M3P11: GALOIS THEORY

LECTURES BY PROF. KEVIN BUZZARD; NOTES BY ALEKSANDER HORAWA

These are notes from the course M3P11: Galois Theory taught by Prof. Kevin Buzzard in
Fall 2015 at Imperial College London. They were LATEX’d by Aleksander Horawa.
This version is from May 30, 2016. Please check if a new version is available at my website
https://sites.google.com/site/aleksanderhorawa/. If you find a mistake, please let
me know at [email protected].
Course website: http://wwwf.imperial.ac.uk/~buzzard/maths/teaching/15Aut/M3P11/

Contents

Introduction 1
1. Rings and fields 3
2. Field extensions 9
3. Straightedge and compass construction 18
4. Splitting fields 19
5. Separable extensions 24
6. The fundamental theorem of Galois theory 28
7. Insolvability of the quintic (by radicals) 40

Introduction

Historically, the subject of Galois theory was motivated by the desire to solve polynomial
equations:
(1) p(x) = 0
with p(x) = a0 + a1 x + · · · + ad xd , a polynomial. If ad 6= 0, d is the degree of p(x). How to
solve equation (1)?
If d = 1, it is easy: if a0 + a1 x = 0, then x = − aa10 .
If d = 2, there is a formula for solutions of a quadratic equation. We get it by completing
the square. For example: to solve
x2 + 4x − 19 = 0
1
2 KEVIN BUZZARD

we note that it is equivalent to

(x + 2)2 = x2 + 4x + 4 = 23
√
and hence x = −2 ± 23.
If d = 3, the cubic equation was solved by Cardano (1545). Here is a practical method for
solving cubics. Suppose we want to solve
Ax3 + Bx2 + Cx + D = 0
where A 6= 0.

Step 1. Divide by A to get an equation of the form

x3 + B 0 x2 + C 0 x + D 0 = 0
Step 2. Complete the cube: substitute x 7→ x + B 0 /3 to get an equation of the form
x3 + Ex + F = 0.
Step 3. Substitute x = p + q with p, q unknowns (picking up an extra degree of freedom).
Expand out
(p + q)3 + E(p + q) + f = 0
to get
p3 + q 3 + 3pq(p + q) = −E(p + q) − F.
Now we lose the extra degree of freedom by demanding that 3pq = −E. After
cancellation, we get two equations:
p3 + q 3 = −F and 3pq = −E.
Hence we know the sum and the product of the number p3 and q 3 :
 3
3 3 3 3 −E
p + q = −F and p q = ,
3
so p3 and q 3 are roots of the quadratic equation
 3
2 −E
X + FX + = 0.
3
Solve the quadratic to get that p3 is one root (and we get 3 choices for p). For each
choice of p, we get q = −E
3p
and x = p + q.

The quartic (d = 4) was solved shortly after by Cardano and his student Ferrari. Just like
the quadratic and the cubic, the formula for the solutions of a quartic equation, the formula
only involves the operations
√
+ − × ÷ n
for some n’s.
The question of d = 5 remained open for hundreds of years. Lagrange (1770) wrote a general
treatise on solving polynomial equations. He still could not solve the quintic though. This
was finally resolved by Raffini (1799) (incomplete proof) and Abel (1823) (complete proof):
√
there is no formula for roots of a quintic using only + − × ÷ n .
 M3P11: GALOIS THEORY 3

Évariste Galois (1831) gave a far more conceptual proof, inventing group theory on the way.
He died at 20 in a duel (1831). The paper was only published in 1846.

1. Rings and fields

Recall that a ring is

• a set R,
• elements 0, 1 ∈ R,
• maps + : R × R → R and × : R × R → R,

subject to 3 axioms

(1) (R, +) is an abelian group with identity 0,

(2) (R, ×) is a commutative semigroup, i.e. a × (b × c) = (a × b) × c, a × 1 = 1 × a = a,
and a × b = b × a for all a, b, c ∈ R,1
(3) distributivity: a × (b + c) = a × b + a × c for all a, b, c ∈ R.

Examples of rings: Z, Q, R, C, Z/nZ for n ≥ 1.

We are not really interested in general rings in this course. This course is about fields.
Definition. A field is a ring R that satisfies the following extra properties

• 0 6= 1,
• every non-zero element of R has a multiplicative inverse: if r ∈ R and r 6= 0, then
there exists s ∈ R such that rs = 1; in other words: R \ {0} is a group under × with
identity 1.

Non-example of a field: Z. Indeed, 3 ∈ Z and 7 ∈ Z, but there is no integer x such that

3x = 7, so 3/7 6∈ Z.
However, Q, R, C are fields. (Z/nZ is a field if and only if n is prime.)
What is the point of fields? It is the correct language for vector spaces: we can talk about
a vector space over a field. In this course, we will delve deeper into the internal structure of
fields.
Proposition 1.1. Suppose K is a field and X ⊆ K is a subset of K, with the following
properties:

(1) 0, 1 ∈ X,
(2) if x, y ∈ X, then x + y, x − y, x × y ∈ X and if y 6= 0 then x/y ∈ X.

Then X is a field.

Proof. By assumption, X is closed under addition and multiplication. Moreover, X is clearly

a ring, because X inherits all the axioms from K. Finally, 0 6= 1, and if 0 6= x ∈ X, then
x−1 ∈ X by assumption. Therefore, X is a field. 
1Some people do not assume that rings are commutative. In this course, all rings are commutative.
4 KEVIN BUZZARD

Remark. We call X a subfield of K.

So let us try and write down some new fields. Think of the smallest subfield of C containing Q
and i. Remember: if x, y are in this subfield, then x + y and xy are too. If a field contains Q
and i, then it must contain x + iy for all x, y ∈ Q. So let us consider the set
X = {x + iy : x, y ∈ Q}.
Question: Is X a field, i.e. is X a subfield of C? By Proposition 1.1, we know what we have
to do. First, clearly 0, 1 ∈ X and a + b, a − b, a × b ∈ X for a, b ∈ X. For division, say
a = x + iy with x, y ∈ Q and b = s + it with s, t ∈ Q, not both 0. Then
a x + iy (x + iy)(s − it) element of X
= = = ∈ X,
b s + it (s + it)(s − it) s2 + t2
since s2 + t2 ∈ Q is non-zero. Hence by Proposition 1.1, it is a field.
√
Now, set α = 3 2 ∈ R and try to build a subfield of R containing Q and α. What do we
need in this field? Clearly, need x + yα for all x, y ∈ Q. Note that α3 = 2, but α2 6∈ Q and
it is not obviously of the form x + yα. Challenge question: is α2 of the form x + yα with
x, y ∈ Q? Let us throw in α2 . Set
X = {x + yα + zα2 | x, y, z ∈ Q}.
Easy: check that if a, b ∈ X, then so is a + b, a − b, a × b. Challenge question: if b 6= 0, is
a/b ∈ X?
Similarly, suppose α2015 = 2 and let
X = {x0 + x1 α1 + · · · + x2014 α2014 | xi ∈ Q}.

Two tricky questions:

(1) X is clearly a vector space over Q and {1, α, . . . , α2014 } is clearly a spanning set, but
is it a basis?
(2) X is clearly a ring, but is it a field?
Here is an answer to question (2).
Proposition 1.2. Suppose V ⊆ C is a subring (i.e. 0, 1, ∈ V and it is closed under +, −, ×)
and Q ⊆ V . Then V can clearly be regarded as a vector space over Q. Assume furthermore
that V is a finite-dimensional as a vector space over Q. Then V is a field.
Remark. The set X above satisfies the hypotheses of the proposition: since {1, α, . . . , α2014 }
is a finite spanning set, X has a finite basis. Hence X is a field.

Proof of Proposition 1.2. By Proposition 1.1, all we need to check is that if 0 6= v ∈ V , then
1/v ∈ V . Consider the map ϕv : V → C given by ϕv (x) = vx for x ∈ V . Since V is closed
under ×, we know that im(ϕv ) ⊆ V , so ϕv : V → V . Regarding V as a Q-vector space, ϕv is
a linear map. The kernel of ϕv is
{x ∈ V : ϕv (x) = 0} = {x ∈ V : vx = 0},
but v, x ∈ V and v 6= 0 by assumption, which shows that ker(ϕv ) = {0}. In other words, the
nullity of ϕv is 0, and hence, by rank-nullity theorem, the rank of ϕv is dimQ (V ). Therefore,
 M3P11: GALOIS THEORY 5

dim im ϕv = dimQ (V ) and im ϕv ⊆ V , which shows that im ϕv = V . Hence ϕv is surjective.

Thus there exists w ∈ V such that vw = ϕv (w) = 1 ∈ V , which shows that 1/v ∈ V . 
Remark. In the language of commutative algebra, we have just proved that if R is an
integral domain, finite-dimensional over a subfield K, then R is a field.

Tedious interlude about polynomial rings over a field. If R is a ring2, we will denote
by R[x] the ring of polynomials in x with coefficients in R. Formally, an element of R[x] is
a finite formal sum
r0 + r1 x + r2 x2 + · · · + rd xd
with d P∈ Z≥0 . The P
addition, subtraction, and multiplication is defined in the obvious sense:
if f = ri xi , g = si xi , then
i i
X
f ±g = (ri ± si )xi
i
X
fg = tk xk
k
d
ri xi , then we set ri = 0 if i > d.
P P
with tk = ri sj , where, by convention, if f =
i+j i=0

Tedious check: R[x] is indeed a ring.

Remark (technical but important). A polynomial f (x) ∈ R[x] gives a function: f (x) =
d d
ai xi and if r ∈ R, the we can define f : R → R by f (r) = ai ri ∈ R. However, in
P P
i=0 i=0
this generality, different polynomials can give rise to the same function! For example, if
R = Z/2Z = {0, 1}, the different polynomials
f (x) = x
g(x) = x2
give rise to the same function R → R, the identity, and in fact
Y
x2 − x = (x − 0)(x − 1) = (x − λ).
λ∈R

Polynomial facts and definitions.

The degree of a polynomial is the largest power of x with a non-zero coefficient, i.e.
d
!
X
deg ai xi = d if ad 6= 0.
i=0
d
ai xi of degree d, we say that f is monic if ad = 1. The leading coefficient of f (x)
P
If f (x) =
i=0
is the coefficient of xd for d = deg(f ) and the constant coefficient is the coefficient of x0 .
For example, take R = R. The degree of x2 + 2x + 3 is 2, the degree of f (x) = 7 is 0. The
zero polynomial f (x) = 0 has, by convention, degree −∞.
2We will mostly be concerned with the case when R is a field, but the following will work over a ring.
6 KEVIN BUZZARD

We will now look at the internal structure of a ring K[x] where K is a field. Crucial
observation: we can do division with remainder.
Lemma 1.3. If K is a field and f, g ∈ K[x] with g 6= 0, then there exist polynomials
q, r ∈ K[x] with deg(r) < deg(g) and f = q · g + r. Furthermore, q and r are unique (up to
multiplication by units).

Proof. For existence, use induction on deg(f ). For uniqueness, use the fact that if s(x) is a
multiple of g(x) but deg(s(x)) < deg(g(x)), then s = 0. 
Remark. Division with remainder can fail for polynomials over a general ring. For example,
in Z[x] set f (x) = x2 and g(x) = 2x.

By Lemma 1.3, we get the Euclid’s algorithm holds for polynomial rings K[x] that allows us
to find greatest common divisors of polynomials.
Corollary 1.4 (Euclid’s algorithm). Euclid’s algorithm holds for polynomials over a field:
we have
f = q1 g + r1 deg(r1 ) < deg(g)
g = q2 r1 + r2 deg(r2 ) < deg(r1 )
..
.
rn−1 = qn rn + 0 deg(rn ) < deg(rn−1 )
and rn is the greatest common divisor.

In a polynomial ring K[x], the units are the non-zero constant polynomials f (x) = c 6= 0.
Upshot: highest common divisors are only defined up to units. We can use this to our
advantage—we can always find a greatest common divisor which is monic, i.e. it has leading
term equal to 1.
We get the following corollary from Euclid’s algorithm.
Corollary 1.5. If h = gcd(f, g), then there exist polynomials λ(x) and µ(x) such that
h = λf + µg.
Theorem 1.6. If K is a field, then any polynomial 0 6= f (x) ∈ K[x] can be written as:
f (x) = c × p1 × · · · × pn
for c 6= 0, c ∈ K, and pi irreducible polynomials. Moreover, the factorization is unique up to
reordering and scaling.

What is an irreducible polynomial?

Definition. Fix a field K and say f (x) ∈ K[x] is a polynomial. Then f (x) is irreducible if

(1) f (x) 6= 0,
(2) f (x) 6= constant,
(3) if f = gh with g, h ∈ K[x], then either g or h is constant.
 M3P11: GALOIS THEORY 7

Example. Is x2 + 1 irreducible? It depends on the field K. For K = C, it is not; indeed,

x2 + 1 = (x − i)(x + i). For K = Q, it is irreducible. If it factored as f = gh with g, h
non-constant, then deg(g) = deg(h) = 1, but the linear factors give rise to roots of x2 + 1,
and x2 + 1 has no roots in Q.
However, this method could fail. For example, the polynomial f (x) = x4 + 5x2 + 4 ∈ Q[x] is
reducible: f (x) = (x2 + 1)(x2 + 4), but it has no roots in Q.

We need tricks to factor polynomials and check for irreducibility. Recall that finding a
linear factor of f is essentially the same as finding a root of the polynomial. When does a
polynomial have a root? That depends very much on the field K.

(1) Let K = C. If deg(f ) ≥ 1, f ∈ C[x], then f always has a root by the fundamental
theorem of algebra. As a consequence, f ∈ C[x] is irreducible if and only if f is linear.
(2) Let K = R. If deg(f ) is odd, then f has a root.
d
ci xi . Does f have a root a/b ∈ Q? By clearing
P
(3) Let K = Q. Say f (x) =
i=0
denominators, we can assume that f (x) ∈ Z[x], i.e. ci ∈ Z for all i. Suppose x = a/b
is a root with a, b ∈ Z coprime. Substituting in f (x), we get
d
X ai
ci i = 0
i=0
b

and multiplying by bd , we get

c0 bd + c1 abd−1 + c2 a2 bd−2 + · · · + cd−1 ad−1 b + cd ad = 0.
Hence
c0 bd = −(ac1 bd−1 + c2 abd−2 + · · · ) = mulitple of a
but a, b are coprime, so a divides c0 . Similarly, b divides ca ad and hence b divides cd .
Therefore, if c0 , cd 6= 0, there are only finitely many possibilities for a/b: check them
all!3

Unfortunately, it is not just about finding roots. For example, x2 − 2 ∈ Q[x] has no roots
in Q and is irreducible, but (x2 − 2)2 ∈ Q[x] has no roots in Q either, but it is reducible.
Here is another technique.
Proposition 1.7 (Gauss’s Lemma). If f ∈ Z[x] and f factors as f = gh with deg(g) =
m ≥ 0, deg(h) = n ≥ 0, and g, h ∈ Q[x], then it factors as f = g 0 h0 with deg(g 0 ) = m,
deg(h) = n, and g 0 , h0 ∈ Z[x].

Proof. Since g, h ∈ Q[x], by clearing denominators, there exists N ∈ Z≥1 such that N f
can be factored as the product of two polynomials in Z[x] of degrees m and n. Let M be
the smallest positive integer such that M f = GH with deg(G) = m, deg(H) = n, and
G, H ∈ Z[x]. We claim that M = 1. Assume for a contradiction that M > 1 and let p be a
prime factor of M .

3Note that cd 6= 0 if deg(f ) = d and if c0 = 0, then x divides f .

8 KEVIN BUZZARD

We claim that eitherPall the coefficients of G are multiples of p, or all the coefficients of H
i j
P
are. If not, set G = ai x , H = bj x and say α ≤ m is the smallest integer such that aα
i i
is not a multiple of p and say β ≤ n is the smallest integer such that bβ is not a multiple
of p. Consider the coefficient of xα+β in M f = GH:
a0 bα+β + a1 bα+β−1 + · · · + aα bβ + aα+1 bβ−1 + · · · + aα+β b0 .
But aα bβ is not a multiple of p and ai is a multiple of p for i < α, bj is a multiple of p
for j < β. Hence the coefficient of xα+β in M f is not a multiple of p, which contradicts p|M
and f ∈ Z[x]. Hence either all the ai or all the bj are multiples of p.
Without loss of generality, suppose all the ai are multiples of p. Then setting G0 = G/p ∈
Z[x], we get that Mp f = G0 H, contradicting the minimality of M . 
d
ai xi . If there exists
P
Corollary 1.8 (Eisenstein’s criterion). Let f (x) ∈ Z[x] and f (x) =
i=0
a prime number p such that

(1) p 6 | ad ,
(2) p | ai for 0 ≤ i < d,
(3) p2 6 | a0 ,

then f (x) is irreducible in Q[x].

Proof. Assume f factors in Q[x] as f = gh, deg g = m, deg h = n, m, n ≥ 1 and seek a

contradiction. By Gauss’s Lemma 1.7, we can assume that g, h ∈ Z[x]. Then set
m
X
g= bi x i ,
i=0

n
X
h= cj x j .
j=0

Then the leading coefficient of f is bm cn = ad which is not a multiple of p by (1). Hence bm

and cn are not multiples of p. Set
β = smallest i such that p 6 | bi ,

γ = smallest j such that p 6 | cj .

Using the same trick as in Gauss’s Lemma 1.7, we obtain that p 6 | aβ+γ . Hence β + γ = d
by (2). Hence β = m and γ = n, since β ≤ m, γ ≤ n. In particular, p|b0 and p|c0 , since
m, n ≥ 1, and hence p2 |b0 c0 = a0 , contradicting (3). 
Example. The polynomial x100 − 2 is irreducible in Q[x]. To see this, use the Eisenstein’s
criterion 1.8 with p = 2.
If p is prime, then f (x) = 1 + x + · · · + xp−1 is irreducible in Q[x]. To see this, apply
Eisenstein’s criterion 1.8 to f (x + 1).
 M3P11: GALOIS THEORY 9

2. Field extensions

In this chapter, we will analyze the situation where we have two fields K ⊆ L. (Given L,
construct some K’s, and given K, construct some L’s.)
Let us start with a fundamental property of subfields.
Proposition 2.1. If L is a field and Ki (finitely or infinitely many) are subfields of L, then
\
M= Ki = {λ ∈ L : λ ∈ Ki for all i}
i

is also a subfield.

Proof. By Proposition 1.1, we need to check that 0, 1 ∈ M and if a, b ∈ M , then so is a + b,

a − b, ab, and, if b 6= 0, a/b. But this is clear. Since Ki are fields for all i, 0, 1 ∈ Ki for all i,
and hence 0, 1 ∈ M . If a, b ∈ M , then a, b ∈ Ki for each i, and hence a + b, a − b, ab, and, if
b 6= 0, a/b are in Ki for each i, and therefore also in M . 

Consequence: If L is a field and S ≤ L is a subset, we can consider every subfield of L

containing S (such subfields exist, e.g. L itself). Then by Proposition 2.1, the intersection
of all of them is also a subfield of L containing S. The intersection is hence the subfield of L
generated by S.
Note that this definition is highly non-constructive. For example, let L = C and S = {π}.
What are all subfields of L containing S? Goodness knows.
Another question we can ask: given a field L, what is the intersection of all subfields of L?4
Let us try and figure this out. We start with a field L. If K ≤ L, then by definition 0, 1 ∈ K
and 0 6= 1. We also know that K is a group under + with identity 0. We know that 1+1 ∈ K,
1 + 1 + 1 ∈ K, −(1 + 1 + 1) ∈ K etc. More formally, we have a group homomorphism
θ: Z → K
such that θ(0Z ) = 0K , θ(n) = 1K + 1K + · · · + 1K for n > 0, and θ(−n) = −θ(n) for n > 0.
| {z }
n times
The image of θ will be the cyclic subgroup of L generated by 1. Let us call this cyclic
subgroup C ≤ L and the argument above shows that any subfield K ≤ L contains C.
Examples.

(1) Let L = Z/pZ for a prime number p. This is a field and C = Z/pZ, so the only
subfield of L is L itself.
(2) Let L = C. Then C = Z ⊆ C. Note that C is not a subfield, it is only a subring.

The examples above show that θ : Z → L that θ might or might not be injective.

Case 1. θ is not injective.

4For a group, the intersection of all its subgroups is the trivial subgroup. However, for a field, we assume
that 0 6= 1, so this intersection will be non-trivial.
 10 KEVIN BUZZARD

Then ker θ is a subgroup of Z and this subgroup is not {0}. This means that
the subgroup ker θ must be nZ, i.e. multiples of n, where n is the smallest positive
element of ker θ. By the first isomorphism theorem:
C = im θ = Z/nZ.
What can we say about n? Recall that C ≤ L and L is a field. First, n 6= 1;
otherwise 0 = θ(1) = 1. Furthermore, n cannot be composite. Otherwise, n = ab
with 1 < a, b < n, and then θ(a) 6= 0, θ(b) 6= 0, but θ(a)θ(b) = θ(ab) = θ(n) = 0.
This cannot happen in a field. Therefore, n is prime and set n = p.
Then C ∼ = Z/pZ and C is contained in any subfield of L. But in this case C is a
field, and hence the intersection of all subfields of L must be C ∼
= Z/pZ.
In this case, we say that L has characteristic p. Note that L has characteristic p if
and only if |1 + 1 +{z· · · + 1} = 0.
p times
Case 2. θ is injective.
Then C ∼ = Z ≤ L. In this case, C is not a field. But L is a field, so we can do
division in L. This means that L must contain a copy of Q. (If mn
∈ Q, n 6= 0, then L
contains θ(m) and θ(n) 6= 0, and thus also θ(m)/θ(n). We call this m n
.) Of course, if
K ≤ L is a subfield, then C ⊆ K, so K also contains a copy of Q.
Upshot: Q ≤ L and Q is the intersection of all subfields of L.
If Q ≤ L, we say L has characteristic 0.
Examples (characteristic p fields that are not Z/pZ). Let K = Z/3Z and note that x2 = −1
has no solution. Set L = Z/3Z[i] = {a + bi : a, b ∈ Z/3Z} with i2 = −1. Check: L is a field
and L 6= C. Then L 6= Z/9Z, but #L = 9.
There are also infinite examples. Let k be the field Z/pZ and k[X] be the polynomial ring.
Then k[X] is an integral domain and its field of fractions k(X) = {f (x)/g(x) : f, g ∈ k[X]} is
an infinite field of characteristic p. Another example would be the algebraic closure of Z/pZ.
Definition. The prime subfield of a field L is the intersection of all subfields of L.

We have shown that the prime subfield of L is isomorphic to Z/pZ (characteristic p) or Q

(characteristic 0).
Here is an application of Proposition 2.1 we will see most often:
Suppose L is a field, K ⊆ L is a subfield, and say S = {a1 , a2 , . . . , an } (or even S =
{a1 , a2 , a3 , . . .}) is a subset of L. We are interested in the smallest subfield of L that con-
tains K and S. It exists by Proposition 2.1. We use the notation
K(a1 , a2 , . . . , an ) = smallest subfield of L contatining K and S = {a1 , a2 , . . . , an },

K(a1 , a2 , . . .) = smallest subfield of L contatining K and S = {a1 , a2 , . . .}.

√ √
100
Example.
√ √ Take K = Q and L = C. What is Q( 2), Q(i), Q( 2), Q(π)? What about
Q( 2, 3)?
Fact (Lindemann). If p(X) ∈ Q[X] is a polynomial and p(π) = 0, then p(X) = 0, i.e. π is
transcendental.
 M3P11: GALOIS THEORY 11

Easy observation:
If K ⊆ L, a ∈ L, and M = K(a) ⊆ L, then M has the following property: if p(X) ∈ K[X],
then p(a) ∈ M .
(Why? Say N ≤ L is any subfield such that K ⊆ N and a ∈ N . Then p(X) = c0 + c1 x +
· · · + cd xd with ci ∈ K ⊆ N , and ci ai ∈ N , since a ∈ N (closed under multiplication), so
p(a) ∈ N (closed √ under addition).)
√ √
For example: 100
2 + 3( 100 2)2 ∈ Q( 100 2), π + 9π 2 + 4 ∈ Q(π).
(Exercise: If p(X1 , . . . , Xn ) ∈ K[X1 , . . . , Xn ], then p(a1 , . . . , an ) ∈ K(a1 , . . . , an ).)
√
Example. Let us work out Q( 2). By the easy observation above, we know that
√ √
Q( 2) ⊇ {a + b 2 : a, b ∈ Q}.
√ √
We claim that Q( 2) = {a+b 2 : a, b ∈ Q}. Why? Because the right √ hand side is a subring
of C with dimension at most 2 as a vector space over Q, since 1, 2 span it. Therefore, by
Proposition 1.2, the right hand side is a field. Therefore, equality must hold.
Example. Now say α100 = 2 and α ∈ R>0 . By the same argument
Q(α) ⊇ {a0 + a1 α + · · · + a99 α99 : ai ∈ Q},
and the right hand side is a ring and hence a field by Proposition 1.2 and hence equality
holds.5
Example. Note that Q(π) ⊆ C. Clearly, Q(π) ⊇ {f (π) : f (X) ∈ Q[X]} = R. In fact,
the map Q[X] → R sending f (X) 7→ f (π) is an isomorphism of rings. This is different
from the previous cases, because π is transcendental. In this case, dimQ (R) = ∞, because
{1, π, π 2 , . . .} is an infinite subset, linearly independent over Q. Therefore, we cannot use
Proposition 1.2, and indeed it is easy to check that π1 6∈ R even though π1 ∈ Q(π). In fact,
one can check that
 
f (π)
Q(π) = : f (X), g(X) ∈ Q[X], g(X) 6= 0 ,
g(π)
the field of fractions of R.
Definition. An element a ∈ C is algebraic over Q if there exists 0 6= p(X) ∈ Q[X] such that
p(a) = 0. Otherwise, a is transcendental.

Moral of this lecture: Q(a) depends on whether a is algebraic or transcendental.

We can generalize the definition to other fields than Q.
Definition. Say K ⊆ L are fields. If a ∈ L, we say a is algebraic over K if there exists
0 6= p(x) ∈ K[x] such that p(a) = 0. We say L is algebraic over K, or that the extension L/K
is algebraic if every a ∈ L is algebraic over K.
Remarks.
(1) “L/K” is pronounced “L over K” and it is not a quotient: it just means K ⊆ L.
(2) Whether or not a ∈ L is algebraic depends strongly on K. For example a = π ∈ L = C
is not algebraic over Q, but π is algebraic over R—it is a root of x − π ∈ R[x].
5Note that we only know that dimQ (RHS) ≤ 100. We will only be able to check whether equality holds
or not later.
12 KEVIN BUZZARD

Exercise. Show that C is algebraic over R. Hint: if z ∈ C, then (x − z)(x − z) ∈ R[x].

We will now see that if a ∈ L is algebraic over K, there is a best polynomial p(x) ∈ K[x]
such that p(a) = 0.
Proposition 2.2 (Existence of the minimal polynomial). Say K ⊆ L are fields and a ∈ L
is algebraic over K. Then there exists a unique monic irreducible p(x) ∈ K[x] such that
p(a) = 0. This p(x) is called the minimal polynomial of a over K. Furthermore, if p(x) is
the minimal polynomial of a, then for every f (x) ∈ K[x] such that f (a) = 0, we have that
p(x) divides f (x).

Proof. The proof contains one idea. Let d be the smallest degree of all the polynomials
q(x) ∈ K[x], q(x) 6= 0, such that q(a) = 0. Choose p(x) ∈ K[x] such that deg(p(x)) = d and
p(a) = 0. By scaling (p(x) 7→ λp(x)), we may assume that p(x) is monic.
We claim that p(x) is irreducible. For certainly p(x) is non-constant (as p 6= 0 and p(a) = 0),
and if p(x) = q(x)r(x) with deg(q) < d, deg(r) < d, then q(a)r(a) = p(a) = 0 and (because L
is a field) q(a) = 0 or r(a) = 0. This contradicts the minimality of d.
Next, say f (x) ∈ K[x] and f (a) = 0. We write
f (x) = q(x)p(x) + r(x)
with deg(r) < d = deg(p). Then 0 = f (a) = q(a)p(a) + r(a) = r(a), so, by definition of d,
we must have r(x) = 0. Therefore, f (x) = q(a)p(x), a multiple of p(x).
Finally, if p1 (x) is a second monic irreducible polynomial with p1 (a) = 0, then p(x) di-
vides p1 (x) by what we just showed, and therefore p1 (x) = c · p(x) for some constant c ∈ K.
But they are both monic, so c = 1, and hence p1 (x) = p(x). 
Example. Say α = 21/100 ∈ R>0 . Then α is algebraic over Q, since α is a root of x100 − 2 ∈
Q[x]. What is the minimal polynomial of α? Well, p(x) = x100 − 2 is monic and irreducible
over Q by Eisenstein’s criterion 1.8. By Proposition 2.2, x100 − 2 must be the minimal
polynomial of α.

Here then are some important facts about K(a).

Proposition 2.3. Say K ⊆ L and a ∈ L.
(a) If a is algebraic over K, then K(a) is finite-dimensional as a K-vector space, and
dimK (K(a)) = d is the degree of the minimal polynomial of a, and a K-basis for
K(a) is {1, a, a2 , . . . , ad−1 }.
(b) If a is not algebraic over K, then K(a) has infinite dimension as a K-vector space.6

Proof. Part (b) is easy: K(a) 3 1, a, a2 , a3 , . . . and a is not algebraic over K, so this is an
infinite linearly independent7 set.
For part (a), let p(x) be the minimal polynomial of a over K. Say p(x) = xd + · · · has
degree d ≥ 1. Consider the K-vector subspace V of L spanned by 1, a, a2 , . . . , ad−1 . Then V
is clearly an abelian group under addition and 0, 1 ∈ V . Say v, w ∈ V . Write v = f (a),
6In fact, K(a) ∼
= Frac(K[x]).
7No finite non-trivial linear combination is 0.
 M3P11: GALOIS THEORY 13

w = g(a) for f (x), g(x) ∈ K[x] with deg(f ), deg(g) ≤ d − 1. Set h(x) = f (x)g(x) so that
vw = h(a). But h(x) = q(x)p(x) + r(x) with deg(r) < d, and therefore h(a) = 0 + r(a), so
vw = r(a) ∈ V . Therefore, V is closed under multiplication. Moreover, dimK (V ) ≤ d and
we can use Proposition 1.2 to conclude that V is a subfield of L.
Now, {1, a, . . . , ad−1 } is a spanning set for K(a) as a vector space over K. For linear inde-
pendence, note that if λi ∈ K, not all zero, and
d−1
X
λi ai = 0,
i=0
d−1
λi xi . Then f (a) = 0 and, by Proposition 2.2, f (x) is a multiple of p(x),
P
then set f (x) =
i=0
but f (x) < d, so f (x) = 0, and λi = 0 for all i. 
Remark. There is an evaluation map K[x] → K(a) given by f (x) 7→ f (a). If a is transcen-
dental, this map is injective and not surjective (for example 1/a is not in the image). On
the other hand, if a is algebraic, the map is surjective (as 1, a, . . . , ad−1 is a basis for K(a))
and not injective (for example, if p(x) is the minimal polynomial of a, then p(x) goes to
p(a) = 0). Note that K[x] and K(a) are both K-vector spaces, and the evaluation map is
K-linear. In fact, they are also rings and the evaluation map is a ring homomorphism.
What is the kernel of the map for a algebraic? By definition, it is
{f (x) ∈ K[x] : f (a) = 0}.
Let p(x) be the minimal polynomial of a. Obviously, if f (x) is a multiple of p(x), say
f (x) = p(x)q(x), then f (a) = p(a)q(a) = 0 × q(a) = 0, so f (x) is in the kernel. Conversely,
if f (x) is in the kernel, then f (x) is a multiple of p(x) by Proposition 2.2.
Upshot: the kernel of the evaluation map f (x) 7→ f (a) is the multiples of p(x) in K[x], i.e.
the principal ideal generated by p(x).

What just happened? Given the data L, K ⊆ L, a ∈ L algebraic over K, we built the
minimal polynomial p(x) ∈ K[x] and a field K(a) containing K and a.
Question. Say K is a field and p(x) ∈ K[x] is an irreducible polynomial. Can we build a in
some bigger field L, with minimal polynomial p(x), and then build K(a)?
Example (K = Q). Let p(x) = x10 +5x+5, which is irreducible by Eisenstein’s criterion 1.8.
Idea: take L = C. Since C is algebraically closed, we can find a root a ∈ C of p(x).
Then a is algebraic over Q and by Proposition 2.2 there exists a unique monic irreducible
polynomial q(x) such that q(a) = 0, the minimal polynomial. Hence, it must be p(x).
Therefore, K(a) = Q(a) ⊆ C and by Propositon 2.3, it has a Q-basis 1, a, . . . , a9 .
Example (K = Z/2Z = {0, 1}). Let p(x) = x3 + x + 1. Then p(0) = 1, p(1) = 1, so p(x) is
irreducible (since it has degree 3).
There is no ring homomorphism Z/2Z → C, since 0 7→ 0, 1 7→ 1, so 1 + 1 = 0 7→ 1 + 1 = 2,
a contradiction. Therefore, we cannot use the same argument as in the example for K = Q.

Here is what we can do instead. By the remark earlier, if L exists, then there is a map
K[x] → K(a) with kernel I = {multiples of p(x)}. Then the first isomorphism theorem
14 KEVIN BUZZARD

shows that
K(a) = K[x]/I.
For the right hand side, we only need K and p(x).
Theorem 2.4. Let K be a field and let p(x) ∈ K[x] be an irreducible polynomial. Let
I ⊆ K[x] be the ideal (or at least a subgroup under addition, if you do not know what an ideal
is) consisting of multiples of p(x). Then the quotient K[x]/I is naturally a field containing K.
Let us call it L. Let a ∈ L be the image of the polynomial x (i.e. a = x + I ∈ K[x]/I). Then
a is a root of p(x) in L and so, in particular, p(x) is the minimal polynomial of a over K.
The K-dimension of L is d = deg(p(x)).

Proof. Note that K[x]/I is a quotient group, so it is certainly a group under +.

Multiplication. Given f + I and g + I in K[x]/I, define the product to be f g + I. Note:
if we change f to f˜ = f + i with i ∈ I, then f + I = f˜ + I, but f˜g = (f + i)g = f g + ig.
However, ig is a multiple of p(x), so it is in I, and hence
f˜g + I = f g + I.
Similarly for a different choice g̃ of g.
It is easy to check that K[x]/I is now a ring (axioms are inherited from K[x]).
Next, we claim that 1, a, a2 , . . . , ad−1 is a K-basis for K[x]/I, where d = deg(p(x)).
Spaning. If f + I ∈ K[x]/I, then f = qp + r with deg(r) < d, and f + I = r + I, since
d−1 d−1
λi xi , then f + I = r + I = λi ai , since a = x + I.
P P
qp ∈ I. If r(x) =
i=0 i=0

d−1 d−1
µi ai = 0, then this is the same as saying µi xi ∈ I, which is a
P P
Linear independence. If
i=0 i=0
multiple of p(x), so µi = 0 for all i.
Finally, p(a) = p(x) + I = I, the zero of K[x]/I.
We have to show L is a field, i.e. non-zero elements have inverses. We will mimic the proof
of Proposition 1.2. Take 0 ≤ λ ∈ L and define ϕλ : L → L by ϕλ (t) = λt, a K-linear map.
We need to show ϕλ is injective (so it will be surjective by rank-nullity theorem). So suppose
that ϕλ (t) = 0 and write λ = f + I, t = g + I, f, g ∈ K[x]. Then λ 6= 0 if and only if
f + I 6= 0 if and only if f 6∈ I, i.e. f is not a multiple of p. But λt = ϕλ (t) = 0 means that
f g + I = I so f g is a multiple of p. Hence g must be a multiple of p (i.e. g ∈ I), since f is
not and p is irreducible. Therefore, t = 0 in L, as requested. 

Notation: if K, L, M are fields and K ⊆ L, K ⊆ M , we write

HomK (L, M ) = {f : L → M a homomorphism of fields such that f|K = identity}.

Good exercise:
HomR (C, C) = {id, complex conjugation}.
Lemma 2.5. Let K be a field, p(x) ∈ K[x] an irreducible polynomial. Then let K ⊆ L :=
K[x]/I and a ∈ L is the image of x, i.e. x + I. If M is any field containing a copy of K
 M3P11: GALOIS THEORY 15

and b ∈ M is a root of p(x) in M , then there is a unique field map α : L → M such that
α(k) = k for all k ∈ K, and α(a) = b. This map is an injection. The image of α is the
subfield K(b) of M . In particular, if M = K(b), then α is an isomorphism. If M ⊇ K is
any field, then there is a natural bijection
HomK (L, M ) ←→ {roots of p(x) in M }

(β : L → M ) 7−→ β(a) ∈ M.

Proof. Existence. Given M 3 b, how to build α : L → M ? Consider the evaluation map

K[x] → M given by f (x) 7→ f (b). What is the kernel? If b is a root of p(x), then p(x) is in
the kernel, so I ⊆ ker(α), and therefore we get an induced map L = K[x]/I → M .
Uniqueness. Suppose α0 is a K-map L → M such that α0 (a) = b. Since α0 is a field map,
α0 (ai ) = bi for all 0 ≤ i < d, and α0 (k) = k for all j ∈ K. Therefore, α0 is a K-linear map
that agrees with α on a K-basis; hence α0 = α.
Injectivity follows from the general fact: if ϕ : L → M is a map of fields, then ϕ is injective.
Indeed, if 0 6= λ, ϕ(λ) = 0, then ϕ(1) = ϕ(λ)ϕ(1/λ) = 0 · λ(1/λ) = 0. But ϕ(1) = 1 6= 0, a
contradiction.
Image of α. Think of L and M as K-vector spaces. Then L is spanned by 1, a, a2 , . . . , ad−1 ,
so im α is spanned by 1, b, b2 , . . . , bd−1 , a K-basis for K(b) ⊆ M by Proposition 2.3. In
particular, if M = K(b), then α is injective and surjective.
Finally, let us write down maps
HomK (L, M ) ←→ {roots of p(x) in M }
both ways and check they are inverses to each other. We have already seen ‘left to right’:
send β : L → M to β(a). This works because p(a) = 0 in L, so β(p(a)) = p(β(a)) = 0 in M .
(Note that β ◦ p = p ◦ β because β is a field map and p is a polynomial.) ‘Right to left’: we
have just done this! Send b to α. Easy check: these are inverse bijections. 

Say K ⊆ L are fields. Then L becomes a vector space over K (check the axioms). Now say
K ⊆ L ⊆ M are all fields. What is the relationship between [M : K], [M : L], and [L : K]?
Theorem 2.6 (Tower law). If K ⊆ L ⊆ M , then [M : K] = [M : L][L : K].

Proof. This is true even when some dimensions are infinite, but we will just show that if
[M : L] = m < ∞ and [L : K] = n < ∞, then [M : K] = mn < ∞. The infinite case can be
found on Problem Sheet 2, Exercise 7.
In the finite case, let {e1 , e2 , . . . , em } be an L-basis for M and {f1 , f2 , . . . , fn } be a K-basis
for L. The idea of the proof is to set gij = ei fj for 1 ≤ i ≤ m, 1 ≤ j ≤ n. We claim that gij
are a basis for M as a K-vector space.
Spanning. Take any v ∈ M . By definition of {ei }, we can write
m
X
v= λi ei for λi ∈ L.
i=1
16 KEVIN BUZZARD

By definition of {fj }, each λi ∈ L can be written

n
X
λi = µij fj for µij ∈ K.
j=1

Putting this together, we obtain

X X
v= µij ei fj = µij gij for µij ∈ K.
i,j i,j

Linear independence. Say we have µij ∈ K such that

X
µij gij = 0.
i,j

Expand out to get: !

m
X n
X
µij fj ei = 0.
i=1 j=1
| {z }
λi ∈L
By linear independence of {ei }, we obtain
Xm
µij fj = λi = 0,
j=1

so by linear independence of {fj }, we obtain µij = 0 for all i and j. 

√ √
Example. We have√that [Q( 2 : Q]√= 2, since the minimal polynomial of √ 2 over Q is
X 2 − 2. Also, i 6∈ Q( 2) as i 6∈ R, i = −1, so its minimal polynomial over Q( 2) is X 2 + 1.
Therefore, √ √
Q( 2, i) = Q( 2)(i)
√
has dimension 2 over Q( 2), and the Tower law 2.6 tells us
√
[Q( 2, i) : Q] = 4.
√ √ √
In fact, the proof of the Tower law tells us that {1, 2, i, i 2} is a Q-basis for Q( 2, i).

Reminder: If K ⊆ L, then we say the extension L/K is algebraic if every λ ∈ L is algebraic

over K.
√
A priori, checking that L/K is algebraic seems hard. √
For instance,
√ to check that Q( 2, i)
is algebraic over Q, we would have to check that 3i − 2 + 7 2i is a root of a polynomial
with coefficients in Q. This is far from immediate, but fortunately, we can give a (non-
constructive) proof.
Corollary 2.7.

(1) If K ⊆ L are fields and [L : K] < ∞, then L/K is algebraic.

(2) If K ⊆ L are fields and a1 , a2 , . . . , an ∈ L are all algebraic over K, then
[K(a1 , a2 , . . . , an ) : K]
is finite.
 M3P11: GALOIS THEORY 17

(3) If K ⊆ L are fields and a, b ∈ L are algebraic over K, then so are a + b, a − b, ab,
and, if b 6= 0, a/b.

Proof. For (1), say λ ∈ L. Then K ⊆ K(λ) ⊆ L. By assumption dimK L < ∞, hence
dimK (K(λ)) ≤ [L : K] < ∞ is also finite. Hence λ is algebraic by Proposition 2.2.
For (2), recall that by Proposition 2.2 we know that [K(a1 ) : K] < ∞. Note that a2 is
algebraic over K by definition, so a2 is algebraic over the larger field K(a1 ). Again, by
Proposition 2.2 we know that [K(a1 )(a2 ) : K(a1 )] < ∞, so by the Tower law 2.6, we have
[K(a1 , a2 ) : K] < ∞.
We continue by induction on n to prove (2).
For (3), we know that a is algebraic over K, so [K(a) : K] < ∞, and b is algebraic over K,
so it is algebraic over K(a), and hence [K(a, b) : K(a)] < ∞. Now, by the Tower law 2.6, we
get that
[K(a, b) : K] < ∞,
and by (1), K(a, b) is algebraic over K. But a + b, a − b, ab, and, if b 6= 0, a/b are all in
K(a, b), so they are algebraic over K. 
√ √
Example. Note that √5 7 and √5 11 both have degree 5 over Q (to prove this, use Eisenstein’s
criterion
√ √ 1.8). Hence 5 7 and 5 11 is algebraic over Q, and one can check that the degree of
5
7 + 5 11 over Q is at most 25. Can you find its minimal polynomial? Probably not without
a computer.
Corollary 2.8. If K is a field and p(x) ∈ K[x] is a polynomial, then there exists a finite
extension L/K (i.e. K ⊆ L, L a field, and [L : K] finite) such that p(x) factors into linear
factors over L.

Proof. Use the abstract root adjoining method (Lemma 2.5) to throw in one root of one
irreducible factor of p(x). This extension is finite over K by Corollary 2.7, so we can finish
the proof by induction on the degree of p(x) and using the Tower law 2.6. 
Proposition 2.9. If K ⊆ L ⊆ M and both L/K and M/L are algebraic, then M/K is
algebraic.
Remark. In Problem Sheet 2, Exercise 10, we see that if Q := {λ ∈ C : λ is algebraic over Q},
then Q is a subfield of C, and [Q : Q] is infinite. In particular, you can be algebraic and
infinite, and Tower law 2.6 does not imply Proposition 2.9.

Proof of Proposition 2.9. Suppose m ∈ M . Since M/L is algebraic there exists 0 6= p(x) ∈
d
λi xi , λi ∈ L. The trick is to note that
P
L[x] such that p(m) = 0. Write p(x) =
i=0

[K(λ0 , λ1 , . . . , λd ) : K] < ∞
by Corollary 2.7 (b). Moreover, m is algebraic over N = K(λ0 , λ1 , . . . , λd ), since p(x) ∈ N [x],
so
[K(λ0 , . . . , λd , m) : N ] < ∞
18 KEVIN BUZZARD

and [N : K] < ∞, so by the Tower law 2.6

[K(λ0 , . . . , λm , m) : K] < ∞
and hence m is algebraic over K. 

3. Straightedge and compass construction

The ancients were interested in numbers as lengths, and operations involving numbers as
constructions.
Tools:

(1) long straight object (could use it to draw a line between two points),
(2) pair of compasses (given points A and B in a plane, they could draw a circle centered
at A going through B).

Can make new points from old by looking at where lines and circles intersect.
Example: They could drop a perpendicular, take square roots, divide a length by any natural
number!
To get a feeling for what you can do, go to euclidthegame.com.
Things the Greeks could not do:
◦
(1) Trisect an angle (e.g. construct cos(20
√ )).
3
(2) Duplicate the cube (i.e. construct 2).
(3) Square the circle (i.e. construct π).

In fact, none of these things are possible with ruler and compasses!
Rules: If S ⊆ R2 is a finite set of points, we say p ∈ R2 is constructible in one step from S
if we can draw a finite set of circles, with center s0 ∈ S and radius equal to dist(s1 , s2 ),
s1 , s2 ∈ S, and lines going through two distinct points of S, such that p is the intersection
of two of these.
We say p ∈ R2 is constructible from S, if there exist p1 , p2 , . . . , pn = p all in R2 such that pi+1
is constructible in one step from S ∪ {p1 , p2 , . . . , pi }.
Typically, we start with
S = {(0, 0), (1, 0)}.
We can certainly then construct (q, 0) for all q ∈ Q and (cos 60◦ , sin 60◦ ) etc.
The following lemma is the key to this whole chapter.
Lemma 3.1. Suppose S = {(x1 , y1 ), (x2 , y2 ), . . . , (xn , yn )} and p = (α, β) is constructible in
one step from S. Let K = Q(x1 , y1 , . . . , xn , yn ). Then [K(α) : K] ≤ 2 and [K(β) : K] ≤ 2.

Proof. Recall that p is either the intersection of two lines through points in S, or the inter-
section of a line and a circle, or the intersection of two circles.
 M3P11: GALOIS THEORY 19

Case 1. Two lines. Lines will be defined by equations of the form λx + µy = 1 and lines go
through two points in S. Then λ, µ ∈ K. Hence the intersection of two such lines is (α, β)
with α, β ∈ K.
Case 2. A line and a circle. Substitute the equation for a line into the equation for a circle
and end up proving that α is a root of a quadratic equation with coefficients in K. If it
factors, α ∈ K. If it does not, [K(α) : K] = 2 by Proposition 2.3.
Case 3. Two circles. They are of the form

(1) x2 + y 2 + ax + by + c = 0, a, b, c ∈ K,
(2) x2 + y 2 + dx + ey + f = 0, d, e, f ∈ K.

The miracle is that (1)−(2) is linear, so solving (1) and (1)−(2) at the same time is the
previous case.
In all cases, [K(α) : K] is 1 or 2. Same for β. 
Corollary 3.2. If p = (α, β) is constructible from S = {(x1 , y1 ), . . . , (xn , yn )} and K =
Q(x1 , y1 , . . . , xn , yn ), then [K(α, β) : K] is a power of 2.

Proof. Use Lemma 3.1, the Tower law 2.6, and observe that if [K(β) : K] = 2 then
[K(α, β) : K(α)] ≤ 2
to obtain the result. 
Corollary 3.3. If S0 = {(0, 0), (1, 0)}, then we cannot construct any of
√
(cos(20◦ ), 0), ( 2, 0), (π, 0).
3

√ √
Proof. We know that [Q( 3 2) : Q] = 3, so Q( 3 2) cannot be contained in any field L such
that [L : Q] is a power of 2, or else it contradicts the Tower law 2.6.
Since π is transcendental, [Q(π), Q] = ∞.
Finally, for a = cos 20◦ , a is algebraic of degree 3 (to see this, note that cos(3θ) is a cubic
in cos(θ) and cos(60◦ ) = 12 ), so it cannot be constructed. 

4. Splitting fields

Let E be a field, p(x) ∈ E[x] an irreducible polynomial of degree d > 1. Then p(x) has no
roots in E. In Chapter 2, we saw two methods for adding a root.
Method 1. Suppose E ⊆ L and p(x) has a root a ∈ L. Set M = E(a) which contains E
and a. Then p has a root in M .
Problem: For E ⊆ L0 and p has a root a0 ∈ L0 , set M 0 = E(a0 ) ⊇ L0 . Is M ∼
= M 0 ? This is
not clear at the beginning of Chapter 2, but is resolved by Method 2.
Method 2. Let I = (p(x)), the ideal of multiples of p(x). Then
E[x]/I
20 KEVIN BUZZARD

is a new field with a root of p. Then Theorem 2.4 and Lemma 2.5 imply that
M∼
= E[x]/I ∼
= M 0.
√
Example. Let E = Q, L = L0 = C, and p(x) = x3 − 2. We can set a = 3
2 ∈ R ⊆ C = L,
and a0 = e2πi/3 a ∈ C \ R. They are both roots of p(x), whence
M = Q(a) ⊆ R; M 0 = Q(a0 ) 6⊆ R.
Note that M 6= M 0 but M ∼
= M 0 via 1 7→ 1, a 7→ a0 , a2 7→ a02 , since they are both isomorphic
to Q[x]/(p(x)).

In this chapter, we take a field E and any non-zero polynomial p(x) ∈ E(x) of degree d, and
we want to construct a bigger field K ⊇ E such that all roots of p(x) are in K. If roots of
p(x) in K are a1 , a2 , . . . , ad , we will be interested in the field
E(a1 , . . . , ad ) = smallest subfield of K containing E and all the roots of p(x).

Technical issue: If p(x) ∈ E[x] and E ⊆ L, E ⊆ L0 , and p has roots a1 , . . . , ad ∈ L,

a01 , . . . , a0d ∈ L0 , then we would hope that
L ⊇ E(a1 , . . . , ad ) ∼
= E(a01 , . . . , a0d ) ⊆ L0 .
The general idea of the proof is induction on the number of roots we have added so far. The
problem is that the naive approach does not work.
Chapter 2 is all about irreducible polynomials. We proved that
E(a) ∼
= E(a0 ) if a, a0 are roots of an irreducible polynomial p.
If p is reducible, the technique fails. For example,√take E √ = Q, p(x) = (x3 − 2)(x3 − 3), a
0 0
reducible polynomial, and L = L = C. Then a = 2, a = 3 are both roots of p. However
√ √
3 6∈ Q(a) ∼
6= Q(a0 ) 3 3.
The problem is that the quotient E[x]/(p(x)) is not a field if p is reducible!
Terrifying thing: Let p(x) ∈ E[x] be an irreducible polynomial and E ⊆ L with a ∈ L a
root of p(x). Then K = E(a) ⊇ E. Now, consider p(x) ∈ K[x]. It is clearly reducible,
because a ∈ K is a root of p, so p(x) = (x − a)q(x) with deg(q(x)) = d − 1 in K[x].
Question: Can we prove that q(x) is irreducible?
Answer: No, because it might not be! √
Example where it is true: E = Q, p(x) = x3 − 2, a = 3 2, K = E(a). Then p(x) =
(x − a)q(x) ∈ K[x], where deg(q(x)) = 2. Since q(x) has degree 2, it is irreducible if and only
if q(x) has no roots. Does q(x) have its roots in K = Q(a)? No, because the roots (e2πi/3 a
and e4πi/3 a) of q(x) are not in R, and K ⊆ R.
5 −1
Example where it is not true: E = Q, p(x) = x4 + x3 + x2 + x + 1 = xx−1 , which is
2πi/5
irreducible over Q by Eisenstein’s criterion 1.8 (using the trick). Set ζ = e 6= 1, ζ 5 = 1,
a root of p(x). Set K = Q(ζ). In K[x], p(x) = (x − ζ)q(x) with deg(q(x)) = 3. Note
that ζ ∈ K = Q(ζ), since ζ = ζ 4 . In fact, the roots of q(x) are ζ 2 , ζ 3 , ζ 4 ∈ K = Q(ζ).
Therefore, q(x) factors into three linear factors in K.
 M3P11: GALOIS THEORY 21

Definition. Suppose E is a field and f (x) ∈ E[x] is a non-zero polynomial. We say f (x)
splits completely in E, or (for simplicity) f (x) splits in E if f (x) factors into linear factors
in E[x], i.e.
f (x) = c(x − a1 )(x − a2 ) . . . (x − ad ) with ai ∈ E.
We say L ⊇ E is a splitting field for f (x) over E if f (x) splits in L,
f (x) = c(x − a1 )(x − a2 ) . . . (x − ad ) with ai ∈ L,
and furthermore L = E(a1 , . . . , ad ).

For example, f (x) = x2 + 1 ∈ Q. Then f (x) splits in C but C is not a splitting field for f (x)
over Q. It is too big; the splitting field is Q(i).
To prove uniqueness of splitting fields up to isomorphism, we introduce a temporary defini-
tion.8
Temporary definition. Now, say E is a field, 0 6= f (x) ∈ E[x], and E ⊆ L, a field. We
say L has property (∗) for the pair (E, f (x)) if it has the following property: If E ⊆ K, a
field, then f (x) splits completely in K if and only if HomE (L, K) is non-empty.
Recall that HomE (L, K) are field homomorphisms L → K which are identity on E.
Remark. Note that if L has property (∗), then HomE (L, L) contains the identity map,
so f (x) splits completely in L.
Lemma 4.1. If E is a field and 0 6= f (x) ∈ E[x], then there exists L ⊇ E such that L has
property (∗) for (E, f (x)), and [L : E] < ∞.

Proof. Induction on deg(f ). If deg(f ) is 0 or 1, then f splits completely in E, and thus L = E

works.
Inductive step. Let p(x) be an irreducible factor of f (x) in E[x]. By Chapter 2, we can add
one root of p(x) to E and get F = E[x]/(p(x)). Now, F contains a root of p, so also a root
of f , and we can write
f (x) = (x − λ)g(x), where g(x) ∈ F [x] and deg(g) < deg(f ).
The inductive hypothesis implies that there exists a field L ⊇ F such that L has property
(∗) for (F, g), and [L : F ] < ∞.
We claim that L has property (∗) for (E, f ) and [L : E] < ∞. Note first that the Tower
law 2.6 implies that [L : E] = [L : F ][F : E] = [L : F ] deg(p) < ∞. We still have to show
that L has property (∗) for (E, f ). First, note that because L has property (∗) for (F, g), by
an earlier remark, g(x) splits in L. Note also λ ∈ F ⊆ L, and therefore f (x) splits in L.
Now, check (∗). If K ⊇ E and HomE (L, K) 6= 0, then take ϕ : L → K, and if a1 , . . . , ad are
roots of f in L, then ϕ(a1 ), . . . , ϕ(ad ) are the roots of ϕ(f ) in K. But ϕ|E = id, so ϕ(f ) = f ,
and hence f splits in K. Conversely, say f splits in K. We need a field map L → K, which
is the identity on E. Since f splits in K, p splits in K, so p has a root α ∈ K. Therefore,
there exists a field map F → E(α) ⊆ K, which is identity on E, by Lemma 2.5. By (∗) for L
8One can prove uniqueness of splitting fields up to isomorphism without this temporary definition. See,
for example, Abstract Algebra by D. Dummit and R. Foote.
22 KEVIN BUZZARD

for the pair (F, g) this map F → K extends to a map L → K which is the identity on F , so
it is the identity on E. 
Lemma 4.2. Suppose E is a field and 0 6= f ∈ E[x]. If L ⊇ E satisfies (∗) for (E, f ), and
L0 ⊇ E satisfies (∗) for (E, f ), and if [L : E], [L0 : E] < ∞, then L ∼
= L0 via an isomorphism
which is the identity on E.

Proof. Since L satisfies (∗), f splits in L, and since L0 satisfies (∗), there exists ϕ : L0 → L
which is the identity on E. All field maps are injections, so dimE L ≥ dimE L0 . By symmetry,
dimE L0 ≥ dimE L. Therefore, [L0 : E] = [L : E]. Now, ϕ is an injection between two vector
spaces of the same dimension, and hence it must be an isomorphism. 
Theorem 4.3. Suppose E is a field and 0 6= f ∈ E[x]. Then the following are equivalent
for an extension L ⊇ E:

(1) L is a splitting field for f over E,

(2) L satisfies property (∗) for (E, f ).

d
Q
Proof. Suppose L satisfies (2). Then f (x) = c (x − ai ) with ai , c ∈ L by the remark.
i=1
Therefore, L ⊇ K := E(a1 , . . . , ad ), where d = deg(f ). Therefore, [L : E] ≥ [K : E]. Since f
splits in K, property (∗) implies that there exists ϕ : L → K, injective, so [K : E] ≥ [L : E].
Hence [K : E] = [L : E], so L = E(a1 , . . . , ad ), and hence L is the splitting field for f over E.
Conversely, suppose (1): L is a splitting field for f over E, i.e. L = E(a1 , . . . , ad ), where ai
are the roots of f in L. By Lemma 4.1, there exists a field M satisfying property (∗) for
(E, f ) and [M : F ] < ∞. Therefore, there exists a map ϕ : M → L which is the identity
on E. Clearly, ϕ is injective (all field maps are injective). But f splits in M , so ϕ maps the
roots of f in M to the roots of f in L. Therefore, im ϕ contains E and the roots a1 , . . . , ad .
The image of ϕ is a field containing E(a1 , . . . , ad ) = L, so it is equal to L, and ϕ is surjective.
Since M has property (∗), L ∼ = M also has property (∗). 
Corollary 4.4. Splitting fields are unique up to isomorphism.

Proof. Use Lemma 4.2 and Theorem 4.3. 

Why are we talking about splitting fields? Galois theory is about permuting the roots of
polynomials, so we need all the roots.

Algebraic closures. We could go on now to build algebraic closure, but we need too much
algebra (existence of maximal ideals, Zorn’s lemma, etc.) The theorem we would get to
would be.
Theorem. If E is a field, then there exists an extension E ,→ E such that

(1) E is algebraic over E,

(2) E is algebraically closed (i.e. any polynomial of degree greater or equal to 1 with
coefficients in E factors into linear factors in E).
 M3P11: GALOIS THEORY 23

More intuitively: The field E is the smallest algebraically closed field containing E.
The proof is a long exercise in algebra (which one could do if one was taking the Algebra III
course).
Special easier case: if E ⊆ C, we can set E = {z ∈ C : z is algebraic over E}. Exercise:
such a definition works.

Remark. The algebraic closure E is unique up to isomorphism, i.e. if L1 and L2 are algebraic
closures of E, then L1 ∼
= L2 via an isomorphism which is the identity on E.

Definition. Suppose E is a field. We say that an algebraic extension F ⊇ E is normal

over E (alternatively, F/E is normal) if it has the following property:
If p(x) ∈ E[x] is irreducible over E and has a root in F , then it splits completely in F .
√
Non-example: Let E = Q, F = Q( 3 2). Then F/E is not normal, because p(x) = x3 − 2 is
irreducible over E by Eisenstein and has a root in F , but F ,→ R and the other two roots
of p(x) are not real, so p(x) does not split completely.
Rubbish example: E a field, E its algebraic closure, then E/E is normal. For example, C/R
is normal.
What about E = Q? Clearly, F = Q is normal over E. Can we think of any other example
with [F : Q] finite? (Note that [Q : Q] = ∞.)
Say p(x) ∈ Q[x] is irreducible and F is its splitting field. How can we check that every
irreducible q(x) ∈ Q[x] with a root in F splits completely in F ?

Theorem 4.5. If F/E is a finite extension, then the following are equivalent

(1) F/E is normal,

(2) there exists 0 6= f (x) ∈ E[x] such that F is a splitting field for f over E.

Proof. First, we prove that (1) implies (2). Since F/E is finite, choose an E-basis a1 , a2 , . . . , ad
as an E-vector space. Clearly, F = E(a1 , . . . , ad ). Let pi be the minimal polynomial
of ai over E, which exists because F/E is finite and hence algebraic (Corollary 2.7). Then
pi ∈ E[x] is irreducible over E, ai ∈ F , so since F/E is normal, pi splits completely in F .
Qd
Set f (x) = pi (x). We have seen that f (x) splits completely in F . Moreover:
i=1

F ⊇ E(all roots of f ) ⊇ E(a1 , . . . , ad ) = F,

and thus F is the splitting field of f over E.

Now, we prove that (2) implies (1). Let F be a splitting field for f (x) over E. Say p(x) ∈ E[x]
is irreducible and has a root α ∈ F . We know that p(x) factors into irreducibles in F [x], so
let q(x) be one of these irreducibles in F [x]. We want to show that deg q = 1. By Chapter 2,
there exists an extension K = F (β) over F , where q(x) has a root β.
We have the following diagram of field extensions.
24 KEVIN BUZZARD

K = F (β)

E(β)

E(α)

Easy checks:
(1) E(α) ∼= E(β) by Chapter 2, since they are both isomorphic to E[x]/(p(x))
(2) F is the splitting field of f over E(α)
(3) F (β) is the splitting field of f over E(β)
By Corollary 4.4, [F (β) : E(β)] = [F : E(α)]. Also, [E(β) : E] = deg p = [E(α) : E]. Tower
law 2.6 implies that [F (β) : E] = [F : E]. But F ⊆ F (β), and hence F = F (β) (subspace
has same dimension as the whole space, so the subspace is the whole space). Thus β ∈ F ,
so deg(q) = 1. 
Lemma 4.6. Say K ⊇ F ⊇ E and [K : E], [K : F ], [F : E] all finite. If K/E is normal,
then K/F is normal.

Proof. Suppose p(x) ∈ F [x] is irreducible and has a root α ∈ K. Set q(x) to be the minimal
polynomial for α over E. We know that K/E is normal, q(x) is irreducible over E, and q(x)
has a root α ∈ K, so q splits completely in K. But α is a root of q, so p divides q in F [x],
because it is the minimal polynomial. And hence p(x) splits completely. 

What about the other possibilities. Here, we have counter-examples!

√
3 3
√
3
(1) Q ⊂ Q(√ 2) ⊂ (splitting
√ field of
√ x − 2 over
√ Q),√and Q( 2)/Q is not normal.
√
(2) Q ⊂ Q( 2) ⊂ Q( 4 2) and Q( 2)/Q, Q( 4 2/Q( 2) are normal, but Q( 4 2)/Q is not
normal.

5. Separable extensions

Galois theory is about how automorphisms of fields can permute roots of polynomials. For
it to work, we need
(1) polynomials have all their roots in extension field (normal extension),
(2) irreducible polynomials do not have repeated roots (separable extension).
Definition. Let E be a field.
 M3P11: GALOIS THEORY 25

(1) An irreducible polynomial p(x) ∈ E[x] is called separable if the roots of p(x) in a
splitting field K ⊇ E of p(x) are distinct.
(2) We say 0 6= f (x) ∈ E[x] is separable if all its irreducible factors are separable.
(3) If F/E is an extension of fields and α ∈ F is algebraic over E, then α is separable
over E if the minimal polynomial of α over E is separable.
(4) If F/E is an algebraic extension of fields, then F is separable over E if for all α ∈ F ,
α is separable over E.
Remark. Ad (1). A polynomial p(x) is separable if and only if p(x) has distinct roots in
any extension K ⊇ E where p(x) splits completely (replace K by subfield generated over E
by roots of p(x)).
Example. Let E = Q and p(x)√= x3 − 2, which is irreducible over Q, and it is separable,
because the roots in C are α = 3 2, ωα, ω 2 α, where ω = e2πi/3 , all distinct.

Let us try to think of a non-example. Note that the polynomial x2 is also separable over
E[x], because both factors are (every degree 1 polynomial is separable).
Let us assume that my field E is a subfield of C. We can use calculus to prove that every
0 6= f (x) ∈ E[x] is separable over E. Suppose for a contradiction that there exists 0 6=
p(x) ∈ E[x] that is not separable. Without loss of generality, p(x) is irreducible (because
an irreducible factor of it is not separable, so we can take that factor instead). Since p(x)
has a repeated root α ∈ C, write p(x) = (x − α)2 q(x). We can differentiate p(x) to get
p0 (x) ∈ E[x] that still has the root α. Set h(x) = gcd(p(x), p0 (x)), which can be computed
using Euclid’s algorithm, and clearly h(x) ∈ E[x]. By definition, h(x) 6= 0, and α is a
root of h(x). Therefore, h(x) is non-constant, and h(x) divides p(x), which is irreducible.
Therefore, h(x) = c · p(x) for a non-zero constant c ∈ E. But h(x) divides p0 (x), which
contradicts 0 < deg(p0 (x)) < deg(p(x)) = deg(h(x)).
As a consequence: If E ⊆ F ⊆ C and F/E is algebraic, then F/E is separable.
How much calculus did we actually use here? We will come back to this soon.
For now, say E ⊆ F ⊆ K and some of these are separable. Are others?
Lemma 5.1. If K/E is separable, then so are K/F and F/E.

Proof. The separability of F/E is obvious. For separability of K/F , suppose α ∈ K and let
p(x) be the minimal polynomial of α over E, and let q(x) be the minimal polynomial of α
over F . Let L be the splitting field of p(x) over K. Since K/E is separable, p(x) has distinct
roots in L. Now, q(x) is the minimal polynomial of α over F , and p(x) ∈ E[x] ⊆ F [x] with
p(α) = 0. Therefore, q(x) divides p(x) in F [x] by the definition of a minimal polynomial.
Hence q(x) has distinct roots in L, which shows K/F is separable. 

The converse is true, but harder to prove: if K/F and F/E is separable, then so is K/E.
The proof will be in the next chapter.
Let us go back to calculus. Let us develop enough calculus over an arbitrary field to try and
understand separability better. We cannot hope to differentiate a general function E → E
(even continuity makes no sense). However, we can differentiate polynomials.
26 KEVIN BUZZARD

Definition. Let E be any field. Define the derivative map D : E[x] → E[x] on the basis
by D(xn ) = nxn−1 and extend it E-linearly to E[x]. (Note that n ∈ Z, but there is a
homomorphism θ : Z → E, so by n we really mean θ(n).) Explicitly,
d
! d
X X
D ai x i = iai xi−1 .
i=0 i=1

Remark. If E = Z/pZ or, more generally, any field of characteristic p, then

D(xp ) = pxp−1 = 0.
Lemma 5.2 (Product rule). For f, g ∈ E[x], we have that D(f g) = f D(g) + gD(f ).

Proof. Let us first check it in the special case f (x) = xm , g(x) = xn . We have
LHS = D(xm+n ) = (m + n)xm+n−1 ,
RHS = xm D(xn ) + xn D(xm ) = nxm+n−1 + mxm+n−1 = LHS.
Next, let us consider the case when f ∈ E[x] is arbitrary and g(x) = xn . We can think of f
as a variable. Both sides are linear maps E[x] → E[x] and they agree on a basis, so they are
the same.
Finally, when f, g are arbitrary, think of f as fixed, g as a variable. Both sides are linear
maps and agree on a basis. Therefore, they are equal. 

ai xi , g(x) = bj xj .)
P P
(If you do not like the above argument, check the general case f (x) =
Corollary 5.3. We have that D ((x − a)n ) = n(x − a)n−1 if n ∈ Z≥1 , a ∈ E.

Proof. We either use induction on n and Lemma 5.2, or work it out using the binomial
theorem. 

What happens if we mimic the proof that if E ⊆ C, then every 0 6= f (x) ∈ E[x] is separable?
Proposition 5.4. Let E be a field and 0 6= f (x) ∈ E[x]. Suppose E ⊆ L and f splits
completely in L. Then the following are equivalent:

(1) f has a repeated root in L,

(2) there exists α ∈ L such that f (α) = 0 and (Df )(α) = 0,
(3) gcd(f, Df ) has positive degree.

Proof. We first show (1) implies (2). Supposing (1), we get that f factors over L as
f (x) = (x − α)2 g(x), where g(x) ∈ L[x].
Hence:
Df = (x − α)2 Dg + gD ((x − a)2 ) by Lemma 5.2
= (x − α)2 Dg + 2g(x − α) by Corollary 5.3
so (Df )(α) = 0 + 0 = 0.
For (2) implies (3), say α is a zero of both f and Df . Since f (α) = 0, α is algebraic over E,
so let p(x) be the minimal polynomial of α over E. But f ∈ E[x] and f (α) = 0, so p|f ,
 M3P11: GALOIS THEORY 27

and similarly Df ∈ E[x] and Df (α) = 0, so p|Df . Therefore, p| gcd(f, Df ) and deg(p) ≥ 1.
Thus (3) holds.
Finally, we show that (3) implies (1). Suppose h(x) = gcd(f, Df ) has positive degree. Then
h(x)|f (x) and f (x) splits completely in L, so h(x) splits completely in L. Since deg(h) > 0,
h has a root α ∈ L. Then α is a root of f . Say f (x) = (x − α)q(x) with q(x) ∈ L[x].
Therefore, by Lemma 5.2
Df = q(x) + (x − α)Dq(x).
We know that h divides Df , so Df (α) = 0. Substitute x = α into the formula for Df to
get 0 = q(α). Therefore, f (x) = (x − α)q(x) has α as a repeated root. 
Corollary 5.5. If p(x) ∈ E[x] is irreducible and not separable, then (Dp)(x) = 0.

Proof. Let L be a splitting field for p(x). Then p(x) has a repeated root, so by Proposi-
tion 5.4, we obtain that h(x) = gcd(p, Dp) and deg(h) > 0. Hence h = constant · p, since
p is irreducible, so deg(h) = deg(p). But h divides Dp and deg(Dp) < deg(p) = deg(h).
Therefore, Dp must be identically 0. 
Corollary 5.6. If f (x) ∈ E[x] is irreducible and not separable then the characteristic of E
is a prime number p > 0, and f (x) = a0 + a1 xp + a2 x2p + · · · + ad xdp .

Proof. Such polynomials are the only ones of positive degree such that Df = 0. 

It is still hard to come up with an inseparable polynomial though. For example, let us fix a
prime p and set E = Z/pZ. Let us try f (x) = xp − 2. Then indeed Df = 0, but the problem
is that f (x) is not irreducible. In fact, f (x) = (x − 2)p .

Frobenius map. Suppose E is a field (or even a commutative ring), and char(E) = p, a
prime number (i.e. |1 + 1 +{z· · · + 1} = 0.) Consider ϕ : E → E given by ϕ(x) = xp .
p times

We claim that this is a field (ring) homomorphism. Clearly, ϕ(0) = 0, ϕ(1) = 1, ϕ(xy) =
(xy)p = xp y p = ϕ(x)ϕ(y). Moreover:
p  
p
X p i p−i
ϕ(x + y) = (x + y) = xy = xp + y p = ϕ(x) + ϕ(y)
i=0
i
p p!


because if 1 ≤ i ≤ p − 1, then i = i!(p−i)! and p does not cancel.
We call ϕ the Frobenius homomorphism.
Example. Let E = Z/pZ. Then xp ≡ x mod p by Fermat’s Little Theorem, so ϕ is the
identity element.
On the other hand, if Z/pZ ⊂ E, Z/pZ 6= E, then ϕ will be non-trivial. For example,
say E = F3 (i), the splitting field of x2 + 1 over F3 . Then ϕ(a) = a if a = 0, 1, 2, but
ϕ(i) = i3 = −i. Therefore, ϕ acts like complex conjugation.
Corollary 5.7. If E is a field of characteristic p and ϕ : E → E is a bijection, then every
polynomial 0 6= f (x) ∈ E[x] is separable.
28 KEVIN BUZZARD

Proof. Suppose f is not separable. Without loss of generality, f is irreducible. By Corol-

lary 5.6, we have that
f (x) = a0 + a1 xp + · · · + ad xpd .
But ϕ is a bijection, so for all 0 ≤ i ≤ d, there exists bi ∈ E such that (bi )p = ai . Set
g(x) = b0 + b1 x + b2 x2 + · · · + bd xd ,
so that g(x)p = f (x), and f is not irreducible. 
Definition. A field E is perfect if every finite extension L/E is separable; equivalently, if
every polynomial in E[x] is separable.
Corollary 5.8.

(1) If char(E) = 0, then E is perfect.

(2) If E is finite, then E is perfect.

Proof. We already proved (1) in Corollary 5.6. For (2), note that ϕ is a field map, so ϕ is
injective. But E is finite, so ϕ is bijection, and the statement follows from Corollary 5.7. 

6. The fundamental theorem of Galois theory

Example (The fundamental theorem of Galois theory). Let K = Q and L be the √ splitting
3 3 3
field of x − 2. Write x − 2 = (x − α1 )(x − α2 )(x − α3 ) in C[x], where α1 = α = 2, and if
ω = e2πi/3 , then α2 = ωα, α3 = ω 2 α. Then L = Q(α, ω).
The fundamental theorem of Galois theory says that the subfields of L are all those in the
picture. The thin lines mean subfields, the thick lines mean normal extensions, and the
numbers represent degrees.

L
2 2
2
3
Q(α1 ) Q(α2 ) Q(α3 )

6
Q(ω)
3 2 3 3

Picture of S3 and its subgroups. (Groups get bigger as we go down, and thick lines represent
normal subgroups, and numbers represent indices.)
 M3P11: GALOIS THEORY 29

{e}
2 2
2
3
h(23)i h(13)i h(12)i

6
h(123)i
3 2 3 3

S3

Definition. An algebraic extension L/K of fields is Galois if it is normal and separable.

We only consider finite extensions.

Definition. An extension L/K of fields is finite Galois if it is finite, normal, and separable.
Examples.

(1) The extension C/R is finite (degree 2) (and hence algebraic), normal (splitting field
of x2 + 1), and separable (because characteristic is 0).
(2) For K = Q (or any characteristic 0 field), f (x) = x3 −2 (or any non-zero polynomial),
let L be the splitting field of f (x). If f has roots α1 , . . . , αd , then L = K(α1 , . . . , αd ),
L/K is finite by the tower law. Finally, L/K is normal (Theorem 4.5) and separable
(characteristic 0).

Idea: If L/K is Galois, we can associate to it a Galois group.

If L/K is finite and Galois, this group will be finite. A part of the fundamental theorem of
Galois theory will be a correspondence
{subfields K ⊆ M ⊆ L} ←→ {subgroups of Galois group}.

Here is how to get the group. Suppose K ⊆ L are two fields (not necessarily Galois). Define
AutK (L) = {field isomorphisms ϕ : L → L such that ϕ(k) = k for all k ∈ K}.
Great example: if L = C, K = R, then AutR (C) contains the identity z 7→ z on C and
complex conjugation.
Exercise. Check that AutR (C) = {identity, complex conjugation}. Hint: if ϕ : C → C is a
field map, then ϕ(i)2 = ϕ(i2 ).
Remark. Note that [C : R] = 2 and |AutR (C)| = 2.
Lemma 6.1. Suppose K ⊆ L are fields. Then AutK (L) is a group, where the group law is
composition of functions.
30 KEVIN BUZZARD

Proof. If ϕ and ψ are isomorphisms of fields L → L then so is ϕ ◦ ψ (easy check). If ϕ and ψ

do not move elements of K, then neither does ϕ ◦ ψ. Therefore, the group law is well-defined.
Associativity: always true for composition of functions.
Identity: identity map L → L is in AutK (L).
Inverses: inverse of an isomorphism is an isomorphism. 

Notation: If L/K is finite and Galois, then define Gal(L/K) = AutK (L). For example,
Gal(C/R) = {identity, complex conjugation}.
Theorem (Fundamental theorem of Galois theory). Say L/K is finite and Galois, and set
G = Gal(L/K). Then

(a) G is finite and |G| = [L : K].

(b) There is an order-reversing bijection
Φ : {subgroups of G} → {subfields of L containing K},
Φ(H) = {λ ∈ L : h(λ) = λ for all h ∈ H}.
(c) If H ⊆ G corresponds to K ⊆ M ⊆ L via bijection Φ, then L/M is Galois, and
Gal(L/M ) = H, and in particular [L : M ] = |H|, so [M : K] = |G/H|.
(d) If H is a normal subgroup of G, then M/K is normal, and Gal(M/K) = G/H.

Suppose L/K is finite. We will provide a criterion for normality.

√
Here is an example of a normal extension: K = Q, L = Q( 2), the splitting field of x2 − 2.
Suppose i : L → C is a field map and i|K is the identity (automatic). Then
√ √ 2
i( 2)2 = i( 2 ) = i(2) = 2,
√ √ √
so i( 2) = ± 2. In particular, i( 2) ∈ L ⊆ C, and i(L) ⊆ L, so i(L) = L for dimension
reasons.
In fact, more generally, if L/K is finite and normal, and L ⊆ M and i : L → M such that i|K
is the identity, then i(L) = L. (Example Sheet 4, Question 8.)
√
If L/K is finite and not normal, this may fail. For example, if L = Q( 3 2) and
√
β = e2πi/3 2 ∈ C.
3

√
Then there is a field map L → C that maps 3 2 to β by Lemma 2.5. The image of i contains β
so it is not contained in L.
Lemma 6.2. A finite extension L/K is normal if and only if for any field extension L ⊆ M
and for any field map i : L → M such that i|K is the identity, we have i(L) = L.

This lemma actually holds for any algebraic extension, but we only prove it in this generality.

Proof. The ‘only if’ implication is Question 8 from Exercise Sheet 4. For the ‘if’ implication,
say i(L) = L for all i. We will prove that L/K is normal. Suppose we have L/K finite.
Let L ⊆ M , where M is a field large enough to make the proof work. For example, we can
 M3P11: GALOIS THEORY 31

take M to be the algebraic closure of L (but we did not prove these exist). It is, in fact,
enough to let M be the normal closure of L/K (see Question 6 on Exercise Sheet 4).
Say p(x) ∈ K[x] is irreducible and has a root α ∈ L. We want to show p(x) splits com-
pletely in L. We know M/K is normal, so p(x) splits completely in M . Choose any root β
of p(x) in M . We want to show β ∈ L. By Lemma 2.5, the fields K(α) and K(β) are
isomorphic. So choose i : K(α) → K(β) an isomorphism which is identity on K. Write
L = K(α, γ1 , γ2 , . . . , γr ), since L/K is finite. We extend i : K(α) → K(β) to a map
i : K(α, γ1 , . . . , γr ) → M , recursively on r. (At each stage, let pj (x) be the minimal polyno-
mial of γj over K(α, γ1 , . . . , γj−1 ). This works because M is normal over K(α, γ1 , . . . , γj ).)
We end up with i : L → M and by hypothesis i(L) = L. But i(L) 3 i(α) = β, and
therefore β ∈ L. 

Now, say L/K is a finite field extension and L ⊆ M for M big enough, i.e. M is an algebraic
closure of L, or a normal closure of L/K.
Definition. The separable degree [L : K]s is the number of field maps L → M which are
identity on K.
Example. Let K = Q, p(x) ∈ Q[x] be irreducible, and α be a root of p(x) in C. Moreover,
let L = K(α), and M = Q ⊆ C. To give a map L → Q which is identity on K = Q, we
just have to decide where α goes. But α can go to any root of p(x) in Q by Lemma 2.5. If
d = deg p(x), there will be d roots. Hence
[Q(α) : Q]s = d = [Q(α) : Q].
Lemma 6.3. If L = K(α), then
[L : K]s ≤ [L : K]
with equality if and only if α is separable over K.

Proof. Let p(x) be the minimal polynomial of α, of degree d. Then we know [L : K] = d by

Proposition 2.3. If M is the algebraic closure of L, then the number of field maps i : L → M
which are identity on K is the number of roots of p(x) in M by Lemma 2.5. Since p(x) splits
completely in M , the number of roots of p(x) is at most d, and equal to d if and only if p(x)
is separable, i.e. α is separable. 
Lemma 6.4 (Tower law for separable degree). If M ⊇ L ⊇ K and all the extensions are
finite, then
[M : K]s = [M : L]s [L : K]s .

Proof. To give a field map M → M which is identity on K it to do the following two things:
(1) give a map i : L → M = L which is identity on K ([L : K]s ways to do this),
(2) (regarding L as living in M via i : L → M ) giving M → M which is identity on i(L)
([M : L]s ways to do this).

(Note that M , L, i(L), and K can all be thought of as the same field.) Therefore, [M :
K]s = [L : K]s [M : L]s . 
Corollary 6.5. If L/K is a finite extension then
32 KEVIN BUZZARD

(1) [L : K]s ≤ [L : K]
(2) equality if and only if L/K is separable.

Proof. Since L/K is finite, there exist γ1 , . . . , γn ∈ L such that L = K(γ1 , . . . , γn ). Then we
set K0 = K and Ki+1 = Ki (γi ) to get
K = K0 ⊆ K1 ⊆ K2 ⊆ · · · ⊆ Kn = K(γ1 , . . . , γn ) = L.

Recall that [Ki+1 : Ki ]s ≤ [Ki+1 : Ki ] by Lemma 6.3, and so (1) follows from the two tower
laws (the usual one 2.6 and Lemma 6.4).
For (2), note that if L/K is separable, then by Lemma 5.1 each Ki+1 /Ki is separable,
and hence equality holds by Lemma 6.3 and the tower laws. Conversely, if equality holds,
choose α ∈ L arbitrary. We want to show α is separable over K. The trick is to note that
L ⊇ K(α) ⊇ K. Therefore:
[L : K]s = [L : K(α)]s [K(α) : K]s by Lemma 6.4
≤ [L : K(α)][K(α) : K] by part (1)
= [L : K] by the tower law
= [L : K]s by assumption
Hence equalities must hold everywhere; in particular, [K(α) : K]s = [K(α) : K], showing
that α is separable over K by Lemma 6.3. 
Theorem 6.6 (Fundamental theorem of Galois theory (a)). If F/E is a finite extension of
fields, then |AutE (F )| ≤ [F : E], and equality holds if and only if F/E is Galois.

Proof. Note that

AutE (F ) = {ϕ : F → F : ϕE = idE and ϕ isomorphism} ⊆ {ϕ : F → F : ϕE = idE },
and the size of the latter set is [F : E]s . Hence
|AutE (F )| ≤ [F : E]s ≤ [F : E],
as required. Finally, note that ⊆ above is an equality if and only if F/E is normal (by
Lemma 6.2), and the ≤ above is an equality if and only if F/E is separable (by Corollary 6.5).


Now let us prove the fundamental theorem of Galois theory (b): If L/K is finite and Galois,
and G = Gal(L/K), then there is a natural bijection
{subfields of L containing K} ←→ {subgroups of G}.
Here are the maps between these sets:

• Given M such that K ⊆ M ⊆ L, define

Γ(M ) = {h ∈ G : h(m) = m for all m ∈ M }.
Easily checked to be a subgroup of G.
 M3P11: GALOIS THEORY 33

• If H ⊆ G is a subgroup, then set

Φ(H) = {m ∈ L : h(m) = m for all h ∈ H}.
This is a subfield because for all h ∈ H, h(k) = k for any k ∈ K by definition of G.
Therefore, K ⊆ Φ(H), and in particular 0, 1 ∈ Φ(H). Moreover, Φ(H) is clearly
closed under the field operations, because h is a field map.

Setting
G = {subgroups of G},
F = {subfields K ⊆ M ⊆ L},
we have just defined
Γ : F → G,
Φ : G → F.
We want to show that Γ ◦ Φ = id, Φ ◦ Γ = id.
Lemma 6.7 (Easy observations about Γ and Φ).

(1) The maps Γ and Φ are order reversing (i.e. If H1 ⊆ H2 then Φ(H1 ) ⊇ Φ(H2 ), and if
K ⊆ M1 ⊆ M2 ⊆ L then Γ(M1 ) ⊇ Γ(M2 )).
(2) For M ∈ F, we have M ⊆ Φ(Γ(M )), and for H ∈ G, we have H ⊆ Γ(Φ(H)).
(3) We have Γ ◦ Φ ◦ Γ = Γ and Φ ◦ Γ ◦ Φ = Φ.

