Ch4
advertisement
Number Theory
ITT9130 Konkreetne Matemaatika
Chapter Four
Divisibility
Primes
Prime examples
Factorial Factors
Relative primality
‘MOD’: the Congruence Relation
Independent Residues
Additional Applications
Phi and Mu
Contents
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Next section
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Next subsection
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Division (with remainder)
Definition
Let a and b be integers and a > 0. Then division of b by a is finding an integer
quotient q and a remainder r satisfying the condition
b = aq + r , where 0 6 r < a.
Here
b
– dividend
a
– divider (=divisor) (=factor)
q = ba/bc
– quotient
r = a mod b
– remainder (=residue)
Example
If a = 3 and b = 17, then
17 = 3 · 5 + 2.
Division (with remainder)
Definition
Let a and b be integers and a > 0. Then division of b by a is finding an integer
quotient q and a remainder r satisfying the condition
b = aq + r , where 0 6 r < a.
Here
b
– dividend
a
– divider (=divisor) (=factor)
q = ba/bc
– quotient
r = a mod b
– remainder (=residue)
Example
If a = 3 and b = 17, then
17 = 3 · 5 + 2.
Negative dividend
If the divisor is positive, then the reminder is always non-negative.
For example
If a = 3 ja b = −17, then
−17 = 3 · (−6) + 1.
Integer b can be always represented as b = aq + r with 0 6 r < a due to the fact
that b either coincides with a term of the sequence
. . . , −3a, −2a, −a, 0, a, 2a, 3a, . . .
or lies between two succeeding figures.
Negative dividend
If the divisor is positive, then the reminder is always non-negative.
For example
If a = 3 ja b = −17, then
−17 = 3 · (−6) + 1.
Integer b can be always represented as b = aq + r with 0 6 r < a due to the fact
that b either coincides with a term of the sequence
. . . , −3a, −2a, −a, 0, a, 2a, 3a, . . .
or lies between two succeeding figures.
NB! Division by a negative integer yields the negative
reminder
5 mod 3 = 5 − 3 b5/3c = 2
5 mod − 3 = 5 − (−3) b5/(−3)c = −1
−5 mod 3 = −5 − 3 b−5/3c = 1
−5 mod − 3 = −5 − (−3) b−5/(−3)c = −2
Be careful!
Some computer languages use another definition.
We assume a > 0 in further slides!
NB! Division by a negative integer yields the negative
reminder
5 mod 3 = 5 − 3 b5/3c = 2
5 mod − 3 = 5 − (−3) b5/(−3)c = −1
−5 mod 3 = −5 − 3 b−5/3c = 1
−5 mod − 3 = −5 − (−3) b−5/(−3)c = −2
Be careful!
Some computer languages use another definition.
We assume a > 0 in further slides!
NB! Division by a negative integer yields the negative
reminder
5 mod 3 = 5 − 3 b5/3c = 2
5 mod − 3 = 5 − (−3) b5/(−3)c = −1
−5 mod 3 = −5 − 3 b−5/3c = 1
−5 mod − 3 = −5 − (−3) b−5/(−3)c = −2
Be careful!
Some computer languages use another definition.
We assume a > 0 in further slides!
Divisibility
Definition
Let a and b be two integers. We say that a divides b , or a is a divisor of b, or b is a
multiple of a (these phrases mean the same thing), if there exists an integer m such
that b = am.
Notations:
a|b
a\b
.
b ..a
a divides b
a divides b
b is a multiple of a
For example
3|111
7| − 91
−7| − 91
Divisors
Definitsioon
If a|b, then
an integer a is called divisor or factor or multiplier of an integer b.
Properties
Any integer b at least four divisors: 1, −1, b, −b.
a|0 for any integer a; reverse relation 0|a is valid only for a = 0. That means 0|0.
1|b for any integer b,whereas b|1 is valid iff b = 1 or b = −1.
Divisors
Definitsioon
If a|b, then
an integer a is called divisor or factor or multiplier of an integer b.
Properties
Any integer b at least four divisors: 1, −1, b, −b.
a|0 for any integer a; reverse relation 0|a is valid only for a = 0. That means 0|0.
1|b for any integer b,whereas b|1 is valid iff b = 1 or b = −1.
Divisors
Definitsioon
If a|b, then
an integer a is called divisor or factor or multiplier of an integer b.
Properties
Any integer b at least four divisors: 1, −1, b, −b.
a|0 for any integer a; reverse relation 0|a is valid only for a = 0. That means 0|0.
1|b for any integer b,whereas b|1 is valid iff b = 1 or b = −1.
Divisors
Definitsioon
If a|b, then
an integer a is called divisor or factor or multiplier of an integer b.
Properties
Any integer b at least four divisors: 1, −1, b, −b.
a|0 for any integer a; reverse relation 0|a is valid only for a = 0. That means 0|0.
1|b for any integer b,whereas b|1 is valid iff b = 1 or b = −1.
More properties:
1 If a|b, then ±a| ± b.
2 If a|b and a|c, for any integers s and t it is valid that a|bs + ct.
3 a|b iff ac|bc for any integer c.
The first property allows to restrict ourselves to study divisibility on positive integers.
It follows from the second property that if an integer a is a divisor of b and c, then it
is the divisor their sum and difference.
Here a is called common divisor of b and c (as well as of b + c, b − c, b + 2c etc.)
More properties:
1 If a|b, then ±a| ± b.
2 If a|b and a|c, for any integers s and t it is valid that a|bs + ct.
3 a|b iff ac|bc for any integer c.
The first property allows to restrict ourselves to study divisibility on positive integers.
It follows from the second property that if an integer a is a divisor of b and c, then it
is the divisor their sum and difference.
Here a is called common divisor of b and c (as well as of b + c, b − c, b + 2c etc.)
More properties:
1 If a|b, then ±a| ± b.
2 If a|b and a|c, for any integers s and t it is valid that a|bs + ct.
3 a|b iff ac|bc for any integer c.
The first property allows to restrict ourselves to study divisibility on positive integers.
It follows from the second property that if an integer a is a divisor of b and c, then it
is the divisor their sum and difference.
Here a is called common divisor of b and c (as well as of b + c, b − c, b + 2c etc.)
Next section
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Next subsection
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Greatest Common Divisor
Definition
The greatest common divisor (gcd) of two or more non-zero integers is
the largest positive integer that divides the numbers without a remainder.
Example
Divisors 36 and 60 are 1, 2, 3, 4, 6, 12.
The greatest common divisor gcd(36, 60) = 12.
The greatest common divisor exists always because of the set of
common divisors of the given integers is non-empty finite set.
Greatest Common Divisor
Definition
The greatest common divisor (gcd) of two or more non-zero integers is
the largest positive integer that divides the numbers without a remainder.
