Np notes Complete

7/25/2019 Np notes Complete

1/119

Notes for Number theory (Fall semester)

Sophie Marques

August 2014


2/119

2


3/119

Contents

I Arithmetic ofZ, divisibility theory 11

1 Interlude on natural numbers, induction and well ordering 13

2 Divisibility 15

2.1 Definition of divisibility . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

2.2 Some divisibility tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

2.2.1 Divisibility by10n,5, 25 . . . . . . . . . . . . . . . . . . . . . . 16

2.2.2 Divisibility by a power of2 . . . . . . . . . . . . . . . . . . . . 16

2.2.3 Divisibility by3 and 9 . . . . . . . . . . . . . . . . . . . . . . . 16

2.2.4 Divisibility by11 . . . . . . . . . . . . . . . . . . . . . . . . . . 16

2.2.5 More divisibility test . . . . . . . . . . . . . . . . . . . . . . . . 17

2.3 G.C.D. and L.C.M. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

2.4 Prime and coprime numbers . . . . . . . . . . . . . . . . . . . . . . . . 18

3 Euclidean division, Bezout theorem, linear diophantine equations 21

3.1 Euclidean division . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

3.2 Euclidean algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

3.3 Bezouts identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

3.4 Application: linear diophantine equations. . . . . . . . . . . . . . . . . 26

4 The fundamental theorem of arithmetic 29

4.1 The theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

4.2 Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

4.3 Primality-testing and factorization . . . . . . . . . . . . . . . . . . . . 33

II Arithmetic Functions 37

5 Arithmetic Functions 39

5.1 Definitions, examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

5.2 Eulers function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

5.3 Convolution, Mobius inversion . . . . . . . . . . . . . . . . . . . . . . . 42

3


4/119

4 CONTENTS

III Modular arithmetic on Z 45

6 Congruences 476.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476.2 Definition and first properties . . . . . . . . . . . . . . . . . . . . . . . 48

7 Congruence equations 537.1 Congruences and polynomials . . . . . . . . . . . . . . . . . . . . . . . 537.2 Linear congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

7.2.1 Simple linear congruences . . . . . . . . . . . . . . . . . . . . . 547.2.2 Simultaneous linear congruences, chinese remainder theorem . . 577.2.3 Congruences with prime modulus . . . . . . . . . . . . . . . . . 617.2.4 Congruences with prime power modulus . . . . . . . . . . . . . 64

8 The ringpZ{nZ, `, q, its group of unit Un, applications 678.1 Algebraic interlude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

8.2 The ringpZ{nZ, `, .q and its group of Units . . . . . . . . . . . . . . . 698.3 Another proof of the multiplicativity of the Euler function . . . . . . . 728.4 Application to cryptography . . . . . . . . . . . . . . . . . . . . . . . . 748.5 Modular arithmetic revisited by algebra . . . . . . . . . . . . . . . . . . 77

9 Quadratic reciprocity 839.1 The legendre symbol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 839.2 Eulers Criterion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 839.3 The Quadratic Reciprocity Law . . . . . . . . . . . . . . . . . . . . . . 859.4 A Lemma of Gauss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

9.4.1 A group theoretic proof . . . . . . . . . . . . . . . . . . . . . . 88

9.4.2 Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 899.4.3 Jacobi symbols . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

10 Continued fractions 9510.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9510.2 Continued fractions for quadratic irrationals. . . . . . . . . . . . . . . . 9810.3 Pells equation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

11 Gaussian integers 10511.1 Basic properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10511.2 Fermats two square theorem . . . . . . . . . . . . . . . . . . . . . . . . 107

11.3 Pythagorean triples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10911.4 Primes of the form4n ` 1 . . . . . . . . . . . . . . . . . . . . . . . . . 11112 Other diophantine equation 113

12.1 Fermats equation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11312.2 M ordells equation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11512.3 The abc-conjecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11712.4 Mordells conjecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118


5/119

Introduction

The older term for number theory is arithmetic. By the early twentieth century,it had been superseded by number theory. The word arithmetic (from the Greek,arithmos which means number) is used by the general public to mean elementarycalculations; it has also acquired other meanings in mathematical logic, as in Peanoarithmetic, and computer science, as in floating point arithmetic. Arithmetic is the old-est and most elementary branch of mathematics, used very popularly, for tasks ranging

from simple day-to-day counting to advanced science and business calculations. Itinvolves the study of quantity, especially as the result of operations that combine num-bers. The use of the term arithmetic for number theory regained some ground in thesecond half of the 20th century, arguably in part due to French influence. In particular,arithmetical is preferred as an adjective to number-theoretic.

Elementary arithmetic starts with the natural numbers and the written symbols (dig-its) which represent them. The process for combining a pair of these numbers with thefour basic operations traditionally relies on memorized results for small values of num-bers, including the contents of a multiplication table to assist with multiplication anddivision. Elementary arithmetic also includes fractions and negative numbers, which

can be represented on a number line.

Number theory is devoted primarily to the study of the integers. Number theoristsstudy prime numbers as well as the properties of objects made out of integers (e.g.,rational numbers) or defined as generalizations of the integers (e.g., algebraic integers).Integers can be considered either in themselves or as solutions to equations (Diophan-tine geometry). Questions in number theory are often best understood through thestudy of analytical objects (e.g., the Riemann zeta function) that encode properties ofthe integers, primes or other number-theoretic objects in some fashion (analytic num-ber theory). One may also study real numbers in relation to rational numbers, e.g., asapproximated by the latter (Diophantine approximation).

5


6/119

6 CONTENTS


7/119

Fixing notations

Symbol Meaning

@ for all, for every;D there exists (at least one);D! there exists exactly one;s.t. such that; implies; if and only if;x P A the pointx belongs to a set Ax R A the pointx does not belongs to the set AN the set of natural number (counting numbers)1, 2, 3, . . .Z the set of all the integers (positive, negative or zero)Q the set of rational numbers

R the set of real numbersC the set of complex numberstx P A: Ppxqu the subset of the elementsxin a set A

such that the statement Ppxq is trueH the empty set, the set with nothing in itx P A means that the pointxbelongs to a set A

or that x is a element ofAA B A is a subset ofB

i.e. any element ofA also belongs to B(in symbolic notation: x P A x P Bthat we use when doing proofs).

A B the setsA and B contain exactly the same pointsThis statement is equivalent to saying: A BAND B Atpu singleton set (Logically speaking, the point p is not the same thing asthe setstpuwhose only element is p.)

A X B indicates the intersection of two sets;An element xis inA X B x P A AND x P B. Notice A X B B XA.

A Y B the union of two sets.An element xlies inA Y B Either x P A OR x P B(or BOTH).NoticeA Y B B YA.

7


8/119

8 CONTENTS

Symbol Meaning

ni1AiA1 X XAn the settx: x P Ai for every iu where A i are sets

ni1AiA1 Y YAn the settx: D some i such that x P Aiu whereAi are setsA the settx: x P A for every P IuwhereA are sets and Ia set of indexesA the settx: D some i such that x P Aiu

whereA are sets and Ia set of indexesAzB the difference settx: x P A and x R Bu(Note that AzB A X Bc.Ac the complement of a set A.

Here A is a subset of some larger space Xand its complement is the set Ac tx P X: x R Au XzA.

A B the cartesian producttpa, bq|a P A and b P BuA1 An

ni1Ai the product of the setsA itpa1, . . . , anq|aiPAiu

8i1Ai the product of the setsA itpa1, . . . , an, . . . q|aiP AiuPIA the set consisting of all indexed wordspaqPI, whereaPA.These are the maps : I YPIA such that pq P A

for every index P I.

Mappings

: X Yx pxq A map from a set Xto another set Yis an operation that associa

each element inXto a single element inY.Unless stated otherwise, mapping pxq are assumedto be defined for every x P X. If not,

De fpq domain of definition of, i.e. the points such that is defined.Rangepq pXq the range of the map i.e.tb P Y: Da P X such that b paqupSq the forward image for any subset ofS X

i.e.tb P Y: Da P S such that b paq u tpaq :a P Au: X Y is injective or one-to-one i.e. ifa1 a2 pa1q pa2q: XY is surjective i.e. ifpXq Y: X Y is bijective i.e. is both one-to-one and onto

i.e.@b P Y, D!a P Xsuch that paq b , : X Yare equal, i.e. they have same action: paq paq

for all a P X. (Ex:px2 ` x4q{p1 ` x2q x2.)pq the graph ofpq which is a subset of the Cartesian product set

X Y:tpx,yq P X Y: y pxq ut px, pxqq :x P Xupxq Y vertical fiber for eachx P X,tpx,yq : y P Yu tall pointspa, bq P X Y such that a xupqX p pxq Yq t px, bqu with b pxq,knowing is equivalent with knowing pq.

idX: X X the identity map onXsending each point x P Xtox itself.1 :Y X the inverse map of : X Y

such that 1ppaqq a, for all a P Xandp1pbqq b, for all b P1pbq the unique element a P Xsuch that paq b.


9/119

CONTENTS 9


10/119

10 CONTENTS


11/119

Part I

Arithmetic ofZ, divisibility theory

11


12/119


13/119

Chapter 1

Interlude on natural numbers,induction and well ordering

Natural numbers are the set N t1, 2....u will interest us along this course. Thereis an important principle, or method of proof, which applies to this number system,but not any other standard number systems , such as the set Z of all the integers, orthe sets Q, R or C of rational, real or complex numbers. There are three versions ofthis principle, known as the principle of induction, the most familiar, the principle ofstrong induction and the well-ordering principle; there are logically equivalent, in thesense that each implies the other, but in different contexts one of them may be moreconvenient to use than the other.

Theorem 1.0.1. The following principles are equivalent:

1. The principle of induction (version 1): LetPpnq be statements indexed bynatural integers. IfPp1q is true, andPpnq impliesPpn ` 1q, for allnP N, thenPpnq is true for anyn P N.

2. The principle of induction (version 2): Suppose thatAN, that1PA,and thatn P A impliesn ` 1 P A for anyn P N; thenA N.

3. The principle of strong induction (version 1): IfPp1q is true, andPp1q,Pp2q, ... , Ppnq together implyPpn ` 1q, thenPpnq is true for alln P N.

4. The principle of strong induction (version 2): Suppose thatB N, that1 P B, and that if1, 2,.., n P B, thenn ` 1 P B; thenB N

5. The well-ordering principle: If C

N and C is non-empty, then C has a

least element for the order onN (that is there is acP C such that c d foralld P C).

Proof. To see that 1.implies2.. Assume1., and suppose thatA satisfies the hypothesisof2.. Let Ppnqbe the statement n P A, soPp1qis true, since 1 P A; ifPpnq is true thenn P A, so n ` 1 P A, and hence Ppn ` 1q is true; thus Ppnq implies Ppn ` 1q, so Ppnq istrue for all n P N by1.; thus n P A, for anyn P N, so A N. For the converse (that2.implies1.), givenPpnq takeA tn P N|Ppnq is trueu, then1 P A(sincePp1q is true),

13


14/119

14CHAPTER 1. INTERLUDE ON NATURAL NUMBERS, INDUCTION AND WELL ORDERING

and ifn P A then Ppnq is true, so Ppn ` 1q is true, giving n ` 1 P A; hence A Nby2. so Ppnq is true for all n P N.Similarly, we obtain that 3. is equivalent to 4..To see that 2. implies4. Suppose that B satisfies the hypotheses of4.. Let

A tn P N|1,..., n P BuThenA N, and1 P A (since1 P B). Ifn P A then1, 2,...., n P Band hencen ` 1 P A(by definition ofA); thusn P Aimpliesn ` 1 P A, soA N, by2.This means that foreachn P N, we have 1, 2,.., n P B, so, in particular n P B; thusB N, as required.To see that 4. implies 5., we show that ifC N, and C has no least element then Cis empty. LetB NzC, the complement ofC in N. Then1PB, for otherwise 1P Cand so 1 is a least element ofC (since it is a least element ofN). If1, 2,..., n P B then1, 2,..., n R C; it follows that n ` 1 R C(for otherwise n ` 1would be a least element ofC), so n ` 1 P B. Thus B satisfies the hypotheses of4., soB N and Cis empty.To see that 5.implies2., suppose thatAsatisfies the hypotheses of2., and letC

N

zA.

IfC is non empty, then it has a least element c. Since 1PA (since 0PA) then c1,so c 1P N. Now, c 1RC (for otherwise c could not be a least element ofC), andhencec 1 P A. But n P A impliesn ` 1 P A, thenc P A, which is a contradiction. SoCis empty and A N. Remark 1.0.2. 1. We can also start the induction process from n0 0. For in-

stance, the principle of induction becomes: If Ppn0q is true, and Ppnq impliesPpn ` 1q, for somen n0, thenPpnq is true for anyn n0.

2. The principle of strong induction is used instead of the principle of induction thehypothesisPpnq alone is not strong enough to provePpn ` 1q.

3. The well-ordering principle is easily seen to be false if we replaceN with any of

the other standard number system: for instance, the set of the strictly positiverational numbers has no least element.

4. The previous principle implies 0 element, the 1 element and the addi-tion` (as initial data) are enough to get all the natural integer. Wewill see that it is not so simple with the multiplication.


15/119

Chapter 2

Divisibility

2.1 Definition of divisibility

In mathematics, the notion of a divisor originally arose within the context of arith-metic of whole numbers. With the development of abstract rings, of which the integersare the archetype, the original notion of divisor found a natural extension. We recallhere the notion of divisibility for integers.

Definition 2.1.1. Leta andb be integers, a0. We say that a divides b, denotedbya|b, if there exist an integercsuch thatb ca. We also sayb is divisible by a, bis a multiple of aora is a divisor of b.

Example 2.1.2. 2|6,3|9,5| 10, 4|0, 3 7.Remark 2.1.3. Lets insist on the following trivial facts.

1. 1|n, for anyn P Z,2. 0 n, for anyn P Z.3. n|0, for anyn P Z which is non-zero.We enumerate some of the basic, trivial but essential properties about divisibility

with the following theorem.

Theorem 2.1.4. Leta, b, c, x,y be integers.

1. Ifa|b, thea|xb.2. Ifa|b anda|c, thena|bx ` cy.

3. Ifa|b thenxa|xb.4. Ifa|b, then|a| |b|. In particular, ifa|b andb|a, thena b.

2.2 Some divisibility tests

For practical as well as theoretical purposes we often want to establish test to seewether an integer is divisible by a certain number.

15


16/119

16 CHAPTER 2. DIVISIBILITY

2.2.1 Divisibility by10n, 5, 25

We recall the following divisibility test. The proof is left to the reader, he can use asimilar proof as the one of the following section.

Test 2.2.1. 1. A number is divisible by10n if and the last n digits are zeros.2. A number is divisible by5 if and only if the last digit is0 or5.

3. A number is divisible by25 if and only if the last two digits are divisible by25.

2.2.2 Divisibility by a power of2

Test 2.2.2. Letn be a positive integer. A number is divisible by2n if and only if thelastn digits are divisible by2n.

Proof. Letdmdm1...d1d0 am-digits number. We have

dmdm1...d2d1 dmdm1...dn`1 10n ` dn...d1.Note that 2n|10n, then also 2n|dmdm1...d1 10n. As a consequence, 2n|dmdm1...d2d1 ifand only if2n|dn...d2d1.

Example 2.2.3. Take123456 as an example. Since56 is divisible by4, we know that123456 is also divisible by4.

2.2.3 Divisibility by3 and 9

Test 2.2.4. A number is divisible by 3 (reps. 9) if and only if its sum of digits is

divisible by3 (resp. 9).

Proof. Letdmdm1...d1d0a m `1-digits number. Write9ppq for thep-digits number9...9.We have

dmdm1...d1d0 dm 10m ` dm1 10m1 ` ... ` d0 100 dm p1 ` 9pmqq ` dm1 p1 ` 9pm1qq ` ... ` d1 p1 ` 9q ` d0 9 pdm 1pmq ` dm1 1pm1q ` ...d1q ` pdm ` ... ` d0q.

Note that3and9divides9pdm1pmq`dm11pm1q`...d1q. As a consequence, we havethat3 (resp. 9) dividesdmdm1...d1d0if and only if3 (resp. 9) divides pdm ` ...`d0q.

Example 2.2.5. Take 123456 as an example. Since 1 ` 2 ` 3 ` 4 ` 5 ` 6 21 isdivisible by3 but not9, we know that123456 is also divisible by3 but not9.

2.2.4 Divisibility by11

Test 2.2.6. Then`1-digit numberan...a0is divisible by11 if and only if the alternatingsum of the digitsp1qnan ` p1qn1an1 ` ... a1 ` a0 is divisible by11.


17/119

2.3. G.C.D. AND L.C.M. 17

Proof. Letdmdm1...d1d0 am ` 1-digits number. We havedmdm1...d1d0

dm 10m ` dm1 10m1 ` ... ` d0 100

dm

pp11

1

qm

`dm

1

p11

1

qm1

`...

`d1

p11

1

qq `d0

11 m ` pdm ` p1qm1dm1 ` ... ` d0q.As a consequence, we have that 11 dividesdmdm1...d1d0 if and only if11 dividespdm `p1qm1dm1 ` ... ` d0q.

2.2.5 More divisibility test

We have that

Test 2.2.7. 1. A number is divisible by6 if and only if it is divisible by both2 and3,

2. A number is divisible by12 if and only if it is divisible by3 and4.In general, ifp|n, q|n, can we say that pq|n? If not what we can say ? You should

be able to answer to this question after studying this and the next section.More divisibility test will be discussed in the exercises.

2.3 G.C.D. and L.C.M.

In this section we shall go other the familiar concept ofG.C.D.(orH.C.F.) andL.C.M.,as well as some of their important properties.

Definition 2.3.1. Let a

and b

be integers, not both zeros. The greatest commondivisor(also calledhighest common factor, abbreviated as G. C. D. or H. C. F.)ofa andb, denoted asgcdpa, bq, is defined to be the largest integer which divides bothaandb.That isd gcdpa, bq.

1. d|a andd|b;2. d 0;3. For anyd1P Z such thatd1|a andd1|b thend1|d.

Example 2.3.2. 1. gcdp24, 36q 12,2. gcd

p8, 6

q 2,

3. gcdp2, 9q 1.Definition 2.3.3. Let a and b be integers, not both zeros. The lowest commondivisor(abbreviated as L. C. M.) ofa andb, denoted aslcmpa, bq, is defined to be thelargest integer which divides botha andb.That isd lcmpa, bq.

1. a|d andb|d;


18/119


2. d 0;3. For anyd1P Z such thata|d1 andb|d1 thend|d1.

Example 2.3.4. 1. lcmp24, 36q 72,

2. lcmp8, 6q 24,3. lcmp2, 9q 18.The G. C. D and L. C. M. of more than two integers can be similarly defined.

2.4 Prime and coprime numbers

Definition 2.4.1. We say that an integer p 1 is a prime integers if its onlydivisors are1 and itself. An integern 1 which is not prime (such as4, 6, 8, 9...) issaid to becomposite; such an integer integer has the formn ab where1 a nand1

b

n.

Example 2.4.2. 2, 3 ,5, 7 are prime integers.

Remark 2.4.3. 1. Note that1 is not prime.

2. The smallest prime is2 and the other prime are odd.

Definition 2.4.4. We say that two non-zero integersaandbarecoprimeifgcdpa, bq 1.

Example 2.4.5. 1. 12 and35 are coprime since gcdp12, 35q 1.2. 12 and21 are not coprime since3 divides12 and21.

3. Two distinct primes are always coprime.

In order to find specific examples of prime it seems reasonable to look at integers ofthe form 2m 1, since many small primes, such as 3, 5,7,17, 31,...Exercise 2.4.6 (Fermat numbers). If2m ` 1 is prime then m 2n for some integern 0.Indeed: We prove the contrapositive, that ifm is not a power of2 then2m ` 1 is notprime. If m is not a power of 2, thenm has the form 2nq for some oddq 1. Nowthe polynomial fptq tq ` 1 has a root t 1 because q is odd, so it is divisible byt ` 1; this is a proper factor sinceq 1, so putting t x2n we see that the polynomialgpxq fpx2nq xm ` 1 has a proper factorx2n ` 1. Takingx 2 we see that22n ` 1 isa proper factor of the integergp2q 2

m

` 1, which cannot therefore be prime.Numbers of the form Fn 22n ` 1 are called Fermat numbers, and those which

are prime are calledFermat primes.

Fermat conjecture thatFn is prime for everyn 0. Forn 0,.., 4 the numberFnare indeed prime, but in 1732 Euler showed that the next Fermat numberF5 225 `1 64167000417is a composite. The fermat numbers have been studied intensively, often


19/119

2.4. PRIME AND COPRIME NUMBERS 19

with the aid of computers, but no further Fermat primes have been found. It is conceiv-able that there are further Fermat primes (perhaps infinitely many) which we have notyet found, but the evidence is not very convincing.

These primes are important in geometry: in 1801 Gauss showed that a regularpolygon with k sides can be constructed by ruler-and-compass methods if and only ifk 2ep1...pr wherep1, ... , pr are Fermat primes.

Even if not many of the Fermat numberFn turn out to be composite, the followingresult shows that their factors include an infinite set of primes, since distincts FermatnumbersFn are mutually coprime.Indeed: Let d pFn, Fn`kq be the G.C.D. of the two Fermat numbers Fn and Fn`k,where k 0. The polynomial x2k 1 has a root x 1, so it is divisible by x ` 1.Puttingx22n , we see thatFn dividesFn`k 2, so d divides2 and henced is1 or2.Since all Fermat numbers are odd, d 1.Exercise 2.4.7 (Mersenne numbers). Ifm1 andam 1 is prime, then a2 andm is prime.Indeed: a 1|am 1 so ifa 2, a 1 1 andam 1 is not prime. Suppose now thatm is not prime writem asm pq where0 p m and0 qm, ap 1|papqq 1andam 1 is not prime.

Integers of the formMp 2p1, wherepis a prime, are calledMersenne numbersafter Mersenne who studied them in 1644; those which are calledMersenne prime.Forp 2, 3, 5, 7, the Mersenne numbersMp 3, 7;31;127 are indeed prime, butM112047 23 89 is not prime, so Mp is not prime for every prime p. At the time ofwriting, 35 Mersenne primes have been found, the latest being M1257787 and M1398269(discovered in1996 by David Slowinski and Joel Armeugaud respectively, with the aidof computers). As in the case of the Fermat primes, it is not known whether thereare finitely or infinitely many Mersennes primes. But we can also prove as for Fermatprimes that two distinct Mersenne number are coprime.


20/119



21/119

Chapter 3

Euclidean division, Bezout theorem,linear diophantine equations

3.1 Euclidean divisionWe recall the following lemma establishing the Euclidean division, which is intrinsic

in our mind.

Lemma 3.1.1. Let a and b be integers, a 0. There exists unique integers q and rsuch that

a bq ` rwith0 r |a|.Proof. The proof consists of two parts: first, the proof of the existence of q and r, and

second, the proof of the uniqueness of q and r. ExistenceConsider first the caseb 0. Settingb1 bandq1 q, the equationa bq`rmay be rewritten a b1q1` r and the inequality 0 r |b| may be rewritten0 r |b1|. This reduces As a consequence, without loss of generality one cansuppose that b 0.Now, ifa 0and b 0, settinga1 a,q1 q 1and r1 b r, the equationa bq ` r may be rewritten a1 bq1 ` r1 and the inequality 0 r b may berewritten0 r1 b. Thus the proof of the existence is reduced to the case a 0and b 0and we consider only this case in the remainder of the proof.Let q1 and r1, both nonnegative, such that abq1 ` r1, for example q1 0 andr1 a. If r1 b, we are done. Otherwiseq2 q1` 1 and r2 r1 b satisfyabq2 ` r2 and 0r2 r1. Repeating this process one gets qqkand rrksuch that a bq ` r and 0 r b. IndeedprnqnPN is a decreasing sequence ofpositive integer so the process must terminates.This proves the existence and also gives a simple division algorithm to computethe quotient and the remainder. However this algorithm needsq steps and is thusnot efficient.

21


22/119

22CHAPTER 3. EUCLIDEAN DIVISION, BEZOUT THEOREM, LINEAR DIOPHANTINE EQUATIONS

UniquenessSuppose there exists q, q1, r, r1 with 0 r, r1 |b| such that a bq ` r anda bq1 ` r1. Adding the two inequalities 0 r |b| and|b| r1 0 yields|b| r r1 |b|, that is|r r1| |b|.Subtracting the two equations yields: bpq1 qq pr r1q. Thus |b| divides |r r1|.If|r r1| 0 this implies|b| |r r1|, contradicting previous inequality. Thus,r r1 and bpq1 qq 0. As b 0, this impliesq q1, proving uniqueness.

Example 3.1.2. Leta 13, b 100. Then100 13 7 ` 9 (i.e. q 7, r 9).

3.2 Euclidean algorithm

In school we have learnt various methods of computing the G.C. D. and the L. C.M. of a given of integers. Propertyp4qsuggests a useful, simple and yet less commonlyused way of computing the G. C. D. by the Euclidean algorithm. An algorithm isa definite procedure for solving problems or performing tasks. Let first state a simplebut essential lemma for establishing the Euclidean Algorithm.

Lemma 3.2.1. Ifa, b, q, r are integers anda bq ` r, then gcdpa, bq gcdpb, rq.

Proof. Any common divisor ofb and r also dividesqb `r a; similarly, sincer aqb,it follows that any common divisor ofa and b divides r. Thus two paira, b and b , rhave the same common divisors, so they have the same greatest common divisor.

We can now describe the Euclidean algorithm. For simplicity we assume that we aregoing to find the G. C. D. to two positive integers.

Theorem 3.2.2. Let a and b be positive integers, a b. Then we apply a series ofdivisions as follows.

a bq0 ` r1 0 r1 b,b r1q1 ` r2 0 r2 r1,

r1 r2q2 ` r3 0 r3 r2,...

rn2 rn1qn1 ` rn 0 rn rn1,rn1 rnqn.

The process of division comes to an end whenrn`1 0. The integerrn is the G. C. D.ofa andb.


23/119

3.3. BEZOUTS IDENTITY 23

Proof. The idea is to keep repeating the division algorithm. We have:

a bq1 ` r1, 0 r1 b, gcdpa, bq gcdpb, r1q,b r1q2 ` r2, 0 r2 r1, gcdpb, r1q gcdpr1, r2q,

r1

r2q3`

r3, 0

r3

r2, gcd

pr1, r2

q gcd

pr2, r3

q,

.

.

.rn2 rn1qn ` rn, 0 rn rn1, gcdprn2, rn1q gcdprn1, r nqrn1 rnqn`1, gcdprn1, rnq rn

In fact,prkqk constitute a sequence strictly decreasing of positive integer, this insurethat there is an n such that rn 0. Therefore

gcdpa, bq gcdpb, r1q gcdpr1, r2q ...gcdprn2, rn1q gcdprn1, rnq rn.

Example 3.2.3. We want to find the G. C. D. of2445 and652. We have

2445 652 3 ` 489652 489 1 ` 163489 163 3

Then by this Euclidean algorithm, we get that gcdp2445, 652q 163.

3.3 Bezouts identity

The following result uses Euclids algorithm to give a simple expression for dgcdpa, bq in terms ofa and b:Theorem 3.3.1. Letaandb be integers withgcdpa, bq d. There exist integersu andv such that

au ` bv d.Suchu, v can be obtained by backward tracing of the Euclidean divisions in finding theG. C. D.

Proof. Let apply the Euclidean algorithm to a and b, we have the following series ofdivision

a bq0 ` r1 0 r1 b,b r1q1 ` r2 0 r2 r1,r1 r2q2 ` r3 0 r3 r2,

.

.

.rn2 rn1 qn1 ` rn 0 rn rn1,rn1 rnqn.


24/119


such that rn dandrn`1 0.Then we notice first that

d rn2 rn1qn1Then, we have

d rn2vn ` rn1unwithvn 1andun qn1.Injecting the following in the previous equality,

rn1 rn3 rn2qn2we find two integer un1 andvn1

d rn3vn1 rn2un1So that reiterating the process until the top of the Euclidean algorithm, we finally findintegers u andv such that

au ` bv d.This is the process is known as the extended Euclidean algorithm.

Theorem 3.3.2. Leta andb be integers (not both0) with greatest common divisord.Then, an integerc has the formax ` by for somex, y P Z if and only ifc is a multipleofd. In particular, d is the least positive integer of the formax ` by (x, y P Z).Proof. Ifc ax ` by wherex, y P Z, then sinced dividesa and b, from Theorem 2.1.4,implies that d divides c. Conversely, ifcde for some integer e, then by the previoustheorem, by writing d au ` bv, we get c due ` bve ax ` by, where x ue andy

veare both integers. Thus the integers of the form ax

`by (x,y

PZ) are multiple of

d, and the least positive integers of this form is the least positive multiple ofd, namelyd itself.

The next corollary follows easily.

Corollary 3.3.3. Two integersa andb are coprime if and only if there exist integersx and y such the

ax ` by 1.Example 3.3.4. Take the example of finding the G. C. D. of 2445 and 652 again.Again by the Euclidean algorithm, we have:

2445

652

3`

489652 489 1 ` 163489 163 3

Applying the extended Euclidean algorithm, we obtain:

163 652 489 652 p2445 652 3q 652 4 2445


25/119

3.3. BEZOUTS IDENTITY 25

We see that163 2445 p1q ` 652 4

as desired.

Thanks to the previous theorem, we obtain the next theorem which gives some basicproperties of G. C. D. and L. C. M..

Corollary 3.3.5. Leta, b, c andm be non-zero integers. Then

1. gcdpma, mbq |m|gcdpa, bq.2. gcdpa, mq gcdpb, mq 1 if and only ifgcdpab, mq 1,3. c|ab and gcdpb, cq 1 implyc|a,4. a|c, b|c and gcdpa, bq 1 implyab|c5. gcdpa, bq gcdpb, aq gcdpa, b ` maq,6. gcd

pa, b

qlcm

pa, b

q |ab

|.

Proof. 1. First, we have m gcdpa, bq|ma and m gcdpa, bq|mb. Thus,m gcdpa, bq|gcdpma, mbq.By Bezout theorem, there are integersxand y such thatax`by gcdpa, bq. Mul-tiplying bym, we getmax `mby m gcdpa, bq. So that gcdpma, mbq|m gcdpa, bq.

2. Ifgcdpab, mq 1then there are integersxandysuch thatabx`my apbxq`my bpaxq ` my 1. Thus gcdpa, mq gcdpb, mq 1. Suppose now that gcdpa, mq gcdpb, mq 1then there are integersx,y,x1,y1such thatax`my bx1`my1 1,then multiplying the equation one gets gcdpax ` myqgcdpbx1` my1q 1, thenabpxy1q ` mpybx1 ` ymy1 ` axy1q 1. Thus, gcdpab, mq 1.

3. Suppose that c|ab and gcdpb, cq 1 then there are integers x and y such that1 bx ` cy. Multiplying bya, we obtain a abx ` acy, since c|abx and c|acy,thenc|a.

4. We know that since gcdpa, bq 1, there are integersxand y such thatax`by 1.Moreover, sincea|candb|c, there are integerseand fsuch thatc aeandc b f.Thenc cax ` cby bfax ` aeby abpf x ` eyq. Thus ab|cas required.

5. gcdpa, bq|a and gcdpa, bq|b then also gcdpa, bq|gcdpa, b ` maq. We have gcdpa, bq|aand gcdpa, bq|b ` ma. By definition, gcdpa, b ` maq|gcdpa, bq. Then gcdpa, bq gcdpa, b ` maq.

6. Suppose that a and b are positive for simplicity. Let e a{gcdpa, bq and fb{gcdpa, bq, then ab{gcdpa, bq gcdpa, bqe gcdpa, bqf{gcdpa, bq gcdpa, bqe fa f eb. Thus, a|pab{gcdpa, bqq and b|pab{gcdpa, bqq. Let now consider an integerm such that a|m and b|m. We know that there are integers x and y such thatgcdpa, bq ax`b y then mgcdpa, bq cax`cb y, but ab|cax and ab|cby, soab|m gcdpa, bq, in particular ab{gcdpa, bq|m. So that lcmpa, bq ab{gcdpa, bq.

Example 3.3.6. Prove that the fractionp21n ` 4q{p14n ` 3q is irreducible for everynatural numbern.


26/119


SolutionWe have

gcdp21n ` 4, 14n ` 3q gcdp7n ` 1, 14n ` 3q gcdp7n ` 1, 1q 1

for every natural number n. This means that 21n ` 4 and 14n ` 3 have no commondivisor and hence the fraction irreducible.

3.4 Application: linear diophantine equations.

Theorem 3.4.1. Leta,bandcbe integers, withaandbnot both0, and letd gcdpa, bq.Then the equation

ax ` by chas an integer solutionx, y if and only ifc is a multiple ofd, in which case there areinfinitely many solutions. There are the pairs

x x0 ` bnd

, y y0 and pn P Zq,

wherex0, y0 is any particular solution.

Proof. The fact that there is a solution if and only if d|c is merely a restatement ofTheorem 3.3.2. Then, letx0,y0be a particular solution found by the extended euclidianalgorithm. So,

ax0 ` by0 c.If we put

x x0 ` bnd

, y y0 and

wheren is any integer, then

ax ` by a`x0 `bnd

` b y0 and

ax0 ` by0 c,so x, y is also a solution. (Note that x and y are integers since d divides b and arespectively.) This gives us infinitely many solutions, for different integers n. To showthat these are the only solutions, letx, ybe any integer solution, so ax ` by c. Sinceax ` by c ax0 ` by0 we have

apx x0q ` bpy y0q 0,so dividing by d we get

a

dpx x0q b

dpy y0q.

Now a and b are not both 0, and we can suppose that b 0 (if not, interchange theroles ofa and b in what follows). Sinceb{d divides each side of the previous equality


27/119

3.4. APPLICATION: LINEAR DIOPHANTINE EQUATIONS. 27

and it is coprime to a{d by Theorem 3.3.5, a., it divides x x0 by Theorem 3.3.5, c.Thusx x0 bn{d for some integer n, so

x x0 `bnd

.

Substituting back for x x0, we get

bdpy y0q a

dpx x0q a

d.bn

d ,

So dividing by b{d (which is non-zero) we have

y y0 and

.

Example 3.4.2. Find all the integer solutions of

56x ` 76y 40 pEqSolution: Run the EEA to find GCD and particular solution for the equation. Fromthe EA, we have:

72 56 1 ` 1656 16 3 ` 816 8 2 ` 0

Thengcdp56, 72q 8.From the EEA we get :

78 56 16 3

56

p72

56

q 3

4 56 3 72Then

40 8 5 56 20 15 72.This givex0 20 andy0 15 as a particular solution.Letpx,yq be a general solution, we have then:

56 x ` 72 y 40 56 x0 ` 72 y0.Then

7px x0q 9py y0q

Sincep7, 9q 1 then by Euclids lemma, since7 divides9py y0q, 7 dividespy y0q.So, there is an integerksuch thaty y0 7k. Injecting this equation to the later one,we obtainx x0 9k. So, a general solution is of the form"

x 9k` 20y 7k 15

wherekis a integer.


28/119



29/119

Chapter 4

The fundamental theorem ofarithmetic

4.1 The theoremLemma 4.1.1. Letp be a prime, and leta andb any integers. Then

1. eitherp dividesa, ora andp are coprime;

2. p dividesab if and only ifp dividesa orp dividesb.

Proof. 1. By definition,gcdpa,pq divides p so it is either 1 or p, since p is prime. Ifgcdpa, bq p, in particularp|a. Otherwise, gcdpa, bq 1, anda andb are coprime.

2. If p| a or p| b, then p| ab. Conversely, if p|ab. Suppose that p a, thengcdpa,pq 1, by 1. So there are integers x and y such that ax`p y 1.Multiplying by b, we obtain bax

`bpy

b. But then,p

|bax by assumption and

clearly,p|bpy. Thus p|b.

Remark 4.1.2. Both parts of the lemma can fail ifp is not prime: takep 4, a 6andb 10, for instance.

We can extend by induction 2. of the previous lemma to product of any numbers offactors.

Corollary 4.1.3. Ifp is prime andp dividesa1...ak, thenp dividesai for somei.

Proof. We use induction on k. Ifk

1then the assumption is thatp

|a1, so the conclusion

is automatically true (withi 1). Now assume thatk 1and that the result is provedfor all products ofk 1 factors ai. If we put aa1...ak 1 and bak, then a1...akaband sop|ab. By the previous lemma part 2., it follows that p|aor p|b. In the first case,we havep|a1....ak 1, so the induction hypothesis implies thatp|ai for some i 1,...k 1;in the second case we have p|ak. Thus in either case p|ai for some i, as required.

The next result, known as the fundamental theorem of arithmetic, explains whyprime numbers are so important: they are the basic building blocks out of which all

29


30/119

30 CHAPTER 4. THE FUNDAMENTAL THEOREM OF ARITHMETIC

integers can be constructed. We have seen that 0 and 1 are enough to build all theintegers via addition. We have that prime numbers are enough to build all the integervia the multiplication.

Theorem 4.1.4. Each integern

1 has a prime-power factorization

n pe11...pek

k

wherep1, ... , pkare distinct primes ande1, ... , ekare positive integers; this factoriza-tion is unique, apart from permutations of the factors.

Proof. First we use the principle of strong induction to prove the existence of prime-power factorizations. Since we are assuming that n 1, we start the induction withn 2. As usual, this case is easy: the required factorization is simplyn 21. Nowassume that n2 and that every integer strictly between 1 and n has a prime-powerfactorization. If n is prime then n n1 is the required factorization ofn, so we canassume thatnis composite, sayn

abwhere1

a, b

n. By the induction hypothesis,

bothaandbhave prime factorizations, so by substituting these into the equationn aband then collecting together powers of each primepi, we get a prime-power factorizationofn.Now we prove uniqueness. Suppose that nhas prime-power factorization

n pe11...pek

k qf1

1...q

fll

wherep1, ... , pkandq1, ...,ql are two sets of distinct primes, and the exponents ei andfj are all positive. The first factorization shows thatp1|n, then applying the previouscorollary to the second factorization we obtain p1|qj for some j 1,..., l. By permuting(or renumbering) the prime-powers in the second factorization we may assume that

j1, so that p1|q1. Since q1 is prime, it follows that p1 q1, so canceling this primefrom the two factorizations we get:

pe111

pe22...pek

k qf11

1 q

f22..q

fll

We keep repeating this argument, matching primes in the two factorizations and thencanceling them, until we run out of primes in one of factorizations. If one of factorizationruns out before the other, then at that stage our reduced factorizations express 1 asa product of primes pi or qj, which is impossible since pi, qj 1. It follows that bothfactorizations run out of primes simultaneously, so we must have cancelled the ei copiesof each pi with the same numberpfiq of copies of qi; thus k l, each pi qi (afterpermuting factors), and each ei

fi so we have proved uniqueness.

Remark 4.1.5. The previous theorem implies that the set of all the primes generatesall the integers number, the prime are smallest integers in relation of the divisionoperation. That is a reason why there are so important in arithmetics.

Definition 4.1.6. The following notation is often useful: ifp is prime, we writepe||nto indicate thatpe is the highest power ofp dividingn, that is, pe dividesn butpe`1 doesnot.


31/119

4.2. APPLICATIONS 31

Example 4.1.7. For instance, 23||200, 52||200, andp0||200 for all primep 2, 5.Remark 4.1.8. The prime-power factorizations allows us to calculate products, quo-tients, powers, greatest common divisors and least common multiples. Suppose thatintegersa andb have factorizations

a pe11...pek

k and b pf1

1...p

fkk

(where we havee i, fi 0 to allow for the possibility that some primepi may divide onebut not both ofa andb). Then we have

ab pe1 f11

...pek fkk

,

a{b pe1 f11

...pek fkk

pi f b|aq,am pme1

1 ...pmek

k ,

gcdpa, bq pminpe1,f1q1

...pminpek,fkqk

lcmpa, b

q p

maxpe1,f1q1

...pmaxpek,fkqk

where minpe,fq and maxpe,fq are the minimum and maximum of e and f. Unfortu-nately, finding the factorization of a large integer can take a very long time!Then we note that ifpe||a andpf||b thenpe f||ab, pe f||a{b (ifb|a), pme||am, ...Example 4.1.9. Find the prime-power factorization of132, of400 and of1995. Hence

findgcdp132, 400q, gcdp132, 1995q, gcdp400, 1995q, gcdp132, 400, 1995q.Solution:

132 22 3 11400 24 52

1995 3 5 7 19gcdp132, 400q 2

2

gcdp132, 1995q 3gcdp400, 1995q 5

gcdp132, 400, 1995q 1

4.2 Applications

As first application, the following result looks rather obvious and innocuous but itis extremely useful, especially in the case m 2:Lemma 4.2.1. Ifa1, ... ,ar are mutually coprime positive integers (every two distinct

of such integers are coprime), anda1, ..., ar is anm-th power for some integerm 2,then eachai is anm-th power.Proof. It follows from the above formula for am that a positive integer is an m-th powerif and only if the exponent of each prime in its prime-power factorization is divisible bym. Ifa a1...ar, where the factors ai are mutually coprime then each pe appearing inthe factorization of any ai also appear the full power ofp in the factorization ofa; sincea is anm-th power, e is divisible bym, soai is anm-th power.


32/119


Remark 4.2.2. Of course, it is essential to assume thata1, ...,arare mutually coprimehere: for instance, neither 24 nor 54 are perfect square, but their product 24 541296 362 is a perfect square.

We can use also the prime-power factorizations to generalize the classic result (known

to Pythagoreans in the 5-th centuryBC) that ?2 is irrational.Definition 4.2.3. A rational numberis a real number of the forma{b, wherea andbare integers andb 0; all the other real numbers areirrational. Aperfect squareis an integer of the formm n2, wheren is an integer.Corollary 4.2.4. If a positive integerm is not a perfect square, then

?mis irrational.

Proof. It is sufficient to prove the contrapositive, that if?

m is rational then m is aperfect square. Suppose that

?m a{bwhere a and bare positive integers. Then

m a2{b2

Ifa and bhave prime-power factorizations

a pe11...pek

k and b pf1

1...p

fkk

as above, then

m p2e12f11

...p2ek 2fkk

must be the factorization, and ei fi 0for eachi, som ppe1 f1

1 ...p

ek fkk

q2

is a perfect square.

Another application is the Euclids theorem which says that there are infinitely many

primes. It is one of the oldest and most attractive in mathematics. We have seen someproofs already of the result via the Fermats numbers and the Mersenne numbers. Wemight see other proofs during this course, to illustrate important techniques in numbertheory. (It is useful, rather than wasteful, to have several proofs of the same result,since one may be able to adapt these proofs to give different generalizations.)

Theorem 4.2.5. There are infinitely many primes.

Proof. The proof is by contradiction: we assume that there are only finitely manyprimes, and then we obtain a contradiction from this, so it follows that there must beinfinitely many primes.Suppose then that the only primes are p1,p2, ...,pk. Let

m p1p2...pk ` 1Since m is an integer greater than 1, the Fundamental Theorem of Arithmetic impliesthat it is divisible by some prime p (this includes the possibility that mp). By ourassumption, this prime p must be one of the primes p1, p2, ..., pk, so p divides theirproduct p1p2...pk. Since p divides both m and p1p2...pk, it divides m p1p2...p k1,which is impossible. We deduce that our initial assumption was false, so there must beinfinitely many primes.


33/119

4.3. PRIMALITY-TESTING AND FACTORIZATION 33

Another open question concerning prime numbers is Goldbachs conjecture, thatevery even integern 4is the sum of two primes: thus4 2 ` 2,6 3 ` 3,8 3 ` 5,and so on. The evidence for this is quite strong, but the best general result we have inthis direction is a theorem of Chen Jing-Run (1973) that every sufficiently large even

integer has the form n p ` q where p is prime and q is the product of at most twoprimes. Similarly, Vinogradov proved in 1937 that every sufficiently large odd integeris the sum of three primes, so it immediately follows that every sufficiently large eveninteger is the sum of at most four primes.

4.3 Primality-testing and factorization

There are two practical problems which arise from the theory we have considered:

1. How do we determine whether a given integer n is prime?

2. How do we find the prime-power factorization of a given integer n?

Lemma 4.3.1. An integer n 1 is composite if and only if it is divisible by somep ?n.Proof. Ifn is divisible by such a prime p, then since 1 p ?n n, it follows that nis composite. Conversely, ifn is composite thenn abwhere1 a nand 1 b n;at least one ofaandb is less than or equal to

?n (if not,ab n), and this factor will

be divisible by a prime p ?n, which then dividesn. Example 4.3.2. We can see that97 is prime by checking that it is divisible by none ofthe primesp ?97, namely2, 3, 5 and7. This method requires us to test whether anintegern is divisible by various primep. For certain small primesp there are simpleways of doing this, based on properties of the decimal number system.

Remark 4.3.3. In order to test the divisibility, we can use here all the techniques thatwe have seen before for divisibility by 2, 3, 5 and 11. Otherwise, one simply has todividep into n and see whether or not the remainder is0.

This method of primality-testing is effective for fairly small integers n, since there arenot too many primes p to consider, but when n becomes large it is very time consum-ing: by the Prime Number Theorem which says that the number of prime integers lessthan some integer x is equivalent to x{lnpxq, the number of prime p ?n is given byequivalent to

?n{lnp?nq 2 ?n{lnpnq.

In cryptography (the study of secret code), one regularly uses integers with several hun-

dred decimal digits, ifn10100

, for example, then this method would involve testingabout8 1047 primesp, and even the fastest available supercomputers would take farlonger than the current estimate for the age of the universe (about 15 billion year) tocomplete this task! Fortunately there are alternative algorithms (using some very so-phisticated number theory) which will determine primality for very large integers muchmore efficiently. Some fastest of these are probabilistic algorithms, such as the Solovay-Strassen test, which will always detect a prime integer n, but which may incorrectlydeclare a composite number n as veing prime; this may appear to be disastrous fault,


34/119


but in fact the probability of such an incorrect outcome is so low (far lower than theprobability if computational error due to a machine fault) that for most practical pur-poses these tests are very reliable.The sieve of Eratosthenes is a systematic way of compiling a list of the primes up to

a given integer N. First, we list the integer 2, 3, ... N in increasing order. Then weunderline2 (which is prime) and cross out all the proper multiples 4,6,8, ... of2 in thelist (since these are composite). The first integer which is neither underlined nor crossedout 3: this is prime, so we underline it and then cross out all its proper multiples 6, 9,12, ... At the next stage we underline5 and cross out10,15,20... We continue like thisuntil every integer in the list is either underline or crossed out. At each stage, the firstinteger which is neither underline nor crossed must be a prime, for otherwise it wouldhave been crossed out, as a proper multiple of an earlier prime; thus only primes areunderlined at some stage, so when the process terminated the underlined numbers areprecisely the primep N. (We can actually stop earlier, when the proper multiples ofall the primes p

?Nhave been crossed out, since the previous lemma implies that

every remaining integer in the list must be prime.)

Our second practical problem, factorization, is apparently much harder than primality-testing. (It cannot be any easier, since the prime-power factorization of an integerimmediately tells us whether or not it is prime). In theory, we could factorize anyinteger n by testing it for divisibility by the primes 2, 3, 5, ... until a prime factor

p is found; we then replace n with n{p and continue this process of n{p is found;eventually, we obtain all the prime factors ofn with their multiplicities. This algorithmis quite effective for small integers, but when n is large we meet the same problem asin primality-testing, that there are just too many possible prime factors to consider.There are, of course, more subtle approaches to factorization, but at present the fastestknown algorithms and computers cannot, in practice, factorize integers several hundreddigits long (though nobody has yet proved that an efficient factorization algorithm willnever be found). A very effective cryptographic system (known as the RSA public keysystem, after its inventors Rivest, Shamir and Adleman, 1978) is based on the fact that


35/119

4.3. PRIMALITY-TESTING AND FACTORIZATION 35

it is relatively easy to calculate the product n pq of two very large primes p and q,while it is extremely difficult to reverse this process and obtain the factors p and q,while it is extremely difficult to reverse this process and obtain the factorsp and q fromn.


36/119



37/119

Part II

Arithmetic Functions

37


38/119


39/119

Chapter 5

Arithmetic Functions

5.1 Definitions, examples

In number theory, we very often encounter functions which assume certain values onN. Well-known example are,

1. The unit function e define byep1q 1 and epnq 0 for all n 1.2. Theidentity function E defined by Epnq 1 for alln P N.3. The power functions Ik defined by Ikpnq nk for all nP N. In particular,

E I0.4. The number of prime divisors ofn, denoted by pnq.5. The number of distinct prime divisors ofn, denoted bypnq.6. The divisor sums l defined by

lpnq d|n

dl

In particular, we write 1, the sum of divisor and0, the number of divisors.7. TheEuler -function or totient function

pnq 7 td P N|gcdpd, nq 1andd nu

8. Ramanujans function pnq defined by8

n1 pnqxn

x8

k1p1 xk

q2

4

9. The sum of squares function rdpnq given by the number of solutions x1,...,xd ton x2

1` ... ` x2

d.

In general,

Definition 5.1.1. Anarithmetic functionis a function f : N C.39


40/119

40 CHAPTER 5. ARITHMETIC FUNCTIONS

Of course this is a very broad concept. Many arithmetic function which occur natu-rally have interesting additional properties. One of them is the multiplicative property.

Definition 5.1.2. Let f be an arithmetic function with fp1q 1. Then f is calledmultiplicative if f

pmn

q f

pm

qf

pn

q for all m, n with gcd

pm, n

q 1 and strongly

multiplicativeif fpmnq fpmqfpnq, for allm, n.It is trivial to see that example e, E, Il, 2

are strongly multiplicative and that 2

is multiplicative. In this chapter we will see that l and are multiplicative. Themultiplicative property of Ramanujans is a deep fact based on properties of so-calledmodular forms. It was first proved by Mordell in 1917. As an aside we also mentionthe remarkable congruence pnq 11pnq mod 691for alln P N.Theorem 5.1.3. 1. l is a multiplicative function.

2. Letn pk11...pkrr. Then

l

pn

q ipi

lpki`1q 1

pl

1Proof. 1. The proof is based on the fact that ifd|mnand gcdpm, nq 1 then d can

be written uniquely in the form d d1d2 where d1|m and d2|n. In particular,d1gcdpm, dq and d2gcdpn, dq. We have

lpmnq

d|mndl

d1|m,d2|n

pd1d2ql pd1|m

dl1qpd2|n

dl2q lpmqlpnq

2. It suffices to show that lppkq pplpk 1q 1q{ppl 1q for any prime power pk. Thestatement then follows from the multiplicative property ofl. Note that,

lppk

q 1 `pl

`p2l

` ... `pkl

plpk 1q

1

pl 1

A very ancient problem is that of perfect numbers.

Definition 5.1.4. A perfect number is a numbernP N which is equal to the sumof its divisors less thann. Stated alternatively, n is perfect ifpnq 2n.

Examples of perfect numbers are 6, 28, 496, 8128, 33550336,.... It is not knownwhether there are infinitely many. It is not also known if there exist odd perfect num-bers. If they do, they must be at least 10300. For even perfect numbers there exists acharacterization given by Euclid and Euler.

Theorem 5.1.5. Let n be even. Then n is perfect if and only if it has the formn 2k 1p2k 1q with2k 1 prime.Proof. Supposen 2k 1p2k 1qwith2p 1prime. Then it is straightforward to checkthat pnq 2n.Suppose that n is perfect. Write n 2k 1m, where m is odd andk 2. Then,

pnq p2k 1mq p2k 1qpmq p2k 1qpmq


41/119

5.2. EULERS FUNCTION 41

not the other hand, nis perfect, so pnq 2n, which implies that 2km p2k 1qpmq.Hence

pmq m ` m2k 1

Sincepmqis integral,2k

1must dividem. Sincek 2we see that m and m{p2k

1qare distinct divisor ofm. Moreover , they must be the only divisors since their sum isalready pmq. This implies thatm is prime and m{p2k 1q 1 that is m 2k 1 isprime.

Remark 5.1.6. 1. We recognize the Mersenne primes (that is the number of theform2k 1 which are also prime) in the theorem.

2. An equally classical subject is that ofamicable numbers that is, pairs of num-bersm,n such thatn is the sum of all the divisors ofm less thanm and vice versa.In other words, m ` n pnq andn ` m pmq. The pair220, 284 was knownto the ancient Greeks. Euler discovered some 60 pairs (for example 11498355,

12024045) and later computer searches yielded several thousands of new pairs,some of which are extremely large.

5.2 Eulers function

Definition 5.2.1. We definepnq taP t1, ...., nu|gcdpa, nq 1u. This function iscalled theEulers function. For smalln, its values are as follows.

n 1 2 3 4 5 6 7 8 9 10 11 12pnq 1 1 2 2 4 2 6 4 6 4 10 4

Theorem 5.2.2. Ifn 1, then d|n

pdq n

Proof. Let S t1, 2,..., nu and for each d dividing n let Sd taP S|gcdpa, nq n{du.These sets Sd partition S into disjoint subsets, since ifaP S then gcdpa, nq n{d forsome unique divisor d ofn. Thus

d|n |Sd| |S| n, so it is sufficient to prove that

|Sd| pdq for eachd. Nowa P Sd a P Zwith1 a nand gcdpa, nq n{d.

If we define a1 ad{n for each integer a, then a1 is an integer since n{d gcdpa, nqdividesa. Dividing on the right-hand side byn{d, we can therefore rewrite the abovecondition as

a P Sd a n{da1 where a1P Z with1 a1 d and gcdpa1dq 1.Thus |Spdq|is the number of integer a1, between1 and d inclusive which are coprime tod; this is the definition ofpdq, so|Spdq| pdq as required.


42/119


Example 5.2.3. If n 10, then the divisors are d 1, 2, 5 and 10. We find thatS1 t10u, S2 t5u, S5 t2, 4, 6, 8u and S10 t1, 3, 7, 9u containing pdq 1, 1, 4and 4 elements respectively. These four sets form a partition of S t1, 2,..., 10u, sop1q ` p2q ` p5q ` p10q 10.

5.3 Convolution, Mobius inversion

Definition 5.3.1. Let f andgbe two arithmetic functions. Their convolution prod-uctdenoted by f g is defined by

pf gqpnq d|n

fpdqgpn{dq

It is an easy exercise to verify that the convolution product is commutative andassociative. Moreover, f effor any f. (Hence arithmetic function form a semigroupunder convolution).

Theorem 5.3.2. The convolution product of two multiplicative functions is again mul-tiplicative.

Proof. Let f, g be two multiplicative functions. We have trivially thatpf gqp1q fp1qgp1q. For anym, n P N with gcdpm, nq 1we have

pf gqpmnq d|mn fpdqgpmn{dq d1|md2|n fpd1d2qgpm{d1n{d2q pd1|m fpd1qgpm{d1qqpd2|n fpd2qgpn{d2qq pf gqpmqpf gqpnq

Notice that for example l E Il. The multiplicative property ofl follows directlyfrom the multiplicativity ofE and Il. We now introduce an important multiplicativefunction.

Definition 5.3.3. TheM obius functionpnq is defined byp1q 1, pnq 0 ifnis divisible by a square 1andpp1...ptq p 1qt for any product of distinct primesp1,... , pt.

Notice that is a multiplicative function. Its importance lies in the following theo-rem.

Theorem 5.3.4. ( M obius inversion) Let f be an arithmetic function and let F bedefined by

Fpnq d|n

fpdq

Then, for anyn P N,fpnq

d|n

Fpdqpn{dq


43/119

5.3. CONVOLUTION, MOBIUS INVERSION 43

Proof. More cryptically we haveF E fand we must prove that f F. It sufficesto show that e E p Eq since this implies F E f e f f.The function E is again multiplicative, hence it suffices to compute E at primepowers pk wherek 0and show that it is zero there. Observe,

pE qppkq d|pk

pdq p1q ` ppq ` ... ` ppkq 1 1 ` 0 ` ... ` 0 0

Theorem 5.3.5. Let b the Euler-function. Then,

1.n

d|n

pdq,@n 1

2. is multiplicative.

3. pnq np|n

p1 1{pq

Proof. 1. (Already proven)

2. We have seen in part 1. that I1 E . Hence, by Mobius inversion, I1.Multiplicativity ofautomatically follows from the multiplicativity of and I1.

3. Because of the mutiplicativity of it suffices to show that ppkq pkp1 1{pq.This follows fromppkq pI1 qppkq pk pk 1 pkp1 1{pq.


44/119



45/119

Part III

Modular arithmetic on Z

45


46/119


47/119

Chapter 6

Congruences

6.1 Motivation

When we think for example in what will the day of the week in 100 days. We canget a diary and count 100 days ahead. But, the quicker way is to think that a week is7 days and every multiple of 7 days from now will be the same day as now, this tell usto just do the Euclidean division of100 by 7 and to look at the remainder, that is:

100 7 14 ` 2so the day will be the same as it is two days ahead, and this is easy to determine. Soto solve this problem with n day it enough to just look the remainder of the division ofn by 7.Consider an integer n, to know if it is odd or even, we can look at remainder ofn by

the division by 2. So, there is just two category of integer when we look at them usingthe division by 2, there is the even integers of the form 2k for some integer kand theodd integers of the form 2k` 1, for some integer k.We can do the same for the division by 4, an if you consider 4k, 4k` 1, 4k` 2, 4k` 3for any k integer, you cover all the integer. Now lets consider n2, ifn is even there isan integer ksuch that n2k, then n2 4kand ifn is odd, there is an integer ksuchthat n2k` 1 then n2 p2k` 1q2 4k2 ` 4k` 14pk2 ` kq ` 1 but then a squareis or of the form 4kor of the form 4k` 1 for some k. In other words, the remainder bythe division4 is either0 or 1. We are not saying that all the integer of this form aresquare, for example 5 is not a square, nevertheless 5 4 1 ` 1. Now, can you say if22051946 is a perfect square without calculator? we know that 4|100 so 4|22051900 soto see the remainder of the division of22051900by 4 it is enough to look at the one ofthe division of46 by 1but 46 11 4 ` 2, so it is not a perfect square.The previous problems is not rare in arithmetic, there are many problems involvinglarge integers that can be simplified by a technique called modular arithmeticwherewe use congruences in place of equation. The basic idea is to choose a particular integern depending on the problem (in the previous example n 7 resp. 4), called themodulus, and replace every integer with its remainder when divided by n. In general,this remainder is smaller and hence easier to deal with.

47


48/119

48 CHAPTER 6. CONGRUENCES

6.2 Definition and first properties

Definition 6.2.1. Letn be a positive integer, and leta andb be any integers. We saythata is congruent to b modpnq, ora is a residue ofb modpnq, written

a b modpnqifa andb leave the same remainder when dividedn.

(Other notations for this includea bpmod nq, a b mod n anda nb).To be more precise, we use the division algorithm to puta qn ` rwitha r n, andb q1n ` r1 with0 r1 n, and then

we say thata b modpnq if and only ifr r1.We will use the notationa b modpnq to denote thata and b are not congruentmodpnq, that is, that they leave different remainders when divided byn.Example 6.2.2. The two example of the first section can be translated as:

1. 100 2 modp7q;2. 22051946 46 2 modp4q.Our first result gives a useful alternative definition of congruence modpnq.

Lemma 6.2.3. For any fieldn 1 we havea b modpnq if and only ifn|pa bqProof. We can write the Euclidean division of a and b by n, we get a qn ` r andb q1n`r1 with q and q1 integers, 0 r n and 0 r1 n. Then we havea b pq q1qn ` pr r1q withn r r1 n.

pq Now, if we suppose that a b modpnq then r r1 so, r r 0 anda b pq q1qn, or in other word, n|a b.

pq Suppose that n|pa bq, then n|pa bq pq q1qn r r1, that implies thatr r1 0sincen r r1 n

We have the congruence relation is an equivalence relation on Z, it is reflexive,symmetric and transitive or in other word we have the following lemma:

Lemma 6.2.4. For any fixedn 1 we have for anya, b andc integers:1. a

a mod

pn

q (reflexivity);

2. ifa b modpnq thenb a modpnq (symmetry);3. ifa b modpnq andb c modpnq thena c modpnq (transitivity).

Proof. 1. We have n|pa aq, for alla.2. Ifn|pa bq thenn|pb aq.3. Ifn|pa bq andn|pb cq then n|pa bq ` pb cq a c.


49/119

6.2. DEFINITION AND FIRST PROPERTIES 49

It follows that Z can be partitioned into disjoint equivalent classes:

Definition 6.2.5. Letn be an integer. The equivalence class for the relation modpnq are called congruence classes of a modpnq. For somea integer,

we denote byras (or sometimesrasn)its congruence classes ofa modpnq, that is

ras tb P Z|a b modpnqu t...., a 2n, a n, a, a ` n, a ` 2n,...u

Each integerb such thatrbs ras is called arepresentative of the classras.

We denote byZ{nZ the set of all the classes of congruences mod pnq.Clearly, we obtain the following lemma:

Lemma 6.2.6. Leta andb be integers, ifb P ras thenras rbs.Remark 6.2.7. Letn be an integer.

1. An element ofZ{nZ is a class of elements ofZ.2. There is a unique representative of a class of an integer mod n on the set

t0,..., n 1u.

Indeed, for any a integer there exists rP t0,..., n 1u, such thatras rrs, thatis the remainder of the division ofa byn (Indeed, rP ras and we can apply theprevious lemma). Moreover, ifr andr1 are distinct integers in

t0,..., n

1

uthen

rrs rr1s. Otherwise, r r1 ` tn for some integer t, but thenr r1 tn and thisholds if and only ifr r1 which contradict the first assumption.