Proof. In each part, we only prove one statement, and the other is left as an exercise.
In (1), say M1 ⊆ M2 . If h ∈ Γ(M2 ) then h(m2 ) = m2 for all m2 ∈ M2 by definition, and
hence h(m1 ) = m1 for all m1 ∈ M1 ⊆ M2 ; therefore h ∈ Γ(M1 ).
In (2), say K ⊆ M ⊆ L. Then
H := Γ(M ) = {h ∈ G : h(m) = m for all m ∈ M }.
Hence
Φ(Γ(M )) = Φ(H) = {l ∈ L : h(l) for all h ∈ Γ(M )},
which clearly contains M , because if l ∈ M then h(l) = l by definition of h. Hence M ⊆
Φ(Γ(M )).
For (3), we have
(Γ ◦ Φ ◦ Γ)(M ) = Γ(Φ(Γ(M )))
⊆ Γ(M ) by (1) and (2)
and
(Γ ◦ Φ ◦ Γ)(M ) = (Γ ◦ Φ)(Γ(M ))
⊇ Γ(M ) by (1) and (2)
which completes the proof. 
√
Example. Let K = Q, L = Q( 2, i). Then L/K is finite and Galois because

• char(Q) = 0, so L/K is separable,

• L is the splitting field of f (x) = (x2 − 2)(x2 + 1), so L/K is finite and normal.
34 KEVIN BUZZARD

First question: What is Gal(L/K)? By the fundamental theorem of Galois theory (a), we
know that
h √ i h √ √ ih √ i
|Gal(L/K)| = [L : K] = Q( 2, i) : Q = Q( 2, i) : Q( 2) Q( 2) : Q = 2 · 2 = 4.
√
A map ϕ : L → L which is identity on K = Q is determined by where it sends 2, i, because
√ 2 √ 2
these elements
√ generate
√ L over Q. The usual trick: ϕ( 2) = ϕ( 2 ) = ϕ(2) = 2, and
hence ϕ( 2) = ± 2. Similarly, ϕ(i) = ±i. Thus we have at most four choices for ϕ. But
|Gal(L/K)| = 4, and hence all four choices must work.
For each choice of pair (a, b) ∈ {±1} ×√ {±1}, √
there exists a field isomorphism ϕa,b : L → L
which is identity on Q such that ϕa,b ( 2) = a 2, ϕa,b (i) = bi.
√ √ √ √
Define σ : L → L such that σ( 2) = 2, σ(i) = −i and τ : L → L such that τ ( 2) = − 2,
τ (i) = i. Hence
G = Gal(L/K) = {id, σ, τ, στ }.

Subgroups of G?

{e}

2 2 2

hσi hτ i hστ i

2 2 2

G = hσ, τ i

The fundamental theorem of Galois theory (b) says

√ there exists a corresponding picture for
subfields of L containing K. Subfields of L = Q( 2, i) containing K:

Φ(H) = {λ ∈ L : h(λ) = λ for all h ∈ H}.

√
Clearly, Φ({e})√ =√ L = Q(i, 2). For the rest,
√ we √ first note that [L : K] = 4 and a Q-basis
for L is {1, i, 2, i 2}. For λ = α + βi + γ 2 + δi 2, α, β, γ, δ ∈ Q, a general element of L,
we have
√ √
σ(λ) = α − βi + γ 2 − δi 2,
√ √
τ (λ) = α + βi − γ 2 − δi 2,
√ √
(στ )(λ) = α − βi − γ 2 + δi 2.

Therefore, by checking which elements of the field remain fixed, we obtain the following
intermediate field diagram (by applying Φ to the group diagram above):
 M3P11: GALOIS THEORY 35

Φ({e}) = L

2 2 2
√ √
Q( 2) Q(i) Q(i 2)

2 2 2

Φ(G) = Q

Now, the fundamental theorem of Galois theory (b) says that these are all the subfields.
Proposition 6.8. Let L/K be a finite Galois extension. Then Φ ◦ Γ is the identity map
F → F.

Proof. First, here is an observation. If L/K is finite Galois and L ⊇ M ⊇ K, M a subfield,

then L/M is finite Galois: finiteness follows from the Tower law 2.6, normality follows from
Lemma 4.6, separability follows from Lemma 5.1. Furthermore,
Gal(L/M ) = {ϕ : L → L : isomorphism such that ϕ|M = idM } ⊆ Gal(L/K).
Moreover,
Gal(L/M ) = {h ∈ Gal(L/K) : h(m) = m for all m ∈ M } = Γ(M ).

Now, say M ∈ F and set N = ΦΓ(M ). We want to show N = M . By Lemma 6.7 (2),
N ⊇ M . By Lemma 6.7 (3),
Γ(N ) = ΓΦΓ(M ) = Γ(M ).
By the fundamental theorem of Galois theory (a) 6.6, we know that |Gal(L/M )| = |Gal(L/N )|
implies that
[L : M ] = [L : N ].
Therefore, [L : M ] = [L : N ][N : M ], and hence [N : M ] = 1, so N = M . 
Corollary 6.9. The map Γ is injective.

In particular, because G is obviously finite, we can deduce that F is finite.

Corollary 6.10. If F/E is a finite separable extension, then there are only finitely many
intermediate fields M with E ⊆ M ⊆ F .

This is not obvious (and it is, in fact, false if we drop the assumption of separability—see
Exercise Sheet 5, Question 5.)

Proof. Let L be the normal closure of F over E, i.e. L/E is the smallest normal extension
of E containing F . Since L/E is the normal closure of a separable extension, it is separable
(by Exercise Sheet 5, Question 3d). Therefore, there are only finitely many subfields of L
containing E, and hence there are only finitely many subfields of F containing E. 
36 KEVIN BUZZARD

Corollary 6.11 (Theorem of the primitive element). If L/K is finite and separable then
there exists α ∈ L such that L = K(α).

Again, this statement is false when we drop the assumption of separability—see Exercise
Sheet 5, Question 5.

Proof. There are two cases.

Case 1. K is finite (as a set). Then L is finite, so L× is a finite subgroup of the non-zero
elements of a field, so L× is cyclic (by Exercise Sheet 3, last question). Therefore, there
exists α such that L× = hαi. Then L = K(α).
Case 2. K is infinite. Then L is a finite-dimensional vector space over an infinite field. But,
by Exercise Sheet 6, Question 5, this implies that L is not the union of finitely many proper
subspaces. Therefore,
[
L 6= M.
K⊆M ⊂L
S
Choose α ∈ L such that α 6∈ M . But K(α) is a subfield of L containing α, so it
K⊆M ⊂L
cannot be proper, and hence K(α) = L. 

Here is a proposition motivated by the definition of Φ.

Proposition 6.12. Say L is a field and G is a finite subgroup of Aut(L). Set
K = {λ ∈ L : g(λ) = λ for all g ∈ G}.
Then [L : K] is finite, L/K is finite and Galois, and Gal(L/K) = G. In particular,
[L : K] = |G|.

Proof. First, let us prove that [L : K] is finite and is at most n = |G|. We will do this by
showing that if α1 , α2 , . . . , αn+1 ∈ L are arbitrary then they are K-linearly-dependent. Let V
be the vector space Ln . An element of V is just n elements of L. Say G = {g1 , . . . , gn }.
Given (λ1 , . . . , λn ) ∈ V , we can consider the function G → L such that gi 7→ λi . This sets
up a natural bijection:
V = {functions G → L}.
From now on, think of V as this set of functions. Here are n + 1 elements of V . For
1 ≤ i ≤ n + 1, define ϕi : G → L by ϕi (g) = g(αi ). These are n + 1 elements in an
n-dimensional vector space over L, so they are linearly dependent. Therefore, there exist
µi ∈ L not all equal to 0 such that
n+1
X
µi ϕi = 0.
i=1
r
P
Choose a linear relation of smallest length, i.e. µi = 0 for i > r, µr 6= 0 and µi ϕi = 0 and r
i=1
is as small as possible with this property. (I.e. the first r of the ϕi are linearly dependent
but the first r − 1 are not). We know that µr 6= 0, so replacing µi with µi /µr , we can assure
 M3P11: GALOIS THEORY 37

that µr = 1 (and µi = 0 for i > r). We will now show that all µi ∈ K. We know that for
all g ∈ G:
Xr r
X
(1) µi g(αi ) = µi ϕi (g) = 0.
i=1 i=1
Applying h : L → L, any element of G, to the equation, we obtain
X r
h(µi )hg(αi ) = h(0) = 0
i=1

and since hg ∈ G, we can substitute it to equation (1) to obtain

Xr
µi hg(αi ) = 0.
i=1
Subtracting, we have for all g ∈ G
Xr
(h(µi ) − µi )hg(αi ) = 0
i=1
so writing k = hg, we have for all k ∈ K
Xr r
X
(h(µi ) − µi )ϕi (k) = (h(µi ) − µi )k(αi ) = 0.
i=1 i=1

But h(µr ) − µr = 1 − 1 = 0, and the new linear relation has smaller length. Therefore,
h(µi ) = µi for all i ≤ r, and hence h(µi ) = µi for 1 ≤ i ≤ n + 1. But h ∈ G was arbitrary.
Since µi are fixed by all G, µi ∈ K. Then equation (1) with g = id yields
X r
µi αi = 0
i=1
and µr = 1, so not all µi are 0. Therefore, αi are K-linearly-dependent.
We have shown that any n + 1 elements of L are K-linearly-dependent, and hence [L : K] ≤
n = |G|. In particular, L/K is finite. We will prove it is Galois.9
Separability. Choose α ∈ L. Set S = {g(α) : g ∈ G} and note that |S| ≤ n = |G|. Set
Y
p(x) = (x − s) ∈ L[x].
s∈S

We claim that p(x) ∈ K[x]. Choose h ∈ G. Then

h(S) = {h(s) : s ∈ S} = {hg(α) : g ∈ G} = S.
Therefore, Y
h(p(x)) = (x − s) = p(x),
s∈h(S)

9There is a quicker way to finish the proof. By Theorem 6.6, |AutK (L)| ≤ [L : K] with equality if and
only if L/K is Galois, and clearly G ⊆ AutK (L), so
|G| ≤ |AutK (L)| ≤ [L : K] ≤ |G|.
Hence equalities hold, and L/K is Galois with Galois group G.
38 KEVIN BUZZARD

ai xi , then h(ai ) = ai for all i, h ∈ G. Therefore, p(x) ∈ K[x]. We now

P
so if p(x) =
claim that p(x) is the minimal polynomial of α over K. Since α ∈ S, p(α) = 0. Moreover, if
q(x) ∈ K[x] and q(α) = 0, then for any β ∈ S, there exists g ∈ G such that g(α) = β. Since
q(α) = 0, we have that g(q(α)) = 0, and so g(q)(g(α)) = 0. But g(q) = q and gα = β, and
so q(β) = 0. Hence all β ∈ S are roots of q(x), so p(x) must divide q(x). Hence p(x) is the
minimal polynomial of α, and its roots are distinct, so α is separable.
Normality. If f (x) ∈ K[x] is irreducible and has a root α ∈ L, then build p(x) for α as
above. Then p(x) is the minimal polynomial, and hence p(x) divides f (x), so p = f (up to
scaling). But all roots of p are in L by construction, and thus f splits completely.
Therefore, L/K is Galois, so by definition G ,→ Gal(L/K). Hence
|G| ≤ |Gal(L/K)| = [L : K] ≤ |G|,
so the injection is an isomorphism. 

This is the last thing we needed to prove the fundamental theorem of Galois theory.
Theorem 6.13 (Fundamental theorem of Galois theory). Let L/K be a finite Galois ex-
tension and G = Gal(L/K); write F = {K ⊆ M ⊆ L subfields}, G = {H ⊆ G subgroups}.
Define two maps
Φ: G → F
Φ(H) = {λ ∈ L : h(λ) = λ for all h ∈ H}
Γ: F → G
Γ(M ) = {g ∈ G : g(m) = m for all m ∈ M }
Then
(a) [L : K] = |G|
(b) Γ and Φ are order-reversing bijections
(c) If M ∈ F corresponds to H ∈ G then H = Gal(L/M ).
(d) The subgroup H of G is normal if and only if M/K is normal, and in this case
Gal(M/K) = G/H
(i.e. they are isomorphic and there is a natural isomorphism between them.)

Proof. We proved (a) in Theorem 6.6.

For (b), we already proved that Γ and Φ are order-reversing in Lemma 6.7, and that Φ◦Γ = id
in Proposition 6.8. We only need to prove that Γ ◦ Φ = id. So say H ⊆ G is a subgroup and
set M = Φ(H). We need to check that
Γ(M ) = {g ∈ G : g(m) = m for all m ∈ M }
is equal to H. Since
M = Φ(H) = {λ ∈ L : h(λ) = λ for all h ∈ H},
Proposition 6.12 says that L/M is finite and Galois, and by definition the elements of G
that fix M element-wise are precisely Gal(L/M ). Therefore, Gal(L/M ) = Γ(M ). Then
Proposition 6.12 says that Gal(L/M ) = H, and hence H = Γ(M ).
Now, (c) is obvious: if H ←→ M , then H = Γ(M ) = Gal(L/M ).
 M3P11: GALOIS THEORY 39

For (d), let us first suppose that M/K is normal for M ∈ F. Then M/K is separable (by
Lemma 5.1, since L/K is separable) and finite (since M ⊆ L), and hence M/K is finite and
Galois. Set Q = Gal(M/K) and say g ∈ G. Then g : L → L, and hence g restricts to a map
g|M : M → L, fixing K pointwise. By Lemma 6.2, g(M ) = M , since M is normal. Therefore,
g|M : M → M is the identity on K, and g|M ∈ Q. In particular, there is a natural map
G → Q that maps g to g|M . It is easy to check it is a group homomorphism. The kernel of
this map is
{g ∈ G : g|M = idM } = Γ(M ).
Set H = Γ(M ). Then H is a kernel, and therefore H is a normal subgroup of G. We have
shown that M normal implies that H is normal.
In particular, the first isomorphism theorem implies that G/H ∼= im(G) ⊆ Q. By counting,
|Gal(L/K)|
|G/H| = |Gal(L/M )|
by part (c)
[L:K]
= [L:M ]
by part (a)
= [M : K] by the Tower law 2.6
On the other hand, Q = Gal(M/K), and hence |Q| = [M : K] by part (a). Therefore,
| im(G)| = |Q|, and the map G → Q is hence surjective. In particular, by the first isomor-
phism theorem, G/H ∼ = Q.
Finally, say H ∈ G and H E G is a normal subgroup. Set M = Φ(H). We want to show
that M is normal. We know that
M = Φ(H) = {λ ∈ L : h(λ) = λ for all h ∈ H}.
−1
If g ∈ G, what is Φ(g Hg)? Well, for h ∈ H, h(λ) = λ, and hence
(g −1 hg)(g −1 λ) = g −1 hλ = g −1 λ.
Therefore, Φ(g −1 Hg) = g −1 M . So if H is normal, g −1 Hg = H for all g ∈ G, and hence
g −1 M = M for all g ∈ G, so gM = M for all g ∈ G. Hence g ∈ G induces a field map
M → M . In particular, we get a natural map G → AutK (M ) with the kernel Γ(M ) = H.
Hence, we get an injection
G/H ,→ AutK (M ).
Now, H = Gal(L/M ), so
[L : K]
|G/H| = = [M : K],
[L : M ]
which shows that [M : K] ≤ |AutK (M )|. But Corollary 6.5 shows that |AutK (M )| ≤ [M : K]
with equality if and only if M/K is Galois. Therefore, M/K is normal. 
Example. Let N ∈ Z≥1 . Say f (x) = xN − 1 ∈ Q[x] and let L be the splitting field of f (x).
Then L/Q is finite and Galois. What is the Galois group?
What is L? Suppose ζN = e2πi/N ∈ C. The roots of f (x) are 1, ζN , ζN2 , . . . , ζNN −1 , and hence
L = Q(1, ζN , ζN2 , . . . , ζNN −1 ) = Q(ζN ).
We call L the N th cyclotomic field. We know that [L : Q] is the degree of the minimal
polynomial of ζN over Q. In general, we have not computed this. The answer is that it is
(by definition) the N th cyclotomic polynomial. Tricky exercise: its degree is ϕ(N ), where ϕ
40 KEVIN BUZZARD

is the Euler totient function. We proved this in the special case where N is a prime number.
In this case, ζN is a root of the irreducible polynomial
xN − 1
= 1 + x + · · · + xN −1 .
x−1
Here is a map Gal(L/Q) → (Z/N Z)× . If g ∈ Gal(L/Q), g(ζN ) is a root of xN − 1, which
is (ζN )a for some 0 ≤ a ≤ N − 1. The map is clearly injective. It is slightly tricky to
show that it is an isomorphism. If N is prime, we can prove this, since the LHS has size
[L : Q] = N − 1 and the RHS has size N − 1, because for N prime
(Z/N Z)× = {1, 2, . . . , N − 1}.
In fact, if N is prime, Gal(Q(ζN )/Q) = (Z/N Z)× , the non-zero elements of Z/N Z.

We give a trick for computing Galois groups. Say f (x) ∈ K[x] is a non-zero polynomial, and
assume (for simplicity) char(K) = 0 (or that f is separable). Suppose deg(f ) = n and say
α1 , . . . , αn ∈ K are the roots of f . Set L = K(α1 , . . . , αn ), the splitting field of f . Then L/K
is finite, separable, and normal (as it is a splitting field), and hence L/K is finite and Galois.
Set G = Gal(L/K). Then the fundamental theorem of Galois theory 6.13 (a) says that
|G| = [L : K].
The trick is that G is a subgroup of Sn . Here is why: If g ∈ G, then g : L → L, so g(αi ) is a
root of g(f (x)) = f (x), as g|K = idK . Thus g permutes the roots of f (x). So given g ∈ G,
we get a permutation of S = {α1 , . . . , αn }, so we get a homomorphism G → Sym(S) ∼ = Sn .
Furthermore, the map is injective: if g ∈ G and g(αi ) = αi for all i, then g fixes all αi and g
fixes all λ ∈ K, and therefore g fixes K(α1 , . . . , αn ) = L, and hence g = idL .
√
Example. Let K = Q, f (x) = x3 − 2. Then L = Q(α, ωα, ω 2 α) = Q(α, ω) for α = 3 2 and
ω = e2πi/3 . We know that [L : Q] = 6, so |Gal(L/Q)| = 6, and the injection Gal(L/Q) ,→ S3
has to be an isomorphism. An element g ∈ Gal(L/Q) is determined by the corresponding
permutation of {α, ωα, ω 2 α}.

7. Insolvability of the quintic (by radicals)

√
2
Idea: Solutions of ax2 + bx + c = 0 (for a 6= 0) are x = −b± 2ab −4ac . There are analogous
√
formulae for the cubic and quartic, involving only + − × ÷ n for n = 2, 3, 4, . . .
Abel–Ruffini and later Galois showed that there was no such formula for the quintic.
√
The operations + − ×÷ we can do in any field. However, n we need to be able to insert
into the system.
Assume throughout this chapter that all fields in it have characteristic 0.
Definition. A finite extension L/K of fields (of characteristic 0) is an extension by radicals
if there exist fields K = L0 ⊆ L1 ⊆ L2 ⊆ L3 ⊆ · · · ⊆ Ln = L such that for each i, 1 ≤ i ≤ n,
there exists αi ∈ Li such that Li = Li−1 (αi ) and there exists ni ∈ Z≥1 such that αini ∈ Li−1 ,
i.e. “Li is a field generated by Li−1 and one ni th root”.
 M3P11: GALOIS THEORY 41
p
3
√
Example. If β = 1 + 2 then there exists a field L ⊆ C such that L 3 β and L is an
extension of Q by radicals. Explicitly:
√ √ √
q 
3
Q ⊆ Q( 2) ⊆ Q( 2) 1 + 2 3 β.

q √
3
50 1+ √ 3
Exercise. Prove that if γ = 1+ 4 5
, then there exists an extension by radicals L/Q
with γ ∈ L.
Remark. If L/K is an extension by radicals then the normal closure M/K of L/K is too
(for the proof, see Exercise Sheet 6, Question 7.). Hence we can assume that our extensions
are actually Galois (by making them bigger, if necessary).
√
Idea. Suppose there exists a formula for the roots of a quintic involving only + − × ÷ n .
Apply it to the quintic x5 − 6x + 3. Let L be the splitting field of this quintic over Q.
Then L/Q is finite and Galois, and an extension by radicals. The idea is that that being an
extension by radicals tells us something about Gal(L/Q). We will show that Gal(L/Q) does
not have this property if L is the splitting field of x5 − 6x + 3.
(Spoilers: the Galois group is S5 and S5 is not a solvable group.)
We now prove a key lemma.
Lemma 7.1. Suppose E is a field of characteristic 0, p is a prime number, and assume that
xp − 1 splits completely in E. Then for all β ∈ E, the polynomial xp − β either splits into
linear factors or is irreducible in E[x].
In the irreducible case, if α ∈ E is a root of xp − β then F = E(α) is the splitting field of
xp − β and [F : E] = p.

Proof. Let F be the splitting field of xp −β. Then, if pth roots of 1 in E are {1, ω, ω 2 , . . . , ω p−1 },
we know F = E(α, ωα, ω 2 α, . . . , ω p−1 α) = E(α), α a pth root of β.
Case 1: α ∈ E. Then xp − β splits completely.
Case 2: α 6∈ E. Say xp − β were reducible in E[x], so it factors into 2 polynomials g, h of
degrees m, n with 1 ≤ m, n < p, m + n = p. By scaling, we can assume that g, h are monic.
Consider F [x], where polynomials factor uniquely. Then
gh = xp − β = (x − α)(x − ωα) . . . (x − ω p−1 α),
so the irreducible factors of g(x) in F [x] are all of the form (x − ω i α) for some i. Therefore:
g(x) = xm + · · · ± ω j αm
for some j. But g(x) ∈ E[x] and therefore ±ω j αm ∈ E, and hence αm ∈ E. Also,
αp = β ∈ E. But 1 ≤ m ≤ p − 1, and thus gcd(m, p) = 1, and hence there exist α, µ ∈ Z
such that λm + µp = 1, which shows that
α = αλm+µp = (αm )λ · (αp )µ ∈ E.
Hence α ∈ E, which gives a contradiction. 
42 KEVIN BUZZARD

Exercise. What is Gal(F/E) in case 2?

Funny examples of extensions by radicals where the degree of the of extensions is not what
you expect.

(1) Let ζ =√e2πi/p , then ζ 6∈ Q, ζ p ∈ Q, p prime, and [Q(ζ) : Q] = p − 1 6= p.

(2) If α = 3 2 ∈ R, ω = e2πi/3 , β = ωα, and E = Q(α), F = E(β), then [F : E] = 2.

Idle question. If 1 ≤ m ≤ n, can you find a field of characteristic 0, E, and an exten-

sion E ⊆ F , such that F = E(α), αn ∈ E and [F : E] = m?
If G is a finite group, then a finite filtration on G is a sequence
G = H0 ⊇ H1 ⊇ H2 ⊇ · · · ⊇ Hn = {1}
of subgroups Hi of G.
Fact from the Group Theory course: The following are equivalent for a finite group G:

(1) G has a finite filtration by subgroups Hi such that Hi+1 E Hi and the quotient group
Hi /Hi+1 is abelian,
(2) same, but Hi /Hi+1 is cyclic,
(3) same, but Hi /Hi+1 is cyclic of prime order.

A group is solvable or soluble if it satisfies any (and hence all) of these equivalent conditions.
Basic facts: If G is solvable then any subgroup and any quotient G/N are solvable.
Conversely, if G is a finite group, N E G, and N and G/N are both solvable, then G is
solvable.
Examples. Abelian groups are solvable. The symmetric group S4 is solvable:
S4 B A4 B V4 = {e, (12)(34), (13)(24), (14)(23)} B {1}.

However, S5 is not solvable, (and therefore, Sn is not solvable for all n ≥ 5).

Cheap proof that Sn and An , n ≥ 5, are not solvable. Say G = Sn or An for n ≥ 5. Set
s1 = (12)(34) ∈ G, s2 = (135) ∈ G, and s3 = s1 s2 = (14352) ∈ G. Suppose for a
contradiction that G is solvable. Write
G = H0 ⊇ H1 ⊇ H2 ⊇ · · · ⊇ Hd = {1}
with Hi+1 C Hi , Hi /Hi+1 cyclic of prime order.
We claim that s1 , s2 , s3 ∈ Hi for all i. This is a contradiction, since they are not in Hd . We
prove the claim by induction on i. Assume s1 , s2 , s3 ∈ Hi . Consider the images t1 , t2 , t2 ∈
Hi /Hi+1 ∼= Cp , the order of ti divides the order of si , order of ti is 1 or p, since p = |Hi /Hi+1 |.
Hence p is at most one of 2, 3, 5, and so at least 2 of ti are identity. But t1 t2 = t3 and hence ti
is the identity, so si ∈ Hi+1 . 
Theorem 7.2. If F/E is finite Galois for E of characteristic 0, and F/E is an extension
by radicals then Gal(F/E) is solvable.
 M3P11: GALOIS THEORY 43

Proof. Since F/E is solvable by radicals, suppose

E = F0 ⊆ F1 ⊆ F2 ⊆ · · · ⊆ Fd = F
with Fi+1 = Fi (αi ), αini ∈ Fi . Without loss of generality, we can assume that all ni are prime
(for example, if n = pq, replace α by αp , α to get E ⊆ E(αp ) ⊆ E(α) with (αp )q ∈ E.)
Set N to be the product of all the ni . Throw in an N th root of unity to apply Lemma 7.1. Set
K = E(ζN ) = splitting field of xN −1 over E, where (ζN )N = 1. Let L0 = K and Li = Fi (ζN ),
the splitting field of xN − 1 over Fi . Then Li+1 = Fi+1 (ζN ) = Fi (ζN , αi ) = Li (αi ), so
E ⊆ K = L0 ⊆ L1 ⊆ · · · ⊆ Ld ⊆ F (ζN )
is still an extension by radicals.
By applying the fundamental theorem of Galois theory 6.13 to the tower of extensions above,
we get that if G = Gal(F (ζN )/E) then
G = Gd ⊇ Gd−1 ⊇ · · · ⊇ G0 ⊇ {1}.
The fundamental theorem of Galois theory 6.13 applied to Li+1 /Li shows that Gi C Gi+1 and
the quotient is cyclic of prime order. Finally, we need to check Gal(K/E) is abelian. But
K = E(ζN ). If g, h ∈ Gal(K/E), then g(ζN ) = ζNA for some A and h(ζN ) = ζNB for some B,
and so gh(ζN ) = ζNBA = ζNAB = hg(ζN ). Thus gh and hg agree on E and ζN , and hence they
agree on K. Therefore, gh = hg and we have shown that Gal(K/E) is abelian.
Thus Gal(F (ζN )/E) is solvable, hence so is Gal(F/E), since it is its quotient by the funda-
mental theorem of Galois theory 6.13. 
Corollary 7.3. If f ∈ Q[x] is solvable by radicals (i.e. its roots are in an extension by
radicals) and L is the splitting field of f over Q, then Gal(L/Q) is solvable.
Proposition 7.4. If f (x) = x5 − 6x + 3 and L is the splitting field of f over Q, then
Gal(L/Q) ∼
= S5 .

Proof. Note that f is irreducible by Eisenstein’s criterion with p = 3. If α ∈ L is a root

then [Q(α) : Q] = 5, so [L : Q] = [L : Q(α)] × 5, a multiple of 5. Also, Gal(L/Q) = G
is a subgroup of S5 , and hence |G| is a multiple of 5. By Cauchy’s theorem, G contains
an element of order 5, a 5-cycle. Next, note G 3 complex conjugation. Now, f (−1) = 8,
f (1) = −2, and thus f has at least 3 real roots. But f 0 (x) = 5x4 − 6 has 2 zeroes, and
therefore f has exactly 3 real roots. Thus G ⊆ S5 , and it contains a 5-cycles and complex
conjugation. Without loss of generality, (12) = x, and replacing the 5-cycle by a power, we
can assume that the 5-cycle is (12345) = y. Then
yxy −1 = (23)
y(23)y −1 = (34)
y(24)y −1 = (45)
(12)(23)(12) = (13)
(13)(34)(13) = (14)
(14)(45)(14) = (15)
so G contains (1i) for all i, and hence it contains (ij) = (1i)(1j)(1i) for all i, j, all the
transpositions. Therefore, G = S5 . 
44 KEVIN BUZZARD

Corollary 7.5. There is no formula for the roots of a general quintic involving the coeffi-
√
cients and + − × ÷ n .