Discrete Structures Lecture Solving Congruences. mathematician of the eighteenth century). Also, the equation gggggg(aa, bb) =

Similar documents
4.4 Solving Congruences using Inverses

Math 3336 Section 4.3 Primes and Greatest Common Divisors. Prime Numbers and their Properties Conjectures and Open Problems About Primes

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

Notes on Systems of Linear Congruences

Wilson s Theorem and Fermat s Little Theorem

Number Theory Proof Portfolio

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

4 Number Theory and Cryptography

Algebra. Modular arithmetic can be handled mathematically by introducing a congruence relation on the integers described in the above example.

3 The fundamentals: Algorithms, the integers, and matrices

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

1 Overview and revision

Basic elements of number theory

Basic elements of number theory

MATH 3240Q Introduction to Number Theory Homework 4

Chinese Remainder Algorithms. Çetin Kaya Koç Spring / 22

MTH 346: The Chinese Remainder Theorem

Mathematics of Cryptography

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

Computer Architecture 10. Residue Number Systems

Chinese Remainder Theorem

a the relation arb is defined if and only if = 2 k, k

Number Theory. Modular Arithmetic

Integers and Division

Arithmetic and Algebra

M381 Number Theory 2004 Page 1

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

The set of integers will be denoted by Z = {, -3, -2, -1, 0, 1, 2, 3, 4, }

Numbers. Çetin Kaya Koç Winter / 18

[Part 2] Asymmetric-Key Encipherment. Chapter 9. Mathematics of Cryptography. Objectives. Contents. Objectives

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald)

Chapter 3 Basic Number Theory

NUMBER THEORY AND CODES. Álvaro Pelayo WUSTL

Math From Scratch Lesson 20: The Chinese Remainder Theorem

Introduction to Information Security

Math 109 HW 9 Solutions

Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Homework #2 solutions Due: June 15, 2012

Section Summary. Division Division Algorithm Modular Arithmetic

Elementary Algebra Chinese Remainder Theorem Euclidean Algorithm

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

Number Theory and Cryptography

Mathematics for Cryptography

ELEMENTS OF NUMBER THEORY

NOTES ON SIMPLE NUMBER THEORY

An Introduction to Proof-based Mathematics Harvard/MIT ESP: Summer HSSP Isabel Vogt

A Readable Introduction to Real Mathematics

Ch 4.2 Divisibility Properties

Primes and Modular Arithmetic! CSCI 2824, Fall 2014!!

With Question/Answer Animations. Chapter 4

Chapter 8. Introduction to Number Theory

This exam contains 5 pages (including this cover page) and 4 questions. The total number of points is 100. Grade Table

Number Theory and Group Theoryfor Public-Key Cryptography

10 Problem 1. The following assertions may be true or false, depending on the choice of the integers a, b 0. a "

11 Division Mod n, Linear Integer Equations, Random Numbers, The Fundamental Theorem of Arithmetic

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

Number Theory Basics Z = {..., 2, 1, 0, 1, 2,...} For, b Z, we say that divides b if z = b for some. Notation: b Fact: for all, b, c Z:

CIS 6930/4930 Computer and Network Security. Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography

CSC 474 Information Systems Security

9 Modular Exponentiation and Square-Roots

44.(ii) In this case we have that (12, 38) = 2 which does not divide 5 and so there are no solutions.

MATH 2112/CSCI 2112, Discrete Structures I Winter 2007 Toby Kenney Homework Sheet 5 Hints & Model Solutions

The Chinese Remainder Theorem

Senior Math Circles Cryptography and Number Theory Week 2

ICS141: Discrete Mathematics for Computer Science I

Number Theory Math 420 Silverman Exam #1 February 27, 2018

Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography

PUTNAM TRAINING NUMBER THEORY. Exercises 1. Show that the sum of two consecutive primes is never twice a prime.

MATH 145 Algebra, Solutions to Assignment 4

Discrete Structures Lecture Primes and Greatest Common Divisor

The Chinese Remainder Theorem

Introduction to Number Theory

1. multiplication is commutative and associative;

Classical RSA algorithm

Proofs. Methods of Proof Divisibility Floor and Ceiling Contradiction & Contrapositive Euclidean Algorithm. Reading (Epp s textbook)

ORDERS OF UNITS IN MODULAR ARITHMETIC

Beautiful Mathematics

Topics in Cryptography. Lecture 5: Basic Number Theory

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

Eureka Math. Algebra II Module 1 Student File_A. Student Workbook. This file contains Alg II-M1 Classwork Alg II-M1 Problem Sets

12x + 18y = 50. 2x + v = 12. (x, v) = (6 + k, 2k), k Z.

Finite Fields and Error-Correcting Codes

Solutions to Problem Set 3 - Fall 2008 Due Tuesday, Sep. 30 at 1:00

THESIS. Presented in Partial Fulfillment of the Requirements for the Degree Master of Science in the Graduate School of The Ohio State University

Elementary Properties of the Integers

Math 312/ AMS 351 (Fall 17) Sample Questions for Final

Wednesday, February 21. Today we will begin Course Notes Chapter 5 (Number Theory).

NUMBER THEORY. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

Lecture 7 Number Theory Euiseong Seo

4 Powers of an Element; Cyclic Groups

LECTURE NOTES IN CRYPTOGRAPHY

ECEN 5022 Cryptography

Modular Arithmetic Instructor: Marizza Bailey Name:

Lecture Notes. Advanced Discrete Structures COT S

Chapter 4 Finite Fields

Lesson 1: Successive Differences in Polynomials

Number theory (Chapter 4)

EULER S THEOREM KEITH CONRAD

Transcription:

First Introduction Our goal is to solve equations having the form aaaa bb (mmmmmm mm). However, first we must discuss the last part of the previous section titled gcds as Linear Combinations THEOREM 6 DEFINITION 6 BÉZOUT S THEOREM If aa and bb are positive integers, then there exist integers ss and tt such that gggggg(aa, bb) = ssss + tttt. If aa and bb are positive integers, then ss and tt such that gggggg(aa, bb) = ssss + tttt are called BBézzzzzzzz cccccccccccccccccccccccc of aa and bb (after Étienne Bézout, a French mathematician of the eighteenth century). Also, the equation gggggg(aa, bb) = ssss + tttt is called BBézzzzzzzz ss iiiiiiiiiiiiiiii. EXAMPLE 17 Express gggggg(252,198) = 18 as a linear combination of 252 and 198. Solution: To show that gggggg(252,198) = 18, the Euclidean algorithm uses these divisions. 252 = 1 198 + 54 198 = 3 54 + 36 54 = 1 36 + 18 36 = 2 18 Using the next-to-last division (the third division), we can express gggggg(252,198) = 18 as a linear combination of 54 and 36. The second division tells us that 18 = 54 1 36 36 = 198 3 54 Substituting this expression for 36 into the previous equation, we can express 18 as a linear combination of 54 and 198. The first division tells us that 18 = 54 1 (198 3 54) = 4 54 1 198 54 = 252 1 198 Substituting this expression for 54 into the previous equation, we can express 18 as a linear combination of 252 and 198. 18 = 4 54 1 198 18 = 4 (252 1 198) 1 198 18 = 4 252 5 198 completing the solution 1

Second Introduction Solving linear congruences, which have the form aaaa bb (mmmmmm mm), is an essential task in the study of number theory and its applications. To solve linear congruences, we employ inverses modulo mm. We explain how to work backwards through steps of the Euclidean algorithm to find inverses modulo mm. Once we have found an inverse of aa modulo mm, we solve the congruence aaaa bb (mmmmmm mm) by multiplying both sides of the congruence by this inverse. Linear Congruences A congruence of the form aaaa bb (mmmmmm mm), Where mm is a positive integer, aa and bb are integers, and xx is a variable, is called a linear congruence. How can we solve the linear congruence aaaa bb (mmmmmm mm), that is, how can we find all integers xx that satisfy this congruence? One method that we will describe uses an integer aa such that aaaa 1 (mmmmmm mm), if such an integer exists. Such an integer aa is said to be an inverse of aa modulo mm. Theorem 1 guarantees that an inverse of aa modulo mm exists whenever aa and mm are relatively prime. THEOREM 1 If aa and mm are relatively prime integers and mm > 1, then an inverse of aa modulo mm exists. Furthermore, this inverse is unique modulo mm. (That is, there is a unique positive integer aa less than mm that is an inverse of aa modulo mm and every other inverse of aa modulo mm is congruent to aa modulo mm.) EXAMPLE 1 Find an inverse of 3 modulo 7 by first finding Bézout coefficients of 3 and 7. (Note that we have already shown that 5 is an inverse of 3 modulo 7 by inspection.) Solution: Because gggggg(3,7) = 1, Theorem 1 tells us that an inverse of 3 modulo 7 exists. The Euclidean algorithm ends quickly when used to find the greatest common divisor of 3 and 7. From this equation we see that 7 = 2 3 + 1 2 3 + 1 7 = 1 This shows that 2 and 1 are Bézout coefficients of 3 and 7. We see that 2 is an inverse of 3 modulo 7. Note that every integer congruent to 2 modulo 7 is also an inverse of 3, such as 5, 9, 12, and so on. 2

EXAMPLE 2 Find an inverse of 101 modulo 4620. Solution: For completeness, we present all steps used to compute an inverse of 101 modulo 4620. (Only the last step goes beyond methods developed in section 4.3 and illustrated in Example 17 in that section.) First, we use the Euclidean algorithm to show that gggggg(101,4620) = 1. Then we will reverse the steps to find Bézout coefficients aa and bb such that 101aa + 4620bb = 1. It will then follow that aa is an inverse of 101 modulo 4620. The steps used by the Euclidean algorithm to find gggggg(101,4620) are a b q r 4620 = 101 45 + 75 101 = 75 1 + 26 75 = 26 2 + 23 26 = 23 1 + 3 23 = 3 7 + 2 3 = 2 1 + 1 2 = 1 2 + 0 Because the last nonzero remainder is 1, we know that gggggg(101,4620) = 1. We can now find the Bézout coefficients for 101 and 4620 by working backwards through these steps, expressing gggggg(101,4620) = 1 in terms of each successive pair of remainders. In each step we eliminate the remainder by expressing it as a linear combination of the divisor and the dividend. We obtain 1 = 3 1 22 = 3 1 (23 3 7) = 1 23 + 8 33 = 1 23 + 8 (26 1 23) = 8 26 9 2222 = 8 26 9 (75 2 26) = 9 75 + 26 2222 = 9 75 + 26 (101 1 75) = 26 101 35 7777 = 26 101 35 (4620 45 101) = 35 4620 + 1601 111111 3333 44444444 + 11111111 111111 = 11 That 3333 44444444 + 11111111 111111 = 1 tells us that 35 and 1601 are Bézout coefficients of 4620 and 101, and 11111111 is an inverse of 101 modulo 4620. Once we have an inverse aa of aa modulo mm, we can solve the congruence aaaa bb(mmmmmm mm) by multiplying both sides of the linear congruence by aa, as Example 3 illustrates. 3

EXAMPLE 3 What are the solutions of the linear congruence 3xx 4 (mmmmmm 7)? Solution: By Example 1 we know that 2 is an inverse of 3 modulo 7. Multiplying both sides of the congruence by 2 shows that 2 3xx 2 4 (mmmmmm 7) Because 6 1 (mmmmmm 7) and 8 6 (mmmmmm 7), it follows that if xx is a solution, then xx 8 6 (mmmmmm 7). We need to determine whether every xx with xx 6 (mmmmmm 7) is a solution. Assume that xx 6 (mmmmmm 7). Then, by Theorem 5 of Section 4.1, it follows that 3xx 3 6 = 18 4( mmmmmm 7) which shows that all such xx satisfy the congruence. We conclude that the solutions to the congruence are integers xx such that xx 6 (mmmmmm 7), namely, 6, 13, 20,, and 1, 8, 15,. The Chinese Remainder Theorem EXAMPLE 4 In the first century, the Chinese mathematician Sun-Tsu asked: There are certain things whose number is unknown. When divided by 3, the remainder is 2; when divided by 5, the remainder is 3; and when divided by 7, the remainder is 2. What will be the number of things? This puzzle can be translated into the following question: What are the solutions of the systems of congruences xx 2 (mmmmmm 3), xx 3 (mmmmmm 5), xx 2 (mmmmmm 7)? We will solve this system, and with it Sun-Tsu s puzzle, later in this section. THEOREM 2 THE CHINESE REMAINDER THEOREM Let mm 1, mm 2,, mm nn be pairwise relatively prime positive integers greater than one and aa 1, aa 2,, aa nn arbitrary integers. Then the system xx aa 1 (mmmmmm mm 1 ), xx aa 2 (mmmmmm mm 2 ), xx aa nn (mmmmmm mm nn ) has a unique solution modulo mm = mm 1 mm 2 mm nn. (That is, there is a solution xx with 0 xx < mm, and all other solutions are congruent modulo mm to this solution.) 4

Proof: To establish this theorem, we need to show that a solution exists and that it is unique modulo mm. We will show that a solution exists by describing a way to construct this solution. To construct a simultaneous solution, first let MM kk = mm/mm kk for kk = 1,2,, nn. That is, MM kk is the product of the moduli except for mm kk. Because mm ii and mm kk have no common factors greater than 1 when ii kk, it follows that gggggg(mm kk, MM kk ) = 1. Consequently, by Theorem 1, we know that there is an integer yy kk, an inverse of MM kk modulo mm kk, such that MM kk yy kk 1 (mmmmmm mm kk ) To construct a simultaneous solution, form the sum xx = aa 1 MM 1 yy 1 + aa 2 MM 2 yy 2 + + aa nn MM nn yy nn Will now show that xx is a simultaneous solution. First, note that because MM jj 0( mmmmmm mm kk ) whenever jj kk, all terms except the kkth term in this sum are congruent to 0 modulo mm kk. Because MM kk yy kk 1 (mmmmmm mm kk ) we see that xx aa kk MM kk yy kk aa kk (mmmmmm mm kk ), for kk = 1,2,, nn. We have shown that xx is a simultaneous solution to the nn congruences. EXAMPLE 5 To solve the system of congruences in Example 4, first let mm = 3 5 7 = 105, MM 1 = mm = 35, MM 3 2 = mm = 21, and MM 5 3 = mm = 15. We see that 2 is an 7 inverse of MM 1 = 35 modulo 3, because 35 2 2 2 1( mmmmmm 3); 1 is an inverse of MM 2 = 21 modulo 5, because 21 1 1( mmmmmm 5); and 1 is an inverse of MM 3 = 15 modulo 7, because 15 1( mmoooo 7). The solutions to this system are those xx such that xx aa 1 MM 1 yy 1 + aa 2 MM 2 yy 2 + aa 3 MM 3 yy 3 = 2 35 2 + 3 21 1 + 2 15 1 = 233 23( mmmmmm 105), It follows that 23 is the smallest positive integer that is a simultaneous solution. We conclude that 23 is the smallest positive integer that leaves a remainder of 2 when divided by 3, a remainder of 3 when divided by 5, and a remainder of 2 when divided by 7. 5

EXAMPLE 6 Use the method of back substitution to find all integers xx such that xx 1 (mmmmmm 5), xx 2( mmmmmm 6), and xx 3( mmmmmm 7). Solution: By Theorem 4 in Section 4.1, the first congruence can be rewritten as an equality, xx = 5tt + 1 where tt is an integer. Substituting this expression for xx into the second congruence tells us that 5tt + 1 2(mmmmmm 6), which can be easily solved to show that tt 5(mmmmmm 6) (as the reader should verify). Using Theorem 4 in Section 4.1 again, we see that tt = 6uu + 5 where uu is an integer. Substituting this expression for tt into the equation xx = 5tt + 1 tells us that xx = 5(6uu + 5) + 1 = 30uu + 26. We insert this into the third equation to obtain 30uu + 26 3(mmmmmm 7) Solving this congruence tells us that uu = 6(mmmmmm 7) (as the reader should verify). Theorem 4 in Section 4.1 tells us that uu = 7vv + 6 where vv is an integer. Substituting this expression for uu into the equation xx = 30uu + 26 tells us that xx = 30(7vv + 6) + 26 = 210uu + 206. Translating this back into a congruence, we find the solution to the simultaneous congruences, xx 206(mmmmmm 210). Computer Arithmetic with Large Integers Read for yourself. Fermat s Little Theorem THEOREM 3 FERMAT S LITTLE THEOREM If pp is prime and aa is an integer not divisible by pp, then aa pp 1 1(mmmmmm pp). Furthermore, for every integer aa we have aa pp aa(mmmmmm pp). 6

EXAMPLE 9 Find 7 222 mod 11. Solution: We can use Fermat s little theorem to evaluate 7 222 mod 11 rather than using the fast modular exponentiation algorithm. By Fermat s little theorem we know that 7 10 = 1(mod 11), so (7 10 ) kk = 1(mod 11)222 = 22 10 + 2. We now see that 7 222 = 7 22 10+2 = (7 10 ) 22 7 2 (1) 22 49 5(mmmmmm 11). It follows that 7 222 mod 11 = 5. Primitive Roots and Discrete Logarithms. Read for yourself. 7

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback