LECTURE 3: CONGRUENCES. 1. Basic properties of congruences We begin by introducing some definitions and elementary properties.

Similar documents
Applications of Fermat s Little Theorem and Congruences

LECTURE 7: POLYNOMIAL CONGRUENCES TO PRIME POWER MODULI

Wilson s Theorem and Fermat s Theorem

SOLUTIONS TO PROBLEM SET 5. Section 9.1

Math 127: Equivalence Relations

Number Theory. Konkreetne Matemaatika

MAT Modular arithmetic and number theory. Modular arithmetic

To be able to determine the quadratic character of an arbitrary number mod p (p an odd prime), we. The first (and most delicate) case concerns 2

SOLUTIONS FOR PROBLEM SET 4

1.6 Congruence Modulo m

The congruence relation has many similarities to equality. The following theorem says that congruence, like equality, is an equivalence relation.

An interesting class of problems of a computational nature ask for the standard residue of a power of a number, e.g.,

Collection of rules, techniques and theorems for solving polynomial congruences 11 April 2012 at 22:02

6. Find an inverse of a modulo m for each of these pairs of relatively prime integers using the method

University of British Columbia. Math 312, Midterm, 6th of June 2017

Solutions for the Practice Questions

Carmen s Core Concepts (Math 135)

Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.

Solutions to Problem Set 6 - Fall 2008 Due Tuesday, Oct. 21 at 1:00

NUMBER THEORY AMIN WITNO

Math 412: Number Theory Lecture 6: congruence system and

Practice Midterm 2 Solutions

Sheet 1: Introduction to prime numbers.

Introduction. and Z r1 Z rn. This lecture aims to provide techniques. CRT during the decription process in RSA is explained.

ON THE EQUATION a x x (mod b) Jam Germain

Fermat s little theorem. RSA.

Modular Arithmetic. Kieran Cooney - February 18, 2016

Primitive Roots. Chapter Orders and Primitive Roots

An elementary study of Goldbach Conjecture

Goldbach Conjecture (7 th june 1742)

Exam 1 7 = = 49 2 ( ) = = 7 ( ) =

Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014

b) Find all positive integers smaller than 200 which leave remainder 1, 3, 4 upon division by 3, 5, 7 respectively.

Introduction to Modular Arithmetic

Modular arithmetic Math 2320

p 1 MAX(a,b) + MIN(a,b) = a+b n m means that m is a an integer multiple of n. Greatest Common Divisor: We say that n divides m.

L29&30 - RSA Cryptography

CMPSCI 250: Introduction to Computation. Lecture #14: The Chinese Remainder Theorem David Mix Barrington 4 October 2013

Number Theory/Cryptography (part 1 of CSC 282)

Algorithmic Number Theory and Cryptography (CS 303)

Congruence. Solving linear congruences. A linear congruence is an expression in the form. ax b (modm)

MATH 324 Elementary Number Theory Solutions to Practice Problems for Final Examination Monday August 8, 2005

Number Theory - Divisibility Number Theory - Congruences. Number Theory. June 23, Number Theory

Mathematics Explorers Club Fall 2012 Number Theory and Cryptography

CHAPTER 2. Modular Arithmetic

Distribution of Primes

Math 319 Problem Set #7 Solution 18 April 2002

Quadratic Residues. Legendre symbols provide a computational tool for determining whether a quadratic congruence has a solution. = a (p 1)/2 (mod p).

Solutions to Exam 1. Problem 1. a) State Fermat s Little Theorem and Euler s Theorem. b) Let m, n be relatively prime positive integers.

Math 255 Spring 2017 Solving x 2 a (mod n)

THE NUMBER OF PERMUTATIONS WHICH FORM ARITHMETIC PROGRESSIONS MODULO m

Assignment 2. Due: Monday Oct. 15, :59pm

and problem sheet 7

ON MODULI FOR WHICH THE FIBONACCI SEQUENCE CONTAINS A COMPLETE SYSTEM OF RESIDUES S. A. BURR Belt Telephone Laboratories, Inc., Whippany, New Jersey

Discrete Math Class 4 ( )

Public Key Encryption

1111: Linear Algebra I

The Chinese Remainder Theorem

Modular Arithmetic. claserken. July 2016

SYMMETRIES OF FIBONACCI POINTS, MOD m

CMPSCI 250: Introduction to Computation. Lecture #14: The Chinese Remainder Theorem David Mix Barrington 24 February 2012

Two congruences involving 4-cores

The Chinese Remainder Theorem

Permutation Groups. Every permutation can be written as a product of disjoint cycles. This factorization is unique up to the order of the factors.

The Chinese Remainder Theorem

Discrete Square Root. Çetin Kaya Koç Winter / 11

EE 418 Network Security and Cryptography Lecture #3

Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.

Math 3560 HW Set 6. Kara. October 17, 2013

Linear Congruences. The solutions to a linear congruence ax b (mod m) are all integers x that satisfy the congruence.

Solutions for the 2nd Practice Midterm

Algorithmic Number Theory and Cryptography (CS 303)

Cryptography Math 1580 Silverman First Hour Exam Mon Oct 2, 2017

arxiv: v3 [math.co] 4 Dec 2018 MICHAEL CORY

12. Let Rm = {0,1,2,..., m 1} be a complete residue system modulo ra. Let a be an integer. When is a Rm = {0,1 a, 2 a,...

6.2 Modular Arithmetic

#A3 INTEGERS 17 (2017) A NEW CONSTRAINT ON PERFECT CUBOIDS. Thomas A. Plick

ALGEBRA: Chapter I: QUESTION BANK

Foundations of Cryptography

Solutions for the Practice Final

Permutation Tableaux and the Dashed Permutation Pattern 32 1

UNIVERSITY OF MANITOBA DATE: December 7, FINAL EXAMINATION TITLE PAGE TIME: 3 hours EXAMINER: M. Davidson

CMath 55 PROFESSOR KENNETH A. RIBET. Final Examination May 11, :30AM 2:30PM, 100 Lewis Hall

Zhanjiang , People s Republic of China

Constructions of Coverings of the Integers: Exploring an Erdős Problem

The Sign of a Permutation Matt Baker

MATH 433 Applied Algebra Lecture 12: Sign of a permutation (continued). Abstract groups.

Congruence properties of the binary partition function

MA/CSSE 473 Day 9. The algorithm (modified) N 1

LUCAS-SIERPIŃSKI AND LUCAS-RIESEL NUMBERS

Chapter 4 Cyclotomic Cosets, the Mattson Solomon Polynomial, Idempotents and Cyclic Codes

Data security (Cryptography) exercise book

Degree project NUMBER OF PERIODIC POINTS OF CONGRUENTIAL MONOMIAL DYNAMICAL SYSTEMS

NON-OVERLAPPING PERMUTATION PATTERNS. To Doron Zeilberger, for his Sixtieth Birthday

132-avoiding Two-stack Sortable Permutations, Fibonacci Numbers, and Pell Numbers

MA 524 Midterm Solutions October 16, 2018

Implementation / Programming: Random Number Generation

Is 1 a Square Modulo p? Is 2?

Numbers (8A) Young Won Lim 5/24/17

Numbers (8A) Young Won Lim 6/21/17

Transcription:

LECTURE 3: CONGRUENCES 1. Basic properties of congruences We begin by introducing some definitions and elementary properties. Definition 1.1. Suppose that a, b Z and m N. We say that a is congruent to b modulo m, and write a b (mod m), when m (a b). We say that a is not congruent to b modulo m, and write a b (mod m), when m (a b). Theorem 1.2. Let a, b, c, d be integers. Then (i) a b (mod m) b a (mod m) a b 0 (mod m); (ii) a b (mod m) and b c (mod m) a c (mod m); (iii) a b (mod m) and c d (mod m) a + c b + d (mod m) and ac bd (mod m); (iv) If a b (mod m) and d m with d > 0, then a b (mod d); (v) If a b (mod m) and c > 0, then ac bc (mod mc). Proof. Verification of these properties is straightforward. For instance, we prove (iii). Suppose that a b (mod m) and c d (mod m). Then a b = um and c d = vm for some integers u and v. Hence, (a + c) (b + d) = (u + v)m, so that a + c b + d (mod m). Also, ac bd = (b + um)(d + vm) bd = (ud + bv + uvm)m which implies that ac bd (mod m). Corollary 1.3. When p(t) is a polynomial with integral coefficients, it follows that whenever a b (mod m), then p(a) p(b) (mod m). Proof. Use induction to establish that whenever a b (mod m), then a n b n (mod m) for each n N. The above corollary also extends to polynomials in several variables. In particular, we see that if the polynomial equation p(x 1,... x n ) = 0 has an integral solution, then the congruence p(x 1,... x n ) 0 (mod m) is also solvable for all m N. This provides a useful test for solvability of equations in integers. The next theorem indicates how factors may be cancelled through congruences. Theorem 1.4. Let a, x, y Z and m N. Then (i) ax ay (mod m) x y (mod m/(a, m)). In particular, if ax ay (mod m) and (a, m) = 1, then x y (mod m); (ii) x y (mod m i ) (1 i r) x y (mod [m 1,..., m r ]). 1

