p2 = h3, 1 − −5i. The prime 11 remains prime (the
ideal h11i is prime in √Z[ −5]) since x2 + 5 modulo 11 can not be factored. We have
h5i = p , where p = h 5i, since x2 +5 =√x2 modulo 5. We also have x2 +5 = (x+1)2
2
2
√ 2, so h2i = q , where q = (2, 1+ −5). Thus the primes 2 and 5 are ramified
modulo
in Z[ −5]. These are the only ramified primes, which is easy to check. The ideal q
156 Juliusz Brzeziński Normat 3-4/2011

√ √ √
is not√principal.√In fact, if q = (2, 1 + −5) = (a + b −5), then a + b −5 | 2 and
a + b −5 | 1 + −5, which gives a2 + 5b2 | 4 and a2 + 5b2 | 6, that is, a2 + 5b2 = 1
or 2. Both possibilities are easy to exclude.
2πi
(b) Let K = Q(ε), where ε = e p for a prime p > 2. The minimal polynomial of ε
is f (x) = (xp − 1)/(x − 1) = xp−1 + · · · + x + 1. We have OK = Z[ε]. It is possible to
show that the only ramified prime is p and hpi = pp−1 , where p = (p, ε−1) = (ε−1)
(this follows easily from the factorization of f (x) and the equality f (x) = (x−1)p−1
modulo p). 2

Remark 4 If K = Q(α) for an algebraic integer α, then in order to find all but
finitely many primes p, which are unramified in K, it is possible to look at the
discriminant of f (x), which is

Y
∆(f ) = (αi − αj )2
1≤i<j≤n

where αi for i = 1, . . . , n are all zeros of f (x) in C. The discriminant ∆(f ) can
be expressed as a polynomial with integer coefficients of the coefficients of f (x).
It is not difficult to prove that if p - ∆(f ), then p is unramified. This implies, of
course, that the number of ramified primes in any algebraic number field K is finite.
Notice however that it is possible that some primes dividing ∆(f ) are unramified
anyway. There are several variants of Theorem 4, which can be used for practical
computations (see e.g. [C], p. 102). 2

7 Class field theory and its generalizations

As we have seen, a prime p is completely split in Z[i] if and only if p = 1 (mod 4).
This property of primes in the Gaussian integers is, in fact, specific for the field
Q(i) characterizing it among all abelian Galois extension of the rational numbers.
Since description and classification of all Galois extensions of the rational numbers
in terms of some kind of arithmetic properties was, and still is, an important task
of algebraic number theory, one can wonder if it is possible to characterize different
Galois extensions in terms of similar properties.
Let K be a Galois field over the rational numbers. Denote by S ∗ (K/Q) the set of
prime numbers for which the ideal pOK splits completely in OK . If the field K is
real, we shall extend the set S ∗ (K/Q) with an extra element ∞ called the infinite
prime. The meaning of this definition will be clear in a moment. The fundamental
observation, which is not very difficult to prove, but which shows the importance
of the sets S ∗ (K/Q) is the following (see [C], Theorem 8.19):

Theorem 5 Let K1 and K2 be two Galois extensions of the rational numbers.

Then K1 ⊇ K2 if and only if S ∗ (K1 /Q) ⊆ S ∗ (K2 /Q). In particular, we have
K1 = K2 if and only if S ∗ (K1 /Q) = S ∗ (K2 /Q).
Normat 3-4/2011 Juliusz Brzeziński 157

Thus if we succeed with a some reasonably simple characterization of primes in

the sets S ∗ (K/Q), then we can get a classification of Galois extensions of Q. In
fact, different attempts to find such a classification led to developments in algebraic
number theory which culminated at the beginning of 20th century with class field
theory. This theory gives an explicit description of the sets S ∗ (K/Q) when the
Galois groups G(K/Q) are abelian. It is still an open and very central problem in
number theory to find corresponding results for non-abelian Galois extensions of
algebraic number fields.
First we give some easy to describe sets S ∗ (K/Q):

Example 4 (a) Let K = Q(i). As we saw before, we have p ∈ S ∗ (K/Q) if and

only if p = 1 (mod 4). As we also know, the set S ∗ (K/Q) gives exactly those odd
primes for which the polynomial f (x) = x2 + 1 is a product of two different linear
factors. At the same time, these are those primes which are the sums of two integer
squares.
√
(b) Similarly as in (a), it is possible to prove that if K = Q( −2), then p ∈
S ∗ (K/Q) if and only if p = 1 or 3 (mod 8). This happens if and only if f (x) =
x2 + 2 splits in a product of two different linear factors. At the same time, we have
p ∈ S ∗ (K/Q) if and only if p = x2 + 2y 2 for some integers x, y.
2πi
(c) If K = Q(ε), for ε = e n , then p ∈ S ∗ (K/Q) if and only if p = 1 (mod n). 2

The general pattern seems to be that the primes belonging to S ∗ (K/Q) are char-
acterized by some arithmetical progressions defined modulo an integer in some way
related to the extension Q ⊂ K. In fact, the class field theory gives an explana-
tion of this pattern (see Theorem 8). This impressive theory was developed by
the efforts of many distinguished mathematicians. Starting with the works of Fer-
mat, Euler, Lagrange and Gauss, the theory developed during the 19th century in
the works of Kummer, Dedekind, Kronecker, Weber and culminated in the first few
decades of 20th century when Hilbert, Takagi and Artin formulated the final results
for abelian Galois extensions of algebraic number fields. During the following years
the class field theory was developed in many different ways and went through many
different contextual transformations depending on the developments in many other
fields of mathematics. But still a suitable context of possible generalizations in the
case of non-abelian Galois extensions was missing. About 1967, Robert Langlands
formulated several conjectures concerning possible generalizations of the class field
theory to arbitrary Galois extensions. In fact, the context of these generalizations
covers much more than Galois groups of algebraic number fields. We shall not try
to explain this broader perspective (see for example [G]), but only note that to-
day a few of the special cases of these conjectures are proved. We discuss some of
these developments a little closer in the following sections. Now we only mention
two aspects of the abelian case, which are starting points for different kinds of
generalizations.
The results for abelian Galois extensions of the rational numbers which give a com-
plete description of the sets S ∗ (K/Q) follow from a theorem which was formulated
by Kronecker in 1853, by Weber in 1886 and finally proved by Hilbert in 1896. It
says that every abelian extension of the rational numbers is a subfield of a suitable
158 Juliusz Brzeziński Normat 3-4/2011

cyclotomic field (see section 9 for exact formulations). This result is the first which
we want to discuss closer in the following sections. It became already famous in
1900 when David Hilbert asked about possible generalizations of it in the twelfth
problem on his list of the 23 mathematical problems for the 20th century.
The second and the most central aspect of the theory of algebraic number fields is
related to the last observations in the example discussed in section 5 – a relation
between the Artin L-function of the Gaussian integers and the Dirichlet L-function
corresponding to a suitable Dirichlet character on the rational integers.
In fact, such a relation between Artin L-functions in the case of abelian extensions
of rational numbers (we define the Artin L-functions below) and the Dirichlet L-
functions defined by characters on the rational integers exists in general. This is
in principle only a different formulation of the Kronecker-Weber Theorem. This
theorem, when formulated in terms of L-functions gives also a natural context in
which it is possible to study different reciprocity laws known in number theory
beginning with the famous law of quadratic reciprocity. We shall explain these
points in the following sections.
The Artin L-functions were defined in 1925 at the final stages of development
of class field theory in the abelian case. They are however defined for arbitrary
Galois extensions of number fields. Moreover, they are not only defined for ho-
momorphisms ρ : G(L/K) → C∗ , which give representations of the Galois group
G(L/K) of dimension 1, but for arbitrary representations ρ : G(L/K) → GLn (C)
of arbitrary dimension n. If the Galois group is abelian, then all irreducible repre-
sentations have dimension one and there is no need of n > 1. But for non-abelian
Galois groups, it is necessary to consider representations of higher dimensions.
Already at the beginning, the theory was extended to arbitrary ground fields instead
of the rational numbers so that arbitrary abelian Galois extensions of arbitrary
algebraic number fields were studied. The fundamental results of class field theory
were formulated in this context, but it was necessary to use a broader class of L-
functions generalizing those corresponding to the Dirichlet characters. These new
L-functions were defined by Hecke using so called Hecke characters in the case of
arbitrary algebraic number fields as a generalization of Dirichlet characters in the
case of the rational numbers (see [IK], p. 56, [Ko], p. 204).
Still the theory existed only in the case of abelian Galois extensions and the corre-
sponding Artin L-functions. For non-abelian Galois extension it was not clear how
to replace the Hecke (or Dirichlet) characters by other functions defined on some
kind of objects related to the rational numbers (or in general case, to the fields of
algebraic numbers). These constructions had to await for the Langlands Program
even if some functions, which much later were incorporated in the non-abelian case
were already studied by Hecke approximately at the same time when Artin defined
his functions (at the same university in Hamburg about 1925). But the insight
that the whole theory could be formulated in terms of group representations and
the corresponding L-functions came much later when Langlands formulated his
program.
We shall try to explain some of the relations in the following sections, but earlier we
have to explain a few facts about Artin maps (Artin symbol, Frobenius element).
Normat 3-4/2011 Juliusz Brzeziński 159

8 Frobenius Element and the Artin symbol

Assume that K is a Galois extension of the rational numbers. Denote by S(K/Q)

the set of all primes p, which are unramified in K, that is,

pOK = p1 · · · prp ,

where rp fp = [K : Q] for p ∈ S(K/Q). Since Z modulo p is a field, the quotient of

OK modulo p, where p is one of the ideals pi , is a field extension of it (of degree fp ).
Every automorphism σ ∈ G(K/Q), which maps p on p gives an automorphism of
the field OK /p and, in fact, we get all automorphisms of this field. Moreover, if p is
unramified, there is only one automorphism of K such that σ(p) = p, which gives
the given automorphism of OK /p. Now the field OK /p, as a field of characteristic
p, has an automorphism x 7→ xp called the Frobenius automorphism of OK /p.
The automorphism of K which defines the Frobenius automorphism of OK /p is
called the Frobenius element corresponding to p (see [C], p. 106):

Theorem 6 Let Q ⊂ K be a Galois extension, let p be a prime number unramified

in K and let p be a prime ideal in the splitting of pOK as a product of prime ideals.
Then there exists exactly one element σ ∈ G(K/Q) such that σ(x) = xp modulo p
for every x ∈ OK .

The automorphism  σ corresponding

 to p is called the Frobenius element and is
p
denoted by F rp or K/Q . But if the Galois group G(K/Q) is abelian, then the
Frobenius element is in fact the same for all prime ideals appearing in the splitting
of pO
 K . Therefore, in the abelian case, the Frobenius element is denoted by F rp
p
or K/Q . It corresponds to the prime number p.

Denoting by IK the multiplicative group of all products pk11 · · · pks s , where pi are
primes in the set S(K/Q) and ki are integers, we get a group homomorphism
 
·
: IK → G(K/Q)
K/Q

such that

  s  ki
a Y pi
=
K/Q 1
K/Q

when a = pk11 · · · pks s . This mapping is called the Artin map and ( K/Q
a
) is called
the Artin symbol (see [C], p. 106). We have very modest ambitions and restrict
the definitions to the rational numbers as a ground field, but the Artin map is
defined similarly in general case for any algebraic number field as the ground field.
The Artin map is surjective and the description of its kernel (Artin kernel) plays
160 Juliusz Brzeziński Normat 3-4/2011

a very important role in class field theory. Since we only need the definition of the
Frobenius element, we do not need to go deeper into these matters, but several
examples in the next section will give a better insight into these notions.

9 Two versions of the Kronecker-Weber Theorem

Let K = Q(α) be an abelian Galois extension of the rational numbers, where α is

an algebraic integer with minimal polynomial f (x). The prime numbers unramified
in K play two different roles in their relations with the Galois group of K. First
of all, such a prime number p defines its Frobenius element. Intuitively it is closely
related to the type of the factorization of f (x) modulo prime numbers p. This is
not quite correct intuition, since primes with different Frobenius automorphisms
can give the same type of the factorization of f (x) (see the last Example in this
section). Nevertheless, for almost all prime numbers p (all with possibly a finite
number of exceptions), the Frobenius F rp = 1 if and only if f (x) modulo p is the
product of linear factors (that is, the ideal pOK splits completely in OK ).
The other role played by primes comes from the Kronecker-Weber Theorem:

Theorem 7 Kronecker-Weber Theorem. Let K be an abelian Galois number

field over Q. Then there exists a cyclotomic field Q(εn ), which contains K (εn =
2πi
e n ).

The least n such that K ⊆ Q(εn ) is called the conductor of K and sometimes is
denoted by fK .
√
Example 5 The field K = Q( 5) has discriminant ∆ = 5 (see the end of section
3). Hence the field K is contained in the cyclotomic field Q(ε5 ). In fact, if α = √
ε5 +
ε45 , then we check that f (α) = 0, where f (x) = x2 − x − 1. We have α = 21 (1 + 5),
√
so α generates K. In general, the quadratic field K = Q( d) with the discriminant
∆ (see the end of section 3) is contained in the cyclotomic field Q(ε|∆| ) (see [C],
§8). 2

Let us express this in form of a theorem, which answers one of the most funda-
mental questions concerning the primes in abelian Galois extensions of the rational
numbers:

Theorem 8 Let K be an abelian Galois extension of the rational numbers. Then

there exists n and the residues r1 , . . . , rk relatively prime to n such that a prime
number p is completely split in K if and only if p = ri (mod n) for i = 1, . . . , k.

