Modular Inverses and Solving Linear Congruences
A multiplicative inverse for a real number a 0 is a real number b such that ab 1. It is
a basic property of the real number system that for any real number a 0 a
multiplicative inverse does exist. Furthermore, there is only one multiplicative inverse
for a given a 0 . Because suppose b and c are both multiplicative inverses for a. Then
we have
b
b 1 b (a c)
(b a ) c 1 c
c
So we conclude that b c .
The situation is different if we consider only integers. Given an integer a, can we find an
integer b such that ab 1 ? The only cases for which such a multiplicative inverse exists
is when a
1 . For integers, a more useful question involves existence of modular
inverses.
Modular Inverses
Definition 1 We say b is a mod m inverse for a if ab 1(mod m) .
Theorem 1 The integer a has a mod m inverse if and only if gcd(a, m) 1 .
Proof: Assume that gcd(a, m) 1 . To find b, use the extended Euclidean algorithm to
write 1 as a linear combination of a and m. Thus, find integers
and
such that
1
a
m
Then take b
and this b will be a mod m inverse for a. Because:
ab 1
a 1 (
)m ,
so we see that
ab 1(mod m) ,
as asserted. The proof of the converse is left as Exercise 9 below. QED.
Example 1 Find a mod 42 inverse y for 55.
Using the extended Euclidean algorithm, we find 1 (13)55 (17)42 . Then we have
13 55 1 17 42 so (13 55) 1(mod 42) . Thus,13 is a mod 42 inverse of 55 .
Summary of Procedure Given a and m with gcd(a, m) 1 , do the following:
1. Use the extended Euclidean algorithm to find integers , such that
a
m
1.
2. Let b
; Then ab 1(mod m) so b is the desired mod m inverse.
Obtaining a positive modular inverse
Using the above procedure may result in a negative value for a modular inverse. This can
be avoided according to the following observations.
If b is a mod m inverse for a, then c is also a mod m inverse for a if and only if
c b(mod m) . This is Exercise 4 below.
If b is a mod m inverse for a, then b mod m is positive and is the smallest positive
mod m inverse for a.
Solving Linear Congruences
Problem: Let a, c
and m
. Find all integers x such that ax
Finding all such x is called solving a linear congruence.
c(mod m) .
We shall show how to do this, assuming gcd(a, m) 1 .
Example 2 Consider the linear congruence 6 x 8(mod 35) .
1. Find one solution of the congruence.
2. Find an expression for all solutions of the congruence.
3. Find the smallest positive solution of the congruence. (There will be exactly one
solution x satisfying 1 x 35 . This will be the smallest positive solution.)
Solution of (1): First, use the Euclidean algorithm to write 1 as a linear combination of 6
and 35. In this case the result is
1 6(6) ( 1)35
Hence
6 6 1(mod 35) .
Multiplying by 8 we get
8 6 6 8 1(mod 35)
and hence
6 48 8(mod 35) .
Thus, x 48 is one solution of the congruence.
Solution of (2): We then claim that all solutions of the congruence are congruent to 48
mod 35, that is, all solutions are of the form
x
48 35k
for some integer k. For suppose that 6 z 8(mod 35) . Then 6 z
hence
35 | 6 z 6 48
(6 48) mod 35 and
35 | 6( z 48)
But gcd(35, 6) 1 so
35 | ( z 48)
and therefore z
48(mod 35) . Hence, there is an integer k such that
z 48 35k
z 48 35k
Thus, the set of all solutions of the congruence is
{z | k
Solution of (3): Since x
such that z
48 35k}
48 35( 1) 13 satisfies 1 x 35 , it is the desired value.
Summary of Procedure Assume gcd(a, m) 1 . To find all solutions of the linear
congruence ax c(mod m) do the following:
m
1.
1. Use the Euclidean algorithm to find integers , such that a
2. Multiply by c to get a c m c c .
3. Let b
c . Then ab c(mod m) so x b is one solution of the congruence. All
other solutions are congruent to b (mod m).
4. Note that there will always be exactly one solution x of the congruence satisfying
1 x m.
Exercises
1. Find the gcd of 7 and 31 and express the gcd as a linear combination of 7 and 31.
2. Use the result obtained in problem 1 to find a mod 7 inverse for 31.
3. Find a mod 11 inverse for 19.
4. If b is a mod m inverse for a, then c is also a mod m inverse for a
if and only if c b(mod m) .
5. Show that if m 2 and b is a mod m inverse for a, then b 0 .
6. Using the result of (4) and (5), show that if m 2 , a 0, and gcd(a, m) 1, then
there is exactly one mod m inverse c for a satisfying 1 c m .
7. Find the smallest positive solution of the linear congruence 15 x 7(mod 8) .
8. Consider the linear congruence 7 x 9(mod 31) . Find the three smallest positive
solutions.
9. Show that if the integer a has a mod m inverse, then gcd(a, m) 1 .
Answers
1. gcd = 1 (9)7 ( 2)31
2.
2 or 5 if we want an answer in the interval [0,7).
3. An inverse for 19 mod 11 is 7.
4. We have ab 1(mod m) and c b(mod m) , so ac
ac 1(mod m) .
ab(mod m) . Therefore,
5. If b 0 , then 0 1(mod m) which implies m |1 . Since m 2 , this is a contradiction.
6. Since gcd(a, m) 1, a mod m inverse b exists. There is a unique integer r such that
0 r m and b r (mod m) . By (5), r 0 .
7. We have 1 15( 1) 8(2) and therefore 7 15( 7) 8(14) so 7 is one solution.
Adding 8 we get x 1 and since it lies in 1 x 8 it is the answer.
8. From the Euclidean algorithm, we have 1 7(9) 31( 2) and so 9 7(81) 31( 18) .
Thus 81 is one solution. Then the smallest positive solution is 81 (2)31 19 and
the three smallest positive solutions are 19, 50, and 81.