2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

Transcription

1 2 Arithmetic This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}. (See [Houston, Chapters 27 & 28]) 2.1 Greatest common divisors Definition If a, b are integers, we say that b divides a if there is an integer r such that a = br. We also say that b is a divisor of a, or that b is a factor of a, or that a is divisible by b. To write b divides a, we often use the shorthand notation If b does not divide a, then we write b - a. Example For example: Similarly, 6 72 and 1 19 but b a. 2 12, since 12 = 2 6. Example Note that 3 9 and 3 15, and that also 3 24 = Indeed, 9=3 3, 15 = 3 5 and so 24 = = =3 (3 + 5) = 3 8, so This is true in general: if d a and d b then d (a + b) (see Exercise Sheet 1). Remarks (i) If d a and d b then, for any integers m, n we have d (ma+nb) (see Exercise Sheet 1). This is a crucial property which we will use repeatedly: we might express it by saying that if d divides a and b then it divides every combination of a and b. (Caution! The symbol is not a division operation, do NOT write 2 12 = 6.) (ii) The divisors of a and a are the same. (iii) Using the definition, say what are the divisors of 0 and which numbers are divisible by 0. (iv) Let d and a be integers with d, a 0. If d a then d apple a. (Answer: 0 a, a =0; b 0 for all b 2 Z.) Proposition 2.20 (The division algorithm). Let n > 0 be an integer and let m be a natural number. Then there exist integers q, r such that n = qm + r and 0 6 r < m. Note q is for quotient and r is for remainder: when we divide n by m we get q, with remainder r. Proof. We regard m as being fixed and let P (n) be the statement: P (n) : there exist integers q, r such that n = qm + r and 0 6 r < m. We proceed by induction on n, starting from n =0. 11

2 Base Step P (0) says there are integers q, r such that n = qm+r and 0 6 r<m; the integers q =0 and r =0certainly satisfy this so P (0) is true. Inductive Step that We split into two cases: Suppose k > 0 is an integer for which P (k) is true so there are integers q, r such k = qm + r and 0 6 r < m. 1. If r<m 1 then k +1 = qm +(r + 1) and 0 <r+1<m; putting q 0 = q and r 0 = r +1, we have k +1 = q 0 m + r 0 and 0 6 r 0 <m and P (k + 1) is true. 2. If r = m 1 then k +1 = qm +(m 1) + 1 = (q + 1)m; putting q 0 = q +1and r 0 =0, we have k +1 = q 0 m + r 0 and 0 6 r 0 <m and P (k + 1) is true. In either case P (k + 1) is true so we have completed the inductive step. Hence, by induction, P (n) is true for all integers n > 0. Exercise Use Proposition 2.20 to show that its conclusion is also true for n any integer (positive or negative). Can you also adjust the statement to make it true for any non-zero integer m? Definition Let a, b be integers and let c be a natural number. We say that c is a greatest common divisor (or gcd) of a and b if: (i) c divides both a and b; and (ii) whenever d is an integer which divides both a and b, then d divides c. The integers a, b are called coprime if their greatest common divisor is 1. You may have seen the greatest common divisor called the highest common factor (or hcf) in the past. For example, we can compute the gcd of 12 and 40 as follows: The positive divisors of 12 are 1, 2, 3, 4, 6, 12. The positive divisors of 40 are 1, 2, 4, 5, 8, 10, 20, 40. The common divisors of 12 and 40 are therefore 1, 2, 4 (these are the numbers which satisfy (i)), all of which divide 4 (so 4 satisfies (ii) also). Hence 4 is a gcd of 12 and 40. Remarks (i) Suppose c 1 and c 2 are both greatest common divisors of a, b that is, they both satisfy the two conditions of Definition Then c 1 = c 2. [Exercise: write down a proof!] This means that there is at most one greatest common divisor so we can talk about the gcd, rather than just a gcd. However, it is not obvious that there is a greatest common divisor at all. (ii) The method we used above to find gcd(12, 40) = 4 is fine for small numbers but extremely impractical for large numbers (factorizing large numbers is notoriously difficult). We need a different method. 12

3 Note. If a, b 2 N and b a then gcd(b, a) =b. If b - a then we use the following: Theorem 2.24 (The Euclidean Algorithm). Let a>bbe natural numbers. We use the division algorithm (Proposition 2.20) to find integers r 0,r 1,...r s and q 1,...,q s with the following properties: (i) r 0 = a and r 1 = b; (ii) r 0 = r 1 q 1 + r 2 and 0 < r 2 < r 1 ; r 1 = r 2 q 2 + r 3 and 0 < r 3 < r 2 ;. r s 2 = r s 1 q s 1 + r s and 0 < r s < r s 1 ; r s 1 = r s q s +0. Then r s is the gcd of a and b. Note that r 1 >r 2 >r 3 > and all of these integers are strictly positive, so the above process must terminate after a finite numbers of steps (i.e. we must reach the remainder r s after a finite number of steps). The point is that we perform the division algorithm (Proposition 2.20) with a and b, then with b and the remainder, and so on, until we get a remainder of 0. Then the last non-zero remainder is the gcd. Notice that this Theorem not only proves that the gcd does exist, it also gives us a method to find it. Examples (i) The gcd of 20 and 12 is 4. To show this we use the Euclidean algorithm, starting with r 0 = 20 and r 1 = 12: 20 = so r 2 = 8; 12 = so r 3 = 4; 8 = so r 4 =0. The last non-zero remainder was 4 so, by Theorem 2.24, gcd(20, 12) = 4. (ii) Find the gcd of and Again, we apply the Euclidean algorithm: So gcd(22471, 3266) = = = = = = = Note that we can make a check here to make sure we have not made any numerical errors: 23 should divide both numbers, and indeed it does: = and 3266 = Before saying why Theorem 2.24 is true, we note that it has the following important consequence, which is a corollary of the Euclidean Algorithm: 13

4 Corollary Let a, b be natural numbers and let c = gcd(a, b). Then there exist integers m, n such that c = am + bn. The calculations done in the Euclidean Algorithm can be use to find such numbers m, n here: Example (i) Let a = 20 and b = 12. We saw in Example 2.25(i) that with these values of a and b we have gcd(a, b) =4. We can write out this calculation in a slightly different way that at the same time records an expression for each of the terms that appears as a linear combination of the numbers a and b. Carrying out the Euclidean algorithm we obtain: a = 20 b = = b a b = 8 8 = a b 8 4 = 2b a 0 We conclude that gcd(a, b) = gcd(20, 12) = 4 and that where m = 1 and n =2. 4=2b a = = 20m + 12n, (ii) Let a = and b = We saw in Example 2.25(ii) that with these values of a and b we have gcd(a, b) = 23. We can write out this calculation in a slightly different way that at the same time records an expression for each of the terms that appears as a linear combination of the numbers a and b. Carrying out the Euclidean algorithm we obtain: a = b = = b a 6b = = a 6b 7 (7b a) = 49b 7a = = 7b a 8a 55b = = 16a 110b =2 (8a 55b) 117b 17a = = 117b 17a 25a 172b = We conclude that gcd(22471, 3266) = 23 and that where m = 25 and n = = 25a 172b = = 22471m n, Now we explain why the Euclidean Algorithm works. Proof of Theorem The method or proof we will use is known as direct proof : the idea is that we just start with what we know (the hypotheses of the Theorem) and aim for what we want to know (the conclusion of the Theorem). For this, we must be sure to know exactly what it is that the Theorem is asking use to prove, which will mean looking back at Definitions. To know that r s is the gcd of a and b, we need to check that it satisfies the two properties of the definition of the gcd (Definition 2.22): 14

5 (i) We need to show that r s divides both a and b. By the final equation of Theorem 2.24(ii), we have r s 1 = r s q s, so r s divides r s 1. In the penultimate equation, r s 2 = r s 1 q s 1 + r s, we have r s r s 1 and r s r s and q s 2 Z so, by Remarks 2.19(i) (see question 5(ii) on Exercice Sheet 1), we also have r s r s 2. Then, in the equation before this, r s 3 = r s 2 q s 2 + r s 1, we have r s r s 2 and r s r s 1 and q s 1 2 Z so r s r s 3. Working back through the equations, we get r s r i for all 0 6 i 6 s. In particular, r s divides r 0 = a and r 1 = b. (ii) Suppose d a and d b; then we need to show that d r s. Rearranging the first equation, we have r 2 = r 0 r 1 q 1. Since r 0 = a and r 1 = b, we have d r 0 and d r 1 so the equation shows d r 2 also (as above). Similarly, r 3 = r 1 r 2 q 2 so d r 3. Continuing, we get In particular, d r s. d r i for all 0 6 i 6 s. Since r s satisfies both properties, it is indeed the gcd of a and b. Proof of Corollary Define the set S by S = {ax + by : x, y 2 Z}; so S is the set of all integers which can be written in the form ax + by, for some x, y 2 Z. In order to prove Corollary 2.26, we need only check that gcd(a, b) is an element of S. In fact, we will prove more: that gcd(a, b) is the smallest natural number in S. So let s 2 S be the smallest natural number in S we need to prove that s = gcd(a, b) so we need to check that s satisfies the two conditions of Definition 2.22: (i) We need to show that s divides both a and b; in fact, because we have a symmetry between a and b, we need only check that s a. For contradiction, suppose that s - a. By the division algorithm (Proposition 2.20), we can write (The proof of this Corollary was omitted from the course.) a = qs + r, with 0 <r<s. 15

6 [Note that r 6= 0here as s - a.] Now, since s 2 S, there are x 1,y 1 2 Z with s = ax 1 + by 1. Rearranging for r and substituting for s, we get r = a qs = a q(ax 1 + by 1 ) = a(1 qx 1 )+( qy 1 )b. But then, putting x 2 =1 qx 1 and y 2 = qy 1, we have written r = ax 2 + by 2, with x 2,y 2 2 Z. Hence r 2 S. But we have 0 <r<s, which contradicts s being the smallest element of S. We have our contradiction, so we can conclude that s a, as required. (ii) Suppose d a and d b; then we need to show that d s. But we have s = ax 1 + by 1, for some x 1,y 1 2 Z, so it is clear that d s from Remarks 2.19(i) (see also q.5(ii) on the first Exercise Sheet). We have checked both properties of Definition 2.22 so indeed s = gcd(a, b). 2.2 Prime numbers Definition (i) An integer p 6= 0, ±1 is a prime if its only divisors are ±1 and ±p; otherwise p is composite. Some authors say prime number to mean a positive prime. (ii) Two integers a, b are coprime (or relatively prime) if their greatest common divisor is 1. Remarks (i) The first few positive primes are 2, 3, 5, 7, 11, 13, 17, 19, 23,... (ii) If p 6= 0and p = ab, for some integers a, b 6= ±1, then p is composite. (iii) If p is a prime and b is any integer then the only possibilities for gcd(p, b) are 1 and p (since these are the only positive divisors of p). So: either p, b are coprime, or p b. Theorem 2.30 (Euclid s Lemma). Suppose a, b, c are non-zero integers. (i) If a is coprime to b and a bc, then a c. (ii) If p is prime and p bc then p b or p c. Proof. (i) Since gcd(a, b) =1, by Corollary 2.26 there are integers m, n such that am + bn =1. Multiplying by c, we get c = amc + bnc. Now a amc and a (bc)n (since a bc). Hence a c (using Remarks 2.19(i) again). (ii) Suppose that p is prime and p bc. By Remark 2.29(iii) either p b, or gcd(p, b) =1in which case p c by part (i). Corollary Let p be a prime and let a 1,...,a n be integers. a 1 a 2 a n. Then p divides a i, for some i. Suppose p divides the product 16

7 Proof. Exercise: Prove this result by induction on n, making use of Theorem 2.30(ii). We proceed by induction on n, starting with n =1. Base step If p a 1 then clearly p a 1. Inductive step Suppose k is a natural number and then statement is true for n = k. Now suppose p a 1 a 2 a k a k+1. Put b = a 1 a 2 a k and c = a k+1 and apply Euclid s Lemma (Theorem 2.30) with a = p: either gcd(p, b) =1, in which case Euclid s Lemma says that p c, that is p a k+1 ; or gcd(p, b) 6= 1, in which case p b (as in Remarks 2.29(iii)). But then p a 1 a 2 a k so, by the inductive hypothesis, p a i, for some i. (Note: Proof omitted from lectures.) In either case, we have shown that p a i, for some i apple k +1, so the inductive step is complete. Note that this relies crucially on p being prime it is not true when p is composite. (Find a counterexample!) The main use of this Corollary is in the proof of the following Theorem: Remark: We Theorem 2.32 (Fundamental Theorem of Arithmetic). Every integer n>1can be written as a product of positive prime numbers. Moreover, this representation of n is unique up to the order of the of one number allow a product multiplication. here e.g. 7=7. The following example illustrates what is meant by the words up to the order of multiplication : 60 = = The number 60 can be factorized into prime numbers but, of course, we can write these prime numbers in different orders. Proof. The proof is by induction on n, starting with n =2. The statement P (n) for use in the induction is P (n): every natural number m, with 1 <m6 n, can be written as a product of positive prime numbers, and this representation is unique up to the order of the multiplication. Base step When n =2, we see that 2=2is already a product of primes, and this is clearly unique. Inductive step We suppose k 2 is a natural number for which P (k) is true. To show P (k + 1) is true we have to look at factoring k +1. We split into two cases: If (k + 1) is prime, then (as in the base step), it is already a product of primes, and this is clearly unique. If (k + 1) is composite, then we can write k +1 = m 1 m 2, with m 1,m 2 > 1. But then m 1,m 2 < k +1so, in particular, m 1,m 2 6 k. Then, by the inductive hypothesis, each of m 1 and m 2 can be written as a product of prime numbers. Multiplying these together, we see that (k + 1) can be written as a product of prime numbers also. 17

8 It remains to prove that this representation as a product of primes is unique. So suppose we have two factorizations into prime: p 1 p 2 p r = (k + 1) = q 1 q 2 q s where the p i and q j are primes. We need to show that r = s and that each p i is some q j. Now p 1 divides (k + 1) so, by Corollary 2.31, p 1 divides some q j. As q j is prime, we must therefore have p 1 = q j. Moreover, since we are allowed to reorder the prime factors, we may assume that j =1so that p 1 p 2 p r = p 1 q 2 q s. Dividing both sides by p 1 and putting m =(k + 1)/p 1, we have p 2 p r = m = q 2 q s. Now m 6 k so, by the inductive hypothesis, these expressions for m as a product of primes are the same: so r = s and, for 2 6 i 6 r, each p i is some q j. This was also true for p 1, so we have completed the inductive step. In either case, the inductive step is complete. Hence P (n) is true for all natural numbers n, by induction. Corollary 2.33 (Euclid). There are infinitely many prime numbers. Proof. For contradiction, suppose there are only finitely many primes: we call them p 1 =2,p 2,...,p r. Let n = p 1 p 2 p r so certainly n>1. Then p i cannot divide n +1, or else p i would also divide (n + 1) n =1, which is absurd. This is true for each i, so n +1has no prime divisors. But this contradicts the Fundamental Theorem of Arithmetic 2.32, which says that n +1can be factorized into prime numbers so certainly has a prime divisor. There are many proofs of the above result; the one we give above is roughly Euclid s, which introduces a new method of proof called proof by contradiction (reductio ad absurdam). In this type of proof, (Proof by contradiction; we assume that the hypothesis H is true but the conclusion C is false. Then we use logical reasoning to see [Houston, end up with something which is either obviously false or else which contradicts one of the hypotheses. Chapter 23].) This shows that If H is true then C cannot be false. In other words: if H is true then C is true. We have actually seen something like this in the discussion on the justification of proof by induction. We are now in a position to prove the following result about rational numbers: Recall that any rational number can be written in the form a/b where a, b 2 Z, b 6= 0, and where a and b have no common divisors (i.e. gcd(a, b) =1). Theorem There is no rational number q 2 Q such that q 2 =2. Proof. We assume (for contradiction) that there is a rational number q with q 2 =2. We can write q = a b, 18

9 where a, b are integers with no common divisors (except ±1) and b 6= 0. Since q 2 =2, we have a 2 = 2(b 2 ). In particular, 2 a 2 so, since 2 is prime, Corollary 2.31 implies that 2 a and we can write a =2c, for some c 2 Z. Substituting this in, we get which simplifies to (2c) 2 = 2b 2, 2(c 2 ) = b 2. Now we see that 2 b 2 so again since 2 is prime, by Corollary 2.31, we get 2 b. But then 2 a and 2 b, and so 2 is a common divisor of a and b. This contradicts our assumption that a, b had no common divisors. Hence there is no rational number q 2 Q such that q 2 =2. One can easily generalize Theorem 2.34 to prove that, for any prime number p, there is no rational number which squares to give p the same proof by contradiction works. 2.3 Modular Arithmetic (See [Houston, Chapter 29]) If n is a natural number, then arithmetic modulo n is essentially just ordinary arithmetic, but only working with remainders after dividing by n. It s a simple but surprisingly useful idea which has lots of applications in number theory, cryptography and error correcting codes. It s an idea which will be generalised a lot in the second year algebra module. We start by being a bit more precise about remainders. Suppose a, n are natural numbers. Recall that, from the division algorithm (Proposition 2.20), there are q, r 2 Z with a = qn + r and 0 apple r<n. The same is true for a: a =( q)n r =( q 1)n +(n r) and 0 <n r apple n. In the case where n = r we can of course rewrite this as a =( q 1)n +0. Example. With a = 17 and n = 3we have 17 = 5.3+2and 17 = ( 6).3+1. So we have: Theorem If a 2 Z and n 2 N there are unique q, r 2 Z with a = qn + r and 0 apple r<n. Proof. It remains to prove the uniqueness. So suppose qn + r = a = q 0 n + r 0 and 0 apple r, r 0 <n. 19

10 We show that r = r 0 (and then it follows that q = q 0 ). Rearranging the above equation we have So n divides r 0 r. But n(q q 0 )=r 0 r. n<r 0 r<n and the only number in this range which is divisible by n is 0. Thus r 0 r =0, as required. Definition (i) Given a 2 Z and n 2 N, if q, r 2 Z are such that a = qn + r and 0 apple r<n, then we say that r is the remainder on dividing a by n. (ii) Given a, b 2 Z and n 2 N, we say that a and b are congruent modulo n if a, b have the same remainder on dividing by n. In this case we write a b (mod n). Examples. 17 2(mod 3), (mod 3), (mod 3). The following is obvious from the definition, but extremely important! Lemma If a b (mod n) and b c (mod n) then a c (mod n). There is another way of thinking about this (and which, in some ways is better as it doesn t involve thinking about remainders). Theorem If a, b 2 Z and n 2 N, then a b (mod n), n (a b). Proof. We have to show each direction of the implication separately. ()) Suppose that a b (mod n). So this means (by the definition) that we can write a = qn + r and b = q 0 n + r for some q, q 0,r 2 Z and 0 apple r<n. Thus a b =(q q 0 )n and so we see that n (a b). (() Now suppose that n (a b). This means that there is k 2 Z with a b = kn. Let r be the remainder on dividing b by n. So there is some q 2 Z with b = qn + r and 0 apple r<n. ( Exercise: But then Prove a = b + kn =(q + k)n + r and 0 apple r<n. Lemma 2.37 but taking So r is also the remainder on dividing a by n. n (a b) as the definition of Note that if we had taken this as the definition, then there would actually have been some work to do in a b (mod n). ) proving the Lemma. We will use the Theorem in the following, which shows that we can do artihmetic mod n. Theorem 2.39 (Modular Arithmetic). Suppose a, b, c, d 2 Z and n 2 N are such that a b (mod n) and c d (mod n). Then a + c b + d (mod n) and ac bd (mod n). 20 ( Theorem 2.39 says that when doing arithmetic mod n we can any number in our calculations by any number that is congruent to it mod n. )

11 Proof. By Theorem 2.38, we can write (a b) =kn and (c d) =mn for some k, m 2 Z. Then (a + c) (b + d) =kn + mn =(k + m)n so a + c b + d (mod n) (again, using Theorem 2.38). Similarly, ac =(b + kn)(d + mn) =bd + n(kd + bm + kmn) so n (ac bd) and therefore ac bd (mod n). Examples (i) You can verify that 48 3(mod 17). Then (using Theorem 2.39): ( 3)(10) + 3 7(mod 17). (ii) You can use Theorem 2.39 to show that if a b (mod n) and c d (mod n) then b (mod n) and c a d b (mod n). a (iii) What is the last digit of 3 10? So what we want to know is the remainder on dividing 3 10 by 10. We compute: (mod 10) so So the last digit of 3 10 is (mod 10) and 3 8 1(mod 10) therefore (mod 10). ( Alternative solution: 3 10 =(3 2 ) 5 ( 1) 5 1 9(mod 10). ) Exercise. What is the pattern for computing the last digit of 3 k? What is the last digit of 7 10? (iv) We show that a natural number k (in decimal form) is divisible by 9 precisely when the sum of its digits is divisible by 9. (For example 387 has digit sum 18, and is therefore divisible by 9.) To see why this is true, suppose that k written in decimal form is a s a s a j 2{0, 1,...,9}. This means that k = a a s a s. As 10 1(mod 9) we have 10 j 1(mod 9) for any j, so: k a 0 + a a s (mod 9). 1...a 1 a 0 with each Note that the latter is the sum of the digits. A number is divisible by 9 precisely when it is congruent to 0 modulo 9, so we have the result. If we work modulo a prime, some special things happen when computing powers: Theorem Suppose p 2 N is a prime. Then: (i) For all x, y 2 Z we have (x + y) p x p + y p (mod p). 21

12 (ii) (Fermat s Little Theorem) For all a 2 Z we have (iii) If a 2 Z and p does not divide a then a p a (mod p). a p 1 1(mod p). Proof. (i) If we expand (x + y) p using the binomial theorem we obtain: p p p (x + y) p = x p + x p 1 y + x p 2 y xy p 1 + y p. 1 2 p 1 So it will suffice to prove that each binomial coefficient So p = r p(p 1)...(p r + 1) r p p(p 1)...(p r + 1) = (1.2...r). r p r with 1 apple r apple p 1 is divisible by p. But Note that p divides the left-hand side here (as r 1). Moreover, as p>r, it does not divide any of 1, 2,...,r. So as p is prime, by Corollary 2.31 (the Corollary to Euclid s Lemma) it follows that p divides p r. (ii) First we show that this is true for a 0 using a proof by induction. The base case (with a =0) is clear. So suppose we know that k p k (mod p). Then, using (i) we have (k + 1) p k p +1 p k +1(mod p) which does the inductive step. Finally we need to consider what happens with a (for a>0). So we have to show: ( a) p a (mod p). This follows from what we have already proved and the fact that: ( 1) p 1(mod p). (This is clear if p is odd; for p =2you need to note that 1 1(mod 2).) (iii) By (ii) we know that p divides a p a = a(a p 1 1). So if p does not divides a, then (by Euclid s Lemma) p divides a p 1 1, whence a p 1 1(mod p). Examples (i) What is the remainder on dividing by 23? Solution. 23 is a prime and it does not divide 39, so by FLT (or rather (iii) above): (mod 23). Note also that 473 = so: (39 22 ) (mod 23). 22

13 As 39 7(mod 23) we can easily compute: (mod 23) and (mod 23). Thus (mod 23) so (mod 23) and ( 7) 22 1(mod 23). (There are many other ways of doing this last bit.) So the required remainder is 1. (ii) Note that FLT does not generally hold for non-primes: for example we computed that (mod 10). We have discussed addition, subtraction and multiplication mod n. Can we also do division mod n? For example can we find x with 3x 1(mod 6)? (So this is asking whether we can divide by 3 modulo 6). Is is easy to see that this is not possible, by trying all possible values x =0, 1, 2. Another way to see this is to note that if we have such an x then, multiplying by 2, we have 6x 2(mod 6) so 0 2(mod 6), which is clearly not true. The following answers the question of which numbers we can divide by modulo n. Theorem Suppose a 2 Z and n 2 N. Let d be the gcd of a and n. (i) If d>1, then there is no b 2 Z with ab 1(mod n). (ii) If d =1, then there exists b 2 Z with ab 1(mod n). (iii) If n is a prime and n - a, then there exists b 2 Z with ab 1(mod n). Proof. (i) Suppose we can find such a b. Write n = de where 1 <e<nand a = a 0 d. Multiply the equation by e to get abe e (mod n). Now abe = a 0 dbe = a 0 bn. So we obtain 0 e (mod n) which is impossibe as 1 <e<n. (ii) By the Corollary to the Euclidean algorithm, Corollary 2.26, there are b, m 2 Z with ab + mn =1. So ab 1(mod n). (iii) In this case the gcd of a and n is 1, so apply (ii). Notice that the proof of (i) is just a general version of the second argument we gave to show that we cannot divide by 3 modulo 6. The proof of (ii) tells us how to go about finding b (if n is so large that it would be inefficient to try all possibilities). Following the method in Section 2.1, if gcd(a, n) =1we can use to Euclidean algorithm to find b, m 2 Z with 1=ab + mn. Then ab 1(mod n). 23

14 Example (i) Find x 2 Z with 17x 1(mod 91). Let a = 91 and b = 17 and apply the Euclidean Algorithm to find the greatest common divisor of 91 and 17: a = 91 5b = = b a 5b = 6 12 = 2a 10b 11b 2a = 5 5 = 11b 2a 3a 16b = We conclude that gcd(91, 17) = 1 and that Reducing modulo 91 then gives: 1=3a 16b = (mod 91) Therefore, setting x = 75 we have found x 2 Z with 17x 1(mod 91), as required. (ii) Find y 2 Z with 17y 21 (mod 91). To do this, multiply through by 75. The equation becomes y (mod 91), which simplifies to y 28 (mod 91). Note that you can check that this works! We will come back to modular arithmetic in a later section, once we have discussed equivalence relations. For now, notice that modular arithmetic modulo a prime p is somewhere where we can add, subtract, multily and divide, much as in ordinary arithmetic, but only ever working with the remainders 0, 1, 2,...,p 1. When we have made this more precise, we will see that this gives us a field with p elements. D Definitions, Theorems and Proof (See [Houston, Parts III and IV]) This section is a little digression to discuss again the ideas of the language of mathematics and the idea of proof. You have already seen most of the things we discuss here in previous sections so this is really just here as a reminder and as reference point. ADEFINITION is precise statement of the meaning of a concept we are working with. You need to learn these, though this will become easier the more you use a definition, the more you will understand its meaning and the easier it will become to remember. ATHEOREM is a result concerning these concepts. These can be expressed in the form: If... {z} hypothesis then... {z} conclusion So the hypothesis is what we are given and the conclusion is what we are required to show. As an exercise, look at some of the theorems that we have already seen in the notes and identify the hypothesis and the conclusion. 24