6. Quadratic Gauss Sums
Notes
Definition . Let a, b ∈ Z. Then we denote a|b if a divides b.
Definition . Let a and b be elements of Z. Then ∃c ∈ Z s.t. (a, b) = (c), where
c = gcd(a, b) = max{x ∈ Z| x|a and x|b }.
(p5, Chapter1)
Definition . We call integers t and s are congruent modulo p, if p| (t − s), and we write;
t ≡ s (p).
Definition . Let R an integral domain. An element r ∈ R is irreducible if r = ab implies a or b is a
unit in R. (p9 Chapter 1)
Definition . An integral domain R is called euclidian domain, if there exists a function λ from the
nonzero elements of R to the set {0, 1, . . . , } such that if a, b ∈ R, b ̸= 0, there exists c, d ∈ R with the
property a = cb + d and either d = 0 or λ(d) < λ(b).
Definition . An integral domain R is called a unique factorization domain if every nonzero element in
R can be written as a unique product of irreducible elements up to units and their orders. We use the
fact that every euclidean domain is a unique factorization domain: so C[x] and Z/pZ[x] for a prime p
are unique factorization domains.
An Introduction
For each prime p and integer a, we consider the congruence x2 ≡ a (p). In the last chapter, our goal was
to find a way to determine the solvability of this congruence. We call a quadratic residue or nonresidue
in the following manner.
Definition . If (a, m) = 1, a is called a quadratic residue (nonresidue) mod m if x2 ≡ a (m) has a
solution (no solutions). (p51 Chapter5)
The answer to the question above was given by the value of the Legendre Symbol.
( )
Definition . The Legendre symbol
a
p
will have the value 1 if a is a quadratic residue mod p, -1 if a
is a quadratic nonresidue mod p, and zero if p|a. (p52 Chapter 5)
1
2
And the value of Legendre Symbols can be computed with law of quadratic reciprocity.
Law of quadratic reciprocity (Proposition 5,1,2 and Theorem 1 in Chapter 5)
( )
p−1
a
2
≡
a
(p)
p
( ) ( )( )
ab
a
a
=
, ∀a, b ∈ Z
p
p
p
( ) ( )
a
b
a ≡ b (p) ⇒
=
p
p
(
)
p−1
−1
= (−1) 2
p
( )
p2 −1
2
= (−1) 8
p
( )( )
p−1 q−1
q
q
= (−1) 2 · 2 , where q ̸= p, p and q are odd primes.
p
p
Now our further interest is to generalize this law to that of higher degree. To achieve this, we need
to study another method to prove the reciprocity, which can be generalized in higher degree. In this
chapter we go back to the quadratic congruence and define the Quadratic Gauss sum to see how the
Quadratic Gauss sum works to prove law of quadratic reciprocity, together with how to compute them.
6.1. Algebraic Numbers and Algebraic Integers. .
In this section, we define algebraic numbers/integers, whose set forms respectively a field and a ring. In
this field and ring hold some important propositions we need in the later chapters.
Definition . An algebraic number is a complex number α that is a root of a polynomial
a0 xn + a1 xn−1 + · · · + an = 0 , where a0 , a1 , a2 , . . . an ∈ Q, and a0 ̸= 0
An algebraic integer ω is a complex number that is a root of a polynomial xn + b1 xn−1 + · · · + bn = 0,
where b1 , b2 , . . . , bn ∈ Z.
Proposition 6.1.1. A rational number r ∈ Q is an algebraic integer iff r ∈ Z.
Proof. (⇒)If r ∈ Z, then r is a root of x − r = 0. Thus r is an algebraic integer.
(⇐) Suppose that r ∈ Q and that r is an algebraic integer. Then r satisfies an equation
xn + b1 xn−1 + · · · + bn = 0
with b1 , . . . , bn ∈ Z. Let r = dc , where c, d ∈ Z and we may assume that c and d are relatively prime.
Substituting dc is into the equation and multiplying both sides by dn yields
cn + b1 cn−1 d + · · · + bn dn = 0.
Since d divides the right side of the equation and other terms in the left side, it follows that d divides
cn . Moreover, c|d, actually, d|cn implies d · y = cn . Since c divides the both sides and (d, c) = 1, c|y. So
we may rewrite the equation as d · y1 = cn−1 . By induction we have d · yn−1 = c. which follows that d|c.
This implies also (d) = (d, c) = (1) so d = ±1, and r = dc is in Z.
□
Definition . A subset V ⊂ C of the complex numbers is called a Q-module if
(a) γ1 , γ2 ∈ V implies that γ1 + γ2 ∈ V .
3
(b) γ ∈ V and r ∈ Q implies that rγ ∈ V .
∑l
(c) There exist elements γ1 , γ2 , . . . , γl ∈ V such that every γ ∈ V has the form i=1 ri γi with ri ∈ Q
More briefly, V ⊂ C is a Q-module if it is a finite dimensional Q-subvector space of C.
∑l
If γ1 , γ2 , . . . , γl ∈ C, the set of all expressions j=1 ri γi , r1 , r2 , . . . , rl ∈ Q is easily seen to be a Q-module.
We denote this Q-module by [γ1 , γ2 , . . . , γl ].
Proposition 6.1.2. Let V = [γ1 , γ2 , . . . , γl ] ̸= 0, and suppose that α ∈ C has the property that αγ ∈ V
for all γ ∈ V. Then α is an algebraic number.
∑l
Proof. αγi ∈ V for i = 1, 2, . . . , l. Thus αγi =
j=1 aij γj , where aij ∈ Q. It follows that 0 =
∑l
j=1 (aij − δij α)γj , where δij = 0 if i ̸= j and δij = 1 if i = j. This implies that det(aij − δij α) =0.
The equation above implies that rank(aij − δij α) ≤ l − 1, and hence det(aij − δij α) =0. By writing out
the determinant we see that α satisfies a polynomial of degree l with rational coefficients. Thus α is an
algebraic number.
□
Proposition 6.1.3. The set of algebraic numbers forms a field.
Proof. Suppose that α1 and α2 are algebraic numbers. We shall show that α1 α2 and α1 +α2 are algebraic
numbers. Suppose that α1n +r1 α1n−1 +r2 α1n−2 +· · ·+rn = 0 and that α2m +s1 α2m−1 +s2 α2m−2 +· · ·+sm = 0,
where ri , sj ∈ Q. Let V be the Q-module of all Q linear combinations of elements α1i α2j , where 0 ≤ i < n
∑
and 0 ≤ j < m. Let γ =
aij α1i α2j , aij ∈ Q. Then we have
∑
∑
∑
bij α1i α2j ∈ V
α1 γ =
aij α1i+1 α2j +
an−1 j α2j · −(r1 α1n−1 + r2 α1n−2 + · · · + rn ) =
j
0≤i<n−1, 0≤j<m
α2 γ =
∑
0≤i<n, 0≤j<m−1
aij α1i α2j+1
+
∑
ai
i
m−1 α1
· −(s1 α2m−1 + s2 α2m−2 + · · · + sm ) =
∑
cij α1i α2j ∈ V,
i
where bij and cij are some elements in Q. So for γ ∈ V we have α1 γ ∈ V and α2 γ ∈ V .
Thus we also have (α1 + α2 )γ ∈ V and (α1 α2 )γ ∈ V. By Propositon 6.1.2 it follows that both α1 + α2
and α1 α2 are algebraic numbers.
Finally, if α is an algebraic number, not zero, we must show that α−1 is an algebraic number. Suppose
that a0 αn + a1 αn−1 + · · · + an = 0, where ai ’s are in Q. Then by multiplying by α−n , we have
an α−n + an−1 α−(n−1) + · · · + a0 = 0, The result follows.
□
Definition . A subset W ⊂ C is called a Z-module if
(a)γ1 , γ2 ∈ W implies that γ1 + γ2 ∈ W .
∑l
(b) There exist elements γ1 , γ2 , . . . , γl ∈ W such that every γ ∈ W has the form i=1 ri γi with ri ∈ Z
Proposition 6.1.4. Let W = [γ1 , γ2 , . . . , γl ] ̸= 0 be a Z-module and suppose that ω ∈ C has the property
that ωγ ∈ W for all γ ∈ W . Then ω is an algebraic integer.
∑l
Proof. ωγi ∈ W for i = 1, 2, . . . , l. Thus ωγi =
j=1 aij γj , where aij ∈ Z. It follows that 0 =
∑l
j=1 (aij − δij ω)γj , where δij = 0 if i ̸= j and δij = 1 if i = j. det(aij − δij ω) =0. The equation above
implies that rank(aij − δij ω) ≤ l − 1, and det(aij − δij ω) =0. By writing out the determinant we see
that ω satisfies a polynomial of degree l with the leading coefficient 1 and integer coefficients. Thus ω is
an algebraic integer.
□
Proposition 6.1.5. The set of algebraic integers forms a ring.
4
Proof. Suppose that ω1 and ω2 are algebraic integers. We shall show that ω1 ω2 and ω1 + ω2 are algebraic
integers.
Suppose that ω1n + r1 ω1n−1 + r2 ω1n−2 + · · · + rn = 0 and that ω2m + s1 ω2m−1 + s2 ω2m−2 + · · · + sm = 0, where
ri , sj ∈ Z. Let W be the Z-module of all Z linear combinations of the elements ω1i ω2j , where 0 ≤ i < n
∑
and 0 ≤ j < m. Let γ =
aij ω1i ω2j . Then we have
∑
∑
∑
bij ω1i ω2j ∈ W
ω1 γ =
aij ω1i+1 ω2j +
an−1 j ω2j · −(r1 ω1n−1 + r2 ω1n−2 + · · · + rn ) =
j
0≤i<n−1, 0≤j<m
ω2 γ =
∑
aij ω1i ω2j+1
0≤i<n, 0≤j<m−1
+
∑
ai
i
m−1 ω1
· −(s1 ω2m−1 + s2 ω2m−2 + · · · + sm ) =
∑
cij ω1i ω2j ∈ W.
i
where bij and cij are some elements in Z. So for γ ∈ W we have ω1 γ ∈ W and ω2 γ ∈ W .
Thus we also have (ω1 + ω2 )γ ∈ W and (ω1 ω2 )γ ∈ W. By Propositon 6.1.4 it follows that both ω1 + ω2
and ω1 ω2 are algebraic integers.
□
Roots of unity are important examples of algebraic integers.
Proposition 6.1.6. If ω1 , ω2 ∈ Ω and p ∈ Z is a prime , then
(ω1 + ω2 )p ≡ ω1p + ω2p (p).
Proof.
(ω1 + ω2 )p
=
)
p (
∑
p
· ω1p−k · ω2k
k
k=0
= ω1p + p · ω1p−1 · ω2 + · · · + p ·
(p − 1)!
· ω p−k · ω2k + · · · + p · ω1 · ω2p−1 + ω2p
(p − k)! · k! 1
For 1 ≤ k ≤ p − 1 no integers neither in the expression
(p − k)! nor k! divide p, since each of them is less
( )
than p and relatively prime to p. So p divides kp . Thus, it follows that;
(ω1 + ω2 )p ≡ ω1p + ω2p (p)
□
Proposition 6.1.7. If α is an algebraic number, then α is the root of a unique monic irreducible f (x)
in Q. Furthermore if g(x) ∈ Q[x] and g(α) = 0, then f (x)|g(x).
Proof. Let f (x) be any monic irreducible with f (α) =0. We prove the second assertion first.
If f (x) does not divide g(x), then (f (x), g(x)) = (1), since f (x) is irrecucible and monic. So we may
write f (x)h(x) + g(x)t(x) = 1 by Lemma 4, Section 2, Chapter 1., for polynomials h(x), t(x) ∈ Q[x].
Putting x = α gives a contradiction. If there exists another polynomial f ′ (x) with the property, then by
the conclution above f (x)|f ′ (x) and f ′ (x)|f (x). Since f (x) is monic we conclude that f (x) = f ′ (x). So
the uniqueness is proved.
□
This uniquely determined polynomial f (x) of α is called the minimal polynomial of α. And if the
degree of the minimal polynomial is n, then α is called an algebraic number of degree n.
If α and γ are roots of f (x) then α und γ are said to be conjugate.
g(α)
Q(α) = { h(α)
|g(x), h(x) ∈ Q[x], h(α) ̸= 0} is a field. For such a field Q(α) holds an important proposition;
Proposition 6.1.8. If α ∈ Ω then Q(α) = Q[α], the minimam ring containing α and Q.
5
Proof. Clearly Q[α] = {g(α)|g(x) ∈ Q[x]} ⊆ Q(α). Let an element γ = g(α)h(α)−1 ∈ Q(α). By
the definition, h(α) ∈ Q[α], h(α) ̸= 0. Then by Proposition 6.1.7, f (x) does not divide h(x), where
f (x) is the minimal polynomial of α. Thus (f (x), h(x)) = (1) and f (x)s(x) + h(x)t(x) = 1, for some
polynomials s(x), t(x) ∈ Q[x]. Put x = α so that t(α)h(α) = 1. Thus, t(α) = h(α)−1 ∈ Q[α], and it
follows immediately that h(α)−1 ∈ Q[α] and γ = g(α)h(α)−1 ∈ Q[α].
□
Corollary . If α is an algebraic number of degree n then [Q(α) : Q] = n.
Proof. By Propositon 6.1.8 it is enough to show that [Q(α) : Q] = n. Since f (α) = 0 it is easily seen
that 1, . . . , αn−1 span Q[α]. On the other hand, if we have a0 + a1 α + · · · + an−1 αn−1 = 0, where
ai ∈ Q, then g(α) =0 for g(x) = a0 + a1 x + · · · + an−1 xn−1 . Then, by Proposition 6.1.7. f (x)|g(x). But
deg(g(x)) < deg(f (x)), which implies that a0 = a1 = · · · = an−1 = 0. Therefore 1, . . . , αn−1 are linealy
independent over Q.
□
6.2. The Quadratic Character of 2. .
( )
(See also Proposition 5.1.3, (p53). We want to show that
2
p
= (−1)
p2 −1
8
)
Let ζ = e 8 , a primitive eighth root of unity. 0 = ζ 8 − 1 so ζ is an algebraic integer. Let τ = ζ + ζ −1 .
Then we have
τ 2 − 2 = ζ 2 + ζ −2 = i − i = 0,
thus τ is also an algebraic integer. So we may work with congruences in the ring of algebraic integers.
Let p be an odd prime in Z and by Proposition 5.1.2. (p51) it follows that
( )
p−1
p−1
2
(p)
τ p−1 = (τ 2 ) 2 = 2 2 ≡
p
( )
( )
where p2 is the Legendere Symbol. Hence τ p ≡ p2 τ (p)
2πi
On the other hand by Proposition 1.6, τ p = (ζ + ζ −1 )p ≡ ζ p + ζ −p (p).
Remembering that ζ 8 = 1 we have ζ p + ζ −p = ζ p(8) + ζ −p(8) . Then ζ p + ζ −p = ζ + ζ −1 , if p ≡ ±1 (8).
and ζ p + ζ −p = ζ 3 + ζ −3 , if p ≡ ±3 (8). The result in the latter case may be simplified by observing
that ζ 4 = −1 implies that ζ 3 = −ζ −1 . Thus ζ p + ζ −p = −(ζ 1 + ζ −1 ) if p ≡ ±3 (8). Summarizing,
{
τ, if p ≡ ±1 (8)
τ p = ζ p + ζ −p =
−τ, if p ≡ ±3 (8)
( )
Substituting this result into the relation τ p ≡ p2 τ (p) yields
( )
2
p2 − 1
ϵ
(−1) τ ≡
τ (p), where ϵ =
.
p
8
Multiply both sides of the congruence by τ . Then
( )
2
(−1) 2 ≡
2 (p),
p
ϵ
implying that
( )
2
(p).
(−1) ≡
p
ϵ
( )
This last congruence implies that
2
p
= (−1)ϵ , which is the desired result.
6
Another example of law of quadratic reciprocity obtained by considering the sum of primitive nth roots of unity (Exercise 8)
2πi
Let ω = e 3 , and notice that (2ω + 1)2 = −3. Then let σ = 2ω + 1 and it follows by Propositon 5.1.2
that
(
)
p−1
p−1
−3
σ p−1 = σ 2· 2 = (−3) 2 ≡
(p),
p
from which follows that
(
)
−3
p
σ ≡σ
(p).
p
On the other hand by Propositon 6.1.6, we have σ p ≡ 2p ω p + 1 (p) and notice that 2ω 2 + 1 = −σ and
2p ω p + 1 ≡
≡
≡
≡
≡
2 · 2p−1 ω p + 1 (p)
p−1
2 · 4 2 ω p + 1 (p)
( )
4
2·
ω p + 1 (p)
p
( )2
2
2·
ω p + 1 (p)
p
2ω p + 1 (p),
p
which follows immediately that σ p ≡(σ (p)
) if p ≡ 1 (3), and σ (≡ −σ
) (p) if p ≡ 2 (3). By combining
−3
−3
these consequences we conclude that p = 1 if p ≡ 1 (3), and p = −1 if p ≡ −1 (3).
6.3. Quadratic Gauss Sums. .
In this section, we define the Quadratic Gauss sum for an integer a. We see that by Proposition 6.3.1
we only need to know the value of the Legendre symbol of a and that of the Quadratic Gauss sum of 1
to compute the Quadratic Gauss sum for some a. In the last of this section we prove another quadratic
reciprocity by using the Quadratic Gauss sum. Throughout the later sections we denote by ζ a primitive
pth root of unity, where p is an odd prime.
∑p−1 at
is equal to p if a ≡ 0 (p). Otherwise it is zero.
Lemma 1.
t=0 ζ
∑p−1 at
= p. If a ̸≡ 0 (p), then ζ a ̸= 1 and
Proof. If a ≡ 0 (p), then ζ at = 1, ∀t ∈ Z, and so
t=0 ζ
∑p−1 at
ap
a
(p−1)a
∗ ζ −1
= 1 + ζ + ··· + ζ
= ζ a −1 = 0.
t=0 ζ
*This expression is allowed because of the Proposition 6.1.8.
□
∑
p−1
Corollary . p−1 t=0 ζ t(x−y) = δ(x, y), where δ(x, y) = 1 if x ≡ y (p) and δ(x, y) = 0 if x ̸≡ y (p)
Proof. By substituting a by x − y and multiplying the both sides of equation by p−1 of Lemma 1, the
result follows immediately.
□
∑p−1 t
t
Lemma 2.
t=0 ( p ) = 0, where ( p ) is the Legendre symbol.
( )
Proof. By definition p0 = 0. Of the remaining p − 1 terms in the summation, half are +1 and half
are -1, since by Corollary 1 to Proposition 5.1.2, there are as many quadratic residues as quadratic
nonresidues mod p.
□
∑p−1 t at
Definition . ga = t=0 ( p )ζ , a ∈ Z is called the Quadratic Gauss sum.
7
Proposition 6.3.1. ga = ( ap )g1
Proof. If a ≡ 0 (p), then ζ at = 1 for all t, and ga =
∑p−1 ( t )
t=0
p
· 1 = 0 = 0 · ga by Lemma 2. This gives
the result in the case that a ≡ 0 (p).
Now suppose that a ̸≡ 0 (p). Then, from Proposition 5.1.2,
( )
)
p−1 (
p−1 ( )
∑
∑
a
at
x
ga =
ζ at =
ζ x = g1 .
p
p
p
t=0
x=0
( )
We have used the fact that at runs over a complete residue system mod p when t does and that xp
and ζ x depend only on the residue class of x modulo p.
( )2
( )
Since ap = 1 if a ̸≡ 0 (p), our result follows by multiplying the both sides of the equation ap ga = g1
( )
by ap .
□
We denote the Quadratic Gauss sum of 1 by g instead of g1 .
Proposition 6.3.2. g 2 = (−1)
p−1
2
p
∑p−1
Proof. The idea of the proof is to evaluate the sum
a=0 ga g−a in two ways. If a ̸≡ 0 (p), then
( )( )
( ) ( )2
( )
a
−a
−1
a
−1
2
2
2
ga g−a = p
g = p
g = p g . It follows that
p
p
p−1
∑
(
ga g−a =
a=0
−1
p
)
(p − 1)g 2 .
Now, notice that
ga g−a =
p−1 ( )
∑
x
x=0
p
ζ ax
p−1 ( )
∑
y
p
y=0
ζ −ay =
p−1 ∑
p−1 ( ) ( )
∑
x
y
x=0 y=0
p
p
ζ a(x−y) .
Summing both sides over a and using the corollary to Lemma 1 yields
p−1
p−1 ∑
p−1 ∑
p−1 ( ) ( )
p−1 ∑
p−1 ( ) ( ) ∑
p−1
∑
∑
∑
x
y
x
y
ga g−a =
ζ a(x−y) =
ζ a(x−y) .
p
p
p
p
a=0
a=0 x=0 y=0
x=0 y=0
a=0
=
p−1 ∑
p−1 ( ) ( )
∑
x
y
x=0 y=0
p
p
δ(x, y)p =
p−1 ( )2
∑
x
x=0
p = (p − 1)p
( )
(p − 1)g 2 = (p − 1)p. Therefore, g 2 = −1
p.
□
p
( )( )
p−1 q−1
p
2 · 2
(See also Theorem1 in Chapter5. We prove that for p ̸= q odd primes, pq
holds.)
q = (−1)
Putting these results together we obtain
Let p* = (−1)
p−1
2
(
)
p
−1
p
p. Then it holds
g q−1 = (g 2 )
q−1
2
= p∗
(
Thus
g ≡
q
p∗
q
q−1
2
(
≡
)
g (q).
p∗
q
)
(q)
8
Using Proposition 6.1.6 and the fact q is odd and the square of the Legendre symbol take 0 or 1, we see
(p−1 ( ) )q p−1 ( )
p−1 ( )
∑ t
∑ t q
∑
t
q
t
qt
g =
ζ
≡
ζ ≡
ζ qt ≡ gq (p).
p
p
p
t=0
t=0
t=0
( )
q
q
It follows that g ≡ gq ≡ p g (p) by Proposition 6.3.1, and so
( )
( )
p∗
q
g≡
g (q).
p
q
Multiply both sides by g, and use g 2 = p∗:
( )
( )
q
p∗
p∗ ≡
p ∗ (q),
p
q
which implies that
( ) ( )
q
p∗
≡
(q)
p
q
and finally
( ) ( )
q
p∗
=
.
p
q
From this we may conclude immediately that
( ) ( ) (
) p−1 ( )
( )
p−1 q−1
p
q
p∗
−1 2
p
=
=
= (−1) 2 · 2
.
p
q
q
q
q
( )
Multiplying both sides by pq yields the equation above.
In each of the case in which we deduced the law of quadratic reciprocity in the section 2 and 3, we have
seen the common methodology: we compute the pth power of the sum of primitive pth roots of unity in
two ways (with its quadratic property and Proposition 6.1.6) and equate them. The author implied this
method can be generalized in higher degree.
6.4. The Sign of the quadratic gauss sum. .
p−1
By the last proposition on the last section we see that g 2 = (−1) 2 p holds, from which follows imme√
diately the absolute value of the Quadratic Gauss sum is p. The goal of this section is to determine
its sign.
( )
From this section we denote the Legendre Symbol pj by χ(j) and the Quadratic Gauss sum g =
∑p−1
j
j=0 χ(j)ζ by g(χ).
Proposition 6.4.1. The polynomial 1 + x + · · · xp−1 is irreducible in Q.
Proof. By Exercise 4 and 5 at the end of this chapte,r it is enough to show that 1 + x + · · · + xp−1 has
no nontrivial factorization in Z[x]. Suppose, on the contrary, that 1 + x + · · · + xp−1 = f (x)g(x) where
f (x), g(x) ∈ Z[x] and each has degree greater than one. Putting x = 1 gives p = f (1)g(1). Therefore
we may assume g(1) = 1. Using a bar to denote reduction modulo p (we
) conclude that ḡ(1̄) ̸= 0̄. On
the other hand we have xp − 1 ≡ (x − 1)p (p), since it holds that p| kp for 1 ≤ k ≤ p − 1 as in the
proof of Proposition 6.1.6. Using the fact that Z/pZ[x] is a unique factorlization domain we may divide
the both sides of the equation by x − 1, showing that 1 + x + · · · + xp−1 ≡ (x − 1)p−1 (p) and hence
g(x) ≡ (x − 1)s (p) for some integer s. However, this contradicts the fact that ḡ(1̄) ̸= 0̄.
□
9
Remark . Combining the above proposition with Proposition 6.1.7, we see that if g(ζ) = 0 for g(x) ∈
Q[x], then 1 + x + · · · + xp−1 | g(x): 1 + · · · + xp−1 is the minimal polynomial of ζ.
Proposition 6.4.2.
p−1
2
∏
(ζ 2k−1 − ζ −(2k−1) )2 = (−1)
p−1
2
p.
k=1
∏p−1
Proof. One has xp − 1 = (x − 1) k=1 (x − ζ j ). Divide the both sides by x − 1 and put x = 1 to obtain
∏p−1
p = j=1 (1 − ζ j ). By taking another representatives of powers of a primitive pth root of 1, the index j
can be rewritten by ±(4k − 2), k = 1, . . . , p−1
2 ∗. Thus
p
p−1
∏
(1 − ζ j )
=
j=1
p−1
2
∏
=
(1 − ζ 4k−2 )(1 − ζ −(4k−2) )
k=1
p−1
2
∏
=
(1 − ζ 4k−2 )ζ −(2k−1) ζ 2k−1 (1 − ζ −(4k−2) )
k=1
p−1
2
∏
=
(ζ −(2k−1) − ζ 2k−1 )(ζ 2k−1 − ζ −(2k−1) )
k=1
p−1
= (−1)
p−1
2
2
∏
(ζ 2k−1 − ζ −(2k−1) )2 .
k=1
p−1
By multiplying both sides by (−1) 2 we obtain the desired equation.
* ζ ±(4k−2) = ζ 0 iff ±(4k − 2) ≡ 0 (p) ⇔ p| 2(2k − 1), but it is imppossible since p is a prime and k ≤ p−1
2
so 2k − 1 < p. Moreover, k ′ s do not coincide mod p. Suppose 4k1 − 2 ≡ ±(4k2 − 2) (p), then it follows
that p| k1 − k2 or p| k1 + k2 − 1, which is possible only if k1 = k2 since −(p − 2) ≤ k1 − k2 ≤ p − 2 and
p−1
k′ ′
1 ≤ k1 + k2 − 1 ≤ p − 2 by 1 ≤ k ≤ p−1
2 . Therefore {ζ |k = ±(4k − 2), k = 1, 2, . . . 2 } has distinct
′
s
p − 1 elements other than ζ 0 , which implies that {ζ k |k ′ = ±(4k − 2), k = 1, 2, . . . p−1
2 } = {ζ | s =
1, 2, . . . , p − 1}
□
Proposition 6.4.3.
p−1
2
∏
k=1
(ζ
2k−1
−ζ
−(2k−1)
{ √
p if p ≡ 1 (4)
√
)=
i p if p ≡ 3 (4).
10
Proof. By Proposition 6.4.2 we have to compute only the sign of the product. The product is
p−1
2
∏
)
2 (
∏
2(2k − 1)π
2(2k − 1)π
−2(2k − 1)π
−2(2k − 1)π
cos
+ i sin
− cos
− i sin
p
p
p
p
p−1
(ζ 2k−1 − ζ −(2k−1) ) =
k=1
k=1
p−1
=
2
∏
i · 2 sin
k=1
(4k − 2)π
p
p−1
= i
2
∏
p−1
2
2 sin
k=1
We consider how many terms in
∏ p−1
2
k=1
(4k − 2)π
.
p
2 sin (4k−2)π
are negative over integers k. Since 1 ≤ k ≤
p
p−1
2 ,
(4k−2)π
p+1
p−1
sin( 4k−2
< 2π ⇔ p+2
p )π < 0 iff π <
p
4 < k < 2 . But since k ≤ 2 , we count the number of
p+2
p−1
p−1
integers in the interval 4 < k ≤ 2 . It follows that the product has 2 − ⌊ p+2
4 ⌋ negative terms.*
*the number of integers x, which satisfy y < x ≤ p, is p − ⌊y⌋.
p−1
4l+1−1
p+2
4l+1−1
In the case p ≡ 1 (4), i 2 = i 2
= (−1)l and p−1
− ⌊ 4l+1+2
⌋ = 2l − l = l, so
2 −⌊ 4 ⌋ =
2
4
l
l
(−1) (−1) = 1.
p−1
4l+3−1
p+2
4l+3−1
In the case p ≡ 3 (4), i 2 = i 2 = i(−1)l and p−1
− ⌊ 4l+3+2
⌋ = 2l + 1 − (l + 1) = l,
2 −⌊ 4 ⌋ =
2
4
l
l
so i(−1) (−1) = i.
□
By Proposition 6.3.2 and Proposition 6.4.2 we know that
p−1
(1)
g(χ) = ϵ
2
∏
(ζ 2k−1 − ζ p−(2k−1) ),
k=1
where ϵ = ±1.
Proposition 6.4.4. ϵ = +1.
Proof. Consider the polynomial
f (x) =
p−1
∑
p−1
χ(j)x − ϵ
j
j=1
2
∏
(x2k−1 − xp−(2k−1) ).
k=1
Then f (ζ) = 0 by (1) and f (1) = 0 by Lemma 2. Actually, we have
f (ζ)
=
p−1
∑
p−1
χ(j)ζ j − ϵ
j=1
(ζ 2k−1 − ζ p−(2k−1) )
k=1
p−1
2
= g(χ) − ϵ
2
∏
∏
(ζ 2k−1 − ζ p · ζ −(2k−1) )
k=1
p−1
= g(χ) − ϵ
2
∏
k=1
=
0
(ζ 2k−1 − 1 · ζ −(2k−1) )
11
and
p−1
∑
f (1) =
p−1
χ(j)1j − ϵ
j=1
2
∏
(12k−1 − 1p−(2k−1) )
k=1
0−0
0.
=
=
By Remark 1 it follows that 1 + x + · · · + xp−1 |f (x), so we may write f (x) = h′ (x)(1 + x + · · · + xp−1 ).
From the fact that 1 + x + · · · + xp−1 and x − 1 are relatively prime, we conclude that x − 1 divides h′ (x)
above and and we may rewrite this as f (x) = (xp − 1)h(x). Replace x by ez to obtain
p−1
∑
(2)
p−1
jz
χ(j)e
−ϵ
j=1
χ(j)ejz
j=1
the coefficiet of z
p−1
2
is
(e(2k−1)z − e(p−(2k−1))z ) = (epz − 1)h(ez ).
k=1
We consider the coefficient of z
p−1
∑
2
∏
p−1
2
on the left-hand side of (2). Since
)
(
p−1
∑
p−1
1
1
2
=
χ(j) 1 + jz + (jz) + · · · + p−1 (jz) 2 + · · · ,
2!
2 !
j=1
∑p−1
j=1
p−1
2
χ(j) jp−1 ! .
2
On the other hand, notice that for each k, 1 ≤ k ≤
because
(e(2k−1)z − e(p−(2k−1)z) )
p−1
2
(e(2k−1)z − e(p−(2k−1)z) ) has no constant terms
=
(1 + (2k − 1)z + · · · ) − (1 + (p − (2k − 1))z + · · · )
=
(4k − p − 2)z + · · · .
p−1
2
And since the product is a product of p−1
2 terms of degree at least 1, to compute the coefficient of z
we only need to focus on the terms of degree 1 (the product of other terms are exclusively of degree more
∏ p−1
p−1
2
2 .
than p−1
).
Hence
we
have
ϵ
k=1 (4k − p − 2) as the coefficint of z
2
p−1
By Exercise 21 the coefficient of z 2 on the right-hand side of (3) is pA
B where p ̸ |B, A and B being
p−1
integers. To sum up, the equation of coefficients of z 2 is
p−1
∑p−1
p−1
2
∏
2
pA
j=1 χ(j)j
(4k − p − 2) =
−
ϵ
.
p−1
B
!
2
k=1
Multiplying by
B( p−1
2 )!
p−1
∑
and reducing modulo p shows that
χ(j)j
p−1
2
(
≡ ϵ
j=1
) p−1
2
p−1 ∏
(4k − 2) (p)
!
2
k=1
p−1
≡ ϵ(2 · 4 · 6 · · · (p − 1))
2
∏
(2k − 1) (p)
k=1
≡ ϵ(2 · 4 · 6 · · · (p − 1))(1 · 3 · 5 · · · (p − 2)) (p)
≡ ϵ(p − 1)! (p)
∗ ≡
−ϵ (p)
12
*using Wilson’s theorem (Corollary to Proposition 4.1.1).
p−1
By Proposition 5.1.2 j 2 ≡ χ(j) (p) so one has
p−1
∑
p−1
∑
χ(j) ≡
(±1)2 ≡ p − 1 ≡ −1 ≡ −ϵ (p)
2
j=1
j=1
and therefore
ϵ ≡ 1 (p).
Since ϵ = ±1 we conclude finally that ϵ = +1. This concludes the proof.
□
Theorem 1. The value of the Quadratic Gauss sum g(χ) is given by
{ √
p if p ≡ 1 (4)
√
g(χ) =
i p if p ≡ 3 (4).
Solutions to important Exercises
Excercise 4
Let f (x) = a0 +a1 x+· · ·+an xn and g(x) = b0 +b1 x+· · ·+bm xm be primitive polynomials in Z[x] and let
∑n+m ∑
∑n+m
k
k
ck , 0 ≤ k ≤ m + n denote the coefficients of f (x)g(x) : f (x)g(x) = k=0
s+t=k as bt x =
k=0 ck x .
Suppose (c0 , c1 , . . . , cm+n ) = (l), where l ̸= 1. Then there exist a prime p which divides l, and suppose
that i and j are the smallest numbers such that p ̸ | ai and p ̸ | bj . Then it follows that
∑
ci+j =
as bt = a0 bi+j + a1 bi+j−1 + · · · + ai−1 bj+1 + (ai bj ) + ai+1 bj−1 + · · · + ai+j b0
s+t=i+j
= (a0 bi+j + a1 bi+j−1 + · · · + ai−1 bj+1 + ai+1 bj−1 + · · · + ai+j b0 ) + ai bj
≡ ai bj (p)
̸≡ 0 (p)
since p divides a0 , a1 , . . . , ai−1 and b0 , b1 , . . . , bj−1 therefore a0 bi+j +a1 bi+j−1 +· · ·+ai−1 bj+1 +ai+1 bj−1 +
· · · + ai+j b0 , and p divides ai bj iff p|ai or p|bj . But it contradicts to the fact that p divides ci+j and it
follows that p|ai and p|bj for all i, j, which cannot be the case since f (x) and g(x) are primitive. Hence
(c0 , c1 , . . . , cm+n ) = (1) and f (x)g(x) is primitive.
Exercise 5
Let g(x) = xn + an−1 xn−1 + · · · + a0 be a polynomial in Z[x] with g(α) = 0. Then by Proposition 6.1.7
f (x)|g(x). So for some h(x) ∈ Q[x], g(x) = f (x)h(x). Let c be the product of all denomitor of the
coefficients of f (x) and h(x). It follows that c · g(x) = f ′ (x)h′ (x), where f ′ (x) and h′ (x) are in Z[x]. We
may assume that f ′ (x) is primitive, by dividing f ′ (x) by the greatest common diviser of its coefficients
d and redefining h′ (x) as the product of h′ (x) and d. Let the greatest common divisor of coefficients
of h′ (x) be n. Since the leading coefficient of g(x) is 1, no prime can devide g(x), therefore n|c and
h′ (x)
c
c
c
′
n g(x) = f (x) n . By Exercise 4, n g(x) is primitive, and since g(x) ∈ Z[x], n must be ±1. Hence it
′
′
follows that g(x) = f ′ (x)(± h n(x) ), where both f ′ (x) and ± h n(x) are in Z[x]. Since the leading coefficient
′
of g(x) is 1, those of f ′ (x) and ± h n(x) are ±1. We may assume that of f ′ (x) is 1. Again by Proposition
6.1.7 f (x)|f ′ (x) with degf (x) = degf ′ (x), which implies f (x) = f ′ (x) ∈ Z[x].
13
Exercise 9
By Lemma 1,
On the other hand,
( ))
∑(
∑
∑(t)
t
t
t
1+
ζ =
ζ +
= 0 + g = g.
p
p
( ))
∑(
t
1+
ζt
p
=
∑
1+
(1 + 1)ζ t +
t∈QR
=
1+2
∑
t∈QR
∑
(1 + (−1))ζ t
t∈QN R
ζt = 1 +
p−1
∑
2
ζt =
∑
2
ζt ,
t=1
where QR and QN R are respectively the set of the quadratic residues and that of quadratic nonresidues.
The equation on the second line follows from the fact that a2 ≡ (−a)2 (p) and there exist p−1
2 quadratic
residues and quadratic nonresidues i.e. for each quadratic residue t there are exactly 2 elements a, 1 ≤
a ≤ p − 1 such that t = a2 .
Exercise 16
We consider f ′ (x), the formal derivative of f (x).
Definition . In a polynomial ring with a commutative ring R, the formal derivative f ′ (x) of f (x) =
a0 + a1 x + · · · + an xn ∈ R[x] is defined as
f ′ (x) = a1 + 2a2 x1 + · · · + (i + 1)ai+1 xi + · · · + nan xn−1 .
Suppose f (x) has β ∈ C as a repeated solution. Then, f (x) can be written as f (x) = (x − β)s q(x) ∈
C[x], where 2 ≤ s ∈ N. It follows that f ′ (x) = (x − β)s−1 q(x) + (x − β)s q ′ (x) so f ′ (x) has β as a root.
On the other hand, f ′ (x) itself is by the definition in Q[x]. f (x) is the minimal polynomial of β since if
there exists other minimal polynomial other than f , it divides f and it contradicts to the fact that f is
irreducible. Therefore by Proposition 6.1.7 f (x) divide f ′ (x) while degf > degf ′ . A contradiction.
Exercise 21 ∑
∑∞
∞
Let f (x) = n=0 an!n xn and g(x) = n=0 bn!n xn , where p|ai , i = 0, 1, 2, . . . , p − 1. Then it follows that
(
)
1
1
f (x)g(x) = a0 b0 + (a0 b1 + a1 b0 )x +
a0 b2 + a1 b1 + a2 b0 x2 + · · ·
2!
2!
(
)
1
1
1
+
a0 bj + · · · +
ai bj−i + · · · + aj b0 xj + · · ·
j!
i!(j − i)!
j!
(
)
1
1
1
+
a0 bp−1 + · · · +
ai bp−1−i + · · · +
ap−1 b0 xp−1 + · · ·
(p − 1)!
i!(p − 1 − i)!
(p − 1)!
(
)
B
B
1 B
B
=
a0 b0 + (a0 b1 + a1 b0 )x +
a0 b2 + Ba1 b1 + a2 b0 x2 + · · ·
B
B
B 2!
2!
(
)
1 B
B
B
+
a0 bj + · · · +
ai bj−i + · · · + aj b0 xj + · · ·
B j!
i!(j − i)!
j!
(
)
B
p−1
1 p−1
! a0 bp−1 + · · · +
ai bp−1−i + · · · +
!ap−1 b0 xp−1 + · · · ,
+
B
2
i!(p − 1 − i)!
2
14
p−1
where B = (p − 1)! p−1
2 !. p does not divide (p − 1)! 2 ! since each of the integers in these expressions is
B
less than and relatively prime to p. For every i ≤ j ≤ p − 1 , i!(j−i)!
is an integer since eigher i or j − i is
equal or less than
p−1
2
and the another is also
( equal or less than p−1, which follows that)i!(j −i)!|B. And
since p divides a0 , a1 , . . . , ap−1 , p divides
1
B
B
j! a0 bj
+ ··· +
So the coefficients of x , j = 0, 1, . . . , p − 1 can be written
j
B
B
i!(j−i)! ai bj−i + · · · + j! aj b0 , ∀0 ≤
A
as p B
, where p does not divide B.
j ≤ p − 1.