Math 4000: Modern Algebra and Geometry I
Spring 2014, Dr. Klipper
Extra Examples for Week 3
Modular Inverses: Practice and Some Results
This handout goes into more detail about the concept we call an inverse modulo m.
Section 1.3 of the textbook does mention this idea somewhat (especially in Proposition
3.5 and Corollary 3.6), but it doesn’t do a lot with this specific concept. The aim of this
document is to correct that and show much more detail about inverses, including some
theorems about them and some ideas of how to use them.1
The Main Definition:
If a ∈ Z, then we say that a is invertible modulo m if there exists some x ∈ Z satisfying
ax ≡ 1 (mod m). It turns out that when such an x exists, it is uniquely determined mod m
(as we will see later in this document), so it is called the inverse and denoted a−1 (mod m).
Examples: Note that 2x ≡ 1 (mod 5) has x = 3 as a solution (since 2 · 3 = 6 ≡ 1
(mod 5)), so we say that 2−1 = 3 when working modulo 5. However, when working mod 7,
2x ≡ 1 has the solution x = 4 instead, so 2−1 (mod 7) = 4. This shows that the notation
a−1 depends also on the modulus that you’re using; you can’t write a−1 on its own
without having the mod m known in context.
However, 2 is not invertible modulo 4; if you try checking x = 0, 1, 2, 3, you’ll see that
2x 6≡ 1 (mod 4) for all x, so 2−1 (mod 4) doesn’t exist.
The Key Theorem for Invertibility Modulo m
At the end of Friday’s class, we showed the following theorem:
Theorem. Let a ∈ Z and m ∈ N. The number a is invertible modulo m if and only if
gcd(a, m) = 1.
We will not reprint the proof here; see the second part of Proposition 3.5 in the text, for
instance.
This theorem is basically saying that in order to find some x with ax ≡ 1 (mod m), you
cannot have any common factors between a and m. Furthermore, it turns out we can use
the Euclidean algorithm to produce one such x value! Here are the three main steps:
1. Use the Euclidean algorithm to compute gcd(a, m). If it is not 1, then a isn’t invertible.
2. Write the gcd of 1 as a linear combination of a and m: ax + my = 1.
3. Reduce this modulo m, so my ≡ 0 (mod m) and hence you obtain ax ≡ 1 (mod m).
1
This concept of inverse will reappear in much more generality later in the course, and you’d be surprised
how similar the algorithms turn out to be compared to what we do in this document!
1
In short, you write a linear combo with both a and m, and then you reduce it mod m. Since
the only linear combos you can make are multiples of gcd(a, m), you can’t express 1 as such
a combo unless the gcd is 1.
Example: If you try to find 8−1 (mod 402), you’ll get stuck; it doesn’t exist. Euclid’s
algorithm produces 402 = 50 · 8 + 2, so the gcd is 2, not 1. (We’ll see how to handle these
kinds of situations with equations next Monday.)
Example: Let’s find 10−1 (mod 43). First, we compute the gcd by the Euclidean algorithm:
43 = 4 · 10 + 3
10 = 3 · 3 + 1
The gcd is 1, like we wanted, so 10 is invertible. Next, we write 1 as a linear combination:
1 = 10 − 3 · 3
= 10 − 3(43 − 4 · 10) = 13 · 10 − 3 · 43
Thus, we have 10(13) + 43(−3) = 1. Reduce this mod 43 to get 10(13) ≡ 1 (mod 43). So
x = 13 is one solution: 10−1 = 13 (mod 43).
Example: Let’s find 24−1 modulo 997. First, Euclid shows
997
24
13
11
=
=
=
=
41 · 24 + 13
13 + 11
11 + 2
5·2+1
so the gcd is 1. Now we get a linear combo:
1 =
=
=
=
11 − 5 · 2
11 − 5(13 − 11) = 6 · 11 − 5 · 13
6(24 − 13) − 5 · 13 = 6 · 24 − 11 · 13
6 · 24 − 11(997 − 41 · 24) = (6 + 11 · 41) · 24 − 11 · 997
which simplifies to 1 = 24(457) + 997(−11). Reduce this mod 997 to get 24(457) ≡ 1
(mod 997), so 24−1 is 457 .
Fundamental Properties of Inverses
The first important property is that the inverse really is uniquely determined modulo m.
That is the content of the following theorem, and one of its proofs is a great application of
our “Relative Prime Lemma” from class!
Theorem. Assume that a is invertible mod m. If x and y satisfy ax ≡ ay (mod m), then
x ≡ y (mod m). In particular, if both x and y are inverses of a (so ax ≡ 1 and ay ≡ 1),
then x ≡ y.
2
Proof 1, using a cancellation trick. Suppose x0 is one inverse, so ax0 ≡ 1 (mod m). Take
the congruence ax ≡ ay and multiply x0 to both sides: (x0 a)x ≡ (x0 a)y. However, x0 a
reduces to 1, so we get 1x ≡ 1y, or x ≡ y.
(NOTE: Compare that proof with the “cancellation of addition” result from Section 1.1
we covered on the very first day of class!)
Proof 2, using divisibility theorems. Assume ax ≡ ay (mod m). Thus, by definition of congruence mod m, this means m | (ax − ay) and hence m | a(x − y). However, since a is
invertible, gcd(m, a) = 1, and the Relative Prime Lemma implies m | x − y. This means
x ≡ y.
(This is more like the proof given at the start of Proposition 3.5 from the textbook.)
The next theorem shows that the inverse is a very useful tool for solving all linear
equations modulo m.
Theorem. Assume a is invertible mod m. Then, for any b ∈ Z, the linear congruence
ax ≡ b (mod m) has exactly one solution.
Proof. If there is any solution at all, the previous theorem shows it is unique: if ax ≡ b
and also ay ≡ b, then ax ≡ ay and hence x ≡ y. Next, we show a solution exists: choose
x = a−1 · b. We check this: a(a−1 b) = (a · a−1 )b ≡ (1)b = b by definition of a−1 .
(NOTE: Compare this proof with the theorem about a + x = b from the first day of
class!)
Remark: Another way to come up with this theorem is to take ax ≡ b and multiply a−1
to both sides. You get a−1 (ax) ≡ a−1 b, and the a−1 a cancels to leave x ≡ a−1 b.
Finally, we apply this to primes to get a result which is crucial2 for studying the integers
modulo a prime p.
Corollary. If p is prime and a 6≡ 0 (mod p), then a is invertible mod p. Hence, by the
previous theorem, any linear congruence ax ≡ b (mod p) has exactly one solution for x
modulo p.
Proof. If a 6≡ 0 (mod p), then a is not a multiple of p. Because p is prime, this means
gcd(a, p) = 1, so a is invertible.
2
Very soon, you’ll see that this property means that the integers mod p form a structure called a field.
This will not be true for integers mod m when m is composite.
3