Professional Documents
Culture Documents
Rosen - Elementary Number Theory and Its Applications PDF
Rosen - Elementary Number Theory and Its Applications PDF
Number
Theory
andlts
Applications
KennethH. Rosen
AT&T Informotion
SystemsLaboratories
(formerly part of
Bell Laborotories)
A
YY
ADDISON-WESLEY
PUBLISHING COMPANY
Read ing, Massachusetts
Menlo Park, California
London Amsterdam
Don Mills, Ontario Sydney
Cover: The iteration of the transformation
\ n/2 if n is even
T(n) :
l Qn + l)/2 if n is odd
Rosen, Kenneth H.
Elementary number theory and its applications.
Bibliography: p.
Includes index.
l. Numbers, Theory of. I. Title.
QA24l.R67 1984 512',.72 8 3 - l1 8 0 4
rsBN 0-201-06561-4
DEFGHIJ_MA_8987
Preface
Number theory has long been a favorite subject for students and teachersof
mathematics. It is a classical subject and has a reputation for being the
"purest" part of mathematics, yet recent developments in cryptology and
computer science are based on elementary number theory. This book is the
first text to integrate these important applications of elementary number
theory with the traditional topics covered in an introductory number theory
course.
The Contents
The reader can determine which chapters to study based on the following
descriptionof their contents.
Chapter I introduces two importants tools in establishing results about the
integers, the well-ordering property and the principle of mathematical
induction. Recursive definitions and the binomial theorem are also developed.
The concept of divisibility of integers is introduced. Representations of
integers to different bases are described, as are algorithms for arithmetic
operations with integers and their computational complexity (using big-O
notation). Finally, prime numbers, their distribution, and conjectures about
primes are discussed.
Problem Sets
After each sectionof the text there is a problem set containing exercisesof
various levelsof difficulty. Each set containsproblemsof a numerical nature;
these should be done to develop computational skills. The more theoretical
and challenging problems should be done by studentsafter they have mastered
the computationalskills. There are many more problemsin the text than can
be realistically done in a course. Answers are provided at the end of the book
for selectedexercises,mostly those having numerical answers.
Computer Projects
After each section of the text there is a selectionof computer projects that
involve concepts or algorithms discussedin that section. Students can write
their programs in any computer language they choose, using a home or
personal computer, or a minicomputer or mainframe. I encouragestudents to
use a structured programming languagesuch as C, PASCAL, or PL/ 1, to do
these projects. The projects can serve as good ways to motivate a student to
learn a new computer language, and can give those students with strong
computer science backgrounds interesting projects to tie together computer
scienceand mathematics.
Unsolved Problems
Bibliography
Appendix
List of Symbols
A list of the svmbols used in the text and where they are defined is
included.
Acknowledgments
Chapter3. Congruences
4.1 D i v i s i b i l i t yt e s t s . . . . . . . . . .. 129
4.2 T h e p e r p e t u a cl a l e n d a r . . . . . . . . . . . . . 134
4.3 R o u n d - r o b i nt o u r n a m e n t s . . . . . . . . . . .. 139
4. 4 Computer file storageand hashingfunctions............... l4l
Contents xl
Chapter6. MultiplicativeFunctions
Chapter 7. Cryptology
Appendix.. 410
Answers to selected problems 426
Bibliography............. 438
List of symbols.... 445
Index 447
lntroduction
l. S u c h a n a x i o m a t i c d e v e l o p m e n to f t h e i n t e g e r sa n d t h e i r a r i t h m e t i c c a n b e f o u n d i n L a n d a u
t6ll.
Introduction
the sieve of Eratosthenes, that finds all primes less than a specified
limit. It
is inefficient to use this sieve to determine whether a particular integer
is
prime. The problem of efficiently determining whether an integer is prirne
has
long challengedmathematicians.
Proof. Let S be a set of positive integers containing the integer I and the
integer n * | whenever it contains n. Assume that S is not the set of all
positive integers. Therefore, there are some positive integers not contained in
.S. By the well-ordering property, since the set of positive integers not
contained in S is nonempty, there is a least positive integer n which is not in
. S . N o t e t h a t n 1 1 , s i n c el i s i n S . N o w s i n c en ) l , t h e i n t e g e r n - 1 i s
l.l The Well-Ordering ProPertY
are said to form a geometric progression. Also, a is called the initial term
and r is called the common ratio.
2oo:er*az* lan
k-l
We note that the letter k, the index of summation, is a "dummy variable" and
can be replaced by any letter, so that
nn
5,
k-l
ak: 2 oi
j-t i-l
)
2j:I+2+3+4+5:15,
j-r
)
2t2:2+2+2+2+2:10,
j-r
and
)
2 2i : 2 * 22+ 23+ 24+ 2s : 62 .
j-1
b oo:am*a^a1* *an.
k-m
and
I
k--2
2ori:e*ar*ar2+ *arn,
j-0
n),,narn*l-Q
(1.1) E ori
: a * ar i*a rar2
-t + r ' ' : T: T
r* a arn .
j:o
Proof. To prove that the formula for the sum of terms of a geometric
progressionis valid, we must first show that it holds for n : l. Then, we must
show that if the formula is valid for the positive integer n, it must also be true
for the positive integer n * l.
To s t ar t t hings o ff, l e t n : l . T h e n , th e l e ft si de of (t.t) i s a * ar, w hi l e
o n t he r ight s ideof (1 .1 ) w e h a v e
arL-a _ a?z-t) _ ab*l)(r-1) a(r*l) : a * ar
r-l r-l T:
We must show that the formula also holds for the positive integer n * l.
What we must show is that
arn+t:o
(t.+) (a*ar*ar2+...+arn) * a r ' + r- + arr+t,
r-l
The left side of (t.+) is identical to that of (1.3). To show that the right sides
are equal, we note that
arn*l-a 1 arn+l-e , or'*l (r- I )
T A ^r - n r r _ T-
r- I r-l r-1
orn*l-a*ar'+Z arn*l
:
r-l
bro:r*2+22+ *2',
k:0
f(r): I ,
and then we givethe rule for finding f h*1) from f fu), namely
f h+r) : (n+r)'ffu).
These two statementsuniquely define r!.
To find the value of f G) : 6! from the recursive definition of f h) : nl,
use the secondproperty successively,as follows
(2) :6's'4'3'2f0).
f 6) :6.f (5) : 6.5.f(4) : 6.s.4'f(3) : 6's'4'3'f
We now use the first statement of the definition to replacef 0) by its stated
value l. to concludethat
6 l : 6 ' 5 ' 4 ' 3 ' 2 ' :l 7 2 0 .
n! : l'2'3 n
ft o, : ere2 an
j -r
lk J kt(m_k)t
l^)
In computing we see that there is a good deal of cancellation,because
lO ,J,
l^) : - - m; t . 2 . 3. . . @ - k ) @ - k + t ) . . . t u - t ) m
lk ) kt@_k)l k! t.2.3 fu-k)
(m-k+r) ( m - r )m
kt
(i)
[;]:[;]:,
r) r )
( i i ) l l l : -l ' . 1
fkj l,-t,)'
Proof. To see that (i) is true, note that
1.1 The Well-OrderingProperty 11
[;]:# :n'':l
nt
and
frl
l,l:
n; :-:l nt lr ,l
l- tr
| . kJ kth-k)t t u - k ) r ( n -h - k ) ) t ln-* )'
An important property of binomial coefficientsis the following identity.
|',]*, I n I _ |,,*'l
r
loj [o-,J:I )
Proof. We perform the addition
[;]. lr:,
by using the c om m o nd e n o mi n a to rftl (n -k + t)!. Thi s gi ves
t. +
Uc lr\,
n th - k t l )
ktfn-k+l\
-
n tk
ktJtt-t(+il
nl((n-k +r) +k)
k th - k + t ) t
ntfu*l)
klfu-k+r)t
(n+l)!
kth-k +r)t
[l l nn + rI
u
f k )
t2 The Integers
I
ll
r2l
l33l
r4641
15101051
1615201561
172135352171
18285670562881
'Plr"urt
Figure1.1. triangle.
:
(x*y)n y'+
-2 2
l:)..
[;]".. [T]".-',.
+ l,:r)*r.-,+ [,:,]'y n - +l:),'
or using summation notation,
1.1 The Well-Ordering ProPertY l3
^ (n]
G + y ) n: 2 l\ J; ll * " - t y t
j-0
(x*y)r-frlfrl +
loj"'.yoI,,J"or'
But because
lrlfrl s t a t e st h a t ( x + y ) r : x *y, w h i c hi s
lnl: lil:t,this
t"J \^/
obviously true.
We now assume the theorem is valid for the positive integer n, that is, we
assumethat
^ fn)
G+ y ) n: 2 l , l r ' - i r i .
j-0 \r )
We see that by removing terms from the sums and consequently shifting
indices.that
t4 The Integers
21,).'-'."'
2l;).'-'.',' : In+l +
and
:'Al,).'-'''.'
3l:).'-'''*' * yn+t
:21'!'1"-'*' yj + yn*t
so we conclude that
t;l+ [,1']: [';']
,
- ,,*, + bl':'fx,-i*,ri
k+y),,'+r * yn+r
I r ) i-t
n * t [ n + rI
- S I l*n+t-iri
t 1 ^l . j )
This establishesthe theorem. u
We now illustrate one use of the binomial theorem. If we let x : y : l. we
see from the binomial theorem that
^ lrl , rl lnl
2 n: ( t + t ) , : ) :
l\ r r )l t , - r l i j -)o LJ,l
j-0
This formula showsthat if we add all elementsof the fu+l)th row of Pascal's
triangle, we get 2n. For instance,for the fifth row, we find that
1.1 The Well-OrderingProPertY 15
. . . . :, +4+6+4+,:,6:24
[;] [l] [l] [l] [l]
l.l Problems
l0 l0
a) >2 c) 2j'
j-r j-r
l0 t0
u) 2i o) 22i.
j-l j-r
55
i l j -rl r 2 c) r. j'
)
b) trj 0) il2i
j-t j-l
4.
fro)frolfrolfrol frol
Find
lo,|'|.,.l'I r.l'I tJ'^na
lroJ'
|'qI fgI froI
5 . Find the binomial coefficients and o andverirvthat
l',l' loJ' I ,J'
fnl , fnl f,ol
lrj*loj: loJ
6 . Show that a nonempty set of negative integers has a largest element.
7 . Use mathematical induction to prove the following formulae.
a) >,i:t+2+3+ + ,:n(nlD.
j-l L
.t n (n+l) (2n+l)
U) 2i': 12+22+32+ + , a
j-l 6
t6 The Integers
| 12
c ) i . r ' : t ' + 2 3+ 3 3+ * n3: | 't'ftl I
i-tt2l
8. Finda formula
rcrjft Zi.
-l
9. Use the principle of mathematical induction to show that the value at each
positive integer of a function defined recursivelyis uniquely determined.
t2. The second principle of mathematical induction can be used to define functions
recursively. We specify the value of the function at I and give a rule for finding
f h+l) from the values of f at the first n positive integers. Show that the
values of a function so defined are uniquely determined.
, fr)
) (-r)o : o.
lrJ
[,lf,l|,,l
['J*l,J* I'J*
c) Findthesuml -2+22-23 + +2too.
| .I ,_n [,1
In+tJ:R l;l
|.".l x! ,
a)Showthatifxisapositiveinteger,then[oJ:ffi,wherekisan
integerwithl(k(x.
.
b)
["]
S h o w t h a tl - l +
[*l
1.,, | :
f'+rl
l--*, l,whenevernisapositiveinteger.
l,?J lt?+rj ln,'t
t 7 . In this problem, we develop the principle of inclusion - exclusion. Suppose
that S is a set with n elements and let Pr, P2,.,., P, be t different properties
that an element of S may have. Show that the number of elements of S
possessingnone of the / properties is
properties, t-
showit is counted
lrl + lpl- + (-l)ft
ltl ,i-.t. This
lrJ Itl lrJ
equals zeroby problem la(a).)
1 8 . The tower of Hanoi was a popular puzzle of the late nineteenth century. The
puzzle includes three pegs and eight rings of different sizes placed in order of
size, with the largest on the bottom, on one of the pegs. The goal of the puzzle is
to move all the rings, one at a time without ever placing a larger ring on top of a
smaller ring, from the first pbg to the second,using the third peg as an auxiliary
peg.
l8 The Integers
b) An ancient legend tells of the monks in a tower with 64 gold rings and 3
diamond pegs. They started moving the rings, one move per second, when
the world was created. When they finish transferring the rings to the second
peg, the world ends. How long will the world last?
20. Let an : (af a2l. ar-1!) - l, and on+t: af. a2t an_tl, where
or€ positiveintegers. Show that an*1!: al. a2t
o1,a2,...,etr-1 onl.
2 1 . F i n d a l l p o s i t i v ei n t e g e r sx , y , a n d z s u c h t h a t x t * y l : z!.
2. Evaluate n !
5. List the movesirr the Tower of Hanoi puzzle (see problem l8).
1.2 Divisibility
When an integer is divided by a secondnonzerointeger, the quotient may or
m ay not be an i n te g e r. F o r i n s ta n c e ,2 4 /8 : 3 i s an i nteger,w hi l e l 7/5:3.4
is not. This observationleads to the following definition.
I f a d i v i d e sb w e w r i t e a l b , w h i l e i f a d o e s n o t d i v i d e b , w e w r i t e a t r U .
Example. The divisorsof 6 are +1, *2, +3, and +6. The divisorsof 17 are
tl and tI7. The divisors of 100 are +1, *2,+4, +5, +10,
+20, +25, +50, and + 100.
l b a n db l r , t h e n a l c .
1.3. If a,b,and c areintegerswitha
Proposition
P r o p o s i t i o n1 . 4 . l f a , b , m , a n d n a r e i n t e g e r sa, n d i f c l a a n d c l D , t h e n
c | (ma+nb).
Proof. Since c I a and c | 6, there are integers e and / such that a : ce and
b : c f . Henc e, m a * n b : m c e * n c f : c (me + nf). C onsequentl y,
w e see
th a t c | f ua+ nb) . E
The Divisionl$f$* If a and b are integers such that b > 0, then there
are unique integers q and r such that a : bq * r with 0 ( r < b.
In the equation given in the division algorithm, we call q the quotient and r
the remainder.
We note that a is divisible by b if and only if the remainder in the division
algorithm is zero. Before we prove the division algorithm, consider the
following examples.
20 The Integers
a - b < btalbl 4 a.
By adding e, we seethat
0 ( r - a - bla/bl < n.
To show that the quotient q and the remainder r are unique, assume that
w e h a v e t w o e q u a t i o n sa : b q r * r r a n d a : b q z * r r , w i t h 0 ( r r ( b a n d
0 ( rz < b. By subtracting the secondof these from the first, we find that
1.2 Divisibility 2l
0:bQt-qr)+(r;r2)
Hence. we seethat
rz - rr: b(qt-qr).
1.2 Problems
l. S h o wt h a t3 l g g , s I t + S , 7 l 3 4 3 ,a n d8 8 8| 0 .
2. Decidewhich of the followingintegersare divisibleby 22
il0 d) r92s44
b) 444 e) -325r6
c) 1716 f) -195518.
22 The Integers
3. Find the quotient and remainder in the division algorithm with divisor 17 and
dividend
a) loo c) -44
b) 28e d) -100.
4. What can you conclude if a and b are nonzero integers such that a I b and
bla?
5. Show that if a, b, c, and d are integers with a and c nonzero such that a I b
and c I d, then ac I bd.
1 0 . Show that if a and b are odd positive integers, then there are integers s and ,
s u c ht h a t a : b s * / , w h e r eI i s o d d a n d l r l < n .
When the integer a is divided by the interger b where b > 0, the division
algorithm gives a quotient of q and a remainder of r. Show that if 6 ,f a, when
-a is divided by b, the division algorithm gives a quotient of -(q*l) and a
remainder of b - r, while if 6 | a, the quotient is -q and the remainder is zero.
1 2 . Show that if a, b, and c are integers with b ) 0 and c ) 0, such that when a
is divided by b the quotient is q and the remainder is r, and when q is divided
by c the quotient is / and the remainder is s, then when a is divided by bc, the
quotient is I and the remainder is bs * r.
1 4 . Show that if a and D are positive integers, then there are integers q,r and
e : ! . 1 s u c ht h a t a : bq * er where-b/2 <er4 b/2.
1 5 . S h o w t h a t i f a a n d b a r e r e a l n u m b e r s ,t h e n l a + b l 2 l a ] + [r].
1 6 . Show that if a and b are positive real numbers, then labl 2 Laltbl .
What is the corresponding inequality when both a and b are negative? When
one is negative and the other positive?
1.2 Divisibilitv 23
19. Show that if n is an integer and x is a real number, then [x*n] : [xl + n .
23. a) Show that the number of positive integers less than or equal to x that are
divisible by the positive integer d is given by [x/dl.
b) Find the number of positive integers not exceeding 1000 that are divisible by
5 , b y 2 5 , b y 1 2 5 ,a n d b y 6 2 5 .
c) How many integers between 100 and 1000 are divisible by 7? by 49'l
24. To mail a letter in the U.S.A. it costs 20 cents for the first ounce and l8 cents
for each additional ounce or fraction thereof. Find a formula involving the
greatest integer function for the cost of mailing a letter. Could it possibly cost
S 1.08 or ,$I .28 to mail a letter?
25. Show that if a is an integer, then 3 divides a3-a
26. Show that the sum of two even or of two odd integers is even, while the sum of
an odd and an even integer is odd.
27. Show that the product of two odd integers is odd, while the product of two
integers is even if either of the integers is even.
28. Show that the product of two integers of the form 4ft * I is again of this form,
while the product of two integers of the form 4k * 3 is of the form 4ft * L
29. Show that the square of every odd integer is of the form 8k + l.
24 The Integers
30. Show that the fourth power of every odd integer is of the form l6k + l.
31. Show that the product of two integers of the form 6k * 5 is of the form 6k * L
ln/2 if n is even
T(n) :
1Qn*D/z if n is odd.
3. Find the quotient, remainder, and sign in the modified division algorithm given in
problem 14.
4. I n v e s t i g a t et h e s e q u e n c en , T ( n ) , T ( T h ) ) , f (rQ ( n ) ) ) , . . . d e f i n e di n p r o b l e m
33.
1.3 Representations
of Integers
The conventionalmanner of expressingnumbersis by decimal notation. We
write out numbers using digits to representmultiples of powers of ten. For
instance,when we write the integer 34765,we mea;r
3 . 1 0 4+ 4 . 1 0 3+ 7 . 1 0 2+ 6 . 1 0 1+ 5 . 1 0 0 .
bases,including the Babylonians,who used base sixty , and the Mayans, who
used base twenty Electronic computers use two as a base for internal
representationof integers,and either eight or sixteen for display purposes.
We now show that every positive integer greater than one may be used as a
base.
Theorem 1.3. Let b be a positive integer with b > l. Then every positive
integer n can be written uniquely in the form
n : a k b k * a p - 1 b k - rt * a1b I oo,
eo:bq1ta6 0(ar(6-t.
Q k - z: b q * - r * a k - r , 0 ( a 1 - 1 ( b - 1 ,
Qk-t: b.0 * ap, 0 ( a1 ( b-t.
n: beo* ao.
Successively
substituting for qr, Q2,..., Qk_r,we have
n: b 3 q z + a 2 b 2* a 1 b * o r ,
: =i: ri::,-'**"::,t{,-'..**olr'u**ol'
: a t b k + a 1 r - 1 b k -*r t aft * ao.
n : e k b k + a 1 r - y b k - *t t a1b * ao
: c * b k * c 1 r-1 b k -r* * cft * ro,
: bl(c1,-a1)bk-j-t + * (c7+r-or*,)
].
stop when we come to a quotient which is zero. We then read up the list of
remaindersto find the base b expansion.
Example. To find the base 2 expansionof 1864, we use the division algorithm
successively:
1 8 6 4: 2 . 9 3 2 + 0 ,
932:2'466 +0,
466:2'233 +0
233-2'116+1,
1 1 6: 2 ' 5 8 + 0 ,
58:2'29 +0,
29:2'14 +1,
14:2'7 +0,
7 : 2'3 + 1,
3 : 2'l + l,
| : 2'O + 1.
0 0000 8 r000
I 0001 9 1001
2 0010 A 1010
3 0 0 1l B 1011
4 0100 C l 100
5 0101 D I l0l
6 0110 E 1110
7 0l l1 F llll
Table1.1. Conversion
from hex digits to blocksof binarydigits.
1.3 Problems
l. Convert (1999)1sfrom decimal to base 7 notation. Convert (6tOS)t from base 7
to decimal notation.
3 . c o n v e r t ( 1 0 0 0 1 II l 0 l 0 l ) 2 a n d ( l I 1 0 1 0 0 1 1 1 0 ) 2f r o m b i n a r y t o h e x a d e c i m a l .
4 . convert (ABCDEF)rc, @nrecnD)to, and (9A08)rc from hexadecimal to
binary.
5 . Explain why we really are using base 1000 notation when we break large decimal
integers into blocks of three digits, separatedby commas.
6 . a) Show that if D is a negative integer less than -1, then every integer n can
be uniquer';:.])::'::;'
. * a 1 b* oo,
9. Use problem 8 to show that any weight not exceeding $k -t) /Z may be
m e a s u r e du s i n g w e i g h t so f 1 , 3 , 3 ' , . . . , 3 f t - 1 , w h e n t h e w e i g h t sm a y b e p l a c e di n
either pan.
r0. Explain how to convert from base 3 to base 9 notation, and from base 9 to base 3
notation.
ll. Explain how to convert from base r to base rn notation, and from base rn
notation to base r notation, when r ) I and n are positive integers.
1 2 . Show that if r: ( a * a * - 1 . . . a p s ) 6 , t h e n t h e q u o t i e n t a n d r e m a i n d e rw h e n n i s
divided by bi are q : (apa1,-1...a)6and, : (aj-r...apo)t, respectively.
fl:ommt * a^a(m-l)! + * a 2 2 l* a 1 l !
1.3 Representationsof Integers 3t
15. The Chinese game of nim is played as follows. There are a number of piles of
matches, each containing an arbitrary number of matches at the start of the
game. A move consistsof a player removing one or more matches from one of
the piles. The players take turns, with the player removing the last match
winning the game.
a) Show that the position where there are two piles, each with two matches, is
a winning position.
b) For each arrangement of matches into piles, write the number of matches in
each pile in binary notation, and then line up the digits of these numbers
into columns (adding initial zeroes if necessaryto some of the numbers).
Show that a position is a winning one if and only if the number of ones in
each column is even (Example: Three piles of 3, 4, and 7 give
0ll
llt
100
where each column has exactly two ones).
16. Let a be an integer with a four-digit decimal expansion,with not all digits the
same. Let a' be the integer with a decimal expansion obtained by writing the
digits of a in descending order, and let a" be the integer with a decimal
expansion obtained by writing the digits of a in ascending order. Define
T ( a ) : a ' - a " . F o r i n s t a n c ef,( 2 3 1 8 ) 8731 1378 : 7358.
a) Show that the only integer with a four-digit decimal expansion with not all
d i g i t s t h e s a m es u c h t h a t T ( a ) : a i s a : 6 1 7 4 .
17. Let b be a positive integer and let a be an integer with a four-digit base b
expansion,with not all digits the same. Define TtG) : a'- a", where a'is the
integer with base D expansion obtained by writing the base 6 digits of a in
descending order, and let d " is the integer with base 6 expansion obtained by
writing the base b digits of a in ascendingorder.
l. Find the binary expansion of an integer from the decimal expansion of this
integer and vice versa.
2. Convert from base 61 notation to base b2 notation, where D1 and b2are arbitrary
positive integers greater than one.
4. Find the base (-2) notation of an integer from its decimal notation (see problem
6).
5. Find the balanced ternary expansion of an integer from its decimal expansion
(see problem 8).
6. Find the Cantor expansionof an integer from its decimal expansion (see problem
14).
9. Let b be a positive integer. Find the Kaprekar constant to the base b, when it
exists (see problem 17).
of Integers
1.3 Representations 33
a I b : 5 a i r t+ ' i u , r t : 5 G i + b 1 ) r i .
j-o j-0 j:o
To find the base r expansion of the a * b, first note that by the division
algorithm, there are integers Cs and ss such that
34 The Integers
ar * br t Co: C{ t rr,0 ( s1 ( r.
E x a m p l e . T o a d d ( 1 1 0 1 ) 2a n d ( l 0 l l ) 2 w e w r i t e
II
1l0l
+1001
10110
where we have indicated carries by I's in italics written above the appropriate
column. We found the binary digits of the sum by noting that I * I :
l'2+ 0,0+0+ 1:0'2 * 1, I +0f 0: O'2+ l,and 1+ l:1.2 *0.
We now turn our attention to subtraction. We consider
-(r-l)<as-bo(r-1.
W h e n a o - b o ) 0 , w e h a v e , 8 6 : 0 . O t h e r w i s ew, h e n a s - b o 1 0 , w e h a v e
Bo: - 1;Bo is the borrow from the next place of the baser expansionof a.
We use the division algorithm again to find integersB1 and d1 such that
a1-bt+ Bo: B{ * dr. 0 < d1 1 r.
Example. To subtract ( t o t t o ) 2f r o m ( t t o t l ) 2 , w e h a v e
-t
llotl
-10110
101
Example. To multiply (tOtt01)2 by 2s, we shift the digits to the left five
placesand appendthe expansionwith five zeros,obtaining (10110100000)2.
36 The Integers
oob:Qor*po,0(ps(r,
aft+Qo:Qf *pr,0(pt1t,
and 0 ( qt ( r-1 . In g e n e ra l ,w e h a v e
a;b * 7i-r: Qir I pi, 0 ( p; -< r
For each -/, we first multiply a by the digit b;, then shift to the left 7 places,
and finally add all of the n integers we have obtained to find the product.
When multiplying two integers with base r expansions,we use the familiar
method of multiplying decimal integers by hand.
Ex am ple. T o m u l ti p l y (l l 0 l )2 a n d (t t tO )2 w e w ri te
ll0l
x1110
0000
I l0l
1l0l
l10l
l0ll01l 0
Note that we first multiplied (1101)2 by each digit of (t t 10)t, shifting each
time by the appropriate number of places, and then we added the appropriate
integers to find our product.
1.4 Computer Operations with Integers 31
a - bqn-1vn-t
: uf'i qjri)+ R.
U-o )
The right-hand side of this equation is not only positive,but also it is less than
brn-t, since 2 qiri g rn-l-l. Therefore,we know that
j-0
To find the other digits of q,, we define the sequenceof partial remainders
Ri by
Ro: a
and
Ri:Ri-r - bqn-trn-i
Rft:
Then
e s t a b l i s h i n( 1g . 5 ) .
F r o m ( t . S ) , w e s e e t h a t 0 ( R i < r n - i b , f o r i : 1 , 2 , . . . ,f l , s i n c e
n-i -l
i-0
O ( Ri < rn-tb, we see that the digit qn-i is given by lRi-r/brn-il and can
be obtained by successivelysubtracting brn-t from Ri-1 until a negative result
is obtained,and then qn-; is one lessthan the number of subtractions. This is
how we find the digits of q.
E x a m p l e .T o d i v i d e( t t t O l ) 2 b y ( t t t ) 2 , w e l e t q : ( q r q r q i r . W e s u b t r a c t
Z2( t t l) z : ( t t t O O), o n c e fro m (t t tO t)z to obtai n (l )2, and once more to
o b t a i na n e g a t i v er e s u l t s, o t h a t Q 2 : l . N o w R l : ( t t t O l ) t - ( t t t 0 0 ) t :
(1)2. We find that ql:0, s i n c eR 1 - 2 ( 1 l l ) 2 i s l e s st h a n z e r o ,a n d l i k e w i s e
Qz : 0. Henc e t h e q u o ti e n t o f th e d i v i s i o ni s (1 00)2and the remai nderi s (l )2
Definition. If f and g are functions taking positive values, defined for all x in
a set S, then we say f is OQ) if there is a positive constant K such that
f G) < K g( x ) f or a l l x i n th e s e t S .
Proof . If / is Ok), then there is a constantK such that f G) < Kg(x) for
all x under consideration. Hence cf G) < GK)gG). Therefore, y' is
oQ). n
P r o p o s i t i o1n. 7 .l f f t i s O ( g r ) a n d f 2 i s O k z ) , t h e n" f t + - f z i s O Q f t g 2 )
andfJzisoQe).
so th at " f f z is 0( 96 ). tr
A t : ( a 2 r - 1 a 2 n * 2 . . . a 1 7 1 1 eA1o7: ) 2 (, a n - 1 a n - 2 . . . a p g ) 2B, t : ( b 2 n - f t 2 r - z . . . b n + t
br)2, and B0 : (br-t bn-z...brbiz. We will use the identity
(t.e) a b : ( 2 2 , + 2 , ) A r B r r 2 n( A r A i ( a o - n r ) + (2,+l)AoB0.
To find the product of a and 6 using (t.0), requires that we perform three
mu lt iplic at ions o f n -b i t i n te g e rs (n a me l y A r B r (A , - A d(B o- B r), and
AsBs), as well as a number of additions and shifts. If we let M(n) denote the
number of bit operations needed to multiply two n -bit integers, we find from
(t.0) t t r at
M (z k + t) ( 3 u (z k ) + czk
( 3c (lt - 2k) + c2k
( c a k + t_ c . 3 . 2 k* c 2 k
( c ( 3 f t + l- zk+t).
considerably less than the exponent 2 that occurs in the estimate of the
number of bit operations needed for the conventional multiplication
algorithm.)
< , (3ttot'nl+t_rltoe'nl+t;
( 3 c .rl l o g Irn( 3 c .3 l o sr,:3rnto93
We now state, without proof, two pertinent theorems. Proofs may be found
in Knuth [50] or Kronsjii tSgl.
1.4 Problems
2 . S u b t r a c t( t o t t l 0 l 0 l ) 2 f r o m ( 1 1 0 1 1 0 1 1 0 0 ) 2 .
4. F i n d t h e q u o t i e n ta n d r e m a i n d e rw h e n ( t t o t o o n l ) 2 i s d i v i d e db y ( 1 1 0 1 ) 2 .
5. A d d ( A B A B ) 1 6a n d ( B A B A ) r c .
10. Write algorithms for the basic operations with integers in base (-2) notation
(see problem 6 of Section 1.3).
11. Give an algorithm for adding and an algorithm for subtracting Cantor
expansions (see problem l4 of Section 1.3).
12. Show that if f 1 and f 2 are O(St) and O(g2), respectively,and c1 and c2 are
constants,then c;f1 * ,zf z is O(g1 * g).
15. Show that the base b expansionof a positive integer n has llog6nl+t digits.
16. Analyzing the algorithms for subtraction and addition, show that with n-bit
integers these operationsrequire O h) bit operations.
17. Show that to multiply an n-bit and an m-bit integer in the conventional manner
requires OQm) bit operations.
a) n'. b)
["1
|.o,|
20. Give an estimate of the number of bit operations needed to find the binary
expansionof an integer from its decimal expansion'
c) Using part (a), reduce the multiplication of 4216 and 2733 to three
multiplications of two-digit integers, plus shifts and additions, and then
using part (a) again, reduce each of the multiplications of two-digit
integers into three multiplications of one-digit integers, plus shifts and
additions. Complete the multiplication using only nine multiplications of
one-digit integers, and shifts and additions.
22. il lf A and B are nxn matrices, with entries aii and bii for I ( i ( n,
I ( f ( n, then AB is the nxn matrix with entries cii : 2 ai*b*j.
II
lx * (as-a2)(bzz-bn) -
a 2 2 ( br - b z r - b e * b 2 2 )
( a r r l a 1 2 - a 2 1 - a 2 2 )b 2 2
x * ( a n - a z t ) ( b r r - b r+r ) I
( a 2 1* a 2 ) ( b r z - b ' , - )
|
w h e r ex : a r r b r ,- ( a t t - c t 2 r - a 2 ) ( b n - bp* b2).
c) Using an inductive argument, and splitting 2nx2n matrices into four nxn
matrices, show that it is possibleto multiply two 2k x2k matrices using only
7ft multiplications, and less than 7ft+r additions.
44
The Integers
d) Conclude from part (c) that two nxn matrices can be multiplied using
O(nt"c7) bit operations when all entries of the matrices have less than c
bits, where c is a constant.
23. A dozen equals 12 and a gross equals 122. Using base 12, or duodecimal.
arithmetic answer the following questions.
il If 3 gross, 7 dozen, and 4 eggs are removed from a total of l l gross and 3
dozen eggs, how many eggs are left?
c) If I I gross, I 0 dozen and 6 eggs are divided in 3 groups of equal size, how
many eggs are in each group?
24. A well-known rule used to find the square of an integer with decimal expansion
(an-1...apJro with final digit ao:5 is to find the decimal expansionof the
product (anan-1...a)rcl(anan-r...ar)ro* ll and append this with the digits
(25)ro. For instance, we see that the decimal expansion of (tOS)2 begins with
16'17 :272, so that (165)2 :27225. Show that the rule just describedis valid.
25. In this problem, we generalizethe rule given in problem 24 to find the squaresof
integers with final base 28 digit 8, where I is a positive integer. Show that the
base 28 expansion of the integer (ana,-1...afl0)z,astarts with the digits of the
base 28 expansionof the integer (anana...aflo)zn l(anan-1...ap0)zn* ll and
ends with the digits Bl2 and 0 when B is even, and the digits G-l)12 and.B
when I is odd.
Definition. A positive integer which is not prime, and which is not equal to l,
is called composite.
The primes are the building blocks of the integers. Later, we will show that
every positive integer can be written uniquely as the product of primes.
Here, we briefly discuss the distribution of primes and mention some
conjecturesabout primes. We start by showing that there are infinitely many
primes. The following lemma is needed.
Lemma 1.1. Every positive integer greater than one has a prime divisor.
Qn: nt t l, n 2 l.
Lemma 1.1. tells us that Q, has at least one prime divisor, which we denote
by gr. Thus, q, must be larger than n; for if 4, ( n, it would follow that
Qn I n!, and then, by Propositionl.!, Q, | (er-rr) : l, which is impossible.
Since we have found u priJ.''lur*r, tt* r, for every positive integer n,
there must be infinitely many primes. tr
t23+ 5 +7+,/-1€-
ll ++ 13 l+- yr +#17+h19+
2{-*23+g-. X +/*2e-3o-
3l+2Ii+ 3? 37 +S- 2{ {'F
\
4r+43 1+ ,{ 1? 47 +F + {o-
+G -5S- 59 -6F
>{+*s3*r- \ .yr
61 4*tr# \ <G 67 +h t{ 1+
7t+73.+
't{=
r -7G
-8fi
I
T
-?& 7e -8€-
++
y{ t.> 83 \ "Yr +h 89
I
tlt +> 2< + 9t 9j -9t- .y +OF
\
Tablel.l. Approximations
to rG).
x'A"x
The prime number theorem tells us that x /log x is a good approximation to
rG) when x is large. It has been shown that an even better approximation is
given by
ld'i,
I' )':*4{
{-/d X/V614 -=1
L
ti G) :T O,
", log I
(whe-- T d, -^^-,
," J, representsthe areaunderthe curvey : lfiog t, and above
"* t :2 to / : x). In Table l.l, one seesevidencethat /i(x) is
the r-axis from
an excellent approximation of zr(x).
I'^
frtaft.1', nd -
r l'^- -L- =O\ J
v r ylr x4G ltlx
3
1.5 PrimeNumbers 49
We can now estimate the number of bit operations neededto show that an
',,6-. The
integer n is prime by trial divisionsof n by ail primes not exceeding
prime
',/n number theorem tells us that there are approximately
fioeJ; : 2-/i /log n primes not exceeding-6. To divide n by an integer
m takes O(log2n.log2m) Uit operations. Therefore, the number of bit
operations needed to show that n is prime by this method is at least
Q,/i/togilG log2n) - r,/i (where we have ignored thelog2m term since it
is at least l, even though it sometimesis as large as (log2n)/D . This method
of showing that an integer n is prime is very inefficient, for not only is it
necessaryto know all the primes not larger than ..li, but it is also necessaryto
do at least a constant multiple of ,/i bit operations. Later on we will have
more efficient methods of showing that an integer is prime.
We remark here that it is not necessaryto find all primes not exceedingx
in order to compute zr(x). One way that zr(x) can be evaluated without
finding all the primes less then x is to use a counting argument based on the
sieve of Eratosthenes (see problem l3). (Recently, very efficient ways of
finding r(x) using O (x3/s+c)bit operationshave been devisedby Lagarias and
Odlyzko t6ql.)
We have shown that there are infinitely many primes and we have discussed
the abundance of primes below a given bound x, but we have yet to discuss
how regularly primes are distributed throughout the positive integers. We first
give a result that shows that there are arbitrarily long runs of integers
containingno primes.
Proposition 1.8. For any positive integer n, there are at least n consecutive
compositepositive integers.
Goldbach's Conjecture. Every even positive integer greater than two can be
written as the sum of two primes.
This conjecture was stated by Christian Goldbach in a letter to Euler in
1742. It has been verified for all even integersless than a million. One sees
by experimentation,as the following exampleillustrates,that usually there are
many sums of two primes equal to a particular integer, but a proof that there
always is at least one such sum has not yet been found.
Example. The integers 10,24, and 100 can be written as the sum of two
primes in the following ways:
l0:3+7:5t5,
24:5+lg:7+17:llf13,
100:3+97:ll*gg:17+93
:29*71:41+59:47+53.
1.5 Problems
a) l0l c) l07 e) I 13
b) 103 d) lll f) tzt.
1.5 PrimeNumbers 51
5 . Show that if a and n are positive integers such that an -l is prime, then a : 2
and n is prime. (Hint: Use the identity ake-l : Qk-D (aka-t\ +
a k Q - D+ + a k+ l ) .
6 . In this problem, another proof of the infinitude of primes is given. Assume there
are only finitely many primes p r,Pz,...,Pn Form the integer
... pn * l. Show that
Q: prpz Q h a s a p r i m e f a c t o r n o t i n t h e a b o v el i s t .
Conclude that there are infinitely many primes.
7. Let Qn : ptpz " ' pn t l where Pt,Pz, ..., Pn are the n smallest primes.
Determine the smallest prime factor of Q^ for n:1,2,3,4,5, and 6. Do you
think Q, is prime infinitely often? (tnis is an unresolvedquestion.)
8 . L e t p t , p 2 , . . . , p n b e t h e f i r s t n p r i m e sa n d l e t m b e a n i n t e g e rw i t h I 1 m
1n.
Let Q be the product of a set of z primes in the list and let R be the product of
the remaining primes. Show that Q + R is not divisible by any primes in the
list, and hence must have a prime factor not in the list. Conclude that there are
infinitely many primes.
9. Show that if the smallest prime factor p of the positive integer n exceedsd6
then n/p must be prime or 1.
I l. Show that there are no "prime triplets", i.e. primes p, p + 2, and p + 4, other
than 3,5, and 7.
12. Show that every integer greater than 11 is the sum of two compositeintegers.
( problem 17 of Section 1.1) to show that
13. Use the principle of inclusion-exclusion
-n
o(n):(o(.6-)-r) l-l . +l-ll
tl* l p ,I l p ,l )
2. Use the sieve of Eratosthenesto find all primes less than 10000.
3' Find zr(n), the number of primes lessthan or equal to rz, using problem
13.
4. verify Goldbach's conjecture for all even integers less than 10000.
2.1 GreatestCommonDivisors
If a and b are integers, that are not both zero, then the set of common
divisorsof a and 6 is a finite set of integers,alwayscontainingthe integers*l
and -1. We are interestedin the largest integer among the common divisors
of the two integers.
Definition. The greotest common divisor of two integers a and b, that are
not both zero, is the largest integer which divides both a and b.
Example. The commondivisorsof 24 and 84 are t l, J.2, +3, 1.4, t6, and
+ 12. Hence Q+, g+) : 72. Similarly, looking at setsof commondivisors,we
f i n dt h a t ( 1 5 , 8 1 ): 3 , ( 1 0 0 , 5 ) : 5 , ( I 7 , 2 5 ) : l , ( 0 , 4 4 ): 4 4 , ( - 6 , - 1 5 ) : 3 ,
and (-17, 289) : 17.
We are particularly interested in pairs of integers sharing no common
divisorsgreaterthan l. Such pairs of integersare called relatively prime.
Definition. The integers a and b are called relatively prime if a and b have
greatestcommondivisor (a, b) : l.
Note that since the divisors of -c are the same as the divisors of a, it
follows that (a, b) : (lal, la ll (where lc I denotesthe absolute value of a
which equalsa if a )0 and equals -a if a <0). Hence, we can restrict our
attentionto greatestcommondivisorsof pairs of positiveintegers.
We now provesomepropertiesof greatestcommondivisors.
Theorem 2.1. The greatest common divisor of the integers a and b, that are
not both zero, is the least positive integer that is a linear combination of a and
b.
From'n"'o:'1'::^r:
:' ;: ;';::,b) : e-qm)a - qnb
Definition. Let e1, e2,...,en be integers, that are not all zero. The
greatest common divisor of these integers is the largest integer which is a
divisor of all of the integers in the set. The greatest common divisor of
a t, a 2 , . . .c, , is denot e db y (a 1 ,a 2 ,,...,
a n ).
L,emma2.1. If a1, a2,...,an are integers, that are not all zero, then
(a1, a2,..., an-1, an) : (a1, a2r..., (on-r, a)).
we see that the three integersare mutually relatively prime. However, they
are not pairwise relatively prime, b e c a u s(et S . z l ) : 3 , ( 1 5 , 3 5 ): 5 , a n d
(21,35):7.
2.1 Problems
Show that if a and b are integers, that are not both zero, and c is a nonzero
i n t e g e r t, h e n ( c a, c b ) : l c l b , b \ .
4 . What is (a2+b2,a*b), where a and b are relatively prime integers,that are not
both zero?
2.1 GreatestCommonDivisors 57
6 . a) Show that if a and b are both even integers, that are not both zero, then
(a, b) : 2fu/2,b/2).
9 . S h o wt h a t i f a , b , a n d c a r e i n t e g e r sw i t h c I a b , t h e n c | ( a , c ) ( b , c ) .
1 0 . a) Show that if a and b are positiveintegerswith (a , b) : l, then (an, bn) : I
for all positiveintegersn.
b) Use part (a) to prove that if a and b are integerssuch that a' I bn where n
is a positiveinteger,then c I b.
ll. Show that if a, b and c are mutually relatively prime nonzero integers, then
G, bd : (a,b)(a,c),
T2, Find a set of three integersthat are mutually relatively prime, but not relatively
prime pairwise. Do not use examplesfrom the text.
1 3 . Find four integersthat are mutually relatively prime, such that any two of these
integersare not relativelyprime.
1 4 . Find the greatestcommondivisor of each of the following setsof integers
a) 8, lo, 12 d) 6,15,21
b) 5,25,75 e) -7,28, -35
c ) 99,9999, 0 f) 0,0, l00l .
1 5 . Find three mutually relatively prime integers from among the integers
6 6 , 1 0 5 ,4 2 , 7 0 , a n d 1 6 5 .
1 6 . Show that ar, a2,...,an are integers that are not all zero and c is a positive
integer,then (cat, caz,...,can)- c(a6 a2...,an).
58 Greatest Common Divisors and Prime Factorization
t7. Show that the greatestcommon divisor of the integersat, o2,...,an, that are not
all zero,is the least positiveinteger that is a linear combinationof a t, at,..., an.
20. Show that every positive integer greater than six is the sum of two relativelv
prime integersgreater than I .
2t. a) Show that if a and b are relatively prime positive integers, then
(a'-b^)l(a-b).a-b) : I or n.
2.1 ComputerProjects
l. Write a programto find the greatest
commondivisorof two integers.
2.2The Euclidean
Algorithm
We are going to develop a systematicmethod, or algorithm, to find the
greatestcommon divisor of two positive integers. This method is called the
Euclidean algorithm. Before we discuss the algorithm in general, we
demonstrateits use with an example. We find the greatestcommon divisor of
30 and 72. F i rs t, w e u s eth e d i v i s i o na l g o ri t hmto w ri teT2:30' 2 + 12, and
w e u s e P r o p o s i t i o 2n . 1 t o n o t e t h a t $ 0 , 7 D : ( 3 0 ,7 2 - 2 . 3 0 ) : ( 1 0 , t 2 ) .
Another way to see that (J,0,7D: (30, 12) is to notice that any common
divisor of 30 and 72 must also divide 12 because12 : 72 - 30'2. and
conversely,any common divisor of 12 and 30 must also divide 72, since
72: 30' 2+ 12 . N o te w e h a v e re p l a c e d7 2 b y the smal l ernumber 12 i n our
computationssince 02,30): (30, l2). Next, we use the divisionalgorithm
again to write 30 : 2'12 + 6. Using the samereasoningas before,we seethat
( 30, 12) : ( 12 ,6 ). Be c a u s e 1 2 : 6 ' 2 * 0, we now see that
02, O : (6, 0) : 6. Consequently,we can conclude that (72,30) : 6,
without finding all the commondivisorsof 30 and 72.
We now set up the generalformat of the Euclideanalgorithm for computing
the greatestcommondivisor of two positiveinteger.
fg : rtQt*rZ 0< r2
f y : r2Q2* rt 0< r3
2 5 2 : l . 1 g g+ 5 4
198:3'54 +36
54:1'36 +18
36 : 2.18.
H e n c eQ S Z . 1 9 8 ) : 1 8 .
Later in this section, we give estimates for the maximum number of
divisions used by the Euclidean algorithm to find the greatest common divisor
of two positive integers. However, we first show that given any positive integer
n, there are integersa and b such that exactly n divisionsare required to find
G, b) using the Euclidean algorithm. First, we define a special sequenceof
integers.
Definition. The Fibonacci numbers ur, u2, u3,... are defined recursively by
t h e e q u a t i o nas t : u 2 : I a n d u n : u n - t * u n - 2 f o rn 2 3 .
Us ing t he de fi n i ti o n , w e s e e th a t u 3 : tt2 * yt: I t | : 2, u3l u2
: 2 * I : 3, and so forth. The Fibonacci sequencebegins with the integers
1 , 1 , 2 , 3 , 5 , 8 1 3 , 2 1 , 3 4 , 5 5 ,8 9 , I 4 4 , . . . . E a c h s u c c e e d i nt g
erm is obtained
by adding the two previousterms. This sequenceis named after the thirteenth
century ltalian mathematicianLeonardodi Pisa, also known as Fibonacci,who
used this sequenceto model the population growth of rabbits (see problem 16
at the end of this section).
In our subsequentanalysis of the Euclidean algorithm, we wil! need the
following lower bound for the nth Fibonacci number.
Theorem 2.2. Let n be a positive integer and let cu: ( l+-.8) /2. Then
unlan-2forn73.
holds.
S i n c ea : ( l + r f r / 2 i s a s o l u t i o no f x 2 - x - I : 0 , w e h a v ea 2 : a * l .
Hence,
55:34'l+21
34:21'l+13
2l: l3'l + 8
13:8'1 + 5
8 : 5'1 * 3
5:3'l * 2
3:2'l * I
2: l'2.
We observe that when the Euclidean algorithm is used to find the greatest
common divisor of the ninth and tenth Fibonacci numbers, 34 and 55, a total
of eight divisions are required. Furthermore, (34, 55) : 1. The following
theorem tells us how many divisions are needed to find the greatest common
divisor of successiveFibonacci numbers.
Theorem 2.3. Let unrr and unt2 be successive terms of the Fibonacci
sequence. Then the Euclidean algorithm takes exactly n divisions to show that
(u n * r , ur a2): l.
Proof. Applying the Euclidean algorithm, and using the defining relation for
the Fibonacci numbers ui : uj-r I ui-z in each step, we seethat
Lam6's Theorem. The number of divisions neededto find the greatest common
divisor of two positive integers using the Euclidean algorithm does not exceed
five times the number of digits in the smaller of the two integers.
Proof. When we apply the Euclidean algorithm to find the greatest common
divisor of a : re and b :r 1 with a ) b, we obtain the following sequenceof
equations:
fg : rtQt*rZ, 0(rz1rr,
f1 :rZ4Z*rt, 0(131rz,
Consequently,
n-l(S'logleb.
2 .2 T he E uc lidean Al g o ri th m 63
Let b have k decimal {igits, so that b < 10ftand loglsb < k. Hence, we see
that n - I < 5k and since /c is an integer, we can conclude that n < 5k.
This establishesLam6's theorem. tr
The following result is a consequence
of Lam6's theorem.
Corollary 2.1. The number of bit operations needed to find the greatest
of twopositive
divisor
common integers
a and, yy
ir;;i.:f$;:ri?',
Proof. We know from Lam6's theorem that O Qogra) divisions, each taking
O(log2a)2) bit operations,are neededto find fu, b). Hence, by Proposition
1.7, (a, b) may be found using a total of O((log2a)3) bit operations. D
The Euclideanalgorithm can be used to expressthe greatestcommon divisor
of two integers as a linear combination of these integers. We illustrate this by
expressing(252, 198) : l8 as a linear combinationof 252and 198. Referring
to the stepsof the Euclideanalgorithm used to find (252, 198), from the next
to the last step, we seethat
18:54-l'36.
so that
l 8 - 4 ( 2 5 2 - 1 . 1 9 8- ) 1 . 1 9 8: 4 . 2 5 2 - 5 . 1 9 8 .
Th i s e x pr es s es
b, b) ' a s a l i n e a r c o mb i n a ti o no f rr-2e,fi drr-1. The secondto
64 GreatestCommonDivisorsand PrimeFactorization
the last equation can be used to expressr2-1 &S rn-3 -rn-zen-z . Using this
last equation to eliminate rn-1 in the previousexpressionfor (4,6), we find
that
ln: ln-3- fn-24n-2,
so that
b, b) : rn-2- (rn4-rn-zQn-z)en-r
-- (l + q rn Q n -z )rn - z-
Qn-rrn-3,
G,b):sriltrit,
then, since
ti: ti_2- ri_tQi_r,
we have
fu,b):sna+tnb,
for n:0,1,2,..., where,sn andtn are the nth terms of the sequences
defined
recursivelyby
2.2 The Euclidean Algorithm 65
SO: l, /0:0,
sl :0, /l : l,
and
si : Si*z- ?i-tsi-t, tj : tj-z - Q1-zt1-t
for 7 :2,3, ..., fl, where the q;'s are the quotientsin the divisionsof the
Euclideanalgorithm when it is usedto find G,b).
Now, assumethat
ri:Sia+tjb
for 7 : 1,2,..., k-1. Then, from the kth step of the Euclideanalgorithm,we
have
tk : rk-2 - r*_lQt-l .
so: l, lo:0,
sl :0, Ir : 1,
J2:S0-sql:l- 0'l:1, tZ:tO-ttQt:0- 1 . 1: - 1 ,
J 3 : S t - S Z Q z : 0- l ' 3 : - 3 , t 3 : t t - 1 Z Q Z :1 - ( - l ) 3 : 4 ,
s 4 : s 2- s t Q t : I - ( - l ) ' t : 4 , t q : t z - t t Q z : - l - 4 . 1: - 5 .
S i n c e1 4 : 1 8 : ( 2 5 2 , 1 9 8 )a n d 1 4 : s 4 o+ t 4 b , w e h a v e
1 8 - ( 2 5 2 ,1 9 8 ): 4 . 2 5 2- 5 . 1 9 8.
d : (s - k(b/d))a + Q - kb/d))b
2.2 Problems
l. Use the Euclidean algorithm to find the following greatest common divisors
il (45,75) c) (ooo,
r+r+)
b) 002,22D d) (2078S,44350).
3. For each of the following sets of integers, expresstheir greatest common divisor
as a linear combination of these integers
il 6, 10,l5
b) 7 0 , 9 8 ,1 0 5
c) 2 8 0 ,3 3 0 , 4 0 5 , 4 9 0 .
4. The greatest common divisor of two integers can be found using only
subtractions, parity checks, and shifts of binary expansions,without using any
divisions. The algorithm proceedsrecursively using the following reduction
2.2 The Euclidean Algorithm 67
I, if a:b
b) Show that this algorithm always produces the greatest common divisor of a
pair of positiveintegers.
e) Show that the number of divisions needed to find the greatest common
divisor of two positive integers using the least-remainderalgorithm is less
than 8/3 times the number of digits in the smaller of the two numbers,plus
413.
6 . Let m and n be positive integers and let a be an integer greater than one. Show
that (a^-1, an-l) - a(^' n)- l.
7 . In this problem, we discuss the game of Euclid. Two players begin with a pair
of positive integers and take turns making movesof the following type. A player
can move from the pair of positiveintegers{x,y} with x 2 y, to any of the pairs
[x-ty,yl, where / is a positive integer and x-ty 2 0. A winning move
68 GreatestCommonDivisorsand PrimeFactorization
a) Show that every sequence of moves starting with the pair {a, bl must
eventuallyend with the pair {0, (a, b)}.
b) show that in a game beginning with the pair {a, b},1he first player may
play a winning strategy if a - 6 or if a 7 b0+ Jil/z; otherwisethe
second player mgr play a winning strategy. (Hint: First show that if
y < x ( y(t+VS)/Z then thge is a unique move from l*,Ol that goes to
a pair lt, r| with y > ze+Jil/z.)
16. The Fibonacci numbers originated in the solution of the following problem.
Supposethat on January I a pair of baby rabbits was left on an island. These
rabbits take two months to mature, and on March I they produce another pair of
rabbits. They continually produce a new pair of rabbits the first of every
succeeding month. Each newborn pair takes two months to mature, and
producesa new pair on the first day of the third month of its life, and on the first
day of every succeedingmonth. Show that the number of pairs of rabbits alive
after n months is precisely the Fibonacci number un, assuming that no rabbits
ever die.
17. Show that every positive integer can be written as the sum of distinct Fibonacci
numbers.
2.3 The Fundamental Theorem of Arithmetic 69
2. Find the greatest common divisor of two integers using the modified Euclidean
algorithm given in problem 5.
3. Find the greatest common divisor of two integers using no divisions (see problem
0.
4. Find the greatest common divisor of a set of more than two integers.
6. Express the greatest common divisor of a set of more than two integers as a
linear combination of these integers.
2 4 0: 2 . 2 . 2 . 2 . 3:. 5 2 4 . 3 . 5 , 2 8: 9 1 7 . 1 7: 1 i 2 . 1 0 0 1: 7 . 1 1 . 1 3
.
Lemma 2.3. lf a, b, and c are positive integers such that (a, b) : I and
70 GreatestCommonDivisorsand PrimeFactorization
a I bc , t hen a I c ,
Supposethat there is a positive interger that has more than one prime
factorization. Then, from the well-ordering property, we know there is a least
integer n that has at least two different factorizationsinto primes:
fl:PtPz Ps:QtQz Qt,
w h e r ep t , p 2 , . . . , p s , Q t , . . . , 4atr e a l l p r i m e s ,w i t h p r ( p z ( ( p, and
{r(42( (q'.
2.3 The Fundamental Theorem of Arithmetic 71
Definition. The least common multiple of two positive integersa and D is the
smallestpositiveinteger that is divisibleby a and b.
dt : p't'ptz'
and
Proposition 2.2. There are infinitely many primes of the form 4n * 3, where
n rs a positiveinteger.
2.3 The Fundamental Theorem of Arithmetic 75
Lemma 2.6. lf a and b are integers both of the form 4n * l, then the
product ab is also of this form.
Proof. Since a and b are both of the form 4n * l, there exist integers r and
s such that a : 4r * 1 and D : 4s * 1. Hence,
ab: ( + r + t ) ( 4 s + 1 ): 1 6 r s* 4 r * 4 s * l : 4 ( 4 r s + r * s ) * l,
Proof. Let us assume that there are only a finite number of primes of the
f o r m 4 n f 3 , s a yP o : 3 , P t , P 2 ,. . . ,P r . L e t
Q:4prpz P,*3.
2.3 Problems
L Find the primefactorizations
of
a) 36 e) 222 D 5o4o
b) 3e D 2s6 j) sooo
c) 100 d sr5 k) 9s5s
d) 289 h) 989 D 9999.
2. Show that all the powers in the prime-power factorization of an integer n are
even if and only if n is a perfect square.
3. Which positive integers have exactly three positive divisors? Which have exactly
four positivedivisors?
4. Show that every positive integer can be written as the product of a square and a
square-freeinteger. A square-free integer is an integer that is not divisible by
76 Greatest Common Divisors and Prime Factorization
b) S h o wt h a t i f p o l l m , t h e np k o l l m k .
9. How many zerosare there at the end of 1000! in decimal notation? How many
in baseeight notation?
10. Find all positive integersn such that n! ends with exactly 74 zeros in decimal
notation.
12. This problem presentsan example of a system where unique factorization into
primes fails. Let H be the set of all positiveintegersof the form 4ft*1, where k
is a positiveinteger.
14. Find the least common multiple of each of the following pairs of integers
2.3 The Fundamental Theorem of Arithmetic 77
a) 8,12 d) lll,3o3
b) 14,15 e) 2 5 6 ,5 0 4 0
c) 28, 35 f) 3 4 3 ,9 9 9 .
d) 4 7 t t 7 g t n l 0 lr m r , 4 rl r 8 3 r r r l 0 l1 0 0 0 .
t 7 . Which pairs of integers a and D have greatest common divisor 18 and least
commonmultiple 540?
1 8 . Show that if a and b are positive integers, then (a , il | la, bl. When does
fu, b) : la, bl?
1 9 . Show that if a and b are positive integers, then there are divisors c of a and d
o f b w i t hG , d ) : I a n dc d : l a , b l .
20. Show that if a, b, and c are integers,then [a, Ull c if and only if a I c and
b I c.
b) Find the two positive integers with sum 798 and least common multiple
l 0780.
2 2 . Show that if a,b, and c are positiveintegers,then (la, bl, t) : lG, c), (b, c)l
and lfu, b) , cJ : ([4, cl, lb , cl) .
a,brcla 'br'c.) .
. [a,b,clla,b,cl :
G , b ) G , c ) ( b, c )
24. Generalizeproblem 23 to find a formula for (ay,a2,...,on)'1d1,a2,...,an1
where
a 1.a2,...,a
n are positiveintegers.
25. The least common multiple of the integers a1,a2,...,an, that are not all zero, is
the smallestpositiveinteger that is divisible by all the integerso1,ct2,...,a,;
it is
78 GreatestCommonDivisorsand PrimeFactorization
denotedby Ia 5a2,...,an1.
il F i n d[ 6 , 1 0 , 1 5
a ]n d[ 7 , 1 1 , 1 3 j .
b) : l[,a1,a2,...,an-1l,anl.
Show that laya2,...,an-1,anl
28. Show that if a and b are integers, then the arithmetic progression
a, a*b, a*Zb,... containsan arbitrary number of consecutivecompositeterms.
a) l06- l d) 224-l
b) lo8-l e) 230-l
c ) 2r 5- l f) 236-t.
30. A discount store sells a camera at a price less than its usual retail price of ,S99.
If they sell 88137 worth of this camera and the discounteddollar price is an
integer, how many camerasdid they sell?
32. Show that if a and b are positive integers, then a2 | b2 implies that a I b.
3 3 . Show that if a,b, and c are positive integers with (a ,b) : I and ab : cn, then
there are positive integers d and,e such that a : dn and b : en.
34. Show that if aya2,...,an are pairwise relatively prime integers, then
l a 1 , c t 2 , . . . ,: a a
npl 2''' sn.
2. Find the greatest common divisor of two positive integers from their prime
factorizations.
3. Find the least common multiple of two positive integers from their prime
factorizations.
4. Find the number of zeros at the end of the decimal expansionof n ! where n is a
positiveinteger.
2.4 Factorization of Integers and the Fermat Numbers 79
Example. Let n : 42833. We note that n is not divisible by 2,3 and 5, but
that 7 | n. We have
4 2 8 3 3- 7 . 6 1 1 9 .
Trial divisions show that 6119 is not divisible by any of the primes
7,11,13,17,I9,and 23. However,we seethat
6l19:29'2ll.
Since 29 > ,m, we know that 211 is prime. We conclude that the prime
factorizationof 42833is 42833 - 7 ' 29 ' 2ll.
Unfortunately,this method for finding the prime factorizationof an integer
is quite inefficient. To factor an integer N, it may be necessaryto perform as
many as r(JF) divisions, altogether requiring on the order of JF bit
operations,since from the prime number theorem zr(JF) is approximately
,N /tog..N : 2,N AogN, and from Theorem 1.7, thesedivisionstake at least
log N bit operations each. More efficient algorithms for factorization have
been developed, requiring fewer bit operations than the direct method of
factorization previously described. In general, these algorithms are
complicatedand rely on ideasthat we have not yet discussed.For information
about thesealgorithms we refer the reader to Guy [66] and Knuth [561. We
note that the quickest method yet devised can factor an integer N in
80 GreatestCommonDivisorsand PrimeFactorization
approximately
e*p(@)
50 l.4x10r0 3.9hours
75 9 . 0 xl 0 r 2 104days
100 2 . 3 xl 0 r 5 74 years
n:aD:
, l o + u l ' - ll-ol - u l '
| 2 ,l t 2 )'
l:l
2.4 Factorizationof Integersand the FermatNumbers 81
where G+b)12 and b-b)/2 are both integerssincea and b are both odd.
where I is the smallest integer greater than ,/i . This procedureis guaranteed
to terminate,sincethe trivial factorizationn : n'l leadsto the equation
n: fn+rl' lr-rl'
I r l- |. , ,l
Example. We factor 6077 using the method of Fermat factorization. Since
77 < ffi1 < 78, we look for a perfect square in the sequence
7 8 2- 6 0 7 7: 7
7 9 2- 6 0 7 7: 1 6 4
8 0 2- 6 0 7 7:3 2 3
812- 6077:484:222.
Proof. We will prove that 641 | fr without actually performing the division.
Note that
82 GreatestCommonDivisorsand PrimeFactorization
6 4 1: 5 . 2 7 + l : 2 a + 54.
Hence.
22'+'
fil 'r'*'
-?;^i?ii:,:;o,2ii,Ii:,
=Z'ile
Therefore,we seethat 64t I F's. tr
The followingresult is a valuableaid in the factorizationof Fermat
numbers.
It is possibleto prove that there are infinitely many primes using Fermat
numbers. We begin by showing that any two distinct Fermat numbers are
relativelyprime. The following lemma will be used.
Lemma 2.8. Let F1, :22' * I denote the kth Fermat number, where k is a
nonnegativeinteger. Then for all positiveintegersn , we have
FoFf z Fn-t: Fn - 2.
Proof. We will prove the lemma using mathematical induction. For n : 1,
the identity reads
2.4 Factorization of Integers and the Fermat Numbers 83
Fo : Fr - 2 '
With this assumptionwe can easilyshow that the identity holds for the integer
n * I, since
FoFfz Fn-rFr: (FsFf2 "' Fr-)Fn
- ( F n - z ) F n : ( 2 2 '- D ( 2 2 ' + t )
- ( 2 2 ' 1 2- l - 2 2 ' * ' - 2 : F r a 1 -2. tr
Using Fermat numbers we can give another proof that there are infinitely
many primes. First, we note that from Lemma 1.1, every Fermat number Fn
has a prime divisor pr. Since (F*,F): l, we know that p^ # p, whenever
m # n. Hence,we can concludethat there are infinitely many primes.
The Fermat primes are also important in geometry. The proof of the
following famoustheoremmay be found in Ore [28].
2.4 Problems
a) 7709 d) I l02l
b) 73 e) 3200399
c) 10897 f) 24681023.
3. a) Show that the last two decimal digits of a perfect squaremust be one of the
followingpairs: 00, el, e4,25, o6, e9, where e standsfor any even digit and o
stands for any odd digit. (Hint: Show that n2, (50+n)2, and (50-n)2 all have
the same final decimal digits, and then consider those integers n with
0(n<2s.)
b) Explain how the result of part (a) can be used to speed up Fermat's
factorization method.
4. Show that if the smallestprime factor of n is p, then xz-n will not be a perfect
squarefor x ) h+pz) lLp .
5 . In this problem, we developthe method of Draim factorization. To search for a
factor of the positiveinteger n - nr, we start by using the division algorithm, to
obtain
i l 1: 3 q y * r y , 0(11 (3.
f l 2 : 5 q 2 * 1 2 , 0 ( 1 2( 5 ,
and we let
and we define
2.4 Factorization of Integers and the Fermat Numbers 85
a) Show that n1 : knr - Qk+l) (qft q2*' ' ' + q,-) and rltk: n1-
2'(qftq2* *qo-r).
b) S h o wt h a t i f ( z * + t ) I , , t h e n ( 2 k + l ) I n r a n dn : ( 2 k * l ) m 1 , 1 1 .
d) U s e E u l e r ' sm e t h o dt o f a c t o r 2 2 1 : 1 0 2 + l l 2 : 5 2 + 1 4 2 , 2 5 0 1: 5 0 2 + 1 2
: 492+ 102and 1000009: 10002+ 32 :9722 + 2352.
7 . Show that any number of the form 2an+2* I can be easily factored by the use of
the identity 4xa + 1 : (2x2+2x+l)(Zx2-Zx+t\. Factor 218+1 using this
identity.
10. Use the fact that every prime divisor of Fa:2t + I :65537 is of the form
26k + | - 64k * I to verify that F4 is prime. (You should need only one trial
division.)
I l. Use the fact that every prime divisor of Fz: 22'+ | is of the form
21k + | : l28k * 1 to demonstrate that the prime factorization of F5 is
F. : 641'6700417.
2.5 LinearDiophantineEquations
Consider the following problem. A man wishes to purchase $510 of
travelers checks. The checks are available only in denominationsof $20 and
$50. How many of each denominationshould he buy? If we let x denotethe
number of $20 checks and y the number of $50 checks that he should buy,
then the equation 20x * 50y : 510 must be satisfied. To solvethis problem,
we need to find all solutions of this equation, where both x and y are
nonnegativeintegers.
A related problem arises when a woman wishes to mail a package. The
postal clerk determinesthe cost of postageto be 83 cents but only 6-cent and
15-centstampsare available. Can some combinationof thesestampsbe used
to mail the package? To answer this, we first let x denote the number of 6-
cent stampsand y the number of l5-cent stamps to be used. Then we must
have 6x + I5y : 83, where both x and y are nonnegativeintegers.
When we require that solutionsof a particular equationcome from the set
of integers,we have a diophantine equation. Diophantineequationsget their
name from the ancient Greek mathematician Diophantus, who wrote
extensivelyon such equations. The type of diophantine equation ax * by : c,
where a, b, and c are integersis called a linear diophanttne equations in two
variables. We now develop the theory for solving such equations. The
following theorem tells us when such an equation has solutions,and when
there are solutions,explicitly describesthem.
where n is an integer.
To show that there are infinitely many solutions,let x:nfo+ $liln and
y:Y0 - G / d) n, wh e re n i s a n i n te g e r. W e s e e that thi s pai r (x,y) i s a
solution, since V rfi"v g rof14
ax t by : oxs* a(bld)n * byo- bGld)il: oxst bys: c.
G x * b y ) - ( a x s + b y s ): 0 ,
which impliesthat
a& - x/ + bU -.yd :0.
Hence,
G l d ) (x - x s ) : (b l d ) U t - y).
By Proposition
2.1, we know that bld,bld): l. Using Lemma 2.3, it
88 GreatestCommonDivisorsand prime Factorization
Consider the problems of finding all the integral solutions of the two
diophantine equationsdescribedat the beginning of this section. We first
considerthe equation6x + I5y : 83. The greatestcommon divisor of 6 and
15 is (6,15) : 3. Since I / gl, we know that there are no integral solutions.
Hence,no combinationof 6- and l5-cent stampsgivesthe correct postage.
Next, consider the equation 20x t 50y :519. The greatest common
divisor of 20 and 50 is (20,50): 10, and since l0 | 510, there are infinitely
many integral solutions. Using the Euclidean algorithm, wo find that
20eD * 50 : 10. Multiplying both sides by 51, we obtain
20(-102) + 50(51) : 510. Hence, a particular solution is given by
x 0: - 102 an d ./o :5 1 . T h e o re m2 .8 te l l s u s that al l i ntegralsol uti onsare
of the form x : -102 * 5n and y : 5l - 2n. Since we want both x and y
to be nonnegative,we must have - I02 + 5n ) 0 and 5l - 2n ) 0; thus,
n ) 20 2/5 and n 4 25 l/2. Since n is an integer, it follows that
n : 2 1 , 2 2 , 2 3 , 2 4 , o r 2 5 . H e n c e ,w e h a v et h e f o l l o w i n g5 s o l u t i o n sG: y ) :
( 3 , 9 ) ,( 8 , 7 ) ,( 1 3 , 5 ) ,( 1 9 , 3 ) ,a n d ( 2 3 , t ) .
2.5 Problems
l. For eachof the followinglineardiophantine
equations,
eitherfind all solutions,
or
showthat thereare no integralsolutions
a) 2x I 5y:11
b) l7x * l 3 y : 1 g g
c ) Z I x * l 4 y :1 4 7
d) 60x * l 8 y :9 7
e) t4o2x + t969y : r.
2. A studentreturningfrom Europechangeshis Frenchfrancs and Swissfrancs
into U.S. money. If he receives
$ll.9l and has receivedI7a for eachFrench
franc and 480 for eachSwissfranc, how much of eachtype of currencydid he
exchange?
2.5 Linear Diophantine Equations 89
3. A grocer orders apples and orangesat a total cost of $8.39. If apples cost him
25c each and oranges cost him 18c each and he ordered rnore apples than
oranges,how many of each type of fruit did he order? l€ I
4. A shopper spends a total of .85.49 for oranges, which cost l8o each, and
grapefruits, which cost 33c each. What is the minimum number of pieces of
fruit the shoppercould have bought?
5. A postal clerk has only l4-cent and 2l-cent stamps to sell. What combinations
of these may be used to mail a packagerequiring postageof exactly
a) .t3.50 b) $4.00 c) $ 7 .7 7 2
13. Nadir Airways offers three types of tickets on their Boston to New York flights.
First-classtickets are $70, second-class tickets are $55, and stand-by tickets are
$39. If 69 passengersp^y a total of $3274 for their tickets on a particular
flight, how many of each type of tickets were sold?
15. Let a and b be relatively prime positive integers and let n be a positive integer.
We call a solution x )) of the linear diophantine equation ax * by : n
nonnegativewhen both x and y are nonnegative.
c) Show that there are exactly (a-1)$-D/2 positive integers n such that
the equation has a nonnegativesolution.
d) The post office in a small Maine town is left with stamps of only two
values. They discover that there are exactly 33 postage amounts that
cannot be made up using thesestamps,including 46c. What are the values
of the remainingstamps?
4. Find all positive integers n for which the linear diophantine equation
ax * by : n has no positive solutions (see problem I 5).
Congruences
Proof. If a:- b (mod m), then m I b-b). This means that there is an
integer k with km : a - b, so that A : b * km.
Proof.
( i) W e s e e th a t a = a (mo d m ), s i n c em I G-a) :0.
(iil If a: b ( m o d m ) , t h e n m I Q - b ) . H e n c e ,t h e r ei s a n i n t e g e rf t
w i t h k m : a - b . T h i s s h o w st h a t ( - k ) m : b - a. so that
m | (b -d . C o n s e q u e n tl yD, = a (mod m).
(iii) If a = b (mod rz) and b =c (mod la), then m I G-b) and
m | (b -d . H e n c e , th e re a re i n te gersk and 0 w i th km: a - b
and Qm : b - c . T h e re fo re , e - c : (a-D ) + (b-c) :
k m * Qm : (k + D m. C o n s e quentl y, m I G-d and
a ? c (m o d z ). tr
From Proposition 3.2, we see that the set of integers is divided into m
different sets called congruenceclasses modulo m, each containing integers
which are mutually congruent modulo m.
_ m-l ,, r . . . tm -3 m-l
TrT
2
Proof. Sincea = b (mod m), we know that m I G-b). From the identity
G + d - ( b + d - a - b , w e s e em l l f u + d - $ + c ) 1 , s o t h a t ( i ) f o l l o w s .
Likewise,(ii) followsfrom the fact that fu-c) - (b-c): a - b. To show
that (iiD holds,note that ac - bc : cG-D. Sincem I Q-b), it follows
that m I cb-b), and hence,ac = bc (modm). tr
E x a m p l e .W e h a v e 1 4 : 7 . 2 : 4 . 2 : 8 ( m o d6 ) . B u t 7 * 4 ( m o d6 ) .
andmlk-d). H e n c e ,t h e r e a r e i n t e g e r sk a n d . 0 w i t h k m : a - b and
Qm: c - d.
T o p r o v e( i ) , n o t et h a t ( c + c ) - ( b + d ) : f u - b ) + k - d ) : km * Qm:
(k+Dm. Hence, m ll,(a+c) - ( U + a ) | . T h e r e f o r e , Q * c = b *
d ( m o d m).
- Qm :
To pr ov e ( ii) , not e th a t (a -c ) - O -d ) : b -b ) - k-d) : km
- - - ( m o d
&-Dm. H e n c e ,m l t G - c ) - $ - i l 1 , s ot h a t a c $ d m)'
is a completesystemof residuesmodulo z.
T h e o r e m3 . 6 . l f a : b ( m o d m y ) , a = b ( m o d f f i z ) , . . . a, = b ( m o d m 1 , )
where a,b,ml, frt2,...,t/t1, a;fointegerswith mt,frl2 ,...,t/r1positive,then
a = b (mod lmpm2,...,mpl),
where Lm1,m2,...,rup1
is the leastcommon multiple of mr,rrr2,...,t/tk.
P r o o f . S i n c ea = b ( m o d z l ) , a : - b ( m o df f i z ) , . . .a, = b ( m o dm t ) , w e
know that m, | ( o - D,mzl G - b ) , . . . ,m * I G - D . From problem20 of
Section2.3, we seethat
[ , m 1 , m 2 , . . . , m *Q] l - b ) .
Consequently,
a = b ( m o d L m 1 , m 2 , . . . , m * l )E.
a = b (modn4rtltz." m).
3 .1 In t r oduc t ion t o C o n g ru e n c e s
2 2 (mod 645),
22 4 (mod645),
2+ 16 (mod649,
28 256 (mod 645),
216 391 (mod 645),
232 16 (mod 645),
264 256 (mod645),
2128 391 (mod 645),
22s6 l6 (mod649,
2srz 256 (mod 64il.
Proof. To find the least positive residue of bN (mod rn), we can use the
algorithm just described. First, we find the least positive residues of
b,b2,b4,...,62'modulom, where 2k < N < 2k*t, by successively squaring and
reducing modulo ru. This requiresa total of O(0og2m)2log2N) bit operations,
becausewe perform [log2lf I squarings modulo m, each requiring o(Iogzm)2)
bit operations. Next, we multiply together the least positive residues of the
integers bl correspondingto the binary digits of N which are equal to one,
and we reduce modulo m after each multiplication. This also requires
O(Qog2m)2log2,n/) bit operations, because there are at most log2N
multiplications, each requiring O((log2m)2) Uit operations. Therefore, a total
of O((log2m)2log2lf) bit operationsare needed. tr
3.f Problems
il 27 :5 ( m o dz )
b) 1000 -- 1 (mod rn )
a) 22 d) -l
b) 100 e) -loo
c ) i00l f) -1000.
7. Showthatif a,b,andc a r e i n t e g e r s w i t h c) 0 s u c h t h a t a = b ( m o d c ) , t h e n
(a,c): (bd .
nn
b) f l a'i : - f l br; ( m o d r n) .
j-l t-t
In problems 9-11 construct tables for arithmetic modulo 6 using the least
nonnegativeresiduesmodulo 6 to representthe congruenceclasses.
13. Which decimal digits occur as the final digit of a fourth power of an integer?
14. What can you conclude if a2 = 62 (mod p), where a and b are integers and p is
prime?
15. Show that if ak = bt (mod nr) and ak+t : bk+l (mod nr), wherea,b,k, and
m a r e i n t e g e r sw i t h k > 0 and m)0 such that (a,m):1, then
a = b (mod rn ). If the condition (a,m): I is dropped, is the conclusionthat
a = b (mod z) still valid?
b) 13+23+33+ + (n-l)3=o(modn).
1 2+ 2 2 + 3 2 + * ( n - l ) 2 = o ( m o dn ) ?
19. Show that if n = 3 (mod 4), then n cannot be the sum of the squares of two
integers.
20. il Show that if p is prime, then the only solutions of the congruence
x 2 = x ( m o d p ) a r e t h o s ei n t e g e r sx w i t h x = 0 o r I ( m o d p ) .
100 Congruences
b) Show that if p is prime and ft is a positive integer, then the only solutionsof
x2 =x (mod pk) arethoseintegersx such that x E 0 or I (modpe).
21. Find the least positive residuesmodulo 47 of
24. on a computer with word size w, multiplicertion modulo n, where n I w f2, can
be performed as outlined. Let T:IJn + %1, and t : T2 - n. For each
computation, show that all the required computer arithmetic can be done without
exceedingthe word size. (This method was describedby Head t67]).
x:aT*b, y:cT*d
v : gT * h,
where g and h are integers with 0 ( g ( f,0 < h < T, and such that
f) Show that the right-hand side of the congruence of part (e) can be
computed without exceeding the word size by first finding j with
j = (f +s)l (mod n)
k=j+Dd(modn)
and0<k<n.sothat
xy:hT+ft(modn).
25. Develop an algorithm for modular exponentiation from the base three expansion
of the exponent.
a) 3ro modulo I I
b) 2r2 modulo 13
c) 516modulo 17
d) 322modulo 23.
a) 5! modulo 7
b) 10! modulo 11
c) 12! modulo 13
29. Show that the least nonnegative residue modulo m of the product of two positive
integers less than m can be computed using O(logzm) bit operations.
30. a) Five men and a monkey are shipwrecked on an island. The men have
collected a pile of coconuts which they plan to divide equally among
themselves the next morning. Not trusting the other men, one of the group
wakes up during the night and divides the coconuts into five equal parts with
one left over, which he gives to the monkey. He then hides his portion of
the pile. During the night, each of the other four men does exactly the
same thing by dividing the pile they find into five equal parts leaving one
coconut for the monkey and hiding his portion. In the morning, the men
102 Congruences
gather and split the remaining pile of coconuts into five parts and one is left
over for the monkey. What is the minimum number of coconuts the men
could have collected for their original pile?
b) Answer the same question as in part (a) if instead of five men and one
monkey, there are n men and k monkeys, and at each stage the monkeys
receive one coconut each.
2. Perform modular addition and subtraction when the modulus is less than half of
the word size of the computer.
3. Perform modular multiplication when the modulus is less than half of the word
size of the computer using problem 24.
are the solutionsof the linear congruence;there are infinitely many of these.
1 5: 9 ' l + 6
9 :6'1 + 3
/' \ n 6:3'2,
0.t5)- ,))
s o t h a # s 9 : ' e . l : 9 - ( t S - q . D : 9 - 2 - 1 5 . H e n c e9 . 8 - 1 5 . 4 : 1 2 , a n d
a particular solutionof 9x - l5y : 12 is given by : 8 and lo : 4.
"o
From the proof of Theorem 3.7, we see that a complete set of 3 incongruent
solutionsis given by t : x0 = 8 (mod l5), x : x0 + 5 = 13 (mod l5), and
x : x o + 5 ' 2 : 1 8 = 3 ( m o dl 5 ) .
We now consider congruencesof the special form ax ? I (mod la). From
Theorem 3.7, there is a solution to this congruenceif and only if (a,m): l,
and then all solutions are congruent modulo rn. Given an integer a with
(a,m) : l, a solution of ax 7 I (mod lz) is called an inverse of
a m odulo m . / \
73 )ly =\ lF ai= F7 r3 ?- 2.5.I i =7- L{a,-'}'f.?{ ti'L
Example. Since the solutionsof 7x = I (mod 31) satisfy x = 9 (mod 3l),9,
and all integers congruent to 9 modulo 31, are inverses of 7 modulo 31.
Analogously, since 9'7 = I (mod 3l) , 7 is an inverseof 9 modulo 31.
Hence [ : 5 - 2 . 2 : 5 - 0 - 5 . 1 ) . 2: 5 . 3- 2 . 7 : ( 1 2 - 7 . 1 :) 3 - 2 . 7-
3 .2 Linear Congr u e n c e s 105
Later otr, we will want to know which integers are their own inverses
modulo p where p is prime. The following propositiontells us which integers
have this property.
Proposition 3.4. Let p be prime. The positive integer a is its own inverse
mo d ulop if and on l y i f a = | (m o d p ) o r e : -l (mod p).
C o n v e r s e l yi ,f a i s i t s o w n i n v e r s em o d u l op , t h e n a 2 : a ' o : I (modp).
Hence, p I Gz-t). Since a2 l: - ( a - l ) ( a + l ) , either p I G-l) or
p I G + t ) . T h e r e f o r ee, i t h e ra = I ( m o dp ) o r q : - - 1 ( m o d p ) . E
3.2 Problems
2. L e t a , b , a n d m b e p o s i t i v e i n t e g e r s w i t h7a0 , m ) 0 , a n d ( a , m ) : L The
following method can be used to solve the linear congruenceax 2 b (mod m).
ag - -b[m/al (modzr).
c) Use the method described in part (b) to solve the linear congruence
6x = 7 (mod 23).
4. F o r w h i c h i n t e g e r s cw i t h 0 ( c < 3 0 d o e s t h e c o n g r u e n c e l 2 x= c ( m o d 3 0 )
have solutions? When there are solutions, how many incongruent solutions are
there?
5. Find an inversemodulo 17 of
a) 4c)7
b) s d) re.
6. Show that if d'is an inverse of a modulo m and D is an inverse of D modulo m.
then a- i ir un inverse of ab modulo z.
a) 2x * 3 y : I ( m o d 7 ) c) 6x * 3y =0 (mod9)
b) 2x + 4 v = 6 ( m o d 8 ) d) lOx * 5v = 9 (mod l5).
9. Let p be an odd prime and k a positive integer. Show that the congruence
x2 = I (mod pt) has exactly two incongruent solutions, namely
xE-fl(modpt).
10. Show that the congruence x2 = I (mod 2ft) has exactly four incongruent
solutions,namely x E tl or +(t+Zk-t) (mod 2ft), when k > 2. Show that
when k : I there is one solution and when k :2 there are two incongruent
solutions.
I l. Show that if a and m ^re relatively prime positive integers with a ( rn, then
an inverse of a modulo m can be found using O (log m) bit operations.
12. Show that if p is an odd prime and a is a positive integer not divisible by p,
then the congruence x2 = a (mod p) has either no solution or exactly two
incongruent solutions.
ar(modm,),
x = I (mod3)
x=2(mod5)
x = 3 (mod 7),
w e h a v e M - 3 . 5 . 7: 1 0 5 , M r : 1 0 5 / 3 : 3 5 , M z : I A 5 / 5: 2 1 , a n d
Mt: 105/ 7 : 1 5 . T o d e te rm i n e !r, w e sol ve 35yr= I (mod 3), or
equiv alent ly , 2y r = I (m o d 3 ). T h i s y i e l d sj zr E 2 (mod 3). W e fi nd yzby
solving 2lyz: I (mod 5); this immediately gives lz = I (mod 5). Finally,
wef ind y t by s o l v i n g r5 y t= 1 (m o d 7 ). T h i sgi ves/r E I (mod 7). H ence,
x E l ' 3 5 ' 2+ 2 . 2 1 . +
1 3.15.1
--
157= 52 (mod105).
x=l(mod s)
x = 2 ( m o d6)
x = 3 ( m o d7 ) .
Note that the method we have just illustrated shows that a system of
simultaneous questions can be solved by successively solving linear
congruences. This can be done even when the moduli of the congruencesare
not relatively prime as long as congruencesare consistent. (See problems 7-10
at the end of this section.)
The Chinese remainder theorem provides a way to perform computer
arithmetic with large integers. To store very large integers and do arithmetic
with them requires special techniques. The Chinese remainder theorem tells
us that given pairwise relatively prime moduli r/t1,r/12,...,ffi,, a positive integer
n with n < M : rltiltz' ' ' mr is uniquely determined by its least positive
residuesmoduli mi for j : 1,2,...,r. Supposethat the word size of a computer
is only 100, but that we wish to do arithmetic with integers as large as 106.
First, we find pairwise relatively prime integers less than 100 with a product
exceeding 1 0 6 ; f o r i n s t a n c e w
, e c an take mt:99, r/t2:98, m3:97, and
mq: 95. We convert integers less than 106 into 4-tuples consistingof their
least positive residues modulo mt, ffi2, n43, a;fidfti4. (To convert integers as
110 Congruences
large as 106 into their list of least positive residues,we need to work with large
integers using multiprecision techniques. However, this is done only once for
each integer in the input and once for the output.) Then, for instance,to add
integers, we simply add their respective least positive residues modulo
tntt, t/t2, rn3, ?,fid ftr4, rrrzking use of the fact that if x = xi (mod m) and
: xi * y; (mod m). We then use the Chinese
! = li (mod m), then x * y
remainder theorem to convert the set of four least positive residuesfor the sum
back to an integer.
x = 33 (mod99), y = 32 (mod99),
x?8(mod98), y = 92 (mod98),
x:9(mod97), y : 42 (mod97),
x = 89 (mod95). y = 1 6 ( m o d9 5 ) ,
so that
x+Y=65(mod99)
x+y:2(mod98)
x + Y = 51 (mod 97)
x+y:10(mod95).
We find that yr:37 (mod 99), yz = 38 (mod 98), /r -- 24 (mod 97), and
!+= 4 ( m o d 95). Hence,
Lemma 3.1. If a and b are positive integers,then the least positive residueof
Za - I modulo 2b - I is 2' - 1, where r is the least positive residue of a
mo d u l o b.
Lemma 3.2. lf a and b are positive integers, then the greatest common
divisor of 2o - 1 and 2' - 1 is 2 k , b )- 1 .
: ln-2Qn-2*
0<
Using Lenrma 3.1. and the steps of the Euclidean algorithm with a : rs
and b : , r, when we perform the Euclidean algorithm on the pair
2 a - I : Ro and2b - I : R 1 , w € o b ta i n
112 Congruences
Rs :RrQr*Rz R2 :2"-|
R1 :RzQz*R:
R3 :2"-\
We can now use Proposition 3.5 to produce a set of pairwise relatively prime
integers, each of which is less than 235,with product greater than a specified
integer. Supposethat we wish to do arithmetic with integers as large as 2186.
We p:gk lfir:2t5 - I, tltz:zto - l, t/t3:233 - l, t7t4- ztt - l,
tns: 22e- l, and r/t6:22s - l. Since the exponentsof 2 in the expressions
for the mi are relatively prime, by Proposition 3.5 the M
i's are pairwise
relatively prime. Also, we have M : H!fl2nt3n4qrflsftio2 2t86. we can now
use modular arithmetic and the Chinese remainder theorem to perform
arithmetic with integersas large as 2186.
Although it is somewhat awkward to do computer operations with large
integers using modular arithmetic and the Chinese remainder theorem, there
are some definite advantages to this approach. First, on many high-speed
computers, operations can be performed simultaneously. So, reducing an
operation involving two large integers to a set of operations involving smaller
integers, namely the least positive residuesof the large integers with respectto
the various moduli, leads to simultaneous computations which may be
performed more rapidly than one operation with large integers. Second, even
without taking into account the advantages of simultaneous computations,
multiplication of large integers may be done faster using these ideas than with
many other multiprecision methods. The interested reader should consult
K nut h t 561.
3 .3 The Chines e Re ma i n d e r T h e o re m 113
3.3 Problems
l. Find all the solutionsof each of the following systemsof congruences.
a) x:4(modll) c) x = 0(mod 2)
x = 3(mod 17) x = O ( m o d3 )
x E l(mod 5)
b) x = l(mod2) x = 6(mod 7)
x = 2(mod 3)
x = 3(mod 5) d) x :2(mod ll)
x = 3(mod 12)
x = 4(mod 13)
x E 5(mod 17)
x = 6(mod l9).
2 . A troop of 17 monkeys store their bananas in eleven piles of equal size with a
twelfth pile of six left over. When they divide the bananas into 17 equal groups
none remain. What is the smallest number of bananasthey can have?
5. Show that there are arbitrarily long strings of integers each divisible by a perfect
square. (Hint: Use the Chinese remainder theorem to show that there is a
simultaneous solution to the system of congruences x 5 0 (mod 4),
x = -l (mod 9), x: -2 (mod 25),..., x - -ls*l (mod p|), where p1, is the
kth prime.)
6" Show that if a,b, and c are integerswith (a,b) :1, then there is an integer n
s u c ht h a t G n * b . c ) : l .
has a solution if and only if (m6m2) | Gra). Show that when there is a
solution, it is unique modulo (lmvmzl). (Hint: Write the first congruenceas
x : a, * km, where ft is an integer, and then insert this expressionfor x into
the secondcongruence.)
\- 4 (mod 6)
at x: b) x =7 (modl0)
y -
13 (mod15) x=4(mod15).
x t a1 (modz1)
x z az (mod m2)
-
v, 3 4, (mod ln")
has a solution if and only if (m;,m1) | G, - a) for all pairs of integers (i,7)
with I (i <l (r. S h o w t h a t i f a s o l u t i o ne x i s t s ,t h e n i t i s u n i q u e m o d u l o
lm1, m2,...,ffi,l. (Hint: Use problem 7 and mathematicalinduction.)
10. Using problem 9, solve the following systemsof congruences
a) x= 5 (mod6) d) .r = 2 (mod 6)
x=3 (modl0) x=4 (mod8)
x=8 (mod15) x=2 (mod14)
x = 14 (mod 15)
b) x = 2 (mod 14)
x = 16 (mod 2l) e) x = 7 (mod9)
x : l0 (mod 30) x = 2 (mod l0)
x=3 (mod12)
c) x = 2 (mod9) x=6 (modl5).
x=8 (mod15)
x = l0 (mod 25)
ll. What is the smallest number of eggs in a basket if one egg is left over when the
eggs are removed 2,3,4,5, or 6 at a time, but no eggs are left over when they are
removed7 ata time?
t 2 . Using the Chinese remainder theorem, explain how to add and how to multiply
784 and 813 on a computer of word size 100.
b) How many base b automorphs are there with n or fewer base b digits, if b
has prime-power factorization 6 : pl' pl' ' ' ' pl,' Z
14. According to the theory of biorhythms, there are three cycles in your life that
start the day you are born. These are the physical, emotional, and intellectual
cycles, of lengths 23,28, and 33 days, respectively. Each cycle follows a sine
3.3 The ChineseRemainderTheorem 115
curve with period equal to the length of that cycle, starting with amplitude zero,
climbing to amplitude I one quarter of the way through the cycle, dropping back
to amplitude zero one half of the way through the cycle, dropping further to
amplitude minus one three quarters of the way through the cycle, and climbing
back to amplitude zero at the end of the cycle.
a) For which days of your life will you be at a triple peak, where all of your
three cyclesare at maximum amplitudes?
b) For which days of your life will you be at a triple nadir, where all three of
your cycles have lowest amPlitude?
c) When in your life will all three cyclesbe a neutral position (amplitude 0) ?
15. A set of congruencesto distinct moduli greater than one that has the property
that every integer satisfiesat least one of the congruencesis called a covering set
of congruences.
The three children in a family have feet that are 5 inches,7 inches,and 9 inches
long. When they measure the length of the dining room of their house using
their feet, they each find that there are 3 inches left over. How long is the
dining room?
l. Solve systemsof linear congruencesof the type found the Chinese remainder
theorem.
3. Add large integers exceedingthe word size of the computer using the Chinese
remainder theorem.
116 Congruences
4. Multiply large integers exceeding the word size of the computer using the
Chinese remainder theorem.
5. Find automorphsto the base D, where b is a positive integer greater than one
(seeproblem 13).
6. Plot biorhythm charts and find triple peaks and triple nadirs (see problem l4).
Suppose we wish to find all integers x and y such that both of the
congruences
3x * 4y :5 (mod13)
2x t 5y = 7 (mod 13)
are satisfied. To attempt to find the unknownsx and |, we multiply the first
congruenceby 5 and the secondby 4, to obtain
7x = -3 (mod l3).
x = 7 (modl3).
6x * 8y = l0 (mod 13)
--
6x * l5y 2l (modl3).
we obtain
from the second,
Whenwe subtractthe first congruence
7y = 11 (mod13).
When we insert these congruencesfor x and y into the original system,we see
that thesepairs actually are solutions,since
3x * 4y : 3'7 + 4'9 : 57 =5 (mod l 3 )
2 x * 5 v = 2 ' 7 + 5 ' 9 : 5 9 : 7 ( m o dI 3 ) .
Hence, the solutions of this system of congruencesare all pairs G,y) with
x = 7 ( m od 13) and v = 9 (m o d l 3 ).
We now give a general result concerningcertain systernsof two congruences
in two unknowns.
ax*by:e(modm)
cx*dy:f(modm)
Proof. We multiply the first congruenceof the system by d and the secondby
b . to o bt ain
118 C ongruences
G d -b c ) x = d e -b f (mod m),
o r , s i n c eA : ad-bc,
Ax = de-bf (mod rn ).
or
and
cx * dy : 4 tat-bn + dE Gf -ce)
:- L Gde-brf + adf-cde)
= a bd-bdf
= A'L,f
: ( m o dm ) .
/
Definition. Let A and B be nxk matrices with integer entries, with (i,/)th
entries aii and br7 , respectively. We say that A is congruent to B modulo m
i f a i i - b i j ( m o dm ) f o r a l l p a i r s ( i , 7 ) w i t h I < t ( n a n d t ( , r < k . W e
-
write A B (mod m) if I is congruentto B modulo m.
The matrix congruence A = B (mod m) provides a succinct way of
expressing the nk congruences o,j = bi1 (mod m) for I ( i ( rz and
I ( 7 < /c.
f" 13l (q 3l
( m ordr ) '
L8 2) l: rJ
The following proposition be needed.
120 Gongruences
Qtt an Qln X1 by
azt azz Q2n X2 bz
where A : ,X: ,andB:
ca n be wr it t en as
3.4 Systemsof LinearCongruences 121
b
|
4l| f'l
| -
fsl ( m o d l 3 ) .
[ Ll
12 sJ lyj L7J
We now develop a method for solving congruences of- the form
AX = B (mod m). This method is based on finding a matrix I such that
7Z - 1 (mod m), where 1 is the identity matrix.
f'o
l l
ol
t ol
tra -,qI:/ ( m o zd ) , w h e rIe: l o . . . i s t h ei d e n t i m
t ya t r iox f
ll
100 t,l
order n, then 7 is said to be an inverse of A modulo m .
If A is an inverse of A and B : 7 (moO rn ), then ^B is also an inverse of
A. This follows from Proposition3.6, sinceBA = AA = I (mod m).
Example. Since
= (m.d
:;l [t:): [t,[] [; ?] 5,
and
mat r ix
r : o=fl -o-ul
. o)'
wher ea is t he in v e rs eo f A m o d u l o m,i s a n i n verseof I modul o m.
f" u ) - l a - oll: n -l f a d - b c o l
AA: | ,l4l
oJ--l - b c + a.dl )
0
Va)-l-c
-faol faao I frol
= ^|-ooj=l
o ooj=lo',l: 1 (mod
z)
and
ir +l
Example.Let A : Since2 is an inversedetA:7 modulo13, we
lr r,J.
have
_+l:
tr_2 1.s = |'rosl(moar).
|,ro_sl
l-23) l-46) l.e6J
To provide a formula for an inverse of an nxn matrix where n is a positive
integer, we need a result from linear algebra. This result may be found in
Anton [60; page 791. It involvesthe notion of the adjoint of a matrix, which
is defined as follows.
Definition. The adjoint of an nxn malrix A is the n\n matrix with (i,;)th
entry Cyi, where Cii is (-l)t+i times the determinant of the matrix obtained
by deleting the ith row and 7th column from A. Thg adjoint of I is denoted
3 .4 S y s t em s of Lin e a r C o n g ru e n c e s 123
by adj(l).
AadjA:(detnl:A1.
and
e tuolilA - [ (uojA ' A) - aar : 1 (modrn).
Example. Let A :
fzsol
2 | . . T h e n d e tA : - 5 . S i n c e( d e t A , 7 ) : 1 , and an
120
u 23J
inverseof det A : -5 is 4 (mod 7), we find that
AX : B (m o d m),
A Ux): LB (modm)
(,q,4x - 4B (modm)
X : A B (modn).
f"l - 1 ' - 1 ' " -B- l--A-f a -t)| |f,l| - ^ ,-, _fa,
. i_,
- nrl
),1(m odm).
l . .l : X = A ..r
lyj ")lf)-ulo,
This demonstratesthat (x,y) is a solutionif and only if
2 x 1 * 5 x 2t 6 x t : 3 ( m o d7 )
2x1 * xt j 4 (mod 7)
xr * 2x2* 3x:: I ( m o d7 ) .
lzosol
I [",] f
,l
- lalr.noo
12z I l"'l = '^'^"-
rl.
lr r,l l",j I'J
Before leaving this subject,we should mention that many methodsused for
solving systems of linear equations may be adapted to solve systems of
congruences. For instance, Gaussian elimination may be adapted to solve
systemsof congruenceswhere division is always replacedby multiplication by
inversesmodulo ru. Also, there is a method for solvingsystemsof congruences
analagousto Cramer's rule. We leave the developmentof these methods as
problemsfor thosereadersfamiliar with linear algebra.
3.4 Problems
l. Find the solutionsof the followingsystemsof linearcongruences.
a) x*2y I (mod 5)
2x* y I (mod 5)
b) x*3y I (mod 5)
3xt4y 2 (mod 5)
d4x +y (mod 5)
2x + 3 v (mod 5).
a) 2x*3y (mod 7)
x*5y (mod 7)
3. What are the possibilitiesfor the number of incongruent solutions of the system
of linear congruences
ax*by:c(modp)
dx * ey : f (mod fl,
fz'l f+ol( m o d 5 )
Q-
lor,l llJ
and all entries of C are nonnegativeintegers less than 5.
5 . Use mathematical induction to prove that if A and B are nxn matrices with
integer entries such that A = B(mod m ), then Ak : Bk(modm) for all
positiveintegersk.
a) Show that
1 4n l is involutory modulo 26.
| | 22)
b) Show that if A is a 2x2 involutory matrix modulo m, then
detA:tl(modrn).
7 . Find an inverse modulo 5 of each of the.following matrices
f or l
il lr ol
i',i
b) |.,oJ
z)
c ) l z, J
lt
8 . Find an inverse modulo 7 of each of the following matrices
a)
frrol
0t
lt I
[0 1 lJ
fr z:l
b) lr2sl
u 46J
r)
lr r r 0l
ll l0ll
^)
v' | |
ll0rll'
l 0r r r , J
9. Use the results of problem 8 to find all solutionsof each of the following systems
a) x+y : I (mod 7)
x*zz2(mod7)
Y*z=3(mod7)
3.4 Systemsof LinearCongruences 127
b) x*2y*32 : I (mod 7)
x*3y*52=l(mod7)
x*4yl6z=l(mod7)
c) x*y *z = (mod 7)
x*y *w : (mod 7)
xtz iw : (mod 7)
Y*z *w = (mod 7).
a) x* y* z i I (mod 5)
2x*4y*32: I (mod 5)
b) 2x*3y* z 3 (mod 5)
x*2y*32 I (mod 5)
2x* z I (mod 5)
il2x*y*z (mod 5)
x *2y * z (mod 5)
x * y *22 (mod 5).
1 3 . A magic square is a square array of integers with the property that the sum of
the integers in a row or in a column is always the same. In this problem, we
present a method for producing magic squares.
a) Show that the n2 integers 0,1,...,n2-l are put into the n2 positionsof an
n x/, square, without putting two integers in the same position, if the integer
k is placed in the i th row and 7th column, where
i=a*ck*e{klnl (modn),
j=b+dk+flk/nl (modn),
l. Find the solutions of a system of two linear congruencesin two unknowns using
Theorem 3.8.
n: ( a i - f i i - 2 . . . a z a r a ot)o ( m o d 2 / )
r29
130 A ppl i cati ons of C ongruences
E x a m p l e .L e t n : 3 2 6 8 8 0 4 8 . w e s e e t h a t 2 l n s i n c e z l g , a l , since
4 | 4 9 , 8 l , s i n c es | + a , 1 6 | n s i n c e t 6 | g 0 4 g ,b u t 3 2
/ r s i n c e ' l zi g s o + g . -
To develop tests for divisibility by powers of 5, first note that since
l 0 = 0 ( m od 5), w e h a v e l Y :0 (mo d 5 /). H ence, di vi si bi l i ty tests for
powers of 5 are analogousto those for powers of 2. We only need to check the
integer made up of the last 7 digits of n to determinewhether n is divisiblebv
5i.
E x a m p l e . L e t n : 1 5 5 3 5 3 7 5 .S i n c e s I s , 5 | n , s i n c e z s
lls,25 | n, since
1 2 5 | 3 7 5 , 1 2 5 | n , b u t s i n c e 6 2 5| s l l s , 6 2 5 I n .
Next, we develop tests for divisibility by 3 and by 9. Note that both the
congruences l0 : I (mod 3) and l0 = I (mod 9) hold. Hence,
10e : I (mod 3) and (mod 9). This givesus the useful congruences
( a p a 1 r - 1 . . . a p s: ) e k l 0 & + a * _ t l 0 k - l + * alO * a6
: ek * ap4 *' . . + ar *as (mod
3 ) a n d ( m o d9 ) .
Hence, we only need to check whether the sum of the digits of n is divisible by
3, or by 9, to seewhether n is divisibleby 3, or by 9.
( a 1 r a 1 r - 1 . . . a p s ) t 0a:k l O k + a 1 r - 1 1 0 k *- r * alO * as
: ak(-l)ft * a*-r(-t)t-t + -at * as (modI l).
( a 1 , a 1 r - r . . . a d r oa :k l O k + a * - J O f t - l + * alO * c6
: ( a o * l 0 a r * 1 0 0 a ) + 1 0 0 0 ( a r* 1 } a a * 1 0 0 4 5 )*
(tOOO)'(ou + l 0 a 7 t 1 0 0 a 6 )r
= (100a2* 10cr+ a0)- (l00ar * l}aa* a) *
(t00ar * l0a7+ a) -
= ( a2 a ,a s ),. - (o 5 a a a 3 ),s * (a s a 7a6)rc- (mod 1001).
Example. Let n - 59358208. Since the alternating sum and difference of the
- -91, is
integers formed from blocks of three digits, 208 358 + 59 :
divisible by 7 and 13, but not by 11, we seethat r is divisibleby 7 and 13, but
notbyIL
-----*?.ll
of theTvisibility tests we have developedthus far are based on decimal
representations. We now develop divisibility tests using base b
representations,where b is a positive integer.
i f a n d o n l y i f d I G1-t...aps)6. -
Co n se quent lyd, I Q 1 ,a 1 r-1 ...a p s )6
a l r b kI t aft I aoz at * * a 1 t a 6 ( m o d d ) . T h i s s h o w st h a t
dlnifandonlyifdl(a*+ * a1t as). tr
4.1 Problems
l. Determinethe highestpowerof 2 dividingeachof the followingpositiveintegers
a) 201984 c) 89375744
b) 1423408 d) 4t578912246.
2. Determine the highest power of 5 dividing each of the following positive integers
a) 112250 c) 235555790
b) 4860625 d) 48126953125.
3. Which of the following integers are divisible by 3? Of those that are, which are
divisible by 9?
a) 18381 c) 987654321
b) 65412351 d) 78918239735
4 .1 D iv is ibilit y T ests 133
a) 10763732 c) 674310976375
b) 108632001s d) 89243t00645372
il Show that every decimal palindromic integer with an even number of digits
is divisibleby I l.
b) Show that every base 7 palindromic integer with an even number of digits is
divisibleby 8.
8. Develop a test for divisibility by 37, based on the fact that 103 = I (mod 37).
Use this to check 443692 and I 1092785for divisibility by 37.
9. Devise a divisibility test for integers representedin base b notation for divisibility
by n where n in a divisor of b2 + l. (Hint: Split the digits of the base b
representationof the integer into blocks of two, starting on the right).
il ( t o t t 1 0 1 l o ) 2 i s d i v i s i b l eb y 5 .
ll. An old receipt has faded. It reads 88 chickens at a total of $x4.2y where x and
y ^re unreadable digits. How much did each chicken cost?
12. Use a congruence modulo 9 to find the missing digit, indicated by a question
mark: 89878'58965: 5299?56270.
c # ab (mod z), then we know an error has been made. When we take m :9
and use the fact that an integer in decimal notation is congruent modulo 9 to the
sum of its digits, this check is called casting out nines. Check each of the
following multiplications by casting out nines
il 875961-2753: 2410520633
b) t4789.23567 : 348532367
c) 24789'43717: 1092700713.
2. Test an integer for divisibility by 3,7,9, ll, and 13. (Use congruencesmodulo
l00l for divisibility by 7 and 13.)
3. Determine the highest power of each factor of b that divides an integer from the
base b expansionof the integer.
1582 Pope Gregory set up a new calendar. First, l0 days were added to the
d a te, s o t hat O c t ob e r 5 , 1 5 8 2 ,b e c a meOc to b e r 1 5, 1582 (and the 6th through
the l4th of October were skipped). It was decided that leap years would be
preciselythe years divisible by 4, except those exactly divisible by 100, i.e.,
the years that mark centuries,would be leap years only when divisible by 400.
As an example,the years 1700, 1800, 1900, and 2100 are not leap years but
1600 and 2000 are. With this arrangement, the average length of a calendar
year is 365.2425days, rather close to the true year of 365.2422 days. An
error of 0.0003 days per year remains, which is 3 days per 10000 years. In
the future, this discrepancy will have to be accounted for, and various
possibilitieshave been suggestedto correct for this error.
In dealing with calendar dates for various parts of the world, we must also
take into account the fact that the Gregorian calendar was not adopted
everywherein 1582. In Britain, the Gregorian calendar was adopted only in
1752,and by then, it was necessaryto add I I days. Japan changedover 1873,
the Soviet Union and nearby countries in 1917. while Greece held out until
1923.
We now set up our procedure for finding the duy of the week in the
Gregorian calendar for a given date. We first nrust make some adjustments,
becausethe extra day in a leap year colmesat the end of February. We take
care of this by renumbering the months, starting each year in March, and
consideringthe months of January and February part of the precedingyear.
For instance,February 1984, is consideredthe 12th month of 1983, and May
1984, is consideredthe 3rd month of 1984. With this convention,for the day
of interest, let k : day of the month, z : month, and N : year, with
N : 100C + IZ, where C : century and Y : particular year of the century.
F o r e x a m p l e J, u n e 1 2 , 1 9 5 4 ,h a s k : 1 2 , f r 7 : 4 , N : 1 9 5 4 , C : 1 9 , and
Y :54.
We use March 1, of each year as our basis. Letdy representthe day of the
week of March 1, in year I{. We start with the year 1600 and compute the
day of the week March l, falls on in any given year. Note that between
March I of year l/ - I and March I of year ly', if year N is not a leap year,
365 days have passed,and since 365 : I (mod 7), we seethat du : dN_,
* I (mod 7), while if year l/ is a leap year, since there is an extra day
between the consecutivefirsts of March, we see that dy = dx_r + 2 (mod 7).
Hence, to find dys from drooo,we must find out how many leap years have
occurred between the year 1600 and the year N (not including 1600, but
including N). To compute this, we first note that there are [(nrr - 160c)/41
years divisible by 4 between 1600 and N, there are [Or-t600)/1001 years
divisible by 100 between 1600 and N, and there are ICnr - 1600)/4001years
divisible by 400 between 1600 and N. Hence, the number of leap years
136 Applicationsof Congruences
between1600 and N is
(We have used Proposition1.5 to simplify this expression). Now putting this
in terms of C and Y , we see that the number of leap years between 1600 and
l/ is
Simplifying, we have
dx : drcoo
- 2c + y + tc/41 + ly/41 (mod7).
Now that we have a formula relating the day of the week for March l, of any
year, with the day of the week of March 1, 1600, we can use the fact that
March |, 1982, is a Monday to find the day of the week of March I , 1600.
F o r 1 9 8 2 ,s i n c e . l y ' : 1 9 8 2 , w eh a v eC : 1 9 , a n d Y : 8 2 , a n d s i n c ed p t z : l ,
it follows that
| = drcoo- 38 + 82 + [19/41 + ts2/41 :- drcoo- 2 (mod 7).
We now use this formula to compute the day of the week of the first day of
each month of year l{. To do this, we have to use the number of days of the
week that the first of the month of a particular month is shifted from the first
of the month of the preceding month. The months with 30 days shift the first
of the following month up 2 days, because30 : 2 (mod 7), and thosewith 31
4 .2 Th e P er pet ual C a l e n d a r 137
: 3 (mod 7) '
days shift the first of the following month up 3 days, because31
Therefore, we must add the following amounts:
We need a formula that gives us the same increments. Notice that we have
1l incrementstotaling 29 days, so that each increment averages2.6 days. By
inspection, we find that the function lZ.6m - 0.21- 2 has exactly the same
increments as rn goes from I to I l, and is zero when m : l. Hence, the day
of the week of the first day of month m of year N is given by by the least
positiveresidueof dy + [2.6m - 0.21 - 2 modulo 7.
We can use this formula to find the day of the week of any date of any year
in the Gregorian calendar.
4.2 Problems
l. Find the day of the week of the day you were born, and of your birthday this
Year.
138 Applicationsof Congruences
2. Find the day of the week of the following important dates in U. S. history (use
the Julian calendar before 1752, and the Gregorian calendar from I 7 52 to the
present)
3' To correct the small discrepancy between the number of days in a year of the
Gregorian calendar and an actual year, it has been suggestedthat the years
exactly divisible by 4000 should not be leap years. Adjust the formula for the
day of the week of a given date to take this correction into account.
4. Which of your birthdays, until your one hundredth, fall on the same dav of the
week as the day you were born?
5. Show that days with the same calendar date in two different years of the same
century, 28, 56, or 84 years apart, fall on the identical day of the week.
6. A new calendar called the International Fixed Calendar has been proposed. In
this calendar, there are 13 months, including all our present months, plus a new
month, called So/, which is placed between June and July. Each month has 28
days, except for the June of leap years which has an extra day (leap years are
determined the same way as in the Gregorian calendar). There is an extra day,
Year End Day, which is not in any month, which we may consider as December
29. Devise a perpetual calendar for the International Fixed Calendar to give day
of the week for any calendar date.
3. To print out a calendar for the International Fixed Calendar (See problem 6).
4.3 Round-RobinTournaments 139
4.3 Round-RobinTournaments
Congruences can be used to schedule round-robin tournaments. In this
section, we show how to schedulea tournament for I/ different teams, so that
each team plays every other team exactly once. The method we describe was
developedby Freund t65].
First note that if N is odd. not all teams can be scheduled in each round,
since when teams are paired, the total number of teams playing is even. So, if
N is odd, we add a dummy team, and if a team is paired with the dummy
team during a particular round, it draws a bye in that round and does not
play. Hence, we can assume that we always have an even number of teams,
with the addition of a dummy team if necessary.
We must now show that each team plays every other team exactly once.
We consider the first tr/-l teams. Note that team i, where I < t <,Af-l,
plays team l/ in round k where 2i : k (mod lf-l), and this happensexactly
once. In the other rounds, team i does not play the same team twice, for if
team i played team 7 in both rounds k and k', then i + j = k (mod l/-l),
and i + j = k' (mod N-l) which is an obvious contradiction because
k # k'(mod N-l). Hence, since each of the first lf-l teams plays .Af-l
games, and does not play any team more than once, it plays every team
exactly once. Also, team I{ plays N-l games, and since every other team
plays team N exactly once, team N plays every other team exactly once.
Team
I 2 3 4 5
Round
I 5 4 bye 2 I
2 bye 5 4 3 2
3 2 I 5 bye 3
4 3 bye I 5 4
5 4 3 2 I bye
4.3 Problems
a) 7 teams c) 9 reams
b) 8 teams d) 10 teams.
where 0 < ft(k) < m,so that h(k) is the least positiveresidueof k modulo
m. We wish to pick n intelligently, so that the files are distributed in a
reasonableway throughout the z different memory locations0, 1,2,..., m-|.
The first thing to keep in mind is that z should not be a power of the base
b which is used to representthe keys. For instance,when using social security
numbers as keys, ra should not be a power of 10, such as 103, becausethe
value of the hashing function would simply be the last several digits of the
k"y; this may not distribute the keys uniformly throughout the memory
locations. For instance, the last three digits of early issued social security
numbers may often be between 000 and 099, but seldom between 900 and
ggg. Likewise, it is unwise to use a number dividing 6t * a where k and a
are small integers for the modulus rn. In such a case, h (k) would depend too
strongly on the particular digits of the key, and different keys with similar, but
rearranged, digits may be sent to the same memory location, For instance, if
m : l l l , t h e n , s i n c el l l | ( t O 3- l ) : 9 9 9 , w e h a v e 1 0 3= 1 ( m o d 1 1 1 ) , s o
that the social security numbers 064212 848 and 064 848 212 are sent to the
same memory location, since
142 Applicationsof Congruences
h@64 2r2 S4$ = 064 2r2 848= 064 + 2r2+ 848 = ll24 : 14 (mod111),
and
= 0 6 48 4 82 r 2 : 0 6 4 + 8 4 8+ 2 r 2 = r r 2 4 : 1 4( m o dl l l ) .
h(0648482rD
We have avoided mentioning the problem that arises when the hashing
function assignsthe same memory location to two different files. When this
occurs, we say the there is a collision. We need a method to resolvecollisions,
so that files are assignedto different memory locations. There are two kinds
of collision resolution policies. In the first kind, when a collision occurs. extra
memory locations are linked together to the first memory location. When one
wishes to accessa file where this collision resolution policy has been used, it is
necessaryto first evaluate the hashing function for the particular key involved.
Then the list linked to this memory location is searched.
h j ( k ) = h ( k ) * 7 ( m o d m ) , 0 ( f t ;( k ) < m .
This placesthe file with key ft as near as possiblepast location h &). Note
that with this choice of h1(k), all memory locationsare checked,so if there is
an open location, it will be found. Unfortunately, this simple choice of h1(k)
leads to difficulties; files tend to cluster. We see that if kt * k2 and
hi(k): h1(k) for nonnegative i n t e g e r si a n d 7 , t h e n h ; q , ( k ) : hi+1,(k2)
for k : 1,2,3,...,so that exactly the same sequenceof locationsare traced out
once there is a collision. This lowers the efficiencyof the search for files in the
table. We would like to avoid this problem of clustering, so we choose the
function h1(k) in a different way.
4.4 ComputerFile Storageand HashingFunctions 143
with 0 < ft (/c) < m, where m is prime, as the hashing function. We take a
secondhashing function
g(k): k + I ( m o dm - 2 ) ,
Example. In our example using social security numbers, both m : 4969, and
m-2 : 4967 are prime. Our probing sequenceis
h j (k ) - h (k ) + i s (k ) (mo d 4e6e),
Supposewe wish to assign memory locations to files for students with social
securitv numbers:
k t : 3 4 44 0 16 5 9 k6 : 3 J 25 0 0 1 9 1
k z : 3 2 5 5 1 07 7 8 k7 : 0 3 43 6 79 8 0
kt:2t2 228844 ks : 546332 t90
kq: 329938 t57 ks : 509 496993
k s : 0 4 7 9 0 0l 5 l krc: 1 3 24 8 99 7 3 .
b e c a u s el o c a t i o n5 7 8 i s o c c u p i e dw
, e c o m p u t eh 1 ( k q ) + s & ) : 5 7 g + 2002
: 2580 (mod 4969), where
S(k) : I * ks = 2002 (mod 4g6D. Hence, we
assign the ninth file to the free location 2580. Finally, we find that kro E
1 5 26 ( m od 4967 ),b u t l o c a ti o n1 5 2 6 i s ta k e n . w e computehr (krd = h(Lrc)
+ g ( k , o ) : 1 5 2 6+ 2 1 6 : 1 7 4 2 ( m o d 4 9 6 r , b e c a u s e
S : ( / c r o :)' k r c : 216
(mod 4967), but location 1742 is taken. Hence, we continue
by finding
h2(krc)_ h(krc) + 2g(kd: l 9 5 g ( m o d 4 9 6 q i )a n d i n t h i s a v a i l a b l e
location,we place the tenth file.
Table 4.1 lists the assignmentsfor the files of students by their social
security numbers. [n the table, the file locationsare shown in boldface.
Social Security
h1(k) h2(k)
Number
a nd
(4. 2) hi+t(k1): hi+r(k),
and
h(k)+(t+l)g(kr) = h&) + (j + r)g(k) ( m o dz ) .
so that
kr = kz (modm-2)'
Since S(k) : g(k), we can substitutethis into the first congruenceto obtain
h(k) : h ( k z ) ( m o d r n) ,
which showsthat
k r = k 2 ( m o dm ) .
Therefore, the only way that two probing sequencescan agree for two
consecutiveterms is if the two keys involved,k1 and k2,lre congruentmodulo
m(m-Z). Hence, clustering is extremely rare. Indeed, rf m(m-z) > k for
all keys k, clusteringwill never occur.
4.4 Problems
l. A parking lot has l0l parking places. A total of 500 parking stickers are sold
and only 50-75 vehicles are expected to be parked at a time. Set up a hashing
function and collision resolution policy for assigning parking places based on
licenseplates displaying six-digit numbers.
2. Assign memory locations for students in your class, using as keys the day of the
month of birthdays of students with hashing function hG) = K (mod l9),
3. Let the hashing function be ft(rK) = K(mod rn ), with 0 < ft(f) < m, andlet
the probing sequencefor collision resolution be lr; (f ) = h K) + jq (mod m) ,
0 ( f t ; ( f ) < m , f o r j : 1 , 2 , . . . , m - 1 . S h o w t h a t a l l m e m o r y l o c a t i o n sa r e
146 A ppl i cati ons of C ongruences
probed
b) Determine conditions for clustering to occur, i.e., when hj(K) : h1(K) and
hi*,(K) : hi+,(K) for r : I,2,...
5. Using the hashing function and probing sequenceof the example in the text, find
open memory locations for the files of students with social security numbers:
krr: 137612044,k1 : 25 0 5 5 7 6 4 5 2 ,k n : 1 5 7 1 7 0 9 9 6k, r o : 1 3 1 2 2 0 4 1 8 . ( e a a
these to the ten files already stored.)
Write programs to assign memory locations to student files, using the hashing
function h(k) = ft(modl02l), 0 < l,(k) < l}2l, where the keys the social
security numbers of students. "r.
2. Using hj(D = h ( k ) * 7 ( m o d l 0 2 l ) , - / : 0 , 1 , 2 , . . . a s t h e p r o b i n gs e q u e n c e .
The first proof of Wilson's Theorem was given by the French mathematician
Joseph Lagrange in 1770. The mathematician after whom the theorem is
named, John Wilson, conjectured, but did not prove it. Before proving
Wilson's theorem,we use an exampleto illustrate the idea behind the proof.
2.3 Q-).Q-D = r ( m o dp ) .
a'2a : l'2 ( p - r ) ( m o dp ) .
Q-I)a
Therefore,
aP-t(p-l)! : (p-l)! (modp) .
a P-t = I (mo d p ). tr
Example. We can find the least positive residue of 3201modulo I I with the
h e lp of F er m at ' s l i ttl e th e o re m . W e k n o w th at 310: I (mod l l ). H ence.
3 2 o r: ( 3 r o ) 2 03. = 3 ( m o d l l ) .
Hence,
5.1 Problems
2. Using Fermat's little theorem, find the least positive residue oP 2toooooo
modulo
t1.
5 .1 W ils on' s T heore m a n d F e rma t' s L i ttl e T h e o rem 151
?, S h o w t h a t 3 1 s: I (mod I l2).
4 . Using Fermat's little theorem,find the last digit of the base7 expansionof 3r00.
5 . Using Fermat's little theorem,find the solutionsof the linear congruences
a) 7x = 12 (mod 17) b) 4x=ll(modl9).
6. S h o w t h a t i f n i s a c o m p o s i t ei n t e g e r w i t h n * 4 , t h e n h - \ ) t = O ( m o d n ) .
7 . S h o w t h a t i f p i s a n o d d p r i m e ,t h e n 2 Q - 3 ) ! : -l (modp).
1 0 . S h o w t h a t i f p a n d q a r e d i s t i n c tp r i m e s ,t h e n p e - t * q P - r : I (modpq).
I l. Show that p is prime and a and b are integerssuch that ap = bP (mod p), then
aP = bP (modp2).
14. a) Let p be prime and supposethat r is a positive integer less then p such that
( - l ) ' r ! _ - l ( m o dp ) . S h o wt h a t Q - r * l ) ! : - l ( m o dp ) .
b ) U s i n g p a r t ( a ) , s h o wt h a t 6 l ! = 6 3 ! = - l (mod 71).
15. Using Wilson's theorem,show that if p is a prime and p = I (mod 4), then the
- -l (mod
congruence x2 p) has two incongruent solutions given by
x E t l(p-)/zll (modp).
1 7 . S h o w t h a t i f p i s p r i m e a n d a i s a n i n t e g e r t, h e n p l l a p + Q-l)! al.
19. Show that the pair of positiveintegersn and n * 2 are twin primes if and only if
4 l ( n - l ) l + t l + n = 0 ( m o d n ( n * 2 ) ) , w h e r en I l .
2 0 . S h o w t h a t t h e p o s i t i v e i n t e g e r s an n d n * k , w h e r e n ) k a n d k i s a n e v e n
positive integer, are both prime if and only if (k!)'z[(n-t)t + t]
+ n ( k ! - l ) ( k - l ) ! = 0 ( m o dn ( n + k ) ) .
lzo)
2 1 . S h o w t h a t i f p i s p r i m e ,t h e n l l | = 2 ( m o d p ) .
lp )
( a + b ) p = a p * 6 z ( m o dp ) .
24. A deck of cards is shuffied by cutting the deck into two piles of 26 cards. Then,
the new deck is formed by alternating cards from the two piles, starting with the
bottom pile.
a) Show that if a card begins in the cth position in the deck, it will be in the
Dth positionin the new deck where b = 2c (mod 53) and I < 6 <52.
b) Determine the number of shuffies of the type described above that are
needed to return the deck of cards to its original order.
25. Let p be prime and let a be a positive integer not divisibleby p. We define the
Fermat quotient qob) by qp(a): (ap-t-l)/p. Show that if a and, b are
positive integers not divisible by the prime p, then
q G b ) : e r ( a ) + q o $ ) ( m o dp ) .
26. Let p be prime and let a1,a2,...,ap
and b ,,b2,...,b,be completesystemsof residues
modulo p Show that a1bya2b2,...,aobois not a complete system of residues
modulo p.
l. Find all Wilson primes less than 10000. A Wilson prime is a prime p for which
( p - l ) ! : - l ( m o dp 2 ) .
2. Find the primesp lessthan 10000 for which Zp-t = I (mod p2).
5.2 Pseudoprimes
Fermat's little theorem tells us that if n is prime and b is any integer, then
bn = b (mod n). Consequently, if we can find an integer b such that
b' + b (mod n ), then we know that n is composite.
-__ = g
263:2eo.2t : (26)ro.23:64to23 23 + 2 (mod 63).
Exa m ple. T he inte g e rs 3 4 1 : I l ' 3 1 , 5 6 1 : 3 ' l 1' 17 and 645 : 3' 5' 43 are
pseudoprimesto the base 2, since it is easily verified that 2340: I (mod 341),
--
256o I (mod 561). and 26aa= I (mod 645).
If there are relatively few pseudoprimesto the base b, then checking to see
whether the congruence b' = D (mod n) holds is an effective test; only a
small fraction of composite numbers pass this test. In fact, the pseudoprimes
to the base b have been shown to be much rarer than prime numbers. In
particular, there are 455052512 primes, but only 14884 pseudoprimesto the
base 2, less than 1010. Although pseudoprimesto any given base are rare,
there are, nevertheless,infinitely many pseudoprimesto any given base. We
will prove this for the base 2. The following lemma is useful in the proof.
Lemma 5.1. lf d and n are positive integers such that d divides rz, then
2d - 1 divides 2n - l.
7 3 : 3 4 3 = 2 ( m o d3 4 1 )
and
we have
7 3 a 0- 0 3 ) t t 3 l = 2 t 1 3 7: ( 2 1 0 ) 1 t . 2 3 . 7
: 8.7 = 56 # I (mod 341).
E x a m p l e . T h e i n t e g e r 5 6 1 : 3 ' 1 1 ' 1 7 i s a C a r m i c h a e ln u m b e r . T o s e e t h i s ,
n o t e t h a t i f ( b , 5 6 1 ) : l , t h e n ( b , 3 ) : ( b , l l ) : ( b , 1 7 ) : l . H e n c e ,f r o m
Fermat's little theorem, we have b2 = I (mod 3), 610: I (mod I l), and
--
6 1 6 I ( m o d 1 7 ) . C o n s e q u e n t l yb,5 6 0 : ( b 2 ) 2 8 0 : I ( m o d 3 ) , b s 6 0 : ( b 1 0 ) 5 6
= I ( m o d l l ) , a n d 6 5 6 0 : ( b l 6 ) 3 5= I ( m o d l 7 ) . T h e r e f o r e ,b y T h e o r e m
3 . 1 , b 5 6 0= I ( m o d 5 6 1 ) f o r a l l b w i t h ( b , n ) : L
Theorem 5.7. There are infinitely many strong pseudoprimesto the base 2.
,A f- I : 2 n -2 : 2 (2 n -r-l ) : Ztnk;
b e c a u s 2e n : ( z n - t ) + t:I{* I = I ( m o d , n { ) .T h i s d e m o n s t r a t e s t h a t N
passesMiller's test.
In the proof of Theorem 5.4, we showed that if n is composite, then
N : 2'-l also is composite. Hence, N passes Miller's Test and is
composite, so that N is a strong pseudoprime to the base 2. Since every
pseudoprimen to the base 2 yields a strong pseudoprime2n-1 to the base 2
and since there are infinitely many pseudoprimesto the base 2, we conclude
that there are infinitely many strong pseudoprimesto the base 2. tr
The following observationsare useful in combination with Miller's test for
checking the primality of relatively small integers. The smallest odd strong
pseudoprimeto the base 2 is 2047, so that if n 1 2047, r is odd, and n passes
Miller's test to the base 2, then n is prime. Likewise, 1373653is the smallest
158 S ome S peci al C ongruences
odd strong pseudoprimeto both the bases2 and 3, giving us a primality test
for integers less than 1373653. The smallest odd strong pseudoprimeto the
bases2,3, and 5 is 25326001,and the smallestodd strong pseudoprimeto all
t h e b a s e s2 , 3 , 5 , a n d 7 i s 3 2 1 5 0 3 1 7 5 1 .A l s o , l e s st h a n 2 5 . 1 0 e t, h e o n l y o d d
i n t e g e rw h i c h i s a p s e u d o p r i m teo a l l t h e b a s e s2 , 3 , 5 , a n d 7 i s 3 2 5 1 0 3 1 7 5 1 .
This leads us to a primality test for integersless than 25.10e. An odd integer
n is pr im e if n < 2 5 ' 1 0 e ,n p a s s e sMi l l e r' s te st for the bases2,3,5, and 7,
a n dn I 3 2 1 5 0 3 1 7 5 1 .
There is no analogy of a Carmichael number for strong pseudoprimes.This
is a consequenceof the following theorem.
We prove Theorem 5.8 in Chapter 8. Note that Theorem 5.8 tells us that if
t? passesMiller's tests for more than (n-l)/4 basesless than n, then n must
be prime. However, this is a rather lengthy way, worse than performing trial
divisions,to show that a positiveinteger n is prime. Miller's test does give an
interestingand quick way of showingan integer n is "probablyprime". To see
this, take at random an integer b with I < D ( n - I (we will see how to
make this "random"choice in Chapter 8). From Theorem 5.8, we seethat if n
is composite the probability that r? passesMiller's test for the base b is less
than I/4. If we pick k different basesless than n and perform Miller's tests
for each of thesebaseswe are led to the following result.
Proof. Let b be a positive integer less than n. To perform Miller's test for
the base b on n takes O (logzn)3) bit operations,becausethis test requires
that we perform no more than log2n modular exponentiations,each using
O(logzb)2) Ult operations. Assume that the generalizedRiemann hypothesis
is true. lf n is composite,then by Conjective 5.1, there is a base 6 with
| < b < 70 (log2n)2such that n fails Miller's test for b. To discoverthis b
requires less than O(log2n)3)'O((togzn)z) : O((log2n)5) Uit operations,by
Proposition 1.7. Hence, after performing O((log2n)s) bit operations,we can
determinewhether n is compositeor prime. I
5.2 Problems
4 . Show that every odd composite integer is a pseudoprimeto both the base I and
t h e b a s e- 1 .
6 , S h o w t h a t i f n : ( a z p - - l ) / G 2 - l ) , w h e r e a i s a n i n t e g e ra, ) l , a n d p i s a n
odd prime not dividing a(a2 - l), then n is a pseudoprimeto the base a.
Conclude that there are infinitely many pseudoprimesto any base a. (Hint: To
establish that ao-t = I (mod n), show that 2p | (, - 1), and demonstrate that
a 2 P: 2 ( m o d n ) . )
13. Show that 1387 is a pseudoprime,but not a strong pseudoprimeto the base 2.
il 2 8 2 1: 7 ' 1 3 ' 3 1
b) 1 0 5 8 5: 5 . 2 9 ' 7 3
c) 29341: l 3 ' 3 7 ' 6 1
d ) 3 1 4 8 2 1: 1 3 . 6 r . 3 9 7
e) 27845: 5'17'29.113
f) 1 7 2 0 8:17 - 1 3 . 3 1 . 6 1
g) : 43.3361.3907.
564651361
1 7 . Find a Carmichaelnumberof the form7.23.qwhereg is an odd prime.
1 8 . a) S howt ha t e v e ryi n te g e o r f th e fo rm (6 m +l )(l 2m+ l )(tg,n + t), w herem i sa
pos it iv eint e g e rs u c h th a t 6 m* l ,l 2 ml l , and l 8m* l are al l pri mes,i s a
Carmichaelnumber.
5.2 Pseudoprimes 161
b) Conclude from part (a) th a t 1 7 2 9- 7 ' 1 3 ' 9 l , 2 9 4409: 37' 73' 109,55164051
. 8 9 0 1 5 2 1 2 7 1 ' 5 4 1 ' 8 1al .n d 7 2 9 4 7 5 2 -9 3 0 7 ' 6 1 3 ' 9 1a9r e
: 2 t 1 . 4 2 1 . 6 3 1I 1 :
Carmichael numbers.
19. Show that if n is a positive with n = 3 (mod 4), then Miller's test takes
O ((logzn)2) bit operations.
3. Perform a primality test for integers less than 25'l0e based on Miller's tests for
the bases2,3,5, and 7. (Use the remarks that follow Theorem 5.7.)
n 2 3 4 5 6 7 8 9 l0 il I2
6h) I 2 2 4 2 6 4 6 4 l0 4
E x a m p l e . T h e s e t 1 , 3 , 5 , 7 i s a r e d u c e dr e s i d u es y s t e mm o d u l o 8 . T h e s e t
- 3 , - 1 , l , 3 i s a l s os u c ha s e t .
Before we prove Euler's theorem, we illustrate the idea behind the proof
w i th an ex am ple.
5 .3 Euler ' s T heor em 163
8) : l , w e c o n c l u d eth a t
3 + _ 3 d (a ): I (m o d g ) .
We now use the ideas illustrated by this exampleto prove Euler's theorem.
Proof. Let rr,rZ, ..., ro(^) denote the reduced residuesystem made up of the
positiveintegersnot exceedingm that are relatively prime to m. By Theorem
5 . 9 , s i n c e ( a , m ) : l , t h e s e t Q t 1 ,a t y , . . . , a r 6 ( m ) i s a l s o a r e d u c e dr e s i d u e
syste m m odulo lz . H e n c e , th e l e a s t p o s i ti v e re si duesof ar1, Qr2,...,or6(m)
mu st be t he int ege rs 1 1 ,1 2 ,..., r6 (m ) i n s o me o rder. C onsequentl y,i f w e
multiply togetherall terms in each of thesereducedresiduesystems,we obtain
ar pr 2 aryfu't -- r| rz 16(^) (mod la) .
Thus,
a 6 ( ^ )r { z ' r 6 ( m )j r(z r o(m) (mod z ) .
o o (m)-to * - : q Q ( m ) - t b( m o d m ) .
5.3 Problems
l. Find a reducedresiduesystemmodulo
a)6 d) t4
b)e e) 16
c) lo f) 17.
8 . Show that cd(b) I 6ab) : I (mod ab), if a and b are relatively prime positive
integers.
il 5x = 3 (mod 14)
b) 4x = 7 (mod 15)
c) 3x = 5 (mod 16).
1 0 . Show that the solutions to the simultaneoussystem of congruences
5 .3 E uler ' s T heor e m 165
x i ar (mod rn r)
* o, (mod mz)
=
x ? a, (mod m),
1 2 . F i n d @ ( n ) f o r t h e i n t e g e r sn w i t h 1 3 ( n < 2 0 .
13. a) Show every positive integer relatively prime to l0 divides infinitely many
repunits (see problem 5 of Section 4.1). (Hint: Note that the n -digit repunit
lil ... ll : (to'-t)/q.)
166
6.1 The EulerPhi'function 167
E x a m p l e .L e t m : 4 a n d n : 9 , s o t h a t m n : 3 6 . W e l i s t t h e i n t e g e r sf r o m
I to 36 in a rectangularchart, as shownin Figure 6.1.
168 MultiplicativeFunctions
OOe@@2,@@33
l0 t4 18 22 34
,O@,5@@27@@
t2 l6 20 24 28 32 36
Figure6.1.
Neither the second nor fourth row contains integers relatively prime to 36,
since each element in these rows is not relatively prime to 4, and hence not
relatively prime to 36, We enclosethe other two rows; each element of these
rows is relatively prime to 4. Within each of theserows, there arc 6 integers
relatively prime to 9. We circle these; they are the 12 integers in the list
relativelyprime to 36. HenceOGO : 2.6 - OU)O(il.
We now state and prove the theorem that showsthat @is multiplicative.
2m 3m
Consequently,to find those integers in the display that are relatively prime
to mn, we need to look at the rth row only if (m,r) : l. If fuI) :1 and
I ( r ( m, we must determinehow many integersin this row are relatively
prime to mn. The elements in this row are r , m * r ,
2m * r,..., h-l)m * r. Since (r,m) : l, each of these integers is
relatively prime to m. By Theorem 3.4, the n integersin the rth row form a
completesystemof residuesmodulo r. Hence, exactly Qh) of these integers
are relatively prime to n. Since these d(n) integersare also relatively prime
to m, they are relativelyprime to mn.
Since there are S(m) rows, each containing d(n) integersrelatively prime
to mn, we can concludethal Q(mn) : O(m)efu). tr
CombiningTheorems6.3 and 6.4, we derive the following formula for 0Q).
Proof. Since @is multiplicative, Theorem 6.1 tells us that if the prime-power
factorization of n is n : pl,pl, pf,,, th"n
forT : 1,2,...,k.Hence,
: o(22s2):
d(roo) loo(l- - :
il(l +) 4o.
and
0020: o(2432s)
: t2oe- - - l.
ilrr |l tr =)-192.
)
We now introduce a type of summation notation which is usefulin working
with multiplicativefunctions.
2,f (d)
dln
For instance.
> d 2 : 1 2+ 2 2 + 3 2 + 4 2 + 6 2 + 1 2 2
dlt2
:l* 4+g+16+36+ 144:ZlO.
The following result, which states that n is the sum of the values of the
phi-functionat all the positivedivisorsof n, will also be useful in the sequel.
2A@l:n'
dln
Proof. We split the set of integersfrom I to n into classes. Put the integer m
into the classCa if the greatestcommondivisor of m and n is d. We seethat
m is in C4, i. e . (m ,n ) : d ,i f a n d o n l y i f fu /d ,n/d) : l . H ence,the number
of integersin Ca is the number of positiveintegersnot exceedingn/d that are
relatively prime to the integer n/d. From this observation,we see that there
6.1 The Euler Phi'function 171
are gh/d) integersin C1. Since we divided the integers I to n into disjoint
classesand each integer is in exactly one class,n is the sum of the numbersof
elementsin the different classes.Consequently,we seethat
n : > Qhld)
dln
n:>0fu1d)-DfU)
dln dl,
c 1 : { 1 ,5 , 7 , l l , 1 3 ,1 7 } C 6 : { 6 ,1 2 }
c 2 : { 2 , 4 ,8 , 1 0 ,1 4 ,1 6 } C g : { g }
C 3 : { 3 ,1 5 } C r r : { t g }.
6.1 Problems
l. Find the value of the Euler phi-function for each of the following integers
a) 100 d) 2.3.5.7'rr.13
b) 2s6 e) lo!
c) l00l f) 20t .
ill d)6
b)2 e) 14
c)3 f) 24.
172 Multiplicative Functions
a) odd
b) divisible by 4
c) equal to n/2 ?
fa@ if n is odd
QQn): if n is even.
lrrh)
5' Show that if z is a
.positive integer having k distinct odd prime divisors, then
d(n) is divisibleby 2k.
6. For which positive integers n is Qh) a power of 2?
Qbb) : (a,b)6G)O$)lOKa,il)
.
14. Two arithmetic functions/ and I may be multiplied using the Dirichlet product
which is defined bv
V*s)(n): 2f @)shlil .
|,r if n: l
,{n): i fn ) l ,
lo
then rf - f*t : f for all arithmetic functions/.
6.1 The Euler Phi-function 173
1 5 . Show that if f and g arc multiplicative functions, then the Dirichlet product /*g
is also multiplicative.
t if n - I
It
l(-t)' if z is square-freewith primefactorization
p.\n):1 n:prpz...ps
I
is multiplicative.
F ( n ): > f @ ),
' dln
then
f h):2p@)Fhld).
dln
1 9 . Use the Mobius inversion formula to show that if f is an arithmetic function and
F is the arithmetic function defined by
F ( n ): > f @ ),
dln
then if F is multiplicative,so is /.
20. Usingthe Mobius inversionformulaand the fact that n - > 0h /il , provethat
b) d(n ) is multiplicative.
21. Show that the function f (n):ne is completely multiplicative for every real
number k.
b) Show that if <^r(n)is the function that denotesthe number of distinct prime
factors of n, then <^ris additive, but not completely additive.
n I 2 3 4 5 6 7 8 9 r0 ll t2
oQ) I
a
J 4 7 6 t2 8 l 5 l 3 1 8 t2 2 8
n I 2 3 4 5 6 7 8 9 10 ll t2
rh) I 2 2 3 2 4 2 4 3 4 2 6
oh):Dd
dln
and
,(n):>1.
dln
Beforewe prove the theorem,we illustrate the idea behind its proof with the
following example. Let "f be a multiplicative function, and let
Ffu)
dln
176 MultiplicativeFunctions
F ( 6 0:) f ( r ) + / o + f $ ) + f ( q ) + f $ ) + f 6 ) + / ( 1 0 )+ f 0 2 )
+ f (rs)+/(zo) + f Q0 +/(60)
: . f ( r ' 1 )+ f Q . D+ f 0 . 3 )+ f u . D + f 0 . 5 )+ o . 3 )
f
+ f Q . i l + f ( 4 . , + f ( r . l s ) + f ( 4 . i l + f Q . l 5 )+ f Q . r s )
:f (t)f(l) + f Q)f(r) + f (l)7(:)+ f @)f(r)+ (fDj6)
f
+f Q)f(r)+ f Ql|(s) + f (Df(g)+ f ol7(rs)+ f @f 6)
+ f Q)f (rs)+ f Q)f 0s)
: ( / ( t ) + f Q ) + 7 Q ) ) ( / ( r l+ f G ) + f $ ) + / ( l s ) )
: F(4)F(rS).
F (mn) : u) '
02,^n"f
F (m n ) : 2 f Q)f @z)
drln
drln
2fQ)ZfVz)
drl^ drl,
Ffu)Ffu).tr
Now that we know o and r are multiplicative, we can derive formulae for
their values based on prime factorizations. First, we find formulae for o(r)
and rh) when n is the power of a prime.
and
r(po):a*1.
po has
Proof. The divisors of po are l, p, p' ,...,po-t, po. Consequently,
e xa ctl y a*l div is o rs , so that r(po) : a * l. Also, we note that
p!'*'-l : pl'*'-l
o(n):ry p Pz-l
l'*'-l
Pt-r P,-l
i
j -r P i -l
178 MultiplicativeFunctions
: r!-,,
o(200): o(2352) g : 15.31
: 465
2-t 5-l
and
r(2 o o ) : (3 + t ) Q+ D : 12.
" (2 3 5 2 ):
Also
and
r ( 2 4 . 3 2 . i l(:4 + l ) ( z + t ) ( t + t:) 3 o.
6.2 Problems
l. Find the sumof the positiveintegerdivisorsof
a) 35 e) 2'3'5'7'll
b) te6 f) 2s345372t1
c) looo g) lo!
d) 2r0o h) 201.
il 36 d) 2.3.s.7.11.13.17.19
b) 99 e) 2i2.s3.74.115.134.17s.19s
c) r44 f) 20t.
a) 12 d) 48
b) l8 e) 52
c) 24 f) 84
a)l d)6
b)2 dt4
c) 3 f) 100.
10. Let o1,h) denote the sum of the kth powers of the divisors of n, so that
o1,h) : 2 dk. Note that o1h) : sfu).
dln
e) Using parts (c) and (d), find a formula for o;(n), where n has prime-power
factorizationn : pi'pi' . . . p:;.
12. Show that no two positive integers have the same product of divisors.
13. Show that the number of pairs of positiveintegerswith least common multiple
equal to the positive integer n is r(nz).
15. Show that a positiveinteger n is compositeif and only if o(n) > n + ,/i.
180 MultiplicativeFunctions
E x a m p l e . S i n c eo ( 6 ) : l + 2 + 3 + 6 : 1 2 , w e s e et h a t 6 i s p e r f e c t . w e
a l s on o t et h a t o ( 2 8 ) : 1 + 2 + 4 + 7 +14*28:56. sothat28 is another
perfect number.
The ancient Greeks knew how to find all even perfect numbers. The
following theorem tells us which even positive integersare perfect.
n :2m-r(2^-l)
o (n ) - o (2 ^ -t)o (2 ^-l ) .
L e m m a 6 . 1 t e l l su s t h a t o ( 2 ^ - r ) : 2 ^ - l and o(2^-l):2^, s i n c ew e a r e
assumingthat 2m-l is prime. Consequently,
6.3 PerfectNumbersand MersennePrimes 181
G'D o (n ) : 2 n : 2 s + r1
and, therefore,
(6.4) (2'+t-l)q : 1.
Hence,q I t and q # t.
When we replace / by the expressionon the left-hand side of (6.4), we find
that
(6.5) t +q: ( 2 s + t - t ) q+ q : 2 ' + r q : o Q ) .
We will show that q : 1. Note that if q * l, then there are at least three
distinct positive divisors of t , namely 1, q, and t . This implies that
oQ) 2 t + q -| 1, which contradicts(6.5). Hence,4: I and, from (6.4), we
concludethat / :2s+l-1. Also, from (6.5), we seethat oQ): t + l, so that
t must be prime, since its only positive divisors are I and t. Therefore,
n :2 t ( 2r + l- 1) , where2 s + l -1 i s p ri me . tr
From Theorem 6.9 we see that to find even perfect numbers, we must find
primes of the form 2t-1. In our searchfor primes of this form, we first show
that the exponentru must be Prime.
pnme.
Since both factors on the right side of the equationare greater than I, we see
that 2m-l is compositeif m is not prime. Therefore,if 2^-l is prime, then
nr must also be prime. tr
Exa m ple. T o dec idew h e th e rM z t:2 2 3 -r:8 3 8 8 6 0 7 i s pri me,w e onl y need
to determine whether M zt is divisible by a prime less than or equal to
ffi: 2896.309...of the form 46k + l. The first prime of this form is 47.
A trial divisionshowsthat 8388607:47'178481, so that M4is composite.
Becausethere are specialprimality tests for Mersennenumbers,it has been
possibleto determine whether extremely large Mersennenumbers are prime.
Following is one such primality test. This test has been used to find the
largest known Mersenne primes, which are the largest known primes. The
proof of this test may be found in Lenstra [7t] and Sierpifiski[351.
2 I anclenttrmes
I 3 I ancienttimes
2 5 2 ancienttimes
2 7 3 ancienttimes
6 l3 4 Mid 15thcentury
+ I1 6 1603
2 t9 6 1603
1'2 3 l 10 1772
9a
'zz 68 9l 19
27
18 8 3
I l91l
ig 107 33 l9l4
zf)
)q
q + t27 39 t876
52r 157 t952
8 t ) 607 I 183 t952
(, 72 r279 386 1952
? 2^ lh 2203 664 1956
-7s
2281 687 1952
3 b 32r7 969 t957
4253 1281 1961
4423
L t332 1961
5z Lbb 9689 29r7 I 963
994r 2993 I 963
I 1213 3376 1963
r9937 6002 t97|
2r701 6533 I 978
23209 6987 r979
44497 I 3395 1979
86243 25962 1983
r32049 3975I I983
9l 5050 f9t
Table 6. re Known Mersenne Primes.
6.3 PerfectNumbersand MersennePrimes 185
Computers were used to find the 17 largest Mersenne primes known. The
discovery by high school students of the 25th and 26th Mersenne prime
received much publicity, including coverageon the nightly news of a major
television network. An interesting account of the search for the 27th
Mersenne prime and related historical and computational information may be
found in [77]. A report of the discoveryof the 28th Mersenne prime is given
in [64]. It has been conjectured but has not been proved, that there are
infinitely many Mersenneprimes.
We have reduced the study of even perfect numbers to the study of
Mersenne primes. We may ask whether there are odd perfect numbers. The
answer is still unknown. It is possibleto demonstratethat if they exist, odd
perfect numbers must have certain properties (see problems 1l-14, for
example). Furthermore, it is known that there are no odd perfect numbers
less than 10200,and it has been shown that any odd perfect number must have
at least eight different prime factors. A discussionof odd perfect numbers
may be found in Guy [17], and information concerningrecent results about
odd perfect numbersis given by Hagis [681.
6.3 Problems
2 . Show that if n is a positive integer greater than l, then the Mersenne number
Mn cannot be the power of a positive integer.
a) 220,294
b) 1 1 8 4l ,2 1 0
c) 7975A,98730.
c) - 27.34.5.7.n2.17.19
Show that 14182439040 is 5-perfect.
d) Find all 3-perfectnumbersof the form n -2k.3.p, where p is an odd
prime.
a) M7 c) Mn
b) Mn d) Mzs.
9' Use the Lucas-Lehmer test to determine whether the following Mersenne
numbersare prime
a) M3 c) Mn
b) M7. d Mn.
11.
a) Show that if n is an odd perfect number, then n : po m2 wherep is an odd
p r i m e a n d p7 a z I (mod4).
13. that if n is an odd perfect number, then 3, 5, and 7 are not all divisors of
:**
1 5 . Find all positive integers n such that the product of all divisors of n other than n
is exactly n 2. (These integers are multiplicative analoguesof perfect numbers.)
recursively by
1 6 . Let n be a positive integer. Define the sequenca fl1,tt2,rt3,...,
n 1 : o ( n ) - n a n df l k + r : o Q ) - np fot k - 1,2,3,...
b) Show that if n and m are an amicablepair, then n1 : ftt, ttz- tt, tt3: t/t,
is periodicwith period 2.
n4: n,... and so on, f.e.,the sequencefl1,tt2,t13,...
c) of integersgeneratedif n :12496:24'll'71.
Find the sequence
6.3 ComputerProjects
Write programsto do the following:
l. Classifypositiveintegersaccordingto whether they are deficient, perfect, or
abundant(seeproblem3).
2. Use Theorem6.ll to look for factorsof Mersennenumbers.
3. Determine whether Mersenne numbers are prime using the Lucas-Lehmer test.
5. Find amicablepairs.
Cryptology
7.1 CharacterCiphers
From ancient times to the present, secret messages have been sent.
Classically, the need for secret communication has occurred in diplomacy and
in military affairs. Now, with electronic communication coming into
widespread use, secrecy has become an important issue. Just recently, with
the advent of electronic banking, secrecy has become necessary even for
financial transactions. Hence, there is a great deal of interest in the
techniquesof making messagesunintelligible to everyoneexcept the intended
receiver.
188
7.1 Character Ciphers 189
letter A B C D E F G H I J K L M N o P a R S T I I
V w X Y Z
numerical
0 I 2 3 4 5 6 7 8 9 l 0 l l t 2 l 3 t 4 l 5 l 6 t 7 l 8 l 9 20 2 l 22 23 24 25
equivalent
C:P+3(mod26), 0<C<25.
The correspondencebetweenplaintext and ciphertext is given in Table 7.2.
190 Cryptology
A B c D E F G H I J K L M N o P a R S T U V w X Y Z
plaintext 0 I 2 3 4 5 6 8 9 l 0 l l t 2 l 3 l 4 l 5 l 6 t 7 l 8 t 9 20 21 22 23 24 25
3 4 5 6 7 8 9 l 0 l l t 2 l 3 t 4 l 5 l 6 t 7 1 8 l 9 20 2 l 22 23 24 25 0 I 2
ciphertextD E F G H I J K L M N o P R S T U V w X Y z A B c
a
-
Using the Caesar transformation Q P*3 (mod 26), this becomes
22 l0 11 2t 15 721 2t 3 9 7 11 21 22 17
18 2t 7 620722
22|0ll2ll121l0|725257675||1810720.
By combining the appropriate letters into words, we find that the message
reads
C:P+k (mod26),0<C<25,
where k is the key representingthe size of the shift of letters in the alphabet.
There are 26 different transformations of this type, including the case of
k = 0 (mod 26), where letters are not altered, since in this case
-
C P (mod 26).
A B C D E F G H I J K L M N o P a R S T U V w X Y Z
plaintext
0 2 3 4 5 6 I 8 9 l 0 l l t 2 l 3 1 4 1 5 l 6 t 7 l 8 l 9 20 2 l 22 23 24 25
r0 t 7 24 5 t2 l 9 0 7 T4 2 l 2 9 l 6 23 4 l l l 8 25 6 l 3 20 8 l 5 22 3
ciphertext
K R Y F M T A H o V c J a X E L S z G N v B I P w D
Tabfe7.3. TheCorrespondence
of Lettersfor theCipherwith C = 7p+10 (mod 26).
is transformedto
corresponds
to the plaintext
or combiningthe appropriateletters
193
7.1 GharacterCiPhers
of
We now discusssome of the techniquesdirected at the cryptanalysis
to break a
ciphers based on affine transformations. In attempting
is compared
monographiccipher, the frequencyof letters in the ciphertext
letters i; ordinary text. This gives information
with the frequency of
between letters. In various frequency countsof
concerningthe .orr"rpondence
Englishtext, one findi the percentageslisted in Table 7.4 fot the occurrenceof
languages
tne Ze lettersof the alphabet. Countsof letter frequenciesin other
may be foundin [48] and [52].
letter A B c D E F G H I J K L M N o P a R S T U V w X Y z
frequency
7 I 3 4 l3 3 2 3 8 <l <l 4 3 8
'l
3 <l 8 6 9 3 I <1 z <l
(in Vo)
are
From this information, we see that the most frequentlyoccurring letters
E,T,N,O, and A, in that order. We can use this information to determine
which cipher basedon an affine transformationhas been used to enciphera
message.
First, supposethat we know in advance that a shift cipher has been
employed io encipher a message;each letter- of the messagehas been
- P+k (mod 26),0 < C < 25. To
transformed by ; C
correspondence
cryptanalyze the ciPhertext
letter A B C D E F G H I J K L M N o P aR S T U V w X Y Z
number of
I 0 4 5 I 3 0 0 0 0 I 0 2 2
occurrences
a
J 0 0 I I 3 2
A B C D E F G H o
I J K L M N P a R S T U V w X Y Z
ciphertext
0 I 2 3 4 ) 6 7 8 9 l 0 l l l 2 l 3 t 4 l 5 l 6 1 1 l 8 t 9 20 21 22 23 24 25
l 5 l 6 t 7 l 8 l 9 20 2 l 22 23 24 25 0 I 2 3 4 5 6 I 8 9 l 0 il t2 l 3 t 4
plaintext
P a R S T U V w Z Y z A B C D E F G H J K L M N o
the form
Now, supposewe know that an affine transformationof
for enciphering' For
C : a p+i (mod 26), 0 < C < 25, has been used
message
we wish to cryptanalyzethe enciphered
instance,suppose
The first thing to do is to count the occurrencesof each letter; this count is
displayed in Table7.7
letter A B c D E F G H I J K L M N o P a R S T U vw X Y z
number of 0 I 4 2 t2 5 8 l6 I 3 l0 2
2 2 4 4 5 3 6 0 l 0 3 22 I J
occurrences
With this information, we guessthat the letter L, which is the most frequently
occurring letter in the ciphertext, corresponds to E, while the letter U, which
occurs with the second highest frequency, correspondsto T. This implies, if
--
the transformation is of the form C aP*b (mod 26), the pair of
congruences
--
4a*b 11 (mod 26)
l9a+b : 20 (mod 26).
By Theorem 3.8, we see that the solution of this system is a E 11 (mod 26)
and b : 19 (mod 26).
If this is the correct enciphering transformation, then using the fact that 19 is
an inverse of I I modulo 26, the deciphering transformation is
p - - _19 ( C- 19 ) : t9 C -3 6 1 = 1 9 C + 3 (mod 26), 0 < P < 25.
A B C D E F G H I o
J K L M N P a R S T U V w X Y z
ciphertext
0 I 2 3 4 5 6 ,7 8 9 l 0 l l t2 l 3 t 4 l 5 l 6 t 7 r8 l9 20 21 22 23 24 25
3 22 l 5 8 I 20 l 3 6 25 l 9 l l 4 23 t6 9 2 2 l r4 0 t 9 t2 5 24 t 1 t 0
plaintext
D w P I B U N G z S L E X a J C V o H A T M P Y R K
7.1 Problems
1 . using the caesar cipher, encipher the messageATTACK AT DAWN.
2 . Decipher the ciphertext message LFDpH LVDZL FRerx HUHG that has
been enciphered using the Caesar cipher.
7 . Given two ciphers, plaintext may be enciphered by using one of the ciphers, and
by then using the other cipher. This procedure produces a product cipher '
: 5P +13
a) Find the product cipher obtained by using the transformation C
(mod 26) followed by the transformation c = l7P+3 (mod 26).
: aP+b
b) Find the product cipher obtained by using the transformation C
(mod 26) followed by the transformation C = cP*d (mod 26), where
Q,26):(c,26)*1.
8. A Vignbre cipher operates in the following way. A sequence of letters
Qr!r,...,0r, with numerical equivalents k1,k2,...,kn, servesas the key. Plaintext
messages are split into blocks of length n. To encipher a plaintext block of
letters with numerical equivalents PbPz,..., P, to obtain a ciphertext block of
letters with numerical equivalentscr,cz,...,cn, we use a sequenceof shift ciphers
with
for i : 1,2,...,n. In this problem, we use the word SECRET as the key for
a Vigndre cipher.
is split up as
199
7.2 Block Giphers
(as
Next, these letters are translated into their numerical equivalents
previouslydone) to obtain
19 7 4 6 14 11 38 l8r 20t7 84 38
13 14 17 14 13 14.
Each block of two plaintext numbers P,Pz is converted into a block of two
ciphertextnumbers C 1C2:
C r = 5 Pr + l T P z (mo d 2 6 )
C z = 4 P t + l S P z ( m o d2 6 ) .
When these blocks are translated into letters, we have the ciphertext message
GZ SC XN VC DJ ZX EO VC RC LS RC.
= (mod 26).
[;;] ;]
[: [:;]
ln general, a Hill cipher system may be obtained by splitting plaintext into
blocks of n letters, translating the letters into their numerical equivalents,and
forming ciphertext using the relationship
-
Q AP (mod20.
C1 P1
C2 P2
cn Pn
and where C1C2...C, is the ciphertext block that correspondsto the plaintext
block P1P2...Pn Finally, the ciphertext numbers are translated back to letters.
For deciphering, we use the matrix A, an inverse of A modulo 26, which may
be obtained using Proposition 3.8. Since AA : / (mod 26), we have
P : ZC (JrrlOd2f.).
[c')
Ittt
["'l
lcrl = e lP'l (mod
26).
[',1 [",J
To encipher the message STOP PAYMENT, we first split the message into
blocks of tht"" letters, adding a final dummy letter X to fill out the last block.
We have plaintext blocks
f"'l
tt_tl [.'l
lprl = 7 lrrl (mod
26)
rrll
L",J lt'j
where
202
Cryptology
6 -5 ll
Z: -l -10
?l_ l0 2l
t ,lrn
a : (mod 26).
Iz 4) 23 25
,[:]il (mod26),
fo r 7 - 1, 2 , . . . ,f l.
where P and C arc nxn matrices with ryth entries Pl; and Cii, respectively.
If (det p,26): l, then we can find the enciphering matrix A via
A = CF (mod 26),
7.2 Problems
l. Using the digraphic cipher that sends the plaintext block Pf2to the ciphertext
block CrCz with
Hill cipher with an enciphering matrix that contains only 0's and I's as entries
with the property that each row and each column contains exactly one 1.
7.3 ExponentiationCiphers
In this section, we discuss a cipher, based on modular exponentiation,that
was invented in 1978 by Pohlig and Hellman [9t1. We will see that ciphers
produced by this system are resistant to cryptanalysis.
Let p be an odd prime and let e, the enciphering key, be a positive integer
with (e,p-l) : l. To encipher a message,we first translate the letters of the
message into numerical equivalents (retaining initial zeros in the two-digit
numerical equivalentsof letters). We use the same relationship we have used
before. as shown in Table 7.9.
letter A B c D E F G H I J K L M N o P a R S T U V w X Y z
numerical
00 0r 02 03 04 05 06 0'l 08 09 l 0 l l t2 l 3 t 4 l 5 l 6 t 7 l 8 l 9 20 2 l 22 23 24 25
equivalent
For instance,to obtain the first ciphertextblock from the first plaintextblock
we compute
C : = 2199 (mod 263i.
19072e
(mod p-l)'
where de : ki-l) + l, for some integer k, since de = I
(Note that we have used Fermat's little theorem to see that
pn-t - I (modp).)
the prime
Example. To decipher the ciphertext blocks generated using
: 2633 and the enciphering key e : 29, we need an inverse of e
moduius p
j-t : 2632. An easy computation, as done in Section-3.2, shows that
modulo
: 2269 is such an inverse. To decipher the ciphertext block C in order to
d
find the corresponding plaintext block P, we use the relationship
Again, the modular exponentiationis carried out using the algorithm given in
Section3.2.
(mod p), we
For each plaintext block P that we encipher by computing P'
use only O(tog2il3) bit operations, as Proposition 3.3 demonstrates. Before
we decipher we need to find an inverse d of e modulo p-1. This can be done
using O(log il bit operations (see problem ll of Section 3.2), and, this needs
to be done only once. Then, to recover the plaintext block P from a ciphertext
block C, we simply need to compute the leait positive residueof Cd modulop;
we can do this using OKlog2p)3) bit operations. Consequently, the processos
of enciphering and deciphering using modular exponentiation can be done
rapidly.
On the other hand, cryptanalysis of messagesenciphered using modular
exponentiation generally cannot be done rapidly. To see this, suppose we
know the prime p used as the modulus, and moreover, suppose we know the
plaintext block P correspondingto a ciphertext block C, so that
0.2) C = P' ( m o dp ) .
we should mention that for primes p where p-l has only smalr prime
factors, it is possible to use special techniques to find logarithms
modulo p
using o (logzp) bit operations. Clearly, this sort of prime
should not be used
as a modulus in this cipher system. Taking a prime p :
2q * l, where q is
also prime, obviates this difficulty.
l z = a k ' ( m o dp ) , o 1 yz 1 p,
common key
We leave an explicit description of a method used to produce this
K as a problem for the reader.
by
An amusing application of exponentiation ciphers has been described
Shamir, Rivest, una eat.man [961. They show that by using exponentiation
via
ciphers, a fair game of poker may be played by two players communicating
they jointly
computers. Suppose Alex and Betty wish to play poker. First,
chooie a large pii-" p. Next, they individually choosesecret keys e1aJrd €2'
to be used as exponents in modular exponentiation. Let Er, and Er, represent
the corresponding enciphering transformations, so that
8",(M) = M" (mod p)
Er,(M) = M" (mod p),
slnce
(M")', :_ (M',)', (modp).
When Alex and Betty wish to play poker electronically, they use the
following sequenceof steps. We supposeBetty is the dealer.
210
Cryptotogy
lll. Alex selects five other enciphered messages at random. Let these
messagesbe C1, Cz, Cl, Ca, and C5, where
Cj : Err(Mi,),
D",(C;*): D",(E
",(n",(*t,)))
: Drr(Er,(Er,(M,,)))
- Eer(Mi,),
7.3 Problems
: 3, encipher the message
l. Using the prime p - l0l and enciphering key e
GOOD MORNING using modular exponentiation'
5 . Using the method described in the text for exchanging common keys, what is the
key that can be used by individuals with keys kt:27 and kr:31
"o..on
when the modulus is p : l0l and the base is a : 51'
6. What is the group key K that can be shared by four individuals with keys
* 1 0 0 9 a n d base
k1 : ll, k2:12, k3:17, kc:19 using the modulusP
a:31.
7.4 Public-KeyCryptography
If one of the cipher systems previously described in this
chapter is used to
establish secure communications within a network,
then each pair of
communicants must employ an enciphering key that
is kept secret from the
other individuals in the network, sincl once the enciphering
key in one of those
cipher systems is known, the deciphering key can be fiund
using a small
amount of computer time. Consequently,to maintain secrecy
the enciphering
keys must themselvesbe transmitted ovei a channel of securecommunications.
Dk,(C) - Pkt(Eo,(r)) : f.
where ed: kth) * I for some integer k, since ed = I (mod Ob)), and by
--
Euler's theorem, we have pa(fi) 1 (mod n), when (P, n) : | (the
probability that P and n are not relatively prime is extremely small; see
problem 2 at the end of this section ) . The pair (d, n) is a deciphering key.
wq first translate the letters into their numerical equivalents,and then group
these numbers together into blocks of four. We obtain
where we have added the dummy letter X : 23 at the end-of the passageto
fill out the final block.
We encipher each plaintext block into a ciphertext block, using the
relationship
For instance, when we encipher the first plaintext block 1520, we obtain the
ciphertext block
214
Cryptology
C = (1 5 2 0 )1 3= 9 5 (m od 253D .
when (P, 2537) : | (which is true for all of the plaintext blocks in our
example).
To understand how the RSA cipher system fulfills the requirements of a
public-key cipher system, first note that each individual can find two large
primes p and q, with 100 decimal digits, in just a few minutes of computer
time. These primes can be found by picking odd integers with 100 digits at
random; by the prime number theorem, the probability that such an integer is
prime is approximately 2tog 10100. Hence, we expect to find a prime after
examining an average of l/OAog 10100),or approximately ll5, such integers.
To test these randomly chosen odd integers for primality, we use Rabin's
probabilistic primality test discussedin Section 5.2. For each of these 100-
digit odd integers we perform Miller's test for 100 basesless than the integer;
the probability that a compositeinteger passesall these tests is less than 10-60.
The procedure we have just outlined requires only a few minutes of computer
time to find a 1OO-digitprime, and each individual need do it only twice.
where (di, n) is the deciphering key for individual f which only individual
, i
knows. Then, if ni t n1, where (ei, n) is the enciphering key ior individual
7, individual i enciphersS by forming
,:Ekt(S)=S', (modn;), 0<C 1nj.
Here, we have used the identity Ep,(Dp,(P)) : P, which follows from the fact
th a t
= (P d ' )" - Pd ' e ': P (mod n;)'
E p, (D p ,(P))
since
diei :- I (mod Oh)).
The combination of the plaintext block P and the signed version S convinces
individual 7 that the message actually came from individual i. Also,
individual i cannot deny sending the message, since no one other than
individual f could have produced the signed message S from the original
messageP.
The RSA cipher system relies on the difference in the computer time needed
to find primes and the computer time needed to factor. In Chapter 9, we will
use this same difference to develop a technique to "flip coins" electronically.
7.4 Problems
l. Find the primesp andq if n : PQ - 4386607and d(n) : 4382136.
2. Supposea cryptanalystdiscoversa messageP that is not relativelyprime to the
encipheringmodulusn : pq usedin a RSA cipher.
a) Showthat the cryptanalystcan factorn. fP," ) . p or 1
b) Show that it is extremelyunlikely that sucha messagecan be discoveredby
demonstratingthat the probability that a messageP is not relativelyprime
1-!,
to n i, !+ a n d i f p a n d q a r e b o t h l a r g e rt h a n l 0 r m , t h i s
pqpq
probabilityis leis thin 10-s.
3 . What is the ciphertext that is produced when the RSA cipher with key
(e,n) : G,266il is usedto encipherthe messageBEST WISHES?
4 . If the ciphertext message produced by the RSA cipher with key
(e,n) : (s,zggt) is 0504 1874034705152088235607360468, what is the
218
Cryptology
plaintext message?
a) Using the method in the text, what is the signed ciphertext sent by Harold
to Audrey, when the plaintext messageis cHEERs tranorot
b)
Using the method in the text, what is the signed ciphertext sent by Audrey
to Harold when the plaintext messageis SINCERELY AUDREY?
In problems 6 and '7, we present two methods for sending signed messagesusing the
RSA cipher system, avoiding possible changes in block sizes.
6. Let H be a fixed integer. Let each individual have two pairs of enciphering keys:
k - (e,n) and k* - (e,n*) with n < H <n*, where n and n* are both the
product of two primes. Using the RSA cipher system, individual f can send a
signed messageP to individual T by sending E*.(D1,,(p)).
il Show that is is not necessaryto change block sizes when the transformation
Eor. is applied after Dp, has been applied.
b) Explain how individual 7 can recover the plaintext message P, and why no
one other than individual l' could have sent the message.
Er,(Dr,(P)) if n, < n,
Dp,(Ep,@)) if ni ) ni .
7.5 KnapsackCiphers
In this section, we discuss cipher systems based on the knapsack problem.
Given a set of positive integers Qr,a2,..., an and a Sum S of a subset of these
integers, the knapsack problem asks which of these integers add together to
give S. Another way to phrase the knapsack problem is to ask for the values
of xyx2,..., xn, each either 0 or 1, such that
(7.3) S:arxr*a2x2* larxn'
Example. Let us find the integersfrom the set 2,3,7,14,27 that have 37 as
their sum. First, we note that since 2+ 3 + 7 + 14 < 27, a sum of integers
from this set can only be greater than 27 if the sum contains the integer 27.
H e n c e ,i f 2 x 1 * 3 x 2 * 7 x 3 * l 4 x a * 2 7 x 5- 3 7 w i t h e a c h . x ; : 0 o r l , w e
must have 15 : I and 2x1* 3x2* 7x3| l4xa: 19. Since 14 > 10, x4
m us t be 0 and w e h a v e 2 x 1 * 3 x 2 * 7 x 3 : 10. S i nce 2 + 3 ( 7, w e must
h a v e x , : 1 and th e re fo re 2 x 1 l 3 x 2 :3 . O bvi ousl y,w e hava x2: I and
rr - 0. The solutionis 37 - 3 + 7 + 27.
[r ir S Z an
r,:toif S(an.
n
if s-
t-i+l
xj- n
.s-
;-;+l
for7 : n-l,n-2,...,1.
To seethat this,algorirhmworks, first note that if xn :0 when S 7 an,
then)orrr( 2 o , l e n < S , c o n t r a d i c t i n the
g condition ! o1*i : S
i-l i-l j-'
, j-r
Similarly, if xy : 0 when S - 7 oj, then ) a;x; ( 2 *, +
;-j+l i-l t-l
n
aj*
i-j+1 r-i+l
So: Zo,r,
t-l
So : D o,r,,
i-l
s : !, b,r,,
i-l
be solved. on the other hand, when m and w are known, the knapsack
problem (z.s) can be transformed into an easy knapsack problem, since
223
7.5 KnapsackCiphers
binary binary
letter equivalent letter equivalent
A 00000 N 01101
B 00001 o 0lll0
C 00010 P 0llll
D 0001I a 10000
E 00100 R 10001
F 00101 S 10010
G 001r0 T l00l I
H 00111 U 10100
I 01000 V l0l0l
J 0100r w 10110
K 01010 X l0l l1
L 01011 Y l 1000
M 0l100 Z 11001
where Ss is the least positive residue of wlS modulo rn. We have equality in
(7.6), since both sides of the equation are positive integers less than m which
are congruent modulo ltt.
We illustrate the enciphering and deciphering proceduresof the knapsack
cipher with an example. We start with the super-increasing sequence
: (2,1I '14'29'58'lI9'24I'480'959'1917)' We
(a1,a2,a3,Q4,Q5tA6,A7,Qg,Qg,,Ato)
: l00l
take m: 383? as the encipheringmodulus,so that m ) 2a1s,?fld w
as the multiplier, so that (m,w):1, to transform the super-increasing
sequenceinto the sequence(2002,3337,2503,2170,503,172,3347,855,709,417).
To encipher the message
REPLY IMMEDIATELY,
Cryptology
For instance,we compute the first sum, 3360, by adding 2002,503, and g55.
To decipher, we find the least positive residue modulo 3837 of 23 times each
sum' since 23 is an inverse of 1001 modulo 3837, and then we solve the
corresponding easy knapsack problem with respect to the original super-
increasing sequence (2,11,14,29,59,119,241,4g0,959,lglT). For example, to
decipher the first block, we find that 3360.23:540(mod 3837), and then note
that 540 : 480 + 58 + 2. This tells us that the first block of plaintext binary
digit s is 10001 0 0 1 0 0 .
Recently, Shamir [g+] tras shown that knapsack ciphers are not satisfactory
for public-key cryptography. The reason is that there is an efficient algorithm
for solving knapsack problems involving sequences b1, b2,...,b, with
bi: wai (modm), where w and m are relatively prime poritiue integers and
ar, o2,...,an is a super-increasingsequence. The algorithm found by Shamir
can solve these knapsack problems using only O @ hD bit operations, where
P is a polynomial, instead of requiring exponential time, ir required for
general knapsack problems, involving sequencesof a general "r
nature.
There are several possibilities for altering this cipher system to avoid the
weakness found by Shamir. One such possibility is to choose a sequence of
pairs of relatively prime integers (w1,m1),,(w2,m2),..., (w,mr), and then
form the series of sequences
7.5 Knapsack GiPhers 22s
b9) 7 w 1 a i ( m o d z r )
;;,, :rrijt' (mod m z)
for j : l, 2, ..., n. We then use the final sequenceb[') , b$'),..., bl') as the
encipheringsequence.As of mid-1983,no efficientalgorithmhad beenfound
for solving knapsack problems involving sequencesobtained by iterating
modular multiplications with different moduli (although there are several
promisingmethodsfor the productionof suchalgorithms).
7.5 Problems
l. is super-increasing
Decidewhethereachof the followingsequences
a) (3,5,9,19,40) c) (3 ,7 ,1 7 ,3 0 ,5 9 )
b) ( 2, 6, 10, 15 ,3 6 ) d (l l,2l,4l,8l,l5l).
P - ai'ai'." oi'
c) Show that if the integets a1,a2,...,anare mutually relatively prime, then the
multiplicative knapsack problem P:ai'ai'"'oI', rj-0 or I for
j : I,2,...,n, is easily solved from the prime factorizations of the integers
P,ayo2,...,an, and show that if there is a solution, then it is unique.
P-ai'ai'"'ol'
e) Explain how parts (c) and (d) can be used to produce ciphers where
messagesare easily deciphered when the mutually relatively prime integers
a1, a2t...; an are known, but cannot be deciphered quickly when the integers
d\, dzr...,an Are knOwn.
7.5 ComputerProjects
Write programsto do the following:
1. Solveknapsackproblemsby trial and error.
2 . Solve knapsack problems involving super-increasing sequences.
3 . Encipher messagesusing knapsack ciphers.
Decipher messagesthat were enciphered using knapsack ciphers.
mutually relatively
6. Solve multiplicative knapsack problems involving sequencesof
prime integers (see Problem 10).
The integers e r, €2, ..., €n serve as the write subkeys of the cipher.
To retrieve the 7th file F; from the ciphertext C, we simply note that
Fi=C(modm),0(F;1mi.
We call the moduli my r/121...r mn the read subkeys of the cipher. Note that
knowledgeof mi permits accessonly to file7; for accessto the other files, it is
necessaryto know the moduli other than mi.
We illustrate the enciphering and deciphering proceduresfor databaseswith
the following examPle.
Example. Suppose our database contains four files Fr, Fz, F3,lfid Fa,
re p res ent edby ih" b i n u .y i n te g e rs(0 1 I l )2 , (1 0 0 1 )r, (t t00)2, i ID d (t t t t)2, or
in decimal notationFr:7, Fz:9, Ft: 12 and Fq: 15' We pick four
p r i m e s , f i l r : 1 1 ,m 2 : 1 3 , t r l 3 : 1 7 , a n d t r l 4 : 1 9 , g r e a t e r t h a n t h e
corresponding integers representing the files. To encipher this database, we
228
Cryptology
so that c:16298. The read subkeys are the integers mi, j - 1,2,3,4. To
recover the file F7 from C, we simply find the least positive residue
of C
modulo rn7. For instance,we find F1 by noting that
Fr=16298=7(modtl).
mt1mz1 1lttr,
and
) frlFs*z
0.7) tTlt lllz ffi, Pffirffir-t
of the
Note that the inequality (7.7) states that the product of the s smallest
product of p and the s-l largest of, the
integers n; is g."utr.- than the
if M - tttttTtz n' then A/p is
intelgersm'1. nt-om Q.l), we see ttrat
greater than the product of any set of s-l of the intege$ mi.
for 7 : 1,2,...,r. To see that the master key K can be found by any s
individuals possessingshadows,from the total of r individuals with shadows,
supposethat the s shadows ki,,ki,,..., ki, are available. Using the Chinese
remainder theorem, we can easily find the least positive residue of Ks modulo
Mi where Mi: Hj,ffij, ftri,. Since we know that 0 ( Ko < M 4 Mi,
- tp.
we can determine Ks, and then find K : Ko
-
On the other hand, suppose that we know only the s 1 shadows
kr,, k,r, ..., k,,-r. By the Chinese remainder theorem' we can determine the
: ffii,ffii, Hi,-,' With
least positive residue a of Ks modulo M; where Mi
these shadows, the only information we have about Ks is that a is the least
positive residue of Kq modulo Mi and 0 ( Ko < M - Consequently, we only
know that
Ko:a*xM;,
congruenceclassesmodulo p.
The three shadows kvkz, and ft3 are the least positive residues
of Ks modulo
l7lt, f/12,and m3, i.e.
kr = 102= 3 ( m o dl l )
kz = 102 = 6 (mod 12)
kt = 102 = 0 (modl7),
7.6 Problems
l. Supposethat the databaseI contains four files, F1 :4, Fz- 6, Ft: 10, and
F + : 1 3 . L e t m l : 5 , n t z : 7 , f t i 3 - l l , a n d m a - 1 6 b e t h e r e a d s u b k e v so f t h e
cipher used to encipher the database.
a (2'3) threshold
3. Decompose the master key K : 3 into three shadows using
- 5' mr : 8' t/tz: 9' m3 : ll
schemeof the type describedin the text with p
and with t -- 13.
three pairs of shadows
4. Show how to recover the master key K from each of the
found in Problem 3.
3. Find the shadowsin a threshold schemeof the type describedin the text.
Definition. Let a and m be relatively prime positive integers. Then, the least
positive integer x such that e* = I (mod z) is called the order of a
modulo m.
We denote the order of a modulo m by ord_a.
Therefore, ord,72: 3 .
Similarly, to find the order of 3 modulo 7 we compute
write
Conversely,if a* = I (mod n ), wo first use the division algorithm to
x : q'ordna * r, 0 ( r ( ordra.
sinceoord'a=l(modn).
, s u meth a t a i = a r (mo d n ) w i th i > j . S i nce (a,n):
Conv er s elyas l, we
know that (ai,n) : 1. Hence, using Corollary 3.1, the congruence
ai = ai ai-i = ai (mod n)
ai-j: I (modn).
Not all integers have primitive roots. For instance, there are no primitive
roots modulo 8. To see this, note that only integers less than 8 and relatively
p r i m e t o 8 a r e 1 , 3 , 5 , a n d 7 , a n d o r d 3 l : l , w h i l eo r d s 3 : o r d s 5 : o r d s 7 : 2 .
Since d(8) : 4, there are no primitive roots modulo 8. In our subsequent
discussions,we will find all integers possessingprimitive roots.
To indicate one way in which primitive roots are useful, wo the
following theorem.
root r form
Proof. To demonstratethat the first @(r) powers of the primitive
they are all
a reduced residue set modulo n, we only need to show that
relatively prime to n, and that no two are congruent modulo n.
(rk,n):1
Since G,n):1, i t f o l l o w sf r o m p r o b l e m8 o f S e c t i o n2 ' 1 t h a t
all relatively prime to n '
for any positive integer k. Hence, these powers are
that
To show that no two of these powers are congruent modulo n, assume
ri = r/ (mod n ) .
Note that
(a")t': ( a r ' , ) Q l v ): ( a t ) u ' : I ( m o d r n) ,
Q6u): l , u s i n gL e m m a 2 . 3 , w e s e et h a t / , |
".
N o w , s i n c es I t r a n d t , I r , w e c o n c l u d et h a t , s : I
t: t/v : t/(t,u). This
proves the result. tr
8.1 Problems
1. Determine the
il4 d) 13
b)5 e) 14
c) l0 f) 1 8 .
4. How many incongruent primitive roots does 13 have? Find a set of this many
incongruent primitive roots modulo 13.
6. Show that if n is a positive integer and a and 6 are integers relatively prime to n
: ordna'ordnb'
such that (ordna, ordnD) : l, then ord'(ab)
when
7. Find a formula for ordn Gil if a and b are integers relatively prime to n
ordna and ordrb are not necessarily relatively prime'
g. Decide whether it is true that if n is a positive integer and d is a divisor of Qh),
then there is an integer a with ordna : d.
g. Show that if a is an integer relatively prime to the positive integer m and
ord^a : s/, then ord^at : s .
I 1. Show that r is a primitive root modulo the odd prime p if and only if
,e_D/e * I (modp)
12. Show that if r is a primitive root modulo the positive integer m, then i is also a
primitive root modulo m, if i is an inverse of r modulo m '
b) From part (a), conclude that 2n+r | (p-1), so that p must be of the form
z"+rk + l.
: n and
15. Let m: an - 1, where a andn are positiveintegers. Show that ordra
conclude that n I O@).
16. a) Show that if p and q are distinct odd primes, then pq is a pseudoprime to
the base 2 if and only if ordo2 | 0-t) and ordo2 | Q-D.
b) Use part (a) to decide which of the following integers are pseudoprimes to
the base 2: 13'67, 19'73,23'89,29'97.
238
PrimitiveRoots
c) Let n:47'59 and e :17. Using iteration, find the plaintext corresponding
to the ciphertext 1504.
(Note: This iterative method for
attacking RSA ciphers is seldom successfulin a
reasonable amount of time. Moreover, the primes p
and q may be chosen so
that this attack is almost always futile. See pioblem l3
of Section g.2.)
rt : l'
Proof. To prove the theorem, we use mathematical induction' When
atx I aowithp f c1. A root /G) o f m o d u l op r s a s olution
* e h a u ef ( ; :
2 -as (mod p). By Theorem 3'7, since
of the linear congruence a 1x
(a1,p): l, this linear congruencehas exactly one solution, so that there is
theorem is true for n : l '
exactly one root modulo p of f G). Clearly, the
- l' and
Now supposethat the theorem is true for polynomials of degree n
by
let fk) U" a polynomial of degree n with leading coefficient not divisible
ihe polynomial G) has n f I incongruent roots modulo p'
p. Assume that f
:0 ,1,,...,,fl . W e have
s? r!cs , c r , , . . , c sn,o t hat f k ) = 0 (mo d p ) fo r k
Theorem 8.6. Let p be prime and let d be a divisor of p-1. Then the
polynomial xd - I has exactly d incongruent roots modulo p.
From Fermat's little theorem, we see that xP-r - I hasp-l incongruent roots
modulo p. Furthermore, from Corollary 2.2, we know that any root of
xP-t - I modulo p is either a root of x7 - I modulo p or u rooi of g(x)
modulo p.
Theorem 8.6 can be used to prove the following result which tells us how
many incongruent integers have a given order modulo p.
Theorem 8.7. Let p be a prime ancl let d be a positive divisor of p-1. Then
the number of incongruent integers of order d modulo p is equat to
o@).
Proof. For each positive integer d dividing p-1, let F@) denote the number
of positive integers of order d modulo p that are less than p. Since the order
modulop of an integer not divisiblebyp dividesp-1, it follows that
p-l :
d lp-l
p-l :
dlp-r
dlp-r dlp-r
8.2 Primitive Roots for Primes 241
Therefore, we can conclude that F (d) : OU), which tells us that there are
precisely O@) incongruent integers of order d modulo p ' D
Proof. Let p be a prime. By Theorem 8.7, we know that there ate |Q-l)
incongruent integers of order p-l modulo p. Since each of these is, by
definition, a primitive root, p has 6Q-l) primitive roots.
The smallest positive primitive root of each prime less than 1000 is given in
Table 3 of the APPendix.
8.2 Problems
1. Find the numberof primitive rootsof the followingprimes:
a) 7 d) 19
b) l3 e) 29
c) t7 f) 47.
-r
2. Let r be a primitive root of the prime p with p = | (mod 4)' Show that is
also a primitive root.
: I (mod 4), there is an integer x such that
3. Show that if p is a prime and p
x2 = -l (modp). (Hint: Use Theorem 8.7 to show that there is an integer x
of order 4 modulo P.)
242 PrimitiveRoots
b) Explain why the answer to part (a) does not contradict Lagrange's theorem.
b) Let p be prime. Using part (a), show that every coefficient of the
p o l y n o m i afl ( x ) : ( x - l ) ( x - D . . . ( * - p + l ) - x p - t + I i s d i v i s i b t e b yp .
c) Using part (b), give a proof of Wilson's theorem. (Hint: Consider the
constant term of f (x).)
c) Follow the procedure outlined in parts (a) and (b) to find a primitive root
modulo 29.
9 . Use problem 8 to show that every odd composite integer that is not a power of 3
is a pseudoprimeto at least two basesother than i l.
.f k)
i-t
i-_t,
12. In this problem, we develop a threshold scheme for protection of master keys in a
computer system, different than the scheme discussed in Section 7.6. Let f (x)
be a randomly chosen polynomial of degree r-1, with the condition that K, the
master key, is the constant term of the polynomial. Let p be a prime, such that
p > K and p ) s. The s shadows krkz, ..., k, are computed by finding the
least positiveresidueof f G) modulo p for i :1,2,..., s where xt,xz,...,.xr are
randomly chosenintegers incongruent modulo p, i.e.,
ki = f(x;) (modp), o ( k; ( p,
for; -
b) Show that the master key K cannot be determined from less than r
shadows.
13. Show that an RSA cipher with enciphering modulus n: pq is resistant to attack
b y i t e r a t i o n ( s e e p r o b l e m 1 8 o f S e c t i o n8 . 1 ) i f p : 2 p ' + I and q:2q'* l,
where p' and q' are primes.
ordrr:0Q):p-1.
r'= I (modp2).
rn = I (modp).
p-l: ordrrl n.
nlOQ2):p(p-t).
. r p- r : ( r t p) o -r : 7 p -t + * 1p;I)rr_rp, +
Q _ D ro -rp
z v 4 -t + (p -D p .rP-2 (mod p2).
sp-t# l (modp2).
To see this, note that if 5P-l : l^(mod p2), then prp-z = 0 (modp2).
This
last congruence implies that rp-2 = 0 (mod p), which is impossible,
since
8 .3 Th e E x is t enc e o f Pri m i ti v e R o o ts 245
Theorem 8.9. Let p be an odd prim e, then pk has a primitive root for all
positive integers ft . Moreover, if r is a primitive root modulo p2, then r is a
primitive root modulo po, for all positiveintegersk.
Proof. From Theorem 8.8, we know that p has a primitive root r that is also
a primitive root modulo P2, so that
(8.2) rp-t # 1 (modp2).
7n - I (modpk),
rn = I (modp).
Fr om T heor em 8 .1 , w e s e e th a t p -l : 6 e )
| n. B ecausee-D l r, and
n I o*-rQ-I), we know that n:'p'(p-l), w h ' e r el i s a n i n t e g e rs u c h t h a t
0 ( r ( k-t. If n: p'(p-l) with/ < k-2, then
vPL-2(o-D : ,Q(Pk-tt
: 3 is also a primitive
modulo 7 and 72. Hence, Theorem 8.9 tells us that r
root modulo 7k for all positive integers k.
It is now time to discusswhether there are primitive roots modulo powers of
Z. We first note that both 2 and 22: 4 have primitive roots, narnely 1 and 3,
respectively. For higher powers of 2, the situation is different, as the following
theorem shows;there are no primitive roots modulo these powers of 2.
This yields
e2'-'= 1 (modzk+r),
Even though there are no primitive roots modulo 2k for k > 3, there always
is an element of largest possible order, namely OQ\ I 2, as the following
theorem shows.
248 PrimitiveRoots
o r d 2 . 5: O ( Z k ) D : 2 k - 2 .
ord2.5- 2k-2.
For k : 3. we have
5:l+4(mod8).
Now assumethat
52'-': l+zk-I (mod2ft).
so that
52,-,= 0 + 2k-r)2 : | + 2k + 22k-2 : I + 2t (mod Zk+\ .
ordr'5 : O(2k)/2' tr
,-p\,p'i...p';.
Let us assume that the integer n has a primitive root r. This means that
(r,n ) : I and or dn r :6 h ). Si n c e (r,n ) : l , w e know that (r,p' ) : l ,
wheneverpt is one of the prime powers occurring in the factorization of r. By
Euler's theorem, we know that
ro@') : I (mod P) .
u : [oQ\'),aQ'il,...,0b'il1.
rob') = I (modp,),
and no positive exponent smaller than 6(pt) has this property. From Theorem
6.4, we note that O(zp') : --
0Q) 66t7 : e(p,), so that ,6(2n')
1 (mod p') .
If r is odd, then
Thus, by corollary 3.2, we see that rQQp';: I (mod 2p,). since no smaller
power of r is congruent to I modulo 2pt , we conclude that r is a primitive
root modulo 2pt .
7t for all positive integers /. Hence, since 3 is odd, Theorem 8.13 tells us that
3 is also a primitive root modulo 2'7t for all positive integers /. For instance,
3 is a primitive root modulo 14.
positive
Similarly, we know that 2 is a primitive root modulo 5' for all
* 5t is a
integers/. Hence, since 2 + 5t is odd, Theorem 8.13 tells us that 2
primitive root modulo 2.5t for all positive integers f. For instance,2T is a
primitive root modulo 50.
Theorem 8.14. The positive integer n possessesa primitive root if and only if
8.3 Problems
a) lf c) r72
b) B2 d) D2.
a) 3k c) l3k
b) lle d) nk.
a)6c)26
b) 18 e) 338.
6. Show that there are the same number of primitive roots modulo 2pt as there are
of p' , where p is an odd prime and r is a positive integer.
7. Show that if rn has a primitive root, then the only solutions of the congruence
x2 = I (mod m) are x E t I (mod z).
252 PrimitiveRoots
8. Let n be a positive integer possessinga primitive root. Using this primitive root,
prove that the product of all positive integers less than n and relatively prime to
n is congruent to -l modulo n. (When n is prime, this result is Wilson's
Theorem.)
9. Show that although there are no primitive roots modulo 2& where k is an integer,
k > 3, every odd integer is congruent to exactly one of the integers (-1)"50,
where a:0 or I and B is an integer satisfying0 < B ( 2ft-2-1.
r, 12, 13
form a reduced system of residuesmodulo nr. From this fact, we see that if a
is an integer relatively prime to m, then there is a unique integer x with
1(x46@)suchthat
r' a (modm).
(mod7),
that 3 r = 3 ( m o d 7 ) , 3 2 = 2 ( m o d 7 ) , 3 3= 6 ( m o d 7 ) , 3 4 = 4
35= 5 ( m od 5) . and 3 6 = I (mo d 7 ).
Theorem 8.15. Let m be a positive integer with primitive root r, and let a
and b be integersrelativelyprime to m. Then
( i) ind, l = 0 (mo d Q fu )).
(ii) ind,Gb) = ind,a * ind,b (mod O@))
--
(iii) ind,ak la. ind,a (mod 6h)) if k is a positive integer.
Proof of G). From Euler's theorem, we know that ,6(m): I (mod z).
Since r is a primitive root modulo m, no smaller positive power of r is
congruentto 1 modulo rn. Hence, ind,l : 6(m) = O (mod Qfu)) .
Proof of (ii). To prove this congruence, note that from the definition of
indices,
,ind'Qil : ab (mod ,,, )
and
,ind,a*ind,b- ,ind,o ,ind,b = Ab (mOd ,, ).
Hence,
* ind,D
,ind,Gb) = 7ind,a (mod rn ).
and
Hence,
ind'o
,ind,aL = rk' (mod rn ).
Example. From the previous examples,we see that modulo 7, ind52: 4 and
i n d 5 3 : 5 . S i n c eA Q ) : 6 , p a r t ( i i ) o f T h e o r e m8 . 1 5 t e l l su s t h a t
i n d 5 6- i n d s 2 . 3 : i n d s 2t i n d 5 3: 4 t 5:9 = 3 ( m o d6 ) .
Note that this agreeswith the value previously found for ind56.
i n d 5 3 a- i n d s Sl - i n d s4 : 2.
Example. We will use indices to solve the congruence 6xr2 : I 1 (mod 17).
We find that 3 is a primitive root of 17 (since 38 = -l (mod l7)). The
indicesof integersto the base 3 modulo l7 are given in Table 8.1.
a I 2 3 4 5 6 7 8 9 10 1l t2 13 l4 t5 16
ind3a 16 14 I r2 5 l 5 ll l0 2 3 7 l3 4 9 6 8
in d 3 (6 x r2 )= i n d 3 l| :' l (m o d 16).
Hence,
15+12'ind3x=7(mod16)
or
12'ind3x=8(mod16).
Hence,
ind3x : 2 , 6 , 1 0 ,o r 1 4 ( m o d 1 6 ) .
x 3 9 , 1 5 , 8 , o r 2 ( m o d1 7 ) .
Since each step in the computations is reversible, there are four incongruent
solutions of the original congruencemodulo l7'
(mod 17).
Example. We wish to find all solutionsof the congruence7'= 6
When we take indices to the base 3 modulo 17 of both sides of this
congruence,we find that
i n d 3 (7 ' ) : i n d 3 6: 1 5 (m o d 16).
Hence.
256
PrimitiveRoots
llx : 15 (mod16).
are given by
x = t3 (mod 16).
oQh)ld=l(modln)
xk (mod z)
(8
has no solutions, and hence, there are no integers x satisfying l). If
d lind'a, then there are exactly d integersy incongruentmodulo d(z) such
that (8.2) holds, and hence,exactly d integersx incongruentmodulo z such
rhat (8.1) holds. Since d I ind,a if and only if
@@)/ilind,a = o (mod Q(m)),
b2tt : -1 (mod n)
f o r s o m e i n t e g e r T w i t h 0( 7 ( s - l. Ineithercase,wehave
bn-t= I (modn).
fI tu-r,pj-r)< fI Q;t)
;:l j -r
li-l
ll**
l+,r)
"+"
Since
?"*f 0n-l) for n > 9 , we seethat
r
u (n-l ,p,-l) (
j:r
(r -r)14.
: (t,t;). From
The number of incongruentsolutionsof x' = I (mod pi) is T
problem 15 at the end of this section, there are 2il; incongruent solutions of
* y''= - l ( m odp; ) w h e n O ( f ( s i -I, a n d n o sol uti onsotherw i se. H ence,
u si n g t he Chines e r e ma i n d e r th e o re m , th e re a r e TrTz" ' 7, i ncongruent
solutions of xt : I (mod n), and 2i' TrTz"'7, incongruent solutions of
x/, = - 1 ( m od n) w h e n 0 ( 7 ( s 1 -1 . T h e re fo re,there area total of
[ ,,-' I I Z"'-t I
TrTz"' T, lt* > 2t'l- TrTz"' T,lt + .;; I
l,r-oJtL)
We will showthat
* Uf ' as,
,r',*',* ( f^,* ''.'-t
f,
| 2 ' - t )' l . 2 ,- l
f,r,,,
J''
-- I 2"r-l
2", 2"r(2, -l)
:l++-l
2"t 2,-l 2rtr(2, -l)
| I-
2',-2
2'-l 2"'(2'-l)
- -< l
2r-r
( p t - l ) I ( n - l ) , s ot h a t
n : p r p z Z p z = 1 ( m o dp r - l ) ,
8.4 Problems
l. Write out a table of indices modulo 23 with respectto the primitive root 5.
4. For which positive integers a is the congruence axa = 2 (mod 13) solvable?
5. For which positive integers 6 is the congruence 8x7 : b (mod 29) solvable?
6. Find the solutionsof 2x = x (mod 13), using indices to the base 2 modulo 13.
1 0 . Prove that there are infinitely many primes of the form 8ft*1. (Hint: Assume
that p6p2,...,pn are the only primes of this form. Let - (ppz. . . p)a+l .
e
Show that Q must lave an odd prime factor different than j1p2,...,pn,
and by
problem 9, necessarilyof the form 8k+l .)
ll. From problem 9 of Section 8.3, we know that if a is a positive integer, then
there
are unique integers a and B with a : 0 or I and 0 <
B ( Z*-i-t such that
a = (-l)" 5p (mod 2ft). Define the index system of a modulo 2k to be equal
to the pair (a,B).
b) Develop rules for the index systems modulo 2& of products and powers
analogousto the rules for indices.
c) Use the index system modulo 32 to find all solutions of j xs = I I (mod 32)
and 3' = 17 (mod 32).
12. Let n : 2"p\'pj ' ' ' ph be the prime-power factorization of n. Let a be an
integer relatively prime to n. Let r1,r2,...,r^ be primitive roots of pti,p'i,..., p';,
respectively, and let 71 : ind", a (mod p'1), 72 : ind", a (mod ptl),
...,1m:ind,.a (mod p'il. rc /o ( 2, let rs be a primitive root of 2t,,and let
7e : ind,. a (mod 2t). If ls 2 3,let (a,p) be the index systemof c modulo 2k,
so that a = (-l)'5P (mod 2t). Define the index system of a modulo n to be
( 1 o , 1 r , 7 2 , . . . , y ) i f t o ( 2 a n d ( a , 8 , 7 t , ^ 1 2 , . . . , 1i ^f )t o
Z 3.
a) Show that if n is a positive integer, then every integer has a unique index
system modulo n.
b) Find the index systemsof 17 and 4l (mod lZ0) (in your computations, use
2 as a primitive root of the prime factor 5 of 120).
c) Develop rules for the index systems modulo n of products and powers
analogousto those for indices.
il Show that if ft is a positive integer, then every odd integer a is a kth power
residue of 2" .
b) Show that if /c is even, then an integer a isa /<th power residue of 2" if and
only if a ? | (mod (4k ,2')).
263
8.5 PrimalityTests Using PrimitiveRoots
kth
c) Show that if /< is a positive integer, then the number of incongruent
power residues of 2" is
2"-r
'
b.2) h,2"-2)
3. Find kth power residues of a positive integer m having a primitive root, where k
is a positive integer.
and
264
PrimitiveRoots
*G-t)/a#l(modn)
Proof. Since xn-r: I (mod n), Theorem g.l tells us that ord,x
| (n -l).
we will show that ordrx : n - r. Suppose that ord,,x # n - l.
Since
ordrx | (n -t), there is an integer k with n - | : k.ordrx and
since
ordrx ln- l , w e k n o w t h a t k > l . L e t q b e a p r i m e d i v i s o r o fk . T h e n
and
,h_r)/c*l(modn)
Since the hypothesesof Theorem 8.17 are met, we know that n is prime. D
u:874
an d 13. 1 -1 (m o d 2 0 03), 52002/t
S inc e 5 2 0 0 2 /25: 1 0 0 = = .5T
- : 5154
(mo d 2 003) , lz ooz ,tr- 5 1 8 3 8 8 6 (m o d 2 0 0 3 ), and 52oo2/13
: 633 (mod 2003), we seefrom Corollary 8.4 that 2003 is prime.
First, we note that / (2) : l. We assume that for all primes Q, with
q < n , t he inequalit y
f ( q ) ( 3 ( l o eq l t o s D- 2
holds.
266
PrimitiveRoots
and
(iv) r(/.-t)/L = I (mod n), for i : l, 2,... t,
fh):t*(r+t)+ifQ,)
t-'
,
( 2l + I + ((l togq;fiogD - 2)
)
:t*(fnogDtoeQflz...Q)
: Gflog2)log2qflz...q) - 2
( (3/og z)log(Z'qfl2. . . q) - 2
: 3(log ntog D - 2 .
less than
determine whether an integer is prime using this test requires
log,logrlog,n instance, to
(log2n;c bit operations, where c is a constant. For
just 40 seconds and to
determine whether a too-digit integer is prime requires
just l0 minutes' Even
determinewhether a 200-digit integer is prime requires
may be checked for primality in a reasonable amount of
a 1000-digit integer
time, one week. Fo, more information about this test see [63] and [74].
8.5 Problems
:2'
l. Show that l 0 l i s p r i m e u s i n gT h e o r e m8 . 1 7 w i t h x
: 3'
2 . Show that 257 rs prime using Corollary 8.4 with x
a
J . Show that if an integer x exists such that
and
*|n-'t', * 1(modn)
and
xi-t= I (modn),
then n is prime.
n - l : m i r nj -ir'
w h e r e m i s a p o s i t i v e i n t e g e r , o t , a 2 , . . . , a r A r e p o S i t i v e i n t e g e r S , a n d q t , Q 2 , . . . ,Q r
are relatively prime integers greater than one. Furthermore, let br, b2,"', b, be
positive integers such that there exist integers xt, xz,"', x, with
--
x,!-r I (mod n )
and
268
Primitive Roots
6'!'-t)/e'-l,n) : I
< ( r +jf- 1i u ? 1 , .
Show that n is prime.
8.5 ComputerProjects
write programsto showthat a positiveintegern is prime using
l. T heor em8 .1 7 .
2. Corollary8.4.
3. Problem4.
4. Problem5.
, : p\,p,i p,; .
If a is an integerrelatively
primeto n, thenEuler'stheorem
tellsusthat
a A Q ' )= I ( m o d p t )
u : l6Qi'),07,il,...,ob,;)l,
the leastcommonmultipleof the integers
OQ! ), i : 1,2,...,m. Since
ohhlu
f or i : 1, 2, . . . , n , u s i n g T h e o re m8 .1 w e s e ethat
a u = t(m o d p ,1' )
aU = I (modn).
Definition. The least universal exponent of the positive integer n is called the
minimal universal exponent of n, and is denoted by I(n)'
We now find a formula for the minimal universal exponent l,(n), based on
the prime-power factorization of n.
First, note that if n has a primitive root, then tr(n) - 6fu). Since powers
of odd primes possessprimitive roots, we know that
I(p') : 6(p'),
and ord, a : 2'-2, so that we can conclude that X(2t) : zt-z 1f t > 3.
We have found tr(r) when n is a power of a prime. Next, we turn our
attention to arbitrary positive integers n '
, : 2'"p\'p'i
I
rm.
M - tr(zt), o(p'i),o7'il,...,
Qbill .
S inc e M is d i v i s i b l e b y a l l o f th e i ntegers X (2/g
, e(p' r,) : x(pl ,),
6Q';l : ^(p';),..., QQil : xb'il, and since oxb') : t (moo p,) for all
prime-powersin the factorization of n, we see that
aM = l (modp,),
a M = I ( m o dn ) .
x=3(mod2")
x j11 (modpl')
x : 12 (moa p';)
r- (mod p';).
such
ordn a - M. To prove this claim, assume that .l{ is a positive integer
that
aN = I (modn).
so that
ordo,c | .lf.
we have
But, since a satisfieseach of lhe m * I congruencesof the system,
o rd o ,a: X(p t),
we have
for each prime power in the factorization. Hence, from Theorem 8'1,
\b,) | r{
for all prime powers p' in the factorization of n. Therefore, from Corollary
3.2.weknowthatM: x(pti),...,xb';)l | /{'
[tr(2"),\(p1'),
Since aM = I (modn) and MIN w h e n e v e ra N = 1 ( m o d n ) , w e c a n
conclude that
ordna : M.
To find an integer a with ordlsga : 12, first we find primitive roots modulo 32
5,
and 5. For instance, we take 2 and 3 as primitive roots modulo 32 and
respectively. Then, using the Chinese remainder theorem, we find a solution
of the system of congruences
1=iiililil
272
Primitive Roots
\(n ) : [x(26),
a(32),.d(5),
oOD, d(I9), o(37),o(7rl
: [,24,2.3, 22, 24, 2.32, 2232,23321
:24.32
: 144.
br-t : I (mod n )
for all positiveintegers6 with (b,n): l. Theorem 8.20 tells us that there is
an integer a with ordna : X(n), where I(n) is the minimal universal
exponent,and sincean-r = I (mod re), Theorem g.l tells us that
r(n)l(n_l).
Now n must be odd, for if n was even, then n-l would be odd, but
tr(n ) is
even (sincen ) 2), contradictingthe fact that ),(n) (r-l).
|
We now show that n must be the product of distinct primes. Suppose has
r
a prime-powerfactor pt with t>2. Then
tt : QtQz Qtc'
Carmichael
We can easily prove more about the prime factorizations of
numbers.
different odd
Theorem 8.22. A Carmichael number must have at least three
prime factors.
8.6 Problems
n
l. Find tr(n). the minimal universal exponent of n, for the following values of
il 100 e) 2n3t'52'7
b) r44 f ) 2 s 3 2 ' 5 2 ' 7 3l'2l ' 1 3 '1 7 ' 1 9
c) 222 e) 1o!
d) 884 h) 20!.
a)l d)4
02 e)5
c)3 CI6.
a) 12 d) 36
b) ls e) 40
c) 20 f) 63.
274
Primitive Roots
fI (l + (c-t , Obi))
j-l
12. Use problem l1 to show that there are always at least 9 plaintext messages
that
are not changed when encipheredusing an RSA cipher.
1 3 . Show that there are no carmichael numbers of the form 3pq where p and q
are
primes.
t 4 . Find all carmichael numbers of the form 5pq where p and q are primes.
1 5 . Show that there are only a finite number of carmichael numbers of the form
fl : pqr, where p is a fixed prime, and q and r are also primes.
1 6 . Show that the deciphering exponent d for an RSA cipher with enciphering
key
(e,n) can be taken to be an inverseof e modulo ),(n)
.
exponent of
2. integer with order modulo n equal to the minimal universal
""
;j"O
3. Given a positive integer M, find all positive integers n with minimal universal
exponent equal to M.
8.7 Pseudo-RandomNumbers
of
Numbers chosen randomly are often useful in computer simulation
perform simulations, some method for generating
complicated phenomena. To
means for
random numbers is needed. There are various mechanical
but these are ineffficient for computer use'
generating random numbers,
computer arithmetic is preferable' One
Instead, a systematic method using
by Von
such method, called the middte ' square method, introduced
To generate four-digit random numbers, we start
Neumann, works as follows.
number, say 6139. We square this number to
with an arbitrary four-digit
*. tuk. the middle four digits 6873 as the second
obtain 37687321',and
of random
random number. We iterate this procedure to obtain a sequence
and removing the middle four-digits to obtain a new
numbers, always squaring
the preceding one. (ttre square of a four-digit number
random number from
considered
has eight or fewer digits. Those with fewer than eight digits are
eigtrt-digit numbers by adding initial digits of 0')
not
Sequences produced by the middle-square method are' in reality,
number is known, the entire
randomly chosen. When the initial four-digit
appears
,"qu.n.. is determined. However, the sequenceof numbers produced
useful for computer simulations.
to be random, and the numbers produced are
The integers in sequencesthat have been chosen in some methodical manner,
but appear to be random, are called pseudo-random numbers.
It turns out that the nriddle-square method has some unfortunate
weaknesses. The most undesirable feature of this method is that, for many
choices of the initial integer, the method produces the same small set of
numbers over and over. For instance,starting with the four-digit integer 4100
and using the middle-square method, we obtain the sequence
8 1 0 0, 6100, 2100,41 0 0 , 8 1 0 0 , 6 1 0 0 , 2 1 0 0 ,... w h i ch onl y gi ves four di fferent
numbers before rePeating.
The most commonly used method for generating pseudo-randomnumbers is
called the linear congruential method which works as follows. A set of
integerst/t, e, c, and xs is chosenso that m ) 0, 2 < a 4' m, 0 < c 4 m'
and 0 ( xo ( z. The sequence of pseudo-random numbers is defined
276
Primitive Roots
recursivelyby
xn+r 3 axn * c (mod m), 0 ( xr+r 1 r/t,
we have
which is the correct formula for the (k+t)ttr term. This demonstrates
that
the formula is correct for all positive integers k. tr
Numbers
8.7 Pseudo-Random 277
From this congruence,we know that the largest possibleperiod length is tr(lrr),
where X(rz) is the minimal universal exponentmodulo z.
For many applications, the pure multiplicative generator is used with the
modulus m equal to the Mersenne prime M3r:23r - l. When the modulus
m is a prime, the maximum period length is rn -1, and this is obtained when
a is a primitive root of rn. To find a primitive root of M 31 that can be used
with good results, we frrst demonstratethat 7 is a primitive root of M t.
,wt'-Dh 1y ( m o dM t )
for all prime divisors q of Mt-r. with this information, we can conclude
that ord2r,,7 : My-|. To find the factorizationof M31_1, we note that
7{Mil-t)/2 2147483646
+ I (mod M y)
7(Mrrt)13 rsr347773s
+ 1(mod M t)
7(M\-Dn 12053628s
+ 1(mod M t)
t)/rr
7(Mr 1969212174
+ I (mod M y)
7(Mrfr)/3r s t 2+ I (mod M y)
7(M,t-r) /rsl s35044134 + 1(mod M z)
7(Mrft)/33r 1 7 6 1 8 8 s 0+8 3 I (mod M y)
8.7 Problems
by
2. Find the first ten terms of the sequenceof pseudo-random numbers generated
the linear congruential method with x0
: 6 and xn+r z 5x, * 2 (mod 19)'
What is the period length of this generator?
generated by
3 . Find the period length of the sequenceof pseudo-random numbers
the linear congruential method with x6
:2 and xn+t 7 4xn * 7 (mod 25)'
of
4 . Show that if either a : 0 or a - I is used for the multiplier in the generation
pseudo-random numbers by the linear congruential method, the resulting
numbers'
."qu.n"" would not be a good choice for a sequenceof pseudo-random
length .m, where
5 . Using Theorem 8.25, find those integers a which give period
-:axn
(r, i) : l, for the linear congruential generator xnal I c (mod m),
where
a) m:1000 c) m : 106-l
b) nr - 30030 d) m :225-1.
be
6. Show that every linear congruential pseudo-random number generator can
simply expressed in terms of a linear congruential generator with increment
c : 1 and seed 0, by showing that the terms generated by the linear congruential
=
generator xn+r7 axn * c (mod lrt), with seed xe, can be expressedas xn
( m o d b : - ( a - 1 ) x o * c ( m o d m ) , y o : 0 ' a n d l n + t ?
6 y, + xo m), where
aln* I (modln).
a)z c) 4 e) 13.
b)3 d)s
8 . Show that the maximal possibleperiod length for a pure multiplicative generator
-3
of the form xnal QXn (mod 2"), e 2 3, is 2'-2. Show that this is obtained
-: (mod 8).
when a t3
1 0 . Find a good choice for the multiplier a in the pure multiplicative pseudo-random
number generator xn+rZ axn (mod l0l). (Hint: Find a primitive root of 101
that is not too small.)
ll. Find a good choice for the multiplier c in the pure multiplicative pseudo-random
number generator xn i axn-r (mod 22s-1). (Hint: Find a primitive root of
280 PrimitiveRoots
12. Find the multiplier a and increment c of the linear congruential pseudo-random
number generator xn+rt axn * c (mod 1003), 0 ( xn+r < 1003, if xs: l,
x 2 : 4 O 2 , a n dx 3 : 3 6 1 .
l. The middle-sequencegenerator.
et + I (mod rn ).
Proof. We first note that if m has a primitive root, then \(z) : 6(m).
From problem 5 of Section 6.1, we know that g(m) is even, so that 0@) I Z
is an integer, if m ) 2. Euler's Theorem tells us that
-
o o tu ) :1 o a tu ) l z l z I (mo d l z),
sfh) l2: t | ( m o dz ) .
\s(r,)(d(z)lz.
so that
r2'= 1 (modz).
Since ord^r : 6(m), Theorem 8.1 tells us that 6fu) | 2e, or equivalently,
that (6(m) /D I e. Hence, the maximum +l - exponentL6(z) is at least
Q@) / Z. However, we know that l(rn ) 4 6fu) /2. Consequently,
l , s ( r z r ) :6 f u ) / 2 : \ f u ) /2. tr
We now will find the maximal + I - exponent of integers without primitive
roots.
We now find an integer a with the desired properties. Let the prime-power
factorization of m be m - 2'op'r' p'; . . . p'r'. we consider several
cases.
We first consider those rn with at least two different odd prime
factors.
Among the prime-powers p!' diriding ffi,, let pl be one with the
smallest power
of 2 dividi"g Obh. Let ri be a primitive root of p',, for i: 1,2,...,s. Let a
be an integer satisfying the simultaneouscongruences
otr(*)/' * -t (mod rn ).
The next case we consider deals with integers of the form rn - 2toott
where
p is an odd prime,tr2l a n d t o ) 2 , s i n c em h a sn o p r i m i t i v er o o t s . When
to: 2 or 3, we have
283
8.8 An Application to the splicing of Telephone Gables
we know that
o x (n )/2 + _ l (m o d ru ).
(z)'
Consequently,the +1 - exponentof a is f
When ts 2 ,,let a be a solutionof the simultaneouscongruences
a=3 (mod2t')
-: (mod p'il;
a r
We see
the Chinese remainder theorem tells us that such an integer exists.
: ',::';, ""n"'
" ^::,:;,:':',i :i:':';:,*ll;:'l
ord-
that
Thus,
/2 + _t
ox('.'.) (mod rc),
Therefore,we seethat
) / , + _ 1 ( m o dr u ) ;
5r(m
Figure8.1. A cross-section
of one layer of a telephonecable.
I + (j-l)s : I + (k-l)s ( m o dz ) ,
Proposition 8.2. Let S'(7) denote the position of the wire in the nth section
spliced to the 7th wire of the first section. Then
.S'(j) = I + (7-l)s'-r (modz).
Then, the next section, we have the wire in position S'(7) spliced to the
286
PrimitiveRoots
wire in position
gn+r(r) = I + (,Sr(,r)-t),
=li f1;i)',*dm)
This shows that the proposition is true. D
or equivalently,
(t + (j-l)s') - (l+7sn) = + I (modln),
sn: tl (modm).
8.8 Problems
a) t7 d) 36
b) 22 e) 99
c) 24 f) 100.
il 13 il2s
8.8 An Application to the Splicing of Telephone Cables 287
b) 14 e) 3 6
c) t5 f) 6 0 .
4. Show that using any splicing system of telephone cables with ln wires arranged
in a concentric layer, adjacent wires in one section can be kept separated in at
most [ @-l) / 2] successivesectionsof cable. Show that when lz is prime this
upper limit is achievedusing the system developedin this section.
1. Findmaximal tl -exPonents.
288
9.1 QuadraticResidues 289
x2= a (modp)
Theorem 9.1. If p is an odd prime, then there are exactly Q-l)12 quadratic
residues of p and Q-l) /2 quadratic nonresiduesof p among the integers
1 , 2 , ' . ' , p- l '
Proof. To find all the quadratic residuesof p among the integers 1,2,...,p-l
we compute the least positive residuesmodulo p of the squaresof the integers
1,2,...,p - l. Since there are p - | squares to consider and since each
congruencex2: c (mod p) has either zero or two solutions,there must be
exactly Q-D/2 quadraticresiduesof p among the integers 1,2,...,p-1. The
remaining p-l - (p-l)/z- Q-l)lZ positive integers less than p-l are
quadratic nonresiduesof p. tr
Legendre symbol
frl is defined by
L'J
f,l _ { I if a is a quadratic residue of p
I o I
Example. The previousexampleshowsthat the Legendresymt' o r s
Itt ,J'
290
QuadraticResidues
rl
Proof. First, assume that : t Then,thecongruence
x2 : a (modp)
l* |
lp )
has a solution,say x : ro. Using Fermat'slittle
theorem,we seethat
ob-r)/2 - G l 1 < n - r t t ' :* B - t = t ( m o d p ) .
- D
In this case,we also have |,"] o$-t)/2(modp).
l . pJ
Exa m ple. Lel p : 23 a n d c :5 . Since5ll : -l (mod 23), E ul er' scri teri on
rs'l : -1 .
re l l s u s t hat H e n c e ,5 i s a q u a d ra ti cnonresi dueof 23.
l; l
We now prove some propertiesof the Legendre symbol.
Theorem 9.2. ilet p be an odd prime and a and b integers not divisible by p .
Then
( i ) i r a = D ( m o pd ) , t h e n :
[;] t;]
(iii) f4l :,
Ip )
f al = o(o-r)/z
(mod (mod
r l ' Iql = 6b-D/z
\ ' ^ ! v sp), p),
l.pJ-- V)-"
and
[ a ) = G D e - t ) / 2( m o dp ) .
Ip )
Hence.
- o$-t)/z6b-r)/z : ltl
: (ab1e-t)/z (modp).
lp )
[;]itl:l+)
Proofof Gii).sincef:l : *r , frompart(ii) it follows
that
lp )
lor) r-lr )
l,): tflt?):,tr
Part (ii) of Theorem 9.2 has the following interesting
consequence.The
product of two quadratic residues,or of two quadratic
nonresidues,of a prime
is a quadratic residue of that prime, whereas the
product of a quadratic
residue and a quadratic nonresidueis a quadratic
nonresidue.
using Euler's criterion, we can classify those primes
having _ l as a
quadratic residue.
f p J t-r if p (mod4).
r)
s ot h a t l + f : r . r f p = 3 ( m o d 4 )t,h e np : 4 k * 3
f o rs o m e
i n t e g ef r .
lp )
Thus.
1-9{o-D/t: (-l)zk+t - -1.
( - ,^ l
sothat | | =-t. tr
Lp )
The following elegant result of Gauss provides
another criterion to
determine whether an integer a relatively prime to the prime
p is a quadratic
residueof p.
9 ,1 Qu adr at ic Res id u e s 293
(a ,p) : l. Ii s
Gauss' Lemma. LeI p be an odd prime and a an integer with
is the number of least positive residues modulo p of the integers
Q , 2 A , 3e,...,((p-D/Da that are greater than p/2, then the Legendresymbol
Irl
l-l= = (-l)'.
lp )
proof. Let u1, u2,...,1tsrepresent the least positive residues of the integers
a , 2 a , 3 o, . . . , ( ( p- D / D a th a t a re g re a te rth a n p /2 , and l et v 1, v2,...,v;be the
least positive residues of these integers that are less than p 12. Since
(,r ( b-l)/2, allof theseleastpositiveresidues
Qa,p): I forall 7 with t
arein theset 1,2,...,P l. -
W e w i l l s h o w t h a t p - u t , P - u 2 , . . . , P - u r , v 1 , v 2 , . ' . , vc1o m p r i s et h e s e t o f
integers 1,2,...,(p-D/2, in some order. To demonstratethis, it sufficesto
show that no two of these integers are congruent modulo p, since there are
exactly Q-l)/2 numbers in the set, and all are positiveintegersnot exceeding
(p-D/2.
It is clear that no two of the ai's are congruent modulo p and that no two
of the v;'s are congruentmodulo p;if a congruenceof either of thesetwo sorts
held, wb would have ma z na (mod p) where m and n are both positive
integers not exceeding Q-D12. Since p tr a, this implies that
7n - n (mod p) which is impossible.
(-t),a+:l (modp).
By multiplying both sidesby (-l)', we obtain
p-l
a 2 : (-t)'(modp).
p-tr)
Since Euler's criterion tells u s t h a t a 2 :
l i l ( m o dp ) , i t f o l l o w s t h a r
lp )
r)
l * | = ( - l ) ' ( m o pd ) ,
tp )
establishing
Gauss tr
that
: (-D+-tP/al
+ 2 - el
' 4 - = {p'-1)/8(mod
2).
Nowconsider
+ - b /ql. rf p I ( m o d8 ) , t h e np : 8 k + | for some
l'
integer k and
296
QuadraticResidues
d - - t p / + l : 4 k - l z t c + t / 4 1: 2 k = ( m o d
2 0 2);
if p :3 ( m od 8 ), th e n p : g k * 3 fo r
s o mei ntegerk, and
- b / q l : 4 k + I - t 2 * + 3 / 4 :1 2 k + l = ( m o d
+ I 2);
l f p = 5 (mod 8), then p : Bk f 5 for some integer
k, and
n-l
-tp/ql : 4k + 2 - [ztc+ S/4]:
T 2k +l = I (mod2);
Hence,(Z) : 1-1y(r,-r)/8.
p
From the computations
of the congruence
classof (pz_l) /g 2), w e see
,(mod
-,
l?): if
that l3l:l if p:+l(mod8), while
lp )
p = r 3 (mod8). tr
: [+]-[*):[+]
[+] :,
while
rt2
lvt : lg = | 3 | : t . s i n c e3 1 7= 9 ( m o d1 l ) .
|." L' lilJ
To evaluate
Iesl since 8e: -2 (mod13)' we have
lii l,
t3 = I (mod4), Theorem
t1l [U l. Because e.3
1 3 t
. L , lI J3
I
: t. Since 13 = -3 (mod 8), we see from Theorem 9.4
|
,n
Consequently,
., fql :_1.
[ ,, t
In the next section, we state and prove a theorem of fundamental
importance for the evaluation of Legendre symbols. This theorem is called
the law of quadratic reciProcitY.
The difference in the length of time needed to find primes and to factor is
the basis of the RSA cipher discussedin Chapter 7. This differenceis also the
basis of a method to "flip coins" electronically that was invented by Blum [821.
Results about quadratic residuesare used to developthis method.
Suppose Ihat n : pq, where p and q are distinct odd primes and suppose
t h a t t h e c o n g r u e n c ex 2 = a ( m o d n ) , O 1 a 1 t t , h a s a s o l u t i o nx : x 0 .
We show that there are exactly four incongruent solutions modulo n. To see
this, let xoExl(modp), 0(xt 1p, and let xoEx2(modq),
0 ( x2 < q. Then the congruence x2 = a (mod p) has exactly two
' and
i n co n gr uent s olut ion s , n a m e l y x z x ' (mo d p ) x = P -x1 (modp).
Similarly the congruence x2 : c (mod g) has exactly two incongruent
solutions,namely x 2 xz (mod q) and x = Q - x2 (mod g).
From the Chinese remainder theorem, there are exactly four incongruent
solutions of the congruencex2 = a (mod n) ; these four incongruent solutions
are the unique solutions modulo pq of the four sets of simultaneous
congruences
x (mod p) (iii) x = p - x 1 ( m o dp )
x (mod q) x z x z (mod q)
a nd
1 o Q + t ) / t 1:2 e Q + o / z: o e - D l z . a = a (modq).
x2 :860 = 36 (mod103)
and
x2:g60:4(modl07).
; : + 3 6 ( r o : + D / q - + 3 6 2 6 = + 6 (mod
103)
and
r = + 4Qo7+D/a
= t 427: * 2 (mod 107),
large primes p and q, with p = q = 3 (mod 4). Alice sendsBob the integer
n : pq. Bob picks, at random, a positive integer x less than n and sends to
Al i ce the int eger a w i th x 2 : a (m o d n ),0 ( a I n. A l i ce fi nds the four
so l u ti onsof x 2 = a ( mo d n ), n a me l yx , !, fr-x , a nd n-y. A l i ce pi cksone of
: 2* #
these four solutions and sends it to Bob. Note that since x + y t
0 ( m o d p ) a n d x + y = 0 ( m o d q ) , w e h a v e G + y , n ) : q , a n d s i m i larly
G+h -y) , n) : p. Th u s , i f B o b re c e i v e se i th e r y or n-y, he can rapi dl y
factor n by using the Euclidean algorithm to find one of the two prime factors
of n. On the other hand, if Bob receiveseither x or n-x, he has no way to
factor n in a reasonablelength of time.
Consequently,Bob wins the coin flip if he can factor n, whereas Alice wins
if Bob cannot factor n. From previous comments, we know that there is an
equal chance for Bob to receive a solution of x2 = a (mod n) that helps him
rapidly factor n, or a solution of x2 = a (mod r) that does not help him
factor n. Hence, the coin flip is fair.
9.1 Problems
a) 3 c)13
b)s d) te.
r.t
symbols
2 . Findt he v alueof t h e L e g e n d re : 1,2,3,4,5,and
6.
l + I,fo r7
b) u s i n gG a u s s ' l e m m a .
4. Let a and b be integers not divisible by the prime p. Show that there is either
one or three quadratic residuesamong the integers a, b , and ab .
lorl
t7l
7 . S h o w t h a t i f p i s p r i m e a n dp - 3 ( m o d 4 ) , t h e n
= (_t), (modp),
te_0/Zll
where I is the number of positive integers less
than p /2 that are quadratic
residuesof p.
i*l . l p ) i+l.
l p ) l+1.
:o
+If"'-pol
p ) "
[pJ
9 . Let p be prime and a a quadratic residue of p.
Show that if p = | (mod 4),
then -a is also a quadratic residue of p, whili it p = 3 (mod
i), th"n _a is a
quadratic nonresidueof p.
a) x2+ x*l=0(mod7)
b) x2+5x+l:0(mod7)
c) x2+3x+l=0(mod7).
il x E - F a n + l ( m o dp ) , i f p : 4 n * 3.
b) x E * 2 2 n + r o n +(rm o d p ) , i f p : g n * 5.
9.1 Ouadratic Residues 301
|4.Showthatifpisaprimeandp:8n*l,andrisaprimitiverootmodulop,
then the solutionsof x2 = I 2 (mod p) are given by
x E t (r1n t r ' ) ( m o dp ) ,
where the * sign in the first congruencecorrespondsto the + sign inside the
parenthesesin the secondcongruence.
16. Let p be an odd prime, e a positive integer, and a an integer relatively prime to
p.
Show that there are infinitely many primes of the form 4k * l. (Hint: Assume
t h a t p t , p 2 , . . . , p na r e t h e o n l y s u c h p r i m e s . F o r m N : 4 ( p p z " ' P ) 2 * l, and
show, using Theorem 9.3, that N has a prime factor of the form 4k * I that is
not one of p1,p2,...,pn.)
20. Show that there are infinitely many primes of the form
a) 8k-l b) 8&+r c) 8fr+5.
(Hint: For each part, assumethat there are only finitely many primes Pr,P2,...,Pn
of the particular form. For part (a) look at @ppz"'P)2 - 2, for part (b),
l o o ka t ( p r p r " ' p ) 2 * 2, and for part ( c ) , l o o ka t ( p p z " ' p , ) z + 4. In each
302
Quadratic Residues
'p >
-2 (.'. -' l
l / ( i + l ) l : _ , .'
t-"- [ p )
(Hint:Firstshow
thar : *n".r7-is
f+l [+l - " aninverse
of 7 modulo
I P J t P )
p).
32' Let p be an odd prime. Among pairs of consecutive
positive integers less than p,
let (RR), (RN), (NR), ano (Nu) denote the number
of pairs of two quadratic
9 .1 Q uadr at ic Res id u e s 303
il Show that
(RR) + (RN) :
lU-'-t-17{n-r\/21
(NR) + (NN) : -'*t-11{r-D/21
lb
(RD + (NR) :
l<n-r>'r
(RN) + (NN) :
lr-u
b) Using problem 30, show that
't
,il^ ( t(t+l)
l - + (NN)- (RN)- (NR): -r.
| : (no
t:' I P )
c) From parts (a) and (b), find (RD, (RN), (NR), and (NN).
b) 2 i s a p r i m i t i v er o o t o f q , i f p i s o f t h e f o r m 4 / < * I a n d Q : 2 p * l.
c) - 2 i s a p r i m i t i v er o o t o f q , i f p i s o f t h e f o r m 4 k - I a n d Q : 2 p * l.
35. Find the solutionsof x2 = 482 (mod 2773) (note that 2773:41'59).
b) Using the algorithm in the text for solving congruences of the type
x2 = a (mod n), together with part (a), show how to find a plaintext block
P from the correspondingciphertext block C. Explain why there are four
possible plaintext messages. (This ambiguity is a disadvantage of Rabin
ciphers.)
c) Using problem 35, decipher the ciphertext message 1819 0459 0803 that
w a s e n c i p h e r e du s i n g t h e R a b i n c i p h e r w i t h D - 3 a n d n : 4 7 ' 5 9 : 2 7 7 3 .
304
QuadraticResidues
lzlle_l_ eD-, .
tq ) lp )
9.2 The Law of Quadratic Reciprocity 305
I l"l t t p = t ( m o d 4 ) o r q = t ( m o d 4 ) ( o rb o t h )
[n-l:.lt'.o'.,
lq,| l-["I uo =q=3(mod4).
I tp J
followsthat
i:11
e . 2 , w e k n o w t. l I t t ' l
,;il1l;
lq \
1""""
r ;:il ;:.'il.":'_.
/\\ l",J: |.,, j:
t h a tl * l : t
I I/ J
Irooql lzol
lx ,l:t",l :[+]
[+]
By parts (ii) and (iii) of Theorem9.2.
lpl :lzri :l
123) [zr )- t
The law of quadratic reciprocity, part
and Theorem 9.4
tell us that
[' l-
IzrJ- ITj
(rtl : :t+] : -1
9 .2 T he Law of Q u a d ra ti c R e c i p ro c i ty 307
Likewise, using the law of quadratic reciprocity, Theorem 9.2, and Theorem
lul -: fll ::
|.r' ,| |.tt .|
lzl:
l3 J
:-[+):-'
consequently, :
[*]
(- \
Therefore,
l# I : t-r)(-l) : t
[,009 )
We now present one of the many possibleapproachesfor proving the law of
quadratic reciprocity. Gauss, who first proved this result, found eight different
what was facetiously
iroofs, and an article published a few years ago offered
ialled the l52nd proof of the law of quadratic reciprocity. Before presenting
the proof, we give a somewhat technical lemma, which we use in the proof of
this important law.
where
(P-r) /2
Tb,p)
j -r
where the remainder is one of the uj's or vj's. By adding the Q-l)/Z
equationsof this sort, we obtain
308
QuadraticResidues
@-D lz b-D /2 r
(e.3) ,
.Z ia:
r-'
a p f , i a / p* ilju: l i + i v 1j : l.
J-t
or equivalently,
sinceT(a,p) :t')'' Ija/pl,
i'l
. (p-t) /2
(a-l)
j: I j:r
Hence,
T(a,p) =s (mod2).
|,) (-t)'.
tLl:
tp )
Consequently, (-t)" : (-1)r6,e), it follows that
r)
lgl:1-1;r(a,r). g
lp )
Although Lemma 9.2 is usedprimarily as a tool in
the proof of the law of
quadraticreciprocity,it can alsobe usedto evaruate
Legend^resymbols.
Example.To find
|'+ I , usingLemma9.2, weevaluate
the sum
l'^ J
The Law of OuadraticReciprocity 309
5
1 7j / r r l : I 7l u l + t r 4 / r t l + I 2 r l t l l + [ 2 8 / l l ] + t 3 s / l 1 l
j-1
:0+ I + I +2+3:7.
(tl
H e n cle+,l : ( - l ) 7 : - 1 .
L" J
r )
to find I + t, wenotethat
Likewise,
l./ )
3
: lrrl7l + t22l7l+ l33l7l: 1 * 3 * 4 - 8,
) tr rilll
j:l
r)
s ot h a rt + | : ( - l ) 8 : l .
L/ )
Beforewe presenta proof of the law of quadraticreciprocitY,we use an
exampleto illustratethe methodof proof.
Let p : 7 and Q : ll. We consider pairs of integers k ,y) with
7-l :3 llll : 5 . T h e r ea r e 1 5 s u c hp a i r s ' W e
l(x<;:3andl(Y '- andI ( v < 2
:7y
note that no-n.of thesepairs satisfyllx : 7y, sincethe equalityllx
i.pfi"r that 1t l1y, so tirat eitherit I Z, whichis absurd,or 11 ly, whichis
impossiblebecauset ( y ( 5.
We dividethese15 pairs into two groups,dependingon the relativesizesof
llx and7y.
The pairs of integersG,y) with I ( x < 3, I ( y { 5, and llx > 7y
urc pr..isely thosepairs satisfyingI ( x ( 3 and 1 ( y ( 11xl7. For a
fixed integerx with 1 ( x ( 3, there are lttx/ll allowablevaluesof y.
Hence, the total number of pairs satisfying I ( x < 3, 1 ( / ( 5, and
llx ) 1y is
3
+ I33l7l: I * 3 + 4 : 8;
2 tt tlTl : ttt/tl + 122/71
j:1
(3,4)'
th e s eeight pair s ar e (l ,l ), (2 ,D , (2 ,2 ), (2 ,3 ), (3 ,1), (3,2), (3,3) and
The pairs of integers G,y) with I ( x < 3, I ( y ( 5, and llx 1 7y
*r. pr..isely those pairs satisfying I ( y ( 5 and 1 ( x 4 7y /tt. For a
fixed integer y with I ( y ( 5, there are lly/ttl allowable values of x.
Hence, the total number of pairs satisfying I ( x < 3, I ( y ( 5, and
llx ( 7y is
310 Quadratic Residues
5
ltj /ttl : Ij lrrl + [ t L l t r ] + [ 2 r / r t l+ I 2 8 l n] + [ 3 s l l1 ]
j-r
:0*l + 1+ 2*3:7.
Thesesevenpairs are (l,2) , ( 1 , 3 ) ,( 1 , 4 ) ,( 1 , 5 ) ,( 2 , 4 ) ,( 2 , 5 ) ,a n d ( 3 , 5 )
Consequently,we seethat
1l-1 35
7-l
1 5: ) t r r j l l l + > l t j l t l l : 8 * 7 .
T;:5'3: j-r j-r
Hence,
rr-l .7-l i,rrrr,r,* i, rtinl
(_t) 2 2:(_l);*' i-l
35
2lni/tl )Iti/rrl
(- I )i-' (- I )r-'
Z,'rj/tl
Since Lemma g.2 t e l l s rrs
.^ + L^+ | rr I
that : (-1;r-t and
17 |
'l 5t/
t-'rr-r
(t
: ( -.1. )I it-ttr,rw"et s e e t h a t lI t ll fl r r" l | : ( - t ) 2 2
l#l
r,'J [11J|.7 )
This establishesthe special case of the law of quadratic reciprocity when
p:7andq:ll.
We now prove the law of quadratic reciprocity, using the idea illustrated in
the example.
Q-t)t2
withl (x ( Q-D/2,t (v ( Q-D/2,andqx> Pvis Iqilpl'
?,
-l) 12,
We now considerthe pairs of integersG,il with 1 ( x ( b
1 ( y ( (q-D 12,and qx < py . These pairs are preciselythe pairs of
i n t e g l r sG , i l w i t h 1 ( y ( ( q - D / Z a n d 1 ( x 4 p y l q . H e n c e , f o r e a c h
-1) 12, there are exactly
fixed value of the integer y, where I ( y ( (q
lpy lql integers x satisfying I ( x 4 py lq. This shows that the total
(q-t)/z,
nurnu..of pairselil/r.g"rt (i,y) with I ( x ( b-D/2,1 (y (
andqx < py is
j- r
Adding the numbers of pairs in these classes,and recalling that the total
' = rt ' + ,w e
n u mb er of s uc h pair s ,, s e eth a t
')'' ,
j-|
hilpt*'ni'' ,r,,d:+'+
i-r
Hence,
p-l .q-r
22
1-11r{n'c): (-t)
,-t1rQ'il+r@,q): (- 11r(e'n)
Lemma 9.2 tellsus that 1-1yr(a,r): ["'l ."0 1-gr{o.o): [" .| H ence
lp J lq)
f lf \ P-t.q-l
lzll4l:(-t) 2 2
l . qJ l . pJ
This concludesthe proof of the law of quadratic reciprocity. n
The law of quadratic reciprocity has many applications. One use is to prove
the validity of the following primality test for Fermat numbers.
proof. We will first show that F* is prime if the congruencein the statement
of the theorem holds. Assume that
312 QuadraticResidues
3F.-l = I (modp),
and hence,
ordo3tr2''-': (F^-D/2,
since 3G^-t)/2 - -l (mod F*) . Hence, the only possibility is that
o 1do3: 22^ : F ^ - l . Si n c e o rd o 3 : F m-t ( p - I and p F*, we see
I
that p : F^, and consequently,F^ must be prime.
(e.5)
t*l:[+J
since F^ = | (mod 4) and F^ = 2 (m o d 3 ).
:[+]
Now, using Euler's criterion, we know that
(e.6)
t*l 3 G' -t)/' (-o d F-).
9.2 Problems
a, d) [-u]
[*] [ 6 4 r. J
u,[+l e) f:ul
l e e rJ
c,t*l Iros]
l*'l
prime, then
2. Using the law of quadratic reciprocity, show that if p is an odd
p = tl (mod 12)
[;]
:
{lii p = t 5 ( m o d 12 ) .
[-r I : ifp=t(mod6)
- t I
to show that if a primep dividesQ, then | ? |
t)l
314 Quadrati c R esi dues
9. In this problem, we give another proof of the law of quadratic reciprocity. Let p
and q be distinct odd primcs. Let R be the interior of the rectanglewith vertices
o: ( o , o )A, : b / 2 , 0 , B : Q / 2 , 0 ,a n dC : b / 2 , q / D .
a) Show that the number of lattice points (points with integer coordinates)in
R i, P-l .q-l
22
b) Show that there are no lattice points on the diagonalconnectingO and C.
c) Show that the number of lattice points in the triangle with verticesO, A, C
Q-D/2
is
i-l
d) Show that the number of lattice points in the triangle with verticesO, B,
Q_r)/2
and C is
j-l
j-t j-l
[.]
l, ,|
:
Ip\'p'; " ' p'; l:[*]'t;l lh)'Legendre
S on the right-hand side of the equality are
where the symbol
symbols.
: lz)'let:(-r)2(-r):-r'
['l: lzl :lil
l45,11."ij l;l
#l:[+*l:[+l[+l[+]:[+l[+l
and
-r
l*l
: : '-D2
t2(-'l):
[+]'[+l'[+]
When r is prime,the Jacobisymbolis the sameas the Legendresymbol'
the valueof the Jacobisymbol
However,whenn is composite, ' lq I Oott nor
lr)
tell us whether the congruencex2 = a (mod n) has solutions..,*. do know
- t To see
that if the congruencex2 = a (mod n) has solutions,then l* |
ln)
(modn) has
th i s, not e t hat if p i s a p ri me d i v i s o r o f n and i f x2 = a
solutions, then the congruencex2 = a (mod p) also has solutions. Thus,
r I f -l m ( ^ )t
: : l. To seethat it is possible
Ii | : t Consequently,
' | + I II | * I
lp).. ln) i-1lPi)
tl
g : a (mod n), let a : 2 and
that I | : 1 when there are no solutions to xz
ln )
n: t5.Nore
that[+l : : (-r)(-1): r. However,
thereare
t ^- r
t+.|
-
t J
t?l
l.) ,l
no solutionsto x2 i 2 (mod i S), rin* the congruencesx2 = 2 (mod 3) and
x2 = 2 (mod 5) have no solutions.
We now show that the Jacobi symbol enjoys some propertiessimilar to those
of the Legendresymbol.
316
QuadraticResidues
(i) if a: D (modn),then
ll: l*)
(ii) lol: l["]
I n )
fql
n ) ln )
r )- t
(iii) | | : t _ 1 1 h - D / z'
f tr )
/)
(iv) I Ll :1-1) (n':-r)/a
.
ln )
Proof- In the proof of all four parts of this theorem we use the prime
factorizationn : p\,p'i . . p';.
[+):l*)"[#]" l*)'-
: [;]"l*)"
{t)" "
[*] l*)'-
l*)''
:
[;] [*]
317
9 .3 The J ac obi s Y m b o l
f-r I l'-rl"l-r
'l"
. [-' ]"
l-l: ll_ l"'rll
ln,| LP,)lPrJ tP^)
t'(p'-t)/Z + '" + t^(p^-r)/2
: (- ,1tJn;t\/2+
and
I + tiQl-t) + tibi-l) ( m o d4 ) .
(l + r,(pi-l))(r + r, Qi-D):
Therefore,
n = 1+ tlpr-t) + t2(p2-i + '''+ t^(p^-l) ( m o d4 ) '
Th i s i m pliest hat
+
Q-D/2 = tJprD12 * tz(pz-D12 + t^(p*-D12 (mod2) .
for
for (n-1) lZ wittttheexpression
this congruence
r' 'no*t
Combining
l+J
/)n-l
-'
rlr-
2
that | | : (-l)
l,r )
r)
Proofof ( i i l .If p i s p r i m e t
, h e n : ( - 1 ; ( r ' l - r ) /'8H e n c e '
l+l
lp)
+t^Qi-r\tt
Izl : Il" [z] t+'lt : (_l),,bi_t,tts+t,gt-r)/8+
L,J lp'J lp,) lp^)
As in the proof of (iii), we note that
n 2: ( r + ( p ? - r ) 0" + @ ? - l ) ) "" ' ( t + b T - l ) ) " .
318
QuadraticResidues
n2:t+tJp?-D+tze?-D+ + t ^ ( p T - l ) ( m o d6 4 ) .
This implies that
( n 2 - t ) / 8 : t J p ? - D / B+ t z e ? - D / s + . . . +
t * ( p 3 , _ l ) / (8m o ds ) .
and
lr):,4
tt)':,q,s w)'"'
l*): t
IIl;l
j-t I'J
( n l4/
I )
s
:rtrt
j-t
r
i-t It)"''
Thus,
319
9.3 The Jacobi symbol
l+l[*]:,g
,sti*lt q'l 10tu'
h) l
From the law of quadratic reciProcity, we know th at
[ o , - ,f n,-,
1 I
Hence,
t*ltr) :(-rllrj lr
t-)
l
|^) [ , I r
f| ff(-l)
( ' r \ "): (-l)'-'l-' \ /
[7Jl;): t-l j-l
We note that
",1+l
t,p, :z",1+]
',[+] ,.a''t+]
As we demonstratedin the proof of Theorem 9.5 (iii),
Doif+] =* (mod2)
j-t(o)z
and
5u,[+]= n-l
2
(m od 2).
Thus,
r s
(e.8) ^fr,-tl ^[Qr-tl =.-l +(mod2).
i-t i-r J \
l Lnl l a l : ( _ r ) 2 2 tr
I )lm )
Ro: Rflr+2t'R2,,
Rr: Rzez+2"'R3
*r: Rflt+2"Ra
i+l:[+]
:
Proof. From the first equation and (i), (ii) and (iv) of Theorem 9.5. we have
fgl- : (-1)
la,|-
321
9 .3 The J ac obi s y m b o l
we have
using Theorem9.6,the reciprocitylaw for Jacobisymbols,
t*l +
:'-')+ t#l
so that
R,-l R,-l ni-t-
f ^ I [ n, I
l+l:(-r)T
LDJ IR,J
lgl
^,
:,-,rT
'/ ry*n#i+l
[ ,| 1R;+rJ
for l+ I tr
expression
'
[b ,l
The followingexampleillustratesthe useof Theorem9.7.
Corollary 9.1. Let a and D relatively prime positive integers with a > b '
,,be
O(loezb)3) bit
Then the Jacobi symbol
" l+ | can be evaluated using
lb)
operations.
rt
of O1ogzb)
a sequence
Proof. To find lf I uting Theorem9.7,we perform
t . DJ
divisions. To see this, note that the number of divisions does not exceed the
number of divisions needed to find G,b) using the Euclidean algorithm.
Thus, by Lam6's theorem we know that O (log2b) divisions are needed. Each
322
QuadraticResidues
9.3 Problems
I. Evaluatethe followingJacobisymbols
a, t+] b, [*]
b, [*] , lx)
c,[*] 'tml
2 . For which positive integers n that are relatively to 15 does the Jacobi
symbor equar
r?
t*l
3 . For which positive integers n that are relatively to 30 does the Jacobi
symbor equar
r?
|.+l
4 . Let a and b be relatively prime integers such that b is odd and positive
and
a : (-l)'2'q where q is odd. Show that
["1
b-l br-l
+
: (-l)--'r l-''
lb )
5. Let n be an odd square-free.,
positive integer. Show that there is an integer a
that(a,n): I and
such : -t
l;,J
323
9 .3 Th e J ac obi s Y m b o l
with
where q; is a nonnegative even integol, €; : t l, r; iS a positive integer
ri 1 ri t, for t : 1,2,...,frj , and rn : l. These equations are obtained by
successivelyusing the modified division algorithm given in problem l0 of Section
t.2.
f^'l
a) Show that the Jacobi symbol
- |* I i, given by
l . DJ
f"l :(-l)[
l++*++:.
t 2 2 2
*t-f'+l
2 2 )
Irl
b) Showthat the Jacobisymbol [+.| t, givenbv
lD )
t'^l
l+ | : (-r)r'
lb;
w h e r e T i s t h e n u m b e r o f i n t e g e r si , I < , ( n, with ri-r 7 ciri = 3
(mod 4).
8. Show that if a and b are odd integers and (a,b): l, then the following
reciprocity law holds for the Jacobi symbol:
I a-t b-t
ira<oandb<o
( b l -:l - ( - r ) ; - ;
" lt a-'b-'
' ) \ll;l-J
lr;l-l '--'J l,_ 2 otherwise.
[(-l)2
324
QuadraticResidues
l")
ttt:
\l i' ifa=l(mod8)
-lifa=5(mod8).
a, b, c,
[*] [*] [*]
l0' Showthat
("1: ( z l "
it zla, wherethe svmbolon the right is a Jacobi
[;] tftl
symbol.
l;J tTrll
1 3 . Show that if tt1 and ,? uti positive.,integers relatively prime to a and
flt 7 nz (mod I a l ) , t h e n lsl: lLl.
f't ,J lnz)
Show that if alo, then there exists a positive integer n with ,l
-t-
n)
325
9 .4 Euler P s eudopr i me s
6b-t)lz _ l4l(modp).
lp )
Hence, if we wish to test the positive integer n for primality, we can take an
integer b, with (b , il : l, and determinewhether
r,'l
6 h - D / 2: l g I ( m o dn ) ,
ln )
__ ql ,_"d n),
6h_D/2f
l" )
where 6 is a positive integer is called an Euler pseudoprime
to the baseb.
An Euler pseudoprime to the base b is a composite
integer that
masqueradesas a prime by satisfying the congruencegiven in
the definition.
E x a m p l e .L e t n : 1 1 0 5 andb:2. w e c a l c u l a t e t h a t 2 s . s 2 -I ( m o dl l 0 5 ) .
Since '1105= I (mod8), we see that : t.
- Hence,
l+]
r I l l l o s )
--
2552 I +1105| (-oa l 105). BecauseI r05 is composite, it is an Euler
l- ,l
pseudoprime to the base2.
- al (mod
6G-t)/2 n).
f
ln )
Hence, by squaring both sidesof this congruence,we find that
( \2
1 6 b - D / 2 1 2l -q l (modz).
lr)
(. )
S i n c el g l : t l , w e s e et h a t = I (mod n ). This means that n
l, )
pseudoprime
to the baseD. tr
Not every pseudoprimeis an Euler pseudoprime. For example, the integer
341 is not an Euler pseudoprime to the base 2, as we have shown. but is a
pseudoprimeto this base.
b, then n is an Euler
Theorem 9.8. lf n is a strong pseudoprimeto the base
pseudoprimeto this base .
if n - | : 2't '
Proof. Let n be a strong pseudoprime to the base b. Then
: = -1 (mod n) where
where / is odd, eithe-r bt I (mod n) or b2"
of n '
0 ( r ( s - 1. Let n: fI p i ' b e th e p ri m e -p o w e rf actori zati on
f:l
prime divisor of
First, consider the case where b' = I (mod n)' Let p be a
i s odd, w e see
n . Si nc e b, = l( m od p ), w e k n o w th a t o rd o 6 l r. B ecauser
an odd divisor
that ordob is also odd. Hence, ordrb I b-l)12,since ordob is
-1.
of the even integer 6Q) - p Therefore,
6 Q - r ) / 2= I ( m o d P ) '
fal : t
by Euler'scriterion, we have
Consequently,
|-;j
lil:'
r\
To computethe Jacobisymbol I + I' we notethat for all primes
ln )
p dividingn. Hence,
:
lnl -ft Illo':r.
Inr l+] =tI P ' J
lfrrl
: (b')2' = I (mod n). Therefore,
Since bt =1 (mod n), we know that b'-r
we have
|r
b,-t:[a[=t(modn).
ln )
We conclude that n is an Euler pseudoprimeto the base b.
Next. consider the casewhere
6rt : -l (modn)
b2"', = l (modp).
we have
r\
I A | = 6Q-D/z : 66rd,b/z)((p-D/ord,b)
lp )
- (- r!Q-l)/otd,u : (-11Q-r)/2*', (mod p).
Therefore.
m
t2'-t : h-D/2 ) r s Z/ a ; d i ( m o d 2 ' + t ) .
i-l
329
9.4 EulerPseudoprimes
and
2 o'd'
66-r\/2 : (6rt7z:-'- :
(9.10) (-t)'.* : (-1)t-t (mod n).
- [ql
6(n-t)/z (m o d n ).
ln)
Consequently,n is an Euler pseudoprimeto the base D' tr
while
2 0 t 0 s - r ) / 2: 222 7 6 : 7gl + t 1 (mod ll05).
- ql (mod
bt : 6..'-t)/2 f n).
ln )
r\
tbl :
Drnce l- | +1, we know that either bt = l (mod
n) or
ln )
b' = -l (modn). Hence,oneof the congruences
in the definitionof a strong
pseudoprimeto the base b must hold. consequently,
n is a strong
pseudoprimeto the baseb. tr
-
br-,t: 6,.'-r)/2 fa l (modn).
ln)
r)
B u t s i n c el 4 I : - t , w e s e et h a t
ln)
b ' r-' = -l (m o d r).
Then,
6 h - t ) / 2= 1 ( m o d n )
a=b(modq1)
a : - | ( m o d Q z Q s .. . q , ) .
Then, we observethat
o.r2) o G - 1 ) / 2- 6b-D/z: _ l ( m o dq 1 ) ,
while
(e.13) = I (mod ezQt...Q,).
o(n-r)/Z
From congruences O . l D a n d ( 9 . 1 3 ) ,w e s e et h a t
o h _ t ) / 2* + 1(modn),
6".-t)/2:|,aj : I (modn)
l, )
for all D with I < b ( n and (b,n) : r. However, Lemma
9.3 tells us that
this is impossible. Hence, the original assumption is false. There
must be at
l e as tone int eger6 w i th | < b 1 fl , (b ,,D : l , and
|r
6G-D/z1 l4 | (modn). tr
ln )
We can now state and prove the theorem that the basis of the
probabilistic primality test.
9.4 Euler Pseudoprimes 333
(s.rq ql (mod
n).
6b-r)/2
l f
lnJ
Now, let e1,e2,...,e^denote the positive integers less than n satisfying
1 ( a ; ( n, ( ai, n) : l , a n d
r)
(e.ls) -
afn-rtrzlLl (mod
n),
In )
for; : 1,2,...,m.
Let rr{2,...,rm be the least positive residuesof the integers bayba2,...,ba^
modulo n. We note that the integers rj are distinct and (ri,n): I for
j : 1,Z,...,frt.Furthermore,
(e.16) , ( n - , ) t 2 1 ( m ond) .
[+]
For, if it were true that
,e-,)/2- (mod
n),
[+]
then we would have
-
$a)(n-,)/2
l+l r-"0,r
This would imply that,
: t+l
6h-t)/2o(n-t)/2
I r 1J [+] (mod n ),
_ fqI
6."-t\/2
l, )'
c ont r adic t ing( 9 .1 4 ).
6Q-t)/2 (modn)
t+]
If any of these congruencesfails, then n is composite. If n
is prime then all
these congruences hold. If n is composite, the probability
that all k
congruenceshold is less than l/2k. Therefore, if n passesthis test
n is ,,almost
certainly prime."
Since every strong pseudoprime to the base b is an Euler pseudoprime
to
this base, more composite integers pass the Solovay-Strassenprobabilistic
primality test than the Rabin probabilistic primality test,
altirough both
require O(kQag2n)3) bit operations.
9.4 Problems
6. Show that if n = 5 (mod 12) and n is an Euler pseudoprimeto the base 3, then
n is a strong pseudoprimeto the base 3.
9.4 ComputerProjects
Write programsto do the following:
Determine if an integer passesthe test for Euler pseudoprimesto the base b.
10.1 DecimalFractions
In this chapter, we will discuss rational and irrational numbers
and their
representationsas decimal fractions and continued fractions.
we begin with
definitions.
denominatcr different
is rational, since it is the quotient of two integers with
from zeto. D
We start by
The next two results show that certain numbers are irrational'
considering ,/T
prime integers
Proof. Suppose that .,,6 : a lb, where c and b are relatively
with b I 0. Then, we have
2: a2lb2,
so that
2b2 : a2.
b2:2c2.
6. H ow ever,
He n c e, 21b, , and b y p ro b l e m 3 l o f Se c ti o n2 .3 ,2 al so di vi des
since G,b)':1, we^know that 2 c a n n o t d i v i d e b o t h a a nd b' This
contradiction shows that .6 is irrational' B
it
We can also use the following more general result to show that .6
irrational.
* cnlxn-t *
Theorem 10.2. Let o( be a root of the polynomial x'
* cp * cs where the coefficientsca, ct,...,cn-r,are integerswith cs * 0.
Then a is either an integer or an irrational number'
and b
Proof. Supposethat a is rational. Then we can write ot: alb whete a
338 DecimafFractionsand ContinuedFractions
an + cn_pn-tb + * c p b o - r + c s b n: 0 .
Since
' '!n',*n',
x,'-::'il^:,,;;'i-. ,,n*'u* * , u'^o!,',
u"rli-"
o;ui,
orp
Since p I b and b I an , we know that p
I a, Hence, by problem 3l of
Sec t ion 2. 3, w: s e e th a t p l a . H o w i v e r, si nce (a, b) : l , thi s i s a
contradiction which shows that b : t 1. Consequently,
if a is rational then
d : * o, so that a must be an integer. tr
r: ; ci/bi
j-r
< t. Then
Theorem 10.4. Lets and r be real nurnberswith lr[
V o r i: a / 0 - ' ) .
j-0
l et
so th a t 0 ( c r ( b_ 1 , s i n c e0 < b 7 < b . In a d di ti on,
^ fr : b l - c r : b ^ Y- l b l l '
sothat0(?r(land
c1 , 7l
^Y: 1 '
b b
and
nlk-t:+.+'
(b-t, s i n c e0 ( b z t - r 1 b , and 0(rt < I' Then'
so that 0(cr
follows that
C1 C"t Cn
7:T* * +^Y,
Ur* n, b,
7: lim
n<6
6
')
: r,
.{,t "J
j:l
so that
(10.3)
j:k+t j-k+l
l lLK+l
:(b-l) "u ,
| _ t/b
: l / b k,
The unique expansion of a real number in the form ). c1/bi is called the
J-t
base b expansionof this number and is denotedby kp2ca..)6.
To find the base b expansion(.cp2ca..)6 of a real number 7, wo can use
the recursive formula for the digits given in the proof of Theorem 10.3,
namely
ck : lbt*-J , ^ fk : b y * -t - l bl t -J ,
cs:[8'?t:t, ^ys-s I
+-s: T,
and so on. We see that the expansionrepeatsand hence,
t/6 : (1 2 5 2 5 2 5 ..)8.
d: (c 1c2...c)6 .
Then
Q:
b'
Conversely,supposethat 0 ( a ( l, and
a: rfs .
bNot:b*r/t:er,
: (.00...a
m o m - t . . . a , a s )y .
and
| /7 : (.t+ztst 142857142857..) rc'
if there are
Definition. A base b expansion (.cp2ca..)6 is called periodic
: cn for n 7 N '
positive integers N and k such that cn11
Wedenoteby(cp2...cv1-,']]-"*1-')6theperiodicbaseb expanslon
(.cp 2...c7,1- "') a' For instance'we have
t -( t t...cN+t-rc.nv
rclr...cry+
r/3 : (.J)_.,0 ,
7 1 6: ( . 1 6r)o,
and
ll7 : (.taxsz)ro.
begin
Note that the periodic parts of the decimal expansionsof 1/3 and l/7
proceeds the
immediately, while in the decimal expansion of l/6 the digit I
periodic base b
periodic pirt of the expansion. We call the part of a
periodic part
L*punsion preceding the periodic part the pre-period, and the
thi period, where we take the period to have minimal possiblelength'
The next theorem tells us that the rational numbers are those real numbers
gives
with periodic or terminating base b expansions. Moreover, the theorem
the lengths of the pre-period and periods of base b expansions of rational
numbers.
b62
C1 C';
I-J-
b62
(r0.5) ar c
i:n*i,
where A and C are integers with
(10.6) b'#: Q u+ t )c
U
+t,
where/ is an integer, since b' = | (mod U). However, we also have
+ c' * al.
(- (t
(10.7) b'+:b'l]+ -C+j
U LA 62 b'b')
o'
where(cp2ca...)6is the baseb expansion that
t,so
c k : l b l t -J , ^ y k- b ' y t -r - l bl * -J
C : 1 , 2 , 3 , . . . . F r o m ( 1 0 . 7 )w e s e et h a t
where To :
T, f o r k
(-(
(10.8) b' *: l r , b u - t+ c 2 b ' - z+ * r"] t ru.
U\
( T, ( l,
Equatingthe fractionalparts of (10.6) and (tO.S),notingthat 0
we find that
C 4 t : -
Iv
u'
ConsequentlY,we seethat
^Yv:
": t'
so that from the recursivedefinition of c1,c2,...we can concludeIhzt cpau: c1,
for k : 1,2,3,.,.. Hence nuta periodic baseb expansion
$
c - (n-rcr-Q6.
U
Combining (tO.+) and (10.5), and inserting the base b expansionsof A and
9. *. huu,
U'
(ro.s) bNa : ( a n a n - 1 . . . a t a o. c p 2 . . . c v 6) .
(where we have shifted the decimal point in the base b expansion of brya N
346 D e c i ma l F ra c ti ons and C onti nued Fracti ons
:
C1
b
*;*
Ct
*#*(*)la. , cM+k
-;m
k f t M - t + c2 b M - 2 q +cM)(bk-t) + Gyar6k-t+ f cTaap)
bM (bk -t)
S i n c eq . : r f s , w i t h ( r , s ) : l , w e s e et h a t s l b M $ k _ D . C o n s e q u e n t l y ,
TlbM
uTd ul(tk-o. H e n c e , M > N , a n d v l k ( f r o m T h e o r e mg . l , s i n c e
bk = I (mod tD and v : ord,ub). Therefore,'the pre-period
length cannot be
less than ,^/ and the period length cannot be less than v. D
o r: . 1 0 1 0 0 1 0 0 0 1 0 0 0 0 . . . ,
10.1 Problems
3. Show that
a) log23 is irrational.
which
b) logob is irrational, where p is a prime and b is a positive integer
is not a Power of P -
rational or
4 . show that the sum of two irrational numbers can be either
irrational.
either rational or
5. Show that the product of two irrational numbers can be
irrational.
a) 2/5 d) 8lrs
b) slt2 e) lllll
c) r2113 f) 1/1001.
a) rl3 d) r16
b) rl4 e) rlrz
c) rls f) r122.
a) .rz b) .i c) n.
348 D e c i ma l F ra c t i ons and C onti nued Fracti ons
il 7/t2 d) rc/23
b) tt/30 e) B/s6
c) t/7s f) t/6t.
12' Find the pre'period and period lengths of the
base 12 expansions of the
following rational numbers
a) t/+ d) s/24
b) r/B e) 17h32
c) 7/ro f) 7860.
13' Let b be a positiveinteger.Showthat the period
lengthof the base6
of l/m is m - I if andonlyif z is piimeand, i, primitiveroot
expansion
of m. "
14. For which primesp doesthe decimalexpansion
of l/p haveperiodlengthof
a)l d)4
b)2 e)5
c)3 f) 6?
a) r/(b-r) b) r/6+D .
16. Showthat the baseD expansion of t/G-1)z;, 1.9ffirJp1;u.
17. Showthat the real numberwith base6 expansion
(otzt.,.o-tlol rr2..)t,
+.#.#.#.#
349
1 O.1 Dec im al F r ac t i o n s
one.
is irrational, whenever D is a positive integer larger than
integers greater than one'
r9. Let byb2,fur... !s an infinite sequence of positive
Show that every real number can be represented as
,o*?.#+#;+,
( ct ( bp for k : I'2'3'""
where cs,c1,cz,c!,...are integers such that 0
of the type
b) show that every rational number has a terminating expansion
describedin Part (a).
llp is ('t,tr'-oJ"
Zl. Supposethat p is a prime and the base b expansionof
base b expansion of llp is p - l. show that
so that the period length of the
( p, then.
if z is a positive integer with I ( ln
m /p : (.cya1...coac
( 2...c1sacP)
6'
2 2. Show that if p is prime and l/p - ('ffi)6 has an even period length'
k :2t, thenci * ci+t: b-l f o r . , ;:r 1 , 2 , " ' , t
whete h and' k
2 3 . The Farey series Fn of order n is the set of fractions hlk
are integers,0 ( ft < k ( n, and
(h,k): 1, in ascendingorder' Here, we
include 0 and I in the forms i and I respectively' For instance, the Farey
I
seriesof order 4 is
0l112 3l
T ' T , T ' T ' 7 , 7 ,T
a) Find the Farey series of order 7.
b) Show that if a/b and c/d are successiveterms of a Farey series' then
bd - ac :1.
c) Show that if a/b, c/d, and e/f are successiveterms of a Farey series,
then
c a*e
7- E7'
3so DecimalFractions and ContinuedFractions
d) Show that if a/b and, c/d are successiveterms of the Farey series of
ordern, then b*d ) n.
l0.l ComputerProjects
Write computerprogramsto do the following:
I' Find the base 6 expansionof a rational number, where
b is a positive integer.
2' Find the numerator and denominator of a rational
number in lowesr rerms
from its base b expansion.
62:2.23 + lG
2 3 : l . 1 6+ 7
1 6: 2 - 7 + 2
7:3-2 + l.
62 :2+ 1
23 23116
:2+ t
I
r '- L :
I
rc17
I
:2*
1+h
I
:2*
1+
2++-
3*;
of the form
. A finite continuedfraction is an expression
Definition
I
aot
atl
ctz *
1
+-
a n - rt L
an
where Qg,a1,a2,...,anale real numbers with Q1,Q2,Q3',"'' an positive' The real
numbers ej,a2,...,Q'nare called lhe partial quotients of the continued fraction'
The continued fraction is called simple if the real numbers as,c r,..., an are all
integers.
we use the
Because it is cumbersome to fully write out continued fractions,
to represent the continued fraction in the above
notation Lso;a1,e2,...,Ctn|
definition.
a
We will now show that every finite simple continued fraction represents
we will demonstrate that every rational number can
rational number. Later
be expressedas a finite simple continued fraction'
352 DecimalFractions and ContinuedFractions
I *aoar*l
[ao;arl:oo+
al og
[ a g . a 1 , . . . , a k +: t la g +
Ia;a2,..., a1r.a1ra1l
l a o ; a 1 , . . . ,a k , o k + t l : a g +
I agr*S
r/s
:
ln-3 : fn'ZQn-Z* fr-t 0(rn-11tn-z,
fn-Z: fn-1Qn-1*fn 0(rnlrn-t
fn-l : tnQn
Writing these
In the above equations 4z,Qt,.",Qn are positive integers.
equations in fractional form we have
lo tt I
L: : Qr*;:qt+
b /1 6
tt: . 13 I
q2+;:Q2.Trt
r2
rZ: ta, I
r3
nr*;:et* rrt^
ln-3 tn-l -L - I
: : -t
Qn-2
rn-2 tn-2 rn-2/rn-t
ln-2: ,n
- L : - nq- -n.-+l 4- , n - r , / r ,
Qn-l t
rn-l' ;
fn-l
: ,QN
rn
first equation'
Substitutingthe value of r1/r2from the secondequation into the
we obtain
al
(l 0.10)
T:4tt , t
4z r
,rlry
into (10.10)
Similarly, substituting the value of r2fr3 from the third equation
we obtain
3 54 DecimalFractionsand ContinuedFractions
c
Qr*
b
Qz*
Q t *+rilrt
Continuing in this manner, we find that
q ' t+ I
T:
Qz*
Qt*
,l
* Qn-t
Qn
Hence q n l . T h i s s h o w s t h a t e v e r yrational number can
t:rnriQz,..., be
written as a finite simple continuedfraction. !
an : Gn-l) +
we seethat
whenevera, ) L
Example. We have
1
: [ o ;I , l , l , 3 1: [ o ; l, l , l , 2 ,I ] .
#I I
by Ct '
[ao;a1,e2,...,Qnl The kth convergentis denoted
the convergentsof
In our subsequentwork, we will need some properties of
these properties, starting with a
a continued fraction. We now develop
formula for the convergents.
Po: aO Qo: I
Pt : a s o l * l q1: ar
and
apQt-t t q*-z
P * : o k P k - t t P*-z Qk:
: 0
proof. we will prove this theorem using mathematical induction. For k
we have
Co: lael : asll : Polqo.
For k : l, we seethat
aoat*l
:Pt
Cr : l a o ;a 1 l : a s + ! :
a1 a1 Qt
real
Becauseof the way in which the p;'s and 4y's are defined, we see that the
quotients
numbers p*-r,p*-z,Qk-1, and Q*-z depend only on the partial
by
e0,er,...,ak-r . Conr"quently, we can replace the real number ap
a* * lla*+t in (t0'l I), to obtain
3s6 D e c i ma l F ra c ti ons and C onti nued Fracti ons
C t + r : [ a g ; a t , . . . , o k , o k +: r l
I a o : a 1 , . .(. t, k _ t , o k+ ! l
ap
+l P*-r t p*-z
ok+t
["^
.
l"r *)nr-,*q*-z
_ o * + Pt * P * -r
a * + fi * * q* -r
_ P*+t
Q*+t
Po: 3 Qo: I
Pt:3'6+l: 19 Ql:6
Pz: l'19+3:22 Qz: l'6*l : 7
P t : 7 ' 2 2 + 1 9: 1 7 3 4 3- 7 ' 7 + 6 : 5 5 .
Hence, the convergentsof the abovecontinuedfraction are
Co : po/qo: 3/l : 3
Ct:Pt/qt:19/6
C z : p z /q z : 2 2 /7
Ct: pJqt: 173/55.
For k : I we
Proof. We use mathematical induction to prove the theorem'
have
(asal+l)'l - asat: l'
PtQo-PoT1:
Then, we have
- (a rr+ rp t* p r-)q r, - P* (arrttQ* * Qr-)
Pt+rQt P * Q t+ t
- - (-l)k-t: (-1)k'
Pt-tQt Ptq*-t:
Corollary 10.1. Let C*: p*lqr, be the kth convergent of the simple
where the integersPt and qp are as definedin
continuedfraction las;ar,...,8211,
Theorem 10.9. Then the integersPr, and qy are relatively prime.
Therefore,d : l. B
3s8 D e c i m a l F ra cti ons and C onti nued Fracti ons
we als o hav e th e fo i l o w i n gu s e fu rc o ro i l a ry
of Theorem r0.10.
^ alrG)k
Cp- -x-2:
QtQt-z
Pr oof . F r om T h e o re m 1 0 .1 0w e k n o w th a t p l r Q* _t-
Q* pr_r: (_l )k-l
W e obt ain t he f i rs t i d e n ti tv .
nr
''n pr_r (_t)k-l
Ck - Cft-r : -
Qr Qt-r QtQ*_r
r .t - r- L k - z : -
L -Pt' Pt'-z:- P*Qr-z-P*-zQ*
Q* Q*-z Q*Q *-z
a1,GDk
Cp - Ck-z:
Q*4 tr-z
theorem w hi ch i s useful
Usi n g c or ollar y 10 .2 w e c a n p ro v e th e fo l l o w i ng
when developinginfinite continued fractions'
C1r-C*-z:#'
we know that
Cp 1 C*-z
wh e n k is odd, and
C* ) C*-z
wh e n k is ev en. Hen c e
Ct 7 Ct ) Cs
and
Co ( Cz 1 Cq 1
so th at Cz ^- t 7 Cz ^ . T o c o m p a reC 2 1 ,a n d C ri -r , w e seethat
Czj-r) Crj*z*-l > Crj*ro ) Cz*'
-numbered
so that every odd-numberedconvergentis greater than every even
convergent. tr
360 D e c i ma l F ra c ti ons and C onti nued Fracti ons
Co- 2/l-2
C1 - 7/3:2.3333...
Cz- 9/4:2.25
C: : 16/7:2.2857...
C+: 4l/lS:2.2777...
Cs : ftA /7 9 : 2 . 2784....
We seethat
10.2 Problems
l' Find the rational number, expressedin lowest terms, representedby each
of the
following simple continued fractions
a) IZ;ll e) [ r ;r ]
b) [t;z,z] f) [ l ;l , l ]
c) [0;5,0] e) [ I ; t , l, l ]
d) 5 , 1]
[3;7,1 h) [ l; I ,l ,l,l ].
2' Find the simple continued fraction expansion not terminating with the partial
quotient one, of each of the following rational numbers
il 6/s d) slsss
b) 22t7 e) -4311001
c) t9/29 f) 873/4867.
Let up denote the kth Fibonaccci number. Find the simple continued fraction,
terminating with the partial quotient of one, of u1,-,1fup,where ft is a positive
lnteger.
5. Show that if the simple continued fraction expressionof the rational number
a , a . ) 1 , i s [ a 6 ; a t , . . . , a kthen
l, the simple continued fraction expressionof l/a is
l};a o,ar,...,a k'l.
6. S h o w t h a t i f a e * 0, then
361
1O.3 InfiniteContinuedFractions
: I o o i a * - t ., - . , a 1 , a s l
P*/p*-r
and
q* / q tr-r: I'au:ar-r,"',a2,a11,
8 . Show that every rational number has exactly two finite simple continued fraction
expansions.
be the simple continued fraction expansion of rls where
9 . Let lao;ar,a2,...,a211
(r,s): I and r)l Show that this continued fraction is symmetric, i'e.
o s : a 2 1 t a t a n - t d 2 : a n - 2 , . .i.f, a n d o n l y i f s l ( r 2 + t ) i f n i s o d d a n d s l ( r 2 - t ) i f
:
n is even. (Hint: Use problem 6 and Theorem 10.10).
10. Explain how finite continued fractions for rational numbers, with both plus and
minus signs allowed, can be generated from the division algorithm given in
problem 14 of section1.2'
10.3 InfiniteContinuedFractions
.
Supposethat we have an infinite sequenceof positive integersQo,Qt,ay,...
How can we define the infinite continued fraction Las,at,a2,...l? To make
sense of infinite continued fractions, we need a result from mathematical
analysis. We state the result below, and refer the reader to a mathematical
analysisbook, such as Rudin lezl, for a proof.
Theorem ll.l2. Let xs,x r,x2,... be a Sequenceof real numbers Such that
xo ( x r ( x z ( . . . a n d x 7 , < u fo r k : 0 ,1 ,2 ,... for somereal number u, or
x o 2 x r 2 x z 7 . . . a n d x t 2 L f o r k : 0 , 1 , 2 , . . . f o r s o m er e a l n u m b e rl .
362 D e c i ma l F ra cti ons and C onti nued Fracti ons
14to:"'
Theorem 10'12 tells us that the terms of an infinite
sequencetend to a limit
in two specialsituations,when the terms of the sequence
are increasingand all
less than an upper bound, and when the terms of the
sequenceare decreasing
and all are greater than a lower bound.
J4to:"'
Before proving Theorem l0.l 3 we note that the limit a described in
the
statement of the theorem is called the value of the infinite simple continued
fraction [as;at,o2,...1.
To prove Theorem 10.13, we will show that the infinite sequenceof even-
numbered convergents is increasing and has an upper bound and that the
infinite sequenceof odd-numbered convergentsis decreasingand has a lower
bound. We then show that the limits of these two sequences,guaranteedto
exist by Theorem 10.12,are in fact equal.
W e now will p ro v eT h e o re m 1 0 .1 3 .
cr ) ct) cs ) ) C^-t
ca1cz1cq1 1C^,
and czi ) Cz**t for all positive integers j and k. we see that the
hypothesesof Theorem rc.12 are satisfied for each of the two sequences
C 1, C3, C2, . . and
. C s ,C z ,C 4 ,.... H e n c e , th e sequenceC 1,C 3,C 5,...tends to a
363
1O.3 lnfinite Continued Fractions
a2 ' i'e'
limit d1 and the sequenceCs,C2,C4,"' tends to a limit
: dr
)i*c"*r
and
: o(2'
)*c"
Using
Our goal is to show that these two limits a1 and oQ are equal'
Corollary 10.2 we have
(-l)(z'+tl-t
C z n +-r C
* zt n
n
: lzn*t - Pzn -
Qzn+t Qzn Qzn+lQz, Qzn+lQzn
and hence
Czn*t - Cz,
Qzn+tQzn
Therefore ayr: aq, z11dwe conclude that all the convergentstend to the limit
d : (rr : dz. This finishesthe proof of the theorem' D
Previously, we showed that rational numbers have finite simple continued
fractions. Next, we will show that the value of any infinite simple continued
fraction is irrational.
Cr : pr/qp : [ a o ; at , . . . , a k l
I
Czn*t - C2n : '
4zn+tQzn
this meansthat
0(a-Czn:a- Pzn
a
4zn Qzn+ tQzn
0 1 a q 2 , - p z n 1 l / qzr+ t .
-pzn< I
oaoQr" ,
b Qzr+t
01aq2n-bpzn
Qz n + t
Note that aq2, - bpzn is an integer for all positive integersn. However, since
Qz r + r ) 2n*I , th e re i s a n i n te g e r n s u ch that Qzn+ t> b, so that
b/Qzr+t < I . This is a contradiction,sincethe integer aQzn- bprn cannot be
between0 and I . We concludethat a is irrational. n
Qk : lapl, c r k + :l I / b t - a )
continued
fo r k : 0, l, 2, . . . . Th e n a i s the value of the infinite, simple
fra cti o n Lag;ar , az , - ..1 .
is an integer
Proof. From the recursivedefinition given above, we see that ap
we can easily show using mathematical induction that
for every k. Further,
for every k. We first note that d0 : a is irrational' Next, if
a7, is irrational
is also
we assume that a1, is irrational, then we can easily see that a,p1'
irrational, sincethe relation
dk+r:l/(at-a*)
impliesthat
I
(10.12) otk:A**Ls
qk+l
so that
0(a1-ap<1.
Hence,
a(k+t: 1l@* - ap) ) l,
and consequently,
ak+r: [ar+rl ) 1
I
Q: d0: ao* I : [as;al
ul
l.
ao* : Ia 6 ;a 1 ,a 2 l
at-fL
a2
: Qo* : I a g ; al , o z , . . . , c t k , a t r + l l .
at i
az -f
I
*a1r*
otk+l
a*+tP* * pt+t
a : f a g ; a r , . . . , o k , a k + l l:
at+rT* * q*-r
a * + rP r * p * -t pt
a-Cp :
dtc+tQ* * q*-t Q*
-(Prqrr-t -
Prr-tQ*)
(ar+gr, * q*-)q*
(-t)t
(a r+ g * * q * r)qt '
where we have used Theorem 10.10 to simplify the numerator on the right-
hand side of the secondequality. Since
a * + rQ * * q t-r ) a t+ fl t * q* -r : Qk+|,
we seethat
367
1O.3 Infinite Continued Fractions
l o - c * L' * QtrQx+t
[ a g ; a 1 , a 2 , .:" 1a o
since
a : l a s ;ar,a2 ,...1: 1 ,a2 , ...,apl
o l g l [a o i a
I
:lim(ao+, ,)
/ <- - l q 1 i a 2 , Q3 , . . . , a pI
: do*
lim Ia1,o2,...,apl
/< --
I
: aol --.
l O 1 i O2 , O3 , .. . I
Supposethat
: l b o i br , b2 , . . . 1 .
l a s ; a1 , a2 , . . . 1
and that
a o *+ : b o " '
Io 1;a2,...1 Ib ,.bz,...l
so that
I a ; a 2 , . . . !: [ b t i b z , . . ..l
N o w a s s u m et h a t a 1 r : b k , a n d t h a t l a p t l ; a 1 r a 2 , .:.[.b1n * r ; b t + 2 , . . . 1 .
U s i n gt h e
same argument, we see that apal : bpa1,o.1d,
] : lb 1ra2;b
['a p,z;a1ra3,... I .
1ra3,...
ao:lrfil:2, ant,:G5:T
t
"E+Z
Qt:r*r:2, I : J6+2
s.)__
(J6,*2
'2' )-z
e z : [ J o + z l: q I {e+z _
q{
- E ........:-:
d1
Qo+D-4 2
so that
lo - polqxl< tlq? ,
si n ceQt I Q *+ r .
of the simple
The next theorem and corollary show that the convergents
to a, in the sense
continued fraction of a are the best rational approximations
with a denominator
that prrlql is closer to a than any other rational number
l e ssth an q1.
:1,2,"', be
Theorem 10.17. Let a be an irrationalnumberand let n1le1,i
of a' If r and s are
the convergentsof the infinite simplecontinuedfraction
integers with s ) 0 such that
lso-rl < lqo"-pol
thens 7 qr*t.
( s I q*+r. We
proof. Assume that lso-r | < lqr,o-pnl, but that 1
considerthe simultaneousequations
Ptx*Pt+rl:r
Qtx*Q*+t!:5.
then
By multiplying the first equation by Q* and the second by px, and
subtracting the secondfrom the first' we find that
(Pt +rqr-PxQt +)Y - tQk - sP* '
- : (-l)fr, so that
From Theorem 10.10,we know thar ppag* Pt Qt+l
y : (-l)k (rq1,-sP).
ppal and
Similarly, multiplying the first equation by Qlray and the second by
then subtracting the first from the second,we find that
x : (-l)k(sppa;rQ*+).
that
By multiplying thesetwo inequalities,we find
sla-r lsl < qol"-Polqol
so that
lsa-tl < lqod-Pxl ,
proof. Assume that r/s is not a convergent of the simple continued fraction
expansion of a. Then, there are successiveconvergentspxlqx and ppallqp*t
su ch t hat Q n 4 s I Qrr+ t F ro m T h e o re m 1 0 .1 7,w e seethat
lqoo-pol< It ".-rl: slq-r/sl < t/zs'
Dividing by qr we obtain
l o -p o l q o l < 1l 2 s q * .
Since we know that \tpo-rqol > t (we know that sP*-rQr is a nonzero
integer sincer ls #pplqr), it follows that
372 DecimalFractionsand Continued
Fractions
-x
| - lspt-rq*l
sQ* '-, sQ*
: lor tl
sl
lqo
F:l
ll
I qrl
.l*l
2tq* 2s2
t/2sqp I t/2s2
Consequently,
Zsqp ) 2s2,
10.3 Problems
a) ,rf2 c) -,/i
b) ^f3 d) r+.6
.
2' Find the first five partial quotients of the simple continued fractions
of the
following real numbers
a) 1/, c) (e-l)/(e+l)
b) 2r d) (e 2 -t)/(e 2 + D .
e : l 2 ; 1 , 2 , 1 , 1l , 1
4 , 61, ,1 , g , . . . 1 .
less than
b) Find the best rational approximation to e having a denominator
100.
expansion
5 . Let d be an irrational number with simple continued fraction -ot
Show that the simple continued fraction of is
o : loo;ot,a2,...f
a 1 2 I a n d [ - a s - l ; a 2 l l d v " ' l i f at: 1'
[-as-l;1,a,-l,as,a3,...lif
simple
6 . Show that if p*lqx and,p1,a/q1a1 2f€ consecutive convergents of the
continued fraction of an irrational number a, then
l o - p o * r/q o * ,1
( l /2 q l a.
8 . Let a be an igational number, and let pllei denote the jth convergent of the
simple continued fraction expansion of a. Show that at least one of any three
consecutiveconvergentssatisfiesthe inequality
Conclude that there are infinitely many rational numbers plq, where p and q
are integers with q # O, such that
l''- plql<rlG6q\.
9 . Show that if a - (l +lf9/2, then there are only a finite number of rational
numbers plq , where p and q are integers,q # 0, such that
lo-plql<t/(,/-sq2).
lag;at,o2,...,oN-r,m
to expressthe periodicinfinitesimplecontinuedfraction
I a o : a l , a 2 , . . . , QN - l , a N r QN + 1 ," ' , a N + k - 1 ' 4 1 y ' 4 1 y1 1 '" ' l '
Lemma 10.f . The real number a is a quadratic irrational if and only if there
are integers a,b, and c with , > 0 and c 10, such t"hatb is not a perfect
square and
: : (a+Jt) lc.
-B*GQAC
(I:-
2A
Conversely,if
'r"
wherea,b, andc areinte*.r-,;; ,ti"i:O, and6 nota perrect
square,
then by Theorems 10.1 and 10.2, we can easily see that a is irrational.
Further, we note that
co2-2aca+(a2-b2):0.
The following lemma will be used when we show that periodic simple
continued fractions representquadratic irrationals.
Lemma 10.2. If a is a quadratic irrational and if r,s ,t, and u are integers,
then (ra*s)/(to*u) is either rational or a quadratic irrational.
Proof. From Lemma 10.1, there are integersa,b, and,c with b > 0. c # 0.
and b not a perfect square such that
a: (a+Jb)/c.
fur*cl)+rJb
(at rcu) +t Jt
I Gr + cil + r JF lI ht + cil -t.'.6 |
IGt *cu) +t .,/blt(at +cu)-t ./n I
lGr *cs\ (at*cu) -rtblt[r (attcD -t Gr *cl)l../T
(at *cu)2-t2b
377
1 O.4 P er iodic Cont i n u e d F ra c ti o n s
the polynomial
Lemma 10.3. If the quadratic irrational d. is a root of
is a', the conjugate
Axz + Bx * C : 0, then the other root of this polynomial
of a.
of
If a is one of these roots, then a' is the other root, because the sign
tr4AC is reversedto obtain a' from a. tr
L e mma 10. 4. I f a' : (a ftb ffd )/c 1 a n d ,,2 : (a2* bzJd)f cz are quadrati c
irrationals,then
(i) (a1+a2)' -- al t a'2
(ii) (a;c.2)' : o| - d'2
t G ftbr.'./Z)
/r,
".'
v l l q )
Gr+bz,/cl)/cz
: lb2)''/7
,,
While
, G;brE)/cz
- t--,
.^lrsl---7
" " (or-brrE) /cz
cz(arbtQ)Gr+br,/V)
c {a 2- b 2,/7 ) (a z+ b 2,/7 )
_ k z a p z -c z b ftz d ) - (czazbrczaft)fi
a : la g;at,,e2,..,,a
N -r,ffi|
Now let
0 : la1s;aN+r,...,41r+ft
l
Then
379
1 O.4 P er iodic G on ti n u e d F ra c ti o n s
g : lal;aN*I,...,4N
**,01,
Since the
where p*lq* and p1r-r/Q1r-1ata convergentsof Ia11;av"1'"''oru+kl'
and from (tO't3) we
simple continued f.u.tlon of p is infinite, B is irrational,
have
qr,02t Qr,-r-P)0 - P*-r : a'
'a;;:fr; '
0pr,r-ftPN-z
Since B
where pN-t/qN-1 and pr,t-zlqN-2uteconvergentsof [ao;a t.a2'"''o7'1-11'
Lemma 10.2 tells us that a is also a quadratic
is a q*Oruii. irrational,
irrational (we know that at is irrational because it has an infinite simple
continuedfraction exPansion). D
To develop an algorithm for finding the simple continued fraction of a
quadratic irrational, we need the following lemma'
w h e r eP , Q , a n d d a r e i n t e g e f s , Q* O , d > O , d i s n o t a p e r f e c ts q u a r ea, n d
QIQ-P2) .
where a,b, and c are integers, b > 0 , and c # 0 . We multiply both the
numerator and denominator of this expressionfor q by Itl to obtain
380 DecimalFractionsand Continued
Fractions
a.-
@o+,/7)/Qo ,
whereQ0*0,d > 0, d is not a perfectsquare,
and eel @-p&). Recursively
define
dk:(ro+,/7)/Qr,
C tk: [a 1 ],
Pk+r:atQt-Pk,
Q**r : (d-roL*t)/Q*,
Q* : U-rf*1/Qo*t
1O.4 PeriodicContinuedFractions 381
: G/7 - pt +) lQ*
: @-rl*)/Q*QI + Pr*r)
: Q*Qr,n/Qr,G/7+ Pt*,)
: Q**r/('/i + Pr,*)
: lla*+r ,
Pr : 2'4-6:2, a1 Q + ..E)/e,
Qr : (28-22)/4:6, O1 IQ+,/z$/61 : r,
P3 - 4'2-!:4, d3 : e+.,m)/6,
Qt : Qg-+2)/2:6 o3 : tG+6>Jil:r,
P4 : l'6-4:2, :
d4 e+rFZ$/q,
Qq - (28-22)/6:4, :
a4 t7+.'-z$/il: t,
Ps - l'4-2:2, a5 : e+r/-Z$/6,
Qs - Q8-22)/4:6, a5 : t ( z + , , / N ) / 6 :1 l ,
andso,with repetition,
sincepr: p5 and
er: es. Hence,we seethat
:
G + . n ) / 2 I 2 ; 1 , 4 , 1 , 1 , r , 41,,r. ,.I .
: I2;1,4,1,11.
Furthermore,
by Theorem10.19we haveo: lao;ar,ez,...l
where
dk : (r1, + ,,/7)/Q* ,
ap : [apl,
Pwr : atQ*-Pk*t,
Q*r : Q -rf *1 /Qo*r,
fork:
Since a : Ias;a'
"")'lrl,o; that
]:ffi _ll;l
Ijl "_ * q*-).
Taking conjugates of both sides of this equation, and using Lemma 10.4,
see that
(ro.r+) o' : (pr,-p'* * p*-) /(qt,-p'n * q * - ) .
( - P*-zI
, -ex-,l" tr- |
dk: p*t t
qk^ t ,
,*t l
to a as k tends to
Note that the convergents p*-z/Q1r-2 and p*-rlqrr-t tend
infinity, so that
P*-t
| , - P*-z
la. t fr' -
I Q*-z I Q*-t
sothatQ*> 0fork>N.
SinceQ*Qrr*,- d - P?*r, we seethat for k 2 ly',
-
0t ( Q*Q**r-- d P?*t < d .
Alsofork>N,wehave
Pl*, (d: Pl*t-Q*Qx*r,
sothat
- ,/7 I P*+r < -,/7.
l/qt+t:ek-ak,
l / o t t+ r < - 1 ,
Consequently,
-l - l / a ' * + t 1 ax 1 -lf a'rr+r,,
so that
ek: [ - 1 / o r * r ].
d0 : a : Iag;a1,...,oi-i-t,ai-il
: la o;a 1,...,ei -i -1,041
:loo.gr,Gl,
where pr,_tlq*_r and p1rlq1, 3;fe the (k-l)th and kth convergentsof the
continued fraction expansion of a . From (tO.t6), we seethat
-
(1 0 .17) e r,a 2* (q * -rP )o Pt-r : 0.
a nd
Qt/q2-1 : farion-r,...,a2,e
l! : pL /qi_t.
Since pi-t /qi-, pi/qi are convergents,we know that they are in lowest
?d
terms' Also, P*/pp-, and qp/q1-1 ilre in lowest terms, since
Theorem 10.10
tells us that ppqp-r - p*-rQk : (-t)e-t . Hence,
pi - p*, Qt : pk-r
and
p,: 0p* * qr
1p*-r * qrt
Therefore, we know that
Pr$2*(q*t-pr)|-Q*:o
This impliesthat
(ro.rq) er,Gt/ilz * (q*-r- pt) Gtlp) - pk_t:
From(to.tz)and (1 0 .1 9 ),w e s e eth a t th e tw o r ootsof the quadratic equation
4 * x 2 * (q * -r - p )x - p* -t : 0
are a and -1/0, so that by the quadratic equation, we have a : -t/8. Since
0 : l a n i a n - t , . . . , a t , a o lw, e s e e t h a t p > I , s o t h a t - l < s 7 ' : - l / p < 0 .
Hence, a is a reduced quadratic irrational.
Furthermore, note that since fi : -l/ot,. it follows that
387
10.4 PeriodicContinuedFractions
-l/o':ffiol' tr
fraction of '/D ,
We now find the form of the periodic simple continued
Although \6 is not
where D is a positive integer that is not a perfect square'
-,/D is not between -l and 0, the quadratic
reduced, since its conjug-ate
r.*,o*r"i6-t; .6-ii l,/Dl - '[5 ' doeslie
r.duced,sinceits conjugate,
that the
between-1 and 0. Therefore,from Theorem 10.20, we know
the initialpartial
continuedfractionor [.lill +.,/D is purely periodic. Since
quotient of the simple continued fraction of tJD | + "/D is
if faf + ,/Dl:21,/Dl:2a0, w h e r ea o : I . . / D l ' w e c a nw r i t e
I,/DI+-,/D:tml-
: I 2 ao ; at , Q2 , . . . ,na, 2 Qg , al , . . . , Q
rl'
r/G/D-t.D1):tffi.
But also note that
6 -t-6-l:lo;orprGol,
so that the periodic part of the continued fraction for ..lD is symmetricfrom
the first to the penultimate term.
In conclusion, we see that the simple continued fraction of 16 has the form
..ld:loo;ffi.
388 Decimal Fractions and Continued Fractions
8- [ 4 ; l, 3 , 1, 8 ]
.16l ts,ffii.rol
,Fqe - 1 6 ;,l 2 , 1, 1 , 2 , 6 , 2, l, ,12 , 1, l 2 l
,,/Te : [ 8 ; 1 , 2l ,,I , 5 , 4 , 1
5 , 1 , 2 ,I16 ,l
and
-,/ri: tq;ml,
where each continued fraction has a pre-period
of rength l and a period
ending with twice the first partial quotient which is symmetric
from the first to
the next to the last term.
10.4 Problems
l. Find the simplecontinuedfractionsof
a) Jt d) ,/41
b) Jr r e) 6
c) Jzt r) ,/-gq.
2 . Find the simple continued fractions of
il o+,fi /z
b) Qq+,81)lt
c) (tt-.E)t.
3 . Find the quadratic irrational with simple continued fraction expansion
il [z;t,5]
b) tz;rSI
c) t2JJI.
4. il Letd beapositive Show that the simple continued fraction of
,,/N isla:Tdl.
389
1 O.4 P er iodic Cont i n u e d F ra c ti o n s
c) Ugparts (a) and (b) to find the simple continued fractions of rfg9' tffg'
,lnz. and..G60'
of
6. a) Shory lhat if d ,l un int"g.t, d > 3 , then the simple continued fraction
,tm i s[ d - 1 ' l H , l 2 d - 2 1 .
of
b) Show that if d is a positive integer, then the simple continued fraction
'/fu. rsld;c$71.
-l,ft-gt
c) Find the simple continued fraction expansionsof ,/6,.6f , anO
10. prove that if 6,1: (ar+brJrl)lct and a2-- (a2*urJd)/c, ^re quadratic
irrationals, then
b) (a1-a2)' : d'r - d2
c) (c''c.z)' : ot't'or2.
11.1 PythagoreanTriPles
The Pythagoreantheorem tells us that the sum of the squaresof the lengths
of the legs of a right triangle equals the square of the length of the
hypothenrur.. Conversely, any triangle for which the sum of the squares of
the lengths of the two shortest sides equals the square of the third side is a
right triangle. Consequently,to find all right triangles with integral side
lengths, we need to find all triples of positive integ ers x ,y ,z satisfying the
diophantine equation
(rr.t) x2+!2:22
: l.
Definition. A Pythagoreantriple x,!,2 is calledprimitive if (x,y,z)
x2+y2:22,
we have
G/d)2+(y/il2:(z/d)2,
s o t hat
x?+y?:r?.
Hence, xt,!t,21 is a primitive pythagoreantriple, and the original
triple x,!,2
is simply an integral multiple of this primitive pytgagoreantriple.
Also, note that any integral multiple of a primitive (or for that matter
any)
Pythagoreantriple is again a pythagorean triple. If x1
])t,zt is a primitive
Pythagoreantriple, then we have
@x)2+(dyr)r:(dz)2,
integers of a primitive
Next, we establish a lemma about the parity of the
PythagoreantriPle.
1l '1, we know
Proof. Let x ,!,z be a Primitive Pythagoreantriple. By Lemma
x and y cannot
that (x ,y\ : 1, so that x and y cannot both be even. Also
both be odd. If x and Y were both odd, then
(from problem of Section 2'1)
2
we would have
)
x - = v z = I (mo d 4 ),
so that
22:x2*y2 = 2(mod4).
x is even
This is impossible (again from problem 2 of Section2.1). Therefore,
and y is odd, or vice versa. E
The final lemma that we need is a consequenceof the fundamental theorem
of arithmetic. It tells us that two relatively prime integers that multiply
together to give a square must both be squares'
(r,s) : I and
Lemma 11.3. If r,s, and t are positive integers such that
: m2 and s : n2.
; : t2, then there are integersz and n such that r
,:p1,pi2... p:",
s : p:,i\ p:,it p:"
and
a nd
n : pi,r('pi,C' a/2
Pr" !
We can now prove the desired result that describes all primitive
Pythagoreantriples.
x : m2-n2
'r7-'#ir'
Prot{. Let x ,y ,z be a primitive Pythagoreantriple. Lemma I 1.2 tells us that
x is odd and y is even, or vice versa. Since we have assumed that y is even,
x and z are both odd. Hence, z*x and z-x are both even,so that there are
p os it iv eint eger sr a n d s w i th r : (z + i /2 a n d s : (z-i l /2.
Using Lemma I 1.3, we see that there are integers la and n such that
r : m 2 and,s : n 2 . W ri ti n g x ,y ,a n d z i n te r msof m andn w e have
x:r-.s:m2-n2.
y:rM:rffi:2mn.
395
1 1 . 1 PY t hagor ean Tri P l e s
z:r*s:m2+n2.
: 1,
where m and n are positive integers, m ) n, (m,n) and
m * n (mod 2), forms a primitive Pythagoreantriple, first note that
x 2 + y 2 : ( m 2 - n 2 ) 2+ ( 2 m n ) 2
: (ma -2 m2 n 2 + n 4 )* 4m2n2
: ^ 4 * 2 m 2 n 2t n a
: (m2+n2)2
: 22.
To see that these values of x,y, and z are mutually relatively .prime, assume
t h a t ( x , y , z ) : d ) ! . T h e n , t h e r e i s a p r i m e p - s u c h t h a t p l ^ ( x , y , z ) ^ .W e
note that p * 2, since x is odd (becausex: m2-n2 where mz and n2 have
o fp o rit " par it y ) . A l s o , n o te th a t b e c a u s ep I,x and p l t, p I G+ i :2m2
a n ' dp l i t - ; : 2 n 2 . H e n c e p I m a n d p I n , c o n t r a d i c t i n gt h e f a c t t h a t
(* ,i ) : 1. T her efo re , (r,y ,z ) : l , a n d x o y ,z i s a pri mi ti ve P ythagorean
triple. This concludesthe proof. D
The following example illustrates the use of Theorem I I .l to produce
PythagoreantriPles.
x:m2-n2:52-22:21
Y:2mn:2'5'2:20
z:m2+n2:52+22:29
is a primitive Pythagoreantriple.
396 S o m e N o nl i near D i ophanti ne E quati ons
2 I 3 4 5
3 2 5 t2 l3
4 I 15 8 l7
4 3 7 24 25
5 2 2l 20 29
5 4 9 40 4l
6 I 35 r2 37
6 5 1l 60 6t
I l.l Problems
l. Find all
3 . Show that if x ,!,z is a Pythagorean triple, then exactly one of x,y and,z is
,
divisibleby 5.
4 . Show that if x,l,z is a Pythagorean triple, then at least one of x,y, and z is
divisible by 4.
5 . Show that every positive integer greater than three is part of at least one
Pythagoreantriple.
xntl- 3xn*Zzn*l
!n+r-3xn*2zo*2
zn+t-4xn*3zn*2'
1 5 . Find all solutions in positive integers of the diophantine equation *' * py' : 22,
wherep isaprime.
x'+ln:zn
xa+!4:24
xP + YP:7P
Using the method of infinite descent we will show that the diophantine
equationxa + !4 : 22. has no solutionsin nonzerointegersx,
!, and z. This
is strongerthan showingthat Fermat's last theorem is true for n: 4, because
a n y s o l u t i o no f x a + y 4 : t a : ( 2 2 ) 2g i v e sa s o l u t i o no f x a * v a : 2 2 .
**',ro,r:
t'
hasnosolutions
in nonzer"
,",.*1,
Proof. Assume that the above equation has a solution in nonzero integers
x,l,z. Since we may replaceany number of the variableswith their negatives
399
1 1 .2 F er m at ' s Las t T h e o re m
so that
d a ( x f + Y f ): ' 2 '
2'2' we know t h a t d ' I t .
Hence do | ,', and, by problem 32 of Section
positiveinteger' Thus'
Therefore, z : d'r r, where z 1is a
da(xf + yf): (d2tr)': dor?,
so that
xf+yl:t?.
: l r' z : zr
Th i s giv esa s olut io no f x a + y a : ' 2 i n p o s i ti v ei n tegersx : xt' !
with (xr,yr) : 1.
z2'where
So, suppose t h a t x : x , , l : 1 0 , z : z . ' i s a . s o l u t i o no f x a + y 4 :
(xe,-/o): 1 ' We will show that there
xo, lo, andzsare positiveintegerswith : 1'
: : zt w i th (xr' yl )
i s a not hers olut ioni n p o s i ti v ei n te g e rsx x r,! l t, z:
su ch t hat 21 1 z s .
S i n c ex d + y t : z l , w e h a v e
G i l z + ( y & ) 2 :z E ,
we have
so that x&, y&, ,o is a Pythagoreantriple. Furthermore,
and p y&' then p I xs
l-fi, r&> - i, ro. if p is a prime suchthat p I x3 I
contradicting the fact that (xq,lrq): l. Hence, *3,yE, zs is a
;;';'l'ro,
11.1, we know that there afe
prim-itiveiythagoreantriple, and by Theorem-
positiveintegersz andn with (z ,n), m # rl (mod 2) ' and
x& : m2-n2
!& : Zmn
zo: m2+n2,
x&+n2:m2.
ro : ,2-s2
n:2rs
m - r2+s2.
Si nc e m is odd a n d (m,n ) : l , w e k n o w
that (m,2d : l . W e note that
b e c aus ey & : ( 2 d m, L e mma l l .3 te l l s u s
th at there are posi ti vei ntegersz1
andw with m:t? a n d 2 n : w 2 . S i n c ew i s e v e n ,w : 2 v w h e r ev i s a
positiveinteger,so that
si nc e ( r , s ) : I , L e m m a 1 1 .3 te l l s u s th a t th ere
are posi ti vei ntegersx1 erd
y1 s uc h t hat r : x l a n d s : y ? . N o te th a t
si nce (r,s) : l , i t easi ryfol ow s
th at ( x l, - y r ) : l. H e n c e .
x{+yf: -2
zl
zr(zf:m2<m2+n2-ro.
ll.2 Problems
n is an integer n ) 2' then
l. show that if x,! ,z is a Pythagorean triple and
x"*yn#zn.
of Theorem I l '2' and the
2.. Show that Fermat's last theorem is a consequence
: zP has no solutions in nonzero integers when p is an
assertion that xP * yp
odd prime.
prime and
3. Using Fermat's little theorem, show that if p is
such
l. Write a computer program to search for solutions of diophantine equations
asxn *Yn:zn.
numberof solutions,
sincethe equationx2 - dyr: n impliesthat
lrl < JM. l"l < fi
Also, note that when d is a perfect,quur.,
il* sayd : D2,
::'d=;,
where a and b are integers such that n : ab.
In this case, there are only a
finite number of solutions, since there is at most
one solution in integers of
these two equationsfor each factorization n : ab
For the rest of this section,we are interestedin the
diophantine equation
x2 - dy':n, where d and n are integers and d is a positiveinteger which
is
not a perfect square. As the following theorem shows,
the simpL continued
fraction of -,/v is very useful for the study of this equation.
ta
YW
G -,/7v)
v
: x 2 -d Y2
y G + y,/7)
403
1 1 .3 P ell' s E quat io n
\- f r
YQYJA)
t
\ q I 1
fi
Zy'rld
:l
)
L! rr2
Since 0 <
x_ .,17 < +, Theorem10.18 tells us that x ly must be a
v 2v'
-r
convergentof the slmple contlnueo1 fractionof JL
- dy' : n by -d, to obtain
When n ( 0. we divide both sidesof x2
v2- ,fr*': -3
we see that y /x is a
By a similar argument to that given when n ) 0 o
of ll.r/7' Therefore'
convergent of the simple continuid fraction expansion
must be a
from problem 7 of Slction 10'3, we know tB *l!,:1l,j.,/x)
: l/(l/{cl ) ' u
converyentof the simple continuedfraction of './d
x2 - dy': n,
have shown that solutions of the diophantine equation
we ^1"1
*h;; . .n, are gifn by the convergents of the simple continued
fraction expansion of fi. The next theorem will help us use these
convefgentsto find solutionsof this diophantine equation'
^ perfect square'
Theorem 11.4. Let d be a positive integer that is not --!*Q! - 'o''
: (io + ',/hlQr, oo: [47.1, P*+r and
il; dk
O;';- r : ( ; " -
pt *' J l Q * , t* L :0 ,1 ,2 ,... w h ere ao: Jd ' Furthermore'Iet
expansionof
;J;r denote tie kth convergentof the simple continued fraction
Jd. Then
pt-dqt:(-1)&-rgp*1.
L e m m a 1 1 . 4 .L e t r * s r / V : t + r t / l w h e r er , s , t , a n d u ^ t e r a t i o n a l
numbers and d is a positive integer that is not a perfect square. Then r : t
ands:u.
pt-dq?:(-l)ft-r21*1,
whereQx*tisasdefinedinthestatementofTheoremll.4.
is n, we know that
Becausethe period cf the continued expansion oL"/j
: ('int" J'l : ' Hence'
Qjn: Qo:I for7 1,2,3,"', "tf
pk-, - d q?^-t: (- l)i'Qni : (- I )/n'
a solution of
This equation shows that when n is even Pin-t, Qin-t is
x2-dyz:l f o r 7 : 1 , 2 , 3 , . . . , a n d w h e n n i s o d d , P z i n - t , 4 2 1 n - it s - a s o l u t i o n
- -l for
o f x 2 - d y ' : I an d Pz (j -D r-r,Q z (i -D n -, i s a s ol uti on of x2 dy' :
j : 1,2,3,...
- :1 and x2 - dy2: -1
To show that the diophantine equations x 2 d y '
I
have no solutions other than those already found, we will show that Qpal:
# -l for : 1 . 2 . 3 . . .
implies that n lk and that Q1 7
We f ir s t not e t ha t i f Q t* t: l , th e n
* 'ftr'
c,k+l: P1ra1
T o s e e t h a t Q l-'Sin""
#-lfor7:l,2,3,""notethatQi:-limpliesthat
dj : -pi -G. ct; has a purely periodic simple continued fraction
expansion,we know that
-l < ei:-Pi+^ftt <0
and
dj:-Pj--./7>t.
Example. Since the simple continued fraction of .,8 is tl;f ,f 'f ,f ,el the
406
So me N onl i near D i ophanti ne E quati ons
pos it iv es olut io n so f th e d i o p h a n ti n e
x2 e q u a ti o n
I are pni _t,et.' j _t,
i : l'2'3"" *T]: p1_o1/e.roi-r . .l 3yr:
is the (roi-l)th ctnvergentor ,r," simple
continued fraction expansion of .,m.
The least po-ritiu" sorution is
pe: 649, { e : 1 8 0 . T h e p o s i ti v e s o l u ti o n s
of the di ophanti ne equati on
x 2- 13y 2 : - I a re Prc i -o ,Qto i -o i : 1 ,2 ,3 ,. ..;
the l east posi ti ve sol uti on i s
P q : 1 8 , q a: 5 .
xtr*yrfi:(xt*yrr/v)o
To show that every positive solution is equal to x*,lt< for some positive
integer ft, assume that X,y is a positive solution different from x*,lk for
k : 1, 2, 3, . . . . T h e n th e re i s a n i n te g e rr s u c h t hat
407
1 1 .3 P ell' s E quat io n
-
We see that s,/ is a solution of x2 dy': l, and furthermore,we know that
1,
i .; ,fr'.'"*;;';r",lV.--Mor.oner, sincewe knowthat s + t-,/7>
weseethat0 < (s + tJa)-r < 1. Hence
r : +t(s t r,/7>+(s - r.'.ff)l> o
1-
/-
and
positive solution of
Example. From a previous example we know that the least
t h e d i o p h a n t i n ee q u a t i o nx 2
- l3y': I is xt:649, -Pr: 180' Hence' all
positive solutions are given by xt, yp where
x* * yr,./n : (649+ tgo\[Lte .
ll.3 Problems
b) x 2 + 5 y 2: 7
c) 2 x 2+ 7 y 2 : 3 0 .
2' Find all the solutionsof each of the following
diophantine equations
a) x'-y':B
b) x2 - 4y2: 40
a)l d ) -3
b) - 1 d4
c)2 f) -s ?
a) x2 - 29y2: -1
b) x2 - 29yz: 1.
il2 e) tj
b)3 f) 3l
c)6 e) 4r
d) 13 h) s0.
7. The least positive solution of the diophantine equation
xz - 6lyz : 1 is
xt:1766319049, lt- 2261i398A. Find the least positive solution other than
x t,l t.
1 1 .3 P ell' s E quat i o n 409
I l. Find those right triangles having legs with lengths that are consecutiveintegers.
(Hint: use Theorem 11.1 to write the lengths of the legs as x -.r2 - 12 and
y :2st, where s and t are positiveintegerssuch that (s,t) : l, s ) / and s
and t have opposite parity. Then x-y:il implies that
(s - r)2- 2t2: +1.)
a) xa-2ya:1 b) x4-2y2--1.
1. Find those integers n with lrl < Ji such that the diophantine equation
x2 - dyz: rz has no solutions.
2. Find the least positive solutions of the diophantine equations x2 - dy': I and
x 2 - d y 2- - 1 .
3. Find the solutionsof Pell's equation from the least positive solution (see Theorem
I 1.6).
Appendix
412
Appendix
Tabfe 1. FactorTable.
Table 1. (Continued).
Table 1. (Continued).
614 3 - 3 l1
494 3- 3 7 534 7 3- 3 5',74
- 5 3 1 1 2 3 ) t ) 3 1 1 3 1 3 6 1 5 3 4 7 3
495 3- 3 535
- - 3 3 1 3 7 576 7 3 7 3 3 6r6 6 r - 731
496 1 1 7 s36
617 3- 337
497 3- 3 1 3 537 4 1 3 1 9 3 5',77 2 9 2 3 s 3 - '7
7 - 1 7 578 3 - 3 7 6 1 8 323 3
498 1 7 3 - 3 538
s39 3- 3 - 579 3 1 1 3 6 1 9 4 1 1 1
499 7-19-
3 580 | -
4 ^ -
620 3- 3 7
s00 3- 3- 540 1 1 3 - JI
Table 1. (Continued).
Table 1. (Continued)'
I I I
I
I 2 3
2
2 2 4
3
4 2 J
4 2 6
5
2 4 t2
6
'l 6 2 I
4 4 l5
I
6 3 l3
9
4 4 l8
l0
l0 2 t2
ll
4 6 28
t2
t2 2 t4
l3
6 4 24
l4
I 4 24
l5
8 5 3l
l6
l6 2 l8
t'l
6 6 39
l8
l9 l8 2 20
2A 8 6 42
2l t2 4 32
22 l0 4 36
23 22 2 24
24 8 8 60
25 20 3 3l
26 t2 4 42
2'I l8 4 40
28 t2 6 56
29 28 2 30
30 I 8 72
3l 30 2 32
32 l6 6 63
20 4 48
33
34 l6 4 54
24 4 48
35
t2 9 9l
36
5I 36 2 38
38 l8 4 60
39 24 4 56
40 l6 8 90
4l 40 2 42
42 t2 8 96
43 42 2 44
44 20 6 84
45 24 6 78
46 22 4 72
4"1 46 2 48
48 l6 l0 124
49 42 3 57
420
A ppendi x
Table 2. (Continued).
50 20 6 93
5l 32 4 72
52 24 6 98
53 52 2 54
54 l8 8 120
55 40 4 72
56 24 8 120
57 36 4 80
58 28 4 90
59 58 2 60
60 l6 t2 168
6r 60 2 62
62 30 4 96
63 36 6 104
64 32 7 127
65 48 4 84
66 20 8 144
67 66 2 68
68 32 6 r26
69 44 4 96
7A 24 8 t44
7l 70 2 72
72 24 t2 r95
73 72 2 74
74 36 4
75
n4
40 6 t24
76 36 6
11
140
60 4 96
78 24 8 168
79 78 2 80
80 32 t0 186
8l 54 5 t2r
82 40 4 r26
83 82 2 84
84 24 t2 224
85 64 4 108
86 42 4 t32
87 56 4 120
88 40 8 180
89 88 2 90
90 24 t2 234
9l 72 4 n2
92 44 6 r68
93 60 4 128
94 46 4 t44
95 72 4 t20
96 32 t2 252
9',| 96 2 98
98 42 6 t7l
99 60 6 r56
100 40 9 217
421
Appendix
439 r5 709 2
2 1 l9l l9
443 2 719 ll
3 2 193 5
449 3 727 5
5 2 r97 2
457 l3 733 6
7 3 199 t
46r 2 739 3
1l 2 2tl 2
463 743 5
l3 2 223 3 J
467 2 75r 3
t7 3 227 2
479 13 751 2
l9 2 229 6
487
n
76r 6
23 5 233 3 J
49r 2 769 ll
29 2 239 7
499 1 773 2
31 3 241 7
s03 ) 787 2
3',1 2 251 6
s09 2 797 2
4l 6 257 3
521 3 809 3
43 3 263 5
523 2 811 3
47 5 269 2
541 2 82r 2
53 2 271 6
5 547 2 823 J
59 2 277
2 827 2
6l 2 28r 3 5)/
2
3 563 2 829
67 2 283
569 3 839 ll
7I 7 293 2
57r 3 853 2
73 5 307 5
577 5 857 3
79 3 311 T7 I
l0 587 2 859
83 2 313
593 3 863 5
89 3 317 2
599 7 877 2
97 5 331 3
601 7 881 3
l0l 2 33',1 10
2 607 3 883 2
103 5 347
2 613 2 887 5
107 2 349
617 3 907 2
109 6 3s3 3
l7
359 7 6r9 2 9ll
113 3 7
367 6 63r 3 919
127 3 3
2 641 3 929
131 2 373
2 643 ll 937 5
r37 3 379
647 5 94r 2
139 2 383 5
653 2 947 2
t49 2 389 2
659 2 953 3
l5l 6 397 5
157 5 401 3 601 z 967 5
6 73 5 97r 6
163 2 409 21
2 677 2 977 3
r67 5 419
2 683 5 983 5
r73 2 421
7 691 3 991 6
179 2 43r
5 701 2 997 7
l8l 2 433
422
Appendix
Table 4. Indices
p Numbers
I
l: lt2
I r(
l:
l! l8
I to
)1 22
29 28
3 r 30
3 i 36
4l 40
43 42
47 46
53 52
59 58
6l 60
67 66
7l 70
73
'il;il^ilrrl
72
'ilil,Y,l
79 78
83
89
97
p
82
88
96 trlfr|JIl,li Numbers
t 7 1 8 l 1 9 20 2 l 22 23 24 25 26 27 28 29 30 3 l
32 33
l9 l0 el I
23 7 r z lr s 5 Indices
l3 lt tl
29 2l l l I e 24 t7 26 20 8 l6 l9 r s lr + l
3l 7 z6i 4 8 29 t7 27 l3 l0 5 rlrol I l5
37 7 1 7 1 3 5 25 22 3l l5 29 l0 t2 6l34l2l t4 9 5 20
4l 33 1 6I e 34 t4 29 36 l3 4 l7 s rr j 23
3 Il s Il 4 r
28 l0 l8
43 38 z s l r c 37 36 t5 t6 40 8 l7 ll 34 9 3l
47 t6 1 2 l 4 s 37 6 25 5 28 2 29 t 4 l 2 2 l 3 s 39 3 44 27
53 l0 3 s l ' 3 7 49 3l 7 39 20 42 25 sl116146 l3 33 f 23
59 40 43138 8 t0 26 l5 53 t2 46 3 4 1 2 0 1 2 857 49 5 t7
6l 47 t 3 l i 2 6 24 55 l6 57 9 44 4l nlsrlrs 29 59 5 2l
67 64 1 3 ll 0 17 62 60 28 42 30 20 s t l 2 s l 4 4 55 47 5 32
7l 49 5 8 11 6 40 27 37 l5 44 56 45 aI rr I oa 60 ll 30 57
73 2l 2 0 1 6 2 17 39 63 46 30 2 67 18l4el35 l5 ll 40 6 l
79 2l 6 1 3 2 70 54 72 26 l3 I 46 38 3l6llll 67 56 20 69
83 56 6 3 1 4 7 29 80 25 60 75 54 78 s2lt0l12 l8 38 5 t4
89 6 r 8 1 3 5 t4 82 t2 57 49 52 39 3 l 2 s l s e 87 3l 80 85
97 89 7 8 1 8 1 69 5 24 77 76 2 59 l8l 3l13 9 46 74 60
Table 4. (Continued).
Numbers
p
3'l I l9 t8
4l r9 2l 2 32 35 6 20 I n dices
43 23 l8 l4 4 33 22
9
6 l2l I
t s l 2 4 1 3 | 4314 l
I 23
47 34 33 30 42 l 7 3l '))
s3 l l 9 36 30 3 8 4l 50 4s132 | 8 l 29 40 44 2l 23
59 4 l 24 44 55 39 3'l 9 1 4 l l l 33I 27148 16 23 54 36
6 l 48 ll l4 39 27 46 2s 5 4 1 5 6 431r i I 34 58 20 l0 38
67 65 38 l4 22 l l 58 l 8 s 3 1 6 3 e l 6 r l 27 29 50 43 46
7 l 55 29 64 2A 22 65 46 2 5 1 3 3 481431 l 0 2l 9 50 2
7 8 29 34 28 64 70 65 25 t l + t 5 r I 7 r I l 3 54 3l 38 66
79 25 37 l0 t 9 36 35 74 7 5 1 5 8 4 e l76164 30 59 l7 28
20 48 67 30 4 0 1 8 1 7 t l 26 1 7 6l 23 76 l6
83 5 7 35 64
89 22 63 34 ll 5l 24 30 2 l l l 0 2 e l28172 73 54 65 74
32 t6 9l l9 95 8 5 1 3 9 4 l 5 8 1 45 l5 84 l4 62
97 27
Numbers
p
52 53 54 )) 56 )t 5 8 5 9 60 6l 62 63 64 65
50 5 l
53 43 27 76 IncLices
59 r3 32 47 22 3l
35 2l 30 29
6l 45 5 3 42 33 37
t9 52 32 36 3 l 30
67 3l 5t 2l 57 8
52 26 49 45 36 56 48 3 5 6 34
7l 62 5 5l 23 59
l4 t9 42 4 J 66 69 I 1 7 5 3 36 67
'73 l 0 27 3 53 56
26 57 68 43 5 23 58 l l e 45 48 60
'7'7 52 65 33 t5 3l 7l 45 1 6 0 5 5 24 1 8
79 50 22 42
83 5 5 46 79 59 5 3 5 l ll 37 13 34 l 9 66 l 3 e 70 6 22
89 68 7 55 78 l 9 66 4l 36 75 43 l 5 69 1 4 7 83 8 5
97 36 63 93 l 0 \) 8 7 37 55 47 67 43 64 t 8 0 75 t 2 26
Numbers
p
't0 'tl 't6 7 8 79 80 8l
66 67 68 69 7 2 7 3 74 7 5 II
67 33
7l 63 47 6l 4l 35 Inclices
78 69 50 52 42 44 36
79
83
73
t5
48
45
JI
29 2'7
5 8 50
4l
36
5l
33
t4
65
44
69
23 4'l
z l 44
40
49
43 39 I
32 68 1 4 3 3 l 42
89 13 56 38 58 79 62 50 20 27 5 3 67 77 40 1 4 2 46 4
97 94 57 6l 5l 66 lt 50 28 29 72 53 2 l J J t 3 0 4 l 88
Numbers
p
82 83 84 85 86 87 88 89 90 91 92 93 94 95 96
83 4 l I n d lces
89 3 7 6l 26 76 45 60 44
97 23 t7
'73
90 38 83 92 s 4 l ' 7 e 1 5 61 4 9 20122 82 48
Appendix
Table 4. (Continued).
p Indices
I 2 3 4 5 6 7 8 e{t0llt l2 l3 t4 l5 t6
2l rl | | |
21 41 3l rl
3l 21 6l 41 5l I
I ll
Numbers
lI l 2l 4l8l slrol I 7l3l6l 'l
2l 4l 8l 3l aln I
I rl ' ul el slrol zl I
3l elrolnl slrs trlrolr+l al tl 4 t2 2l
l! 21 4l sl rol rgl 7) t4l elrs;rzlrslrrl l al r
2. 5 l 2 l t o l + l z o l r l 1 7 l1 6 ll l I t l z z l r s l zrrl o l r z l s
2l 21 4l altol :l 6l rz z+ rs I rs t vl I n l lsl I
3l 3 l e l 2 7 1 r o l z e l r c lt 7 2 0 2 e z s n a l z + l r o lz t I z s
1 ! ! I I I z a
3'' 2 1 4 l a l r o l t z l z t l t 7 | 3 4I I I n I I : o I z sI
41 o l r e l r r l z s l z t l : B l z eIl t ol 3 t l 2 s I I z+el zlr + sI : o I z : I s I
lztl glrsl
43 3 l s l z t l l s l z e l + r l 3 7 l rrez l 3r 2 o
l28l
r o + l
4'l s l z sI r r I r +l z z l u l n |l 28s|; 4 0Il r zII r : |I r e| + l Il zr ct ll +z zt ll nz t Il
r z
53 2 l 4 l 8 l t 6 l : z l r r l z 2 l 4 4 lr s r z : + r s
59 z l + l s l r o l r z l s i t0 z0 40I 2t | +z | I m I t I Al zal
6l z l 4 l a l r e l : z l : l 6 l t 2 1z + l+ t I t s I zs
| | | | ! I soI +r I zt I +eI
q I r sI : o I r t I z z l
67 2 l 4 l s l r o l t z l e q lr 5 s l + r l u l r s l o l r s l : o l s l r o i
7l T l 4 e l s q l s r l s r l z l 1 4I 1 2 1+ 2 1+ s : r + l z t l
73 s l z s l s z l + r l s t l s l r i l 2 l1l o l s o|l: r | e l + s l so+lIszo: Il ras II
79 3 l e l z t l z l e l r s l , 1 1+ l r z l x l z t I s l z + l z zlsslrol
83 z l 4 l s l r o l t z l o a l 15| t I t+ | zaI seII zqI ssI t: I ee| +qI
89 3 l e l 2 7l s r l o s l r z l i t l 6 4 l t + l + z l y l z z I e oI z oI o oI z l
97 sl2sl28l43l2tl s l o l o l l o l s : I z r I u l z g l+ s| + e l: e I
p Indices
t7 l8 t 9 20 2 l 22 23 24 25 26 27 28 29 30 3r 32 33
I
1 9 l0 I
23 l 5 6 t2 l4 I I Numbers
29 2 l
3 l 22
l3 26 23 t7 ) l0 20 l l 22 I r sI r I
lr:l tlzr
4 l2 5 l5 t4 II 2 6 l8 I
37 l 8 36 35 33 29 21 ) l0 20 3 | 6 l t 2 l 2 4 l l 22 1
t4
4 1 26 I
33 34 40 35 5 30 t6 t4 2
43 26 35 l9 l4 42 40 34 t6
Irzltrlzz 9
) l5 | 2l 6l18 II
l 3 37 t'l
33 I 3 39
47 3 8 2 l0 3 l5 28 46 22 1 6 3 3 1 2 4 1 2 36
42 6 39 35
53 J 6 t2 24 48 43 33 l3 26 52 s l l 4 e l 4 s 3 7
59 3 3 t4
2 1 42 3r
28 56 53 47 35 l l 22 4 4 l 2 e l s 8 57 5l
)5 43
6 l 44 27 54 47 33 5 l0 20 40 l 9 3 8 l 1 5 l 3 0 60l 59 5 7 53
67 20 40 t3 26 s2 37 7 l4 28 56 4 s l 2 3 l 4 6 25 l 50 3 3 66
7 l 62 8 56 37 46
I
38 53 t6 4l 3 2 t l 5 1 3 5 1 32 ll 6 42
7 3 20 27 62 l8 t7 t2 60 8 40 54 srl:el:+l 24 47 1 6
79 48 65 37 32 t7 5l 74 64 34 23 6 e l 4 e l 6 8 l 46 59 t 9 57
83 l 5 30 22 44 s | 'o I zoI 40
60 37 74 65 47 ll 80 't7 7l
89 6 t8 54 73 4l 34 I3 39 28 84 t + 1 + + l + t l40 3l 4 t2
9? 83 2t 38 93 77 94 82 22 t 3 65 z + l t s l u l 79 35 78
425
Ap p e n dix
Table 4. (Continued).
Indices
p
3 5 1 3 6 37 3 8 39 40 4 l 42 4t 4 4 i | 4 5 i . 4 64',1 48 49
34
17 28 19 I I
4 l 20 3 8 23 15 8 I I Numbers
43 3 l t zl 20 17 8 24
9
29
45
I
37 M
rl
32llel I
47 34 29 4 20 6 30
53 9 l 8 36 l9 38 23 46 39 25 50 4 7 l 4 r l 2 e 5 l 0 20
5 9 27 54 49 39 l9 38 l7 34 9 l8 3 6 1 1 3 1 2 652 45 3 t
6 l 45 29 5 8 55 49 37 l3 26 52 43 2 5 l 5 0 l 3 e t'l 34 1
6',1 65 63 59 5l 35 3 6 t2 24 48 2 e l 5 8 l 4 e 3 l 1 6 2l 5 i
7l l0 70 & 22 t2 l3 20 69 57 44 2 4 l | 2 6 1 4 067 1 4 3I 1 7
73 35 29 72 68 48 2l 32 l4 70 58 7 1 1 6 3 1 2 342 1 6 41 2 8
79 l 3 39 3 8 35 26 78 76 70 52 77 ? 3 l 6 r l 2 s t) :l611 4 3
83 59 3 5 70 57 3l 62 4l 82 8l 79 ? 5 1 6 7 1 5 1l 9 1 3 8| t 1 6
89 36 l 9 57 82 68 26 78 56 79 59 8 8 1 8 6 1 8 062 l 8 1 2 4
97 2 l 0 50 56 86 42 l6 80 12 60 e l 4 5 l 3 1 58 t 9 6 1 9 2
lndices
p
5 3 40 27 I
l5 30 I
I
N mbers
59 3 6 t2 24 48 37
4l 2l 42 23 46 3l I I
6r l4 28 56 5l
M 21l|42 17 34
27 54 4l t5 30 60 53 39 1l 22
67 47 39
'll 48 52 9 63 l5 34 25 33 18 55 30 68 50166 36
46 ll )) 56 6l l3 65 33 rel22 37 39
1 3 61 43 69 53
zl 63 31 t4 42 47 62 28 5t15 45 56
19 50 7l 55 I
8 3 69 55 27 54 25 50 l 7 34 68 53 23 46 rlrs 36 72
<) 6',7 23 69 29 87 83 7 1 1 3 5 l6 48
89 72 38 25 7 5 47
76 89 5 7 9 l 67 44 26 33 68 4 9 1 5 1 6l t4
97 72 69 54
Indices
p .,'riiiiii
o o el tl o al o sl i o l u r l n l t t l r a l r s l t t l t t l z t l r e 1 8 0| 8 t
I
r
67 I
7l 60 65 29 6 l I {umbt
73 49 26 5 7 66 3 8 44 I I
19 10 30 l l 3 3 20 60 22 66 40
3 6 l2
4l
24
44 5 3 t
48 l 3 2(' l s 2 l 2 r 42
83 6l 39 7 8 7 3 63 43
89 55 76 50 6 l 5 l 5 45 46 49 58 85 7',| ) i ' 1 7 01 3 2
97 70 59 4 20 3 1 5 75 84 32 63 24 23 I ti l 9 0 1 6 2 l 9
Indices
p
94 95 96
82 83184 85186187188 89190 9t192193
83 I
N umbrlrs
89 2r 63I ll 3 3 l l o l 3 0 I
1 7 1 8 5 37 88 52 66 l r s
97 95 87147 4l I ll I 55 8l
Table 5. Simple Continued Fractions
for Square Roots of positive lntegers
d J7 d J7
| , I r,,ll i 53 I t-
t7;3,1,1,3.141
l: lrr:1-l I 54 I t z ; z r e ; J . r + t
is ltz,ql I 5 5 tt,T,zl,tqi
lolt2:2+t I 5 6 II t't;zr+l
lt lrz;r,TJ'+t l 57 I t7;l,t,4,l.l.l4l
t -
l sl 0 ) r 2 ; y e t I 58 I I 7 : l , l , l , l . l . l . t 4 l
t -
I | [3:6] | 59
Itt I l:;:,ot I 60 |I t[tl;:nl, dz ,. tt ,qt t+ 1
I tz I t:;Nl I 6 l tz;r,q3JJtr,raJJat
InItl,r.r,T,l,ol I 6 2 II t 7 ; 1 , |6, ,l 4 l
| 'o I f3:LAGt I 63 I t z ; 1 r + t
i t5 I [3;t,6] | 65 I [ a ; t o ]
ln|t+:st I 66 I t s ; s T ' t
Jt s J l + ; + , a l I 6 1 l E -; 5 2 1 . 1 , 7 , 1 . t . 2 , 5 , t 6 1
I ,n I r+;1i;l)"rl I I
6 8 | [s:+. ro]
I 20 I I a :2 ,8 1 i 6 9 t-8-: 3 , 3,,41. .13 . 3 . 1 6 1
I zt I t4;iJJJJst I 70 ts;zT;, rJ,lot
|,z I t+rr,xJ.r"sl --
I 7 l l8;22,-l ,1.t ,z,z,tol
I 2 3| [ + : t . l , r , s ] | 72 [8;2,16J
I z q I t 4 ;,l 8 1 | 73 [ 8 ; 1 . 1 , 5 , 5 , 1 . 1 . 1 6 1
I zeI ts;rol I
I 11I
t g ;l , r J , l , G t
I ,, I rs:s,
ror
j 2 8 j t s ; 3 , 2 ,r :o, l
/ ) | [ 8 -;l , r , l , l 6 ]
I 76 I E 1; , 2l , 1 , 5 , 4 ,t 5, t., Z t, , t
I 2 eI t s : t t J ; J o t I 77 11 [ 8 : 1 , 3 , 2 , 3 , l , l 6 J O ]
I :o I Is:z,rol l 7 8 I t s :r , q , Tt.6 l
I ,' I ts;r,r-:_:;rr,rol I 7 e l ta;ffi.I
I 32 | t5:l,l,l,lol I 80 [ 8 ; l , l 6 l
| : l I t s ; r ,rf, r o 1 | 8 2 II [ 9 ;I 8 ]
l:+ I ts;r,+rlot I 8 3I I q ; e J8 t
l:s lts:_ol I 34 1 [ 9 ; 6 , l 8 l
I i7 | t6:l2l I -t -5l | t q ; {I , l , a , I 8 t
i:a j to;o,ut L 16 tq:1.1..-r'r.sJJJmr
l:r 116'aJI l ; J 7 ll [ 9 ; 3 , 1 8 1
] q ol t o ; : J 2 l l ; 1 8 itq;2JJ,l2,l8t
io'lto:fut i ; r e l [\ry,zJal
I 42 ) [ 6: 2 ,t2 1 | .' o i [ 9 ; 2 , 1 8 ]
l aoa, l l u , @ , , r l l; ll
I [ 9 ;l , l , 5 ,I . 5 .l . I . l 8 l
l|.6:l.l,l,2,l.l.t.l2l l . t't- l I l 9 : l , l , 2 . 4 . 2 ..11. 18 1
4slt6;r,t]Jm1 l; 3l _ --
I 9 : 1, 1, 4 . 6 . 4. 1t. 1S l
+e1ro,ffirli 4l rg;mr
4 7 [ [ o ; t , rs,t, z l I g' t [9;1,2,1,18]
48lle;r,rzl lq6l lq;t,:,r,rsl
soltz;l+l l; - l
tg:t,s],rrr;l,l.ill
5r I tt:t.tql I ;8 i [q;t,a,t,te]
szltt:+ttfV.u, lnq i lg;iJTl
426
Answers to Selected Problems
Sectionl.l
1. a ) 20 b) s 5 c ) : as d ) 2 0 4 6
2. a ) 3 2 b ) 1 2 0c ) 1 4 4 0 0d ) 3 2 7 6 8
3. t. 2. 6, 24, 120, 72 05, 0 4 0 ,4 0 3 2 0 3, 6 2 8 8 03, 6 2 8 8 00
4. l , 1 2 0 2, 5 2 , 1 2 0I ,
5. 8 4 .1 2 6 2. 1 0
g. \ n + D/ 2
2n
10.2n
rr. 65536
2 1. x : y : l . z : 2
Section 1.2
:
l . 9 9 : 3 ' 3 3 , 1 4 5: 5 ' 7 9 ,3 4 3 : 7 ' 4 9 , 0 888'0
2. a).c), d), e)
3. a) 5,15 b) 17,0 c)-3,7 d)-6,2
4. a: *.b
13. b) 3
1 1 . 0 i f a i s a n i n t e g e r ,- l o t h e r w i s e .
2 3 . b ) 2 0 0 . 4 0 , 8 , I c ) 1 2 8 ,l 8
2 4 . 2 0 + l 8 [ x - l ] , S t . 0 8n o , $ 1 . 2 8Y e s
Section 1.3
l. ( 5 5 5 4 ) r ,( 2 f i 2 ) r c
2. ( 3 2 8 ) r o (. l I I I l o o o o o o ) 2
3. ( t r s ) , u , ( 7 4 E )6
4. ( t O t O t 0 lI I l 0 0 l l 0 l I l l 0 l I I l ) 2 , ( t t O t I 1 l 0 l I I I l 0 l 0 l l 0 0 l I l 0 l l 0 l ) 2 ,
( r o o tl o l o o o o o l ol )l 2
6 . b ) - 3 9 , 2 6c ) ( t o o l ) - 2 (, l l 0 0 l l ) - 2 ,( 1 0 0 1 l 0 l ) - z
1 4 .i l t + : 2 ' 3 1 + l ' 2 1 . , 5 6 : 2 ' 4 + t l ' 3 ! + l ' 2 ! , 3 8 4 : 3 ' 5 !+ l ' 4 !
Section1.4
l. ( r o o t 0l o l l o ) 2
2. (rttilolll)z
3. ( r o tt 0 0 0 l l 0 l ) 2
4. ( l l l o ) 2 .( l o o o l ) 2
5. (too65)ro
6. ( 3 3 8 F )r e
't (8705736)
. r6
8. ( l I C) r c ,( 2895)r o
428
A nsw ers to S el ected probl ems
2 3 ' a ) 7 g r o s s , 7 d o , z e n , a n d g e gb
g )s i l g r o s s , 5 d o z e n , a n d
lreggs
c) 3 gross,I I dozen,and 6 eggs
Section 1.5
a) prime b) prime c) prime d) compositee) prime f)
I composite
7. 3,7,31,211,2311,59
r 0 . i l 2 4 , 2 5 , 2 6 , 2 7 , 2 9b ) 1 0 0 0 0 0 +
. l 2 , 1 0 0 0 0 0 1 !3+, . . . , 1 0 0 0 0 0 11!0+0 0 0 0 1
t4.53
16. a) 1, 3, 7, 9 ,1 3 ,1 5 ,2 1 ,2 5 ,3 1 ,3 3 ,3 7 ,4 3 ,49,51,63,67,69,73,75,7g,g7.93.99
Section 2.1
l. il5 b) lll c)o d) I e)rr il2
4. I if a is odd and b is evenor vice versa,2 otherwise
5. 2t2l
14.il2 b)sc)ssd)3 e)t f)1001
15. 66, 70, 105 66; ,7 0 ,1 6 5
o ;r 4 2 ,7 0 ,1 6 5
1 9 . ( 3 k + 2 ,5 k + 3 ) : I s i n c es 3 k + D _ 3 ( 5 k + 3 ) : I
Section 2,2
l.a)rsb)6dZd)s
2 . a ) r s : 2 . 4 5 + ( - l ) 7 5 b ) 6 - 6 . 2 2 2+ ( _ 1 3 ) 1 0 2
c ) z : 6 5 ' 1 4 1 4 + ( - r 3 8 ) 6 6 6d ) 5 : 8 0 0 . 4 4 3 5 0+ ( - 1 1 0 1 ) 2 0 1 8 5
3 . a ) I : l ' 6 + l . l 0 + ( - t ) t 5 b ) 7 : 0 . 7 0 + ( _ l ) 9 g+ 1 . 1 0 5
c ) 5 : - 5 . 2 8 0 + 4 . 3 3 0+ ( - t ) + o s + 1 . 4 9 0
4. ilZ
s. il2
Section 2.3
l . i l 2 2 . 3 2b ) 3 . 1 3 c ) 2 2 . 5 2d ) 1 7 2 d , 2 . l . l l f ) 2 8 g ) s . r o l i l 2 3 . 4 3i ) 2 4 . 3 2 . 5 . 7
| 2 6 5 3 k ) 3 . 5 . 7 I23. l ) 9 . 1l . l 0 l t , 1 t,,l i
8 . b ) 2 r 8 3' 8 . 5 7 4 . 11 . 1 3t 7. . t g
9. 249,331
1 0 . 3 0 0 ,3 0 1 ,3 0 2 ,3 0 3 ,3 0 4
| 2 . b ) 5 , 9 |, 3 , 17 , 2l , Z g , 3 , 3 7 ,14, 4 9 , 5 3 , 517,,669 ,37, 77 , g g ,3g. g 7
.lOl
d ) 6 9 3 : 2 1 . 3 3: 9 . 7 7
1 4 . il 24 b) 210 c) r+o d) I l2l I e) soo+oil 3426s7
1 5 . i l 2 2 3 35 37 2 . 2 1 3 s s 5 7 7 b ) 1 , 2 . 3 . 5 . 7 . 1 1 . 1 3 . 1 7 . 1 9 . 2 3 . 2 9
d 2 . s . 1 1 , 2 3 . 3 . 5 7 1. 71.1 3 . 1 3d ) 1 0 1 1 0 0 0 , 44l f7i r r 7 g | rg 3 i l r l 0 l r 0 0 l
1 7 . 1 8 , 5 4 0 3; 6 , 2 7 0 : 5 4 ,1 8 0 ;9 0 . 1 0 8
2 1 . 308,490
25. a ) 3 0 , l 0 0 l
29. a f u c ) 2 . : r , r 5 r d ) 3 2 . 5 ..71 3 . t 7 . 2 4 te ) 5 2 1. 3 . 4 1 . 6 t . 1 3 2 1
f ) 3 3 . 5 . I73. .1 9 . 3 7 . 7130. 9
3 0. 1 0 3
429
Answers to Selected Problems
Section 2.4
l . i l z z ' q l ' e u b ) 7 ' 3 7 ' 5 3 ' 1 0 7c ) t 9 2 ' 3 r ' 4 9 6 9
toot'1999 f) 4957'4967
2 . u ) r : . s q r b ) 7 3 c ) t z ' 6 + t d ) 1 0 3 ' 1 0 7e )
lz' 5 l3' 2nlogrc2
5. d17,347 6. d)13'17,41.61,293'341313'3?'109 7 . 5 '
Section 2.5
l. a)x:33 *5n.1:-ll-2n b) x:*300* 'y -4OO-11n
l 3 n'il
-;13:::il;4,-"44r,
d)nosorution ,x'ZI cb1 y =-zi^\n
i l x : 8 8 9 + 1 9 6 9n , Y : - 6 3 3 - 1 4 0 2 n
2. 39 Frenchfrancs,I I Swissfrancs
3. 17 apples,23 oranges 8-'l. 0f
4. l8 "Pt
=(25,0),(22,2),(19,4),(16,6),(13,8)'
5. a) (14-centstamps,2l-centstamps)
( 1 ,
( 1 0 , 1 o ) ,( ? , 1 2 ) , ( 4 ,1 4 ) , 1 6 )
b) no solution
=(54,1)' (51'3)' (48' 5)'(45'7)'
c ) ( 1 4 - c e nst t a m p s , 2 l - c e ns t a m p s )
( 4 2 , g ) , ( 3 9 ,1 1 ) ,( 3 6 , l 3 ) , ( 3 3 , 1 5 ) , 3 0 , l 7 ) , ( 2 7' 1 9 ) '( 2 4 ' , 2 r \ ' , ( 2 1 ' , 2 3 ) ' ,
(
( 18 , 2 5 ) ,( 1 5 , 2 : 7 ) , ( 1 2 ,2 9 ) , ( 9 ,3 1 ) ,( 6 , 3 3 ) ,( 3 , 3 5 ) ,( 0 ' ,3 7 )
10.a)3 t)ze d242
- l-n
I l . a ) x : 9 8 - 6 n , ! : | * 7 n ,z b) no solution
: 150-3n, w -- fr
c ) x : 5 0 * n , l : - 1 0 0 + 3n, z
: (1 ( 1 4 ,8 , 2 ) , ( 1 1 , 1 2 , 1 ) '
t2. (nickels,dimes,quarters) ( 2 0 ,0 . 4 ) , 7 , 4 , 3 ) ,
( 8 .1 6 , 0 )
1 3 . 9 first-class,l9 second-class, 4 l s t a n d b y 1 4 . n o 1 5 . 7 c e n t sa n d 1 2 c e n t s
Section 3.1
l. a) l,2JlP$ 1,3,9,27,3J,111,33 . .3' i,t9 9 9
4 . i l g b) b c ) o d ) 1 2 d + f) I "ff2,
Section 3.2
L a) x:3 (mod 7) b) x:2,5,g (mod
9) c) x=7 (mod 2l) d) no solurion
e) x=812 (modl00l) f) x:1596 (mod
t5g7)
2. c) x=5 (mod 23)
3. I t hours
4 . 6 - 0 , 6 , 1 2 , 1 8 , 2 4( m o d 3 0 ) , 6 s o l u t i o n s
s.a)r:D7c)sd)t6
8 . a ) ( x , y )= ( 0 , 5 ) , \ t , D . , e . O , ( 3 , 3 ) , ( 4 , 0 ) , ( 5 ,(4m) o , (d6 , 1 )
7)
b ) ( x , y )= ( t , l ) , ( 1 , 3 ) , ( t , 5 ) , t r , z l , t : , o l
(7,0), , G , z i , i i ' , q j , i r , ul,(5,1),(5,3),(5,5),(5,7),
(7,2).(7,4),(l.0 (modg)
c ) ( x , y )= ( 0 , 0 )( ,0 , 3 )( ,0 , 6 )( I, , I ) ,( I ( I
( 4 , 1 ) , ( 4 , 4 ) , ( 4 , D , $(,5D, 5, ) , ( 5,,4g)l ,, r,e7,),o( l2, ,r2o, )(, 2 , 5()2, , g )( ,3 , 0 )( ,3 , 3 )( ,3 , 6 ) ,
:J,-ii,il
( 8 , 5 ) , ( g , g )( m o d , (7,1),(7,4),(7,7),(g,2),
9)
d) no solution
Section 3.3
l ' a ) x = 3 7 ( m o dl g 7 ) b ) x : 2 3 ( m o d3 0 ) c ) x : 6 ( m o d2 r 0 )
d ) x = 1 5 0 9 9 9( m o d 5 5 4 2 6 8 )
4. 2l0l *201
8. a) x = 28 (mod 30) b) no solution
10. a) x :23 (mod30) b) x = 100 (mod
210) c) no solurion
d) x : 44 (mod g40) e) no solution
il. 30t
| 3. 0000,0001,0625,9376
1 7 . 2 6 f e e t6 i n c h e s
Section 3.4
l . a ) ( x , y ) = ( 2 , 2 ) ( m o d 5 ) b ) n o s o l u ti o n
c ) (x,y) = (0,2),(1,3),(2,4),(:,0) or
(4,1) (mod5)
2 . a ) ( x , y ) = ( 0 , 4 ) ,( l , l ) , (2 ,5 ),(3 ,2 ),(4 ,6 ),(5 ,3),(6,0)
(mod7) b) no sol uti on
3. 0, l, p, orp2
(
4. a) l0
tt -)
{
1. a) l 0 orll b ) ls rl c ) fr 4 l
U / l\ o 2/ l lt -, rJ
{q
I
4 3J [z o 6l ls 5 5 4
l) 545
8. a)
l 4 t o l b )l z ' o l c ) 4 5 5
lr
lr 4 4) ll 4 oj l5
[4 555
9. a) x :0,y E 7,2 -2 (mod7) b) x : l , - y E 0 , 2 = 0 ( m o d7 )
c) = 5 , - y = 5 , , = 5 , w = 5 ( m o d7 )
r 0 . i l 0"b ) 5 c ) 2 s d ) l
431
An swer s t o S elec t e d P ro b l e ms
Section 4.1
l. a) 28 b) 24 c) 2ro d) 2t
2. a) 53 b) 54 c) 5r c) 5e
9 d) not bv 3
3. a) by 3, not by 9 b) by 3, and 9 c) by 3' and
4. a) no b) Yes c) no d) no
3, and by 9 b) those with an
5. a) thosewith their number of digits divisibleby
with their numbcr of digits divisibleby 6
even number of digits c) those
(same ior 7 and for 13) d) I 1
* a5 aaa3l at apo (mod 3l)'
8 . o z r o 2 n - t . . . a p s - a z n o 2 n -at z n - z*
3 7t r4 $ 6 e 2 . 3 7l1019 2 7 8 s
d) yes
10. a) no b) not by 3, by 5 c) not by 5' not by 13
ll. 73e
'!-6
12.
check d) no' for example
I 3. a) incorrect b) incorrect c) passescastingout nines
part (c) is incorrect,but check
passes
Section 4.2
Section 4.3
') 3 ,4
t () 1
l. a) Tcanr
Round
')
I 1 6 b)'c 3
1 6 5
,| 't -l - l
')l
-l
2 b-vc -- ----- 1
3 ) I 1 6 b)'c -l I
3 b\,c 1 o 4
4
5 ,1
J 2 I 1 brc 5
6 5 .4 bvc ) I 1 o
1 o 5 4 3 2 ) blc
4 : 3 , 4 ' R o u n d5 :
: o u n d l : 4 , 5 . R o u n d2 : 2 , 3 , R o u n d3 : 1 , 5 ,R o u n d
3 . a ) H o m et e a m s R
t.2
Section 4.4
5 . 5 5 8 , 1 0 0 2 ,2 t - t 4 ,4
432
A nsw ers to S el ected probl ems
Section 5.1
l. _l l"
2. I
4.4
5. a) x : 9 (mod 17) b) ,r : 17 (mod 19)
18. I
24. 52
Section 5.2
t7. 7.23.67
Section 5.3
l . a ) 1 , 5 b ) 1 . 2 , 4 , 5 , 7 , cg ) 1 , 3 , 7 , 9 d )
1 , 3 , 5 , 9 , , . 1 3e ) t , : . s , 2 , 9 . , , t 3 . 1 5
) 11\
r
1m-l
a r . J \ . . , \ L I
5. ll
9. a) x :9 (mod 14) b) x : 13 (mod
15) c) -r = 7 (mod t6)
ll. a) r b) I
1 2 . d ( 1 3 ): 1 2 , 0 0 4 : 6 . a ( 1 6 ) : 8 ,
d ( I 7 ) : 1 6 , , r ( r 8 :) 6 , o ( t g ) : t 8 , d ( 2 0 ): 8
Section 6.1 il f
Section 6.2
1 0 .a ) 7 3 , 2 5 2 . 2 0 4 4
b ) r + p k c ) ( p k u + r t _ D / g k _ Do
ii<tta,*t)_D/Qf_t)
j:l
Section 6.3
1 . 6 , 2 9 , 4 9 6 ,g I 2 g , 3 3 5 5 0 3 3 6g, 5 g g g 6 9 0 5 6
433
An sw er s t o S elec t e d Pro b l e m s
3. il t2,18,20,24,30,36b) 945
7 . a ) , c ) P r im e
8. a),b),d) Prime
Section7.1
l . D W W D FN D W G D Z Q
2. I CAME I SAW I coNQUERED
3. IEXXK FZKXCUUKZC STKJW
4 . P H O N EH O M E
5. t2
6. 9.t7 'r d (mod 26)
7 . i l C : 7 P + 1 6 ( m o d2 6 ) b ) C : a c P * bc
EXPLOSIVESINSIDE
8 . A ) V S P F X HH I P K L BK I P M I EG T G b )
Section 7.2
l.RL OQ NZ OF XM CQ KE QI VD AZ
2. IGNORE THIS
a
Il 2 4 ]
J.
12425)
4. a) t b) l3 d 2 6
Iz t: I I
6. I I 23101
1 2 5 37 )
matrix Itj 163]
i. digraphicHill cipherwith enciphering
[52
000 ol
1 3rI 310 ol
12 310 0l
ro r lI
l o 0o 22 tt 37 'l
l0 rl
l.00 00s
Section 7.3
l. t 4 t 7 t 7 2 7 l l 1 7 6 5 7 6 0 77 6 t 4
Z. D O N O T R E A DT H I S
4. G O O DG U E S S
5. 92
6. 150
Section 7.4
l . 1 4 5 33, 0 1 9
3 . 1 2 1 51 2 2 4t 4 7 l 0 0 2 30 l 1 6
4 . E A T CHO CO L A T EC AK E
434
A nsw ers to S el ected probl ems
5 ' a) 037103540 8 5 80 8 5 80 0 8 71 3 5 9
0 3 5 40 0 0 000871543I 7g7 053sb) g
001 0977
0274 0872 082r0073084s
07400000
0008
0r480803
ffi8 #l 3l1i'u* 04r5
6' d 004200560481048107630000
00510000 029402620995049505:|'
00000734 015206470972 ag72
7 ' d ) 1 3 8 31 8 1 2 0 3 5 2 0 0 01 03 8 30 1 3 0
1 0 8 0r 3 5 r r 3 8 3r 8 1 2 0 1 3 0 0 g 7 2 r 2 0 8
00000972l5l5 0 9 3 7 1 2 9 71 2 0 82 2 7 3 0956
l 5 l 5 0 0 00
8. 0872I 152 15 3 70 1 6 9
Section 7.5
l. a) yes b) no c) yes d) no
4 . l 8 : 2 * 1 6 : 2 * 3 * 1 3: 3 * 4 * l I :
7*l I
5 . ( t z , s t , g 5 , g1,6 , 4 g , 6 4 )
6. 6242382306332274
g. (44,37,7 4,72,50,24)
1 0 .a ) 0 o: 2 . 3 . 1 0 : 2 . 5 . 6 : 6 . 1 0
b ) 1 5 9 6 0 :g . 2 1 . 9 5
Section 7,6
l. a) 36962
, 6 4 0 , 5 6 0 0 , 3 g 5b ) 5 3 g 9
2. 829
Section8.1
l. il4 04 c)6
2 . a ) 3 b ) 2 ,3 c ) 3 , 7 d ) 2 , 6 , 7 ,l l
e ) 3 ,5 f ) 5 , I I
4.4
1 6. il 23. 89
18. d 2209
Section 8.2
L a)2 04 c)8 d)6 e)t2 f)22
4. il q b) the modulusis not prime
6. 1
i l . b) 6
1 2 . c ) 2 2 , 3 7 g, , 6 , g , 3 g .2 6
Section 8.3
l. 4 , 1 0 ,2 2
2. ilz 02 c): il2
3. il2 02 dz d)3
4. a)5 b)5 c)rs d)15
5. 7 . 1 3 . 1 7 t. 9
Section 8.4
l . i n d 5 l: 2 2 , i n d 5 2 : 2 . i n d 5 3: 1 6 , i n d 5 4 : 4 ,
i n d 5 J : I , i n d 5 6: 1 8 ,i n d 5 7: 19.
435
Answers to Selected Problems
ind58:6,ind59:l0.ind5l0:3'indsll:9'ind:12:20'ind5l3:14'indi14:71'
ind5l5:l7,ind5l6:8.ind5l7:7'ind5l8:12'indslg:15'indr2O:5'
i n d 5 2 l: 1 3 ,i n d 5 2 2 : l l
(mod23)
2. a) -r=9 (mod23) b) x=9'14
3. .) x : 7 , 1 8 ( m o d 2 2 ) b ) n o s olution
- 1 . a : 2 . 5 ,t l r 6 ( r n o d l 3 )
(mod29)
5 . b : 8 . 9 . 2 0 o. r 2 l
6. ,r 3 10,16,57, 5 9 . 9 0 . 9 9 .I 15 . 13 4 , 1 4 4 . 41 5 .I 4 9 , o r | - 5 2( r . I l o dI - 5 6 )
( r n o d2 3 ) , o r x E 1 , 1 2 . 4 5 . 4 1 . 7 t t ' 9 1 ' 9 3 ' 1 0 0 ' 1 3 7 ' 1 3 9 ' 1 4 4 '
T . x = I ( m o d 2 2 ) .a - 0
3 6 7 ' 3 6 9 ' 36t ,t , 1 | 3 . 451, 4 . ] 0 '
' 32 3 2 . ? . 5 2 . 2 5 45,,2277 7. 3 2l , 3 2 3 ,
1 8 3 l' 8 5 . 1 8 8 , 2 1 0 , 2 2 9 l, 2
4 5 9 , 4 6 1o. r 4 9 6 ( m o d 5 0 6 )
( m o d l 2 ) , ' t - 4 2 ( n r o d8 )
lt. a) (t,Z), (0,2) c) -x = 29
= 1 7 ( m o d6 0 )
12 b) (0,0, 1, l), (0,0' 1,4) d) 'x
l6.b)(49938.gg8.7O1@.4993999811):'74999249..,
Section 8.6
g o f) 3 8 8 0 8 0 g ) 8o+ o h) I 254I l 328000
r . a ) 2 0 b ) 1 2 c ) : 0 d ) 4 8 e) t
d ) 5 , l 0 ' 1 5 .1 6 , 2 0 ,3 0 ' 4 0 ' 4 8 ' 6 0 '
2 . a ) t , z b ) 3 , 4 , 6 ' 8 . 1 2 .2 4 c ) n o s o l u t i o n 1 2 ' 8 4 '1 2 6 '
q,
8 0. 120,240 e) no s o l u ti o n f ) z . 1 4 ,1 8 .2 1 . 2 8 , 3 6 . 4 2 . 5 6 , 6 3 .
I 6 8. 252.504
3.65520
4. a)tt b)2 c)l d)ll e)tg f)38
I 4 . 5 .I 3 ' l ' l ' 2 9 .5 ' l T ' 2 9 5, ' , 2 9 ' 1 3
Section 8.7
5 , 2 5 .6 2 . 8 4 .- s '2 5 . 62'"
l . 6 9 , 7 6 , 1 7 , 9 2 , 4 6I, I ' 1 2 .1 4 .1 9 .3 6 , 2 9 , 8 4 ,
7 . 6 . 1 3 , 1 0 , 1 4 , 1 5 , l , 7 ' 1 8 .1 6 .6 , l 3 - . . . p
. e r i o dl e n g t hi s 9
3. l0
6) l o z 3 z + tttz:
" 7 .a ) l t b ) 7 1 5 8 2 7 8 8 2c ) 3 l d ) 1 9 5 2 2 5 7 8 c
9 . 1 , 7 4 , 2 5 ,I 8 , I 2 , 3 0 ' l l . l 0
Section 8.8
l . a ) s b ) 5 d 2 d ) 6 e) 30 i) 20
2. a)2 b)3 d2 il2 e)5 t)7
3. a) usesPreads : 3 b) u s es p r e a sd : 2 l c ) u s cs P r c a sd : 2
Section 9.1
l, l6.l7
I . a ) t b ) I , 4 c ) I , 3 , 4 , 9 , 1 02, 1 d ) 1 , 4 , - s , 6 , 7 , 9 . 1
2. l,l,-1,1,-1,-l
(mod 7) c) no solution
I l. a) -r = 2,4 (mod 7) b) -r = |
15. .r = 1,4,11,14 ( m o d l5)
36. c) DETOUR
436
Answersto Setectedproblems
Section 9.2
Section 9.3
Section l0.l
Section10.3
I . a ) [ l ; 2 , 2 , 2 , . . .b1) [ t ; 1 , 2 , 1 , 2, 2, 1, . . . )c ) [ 2 ; 4 , 4 , 4 , . .d) ) t
[ ;1,1,1,...J
2 . 4 _ l , L ! , s , t b ) 6 J , l , l , J c ) 0 , 2 , 6 , 1 0 , 1 4d ) 0 , 1
,3,5,7
? 312689
99532
/^\238il1997106193
l- l'3'4 ^7'32'39'7t: o,
4t 69
+
l l . d ) 2g1 9 l l 1 3 -1 3 5 ' 1 5 7t 7 g ' 2 0 12 2 3 z 4 s 2 6 7 z } s 3 l l
t5'22'29'36,Jt,E-'T,d,7l '7g 'g5 ,lt,f
Section 10.4
tt o:z2o|lte;Tt4I?q,2,+t1
5. c) [q;j,J8],
6. d to:ffil, 17:7,t41, I l6;l,t5,1,321
I l. b), c), e)
Section I l.l
b) 3'4'5;6'8'105 ; ',12',13;9'
l . a ) 3 , 4 , 5 : 5 , 1 2 , 1 31;5 , 8 , 1 7 : ' 7 , 2 4 , 2 5 : 2 1 , 2 O , 2 9 : 3 5 , 1 2 , 3 7
1 0 ' 2 4 ' 2 6 : 2 1 ' 2 0 ' 2 9l ;8 ' 2 4 ' 3 0 ; 3 0 ' 1 6 ' 3 4 ;
12,15;15,8,17:12,16,20:7,24,25;15,20,25;
21,28,35,35,12,37 ; I 5,36,39;24,32,40
1 ' - 2\ I (m2+Zn2)
8. x : : n l n , z- - : w h e r em a n d n a r e p o s i t i v e i n t e g e r s .
;(m"-Zn"),Y t
i^l
,: L(2^2-nz),! : ^r,, : where m and n a(e positiveintegers,
+Q.m2+n2)
*>it,li, andn is even
|
I
: mn,, - , ) , r ?\ r- - ^^ --- ^-,{
where m and n, - ^are
-o
positive
^^"iti'r, integers,
9. , - l-{^z-3n2),y f,(^2+3n2)
*rrTln,andm = n(mod 2)
Section 11.3
b)nosolutionc)x: + l'y: +2
l. a)x:!2,y:0;x:+l,y:!l
t3,y:*l b)nosolution c)x- + 5 ' l : 0 ; x : * 1 3 ' y:+3
2. a)x:
: 70,y : 13 b) x : 9 8 0 1 , : 1 8 2 0
3. a) x Y
: 829920;x : 42703566796801,
5' X : l 52Q,y : 273 ; x : 4620799,y
: 766987012160
Y
6. a), d), e), g), h) Yes b)' c)' f) no
'1.
x : 6239'765965'120528801, ! : 19892016576262330040
Bibliography
BOOKS
Number Theory
N ew Y ork'
1 4 . H. M . E dwar d s , F e rm a t' s L a s t T h e o re m,Spri nger-verl ag,
1911.
15. A.A.Gioia,TheTheoryofIYttmbers,Markham'Chicagol970.
Birkhausero
1 6 . E. Grosswald,,Topicsfrom the Theory of Numbers, 2nd ed.,
B o s t o n ,1 9 8 2 .
28. O. Ore, Number Theory and its History, McGraw-Hill, New York,
I 948.
CryptographY
49.A.Gersho,ed.,AdvancesinCryptography'Dept'ofElectricaland
1982.
computer Engineering,Univ. calif. Santa Barbara,
Macmillan'
50. D. Kahn, The Codebreakers,the Story of Secret Writing'
New York' 1967.
1981'
51. A. G. Konheim, Cryptography: A Primer, Wiley' New York'
Park Press,
5 2 . S. Kullback, s/atis tical Methods in cryptanalysis, Aegean
Laguna Hills, California, 1976.
Dimension tn
5 3 . C. H. Meyer and S. M. Matyas' Cryptography: A New
Computer Data Security, Wiley, New York, 1982'
Association of
5 4 . A. sinkov, Elementary cryptanalysis, Mathematical
America, Washington,D.C., 1966'
Computer Science
and Design'
55. K. Hwan g, Computer Arithmetic: Principles, Architecture
WileY, New York, 1979.
'of computer Programming: semi-Numertcal
56. D. E. Knuth, Art
Algorithms volume 2, 2nd €d., Addison wesley, Reading
Massachusetts,l98l .
and searching,
57. D. E. Knuth, Art of computer Programming: sorting
volume 3, Addison-wesley,Reading,Massachusetts, 1973.
wiley, New
58. L. Kronsjo, Algorithms: Their complexity and Efficiency,
York, 1979.
its Applications
59. N. S. Szab5 and R. J. Tanaka, ResidueArithmetic and
to Computer Technology,McGraw-Hill' 1967'
442 Bibliography
General
60. H. Anton, Elementary Linear Algebra, 3rd ed., Wiley, New York, 1981.
6 1 . E. Landau, Foundations of Analysfs, 2nd ed., Chelsea,New York, 1960.
6 2 . W. Rudin, Principles of Mathematical Analysis, 2nd ed., McGraw-Hill,
New York 1964.
ARTICLES
NumbenTheory
CryptograPhY
t2 Summation, 5
nt Factorial, 8
Product, 9
II
l*)
It Binomial coeficient, l0
t.kJ
olb Divides, 19
olt Doesnot divide, 19
lxl Greatestinteger, 20
( a 1 r a 1 r - 1 . . . a f l 0t ) Baseb exPansion,27
Computerword size, 33
ov) Big-O notation, 38
,r(.x) Number of Primes, 47
G,b) Greatestcommondivisor, 5 3
(a 1,,a2,..-,an) Greatestcommondivisor (of n integers), 5 5
un Fibonaccinumber, 60
la,bl Least commonmultiPle, 7 2
min(xy) Minimum, 72
ma x( x , y ) Maximum, 72
p'lln Exactlydivide, 76
ta 1 ,a2, . . . , anl Leastcommonmultiple (of n integers),7 7
F, Fermatnumber, 81
a = b(mod z) Congruent,9l
a # b(mod nr) Not congruent,91
a Inverse, 104
A:B(modra) Congruent(matrices), I l9
7 Inverse(of matrix), l2l
I Identity lnatrix, l2l
adj Ca) Adjoint, 122
h (k) Hashingfunction, 141
6h) Euler'sphi-function, l6l
List of Symbols
Summationoverdivisors, 170
dln
Completelymultiplicative
Diophantus, 86
function, 166
Dirichlet, G. Lejeune, 74
Composite, 1,45
Dirichlet product, 172
Computationalcomplexity, 3g
Dirichlet's theorem on primes in
of addition, 39
arithmetic progression, 74
of Euclidean algorithm, 62
Divide, l8
of division,4 -
Divisibility, l8
of matrix multiplication, 43
Divisibilitytests, lZ9
of multiplication, 39
Division algorithm, l9
of subtraction, 39
Divisor, l8
Computer arithmetic, 33,109
Double hashing, 143
Computer files, 141,227
Draim factorization, g4
Computer word size, 33,109
Duodecimal notation, 44
Congruence, 2,gl
linear, 102
Electronic poker, 209,304
of matrices, I l9 Enciphering, 188
Congruenceclass. 92
Encryption, 188
Conjecture,
Equation,
Ccllatz, 24
diophantine, 86
Goldbach, 50
Pell's, 404
Conjugate, 377
Eratosthenes, I
Continued fraction, 350
Eratosthenes,sieveof, 2,46
finite, 351 Euclid, I
infinite, 362 Euclideanalgorithm, 5g
periodic, 374 425
Euler. L.. I
purely periodic, 3g3
Eu l e rphi -functi on,l 6l ,l 67
simple,351 Euler pseudoprime,325
Convergent, 354
Euler'scriterion. 290
Coversionof bases, Zg
Euler's factorizationmethod, g5
Coveringset of congruences,I l5
Euler's theorem, 161
C r y p t a n a l y s i s ,1 8 8
Exactly divide. i6
Cryptography, 188 Expansion,
Cryptology, 188
base b, 27
Cubic residue, 262
Cantor, 30
continuedfraction, 350
Database, 227 periodic base b, 343
Day of the week, 134 periodiccontinuedfunction, 374
Decimal notation, 27
terminating, 341
Deciphering, 186 t l-exponent, 280
Decipheringkey, 213 Exponentiationcipher, 205
Decryption, 188
Deficient integer, 185 Factor, l8
Descent,proof by, 398 Factor table, 4ll
Diabolic matrix, 127 Factorial function, 8
Digraphic cipher, 198 Factorization, 69,79
Diophantineequations, 86,391 Draim, 84
linear, 86 Euler, 85
lndex
Fermat. 80 Goldbach,C., 50
prime, 68 Goldbach's conjecture, 50
prime-power, 69 Greatest common divisor, 53
speedof, 80,215 Greatest integer function, 20
Faltings,G., 400 Greeks, ancient, 2
Farey series, 349
Fermat, P. de, 1,397 Hadamard, J., 48
Fermat factorization, 80 Hanoi, tower of, l'l
F e r m a t n u m b e r , 8 1 , 3 0 2 , 31 Hashing, 141
Fermat prime, 8l double, 143
Fermat quotient, 152 quadratic, 304
Fermat's last theorem, 398 Hashing function, 141
Fermat's little theorem, 148 Hexadecimal notation, 27
Fibonacci, 60 Hilbert prime, 76
Fibonacci numbers, 60 Hill cipher, 198
generalized, 68
Fibonacci pseudo-randomnumber Identity matrix modulo z, l2l
generator, 219 Inclusion-exclusion, principle of, 17,51
Frequencies, Incongruent, 9l
of letters, 193 Index of an integer, 252,421
of digraphs, 202 Index of summation, 5
of polygraphs, 203 Index system, 262
Function. Induction, mathematical, 4
additive, 174 Infinite simple continued fraction, 362
arithmetic, 166 Infinitude of primes, 45,82
completely additive, l7 4 Integer,
completely multiPlicative, 166 abdundant,185
Euler phi, 161 deficient, 185
factorial, 8 palindromic, 133
greatest integer, 20 powerful, 16
hashing, 141 square-free,75
Liouville's, 174 Inverse of an arithmetic function, t73
Mobius, l'73 Inverse modulo lrr, 104
multiplicative, 166 Inverse of a matrix modulo nr, l2I
number of divisors. 175 Involutory matrix, 126,244
sum of divisors. 174 Irrational number, 336,36'l
Fundamental Theorem of
Arithmetic, 69 Jacobi symbol, 314
Telephonecables, 284
Terminating expansion, 341
Test,
divisibility, 129
Lucas-Lehmer, 183
Miller's, 156
Pepin's, 3l I
primality, 153,263
probalisticprimality, 158,334
Theorem,
binomial, 12
Chineseremainder. 107
Dirichlet's, 74
Eulerns, l6l