Approximatting rings of integers in number fields

(1)

J

OURNAL DE

T

HÉORIE DES

N

OMBRES DE

B

ORDEAUX

J. A. B

UCHMANN

H. W. L

ENSTRA

Approximatting rings of integers in number fields

Journal de Théorie des Nombres de Bordeaux, tome

6, n

o

_{2 (1994),}

p. 221-260

<http://www.numdam.org/item?id=JTNB_1994__6_2_221_0>

L’accès aux archives de la revue « Journal de Théorie des Nombres de Bordeaux » (http://jtnb.cedram.org/) implique l’accord avec les condi-tions générales d’utilisation (http://www.numdam.org/conditions). Toute uti-lisation commerciale ou impression systématique est constitutive d’une infraction pénale. Toute copie ou impression de ce fichier doit conte-nir la présente mention de copyright.

Article numérisé dans le cadre du programme Numérisation de documents anciens mathématiques

(2)

Approximatting

rings

of

_integers

in number fields.

par J. A. BUCHMANN AND H. W.

_LENSTRA,

JR.

RÉSUMÉ. 2014 Nous étudions dans cet article le _problème_{algorithmique}de la détermination de l’anneau des entiers d’un corps de nombres algébriques

donné. En _pratique,ce _problèmeest souvent considéré comme résolu mais

des résultats théoriques montrent que sa résolution ne _peutêtre menée à

terme _lorsquele corps étudié est défini par les équations dont les coefficients sont très gros. Or de tels corps apparaissent dans _{l’algorithme}du crible

algébrique utilisé pour factoriser les entiers naturels.

En appliquant une variante d’un algorithme standard donnant l’anneau des entiers, on obtient un sous-anneau du corps de nombres qui peut être regardé comme le meilleur candidat _possiblepour l’anneau des entiers.

Ce meilleur candidat est probablement souvent le bon. Notre _proposest

d’exposer ce _qui_peutêtre prouvé sur ce sous-anneau. Nous montrons que sa structure locale est transparente et _rappellecelle des extensions modérément ramifiées de corps locaux. La plus grande partie de cet article

est eonsacrée à l’étude des anneaux _quisont "modérés" en un sens _plus

général que celui habituel. Chemin faisant nous établissons des résultats de _{complexité qui}_prolongentun théorème de Chistov. L’article inclut

également une section _quidiscute des algorithmes en temps polynomial

pour les groupes abéliens de type fini.

ABSTRACT. - In this paper we _studythe _{algorithmic problem}of finding the

ring of _integersof a _{given algebraic}number field. In practice, this _problem is often considered to be well-solved, but theoretical results indicate that it

is intractable for number fields that are defined _by_equationswith very large

coefficients. Such fields occur in the number field sieve _algorithmfor

facto-ring integers. Applying a variant of a standard algorithm for finding rings

of integers, one finds a _subringof the number field that one _mayview as the

"best _guess"one has for the _ringof _integers.This best _guessis _probably often correct. Our main concern is what can be proved about this _subring.

We show that it has a _particularly_transparentlocal _structure,which is

reminiscent of the structure of tamely ramified extensions of local fields. A

major portion of the paper is devoted to the study of _ringsthat are "tame"

in our more _generalsense. As a _byproduct,we prove complexity results that elaborate upon a result of Chistov. The paper also includes a section that

discusses polynomial time _algorithmsrelated to _{finitely generated}abelian groups.

Key words: maximal order, tame extensions, algorithm.

(3)

Acknowledgements.

The first author was

_{supported by}

the Deutsche

Forschungsgemeinschaft.

The second author was

supported by

the

Na-tional Science Foundation under

grants

No. DMS 90-02939 and 92-24205. The second author is

_grateful

to the Institute for Advanced

_Study

(Prince-ton),

where

_part

of the work on which this _{paper is}based was done. The

final version of this _paperwas

_prepared

while the second author was on

ap-pointment

as a Miller Research Professor in the Miller Institute for Basic

Research in Science.

1. Introduction

In this _paperwe are concerned with the

_{following problem}

from

algorith-mic

_algebraic

number

_theory:

_given

an

algebraic

number field

K,

determine

its

_ring

of

_integers

C7.

_{Paradoxically,}

this

_problem

is in

_practice

considered well-solved

_{(cf. [7,}

_Chapter

_6]

and 7.2

_below),

whereas a result of Chistov

[6]

(Theorem

1.3

_below)

_suggests

that from a theoretical

_perspective

the

prob-lem is intractable. The

_apparent

contradiction is easy to resolve.

_Namely,

all

_{computational}

_experience

so far is limited to "small" number fields

_K,

such as number fields that are

given

as K = where

Q

is the

field of rational numbers and

f

is an irreducible

polynomial

of small

de-gree with small

integer

coefficients. The

algorithms

that are used for small

fields will not

_always

work when

_they

are

_applied

to

_"large"

number fields.

Large

number fields are

already making

their _{appearance in}

_applications

of

algebraic

number

_theory

_(see

_[14]),

and the determination of their

_rings

of

integers

is

_generally

avoided

_(see

_[5;

_{16, 9.4;}

_9]).

The results of the

_present

paper are

_{mainly theoretically inspired,}

but

_they

_maybecome

_practically

relevant if one wishes to do

_computations

in

_large

number fields.

In accordance with Chistov’s

_result,

we shall see that there is

_currently

not much

_hope

to find a

good algorithm

for the

problem

of

_constructing

rings

of

_integers.

This is true if

_"good"

is taken to mean

"running

in

polynomial

time" ,

and it is

_equally

true

_if,

less

_formally,

it is taken to mean

"practically

usable,

also in hard cases". The same

applies

to the

_problem

of

recognizing

rings

of

_integers,

i. _e.,the

_problem

of

_deciding

whether a

given

subring

of a

_given

_algebraic

number field I~ is

_equal

to 0.

To

_appreciate

the central

_difficulty

it suffices to look at

_quadratic

fields. If m is an

_integer

that is not a _square,then

_determining

the

_ring

of

_integers

of is

_equivalent

to

_finding

the

_largest

_squaredivisor of m. The

(4)

of

_recognizing

the

_ring

of

_integers

of a

quadratic

field is

equivalent

to the

problem

of

_recognizing

_squarefree

_integers,

which is considered infeasible as

well.

