CS 173 Lecture 7: Arithmetic (II)

Similar documents
4.4 Solving Congruences using Inverses

This exam contains 5 pages (including this cover page) and 4 questions. The total number of points is 100. Grade Table

Relations. Binary Relation. Let A and B be sets. A (binary) relation from A to B is a subset of A B. Notation. Let R A B be a relation from A to B.

NOTES ON SIMPLE NUMBER THEORY

Wilson s Theorem and Fermat s Little Theorem

Lecture 20 FUNDAMENTAL Theorem of Finitely Generated Abelian Groups (FTFGAG)

Math 5330 Spring Notes Congruences

CSE 20 DISCRETE MATH. Winter

Carmen s Core Concepts (Math 135)

Mathematics 220 Homework 4 - Solutions. Solution: We must prove the two statements: (1) if A = B, then A B = A B, and (2) if A B = A B, then A = B.

INTEGERS. In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes.

Chapter 1 : The language of mathematics.

PRINCIPLES OF ANALYSIS - LECTURE NOTES

Math.3336: Discrete Mathematics. Primes and Greatest Common Divisors

The Chinese Remainder Theorem

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

CSE 20 DISCRETE MATH. Fall

CHAPTER 3. Congruences. Congruence: definitions and properties

CISC-102 Fall 2017 Week 6

CIS 6930/4930 Computer and Network Security. Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

cse547, math547 DISCRETE MATHEMATICS Professor Anita Wasilewska

1 Overview and revision

Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography

Orders and Equivalences

Exam 2 Solutions. In class questions

7.2 Applications of Euler s and Fermat s Theorem.

Algebra. Modular arithmetic can be handled mathematically by introducing a congruence relation on the integers described in the above example.

Lecture Notes. Advanced Discrete Structures COT S

Math 2070BC Term 2 Weeks 1 13 Lecture Notes

ALGEBRA I (LECTURE NOTES 2017/2018) LECTURE 9 - CYCLIC GROUPS AND EULER S FUNCTION

Part IA Numbers and Sets

Definitions, Theorems and Exercises. Abstract Algebra Math 332. Ethan D. Bloch

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

1 Divisibility Basic facts about divisibility The Division Algorithm... 3

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

Modular Arithmetic Instructor: Marizza Bailey Name:

1. (a) q = 4, r = 1. (b) q = 0, r = 0. (c) q = 5, r = (a) q = 9, r = 3. (b) q = 15, r = 17. (c) q = 117, r = 11.

2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

MATH 361: NUMBER THEORY FOURTH LECTURE

Local behaviour of Galois representations

Introduction to Sets and Logic (MATH 1190)

MATH 2200 Final Review

Number theory. Myrto Arapinis School of Informatics University of Edinburgh. October 9, /29

Proof 1: Using only ch. 6 results. Since gcd(a, b) = 1, we have

Lecture Notes 1 Basic Concepts of Mathematics MATH 352

3.7 Non-linear Diophantine Equations

Definition 2.3. We define addition and multiplication of matrices as follows.

ABSTRACT ALGEBRA 1 COURSE NOTES, LECTURE 11: SYLOW THEORY.

Introduction to Cryptography CS 355 Lecture 3

PROBLEMS ON CONGRUENCES AND DIVISIBILITY

4 Number Theory and Cryptography

CSC 474 Network Security. Outline. GCD and Euclid s Algorithm. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

With Question/Answer Animations. Chapter 4

Markov Chains. Andreas Klappenecker by Andreas Klappenecker. All rights reserved. Texas A&M University

CSE 20 DISCRETE MATH. Winter

Contribution of Problems

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

Lecture 2. The Euclidean Algorithm and Numbers in Other Bases

CS 173 Lecture 2: Propositional Logic

CS March 17, 2009

Number Theory and Graph Theory. Prime numbers and congruences.

Number Theory Basics Z = {..., 2, 1, 0, 1, 2,...} For, b Z, we say that divides b if z = b for some. Notation: b Fact: for all, b, c Z:

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

Arithmetic Properties for Ramanujan s φ function

Outline. Number Theory and Modular Arithmetic. p-1. Definition: Modular equivalence a b [mod n] (a mod n) = (b mod n) n (a-b)

The Chinese Remainder Theorem

Introduction to Cryptography. Lecture 6

Definition 6.1 (p.277) A positive integer n is prime when n > 1 and the only positive divisors are 1 and n. Alternatively

#A22 INTEGERS 17 (2017) NEW CONGRUENCES FOR `-REGULAR OVERPARTITIONS

Foundations Revision Notes

Part IA Numbers and Sets

L11: Algebraic Path Problems with applications to Internet Routing Lecture 15. Path Weight with functions on arcs?

SOLUTIONS TO PROBLEM SET 1. Section = 2 3, 1. n n + 1. k(k + 1) k=1 k(k + 1) + 1 (n + 1)(n + 2) n + 2,

Chapter V. Theory of the Integers. Mathematics is the queen of the sciences and number theory is the queen of mathematics. Carl Friedrich Gauss

Congruences and Residue Class Rings

CS 514, Mathematics for Computer Science Mid-semester Exam, Autumn 2017 Department of Computer Science and Engineering IIT Guwahati

MTH 505: Number Theory Spring 2017

Outline. Some Review: Divisors. Common Divisors. Primes and Factors. b divides a (or b is a divisor of a) if a = mb for some m

Outline. AIT 682: Network and Systems Security. GCD and Euclid s Algorithm Modulo Arithmetic Modular Exponentiation Discrete Logarithms

Discrete Mathematics GCD, LCM, RSA Algorithm

ELEMENTARY PROOFS OF PARITY RESULTS FOR 5-REGULAR PARTITIONS

Math 118: Advanced Number Theory. Samit Dasgupta and Gary Kirby

1. Examples. We did most of the following in class in passing. Now compile all that data.

CSE 311 Lecture 13: Primes and GCD. Emina Torlak and Kevin Zatloukal

Number Theory and Group Theoryfor Public-Key Cryptography

7. Prime Numbers Part VI of PJE

ALG 4.0 Number Theory Algorithms:

Math 312/ AMS 351 (Fall 17) Sample Questions for Final

1. (a) q = 4, r = 1. (b) q = 0, r = 0. (c) q = 5, r = (a) q = 9, r = 3. (b) q = 15, r = 17. (c) q = 117, r = 11.

Slides by Christopher M. Bourke Instructor: Berthe Y. Choueiry. Spring 2006

Arithmetic properties of overcubic partition pairs

arxiv: v1 [math.nt] 23 May 2017

Topics in Cryptography. Lecture 5: Basic Number Theory

3 The fundamentals: Algorithms, the integers, and matrices

MA30056: Complex Analysis. Exercise Sheet 7: Applications and Sequences of Complex Functions

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

LARGE PRIME NUMBERS (32, 42; 4) (32, 24; 2) (32, 20; 1) ( 105, 20; 0).

Notes on Systems of Linear Congruences

Transcription:

CS 173 Lecture 7: Arithmetic (II) José Meseguer University of Illinois at Urbana-Champaign 1 The Fundamental Theorem of Arithmetic (Part II) Fundamental Theorem of Arithmetic (Part II). Every natural number greater than or equal to 2 has a unique factorization as a product of primes in the following sense. If Π k2 j 0 qmj j n Π k1 i 0 pni i with all the p i and q j primes, p 0 ă... ă p k1, n i ě 1, 0 ď i ď k 1, q 0 ă... ă q k2, m j ě 1, 0 ď j ď k 2, then: k 1 k 2, p i q i, n i m i, 0 ď i ď k 1. Proof: By contradiction. Suppose that there is an n ě 2 such that n has two different prime factorizations. Then there will be a smallest possible n 0, n 0 ě 2 having two such different factorizations, Π k2 j 0 qmj j n 0 Π k1 i 0 pni i. We now reason by cases: Case 1. tp 0,..., p k1 u tq 0,..., q k2 u. Then we must either have some q j R tp 0,..., p k1 u, or some p i R tq 0,..., q k2 u. Since the cases are entirely symmetric, let us assume without loss of generality (WLOG) that q j R tp 0,..., p k1 u. Then we have q j p 0 pp n0 1 q i 1 pni i But by Corollary 1 in Lecture 6, since q j is prime and q j does not divide p 0 we must have some r P N such that q j r p n0 1 i 1 pni i But this is false, since n 0 ą p n0 1 i 1 pni i, and by n 0 being the smallest number greater than or equal to 2 not having a unique factorization, since q j R tp 0,..., p k1 u, we would have two different prime factorizations, one the above p n0 1 i 1 pni i, and another prime factorization for q j r having q j as one of its primes, and obtained as either q j itself if r 1, or as q j Πi k sli i, where r Πk i sli i is the prime factorization of r if r ě 2. Case 2. tp 0,..., p k1 u tq 0,..., q k2 u. Then we must have some i, 1 ď i ď k 1 such that either m i ą n i or n i ą m i. Since the cases are symmetric, we can assume WLOG that m i ą n i. Now divide n 0 by p ni i. We get: p n0 0... pni 1 pni`1 i 1 i`1... pni k 1 p m0 0... p mi 1 pmi ni i 1 i p mi`1 i`1... p mi k 1

2 J. Meseguer but this is false, since n 0 ą n 0 {p ni i ě 2, so that n 0 {p ni i has a unique prime factorization. But the above equality shows that n 0 {p ni i has two different prime factorizations, one in which the prime p i appears (on the right) and one in which p i does not appear (on the left). This finishes the proof of FTA-II. As a corollary of FTA-II we get the following important theorem due to Euclid: Euclid s Theorem. The set of prime numbers is infinite. Proof: By contradiction. Suppose the set of prime numbers is finite, say, the set tp 0,..., p k u with p 0 ă... ă p k. Then by FTA-II we have a unique prime factorization pp 0... p k q ` 1 p n0 j 0... p n k 1 j k 1 with p 0 ď p j0 ă... p jk 1 ď p k, and n i ě 1, 0 ď i ď k 1. But this means that p j0 pp 0... p k q ` 1 which is false, since remppp 0... p k q`1, p j0 q 1. This finishes the proof of Euclid s Theorem. 2 Modular Arithmetic Given a non-zero natural number n P N, n ě 1, and given integers a, b P Z, we call a and b congruent modulo n, denoted: a b pmod nq if and only if n pa bq. Notation. In what follows, a b pmod nq will be abbreviated as: a n b. Lemma 1. @a, b P Z, a n b iff rempa, nq rempb, nq. Proof: Divide a and b by n, so that we get a q 1 n ` r 1 and a q 1 n ` r 2. Proof of pðq: If r 1 r 2, the a b npq 1 q 2 q and therefore a n b. Proof of pñq: Suppose a n b so that n pa bq. Then we also have n pa bq, i.e., n pb aq. We may assume WLOG that r 1 ě r 2 [otherwise we will have r 2 ą r 1 and we can swap the roles of a and b using the fact that n pb aq]. We get: a b npq 1 q 2 q ` pr 1 r 2 q but 0 ď pr 1 r 2 q ď r 1 ă n. But since n pa bq, dividing pa bq by n we must have pr 1 r 2 q 0, i.e., r 1 r 2. This finishes the proof of the Lemma.

Arithmetic (II) 3 Corollary 1. @a P Z, a n rempa, nq. Proof: By Lemma 1 this will hold iff rempa, nq remprempa, nq, nq but remprempa, nq, nq rempa, nq. This finishes the proof of the Corollary. 2.1 Equivalence Relation and Congruence Properties We shall see below that n behaves as an equality relation, in the sense that we view two numbers a and b as equal modulo n iff rempa, nq rempb, nq. Equivalence Relation Lemma 2. @a, b, c P Z the following three properties hold: 1. Reflexivity. a n a 2. Symmetry. a n b ñ b n a 3. Transitivity. pa n b ^ b n cq ñ a n c. Proof: Let us show Transitivity. The proofs for Reflexivity and Symmetry are entirely similar. By Lemma 1, a n b iff rempa, nq rempb, nq, and b n c iff rempa, nq rempb, nq. Therefore, since pa n b^b n cq, we have rempa, nq rempc, nq, which, again by Lemma 1, gives us a n c, as desired. This finishes the proof of the Lemma. The above properties (1) (3) make sense not just for n, but of any binary relation R. When any such R satisfies conditions (1) (3) we call R an equivalence relation. Note that the equality relation on the elements of a set (for example, equality on the elements of Z) always satisfies (1) (3), so that equivalence relations generalize equality relations. The above lemma can be summarized by saying that n is an equivalence relation. We will study equivalence relations in full generality later in the course. Congruence Lemma 3. @a, b, a 1, b 1 P Z pa n a 1 ^ b n b 1 q ñ pa ` b n a 1 ` b 1 ^ ab n a 1 b 1 q. Proof: a n a 1 iff pa a 1 q nq for some q. Likewise, b n b 1 iff pb b 1 q nq 1 for some q 1. Therefore, pa ` bq pa 1 ` b 1 q npq ` q 1 q. Therefore, a ` b n a 1 ` b 1. But note that we also have a nq ` a 1 and b nq 1 ` b 1. Therefore, ab n 2 qq 1 ` nqb 1 ` a 1 nq 1 ` a 1 b 1 npnqq 1 ` qb 1 ` aq 1 q ` a 1 b 1 Therefore, n pab a 1 b 1 q and we get ab n a 1 b 1, as desired. This finishes the proof of the Lemma.

4 J. Meseguer 2.2 Reminder Arithmetic Let us write Z n to denote the set of possible reminders of dividing a number by n ě 1. That is, Z n t0,..., n 1u It turns out that Z n has a very simple, yet very useful (for example for cryptographic applications) arithmetic, called reminder arithmetic, where we can add and multiply reminders i, j P Z n by operations i `n j and i n j according to the following, simple definitions: i `n j rempi ` j, nq i n j rempi j, nq. The idea is straightforward: we first add (resp.multiply) the reminders i and j in Z as usual, and then compute the reminders of their addition (resp, multiplication) when divided by n as our desired result. The slides of Lecture 7 give a detailed description of the addition and multiplication tables for the reminder arithmetic of Z 5. One very useful property is that for each i P Z n there is another element of Z n that acts as i for the addition operation `n so that i `n p iq 0. Additive Inverse Lemma 4. For any n P N, n ě 1, each i P Z n if i 0 has 0 as its additive inverse, and otherwise has n i as its additive inverse, in the sense that i `n pn iq 0. Therefore, 0 0, and for i 0 we can write n i as i in Z n. Proof: Of course, 0 `n 0 0, and for i 0, i `n pn iq rempn, nq 0. This finishes the proof. Multiplicative Inverse Lemma 5. For any n P N, n ě 2, each i P t1,..., n 1u has a multiplicative inverse i 1 P t1,..., n 1u such that i n i 1 1 if and only if gcdpi, nq 1. Proof: Let us first prove the pðq implication. Assume gcdpi, nq 1. By Bezout s Lemma in Lecture 6, there are k, k 1 P Z such that 1 ik ` nk 1 But this means that ik n 1, and since k n rempk, nq, by the Congruence Lemma 3, this means that irempk, nq n 1. Therefore we have i n rempk, nq rempirempk, nq, nq 1 proving that rempk, nq is the multiplicative inverse of i, as desired. We can prove the pñq implication by proving its contrapositive. That is, assuming that gcdpi, nq ą 1 we need to show that i has no multiplicative inverse. But

Arithmetic (II) 5 if gcdpi, nq j ą 1, then n jq 1 and i jq 2 with 1 ď q 1, q 2 ă n. Therefore iq 1 jq 1 q 2 nq 2 n 0. Therefore, q 1 n i 0. But then i cannot have a multiplicative inverse i 1 P t1,..., n 1u, since this would give us q 1 q 1 n i n i 1 0 n i 1 0 which is false. This finishes the proof of the Lemma. Corollary 2. If p is a prime number, then each i P t1,..., p 1u Z p has a multiplicative inverse i 1 P t1,..., p 1u Z p such that i p i 1 1. Proof: Let i P Z p. Then divpiq X divppq divpiq X t p, 1, 1, pu t 1, 1u. Therefore, gcdpi, pq 1 and the result follows form the Multiplicative Inverse Lemma 5. This finishes the proof of the Corollary. 2.3 Homomorphism Lemma Homomorphism Lemma 6. For any a, b P Z and n P N with n ě 1 the following two eqalities hold: 1. rempa ` b, nq rempa, nq `n rempb, nq 2. rempab, nq rempa, nq n rempb, nq. Proof: Let i rempa, nq and j rempb, nq. Then we have a n i and b n j. Therefore by the Congruence Lemma 3 we get: which proves (1) above, and a ` b n i ` j n rempi ` j, nq def i `n j ab n ij n rempij, nq def i n j which proves (2) above. This finishes the proof of the Lemma. The above lemma is calle the Homomorphism Lemma because the function ρ : Z Ñ Z n where ρpmq rempm, nq satisfies by the Homomorphism Lemma: 1. ρpa ` bq ρpaq `n ρpbq 2. ρpabq ρpaq n ρpbq That is, ρ preserves both ` and. A function that preserves some given operations is called a homomorphism. Therefore, the above function ρ is called a homomorphism precisely because it preserves the addition and multiplication operations as proved in the Homomorphism Lemma.

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback