THE INTEGERS STEVEN DALE CUTKOSKY 1. Elementary properties of the integers We use an axiomatic approach to understanding the integers, in much the way that Euclidean geometry is studied. We assume that the integers do exist, and we list a few elementary properties (axioms) which they have. Everything else that we use must be proven from these elementary properties. As a set, the integers are the increasing sequence of numbers obtained by counting up (1) 1, 2, 3, . . . together with the number 0 and the negative numbers (2) −1, −2, −3 . . . obtained by counting down. We have (3) Z = {. . . , −3. − 2, −1, 0, 1, 2, 3, . . .}. The Z is historical, and comes from the German word zahlen for numbers. 1.1. Addition and Multiplication. Z has an addition operation +. If a, b ∈ Z, then the sum a + b ∈ Z. Addition is commutative; that is a+b=b+a for all a, b ∈ Z. Addition is also associative; that is, a + (b + c) = (a + b) + c for all a, b, c ∈ Z. We further have that 0 is an additive identity of Z; that is, a + 0 = 0 + a = a for all a ∈ Z. Theorem 1.1. 0 is the unique additive identity of Z. Proof. Suppose that b is an additive identity of Z, so that b + a = a + b for all a ∈ Z. We must show that b = 0. We have b+0=b since 0 is an additive identity of Z. We also have b+0=0 since b is an additive identity of Z. We conclude that b = b + 0 = 0. 1 The integers have the property that every integer has an additive inverse. a0 ∈ Z is an additive inverse of a ∈ Z if a + a0 = a0 + a = 0. We will now state some theorems which can be proven from the above properties that we are assuming about the integers. The exercises in this section ask for proofs of the theorems which we do not prove. Theorem 1.2. Every integer a has a unique additive inverse a0 . The notation of Z is set up so that if n is a positive integer, in the set (1), then −n in the set (2), obtained by counting down n times from 0, is the additive inverse of n. We will write from now on −a to mean the additive inverse a0 of a ∈ Z. Theorem 1.3. Suppose that a, b ∈ Z. Then the equation a+x=b has a unique solution x ∈ Z. The integers also have multiplication. We multiply a and b in Z to get a · b ∈ Z. We also write ab to mean a · b. Multiplication is commutative; that is ab = ba for all a, b ∈ Z. Multiplication is also associative; That is, a(bc) = (ab)c for all a, b, c ∈ Z. We further have that 1 is a multiplicative identity of Z; that is, a · 1 = 1 · a = a for all a ∈ Z. Theorem 1.4. 1 is the unique multiplicative identity of Z. The distributive law holds for addition and multiplication; that is, a(b + c) = ab + ac for all a, b, c ∈ Z. The integers also have the property that the cancellation property for multiplication holds; that is If a, b, c ∈ Z with c 6= 0, and ca = cb, then a = b. Since addition is associative, so that a + (b + c) = (a + b) + c, it is usual write a + b + c to represent this sum. In a similar way, from the associativity of multiplication, we write abc to represent a(bc) = (ab)c. As such, expressions like abcd + ef g + hikl + mnopq have an unambiguous meaning. Theorem 1.5. Suppose that a ∈ Z. Then a · 0 = 0 for all a ∈ Z. 2 Proof. Suppose that a ∈ Z. a · 0 = a · (0 + 0) since 0 is the additive identity of Z = a · 0 + a · 0 by the distributive law. Now we add the additive inverse −(a · 0) of a · 0 to both sides of the above equation to obtain (a · 0) + −(a · 0) = (a · 0) + (a · 0) + −(a · 0). Since −(a · 0) is the additive inverse for a · 0, we obtain 0 = (a · 0) + 0. Now since 0 is the additive identity of Z, we obtain 0 = a · 0. In the following exercises, we derive some useful, and familiar properties of the integers. Exercises (1) Suppose that a, b, c ∈ Z. Prove that (a + b)c = ac + bc. (2) Prove that the cancellation law for addition holds. Suppose that a, b, c ∈ Z and a + b = a + c. Show that b = c. (3) Prove Theorem 1.2. (4) Prove Theorem 1.3. We may thus define the operation subtraction on Z. For a, b ∈ Z, write b − a = c if c ∈ Z is the unique integer which satisfies a + c = b. (5) Prove Theorem 1.4. (6) Suppose that a, b ∈ Z. Let b0 be the additive inverse of b. Show that a + b0 = a − b. Using the more familiar notation b0 = −b, this shows that a + (−b) = a − b. (7) Show that −(−a) = a for all a ∈ Z. (8) Show that (−a)b = −(ab) and (−a)(−b) = ab for a, b ∈ Z. (9) Show that −(a + b) = −a − b for a, b ∈ Z. (10) Show that Z has no zero divisors; that is, show that if a, b ∈ Z and ab = 0, then a = 0 or b = 0. 1.2. Order. We have a natural order < on the integers Z. We may list the integers by counting up as . . . , −3, −2, −1, 0, 1, 2, 3, . . . . If a, b ∈ Z, and a is to the left of b in the above list, then we say a < b. All properties of order can be described by the positive integers 1, 2, 3, . . . Now we will define these properties axiomatically. In the following axiom, we do not know what the positive integers are, although it turns out that they are what we expect. At this point, we do not even know if 1 is positive or not. 3 The integers have a subset of elements called the positive integers which satisfy the following three properties. (1) Addition: The sum of two positive integers is positive. (2) Multiplication: The product of two positive integers is positive. (3) Law of trichototomy: For a given integer a, one and only one of the following alternatives holds: (a) a is positive, (b) a = 0, or (c) −a is positive. Theorem 1.6. Suppose that a is a nonzero integer. Then a2 is positive. Proof. Suppose that a is a nonzero integer. By the law of trichotomy, either a or −a is positive. If a is positive, then a2 is positive by the property of multiplication. If −a is positive, then a2 = (−a)2 = is positive by the property of multiplication and exercise (8) of Section 1.1. Corollary 1.7. 1 is a positive integer. Proof. 1 = 12 is positive by the theorem. Suppose that a, b are integers. We define a < b if b − a is a positive integer. We may also define a ≤ b if b − a is a positive integer or a = b. We further define a > b if b < a and define a ≥ b if b ≤ a. Theorem 1.8. (Transitive law) Suppose that a, b, c ∈ Z are such that a < b and b < c. Then a < c Proof. Since a < b and b < c, we have that b − a and c − b are positive. By the addition property, c − a = (c − b) + (b − a) is positive. Thus a < c. Theorem 1.9. (1) If a < b then a + c < b + c. (2) If a < b and 0 < c then ac < bc. (3) One of the following three cases must hold for a, b ∈ Z: (i) a < b (ii) a = b (iii) a > b Proof. We prove (2) and leave the remaining parts of the theorem for the exercises. By our assumption, b − a and c are positive numbers. By the multiplication property, (b − a)c = bc − ca is positive integer. Thus ac < bc. Theorem 1.10. Suppose that a, b, c, d ∈ Z. If a ≤ c and b ≤ d then a + b ≤ c + d. 4 For a ∈ Z, we define the absolute value |a| of a, by a |a| = 0 −a if a > 0 if a = 0 if a < 0 The absolute value of an integer a is always nonnegative (|a| ≥ 0) by the law of trichotomy. Theorem 1.11. Suppose that a, b ∈ Z. Then (1) |a||b| = |ab|. (2) |a + b| ≤ |a| + |b|. Proof. We will prove (2) of the theorem, and leave the proof of (1) as an exercise. If a ≥ 0, then |a| = a ≥ 0 ≥ −a = −|a|. if a < 0, then |a| = −a > 0 > a = −|a|. Thus we have −|a| ≤ a ≤ |a|. The same calculation for b yields −|b| ≤ b ≤ |b|. By Theorem 1.10 (and Exercise 8 of Section 1.1), we may add these inequalities, to get −(|a| + |b|) = −|a| + (−|b|) ≤ a + b ≤ |a| + |b|. We rewrite this as the two inequalities a+b ≤ |a| + |b| and −(a + b) ≤ |a| + |b|. Since |a + b| must be one of a + b or −(a + b), the conclusions of the theorem hold. Exercises (1) (2) (3) (4) (5) (6) Prove the remaining parts of Theorem 1.9 Prove Theorem 1.10. Prove (1) of Theorem 1.11. Suppose that a, x, y ∈ Z. Prove that a − x < a − y if and only if x > y. Suppose that a, b ∈ Z. Prove that ||a| − |b|| ≤ |a − b|. Prove that the equation x2 + 1 = 0 does not have a solution in Z. 5 1.3. Well ordering. Well ordering is the most restrictive of the properties of the integers. The Well Ordering Property. Every nonempty subset of the positive integers contains a smallest member. All of the previous axioms that we have discussed hold for numbers which are much larger than the integers, such as the rational numbers and real numbers. The complex numbers are not ordered, but they do satisfy the axioms of addition and multiplication of the first section of this chapter. The well ordering property (along with the other axioms we have found) uniquely determines the integers. We will not prove this in these notes, but we will motivate this by demonstrating that the rational numbers are not well ordered. Let 1 S = { | x is a positive integer}. x S is a nonempty subset of the positive rational numbers which does not have a smallest member. Theorem 1.12. There is no integer between 0 and 1. Proof. Let S = {c ∈ Z | 0 < c < 1}. Suppose that S is nonempty. Then by well ordering of the positive integers, S contains a smallest element m. We have 0 < m < 1. By (2) of Theorem 1.9, we have 0 < m2 < m. But then m2 ∈ S, which is a contradiction since m2 < m. We now prove the the principal of induction. Theorem 1.13. (Principle of Induction) For each positive integer n suppose that we have a proposition P (n) which is either true or false. Assume that (1) P (1) is true. (2) For all positive integers k, The assumption that P (k) is true implies that P (k + 1) is true. Then P (n) is true for all positive integers n. Proof. Suppose that P (n) is false for some positive integer n. Let S be the set of all positive integers n such that P (n) is false. Since S is a nonempty subset of the positive integers, and the integers are well ordered, S has a smallest element m. Since P (1) is true, and by Theorem 1.12, m > 1. Thus m − 1 > 0, so that since m − 1 is a positive integer which is not in S, we have P (m − 1) is true. But by the induction assumption (2) we must have that P (m) is true, a contradiction. Theorem 1.14. For each positive integer n suppose that we have a proposition P (n) which is either true or false. Assume that (1) P (1) is true. (2) For all integers k ≥ 2, the assumption that P (m) is true for all integers m with 1 ≤ m < k implies that P (k) is true. 6 Then P (n) is true for all positive integers n. A typical example of the use of induction is in the proof of the following theorem. Theorem 1.15. Suppose that n is a positive integer. Then 1 + 2 + ··· + n = n(n + 1) . 2 Proof. For n a positive integer, let P (n) be the proposition n X i= i=1 n(n + 1) . 2 P = 1, so that P (1) is true. We compute 1i=1 i = 1 and 1(1+1) 2 We now assume that P (k) is true for some k ≥ 1. We have Pk+1 Pk i=1 i = ( i=1 i) + (k + 1) = k(k+1) + (k + 1) by the induction assumption that P (k) is true 2 k(k+1)+2(k+1) = 2 = (k+1)(k+2) = (k+1)((k+1)+1) 2 2 so that P (k + 1) is true. By induction, P (n) is true for all positive integers n, so that the theorem is true. Exercises (1) A subset S of Z is bounded from below if there exists l ∈ Z such that a > l for all a ∈ S. Suppose that S is a nonempty subset of Z which is bounded from below. Prove that S contains a smallest member. (2) Prove Theorem 1.14. (3) Suppose that a, b, ∈ Z. Prove that (ab)n = an bn for any positive integer n. (4) Suppose that k, n are nonnegative integers with k ≤ n and x, y are integers. (i) Prove that n n n+1 + = . k−1 k k (ii) Prove the binomial formula (x + y)n = n X n k=0 k xn−k y k . (5) Find the integers which have multiplicative inverses. A multiplicative inverse a of a ∈ Z is an integer a such that aa = aa = 1. Prove your answer. 2. The basic theorems of the integers In this section we prove the basic properties of divisibility of integers, culminating in the fundamental theorem of arithmetic. 7 2.1. Divisibility. Definition 2.1. An integer b is divisible by an integer a if there exists an integer d such that b = ad. We will write a|b if a divides b. Definition 2.2. An integer p > 1 is a prime if the only positive integers which divide p are 1 and p. Theorem 2.3. Suppose that a, b, c ∈ Z. (1) (2) (3) (4) (5) (6) 1|a a | 0. If a | b and b | c the a | c. If a | b and a | c, then a | (ub + vc) for all u, v ∈ Z. If a | 1 then a = 1 or a = −1. If a | b and b | a then a = ±b. Proof. We will prove (4), and leave the proofs of the remaining parts of the theorem for the exercises of this section. Suppose that a | b and a | c. Then b = da and c = ea for some integers d and e. Thus ub + vc = uda + vea = (ud + ve)a. Thus a | ub + vc. Exercises (1) Prove the unproven parts of Theorem 2.3. (2) Suppose that a > 1 is an integer which is not a prime. Prove that a has a positive √ prime divisor p with p ≤ a. (3) Suppose that a, b ∈ Z, b 6= 0 and a | b. Prove that |a| ≤ |b|. 2.2. The Euclidean Algorithm. We begin by proving Euclidean division. Theorem 2.4. Suppose that a, b ∈ Z with b > 0. Then there exist integers q and r with 0 ≤ r < b such that a = qb + r. Proof. Let S = {a − cb | c ∈ Z and a − cb ≥ 0}. S is a nonempty since a − cb > 0 if c < −|a|. Since S is bounded from below (by -1), S contains a smallest member r by well ordering of the integers. Since r ∈ S, we have r = a − qb for some q ∈ Z and r ≥ 0. Suppose (if possible) that r ≥ b. Then 0 ≤ r − b = a − (q + 1)b so that r − b ∈ S. This is a contradiction to the minimality of r in S. Thus we must have r < b. Corollary 2.5. The integers q and r of the conclusions of Theorem 2.4 are uniquely determined. 8 Corollary 2.6. Suppose that a, b ∈ Z with b 6= 0. Then there exist unique integers q and r with 0 ≤ r < |b| such that a = qb + r. One of the most important properties of the integers is the existence of greatest common divisors. Definition 2.7. Suppose that a, b ∈ Z. d ∈ Z is a greatest common divisor of a and b if (1) d | a and d | b. (2) If c ∈ Z is such that c | a and c | b, then c | d. Theorem 2.8. Suppose that a, b ∈ Z are both nonzero. Then (1) There exist s, t ∈ Z such that sa + tb is a positive greatest common divisor of a and b. (2) a, b have a unique positive greatest common divisor. Proof. Let S = {ma + nb | m, n ∈ Z and ma + nb > 0}. S is nonempty since a, b are nonzero. Since S is a subset of the positive integers and the integers are well ordered, S has a minimal element d. We have an expression d = sa + tb for some s, t ∈ Z. We will prove that d is a greatest common divisor of a and b. Write a = qd + r with 0 ≤ r < d. Assume (if possible) that r > 0. We have a = q(sa + tb) + r, so that 0 < r = (1 − qs)a − tb. Thus r ∈ S. But r < d, which is a contradiction to the minimality of d in S. Thus r = 0 and d | a. The same argument applied to b shows that d | b. Now suppose that c | a and c | b. Then there are integers e and f such that a = ec and b = f c. Substituting into d = sa + tb, we have d = sec + tf c = (sd + rf )c. Thus c | d. We have proven that d is a positive greatest common divisor of a and b. Now we will prove that there is a unique positive greatest common divisor of a and b. Suppose that d and d0 are positive greatest common divisors of a and b. We will prove that d = d0 . Since d is a divisor of a and b and d0 is a greatest common divisor of a and b we have that d | d0 . Since d0 is a divisor of a and b and d0 is a greatest common divisor of a and b we have that d0 | d. By (6) of Theorem 2.3, d = ±d0 . Since d and d0 are both positive, d = d0 . From the conclusions of Theorem 2.8 we see that we can define gcd(a, b) to be the unique positive greatest common divisor of two nonzero integers a and b. A very efficient way to compute the greatest common divisor of two (nonzero) integers a and b, and to express it in the form gcd(a, b) = sa + tb is by the Euclidean algorithm. Suppose that a and b are nonzero integers, and we want to compute their greatest common divisor. We may assume that both a and b are positive, since we can replace a with −a and b with −b without changing their greatest common divisor. Now apply Euclidean division to write (4) a = bq1 + r1 with 0 ≤ r1 < b. 9 We have that gcd(a, b) = gcd(b, r1 ) by Exercise (7) of this section. If r1 = 0 we are done, as we have b = gcd(a, b). Suppose that r1 > 0. We then repeat this reduction to obtain b = r1 q2 + r2 with 0 < r2 < r1 r1 = r2 q3 + r3 with 0 < r3 < r2 .. . (5) rn−2 = rn−1 qn + rn with 0 < rn < rn−1 rn−1 = rn qn Since the remainders continually decrease, the algorithm must terminate with a remainder rn+1 = 0, as is indicated in the last line of (5). Now by repeated application of Exercise (7) of this section, we see that gcd(a, b) = gcd(b, r1 ) = gcd(r1 , r2 ) = · · · = gcd(rn−1 , rn ). Since rn is a divisor of rn−1 , we have that gcd(rn−1 , rn ) = rn , and thus gcd(a, b) = rn . We now compute gcd(a, b) = sa + tb. We realize this by another pass through (4) and (5), by writing r1 = a − bq1 = a + (−q1 )b r2 = b − q2 r1 = (−q2 )a + (1 + q1 q2 )b .. . We say that two nonzero integers a and b are relatively prime if gcd(a, b) = 1. Relatively prime integers a and b have the following very important property. Theorem 2.9. Suppose that a, b ∈ Z are nonzero and gcd(a, b) = 1. Suppose that c ∈ Z and a | bc. Then a | c. Proof. By Theorem 2.8, there exist s, t ∈ Z such that 1 = sa + tb. We have c = 1 · c = (sa + tb)c = sac + tbc. Since a | bc by assumption, and a certainly divides sac, we have that a | c by (4) of Theorem 2.3. Theorem 2.10. Suppose that p is a prime number and a, b ∈ Z are such that p | ab. Then p | a or p | b. Exercises (1) Prove Corollary 2.5. Hint: Start out by assuming that q, r and q 0 , r0 both satisfy the conclusions of Theorem 2.4. Prove that r = r0 and q = q 0 . (2) Prove Corollary 2.6. (3) Find gcd(a, b) and express gcd(a, b) = sa + tb for: (a) 116, -84 (b) 85, 86 (c) 72, 26 (d) 72, 25 10 (4) Show that gcd(ma, mb) = m · gcd(a, b) if a, b, m are positive integers. (5) Suppose that a, b, m are positive integers. Show that if a | m, b | m and gcd(a, b) = 1, then (ab) | m. (6) Suppose that a, b, c ∈ Z, gcd(a, b) = 1 and gcd(a, c) = 1. Prove that gcd(a, bc) = 1. (7) Suppose that a, b, q, r are integers and a = bq + r. Prove that gcd(a, b) = gcd(b, r). (8) Prove Theorem 2.10. (9) Suppose that m and n are positive integers. Define the least common multiple of m and n to be the smallest positive integer v such that m | v and n | v. Show that mn v= . gcd(m,n) 2.3. The fundamental theorem of arithmetic. In this section, we prove the following theorem, called the fundamental theorem of arithmetic. Theorem 2.11. Suppose that n > 1 is an integer. Then there is a unique factorization (6) n = pa11 pa22 · · · pakk where k is a positive integer, p1 < p2 < · · · < pk are primes and a1 , . . . , ak are positive integers. Proof. We first prove the existence of such a factorization for every integer n > 1. We assume that the existence of such a factorization is false, and will derive a contradiction. Let S be the set of all integers n > 1 for which there is not a factorization (6). By our assumption, S is nonempty. Since S is bounded below, it has a smallest element m, by well ordering of the integers. Now m is not a prime, since otherwise it could not be in S. Thus m has a positive divisor a which is not 1 and not m. We have m = ab for appropriate b ∈ Z which is also not 1 and not m. We thus have 1 < a < m and 1 < b < m. Since m is the least element of S, we must have a 6∈ S and b 6∈ S. Thus both a and b have factorizations of the form of (6), so that their product m = ab also has a factorization of the form of (6). This gives a contradiction to our assumption that S is nonempty. We conclude that every integer n > 1 must have a factorization into products of primes of the form of (6). Now we prove the uniqueness of the expression (6). We will assume that uniqueness is false, and derive a contradiction. Let T be the set of integers which are greater than 1 and which do not have a unique factorization of the form (6). Since we are assuming that T is nonempty, and T is bounded from below, there is a smallest element m of T , by well ordering of the integers. m necessarily has two distinct factorizations into primes of the form (6), say (7) m = pa11 pa22 · · · pakk and (8) m = q1b1 q2b2 · · · qlbl . Thus p1 divides m = q1b1 · · · qlbl . By Theorem 2.10, we have that p1 divides q1b1 or p1 divides pb22 · · · pbl l . Repeating this argument at most l−1 times, we conclude that p1 divides qibi for some i. Now we conclude by further application of Theorem 2.10 that p1 | qi . Since 11 qi is a prime, and p1 > 1, we must have that p1 = qi . Dividing p1 out of the expressions (7) and (8), we have two distinct factorizations m = pa11 −1 pa22 · · · pakk = q1b1 · · · qibi −1 · · · qlbl , p1 so that we either have that pm1 ∈ T , which is impossible since m > pm1 is the smallest element of T , or m = p1 . But in this case m = q1 = p1 , giving a contradiction to the assumption that the factorizations (7) and (8) are distinct. Theorem 2.12. (Euclid) There are infinitely many primes. Proof. Suppose that the theorem is false. Then there are only finitely many primes, p1 , p2 , . . . , pm . Let q = p1 p2 · · · pm + 1. Since q > pi for 1 ≤ i ≤ m, q cannot be a prime. If a prime pi divided q, then pi would have to divide 1, which is impossible, by Theorem 2.3. Thus q is an integer which is greater than 1 and is not divisible by a prime. But this is impossible, since q is divisible by a prime by Theorem 2.11 Exercises (1) Starting with 2, 3, 5, 7, · · · construct the positive integers 1 + 2, 1 + 2 · 3, 1 + 2 · 3 · 5, 1 + 2 · 3 · 5 · 7, . . . . Do you always get a prime number this way? (2) If p is an odd prime, show that p has the form p = 4n + 1 or p = 4n + 3 for some positive integer n. √ (3) (Euclid) Suppose that p is a prime. Show that p is an irrational number. 12 3. Modular Arithmetic 3.1. Relations. Suppose that X is a set. a relation on X is a subset R ⊂ X × X = {(a, b) | a, b ∈ X}. Write a ∼ b if (a, b) ∈ R. ∼ is an equivalence relation if (1) a ∼ a for all a ∈ X. (∼ is reflexive) (2) If a, b ∈ X and a ∼ b, then b ∼ a. (∼ is symmetric) (3) If a, b, c ∈ X, a ∼ b and b ∼ c, then a ∼ c (∼ is transitive) The significance of an equivalence relation is that it gives a partition of X. Theorem 3.1. Suppose that X is a set, and ∼ is an equivalence relation on X. Let the equivalence class of a ∈ X be [a] = {b ∈ X | b ∼ a}. Then (1) a ∈ [a] (2) if b ∈ [a] then [b] = [a]. Proof. Suppose that a ∈ X. Then a ∼ a, since ∼ is reflexive, so that a ∈ [a]. Suppose that b ∈ [a]. Then b ∼ a. Suppose that c ∈ [b]. Then c ∼ b. Thus c ∼ a and c ∈ [a] since ∼ is transitive. It follows that [b] ⊂ [a]. Suppose that c ∈ [a]. Then c ∼ a. Since ∼ is symmetric, a ∼ b. Since ∼ is transitive, c ∼ b and c ∈ [b]. It follows that [a] ⊂ [b], so that [b] = [a]. Corollary 3.2. Suppose that X is a set, and ∼ is an equivalence relation on X. Then X is the disjoint union of it’s equivalence classes; that is, X = ∪a∈X [a] and if a, b ∈ X are such that [a] ∩ [b] 6= ∅, then [a] = [b]. Proof. Since a ∈ [a] for all a ∈ X, X = ∪a∈X [a]. Suppose that a, b ∈ X and c ∈ [a] ∩ [b]. Then [c] = [a] and [c] = [b], so that [a] = [b]. If ∼ is an equivalence relation on X, then we define X/ ∼= {[a] | a ∈ X}. 3.2. Congruence relations on the Integers. Suppose that n ≥ 2 is an integer. Define a relation R ⊂ Z × Z by R = {(a, b) ∈ Z × Z | m divides (b − a)}. We write a ≡ b (mod) n if (a, b) ∈ R, and let [a]n be the equivalence class of a. Theorem 3.3. ≡ (mod) n is an equivalence relation on Z. 13 By Corollary 3.2, the equivalence classes of ≡ (mod) n is a partition of Z (Z is the disjoint union of its equivalence classes [a]n ). If n = 2, the partition is into the even and odd integers, E = {. . . , −4, −2, 0, 2, 4, . . .} and O = {. . . , −3, −1, 1, 3, . . .}. If a ∈ Z is an even integer then its equivalence class [a]2 = E and if a ∈ Z is an odd integer, then its equivalence class is [a]2 = O. If n = 3, the partition is into three equivalence classes, A = {. . . , −6, −3, 0, 3, 6, . . .}, B = {. . . , −5, −2, 1, 4, 6 . . .} and C = {. . . , −4, −1, 2, 5, . . .}. If a ∈ Z, then [a]3 = A if a is a multiple of 3, [a]3 = B if a is one more than a multiple of 3, and [a]3 = C if a is 2 more than a multiple of 3. In general, Z/(≡ (mod) n) = {[0]n , [1]n , [2]n , . . . , [n − 1]n } consists of n distinct equivalence classes. We write Zn = Z/(≡ (mod) n). We now show that Zn has a natural addition and multiplication. We define [a]n + [b]n = [a + b]n for [a]n , [b]n ∈ Zn , and [a]n [b]n = [ab]n for [a]n , [b]n ∈ Zn . We must verify that this is well defined. To establish this, we must show that we get the same results under addition and multiplication, regardless of which representative of an equivalence class we take. We settle this by proving the following Theorem. Theorem 3.4. Suppose that a, b, c, d ∈ Z, a ≡ c (mod) n and b ≡ d (mod) n. Then (1) [a + b]n = [c + d]n and (2) [ab]n = [cd]n . Proof. We prove 1 and leave the proof of 2 for the exercises. By assumption, there exist r, s ∈ Z such that a = c + rn and b = d + sn. Thus a + b = c + d + (r + s)n and (a + b) ≡ (c + d) (mod) n. It follows that [a + b]n = [c + d]n . Theorem 3.5. Consider Zn with the above addition and multiplication. (1) (2) (3) (4) Addition satisfies the commutative and associative laws. Multiplication satisfies the commutative and associative laws. [0]n is an additive identity and [1]n is a multiplicative identity. Every a ∈ Zn has an additive inverse −a ∈ Zn . If a = [x]n , then −a = [−x]n . Theorem 3.6. Zn satisfies the cancellation law for multiplication if and only if n is a prime number. 14 Proof. First assume that n is a prime number. We will show that the cancellation law for multiplication holds. Suppose that a, b, c ∈ Zn , c 6= [0]n and ca = cb. We must show that a = b. There exist x, y, z ∈ Z such that a = [x]n , b = [y]n and c = [z]n . Since ca = cb, we have that [zx]n = [zy]n and thus zx ≡ zy (mod) n. We have that z(x − y) = zx − zy = rn for some r ∈ Z. Since n is a prime number, n divides z or n divides x − y, by Theorem 2.10. If n divides z, then z ≡ 0 (mod) n so that c = [z]n = [0]n , a contradiction. Thus we must have that n divides x − y, so that x ≡ y (mod) n, and a = [x]n = [y]n = b. Now suppose that n is not a prime number. Then there is a factorization n = rs where r and s are positive integers with 1 < r < n and 1 < s < n. Since r and s are not divisible by n, we have that [r]n 6= [0]n and [s]n 6= [0]n . Let a = [s]n , b = [0]n and c = [r]n . ca = [rs]n = [0]n and cb = [r · 0]n = [0]n . Thus we have that ca = cb but a 6= b. Since ≡ (mod) n preserves addition and multiplication, it is called a congruence relation. Exercises (1) Prove 2 of Theorem 3.4. (2) Prove Theorem 3.5. (3) Suppose that n is a prime number. Prove that every nonzero element of Zn has a multiplicative inverse. 3.3. Linear congruences. In this section we consider the explicit solution of congruences. Theorem 3.7. Suppose that a, b, c ∈ Z with b ≥ 2. Then x ∈ Z satisfies the congruence ax ≡ c (mod) b if and only if there is a y ∈ Z such that ax + by = c. Theorem 3.8. Suppose that a, b, c ∈ Z with b ≥ 2. Then the congruence ax ≡ c (mod) b has a solution x ∈ Z if and only if d = gcd(a, b) divides c. If the congruence has a solution x ∈ Z, then there are exactly d different classes mod b of solutions. Proof. The fact that the congruence has a solution x ∈ Z if and only if d divides c follows from Exercise 9 of Section 2.2. and Theorem 3.7 above. Now suppose that the congruence has a solution x0 ∈ Z. Then by Theorem 3.7, there exists y0 ∈ Z such that x = x0 , y = y0 is a solution of ax + by = c. By Exercise 9 of Section 2.2, the set of all integral solutions of ax + by = c is b a x = x0 + t, y = y0 − t d d 15 with t ∈ Z. The d solutions b b x0 , x0 + , . . . , x0 + (d − 1) d d to the congruence are in distinct congruences classes mod b since their pairwise differences b b b (x0 + n ) − (x0 + m ) = (n − m) d d d are not divisible by b for 0 ≤ m < n ≤ d − 1. Suppose that x = x0 + db t with t ∈ Z. Then t = qd + r with 0 ≤ r < d by Euclidean division. Thus x ≡ x0 + r db (mod) b, and we see that there are exactly d different classes mod b of solutions. Example 3.9. Solve, if possible, the congruence 675x ≡ 18 (mod) 963. To solve this, we first compute gcd(963, 657). 963 657 306 45 36 = = = = = 657 · 1 + 306 306 · 2 + 45 45 · 6 + 36 36 · 1 + 9 9 · 4. Since d = gcd(963, 657) = 9 divides 18, the congruence can be solved, and the solutions comprise 9 equivalence classes mod 963. From our calculation, we obtain that 9 = 22 · 657 + (−15) · 963. Thus 657 · 44 ≡ 18 (mod) 963 and x0 = 44 is a solution. Since db = 963 9 = 107, the solutions of the congruence are the 9 equivalence classes [44]963 , [44 + 107]963 , . . . , [44 + 856]963 . It is also possible to solve simultaneous congruences. We state a theorem which is applicable for solving pairs of congruences. Theorem 3.10. Suppose that m, n, a, b ∈ Z and a, b ≥ 2. There exists x ∈ Z such that x ≡ a (mod) m and x ≡ b (mod) n if and only if a ≡ b (mod) d where d = gcd(m, n). If the pair of congruences has a solution x0 , then the solutions of the pair of congruences are exactly the elements of the congruence class [x0 ]e , where e is the least common multiple of m and n. Example 3.11. Find an integer x such that x ≡ 5 (mod) 12 and x ≡ 4 (mod) 17. 16 We see that such an x exists since 5 ≡ 4 (mod) gcd(12, 17). So we must find integers r and s that satisfy the conditions x = 5 + 12r = 4 + 17s or solve the equation 12r − 17s = −1. The Euclidean algorithm can be used, but trial and error yields 12 · 7 − 17 · 5 = −1, or r = 7 and s = 5. Therefore x = 5 + 84 = 4 + 85 = 89 is one solution of the pair of congruences. Since the least common multiple of 12 and 17 is 204, the congruence class [89]204 is the set of solutions to the pair of congruences. Example 3.12. Solve the pair of congruences 5x ≡ 1 (mod) 12, 6x ≡ 7 (mod) 17. First we find all of the solutions of 5x ≡ 1 (mod) 12. Since the numbers are small, we proceed by trial and error and obtain 5 as a particular solution. Then since gcd(5, 12) = 1, we know that the elements of the congruence class [5]12 are the solutions of the congruence. In the same manner we consider 6x ≡ 7 (mod) 17 and find that 4 is a solution. Since gcd(6, 17) = 1, we conclude that the elements of the congruence class [4]17 are the solutions of this congruence. Now suppose that x0 is a common solution of these two congruences; then x0 must lie in the class [5]12 and also in the class [4]17 . In other words, x0 is a solution of the following pair of congruences: x0 ≡ 5 (mod) 12, x0 ≡ 4 (mod) 17. From the Example 3.11, we know that the solutions of this pair are exactly the elements of the congruence class [89]204 . Therefore x0 lies in the class [89]204 . Conversely, suppose that y is in the congruence class [89]204 . Then y = 89 + 204k for some k ∈ Z, so that y = 4 + 85 + 204k = 4 + (5 + 12k)17 and 6y = 24 + 6(5 + 12k)17 = 7 + (31 + 72k)17. 17 Moreover, y = 5 + 84 + 204k = 5 + (7 + 17k)12 and 5y = 25 + 5(7 + 17k)12 = 1 + (37 + 85k)12. Therefore we see that 5y ≡ 1 (mod) 12 and 6y ≡ 7 (mod) 17 and conclude that the solutions of the original pair of congruences are precisely the elements of [89]204 . One of the most powerful theorems on simultaneous congruences is the Chinese Remainder Theorem. Theorem 3.13. Suppose that the n integers mi with mi ≥ 2 for all i are pairwise relatively prime; that is gcd(mi , mj ) = 1 if i 6= j. Suppose that a1 , . . . , an ∈ Z. Then the system of n congruences x ≡ a1 (mod) m1 , · · · , x ≡ an (mod) mn has an integral solution x = x0 . Moreover, the solutions of the system of congruences are exactly the elements of the congruence class [x0 ]m1 m2 ···mn . Example 3.14. A band of 13 pirates confiscated a box of x gold coins. Uniform distribution of the coins resulted in a remainder of 8 coins. After two pirates were killed, a redistribution left a remainder of 3 coins, and a redistribution after the death of three more pirates resulted in a remainder of 5 coins. What is the minimal possible value of x? We must solve the following system of congruences: x ≡ 8 (mod) 13, x ≡ 3 (mod) 11, x ≡ 5 (mod) 8. Since gcd(13, 11) = gcd(13, 8) = gcd(11, 8) = 1, we know by the Chinese Remainder Theorem that the system has exactly one solution between 0 and 8 · 11 · 13. To find this integer, we first solve the pair x ≡ 8 (mod) 13, x ≡ 3 (mod) 11. We seek integers r and s such that x = 8 + 13r = 3 + 11s, or 11s − 13r = 5. Since 11 · 6 − 13 · 5 = 1, we can take s = 30 and r = 25. Then 8 + 13 · 25 = 3 + 11 · 30 = 333 18 is one solution of the pair, and since 11·13 = 143, the solutions of the pair are the elements of the congruence class [333]143 = [47]143 . Now we consider the pair x ≡ 47 (mod) 143 and x ≡ 5 (mod) 8. To solve this pair we must find integers u and v such that x = 47 + 143u = 5 + 8v or 143u − 8v = −42. Since 143 · 7 − 8 · 125 = 1 we see that we can use u = 7 · (−42) and v = 125 · (−42). Then 47 + 143 · 7 · (−42) = 5 + 8 · 125 · (−42) = −41995 is a solution of this pair. Since 8 · 11 · 13 = 1144, all the solutions of this pair, and hence of the original system of three congruences, are the elements of the congruence class [−41995]1144 . Since 333 is the smallest positive integer in that class, with −41995 = −37 · 1144 + 333, we conclude that 333 is the minimal value of x. Exercises (1) Prove Theorem 3.7 (2) Solve: (a) 513x ≡ −17 (mod) 1163 (b) 213x ≡ 10002 (mod) 441 (c) 24x ≡ −2 (mod) 17 (3) Solve the systems (a) x ≡ 4 (mod) 9, x ≡ 7 (mod) 12 (b) x ≡ 2 (mod) 3, x ≡ 5 (mod) 7, x ≡ 5 (mod) 8 (4) Solve the pair 5x ≡ −1 (mod) 12, 35x ≡ 5 (mod) 45. (5) On a desert island, five men and a monkey gather coconuts all day, then sleep. The first man awakens, and decides to take his share. He divides the coconuts into five equal shares, with one coconut left over. He gives the extra one to the monkey, hides his share, and goes to sleep. Later, the second man awakens and takes his fifth from the remaining pile; he too finds one extra and gives it to the monkey. Each of the remaining three men does likewise in turn. Find the minimum number of coconuts originally present. Hint: try -4 coconuts. 19