NumberTheory(I)

AlgebraicFoundations of

Computer Science(AFCS)

Prof.Dr. F.L.Tiplea

Divisibility. Primenumbers

The greatestcommon divisor

Congruences

Euler’s totientfunction

Course readings

2

35

7

11

1317

19

23

Algebraic Foundations of Computer Science.Computational Introduction to Number Theory (I)

Ferucio Laurentiu Tiplea

Department of Computer Science“AL.I.Cuza” University of Iasi

Iasi, RomaniaE-mail: [email protected]

Spring 2014

Prof.Dr. F.L. Tiplea (UAIC) Algebraic Foundations of Computer Science (AFCS) Spring 2014 1 / 31



Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Outline

1 Divisibility. Prime numbers

2 The greatest common divisor

3 Congruences

4 Euler’s totient function

5 Course readings




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The division theorem

The absolute value of an integer a, denoted |a|, is defined by:

|a| ={

a, if a ≥ 0−a, otherwise.

Theorem 1 (The Division Theorem)

For any two integers a and b with b 6= 0, there are unique integersq and r such that a = bq + r and 0 ≤ r < |b|.

In the equality a = bq + r in the division theorem, a is called thedividend, b is called the divisor, q is called the quotient, and r iscalled the remainder. We usually write:

q = a div b and r = a mod b




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Divisibility relation

Definition 2

The binary relation | ⊆ Z× Z given by

a|b ⇔ (∃c ∈ Z)(b = ac),

for any a,b ∈ Z, is called the divisibility relation on Z.

If a|b then we will say that a divides b, or a is a divisor/factor of b,or b is divisible by a, or b is a multiple of a.

Remark 1

If a 6= 0, then a|b iff b mod a = 0.

If a|b and a 6∈ {−1,1,−b,b}, then a is called a proper divisor of b.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Basic properties of divisibility

Proposition 1

Let a,b, c ∈ Z. Then:1 0 divides only 0;2 a divides 0 and a;3 1 divides a;4 a|b iff a| − b;5 if a|b and b|c, then a|c;6 if a|b + c and a|b, then a|c;7 if a|b, then ac|bc. Conversely, if c 6= 0 and ac|bc, then a|b;8 if a|b and a|c, then a|βb + γc, for any β, γ ∈ Z;9 if a|b and b 6= 0, then |a| ≤ |b|. Moreover, if a is a proper

divisor of b, then 1 < |a| < |b|.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Prime numbers

Definition 3

A natural number n ≥ 2 is called prime if the only positive factorsof n are 1 and n. A natural number n ≥ 2 that is not a prime iscalled composite.

Definition 4

Let a1, . . . ,am ∈ Z, where m ≥ 2. We say that a1, . . . ,am areco-prime or relatively prime, denoted (a1, . . . ,am) = 1, if the onlycommon factors of these numbers are 1 and −1.

Example 5

2, 3, 5, 7, and 11 are prime numbers and 4, 6, and 9 arecomposite numbers.

(0,1) = 1 (0 and 1 are co-prime) and (4,6,8) 6= 1 (4, 6, and 8are not co-prime).




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Characterization of co-prime numbers

Theorem 6

Let a1, . . . ,am ∈ Z, where m ≥ 2. Then, (a1, . . . ,am) = 1 iff thereare α1, . . . , αm ∈ Z such that

∑mi=1 αiai = 1.

Corollary 7

Let a1, . . . ,am,b ∈ Z, where m ≥ 2. Then:1 if (b,ai) = 1, for any i , then (b,a1 · · · am) = 1;2 if a1, . . . ,am are pairwise co-prime and ai |b, for any i , then

a1 · · · am|b;3 if (b,a1) = 1 and b|a1 · · · am, then b|a2 · · · am;4 if b is prime and b|a1 · · · am, then there exists i such that b|ai .




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The fundamental theorem of arithmetic

Theorem 8 (The Fundamental Theorem of Arithmetic)

Every natural number n ≥ 2 can be written uniquely in the form

n = pe11 · · · pek

k ,

where k ≥ 1, p1, . . . ,pk are prime numbers written in order ofincreasing size, and e1, . . . ,ek > 0.

Example 9

4 = 22, 9 = 32, 12 = 22 · 3, 36 = 22 · 32.

105 = 3 · 5 · 7.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The prime number theorem

Theorem 10

There are infinitely many primes.

Theorem 11 (The Prime Number Theorem)

Let π(n) = |{p|p is a prime and p ≤ n}|. Then,

limn→∞

π(n)

nln n

= 1.

We write

π(n) ∼n

ln n

and say that π(n) andn

ln nare asymptotically equivalent.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Values ofπ(n)

A few values of π(n):

n 101 102 103 104 105 106 107

π(n) 4 25 168 1229 9592 78496 664579

How many 100-digit primes are there?

π(10100)− π(1099) ≈10100

100 ln 10−

1099

99 ln 10

=1099

ln 10

(

110

−199

)

> 0.39 · 1098

≈ 4 · 1097




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Large numbers

How large is 1097? Below are a few interesting estimates andcomparisons:

the number of cells in the human body is estimated at 1014;

the number of neuronal connections in the human brain isestimated at 1014;

the universe is estimated to be 5 · 1017 seconds old;

the total number of particles in the universe has beenvariously estimated at numbers from 1072 up to 1087.

Very large numbers often occur in fields such as mathematics,cosmology and cryptography. They are particularly important tocryptography where security of cryptosystems (ciphers) is usuallybased on solving problems which require, say, 2128 operations(which is about what would be required to break the 128-bit SSLcommonly used in web browsers).




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The prime spiral

There is no known formula for generating prime numbers in a rowwhich is more efficient than the ancient sieve of Eratosthenes orthe modern sieve of Atkin.

The Ulam spiral (or prime spiral), discovered by Stanislaw Ulam in1963, is a simple method of graphing the prime numbers.

2

35

7

11

1317

19

23

The prime numbers tend to line up along diagonal lines !




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The greatest common divisor

Definition 12

Let a1, . . . ,am ∈ Z, not all zero, where m ≥ 2. The greatestcommon divisor of these numbers, denoted gcd(a1, . . . ,am) or(a1, . . . ,am), is the largest integer d such that d |ai , for all i .

Example 13

(2,5,7) = 1.

(9,3,15) = 3.

Proposition 2

Let a1, . . . ,am ∈ Z, not all zero, where m ≥ 2. Then:1 (0,a1, . . . ,am) = (a1, . . . ,am);2 (0,a1) = |a1|, provided that a1 6= 0;3 (a1,a2) = (a2,a1 mod a2), provided that a2 6= 0.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Linear combination of the greatest common divisor

Theorem 14

Let a1, . . . ,am ∈ Z, not all zero, where m ≥ 2. Then,

(a1, . . . ,am) = α1a1 + · · ·+ αmam

for some α1, . . . , αm ∈ Z.

Corollary 15

Let a1, . . . ,am ∈ Z, not all zero, where m ≥ 2. Then, the equation

a1x1 + · · ·+ amxm = b

has solutions in Z iff (a1, . . . ,am)|b.

Example 16

2x + 3y = 5 has solutions in Z because (2,3) = 1 divides 5, but4x + 2y = 3 does not have solutions in Z because (4,2) = 2 doesnot divide 3.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The least common multiple

Definition 17

Let a1, . . . ,am ∈ Z, where m ≥ 2. The least common multiple ofthese numbers, denoted lcm(a1, . . . ,am) or [a1, . . . ,am], is

0, if at least one of these numbers is 0;

the smallest integer b > 0 such that ai |b, for all i , otherwise.

Example 18

[0,a] = 0, for any a.

[4,6,2] = 12.

Theorem 19

Let a,b ∈ N, not both zero. Then, ab = (a,b)[a,b].




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The Euclidean algorithm

The Euclidean Algorithm

If a = 0 or b = 0, but not both zero, then (a,b) = max{|a|, |b|}.

Let a > b > 0 and

r−1 = r0q1 + r1, 0 < r1 < r0

r0 = r1q2 + r2, 0 < r2 < r1

· · ·rn−2 = rn−1qn + rn, 0 < rn < rn−1

rn−1 = rnqn+1 + rn+1, rn+1 = 0,

where r−1 = a si r0 = b. Then,

(a,b) = (r−1, r0) = (r0, r1) = · · · = (rn,0) = rn




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The Euclidean algorithm

Algorithm 1: Computing gcd

input : a,b ∈ Z not both 0;output: gcd(a,b);

beginwhile b 6= 0 do

r := a mod b;a := b;b := r

gcd(a,b) := |a|;

Theorem 20 (Lamé, 1844)

Let a ≥ b > 0 be integers. The number of division stepsperformed by Euclid(a,b) does not exceed 5 times the number ofdecimal digits in b.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The extended Euclidean algorithm

The Euclidean algorithm can be easily adapted to compute alinear combination of the gcd as well. The resulting algorithm iscalled the Extended Euclidean Algorithm.

Given a and b there are α and β such that (a,b) = αa + βb. Thenumbers α and β can be computed as follows:

Va = (1,0)Vb = (0,1)

1. a = bq1 + r1 Vr1 = Va − q1Vb

2. b = r1q2 + r2 Vr2 = Vb − q2Vr1

3. r1 = r2q3 + r3 Vr3 = Vr1 − q3Vr2

· · ·n. rn−2 = rn−1qn + rn Vrn = Vrn−2 − qnVrn−1

n + 1. rn−1 = rnqn+1

rn = (a,b) and Vrn = (α, β).




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

The extended Euclidean algorithm

Algorithm 2: Computing gcd and a linear combination of it

input : a,b ∈ Z not both 0;output: gcd(a,b) and V = (α, β) s.t . gcd(a,b) = αa + βb;

beginV0 := (1,0);V1 := (0,1);while b 6= 0 do

q := a div b;r := a mod b;a := b;b := r ;V := V0;V0 := V1;V1 := V − qV1

gcd(a,b) := |a|;V := V0;




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Linear Diophantine equations

The extended Euclidean algorithm can be used to computeinteger solutions to linear Diophantine equations:

Algorithm 3: Computing solutions to linear Diophantine equations

input : a,b, c ∈ Z such that not both a and b are 0;output: integer solution to ax + by = c, if it has;

begincompute gcd(a,b) := αa + βb;if gcd(a,b)|c then

c′ := c/gcd(a,b);x := αc′;y := βc′

else“no integer solutions′′




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Congruences

Definition 21

Let a,b,m ∈ Z. We say that a is congruent to b modulo m,denoted a ≡m b or a ≡ b mod m, if m|(a − b).

Example 22

6 ≡ 0 mod 2.

−7 ≡ 1 mod 2.

3 6≡ 2 mod 2.

−11 ≡ 1 mod − 4 and −11 ≡ 1 mod 4.

Remark 2

If m 6= 0, then a ≡ b mod m iff a mod m = b mod m.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Basic properties of congruences

Proposition 3

Let a,b, c,d ,m,m′ ∈ Z and f : Z → Z be a polynomial functionwith integer coefficients. Then:

1 ≡m is an equivalence relation on Z;

2 if a ≡m b, then (a,m) = (b,m);

3 if a ≡m b si c ≡m d , then a + c ≡m b + d , a − c ≡m b − d ,ac ≡m bd , and f (a) ≡m f (b);

4 1 if ac ≡mc bc and c 6= 0, then a ≡m b;

2 if ac ≡m bc and d = (m, c), then a ≡m/d b;

3 if ac ≡m bc and (m, c) = 1, then a ≡m b;

5 1 if a ≡mm′ b, then a ≡m b and a ≡m′ b;

2 if a ≡m b and a ≡m′ b, then a ≡[m,m′] b;

3 if a ≡m b, a ≡m′ b, and (m,m′) = 1, then a ≡mm′ b.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Zm

Let Zm be the set of all equivalence classes induced by ≡m. Then:

[a]m = [a]−m, for any a ∈ Z. Therefore, we may consider onlym ≥ 0;

for any a,b ∈ Z, if a 6= b then [a]0 6= [b]0. Therefore, Z0 has asmany elements as Z;

for m ≥ 1, Zm = {[0]m, . . . , [m − 1]m} has exactly m elements.

Example 23

Z1 = {[0]1}, Z2 = {[0]2, [1]2}, Z3 = {[0]3, [1]3, [2]3}.

Remark 3

We usually write Zm = {0,1, . . . ,m − 1} instead ofZm = {[0]m, . . . , [m − 1]m}, for any m ≥ 1.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Addition and multiplication modulom

Define the following operations on Zm = {0,1, . . . ,m − 1}:

a + b = (a + b) mod m; (binary operation)

a · b = (a · b) mod m; (binary operation)

−a = (m − a) mod m, (unary operation)

for any a,b ∈ Zm.

These operations fulfill the following properties:

+ and · are associative and commutative;

a + 0 = 0 + a = a, for any a;

a · 1 = 1 · a = a, for any a;

a + (−a) = 0, for any a.

a + (−b) is usually denoted by a − b.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Inverses modulom

additive inverse modulo m.

We have seen that a + (−a) = 0, for any a. −a is called theadditive inverse of a modulo m (it is unique);

multiplicative inverse modulo m.

Given a ∈ Zm − {0}, is there any b ∈ Zm such that a · b = 1?That is, does any a ∈ Zm have a multiplicative inverse modulom?Let us consider m = 6. There is no b ∈ Z6 such that 2 · b = 1.Moreover, Z6 exhibits the following interesting property:

2 · 3 = 0

(the product of two non-zero numbers is zero !!!).




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Inverses modulom and the group of units

Proposition 4

a ∈ Zm has a multiplicative inverse modulo m iff (a,m) = 1.

The multiplicative inverse of a, when it exists, is unique and it isdenoted by a−1.

Z∗

m = {a ∈ Zm|(a,m) = 1} is called the group of units of Zm or thegroup of units modulo m.

Example 24

Z∗

1 = {0}.Z∗

26 has 12 elements:1−1 = 1, 3−1 = 9, 5−1 = 21,

7−1 = 15, 11−1 = 19, 17−1 = 23,

25−1 = 25.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Computing multiplicative inverses

The extended Euclidean algorithm can be easily used to computemultiplicative inverses modulo m:

Algorithm 4: Computing multiplicative inverses

input : m ≥ 1 and a ∈ Zm;output: a−1 modulo m, if (a,m) = 1;

begincompute gcd(a,m) := αa + βm;if gcd(a,m) = 1 then

a−1 := α mod melse

“a−1 does not exist”




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Euler’s totient function

Euler’s totient function φ is given by:

φ(m) = |Z∗

m|,

for any m ≥ 1. That is, φ(m) is the number of positive integers lessthan or equal to m and co-prime to m.

Theorem 25

1 φ(1) = 1;

2 φ(p) = p − 1, for any prime p;

3 φ(ab) = φ(a)φ(b), for any co-prime integers a,b ≥ 1;

4 φ(pe) = pe − pe−1, for any prime p and e > 0;

5 φ(n) = (pe11 − pe1−1

1 ) · · · (pekk − pek−1

k ), for any n ≥ 1, wheren = pe1

1 · · · pekk is the prime decomposition of n.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Euler’s totient function: examples

Example 26

1 φ(5) = 4.

2 φ(26) = φ(2 · 13) = 12.

3 φ(245) = φ(5 · 72) = 168.

Remark 4

it is easy to compute φ(n) if the prime decomposition of n isknown;

it is hard to compute the prime decomposition of largenumbers (512-bit numbers (about 155 decimals) or larger);

it is hard to compute φ(n) if n is large and the primedecomposition of n is not known.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Euler’s theorem

Theorem 27 (Euler’s Theorem)

Let m ≥ 1. Then, aφ(m) ≡ 1 mod m, for any integer a with(a,m) = 1.

Corollary 28 (Fermat’s Theorem)

Let p be a prime. Then:1 ap−1 ≡ 1 mod p, for any integer a with p 6 |a;2 ap ≡ a mod p, for any integer a.

Example 29

13594 ≡ 1 mod 5 and 3168 ≡ 1 mod 245.




Prof.Dr. F.L.Tiplea



Congruences


Course readings

2

35

7

11

1317

19

23

Course readings

1 F.L. Tiplea: Fundamentele Algebrice ale Informaticii, Ed.Polirom, Iasi, 2006, pag. 143–164.


NumberTheory(I)

Documents

divides b

divisorfactor of b

properdivisor of b

ab c

ab iff b mod

divides a4 ab iff

bq r

binary relation z z