In the

_present

_paperwe obtain some

_positive

results. We shall _prove

that,

even

though

C~ _maybe hard to

_determine,

one can at least construct

a

_subring

B of K that comes "close" to

_0,

that is

_perhaps

even

_likely

to

be

_equal

to

_0,

that _{in any}case has some of the

_good

_properties

of

0,

and

that in

_{computational}

_applications

of

_algebraic

number

_theory

can

probably

play

the role of C7. Before we state our main result we

_give

an informal

outline of our

_approach.

Chistov

_[6]

showed that the

_problem

of

_determining

the

_ring

of inte-gers of a

_given

number field is

polynomially equivalent

to the

_problem

of

determining

the

_{largest squarefree}

divisor of a

given positive integer

(see

Theorem 1.3

_below).

For the latter

_problem

no

_good

algorithm

is known

(see

Section

_7).

_However,

there is a naive

approach

that

often

works. It is

based on the observation that

positive integers

with a

large repeated

_prime

factor are scarce: for most numbers it is true that all

_repeated

_prime

fac-tors are small and therefore _easyto find.

_Thus,

_dividing

a

_{given positive}

integer

d

_by

all of its

_repeated

_prime

factors that are less than a certain

upper bound b one finds a number that _mayhave a

_good

chance of

_being

the

_{largest squarefree}

divisor of

_d,

and that is often the best _guessone has.

The success

_probability

of this method

_depends

on b and on the _{way in}

which d was obtained in the first

place.

It

_is,

of _{course, easy to construct}

numbers d that defeat the

_algorithm.

One can

_attempt

to determine the

_ring

of

_integers

0 of a

_given

number

field K in a

_similarly

naive manner. One starts from an order in

_{K, i. e.,}

a

subring

A of C7 for which the index

_{(C~ :}

_A)

of additive groups is

finite;

for

example,

one _maytake A =

Z [a],

where _a_EK is _an

algebraic integer

with

K =

Q (a) .

As we shall _see,one can determine 0 if the

largest squarefree

divisor m of the discriminant

AA

of A is known. This result

_suggests

that one can determine a "best

_guess"

for (?

by working

with the best _{guess q}

that one has for m instead of m itself.

If,

in the course of the

_{computations,}

the

_hypothesis

that _{q is}

_squarefree

is contradicted because an

_{integer a}

> 1 is found for which

a2

divides _q,then one

simply replaces q by

q/a

and one

continues as if

nothing

has

happened.

This _vagueidea can be made

perfectly

precise.

It

gives

rise to a

polyno-mial time

_{algorithm that,}

_given

an order A C

_K,

_produces

an order B c K

containing

A as well as a

_{positive integer}

_q.One knows that B = C~

if q

is

squarefree.

It will often be considered _very

_{likely that q}

is indeed

(5)

square-free,

so that one is inclined to believe that B = 0. Our main _concernis

what one can _proveabout B without

_relying

on _any

unproved

_assumptions

regarding

q. In

particular,

we shall _provethat B

equals

0 if and

onty if q

is

_squarefree,

and that

_finding

an order in K that

properly

contains B is

equivalent

to

_finding

a

square a2 >

1

_dividing

_q.

Our results are derived from a local

_property

of B that we refer to as

tameness at _q.

_{Loosely speaking,}

B is tame at _qif B is

_trying

to resemble

a full

_ring

of

_integers

as

closely

as is

possible

in view of the fact

that q

is

not known to be

_squarefree.

Tameness is a

_strong

_property,

which

provides

us with substantial control over the

ring.

Before we

_give

the definition we

remind the reader of the local structure of full

_rings

of

_integers.

Let 0 be the

_ring

of

_integers

of an

algebraic

number

field,

let _pbe a

maximal ideal of

_C~,

and let

_Op

be the

_p-adic

_completion

of C?

_(see

_[1,

Chapter

10]).

Denote

_by

_pthe

_{unique prime}

number that

_belongs

to _p.

If the ramification index

_e(p/p)

of _pover _p

equals

1,

then _pis said to be unramified over _p,and in that case

Op

is a local unramified

algebra

over

the

_ring

_Zp

of

_{p-adic integers}

_(see

Section

_3).

Local unramified

_Zp-algebras

are _easyto understand and to

_classify,

and

_they

have a _very

_transparent

structure

_[25,

Section

_3-2];

for

example, they

are,

just

like

Zp

itself, principal

ideal domains that

_have,

_upto

units,

only

one

_{prime element,}

namely

_p.

If,

more

generally,

_pdoes not divide

_e(p/p),

then _{p is}said to be tame over _p.

In this case there is a local unramified

_Zp-algebra

T and a unit v of T such

that

_{Op ~}

_{T[X]I(Xe(PIP) -}

_vp)T[X]

J =

(see

[25,

Section

3-4]).

Conversely,

let _pbe a

_{prime number,}

let T be a local unramified

Zp-algebra,

let v be a unit of

T,

and let e be a

_{positive integer}

that is

not divisible

_by

_p.Then there is an

_algebraic

number field whose

_ring

of

integers

0 has a maximal ideal _p

_containing

_pfor which the

_ring

T[(vp) 1I e]

is

_isomorphic

to

_Op,

and then

_e(p/p)

= _e.In _summary,the

rings

which are

_{relatively simple}

to

_{understand, provide}

a full

description

of the

completions

of the

_rings

of

_integers

of all

_algebraic

number fields at all tame

maximal ideals.

In the wild case, in which p does divide

e(p/p),

the structure of

Op

is somewhat more

complicated,

but there is

fortunately

no need for us to

consider it: it occurs

_{only if p}

is

_small,

and small

_primes

can be taken care

of

_directly.

Imitating

the

_description

above of

_Op

we make the

following

definition.

Let B be an order in a number

field,

and

_{let q}

be a

_positive

_integer.

We call

B tame

_{at q}

if for _every

_prime

number _p

_dividing

_qand _everymaximal ideal p of B

containing

p there exist a local unramified

_Zp-algebra

_T,

an

_integer

e

(6)

that is not divisible

_by

_p,and a unit u of T such that the

p-adic

completion

Bp

of B

_is,

as a

_Zp-algebra,

isomorphic

to

_(see

Section

4).

If q

is

_squarefree

then p divides q

only

once; in that case _uq= _vpfor

some unit v of

_T,

and we are back at the

_ring

considered above.

However,

if p2

divides _qthen

_uq)T[X]

occurs as a

_ring

_Op

as

above

_only

in the trivial case that e = 1

(cf. 3.5).

One of our main results now reads as follows.

THEOREM 1.1. There is a deterministic

polyreonzial

time

algorithrra

that,

given

a number

_field

K and an order A in

_K,

determines an order B in K

containing

A and a

_{positive integer}

_q,such that B is tame at _qand such

that the

_prime

numbers

_dividing

_{(0 :}

_B)

are the same as the

_{repeated prime}

divisors

_of

_q;here C~ denotes the

_ring

_of

_integers

of

K.

This theorem is

_proved

in Section

6,

along

with the other theorems stated in this introduction. The

_algorithms

referred to in our theorems will be

explicitly

exhibited.

_Clearly,

the

_ring

B in Theorem 1.1

_equals

0 if and

only

if _qis

_squarefree.

_Generally

we shall see that

exhibiting

a _square

a2

> 1

dividing

q

is,

under

polynomial

transformations,

equivalent

to

finding

an

order in K that

_strictly

contains B

_(see

Theorem

_6.9).

Finding rings

of

_integers

is

_customarily

viewed as a local

_problem,

in the

sense that it suffices to do it

_{prime-by-prime. Algorithmically, however,}

the bottleneck is of a

global

nature: how to

_find

the

_prime

numbers that one

needs to look at? Once these are

known,

the

problem

admits a solution.

This is

_expressed

in our next result. If m is an

integer,

then an order A in

K is said to be maximal at m if

gcd(m,

(0 : A))

= 1.

THEOREM 1.2. There is a

_polynomial

time

_algorithm

_{that, given}

an

alge-braic number

_field

_K,

an order A irc

K,

and a

squarefree

_{positive integer}

m, determines an order B in K

_containing

A that is maximal at m.

From 1.2 we see in

particular

that if m is

_prime

one can

find,

in

polynomial

time,

an order in K that is maximal at m. If m is taken to be the

_product

of the

_primes

p for which

p2

divides the discriminant of

A,

then the order B in Theorem 1.2

_equals

0.

We next formulate a few

_complexity

results of

_purely

theoretical interest.

THEOREM 1.3. Under

_{polynomial transformations,}

the

_following

two

prob-lems are

equivalent:

(a)

given

an

_algebraic

number

_field

_K,

_find

the

_ring

_{of algebraic}

_integers

of K;

(7)

(b)

given

a

_{positive integer}

d, find

the

largest squarefree

divisor

of

d.

Theorem 1.3

_represents

a

slight

improvement

over a theorem of Chistov

(6),

as

_explained

in 6.11. We shall _provethat the

_{corresponding recognition}

problems

are also

_equivalent

(Theorem 6.12).

Suppose

that an order A in an

_algebraic

number field is

_given.

In the

proof

of Theorem 1.3 we shall see

that, given

the

largest squarefree

divisor

of the discriminant

_AA

of

A,

one can find the

_ring

of

_integers

0 of K in

polynomial

time. In 6.13 we _arguethat it is hard to _goin the

_opposite

direction: if

_given

0 one can

_easily

find the

largest squarefree

divisor of

AA,

then

_problem

_1.3(b)

_{is easy}as well. It is

possible, however,

to

_compute

the

_largest

square divisor of

AA

quickly

from 1;

again

it is hard to go in the

opposite

direction

_{(see 6.14).}

If the

_ring

of

_integers

of a number field K is

_known,

then the discriminant of K _{is easy}to

_compute.

One may wonder

whether,

conversely,

it is easy

to

_compute

the

_ring

of

_integers

of K from the discriminant of K. In 6.10

we shall see that this is

_currently

not the case.

_However,

we do have the

following

result.

THEOREM 1.4. There are

polynomial

time

algorithms

that

_given

an

alge-braic number

_field

K and one

of

(a), (b),

determine the other:

(a)

the

_ring

_{of algebraic}

_integers

_{of K;}

(b)

the

_{largest squarefree}

divisor

_of

the discriminant

_of

K.

In the

_body

of the _paperwe work with orders in

products

of number fields

rather than orders in number fields. This

_presents

no additional

_difficulty.

One may

remark,

though,

that the case of

_products

of number fields can

in

_polynomial

time be reduced to the case of a

single

number

field, by

the

main result of

_[15].

_Also,

several of our results are local in the sense that

they

are directed not at

_{constructing 0,}

but at

_constructing

an order that

is maximal at a

_given

_integer

_m,as in Theorem 1.2.

We have refrained from

_considering

more

_general

base

_rings

than the

ring

Z of rational

_integers.

Over some base

_rings,

the

problem

of

finding

maximal orders

_is,

in

_substance,

_equivalent

to the

_problem

of

_resolving

sin-gularities

of curves

(see [24]);

but in that context there is a

_quick

algorithm

for

_problem

_1.3(b),

so that the issues considered in this _paperdo not arise. It _maybe

_interesting

to consider base

_rings

that are

_rings

of

_integers

of

number fields or, more

generally,

orders in number fields as

produced

by

our

_algorithms.

The contents of this _paperare as follows. Sections

_2,

3 and 4 contain the commutative

_algebra

that we need. No

algorithms

occur in these sections.

(8)

In Section 2 we assemble some well-known results

concerning

orders.

Sec-tions 3 and 4 are devoted to the notion of tameness,

locally

in Section 3 and

globally

in Section 4. Sections 5 and 6 deal with

_algorithms.

In Section 5

we recall a few basic

algorithms

for which a convenient reference is

_lacking;

they mostly

concern linear

_algebra

over the

_rings

Z and

Z/qZ,

where q

is a

_{positive integer.}

In Section 6 we

_present

the

_algorithm

that underlies the

proof

of Theorem 1.1. It is a variant of an

algorithm

for

determining

ma-ximal orders that is due to Zassenhaus

_{[26; 27].}

Section 6 also contains the

proofs

of the theorems stated above. In Section 7 we discuss the

practical

repercussions

of our results.

For our conventions and notations on commutative

_algebra

we refer to

Section 2. For conventions

_concerning

_algorithms

we refer to Section 5 and

to

_[18].

2. Orders

In this section we establish the notation and

terminology

_concerning

rings

and orders that we shall _use,and we recall a few well-known facts.

For

_background

on commutative

algebra,

see

[1].

2.1.

_Rings

and

_algebras.

All

_rings

in this _paperare assumed to be commutative with a unit element.

Ring homomorphisms

are assumed to

preserve the unit

element,

and

subrings

contain the same unit element.

_By

Z, Q,

Fp

we denote the

_ring

of

_integers,

the field of rational

_numbers,

and

the field

_{of p}

_elements,

_{respectively,}

where p is a

_prime

number. The _group

of units of a

ring

R is denoted

by

R* . Let R be a

ring.

An R-module M

is called free if it is

_isomorphic

to the direct sum of a collection of

_copies

of

_R;

if

_{R ~}

0 then the number of

_copies

needed is

_uniquely

determined

_by

M,

and it is called the rank of

_M;

if R =

_0,

then the rank of M _isdefined

to be 0. If an R-module M is free of finite rank _n,then there is a basis of

M over

_{R, i. e.,}

a collection of n elements _{wl, w2,}... , wn E M such that

for each x E M there is a

_unique

_sequenceof n elements _{ri, r2,}_{... ,}_rnE R such that x = _riwi-

By

_an

R-algebra

we mean a

_ring

A

_together

with

a

_ring

homomorphism

R - A. An

R-algebra

A is said to admit a finite

basis if A is free of finite rank when considered as an R-module. If this is

the _case,then the rank of A as an R-module is called the

degree

of A over

R,

notation:

_{~A : R~}

..

2.2. Trace and discriminant. Let .R be a

_ring

and let A be an

_R-algebra

admitting

a finite basis _{wi, - - - ,}_{wn .} For each a E

_A,

the trace Tr a of a

(9)

if awz = with rjj _E

R,

then Tr a =

3 = i

rjj. The trace Tr is an R-linear _mapA -> R. In case of

possible ambiguity,

we _maywrite

Tr A

or Tr A/R instead of Tr . The discriminant

AA

or

_AA/R

of A over R

is the determinant of the matrix

_(Tr

The discriminant is

- _ n

well-defined

_only

_{up to}_squaresof units of R. The R-ideal

_{generated by}

_AA

is

_{well-defined,}

and we shall also denote it

by

AA-

If R’ is an

R-algebra,

then A’ =

AOtimes RR’

is _an

R’-algebra

that also admits a finite basis.

The trace function As R’ is obtained from the trace function A - R

_by

base

_extension,

and the notation

_{Tr ,}

Tr A, The A/R used for the latter will

also be used for the former. We have

_{AAI/Rl =}

_{AA/RR’ as}

ideals.

2.3. Orders. Let R be a

_principal

ideal

_domain,

and denote

by

F the field

of fractions of R. An order over R is an

R-algebra

A that admits a finite

basis and that satisfies

_{AA 0}

0. An order over Z is

simply

called an

_order;

equivalently,

an order can be defined as a

ring

without non-zero

_nilpotent

elements of which the additive group is free of finite rank as an abelian

group. Let A be an order over

R,

and write

AF

=

AQ9RF.

Then

AF

_is,

_as

an

F-algebra,

the

product

of

finitely

_manyfinite

separable

field extensions

of F.

_By

a fractional A-ideal we mean a

_{finitely generated}

A-submodule

of

_A~

that _spans

_AF

as a vector _spaceover F. If a and b are fractional

A-ideals,

then the index

_{(a : b)}

of b in a is defined to be the determinant of _anyF-linear _map

_{AF --~ AF}

that _mapsa onto

_b;

the index is an element

of F* that is well-defined

_only

_upto units of R. If b C a then the index

belongs

to R -

_{0},

and if in addition R = Z then it

is,

_up_to

sign,

equal

_to

the usual index. If _a,b are fractional

A-ideals,

then we write a : b =

Ix

_E

AF :

xb C

_a};

this is also a fractional A-ideal. A fractional A-ideal a is

called invertible if ab = A for some fractional A-ideal

_b;

if this is

_true,

then b = A : _a,and _a= A : b = A :

(A :

a).

An

_example

of _afractional ideal

is the

_{complementary}

module

At

=

Ix

_E

AF :

Tr

(xA)

_C

R}.

If

(Wi)i::l

is

a basis for A over

R,

then a basis for

At

over R is

_given

by

the dual basis

!t %= 1,

which is characterized

_by

Tr = 0 _or1

according

_asi

0 j

_or

i =

_j.

One has A

C At

and

(Afi :

A) =

AA.

_By

_anoverorder of A _we_mean

a fractional A-ideal that is a

_subring

of

AF.

If a is a fractional

A-ideal,

then a : a is an overorder of A. Each overorder B of A is an

order,

and it

satisfies A c B C

Bf

C At

and

AA

=

AB (B :

A)2.

Among

all overorders

of A there is a

_unique

one that is maximal under

_inclusion;

we shall denote

it

_by

0. The

_ring

C~ is

_equal

to the

_integral

closure of R in

_AF,

and it is the

_product

of

_finitely

_manyDedekind domains. The discriminant of C~ is also called the discriminant of

_AF.

We call A maximal if A =

0;

this is the

case if and

_only

if all fractional A-ideals are invertible. If

_{m E R,}

then the order A is said to be maximal at m if

gcd(m, (0 : A) )

_{= 1;}

this

_happens,

(10)

for

_example,

_{if gcd(m,}

_AA)

=

_1,

because

(0 :

A)2

divides

AA.

For the _same

reason, A itself is maximal if and

only

if it is maximal at

AA-PROPOSITION 2.4.

_Suppose

that R is a

_principal

ideal

_domain,

that m E R

is a non-zero

element,

and that A is an order over R. Then there are

_only

finitely

many

prime

ideals p

of

A

containing

m, and

they

are all maximal.

Moreover,

if

b denotes the intersection

_of

these

_{prime ideals,}

then we have:

(a) b/mA

is the nilradical

_of

the

_ring

_A/mA,

and there exists a

_positive

integers

t such that b D mA D

bt;

(b)

for

each

_prime

ideal _p

_of

A

_containing

m one has A :

p ¢

A;

(c)

A is maximale at

_{m if}

and

_{only if}

b : b = A.

Proof.

Since A admits a finite basis over the

_principal

ideal domain

_R,

the R-module

_A/mA

is of finite

_length.

Therefore the

_ring

_A/mA

is an Artin

ring.

From

_[1,

_Chapter

_8]

it follows that each

_prime

ideal of

_A/mA

is

max-imal,

that there are

only

finitely

_manyof

them,

and that their intersection

is

_nilpotent.

This _provesthe first two assertions of

_2.4,

as well as

(a).

To

prove

(b),

we note that the annihilator of the

_prime

ideal

_p/rraA

in the Artin

_ring

_A/rrtA

is non-zero, so mA : _p

properly

contains mA. Therefore

A : _p

_properly

contains A. To _prove

_(c),

first assume that A is maximal

at m. From

(0 :

C A and

gcd(m,

(0 : A))

= 1 it follows that for each

maximal ideal

_pR

of R

_dividing

m the localizations

APR

and

OPR

are

equal.

Hence the order

_APR

over

_{Rp R}

is a

_product

of

_finitely

_manyDedekind

do-mains,

and

_bpR

is a

product

of non-zero ideals in those Dedekind domains.

Therefore

_{bpR : bpR}

=

ApR.

The same

_equality

also holds for maximal

ideals

_pR

of R that do not contain m, since in that case

_{bp R}

=

APR.

It

fol-lows that b : b =

A,

_as

_required.

For the

converse, assume that b : b = A.

The maximal ideals _pof A

_{containing m}

are

_{pairwise coprime,}

so their

intersection b is

_equal

to their

_product.

Hence b : b = A

implies

that all

those _p

_satisfy

_{p : p}= A. We claim that

(A : p)p

= A for each _p,so that

each p is invertible. If not, then from _pC

_{(A : p)p}

C A and the

_maximality

of _pone derives that _p=

(A : p)p,

so A : p C p : _p=

A, contradicting

(b).

From the

_{invertibility}

of all maximal ideals

_containing

m one deduces

_by

induction that all A-ideals that contain a _power

mk

of _m,with k >

_0,

are

invertible,

and the same is then true for all fractional ideals H with

Apply

this to H =

Ix

_~/:

mix

~ A for

some

i > 0~.

This is a

_ring,

so HH =

H,

and the

invertibility

of H

implies

H = A. Therefore

(C~ : A)

is

_coprime

_to_m.This _proves2.4.

.Remark.

_Every

maximal ideal _pof an order A over a

_principal

ideal domain

R that is not a field contains a non-zero element of

R,

by

[1,

_Corollary

5.8~.

(11)

PROPOSITION 2.5. Let A be an order over a

_princiPal

ideal

_domain,

and let a be a

fractional

A-ideal. Then a is invertible

if

and

only if

the overorder

(A :

a) :

(A : a)

of

A

_{equals A,}

and

_if

and

_{only if}

both A :

_{(A :}

_a)

= a and

a : a = A.

Proof.

If a is

_invertible,

then as we saw in 2.3 we have A :

(A : a)

_{= a,}and a : a =

(a : a)A

=

(a : a)a(A :

a)

=

a(A : a)

=

A;

also,

b = A : _ais then

invertible as

well,

so for the same reason we have

(A : a) : (A : a)

= A.

Next _supposethat a is not invertible. Then the A-ideal

_{(A : a)a}

is different from

_A,

so there is a maximal ideal _pof A

_containing

(A : a)a.

We

have A :

_{p C A :}

_{((A : a)a) =}

_{(A :}

_{a) :}

_{(A :}

_a),

so from

2.4(b)

we see that

(A : a) : (A :

a) #

A. This _provesthat a is invertible if

_{(A :}

_{a) : (A :}

_a)

= A.

Applying

this to b = A : _a,we find that b is invertible if A : b = a and a : a =

A,

and then its inverse _ais invertible _aswell. This _proves2.5.

2.6. Gorenstein

_rings.

Let A be an order over a

principal

ideal domain.

We call A a Gorenstein

_ring

if A :

(A :

a)

= _afor _everyideal _aof A

that contains a non-zero-divisor of A _or,

equivalently,

for _everyfractional

A-ideal a. It is an _{easy consequence}of

[3,

Theorem

(6.3)]

that this

_is,

for

orders over

_principal

ideal

domains,

equivalent

to the traditional notion. Note that A is a Gorenstein

ring

if it is a maximal order. The converse is

not true

_{(cf. 2.8).}

PROPOSITION 2.7. Let A be an order over a

principal

ideal domain

R,

with

comPlementary

module

At.

Then the

_following

_properties

are

_equivalent:

(a)

A is a Gorenstein

_ring;

(b)

for

any

fractional

A-ideal a, we have a : a = A

if

and

only if

a is

invertible;

(c)

At is

invertible.

Proof.

From 2.5 and the definition of a Gorenstein

_ring

it is clear that

(a)

implies

(b).

To prove that

(b)

implies

(c),

it suffices to prove that

At : At

=

A.

_Generally,

_put

at

=

{x

_E

AF :

Tr

(xa)

_c

R}

for _anyfractional A-ideal

a, where

AF

is as in 2.3.

_Using

dual bases one

_easily

_provesthat

att

_{= a,}

and from the definitions one sees that

at = At :

a.

Applying

this to a

= At

one obtains

At : At

=

A,

_as

required. Finally,

_we_provethat

(c)

implies

(a).

Suppose

that

At

is

_invertible,

and let a be a fractional ideal.

_Applying

the

equality

at = At :

a twice we find that a

= att

=

At :

(At :

a).

We need to _provethat this

_equals

A :

_{(A : a).}

If b = A :

At

denotes the inverse of

At,thenwehaveAt:a=(A:b):a=A:(ab)=(A:a):b=(A:a)At

andAt:(At:a)=At:((A:a)At)=(At:At):(A:a)=A:(A:a).

(12)

2.8.

_Example.

Let R be a

principal

ideal domain and let

f

E

_R[X]

be a

monic

_polynomial

with

_{non-vanishing}

discriminant. Then A =

is an order over

R,

and if we write a =

(X

mod

f )

_EA then

At

=

f’(a)-lA

(cf.

[25,

Proposition

3-7-12]).

This shows that

At

is

_invertible,

so 2.7

im-plies

that A is a Gorenstein

_ring.

It is well-known that A is not

_necessarily

maximal.

PROPOSITION 2.9. Let R be an Artin

_ring,

let L be a

_free

R-rnodv,le

_of

finite

rank,

and let N c L be a subrraodule. Then N is

free

over

R if

and

only if

L/N is

free

over R.

Proof.

Since each Artin

_ring

is a

product

of

finitely

_manylocal Artin

_rings,

the

_{proof immediately}

reduces to the case that R is local. It is convenient

to use a few

_properties

of

_projective

_modules,

which can be found in

[12,

Chapter

1,

Section

_1].

First suppose that

L/N

is free. Then the exact

sequence 0 -> N -> L 2013~ 0

splits,

so N is

_projective,

and therefore

free. For the converse, assume that N is free. Let m be the maximal

ideal of

_R,

and let a E R a non-zero element annihilated

by

m. Then

is a

_subspace

of the

R/m-vector

_space

L/mL.

Supplementing

an

R/m-basis of

_N/mN

to one for

L/mL

and

applying Nakayama’s

lemma one

finds a

surjection

N E9 Rn -->

L,

where n = rank L - rank N.

Comparing

the

_lengths

of the two modules we see that it is an

_isomorphism.

Hence

This _proves2.9.

3. Tame

_algebras

over the

_{gradic integers}

This section and the next one are devoted to a

study

of _tameness,which

is one of the central notions of this _paper.

We let in this section p be a

_{prime number,}

and we denote

by

Zp

the

ring

of

_{p-adic integers.}

We call a

_Zp-algebra

T local if T is local as a

_ring

with a residue class field of characteristic _p.A local

_Zp-algebra

T is said to

be unramified if T = for some monic

polynomial 9

E

_Zp[Y]

for which

_(g

mod

_p)

E

_{Fp [Y]}

is irreducible.

_{Equivalently,}

a local unramified

Zp-algebra

is the

_integral

closure of

_Zp

in a finite unramified extension of

the field

_Qp

_{of p-adic}

numbers

_(see

_[25,

Section

_3-2)).

Throughout

this

_section,

_qdenotes a non-zero element of

pZp.

Let S

be a

_Zp-algebra.

If S is

_local,

then we call S tame

_{at q}

if there exist a

local unramified

_Zp-algebra

_T,

a

_{positive integer}

e that is not divisible

_by

(13)

In

_general,

we call S tame at q if S is the

product

of

finitely

many local

Zp-algebras

that are tame at _q.

If _{q is}a

_prime

element of

Zp

then tameness

_{at q}

is

equivalent

to the traditional

_notion,

as

expressed by

the

following

result.

PROPOSITION 3.1.

_Suppose

that _qE

_pZp,

_{q 0}

p2Zp,

and let S be a

Zp-algebra.

Then S is local and tame at

_{q if}

and

_{only if}

S is

_isorrtorphic

to the

integral

closure

_{of Zp in}

a

finite tamely ramified field

extension

_of

_Qp.

Proof.

This follows from the

_description

of

_tamely

ramified extensions

_given

in

_[25,

Sections

3-2, 3-3,

3-4].

We now _provevarious

_properties

of

Zp-algebras

that are tame at _q.

PROPOSITION 3.2. Let T be a local

unramified

_{Zp -algebra, let}

e be a

_positive

integer

that is not divisible

_by

_p,and let u E T* be a unit. Let

further

S =

T[X]I(Xe - uq)T[X]

=

T[7r],

where _7r=

(X

mod Xe -

uq).

Then

S is local and tame at _q,and its rraaximal ideal is

_{generated by}

_pand 7r.

Further,

the residue class

_field

k

_of

S is the same as that

_of

_T,

and it

satisfies [k :

Fp] =

[T :

Zp] =

[S :

Zip]/6.

Proof.

It _{is easy}to see that the S-ideal

pS

+ 7rS is maximal and that its residue class field k is the same as the residue class field

T/pT

of T.

Conversely,

let

_{p C S}

be a maximal ideal. Since S is

_integral

over

_Zp,

we

have

_pflZp

=

pZp (see

[1,

Corollary

5.8]),

_so_{p E p.}

Also,

from ~e = uq _E_p

it follows that 7r E _p.This

_implies

that _p=

pS

₊

7rS,

and that S is local.

The fact that S is tame at q follows from the definition of tameness. The relations between the

_degrees

follow from

_{~T/pT : Zp/pZp] = [T : Zp]}

and

[S : T]

= e. This _proves3.2.

PROPOSITION 3.3. Let

_T,

e, u, S and 7r be as in

_3.2,

and let Tr be the trace

_{function of S}

over

_Zp.

Then we have:

(a)

the

_{comPlementary}

module St

of S

over

_{Zp is}

_given

_by

St

=

7rq-’S,

and

_Zp-module

_isorraorphic

to the direct sum

of

[k :

and

_{Sla is}

as a

Zp/qZp-module

free of

rank

~k :

Fp];

(d)

for

each

_{positive integer}

i the

_{Zp/qZp-module}

+

qS)(ai+1

+ +

qS)2

is

_free,

and its rank

_equals

0

_for

i

₌₁₌

e and

[k :

Fp~

for

i = e.

(14)

Proof.

Since T is unramified over

Zp,

we have

Tt

= T.

Combining

this

with Tr = Tr T o Tr one finds that

St

is also the

complementary

module of ,S over T. A T-basis of S is

_given

by

_1,

_7r,

7r 2

... ,

7r e-1

A

straightforward

computation

shows that the dual basis is

_given

_by

_{e- 1}

(euq)-I7re-2,

... , 7 and this is a basis for

7rq-IS.

Hence

St

= which is the first assertion of

(a).

Another T-basis for

St

is

_given

_by

_1,

... ,

q-’7r e-1

7 from which it follows that

st /s is,

as a

T-module,

isomorphic

to the direct sum of e - 1

_copies

of

TlqT.

Since

_TlqT

is free of rank

_{II~ :}

_Fp]

over

Zp/qZp

this

implies

the last

assertion of

_{(a) .}

To _prove

_(b)

it

_{suffices, by}

_2.3,

to

_compute

the determinant

_{of a Zp-linear}

map that maps

St

onto S’

_(for

_{example, multiplication by}

_7re-I).

This is left

to the reader. For

_(c)

we note that a =

(est)

f1,S’ n S’

=7r S,

_soae = =

qS

and

S’/a

=

TlqT;

the last

_isomorphism

follows from S =

Finally,

from

_(c)

we obtain that =

for _any

_{positive integer i,}

so -f-

q~S’) 2

= 0 if i

#

_e

which

_implies

_{(d) .}

This _proves3.3.

3.4.Remark. Let S be a local

_Zp-algebra

that is tame at q, and let k be its residue class field. We shall call

_{[k :}

_Fp]

the residue class field

_degree

of S over

_Zp.

From 3.2 it follows that T and e are

uniquely

determined

by

S.

_Namely,

T

_is,

as a local unramified

_Zp-algebra,

determined

_by

its residue class

_field,

which is k.

_Using

Hensel’s lemma one can show that T

is even

uniquely

determined as a

subring

of S

(cf.

the construction of T

in the

_proof

of

_3.7).

_Next,

e is determined

_by

e =

[S :

Zp~ / ~l~ : Fp~ .

We shall call e the ramification index of S over

_{Zp .}

If e >

_1,

then from

_3.3(a)

it follows that the ideal

_qZp

is also

_uniquely

determined

_by

S. Hence a

local

_Zp-algebra

that is not unramified cannot be tame at two values of _q that are not divisible

_by

the same _powerof _p.From

3.3(c)

one can deduce

that,

for e >

1,

not

_only

the ideal

_qZp

but also the set is

_uniquely

determined

_by

S’.

_Conversely,

S is

_clearly

determined

_by

_T,

e and

PROPOSITION 3.5. Let the notation be as in

_3.2,

and let the

_{positive integer}

g be such that

qZp =

PgZp.

Denote the

integral

closure

of

S in S

_{®zp Qp.}

Then we

have

Ee- 1

and C S.

_Further,

9

is

_equal

to S

_if

f

and

_{only if}

e = 1 or

q 0

p2Zp.

We have

P* _P

and this

_equals

₍₁₎

_if

and

_{only if}

_{g is}divisible

_{by e.}

Proof.

We first _provethe

_expression

for S

under the added

_assumption

that T contains a

_primitive

eth root of

_{unity C.}

In that _case,there is a

(15)

T-algebra automorphism a

of s with U7r = and a

_generates

_a_groupr

of order e. The action of r on ,5’ extends to an action of r on S

_0Zp

_Qp

and on S. We consider the structure

of S

as a module over the _group

ring

T[r].

From

_{e #}

0

_{mod p}

it follows that there is an

_isomorphism

of

T-algebras

T[r]

that sends a to Therefore

S

_is,

as a

T’[r]-module)

the direct sum of modules

SZ,

0 i _e,where

SZ -

~x

E

S’ :

ox =

C’xl.

We have

7ri

_E

S’2,

so a acts as the

_identity

on

and therefore is contained in the field T

_Qp.

Because T is unramified over

Zp,

_anyT-submodule of that field is determined

by

the

integral

powers

of p

that it

contains;

so it remains to see which _powers

of p

belong

to

_{For j}

E

Z,

we

have pi

E

7r -’Si

if and

_only

if

_7ripi

is

_integral

over

~S’,

if and

only

if its eth _power

(uq)ipej

is

integral

over

S’,

if and

only

if

_{e j > -gi,}

if and

_only

This shows that

_1T-iSi

=

as

required.

Next we _provethe

_expression

for S

in the

_general

case. From

e 0

0 mod _p

it follows that there exists a local unramified

_Zp-algebra

T’

_containing

T

that contains a

primitive

eth root of

_unity.

_Apply

the above to S’’ =

SQ9TT’,

and use that S’

equals

the intersection of S‘

_Ozp

Qp

with the

integral

closure

of ,5‘’ in

_Cap.

This leads to the desired result.

From

_{[gile] g}

we see that = _C~S’. We have S’ _ ,S’ if and

only

if

_{[gile] =}

0 for

₀

i e -

_1,

if and

_only

if

g (e - 1)

_e,if and

_only

if g

= 1 _{or e}= 0. This _provesthe second _statementof 3.5.

The formula for the discriminant follows

_by

an _easy

_computation

from

3.3(b)

and the formula

_S)2

from 2.3. The last

asser-tion is obvious. This proves 3.5.

Let now ,S’ be a

Zp-algebra

that is tame at _qbut that is not

_necessarily

local. Then S’ is the

_product

of the localizations

_Sp

of s at its maximal ideals p, of which there are

_only

finitely

_many,and each

,S’p

is a local

Zp-algebra

that is tame at _q. We shall denote the residue class field

_degree

and the ramification index of

_,S’p

over

_Zp

_by

f (p)

and

e(p),

_{respectively.}

PROPOSITION 3.6. Let S be a

Zp-algebra

that is tame at _q,and

_put

a =

Ix

E S’ : Tr C

_qZp},

where Tr is the trace

_{of S}

over

_Zp.

the

_integral

closure

_{of S}

Then

_Sla

is

_free

as a

Zp/qZp -module,

(16)

(c)

if a

=

qS,

then =

(1)

and S =

S;

(d)

if a 0 qS,

then _qdivides I we have C

S,

equals

S

_if

and

_only

_{p2 Zp;}

(e)

if e

denotes the least common

multiple of

the numbers

e(p),

with _p

ranging

over the maximal ideals

of S,

then we have =

(1)

if

and

_only

_{if qZp is}

the eth _power

_of

an ideal

of

Zp.

Proof.

The ideal a is the

product

of the

similarly

defined ideals _apof the

rings

Sp.

By

3.3(c),

each of the

_{Zp/qZp-modules SP/ap}

is

_free,

so the same

is true for

_Sla.

To _prove

_(a),

we _maylikewise assume that S is

local,

in

which case it suffices to

_apply

_3.3(b),

_3.2,

and

_3.3(c).

In the same _way

(b)

follows from

_3.3(d).

If a =

qS,

then _wehave

[S: Zp] -

=

0,

which

_implies

the first statement of

_(c);

the second follows

_by

2.3. Next suppose that

a ~ qS.

Then we have

[S : Zp] - [Sla :

Zp/qZp]

>

_0,

which

_implies

the first statement of

_(d).

_Also,

for at least one _pwe have

[Sp : Zp] -

Zp/qZp]

>

_0,

which means that ep > 1. Since S is

integrally

closed in S

_0Zp

_Qp

if and

_only

if each

_Sp

is

_integrally

closed in

Sp

Qp,

it now follows from 3.5 that this is also

equivalent

to

_{q 0}

_{p Zp .}

This _proves

_(d).

_Finally,

_(e)

follows from the last statement of 3.5. This proves 3.6.

The main result of this section enables us to

_recognize

whether a

_given

Zp-algebra

is tame at q,

provided

that it has

sufficiently

small

degree

over

_Zp.

THEOREM 3.7. Let _pbe a

_prime

number,

and let _qE

_pZp,

_{q ~}

0,

where

Zp

denotes the

_ring

_{of p-adic}

_integers.

Let

_further

S be a

Zp-algebra

that

admits a

,finite

basis,

with

[S :

Zp]

_p.Put a =

{x

_ES : Tr

(xS)

_C

qZp},

where Tr is the trace

_of

S over

_Zp.

Then S is tame at _q

_if

and

_{only if}

a : a = S and both

a/qS

and

(S : a)/S

_are

free

_as

Zp/qZp-modules.

Proof.

We first remark that

_by

_2.9,

_applied

to R =

ZplqZp,

L =

S/qS,

and

N =

a/qS,

the

Zp/qZp-module

a/qS

is free if and

only

if

S/a

is. Hence we

may

replace

a/qS

by

S/a

in the statement of Theorem 3.7.

For the

proof

of the

_"only

if"

_part

we _mayassume that S is not

_only

tame at _qbut also

_local,

as in the

proof

of 3.6. Then

_by

3.3(c)

we have a =

7rS’,

so a : a = S.

Also,

S/a

is free _over

Zp/qZp,

by

3.3(c),

and the same

applies

to

(S : a)/S

= =

Sla.

This _provesthe

"only

if"

_part.

Next we _provethe "if"

_part.

Assume that a : a = S and that both

Sla

and

_{(S :}

_a)/S

are free as

Zp/qZp-modules.

We first reduce to the case that

(17)

with the

_projective

limits of the

_rings

0. From

_2.4(a)

we know

that there is a

positive integer

t such that

IIp P J

pS D

Ilp

pt,

where _p

ranges over the

_prime

ideals of ,S’

containing

_p.It follows that the

_system

of

ideals

_{(pnS)"O 1}

is cofinal with the

_system

of ideals

_(IIp

so that S is

also the

_projective

limit of the

_rings

_S/

_(flp

_{pn) -}

For each _rt,the ideals

_pn

are

pairwise coprime,

so

pn ) ’--" rip

S/pn .

Hence if we let

_S’p

denote

the

_projective

limit of the

_rings

_0,

then we have an

isomorphism

S ^--’

_Tjp

_Sp

of

_Zp-algebras,

the

_{product extending}

over the

_prime

ideals p of S’

containing

p. In

addition,

each

Sp

is

local,

and it is

actually

the localization of ,S’ at p. As a

Zp-module,

each

Sp

is a direct summand of

S,

so it is

free,

with

[Sp : Zip] :5

[S :

Zp]

_p.

Also,

the

_assumptions

on a _carry over to each

_{,Sp .}

Since S is tame if each of the

_Sp

_is,

we conclude that we

may assume that S is

_local,

which we do for the remainder of the

proof.

Denote

_by

p the maximal ideal of S. As

above,

we have _{p D}

pS D

p’

for some

_positive

_integer

_t,

and ,5’ is

_{p-adically complete.}

We first _provethat p =

p,S’

+ a. From

[S :

Zp]

_pit follows that

Tr 1 =

[S :

Zp] -

1 ~ qZp,

so

1 f/.:

a. This

_implies

that a C p, so

pS

+ a C p. To _provethe other

_inclusion,

we first note that the definition of a

_gives

rise

to an exact _sequence

of

_{Zp/qZp-modules,}

the third arrow

_{mapping x}

_{mod qS}

to the map

send-ing y

mod a to Tr

_(xy)

mod

_qZp;

this arrow is

_surjective

because

Sla

and

Hom(S/a,

Zp/qZp)

are free of the same rank over

Zp/qZp

and hence have

the same

cardinality.

Since

S/a

is

Zp/qZp-free,

we have a natural

isomor-phism

Hence if we tensor the exact sequence above with

_Fp

we obtain an exact

sequence

of

_Fp-vector

_spaces.From this _sequencewe deduce that

_{p C pS}

+ a, as

follows. Let x E _p.We have

_p’

C

_ps,

so for

any y E S

the

multiplication-by-xy

map

Sips

is

nilpotent

and has therefore trace 0 when considered as an

_Fp-linear

_map.This

_implies

that x mod

_{pS’ belongs}

to the

(18)

kernel of the _map

_{81pS Hom(S/(pS}

+

_{a), FP).}

This kernel

_equals

the

image

of

_a/(qS

+

_pa),

so that x E

_pS

+ a. This

completes

the

proof

of the

equality

p =

pS

₊_a.

The next

_step

in the

_proof

is the construction of an unramified

subring

T of S that has the same residue class field as S. Let k =

SIP

be the

residue class field of

_S,

and let T be the

_unique

unramified local

_Zp-algebra

with residue class field

_{TIPT k.}

If T =

_{Zp[Y]/gZp[Y],}

then

_by

Hensel’s

lemma g

has a zero in S

(see

[1,

Exercise

10.9~);

at this

_point

we use that

S is

_{p-adically complete.}

This

_gives

a

_Zp-algebra

_{homomorphism T - S,}

which makes S into a

T-algebra.

Let e be the dimension of as a vector

space over

T/pT

= k.

By

Nakayama’s

lemma there is a

_surjective

T-linear

map S. We have e ~

[T :

Zp]

=

e - ~k :

Fp] =

(S :

Zp],

so

comparing

Zp-ranks

we see that the _mapTe --+ S must be

_injective.

This

implies

in

_particular

that the map T -> S is

injective.

Hence we _mayview

T as a

subring

of

S,

and S is free of rank e as a T-module.

In the definition of a we _maynow

replace

_Zp

by

T,

i. _e.,we have a =

{x

_E

S : Tr

_sIT(x8)

C

_qT},

_{where Tr SIT is the}trace _mapfor the extension T c

S. This is an immediate _consequenceof the formula Tr = Tr o Tr SIT

and the fact that

_qT

=

{x

_ET : Tr _C

qZp 1;

the last

equality

holds because T is unramified over

_ZP.

Any

T/qT-module

N that is

_{finitely generated}

and free as a

Zp/qZp-module is also free as a

T/qT-module,

the rank

being

[T :

Zp]

times as

small;

one _provesthis

_{by lifting}

a k-basis of

_N/pN

to a

TlqT-basis

of

N,

in the same _wayas we

_proved

above that S is free as a T-module. Hence

the

_hypotheses

on a now

imply

that

S/a

and

(S : a)/S

are free as

T/qT-modules. The rank of

_S/a

over

T/qT

can be

computed

over the residue

class

_{field; using}

that

_pS

+ a = _pwe find that

[Sla :

+

_{a) :}

T/pT~ _

[k : k]

=

1,

so the natural _map

_S/a

is an

isomorphism.

Next we _provethat a is invertible. From a C _pand

_2.4(b)

we see that

S :

_{a # S,}

so the module

_{(S :}

a)/S

is non-zero.

_Also,

it is free over

T/qT

=

Sla,

so the annihilator of

(S :

a)IS

in

S/a

is zero. This means

that S :

_{(S : a)}

= _a.From _our

hypothesis

_{a : a}= S and 2.5 it _nowfollows

that a is

_invertible,

so

_{a(S :}

_a)

= S.

We deduce that a is

_{principal. Namely,}

choose _{p E a}with

p(S :

a) 0

_p.

Then 1 E

_{p(S : a),}

and

_{multiplying by}

a we find a C

_pS.

Since we also

have

_pS

C a this _provesthat a =

pS.

We claim that S =

T[p].

To _see

this,

we first note that

_T[p]

is local with maximal ideal

_p’

= _pn

T[p].

This follows from the fact that S is

integral

over

T[p]

and local.

_Next,

from

T/qT 83£ S/a

=

S/pS

_{we see}that