Proof. According to the Kronecker-Weber Theorem, there exists n such that

K ⊆ Q(εn ). As we already know, the Galois group G(Q(εn )/Q) is isomorphic
to (Z/nZ)∗ . Thus the group G(K/Q) can be represented as a quotient of (Z/nZ)∗ ,
Normat 3-4/2011 Juliusz Brzeziński 161

since G(K/Q) = G(Q(εn )/Q)/G(Q(εn )/K). Denote H = G(Q(εn )/K). Thus every
prime number p not dividing n defines an element in the quotient (Z/nZ)∗ /H. This
element equals 1 if and only if the residue of the prime p in (Z/nZ)∗ belongs to H.
Moreover, it is not difficult to check that the Frobenius element F rp corresponding
to a prime number unramified in K is in the group G(K/Q) equal to the restric-
tion of the Frobenius element F rp corresponding to the same prime number in the
Galois group G(Q(εn )/Q). Hence F rp = 1 in G(K/Q) if and only if the Frobenius
automorphism σp : εn 7→ εpn (corresponding to the residue of p in the Galois group
G(Q(εn )/Q) = (Z/nZ)∗ ) restricts to the identity on K. This happens exactly when
the residue of p is in H. Now the elements of H are some residues r1 , . . . , rk modulo
n relatively prime to n, so p ∈ H means p = ri (mod n) for i = 1, . . . , k. 2
√
Example 6 Let K = Q( −5). We√want to characterize the primes which com-
pletely split in the ring OK = Z[ −5]. The discriminant of K equals 20 and
according to the Kronecker-Weber Theorem the field K is subfield of the cy-
clotomic field L = Q(ε20 ) (see the previous example). Hence, the Galois group
G(L/Q) = (Z/20Z)∗ = {1, 3, 7, 9, 11, 13, 17, 19}. The subgroup of G(L/Q) defin-
ing the field K (as the field of fixed elements with respect to the automorphisms
ε20 7→ εr20 ) is H = {1, 3, 7, 9}. It needs some computations
√ to check that the au-
tomorphisms corresponding to these values of r fix −5. Hence, the primes which
completely split in K are p = 1, 3, 7, 9 (mod 20). An interesting point is that this re-
sult has a relation to the problem of representations of primes by the form x2 +5y 2 .
The number 5 is here an exception (ramified in K) and those represented are ex-
actly p = 1, 9 (mod 20), which was a conjecture formulated by Euler. The primes
p = 3, 7 (mod 20) are represented by the form 2x2 + 2xy + 3y 2 . This has a very in-
teresting explanation and is related to so called Gauss genera – a theory developed
by Gauss in his studies of binary quadratic forms (see [C], p. 33). 2

As we already saw in section 5, the two ways in which prime numbers define the
elements of the Galois group (Frobenius or residue class), result in a relation be-
tween two types of L-functions (the Artin L-function and the Dirichlet L-function).
This is a general phenomena which can be encoded directly into another very fre-
quent formulation of the Kronecker-Weber Theorem, which opens directly a way
to natural questions giving very fruitful generalizations:

Theorem 9 Kronecker-Weber Theorem. Let K be an abelian Galois number

field over Q and let ρ : G(K/Q) → C∗ be any homomorphism. There exists a unique
primitive Dirichlet character χρ : (Z/fρ Z)∗ → C∗ such that for each prime number
p relatively prime to fρ , we have

(4) ρ(F rp ) = χρ (p).

As we saw in section 5, in order to gather the information for all primes p, we

can define suitable “generating functions” – one defined by the representation ρ
called Artin L-function, and the other defined by the character χρ called Dirichlet
L-function:
162 Juliusz Brzeziński Normat 3-4/2011

Y
L(ρ, s) = (1 − ρ(F rp )p−s )−1 ,
p

and

Y
L(χρ , s) = (1 − χρ (p)p−s )−1 .
p

The equalities (4) translate now to the equality:

L(ρ, s) = L(χρ , s).

This last version is essentially equivalent with the first formulation of the theorem
(see [BG], p. 13, Theorem 5.2 and Corollary 5.3). Moreover, its particular cases
correspond to the reciprocity laws in different versions. We look at the best known
case of the law of quadratic reciprocity (for the Legendre symbol) in the Appendix.
The last result is also a starting point of many far going generalizations. On the “left
hand side” we can replace the representation ρ by any (irreducible) representation
G(L/Q) → GLn (C) for n > 1. Moreover, the field of rational numbers can be
replaced by any algebraic number field. On the “right hand side”, the Dirichlet
characters can be replaced by suitable other types of functions corresponding to
the representations chosen on the “left hand side”. We develop this ideas a little
more in the following sections.

Example 7 Let f (x) = x3 + x2 − 2x − 1 and K = Q(α), where f (α) = 0. Then

the solutions of f (x) = 0 are f1 (α) = α, f2 (α) = α2 − 2 and f3 (α) = 1 − α − α2 .
Moreover, the discriminant ∆(f ) = 72 and the ring of integers of K is OK =
Z ∩ K = Z[α]. The field K is contained in the cyclotomic field L = Q(ε7 ). In fact,
the example was constructed using this field of degree 6 over the rational numbers
and computing the subfield fixed by the automorphism ε7 7→ ε67 = 1/ε7 = ε̄7 of
order 2, which is the complex conjugation. Thus the fixed field K has degree 3 over
the rational numbers.
The Galois group G(L/Q) = (Z/7Z)∗ = {1, 2, 3, 4, 5, 6}. The subgroup defining K
consists of the automorphisms corresponding to 1 and 6 (the identity and ε7 7→ ε67 ).
Thus a prime p is completely split in K if and only if p = 1, 6 (mod 7). For example,
we check that

f (x) = (x + 3)(x + 5)(x + 6) (mod 13).

The corresponding Frobenius automorphism is of course the identity α 7→ α in the

Galois group G(K/Q). For the remaining primes p with the exception of p = 7,
which is ramified (f (x) = (x + 5)3 (mod 7)), the polynomial f (x) is irreducible
modulo p. The Frobenius automorphism corresponding to the primes p = 2, 5
(mod 7) is α 7→ α2 − 2, and corresponding to the primes p = 3, 4 (mod 7) is
Normat 3-4/2011 Juliusz Brzeziński 163

α 7→ 1 − α − α2 . This is easy to check computing e.g. α5 (mod 7) and α3 (mod 7).

2

10 How to generalize the Kronecker-Weber Theorem?

At the beginning of 20th century the Kronecker-Weber Theorem was already proved
and a natural question was whether it is possible to find other “standard” exten-
sions of the rational numbers, which describe, maybe some classes, of non-abelian
extensions of rational numbers in a similar way as the cyclotomic fields describe
all abelian extensions. Another problem known as “Kronecker’s Jugendtraum”
( “youthful dream”) was to find fields that correspond to cyclotomic when the
ground field is not the rational numbers, but some extension of it (for example, the
quadratic extensions of the rational numbers). This last problem became especially
famous as twelfth problem, of the 23 mathematical problems announced by David
Hilbert in 1900.
2πi
The cyclotomic fields Q(εn ) are generated by the values εn = e n of the exponential
function ex . The purpose was to find a function (instead of ex ) whose values should
generate a family of field extensions over, say, quadratic fields, which play a similar
role for abelian extensions of these fields as the cyclotomic fields play for abelian
extensions of the rational numbers.
The best known case in which this problem was solved is the case of quadratic
imaginary fields (non-real quadratic extensions of the rational numbers) in which
case Kronecker’s Jugendtraum has been solved by the theory of “complex multi-
plication” (see [C], §14 and [S]). One of the functions whose values are needed to
generate abelian extensions is the j-function (best known from the theory of elliptic
curves) but the complete answer needs some other functions as well (see [S]). Even
if there are partial results in particular cases, notably for so called CM -fields or
real quadratic fields, the problem is largely still open.
But the second formulation of the Kronecker-Weber Theorem (Theorem 9) opens
also for generalizations, which are very fruitful. At the beginning of 20th century,
it was still unclear how to generalize the statement to arbitrary Galois extensions
of the rational numbers or even abelian extensions when the ground field is an
arbitrary algebraic number field. Therefore the problem could not find a place on
the list of Hilbert problems. But during the first few decades of 20th century the
main results of the theory of abelian Galois extensions over arbitrary algebraic
number fields were accomplished as we related in section 7.
Let us recall that in the classical case of the class field theory of abelian extensions
K, the representations of the Galois group G(K/Q) have dimension 1, that is,
they are homomorphisms in the group C∗ . In general case, when the Galois group
is not necessarily abelian, there are linear representations of higher dimensions
ρ : G(K/Q) → GLn (C) in the group of non-singular n × n matrices. To each such
representation of the Galois group G(K/Q), Emil Artin attached a function, which
now is called Artin L-function:
164 Juliusz Brzeziński Normat 3-4/2011

Y 
−1
det In − ρ(F rp )p−s

L(ρ, s) = .
p

As a function of a complex variable s, it is nowhere vanishing analytic when <(s) >

1 (see [BG], Chapter 4). But the expectations go much farther. Notice also that
for simplicity, we consider here only primes p such that p is unramified in K (if
p is ramified, then the definition of the corresponding factor must be modified).
Moreover, when ρ has dimension > 1, then F rp depends in general on the ideals p in
the splitting of the prime number p. However, the Frobenius elements corresponding
to different p are conjugated inside of the Galois group, so the determinants det(In −
ρ(F rp )p−s ) only depend on p. Many very central problems in number theory are
related to the properties of the Artin L-functions. It is known that L(ρ, s) has a
meromorphic continuation to the whole complex plane, but much more is expected
(see [BG], p. 83):

Conjecture 1 (Artin Conjecture) Let ρ be an irreducible and nontrivial Galois

representation of G(K/Q). Then L(ρ, s) is an entire function in the whole complex
plane.

When the dimension of ρ is one and the ground field are rational numbers, Artin
proved that his L-function is equal to a suitable Dirichlet L-series (the Galois
field K need not be abelian) and in this case his conjecture is true (thanks to
the connections with the Dirichlet and Hecke L-functions). What happens when
the dimension of the representation is greater than 1? Notice that the question
is meaningful for arbitrary Galois extensions K of the rational numbers and, as
we noted before, the rational numbers can be replaced by any number field. Is it
possible to find a kind of L-functions defined by objects over the integers Z (like
Dirichlet characters of (Z/fK Z)∗ ) which are equal to Artin’s L-function (which are
defined in terms of the field K)?
As we saw, a possibility to establish an equality between the Artin function for one
dimensional representation ρ of G(K/Q) and an L-function of a suitable Dirichlet
character is an equivalent way to express very fundamental results in number theory
sometimes formulated in different terms. Thus, one should expect that also in
general, a possibility to establish an equality of the shape:

(5) L(ρ, s) = L(χρ , s),

where on the left, we have Artin’s L-function and on the right some hypothetical
L-functions related to a kind of arithmetical objects over the rational numbers (or
over another field chosen as a ground field) should give deep insights into interesting
problems in number theory. This is really the case even if the formulation is far
from being evident.
The next case could be the Galois representations of dimension 2 and the corre-
sponding L-functions. But the question concerning the corresponding L-functions
Normat 3-4/2011 Juliusz Brzeziński 165

and objects related to the rational numbers (or another ground field) which should
be chosen on the right hand side of the equality (5) was not clear and Artin could
not find a candidate. The insight that a generalization of class field theory to the
non-abelian case can be formulated in terms of group representations and corre-
sponding L-functions on the right hand side of (5) came much later and the suitable
notions and their context were created by Robert Langlands in 1967. Langlands
formulated several conjectures, which need several much more advanced theories
and notions than those discussed in this article. But we formulate the first of them
and give an example in one special case. Still this case is of great interest and great
importance. Let us formulate what is sometimes called Langlands’ first conjecture
(see [G], p. 203) using some notions, which are not formally defined in this article
(but which we try to explain a little closer in a special case considered in the next
section):
Langlands Conjecture for GLn . Let K be a finite Galois extension of rational
numbers and ρ : G(K/Q) → GLn (C) an irreducible representation of its Galois
group. Then there exists an automorphic cuspidal representation χρ of the group
GLn over Q such that

(6) L(ρ, s) = L(χρ , s).

Notice that the main results of the class field theory (as for example formulated in
the Theorem 9 for the case of rational numbers) correspond to the case n = 1 of
this conjecture. Many mathematicians have worked on the case n = 2, which is not
solved completely. But studies of this case gave solutions of many interesting and
important problems in number theory.
We do not explain the term “automorphic cuspidal representation”, but we give the
definitions of these objects in the case, which we discuss in the next section about
the famous result of Wiles, which is related to n = 2 in the Langlands Conjecture
and resulted in a proof of Fermat’s Last Theorem.

11 Wiles’ Theorem

The famous result of Wiles, which gives a proof of Fermat’s Last Theorem, is
related to the Langlands Conjecture for GL2 . As a matter of fact, the main re-
sult proved by Wiles with the assistance of Richard Taylor was a special case of
the Taniyama-Shimura-Weil Conjecture on elliptic curves. The relevant rep-
resentations G(Q/Q) → GL2 (C) of the Galois group and the corresponding Artin
L-functions on the left hand side in the equation (5) related to Wiles’ work are
defined by some elliptic curves E. On the right hand side of the equation (5) are
L-functions corresponding to so called modular cusp forms of weight 2 for a dis-
crete subgroup Γ0 (N ) of GL2 (R), where N is the conductor of the elliptic curve
E. In the next section, we explain how the cases n = 1 (class field theory) and
166 Juliusz Brzeziński Normat 3-4/2011

n = 2 (e.g. Taniyama-Shimura-Weil Conjecture) suit in a more general context of

the Langlands Conjecture for GLn .
An elliptic curve E defined over the rational numbers can be given by an equation
y 2 = x3 + ax + b, where a, b ∈ Z and the polynomial on the right hand side has 3
different zeros in C. If Z → R is a homomorphism into a ring R, then the set of
R−rational points of E is defined as:

E(R) = {(x, y) ∈ R2 | y 2 = x3 + ax + b},

where the equation is considered as an equation with coefficients in R (through the

given homomorphism from Z to R). If R is a field, then E(R) has a structure of
an abelian group (see e.g. [W], 2.2).
The Hasse-Weil L-function of the elliptic curve E is usually defined in the following
way (see [W], 14.2), which has no clear relation to the Galois groups. One studies
the numbers of points on the curve E reduced modulo different prime numbers,
that is, the numbers |E(Z/pZ)|, where |X| denotes the number of elements in
the set X. Now there is a difference between the primes. In general, the curve
E is still an elliptic curve when reduced modulo p, that is, considered over Z/pZ
through the natural homomorphism Z → Z/pZ. Then we say that E has good
reduction modulo p. It is always the case when p does not divide the discriminant
−16(4a3 + 27b2 ). The remaining primes behave in different ways. We shall not
discuss their behavior but we call them “bad”. For any good prime, that is, such
that the reduction of E modulo p is an elliptic curve over Z/pZ, we define

ap = p + 1 − |E(Z/pZ)|

and we don’t discuss the definition of ap for bad primes (it is 0, 1 or −1 depending
on different cases). Now the Hasse-Weil L-function of E is defined as the following
infinite product:

Y Y
L(E, s) = (1 − ap p−s )−1 (1 − ap p−s + p1−2s )−1 .
p bad p good

It was proved by Hasse (1933) that L(E, s) is holomorphic for <(s) > 3/2 and
conjectured that the function has analytic continuation to the whole complex plane
and satisfies a functional equation relating its values at s and 2 − s. A more exact
form of this relation was conjectured by Weil (1967) for a slightly modified function
L(E, s) (which is sometimes denoted by L(E, s), while the original function defined
by Hasse is called zeta function of E and denoted by ζ(E, s), see [BG], Chap. 5).
It is far from being evident that the definition of the L-function of E can be given
in terms of Galois groups and their representations. In a moment, we describe
such a definition but first let us note that it is not necessary for a formulation of
the Taniyama-Shimura-Weil Conjecture whose proof (in a special case) resulted
in a proof of Fermat’s Last Theorem given by Wiles. However, the transition to
Galois representations defined by elliptic curves is necessary as a key to the proof
Normat 3-4/2011 Juliusz Brzeziński 167

of the Conjecture. For us it is essential as an example showing that the Langlands

Conjecture is relevant in this case and that the validity of the Taniyama-Shimura-
Weil Conjecture supports the Langlands Conjecture. Elliptic curves play a role of
a bridge between the two sides of the equality (6) in the Langlands Conjecture.
First the left hand side. Let E be an elliptic curve over Q with Hasse-Weil L-
function

∞
X an
(7) L(E, s) = .
n=1
ns

The Taniyama-Shimura-Weil Conjecture says that for any elliptic curve E over Q
the function

∞
X
(8) ϕE (s) = an q n ,
n=1

where q = e2πis is a modular cusp form for Γ0 (N ) for some N (see Theorem 10
as an explanation of this notion). An elliptic curve with this property is called
modular. Thus the Taniyama-Shimura-Weil Conjecture says that every elliptic
curve over the rational numbers is modular. As a notational convention, we denote
by L(ϕ, s) the right hand side of (7) if ϕ is given by the right hand side of (8). We
say that ϕE (s) is the q-expansion of the function L(E, s).
Andrew Wiles (with the cooperation of Richard Taylor) proved in 1994 that the
Taniyama-Shimura-Weil Conjecture is true for a special class of elliptic curves
over the rational numbers. This class contains the curves y 2 = x(x − ap )(x + bp ),
where p > 5 is a prime and ap + bp = cp for some positive integers a, b, c. Such
elliptic curves are called Hellegouarch-Frey elliptic curves. It was proved by
Kenneth Ribet in 1986 that if a Hellegouarch-Frey elliptic curve exists (that is,
the corresponding Fermat equation has a solution), it is not modular. Thus Wiles
proved that such curves can not exist, that is, there are no nontrivial solutions to
the Fermat equation ap + bp = cp when p > 5.
Let us note that the Taniyama-Shimura-Weil Conjecture was proved in its full
generality in 1999 by Christophe Breuil, Brian Conrad, Fred Diamond and Richard
Taylor.
As we pointed earlier, at the same time when Emil Artin introduced his L-functions,
Erich Hecke studied relations between holomorphic functions

∞
X
ϕ(s) = an q n , q = e2πis , s ∈ C, =s > 0
n=1

(sometimes satisfying some extra conditions) and the corresponding functions

168 Juliusz Brzeziński Normat 3-4/2011

∞
X an
L(ϕ, s) = .
n=1
ns

These investigations were continued by André Weil (1967) who generalized Hecke’s
results for SL2 (Z) showing that if ϕ(s) is a modular cusp form of weight k for a
group Γ0 (N ) and an eigenvector for all Hecke operators (on the vector space of
all modular cusp forms of weight k), then L(ϕ, s) has all properties which very
often one expects (e.g. in the Hasse-Weil Conjecture or in the Artin Conjecture)–
it extends uniquely to a holomorphic function on the whole complex plane and
satisfies a functional equation relating its values at s and k − s.
In his proof, Andrew Wiles used Galois representations G(Q/Q) → GL2 (C) arising
from elliptic curves. If E is an elliptic curve and ρE : G(Q/Q) → GL2 (C) the Galois
representation described below, then the Artin L-function L(ρE , s) is the same as
the Hasse-Weil L-function L(E, s). In such a way, we have

L(ρE , s) = L(E, s) = L(ϕE , s)

for the modular form ϕE corresponding to E. This is exactly the kind of result
which follows the prediction of the Langlands Conjecture for n = 2. Thus the main
result of Wiles, which gave the final proof of Fermat’s Last Theorem, was a proof of
(a special case of) the Shimura-Taniyama-Weil conjecture (which at the same time
gives validity of the Hasse-Weil Conjecture). We formulate this result in a form,
which takes into account the fact that the Shimura-Taniyama-Weil Conjecture is
proved in its full generality:

Theorem 10 For each elliptic curve E defined over Q there exists a modular cusp
form ϕ such that

L(E, s) = L(ϕ, s).

More exactly, if L(E, s) is Hasse-Weil L-function of E and ϕE (s) the corresponding

q-expansion of it, then ϕ = ϕE and there exists an integer N such that for all s ∈ C,
=s > 0, we have

 
as + b
ϕE = (cs + d)2 ϕE (s) for every a, b, c, d ∈ Z, ad − bc = 1 and N | c,
cs + d

and

 
−1
ϕE = ±N s2 ϕE (s).
Ns
Normat 3-4/2011 Juliusz Brzeziński 169

The two conditions above define ϕE as a modular cusp form of weight 2 and level
N for the group Γ0 (N ) (this group of 2×2 matrices is described in the last theorem
by the conditions on their elements a, b, c, d ).
What we need now is an explanation of the way from an elliptic curve E to a
Galois representation ρE : G(Q/Q) → GL2 (C) with the Artin L-function equal to
L(E, s).
Consider as before, an elliptic curve E defined over Q. Using the group structure
2
defined on the points (x, y) ∈ Q of E, we consider the subgroups E[m] of E(Q)
consisting of elements whose orders divide m. It is well known that E[m] ∼
= Z/mZ×
Z/mZ (see [W], p. 79).
Now the automorphisms σ from the Galois group G(Q/Q) act on the group E[m]:
If (x, y) ∈ E(Q), then σ(x, y) = (σ(x), σ(y)). Fixing an isomorphism with Z/mZ ×
Z/mZ and choosing a basis, we get a matrix representation of σ as an invertible
linear mapping. Thus, for every positive integer m, we get a representation:

ρm : G(Q/Q) → GL2 (Z/mZ).

