Modulo Arithmetic
Problem:
If we line up the students in this class in 2 rows, there is one student left. If we line up
them in 3 rows, there are two left. If we line up them in 5 rows, there are 3 left. How
many number of students in this class?
Definition. Given a, b are integers and n is a positive integer,
a  b (mod n) , or a and b are congruent modulo n,
if n|(a-b).
Example. 3  0 (mod 3), 4  1 (mod 3), 5  2 (mod 3), 6  0 (mod 3), -1  2 (mod 3),
-2  1 (mod 3), …
Now, we can collect all integers that are congruent in the same set, called the congruent
class, as defined in the following:
Definition. The set of integers congruent to r (mod n) is called the congruence class of r
(mod n), is the set
[r]={ r + kn | k  Z}
The collection of [0], [1], .., [n-1] is denoted by Zn.
Definition. The Integers modulo n, or Zn , is defined as
Zn ={[0], [1], [2], …, [n-1]}
Theorem. The following are equivalent:
(i)
a  b (mod n)
(ii)
[a]=[b]
(iii)
There are exactly n congruence classes (mod n), i.e.,
[0], [1], [2], …, [n-1]
The modulo arithmetic + and * do not depend on the representation, as in the following:
Theorem. If a, b, c, and d are integers, a  b (mod n) and c  d (mod n)
(i)
a +c  b +d (mod n)
(ii)
ac  bd (mod n)
Definition. If [r] and [s] are congruence classes (mod n), then
[r]+[s]=[r+s]
[r][s]=[rs]
Example. In Z4 ={[0], [1], [2], [3]}
[1]+[1]=[2], [1]+[2]=[3], [1]+[3]=[4]=[0], [2]+[2]=[0], [2]+[3]=[1], [3]+[3]=[2]
[2][2]=[4]=[0], [2][3]=[6]=[2], [3][3]=[9]=[1]
Definition. A non-zero element [r]  Zn is called a zero-divisor if there exists a non-zero
element [s]  Zn such that [r][s]=[0].
Definition. A non-zero element [r]  Zn is called a unit if there exists a non-zero element
[s]  Zn such that [r][s]=[1]. [s] is called a multiplicative inverse of [r], or [r]-1.
Example. In Z4,
[2] is a zero-divisor and [3] is a unit. The multiplicative inverse of [3] is itself.
Example.
What is [15]-1 (mod 2)?
Solution:
Since 15*1 (mod 2)= 1 (mod 2), [15]-1 =[1].
Theorem. For a congruence class [r]  Zn, the following are equivalent:
(i)
gcd (m, n)=1
(ii)
[m] has a multiplicative inverse.
(iii)
[m] is not a zero-divisor in Zn.
Example.
In Z4, n=4, m=3, gcd(3,4)=1. Hence [3] has a multiplicative inverse, which is itself.
Corollary.
Every non-zero [r] in Zn has a multiplicative inverse if and only if n is a prime,.
Example.
In Z5, n=5, [1]-1 = [1], [2]-1 = [3], [3]-1 = [2], [4]-1 = [4].
Definition. A function f has a period of r (positive integer) if f(x+r)=f(x), for every x.
Example.
In Z4, calculate the Fibonacci sequence.
[0], [1], [1], [2], [3], [1], [0], [1], …
The period is 6.
Theorem. (The Chinese Remainder Theorem)
Assume that a1, a2, …, am are integers, and n1, n2, …, nm are positive integers such that
gcd (ni, nj)=1 if i  j (ni, nj are called relatively prime).
Then the system equation
X  a1 (mod n1)
X  a2 (mod n2)
…
X  am (mod nm)
Has a unique solution X modulo N=n1 *n2 *…*nm
Proof:
m
N
. Obviously, Ni  0 (mod nj), where i=1, 2, …, m and i  j
ni
j 1, j  i
Then gcd (Ni, ni)=1. Hence there is a multiplicative inverse Ri (=Ni-1) of Ni (mod ni).
n
Let Ni =
m
Let X=
j
=
 NiRiai . Since X=
i 1
m
NRa
i
i i
 ai (mod ni), X is the unique solution.
i 1
Example.
If we line up the students in this class in 2 rows, there is one student left. If we line up
them in 3 rows, there are two left. If we line up them in 5 rows, there are 3 left. How
many number of students in this class?
That is, to solve the system equation
X  1 (mod 2)
X  2 (mod 3)
X  3 (mod 5)
Solution:
m=3, a1=1, a2=2, a3=3, n1 =2, n2=3, n3=5. N= n1*n2* n3 =30
N1 = n2* n3 = 15, R1 =1 (mod 2)
N2 = n1* n3 = 10, R2 =1 (mod 3)
N3 = n1* n2 = 6, R3 =1 (mod 5)
m
X=
 N R a =15*1*1+10*1*2+6*1*3=53 (mod 30)=23 (mod 30)
i
i i
i 1
Ans: 23, 53, 83, 113, …
Applications.
A. DNA Model (Z4)
The genetic code in DNA of organism is in the form of double helix, each
consisting of a sequence of nucleotides: T(Thymine), A(Adenine), C(Cytosine)
and G(Guanine). The double helix is governed by Chargaff’s Rules: T pairs with
A and G pairs with C.
If we set T=0, A=2, G=1 and C=3, then every helix can interchange to another
strand of helix by using modulo arithmetic (adding 2) in Z4.
For example, one strand of the human TSH-  gene has the genetic code as
GGTCACCACAGCATCTGCTCACCAATGCAAAGTAAG
This can be represented in by Z4 as
1103233232132030130323322013222102221
After adding 2 (mod 4) respectively, the other helix code is
3321011010310212312101100231000320003
The genetic code is
CCAGTGGTGTCGTAGACGAGTGGTTACGTTTCATTTC
B. Public Key Encryption/Decryption (RSA Algorithm)
The public key encryption is used by a sender to transmit a secret key. The sender
first encrypts the key (called a plain text T, e.g., a positive integer from the key’s
ASCII code) using a public key (displayed from a web site) and transmit it (called
a cipher text C) to the other person. The receiver will use the corresponding
private key to decode the message and know the secret key. Then the receiver will
use the secret key to communicate with the sender. The idea is that even people
know the public key, it is supposed very hard to find the corresponding private
key to decode it. One such algorithm is called RSA algorithm (developed in 1976
by Rivest, Shamir and Adleman at MIT) is described as follows: (PQ, E) is the
public key)
(1) Choose 2 different prime numbers P and Q. (In practice, each has 200
digits).
(2) Choose an odd number E such that gcd (E, (P-1)(Q-1)) = 1
(3) By the theorem above, find a multiplicative inverse of E (mod (P-1)(Q-1)),
called D (the private key). That is ED  1 (mod (P-1)(Q-1))
Assume that ED=1+m(P-1)(Q-1), where m is an integer
(4) The cipher text C is created by C=TE (mod PQ).
(5) To decipher C, the receiver performs
CD (mod PQ)= TED (mod PQ)= (T Tm(P-1)(Q-1)) (mod PQ)
If gcd(T,P)=1, then by Fermat theorem, Tm(P-1)  1 (mod P), or Tm(P-1)(Q-1)
 1 (mod P)
If gcd(T,Q)=1, then by Fermat theorem, Tm(Q-1)  1 (mod Q), or Tm(P-1)(Q-1)
 1 (mod Q)
Therefore, if gcd(T,P)=1 and gcd(T,Q)=1, then by Chinese Reminder
Theorem that Tm(P-1)(Q-1)  1 (mod PQ), or CD (mod PQ)=T (mod PQ)
The receiver can recover the original plain text T.
Note:
(1) Choose 2 large primes P and Q:
(i)
The Fermat’s Little Theorem (Fermat’s primes p)
If p is prime and a is an integer not divisible by p, then
ap-1  1 (mod p).
Example.
Let a=2, p=5. 24 = 16  1 (mod 5)
However, this does not guarantee that if an-1  1 (mod n), then n is
a prime. This composite number n is called a Carmichael number
(or a pseudo-prime)
Example.
Let a=2, n=561=3*11*17
Then 2560=(22) 280  1280 (mod 3)  1 (mod 3)  1 (mod 561).
n=561 is not a prime.
(ii)
The Euclid’s primes
Let Nn = p1 * p2 * …* pn +1, where p1, p2, …, pn are the first n
primes in order). Then N1, N2, N3, N4, N5, N11, N75, N171, and N172
are primes. No other Nn are primes for 1  n  200.
(iii)
(iv)
The Mersenne primes
If p is a prime, then Mp =2p -1 is called a Mersenne number.
Lucas Theorem. Mp is prime if and only if Mp divides S, where
S0 = 4, S1 = 42 -2=14, S2 = 142 -2, …, Sk = Sk-12 -2.
The Gaussian primes
2k
If a prime has the form 2 +1, it is a Gaussian prime. Only when
k=0, 1, 2, 3, 4, it is prime.
(2) Choose an odd integer E that is not divisible by (P-1)(Q-1)
(3) D can be found using the Euclidean algorithm and Extended Euclidean
algorithm as follows:
Procedure moduloMultiplicativeInverse (given a, b are positive integers and a
 b, modulo n)
// stores all quotient in array q[0], q[1], … and stores as count the number of
steps used in Euclidean //Algorithm
// The following is the Euclidean Algorithm
x=a
y=b
i=0
While y  0
q[i]=x div y
r=x mod y
x=y
y=r
i++
count=i
// the following is the extended Euclidean algorithm
xprev=0
x=1
for i=0 to count-2
xnew=( xprev-x*q[i]) mod n
xprev=x
x=xnew
// make x non-negative
while x<0
x=x+n;
return x
(4) Exponentiation Algorithm to calculate C=TE (mod PQ):
Write E in binary as (ak-1 ak-2 … a1 a0)2
x=1
C=T mod PQ
for i=0 to k-1
if ai =1 then x=(x*C) mod PQ
C= (C*C) mod PQ
return x
Example. A simplified RSA algorithm Example (using 2 digits coding system:
A=0, B=1, …, Z=25. to encode the message)
To send a message ”STOP” by RSA. By 2 digits coding system: A=00, B=01, …,
Z=25, T=1819 1415 (using a block of 4 digits)
Let P=43, Q=59, PQ=43*59=2537, (P-1)(Q-1)=42*58=2436=2*2*3*7*29
Choose E=13, then gcd (E, (P-1)(Q-1))=1.
By Euclidean algorithm, find D such that ED=13D=1+m(P-1)(Q-1)=1+2436m,
where m is an integer.
We find that m=5 and D=937.
The cipher text C= T13 (mod PQ):=C1 C2, where C1=(1819)13 mod 2537,
C2=(1415)13 mod 2537.
Use the Exponentiation Algorithm, E=13=(1101)2. To calculate C1 and C2,
k-1=3, x=1, a0=1, a1=0, a2=1, a3=1.
C1= 1819
i=0, a0=1, x=1819, C1=(1819*1819) mod 2537=513
i=1, C1=(513*513) mod 2537=1858
i=2, a2=1, x=(1819*1858) mod 2537=418, C1=(1858*1858) mod 2537=1844
i=3, a3=1, x=(418*1844) mod 2537=2081, return 2081
Therefore, C1=2081.
k-1=3, x=1, a0=1, a1=0, a2=1, a3=1.
C2= 1415
i=0, a0=1, x=1415, C2=(1415*1415) mod 2537=532
i=1, C2=(532*532) mod 2537=1417
i=2, a2=1, x=(532*1417) mod 2537=825, C2=(1417*1417) mod 2537=1122
i=3, a3=1, x=(825*1122) mod 2537=2182, return 2182
C2=2182
Decryption. T= C1D (mod PQ) C2D (mod PQ)
C1D (mod PQ)=2081937 mod 2537=1819=”ST”
C2D (mod PQ)=2182937 mod 2537=1415=”OP”
Extra Credit #1 (Counts 3 HW) Write a RSA encryption and decryption program.
Extra Credit #2 (Counts 1 HW) Problem:
If we line up soldiers in a division in 3 rows, there is 2 soldiers left. If we line up
them in 5 rows, there are 4 left. If we line up them in 7 rows, there are 5 left. How
many number of soldiers in the division?