Proofs of quadratic reciprocity

In number theory, the law of quadratic reciprocity, like the Pythagorean theorem, has lent itself to an unusually large number of proofs. Several hundred proofs of the law of quadratic reciprocity have been published.

Proof synopsis

Of the elementary combinatorial proofs, there are two which apply types of double counting. One by Gotthold Eisenstein counts lattice points. Another applies Zolotarev's lemma to ${\displaystyle (\mathbb {Z} /pq\mathbb {Z} )^{\times }}$, expressed by the Chinese remainder theorem as ${\displaystyle (\mathbb {Z} /p\mathbb {Z} )^{\times }\times (\mathbb {Z} /q\mathbb {Z} )^{\times }}$ and calculates the signature of a permutation. The shortest known proof also uses a simplified version of double counting, namely double counting modulo a fixed prime.

Eisenstein's proof

Eisenstein's proof of quadratic reciprocity is a simplification of Gauss's third proof. It is more geometrically intuitive and requires less technical manipulation.

The point of departure is "Eisenstein's lemma", which states that for distinct odd primes p, q,

${\displaystyle \left({\frac {q}{p}}\right)=(-1)^{\sum _{u}\left\lfloor qu/p\right\rfloor },}$

where ${\displaystyle \left\lfloor x\right\rfloor }$ denotes the floor function (the largest integer less than or equal to x), and where the sum is taken over the even integers u = 2, 4, 6, ..., p−1. For example,

${\displaystyle \left({\frac {7}{11}}\right)=(-1)^{\left\lfloor 14/11\right\rfloor +\left\lfloor 28/11\right\rfloor +\left\lfloor 42/11\right\rfloor +\left\lfloor 56/11\right\rfloor +\left\lfloor 70/11\right\rfloor }=(-1)^{1+2+3+5+6}=(-1)^{17}=-1.}$

This result is very similar to Gauss's lemma, and can be proved in a similar fashion (proof given below).

Using this representation of (q/p), the main argument is quite elegant. The sum ${\textstyle \sum _{u}\left\lfloor qu/p\right\rfloor }$ counts the number of lattice points with even x-coordinate in the interior of the triangle ABC in the following diagram:

Lattice point diagram

Example showing lattice points inside ABC with even x-coordinates, for p = 11 and q = 7

Because each column has an even number of points (namely q−1 points), the number of such lattice points in the region BCYX is the same modulo 2 as the number of such points in the region CZY:

The number of points with even x-coordinate inside BCYX (marked by O's) is equal modulo 2 to the number of such points in CZY (marked by X's)

Then by flipping the diagram in both axes, we see that the number of points with even x-coordinate inside CZY is the same as the number of points inside AXY having oddx-coordinates. This can be justified mathematically by noting that ${\displaystyle \textstyle q-1-\left\lfloor {\frac {2kq}{p}}\right\rfloor =\left\lfloor {\frac {(p-2k)q}{p}}\right\rfloor }$. ^[1]

The number of points with even x-coordinate inside CZY is equal to the number of points with oddx-coordinate inside AXY

The conclusion is that

${\displaystyle \left({\frac {q}{p}}\right)=(-1)^{\mu },}$

where μ is the total number of lattice points in the interior of AXY.

Switching p and q, the same argument shows that

${\displaystyle \left({\frac {p}{q}}\right)=(-1)^{\nu },}$

where ν is the number of lattice points in the interior of WYA. Since there are no lattice points on the line AY itself (because p and q are relatively prime), and since the total number of points in the rectangle WYXA is

${\displaystyle \left({\frac {p-1}{2}}\right)\left({\frac {q-1}{2}}\right),}$

we obtain

${\displaystyle \left({\frac {q}{p}}\right)\left({\frac {p}{q}}\right)=(-1)^{\mu +\nu }=(-1)^{(p-1)(q-1)/4}.}$

Proof of Eisenstein's lemma

For an even integer u in the range 1 ≤ u ≤ p−1, denote by r(u) the least positive residue of qu modulo p. (For example, for p = 11, q = 7, we allow u = 2, 4, 6, 8, 10, and the corresponding values of r(u) are 3, 6, 9, 1, 4.) The numbers (−1)^r(u)r(u), again treated as least positive residues modulo p, are all even (in our running example, they are 8, 6, 2, 10, 4.) Furthermore, they are all distinct, because if (−1)^r(u)r(u) ≡ (−1)^r(t)r(t) (mod p), then we may divide out by q to obtain u ≡ ±t (mod p). This forces u ≡ t (mod p), because both u and t are even, whereas p is odd. Since there exactly (p−1)/2 of them and they are distinct, they must be simply a rearrangement of the even integers 2, 4, ..., p−1. Multiplying them together, we obtain

${\displaystyle (-1)^{r(2)}2q\cdot (-1)^{r(4)}4q\cdot \cdots \cdot (-1)^{r(p-1)}(p-1)q\equiv 2\cdot 4\cdot \cdots \cdot (p-1){\pmod {p}}.}$

Dividing out successively by 2, 4, ..., p−1 on both sides (which is permissible since none of them are divisible by p) and rearranging, we have

${\displaystyle q^{(p-1)/2}\equiv (-1)^{r(2)+r(4)+\cdots +r(p-1)}{\pmod {p}}.}$

On the other hand, by the definition of r(u) and the floor function,

${\displaystyle {\frac {qu}{p}}=\left\lfloor {\frac {qu}{p}}\right\rfloor +{\frac {r(u)}{p}},}$

and since p is odd and u is even,

${\displaystyle qu=p\left\lfloor {\frac {qu}{p}}\right\rfloor +r(u)}$

implies that ${\displaystyle \left\lfloor qu/p\right\rfloor }$ and r(u) are congruent modulo 2.

Finally this shows that

${\displaystyle q^{(p-1)/2}\equiv (-1)^{\sum _{u}\left\lfloor qu/p\right\rfloor }{\pmod {p}}.}$

We are finished because the left hand side is just an alternative expression for (q/p).

Addendum to the lemma

This lemma essentially states that the number of least residues after doubling that are odd gives the value of (q/p). This follows easily from Gauss' lemma.

Also, ${\displaystyle qu=p\left\lfloor {\frac {qu}{p}}\right\rfloor +r(u)}$ implies that ${\displaystyle \left\lfloor qu/p\right\rfloor }$ and r(u) are either congruent modulo 2, or incongruent, depending solely on the parity of u.

This means that the residues ${\displaystyle 1,2,\dots ,{\frac {p-1}{2}}}$ are (in)congruent to ${\displaystyle \left\lfloor qu/p\right\rfloor }$, and so

${\displaystyle (-1)^{\frac {p-1}{2}}\equiv (-1)^{\sum _{u}\left\lfloor qu/p\right\rfloor }\equiv (-1)^{\sum _{u}r(u)+u}}$

where ${\displaystyle \textstyle 1\leq u\leq {\frac {p-1}{2}}}$.

For example, using the previous example of ${\displaystyle p=7,q=11}$, the residues are ${\displaystyle 7,3,10,6,2}$ and the floor function gives ${\displaystyle 0,1,1,2,3}$. The pattern of congruence is ${\displaystyle 1,0,1,0,1}$.

Proof using quadratic Gauss sums

The proof of Quadratic Reciprocity using Gauss sums is one of the more common and classic proofs. These proofs work by comparing computations of single values in two different ways, one using Euler's Criterion and the other using the Binomial theorem. As an example of how Euler's criterion is used, we can use it to give a quick proof of the first supplemental case of determining ${\textstyle \left({\frac {-1}{p}}\right)}$ for an odd prime p: By Euler's criterion ${\textstyle \left({\frac {-1}{p}}\right)\equiv (-1)^{\frac {p-1}{2}}{\pmod {p}}}$ , but since both sides of the equivalence are ±1 and p is odd, we can deduce that ${\textstyle \left({\frac {-1}{p}}\right)=(-1)^{\frac {p-1}{2}}}$.

The second supplemental case

Let ${\textstyle \zeta _{8}=e^{2\pi i/8}}$, a primitive 8th root of unity and set ${\textstyle \tau =\zeta _{8}+\zeta _{8}^{-1}}$. Since ${\textstyle \zeta _{8}^{2}=i}$ and ${\textstyle \zeta _{8}^{-2}=-i}$ we see that ${\textstyle \tau ^{2}=2}$. Because ${\displaystyle \tau }$ is an algebraic integer, if p is an odd prime it makes sense to talk about it modulo p. (Formally we are considering the commutative ring formed by factoring the algebraic integers ${\displaystyle \mathbf {A} }$ with the ideal generated by p. Because ${\displaystyle p^{-1}}$ is not an algebraic integer, 1, 2, ..., p are distinct elements of ${\displaystyle {\mathbf {A} }/p{\mathbf {A} }}$.) Using Euler's criterion, it follows that

$${\displaystyle \tau ^{p-1}=(\tau ^{2})^{\frac {p-1}{2}}=2^{\frac {p-1}{2}}\equiv \left({\frac {2}{p}}\right){\pmod {p}}}$$

We can then say that

$${\displaystyle \tau ^{p}\equiv \left({\frac {2}{p}}\right)\tau {\pmod {p}}}$$

But we can also compute ${\textstyle \tau ^{p}{\pmod {p}}}$ using the binomial theorem. Because the cross terms in the binomial expansion all contain factors of p, we find that ${\textstyle \tau ^{p}\equiv \zeta _{8}^{p}+\zeta _{8}^{-p}{\pmod {p}}}$. We can evaluate this more exactly by breaking this up into two cases

• ${\textstyle p\equiv \pm 1{\pmod {8}}\Rightarrow \zeta _{8}^{p}+\zeta _{8}^{-p}=\zeta _{8}+\zeta _{8}^{-1}}$.
• ${\textstyle p\equiv \pm 3{\pmod {8}}\Rightarrow \zeta _{8}^{p}+\zeta _{8}^{-p}=-\zeta _{8}-\zeta _{8}^{-1}}$.

These are the only options for a prime modulo 8 and both of these cases can be computed using the exponential form ${\textstyle \zeta _{8}=e^{\frac {2\pi i}{8}}}$. We can write this succinctly for all odd primes p as

$${\displaystyle \tau ^{p}\equiv (-1)^{\frac {p^{2}-1}{8}}\tau {\pmod {p}}}$$

Combining these two expressions for ${\textstyle \tau ^{p}{\pmod {p}}}$ and multiplying through by ${\displaystyle \tau }$ we find that ${\textstyle 2\cdot \left({\frac {2}{p}}\right)\equiv 2\cdot (-1)^{\frac {p^{2}-1}{8}}{\pmod {p}}}$. Since both ${\textstyle \left({\frac {2}{p}}\right)}$ and ${\displaystyle (-1)^{\frac {p^{2}-1}{8}}}$ are ±1 and 2 is invertible modulo p, we can conclude that

$${\displaystyle \left({\frac {2}{p}}\right)=(-1)^{\frac {p^{2}-1}{8}}}$$

The general case

The idea for the general proof follows the above supplemental case: Find an algebraic integer that somehow encodes the Legendre symbols for p, then find a relationship between Legendre symbols by computing the qth power of this algebraic integer modulo q in two different ways, one using Euler's criterion the other using the binomial theorem.

Let

$${\displaystyle g_{p}=\sum _{k=1}^{p-1}\left({\frac {k}{p}}\right)\zeta _{p}^{k}}$$

where ${\displaystyle \zeta _{p}=e^{2\pi i/p}}$ is a primitive pth root of unity. This is a quadratic Gauss sum. A fundamental property of these Gauss sums is that

$${\displaystyle g_{p}^{2}=p^{*}}$$

where ${\textstyle p^{*}=\left({\frac {-1}{p}}\right)p}$. To put this in context of the next proof, the individual elements of the Gauss sum are in the cyclotomic field ${\displaystyle L=\mathbb {Q} (\zeta _{p})}$ but the above formula shows that the sum itself is a generator of the unique quadratic field contained in L. Again, since the quadratic Gauss sum is an algebraic integer, we can use modular arithmetic with it. Using this fundamental formula and Euler's criterion we find that

$${\displaystyle g_{p}^{q-1}=(g_{p}^{2})^{\frac {q-1}{2}}=(p^{*})^{\frac {q-1}{2}}\equiv \left({\frac {p^{*}}{q}}\right){\pmod {q}}}$$

Therefore

$${\displaystyle g_{p}^{q}\equiv \left({\frac {p^{*}}{q}}\right)g_{p}{\pmod {q}}}$$

Using the binomial theorem, we also find that ${\textstyle g_{p}^{q}\equiv \sum _{k=1}^{p-1}\left({\frac {k}{p}}\right)\zeta _{p}^{qk}{\pmod {q}}}$, If we let a be a multiplicative inverse of ${\displaystyle q{\pmod {p}}}$, then we can rewrite this sum as ${\textstyle \left({\frac {a}{p}}\right)\sum _{t=1}^{p-1}\left({\frac {t}{p}}\right)\zeta _{p}^{t}}$ using the substitution ${\displaystyle t=qk}$, which doesn't affect the range of the sum. Since ${\textstyle \left({\frac {a}{p}}\right)=\left({\frac {q}{p}}\right)}$, we can then write

$${\displaystyle g_{p}^{q}\equiv \left({\frac {q}{p}}\right)g_{p}{\pmod {q}}}$$

Using these two expressions for ${\textstyle g_{p}^{q}{\pmod {q}}}$, and multiplying through by ${\displaystyle g_{p}}$ gives

$${\displaystyle \left({\frac {q}{p}}\right)p^{*}\equiv \left({\frac {p^{*}}{q}}\right)p^{*}{\pmod {q}}}$$

Since ${\displaystyle p^{*}}$ is invertible modulo q, and the Legendre symbols are either ±1, we can then conclude that

$${\displaystyle \left({\frac {q}{p}}\right)=\left({\frac {p^{*}}{q}}\right)}$$

Proof using algebraic number theory

The proof presented here is by no means the simplest known; however, it is quite a deep one, in the sense that it motivates some of the ideas of Artin reciprocity.

Cyclotomic field setup

Suppose that p is an odd prime. The action takes place inside the cyclotomic field ${\displaystyle L=\mathbb {Q} (\zeta _{p}),}$ where ζ_p is a primitive p^th root of unity. The basic theory of cyclotomic fields informs us that there is a canonical isomorphism

${\displaystyle G=\operatorname {Gal} (L/\mathbb {Q} )\cong (\mathbb {Z} /p\mathbb {Z} )^{\times }}$

which sends the automorphism σ_a satisfying ${\displaystyle \sigma _{a}(\zeta _{p})=\zeta _{p}^{a}}$ to the element ${\displaystyle a\in (\mathbb {Z} /p\mathbb {Z} )^{\times }.}$ In particular, this isomorphism is injective because the multiplicative group of a field is a cyclic group: ${\displaystyle F^{\times }\cong C_{p-1}}$.

Now consider the subgroup H of squares of elements of G. Since G is cyclic, H has index 2 in G, so the subfield corresponding to H under the Galois correspondence must be a quadratic extension of Q. (In fact it is the unique quadratic extension of Q contained in L.) The Gaussian period theory determines which one; it turns out to be ${\displaystyle \mathbb {Q} ({\sqrt {p^{*}}})}$, where

${\displaystyle p^{*}=\left\{{\begin{array}{rl}p&{\text{if }}p\equiv 1{\pmod {4}},\\-p&{\text{if }}p\equiv 3{\pmod {4}}.\end{array}}\right.}$

At this point we start to see a hint of quadratic reciprocity emerging from our framework. On one hand, the image of H in ${\displaystyle (\mathbb {Z} /p\mathbb {Z} )^{\times }}$ consists precisely of the (nonzero) quadratic residues modulo p. On the other hand, H is related to an attempt to take the square root of p (or possibly of −p). In other words, if now q is a prime (different from p), we have shown that

${\displaystyle \left({\frac {q}{p}}\right)=1\quad \iff \quad \sigma _{q}\in H\quad \iff \quad \sigma _{q}{\mbox{ fixes }}\mathbb {Q} ({\sqrt {p^{*}}}).}$

The Frobenius automorphism

In the ring of integers ${\displaystyle {\mathcal {O}}_{L}=\mathbb {Z} [\zeta _{p}]}$, choose any unramified prime ideal β of lying over q, and let ${\displaystyle \phi \in \operatorname {Gal} (L/\mathbb {Q} )}$ be the Frobenius automorphism associated to β; the characteristic property of ${\displaystyle \phi }$ is that

${\displaystyle \phi (x)\equiv x^{q}\!\!\!{\pmod {\beta }}\ {\text{ for any }}x\in {\mathcal {O}}_{L}.}$

(The existence of such a Frobenius element depends on quite a bit of algebraic number theory machinery.)

The key fact about ${\displaystyle \phi }$ that we need is that for any subfield K of L,

${\displaystyle \phi \,{\mbox{ fixes }}K\quad \iff \quad q\,{\mbox{ splits completely in }}K.}$

Indeed, let δ be any ideal of O_K below β (and hence above q). Then, since ${\displaystyle \phi (x)\equiv x^{q}\!\!\!{\pmod {\delta }}}$ for any ${\displaystyle x\in {\mathcal {O}}_{K}}$, we see that ${\displaystyle \phi \vert _{K}\in \operatorname {Gal} (K/\mathbb {Q} )}$ is a Frobenius for δ. A standard result concerning ${\displaystyle \phi }$ is that its order is equal to the corresponding inertial degree; that is,

${\displaystyle \operatorname {ord} (\phi \vert _{K})=[O_{K}/\delta O_{K}:\mathbb {Z} /q\mathbb {Z} ].}$

The left hand side is equal to 1 if and only if φ fixes K, and the right hand side is equal to one if and only q splits completely in K, so we are done.

Now, since the p^th roots of unity are distinct modulo β (i.e. the polynomial X^p − 1 is separable in characteristic q), we must have

${\displaystyle \phi (\zeta _{p})=\zeta _{p}^{q};}$

that is, ${\displaystyle \phi }$ coincides with the automorphism σ_q defined earlier. Taking K to be the quadratic field in which we are interested, we obtain the equivalence

${\displaystyle \left({\frac {q}{p}}\right)=1\quad \iff \quad q\,{\mbox{ splits completely in }}\mathbb {Q} ({\sqrt {p^{*}}}).}$

Completing the proof

Finally we must show that

${\displaystyle q\,{\mbox{ splits completely in }}\mathbb {Q} ({\sqrt {p^{*}}})\quad \iff \quad \left({\frac {p^{*}}{q}}\right)=1.}$

Once we have done this, the law of quadratic reciprocity falls out immediately since

${\displaystyle \left({\frac {p^{*}}{q}}\right)=\left({\frac {p}{q}}\right)\ {\text{ for }}p\equiv 1\!\!\!{\pmod {4}},}$

and

${\displaystyle \left({\frac {p^{*}}{q}}\right)=\left({\frac {-p}{q}}\right)=\left({\frac {-1}{q}}\right)\left({\frac {p}{q}}\right)={\begin{cases}+\left({\frac {p}{q}}\right)&{\mbox{if }}q\equiv 1{\pmod {4}},\\-\left({\frac {p}{q}}\right)&{\mbox{if }}q\equiv 3{\pmod {4}}\end{cases}}}$

for ${\displaystyle p\equiv 3\!\!\!{\pmod {4}}}$.

To show the last equivalence, suppose first that ${\displaystyle \left({\frac {p^{*}}{q}}\right)=1.}$ In this case, there is some integer x (not divisible by q) such that ${\displaystyle x^{2}\equiv p^{*}{\pmod {q}},}$ say ${\displaystyle x^{2}-p^{*}=cq}$ for some integer c. Let ${\displaystyle K=\mathbb {Q} ({\sqrt {p^{*}}}),}$ and consider the ideal ${\displaystyle (x-{\sqrt {p^{*}}},q)}$ of K. It certainly divides the principal ideal (q). It cannot be equal to (q), since ${\displaystyle x-{\sqrt {p^{*}}}}$ is not divisible by q. It cannot be the unit ideal, because then

${\displaystyle (x+{\sqrt {p^{*}}})=(x+{\sqrt {p^{*}}})(x-{\sqrt {p^{*}}},q)=(cq,q(x+{\sqrt {p^{*}}}))}$

is divisible by q, which is again impossible. Therefore (q) must split in K.

Conversely, suppose that (q) splits, and let β be a prime of K above q. Then ${\displaystyle (q)\subsetneq \beta ,}$ so we may choose some

${\displaystyle a+b{\sqrt {p^{*}}}\in \beta \setminus (q),{\text{ where }}a,b\in \mathbb {Q} .}$

Actually, since ${\displaystyle p^{*}\equiv 1\!\!\!{\pmod {4}},}$ elementary theory of quadratic fields implies that the ring of integers of K is precisely ${\displaystyle \mathbb {Z} \left[{\frac {1+{\sqrt {p^{*}}}}{2}}\right],}$ so the denominators of a and b are at worst equal to 2. Since q ≠ 2, we may safely multiply a and b by 2, and assume that ${\displaystyle a+b{\sqrt {p^{*}}}\in \beta \setminus (q),}$ where now a and b are in Z. In this case we have

${\displaystyle (a+b{\sqrt {p^{*}}})(a-b{\sqrt {p^{*}}})=a^{2}-b^{2}p^{*}\in \beta \cap \mathbb {Z} =(q),}$

so ${\displaystyle q\mid a^{2}-b^{2}p^{*}.}$ However, q cannot divide b, since then also q divides a, which contradicts our choice of ${\displaystyle a+b{\sqrt {p^{*}}}.}$ Therefore, we may divide by b modulo q, to obtain ${\displaystyle p^{*}\equiv (ab^{-1})^{2}\!\!\!{\pmod {q}}}$ as desired.

References

1. "Gauß, Eisenstein, and the third proof of the Quadratic Reciprocity Theorem: Ein kleines Schauspiel".

Every textbook on elementary number theory (and quite a few on algebraic number theory) has a proof of quadratic reciprocity. Two are especially noteworthy:

Lemmermeyer (2000) has many proofs (some in exercises) of both quadratic and higher-power reciprocity laws and a discussion of their history. Its immense bibliography includes literature citations for 196 different published proofs.

Ireland & Rosen (1990) also has many proofs of quadratic reciprocity (and many exercises), and covers the cubic and biquadratic cases as well. Exercise 13.26 (p 202) says it all

Count the number of proofs to the law of quadratic reciprocity given thus far in this book and devise another one.

• Ireland, Kenneth; Rosen, Michael (1990), A Classical Introduction to Modern Number Theory, Graduate Texts in Mathematics, Vol. 84 (2nd ed.), New York: Springer, ISBN   0-387-97329-X
• Lemmermeyer, Franz (2000), Reciprocity Laws: from Euler to Eisenstein, Springer Monographs in Mathematics, Berlin: Springer, ISBN   3-540-66957-4
• Rousseau, G. (1991), "On the Quadratic Reciprocity Law", Journal of the Australian Mathematical Society, Series A, Cambridge University Press, 51: 423–425, ISSN   1446-7887
• Washington, Lawrence C. (2012), Introduction to Cyclotomic Fields, Graduate Texts in Mathematics, vol. 83 (2nd ed.), New York: Springer, ISBN   978-1-4612-7346-2

External links

• F. Lemmermeyer's chronology and bibliography of proofs of the Quadratic Reciprocity Law (332 proofs)