Math 324, Fall 2011 Assignment 7 Solutions. 1 (ab) γ = a γ b γ mod n.

Similar documents
Notes on Primitive Roots Dan Klain

An integer p is prime if p > 1 and p has exactly two positive divisors, 1 and p.

SOLUTIONS Math 345 Homework 6 10/11/2017. Exercise 23. (a) Solve the following congruences: (i) x (mod 12) Answer. We have

CHAPTER 6. Prime Numbers. Definition and Fundamental Results

Notes on Systems of Linear Congruences

All variables a, b, n, etc are integers unless otherwise stated. Each part of a problem is worth 5 points.

SOLUTIONS TO PROBLEM SET 1. Section = 2 3, 1. n n + 1. k(k + 1) k=1 k(k + 1) + 1 (n + 1)(n + 2) n + 2,

MATH 310: Homework 7

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

Homework #2 solutions Due: June 15, 2012

Definition 6.1 (p.277) A positive integer n is prime when n > 1 and the only positive divisors are 1 and n. Alternatively

A SURVEY OF PRIMALITY TESTS

Number Theory Proof Portfolio

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

Theory of Numbers Problems

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

MATH 4400 SOLUTIONS TO SOME EXERCISES. 1. Chapter 1

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald)

12x + 18y = 50. 2x + v = 12. (x, v) = (6 + k, 2k), k Z.

Elementary Number Theory MARUCO. Summer, 2018

On the number of semi-primitive roots modulo n

MATH 3240Q Introduction to Number Theory Homework 5

Math 324, Fall 2011 Assignment 6 Solutions

Number Theory Homework.

7.2 Applications of Euler s and Fermat s Theorem.

Chapter 8. Introduction to Number Theory

7. Prime Numbers Part VI of PJE

Math 430 Midterm II Review Packet Spring 2018 SOLUTIONS TO PRACTICE PROBLEMS

MATH 537 Class Notes

M381 Number Theory 2004 Page 1

Number Theory and Group Theoryfor Public-Key Cryptography

Chapter 9 Mathematics of Cryptography Part III: Primes and Related Congruence Equations

NONABELIAN GROUPS WITH PERFECT ORDER SUBSETS

Name: There are 8 questions on 13 pages, including this cover.

Discrete Logarithms. Let s begin by recalling the definitions and a theorem. Let m be a given modulus. Then the finite set

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Math 109 HW 9 Solutions

Mathematics 4: Number Theory Problem Sheet 3. Workshop 26 Oct 2012

The number of ways to choose r elements (without replacement) from an n-element set is. = r r!(n r)!.

D-MATH Algebra II FS18 Prof. Marc Burger. Solution 26. Cyclotomic extensions.

CIS 6930/4930 Computer and Network Security. Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography

A Readable Introduction to Real Mathematics

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

Basic elements of number theory

Basic elements of number theory

Part V. Chapter 19. Congruence of integers

ECE596C: Handout #11

Lecture 4: Number theory

ALGEBRA I (LECTURE NOTES 2017/2018) LECTURE 9 - CYCLIC GROUPS AND EULER S FUNCTION

Elementary Number Theory Review. Franz Luef

Euler s, Fermat s and Wilson s Theorems

Math 314 Course Notes: Brief description

Discrete Mathematics with Applications MATH236

Summary Slides for MATH 342 June 25, 2018

1 Structure of Finite Fields

Corollary 4.2 (Pepin s Test, 1877). Let F k = 2 2k + 1, the kth Fermat number, where k 1. Then F k is prime iff 3 F k 1

The Chinese Remainder Theorem

Introduction to Number Theory 1. c Eli Biham - December 13, Introduction to Number Theory 1

NOTES ON SIMPLE NUMBER THEORY

ALGEBRA. 1. Some elementary number theory 1.1. Primes and divisibility. We denote the collection of integers

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

Proof 1: Using only ch. 6 results. Since gcd(a, b) = 1, we have

LECTURE 4: CHINESE REMAINDER THEOREM AND MULTIPLICATIVE FUNCTIONS

LARGE PRIME NUMBERS (32, 42; 4) (32, 24; 2) (32, 20; 1) ( 105, 20; 0).

Wilson s Theorem and Fermat s Little Theorem

ASSIGNMENT Use mathematical induction to show that the sum of the cubes of three consecutive non-negative integers is divisible by 9.

The running time of Euclid s algorithm

AN ALGEBRAIC PROOF OF RSA ENCRYPTION AND DECRYPTION

Solutions to Problem Set 4 - Fall 2008 Due Tuesday, Oct. 7 at 1:00

Section 10: Counting the Elements of a Finite Group

Number Tree LCM HCF Divisibility Rules Power cycle Remainder Theorem Remainder of powers a n b n Last and Second last digit Power of Exponents Euler s

MATH 361: NUMBER THEORY FOURTH LECTURE

Mathematics for Cryptography

Chapter 3 Basic Number Theory

3.2 Solving linear congruences. v3

LECTURE NOTES IN CRYPTOGRAPHY

p = This is small enough that its primality is easily verified by trial division. A candidate prime above 1000 p of the form p U + 1 is

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

FERMAT S LAST THEOREM FOR n = 3, NOTES FOR MATH In these notes, we prove Fermat s Last Theorem for n = 3.

TC10 / 3. Finite fields S. Xambó

Numbers. Çetin Kaya Koç Winter / 18

CSC 474 Information Systems Security

198 VOLUME 46/47, NUMBER 3

Math 261 Spring 2014 Final Exam May 5, 2014

Lecture 8: Finite fields

MATH 145 Algebra, Solutions to Assignment 4

Part II. Number Theory. Year

arxiv: v1 [math.ho] 12 Sep 2008

PMA225 Practice Exam questions and solutions Victor P. Snaith

a mod a 2 mod

ICS141: Discrete Mathematics for Computer Science I

Lecture Notes, Week 6

Winter Camp 2009 Number Theory Tips and Tricks

Number Theory Solutions Packet

Number Theory and Algebra: A Brief Introduction

Math 5330 Spring Notes Congruences

A Guide to Arithmetic

CHAPTER 3. Congruences. Congruence: definitions and properties

Exam 2 Solutions. In class questions

Transcription:

Math 324, Fall 2011 Assignment 7 Solutions Exercise 1. (a) Suppose a and b are both relatively prime to the positive integer n. If gcd(ord n a, ord n b) = 1, show ord n (ab) = ord n a ord n b. (b) Let n be a positive integer and a an integer relatively prime to n. If ord n a = n 1, show n is prime. Solutions : (a) Set α = ord n a, β = ord n b and γ = ord n (ab). Since we deduce γ divides αβ. Conversely, by definition of order, (ab) αβ = a αβ b αβ = (a α ) β (b β ) α 1 β 1 α = 1 mod n, 1 (ab) γ = a γ b γ mod n. Raising everything to α, 1 = 1 α [a γ b γ ] α = a γα b γα b γα mod n, since γα is a multiple of the order α of a. The corollaries to Theorem 1 allow us to conclude that γα is divisible by β, hence the hypothesis gcd(α, β) = 1 yields β γ. By symmytry, we also have α γ, hence αβ divides γ, since α and β are relatively prime. Since α, β, and γ are all positive, the preceding discussion allows us to conclude γ = αβ, as required. (b) If ord n a = n 1 then n 1 φ(n). In particular, n 1 φ(n). On the other hand, the definition of the Euler phi function yields n 1 φ(n), hence φ(n) = n 1. It was proved in class that the latter condition implies n is prime. Indeed, let d be a divisor of n with 1 d < n. Since d divides n, we have d = gcd(d, n) = 1, the last equality following from the fact φ(n) = n 1. We deduce that the only positive divisors of n are itself and 1, that is n is prime. Exercise 3. (a) Let p and q be distinct odd primes. Show pq is a pseudoprime to the base 2 if and only if ord q 2 divides p 1 and ord p 2 divides q 1. (b) Which of 13 67, 19 73, 23 89, and 29 97 are pseudoprimes to the base 2? Solution :(a) Suppose pq is a pseudoprime to the base 2. Since gcd(2, pq) = 1, 2 pq 1 1 mod pq. In particular, 2 pq 1 1 mod p. It follows that ord p 2 divides pq 1. On the other hand, Euler s Theorem ensures that ord p 2 divides p 1. Observing q 1 = pq 1 q(p 1), 1

we deduce that ord p 2 divides q 1. By reversing the roles of p and q, the same argument yields ord q 2 divides p 1. Conversely, suppose ord q 2 divides p 1 and ord p 2 divides q 1. Since ord q 2 divides p 1, On the other hand, Euler s Theorem ensures 2 p 1 1 mod q. 2 p(q 1) 1 mod q. Therefore, 2 pq 1 = 2 p(q 1)+p 1 = 2 p(q 1) 2 p 1 1 1 = 1 mod q. (1) A similar argument shows that 2 pq 1 1 mod p. (2) Since p and q are relatively prime, (1) and (2) allows us to deduce 2 pq 1 1 mod pq, which shows that pq is a pseudoprime to the base 2. (b) If ord p 2 divides q 1 then it divides d = gcd(q 1, φ(p)) = gcd(q 1, p 1). In particular, one 2 d 1 mod p. Conversely, if the last equation is satisfied then ord p 2 divides d, hence afortiori it divides q 1. In the case pq = 13 67, we have gcd(q 1, p 1) = gcd(66, 12) = 6. Since 2 6 = 64 1 mod 13, the preceding discusssion shows ord 13 2 does not divide 66. Part(a) allows us to conclude that 13 67 is not a pseudoprime to the base 2. In the case pq = 19 73, gcd(72, 18) = 18. Euler s Theorem ensures that On the other hand, hence 2 18 1 mod 19 2 6 = 64 9 mod 73, 2 18 = (2 6 ) 3 ( 9) 3 = 729 1 mod 73. The preceding discussion shows that ord 19 2 divides 72 and ord 73 2 divides 18. Part (a) allows us to conclude that 19 73 is a pseudorpime to the base 2. In the case pq = 23 89, gcd(22, 88) = 22. By Fermat s Little Theorem, 2 22 1 mod 23. 2

Furthermore, direct calculation shows 2 11 = 2048 1 mod 89. The preceding discussion shows that ord 89 2 divides 22 and ord 23 2 divides 88, thus 23 89 is a pseudoprime to the base 2. Finally, in the case pq = 29 97, gcd(28, 96) = 4. Observing 2 4 = 16 is not congruent to 1 modulo 29, the preceding discussion shows that ord 29 2 does not divide 96. Part (a) allows to deduce that 29 97 is not a pseudoprime to the base 2. In summary, only 19 73 and 23 89 are pseudoprimes to the base 2. Exercise 3. (a) Show that the integer 20 has no primitive roots. (b) Find a primitive root modulo each of the following integers. (i) 14. (ii) 18. (c) Find a complete set of incongruent primitive roots of 17. Solutions : (a) If a is relatively prime to 20 then it is relatively prime to 5 and 4. Observing φ(5) = 4, Euler s Theorem yields a 4 1 mod 5. (1) Similarly, since φ(4) = 2, Euler s Theorem yields a 2 1 mod 4, hence a 4 = (a 2 ) 2 1 2 = 1 mod 4. (2) In light of the fact gcd(4, 5) = 1, the identities (1) and (2) combine with the Chinese Remainder Theorem to allow us to conclude a 4 1 mod 20. In particular, ord 20 a 4. Since φ(20) = φ(4)φ(5) = 2 4 = 8, it follows immediately that 20 has no primitive root. (b) (i) From lectures, we know that 3 is a primitive root of 7. Since 3 is odd and 14 = 2 7, Lemma 4 2 3 allows us conclude that 3 is a primitive root of 14. (ii) From lectures, we know that 2 is a primitive root of 9. It cannot be a primitive root of 18, since 2 is not relatively prime to 18. Consider 11 = 2 + 9. Since 11 2 mod 9, 11 is also a primitive root modulo 9. Since it is odd and 18 = 2 9, Lemma 4 2 3 allows us to conclude that 11 is a primitive root of 18. (c) Observing φ(17) = 16, if a is reduced modulo 17 then ord 17 a {1, 2, 4, 8, 16}. Searching for a primitive root, we first consider the case a = 2. Calculations show 2 2 = 4 1 mod 17 2 4 = 16 1 mod 17 2 8 = 256 = 1 + 255 = 1 + 15 17 1 mod 17 3

It follows that ord 17 2 = 8. Observing that the order of a power divides that of the base, no power of 2 can be a primitive root of 17. Observing 2, 4, 8, 16, 32, 64, 128, 256 is a complete set of incongruent power of 2 modulo 17, it follows that none of 2, 4, 8, 16, 15, 13, 9, 1 is a primitive root of 17. Modulo 17, the primitive roots must lie among On the other hand, from lectures we know that one has 3, 5, 6, 7, 10, 11, 12, 14 (1) φ(16) = φ(2 4 ) = 2 3 = 8 incongruent primitive roots of 17. It follows immediately that (1) is a complete listing of the primitive roots of 17. Alternate Solution : Observing φ(17) = 16, if a is reduced modulo 17 then Taking a = 3, we note ord 17 a {1, 2, 4, 8, 16}. 3 1 mod 17 3 2 = 9 1 mod 17 3 4 = 81 4 mod17 3 8 = (3 4 ) 2 ( 4) 2 = 16 1 mod 17 In light of the restrictions on ord 17 3, the preceding calculations allows us to deduce ord 17 3 = 16 = φ(17), i.e. 3 is a primitive root of 17. Since 3 is a primitive root of 17, 3 k, 1 k 16 is a reduced residue system modulo 17. Recalling that 3 k is a primitive root if and only if gcd(k, 16) = 1, we deduce 3, 3 3, 3 5, 3 7, 3 9, 3 11, 3 13, 3 15 is a complete set of incongruent primitive roots of 17. Exercise 4. (a) Let r be a primitive root of a prime p. If p 1 mod 4, show r is also a primitive root. (b) Find the least positive residue of the product of a set of φ(p 1) incongruent primitive roots modulo a prime p. (c) Let p be a prime of the form p = 2q + 1 where q is an odd prime. If a is an integer with 1 < a < p 1, show p a 2 is a primitive root modulo p. Solution : (a) Recalling r φ(p)/2 1 mod p, we deduce Writing r r φ(p)/2 r = r (φ(p)+2)/2 mod p. p = 4n + 1, 4

we have Observing we deduce φ(p) = 4n and φ(p) + 2 2 1 = (2n 1)(2n + 1) (4n), gcd(φ(p), (φ(p) + 2)/2) = 1. = 2n + 1. Since ord p r = φ(p), the preceding allows us to conclude ord p ( r) = ord p r (φ(p)+2)/2 = φ(p) gcd(φ(p), (φ(p) + 2)/2) = φ(p). (b) If p = 2 then 1 is the unique primitive root modulo 2, so the product of a set of representatives of the the primitive roots modulo 2 is congruent to 1 mod 2. In the case p = 3, 1 is the unique primitive root modulo 3, so the product of a set of representative of the primitive roots modulo 3 is congruent to 1 2 modulo 3. If p > 3 then p 1 > 2, hence φ(p 1) is even. Let r be a primitive root modulo p. Observing r is reduced, it has an inverse r modulo p. In fact, the identity r p 1 1 mod p allows us to deduce r r p 2 mod p. Observing gcd(p 1, p 2) = 1, we conclude that r has order p 1, hence is a primitive root of p. If r r mod p then r 2 = r r r r 1 mod p. In this case, p 1 = ord p r would divide 2, hence p 3, a contradiction. Consider a product of φ(p 1) incongruent roots of p. In light of the previous paragraph, each root can be paired with its inverse, yielding φ(p 1)/2 pairs of factors. Since the product of each pair is congruent to 1 modulo p, we deduce that the product of all the factors is congruent to 1 modulo p. In summary, if p = 2 or > 3 then the least positive residue of the product of φ(p 1) incongruent primitive roots of p is 1. In the case p = 3, the least positive residue is 2. (c) Observing φ(p) = 2q, the fact q is an odd prime allows us to conclude that if x is reduced modulo p then ord p x {1, 2, q, 2q}. Now consider p a 2. In light of Fermat s Little Theorem, (p a 2 ) q ( a 2 ) q = ( 1) q a 2q 1 mod p, since q is odd. It follows that p a 2 does not have order q. If p a 2 is not a primitive root of p then the preceding discussion shows that its order is either 1 or 2, i.e. divides 2. In this case, one would have 1 = (p a 2 ) 2 ( a 2 ) 2 = a 4 mod p. In particular, ord p a must divide 4, hence is either 1 or 2. Observing that 1 is the unique residue class of order 1 and 1 is that of order 2, it would follow that a ±1 mod p. 5

This contradicts the assumption 1 < a < p 1. We conclude p a 2 is a primitive root of p, as required. Exercise 5. (a) Find a primitive root for each of the following moduli. (i) 17 2. (ii) 26. (iii) 2662. (iv) 37 k, k is a positive integer. (b) Find all the primitive roots modulo 38. Solution : (a) (i) From exercise 3(c), 3 is a primitive root of 17. Noting 3 4 = 81 = 4 + 5 17 we have Therefore, 3 8 = (3 4 ) 2 = ( 4 + 5 17) 2 16 40 17 1 7 17 mod 17 2. 3 16 = (3 8 ) 2 ( 1 7 17) 2 1 + 14 17 mod 17 2. In particular, 3 16 1 mod 17. The proof of Theorem 9 allows us to conclude that 3 is a primitive root of 17 2. (ii) We note 26 = 2 13. Observing φ(13) = 12, if a is relatively prime to 13 then ord 13 a divides 12. Observing 2 2 = 4, 2 3 = 8, 2 4 = 16 3 mod 13, 2 6 = 64 1 mod 13, we deduce that 2 is a primitive root of 13. Since 2 is an even primitive root of 13, Theorem 42/3 allows us conclude that 2 + 13 = 15 is a primitive root of 26. (iii) We observe that 2662 = 2 (11) 3. As 2 2 = 4, 2 5 = 32 1 mod 11, the order of 2 modulo 11 is neither 1, 2, or 5. Since it is a divisor of φ(11) = 10, we deduce that ord 11 2 = 10. In particular, 2 is a primitive root of 11. We calculate 2 10 = (2 5 ) 2 = (32) 2 = ( 1 + 33) 2 1 66 = 65 mod 121. In particular, 2 10 1 mod 121, so Theorem 9 tells us that 2 is a primitive root of 121 = (11) 2. Theorem 11 allows us to conclude 2 is a primitive root for any positive power of 11; in particular, it is a primitive root of 1331 = (11) 3. Since 2 is a even primitive root of 1331, we conclude 2 + 1331 = 1333 is a primitive root of 2 1331 = 2662. (iv) We first note φ(37) = 36. 6

Furthermore, 2 2 = 4, 2 3 = 8, 2 4 = 16, 2 6 = 64 10 mod 37, 2 9 = 512 6 mod 37, 2 12 = 4096 26 mod 37, 2 18 ( 6) 2 = 36 1 mod 37. Observing ord 37 2 divides 36, the preceding calculations allow us to conclude that 2 is a primitive root of 37. Since 2 9 = 6 + 14 37, we have 2 18 ( 6 + 14 37) 2 36 168 37 36 + 17 37 1 + 18 37 mod 37 2 In particular, 2 18 is not congruent to 1 modulo 37 2. It follows from Theorem 9 that 2 is a primitive root of 37 2. Theorem 11 allows us to conclude that 2 is a primtive root of (37) k for all k 1. (b) We first note 38 = 2 19. Observing 2 2 = 4, 2 3 = 8, 2 6 = 64 7 mod 19, 2 9 = 2 3 2 6 8 7 = 56 1 mod 19, the fact ord 19 2 divides φ(19) = 18 allows us to conclude that 2 is a primitive root of 19. Since 2 is even, Theorem 42/3 allows us to conclude that 2 + 19 = 21 is a primitive root of 38. Observing φ(38) = φ(2)φ(19) = 18, every reduced residue class modulo 38 can be uniquely expressed in the form 21 k, 1 k 18. Such a class is a primitive root if and only if it has order 18 = ord 38 21. As this occurs precisely when k is relatively prime to 18 = φ(38), we deduce 21, 21 5, 21 7, 21 11, 21 13, 21 17 is a complete listining of the incongruent primitive root modulo 38. Exercise 6. Let p be an odd prime and t a positive integer. Show that p t and 2p t have the same number of primitive roots. Solution : From the lectures, there exists r which is a primitive root of both p t and 2p t. Observing φ(p t ) = φ(p 2t ), it follows that r k, 1 k φ(p t ) is a reduced residue system for both p t and 2p t. In each cases, the primitive roots correspond to the exponents k with gcd(k, φ(p t )) = 1, hence we see that there are primitive roots in each case. φ(φ(p t )) = φ(φ(2p t )) Bonus Question. Suppose n be a positive integer possessing a primitive root r. Using r show that the product of all positive integers less than n and relatively prime to n is congruent to 1 modulo n. (This is an extension of Wilson s Theorm, which is the special case n = p is prime.) 7

Solution : The case n = 1 or n = 2 are trivial. We consider the case n > 2, in which case φ(n) is even. Since r is a primitive root, r k, 1 k φ(n), is a reduced residue system modulo n. Since the set of positive integers less than n and relatively prime to n also form a reduced residue system modulo n, we deduce that that product of the latter elements is congruent modulo n to φ(n) k=1 r k φ(n) = r k k=1 = r φ(n)(φ(n)+1)/2. Consider the element r φ(n)/2. We note that it has order 2. On the other hand, if 1 k φ(n) has the property that r k has order 2 then the formula for the order of r k yields In particular, Since r k does not have order 1, we deduce gcd(k, φ(n)) = φ(n) 2. φ(n) 2 k φ(n). k = φ(n)/2. The preceding paragraph allows us to conclude that r φ(n)/2 is the unique reduced residue of order 2. Observing that 1 is a reduced residue of order 2, we conclude that Thus, φ(n) k=1 since φ(n) + 1 is odd. r k = r φ(n)(φ(n)+1)/2 = r φ(n)/2 1 mod n. ( r φ(n)/2) φ(n)+1 ( 1) φ(n)+1 = 1 mod n, 8

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback