Quadratic Reciprocity

Shameek Paul

Definition 1. We say that a, b ∈ Z are congruent modulo a natural number n

if n divides a − b and we write it as a ≡ b (mod n).

Observation 1. Let a, b ∈ Z and n ∈ N. Then a and b are congruent modulo

n if and only if they have the same image under the homomorphism Z → Z/nZ
which is given by x 7→ x + nZ.

Observation 2. Let a1 , . . . , an ∈ Z such that for every i ∈ [1, n] we have

that ai ≡ 1 (mod 4). As the ai ’s belong to the kernel of the homomorphism
in Observation 1 (with n = 4), so does their product. Thus, it follows that
a1 · · · an ≡ 1 (mod 4).

Theorem 1. There are infinitely many primes p such that p ≡ −1 (mod 4).

Proof. Suppose pn is the largest prime p such that p ≡ −1 (mod 4). Let
p1 , . . . , pn be all the primes which are at most pn . Let m = 4p1 · · · pn − 1.
Then we see that m ≡ −1 (mod 4).
Suppose every prime divisor of m is congruent to one modulo four. As every
natural number is a product of prime numbers, by Observation 2 we see that
m ≡ 1 (mod 4). Thus, we get the contradiction that 1 and −1 are congruent
modulo four.
So it follows that m has a prime divisor p such that p ≡ −1 (mod 4). As
p divides m, it follows that 4p1 · · · pn ≡ 1 (mod p). As we see that p = pi for
some i ≤ n, we get the contradiction that 0 ≡ 4p1 · · · pn ≡ 1 (mod p).

Let p be a prime which is not equal to two. Let Fp denote the field Z/pZ
and U (p) denote the group of units (Z/pZ)∗ . As U (p) has order p − 1, for every
a ∈ U (p) we see that ap−1 = 1. So it follows that every element of U (p) is a
root of the polynomial X p−1 − 1 in Fp [X].
As p − 1 is even, we see that m = (p − 1)/2 is a positive integer. So every
element of U (p) is a root of X 2m − 1. If there exists b ∈ U (p) such that a = b2 ,
then we see that am = b2m = 1. If we let Qp = {a2 : a ∈ U (p)}, it follows that
every element of Qp is a root of X m − 1.

1
 We see that Qp is the image of the homomorphism U (p) → U (p) given by
x 7→ x2 . As the kernel of this homomorphism is {1, −1} and as 1 6= −1 in Fp
(since p 6= 2), we see that Qp has size (p − 1)/2 = m. So the set of all roots of
the polynomial X m − 1 equals Qp .

Let a ∈ Fp . Then a ∈ Qp if and only if a(p−1)/2 = 1.

We see that −1 ∈ Qp if and only if (−1)(p−1)/2 = 1 in Fp if and only if

(−1)(p−1)/2 = 1 if and only if (p − 1)/2 is even if and only if 4 divides p − 1 if
and only if p ≡ 1 (mod 4).

We have that −1 ∈ Qp if and only if p ≡ 1 (mod 4).

Theorem 2. There are infinitely many primes p such that p ≡ 1 (mod 4).

Proof. Suppose pn is the largest prime p such that p ≡ 1 (mod 4). Let p1 , . . . , pn
be all the primes which are at most pn . Let m = (2p1 · · · pn )2 + 1. As every
natural number has a prime divisor, there exists a prime p which divides m and
so it follows that (2p1 · · · pn )2 ≡ −1 (mod p).
If p = 2, we get that 0 ≡ −1 (mod p) which gives us the contradiction that p
divides one. So p 6= 2 and so p is odd. As −1 ∈ Qp , we see that p ≡ 1 (mod 4).
Thus, we see that p = pi for some i ≤ n. So we get the contradiction that
0 ≡ (2p1 · · · pn )2 ≡ −1 (mod p).

Let Np = U (p) \ Qp . If a ∈ Np , then a is a root of X 2m − 1 but a is not a

root of X m − 1. As we have that X 2m − 1 = (X m − 1)(X m + 1), we see that
every element of Np is a root of X m + 1. As |Np | = |U (p)| − |Qp | = m, the set
of all roots of the polynomial X m + 1 equals Np .
Hence, we see that for every a ∈ U (p), we have that am = 1 if a ∈ Qp and
am = −1 if a ∈ Np . We define a map sp : U (p) → {1, −1} as sp (a) = am . Then
we see that sp (a) = 1 if and only if a ∈ Qp . As (ab)m = am bm , it follows that
sp is a homomorphism.

Qp is the kernel of the homomorphism sp : U (p) → {±1}.

Let a ∈ U (p). We will now find another criterion to determine when a ∈ Qp .

Lemma 1. For every x, y ∈ [1, m] we have that ax 6= −ay.

2
Proof. Suppose there exists x, y ∈ [1, m] such that ax = −ay. Then a(x+y) = 0
and so x + y = 0. As x, y ∈ [1, m], we see that x + y ∈ [2, 2m]. As 2m = p − 1,
we see that 1 < x + y < p and so we get the contradiction that x + y 6= 0.

We will write U (p) as {1, 2, . . . , m − 1, m, −m, −(m − 1), . . . , −2, −1}. Let
l be the size of the set {x ∈ [1, m] : ax < 0}. Suppose ax = −k for some
k ∈ [1, m]. By Lemma 1 we see that k 6= ay for all y ∈ {x ∈ [1, m] : ax > 0}.
As a is a unit, we see that if x, y ∈ [1, m] are distinct, then ax 6= ay. It follows
that

{ ax : x ∈ [1, m] } = [1, m] in which exactly l elements are negative.

Hence, am m! = (−1)l m!. As p does not divide m! we see that m! is a unit.

So we get that am = (−1)l . As sp (a) = am , we arrive at the next result.

Lemma 2 (Gauss). Let a ∈ U (p) and l = |{x ∈ [1, m] : ax < 0}|. Then we
have that sp (a) = (−1)l . So it follows that a ∈ Qp if and only if l is even.

We will use this for a = 2. Let k = bm/2c. For every x ∈ [1, k] we see that
2x ∈ [2, m] and so 2x > 0. As 2k + 2 ≥ m + 1, for every x ∈ [k + 1, m] we see
that 2x ∈ [m + 1, p − 1] and so 2x < 0. Thus, it follows that

l = m − k = m − bm/2c.

Suppose p is a prime of the form 8t + 1 for some t ∈ Z. Then m = 4t and so

l = 4t − 2t = 2t. Suppose p is a prime of the form 8t + 3 for some t ∈ Z. Then
m = 4t + 1 and so l = 4t + 1 − 2t = 2t + 1. Suppose p is a prime of the form
8t − 3 for some t ∈ Z. Then m = 4t − 2 and so l = 4t − 2 − (2t − 1) = 2t − 1.
Suppose p is a prime of the form 8t − 1 for some t ∈ Z. Then m = 4t − 1 and
so l = 4t − 1 − (2t − 1) = 2t. Thus, we arrive at the next result.

Theorem 3. Let p be an odd prime. Then we have that 2 ∈ Qp if and only if

p ≡ ±1 (mod 8).

Let us see an application of Theorem 3 for finding primitive roots of certain

odd primes.
Let p be a prime such that q = (p − 1)/2 is a prime and q ≡ 1 (mod 4).
Then we claim that 2 is a primitive root in Fp . To show that 2 is a generator of
U (p) we have to show that the order of 2 is p − 1. As the order of 2 is a divisor
of p − 1 and as p − 1 = 2q, it is enough to show that the order of 2 is neither 1,
2 nor q in U (p).

3
 If the order of 2 is 1, then 21 = 1 and so we get the contradiction that p | 1.
If the order of 2 is 2, then 22 = 1 and so p | 3. This contradicts the fact that
both p and (p − 1)/2 are primes.
As q ≡ 1 (mod 4) we see that 4 | (q − 1). As 2q = p − 1, we see that
2(q − 1) = p − 3. It follows that 8 | (p − 3) and hence p ≡ 3 (mod 8). By
Theorem 3 we see that 2 ∈ / Qp and hence 2q 6= 1. So the order of 2 in U (p) is
not q.

p−1
2 generates the group U (p) if p ≡ 3 (mod 8) and is a prime.
2

So we see that 2 is a generator of U (11) and U (59).

Let p be a prime such that q = (p − 1)/2 is a prime and q ≡ −1 (mod 4).
Then we claim that −2 is a primitive root in Fp . To show that −2 is a generator
of U (p) we have to show that the order of −2 is p − 1. As the order of −2 is a
divisor of p − 1 and as p − 1 = 2q, it is enough to show that the order of −2 is
neither 1, 2 nor q in U (p).
If the order of −2 is 1, then (−2)1 = 1 and so p | 3. If the order of −2 is 2,
then (−2)2 = 1 and so p | 3. This contradicts the fact that both p and (p − 1)/2
are primes.
As q ≡ −1 (mod 4), we see that 4 | (q + 1). As 2q = p − 1, we see that
2(q + 1) = p + 1. It follows that 8 | p + 1 and hence p ≡ −1 (mod 8). So by
Theorem 3 we see that 2 ∈ Qp and hence 2q = 1. As (−2)q = (−1)q 2 q and as
q is odd, it follows that (−2)q = −1. So the order of −2 in U (p) is not q.

p−1
−2 generates the group U (p) if p ≡ −1 (mod 8) and is a prime.
2

So we see that −2 is a generator of U (7), U (23) and U (47).

Theorem 4. There are infinitely many primes of the form 8k − 1.

Proof. Suppose pn is the largest such prime. Let m = 8(p1 . . . pn )2 − 1. Suppose

all the prime divisors of m are of the form 8k + 1. Then by Observation 2 we
see that m ≡ 1 (mod 8). This contradicts the fact that m ≡ −1 (mod 8). So
there exists a prime divisor p of m which is not of the form 8k + 1.
As p divides m, we see that 8(p1 . . . pn )2 ≡ 1 (mod p). So it follows that
2 = (4p1 . . . pn )2 in Fp and so 2 ∈ Qp . By Theorem 3 we see that p ≡ −1 (mod 8)
and so there exists i ∈ [1, n] such that p = pi . As 8(p1 . . . pn )2 ≡ 1 (mod p), we
get the contradiction that 0 ≡ 1 (mod p).

4
Lemma 3. Let p and q be odd primes. Then sp (q) = (−1)l where l is the size
of the set { (x, y) ∈ [1, m]×[1, (q −1)/2] : py −qx ∈ [1, m] } where m = (p−1)/2.

Proof. Suppose x ∈ [1, m] such that qx is congruent to an integer in [−m, −1]

modulo p. Then there exists y ∈ Z such that qx − py ∈ [−m, −1]. So we see
that py − qx ∈ [1, m] and y ≥ 1. As m < p, it follows that such a y is unique.
As py − qx ≤ m it follows that py ≤ m + qx ≤ m + qm = m(q + 1) and so we see
that y ≤ m(q + 1)/p. As m = (p − 1)/2, we see that m/p = (p − 1)/2p < 1/2
and so y < (q + 1)/2. Thus, it follows that y ≤ (q − 1)/2.

By interchanging p and q we see that sq (p) = (−1)k where k is the size of

the set { (x, y) ∈ [1, (p − 1)/2] × [1, (q − 1)/2] : qy − px ∈ [1, (q − 1)/2] }.
Consider the sets
R = [1, (p − 1)/2] × [1, (q − 1)/2],
S = { (x, y) ∈ R : py − qx > (p − 1)/2},
S 0 = { (x, y) ∈ R : py − qx ∈ [1, (p − 1)/2] },
T = { (x, y) ∈ R : py − qx < −(q − 1)/2} and
T 0 = { (x, y) ∈ R : py − qx ∈ [−(q − 1)/2, −1] }.