Example
Divisors 36 and 60 are 1, 2, 3, 4, 6, 12.
The greatest common divisor gcd(36, 60) = 12.
The greatest common divisor exists always because of the set of
common divisors of the given integers is non-empty finite set.
Next subsection
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
The Euclidean algorithm
The algorithm to compute gcd(a, b) for positive integers a and b
Input: Positive integers a and b, assume that a > b
Output: gcd(a, b)
while b > 0
do
1
2
3
r := a mod b
a := b
b := r
od
return(a)
Example: compute gcd(2322, 654)
a
b
2322
654
654
360
360
294
294
66
66
30
30
6
6
0
Example: compute gcd(2322, 654)
a
b
2322
654
654
360
360
294
294
66
66
30
30
6
6
0
Example: compute gcd(2322, 654)
a
b
2322
654
654
360
360
294
294
66
66
30
30
6
6
0
Example: compute gcd(2322, 654)
a
b
2322
654
654
360
360
294
294
66
66
30
30
6
6
0
Example: compute gcd(2322, 654)
a
b
2322
654
654
360
360
294
294
66
66
30
30
6
6
0
Example: compute gcd(2322, 654)
a
b
2322
654
654
360
360
294
294
66
66
30
30
6
6
0
Example: compute gcd(2322, 654)
a
b
2322
654
654
360
360
294
294
66
66
30
30
6
6
0
Example: compute gcd(2322, 654)
a
b
2322
654
654
360
360
294
294
66
66
30
30
6
6
0
Important questions to answer:
Does the algorithm terminate for any input?
Is the result just the greatest common divisor?
How long does it take?
Termination of the Euclidean algorithm
In any cycle, the pair of integers (a, b) is replaced by (b, r ), where r
is the reminder of division of a by b.
Hence r < b.
The second number of the pair decreases, but remains non-negative,
so the process cannot last infinitely long.
Correctness of the Euclidean algorithm
Theorem
If r is a reminder of division of a by b, then
gcd(a, b) = gcd(b, r )
Proof. It follows from the equality a = bq + r that
1
2
if d|a and d|b, then d|r
if d|b and d|r , then d|a
In other words, the set of common divisors of a and b
equals to the set of common divisors of b and r ,
recomputing of (b, r ) does not change the greatest
common divisor of the pair.
The number returned r = gcd(r , 0).
Q.E.D.
Complexity of the Euclidean algorithm
Theorem
The number of steps of the Euclidean algorithm applied to two positive
integers a and b is at most
1 + log2 a + log2 b.
Proof. Let consider the step where the pair (a, b) is replaced by
(b, r ). Then we have r < b and b + r 6 a. Hence
2r < r + b 6 a or br < ab/2. This is that the product of
the elements of the pair decreases at least 2 times.
If after k cycles the product is still positive, then
ab/2k > 1, that gives
k 6 log2 (ab) = log2 a + log2 b
Q.E.D.
The numbers produced by the Euclidean algorithm
a = bq1 + r1
r1 can be expressed in terms of b and a
b = r1 q2 + r2
r2 can be expressed in terms of r1 and b
r1 = r2 q3 + r3
r3 can be expressed in terms of r2 and r1
············
············
rk−3 = rk−2 qk−1 + rk−1
rk−1 can be expressed in terms of rk−2 and rk−3
rk−2 = rk−1 qk + rk
rk can be expressed in terms of rk−1 and rk−2
rk−1 = rk qk +1
Now, one can extract rk = gcd(a, b) from the last but one equality and
substitute there step-by-step rk−1 , rk−2 , . . . using previous equations.
We obtain finally that rk equals to a linear combination of a and b with
(not necessarily positive) integer coefficients.
GCD as a linear combination
Theorem (Bézout’s identity)
Let d = gcd(a, b). Then d can be written in the form
d = as + bt
where s and t are integers.
For example: a = 360 and b = 294
gcd(a, b) = 294 · (−11) + 360 · 9 = −11a + 9b
Application of EA: solving of linear Diophantine Equations
Corollary
Let a, b and c are positive integers. The equation
ax + by = c
has integer solutions iff c is the greatest common divisor of a and b.
The method: Making use of Euclidean algorithm, compute such
coefficients s and t that sa + tb = gcd(a, b). Then
cs
gcd(a, b)
ct
y=
gcd(a, b)
x=
Linear Diophantine Equations (2)
Example: 92x + 17y = 3
From EA:
b
a
92
17
17
7
7
3
3
1
1
0
Transformations:
Seos
92 = 5 · 17 + 7
17 = 2 · 7 + 3
7 = 2·3+1
1 = 7−2·3
= 7 − 2 · (17 − 7 · 2) = (−2) · 17 + 5 · 7 =
= (−2) · 17 + 5 · (92 − 5 · 17) = 5 · 92 + (−27) · 17
gcd(92, 7)|3 yields a solution
3·5
= 3 · 5 = 15
gcd(92, 17)
3 · (−27)
y=
= −3 · 27 = −81
gcd(92, 17)
x=
Linear Diophantine Equations (3)
Example: 5x + 3y = 2
→ many solutions
gcd(5, 3) = 1
As 1 = 2 · 5 + 3 · 3, then one solution is:
As 1 = (−10) · 5 + 17 · 3, then another
solution is:
x = 2·2 = 4
x = −10 · 2 = −20
y = −3 · 2 = −6
y = 17 · 2 = 34
Example: 15x + 9y = 8
→ no solutions
Whereas, gcd(15, 9) = 3, then the equation can be expressed as
3(5x + 3y ) = 8.
The left side of the equation is divisible by 3, but the right side does not, therefore the
equality cannot be valid for any integer x and y .
Linear Diophantine Equations (3)
Example: 5x + 3y = 2
→ many solutions
gcd(5, 3) = 1
As 1 = 2 · 5 + 3 · 3, then one solution is:
As 1 = (−10) · 5 + 17 · 3, then another
solution is:
x = 2·2 = 4
x = −10 · 2 = −20
y = −3 · 2 = −6
y = 17 · 2 = 34
Example: 15x + 9y = 8
→ no solutions
Whereas, gcd(15, 9) = 3, then the equation can be expressed as
3(5x + 3y ) = 8.
The left side of the equation is divisible by 3, but the right side does not, therefore the
equality cannot be valid for any integer x and y .
More about Linear Diophantine Equations (1)
General solution of a Diophantine equation ax + by = c is
(
x
y
kb
x0 + gcd(a,b)
ka
y0 − gcd(a,b)
=
=
where x0 and y0 are particular solutions and k is an integer.
Particular solutions can be found by means of Euclidean algorithm:
(
x0
y0
=
=
cs
gcd(a,b)
ct
gcd(a,b)
This equation has a solution (where x and y are integers) if and only if
gcd(a, b)|c
The general solution above provides all integer solutions of the equation (see
proof in http://en.wikipedia.org/wiki/Diophantine_equation)
More about Linear Diophantine Equations (2)
Example: 5x + 3y = 2
We have found, that gcd(5, 3) = 1 and its particular solutions are x0 = 4 and y0 = −6.
Thus, for any k ∈ Z:
x
y
=
=
4 + 3k
−6 − 5k
Solutions of the equation for k = . . . , −3, −2, −1, 0, 1, 2, 3, . . . are infinite sequences of
numbers:
x
y
=
=
...,
...,
−5,
9,
−2,
4,
1,
−1,
4,
−6,
7,
−11,
10,
−16,
13,
−21,
Among others, if k = −8, then we get the solution x = −20 ja y = 34.
...
...
Next section
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Prime and composite numbers
Every integer greater than 1 is either prime or composite, but not both:
A positive integer p is called prime if it has just two divisors, namely
1 and p. By convention, 1 is not prime
Prime numbers: 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, . . .
An integer that has three or more divisors is called composite
Composite numbers: 4, 6, 8, 9, 10, 12, 14, 15, 16, 18, 20, 21, 22, . . .
Next subsection
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Another application of EA
The Fundamental Theorem of Arithmetic
Every positive integer n can be written uniquely as a product of primes:
m
n = p1 . . . pm =
∏ pk ,
p1 6 · · · 6 pm
k=1
Proof.
Suppose we have two factorizations into primes
n = p1 . . . pm = q1 . . . qk ,
p1 6 · · · 6 pm and q1 6 · · · 6 qk
Assume that p1 < q1 . Since p1 and q1 are primes, gcd(p1 , q1 ) = 1.
That means that EA defines integers s and t that sp1 + tq1 = 1.
Therefore
sp1 q2 . . . qk + tq1 q2 . . . qk = q2 . . . qk
Now p1 divides both terms on the left, thus q2 . . . qk /p1 is integer
that contradicts with p1 < q1 . This means that p1 = q1 .
Similarly, using induction we can prove that p2 = q2 , p3 = q3 , etc
Q.E.D.
Canonical form of integers
Every positive integer n can be represented uniquely as a product
n
n = p1n1 p2n2 · · · pk k = ∏ p np ,
where each np > 0
p
For example:
600 = 23 · 31 · 52 · 70 · 110 · · ·
35 = 20 · 30 · 51 · 71 · 110 · · ·
5 251 400 = 23 · 30 · 52 · 71 · 112 · 130 · · · · 290 · 311 · 370 · · ·
Prime-exponent representation of integers
Canonical form of an integer n = ∏p p np provides a sequence of
powers hn1 , n2 , . . .i as another representation.
For example:
600 = h3, 1, 2, 0, 0, 0, . . .i
35 = h0, 0, 1, 1, 0, 0, 0, . . .i
5 251 400 = h3, 0, 2, 1, 2, 0, 0, 0, 0, 0, 1, 0, 0, . . .i
Prime-exponent representation and arithmetic operations
Multiplication
Let
m
m = p1m1 p2m2 · · · pk k = ∏ p mp
p
n
n = p1n1 p2n2 · · · pk k = ∏ p np
p
Then
m +nk
mn = p1m1 +n1 p2m2 +n2 · · · pk k
= ∏ p mp +np
p
Using prime-exponent representation:
mn = hm1 + n1 , m2 + n2 , m3 + n3 , . . .i
For example
600 · 35 = h3, 1, 2, 0, 0, 0, . . .i · h0, 0, 1, 1, 0, 0, 0, . . .i
= h3 + 0, 1 + 0, 2 + 1, 0 + 1, 0 + 0, 0 + 0, . . .i
= h3, 1, 3, 1, 0, 0, . . .i = 21 000
Prime-exponent representation and arithmetic operations
Multiplication
Let
m
m = p1m1 p2m2 · · · pk k = ∏ p mp
p
n
n = p1n1 p2n2 · · · pk k = ∏ p np
p
Then
m +nk
mn = p1m1 +n1 p2m2 +n2 · · · pk k
= ∏ p mp +np
p
Using prime-exponent representation:
mn = hm1 + n1 , m2 + n2 , m3 + n3 , . . .i
For example
600 · 35 = h3, 1, 2, 0, 0, 0, . . .i · h0, 0, 1, 1, 0, 0, 0, . . .i
= h3 + 0, 1 + 0, 2 + 1, 0 + 1, 0 + 0, 0 + 0, . . .i
= h3, 1, 3, 1, 0, 0, . . .i = 21 000
Prime-exponent representation and arithmetic operations
Multiplication
Let
m
m = p1m1 p2m2 · · · pk k = ∏ p mp
p
n
n = p1n1 p2n2 · · · pk k = ∏ p np
p
Then
m +nk
mn = p1m1 +n1 p2m2 +n2 · · · pk k
= ∏ p mp +np
p
Using prime-exponent representation:
mn = hm1 + n1 , m2 + n2 , m3 + n3 , . . .i
For example
600 · 35 = h3, 1, 2, 0, 0, 0, . . .i · h0, 0, 1, 1, 0, 0, 0, . . .i
= h3 + 0, 1 + 0, 2 + 1, 0 + 1, 0 + 0, 0 + 0, . . .i
= h3, 1, 3, 1, 0, 0, . . .i = 21 000
Some other operations
The greatest common divisor and the least common multiple (lcm
gcd(m, n) = hmin(m1 , n1 ), min(m2 , n2 ), min(m3 , n3 ), . . .i
lcm(m, n) = hmax(m1 , n1 ), max(m2 , n2 ), max(m3 , n3 ), . . .i
Example
120 = 23 · 31 · 51 = h3, 1, 1, 0, 0, · · · i
36 = 22 · 32 = h2, 2, 0, 0, · · · i
gcd(120, 36) = 2min(3,2) · 3min(1,2) · 5min(1,0) = 22 · 31 = h2, 1, 0, 0, . . .i = 12
lcm(120, 36) = 2max(3,2) · 3max(1,2) · 5max(1,0) = 23 · 32 · 51 = h3, 2, 1, 0, 0, . . .i = 360
Some other operations
The greatest common divisor and the least common multiple (lcm
gcd(m, n) = hmin(m1 , n1 ), min(m2 , n2 ), min(m3 , n3 ), . . .i
lcm(m, n) = hmax(m1 , n1 ), max(m2 , n2 ), max(m3 , n3 ), . . .i
Example
120 = 23 · 31 · 51 = h3, 1, 1, 0, 0, · · · i
36 = 22 · 32 = h2, 2, 0, 0, · · · i
gcd(120, 36) = 2min(3,2) · 3min(1,2) · 5min(1,0) = 22 · 31 = h2, 1, 0, 0, . . .i = 12
lcm(120, 36) = 2max(3,2) · 3max(1,2) · 5max(1,0) = 23 · 32 · 51 = h3, 2, 1, 0, 0, . . .i = 360
Properties of the GCD
Homogeneity
gcd(na, nb) = n · gcd(a, b) for any positive integer n
Proof.
Let a = p1α1 · · · pk k and b = p11 · · · pk k and gcd(a, b) = p11 · · · pkk , where
n
γi = min(αi , βi ). If n = p1n1 · · · pk k , then
α
β
β
min(α1 +n1 ,β1 +n1 )
gcd(na, nb) = p1
γ
γ
min(αk +nk ,βk +nk )
· · · pk
=
min(αk ,βk ) nk
min(α1 ,β1 ) n1
= p1
p1 · · · pk
pk =
nk γ1
γk
n1
= p1 · · · pk p1 · · · pk = n · gcd(a, b)
Q.E.D.
Properties of the GCD
GCD abd LCM
gcd(a, b) · lcm(a, b) = ab for any positive integers a and b
Proof.
min(α1 ,β1 )
min(αk ,βk ) max(α1 ,β1 )
max(αk ,βk )
· · · pk
p1
· · · pk
min(α1 ,β1 )+max(α1 ,β1 )
min(αk ,βk )+max(αk ,βk )
= p1
· · · pk
=
αk +βk
α1 +β1
= p1
· · · pk
= ab
gcd(a, b) · lcm(a, b) = p1
=
Q.E.D.
Relatively prime numbers
Definition
Two integers a and b are said to be relatively prime (or co-prime) if the only positive
integer that evenly divides both of them is 1.
Notations used:
gcd(a, b) = 1
a⊥b
For example
16 ⊥ 25 and 99 ⊥ 100
Some simple properties:
Dividing a and b by their greatest common divisor yields relatively primes:
gcd
a
b
,
gcd(a, b) gcd(a, b)
!
=1
Any two positive integers a and b can be represented as a = a0 d and b = b 0 d,
where d = gcd(a, b) and a0 ⊥ b 0
Relatively prime numbers
Definition
Two integers a and b are said to be relatively prime (or co-prime) if the only positive
integer that evenly divides both of them is 1.
Notations used:
gcd(a, b) = 1
a⊥b
For example
16 ⊥ 25 and 99 ⊥ 100
Some simple properties:
Dividing a and b by their greatest common divisor yields relatively primes:
gcd
a
b
,
gcd(a, b) gcd(a, b)
!
=1
Any two positive integers a and b can be represented as a = a0 d and b = b 0 d,
where d = gcd(a, b) and a0 ⊥ b 0
Relatively prime numbers
Definition
Two integers a and b are said to be relatively prime (or co-prime) if the only positive
integer that evenly divides both of them is 1.
Notations used:
gcd(a, b) = 1
a⊥b
For example
16 ⊥ 25 and 99 ⊥ 100
Some simple properties:
Dividing a and b by their greatest common divisor yields relatively primes:
gcd
a
b
,
gcd(a, b) gcd(a, b)
!
=1
Any two positive integers a and b can be represented as a = a0 d and b = b 0 d,
where d = gcd(a, b) and a0 ⊥ b 0
Properties of relatively prime numbers
Theorem
If a ⊥ b, then gcd(ac, b) = gcd(c, b) for any positive integer c.
Proof.
Assuming canonic representation of a = ∏p p αp , b = ∏p p βp and
c = ∏p p γp , one can conclude that for any prime p:
The premise a ⊥ b implies that p min(αp ,βp ) = 1, it is that either
αp = 0 or βp = 0.
If αp = 0, then p min(αp +γp ,βp ) = p min(γp ,βp ) .
If βp = 0, then
p min(αp +γp ,βp ) = p min(αp +γp ,0) = 1 = p min(γp ,0) = p min(γp ,βp ) .
Hence, the set of common divisors of ac and b is equal to the set of
common divisors of c and b.
Q.E.D.
Divisibility
Observation
Let
a = ∏ p αp
p
and
b = ∏ p βp .
p
Then a|b iff αp 6 βp for any prime p.
Consequences from the theorems above
1
If a ⊥ c and b ⊥ c, then ab ⊥ c
2
If a|bc and a ⊥ b, then a|c
3
If a|c, b|c and a ⊥ b, then ab|c
Example: compute gcd(560, 315)
gcd(560, 315) = gcd(5 · 112, 5 · 63) =
= 5 · gcd(112, 63) =
= 5 · gcd(24 · 7, 63) =
= 5 · gcd(7, 63)
= 5 · 7 = 35
Consequences from the theorems above
1
If a ⊥ c and b ⊥ c, then ab ⊥ c
2
If a|bc and a ⊥ b, then a|c
3
If a|c, b|c and a ⊥ b, then ab|c
Example: compute gcd(560, 315)
gcd(560, 315) = gcd(5 · 112, 5 · 63) =
= 5 · gcd(112, 63) =
= 5 · gcd(24 · 7, 63) =
= 5 · gcd(7, 63)
= 5 · 7 = 35
The number of divisors
Canonic form of a positive integer permits to compute the number
of its factors without factorization:
If
n
n = p1n1 p2n2 · · · pk k ,
then any divisor of n can be constructed by multiplying 0, 1, · · · , n1
times the prime divisor p1 , then 0, 1, · · · , n2 times the prime divisor
p2 etc.
Then the number of divisors of n should be
(n1 + 1)(n2 + 1) · · · (nk + 1).
Example
Integer 694 575 has 694 575 = 34 · 52 · 73 on (4 + 1)(2 + 1)(3 + 1) = 60
factors.
Next subsection
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Number of primes
Euclid’s theorem
There are infinitely many prime numbers.
Proof.
Let’s assume that there is finite number of primes:
p1 , p2 , p3 , . . . , pk .
Consider
n = p1 p2 p3 · · · pk + 1.
Like any other natural number, n is divisible at least by 1 and itself,
i.e. it can be prime. Dividing n by p1 , p2 , p3 , . . . or pk yields the
reminder 1. So, n should be prime that differs from any of numbers
p1 , p2 , p3 , . . . , pk , that leads to a contradiction with the assumption
that the set of primes is finite.
Q.E.D.
Number of primes (another proof)
Theorem
There are infinitely many prime numbers.
Proof.
For any natural number n, there exits a prime number greater than n:
Let p is the smallest divisor of n! + 1 that is greater than 1. Then
p is a prime number, as otherwise it wouldn’t be the smallest
divisor.
p > n, as otherwise p|n! and p|n! + 1 and p|(n! + 1) − n! = p|1.
Q.E.D.
Primes are distributed “very irregularly”
Since all primes except 2 are odd, the difference between two primes must be at
least two, except 2 and 3.
Two primes whose difference is two are called twin primes. For example (17, 19)
or (3557 and 3559). There is no proof of the hypothesis that there are infinitely
many twin primes.
Theorem
For every positive integer k, there exist k consecutive composite integers.
Proof.
Let n = k + 1 and consider the numbers n! + 2, n! + 3, . . . , n! + n. All
these numbers are composite because of i|n! + i for every
i = 2, 3, . . . , n.
Q.E.D.
Distribution diagrams for primes
The prime counting function π(n)
Definition:
π(n) = number of primes in the set{1, 2, . . . , n}
The first values:
π(1) = 0
π(2) = 1
π(3) = 2
π(4) = 2
π(5) = 3
π(6) = 3
π(7) = 4
π(8) = 4
The Prime Number Theorem
Theorem
The quotient of division of π(n) by n/ln n will be arbitrarily close to 1 as n gets large.
It is also denoted as
n
π(n) ∼
ln n
Studying prime tables C. F. Gauss come up with the formula in ∼ 1791.
J. Hadamard and C. de la Vallée Poussin proved the theorem independently
from each other in 1896.
The Prime Number Theorem (2)
Example: How many primes are with 200 digits?
The total number of positive integers with 200 digits:
10200 − 10199 = 9 · 10199
Approximate number of primes with 200 digits
π(10200 ) − π(10199 ) ≈
10200
10199
−
≈ 1, 95 · 10197
200 ln 10 199 ln 10
Percentage of primes
1
1, 95 · 10197
≈
= 0.22%
199
9 · 10
460
Next section
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Congruences
Definition
Integer a is congruent to integer b modulo m > 0, if a and b give the
same remainder when divided by m. Notation a ≡ b (mod m).
Alternative definition: a ≡ b (mod m) iff m|(b − a). Congruence is a
equivalence relation:
Reflectivity: a ≡ a (mod m)
Symmetry: a ≡ b (mod m)
⇒
b ≡ a (mod m)
Transitivity: a ≡ b (mod m) ja b ≡ c (mod m)
[0]
[1]
[2]
[3] [4]
⇒
a ≡ c (mod m)
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Properties of the congruence relation
If a ≡ b (mod m) and d|m, then a ≡ b (mod d)
If a ≡ b (mod m1 ), a ≡ b (mod m2 ), . . . , a ≡ b (mod mk ), then
a ≡ b (mod lcm(m1 , m2 , . . . , mk ))
If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m)
If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m)
If a ≡ b (mod m), then ak ≡ bk (mod m) for any integer k
If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m)
If a ≡ b (mod m), then a + um ≡ b + vm (mod m) for every integers u and v
If ka ≡ kb (mod m) and gcd(k, m) = 1, then a ≡ b (mod m)
a ≡ b (mod m) iff ak ≡ bk (mod mk) for any natural number k.
Application of congruence relation
Example 1: Find a reminder of dividing a = 13954 · 6753 + 12 · 17 · 22 by 7.
As 1395 ≡ 2 (mod 7), 675 ≡ 3 (mod 7), 12 ≡ 5 (mod 7), 17 ≡ 3 (mod 7) and
22 ≡ 1 (mod 7), then
a ≡ 24 · 33 + 5 · 3 · 1 (mod 7)
As 24 = 16 ≡ 2 (mod 7), 33 = 27 ≡ 6 (mod 7) ja 5 · 3 · 1 = 15 ≡ 1 (mod 7), siis
a ≡ 2 · 6 + 1 = 13 ≡ 6 (mod 7)
Application of congruence relation
Example 2: Find a reminder of dividing a = 53 · 47 · 51 · 43 by 56.
A.
As 53 · 47 = 2491 ≡ 27 (mod 56) and 51 · 43 = 2193 ≡ 9 (mod 56),
then
a ≡ 27 · 9 = 243 ≡ 19 (mod 56)
B.
As 53 ≡ −3 (mod 56), 47 ≡ −9 (mod 56), 51 ≡ −5 (mod 56) and
43 ≡ −13 (mod 56), then
a ≡ (−3) · (−9) · (−5) · (−13) = 1755 ≡ 19
(mod 56)
Application of congruence relation
Example 3: Find a reminder of dividing 4569 by 89
Make use of so called method of squares:
45 ≡ 45 (mod 89)
2
45 = 2025 ≡ 67 (mod 89)
454 = (452 )2 ≡ 672 = 4489 ≡ 39 (mod 89)
458 = (454 )2 ≡ 392 = 1521 ≡ 8 (mod 89)
4516 = (458 )2 ≡ 82 = 64 ≡ 64 (mod 89)
4532 = (4516 )2 ≡ 642 = 4096 ≡ 2 (mod 89)
4564 = (4532 )2 ≡ 22 = 4 ≡ 4 (mod 89)
As 69 = 64 + 4 + 1, then
4569 = 4564 · 454 · 451 ≡ 4 · 39 · 45 ≡ 7020 ≡ 78
(mod 89)
Application of congruence relation
Let n = ak · 10k + ak−1 · 10k−1 + . . . + a1 · 10 + a0 , where ai ∈ {0, 1, . . . , 9}
are digits of its decimal representation.
Theorem: An integer n is divisible by 11 iff the difference of the sums of the odd
numbered digits and the even numbered digits is divisible by 11 :
11|(a0 + a2 + . . .) − (a1 + a3 + . . .)
Proof.
Note, that 10 ≡ −1 (mod 11). Then 10i ≡ (−1)i (mod 11) for any i. Hence,
n ≡ ak (−1)k + ak−1 (−1)k−1 + . . . − a1 + a0 =
= (a0 + a2 + . . .) − (a1 + a3 + . . .) (mod 11)
Q.E.D.
Example 4: 34425730438 is divisible by 11
Indeed, due to the following expression is divisible by 11:
(8 + 4 + 3 + 5 + 4 + 3) − (3 + 0 + 7 + 2 + 4) = 27 − 16 = 11
Strange numbers: “arithmetic of days of the week”
Addition:
+
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Mo
Tu
We
Th
Fr
Sa
Multiplication:
Mo
Mo
Tu
We
Th
Fr
Sa
Su
Tu
Tu
We
Th
Fr
Sa
Su
Mo
We
We
Th
Fr
Sa
Su
Mo
Tu
Th
Th
Fr
Sa
Su
Mo
Tu
We
Fr
Fr
Sa
Su
Mo
Tu
We
Th
Sa
Sa
Su
Mo
Tu
We
Th
Fr
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Strange numbers: “arithmetic of days of the week”
Addition:
+
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Mo
Tu
We
Th
Fr
Sa
Multiplication:
Mo
Mo
Tu
We
Th
Fr
Sa
Su
Tu
Tu
We
Th
Fr
Sa
Su
Mo
We
We
Th
Fr
Sa
Su
Mo
Tu
Th
Th
Fr
Sa
Su
Mo
Tu
We
Fr
Fr
Sa
Su
Mo
Tu
We
Th
Commutativity:
Tu + Fr = Fr + Tu
Sa
Sa
Su
Mo
Tu
We
Th
Fr
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
Tu · Fr = Fr · Tu
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Strange numbers: “arithmetic of days of the week”
Addition:
+
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Mo
Tu
We
Th
Fr
Sa
Multiplication:
Mo
Mo
Tu
We
Th
Fr
Sa
Su
Tu
Tu
We
Th
Fr
Sa
Su
Mo
We
We
Th
Fr
Sa
Su
Mo
Tu
Th
Th
Fr
Sa
Su
Mo
Tu
We
Fr
Fr
Sa
Su
Mo
Tu
We
Th
Sa
Sa
Su
Mo
Tu
We
Th
Fr
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Associativity:
(Mo + We) + Fr = Mo + (We + Fr ) (Mo · We) · Fr = Mo · (We · Fr )
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Strange numbers: “arithmetic of days of the week”
Addition:
+
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Mo
Tu
We
Th
Fr
Sa
Multiplication:
Mo
Mo
Tu
We
Th
Fr
Sa
Su
Tu
Tu
We
Th
Fr
Sa
Su
Mo
We
We
Th
Fr
Sa
Su
Mo
Tu
Th
Th
Fr
Sa
Su
Mo
Tu
We
Fr
Fr
Sa
Su
Mo
Tu
We
Th
Sa
Sa
Su
Mo
Tu
We
Th
Fr
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Subtraction is inverse operation of addition:
Th − We = (Mo + We) − We = Mo
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Strange numbers: “arithmetic of days of the week”
Addition:
+
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Mo
Tu
We
Th
Fr
Sa
Multiplication:
Mo
Mo
Tu
We
Th
Fr
Sa
Su
Tu
Tu
We
Th
Fr
Sa
Su
Mo
We
We
Th
Fr
Sa
Su
Mo
Tu
Th
Th
Fr
Sa
Su
Mo
Tu
We
Fr
Fr
Sa
Su
Mo
Tu
We
Th
Su is zero element:
We + Su = We
Sa
Sa
Su
Mo
Tu
We
Th
Fr
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We · Su = Su
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Strange numbers: “arithmetic of days of the week”
Addition:
+
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Mo
Tu
We
Th
Fr
Sa
Multiplication:
Mo
Mo
Tu
We
Th
Fr
Sa
Su
Tu
Tu
We
Th
Fr
Sa
Su
Mo
We
We
Th
Fr
Sa
Su
Mo
Tu
Th
Th
Fr
Sa
Su
Mo
Tu
We
Fr
Fr
Sa
Su
Mo
Tu
We
Th
Sa
Sa
Su
Mo
Tu
We
Th
Fr
Su
Mo
Tu
We
Th
Fr
Sa
Mo is unit:
We · Mo = We
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Arithmetic modulo m
Numbers are denoted by 0, 1, . . . , m − 1, where a represents the class
of all integers that dividing by m give reminder a.
Operations are defined as follows
a+b = c
iff
a·b = c
iff
a + b ≡ c (mod m)
a · b ≡ c (mod m)
Examples
“arithmetic of days of the week", modulus 7
Boolean algebra, modulus 2
Division in modular arithmetic
Dividing a by b means to find a quotient x, such that b · x = a, s.o.
a/b = x
In "arithmetic of days of the week":
Mo/Tu = Th ja Tu/Mo = Tu.
We cannot divide by Su,
exceptionally Su/Su could be
any day.
A quotient is well defined for
a/b for every b 6= 0, if the
modulus is a prime number.
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Division in modular arithmetic
Dividing a by b means to find a quotient x, such that b · x = a, s.o.
a/b = x
In "arithmetic of days of the week":
Mo/Tu = Th ja Tu/Mo = Tu.
We cannot divide by Su,
exceptionally Su/Su could be
any day.
A quotient is well defined for
a/b for every b 6= 0, if the
modulus is a prime number.
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Division in modular arithmetic
Dividing a by b means to find a quotient x, such that b · x = a, s.o.
a/b = x
In "arithmetic of days of the week":
Mo/Tu = Th ja Tu/Mo = Tu.
We cannot divide by Su,
exceptionally Su/Su could be
any day.
A quotient is well defined for
a/b for every b 6= 0, if the
modulus is a prime number.
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Division in modular arithmetic
Dividing a by b means to find a quotient x, such that b · x = a, s.o.
a/b = x
In "arithmetic of days of the week":
Mo/Tu = Th ja Tu/Mo = Tu.
We cannot divide by Su,
exceptionally Su/Su could be
any day.
A quotient is well defined for
a/b for every b 6= 0, if the
modulus is a prime number.
Su
Mo
Tu
We
Th
Fr
Sa
Su
Su
Su
Su
Su
Su
Su
Su
Mo
Su
Mo
Tu
We
Th
Fr
Sa
Tu
Su
Tu
Th
Sa
Mo
We
Fr
We
Su
We
Sa
Tu
Fr
Mo
Th
Th
Su
Th
Mo
Fr
Tu
Sa
We
Fr
Su
Fr
We
Mo
Sa
Th
Tu
Sa
Su
Sa
Fr
Th
We
Tu
Mo
Division modulo prime p
Theorem
If m is a prime number and x < m, then the numbers
x · 0, x · 1, . . . , x · m − 1
are pairwise different.
Proof.
Assume contrary, that the reminders of dividing x · i and x · j, where
i < j, by m are equal. Then m|(j − i)x, that is impossible as j − i < m
and gcd(m, x) = 1. Hence, x · i 6= x · j
Q.E.D.
Corollary
If m is prime number, then the quotient of the division x = a/b modulo m is well
defined for all b 6= 0.
If the modulus is not prime ...
The quotient is not well defined, for
example:
1 = 2/2 = 3
0
1
2
3
0
1
2
3
0
0
0
0
0
1
2
3
0
2
0
2
0
3
2
1
Computing of x = a/b modulo p (where p is a prime number)
In two steps:
1
Compute y = 1/b
2
Compute x = y · a
How to compute y = 1/b i.e. find such a y , that b · y = 1
Algorithm:
1
Using Euclidean algorithm, compute gcd(p, b) = . . . = 1
2
Find the coefficients s and t, such that ps + bt = 1
3
if t > p then t := t mod p fi
4
return(t)
% Property: t = 1/b
Division modulo p
Example: compute 53/2 modulo 234 527
At first, we find 1/2. For that we compute GCD of the divider and
modulus:
gcd(234527, 2) = gcd(2, 1) = 1
The reminder can be expressed by modulus ad divider as follows:
1 = 2(−117263) + 234527 or
− 117263 · 2 ≡ 117264 (mod 234527)
Thus, 1/2 = 117264
Due to x = 53 · 117264 ≡ 117290 (mod 234527), the result is
x = 53 · 117264 = 117290.
Linear equations
Solve the equation 7x + 3 = 0 modulo 47
Solution can be written as x = −3/7
Compute GCD using Euclidean algorithm
gcd(47, 7) = gcd(7, 5) = gcd(5, 2) = gcd(2, 1) = 1,
that yields the relations
1 = 5−2·2
2 = 7−5
5 = 47 − 6 · 7
Find coefficients of 47 and 7:
1 = 5−2·2 =
= (47 − 6 · 7) − 2 · (7 − 5) =
= 47 − 8 · 7 + 2 · 5 =
= 47 − 8 · 7 + 2 · (47 − 6 · 7) =
= 3 · 47 − 20 · 7
Continues on the next slide ...
Linear equations (2)
Solve the equation 7x + 3 = 0 modulo 47
The previous expansion of the gcd(47, 7) shows that
27 · 7 ≡ 1 (mod 47)
−20 · 7 ≡ 1 (mod 47) i.e.
Hence, 1/7 = −20 = 27
The solution is x = −3 · 27 = 13
The latter equality is consequence from the congruence relation 44 ≡ −3 (mod 47),
mistõttu x = 44 · 27 = 1188 ≡ 13 (mod 47)
Solving a system of equations using elimination method
Example
Assuming modulus 127, find integers x and y such that:
12x + 31y = 2
2x + 89y = 23
Accordingly to the elimination method, multiply the second equation by −6 and sum
pu the equations, we get
2 − 6 · 23
y=
31 − 6 · 89
Due to 6 · 23 = 138 ≡ 11 (mod 127) and 6 · 89 = 534 ≡ 26 (mod 127), the latter
equality can be transformed as follows:
y=
2 − 11
−9
=
31 − 26
5
Substituting y into the second equation, express x and transform it further considering
that 5 · 23 = 115 ≡ −12 (mod 127) and 9 · 89 = 801 ≡ 39 (mod 127):
x=
23 − 89y
23 · 5 − 899
−12 + 39
27
=
=
=
2
10
10
10
Solving a system of equations using elimination method (2)
Continuation of the last example ...
Computing:
x = 27/10
y = −9/5
if the modulus is 127.
Apply the Euclidean algorithm:
gcd(127, 5) = gcd(5, 2) = gcd(2, 1) = 1
gcd(127, 10) = gcd(10, 7) = gcd(7, 3) = gcd(3, 1) = 1
That gives the equalities:
1 = 5 − 2 · 2 = 5 − 2(127 − 25 · 5) = (−2)127 + 51 · 5
1 = 7 − 2 · 3 = 127 − 12 · 10 − 2(10 − 127 + 12 · 10) = 3 · 127 − 38 · 10
Hence, division by 5 is equivalent to multiplication by 51 and division by 10 to
multiplication to −38-ga. Then the solution of the system is
x = 27/10 = −27 · 38 = −1026 = 117
y = −9/5 = −9 · 51 = −459 = 49
Next section
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
For determining whether a number n is prime.
There are alternatives:
Try all numbers 2, . . . , n − 1. If n is not dividisble by none of them,
then it is prime.
√
Same as above, only try nimbers 2, . . . , n.
Probabilistic algorithms with polynomial complexity (the Fermat’
test, the Miller-Rabin test, etc.).
Deterministic primality-proving algorithm by Agrawal–Kayal–Saxena
(2002).
For determining whether a number n is prime.
There are alternatives:
Try all numbers 2, . . . , n − 1. If n is not dividisble by none of them,
then it is prime.
√
Same as above, only try nimbers 2, . . . , n.
Probabilistic algorithms with polynomial complexity (the Fermat’
test, the Miller-Rabin test, etc.).
Deterministic primality-proving algorithm by Agrawal–Kayal–Saxena
(2002).
For determining whether a number n is prime.
There are alternatives:
Try all numbers 2, . . . , n − 1. If n is not dividisble by none of them,
then it is prime.
√
Same as above, only try nimbers 2, . . . , n.
Probabilistic algorithms with polynomial complexity (the Fermat’
test, the Miller-Rabin test, etc.).
Deterministic primality-proving algorithm by Agrawal–Kayal–Saxena
(2002).
For determining whether a number n is prime.
There are alternatives:
Try all numbers 2, . . . , n − 1. If n is not dividisble by none of them,
then it is prime.
√
Same as above, only try nimbers 2, . . . , n.
Probabilistic algorithms with polynomial complexity (the Fermat’
test, the Miller-Rabin test, etc.).
Deterministic primality-proving algorithm by Agrawal–Kayal–Saxena
(2002).
Next subsection
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Fermat’s “Little” Theorem
Theorem
If p is prime and a is an integer not divisible by p, then
p|ap−1 − 1
Lemma
If p is prime and 0 < k < p, then p| kp
Proof. This follows from the equality
p
p(p − 1) · · · (p − k + 1)
=
k
k(k − 1) · · · 1
Pierre de
Fermat
(1601–1665)
Another formulation of the theorem
Fermat’s “little” theorem
If p is prime, and a is an integer, then p|ap − a.
Proof.
If a is not divisible by p, then p|ap−1 − 1 iff p|(ap−1 − 1)a
The assertion is trivally true if a = 0. To prove it for a > 0 by induction, set
a = b + 1. Hence,
ap − a = (b + 1)p − (b + 1) =
p p−1
p
= bp +
b
+···+
b+1−b−1 =
1
p−1
p p−1
p
= (b p − b) +
b
+···+
b
1
p−1
Here the expression (b p − b) is divisible by p by the induction hypothesis, while other
terms are divisible by p by the Lemma.
Q.E.D.
Application of the Fermat’ theorem
Example: Find a reminder of division the integer 34565 by 13.
Fermat’ theorem gives 312 ≡ 1 (mod 13). Let’s divide 4565 by 12 and compute the
reminder: 4565 = 380 · 12 + 5. Then
34565 = (312 )380 35 ≡ 1380 35 = 81 · 3 ≡ 3 · 3 = 9 (mod 13)
Pseudoprimes
A pseudoprime is a probable prime (an integer that shares a property common to all
prime numbers) that is not actually prime.
The assertion of the Fermat’ theorem is valid also for some composite numbers.
For instance, if p = 341 = 11 · 31 and a = 2, then dividing
2340 = (210 )34 = 102434
by 341 yields the reminder 1, because of dividing 1024 gives the reminder 1.
Integer 341 is a Fermat’ pseudoprime to base 2.
However, 341 the assertion of Fermat’ theorem is not satisfied for the base 3.
Dividing 3340 by 341 results in the reminder 56.
Carmichael numbers
Definition
An integer n that is a Fermat pseudoprime for every base a that are
coprime to n is called a Carmichael number.
Example: let p = 561 = 3 · 11 · 17 and gcd(a, p) = 1.
a560 = (a2 )280 gives the reminder 1, if divded by 3
a560 = (a10 )56 gives the reminder 1, if divded by 11
a560 = (a16 )35 gives the reminder 1, if divded by 17
Thus a560 − 1 is divisible by 3, by 11 and by 17.
See http://oeis.org/search?q=Carmichael, jada nr A002997
Next subsection
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
Fermat’ test
Fermat’ theorem: If p is prime and integer a is such that 1 6 a < p, then
ap−1 ≡ 1 (mod p).
To test, whether n is prime or composite number:
Check validity of an−1 ≡ 1 (mod n) for every a = 2, 3, . . . , n − 1 .
If the condtion is not satisfiable for one or more value of a, then n is composite,
otherwise prime.
Example: is 221 prime?
5
≡ 5920 = 594 ≡ 1525 =
2
= 152 · 1522 ≡ 152 · 1202 ≡ 152 · 35 = 5320 ≡ 16 (mod 221)
2220 = 211
20
Hence, 221 is a composite number. Indeed, 221 = 13 · 17
Fermat’ test
Fermat’ theorem: If p is prime and integer a is such that 1 6 a < p, then
ap−1 ≡ 1 (mod p).
To test, whether n is prime or composite number:
Check validity of an−1 ≡ 1 (mod n) for every a = 2, 3, . . . , n − 1 .
If the condtion is not satisfiable for one or more value of a, then n is composite,
otherwise prime.
Example: is 221 prime?
5
≡ 5920 = 594 ≡ 1525 =
2
= 152 · 1522 ≡ 152 · 1202 ≡ 152 · 35 = 5320 ≡ 16 (mod 221)
2220 = 211
20
Hence, 221 is a composite number. Indeed, 221 = 13 · 17
Problems of the Fermat’ test
Computing of LARGE powers
method of squares
Computing with LARGE numbers
n is a pseudoprime
modular arithmetic
choose a randomly and repeat
n is a Carmichael number
Rabin-Miller test
use better methods, for example
Modified Fermat’ test
Input: n – a value to test for primality
k – the number of times to test for primality
Output: "n is composite" or "n is probably prime"
for i := 0 step 1 to k
do
1
2
pick a randomly, such that a < n
if an−1 6≡ 1 (mod n) return("n is composite"); exit
od
return("n is probably prime")
Example, n = 221, randomly picked values for a are 38 ja 26
an−1 = 38220 ≡ 1 (mod 221)
an−1 = 26220 ≡ 169 6≡ 1 (mod 221)
38 is pseudoprime
221is composite number
Does not work, if n is Carmichael number: 561, 1105, 1729, 2465, 2821, 6601, 8911, . . .
Modified Fermat’ test
Input: n – a value to test for primality
k – the number of times to test for primality
Output: "n is composite" or "n is probably prime"
for i := 0 step 1 to k
do
1
2
pick a randomly, such that a < n
if an−1 6≡ 1 (mod n) return("n is composite"); exit
od
return("n is probably prime")
Example, n = 221, randomly picked values for a are 38 ja 26
an−1 = 38220 ≡ 1 (mod 221)
an−1 = 26220 ≡ 169 6≡ 1 (mod 221)
38 is pseudoprime
221is composite number
Does not work, if n is Carmichael number: 561, 1105, 1729, 2465, 2821, 6601, 8911, . . .
Next subsection
1 Prime and Composite Numbers
Divisibility
2 Greatest Common Divisor
Definition
The Euclidean algorithm
3 Primes
The Fundamental Theorem of Arithmetic
Distribution of prime numbers
4 Modular arithmetic
5 Primality test
Fermat’ theorem
Fermat’ test
Rabin-Miller test
An idea, how to battle against Carmichael numbers
Let n be an odd positive integer to be tested against primality
Randomly pick an integer a from the interval 0 6 a 6 n − 1.
Consider the expression an − a = a(an−1 − 1) and until possible,
transform it applying the identity x 2 − 1 = (x − 1)(x + 1)
If the expression an − a is not divisible by n, then all its divisors are
also not divisible by n.
If at least one factor is divisible by n, then n is probably prime. To
increase this probability, it is need to repeat with another randomly
chosen value of a.
Example: n = 221
Let’s factorize:
a221 − a = a(a220 − 1) =
= a(a110 − 1)(a110 + 1) =
= a(a55 − 1)(a55 + 1)(a110 + 1)
If a = 174, then
174110 = (1742 )55 ≡ (220)55 = 220 · (2202 )27 ≡ 220 · 127 ≡ 220 ≡ −1 (mod 221).
Thus 221 is either prime or pseudoprime to the base 174.
If a = 137, then 221 6 |a, 221 6 |(a55 − 1), 221 6 |(a55 + 1), 221 6 |(a110 + 1).
Consequently, 221 is a composite number
Rabin-Miller test
Input: n > 3 – a value to test for primality
k – the number of times to test for primality
Output: "n is composite" or "n is probably prime"
Factorize n − 1 = 2s · d, where d is an odd number
LOOP: for i := 0 step 1 to k
{
Randomly pick value for a ∈ {2, 3, . . . , n − 1};
x := ad mod n;
if x = 1 or x 6= 1 then { next LOOP; }
for r := 1 step 1 to s − 1
{
1 x := x 2 mod n
2 if x = 1 then { return("n is composite"); exit; }
3 if x = n − 1 then { next LOOP; }
}
5 return("n is composite"); exit;
1
2
3
4
}
return("n is probably prime");
Complexity of the algorithm is O(k log32 n)
Example n = 561 (Carmichael number)
Factorize:
a561 − a = a(a560 − 1) =
= a(a280 − 1)(a280 + 1) =
= a(a140 − 1)(a140 + 1)(a280 + 1) =
= a(a70 − 1)(a70 + 1)(a140 + 1)(a280 + 1) =
= a(a35 − 1)(a35 + 1)(a70 + 1)(a140 + 1)(a280 + 1)
Taking a = 2, we obtain
561 6 |(a35 − 1) 561 6 |(a35 + 1) 561 6 |(a70 + 1) 561 6 |(a140 + 1) 561 6 |(a280 + 1),
Thus 561 is composite.