In particular, we fix a prime number p and choose as m all its powers m = pk for
k = 1, 2, . . .. A not complicated construction shows that we can choose bases for
Z/pk Z × Z/pk Z in such a way that matrices Mpk corresponding to ρpk are equal
modulo pk for all k = 1, 2, . . .:

Mpk = Mpk+1 (mod pk ).

Such a sequence of matrices defines a matrix over the p-adic integers Zp (see the
Appendix on p-adic numbers) and in this way a representation:

ρ0p : G(Q/Q) → GL2 (Zp ).

The ring Zp (of characteristic 0) has a field of quotients Qp . Its algebraic closure
Qp can be embedded into the complex numbers. In fact, the (ultra) metric on
the field of p-adic numbers can be uniquely extended to Qp and further to an
algebraically closed field Cp which is complete with respect to the extended metric
and isomorphic, as a field, to the complex numbers. If we fix such an isomorphism,
we get a representation:

ρ0p : G(Q/Q) → GL2 (C).

Notice that we use the same notation for this representation, since we only want to
point out a possibility to replace Cp by C in order to see the relevance of this case
in the general context of Langlands Conjecture for GL (in fact, it is not necessary
to return to complex numbers in order to formulate what follows below). Thus, we
have obtained a representation ρE = ρ0p defined by the elliptic curve E. What we
170 Juliusz Brzeziński Normat 3-4/2011

need now is to show that the Artin L-function corresponding to the representation
ρ0p is exactly the same as the Hasse-Weil L-function L(E, s).
Denote Fp = Z/pZ. Let p be a prime such that E has good reduction modulo it.
Then we have the geometric Frobenius endomorphism F rp of E(Fp ) defined by2
F rp (x, y) = (xp , y p ). In the Galois group G(Q/Q), there is a Frobenius element
F rq whose image in G(Fp /Fp ) is the Frobenius automorphism x 7→ xp . Essentially
this is the Frobenius automorphism discussed earlier, but since now, we consider
the Galois group G(Q/Q), we have to modify somewhat the definition (taking
restrictions to the finite extension K of the rational numbers). Now, we have (see
[BG], Chap. 5):

Theorem 11 Let q be a prime such that E has a good reduction modulo q and
q 6= p. Then we have det(ρ0p (F rq )) = q and

tr(ρ0p (F rq )) = 1 + q − |E(Fq )|

Thus the L-function corresponding to the representation ρ0p defined according to

the Artin’s definition will be

Y 
−1
det I2 − ρ0p (F rq )q −s

L(E, s) = ,
q

which taking into account Theorem 11 gives

det( I2 − ρ(F rq )q −s ) = 1−tr(ρ0p (F rq )q −s +det(ρ0p (F rq ))q −2s = 1−aq q −s +q −2s+1 .

 

Hence,

Y
L(ρE , s) = (1 − aq q −s + q 1−2s )
q

and disregarding “the bad primes”, we get exactly the same Hasse–Weil L-function
of the elliptic curve E.

12 A few comments on the Langlands program

As we noted earlier, the Langlands Conjecture for GLn is only one of several state-
ments, which form the whole Langlands Program. Moreover, the group GLn can
2 We use the term “endomorphism” and not “automorphism” since F r is not invertible as a
p
mapping of the elliptic curve. We say “geometric” since it is defined on points of a curve and not
as before on a field extension.
Normat 3-4/2011 Juliusz Brzeziński 171

be replaced by any group in a big class of algebraic groups for which the Program
is formulated. Even if there existed only a few results confirming the Langlands
Program, when it was formulated, the new developments show more and more in
support of it. It is not restricted to the algebraic number fields. There are natural
versions of the conjectures in many other cases, which usually are studied in con-
nection with other mathematical problems when there is a possibility to formulate
analogical questions. Thus, there are versions of the Program for local and global
fields, finite fields, function fields of algebraic varieties over complex numbers and
others. The part of the Program related to function fields of algebraic varieties is
usually called Geometric Langlands. Many mathematicians working in these very
central, active and difficult fields of mathematics contributed with results support-
ing the Program, which probably will take centuries to fulfill and develop. Just an
analogue of the class field theory for all Galois extensions (not only abelian) is a
tremendous task!
As we noted before, a fundamental question was how to replace Dirichlet charac-
ters over the rational numbers (or Hecke characters over arbitrary algebraic num-
ber fields) on the right hand side of the equation (6). In order to formulate the
conjectures in full generality, Langlands defined a new kind of groups (L-groups),
L-functions and special group representations. This is a very extensive theoretical
material, which of course we are not able to discuss here. There are several good
review articles and collections of such related to this subject, notably, [Kn],[G],[BG].
What we shall try to explain is how to find a context in which different results such
as class field theory or Shimura-Taniyama-Weil Conjecture (Hasse-Weil Conjecture)
can be studied. The groups involved are GLn . These groups can be considered over
arbitrary commutative rings. In the special case, which is the closest to the classical
class field theory, they are linear groups GLn over so called adele rings. In the
simplest case, which we discuss, these groups are the linear groups GLn (AQ ) over
the adele ring AQ of the rational numbers. The adele ring AQ of Q involves a kind
of product of all possible completions of Q with respect to both the archimedean
metric (the absolute value) and all non-archimedean (ultra-)metrics corresponding
to all prime numbers (see the Appendix). Thus the real numbers are involved as
the “infinite component” of GLn (AQ ) – the completion with respect to the usual
absolute value on Q. This completion is the group GLn (R). Langlands studies the
representations of the groups GLn (AQ ) on some particular function spaces on the
quotients GLn (AQ )/GLn (Q)Zn (AQ ). Here the group GLn (Q) of n×n matrices over
the rational numbers is embedded diagonally in the product defining the group
GLn (AQ ), and Zn (AQ ) is the center of this group. In the case n = 1, we have
representations of the group GL1 (AQ ) = A∗Q on the complex numbers, which in fact
are characters of the group GL1 (AQ )/GL1 (Q) = A∗Q /Q∗ , that is, homomorphisms
A∗Q /Q∗ → C∗ . It appears that here “automorphic cuspidal representations” are
closely related to the usual Dirichlet characters. A detailed explanation of this
relation can be found in [B], pp. 258-259.
In the case n = 2, we get representations of GL2 (AQ ) on a particular function space
on GL2 (AQ )/GL2 (Q)Z2 (AQ ). It is shown in [GGP-S], Appendix to §4 of Chapter 3,
how to lift the classical modular cusp forms, which correspond to representations of
the infinite component GL2 (R) of GL2 (AQ ) (modulo congruence subgroups Γ0 (N )
172 Juliusz Brzeziński Normat 3-4/2011

as in section 11) to representations of the groups GL2 (AQ ). Thus, the “automorphic
cuspidal representations” appear in this case as modular cusp forms considered in
the last section.
After 1970 several important mathematical achievements were related to the Lang-
lands Program. One of the first positive results for n > 1 was concerned with the
case n = 2, that is, with representations ρ : G(Q/Q) → GL2 (C). Pierre Deligne
and Jean-Pierre Serre showed that a special class of modular cusp forms of weight
1 for the group Γ0 (N ) correspond to a special class of irreducible representations
of dimension 2 in accordance with the Langlands Conjecture for GL2 . Recall that
Wiles result is also related to two-dimensional Galois representations over the ratio-
nal numbers. Several other important results are proved in this case, but the general
case related to the representations ρ : G(Q/Q) → GL2 (C) is still not completely
solved.
Robert Langlands proved several of his conjectures related to the fields of real and
complex numbers. George Lusztig proved corresponding results over finite fields.
Laurent Lafforgue proved Langlands conjectures for the general linear group GLn (K)
over global function fields K (1998), which gave a generalization of earlier results of
Vladimir Drinfeld for n = 2 (1974). Philip Kutzko (1980) proved Langlands conjec-
tures for GL2 (K) over local fields. Gérard Laumon, Michael Rapoport, and Ulrich
Stuhler (1993) proved the Langlands conjectures for the groups GL(n, K) when
K is a field of a nonzero characteristic. Richard Taylor and Michael Harris (2001)
proved the Langlands conjectures for GLn (K) for local fields K of characteristic
0. This was proved also by Guy Henniart (2000). A short time ago, Ngo Bao Chau
proved a closely related result which plays an important role in Langlands Program
(the so-called “Fundamental Lemma”).
Several of these achievements were rewarded with different international prizes
in mathematics including several Fields Medals (Vladimir Drinfeld, Laurent Laf-
forgue, Ngo Bao Chau) and probably, many more will earn this greatest mathe-
matical honour through new achievements related to the Langlands Program for
many years in the future.

APPENDIX
A.1 Fermat’s theorem on two squares.
Here we give a proof of the Fermat theorem 1 saying that a prime p is a sum of
two integer squares if and only if p = 2 or p = 1 (mod 4).
The “only if” part is very easy to prove. In fact, if p is and odd prime and a sum
of two squares, then one of them must by even and the other one odd. A square
of an even number gives residue 0 modulo 4, and a square of an odd number gives
residue 1 (if x = 2k + 1, then x2 = 4(k 2 + k) + 1). Thus p as a sum of an even
and an odd square must give residue 1 modulo 4. Hence, primes giving residue 3
modulo 4 can not be sums of two integer squares.
Normat 3-4/2011 Juliusz Brzeziński 173

Conversely, we have to prove that if p = 1 (mod 4), then p is a sum of two integer
squares. We already know from Lemma 1 that the equation x2 + 1 = 0 has a
solution modulo p, so there is an integer x such that p | x2 + 1 = (x + i)(x − i) in
Z[i]. This means that (x + i)(x − i) ∈ hpi. If hpi is a prime ideal, then x + i ∈ hpi
or x − i ∈ hpi. But it means that x + i = p(a + bi) or x − i = p(a − bi) (conjugate
the first equality). This is of course impossible since p - 1. Thus the ideal hpi is not
prime, and p is reducible, that is, p = (x + yi)(z + ti) in Z[i], where neither x + yi
nor z + ti is a unit. Taking the square of the absolute value, we get (as before in
section 4) that p = x2 + y 2 is a sum of two integer squares.

A.2 Legendre symbol

Here we gather a few properties of the Legendre symbol, which we need in the text.
Let p be an odd prime number and a an integer. The Legendre symbol ap gives
information about the existence of solutions to quadratic equations modulo primes.
If p - a, then the symbol is equal 1 when the equation x2 = a has a solution modulo
p, and −1 when such a solution does not exist. We define the value of the symbol
equal 0 if p | a. Since the mapping x 7→ x2 is a homomorphism of the group (Z/pZ)∗
with p − 1 elements and the kernel of this homomorphism consists of exactly two
residues ±1 (the equation x2 = 1 has two solutions ±1 in Z/pZ), there are exactly
p−1
2 nonzero residues modulo p, which are squares. This means that the equation
x2 = a (mod p) is solvable for exactly p−12 residues a. This observation gives what
is known as the Euler criterion:

 
a p−1
=a 2 (mod p).
p

In fact, the nonzero residues in Z/pZ form a group of order p − 1 so ap−1 = 1 for
each nonzero a (this is Fermat’s Little Theorem). Hence the equation

p−1 p−1
(9) xp−1 − 1 = (x 2 − 1)(x 2 + 1) = 0

p−1 p−1
has exactly p − 1 solutions. If x2 = a has a solution, then a 2 = (x2 ) 2 = xp−1 =
1. Thus those a for which the Legendre symbol equals 1 are exactly the zeros of
the first factor in (9). Hence the remaining p−1
2 residues are the zeros of the second
p−1
factor of (9). For them the Legendre symbol is equal −1 and a 2 = −1.
Notice that Euler’s criterion shows that

    
ab a b
=
p p p

  p−1
−1
as well as gives the equality p = (−1) 2 , which we used in section 5.
174 Juliusz Brzeziński Normat 3-4/2011

A.3 Quadratic reciprocity law.

As an application of the Kronecker-Weber Theorem, we prove the law of quadratic
reciprocity:

Theorem 12 Let p and q be two different odd primes. Then

  
p q p−1 q−1
= (−1) 2 2 .
q p

Proof. Let p and q be two different odd prime numbers. Consider the cyclotomic
field K = Q(εp ), where εpp = 1 and εp 6= 1. Since the Galois group G = G(K/Q) =
(Z/pZ)∗ is cyclic of (even) order p − 1, the field K contains exactly one quadratic
subfield M , which corresponds the subgroup of index 2 in G. This subgroup is G2 ,
the subgroup of all squares of the elements of G, since the homomorphism g 7→ g 2
of G has the kernel consisting of the two residues satisfying the equation g 2 = 1,
that is, ±1. Its image is H = G2 so it is a subgroup of index 2.
√ p−1
The only quadratic subfield of K is M = Q( p∗ ), where p∗ = (−1) 2 p. This
fact, known since Gauss published “Disquisitiones Arithmetica”, can be proved in
several different ways. One method
√ is to refer to Theorem 5 noting that the only
prime number ramified in Q( p∗ ) is just p and the same prime number is ramified
in K.
Now the prime number q is split in M if and only if the polynomial x2 − p∗ is a
product of two linear factors modulo q, that is, if and only if

p∗
 
= 1.
q

At the same time, the Frobenius automorphism F rq = 1 on M if and only if F rq

is a square in G(K/Q), that is, the residue q is a square in (Z/pZ)∗ , which means
 
q
= 1.
p

Hence

p∗
   
q
= ,
q p

which is only just another (typographic) form of the quadratic reciprocity:

     ∗    p−1
!   p−1
p q p p p p (−1) 2 −1 2 p−1 q−1
= = = = (−1) 2 2
.
q p q q q q q q

2
Normat 3-4/2011 Juliusz Brzeziński 175

A.4 p-adic numbers.

