ELEMENTARY NUMBER THEORY PROBLEM SHEET 5
Exercise 1. Let G be a finite group and let g ∈ G be an element with order d.
d
.
Let i ∈ Z. Show that the order of g i is gcd(i,d)
Solution 1. We know that (g i )k = g ik is equal to the identity e if and only if d|(ik).
d
i
d
i
This happens if and only if gcd(i,d)
divides gcd(i,d)
k. Since gcd(i,d)
and gcd(i,d)
are
d
coprime, this happens if and only if gcd(i,d) divides k. In particular, we deduce that
d
, so the order of g i is
the smallest positive integer k such that (g i )k = e is gcd(i,d)
d
gcd(i,d) .
Exercise 2. Find all integer solutions to the equation
7x ≡ 7
(mod 17).
Solution 2. We know that 3 is a primitive root modulo 17 (see the previous
problem sheet). We have to find an i such that 3i ≡ 7. We have 32 = 9, 33 ≡
10, 34 ≡ 13, 35 ≡ 5 and [5] = [7]−1 so [7] = [3]−5 . Alternatively we could compute
some more powers of 3 and eventually we would get 311 ≡ 7 (mod 17).
So now we have an equation [3]−5x = [3]−5 , or equivalently −5x ≡ −5 (mod 16).
Since 5 and 16 are coprime this is equivalent to x ≡ 1 (mod 16), so this gives our
solutions.
Alternatively, the equation is equivalent to 7x−1 ≡ 1 (mod 17), and we can
compute that the order of 7 mod 17 is 16 (so 7 is a primitive root) and therefore
the solutions are given by 16|(x − 1), or in other words x ≡ 1 (mod 16).
Exercise 3.
(1) Work out which elements of Z×
13 are quadratic residues.
(2) Determine whether 3 and 5 are quadratic residues modulo 29.
Solution 3.
(1) To work out the quadratic residues we just have to work out
2
2
[a]2 for each [a] ∈ Z×
13 . Since [a] = ([−a]) , it suffices to do this for
a = 1, 2, 3, 4, 5, 6. We get that the quadratic residues are [1], [4], [9], [16] =
[3], [25] = [12], [36] = [10]. We can rewrite these as [±1], [±3], [±4].
(2) We could work out all the quadratic residues mod 29, but it’s quicker
(maybe?) to apply Euler’s criterion. We have 14 = (29−1)/2, and can compute (using repeated squaring) 314 = 97 = 813 · 9 ≡ (−6)3 · 9 ≡ 36 · (−6) · 9 ≡
7 · (−6) · 9 ≡ (−42) · 9 ≡ 16 · 9 ≡ 144 ≡ −1 (mod 29), so 3 is a non-residue
mod 29.
Similarly, we have 514 = 257 ≡ (−4)7 ≡ 163 · (−4) ≡ (−13)3 · (−4) ≡
169 · (−13) · (−4) ≡ (−5) · (−13) · (−4) ≡ (−9) · (−13) ≡ 117 ≡ 1 (mod 29).
So 5 is a quadratic residue mod 29.
Exercise 4. Show that a product of two quadratic residues is a quadratic residue.
Solution 4. If a = x2 (mod p) and b = y 2 (mod p) then ab = (xy)2 (mod p).
Exercise 5. Let p be an odd prime. Show that [a] ∈ Z×
p is a quadratic residue if
and only if [a]−1 is a quadratic residue.
Solution 5. If [a] = [x]2 then [a]−1 = ([x]−1 )2 . Conversely, if [a]−1 = [y]2 then
[a] = ([y]−1 )2 .
Date: Thursday 2nd March, 2017.
1
2
ELEMENTARY NUMBER THEORY PROBLEM SHEET 5
Exercise 6. Let p be an odd prime and consider the quadratic equation
x2 + bx + c ≡ 0
(mod p).
Show that the number of solutions to this equation in Zp is equal to:
• 0 if b2 − 4c is a quadratic non-residue modulo p
• 1 if b2 − 4c ≡ 0 (mod p)
• 2 if b2 − 4c is a quadratic residue modulo p.
Solution 6. Since p is odd, the equation x2 + bx + c ≡ 0 (mod p) is equivalent to
4x2 + 4bx + 4c ≡ 0 (mod p). Completing the square, we get (2x + b)2 + 4c − b2 ≡ 0
(mod p), which is equivalent to (2x+b)2 ≡ b2 −4c (mod p). The number of solutions
to the equation y 2 ≡ b2 − 4c (mod p) is as in the statement of the exercise. Setting
x = [2]−1
p (y − b), we get the same number of solutions for our original equation.
Exercise 7. In this exercise we prove that there are infinitely many primes ≡ 1
(mod 8). Let N be a positive integer. Let n = (N !)4 + 1. We let p be a prime
divisor of n
(1) Show that −1 is a quadratic residue modulo p and hence p ≡ 1 (mod 4).
(2) Let a be an integer with a2 ≡ −1 (mod p) (such an integer exists by part
(1)). Show that a ≡ ±(N !)2 (mod p) and deduce that a is a quadratic
residue mod p.
(3) Show that (−1)(p−1)/4 = 1 and deduce that p ≡ 1 (mod 8). (Hint: apply
Euler’s criterion to a)
(4) Prove that there are infinitely many primes ≡ 1 (mod 8).
(5) (*) Generalise the above proof to show that there are infinitely many primes
≡ 1 (mod 2r ) for any positive integer r.
Solution 7.
(1) we have (N !)4 + 1 ≡ 0 (mod p), so −1 ≡ (N !)4 which implies
that −1 is a quadratic residue mod p.
(2) We have a2 ≡ ((N !)2 )2 (mod p). So the two possibilities for a are ±(N !)2 .
Since −1 is a quadratic residue mod p, and (N !)2 is also a quadratic residue
mod p, both (N !)2 and −(N !)2 are quadratic residues mod p, so a is a
quadratic residue mod p.
(3) Following the hint, we get that a(p−1)/2 ≡ 1 (mod p). Since a2 ≡ −1
(mod p) this gives (−1)(p−1)/4 ≡ 1 (mod p) and hence (−1)(p−1)/4 = 1.
We deduce that (p − 1)/4 is even, so p ≡ 1 (mod 8).
(4) We imitate the proof of Euclid’s theorem. Suppose there are only finitely
many primes ≡ 1 (mod 8). Let N be a positive integer larger than all
these primes and consider n = (N !)4 + 1. Let p be a prime divisor of n. It
follows from the previous part that p ≡ 1 (mod 8). On the other hand, p
does not divide N !, so p is not one of the primes ≡ 1 (mod 8). This is a
contradiction. So there are in fact infinitely many primes ≡ 1 (mod 8).
r−1
+ 1. We claim that if p is a prime
(5) (*) We are going to let n = (N !)2
divisor of n then p ≡ 1 (mod 2r ). Assuming this claim, we can show there
are infinitely many primes ≡ 1 (mod 2r ) in exactly the same way as we
did the previous part. So we just need to prove the claim. Here is one
r−1
(mod p). Let [a] be a primitive
way: suppose p|n. Then −1 ≡ (N !)2
i
root in Z×
.
We
have
[N
!]
=
[a]
for
some
i. Then [−1] = [a](p−1)/2 =
p
r−1
[a]2 i . So we deduce that 2r−1 i ≡ (p − 1)/2 (mod p − 1). So we can write
2r−1 i = (p − 1)/2 + k(p − 1) for some integer k. Multiplying by 2 we get
2r i = (p − 1)(1 + 2k). Since 1 + 2k is odd we deduce that 2r |(p − 1) which
implies that p ≡ 1 (mod 2r ).
ELEMENTARY NUMBER THEORY PROBLEM SHEET 5
3
Exercise 8. (*) Let p be a prime and suppose a is a primitive root modulo p.
Show that
(p − 1)! ≡ a1+2+···+(p−1) (mod p)
and use this to give another proof of Wilson’s theorem (which says that (p−1)! ≡ −1
(mod p).
Solution 8. The integers a, a2 , . . . , ap−1 give a complete set of representatives for
2
p−1
the congruence classes in Z×
]}
p . So we have {[1], [2], . . . , [p−1]} = {[a], [a ], . . . , [a
(in other words, these two sets of congruence classes mod p are the same up to
reordering). Taking the product of the elements of these sets we get
(p − 1)! ≡ a1+2+···+(p−1)
p(p−1)
2
(mod p).
we get (p − 1)! ≡ a(p(p−1))/2 (mod p). We can
Since 1 + 2 + · · · + (p − 1) =
assume p is odd, as Wilson’s theorem is clear if p = 2. Since ap ≡ a (mod p) we
get (p − 1)! ≡ a(p−1)/2 (mod p). Since a is a primitive root we have a(p−1)/2 6≡ 1
(mod p). We also have (a(p−1)/2 )2 ≡ 1 (mod p), so we must have a(p−1)/2 ≡ −1
(mod p) (this also appears in the proof of Theorem 6.4 in lectures). So we conclude
that (p − 1)! ≡ −1 (mod p).