Congruences

advertisement
Congruences
Robert Friedman
Definition of congruence mod n
Congruences are a very handy way to work with the information of divisibility and remainders, and their use permeates number theory.
Definition 1. Let n be a positive integer (the modulus). We say that two
integers a, b are congruent mod n, which is written as a ≡ b (mod n), if
n|b − a.
Example 2.
1. If a and b are arbitrary integers, a ≡ b (mod 1), since 1
divides every integer and in particular it divides b − a.
2. For n = 2, two integers a and b are congruent mod 2 if and only if
their difference b − a is even. This happens exactly when a and b are
both even or they are both odd.
3. Something similar happens for n = 3. Every integer has remainder 0,
1 or 2 when divided by 3, and it is easy to check that a ≡ b (mod 3)
if and only if a and b have the same remainder when divided by 3. In
fact, this generalizes:
As we have seen, given integers n > 0 and a, there exist unique integers
q, r with 0 ≤ r ≤ n − 1, such that a = nq + r. Here, r is the remainder when
you divide a by n. With this said, we have the following alternate way to
describe congruences:
Proposition 3. Two integers a, b are congruent mod n if and only if they
have the same remainder when divided by n.
Proof. First suppose that a, b are congruent mod n. Thus, b − a = nk for
some integer k, so that b = a + nk. Now long division with remainder says
that a = nq + r, with 0 ≤ r ≤ n − 1. Hence, b = a + nk = nq + r + nk =
nq + nk + r = n(q + k) + r, with 0 ≤ r ≤ n − 1. Thus, we have written b as a
multiple of n, namely n(q +k), plus r, with 0 ≤ r ≤ n−1. By the uniqueness
1
of long division with remainder, r is the remainder when we divide n into b.
So a and b have the same remainder when divided by n.
Conversely, suppose that a and b have the same remainder when divided
by n. By definition, a = nq1 + r and b = nq2 + r for some integers q1 , q2 .
Then b − a = nq2 + r − (nq1 + r) = nq2 − nq1 = n(q2 − q1 ). Thus b − a is a
multiple of n.
We are used to seeing the integers grouped into even and odd integers.
Likewise, we can group integers according to their remainders when divided
by 3, or by n. In general, we call the set of all integers congruent to a given
integer a mod n a congruence class mod n. It is easy to see that the number
of congruence classes mod n is n, and that they are described by the set of
possible remainders 0, 1, . . . , n − 1. We will say a little more about this in
the next section.
Let us conclude this section by saying a few words about why congruences are a good thing to study. One answer is that they describe cyclical
phenomena: days of the week, hours of the day, dates of the year if there are
no leap years or leap centuries, . . . It is important to have a kind of mathematics to describe such phenomena. A second answer is that we might want
to study certain complicated equations in integers. For example, we might
want to show that there are no interesting integer solutions to the equation
xk + y k = z k for any k > 2. Of course, this is a very hard equation to
study! We might try to look at the easier equation xk + y k ≡ z k (mod n)
for various n. For any given n, there are really only finitely many x, y, z to
check, so that the existence question for solutions is much easier to decide.
The existence or nonexistence of solutions to the congruence equation, and
more generally the structure of all of the solutions, might give us some clues
as to whether the original equation in integers has a solution. At the end of
the seminar, we will try to look at simpler examples of this idea.
Properties of congruences
There are two kinds of properties of congruences. The first set of properties
is as follows:
Proposition 4. Let n be a positive integer.
1. For all a ∈ Z, a ≡ a (mod n).
2. For all a, b ∈ Z, if a ≡ b (mod n), then b ≡ a (mod n).
2
3. For all a, b, c ∈ Z, if a ≡ b (mod n) and b ≡ c (mod n), then a ≡ c
(mod n).
These properties look like the usual properties of equality, and they are
given the same names (reflexive, symmetric, transitive). Any relationship
between two integers (or elements of a more general set) which satisfies all
three properties is called an equivalence relation.
It is easy to prove Proposition 4. For example, to see (1), for every
integer a, a − a = 0, and n · 0 = 0, so n|a − a and hence by definition a ≡ a
(mod n). As for (2), n|b − a if and only if n|a − b, so a ≡ b (mod n) if and
only if b ≡ a (mod n). We leave (3) as an exercise.
A typical example of how to apply these properties is as follows: given
an r with 0 ≤ r ≤ n − 1, if a ≡ r (mod n) and a ≡ b (mod n), then b ≡ r
(mod n) as well.
The second set of properties we use about congruences is that we can
add and multiply them in a consistent way. The following generalizes the
fact that the sum of two odd numbers or two even numbers is always even,
that the sum of an odd and an even number is odd, the product of two odd
numbers is always odd and the product of two numbers, one of which is
even, is always even:
Proposition 5. Let n be a positive integer. Suppose that a1 ≡ a2 (mod n)
and that b1 ≡ b2 (mod n). Then a1 + b1 ≡ a2 + b2 (mod n) and a1 b1 ≡ a2 b2
(mod n).
Proof. We shall just prove the second statement and leave the first as an
exercise. By assumption, n|a2 − a1 and n|b2 − b1 . Write a2 − a1 = nk1 and
b2 − b1 = nk2 . Thus a2 = a1 + nk1 and b2 = b1 + nk2 . Hence
a2 b2 = (a1 + nk1 )(b1 + nk2 ) = a1 b1 + nk1 b1 + nk2 a1 + n2 k1 k2 .
Subtracting off the a1 b1 term gives
a2 b2 − a1 b1 = n(k1 b1 + k2 a1 + nk1 k2 ),
so that n divides a2 b2 − a1 b1 . Thus by definition a1 b1 ≡ a2 b2 (mod n).
We can view the algebraic operations of + and · as operations on the
finite set of congruence classes mod n; this is an example of a finite algebraic
system. We will say more about this in a minute, but first let us record
some of the usual properties of congruence addition and multiplication. We
will not verify all of these properties; they follow immediately from the
usual properties of addition and multiplication of integers. The first set of
properties have to do with addition:
3
Proposition 6. Let n be a positive integer.
(i) (Associativity of addition) For all a, b, c ∈ Z,
(a + b) + c ≡ a + (b + c)
(mod n).
(ii) (Commutativity of addition) For all a, b ∈ Z,
a + b ≡ b + a (mod n).
(iii) (Additive identity) For all a ∈ Z,
a + 0 ≡ a (mod n).
(iv) (Additive inverses) For all a ∈ Z,
a + (−a) ≡ 0
(mod n).
Next we consider multiplication:
Proposition 7. Let n be a positive integer.
(i) (Associativity of multiplication) For all a, b, c ∈ Z,
(a · b) · c ≡ a · (b · c)
(mod n).
(ii) (Commutativity of multiplication) For all a, b ∈ Z,
a · b ≡ b · a (mod n).
(iii) (Multiplicative identity) For all a ∈ Z,
a · 1 ≡ a (mod n).
Notice that we do not speak about multiplicative inverses or cancellation,
and in fact we shall see that cancellation is not always possible. Before that,
though, we need the following property linking addition and multiplication:
Proposition 8. (Multiplication distributes over addition) Let n be a positive integer. For all a, b, c ∈ Z,
a · (b + c) ≡ ab + ac (mod n).
4
In the usual way, we always have a · 0 ≡ 0 (mod n) for every a (because
a · 0 = a · (0 + 0) = a · 0 + a · 0. But notice that, if for example we take n = 6,
2 · 3 ≡ 0 ≡ 2 · 0 (mod 6), although 3 is not congruent to 0 mod 6, so that
we cannot just cancel off the nonzero factor 2. For another example with
n = 9, 3 · 5 ≡ 6 ≡ 3 · 2 (mod 9), but we cannot cancel off the 3 to get 6 ≡ 2
(mod 9). (Why not?) Note that, if a has a multiplicative inverse mod n,
i.e. if there exists an x such that ax ≡ 1 (mod n), then we can cancel off
multiplication by a, since if ab ≡ ac (mod n), then multiply by x to get
x(ab) ≡ x(ac)
(mod n);
(xa)b ≡ (xa)c (mod n);
1 · b ≡ 1 · c (mod n).
Thus b ≡ c (mod n).
Let us collect more information on congruence addition and multiplication. We will work out the example n = 6. We just write down the possible
remainders mod 6 in the following table for addition. So the meaning of the
entry corresponding to the row labeled by 3 and the column labeled by 4 is
that, if a ≡ 3 (mod 6) and b ≡ 4 (mod 6), then a + b ≡ 1 (mod 6).
+
0
1
2
3
4
5
0
0
1
2
3
4
5
1
1
2
3
4
5
0
2
2
3
4
5
0
1
3
3
4
5
0
1
2
4
4
5
0
1
2
3
5
5
0
1
2
3
4
Here is the corresponding table for multiplication:
·
0
1
2
3
4
5
0
0
0
0
0
0
0
1
0
1
2
3
4
5
2
0
2
4
0
2
4
3
0
3
0
3
0
3
4
0
4
2
0
4
2
5
0
5
4
3
2
1
Note the huge number of patterns in these tables. For example, both are
symmetric about the top-left-to-lower-right diagonal, which is equivalent to
5
the statement that addition and multiplication are commutative. (But it
is not easy to see how associativity would show up in the table.) For the
addition table, notice that all of the rows are the same except that they
are shifted over by one, with the understanding that when you reach 6 = 0
you start over. This reflects the cyclical nature of addition mod 6. Here
are some other patterns: multiplication by 5 has the effect of reversing the
order of the nonzero entries. Why is this so? The top-left-to-lower-right
diagonal in the addition table shows up as a row (and hence column) in the
multiplication table. Where is this row, and what is the explanation for why
it shows up? With a little effort, you should be able to notice many other
patterns in the tables.
Equations in congruences
We just look at the most basic kinds of equations, linear equations. First,
the additive equation a + x ≡ b (mod n) always has a (unique) solution,
following the steps of middle school algebra:
a+x≡b
(mod n);
(a + x) + (−a) ≡ b + (−a)
(mod n);
x + (a + (−a)) ≡ b − a (mod n);
x ≡ b − a (mod n).
Note that the above was long and tedious enough, even though we skipped
a few steps! (Which ones?) Of course, most of you would do this in one step
in your head.
Multiplicative equations are another story: they need not always have a
solution, and if they do, the solution need not be unique! For example, the
equation 2x ≡ 3 (mod 8) has no solution: if it did, 8 would divide 2x − 3,
which is always an odd number. On the other hand, the equation 2x ≡ 4
(mod 8) has two solutions mod 8: x ≡ 2 (mod 8) and x ≡ 6 (mod 8). On
the other hand, the equation 5x ≡ 3 (mod 7) has exactly one solution mod
7: x ≡ 2 (mod 7). So we need some criterion to decide when an equation of
the form ax ≡ b (mod n) has a solution, and, if so, how many. We will just
discuss the existence question here and leave the problem of deciding how
many solutions there are to the exercises. Fortunately, the work has already
been done for us in the very first lecture.
Proposition 9. The equation ax ≡ b (mod n) has a solution if and only if
d = gcd(a, n) divides b.
6
Proof. The proof follows by writing out the definitions carefully and seeing
what they say. The equation ax ≡ b (mod n) has a solution if and only
if n divides ax − b for some x, if and only if there exist integers x and k
such that ax − b = nk, if and only if b = ax + n(−k). Set y = −k; clearly
b = ax + n(−k) for some integers x and k if and only if b = ax + ny for some
integers x and y. But Corollary 6 in the first lecture says that the equation
b = ax + ny has a solution in integers x and y if and only if d = gcd(a, n)
divides b. Running through the chain of logical equivalences, we see that
ax ≡ b (mod n) has a solution if and only if d = gcd(a, n) divides b.
Let us give some easy consequences of the above. The first has to do with
the existence of multiplicative inverses. After all, a multiplicative inverse of
a mod n is just a solution to the equation ax ≡ 1 (mod n). So we see:
Corollary 10. There exists a multiplicative inverse for a mod n if and
only if a and n are relatively prime, i.e. gcd(a, n) = 1.
Proof. There exists a multiplicative inverse for a mod n if and only if the
equation ax ≡ 1 (mod n) has a solution, if and only if the gcd of a and n
divides 1, if and only if the gcd of a and n is equal to 1.
An x such that ax ≡ 1 (mod n) is usually written as a−1 , with the
understanding that this is not the same as the rational number 1/a, and
that the answer will depend on n. For example, 2−1 (mod 11) = 6, but 2−1
(mod 17) = 9.
The next corollary says that we can cancel off relatively prime factors.
(In fact, this is an if and only if statement in a certain sense; see the exercises.)
Corollary 11. Suppose that a and n are relatively prime, and that ab ≡ ac
(mod n). Then b ≡ c (mod n).
Proof. If a and n are relatively prime and ab ≡ ac (mod n), find an x such
ax ≡ 1 (mod n), i.e. find a−1 . Then multiplying the equality ab ≡ ac
(mod n) gives b ≡ xab ≡ xac ≡ c (mod n).
We will use the next corollary later. (It could have been proven easily
in the first lecture, with a slightly different proof.)
Corollary 12. Let n be a positive integer. Then a1 and a2 are both relatively
prime to n if and only if a1 a2 is relatively prime to n.
7
Proof. Suppose that a1 and a2 are both relatively prime to n. Using Corollary 10, find x1 such that a1 x1 ≡ 1 (mod n) and find x2 such that a2 x2 ≡ 1
(mod n). Then (a1 a2 )(x1 x2 ) ≡ 1 (mod n). In other words, a1 a2 has the
multiplicative inverse x1 x2 mod n. So, by the other direction of Corollary 10, a1 a2 and n are relatively prime.
Conversely, if a1 a2 is relatively prime to n, then there exists x such that
(a1 a2 )x ≡ 1 (mod n). But then a1 (a2 x) ≡ 1 (mod n), so that a2 x is a
multiplicative inverse for a1 mod n. Thus a1 and n are relatively prime.
Likewise, a1 x is a multiplicative inverse for a2 mod n, so that a2 and n are
relatively prime.
Note that congruences to a prime modulus look especially nice from the
point of view of multiplicative inverses. The reason is that, if p is a prime
number, then p and a are not relatively prime if and only if p divides a. Put
another way, this says:
Corollary 13. Let p be a prime number. If a is not congruent to zero
mod p, then there exists a multiplicative inverse for a mod p.
The above says that, when working with congruences mod a prime number p, we can add, subtract, multiply, and divide by all nonzero numbers. So
in the sense mod p arithmetic is like arithmetic with the rational numbers.
Euler’s ϕ-function
As we have seen, for a positive integer n, the integers relatively prime to n
have special properties. The number of these, properly counted, is important
enough to have a special name:
Definition 14. Let n be a positive integer. The number of integers r such
that 0 ≤ r ≤ n − 1 and such that r and n are relatively prime is called the
Euler ϕ-function ϕ(n).
Put another way, ϕ(n) counts the number of integers r with 0 ≤ r ≤ n−1
which have a multiplicative inverse mod n.
Here is a table of some of the small values of ϕ(n):
n
ϕ(n)
1
1
2
1
3
2
4
2
5
4
6
2
7
6
8
4
9
7
10
4
From the definition of ϕ(n) and basic properties of prime numbers, we
have:
8
Proposition 15. If p is a prime number, then ϕ(p) = p − 1.
One can give more general formulas for ϕ(n). We shall discuss these in
the exercises.
Exercises
Exercise 1. Compute the following operations mod n (give your answer in
terms of an integer r with 0 ≤ r ≤ n − 1:
2+7
−3
(mod 8);
4·5
(mod 5);
62
(mod 7);
(mod 9).
Exercise 2. For each of the following a (mod n), find a−1 (mod n), i.e.
find an integer x with ax ≡ 1 (mod n), or explain why such an integer does
not exist:
5−1
(mod 11);
7−1
2−1
(mod 28);
(mod 101)
4−1
(mod 101).
Exercise 3. Let n = 2k + 1 be an odd number. What is 2−1 (mod n)?
What happens when n = 2k is even?
Extra credit: how to find the multiplicative inverse of 3 mod n. First
suppose n = 3k + 2 for some k. What is 3−1 (mod n)? (It looks a lot
like the answer for 2−1 .) If n = 3k + 1, find 3−1 (mod n) as follows. First
find a number x such that 3x ≡ −1 (mod n), and then note that 3(−x) ≡ 1
(mod n); finally, write −x as a number between 0 and n−1. What if n = 3k?
Exercise 4. Given the following equations in congruences, find all possible
solutions x (mod n): there may be more than one, or none.
5+x≡1
10x ≡ 5
(mod 7);
(mod 25);
4x ≡ 2
(mod 11);
3x ≡ 0
10x ≡ 2
(mod 25);
5x + 6 ≡ 3
(mod 27)
(mod 12).
Exercise 5. Write down addition and multiplication tables for addition and
multiplication mod n, where n = 1, 2, 3, 4, 5. Meditate upon your answer,
and see if you can make any conjectures.
Exercise 6. Prove (3) of Proposition 4: Given a positive integer n, for all
a, b, c ∈ Z, if a ≡ b (mod n) and b ≡ c (mod n), then a ≡ c (mod n).
Exercise 7. Show that, if a1 ≡ a2 (mod n) and b1 ≡ b2 (mod n), then
a1 + b1 ≡ a2 + b2 (mod n).
9
Exercise 8. Suppose that a is not relatively prime to n. Show that there
always exist b, c with b not congruent to c mod n, such that ab ≡ ac (mod n).
Exercise 9. In this exercise, we determine the number of solutions to the
congruence equation ax ≡ b (mod n). Of course, we will identify two solutions if they are congruent mod n, because otherwise there would be
infinitely many solutions as long as there was at least one solution. Let
d = gcd(a, n). We have seen that, if d does not divide b, then there are no
solutions to this equation. Thus, henceforth, we assume that d|n.
(i) Show that, if ax1 ≡ b (mod n) and ax2 ≡ b (mod n), then a(x2 −x1 ) ≡
0 (mod n). Conversely, if ay ≡ 0 (mod n) and ax1 ≡ b (mod n), then
ax2 ≡ b (mod n), where x2 = x1 + y. Argue that, given one solution
x1 to the congruence ax ≡ b (mod n), then all of the solutions are of
the form x1 + y where ay ≡ 0 (mod n), and every such expression is
in fact a solution. Thus, it suffices to count the number of y such that
ay ≡ 0 (mod n).
n
(ii) With d = gcd(a, n) as above, show that a ·
≡ 0 (mod n), and in
d
kn
fact, for every k with 0 ≤ k ≤ d − 1, a ·
≡ 0 (mod n). (Why do we
d
only consider the k ≤ d − 1?) Thus there are at least d solutions to the
congruence ay ≡ 0 (mod n), and hence to the congruence equation
ax ≡ b (mod n).
(iii) To see that the d solutions above are all of the solutions mod n, show
n
n
that, if n divides a`, then
divides ` as follows. First show that
d
d
a
and are relatively prime (write d = ax + ny and divide by d), and
d
n
a
n
a
then use the fact that divides · ` and that and are relatively
d
d
d
d
prime.
Exercise 10. Make a table of ϕ(n) for 11 ≤ n ≤ 20.
Exercise 11. Let n = pa be the power of a prime number. What is ϕ(pa )?
Exercise 12. A beautiful formula for ϕ(n) is the following:
X
ϕ(d) = n.
d|n
In other words, the sum of the values of ϕ over all of the divisors of n is
exactly n. Verify this formula when n = p is a prime number, and for all
other n ≤ 10.
10
Download