Part II Number Theory

2020/21
Lecture 1

Dr Julia Wolf
julia.wolf@dpmms.cam.ac.uk
Number studies the
theory properties of

IN =
It . 2,3 , . . . }
Z =
10 ,
It I 2
,
, .
. .
}
④ =
{
Fg :
p, get ,
q
to }

Some
conjectures that will motivate us
throughout this course :

¥t¥ I
infinitely many primes pst.pt 2 is also
prime .

Reauttloj.tt infinitely4 many primes p st .

{ pt2.pt 2463 contains prime

, . .
. .

, pt a .
Conjecture let
Then
IT In) =
# primes en
,
let him =

{Fgf .

Riemann IT1N LINE fu log trek 3

Hypothesis a a>
-

, .

ReautC2 11Th -

him E CI e- cage i
the > 229

Yoga)k, for some constants

GC > 0 .

Conjecture Is there a
polynomial-time algorithm that ,

N two
given any product of
primes ,

and ( g) N=pq ?
computers p st .
 the
RSA depends on answer to this
question being negative .

Rewth00# just testing whether or not a

given integer
prime done time
is can be in
polynomial .

Work towards these often involves sophisticated

conjectures
mathematical theories .

"
In this
"

course we shall
only cover
elementary methods
,

but these will get us

quite a
long way .

We with review of material from IA Numbers & Sets

begin a .
CHAPTERI EUCLIDJALGORITHMDivisiohAIgonthml.tn
Given a. belt
3- 9. r EA with
with b > 0
,

a -_

bqtr
and Oercb .

Proof
-
let 5- { a- nb : nets .
then S contains
some non
-

negative integer let r be the best

.

element of S with r > 0 .

We claim that rcb If .

not ,
then
r -

b> 0 , and r -
b es
,

contradicting our choice of r .

µ
Notation If r=O in the division
algorithm ,

i. e. if a= qb for e #
g ,
"
then bla
"
we write .
b divides a

write Ya
" "
If rto ,
we b .
b is a divisor of a

Given at , az . . . -

, an EZ ,
not all zero
,
let E- that .
.
. then an Tie 23
:
.

Note that a. be I ,
lime # latmb EI .

¥3 I =D # =
{ md :
me 2} for some d>0 .

Proof
-
let d be the least element of I with d > 0 .

then Zdhf We claim that I ED7

clearly
Indeed let aet and write
I .

with Oercd (
.

, qdtr
a-
by the
Alison
Algorithm) .
then f- a- qde I
,
which tuples r-0.tl
Notation Note that ai et t i
,
so dlai ti .

Conversely , if clai Hi ,
then c divides
every
element of I ,
and in particular old ,
.

We write D=
gcd fan . . .
,
an ) or
"
greatest common
"
divisor
hot La )
d an or
simply
=
,
-
. .

, ,
"

D= fan highest common

. .
-

, an ) factor
"

C45 let aib CE7E

, ,
aib not both 0 .

Then 3-
my E7 sit .

antby
=
c ⇐7 lab) I c.

The Division Algorithm 1.1

gives an efficient method
for D= lab)
computing .
Eudid'sAtgaithm Suppose wlog a> b > 0 .

Then a= qbtr , OER , ab

b =
qzritrz 0 Eric r ,

0 Ersatz
r,
93 rztrz
=

:
I

E- E 9k he , the k¥0

E- I =

9kt I rk +00 rklrk -

i

We claim that he =
( ab) :
note that he la and b. so rue lab) .

any ms.t.hn/aandmIbalsodiiidesrkihencelaib)Erk
Note also that .

So ( ab) =
( b. r I
,
= . = Chu rk ) =
hi
. . .
, .

to determine
This also allows us
my Ehtst D= lab) .
= ant
by ,
"
Beaut 's identity
by Corollary
"
to
which are
promised us 1.5 . .
 a # Clio)
coil )
EXampk let b⇐
a- 34,6=25 .

34at25y
¥
'

9=1×7+2 9-1×7 2 CIH ) -1×1-2,37=(3-4)

7=3×2 + I 7-3×2 I (-2,37-3×131-4)
in = HI ,
15 )
gcdl34.tt) so
I=gcd( 34,25)= -11×34+15×25 .

Definition Aniwtegerml issaidtob.epn.me if its

only positive
divisors Iaudn Otherwise it is said to be
are .

composite .
lemmal.9-ktpbeapn.me let aibeht then , .

not true for

plats ⇐ pla plb or .
-

non -

primes !
Proof His clear that it
pla or plb , then p lab .

Conversely , suppose that plab but pta .

Then la , p) Ip But . Caip ) Ip and p is a

prime ,

so laip )=t .
therefore ,
by Corollary 15 ,

7 my # St 1
e .

antpy = .

Now b=
blaatpy) = a lab) tlbyjpisoplb.tl

Fwudameutaltheoranoftrithmeticl.IT Every net can be written

as aproduct of primes and this representation is unique up to order
, .

not their other rings !

Fwudamentaltheoranoftrithmeticl.IT Every I can be written m

as a product of primes and this representation is unique up to order

, .

Proof Existence follows

easily by strong induction .

Uniqueness suppose there is an integer with two

:

factorisation let h be the least ouch and

.
, suppose
n
=p , . . .
.

ps =
9h -
-
9r
with all
pig ; prime .

Now note that

p ,
I q.gr p, I 9J for some kjer
p ,
=
qj for someleft ,

since
gj prime .

Mog ja 1 . Then
IT =
pz . . . .

ps
=
92 . - -

-9 r ,

contradicting chain of n .
t
Remark If m=
II piai ,
n =
IT pisi with pi distinct primes
,

did i 30,
then (min) =
II pit with fi
= win ( ainsi ) .

But it m and n are

large it is much more elticieut to compute
1mm)
gcd using Euclid 's
algorithm than to factor m and n .
Part II Number Theory
2020/21
Lecture 2

Dr Julia Wolf
julia.wolf@dpmms.cam.ac.uk
Definition I. 12 with input N70 is said
An algorithm integer
pty www.ae time if it completes atter at most

"
c.
flog N )k
for K> 0 ( independent
"

constants
elementary operations ,
some c.

of N ) .

then
It the
algorithm takes input Ni , Nz .
. . .

,
Ns ,
polynomial
"
Ni )
time means
running time at most
climax log .

Exanip6sI

adding and multiplying integers

-

's
computing the greatest common divisor (
using Euclid algorithm)
-

primality testing
-
 On the other hand ,
the obvious
factoring algorithm
( trial division ) nI polynomial
by integers ern is time .

If N
=p q
.
with each
pig prime ,
each of 50 digits ,

do 29 divisions 1 second
assuming we can
,

fifty
"
trial division for N takes seconds ~ 6×10
years .

We will later
in the
see

course
much more ecticient
factoring algorithms
.

Records 232 digit using loos of computers and

almost two of time
years computing .
For will review the fact (also due
completeness ,
we
following
to Euclid) .

Theorem there
that is
are
infinitely
ITIn) →
many
is a
primes
→ a
,

, as .

We will much more about the behavior of IT In ) later

say
in the course .

Proof Fix N71 ,

let
p be
the
largest prime E N .

let 9 be prime factor of M 2×3×5 xp t 1

×
a = . . . -

N
Then 9 7 N ,
but was
arbitrary .
D
CHAPTER2.CO/VGRUENCES-
"
a is congruent
Definitions let n> I be
integer
"
an .
to b mod n

We write a= b mod n if n I a- b. In > 1)

This defines an equivalence relation an ¥ We write 21h#

.

for the set of equivalence classes at ht .

It is to check that the operations

easy

abthttfqfnygiaisgg.gg/
( at htt) t ( btn 2) fat b) th#
÷
nZ is an ideal
lbtn #
detained?
× ÷

are woe -
kmma2.2-leta.CZ .
Then the
following are
equivalent :

Ii ) 1am)=t ;
Iii ) I be Z sit .
ab mod ni

Iii ) (the equivalence class of ) a is a

generator
the
group 12th # )
of it .

Proof lit Iii ) :

Iain ) = I tbiceks.tv abt on =L
ab = I modn

Iii ) Ii ) :
ab = I modn ⇐ a'b- I = kn for some KEZ
Cain) =/
Iii ) Ciii ) : ab = Imodn for some belt
I
belongs to the additive of
⇐
subgroup
ZA7 generated by a

⇐ 2%2 is generated by a .
El
Notations let not .
We write 12th# for the set of units
of Ehf ,
i.e. the set of elements of ¥/n#
that have a multiplicative inverse .

By lemma 2.2 #n¥)×

,
consists of
precisely those classes athtt

with faint .

Definition Define Euler 's 9- function I also known as

Euler 's ttieht function) as 91M : =

# #nz)× .

For n=t , define 941=1 .

Remark 25 lit 9 is a multiplicative function ,

i. e. if Im in) ,
-

then 91mm )= 9 Im ) 9 In ) .

.
ReE Iii ) If not , ZANE is a field
every element is invertible
t ' Eaten ,
⇐ his prime I aint I
⇐ In ) = ny .

let G be
CoroUay2 a
cyclic group of order n > I. then
941 = # { g e G :

'dlg)=n }
or

#
=

generators of G.

Proof blog may assume G =

21h# for some N71 .

Then Claimed result follows from lemme 2.2 .

L7

Euler-Fermattheorem2 If a. nett with lank then ,

a' " modn .

Proof By lagrange 's theorem ( IA Groups ) the order of a ihthe

,
group
G =
#hz)× must divide 161=941 .
A
When have the
n
=p for p a
prime ,
we
following .

Fermat'shHetheorem28_ If a , pet with p a

prime ,

then a
P = a mod p .

Proof
-
If
p la ,
trivially
AQ1P )
true
am
.
If pXa
I mod
,
then
2.4 and 2.7
by
=
= L7
p ,
.

We shall to simultaneous
move on
augments .

Exaiupk2.9-hndnetts.t.se
}
= 4 mod 7 t*)
k = 5 mod 12

the
Could
try solutions of the first
congruence in second .

More
systematically . . .
Exampk2.9-tindnetts.t.se
}
= 4 mod 7 t*)
k = 5 mod 12

Observe that if we have solution to the first

a
congruence
-

we can add to it that is 0 mod 7

anything .

Moreover if we have solution to u= I mod 7 then 4h

-

, a ,

will be solution to the first in C* )

a
congruence .

Suppose
)
we had UN EE s t UE1 mod 7 to mod 12
(t)
.
.

✓= 0 mod 7 v = I mad 12

Then a = 4 UT5V ,
is a solution to C*) .
How do
}
find solutions to
It) ?
we ucv UE1 mod 7 u= 0 mod 12
✓ mod 7 v= , mod 12

17,121=1 7 mine I sit . 7Mt 12nA .

( **)
\
"
-5
3 I mod 7
Now U= 12h = I -7M I
{ omodlz
↳ 36

0 mod't
✓ = 7- m= I -

12h I
{ 1 mod 12
V= -35

4) is given
so ascension to
by a =4ut5v
= 4×36+5×1-35) = -31
In fact ,
the set of solutions to 1*7 is

{n :
n= -31 mod 843 =
fair 53 mod 843 .
The is of of the
preceding example ,
course ,
a
special case
following .

ChineseRemaindertheaem2 let me , ma . . . . .mu be pairwise coprime

Then
positive integers
EZ 7 solution
,
and let M=
II mi .

given any a. au . . -
tak ,
n e # to the
of simultaneous mod
system Cong memes a = a i. mi

RE az Mod ma
'

'
.

K E Gk mod M k .

Moreover mod M
, n is unique .
Part II Number Theory
2020/21
Lecture 3

Dr Julia Wolf
julia.wolf@dpmms.cam.ac.uk
ChineseRemaindertheaem2 let me , me . . . . .mu be pairwise coprime

Then
positive integers
EZ 7 solution
,
and let M=
II mi .

he # to the
given any a. au . . -
tak ,

of simultaneous mod

)
system congruence's a = a i. mi

RE azmodmz *)
i

KE ak Mod Mk .

Moreover mod M
, n is unique .

Remark2 It n satisfies 1*7 then

,
so does att M for teZ ,

so the set of solutions to 4) is at ME .

Proof Uniqueness If (4) aimodm

)
:
my satisfy ,
E- ,

Then Mi In -y KE42 . . - ink .

F- azmodmz

II. IIILIFII.is?iInIEIytmYdm .
a. moan .

Existence : Write
Mi=Mm ,
= IT
Fi
mj ,
for each Hill -
→
k .

since mi . . .
.mu are
pairwise coprime , lmi.mif-tti-hk.ie .

Hence for each i , 7 bi St Mibi = I modmi

I I .
, .

Mibi
and =
Omodmj ttjei

www.IE.aibimisatisties#sinaImg:i
.

a
bi
AIgebraicviewpoiwt2.k-tfm.me . . . . .mu are pairwise coprime
and M=
II mi ,
then the map

0 :
ZIM# →
71M¥ ×
#mite ×
.
. .
×
7km #

N mod M '→
In mod mi , n mod mi , . . -

,
n mod ma )
is an isomorphism of
rings .

To see this , note that if mi I M, then a mod mi depends

only an n mod M ,implies that 0 is well defined .

definition tix in 2h 0 is
By of # , a
homomorphism .

And 2.10
implies that 0 is a
bijection .
L7
In particular it ,
n= pin pin .
. . -

pink for distinct primes pi.pe .

. . .

.pk
and
integers d. , dz .
. . .

,
an 71 ,
then

7k¥ ±
ZTp.az ×
2%12 × ×
2%92
. "

This is
very
useful as it allows us to piece together information
modulo
powers of different primes .

But ¥142 ¥ 7k¥ × ZA2E !

corokay2.B-tfm.mu .
.
. .mu are pairwise coprime , M=IImi
and EZ
a " ai . .
. ak are s t Cai ,
mi ) = I 4 El , 2 ,k . . .

,
. . - .

then there is station to such solution is

a f*) and ,
any coprime to M .
corohay2.B-tfm.mu .
.
. .mu are pairwise coprime , M=IImi
and ai.az # . . take are s.t.lai.mil = I 4 E42 ,k. . .

,
. .

then there is sentient such solution is

a 1*7 and ,
any coprime to M .

Proof theorem 2.10 implies that there is a solution at# .

Fppose Him ) > I. then 7 prime ps.t.pk and PIM Mog assume .

p 1mi .
since RE a. mod mi
, plan But then 1mi a) =p , # El .
, .

AIqebraicviewpoiwt2.14-ftlmzf-ftlm.IT#TmiE)¥.x¥mk¥ ,

"
and in particular ,
if n =p , pin pink
. .
-

#nzA×± ftp.azfx#pi*)I.xHpi*I
trolley If m.mu .mn . . . are pairwise coprime and M=IImi ,

then 9cm ) =
II 91mi) .

Definitions A multiplicative function is a function

f N E with the that
property
: →

V-m.ns.t.lm.nl = I ffmn ) Hm )f In )
,
=
.

A function f. IN → 0 is said to be
flmn )
totally
multiplicative if V-m.in , =
Hm)f In ) .

Exampks2 -

9in )
-
Eln ) = number of positive divisors of n
old sum of positive divisors of n
-
=

"
ok In 1 =
§ d
-

d? I
 '
Note that 9
dqn d 0 and Go
dqndo E
= = =
=
.

None of these are

totally multiplicative .

!emma2 let f be a
multiplicative function .

Then so is
g ,
defined
by ofgln )
=

&n Hd ) .

Proof If 1mm) ,
then the divisors the
product mn

the integers of the form

precisely
are

and dzln Note that such divisors

didz ,
where d.IM
. are
necessarily coprime .

glmn ) c)
Hence
§mnf (d)
§m d§n f- I did
= =

since f multiplicative =
§m £µfIdDHdz) =
gcm)g In ) .

D
EXampk2 nk In )
If f In ) =
,
then
g
=

dqndk =
0k In ) .

We shall see later that we can also recover f- from

g
(via Mobius inversion ) .

For now ,
we will prove one final fact about 9 .

theorem2.20-liltfpisapn.me and MEN ,

pm ( p 1) pm ( ttp ) ;
'

then 4 (pm )
-

= - =

Iii ) the N , 91M =

n -

It -

f) i

Iii )
§ 91nA n
=
.

Proof
-
lit 9 ( pm ) = # { I E a a- pm : la , p ) = I 3
'

pm pm
-

= -
theorem2.20-liltfpisapn.me and MEN ,

pm ( p 1) pm ( ttp ) ;
'

then 4 (pm )
-

= - =

Iii ) the N , 91M -

-
n -

It -

f) i

Iii )
d§9lndI=n .

PnotCotd)_ Iii ) let

"
n= t piai .
then

iI II acpiai ) II. pidiltpti ) =

=
n
II ll -

fi )
=
n It -

f) .
Iii ) 9 is multiplication dqn Qld ) is multiplicative ,

and so is the function that sends nun .

It therefore suction to check that both sides

agree
when his a
prime power .

let p be a
prime , let me IN .

Then Qld ) 9pm )

dqpm Qlp) tQCp4t
= 94 ) t .
. -
t

I +
p I
-
t
fptp)t .
. .
t
1pm pm)
-

pm
=
.

Hd )
§ =n .
0
Part II Number Theory
2020/21
Lecture 4

Dr Julia Wolf
julia.wolf@dpmms.cam.ac.uk
In this lecture we shall consider
polynomial augmenters .

Examples
-
2.21 lit it 2=0 mod 5 no solutions ( squares areIt #
hit us t I E0 mod 7 three solutions 13,516 )
Iii ) n mod 8 four solutions III. I 3)
'
-
I =
0

Delimtim2 let R = # ,
Q , #Nz ( any commutative
ring ) .
Define
RLXI { polynomials in one variable X with coats in R }
X 't ,aiER}
" "
=
{ formal sums an X t an . .
.
+ a ,Xtao : N70
.

RLXJ is under the usual operations of addition and

a
ring
multiplication of
polynomials .
warning2.ES Two
polynomials are (
by definition ) equal if
their coefficients are
equal .

But the map RLXJ → { functions :

R→R }
f- 1-7 function : d t FK)
is not necessarily injective ! For example when
p
is a prime
and R= ZTp¥ ,
then UP -2
maps to the zoo function .

bing.cn#gonthmforPolynomids2.24-hetfigeRLXJ ,

and suppose that the coefficient of is unit in R

leading g
a .

Then 7 RLXI sit f with Inc

are .
=
qgtr deg deg (g) .

Proof
- By induction on n=
deg ff ) .
I Check base case .
)
If degf ) <
deg (g) ,
then 9=0 and r=f will do .
bing.cn#gonthmforPolynomids2.24-hetfigeRLXJ ,

and suppose that the coefficient of is unit in R

leading g
a .

Then 7 RLXI sit f with Inc (g)

are .
=
qgtr deg deg .

ProofH# So
suppose that deglf ) > deg (g) and write
,

f- =
an
"
t . . . .
with nzm ,
at 0 ,

bnmt b
G =I for CER
=
. . -
some .

cnn.mg
'
Then f f-
degff )
'
= a is sit .
a n .

' '

by the inductive f-
so
hypothesis ,
=
g gtr ,

with G)
deg edeglg) .

But then f f
tanning
'
=

gtrtacnn-mg-lqttacnn.
)g tn
'

g
=

tr is the desired

decomposition .
L7
Remaindertheorem2.25-letfeRLXI.ae R Then .

FIX)= ( X a) qlX)tfK) for some GERM -

Proof By the
Polynomial Division
Algorithm 2.24 with
g
= X -
in
,
7
qe RLXJ and re R ( a constant ) St .
HX7-1KA)q tr .

But f k ) Ca a) 9K) t r = r
= -

. 9

Delimtim2 A luau ) ring

zero R is an
integral domain
if V-a.be R ab = 0 a=0 or b=0
,
.

Examples
-
2.27 -
Z ④ , i
-

ZANE is an
integral domain
it and it N is
only > 1 a
prime .
theorom2.LI let R be domain and let FERLXJ
an
integral ,

be a non Zero
polynomial of
degree N70
-

Then f has at most roots in R n .

Proof By induction on n .
Check n=0 is trivial If = c to ) .

Suppose now that n> 0 .

If f hes no roots ,
then we are done .

Otherwise the R s.t.HN 0 and

by 2.25 ,
=
, ,

we find 9 ERLXJ sit FCX ) = (X a) with

deglqkdeg.tt
q
-

.
.

,
the induction
By hypothesis q
has at most n I roots
-

,
.

But it ffs ) = 0 then

, If a) 9107=0
-
.

since this an integral domain ,

either f- a or
qts ) .

Hence f has at most n roots . El

lagrangistheorem2.29-ktp.be a
prime ,
"
and let
f " "
= an N tan in -
t . . .
ta , ktao EZTLX]

R=ZTpz be a

Then the
polynomial s.t.pl an .

congruence FINE
0 mod
p
has at most n solutions that are distinct
modulo p .

Exampk2 let
p be a
prime ,
and let HX7X PI I
II. LX a)
-

"
Observe that t a =
1,2 . . .
.

.pt ,
flat XP -
I E0 mod p
f has
by 2.8 atleast roots
so -1
, p
to let p be a
prime and let HX7X? It -

II. IX -

a) .

'
But the coefficient of XP ihf is
dey A) a
p I as 0
-

, .

that f must be the zero

It follows from 2.29 polynomial .

Hence 0 = FC0 ) =
-

I -

II 10 -
a) mod
p

= -

I -

II ( p a)
-

modp = -
I -

G- 1) !

We have recovered Wilsaistheoreu 1pA ! I

-1 mod p .

of the above
As another
corollary ,
we obtain a result on

the structure of the multiplicative group #NE)× .

Example
-
2.31 Consider ¥172)× .

3 is a unit mod 7 ,
since 3.5=1 mod 7 .

M€141516
3M 3 2 6 4 5 I
Also
so
,

3
36 mod 7

generates ⑦HEY making

by
,
2.8 .

this a
cyclic group of order 6 .

the Hp is a
prime , then G=¥pz)× is cyclic
of order p I -
.

""
IG1E "
Proof 9LP ) p I
§ 91 d)
-

By lagrange 's theorem ( not 2.29 !

) ,
1Gt =

ftp. ,
Nd
,

where Nd # { g e G and I
g) =D }
= :
.
suppose G is not
cyclic ,
ie .
G has no element of order
pt .

Then Np -
I
= 0 a 9 (p -
i ) .

% ftp.
But since Qld ) = Nd
,
, ,

there must be some d with Nd 7 Qld ) .

Fix this d , and let a be an element of order d.

Then {I and '
3
-

CX7 x2 E G is
cyclic
=
ix. .
.
. -
,

of order d ,
so
by Corollary 2.6 it has
exactly Qld )
elements of order d .

But since Nd ) Qld ) there must be an element

of crowd in G which is not contained in a >
.
1. e. 7 Ste ca with> and (f) =D .

XD I
This implies that the polynomial c-
http# LX3
-

"
has dtl did if ,
roots
,
namely 1
, . .
. .

,
a

contradicting lagrange 's theorem 2.29 .

El
Part II Number Theory
2020/21
Lecture 5

Dr Julia Wolf
julia.wolf@dpmms.cam.ac.uk
Detinitioh2.SI A positive integer g is called a
primitive
root mod n if it
generates ⑦In # )× .

Theorem 2.32 states that primitive roots modulo a prime exist .

Example 2.34 Take f- 19 let .

D= order of 2 in ¥492)× .

No9 ) 18 so either =
,
D= 18 or d divides one of

26=7
6 and 9 . I 1 mod 19 so DX6 ,
and
similarly ,
29 = -
I ¥ 1 mod 19 to DX9 .
Hence D= 18 ,
and 2 is
a
primitive root mod 19 .

Primitive roots have

important applications in
cryptography .
there are several important problems concerning primitive roots .

/ 1) trtinsprimitiuRoolsconiedwe-G.mg
for which
> 1 ,
3
infinitely
many primes p g
isprimitive
a root .

We hnw that there exist for which

infinitely many primes p
one 2,3 and 5 is a
primitive root .

(2) How large is the smallest primitive root mod ?

p
"
HE
We can
prove
it is E C
p t e > 0 and some constant
0 ,
but it can be 8ham that the Generalised Riemann
Hypothesis CGRH ) implies an
upper band
of

log cop for constant

'

a some c > 0 .
We now turn our attention to prime powers .

Exampk23 ¥82)× =
{ It it 33 .

Every element has order 1 or 2 ,

so
¥182)× is not
cyclic .

For 47,3
" "
,
let 0 :
#2k£ )× "
→
ftT8z)× be the
obvious map n mod 2 ↳ a mod 8

since I a. 24=1 ⇐ ( a. 81=1 ,

0 is surjective .

It follows that thtfzkz )× is not

cyclic for
any
K73 ,
since
any
generator would map to a
generator of
ftfgz )× under 0 .
However this is
,
an exception !

"
theorem2.j.tt p
> 2 ,
then
http # ) is
cyclic
for all K71 .

We shall prove this theorem in two steps .

lemma2.tt let p > 2 k > ,

I ,
ye
Z .
then
lit it a = It pkt
'

pky mod
,

then up
"
= I t
pktty mod pkt2 ;
Iii ) ( Hpy )P I
pkt
"'
= t
p mod
y .

Proof
-
lit Iii ) :

Apply li ) with a =
It
py ('s
and E- 1) to get
(
Hpy )P = It
pay mod p
and k times
repeat .
lemma2.SI let p > 2 k > ,
1 , yet .
then
lit it a = It pkt
'

pky mod
,

tpkttymodpkt2.prootl§otdfNYI
lpjllpkyiPT.jp
then up = I

It
ppkyt fpj ) (pkylttpkyp
=

For 2 Ej pl ( Pj )
ftp.t/pky)I=0modp2ktt-=0modpkt2sina2ktI7kt2
I
Ep so
-

,
,

Also since p > 2 , pk 7kt 2 ,

,
so the final term is also mod pkt
'
.

Hence nP = It
phtty mod pkt ? L7
lemma2.38-letps2.kz I .
If
g
is a primitive root mod p

p2
"

and gP ¥ I mad then is a

generator
,
g
of
ftp.kz)× .

gin ftp.k E)
×
Proof let d be the order of -

Qlpk ) 19 ( pk )
"
Note that =p Cp 1) -
and d ,
so

if
g
is not a
guvnor of #pk¥)× ,
then either

(a) dI pk -2
Cp 1)-

i or
D= pk
"

(b) .

e for some e that

strictly divides p
- I
,

so
keep -1 .

gP" It
''
(a) mod pk
primitive root mod p .
since
g is a
,

and
"
gM ¥ I modp2 7 y¥ omodps.t.ie :=gM It py Now by 2.37 Iii )
,
"
=
-
.

,
" 4- "
xp = It
p y mod pk gP ¥ 1 mod pk # ,
so .
suppose therefore
"
we are in Case (b) ,
that is ,

for divides p
d =p e some e that
strictly I
-

gP"
e
(b) = I modpk .
But by Fermat 's little theorem 2.8 ,
"

gP=g modp ,
so
gP Eg mod p .

gP"
e e
Hence mod ¥ I modp
g
=
p ,

'

gP"
e
and thus ¥ 1 mod pk .
# a
 "
theorem2.j.tt p
> 2 ,
then
htfpkz ) is
cyclic
for all K71 .

Proof let be a primitive mod p

g .

ftp.KZP
'
If
gr # I modp2 then by 2.38 g generates
, ,

and we are done .

Otherwise
gP =
g
mod p2 .
let h=
ftp.g .

Then hp = ( Hp
)PgP =
g
mod pl .

Now observe that g¥ h mod pt since Cgip ) =/ ,

'
hp h mod p It follows 2.38
so . ,
again by ,

that his a
generator of
#pk#)× .
0
EXaunpk23 We saw in
Example 2.31 that 3 is a
primitive
root mod 7 .

Note that 36=729 It 7×104 and 1104,71=1 , so

=

36 ¥1 mod 72 Hence 3 is a primitive root mod 7h KK71

.
.

Remark2 lemma 2.37 ( and hence Iii )) fails for f- 2,4=1

Ii ) :

1h the proof ,
we needed pkz KT2 , but 273 .

More ( It 2)2=-1
importantly ,
mod 8
,
1 It 2) 2=-44 mod 8
while Iii ) ( why -_
1) would
imply .

But lit holds when this implies

; in particular
2 and K72
"
f- ,

that ( It 4) 2 t 2kt
" '
mod 2kt
'
I I for K73 .
From this one can show that fork > 3 , #12k¥)× is generated
by the elements -1 lot order 2) and 5 lot order 2*4 ,

¥z¥)× I
7k¥ ×
Z%k¥ fork > 3 .