2 LECTURE 3 Proof. Observe first that when (a, m) = 1, then m a(x y) m (x y). Then the conclusion of whenever (a, m) = 1. When (a, m) > 1, on the other hand, one does at least have (a/(a, m), m/(a, m)) = 1, so that m a(x y) m (a, m) a (x y) m (a, m) (a, m) (x y). This establishes the conclusion of part (i) of the theorem. We now consider part (ii) of the theorem. Observe first that whenever m i (x y) for (1 i r), then [m 1,..., m r ] (x y). On the other hand, if [m 1,..., m r ] (x y), then m i (x y) for (1 i r). The conclusion of part (ii) is now immediate. We investigate existence of multiplicative inverse modulo m. Theorem 1.5. Suppose that (a, m) = 1. Then there exists an integer x with the property that ax 1 (mod m). If x 1 and x 2 are any two such integers, then x 1 x 2 (mod m). Conversely, if (a, m) > 1, then there is no integer x with ax 1 (mod m). Proof. Suppose that (a, m) = 1. Then by the Euclidean Algorithm, there exist integers x and y such that ax + my = 1, whence ax 1 (mod m). Meanwhile, if ax 1 1 ax 2 (mod m), then a(x 1 x 2 ) 0 (mod m). But (a, m) = 1, and thus x 1 x 2 0 (mod m). We have therefore established both existence and uniqueness of the multiplicative inverse for residues a with (a, m) = 1. If (a, m) > 1, then (ax, m) > 1 for every integer x. But if one were to have ax 1 (mod m), then (ax, m) = (1, m) = 1, which yields a contradiction. This establishes the last part of the theorem. Now we examine the set of equivalence classes with respect to congruence modulo m. Definition 1.6. (i) If x y (mod m), then y is called a residue of x modulo m; (ii) We say that {x 1,..., x m } is a complete residue system modulo m if for each y Z, there exists a unique x i with y x i (mod m); (iii) The set of integers x with x a (mod m) is called the residue class, or congruence class, of a modulo m. We also wish to consider residue classes containing integers coprime to the modulus, and this prompts the following observation. Theorem 1.7. Whenever b c (mod m), one has (b, m) = (c, m). Proof. If b c (mod m), then m (b c), whence there exists an integer x with b = c + mx. But then (b, m) = (c + mx, m) = (c, m), as desired. Definition 1.8. A reduced residue system modulo m is a set of integers r 1,..., r l satisfying (a) (r i, m) = 1 for 1 i l, (b) r i r j (mod m) for i j,

LECTURE 3 3 (c) whenever (x, m) = 1, then x r i (mod m) for some i with 1 i l. Theorem 1.9. The number of elements in a reduced residue system is equal to the number of integers n satisfying 1 n < m and (n, m) = 1. Proof. We observe that every integer x can be written as x = qm + r with 0 r < m. Moreover, (x, m) = (r, m). Hence, we see that {n N : 1 n < m, (n, m) = 1} is a reduced residue system modulo m. Let r 1,..., r l and s 1,..., s k be reduced residue systems modulo m. Then for every i = 1,..., l, we have r i s σ(i) (mod m) with some σ(i) = 1,..., k. Similarly, for every j = 1,..., k, we have s j r θ(j) (mod m) with some θ(j) = 1,..., l. We deduce that r i r θ(σ(i)) (mod m) and s j r σ(θ(j)) (mod m). It follows from the properties of the reduced residue systems, that θ(σ(i)) = i and σ(θ(j)) = j. Hence, the maps σ and θ define a bijection between r 1,..., r l and s 1,..., s k. In particular, reduced residue systems have the same sizes. The number of elements in a reduced residue system modulo m is denoted by (Euler s totient, or Euler s φ-function). 2. Euler and Fermat theorems Theorem 2.1 (Euler, 1760). If (a, m) = 1 then a 1 (mod m). In the proof we use the following lemma Lemma 2.2. Suppose that (a, m) = 1. Then whenever {r 1,..., r l } is a reduced residue system modulo m, the set {ar 1,..., ar l } is also a reduced residue system modulo m. Proof. Since (a, m) = 1, it follows that whenever (r i, m) = 1 one has (ar i, m) = 1. If ar i ar j (mod m), then it follows from Theorem 1.4(i) that r i r j (mod m). Hence we deduce that ar i ar j (mod m) for i j. It remains to verify property (c). Take x with (x, m) = 1. By Theorem 1.5, there exists an integer a such that aa 1 (mod m). Since {r 1,..., r l } is a reduced residue system modulo m, a x r i (mod m) for some i. Then ar i (aa )x x (mod m). This shows that {ar 1,..., ar l } is a reduced residue system modulo m. Proof of Theorem 2.1. Let {r 1, r 2,..., r } be any reduced residue system modulo m, and suppose that (a, m) = 1. By Lemma 2.2, the system {ar 1,..., ar } is also a reduced residue system modulo m. Then there is a permutation σ of {1, 2,..., } with the property that r i ar σ(i) (mod m) for 1 i. Consequently, one has i=1 r i (ar σ(i) ) = (ar j ) = a i=1 j=1 j=1 r j (mod m).

4 LECTURE 3 But (r 1 r, m) = 1, and thus a 1 (mod m). Corollary 2.3 (Fermat s Little Theorem, 1640). Let p be a prime number, and suppose that (a, p) = 1. Then one has Moreover, for all integers a one has a p 1 1 (mod p). a p a (mod p). Proof. Note that the set {1, 2,..., p 1} is a reduced residue system modulo p. Thus φ(p) = p 1, and the first part of the theorem follows from Theorem 2.1. When (a, p) = 1, the second part of the theorem is immediate from the first part. Meanwhile, if (a, p) > 1, one has p a, so that a p 0 a (mod p). This completes the proof of the theorem. Fermat s Little Theorem, and Euler s Theorem, ensure that the computation of powers is very efficient modulo p (or modulo m). Example 2.4. Compute 5 2016 (mod 41). Observe first that φ(41) = 40, and so it follows from Fermat s Little Theorem that 5 40 1 (mod 41), and hence 5 2016 = 5 40 50+16 = (5 40 ) 50 5 16 5 16 (mod 41). Note next that powers which are themselves powers of 2 are easy to compute by repeated squaring (the divide and conquer algorithm). Thus one finds that Thus 5 2016 37 (mod 41). 5 2 = 25 16 (mod 41), 5 4 = (5 2 ) 2 ( 16) 2 = 256 10 (mod 41), 5 8 = (5 4 ) 2 (10) 2 = 100 18 (mod 41), 5 16 = (5 8 ) 2 (18) 2 = 324 37 (mod 41). Theorem 2.5 (Wilson s Theorem; Waring, Lagrange, 1771). For each prime number p, one has (p 1)! 1 (mod p). Proof. The proof for p = 2 and 3 is immediate, so suppose henceforth that p is a prime number with p 5. Observe that when 1 a p 1, one has (a, p) = 1, so there exists an integer a unique modulo p with aa 1 (mod p). Moreover, there is no loss in supposing that a satisfies 1 a p 1, and then a is a uniquely defined integer. We may now pair off the integers a with 1 a p 1 with their counterparts a with 1 a p 1, so that aa 1 (mod p) for each pair. Note that a a so long as a 2 1 (mod p). But a 2 1 (mod p) if and only if (a 1)(a + 1) 0 (mod p), and the latter is possible only when a ±1 (mod p). Thus we find that p 2 a=2 a = a (aa) 1 (mod p),

whence LECTURE 3 5 p 1 a (p 1) 1 (mod p). a=1 The proof of Wilson s Theorem motivates a proof of a criterion for the solubility of the congruence x 2 1 (mod p). Theorem 2.6. When p = 2, or when p is a prime number with p 1 (mod 4), the congruence x 2 1 (mod p) is soluble. When p 3 (mod 4), the latter congruence is not soluble. Proof. When p = 2, x = 1 provides a solution. Assume next that p 1 (mod 4), and write r = (p 1)/2, x = r!. Then since r is even, one has x 2 = r! ( 1) r r! = (1 2 r)(( 1) ( 2) ( r)) (1 2 r)((p 1) (p 2) (p r)) = (p 1)! 1 (mod p). Thus, when p 1 (mod 4), the congruence x 2 1 (mod p) is indeed soluble. Suppose then that p 3 (mod 4). If it were possible that an integer x exists with x 2 1 (mod p), then one finds that (x 2 ) (p 1)/2 ( 1) (p 1)/2 1 (mod p), yet by Fermat s Little Theorem, one has (x 2 ) (p 1)/2 = x p 1 1 (mod p) whenever (x, p) = 1. We therefore arrive at a contradiction, and this completes the proof of the theorem.

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback