Structural Group Theory

Consider the additive group of integers \( \mathbb{Z} \) and its subgroup \[ H = 3\mathbb{Z} = \{ \dots, -6, -3, 0, 3, 6, \dots \}. \] To find the cosets, we pick an element \( a \in \mathbb{Z} \) and add it to every element in \( H \):

• 0 + 3\(\mathbb{Z}\) = { \(\cdots\), -6, -3, 0, 3, 6, \(\cdots\) }
• 1 + 3\(\mathbb{Z}\) = { \(\cdots\), -5, -2, 1, 4, 7, \(\cdots\) }
• 2 + 3\(\mathbb{Z}\) = { \(\cdots\), -4, -1, 2, 5, 8, \(\cdots\) }
• 3 + 3\(\mathbb{Z}\) = { \(\cdots\), -3, 0, 3, 6, 9, \(\cdots\) } = 0 + 3\(\mathbb{Z}\)

This illustrates that the cosets are exactly the equivalence classes of the "modulo" relation. In CS terms, this is the mathematical foundation of a hash map where the keys are remainders.

We establish the properties in a logical order that exposes their dependency structure. Properties 1, 3, 4, 5, and 6 form the backbone used throughout this page; Properties 2, 7, and 8 follow as corollaries.

Property 1 (\(a \in aH\)): Since \(H\) is a subgroup, \(e \in H\), so \(a = ae \in aH\).

Property 3 (\(aH = bH \iff a \in bH\)):
(\(\Rightarrow\)) If \(aH = bH\), then by Property 1, \(a \in aH = bH\).
(\(\Leftarrow\)) Suppose \(a \in bH\), so \(a = bh\) for some \(h \in H\). For any \(ah' \in aH\), \[ ah' = (bh)h' = b(hh') \in bH, \] since \(hh' \in H\) by closure. Thus \(aH \subseteq bH\). Conversely, from \(a = bh\) we get \(b = ah^{-1}\) with \(h^{-1} \in H\), and the symmetric argument yields \(bH \subseteq aH\). Therefore \(aH = bH\).

Property 2 (\(aH = H \iff a \in H\)): This is Property 3 with \(b = e\), since \(eH = H\).

Property 4 (\(aH = bH\) or \(aH \cap bH = \emptyset\)): We prove the contrapositive: if \(aH \cap bH \neq \emptyset\), then \(aH = bH\). Let \(x \in aH \cap bH\). By Property 3, \(x \in aH\) implies \(xH = aH\), and \(x \in bH\) implies \(xH = bH\). Therefore \(aH = xH = bH\).

Property 5 (\(aH = bH \iff a^{-1}b \in H\)): By Property 3, \(aH = bH \iff a \in bH \iff a = bh\) for some \(h \in H\). The equation \(a = bh\) is equivalent to \(b^{-1}a = h \in H\). Since \(H\) is a subgroup, \(b^{-1}a \in H \iff (b^{-1}a)^{-1} = a^{-1}b \in H\). Combining these, \(aH = bH \iff a^{-1}b \in H\).

Property 6 (\(|aH| = |bH|\)): Define \(f: aH \to bH\) by \(f(ah) = bh\). We verify \(f\) is a bijection.

• Well-defined and injective: \(ah_1 = ah_2 \iff h_1 = h_2 \iff bh_1 = bh_2\) (by left cancellation in \(G\)).
• Surjective: Every \(bh \in bH\) is the image of \(ah \in aH\).

Hence \(f\) is a bijection, so \(|aH| = |bH|\). (This argument works for both finite and infinite \(H\), giving equality of cardinalities.)

Property 7 (\(aH = Ha \iff H = aHa^{-1}\)): Multiplying the set equation \(aH = Ha\) on the right by \(a^{-1}\) (element-wise) gives \(aHa^{-1} = Haa^{-1} = H\). The reverse direction multiplies \(H = aHa^{-1}\) on the right by \(a\) to recover \(Ha = aH\).

Property 8 (\(aH\) is a subgroup \(\iff a \in H\)):
(\(\Leftarrow\)) If \(a \in H\), then by Property 2, \(aH = H\), which is a subgroup.
(\(\Rightarrow\)) If \(aH\) is a subgroup of \(G\), it contains the identity \(e\). By Property 3, \(e \in aH\) implies \(eH = aH\), i.e., \(H = aH\), which by Property 2 gives \(a \in H\).

Let \(a_1 H, \, a_2 H, \, \ldots, \, a_r H\) denote the distinct left cosets of \(H\) in \(G\). The proof relies on three results from Properties of Cosets (Properties 1, 4, and 6). For any \(a \in G\), Property 1 guarantees that \(a \in aH\). Since the cosets \(a_1 H, \ldots, a_r H\) exhaust all distinct cosets, we have \(aH = a_i H\) for some \(i\), which means \(a \in a_i H\). Therefore, every element of \(G\) belongs to one of these cosets: \[ G = a_1 H \cup \cdots \cup a_r H. \] By Property 4, this union is disjoint, so: \[ |G| = |a_1 H| + |a_2 H| + \cdots + |a_r H|. \] Since \(\forall i, \, |a_i H| = |H|\) by Property 6, we have \(|G| = r |H|\). Therefore, \[ r = \frac{|G|}{|H|}. \]

Corollary 1 was established within the proof of Lagrange's Theorem above (the equation \(r = |G|/|H|\)). Corollary 4 is proved separately below.

Corollary 2 (\(|a| \mid |G|\)): Let \(a \in G\) and consider the cyclic subgroup \(\langle a \rangle\) generated by \(a\). By the definition of element order, \(|a|\) is the smallest positive integer with \(a^{|a|} = e\). The elements \(e, a, a^2, \ldots, a^{|a|-1}\) are all distinct: for if \(a^i = a^j\) with \(0 \leq i < j \leq |a|-1\), then \(a^{j-i} = e\) with \(0 < j - i < |a|\), contradicting the minimality of \(|a|\). Hence \[ \langle a \rangle = \{e, a, a^2, \ldots, a^{|a|-1}\}, \] which gives \(|\langle a \rangle| = |a|\). Since \(\langle a \rangle\) is a subgroup of \(G\), Lagrange's Theorem yields \(|\langle a \rangle| \mid |G|\), and therefore \(|a| \mid |G|\).

Corollary 3 (\(a^{|G|} = e\)): By Corollary 2, \(|a| \mid |G|\), so \(|G| = |a| \cdot k\) for some positive integer \(k\). Using integer exponent laws, \[ a^{|G|} = a^{|a| \cdot k} = (a^{|a|})^k = e^k = e. \]

By the division algorithm, write \(a = pm + r\) with \(0 \leq r < p\); this gives \(a \bmod p = r\). Since \(a \equiv r \pmod{p}\), raising both sides to the \(p\)-th power yields \(a^p \equiv r^p \pmod{p}\), i.e., \[ a^p \bmod p = r^p \bmod p. \] It therefore suffices to prove \(r^p \bmod p = r\).

Case 1 (\(r = 0\)): Then \(r^p = 0\), so \(r^p \bmod p = 0 = r\).

Case 2 (\(r \neq 0\)): Since \(p\) is prime, every integer in \(\{1, 2, \ldots, p-1\}\) is coprime to \(p\). Hence \[ U(p) = \{1, 2, \ldots, p-1\}, \] which is a group of order \(p - 1\) under multiplication modulo \(p\), with identity \(1\). From \(0 < r < p\) we have \(r \in U(p)\), so Corollary 3 applied in \(U(p)\) gives \[ r^{p-1} = 1 \text{ in } U(p), \quad \text{equivalently, } r^{p-1} \bmod p = 1. \] Multiplying both sides by \(r\) in \(U(p)\) yields \(r^p = r\), i.e., \(r^p \bmod p = r\).

In both cases \(r^p \bmod p = r\). Combining with \(a^p \bmod p = r^p \bmod p\) from the opening reduction, we conclude \[ a^p \bmod p = r = a \bmod p. \quad \blacksquare \]

In the Diffie-Hellman key exchange, two parties agree on a shared secret by exchanging values in a cyclic group \(G = \langle g \rangle\) of order \(n\). The security relies on the discrete logarithm problem (DLP): given \(g\) and \(h = g^x\), find the exponent \(x\).

Lagrange's Theorem reveals a critical vulnerability when \(n\) is composite. The Pohlig-Hellman algorithm exploits the subgroup structure guaranteed by Lagrange's Theorem to reduce the DLP in \(G\) to smaller DLPs in subgroups of prime-power order. A detailed treatment appears in the Handbook of Applied Cryptography by Menezes, van Oorschot, and Vanstone (§3.6).

The Key Insight:

Suppose \(n = p_1^{e_1} p_2^{e_2} \cdots p_k^{e_k}\). For each prime power \(p_i^{e_i}\) dividing \(n\), consider the element \[ g_i = g^{n / p_i^{e_i}}. \] Direct computation shows \(g_i\) has order exactly \(p_i^{e_i}\), since \[ (g_i)^{p_i^{e_i}} = g^n = e \quad \text{and} \quad (g_i)^{p_i^{e_i - 1}} = g^{n/p_i} \neq e. \] Similarly, define \(h_i = h^{n / p_i^{e_i}}\). Then \[ h_i = (g^x)^{n / p_i^{e_i}} = (g_i)^x, \] so solving \(h_i = (g_i)^{x_i}\) for \(x_i\) is a DLP in a subgroup of order \(p_i^{e_i}\), which yields \(x_i \equiv x \bmod{p_i^{e_i}}\).

Reconstructing the Solution:

Once we have all \(k\) congruences \[ x \equiv x_1 \bmod{p_1^{e_1}}, \quad x \equiv x_2 \bmod{p_2^{e_2}}, \quad \ldots, \quad x \equiv x_k \bmod{p_k^{e_k}}, \] the Chinese Remainder Theorem guarantees a unique solution modulo \(n\).

Complexity Implication:

The complexity of the Pohlig-Hellman algorithm is \[ O\left(\sum_{i=1}^{k} e_i \left(\log_2 n + \sqrt{p_i}\right)\right) \] group operations (following the cryptographic convention that \(\log\) denotes \(\log_2\)). When all prime factors \(p_i\) are small (i.e., \(n\) is smooth), this is dramatically faster than the \(O(\sqrt{n})\) complexity of generic algorithms like baby-step giant-step. For example, if \(n = 2^{20}\), the DLP can be solved in roughly \(20 \cdot (\log_2 2^{20} + \sqrt{2}) = 20 \cdot (20 + 1.414) \approx 20 \cdot 21.4\) operations, instead of \(\sqrt{2^{20}} = 1024\) operations.

The Defense:

This is precisely why cryptographic protocols choose groups of prime order \(p\). If \(H\) is any subgroup of such a group, Lagrange's Theorem forces \(|H| \mid p\), so \(|H| \in \{1, p\}\); that is, \(H\) is either trivial or the whole group. With no nontrivial proper subgroups available, Pohlig-Hellman is inapplicable and attackers must confront the full difficulty of the DLP. We hope you can see the fundamental connection between abstract algebra and computer science.

Although \(HK\) is the set of \(|H| \cdot |K|\) products \(hk\), some products may coincide: \(hk = h'k'\) with \(h \neq h'\), \(k \neq k'\). For each \(t \in H \cap K\), the product \(hk\) can be rewritten as \(hk = (ht)(t^{-1}k)\), so each element of \(HK\) is represented by at least \(|H \cap K|\) products. Conversely, if \(hk = h'k'\), then multiplying on the left by \(h^{-1}\) and on the right by \((k')^{-1}\) gives \(h^{-1}h' = k(k')^{-1}\). Setting \(t = h^{-1}h' = k(k')^{-1}\) gives \(t \in H \cap K\) (the first equality places \(t\) in \(H\), the second in \(K\)) with \(h' = ht\) and \(k' = t^{-1}k\). Thus the surjection \(H \times K \to HK\), \((h, k) \mapsto hk\), has every fiber of size exactly \(|H \cap K|\). Counting, \[ |H| \cdot |K| = |H \times K| = |HK| \cdot |H \cap K|, \] giving \(|HK| = |H| \cdot |K| / |H \cap K|\).

• Abelian Groups:
  If \(G\) is Abelian, every subgroup is normal. Since \(ah = ha\) for all \(a \in G\) and \(h \in H\), \[ aH = \{ah \mid h \in H\} = \{ha \mid h \in H\} = Ha. \]
• The Center \(Z(G)\):
  Recall from Intro to Abstract Algebra that \(Z(G) = \{z \in G \mid zx = xz \text{ for all } x \in G\}\) is always a subgroup of \(G\). For any \(a \in G\) and \(z \in Z(G)\), \(az = za\), so \[ aZ(G) = \{az \mid z \in Z(G)\} = \{za \mid z \in Z(G)\} = Z(G)a. \] Hence \(Z(G) \trianglelefteq G\).
• The Alternating Group \(A_n\):
  In the previous chapter, we saw that \(|S_n| = 2|A_n|\), so \(A_n\) has index 2 in \(S_n\). By the theorem below, \(A_n \trianglelefteq S_n\).

Let \(a \in G\). We show \(aH = Ha\) by cases.

Case 1 (\(a \in H\)): By Property 2 of Cosets, \(aH = H\). The same property applied to right cosets gives \(Ha = H\). Hence \(aH = H = Ha\).

Case 2 (\(a \notin H\)): Since \([G:H] = 2\), there are exactly two distinct left cosets. By Property 1, \(H = eH\) is one of them; the other must be \(G \setminus H\), because the cosets partition \(G\) (Property 4). Since \(a \notin H\), the left coset \(aH\) equals \(G \setminus H\).

The analogous argument for right cosets shows there are exactly two right cosets, \(H\) and \(G \setminus H\), and \(Ha = G \setminus H\) because \(a \notin H\).

Therefore \(aH = G \setminus H = Ha\).

In both cases \(aH = Ha\). Since \(a\) was arbitrary, \(H \trianglelefteq G\). \(\blacksquare\)

(\(\Rightarrow\)) Suppose \(H \trianglelefteq G\), i.e., \(aH = Ha\) for every \(a \in G\). Fix \(x \in G\) and \(h \in H\). From \(xH = Hx\), the element \(xh \in xH\) also lies in \(Hx\), so there exists \(h' \in H\) with \(xh = h'x\). Multiplying on the right by \(x^{-1}\): \[ xhx^{-1} = h' \in H. \] Since \(h\) was arbitrary, \(xHx^{-1} \subseteq H\).

(\(\Leftarrow\)) Suppose \(xHx^{-1} \subseteq H\) for all \(x \in G\). Fix \(a \in G\).

Applying the hypothesis with \(x = a\) gives \(aHa^{-1} \subseteq H\). Multiplying on the right by \(a\): \[ aH = (aHa^{-1})a \subseteq Ha. \]

Applying the hypothesis with \(x = a^{-1}\) gives \(a^{-1}Ha \subseteq H\). Multiplying on the left by \(a\): \[ Ha = a(a^{-1}Ha) \subseteq aH. \]

Combining both inclusions, \(aH = Ha\). Since \(a\) was arbitrary, \(H \trianglelefteq G\). \(\blacksquare\)

Step 1: Well-definedness of the operation. We must verify that the rule \[ (aH) \cdot (bH) := (ab)H \] defines a function \((G/H) \times (G/H) \to G/H\), i.e., the result depends only on the cosets \(aH\) and \(bH\), not on the chosen representatives \(a, b\). Concretely, if \(aH = a'H\) and \(bH = b'H\), we must show \((ab)H = (a'b')H\).

By Property 3 of Cosets (forward direction), \(aH = a'H\) implies \(a' \in aH\), so \(a' = ah_1\) for some \(h_1 \in H\). Similarly, \(b' = bh_2\) for some \(h_2 \in H\). Hence \[ a'b' = (ah_1)(bh_2) = a(h_1 b)h_2. \]

Here we invoke normality of \(H\). Since \(H \trianglelefteq G\), we have \(Hb = bH\), and therefore \(h_1 b \in Hb = bH\). Thus \(h_1 b = b h'\) for some \(h' \in H\). Substituting: \[ a'b' = a(b h')h_2 = (ab)(h' h_2). \] Setting \(h'' = h' h_2 \in H\) (closure of \(H\)), we obtain \(a'b' = (ab) h''\), i.e., \(a'b' \in (ab) H\).

By Property 3 of cosets (reverse direction), \(a'b' \in (ab)H\) implies \((a'b')H = (ab)H\). Therefore the operation is well-defined.

Step 2: Group axioms for \(G/H\).

• Identity: \(eH = H\) serves as the identity since, for any \(aH \in G/H\), \[ (aH)(eH) = (ae)H = aH \quad \text{and} \quad (eH)(aH) = (ea)H = aH. \]
• Inverse: The inverse of \(aH\) is \(a^{-1}H\), since \[ (aH)(a^{-1}H) = (aa^{-1})H = eH = H \quad \text{and} \quad (a^{-1}H)(aH) = (a^{-1}a)H = eH = H. \]
• Associativity: For any \(aH, bH, cH \in G/H\), \[ ((aH)(bH))(cH) = ((ab)H)(cH) = ((ab)c)H = (a(bc))H = (aH)((bc)H) = (aH)((bH)(cH)), \] where the central equality \(((ab)c)H = (a(bc))H\) follows from associativity in \(G\), and the remaining equalities follow from the definition \((xH)(yH) = (xy)H\).

Step 3: Order of \(G/H\) when \(G\) is finite. By definition, \(G/H = \{aH \mid a \in G\}\) is the set of distinct left cosets of \(H\) in \(G\). Lagrange's theorem gives the number of such cosets as \(|G|/|H|\); hence \(|G/H| = |G|/|H|\). \(\blacksquare\)

Let \(G = \mathbb{Z}\) (integers) and \(H = n\mathbb{Z}\) (multiples of \(n\)). Since \(\mathbb{Z}\) is Abelian, \(H\) is normal.
The cosets are: \[ 0+H, \quad 1+H, \quad 2+H, \quad \dots, \quad (n-1)+H. \] The factor group operation tells us how to add these cosets: \[ (a+H) + (b+H) = (a+b) + H. \] Does this look familiar? It is exactly modular arithmetic. The factor group \(\mathbb{Z}/n\mathbb{Z}\) is structurally identical (isomorphic) to the group \(\mathbb{Z}_n\). A formal proof of this isomorphism appears later in this page as an application of the First Isomorphism Theorem.

Consider the group of integers \(\mathbb{Z}\) under addition and the group \(\{1, -1\}\) under multiplication. Define the parity map \(\phi: \mathbb{Z} \to \{1, -1\}\) by \[ \phi(n) = (-1)^n = \begin{cases} 1 & \text{if } n \text{ is even}, \\ -1 & \text{if } n \text{ is odd}. \end{cases} \] This is a homomorphism because the integer exponent law gives \((-1)^{a+b} = (-1)^a (-1)^b\), so \[ \phi(a + b) = (-1)^{a+b} = (-1)^a (-1)^b = \phi(a)\phi(b). \]

Concretely, the four parity cases match the expected signs:

• Even + Even = Even: \(\phi(E)\phi(E) = 1 \cdot 1 = 1\). (Match)
• Odd + Odd = Even: \(\phi(O)\phi(O) = (-1)(-1) = 1\). (Match)
• Even + Odd = Odd: \(\phi(E)\phi(O) = 1 \cdot (-1) = -1\). (Match)
• Odd + Even = Odd: by commutativity of \(\mathbb{Z}\), same as Even + Odd. (Match)

The parity map "translates" the additive structure of \(\mathbb{Z}\) into the multiplicative structure of \(\{1, -1\}\), collapsing every even integer to \(1\) and every odd integer to \(-1\).

Let \(GL(n, \mathbb{R})\) be the General Linear Group (invertible \(n \times n\) matrices) and \(\mathbb{R}^*\) be the group of nonzero real numbers under multiplication.

Recall the property of determinants: \[ \det(AB) = \det(A)\det(B). \] This equation is exactly the homomorphism property. It tells us that the determinant mapping \(\det: GL(n, \mathbb{R}) \to \mathbb{R}^*\) defined by \(A \mapsto \det(A)\) is a homomorphism.

The kernel of this homomorphism is \[ \text{Ker } \det = \{A \in GL(n, \mathbb{R}) \mid \det(A) = 1\}. \] This is the Special Linear Group, denoted \(SL(n, \mathbb{R})\). (Note that \(SL(n, \mathbb{R})\) is a normal subgroup of \(GL(n, \mathbb{R})\).)

Let \(n\) be a fixed positive integer greater than 1. If \(a \bmod n = a'\) and \(b \bmod n = b'\), then \[ (a + b) \bmod n = (a' + b') \bmod n. \] This shows that the mapping \(\phi: \mathbb{Z} \to \mathbb{Z}_n\) defined by \(\phi(m) = m \bmod n\) is a homomorphism.

The kernel consists of all integers that map to \(0\): \[ \text{Ker }\phi = \{m \in \mathbb{Z} \mid m \bmod n = 0\} = n\mathbb{Z} = \langle n \rangle. \]

Let \(e\) denote the identity of \(G\) and \(\bar{e}\) the identity of \(\overline{G}\). We establish the properties in a logical order reflecting their dependencies.

Property 1 (\(\phi(e) = \bar{e}\)): Since \(e = ee\) in \(G\), \[ \phi(e) = \phi(ee) = \phi(e)\phi(e). \] Also \(\phi(e) = \bar{e}\phi(e)\) since \(\bar{e}\) is the identity of \(\overline{G}\). Combining, \(\bar{e}\phi(e) = \phi(e)\phi(e)\), and right-cancellation in \(\overline{G}\) gives \(\bar{e} = \phi(e)\).

Lemma (\(\phi(a^{-1}) = \phi(a)^{-1}\)): From \(\phi(a)\phi(a^{-1}) = \phi(aa^{-1}) = \phi(e) = \bar{e}\) and, symmetrically, \(\phi(a^{-1})\phi(a) = \bar{e}\), uniqueness of inverses in \(\overline{G}\) gives \(\phi(a^{-1}) = \phi(a)^{-1}\).

Property 2 (\(\phi(g^n) = \phi(g)^n\) for all \(n \in \mathbb{Z}\)):

• Case \(n = 0\): \(\phi(g^0) = \phi(e) = \bar{e} = \phi(g)^0\) by Property 1.
• Case \(n > 0\): Induction on \(n\). Base \(n = 1\) is trivial. Assuming \(\phi(g^n) = \phi(g)^n\), \[ \phi(g^{n+1}) = \phi(g^n \cdot g) = \phi(g^n)\phi(g) = \phi(g)^n \phi(g) = \phi(g)^{n+1}. \]
• Case \(n < 0\): Write \(n = -m\) with \(m > 0\). Then \(g^n = (g^m)^{-1}\), so by the Lemma and the positive case, \[ \phi(g^n) = \phi((g^m)^{-1}) = \phi(g^m)^{-1} = (\phi(g)^m)^{-1} = \phi(g)^{-m} = \phi(g)^n. \]

Property 3 (\(|g|\) finite \(\Rightarrow |\phi(g)|\) divides \(|g|\)): Let \(n = |g|\), so \(g^n = e\). By Property 2, \[ \phi(g)^n = \phi(g^n) = \phi(e) = \bar{e}. \] Thus \(\phi(g)\) has finite order; set \(m = |\phi(g)|\). By the division algorithm, \(n = mq + r\) with \(0 \leq r < m\). Then \[ \bar{e} = \phi(g)^n = \phi(g)^{mq + r} = (\phi(g)^m)^q \phi(g)^r = \bar{e}^q \phi(g)^r = \phi(g)^r. \] Since \(m\) is the smallest positive integer with \(\phi(g)^m = \bar{e}\) and \(0 \leq r < m\), we must have \(r = 0\). Hence \(m \mid n\), i.e., \(|\phi(g)| \mid |g|\).

Property 4 (\(\text{Ker }\phi \leq G\)): By Property 1, \(e \in \text{Ker }\phi\), so \(\text{Ker }\phi \neq \emptyset\). Let \(a, b \in \text{Ker }\phi\), so \(\phi(a) = \phi(b) = \bar{e}\). By the Lemma, \[ \phi(ab^{-1}) = \phi(a)\phi(b^{-1}) = \phi(a)\phi(b)^{-1} = \bar{e} \cdot \bar{e}^{-1} = \bar{e}, \] so \(ab^{-1} \in \text{Ker }\phi\). By the One-Step Subgroup Test, \(\text{Ker }\phi \leq G\).

Property 5 (\(\phi(a) = \phi(b) \iff a\text{Ker }\phi = b\text{Ker }\phi\)): Since \(\text{Ker }\phi \leq G\) (Property 4), we may apply Property 5 of Cosets (\(aH = bH \iff a^{-1}b \in H\)): \[ a\text{Ker }\phi = b\text{Ker }\phi \iff a^{-1}b \in \text{Ker }\phi. \] Expanding the right-hand side using the Lemma, \[ a^{-1}b \in \text{Ker }\phi \iff \phi(a^{-1}b) = \bar{e} \iff \phi(a)^{-1}\phi(b) = \bar{e} \iff \phi(b) = \phi(a). \] Combining the two chains gives the claim.

Property 6 (\(\phi^{-1}(\bar{g}) = g\text{Ker }\phi\) when \(\phi(g) = \bar{g}\)): For any \(x \in G\), \[ x \in \phi^{-1}(\bar{g}) \iff \phi(x) = \bar{g} = \phi(g) \overset{\text{Prop.~5}}{\iff} x\text{Ker }\phi = g\text{Ker }\phi \overset{\text{Cosets Prop.~3}}{\iff} x \in g\text{Ker }\phi, \] where the last equivalence applies Property 3 of Cosets (\(aH = bH \iff a \in bH\)) with \(a = x, b = g, H = \text{Ker }\phi\). Therefore \(\phi^{-1}(\bar{g}) = g\text{Ker }\phi\). \(\blacksquare\)

We use Properties 1, 2, and the Lemma from the preceding theorem (Properties of Elements under Homomorphism) freely.

Property 1 (\(\phi(H) \leq \overline{G}\)): By Property 1 of Elements, \(\phi(e) = \bar{e} \in \phi(H)\), so \(\phi(H) \neq \emptyset\). For \(\phi(h_1), \phi(h_2) \in \phi(H)\), the Lemma gives \[ \phi(h_1) \phi(h_2)^{-1} = \phi(h_1)\phi(h_2^{-1}) = \phi(h_1 h_2^{-1}). \] Since \(H \leq G\), \(h_1 h_2^{-1} \in H\), so \(\phi(h_1 h_2^{-1}) \in \phi(H)\). The One-Step Subgroup Test yields \(\phi(H) \leq \overline{G}\).

Property 2 (cyclic preserved): If \(H = \langle h \rangle\), then by Property 2 of Elements, \[ \phi(H) = \{\phi(h^n) \mid n \in \mathbb{Z}\} = \{\phi(h)^n \mid n \in \mathbb{Z}\} = \langle \phi(h) \rangle, \] which is cyclic.

Property 3 (Abelian preserved): For \(h_1, h_2 \in H\) with \(h_1 h_2 = h_2 h_1\), \[ \phi(h_1)\phi(h_2) = \phi(h_1 h_2) = \phi(h_2 h_1) = \phi(h_2)\phi(h_1), \] so \(\phi(H)\) is Abelian.

Property 4 (\(H \trianglelefteq G \Rightarrow \phi(H) \trianglelefteq \phi(G)\)): By Property 1, \(\phi(H) \leq \overline{G}\), and since \(\phi(H) \subseteq \phi(G)\), we have \(\phi(H) \leq \phi(G)\). For the Normal Subgroup Test, fix \(\bar{y} \in \phi(G)\) and \(\phi(h) \in \phi(H)\). Writing \(\bar{y} = \phi(y)\) for some \(y \in G\), \[ \bar{y} \phi(h) \bar{y}^{-1} = \phi(y)\phi(h)\phi(y)^{-1} = \phi(y h y^{-1}). \] Since \(H \trianglelefteq G\), \(y h y^{-1} \in H\), and hence \(\phi(y h y^{-1}) \in \phi(H)\). Thus \(\bar{y} \phi(H) \bar{y}^{-1} \subseteq \phi(H)\), and the Normal Subgroup Test gives \(\phi(H) \trianglelefteq \phi(G)\).

Properties 5 and 6 (\(n\)-to-1 mapping and \(|\phi(H)| \mid |H|\)): Proved separately below.

Property 7 (\(\phi(Z(G)) \leq Z(\phi(G))\)): Property 1 (applied with \(H = Z(G)\)) gives \(\phi(Z(G)) \leq \overline{G}\); and \(\phi(Z(G)) \subseteq \phi(G)\), so \(\phi(Z(G)) \leq \phi(G)\). It remains to show every element of \(\phi(Z(G))\) lies in \(Z(\phi(G))\). For \(z \in Z(G)\) and \(\phi(x) \in \phi(G)\), \[ \phi(z)\phi(x) = \phi(zx) = \phi(xz) = \phi(x)\phi(z), \] so \(\phi(z)\) commutes with every element of \(\phi(G)\), i.e., \(\phi(z) \in Z(\phi(G))\).

Property 8 (\(\overline{K} \leq \overline{G} \Rightarrow \phi^{-1}(\overline{K}) \leq G\)): Since \(\bar{e} \in \overline{K}\) and \(\phi(e) = \bar{e}\), we have \(e \in \phi^{-1}(\overline{K})\), so the preimage is nonempty. For \(a, b \in \phi^{-1}(\overline{K})\), we have \(\phi(a), \phi(b) \in \overline{K}\), and since \(\overline{K}\) is a subgroup, \(\phi(a)\phi(b)^{-1} \in \overline{K}\). By the homomorphism property and the Lemma, \[ \phi(ab^{-1}) = \phi(a)\phi(b^{-1}) = \phi(a)\phi(b)^{-1} \in \overline{K}, \] so \(ab^{-1} \in \phi^{-1}(\overline{K})\). The One-Step Subgroup Test gives \(\phi^{-1}(\overline{K}) \leq G\).

Property 9 (\(\overline{K} \trianglelefteq \overline{G} \Rightarrow \phi^{-1}(\overline{K}) \trianglelefteq G\)): By Property 8, \(\phi^{-1}(\overline{K}) \leq G\). For the Normal Subgroup Test, let \(g \in G\) and \(x \in \phi^{-1}(\overline{K})\). Then \(\phi(x) \in \overline{K}\), and \[ \phi(g x g^{-1}) = \phi(g)\phi(x)\phi(g)^{-1}. \] Since \(\overline{K} \trianglelefteq \overline{G}\), \(\phi(g)\phi(x)\phi(g)^{-1} \in \overline{K}\), so \(g x g^{-1} \in \phi^{-1}(\overline{K})\). The Normal Subgroup Test gives \(\phi^{-1}(\overline{K}) \trianglelefteq G\).

Property 10 (\(\phi\) onto and \(\text{Ker }\phi = \{e\} \Rightarrow \phi\) isomorphism): An isomorphism is an onto homomorphism that is also injective. Suppose \(\phi(a) = \phi(b)\). By Property 5 of Elements, \(a \text{Ker }\phi = b \text{Ker }\phi\). With \(\text{Ker }\phi = \{e\}\), this gives \(a\{e\} = b\{e\}\), i.e., \(\{a\} = \{b\}\), so \(a = b\). Hence \(\phi\) is injective, and together with the assumption that \(\phi\) is onto, \(\phi\) is an isomorphism. \(\blacksquare\)

Property 5 (\(|\text{Ker }\phi| = n \Rightarrow \phi\) is \(n\)-to-1 onto \(\phi(G)\)): By Property 6 of Elements under Homomorphism, for any \(\bar{g} \in \phi(G)\) with \(\bar{g} = \phi(g)\), \[ \phi^{-1}(\bar{g}) = \{x \in G \mid \phi(x) = \bar{g}\} = g\,\text{Ker }\phi. \] That is, the set of elements of \(G\) mapping to \(\bar{g}\) is precisely the coset \(g\,\text{Ker }\phi\). By Property 6 of Cosets (all cosets have the same cardinality), \[ |\phi^{-1}(\bar{g})| = |g\,\text{Ker }\phi| = |\text{Ker }\phi| = n. \] Therefore, every element of \(\phi(G)\) has exactly \(n\) preimages in \(G\); \(\phi\) is an \(n\)-to-1 mapping onto \(\phi(G)\).

Property 6 (\(H\) finite \(\Rightarrow |\phi(H)| \mid |H|\)): The restriction \(\phi|_H : H \to \phi(H)\) is a homomorphism with kernel \(H \cap \text{Ker }\phi\). Setting \(m = |H \cap \text{Ker }\phi|\), Property 5 above (applied to \(\phi|_H\)) shows that \(\phi|_H\) is an \(m\)-to-1 mapping from \(H\) onto \(\phi(H)\). Counting, \[ |H| = m \cdot |\phi(H)| \quad \implies \quad |\phi(H)| = \frac{|H|}{m}, \] so \(|\phi(H)|\) divides \(|H|\). \(\blacksquare\)

This is the special case of Property 9 of Subgroups under Homomorphism with \(\overline{K} = \{\bar{e}\}\). The trivial subgroup \(\{\bar{e}\}\) is normal in \(\overline{G}\) (conjugation fixes the identity: \(g\bar{e}g^{-1} = \bar{e}\) for every \(g \in \overline{G}\)), and \[ \phi^{-1}(\{\bar{e}\}) = \{x \in G \mid \phi(x) = \bar{e}\} = \text{Ker }\phi. \] Property 9 yields \(\text{Ker }\phi \trianglelefteq G\). \(\blacksquare\)

Consider the additive group of real numbers \((\mathbb{R}, +)\) and the multiplicative group of positive real numbers \((\mathbb{R}^+, \times)\).
The function \(\phi(x) = e^x\) is an isomorphism between them. It preserves the operation: \[ \phi(a + b) = e^{a+b} = e^a \cdot e^b = \phi(a) \cdot \phi(b). \] It is bijective since \(e^x\) is strictly increasing (hence one-to-one) with range \((0, \infty) = \mathbb{R}^+\) (hence onto); its inverse is the natural logarithm \(\ln: \mathbb{R}^+ \to \mathbb{R}\).

This isomorphism tells us that addition in the world of exponents is identical to multiplication in the world of bases. This is the mathematical principle behind the Slide Rule: by transforming numbers into lengths (logs), we can multiply them simply by adding the lengths.

Since an isomorphism is a bijective homomorphism, Properties 1 and 2 follow immediately from the corresponding properties of homomorphisms (Properties of Elements under Homomorphism, Properties 1 and 2). For the biconditional statements 3–5, we use the fact that \(\phi^{-1}: \overline{G} \to G\) is also an isomorphism (established as Property 1 of Isomorphisms Acting on Groups below).

Property 3 (commutation): (\(\Rightarrow\)) If \(ab = ba\), then \(\phi(a)\phi(b) = \phi(ab) = \phi(ba) = \phi(b)\phi(a)\). (\(\Leftarrow\)) Apply the same argument to \(\phi^{-1}\): if \(\phi(a)\phi(b) = \phi(b)\phi(a)\), then \(ab = \phi^{-1}(\phi(a))\phi^{-1}(\phi(b)) = \phi^{-1}(\phi(a)\phi(b)) = \phi^{-1}(\phi(b)\phi(a)) = ba\).

Property 4 (generators): (\(\Rightarrow\)) If \(G = \langle a \rangle\), then by Property 2 of Subgroups under Homomorphism, \(\phi(G) = \langle \phi(a) \rangle\). Since \(\phi\) is onto, \(\phi(G) = \overline{G}\), hence \(\overline{G} = \langle \phi(a) \rangle\). (\(\Leftarrow\)) Apply the \((\Rightarrow)\) direction to \(\phi^{-1}\) and the element \(\phi(a) \in \overline{G}\).

Property 5 (\(|a| = |\phi(a)|\)): By Property 3 of Elements under Homomorphism applied to \(\phi\), \(|\phi(a)| \mid |a|\) when \(|a|\) is finite. Applying the same result to \(\phi^{-1}\) and the element \(\phi(a)\) gives \(|a| = |\phi^{-1}(\phi(a))| \mid |\phi(a)|\). Two positive integers each dividing the other must be equal, so \(|a| = |\phi(a)|\). (The case when both orders are infinite is argued symmetrically: if \(|\phi(a)|\) were finite, the previous argument would force \(|a|\) finite, a contradiction.)

Property 6 (solutions of \(x^k = b\)): Let \(S = \{x \in G \mid x^k = b\}\) and \(\overline{S} = \{y \in \overline{G} \mid y^k = \phi(b)\}\). For \(x \in S\), Property 2 gives \(\phi(x)^k = \phi(x^k) = \phi(b)\), so \(\phi(x) \in \overline{S}\). The restriction of \(\phi\) to \(S\) is thus a map \(S \to \overline{S}\), and it is injective (since \(\phi\) is). Symmetrically, \(\phi^{-1}\) sends \(\overline{S}\) into \(S\) injectively. Hence \(|S| = |\overline{S}|\).

Property 7 (elements of each order): Let \(d \geq 1\) and set \(G_d = \{a \in G \mid |a| = d\}\), \(\overline{G}_d = \{y \in \overline{G} \mid |y| = d\}\). By Property 5, \(a \in G_d \iff \phi(a) \in \overline{G}_d\), so \(\phi\) restricts to a bijection \(G_d \to \overline{G}_d\). Hence \(|G_d| = |\overline{G}_d|\). \(\blacksquare\)

Property 1 (\(\phi^{-1}\) is an isomorphism): Since \(\phi\) is a bijection, the inverse function \(\phi^{-1}: \overline{G} \to G\) exists and is a bijection. It remains to show \(\phi^{-1}\) preserves the operation. Given \(\bar{y}_1, \bar{y}_2 \in \overline{G}\), write \(\bar{y}_i = \phi(y_i)\) with \(y_i \in G\) (possible since \(\phi\) is onto). Then \[ \phi(y_1 y_2) = \phi(y_1)\phi(y_2) = \bar{y}_1 \bar{y}_2, \] so \(\phi^{-1}(\bar{y}_1 \bar{y}_2) = y_1 y_2 = \phi^{-1}(\bar{y}_1)\phi^{-1}(\bar{y}_2)\). Hence \(\phi^{-1}\) is a homomorphism, and being bijective, it is an isomorphism.

Properties 2 and 3 (Abelian / cyclic, both directions): The forward directions follow from Properties 3 and 2 of Subgroups under Homomorphism (taking \(H = G\) and noting that \(\phi(G) = \overline{G}\) by onto-ness). The reverse directions follow by applying the same arguments to \(\phi^{-1}\), which is an isomorphism by Property 1.

Property 4 (\(\phi(K) \leq \overline{G}\)): This is Property 1 of Subgroups under Homomorphism applied to \(K\).

Property 5 (\(\phi^{-1}(\overline{K}) \leq G\)): This is Property 8 of Subgroups under Homomorphism applied to \(\overline{K}\).

Property 6 (\(\phi(Z(G)) = Z(\overline{G})\)): The inclusion \(\phi(Z(G)) \subseteq Z(\overline{G})\) follows from Property 7 of Subgroups under Homomorphism, \(\phi(Z(G)) \subseteq Z(\phi(G))\), together with \(\phi(G) = \overline{G}\) (onto).

For the reverse \(Z(\overline{G}) \subseteq \phi(Z(G))\), let \(\bar{z} \in Z(\overline{G})\). Write \(\bar{z} = \phi(z)\) with \(z \in G\). For any \(x \in G\), \[ \phi(xz) = \phi(x)\phi(z) = \phi(x)\bar{z} = \bar{z}\phi(x) = \phi(z)\phi(x) = \phi(zx), \] and since \(\phi\) is one-to-one, \(xz = zx\). Thus \(z\) commutes with every \(x \in G\), i.e., \(z \in Z(G)\), and \(\bar{z} = \phi(z) \in \phi(Z(G))\).

Combining the two inclusions, \(\phi(Z(G)) = Z(\overline{G})\). \(\blacksquare\)

Consider the symmetric group \(S_3\) and let \(a = (1\, 2)\). The inner automorphism \(\phi_a\) induced by \(a\) is defined by: \[ \phi_a(x) = (1\, 2) \, x \, (1\, 2)^{-1} = (1\, 2) \, x \, (1\, 2). \] Let us compute \(\phi_a\) for each element of \(S_3\):

• \(\phi_a(\epsilon) = (1\, 2)\, \epsilon \,(1\, 2) = \epsilon\)
• \(\phi_a((1\, 2)) = (1\, 2)(1\, 2)(1\, 2) = (1\, 2)\)
• \(\phi_a((1\, 3)) = (1\, 2)(1\, 3)(1\, 2) = (2\, 3)\)
• \(\phi_a((2\, 3)) = (1\, 2)(2\, 3)(1\, 2) = (1\, 3)\)
• \(\phi_a((1\, 2\, 3)) = (1\, 2)(1\, 2\, 3)(1\, 2) = (1\, 3\, 2)\)
• \(\phi_a((1\, 3\, 2)) = (1\, 2)(1\, 3\, 2)(1\, 2) = (1\, 2\, 3)\)

Notice that \(\phi_a\) swaps \((1\, 3) \leftrightarrow (2\, 3)\) and \((1\, 2\, 3) \leftrightarrow (1\, 3\, 2)\), while fixing \(\epsilon\) and \((1\, 2)\). This is a nontrivial automorphism of \(S_3\).

Step 1: \(\text{Aut}(G) \leq \text{Sym}(G)\). Clearly \(\text{Aut}(G) \subseteq \text{Sym}(G)\) (every automorphism is in particular a bijection of \(G\) onto itself). We apply the One-Step Subgroup Test.

• Nonempty: The identity map \(\text{id}_G\) is an automorphism, so \(\text{id}_G \in \text{Aut}(G)\).
• Closure under \(\alpha \beta^{-1}\): For \(\alpha, \beta \in \text{Aut}(G)\), \(\beta^{-1}\) is an isomorphism (Property 1 of Isomorphisms Acting on Groups). The composition \(\alpha \circ \beta^{-1}\) is a bijection (as composition of bijections), and it is a homomorphism: \[ (\alpha \circ \beta^{-1})(xy) = \alpha(\beta^{-1}(xy)) = \alpha(\beta^{-1}(x)\beta^{-1}(y)) = \alpha(\beta^{-1}(x))\alpha(\beta^{-1}(y)) = (\alpha \circ \beta^{-1})(x)\,(\alpha \circ \beta^{-1})(y). \] Hence \(\alpha \circ \beta^{-1} \in \text{Aut}(G)\).

Step 2: Each \(\phi_a\) is an automorphism. For \(a \in G\) and \(\phi_a(x) = axa^{-1}\):

• One-to-one: \(\phi_a(x) = \phi_a(y) \implies axa^{-1} = aya^{-1} \implies x = y\) by left and right cancellation.
• Onto: For any \(y \in G\), \(\phi_a(a^{-1}ya) = a(a^{-1}ya)a^{-1} = y\).
• Homomorphism: \(\phi_a(xy) = a(xy)a^{-1} = ax(a^{-1}a)ya^{-1} = (axa^{-1})(aya^{-1}) = \phi_a(x)\phi_a(y)\).

Hence \(\phi_a \in \text{Aut}(G)\), and \(\text{Inn}(G) \subseteq \text{Aut}(G)\).

Step 3: \(\text{Inn}(G) \leq \text{Aut}(G)\). A direct computation shows that inner automorphisms compose nicely: \[ (\phi_a \circ \phi_b)(x) = \phi_a(bxb^{-1}) = a(bxb^{-1})a^{-1} = (ab)x(ab)^{-1} = \phi_{ab}(x), \] so \(\phi_a \circ \phi_b = \phi_{ab}\). In particular:

• Nonempty: \(\phi_e(x) = exe^{-1} = x\), so \(\phi_e = \text{id}_G \in \text{Inn}(G)\).
• Inverse: \(\phi_a \circ \phi_{a^{-1}} = \phi_{aa^{-1}} = \phi_e = \text{id}_G\), so \((\phi_a)^{-1} = \phi_{a^{-1}} \in \text{Inn}(G)\).
• Closure: \(\phi_a \circ \phi_b = \phi_{ab} \in \text{Inn}(G)\).

By the One-Step Subgroup Test, \(\text{Inn}(G) \leq \text{Aut}(G)\). \(\blacksquare\)

We show that every group \(G\) embeds as a subgroup of \(\text{Sym}(G)\), the group of all permutations of the underlying set of \(G\) (a permutation of a set \(A\), as defined in the previous chapter, is a bijection \(A \to A\); the set of all such permutations forms a group under composition).

For each \(g \in G\), define the left-multiplication map \(T_g: G \to G\) by \(T_g(x) = gx\). We first verify that \(T_g \in \text{Sym}(G)\):

• One-to-one: \(T_g(x) = T_g(y) \implies gx = gy \implies x = y\) by left cancellation.
• Onto: For any \(y \in G\), \(T_g(g^{-1}y) = g(g^{-1}y) = y\).

Next, let \(\overline{G} = \{T_g \mid g \in G\} \subseteq \text{Sym}(G)\). The composition of any two \(T_g, T_h\) satisfies \[ (T_g \circ T_h)(x) = T_g(hx) = g(hx) = (gh)x = T_{gh}(x), \] so \(T_g \circ T_h = T_{gh}\). From this:

• \(T_e\) acts as identity: \(T_e(x) = ex = x\), so \(T_e = \text{id}_G\).
• \(T_g\) has inverse \(T_{g^{-1}}\): \(T_g \circ T_{g^{-1}} = T_{gg^{-1}} = T_e = \text{id}_G\), and symmetrically \(T_{g^{-1}} \circ T_g = T_e\).
• Closure: \(T_g \circ T_h = T_{gh} \in \overline{G}\).

By the One-Step Subgroup Test, \(\overline{G} \leq \text{Sym}(G)\).

Finally, define \(\phi: G \to \overline{G}\) by \(\phi(g) = T_g\). We check it is an isomorphism:

• Homomorphism: \(\phi(ab) = T_{ab} = T_a \circ T_b = \phi(a) \circ \phi(b)\).
• One-to-one: \(T_g = T_h\) implies \(T_g(e) = T_h(e)\), i.e., \(g = h\).
• Onto: Every element of \(\overline{G}\) is of the form \(T_g\) for some \(g \in G\), by construction.

Therefore, \(\phi\) is an isomorphism, and \(G \cong \overline{G} \leq \text{Sym}(G)\). \(\blacksquare\)

By the Kernels are Normal theorem, \(\text{Ker }\phi \trianglelefteq G\), so the factor group \(G/\text{Ker }\phi\) is well-defined (see the Factor Groups section). Let \(\psi: G/\text{Ker }\phi \to \phi(G)\) be the correspondence \(g\,\text{Ker }\phi \mapsto \phi(g)\).

Well-defined and one-to-one: By Property 5 of Elements under Homomorphism, \[ \phi(a) = \phi(b) \iff a\,\text{Ker }\phi = b\,\text{Ker }\phi. \] The \((\Leftarrow)\) direction ensures \(\psi\) is well-defined (the value \(\phi(g)\) depends only on the coset \(g\,\text{Ker }\phi\), not on the chosen representative), and the \((\Rightarrow)\) direction ensures \(\psi\) is one-to-one (distinct cosets map to distinct values).

Operation-preserving: Using the factor group operation \((xH)(yH) = (xy)H\) with \(H = \text{Ker }\phi\), \[ \begin{align*} \psi\bigl((x\,\text{Ker }\phi)(y\,\text{Ker }\phi)\bigr) &= \psi(xy\,\text{Ker }\phi) \\\\ &= \phi(xy) \\\\ &= \phi(x)\phi(y) \\\\ &= \psi(x\,\text{Ker }\phi)\,\psi(y\,\text{Ker }\phi). \end{align*} \]

Onto: By the definition of \(\psi\), every \(\phi(g) \in \phi(G)\) is the image of \(g\,\text{Ker }\phi\).

Since \(\psi\) is a well-defined bijection that preserves the operation, it is an isomorphism: \[ G/\text{Ker }\phi \cong \phi(G). \quad \blacksquare \]

Corollary 1 (\(|G|/|\text{Ker }\phi| = |\phi(G)|\)): By TFIT, \(G/\text{Ker }\phi \cong \phi(G)\), so these groups have the same order. By the Factor Groups theorem, \(|G/\text{Ker }\phi| = |G|/|\text{Ker }\phi|\). Hence \[ |\phi(G)| = |G/\text{Ker }\phi| = \frac{|G|}{|\text{Ker }\phi|}. \]

Corollary 2 (\(|\phi(G)|\) divides \(|G|\) and \(|\overline{G}|\)): From Corollary 1, \(|G| = |\text{Ker }\phi| \cdot |\phi(G)|\), so \(|\phi(G)| \mid |G|\). For the second divisibility, \(\phi(G)\) is a subgroup of \(\overline{G}\) (Property 1 of Subgroups under Homomorphism), so Lagrange's Theorem gives \(|\phi(G)| \mid |\overline{G}|\). \(\blacksquare\)

Recall the natural projection \(\phi: \mathbb{Z} \to \mathbb{Z}_n\) defined by \(\phi(m) = m \bmod n\), whose kernel is \(\text{Ker }\phi = \langle n \rangle\). The map is onto since every element \(k \in \mathbb{Z}_n = \{0, 1, \ldots, n-1\}\) is the image \(\phi(k) = k\); thus \(\phi(\mathbb{Z}) = \mathbb{Z}_n\).

By the First Isomorphism Theorem: \[ \mathbb{Z} / \langle n \rangle \cong \phi(\mathbb{Z}) = \mathbb{Z}_n. \] This confirms that the factor group \(\mathbb{Z}/\langle n \rangle = \mathbb{Z}/n\mathbb{Z}\) and the cyclic group \(\mathbb{Z}_n\) are structurally identical.