Integers modulo N

Geoff Smith c 1998

Divisibility . b a c ∈ Z Suppose that a, b ∈ Z We say that divides exactly when there is such that a = bc. We express the fact that b divides a in symbols by writing b | a.

Observations We leave the reader to verify all of the following simple facts. x | x ∈ . (a) 0 for every Z y ∈ | y, y . (b) Suppose that Zand 0 then =0 (c) Both a | b and b | a if and only if |a| = |b|. (d) If a | b and b | c, then a | c. a | b k ∈ , a | kb. (e) If and Z then (f) If a | b and a | c, then a | (b  c).

Various relations

. ∼ Z a ∼ b Suppose that N ∈ N We define a relation on by writing exactly , when N | (a − b). It is easy to check that ∼ is an equivalence relation. If x ∈ Z }. then the equivalence class [x] which contains x is {x + kN | k ∈ Z The set of

equivalence classes is written ZN.

An Example Suppose that N =3.There are exactly three equivalence classes of ∼.Theyare

{...−9,−6,−3,0,3,6,9...}

{...−8,−5,−2,1,4,7,10 ...}

and

1 2

{...−7,−4,−1,2,5,8,11 ...}. We could write the first of these classes as [0], [3], [6], [−3], or as the equiv- alence class of any one of its elements. However, the square brackets can get a little annoying. We can use a bold font instead, so the first equivalence class is 0(= 3 = 6 = −3 = ...) If you are making hand written notes, a neat way to indicate bold type is to underline the symbol. Thus you can write [1] = 1 =1.

Addition on ZN. N, Notice that ZN is a set of size and that its distinct elements are precisely 0, 1,...,N−1. We want to define addition of elements of ZN. We do it like a∈x,b∈y. x y a b this. Suppose x, y ∈ ZN.Choose Define + to be [ + ]. Notice that the plus sign in [a + b] indicates addition of integers. Now, there is something rather dodgy about this recipe. To illustrate the problem, we make a diversion. Let P be the set of all prime numbers, let C be the set of composite numbers and let U = {1}.ThusthesetsP, C, U are U ∪ P ∪ C. X {U, P, C}. pairwise disjoint, and N = Let = Try to define addition on X as follows: when A, B ∈ X, choose a ∈ A, b ∈ B and let A + B to be that element of X which contains a + b. Right, it is bright and early on Monday morning. The phone rings: someone needs to know P +C urgently. You choose 7 ∈ P and 6 ∈ C. Now 7+6 = 13 ∈ P, so you answer that P + C = P. The next day, the same clown phones again, claiming to have mislaid P + C and asking for it again. You choose 3 ∈ P and 9 ∈ C.Now3+9=12∈Cso you confidently answer that P + C = C. On Wednesday the punter phones once more, having found the scrap of paper on which Monday’s answer had been written. The customer is very angry. How come P + C is P on Mondays but C on Tuesdays, even though P =6 C? The problem is that you have freedom of action; you can choose a ∈ P and b ∈ C and the set where a + b lives depends on which particular a and b you happen to select. Now, this is disturbing because we have allowed this freedom . of action when trying to define addition in ZN However, in that case there is

not a problem. To see this, recall that we tried to add x, y ∈ ZN by selecting a ∈ x,b∈y,and declaring x +y to be [a + b]. Suppose we do it again (it is now Tuesday!). Choose ba ∈ x, b ∈ y. Now a ∼ ba and b ∼ bb. Thus a − ba = kN for

b b

b − b lN l ∈ Z. a b − ba b k lN, some k ∈ Zand = for some Thus ( + ) ( + )=( + ) and so (a + b) ∼ (ba + b). We conclude that [a + b]=[ba+b] and all is well! well-defined We say that the addition on ZN is .

Multiplication on ZN. x, y ∈ Z We define an operation × on ZN using the obvious recipe. If N we select a ∈ x,b∈y,and declare x × y to be [a × b]. However, we are now worldly 3 wise, and our doubts are definitely in place. We must check that this makes sense. Choose ba ∈ x,b ∈ y. Now Now a ∼ ba and b ∼ b so a − ba = kN for some

k ∈ b b − b lN l ∈ Z. Zand = for some Thus

a × b =(ba+kN) × (b + lN)=ba×b+(k+l+kl)N.

Therefore (a × b) ∼ (ba × b)andso[a×b]=[ba×b].

Laws of algebra of ZN

The following laws can all be directly verified using the definitions of addition N and multiplication in ZN. recall that is an arbitrary, but fixed, natural

number.

x, y ∈ Z . (a) x + y ∈ ZN whenever N x y z x y z x, y, z ∈ . (b) ( + )+ = +( + ) whenever ZN x 0 0 x x x ∈ . (c) + = + = whenever ZN x a ∈ , a −a 0. (d) If =[ ] ZN then [ ]+[ ]= x y y x x, y ∈ . (e) + = + whenever ZN

x × y ∈ x, y ∈ Z . (f) ZN whenever N x × y × z x × y × z x, y, z ∈ . (g) ( ) = ( ) whenever ZN x × 1 1 × x x x ∈ . (h) = = whenever ZN x × y y × x x, y ∈ . (i) = whenever ZN x × y z x×y x×z x, y, z ∈ . (j) ( + )=( )+( ) whenever ZN

Properties (a)–(d) ensure that ZN is a group under addition. Property (e) ensures that this group is abelian (commutative). Properties (f)–(h) ensure

that ZN is a monoid under multiplication (a monoid is just like a group, except that the inverse axiom is missing). Property (i) ensures that this monoid is abelian (commutative). Property (j) is the distributive law of multiplication over addition, which is the only property we have which tells us how multiplication

and addition interact. . Z Notice that the laws of algebra of ZN are very familiar. If you replace N

by Zthroughout the list, every single law remains valid. However, do not be . Z deceived. Some strange mathematics can happen in ZN For example, in 4 we have 2 × 2 = 0. This seems very odd at first. The product of non-zero elements 0. of ZN can sometimes be This disturbing state of affairs disappears in the case that N is a prime number, and only in that case, as we will see in the next section. We will allow ourselves to denote multiplication by juxtaposition in future. 4

Congruence notation

The notation a ∼ b to indicate that N | (a − b) suffers from two drawbacks. It suppresses the rˆole of N, and it is not the notation in common use. The standard ∼ ∼ notation is a = b mod N. Here = is pronounced “is congruent to’, and “mod” is short for modulo.ThenumberNis called the modulus of the congruence. Thus ∼ ∼ 10 ∼ 1 = 3mod2,−7=2mod3and2 = 4mod10. All the fuss about addition and multiplication being well-defined amounts

a, b, c, d ∈ ∼ N ∈ N. a to the following. Suppose Z and If = b mod N and ∼ ∼ ∼ c = d mod N, then both a + c = b + d mod N and ac = bd mod N. M | N, Now suppose that M ∈ N is a natural number such that it follows ∼ ∼ that if a = b mod N, thena = b mod M.

Greatest Common Divisors N The structure ZN is very special when happens to be a prime number. We now develop some machinery to understand this situation. Suppose that a, b ∈ . ,d|a, d | b}. Let ∆a,b = {d | d ∈ Z Thus ∆a,b is the set of common divisors a b, . of the integers and so ∆0,0 = Z However, this is the case of least interest, so we will assume that at least one of a, b is not 0. Let m =max{|a|, |b|}, so −m ≤ d ≤ m ∀d ∈ ∆a,b. The set ∆a,b is therefore finite, and is not empty because 1 ∈ ∆a,b. Thus ∆a,b has a greatest element called the greatest common divisor of a and b. We write this divisor as g.c.d.(a, b). Notice that ∆a,b =∆b,a . so g.c.d.(a, b)=g.c.d.(b, a). Moreover g.c.d.(a, b) ≥ 1 so g.c.d.(a, b) ∈ N Thus g.c.d.(0, 1) = 1, g.c.d.(−4, 6) = 2 and g.c.d.(−9, −12) = 3. p Recall that p ∈ N is a prime number if has exactly two natural number divisors. Thus the first few prime numbers are

2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71 ...

Thus p is prime exactly when Ωp,p = {−p, −1, 1,p}has size 4. From the point of view of greatest common divisors, the important point about a prime number p a ∈ , a, p p. a, p is that if Z then g.c.d.( )mustbe1or Moreover g.c.d.( )=1 unless p | a, in which case g.c.d.(a, p)=p.

Division b 6 . Theorem[Remainder Theorem] Suppose that a, b ∈ Z and =0 It follows ≤ r<|b| a qb r. that there are uniquely determines q, r ∈ Zwith 0 such that = +

+

}. ∩ N ∪{ } Proof Let Γa,b = {a+µb | µ ∈ Z The set Γa,b =Γa,b ( 0 is not empty (in +

fact Γa,b contains arbitrarily positive and negative integers). Let r =minΓa,b so

. a qb r q, r ∈ Z, ≤ r<|b|. r ≥ 0anda−r=qb for some q ∈ Z Thus = + with 0 , ≤ r

0=a−a=(q−qb)b+(r−rb). 5

Thus b divides r − rb but −|b|

Divisors

Suppose that a, b ∈ Zare not both zero. Let

}. Ωa,b = {λa + µb | λ, µ ∈ Z

The set Ωa,b contains both positive and negative integers. Let t be the least positive element of Ωa,b. Proposition In this notation we have: (i) t divides both a and b. (ii) If d divides both a and b, then d divides t. (iii) t = g.c.d.(a, b). Proof

Euclid’s algorithm b 6 . a a a |b| a Suppose a, b ∈ Zand =0 Let 0 = and 1 = .Giventhat ihas been defined for all i ≤ n, if an =0letd=an−1and stop the procedure. On the other hand, if an =6 0 then apply the Remainder Theorem to find integers qn,an+1 such that an−1 = qnan + an+1. Notice that an >an+1 whenever n ≥ 1, so the integers an form a decreasing sequence of non-negative integers for n ≥ 1. This this procedure must terminate after finitely many steps, and d = am is defined at stage m. This procedure is called Euclid’s Algorithm. Consider the various equations an−1 = qnan + an+1 and an−1 − qnan = an+1. From these it follows that (i) any common divisor of an−1 and an divides an+1 and moreover (ii) any common divisor of an and an+1 divides an−1. Thus g.c.d.(an−1,an)=g.c.d.(an,an+1) for every 1 ≤ n ≤ m. It follows that

g.c.d.(a, b)=g.c.d.(a0,a1)=g.c.d.(am,am+1)=g.c.d.(t, 0) = t. 6

Primes and Products

Proposition Suppose that p is a prime number, and that a, b are integers. It follows that if p | ab, then either p | a or p | b. Proof Suppose (for contradiction) that p 6| a and p 6| b. Thus g.c.d.(p, a)= p, b . λ λ p µ a 1=g.c.d.( ) Thus there are 1,λ2,µ1,µ2 ∈ Zsuch that 1 = 1 + 1 and 1=λ2p+µ2b. Multiply these equations so

2 1=λ1λ2p +λ1pµ2b + λ2pµ1a + µ1aµ2b.

Tidy up by putting λ = λ1λ2p + λ1µ2b + λ2µ1a and µ = µ1µ2. We now have 1=λp + µab. It follows that p 6|ab. However, this is absurd, so we are done. ab 0, Corollary 1 (i) If p is prime and a, b ∈ Zp are such that = then either

a 0 b 0. a ∈ a 6 0, λ ∈ Z aλ 1. = or = (ii) If Zp and = then there is p such that = λa µb . This is because if a =[a],then there are λ, µ ∈ Zsuch that + =1Q Corollary 2 a p p | m a , If 1,a2,...,am ∈ Zand is a prime number with i=1 i the p | aj for some 1 ≤ j ≤ m. It follows from part (ii) of the first corollary that that the non-zero elements

∗

Z p − . of Zp of p form a group under multiplication of order 1 By Lagrange’s ap−1 . Theorem we have = 1 for all a ∈ Zp Translated into the language of congruences we obtain that if the integer a is not divisible by the prime number p−1 ∼ p, we have a = 1modp. Allowing for the case that p divides a, we have p ∼ a = a mod p for all integers a. Either of the last two results is sometimes called Fermat’s Little Theorem.

Bonus: The Fundamental Theorem of Arithmetic , n> Theorem[Fundamental Theorem of Arithmetic] SupposeQ that n ∈ N and t ni 1. It follows that n can be expressed as a product i=1 pi of distinct prime numbers pi and that (up to commutativity) this factorization is unique. n> Proof We first show, by complete induction on n, that every n ∈ N with 1 is the product of prime numbers. It is not strictly necessary to begin complete inductions, but letQ us do it for safety! The smallest natural number bigger than t ni 1is2,andthatis i=1 pi with t =1,p1 =2andn1 =1.Now suppose that m is an arbitrary natural number bigger than 1. Either m is prime, in which case it is its own prime factorization (as 2 was), or it is composite. In the latter case . m ,m m = m1m2 with 1 of nervousness. Suppose that n ∈ N with 1 has two rival factorizations Qt Qs m n pni n q j . p = i=1 i and = j=1 j Here the i are pairwiseQ distinct primes, and s mj the qj are pairwise distinct primes. Now p1 | n so p1 | j=1 qj . Thus p1 | qj for some j by the second corollary. Thus p1 = qj and n/p1 = n/qj. This last 7 equation, together with induction, ensures that the induced factorizations of n/p1 and n/qj co-incide (up to commutativity). We are done.