3. By definition, for anya andb integers,ras rbs if and only ifa b modpnq.Definition 6.2.8. Letnbe an integer. A set ofnintegers, containing one representative

from each to then congruence classes inZ{nZ is called acomplete set of residuesmodpnq.

The integers0, ...., n 1 are called the least non-negative residues modpnq.The integersr such thatn{2 r n{2 arethe least absolute residue modpnq.

Remark 6.2.9. 1. The set of all the least non-negative residuest0,..., n 1u is acomplete set of residuesmodpnq. The set of all the least absolute residuemodpnq(that ist0, 1, 2,..., pn 1q{2u ifn is odd andt0, 1, 2,..., n{2 1, n{2u ifn is even) is a complete set of residuesmodpnq.

2. A sensitive choice of a complete set of residues can easy the calculations consid-erably. Many times the least non-negative residues are the most convenience, butthe least absolute residues can be more convenient sometimes.

We obtain a canonical description ofZ{nZ:


50/119


Lemma 6.2.10. Forn an integer,

Z{nZ tr0s, r1s,..., rn 1suExample 6.2.11. Z

{2Z

tr0

s,

r1

suand the class

r0

sis the set of all the even integers

and the classr1s is the set of all the odd integers.We want to define an addition ` and a multiplication operation over the set Z{nZ.

For this, we look at the behavior of the congruence under the addition on Z.

Lemma 6.2.12. For a givenn 1, ifa1 a modpnq andb1 b modpnq then,a1 ` b1 a ` b modpnqa1 b1 a b modpnq

a1 b1 a b modpnqIn other words, ifa, a1, b andb1 are integers such that

ra

s ra1

sand

rb

s rb1

sthen

ra ` bs ra1 ` b1s,ra bs ra1 b1s,

rabs ra1b1s.Proof. Sincea1 a mod pnq, there is an integerksuch thata1 a`knand similarly sinceb1 b mod pnq there is an integerl such thatb1 b` ln; thena1b1 pabq`pk lqn a b modpnq, anda1b1 ab ` pal ` bk` klnqn ab modpnq.

The following example illustrate the use of the complete sets of residues and of theprevious lemma.

Example 6.2.13. 1. Let us calculate the least non-negative residue of28 33 mod35.

Using the least absolute residues mod 35, we have28 7 modp35q and 332 modp35q, so

28 33 p7q p2q modp35q 14 modp35qSince0 14 35, it follows that14 is the required least non-negative residue.

2. Let us calculate the least absolute residue of15 59 mod75.

We have15 59 15 p16q modp75q

60 4 modp75q 15 4 mod p75q 60 modp75q 15 modp75q

and since75{2 15 75{2, the required residue is15.


51/119

6.2. DEFINITION AND FIRST PROPERTIES 51

3. Let us calculate the least non-negative residue of38 mod13.

38 p32q4 94 p4q4 modp13q 162 modp13q

32 mod

p13

q 9 modp13qThe required residue is therefore9.

Since n divides m if and only if m 0 modpnq, it follows that problems aboutdivisibility are equivalent to problems about congruences, and these can sometimes beeasier to solve. Here is a typical example:

Example 6.2.14. Let us prove thatapa ` 1qp2a ` 1q is divisible by6 for every integera.

By taking least absolute residues mod

p6

q. So, there are6 case to consider:

1. Ifa 0 modp6q thenapa ` 1qp2a ` 1q 0 modp6q.2. Ifa 1modp6qthenapa`1qp2a`1q 123modp6q 6modp6q 0mod 6.3. Ifa 2mod p6q thenapa`1qp2a`1q 235mod p6q 65mod p6q 0mod6.4. Ifa 3 modp6q thenapa ` 1qp2a ` 1q 3 4 7modp6q 6 3 7 modp6q

0 mod 6.

5. Ifa 4mod p6q thenapa`1qp2a`1q 459mod p6q 6253mod p6q 0 mod 6.

6. Ifa 5 modp6q thenapa ` 1qp2a ` 1q 5 6 11 modp6q 0 mod 6.

This allows us to define addition, subtraction and multiplication.Definition 6.2.15. Letn be an integer.

1. We define anaddition` overZ{nZ, for anya andb, we putras ` rbs : ra ` bs

Similarlyras rbs : ra bs

2. We define amultiplication overZ{nZ, for anya andb, we put

ra

s rb

s:

ra

b

sRemark 6.2.16. We cannot define a division congruence class since for somea andb, a{b is not necessary an integer.

By induction, we have:

Lemma 6.2.17. For any integersa1, ... , an anda,

1.ra1s ` ra2s ` ... ` rans ra1 ` ... ` ans;


52/119


2.ra1s ra2s ... rans ra1 ... ans;3.rask raks.

Remark 6.2.18. When we work inZ{nZ, we have to be careful before defining an op-eration. We always have to check that taking different representatives does not changethe class.

For example, if we work onZ{3Z, one cannot definerasrbs rabs. In fact, r1s r4sandr2sr1s r21s r2s andr2sr4s r16s r1s, sor2sr1s r2sr4s. So, the relationrasrbs rabs is not well defined. In particular, exponentiation of congruence classes isnot well defined.


53/119

Chapter 7

Congruence equations

7.1 Congruences and polynomials

Lemma 7.1.1. Let fpxq be a polynomial with integer coefficients, and let n 1. Ifa b modpnq, then fpaq fpbq modpnq.Proof. White fpxq c0` c1x` ...`ckxk, where each ci P Z. If a b modpnq,ai bi modpnq for any i0, so ciai c ibi for all i, and hence fpaq fpbq modpnq byadding congruences.

Example 7.1.2. Take fpxq xpx ` 1qp2x ` 1q 2x3 ` 3x2 ` xandn 6; we then used0 6 modp6q so fp0q fp6q 0 modp6q.Remark 7.1.3. If a polynomial fpxq with integer coefficients has an integer roota (thatis fpaq 0), then fpaq 0 modpnq, for all integersn1. It is sometimes successfulto use the contrapositive to prove that a polynomial has no integer root: that is if thereis an integern such that the congruence fpxq 0 modpnq has no solutionsx, then theequation fpxq 0has no integer solution. By the previous lemma, it is enough to checkthe congruence at a complete set of residue. Ifn is small, it is fast to check if for anyelementx of a complete set of residues if fpxq 0modpnq or not. If for one integern, fpxq 0mod pnq this does not mean nothing about the existence or not of a solution.We will see that there are polynomials such that fpxq 0 modpnq for EVERY integern and still there are no integers roots.

Let take a example to illustrate this remark.

Example 7.1.4. Take the polynomial fpxq x5 x2 ` x 3.Take n 2, a complete set of residue modp2q ist0, 1u. fp0q 3 0 modp2q butfp1q 2 0 modp2q. So, we CANNOT conclude about the existence or not ofintegral roots.Taken 3, a complete set of residue modp3q ist0, 1, 2u, fp0q 3 0 modp2q. So,we CANNOT conclude nothing also with3.Taken 4, a complete set of residue modp4q ist0, 1, 2, 3u,

fp0q 3 0 modp4q, fp1q 2 0 modp4q,

53


54/119

54 CHAPTER 7. CONGRUENCE EQUATIONS

fp2q 45 4 ` 2 3 1 0 modp4q, fp3q p 1q5 p1q2 1 3 2 0 modp4q.

Then, we know that fpxq has no integer roots.One question which can come in mind is : Is there polynomials f such that f

px

q is

prime for any integer x? The answer is no, apart of course the constant polynomialsfpxq p for some prime p.Theorem 7.1.5. There is no non-constant polynomial fpxq, with integer coefficients,such that fpxq is prime for all integersx.Proof. Suppose that fpxq is prime for all integers x, and it is not constant. If wechoose any integer a, then fpaq is a prime p. For each ba modppq, we have fpaq fpbq modppq, so fpbq 0modppq and hence p divides fpbq. By our hypothesis, fpbqisprime, so fpbq p. There are infinitely many integers b a mod ppq, so the polynomialgpxq fpxq p has infinitely many roots. However, this is impossible: having degreed 1, gpxq can have at most d roots, so such a polynomial fpxq cannot exist. Remark 7.1.6. A polynomial mod some n can be congruent to zero for a number ofelements greater than its degree without being the zero polynomial. Indeed if we takefpxq 2x3 ` 3x2 ` x, we can check that fp0q, fp1q, fp2q or fp3q are congruent to 0modp6q.

7.2 Linear congruences

7.2.1 Simple linear congruences

We have said that we cannot always speak about division since the quotient of twointegers is not necessary an integer. However, for some integersn,a and b fixed, a good

alternative to this problem is to find the solution of the congruence ax b modpnq.But this problem can be seen as a equivalent form of the linear diophantine equationstudied earlier. Indeed, there is an integer x such that ax b modpnq if and only ifthere is an integerx such thatax bis a multiple ofn if and only if there are integers xand ysuch that ax ` ny b(which is a linear diophantine equation. Into a congruencelanguage, the theorem about diophantine equations becomes.

Theorem 7.2.1. Ifd gcdpa, nq, then the linear congruenceax b modpnq

has a solution if and only ifd|b. Ifd does dividesb, and ifx0 is a particular solution,then the general solution is given by

x x0 `ntd

where tP Z; in particular, the solutions form exactly d congruence classes modpnq,with representatives

x x0, x0 ` nd

, x0 `2nd

,..., x0 `pd 1qn

d


55/119

7.2. LINEAR CONGRUENCES 55

Proof. The only part which is not part of the theorem about linear diophantine equa-tions is the statement about congruence classes. First remark that ifxis a solution thenany element ofrxs is also a solution since for any integer x1 such that xx1 modpnq,thenax ax1 modpnq. Now, note that

x0 `ntd x0 ` nt1

d modpnq

if and only ifn dividesnpt t1q{dthat is if and only ifd dividest t1, so the congruenceclasses of solutions modpnq are obtained by letting t range over a complete set ofresidues modpdq, such as0, 1,..., d 1. Remark 7.2.2. In order to find the particular solution after checking that such a so-lution exists, it is fast just trying with a complete set of residue. Ifn is too big, we canapply the algorithm of Chapter 1 to find this particular solution.

Corollary 7.2.3. If gcd

pa, n

q 1 then the solution x of the linear congruence ax

b modpnq form a single congruence class modpnq.Example 7.2.4. 1. Consider the congruence

10x 3 modp12qWe have thatgcdp10, 12q 2 does not divide3, so there are no solutions. (but itis expectable since10x ` 12y is even and3 is odd.)

2. Consider the congruence10x 6 modp12q

Since gcdp10, 12q 2 divides6, there are two classes of solutions. We can takex0 3 as a particular solution, so the general solution has the form

x x0 ` ntd 3 ` 12t

2 3 ` 6t,

where t P Z. These solutions form two congruence classesr3s andr9s modp12q,with representatives x0 3 and x0` d{n 9; (equivalently they form a singlecongruence classr3s modp6q.

3. Consider the congruence7x 3 modp12q

Since gcdp7, 12q 1 there is a single congruence class of solutions; this is theclassrxs r9s, since7 9 63 3 modp12q.

Lemma 7.2.5. 1. Letm dividea,b andn, and leta1 a{m,b1 b{mandn1 n{m,then

ax b modpnq if and only ifa1x b1 modpn1q2. Leta andn be coprime, letm dividea andb, leta1 a{m andb1 b{m; then

ax b modpnq if and only ifa1x b1 modpnq


56/119


Proof. 1. We have ax b modpnq if and only if axb qn for some integerq; dividing by m, we see that this is equivalent to a1xb1 qn1, that is, toa1x b1 modpn1q.

2. Ifax

b mod

pn

q, then there is an integer n such that ax

b

qn and hence

a1xb1 qn{m; in particular,m dividesqn. Nowm dividesa, which is coprime ton, so m is also coprime to n and hence m must divide q. Thus a1x b1 pq{mqnis a multiple of n, so a1x b1 modpnq. For the converse, if a1x b1 modpnqthen a1x b1 q1n for some integer q1, so multiplying through by m we haveax b mq1nand hence ax b modpnq.

Let see throughout example how we can use this lemma.

Example 7.2.6. Consider the congruence

10x 6 modp14qSincegcdp10, 14q 2divides6, so solutions do exist. Ifx0is a particular solution,then the general solution is x x0 ` p14{2qt x0 ` 7t, where tP Z these formthe congruence classesrx0s andrx0` 7s inZ{14Z. By the previous lemma 1.,dividing bygcdp10, 14q which divide10,14 and6 the previous congruence equationis equivalent to

5x 3 modp7qNow, noting that3 10 modp7q, we get

5x 10 modp7qThusx0 2 is a solution, so in the general solution has the form

x 2 ` 7tpt P Zq

1. Consider the congruence

4x 13 modp47qSincegcdp4, 47q 1divides13, the congruence has solutions. Ifx0is a particularsolution then the general solution isx x0 ` 47t where tP Z forming a singlecongruence classrx0s inZ{47Z. Noting that 4 12 48 1 modp47q, wemultiply by12 to give

48x 12 13 modp47qThat is

x 3 4 13 3 52 3 5 15 modp47qThus, we can takex0 15, so the general solution isx 15 ` 47t.


57/119


7.2.2 Simultaneous linear congruences, chinese remainder theorem

We can be lead to consider simultaneous linear congruence. To answer this problemwe have the Chinese Remainder theorem.

Theorem 7.2.7. Letn1, n2, ..., nkbe positive integers, withgcdpni, njqwheneveri j,and leta1, ..., akbe any integers. Then the solutions of the simultaneous congruencesx a1 modpn1q, x a2 modpn2q,..., x akmodpnkq

form a single congruence classrx0s modpnq, wheren n1n2...nk(andx0 a1c1d1 ` a2c2d2 ` ... ` akckdk

wherec i n{ni anddi is a solution of the congruencec ix 1modpniq. In other words,the general solution is of the formx x0 ` nt wheret P Z.Proof. Let c

in

{n

in

1...n

i1n

i`1...n

k for each i

1

,...,k. Since each of its factorsn

jpjiq is coprime to ni, so is ci. Therefore for eachi, the congruence cix1 modpniqhas a single congruence classrdis of the solution modpniq. We now claim that theinteger

x0 a1c1d1 ` a2c2d2 ` ... ` akckdksimultaneously satisfies the given congruences, that is, x0 ai modpniq for each i. Tosee this, note that each cj (other than ci) is divisible by ni, so ajcjdj 0modpniq andhence x0 aicidi modpniq; now cidi 1 modpniq, by choice ofdi, so x0 ai modpniqas required. Thus x0 is a solution of the simultaneous congruences, and it immediatelyfollows that the entire congruence classrx0sofx0 modpnq consists of solutions.To see that this class is unique, suppose thatxis any solution; thenx

ai

x0mod

pni

qfor any ni divides x x0. Since n1,..., nkare mutually coprime, then their product nalso divides x x0, sox x0 modpnq.

As a consequence, we obtain easily the interesting following corollary:

Corollary 7.2.8. Letn have prime-power factorization

n pe11...pek

k

wherep1, ...,pkare distinct primes. Then for any integersaandbwe havea b mod pnqif and only ifa b modppei

iq for eachi 1,..., k.

Remark 7.2.9. 1. This result has applications in many areas, for instance in as-tronomy. Ifkevents occur regularly with periodsn1, ...,nkand with thei-th eventhappening at times x ai, ai` ni, ai` 2ni, ... then the k events occur simul-taneously at time x where x ai modpniq for all i; the theorem shows that ifthe periodsni are mutually coprime then such a coincidence occurs with periodn.Planetary conjunctions and eclipses are obvious examples of such regular events,and predicting these may have been the original motivation for the theorem.


58/119


59/119


Clearly, x0 9 is a particular solution; since the moduli 12 and7 are coprime,with product84, the Chinese Remainder Theorem implies that the general solutionhas the form9 ` 84t.

3. Consider the linear congruence

13x 71 modp380qInstead of using the algorithm described earlier for solving a single linear congru-ence, we can use the factorization380 22 5 19, together with the corollaryof Chinese Remainder Theorem, we can replace this congruence with the threesimultaneous congruences

13x 71 modp4q, 13x 71 modp5q, 13x 71 modp19q.These immediately reduce to

x 3 modp4q, 3x 1 modp5q, 13x 14 modp19qNow these have mutually coprime moduli, so the Chinese Remainder Theoremapplies, and we can use either of our two methods to find the general solution.Using the second method, we start with a solutionx1 4 of the third congruence;adding and subtracting multiples of 19, we find that x2 42 also satisfies thesecond congruence and then adding and subtracting multiples of19 595 we

find that327 (or equivalently53) also satisfies the first congruence. Thus thegeneral solution has the formx 327 ` 380tpt P Zq.

More generally, we can see the Chinese Remainder theorem as a particular case ofthe following theorem:

Theorem 7.2.11. Letn1, ..., nkbe positive integers and leta1, ..., akbe any integers.

Then the simultaneous congruences

x a1 modpn1q,..., x akmodpnkqhave a solution x if and only if gcdpni, njq divides ai aj whenever i j. When thiscondition is satisfied, the general solution forms a single congruence class modpnq,wheren is the least common multiple ofn1, ..., nk.

The reader can refer to the proof of the book of Jones (Theorem 3.12).

Remark 7.2.12. If the moduli ni are mutually coprime then gcdpni, njq 1 for alli j, so the condition gcdpni, njq|pai ajq is always satisfied; moreover, the least com-mon multiplen ofn1,..., nkis then their productn1, ..., nk, so we obtain the ChineseRemainder theorem.

Example 7.2.13. Consider the congruences

x 11 modp36q, x 7 modp40q, x 32 modp75qHere,n1 36, n2 40 andn3 75, so we have

n12gcdp36, 40q 4, n13gcdp36, 75q 3 andn23gcdp40, 75q 5


60/119


Since

a1 a2 11 7 4, a1 a3 11 32 21 anda2 a3 7 32 25the conditionsni j|pai ajq are all satisfied, so there are solutions forming a single con-gruence class modpnq wherenlcmp36, 40, 75q 1800. To find the general solution,the idea is to factorize eachni, and replace the first congruence with

x 11 modp22q andx 11 modp32qthe second with

x 7 modp23q andx 7 modp5qand the third with

x 32 modp3q andx 32 modp52qThis gives us a set of six congruences, in which the moduli are powers of the primes

p 2, 3 and 5. From these, we select one congruence involving the highest power ofeach prime: forp 2 we must choosex 7 modp2

3

q (which impliesx 11modp22

q),for p 3, we must choosex 11 modp32q (which implies x 32 modp3qq, and forp 5 we must choose x 32 modp52q (which implies x 7 modp5qq. These threecongruences, which can be simplified to

x 7 modp8q, x 2 modp9q, x 7 modp25q,have mutually comprise moduli, then we find using a method as before sugared by theproof of the Chinese Remainder Theorem, that the general solution isx 407mod p1800q.

It is sometimes possible to solve simultaneous congruences by the Chinese RemainderTheorem, even when the congruences are not all linear.

Example 7.2.14. Consider the simultaneous congruences

x2 1 modp3q and x 2 modp4qNoticing thatx2 1 modp3q is equivalent to x1 modp3q orx2 modp3q, so thepair of congruences are equivalent to

x 1 modp3q and x 2 modp4qor

x 2 modp3q and x 2 modp4qThen we solve both cases thanks to Chinese Remainder Theorem. We find that the first

case has general solutionx 2 modp12q while the second pair has general solutionx 2 modp12q, so the general solution for the initial simultaneous congruence isx 2 modp12q.Theorem 7.2.15. Letnn1...nkwhere the integersni are mutually coprime, and letfpxq be a polynomial with integer coefficients. Suppose that for each i 1,..., k thereare Ni congruence classes xP Z{niZ such that fpxq 0 modpniq. Then there areN N1...Nkclassesx P Z{nZ such that fpxq 0 modpnq.


61/119


Proof. Since the modulini are mutually coprime, we have fpxq 0mod pnq if and onlyif fpxq 0mod pniq for alli. Thus each class of solutionx P Z{nZ of fpxq 0mod pnqdetermines a class of solutions x xi P Z{niZ of fpxiq 0 modpniq for each i.Conversely, if for each i we have a class of solutions xiP Z{niZ of fpxiq 0 modpniq,then by the Chinese Remainder Theorem there is a unique class xP Z{nZ satisfyingx xi modpniq for all i, and this class satisfies fpxq 0 modpnq. Thus there is aone-to-one correspondence between classes x P Z{nZ satisfying fpxq 0modpnq, andk-tuples of classes xiP Z{niZ satisfying fpxiq 0 modpniq f

Documents

Np notes Complete