Lecture 1 Summary

An Introduction to Numbers

We started today by getting to know the policies and expectations in the course. All of this is available already on the syllabus, but if you have any questions don't be shy about emailing Andy. We also spent some time introducing ourselves briefly; this will be continued as you post your own profiles for Homework 0. Afterwards, we started talking about the basics in number theory, starting with the axioms. We finished by introducing the notion of divisibility for the integers.

The Axioms of Number Theory

When trying to build a mathematical discipline from the ground up, one needs to describe the fundamental objects and operations in the discipline and then define the basic properties these objects will obey. These properties are called axioms, and they are the "ground rules" the objects and operations must satisfy. With axioms in place, one can then start proving theorems by manipulating the axioms. In number theory, the basic objects of interest are integers. You might know these objects as whole numbers. In this class we'll denote the set of all integers as :

(1)

The basic operations we have on the integers are addition, subtraction and multiplication. We've avoided division since division doesn't behave very well on the integers: the quotient of two integers is frequently not another integer. We also have basic tools for comparing integers, namely equality and inequality. With the fundamental objects, operations and comparisons in place, we can start writing down the basic rules they all satisfy. Here's the list that we were able to come up with in class:

for any for any for any for any ,

(reflexivity of equality); , if and implies then (transitivity of equality);

(symmetry of equality); is an integer (closure under addition) [note:

, the sum

we didn't mention this in class];

for any

, the product

is an integer (closure under multiplication)

[note: we didn't mention this in class];

for any for any for any for any for any for any class]; for any in class]; , , , ,

, , ,

(associativity of addition); (associativity of multiplication); (distributivity); (commutativity of addition); (commutativity of multiplication); (additive identity) [note: we didn't mention this in (multiplicative identity) [note: we didn't mention this

for any for any

there exists with

so that , then implies

(additive identity); (cancellation of

multiplication); for any for any for any , , implies if and only if
(1)

(substitution for multiplication); (substitution for addition;

(2) (3)

cancellation of addition); , exactly one of the following is true (Trichotomy law); for any for any for any if , if , if , if then and and , then , then ; ; ; and has a least element (Well

is a nonempty set of positive integers, then

ordering principle). The last axiom the well ordering principle probably sticks out as the ugly duckling of the bunch, and it certainly isn't one which most people think of when rattling off basic properties of the integers. It is, however, essential to what we'll be doing in class, as it is logically equivalent to mathematical induction a tool that we'll be using with some frequency in this course.

Playing around with the axioms

Our list of axioms is a little redundant, meaning that we could probably prove some of the axioms we've listed in terms of the other axioms. In this sense, it doesn't pass the usual mathematical aesthetic. To see that this is true, you can try to use the other axioms listed above to prove Theorem: For any ,

In class, we sketched a proof of the following result Theorem: For any nonzero , if satisfies , then

Proof: We started by noting that we could assume a is either greater than or less than 0; by trichotomy we know that one of (1) we had or , since (2) or (3) is true, and if then we'd be done with the theorem. By a similar token we know that is ruled out by assumption. So we broke things into 4 or and whether or .

cases based on whether Case I: fact that and

In this case, one of our axioms on inequality tells us that , and so we know this case is impossible.

. This contradicts the

One could proceed with analyzing the other cases, each time you would find a contradiction to the given equality This leaves only , the desired result. . At the end, one concludes that all the nor are possible. possibilities lead to a contradiction, and hence neither

Though working through axiomatic proofs is good exercise for building your proofmuscles, in practice we won't be quite so explicit in our use of these familiar axioms during class. This won't present any real problems since you are more accustomed to manipulating these axioms then perhaps you realize.

Putting the Elementary in Number Theory

With the basic ground rules set, we had a chance to talk about the most important property of integers in this whole class: divisibility. It is the study of this property which makes the number theory we'll study "elementary." One can think of divisibility as the attempt to carry division into the realm of the integers, made appropriately cautious to reflect the fact that the integers don't always behave so well under division. An integer d is said to divide an integer a if there exists an integer q so that a = dq. If d divides a we write , and if d does not divide a then we write .

An example
This definition should agree with your own intuitive notion of divisibility in the integers, so hopefully it isn't too surprising. To see an example in action, notice that since we can find an integer q to solve the equation

(2)

in this case, the integer q is simply 2.

A non-example
Let's try to prove that q satisfying the equation . For this, we need to show that we cannot find an integer

(3)

For this notice that

; for any integer q satisfying

we have

(a

slight modification on one of our axioms), and hence we have

(4)

Likewise we know that

, and for all integers q satisfying

we get

(5)

Since all integers fall into one of the categories we have described, we conlude that for any integer q, and so .

Lecture 2 Summary

Introducing Divisibility

Today we continued our discussion of divisibility and its basic properties. We saw some examples of how to put these properties into practice to prove exciting new results which might otherwise be quite difficult. Today's lecture culminated in the statement and proof of the division algorithm, one of the foundational results in number theory.

Divisibility Continued
Last class previous we defined the notion of divisibility in the integers as follows:

Definition: An integer d is said to divide an integer a if there exists some integer q satisfying the equation .

Some Examples
We already saw proofs of and in class on Wednesday. Most divisibility statements will seem pretty obvious to you just by inspection, but the one exception might be divisibility statements involving 0. Below we provide a few examples.

since the equation doesn't have any solution; any value you plug in for q will still make the right hand side 0. since the equation true for all q!). since is true for some integer-value of q (in fact, it's

does have a solution, namely

The case of evens and odds

We also single out a special case of divisibility by using the terms even and odd. Specifically, we have Definition: An integer a is even if , and an integer a is odd if .

You might also be used to thinking of even integers as those numbers a which satisfy a = 2k for some integer k. Indeed, we have the following Lemma: An integer a is even if and only if there exists so that .

Our proof of this result will require us to simply recall the definitions of divisiblity and evenness. Proof: We know that an integer a is even if and only if evenness. We also know that ; this is just the definition of

if and only if there exists an integer k so that

; this is just the definition of divisibility. Hence we have

(1)

as desired. You'll extend this problem in your homework when you show that all odd numbers can be written in the form .

Properties of Divisibility
There are a handful of properties of divisibility which are handy to remember; basically, these are good tools to use when you want to try to divide one integer into another. You can also think of these lemmas as good exercise for the definitions we've encountered in the class: none of the proofs require much more than writing down definitions, so they are a good chance for you to get used to the new terminology we've covered. Lemma: For Proof: We're told that have , if and and then .

. By the definition of divisibility, this means we

an integer d so that an integer e so that

(using the first divisibility condition), and (using the second divisibility condition).

Substituting appropriately, this means that

(2)

Since de is an integer, this equation tells us that Lemma: For , if and , then

as desired. .

Proof: Again, we start by just writing down the definitions. In this case, we're told that and , which means we have (using the first divisibility condition), and (using the second divisibility condition).

an integer d so that an integer e so that

Hence we have

(3)

Since md+ne is an integer, this equation tells us that

There was another basic property of division we mentioned that allowed us to compare the size of a divisor to the size of the integer it is dividing. The statement of this result is

Lemma: If

for a nonzero integer a, then

We didn't prove this result, but it might show up on your homework.

A Neat Trick
One of the examples of divisibility we gave in class was a rule for determining when an integer is divisible by 17. You can think of this as a cousin of the old "casting our nines" rule that you use to determine whether a given integer is divisible by 9. This new rule says Theorem: An integer Proof: First, assume that is divisible by 17 if and only if . Since is divisible by 17.

is obvious, our result on

integral linear combinations tells us that

(4)

In the other direction, assume that we are told that prove . Now since we know that

, and we want to , our result on integral linear

combinations tells us that

(5)

Example
To see this result in practice, notice that we have 221 = 22(10)+1. Since , we can conclude that .

A Final Divisibility Result

We finished off with one last example of a divisibility proof, when we showed that For every positive integer n, we have . . In this

Proof: We proved this result by induction, starting with the base case case it's easy to see that the statement is true: .

For the inductive step, we'll assume we know that to prove that expression

, and we'll try to use this

. In order to do this, we'll try to simplify the into something more user friendly; we decided the bast , which gives us

way to do this was to just expand the term

(6)

Since

by induction and

due to our clever

factorization, our result on integral linear combinations tells us that as well.

The Division Algorithm

The following result, though it seems pretty basic, is actually extremely powerful, giving rise not just to a method for finding greatest common divisors (Section 1.3) but also laying the foundation for the notion of modular arithmetic (Chapter 2). The Division Algorithm: For a positive integer d and an arbitrary integer a, there exist unique integers q and r with Proof of the division algorithm: Part 1: Existence We start by defining the set and .

(7)

and we claim that S has at least one non-negative element. To back up this claim, notice that

if

then we can take

and find that

; shows that , and so the ) or (if ). .

otherwise

, in which case taking

Now since d is positive by assumption we know that product is either a positive number (if

In either case we see that

is a non-negative element of S.

In either case we see that S contains a non-negative element, and hence the well ordering principle tells us that S contains a least non-negative element. We'll call this element r, and notice that r takes the form

(8)

Hence we get

. To show this satisfies the conditions of the division . The condition . is satisfied

algorithm, we simply need to show that

since r is chosen to be non-negative, so we only need to verify To see that , assume to the contrary that

, and we'll derive a

contradiction. In this case we have that

(9)

Since

by assumption we have

is a non-negative element of S which is smaller as desired.

than r. This is a contradiction to the selection of r as the smallest non-negative element of S, so we must conclude that Part 2: Uniqueness To finish the proof we need to show that the q and r we found in the previous part of the theorem are, indeed, unique. Hence suppose we have

(10)

This tells us that , and therefore that by our conditions into namely, . With this in hand, we see that the equation then becomes . . This tells us that we must have . But since we also have , we are in the , and hence

scenario where the divisor d has larger absolute value than the number it is dividing

. Using the cancellation law of multiplication, we therefore have

Lecture 3

Greatest Common Divisors

Recap and Summary

Last class period we talked at length about divisibility and the division algorithm. Today we moved on to discuss the concept of greatest common divisors. We finished

by describing some properties that greatest common divisors enjoy, including the (surprisingly powerful) result that the gcd of two integers a and b can be expressed as an integral linear combination of a and b.

A few comments on the divisibility and the division algorithm

Along with the language we already established namely that an integer d divides a, or that d is a divisor of a there are plenty of other equivalent expressions. For instance, if there exists an integer q so that

(1)

then one can say that "d divides a," that " d is a divisor of a," that ''dq is a factorization of a," or that "a is a multiple of d." All of these expressions capture the same equation above, and they should be pretty familiar vocabulary to all of you. It is also worth pointing out the division algorithm gives us a way to measure the success or failure of one integer dividing another. What we mean by this is the following. In the case that the case that , we have an equation which is satisfied. In

, however, the definition of divisibility doesn't give us an equation

we can write down. The division algorithm, however, let's use write an equation of the form (with ) regardless of the divisibility of d and a. In fact, the or the case .

remainder term tells us precisely whether we're in the case circumstances, as you'll find in this week's assignment.

Being able to write down such an equation winds up being critically important in many

Finally, we provide an example of the division algorithm in action.

Example: The Division Algorithm

Suppose you wanted to run the division algorithm on around with various multiples of 11, we see that and . Playing

is the smallest multiple of d

which is less than or equal to a. Hence if we choose q as 10, then we get the equation

(2)

In this case, we see that the division algorithm gives us

10

Greatest Common Divisors

For two integers a and b, it is often useful to know if there are any numbers d so that and . For obvious reasons, such a number is called a common divisor.

Certainly common divisors exist for any pair of integers a and b, since we know that 1 always divides any integer. We also know that common divisors can't get too big since divisors can't be any larger than the number they are dividing; hence a common divisor d of a and b must have as motivation, we have the following Definition: The greatest common divisor of two integers a and b, written largest integer d so that integers written and , is the and , so that . With all this

. More generally, if you have a collection of ,

, then the greatest common divisor of the collection , is the largest integer d so that for every i.

Example: Non-trivial GCD

Suppose we'd like to know the greatest common divisor of 12 and 15. We can see that

the divisors of 12 are the divisors of 15 are

The largest number which is a member of both of these sets and hence the greatest common divisor of 12 and 9 is therefore 3. So we have shown (12,9) = 3.

Example: Trivial GCD

If we want to know the greatest common divisor of 21 and 10, then we write down their divisors:

the divisors of 21 are the divisors of 10 are .

Hence we know that (21, 10) = 1.

Example: GCD of a collection

Looking at the lists of divisors we've already written out, we can see that the greatest common divisor of 12, 15 and 10 is 1, so that (12, 15, 10) = 1.

11

Example: GCDs with 0

We finish by noting that for any . This follows since 0 has the is the largest divisor of n, this means

property that every integer divides it. Since that .

Of particular interest in number theory are integers which do not share a common divisor, and because of their importance they get their own special name. Definition: Two integers a and b are said to be relatively prime if and b share no common non-trivial divisors. A collection if . A collection whenever . = 1; i.e., if a is relatively prime

is said to be pairwise relatively prime if

In the examples above, we see that 21 and 10 are relatively prime, and that the collection is relatively prime. Notice in this last example that the

collection is relatively prime even though each pair of integers from the collection is not relatively prime. (As a general rule of thumb, you'll care more about whether a collection is pairwise relatively prime than whether it's relatively prime).

Properties of the GCD

Having met and played around with greatest common divisors a bit, we'll now introduce a few properties that they enjoy.

Removing the GCD

First, we'll see what we get when we remove the gcd of two integers.

Lemma: For any pair of integers a and b, we have Proof: Since and , there exist integers so that

(3)

Our goal, then, is to show that common divisor satisfying of both and

. For this, suppose that there were some . This would imply that there exist integers

(4)

12

Putting this together with the previous equation, we'd then have

(5)

Hence the integer

would be a common divisor of a and b which is larger than

(a,b). This is a contradiction to the definition of greatest common divisor, and hence we are left to conclude that

(6)

You might be tempted to think that the integers a and the temptation! In general, it is not true that

are relatively prime; resist .

GCD as a linear combonation

Another surprisingly useful result to have around is the following Proposition, which says that the gcd of two integers a and b can be expressed as a linear combination of the a and b. Proposition: For any two integers a and b, we have

Proof: To prove this result, we'll define

, and we'll

show that it is in fact the greatest common divisor. Toward this end, we'll start by showing that d is a common divisor of both a and b, then we'll show that all other common divisors divide d (and so all other divisors are no bigger than d). To show that d is a divisor of a, we'll start by using the Division Algorithm to find integers q and r with that satisfy . Using the fact that

for appropriately chosen integers m and n, this means we have

(7)

But since d is chosen as the minimum positive integral linear combination of a and b, we therefore have , and so . Hence , and a similar proof shows that

. So d is a common divisor.

13

Now we show that any other common divisor k of a and b is also a divisor of d, from which we conclude that as claimed. To show that ; this ensures that d is the greatest common divisor, , we note that since and , then we have k

divides any integral linear combination of a and b. In particular, we have

(8)

Corollary: Two integers a and b are relatively prime if and only if 1 can be written as an integral linear combination of a and b. Another interesting property which the gcd of two integers has is that all other common divisors of a and b will divide (a,b). We actually proved this in the midst of the proof of the last theorem, so we can write is as a Corollary: For any pair of integers a and b, a common divisor d has .

As a final corollary, we note that since the gcd of two numbers is their smallest positive integral linear combination, any positive number smaller than their gcd cannot be expressed as an integral linear combination. Corollary: If k is a positive integer which is smaller than integers x and y so that the equation holds. , then there are no

Divisibility and Relatively Prime Integers

One of the real benefits of using relatively prime integers is that they let you conclude certain statements about divisibility which you might not usually get to make. For instance, if you are told that , you might be tempted to conclude that or

. In general, though, this is false (can you find a counterexample?). When you have some ''nice'' property involving relatively prime integers, however, you can call on a result such as this. Lemma: If and , then .

I won't prove this for you now, since this is one of your homework exercises.

14

Lecture 4 The Euclidean Algorithm;

Prime Numbers
Summary
Although we introduced the concept of greatest common divisors in class last time, we didn't come up with a very effective way of computing GCDs. We remedy this with the Euclidean Algorithm, and we show how this algorithm can also be used to express the GCD of two numbers a and b as an explicit linear combination of a and b. Afterwards we introduced prime numbers and started proving some results about them.

The Euclidean Algorithm

Greatest Common Divisors might seem like a boring subject to you, since likely you already saw GCDs when you were in high school. The kinds of GCDs you were after then between pairs of numbers which are relatively small and easily factored are quite different from the kinds of GCDs people care about in practice namely between pairs of numbers which are much too large to easily factor. For this reason, we need a method for computing GCDs effeciently. The idea for this method comes from the remarkably simple Lemma: Suppose that a and b are integers and that Algorithm. Then . as per the Division

Proof: This is really not a hard proof. Suppose that d is a common divisor of a and b. Then since , we have that d is a divisor of r as well (using our "divisibility

of integral linear combinations" result). Likewise, if d is a common divisor of b and r, then since also a divisor of a. Hence all common divisors of a and b are also common divisors of b and r, and vice versa, proving that the greatest elements amongst these common divisors are the same. We can apply this idea iteratively to give a computationally effective way to compute GCDs. we have that d is

Example: Computing GCDs with the Euclidean Algorithm

15

Suppose you're interested in computing (1921,493). Using the previous result, since

(1)

we know that this GCD is the same as (493,442). In fact, we can keep using this result over and over again, provided we keep using the division algorithm every time we get a non-zero remainder. These applications of the division algorithm are:

(2)

Hence we have

(3)

Example: Expressing GCD as a linear combo

This same procedure can be used to write the GCD between a and b as an integral linear combination of the two. In the previous computation, for instance, the secondto-last division algorithm application gives

(4)

The previous application of the division algorithm, though, showed us that , and hence we can substitute this into our expression for 17:

(5)

Using the equality

and substituting again gives

(6)

Continuing this kind of back substitution gives

(7)

16

Prime Numbers
The stars of number theory are the prime numbers. A number number exist is said to be prime if the only positive divisors of p are 1 and itself. A is said to be composite if it is not prime; i.e., n is composite if there so that .

The reason that prime numbers are so exciting is that, despite their foundational role in the multiplicative structure of the integers, they are very elusive. When I say that they are foundational in the multiplicative structure of the integers, I mean that any factorization of an integer n involves prime numbers as the atomic pieces in the same way that any physical substance we encounter is built out of elements from the periodic table. This is made precise by the Fundamental Theorem of Arithmetic, a topic we'll start discussing tomorrow. And when I say elusive, I mean just that: the damn things are hard to pin down and understand. We'll talk more about both of these ideas as well as some cool applications of primality throughout the remainder of the course. For now, though, we'll take a step in the first direction: showing that prime numbers are the building blocks of integers. For this, we begin with a nice lemma that says that any number is divisible by at least 1 prime number. Lemma: For any integer , there exists some prime number p which divides n.

Proof: We'll prove this result by contradiction: assuming the opposite of what we want to prove, manipulating this assumption until it reaches a contradiction, and then concluding that our assumption must be false and hence our desired conclusion is true. So suppose that not every integer n has a prime factor. This means that the set

(8)

is non-empty. As a non-empty set of positive integers, S must have a least element. We'll call this least element N. Now N is an element of S, and hence has no prime divisor. Since N is a divisor of itself , after all this means in particular that N cannot be prime. Therefore N is so that N = ab. Being positive

composite, meaning there exist integers

integers less than N, both a and b must live outside of S, and hence each has a prime

17

factor: say

and

. But then

and

, so that

, contrary to the

defining property of N. Having reached a contradiction, we conclude that S must, indeed, be empty, and so every integer greater than 1 has a prime factor. This result gives us a method for finding prime numbers using a sieve technique. Before we get there, we need to first make the following Observation: If such that . is a composite number, then there exists a prime divisor p of n

Proof: If n is composite, then there exist integers a and b so that n = ab. Now one of a or b must be less than , since otherwise their product would be greater than n. . Now a has a prime factor p and , we further have

Without loss of generality, we can assume that from the previous lemma, and so , giving the desired result. . Since

A Sieve Example
The idea behind a sieve is to find prime numbers by eliminating multiples of known prime numbers. The magic, though, is that one has to use relatively few primes to sieve out larger ones. Suppose, for instance, that you wanted to find all prime numbers less than 60. The previous observation says that any composite number factor which is smaller than must have a prime

. Hence any composite number smaller

than 60 must be divisible by one of the primes which is smaller than 8 namely one of 2, 3, 5, or 7. Hence if we listed all the numbers between 2 and 60 and crossed out the multiples of the primes listed above, the remaining numbers would all have to be prime. Let's try it out:

2 11 21 31 41 12 22 32 42

3 13 23 33 43

4 14 24 34 44

5 15 25 35 45

6 16 26 36 46

7 17 27 37 47

8 18 28 38 48

9 19 29 39 49

10 20 30 40 50

18

51

52

53

54

55

56

57

58

59

60

After crossing out all multiples of 2, 3, 5, and 7, we see that the primes less than 60 are 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 21, 37, 41, 43, 47, 53, and 59. In the same way that knowing the primes less than generate the list of primes less than gave us a method for finding

the primes less than 60, knowing the list of primes less than n gives us a way to . While this is a great way to conclusively generate prime numbers, the downside is that this technique takes a LONG times to implement. Hence it is an effective but impractical method for finding really big prime numbers.

Asking Questions About Primes

Having actually gone through and found a handful of small primes, we now begin to wonder what can be said about primes. Here are a few basic questions you might want to know

how many primes are there? for instance, is the number of primes finite? if the number of primes isn't finite, do we at least have a reasonable guess as to how many primes there are of a given magnitude? do we know how "spread out" the prime numbers are? do they come in clusters, or should we expect that they are always far apart from each other? is there a formula which allows us to quickly generate prime numbers?

These are all good questions, and some of them have nice, easy answers. Alternatively, some of these questions are exceedingly difficult to investigate. We'll cover a sampling in class tomorrow.

Prime Numbers; The Fundamental Theorem of Arithmetic

Lecture 5 Summary
Today we spent the first half of the class exploring questions about prime numbers. Along the way we proved that there are infinitely many prime numbers and that there are arbitrarily large gaps between prime numbers. We also saw a formula which gives a rough count for the number of integers up to a given number x, and we saw some

19

conjectures about other behaviors about prime numbers. In the last half of the class we started a proof of the Fundamental Theorem of Arithmetic.

Asking Questions About Primes

Having actually gone through and talked about the basics regarding prime numbers, we now begin to wonder what can be said about primes. Here are a few basic questions you might want to know

how many primes are there? for instance, is the number of primes finite? if the number of primes isn't finite, do we at least have a reasonable guess as to how many primes there are of a given magnitude? do we know how "spread out" the prime numbers are? do they come in clusters, or should we expect that they are always far apart from each other? is there a formula which allows us to quickly generate prime numbers? do prime numbers obey any special properties? for instance, are there more primes which leave remainder 1 after division by 4 than there are primes which leave remainder 3 after division by 1?

what can you say about how the primes behave under addition?

These are all good questions, and some of them have nice, easy answers. Alternatively, some of these questions are exceedingly difficult to investigate. We'll cover a sampling now.

The Infinitude of Primes

The question on the number of primes has been around for a long time, and the answer was known at least two thousand years ago. Here's the proof that Euclid gave in his Elements. Theorem: There are infinitely many primes. Proof: Again, we'll proceed by contradiction: assuming there are finitely many primes, massaging this condition into a contradiction, and then concluding that a finite number of primes is impossible. So suppose you have a list of all the prime numbers, and call them Then we'll form the integer primes, we cannot have . Notice that for any ; if we did, then we'd also know that . in our list of

(1)

20

But we know that N has to have at least 1 prime factor p. Since this prime number isn't one of the primes in our list, we conclude that the list of primes we started off with was incomplete.

Gaps and Clusters in Primes

Now that we know there are infinitely many primes, we might want to have a reasonable idea of how the primes are spaced out amongst the integers. Displaying their typical quirkiness, the answer to this question seems to be on both extremes: some primes have wide gaps to their next neighbor, while conjecturally, at least others are as close as can be. On the one extreme, we have a theorem which tells us that large gaps between primes numbers are known to exist. For any positive integer M, there is a string of at least M consecutive composite integers. Proof: The M integers between

(2)

are all composite, since the first is divisible by 2, the second by 3, etc. On the other hand, empirical evidence suggests that there are also lots of primes which are quite close to each other. The most famous result in this vein is The Twin Prime Conjecture: There are infinitely many primes p such that p+2 is also prime. For those who are interested, the record largest twin primes to date can be found at The Largest Known Primes Page; as of this morning, the largest twin primes were

(3)

two numbers which have something like 60,000 digits.

The Prime Number Theorem

With all the spreading out and bunching up between the prime numbers, one might think that it would be hard to give an estimate for the number of primes of a given magnitude. However, one of the biggest results in number theory and one which is almost always proved using techniques from complex analysis (!) tells us exactly

21

this information. It uses a function

, which is defined as the number of primes since the

less than or equal to a given number x. (So, for instance, we have primes less than or equal to 11 are .

The Prime Number Theorem:

as

This says that for large values of x, the number of primes less than or equal to x is about .

Primes of a particular form

Now that we know a little bit about primes, it is natural to ask: how can we go about finding them? The answer to this question, sadly, is that there's not really a general method for finding all primes aside from ''brute force'' techniques like our sieve method. Indeed, the difficulty in finding primes is one of the hard problems which helps keep our world afloat right now: encryption online is dependent on the fact that it's really hard to factor large numbers. Even though it's hard to come up with an exhaustive list of all primes, there are some places where prime hunters go to search for big game. Although finding large primes was a kind of pleasant amusement amongst mathematicians a hundred years or so ago, today it is big business: the aforementioned internet security applications of primality require large primes to work. Hopefully we'll be able to talk about all this more at the end of the term.

Mersenne Primes
The largest primes found these days all happen to take a particular form: they can be expressed as for a prime number p. These are the so-called Mersenne Primes. There was a recent development (i.e., early last semester), when the Great Internet Mersenne Prime Search (GIMPS) came across the new largest prime number. This number is

and has around 13 million digits. If you want, you can use your computer to help GIMPS out; maybe it will be your computer which finds the next largest prime!

The Primes Under Addition

Finally, we consider the question: what happens when you add together prime numbers? Since primes are defined based upon a multiplicative property, one might

22

not expect that they really have a lot of interesting additive structure. It seems, however, that they have a very rich additive structure. For instance, here's a longstanding conjecture about how the primes behave under addition: Goldbach's Conjecture: Every even integer at least 4 can be expressed as the sum of two prime numbers. Though plenty of smart people have been thinking about this problem for a couple of hundred years, and although it has been verified for "lots" of even numbers (can someone post to the Wiki how many even integers have been verified to satisfy this condition?), no one has yet been able to prove that it is true.

The Fundamental Theorem of Arithmetic

Having covered many of the basics, it's now time for us to knock down the Fundamental Theorem of Arithmetic. This theorem is something which you all have seen many times before whether explicitly or not and is an incredibly useful tool in number theory. We need a preliminary lemma before we can knock down the Fundamental Theorem. This preliminary result is known as Euclid's Lemma, and it is essentially a special case of one of your homework problems for the week (44a). Euclid's Lemma: If p is a prime number and Proof: Suppose that , and we'll argue that , then either or . forces

. For this, notice that

the only divisors of p are 1 and itself, and we already know that p isn't a divisor of a. Applying 44a from your homework gives the desired result.

The Proof of the Fundamental Theorem

We're now ready to prove the Fundamental Theorem of Arithmetic. Recall that it says The Fundamental Theorem of Arithmetic - Every positive integer at least 2 can be uniquely expressed as a product of prime numbers. We'll break our proof into two parts 1. Existence: that every numbers 2. Uniqueness: there is only one such way to factor a given integer can be written as for some prime

23

We only had time in class to cover the first statement; we'll prove the second in class on Monday. Existence: Suppose that there were integers greater than 1 which couldn't be factored into a product of primes. This would mean that there is a smallest such integer (by the well-ordering principle), and we'll call this smallest element n. Now n can't be prime since otherwise n is already an expression of itself as a product of primes. Hence for some . Since both a and b are smaller than n, this

means that they must be elements which do have prime factorizations (since n was selected as the smallest positive integer which didn't have this property). Therefore and for appropriate primes . But then we have

(4)

a prime factorization of n. Since this contradicts the selection of n as the least element without a prime factorization, we must conclude that every integer greater than 1 can be factored as a product of primes.

Lecture 6 The Fundamental Theorem

and its Applications

Summary
Today we began by finishing off the proof of the fundamental theorem of arithmetic. After we completed the proof, we saw how the fundamental theorem could be used to facilitate the computation of GCDs and LCMs, and we also used it to prove that there are infinitely many primes which leave remainder 3 after division by 4. Finally, we got a sneak peak at the fundamental concept in chapter 2: congruence of integers.

Finishing off the FTA

In class last time we were in the midst of proving the Fundamental Theorem of Arithmetic, which says The Fundamental Theorem of Arithmetic: Any integer expressed as a product of prime numbers. can be uniquely

24

We had already shown that every integer has a factorization into primes, but we had left to show that this factorization was unique. That's what we'll do now. To show that any integer n has only one prime factorization, suppose we're given two factorizations of an integer n:

(1)

This expression just means that each of the corresponding exponents are positive. We aim to show that the list of primes

are prime, and that the

and

are indeed the

same, and moreover that the corresponding exponents match up as well. For this, we start by noting that for each , the term clearly divides

the first expression of n as a product of primes. For this reason we must also have , and the supped up version of Euclid's Lemma says that some j. But since is prime, this means that in fact for

. Hence the list of primes

for the first factorization is a subset of the list of primes for the second factorization. Running the same argument for a given prime in the second factorization, we have that the list of primes for the second factorization is a subset of the list of primes for the first. Hence the list of primes are, in fact, identical. And not just identical as sets, but by virtue of our increasing ordering of the and . . For this, and we must in fact have

Now that the lists of primes are identical, we just need to show that suppose that . Then we have

(2)

Now clearly

divides the first expression (since

), whereas it cannot is

divide the second expression (since contradiction, and so we must have impossible, and so we have .

doesn't show up in the factorization). This is a . A similar argument shows that

GCDs, LCMs and FTA

To see that the Fundamental Theorem can be used to make our lives easier, we're going to show how it relates to a concept already discussed (GCDs) as well as a close

25

cousin (LCMs, or least common multiples). This second term has yet to be mentioned in this class, so we give a definition Definition: For two positive integers a and b, the least common multiple of a and b written either and . or sometimes is the smallest number m so that

Example: Computing
In order to compute the least common multiple of 10 and 6, we should write down all common multiples of these two numbers:

(3)

Notice that the first number common to both lists is 30, and so that means that 30 is the least common multiple of 10 and 6. Notice that in this case the least common multiple of a and b was *not* simply ab; there was a smaller common multiple than the "obvious" common multiple. Instead of writing out a list of common multiples, it would be nice if we had a uniform way to computer LCMs. In fact, there is a connection between GCDs and LCMs that makes one easy to compute whenever you have the other. This is given by the following Theorem: For any integers a and b, one has .

One can prove this result from the definition of GCDs and LCMs, but it because quite cumbersome. Instead, one can prove it by taking advantage of the following result that's borne from the Fundamental Theorem.

Theorem: For integers a and b with prime factorizations , one has

and

and .

26

We won't prove this result in class, but we'll use it to prove the theorem relating the GCD and LCM of two numbers above. //Proof that // :

We'll assume that a and b have factorizations given by

and

as in the theorem above. This then lets us substitute in the values of and in the product :

(4)

Now we just notice that for any integers x and y we have . Hence the product above becomes

(5)

Primes of a Particular form

We asked a while back how primes spread out amongst different classes of integers. For instance, we asked: how many primes are there which can be written as We also asked: how many primes can be written in the form of the form or for some integer k? We saw pretty quickly that there were no primes that took this form. for some integer k? This time we argued that there was only 1 such prime (namely 2). This left primes , and we asked: are there "more" primes of one form than the other? We'll start to give an answer to this question today in class with a proof of the following Theorem: There exist infinitely many primes p for which there exists . In order to do this, we first note the following Lemma: The product of two integers of the form of the form . and is another integer with

Proof: It isn't hard to see that

(6)

27

Taking

gives the desired result.

Now we're ready to prove our theorem above Proof of Theorem: Suppose, to the contrary, that there are only finitely many such primes. We'll list these primes out in order: prime denoted . We claim that the integer , with the largest such contains a prime

divisor not on our list. To see this, note first that N is an odd number, so its prime factorization contains only odd primes. If all these primes were of the form , then so too would N be of this form (using induction on our previous lemma). Hence there exists at least one prime divisor p of N for which for some integer n. . By our

We claim that p is not included in our list of primes. Suppose first that result on divisibility of integral linear combinations, this implies that . Hence Euclid's Lemma implies that either doesn't) or so we must have

(which it

for some i (also impossible). Hence we're led to a contradiction, and .

Since we have a complete list of primes which have remainder 3 after division by 4, this means that for some . But then we have for any of the in

another clear contradiction. We're left to conclude that our supposed complete list of primes of the form have been incomplete. .

, and hence our list must

Though an awfully nice result, we can't adapt this technique to show that there are infinitely many primes of the form we would need a result that says the again takes that form, but this is

product of two primes which took the form

NOT true. Hence we have to be more clever if we want to prove such a result. Indeed, studying problems such as these makes us wonder how many primes there are of the form or or plenty of other possible prime types. Though the proof goes beyond the means we have in this class, there is a big result which tells us about primes of that form Dirichlet's Theorem on Primes in an Arithmetic Progression: For any integers a and b with , the sequence

contains infinitely many prime numbers.

28

The proof of this result uses complex analysis to show that

(7)

diverges. Crazy!

A Preview of Chapter 2: Congruence

The topics we've covered so far basic ideas which are born from the concept of divisibility cover most of the basic tools used in number theory as of a few hundred years ago. Our next concept the notion of modular congruence was developed by Gauss and was a key result for moving forward in number theory. The basic idea centers around the following Definition: Two integers a and b are said to be congruence (or equivalent) module an integer m written if .

We'll see that this definition provides a relation that has a lot of the properties of our "usual" equality. What is truly powerful, though, is when one realizes that this new version of "equality" admits arithmetic operations (addition and multiplication) just like our usual notion of equality.

Lecture 7 Summary

Modular Arithmetic

Today in class we introduced the notion of modular congruence and saw that it can be used to give an equivalence relation to the integers. Not only does this provide us with a way to split the integers up into distinct subgroups (a so-called "partition"), but it also behaves well with respect to addition and multiplication. We started to explore how we can use these arithmetic properties of congruences to prove results about integers.

Congruence
The key idea in this chapter centers around the following

29

Definition: Two integers a and b are said to be congruence (or equivalent) module an integer m written if .

One of the benefits of modular congruence is that it behaves an awful lot like the regular "equals" you're used to playing with. In fact, modular congruence is an equivalence relation, which means it has the following properties 1. Reflexive: for any integer a and any modulus m, we have 2. Symmetric: for any integers a and b and any modulus m, if then and . , then . just means that we 3. Transitive: for any integers a,b and c, and any modulus m, if .

Proof: To prove the reflexive property, note that want to verify

. We saw a while back, though, that any integer m

divides 0, so this statement is valid. To prove symmetry, we need to show that implies . If ,

, though, the definition of modular congruence tells us that so that . But then we have , and so

. By the definition of modular congruence, we therefore have . Finally, for transitivity we are supposed to assume that , and somehow conclude that note that the first two congruence conditions tells us that and . To prove this result, we and .

Our result on divisibility of integral linear combinations, then, tells us that . Hence the definition of modular congruence tells us that .

The benefit of showing that modular congruence is an equivalence relation is that this tells us that congruence class partition the integers into distinct sets. For instance, when the modulus is 3, we know that every integer fits into one of the three collections

(1)

30

We know this has to be true because the division algorithm tells us that any number has remainder either 0,1 or 2 after trying to divide by 3.

Example: Negative Numbers and Congruences

Suppose you want to know what the integer -2 is congruent to mod 3. The definition tells us that choosing choosing makes leaves us with . Notice, however, that the way we've written these subsets isn't unique. For instance, since , the transitive property of congruence shows that is the same as saying is divisible by 3. Note that

something which isn't divisible by 3, whereas . Since , we have

(2)

With this observation in mind, one might be curious to know all the different ways of writing representatives for the congruence classes of a given modulus. This leads to the following Definition: A collection of integers is called a complete residue system for modulus m if every integer is congruent modulo m to exactly one element from the collection.

Example: Complete residue systems for

The division algorithm tells us that But notice that so too are and is a complete residue system for . On the other hand, note that .

is not a complete residue system, since it has a repeated congruence class; specifically, . On the other hand, the set fails to be a

complete residue system because not every integer is congruence to either 1 or 2. In particular, The fact that and . comes from the

is a complete residue system for

following more general result Lemma: For any integer m, the set modulo m. This complete residue system is so important that it gets its own name: it is called the least non-negative residue system for m. is a complete residue system

31

Congruence and Arithmetic

The reason that congruences are so important in number theory is that the notion of congruence plays well with addition and multiplication. By this we mean For integers with and and , we have

This result is important because it tells us that when we're doing arithmetic computations module m, we can do our computations by choosing any integers which sit in the given congruence classes module m. We'll see an example of this after we prove the theorem. Proof: We're given that and and , and these statements . By our result on

translate into the divisibility statements

divisibility of integral linear combinations, we have that

(3)

This divisibility statement, in turn, tells us that second statement, we'll choose a different integral linear combination:

. To verify the

(4)

and by the definition of congruence we have

Example: Arithmetic Modulo 6

The following tables tells us how addition and multiplication work modulo six

+ 0 1 2 3

0 0 1 2 3

1 1 2 3 4

2 2 3 4 5

3 3 4 5 0

4 4 5 0 1

5 5 0 1 2

32

4 5 x 0 1 2 3 4 5

4 5 0 0 0 0 0 0 0

5 0 1 0 1 2 3 4 5

0 1 2 0 2 4 0 2 4

1 2 3 0 3 0 3 0 3

2 3 4 0 4 2 0 4 2

3 4 5 0 5 4 3 2 1

An important thing to notice about this table is that it gives us examples where does not imply a and b so that , and yet . For example, notice that we can find . Canceling coefficients is

something you're probably really used to, so you need to be wary when doing modular arithmetic that you aren't carelessly "dividing" by constants. The following lemma tells us exactly what relationship such a,b have to each other.

Lemma:

is equivalent to

Example: "Canceling" coefficients in modular equations

Notice that in the example above, anytime we have a and b such that , we also have and , in which case we'd have , then it follows that , then we get . . For instance, we could choose . Likewise if we have a and ; for example, if we

//b/ such that choose and

Though we didn't get to prove this lemma in class, I'll give a sketch of part of the proof below. Proof: We'll only prove the direction, leaving the other direction for the , then this translates to

enthusiastic student. Now if we're told that the divisibility statement

. Hence there is some integer e so that

33

. If we write get an equation of integers

, then we can divide each of m and c by d and

(5)

Now since this is an equation of integers, we can cancel out the d on both sides, and we're left with the div

(6)

from which we have implies that

. We know that

by an old result, and we

also know that this relative primality result together with our divisibility condition

(7)

from which we find

as desired.

Example: A divisibility criterion for 11

People have been talking about divisibility criteria for integers on the forum, so I thought we might talk about how one goes about proving such a result. We'll prove the following Divisibility Criterion: Suppose that a number n has digits , meaning that

. Then n is divisible by 11 if and only if the alternating sum of its digits is divisible by 11.

Proof: To see that this is true, we'll take the equation what it gives us modulo 11. On the left hand side we just get right hand side we get . Notice that

and consider , but on the

. Now since "modding by 11" .

plays nicely with addition and multiplication, this means that Hence this means that our equation becomes

(8)

34

In particular,

if and only if

, meaning that n

is divisible by 11 if and only if the alternating sum of its digits is divisible by 11.

Example: Computing large powers (modularly)

One of the benefits of modular arithmetic is that it provides a context in which really large powers of a given integer can be computed. As an example, we'll compute . (This is more than the number of atoms in the universe!). To do this, we start by computing successive square powers of 10. To make this as efficient as possible, I'll often use the trick of substituting a given integer with another small integer which is equivalent modulo 13 (for instance, using the facts that and that . Witness:

(9)

Now when it comes to computing

, we just notice that

(10)

Lecture 8 Summary

Linear Congruence Equations

Today we started by reviewing how one can go about "canceling" common factors in congruence equations. Afterwards we introduced the notion of a linear congruence equation, giving a theorem which told us exactly when such an equation has solutions (and, indeed, how many solutions exist).

35

Cancellation in Modular Equations

Last class period we stated the following

Proposition:

is equivalent to

This result will play a central role in today's lecture, so we'll start by giving a full proof. Proof: We'll use the notation to make our exposition easier to read.

Suppose first that integer e with Now notice that since

. This means that

, so that there exists an . , where each of

. Multiplying this equation by c then gives we can rewrite the left hand side as

these terms are bona fide integers. Hence we have

(1)

Since the left hand side is a multiple of m, we conclude that Now we'll prove the direction. Since we're told that

. , this

translates to the divisibility statement that

. Hence there is some integer e so ) and get an

. We can divide each of m and c by d (since

equation of integers

(2)

Now since this is an equation of integers, we can cancel out the d on both sides, and we're left with the div

(3)

from which we have implies that

. We know that

by an old result, and we

also know that this relative primality result together with our divisibility condition

(4)

36

from which we find

as desired.

Linear Congruences
Now that we've played around a bit with modular arithmetic, it's time that we take one of our favorite problems in mathematics and give it a modular spin: solving equations. We'll start off at the beginning, dealing with linear equations. Definition: For integers a,b and m, the equation congruence. The goal, of course, is to find all integers x which solve this equation. Given that the equation is really a statement about modular congruence, though, you won't be surprised to hear that we're actually most interested in knowing solutions to the system modulo m; that is to say, we want to know which congruence classes modulo m solve the given equation. is called a linear

Example: Some linear congruence equations

From our multiplication table, we can read off solutions to some equations modulo 6.

(5)

So we see that our linear congruences can have either no solutions, 1 solution, or several solutions (where by "solutions" we mean more precisely "distinct solutions modulo m"). The question, then, is how to distinguish when an equation does have a solution from when it doesn't. And if it does have a solution, how can we produce all solutions? How many solutions will there be? Big Theorem on Linear Congruences: The congruence solutions if and only if solutions take the form solutions modulo m is given by . If has integer

is such a solution, then all other integral , where when . A complete list of the distinct .

37

Proof: For notational convenience, we'll write d for the gcd of a and m. Now we'll proceed with the proof in steps:
(1)

show that solutions exist if and only if

(3)

(2)

show that other solutions can be expressed in terms of one fixed solution; to prove this last part in class today.) Step 1: First, suppose that a solution implies that exists to the equation

determine when two integer solutions are congruent modulo m. (Note: we didn't get

. This .

, so that there exists an integer e with

Rearranging, we therefore have

(6)

Now since d is the gcd of a and m we have

and

, and therefore d divides

any integral linear combination of a and m. In particular,

(7)

Hence if our congruence equation has a solution, then

. . We start by

Now we'll prove the converse, showing that a solution exists when noting that there exists integers r and s such that

(8)

this follows because the gcd of two integers can be expressed as an integral combination of the two integers. Now using the fact that that , we find an integer e so

. Multiplying the displayed equation by e then gives

(9)

Taking this equation modulo m, we therefore have is an integer solution to the equation .

, and hence

Step 2: Now suppose we are given two solutions to the equation, wish to show that

and

, and we

. In order to do this, note that we have

(10)

38

This tells us that

, and so it follows that

or, if

we turn this divisibility statement into an equation, there exists some integer k so that . We'll divide this equation on both sides by d a legal move . This

since d is a common divisor of a and m and we find that is equivalent to the divisibility condition . Notice, however, that

, and hence homework problem 44a tells us that same as saying that , so that

. This is the as desired.

Step 3: (Note: we didn't get to discuss this proof in class, but I'm including it in the notes for people interested in seeing the full proof.) To find the distinct solutions (modulo m), suppose we pick up two solutions m. Since and which are the same modulo

by the previous step, this means that we have

(11)

Getting rid of the into an equation:

that is common to both sides, we turn this divisibility condition . Hence we have

(12)

and after canceling the m's on both sides of the equation (a legal move since this is an equation in integers, not a congruence equation) we're left with i.e., that . and are distinct if and only if are given as

This tells us that two solutions

. Hence the distinct solutions to when .

Example: Solving
Suppose you want to solve the equation and 15 is 3, and that has no solutions. . Notice that the gcd of 6

. Our big theorem tells us that this congruence equation

Example: Solving
Let's put these ideas in practice to try to solve . To start, we need to

decide whether this congruence will have solutions or not. For this, we just notice that

39

, and that

. Hence we know there are solutions, and we're expecting

that there should be 2 distinct solutions modulo 14. To find one such solution, we need to do two things: 1. we need to express 2 as a linear combination of 4 and 4, and 2. we need to express 6 as a multiple of 2. Toward the first goal, we know that we can to use the Euclidean Algorithm. The algorithm runs like so:

(13)

and from this we see that

(14)

Now for the second goal, it isn't too hard to see that

. Finding a solution,

then means we should multiply our expression of 2 as a linear combination by 3:

(15)

Taking this equation modulo 14 leaves us with

(16)

and hence

is one integer solution.

Now that we have one solution

, we can find all solutions by taking

for

. Doing so shows that the distinct solutions modulo 14 are given by . Notice that if we had been interested in least non-negative solutions, we would write 5 in place of -9 (since ). ) and 12 in place of -2 (since

40

Lecture 9

Multiplicative Inverses; the Chinese Remainder Theorem

Summary
We started off today by talking about a special class of linear congruence equations, namely those of the form . These led to multiplicative inverses, which we saw were useful in solving certain congruence equations. We drove this point home when we used multiplicative inverses to prove the Chinese Remainder Theorem, a tool that is used to solve simultaneous linear congruence equations.

Multiplicative Inverses
Last time we talked about solving linear congruence equations. Let's do another example of this kind of problem.

Example: Solving the linear congruence

Suppose we want to solve the equation solutions exist. In this case, we know that . We first check to see if , and since , we

know there are solutions. In fact, we know that there is exactly 1 solution mod 67. To compute it, we first need to write Euclidean Algorithm. This gives as a linear combination. We'll use the

(1)

Now we can use these equations to express 1 as a combination of 5 and 67:

(2)

Taking this equation modulo 67 shows that multiplicative inverse of 5 modulo 67. This example leads to the following Definition: A solution to the linear congruence multiplicative inverse for a modulo m.

, and so 27 is the

is called a

41

Example: The Inverse of 5 mod 67

The previous example can be translated to say "27 is the multiplicative inverse of 5 modulo 67." Notice that we already have machinery that tells us when multiplicative inverses exist. Theorem: An integer a has a multiplicative inverse modulo m if and only if . When a and m are relatively prime, the multiplicative inverse of a mod m is unique mod m. Proof: Recall that has a solution if and only if . Of course

there aren't a lot of choices for what in fact,

can be if this divisibility is going to hold;

is the only way this divisibility can hold. Hence a and m must be

relatively prime if a is going to have a multiplicative inverse mod m. When a solution does exist, our theorem on solving linear congruences says that the number of distinct solutions modulo m is given by the gcd of a and m. We've already seen that a solution exists if and only if one solution modulo m. , and so in this case there is only

Solving Congruences Using Inverses

Multiplicative inverses can be quite useful in solving other linear congruences, since they allow one to solve a congruence by a simple multiplication.

Example: Solving
Suppose we wish to solve . We could proceed as we have before

finding a gcd, writing that gcd as a linear combination, etc. Alternatively, we can use the fact that we've already computed the multiplicative inverse of 5 as 27. To take this latter route, notice that we have

(3)
(Notice: we're allowed to multiply by 27 on both sides of the expression without disturbing the solution set because says that Using the fact that solution is . if and only if , and you'll recall our theorem which ).

by our previous example, this means that our

42

The Chinese Remainder Theorem

We've now defined arithmetic on congruence classes mod m, and we've also managed to solve linear equations mod m. Now we're going to try to solve simultaneous linear congruences mod m.

Example: Simultaneous Congruence equations

Suppose you want to find an integer x which satisfies both of the congruences

(4)

We don't have a really good way for doing this systematically right now, but you can try out some small numbers to see if you can find a solution. For instance, we know that we can't have but notice that since this fails the second congruence; we also can't have and , does satisfy both of these equations. A little more works too, and the particularly diligent student . since this fails the first congruence. We can similarly rule out experimentation shows that

might also come across the solution

This example shows us that we "experimentally" solve these simultaneous congruences, but they don't provide a very systematic (or efficient) way of computing solutions. For this, we turn to The Chinese Remainder Theorem: If integers, then the congruence equations unique solution modulo . are pairwise relatively prime for each have a

Proof: We'll break the proof into two pieces: first we'll construct a simultaneous solution to the given congruences, and then we'll show this solution is unique in the given modulus.

To start, we'll define Now since the

, and for each

we'll write

for

are pairwise relatively prime, you showed in your homework (in the . Hence for every i, there exists an .

course of #43(c) in chapter 1) that integer With the which satisfies so constructed, we claim that

(5)

43

is a solution to all the congruences i, and we'll show that since

. To see this is true, fix an integer . Notice that for every we have ,

is the product of all the moduli except for

in particular,

shows up in

the product which defines N_j$]]. Hence we have

(6)

But now recall that as desired.

, and so the previous equation becomes

Hence we've constructed a solution. To show that all solutions are equivalent modulo , notice that if then we have every i, and so are two solutions to the congruence equations, for every i/. It follows that . By homework 43(c) in Chapter 1, since the . are for

relatively prime we can conclude that

Example: CRT in Action

Suppose that we're given the simultaneous congruences

(7)

Our proof of the CRT says that we need to start by computing this case are given as for each i. To solve solve , notice that , and these numbers in hand, we now need to solve the congruence equations

, which in . With

. Hence we're really trying to

. Now we could solve this equation by using the Euclidean

Algorithm to express the gcd of 10 and 3 as a linear combination of the two, but since the modulus is so small, we can just use "guess and check" to find this inverse. For this, notice that To solve really trying to solve . , and that . Hence we have . , we're

, we'll do a similar trick: since

. But this makes it clear that we can take

44

Finally, we need to solve solve we're after.

. Since

, we're trying to is the solution

. Using "guess and check", we see that

Now that we've computed all the appropriate terms, our desired solution modulo is therefore

(8)

You can expand that out and see what its least non-negative residue is, but you don't need to if you don't want. The Chinese Remainder Theorem is a really powerful tool for solving simultaneous congruences, but it only tells us how to solve problems where the given moduli are pairwise relatively prime. There are plenty of "real life" scenarios in which the moduli for your system of congruences won't be so nice, though, in which case it's handy to know this stronger version of the CRT: Strengthened Chinese Remainder Theorem: For arbitrary integers congruence equations only if for every . and

, there exists a simultaneous solution if and . When a solution exists, it is unique modulo

the least common multiple of the

We won't worry about proving this for now, but it is good to have in mind.

Example: The Strengthened CRT

Suppose someone asks you to solve the simultaneous equations

(9)

Since you know that

and since

, you know that this

simultaneous system has no solutions.

Example: The Strengthened CRT

Suppose someone asks you to solve the simultaneous equations

(10)

45

Note that since solution will be unique modulo

, there will be a solution to this equation (and the ). To find this solution, we note that the . This

first equation translates to the existence of an integer e so that means that

, and we can plug this value of x into the second equation:

(11)

Of course this equation is equivalent to

, which is just a linear

congruence in the variable e. We can use the methodology we've already developed to solve this equation, and doing so will show that are the solutions mod

15. Plugging these values back into our initial expression for x, we see that . Notice that all these values of x are congruence mod all give the same solution to our equation (mod ). , so they

46