\documentclass[12pt,final,notitlepage,onecolumn]{article}%
\usepackage[all,cmtip]{xy}
\usepackage{lscape}
\usepackage{amsfonts}
\usepackage{amssymb}
\usepackage{amsmath}
\usepackage{graphicx}%
\setcounter{MaxMatrixCols}{30}
%TCIDATA{OutputFilter=latex2.dll}
%TCIDATA{Version=5.50.0.2960}
%TCIDATA{CSTFile=LaTeX article (bright).cst}
%TCIDATA{Created=Sat Mar 27 17:33:36 2004}
%TCIDATA{LastRevised=Wednesday, June 03, 2026 13:18:37}
%TCIDATA{<META NAME="ViewSettings" CONTENT="0">}
%TCIDATA{<META NAME="GraphicsSave" CONTENT="32">}
%TCIDATA{<META NAME="SaveForMode" CONTENT="1">}
%TCIDATA{BibliographyScheme=Manual}
%TCIDATA{<META NAME="DocumentShell" CONTENT="s">}
%BeginMSIPreambleData
\providecommand{\U}[1]{\protect\rule{.1in}{.1in}}
%EndMSIPreambleData
\voffset=-2.5cm
\hoffset=-2.5cm
\setlength\textheight{24cm}
\setlength\textwidth{15.5cm}
\begin{document}

\begin{center}
\textbf{Rep\#2a: Finite subgroups of multiplicative groups of fields}

Darij Grinberg

[not completed,
%NOT actually theorems proofread
not proofread]

\bigskip
\end{center}

This note is mostly an auxiliary note for Rep\#2. We are going to prove a fact
which is used rather often in algebra:

\begin{quote}
\textbf{Theorem 1.} Let $A$ be a field, and let $G$ be a finite subgroup of
the multiplicative group $A^{\times}$. Then, $G$ is a cyclic group.
\end{quote}

This theorem generalizes the (well-known) fact that the multiplicative group
of a finite field is cyclic. Most proofs of this fact can actually be used to
prove Theorem 1 in all its generality, so there is not much need to provide
another proof here. Nevertheless, let us sketch a proof of Theorem 1 that
requires only basic number theory. The downside is that it is very ugly.
First, an easy number-theoretical lemma:

\begin{quote}
\textbf{Lemma 2.} Let $i$, $g$ and $a$ be three integers such that $a$ is
positive, such that $g\mid a$, and such that $i$ is coprime to $g$. Then,
there exists an integer $I$ such that $I\equiv i\operatorname{mod}g$ and such
that $I$ is coprime to $a$.
\end{quote}

\textit{Proof of Lemma 2.} For every integer $n$, let us denote by
$\operatorname{PF}n$ the set of all prime divisors of $n$. By the unique
factorization theorem, for any positive integer $n$, the set
$\operatorname{PF}n$ is finite and satisfies $n=\prod\limits_{p\in
\operatorname{PF}n}p^{v_{p}\left(  n\right)  }$.

Clearly, $a\neq0$ (since $a$ is positive) and $g\neq0$ (since $a\neq0$ and
$g\mid a$). Now, $g\mid a$ yields $\operatorname{PF}g\subseteq
\operatorname{PF}a$. We have%
\[
a=\prod\limits_{p\in\operatorname{PF}a}p^{v_{p}\left(  a\right)  }%
=\prod\limits_{p\in\operatorname{PF}g}p^{v_{p}\left(  a\right)  }\cdot
\prod\limits_{p\in\operatorname{PF}a\setminus\operatorname{PF}g}%
p^{v_{p}\left(  a\right)  }\ \ \ \ \ \ \ \ \ \ \left(  \text{since
}\operatorname{PF}g\subseteq\operatorname{PF}a\right)  .
\]
In other words, $a=a_{1}a_{2}$, where $a_{1}=\prod\limits_{p\in
\operatorname{PF}g}p^{v_{p}\left(  a\right)  }$ and $a_{2}=\prod
\limits_{p\in\operatorname{PF}a\setminus\operatorname{PF}g}p^{v_{p}\left(
a\right)  }$.

The number $g$ is not divisible by any prime $p\in\operatorname{PF}%
a\setminus\operatorname{PF}g$ (because if $g$ is divisible by a prime $p$,
then $p\in\operatorname{PF}g$, so that $p$ cannot lie in $\operatorname{PF}%
a\setminus\operatorname{PF}g$). Hence, $g$ is coprime to $p^{v_{p}\left(
a\right)  }$ for every $p\in\operatorname{PF}a\setminus\operatorname{PF}g$.
Consequently, $g$ is coprime to the product $\prod\limits_{p\in
\operatorname{PF}a\setminus\operatorname{PF}g}p^{v_{p}\left(  a\right)  }$. In
other words, $g$ is coprime to $a_{2}$ (since $\prod\limits_{p\in
\operatorname{PF}a\setminus\operatorname{PF}g}p^{v_{p}\left(  a\right)
}=a_{2}$). Thus, by Bezout's Theorem\footnote{\textbf{Bezout's theorem} states
that if $\lambda_{1}$ and $\lambda_{2}$ are two coprime integers, then there
exist integers $\rho_{1}$ and $\rho_{2}$ such that $\rho_{1}\lambda_{1}%
+\rho_{2}\lambda_{2}=1$.}, there exist integers $\rho_{1}$ and $\rho_{2}$ such
that $\rho_{1}g+\rho_{2}a_{2}=1$. Thus, $1-\rho_{1}g=\rho_{2}a_{2}%
\equiv0\operatorname{mod}a_{2}$. Now, let $I=i-\left(  i-1\right)  \rho_{1}g$.
Then, $I=i-\left(  i-1\right)  \rho_{1}g\equiv i\operatorname{mod}g$. Hence,
$I$ is coprime to $g$ (since $i$ is coprime to $g$). Hence, $I$ is not
divisible by any prime $p\in\operatorname{PF}g$. Thus, $I$ is coprime to
$p^{v_{p}\left(  a\right)  }$ for every $p\in\operatorname{PF}g$.
Consequently, $I$ is coprime to the product $\prod\limits_{p\in
\operatorname{PF}g}p^{v_{p}\left(  a\right)  }$. In other words, $I$ is
coprime to $a_{1}$ (since $\prod\limits_{p\in\operatorname{PF}g}%
p^{v_{p}\left(  a\right)  }=a_{1}$). On the other hand, $I$ is coprime to
$a_{2}$ (since%
\[
I=i-\left(  i-1\right)  \rho_{1}g=i\underbrace{\left(  1-\rho_{1}g\right)
}_{\equiv0\operatorname{mod}a_{2}}+\rho_{1}g\equiv\rho_{1}g\equiv\rho
_{1}g+\rho_{2}a_{2}=1\operatorname{mod}a_{2}%
\]
). Hence, $I$ is coprime to $a_{1}a_{2}$ (since $I$ is coprime to $a_{1}$ and
to $a_{2}$). In other words, $I$ is coprime to $a$ (since $a_{1}a_{2}=a$).
This proves Lemma 2.

\textit{Proof of Theorem 1.} We first notice that the group $G$ is a subgroup
of the abelian group $A^{\times}$ (since $A$ is a field), and thus itself
abelian. We shall thus use the standard properties of abelian groups (such as
the identity $\left(  \alpha\beta\right)  ^{m}=\alpha^{m}\beta^{m}$ for all
$m\in\mathbb{Z}$ and $\alpha,\beta\in G$) without further mention.

Now, we shall show that%
\begin{align}
&  \text{if }\alpha\text{ and }\beta\text{ are two elements of }G\text{, then
there exists }\gamma\in G\text{ such that}\nonumber\\
&  \alpha\in\left\langle \gamma\right\rangle \text{ and }\beta\in\left\langle
\gamma\right\rangle . \label{3proof1}%
\end{align}


\textit{Proof of (\ref{3proof1}).} Let $a$ be the order of $\alpha$ in $G$,
and let $b$ be the order of $\beta$ in $G$. Let $g$ be $\gcd\left(
a,b\right)  $. Then, $g\mid a$ and $g\mid b$. Thus, $\left(  a\diagup
g\right)  \mid a$ and $\left(  b\diagup g\right)  \mid b$.

The order of $\alpha$ in $G$ is $a$. Hence, the order of $\alpha^{a\diagup g}$
in $G$ is $\dfrac{a}{a\diagup g}=g$ (since $\left(  a\diagup g\right)  \mid
a$). Consequently, the elements $\left(  \alpha^{a\diagup g}\right)  ^{0},$
$\left(  \alpha^{a\diagup g}\right)  ^{1},$ $...,$ $\left(  \alpha^{a\diagup
g}\right)  ^{g-1}$ are pairwise distinct, and we have $\left(  \alpha
^{a\diagup g}\right)  ^{g}=1$. Now, for every $i\in\left\{
0,1,...,g-1\right\}  $, we have $\left(  \left(  \alpha^{a\diagup g}\right)
^{i}\right)  ^{g}=\left(  \underbrace{\left(  \alpha^{a\diagup g}\right)
^{g}}_{=1}\right)  ^{i}=1$, and thus the element $\left(  \alpha^{a\diagup
g}\right)  ^{i}$ is a root of the polynomial $X^{g}-1\in A\left[  X\right]  $.
In other words, the elements $\left(  \alpha^{a\diagup g}\right)  ^{0},$
$\left(  \alpha^{a\diagup g}\right)  ^{1},$ $...,$ $\left(  \alpha^{a\diagup
g}\right)  ^{g-1}$ are roots of the polynomial $X^{g}-1\in A\left[  X\right]
$. Since we know that these elements $\left(  \alpha^{a\diagup g}\right)
^{0},$ $\left(  \alpha^{a\diagup g}\right)  ^{1},$ $...,$ $\left(
\alpha^{a\diagup g}\right)  ^{g-1}$ are pairwise distinct, we thus see that
the elements $\left(  \alpha^{a\diagup g}\right)  ^{0},$ $\left(
\alpha^{a\diagup g}\right)  ^{1},$ $...,$ $\left(  \alpha^{a\diagup g}\right)
^{g-1}$ are pairwise distinct roots of the polynomial $X^{g}-1\in A\left[
X\right]  $. But the polynomial $X^{g}-1\in A\left[  X\right]  $ can only have
at most $g$ roots (since any nonzero polynomial of degree $g$ over a field can
only have at most $g$ roots), so these roots $\left(  \alpha^{a\diagup
g}\right)  ^{0},$ $\left(  \alpha^{a\diagup g}\right)  ^{1},$ $...,$ $\left(
\alpha^{a\diagup g}\right)  ^{g-1}$ must be all the roots of the polynomial
$X^{g}-1\in A\left[  X\right]  $. Consequently, the polynomial $X^{g}-1$
equals a constant times $\left(  X-\left(  \alpha^{a\diagup g}\right)
^{0}\right)  \left(  X-\left(  \alpha^{a\diagup g}\right)  ^{1}\right)
...\left(  X-\left(  \alpha^{a\diagup g}\right)  ^{g-1}\right)  $. But the
constant just mentioned must be $1$ (since the polynomials $X^{g}-1$ and
\newline$\left(  X-\left(  \alpha^{a\diagup g}\right)  ^{0}\right)  \left(
X-\left(  \alpha^{a\diagup g}\right)  ^{1}\right)  ...\left(  X-\left(
\alpha^{a\diagup g}\right)  ^{g-1}\right)  $ have the same leading term);
hence, this becomes
\[
X^{g}-1=\left(  X-\left(  \alpha^{a\diagup g}\right)  ^{0}\right)  \left(
X-\left(  \alpha^{a\diagup g}\right)  ^{1}\right)  ...\left(  X-\left(
\alpha^{a\diagup g}\right)  ^{g-1}\right)  .
\]
In other words, $X^{g}-1=\prod\limits_{i=0}^{g-1}\left(  X-\left(
\alpha^{a\diagup g}\right)  ^{i}\right)  $. Applying this identity to
$X=\beta^{b\diagup g}$, we obtain $\left(  \beta^{b\diagup g}\right)
^{g}-1=\prod\limits_{i=0}^{g-1}\left(  \beta^{b\diagup g}-\left(
\alpha^{a\diagup g}\right)  ^{i}\right)  $. Since $\left(  \beta^{b\diagup
g}\right)  ^{g}-1=\beta^{b}-1=0$ (since $b$ is the order of $\beta$, and thus
$\beta^{b}=1$), this becomes $0=\prod\limits_{i=0}^{g-1}\left(  \beta
^{b\diagup g}-\left(  \alpha^{a\diagup g}\right)  ^{i}\right)  $. Hence, there
must exist some $i\in\left\{  0,1,...,g-1\right\}  $ such that $\beta
^{b\diagup g}-\left(  \alpha^{a\diagup g}\right)  ^{i}=0$ (because if a
product of elements of a field is zero, then one of the factors must be zero).
Consequently, this $i\in\left\{  0,1,...,g-1\right\}  $ satisfies
$\beta^{b\diagup g}=\left(  \alpha^{a\diagup g}\right)  ^{i}$. Similarly,
there exists some $j\in\left\{  0,1,...,g-1\right\}  $ satisfying
$\alpha^{a\diagup g}=\left(  \beta^{b\diagup g}\right)  ^{j}$. Thus,
$\alpha^{a\diagup g}=\left(  \underbrace{\beta^{b\diagup g}}_{=\left(
\alpha^{a\diagup g}\right)  ^{i}}\right)  ^{j}=\left(  \left(  \alpha
^{a\diagup g}\right)  ^{i}\right)  ^{j}=\left(  \alpha^{a\diagup g}\right)
^{ij}$, so that $1=\dfrac{\left(  \alpha^{a\diagup g}\right)  ^{ij}}%
{\alpha^{a\diagup g}}=\left(  \alpha^{a\diagup g}\right)  ^{ij-1}$. Since the
order of the element $\alpha^{a\diagup g}$ is $g$, this yields $g\mid ij-1$,
so that $ij\equiv1\operatorname{mod}g$. Hence, $ij$ is coprime to $g$, so that
$i$ must also be coprime to $g$. Thus, by Lemma 2, there exists an integer $I$
such that $I\equiv i\operatorname{mod}g$ and such that $I$ is coprime to $a$.
Since $I\equiv i\operatorname{mod}g$, we have $g\mid I-i$, and thus $\left(
\alpha^{a\diagup g}\right)  ^{I-i}=1$ (since $g$ is the order of
$\alpha^{a\diagup g}$), so that
\begin{equation}
\left(  \alpha^{a\diagup g}\right)  ^{I}=\left(  \alpha^{a\diagup g}\right)
^{\left(  I-i\right)  +i}=\underbrace{\left(  \alpha^{a\diagup g}\right)
^{I-i}}_{=1}\left(  \alpha^{a\diagup g}\right)  ^{i}=\left(  \alpha^{a\diagup
g}\right)  ^{i}=\beta^{b\diagup g}. \label{3proof5}%
\end{equation}


Now, the integers $a\diagup g$ and $b\diagup g$ are coprime (since
$\gcd\left(  a\diagup g,b\diagup g\right)  =\underbrace{\gcd\left(
a,b\right)  }_{=g}\diagup g=g\diagup g=1$); hence, by Bezout's Theorem, there
exist integers $u$ and $v$ such that $u\cdot a\diagup g+v\cdot b\diagup g=1$.
Now, let $\gamma=\alpha^{Iv}\beta^{u}$. Then, $\gamma\in G$ and%
\begin{align*}
\gamma^{b\diagup g}  &  =\left(  \alpha^{Iv}\beta^{u}\right)  ^{b\diagup
g}=\underbrace{\left(  \alpha^{Iv}\right)  ^{b\diagup g}}_{=\alpha^{Iv\cdot
b\diagup g}}\underbrace{\left(  \beta^{u}\right)  ^{b\diagup g}}_{=\left(
\beta^{b\diagup g}\right)  ^{u}}=\alpha^{Iv\cdot b\diagup g}\left(
\underbrace{\beta^{b\diagup g}}_{\substack{=\left(  \alpha^{a\diagup
g}\right)  ^{I}\\\text{(by (\ref{3proof5}))}}}\right)  ^{u}=\alpha^{Iv\cdot
b\diagup g}\underbrace{\left(  \left(  \alpha^{a\diagup g}\right)
^{I}\right)  ^{u}}_{=\left(  \alpha^{a\diagup g}\right)  ^{Iu}=\alpha^{Iu\cdot
a\diagup g}}\\
&  =\alpha^{Iv\cdot b\diagup g}\alpha^{Iu\cdot a\diagup g}=\alpha^{Iv\cdot
b\diagup g+Iu\cdot a\diagup g}=\alpha^{I}%
\end{align*}
(since $Iv\cdot b\diagup g+Iu\cdot a\diagup g=I\underbrace{\left(  u\cdot
a\diagup g+v\cdot b\diagup g\right)  }_{=1}=I$). Since $I$ is coprime to $a$,
there exist integers $x$ and $y$ such that $xI+ya=1$ (according to Bezout's
theorem). Thus,%
\begin{align*}
\alpha &  =\alpha^{1}=\alpha^{Ix+ay}\ \ \ \ \ \ \ \ \ \ \left(  \text{since
}1=xI+ya=Ix+ay\right) \\
&  =\underbrace{\alpha^{Ix}}_{=\left(  \alpha^{I}\right)  ^{x}}%
\underbrace{\alpha^{ay}}_{=\left(  \alpha^{a}\right)  ^{y}}=\left(
\underbrace{\alpha^{I}}_{=\gamma^{b\diagup g}}\right)  ^{x}\left(
\underbrace{\alpha^{a}}_{\substack{=1\text{ (since }a\text{ is}\\\text{the
order of }\alpha\text{)}}}\right)  ^{y}=\left(  \gamma^{b\diagup g}\right)
^{x}1^{y}=\left(  \gamma^{b\diagup g}\right)  ^{x}\in\left\langle
\gamma\right\rangle .
\end{align*}
On the other hand, since $\gamma=\alpha^{Iv}\beta^{u}$, we have%
\begin{align*}
\gamma^{a\diagup g}  &  =\left(  \alpha^{Iv}\beta^{u}\right)  ^{a\diagup
g}=\underbrace{\left(  \alpha^{Iv}\right)  ^{a\diagup g}}_{\substack{=\alpha
^{Iv\cdot a\diagup g}=\alpha^{\left(  a\diagup g\right)  \cdot Iv}\\=\left(
\alpha^{a\diagup g}\right)  ^{Iv}=\left(  \left(  \alpha^{a\diagup g}\right)
^{I}\right)  ^{v}}}\cdot\underbrace{\left(  \beta^{u}\right)  ^{a\diagup g}%
}_{=\beta^{u\cdot\left(  a\diagup g\right)  }}=\left(  \underbrace{\left(
\alpha^{a\diagup g}\right)  ^{I}}_{\substack{=\beta^{b\diagup g}\\\text{(by
(\ref{3proof5}))}}}\right)  ^{v}\cdot\beta^{u\cdot\left(  a\diagup g\right)
}\\
&  =\underbrace{\left(  \beta^{b\diagup g}\right)  ^{v}}_{=\beta^{\left(
b\diagup g\right)  \cdot v}=\beta^{v\cdot\left(  b\diagup g\right)  }}%
\cdot\,\beta^{u\cdot\left(  a\diagup g\right)  }=\beta^{v\cdot\left(  b\diagup
g\right)  }\cdot\beta^{u\cdot\left(  a\diagup g\right)  }=\beta^{v\cdot\left(
b\diagup g\right)  +u\cdot\left(  a\diagup g\right)  }\\
&  =\beta^{1}\ \ \ \ \ \ \ \ \ \ \left(  \text{since }v\cdot\left(  b\diagup
g\right)  +u\cdot\left(  a\diagup g\right)  =u\cdot a\diagup g+v\cdot b\diagup
g=1\right) \\
&  =\beta,
\end{align*}
and therefore $\beta=\gamma^{a\diagup g}\in\left\langle \gamma\right\rangle $.

Altogether, we have proven that $\gamma\in G$, that $\alpha\in\left\langle
\gamma\right\rangle $ and that $\beta\in\left\langle \gamma\right\rangle $.
This proves (\ref{3proof1}).

Now, let us finally prove Theorem 1: Clearly, there exists a subset $P$ of the
group $G$ such that $G=\left\langle P\right\rangle $ (in fact, the whole group
$G$ is an example of such a subset $P$). Let $U$ be such a subset with the
smallest number of elements.\footnote{Indeed, such a $U$ exists, because the
set of all subsets of the group $G$ is finite (since $G$ itself is finite).}
Then, $U$ is a subset of the group $G$ such that $G=\left\langle
U\right\rangle $, but there is no subset $U^{\prime}$ of $G$ with less
elements than $U$ that satisfies $G=\left\langle U^{\prime}\right\rangle $.

We let $k=\left\vert U\right\vert $, and we write the set $U$ as $U=\left\{
u_{1},u_{2},...,u_{k}\right\}  $, where $u_{1}$, $u_{2}$, $...$, $u_{k}$ are
the $k$ (pairwise distinct) elements of $U$. Assume now that $k>1$. Then,
$u_{1}$ and $u_{2}$ are well-defined. Now, there exists an element $\gamma\in
G$ such that $u_{1}\in\left\langle \gamma\right\rangle $ and $u_{2}%
\in\left\langle \gamma\right\rangle $ (by (\ref{3proof1}), applied to
$\alpha=u_{1}$ and $\beta=u_{2}$), and therefore $u_{i}\in\left\langle
\gamma,u_{3},u_{4},...,u_{k}\right\rangle $ for every $i\in\left\{
1,2,...,k\right\}  $ \ \ \ \ \footnote{In fact, three cases are possible:
either $i=1$, or $i=2$, or $i\geq3$. If $i=1$, then $u_{i}\in\left\langle
\gamma,u_{3},u_{4},...,u_{k}\right\rangle $ follows from $u_{1}\in\left\langle
\gamma\right\rangle \subseteq\left\langle \gamma,u_{3},u_{4},...,u_{k}%
\right\rangle $. If $i=2$, then $u_{i}\in\left\langle \gamma,u_{3}%
,u_{4},...,u_{k}\right\rangle $ follows from $u_{2}\in\left\langle
\gamma\right\rangle \subseteq\left\langle \gamma,u_{3},u_{4},...,u_{k}%
\right\rangle $. Finally, if $i\geq3$, then $u_{i}\in\left\langle \gamma
,u_{3},u_{4},...,u_{k}\right\rangle $ is trivial. Thus, $u_{i}\in\left\langle
\gamma,u_{3},u_{4},...,u_{k}\right\rangle $ holds in all cases.}. Hence,
$\left\langle u_{1},u_{2},...,u_{k}\right\rangle \subseteq\left\langle
\gamma,u_{3},u_{4},...,u_{k}\right\rangle $, so that%
\[
G=\left\langle U\right\rangle =\left\langle \left\{  u_{1},u_{2}%
,...,u_{k}\right\}  \right\rangle =\left\langle u_{1},u_{2},...,u_{k}%
\right\rangle \subseteq\left\langle \gamma,u_{3},u_{4},...,u_{k}\right\rangle
=\left\langle \left\{  \gamma,u_{3},u_{4},...,u_{k}\right\}  \right\rangle
=\left\langle U^{\prime}\right\rangle ,
\]
where $U^{\prime}$ denotes the subset $\left\{  \gamma,u_{3},u_{4}%
,...,u_{k}\right\}  $ of $G$. But clearly, also $G\supseteq\left\langle
U^{\prime}\right\rangle $. Thus, $G=\left\langle U^{\prime}\right\rangle $.
Besides, the subset $U^{\prime}$ of $G$ has less elements than $U$ (because
$U^{\prime}=\left\{  \gamma,u_{3},u_{4},...,u_{k}\right\}  $ has at most $k-1$
elements, while $U$ has $\left\vert U\right\vert =k$ elements). This
contradicts the fact that there is no subset $U^{\prime}$ of $G$ with less
elements than $U$ that satisfies $G=\left\langle U^{\prime}\right\rangle $.
This contradiction shows that our assumption $k>1$ was wrong. Hence, $k\leq1$,
so that $k=1$ or $k=0$. If $k=0$, then $\left\vert U\right\vert =k=0$ and thus
$U=\varnothing$, which leads to $G=\left\langle \varnothing\right\rangle
=\left\{  1\right\}  $, so that $G$ is a cyclic group. If $k=1$, then
$\left\vert U\right\vert =k=1$, so that $U=\left\{  u\right\}  $ for some
$u\in G$, and therefore $G=\left\langle U\right\rangle =\left\langle \left\{
u\right\}  \right\rangle =\left\langle u\right\rangle $ is a cyclic group.
Hence, in both cases, $G$ is a cyclic group. This proves Theorem 1.

Here is an easy consequence of Theorem 1:

\begin{quote}
\textbf{Lemma 3.} Let $A$ be a field. Let $n$ be a positive integer, and for
every $i\in\left\{  1,2,...,n\right\}  $, let $\xi_{i}$ be a root of unity in
$A$. Then, there exists some root of unity $\zeta$ of $A$ and a sequence
$\left(  k_{1},k_{2},...,k_{n}\right)  $ of nonnegative integers such that
$\left(  \xi_{i}=\zeta^{k_{i}}\text{ for every }i\in\left\{
1,2,...,n\right\}  \right)  $ and $\gcd\left(  k_{1},k_{2},...,k_{n}\right)
=1$.
\end{quote}

\textit{Proof of Lemma 3.} Let $G$ be the subgroup $\left\langle \xi_{1}%
,\xi_{2},...,\xi_{n}\right\rangle $ of the multiplicative group $A^{\times}$.
Then, the map%
\begin{align*}
\Phi:\left\langle \xi_{1}\right\rangle \times\left\langle \xi_{2}\right\rangle
\times...\times\left\langle \xi_{n}\right\rangle  &  \rightarrow\left\langle
\xi_{1},\xi_{2},...,\xi_{n}\right\rangle \ \ \ \ \ \ \ \ \ \ \text{defined
by}\\
\left(  x_{1},x_{2},...,x_{n}\right)   &  \mapsto x_{1}x_{2}...x_{n}%
\end{align*}
is surjective (because every element of $\left\langle \xi_{1},\xi_{2}%
,...,\xi_{n}\right\rangle $ has the form $\prod\limits_{i=1}^{n}\xi_{i}%
^{f_{i}}$ for some $n$-tuple $\left(  f_{1},f_{2},...,f_{n}\right)  $ of
integers\footnote{Again, we are using the fact that $G$ is abelian (since $G$
is a subgroup of the abelian group $A^{\times}$).}, and thus is $\Phi\left(
\xi_{1}^{f_{1}},\xi_{2}^{f_{2}},...,\xi_{n}^{f_{n}}\right)  $), and the set
$\left\langle \xi_{1}\right\rangle \times\left\langle \xi_{2}\right\rangle
\times...\times\left\langle \xi_{n}\right\rangle $ is finite (since the set
$\left\langle \xi_{i}\right\rangle $ is finite for every $i\in\left\{
1,2,...,n\right\}  ,$ because $\xi_{i}$ is a root of unity). Hence, the set
$\left\langle \xi_{1},\xi_{2},...,\xi_{n}\right\rangle $ is finite. Thus,
$G=\left\langle \xi_{1},\xi_{2},...,\xi_{n}\right\rangle $ is a finite
subgroup of $A^{\times}$. Hence, by Theorem 1, this group $G$ is cyclic, so
that there exists some $\tau\in G$ such that $G=\left\langle \tau\right\rangle
$. Now, if $u$ is the order of $\tau$ in the group $G$, then $\left\langle
\tau\right\rangle =\left\{  \tau^{0},\tau^{1},...,\tau^{u-1}\right\}  $.
Hence, for every $i\in\left\{  1,2,...,n\right\}  $, there exists some
nonnegative integer $\ell_{i}$ such that $\xi_{i}=\tau^{\ell_{i}}$ (since
$\xi_{i}\in G=\left\langle \tau\right\rangle =\left\{  \tau^{0},\tau
^{1},...,\tau^{u-1}\right\}  $). Now, let $\ell=\gcd\left(  \ell_{1},\ell
_{2},...,\ell_{n}\right)  $. Let $\zeta=\tau^{\ell}$, and let $k_{i}=\ell
_{i}\diagup\ell$ for every $i\in\left\{  1,2,...,n\right\}  $%
\ \ \ \ \footnote{If $\ell=0$, then we take $k_{i}=1$ for all $i\in\left\{
1,2,\ldots,n\right\}  $ instead. Note that all of the $\ell_{1},\ell
_{2},\ldots,\ell_{n}$ are $0$ in this case, because of $\gcd\left(  \ell
_{1},\ell_{2},...,\ell_{n}\right)  =\ell=0$.}. Then, $\ell_{i}=\ell k_{i}$ for
every $i\in\left\{  1,2,...,n\right\}  $.

Now we know that $\zeta$ is a root of unity (since $\zeta\in G$, and thus
Lagrange's theorem yields $\zeta^{\left\vert G\right\vert }=1$), and for every
$i\in\left\{  1,2,...,n\right\}  $ we have $\xi_{i}=\tau^{\ell_{i}}=\tau^{\ell
k_{i}}=\left(  \underbrace{\tau^{\ell}}_{=\zeta}\right)  ^{k_{i}}=\zeta
^{k_{i}}$. Finally, recall that $k_{i}=\ell_{i}\diagup\ell$ for every
$i\in\left\{  1,2,...,n\right\}  $. Thus, $\gcd\left(  k_{1},k_{2}%
,...,k_{n}\right)  =\gcd\left(  \ell_{1}\diagup\ell,\ell_{2}\diagup
\ell,...,\ell_{n}\diagup\ell\right)  =\underbrace{\gcd\left(  \ell_{1}%
,\ell_{2},...,\ell_{n}\right)  }_{=\ell}\diagup\ell=1$. Thus, Lemma 3 is proven.


\end{document}