It is well known that every real number is a limit of a sequence of rational num-
bers with respect to the distance defined by the absolute value. For example, if
α = a0 , a1 a2 . . ., where a0 is the integer part of α and ak for k = 1, 2, . . . are its
consecutive decimal digits, then α = limk→∞ αk , where

a1 a2 ak
αk = a0 + + + ··· + k.
10 100 10

We say that the real numbers R are obtained as a completion of the rational
numbers with respect to the metric defined by the absolute value, that is, d∞ (a, b) =
|a − b| for a, b ∈ Q. But there are other metrics on the rational numbers – every
prime number p defines a metric if we define dp (a, b) = p−k if a − b = pk · rs , where
r, s are integers and p - rs. It is easy to check that Q with respect to dp is a metric
space. The essential difference between d∞ and dp is that the last metrics satisfy a
very strong form of the triangle inequality:

d∞ (a, b) ≤ d∞ (a, c) + d∞ (b, c) while dp (a, b) ≤ max(dp (a, c), dp (b, c)).

for any a, b, c ∈ Q. The metric d∞ is called archimedean, while dp for prime numbers
p are called discrete metrics (or non-archimedean). But one can also complete the
rational numbers with respect to these metrics. The resulting limits of sequences
of rational numbers are called p-adic numbers and are denoted by Qp . A typical p-
adic number can be obtained in the following way. Every integer a can be uniquely
written in the basis p as a sum

a = a0 + a1 p + · · · + ak pk ,

where 0 ≤ ai < p (that is, the digits in the basis p are 0, 1, . . . , p − 1). A p-adic
integer α can be uniquely presented as a convergent series with respect to the
metric dp , that is,

α = a0 + a1 p + · · · + ak pk + · · · ,

where 0 ≤ ai < p, and if

αk = a0 + a1 p + · · · + ak pk ,

then dp (αk , αl ) → 0 when k, l → ∞ (it is an easy exercise to show that the last
condition can be replaced by dp (αk , αk+1 ) → 0 when k → ∞). The p-adic integers
are denoted by Zp and it is possible to show that with respect to natural extension
of addition and multiplication from Z they form a ring. Now the field of p-adic
numbers Qp can be defined as the quotient field of Zp . If α is a p-adic integer, then
α = pr ε, r ≥ 0, where
176 Juliusz Brzeziński Normat 3-4/2011

ε = a0 + a1 p + · · · + ak pk + · · ·

has a0 6= 0. It is easy to check that such a p-adic integer has an inverse in the ring
Zp . Hence each p-adic number in Qp can be uniquely written as α = pk ε, where k
is an integer.
It appears that the metrics d∞ and dp for prime numbers p are essentially all
possible on Q (when suitable notion of equivalent metrics is defined). A global
object used in connection with group representations in number theory is the adele
ring of Q which makes it possible to study simultaneously all metrics. In fact, their
roles are often equally essential and it is very convenient to have a possibility to
treat them equally. The adele ring QA is defined as the product of all Qp (it is
convenient to denote R = Q∞ ), that is, the set of all sequences (αp ), where αp ∈ Qp
and αp ∈ Zp for all p with possibly a finite number of exceptions. It is easy to check
that QA is a ring – the adele ring of Q.

A.5 Why “classes” in class field theory?

Sometimes, each ideal can be generated by one number, that is, can be given in
the form I = hαi. In Z or Z[i] all ideals can be represented in this way. We say
that these rings are principal ideal rings. In fact, the ring of integers in any
algebraic number field K is a principal ideal ring if and only if the factorization
of its elements into irreducibles is unique. But this property is rather exceptional.
A measure of its failure is the size of the class group of the ring OK . We say that
two ideals I, J of this ring belong to the same class if there are numbers α, β ∈ OK
such that αI = βJ. Denoting the class of I by [I], we can define multiplication of
classes in the natural way: [I][J] = [IJ]. It is possible to prove that classes of the
ideals of OK form a finite group C(OK ) whose unit is the class of OK . The order
of this group is called the class number of OK and will be denoted by h(OK ). The
class number h(OK ) = 1 if and only if all ideals in OK are principal, which means
that OK has unique factorization. A usual way to define the class group C(OK )
is the quotient of the group IK of all ideals of K (including so called fractional
ideals) by the subgroup PK of principal (fractional) ideals.
√
As we noted in section √ 4, the unique factorization fails in the ring Z[ −5]. In fact,
the ideal p = h3, 2 + −5i √ is not principal. Assuming that√ p can be generated
√ by
only one number √ α = a + b √ −5, a, b ∈ Z, we
√ get h3, 2 +√ −5i = ha +√ b −5i. This
gives 3 = (a + b −5)(c + d −5) and 2 + −5 = (a + b −5)(c0 + d0 −5). Taking
the absolute values, we get a2 + 5b2 = 1 or 3 or 9 and each case easily results√ in a
contradiction. In fact, it is possible to prove that the class number
√ of Z[ −5] is 2,
that is, every ideal is principal or is of form αp, where α ∈ Q[ −5].
One of the main problems in number theory is to study class groups of the rings
of integers in algebraic number fields. The knowledge of class groups is decisive
in many interesting and important problems. One of the fundamental results in
class field theory is a beautiful relation between Galois groups and class groups of
algebraic number fields. This relation explains in fact the source of the name of the
theory – class field theory. The close relation between class groups of the algebraic
Normat 3-4/2011 Juliusz Brzeziński 177

integers in algebraic number fields and Galois groups of the abelian field extensions
of these fields is manifested in many theorems. Let us mention one, probably most
distinct, which relates so called Hilbert class field to the class group. Let K be
an algebraic number field. The Hilbert class field of K is a Galois extension H of
K such that the Galois group G(H/K) is isomorphic to the class group of OK by
means of a mapping defined by the Artin symbol (see the end of section 8):
 
·
: IK → G(H/K),
H/K

which gives a surjective map onto the Galois group and whose kernel is the sub-
group of the group IK generated by the principal ideals in H, that is, the induced
isomorphism of the quotient is just the isomorphism of the class group C(OK ) with
G(H/K). Let us mention that the Hilbert class field of K is the maximal abelian
unramified extension of this field.
Acknowledgment. The author would like to thank David Cox for many helpful
comments and suggestions.

References
[BG] Bernstein, J., Gelbart, S. (Editors): Introduction to the Langlands program,
Birkhäuser, Boston, 2003.

[B] Bump, D.: Automorphic Forms and Representations, Cambridge University

Press, (1997).

[C] Cox, M.: Primes of the form x2 + ny 2 , Fermat, Class Field Theory, and
Complex Multiplication, John-Wiley &Sons, Inc., New York 1989.
[G] Gelbart, M.: An Elementary Introduction to the Langlands Program, Bull.
Am. Math. Soc. 10, 177–219 (1984).

[GGP-S] Gelfand, I.M., Graev, M.I., Piatetski-Shapiro, I.: Representation theory and
automorphic functions, W. B. Saunders Company, Philadelphia, (1969).

[IK] Iwaniec, H., Kowalski, E.: Analytic Number Theory, American Math. Soc.,
Colloquium Publications vol. 53,Providence R.I. 2004.

[Kn] Knapp, A.W.: Introduction to the Langlands Program, Proc. Symp. Pure
Math. 61, 245–302 (1997).

[Ko] Koch, H.: Number Theory, Algebraic Numbers and Functions, Graduate
Studies in Mathematics, vol. 24, American Math. Soc., Providence R.I. 2000.
[N] Nagell, T.: Introduction to Number Theory, AMS Chelsea Publishing,
Providence R.I., (1964).

[W] Washington, L.C.: Elliptic Curves, CRC Press, Boca Raton FL. 2008.