We will proceed by showing the group axioms hold under multiplication. Since this is a subset of \(U_p\) essentially by definition, that will imply it is a subgroup of it as well. Let's look at the three main axioms.

• It is clear that \(1\in Q_p\), since \(1\equiv 1^2\). So there is an identity.

• Next, if \(a\) and \(b\) are both in \(Q_p\) (with \(a\equiv s^2\) and \(b\equiv t^2\)), then \(ab\) is also a quadratic residue (since \((st)^2\equiv s^2 t^2\equiv ab\)).

• All that remains is to check that this set has inverses under multiplication.

To show this last, assume that \(a\equiv s^2\in Q_p\). Then note that \begin{equation*}\left(s^{-1}\right)^2 a\equiv \left(s^{-1}\right)^2 s^2\equiv \left(s\cdot s^{-1}\right)^2\equiv 1\end{equation*} So by definition of inverses \begin{equation*}\left(s^{-1}\right)^2=a^{-1}\; ,\end{equation*} which means that if \(a\in Q_p\) then \(a^{-1}\in Q_p\) as well.