I was reading my book on Elementary Algebra and saw this theorem:
Suppose that $F$ is a finite field of order $q$, then the group $F^*$ is a cyclic group of order $q-1$.
I don't understand the transition from a field to a group. How come the theorem says $F^*$ is a group when the element $0$ is omitted?
On
Well, $\mathbb{F}^*$ is the group $(\mathbb{F}\setminus \{0\},\cdot)$ hence you are only considering multiplication as operation, in particular, you need to throw out $0$. In more general algebra (Rings) this still holds, but there you throw out every element which is not invertible. hence you can imagine $\mathbb{F}^*$ as the multiplicative group of invertible elements.
On
$F^\ast$ is a set with a binary operation (the multiplication operation on $F$) which is associative (since it's associative on all of $F$) and in which all elements have inverses.
That's a group.
It wasn't a group before when you had all of $F$ since $0$ did not have an inverse. $F$ was a monoid though, with its multiplication operation.
On
Every field is a group if you remove the $0$ element and restrict it to just the multiplication operation because:
The definition of a group is:
A set of elements $G$ and an associated binary operation, $*$, so that:
1) $*$ is associative.
2) There is an element $e\in G$ so that for any $g\in G$ we have $e*g=g*e = g$.
3) For every $g \in G$ there is an element $g'$ so that $g*g' = g'*g = e$.
The definition of a field is
A set of elements $F$ and two associated binary operations, $+, \cdot$ so that
Addition axioms.
A1) $+$ is associative.
A2) $+$ is commutative.
A3) There is an element, $0 \in F$ so that for all $q\in F$ that $q+0=q$.
A4) For every $q \in F$ there is an element $-q\in F$ so the $q+ (-q) = 0$.
[Notice: A1, A3, A4, are the same axioms (with different notation) as the axioms for a group. Thus we can say a Field $F$ with only the addition operation considered forms a Group (with an addition condition that it is commutative).]
Multiplication Axioms
M1: $\cdot$ is associative.
M2: $\cdot$ is commutative.
M3: There exists an element $1 \in F$ so that for all $q \in F$, $1\cdot q = q$.
[Some text explicitly state as an axiom that $1 \ne 0$. Other texts will prove that if $1=0$ then then Field only has one element and is therefore trivial and not worth considering (The field would just be the set $\{a\}$ with the properties $a+a=a$ and $a\cdot a = a$ and there is absolutely nothing more to say about it). We'll take it for granted that $1 \ne 0$]
M4: For every element $q\in F$ so that $q\ne 0$ there is an element $q^{-1} \in F$ so that $q*q^{-1} = 1$.
[The axiom doesn't state that $q^{-1} \ne 0$. However it can be proven easily that $q*0 = 0 \ne 1$ so we can assume that $q^{-1} \ne 0.]
Note: M1, M3, M4 when applied to the set $F\setminus \{0\}$ are the same axioms as the axioms of a group with only different notation. So we can state that $F^*$, the set $F\setminus \{0\}$ associated with the binary operation $\cdot$, is a group (with the additional condition $\cdot$ is commutative).
The final axiom:
D: For all, $q,r,s \in F$, $q\cdot (r + s) = (q\cdot r) + (q\cdot s)$.
......
What the theorem is saying is that if $F$ is finite then the group is cyclic. Which is not so trivial.
On
Once you remove the $0$ of the field, you have a group under multiplication (the same multiplication as defined on the original field, that is), assuming your field is not the trivial field (i.e. a field with $0$ as its only element).
This is because, in a field, every non-zero element is invertible, so you can reinterpret $F\backslash\{0\}$ in a more useful light- as being the set of all invertible elements in $F$. If $a$ is invertible and $b$ is invertible, $ab$ is also invertible, as $(ab)^{-1}=b^{-1}a^{-1}$- this means that $F$ is closed with respect to products. Also, if $a$ is invertible, so is $a^{-1}$ (since $((a^{-1})^{-1}=a$). Also, multiplication on any field is defined to be associative so it remains associative in $F\backslash\{0\}$. Finally, since $F$ is not the trivial field, $F$ has at least one non-zero element, so $F\backslash\{0\}$ is non-empty. Suppose it has some element, $x$, in it. By the arguments already outlined, it must be the case that $x^{-1}\in F$ and, then, that $x*x^{-1}=1\in F$, so $F\backslash\{0\}$ has a neutral element (again, as the multiplication on $F\backslash\{0\}$ is the same on that on $F$, $1$ is the neutral element of $F\backslash\{0\}$).
(the assumption that $F$ is finite will come in handy in the next part of the argument)
So $F\backslash\{0\}$ is a group. But why a cyclic one?
You can actually make a more general claim than the one for which you ask for a proof in your question- that is, that any subset of a finite field, $F$, that acts as a group under multiplication (like $F\backslash\{0\}$) is in fact a cyclic group under multiplication (but this will require a smidge of information from the theory of rings of polynomials).
The proof (at least, the one that I've seen) is as follows. Suppose we have a subset, $G$, of a field, $F$, that is a group under multiplication. Since $F$ is finite, this group will also be finite. Let its number of elements be denoted by $n$ (some finite number).
Notice that the polynomial equation $x^k-1=0$ (as an element of $F[X]$) can have no more than $k$ distinct solutions as its degree is $k$ (this was the thing that needed a smidge of polynomial ring knowledge).
We also know that any solution, $y$, to this equation will have a multiplicative order that divides $k$, as $y^k-1=0\implies y^k=1$ (and, as mentioned before, $1$ must be the neutral element of any group under multiplication that is a subset of $F$).
But, note that if $k\not | n$, then, $x^k-1=0$ will have no solutions in $G$ as every element in $G$ must have an order that divides $n$ (as the order of any element will equal the order of its corresponding cyclic group, which, given its status as a subgroup of $G$, must, by Lagrange's theorem must have an order dividing $G$'s).
So, suppose for some divisor, $d$, of $n$, we have at least one element, $a$, in $G$ with order $d$. Then, we must have at least $d$ distinct elements in $G$ with an order dividing $d$ as the list of elements $(1,a,a^2,a^3,...,a^{d-1})$ is a list of distinct elements (given $a$'s order) and each element's order divides $d$ as, for any $r$, $(a^r)^d=a^{rd}=a^{dr}=(a^d)^r=1^r=1.$ But, on the other hand,(given what was said above about equations like $x^d-1=0$), there can be no more than $d$ elements in $G$ whose orders divide $d$. So, if there is at least one element in $G$ of order $d$ (where $d|n$), there are exactly $d$. Otherwise, there are $0$.
What remains now is simple- note that, if $\mathbb Z_{<d>}$ is the cyclic subgroup of $\mathbb Z_n$ consisting of all elements with additive order dividing $d$, then, treating $\mathbb Z_n$ as a group under addition (talking about the same $a$ as in the last paragraph), $<a>\cong \mathbb Z_{<d>}$ (forgive the loose notation). This means that the number of elements in $<a>$ with order equal to exactly $d$ (and note that every element in $G$ with order exactly $d$ must be in $<a>$) is equal to the number of elements in $\mathbb Z_{<d>}$ with order exactly $d$.
(in case you're wondering, $\mathbb Z_{<d>}$ looks like $\{0,\frac{n}{d},\frac{2n}{d},...,\frac{(d-1)n}{d}\}$)
So, denoting the number of elements in $\mathbb Z_n$ with order exactly $d$ (where $d|n$) with $\mathbb Z(d)$ and the number of elements in $G$ with order exactly $d$ with $G(d)$, we have either $\mathbb Z(d)=G(d)$ or $G(d)=0$, or, put another way $G(d)\leq \mathbb Z(d)$ always holds.
Now, what we argue is that we can partition $G$ into equivalence classes of elements based on their order. We can do the same with $\mathbb Z_n$. In each equivalence class in $G$ consisting of all elements of order $d$, we have $G(d)$ elements so the total number of elements across all equivalence classes must be $\sum_{d|n}G(d)$. Similarly, in $\mathbb Z_n$, the total number of elements in all equivalence classes must be $\sum_{d|n}\mathbb Z(d)$. Using the previous paragraph, then $$\sum_{d|n}G(d)\leq \sum_{d|n}\mathbb Z(d)$$
But, recall that these equivalence classes are disjoint sets whose union add up to $G$ or $\mathbb Z_n$ respectively so the total number of elements in either will be $\Big|G\Big|=\Big|\mathbb Z_n\Big|=n$.
So if for a single $d$, we have $G(d)<\mathbb Z(d)$, then we'll have $$\sum_{d|n}G(d)< \sum_{d|n}\mathbb Z(d)\\\implies n<n$$
A contradiction. So $G(d)=\mathbb Z(d)$ for all divisor of $n$ (even, non-divisors technically). In particular, $G(n)=\mathbb Z(n)$, i.e., there are as many elements in $G$ with order $n$ as there are in $\mathbb Z_n$- but there is always at least one element of additive order $n$ in $\mathbb Z_n$, i.e., $1$, so there is at least one element of order $n$ in $G$, say, $b$. Since $<b>\subset G$, but also $\operatorname{ord}(b)=n=\Big|G\Big|$, we must have $<b>=G$ and, so, $G$ is cyclic.
(please edit in or comment for any mistakes/ corrections)
If $F^{*}$ were to be a field, it would need an additive identity. But this would have to be the additive identity of the original field $F$, which as you pointed out, is omitted from $F^{*}$ since it isn't a unit. So $F^{*}$ is just a group.