Justin Cantu
Texas A&M University
Math 482
Instructor: Dr. David Larson
Parts I and II of the Law of Quadratic Reciprocity
Quadratic Residues and Nonresidues
The Law of Quadratic Reciprocity tells us whether or not the congruence x2 ≡ a (mod p) has a
solution. In other words, whether a is a square modulo p.
Example: Does x2 ≡ 3 (mod 7) have a solution? We can square the numbers 0 to 6, reduce
modulo 7, and see if any of them is equal to 3:
02 ≡ 0 (mod 7)
12 ≡ 1 (mod 7)
22 ≡ 4 (mod 7)
2
3 = 9 ≡ 2 (mod 7)
42 = 16 ≡ 2 (mod 7)
52 = 25 ≡ 4 (mod 7)
62 = 36 ≡ 1 (mod 7)
2
So x ≡ 3 (mod 7) does not have a solution.
To look for patterns and make conjectures, we create a table of all squares modulo p for a few
primes. This is a usual procedure in Number Theory.
Modulo 5
Modulo 7
Modulo 11
Modulo 13
b
b2
b
b2
b
b2
b
b2
0
0
0
0
0
0
0
0
1
1
1
1
1
1
1
1
2
4
2
4
2
4
2
4
3
4
3
2
3
9
3
9
4
1
4
2
4
5
4
3
5
4
5
3
5
12
6
1
6
3
6
10
7
5
7
10
8
9
8
12
9
4
9
3
10
1
10
9
11
4
12
1
We can see that each number that appears as a square seems to appear exactly twice. Also, there
is actually a sort of reverse repeating pattern in each table. What this pattern amounts to is saying
b2 and (p-b)2 are the same modulo p. This is easy to see since:
(p-b)2 = p2 -2pb + b2 ≡ b2 (mod p).
Because of this pattern, if we want to list all the nonzero numbers that are squares modulo p, we
only need to compute half of them,
12 (mod p), 22 (mod p), …, ((p-1) / 2)2 (mod p).
Our goal is to find patterns that can be used to distinguish squares from nonsquares modulo p.
Definition: A nonzero number that is congruent to a square modulo p is called a quadratic residue
modulo p and is abbreviated QR. Looking at the tables, we see 3 and 12 are QRs modulo 13.
Definition: A number that is not congruent to a square modulo p is called a (quadratic)
nonresidue modulo p and is abbreviated NR. For example, 2 and 5 are NRs modulo 13.
A number that is congruent to 0 modulo p is neither a residue nor a nonresidue.
Listing the QRs and NRs modulo 13, we have
QRs mod 13 : {1, 3, 4, 9, 10, 12}
NRs mod 13: {2, 5, 6, 7, 8, 11}
and we notice there are 6 of each.
Listing the QRs and NRs modulo 7, we have
QRs mod 7: {1, 2, 4}
NRs mod 7: {3, 5, 6}
and we notice there are 3 of each. This leads to the following theorem.
Theorem 1: Let p be an odd prime. Then there are exactly (p-1)/2 quadratic residues modulo p
and exactly (p-1)/2 nonresidues modulo p.
Proof: The quadratic residues are the nonzero numbers that are squares modulo p, so they are the
numbers
12 , 22, …, (p-1)2 (mod p).
But we really only need to go halfway since b2 ≡ (p-b)2:
12 , 22, …, ((p-1)/2)2 (mod p).
Since the list is of size (p-1)/2, we need to check that these numbers are all different modulo p.
Suppose that b1 and b2 are numbers between 1 and (p-1)/2 and that b12 ≡ b22 (mod p). We want to
show b1 = b2. The fact that b12 ≡ b22 (mod p) means that p divides b12 - b22 = (b1-b2)(b1+b2). Since
b1+b2 is between 2 and p-1, p must divide b1-b2. But |b1-b2| < (p-1)/2, so the only way for b1-b2 to
be divisible by p is to have b1-b2 = 0 or b1 = b2. Thus 12 , 22, …, ((p-1)/2)2 are all different modulo
p and there are (p-1)/2 quadratic residues. Clearly there are p-1 numbers between 1 and p-1.
Since (p-1)/2 are QRs, the other (p-1)/2 must be NRs.
What happens when we multiply a QR × QR, QR × NR, or NR × NR?
For example, 3 and 10 are QRs modulo 13 and 3•10 = 30 ≡ 4 (mod 13), a QR. This case is easy
to see. Suppose a1 and a2 are both QRs modulo p, then a1 ≡ b12 (mod p) and a2 ≡ b22 (mod p) for
some numbers b1 and b2. So a1a2 ≡ b12b22 ≡ (b1b2)2 (mod p), or a1a2 is a QR.
What about QR × NR and NR × NR? Again, we can try a few values:
QR × NR ≡ ?? (mod p)
NR × NR ≡ ?? (mod p)
2 × 5 ≡ 3 (mod 7) NR
3 × 5 ≡ 1 (mod 7) QR
5 × 6 ≡ 8 (mod 11) NR
6 × 7 ≡ 9 (mod 11) QR
4 × 5 ≡ 7 (mod 13) NR
5 × 11 ≡ 3 (mod 13) QR
10 × 7 ≡ 5 (mod 13) NR
7 × 11 ≡ 12 (mod 13) QR
It seems that QR × NR = NR and NR × NR = QR. This leads to our next theorem.
Theorem (Quadratic Residue Multiplication Rule): Let p be an odd prime. Then:
i) QR × QR = QR
ii) QR × NR = NR
iii) NR × NR = QR.
Proof: We already proved (i). Suppose that a1 is a QR, so a1 ≡ b12 (mod p), and a2 is an NR.
Assume that a1a2 is a QR to derive a contradiction. So a1a2 ≡ b32 for some b3 and we have
b32 ≡ a1a2 ≡b12a2 (mod p).
Since p doesn’t divide a1 = b12, p doesn’t divide b1, thus gcd(b1, p) = 1. So b1 has an inverse
modulo p, say ∃c1 such that c1b1 ≡ 1 (mod p). Multiplying the above by c12 we get,
c12b32 ≡ c12a1a2 ≡ (c1b1)2a2 ≡ a2 (mod p).
Thus a2 ≡ (c1b3)2 (mod p) is a QR, a contradiction.
We will need the following lemma to prove (iii).
Lemma: Let p be a prime number and let a be a number with a ≠ 0 (mod p). Then the numbers
a, 2a, 3a, …, (p-1)a (mod p)
are the same as the numbers
1, 2, 3, …, (p-1) (mod p),
although they may be in a different order.
Proof of (iii): Let a be an NR and consider the set of values
a, 2a, 3a, …, (p-2)a, (p-1)a (mod p).
By the lemma, these are just the numbers 1, 2, …, (p-1) rearranged in some different order. In
particular, they include the (p-1)/2 QRs and the (p-1)/2 NRs. However, as we already proved,
each time that we multiply a by a QR, we get an NR, so the (p-1)/2 products a × QR already give
us all (p-1)/2 NRs in the list. Hence when we multiply a by an NR, the only possibility is that it
is equal to one of the QRs in the list, because the a × QR products have already used up all of the
NRs in the list.
Looking at the three equations
i) QR × QR = QR
ii) QR × NR = NR
iii) NR × NR = QR
we see that QR behaves like 1 and NR behaves like -1. Adrien-Marie Legendre introduced the
Legendre symbol of a modulo p as
! a $ = 1 if a is a quadratic residue modulo p,
#" p &%
-1 if a is a nonresidue modulo p.
{
For example, looking at the table on page 1, we see
(3/13) = 1
(11/13) = -1
(2/7) = 1
(3/7) = -1.
Theorem 2: Let p be an odd prime. Then
(a/p)(b/p) = (ab/p).
Example: (75/97) = (3•5•5/97) = (3/97)(5/97)(5/97) = (3/97)(±1)2 = (3/97).
Since 102 = 100 ≡ 3 (mod 97), 3 is a QR modulo 97. Thus (75/97) = (3/97) = 1.
Law of Quadratic Reciprocity Part I
We took a prime p and found the QRs and NRs. Now we are going to fix a and find which
primes p have a as a QR.
First we set a = -1 and ask for which primes p is -1 a QR? In other words, for which primes p
does the congruence x2 ≡ -1 (mod p) have a solution? Again, we use a table to motivate us.
p
3
5
7
11
13
17
19
23
29
31
Solutions to
x2 ≡ -1 (mod p)
NR
2, 3
NR
NR
5, 8
4, 13
NR
NR
12, 17
NR
Conjecture: " !1 %
$# p '& =
4)
{ -11 ifif pp ≡≡ 13 (mod
(mod 4)
We first prove the Square Root of Fermat’s Little Theorem and Euler’s Criterion to help prove
our conjecture.
Square Root of Fermat’s Little Theorem: Let A = a(p-1)/2, then A ≡ ±1 (mod p).
Proof: By Fermat’s Little Theorem, A2 = ap-1 ≡ 1 (mod p). Thus p divides A2-1 = (A-1)(A+1), so
either p divides A-1 or A+1. Thus A ≡ 1 (mod p) or A ≡ -1 (mod p).
Let us make a table with some values of p, a, A (mod p), and (a/p).
p
11
31
47
97
173
409
499
601
a
3
7
10
15
33
78
33
57
A (mod p)
1
1
-1
-1
1
-1
1
-1
(a/p)
1
1
-1
-1
1
-1
1
-1
It seems that A ≡ 1 when a is QR and A ≡ -1 when a is NR.
Euler’s Criterion: Let p be an odd prime. Then
A = a(p-1)/2 ≡ (a/p) (mod p).
Proof: Suppose that a is a quadratic residue, say a ≡ b2 (mod p). By Fermat’s Little Theorem, we
have a(p-1)/2 ≡ (b2)(p-1)/2 ≡ bp-1 ≡ 1 ≡ (a/p) (mod p).
Next, consider the congruence X(p-1)/2 - 1 ≡ 0 (mod p). We just proved that every quadratic
residue is a solution to this congruence and we know from earlier that there are exactly (p-1)/2
quadratic residues. Also, this congruence has at most (p-1)/2 solutions. Thus, the solutions to this
congruence are exactly the QRs modulo p.
Now let a be a nonresidue. By Fermat’s Little Theorem, a(p-1) ≡ 1 (mod p), or
0 ≡ ap-1 - 1 ≡ (a(p-1)/2 - 1)(a(p-1)/2 + 1) (mod p).
The second factor must be 0, or a(p-1)/2 + 1 ≡ 0, which implies a(p-1)/2 ≡ -1 = (a/p) (mod p).
Example: Is -1 a quadratic residue modulo p = 6911?
(-1)(6911-1)/2 = (-1)3455 = -1.
Euler’s Criterion tells us that (-1/6911) ≡ -1 (mod 6911). Since (a/p) is either 1 or -1, we have
(-1/6911) = -1, thus -1 is a nonresidue modulo 6911.
Theorem (Quadratic Reciprocity Part 1): Let p be an odd prime. Then
1 if p ≡ 1 (mod 4)
" !1 %
$# p '& = -1 if p ≡ 3 (mod 4).
{
Proof: Suppose that p ≡ 1 (mod 4), say p = 4k + 1. Then
(-1)(p-1)/2 = (-1)2k ≡ 1, so 1 ≡ (-1/p) (mod p), but actually 1 = (-1/p).
Suppose that p ≡ 3 (mod 4), say p = 4k + 3. Then
(-1)(p-1)/2 = (-1)2k+1 ≡ -1, so -1 ≡ (-1/p) (mod p), but actually -1 = (-1/p).
Law of Quadratic Reciprocity Part II
Now we set a = 2, and ask, for which primes p is 2 a QR?
2 is a QR for p = 7, 17, 23, 31, 41, 47, 71, 73, 79, 89, 97, 103, 113, 127...
2 is an NR for p = 3, 5, 11, 13, 19, 29, 37, 43, 53, 59, 61, 67, 83, 101, 107, 109...
Reducing these lists modulo 4 gives:
3, 1, 3, 3, 1, 3, 3, 1, 3, 1, 1, 3, 1, 3
3, 1, 3, 1, 3, 1, 1, 3, 1, 3, 1, 3, 3, 1, 3, 1.
There is no immediate pattern.
Reducing these lists modulo 8 gives:
7, 1, 7, 7, 1, 7, 7, 1, 7, 1, 1, 7, 1, 7
3, 5, 3, 5, 3, 5, 5, 3, 5, 3, 5, 3, 3, 5, 3, 5.
Conjecture: ! 2 $ =
#" p &%
(mod 8)
{ -11 ifif pp ≡≡ 31 oror 57 (mod
8).
We can’t use Euler’s criterion in an obvious way since 2(p-1)/2 (mod p) may be hard to calculate.
We use a trick. We begin with an example. Let p = 13 and multiply the first (p-1)/2 = 6 numbers
by 2 and then multiply those together. So,
2•4•6•8•10•12 = 26•1•2•3•4•5•6
= 26•6!
We next take 2, 4, 6, 8, 10, 12 and reduce them modulo 13 so that they are in the range -6 to 6.
Thus,
2 ≡ 2 (mod 13) 4 ≡ 4 (mod 13) 6 ≡ 6 (mod 13)
8 ≡ -5 (mod 13) 10 ≡ -3 (mod 13) 12 ≡ -1 (mod 13)
This gives 2•4•6•8•10•12 ≡ 2•4•6•(-5)•(-3)•(-1)
≡ (-1)3•6!
≡ -6! (mod 13)
Equating these two values gives
26•6! ≡ -6! (mod 13)
which implies 26 ≡ -1 (mod 13).
General Case: Let p be an odd prime and let P = (p-1)/2. We start with the even numbers
2, 4, 6, …, p-1. Multiplying them together and factoring out 2 gives,
2•4•6… (p-1) = 2(p-1)/2•1•2•3… (p-1)/2 = 2P•P!.
Now we reduce these same even numbers modulo p so that they are in the range -P to P. The
first few numbers won’t change but at some point in the list we’ll start hitting numbers that are
larger than P, and each of these large numbers need to have p subtracted from it. Notice that the
number of minus signs introduced is exactly the number of times we need to subtract p. In other
words,
Number of minus signs = {Number of integers in the list
2, 4, 6, …, (p-1) that
are larger than P=(p-1)/2}
Illustration that helps:
2•4•6•8 ••• | ••• (p-5)•(p-3)•(p-1)
Numbers ≤ (p-1)/2 are left unchanged | Number > (p-1)/2 need to subtract p from each.
Comparing the two products, we have
2P•P! = 2•4•6•••(p-1) ≡ (-1)(number of minus signs) •P! (mod p)
which implies 2(p-1)/2 ≡ (-1)(number of minus signs) (mod p)
Quadratic Reciprocity Part II: Let p be an odd prime. Then
! 2$
1 if p ≡ 1 or 7 (mod 8)
#" p &% =
-1 if p ≡ 3 or 5 (mod 8).
{
Proof: Suppose p ≡ 3 (mod 8), say p = 8k+3. We need to find the number of minus signs where
p-1 = 8k+2 and (p-1)/2 = 4k+1. We use our illustration to help
2•4•6•••4k | (4k+2)•(4k+4)•••(8k+2).
Dividing the right side by 2 gives the numbers (2k+1), (2k+2), …, (4k+1) which is
(4k+1)-(2k+1)+1 = 2k+1 numbers, thus 2k+1 minus signs. So 2(p-1)/2 ≡ (-1)2k+1 ≡ -1 (mod p). By
Euler’s Criterion, 2 is a nonresidue modulo p.
Suppose p ≡ 7 (mod 8), say p = 8k+7. We need to find the number of minus signs where
p-1 = 8k+6 and (p-1)/2 = 4k+3. We use our illustration to help
2•4•6•••(4k+2) | (4k+4)•(4k+6)•••(8k+6).
This gives (4k+3)-(2k+2)+1 = 2k+2 minus signs. So 2(p-1)/2 ≡ (-1)2k+2 ≡ 1 (mod p). By Euler’s
Criterion, 2 is a quadratic residue modulo p. The last two cases are similar.
References
Silverman, Joseph H. A Friendly Introduction to Number Theory. 4th Ed. Upper Saddle River:
Pearson, 2013. 141-157. Print.