INTEGERS. In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes.

Similar documents
Proofs. Methods of Proof Divisibility Floor and Ceiling Contradiction & Contrapositive Euclidean Algorithm. Reading (Epp s textbook)

NOTES ON SIMPLE NUMBER THEORY

MATH 2112/CSCI 2112, Discrete Structures I Winter 2007 Toby Kenney Homework Sheet 5 Hints & Model Solutions

Ma/CS 6a Class 2: Congruences

Ch 4.2 Divisibility Properties

Direct Proof MAT231. Fall Transition to Higher Mathematics. MAT231 (Transition to Higher Math) Direct Proof Fall / 24

Homework #2 solutions Due: June 15, 2012

Chapter 5. Number Theory. 5.1 Base b representations

Part IA Numbers and Sets

then the hard copy will not be correct whenever your instructor modifies the assignments.

1 Overview and revision

2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

Modular Arithmetic (Read Sections 4.1 thro 4.4)

CS483 Design and Analysis of Algorithms

Exercises Exercises. 2. Determine whether each of these integers is prime. a) 21. b) 29. c) 71. d) 97. e) 111. f) 143. a) 19. b) 27. c) 93.

Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya

Math Circle Beginners Group February 28, 2016 Euclid and Prime Numbers Solutions

2 Elementary number theory

Discrete Mathematics GCD, LCM, RSA Algorithm

Wednesday, February 21. Today we will begin Course Notes Chapter 5 (Number Theory).

MATH 501 Discrete Mathematics. Lecture 6: Number theory. German University Cairo, Department of Media Engineering and Technology.

4 Number Theory and Cryptography

Beautiful Mathematics

Ma/CS 6a Class 2: Congruences

Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography

Number Theory Proof Portfolio

3 The fundamentals: Algorithms, the integers, and matrices

Math.3336: Discrete Mathematics. Primes and Greatest Common Divisors

Definitions. Notations. Injective, Surjective and Bijective. Divides. Cartesian Product. Relations. Equivalence Relations

(e) Commutativity: a b = b a. (f) Distributivity of times over plus: a (b + c) = a b + a c and (b + c) a = b a + c a.

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

WORKSHEET MATH 215, FALL 15, WHYTE. We begin our course with the natural numbers:

PUTNAM TRAINING NUMBER THEORY. Exercises 1. Show that the sum of two consecutive primes is never twice a prime.

not to be republished NCERT REAL NUMBERS CHAPTER 1 (A) Main Concepts and Results

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

a = qb + r where 0 r < b. Proof. We first prove this result under the additional assumption that b > 0 is a natural number. Let

Chapter 3 Basic Number Theory

MATH 145 Algebra, Solutions to Assignment 4

Chapter 1 : The language of mathematics.

Math Circle Beginners Group February 28, 2016 Euclid and Prime Numbers

Integers and Division

Notes on Systems of Linear Congruences

4. Number Theory (Part 2)

Discrete Mathematics Logics and Proofs. Liangfeng Zhang School of Information Science and Technology ShanghaiTech University

Ma/CS 6a Class 1. Course Details

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

4 Powers of an Element; Cyclic Groups

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

Final Exam Review. 2. Let A = {, { }}. What is the cardinality of A? Is

MATH 215 Final. M4. For all a, b in Z, a b = b a.

Applied Cryptography and Computer Security CSE 664 Spring 2017

Lecture 11: Number Theoretic Assumptions

Chapter 2. Divisibility. 2.1 Common Divisors

OWO Lecture: Modular Arithmetic with Algorithmic Applications

NUMBER THEORY AND CODES. Álvaro Pelayo WUSTL

2.2 Inverses and GCDs

The following techniques for methods of proofs are discussed in our text: - Vacuous proof - Trivial proof

Lecture 14: Hardness Assumptions

Part IA Numbers and Sets

Math 109 HW 9 Solutions

CSE 20 DISCRETE MATH. Winter

Math 511, Algebraic Systems, Fall 2017 July 20, 2017 Edition. Todd Cochrane

MATH FINAL EXAM REVIEW HINTS

ALGEBRA. 1. Some elementary number theory 1.1. Primes and divisibility. We denote the collection of integers

Mathematical Foundations of Public-Key Cryptography

Slides by Christopher M. Bourke Instructor: Berthe Y. Choueiry. Spring 2006

CSE20: Discrete Mathematics

Contribution of Problems

Chapter 8 Public-key Cryptography and Digital Signatures

CS280, Spring 2004: Prelim Solutions

1. Factorization Divisibility in Z.

Chapter 1. Greatest common divisor. 1.1 The division theorem. In the beginning, there are the natural numbers 0, 1, 2, 3, 4,...,

Number Theory and Group Theoryfor Public-Key Cryptography

Number Theory Basics Z = {..., 2, 1, 0, 1, 2,...} For, b Z, we say that divides b if z = b for some. Notation: b Fact: for all, b, c Z:

CIS 551 / TCOM 401 Computer and Network Security

Public Key Cryptography

PMATH 340 Lecture Notes on Elementary Number Theory. Anton Mosunov Department of Pure Mathematics University of Waterloo

The set of integers will be denoted by Z = {, -3, -2, -1, 0, 1, 2, 3, 4, }

MATH 271 Summer 2016 Practice problem solutions Week 1

Chapter 5: The Integers

Discrete mathematics I - Number theory

WORKSHEET ON NUMBERS, MATH 215 FALL. We start our study of numbers with the integers: N = {1, 2, 3,...}

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

5: The Integers (An introduction to Number Theory)

An Algorithm for Prime Factorization

Elementary Number Theory and Cryptography, 2014

Topics in Cryptography. Lecture 5: Basic Number Theory

MATH 361: NUMBER THEORY FOURTH LECTURE

LECTURE NOTES IN CRYPTOGRAPHY

7.2 Applications of Euler s and Fermat s Theorem.

Computational Number Theory. Adam O Neill Based on

2. Cryptography 2.5. ElGamal cryptosystems and Discrete logarithms

Elementary Number Theory MARUCO. Summer, 2018

REAL NUMBERS. Any positive integer a can be divided by another positive integer b in such a way that it leaves a remainder r that is smaller than b.

Foundations of Computer Science Lecture 10 Number Theory

Notes for Math 290 using Introduction to Mathematical Proofs by Charles E. Roberts, Jr.

cse547, math547 DISCRETE MATHEMATICS Professor Anita Wasilewska

Introduction to Sets and Logic (MATH 1190)

Review. CS311H: Discrete Mathematics. Number Theory. Computing GCDs. Insight Behind Euclid s Algorithm. Using this Theorem. Euclidian Algorithm

MATH 55 - HOMEWORK 6 SOLUTIONS. 1. Section = 1 = (n + 1) 3 = 2. + (n + 1) 3. + (n + 1) 3 = n2 (n + 1) 2.

Transcription:

INTEGERS PETER MAYR (MATH 2001, CU BOULDER) In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes. 1. Divisibility Definition. Let a, b Z. Then a b (a divides c) if there exists q Z such that b = aq (Then we also call a a divisor of c and c a multiple of a). Definition. p N is prime if p > 1, and 1 and p are the only divisors of p. Otherwise p is composite. Lemma 1. Let a, b, c Z. If a b and a c, then a b + c. Proof. Assume a b and a c. We want to show a b + c. By definition of divisibility, b, c are both multiples of a. That is, we have m, n Z such that b = ma, c = na. Consider b + c = ma + na = (m + n)a. Since m + n Z, we see that b + c is a multiple of a. Thus a b + c. Definition. a Z is even if 2 a, i.e., a = 2n for some n Z. a Z is odd if 2 a, i.e., a = 2n + 1 for some n Z. Lemma 2. Let a Z. If a is odd, then a 2 is odd. Proof. Assume a is odd. We want to show a 2 is odd. By definition, we have n Z such that a = 2n + 1. Consider Thus a 2 is odd. a 2 = (2n + 1) 2 = 4n 2 + 4n + 1 = 2(2n 2 + 2n) + 1. The previous two Lemmas are conditional statements: If P, then Q. We used what is called a direct proof to show them: Date: April 12, 2018. Assume P holds. Show that Q holds.

2 PETER MAYR (MATH 2001, CU BOULDER) 2. The greatest common divisor Definition. The greatest common divisor gcd(a, b) of integers a, b is the largest integer d that divides both a and b. The least common multiple lcm(a, b) of integers a, b is the smallest positive integer m such that a m and b m. Example. Fact. For a, b N, (to be proved later). gcd(18, 24) = 6 lcm(18, 24) = 72 gcd(10, 4) = 2 lcm(10, 4) = 20 gcd(5, 0) = 5 lcm(5, 0) not defined gcd(0, 0) not defined gcd(a, b) lcm(a, b) = ab How to compute the gcd? Instead of factoring the numbers, the following lemma allows us to reduce to smaller numbers. Lemma 3. Let a, b, q Z. Then gcd(a, b) = gcd(a qb, b). Example. The Euclidean algorithm for computing the gcd is based on Lemma 3. We explain it by an example: gcd(30, 12) = gcd(30 2 12, 12) = gcd(12, 6) = gcd(12 2 6, 6) = gcd(0, 6) = 6 In each step we subtract a multiple of the smaller number from the bigger until we get to 0. Then gcd(0, a) = a for a N. 3. The division algorithm In the Euclidean algorithm for gcd(a, b) we want to subtract an as large as possible multiple qb from a to get a number a qb that is strictly smaller than b. This is always possible because of the following: Division Algorithm. For all a, b Z with b > 0, there exist uniquely determined integers q, r (quotient, remainder) with 0 r < b such that Example. For b = 5, a = qb + r. 11 = 2 b + 1 11 = ( 3)b + 4 Note that the remainder r is always non-negative. Proof of the Division Algorithm. We have to show

INTEGERS 3 (1) q, r exist, (2) q, r are unique. Proof of (1). Consider the set of all non-negative integers of the form a minus a multiple of b, A := {n N 0 : n = a qb for q Z} For r we want to pick the smallest element in A. This exists by the following property of the natural numbers that we take without proof. Well-ordering of N 0. Every non-empty subset of N 0 has a least element. Let r N 0 be the least element in A, let q Z with a qb = r. Claim. r < b Proof by contradiction. Assume r b. Then r b = r (q + 1)b A and r b < r. This contradicts the assumption that r is smallest in A. Hence our assumption that r b cannot be true. We have r < b. This completes the proof of (1). We omit the proof of (2). Here we used a proof by contradiction to show a statement P : Assume P. Show this implies FALSE (a contradiction). Then the assumption P must have been FALSE. Hence P is TRUE. 4. Bezout s identity The Euclidean algorithm also allows us to write gcd(a, b) as a sum of a multiple of a and a multiple of b. Again we explain how to do that by an example. Example. We compute gcd(147, 33) by repeatedly subtracting multiples of the smaller number from the bigger. Additionally we record how to write each number as a sum of multiples of 147 and 33. 147 =1 147 + 0 33 33 =0 147 + 1 33 subtract 4 times from the previous equation 15 =1 147 4 33 subtract 2 times from the previous 3 = 2 147 + 9 33 subtract 5 times from the previous 0 In the penultimate line we find gcd(147, 33) = 3 = 2 147 + 9 33.

4 PETER MAYR (MATH 2001, CU BOULDER) Bezout s identity. Let a, b Z, not both 0. Then there exist u, v Z such that gcd(a, b) = u a + v b u, v are called Bezout s cofactors and can be computed by the Euclidean algorithm. Proof. Follows from the Euclidean algorithm. Euclid s Lemma. Let p be prime, a, b Z. If p ab, then p a or p b. Proof. Exercise. 5. Checking for primes Lemma 4. Let a, b, c N. If ab = c, then a c or b c. Contrapositive proof. Assume a > c and b > c. Show ab c. By assumption ab > c c = c. Hence ab c. Above we showed the statement If P, then Q by proving its contrapositive If Q, then P (which is logically equivalent). This is called a contrapositive proof: Assume Q. Show P. Corollary 5. If a Z is not prime, then it has a divisor d with 1 < d a. 6. Irrationality of 2 Lemma 6. Let a Z. Then a is even iff a 2 is even. Definition. x R is rational if x = a for some a, b Z with b > 0; b otherwise x is irrational. Theorem 7. 2 is irrational. Proof by contradiction. Suppose 2 is rational. Then we have a, b Z with gcd(a, b) = 1 such that 2 = a b By squaring 2b 2 = a 2 Hence a 2 is even. By Lemma 6 also a is even. So a = 2c for some c Z. Then 2b 2 = (2c) 2 = 4c 2

INTEGERS 5 yields b 2 = 2c 2. So b 2 and consequently b is even by Lemma 6. c Now 2 a and 2 b contradict our assumption that gcd(a, b) = 1. Thus our assumption was wrong, no such a, b exist, and 2 is not rational. Definition. Let a, b Z, n N. 7. Modular arithmetic (1) a mod n is the remainder of a by division by n. So a mod n {0,..., n 1}. (2) a, b are congruent modulo n (written a b mod n or a n b) if n a b. Note a b mod n iff a mod n = b mod n. Lemma 8. Let a, b, c, d Z, n N with a b mod n and c d mod n. Then (1) a + c b + d mod n, (2) a c b d mod n. Proof. Exercise. 7.1. An application in cryptography. Problem. Alice and Bob want to agree on a secret number (a key) over the internet where others might listen in on their conversation (an unsecure channel). Afterwards this secret key can be used to encode messages between Alice and Bob. There are several ways to do this. The following is used in internet traffic for example. Algorithm (Diffie-Hellman key exchange). (1) Alice and Bob agree on a prime p and a base g (public). E.g. p = 31, g = 3 (2) Alice chooses a secret integer a > 0, sends x = g a mod p to Bob. E.g., a = 4, x = 3 4 mod 31 = 9 2 mod 31 = 19 Bob chooses a secret integer b > 0, sends y = g b Alice. E.g., b = 6, y = 3 6 mod 31 = 3 4 3 2 mod 31 = 19 9 mod 31 = 16 mod p to

6 PETER MAYR (MATH 2001, CU BOULDER) (3) Having received y, Alice computes s = y a mod p. s = 16 4 mod 31 = 2 Having received x, Bob computes s = x b mod p. s = 19 6 mod 31 = 2 Remark. (1) Note that Alice and Bob both compute the same number s above since by Lemma 8 x b (g a ) b g ab g ba (g b ) a y a mod p. (2) Only a, b, s are kept secret (never transmitted) whereas p, g, x, y can be sent publicly. (3) To compute s from p, g, x, y you need to know a or b. If p, a, b are large enough (in practice, p 2 1024 ), then it is computationally hard to find a from x and g (this is called the discrete logarithm problem). 8. Prime factorizations First we generalize Euclid s Lemma from 2 to an arbitrary number of factors. Lemma 9. Let n N, a 1,..., a n Z, p prime. If p a 1 a n, then p a i for at least one i {1,..., n}. Proof by induction on n. Basis step: For n = 1, p a 1 and the statement is true. Induction hypothesis: For a fixed k N, if p a 1 a k, then p a i for at least one i {1,..., k}. Inductive step: Show that the statement is true for n = k + 1. So assume p a 1 a k+1. Writing a 1 a k+1 = (a 1 a k )a k+1 as the product of 2 factors, Euclid s Lemma yields that p a 1 a k or p a k+1. In the first case the induction hypothesis yields p a i for at least one i {1,..., k}. Thus p a 1 or p a 2 or... p a k or p a k+1. The induction step is proved and so is the Lemma. Induction. To show that a statement S n is true for every n N: (1) basis step: Show S 1. (2) inductive step: Show S k S k+1 for any k N.

INTEGERS 7 Fundamental Theorem of Arithmetic. (1) Every integer n > 1 has a factorization into primes n = p 1 p 2 p k. (2) This prime factorization of n is unique up to ordering. That is, if n = p 1 p 2 p k = q 1 q 2 q l for primes p 1,..., p k, q 1,..., q l, then k = l and (p 1,..., p k ) is a permutation of (q 1,..., q k ). Proof of (1) by strong induction on n. Basis step: n = 2 is a prime. Induction assumption: Assume for a fixed n N that all numbers n can be written as a product of primes. Inductive step: Show n + 1 can be written as a product of primes. We distinguish two cases: Case, n + 1 is prime: Then n + 1 has a prime factorization (just itself). Case, n + 1 is not prime: Then n + 1 = ab for some 1 < a, b < n + 1. Since a, b n, the induction assumption applies to them. Then we have primes p 1,..., p k, q 1,..., q l such that a = p 1 p k, b = q 1 q l. Now n+1 = p 1 p k q 1 q l is also a product of primes. The induction step is proved and so is item (1) of the theorem. Proof of (2) by minimal counterexample. Seeking a contradiction suppose that the statement is wrong. Then there is some counter-example, moreover since N is well-ordered, there must be a minimal counterexample n (Note that n > 2 because 2 has exactly one prime factorization). So let n = p 1 p 2 p k = q 1 q 2 q l for primes p 1,..., p k and q 1,..., q l that are not a permutation of each other. Since p 1 q 1 q 2 q l, we obtain that p 1 divides some q i by the previous lemma. But since q i is prime, this means p 1 = q i. So dividing by p 1 yields n = p 2 p k = q 1 q 2 q i 1 q i+1 q l. p 1 Now p 2,..., p k and q 1,..., q i 1, q i+1,..., q l are not permutations of each other because otherwise p 1,..., p k and q 1,..., q l would have been permutations of each other. That means n p 1 has two different prime factorizations and is a counter-example to statement (2) contradicting our assumption that n was the smallest counter-example.

8 PETER MAYR (MATH 2001, CU BOULDER) But if there cannot be a smallest counter-example, there cannot be any counter-example at all, which means that (2) is true for all n N. Item (1) of the Fundamental Theorem was proved by Strong Induction. To show that a statement S n is true for every n N: (1) basis step: Show S 1. (2) inductive step: Show S 1 S 2 S k S k+1 for any k N. Induction is called strong if you use the induction assumption that all statements S 1,..., S k hold, not just S k, in order to prove S k+1. Item (2) of the Fundamental Theorem was proved by a special version of a proof by contradiction: Proof by minimal counter-example. To show that a statement S n is true for every n N: Suppose that k > 1 is smallest such that S k is false. Show that there exists some smaller l < k still such that S l is false. Lemma 10. Let p 1 = 2, p 2 = 3, p 3,... be the list of all primes. Let a = i N pe i i, b = i N pf i i with e i, f i N 0 for all i N. Then (1) gcd(a, b) = i N pmin(e i,f i ) i, (2) lcm(a, b) = i N pmax(e i,f i ) i, (3) gcd(a, b) lcm(a, b) = ab. Proof of (1). Let d = i N pg i i be a divisor of a and of b. Let i N and g i 1. Then p g i cannot divide a by the Fundamental Theorem p e i of Arithmetic. So p g i p e i and g i e i. Similarly g i d i. In any case g i min(e i, f i ) (Note that this is also trivially true for g i = 0). Hence for any common divisor d of a and b we have d i N p min(e i,f i ) i. But clearly i N pmin(e i,f i ) i divides both a and b. Hence it is the gcd of a and b. Proof of (2),(3). Exercise

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback