Integers modulo N. Geoff Smith c 1998

Similar documents
2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

2x 1 7. A linear congruence in modular arithmetic is an equation of the form. Why is the solution a set of integers rather than a unique integer?

a = qb + r where 0 r < b. Proof. We first prove this result under the additional assumption that b > 0 is a natural number. Let

2 Arithmetic. 2.1 Greatest common divisors. This chapter is about properties of the integers Z = {..., 2, 1, 0, 1, 2,...}.

WORKSHEET ON NUMBERS, MATH 215 FALL. We start our study of numbers with the integers: N = {1, 2, 3,...}

1 Overview and revision

The following is an informal description of Euclid s algorithm for finding the greatest common divisor of a pair of numbers:

Chapter 5. Number Theory. 5.1 Base b representations

1. multiplication is commutative and associative;

NOTES ON SIMPLE NUMBER THEORY

NUMBER SYSTEMS. Number theory is the study of the integers. We denote the set of integers by Z:

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

ALGEBRA. 1. Some elementary number theory 1.1. Primes and divisibility. We denote the collection of integers

Elementary Algebra Chinese Remainder Theorem Euclidean Algorithm

An integer p is prime if p > 1 and p has exactly two positive divisors, 1 and p.

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

CHAPTER 6. Prime Numbers. Definition and Fundamental Results

INTEGERS. In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes.

5: The Integers (An introduction to Number Theory)

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

8 Primes and Modular Arithmetic

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

MATH 215 Final. M4. For all a, b in Z, a b = b a.

Definitions. Notations. Injective, Surjective and Bijective. Divides. Cartesian Product. Relations. Equivalence Relations

Ma/CS 6a Class 2: Congruences

WORKSHEET MATH 215, FALL 15, WHYTE. We begin our course with the natural numbers:

Math Circle Beginners Group February 28, 2016 Euclid and Prime Numbers Solutions

PUTNAM TRAINING NUMBER THEORY. Exercises 1. Show that the sum of two consecutive primes is never twice a prime.

Mathematics for Cryptography

Commutative Rings and Fields

All variables a, b, n, etc are integers unless otherwise stated. Each part of a problem is worth 5 points.

4 Powers of an Element; Cyclic Groups

Ma/CS 6a Class 2: Congruences

Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya

The Chinese Remainder Theorem

Homework 3, solutions

Math 511, Algebraic Systems, Fall 2017 July 20, 2017 Edition. Todd Cochrane

MATH 3330 ABSTRACT ALGEBRA SPRING Definition. A statement is a declarative sentence that is either true or false.

The group (Z/nZ) February 17, In these notes we figure out the structure of the unit group (Z/nZ) where n > 1 is an integer.

Notes on Systems of Linear Congruences

2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer.

ECEN 5022 Cryptography

4 PRIMITIVE ROOTS Order and Primitive Roots The Index Existence of primitive roots for prime modulus...

Chapter 5: The Integers

Rings and modular arithmetic

CHAPTER 4: EXPLORING Z

Number Theory. Introduction

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

However another possibility is

Lecture notes: Algorithms for integers, polynomials (Thorsten Theobald)

11 Division Mod n, Linear Integer Equations, Random Numbers, The Fundamental Theorem of Arithmetic

* 8 Groups, with Appendix containing Rings and Fields.

3.2 Solving linear congruences. v3

Contribution of Problems

Course MA2C02, Hilary Term 2013 Section 9: Introduction to Number Theory and Cryptography

CHAPTER 3. Congruences. Congruence: definitions and properties

a the relation arb is defined if and only if = 2 k, k

4.4 Solving Congruences using Inverses

Chapter 5.1: Induction

1. Factorization Divisibility in Z.

Lecture Notes. Advanced Discrete Structures COT S

32 Divisibility Theory in Integral Domains

Arithmetic Algorithms, Part 1

Beautiful Mathematics

12x + 18y = 50. 2x + v = 12. (x, v) = (6 + k, 2k), k Z.

MATH 2112/CSCI 2112, Discrete Structures I Winter 2007 Toby Kenney Homework Sheet 5 Hints & Model Solutions

Chapter 14: Divisibility and factorization

Number Theory Notes Spring 2011

7. Prime Numbers Part VI of PJE

Chapter 5. Modular arithmetic. 5.1 The modular ring

A field F is a set of numbers that includes the two numbers 0 and 1 and satisfies the properties:

MATH FINAL EXAM REVIEW HINTS

Lecture 2. The Euclidean Algorithm and Numbers in Other Bases

2. THE EUCLIDEAN ALGORITHM More ring essentials

Module 1. Integers, Induction, and Recurrences

Wilson s Theorem and Fermat s Little Theorem

3 The fundamentals: Algorithms, the integers, and matrices

Math Circle Beginners Group February 28, 2016 Euclid and Prime Numbers

MATH 361: NUMBER THEORY FOURTH LECTURE

Part V. Chapter 19. Congruence of integers

MATH 4400 SOLUTIONS TO SOME EXERCISES. 1. Chapter 1

4 Number Theory and Cryptography

Elementary Properties of the Integers

Number theory lectures

p = This is small enough that its primality is easily verified by trial division. A candidate prime above 1000 p of the form p U + 1 is

Math 131 notes. Jason Riedy. 6 October, Linear Diophantine equations : Likely delayed 6

AN ALGEBRAIC PROOF OF RSA ENCRYPTION AND DECRYPTION

Modular Arithmetic and Elementary Algebra

Number theory. Myrto Arapinis School of Informatics University of Edinburgh. October 9, /29

Math1a Set 1 Solutions

MATH10040 Chapter 1: Integers and divisibility

MATH 115, SUMMER 2012 LECTURE 4 THURSDAY, JUNE 21ST

The Euclidean Algorithm and Multiplicative Inverses

4. Number Theory (Part 2)

Practice Number Theory Problems

Rings If R is a commutative ring, a zero divisor is a nonzero element x such that xy = 0 for some nonzero element y R.

Wednesday, February 21. Today we will begin Course Notes Chapter 5 (Number Theory).

A SURVEY OF PRIMALITY TESTS

LECTURE NOTES IN CRYPTOGRAPHY

Transcription:

Integers modulo N Geoff Smith c 1998 Divisibility Suppose that a, b Z. We say that b divides a exactly when there is c Zsuch that a = bc. We express the fact that b divides a in symbols by writing b a. Observations We leave the reader to verify all of the following simple facts. (a) x 0 for every x Z. (b) Suppose that y Zand 0 y, then y =0. (c) Both a b and b a if and only if a = b. (d) If a b and b c, then a c. (e) If a b and k Z, then a kb. (f) If a b and a c, then a (b ± c). Various relations Suppose that N N. We define a relation on Zby writing a b exactly when N (a b). It is easy to check that is an equivalence relation. If x Z, then the equivalence class [x] which contains x is {x + kn k Z}. The set of equivalence classes is written Z N. An Example Suppose that N = 3.There are exactly three equivalence classes of. They are {... 9, 6, 3,0,3,6,9...} and {... 8, 5, 2,1,4,7,10...} 1

2 {... 7, 4, 1,2,5,8,11...}. We could write the first of these classes as [0], [3], [6], [ 3], or as the equivalence class of any one of its elements. However, the square brackets can get a little annoying. We can use a bold font instead, so the first equivalence class is 0(= 3 = 6 = 3 =...) If you are making hand written notes, a neat way to indicate bold type is to underline the symbol. Thus you can write [1] = 1 =1. Addition on Z N. Notice that Z N is a set of size N, and that its distinct elements are precisely 0, 1,...,N 1. We want to define addition of elements of Z N. We do it like this. Suppose x, y Z N.Choosea x,b y.define x + y to be [a+b]. Notice that the plus sign in [a + b] indicates addition of integers. Now, there is something rather dodgy about this recipe. To illustrate the problem, we make a diversion. Let P be the set of all prime numbers, let C be the set of composite numbers and let U = {1}. Thus the sets P, C, U are pairwise disjoint, and N = U P C. Let X = {U, P, C}. Try to define addition on X as follows: when A, B X, choose a A, b B and let A + B to be that element of X which contains a + b. Right, it is bright and early on Monday morning. The phone rings: someone needs to know P +C urgently. You choose 7 P and 6 C. Now 7+6 = 13 P, so you answer that P + C = P. The next day, the same clown phones again, claiming to have mislaid P + C and asking for it again. You choose 3 P and 9 C. Now 3 + 9 = 12 C so you confidently answer that P + C = C. On Wednesday the punter phones once more, having found the scrap of paper on which Monday s answer had been written. The customer is very angry. How come P + C is P on Mondays but C on Tuesdays, even though P C? The problem is that you have freedom of action; you can choose a P and b C and the set where a + b lives depends on which particular a and b you happen to select. Now, this is disturbing because we have allowed this freedom of action when trying to define addition in Z N. However, in that case there is not a problem. To see this, recall that we tried to add x, y Z N by selecting a x,b y,and declaring x + y to be [a + b]. Suppose we do it again (it is now Tuesday!). Choose â x, b y. Now a â and b b. Thus a â = kn for some k Zand b b = ln for some l Z. Thus (a + b) (â + b) =(k+l)n, and so (a + b) (â + b). We conclude that [a + b] =[â+ b] and all is well! We say that the addition on Z N is well-defined. Multiplication on Z N. We define an operation on Z N using the obvious recipe. If x, y Z N we select a x,b y,and declare x y to be [a b]. However, we are now worldly

3 wise, and our doubts are definitely in place. We must check that this makes sense. Choose â x, b y. Now Now a â and b b so a â = kn for some k Zand b b = ln for some l Z. Thus a b =(â+kn) ( b + ln) =â b+(k+l+kl)n. Therefore (a b) (â b) andso[a b]=[â b]. Laws of algebra of Z N The following laws can all be directly verified using the definitions of addition and multiplication in Z N. recall that N is an arbitrary, but fixed, natural number. (a) x + y Z N whenever x, y Z N. (b) (x + y)+z=x+(y+z) whenever x, y, z Z N. (c) x + 0 = 0 + x = x whenever x Z N. (d) If x =[a] Z N,then [a]+[ a]=0. (e) x + y = y + x whenever x, y Z N. (f) x y Z N whenever x, y Z N. (g) (x y) z = x (y z) whenever x, y, z Z N. (h) x 1 = 1 x = x whenever x Z N. (i) x y = y x whenever x, y Z N. (j) x (y + z) =(x y)+(x z) whenever x, y, z Z N. Properties (a) (d) ensure that Z N is a group under addition. Property (e) ensures that this group is abelian (commutative). Properties (f) (h) ensure that Z N is a monoid under multiplication (a monoid is just like a group, except that the inverse axiom is missing). Property (i) ensures that this monoid is abelian (commutative). Property (j) is the distributive law of multiplication over addition, which is the only property we have which tells us how multiplication and addition interact. Notice that the laws of algebra of Z N. are very familiar. If you replace Z N by Zthroughout the list, every single law remains valid. However, do not be deceived. Some strange mathematics can happen in Z N. For example, in Z 4 we have 2 2 = 0. This seems very odd at first. The product of non-zero elements of Z N can sometimes be 0. This disturbing state of affairs disappears in the case that N is a prime number, and only in that case, as we will see in the next section. We will allow ourselves to denote multiplication by juxtaposition in future.

4 Congruence notation The notation a b to indicate that N (a b) suffers from two drawbacks. It suppresses the rôle of N, and it is not the notation in common use. The standard notation is a = b mod N. Here = is pronounced is congruent to, and mod is short for modulo. ThenumberNis called the modulus of the congruence. Thus 1 = 3mod2, 7 =2mod3and2 10 = 4mod10. All the fuss about addition and multiplication being well-defined amounts to the following. Suppose a, b, c, d Zand N N. If a = b mod N and c = d mod N, then both a + c = b + d mod N and ac = bd mod N. Now suppose that M N is a natural number such that M N, it follows that if a = b mod N, thena = b mod M. Greatest Common Divisors The structure Z N is very special when N happens to be a prime number. We now develop some machinery to understand this situation. Suppose that a, b. Let a,b = {d d Z, d a, d b}. Thus a,b is the set of common divisors of the integers a and b, so 0,0 = Z. However, this is the case of least interest, so we will assume that at least one of a, b is not 0. Let m =max{ a, b }, so m d m d a,b. The set a,b is therefore finite, and is not empty because 1 a,b. Thus a,b has a greatest element called the greatest common divisor of a and b. We write this divisor as g.c.d.(a, b). Notice that a,b = b,a so g.c.d.(a, b) = g.c.d.(b, a). Moreover g.c.d.(a, b) 1 so g.c.d.(a, b) N. Thus g.c.d.(0, 1) = 1, g.c.d.( 4, 6) = 2 and g.c.d.( 9, 12) = 3. Recall that p N is a prime number if p has exactly two natural number divisors. Thus the first few prime numbers are 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71... Thus p is prime exactly when Ω p,p = { p, 1, 1,p}has size 4. From the point of view of greatest common divisors, the important point about a prime number p is that if a Z, then g.c.d.(a, p) must be 1 or p. Moreover g.c.d.(a, p) = 1 unless p a, in which case g.c.d.(a, p)=p. Division Theorem[Remainder Theorem] Suppose that a, b Zand b 0.It follows that there are uniquely determines q, r Zwith 0 r< b such that a = qb+r. Proof Let Γ a,b = {a+µb µ Z}. The set Γ + a,b =Γ a,b (N {0}is not empty (in fact Γ a,b contains arbitrarily positive and negative integers). Let r =minγ + a,b so r 0anda r=qb for some q Z. Thus a = qb + r with q, r Z, 0 r< b. Now suppose q, r Z, 0 r < b and a = qb + r. Subtracting we find that 0=a a=(q q)b+(r r).

5 Thus b divides r r but b <r r< b.we conclude that r r =0,so r = r. Thus qb = qb and so (q q)b =0.However, b 0soq= qand we have established uniqueness. Divisors Suppose that a, b Zare not both zero. Let Ω a,b = {λa + µb λ, µ Z}. The set Ω a,b contains both positive and negative integers. Let t be the least positive element of Ω a,b. Proposition In this notation we have: (i) t divides both a and b. (ii) If d divides both a and b, then d divides t. (iii) t = g.c.d.(a, b). Proof 0 <t Z. Thus a = qt + r according to the Remainder Theorem, so r 0. Now r = a qt Ω a,b violates the minimality of t unless r =0.Thus t divides a. Similarly t divides b, so t is a common divisor of a and b and (i) is established. If d divides both a and b, then d divides all elements of Ω a,b so d divides t and (ii) is established. Now (iii) follows from (i) and(ii). Euclid s algorithm Suppose a, b Zand b 0.Let a 0 = a and a 1 = b. Given that a i has been defined for all i n, if a n =0letd=a n 1 and stop the procedure. On the other hand, if a n 0 then apply the Remainder Theorem to find integers q n,a n+1 such that a n 1 = q n a n + a n+1. Notice that a n >a n+1 whenever n 1, so the integers a n form a decreasing sequence of non-negative integers for n 1. This this procedure must terminate after finitely many steps, and d = a m is defined at stage m. This procedure is called Euclid s Algorithm. Consider the various equations a n 1 = q n a n + a n+1 and a n 1 q n a n = a n+1. From these it follows that (i) any common divisor of a n 1 and a n divides a n+1 and moreover (ii) any common divisor of a n and a n+1 divides a n 1. Thus g.c.d.(a n 1,a n )=g.c.d.(a n,a n+1 ) for every 1 n m. It follows that g.c.d.(a, b) =g.c.d.(a 0,a 1 )=g.c.d.(a m,a m+1 )=g.c.d.(t, 0) = t.

6 Primes and Products Proposition Suppose that p is a prime number, and that a, b are integers. It follows that if p ab, then either p a or p b. Proof Suppose (for contradiction) that p a and p b. Thus g.c.d.(p, a) = 1=g.c.d.(p, b). Thus there are λ 1,λ 2,µ 1,µ 2 Zsuch that 1 = λ 1 p + µ 1 a and 1=λ 2 p+µ 2 b. Multiply these equations so 1=λ 1 λ 2 p 2 +λ 1 pµ 2 b + λ 2 pµ 1 a + µ 1 aµ 2 b. Tidy up by putting λ = λ 1 λ 2 p + λ 1 µ 2 b + λ 2 µ 1 a and µ = µ 1 µ 2. We now have 1=λp + µab. It follows that p ab. However, this is absurd, so we are done. Corollary 1 (i) If p is prime and a, b Z p are such that ab = 0, then either a = 0 or b = 0. (ii) If a Z p and a 0, then there is λ Z p such that aλ = 1. This is because if a =[a],then there are λ, µ Zsuch that λa + µb =1. Corollary 2 If a 1,a 2,...,a m Zand p is a prime number with p m i=1 a i, the p a j for some 1 j m. It follows from part (ii) of the first corollary that that the non-zero elements of Z p of Z p form a group under multiplication of order p 1. By Lagrange s Theorem we have a p 1 = 1 for all a Z p. Translated into the language of congruences we obtain that if the integer a is not divisible by the prime number p, we have a p 1 = 1modp. Allowing for the case that p divides a, we have a p = a mod p for all integers a. Either of the last two results is sometimes called Fermat s Little Theorem. Bonus: The Fundamental Theorem of Arithmetic Theorem[Fundamental Theorem of Arithmetic] Suppose that n N, and n > 1. It follows that n can be expressed as a product t i=1 pni i of distinct prime numbers p i and that (up to commutativity) this factorization is unique. Proof We first show, by complete induction on n, that every n N with n>1 is the product of prime numbers. It is not strictly necessary to begin complete inductions, but let us do it for safety! The smallest natural number bigger than 1is2,andthatis t i=1 pni i with t =1,p 1 =2andn 1 =1.Now suppose that m is an arbitrary natural number bigger than 1. Either m is prime, in which case it is its own prime factorization (as 2 was), or it is composite. In the latter case m = m 1 m 2 with 1 <m 1,m 2 <mand m 1,m 2 N. Now each of m 1,m 2 is a product of prime numbers by inductive hypothesis, so m is a product of prime numbers. By complete induction we are done. Now for uniqueness. Again we proceed by complete induction, the base case being unecessary or a matter of staring at 2, depending on your degree of nervousness. Suppose that n N with n>1 has two rival factorizations n = t i=1 pni i and n = s j=1 qmj j. Here the p i are pairwise distinct primes, and the q j are pairwise distinct primes. Now p 1 n so p 1 s j=1 qmj j. Thus p 1 q j for some j by the second corollary. Thus p 1 = q j and n/p 1 = n/q j. This last

equation, together with induction, ensures that the induced factorizations of n/p 1 and n/q j co-incide (up to commutativity). We are done. 7

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback