A Crash Course on Elementary Number
Theory
L. Felipe Martins
Department of Mathematics
Cleveland State University
[email protected]
Work licensed under a Creative Commons License available at
http://creativecommons.org/licenses/by-nc-sa/3.0/us/
January 15, 2009
1
Divisibility, quotient and remainder
Let a and b be integers. We say that b divides a if there is an integer q such
that a qb. In this case, we also say that b is a divisor of a, b is a factor of
a and a is a multiple of b.
Notation:
• b divides a: b a
• b does not divide a: b a
Notice that:
• Any integer divides 0.
• The only integer that 0 divides is 0 itself.
Given a, b integers, with b 0, the quotient q and remainder r of a by b
are the integers that satisfy the following conditions:
1. a qb
r
1
2. br
¥ 0 and |r| |b|
Notice that:
• The definition also applies to a, b negative.
• The condition br
r 0).
¥ 0 simply says that b and r have the same sign (or
• It is always true that q and r can be computed by the formulas:
q
ta{bu
and r
a qb.
• It can be proved that, given a and b, the integers q and r are uniquely
defined.
• If b ¡ 0, the second condition is equivalent to 0
usual charactarization of remainder.
¤ r b, which is the
Notation:
• Quotient of a by b: a div b
• Remainder of a by b: a mod b
For a real number x, the notation txu denotes the floor of x, defined as
being the largest integer that is not above x. Analogously, we denote by rxs
the ceiling of x, which is the smallest integer not below x.
2
Prime numbers and integer factorization
We say that the integer a is prime if:
1. a ¡ 1
2. The only positive divisors of a are 1 and a itself.
Notice that:
• 1 is not prime.
2
• Only positive integers can be prime (in other contexts, for example
when we study rings in abstract algebra, negative numbers can also be
prime).
• The only even prime is 2.
The set of prime numbers is infinite, as proved by Euclid, in one of his
most celebrated theorems. The problems of primality testing and generating
prime numbers are still current research topics.
The Fundamental Theorem of Arithmetic says that every positive integer
can be written as product of primes, and that this prime factorization is
unique, except for the order of the factors. We will usually write the prime
factorization of an integer a in the following way:
a pt11 pt22 ptkk
k
¹
ptii
i 1
Whenever we write such a factorization, we make assume the following:
1. The prime numbers p1 , p2 , . . . ,pk are distinct.
2. The exponents t1 , t2 , . . . ,tk are positive.
The two conditions above are required to guarantee uniqueness of the
factorization. Sometimes, we will require the ti to be only non-negative, but
then we cannot assume uniqueness.
3
Greatest common divisor
Given two integers a and b, not both 0, their greatest common divisor is the
largest integer that divides both a and b, and is denoted by gcdpa, bq. For
small integers, it is easy to compute the gcd from their prime factorization.
However, this method is not practical for large integers (especially if they
have large prime factors). The euclidean algorithm is a more efficient way to
compute the gcd.
Mathematical formulation:
1. Let r0
a, r1 b.
3
2. While ri
0, let ri 1 ri mod ri1.
3. Let n be the smallest integer such that rn
0. Then gcdpa, bq |rn1|.
Sage function definition:
def e u c l i d ( a , b ) :
w h i l e b != 0 :
a,b = b,a
return abs ( a )
There is a very important extension of the euclidean algorithm, called the
extended euclidean algorithm that, along with gcdpa, bq, computes an integer
solution x,y of the equation:
ax
by
gcdpa, bq
More general linear equations:
ax
c
gcdpa, bq c.
by
have an integer solution if and only if
We say that two integers a and b are relatively prime or coprime if
gcdpa, bq 1, that is, if their only positive common factor is 1. We have
the following important result:
Theorem 1 Let a and b be relatively prime integers. Then, for any c,
a|bc implies
a| c
In words: if a divides bc and a and b have no common factors, then a
divides c.
In particular we have:
If p is prime and p|ab, then p|a or p|b.
4
Modular arithmetic
We say that two integers a, b are congruent modulo m if and only if:
m divides a b,
which is denoted by:
ab
pmod mq.
Important facts:
4
1. a b pmod mq if and only if a and b leave the same remainder when
divided by m.
2. a 0 pmod mq if and only if m divides a.
3. For a given modulo m, the congruence relation is an equivalence relation.
4. The congruence relation is compatible with addition and multiplication,
that is: a b pmod mq and c b pmod mq imply
a
and
cb
d
ac bd
pmod mq
pmod mq
We can try to solve the equation
ax b
pmod mq.
From the definition, this is equivalent to m ax b, that is, ax b my
for some y, or ax my b. This is the kind of linear equation that was
discussed in the previous section, and we can conclude that:
The congruence
ax b pmod mq
has solutions if and only if
gcdpa, mq b
.
In this case, one solution x0 can be found by the extended Euclidean
algorithm. There are, however, g gcdpa, mq non-congruent solutions, given
by:
tx0, x0 d, x0 2d, . . . , x0 pg 1qdu ,
where d m{ gcdpa, mq. Every solution of the equation is congruent to one
of the elements of this set.
One very important case is the congruence:
ax 1
pmod mq
From the discussion above, this congruence has solution if and only if gcdpa, mq 1, that is, if a and m are coprime and, if that is the case, the solution is
5
unique modulo m. We then say that a is invertible modulo m, and that a
solution x is a multiplicative inverse of a modulo m. We use the notation:
a1 mod m
to denote the multiplicative inverse x such that 0 ¤ x |m|.
There is a more precise way of talking about the algebra of congruences.
We denote by ras the congruence class of a modulo m, which is the set of all
integers congruent to a modulo m. It is then easy to see that ras rbs if and
only if a b pmod mq.
As a consequence, there are m distinct congruence classes modulo m, and
the set of these classes is denoted by Z{mZ:
Z{mZ tr0s, r1s, . . . , rm 1su.
We define addition and multiplication on Z{mZ by:
ras rbs ra
bs and
rasrbs rabs.
(This definition has to be shown to be consistent, but this is a simple proof.)
An equivalence class ras is invertible if there is another equivalence class rxs
such that:
rasrxs r1s.
In terms of congruences, this is equivalent to ax 1 pmod mq, so ras is
invertible if and only if gcdpa, mq 1 and, in this case, ras1 ra1 mod ms.
If the modulus m is a prime number, then all equivalence classes different
from r0s are invertible, so that Z{mZ is a field, just like the rationals and
real numbers. The (big) diference is that Z{mZ is finite.
5
The theorems of Fermat and Euler
From now on, we assume that the modulus is a prime number p. Let a be
an integer that is not a multiple of p, and consider the two lists of integers:
1, 2, . . . , p 1
and
1a mod p, 2a mod p, . . . , pp 1qa mod p
6
Since a is invertible modulo p, all integers in the first list are represented in
the second. Since both lists are of the same length, it follows that the two
lists consist of the same integers. We can then multiply the elements of each
list to get:
1 2 pp 1q 1a 2a pp 1qa
pmod pq
Rearranging the factors:
1 2 pp 1q 1 2 pp 1q ap1
pmod pq.
Since 1, 2,. . . , p 1 are invertible modulo p, we can cancel these terma in
both sides of the equation:
1 ap 1
pmod pq
This is the famous Fermat’s Little Theorem:
If p is a prime number and a is not a multiple of p, then:
ap 1
1 pmod pq.
Notice that it follows that for any integer a,
ap
a pmod pq.
Euler generalized Fremat’s theorem for a modulo m that is not necessarily
prime. The argument used to prove Fermat’s theorem can be repeated for a
composite m, but instead of using all integers 1, 2,. . . m 1, one uses only
the integers x that are invertible modulo m. The number of such integeres is
denoted by φpmq, and we get:
Let m be an arbitrary integer, and a be such that gcdpa, mq 1. Then:
aφpmq
1 pmod mq.
The function φpq is known as Euler’s phi function, or the totient function.
A more usual definition of φ is:
φpaq number of integers in t1, 2, . . . , au that are relatively prime to a.
To compute φpmq, we use the following properties:
7
1. φppq p 1 if p is prime.
2. φppt q pt1 pp 1q if p is prime and t is positive.
3. If a and b are relatively prime, then φpa, bq φpaqφpbq
Let a have the prime factorization:
a pt11 pt22 ptkk .
Then we have the following formulas for φpaq
φpaq pt11 1 pp1 1qpt22 1 pp2 1q ptkk 1 ppk 1q
φpaq a 1 φpaq a
1
p1
p1 1
p1
1
1
p2
p2 1
p2
8
1
1
pk
pk 1
pk