Elementary Number Theory with Applications Koshy.pdf
0 likes1,611 views
This document defines various mathematical symbols used in elementary number theory. It provides the symbol, meaning, and page number for each entry. There are over 50 symbols defined ranging from sets and relations to numbers and operations. The symbols cover topics in numbers, sets, inequalities, operations, sequences, matrices, and other foundational concepts in number theory.
![n pa exactly divides n (183)
[a,b] the least common multiple of a and b (184)
[a1,a2,...,an] the least common multiple of a1,a2,..., and an (187)
a ≡ b (mod m) a is congruent to b modulo m (212)
a ≡ b (mod m) a is not congruent to b modulo m (212)
[r] the congruence class represented by r (216)
a−1 an inverse of a modulo m (234)
ρ(n) the digital root of n (291)
In the identity matrix of order n (316)
n# the product of primes ≤ n (325)
ϕ(n) Euler’s phi function (342)
τ(n) the number of positive factors of n (365)
σ(n) the sum of the positive factors of n (366)
Mp Mersenne number 2p − 1 (381)
μ(n) Möbius function (398)
λ(n) Liouville function (405)
ordm a the order of a modulo m (456)
ψ(d) the number of incongruent residues of order d modulo p (470)
indα a the index of a to the base α (483)
(a/p) Legendre symbol (501)
(a/m) Jacobi symbol (527)
(a/n) Kronecker symbol (549)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-3-320.jpg)
![6 CHAPTER 1 Fundamentals
Floor and Ceiling Functions
The floor of a real number x, denoted by x, is the greatest integer ≤ x. The ceiling
of x, denoted by x
, is the least integer ≥ x.† The floor of x rounds down x, whereas
the ceiling of x rounds up. Accordingly, if x /
∈ Z, the floor of x is the nearest integer to
the left of x on the number line, and the ceiling of x is the nearest integer to the right
of x, as Figure 1.2 shows. The floor function f(x) = x and the ceiling function
g(x) = x
are also known as the greatest integer function and the least integer
function, respectively.
Figure 1.2
For example, π = 3, log10 3 = 0, −3.5 = −4, −2.7 = −3, π
= 4,
log10 3
= 1, −3.5
= −3, and −2.7
= −2.
The floor function comes in handy when real numbers are to be truncated or
rounded off to a desired number of decimal places. For example, the real number π =
3.1415926535... truncated to three decimal places is given by 1000π/1000 =
3141/1000 = 3.141; on the other hand, π rounded to three decimal places is
1000π + 0.5/1000 = 3.142.
There is yet another simple application of the floor function. Suppose we divide
the unit interval [0,1) into 50 subintervals of equal length 0.02 and then seek to
determine the subinterval that contains the number 0.4567. Since 0.4567/0.02 +
1 = 23, it lies in the 23rd subinterval. More generally, let 0 ≤ x 1. Then x lies in
the subinterval x/0.02 + 1 = 50x + 1.
The following example presents an application of the ceiling function to every-
day life.
EXAMPLE 1.1 (The post-office function) In 2006, the postage rate in the United States for a first-
class letter of weight x, not more than one ounce, was 39¢; the rate for each additional
ounce or a fraction thereof up to 11 ounces was an additional 24¢. Thus, the postage
p(x) for a first-class letter can be defined as p(x) = 0.39 + 0.24 x − 1
, 0 x ≤ 11.
For instance, the postage for a letter weighing 7.8 ounces is p(7.8) = 0.39 +
0.24 7.8 − 1
= $2.07.
† These two notations and the names, floor and ceiling, were introduced by Kenneth E. Iverson in the
early 1960s. Both notations are variations of the original greatest integer notation [x].](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-34-320.jpg)
![1.2 The Summation and Product Notations 11
n
i=1
(cai) = c
n
i=1
ai
(1.2)
n
i=1
(ai + bi) =
n
i=1
ai +
n
i=1
bi (1.3)
(These results can be extended to any lower limit k ∈ Z.)
The following example illustrates this theorem.
EXAMPLE 1.3 Evaluate
2
j=−1
[(5j)3 − 2j].
SOLUTION
2
j=−1
[(5j)3
− 2j] =
2
j=−1
(5j)3
− 2
2
j=−1
j
= 125
2
j=−1
j3
− 2
2
j=−1
j
= 125[(−1)3
+ 03
+ 13
+ 23
] − 2(−1 + 0 + 1 + 2)
= 996
Indexed Summation
The summation notation can be extended to sequences with index sets I as their
domains. For instance,
i∈I
ai denotes the sum of the values of ai as i runs over the
various values in I.
As an example, let I = {0,1,3,5}. Then
i∈I
(2i + 1) represents the sum of the
values of 2i + 1 with i ∈ I, so
i∈I
(2i + 1) = (2 · 0 + 1) + (2 · 1 + 1) + (2 · 3 + 1) + (2 · 5 + 1) = 22
Often we need to evaluate sums of the form
P
aij, where the subscripts i and j
satisfy certain properties P. (Such summations are used in Chapter 8.)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-39-320.jpg)
![1.3 Mathematical Induction 19
Proving a result by induction involves two key steps:
• basis step Verify that P(n0) is true.
• induction step Assume P(k) is true for an arbitrary integer k ≥ n0
(inductive hypothesis).
Then verify that P(k + 1) is also true.
A word of caution: A question frequently asked is, “Isn’t this circular reasoning?
Aren’t we assuming what we are asked to prove?” In fact, no. The confusion stems
from misinterpreting step 2 for the conclusion. The induction step involves showing
that P(k) implies P(k + 1); that is, if P(k) is true, then so is P(k + 1). The conclusion
is “P(n) is true for every n ≥ n0.” So be careful.
Interestingly, there were television commercials for Crest toothpaste based on
induction involving toothpastes and penguins.
Some examples will show how useful this important proof technique is.
EXAMPLE 1.11 Prove that
1 + 2 + 3 + ··· + n =
n(n + 1)
2
(1.4)
for every positive integer n.
PROOF (by induction)
Let P(n) be the statement that
n
i=1
i = [n(n + 1)]/2.
basis step To verify that P(1) is true (note: Here n0 = 1):
When n = 1, RHS = [1(1 + 1)]/2 = 1 =
1
i=1
i = LHS.† Thus, P(1) is true.
† LHS and RHS are abbreviations of left-hand side and right-hand side, respectively.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-48-320.jpg)
![20 CHAPTER 1 Fundamentals
induction step Let k be an arbitrary positive integer. We would like to show that
P(k) implies P(k + 1). Assume P(k) is true; that is,
k
i=1
i =
k(k + 1)
2
← inductive hypothesis
To show that P(k) implies P(k + 1), that is,
k+1
i=1
i = [(k + 1)(k + 2)]/2, we start with
the LHS of this equation:
LHS =
k+1
i=1
i =
k
i=1
i + (k + 1)
Note:
k+1
i=1
xi =
k
i=1
xi
+ xk+1.
=
k(k + 1)
2
+ (k + 1), by the inductive hypothesis
=
(k + 1)(k + 2)
2
= RHS
So, if P(k) is true, then P(k + 1) is also true.
Thus, by induction, P(n) is true for every integer n ≥ 1; that is, the formula holds
for every positive integer.
Figure 1.5 demonstrates formula (1.4) without words.
Figure 1.5
Often we arrive at a formula by studying patterns, then making a conjecture, and
then establishing the formula by induction, as the following example shows.
EXAMPLE 1.12 Conjecture a formula for the sum of the first n odd positive integers and then use
induction to establish the conjecture.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-49-320.jpg)
![1.3 Mathematical Induction 21
SOLUTION
First, we study the first five such sums, and then look for a pattern, to predict a
formula for the sum of the first n odd positive integers.
The first five such sums are
1 = 12
1 + 3 = 22
1 + 3 + 5 = 32
1 + 3 + 5 + 7 = 42
1 + 3 + 5 + 7 + 9 = 52
There is a clear pattern here, so we conjecture that the sum of the first n odd positive
integers is n2; that is,
n
i=1
(2i − 1) = n2
(1.5)
We shall now prove it by the principle of induction.
PROOF
When n = 1,
n
i=1
(2i − 1) =
1
i=1
(2i − 1) = 1 = 12, so the result holds when n = 1.
Now, assume the formula holds when n = k:
k
i=1
(2i − 1) = k2. To show that it
holds when n = k + 1, consider the sum
k+1
i=1
(2i − 1). We have
k+1
i=1
(2i − 1) =
k
i=1
(2i − 1) + [2(k + 1) − 1]
= k2
+ (2k + 1) by the inductive hypothesis
= (k + 1)2
Consequently, if the formula holds when n = k, it is also true when n = k + 1.
Thus, by induction, the formula holds for every positive integer n.
Figure 1.6 provides a visual illustration of formula (1.5).
Figure 1.6](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-50-320.jpg)
![22 CHAPTER 1 Fundamentals
Returning to induction, we find that both the basis and the induction steps are essen-
tial in the induction proof, as the following two examples demonstrate.
EXAMPLE 1.13 Consider the “formula” 1 + 3 + 5 + ··· + (2n − 1) = (n − 2)2. Clearly it is true when
n = 1. But it is not true when n = 2.
Conclusion? That the truth of the basis step does not ensure that the statement
1 + 3 + 5 + ··· + (2n − 1) = (n − 2)2 is true for every n.
The following example shows that the validity of the induction step is necessary,
but not sufficient, to guarantee that P(n) is true for all desired integers.
EXAMPLE 1.14 Consider the “formula” P(n): 1 + 3 + 5 + ··· + (2n − 1) = n2 + 1. Suppose P(k) is
true:
k
i=1
(2i − 1) = k2 + 1. Then
k+1
i=1
(2i − 1) =
k
i=1
(2i − 1) + [2(k + 1) − 1]
= (k2
+ 1) + (2k + 1)
= (k + 1)2
+ 1
So if P(k) is true, P(k + 1) is true. Nevertheless, the formula does not hold for any
positive integer n. Try P(1).
An interesting digression: Using induction, we “prove” in the following example
that every person is of the same sex.
EXAMPLE 1.15 “Prove” that every person in a set of n people is of the same sex.
PROOF
Let P(n): Everyone in a set of n people is of the same sex. Clearly, P(1) is true. Let
k be a positive integer such that P(k) is true; that is, everyone in a set of k people is
of the same sex.
To show that P(k + 1) is true, consider a set A = {a1,a2,...,ak+1} of k + 1
people. Partition A into two overlapping sets, B = {a1, a2,..., ak} and C =](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-51-320.jpg)
![1.3 Mathematical Induction 25
6. Let n0 ∈ Z, S a nonempty subset of the set T = {n ∈
Z | n ≥ n0}, and ∗ be a least element of the set
T∗ = {n − n0 + 1 | n ∈ S}. Then n0 + − 1 is a least
element of S.
7. (Archimedean property) Let a and b be any pos-
itive integers. Then there is a positive integer n such
that na ≥ b.
(Hint: Use the well-ordering principle and contradic-
tion.)
8. Every nonempty set of negative integers has a largest
element.
9. Every nonempty set of integers ≤ a fixed integer n0
has a largest element.
(Twelve Days of Christmas) Suppose you sent your
love 1 gift on the first day of Christmas, 1 + 2 gifts on the
second day, 1 + 2 + 3 gifts on the third day, and so on.
10. How many gifts did you send on the 12th day of
Christmas?
11. How many gifts did your love receive in the 12 days
of Christmas?
12. Prove that 1 + 2 + ··· + n = [n(n + 1)]/2 by con-
sidering the sum in the reverse order.† (Do not use
mathematical induction.)
Using mathematical induction, prove each for every inte-
ger n ≥ 1.
13.
n
i=1
(2i − 1) = n2
14.
n
i=1
i2 =
n(n + 1)(2n + 1)
6
† An interesting personal anecdote is told about Gauss. When
Gauss was a fourth grader, he and his classmates were asked
by his teacher to compute the sum of the first 100 positive inte-
gers. Supposedly, the teacher did so to get some time to grade
papers. To the teacher’s dismay, Gauss found the answer in a
few moments by pairing the numbers from both ends:
The sum of each pair is 101 and there are 50 pairs. So the total
sum is 50 · 101 = 5050.
15.
n
i=1
i3 =
n(n + 1)
2
2
16.
n
i=1
ari−1 =
a(rn − 1)
r − 1
, r = 1
Evaluate each sum.
17.
30
k=1
(3k2 − 1) 18.
50
k=1
(k3 + 2)
19.
n
i=1
i/2 20.
n
i=1
i/2
Find the value of x resulting from executing each algo-
rithm fragment, where
variable ← expression
means the value of expression is assigned to variable.
21. x ← 0
for i = 1 to n do
x ← x + (2i − 1)
22. x ← 0
for i = 1 to n do
x ← x + i(i + 1)
23. x ← 0
for i = 1 to n do
for j = 1 to i do
x ← x + 1
Evaluate each.
24.
n
i=1
i
j=1
i 25.
n
i=1
i
j=1
j
26.
n
i=1
i
j=1
j2 27.
n
i=1
i
j=1
(2j − 1)
28.
n
i=1
22i 29.
n
i=1
i2
30.
n
i=1
n
j=1
ij 31.
n
i=1
n
j=1
2i+j
32. A magic square of order n is a square arrangement
of the positive integers 1 through n2 such that the sum
of the integers along each row, column, and diagonal
is a constant k, called the magic constant. Figure 1.8
shows two magic squares, one of order 3 and the other
of order 4. Prove that the magic constant of a magic
square of order n is
n(n2 + 1)
2
.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-54-320.jpg)
![30 CHAPTER 1 Fundamentals
Now the n − 1 disks at Y can be moved from Y to Z using X as an intermediary
in bn−1 moves, so the total number of moves needed is bn−1 +1+bn−1 = 2bn−1 +1.
Thus bn can be defined recursively as follows:
bn =
1 if n = 1 ← initial condition
2bn−1 + 1 if n ≥ 2 ← recurrence relation
For example,
b4 = 2b3 + 1 = 2[2b2 + 1] + 1
= 4b2 + 2 + 1 = 4[2b1 + 1] + 2 + 1
= 8b1 + 4 + 2 + 1 = 8(1) + 4 + 2 + 1 = 15,
so it takes 15 moves to transfer 4 disks from X to Z.
Notice that the recursive definition of a function f does not provide us with
an explicit formula for f(n) but establishes a systematic procedure for finding it.
The iterative method of finding a formula for f(n) involves two steps: 1) apply the
recurrence formula iteratively and look for a pattern to predict an explicit formula;
2) use induction to prove that the formula does indeed hold for every possible value
of the integer n.
The following example illustrates this method.
EXAMPLE 1.20 Solve the recurrence relation in Example 1.18.
SOLUTION
Using iteration, we have:
h(n) = h(n − 1) + (n − 1)
= h(n − 2) + (n − 2) + (n − 1)
= h(n − 3) + (n − 3) + (n − 2) + (n − 1)
.
.
.
= h(1) + 1 + 2 + 3 + ··· + (n − 2) + (n − 1)
= 0 + 1 + 2 + 3 + ··· + (n − 1)
=
n(n − 1)
2
, by Example 1.11
(We can verify this using induction.)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-59-320.jpg)
![1.4 Recursion 31
E X E R C I S E S 1.4
In Exercises 1–6, compute the first four terms of the se-
quence defined recursively.
1. a1 = 1
an = an−1 + 3, n ≥ 2
2. a0 = 1
an = an−1 + n, n ≥ 1
3. a1 = 1
an =
n
n − 1
an−1, n ≥ 2
4. a1 = 1, a2 = 2
an = an−1 + an−2, n ≥ 3
5. a1 = 1, a2 = 1, a3 = 2
an = an−1 + an−2 + an−3, n ≥ 4
6. a1 = 1, a2 = 2, a3 = 3
an = an−1 + an−2 + an−3, n ≥ 4
Define recursively each number sequence.
(Hint: Look for a pattern and define the nth term
an recursively.)
7. 1,4,7,10,13,...
8. 3,8,13,18,23,...
9. 0,3,9,21,45,...
10. 1,2,5,26,677,...
An arithmetic sequence is a number sequence in which
every term except the first is obtained by adding a fixed
number, called the common difference, to the preceding
term. For example, 1,3,5,7,... is an arithmetic sequence
with common difference 2. Let an denote the nth term of
the arithmetic sequence with first term a and common dif-
ference d.
11. Define an recursively.
12. Find an explicit formula for an.
13. Let Sn denote the sum of the first n terms of the se-
quence. Prove that
Sn =
n
2
2a + (n − 1)d
A geometric sequence is a number sequence in which
every term, except the first, is obtained by multiplying the
previous term by a constant, called the common ratio.
For example, 2,6,18,54,... is a geometric sequence with
common ratio 3. Let an denote the nth term of the geomet-
ric sequence with first term a and common ratio r.
14. Define an recursively.
15. Find an explicit formula for an.
16. Let Sn denote the sum of the first n terms of the se-
quence. Prove that Sn = [a(rn − 1)]/(r − 1), where
r = 1. Do not use induction.
Use the following triangular array of positive integers to
answer Exercises 17–20.
1
2 3
4 5 6
7 8 9 10
.
.
.
17. Let an denote the first term in row n, where n ≥ 1.
Define an recursively.
18. Find an explicit formula for an.
19. Find the sum of the numbers in row n.
20. Which row contains the number 2076?
Let an denote the number of times the assignment state-
ment x ← x + 1 is executed by each nested for loop. De-
fine an recursively.
21. for i = 1 to n do
for j = 1 to i do
x ← x + 1
22. for i = 1 to n do
for j = 1 to i do
for k = 1 to i do
x ← x + 1
23. Using Example 1.19, predict an explicit formula
for bn.
24. Using induction, prove the explicit formula for bn in
Exercise 23.
The 91-function f , invented by John McCarthy, is defined
recursively on W as follows:
f(x) =
x − 10 if x 100
f(f(x + 11)) if 0 ≤ x ≤ 100
Compute each:
25. f(99)
26. f(98)
27. f(f(99))](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-60-320.jpg)
![1.5 The Binomial Theorem 33
Binomial Coefficients
Let n and r be nonnegative integers. The binomial coefficient†
n
r
is defined by
n
r
=
n!
r!(n − r)!
if r ≤ n, and is 0 otherwise; it is also denoted by C(n,r) and nCr.
For example,
5
3
=
5!
3!(5 − 3)!
=
5 · 4 · 3 · 2 · 1
3 · 2 · 1 · 2 · 1
= 10
It follows from the definition that
n
0
= 1 =
n
n
.
There are many instances when we need to compute the binomial coefficients
n
r
and
n
n − r
. Since
n
n − r
=
n!
(n − r)![n − (n − r)]!
=
n!
(n − r)!r!
=
n!
r!(n − r)!
=
n
r
there is no need to evaluate both; this significantly reduces our workload. For exam-
ple,
25
20
=
25
25 − 20
=
25
5
= 53,130.
The following theorem shows an important recurrence relation satisfied by bi-
nomial coefficients. It is called Pascal’s identity, after the outstanding French math-
ematician and philosopher Blaise Pascal.
† The term binomial coefficient was introduced by the German algebraist Michel Stifel (1486–1567).
In his best-known work, Arithmetica Integra (1544), Stifel gives the binomial coefficients for n ≤ 17.
The bilevel parentheses notation for binomial coefficient was introduced by the German math-
ematician and physicist Baron Andreas von Ettinghausen (1796–1878). Von Ettinghausen, born in
Heidelberg, attended the University of Vienna in Austria. For two years he worked as an assistant
in mathematics and physics at the University. In 1821 he became professor of mathematics, and in
1835, professor of physics and director of the Physics Institute. Thirteen years later, he became the
director of the Mathematical Studies and Engineering Academy in Vienna.
A pioneer in mathematical physics, von Ettinghausen worked in analysis, algebra, differential
geometry, mechanics, optics, and electromagnetism.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-62-320.jpg)
![34 CHAPTER 1 Fundamentals
Blaise Pascal (1623–1662) was born in Clermont-Ferrand, France. Although he
showed astounding mathematical ability at an early age, he was encouraged by his
father to pursue other subjects, such as ancient languages. His father even refused to
teach him any sciences and relented only when he found that Pascal by age 12 had
discovered many theorems in elementary geometry. At 14, Blaise attended weekly
meetings of a group of French mathematicians which later became the French Acad-
emy. At 16, he developed important results in conic sections and wrote a book on
them.
Observing that his father would spend countless hours auditing government ac-
counts, and feeling that intelligent people should not waste their time doing mundane
things, Pascal, at the age of 19, invented the first mechanical calculating machine.
THEOREM 1.8 (Pascal’s Identity) Let n and r be positive integers, where r ≤ n. Then
n
r
=
n − 1
r − 1
+
n − 1
r
.
PROOF
We shall simplify the RHS and show that it is equal to the LHS:
n − 1
r − 1
+
n − 1
r
=
(n − 1)!
(r − 1)!(n − r)!
+
(n − 1)!
r!(n − r − 1)!
=
r(n − 1)!
r(r − 1)!(n − r)!
+
(n − r)(n − 1)!
r!(n − r)(n − r − 1)!
=
r(n − 1)!
r!(n − r)!
+
(n − r)(n − 1)!
r!(n − r)!
=
(n − 1)![r + (n − r)]
r!(n − r)!
=
(n − 1)!n
r!(n − r)!
=
n!
r!(n − r)!
=
n
r
Pascal’s Triangle
The various binomial coefficients
n
r
, where 0 ≤ r ≤ n, can be arranged in the form
of a triangle, called Pascal’s triangle,† as in Figures 1.12 and 1.13.
† Although Pascal’s triangle is named after Pascal, it actually appeared as early as 1303 in a work by
the Chinese mathematician Chu Shi-Kie.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-63-320.jpg)
![42 CHAPTER 1 Fundamentals
=
1
2
n(n + 1)(2n + 1)
6
+
n(n + 1)
2
=
n(n + 1)
12
[(2n + 1) + 3] =
n(n + 1)(n + 2)
6
=
n + 2
3
Figure 1.18 provides a geometric proof of this formula, developed in 1990 by
M. J. Zerger of Adams State College, Alamosa, Colorado.
Figure 1.18
It now follows that the total number of gifts sent in 12 days is given by s12 =
(12 · 13 · 14)/6 = 364.
The cubes 1,8,27,64,125,...,n3 are related to triangular numbers. To see this,
let cn denote the nth cube n3. Since
n
k=1
k3 = [n(n + 1)/2]2, it follows by Exercise 15
in Section 1.3 that
n
k=1
ck = t2
n; that is, the sum of the first n cubes equals the square
of the nth triangular number.
The following example shows that triangular numbers can occur in quite unex-
pected places. It also illustrates, step-by-step, a powerful problem-solving technique:
collecting data, organizing data, conjecturing a desired formula, and then establish-
ing the formula.
EXAMPLE 1.21 Find the number of 1 × k rectangles f(n) that can be formed using an array of n
squares, where 1 ≤ k ≤ n. See Figure 1.19.
Figure 1.19](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-71-320.jpg)
![1.7 Pyramidal Numbers 49
32. The nth number an that is both triangular and square
can be computed using the formula an = [(17 +
12
√
2)n + (17 − 12
√
2)n − 2]/32, n ≥ 1. Using this
formula, compute a2 and a3.
33. Prove that there are infinitely many triangular num-
bers that are squares.
Evaluate each.
34.
n
k=1
1
tk
c 35.
∞
k=1
1
tk
(This problem, proposed by Christiaan Huy-
gens to Baron Gottfried Wilhelm Leibniz, led to the
development of the latter’s harmonic triangle.)
1.7 Pyramidal Numbers
Now we pursue solid figurate numbers, which are positive integers that can be rep-
resented by pyramidal shapes. They are obtained by taking successive sums of the
corresponding polygonal numbers. The number of sides in the base of a pyramid
increases from three, so the various pyramidal numbers are triangular, square, pen-
tagonal, hexagonal, and so on.
We begin with the simplest pyramidal numbers, triangular pyramidal num-
bers, also known as tetrahedral numbers.
Triangular Pyramidal Numbers
The nth triangular pyramidal number Tn is the sum of the first n triangular num-
bers tn. The first four such numbers are: T1 = 1; T2 = t1 + t2 = 1 + 3 = 4; T3 =
t1 + t2 + t3 = 1 + 3 + 6 = 10; and T4 = t1 + t2 + t3 + t4 = 1 + 3 + 6 + 10 = 20. See
Figure 1.30.
Figure 1.30
The various triangular pyramidal numbers can be constructed using Table 1.6.
Just add up the numbers along the bent arrows. It follows from the table that Tn =
Tn−1 + tn; that is, Tn = Tn−1 + [n(n + 1)]/2.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-78-320.jpg)
![Chapter Summary 57
In passing, we note that by using generating functions, Segner’s formula can be em-
ployed to derive the explicit formula for Cn; see Exercises 10–13.
E X E R C I S E S 1.8
Prove each.
1. Cn =
1
n
2n
n − 1
2. Cn =
2n
n
−
2n
n − 1
3. Cn+1 =
2n
n
−
2n
n − 2
4. Cn =
1
2n + 1
2n + 1
n
5. Cn =
2n − 1
n − 1
−
2n − 1
n − 2
6. Cn = 2
2n
n
−
2n + 1
n
7. Cn =
2n + 1
n + 1
− 2
2n
n + 1
Using the recursive formula
Cn =
(n−1)/2
r=0
n − 1
2r
2n−2r−1Cr
(J. Touchard, 1928)
compute Cn for each value of n.
8. n = 5 9. n = 6
Prove each, where C(x) =
∞
n=0
Cnxn.
10. [C(x)]2 =
C(x) − C0
x
11. C(x) =
1 −
√
1 − 4x
2
12. Cn =
1
n + 1
2n
n
(Hint:
√
1 − 4x = 1 − 2
∞
n=1
Cn−1xn)
X CHAPTER SUMMARY
This chapter presented several properties governing integers and two classes of figu-
rate numbers—polygonal and pyramidal. The principle of induction is an extremely
useful proof technique, which we will be using frequently in later chapters. Recur-
sion is another powerful problem-solving tool.
The Order Relation
• An integer a is less than an integer b, denoted by a b, if b − a is a positive
integer. We then also write b a. If a b or a = b, we write a ≤ b or b ≥ a.
(p. 4)
• law of trichotomy: Given any two integers a and b, either a b, a = b, or
a b. (p. 5)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-86-320.jpg)
![60 CHAPTER 1 Fundamentals
• pn + tn−1 = hn (p. 48)
Pyramidal Numbers
• Triangular pyramidal numbers
Tn = Tn−1 +
n(n + 1)
2
(p. 49)
=
n(n + 1)(n + 2)
6
(p. 50)
• Square pyramidal number Sn = [n(n + 1)(2n + 1)]/6 (p. 51)
• Pentagonal pyramidal numbers Pn (p. 51)
• Hexagonal pyramidal numbers Hn (p. 51)
Catalan Numbers
Cn =
1
n + 1
2n
n
(p. 55)
= C0Cn−1 + C1Cn−2 + ··· + Cn−1C0 (Segner
s formula) (p. 56)
X REVIEW EXERCISES
Evaluate each.
1.
n
i=1
i(i + 1) 2.
n
i=1
n
j=1
(2i + 3j) 3.
n
i=1
n
j=1
2i3j
4.
n
i=1
i
j=1
2j 5.
n
i=1
n
j=1
2i3j 6.
n
i=1
i
j=1
32j
7.
n
i=1
i
j=1
2i 8.
n
i=1
i
j=1
ij 9.
n
r=0
2(n
r)
10.
n
r=0
2tr
Find the value of x resulting from the execution of each algorithm fragment.
11. x ← 0 12. x ← 0
for i = 1 to n do for i = 1 to n do
for j = 1 to n do for j = 1 to i do
x ← x + 1 for k = 1 to j do
x ← x + 1](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-89-320.jpg)
![62 CHAPTER 1 Fundamentals
34. Add two lines to the following number pattern.
t1 + t2 + t3 = t4
t5 + t6 + t7 + t8 = t9 + t10
t11 + t12 + t13 + t14 + t15 = t16 + t17 + t18 (M. N. Khatri)
35. Verify that t2
n − t2
n−1 = n3.
36. Using Exercise 35, show that
n
k=1
k3 = [n(n + 1)/2]2.
37. A palindrome is a positive integer that reads the same backwards and for-
wards. Find the eight palindromic triangular numbers 1000.
Prove each.
38.
n
k=1
k
2
=
n
k=1
k3.
39. t2
n = tn + tn−1tn+1
40. 2tntn−1 = tn2−1
41. tn−k = tn + tk − (n + 1)k (Casinelli, 1836)
42. tntk + tn−1tk−1 = tnk (R. B. Nelsen, 1997)
43. tn−1tk + tntk−1 = tnk−1 (R. B. Nelsen, 1997)
44. (2k + 1)2tn + tk = t(2k+1)n+k (Euler, 1775)
45.
(nr)!
(r!)n
is an integer. (Young, 1902)
46.
(nr)!
n!(r!)n
is an integer. (Feemster, 1910)
Let an denote the number of ways a 2 × n rectangular board can be covered with
2 × 1 dominoes.
47. Define an recursively. 48. Find an explicit formula for an.
(Hint: Consider 2 × (n − 1) and
2 × (n − 2) boards.)
X SUPPLEMENTARY EXERCISES
1. Show that (2mn,m2 − n2,m2 + n2) is a solution of the equation x2 + y2 = z2.
2. Prove that (a2 + b2)(c2 + d2) = (ac + bd)2 + (ad − bc)2, where a,b,c, and d
are any integers.
Using the number pattern in Figure 1.34, answer Exercises 3–5. (Euclides, 1949)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-91-320.jpg)
![64 CHAPTER 1 Fundamentals
interesting properties. For example, the sum of the numbers in the nth band
equals n3 and the main diagonal consists of squares. Using this array, prove
that
n
i=1
i3 = [n(n + 1)/2]2.
A side of the equilateral triangle in Figure 1.37 is n units long. Let an denote the
number of triangles pointing up.
Figure 1.37
8. Define an recursively.
9. Solve the recurrence relation.
10. Prove the Hoggat–Hansell identity
n − i
r − i
n
r + i
n + i
r
=
n − i
r
n + i
r + i
n
r − i
Evaluate each.
11.
n
k=0
n
k
k2
12.
n
k=0
n
k
k3
(Kuenzi and Prielipp, 1985)
13. In 1950, P. A. Piza discovered the following formula about sums of powers
of triangular numbers ti: 3
n
i=1
ti
3
=
n
i=1
t3
i + 2
n
i=1
t4
i . Verify it for n = 3 and
n = 4.
14. Prove that one more than the product of four consecutive integers is a per-
fect square, and the square root of the resulting number is the average of the
product of the smaller and larger numbers, and the product of the two middle
integers. (W. M. Waters, 1990)
15. Find a positive integer that can be expressed as the sum of two cubes in two
different ways.
16. Find three consecutive positive integers such that the sum of their cubes is also
a cube.
17. Find four consecutive positive integers such that the sum of their cubes is also
a cube.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-93-320.jpg)
![86 CHAPTER 2 Divisibility
Then
23 · 45 = 1 · 45 + 2 · 45 + 4 · 45 + 16 · 45
Next construct a table (Table 2.1) consisting of two rows, one headed by 1 and
the other by 45; each successive column is obtained by doubling the preceding col-
umn.
1 2 4 8 16
45 90 180 360 720
Table 2.1
To find the desired result, add the starred numbers in the second row. These
correspond to the terms in the binary expansion of 23:
23 · 45 = 45 + 90 + 180 + 720
= 1035
We can use yet another algorithm for multiplication, which is a delightful appli-
cation of the floor function.
The Russian Peasant Algorithm
The Russian peasant algorithm for multiplication resembles the Egyptian method.
To illustrate it, suppose we want to compute 24 · 43. As before, construct a table
(Table 2.2) of two rows, one headed by 24 and the other by 43. Each succeeding
number in row 1 is the quotient when the number is divided by 2; continue this
procedure until the quotient becomes 1. At each step, double the previous entry in
row 2.
24 12 6 3 1
43 86 172 344 688
Table 2.2
To compute the product, just add the starred numbers that correspond to the odd
numbers in row 1:
24 · 43 = 688 + 344 = 1032
[Can you explain why this algorithm works? Hint: ab = (a/2)(2b).]](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-115-320.jpg)
![88 CHAPTER 2 Divisibility
Using the Egyptian method, compute each product.
21. 19 · 31 22. 30 · 43
23. 29 · 49 24. 36 · 59
25–28. Using the Russian method, evaluate the products
in Exercises 21–24.
Using the Egyptian method of division, find the quotient
and the remainder when the first integer is divided by the
second.
29. 243, 19 30. 1076, 31
31. 1776, 35 32. 2076, 43
33. Arrange the binary numbers 1011, 110, 11011,
10110, and 101010 in order of increasing magnitude.
34. Arrange the hexadecimal numbers 1076, 3056,
3CAB, 5ABC, and CACB in order of increasing mag-
nitude.
35. What can you say about the ones bit in the binary rep-
resentation of an even integer? An odd integer?
Find the value of the base b in each case.
36. 54b = 64 37. 1001b = 9
38. 1001b = 126 39. 144b = 49
40. Find the base b if 7642 = 1234b. (A. Dunn, 1980)
41. Find the positive integer n if the decimal values of
n3 and n4 together contain all the digits exactly once.
(A. Dunn, 1980)
Find the number of ones in the binary representations of
each number.
42. 23 − 1 43. 24 − 1 44. 25 − 1 45. 2n − 1
46. Suppose a space team investigating Venus sends back
the picture of an addition problem scratched on a
wall, as shown in Figure 2.4. The Venusian numer-
ation system is a place value system, just like ours.
The base of the system is the same as the number of
fingers on a Venusian hand. Determine the base of
the Venusian numeration system. (This puzzle is due
to H. L. Nelson.†)
Figure 2.4
Polynomials can be evaluated efficiently using the tech-
nique of nested multiplication, called Horner’s method.
(This method is named after the English schoolmaster
William G. Horner [1786–1837], who published it in
1819.) For instance, the polynomial f(x) = 4x3 + 5x2 +
6x + 7 can be evaluated as f(x) = ((4x + 5)x + 6)x + 7.
Using this method, express each as a decimal integer.
47. 245eight 48. 101101two
49. 1100101two 50. 43BCsixteen
Find the ones digit in the decimal value of each.
51. 2100 52. 3247
53. Let x be a three-digit number with distinct digits in
base twelve. Reverse the digits. Subtract the smaller
number from the other number (save all the digits
in your answer). Reverse the digits in the difference.
Add this number to x. Find the sum.
54. Redo Exercise 53 in base sixteen.
† M. Gardner, “Mathematical Games,” Scientific American, 219 (Sept. 1968), 218–230.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-117-320.jpg)
![n+1 eights
, 1 ≤ n ≤ 8
• To prove the conjecture:
LHS = 987...(10 − n) · 9 + (8 − n)
= (10 − 1)[9 · 10n−1
+ 8 · 10n−2
+ 7 · 10n−3
+ ··· + (11 − n)10
+ (10 − n)] + (8 − n)
= [9 · 10n
+ 8 · 10n−1
+ ··· + (11 − n)102
+ (10 − n)10] −
[9 · 10n−1
+ 8 · 10n−2
+ 7 · 10n−3
+ ··· + (11 − n)10 + (10 − n)]
+ (8 − n)
= 9 · 10n
− (10n−1
+ 10n−2
+ ··· + 10) − (10 − n) + (8 − n)
= 9 · 10n
− (10n−1
+ 10n−2
+ ··· + 10 + 1) − 1
= 10 · 10n
− (10n
+ 10n−1
+ ··· + 10 + 1) − 1
= 10n+1
−
10n+1 − 1
9
− 1, since
k
i=0
ri
=
rk+1 − 1
r − 1
(r = 1)
=
8(10n+1 − 1)
9
But
10n+1
− 1 = 99...99](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-135-320.jpg)
![2.5 Prime and Composite Numbers 109
1 ≤ n ≤ 40, but L(41) is a composite. Notice that L(n) = E(−n). (Several exercises
based on similar formulas are included in the exercise set.)
However, no one has ever been successful in constructing a polynomial f(n)
that generates primes for all integers n. The reason becomes clear in the following
example.
EXAMPLE 2.23 Prove that there is no polynomial f(n) with integral coefficients that will produce
primes for all integers n.
PROOF (by contradiction)
Suppose there is such a polynomial f(n) = aknk + ak−1nk−1 + ··· + a1n + a0, where
ak = 0. Let b be some integer. Since f(n) is always a prime, f(b) must be a prime p;
that is,
f(b) = akbk
+ ak−1bk−1
+ ··· + a1b + a0 = p (2.1)
Let t be an arbitrary integer. Then
f(b + tp) = ak(b + tp)k
+ ak−1(b + tp)k−1
+ ··· + a1(b + tp) + a0
= (akbk
+ ak−1bk−1
+ ··· + a1b + a0) + p · g(t)
where g(t) is a polynomial in t. Thus,
f(b + tp) = p + pg(t), by equation (2.1)
= p[1 + g(t)]
So p|f(b + tp). But every value of f is a prime, so f(b + tp) must be a prime and
hence f(b + tp) = p. Thus, f(b) = p = f(b + tp). This implies f takes on the same
value infinitely many times, since t is an arbitrary integer.
But f(n) is a polynomial of degree k, so it cannot assume the same value more
than k times, yielding a contradiction.
Thus, no polynomial with integral coefficients exists that will generate only
primes.
Returning to Theorem 2.8, can we discover a way to find (or even estimate)
the number of primes ≤ a positive integer n (or a positive real number x)? This is
possible, as the following theorem shows, but first we present a function.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-147-320.jpg)
![114 CHAPTER 2 Divisibility
li(x) =
x
2
dt
lnt
You may notice from the table that
π(x)
li(x)
approaches 1 more rapidly than
π(x)
x/lnx
. In
fact, li(x) is a superior approximation for small x.
x π(x)
π(x)
x/lnx
π(x)
li(x)
103 168 1.160 0.9438202
104 1229 1.132 0.9863563
105 9592 1.104 0.9960540
106 78498 1.085 0.9983466
107 664579 1.071 0.9998944
108 5761455 1.061 0.9998691
109 50847534 1.054 0.9999665
1010 455052512 1.048 0.9999932
Table 2.4
In 1985, however, R. H. Hudson of the University of South Carolina showed
that it is not true for arbitrary x. Four years later, C. Bays of the University of South
Carolina and Hudson showed that π(x) li(x) in the vicinity of 1.39822 × 10316.
Although we have established the infinitude of primes, what can we say about
the distribution of primes? How are they distributed among the positive integers? Are
there consecutive integers that are primes? Are there consecutive odd integers that
are primes?
First, there is no pattern that fits the distribution of primes. For example, 2 and
3 are the only two consecutive integers that are primes (see Exercise 45). It is also
known that 3, 5, and 7 are the only three consecutive odd integers that are primes
(see Exercise 46).
Although there are only two consecutive integers that are primes, we can find
any number of consecutive integers that are composite numbers, as the next theorem
reveals. It shows that primes occur at unpredictable intervals. Its proof is an existence
proof, so we need to provide n such composite numbers.
THEOREM 2.12 For every positive integer n, there are n consecutive integers that are composite num-
bers.
PROOF
Consider the n consecutive integers (n + 1)! + 2,(n + 1)! + 3,...,(n + 1)! +
(n + 1), where n ≥ 1. Suppose 2 ≤ k ≤ n + 1, then k|(n + 1)!, so k|[(n + 1)! + k], by
Theorem 2.4, for every k. Therefore, each of them is a composite number.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-152-320.jpg)
![120 CHAPTER 2 Divisibility
there are infinitely many primes, but although primes are rel-
atively abundant early on, they become scarce among larger
numbers. For example, roughly 23% of two-digit numbers
are prime (21 of 90), but the figure for ten-digit numbers is
just 4%, and among hundred-digit numbers, the fraction of
primes is less than half a percent. As a consequence, the
gap between consecutive prime numbers tends to increase.
However, every so often two odd numbers in a row turn out
to be prime: 3 and 5, 41 and 43, 101 and 103, and 10,007
and 10,009, for example.
Mathematicians conjecture that such “twin primes” pop
up infinitely often. But in 1919, the Norwegian mathematician
Viggo Brun proved that even if there are infinitely many twin
primes, the sum obtained by adding their reciprocals—the
sum (1/3 + 1/5) + (1/5 + 1/7) + (1/11 + 1/13) + ···—
converges to a finite value, much as the sum 1/2 + 1/4 +
1/8 + 1/16 + ··· converges to 1. Brun’s sum is known only
to the first few digits, however—and even there, the accu-
racy is based on conjectures about the frequency with which
twin primes occur. Number theorists think it’s unlikely that
clumps of twin primes are lurking among very large numbers,
but they have been unable to prove it. One way to check up
on this assumption is to compute better estimates for Brun’s
sum.
In 1974, two mathematicians working for the Navy,
Daniel Shanks and John Wrench Jr., reported the first com-
putationally intensive estimate of Brun’s sum, based on the
occurrence of twin primes among the first two million prime
numbers.
Two years later, Richard Brent at the Australian Na-
tional University calculated all twin primes up to a hundred
billion (224,376,048 pairs), from which he computed an esti-
mate of 1.90216054 for Brun’s sum.
And there it sat—until Nicely entered the picture. The
Lynchburg math professor decided to push Brent’s work into
the trillions. To be on the safe side, he computed Brun’s sum
twice, using two different methods: the “easy” way using a
computer’s built-in floating point unit, which is supposed to
be accurate to 19 decimal places, and the “hard” way us-
ing an extended precision arithmetic, which he set to give
26 (and later 53) digits of accuracy. (The difference can be
likened to the difference between computing 1/3 + 1/7 as
0.33+0.14 = 0.47 and computing it as 1/3+1/7−10/21 =
0.48. The latter calculation gains accuracy by doing some
exact arithmetic first.)
The comparison between the two methods is what
got Intel into trouble. After Nicely added the new Pentium
to his stable of computers, he found that the gap between
the two results was much larger than it should have been.
By trial and error and a process of elimination, he pin-
pointed the source of the problem: The Pentium was giv-
ing incorrect floating point reciprocals for the twin primes
824,633,702,441 and 824,633,702,443—they were wrong
from the 10th digit on. Nicely still didn’t know whether the er-
ror was caused by his hardware or software, in part because
he’d caught an earlier error in a compiler program. “Finally,
in desperation, I ran this portion of the calculation on one
of the 486 [computers], rather than the Pentium,” he recalls.
“The error disappeared.”
Even that didn’t prove conclusively that it was the Pen-
tium chip’s fault; other hardware in the computer could have
been responsible. But in October (4 months after he first no-
ticed his calculations were off), Nicely nailed the culprit when
he got hold of two other machines with Pentium chips and
was able to reproduce the error. He notified Intel and, after
getting no satisfactory answer by the end of the month, sent
e-mail asking others to double-check his discovery. “I believe
you are aware of events from that point on,” he concludes
dryly.
The Pentium’s problem, as others have abundantly
confirmed, lies in the way the chip does division. Although
it works fine for most numbers, the chip’s built-in algo-
rithm makes mistakes in certain cases, rather like a grade-
schooler who mismemorized part of a multiplication table.
Nicely estimates that the chip gets roughly one in a billion
reciprocals wrong. But because the work in number theory
required him to compute billions of reciprocals over a wide
range, he was almost bound to run into the mistake.
“We’ve known for a long time that number theory com-
putations are very helpful” for turning up computer errors,
notes computational number theorist Arjen Lenstra of Bell-
core, in Morristown, New Jersey. “It is useful to run number
theory stuff on your processor before you sell it.”
Intel hasn’t decided whether to make such computa-
tions a routine part of its testing procedure, says Stephen
Smith, engineering manager for the Pentium processor di-
vision. But Intel was so impressed with Nicely work that it
asked him to run further computations on a corrected chip.
“We looked at him as the most thorough tester,” says Smith.
Figure 2.27](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-158-320.jpg)
![124 CHAPTER 2 Divisibility
Joseph Louis François Bertrand (1822–1900), the son of a writer of popular
scientific articles and books, was born in Paris. At the age of 11, he unofficially
began attending classes at the École Polytechnique. In 1838, at 16, he earned
two degrees, one in the arts and the other in science. A year later, he received
his doctorate for his work in thermomechanics and published his first paper. In
1841 he became professor at the Collège Saint-Louis. Subsequently, he taught at
the Lycée Henry IV, the École Normale Supérieure, the École Polytechnique, and
finally at the Collège de France until his death.
An author of many popular textbooks, Bertrand made important contributions
to applied mathematics, analysis, differential geometry, probability, and theoretical
physics.
where n ≥ 4. In 2000, M. Dalezman of Yeshiva University strengthened it even fur-
ther: p1p2p3 ···pn pn+1pn+2, where n ≥ 4.
An interesting application of Bertrand’s conjecture was proposed in 1989 by the
Romanian mathematician Florentin Smarandache.† In addition to the conjecture, it
uses two results: Suppose n ≥ 4. Then n! 2n and 1·3·5···(2n−1) 2n+2. Verify
both.
EXAMPLE 2.26 Prove that there are at least 3n/2 primes in the range n through n!, where n ≥ 4.
PROOF
Notice that the statement is true for 4 ≤ n ≤ 9. So assume n ≥ 10.
case 1 Suppose n is even, say, n = 2k, where k ≥ 5. Then
n! = 1 · 2 · 3···(2k − 2)(2k − 1)n
= 2k−1
[1 · 2 · 3···(k − 1)][1 · 3 · 5···(2k − 1)]n
2k−1
(k − 1)!2k+2
n
≥ 2k−1
· 2k−1
· 2k+2
n, since k ≥ 5
= 23k
n
A repeated application of Bertrand’s conjecture shows there are at least 3k =
3(n/2) = 3n/2 primes in the range n through 23kn, that is, between n and n!.
† In 1988, Smarandache escaped from the Ceausescu dictatorship, spent 2 years in a political refugee
camp in Turkey, and then emigrated to the United States.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-162-320.jpg)
![2.5 Prime and Composite Numbers 125
case 2 Suppose n is odd, say, n = 2k + 1, where k ≥ 5. Then
n! = 1 · 2 · 3···(2k − 1)(2k)n
= 2k
k![1 · 3 · 5···(2k − 1)]n
2k
· 2k
· 2k+2
n, since k ≥ 5
23k
n
Thus, as before, there are at least 3k = 3[(n − 1)/2)] = 3n/2 primes in the range n
through 23kn, that is, between n and n!.
Thus, in both cases, the result is true.
Additional Conjectures
Are there primes of the form n2 + 1? Clearly, 2 = 12 + 1 and 5 = 22 + 1 are two
such primes. There are two more such primes ≤ 100. No one knows how many such
?
primes exist.
The number of primes p(N) of the form n2 + 1 has been conjectured to be given
?
by
p(N) ≈ 0.6864067
N
n=2
dn
logn
where 2 ≤ n ≤ N.
Legendre’s conjecture: Is there a prime between n2 and (n+1)2? For example,
?
3 is a prime between 1 and 4; 5 is a prime between 4 and 9;
11 is a prime between 9 and 16; 19 is a prime between 16 and 25;
29 is a prime between 25 and 36.
Does this pattern hold for any positive integer n? That, too, still remains unan-
swered.
Bocard’s conjecture: There are at least four primes between the squares of
?
consecutive odd primes; for example, there are five primes between 32 and 52.
The following example singles out a unique prime.
EXAMPLE 2.27 Find the primes such that the digits in their decimal values alternate between 0s and
1s, beginning with and ending in 1.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-163-320.jpg)
![138 CHAPTER 2 Divisibility
? 12. Using Exercise 11, predict lim
n→∞
Fn+1
Fn
.
Conjecture a formula for each.
13.
n
i=1
F2i−1 14.
n
i=1
F2i
15.
n
i=1
Li 16.
n
i=1
L2i−1
17.
n
i=1
L2i 18.
n
i=1
F2
i
19.
n
i=1
L2
i
Prove each.
20. Fn = 2Fn−2 + Fn−3, n ≥ 4
21. Fn−1Fn+1 − F2
n = (−1)n, n ≥ 2
22. F5n is divisible by 5, n ≥ 1
23.
n
i=1
F2i−1 = F2n (E. Lucas)
24.
n
i=1
F2i = F2n+1 − 1 (E. Lucas)
25.
n
i=1
Li = Ln+2 − 3 26.
n
i=1
L2i−1 = L2n − 2
27.
n
i=1
L2i = L2n+1 − 1
28.
n
i=1
F2
i = FnFn+1 (E. Lucas)
29.
n
i=1
L2
i = LnLn+1 − 2
30. Let A =
1 1
1 0
. Then An =
Fn+1 Fn
Fn Fn−1
,
n ≥ 1. Assume F0 = 0.
31. Using Exercise 30, deduce that Fn−1Fn+1 − F2
n =
(−1)n.
(Hint: Let A be a square matrix. Then |An| = |A|n,
where |A| denotes the determinant of A.)
The nth term bn of a number sequence is defined by
bn = (αn − βn)/(α − β), where α = (1 +
√
5)/2 and
β = (1 −
√
5)/2 are solutions of the equation x2 = x + 1.
Verify each.
32. b1 = 1
33. b2 = 1
34. bn = bn−1 + bn−2, n ≥ 3
With α and β as above, let un = αn + βn, n ≥ 1. Verify
each.
35. u1 = 1
36. u2 = 3
37. un = un−1 + un−2, n ≥ 3
(These exercises indicate that un = Ln, the nth Lucas
number.)
Using Binet’s formulas, prove each.
38. F2n = FnLn
39. Fn−1 + Fn+1 = Ln
40. Fn+2 − Fn−2 = Ln
41. Ln−1 + Ln+1 = 5Fn
42. F2
n+1 + F2
n = F2n+1 (E. Lucas)
43. F2
n+1 − F2
n−1 = F2n (E. Lucas)
44. Let an denote the number of rectangles that can be
formed on a 1×n rectangular board. Find the recur-
rence relation satisfied by an.
(Hint: Look for a pattern. Every square is also a rec-
tangle.)
A subset of the set S = {1,2,...,n} is said to be alter-
nating if its elements, when arranged in increasing order,
follow the pattern odd, even, odd, even, etc. For example,
{1,2,5} and {3,4} are alternating subsets of {1,2,3,4,5},
whereas {1,3,4} and {2,3,4,5} are not; ∅ is considered
alternating. Let an denote the number of alternating sub-
sets of S. [Olry Terquem (1782–1862)]
45. Define an recursively.
46. Prove that an = Fn+2.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-176-320.jpg)
![166 CHAPTER 3 Greatest Common Divisors
Using recursion, evaluate each.
38. (12, 18, 28, 38, 44)
39. (15, 24, 28, 45)
40. (14, 18, 21, 36, 48)
41. (18, 24, 36, 63)
42. (a2b, ab3, a2b2, a3b4, ab4)
43. (a2b2, ab3, a2b3, a3b4, a4b4)
Disprove each statement.
44. If (a, b) = 1 = (b, c), then (a, c) = 1.
45. If (a, b) = 2 = (b, c), then (a, c) = 2.
Prove each, where a, b, c, d,k, m, and n are arbitrary
positive integers, p any prime, Fn the nth Fibonacci num-
ber, fn the nth Fermat number, and tn the nth triangular
number.
46. The gcd of any two positive integers is unique.
47. (a,−b) = (a,b) 48. (−a,b) = (a,b)
49. (−a,−b) = (a,b) 50. (a,a + b) = (a,b)
51. (ac,bc) = c(a,b)
52. Any two consecutive integers are relatively prime.
53. If p a, then p and a are relatively prime.
54. Using Theorem 3.8, prove that if d = (a, b), then
(a/d,b/d) = 1.
55. If d = (a1,a2,...,an), then d|ai for every integer i,
where 1 ≤ i ≤ n.
56. (a, (a, b)) = (a, b)
57. (a, a − b) = 1 if and only if (a, b) = 1.
58. If (a, b) = 1, then (a + b, a − b) = 1 or 2.
59. If (a,b) = 1 = (a,c), then (a,bc) = 1.
60. Let (a,b) = 1. Then (a2 + b2,a + 2ab) = 1 or 5.
(V. E. Hoggatt, Jr., 1972)
61. Let (a2 + b2,a + 2ab) = 1 or 5. Then (a,b) = 1
(V. E. Hoggatt, Jr., 1972)
62. (n + 1,n2 + 1) = 1, where n is even. (N. Schaum-
berger and J. Soriano, 1967)
63. (an − 1,am + 1) = 1 or 2. (E. Just, 1972)
64. (tn−1,tn) · (tn,tn+1) = tn (T. E. Moore, 2004)
65. a!b!|(a,b)(a + b − 1)! (J. H. Conway, 1988)
66. Let gn = (2k)2n
+1, where n ≥ 0. Then (gm,gn) = 1,
where m = n.
67. Fm|Fn if and only if m|n. [Hint: (Fm,Fn) = F(m,n).]
68. 3|Fn if and only if 4|n.
69. Let n m ≥ 0. Show that fm|(fn − 2).
70. Using Exercise 69, show that (fm,fn) = 1, where
m = n.
71. Using Theorem 3.2 and induction, prove that there are
infinitely many primes.
72. If (a,b) = 1, then (a2,b2) = 1.
73. Let m,n ≥ 1. Prove that
m
(m,n)
|
m
n
(C. Hermite)
74. Let m,n ≥ 1. Prove that
m − n + 1
(m,n)
|
m
n
(C. Her-
mite)
3.2 The Euclidean Algorithm
Several procedures exist for finding the gcd of two positive integers. One efficient
algorithm is the euclidean algorithm, named after Euclid, who included it in Book
VII of his extraordinary work, The Elements. The algorithm, however, was most
likely known before him. It is a fundamental tool in algorithmic number theory.
The following theorem lays the groundwork for the euclidean algorithm.
THEOREM 3.11 Let a and b be any positive integers, and r the remainder, when a is divided by b.
Then (a,b) = (b,r).](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-204-320.jpg)
![184 CHAPTER 3 Greatest Common Divisors
3.4 Least Common Multiple
The least common multiple (lcm) of two positive integers a and b is closely related
to their gcd. In fact, we use the lcm every time we add and subtract fractions. Now
we will explore two methods for finding the lcm of a and b. The first method em-
ploys canonical decompositions, and the second employs their gcd. We begin with a
definition.
Least Common Multiple
The least common multiple of two positive integers a and b is the least positive
integer divisible by both a and b; it is denoted by [a,b].
For example, suppose we want to evaluate [18,24]. The positive multiples of
18 are 18,36,54,72,90,... and those of 24 are 24,48,72,96,.... So their common
multiples are 72,144,216,.... Thus, [18,24] = their lcm = 72.
How do we know that [a,b] always exists? Since ab is a multiple of both a
and b, the set of common multiples is always nonempty; so, by the well-ordering
principle, the set contains a least element; thus, [a,b] always exists.
Is it unique? The answer is again yes (see Exercise 32).
Next, we rewrite the previous definition of lcm symbolically.
A Symbolic Definition of lcm
The lcm of two positive integers a and b is the positive integer m such that
• a|m and b|m; and
• if a|m and b|m, then m ≤ m, where m is a positive integer.
Canonical decompositions of a and b can be employed to find their lcm. Suppose
we want to find [90,168]. Notice that 90 = 2 · 32 · 5 and 168 = 23 · 3 · 7. Looking at
the prime powers, it follows that their lcm must be a multiple of 23,32,5, and 7; so
their lcm is 23 · 32 · 5 · 7 = 2520.
An important observation:
[90,168] = 23
· 32
· 5 · 7
= 2max{1,3}
· 3max{2,1}
· 5max{1,0}
· 7max{0,1}](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-236-320.jpg)
![3.4 Least Common Multiple 185
This leads us to the following generalization.
Let a and b be two positive integers with the following canonical decomposi-
tions:
a = pa1
1 pa2
2 ···pan
n and b = pb1
1 pb2
2 ···pbn
n , where ai,bi ≥ 0.
(Again, we assume that both decompositions contain exactly the same prime
bases pi.) Then
[a,b] = p
max{a1,b1}
1 p
max{a2,b2}
2 ...pmax{an,bn}
n
The following example illustrates this technique.
EXAMPLE 3.14 Using the canonical decompositions of 1050 and 2574, find their lcm.
SOLUTION
Notice that 1050 = 2 · 3 · 52 · 7 and 2574 = 2 · 32 · 11 · 13. Therefore,
[1050,574] = 2max{1,1}
· 3max{1,2}
· 5max{2,0}
· 7max{1,0}
· 11max{0,1}
· 13max{0,1}
= 21
· 32
· 52
· 71
· 111
· 131
= 450,450
Next, we derive a close relationship between the gcd and the lcm of two positive
integers. But first, let us study an example and make an observation.
Notice that (18,24) = 6 and [18,24] = 72. Also, 6·72 = 18·24; in other words,
[18,24] =
18 · 24
(18,24)
.
The following theorem shows this is not a sheer coincidence but is always the
case. It is a direct application of Theorem 1.1 and canonical decompositions.
THEOREM 3.17 Let a and b be positive integers. Then [a,b] =
ab
(a,b)
.
PROOF
Let a = pa1
1 pa2
2 ···pan
n and b = pb1
1 pb2
2 ···pbn
n be the canonical decompositions of a
and b, respectively. Then
(a,b) = p
min{a1,b1}
1 p
min{a2,b2}
2 ···pmin{an,bn}
n](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-237-320.jpg)
![186 CHAPTER 3 Greatest Common Divisors
and
[a,b] = p
max{a1,b1}
1 p
max{a2,b2}
2 ···pmax{an,bn}
n
Therefore,
(a,b) · [a,b] = p
min{a1,b1}
1 ···pmin{an,bn}
n ,p
max{a1,b1}
1 ···pmax{an,bn}
n
= p
min{a1,b1}+max{a1,b1}
1 ···pmin{an,bn}+max{an,bn}
n
= pa1+b1
1 pa2+b2
2 ···pan+bn
n
=
pa1
1 pa2
2 ···pan
n
pb1
1 pb2
2 ···pbn
n
= ab
Thus,
[a,b] =
ab
(a,b)
This theorem provides a second way of computing [a,b], provided (a,b) is
known, as the following example illustrates.
EXAMPLE 3.15 Using (252,360), compute [252,360].
SOLUTION
You may notice that 252 = 22 ·32 ·7 and 360 = 23 ·32 ·5, so (252,360) = 22 ·32 = 36.
Therefore, by Theorem 3.17,
[252,360] =
252 · 360
36
= 2520
Returning to Theorem 3.17, suppose (a,b) = 1. Then [a,b] = ab. Accordingly,
we have the following corollary.
COROLLARY 3.10 Two positive integers a and b are relatively prime if and only if [a,b] = ab.
For instance, since 15 and 28 are relatively prime, [15,28] = 15 · 28 = 420.
As in the case of gcd, the idea of lcm can be extended to three or more positive
integers. For example, 24 = 23 · 3,28 = 22 · 7, and 36 = 22 · 32. Therefore,
[24,28,36] = 2max{3,2,2}
· 3max{1,0,2}
· 7max{0,1,0}
= 23
· 32
· 71
= 504](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-238-320.jpg)
![3.4 Least Common Multiple 187
Again, as in the case of gcd, recursion can be applied to evaluate the lcm of
three or more positive integers, as the following result shows. We leave its proof as
an exercise (see Exercise 36).
THEOREM 3.18 Let a1,a2,...,an be n (≥ 3) positive integers. Then [a1,a2,...,an] = [[a1,a2,...,
an−1],an].
The following example illustrates this result.
EXAMPLE 3.16 Using recursion, evaluate [24,28,36,40].
SOLUTION
[24,28,36,40] = [[24,28,36],40] = [[[24,28],36],40]
= [[168,36],40] = [504,40]
= 2520
(You can verify this using the canonical decompositions of 24, 28, 36, and 40.)
The following two results follow from Theorem 3.18.
COROLLARY 3.11 If the positive integers a1,a2,...,an are pairwise relatively prime, then [a1,a2,
...,an] = a1a2 ···an−1an.
For instance, 12, 25, and 77 are pairwise relatively prime, so [12,25,77] = 12 ·
25 · 77 = 23,100.
Is the converse of this corollary true? You can determine this in Exercise 38.
COROLLARY 3.12 Let m1,m2,...,mk and a be positive integers such that mi|a for 1 ≤ i ≤ k. Then
[m1,m2,...,mk]|a.
PROOF (by strong induction on k)
The statement is clearly true when k = 1 and k = 2. So assume it is true for integers
1 through t. Now let mi|a for 1 ≤ i ≤ t + 1. Then [m1,m2,...,mt]|a by the inductive
hypothesis and mt+1|a; so, again by the hypothesis, [[m1,m2,...,mt],mt+1]|a; that
is, [m1,m2,...,mt+1]|a by Theorem 3.18. Thus, by induction, the result is true for
every positive integer k.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-239-320.jpg)
![188 CHAPTER 3 Greatest Common Divisors
E X E R C I S E S 3.4
Mark true or false, where a, b, and c are arbitrary positive
integers and p is any prime.
1. The lcm of two primes is their product.
2. The lcm of two consecutive positive integers is their
product.
3. The lcm of two distinct primes is their product.
4. If (a,b) = 1, then [a,b] = ab.
5. If p a, then [p,a] = pa.
6. If [a,b] = 1, then a = 1 = b.
7. If [a,b] = b, then a = 1.
8. If [a,b] = b, then a|b.
9. If [a,b] = ab, then a = b.
10. If [a,b] = ab and [b,c] = bc, then [a,c] = ac.
Find the lcm of each pair of integers.
11. 110, 210 12. 65, 66
Find [a,b] if
13. a|b 14. b|a
15. a = 1 16. a = b
17. a and b are distinct primes.
18. b = a + 1
Find [a,b] if
19. (a,b) = 3 and ab = 693.
20. ab = 156 and a and b are relatively prime.
21. Find the positive integer a if [a,a + 1] = 132.
22. Find the twin primes p and q such that [p,q] = 323.
Find the positive integers a and b such that
23. (a,b) = 20 and [a,b] = 840
24. (a,b) = 18 and [a,b] = 3780
25. What is your conclusion if (a,b) = [a,b]? Why?
Using recursion, find the lcm of the given integers.
26. 12, 18, 20, 28 27. 15, 18, 24, 30
28. 10, 16, 18, 24, 28 29. 12, 15, 18, 25, 30
30. Prove or disprove: [a,b,c] = abc/(a,b,c).
31. Find the smallest positive integer ≥ 2 that is a square,
a cube, and a fifth power. (A. Dunn, 1983)
Prove each, where a,b,c,k,m,a1,a2,...,an,x,y, and z
are positive integers.
32. The lcm of any two integers is unique.
33. (a,b)|[a,b]
34. [ka,kb] = k[a,b]
35. Let m be any multiple of a and b. Then [a,b]|m.
36. Let a1,a2,...,an be n (≥ 3) positive integers. Then
[a1,a2,...,an] = [[a1,a2,...,an−1],an].
37. [ka1,ka2,...,kan] = k[a1,a2,...,an−1,an].
38. If [a1,a2,...,an] = a1a2 ···an−1an, then a1,a2,
...,an are pairwise relatively prime.
39. max{x,y,z} − min{x,y,z} + min{x,y} + min{y,z} +
min{z,x} = x + y + z
40. The sum of the twin primes p and p + 2 is divisible
by 12, where p 3. (C. Ziegenfus, 1963)
41. (a,[b,c]) = [(a,b),(a,c)]
42. [a,(b,c)] = ([a,b],[a,c])
3.5 Linear Diophantine Equations
Often we are interested in integral solutions of equations with integral coefficients.
Such equations are called diophantine equations, after Diophantus, who wrote ex-
tensively on them. For example, when we restrict the solutions to integers, the equa-
tions 2x + 3y = 4,x2 + y2 = 1, and x2 + y2 = z2 are diophantine equations.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-240-320.jpg)
![3.5 Linear Diophantine Equations 191
SOLUTION
Let x,y, and z denote the number of cocks, the number of hens, and the number of
chicks respectively. Clearly, x,y,z ≥ 0. Then the given data yield two LDEs:
x + y + z = 100 (3.3)
5x + 3y +
z
3
= 100 (3.4)
Substituting for z [= 100 − x − y from equation (3.3)] in equation (3.4) yields
5x + 3y +
1
3
(100 − x − y) = 100
That is,
7x + 4y = 100
y =
100 − 7x
4
= 25 −
7
4
x (3.5)
So, for y to be an integer, 7x/4 must be an integer; but 4 7, so x must be a multiple
of 4: x = 4t, where t is an integer. Then,
y = 25 −
7
4
x = 25 −
7(4t)
4
= 25 − 7t
and
z = 100 − x − y = 100 − 4t − (25 − 7t) = 75 + 3t
Thus, every solution to the puzzle is of the form x = 4t,y = 25−7t,z = 75+3t,
where t is an arbitrary integer.
Now, to find the possible actual solutions of the puzzle, we take the following
steps: Since x ≥ 0,t ≥ 0. Since y ≥ 0,25 − 7t ≥ 0; that is, t ≤ 25/7, so t ≤ 3. Since
z ≥ 0,75 + 3t ≥ 0; that is, t ≥ −25; but this does not give us any additional informa-
tion, so 0 ≤ t ≤ 3.
Thus, the riddle has four possible solutions, corresponding to t = 0, 1, 2, and
3: x = 0, y = 25, z = 75; x = 4, y = 18, z = 78; x = 8, y = 11, z = 81; and x = 12,
y = 4, z = 84.
Although we were able to solve successfully the LDEs in both examples, we
should ask three questions:](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-243-320.jpg)
![196 CHAPTER 3 Greatest Common Divisors
which shows x0 = 28, y0 = 77 is a particular solution of the LDE. [See part (2) of
the proof of the theorem. Also, note that we obtained this solution in Example 3.17.]
Therefore, by Corollary 3.13, the general solution is given by x = x0 + bt =
28 − 23t and y = y0 − at = 77 − 63t, where t is an arbitrary integer.
EXAMPLE 3.21 Using Theorem 3.19, find the general solution of the hundred fowls puzzle in Exam-
ple 3.18.
SOLUTION
By Example 3.18, we have
x + y + z = 100 (3.8)
5x + 3y +
z
3
= 100 (3.9)
Eliminating z between these two equations, we obtain the LDE
7x + 4y = 100 (3.10)
Notice that (7,4) = 1 and by trial and error,
1 = (−1) · 7 + 2 · 4
Now multiply both sides of this equation by 100:
100 = (−100) · 7 + 200 · 4
Therefore, x0 = −100,y0 = 200 is a particular solution of the LDE (3.10). Thus,
by Corollary 3.13, the general solution of the LDE (3.10) is x = −100 + 4t, y =
200 − 7t. Then
z = 100 − x − y
= 100 − (−100 + 4t
) − (200 − 7t
)
= 3t
Thus, the general solution of the puzzle is x = −100 + 4t, y = 200 − 7t, z = 3t,
where t is an arbitrary integer.
This solution can be rewritten in such a way that we can recover the general
solution obtained earlier. We have
x = −100 + 4t
= 4(−25 + t
)
= 4t, where t = t
− 25](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-248-320.jpg)
![198 CHAPTER 3 Greatest Common Divisors
left over, which they throw out for the monkey. Find the smallest possible number of
coconuts in the original pile.
SOLUTION
Let n denote the number of coconuts in the original pile. Let u,v,w,x, and y denote
the number of coconuts each sailor took after each division, and let z be the number
of coconuts each received after the final division. Then
n = 5u + 1
4u = 5v + 1
4v = 5w + 1
4w = 5x + 1
4x = 5y + 1
4y = 5z + 1
These equations yield the LDE
15625z − 1024n = −11529 (3.11)
Because (15625,1024) = 1, the LDE has a solution. Using the euclidean algorithm,
we can verify that 1 = 313 · 15625 − 4776 · 1024, so
15625 · [(−11529) · 313] − 1024 · [4776 · (−11529)] = −11529
That is,
15625 · (−3608577) − 1024 · (−55062504) = −11529
So z0 = −3608577 and n0 = −55062504 is a particular solution, and the general
solution is z = −3608577 − 1024t, n = −55062504 − 15625t, t being an arbitrary
integer.
Because n 0, −55062504 − 15625t 0, so t −
55062504
15625
; that is, t
−3524. Because n is a minimum when t is a maximum, t = −3525. Then n =
−55062504 − 15625 · (−3525) = 15621. Thus, the least number of coconuts in the
original pile is 15,621.
We shall return to this puzzle in the next section.
Now, we make a geometric interpretation of the general solution in Theo-
rem 3.20.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-250-320.jpg)
![206 CHAPTER 3 Greatest Common Divisors
Fundamental Theorem of Arithmetic
• If p is a prime and p|ab, then p|a or p|b. (p. 174)
• If p is a prime such that p|a1a2 ···an, where a1,a2,...,an are positive inte-
gers, then p|ai for some i, where 1 ≤ i ≤ n. (p. 174)
• If p,q1,q2,...,qn are primes such that p|q1q2 ···qn, then p = qi for some i,
where 1 ≤ i ≤ n. (p. 174)
• Every positive integer n ≥ 2 either is a prime or can be expressed as a product
of primes. The factorization into primes is unique except for the order of the
factors. (p. 174)
Canonical Decomposition of a Positive Integer N
• N = pa1
1 pa2
2 ···p
ak
k , where p1,p2,...,pk are distinct primes, p1 p2 ···
pk and ai ≥ 0. (p. 176)
Dirichlet’s Theorem
If a and b are relatively prime, then the arithmetic sequence a,a + b,a + 2b,a +
3b,... contains infinitely many primes. (p. 182)
Least Common Multiple (lcm)
• The lcm [a,b] of two positive integers a and b is the least positive integer
divisible by both. (p. 184)
• A positive integer m = [a,b] if
• a|m and b|m; and
• if a|m and b|m, then m ≤ m, where m is a positive integer. (p. 184)
• [a,b] = ab/(a,b) (p. 185)
• [a1,a2,...,an] = [[a1,a2,...,an−1],an] (p. 187)
• If a1,a2,...,an are pairwise relatively prime, then [a1,a2,...,an] =
a1a2 ···an−1an. (p. 187)
Linear Diophantine Equations (LDEs)
• An LDE in two variables x and y is of the form ax + by = c, where a, b, and
c are integers. (p. 189)
• It is solvable if and only if d|c, where d = (a,b). (p. 192)
• If d|c, the general solution of the LDE is x = x0 + (b/d)t, y = y0 − (a/d)t,
where x0, y0 is a particular solution. (p. 192)
• LDEs can be solved by Euler’s method. (p. 199)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-258-320.jpg)
![208 CHAPTER 3 Greatest Common Divisors
Using Theorem 3.17, find the lcm of the given integers.
43. 48, 64 44. 56, 76 45. 70, 90 46. 123, 243
47–50. Find the lcm of the integers in Exercises 9–12.
Prove each, where a, b, c, d, m, and n are positive integers.
51. Let p be a prime such that p|an. Then pn|an.
52. If a|m and b|m, then [a,b]|m.
53. The product of three consecutive integers is divisible by 6.
54. The gcd of two consecutive integers is 1.
55. The gcd of twin primes is 1.
56. If d|ab, d|ac, and (b,c) = 1, then d|a.
57. If a|b and c|d, then (a,c)|(b,d).
58. If a|b and c|d, then [a,c]|[b,d].
59. The product of two integers of the form 4n + 3 is of the form 4n + 1.
60. The product of n integers of the form 4k + 1 is also of the same form.
61. A positive integer is a cube if and only if each exponent in its canonical decom-
position is divisible by 3.
62. There is an infinite number of primes of the form 6n + 1.
63. There is an infinite number of primes of the form 7n + 4.
64. (ca1,ca2,...,can) = c(a1,a2,...,an)
65. Let p be a prime such that p|n!. Then the exponent of p in the canonical decom-
position of n! is
n/p +
n/p2 +
n/p3 + ···. (Note: This sum is finite since
n/pm = 0 when pm n.)
66. Let b = a + 2, where a is odd and 3 ab. Then 12|(a + b). (M. Beiler, 1967)
67. ([a,b],[b,c],[c,a]) = [(a,b),(b,c),(c,a)]
68. [a,b,c] =
abc(a,b,c)
(a,b),(b,c),(c,a)
69. 6nn!|(3n)!, where n ≥ 0. (C. W. Trigg, 1968)
Using Exercise 65, find the canonical decomposition of each.
70. 12! 71. 15!
72. 18! 73. 23!
Determine whether each LDE is solvable.
74. 24x + 52y = 102 75. 76x + 176y = 276
Find the general solution of each LDE.
76. 12x + 20y = 28 77. 76x + 176y = 276
78–79. Solve the LDEs in Exercises 76 and 77 by Euler’s method.
80. Solve the LDE in Example 3.23 by Euler’s method.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-260-320.jpg)
![Supplementary Exercises 209
81. Solve the LDE in Exercise 40 in Section 3.5 by Euler’s method.
82. A farmer bought some calves and sheep for $39,500, at $475 a calf and $275 a
sheep. If she bought more calves than sheep, find the minimum number of calves
she must have bought.
83. A shopper bought some apples, oranges, and pears, a total of a dozen fruits. They
cost 75¢, 30¢, and 60¢ apiece respectively, for a total of $6.30. If he bought at
least one fruit of each kind, how many apples, oranges, and pears did he buy?
X SUPPLEMENTARY EXERCISES
In Exercises 1–10, n is a positive integer and n = [1,2,3,...,n].
1. Find n for n = 5, 6, 7, and 8.
2. Let n = pk, where p is a prime and k is a positive integer. Prove that n =
p(n − 1).
3. Using Exercise 2, compute 9.
4. Using the fact that n =
p≤n
pe, where pe denotes the largest prime-power ≤ n,
compute 9, 10, and 11.
5. Show that (n + 1) + 2,(n + 1) + 3,...,(n + 1) + (n + 1) are consecutive
composite numbers.
6. Using Exercise 5, find six consecutive composite numbers.
7. Compute n + 1 for 1 ≤ n ≤ 7 and make a conjecture.
8. Is 8 + 1 a prime?
9. Compute n − 1 for 3 ≤ n ≤ 8 and make a conjecture.
10. Is 9 − 1 a prime?
11. Let a, b, and c be positive integers such that a + b = c. Let m = [a,b]. Prove
that (c,m) = (a,b). (H. H. Berry, 1951)
Let a, b, m, and n be any positive integers, where a b. Prove each.
12. (am − 1,an − 1) = a(m,n) − 1
13.
an − bn
a − b
,a − b
= (n(a,b)n−1,a − b). (T. M. Apostol, 1980)
14. Use Exercise 13 to deduce that if p is a prime and (a,b) = 1, then
ap − bp
a − b
,a − b
= 1 or p. (T. M. Apostol, 1980)
15. Let m and n be any positive integers, and let a and b be relatively prime inte-
gers with a b. Prove that (am − bm,an − bn) = a(m,n) − b(m,n). (T. M. Apos-
tol, 1981)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-261-320.jpg)
![4.1 Congruences 213
The following result is simple, but useful. It translates congruence into equality
and enables us to characterize congruences in a different way. Throughout our dis-
cussion of congruences, assume that all letters denote integers and all moduli (plural
of modulus) are positive integers.
THEOREM 4.1 a ≡ b (mod m) if and only if a = b + km for some integer k.
PROOF
Suppose a ≡ b (mod m). Then m|(a − b), so a − b = km for some integer k; that is,
a = b + km. Conversely, suppose a = b + km for some integer k. Then a − b = km,
so m|(a − b) and consequently, a ≡ b (mod m).
For example, 23 ≡ 3 (mod 5) and 23 = 3 + 4 · 5; on the other hand, 49 = −5 +
9 · 6, so 49 ≡ −5 (mod 6).
A useful observation: It follows from the definition (also from Theorem 4.1) that
a ≡ 0 (mod m) if and only if m|a; that is, an integer is congruent to 0 if and only if
it is divisible by m. Thus, a ≡ 0 (mod m) and m|a mean exactly the same thing. For
instance, 28 ≡ 0 (mod 4) and 4|28.
Using the congruence relation, Dirichlet’s theorem (Theorem 3.16) can be re-
stated as follows: There are infinitely many primes p such that p ≡ a (mod b), where
(a,b) = 1.
The following theorem presents three additional properties of congruence.
THEOREM 4.2
• a ≡ a (mod m). (Reflexive property)
• If a ≡ b (mod m), then b ≡ a (mod m). (Symmetric property)
• If a ≡ b (mod m) and b ≡ c (mod m), then a ≡ c (mod m). (Transitive
property)
PROOF
• Since m|(a − a), a ≡ a (mod m).
• Suppose a ≡ b (mod m). Then m|(a − b); that is, m|−(b − a). So m|(b − a);
that is, b ≡ a (mod m).
• Suppose a ≡ b (mod m) and b ≡ c (mod m). Then m|(a − b) and m|(b − c),
so, by Theorem 2.4, m|[(a − b) + (b − c)]; that is, m|(a − c); consequently,
a ≡ c (mod m).](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-265-320.jpg)
![216 CHAPTER 4 Congruences
Let ti ≡
i
j=1
dj (mod 7), where 1 ≤ i ≤ 12. Then ti represents the total number
of days the day of December 13 must be moved forward to determine the day of the
thirteenth in month Mi.
For example, t3 ≡ d1 + d2 + d3 = 3 + 3 + 0 ≡ 6 (mod 7). So, the day of De-
cember 13, 2000 (Wednesday), must be advanced by six days to determine the day
of March 13, 2001; it is given by day (3 + 6) = day 2 = Tuesday.
Notice that the various values of ti modulo 7 are 3, 6, 6, 2, 4, 0, 2, 5, 1, 3, 6,
and 1, respectively; they include all the least residues modulo 7. Knowing the day of
December 13, we can use these least residues to determine the day of the thirteenth
of each month Mi in a nonleap year.
Table 4.1 summarizes the day of the thirteenth of each month in a nonleap year,
corresponding to every choice of the day of December 13 of the previous year. You
can verify this. Notice from the table that there can be at most three Friday-the-
Thirteenths in a nonleap year.
ti Jan. Feb. March April May June July Aug. Sept. Oct. Nov. Dec.
3 6 6 2 4 0 2 5 1 3 6 1
Dec. 13
Sun 3 6 6 2 4 0 2 5 1 3 6 1
Mon 4 0 0 3 5 1 3 6 2 4 0 2
Tue 5 1 1 4 6 2 4 0 3 5 1 3
Wed 6 2 2 5 0 3 5 1 4 6 2 4
Thu 0 3 3 6 1 4 6 2 5 0 3 5
Fri 1 4 4 0 2 5 0 3 6 1 4 6
Sat 2 5 5 1 3 6 1 4 0 2 5 0
Table 4.1 Day of the thirteenth in each month in a nonleap year.
For a leap year, the various values of di are 3, 3, 1, 3, 2, 3, 2, 3, 3, 2, 3, and 2;
and the corresponding values of ti are 3, 6, 0, 3, 5, 1, 3, 6, 2, 4, 0, and 2. Using these,
we can construct a similar table for a leap year.
We now return to additional properties of congruence.
Congruence Classes
Using least residues, the set of integers Z can be partitioned into m nonempty pair-
wise disjoint classes, called congruence classes modulo m. To elucidate this, let [r]
denote the set of integers that have r as their least residue modulo m. For example,](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-268-320.jpg)
![4.1 Congruences 217
the various congruence classes modulo 5 are
[0] = {...,−10,−5,0,5,10,...}
[1] = {...,−9,−4,1,6,11,...}
[2] = {...,−8,−3,2,7,12,...}
[3] = {...,−7,−2,3,8,13,...}
[4] = {...,−6,−1,4,9,14,...}
Clearly, these classes are nonempty, pairwise disjoint, and their union is the set
of integers. Accordingly, these classes form a partitioning of the set of integers, as
Figure 4.1 shows. The least residues 0, 1, 2, 3, and 4 serve as representatives (or
goodwill ambassadors) of the classes [0], [1], [2], [3], and [4], respectively.
Figure 4.1
In general, we do not need to select the least residues to represent the congruence
classes. By Theorem 4.3, two integers belong to the same class if and only if they
leave the same remainder when divided by m; therefore, any element of the class
[r] can serve as a valid representative. For example, 5, 6, −3, 8, and −6 can serve
as ambassadors of the classes [0], [1], [2], [3], and [4], respectively. Such a set of
integers is a complete set of residues modulo 5.
A Complete Set of Residues Modulo m
A set of m integers is a complete set of residues modulo m if every integer is con-
gruent modulo m to exactly one of them.
Thus, the set of integers {a1,a2,...,am} is a complete set of residues modulo
m, if they are congruent modulo m to the least residues 0,1,2,...,(m − 1) in some
order. For instance, the set {−12,9,6,23} is a complete set of residues modulo 4
since −12 ≡ 0 (mod 4), 9 ≡ 1 (mod 4), 6 ≡ 2 (mod 4), and 23 ≡ 3 (mod 4).](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-269-320.jpg)
![4.1 Congruences 223
32 ≡ 9 (mod 25) 34 = 92 ≡ 6 (mod 25)
38 ≡ 62 ≡ 11 (mod 25) 316 ≡ 112 ≡ 21 (mod 25)
332 ≡ 212 ≡ 16 (mod 25) 364 ≡ 162 ≡ 6 (mod 25)
3128 ≡ 62 ≡ 11 (mod 25)
(128 is the largest power of 2 contained in 247.)
Then
3247
= 3128+64+32+16+4+2+1
= 3128
· 364
· 332
· 316
· 34
· 32
· 31
≡ 11 · 6 · 16 · 21 · 6 · 9 · 3 (mod 25)
≡ 11 · (6 · 16) · 21 · (6 · 9) · 3 (mod 25)
≡ [11 · (−4)] · [(−4) · 4] · 3 ≡ 6 · 9 · 3 ≡ (6 · 9) · 3 (mod 25)
≡ 4 · 3 ≡ 12 (mod 25)
Thus, 12 is the desired remainder.
The amount of work in such a problem can be greatly reduced if we introduce
negative residues, as the following example shows.
EXAMPLE 4.11 Find the remainder when 3181 is divided by 17.
SOLUTION
We have
32 ≡ 9 (mod 17) 34 ≡ −4 (mod 17) 38 ≡ −1 (mod 17)
316 ≡ 1 (mod 17) 332 ≡ 1 (mod 17) 364 ≡ 1 (mod 17)
3128 ≡ 1 (mod 17)
Therefore:
3181
= 3128
· 332
· 316
· 34
· 31
≡ 1 · 1 · 1 · 13 · 3 (mod 17)
≡ 5 (mod 17)
Thus, the desired remainder is 5.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-275-320.jpg)
![4.1 Congruences 225
EXAMPLE 4.14 Find the remainder when (n2 + n + 41)2 is divided by 12.
PROOF
First, notice that the product of four consecutive integers is divisible by 12; that is,
(n − 1)n(n + 1)(n + 2) ≡ 0 (mod 12).
We have
(n2
+ n + 41)2
≡ (n2
+ n + 5)2
(mod 12)
≡ (n4
+ 2n3
+ 11n2
+ 10n + 25) (mod 12)
≡ (n4
+ 2n3
− n2
− 2n) + 1 (mod 12)
≡ n(n3
+ 2n2
− n − 2) + 1 (mod 12)
≡ n[n2
(n + 2) − (n + 2)] + 1 (mod 12)
≡ n(n + 2)(n2
− 1) + 1 (mod 12)
≡ (n − 1)n(n + 1)(n + 2) + 1 (mod 12)
≡ 1 (mod 12)
Thus when (n2 + n + 41)2 is divided by 12, the remainder is 1.
In Example 2.29 we found that the Fermat number f5 = 225
+ 1 is divisible
by 641. The next example furnishes an elegant alternate proof of this fact, using
congruences.
EXAMPLE 4.15 Show that f5 = 225
+ 1 is divisible by 641.
PROOF
First, notice that 640 ≡ −1 (mod 641); that is, 5 · 27 ≡ −1 (mod 641). Therefore,
54
· 228
≡ 1 (mod 641) (4.1)
But 54 = 625 ≡ −16 ≡ −24 (mod 641), so congruence (4.1) can be rewritten as
(−24)(228) ≡ 1 (mod 641); that is, 232 ≡ −1 (mod 641). Thus, 641|f5.
We now examine some additional properties of congruences.
The cancellation property of multiplication says, if ac = bc and c = 0, then
a = b.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-277-320.jpg)
![228 CHAPTER 4 Congruences
Now we will see how congruences of two numbers with different moduli can be
combined into a single congruence.
THEOREM 4.8 If a ≡ b (mod m1), a ≡ b (mod m2), ..., a ≡ b (mod mk), then a ≡ b (mod [m1,m2,
...,mk]).
PROOF
By the given hypotheses, m1|(a − b), m2|(a − b),...,mk|(a − b), so, by Corol-
lary 3.12, [m1,m2,...,mk]|(a − b); that is, a ≡ b (mod [m1,m2,...,mk]).
The following example illustrates this result.
EXAMPLE 4.19 You can verify that 197 ≡ 77 (mod 6), 197 ≡ 77 (mod 10), and 197 ≡ 77 (mod 15);
so by Theorem 4.8, 197 ≡ 77 (mod [6,10,15]); that is, 197 ≡ 77 (mod 30).
The following corollary follows easily from this theorem.
COROLLARY 4.5 If a ≡ b (mod m1), a ≡ b (mod m2), ..., a ≡ b (mod mk), where the moduli are
pairwise relatively prime, then a ≡ b (mod m1m2 ···mk).
E X E R C I S E S 4.1
Mark True or False, where a, b, c, and d are arbitrary
integers, m a positive integer, and p a prime.
1. 12 ≡ −3 (mod 5) 2. 18 ≡ −2 (mod 4)
3. 10 ≡ 1 (mod 9) 4. 10 ≡ −1 (mod 11)
5. a ≡ a (mod m)
6. If a ≡ b (mod m), then b ≡ a (mod m).
7. If a ≡ b (mod m) and b ≡ c (mod m), then a ≡ c
(mod m).
8. If a ≡ b (mod m), then −a ≡ −b (mod m).
9. If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡
b + d (mod m).
10. If a + c ≡ b + c (mod m), then a ≡ b (mod m).
11. If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd
(mod m).
12. If ac ≡ bc (mod m), then a ≡ b (mod m).
13. If a ≡ b (mod m), then a2 ≡ b2 (mod m).
14. If a2 ≡ b2 (mod m), then a ≡ b (mod m).
15. If a ≡ b (mod m) and a ≡ b (mod n), then a ≡ b
(mod m + n).
16. If a ≡ b (mod m) and a ≡ b (mod n), then a ≡ b
(mod mn).
17. If ab ≡ 0 (mod m), then a ≡ 0 (mod m) and b ≡ 0
(mod m).
18. If a ≡ b (mod m), then m (a − b).
19. If a ≡ b (mod m), then b ≡ a (mod m).
20. If a ≡ b (mod m) and b ≡ c (mod m), then a ≡ c
(mod m).
21. If a ≡ 0 (mod m) and b ≡ 0 (mod m), then ab ≡ 0
(mod m).
22. If ac ≡ bc (mod p) and p c, then a ≡ b (mod p).
23. 9100 − 1 is divisible by 10.
24. 102001 + 1 is divisible by 11.
Rewrite each sentence in Exercises 25–28, using the con-
gruence symbol.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-280-320.jpg)
![230 CHAPTER 4 Congruences
85. Using congruences, show that the only Fermat num-
ber that is also triangular is 3. (S. Asadulla, 1987)
86. 1155 n7777 +7777n+1, where n is a square. (A. Ku-
mar, 2003)
87. The last n + 1 digits of 52n
are the same as those of
52n−1
, where n ≥ 3. (P. A. Lindstrom, 2005)
88.
2p
p
≡ 2 (mod p), where p 2. (J. M. Gandhi,
1959)
89. p|
2p
r
, where 0 r p.
90. By Theorem 3.18, every prime factor of fn is of the
form k · 2n+2 + 1, where n ≥ 2. Then k2n
≡ (−1)n
(mod p).
91. Find all primes p such that p,p + 2d, and p + 4d are
primes, where 3 d. (M. S. Klamkin, 1967)
92. Find the number of entries in row 2p of Pascal’s tri-
angle that are divisible by p, where p is an odd prime.
93. Find the remainder when googolplex is divided by 7.
(H. W. Kickey, 1966)
4.2 Linear Congruences
In the previous section we studied the language of congruences and some fundamen-
tal properties of congruences. Now we look at congruences containing variables,
such as 3x ≡ 4 (mod 5), x2 ≡ 1 (mod 8), and x2 + 2 ≡ 3x (mod 5). The simplest
such congruence is the linear congruence ax ≡ b (mod m). We will now see that
linear congruences and LDEs are interlinked. We will also learn a necessary and
sufficient condition for a linear congruence to be solvable.
By a solution of the linear congruence, we mean an integer x0 such that ax0 ≡ b
(mod m). For example, 3 · 3 ≡ 4 (mod 5), so 3 is a solution of the congruence 3x ≡ 4
(mod 5). But the congruence 4x ≡ 1 (mod 2) has no solutions, since 2 (4x − 1) for
any integer x.
To see the link between linear congruences and LDEs, consider ax ≡ b (mod m).
Then, by Theorem 4.1, ax = b + my for some integer y. Consequently, ax ≡ b
(mod m) is solvable if and only if the LDE ax − my = b is solvable.
Suppose x0 is a solution of the congruence ax ≡ b (mod m); then ax0 ≡ b
(mod m). Suppose, in addition, x1 ≡ x0 (mod m). Then, by Corollary 4.4, ax1 ≡ ax0
(mod m), so, by transitivity, ax1 ≡ b (mod m); thus, x1 is also a solution of the con-
gruence. But x1 and x0 belong to the same congruence class; so if x0 is a solution,
then every member of its class is also a solution.
For instance, since 3 is a solution of the linear congruence 3x ≡ 4 (mod 5), every
member of the congruence class [3] = {...,−7,−2,3,8,13,...} is also a solution;
they are given by x = 3 + 5t:
3(3 + 5t) = 9 + 15t](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-282-320.jpg)
![4.2 Linear Congruences 235
This yields
7x ≡ 100 (mod 4)
3x ≡ 0 (mod 4)
Therefore,
3(3x) ≡ 3 · 0 (mod 4) [Note: 3−1
≡ 3 (mod 4)]
x ≡ 0 (mod 4)
So x = 4t. Substituting for x in equation (4.4), we get
7(4t) + 4y = 100
y = 25 − 7t
Now substitute for x and y in equation (4.2):
4t + (25 − 7t) + z = 100
z = 3t + 75
Thus, the general solution is x = 4t, y = 25 − 7t, z = 75 + 3t, exactly the same as
the one obtained in Example 3.21.
The following example is an interesting application of Theorems 3.13 and 4.10,
and is a continuation of Example 3.12.
EXAMPLE 4.25 Find the last nonzero digit (from the left) in the decimal value of 234!.
SOLUTION
First, notice that the product of the four integers between any two consecutive
multiples of 5 is congruent to −1 modulo 5; that is, if n ≡ 0 (mod 5), then
(n + 1)(n + 2)(n + 3)(n + 4) ≡ 1 · 2 · 3 · 4 ≡ −1 (mod 5).
In Example 3.12, we found that 234! has 46 + 9 + 1 = 56 trailing zeros. Con-
sequently, the desired digit d is the ones digit in 234!/1056. Since the canonical
decomposition of 234! contains more 2s than 5s, d must be even. Thus, d = 2,4,6,
or 8. To extract the correct value of d, we compute 234!/1056 (mod 5) in seven steps:](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-291-320.jpg)
![Review Exercises 241
Congruences
• a ≡ b (mod m) if and only if m|(a − b). (p. 212)
• a ≡ b (mod m) if and only if a = b + km for some integer k. (p. 213)
• a ≡ a (mod m) (reflexive property) (p. 213)
• If a ≡ b (mod m), then b ≡ a (mod m) (symmetric property). (p. 213)
• If a ≡ b (mod m) and b ≡ c (mod m), then a ≡ c (mod m) (transitive prop-
erty). (p. 213)
• If a ≡ b (mod m), then
• a + c ≡ b + c (mod m) (p. 219)
• ac ≡ bc (mod m) (p. 219)
• an ≡ bn (mod m) (p. 220)
• If ac ≡ bc (mod m) and (c, m) = 1, then a ≡ b (mod m). (p. 226)
• If ac ≡ bc (mod m) and (c, m) = d, then a ≡ b (mod m/d). (p. 227)
• If a ≡ b (mod mi), where 1 ≤ i ≤ k, then a ≡ b (mod [m1,m2,...,mk]).
(p. 228)
Linear Congruences
• A congruence of the form ax ≡ b (mod m) is a linear congruence. (p. 230)
• The linear congruence ax ≡ b (mod m) is solvable if and only if d|b, where
d = (a,m); when solvable, it has d incongruent solutions. (p. 231)
• The unique solution of ax ≡ b (mod m), where (a,m) = 1, is the least residue
of a−1b modulo m. (p. 234)
The Pollard Rho Factoring Method
• Let x0 be a starting value and f(x) = x2 +a, where a = 0, −2. Then (xj −xi,n)
is a nontrivial factor of n. (p. 238)
X REVIEW EXERCISES
1. If today is Thursday, what day will it be in 1001 days?
2. If today is Wednesday, what day will it be in 4567 days?
3. If it is 11:30 A.M. now, what time will it be in 1770 hours?
4. If it is 11:30 P.M. now, what time will it be in 4455 hours?
5. Give a counterexample to show that (a,m) = (b,m) does not imply that a ≡ b
(mod m).
Let p be a prime. What is your conclusion if](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-297-320.jpg)
} (F. J. Durante, 1955)
57. 2p + 3p is never a perfect power, where p 2. (E. Just, 1973)
58. Let p2 ≡ p (mod p). Then p2n−1 +p2n−3 +···+p+n ≡ 0 (mod 3) (R. S. Luthar
and S. Wurzel, 1966)
X SUPPLEMENTARY EXERCISES
1. The integer 1287xy6 is a multiple of 72. Find the number xy. (Mathematics
Teacher, 1986)
2. Solve: 1! + 2! + 3! + ··· + n! = m2. (E. T. H. Wang, 1979)
3. Find the largest factor of An = 2801n − 2696n − 2269n + 169n, for all n ≥ 1.
(The Mathematica Gazette, 1995)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-299-320.jpg)
![Enrichment Readings 245
7. Solve the original monkey and coconuts puzzle.
8. Solve Williams’ version of the monkey and coconuts puzzle.
9. Construct a table of values of the function K(n) = [(n+8d)/9]2 −[(n+8d)/9]+
41, where −167 ≤ n ≤ 168 and d is the least residue of n modulo 9. Identify each
value as prime or composite. (T. Koshy, 1994)
10. Redo Program 9 with K(n) = [(n + 8d)/9]2 − 79[(n + 8d)/9] + 1601, where
0 ≤ n ≤ 367 and d is the least residue of n modulo 9. Identify each value as
prime or composite. (T. Koshy, 1994)
11. Using the Pollard rho method, factor 232 + 1 and 264 + 1.
X ENRICHMENT READINGS
1. I. G. Bashmakova, Diophantus and Diophantine Equations, Mathematical Asso-
ciation of America, Washington, DC, 1997.
2. A. H. Beiler, Recreations in the Theory of Numbers, Dover, New York, 1966,
pp. 31–38.
3. M. Gardner, Mathematical Puzzles and Diversions, University of Chicago Press,
Chicago, 1987.
4. T. Koshy, “Linear Diophantine Equations, Linear Congruences, and Matrices,”
The Mathematics Gazette, 82 (July 1998), 274–277.
5. C. S. Ogilvy and J. T. Anderson, Excursions in Number Theory, Dover, New York,
1966.
6. F. Sajdak, “The Rosberry Conjecture,” Mathematical Spectrum, 28 (1995–1996),
33.
7. S. Singh and D. Bhattacharya, “On Dividing Coconuts,” The College Mathematics
Journal, 28 (May 1987), 203–204.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-301-320.jpg)
![5.2 Modular Designs 253
29. 7961 − 1976 = 59d5 30. 7167 − 1776 = 53d1
31. 253 · 86 = 2d758 32. 123 · 98 = 120d4
33. Find all four-digit integers of the form 4ab8 that are
divisible by 2, 3, 4, 6, 8, and 9. (Mathematics Teacher,
1992)
34. The seven-digit number 21358ab is divisible by 99.
Find a and b. (Mathematics Teacher, 1992)
35. Find the smallest number that leaves a remainder i
when divided by i + 1, where 1 ≤ i ≤ 9. (Mathemat-
ics Teacher, 1993)
36. Show that every six-digit number of the form abcabc
is divisible by 7, 11, and 13.
37. Develop a divisibility test for 37.
[Hint: 103 ≡ 1 (mod 37).]
A procedure similar to casting out nines, called casting
out twos, can be applied to check the accuracy of numeric
computations of binary numbers. In this process, we can-
cel pairs of bits that add up to 0 modulo 2. Using casting
out twos, determine whether each computation is proba-
bly correct or definitely wrong.
38. 10110110
1011111
+ 1110011
110001100
39. 110110111
− 11001101
11101010
40. 1011101
× 1011
1111110011
Find the digital root of each.
41. 16,429,058 42. 1776
43. 17761776 44. 20209999
45. Suppose the digital root of an integer n is 9. Show that
the digital root of any multiple of n is also 9.
Determine whether each can be a square.
46. 54,893,534,046 47. 61,194,858,376
48. Find the possible values of the digital root of a cube.
Prove each.
49. The units digit of a triangular number is 0, 1, 3, 5, 6,
or 8.
50. If a three-digit integer abc is divisible by 37, then its
cyclic permutations are also divisible by 37.
51. Let d|Rn, where Rn is a repunit. If d|anan−1 ...a0,
then d divides every cyclic permutation of
anan−1 ...a0.
52. The digital root ρ(fn) of the nth Fermat number fn is
given by
ρ(fn) =
5 if n is odd
8 otherwise
53. 22000 + 22001 + 22003 + 22007 is not a square.
54. Every integer n in base b is congruent to the sum of
its digits modulo b − 1.
5.2 Modular Designs
Modular arithmetic can be used to create beautiful designs. We will now explore
three such designs: an m-pointed star, an (m, n) residue design, and quilt designs.
They are really fun, so enjoy them.
m-Pointed Stars
To construct an m-pointed star, mark m equally spaced points on a large circle, and
label them with the least residues 0 through (m−1) modulo m. Choose a least residue](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-309-320.jpg)
![270 CHAPTER 5 Congruence Applications
number of a bank note. A typical serial number consists of ten alphanumeric symbols
s1,s2,...,s10, and a check digit s11. For example, the alphanumeric serial number
of the bank note in Figure 5.23 is DD4170295U7 and the check digit is 7; the bank
note features Gauss and his celebrated normal curve.
Figure 5.23 A German bank note with serial number DD4170295U7 and check
digit 7.
To compute the check digit, we apply the following algorithm:
• Convert the letters into their numeric codes, using Table 5.3:
A D G K L N S U Y Z
0 1 2 3 4 5 6 7 8 9
Table 5.3
• Let f : S → S, defined as follows, where S = {0,1,...,9}:
f(0) = 1 f(1) = 5 f(2) = 7 f(3) = 6 f(4) = 2
f(5) = 8 f(6) = 3 f(7) = 0 f(8) = 9 f(9) = 4
( f is a permutation of the elements of S.) Let fn = f ◦ fn−1, where ◦ denotes
the composition of functions, f0 is the identity function, and n ≥ 1. [For ex-
ample, f3(5) = f(f(f(5))) = f(f(8)) = f(9) = 4.]](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-326-320.jpg)
![288 CHAPTER 5 Congruence Applications
25. 2000 26. 2020
27. 2076 28. 3076
(Easter Sunday) The date for Easter Sunday in any
year y can be computed as follows. Let a = y mod 19,
b = y mod 4, c = y mod 7, d = (19a + 24) mod 30, e =
(2b + 4c + 6d + 5) mod 7, and r = 22 + d + e. If r ≤ 31,
then Easter Sunday is March r; otherwise, it is April
[r (mod 31)]. Compute the date for Easter Sunday in each
year.
29. 1996 30. 2000
31. 2076 32. 3000
We can calculate the day of the week for the rth day of an
arbitrary month m in year y in the Gregorian calendar by
a different formula
d ≡](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-391-320.jpg)
![290 CHAPTER 5 Congruence Applications
Determine whether each is a valid UPC number.
26. 0-49200-05100-9 27. 0-13130-03622-4
28. Prego spaghetti sauce, made by Campbell Soup Company, has a country code,
manufacturer code, and product code of 0, 51000, and 02549, respectively. Com-
pute its UPC number.
29. Compute the UPC number for Classic Ovaltine by Sandoz Nutrition Corpora-
tion if the country code, manufacturer code, and product code are 7, 51746, and
03361, respectively.
30. The United Parcel Service assigns to each parcel an identification number of
nine digits and a check digit. The check digit is the least residue modulo 9 of the
nine-digit number. Find the check digit for 038575447.
31. Libraries use a sophisticated code-a-bar system to assign each book a 13-
digit identification number d1d2 ...d13 and a check digit d14. The check digit
is computed as d14 ≡ [−(d1,d2,...,d13) · (2,1,2,1,2,1,2,1,2,1,2,1,2) − k]
(mod 10), where k denotes the number of digits among d1, d3, d5, d7, d9, d11,
and d13 greater than or equal to 5. Compute the check digit for 3-3014-00099-
073.
A MasterCard number contains 16 digits d1 through d16, with d16 being the check
digit. It is computed as
d16 ≡ −
8
i=1
ρ(2d2i−1) +
7
i=1
d2i
(mod 10)
where ρ(m) denotes the digital root of m. (ρ is the Greek letter rho.) Compute the
check digit if the 15-digit identification number is
32. 5300-7402-4001-638 33. 5329-0419-4253-736
Determine the day of the week of each historical date.
34. December 21, 1620 (the Pilgrims landed at Plymouth, Massachusetts)
35. February 1, 1790 (the first meeting of the U.S. Supreme Court)
Compute the missing check digit in each VIN.
36. JT2DB02T–T0049506 37. 1B4GP44R–XB582510
Compute the missing check digit in each German bank note serial number.
38. YA8174491A– 39. DG6244129Y–](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-399-320.jpg)
![Computer Exercises 291
X SUPPLEMENTARY EXERCISES
Let ρ(n) denote the digital root of a positive integer n. Prove each, where m and n
are positive integers.
1. ρ(ρ(n)) = ρ(n)
2. ρ(m + n) = ρ(ρ(m) + ρ(n))
3. ρ(mn) = ρ(ρ(m)ρ(n))
Prove each.
4. An integer n = (nknk−1 ...n1n0)b is divisible by di if and only if the integer
(ni−1 ...n1n0)b is divisible by di, where d|b and i 0.
5. An integer n = (nknk−1 ...n1n0)b is divisible by d if and only if the integer
nk + ··· + n1 + n0 is divisible by d, where d|(b − 1).
6. Let a and d be positive integers such that d|(10a − 1). Then d|10q + r if and
only if d|q + ar. (C. F. Liljevalch, 1838)
Using Liljevalch’s theorem in Exercise 6, deduce a divisibility test for each number.
7. 3 8. 7 9. 9 10. 11
11. 13 12. 17 13. 19
Using the divisibility tests in Exercises 7–13, determine whether each integer is di-
visible by the corresponding second integer.
14. 1953, 7 15. 28303, 11 16. 51814, 17 17. 61731, 19
18. Suppose a two-digit number N is divisible by 7. Reverse its digits; add the
tens digit of N to it. Prove that the resulting number N is also divisible by 7.
(A. P. Stevens, 1951)
19. Suppose a three-digit number N is divisible by 7. Reverse its digits; subtract the
difference of its end digits from the reverse. Prove that the resulting number N
is also divisible by 7. (A. P. Stevens, 1951)
20. Find the least positive integer that equals eleven times the sum of its digits.
21. Find the digital root of the integer n = 2p−1(2p − 1), where p and 2p − 1 are
primes.
[Hint: 2 ≡ −1 (mod 3).]
X COMPUTER EXERCISES
Write a program to perform each task.
1. Read in a positive integer n and find the largest exponent i such that 2i|n.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-400-320.jpg)
![6.1 The Chinese Remainder Theorem 297
In this example, 52 is the unique solution to the puzzle modulo 105, where the
moduli are pairwise relatively prime. The following theorem is called the Chinese
Remainder Theorem (CRT) in honor of early contributions by Chinese mathemati-
cians to the theory of congruences. It shows that every linear system in the same
single variable with pairwise relatively prime moduli has a unique solution. Sun-
Tsu’s puzzle is the earliest known instance of the CRT. A general method for solving
such linear systems can be found in Mathematical Treatise in Nine Sections, written
by Ch’in Chiu-Shao (1202–1261) in 1247.
THEOREM 6.1 (The Chinese Remainder Theorem) The linear system of congruences x ≡
ai (modmi), where the moduli are pairwise relatively prime and 1 ≤ i ≤ k, has a
unique solution modulo m1m2 ···mk.
PROOF
The proof consists of two parts. First, we will construct a solution and then show that
it is unique modulo m1m2 ···mk.
Let M = m1m2 ···mk and Mi = M/mi, 1 ≤ i ≤ k. Since the moduli are pairwise
relatively prime, (Mi,mi) = 1 for every i. Also, Mi ≡ 0 (modmj) whenever i = j.
To construct a solution to the linear system:
Since (Mi, mi) = 1, by Corollary 4.6, the congruence Miyi ≡ 1 (modmi) has a unique
solution yi. (yi is in fact the inverse of Mi modulo mi.) Let x = a1M1y1 + a2M2y2 +
··· + akMkyk.
To show that x is a solution of the linear system, we have
x =
k
i=1
i=j
aiMiyi + ajMjyj
≡
i=j
ai · 0 · yi + aj · 1 (modmj)
≡ 0 + aj (modmj)
≡ aj (modmj), 1 ≤ j ≤ k
Thus, x satisfies every congruence in the system, so x is a solution of the linear
system.
To show that the solution is unique modulo M:
Let x0 and x1 be two solutions of the system. We shall show that x0 ≡ x1 (modM).
Since x0 ≡ aj (modmj) and x1 ≡ aj (modmj) for 1 ≤ j ≤ k, x1 −x0 ≡ 0 (modmj);
that is, mj|(x1 − x0) for every j. By Corollary 3.12, [m1,m2,...,mk]|(x1 − x0). But,
by Corollary 3.11, [m1,m2,...,mk] = M. Therefore, M|(x1 − x0), so x1 − x0 ≡](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-406-320.jpg)
![6.2 General Linear Systems (optional) 303
26. A child has some marbles in a box. If the marbles are
grouped in sevens, there will be five left over; if they
are grouped in elevens, there will be six left over; if
they are grouped in thirteens, eight will be left over.
Determine the least number of marbles in the box.
27. Find the largest integer 6000 that leaves the re-
mainders 0, 2, 3, and 5 when divided by 3, 5, 7, and
13, respectively.
28. Find the largest integer 4000 that leaves the re-
mainders 1, 2, 3, and 4 when divided by 5, 6, 7, and
11, respectively.
29. Find the smallest positive integer n, if it exists, such
that 23|n, 33|n + 1, and 43|n + 2.
30. Find the smallest positive integer n such that 33|n and
53|n + 1.
6.2 General Linear Systems (optional)
The proof of the CRT establishes a solution to a linear system with pairwise rela-
tively prime moduli and shows the solution is unique. It does not, however, indicate
anything about a system where the moduli are not necessarily pairwise relatively
prime. We will establish a necessary and sufficient condition for such a system to be
solvable.
We begin with the following theorem for a system consisting of two linear con-
gruences.
THEOREM 6.2 The linear system
x ≡ a (modm)
x ≡ b (modn)
is solvable if and only if (m, n)|(a − b). When it is solvable, the solution is unique
modulo [m,n].
PROOF
The proof consists of two parts. We will show that the linear system is solvable if
and only if (m,n)|(a − b); and when the system is solvable, the solution is unique
modulo [m,n].
• To show that the linear system is solvable if and only if (m,n)|(a − b):
Suppose x0 is a solution of the linear system. Then x0 ≡ a (modm) and x0 ≡
b (modn). The first congruence implies x0 = a + km for some integer k. So,
a + km ≡ b (modn); that is, mk ≡ b − a (modn). This congruence, by Theorem 4.9,
has a solution (for k) if and only if (m,n)|(b−a); that is, if and only if (m,n)|(a−b).](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-412-320.jpg)
![304 CHAPTER 6 Systems of Linear Congruences
• To show that the linear system has a unique solution when the system is solv-
able:
Suppose (m,n)|(a−b) and x0 is a solution of the linear system. Let x1 be an arbitrary
solution of the system. We will show that x1 ≡ x0 (mod[m,n]).
Because x1 and x0 are solutions of the linear system, x1 ≡ a (modm), x1 ≡
b (modn), x0 ≡ a (modm), and x0 ≡ b (modn).
Therefore, by symmetry and transitivity, x1 ≡ x0 (modm) and x1 ≡ x0 (modn).
Then m|(x1 − x0) and n|(x1 − x0), so by Corollary 3.11, [m,n]|(x1 − x0); that is,
x1 ≡ x0 (mod[m,n]).
Thus, every solution is congruent to x0 mod[m,n]; that is, the solution is unique
modulo [m,n].
Unlike the CRT, this theorem does not supply a formula for the solution to the
system. However, if we can find one solution x0, then the general solution is x =
x0 + [m,n]t, with t being an arbitrary integer.
The following example illustrates the theorem.
EXAMPLE 6.5 Determine whether the following linear systems are solvable.
1. x ≡ 3 (mod6) 2. x ≡ 7 (mod9)
x ≡ 5 (mod8) x ≡ 11 (mod12)
SOLUTION
1. Since (6,8) = 2 and 2|(3 − 5), the first linear system has a solution.
2. We have (9,12) = 3, but 3 (7 − 11), so the second system is not solvable.
The following example illustrates once again how we can employ iteration to
solve linear systems of congruences.
EXAMPLE 6.6 Solve the linear system
x ≡ 3 (mod6)
x ≡ 5 (mod8)
SOLUTION
By the preceding example, the system has a unique solution. Because x ≡ 3 (mod6),
x = 3 + 6t, with t being an arbitrary integer. Now substitute for x in the second](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-413-320.jpg)
![6.2 General Linear Systems (optional) 305
congruence:
3 + 6t
≡ 5 (mod8)
6t
≡ 2 (mod8)
Dividing both sides by 2, using Theorem 4.9,
3t
≡ 1 (mod4)
t
≡ 3 (mod4)
so t = 3 + 4t, with t being an arbitrary integer. Then x = 3 + 6(3 + 4t) = 21 + 24t.
Thus, x = 21 is the unique solution modulo [6,8] = 24.
Theorem 6.2 can be generalized to any system of linear congruences, as the
following theorem shows. We leave its proof as an exercise.
THEOREM 6.3 The linear system x ≡ ai (modmi) is solvable if and only if (mi,mj)|(ai − aj) for
every i and j, where 1 ≤ i j ≤ k. When it is solvable, the solution is unique modulo
[m1,m2,...,mk].
The following two examples demonstrate this theorem.
EXAMPLE 6.7 Determine whether the following linear systems are solvable:
1. x ≡ 4 (mod6) 2. x ≡ 3 (mod4)
x ≡ 2 (mod8) x ≡ 5 (mod9)
x ≡ 1 (mod9) x ≡ 7 (mod12)
SOLUTION
1. Since (6,8)|(4 − 2), (8,9)|(2 − 1), and (6,9)|(4 − 1), the first linear system
has a solution.
2. For the second congruence, (4,9)|(3−5), and (9,12)|(5−8), but (4,12) = 4
and 4 (3 − 8); so the second system is not solvable.
The following example shows how to solve a linear system using iteration.
EXAMPLE 6.8 Solve the linear system (1) in Example 6.7.
SOLUTION
By the preceding example, we know the system has a unique solution. To find it, the
first congruence implies x = 4 + 6w, with w being arbitrary.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-414-320.jpg)
![306 CHAPTER 6 Systems of Linear Congruences
Now substitute for x in the second congruence:
4 + 6w ≡ 2 (mod8)
6w ≡ −2 (mod8)
3w ≡ −1 (mod4), by Theorem 4.7
w ≡ 1 (mod4)
that is, w = 1 + 4v, so x = 4 + 6w = 10 + 24v.
Substitute for x in the third congruence:
10 + 24v ≡ 1 (mod9)
6v ≡ 0 (mod9)
2v ≡ 0 (mod3)
v ≡ 0 (mod3)
that is, v = 3t. Therefore, x = 10 + 24v = 10 + 72t, where 72 = [6,8,9]. So the
unique solution is 10 modulo 72.
Suppose the moduli of the linear system in Theorem 6.3 are pairwise relatively
prime. Then (mi,mj) = 1 for every pair of i and j, so (mi,mj)|(ai −aj) for i = j. Thus,
the system is solvable; further, since [m1,m2,...,mk] = m1m2 ···mk, the solution is
unique modulo m1m2 ···mk. Thus, the CRT follows from Theorem 6.3 in the form
of the following corollary.
COROLLARY 6.1 (The Chinese Remainder Theorem) The linear system x ≡ ai (modmi), where
1 ≤ i ≤ k and the moduli are pairwise relatively prime, is solvable and has a unique
solution modulo m1m2 ···mk.
E X E R C I S E S 6.2
Determine whether each linear system is solvable.
1. x ≡ 2 (mod10) 2. x ≡ 5 (mod9)
x ≡ 7 (mod15) x ≡ 8 (mod12)
3. x ≡ 4 (mod9) 4. x ≡ 7 (mod8)
x ≡ 10 (mod12) x ≡ 3 (mod10)
x ≡ −2 (mod18) x ≡ 2 (mod 15)
Check whether the given value is a solution of the corre-
sponding linear system.
5. 22 + 30t; x ≡ 2 (mod10)
x ≡ 7 (mod15)
6. 7 + 24t; x ≡ −1 (mod8)
x ≡ 7 (mod12)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-415-320.jpg)
![Chapter Summary 313
has a unique solution modulo m if and only if (,m) = 1,
where
≡
a1 b1 c1
a2 b2 c2
a3 b3 c3
(modm)
Using this fact, determine whether each system has a
unique solution.
24. x + y + z ≡ 6 (mod7)
x + 2y + 3z ≡ 6 (mod7)
2x + 3y + 4z ≡ 5 (mod7)
25. x − 2y − z ≡ 6 (mod11)
2x + 3y + z ≡ 5 (mod11)
3x + y + 2z ≡ 2 (mod11)
26. x − y + 2z ≡ 7 (mod8)
2x + y − z ≡ 7 (mod8)
3x + 2y + z ≡ 2 (mod8)
27. 2x − 3y + z ≡ 12 (mod13)
x + 2y − z ≡ 6 (mod13)
3x − y + 2z ≡ 2 (mod13)
28–31. When the linear system (6.5) has a unique solu-
tion, it is given by
x ≡ −1
d1 b1 c1
d2 b2 c2
d3 b3 c3
(modm)
y ≡ −1
a1 d1 c1
a2 d2 c2
a3 d3 c3
(modm)
z ≡ −1
a1 b1 d1
a2 b2 d2
a3 b3 d3
(modm)
Using this result, solve linear systems in Exer-
cises 24–27.
X CHAPTER SUMMARY
We have established the solvability of systems of linear congruences x ≡ ai (modmi),
where 1 ≤ i ≤ k and the moduli mi are pairwise relatively prime. Also, we have
shown that the solution is unique modulo m1m2 ···mk. We have obtained necessary
and sufficient conditions for the solvability of such systems when the moduli are
not necessarily pairwise relatively prime and have proved that the solution is unique
modulo [m1,m2,...,mk]. We have solved linear systems in a single variable using
iteration and the CRT, and 2 × 2 linear systems using elimination and determinants.
The Chinese Remainder Theorem
• The linear system x ≡ ai (modmi), where 1 ≤ i ≤ k and the moduli are pair-
wise relatively prime, has a unique solution modulo m1m2 ···mk. (p. 297)
• The solution of the linear system is given by x ≡ a1M1y1 + a2M2y2 + ··· +
akMkyk (modM), where M = m1m2 ···mk, Mi = M/mi, and yi is an inverse
of Mi modulo mi. (p. 297)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-422-320.jpg)
![314 CHAPTER 6 Systems of Linear Congruences
• The linear system x ≡ ai (modmi) is solvable if and only if (mi, mj)|(ai − aj)
for every i and j, where 1 ≤ i j ≤ k; when it is solvable, the system has a
unique solution modulo [m1,m2,...,mk]. (p. 305)
2 × 2 Linear Systems
• The 2 × 2 linear system
ax + by ≡ e (modm)
cx + dy ≡ f (modm)
has a unique solution modulo m if and only if (,m) = 1, where ≡ ad −
bc (modm). (p. 309)
• The solution is given by x0 ≡ −1(de − bf) (modm), y0 ≡ −1(af −
ce) (modm), where −1 denotes an inverse of modulo m. (p. 310)
X REVIEW EXERCISES
Solve each linear system using iteration.
1. x ≡ 3 (mod7)
x ≡ 5 (mod10)
2. x ≡ 6 (mod8)
x ≡ −2 (mod12)
3. x ≡ 2 (mod5)
x ≡ 3 (mod7)
x ≡ 5 (mod8)
4. x ≡ 4 (mod6)
x ≡ −2 (mod10)
x ≡ −2 (mod15)
Using the CRT, solve each linear system.
5. x ≡ 3 (mod7)
x ≡ 5 (mod10)
6. x ≡ 5 (mod9)
x ≡ 8 (mod16)
7. x ≡ 2 (mod5)
x ≡ 3 (mod7)
x ≡ 5 (mod8)
8. x ≡ 3 (mod5)
x ≡ 5 (mod7)
x ≡ 8 (mod12)
Find the smallest positive integer that leaves
9. The remainders 8, 7, and 11 when divided by 7, 11, and 15, respectively.
10. The remainders 8, 5, and 14 when divided by 11, 12, and 15, respectively.
Find the largest integer 15,000 that leaves:
11. The remainders 2, 5, 0, and 1 when divided by 5, 11, 12, and 13, respectively.
12. The remainders 3, 7, 9, and 11 when divided by 8, 12, 14, and 17, respectively.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-423-320.jpg)
![7 Three Classical
Milestones
Euler calculated without effort, as men breathe,
or as eagles sustain themselves in the wind.
— FRANÇOIS ARAGO
hree classical results—Wilson’s theorem, Fermat’s little theorem, and Euler’s
Ttheorem—have played a significant role in the development of the theory of
congruences. All three theorems illustrate the power of congruences and the
congruence notation.
We begin our discussion with Wilson’s theorem, which involves the factorial
function.
7.1 Wilson’s Theorem
In 1770, the English mathematician Edward Waring described in his Meditationes
Algebraicae the following conjecture by John Wilson, one of his former students: “If
p is a prime, then p|[(p − 1)! + 1].” Wilson is likely to have guessed this by using
some pattern recognition. In any case, neither he nor Waring could furnish a proof of
the result.
Three years after the conjecture was announced, Lagrange provided the first
proof. He observed that its converse is also true.
Wilson, in fact, was not the first mathematician to discover the theorem, although
it bears his name. There is evidence that the outstanding German mathematician
321](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-430-320.jpg)
![7.1 Wilson’s Theorem 323
It follows by this lemma that exactly two least residues modulo p are self-
invertible; they are 1 and p − 1. Thus, the congruence x2 ≡ 1 (mod p) has exactly
two solutions, 1 and p − 1 modulo p.
For example, the self-invertible least residues modulo 13 are 1 and 12: 12 ≡ 1
(mod 13) and 122 ≡ 1 (mod 13). In other words, the solutions of the congruence
x2 ≡ 1 (mod 13) are 1 and 12 modulo 13.
Before formally stating Wilson’s theorem, we study an example that will facili-
tate its proof.
EXAMPLE 7.1 Let p = 11. Then (p − 1)! = 10! = 1 · 2 · 3 · 4 · 5 · 6 · 7 · 8 · 9 · 10. The least residues
modulo 11 that are self-invertible are 1 and 10; rearrange the remaining factors into
pairs in such a way that the residues in each pair are inverses of each other modulo 11:
10! = 1 · (2 · 6) · (3 · 4) · (5 · 9) · (7 · 8) · 10
≡ 1 · 1 · 1 · 1 · 1 · 10 (mod 11)
≡ 10 (mod 11)
≡ −1 (mod 11)
Thus, (p − 1)! ≡ −1 (mod 11), illustrating Wilson’s theorem.
The technique used in this example is essentially the same one employed in the
proof of the theorem: Arrange into (p−3)/2 = (11−3)/2 = 4 pairs the positive least
residues modulo p (= 11) that are not self-invertible. We can now state and prove the
first feature theorem.
THEOREM 7.1 (Wilson’s Theorem) If p is a prime, then (p − 1)! ≡ −1 (mod p).
PROOF
When p = 2, (p − 1)! = 1 ≡ −1 (mod 2); thus, the theorem is true when p = 2.
So, let p 2. By Corollary 4.6, the least positive residues 1 through p − 1 are
invertible modulo p. But, by Lemma 7.1, two of them, 1 and p − 1, are their own in-
verses. So we can group the remaining p−3 residues, 2 through p−2, into (p−3)/2
pairs of inverses a and b = a−1 such that ab ≡ 1 (mod p) for every pair a and b. Thus,
2 · 3···(p − 2) ≡ 1 (mod p)
(p − 1)! = 1 · [2 · 3···(p − 2)] · (p − 1)
≡ 1 · 1 · (p − 1) (mod p)
≡ −1 (mod p)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-432-320.jpg)
![324 CHAPTER 7 Three Classical Milestones
The following example shows an interesting application of Wilson’s theorem.
EXAMPLE 7.2 Let p be a prime and n any positive integer. Prove that
(np)!
n!pn
≡ (−1)n
(mod p)
SOLUTION
First, we can make an observation. Let a be any positive integer congruent to 1
modulo p. Then, by Wilson’s theorem,
a(a + 1)···[a + (p − 2)] ≡ (p − 1)! ≡ −1 (mod p).
In other words, the product of the p − 1 integers between any two consecutive mul-
tiples of p is congruent to −1 modulo p. Then
(np)!
n!pn
=
(np)!
p · 2p · 3p···(np)
=
n
r=1
[(r − 1)p + 1]···[(r − 1)p + (p − 1)]
≡
n
r=1
(p − 1)! (mod p)
≡
n
r=1
(−1) (mod p)
≡ (−1)n
(mod p)
In particular, let p = 5 and n = 46. Then
(np)!
n!pn
=
230!
46!546
≡ (−1)46
≡ 1 (mod 5).
In 1957, F. G. Elston of New York generalized Wilson’s theorem: Let p be a
prime and 0 ≤ r ≤ p − 1. Then r!(p − 1 − r)! + (−1)r ≡ 0 (mod p). See Exercise 17.
We now turn to the converse of Wilson’s theorem.
THEOREM 7.2 If n is a positive integer such that (n − 1)! ≡ −1 (mod n), then n is a prime.
PROOF (by contradiction)
Suppose n is composite, say, n = ab, where 1 a,b n. Since a|n and n|[(n−1)!+
1], a|[(n − 1)! + 1]. Since 1 a n, a is one of the integers 2 through n − 1, so](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-433-320.jpg)
![7.1 Wilson’s Theorem 325
a|(n − 1)!. Therefore, by Theorem 2.4, a|[(n − 1)! + 1 − (n − 1)!]; that is, a|1. So
a = 1, a contradiction. Thus, n must be a prime.
Theorems 7.1 and 7.2 together furnish a necessary and sufficient condition for
a positive integer to be a prime: A positive integer n ≥ 2 is a prime if and only if
(n−1)! ≡ −1 (mod n). This condition provides a seemingly simple test for primality.
To check if n is a prime, all we need is to determine whether (n − 1)! ≡ −1 (mod n).
For example, (7 − 1)! = 720 ≡ −1 (mod 7), so 7 is a prime. On the other hand,
(12 − 1)! = 39,916,800 ≡ 0 (mod 12), so (12 − 1)! ≡ −1 (mod 12), showing that
12 is not a prime.
Unfortunately, this test has no practical significance, because (n − 1)! becomes
extremely large as n gets large.
Factorial, Multifactorial, and Primorial Primes
Theorem 7.2 naturally prompts several questions in the minds of the curious: Are
?
there primes of the form m! + 1? If yes, how many such primes are there?
Since 1! + 1 = 2,2! + 1 = 3,3! + 1 = 7 are primes, there do exist primes of
the form m! + 1. There are in fact nine such primes for m ≤ 100. The largest known
such prime, as of 2005, was 32659! + 1, discovered by Steven L. Harvey; it contains
44,416 digits.
On the other hand, n! − 1 is a prime for n = 3, 4, and 6. The largest known such
prime is 974! − 1, discovered by Harvey Dubner of New Jersey; n! − 1 is composite
for 975 ≤ n ≤ 1155. It remains unresolved as to whether there is an infinitude of
?
primes of the form n! ± 1; such primes are factorial primes.
In 1930, S. S. Pillai asked if every prime factor of n! + 1 is congruent to 1
modulo n. For example, 11|(5!+1) and 11 ≡ 1 (mod 5). In the same year, the Indian
number theorist S. Chowla discovered two exceptions: 14! + 1 ≡ 0 (mod 23) and
18! + 1 ≡ 0 (mod 23), where 23 ≡ 1 (mod 14) and 23 ≡ 1 (mod 18). In fact, the
smallest such counterexample is 8! + 1 ≡ 0 (mod 61), where 61 ≡ 1 (mod 8).
In 1993, Erdös and M. V. Subbarao of the University of Alberta independently
proved that there are infinitely many primes p for which there is an integer n such
that n! + 1 ≡ 0 (mod p), where p ≡ 1 (mod n).
Primes of the form n!k ± 1 are multifactorial primes, where n!k = n(n − k)(n −
2k)(n−3k)···(n−rk), k is a positive integer, and r is the largest positive integer such
that n − rk ≥ 1. (Notice that n!1 = n!.) For example, 7!3 + 1 = 7(7 − 3)(7 − 6) + 1 =
29 and 7!5 − 1 = 7(7 − 5) − 1 = 13 are multifactorial primes.
Primes of the form n# ± 1 are primorial primes, where n# denotes the product
of all primes ≤ n; for example, 10# + 1 = 2 · 3 · 5 · 7 + 1 = 211 is a primorial prime.
?
Establishing the infinitude of primorial primes remains unresolved.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-434-320.jpg)
![326 CHAPTER 7 Three Classical Milestones
E X E R C I S E S 7.1
Find the self-invertible least residues modulo each
prime p.
1. 7 2. 13 3. 19 4. 23
Solve the congruence x2 ≡ 1 (mod m) for each modu-
lus m.
5. 6 6. 8 7. 12 8. 15
9. Prove or disprove: If the congruence x2 ≡ 1 (mod m)
has exactly two solutions, then m is a prime.
10. If x2 ≡ 1 (mod p) and x2 ≡ 1 (mod q), does it fol-
low that x2 ≡ 1 (mod pq), where p and q are distinct
primes?
11. Let a be a solution of the congruence x2 ≡ 1
(mod m). Show that m − a is also a solution.
Without using Wilson’s theorem, verify that (p−1)! ≡ −1
(mod p) for each p.
12. 3 13. 5 14. 7 15. 13
Prove each, where p is a prime.
16. Let p be odd. Then 2(p − 3)! ≡ −1 (mod p).
17. (p − 1)(p − 2)···(p − k) ≡ (−1)kk! (mod p), where
1 ≤ k p.
18. Let p be odd. Then 12 · 32 ···(p − 2)2 ≡ (−1)(p+1)/2
(mod p).
19. Let p be odd. Then 22 · 42 ···(p − 1)2 ≡ (−1)(p+1)/2
(mod p).
20. A positive integer n ≥ 2 is a prime if and only if
(n − 2)! ≡ 1 (mod n).
21. Let r be a positive integer p such that r! ≡ (−1)r
(mod p). Then (p − r − 1)! ≡ −1 (mod p).
22.
1 · 3 · 5···(p − 2)
2 · 4 · 6···(p − 1)
≡ (−1)(p−1)/2 (mod p), where
p 2. (P. S. Bruckman, 1975)
23. Let 0 ≤ r ≤ p − 1. Then r!(p − 1 − r)! + (−1)r ≡ 0
(mod p) (F. G. Elston, 1957)
24.
np
p
≡ n (mod p) (J. H. Hodges, 1959)
25.
np − 1
p − 1
≡ −1 (mod p), where p n. (This result,
true even if p|n, was established in 1874 by Catalan.)
26.
p − 1
r
≡ (−1)r (mod p), where 0 ≤ r p.
27. Let p = m + n + 3, where m,n ≥ 0. Then [m! + (m +
1)!][n! + (n + 1)!] ≡ (−1)m (mod p) (A. Cusumano,
2005)
28. Using Exercise 21, show that 63! ≡ −1 (mod 71).
Verify that [((p − 1)/2)!]2 ≡ −1 (mod p) for each
prime p.
29. 5 30. 13 31. 17 32. 29
33. Make a conjecture using Exercises 29–32.
34. Does your conjecture hold for p = 2, 3, or 7?
35. Establish the conjecture in Exercise 33.
36. Prove that
p−1
n=1
(1 + p/n) ≡ 1 (mod p). (L. Talbot,
1995)
7.2 Fermat’s Little Theorem
On October 18, 1640, Fermat wrote a letter to Bernhard Frenicle de Bessy (1605–
1675), an official at the French mint who was a gifted student of number theory.
In his letter, Fermat communicated the following result: If p is a prime and p a,
then p|ap−1 − 1. Fermat did not provide a proof of this result but enclosed a note
promising that he would send along a proof, provided it was not too long. This result](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-435-320.jpg)
![7.2 Fermat’s Little Theorem 327
is known as Fermat’s little theorem or simply Fermat’s theorem, to distinguish
it from Fermat’s last theorem, which is presented in Chapter 13. Incidentally, the
special case of Fermat’s little theorem for a = 2 was known to the Chinese as early
as 500 B.C.
The first proof of Fermat’s little theorem was given by Euler in 1736, almost
a century after Fermat’s announcement. Leibniz had given an identical proof in an
unpublished work about 50 years prior to Euler’s, but once again Leibniz did not
receive his share of credit.
We need the following lemma for the proof of Fermat’s little theorem, but before
we turn to the lemma, let us study a special case.
EXAMPLE 7.3 Let p = 7 and a = 12. Clearly, p a. Then,
1 · 12 ≡ 5 (mod 7) 2 · 12 ≡ 3 (mod 7) 3 · 12 ≡ 1 (mod 7)
4 · 12 ≡ 6 (mod 7) 5 · 12 ≡ 4 (mod 7) 6 · 12 ≡ 2 (mod 7)
Thus, the least residues of 1 · 12, 2 · 12, 3 · 12, 4 · 12, 5 · 12, and 6 · 12 are the same
as the integers 1, 2, 3, 4, 5, and 6 in some order.
More generally, we have the following result.
LEMMA 7.2 Let p be a prime and a any integer such that p a. Then the least residues of
the integers a,2a,3a,...,(p − 1)a modulo p are a permutation of the integers
1,2,3,...,(p − 1).
PROOF
The proof consists of two parts. [First, we will show that ia ≡ 0 (mod p), where
1 ≤ i ≤ p − 1. Then we will show that the least residues of ia and ja modulo p are
distinct if i = j, where 1 ≤ j ≤ p − 1.]
To show that ia ≡ 0 (mod p), where 1 ≤ i ≤ p − 1:
Suppose ia ≡ 0 (mod p). Then p|ia. But (p,a) = 1, so p|i, which is impossible
since i p. Therefore, ia ≡ 0 (mod p).
To show that if ia ≡ ja (mod p), where 1 ≤ i,j ≤ p − 1 then i = j:
Suppose ia ≡ ja (mod p), where 1 ≤ i,j ≤ p − 1. Since (p,a) = 1, by Theorem
4.6, i ≡ j (mod p). But both i and j are least residues modulo p, so i = j. Thus, if
ia ≡ ja (mod p), where 1 ≤ i,j ≤ p − 1, then i = j. In other words, no two least
residues of a,2a,3a,...,(p − 1)a are congruent modulo p.
We are now ready to present Fermat’s little theorem formally and to prove it.
Using the preceding lemma, we will find that the proof is short and clear.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-436-320.jpg)
![334 CHAPTER 7 Three Classical Milestones
Let g(t) = tp − t. Then
g(x + 1) − g(x) = (x + 1)p
− (x + 1) − xp
+ x
= (x + 1)p
− xp
− 1
≡ 0 (mod p)
Therefore, g(x + 1) ≡ g(x) (mod p). Replacing x with x + 1, this yields g(x + 2) ≡
g(x + 1) ≡ g(x) (mod p).
More generally, it can be shown that g(x+a) ≡ g(x) for every positive integer a.
(See Exercise 36.)
Letting x = 0 in this result yields g(a) ≡ g(0) (mod p); that is, ap − a ≡ 0
(mod p). In other words, ap ≡ a (mod p).
In 1970, J. E. Phythian of Tanzania extended Theorem 7.7 to a finite number of
distinct primes, as the following theorem shows.
THEOREM 7.8 Let p1,p2,...,pk be any distinct primes, a any positive integer, and = [p1 − 1,
p2 − 1,...,pk − 1]. Then a+1 ≡ a (mod p1p2 ···pk).
PROOF
By Fermat’s little theorem, api−1 ≡ 1 (mod pi), where 1 ≤ i ≤ k. Since pi − 1|,
this implies (api − 1)/(pi−1)
≡ 1 (mod pi); that is, a ≡ 1 (mod pi). Thus, a+1 ≡
a (mod pi). Consequently, a+1 ≡ a (mod [p1,p2,...,pk]); that is, a+1 ≡ a
(mod p1p2 ···pk).
For example, let p1 = 3, p2 = 7, and p3 = 11. Then = [2,6,10] = 30 and
p1p2p3 = 3 · 7 · 11 = 231. So, by Theorem 7.8, a31 ≡ a (mod 231) for any positive
integer a. In particular, 4331 ≡ 43 (mod 231).
Theorem 7.8 yields an interesting byproduct. This observation was made inde-
pendently in 1985 by G. Duckworth of England and J. Suck of Germany.
COROLLARY 7.2 Let a be any integer and p any prime 3. Then ap ≡ a (mod 6p).
PROOF
Let p1 = 2, p2 = 3, and p3 = p in Theorem 7.8. Since 2 · 3 · p = 6p and [p1 − 1,
p2 − 1,p3 − 1] = [1,2,p − 1] = p − 1, the result follows by the theorem.
For example, let a = 20 and p = 13. Then 2013 = (202)6 · 20 ≡ 106 · 20 =
(103)2 · 20 ≡ (−14)2 · 20 ≡ 20 (mod 78), as expected by this corollary.
This corollary can be proved without using Theorem 7.8. See Exercise 31.
We now present an application of Fermat’s little theorem to the factoring of large
composite numbers.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-443-320.jpg)
![7.3 Pseudoprimes (optional) 337
7.3 Pseudoprimes (optional)
In Theorem 7.7, we found that if n is a prime, then an ≡ a (mod n) for every integer
a. As a result, if this congruence fails for some integer b, that is, if bn ≡ b (mod n) for
some integer n, then n cannot be a prime. Thus, in order to show that n is composite,
it suffices to produce an integer b such that bn ≡ b (mod n). This provides a test for
compositeness, as the following example shows.
EXAMPLE 7.12 Verify that 33 is a composite number.
PROOF
If 33 were a prime, then 233 ≡ 2 (mod 33). But
233
= (25
)6
· 23
≡ (−1)6
· 8 ≡ 8 (mod 33)
≡ 2 (mod 33)
Therefore, 33 is not a prime, as expected.
We still have not answered whether the converse of Theorem 7.7 is true: If
an ≡ a (mod n), then n is a prime. Interestingly, the ancient Chinese mathematicians
claimed that if 2n ≡ 2 (mod n), then n must be a prime. In support of this conjecture,
we find that the claim holds for all positive integers n ≤ 340. Unfortunately, however,
it fails when n = 341 = 11 · 31, a composite number discovered by Sarrus in 1819.
The following example confirms this.
EXAMPLE 7.13 Show that 2341 ≡ 2 (mod 341).
PROOF
By Fermat’s little theorem, 210 ≡ 1 (mod 11), so 2341 = (210)34 · 2 ≡ 134 · 2 ≡ 2
(mod 11). Also, 25 ≡ 1 (mod 31), so 2341 = (25)68 ·2 ≡ 168 ·2 ≡ 2 (mod 31). There-
fore, by Theorem 4.8, 2341 ≡ 2 (mod [11,31]); that is, 2341 ≡ 2 (mod 341), although
341 is a composite number.
This example voids the Chinese claim and thus disproves the converse of Fer-
mat’s little theorem.
It follows from the preceding discussion that n = 341 is the smallest composite
number such that 2n ≡ 2 (mod n). The next three are 561, 645, and 1105 (see Ex-
ercises 5–8). Such numbers, although not as important as primes, have been given a
name of their own, so we make the following definition.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-446-320.jpg)
![340 CHAPTER 7 Three Classical Milestones
By Fermat’s little theorem, a2 ≡ 1 (mod 3), a10 ≡ 1 (mod 11), a16 ≡ 1
(mod 17). Therefore, a560 = (a2)280 ≡ 1 (mod 3), a560 = (a10)56 ≡ 1 (mod 11),
and a560 = (a16)35 ≡ 1 (mod 17). So, by Theorem 4.8, a560 ≡ 1 (mod [3,11,17]);
that is, a560 ≡ 1 (mod 561), as desired.
In fact, 561 is the smallest Carmichael number. The next two are 1105 = 5 · 13 ·
17 and 1729 = 7 · 13 · 19. There are four more numbers below 10,000, and 1547 less
than 10 billion. In 1992, using high-powered computers, Richard G. E. Pinch (1954–)
at Cambridge University found that there are 105,212 less than one quadrillion. And
the search continues.
As we saw, Carmichael numbers are sparsely spaced and appear to be rare. In
1992, however, Andrew Granville, Carl Pomerance, and Red Alford of the University
of Georgia established the existence of infinitely many Carmichael numbers.
Interestingly, it has been found that one Carmichael number can be a factor of
another; for instance, 1729 and 63,973 = 7 · 13 · 19 · 37 are Carmichael numbers,
and 1729|63,973. It was also established in 1948 that the product of two Carmichael
numbers can also be a Carmichael number; for example, 1729, 294,409 = 37 · 73 ·
109 and 509,033,161 = 1729 · 294,409 are Carmichael numbers.
In 1990, H. Dubner and H. Nelson discovered two Carmichael numbers that are
products of three Carmichael numbers; one is 97 digits long and the other 124 digits
long.
E X E R C I S E S 7.3
Using Lemma 7.3, factor each.
1. 210 − 1 2. 214 − 1
3. 215 − 1 4. 221 − 1
Verify that 2n ≡ 2 (mod n) for each value of n.
5. 561 6. 645
7. 1105 8. 161,038
Verify each.
9. 2340 ≡ 2 (mod 340) 10. 390 ≡ 1 (mod 91)
11. 414 ≡ 1 (mod 15) 12. 5123 ≡ 1 (mod 124)
13. 634 ≡ 1 (mod 35) 14. 1264 ≡ 1 (mod 65)
Determine whether each is true.
15. 290 ≡ 1 (mod 91) 16. 3340 ≡ 1 (mod 341)
Verify that each is a Carmichael number.
17. 1105 = 5 · 13 · 17 18. 1729 = 7 · 13 · 19
19. 2465 = 5 · 17 · 29 20. 2821 = 7 · 13 · 31
There can exist positive integers a and n, and a prime p
with p a such that ap−1 ≡ 1 (mod pn). Exercises 21–26
present six such instances. Verify each.
21. 74 ≡ 1 (mod 52) 22. 310 ≡ 1 (mod 112)
23. 196 ≡ 1 (mod 73) 24. 1912 ≡ 1 (mod 132)
25. 23912 ≡ 1 (mod 134) 26. 3816 ≡ 1 (mod 172)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-449-320.jpg)
![342 CHAPTER 7 Three Classical Milestones
Leonhard Euler (1707–1783) was born in Basel, Switzerland. His father, a
mathematician and a Calvinist pastor, wanted him also to become a pastor.
Although Euler had different ideas, he followed his father’s wishes, and studied
Hebrew and theology at the University of Basel. His hard work at the university
and remarkable ability brought him to the attention of the well-known mathe-
matician Johann Bernoulli (1667–1748). Realizing the young Euler’s talents,
Bernoulli persuaded the boy’s father to change his mind, and Euler pursued
his studies in mathematics.
At the age of 19, Euler brought out his first paper. His paper failed to win
the Paris Academy Prize in 1727; however, he won it 72 times in later years.
Euler was the most prolific mathematician, making significant contribu-
tions to every branch of mathematics. With his phenomenal memory, he had every formula at his fingertips.
A genius, he could work anywhere and under any conditions. Euler belongs to a class by himself.
namely, 4. [Notice that 2 also works: 12 ≡ 1 (mod 12), 52 ≡ 1 (mod 12),
72 ≡ 1 (mod 12), and 112 ≡ 1 (mod 12).]
From the three cases presented in this example, we can make an educated guess
about the exponent f(m): It is the number of positive integers ≤ m and relatively
prime to m. Accordingly, we now turn to an important number-theoretic function,
named after the great Swiss mathematician Leonhard Euler.
Euler’s Phi Function
Let m be a positive integer. Then Euler’s phi function ϕ(m) denotes the number of
positive integers ≤ m and relatively prime to m.
It follows by Example 7.15 that ϕ(4) = 2, ϕ(9) = 6, and ϕ(12) = 4. Since 1 ≤ 1
and relatively prime to 1, ϕ(1) = 1.
EXAMPLE 7.16 Compute ϕ(11) and ϕ(18).
SOLUTION
Since 11 is a prime, every positive integer 11 is relatively prime to 11, so
ϕ(11) = 10.
There are six positive integers ≤ 18 and relatively prime to it, namely, 1, 5, 7,
11, 13, and 17. Therefore, ϕ(18) = 6. (We can verify that each raised to the sixth
power is congruent to 1 modulo 18.)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-451-320.jpg)
![346 CHAPTER 7 Three Classical Milestones
PROOF
By Euler’s theorem, aϕ(p) ≡ 1 (mod p). But ϕ(p) = p − 1, by Lemma 7.5, so ap−1 ≡
1 (mod p).
Using Euler’s theorem, we can extend Theorems 7.5 and 7.6 to an arbitrary
modulus m in an obvious way, as the following two theorems show. We leave their
proofs as exercises.
THEOREM 7.11 Let m be a positive integer and a any integer with (a,m) = 1. Then aϕ(m)−1 is an
inverse of a modulo m.
THEOREM 7.12 Let m be a positive integer and a any integer with (a,m) = 1. Then the solution of
the linear congruence ax ≡ b (mod m) is given by x ≡ aϕ(m)−1b (mod m).
The following example uses this result.
EXAMPLE 7.21 Solve the linear congruence 35x ≡ 47 (mod 24).
SOLUTION
The congruence can be simplified as 11x ≡ −1 (mod 24). Since (11,24) = 1, by
Theorem 7.12,
x ≡ 11ϕ(24)−1 · (−1) ≡ 117 · (−1) (mod 24)
≡ (112)3 · 11 · (−1) ≡ 13 · (−11) (mod 24)
≡ 13 (mod 24)
In order to find an inverse of a modulo m in Theorem 7.11 and hence to solve the
congruence ax ≡ b (mod m), we need to compute ϕ(m). Lemma 7.5 gives its value
if m is a prime. Suppose m is composite. It is not practical to list all positive integers
≤ m and relatively prime to it, and then count them. In Section 8.1 we will return to
this issue and derive a formula for ϕ(m) for every positive integer m.
Additionally, Euler’s theorem can be used to develop a formula to solve a system
of linear congruences with pairwise relatively prime moduli. (See Exercises 62–67.)
Next, we give a generalization of Euler’s theorem. Its proof is fairly straightfor-
ward, so we leave its proof as an exercise. See Exercises 59 and 60.
THEOREM 7.13 (Koshy, 1996) Let m1,m2,...,mk be any positive integers and a any integer such
that (a,mi) = 1 for 1 ≤ i ≤ k. Then
a[ϕ(m1),ϕ(m2),...,ϕ(mk)]
≡ 1 (mod [m1,m2,...,mk])](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-455-320.jpg)
![7.4 Euler’s Theorem 347
The next result follows from Theorem 7.10.
COROLLARY 7.4 Let m1,m2,...,mk be pairwise relatively prime integers and a any integer such that
(a, mi) = 1 for 1 ≤ i ≤ k. Then
a[ϕ(m1),ϕ(m2),...,ϕ(mk)]
≡ 1 (mod m1m2 ···mk)
E X E R C I S E S 7.4
Compute ϕ(m) for each integer m.
1. 8 2. 15 3. 21 4. 28
Use the modulus m = 15 and a = 28 for Exercises 5–6.
5. List the positive integers ≤ m and relatively prime to
it.
6. Multiply each by a and find their least residues mod-
ulo m.
7–8. Redo Exercises 5 and 6 with m = 28 and a = 15.
9. Verify that a6 ≡ 1 (mod 18) for a = 1, 5, 7, 11, 13,
and 17.
10. Using the values of ϕ(m) for m ≤ 15, make a conjec-
ture on the evenness of ϕ(m).
Let m be a positive integer and a any positive integer ≤ m
and relatively prime to it. Verify Euler’s theorem for each
modulus.
11. 6 12. 10 13. 15 14. 28
Find the remainder when the first integer is divided by the
second.
15. 71020, 15 16. 252550, 18
17. 791776, 24 18. 1992020, 28
Using Euler’s theorem, find the ones digit in the decimal
value of each.
19. 176666 20. 237777
Using Euler’s theorem, find the ones digit in the hexadec-
imal value of each.
21. 71030 22. 134444
Solve each linear congruence.
23. 7x ≡ 8 (mod 10) 24. 23x ≡ 17 (mod 12)
25. 25x ≡ 13 (mod 18) 26. 17x ≡ 20 (mod 24)
27. 143x ≡ 47 (mod 20) 28. 79x ≡ 17 (mod 25)
If m and n are relatively prime, then ϕ(mn) = ϕ(m)·ϕ(n).
Using this fact, compute each.
29. ϕ(15) 30. ϕ(35)
31. ϕ(105) 32. ϕ(462)
Compute
d|n
ϕ(d) for each n.
33. 7 34. 10 35. 12 36. 17
37. Conjecture a formula for
d|n
ϕ(d) using Exercises
33–36.
38–41. Compute the value of
d|n
(−1)n/dϕ(d) for each n
in Exercises 33–36.
42. Conjecture a formula using Exercises 38–41.
Verify each.
43. 1 + 9 + 92 + ··· + 923 ≡ 0 (mod 35).
44. 1 + 11 + 112 + ··· + 1131 ≡ 0 (mod 51).
Prove or disprove each.
45. ϕ((a,b)) = (ϕ(a),ϕ(b))
46. ϕ([a,b]) = [ϕ(a),ϕ(b)]
Prove each.
47. Let m be a positive integer and a any integer with
(a,m) = 1. Then aϕ(m)−1 is an inverse of a mod-
ulo m.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-456-320.jpg)
![Review Exercises 349
• If a is an integer such that p a, then the solution of the congruence ax ≡ b
(mod p) is given by x ≡ ap−2b (mod p). (p. 331)
• If a is an integer such that p a, then ap ≡ a (mod p). (p. 333)
• Let p1,p2,...,pk be any distinct primes, a any positive integer, and = [p1 −
1,p2 −1,...,pk −1]. Then a+1 ≡ a (mod p1p2 ···pk). (J. E. Phythian, 1970)
(p. 334)
The Pollard p − 1 Factoring Method
• Let r = 2k! (mod n). Then (r − 1,n) is a nontrivial factor of n, provided r ≡ 1
(mod n). (p. 335)
Pseudoprimes
• A composite number n such that 2n ≡ 2 (mod n) is a pseudoprime. (p. 338)
• The smallest pseudoprime is 341. (p. 338)
• If m and n are positive integers such that m|n, then 2m − 1|2n − 1. (p. 338)
• If n is an odd pseudoprime, then so is 2n − 1. (p. 338)
• There is an infinite number of odd pseudoprimes. (p. 338)
• A composite number n such that an−1 ≡ 1 (mod n) for all positive integers a
relatively prime to n is a Carmichael number. (p. 339)
• The smallest Carmichael number is 561. (p. 340)
• There are infinitely many Carmichael numbers. (p. 340)
Euler’s Theorem
• Euler’s phi function ϕ(m) denotes the number of positive integers ≤ m and
relatively prime to m. (p. 342)
• ϕ(p) = p − 1. (p. 343)
• Let a be any integer with (a, m) = 1. Let r1,r2,...,rϕ(m) be the positive
integers ≤ m and relatively prime to m. Then the integers ar1,ar2,...,arϕ(m)
modulo m are the same as r1,r2,...,rϕ(m) in some order. (p. 343)
• Let a be any integer with (a,m) = 1. Then aϕ(m) ≡ 1 (mod m). (Euler’s the-
orem) (p. 344)
• Let a be any integer with (a,m) = 1. Then aϕ(m)−1 is an inverse of a (mod m).
(p. 346)
• Let a be any integer with (a,m) = 1. Then the solution of the congruence
ax ≡ b (mod m) is given by x ≡ aϕ(m)−1b (mod m). (p. 346)
• Let m1,m2,...,mk be any positive integers and a any integer such that
(a,mi) = 1 for 1 ≤ i ≤ k. Then a[ϕ(m1),ϕ(m2),...,ϕ(mk)] ≡ 1 (mod [m1,m2,
...,mk]). (Koshy, 1996) (p. 346)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-458-320.jpg)
![362 CHAPTER 8 Multiplicative Functions
= pe1
1 pe2
2 ···p
ek
k
1 −
1
p1
1 −
1
p2
···
1 −
1
pk
= n
1 −
1
p1
1 −
1
p2
···
1 −
1
pk
The following example illustrates this theorem.
EXAMPLE 8.7 Compute ϕ(666) and ϕ(1976).
SOLUTION
• 666 = 2 · 32 · 37
ϕ(666) = 666
1 −
1
2
1 −
1
3
1 −
1
37
= 216
[An interesting observation: ϕ(666) = 6 · 6 · 6]
• 1976 = 23 · 13 · 19
ϕ(1976) = 1976
1 −
1
2
1 −
1
13
1 −
1
19
= 864
You must have observed in Exercise 10 in Section 7.4, and in Examples 8.6 and
8.7, that ϕ(n) is nearly always even. In fact, it is odd only if n = 1 or 2. We leave the
proof as an exercise.
Before pursuing another result involving ϕ, we investigate
d|n
ϕ(d)n in an exam-
ple.
EXAMPLE 8.8 Let n = 28 and d|28. Let Cd denote the class of those positive integers m ≤ n, where
(m,n) = d. Since 28 has six positive factors 1, 2, 4, 7, 14, and 28, there are six such
classes:
C1 = {1,3,5,9,11,13,15,17,19,23,25,27} C2 = {2,6,10,18,22,26}
C4 = {4,8,12,16,20,24} C7 = {7,21}
C14 = {14} C28 = {28}](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-471-320.jpg)
![8.4 Mersenne Primes 383
?
It is also not known if every Mp is square-free; it also remains unresolved.
Mersenne primes Mp appear to be scarce as p increases. In 1963, Donald B.
Gillies of the University of Illinois conjectured that there are about two such primes
p in the interval [n, 2n]. Interestingly enough, his conjecture is consistent with the
observed frequency of primes p. It also agrees well with the Eberhart conjecture that
for the ith Mersenne prime Mp, p ≈ 1.5i. For example, when i = 23, p ≈ 1.523 ≈
11223, which is not that far from the actual value of p = 11213.
Modern computers have become a powerful tool for finding larger Mersenne
primes. For instance, the next five larger Mersenne primes corresponding to p =
521,607,1279,2203, and 2281 were discovered in 1952; the next one corresponding
to p = 3217 in 1957; the next two with p = 4253 and 4423 in 1961; the next three
were found in 1963 at the University of Illinois at Urbana-Champaign (see the meter
stamp in Figure 8.3). In 1971, a still larger prime was found by Bryant Tuckerman of
International Business Machines (IBM); see Figure 8.4, which shows the top portion
of IBM’s office envelope spreading its news.
Figure 8.3
Figure 8.4
As of 1994, 33 Mersenne primes had been discovered; the 33rd largest known
Mersenne prime, M859433, was discovered in 1993 by David Slowinski of Harwell
Laboratory, England; it took 7.2 hours on a Cray C90 supercomputer to determine
its primality; its decimal value is 258,716 digits long (see Figure 8.5). The next two
larger ones were also discovered by Slowinski.
The largest known prime by the year 1999, M6972593, was discovered by N.
Hajrawala, G. Woltman, and S. Kurowski; its decimal value is 2,098,960 digits long.
So the largest known even perfect number in 1999 was 26972592(26972593 − 1); its
decimal value is 4,197,919 digits long.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-493-320.jpg)
![8.4 Mersenne Primes 389
EXAMPLE 8.16 Find a factor of the Mersenne number M1000151.
SOLUTION
Both p = 1,000,151 = 4·250,037+3 and 2p+1 = 2,000,303 are primes. Therefore,
by Theorem 8.11, 2,000,303|M1000151. (This simple solution was provided in 1991
by Warut Roonguthai of Bangkok, Thailand.)
Before presenting a primality test for Mersenne primes in Theorem 8.12, we
prepare the way with Lemma 8.2. But first, let us look at an example.
Let a and n be relatively prime positive integers. Then, by Euler’s theorem,
aϕ(n) ≡ 1 (mod n). Often, however, there can be exponents k smaller than ϕ(n) such
that ak ≡ 1 (mod n), as the following example illustrates.
EXAMPLE 8.17 Let n = 12; then ϕ(n) = ϕ(12) = 4. The least residues a modulo 12 that are relatively
prime to 12 are 1, 5, 7, and 11; by Euler’s theorem aϕ(n) = a4 ≡ 1 (mod 12). But
12 ≡ 1 (mod 12), 52 ≡ 1 (mod 12), 72 ≡ 1 (mod 12), and 112 ≡ 1 (mod 12); so k = 2
is the least positive exponent such that ak ≡ 1 (mod 12). [Notice that k|ϕ(n).]
More generally, we have the following result.
LEMMA 8.2 Let a, m, and n be positive integers with (a,n) = 1, and k the smallest positive integer
such that ak ≡ 1 (mod n). Then am ≡ 1 (mod n) if and only if k|m.
PROOF
Suppose am ≡ 1 (mod n). By the division algorithm, m = kq + r for some integers q
and r, where 0 ≤ r k. Then
am
= akq+r
= (ak
)q
· ar
Since ak ≡ 1 (mod n) and am ≡ 1 (mod n), this yields
1 ≡ 1q
· ar
(mod n)
1 ≡ ar
(mod n)
That is,
ar
≡ 1 (mod n), where 0 ≤ r k
If r 0, this would contradict the minimality of k. So r = 0 and hence m = kq. Thus,
k|m.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-502-320.jpg)
![8.5 The Möbius Function (optional) 401
The following example illustrates this theorem.
EXAMPLE 8.25 Compute
d|18
μ(d).
SOLUTION
d|18
μ(d) = μ(1) + μ(2) + μ(3) + μ(6) + μ(9) + μ(18)
= 1 + (−1) + (−1) + (−1)2
+ 0 + 0 = 0
which agrees with the theorem.
Theorem 8.17 plays a crucial role in the derivation of the Möbius inversion for-
mula. Its derivation involves double summations over positive divisors, which can be
confusing, so we use the following example to clarify it.
EXAMPLE 8.26 Let f be a number-theoretic function. Show that
d|6
d|(6/d)
μ(d)f(d
) =
d|6
d|(6/d)
f(d
)μ(d)
PROOF
d|6
d|(6/d)
μ(d)f(d
)
=
d|6
μ(1)f(d
) +
d|3
μ(2)f(d
) +
d|2
μ(3)f(d
) +
d|1
μ(6)f(d
)
= μ(1)
d|6
f(d
) + μ(2)
d|3
f(d
) + μ(3)
d|2
f(d
) + μ(6)
d|1
f(d
)
= μ(1)[f(1) + f(2) + f(3) + f(6)] + μ(2)[f(1) + f(3)]
+ μ(3)[f(1) + f(2)] + μ(6)f(1)
= f(1)[μ(1) + μ(2) + μ(3) + μ(6)] + f(2)[μ(1) + μ(3)]
+ f(3)[μ(1) + μ(2)] + f(6)[μ(1)]
= f(1)
d|6
μ(d) + f(2)
d|3
μ(d) + f(3)
d|2
μ(d) + f(6)
d|1
μ(d)
=
d|6
f(d
)
d|(6/d)
μ(d)
=
d|6
d|(6/d)
f(d
)μ(d)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-514-320.jpg)
![410 CHAPTER 8 Multiplicative Functions
4. Using equations (8.14) and (8.15), show that
σ(d)(a + 1)(b + 1) = d(2ab + a + b) (8.16)
5. Let d = 2n. Show that equation (8.16) can be written as
[a − (2n
− 1)][b − (2n
− 1)] = 22n
(8.17)
6. By equation (8.17), a − (2n − 1) = 2n+m and b − (2n − 1) = 2n−m for some
integer m. Solve for a, b, and c using these equations.
7. Deduce Korrah’s formula from the solutions in Exercise 4.
8. Using equation (8.16), show that σ(d)/d = 2 − 1/g, where
g = (p + 1)(q + 1)/[(p + 1) + (q + 1)].
9. Let g = 9/2 and d = 32 · 7 · 13. Show that
(2a − 7)(2b − 7) = 81 (8.18)
(Hint: Use Exercise 8.)
10. Find the possible values of a, b, and c using equation (8.18).
11. Using the values of a, b, and c, find the corresponding amicable pair.
12. In 1951, the Dutch electrical engineer Balthazar van der Pol (1889–1959) estab-
lished the recurrence relation
n2(n − 1)
6
σ(n) =
n−1
k=1
3n2
− 10k2
σ(k)σ(n − k)
Using this formula, find a recurrence relation for σ(n) for n = 2, 3, 4, and 5.
13. Let m = m1m2 ···mn, where (mi, mj) = 1 for i = j. Prove that
n
i=1
m
ϕ(m)/ϕ(mi)
i ≡
n − 1 (mod m). (J. O. Silva, 1996)
14. Show that every even perfect number 6 is one more than nine times a triangu-
lar number. (C. F. Eaton, 1995)
15. Using the formulas in Exercise 10, compute σ(n) for n = 2,3,4, and 5.
16. Let sk(n) = s(sk−1(n)), where k ≥ 2 and s1(n) = s(n) = σ(n) − n. A number n
such that sk(n) = n for some integer k is a sociable number. Show that 12496
is a sociable number. (The sociable numbers 12496, 14288, 15472, 14536, and
14264 were discovered in 1918 by P. Poulet.)
Let n =
k
i=1
pei
i be the canonical decomposition of n. Prove each.
17.
d|n
μ(d)τ(d) = (−1)k](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-525-320.jpg)
![Computer Exercises 411
18.
d|n
μ(d)σ(d) = (−1)k
k
i=1
pi
19.
d|n
μ(d)ϕ(d) =
k
i=1
(2 − pi)
20. Let f be a multiplicative function. Prove that
d|n
μ(d)f(d) =
k
i=1
[1 − f(pi)].
Using the formula in Exercise 20, deduce the formula in
21. Exercise 17. 22. Exercise 18. 23. Exercise 19.
Using the formula in Exercise 20, deduce a formula for each.
24.
d|n
dμ(d) 25.
d|n
μ(d)
d
26. Derive a formula for
n
d=1
μ(d)λ(d).
A positive integer n is near-perfect if the sum of its proper factors is n − 1; that is,
if σ(n) = 2n − 1. It is not known if odd near-perfect numbers exist.
27. Show that 16 is near-perfect.
28. Prove that every power of 2 is near-perfect.
X COMPUTER EXERCISES
Write a program to perform each task.
1. Read in a positive integer n ≤ 1000. Compute ϕ(n) and list all positive integers
≤ n and relatively prime to it.
2. Solve the monkey and coconuts riddle in Example 8.3 by solving congru-
ence (8.1) in Section 8.1.
3. Read in a positive integer n ≤ 1000. Compute τ(n) and σ(n).
4. Read in a Mersenne number 2m − 1 and determine whether it is a prime; if it is
not, find a factor.
5. Using the Lucas–Lehmer test, determine whether a Mersenne number is a prime.
6. Read in an integer of the form 2n−1(2n −1), and determine whether it is a perfect
number.
7. Read in a positive integer and determine whether it is deficient, perfect, or abun-
dant.
8. Read in an even perfect number of the form 2p−1(2p − 1) and compute its ones
digit.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-526-320.jpg)
![436 CHAPTER 9 Cryptology
Nevertheless, Schlafly said, the two prime numbers satisfy
the patent office’s conditions for patentability: They are use-
ful, have never been used before by anyone else, and their
use for this particular technique is not obvious.
Others see the prime number patent as evidence that
the patent office has lost its grip on the patenting process.
“That’s outrageous,” said Pamela Samuelson, a profes-
sor of law at the University of Pittsburgh and an expert on
software patents and copyrights.
“It also seems inconsistent with some of the recent de-
cisions issued by the Federal Circuit [Court of Appeals] . . .
Unless you claim some physical structure [that is used by]
an algorithm or a data structure, you can’t patent it.”
Nearly two years ago, the patent office awarded a
sweeping patent that covered the field of multimedia to
Compton’s New Media. At the time, an outraged computer in-
dustry argued that there was nothing new or novel in Comp-
ton’s programs that deserved a patent. Eventually, the patent
office reconsidered the Compton’s patent, and threw it out.
Whether or not that will happen with Schlafly’s patent
remains to be seen. Under most circumstances, patents are
invalid if the invention that they described is published before
the patent application is filed.
“There are entire journals and conference proceedings
devoted to the general subject of this application,” says Gre-
gory Aharonian, who published the Internet Patent News
Services and maintains a database of several hundred thou-
sand pieces of software art. But few software patents that
have been awarded in recent years cite any prior art other
than previous patents, Aharonian says.
But whereas the algorithm may be covered under the
doctrine of prior art, says Aharonian, the prime numbers
themselves are probably patentable. “The claiming of cer-
tain prime numbers as part of an encryption process doesn’t
seem to me to be unnatural,” said Aharonian. “I can claim
certain specific chemicals as part of a chemical engineer-
ing process, so why not a specific number as part of a math
engineering process?”
The numbers claimed in the patent are 512 bits and
1,024 bits long, or roughly 150 and 300 decimal digits. While
these numbers are quite large by everyday standards, they
are typical of the size of numbers used for cryptographic
processes. By design, the numbers are so large that it is
exceedingly unlikely that a person could guess them or oth-
erwise intentionally discover what they are.
The two principle techniques of public key cryptogra-
phy were discovered and patented by scientists at Stanford
University and at the Massachusetts Institute of Technology
in the 1970s. In 1990, they were both licensed to Public Key
Partners, a holding company based in California. Last year,
Schlafly filed suit against PKP in federal court, claiming that
the PKP patents are invalid.
Regarding his own patent, Schlafly said, its real value
is the technique that it describes for finding the special prime
numbers, rather than the two specific prime numbers that it
describes. “I really don’t anticipate somebody reading this
patent and saying, ‘look, here’s a good prime number, let’s
use it!’ ” he said.
Nevertheless, the patent gives Schlafly the legal right
to sue anybody in the United States for using his numbers
without permission. “I suppose that you can tell people that
if they want to license these prime numbers, they should just
call me up.”
Figure 9.5
The Enciphering Algorithm
In an RSA system, the enciphering key is a pair (e,n) of positive integers e and n,
where the enciphering modulus n is the product of two very large and distinct primes
p and q, each about 100 digits long, and (e,ϕ(n)) = 1. To encrypt a plaintext mes-
sage, as in the exponentiation cryptosystem, we group the plaintext numeric equiva-
lents into blocks of length 2m, with padding at the end if necessary. Then we convert](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-556-320.jpg)
![438 CHAPTER 9 Cryptology
The Deciphering Algorithm
To decipher a ciphertext C generated by an RSA system, we need to compute the in-
verse d of the enciphering exponent e modulo ϕ(n), which exists since (e,ϕ(n)) = 1.
Then de ≡ 1 (mod ϕ(n)); that is, de = 1 + kϕ(n) for some constant k. Knowing the
deciphering exponent d, we can recover the plaintext P by raising both sides of con-
gruence (9.8) to the power d modulo n:
C = Pe
(mod n)
Cd
≡ (Pe
)d
= Ped
= P1+kϕ(n)
(mod n)
= P · [Pϕ(n)
]k
≡ P · 1k
= P (mod n) (9.9)
where, by Euler’s theorem, Pϕ(n) ≡ 1 (mod n), if (P,n) = 1. The pair (d,n) is the
deciphering key.
Even in the highly unlikely event that (P,n) = 1, the RSA algorithm works.
To see this, let n = pq. Then (P,n) = p, q, or pq. Since P n, (P,n) = n. When
(P,n) = p,(P,q) = 1, so by Fermat’s little theorem, Pq−1 ≡ 1 (mod q). Since de ≡ 1
(mod (p − 1)(q − 1)), de = 1 + k(p − 1)(q − 1) for some integer k. Therefore,
Pde
= P · (Pq−1
)k(p−1)
≡ P · 1k(p−1)
≡ P (mod q)
That is,
Cd
≡ P (mod q)
When (P, n) = p, Cd ≡ Pde ≡ 0 ≡ P (mod p). Thus, Cd ≡ P (mod p) and Cd ≡ P
(mod q), so Cd ≡ P (mod n). The case (P,n) = q yields the same conclusion.
For instance, if p and q are 100-digit primes, the probability of such an occur-
rence of a plaintext block is extremely negligible, namely, less than 2 · 10−99. See
Supplementary Exercises 6 and 7.
The following example demonstrates the decrypting algorithm D.
EXAMPLE 9.15 Decrypt the ciphertext message 0010 0325 2015 2693 2113 2398 2031 1857 that
was created using the RSA enciphering key (e,n) = (21,2773).
SOLUTION
Because ϕ(n) = ϕ(2773) = ϕ(47 · 59) = 46 · 58 = 2668 = 127 · 21 + 1, (−127) ·
21 ≡ 1 (mod 2668); that is, 2541 · 21 ≡ 1 (mod 2668), so the deciphering exponent
is d = 2541. Because P ≡ Cd (mod n), raise each ciphertext C to the power 2541
modulo 2773. For instance, when C = 0010:](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-558-320.jpg)
![442 CHAPTER 9 Cryptology
Number of digits Time
50 3.9 hours
75 104 days
100 74 years
200 3.8 × 109 years
300 4.9 × 1015 years
500 4.2 × 1025 years
Table 9.9
Also, to prevent a cryptanalyst from resorting to special techniques to factor n,
both p and q should be of about the same size, with p − 1 and q − 1 having large
prime factors and (p − 1,q − 1) small.
However, if d is known then ed − 1, a multiple of ϕ(n) can be computed; know-
ing a multiple of ϕ(n), n can be factored fairly easily using an algorithm developed
in 1976 by G. L. Miller.
E X E R C I S E S 9.4
Using the RSA enciphering key (e,n) = (11,2867), en-
crypt each message.
1. SEAFOOD 2. OPEN DOOR
3–4. Redo Exercises 1 and 2 using the RSA enciphering
key (e,n) = (17,2867).
Each ciphertext below was generated by the RSA enci-
phering key (e,n) = (11,2867). Decipher each.
5. 1420 0614 1301 1694
6. 1959 1384 1174 2050
Decrypt each ciphertext below that was created by the
RSA enciphering key (e,n) = (17,2867).
7. 0579 0341 0827 1511
8. 0592 2131 2584 2188
Let n = pq, where p and q are primes with p q. [Exer-
cises 9–11 show that if n and ϕ(n) are known, then the
prime factors of n can be determined.]
9. Show that p + q = n − ϕ(n) + 1.
10. Show that p − q =
(p + q)2 − 4n.
11. Express p and q in terms of n and ϕ(n).
12. Using Exercises 9–11, determine the primes p and q
if n = pq = 3869 and ϕ(n) = 3744.
13. Redo Exercise 12 if n = 3953 and ϕ(n) = 3828.
Anne and Betsey would like to send each other a signed
message using an RSA cipher. Their encryption keys are
(13,2747) and (17,2747), respectively. Find the signed
cipher message sent by
14. Anne if the plaintext message is MARKET.
15. Betsey if the plaintext message is INPUT.
With the enciphering keys as before, find the plaintext sent
by
16. Anne if her signed message to Betsey is 1148 0194
2715.
17. Betsey if her signed message to Anne is 1130 2414
2737.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-562-320.jpg)
![9.5 Knapsack Ciphers 443
9.5 Knapsack Ciphers
In 1978, Ralph C. Merkle and Martin E. Hellman, both electrical engineers at Stan-
ford University, developed a public-key cryptosystem based on the knapsack prob-
lem, a celebrated problem in combinatorics. It can be stated as follows: Given a
knapsack of volume S and n items of various volumes a1,a2,...,an, which of the
items can fill the knapsack? In other words, given the positive integers a1,a2,...,an,
called weights, and a positive integer S, solve the LDE
S = a1x1 + a2x2 + ··· + anxn (9.10)
where xi = 0 or 1. [Note that S is the dot product of the vectors (a1,a2,...,an)
and (x1,x2,...,xn).] The knapsack problem may have no solutions, one solution, or
more than one solution.
For example, the knapsack problem 3x1 +5x2 +9x3 +19x4 +37x5 = 45 has one
solution (1,1,0,0,1), since 3+5+0+0+37 = 45. On the other hand, the knapsack
problem 3x1 +5x2 +8x3 +13x4 +21x5 = 34 has two solutions; they are (0,0,0,1,1)
and (0,1,1,0,1), because 0 + 0 + 0 + 13 + 21 = 34 = 0 + 5 + 8 + 0 + 21. But the
problem 5x1 + 14x2 + 15x3 + 27x4 + 11x5 = 23 has no solutions.
Solving a knapsack problem is usually a very difficult task. An obvious, but
certainly impractical, method is to check the various 2n possibilities for a solution
(x1,x2,...,xn), where xi = 0 or 1, until a solution emerges or all cases have been
exhausted. Even the best-known method for solving the problem requires about 2n/2
computational operations, so for n = 100 a computer solution becomes computation-
ally infeasible.
Nonetheless, problem (9.10) can be solved fairly easily if the weights have spe-
cial properties. For instance, if ai = 2i−1, then S = x1 + 2x2 + 22x3 + ··· + 2n−1xn
has a solution (x1,x2,...,xn) if (xn,xn−1,...,x1)two = S.
It is also easy to solve it if
j−1
i=1
ai aj, where 2 ≤ j ≤ n. A sequence with this
property is said to be superincreasing. For example, consider the sequence 3, 5, 9,
19, 37. Because 3 5, 3 + 5 9, 3 + 5 + 9 19, and 3 + 5 + 9 + 19 37, the
sequence is superincreasing.
The following example shows how to solve a knapsack problem with superin-
creasing weights.
EXAMPLE 9.16 Solve the knapsack problem 3x1 + 5x2 + 9x3 + 19x4 + 37x5 = 45.
SOLUTION
Since the weights are superincreasing and since 3 + 5 + 9 + 19 37 45, x5 = 1.
Then 3x1 + 5x2 + 9x3 + 19x4 = 8. Since 19 8 and 9 8, x4 = 0 = x3. This](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-563-320.jpg)
![464 CHAPTER 10 Primitive Roots and Indices
51. Let ordm a = hk. Then ordm(ah) = k.
52. Let ordm a = h and ordm b = k, where (h,k) = 1.
Then ordm ab = hk.
53. Let p and q be odd primes such that q|ap − 1. Then
either q|a − 1 or q = 2kp + 1 for some integer k.
54. Let p be an odd prime. Then every prime factor of Mp
is of the form 2kp + 1. (Hint: Use Exercise 53.)
55. Let p and q be primes 3 and q|Rp, where Rp is
the repunit with p ones. Then q must be of the form
2kp + 1.
56. The odd prime factors of the integers n2 + 1 are of
the form 4k + 1.
57. The odd prime factors of the integers n4 + 1 are of
the form 8k + 1.
58. There are infinitely primes of the form 4k + 1.
[Hint: Assume there is only a finite number of
such primes, p1,p2,...,pr. Then consider N =
(2p1p2 ···pr)2 + 1 and use Exercise 56.]
59. There are infinitely many primes of the form 8k + 1.
[Hint: Assume there is only a finite number of
such primes, p1,p2,...,pr. Then consider N =
(2p1p2 ···pr)4 + 1 and use Exercise 57.]
10.2 Primality Tests
We can use the concept of the order of an integer to develop primality tests. Lucas’
theorem, discovered in 1876, provides one such test; it is based on the fact that a
positive integer n is prime if and only if ϕ(n) = n − 1.
THEOREM 10.4 (Lucas’ Theorem) Let n be a positive integer. If there is a positive integer x such
that xn−1 ≡ 1 (mod n) and x(n−1)/q ≡ 1 (mod n) for all prime factors q of n − 1, then
n is prime.
PROOF
Let ordn x = e. Since xn−1 ≡ 1 (mod n), by Theorem 10.1, e|n − 1. We would like to
show that e = n − 1, so assume that e = n − 1. Since e|n − 1, n − 1 = ke for some
integer k 1. Let q be a prime factor of k. Then:
x(n−1)/q
= xke/q
= (xe
)(k/q)
≡ 1 (mod n),
which is a contradiction. So e = n−1; that is, ordn x = n−1 = ϕ(n), because n−1 =
ordn x|ϕ(n) ≤ n − 1. Thus, n is a prime.
The following example illustrates this test.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-584-320.jpg)
![10.3 Primitive Roots for Primes 469
PROOF
By Fermat’s little theorem, the congruence xp−1 − 1 ≡ 0 (mod p) has exactly p − 1
solutions modulo p, namely, 1 through p − 1. Since d|p − 1,
xp−1
− 1 = (xd
− 1)(xp−1−d
+ xp−1−2d
+ ··· + xd
+ 1)
= (xd
− 1)g(x)
where g(x) = xp−1−d +xp−1−2d +···+xd +1 is a polynomial of degree p−1−d. By
Lagrange’s theorem, g(x) ≡ 0 (mod p) has at most p − 1 − d incongruent solutions.
Therefore, xd − 1 ≡ 0 (mod p) has at least (p − 1) − (p − 1 − d) = d incongruent
solutions. But, again, by Lagrange’s theorem, xd − 1 ≡ 0 (mod p) has at most d
incongruent solutions. Thus, it has exactly d incongruent solutions modulo p.
The following example illustrates this result.
EXAMPLE 10.14 Find the incongruent solutions of the congruence x3 − 1 ≡ 0 (mod 13).
SOLUTION
Since x3 − 1 = (x − 1)(x2 + x + 1), the congruence x3 − 1 ≡ 0 (mod 13) implies
x −1 ≡ 0 (mod 13) or x2 +x +1 ≡ 0 (mod 13). The congruence x −1 ≡ 0 (mod 13)
yields x = 1. Because x2 + x + 1 ≡ x2 + x − 12 ≡ (x + 4)(x − 3) ≡ 0 (mod 13),
x ≡ 3 (mod 13) or x ≡ −4 ≡ 9 (mod 13). (Verify both.) It has no other incongruent
solutions. Thus, the given congruence has exactly three incongruent solutions: 1, 3,
and 9.
Wilson’s theorem, presented in Section 7.1, can be derived elegantly from Corol-
lary 10.6, as shown below. But first, we should note that Lagrange’s theorem can be
restated as follows: Let f(x) =
n
i=0
aixi be a polynomial of degree n with integral co-
efficients. If the congruence f(x) ≡ 0 (mod p) has more than n incongruent solutions,
then ai ≡ 0 (mod p) for every i.
COROLLARY 10.7 (Wilson’s Theorem) If p is a prime, then (p − 1)! ≡ −1 (mod p).
PROOF
[The essence of the proof lies in cleverly selecting a suitable polynomial f(x).] Let
f(x) = (x−1)(x−2)···(x−p+1)−xp−1 +1. Clearly, f(x) is a polynomial of degree
p−2 with integral coefficients. By Fermat’s little theorem, xp−1 −1 ≡ 0 (mod p) has
p−1 incongruent solutions. Each is also a solution of (x−1)(x−2)···(x−p+1) ≡
0 (mod p). Therefore, f(x) ≡ 0 (mod p) has p − 1 incongruent solutions, one more](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-589-320.jpg)
![470 CHAPTER 10 Primitive Roots and Indices
than the degree of f(x). Therefore, every coefficient of f(x) must be congruent to 0
modulo p. In particular, the constant term f(0) must be congruent to 0 modulo p. But
f(0) = (−1)(−2)···[−(p − 1)] − 0 + 1
= (−1)p−1
(p − 1)! + 1
Therefore, (−1)p−1(p − 1)! + 1 ≡ 0 (mod p); that is, (p − 1)! ≡ (−1)p (mod p).
If p = 2, then (−1)p ≡ 1 ≡ −1 (mod p); if p is odd, then (−1)p = −1. Thus, in
both cases, (p − 1)! ≡ −1 (mod p).
Next, we turn to a major result on the number of incongruent residues of order
d modulo p. However, before we do, let us study an example that will illuminate the
proof of the theorem.
EXAMPLE 10.15 Let p = 19 and d|p − 1. Let ψ(d)† denote the number of incongruent residues of
order d modulo p. Compute ψ(d) and ϕ(d) for each d, and
d|p−1
ψ(d).
SOLUTION
(The details are left for you to fill in.) Because d|18, d = 1, 2, 3, 6, 9, or 18. The
number ψ(d) of incongruent residues of order d, the incongruent residues of order d,
and ϕ(d) are listed in Table 10.2 for various values of d. (Verify them.)
d 1 2 3 6 9 18
Incongruent 4, 5, 2, 3,
residues 1 18 7, 11 8, 12 6, 9 10, 13
of order d 16, 17 14, 15
ψ(d) 1 1 2 2 6 6
ϕ(d) 1 1 2 2 6 6
Table 10.2
It follows from the table that
d|p−1
ψ(d) =
d|18
ψ(d)
= 1 + 1 + 2 + 2 + 6 + 6 = 18
= p − 1
† ψ is the lowercase Greek letter psi.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-590-320.jpg)
![480 CHAPTER 10 Primitive Roots and Indices
Let d = (ϕ(a),ϕ(b)). Since a, b 2, both ϕ(a) and ϕ(b) are even by Theo-
rem 8.5, so d ≥ 2. Besides, since d|ϕ(a) and d|ϕ(b),
ϕ(a)ϕ(b)
d
=
ϕ(ab)
d
is an integer.
But d 1, so
ϕ(ab)
d
ϕ(ab).
Since (α,a) = 1 and αϕ(a) ≡ 1 (mod a),
αϕ(ab)/d
= αϕ(a)ϕ(b)/d
= [αϕ(a)
]ϕ(b)/d
[Note: d|ϕ(b).]
≡ 1ϕ(b)/d
≡ 1 (mod a)
Similarly, αϕ(ab)/d ≡ 1 (mod b). Therefore, αϕ(ab)/d ≡ 1 (mod ab), which is a con-
tradiction, since α is a primitive root modulo ab and ϕ(ab)/d ϕ(ab). Thus, ab has
no primitive roots.
For example, 20 has no primitive roots, since 20 = 4 · 5, where 4, 5 2 and
(4,5) = 1. Likewise, 150 = 6 · 25 has no primitive roots.
THEOREM 10.10 A positive integer has no primitive roots if it has two distinct odd prime factors, or if
it is of the form 2ipj, where p is an odd prime and i ≥ 2.
PROOF
Suppose a positive integer n has two distinct odd prime factors p and q. Then, by
Lemma 10.5, piqj and hence n has no primitive roots.
On the other hand, let n = 2ipj, where i ≥ 2 and p is an odd prime. Again, by
Lemma 10.5 with a = 2i and b = pj, n = ab = 2ipj does not have a primitive root.
This concludes the proof.
EXAMPLE 10.21 The integer 1125 = 32 · 53 has no primitive roots, since it is divisible by two distinct
odd primes. Likewise, 3780 = 22 · 33 · 5 · 7 also has no primitive roots. The integer
19,208 = 23 · 74 also has none since it has the form 2ipj, where i ≥ 2.
Theorem 10.10 brings us a giant step forward in our search for positive integers
with primitive roots. It narrows the list considerably to a list of integers of the form
n = 2ipj, where p is an odd prime. If i = 0 and j = 0, then n = 1 has a primitive root.
On the other hand, if j 0, then by Corollary 10.8 and Theorems 10.7 and 10.8,
n = pj has a primitive root. If i ≥ 2, then, by Theorem 10.10, n has no primitive
roots.
We will now take up the remaining case n = 2pj in the following theorem.
THEOREM 10.11 The integer n = 2pj, where p is an odd prime, has a primitive root.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-600-320.jpg)
![10.5 The Algebra of Indices 485
Thus,
αindα(an)
≡ αn·indα a
(mod m)
indα(an
) ≡ n · indα a (mod (m))
EXAMPLE 10.24 Verify properties (2) and (3) of Theorem 10.13 with α = 5, m = 18, a = 11, b = 13,
and n = 7.
SOLUTION
From Example 10.23, ind5 11 = 5 and ind5 13 = 4.
(1) ind5 11 + ind5 13 = 5 + 4 ≡ 3 (mod 6). [Note: ϕ(18) = 6.]
By direct computation,
ind5(11 · 13) = ind5 17 = 3
≡ ind5 11 + ind5 13 (mod 6)
(2) 7 · ind5 11 = 7 · 5 ≡ 5 (mod 6)
By direct computation, ind5(117) = ind5 11 ≡ 5 (mod 6)
Therefore, 5(117) ≡ 7 · ind5 11 (mod 6).
Just as we can use logarithms to convert multiplication problems to addition
problems, we can use Theorem 10.13 to do the same. Accordingly, indices are useful
in solving congruences of the form axb ≡ c (mod m) and abx ≡ c (mod m), where
(a,m) = 1. The following three examples illustrate this technique.
EXAMPLE 10.25 Solve the congruence 11x ≡ 7 (mod 18).
SOLUTION
Since 5 is a primitive root modulo 18 by Example 10.8, we take ind5 of both sides of
the given congruence:
ind5(11x) ≡ ind5 7 (mod ϕ(18))
By Theorem 10.13, this yields,
ind5 11 + ind5 x ≡ ind5 7 (mod 6)
But, by Example 10.23, ind5 11 = 5 and ind5 7 = 2. Therefore:](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-605-320.jpg)
![488 CHAPTER 10 Primitive Roots and Indices
8. p = 11,
a 1 2 3 4 5 6 7 8 9 10
ind7 a 10 3 4 6 2 . . . . .
Let m be a positive integer with a primitive root α and a
a positive integer relatively prime to m. Let b be a mul-
tiplicative inverse of a modulo m. Then indα b = ϕ(m) −
indα a. Using this fact, compute indα b for the given val-
ues of m, α, and a.
9. m = 13, α = 2, a = 5
10. m = 17, α = 3, a = 7
11. m = 19, α = 2, a = 8
12. m = 18, α = 5, a = 13
Let m be a positive integer with a primitive root α. Let a
and b be positive integers such that (a,m) = 1 = (b,m)
and indα b = ϕ(m) − indα a. Then a and b are multiplica-
tive inverses of each other modulo m. Using this fact, de-
termine if the given integers a and b are multiplicative
inverses of each other for the given value of m.
13. m = 13, α = 2, a = 6, b = 11
14. m = 17, α = 3, a = 12, b = 10
15. m = 19, α = 2, a = 5, b = 13
16. m = 18, α = 11, a = 7, b = 13
Solve each congruence using indices to the base 6.
17. 8x5 ≡ 3 (mod 13) 18. 113x ≡ 5 (mod 13)
19–20. Solve the congruences in Exercises 17 and 18
using indices to the base 11.
Solve each congruence using indices.
21. 7x ≡ 13 (mod 18) 22. 5x ≡ 8 (mod 17)
23. 2x4 ≡ 5 (mod 13) 24. 3x2 ≡ 10 (mod 13)
25. 4x3 ≡ 5 (mod 17) 26. 85x ≡ 5 (mod 13)
27. 75x−1 ≡ 5 (mod 13) 28. 34x+1 ≡ 10 (mod 19)
Using indices, determine the remainder when the first in-
teger is divided by the second.
29. 231001, 13 30. 411776, 19
31. 517 · 719, 13 32. 23111 + 11123, 17
Prove each.
33. Let α be a primitive root modulo a positive integer
m 2. Then indα(m − 1) = ϕ(m)/2.
34. Let α be a primitive root modulo an odd prime p.
Then indα(p − 1) = (p − 1)/2. (Hint: Use Exer-
cise 33.)
35. Let α be a primitive root modulo a positive integer
m 2 and (a,m) = 1. Then indα(m − a) = indα a +
ϕ(m)/2.
36. Let m be a positive integer with a primitive root α. Let
a and b be positive integers such that (a,m) = 1 =
(b,m). Then a and b are multiplicative inverses of
each other modulo m if and only if indα b = ϕ(m) −
indα a.
37. Let p be an odd prime. Let b be a multiplicative in-
verse of an integer a modulo p, where p a. Then
ind b = p − 1 − inda.
38. Let p be an odd prime. Then the congruence x2 ≡ −1
(mod p) is solvable if and only if p is of the form
4k + 1.
39. There are infinitely many primes of the form 4k + 1.
[Hint: Assume there is only a finite number of primes
p1,p2,...,pn of the form 4k + 1. Using Exercise 38,
show that q = (p1p2 ···pn)2 + 1 has a prime factor
of the form 4k + 1, but different from p1,p2,... ,
and pn.]
40. Let p be an odd prime. Then the congruence x4 ≡ −1
(mod p) is solvable if and only if p is of the form
8k + 1.
41. There are infinitely many primes of the form 8k + 1.
[Hint: Assume there is only a finite number of primes
p1,p2,...,pn of the form 8k + 1. Using Exercise 40,
show that q = (p1p2 ···pn)4 + 1 has a prime factor
of the form 8k + 1, but different from p1,p2,... ,
and pn.]
42. Let m be a positive integer with a primitive root and
a a positive integer such that (a,m) = 1. Then the
congruence xk ≡ a (mod m) is solvable if and only if
aϕ(m)/d ≡ 1 (mod m), where d = (k,ϕ(m)).
43. Let p be a prime and a a positive integer such that
p a. Then the congruence xk ≡ a (mod p) is solv-
able if and only if a(p−1)/d ≡ 1 (mod p), where d =
(k,p − 1). (Hint: Use Exercise 42.)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-608-320.jpg)
![492 CHAPTER 10 Primitive Roots and Indices
Let α be a primitive root modulo a positive integer m 2 and (a,m) = 1. Then
indα(m − a) ≡ indα a + ϕ(m)/2 (mod ϕ(m)). Using this fact, α = 3, m = 14, and the
given indα a, compute indα(m − a).
41. ind3 5 = 5 42. ind3 13 = 3
Solve each congruence using indices.
43. 3x7 ≡ 4 (mod 11) 44. 5x3 ≡ 8 (mod 13)
45. 54x−1 ≡ 11 (mod 17) 46. 133x−4 ≡ 16 (mod 19)
Using indices, find the remainder when the first integer is divided by the second.
47. 501976, 13 48. 10301030, 17
Verify that each integer n is a prime, using Lucas’ theorem and the given value of x.
49. n = 137, x = 3 50. n = 1193, x = 3
Verify that each integer n is a prime, using Corollary 10.5 and the given value of x.
51. n = 137, x = 3 52. n = 709, x = 2
X SUPPLEMENTARY EXERCISES
Let fn denote the nth Fermat number, where n ≥ 0.
1. Prove that ordfn 2|2n+1.
2. Find ordfn 2, where fn is a prime.
3. Prove that ordp 2 = 2n+1, where p is a prime factor of fn.
4. Prove that every prime factor of fn is of the form 2n+1k + 1. (This was shown by
Euler in 1747; eight years earlier, he had shown that every such factor must be
of the form 2t+1k + 1. (Hint: Use Exercise 3.)
5. Using the fact ord19 7 = 3, find ord19 8. (Hint: 8 = 7 + 1.)
6. Using the fact ord31 26 = 6, find ord31 25. (Hint: 25 = 26 − 1.)
7. Let ordp a = 3, where p is an odd prime. Prove that ordp(a + 1) = 6.
8. Let ordp(a + 1) = 6, where p is an odd prime. Prove that ordp a = 3.
Let k, m, and n be any positive integers. Prove or disprove each.
9. ordmn 10 = [ordm 10,ordn 10], where (m,10) = (n,10) = (m,n) = 1. (C. Cooper
and R. E. Kennedy, 1995)
10. If p is a prime 3, then ordpk 10 = pk−1 ·ordp10. (C. Cooper and R. E. Kennedy,
1995)
11. Find an odd prime p and a primitive root g modulo p such that 1 g p and g
is not a primitive root modulo p2. (S. W. Golomb, 1993)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-612-320.jpg)
![11.1 Quadratic Residues 499
squares of the least positive residues, 1 through p − 1. So 2k = p − 1; that is, k =
(p − 1)/2. Thus, there are (p − 1)/2 quadratic residues and (p − 1)/2 quadratic
nonresidues.
We still have not answered the question we asked earlier: When is congru-
ence (11.5) solvable? This is answered by the following theorem, developed by Euler.
THEOREM 11.2 (Euler’s Criterion) Let p be an odd prime. Then a positive integer a with p a is a
quadratic residue of p if and only if a(p−1)/2 ≡ 1 (modp).
PROOF
Suppose that a is a quadratic residue of p. Then the congruence x2 ≡ a (modp) has
a solution α, where (p,α) = 1. Consequently, by Fermat’s little theorem, αp−1 ≡
1 (modp). Then a(p−1)/2 ≡ (α2)(p−1)/2 = αp−1 ≡ 1 (modp).
Conversely, suppose that a(p−1)/2 ≡ 1 (modp). By Corollary 10.8, p has a prim-
itive root β. Then a ≡ βk (modp) for some positive integer k, where 1 ≤ k ≤ p − 1.
Then βk(p−1)/2 ≡ a(p−1)/2 ≡ 1 (modp). Since β is a primitive root modulo p,
ordp β = p − 1|k(p − 1)/2; that is, k must be an even integer, say, k = 2i. Then
a ≡ β2i ≡ (βi)2 (modp), so a is a quadratic residue of p.
This completes the proof.
The following example demonstrates this test.
EXAMPLE 11.4 Determine whether 10 and 7 are quadratic residues of 13.
SOLUTION
• Notice that 10(13−1)/2 = 106 ≡ (−3)6 ≡ 1 (mod13), so, by Euler’s criterion,
10 is a quadratic residue of 13, as found in Example 11.3. (Consequently, the
congruence x2 ≡ 10 (mod13) is solvable.)
• This time, we compute 7(13−1)/2 (mod13): 7(13−1)/2 ≡ 76 ≡ (73)2 ≡ 52 ≡
−1 (mod13). Since 76 ≡ 1 (mod13), by Euler’s criterion, 7 is a quadratic
nonresidue of 13, as found in Example 11.3.
In Theorem 11.2, suppose a(p−1)/2 ≡ 1 (modp). Then a is a quadratic non-
residue. We can then tell exactly what the least residue of a(p−1)/2 modulo p is. To
this end, notice that, by Fermat’s little theorem, ap−1 ≡ 1 (modp). Since p is odd and
ap−1 − 1 = [a(p−1)/2 + 1][a(p−1)/2 − 1], this implies either a(p−1)/2 ≡ 1 (modp) or
a(p−1)/2 ≡ −1 (modp). But a(p−1)/2 ≡ 1 (modp), so a(p−1)/2 ≡ −1 (modp). Thus,
if a is a quadratic nonresidue, then a(p−1)/2 ≡ −1 (modp).
Conversely, let a be an integer such that p a and a(p−1)/2 ≡ −1 (modp). Then
a cannot be a quadratic residue, since if it is, then, by Euler’s criterion, a(p−1)/2 ≡](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-619-320.jpg)
![11.2 The Legendre Symbol 507
EXAMPLE 11.11 (Example 11.10 continued) There are v = 5 least positive residues p/2, namely,
12, 15, 17, 20, and 22. Call them s1 through s5. Then the integers p−s1 through p−s5
are 23 − 12, 23 − 15, 23 − 17, 23 − 20, and 23 − 22 respectively, namely, 11, 8, 6,
3, and 1, respectively; no two of them are congruent modulo 23.
There are k = 11 − v = 11 − 5 = 6 residues, r1 through r6, that are p/2,
namely, 2, 4, 5, 7, 9, and 10; no two of them are congruent modulo 23 either.
Furthermore, none of them is congruent to 11, 8, 6, 3, or 1 modulo 23. Thus the
residues 2, 4, 5, 7, 9, 10, 11, 8, 6, 3, and 1 are positive and ≤ (p − 1)/2. (Amazingly
enough, they are a permutation of the residues 1 through (p − 1)/2 modulo p.)
We are now ready for the next milestone in our journey, discovered by Gauss in
1808. The proof is a bit long, so follow it patiently.
THEOREM 11.5 (Gauss’ Lemma) Let p be an odd prime and a an integer such that p a. Let ν
denote the number of least positive residues of the integers a,2a,3a,...,[(p−1)/2]a
that exceed p/2. Then (a/p) = (−1)ν.
PROOF
Let r1,r2,...,rk be the least positive residues of the integers a,2a,3a,...,
[(p − 1)/2]a modulo p that are ≤ p/2, and s1,s2,...,sν those that exceed p/2.
Then k + ν = (p − 1)/2.
Now, consider the integers r1,r2,...,rk,p − s1,p − s2,...,p − sν. Each is pos-
itive and less than p/2. We would like to show that no two of them are congruent
modulo p.
First, notice that no two ris are congruent, since if ri ≡ rj (modp), then tia ≡
tja (modp) for some ti and tj, where i j and 1 ≤ ti, tj ≤ (p − 1)/2. But p a, so
ti ≡ tj (modp), which is impossible. Thus, no two ris are congruent. Likewise, no
two sis and hence no two p − sis are congruent modulo p.
Next we would like to show that no ri is congruent to any p − sj. If ri ≡ p −
sj (modp), then ri ≡ −sj (modp), so ri + sj ≡ 0 (modp). This is impossible, since
both ri and sj are less than p/2 and hence ri + sj p. Thus, no ri is congruent to
p − sj modulo p.
Consequently, the positive integers r1,r2,...,rk,p − s1,p − s2,...,p − sν are
all p/2 and are incongruent modulo p. Since there are k + ν = (p − 1)/2 of them,
they must be the same as the least residues 1,2,...,(p − 1)/2. Therefore,
r1r2 ···rk(p − s1)(p − s2)···(p − sν) ≡ 1 · 2···
p − 1
2
(modp)
That is,
(−1)ν
r1r2 ···rks1s2 ···sν ≡
p − 1
2
! (modp) (11.6)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-627-320.jpg)
![508 CHAPTER 11 Quadratic Congruences
But r1,r2,...,rk, s1,s2,...,sν are the least positive residues of a,2a,...,
p − 1
2
a. Therefore,
r1r2 ···rks1s2 ···sν ≡ a(2a)(3a)···
p − 1
2
a (modp)
Thus,
(−1)ν
a(2a)(3a)···
p − 1
2
a ≡
p − 1
2
! (modp), by equation (11.6).
Thus,
(−1)ν
a(p−1)/2
p − 1
2
! ≡
p − 1
2
! (modp)
But p ((p − 1)/2)!, so
(−1)ν
a(p−1)/2
≡ 1 (modp)
That is,
a(p−1)/2
≡ (−1)ν
(modp)
But, by Euler’s criterion,
(a/p) ≡ a(p−1)/2
(modp)
Thus, (a/p) = (−1)ν, because (a/p) = ±1 and p is an odd prime.
EXAMPLE 11.12 Evaluate (10/13) and (7/13) using Gauss’ lemma.
SOLUTION
• We have p = 13, a = 10, and (p − 1)/2 = 6. The least positive residues of the
integers 1 · 10, 2 · 10, 3 · 10, 4 · 10, 5 · 10, and 6 · 10 modulo 13 are 10, 7, 4,
1, 11, and 8, respectively. Exactly ν = 4 of them are greater than p/2 = 6.5.
Therefore, by Gauss’ lemma, (10/13) = (−1)4 = 1.
• With a = 7, the least positive residues of the integers 1 · 7, 2 · 7, 3 · 7, 4 · 7,
5 · 7, and 6 · 7 modulo 13 are 7, 1, 8, 2, 9, and 3, respectively. Since ν = 3 of
them are greater than p/2 = 6.5, (7/13) = (−1)3 = −1.
(Notice that these values agree with the ones found in Example 11.5.)
The following is an immediate consequence of Gauss’ lemma.
COROLLARY 11.5 Let p be an odd prime with p a. Let ν denote the number of least positive residues
of the integers a,2a,...,[(p − 1)/2]a that exceed p/2. Then (a/p) = 1 if and only if
ν is even.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-628-320.jpg)
![11.2 The Legendre Symbol 513
−1 (modq). Then α2p = [2 · (−1)(p−1)/2]2p = 22p · (−1)p(p−1) = 22p · 1 = 22p ≡
(−1)2 ≡ 1 (modq). Thus, ordq α|2p, so ordq α = 1, 2, p, or 2p.
Clearly, ordq α = 1. If ordq α = 2, then α2 ≡ 1 (modq). Since α2 = 4, this means
4 ≡ 1 (modq); so q = 3; this implies p = 1, which is a contradiction.
Now suppose that ordq α = p. Then αp ≡ 1 (modq). This implies, [2 ·
(−1)(p−1)/2]p = (2 · 1)p = 2p ≡ 1 (modq), since (p − 1)/2 is even. This is also a
contradiction, since 2p ≡ −1 (modq) from the first paragraph. Therefore, ordq α = p.
Thus, ordq α = 2p and α is a primitive root modulo q.
case 2 Let p ≡ −1 (mod4). Then q ≡ −1 (mod8), so (2/q) = 1, by Theorem 11.6.
Then 2p ≡ 1 (modq) and α2p ≡ 1 (modq). Consequently, ordq α = 1, 2, p, or 2p.
Proceeding, as in case 1, we can show that ordq α = 1 or 2. So assume
ordq α = p. Then αp ≡ 1 (modq). Since p and (p − 1)/2 are odd, this implies
[2 · (−1)(p−1)/2]p = [2 · (−1)]p = −2p ≡ 1 (modq); that is, 2p ≡ −1 (modq). This
is a contradiction, so ordq α = p. Consequently, ordq α = 2p and α is a primitive root
modulo q.
Thus, in both cases, α is a primitive root.
It follows by this theorem that 2 is a primitive root modulo the primes 11, 59,
83, and 107, and −2 is a primitive root modulo 7, 23, and 47. (Verify these.)
Interestingly, there is a similar result that shows 2 is a primitive root modulo yet
another class of primes: If p and 4p + 1 are primes, then 2 is a primitive root modulo
4p + 1. (See Exercise 62.)
E X E R C I S E S 11.2
Evaluate each Legendre symbol, using Euler’s crite-
rion.
1. (5/7) 2. (3/11)
3. (7/11) 4. (11/17)
Evaluate each, using Corollary 11.2.
5. (16/17) 6. (18/19)
7. (−1/29) 8. (−1/47)
Using the fact that (2/23) = 1 = (3/23) and (5/23) = −1,
evaluate each.
9. (128/23) 10. (125/23)
11. (600/23) 12. (1250/23)
Using the fact that (3/19) = −1 = (7/19), compute each.
13. (27/19) 14. (63/19)
15. (147/19) 16. (9261/19)
Let p be an odd prime with p a. Let ν denote the
number of least positive residues of the integers a,2a,
3a,...,[(p − 1)/2]a that exceed p/2. Find the value of
ν for the given values of p and a.
17. p = 13, a = 3 18. p = 13, a = 5
19. p = 17, a = 4 20. p = 19, a = 7
Using Gauss’ lemma, evaluate each.
21. (5/13) 22. (4/17)
23. (7/19) 24. (13/31)
Compute each.
25. (2/19) 26. (2/23)
27. (2/41) 28. (2/43)
29. (13/31) 30. (−50/29)
31. (41/43) 32. (110/59)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-633-320.jpg)
![514 CHAPTER 11 Quadratic Congruences
33. If p and 4p + 1 are primes, then 2 is a primitive root
modulo 4p + 1. Using this fact, find five primes for
which 2 is a primitive root. (See Exercise 62.)
Using the fact that (3/p) =
1 if p ≡ ±1 (mod12)
−1 if p ≡ ±5 (mod12)
evaluate each. (See Exercise 32 in Section 11.3.)
34. (3/17) 35. (12/19)
36. (−3/31) 37. (35/47)
38. Let p ≡ 3 (mod4) and q = 2p + 1 be primes. Then
q|Mp. Using this fact, verify that 23|M11 and 47|M23.
(See Exercise 52.)
Let p be an odd prime with a primitive root α and a a
positive integer ≤ p − 1. Then there exists an integer k
such that αk ≡ a (modp), where 1 ≤ k ≤ p − 1. Then a
is a quadratic residue of p if and only if k is even. Using
this fact and the given primitive root α, find the quadratic
residues of the corresponding prime.
39. p = 13, α = 2 40. p = 17, α = 3
Verify each. (Hint: Use Euler’s criterion.)
41. 1913|(2956 − 1) 42. 2029|(21014 − 1)
Prove each, where p is an odd prime and (a, p) = 1 =
(b, p).
43. If a ≡ b (modp), then either both a and b are
quadratic residues or both are quadratic nonresidues.
44. If p = 4n ± 1 is a prime, then n is a quadratic residue
of p. (O. N. Dalton, 1981)
45. Let p ≡ 1 (mod4) and a be a quadratic residue of p.
Then p − a is a quadratic residue of p.
46. Let p ≡ 3 (mod4) and a be a quadratic residue of p.
Then p − a is a quadratic nonresidue of p.
47. Let p ≡ ±1 (mod8) and a be a quadratic residue of
p. Then 2a is a quadratic residue of p.
48. Let p ≡ 3 (mod8) and a be a quadratic residue of p.
Then p − 2a is a quadratic residue of p.
49. (1/p) + (2/p) + ··· + ((p − 1)/p) = 0.
(Hint: Use Theorem 11.1.)
50. (−2/p) =
1 if p ≡ 1 or 3 (mod8)
−1 if p ≡ −1 or − 3 (mod8)
51. Let q be a prime factor of Mp. Then 2 is a quadratic
residue of q if and only if q is of the form 2kp + 1.
52. Let p ≡ 3 (mod4) and q = 2p + 1 be primes. Then
q|Mp. (Euler)
Let a and b be positive integers such that ab ≡ 1 (modp).
Then:
53. (a/p) = (b/p)
54. (a(a + 1)/p) = ((b + 1)/p)
55. Let p 3. Then p divides the sum of its quadratic
residues.
56. Every primitive root modulo a Fermat prime fn is a
quadratic nonresidue.
Let p be an odd prime with a primitive root α and a a pos-
itive integer ≤ p − 1. Then there exists an integer k such
that αk ≡ a (modp), where 1 ≤ k ≤ p − 1. Using this fact,
prove each.
57. The integer a is a quadratic residue of p if and only
if k is even.
58. There are exactly (p − 1)/2 quadratic residues of p.
59. Using PMI, prove Corollary 11.4.
Prove each.
60. There are infinitely many primes of the form 8n−1.
[Hint: Assume there is only a finite number of such
primes, p1,p2,...,pk. Consider the integer N =
(4p1p2 ···pk)2 − 2 and apply Theorem 11.6.]
61.
p−2
a=1
(a(a + 1)/p) = −1
(Hint: The integer a has a multiplicative inverse b.
Then use Exercises 54 and 58.)
62. If p and 4p + 1 are primes, then 2 is a primitive root
modulo 4p + 1.
63. Every quadratic nonresidue of a Fermat prime fn is
a primitive root modulo fn.
64. Using the technique used in the proof of Theorem
11.6, derive a formula for (3/p), where p is a prime
3.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-634-320.jpg)
![11.3 Quadratic Reciprocity 519
In the proof of Gauss’ lemma, we established that the
p − 1
2
integers r1,r2,
...,rk, p−s1,p−s2,...,p−sν are a permutation of the integers 1,2,...,(p−1)/2.
Therefore,
k
i=1
ri +
ν
j=1
(p − sj) =
(p−1)/2
k=1
k
=
p − 1
2
p + 1
2
2
Thus,
k
i=1
ri + νp −
ν
j=1
sj =
p2 − 1
8
Let R =
k
i=1
ri and S =
ν
j=1
sj. Then, this yields,
p2 − 1
8
= R + νp − S (11.9)
Returning to the preceding integers kq, where 1 ≤ k ≤
p − 1
2
,
kq
p
denotes the
quotient when kq is divided by p. Let tk denote the remainder when kq is divided
by p, where 0 ≤ tk p. Thus tk is the least residue of kq modulo p. Then, by the
division algorithm,
kq =
kq
p
· p + tk where 0 ≤ tk ≤ p − 1
Therefore,
(p−1)/2
k=1
kq =
(p−1)/2
k=1
kq
p
· p +
(p−1)/2
k=1
tk
That is,
q
(p−1)/2
k=1
k = pS(p,q) + R + S
q ·
p2 − 1
8
= pS(p,q) + R + S (11.10)
Subtracting equation (11.9) from equation (11.10), we get
(q − 1) ·
p2 − 1
8
= p[S(p,q) − ν] + 2S](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-639-320.jpg)
![520 CHAPTER 11 Quadratic Congruences
Since the LHS and 2S are even, it follows that S(p, q) − ν is even. Therefore,
(−1)S(p,q)−ν = 1; that is, (−1)S(p,q) = (−1)ν.
But, by Gauss’ lemma, (q/p) = (−1)ν. Therefore, (q/p) = (−1)S(p,q). Similarly,
(p/q) = (−1)S(q,p). Therefore,
(p/q)(q/p) = (−1)S(q,p)
· (−1)S(p,q)
= (−1)S(q,p)+S(p,q)
= (−1)
p−1
2 · q−1
2 , by Lemma 11.2
This concludes the proof.
The law of quadratic reciprocity can be restated in a more practical form, as the
following corollary shows.
COROLLARY 11.7 Let p and q be distinct odd primes. Then
(q/p) =
(p/q) if p ≡ 1 (mod4) or q ≡ 1 (mod4)
−(p/q) if p ≡ q ≡ 3 (mod4)
PROOF
If p ≡ 1 (mod4), then (p − 1)/2 is even; so (p − 1)(q − 1)/4 is even. Therefore,
by the law of quadratic reciprocity, (p/q)(q/p) = 1. But (p/q) = ±1 = (q/p), so
(q/p) = (p/q). Similarly, if q ≡ 1 (mod4), then (q/p) = (p/q).
On the other hand, assume that p ≡ q ≡ 3 (mod4). Then (p − 1)/2,(q − 1)/2,
and hence (p − 1)/2 · (q − 1)/2 are odd. Therefore, again by the law of quadratic
reciprocity, (p/q)(q/p) = −1. Thus, (q/p) = −(p/q).
For example, since 17 ≡ 1 (mod4), (17/29) = (29/17); and since 23 ≡
3 (mod4) and 47 ≡ 3 (mod4), (23/47) = −(47/23).
Corollary 11.7, together with Theorems 11.4 and 11.6, and Corollaries 11.2 and
11.4, can be applied to evaluate any Legendre symbol (a/p), where p is an odd prime
and p a, as the following example illustrates. It demonstrates the power of the law
of quadratic reciprocity.
EXAMPLE 11.18 Compute (152/43) and (3797/7297).
SOLUTION
• Notice that 152 ≡ 23 (mod43), so (152/43) = (23/43). Since 23 ≡ 3 (mod4)
and 43 ≡ 3 (mod4), by Corollary 11.7, (23/43) = −(43/23) = −(20/23) =
−(4/23)(5/23) = −(5/23) = 1. Therefore, (152/43) = (23/43) = 1. [Con-
sequently, the congruence x2 ≡ 152 (mod43) is solvable.]](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-640-320.jpg)
![11.3 Quadratic Reciprocity 521
• First, notice that both 3797 and 7297 are primes; also, 3797 ≡ 1 (mod4) and
7297 ≡ 1 (mod4). Therefore, by the law of quadratic reciprocity,
(3797/7297) = (7297/3797)
= (3500/3797) = (22
· 53
· 7/3797)
= (22
/3797)(53
/3797)(7/3797)
= (22
/3797)(5/3797)3
(7/3797) (11.11)
By Theorem 11.4, (22/3797) = 1; furthermore, (5/3797) = (3797/5) =
(2/5) = −1, by Theorem 11.6; (7/3797) = (3797/7) = (3/7) = −1; there-
fore, by equation (11.11), (3797/7297) = 1 · (−1)3(−1) = 1. [Thus the con-
gruence x2 ≡ 3797 (mod 7297) is also solvable.]
The following example is a simple but interesting application of the law of
quadratic reciprocity and Theorem 11.6.
EXAMPLE 11.19 Show that 1! + 2! + 3! + ··· + n! is never a square, where n 3.
PROOF (by contradiction)
Let N = 1! + 2! + 3! + ··· + n!. Assume that N = x2 for some positive integer x.
Since n 3, N 5. Then (N/5) = (x2/5) = 1.
Since N ≡ 1! + 2! + 3! + 4! ≡ 3 (mod5), (N/5) = (3/5). But (3/5) = (5/3) =
(2/3) = −1, so (N/5) = −1, which is a contradiction. Thus, N cannot be a perfect
square, where n 3. (Notice that N is a square if n = 0,1, or 3.)
The following example, a bit complicated, is also a fine application of the law of
quadratic reciprocity. In addition to Theorem 11.4, it employs two additional facts:
• The product of two integers of the form 5k + 1 is also of the same form.
• If p is an odd prime = 5, then (5/p) = 1 if and only if p ≡ ±1 (mod5).
Try to confirm both. See Exercises 21 and 29.
EXAMPLE 11.20 Prove that there are infinitely many primes of the form 10k − 1.
PROOF
Let N = 5(n!)2 − 1, where n 1. Clearly, N is of the form 10k − 1. Let p be a prime
factor of N. Clearly, p must be odd. Since p|N, 5(n!)2 ≡ 1 (modp), so (5(n!)2/p) =
(1/p) = 1; that is, (5/p)((n!)2/p) = (5/p) = 1. Thus, p ≡ ±1 (mod5), so p is of the](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-641-320.jpg)
![526 CHAPTER 11 Quadratic Congruences
THEOREM 11.10 (Proth’s Theorem, 1878) Let N = k · 2n + 1, where 0 k 2n. Suppose there is a
positive integer a such that (a/N) = −1. Then N is a prime if and only if a(N−1)/2 ≡
−1 (modN).
Since the proof of Proth’s theorem involves results not yet discussed, we omit
the proof.†
E X E R C I S E S 11.3
Verify Lemma 11.2 for the given values of p and q.
1. p = 5, q = 11 2. p = 13, q = 11
Compute each Legendre symbol.
3. (261/47) 4. (−267/61)
5. (176/241) 6. (1188/379)
7. (−1776/1013) 8. (−2020/3593)
9. (1428/2411) 10. (3533/4133)
Let p and q be odd primes such that p = 4a + q. Then
(a/p) = (a/q) (see Exercise 31). Using this fact, evaluate
each.
11. (3/17) 12. (10/43)
13. (43/191) 14. (114/479)
Let p be a prime ≡ 3 (mod4). Then the solutions of the
congruence x2 ≡ a (modp) are x ≡ ±a(p+1)/4 (modp)
(see Exercise 30). Using this fact, solve each quadratic
congruence.
15. x2 ≡ 13 (mod23) 16. x2 ≡ 17 (mod43)
Using Pepin’s test, if possible, verify that each Fermat
number is a prime.
17. f0 18. f1 19. f2 20. f3
21. Derive a formula for (5/p), where p is an odd prime
= 5.
Compute the least residue of the Fibonacci number Fp
modulo p corresponding to each prime p.
(Hint: Use Example 11.21.)
22. 53 23. 79 24. 89 25. 97
Solve each quadratic congruence with composite mod-
ulus. Each has four incongruent solutions. [Hint: To
solve x2 ≡ a (modpq), solve x2 ≡ a (modp) and x2 ≡
a (modq), and then use the CRT.]
26. x2 ≡ 13 (mod391) 27. x2 ≡ 17 (mod817)
28. In 1891, Lucas proved that the prime factors of 24q +
1 are of the form 16hq + 1. Using this fact, find a
prime factor of the Fermat numbers f5 and f6.
Prove each.
29. The product of two integers of the form 5k + 1 is also
of the same form.
30. Let p be a prime ≡ 3 (mod4). Then x ≡
±a(p+1)/4 (modp) are solutions of the congruence
x2 ≡ a (modp), where a is a quadratic residue of p.
31. Let p and q be odd primes such that p = 4a + q. Then
(a/p) = (a/q).
32. Let p be a prime 3. Then
(3/p) =
1 if p ≡ ±1 (mod12)
−1 if p ≡ ±5 (mod12)
33. Let p be a prime 3. Then
(−3/p) =
1 if p ≡ 1 (mod6)
−1 if p ≡ 5 (mod6)
† For a proof, see K. H. Rosen, Elementary Number Theory and Its Applications, Addison-
Wesley, Boston, 2005.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-646-320.jpg)
![11.4 The Jacobi Symbol 527
34. Let p be an odd prime = 5. Then (5−1/p) = (p−1/5).
35. Let fn denote the nth Fermat number. Then fn ≡
1 (mod4), where n ≥ 1. (Hint: Use induction.)
36. Let fm and fn denote distinct Fermat primes. Then
(fm/fn) = (fn/fm). (Hint: Use Exercise 35.)
37. Let fn be a Fermat prime and Mp a Mersenne prime,
where n 0 and p 2. Then (fn/Mp) = (Mp/fn).
38. Three is a primitive root modulo every Fermat prime
fn, where n ≥ 1. (Hint: Use Pepin’s test.)
39. Let Mp and Mq be distinct Mersenne primes 3.
Then (Mp/Mq) = −(Mq/Mp).
40. Let p and q be distinct odd primes. The congruence
x2 ≡ a (modpq) is solvable if both x2 ≡ a (modp)
and x2 ≡ a (modq) are solvable.
41. There are infinitely many primes of the form 6n+1.
[Hint: Assume that there are only finitely many
such primes, p1,p2,...,pk. Then consider N =
(2p1p2 ···pk)2 + 3 and use Exercise 33.]
42. Prove by contradiction that there are infinitely many
primes of the form 10k − 1.
43. Derive a formula for (7/p), where p is an odd prime
= 7.
44. Let p be an odd prime = 5, and Fn the nth Fibonacci
number. Then
Fp+1 ≡
1 (modp) if p ≡ ±1 (mod5)
0 (modp) if p ≡ ±2 (mod5)
11.4 The Jacobi Symbol
Our discussion of the solvability of the quadratic congruence x2 ≡ a (modm) led
us to the definition of the Legendre symbol (a/p) and a detailed investigation of its
properties in Sections 11.1–11.3. We will now generalize the Legendre symbol to the
Jacobi symbol, which was introduced in 1846 by the German mathematician Karl G.
J. Jacobi. In the Jacobi symbol (a/m), the modulus m need not be a prime, but must
be odd and relatively prime to a. We now define it in terms of the Legendre symbol.
The Jacobi Symbol
Let m be an odd positive integer with the canonical decomposition m =
k
i=1
pei
i , and
a any integer with (a, m) = 1. Then the Jacobi symbol (a/m) is defined by
(a/m) =
a
k
i=1
pei
i
=
k
i=1
(a/pi)ei
where (a/pi) denotes the familiar Legendre symbol.
Although we are using the same notation for both symbols, it should be clear
from the context whether the symbol is Legendre or Jacobi. Bear in mind that the
symbol (a/m) is the Legendre symbol if and only if m is a prime.
The following example clarifies the definition.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-647-320.jpg)
![530 CHAPTER 11 Quadratic Congruences
The following example demonstrates the first two properties.
EXAMPLE 11.24 Let m = 231 = 3 · 7 · 11.
• First, notice that 211 ≡ −20 (mod231). Then
(211/231) = (211/3 · 7 · 11) = (211/3)(211/7)(211/11)
= (1/3)(1/7)(2/11)
(−20/231) = (−20/3 · 7 · 11) = (−20/3)(−20/7)(−20/11)
= (1/3)(1/7)(2/11)
Thus, (211/231) = (−20/231). [You may verify that (211/231) = −1.]
• (4 · 50/231) = (4 · 50/3 · 7 · 11) = (4 · 50/3)(4 · 50/7)(4 · 50/11)
= (4/3)(50/3)(4/7)(50/7)(4/11)(50/11)
= [(4/3)(4/7)(4/11)][(50/3)(50/7)(50/11)]
= (4/3 · 7 · 11)(50/3 · 7 · 11) = (4/231)(50/231)
(You may verify that (4 · 50/231) = 1.)
The next theorem generalizes Corollary 11.2 and Theorem 11.6, but we add a
lemma to make its proof simpler and shorter.
LEMMA 11.3 Let m be an odd positive integer with canonical decomposition
k
i=1
pei
i . Then
(1)
k
i=1
ei(pi − 1)/2 ≡ (m − 1)/2 (mod2)
(2)
k
i=1
ei(p2
i − 1)/8 ≡ (m2 − 1)/8 (mod2)
PROOF
First, notice that pi − 1 ≡ 0 (mod2) and p2
i − 1 ≡ 0 (mod8).
(1) We write pi as pi = 1 + (pi − 1), so
pei
i =
1 + (pi − 1)
ei
Using the binomial theorem, since pi − 1 is even, this yields
pei
i ≡ 1 + ei(pi − 1) (mod4)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-650-320.jpg)
![11.4 The Jacobi Symbol 533
and
(n/m) =
r
i=1
(n/pi)ai =
r
i=1
s
j=1
(qj/pi)bjai
=
r
i=1
s
j=1
(qj/pi)bjai
Therefore,
(m/n)(n/m) =
r
i=1
s
j=1
[(pi/qj)(qj/pi)]aibj
=
r
i=1
s
j=1
(−1)
pi−1
2 ·
qj−1
2
aibj
= (−1)
i
j
aibj
pi−1
2
qj−1
2
= (−1)
i
ai(
pi−1
2 )
j
bj(
qj−1
2 )
= (−1)
m−1
2 · n−1
2 , by Lemma 11.3
This concludes the proof.
The following two examples demonstrate the power of this generalized version.
EXAMPLE 11.25 Using the generalized law of quadratic reciprocity, compute the Jacobi symbol
(221/399).
SOLUTION
By the generalized law of quadratic reciprocity,
(221/399) = (−1)
221−1
2 · 399−1
2 (399/221) = (399/221)
= (178/221) = (2/221)(89/221) (11.13)
By Theorem 11.12, (2/221) = (−1)(2212−1)/8 = −1.
By the generalized law of quadratic reciprocity,
(89/221) = (−1)
89−1
2 · 221−1
2 (221/89)
= (221/89) = (43/89)
= (−1)
43−1
2 · 89−1
2 (89/43)
= (89/43) = (3/43)
= (−1)
3−1
2 · 43−1
2 (43/3)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-653-320.jpg)
![11.5 Quadratic Congruences with Composite Moduli (optional) 537
SOLUTION
We shall illustrate the strategy step by step.
step 1 Solve the congruence x2 = 23 (mod7).
Since 23 ≡ 2 (mod7) and (2/7) = 1, x2 ≡ 23 (mod7) is solvable; its solutions are
x ≡ 3, 4 (mod7).
step 2 Construct a solution of x2 ≡ 23 (mod72).
Since 3 is a solution of x2 ≡ 23 (mod7), 32 = 23 + 7i for some integer i, namely,
i = −2; thus, 9 = 23 + (−2) · 7. We now ingeniously look for a solution of the form
3 + 7j, so square it:
(3 + 7j)2
= 9 + 42j + 49j2
≡ 9 + 42j (mod72
)
≡ [23 + (−2) · 7] + 42j(mod72
)
≡ 23 + 7(−2 + 6j) (mod72
)
Now choose j such that −2 + 6j ≡ 0 (mod7); that is, 6j ≡ 2 (mod7); thus, choose
j ≡ 5 (mod7) or j = 5. Then 3+7j ≡ 3+7·5 ≡ 38 (mod72) and 382 ≡ 23 (mod72).
Thus, 38 is a solution of x2 ≡ 23 (mod72).
step 3 Now use 38 to generate a solution of x2 ≡ 23 (mod73).
Since 382 ≡ 23 (mod72), 382 = 23 + k · 72 for some integer k, namely, 29: 382 =
23 + 29 · 72. Now look for a solution of the form 38 + 72 . Since
(38 + 72
)2
= 382
+ 76 · 72
+ 74
2
≡ 382
+ 76 · 72
(mod73
)
≡ (23 + 29 · 72
) + 76 · 72
(mod73
)
≡ 23 + 72
(29 + 76 ) (mod73
)
Choose such that 29 + 76 ≡ 0 (mod7); that is, such that 1 + 6 ≡ 0 (mod7); thus
choose = 1. Then 38 + 72 = 38 + 72 · 1 ≡ 87 (mod73). Thus, 872 ≡ 23 (mod73),
so 87 is a solution of the given congruence. [Now use the solution 4 of x2 ≡
23 (mod7), and steps 2 and 3 to find the other solution of x2 ≡ 23 (mod73); it is
256.]
This example shows that if the congruence x2 ≡ a (modp) is solvable, then x2 ≡
a (modpn) is also solvable. Further, its solutions can be used step by step to generate
the solutions of x2 ≡ a (modpn). This is the essence of the following theorem.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-657-320.jpg)
![544 CHAPTER 11 Quadratic Congruences
• (Euler’s criterion) Let p be an odd prime. Then a positive integer a with p a
is a quadratic residue of p if and only if a(p−1)/2 ≡ 1 (modp). (p. 499)
• Let p be an odd prime. Then a positive integer a, where p a, is a quadratic
nonresidue if and only if a(p−1)/2 ≡ −1 (modp). (p. 500)
The Legendre Symbol
• Let p be an odd prime and a any integer such that p a. The Legendre symbol
(a/p) is defined by
(a/p) =
1 if a is a quadratic residue of p
−1 otherwise (p. 501)
• Euler’s criterion Let p be an odd prime. Then a positive integer a with p a
is a quadratic residue of p if and only if (a/p) = 1. (p. 502)
• Let p be an odd prime, and a and b be integers with p ab. Then:
• If a ≡ b (modp), then (a/p) = (b/p).
• (a/p)(b/p) = (ab/p).
• (a2/p) = 1. (p. 502)
• If p is an odd prime, then
(−1/p) =
1 if p ≡ 1 (mod4)
−1 if p ≡ −1 (mod4) (p. 503)
• Let p be an odd prime, q a prime such that p q, and i a positive integer. Then
(qi/p) = (q/p)i. (p. 505)
• Let p be an odd prime and let a =
n
i=1
pei
i be the canonical decomposition of a,
where (a, p) = 1. Then (a/p) =
n
i=1
(pi/p)ei . (p. 505)
• Gauss’ Lemma Let p be an odd prime and a an integer such that p a.
Let ν denote the number of least positive residues of the integers a,2a,3a,
...,[(p − 1)/2]a that exceed p/2. Then (a/p) = (−1)ν. (p. 507)
• Let p be an odd prime with p a. Let v denote the number of least positive
residues of the integers a,2a,...,[(p−1)/2]a that exceed p/2. Then (a/p) =
1 if and only if v is even. (p. 508).
• Let p be an odd prime. Then
(2/p) =
1 if p ≡ ±1 (mod8)
−1 if p ≡ ±3 (mod8) (p. 509)
• Let p be an odd prime. Then (2/p) = (−1)(p2−1)/8. (p. 511)](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-664-320.jpg)
![548 CHAPTER 11 Quadratic Congruences
48. Let p and q be distinct odd primes. Then the congruence x2 ≡ q (modp) is
solvable if and only if x2 ≡ p (modq) is solvable, unless p ≡ q ≡ 3 (mod4).
49. If p is a prime ≡ ±1 (mod8), then p|[2(p−1)/2 − 1].
50. Let p be an odd prime such that p|(a2n + b2n), where p ab and n ≥ 1. Then p is
of the form 4k + 1.
51. Every quadratic nonresidue of a Fermat prime fn is a primitive root.
52. Every primitive root modulo a Fermat prime is a quadratic nonresidue.
53. Let p be an odd prime such that q = 2p + 1 is also a prime. If p ≡ 1 (mod4),
then 2 is a primitive root modulo q. Otherwise, −2 is a primitive root modulo q.
54. There is an infinite number of primes of the form 8n − 1.
(Hint: Assume there are only finitely many such primes p1,p2,...,pk. Consider
N = (p1p2 ···pk)2 − 2.)
55. There is an infinite number of primes of the form 8n + 3.
(Hint: Assume there are only finitely many such primes p1,p2,...,pk. Consider
N = (p1p2 ···pk)2 + 2.)
56. There is an infinite number of primes of the form 6n + 1.
(Hint: Assume there are only finitely many such primes p1,p2,...,pk. Consider
N = (p1p2 ···pk)2 + 3.)
57. Three is a primitive root modulo every prime p = 2n + 1, where n 1.
58. Let p and q be distinct odd primes and p = p(−1)(p−1)/2. Then (p/q) = (q/p).
58. Let m and n be relatively prime odd integers and m = m(−1)(m−1)/2. Then
(m/n) = (n/m).
X SUPPLEMENTARY EXERCISES
Let Z
p denote the set of least positive residues modulo an odd prime p. Let f :Z
p →
{±1} defined by f(a) = (a/p). (The function f is a fine example of a homomorphism
in group theory.)
1. Prove that f(ab) = f(a) · f(b), where p ab.
2. Prove that f is a surjection.
3. Identify the set K of least positive residues a modulo p such that f(a) = 1. (K is
the kernel of f.)
4. Find K when p = 13.
Let p be an odd prime and a any integer such that p a. Then a is a cubic residue if
x3 ≡ a (modp) is solvable; it is a biquadratic residue if x4 ≡ a (modp) is solvable.
5. Find the cubic residues of 5 and 7.
6. Find the biquadratic residues of 7 and 11.
7. Prove that every biquadratic residue of p is also a quadratic residue.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-668-320.jpg)
![550 CHAPTER 11 Quadratic Congruences
5. Read in p and a positive integer such that p a.
(a) Compute (a/p).
(b) Let ν denote the number of least residues of the integers a,2a,3a,...,
[(p − 1)/2]a that exceed p/2. Find ν.
(c) Is (a/p) = (−1)ν?
6. Read in two distinct odd primes p and q, and verify the law of quadratic reci-
procity.
7. Read in a prime p ≡ ±1 (mod8).
(a) Verify that 2(p−1)/2 ≡ 1 (modp).
(b) Find a prime factor of 2(p−1)/2 − 1.
8. Read in two distinct odd primes p and q, and a positive integer a such that
(a, pq) = 1. Using the solutions of the congruences x2 ≡ a (modp) and x2 ≡
a (modq), solve x2 ≡ a (modpq).
9. Read in an odd positive integer m and an integer a such that (a, m) = 1. Evaluate
the Jacobi symbol (a/m).
10. Read in two relatively prime odd integers, and verify Theorems 11.12 and 11.13.
11. Read in a positive integer n and an integer a such that p a. Determine if the
congruence x2 ≡ a (modpn) is solvable.
12. Read in a positive integer n and an integer a such that p a. Solve the congruence
x2 ≡ a (modpn).
13. Read in an odd integer a and an integer n ≥ 3. Determine if the congruence
x2 ≡ a (mod2n) is solvable; if so, find its solutions.
14. Read in an integer m ≥ 2 and an integer a such that (a, m) = 1. Solve the con-
gruence x2 ≡ a (modm), if possible.
X ENRICHMENT READINGS
1. H. M. Edwards, “Euler and Quadratic Reciprocity,” Mathematics Magazine, 56
(Nov. 1983), 285–291.
2. M. Gerstenhaber, “The 152nd Proof of Quadratic Reciprocity,” The American
Mathematical Monthly, 70 (1963), 397–398.
3. D. E. Rowe, “Gauss, Dirichlet, and the Law of Biquadratic Reciprocity,” The
Mathematical Intelligencer, 10 (1988), 13–25.
4. W. Watkins, “The Quadratic Residues −1 and −3,” The American Mathematical
Monthly, 107 (Dec. 2000), 934.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-670-320.jpg)
![552 CHAPTER 12 Continued Fractions
called Pell’s equation (see Section 13.1). Seven years later, Lagrange developed the
fundamental properties of periodic continued fractions.
In 1931, D. H. Lehmer and R. E. Powers developed a factoring method based on
continued fractions. M. A. Morrison and J. Brillhart demonstrated the power of this
method by factoring f7 in 1974.
We now study a brief introduction to continued fractions.
12.1 Finite Continued Fractions
A finite continued fraction is an expression of the form
x = a0 +
1
a1 +
1
a2 +
1
... +
1
an−1 +
1
an
(12.1)
where each ai is a real number, a0 ≥ 0, ai+1 0 and i ≥ 0. The numbers
a1,a2,...,an are the partial quotients of the finite continued fraction. The frac-
tion is simple if each ai is an integer.
Since this notation is a bit cumbersome to manage, the fraction is often written
as
[a0;a1,a2,a3,...,an]
where a0 = x and the semicolon separates the fractional part from the integral part.
For example,
[1;2,3,4,5,6] = 1 +
1
2 +
1
3 +
1
4 +
1
5 +
1
6
=
1393
972
Although it follows from the definition that every simple finite continued frac-
tion represents a rational number, we shall now formally prove it, using induction.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-672-320.jpg)
![12.1 Finite Continued Fractions 553
THEOREM 12.1 Every finite simple continued fraction represents a rational number.
PROOF
(We shall apply induction on the number of partial quotients.) Let [a0;a1,a2,...,an]
be a finite simple continued fraction. When n = 1,
[a0;a1] = a0 +
1
a1
=
a0a1 + 1
a1
is a rational number.
Now assume that every finite simple continued fraction with k partial quotients
is a rational number, where k ≥ 1. Then
[a0;a1,a2,...,ak,ak+1] = a0 +
1
[a1;a2,...,ak,ak+1]
Since [a1;a2,...,ak+1] contains k partial quotients, it is a rational number r/s,
where s = 0. Then
[a0;a1,a2,...,ak,ak+1] = a0 +
1
r/s
= a0 +
s
r
=
a0r + s
r
is a rational number.
Thus, by induction, [a0;a1,a2,...,an] is a rational number for every positive
integer n.
The following theorem shows that the converse is also true: Every rational num-
ber can be represented by a finite simple continued fraction. This was discovered by
Euler. The proof invokes the euclidean algorithm from Section 3.2.
THEOREM 12.2 Every rational number can be represented by a finite simple continued fraction.
PROOF
Let x = a/b be a rational number, where b 0. For convenience, we let r0 = a and
r1 = b. By the euclidean algorithm, we have
r0 = r1q1 + r2, 0 r2 r1
r1 = r2q2 + r3, 0 r3 r2
r2 = r3q3 + r4, 0 r4 r3
.
.
.
rn−2 = rn−1qn−1 + rn, 0 rn rn−1
rn−1 = rnqn](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-673-320.jpg)
![554 CHAPTER 12 Continued Fractions
where the quotients q2,q3,...,qn and the remainders r2,r3,...,rn are positive.
It follows from these equations that
a
b
=
r0
r1
= q1 +
r2
r1
= q1 +
1
r1/r2
r1
r2
= q2 +
r3
r2
= q2 +
1
r2/r3
r2
r3
= q3 +
r4
r3
= q3 +
1
r3/r4
.
.
.
rn−2
rn−1
= qn−1 +
rn
rn−1
= qn−1 +
1
rn−1/rn
rn−1
rn
= qn
Substituting for r1/r2 in the first equation yields
a
b
= q1 +
1
q2 + r3/r2
Now substitute for r2/r3:
a
b
= q1 +
1
q2 +
1
q3 +
1
r3/r4
Continuing like this, we get
a
b
= q1 +
1
q2 +
1
q3 +
1
... +
1
qn−1 +
1
qn
= [q1;q2,q3,...,qn−1,qn]
Thus, every rational number can be represented by a finite simple continued
fraction.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-674-320.jpg)
![12.1 Finite Continued Fractions 555
The following example illustrates this algorithm.
EXAMPLE 12.1 Express
225
157
as a finite simple continued fraction.
SOLUTION
By the euclidean algorithm, we have
225 = 1 · 157 + 68
157 = 2 · 68 + 21
68 = 3 · 21 + 5
21 = 4 · 5 + 1
5 = 5 · 1
Thus,
225
157
= 1 +
68
157
= 1 +
1
157/68
= 1 +
1
2 +
21
68
= 1 +
1
2 +
1
68/21
= 1 +
1
2 +
1
3 +
5
21
= 1 +
1
2 +
1
3 +
1
21/5
= 1 +
1
2 +
1
3 +
1
4 +
1
5
= [1;2,3,4,5]
The Jigsaw Puzzle Revisited
In Section 3.2, we saw that the euclidean algorithm yields a jigsaw puzzle. We will
now show how the numbers of different-size squares in the puzzle yield an interesting
dividend. To this end, suppose we would like to convert
23
13
into a simple continued](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-675-320.jpg)
![556 CHAPTER 12 Continued Fractions
fraction. By the euclidean algorithm, we have
23 = 1 · 13 + 10
13 = 1 · 10 + 3
10 = 3 · 3 + 1
3 = 3 · 1
So
23
13
= [1;1,3,3].
It follows from Figure 12.1 that the 23 × 13 rectangle can be cut up into one
13 × 13 square, one 10 × 10 square, three 3 × 3 squares, and three 1 × 1 squares.
Notice that the numbers of squares of the various sizes are the partial quotients in the
continued fraction.
Figure 12.1
Suppose an 1 in the finite simple continued fraction [a0;a1,...,an]. Since
an = (an − 1) +
1
1
, it follows that [a0;a1,...,an] = [a0;a1,...,an − 1,1]. For ex-
ample, [1;2,3,4,5] = [1;2,3,4,1].
On the other hand, let an = 1. Then
[a0;a1,...,an] = [a0;a1,...,an−1,1] = [a0,a1,...,an−1 + 1]
For example, [1;2,3,4,1] = [1;2,3,5].
Thus, every rational number can be written as a finite simple continued frac-
tion in two different ways. In other words, the continued fraction representation of a
rational number is not unique.
Next, we discuss approximations of continued fractions.
Convergents of a Continued Fraction
By truncating the continued fraction for x = [a0;a1,...,an] at the various plus signs
[see equation (12.1)], we can generate a sequence {ck} of approximations of x, where
0 ≤ k ≤ n; thus, ck = [a0,a1,...,ak]; ck is called the kth convergent of x, a concept
introduced by Wallis in his Opera Mathematica.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-676-320.jpg)
![12.1 Finite Continued Fractions 557
For example, you may verify that
F8
F7
=
21
13
= [1;1,1,1,1,1,1]
The various convergents are
c0 = [1] =
1
1
= 1
c1 = [1;1] =
2
1
= 2
c2 = [1;1,1] =
3
2
= 1.5
c3 = [1;1,1,1] =
5
3
≈ 1.6666666667
c4 = [1;1,1,1,1] =
8
5
= 1.6
c5 = [1;1,1,1,1,1] =
13
8
= 1.625
c6 = [1;1,1,1,1,1,1] =
21
13
≈ 1.6153846154
Some interesting observations:
• These convergents ck approach the actual value
21
13
as k increases, where 0 ≤
k ≤ 6.
• The convergents c2k approach it from below and the convergents c2k+1 from
above; so the convergents are alternately less than and greater than
21
13
, ex-
cept the last convergent; that is, c0 c2 c4
21
13
c5 c3 c1; see Fig-
ure 12.2.
Figure 12.2
• The convergents display a remarkable pattern: ck =
Fk+2
Fk+1
, 0 ≤ k ≤ 6.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-677-320.jpg)
![558 CHAPTER 12 Continued Fractions
We shall return to these observations later.
We can facilitate the computation of the convergents ck =
pk
qk
by developing
formulas for its numerator and denominator, as the next theorem shows.
THEOREM 12.3 The kth convergent of the finite simple continued fraction [a0;a1,...,an] is
ck =
pk
qk
where 2 ≤ k ≤ n, and the sequences {pk} and {qk} are defined recursively as follows:
p0 = a0 q0 = 1
p1 = a0a1 + 1 q1 = a1
pk = akpk−1 + pk−2 qk = akqk−1 + qk−2
PROOF
We shall prove by induction that ck =
pk
qk
yields the kth convergent of the continued
fraction for each value of k, where 0 ≤ k ≤ n.
When k = 0,
c0 = [a0] =
a0
1
=
p0
q0
and when k = 1,
c1 = [a0;a1] = a0 +
1
a1
=
a0a1 + 1
a1
=
p1
q1
Thus, the theorem is true when k = 0 and k = 1.
Now assume that the formula for ck works for an arbitrary integer m, where
2 ≤ m n. That is,
cm =
pm
qm
=
ampm−1 + pm−2
amqm−1 + qm−2
(12.2)
Then
cm+1 = [a0;a1,...,am,am+1]
=
a0;a1,...,am−1,am +
1
am+1
Notice that the integers pm−1, pm−2, qm−1, and qm−2 depend only on the partial
quotients a0,a1,...,am−1, and not on am. So the convergent cm+1 can be computed
from formula (12.2) by replacing am with am +
1
am+1
:](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-678-320.jpg)
![12.1 Finite Continued Fractions 559
cm+1 =
am +
1
am+1
pm−1 + pm−2
am +
1
am+1
qm−1 + qm−2
=
am+1(ampm−1 + pm−2) + pm−1
am+1(amqm−1 + qm−2) + qm−1
=
am+1pm + pm−1
am+1qm + qm−1
, by formula (12.2)
Thus, by induction, the formula works for every value of k, where 0 ≤ k ≤ n.
The following example illustrates this theorem.
EXAMPLE 12.2 Using Theorem 12.3, compute the convergents of the continued fraction
[2;3,1,5] =
52
23
.
SOLUTION
We have a0 = 2,a1 = 3,a2 = 1, and a3 = 5. First, we compute pk and qk for each k,
where 0 ≤ k ≤ 3:
p0 = a0 = 2 q0 = 1
p1 = a0a1 + 1 = 2 · 3 + 1 = 7 q1 = a1 = 3
p2 = a2p1 + p0 = 1 · 7 + 2 = 9 q2 = a2q1 + q0 = 1 · 3 + 1 = 4
p3 = a3p2 + p1 = 5 · 9 + 7 = 52 q3 = a3q2 + q1 = 5 · 4 + 3 = 23
Thus, the various convergents are
c0 =
p0
q0
=
2
1
c1 =
p1
q1
=
7
3
c2 =
p2
q2
=
9
4
c3 =
p3
q3
=
52
23
A table such as Table 12.1 can be used effectively to compute pk and qk, from
which ck can be computed. For example, p2 = 9 = 1 · 7 + 2 and q3 = 23 = 5 · 4 + 3.
k 0 1 2 3
ak 2 3 1 5
pk 2 7 9 52
qk 1 3 4 23
Table 12.1](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-679-320.jpg)
![560 CHAPTER 12 Continued Fractions
The next theorem reveals a Cassini-like relationship among the numerators and
the denominators of two successive convergents of a finite simple continued fraction.
THEOREM 12.4 Let ck =
pk
qk
be the kth convergent of the simple continued fraction [a0;a1,...,an],
where 1 ≤ k ≤ n. Then pkqk−1 − qkpk−1 = (−1)k−1.
PROOF (by induction)
Using the definitions of the sequences {pk} and {qk} in Theorem 12.3,
p1q0 − q1p0 = (a0a1 + 1) · 1 − a1a0 = 1 = (−1)1−1
So the formula works when k = 1.
Now assume that it is true for an arbitrary positive integer k n:
pkqk−1 − qkpk−1 = (−1)k−1
Then, by the recursive definition of pk and qk,
pk+1qk − qk+1pk = (ak+1pk + pk−1)qk − (ak+1qk + qk−1)pk
= −(pkqk−1 − qkpk−1)
= −(−1)k−1
, by the inductive hypothesis
= (−1)k
So the formula works for k +1 also. Thus, by induction, the theorem is true for every
positive integer ≤ n.
The following example illustrates this theorem.
EXAMPLE 12.3 Verify Theorem 12.4 using the convergents of the continued fraction [2;3,1,5].
SOLUTION
Using Example 12.2, we have
p1q0 − q1p0 = 7 · 1 −3 · 2 = 1 = (−1)1−1
p2q1 − q2p1 = 9 · 3 −4 · 7 = −1 = (−1)2−1
p3q2 − q3p2 = 52 · 4 −23 · 9 = 1 = (−1)3−1
Thus, pkqk−1 − qkpk−1 = (−1)k−1 for every value of k, where 1 ≤ k ≤ 3.
As in the case of Cassini’s formula, Theorem 12.4 has an interesting byproduct
about pk and qk, as the next corollary shows.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-680-320.jpg)
![12.1 Finite Continued Fractions 561
COROLLARY 12.1 Let ck =
pk
qk
be the kth convergent of the simple continued fraction [a0;a1,...,an].
Then (pk,qk) = 1, where 1 ≤ k ≤ n.
PROOF
Let d = (pk,qk). Since pkqk−1 − qkpk−1 = (−1)k−1, it follows by Theorem 2.4 that
d|(−1)k−1. But d 0, so d = 1. Thus, (pk,qk) = 1, as desired.
For example, consider the convergents of the continued fraction [2;3,1,5] in
Example 12.2. Notice that (p1,q1) = (7,3) = 1; (p2,q2) = (9,4) = 1; and (p3,q3) =
(52,23) = 1.
The following corollary shows another interesting consequence of Theo-
rem 12.4.
COROLLARY 12.2 Let ck =
pk
qk
be the kth convergent of the simple continued fraction [a0;a1,...,an],
where 1 ≤ k ≤ n. Then
ck − ck−1 =
(−1)k−1
qkqk−1
PROOF
By Theorem 12.3,
ck − ck−1 =
pk
qk
−
pk−1
qk−1
=
pkqk−1 − qkpk−1
qkqk−1
=
(−1)k−1
qkqk−1
, by Theorem 12.4
This leads us to following result.
COROLLARY 12.3 Let ck =
pk
qk
be the kth convergent of the simple continued fraction [a0;a1,...,an].
Then
ck − ck−2 =
ak(−1)k
qkqk−2
where 2 ≤ k ≤ n.
PROOF
By Corollary 12.2,
ck − ck−1 =
(−1)k−1
qkqk−1](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-681-320.jpg)
![562 CHAPTER 12 Continued Fractions
and
ck−1 − ck−2 =
(−1)k−2
qk−1qk−2
Adding these two equations,
ck − ck−2 =
(−1)k−1
qkqk−1
+
(−1)k−2
qk−1qk−2
=
(−1)k−2(qk − qk−2)
qkqk−1qk−2
=
(−1)k−2(akqk−1)
qkqk−1qk−2
, by Theorem 12.3
=
(−1)kak
qkqk−2
We are now ready to confirm the observation made earlier (in Figure 12.2).
THEOREM 12.5 Let ck =
pk
qk
be the kth convergent of the simple continued fraction [a0;a1,...,an].
Then c2i c2i+2, c2i+3 c2i+1, and c2i c2j+1, where i,j ≥ 0.
PROOF
By Corollary 12.3,
ck − ck−2 =
ak(−1)k
qkqk−2
where 2 ≤ k ≤ n. Let k = 2i + 2, where i ≥ 0. This equation yields
c2i+2 − c2i =
a2i+2(−1)2i+2
q2i+2q2i
Since a2i+2,q2i+2,q2i 0, the RHS is positive; so c2i c2i+2; thus c0 c2
c4 ··· .
Likewise, by letting k = 2i + 3 in Corollary 12.3, we get c2i+3 c2i+1; thus
c1 c3 c5 ··· .
Finally, by Corollary 12.2, c2s c2s−1; so c2i+2j c2i+2j−1. But c2i+2j−1
c2j−1. Thus c2i c2i+2j c2i+2j−1 c2j−1, so c2i c2j−1 for every i,j ≥ 0. In
words, every even-numbered convergent is less than every odd-numbered conver-
gent.
It follows from the theorem that
c0 c2 c4 ··· c5 c3 c1](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-682-320.jpg)
![12.1 Finite Continued Fractions 563
For example, returning to the convergents of the continued fraction
21
13
=
[1;1,1,1,1,1,1], notice that c0 c2 c4 c6,c1 c3 c5, and c0 c2 c4
c6 c5 c3 c1.
Next we present an interesting application of finite simple continued fractions
to LDEs.
Continued Fractions and LDEs
Recall from Theorem 4.1 that the LDE ax + by = c is solvable if and only if d | c,
where d = (a,b). If x0,y0 is a particular solution, then it has infinitely many solutions
x = x0 + (b/d)t,y = y0 − (a/d)t.
Continued fractions can be employed to solve LDEs. To see this, first consider
the LDE ax + by = 1, where b 0 and (a,b) = 1. Since a/b is a rational number, by
Theorem 12.2, it can be represented by a continued fraction [a0;a1,...,an]. Then
cn =
pn
qn
=
a
b
Since (pn,qn) = 1 = (a,b), it follows that a = pn and b = qn.
By Theorem 12.4, pnqn−1 − qnpn−1 = (−1)n−1; so aqn−1 − bpn−1 = (−1)n−1.
When n is odd, it becomes aqn−1 + b(−pn−1) = 1; so x0 = qn−1,y0 = −pn−1 is a
solution of the LDE ax + by = 1. On the other hand, when n is even, it becomes
a(−qn−1) + bpn−1 = 1; so x0 = −qn−1,y0 = pn−1 is a solution.
When x0,y0 is a solution of the LDE ax + by = 1, ax0 + by0 = 1; so a(cx0) +
b(cy0) = c; thus, cx0,cy0 is a particular solution of the LDE ax + by = c.
The following example illustrates this technique.
EXAMPLE 12.4 Using continued fractions, solve Mahavira’s puzzle in Example 3.17.
SOLUTION
By Example 3.17, we have 63x−23y = −7; that is, (−63)x+23y = 7. First, we find
a particular solution of the LDE (−63)x + 23y = 1, where (−63,23) = 1. To this
end, we express
−63
23
as a continued fraction, using the euclidean algorithm:
−63 = (−3) · 23 + 6
23 = 3 · 6 + 5
6 = 1 · 5 + 1
5 = 5 · 1
So
−63
23
= [−3;3,1,5]. Then c2 =
p2
q2
=
−11
4
and c3 =
p3
q3
=
−63
23
; so p2 =
−11,q2 = 4,p3 = −63, and q3 = 23.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-683-320.jpg)
![564 CHAPTER 12 Continued Fractions
By Theorem 12.4, p3q2 − q3p2 = (−1)3−1; that is, (−63) · 4 + 23 · 11 = 1.
Consequently, x0 = 4,y0 = 11 is a particular solution of the LDE (−63)x + 23y = 1.
Therefore, 7x0 = 28, 7y0 = 77 is a particular solution of the LDE (−63)x + 23y = 7.
So, by Theorem 3.20, its general solution is x = 7x0 + bt = 28 + 23t, y = 7y0 − at =
77 + 63t. (Notice that this is consistent with the solution in Example 3.17.)
E X E R C I S E S 12.1
Rewrite each as a finite simple continued fraction.
1.
57
23
2.
1199
199
3.
−43
17
4.
89
55
Represent each continued fraction as a rational number.
5. [1;2,3,4,5] 6. [1;1,1,1,1,1]
7. [−3;5,4,3,2] 8. [5;4,3,2,1]
Use Figure 12.3 to answer Exercises 9 and 10, where each
smallest square is a 1 × 1 square. (R. Knott)
Figure 12.3
9. Find the continued fraction corresponding to the split-
ting up of the rectangle into squares.
10. Find the rational number (in lowest terms) repre-
sented by the continued fraction.
Using Theorem 12.3, compute the convergents of each
continued fraction.
11. [1;1,1,1,1,1,1] 12. [0;2,7,7,6]
13. [3;1,4,2,7] 14. [−2;5,4,7,1]
The second and third convergents of the continued frac-
tion [1;2,3,4,5,6,7,8] are 10/7 and 43/30, respec-
tively. Using them, find each convergent:
15. c4 16. c6
The fourth and fifth convergents of the continued fraction
[1;1,1,1,1,1,1,3] are 8/5 and 13/8, respectively. Using
them, compute each convergent.
17. c6 18. c7
19. Let cn denote the nth convergent of the finite contin-
ued fraction [1;1,1,1,...,1]. Prove that cn =
Fn+2
Fn+1
,
where n ≥ 1.
20. Using the finite continued fraction [1;1,1,1,...,1],
prove that Fn+2Fn − F2
n+1 = (−1)n+1, where n ≥ 1.
Let ck =
pk
qk
be the kth convergent of the simple continued
fraction [1;2,3,4,5,6], where 1 ≤ k ≤ n. Express each as
a simple continued fraction.
21.
p4
p3
22.
p5
p4
23.
q4
q3
24.
q5
q4
25. Using Exercises 21 and 22, make a conjecture about
pk
pk−1
, where
pk
qk
denotes the kth convergent of the
simple continued fraction [a0;a1,...,an], where 2 ≤
k ≤ n.
26. Using Exercises 23 and 24, make a conjecture about
qk
qk−1
, where
pk
qk
denotes the kth convergent of
the simple continued fraction [a0;a1,...,an], where
2 ≤ k ≤ n.
Using the continued fraction of the given rational num-
ber r, find the continued fraction of 1/r.
27. 57/23 28. 1199/199
29. Let r be a rational number with simple continued
fraction [a0;a1,...,an]. Using Exercises 25 and 26,
conjecture the continued fraction for 1/r.
30. Establish the conjecture in Exercise 29.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-684-320.jpg)
![12.2 Infinite Continued Fractions 565
Solve each LDE, using continued fractions.
31. 12x + 13y = 14 32. 28x + 91y = 119
33. 1776x + 1976y = 4152
34. 1076x + 2076y = 3076
12.2 Infinite Continued Fractions
Suppose there are infinitely many terms in the expression [a0;a1,...,an,...], where
a0 ≥ 0 and ai 0 for i ≥ 1. Such a fraction is an infinite continued fraction. In
particular, if each aj is an integer, then it is an infinite simple continued fraction.
More generally, an infinite simple continued fraction is of the form
a0 +
b1
a1 +
b2
a2 +
b3
a3 + ···
where a0 ≥ 0, and ai and bi+1 are integers for each i.
An interesting example of such a continued fraction is the identity for
4
π
, dis-
covered in 1655 by Lord William V. Brouncker (1620–1684), the first president of
the Royal Society. He discovered it by converting Wallis’ celebrated infinite product
4
π
=
3 · 3 · 5 · 5 · 7 · 7···
2 · 4 · 4 · 6 · 6···
into a continued fraction:
4
π
= 1 +
12
2 +
32
2 +
52
2 +
72
2 + ···
This is the first recorded infinite continued fraction, but Brouncker did not provide a
proof; it was given by Euler in 1775.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-685-320.jpg)
![566 CHAPTER 12 Continued Fractions
An infinite continued fraction for
π
4
is
π
4
= 1 +
12
3 +
22
5 +
32
7 +
42
9 + ···
In 1999, L. J. Lange of the University of Missouri developed an equally fasci-
nating continued fraction for π:
π = 3 +
12
6 +
32
6 +
52
6 +
72
6 + ···
For convenience, we restrict our discussion to infinite simple continued frac-
tions, where bi = 1. The simplest such continued fraction is [1;1,1,1,...].
One of the most astounding continued fractions was developed by the Indian
mathematical genius Srinivasa Ramanujan, who studied them in 1908:
√
5α − α
e2π/5
=
0;e−2π
,e−4π
,e−6π
,...
where α denotes the golden ratio. When Ramanujan communicated this marvelous
result to Hardy in his first letter to him in 1913, Hardy was stunned by the discovery
and could not derive it himself. Equally intriguing is its reciprocal:
e−2π/5
√
5α − α
=
1;e−2π
,e−4π
,e−6π
,...
Ramanujan discovered about 200 such infinite continued fractions.
How do we evaluate infinite simple continued fractions? We will answer this
gradually. First, notice that although the continued fraction [a0;a1,a2,...] is infinite,
the convergents
cn = [a0;a1,...,an]
are finite, and hence represent rational numbers, so the properties of convergents
from the previous section can be applied to these convergents also. Since
c0 c2 c4 ··· c5 c3 c1](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-686-320.jpg)
![568 CHAPTER 12 Continued Fractions
The next theorem shows that = .
THEOREM 12.6 Let ck = [a0;a1,...,ak] denote the kth convergent of the simple continued fraction
[a0;a1,a2,...]. Then
lim
n→∞
c2n = lim
n→∞
c2n+1
PROOF
By Corollary 12.2,
c2n+1 − c2n =
(−1)2n
q2n+1q2n
=
1
q2n+1q2n
1
q2
2n
, since q2n+1 q2n
As n gets larger and larger, qn and hence q2
n get larger and larger; then
1
q2
n
gets smaller
and smaller, but never negative. So lim
n→∞
(c2n+1 − c2n) = 0.
Thus,
lim
n→∞
c2n+1 − lim
n→∞
c2n = lim
n→∞
(c2n+1 − c2n)
= 0
So the two limits are equal.
It follows from this theorem that the sequences {c2n} and {c2n+1} of convergents
of the continued fraction [a0;a1,a2,...] approaches a unique limit . This common
limit is the value of the continued fraction:
= lim
n→∞
cn = [a0;a1,a2,...]
For example, let cn denote the nth convergent of the continued fraction
[1;1,1,1,...], where n ≥ 0. Then cn =
Fn+2
Fn+1
; this can be established using induc-
tion (see Exercise 13). Thus,
cn =
pn
qn
=
Fn+2
Fn+1
[This relationship was first observed in 1753 by the English mathematician Robert
Simson (1687–1768).] Since
lim
n→∞
cn = lim
n→∞
Fn+2
Fn+1](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-688-320.jpg)
![12.2 Infinite Continued Fractions 569
(see Exercise 14), the sequence {cn} converges to the golden ratio α; that is,
[1;1,1,1,...] = α.
We can establish this fact by using an alternate route, without employing conver-
gents. To this end, let x = [1;1,1,1,...]. Then [1;1,1,1,...] = [1;[1;1,1,1,...]],
so x = [1;x] = 1+
1
x
. Then x2 −x−1 = 0. Solving it, we get x =
1 ±
√
5
2
, but x 0;
so x =
1 +
√
5
2
= α; see Figure 12.4.
Figure 12.4
In Theorem 12.1, we proved that every finite simple continued fraction repre-
sents a rational number. We now show that every infinite simple continued fraction
represents an irrational number.
THEOREM 12.7 The infinite simple continued fraction [a0;a1,a2,...] represents an irrational num-
ber.
PROOF (by contradiction)
Let x = [a0;a1,a2,...]. Then x is the limit of the sequence {cn} of convergents cn =
pn
qn
= [a0;,a1,...,an]. Since
c0 c2 ··· c2n ··· c2n+1 ··· c3 c1
↑
x
it follows that c2n x c2n+1; so
0 x − c2n c2n+1 − c2n
By Corollary 12.2, this implies that
0 x −
p2n
q2n
1
q2n+1q2n](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-689-320.jpg)
![570 CHAPTER 12 Continued Fractions
Suppose x is a rational number a/b, where b 0. Then
0
a
b
−
p2n
q2n
1
q2n+1q2n
That is,
0 aq2n − bp2n
b
q2n+1
Thus, aq2n − bp2n is a positive integer
b
q2n+1
. But as n gets larger and larger, so
does q2n+1. Hence, there is an integer k such that q2k+1 b, that is,
b
q2k+1
1. Then
0 aq2k − bp2k 1. This implies that aq2k − bp2k is a positive integer 1. Since
this is impossible, x cannot be a rational number; in other words, x is an irrational
number.
The next theorem shows that every irrational number x can be represented by
an infinite simple continued fraction. Therefore, every irrational number can be ap-
proximated by a rational number. It provides an algorithm for constructing such a
continued fraction and uses the floor function from Section 1.1. The proof is a bit
long, so follow it carefully.
THEOREM 12.8 Let x = x0 be an irrational number. Define the sequence {ak}∞
k=0 of integers ak recur-
sively as follows:
ak = xk, xk+1 =
1
xk − ak
where k ≥ 0. Then x = [a0;a1,a2,...].
PROOF
It follows from the recursive definition that ak is an integer for every k.
We now establish by induction that xk is an irrational number for every k ≥ 0.
To this end, first notice that x0 is irrational and a0 = x0 = x0. Besides, since x0 is
irrational, x0 − a0 is irrational; so x1 =
1
x0 − a0
is an irrational number.
Now assume that xk is irrational for an arbitrary integer k ≥ 0. Then xk − ak and
hence
1
xk − ak
are irrational; that is, xk+1 is irrational. Thus, by induction, every xk
is an irrational number.
Next we will show that ak ≥ 1 for every k ≥ 1. Since ak is an integer and xk
is an irrational number, ak = xk; so xk − ak 0. But xk − ak = xk − xk 1; so
0 xk − ak 1. Hence](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-690-320.jpg)
![12.2 Infinite Continued Fractions 571
xk+1 =
1
xk − ak
1
Consequently, ak+1 = xk+1 ≥ 1 for every k ≥ 0. That is, the integers a1,a2,... are
all positive.
We will now show that x = [a0;a1,a2,...]. From the recursive formula
xk+1 =
1
xk − ak
it follows that
xk = ak +
1
xk+1
where k ≥ 0. Successively substituting for x1,x2,x3,..., this yields
x0 = a0 +
1
x1
= [a0;x1]
= a0 +
1
a1 +
1
x2
= [a0;a1,x2]
= a0 +
1
a1 +
1
a2 +
1
x3
= [a0;a1,a2,x3]
.
.
.
= a0 +
1
a1 +
1
a2 +
1
... +
1
an +
1
xn+1
= [a0;a1,a2,...,an,xn+1]
where n ≥ 0.
Finally, we must show that x0 = lim
n→∞
[a0;a1,...,an,xn+1]. To this end, let
ck =
pk
qk
denote the kth convergent of the continued fraction [a0;a1,a2,...]. Then,
by Theorem 12.3,
x0 = [a0;a1,...,an,xn+1]
=
xn+1pn + pn−1
xn+1qn + qn−1](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-691-320.jpg)
![572 CHAPTER 12 Continued Fractions
Then
x0 − cn =
xn+1pn + pn−1
xn+1qn + qn−1
−
pn
qn
=
−(pnqn−1 − qnpn−1)
(xn+1qn + qn−1)qn
=
(−1)n
(xn+1qn + qn−1)qn
, by Theorem 12.4
Since xn+1 an+1, this yields
|x0 − cn| =
1
(xn+1qn + qn−1)qn
1
(an+1qn + qn−1)qn
=
1
qn+1qn
As n gets larger and larger, so does qn. Therefore, as n approaches infinity,
1
qn+1qn
approaches zero; that is, cn → x0 as n → ∞. Thus,
x = x0 = lim
n→∞
cn = [a0;a1,a2,...]
as desired.
The next theorem shows that the infinite continued fraction representation of an
irrational number is unique. We omit its proof in the interest of brevity; see Supple-
mentary Exercise 4.
THEOREM 12.9 If [a0;a1,a2,...] and [b0;b1,b2,...] represent the same irrational number, then ak =
bk for every k ≥ 0.
The following example illustrates the constructive algorithm in Theorem 12.8.
EXAMPLE 12.5 Express
√
13 as an infinite simple continued fraction.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-692-320.jpg)
![12.2 Infinite Continued Fractions 573
SOLUTION
Let x = x0 =
√
13. Then a0 =
√
13 = 3. By the recursive definition in Theo-
rem 12.8, we have
x1 =
1
x0 − a0
=
1
√
13 − 3
=
√
13 + 3
4
a1 = x1 = 1
x2 =
1
x1 − a1
=
√
13 − 3
4 −
√
13
=
√
13 + 1
3
a2 = x2 = 1
x3 =
1
x2 − a2
=
3
√
13 − 2
=
√
13 + 2
3
a3 = x3 = 1
x4 =
1
x3 − a3
=
3
√
13 − 1
=
√
13 + 1
4
a4 = x4 = 1
x5 =
1
x4 − a4
=
4
√
13 − 3
=
√
13 + 3 a5 = x5 = 6
x6 =
1
x5 − a5
=
1
√
13 − 3
=
√
13 + 3
4
a6 = x6 = 1
Clearly, the pattern continues. Thus,
√
13 = [3;1,1,1,1,6,1,1,1,1,6,...]
This is often written as
√
13 =
3;1,1,1,1,6
to indicate the periodic behavior.
An Infinite Continued Fraction for
1
α
In 1951, F. C. Ogg of Bowling Green State University discovered a sophisticated
way of converting
√
5 − 1 into an infinite simple continued fraction:
√
5 − 1 = 1 +
√
5 − 2 = 1 +
1
√
5 + 2
= 1 +
1
4 +
√
5 − 2
= 1 +
1
4 +
1
√
5 + 2
= 1 +
1
4 +
1
4 +
√
5 − 2](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-693-320.jpg)
![574 CHAPTER 12 Continued Fractions
= 1 +
1
4 +
1
4 +
1
4 + ···
= [1;4,4,4,...]
=
1;4
The various convergents of this continued fraction are 1,
5
4
,
21
17
,
89
72
,
377
305
,.... Now
divide each by 2. The resulting numbers are
1
2
,
5
8
,
21
34
,
89
144
,
377
610
,...; so the nth
convergent of the continued fraction for
√
5 − 1
2
is
F3n+2
F3n+3
, where n ≥ 0. Since
lim
n→∞
F3n+2
F3n+3
= lim
n→∞
1
F3n+3/F3n+2
=
1
α
=
√
5 − 1
2
So the continued fraction for
√
5 − 1
2
is that of
1
α
. Since α = [1;1,1,1,...], it fol-
lows that 1
α = [0;1,1,1,...].
Using Theorem 12.8, the next example develops the infinite continued fraction
for e = 2.718281828..., the base of the natural logarithm. It was discovered by
Euler in 1737.
EXAMPLE 12.6 Find the continued fraction expansion for e.
SOLUTION
We have x0 = e = 2.718281828..., so a0 = 2. Using the algorithm in Theorem 12.8,
we have
x1 =
1
x0 − a0
=
1
0.7182818280...
= 1.3922111920... a1 = 1
x2 =
1
x1 − a1
=
1
0.3922111920...
= 2.5496467725... a2 = 2
x3 =
1
x2 − a2
=
1
0.5496467725...
= 1.8193502627... a3 = 1
x4 =
1
x3 − a3
=
1
0.8193502627...
= 1.2204792571... a4 = 1
x5 =
1
x4 − a4
=
1
0.2204792571...
= 4.5355740627... a5 = 4](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-694-320.jpg)
![Chapter Summary 575
Continuing like this, we get
e = [2;1,2,1,1,4,1,1,6,1,1,8,...]
where the even partial quotients are separated by two 1s.
Euler also showed that
e − 1
e + 1
= [0;2,6,10,14,18,...]
and
e2 − 1
e2 + 1
= [0;1,3,5,7,9,...]
E X E R C I S E S 12.2
Convert each into an infinite simple continued fraction.
1.
√
2 2.
√
3 3.
√
5
4.
√
12 5. π 6.
√
π
Compute the first five convergents of the continued frac-
tion for each.
7.
√
2 8.
√
3 9. π 10.
√
π
11. Using the continued fraction π = [3;7,15,1,292,
1,...], compute the value of π correct to eight deci-
mal places.
12. Using the continued fraction e = [2;1,2,1,1,4,1,1,
6,1,1,8,...], compute the value of e correct to six
decimal places.
13. Let cn denote the nth convergent of the continued
fraction [1;1,1,1,1,...], where n ≥ 1. Prove that
cn =
Fn+2
Fn+1
.
14. Prove that lim
n→∞
Fn+1
Fn
= α, the golden ratio.
Evaluate each simple infinite continued fraction.
15. [Fn;Fn,Fn,Fn,...] 16. [Ln;Ln,Ln,Ln,...]
X CHAPTER SUMMARY
In this chapter, we presented a brief introduction to the theory of continued fractions.
A continued fraction is simple if each partial quotient is an integer. We learned how
to identify rational and irrational numbers, using their continued fraction representa-
tions.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-695-320.jpg)
![576 CHAPTER 12 Continued Fractions
Finite Simple Continued Fractions
• Compact notation [a0;a1,...,an] (p. 552)
• Every rational number can be represented by a finite simple continued frac-
tion. (p. 553)
• ck =
pk
qk
= [a0;a1,...,ak] gives the kth convergent of the continued fraction.
(p. 556)
• ck can be defined recursively (p. 558):
p0 = a0 q0 = 1
p1 = a0a1 + 1 q1 = a1
pk = akpk−1 + pk−2 qk = akqk−1 + qk−2
• pkqk−1 − qkpk−1 = (−1)k−1 (p. 560)
• (pk,qk) = 1 (p. 561)
• ck − ck−1 =
(−1)k−1
qkqk−1
(p. 561)
• ck − ck−2 =
ak(−1)k
qkqk−2
(p. 561)
• c0 c2 c4 ··· c5 c3 c1 (p. 562)
• Finite simple continued fractions can be used to solve LDEs. (p. 563)
Infinite Simple Continued Fractions
• Notation [a0;a1,...,an,...] (p. 565)
• The sequence of convergents {cn} approaches a unique limit. (p. 568)
• An infinite simple continued fraction represents an irrational number. (p. 569)
• The continued fraction representation [a0;a1,...] of an irrational number
x = x0 can be found recursively:
ak = xk, xk+1 =
1
xk − ak
(p. 570)
• Every irrational number has a unique continued fraction representation.
(p. 572)
X REVIEW EXERCISES
Rewrite each rational number as a continued fraction.
1.
47
19
2.
−1023
43](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-696-320.jpg)
![Supplementary Exercises 577
Represent each continued fraction as a rational number.
3. [5;4,3,2,1] 4. [3;1,2,1,2,1]
The third and fourth convergents of the continued fraction [0;1,3,5,7,9,11] are
16/21 and 115/151, respectively. Using them, compute each convergent.
5. c5 6. c6
Using the continued fraction for the given rational number r, find the continued frac-
tion for
1
r
.
7.
25
18
8.
464
675
Using continued fractions, solve each LDE, if possible.
9. 43x + 23y = 33 10. 33x + 55y = 93
11. 76x + 176y = 276 12. 365x + 185y = 135
Using continued fractions, solve each Fibonacci LDE.
13. 144x + 89y = 23 14. 233x − 144y = 19
Rewrite each as an infinite simple continued fraction.
15.
√
7 16.
√
10 17.
√
e 18. lg2
19. Using the continued fraction
e − 1
e + 1
= [0;2,6,10,14,18,...] (Euler, 1737)
compute the value of
e − 1
e + 1
correct to eight decimal places.
20. Using the continued fraction
e2 − 1
e2 + 1
= [0;1,3,5,7,9,...] (Euler, 1737)
compute the value of
e2 − 1
e2 + 1
correct to eight decimal places.
21. Let r be a rational number 1 with finite simple continued fraction [a0;a1,
...,an]. Prove that
1
r
= [a1;a2,...,an].
22. Using Cassini’s formula, prove that lim
n→∞
(cn − cn−1) = 0, where cn denotes the
nth convergent of the continued fraction [1;1,1,1,1,...].](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-697-320.jpg)
![578 CHAPTER 12 Continued Fractions
X SUPPLEMENTARY EXERCISES
Let
pk
qk
denote the kth convergent of the simple continued fraction [a0;a1,...,an],
where a0 0 and 1 ≤ k ≤ n. Prove each. (See Exercises 21–24 in Section 12.1.)
1.
pk
pk−1
= [ak;ak−1,...,a1,a0] 2.
qk
qk−1
= [ak;ak−1,...,a2,a1]
3. qk ≥ 2k/2, where k ≥ 2. 4. Theorem 12.9.
X COMPUTER EXERCISES
Write a program to perform each task:
1. Express the rational numbers
3191
2191
and
9587
9439
as finite simple continued fractions.
2. Using continued fractions, compute the golden ratio correct to 50 decimal places.
3. Using continued fractions, solve the LDEs 5717x + 4799y = 3076 and 9767x +
3919y = 6677, if possible.
4. Using the continued fraction for e, compute e correct to 50 decimal places.
5. Using the continued fraction for π, compute it correct to 50 decimal places.
6. Using continued fractions, compute
√
1001 and
√
10001 correct to 50 decimal
places.
X ENRICHMENT READINGS
1. G. H. Hardy and E. M. Wright, An Introduction to the Theory of Numbers, 5th
edition, Oxford, New York, 1995, 129–153.
2. I. Niven et al., An Introduction to the Theory of Numbers, 5th edition, Wiley, New
York, 1991, 325–351.
3. C. S. Ogilvy and J. T. Anderson, Excursions in Number Theory, Dover, New York,
1988, 115–131.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-698-320.jpg)
![13.1 Pythagorean Triangles 581
Figure 13.2 A Greek stamp illustrating the Pythagorean theorem.
Pythagorean Triples
Let x and y denote the lengths of the legs of a right triangle and z the length of its
hypotenuse. Then, by the Pythagorean theorem, x, y, and z satisfy the diophantine
equation
x2
+ y2
= z2
(13.1)
The positive integral triplet x-y-z is called a Pythagorean triple. Thus, the task of
finding all Pythagorean triangles is the same as that of finding all Pythagorean triples.
Clearly, 3-4-5 is a Pythagorean triple. Because (3n)2 + (4n)2 = (5n)2, it follows
that 3n-4n-5n is also a Pythagorean triple for every positive integer n. Thus, there are
infinitely many Pythagorean triples.
For the curious-minded, there is a Pythagorean triplet that contains the beastly
number: 2162 + 6302 = 6662; it can also be written as (6 · 6 · 6)2 + (666 − 6 · 6)2 =
6662, as observed by M. Keith in 2002.
Pythagorean Triples and Fibonacci Numbers
We can digress briefly to discuss how Fibonacci numbers can be used to construct
Pythagorean triples. To this end, consider four consecutive Fibonacci numbers Fn,
Fn+1, Fn+2, and Fn+3. Let x = FnFn+3, y = 2Fn+1Fn+2, and z = F2
n+1 + F2
n+2. Then
x2 + y2 = z2 (see Exercise 4), so x-y-z is a Pythagorean triple.
For example, let n = 4. Then x = 3·13 = 39, y = 2·5·8 = 80, and z = 52 +82 =
89. Since 392 + 802 = 892, 39-80-89 is a Pythagorean triple.
Two Ancient Methods
Since m2 + [(m2 − 1)/2]2 = [(m2 + 1)/2]2, where m is odd, this formula yields
Pythagorean triples. The Pythagoreans are credited with its discovery.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-701-320.jpg)
![13.1 Pythagorean Triangles 587
Table 13.3 Pythagorean triangles with z a square.
Table 13.4 Pythagorean triangles with x or y a square.
Pythagorean Triangles with the Same Perimeter
Pythagorean triangles with the same perimeter do exist. They are rare and not easy
to find, if primitive Pythagorean triples are used. Three such triangles are 7080-
119-7081, 5032-3255-5993, and 168-7055-7057, generated by m = 60 and n = 59;
m = 68 and n = 37; and m = 84 and n = 1, respectively. Their common perimeter
is 14,280. Notice that the Pythagorean triangles 48-20-52, 24-45-51, and 40-30-50
share a smaller common perimeter, namely, 120.
Pythagorean Triangles with the Same Area
Do Pythagorean triangles with the same area exist? A close investigation of Ta-
ble 13.2 reveals a pleasant surprise. It contains two such triangles, 20-21-29 and
12-35-37, with the same area, 210.
Pythagorean triangles with equal areas were studied by Diophantus, Fermat, and
the English logician Lewis Carroll. A note in Carroll’s diary, dated December 19,
1897, reads as follows: “Sat up last night till 4 A.M. [sic] over a tempting problem
sent me from New York: to find three equal rational sided right triangles. I found two
whose sides are 20, 21, 29 and 12, 35, 37 but could not find three.”
The smallest area common to three primitive Pythagorean triangles is 13, 123,
110. Their sides are generated by 77, 38; 138, 5; and 78, 55. See Exercise 28.](https://image.slidesharecdn.com/elementarynumbertheorywithapplicationskoshy-220611114244-dcb69871/85/Elementary-Number-Theory-with-Applications-Koshy-pdf-707-320.jpg)
Elementary Number Theory with Applications Koshy.pdf
- 2. List of Symbols Symbol Meaning Page Z set of integers (3) x ∈ S x belongs to set S (3) x / ∈ S x does not belong to set S (3) Z+ set of positive integers (3) N set of positive integers (3) W set of whole numbers (4) a < b a is less than b (4) a > b a is greater than b (4) a ≤ b a < b or a = b (5) a ≥ b a > b or a = b (5) min{x,y} the minimum of x and y (5) max{x,y} the maximum of x and y (5) |x| the absolute value of x (5) x the floor of the real number x (6) x the ceiling of the real number x (6) i=m i=k ai = m i=k ai = m k ai ak + ak+1 + ··· + am (9) i∈I ai the sum of the values of ai as i runs over the various values in I (11) P aij the sum of the values of aij, where i and j satisfy properties P (11) i=m i=k ai = m i=k ai = m k ai akak+1 ···am (13) n! n factorial (13) n r binomial coefficient (33) tn triangular number (40) sn square number (44) pn pentagonal number (46) hn hexagonal number (48) Tn tetrahedral number (49) Sn square pyramidal number (50) Pn pentagonal pyramidal number (51) Hn hexagonal pyramidal number (51) a div b the quotient when a is divided by b (71) a mod b the remainder when a is divided by b (71) Symbol Meaning Page a|b a is a factor of b (74) a b a is not a factor of b (74) |A| the number of elements in set A (76) A ∪ B the union of sets A and B (76) A ∩ B the intersection of sets A and B (76) A the complement of set A (76) N = (akak−1 ...a1a0)b base-b representation of N (83) Rn repunit with n ones (96) π(x) the number of primes ≤ x (110) Fn the nth Fibonacci number (129) Ln the nth Lucas number (136) |A| the determinant of matrix A (138) fn the nth Fermat number (139) (a,b) the greatest common factor of a and b (155) (a1,a2,...,an) the greatest common factor of a1,a2,..., and an (162) pa
- 3. n pa exactly divides n (183) [a,b] the least common multiple of a and b (184) [a1,a2,...,an] the least common multiple of a1,a2,..., and an (187) a ≡ b (mod m) a is congruent to b modulo m (212) a ≡ b (mod m) a is not congruent to b modulo m (212) [r] the congruence class represented by r (216) a−1 an inverse of a modulo m (234) ρ(n) the digital root of n (291) In the identity matrix of order n (316) n# the product of primes ≤ n (325) ϕ(n) Euler’s phi function (342) τ(n) the number of positive factors of n (365) σ(n) the sum of the positive factors of n (366) Mp Mersenne number 2p − 1 (381) μ(n) Möbius function (398) λ(n) Liouville function (405) ordm a the order of a modulo m (456) ψ(d) the number of incongruent residues of order d modulo p (470) indα a the index of a to the base α (483) (a/p) Legendre symbol (501) (a/m) Jacobi symbol (527) (a/n) Kronecker symbol (549)
- 5. Elementary Number Theory with Applications Second Edition
- 7. Elementary Number Theory with Applications Second Edition Thomas Koshy AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Academic Press is an imprint of Elsevier
- 8. Academic Press is an imprint of Elsevier 30 Corporate Drive, Suite 400, Burlington, MA 01803, USA 525 B Street, Suite 1900, San Diego, California 92101-4495, USA 84 Theobald’s Road, London WC1X 8RR, UK This book is printed on acid-free paper. ∞ Copyright © 2007, Elsevier Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Permissions may be sought directly from Elsevier’s Science Technology Rights Department in Oxford, UK: phone: (+44) 1865 843830, fax: (+44) 1865 853333, E-mail: permissions@elsevier.com. You may also complete your request on-line via the Elsevier homepage (http://elsevier.com), by selecting “Support Contact” then “Copyright and Permission” and then “Obtaining Permissions.” Library of Congress Cataloging-in-Publication Data Koshy, Thomas. Elementary number theory with applications / Thomas Koshy. – 2nd ed. p. cm. Includes bibliographical references and index. ISBN 978-0-12-372487-8 (alk. paper) 1. Number theory. I. Title. QA241.K67 2007 512.7–dc22 2007010165 British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library. ISBN: 978-0-12-372487-8 For information on all Academic Press publications visit our Web site at www.books.elsevier.com Printed in the United States of America 07 08 09 10 9 8 7 6 5 4 3 2 1
- 9. Dedicated to my sister, Aleyamma Zachariah, and my brother, M. K. Tharian; and to the memory of Professor Edwin Weiss, Professor Donald W. Blackett, and Vice Chancellor A. V. Varughese
- 11. Contents Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii A Word to the Student . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi 1 Fundamentals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 Fundamental Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2 The Summation and Product Notations . . . . . . . . . . . . . . . . . . . . . 9 1.3 Mathematical Induction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 1.4 Recursion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 1.5 The Binomial Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 1.6 Polygonal Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 1.7 Pyramidal Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 1.8 Catalan Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 2 Divisibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 2.1 The Division Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 2.2 Base-b Representations (optional) . . . . . . . . . . . . . . . . . . . . . . . . . 80 2.3 Operations in Nondecimal Bases (optional) . . . . . . . . . . . . . . . . . . . 89 2.4 Number Patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 2.5 Prime and Composite Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 2.6 Fibonacci and Lucas Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 2.7 Fermat Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 vii
- 12. viii Contents 3 Greatest Common Divisors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 3.1 Greatest Common Divisor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 3.2 The Euclidean Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 3.3 The Fundamental Theorem of Arithmetic . . . . . . . . . . . . . . . . . . . . 173 3.4 Least Common Multiple . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 3.5 Linear Diophantine Equations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 4 Congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 4.1 Congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 4.2 Linear Congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 4.3 The Pollard Rho Factoring Method . . . . . . . . . . . . . . . . . . . . . . . . . 238 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 5 Congruence Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247 5.1 Divisibility Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247 5.2 Modular Designs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 5.3 Check Digits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 5.4 The p-Queens Puzzle (optional) . . . . . . . . . . . . . . . . . . . . . . . . . . 273 5.5 Round-Robin Tournaments (optional) . . . . . . . . . . . . . . . . . . . . . . . 277 5.6 The Perpetual Calendar (optional) . . . . . . . . . . . . . . . . . . . . . . . . . 282 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292 6 Systems of Linear Congruences . . . . . . . . . . . . . . . . . . . . . . . . 295 6.1 The Chinese Remainder Theorem . . . . . . . . . . . . . . . . . . . . . . . . . 295 6.2 General Linear Systems (optional) . . . . . . . . . . . . . . . . . . . . . . . . . 303
- 13. Contents ix 6.3 2 × 2 Linear Systems (optional) . . . . . . . . . . . . . . . . . . . . . . . . . . 307 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318 7 Three Classical Milestones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321 7.1 Wilson’s Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321 7.2 Fermat’s Little Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326 7.3 Pseudoprimes (optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337 7.4 Euler’s Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 8 Multiplicative Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 8.1 Euler’s Phi Function Revisited . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 8.2 The Tau and Sigma Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 8.3 Perfect Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373 8.4 Mersenne Primes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381 8.5 The Möbius Function (optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . 398 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412 9 Cryptology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413 9.1 Affine Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416 9.2 Hill Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425 9.3 Exponentiation Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430 9.4 The RSA Cryptosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434 9.5 Knapsack Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451
- 14. x Contents Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 10 Primitive Roots and Indices . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455 10.1 The Order of a Positive Integer . . . . . . . . . . . . . . . . . . . . . . . . . . 455 10.2 Primality Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464 10.3 Primitive Roots for Primes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 10.4 Composites with Primitive Roots (optional) . . . . . . . . . . . . . . . . . . 474 10.5 The Algebra of Indices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493 11 Quadratic Congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495 11.1 Quadratic Residues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495 11.2 The Legendre Symbol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 11.3 Quadratic Reciprocity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515 11.4 The Jacobi Symbol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527 11.5 Quadratic Congruences with Composite Moduli (optional) . . . . . . . . 535 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550 12 Continued Fractions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551 12.1 Finite Continued Fractions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552 12.2 Infinite Continued Fractions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578 13 Miscellaneous Nonlinear Diophantine Equations . . . . . . . . . . 579 13.1 Pythagorean Triangles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579
- 15. Contents xi 13.2 Fermat’s Last Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590 13.3 Sums of Squares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602 13.4 Pell’s Equation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 613 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621 Review Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623 Supplementary Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626 Computer Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 628 Enrichment Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 628 A Appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 631 A.1 Proof Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 631 A.2 Web Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 638 T Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641 T.1 Factor Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642 T.2 Values of Some Arithmetic Functions . . . . . . . . . . . . . . . . . . . . . . . 649 T.3 Least Primitive Roots r Modulo Primes p . . . . . . . . . . . . . . . . . . . . . 652 T.4 Indices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 653 R References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 657 S Solutions to Odd-Numbered Exercises . . . . . . . . . . . . . . . . . . . 665 Chapter 1 Fundamentals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 665 Chapter 2 Divisibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 677 Chapter 3 Greatest Common Divisors . . . . . . . . . . . . . . . . . . . . . . . . . . . 689 Chapter 4 Congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 696 Chapter 5 Congruence Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . 702 Chapter 6 Systems of Linear Congruences . . . . . . . . . . . . . . . . . . . . . . . 707 Chapter 7 Three Classical Milestones . . . . . . . . . . . . . . . . . . . . . . . . . . . 711 Chapter 8 Multiplicative Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 718 Chapter 9 Cryptology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 728 Chapter 10 Primitive Roots and Indices . . . . . . . . . . . . . . . . . . . . . . . . . . 731 Chapter 11 Quadratic Congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . 737 Chapter 12 Continued Fractions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 746 Chapter 13 Miscellaneous Nonlinear Diophantine Equations . . . . . . . . . . . . 748 Credits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 757 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761
- 17. Preface Man has the faculty of becoming completely absorbed in one subject, no matter how trivial and no subject is so trivial that it will not assume infinite proportions if one’s entire attention is devoted to it. — TOLSTOY, War and Peace or over two thousand years, number theory has fascinated and inspired both Famateurs and mathematicians alike. A sound and fundamental body of knowl- edge, it has been developed by the untiring pursuits of mathematicians all over the world. Today, number theorists continue to develop some of the most so- phisticated mathematical tools ever devised and advance the frontiers of knowl- edge. Many number theorists, including the eminent nineteenth-century English num- ber theorist Godfrey H. Hardy, once believed that number theory, although beautiful, had no practical relevance. However, the advent of modern technology has brought a new dimension to the power of number theory: constant practical use. Once con- sidered the purest of pure mathematics, it is used increasingly in the rapid develop- ment of technology in a number of areas, such as art, coding theory, cryptology, and computer science. The various fascinating applications have confirmed that human ingenuity and creativity are boundless, although many years of hard work may be needed to produce more meaningful and delightful applications. The Pursuit of a Dream This book is the fruit of years of dreams and the author’s fascination for the subject, its beauty, elegance, and historical development; the opportunities it provides for both experimentation and exploration; and, of course, its marvelous applications. This new edition, building on the strengths of its predecessor, incorporates a number of constructive suggestions made by students, reviewers, and well-wishers. It is logically conceived, self-contained, well-organized, nonintimidating, and written with students and amateurs in mind. In clear, readable language, this book offers an overview of the historical development of the field, including major figures, as well xiii
- 18. xiv Preface as step-by-step development of the basic concepts and properties, leading to the more advanced exercises and discoveries. Audience and Prerequisites The book is designed for an undergraduate course in number theory for students majoring in mathematics and/or computer science at the sophomore/junior level and for students minoring in mathematics. No formal prerequisites are required to study the material or to enjoy its beauty except a strong background in college algebra. The main prerequisite is mathematical maturity: lots of patience, logical thinking, and the ability for symbolic manipulation. This book should enable students and number theory enthusiasts to enjoy the material with great ease. Coverage The text includes a detailed discussion of the traditional topics in an undergradu- ate number theory course, emphasizing problem-solving techniques, applications, pattern recognition, conjecturing, recursion, proof techniques, and numeric compu- tations. It also covers figurate numbers and their geometric representations, Catalan numbers, Fibonacci and Lucas numbers, Fermat numbers, an up-to-date discussion of the various classes of prime numbers, and factoring techniques. Starred () op- tional sections and optional puzzles can be omitted without losing continuity of de- velopment. Included in this edition are new sections on Catalan numbers and the Pollard rho factoring method, a subsection on the Pollard p − 1 factoring method, and a short chapter on continued fractions. The section on linear diophantine equations now appears in Chapter 3 to provide full prominence to congruences. A number of well-known conjectures have been added to challenge the more am- bitious students. Identified by the conjecture symbol ? in the margin, they should provide wonderful opportunities for group discussion, experimentation, and explo- ration. Examples and Exercises Each section contains a wealth of carefully prepared and well-graded examples and exercises to enhance student skills. Examples are developed in detail for easy un- derstanding. Many exercise sets contain thought-provoking true/false problems, nu- meric problems to develop computational skills, and proofs to master facts and the various proof techniques. Extensive chapter-end review exercise sets provide com- prehensive reviews, while chapter-end supplementary exercises provide challenging opportunities for the curious-minded to pursue.
- 19. Preface xv Starred () exercises are, in general, difficult, and doubly starred () ones are more difficult. Both can be omitted without losing overall understanding of the con- cepts under discussion. Exercises identified with a c in the margin require a knowl- edge of elementary calculus; they can be omitted by students with no calculus back- ground. Historical Comments and Biographies Historical information, including biographical sketches of about 50 mathematicians, is woven throughout the text to enhance a historical perspective on the develop- ment of number theory. This historical dimension provides a meaningful context for prospective and in-service high school and middle school teachers in mathematics. An index of the biographies, keyed to pages in the text, can be found inside the back cover. Applications This book has several unique features. They include the numerous relevant and thought-provoking applications spread throughout, establishing a strong and mean- ingful bridge with geometry and computer science. These applications increase stu- dent interest and understanding and generate student interaction. In addition, the book shows how modular systems can be used to create beautiful designs, link- ing number theory with both geometry and art. The book also deals with barcodes, zip codes, International Serial Book Numbers, European Article Numbers, vehicle identification numbers, and German bank notes, emphasizing the closeness of num- ber theory to our everyday life. Furthermore, it features Friday-the-thirteenth, the p-queens puzzle, round-robin tournaments, a perpetual calendar, the Pollard rho fac- toring method, and the Pollard p − 1 factoring method. Flexibility The order and selection of topics offer maximum flexibility for instructors to select chapters and sections that are appropriate for student needs and course lengths. For example, Chapter 1 can be omitted or assigned as optional reading, as can the op- tional sections 6.2, 6.3, 7.3, 8.5, 10.4, and 11.5, without jeopardizing the core of development. Sections 2.2, 2.3, and 5.4–5.6 also can be omitted if necessary. Foundations All proof methods are explained and illustrated in detail in the Appendix. They pro- vide a strong foundation in problem-solving techniques, algorithmic approach, and proof techniques.
- 20. xvi Preface Proofs Most concepts, definitions, and theorems are illustrated through thoughtfully selected examples. Most of the theorems are proven, with the exception of some simple ones left as routine exercises. The proofs shed additional light on the understanding of the topic and enable students to develop their problem-solving skills. The various proof techniques are illustrated throughout the text. Proofs Without Words Several geometric proofs of formulas are presented without explanation. This unique feature should generate class discussion and provide opportunities for further explo- ration. Pattern Recognition An important problem-solving technique used by mathematicians is pattern recogni- tion. Throughout the book, there are ample opportunities for experimentation and ex- ploration: collecting data, arranging them systematically, recognizing patterns, mak- ing conjectures, and then establishing or disproving these conjectures. Recursion By drawing on well-selected examples, the text explains in detail this powerful strat- egy, which is used heavily in both mathematics and computer science. Many exam- ples are provided to ensure that students are comfortable with this powerful problem- solving technique. Numeric Puzzles Several fascinating, optional number-theoretic puzzles are presented for discussion and digression. It would be a good exercise to justify each. These puzzles are useful for prospective and in-service high school and middle school teachers in mathemat- ics. Algorithms A number of algorithms are given as a problem-solving technique in a straightfor- ward fashion. They can easily be translated into computer programs in a language of your choice. These algorithms are good candidates for class discussion and are boxed in for easy identification.
- 21. Preface xvii Computer Assignments Relevant and thought-provoking computer assignments are provided at the end of each chapter. They provide hands-on experience with concepts and enhance the op- portunity for computational exploration and experimentation. A computer algebra system, such as Maple or Mathematica, or a language of your choice can be used. Chapter Summary At the end of each chapter, you will find a summary that is keyed to pages in the text. This provides a quick review and easy reference. Summaries contain the various definitions, symbols, and properties. Enrichment Readings Each chapter ends with a carefully prepared list of readings from various sources for further exploration of the topics and for additional enrichment. Web Links Relevant annotated web sites are listed in the Appendix. For instance, up-to-date information on the discovery of Mersenne primes and twin primes is available on the Internet. This enables both amateurs and professionals to access the most recent discoveries and research. Special Symbols The square denotes the end of a proof and an example. The conjecture symbol ? indicates an unresolved problem. Index of Symbols Inside the front cover, you will find, for quick reference, a list of symbols and the page numbers on which they first occur. Odd-Numbered Solutions The solutions to all odd-numbered exercises are given at the end of the text. Solutions Manual for Students The Student’s Solutions Manual contains detailed solutions to all even-numbered ex- ercises. It also contains valuable tips for studying mathematics, as well as for prepar- ing and taking examinations.
- 22. xviii Preface Instructor’s Manual The Instructor’s Manual contains detailed solutions to all even-numbered exercises, sample tests for each chapter, and the keys for each test. It also contains two sample final examinations and their keys. Highlights of this Edition They include: • Catalan numbers (Sections 1.8, 2.5, and 8.4) • Linear diophantine equations with Fibonacci coefficients (Section 3.5) • Pollard rho factoring method (Section 4.3) • Vehicle identification numbers (Section 5.3) • German bank notes (Section 5.3) • Factors of 2n + 1 (Section 7.2) • Pollard p − 1 factoring method (Section 7.2) • Pascal’s binary triangle and even perfect numbers (Section 8.4) • Continued fractions (Chapter 12) • Well-known conjectures • Expanded exercise sets Acknowledgments I am grateful to a number of people for their cooperation, support, encouragement, and thoughtful comments during the writing and revising of this book. They all have played a significant role in improving its quality. To begin with, I am indebted to the following reviewers for their boundless en- thusiasm and constructive suggestions: Steven M. Bairos Data Translation, Inc. Peter Brooksbank Bucknell University Roger Cooke University of Vermont Joyce Cutler Framingham State College Daniel Drucker Wayne State University Maureen Femick Minnesota State University at Mankato Burton Fein Oregon State University Justin Wyss-Gallifent University of Maryland Napolean Gauthier The Royal Military College of Canada Richard H. Hudson University of South Carolina Robert Jajcay Indiana State University Roger W. Leezer California State University at Sacramento
- 23. Preface xix I. E. Leonard University of Alberta Don Redmond Southern Illinois University Dan Reich Temple University Helen Salzberg Rhode Island College Seung H. Son University of Colorado at Colorado Springs David Stone Georgia Southern University M. N. S. Swamy Concordia University Fernando Rodriguez Villegas University of Texas at Austin Betsey Whitman Framingham State College Raymond E. Whitney Lock Haven University Thanks also to Roger Cooke of the University of Vermont, Daniel Drucker of Wayne State University, Maureen Fenrick of Minnesota State University at Mankato, and Kevin Jackson-Mead for combing through the entire manuscript for accuracy; to Daniel Drucker of Wayne State University and Dan Reich of Temple University for class-testing the material; to the students Prasanth Kalakota of Indiana State Uni- versity and Elvis Gonzalez of Temple University for their comments; to Thomas E. Moore of Bridgewater State College and Don Redmond of Southern Illinois Uni- versity for preparing the solutions to all odd-numbered exercises; to Ward Heilman of Bridgewater State College and Roger Leezer of California State University at Sacramento for preparing the solutions to all even-numbered exercises; to Margarite Roumas for her superb editorial assistance; and to Madelyn Good and Ellen Keane at the Framingham State College Library, who tracked down a number of articles and books. My sincere appreciation also goes to Senior Editors Barbara Holland, who initiated the original project, Pamela Chester, and Thomas Singer; Production Editor Christie Jozwiak, Project Manager Jamey Stegmaier, Copyeditor Rachel Henriquez, and Editorial Assistant Karen Frost at Harcourt/Academic Press for their coopera- tion, promptness, support, encouragement, and confidence in the project. Finally, I must confess that any errors that may yet remain are my own respon- sibility. However, I would appreciate hearing about any inadvertent errors, alternate solutions, or, better yet, exercises you have enjoyed. Thomas Koshy tkoshy@frc.mass.edu
- 25. A Word to the Student Mathematics is music for the mind; music is mathematics for the soul. — ANONYMOUS The Language of Mathematics To learn a language, you have to know its alphabet, grammar, and syntax, and you have to develop a decent vocabulary. Likewise, mathematics is a language with its own symbols, rules, terms, definitions, and theorems. To be successful in mathe- matics, you must know them and be able to apply them; you must develop a work- ing vocabulary, use it as often as you can, and speak and write in the language of math. This book was written with you in mind, to create an introduction to number theory that is easy to understand. Each chapter is divided into short sections of ap- proximately the same length. Problem-Solving Techniques Throughout, the book emphasizes problem-solving techniques such as doing ex- periments, collecting data, organizing them in an orderly fashion, recognizing pat- terns, and making conjectures. It also emphasizes recursion, an extremely powerful problem-solving strategy used heavily in both mathematics and computer science. Although you may need some practice to get used to recursion, once you know how to approach problems recursively, you will appreciate its power and beauty. So do not be turned off, even if you have to struggle a bit with it initially. The book stresses proof techniques as well. Theorems are the bones of math- ematics. So, for your convenience, the various proof methods are explained and il- lustrated in the Appendix. It is strongly recommended that you master them; do the worked-out examples, and then do the exercises. Keep reviewing the techniques as often as needed. Many of the exercises use the theorems and the techniques employed in their proofs. Try to develop your own proofs. This will test your logical thinking and xxi
- 26. xxii A Word to the Student analytical skills. In order to fully enjoy this beautiful and elegant subject, you must feel at home with the various proof methods. Getting Involved Basketball players such as Michael Jordan and Larry Bird did not become super- stars by reading about basketball or watching others play. Besides knowing the rules and the objects needed to play, they needed countless hours of practice, hard work, and determination to achieve their goal. Likewise, you cannot learn mathematics by simply watching your professor do it in class or by reading about it; you have to do it yourself every day, just as skill is acquired in a sport. You can learn mathe- matics in small, progressive steps only, building on skills you already have devel- oped. Suggestions for Learning Here are a few suggestions you should find useful in your pursuit: • Read a few sections before each class. You might not fully understand the ma- terial, but you will certainly follow it far better when your professor discusses it in class. Besides, you will be able to ask more questions in class and answer more questions. • Always go to class well prepared. Be prepared to answer and ask questions. • Whenever you study from the book, make sure you have a pencil and enough scrap paper next to you for writing the definitions, theorems, and proofs and for doing the exercises. • Study the material taught in class on the same day. Do not just read it as if you were reading a novel or a newspaper. Write down the definitions, theorems, and properties in your own words without looking in your notes or the book. Rewrite the examples, proofs, and exercises done in class, all in your own words. If you cannot do them on your own, study them again and try again; continue until you succeed. • Always study the relevant section in the text and do the examples there, then do the exercises at the end of the section. Since the exercises are graded in order of difficulty, do them in order. Do not skip steps or write over previous steps; this way you will be able to progress logically, locate your errors, and correct your mistakes. If you cannot solve a problem because it involves a new term, formula, or some property, then re-study the relevant portion of the section and try again. Do not assume that you will be able to do every problem the first time you try it. Remember, practice is the best shortcut to success.
- 27. A Word to the Student xxiii Solutions Manual The Student’s Solutions Manual contains additional tips for studying mathematics, preparing for an examination in mathematics, and taking an examination in mathe- matics. It also contains detailed solutions to all even-numbered exercises. A Final Word Mathematics, especially number theory, is no more difficult than any other subject. If you have the willingness, patience, and time to sit down and do the work, then you will find number theory worth studying and this book worth studying from; you will find that number theory can be fun, and fun can be number theory. Remember that learning mathematics is a step-by-step matter. Do your work regularly and system- atically; review earlier chapters every week, since things must be fresh in your mind to apply them and to build on them. In this way, you will enjoy the subject and feel confident to explore more. I look forward to hearing from you with your comments and suggestions. In the meantime, enjoy the book. Thomas Koshy
- 29. 1 Fundamentals Tell me and I will forget. Show me and I will remember. Involve me and I will understand. — CONFUCIUS he outstanding German mathematician Karl Friedrich Gauss (1777–1855) Tonce said, “Mathematics is the queen of the sciences and arithmetic the queen of mathematics.” “Arithmetic,” in the sense Gauss uses it, is number theory, which, along with geometry, is one of the two oldest branches of mathematics. Num- ber theory, as a fundamental body of knowledge, has played a pivotal role in the development of mathematics. And as we will see in the chapters ahead, the study of number theory is elegant, beautiful, and delightful. A remarkable feature of number theory is that many of its results are within the reach of amateurs. These results can be studied, understood, and appreciated with- out much mathematical sophistication. Number theory provides a fertile ground for both professionals and amateurs. We can also find throughout number theory many fascinating conjectures whose proofs have eluded some of the most brilliant mathe- maticians. We find a great number of unsolved problems as well as many intriguing results. Another interesting characteristic of number theory is that although many of its results can be stated in simple and elegant terms, their proofs are sometimes long and complicated. Generally speaking, we can define “number theory” as the study of the properties of numbers, where by “numbers” we mean integers and, more specifically, positive integers. Studying number theory is a rewarding experience for several reasons. First, it has historic significance. Second, integers, more specifically, positive integers, are 1
- 30. 2 CHAPTER 1 Fundamentals A Greek Stamp Honoring Pythagoras The Island of Samos Pythagoras (ca. 572–ca. 500 B.C.), a Greek philoso- pher and mathematician, was born on the Aegean is- land of Samos. After extensive travel and studies, he returned home around 529 B.C. only to find that Samos was under tyranny, so he migrated to the Greek port of Crontona, now in southern Italy. There he founded the famous Pythagorean school among the aristo- crats of the city. Besides being an academy for phi- losophy, mathematics, and natural science, the school became the center of a closely knit brotherhood shar- ing arcane rites and observances. The brotherhood ascribed all its discoveries to the master. A philosopher, Pythagoras taught that number was the essence of everything, and he associated numbers with mystical powers. He also believed in the transmigration of the soul, an idea he might have borrowed from the Hindus. Suspicions arose about the brotherhood, leading to the murder of most of its members. The school was destroyed in a political uprising. It is not known whether Pythagoras escaped death or was killed. the building blocks of the real number system, so they merit special recognition. Third, the subject yields great beauty and offers both fun and excitement. Finally, the many unsolved problems that have been daunting mathematicians for centuries provide unlimited opportunities to expand the frontiers of mathematical knowledge. Goldbach’s conjecture (Section 2.5) and the existence of odd perfect numbers (Sec- tion 8.3) are two cases in point. Modern high-speed computers have become a pow- erful tool in proving or disproving such conjectures. Although number theory was originally studied for its own sake, today it has intriguing applications to such diverse fields as computer science and cryptography (the art of creating and breaking codes). The foundations for number theory as a discipline were laid out by the Greek mathematician Pythagoras and his disciples (known as the Pythagoreans). The Pythagorean brotherhood believed that “everything is number” and that the central explanation of the universe lies in number. They also believed some numbers have mystical powers. The Pythagoreans have been credited with the invention of am- icable numbers, perfect numbers, figurate numbers, and Pythagorean triples. They classified integers into odd and even integers, and into primes and composites. Another Greek mathematician, Euclid (ca. 330–275 B.C.), also made significant contributions to number theory. We will find many of his results in the chapters to follow. We begin our study of number theory with a few fundamental properties of in- tegers.
- 31. 1.1 Fundamental Properties 3 Little is known about Euclid’s life. He was on the faculty at the University of Alexan- dria and founded the Alexandrian School of Mathematics. When the Egyptian ruler King Ptolemy I asked Euclid, the father of geometry, if there were an easier way to learn geometry than by studying The Elements, he replied, “There is no royal road to geometry.” 1.1 Fundamental Properties The German mathematician Hermann Minkowski (1864–1909) once remarked, “In- tegral numbers are the fountainhead of all mathematics.” We will come to appreciate how important his statement is. In fact, number theory is concerned solely with inte- gers. The set of integers is denoted by the letter Z:† Z = {...,−3,−2,−1,0,1,2,3,...} Whenever it is convenient, we write “x ∈ S” to mean “x belongs to the set S”; “x / ∈ S” means “x does not belong to S.” For example, 3 ∈ Z, but √ 3 / ∈ Z. We can represent integers geometrically on the number line, as in Figure 1.1. Figure 1.1 The integers 1,2,3,... are positive integers. They are also called natural num- bers or counting numbers; they lie to the right of the origin on the number line. We denote the set of positive integers by Z+ or N: Z+ = N = {1,2,3,...} † The letter Z comes from the German word Zahlen for numbers.
- 32. 4 CHAPTER 1 Fundamentals Leopold Kronecker (1823–1891) was born in 1823 into a well-to-do family in Liegnitz, Prussia (now Poland). After being tutored privately at home during his early years and then attending a preparatory school, he went on to the local gymnasium, where he excelled in Greek, Latin, Hebrew, mathematics, and philosophy. There he was fortu- nate to have the brilliant German mathematician Ernst Eduard Kummer (1810–1893) as his teacher. Recognizing Kronecker’s mathematical talents, Kummer encouraged him to pursue independent scientific work. Kummer later became his professor at the universities of Breslau and Berlin. In 1841, Kronecker entered the University of Berlin and also spent time at the University of Breslau. He attended lectures by Dirichlet, Jacobi, Steiner, and Kummer. Four years later he received his Ph.D. in mathematics. Kronecker’s academic life was interrupted for the next 10 years when he ran his uncle’s business. Nonethe- less, he managed to correspond regularly with Kummer. After becoming a member of the Berlin Academy of Sciences in 1861, Kronecker began his academic career at the University of Berlin, where he taught unpaid until 1883; he became a salaried professor when Kummer retired. In 1891, his wife died in a fatal mountain climbing accident, and Kronecker, devastated by the loss, suc- cumbed to bronchitis and died four months later. Kronecker was a great lover of the arts, literature, and music, and also made profound contributions to num- ber theory, the theory of equations, elliptic functions, algebra, and the theory of determinants. The vertical bar notation for determinants is his creation. The German mathematician Leopold Kronecker wrote, “God created the natural numbers and all else is the work of man.” The set of positive integers, together with 0, forms the set of whole numbers W: W = {0,1,2,3,...} Negative integers, namely, ...,−3,−2,−1, lie to the left of the origin. Notice that 0 is neither positive nor negative. We can employ positive integers to compare integers, as the following definition shows. The Order Relation Let a and b be any two integers. Then a is less than b, denoted by a b, if there exists a positive integer x such that a + x = b, that is, if b − a is a positive integer. When a b, we also say that b is greater than a, and we write b a.† † The symbols and were introduced in 1631 by the English mathematician Thomas Harriet (1560–1621).
- 33. 1.1 Fundamental Properties 5 If a is not less than b, we write a ≮ b; similarly, a ≯ b indicates a is not greater than b. It follows from this definition that an integer a is positive if and only if a 0. Given any two integers a and b, there are three possibilities: either a b, a = b, or a b. This is the law of trichotomy. Geometrically, this means if a and b are any two points on the number line, then either point a lies to the left of point b, the two points are the same, or point a lies to the right of point b. We can combine the less than and equality relations to define the less than or equal to relation. If a b or a = b, we write a ≤ b.† Similarly, a ≥ b means either a b or a = b. Notice that a b if and only if a ≥ b. We will find the next result useful in Section 3.4. Its proof is fairly simple and is an application of the law of trichotomy. THEOREM‡ 1.1 Let min{x,y} denote the minimum of the integers x and y, and max{x,y} their maxi- mum. Then min{x,y} + max{x,y} = x + y.§ PROOF (by cases) case 1 Let x ≤ y. Then min{x,y} = x and max{x,y} = y, so min{x,y}+max{x,y} = x + y. case 2 Let x y. Then min{x,y} = y and max{x,y} = x, so min{x,y}+max{x,y} = y + x = x + y. The law of trichotomy helps us to define the absolute value of an integer. Absolute Value The absolute value of a real number x, denoted by |x|, is defined by |x| = x if x ≥ 0 −x otherwise For example, |5| = 5, |−3| = −(−3) = 3, |π| = π, and |0| = 0. Geometrically, the absolute value of a number indicates its distance from the origin on the number line. Although we are interested only in properties of integers, we often need to deal with rational and real numbers also. Floor and ceiling functions are two such number-theoretic functions. They have nice applications to discrete mathematics and computer science. † The symbols ≤ and ≥ were introduced in 1734 by the French mathematician P. Bouguer. ‡ A theorem is a (major) result that can be proven from axioms or previously known results. § Theorem 1.1 is true even if x and y are real numbers.
- 34. 6 CHAPTER 1 Fundamentals Floor and Ceiling Functions The floor of a real number x, denoted by x, is the greatest integer ≤ x. The ceiling of x, denoted by x , is the least integer ≥ x.† The floor of x rounds down x, whereas the ceiling of x rounds up. Accordingly, if x / ∈ Z, the floor of x is the nearest integer to the left of x on the number line, and the ceiling of x is the nearest integer to the right of x, as Figure 1.2 shows. The floor function f(x) = x and the ceiling function g(x) = x are also known as the greatest integer function and the least integer function, respectively. Figure 1.2 For example, π = 3, log10 3 = 0, −3.5 = −4, −2.7 = −3, π = 4, log10 3 = 1, −3.5 = −3, and −2.7 = −2. The floor function comes in handy when real numbers are to be truncated or rounded off to a desired number of decimal places. For example, the real number π = 3.1415926535... truncated to three decimal places is given by 1000π/1000 = 3141/1000 = 3.141; on the other hand, π rounded to three decimal places is 1000π + 0.5/1000 = 3.142. There is yet another simple application of the floor function. Suppose we divide the unit interval [0,1) into 50 subintervals of equal length 0.02 and then seek to determine the subinterval that contains the number 0.4567. Since 0.4567/0.02 + 1 = 23, it lies in the 23rd subinterval. More generally, let 0 ≤ x 1. Then x lies in the subinterval x/0.02 + 1 = 50x + 1. The following example presents an application of the ceiling function to every- day life. EXAMPLE 1.1 (The post-office function) In 2006, the postage rate in the United States for a first- class letter of weight x, not more than one ounce, was 39¢; the rate for each additional ounce or a fraction thereof up to 11 ounces was an additional 24¢. Thus, the postage p(x) for a first-class letter can be defined as p(x) = 0.39 + 0.24 x − 1 , 0 x ≤ 11. For instance, the postage for a letter weighing 7.8 ounces is p(7.8) = 0.39 + 0.24 7.8 − 1 = $2.07. † These two notations and the names, floor and ceiling, were introduced by Kenneth E. Iverson in the early 1960s. Both notations are variations of the original greatest integer notation [x].
- 35. 1.1 Fundamental Properties 7 Some properties of the floor and ceiling functions are listed in the next theorem. We shall prove one of them; the others can be proved as routine exercises. THEOREM 1.2 Let x be any real number and n any integer. Then 1. n = n = n 2. x = x + 1 (x / ∈ Z) 3. x + n = x + n 4. x + n = x + n 5. n 2 = n − 1 2 if n is odd. 6. n 2 = n + 1 2 if n is odd. PROOF Every real number x can be written as x = k + x, where k = x and 0 ≤ x 1. See Figure 1.3. Then Figure 1.3 x + n = k + n + x = (k + n) + x x + n = k + n, since 0 ≤ x 1 = x + n E X E R C I S E S 1.1 1. The English mathematician Augustus DeMorgan, who lived in the 19th century, once remarked that he was x years old in the year x2. When was he born? Evaluate each, where x is a real number. 2. f(x) = x |x| (x = 0) 3. g(x) = x + −x 4. h(x) = x + −x Determine whether: 5. −−x = x 6. − −x = x 7. There are four integers between 100 and 1000 that are each equal to the sum of the cubes of its digits. Three of them are 153, 371, and 407. Find the fourth num- ber. (Source unknown.) 8. An n-digit positive integer N is a Kaprekar number if the sum of the number formed by the last n digits in N2, and the number formed by the first n (or n − 1) digits in N2 equals N. For example, 297 is a Kaprekar number since 2972 = 88209 and 88 + 209 = 297. There are five Kaprekar numbers 100. Find them. 9. Find the flaw in the following “proof”: Let a and b be real numbers such that a = b. Then ab = b2 a2 − ab = a2 − b2 Factoring, a(a − b) = (a + b)(a − b). Canceling a − b from both sides, a = a + b. Since a = b, this yields a = 2a. Canceling a from both sides, we get 1 = 2.
- 36. 8 CHAPTER 1 Fundamentals D. R. Kaprekar (1905–1986) was born in Dahanu, India, near Bombay. After losing his mother at the age of eight, he built a close relationship with his astrologer-father, who passed on his knowledge to his son. He at- tended Ferguson College in Pune, and then graduated from the University of Bombay in 1929. He was awarded the Wrangler R. P. Paranjpe prize in 1927 in recognition of his mathematical contributions. A prolific writer in recreational number theory, he worked as a schoolteacher in Devlali, India, from 1930 until his retirement in 1962. Kaprekar is best known for his 1946 discovery of the Kaprekar constant 6174. It took him about three years to discover the number: Take a four-digit number a, not all digits being the same; let a denote the number obtained by rearranging its digits in nondecreasing order and a denote the number obtained by rearranging its digits in nonincreasing order. Repeat these steps with b = a −a and its successors. Within a maximum of eight steps, this process will terminate in 6174. It is the only integer with this property. 10. Express 635,318,657 as the sum of two fourth powers in two different ways. (It is the smallest number with this property.) 11. The integer 1105 can be expressed as the sum of two squares in four different ways. Find them. 12. There is exactly one integer between 2 and 2 × 1014 that is a perfect square, a cube, and a fifth power. Find it. (A. J. Friedland, 1970) 13. The five-digit number 2xy89 is the square of an in- teger. Find the two-digit number xy. (Source: Mathe- matics Teacher) 14. How many perfect squares can be displayed on a 15- digit calculator? 15. The number sequence 2,3,5,6,7,10,11,... consists of positive integers that are neither squares nor cubes. Find the 500th term of this sequence. (Source: Math- ematics Teacher) Prove each, where a, b, and n are any integers, and x is a real number. 16. |ab| = |a| · |b| 17. |a + b| ≤ |a| + |b| 18. n 2 = n − 1 2 if n is odd. 19. n 2 = n + 1 2 if n is odd. 20. n2 4 = n2 − 1 4 if n is odd. 21. n2 4 = n2 + 3 4 if n is odd. 22. n 2 + n 2 = n 23. x = x + 1 (x / ∈ Z) 24. x = −−x 25. x + n = x + n 26. x + x + 1/2 = 2x 27. x/n = x/n The distance from x to y on the number line, denoted by d(x,y), is defined by d(x,y) = |y − x|. Prove each, where x,y, and z are any integers. 28. d(x,y) ≥ 0 29. d(0,x) = |x| 30. d(x,y) = 0 if and only if x = y 31. d(x,y) = d(y,x) 32. d(x,y) ≤ d(x,z) + d(z,y) 33. Let max{x,y} denote the maximum of x and y, and min{x,y} their minimum, where x and y are any inte- gers. Prove that max{x,y} − min{x,y} = |x − y|. 34. A round-robin tournament has n teams, and each team plays at most once in a round. Determine the mini- mum number of rounds f(n) needed to complete the tournament. (Romanian Olympiad, 1978)
- 37. 1.2 The Summation and Product Notations 9 Joseph Louis Lagrange (1736–1813), who ranks with Leonhard Euler as one of the greatest mathematicians of the 18th century, was the eldest of eleven children in a wealthy family in Turin, Italy. His father, an influential cabinet official, became bank- rupt due to unsuccessful financial speculations, which forced Lagrange to pursue a profession. As a young man studying the classics at the College of Turin, his interest in math- ematics was kindled by an essay by astronomer Edmund Halley on the superiority of the analytical methods of calculus over geometry in the solution of optical problems. In 1754 he began corresponding with several outstanding mathematicians in Europe. The following year, Lagrange was appointed professor of mathematics at the Royal Artillery School in Turin. Three years later, he helped to found a society that later became the Turin Academy of Sciences. While at Turin, Lagrange developed revolu- tionary results in the calculus of variations, mechanics, sound, and probability, winning the prestigious Grand Prix of the Paris Academy of Sciences in 1764 and 1766. In 1766, when Euler left the Berlin Academy of Sciences, Frederick the Great wrote to Lagrange that “the greatest king in Europe” would like to have “the greatest mathematician of Europe” at his court. Accepting the invitation, Lagrange moved to Berlin to head the Academy and remained there for 20 years. When Frederick died in 1786, Lagrange moved to Paris at the invitation of Louis XVI. Lagrange was appointed professor at the École Normale and then at the École Polytechnique, where he taught until 1799. Lagrange made significant contributions to analysis, analytical mechanics, calculus, probability, and number theory, as well as helping to set up the French metric system. 1.2 The Summation and Product Notations We will find both the summation and the product notations very useful throughout the remainder of this book. First, we turn to the summation notation. The Summation Notation Sums, such as ak + ak+1 + ··· + am, can be written in a compact form using the summation symbol (the Greek uppercase letter sigma), which denotes the word sum. The summation notation was introduced in 1772 by the French mathematician Joseph Louis Lagrange. A typical term in the sum above can be denoted by ai, so the above sum is the sum of the numbers ai as i runs from k to m and is denoted by i=m i=k ai. Thus i=m i=k ai = ak + ak+1 + ··· + am
- 38. 10 CHAPTER 1 Fundamentals The variable i is the summation index. The values k and m are the lower and upper limits of the index i. The “i =” above the is usually omitted: i=m i=k ai = m i=k ai For example, 2 i=−1 i(i − 1) = (−1)(−1 − 1) + 0(0 − 1) + 1(1 − 1) + 2(2 − 1) = 4 The index i is a dummy variable; we can use any variable as the index without affecting the value of the sum, so m i= ai = m j= aj = m k= ak EXAMPLE 1.2 Evaluate 3 j=−2 j2. SOLUTION 3 j=−2 j2 = (−2)2 +(−1)2 +02 +12 +22 +32 = 19 The following results are extremely useful in evaluating finite sums. They can be proven using mathematical induction, presented in Section 1.3. THEOREM 1.3 Let n be any positive integer and c any real number, and a1,a2,...,an and b1, b2,...,bn any two number sequences. Then n i=1 c = nc (1.1)
- 39. 1.2 The Summation and Product Notations 11 n i=1 (cai) = c n i=1 ai (1.2) n i=1 (ai + bi) = n i=1 ai + n i=1 bi (1.3) (These results can be extended to any lower limit k ∈ Z.) The following example illustrates this theorem. EXAMPLE 1.3 Evaluate 2 j=−1 [(5j)3 − 2j]. SOLUTION 2 j=−1 [(5j)3 − 2j] = 2 j=−1 (5j)3 − 2 2 j=−1 j = 125 2 j=−1 j3 − 2 2 j=−1 j = 125[(−1)3 + 03 + 13 + 23 ] − 2(−1 + 0 + 1 + 2) = 996 Indexed Summation The summation notation can be extended to sequences with index sets I as their domains. For instance, i∈I ai denotes the sum of the values of ai as i runs over the various values in I. As an example, let I = {0,1,3,5}. Then i∈I (2i + 1) represents the sum of the values of 2i + 1 with i ∈ I, so i∈I (2i + 1) = (2 · 0 + 1) + (2 · 1 + 1) + (2 · 3 + 1) + (2 · 5 + 1) = 22 Often we need to evaluate sums of the form P aij, where the subscripts i and j satisfy certain properties P. (Such summations are used in Chapter 8.)
- 40. 12 CHAPTER 1 Fundamentals For example, let I = {1,2,3,4}. Then 1≤ij≤4 (2i + 3j) denotes the sum of the values of 2i + 3j, where 1 ≤ i j ≤ 4. This can be abbreviated as ij (2i + 3j) pro- vided the index set is obvious from the context. To find this sum, we must consider every possible pair (i,j), where i,j ∈ I and i j. Thus, ij (2i + 3j) = (2 · 1 + 3 · 2) + (2 · 1 + 3 · 3) + (2 · 1 + 3 · 4) + (2 · 2 + 3 · 3) + (2 · 2 + 3 · 4) + (2 · 3 + 3 · 4) = 80 EXAMPLE 1.4 Evaluate d≥1 d|6 d, where d|6 means d is a factor of 6. SOLUTION d≥1 d|6 d = sum of positive integers d, where d is a factor of 6 = sum of positive factors of 6 = 1 + 2 + 3 + 6 = 12 Multiple summations arise often in mathematics. They are evaluated in a right-to-left fashion. For example, the double summation i j aij is evaluated as i j aij
- 41. , as demonstrated below. EXAMPLE 1.5 Evaluate 1 i=−1 2 j=0 (2i + 3j). SOLUTION 1 i=−1 2 j=0 (2i + 3j) = 1 i=−1 2 j=0 (2i + 3j) = 1 i=−1 (2i + 3 · 0) + (2i + 3 · 1) + (2i + 3 · 2)
- 42. 1.2 The Summation and Product Notations 13 = 1 i=−1 (6i + 9) = 6 · (−1) + 9 + (6 · 0 + 9) + (6 · 1 + 9) = 27 We now turn to the product notation. The Product Notation Just as is used to denote sums, the product akak+1 ···am is denoted by i=m i=k ai. The product symbol is the Greek capital letter pi. As in the case of the summation notation, the “i =” above the product symbol is often dropped: i=m i=k ai = m i=k ai = akak+1 ···am Again, i is just a dummy variable. The following three examples illustrate this notation. The factorial function, which often arises in number theory, can be defined using the product symbol, as the following example shows. EXAMPLE 1.6 The factorial function f(n) = n! (read n factorial) is defined by n! = n(n−1)···2·1, where 0! = 1. Using the product notation, f(n) = n! = n k=1 k. EXAMPLE 1.7 Evaluate 5 i=2 (i2 − 3). SOLUTION 5 i=2 (i2 − 3) = (22 − 3)(32 − 3)(42 − 3)(52 − 3) = 1 · 6 · 13 · 22 = 1716
- 43. 14 CHAPTER 1 Fundamentals Just as we can have indexed summation, we can also have indexed multiplica- tion, as the following example shows. EXAMPLE 1.8 Evaluate i,j∈I ij (i + j), where I = {2,3,5,7}. SOLUTION Given product = product of all numbers i + j, where i,j ∈ {2,3,5,7} and i j = (2 + 3)(2 + 5)(2 + 7)(3 + 5)(3 + 7)(5 + 7) = 5 · 7 · 9 · 8 · 10 · 12 = 302,400 The following exercises provide ample practice in both notations. E X E R C I S E S 1.2 Evaluate each sum. 1. 6 i=1 i 2. 4 k=0 (3 + k) 3. 4 j=0 (j − 1) 4. 4 i=−1 3 5. 4 n=0 (3n − 2) 6. 2 j=−2 j(j − 2) 7. 4 k=−2 3k 8. 3 k=−2 3(k2) 9. 3 k=−1 (3k)2 10. 5 k=1 (3 − 2k)k Rewrite each sum using the summation notation. 11. 1 + 3 + 5 + ··· + 23 12. 31 + 32 + ··· + 310 13. 1 · 2 + 2 · 3 + ··· + 11 · 12 14. 1(1 + 2) + 2(2 + 2) + ··· + 5(5 + 2) Determine whether each is true. 15. n i=m i = n i=m (n + m − i) 16. n i=m xi = n i=m xn+m−i 17. Sums of the form S = n i=m+1 (ai − ai−1) are called telescoping sums. Show that S = an − am. 18. Using Exercise 17 and the identity 1 i(i + 1) = 1 i − 1 i + 1 , derive a formula for n i=1 1 i(i + 1) . 19. Using Exercise 17 and the identity (i + 1)2 − i2 = 2i + 1, derive a formula for n i=1 i. 20. Using Exercise 17 and the identity (i + 1)3 − i3 = 3i2 + 3i + 1, derive a formula for the sum n i=1 i2. 21. Using the ideas in Exercises 19 and 20, derive a for- mula for n i=1 i3. Evaluate each. 22. 5 i=1 6 j=1 (2i + 3j) 23. 3 i=1 i j=1 (i + 3) 24. 5 i=1 6 j=1 (i2 − j + 1) 25. 6 j=1 5 i=1 (i2 − j + 1) 26. 3 i=0 (i + 1) 27. 5 j=3 (j2 + 1)
- 44. 1.3 Mathematical Induction 15 28. 50 k=0 (−1)k Evaluate each, where p ∈ {2,3,5,7,11,13} and I = {1,2,3,5}. 29. 3 k=0 k! 30. p≤10 p 31. p≤10 p 32. i∈I (3i − 1) 33. d≥1 d|12 d 34. d≥1 d|12 12 d 35. d≥1 d|18 1 36. p≤10 1 37. i,j∈I ij (i + 2j) 38. i,j∈I i≤j ij 39. i,j∈I i|j (2i + 3j) 40. 4 j=1 (3j − 3j−1) Expand each. 41. 3 i=1 2 j=1 aij 42. 2 j=1 3 i=1 aij 43. 1≤ij≤3 (ai + aj) 44. 1≤ijk≤3 (ai + aj + ak) Evaluate each, where lgx = log2 x. 45. 1023 n=1 lg(1 + 1/n) 46. 1023 n=1 (1 + 1/n) 47. 1024 n=1 lg(1 + 1/n) 48. n k=1 k · k! (Hint: Use Exercise 17.) 49. Find the tens digit in the sum 999 k=1 k!. 50. Find the hundreds digit in the sum 999 k=1 k · k!. (Hint: Use Exercise 48.) 51. Compute ∞ n=0 10000 + 2n 2n+1 . (Hint: x + 1/2 = 2x − x; Source: Mathematics Teacher, 1993.) 1.3 Mathematical Induction The principle of mathematical induction† (PMI) is a powerful proof technique that we will use often in later chapters. Many interesting results in mathematics hold true for all positive integers. For example, the following statements are true for every positive integer n and all real numbers x, y, and xi: • (x · y)n = xn · yn • log(x1 ···xn) = n i=1 logxi † The term mathematical induction was coined by Augustus DeMorgan (1806–1871), although the Venetian scientist Francesco Maurocylus (1491–1575) applied it much earlier, in proofs in a book he wrote in 1575.
- 45. 16 CHAPTER 1 Fundamentals • n i=1 i = n(n + 1) 2 • n−1 i=0 ri = rn − 1 r − 1 (r = 1) How do we prove that these results hold for every positive integer n? Obviously, it is impossible to substitute each positive integer for n and verify that the formula holds. The principle of induction can establish the validity of such formulas. Before we plunge into induction, we need the well-ordering principle, which we accept as an axiom. (An axiom is a statement that is accepted as true; it is consistent with known facts; often it is a self-evident statement.) The Well-Ordering Principle Every nonempty set of positive integers has a least element. For example, the set {17,23,5,18,13} has a least element, namely, 5. The ele- ments of the set can be ordered as 5, 13, 17, 18, and 23. By virtue of the well-ordering principle, the set of positive integers is well or- dered. You may notice that the set of negative integers is not well ordered. The following example is a simple application of the well-ordering principle. EXAMPLE 1.9 Prove that there is no positive integer between 0 and 1. PROOF (by contradiction) Suppose there is a positive integer a between 0 and 1. Let S = {n ∈ Z+ | 0 n 1}. Since 0 a 1,a ∈ S, so S is nonempty. Therefore, by the well-ordering principle, S has a least element , where 0 1. Then 0 2 , so 2 ∈ S. But 2 , which contradicts our assumption that is a least element of S. Thus, there are no positive integers between 0 and 1. The well-ordering principle can be extended to whole numbers also, as the fol- lowing example shows. EXAMPLE 1.10 Prove that every nonempty set of nonnegative integers has a least element. PROOF (by cases) Let S be a set of nonnegative integers. case 1 Suppose 0 ∈ S. Since 0 is less than every positive integer, 0 is less than every nonzero element in S, so 0 is a least element in S.
- 46. 1.3 Mathematical Induction 17 case 2 Suppose 0 / ∈ S. Then S contains only positive integers. So, by the well- ordering principle, S contains a least element. Thus, in both cases, S contains a least element. Weak Version of Induction The following theorem is the cornerstone of the principle of induction. THEOREM 1.4 Let S be a set of positive integers satisfying the following properties: 1. 1 ∈ S. 2. If k is an arbitrary positive integer in S, then k + 1 ∈ S. Then S = N. PROOF (by contradiction) Suppose S = N. Let S = {n ∈ N | n / ∈ S}. Since S = ∅, by the well-ordering prin- ciple, S contains a least element . Then 1 by condition (1). Since is the least element in S, −1 / ∈ S. Therefore, −1 ∈ S. Consequently, by condition (2), ( − 1) + 1 = ∈ S. This contradiction establishes the theorem. This result can be generalized, as the following theorem shows. We leave its proof as an exercise. THEOREM 1.5 Let n0 be a fixed integer. Let S be a set of integers satisfying the following conditions: • n0 ∈ S. • If k is an arbitrary integer ≥ n0 such that k ∈ S, then k + 1 ∈ S. Then S contains all integers n ≥ n0. Before we formalize the principle of induction, let’s look at a trivial example. Consider an infinite number of identical dominoes arranged in a row at varying dis- tances from each other, as in Figure 1.4(a). Suppose we knock down the first domino. What happens to the rest of the dominoes? Do they all fall? Not necessarily. See Fig- ures 1.4(b) and 1.4(c). So let us assume the following: The dominoes are placed in such a way that the distance between two adjacent dominoes is less than the length of a domino; the first domino falls; and if the kth domino falls, then the (k + 1)st domino also falls. Then they all would fall. See Figure 1.4(d). This illustration can be expressed symbolically. Let P(n) denote the statement that the nth domino falls. Assume the following statements are true:
- 47. 18 CHAPTER 1 Fundamentals Figure 1.4 • P(1). • P(k) implies P(k + 1) for an arbitrary positive integer k. Then P(n) is true for every positive integer n; that is, every domino would fall. This is the essence of the following weak version of the principle. THEOREM 1.6 (The Principle of Mathematical Induction) Let P(n) be a statement satisfying the following conditions, where n ∈ Z: 1. P(n0) is true for some integer n0. 2. If P(k) is true for an arbitrary integer k ≥ n0, then P(k + 1) is also true. Then P(n) is true for every integer n ≥ n0. PROOF Let S denote the set of integers ≥ n0 for which P(n) is true. Since P(n0) is true, n0 ∈ S. By condition (2), whenever k ∈ S, k + 1 ∈ S, so, by Theorem 1.5, S contains all integers ≥ n0. Consequently, P(n) is true for every integer n ≥ n0. Condition (1) in Theorem 1.6 assumes the proposition P(n) is true when n = n0. Look at condition (2): If P(n) is true for an arbitrary integer k ≥ n0, it is also true for n = k + 1. Then, by repeated application of condition (2), it follows that P(n0 + 1), P(n0 + 2),... hold true. In other words, P(n) holds for every n ≥ n0. Theorem 1.6 can be established directly from the well-ordering principle. See Exercise 44.
- 48. 1.3 Mathematical Induction 19 Proving a result by induction involves two key steps: • basis step Verify that P(n0) is true. • induction step Assume P(k) is true for an arbitrary integer k ≥ n0 (inductive hypothesis). Then verify that P(k + 1) is also true. A word of caution: A question frequently asked is, “Isn’t this circular reasoning? Aren’t we assuming what we are asked to prove?” In fact, no. The confusion stems from misinterpreting step 2 for the conclusion. The induction step involves showing that P(k) implies P(k + 1); that is, if P(k) is true, then so is P(k + 1). The conclusion is “P(n) is true for every n ≥ n0.” So be careful. Interestingly, there were television commercials for Crest toothpaste based on induction involving toothpastes and penguins. Some examples will show how useful this important proof technique is. EXAMPLE 1.11 Prove that 1 + 2 + 3 + ··· + n = n(n + 1) 2 (1.4) for every positive integer n. PROOF (by induction) Let P(n) be the statement that n i=1 i = [n(n + 1)]/2. basis step To verify that P(1) is true (note: Here n0 = 1): When n = 1, RHS = [1(1 + 1)]/2 = 1 = 1 i=1 i = LHS.† Thus, P(1) is true. † LHS and RHS are abbreviations of left-hand side and right-hand side, respectively.
- 49. 20 CHAPTER 1 Fundamentals induction step Let k be an arbitrary positive integer. We would like to show that P(k) implies P(k + 1). Assume P(k) is true; that is, k i=1 i = k(k + 1) 2 ← inductive hypothesis To show that P(k) implies P(k + 1), that is, k+1 i=1 i = [(k + 1)(k + 2)]/2, we start with the LHS of this equation: LHS = k+1 i=1 i = k i=1 i + (k + 1) Note: k+1 i=1 xi = k i=1 xi + xk+1. = k(k + 1) 2 + (k + 1), by the inductive hypothesis = (k + 1)(k + 2) 2 = RHS So, if P(k) is true, then P(k + 1) is also true. Thus, by induction, P(n) is true for every integer n ≥ 1; that is, the formula holds for every positive integer. Figure 1.5 demonstrates formula (1.4) without words. Figure 1.5 Often we arrive at a formula by studying patterns, then making a conjecture, and then establishing the formula by induction, as the following example shows. EXAMPLE 1.12 Conjecture a formula for the sum of the first n odd positive integers and then use induction to establish the conjecture.
- 50. 1.3 Mathematical Induction 21 SOLUTION First, we study the first five such sums, and then look for a pattern, to predict a formula for the sum of the first n odd positive integers. The first five such sums are 1 = 12 1 + 3 = 22 1 + 3 + 5 = 32 1 + 3 + 5 + 7 = 42 1 + 3 + 5 + 7 + 9 = 52 There is a clear pattern here, so we conjecture that the sum of the first n odd positive integers is n2; that is, n i=1 (2i − 1) = n2 (1.5) We shall now prove it by the principle of induction. PROOF When n = 1, n i=1 (2i − 1) = 1 i=1 (2i − 1) = 1 = 12, so the result holds when n = 1. Now, assume the formula holds when n = k: k i=1 (2i − 1) = k2. To show that it holds when n = k + 1, consider the sum k+1 i=1 (2i − 1). We have k+1 i=1 (2i − 1) = k i=1 (2i − 1) + [2(k + 1) − 1] = k2 + (2k + 1) by the inductive hypothesis = (k + 1)2 Consequently, if the formula holds when n = k, it is also true when n = k + 1. Thus, by induction, the formula holds for every positive integer n. Figure 1.6 provides a visual illustration of formula (1.5). Figure 1.6
- 51. 22 CHAPTER 1 Fundamentals Returning to induction, we find that both the basis and the induction steps are essen- tial in the induction proof, as the following two examples demonstrate. EXAMPLE 1.13 Consider the “formula” 1 + 3 + 5 + ··· + (2n − 1) = (n − 2)2. Clearly it is true when n = 1. But it is not true when n = 2. Conclusion? That the truth of the basis step does not ensure that the statement 1 + 3 + 5 + ··· + (2n − 1) = (n − 2)2 is true for every n. The following example shows that the validity of the induction step is necessary, but not sufficient, to guarantee that P(n) is true for all desired integers. EXAMPLE 1.14 Consider the “formula” P(n): 1 + 3 + 5 + ··· + (2n − 1) = n2 + 1. Suppose P(k) is true: k i=1 (2i − 1) = k2 + 1. Then k+1 i=1 (2i − 1) = k i=1 (2i − 1) + [2(k + 1) − 1] = (k2 + 1) + (2k + 1) = (k + 1)2 + 1 So if P(k) is true, P(k + 1) is true. Nevertheless, the formula does not hold for any positive integer n. Try P(1). An interesting digression: Using induction, we “prove” in the following example that every person is of the same sex. EXAMPLE 1.15 “Prove” that every person in a set of n people is of the same sex. PROOF Let P(n): Everyone in a set of n people is of the same sex. Clearly, P(1) is true. Let k be a positive integer such that P(k) is true; that is, everyone in a set of k people is of the same sex. To show that P(k + 1) is true, consider a set A = {a1,a2,...,ak+1} of k + 1 people. Partition A into two overlapping sets, B = {a1, a2,..., ak} and C =
- 52. 1.3 Mathematical Induction 23 {a2,...,ak+1}, as in Figure 1.7. Since B and C contain k elements, by the induc- tive hypothesis, everyone in B is of the same sex and everyone in C is of the same sex. Since B and C overlap, everyone in B ∪ C† must be of the same sex; that is, everyone in A is of the same sex. Figure 1.7 Therefore, by induction, P(n) is true for every positive integer n. Note: Clearly the assertion that everyone is of the same sex is false. Can you find the flaw in the “proof?” See Exercise 35. Strong Version of Induction We now present the stronger version of induction. Sometimes the truth of P(k) might not be enough to establish that of P(k + 1). In other words, the truth of P(k + 1) may require more than that of P(k). In such cases, we assume a stronger inductive hypothesis that P(n0),P(n0 + 1),...,P(k) are all true; then verify that P(k + 1) is also true. This strong version, which can be proven using the weak version (see Exercise 43), is stated as follows. THEOREM 1.7 (The Second Principle of Mathematical Induction) Let P(n) be a statement sat- isfying the following conditions, where n ∈ Z: 1. P(n0) is true for some integer n0. † B ∪ C denotes the union of the sets B and C; it contains the elements in B together with those in C.
- 53. 24 CHAPTER 1 Fundamentals 2. If k is an arbitrary integer ≥ n0 such that P(n0), P(n0 + 1),..., and P(k) are true, then P(k + 1) is also true. Then P(n) is true for every integer n ≥ n0. PROOF Let S = {n ∈ Z | P(n) is true}. Since P(n0) is true by condition (1), n0 ∈ S. Now, assume P(n0),P(n0 +1),...,P(k) are true for an arbitrary integer k. Then n0,n0 +1,...,k belong to S. So, by condition (2), k+1 also belongs to S. Therefore, by Theorem 1.5, S contains all integers n ≥ n0. In other words, P(n) is true for every integer n ≥ n0. The following example illustrates this proof technique. EXAMPLE 1.16 Prove that any postage of n (≥ 2) cents can be made with two- and three-cent stamps. PROOF (by strong induction) Let P(n) denote the statement that any postage of n cents can be made with two- and three-cent stamps. basis step (Notice that here n0 = 2.) Since a postage of two cents can be made with one two-cent stamp, P(2) is true. Likewise, P(3) is also true. induction step Assume P(2),P(3),P(4),...,P(k) are true; that is, any postage of two through k cents can be made with two- and three-cent stamps. To show that P(k + 1) is true, consider a postage of k + 1 cents. Since k + 1 = (k−1)+2, a postage of k+1 cents can be formed with two- and three-cent stamps if a postage of k−1 cents can be made with two- and three-cent stamps. Since P(k−1) is true by the inductive hypothesis, this implies P(k + 1) is also true. Thus, by the strong version of induction, P(n) is true for every n ≥ 2; that is, any postage of n (≥ 2) cents can be made with two- and three-cent stamps. The following exercises and subsequent chapters offer ample practice in both versions of induction. E X E R C I S E S 1.3 Determine whether each set is well ordered. If it is not, explain why. 1. Set of negative integers. 2. Set of integers. 3. {n ∈ N | n ≥ 5} 4. {n ∈ Z | n ≥ −3} Prove each. 5. Let a ∈ Z. There are no integers between a and a + 1.
- 54. 1.3 Mathematical Induction 25 6. Let n0 ∈ Z, S a nonempty subset of the set T = {n ∈ Z | n ≥ n0}, and ∗ be a least element of the set T∗ = {n − n0 + 1 | n ∈ S}. Then n0 + − 1 is a least element of S. 7. (Archimedean property) Let a and b be any pos- itive integers. Then there is a positive integer n such that na ≥ b. (Hint: Use the well-ordering principle and contradic- tion.) 8. Every nonempty set of negative integers has a largest element. 9. Every nonempty set of integers ≤ a fixed integer n0 has a largest element. (Twelve Days of Christmas) Suppose you sent your love 1 gift on the first day of Christmas, 1 + 2 gifts on the second day, 1 + 2 + 3 gifts on the third day, and so on. 10. How many gifts did you send on the 12th day of Christmas? 11. How many gifts did your love receive in the 12 days of Christmas? 12. Prove that 1 + 2 + ··· + n = [n(n + 1)]/2 by con- sidering the sum in the reverse order.† (Do not use mathematical induction.) Using mathematical induction, prove each for every inte- ger n ≥ 1. 13. n i=1 (2i − 1) = n2 14. n i=1 i2 = n(n + 1)(2n + 1) 6 † An interesting personal anecdote is told about Gauss. When Gauss was a fourth grader, he and his classmates were asked by his teacher to compute the sum of the first 100 positive inte- gers. Supposedly, the teacher did so to get some time to grade papers. To the teacher’s dismay, Gauss found the answer in a few moments by pairing the numbers from both ends: The sum of each pair is 101 and there are 50 pairs. So the total sum is 50 · 101 = 5050. 15. n i=1 i3 = n(n + 1) 2 2 16. n i=1 ari−1 = a(rn − 1) r − 1 , r = 1 Evaluate each sum. 17. 30 k=1 (3k2 − 1) 18. 50 k=1 (k3 + 2) 19. n i=1 i/2 20. n i=1 i/2 Find the value of x resulting from executing each algo- rithm fragment, where variable ← expression means the value of expression is assigned to variable. 21. x ← 0 for i = 1 to n do x ← x + (2i − 1) 22. x ← 0 for i = 1 to n do x ← x + i(i + 1) 23. x ← 0 for i = 1 to n do for j = 1 to i do x ← x + 1 Evaluate each. 24. n i=1 i j=1 i 25. n i=1 i j=1 j 26. n i=1 i j=1 j2 27. n i=1 i j=1 (2j − 1) 28. n i=1 22i 29. n i=1 i2 30. n i=1 n j=1 ij 31. n i=1 n j=1 2i+j 32. A magic square of order n is a square arrangement of the positive integers 1 through n2 such that the sum of the integers along each row, column, and diagonal is a constant k, called the magic constant. Figure 1.8 shows two magic squares, one of order 3 and the other of order 4. Prove that the magic constant of a magic square of order n is n(n2 + 1) 2 .
- 55. 26 CHAPTER 1 Fundamentals Figure 1.8 According to legend, King Shirham of India was so pleased by the invention of chess that he offered to give Sissa Ben Dahir, its inventor, anything he wished. Dahir’s request was a seemingly modest one: one grain of wheat on the first square of a chessboard, two on the second, four on the third, and so on. The king was delighted with this simple request but soon realized he could never fulfill it. The last square alone would take 263 = 9,223,372,036,854,775,808 grains of wheat. Find the following for an n × n chessboard. 33. The number of grains on the last square. 34. The total number of grains on the chessboard. 35. Find the flaw in the “proof” in Example 1.15. Find the number of times the assignment statement x ← x + 1 is executed by each loop. 36. for i = 1 to n do for j = 1 to i do x ← x + 1 37. for i = 1 to n do for j = 1 to i do for k = 1 to i do x ← x + 1 38. for i = 1 to n do for j = 1 to i do for k = 1 to j do x ← x + 1 39. for i = 1 to n do for j = 1 to i do for k = 1 to i do for l = 1 to i do x ← x + 1 40. Let an denote the number of times the statement x ← x + 1 is executed in the following loop: for i = 1 to n do for j = 1 to i/2 do x ← x + 1 Show that an = ⎧ ⎪ ⎪ ⎪ ⎨ ⎪ ⎪ ⎪ ⎩ n2 4 if n is even n2 − 1 4 otherwise. Evaluate each. 41. 1024 n=1 lgn 42. 1024 n=1 lgn 43. Prove the strong version of induction, using the weak version. 44. Prove the weak version of induction, using the well-ordering principle. 45. Let Sn denote the sum of the elements in the nth set of the sequence of sets of squares {1}, {4,9}, {16,25,36},.... Find a formula for Sn. (J. M. How- ell, 1989) 1.4 Recursion Recursion is one of the most elegant problem-solving techniques. It is so powerful a tool that most programming languages support it. We begin with the well-known handshake problem: There are n guests at a party. Each person shakes hands with everybody else exactly once. How many handshakes are made?
- 56. 1.4 Recursion 27 If we decide to solve a problem such as this, the solution may not be obvious. However, it is possible that the problem could be defined in terms of a simpler ver- sion of itself. Such a definition is an inductive definition. Consequently, the given problem can be solved provided the simpler version can be solved. This idea is pic- torially represented in Figure 1.9. Figure 1.9 Recursive Definition of a Function Let a ∈ W and X = {a,a + 1,a + 2,...}. An inductive definition of a function f with domain X consists of three parts: • Basis step A few initial values f(a),f(a+1),...,f(a+k−1) are specified. Equations that specify such initial values are initial conditions. • Recursive step A formula to compute f(n) from the k preceding functional values f(n−1),f(n−2),...,f(n−k) is made. Such a formula is a recurrence relation (or recursive formula). • Terminal step Only values thus obtained are valid functional values. (For convenience, we drop this clause from the recursive definition.) In a recursive definition of f , f(n) may be defined using the values f(k), where k = n, so not all recursively defined functions can be defined inductively; see Exer- cises 25–31. Thus, the recursive definition of f consists of a finite number of initial conditions and a recurrence relation. Recursion can be employed to find the minimum and maximum of three or more real numbers. For instance, min{w,x,y,z} = min{w,{min{x,min{y,z}}}}; max{w,x,y,z} can be evaluated similarly. For example, min{23,5,−6,47,31} = min{23,min{5,min{−6,min{47,31}}}} = −6 and max{23,5,−6,47,31} = max{23,max{5,max{−6,max{47,31}}}} = 47 The next three examples illustrate the recursive definition.
- 57. 28 CHAPTER 1 Fundamentals EXAMPLE 1.17 Define recursively the factorial function f . SOLUTION Recall that the factorial function f is defined by f(n) = n!, where f(0) = 1. Since n! = n(n − 1)!, it can be defined recursively as follows: f(0) = 1 ← initial condition f(n) = n · f(n − 1), n ≥ 1 ← recurrence relation Suppose we would like to compute f(3) recursively. We must continue to apply the recurrence relation until the initial condition is reached, as shown below: Since f(0) = 1,1 is substituted for f(0) in equation (1.8) and f(1) is computed: f(1) = 1 · f(0) = 1 · 1 = 1. This value is substituted for f(1) in equation (1.7) and f(2) is computed: f(2) = 2 · f(1) = 2 · 1 = 2. This value is now returned to equa- tion (1.6) to compute f(3): f(3) = 3 · f(2) = 3 · 2 = 6, as expected. We now return to the handshake problem. EXAMPLE 1.18 (The handshake problem) There are n guests at a party. Each person shakes hands with everybody else exactly once. Define recursively the number of handshakes h(n) made. SOLUTION Clearly, h(1) = 0, so let n ≥ 2. Let x be one of the guests. The number of handshakes made by the remaining n − 1 guests among themselves, by definition, is h(n − 1). Now person x shakes hands with each of these n − 1 guests, yielding n − 1 hand- shakes. So the total number of handshakes made equals h(n − 1) + (n − 1), where n ≥ 2. Thus, h(n) can be defined recursively as follows: h(1) = 0 ← initial condition h(n) = h(n − 1) + (n − 1), n ≥ 2 ← recurrence relation
- 58. 1.4 Recursion 29 EXAMPLE 1.19 (Tower of Brahma†) According to a legend, at the beginning of creation, God stacked 64 golden disks on one of three diamond pegs on a brass platform in the temple of Brahma at Benares,‡ India (see Figure 1.10). The priests on duty were asked to move the disks from peg X to peg Z, using Y as an auxiliary peg, under the following conditions: Figure 1.10 • Only one disk can be moved at a time. • No disk can be placed on the top of a smaller disk. The priests were told the world would end when the job was completed. Suppose there are n disks on peg X. Let bn denote the number of moves needed to move them from peg X to peg Z, using peg Y as an intermediary. Define bn recur- sively. SOLUTION Clearly b1 = 1. Assume n ≥ 2. Consider the top n − 1 disks at peg X. By definition, it takes bn−1 moves to transfer them from X to Y using Z as an auxiliary. That leaves the largest disk at peg X; it takes one move to transfer it from X to Z. See Figure 1.11. Figure 1.11 † A puzzle based on the Tower of Brahma was marketed by the French mathematician François- Edouard-Anatole Lucas in 1883 under the name Tower of Hanoi. ‡ Benares is now known as Varanasi.
- 59. 30 CHAPTER 1 Fundamentals Now the n − 1 disks at Y can be moved from Y to Z using X as an intermediary in bn−1 moves, so the total number of moves needed is bn−1 +1+bn−1 = 2bn−1 +1. Thus bn can be defined recursively as follows: bn = 1 if n = 1 ← initial condition 2bn−1 + 1 if n ≥ 2 ← recurrence relation For example, b4 = 2b3 + 1 = 2[2b2 + 1] + 1 = 4b2 + 2 + 1 = 4[2b1 + 1] + 2 + 1 = 8b1 + 4 + 2 + 1 = 8(1) + 4 + 2 + 1 = 15, so it takes 15 moves to transfer 4 disks from X to Z. Notice that the recursive definition of a function f does not provide us with an explicit formula for f(n) but establishes a systematic procedure for finding it. The iterative method of finding a formula for f(n) involves two steps: 1) apply the recurrence formula iteratively and look for a pattern to predict an explicit formula; 2) use induction to prove that the formula does indeed hold for every possible value of the integer n. The following example illustrates this method. EXAMPLE 1.20 Solve the recurrence relation in Example 1.18. SOLUTION Using iteration, we have: h(n) = h(n − 1) + (n − 1) = h(n − 2) + (n − 2) + (n − 1) = h(n − 3) + (n − 3) + (n − 2) + (n − 1) . . . = h(1) + 1 + 2 + 3 + ··· + (n − 2) + (n − 1) = 0 + 1 + 2 + 3 + ··· + (n − 1) = n(n − 1) 2 , by Example 1.11 (We can verify this using induction.)
- 60. 1.4 Recursion 31 E X E R C I S E S 1.4 In Exercises 1–6, compute the first four terms of the se- quence defined recursively. 1. a1 = 1 an = an−1 + 3, n ≥ 2 2. a0 = 1 an = an−1 + n, n ≥ 1 3. a1 = 1 an = n n − 1 an−1, n ≥ 2 4. a1 = 1, a2 = 2 an = an−1 + an−2, n ≥ 3 5. a1 = 1, a2 = 1, a3 = 2 an = an−1 + an−2 + an−3, n ≥ 4 6. a1 = 1, a2 = 2, a3 = 3 an = an−1 + an−2 + an−3, n ≥ 4 Define recursively each number sequence. (Hint: Look for a pattern and define the nth term an recursively.) 7. 1,4,7,10,13,... 8. 3,8,13,18,23,... 9. 0,3,9,21,45,... 10. 1,2,5,26,677,... An arithmetic sequence is a number sequence in which every term except the first is obtained by adding a fixed number, called the common difference, to the preceding term. For example, 1,3,5,7,... is an arithmetic sequence with common difference 2. Let an denote the nth term of the arithmetic sequence with first term a and common dif- ference d. 11. Define an recursively. 12. Find an explicit formula for an. 13. Let Sn denote the sum of the first n terms of the se- quence. Prove that Sn = n 2 2a + (n − 1)d A geometric sequence is a number sequence in which every term, except the first, is obtained by multiplying the previous term by a constant, called the common ratio. For example, 2,6,18,54,... is a geometric sequence with common ratio 3. Let an denote the nth term of the geomet- ric sequence with first term a and common ratio r. 14. Define an recursively. 15. Find an explicit formula for an. 16. Let Sn denote the sum of the first n terms of the se- quence. Prove that Sn = [a(rn − 1)]/(r − 1), where r = 1. Do not use induction. Use the following triangular array of positive integers to answer Exercises 17–20. 1 2 3 4 5 6 7 8 9 10 . . . 17. Let an denote the first term in row n, where n ≥ 1. Define an recursively. 18. Find an explicit formula for an. 19. Find the sum of the numbers in row n. 20. Which row contains the number 2076? Let an denote the number of times the assignment state- ment x ← x + 1 is executed by each nested for loop. De- fine an recursively. 21. for i = 1 to n do for j = 1 to i do x ← x + 1 22. for i = 1 to n do for j = 1 to i do for k = 1 to i do x ← x + 1 23. Using Example 1.19, predict an explicit formula for bn. 24. Using induction, prove the explicit formula for bn in Exercise 23. The 91-function f , invented by John McCarthy, is defined recursively on W as follows: f(x) = x − 10 if x 100 f(f(x + 11)) if 0 ≤ x ≤ 100 Compute each: 25. f(99) 26. f(98) 27. f(f(99))
- 61. 32 CHAPTER 1 Fundamentals John McCarthy (1927– ), one of the fathers of artificial intelligence (AI), was born in Boston. He graduated in mathematics from Caltech and received his Ph.D. from Princeton in 1951. After teaching at Princeton, Stanford, Dartmouth, and MIT, he re- turned to Stanford as full professor. While at Princeton, he was named a Proctor Fellow and later Higgins Research Instructor in mathematics. At Stanford, he headed its Artificial Intelligence Laboratory. McCarthy coined the term artificial intelligence while at Dartmouth. He developed LISP (LISt Programming), one of the most widely used programming languages in Al. In addition, he helped develop ALGOL 58 and ALGOL 60. In 1971, he received the prestigious Alan M. Turing Award for his outstanding contributions to data processing. 28. f(f(91)) 29. Show that f(99) = 91. 30. Prove that f(x) = 91 for 90 ≤ x ≤ 100. 31. Prove that f(x) = 91 for 0 ≤ x 90. A function of theoretical importance in the study of al- gorithms is Ackermann’s function, named after the Ger- man mathematician and logician Wilhelm Ackermann (1896–1962). It is defined recursively as follows, where m, n ∈ W: A(m,n) = ⎧ ⎪ ⎪ ⎨ ⎪ ⎪ ⎩ n + 1 if m = 0 A(m − 1,1) if n = 0 A(m − 1,A(m,n − 1)) otherwise Compute each. 32. A(0,7) 33. A(1,1) 34. A(5,0) 35. A(2,2) Prove each for every integer n ≥ 0. 36. A(1,n) = n + 2 37. A(2,n) = 2n + 3 38. Predict a formula for A(3,n). 39. Prove the formula in Exercise 38 for every integer n ≥ 0. 40. Let {un} be a number sequence with u0 = 4 and un = f(un−1), where f is a function defined by the following table and n ≥ 1. Compute u9999. (Source: Mathematics Teacher, 2004) x 1 2 3 4 5 f(x) 4 1 3 5 2 1.5 The Binomial Theorem Binomials are sums of two terms, and they occur often in mathematics. This section shows how to expand positive integral powers of binomials in a systematic way. The coefficients in binomial expansions have several interesting properties. Let us begin with a discussion of binomial coefficients.
- 62. 1.5 The Binomial Theorem 33 Binomial Coefficients Let n and r be nonnegative integers. The binomial coefficient† n r is defined by n r = n! r!(n − r)! if r ≤ n, and is 0 otherwise; it is also denoted by C(n,r) and nCr. For example, 5 3 = 5! 3!(5 − 3)! = 5 · 4 · 3 · 2 · 1 3 · 2 · 1 · 2 · 1 = 10 It follows from the definition that n 0 = 1 = n n . There are many instances when we need to compute the binomial coefficients n r and n n − r . Since n n − r = n! (n − r)![n − (n − r)]! = n! (n − r)!r! = n! r!(n − r)! = n r there is no need to evaluate both; this significantly reduces our workload. For exam- ple, 25 20 = 25 25 − 20 = 25 5 = 53,130. The following theorem shows an important recurrence relation satisfied by bi- nomial coefficients. It is called Pascal’s identity, after the outstanding French math- ematician and philosopher Blaise Pascal. † The term binomial coefficient was introduced by the German algebraist Michel Stifel (1486–1567). In his best-known work, Arithmetica Integra (1544), Stifel gives the binomial coefficients for n ≤ 17. The bilevel parentheses notation for binomial coefficient was introduced by the German math- ematician and physicist Baron Andreas von Ettinghausen (1796–1878). Von Ettinghausen, born in Heidelberg, attended the University of Vienna in Austria. For two years he worked as an assistant in mathematics and physics at the University. In 1821 he became professor of mathematics, and in 1835, professor of physics and director of the Physics Institute. Thirteen years later, he became the director of the Mathematical Studies and Engineering Academy in Vienna. A pioneer in mathematical physics, von Ettinghausen worked in analysis, algebra, differential geometry, mechanics, optics, and electromagnetism.
- 63. 34 CHAPTER 1 Fundamentals Blaise Pascal (1623–1662) was born in Clermont-Ferrand, France. Although he showed astounding mathematical ability at an early age, he was encouraged by his father to pursue other subjects, such as ancient languages. His father even refused to teach him any sciences and relented only when he found that Pascal by age 12 had discovered many theorems in elementary geometry. At 14, Blaise attended weekly meetings of a group of French mathematicians which later became the French Acad- emy. At 16, he developed important results in conic sections and wrote a book on them. Observing that his father would spend countless hours auditing government ac- counts, and feeling that intelligent people should not waste their time doing mundane things, Pascal, at the age of 19, invented the first mechanical calculating machine. THEOREM 1.8 (Pascal’s Identity) Let n and r be positive integers, where r ≤ n. Then n r = n − 1 r − 1 + n − 1 r . PROOF We shall simplify the RHS and show that it is equal to the LHS: n − 1 r − 1 + n − 1 r = (n − 1)! (r − 1)!(n − r)! + (n − 1)! r!(n − r − 1)! = r(n − 1)! r(r − 1)!(n − r)! + (n − r)(n − 1)! r!(n − r)(n − r − 1)! = r(n − 1)! r!(n − r)! + (n − r)(n − 1)! r!(n − r)! = (n − 1)![r + (n − r)] r!(n − r)! = (n − 1)!n r!(n − r)! = n! r!(n − r)! = n r Pascal’s Triangle The various binomial coefficients n r , where 0 ≤ r ≤ n, can be arranged in the form of a triangle, called Pascal’s triangle,† as in Figures 1.12 and 1.13. † Although Pascal’s triangle is named after Pascal, it actually appeared as early as 1303 in a work by the Chinese mathematician Chu Shi-Kie.
- 64. 1.5 The Binomial Theorem 35 Figure 1.12 Figure 1.13 Figure 1.14 Figure 1.14 shows the Chinese and Japanese versions of Pascal’s triangle.
- 65. 36 CHAPTER 1 Fundamentals Pascal’s triangle has many intriguing properties: • Every row begins with and ends in 1. • Pascal’s triangle is symmetric about a vertical line through the middle. This is so by Theorem 1.8. • Any interior number in each row is the sum of the numbers immediately to its left and to its right in the preceding row; see Figure 1.13. This is so by virtue of Pascal’s identity. • The sum of the numbers in any row is a power of 2. Corollary 1.1 will verify this. • The nth row can be used to determine 11n. For example, 113 = 1331 and 114 = 14,641. To compute higher powers of 11, you should be careful since some of the numbers involve two or more digits. For instance, to compute 115 list row 5: From right to left, list the single-digit numbers. When we come to a two-digit number, write the ones digit and carry the tens digit to the number on the left. Add the carry to the number to its left. Continue this process to the left. The resulting number, 161,051, is 115. • Form a regular hexagon with vertices on three adjacent rows (see Figure 1.15). Find the products of numbers at alternate vertices. The two products are equal. For example, 10 · 15 · 4 = 6 · 20 · 5. Surprised? Supplementary Ex- ercise 10 confirms this property, known as Hoggatt–Hansell identity, named after V. E. Hoggatt, Jr., and W. Hansell, who discovered it in 1971; so the product of the six numbers is a square. Figure 1.15
- 66. 1.5 The Binomial Theorem 37 The following theorem shows how the binomial coefficients can be used to find the binomial expansion of (x + y)n. THEOREM 1.9 (The Binomial Theorem)† Let x and y be any real numbers, and n any nonnega- tive integer. Then (x + y)n = n r=0 n r xn−r yr . PROOF (by weak induction) When n = 0, LHS = (x + y)0 = 1 and RHS = 0 r=0 r 0 x0−r yr = x0 y0 = 1, so LHS = RHS. Assume P(k) is true for some k ≥ 0: (x + y)k = k r=0 k r xk−r yr (1.10) Then (x + y)k+1 = (x + y)k (x + y) = k r=0 k r xk−r yr (x + y), by equation (1.10) = k r=0 k r xk+1−r yr + k r=0 k r xk−r yr+1 = k 0 xk+1 + k r=1 k r xk+1−r yr + k−1 r=0 k r xk−r yr+1 + k k yk+1 = k + 1 0 xk+1 + k r=1 k r xk+1−r yr + k r=1 k r − 1 xk+1−r yr + k + 1 k + 1 yk+1 = k + 1 0 xk+1 + k r=1 k r + k r − 1 xk+1−r yr + k + 1 k + 1 yk+1 = k + 1 0 xk+1 + k r=1 k + 1 r xk+1−r yr + k + 1 k + 1 xk+1 , by Theorem 1.8 = k+1 r=0 k + 1 r xk+1−r yr Thus, by induction, the formula is true for every integer n ≥ 0. † The binomial theorem for n = 2 can be found in Euclid’s work (ca. 300 B.C.).
- 67. 38 CHAPTER 1 Fundamentals It follows from the binomial theorem that the binomial coefficients in the expan- sion of (x + y)n are the various numbers in row n of Pascal’s triangle. The binomial theorem can be used to establish several interesting identities in- volving binomial coefficients, as the following corollary shows. COROLLARY † 1.1 n r=0 n r = 2n That is, the sum of the binomial coefficients is 2n. This follows by letting x = 1 = y in the binomial theorem. The following exercises provide opportunities to explore additional relation- ships. E X E R C I S E S 1.5 (Twelve Days of Christmas) Suppose that on the first day of Christmas you sent your love 1 gift, 1 + 2 gifts on the second day, 1 + 2 + 3 gifts on the third day, and so on. 1. Show that the number of gifts sent on the nth day is n + 1 2 , where 1 ≤ n ≤ 12. 2. Show that the total number of gifts sent by the nth day is n + 2 3 , where 1 ≤ n ≤ 12. Find the coefficient of each. 3. x2y6 in the expansion of (2x + y)8. 4. x4y5 in the expansion of (2x − 3y)9. Using the binomial theorem, expand each. 5. (2x − 1)5 6. (x + 2y)6 Find the middle term in the binomial expansion of each. 7. 2x + 2 x 8 8. x2 + 1 x2 10 Find the largest binomial coefficient in the expansion of each. 9. (x + y)5 10. (x + y)6 11. (x + y)7 12. (x + y)8 13. Using Exercises 9–12, predict the largest binomial coefficient in the binomial expansion of (x + y)n. The Bell numbers Bn are named after the Scottish Amer- ican mathematician Eric T. Bell (1883–1960). They are used in combinatorics and are defined recursively as fol- lows: B0 = 1 Bn = n−1 i=0 n − 1 i Bi, n ≥ 1 Compute each Bell number. 14. B2 15. B3 16. B4 17. B5 18. Verify that n r = n r n − 1 r − 1 . 19. Prove that 2n n is an even integer. (L. Moser, 1962) Prove each. 20. (n + 1)| 2n n , where a|b means a is a factor of b and n ≥ 0. 21. n r=0 2n 2r = n r=1 2n 2r − 1 (Hint: Use Corollary 1.1.) † A corollary is a result that follows from the previous theorem.
- 68. 1.6 Polygonal Numbers 39 22. n r=0 2r n r = 3n 23. n r=0 n r n n − r = 2n n (Hint: Consider (1 + x)2n = (1 + x)n(1 + x)n.) 24. n i=1 n i − 1 n i = 2n n + 1 (Hint: Consider (1 + x)2n = (x + 1)n(1 + x)n.) Evaluate each sum. 25. 1 n 1 + 2 n 2 + 3 n 3 + ··· + n n n (Hint: Let S denote the sum. Use S and the sum in the reverse order to compute 2S.) 26. a n 0 + (a + d) n 1 + (a + 2d) n 2 + ··· + (a + nd) n n (Hint: Use the same hint as in Exercise 25.) 27. Show that C(n,r − 1) C(n,r) if and only if r n + 1 2 , where 0 ≤ r n. 28. Using Exercise 27, prove that the largest binomial co- efficient C(n,r) occurs when r = n/2. Using induction, prove each. 29. n 0 + n + 1 1 + n + 2 2 + ··· + n + r r = n + r + 1 r (Hint: Use Pascal’s identity.) 30. 1 n 1 + 2 n 2 + ··· + n n n = n2n−1 31. n 0 2 + n 1 2 + n 2 2 + ··· + n n 2 = 2n n (Lagrange’s identity) From the binomial expansion (1+x)n = n r=0 n r xr, it can be shown that n(1 + x)n−1 = n r=1 n r rxr−1. Using this result, prove each. 32. 1 n 1 + 2 n 2 + 3 n 3 + ··· + n n n = n2n−1 33. 1 n 1 + 3 n 3 + 5 n 5 + ··· = 2 n 2 + 4 n 4 + 6 n 6 + ··· = n2n−2 34. Conjecture a formula for n i=2 i 2 . 35. Prove the formula guessed in Exercise 34. 36. Conjecture a formula for n i=3 i 3 . 37. Prove the formula guessed in Exercise 36. 38. Using Exercises 34–37, predict a formula for n i=k i k . 1.6 Polygonal Numbers Figurate numbers are positive integers that can be represented by geometric pat- terns. They provide a fascinating link between number theory and geometry. Not surprisingly, figurate numbers are of ancient origin, and, in fact, it is believed that they were invented by the Pythagoreans. In 1665, Pascal published a book on them, Treatise on Figurate Numbers. Polygonal numbers, also known as plane figurate numbers, are positive in- tegers that can be represented by regular polygons in a systematic fashion. We will
- 69. 40 CHAPTER 1 Fundamentals use four types of such numbers: triangular numbers, square numbers, pentagonal numbers, and hexagonal numbers. If you have been to a bowling alley, you know that there are ten pins in bowling, and they are arranged initially in a triangular array. Likewise, the 15 balls in the game of pool are also initially stored in a triangular form. Both numbers, 10 and 15, are triangular numbers; likewise, the number of dots on a die is a triangular number. Accordingly, we make the following definition. Triangular Numbers A triangular number is a positive integer that can be represented in an equilateral triangular array. The nth triangular number is denoted by tn,n ≥ 1. The first four triangular numbers are 1, 3, 6, and 10, and they are pictorially represented in Figure 1.16. Figure 1.16 Since the ith row contains i dots, tn equals the sum of the first n positive integers; that is, tn = n i=1 i = n(n + 1) 2 by Example 1.11 For example, t4 = (4 · 5)/2 = 10 and t36 = (36 · 37)/2 = 666. Since tn = n + 1 2 , triangular numbers can be read from Pascal’s triangle. Since each row in the triangular array contains one dot more than the previous row, tn can be defined recursively. See Figure 1.17 and Table 1.1. Figure 1.17
- 70. 1.6 Polygonal Numbers 41 Table 1.1 A Recursive Definition of tn t1 = 1 tn = tn−1 + n, n ≥ 2 As an example, since t3 = 6, t4 = t3 + 4 = 6 + 4 = 10 (see Figure 1.17). We can solve the recurrence relation and obtain the explicit formula for tn found earlier (see Exercise 1). Now, let us take another look at The Twelve Days of Christmas, the traditional carol, and see how it is related to triangular numbers. The Twelve Days of Christmas On the first day of Christmas, my true love sent me a partridge in a pear tree. On the second day of Christmas, my true love sent me two turtle doves and a partridge in a pear tree. On the third day, my true love sent me three French hens, two turtle doves, and a partridge in a pear tree. The pattern continues until the twelfth day, on which my true love sent me twelve drummers drumming, eleven pipers piping, ten lords a-leaping, nine ladies dancing, eight maids a-milking, seven swans a-swimming, six geese a-laying, five gold rings, four calling birds, three French hens, two turtle doves, and a partridge in a pear tree. Two interesting questions we would like to pursue: • If the pattern in the carol continues for n days, how many gifts gn would be sent on the nth day? • What is the total number of gifts sn sent in n days? First, notice that the number of gifts sent on the nth day equals n more than the number of gifts sent on the previous day, so gn = gn−1 + n, where g1 = 1. Therefore, gn = tn, the nth triangular number. For instance, the number of gifts sent on the twelfth day is given by t12 = (12 · 13)/2 = 78. It now follows that sn = n i=1 ti = n i=1 i(i + 1) 2 = 1 2 n i=1 i2 + n i=1 i
- 71. 42 CHAPTER 1 Fundamentals = 1 2 n(n + 1)(2n + 1) 6 + n(n + 1) 2 = n(n + 1) 12 [(2n + 1) + 3] = n(n + 1)(n + 2) 6 = n + 2 3 Figure 1.18 provides a geometric proof of this formula, developed in 1990 by M. J. Zerger of Adams State College, Alamosa, Colorado. Figure 1.18 It now follows that the total number of gifts sent in 12 days is given by s12 = (12 · 13 · 14)/6 = 364. The cubes 1,8,27,64,125,...,n3 are related to triangular numbers. To see this, let cn denote the nth cube n3. Since n k=1 k3 = [n(n + 1)/2]2, it follows by Exercise 15 in Section 1.3 that n k=1 ck = t2 n; that is, the sum of the first n cubes equals the square of the nth triangular number. The following example shows that triangular numbers can occur in quite unex- pected places. It also illustrates, step-by-step, a powerful problem-solving technique: collecting data, organizing data, conjecturing a desired formula, and then establish- ing the formula. EXAMPLE 1.21 Find the number of 1 × k rectangles f(n) that can be formed using an array of n squares, where 1 ≤ k ≤ n. See Figure 1.19. Figure 1.19
- 72. 1.6 Polygonal Numbers 43 SOLUTION step 1 Collect data by conducting a series of experiments for small values of n. When n = 1, the array looks like this: . So only one rectangle can be formed. When n = 2, the array looks like this: . We can form two 1 × 1 rec- tangles and one 1 × 2 rectangle, a total of 2 + 1 = 3 rectangles. When n = 3, the array consists of three squares: . We then can form three 1 × 1 rectangles, two 1 × 2 rectangles, and one 1 × 3 rectangle, as summarized in Table 1.2. Size of the Rectangle Number of Such Rectangles 1 × 1 3 1 × 2 2 1 × 3 1 Total No. of Rectangles 6 Table 1.2 Continuing like this, we can find the total number of rectangles that can be formed when n = 4 and n = 5, as Tables 1.3 and 1.4 demonstrate respectively. Size of Number of Rectangle Rectangles 1 × 1 4 1 × 2 3 1 × 3 2 1 × 4 1 Total 10 Table 1.3 Size of Number of Rectangle Rectangles 1 × 1 5 1 × 2 4 1 × 3 3 1 × 4 2 1 × 5 1 Total 15 Table 1.4 step 2 Organize the data in a table. Table 1.5 step 3 Look for a pattern and conjecture a formula for f(n). Clearly, row 2 of Table 1.5 consists of triangular numbers. (See Table 1.1 also.) So we conjecture that f(n) = n(n + 1)/2. step 4 This formula can be established using recursion and induction.
- 73. 44 CHAPTER 1 Fundamentals We now introduce the next simplest class of polygonal numbers. Square Numbers Positive integers that can be represented by square arrays (of dots) are square num- bers. The nth square number is denoted by sn. Figure 1.20 shows the first four square numbers, 1, 4, 9, and 16. In general, sn = n2, n ≥ 1. Figure 1.20 As before, sn also can be defined recursively. To see how this can be done, consider Figure 1.21. Can we see a pattern? The number of dots in each array (except the first one) equals the number of dots in the previous array plus twice the number of dots in a row of the previous array plus one; that is, sn = sn−1 + 2(n − 1) + 1 = sn−1 + 2n − 1 Figure 1.21 Thus, we have the following recursive definition of sn: A Recursive Definition of sn s1 = 1 sn = sn−1 + 2n − 1, n ≥ 2
- 74. 1.6 Polygonal Numbers 45 We now demonstrate a close relationship between tn and sn. To see this, it fol- lows from Figure 1.22 that s5 = t5 + t4. Similarly, sn = tn + tn−1. The following theorem, known to the Greek mathematicians Theon of Smyrna (ca. A.D. 100) and Nicomachus, establishes this algebraically. Figure 1.22 THEOREM 1.10 The sum of any two consecutive triangular numbers is a square. PROOF tn + tn−1 = n(n + 1) 2 + n(n − 1) 2 = n 2 (n + 1 + n − 1) = n 2 (2n) = n2 = sn Figures 1.23 and 1.24 provide a nonverbal, geometric proof of this theorem. Figure 1.23 Figure 1.24 Theorem 1.10 has a companion result, which can be established algebraically. See Exercise 11. THEOREM 1.11 t2 n−1 + t2 n = tn2
- 75. 46 CHAPTER 1 Fundamentals Figure 1.25 provides a nonverbal, geometric proof of this result; it was devel- oped in 1997 by R. B. Nelsen of Lewis and Clark College in Portland, Oregon. Figure 1.25 The following theorem gives two additional results. Their proofs are also simple and straightforward and can be done as routine exercises. THEOREM 1.12 • 8tn + 1 = (2n + 1)2 (Diophantus) • 8tn−1 + 4n = (2n)2 Figure 1.26 gives a pictorial, nonverbal proof of both results. Both were devel- oped in 1985 by E. G. Landauer of General Physics Corporation. Next we turn to pentagonal† numbers pn. Pentagonal Numbers The first four pentagonal numbers 1, 5, 12, and 22 are pictured in Figure 1.27. We may notice that pn = n(3n − 1) 2 (see Exercise 6). † The Greek prefix penta means five.
- 76. 1.6 Polygonal Numbers 47 Figure 1.26 Figure 1.27 There is an interesting relationship connecting triangular numbers, square num- bers, and pentagonal numbers. It follows from Figure 1.28 that t1 + s2 = p2 and t2 + s3 = p3. More generally, tn−1 + sn = pn, where n ≥ 2. We can verify this alge- braically (see Exercise 8). Figure 1.28 Next, we discuss hexagonal† numbers hn. † The Greek prefix hexa means six.
- 77. 48 CHAPTER 1 Fundamentals Hexagonal Numbers Figure 1.29 shows the pictorial representations of the first four hexagonal numbers 1, 6, 15, and 28. We can verify that hn = n(2n − 1), n ≥ 1 also (see Exercise 20). The triangular numbers, pentagonal numbers, and hexagonal numbers satisfy the relationship pn + tn−1 = hn. We can verify this (see Exercise 10). Figure 1.29 E X E R C I S E S 1.6 1. Solve the recurrence relation satisfied by tn. 2. Find the value of n such that tn = 666. (The number 666 is called the beastly number.) 3. Solve the recurrence relation satisfied by sn. 4. Show that 8tn + 1 = s2n+1. (Diophantus) 5. Define recursively the nth pentagonal number pn. 6. Using the recurrence relation in Exercise 5, find an explicit formula for pn. Prove each, where n ≥ 2. 7. pn = n + 3tn−1 8. tn−1 + sn = pn 9. hn = 4tn−1 + n 10. pn + tn−1 = hn 11. t2 n−1 + t2 n = tn2 12. 8tn−1 + 4n = (2n)2 13. t2n−1 − 2tn−1 = n2 14. t2n − 2tn = n2 15. ttn = ttn−1 + tn 16. ttn + ttn−1 = tn 2 17. In 1775, Euler proved that if n is a triangular number, then so are 9n + 1,25n + 3, and 49n + 6. Verify this. 18. Let n be a triangular number. Prove that (2k + 1)2n+ tk is also a triangular number. (Euler, 1775) (Note: Exercise 17 is a special case of this.) 19. Define recursively the nth hexagonal number hn. 20. Using the recurrence relation in Exercise 19, find an explicit formula for hn. 21. Find the first four heptagonal† numbers. 22. Define recursively the nth heptagonal number en. 23. Using the recurrence relation in Exercise 22, find an explicit formula for en. 24. Find the first four octagonal‡ numbers. 25. Define recursively the nth octagonal number on. 26. Using the recurrence relation in Exercise 25, find an explicit formula for on. 27. Find two pairs of triangular numbers whose sums and differences are also triangular. 28. Show that there are triangular numbers whose squares are also triangular. 29. There are three triangular numbers 1000 and made up of a repeated single digit. Find them. 30. Verify that the numbers 1225, 41616, and 1413721 are both triangular and square. 31. The nth number an that is both triangular and square can be defined recursively as an = 34an−1 −an−2 + 2, where a1 = 1 and a2 = 36. Using this definition, compute a4 and a5. † The Greek prefix hepta means seven. ‡ The Greek prefix octa means eight.
- 78. 1.7 Pyramidal Numbers 49 32. The nth number an that is both triangular and square can be computed using the formula an = [(17 + 12 √ 2)n + (17 − 12 √ 2)n − 2]/32, n ≥ 1. Using this formula, compute a2 and a3. 33. Prove that there are infinitely many triangular num- bers that are squares. Evaluate each. 34. n k=1 1 tk c 35. ∞ k=1 1 tk (This problem, proposed by Christiaan Huy- gens to Baron Gottfried Wilhelm Leibniz, led to the development of the latter’s harmonic triangle.) 1.7 Pyramidal Numbers Now we pursue solid figurate numbers, which are positive integers that can be rep- resented by pyramidal shapes. They are obtained by taking successive sums of the corresponding polygonal numbers. The number of sides in the base of a pyramid increases from three, so the various pyramidal numbers are triangular, square, pen- tagonal, hexagonal, and so on. We begin with the simplest pyramidal numbers, triangular pyramidal num- bers, also known as tetrahedral numbers. Triangular Pyramidal Numbers The nth triangular pyramidal number Tn is the sum of the first n triangular num- bers tn. The first four such numbers are: T1 = 1; T2 = t1 + t2 = 1 + 3 = 4; T3 = t1 + t2 + t3 = 1 + 3 + 6 = 10; and T4 = t1 + t2 + t3 + t4 = 1 + 3 + 6 + 10 = 20. See Figure 1.30. Figure 1.30 The various triangular pyramidal numbers can be constructed using Table 1.6. Just add up the numbers along the bent arrows. It follows from the table that Tn = Tn−1 + tn; that is, Tn = Tn−1 + [n(n + 1)]/2.
- 79. 50 CHAPTER 1 Fundamentals Table 1.6 Since Tn = n i=1 ti, it follows from the previous section that Tn = n i=1 i(i + 1) 2 = n(n + 1)(n + 2) 6 = n + 2 3 Consequently, Tn also can be read from Pascal’s triangle. Next, we pursue square pyramidal numbers. Square Pyramidal Numbers The base of the pyramid is a square, and each layer contains sn dots. So the first four square pyramidal numbers are 1, 5, 14, and 30, and they are represented in Figure 1.31. Figure 1.31 The square pyramidal numbers Sn can easily be constructed using Table 1.7, by adding the numbers along the bent arrows.
- 80. 1.7 Pyramidal Numbers 51 Table 1.7 It follows from Figure 1.31 and Table 1.7 that the nth square pyramidal number is given by Sn = n k=1 sk = n k=1 k2 = n(n + 1)(2n + 1) 6 We now study pentagonal pyramidal numbers Pn. Pentagonal Pyramidal Numbers The nth row of a pentagonal pyramid represents the nth pentagonal number pn, so the first five pentagonal pyramidal numbers are 1, 6, 18, 40, and 75. Once again, a table such as Table 1.8 comes in handy for computing them. It would be a good exercise to find an explicit formula for Pn. Table 1.8 Finally, we consider the hexagonal pyramidal numbers Hn. Hexagonal Pyramidal Numbers The nth row of a hexagonal pyramid represents the nth hexagonal number hn, so the first five hexagonal pyramidal numbers are 1, 7, 22, 50, and 95 (see Table 1.9). We can find an explicit formula for Hn as an exercise.
- 81. 52 CHAPTER 1 Fundamentals Table 1.9 E X E R C I S E S 1.7 1. Find the first four triangular numbers that are squares. 2. Using the recurrence relation Tn = Tn−1 + n(n + 1) 2 , where T1 = 1, find an explicit formula for the nth tri- angular pyramidal number Tn. 3. Define recursively the nth square pyramidal number Sn. 4. Using Exercise 3, find an explicit formula for Sn. 5. Find a formula for the nth pentagonal pyramidal num- ber Pn. 6. Define recursively the nth pentagonal pyramidal number Pn. 7. Using Exercise 6, find an explicit formula for Pn. 8. Find a formula for the nth hexagonal pyramidal num- ber Hn. 9. Define recursively the nth hexagonal pyramidal num- ber Hn. 10. Using Exercise 9, find an explicit formula for Hn. 11. Find the first five heptagonal pyramidal numbers. 12. Find a formula for the nth heptagonal pyramidal num- ber En. 1.8 Catalan Numbers Catalan numbers are both fascinating and ubiquitous. They are excellent candi- dates for exploration, experimentation, and conjecturing. Like Fibonacci and Lucas numbers (see Section 2.6), they have, as Martin Gardner wrote in Scientific Amer- ican, “the same delightful propensity for popping up unexpectedly, particularly in combinatorial problems” (1976). Those unexpected places include abstract algebra, combinatorics, computer science, graph theory, and geometry. Catalan numbers are named after the Belgian mathematician Eugene C. Cata- lan, who discovered them in 1838, while he was studying well-formed sequences of parentheses. Earlier, around 1751, the outstanding Swiss mathematician Leon- hard Euler (see Section 7.4) found them while studying the triangulations of convex polygons. In fact, they were discussed by the Chinese mathematician Antu Ming (1692?–1763?) in 1730 through his geometric models. Since his work was available only in Chinese, his discovery was not known in the western world.
- 82. 1.8 Catalan Numbers 53 Eugene Charles Catalan (1814–1894) was born in Bruges, Belgium. He studied at École Polytechnique, Paris, and received his Doctor of Science in 1841. After resigning his position with the Department of Bridges and High- ways, he became professor of mathematics at Collège de Chalons-sur Marne, and then at Collège Charlemagne. Catalan then taught at Lycée Saint Louis and in 1865 became professor of analysis at the University of Liège in Belgium. Besides authoring Élements de Geometriè (1843) and Notions d’astronomie (1860), he published numerous articles on multiple integrals, the theory of surfaces, mathematical analysis, calculus of probability, and geometry. He did extensive research on spherical harmonics, analysis of differential equations, transformation of variables in multiple integrals, continued fractions, series, and infinite products. Antu Ming (1692?–1763?), according to Luo, was a Zhengxianbai tribesman of Inner Mongolia and a famous scientist during the Qing Dynasty. His childhood mathematical education, specializing in astronomy and math- ematics, was carefully directed by the Emperor. After mastering the scientific knowledge of the period, Ming became a mandarin, a high-ranking government official, at the national astronomical center. In 1759, he became director of the center. His work included problem solving in astronomy, meteorology, geography, surveying, and mathematics. Around 1730, he began to write Efficient Methods for the Precise Values of Circular Functions, a book that clearly demonstrates his understanding of Catalan numbers. The book was completed by Ming’s students before 1774, but was not published until 1839. Euler’s Triangulation Problem We begin our study of Catalan numbers Cn with an investigation of Euler’s triangu- lation problem: Find the number of ways An the interior of a convex n-gon† can be partitioned into nonoverlapping triangular areas by drawing nonintersecting diagonals, where n ≥ 3. There is only one way of triangulating a triangle, two different ways of trian- gulating a square, five different ways of triangulating a pentagon, and 14 different ways of triangulating a hexagon, as shown in Figure 1.32. Thus, we have the Catalan numbers 1, 2, 5, and 14. † A convex n-gon is a polygon with n sides such that every diagonal lies entirely in the interior.
- 83. 54 CHAPTER 1 Fundamentals Figure 1.32 Triangulations of an n-gon, where 3 ≤ n ≤ 6. Euler used an inductive argument, which he called “quite laborious,” to establish the formula An = 2 · 6 · 10···(4n − 10) (n − 1)! , n ≥ 3 Although Euler’s formula, published in 1761, makes sense only for n ≥ 3, we can extend it to include the cases n = 0, 1, and 2. To this end, let k = n − 3. Then Ak+3 = 2 · 6 · 10···(4k + 2) (k + 2)! , k ≥ 0 Then A3 = 1, A4 = 2, and A5 = 5. These are the Catalan numbers C1, C2, and C3, respectively, shifted by two spaces to the right. So we define Cn = Ak+2. Thus, Cn = 2 · 6 · 10···(4n − 2) (n + 1)! , n ≥ 1 This can be rewritten as
- 84. 1.8 Catalan Numbers 55 Cn = 4n − 2 n + 1 · 2 · 6 · 10···(4n − 6) n! = 4n − 2 n + 1 Cn−1 When n = 1, this yields C1 = C0. But C1 = 1. So we can define C0 = 1. Conse- quently, Cn can be defined recursively. A Recursive Definition of Cn C0 = 1 Cn = 4n − 2 n + 1 Cn−1, n ≥ 1 (1.11) For example, C4 = 4 · 4 − 2 4 + 1 C3 = 14 5 · 5 = 14 An Explicit Formula for Cn The recursive formula (1.11) can be employed to derive an explicit formula for Cn: Cn = 4n − 2 n + 1 Cn−1 = (4n − 2)(4n − 6) (n + 1)n Cn−2 = (4n − 2)(4n − 6)(4n − 10) (n + 1)n(n − 1) Cn−3 . . . = (4n − 2)(4n − 6)(4n − 10)···6 · 2 (n + 1)n···3 · 2 C0 = (2n − 1)(2n − 3)(2n − 5)···3 · 1 (n + 1)! · 2n = 2n(2n)! 2n(n + 1)!n! = (2n)! (n + 1)!n! = 1 n + 1 2n n
- 85. 56 CHAPTER 1 Fundamentals Since (n+1)| 2n n † (see Exercise 20 in Section 1.5), it follows that every Cata- lan number is a positive integer. The various Catalan numbers are 1,1,2,5,14,42,132,429,1430,4862,16796,58786,208012,... It follows from the explicit formula that every Catalan number Cn can be read from Pascal’s triangle: Divide each central binomial coefficient 2n n by n+1; see Figure 1.33. Figure 1.33 Pascal’s Triangle. There are several ways of reading Cn from the triangle; see Exercises 1–9. Segner’s Recursive Formula In 1761, Johann Andreas von Segner (1704–1777), a Hungarian mathematician, physicist, and physician, developed a recursive formula for Cn using the triangu- lation problem: Cn = C0Cn−1 + C1Cn−2 + ··· + Cn−2C1 + Cn−1C0 where n ≥ 1. For example, C5 = C0C4 + C1C3 + C2C2 + C3C1 + C4C0 = 1 · 14 + 1 · 5 + 2 · 2 + 5 · 1 + 14 · 1 = 42 † a|b means that a is a factor of b.
- 86. Chapter Summary 57 In passing, we note that by using generating functions, Segner’s formula can be em- ployed to derive the explicit formula for Cn; see Exercises 10–13. E X E R C I S E S 1.8 Prove each. 1. Cn = 1 n 2n n − 1 2. Cn = 2n n − 2n n − 1 3. Cn+1 = 2n n − 2n n − 2 4. Cn = 1 2n + 1 2n + 1 n 5. Cn = 2n − 1 n − 1 − 2n − 1 n − 2 6. Cn = 2 2n n − 2n + 1 n 7. Cn = 2n + 1 n + 1 − 2 2n n + 1 Using the recursive formula Cn = (n−1)/2 r=0 n − 1 2r 2n−2r−1Cr (J. Touchard, 1928) compute Cn for each value of n. 8. n = 5 9. n = 6 Prove each, where C(x) = ∞ n=0 Cnxn. 10. [C(x)]2 = C(x) − C0 x 11. C(x) = 1 − √ 1 − 4x 2 12. Cn = 1 n + 1 2n n (Hint: √ 1 − 4x = 1 − 2 ∞ n=1 Cn−1xn) X CHAPTER SUMMARY This chapter presented several properties governing integers and two classes of figu- rate numbers—polygonal and pyramidal. The principle of induction is an extremely useful proof technique, which we will be using frequently in later chapters. Recur- sion is another powerful problem-solving tool. The Order Relation • An integer a is less than an integer b, denoted by a b, if b − a is a positive integer. We then also write b a. If a b or a = b, we write a ≤ b or b ≥ a. (p. 4) • law of trichotomy: Given any two integers a and b, either a b, a = b, or a b. (p. 5)
- 87. 58 CHAPTER 1 Fundamentals Absolute Value • The absolute value of an integer x, denoted by |x|, is x if x ≥ 0 and −x other- wise. (p. 5) Floor and Ceiling Functions • The floor of a real number x, denoted by x, is the greatest integer ≤ x; the ceiling of x, denoted by x , is the least integer ≥ x. (p. 6) The Summation Notation • i=m i=k ai = m i=k ai = ak + ak+1 + ··· + am (p. 9) • The summation notation satisfies the following properties: n i=1 c = nc (p. 10) n i=1 (cai) = c n i=1 ai (p. 11) n i=1 (ai + bi) = n i=1 ai + n i=1 bi (p. 11) Indexed Summation • i∈I ai = sum of the values of ai as i takes on values from the set I. (p. 11) • P ai = sum of the values of ai, where i has the properties P. (p. 11) The Product Notation • i=m i=k ai = m i=k ai = akak+1 ···am (p. 13) The Factorial Function • n! = n(n − 1)···3 · 2 · 1 if n ≥ 1 (p. 13) 1 if n = 0 The Well-Ordering Principle Every nonempty set of positive integers has a least element. (p. 16) Mathematical Induction • weak version Let P(n) be a statement such that • P(n0) is true; and • P(k) implies P(k + 1) for any k ≥ n0. Then P(n) is true for every n ≥ n0. (p. 18)
- 88. Chapter Summary 59 • strong version Let P(n) be a statement such that • P(n0) is true; and • if P(n0), P(n0 + 1), ..., P(k) are true for any k ≥ n0, then P(k + 1) is also true. Then P(n) is true for every n ≥ n0. (p. 23) Recursion • The recursive definition of a function consists of a recurrence relation, and one or more initial conditions. (p. 27) • A simple class of recurrence relations can be solved using iteration. (p. 30) Binomial Coefficients • n r = n! r!(n − r)! (p. 33) • n 0 = 1 = n n , n r = n n − r (p. 33) • n r = n − 1 r − 1 + n − 1 r (Pascal’s identity) (p. 34) Binomial Theorem • (x + y)n = n r=0 n r xn−r yr (p. 37) Polygonal Numbers • Triangular numbers tn = n(n + 1) 2 (p. 40) = tn−1 + n, where t1 = 1 (p. 41) • Square numbers sn = n2 (p. 44) = sn−1 + 2n − 1, where s1 = 1 (p. 44) • The sum of any two consecutive triangular numbers is a square. (p. 45) • t2 n−1 + t2 n = tn2 (p. 45) • 8tn + 1 = (2n + 1)2 (p. 46) • 8tn−1 + 4n = (2n)2 (p. 46) • Pentagonal numbers pn = n(3n − 1) 2 (p. 46) • tn−1 + sn = pn (p. 47) • Hexagonal numbers hn = n(2n − 1) (p. 48)
- 89. 60 CHAPTER 1 Fundamentals • pn + tn−1 = hn (p. 48) Pyramidal Numbers • Triangular pyramidal numbers Tn = Tn−1 + n(n + 1) 2 (p. 49) = n(n + 1)(n + 2) 6 (p. 50) • Square pyramidal number Sn = [n(n + 1)(2n + 1)]/6 (p. 51) • Pentagonal pyramidal numbers Pn (p. 51) • Hexagonal pyramidal numbers Hn (p. 51) Catalan Numbers Cn = 1 n + 1 2n n (p. 55) = C0Cn−1 + C1Cn−2 + ··· + Cn−1C0 (Segner s formula) (p. 56) X REVIEW EXERCISES Evaluate each. 1. n i=1 i(i + 1) 2. n i=1 n j=1 (2i + 3j) 3. n i=1 n j=1 2i3j 4. n i=1 i j=1 2j 5. n i=1 n j=1 2i3j 6. n i=1 i j=1 32j 7. n i=1 i j=1 2i 8. n i=1 i j=1 ij 9. n r=0 2(n r) 10. n r=0 2tr Find the value of x resulting from the execution of each algorithm fragment. 11. x ← 0 12. x ← 0 for i = 1 to n do for i = 1 to n do for j = 1 to n do for j = 1 to i do x ← x + 1 for k = 1 to j do x ← x + 1
- 90. Review Exercises 61 In Exercises 13 and 14, the nth term an of a number sequence is defined recursively. Compute a5. 13. a1 = a2 = 1, a3 = 2 14. a1 = 0, a2 = a3 = 1 an = an−1 +an−2 +an−3, n ≥ 4 an = an−1 + 2an−2 + 3an−3, n ≥ 4 (A modified handshake problem) Mrs. and Mr. Matrix host a party for n married couples. At the party, each person shakes hands with everyone else, except his/her spouse. Let h(n) denote the total number of handshakes made. 15. Define h(n) recursively. 16. Predict an explicit formula for h(n). 17. Prove the formula obtained in Exercise 16 for every integer n ≥ 1. Using the iterative method, predict an explicit formula satisfied by each recurrence relation. 18. a1 = 1 · 2 19. a1 = 2 · 3 an = an−1 + n(n + 1), n ≥ 2 an = 3an−1, n ≥ 2 20. a1 = 1 21. a0 = 0 an = an−1 + 2n−1, n ≥ 2 an = an−1 + (3n − 1), n ≥ 1 22. Find a formula for the number an of times the statement x ← x+1 is executed by the following loop. for i = 1 to n do for j = 1 to i/2 do x ← x + 1 23. Prove that one more than four times the product of any two consecutive inte- gers is a perfect square. 24. Prove that the arithmetic mean a + b 2 of any two real numbers a and b is greater than or equal to their geometric mean √ ab. (Hint: Consider ( √ a − √ b)2.) 25. Prove that the equation x2 + y2 = z2 has infinitely many integral solutions. Using induction, prove each. 26. n i=1 (2i − 1)2 = n(4n2 − 1) 3 27. n i=1 1 (2i − 1)(2i + 1) = n 2n + 1 28–31. Using induction, prove the formulas obtained in Exercises 18–21. 32. Prove that 2n n = 2 2n − 1 n . 33. Prove by induction that n i=r C(i,r) = C(n + 1,r + 1).
- 91. 62 CHAPTER 1 Fundamentals 34. Add two lines to the following number pattern. t1 + t2 + t3 = t4 t5 + t6 + t7 + t8 = t9 + t10 t11 + t12 + t13 + t14 + t15 = t16 + t17 + t18 (M. N. Khatri) 35. Verify that t2 n − t2 n−1 = n3. 36. Using Exercise 35, show that n k=1 k3 = [n(n + 1)/2]2. 37. A palindrome is a positive integer that reads the same backwards and for- wards. Find the eight palindromic triangular numbers 1000. Prove each. 38. n k=1 k 2 = n k=1 k3. 39. t2 n = tn + tn−1tn+1 40. 2tntn−1 = tn2−1 41. tn−k = tn + tk − (n + 1)k (Casinelli, 1836) 42. tntk + tn−1tk−1 = tnk (R. B. Nelsen, 1997) 43. tn−1tk + tntk−1 = tnk−1 (R. B. Nelsen, 1997) 44. (2k + 1)2tn + tk = t(2k+1)n+k (Euler, 1775) 45. (nr)! (r!)n is an integer. (Young, 1902) 46. (nr)! n!(r!)n is an integer. (Feemster, 1910) Let an denote the number of ways a 2 × n rectangular board can be covered with 2 × 1 dominoes. 47. Define an recursively. 48. Find an explicit formula for an. (Hint: Consider 2 × (n − 1) and 2 × (n − 2) boards.) X SUPPLEMENTARY EXERCISES 1. Show that (2mn,m2 − n2,m2 + n2) is a solution of the equation x2 + y2 = z2. 2. Prove that (a2 + b2)(c2 + d2) = (ac + bd)2 + (ad − bc)2, where a,b,c, and d are any integers. Using the number pattern in Figure 1.34, answer Exercises 3–5. (Euclides, 1949)
- 92. Supplementary Exercises 63 12 = 1 32 = 2 + 3 + 4 52 = 3 + 4 + 5 + 6 + 7 72 = 4 + 5 + 6 + 7 + 8 + 9 + 10 . . . Figure 1.34 3. Add the next two lines. 4. Conjecture a formula for the nth line. 5. Establish the formula in Exercise 4. 6. The array in Figure 1.35 has the property that the sum of the numbers in each band formed by two successive squares is a cube. For example, 3 + 6 + 9 + 6 + 3 = 33. Using this array, establish that n i=1 i3 = n i=1 i 2 . (M. Kraitchik, 1930) Figure 1.35 7. In 1934, the French mathematician V. Thébault studied the array in Fig- ure 1.36. It consists of rows of arithmetic sequences and possesses several Figure 1.36
- 93. 64 CHAPTER 1 Fundamentals interesting properties. For example, the sum of the numbers in the nth band equals n3 and the main diagonal consists of squares. Using this array, prove that n i=1 i3 = [n(n + 1)/2]2. A side of the equilateral triangle in Figure 1.37 is n units long. Let an denote the number of triangles pointing up. Figure 1.37 8. Define an recursively. 9. Solve the recurrence relation. 10. Prove the Hoggat–Hansell identity n − i r − i n r + i n + i r = n − i r n + i r + i n r − i Evaluate each. 11. n k=0 n k k2 12. n k=0 n k k3 (Kuenzi and Prielipp, 1985) 13. In 1950, P. A. Piza discovered the following formula about sums of powers of triangular numbers ti: 3 n i=1 ti 3 = n i=1 t3 i + 2 n i=1 t4 i . Verify it for n = 3 and n = 4. 14. Prove that one more than the product of four consecutive integers is a per- fect square, and the square root of the resulting number is the average of the product of the smaller and larger numbers, and the product of the two middle integers. (W. M. Waters, 1990) 15. Find a positive integer that can be expressed as the sum of two cubes in two different ways. 16. Find three consecutive positive integers such that the sum of their cubes is also a cube. 17. Find four consecutive positive integers such that the sum of their cubes is also a cube.
- 94. Computer Exercises 65 18. Let Sn denote the sum of the elements in the nth set in the sequence of sets of positive integers {1},{3,5},{7,9,11},{13,15,17,19},.... Find a formula for Sn. (R. Euler, 1988) 19. Let S denote the sum of the elements in the nth set in the sequence of positive integers {1},{2,3,...,8},{9,10,...,21},{22,23,...,40},.... Find a formula for S. (C. W. Trigg, 1980) 20. Let S denote the sum of the numbers in the nth set of the sequence of triangu- lar numbers {1},{3,6},{10,15,21},.... Find a formula for S. (J. M. Howell, 1988) 21. Redo Exercise 20 with the sets of pentagonal numbers {1},{5,12},{22,35,51}, {70,92,117,145},.... 22. Three schools in each state, Alabama, Georgia, and Florida, enter one person in each of the events in a track meet. The number of events and the scoring system are unknown, but the number of points for the third place is less than that for the second place which in turn is less than the number of points for the first place. Georgia scored 22 points, and Alabama and Florida tie with 9 each. Florida wins the high jump. Who won the mile run? (M. vos Savant, 1993) X COMPUTER EXERCISES Write a program to do each task. 1. Read in n positive integers. Find their maximum and minimum using both iteration and recursion. 2. Read in a positive integer n ≤ 20, and compute the nth Catalan number using recursion. 3. Read in a whole number n, and print Pascal’s triangle with n + 1 rows. 4. Print the following triangular arrays. (a) 1 1 2 1 2 3 . . . 1 2 3 4 5 6 7 8 9 (b) 1 2 1 3 2 1 . . . 9 8 7 6 5 4 3 2 1 5. Find the five Kaprekar numbers 100. 6. Read in a square array of positive integers, and determine if it is a magic square. If yes, find its magic constant. 7. There are four integers between 100 and 1000, each equal to the sum of its digits. Find them.
- 95. 66 CHAPTER 1 Fundamentals 8. The integer 1105 can be expressed as the sum of two squares in four differ- ent ways. Find them. 9. Find the smallest positive integer that can be expressed as the sum of two cubes in two different ways. 10. Find the smallest positive integer that can be expressed as the sum of two fourth powers in two different ways. 11. Read in a positive integer n ≤ 20. Using the rules in Example 1.19, print the various moves and the number of moves needed to transfer n disks from peg X to peg Y. 12. Using Exercises 33 and 34 in Section 1.3, compute the total number of grains of wheat needed for the 8 × 8 chessboard. (Hint: The answer is 18,446,744,073,709,551,615 grains, which may be too large for an integer variable to hold; so think of a suitable data structure.) 13. Using recursion, print the first n: a) Triangular numbers. b) Square numbers. c) Pentagonal numbers. d) Hexagonal numbers. 14. Print the triangular numbers ≤ 104 that are perfect squares. 15. Print the triangular numbers ≤ 104 that are prime. 16. There are 40 palindromic triangular numbers 107. Find them. 17. Search for two triangular numbers tn such that both tn and n are palindromic, where 9 ≤ n ≤ 100. 18. Find the first three triangular numbers consisting of the same repeated digit. 19. There are 19 palindromic pentagonal numbers 107. Find them. 20. Find the largest three-digit integer n whose square is palindromic. 21. Find the least positive integer n such that n3 is palindromic, but n is not. X ENRICHMENT READINGS 1. A. H. Beiler, Recreations in the Theory of Numbers, Dover, New York, 1966. 2. D. Birch, The King’s Chessboard, Puffin Books, 1993. 3. P. Z. Chinn, “Inductive Patterns, Finite Differences, and a Missing Region,” Mathematics Teacher, 81 (Sept. 1988), 446–449. 4. U. Dudley, Mathematical Cranks, The Math. Association of America, Washington, DC (1992), 200–204. 5. J. Dugle, “The Twelve Days of Christmas and Pascal’s Triangle,” Mathe- matics Teacher, 75 (Dec. 1982), 755–757.
- 96. Enrichment Readings 67 6. M. Eng and J. Casey, “Pascal’s Triangle—A Serendipitous Source for Pro- gramming Activities,” Mathematics Teacher, 76 (Dec. 1983), 686–690. 7. M. Gardner, Mathematics Magic and Mystery, Dover, New York, 1956. 8. M. Gardner, “Mathematical Games,” Scientific American, 234 (June 1976), 120–125. 9. M. Gardner, Mathematical Puzzles and Diversions, The University of Chicago Press, Chicago (1987), 130–140. 10. R. Honsberger, More Mathematical Morsels, The Math. Association of America, 1991. 11. C. Oliver, “The Twelve Days of Christmas,” Mathematics Teacher, 70 (Dec. 1977), 752–754. 12. J. K. Smith, “The nth Polygonal Number,” Mathematics Teacher, 65 (March 1972), 221–225. 13. K. B. Strangeman, “The Sum of n Polygonal Numbers,” Mathematics Teacher, 67 (Nov. 1974), 655–658. 14. C. W. Trigg, “Palindromic Triangular Numbers,” J. Recreational Mathemat- ics, 6 (Spring 1973), 146–147. 15. T. Trotter, Jr., “Some Identities for the Triangular Numbers,” J. Recreational Mathematics, 6 (Spring 1973), 127–135.
- 98. 2 Divisibility The grandest achievement of the Hindus and the one which, of all mathematical investigations, has contributed to the general progress of intelligence, is the invention of the principle of position in writing numbers. — F. CAJORI his chapter continues the study of properties of integers and explores five Tclasses of positive integers: prime numbers, which are the building blocks of integers, composite numbers, Fibonacci numbers, Lucas numbers, and Fer- mat numbers. 2.1 The Division Algorithm The division algorithm is a fine application of the well-ordering principle and is often employed to check the correctness of a division problem. Suppose an integer a is divided by a positive integer b. Then we get a unique quotient q and a unique remainder r, where the remainder satisfies the condition 0 ≤ r b; a is the dividend and b the divisor. This is formally stated as follows. THEOREM 2.1 (The Division Algorithm) Let a be any integer and b a positive integer. Then there exist unique integers q and r such that 69
- 99. 70 CHAPTER 2 Divisibility where 0 ≤ r b. PROOF The proof consists of two parts. First, we must establish the existence of the integers q and r, and then we must show they are indeed unique. 1) EXISTENCE PROOF Consider the set S = {a − bn | (n ∈ Z) and (a − bn ≥ 0)}. Clearly, S ⊆ W. We shall show that S contains a least element. To this end, first we will show that S is a nonempty subset of W: case 1 Suppose a ≥ 0. Then a = a − b · 0 ∈ S, so S contains an element. case 2 Suppose a 0. Since b ∈ Z+, b ≥ 1. Then −ba ≥ −a; that is, a − ba ≥ 0. Consequently, a − ba ∈ S. In both cases, S contains at least one element, so S is a nonempty subset of W. Therefore, by the well-ordering principle, S contains a least element r. Since r ∈ S, an integer q exists such that r = a − bq, where r ≥ 0. To show that r b: We will prove this by contradiction. Assume r ≥ b. Then r − b ≥ 0. But r − b = (a − bq) − b = a − b(q + 1). Since a − b(q + 1) is of the form a − bn and is ≥ 0, a−b(q+1) ∈ S; that is, r −b ∈ S. Since b 0, r −b r. Thus, r −b is smaller than r and is in S. This contradicts our choice of r, so r b. Thus, there are integers q and r such that a = bq + r, where 0 ≤ r b. 2) UNIQUENESS PROOF We would like to show that the integers q and r are unique. Assume there are integers q, q, r, and r such that a = bq + r and a = bq + r, where 0 ≤ r b and 0 ≤ r b. Assume, for convenience, that q ≥ q. Then r − r = b(q − q). Because q ≥ q, q − q ≥ 0 and hence r − r ≥ 0. But, because r b and r b, r − r b. Suppose q q; that is, q−q ≥ 1. Then b(q−q) ≥ b; that is, r −r ≥ b. This is a contradiction because r − r b. Therefore, q ≯ q; thus, q = q, and hence, r = r. Thus, the integers q and r are unique, completing the uniqueness proof. Although this theorem has been traditionally called the division algorithm, it does not present an algorithm for finding q and r. They can be found using the fa- miliar long division method.
- 100. 2.1 The Division Algorithm 71 EXAMPLE 2.1 Find the quotient q and the remainder r when 1. 207 is divided by 15. 2. −23 is divided by 5. SOLUTION 1. 207 = 15 · 13 + 12; so q = 13 and r = 12. 2. Since −23 = 5 · (−4) + (−3), you might be tempted to say that q = −4 and r = −3. The remainder, however, can never be negative. But −23 can be written as −23 = 5 · (−5) + 2, where 0 ≤ r (= 2) 5 (see the number line in Figure 2.1). Thus, q = −5 and r = 2. Figure 2.1 You may notice that the equation a = bq + r can be written as a b = q + r b , where 0 ≤ r/b 1. Consequently, q = a/b and r = a − bq = a − b · a/b. Div and Mod Operators The binary operators, div and mod, are often used in discrete mathematics and com- puter science to find quotients and remainders. They are defined as follows: a div b = quotient when a is divided by b a mod b = remainder when a is divided by b For example, 23 div 5 = 4, and 23 mod 5 = 3; −23 div 5 = −5, and −23 mod 5 = 2 (why?). It now follows from these definitions that q = a div b = a/b and r = a mod b = a − bq = a − b · a/b. The following example is a simple application of both div and mod operators.
- 101. 72 CHAPTER 2 Divisibility Card Dealing (optional) Consider a standard deck of 52 playing cards. They are originally assigned the num- bers 0 through 51 in order. Use the suit labels 0 = clubs, 1 = diamonds, 2 = hearts, and 3 = spades to identify each suit, and the card labels 0 = ace, 1 = deuce, 2 = three, ..., and 12 = king to identify the cards in each suit. Suppose card x is drawn at random from a well-shuffled deck, where 0 ≤ x ≤ 51. How do we identify the card? First, we need to determine the suit to which the card belongs. It is given by x div 13. Next, we need to determine the card within the suit; this is given by x mod 13. Thus, card x is card (x mod 13) in suit (x div 13). For example, let x = 50. Since 50 div 13 = 3, the card is a spade. Now 50 mod 13 = 11, so it is a queen. Thus, card 50 is the queen of spades. Next, we pursue an intriguing application of the floor function and the mod operator to the game of chess. The Two Queens Puzzle (optional) There are two queens on an 8 × 8 chessboard. One can capture the other if they are on the same row, column, or diagonal. The 64 squares on the board are numbered 0 through 63. Suppose one queen is in square x and the other in square y, where 0 ≤ x,y ≤ 63. Can one queen capture the other? Because the squares are labeled 0 through 63, we can label each row with the numbers 0 through 7 and each column with the same numbers 0 through 7. In fact, each row label = r/8 and each column label = c mod 8, where 0 ≤ r,c ≤ 63 (see Figure 2.2). Thus, the queen in square x lies in row x/8 and column x mod 8, and Figure 2.2
- 102. 2.1 The Division Algorithm 73 Gustav Peter Lejeune Dirichlet (1805–1859) was born in Duren, Germany. The son of a postmaster, he attended a public school and then a private school that emphasized Latin. After attending the Gymnasium in Bonn for two years, Dirichlet entered a Jesuit college in Cologne, where he received a strong back- ground in theoretical physics under the physicist Georg Simon Ohm. In 1822, he moved to the University of Paris. In 1826, Dirichlet returned to Germany and taught at the University of Breslau. Three years later, he moved to the University of Berlin, where he spent the next 27 years. Dirichlet’s greatest interest in mathematics was number theory, and he was inspired by Gauss’ masterpiece, Disquisitiones Arithmeticae (1801). He established Fermat’s Last Theorem for n = 14. Among the many results he discovered are the proof of a theorem presented to the Paris Academy of Sciences on algebraic number theory in 1837: The sequence {an + b} contains infinitely many primes, where a and b are relatively prime. When Gauss died in 1855, Dirichlet moved to the University of Göttingen. Three years later, he went to Montreaux, Switzerland, to deliver a speech in honor of Gauss. While there, he suffered a heart attack and was barely able to return home. During his illness his wife succumbed to a stroke, and Dirichlet died soon after. that in square y lies in row y/8 and column y mod 8. Consequently, the two queens will be in the same row if and only if x/8 = y/8, and in the same column if and only if x mod 8 = y mod 8. For example, if x = 41 and y = 47, the two queens lie on the same row. How do we determine if they lie on the same diagonal? There are 15 northeast diagonals and 15 southeast diagonals. With a bit of patience, we can show that the queens lie on the same diagonal if and only if the absolute value of the difference of their row labels equals that of the difference of their column labels; that is, if and only if |x/8 − y/8| = |x mod 8 − y mod 8|. For example, let x = 51 and y = 23 (see Figure 2.2). Then |51/8 − 23/8| = |6 − 2| = 4 = |3 − 7| = |51 mod 8 − 23 mod 8|, so one queen captures the other. On the other hand, if x = 49 and y = 13, then |49/8 − 13/8| = |49 mod 8 − 13 mod 8|; so one queen cannot capture the other. The Pigeonhole Principle and the Division Algorithm The pigeonhole principle is also known as the Dirichlet box principle after the German mathematician Gustav Peter Lejeune Dirichlet who used it extensively in his work on number theory. It can be applied to a variety of situations. Suppose m pigeons fly into n pigeonholes to roost, where m n. What is your conclusion? Because there are more pigeons than pigeonholes, at least two pigeons
- 103. 74 CHAPTER 2 Divisibility must roost in the same pigeonhole; in other words, there must be a pigeonhole con- taining two or more pigeons (see Figure 2.3). Figure 2.3 We now state and prove the simple version of the pigeonhole principle. THEOREM 2.2 (The Pigeonhole Principle) If m pigeons are assigned to n pigeonholes, where m n, then at least two pigeons must occupy the same pigeonhole. PROOF (by contradiction) Suppose the given conclusion is false; that is, no two pigeons occupy the same pi- geonhole. Then every pigeon must occupy a distinct pigeonhole, so n ≥ m, which is a contradiction. Thus, two or more pigeons must occupy some pigeonhole. Next, we move on to the divisibility relation. The Divisibility Relation Suppose we let r = 0 in the division algorithm. Then a = bq + 0 = bq. We then say that b divides a, b is a factor of a, a is divisible by b, or a is a multiple of b, and write b|a. If b is not a factor of a, we write b a. For instance, 3|12, 5|30, but 6 15. The following example illustrates the pigeonhole principle. EXAMPLE 2.2 Let b be an integer ≥ 2. Suppose b + 1 integers are randomly selected. Prove that the difference of two of them is divisible by b. PROOF Let q be the quotient and r the remainder when an integer a is divided by b. Then, by the division algorithm, a = bq + r, where 0 ≤ r b. The b + 1 integers yield b + 1 remainders (pigeons), but there are only b possible remainders (pigeonholes). Therefore, by the pigeonhole principle, two of the remainders must be equal. Let x and y be the corresponding integers. Then x = bq1 + r and y = bq2 + r for some quotients q1 and q2. Therefore,
- 104. 2.1 The Division Algorithm 75 x − y = (bq1 + r) − (bq2 + r) = b(q1 − q2) Thus, x − y is divisible by b. Before we pursue divisibility properties, let us digress for a while with an inter- esting puzzle. An Intriguing Puzzle (optional) Think of a three-digit number abc. Multiply abc and the successive answers by 7, 11, and 13, respectively. Your answer is abcabc. Surprised? Can you explain why it works this way? Next, we study several useful divisibility properties. We leave them as routine exercises. THEOREM 2.3 Let a and b be positive integers such that a|b and b|a. Then a = b. THEOREM 2.4 Let a, b, c, α, and β be any integers.† Then 1. If a|b and b|c, then a|c. (transitive property) 2. If a|b and a|c, then a|(αb + βc). 3. If a|b, then a|bc. The expression αb + βc is called a linear combination of b and c. Thus, by part 2, if a is a factor of b and c, then a is also a factor of any linear combination of b and c. In particular, a|(b + c) and a|(b − c) (why?). The floor function can be used to determine the number of positive integers less than or equal to a positive integer a and divisible by a positive integer b, as the next theorem shows. THEOREM 2.5 Let a and b be any positive integers. Then the number of positive integers ≤ a and divisible by b is a/b. † α and β are the Greek letters alpha and beta.
- 105. 76 CHAPTER 2 Divisibility PROOF Suppose there are k positive integers ≤ a and divisible by b. We need to show that k = a/b. The positive multiples of b less than or equal to a are b, 2b,...,kb. Clearly, kb ≤ a, that is, k ≤ a/b. Further, (k + 1)b a. Thus, k + 1 a/b or a/b − 1 k. Therefore, a b − 1 k ≤ a b Thus, k is the largest integer less than or equal to a/b, so k = a/b. For example, the number of positive integers ≤ 2076 and divisible by 19 is 2076/19 = 109.26316 = 109. Next, we consider some aspects of sets and the inclusion–exclusion principle. Union, Intersection, and Complement Let A be a finite set and |A| the number of elements in A. For example, if A = {3,5,8,17}, then |A| = 4. (In Chapter 1, we used vertical bars to denote the ab- solute value of a number, but here it denotes the number of elements in a set. The meaning of the notation should be clear from the context, so be a bit careful.) Let A and B be any two sets. Their union A ∪ B is the set of elements belonging to A or B; their intersection A ∩ B consists of the common elements; A denotes the complement of A, that is, the set of elements in the universal set that are not in A. We now move on to the inclusion–exclusion principle. Let A and B be finite sets. Let |A ∩ B| = n, |A| = n + r, and |B| = n + s for some integers n,r,s ≥ 0. Then |A ∪ B| = n + r + s = (n + r) + (n + s) − n = |A| + |B| − |A ∩ B|. Likewise, |A ∪ B ∪ C| = |A| + |B| + |C| − |A ∩ B| − |B ∩ C| − |C ∩ A| + |A ∩ B ∩ C|. More generally, we have the following result. THEOREM 2.6 (The Inclusion–Exclusion Principle) Let A1,A2,...,An be n finite sets. Then n i=1 Ai = 1≤i≤n |Ai| − 1≤ij≤n |Ai ∩ Aj| + 1≤ijk≤n |Ai ∩ Aj ∩ Ak| − ··· + (−1)n+1 n i=1 Ai The next two examples are simple applications of this theorem.
- 106. 2.1 The Division Algorithm 77 EXAMPLE 2.3 Find the number of positive integers ≤ 2076 and divisible by neither 4 nor 5. SOLUTION Let A = {x ∈ N | x ≤ 2076 and divisible by 4} and B = {x ∈ N | x ≤ 2076 and divisi- ble by 5}. Then |A ∪ B| = |A| + |B| − |A ∩ B| = 2076/4 + 2076/5 − 2076/20 = 519 + 415 − 103 = 831 Thus, among the first 2076 positive integers, there are 2076 − 831 = 1245 integers not divisible by 4 or 5. EXAMPLE 2.4 Find the number of positive integers ≤ 3000 and divisible by 3, 5, or 7. SOLUTION Let A, B, and C denote the sets of positive integers ≤ 3000 and divisible by 3, 5, or 7. By the inclusion–exclusion principle, |A ∪ B ∪ C| = |A| + |B| + |C| − |A ∩ B| − |B ∩ C| − |C ∩ A| + |A ∩ B ∩ C| = 3000/3 + 3000/5 + 3000/7 − 3000/15 − 3000/35 −3000/21 + 3000/105 = 1000 + 600 + 428 − 200 − 85 − 142 + 28 = 1629 In October 1582, at the request of Pope Gregory XIII, Fr. Christopher Clavius and Aloysius Giglio introduced the Gregorian calendar to rectify the errors of the Julian calendar. In the Gregorian calendar, which is now universally used, a nonleap year contains 365 days and a leap year contains 366 days. (A year is a leap year if it is a century divisible by 400 or if it is a noncentury and divisible by 4. For example, 1600 and 1976 were leap years, whereas 1778 and 1900 were not.) The following example shows how to derive a formula to compute the number of leap years beyond 1600 and not exceeding a given year y. (See Section 5.6 also.) EXAMPLE 2.5 Show that the number of leap years after 1600 and not exceeding a given year y is given by = y/4 − y/100 + y/400 − 388.
- 107. 78 CHAPTER 2 Divisibility PROOF Let n be a year such that 1600 n ≤ y. To derive the formula for , we proceed step by step: step 1 Find the number of years n in the range divisible by 4. Let 4n1 be such a year. Then 1600 4n1 ≤ y; that is, 400 n1 ≤ y/4. Therefore, there are n1 = y/4 − 400 such years. step 2 Find the number of centuries in the range 1600 n ≤ y. Let 100n2 be a century such that 1600 100n2 ≤ y. Then 16 n2 ≤ y/100. Therefore, there are n2 = y/100 − 16 centuries beyond 1600 and ≤ y. step 3 Find the number of centuries in the range divisible by 400. Since they are of the form 400n3, we have 1600 400n3 ≤ y. Then 4 n3 ≤ y/400, so n3 = y/400 − 4. step 4 Therefore, = n1 − n2 + n3 = y/4 − 400 − y/100 + 16 + y/400 − 4 = y/4 − y/100 + y/400 − 388 We now return to the division algorithm and discuss some divisibility properties involving even and odd integers. Even and Odd Integers Suppose we let b = 2 in the division algorithm. Then a = 2q + r, where 0 ≤ r 2. So r = 0 or 1. When r = 0, a = 2q; such integers are even integers. When r = 1, a = 2q + 1; such integers are odd integers. It follows from this definition that every integer is either even or odd, but not both. The Pythagoreans considered odd numbers male and good, and even numbers female and bad. The number 1 was considered neither male nor female. The num- ber 5, being the sum of the first masculine and feminine numbers, was considered a symbol of marriage. Some philosophers, supported by early Christian theologians, identified the number with God. The following properties were also known to the Pythagoreans. We shall leave them as exercises; see Exercises 40–46. • The sum of any two even integers is even. • The product of any two even integers is even.
- 108. 2.1 The Division Algorithm 79 • The sum of any two odd integers is even. • The product of any two odd integers is odd. • The sum of an even integer and an odd integer is odd. • The product of an even integer and an odd integer is even. • If the square of an integer is even, then the integer is even. • If the square of an integer is odd, then the integer is odd. E X E R C I S E S 2.1 Find the quotient and the remainder when the first integer is divided by the second. 1. 78, 11 2. 57, 75 3. −325, 13 4. −23, 25 Let f(n) denote the number of positive factors of a posi- tive integer n. Evaluate each. 5. f(16) 6. f(12) 7. f(15) 8. f(17) Find the number of positive integers ≤ 3076 and 9. Divisible by 19 10. Divisible by 23 11. Not divisible by 17 12. Not divisible by 24 Find the number of positive integers in the range 1976 through 3776 that are 13. Divisible by 13 14. Divisible by 15 15. Not divisible by 17 16. Not divisible by 19 Mark true or false, where a, b, and c are arbitrary integers. 17. 1|a 18. If a|b, then a| − b. 19. a|0 20. If a|b and b|a, then a = b. 21. If a|b, then a b. 22. If a b, then a|b. 23. If a|b and b|c, then a|c. 24. If a b, then b a. 25. Zero is neither even nor odd. 26. There is no remainder when an even integer is divided by 2. Prove or disprove each statement, where a, b, and c are arbitrary integers. 27. If a2 = b2, then a = b. 28. If a|b and b|a, then a = b. 29. If a|(b + c), then a|b and a|c. 30. If a|bc, then a|b and a|c. Evaluate each, where d is a positive integer. 31. d|12 d 32. d|12 1 33. d|18 1 d 34. d|18 18 d 35. A nude number is a natural number n such that each of its digits is a factor of n. Find all three-digit odd nude numbers containing no repeated digits. Let f be a function defined recursively by f(n) = 1 if 3|n f(n + 1) otherwise 36. Find f(16) 37. Find an explicit formula for f(n). Prove each, where a and b are positive integers. 38. If a|b and b|a, then a = b. 39. If a|b and c|d, then ac|bd. 40. The sum and the product of any two even integers are even. 41. The sum of any two odd integers is even. 42. The product of any two odd integers is odd. 43. The sum of an even integer and an odd integer is odd. 44. If the square of an integer is even, then the integer must be even. 45. If the square of an integer is odd, then the integer must be odd. 46. The product of any two consecutive integers is even.
- 109. 80 CHAPTER 2 Divisibility 47. The sum of any two integers of the form 4k + 1 is even. 48. Every odd integer is of the form 4k + 1 or 4k + 3. 49. The product of any two integers of the form 3k + 1 is also of the same form. 50. The product of any two integers of the form 4k + 1 is also of the same form. 51. If the product of two integers is even, then at least one of them must be even. 52. If the product of two integers is odd, then both must be odd. Prove each by cases, where n is an arbitrary integer. 53. n2 + n is an even integer. 54. 2n3 + 3n2 + n is an even integer. 55. n3 − n is divisible by 2. 56. 30|(n5 − n) 57. Derive the inclusion–exclusion principle for three fi- nite sets A, B, and C. 58. Prove that the difference of the squares of two posi- tive integers cannot be 1. 59. Prove that the product of any four consecutive posi- tive integers cannot be a perfect square. (Hint: Use Exercise 58.) 60. Prove that if the sum of the cubes of three consecutive integers is a cube k3, then 3|k. 61. Show that the equation n3 + (n + 1)3 + (n + 2)3 = (n + 3)3 has a unique solution. (Hint: Use Exercise 60.) Using induction prove each, where n is a nonnegative in- teger. (Hint: Use the binomial theorem for Exercises 64 and 65.) 62. 2n3 + 3n2 + n is divisible by 6. 63. n4 + 2n3 + n2 is divisible by 4. 64. 24n + 3n − 1 divisible by 9. 65. 42n + 10n − 1 divisible by 25. 66. Find the largest nontrivial factor of 230 − 1. 2.2 Base-b Representations (optional) The division algorithm can be used to convert a decimal integer to any other base. Furthermore, additions and multiplications can be carried out in any base, and sub- traction can be accomplished using addition, as in base ten. In everyday life, we use the decimal notation, base 10, to represent any real num- ber. For example, 234 = 2(102) + 3(101) + 4(100), which is the decimal expansion of 234. Likewise, 23.45 = 2(101) + 3(100) + 4(10−1) + 5(10−2). Computers use base two (binary); very long binary numbers are often handled by human beings using base eight (octal) and base sixteen (hexadecimal). Actually, any positive integer b ≥ 2 is a valid choice for a base. This is a con- sequence of the following fundamental result, the proof of which is a bit long but straightforward. THEOREM 2.7 Let b be a positive integer ≥ 2. Then every positive integer N can be expressed uniquely in the form N = akbk +ak−1bk−1 +···+a1b+a0, where a0,a1,...,ak are nonnegative integers less than b, ak = 0, and k ≥ 0.
- 110. 2.2 Base-b Representations (optional) 81 PROOF The proof consists of two parts: the existence half and the uniqueness half. The ex- istence half, applying the division algorithm, establishes the existence of such an expansion for N using powers of b; the uniqueness half shows that such an expan- sion is unique. To show that N has the desired expansion: Apply the division algorithm with N as the dividend and b as the divisor: N = bq0 + a0, 0 ≤ a0 b If q0 = 0, apply the division algorithm again with q0 as the new dividend: q0 = bq1 + a1, 0 ≤ a1 b Continuing like this, we get a sequence of equations: q1 = bq2 + a2, 0 ≤ a2 b q2 = bq3 + a3, 0 ≤ a3 b . . . qk−2 = bqk−1 + ak−1, 0 ≤ ak−1 b where N q0 q1 q2 ···. Because q0,q1,q2,... is a decreasing sequence of nonnegative integers, this procedure must eventually terminate with the last step: qk−1 = b · 0 + ak, 0 ≤ ak b To get the desired form, we begin substituting for each qi, beginning with the first equation: N = bq0 + a0 Substitute for q0: N = b(bq1 + a1) + a0 = q1b2 + a1b + a0 Now substitute for q1 and continue the procedure: N = q2b3 + a2b2 + a1b + a0 . . . = qk−1bk + ak−1bk−1 + ··· + a2b2 + a1b + a0 = akbk + ak−1bk−1 + ··· + a2b2 + a1b + a0
- 111. 82 CHAPTER 2 Divisibility where 0 ≤ ai b for every i. Also, ak = 0, since ak = qk−1 is the last nonzero quo- tient. Thus, N has the desired expansion. To show that the expansion of N is unique: Suppose N has two expansions: N = k i=0 aibi = k i=0 cibi where 0 ≤ ai,ci b. (We can assume both expansions contain the same number of terms, since we can always add enough zero coefficients to yield the same number of terms.) Subtracting one expansion from the other yields k i=0 (ai − ci)bi = 0. Let di = ai − ci. Then k i=0 dibi = 0. If every di = 0, then ai = ci for every i, so the two expansions are the same. If the expansions are distinct, there must be a smallest integer j, where 0 ≤ j ≤ k, such that dj = 0. Then k i=j dibi = 0 Factor out bj: bj k i=j dibi−j = 0 Cancel bj: k i=j dibi−j = 0 This yields dj + b k i=j+1 dibi−j−1 = 0 b k i=j+1 dibi−j−1 = −dj Thus, b|dj. But, since 0 ≤ ai, ci b, −b ≤ ai − ci b; that is, −b ≤ dj b. There- fore, since b|dj, dj = 0, which contradicts our assumption that dj = 0.
- 112. 2.2 Base-b Representations (optional) 83 Thus, the two expansions are the same, establishing the uniqueness of the ex- pansion. This concludes the proof. This theorem leads us to the following definition. Base-b Representation The expression akbk + ak−1bk−1 + ··· + a1b + a0 is the base-b expansion of the integer N. Accordingly, we write N = (akak−1 ...a1a0)b in base b. When the base is two, the expansion is called the binary expansion. When b = 2, each coefficient is 0 or 1; these two digits are called binary digits (or bits). The number system with base ten is the decimal system, from the Latin word decem, meaning ten.† It was invented in India around the third century B.C., and carried to Spain in A.D. 711 by Arabs who traded with India. The decimal system employs the ten digits 0 through 9 to represent any number. The principal reason for this choice is undoubtedly that in earlier times men and women used their fingers for counting and computing, as some still do today. The base is omitted when it is ten. For example, 234ten = 234 and (10110)two = 22 (see Example 2.6). When the base is greater than ten, we use the letters A,B,C,... to represent the digits ten, eleven, twelve, ... respectively, to avoid any possible confusion. It is easy to find the decimal value of an integer from its base-b representation, as the next two examples illustrate. EXAMPLE 2.6 Express 10110two in base ten. SOLUTION 10110two = 1(24 ) + 0(23 ) + 1(22 ) + 1(21 ) + 0(20 ) ← binary expansion = 16 + 0 + 4 + 2 + 0 = 22 EXAMPLE 2.7 Express 3ABCsixteen in base ten. SOLUTION Recall that A = 10, B = 11, and C = 12. Therefore, † December was the tenth month of the ancient Roman year. Decemvir was a member of a council of ten magistrates in ancient Rome.
- 113. 84 CHAPTER 2 Divisibility 3ABCsixteen = 3(163 ) + 10(162 ) + 11(161 ) + 12(160 ) = 12,288 + 2560 + 176 + 12 = 15,036 Conversely, suppose we are given a decimal integer. How do we express it in another base b? By Theorem 2.9, all we have to do is express it as a sum of powers of b, then simply collect the coefficients in the correct order. Always remember to account for missing coefficients. This method is illustrated in the following example. EXAMPLE 2.8 Express 3014 in base eight. SOLUTION The largest power of 8 that is contained in 3014 is 512. Apply the division algorithm with 3014 as the dividend and 512 as the divisor: 3014 = 5 · 512 + 454 Now look at 454. It lies between 64 and 512. The largest power of 8 we can now use is 64: 454 = 7 · 64 + 6 Continue like this until the remainder becomes less than 8: 6 = 6 · 1 + 0 Thus, we have 3014 = 5(512) + 7(64) + 6 = 5(83 ) + 7(82 ) + 0(81 ) + 6(80 ) = 5706eight A simple algorithm expresses an integer a in any nondecimal base b: divide a and its successive quotients by b until a zero quotient is reached, then pick the remainders in the reverse order. These steps can be translated into the elegant algorithm given in Algorithm 2.1.
- 114. 2.2 Base-b Representations (optional) 85 Algorithm nondecimal base (n, b) (* This algorithm finds the base-b representation (amam−1 ...a1a0)b of a positive inte- ger n. The variables q and r denote the quotient and the remainder of the division algo- rithm, and i is a subscript. *) Begin (* algorithm *) (* initialize the variables q,r, and i *) q ← n r ← n i ← 0 while q 0 do begin (* while *) r ← q mod b aj ← r q ← q div b i ← i + 1 endwhile End (* algorithm *) Algorithm 2.1 The following example demonstrates this algorithm. EXAMPLE 2.9 Represent 15,036 in the hexadecimal system, that is, in base sixteen. SOLUTION Applying Algorithm 2.1, we have Thus, 15,036 = 3ABCsixteen. The Egyptian Method of Multiplication An algorithm based on Theorem 2.9 was used by the ancient Egyptians for multiply- ing two positive integers, say, 23 and 45. First, express one of the factors, say, 23, as a sum of powers of 2: 23 = 1 + 2 + 4 + 16
- 115. 86 CHAPTER 2 Divisibility Then 23 · 45 = 1 · 45 + 2 · 45 + 4 · 45 + 16 · 45 Next construct a table (Table 2.1) consisting of two rows, one headed by 1 and the other by 45; each successive column is obtained by doubling the preceding col- umn. 1 2 4 8 16 45 90 180 360 720 Table 2.1 To find the desired result, add the starred numbers in the second row. These correspond to the terms in the binary expansion of 23: 23 · 45 = 45 + 90 + 180 + 720 = 1035 We can use yet another algorithm for multiplication, which is a delightful appli- cation of the floor function. The Russian Peasant Algorithm The Russian peasant algorithm for multiplication resembles the Egyptian method. To illustrate it, suppose we want to compute 24 · 43. As before, construct a table (Table 2.2) of two rows, one headed by 24 and the other by 43. Each succeeding number in row 1 is the quotient when the number is divided by 2; continue this procedure until the quotient becomes 1. At each step, double the previous entry in row 2. 24 12 6 3 1 43 86 172 344 688 Table 2.2 To compute the product, just add the starred numbers that correspond to the odd numbers in row 1: 24 · 43 = 688 + 344 = 1032 [Can you explain why this algorithm works? Hint: ab = (a/2)(2b).]
- 116. 2.2 Base-b Representations (optional) 87 The Egyptian Method of Division The Egyptians developed a method for dividing integers that was similar to their mul- tiplication algorithm. Suppose we would like to find the quotient and the remainder when 256 is divided by 23, by this method. Once again, build a table (Table 2.3), the first row headed by 1 and the other by the divisor 23; double each successive column until the number in the second row exceeds 256, the dividend. 1 2 4 8 16 23 46 92 184 368 ↑ 256 Table 2.3 Now express 256 as a sum of the starred numbers from the second row: 256 = 184 + 72 = 184 + 46 + 26 = 184 + 46 + 23 + 3 ← remainder Then the quotient is the sum of the numbers in row 1 that correspond to the starred numbers, namely, 1 + 2 + 8 = 11; the remainder is the leftover, 3. E X E R C I S E S 2.2 Express each number in base ten. 1. 1101two 2. 11011two 3. 1776eight 4. 1976sixteen Express each decimal number as required. 5. 1076 = ( )two 6. 676 = ( )eight 7. 1776 = ( )eight 8. 2076 = ( )sixteen The binary representation of an integer can conveniently be used to find its octal representation. Group the bits in threes from right to left and replace each group with the corresponding octal digit. For example, 243 = 11110011two = 011 110 011two = 363eight. Using this shortcut, rewrite each binary number as an octal integer. 9. 1101two 10. 11011two 11. 111010two 12. 10110101two The binary representation of an integer can also be used to find its hexadecimal representation. Group the bits in fours from right to left and then replace each group with the equivalent hexadecimal digit. For instance, 243 = 11110011two = 1111 0011two = F3sixteen. Using this method, express each binary number in base sixteen. 13. 11101two 14. 110111two 15. 1110101two 16. 10110101two The techniques explained in Exercises 9–12 are re- versible, that is, the octal and hexadecimal representations of integers can be used to find their binary representations. For example, 345eight = 011 100 101two = 11100101two. Using this technique, rewrite each number in base two. 17. 36sixteen 18. 237eight 19. 237sixteen 20. 3ADsixteen
- 117. 88 CHAPTER 2 Divisibility Using the Egyptian method, compute each product. 21. 19 · 31 22. 30 · 43 23. 29 · 49 24. 36 · 59 25–28. Using the Russian method, evaluate the products in Exercises 21–24. Using the Egyptian method of division, find the quotient and the remainder when the first integer is divided by the second. 29. 243, 19 30. 1076, 31 31. 1776, 35 32. 2076, 43 33. Arrange the binary numbers 1011, 110, 11011, 10110, and 101010 in order of increasing magnitude. 34. Arrange the hexadecimal numbers 1076, 3056, 3CAB, 5ABC, and CACB in order of increasing mag- nitude. 35. What can you say about the ones bit in the binary rep- resentation of an even integer? An odd integer? Find the value of the base b in each case. 36. 54b = 64 37. 1001b = 9 38. 1001b = 126 39. 144b = 49 40. Find the base b if 7642 = 1234b. (A. Dunn, 1980) 41. Find the positive integer n if the decimal values of n3 and n4 together contain all the digits exactly once. (A. Dunn, 1980) Find the number of ones in the binary representations of each number. 42. 23 − 1 43. 24 − 1 44. 25 − 1 45. 2n − 1 46. Suppose a space team investigating Venus sends back the picture of an addition problem scratched on a wall, as shown in Figure 2.4. The Venusian numer- ation system is a place value system, just like ours. The base of the system is the same as the number of fingers on a Venusian hand. Determine the base of the Venusian numeration system. (This puzzle is due to H. L. Nelson.†) Figure 2.4 Polynomials can be evaluated efficiently using the tech- nique of nested multiplication, called Horner’s method. (This method is named after the English schoolmaster William G. Horner [1786–1837], who published it in 1819.) For instance, the polynomial f(x) = 4x3 + 5x2 + 6x + 7 can be evaluated as f(x) = ((4x + 5)x + 6)x + 7. Using this method, express each as a decimal integer. 47. 245eight 48. 101101two 49. 1100101two 50. 43BCsixteen Find the ones digit in the decimal value of each. 51. 2100 52. 3247 53. Let x be a three-digit number with distinct digits in base twelve. Reverse the digits. Subtract the smaller number from the other number (save all the digits in your answer). Reverse the digits in the difference. Add this number to x. Find the sum. 54. Redo Exercise 53 in base sixteen. † M. Gardner, “Mathematical Games,” Scientific American, 219 (Sept. 1968), 218–230.
- 118. 2.3 Operations in Nondecimal Bases (optional) 89 2.3 Operations in Nondecimal Bases (optional) Before exploring how to add nondecimal numbers, let us take a close look at the familiar addition algorithm in base ten. To find the sum of any two decimal digits a and b, first find the remainder r = (a + b) mod 10 and the quotient q = (a + b) div 10. Then a + b = (qr)ten; q is the carry resulting from the addition of a and b. Using this concept, it is possible to add any two decimal integers. Addition in Base b Fortunately, the addition algorithm can be extended to any nondecimal base b. For example, let x = (xm ...x0)b and y = (yn ...y0)b, where m ≥ n. If m n, we could assume that yn+1 = ··· = ym = 0. We add the corresponding digits in x and y in a right-to-left fashion. Let si = (xi + yi + ci) mod b and ci+1 = (xi + yi + ci) div b, where c0 = 0. Then x + y = (sm+1sm ...s0)b, where sm+1 may be 0 or 1. (Leading zeros are deleted from the answer.) These steps translate into a straightforward algorithm, as in Algorithm 2.2. Algorithm addition (x, y, s, b) (* This algorithm computes the sum s = (sm+1sm ...s0)b of the integers x = (xmxm−1 ...x0)b and y = (ynym−1 ...y0)b, where m ≤ n. *) Begin (* algorithm *) carry ← 0 (* initialize carry *) for i = 0 to n do begin (* for *) si ← (xi + yi + carry) mod b carry ← (xi + yi + carry) div b endfor for i = n + 1 to m do begin (* for *) si ← (xi + carry) div b carry ← (xi + carry) div b endfor if carry 0 then sm+1 ← carry End (* algorithm *) Algorithm 2.2 The following two examples illustrate this algorithm.
- 119. 90 CHAPTER 2 Divisibility EXAMPLE 2.10 Add the binary integers 10110two and 1011two. SOLUTION First, write the integers one below the other in such a way that the corresponding bits are vertically aligned (Figure 2.5). (For convenience, the base two is not shown.) Add the corresponding bits from right to left, beginning with the ones column: 0+1 = 1. Because 1 mod 2 = 1, enter 1 as the ones bit in the sum. Since 1 div 2 = 0, the resulting carry is 0, shown circled in Figure 2.6. (In practice when the carry is 0, it is simply ignored.) Now add the bits 0, 1, and 1 in the twos column: 0 + 1 + 1 = 2. Because 2 mod 2 = 0 and 2 div 2 = 1, enter 0 in the twos column and the new carry is 1 (Figure 2.7). Continuing like this, we get the sum 100001two (Figure 2.8). Figure 2.5 Figure 2.6 Figure 2.7 Figure 2.8 The addition of binary numbers can be made easy by observing that 0 + 0 = 0, 0 + 1 = 1 = 1 + 0, and 1 + 1 = 10, all in base two. The following example illustrates addition in base twelve and base sixteen.
- 120. 2.3 Operations in Nondecimal Bases (optional) 91 EXAMPLE 2.11 Notice that in base twelve, B+3 = 12, 1+8+A = 17, 1+5+9 = 13, and 1+A = B; and in base sixteen, C + A = 16, 1 + B + B = 17, and 1 + A + C = 17. Subtraction in Base b The following two examples illustrate nondecimal subtraction using the familiar con- cept of borrowing, when needed. EXAMPLE 2.12 Evaluate 2354seven − 463seven. SOLUTION As usual, write the numbers one below the other in such a way that the corresponding digits match vertically: Beginning with the ones column, 4 − 3 = 1, so the ones digit in the answer is 1 (Figure 2.9). Figure 2.9 Figure 2.10 Now proceed to the sevens column. Since 5 6, go to the forty-nines column and borrow a 1, leaving a 2 there. When that 1 comes to the sevens column, it be- comes a 10. This yields 10+5 = 15 in the sevens column. Since 15−6 = 6, we get 6 as the sevens digit in the answer. (Remember, we are in base seven.) See Figure 2.10.
- 121. 92 CHAPTER 2 Divisibility In the forty-nines column, 2 4. So borrow a 1 from the next column, leaving a 1 there. The 1 borrowed yields 10+2 = 12 in the forty-nines column. Since 12−4 = 5, the forty-nines digit in the answer is 5 (Figure 2.11). Since there are no nonzero digits left in the subtrahend, simply bring down the 1 from the minuend. This gives the final answer: 1561seven (Figure 2.12). Figure 2.11 Figure 2.12 We can verify this subtraction by converting it into an addition problem: 463seven + 1561seven = 2354seven. The following example demonstrates subtraction in bases twelve and sixteen. EXAMPLE 2.13 Evaluate A74twelve − 39Btwelve and 2076sixteen − 1777sixteen. SOLUTION See Figures 2.13 and 2.14. We can verify both answers as an exercise. Figure 2.13 Figure 2.14 Next, we present a numeric puzzle that will test your mastery of both nondecimal addition and subtraction.
- 122. 2.3 Operations in Nondecimal Bases (optional) 93 A Nondecimal Puzzle (optional) Write down a three-digit number in base twelve, with no repetitions. Reverse its digits. Subtract the smaller number from the other (in base twelve); save all leading zeros. Reverse its digits. Add the last two numbers. Is your answer 10ABtwelve? Now redo this puzzle in base sixteen. Your answer should be 10EFsixteen. Binary Subtraction We can subtract binary numbers without the bother of “borrows,” using ones com- plement and addition. The ones complement x of a binary number x is obtained by replacing each 0 in x with a 1 and vice versa. For example, the ones complement of 1011two is 0100two and that of 1001two is 0110two. The twos complement of x is x + 1. For instance, the twos complement of 1011two is 0100two + 1 = 0101two. The following example illustrates this new technique. EXAMPLE 2.14 Subtract 1011two from 100001two. SOLUTION (For convenience, we shall drop the base two.) step 1 Find the ones complement of the subtrahend 1011. Since the minuend 100001 contains six bits, keep the same number of bits in the subtrahend by padding it with two 0s at the beginning. The ones complement of 1011 = 001011 is 110100. step 2 Find the twos complement by adding 1 to the ones complement: 110100 + 1 = 110101. step 3 Add the twos complement in step 2 to the minuend 100001: step 4 Delete the leading carry 1. The resulting number 010110 = 10110 is the desired answer. Thus, 100001two − 1011two = 10110two. (To check this, you may verify that 1011two + 10110two = 100001two.) Now we illustrate the multiplication algorithm in base b.
- 123. 94 CHAPTER 2 Divisibility Multiplication in Base b The traditional algorithm for multiplying two decimal integers x and y works for any base in an obvious way: multiply every digit in x by every digit in y as in base b and add up the partial products, as the next example shows. EXAMPLE 2.15 Multiply 1011two and 101two. SOLUTION The various steps unfold in Figures 2.15–2.17. The product is 110111two. Figure 2.15 Figure 2.16 Figure 2.17 Shifting and Binary Multiplication If you were confused by this example, don’t be dismayed; there is an alternative method. Most computers do binary multiplications using a technique called shifting, as discussed below. Consider the binary number x = (xmxm−1 ...x1x0)two = m i=0 xi2i. What is the ef- fect of multiplying x by 2j? Since x2j = m i=0 xi2i+j = xm ...x1x0 00...0
- 124. j zeros two every bit in x is shifted to the left by j columns.
- 125. 2.3 Operations in Nondecimal Bases (optional) 95 More generally, let a be any bit. Then x(a2j ) = m i=0 (axi)2i+j = (axm)...(ax0)00...0
- 126. j zeros two The bit axi equals xi if a = 1, and equals 0 if a = 0. Thus, the effect of multiplying the number x = (xm ...x0)two by the bit yj in the multiplicand y = (yn ...yj ...y0)two is the same as multiplying each bit xi by yj and shifting the result to the left by j columns. Then add the partial products to get the desired product, as the following example illustrates. EXAMPLE 2.16 Evaluate 1011two × 101two. SOLUTION The various steps are displayed in Figures 2.18–2.21. It follows from Figure 2.21 that the resulting product is 110111two. Figure 2.18 Figure 2.19 Figure 2.20 Figure 2.21
- 127. 96 CHAPTER 2 Divisibility The shifting method of multiplication leads to Algorithm 2.3 for multiplying two binary numbers. Algorithm binary multiplication (x, y, p) (* This algorithm computes the product p = (pm+npm+n−1 ...p0)two of the binary num- bers x = (xmxm−1 ...x0)two and y = (ynym−1 ...y0)two, using shifting. *) Begin (* algorithm *) for j = 0 to n do begin (* for *) multiply each bit xi by yi shift the resulting binary word to the left by j columns wj ← resulting binary word endfor add the partial products wj p ← resulting sum End (* algorithm *) Algorithm 2.3 Repunits A repunit (repeated unit)† is a positive integer whose decimal expansion consists of 1s. A repunit with n ones is denoted by Rn. For example, R2 = 11 and R3 = 111. The following interesting problem on repunits was proposed in 1982 by L. Kuipers of Switzerland. EXAMPLE 2.17 Show that 111 cannot be a square in any base. PROOF (by contradiction) Suppose 111 is a perfect square a2 in some base b, so a2 = b2 + b + 1 (b + 1)2. Then (b + 1/2)2 = b2 + b + 1/4 b2 + b + 1 That is, (b + 1/2)2 a2 (b + 1)2 This yields (b + 1/2) a b + 1; that is, a lies between b + 1/2 and b + 1, which is impossible. Thus, 111 cannot be a square in any base. † The term repunit was coined by Albert H. Beiler of Brooklyn, New York.
- 128. 2.3 Operations in Nondecimal Bases (optional) 97 A Brainteaser (optional) Look at the numbers on cards A, B, C, D, and E in Figure 2.22. Assuming you are under 32 years old, if you identify the cards on which your age appears, we can easily tell your age. For example, if your age appears on cards A, B, C, and E, then you must be 23. Can you explain how this puzzle works? Figure 2.22 E X E R C I S E S 2.3 Construct an addition table for each base. 1. Five 2. Seven Compute x + 1 for each value of x. 3. 101two 4. 344five 5. 666seven 6. 2ABtwelve 7. Let b be a base such that 120b + 211b = 331b, where b 8. Find the possible values(s) of b. Perform the indicated operations. 8. 1111two +1011two 9. 1076eight +2076eight 10. 89Btwelve + 5A6twelve 11. 3076sixteen + 5776sixteen Compute x − 1 for each value of x. 12. 100two 13. 210seven 14. 37Btwelve 15. ABCsixteen Perform the indicated operations. 16. 101101two − 10011two 17. 11000two − 100two 18. 2000seven − 1336seven 19. A89Btwelve − 65A6twelve Construct a multiplication table for each base. 20. Five 21. Seven Compute x(x + 1) for each value of x. 22. 110two 23. 243five 24. 345seven 25. ABtwelve Compute x(x − 1) for each value of x. 26. 101two 27. 243five 28. 343seven 29. BAtwelve Perform the indicated operations. 30. 10111two × 1101two 31. 1024eight × 2776eight 32. 1976twelve × 1776twelve 33. CBAsixteen × ABCsixteen
- 129. 98 CHAPTER 2 Divisibility 2.4 Number Patterns Number patterns are fun for both amateurs and professionals. Often we would like to add one or two rows to the pattern, so we must be good at pattern recognition to succeed in the art of inductive reasoning. It takes both skill and ingenuity. In two of the following examples, mathematical proofs establish the validity of the patterns. The following fascinating number pattern† was published in 1882 by the French mathematician François-Edouard-Anatole Lucas. EXAMPLE 2.18 Study the following number pattern and add two more lines. 1 · 9 + 2 = 11 12 · 9 + 3 = 111 123 · 9 + 4 = 1111 1234 · 9 + 5 = 11111 12345 · 9 + 6 = 111111 123456 · 9 + 7 = 1111111 . . . SOLUTION Although the pattern here is very obvious, let us make a few observations, study them, look for a similar behavior, and apply the pattern to add two more lines: • The LHS of each equation is a sum of two numbers. The first number is a product of the number 123...n and 9. • The value of n in the first equation is 1, in the second it is 2, in the third it is 3, and so on. • Take a look at the second addends on the LHS: 2, 3, 4, 5, .... It is an increasing sequence beginning with 2, so the second addend in the nth equation is n + 1. • The RHS of each equation is a number made up of 1s, the nth equation con- taining n + 1 ones. Thus, a pattern emerges and we are ready to state it explicitly: The first number in the nth line is 123...n; the second number is always 9; the second addend is n+1; and the RHS is made up of n + 1 ones. † This curious number pattern appeared in Mathematical Recreations by Lucas.
- 130. 2.4 Number Patterns 99 So the next two lines are 1234567 · 9 + 8 = 11111111 12345678 · 9 + 9 = 111111111 The following pattern is equally charming. EXAMPLE 2.19 Study the number pattern and add two more rows: 1 · 8 + 1 = 9 12 · 8 + 2 = 98 123 · 8 + 3 = 987 1234 · 8 + 4 = 9876 12345 · 8 + 5 = 98765 123456 · 8 + 6 = 987654 . . . SOLUTION A close look at the various rows reveals the following pattern: The first factor of the product on the LHS of the nth equation has the form 123...n; the second factor is always 8. The second addend in the equation is n. The number on the RHS of the nth equation contains n digits, each begins with the digit 9, and the digits decrease by 1. Thus the next two lines of the pattern are 1234567 · 8 + 7 = 9876543 12345678 · 8 + 8 = 98765432 What guarantees that these two patterns will hold? In general, conclusions reached after observing patterns do not have to be true. In other words, inductive reasoning does not necessarily lead us to true conclusions. For instance, consider the sequence 0, 1, 2, 3, 4, 5, 6, .... Clearly, there is a pattern. So what is the next number in the sequence? Is it 7? This is certainly a possibility, but the next number could also be 0 to yield the pattern 0, 1, 2, 3, 4, 5, 6, 0, 1, 2, ....
- 131. 100 CHAPTER 2 Divisibility Fortunately, it is possible to establish the validity of each pattern using mathe- matical proofs, as the following two examples demonstrate. EXAMPLE 2.20 Establish the validity of the number pattern in Example 2.18. PROOF We would like to prove that 123...n × 9 + (n + 1) = 11...11
- 132. n+1 ones LHS = 123...n × 9 + (n + 1) = 9(1 · 10n−1 + 2 · 10n−2 + 3 · 10n−3 + ··· + n) + (n + 1) = (10 − 1)(1 · 10n−1 + 2 · 10n−2 + 3 · 10n−3 + ··· + n) + (n + 1) = (10n + 2 · 10n−1 + ··· + n · 10) − (10n−1 + 2 · 10n−2 + ··· + n) + (n + 1) = 10n + 10n−1 + 10n−2 + ··· + 10 + 1 = 11...11
- 133. n+1 ones = RHS (It would be interesting to see if this result holds for any positive integer n; try it.) We will study one more example. EXAMPLE 2.21 Add two more rows to the following pattern, conjecture a formula for the nth row, and prove it: 9 · 9 + 7 = 88 98 · 9 + 6 = 888 987 · 9 + 5 = 8888 9876 · 9 + 4 = 88888 98765 · 9 + 3 = 888888 . . . SOLUTION • The next two rows of the pattern are 987654 · 9 + 2 = 8888888 9876543 · 9 + 1 = 88888888
- 134. 2.4 Number Patterns 101 • The general pattern seems to be 987...(10 − n) · 9 + (8 − n) = 888...888
- 135. n+1 eights , 1 ≤ n ≤ 8 • To prove the conjecture: LHS = 987...(10 − n) · 9 + (8 − n) = (10 − 1)[9 · 10n−1 + 8 · 10n−2 + 7 · 10n−3 + ··· + (11 − n)10 + (10 − n)] + (8 − n) = [9 · 10n + 8 · 10n−1 + ··· + (11 − n)102 + (10 − n)10] − [9 · 10n−1 + 8 · 10n−2 + 7 · 10n−3 + ··· + (11 − n)10 + (10 − n)] + (8 − n) = 9 · 10n − (10n−1 + 10n−2 + ··· + 10) − (10 − n) + (8 − n) = 9 · 10n − (10n−1 + 10n−2 + ··· + 10 + 1) − 1 = 10 · 10n − (10n + 10n−1 + ··· + 10 + 1) − 1 = 10n+1 − 10n+1 − 1 9 − 1, since k i=0 ri = rk+1 − 1 r − 1 (r = 1) = 8(10n+1 − 1) 9 But 10n+1 − 1 = 99...99
- 136. n+1 nines , so 10n+1 − 1 9 = 11...11
- 137. n+1 ones Therefore, LHS = 8(10n+1 − 1) 9 = 88...88
- 138. n+1 eights = RHS
- 139. 102 CHAPTER 2 Divisibility E X E R C I S E S 2.4 Find the next two elements of each sequence. 1. 1, 3, 6, 10, 15, . . . 2. 1, 4, 7, 10, 13, . . . 3. 1, 5, 12, 22, 35, . . . 4. 1, 6, 15, 28, 45, . . . 5. 1, 4, 10, 20, 35, . . . 6. 1, 5, 14, 30, 55, . . . 7. 1, 1, 2, 3, 5, 8, . . . 8. o, t, t, f, f, s, s, . . . Add two more rows to each number pattern.† 9. 0 + 1 = 1 1 + 3 = 4 4 + 5 = 9 9 + 7 = 16 10. 1 = 1 1 + 2 = 3 1 + 2 + 3 = 6 1 + 2 + 3 + 4 = 10 11. 1 = 1 1 + 4 = 5 1 + 4 + 9 = 14 1 + 4 + 9 + 16 = 30 12. 1 + 2 = 3 1 + 2 + 4 = 7 1 + 2 + 4 + 8 = 15 1 + 2 + 4 + 8 + 16 = 31 13. 1 + 0 · 1 = 1 1 + 1 · 3 = 4 1 + 2 · 4 = 9 1 + 3 · 5 = 16 14. 23 − 2 = 1 · 2 · 3 33 − 3 = 2 · 3 · 4 43 − 4 = 3 · 4 · 5 53 − 5 = 4 · 5 · 6 † Exercises 15–18 are based on F. B. Selkin, “Number Games Bordering on Arithmetic and Algebra,” Teachers College Record, 13 (1912), 68. Exercise 20 is based on A. H. Beiler, Recreations in Theory of Numbers, Dover, New York (1966), 85. 15. 1 · 1 = 1 11 · 11 = 121 111 · 111 = 12321 1111 · 1111 = 1234321 11111 · 11111 = 123454321 16. 7 · 7 = 49 67 · 67 = 4489 667 · 667 = 444889 6667 · 6667 = 44448889 66667 · 66667 = 4444488889 17. 12345679 · 9 = 111111111 12345679 · 18 = 222222222 12345679 · 27 = 333333333 12345679 · 36 = 444444444 12345679 · 45 = 555555555 18. 4 · 4 = 16 34 · 34 = 1156 334 · 334 = 111556 3334 · 3334 = 11115556 33334 · 33334 = 1111155556 19. 0 1 1 1 0 1 1 1 1 1 1 0 0 0 1 20. 102 − 10 + 1 = 91 104 − 102 + 1 = 9901 106 − 103 + 1 = 999001 108 − 104 + 1 = 99990001 1010 − 105 + 1 = 9999900001 21–31. Conjecture a formula for the nth row of each pat- tern in Exercises 10–20. 32–38. Establish the validity of your formula in Exercises 21–26 and 31. 39. Show that the formula in Example 2.18 does not hold for every integer n. In Exercises 40–43, Rn denotes a repunit.
- 140. 2.5 Prime and Composite Numbers 103 40. Compute R2 1, R2 2, R2 3, and R2 4. 41. Using Exercise 40, predict the values of R2 5 and R2 6. 42. Conjecture the value of R2 n. 43. Does the conjecture hold for R2 10? Use the following number pattern to answer Exercises 44–46. 1 = 12 − 02 3 = 22 − 12 5 = 32 − 22 7 = 42 − 32 9 = 52 − 42 44. Add two more lines. 45. Make a conjecture about row n. 46. Prove the conjecture in Exercise 45. 47. Add two more rows to the pattern in Figure 2.23. Figure 2.23 48. Find the first and the last numbers in the nth row in Figure 2.23. 49. Conjecture a formula for the sum of the numbers in row n in Figure 2.23. 50–52. Redo Exercises 47–49 with the triangular array in Figure 2.24. Figure 2.24 53. Show that 10n − 9n − 1 81 = 123...(n − 1)
- 141. n−1 digits , where 2 ≤ n ≤ 9. 54. Find the value of 10n − 10n − 9n − 1 81 − 1, where 1 ≤ n ≤ 9. 55. Establish the validity of the pattern in Example 2.19. (Hint: Use Exercises 53 and 54.) 56. Prove that the numbers 49, 4489, 444889, . . . , where each number, except the first, is obtained by insert- ing 48 in the middle, are all squares. (S. R. Conrad, 1976) 2.5 Prime and Composite Numbers Prime numbers are the building blocks of positive integers. Two algorithms are often used to determine whether a given positive integer is a prime. Some positive integers have exactly two positive factors and some have more than two. For example, 3 has exactly two positive factors: namely, 1 and 3; whereas 6 has four: 1, 2, 3, and 6. Accordingly, we make the following definition.
- 142. 104 CHAPTER 2 Divisibility Prime and Composite Numbers A positive integer 1 is a prime number (or simply a prime) if its only positive factors are 1 and itself. A positive integer 1 that is not a prime is a composite number (or simply a composite). Notice that, by definition, 1 is neither a prime nor a composite. It is just the multiplicative identity or the unit. The first ten primes are 2, 3, 5, 7, 11, 13, 17, 19, 23, and 29; the first ten com- posite numbers are 4, 6, 8, 9, 10, 12, 14, 15, 16, and 18. It follows from the definition that the set of positive integers can be partitioned into three disjoint classes: the set of primes, the set of composites, and {1}. How many primes are there? Is there a systematic way to determine whether a positive integer is a prime? To answer the first question, we need the following lemma,† which we shall prove by induction. It can also be proved by contradiction (see Exercise 59). LEMMA 2.1 Every integer n ≥ 2 has a prime factor. PROOF (by strong induction) The given statement is clearly true when n = 2. Now assume it is true for every positive integer n ≤ k, where k ≥ 2. Consider the integer k + 1. case 1 If k + 1 is a prime, then k + 1 is a prime factor of itself. case 2 If k + 1 is not a prime, k + 1 must be a composite, so it must have a factor d ≤ k. Then, by the inductive hypothesis, d has a prime factor p. So p is a factor of k + 1, by Theorem 2.4. Thus, by the strong version of induction, the statement is true for every integer ≥ 2; that is, every integer ≥ 2 has a prime factor. We can now prove that there is an infinite number of primes. This result, devised by Euclid, is one of the elegant results in number theory. We use essentially his technique from Book IX of Elements to prove it. See Theorem 3.4 and Corollary 3.8 for alternative proofs. THEOREM 2.8 (Euclid) There are infinitely many primes. PROOF (by contradiction) Assume there is only a finite number of primes, p1,p2,...,pn. Consider the integer N = p1p2 ···pn + 1. Since N ≥ 2, by Lemma 2.1, N is divisible by some prime pi, † A lemma is a minor result used to prove a theorem.
- 143. 2.5 Prime and Composite Numbers 105 where 1 ≤ i ≤ n. Since pi|N and pi|p1p2 ···pn, pi|(N − p1p2 ···pn), by Theorem 2.4; that is, pi|1, which is impossible. Thus, our assumption is false, so there are infinitely many primes. The proof of this theorem hinges on the choice of the number En = p1p2 ···pn + 1, where pi denotes the ith prime and i ≥ 1. The first five values of En are E1 = 3, E2 = 7, E3 = 31, E4 = 211, and E5 = 2311, all primes. Unfortunately, not all values of En are primes; see Exercise 70. In 1996, A. A. K. Majumdar of Jahangirnagar University, Bangladesh, estab- lished an upper bound for En, when n ≥ 6: En (pn+1)n−2. We can establish this using induction. See Exercise 71. Primes and Pi (optional) We now make an interesting digression. In 1734, the outstanding Swiss mathemati- cian Leonhard Euler showed that the sum of the reciprocals of primes p 1 p di- verges. The infinitude of primes follows from this also. However, the infinite product p (1 − 1/p2) converges to a limit ν.† In fact, it can be shown‡ that 1 ν = ∞ n=1 1 n2 = 1 12 + 1 22 + 1 32 + ···. In 1734, Euler also showed that ∞ n=1 1 n2 = π2 6 , so ν = 6 π2 . Thus, p 1 − 1 p2 = 6 π2 ≈ 0.6079271018. Now that we know there is an infinite number of primes, can we find an al- gorithm for determining the primality of integers ≥ 2? The great German mathe- matician Karl Friedrich Gauss wrote in 1801 in Disquisitiones Arithmeticae: “The problem of distinguishing prime numbers from composite numbers ... is known to be one of the most important and useful in arithmetic .... Further, the dignity of sci- ence itself seems to require that every possible means be explored for the solution of a problem so elegant and so celebrated.” Fortunately, there is an algorithm, which is based on the following result. THEOREM 2.9 Every composite number n has a prime factor ≤ √ n. PROOF (by contradiction) Because n is composite, there are positive integers a and b such that n = ab, where 1 a n and 1 b n. Suppose a √ n and b √ n. Then n = ab √ n· √ n = n, † ν is the Greek letter nu. ‡ See Ogilvy and Anderson.
- 144. 106 CHAPTER 2 Divisibility which is impossible. Therefore, either a ≤ √ n or b ≤ √ n. Since both a and b are integers, it follows that either a ≤ √ n or b ≤ √ n. By Lemma 2.1, every positive integer ≥ 2 has a prime factor. Any such factor of a or b is also a factor of a · b = n, so n must have a prime factor ≤ √ n. It follows from Theorem 2.11 that if n has no prime factors ≤ √ n, then n is a prime; otherwise, it is a composite number. This fact can be used to determine whether an integer n ≥ 2 is a prime, as the next example illustrates. EXAMPLE 2.22 Determine whether 1601 is a prime number. SOLUTION First list all primes ≤ √ 1601. They are 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, and 37. Since none of them is a factor of 1601 (verify), 1601 is a prime. An algorithm for determining the primality of a positive integer n ≥ 2 is given in Algorithm 2.4. Algorithm prime number (n) (* This algorithm using Theorem 2.9 determines whether an integer n ≤ 2 is prime or not. *) Begin (* algorithm *) list all primes ≤ √ n if any of them is a factor of n, then n is not a prime else n is a prime End (* algorithm *) Algorithm 2.4 The Sieve of Eratosthenes Theorem 2.9 is also the basis of an ancient algorithm, the sieve of Eratosthenes, used for finding all primes ≤ a positive integer n. It is an efficient algorithm for n 106. We illustrate the sieving mechanism for n = 100 in Figure 2.25.
- 145. 2.5 Prime and Composite Numbers 107 Eratosthenes (ca. 276–ca. 194 B.C.), a Greek mathematician, was born in the an- cient town of Cyrene, in present-day Libya. After spending many years at Plato’s school in Athens, he went to Alexandria at the invitation of Ptolemy III to tutor his son and to serve as the chief librarian at the University. A gifted mathemati- cian, astronomer, geographer, historian, philosopher, poet, and athlete, he was called pentathlus (the champion of five sports) by his students. His most impor- tant scientific achievement was the determination of the size of the earth. Around 194 B.C., he became blind and committed suicide by starvation. Figure 2.25 To find all primes ≤ 100, first list the positive integers 1 through 100. Then we eliminate 1 and all composite numbers ≤ 100 as follows. By Theorem 2.9, every composite number ≤ 100 must have a prime factor ≤ √ 100, that is, ≤ 10. But the primes ≤ 10 are 2, 3, 5, and 7, so the composite numbers ≤ 100 are those positive integers divisible by one of them. To eliminate the nonprimes from the list, first cross out 1 with a slash, since it is not a prime. Now cross out all multiples of 2, 3, 5, and 7, but not 2, 3, 5, or 7. (Why?) Numbers already eliminated need not be crossed out again. What remains are the primes ≤ 100. There are 25 such primes: 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, and 97. Although the sieve looks fine, as n gets larger it becomes less efficient; the sieve is not a practical method. In fact, no simple, practical method exists for testing the primality of large numbers; see Theorem 8.14 for an efficient algorithm.
- 146. 108 CHAPTER 2 Divisibility Outsider Math Clive Thompson Prime numbers have baffled scientists for millennia. Primes do not occur in any easily discernible order—which makes it very difficult to figure out whether a really huge number is prime or not. (And by “really huge,” we’re talking thousands of digits long.) Ever since the time of the ancient Greeks, finding a simple way to prove a number is prime has been the holy grail of mathematics, and the hunt has nearly driven several scientists mad. As the mathematician Karl Friedrich Gauss wrote in 1801, “The dignity of the science itself seems to require that every possible means be explored for the so- lution of a problem so elegant and so celebrated.” This year, it finally arrived. On Aug. 6, the Indian math- ematician Manindra Agrawal distributed a nine-page paper that rocked the scientific world. He had hit upon an inge- nious algorithm to prove whether a number is prime, no mat- ter how enormous. Within weeks, stunned mathematicians had kicked the tires and pronounced it sound. Security ex- perts were just as shocked. Encryption programs used by banks and governments rely on increasingly large primes— up to 600 digits, these days—to keep criminals and terrorists at bay. This new algorithm could guarantee primes so mas- sive they would afford almost perfect online security. But most astonishing of all was the simplicity of the algorithm. You can scrawl it on a single sheet of paper— double-spaced. It had been staring everyone in the face for years, like the Purloined Letter of mathematics. “When you read the paper, you slapped yourself on the forehead and asked, Why didn’t I think of this?” says Carl Pomerance, a mathematician at Bell Labs. Here’s why. Math, like every other science, has become increasingly specialized. Prime-number theorists had been hacking away with number theory so complex and weird that barely 100 people worldwide could understand their calcu- lations. But the new proof from India was created by a pro- fessor who isn’t known as a number theorist—and his two co-authors were still undergraduates. What’s more, they em- ployed a branch of math with which any high-school student would be familiar: polynomials, like the simple expression (A+B)2. “It’s not really difficult at all,” Agrawal says. “When you show it, it’s like, Is that it?” It is a fresh reminder of why history is riddled with inno- vations that came out of left field, delivered by amateurs toil- ing in their basements. Primes don’t occur in any pattern— and sometimes, neither do discoveries. Figure 2.26 In August 2002, M. Agrawal of the Indian Institute of Technology, Kanpur, In- dia, and two of his undergraduate students, N. Kayal and N. Saxena, developed an efficient algorithm that is of theoretical significance. Their discovery surprised num- ber theorists everywhere, since it runs in polynomial time; that is, “the number of steps (needed) is bounded by a polynomial function of the length of the input data.” Two years later, H. Lenstra and C. Pomerance refined their algorithm to a theoreti- cally more efficient one. Number theorists often dream of finding formulas that generate primes for con- secutive values of the integral variable n. Euler found one such formula in 1772: E(n) = n2 −n+41 yields a prime for every positive integer n ≤ 40. But when n = 41, E(41) = 412 − 41 + 41 = 412 is not a prime. In 1798, the eminent French mathematician Adrien-Marie Legendre (1752– 1833) discovered that the formula L(n) = n2 + n + 41 yields distinct primes for
- 147. 2.5 Prime and Composite Numbers 109 1 ≤ n ≤ 40, but L(41) is a composite. Notice that L(n) = E(−n). (Several exercises based on similar formulas are included in the exercise set.) However, no one has ever been successful in constructing a polynomial f(n) that generates primes for all integers n. The reason becomes clear in the following example. EXAMPLE 2.23 Prove that there is no polynomial f(n) with integral coefficients that will produce primes for all integers n. PROOF (by contradiction) Suppose there is such a polynomial f(n) = aknk + ak−1nk−1 + ··· + a1n + a0, where ak = 0. Let b be some integer. Since f(n) is always a prime, f(b) must be a prime p; that is, f(b) = akbk + ak−1bk−1 + ··· + a1b + a0 = p (2.1) Let t be an arbitrary integer. Then f(b + tp) = ak(b + tp)k + ak−1(b + tp)k−1 + ··· + a1(b + tp) + a0 = (akbk + ak−1bk−1 + ··· + a1b + a0) + p · g(t) where g(t) is a polynomial in t. Thus, f(b + tp) = p + pg(t), by equation (2.1) = p[1 + g(t)] So p|f(b + tp). But every value of f is a prime, so f(b + tp) must be a prime and hence f(b + tp) = p. Thus, f(b) = p = f(b + tp). This implies f takes on the same value infinitely many times, since t is an arbitrary integer. But f(n) is a polynomial of degree k, so it cannot assume the same value more than k times, yielding a contradiction. Thus, no polynomial with integral coefficients exists that will generate only primes. Returning to Theorem 2.8, can we discover a way to find (or even estimate) the number of primes ≤ a positive integer n (or a positive real number x)? This is possible, as the following theorem shows, but first we present a function.
- 148. 110 CHAPTER 2 Divisibility A Number-Theoretic Function Let x be a positive real number. Then π(x)† denotes the number of primes ≤ x. For example, π(10) = 4, π(28.75) = 9, and π(100) = 25 (see Figure 2.25). Using the summation notation, π(x) can be defined as π(x) = p≤x 1, where p denotes a prime. The following formula for π(n), where n is a positive integer, can be established using the inclusion–exclusion principle. Its proof is a bit complicated, so we omit it. THEOREM 2.10 Let p1,p2,...,pt be the primes ≤ √ n. Then π(n) = n − 1 + π( √ n) − i n pi + ij n pipj − ijk n pipjpk + ··· + (−1)t n p1p2 ...pt The following example illustrates this result. EXAMPLE 2.24 Using Theorem 2.10, find the number of primes ≤ 100. SOLUTION Here n = 100. Then π( √ n) = π( √ 100) = π(10) = 4, by Figure 2.25. The four primes ≤ 10 are 2, 3, 5, and 7; call them p1, p2, p3, and p4, respectively. Then, by Theorem 2.10, π(100) = 100 − 1 + 4 − 100 2 + 100 3 + 100 5 + 100 7 + 100 2 · 3 + 100 2 · 5 + 100 2 · 7 + 100 3 · 5 + 100 3 · 7 + 100 5 · 7 − 100 2 · 3 · 5 + 100 2 · 3 · 7 + 100 2 · 5 · 7 + 100 3 · 5 · 7 + 100 2 · 3 · 5 · 7 † π is the lower case Greek letter pi.
- 149. 2.5 Prime and Composite Numbers 111 = 103 − (50 + 33 + 20 + 14) + (16 + 10 + 7 + 6 + 4 + 2) − (3 + 2 + 1 + 0) + 0 = 25 This is consistent with the sieve of Eratosthenes in Figure 2.25. Although the formula for π(n) in Theorem 2.10 is elegant in the sense that it gives the exact value of π(n), it is not very practical when n is fairly large. This is where the prime number theorem, one of the celebrated results in number theory, be- comes extremely useful. It gives an approximate value of π(n), when n is sufficiently large. THEOREM 2.11 (The Prime Number Theorem) lim x→∞ π(x) x/lnx = 1 That is, as x gets larger and larger, π(x) approaches x/lnx.† Gauss noticed the similarity between the values of π(x) and x/lnx, as x gets larger and conjectured the theorem in 1793, but did not provide a proof. In 1850, the Russian mathematician Pafnuty Lvovich Chebychev made significant progress toward a proof; he proved that there are positive constants a and b, such that a x lnx π(x) b x lnx where x ≥ 2. In 1870, the German mathematician Ernest Meissel (1826–1895) showed that there are 5,761,455 primes less than 108. In 1893, one hundred years after Gauss’ conjecture, the Danish mathematician N. P. Bertelsen claimed that there are 50,847,478 primes less than 109. In 1959, however, the American mathemati- cian Derrick H. Lehmer (1905–1991) showed that Bertelsen’s answer was incor- rect and that the correct number is 50,847,534. Lehmer also showed that there are 455,052,512 primes less than 1010 (Table 2.4). In 1896, the French mathematician Jacques Hadamard (1865–1963) and the Belgian mathematician Charles-Jean-Gustave-Nicholas de la Valleé-Poussin (1866– 1962), working independently, proved the theorem using advanced mathematics. † lnx denotes the natural logarithm of x.
- 150. 112 CHAPTER 2 Divisibility Pafnuty Lvovich Chebychev (1821–1894), the son of an army officer, was born in Okatavo, Russia. In 1832 the family moved to Moscow, where he completed his secondary education at home. Five years later, he entered Moscow University, grad- uating in mathematics in 1841. As a student he published his first paper on a new method of approximating real roots of equations, for which he was awarded a sil- ver medal, although many believed he deserved a gold one. He joined the faculty of St. Petersburg University in 1843, where he remained until 1882. His doctoral thesis, Theory of Congruences, submitted to Petersburg University in 1849, earned him an award from the Academy of Sciences and served as a text on number theory at Russian universities; it also dealt with the distribution of primes. With this work and a second memoir published in 1852, he became widely known in the scientific community. Besides number theory, he made significant contributions to real and numerical analysis, approximation theory, probability, and mechanics. Chebychev received numerous honors, and invented a calculating machine that could add and subtract and later multiply and divide; he also founded the prestigious Petersburg Mathematical School. Jacques Hadamard (1865–1963) was born in Versailles, France. His father was a Latin teacher and his mother a distinguished piano teacher. After study- ing at the École Normale Superieure he taught at the Lycée Buffon in Paris. After receiving his doctorate in 1892 he became a lecturer at the Faculté des Sciences of Bordeaux and then at the Sorbonne. In 1909, he became professor at the Collège de France, École Polytechnique, and then at the École Centrale des Arts et Manufactures. A recipient of many honorary doctorates, in 1892 he earned the Grand Prix of the Academy of Sciences for his outstanding work in complex analysis; this in turn led to his proof of the prime number theorem in 1896. Nearly every branch of mathematics was influenced by the creative mind of Hadamard, especially complex analysis, functional analysis, probability, and mathematical physics. This proof was a milestone in the development of number theory. But in 1950, the Hungarian mathematician Paul Erdös (1913–1996) and the Norwegian mathemati- cian Alte Selberg (1917–) proved the theorem using elementary calculus. According to the prime number theorem, when x is sufficiently large, π(x) can be approximated by x/lnx (see columns 2 and 3 in Table 2.4). But a better approxi- mation is the function li(x), defined by Gauss in 1792 at the age of 15,
- 151. 2.5 Prime and Composite Numbers 113 Charles-Jean-Gustave-Nicholas de la Valleé-Poussin (1866–1962), the son of a geology professor, was born in Louvain, Belgium. He attended the Jesuit College in Mons, switching his major from philosophy to engineering. After re- ceiving his degree, however, he devoted himself to mathematics. In 1892 he joined the faculty at the University of Louvain, where he remained all his life. As the outstanding Belgian mathematician of his generation, he received many honors, including the rank of baron in 1928. Valleé-Poussin’s most significant contribution was his proof of the prime number theorem using complex analysis. He extended his work to the distribu- tion of primes in arithmetic progressions and primes represented by quadratic forms. He also made important contributions to approximation theory, analysis, and calculus. Paul Erdös (1913–1996) was born in Budapest. Both his parents were high school teachers of mathematics and physics; his father had spent six years in a Siberian prison. Young Erdös (pronounced air-dish) was home-taught, mostly by his father, except for about three years in school. A child prodigy, Erdös at age three discovered negative num- bers for himself. In 1930, he entered Eötvös University. Three years later, he discovered a beautiful proof of Chebychev’s theorem that there is a prime between a positive integer n and 2n. In 1934, he received his Ph.D. Erdös was one of the most prolific writers in mathematics, authoring about 1500 articles and coauthoring about 500. Ernest Straus, in a tribute in 1983, described Erdös as “the prince of problem-solvers and the absolute monarch of problem-posers.” As “the Euler of our time,” Erdös wrote extensively in number theory, combinatorics, function theory, complex analysis, set theory, group theory, and probability; number theory and combinatorics were his favorites. Regarding worldly possessions “as a nuisance,” he never owned a home, car, or checkbook, and never had a family or an address. “Always searching for mathematical truths,” he traveled from meeting to meeting carrying a half-empty suitcase. He stayed with mathematicians wherever he went and donated the honorariums received as prizes for students. Erdös received numerous honors. He died of a massive heart attack while attending a mathematics meeting in Warsaw, Poland.
- 152. 114 CHAPTER 2 Divisibility li(x) = x 2 dt lnt You may notice from the table that π(x) li(x) approaches 1 more rapidly than π(x) x/lnx . In fact, li(x) is a superior approximation for small x. x π(x) π(x) x/lnx π(x) li(x) 103 168 1.160 0.9438202 104 1229 1.132 0.9863563 105 9592 1.104 0.9960540 106 78498 1.085 0.9983466 107 664579 1.071 0.9998944 108 5761455 1.061 0.9998691 109 50847534 1.054 0.9999665 1010 455052512 1.048 0.9999932 Table 2.4 In 1985, however, R. H. Hudson of the University of South Carolina showed that it is not true for arbitrary x. Four years later, C. Bays of the University of South Carolina and Hudson showed that π(x) li(x) in the vicinity of 1.39822 × 10316. Although we have established the infinitude of primes, what can we say about the distribution of primes? How are they distributed among the positive integers? Are there consecutive integers that are primes? Are there consecutive odd integers that are primes? First, there is no pattern that fits the distribution of primes. For example, 2 and 3 are the only two consecutive integers that are primes (see Exercise 45). It is also known that 3, 5, and 7 are the only three consecutive odd integers that are primes (see Exercise 46). Although there are only two consecutive integers that are primes, we can find any number of consecutive integers that are composite numbers, as the next theorem reveals. It shows that primes occur at unpredictable intervals. Its proof is an existence proof, so we need to provide n such composite numbers. THEOREM 2.12 For every positive integer n, there are n consecutive integers that are composite num- bers. PROOF Consider the n consecutive integers (n + 1)! + 2,(n + 1)! + 3,...,(n + 1)! + (n + 1), where n ≥ 1. Suppose 2 ≤ k ≤ n + 1, then k|(n + 1)!, so k|[(n + 1)! + k], by Theorem 2.4, for every k. Therefore, each of them is a composite number.
- 153. 2.5 Prime and Composite Numbers 115 Thus, the n consecutive integers (n+1)!+2,(n+1)!+3,...,(n+1)!+(n+1) are composites. The following example illustrates the theorem. EXAMPLE 2.25 Find six consecutive integers that are composites. SOLUTION By Theorem 2.12, there are six consecutive integers beginning with (n + 1)! + 2 = (6 + 1)! + 2 = 5042, namely, 5042, 5043, 5044, 5045, 5046, and 5047. (You may notice from Figure 2.25 that the smallest consecutive chain of six composite numbers is 90, 91, 92, 93, 94, and 95.) According to Theorem 2.12, we can always find arbitrarily long chains of con- secutive integers that are composites. Note that the n composite numbers provided by the proof need not be the smallest consecutive composite integers that form a chain of length n. (See Supplementary Exercise 5 in Chapter 3 for constructing a considerably smaller string.) Next we turn to some interesting classes of primes. Cunningham Chains A Cunningham chain of primes, named after the British Army officer Lt. Col. Al- lan J. C. Cunningham (1842–1928), is a sequence of primes 2p + 1 in which each element is one more than twice its predecessor. The smallest five-element chain is 2–5–11–23–47 and the smallest six-element chain is 89–179–359–719–1439–2879. Lehmer discovered three chains of seven primes with the least element less than 10 million: 1122659–2245319–4490639–8981279–17962559–35925119–71850239; 2164229–4328459–8656919–17313839–34627679–69255359–138510719; 2329469–4658939–9317879–18635759–37271519–74543039–149086079 In 1965, Lehmer also found chains of length 7 of primes of the form 2p − 1. Two such chains begin with 16651 and 165901. In 1980, Claude Lalout and Jean Meeus discovered chains of length 8 of each kind. They begin with 19099919 and 15514861, respectively. Nine years later, Gunter Loh found many new such chains: The least elements of length 9 start with 85864769 and 857095381; those of length 10 with 26089808579 and 205528443121; those of length 11 with 665043081119 and 138912693971; and those of length 12 with 554688278429 and 216857744866621.
- 154. 116 CHAPTER 2 Divisibility Until 1952, the largest known prime was the 39-digit number 2127 − 1 = 170,141,183,460,469,231,731,687,303,715,884,105,727, found in 1876 by Lucas. With the advent of computers, mathematicians have been able to find larger and larger primes. In 1952, mathematicians at Cambridge University, England, using EDSAC (Electronic Delay Storage Arithmetic Calculator), found a 79-digit prime given by 180(2127 − 1)2 + 1. Since then many larger primes have been found. In 1971, a very large prime, 211213 − 1, was found at the University of Illinois, Urbana-Champaign. It contains 3376 digits. A few years later, a still larger prime, 219937 − 1, was found by Bryant Tuckerman of Thomas J. Watson Research Center, International Business Machines. The search for larger primes continues. In 1978 Noll and Nickel, two high school students from California found two still larger primes, 221701 − 1 and 223209 − 1. Eleven years later, an even larger prime, 244497 − 1, was found by D. Slowinski of Livermore Laboratory at Livermore, California; it contains 13,395 digits. Modern high-speed computers have certainly facilitated the pursuit of larger and larger primes. The largest known prime as of 1994 was 2859433 − 1, it has “only” 258,716 digits, and according to The Boston Globe, it “would take eight newspaper pages to print.” Two years later, a still larger prime, 21257787 − 1, was found by a supercomputer at Cray Research, Inc. It contains 378,632 digits. The largest known prime in 2000 was 26972593 − 1. Discovered a year earlier by the team of Nayan Hajrawala, George Woltman, and Scott Kurowski, it contains 2,098,960 digits. Hajrawala’s home computer, a 350-MHz Aptiva, took 111 days of idle time to find it; the researchers estimated that it would have taken three weeks to locate it if the computer had been running full time. In 2005, two larger primes were found: 225964951 − 1 with 7,816,230 digits and 230402457 − 1 with 9,152,052 digits. The former was discovered on February 18 by Martin Nowak, an eye surgeon and a mathematics hobbyist in Germany, and the latter on December 15 by C. Cooper and S. R. Boone of Central Missouri State University. Table 2.5 lists the ten largest known primes. Needless to say that the hot pursuit of larger primes still continues. For the curious minded, the largest known prime, all of whose digits are also prime, is 72323252323272325252 × 103120 − 1 1020 − 1 . Discovered in 1992 by Harvey Dubner of New Jersey, it has 3120 digits. Palindromic Primes Interestingly, there are primes that are palindromic†; they are palindromic primes. In 1950, L. Moser of the University of North Carolina discovered 107 such primes † A palindrome is a number that reads the same backward and forward, such as 23432.
- 155. 2.5 Prime and Composite Numbers 117 Rank Prime No. of Digits Discoverer(s) Year Discovered 1 230402457 − 1 9,152,052 C. Cooper S. R. Boone 2005 2 225964951 − 1 7,816,230 M. Nowak 2005 3 224036583 − 1 7,235,733 J. Findley 2004 4 220996011 − 1 6,320,430 M. Shafer 2003 5 213466917 − 1 4,053,946 M. Cameron 2001 6 27653 · 29167433 + 1 2,759,677 D. Gordon 2005 7 28433 · 27830457 + 1 2,357,207 S. Yates 2004 8 26972593 − 1 2,098,960 N. Hajrawala et al. 1999 9 5359 · 25054502 + 1 1,521,561 R. Sundquist 2003 10 4847 · 23321063 + 1 999,744 R. Hassler 2005 Table 2.5 The ten largest known primes. ≤ 100,000; 19 of them are ≤ 1000: 2, 3, 5, 7, 11, 101, 131, 151, 181, 313, 353, 373, 383, 727, 757, 787, 797, 919, and 929. The palindromic prime 16661 not only con- tains the embedded beast but also is the 1928th prime; it has the additional property that 1 + 6 + 6 + 6 + 1 = 1 + 9 + 2 + 8, first observed by G. J. Honaker, Jr. The palindromic prime 1011310 + 4661644 · 1056752 + 1, found in 1991 by Dubner, con- tains 11,311 digits; it is doubly palindromic in the sense that the number of digits is also a palindromic prime. The largest known palindromic prime, 1039026 +4538354· 1019510 + 1, discovered in 2001 by Dubner, contains 39,027 digits. Repunit Primes The largest known repunit prime is R1031, discovered in 1985 by Hugh C. Williams of the University of Manitoba. Repunit primes appear to be scarce, since there are only five such repunits Rn for n 10,000. The known repunits and their discoverers are listed in Table 2.6. n Discoverer Year Discovered 2 Unknown ancient 19 O. Hoppe 1918 23 D. H. Lehmer 1929 317 H. C. Williams 1978 1031 H. C. Williams 1985 Table 2.6 The known repunit primes.
- 156. 118 CHAPTER 2 Divisibility Twin Primes Recall that 2 and 3 are the only two consecutive integers that are primes. Are there any primes that differ by 2? Clearly, 3 and 5, and 5 and 7 are two such pairs. Such pairs are called twin primes. The next two pairs are 11 and 13, and 17 and 19. (Can you find the next two pairs?) Discovering twin primes involves essentially finding two primes; therefore, the largest known twin primes are substantially smaller than the largest known primes. Table 2.7 lists the ten largest known twin primes. Rank Twin Primes No. of Digits Discoverer(s) Year Discovered 1,2 16869987339975 · 2171960 ± 1 51,779 Z. Járail et al. 2005 3,4 33218925 · 2169690 ± 1 51,090 D. Papp 2002 5,6 60194061 · 2114689 ± 1 34,533 D. Underbakke 2002 7,8 1765199373 · 2107520 ± 1 32,376 J. McElhatton 2002 9,10 318032361 · 2107001 ± 1 32,220 D. Underbakke P. Carmody 2001 Table 2.7 Ten largest known twin primes. Although more than 100,000 twin primes are known, no one knows how many such pairs there are. This is still one of the leading mysteries in number theory. A related conjecture is the number of pairs z(N) of twin primes n ± 1 that ? are ≤ N: z(N) ≈ 1.3203236 N 2 dn (logn)2 where 5 ≤ n + 1 ≤ N. Lehmer studied pairs of twin primes, such as 11–13–17–19 and 101–103–107– 109, all lying within a decade. In his Table of Primes, Lehmer lists 9933611– 9933613–9933617–9933619 as the largest known such quadruplet. In 1999, B. J. Hulbert of Reading, England, investigated such quadruplets and found 1220 of them. Three of them are 22271–22273–22277–22279, 72221–72223– 72227–72229, and 15222371–15222373–15222377–15222379, again all strikingly similar and lying within a decade; the latter is the largest known prime quadruplet. Brun’s Constant In 1919, the Norwegian mathematician Viggo Brun (1885–1978) proved that the sum of the reciprocals of the twin primes (1/3+1/5)+(1/5+1/7)+(1/11+1/13)+··· converges to a limit, called Brun’s constant. In 1974, the American mathematicians Daniel Shanks and John Wrench, Jr., estimated Brun’s constant using twin primes
- 157. 2.5 Prime and Composite Numbers 119 among the first 2 million primes. Two years later, Richard Brent of the Australian National University refined the estimate to 1.90216054 using the twin primes up to 100 billion. Twin Primes and the Pentium Chip When Intel Corporation, the world’s largest chip manufacturer, shipped the Pentium chip to various computer manufacturers in early 1994, the chip was found to have a flaw in division involving more than five significant digits. Intel, claiming that only one in nine billion users would be affected by the error, chose not to recall the chip. Simultaneously, Thomas Nicely, a computational number theorist at Lynchburg Col- lege, Virginia, was trying to improve previous estimates of Brun’s constant. Using a Pentium computer in June, he computed the constant twice, employing two different methods. One used a computer’s floating point unit and the other used an extended precision arithmetic; they yielded different results. Nicely found that the Pentium was giving incorrect floating point reciprocals for the twin primes 824,633,702,441 and 824,633,702,443. After the error was made public in November, Intel offered to replace chips with the flaw (see Figure 2.27). On receiving a flurry of international How Number Theory Got the Best of the Pentium Chip Barry Cipra Chalk one up for number theory. With lurid accounts of the flaw in Intel’s Pentium processor making front-page and net- work news, users of the personal computer chip in fields ranging from science to banking are finding cases where its faulty logic sends their computations awry. But the problem might have gone undetected for much longer if the chip had not slipped up months ago during a long series of calcula- tions in number theory, raising the suspicions of a dogged mathematics professor. To other mathematicians, the discovery of the flaw by Thomas Nicely of Lynchburg College in Virginia emphasizes the value of number theory—the study of subtle properties of ordinary counting numbers—for providing quality control for new computer systems. By forcing a computer to perform simple operations repeatedly on many different numbers, number-theory calculations “push machines to their limits,” says Peter Borwein of Simon Fraser University in Burn- aby, British Columbia. Many computer makers have adopted these calculations as a shakedown test for systems intended for heavy-duty scientific computation, and although the prac- tice has yet to spread to personal computers, Borwein and some other mathematicians think that might be a good idea. Intel had actually found the flaw by other means after the chip had gone into production, but had decided that it was not likely to affect ordinary users. But the company hadn’t counted on the use that Nicely had in mind. When he fired up a Pentium computer last March, Nicely was adding its number-crunching power to a project in computational num- ber theory he had begun the year before. He was trying to im- prove on previous estimates of a number called Brun’s sum, which is related to the distribution of prime numbers. The sequence of prime numbers—2, 3, 5, 7, 11, 13, 17, 19, etc.—is a continuing source of fascination to math- ematicians. Since the time of Euclid, they have known that (continued) Figure 2.27
- 158. 120 CHAPTER 2 Divisibility there are infinitely many primes, but although primes are rel- atively abundant early on, they become scarce among larger numbers. For example, roughly 23% of two-digit numbers are prime (21 of 90), but the figure for ten-digit numbers is just 4%, and among hundred-digit numbers, the fraction of primes is less than half a percent. As a consequence, the gap between consecutive prime numbers tends to increase. However, every so often two odd numbers in a row turn out to be prime: 3 and 5, 41 and 43, 101 and 103, and 10,007 and 10,009, for example. Mathematicians conjecture that such “twin primes” pop up infinitely often. But in 1919, the Norwegian mathematician Viggo Brun proved that even if there are infinitely many twin primes, the sum obtained by adding their reciprocals—the sum (1/3 + 1/5) + (1/5 + 1/7) + (1/11 + 1/13) + ···— converges to a finite value, much as the sum 1/2 + 1/4 + 1/8 + 1/16 + ··· converges to 1. Brun’s sum is known only to the first few digits, however—and even there, the accu- racy is based on conjectures about the frequency with which twin primes occur. Number theorists think it’s unlikely that clumps of twin primes are lurking among very large numbers, but they have been unable to prove it. One way to check up on this assumption is to compute better estimates for Brun’s sum. In 1974, two mathematicians working for the Navy, Daniel Shanks and John Wrench Jr., reported the first com- putationally intensive estimate of Brun’s sum, based on the occurrence of twin primes among the first two million prime numbers. Two years later, Richard Brent at the Australian Na- tional University calculated all twin primes up to a hundred billion (224,376,048 pairs), from which he computed an esti- mate of 1.90216054 for Brun’s sum. And there it sat—until Nicely entered the picture. The Lynchburg math professor decided to push Brent’s work into the trillions. To be on the safe side, he computed Brun’s sum twice, using two different methods: the “easy” way using a computer’s built-in floating point unit, which is supposed to be accurate to 19 decimal places, and the “hard” way us- ing an extended precision arithmetic, which he set to give 26 (and later 53) digits of accuracy. (The difference can be likened to the difference between computing 1/3 + 1/7 as 0.33+0.14 = 0.47 and computing it as 1/3+1/7−10/21 = 0.48. The latter calculation gains accuracy by doing some exact arithmetic first.) The comparison between the two methods is what got Intel into trouble. After Nicely added the new Pentium to his stable of computers, he found that the gap between the two results was much larger than it should have been. By trial and error and a process of elimination, he pin- pointed the source of the problem: The Pentium was giv- ing incorrect floating point reciprocals for the twin primes 824,633,702,441 and 824,633,702,443—they were wrong from the 10th digit on. Nicely still didn’t know whether the er- ror was caused by his hardware or software, in part because he’d caught an earlier error in a compiler program. “Finally, in desperation, I ran this portion of the calculation on one of the 486 [computers], rather than the Pentium,” he recalls. “The error disappeared.” Even that didn’t prove conclusively that it was the Pen- tium chip’s fault; other hardware in the computer could have been responsible. But in October (4 months after he first no- ticed his calculations were off), Nicely nailed the culprit when he got hold of two other machines with Pentium chips and was able to reproduce the error. He notified Intel and, after getting no satisfactory answer by the end of the month, sent e-mail asking others to double-check his discovery. “I believe you are aware of events from that point on,” he concludes dryly. The Pentium’s problem, as others have abundantly confirmed, lies in the way the chip does division. Although it works fine for most numbers, the chip’s built-in algo- rithm makes mistakes in certain cases, rather like a grade- schooler who mismemorized part of a multiplication table. Nicely estimates that the chip gets roughly one in a billion reciprocals wrong. But because the work in number theory required him to compute billions of reciprocals over a wide range, he was almost bound to run into the mistake. “We’ve known for a long time that number theory com- putations are very helpful” for turning up computer errors, notes computational number theorist Arjen Lenstra of Bell- core, in Morristown, New Jersey. “It is useful to run number theory stuff on your processor before you sell it.” Intel hasn’t decided whether to make such computa- tions a routine part of its testing procedure, says Stephen Smith, engineering manager for the Pentium processor di- vision. But Intel was so impressed with Nicely work that it asked him to run further computations on a corrected chip. “We looked at him as the most thorough tester,” says Smith. Figure 2.27
- 159. 2.5 Prime and Composite Numbers 121 Sophie Germain (1776–1831), France’s great woman mathematician, was born in Paris, and educated herself at home, using her father’s extensive library. At the age of thirteen, she read in J. F. Montucla’s Historie des Mathematiques of the murder of the Greek mathematician and inventor Archimedes (ca. 287–212 B.C.) by a Roman soldier. Archimedes became her hero, and she decided to become a mathematician despite her parents’ serious objections. After mastering both Latin and Greek, she studied the works of Newton and Euler. Because of her gender, Sophie was not allowed to attend the newly established École Central des Travaux Publics (later the École Polytechnique), but she managed to obtain the lecture notes of Lagrange and other scholars. She sent Lagrange a paper on analysis, under the pseudonym M. Leblanc. He was so impressed with the paper that he became her mathematical mentor. Germain corresponded with many mathematicians, including Legendre and Gauss. Germain made a significant contribution toward establishing Fermat’s last theorem (see Section 12.2) that the equation xn + yn = zn has no positive integral solutions, where n ≥ 3. In 1825, she showed that if p is a Sophie Germain prime, then the equation xp + yp = zp has no positive integral solutions, where xyz = 0 and p xyz. She also made important contributions to the theories of acoustics and elasticity. attention, Nicely said,† “Usually mathematicians have to shoot somebody to get this much publicity.” Sophie Germain Primes Another class of primes, called Sophie Germain primes, played an important role in establishing Fermat’s last theorem, which is discussed in Section 13.2. Named in 1825 in honor of the French mathematician Sophie Germain, these primes have the form 2p + 1, where p is an odd prime. The first three such primes are 7, 11, and 23. Clearly, each Sophie Germain prime belongs to a Cunningham chain. The ten largest known Sophie Germain primes are listed in Table 2.8. ? It has been conjectured that there are infinitely many Sophie Germain primes. Goldbach’s Conjecture ? The Prussian mathematician Christian Goldbach noticed a pattern in the following † Cincinnati Enquirer, December 18, 1994.
- 160. 122 CHAPTER 2 Divisibility Rank Prime No. of Digits Discoverer(s) Year Discovered 1 7068555 · 2121301 − 1 36,523 P. Minovic 2005 2 2540041185 · 2114729 − 1 34,547 D. Underbakke 2003 3 18912879 · 298395 − 1 29,628 M. Angel et al. 2002 4 1213822389 · 281131 − 1 24,432 M. Angel et al. 2002 5 109433307 · 266452 − 1 20,013 D. Underbakke 2001 6 984798015 · 266444 − 1 20,011 D. Underbakke 2001 7 3714089895285 · 260000 − 1 18,075 K. Indlekofer et al. 2000 8 909004827 · 256789 − 1 17,105 B. Tornberg 2005 9 1162665081 · 255649 − 1 16,762 B. Xiao 2004 10 671383317 · 248345 − 1 14,563 J. Sun 2004 Table 2.8 The ten largest known Sophie Germain primes. sums: 4 = 2 + 2 6 = 3 + 3 8 = 3 + 5 10 = 3 + 7 12 = 5 + 7 14 = 3 + 11 16 = 5 + 11 18 = 7 + 11 20 = 7 + 13 . . . (Do you see a pattern here?) Based on his observations, Goldbach, in a letter to Euler in 1742, conjectured that every even integer 2 can be expressed as the sum of two primes. Euler could not prove it, and his conjecture still remains an unsolved problem. However, Goldbach’s conjecture has been shown to be true for all even integers less than 1010. The famous English mathematician Godfrey H. Hardy (1877–1947) character- ized Goldbach’s conjecture as one of the most difficult unsolved problems in mathe- matics. In May 2000, Bloomsbury Publishing (United States) and Faber and Faber (United Kingdom) announced a million dollar prize to anyone who could provide Christian Goldbach (1690–1764) was born in Königsberg, Prussia. He studied medicine and mathematics at the University of Königsberg and became professor of mathematics at the Imperial Academy of Sciences in St. Petersburg in 1725. In 1728 he moved to Moscow to tutor Tsarevich Peter II and his cousin Anna of Courland. During 1729–1963, he corresponded with Euler on number theory. He returned to the Imperial Academy in 1732 when Peter’s successor Anna moved the imperial court to St. Petersburg. In 1742 Goldbach joined the Russian Ministry of Foreign Affairs, and later became privy councilor and established guidelines for the education of royal children. He is also noted for his conjectures in number theory and work in analysis. Goldbach died in Moscow.
- 161. 2.5 Prime and Composite Numbers 123 Publishers Offer Prize for Proof of Goldbach’s Conjec- ture Bloomsbury Publishing (USA) and Faber and Faber (UK) have announced that they are offering a one million dollar prize to any person who can prove Goldbach’s Conjecture within the next two years. The prize is being offered to help promote the book Uncle Petros and Goldbach’s Conjecture, by Apostolos Doxiadis (see the review by Keith Devlin on MAA Online’s Read This! section, which can be found on the web at http://www.maa.org/reviews/reviews.html). To be eligible for the prize, the proof must be submitted to a jour- nal indexed by Mathematical Reviews by March 15, 2002, must be published by that journal by March 15, 2004, and must be judged to be correct by a six-member judging panel whose members will be mathematicians chosen by the pub- lisher. See Faber’s web site at http://www.faber.co.uk/ (click on “Book News”) for more information on the prize. Figure 2.28 a proof of Goldbach’s conjecture by March 15, 2002. See Figure 2.28. To date, it still remains a conjecture. Bertrand’s Conjecture In 1845, Joseph Bertrand conjectured that there is a prime between n and 2n for every integer n ≥ 2. For example, 3 is a prime between 2 and 4; 5 is a prime between 3 and 6; 7 is a prime between 4 and 8; and so on. Although Bertrand could not establish the validity of his conjecture, he was able to verify it for all integers ≤ 3 million! Seven years later, Chebychev provided a successful proof. In 1944, the Indian number theorist S. S. Pillai (1901–1950) gave a simpler proof. Using Bertrand’s conjecture and induction, it can be shown that pn+1 ≤ 2pn and hence pn ≤ 2n, where pn denotes the nth prime (see Exercise 58). For instance, p5 = 11 from Figure 2.25, so clearly p5 ≤ 25. It is worth noting that 2n is an extremely large upper bound for pn when n is fairly large. For instance, p11 = 31 is much smaller than 211 = 2048; nevertheless, it is true. It is well known that p1p2p3 ···pn pn+1, where n ≥ 2. In 1907, H. Bonse de- veloped a stronger inequality, now called Bonse’s inequality: p1p2p3 ···pn p2 n+1,
- 162. 124 CHAPTER 2 Divisibility Joseph Louis François Bertrand (1822–1900), the son of a writer of popular scientific articles and books, was born in Paris. At the age of 11, he unofficially began attending classes at the École Polytechnique. In 1838, at 16, he earned two degrees, one in the arts and the other in science. A year later, he received his doctorate for his work in thermomechanics and published his first paper. In 1841 he became professor at the Collège Saint-Louis. Subsequently, he taught at the Lycée Henry IV, the École Normale Supérieure, the École Polytechnique, and finally at the Collège de France until his death. An author of many popular textbooks, Bertrand made important contributions to applied mathematics, analysis, differential geometry, probability, and theoretical physics. where n ≥ 4. In 2000, M. Dalezman of Yeshiva University strengthened it even fur- ther: p1p2p3 ···pn pn+1pn+2, where n ≥ 4. An interesting application of Bertrand’s conjecture was proposed in 1989 by the Romanian mathematician Florentin Smarandache.† In addition to the conjecture, it uses two results: Suppose n ≥ 4. Then n! 2n and 1·3·5···(2n−1) 2n+2. Verify both. EXAMPLE 2.26 Prove that there are at least 3n/2 primes in the range n through n!, where n ≥ 4. PROOF Notice that the statement is true for 4 ≤ n ≤ 9. So assume n ≥ 10. case 1 Suppose n is even, say, n = 2k, where k ≥ 5. Then n! = 1 · 2 · 3···(2k − 2)(2k − 1)n = 2k−1 [1 · 2 · 3···(k − 1)][1 · 3 · 5···(2k − 1)]n 2k−1 (k − 1)!2k+2 n ≥ 2k−1 · 2k−1 · 2k+2 n, since k ≥ 5 = 23k n A repeated application of Bertrand’s conjecture shows there are at least 3k = 3(n/2) = 3n/2 primes in the range n through 23kn, that is, between n and n!. † In 1988, Smarandache escaped from the Ceausescu dictatorship, spent 2 years in a political refugee camp in Turkey, and then emigrated to the United States.
- 163. 2.5 Prime and Composite Numbers 125 case 2 Suppose n is odd, say, n = 2k + 1, where k ≥ 5. Then n! = 1 · 2 · 3···(2k − 1)(2k)n = 2k k![1 · 3 · 5···(2k − 1)]n 2k · 2k · 2k+2 n, since k ≥ 5 23k n Thus, as before, there are at least 3k = 3[(n − 1)/2)] = 3n/2 primes in the range n through 23kn, that is, between n and n!. Thus, in both cases, the result is true. Additional Conjectures Are there primes of the form n2 + 1? Clearly, 2 = 12 + 1 and 5 = 22 + 1 are two such primes. There are two more such primes ≤ 100. No one knows how many such ? primes exist. The number of primes p(N) of the form n2 + 1 has been conjectured to be given ? by p(N) ≈ 0.6864067 N n=2 dn logn where 2 ≤ n ≤ N. Legendre’s conjecture: Is there a prime between n2 and (n+1)2? For example, ? 3 is a prime between 1 and 4; 5 is a prime between 4 and 9; 11 is a prime between 9 and 16; 19 is a prime between 16 and 25; 29 is a prime between 25 and 36. Does this pattern hold for any positive integer n? That, too, still remains unan- swered. Bocard’s conjecture: There are at least four primes between the squares of ? consecutive odd primes; for example, there are five primes between 32 and 52. The following example singles out a unique prime. EXAMPLE 2.27 Find the primes such that the digits in their decimal values alternate between 0s and 1s, beginning with and ending in 1.
- 164. 126 CHAPTER 2 Divisibility SOLUTION Suppose N is a prime of the desired form and it contains n ones. Then N = 102n−2 + 102n−4 + ··· + 102 + 1 = 102n − 1 102 − 1 since n−1 i=0 ri = rn − 1 r − 1 , r = 1 = (10n − 1)(10n + 1) 99 If n = 2, then N = (102 − 1)(102 + 1) 99 = 101 is a prime. If n 2, 10n − 1 99 and 10n +1 99. Then N has nontrivial factors, so N is composite. Thus, 101 is the only prime with the desired properties. Primality of Catalan Numbers Recall from Section 1.8 that the Catalan numbers C2 and C3 are prime. The next the- orem confirms that there are no other such primes. We leave the proof as an exercise; see Exercise 75. THEOREM 2.13 (Koshy and Salmassi, 2004) The only prime Catalan numbers are C2 and C3. E X E R C I S E S 2.5 Mark true or false, where a, b, d, and n are arbitrary pos- itive integers. 1. A nonprime positive integer is a composite. 2. A noncomposite positive integer is a prime. 3. Every prime is odd. 4. There are no primes greater than googolplex. 5. If p is a prime, then p + 2 is a prime. 6. If p is a prime, then p2 + 1 is a prime. 7. There is an infinite number of primes. 8. There is an infinite number of composite numbers. 9. If p is a prime such that p|ab, then p|a or p|b. 10. There are primes of the form n! + 1. Determine whether each is prime or composite. 11. 129 12. 217 13. 1001 14. 1729 Using Theorem 2.10, compute the number of primes ≤ n for each value of n. 15. 47 16. 61 17. 96 18. 131 19. Find five consecutive integers 100 that are compos- ite numbers. Find n consecutive integers that are composites for each value of n. 20. seven 21. eight 22. nine 23. ten
- 165. 2.5 Prime and Composite Numbers 127 24. List all twin primes ≤ 100. 25. Find all twin primes whose arithmetic mean is a tri- angular number. 26. List all primes of the form n2 + 1 and 100. Find the smallest prime between n and 2n for each value of n. 27. 5 28. 6 29. 20 30. 47 Find the smallest prime between n2 and (n + 1)2 for each value of n. 31. 6 32. 7 33. 10 34. 11 35. Prove or Disprove: n! + 1 is a prime for every non- negative integer n. 36. In 1775, Lagrange conjectured that every odd integer 5 can be written in the form p + 2q, where p and q are primes. Verify his conjecture for 7, 11, 15, and 23. 37. Find the flaw in the following “proof” that there are no primes greater than 101. Let n 101. Clearly, n has to be odd. When n is odd, both (n + 1)/2 and (n − 1)/2 are integers. Let x = (n + 1)/2 and y = (n − 1)/2. Then n = x2 − y2 = (x − y)(x + y), so n is not a prime. Thus, there are no primes 101. Find the positive factors of each, where p and q are dis- tinct primes. 38. pq 39. p2q 40. pq2 41. p2q2 Let q1 = 2 and qn = q1q2 ...qn−1 + 1, where n ≥ 2. 42. Find the first four primes of the form qn. 43. Find the smallest composite number of the form qn. 44. Define qn recursively. Prove each. 45. 2 and 3 are the only two consecutive integers that are primes. 46. 3, 5, and 7 are the only three consecutive odd integers that are primes. 47. If p and p2 + 8 are primes, the p3 + 4 is also a prime. (D. L. Silverman, 1968) 48. If p is a prime and 1 ≤ k p, then p| p k . 49. Let p and q be successive odd primes and p + q = 2r. Then r is composite. (J. D. Baum, 1966) 50. The sum of two successive odd primes is the product of at least three (not necessarily distinct) prime fac- tors. (J. D. Baum, 1967) 51. If p and p2 +2 are primes, then p3 +2 is also a prime. 52. The integral lengths of the legs of a right triangle can- not be twin primes. (J. H. Tiner, 1968) 53. If p and p + 2 are twin primes, then p must be odd. 54. Suppose p and q are primes such that p−q = 3. Then p = 5. 55. Every odd prime is of the form 4n + 1 or 4n + 3. 56. One more than the product of twin primes is a perfect square. 57. If n is composite, then 2n − 1 is a composite. 58. Let pn denote the nth prime. Then pn 2n, where n ≥ 2. 59. Prove by contradiction that every integer ≥ 2 has a prime factor. (Hint: Use the well-ordering principle.) 60. Rewrite the proof of Euclid’s theorem using p as the largest prime and n = p! + 1. Let pn denote the nth prime. Determine whether pn+1 ≤ p1p2 ···pn + 1 for each value of n. 61. 5 62. 7 63. 8 64. 10 65. Show that the repunits R4 and R5 are composite. 66. Find an explicit formula for Rn. 67. Prove or disprove: If n is a prime, then Rn is a prime. 68. Let f(x) = n i=0 aixi, where ai is an integer and an = 0. Suppose f(n0) = p is a prime. Prove that f(n0 + kp) is composite for any integer k. 69. The simplest consecutive prime triplet pn–pn+1– pn+2 such that pn|(pn+1pn+2 + 1) is 2–3–5. Find two other such consecutive prime triplets. (G. L. Honaker, 1990) (Note: In 1991, L. Hodges of Iowa showed that there are only three such solutions below 7.263 × 1013.) Let En = p1p2 ···pn + 1, where pi denotes the ith prime and i ≥ 1. 70. Find the least composite value of En.
- 166. 128 CHAPTER 2 Divisibility 71. Prove that En (pn+1)n−2, n ≥ 6. (A. A. K. Majum- dar, 1996) 72. Establish the formula for π(n) in Theorem 2.10. 73. Let pk denote the kth prime. Prove that pn+1 ≤ p1p2 ···pn + 1, where n ≥ 1. 74. Let pi denote the ith prime, where i ≥ 1. Prove that pnpn+1pn+2 p2 n+3, where n ≥ 3. (S. Bulman- Flemming and E. T. H. Wang, 1989) 75. Establish Theorem 2.13. 2.6 Fibonacci and Lucas Numbers Fibonacci numbers are one of the most intriguing number sequences, which contin- ues to provide ample opportunities for both professional mathematicians and ama- teurs to make conjectures and to expand the limits of mathematical knowledge. The Fibonacci sequence is named after Leonardo Fibonacci, the most outstand- ing Italian mathematician of the Middle Ages. It is so important and fascinating that there is an association of Fibonacci enthusiasts, The Fibonacci Association, de- voted to the study of the sequence. The association, founded in 1963 by Verner E. Hoggatt, Jr. (1921–1980) of San Jose State College and Brother Alfred Brousseau (1907–1988) of St. Mary’s College in California, publishes The Fibonacci Quarterly devoted to articles related to the Fibonacci sequence. The following problem, proposed by Fibonacci in 1202 in his classic book, Liber Abaci, gave birth to the Fibonacci sequence. The Fibonacci Problem Suppose there are two newborn rabbits, one male and the other female. Find the number of rabbits produced in a year if • Each pair takes one month to become mature; • Each pair produces a mixed pair every month, from the second month; and • All rabbits are immortal. Suppose, for convenience, that the original pair of rabbits was born on January 1. They take a month to become mature, so there is still only one pair on February 1. On March 1, they are two months old and produce a new mixed pair, a total of two pairs. Continuing like this, there will be three pairs on April 1, five pairs on May 1, and so on. See the last row of Table 2.9.
- 167. 2.6 Fibonacci and Lucas Numbers 129 Leonardo Fibonacci (1170?–1250?), also known as Leonardo of Pisa, was born in the commercial city of Pisa, Italy, into the Bonacci family. His father, a customs manager, expecting Leonardo to become a merchant, took him to Bougie, Algeria, to receive advanced training in arithmetic us- ing Indo-Arabic numerals. Leonardo’s own business trips to Egypt, Syria, Greece, and Sicily gave him extensive experience with Indo-Arabic mathe- matics. In 1202, shortly after his return to Pisa, Fibonacci published his fa- mous work, Liber Abaci, extolling the superiority of the Indo-Arabic meth- ods of computation. (The word abaci in the title does not refer to the old abacus, but to computation in general.) This book, devoted to arithmetic and elementary algebra, introduced the Hindu-Arabic notation and arithmetic algorithms to Europe. Fibonacci wrote three additional books: Practice Geometriae, a collection of results in geometry and trigonometry; Liber Quadratorum, a major work on number theory; and Flos, also on number theory. Fibonacci’s importance and usefulness to Pisa and its citizenry through his teaching and services were recognized by Emperor Frederick II. No. of Pairs Jan. Feb. March April May June July Aug. Adults 0 1 1 2 3 5 8 13 Babies 1 0 1 1 2 3 5 8 Total 1 1 2 3 5 8 13 21 Table 2.9 Fibonacci Numbers The numbers 1, 1, 2, 3, 5, 8, ... in the bottom row are Fibonacci numbers. They have a fascinating property: Any Fibonacci number, except the first two, is the sum of the two immediately preceding Fibonacci numbers. (At the given rate, there will be 144 pairs of rabbits on December 1.) This yields the following recursive definition of the nth Fibonacci number Fn: F1 = F2 = 1 ← initial conditions Fn = Fn−1 + Fn−2, n ≥ 3 ← recurrence relation Interestingly enough, Fibonacci numbers appear in quite unexpected places. They occur in nature, music, geography, and geometry. They can be found in the spi- ral arrangements of seeds in sunflowers, the scale patterns of pine cones, the number of petals in flowers, and the arrangement of leaves on trees. See Figure 2.29.
- 168. 130 CHAPTER 2 Divisibility (a) (b) Figure 2.29 Fibonacci and Pascal’s Triangle It is surprising that Fibonacci numbers can be extracted from Pascal’s triangle. Add the numbers along the northeast diagonals, as Figure 2.30 shows. Curiously enough, the sums appear to be the various Fibonacci numbers. Figure 2.30 This observation is confirmed by the following theorem, discovered in 1876 by Lucas. It can be established using induction. THEOREM 2.14 (Lucas, 1876) Fn = (n−1)/2 i=0 n − i − 1 i , n ≥ 1 The recursive definition of Fn yields a straightforward method for computing it, as Algorithm 2.5 shows.
- 169. 2.6 Fibonacci and Lucas Numbers 131 François-Edouard-Anatole Lucas (1842–1891) was born in Amiens, France. After completing his studies at the École Normale in Amiens, he worked as an assistant at the Paris Observatory. He served as an artillery officer in the Franco-Prussian war and then became professor of mathemat- ics at the Lycée Saint-Louis and Lycée Charlemagne, both in Paris. A gifted and entertaining teacher, Lucas died of a freak accident at a banquet; his cheek was gashed by a piece of a plate that was accidentally dropped; he died from infection within a few days. Lucas loved computing and developed plans for a computer that never materialized. Besides his contributions to number theory, he is known for his four-volume classic on recreational mathematics. Best known among the problems he developed is the Tower of Brahma. Algorithm Fibonacci(n) (* This algorithm computes the nth Fibonacci number using recursion. *) Begin (* algorithm *) if n = 1 or n = 2 then (* base cases *) Fibonacci ← 1 else Fibonacci ← Fibonacci(n − 1) + Fibonacci(n − 2) End (* algorithm *) Algorithm 2.5 The tree diagram in Figure 2.31 illustrates the recursive computing of F5, where each dot represents an addition. Figure 2.31
- 170. 132 CHAPTER 2 Divisibility Next we pursue two interesting properties of Fibonacci numbers by way of ex- perimentation and conjectures. EXAMPLE 2.28 Find a formula for n i=1 Fi. SOLUTION step 1 Collect sufficient data. F1 = 1 = 1 F1 + F2 = 1 + 1 = 2 F1 + F2 + F3 = 1 + 1 + 2 = 4 F1 + F2 + F3 + F4 = 1 + 1 + 2 + 3 = 7 F1 + F2 + F3 + F4 + F5 = 1 + 1 + 2 + 3 + 5 = 12 step 2 Look for a pattern. These equations do not seem to manifest any pattern. So we rewrite them in such a way that a pattern emerges: F1 = 1 = F3 − 1 F1 + F2 = 2 = F4 − 1 F1 + F2 + F3 = 4 = F5 − 1 F1 + F2 + F3 + F4 = 7 = F6 − 1 F1 + F2 + F3 + F4 + F5 = 12 = F7 − 1 When we look at the subscripts on both sides, a clear pattern arises. step 3 Make a conjecture. n i=1 Fi = Fn+2 − 1 step 4 Establish the formula using induction. Since F1 = F3 − 1, the formula works for n = 1. Now assume it is true for an arbitrary positive integer k ≥ 1: k i=1 Fi = Fk+2 − 1
- 171. 2.6 Fibonacci and Lucas Numbers 133 Then k+1 i=1 Fi = k i=1 Fi + Fk+1 = (Fk+2 − 1) + Fk+1 = (Fk+1 + Fk+2) − 1 = Fk+3 − 1 Thus, by induction, the formula is true for every positive integer n. (This formula was derived in 1876 by Lucas.) For example, 10 i=1 Fi = F12 − 1 = 144 − 1 = 143. You may verify this by direct computation. We now mention a Fibonacci puzzle based on this formula. A Fibonacci Puzzle (optional) Think of two positive integers a1 and a2. Add them to get a3. Add the last two to get the next number a4. Continue like this until you get ten numbers: a1,a2,...,a10. Compute their sum s = n i=1 ai. Write down all ten numbers. Without adding them, we can accurately give you the sum. How does it work? Next, we study the following Fibonacci pattern: F1F3 − F2 2 = 1 · 2 − 12 = (−1)2 F2F4 − F2 3 = 1 · 3 − 22 = (−1)3 F3F5 − F2 4 = 2 · 5 − 32 = (−1)4 F4F6 − F2 5 = 3 · 8 − 52 = (−1)5 . . . Clearly, a pattern emerges. (Look at the subscripts and the power of −1 on the RHS.) Accordingly, we conjecture that Fn−1Fn+1 − F2 n = (−1)n, where n ≥ 1. We can con- firm it as an exercise. THEOREM 2.15 (Cassini’s Formula) Fn−1Fn+1 − F2 n = (−1)n , n ≥ 1
- 172. 134 CHAPTER 2 Divisibility Giovanni Domenico Cassini (1625–1712) was born in a family of as- tronomers in Perinaldo, Imperia, Italy. He studied at Vallebone, the Jesuit Col- lege at Genoa, and then at the abbey of San Fructuoso. He manifested great enthusiasm in poetry, mathematics, and astronomy. Working at the observa- tory at Panzano, near Bologna, he completed his education under the tutelage of the great scientists Giovan Battista Riccioli and Francesco Maria Grimaldi, whose work influenced him a great deal. In 1650, Cassini became the princi- pal chair of astronomy at the University of Bologna. Cassini left for Paris in 1669 to continue his brilliant career in planetary astronomy at the Académie Royal des Sciences. He assumed responsibility for the Academy and became a French citizen. Cassini died in Paris. Robert Simson (1687–1768), son of a successful merchant, was born in West Kilbridge, Ayrshire, Scotland. Af- ter attending the University of Glasgow, he studied theology to follow the family tradition of serving in the Church of Scotland. At Glasgow he received no formal training in mathematics, but reading of George Sinclair’s Tyrocinia Mathematica in Novem Tractatus (1661) he became interested in mathematics, and moved on to Euclid’s Ele- ments. During the academic year 1710–1711, he attended a mathematics school and met several prominent mathe- maticians, including Edmund Halley (1656–1742), the well-known astronomer and Savilian professor of geometry at Oxford. In 1711, Simson was appointed professor of mathematics at Glasgow. He devoted most of his life to restoring the works of Greek geometers. Simson wrote on conic sections, logarithms, and the theory of limits, but by far his most influential work was the 1756 edition of Euclid’s Elements, which served as the basis of every subsequent edition of Elements until the beginning of the twentieth century. This formula was first discovered in 1680 by the Italian-born French astronomer and mathematician Giovanni Domenico Cassini, and discovered independently in 1753 by Robert Simson (1687–1768) of the University of Glasgow. A Fibonacci Paradox (optional) Cassini’s formula is the basis of a delightful geometric paradox. This puzzle was a favorite of the famous English logician Charles Lutwidge Dodgson (1832–1898), better known as Lewis Carroll, who first published it in a mathematical periodical in Leipzig, Germany, in 1866 (666 years after Fibonacci published his rabbit problem). The brilliant American puzzlist Sam Loyd claimed that he had presented it to the American Chess Congress in 1858. Although we may never know the exact origin of the puzzle, it is nevertheless an intriguing one.
- 173. 2.6 Fibonacci and Lucas Numbers 135 Figure 2.32 Figure 2.33 Figure 2.34 Consider an 8 × 8 square; cut it up into four pieces, A, B, C, and D, as in Figure 2.32. Now rearrange them to form a 5 × 13 rectangle, as Figure 2.33 shows. The area of the square is 64 square units, whereas that of the rectangle is 65 square units. In other words, by reassembling the four pieces of the original square, we have gained one unit. This appears to be paradoxical. However, appearances can be deceiving. Although it appears in Figure 2.33 that the “diagonal” PQRS is a line segment, that is not in fact the case. The points P, Q, R, and S are in fact the vertices of a very narrow parallelogram, as Figure 2.34 demonstrates. The area of the parallelogram = area of the rectangle − area of the square = 5 · 13 − 82 = 1 = F5F7 − F2 6. Its sides are √ 29 and √ 73 units long, and the diagonal is √ 194 units long. Let θ be the acute angle between the adjacent sides of the parallelogram. Then, by the law of cosines in trigonometry: cosθ/2 = 194 + 29 − 73 2 √ 29 · 194 θ/2 ≈ 0.763898460833◦ θ ≈ 1◦ 31 40 This explains why it is a very narrow parallelogram.
- 174. 136 CHAPTER 2 Divisibility Jacques Philippe Marie Binet (1788–1865), a French mathematician and as- tronomer, was born at Rennes, Brittany. In 1804, he entered the École Polytech- nique in Paris, graduated two years later, and took a job in the Department of Bridges and Roads of the French government. In 1807, Binet became a teacher at the École Polytechnique, and the following year became assistant to the pro- fessor of applied analysis and descriptive geometry. In 1814, he was appointed examiner of descriptive geometry, and professor of mechanics (1815) and then inspector general of studies (1816). In 1821, he was awarded the Chevalier de la Legion d’Honneur. Two years later, Binet was appointed chair of astronomy at the Collège de France. But the July 1830 revolution was not kind to him. A strong supporter of Charles X, Binet became a victim of Charles’ abdication; he was dismissed from École Polytechnique by King Louis-Phillipe in November, 1830. Binet made many contributions to mathematics, physics, and astronomy. In 1812, he discovered the rule for matrix multiplication, and in 1840, discovered the explicit formula for the nth Fibonacci number. In 1843, he was elected to the Academy of Sciences and later became its president. A devout and modest Catholic, Binet died in Paris. In fact, there is nothing sacred about the choice of the size of the square. By virtue of Cassini’s formula, the puzzle will work for any F2n × F2n square. Lucas Numbers Closely related to Fibonacci numbers are the Lucas numbers 1, 3, 4, 7, 11, ..., named after Lucas. Lucas numbers Ln are defined recursively as follows: L1 = 1, L2 = 3 Ln = Ln−1 + Ln−2, n ≥ 3 Binet’s Formulas Both Fibonacci numbers and Lucas numbers can be defined explicitly using Binet’s formulas: Fn = αn − βn α − β and Ln = αn + βn where α = (1 + √ 5)/2 and β = (1 − √ 5)/2 are the solutions of the quadratic equa- tion x2 = x + 1. See Exercises 32–37. The explicit formula for Fn was discovered by the French mathematician Jacques-Phillipe-Marie Binet in 1843. In fact, it was first discovered in 1718 by
- 175. 2.6 Fibonacci and Lucas Numbers 137 Gabriel Lamé (1795–1870) was born in Tours, France. After graduating from the École Polytechnique in 1817, he continued his studies at the École des Mines from which he graduated in 1820. The same year, Lamé was appointed director of the School of Highways and Transportation in St. Petersburg, Russia. There he taught mathematics, physics, and chemistry, and planned roads and bridges in and around the city. In 1832 he returned to Paris to form an engineering firm. Within a few months, however, he left it to become the chair of physics at the École Polytechnique, where he re- mained until 1844. While teaching, he served as a consulting engineer, becoming the chief engineer of mines in 1836. He helped build the railroads from Paris to Versailles and to St. Germain. In 1844 Lamé became graduate examiner for the University of Paris in math- ematical physics and probability, and professor seven years later. In 1862 he became deaf and resigned his positions. He died in Paris in 1870. Although Lamé made discoveries in number theory and mathematical physics, his greatest contribution was the development of the curvilinear coordinates and their applications. His work on curvilinear systems led him to number theory. In 1840 he proved Fermat’s last theorem for n = 7. Gauss considered Lamé the foremost French mathematician of his time. Ironically, most French mathemati- cians considered him too practical, and most French scientists thought him too theoretical. the French mathematician Abraham De Moivre (1667–1754) using generating func- tions and arrived at independently in 1844 by the French engineer and mathematician Gabriel Lamé. Using the recursive definitions and Binet’s formulas, we can develop an array of properties of both numbers. E X E R C I S E S 2.6 1. Using the fact that Fn = Fn+1 − Fn−1, derive a for- mula for n i=1 Fi. Let an denote the number of additions needed to compute Fn using recursion. Compute each. 2. a8 3. a9 4. a10 5. a13 6. Using Exercises 2–5, conjecture a formula for an. 7. Prove the formula in Exercise 6. 8. Define an recursively. 9. Prove that n i=1 ai = an+2 − n. 10. An n-bit word containing no two consecutive ones can be constructed recursively as follows: Append a 0 to such (n − 1)-bit words or append a 01 to such (n − 2)-bit words. Using this procedure, construct all 5-bit words containing no two consecutive ones. There are 13 such words. 11. Compute Fn+1/Fn correct to eight decimal places for 1 ≤ n ≤ 10. Compare each value to the value of (1 + √ 5)/2 places to eight decimal places.
- 176. 138 CHAPTER 2 Divisibility ? 12. Using Exercise 11, predict lim n→∞ Fn+1 Fn . Conjecture a formula for each. 13. n i=1 F2i−1 14. n i=1 F2i 15. n i=1 Li 16. n i=1 L2i−1 17. n i=1 L2i 18. n i=1 F2 i 19. n i=1 L2 i Prove each. 20. Fn = 2Fn−2 + Fn−3, n ≥ 4 21. Fn−1Fn+1 − F2 n = (−1)n, n ≥ 2 22. F5n is divisible by 5, n ≥ 1 23. n i=1 F2i−1 = F2n (E. Lucas) 24. n i=1 F2i = F2n+1 − 1 (E. Lucas) 25. n i=1 Li = Ln+2 − 3 26. n i=1 L2i−1 = L2n − 2 27. n i=1 L2i = L2n+1 − 1 28. n i=1 F2 i = FnFn+1 (E. Lucas) 29. n i=1 L2 i = LnLn+1 − 2 30. Let A = 1 1 1 0 . Then An = Fn+1 Fn Fn Fn−1 , n ≥ 1. Assume F0 = 0. 31. Using Exercise 30, deduce that Fn−1Fn+1 − F2 n = (−1)n. (Hint: Let A be a square matrix. Then |An| = |A|n, where |A| denotes the determinant of A.) The nth term bn of a number sequence is defined by bn = (αn − βn)/(α − β), where α = (1 + √ 5)/2 and β = (1 − √ 5)/2 are solutions of the equation x2 = x + 1. Verify each. 32. b1 = 1 33. b2 = 1 34. bn = bn−1 + bn−2, n ≥ 3 With α and β as above, let un = αn + βn, n ≥ 1. Verify each. 35. u1 = 1 36. u2 = 3 37. un = un−1 + un−2, n ≥ 3 (These exercises indicate that un = Ln, the nth Lucas number.) Using Binet’s formulas, prove each. 38. F2n = FnLn 39. Fn−1 + Fn+1 = Ln 40. Fn+2 − Fn−2 = Ln 41. Ln−1 + Ln+1 = 5Fn 42. F2 n+1 + F2 n = F2n+1 (E. Lucas) 43. F2 n+1 − F2 n−1 = F2n (E. Lucas) 44. Let an denote the number of rectangles that can be formed on a 1×n rectangular board. Find the recur- rence relation satisfied by an. (Hint: Look for a pattern. Every square is also a rec- tangle.) A subset of the set S = {1,2,...,n} is said to be alter- nating if its elements, when arranged in increasing order, follow the pattern odd, even, odd, even, etc. For example, {1,2,5} and {3,4} are alternating subsets of {1,2,3,4,5}, whereas {1,3,4} and {2,3,4,5} are not; ∅ is considered alternating. Let an denote the number of alternating sub- sets of S. [Olry Terquem (1782–1862)] 45. Define an recursively. 46. Prove that an = Fn+2.
- 177. 2.7 Fermat Numbers 139 Pierre de Fermat (1601–1665), born near Toulouse, was the son of a leather mer- chant. A lawyer by profession, he devoted his leisure time to the pursuit of mathe- matics as a hobby. Although he published almost none of his brilliant discoveries, he did correspond with contemporary mathematicians. Fermat has contributed to several branches of mathematics, but he is best known for his work in number theory. Many of his results appear in margins of his copy of the works of the Greek mathematician Diophantus (ca. 250 A.D.). He wrote about his own famous conjecture: “I have discovered a truly wonderful proof, but the margin is too small to contain it.” 2.7 Fermat Numbers Numbers of the form fn = 22n + 1 were studied by the outstanding French math- ematician Pierre de Fermat and are called Fermat numbers. The first five Fermat numbers are f0 = 3, f1 = 5, f2 = 17, f3 = 257, and f4 = 65537. The following theorem presents an interesting recurrence relation satisfied by fn. THEOREM 2.16 Let fn denote the nth Fermat number. Then fn = f2 n−1 − 2fn−1 + 2, where n ≥ 1. PROOF We shall substitute for fn−1 in the expression f2 n−1 − 2fn−1 + 2, simplify it, and show that it equals fn: f2 n−1 − 2fn−1 + 2 = 22n−1 + 1 2 − 2 22n−1 + 1 + 2 = 22n + 2 · 22n−1 + 1 − 2 · 22n−1 − 2 + 2 = 22n + 1 = fn This completes the proof. This theorem leads to a recursive definition of fn.
- 178. 140 CHAPTER 2 Divisibility A Recursive Definition of fn f0 = 3 fn = f2 n−1 − 2fn−1 + 2, n ≥ 1 For example, f1 = f2 0 − 2f0 + 2 = 9 − 2 · 3 + 2 = 5 and f2 = f2 1 − 2f1 + 2 = 25 − 2 · 5 + 2 = 17 We can make an interesting observation about Fermat numbers. Notice that the numbers f2 = 17, f3 = 257, f4 = 65537, f5 = 4294967297, and f6 = 18446644033331951617 all end in the same decimal digit, 7. Amazing! So what can you conjecture about Fermat numbers? Can you prove it? (See Exercises 2 and 3.) Here is another interesting observation: The first five Fermat numbers 3, 5, 17, 257, and 65537 are primes. So Fermat conjectured that every Fermat number is a prime. In 1732, however, Euler established the falsity of his conjecture by produc- ing a counterexample. He showed that f5 is divisible by 641: f5 = 4294967297 = 641 · 6700417. An alternate proof was given in 1926 by the Belgian mathematician M. Kraitchik (1882–1957) in his Théorie des nombres. The following example furnishes a clever, elementary proof by G. T. Bennett of this result. The beauty of its proof lies in the fact that it does not involve any division. EXAMPLE 2.29 Show that 641|f5. SOLUTION First notice that 641 = 5 · 27 + 1 (2.2) So 225 + 1 = 232 + 1 = 24 · 228 + 1 = 16 · 228 + 1 = (641 − 625)228 + 1 = (641 − 54 )228 + 1 = 641 · 228 − (5 · 27 )4 + 1 = 641 · 228 − (641 − 1)4 + 1, by equation (2.2) = 641 · 228 − (6414 − 4 · 6413 + 6 · 6412 − 4 · 641 + 1) + 1 = 641(228 − 6413 + 4 · 6412 − 6 · 641 + 4) Thus, 641|f5.
- 179. 2.7 Fermat Numbers 141 An Alternate Proof In 1995, Stanley Peterburgsky, while studying at the New England Academy of Torah, Rhode Island, proved that f5 is composite by showing that f5 641 can be expressed as the sum of two squares. To see this, recall from Chapter 1 that (a2 + b2)(c2 + d2) = (ac + bd)2 + (ad − bc)2 for any integers a, b, c, and d. Then a2 + b2 c2 + d2 = (ac + bd)2 + (ad − bc)2 (c2 + d2)2 Now let a = 216, b = 1, c = 4, and d = 25. Then f5 641 = 232 + 1 641 = (216 · 4 + 25)2 + (25 · 216 − 4)2 6412 = 4092 + 25562 ? Unfortunately, nothing is known about the infinitude of Fermat primes. It still remains an unsolved problem. In fact, no Fermat primes beyond f4 have been found; the largest known Fermat prime continues to be f4. The largest known Fermat com- posite number is f2478782, discovered in 2003. ? Is every Fermat number square-free, that is, free of square factors? It has been conjectured by both Lehmer and A. Schinzel that there are infinitely many square- free Fermat numbers. The following result, derived by Lucas, is an extremely useful tool in the prime factorization of fn. In 1747, Euler proved that every prime factor of fn must be of the form A · 2n+1 + 1. In 1879, Lucas refined Euler’s work by showing that A must be an even integer 2k. This leads us to the following theorem. THEOREM 2.17 Every prime factor of fn is of the form k · 2n+2 + 1, where n ≥ 2. It follows by this theorem that if fn has no prime factors of the form k · 2n+2 + 1, then fn must be a prime. The following example takes advantage of this fact. EXAMPLE 2.30 Show that f4 = 65537 is prime. PROOF It suffices to show that f4 has no proper prime factors. By Theorem 2.17, every prime factor of f4 is of the form 26k + 1 = 64k + 1. By Theorem 2.9, if f4 is composite, it
- 180. 142 CHAPTER 2 Divisibility must have a prime factor ≤ √ 65537, that is, ≤ 256. The only prime of the form 64k + 1 and ≤ 256 is 193, but 193 65537; so f4 is a prime. For the curious minded, we add a bonus: In 1963, S. W. Golomb of the California Institute of Technology established that the sum of the reciprocals of Fermat numbers is an irrational number. Finally, there is a remarkable link between Fermat primes and the ruler-and- compass construction of regular polygons, where a ruler is used as a straight edge just to draw lines, and a compass just to draw arcs. In 1796, Gauss proved the following celebrated theorem. THEOREM 2.18 A regular polygon of n sides is constructible with a ruler and compass if and only if n is of the form f1 f2 ···fk or 2kf1 f2 ···fk, where k ≥ 0 and f1,f2,...,fk are distinct Fermat primes. The early Greeks knew the construction of regular polygons of sides 2k, 3 · 2k, 5 · 2k, and 15 · 2k. (Notice that 3 and 5 are Fermat primes.) They also knew the construction of polygons of 3, 4, 5, 6, 8, 10, 12, 15, and 16 sides, but not the con- struction of the 17-sided regular polygon. When Gauss, at the age of 19, proved that the 17-sided regular polygon is constructible, he became so elated with his discov- ery that he decided to devote the rest of his life to mathematics. He also requested that a 17-sided regular polygon be engraved on his tombstone. Although his wish was never fulfilled, such a polygon can be found on a monument to Gauss at his birthplace in Brunswick, Germany. (A thorough discussion of such geometric constructions requires advanced tech- niques from abstract algebra, namely, Galois theory.) E X E R C I S E S 2.7 1. Using recursion, compute the Fermat numbers f3 and f4. 2. Make a conjecture about the ones digit in the decimal value of fn. 3. Establish your conjecture in Exercise 2. (Hint: Use induction.) Prove each. 4. If 2m + 1 is a prime, then m must be a power of 2. 5. If 2m − 1 is a prime, then m must be a prime. 6. Prove or disprove: If m is a prime, then 2m − 1 is a prime. 7. Prove that 3 is the only Fermat number that is also a triangular number. (S. Asadulla, 1987) (Hint: Use Exercises 2 and 3.) 8. Redo Exercise 7 using the fact that the product of two integers is a power of 2 if and only if both integers are powers of 2.
- 181. Chapter Summary 143 9. Does f5 have a prime factor of the form k · 2n+2 + 1? If yes, find such a factor. Determine if a regular polygon of n sides is constructible with a straightedge and compass for each value of n. 10. 257 11. 36 12. 60 13. 17,476 X CHAPTER SUMMARY This chapter presented the division algorithm, one of the fundamental results in num- ber theory. In addition, it established several divisibility properties, the pigeonhole principle, the inclusion–exclusion principle, the uniqueness of the base-b representa- tion of a positive integer, several number patterns, and prime and composite numbers, Fibonacci and Lucas numbers, and Fermat numbers. The Division Algorithm • Given any integer a and any positive integer b, there exist a unique quotient q and a unique reminder r such that a = bq + r, where 0 ≤ r b. (p. 69) q = a/b = a div b (p. 71) r = a − bq = a mod b (p. 71) The Pigeonhole Principle • If m pigeons are assigned to n pigeonholes, where m n, then at least two pigeons must occupy the same pigeonhole. (p. 74) Divisibility Properties • If a|b and b|c, then a|c. (p. 75) • If a|b, then a|mb. (p. 75) • If a|b and a|c, then a|(αb + βc). (p. 75) • There are a/b positive integers ≤ a and divisible by b. (p. 75) The Inclusion–Exclusion Principle • Let A1,A2,...,An be n finite sets. Then n i=1 Ai = 1≤i≤n |Ai| − 1≤ij≤n |Ai ∩ Aj| + 1≤ijk≤n |Ai ∩ Aj ∩ Ak| − ··· + (−1)n+1 | n i=1 Ai| (p. 76)
- 182. 144 CHAPTER 2 Divisibility Odd and Even Integers • Every even integer is of the form 2m and every odd integer is of the form 2n + 1. (p. 78) Base-b Representation • Every integer has a unique base-b representation. (p. 80) Prime and Composite Numbers • A prime number is a positive integer with exactly two positive factors. A pos- itive integer ≥ 2 that is not a prime is a composite. (p. 104) • Every positive integer ≥ 2 has a prime factor. (p. 104) • There are infinitely many primes. (p. 104) • Every composite number n has a prime factor ≤ √ n. (p. 105) • π(x) is the number of primes ≤ the real number x. (p. 110) • Let p1,p2,...,pt be the primes ≤ n. Then π(n) = n − 1 + π( √ n) − i n pi + ij n pipj − ijk n pipjpk + ··· + (−1)t n p1p2 ···pt (p. 110) Prime Number Theorem • lim x→∞ π(x) x/lnx = 1 (p. 111) • For any positive integer n, there are n consecutive integers that are composites. (p. 114) Cunningham Chains • A Cunningham chain is a chain of primes 2p + 1. (p. 115) Palindromic Primes • A prime that is palindromic is a palindromic prime. (p. 116) Repunit Primes • A repunit that is prime is a repunit prime. (p. 117) Twin Primes • Two primes that differ by 2 are twin primes. (p. 118) Sophie Germain Primes • Primes of the form 2p + 1. (p. 121) • A chain of such primes is a Cunningham chain. (p. 121)
- 183. Chapter Summary 145 Goldbach’s Conjecture • Every even integer 2 can be expressed as the sum of two primes. (p. 121) Bertrand’s Conjecture • There is a prime between n and 2n, where n ≥ 2. (p. 123) Fibonacci Numbers Fn F1 = 1 = F2 Fn = Fn−1 + Fn−2, n ≥ 3 (p. 129) Fn = (n−1)/2 i=0 n − i − 1 i , n ≥ 1 (p. 130) Lucas Numbers Ln L1 = 1, L2 = 3 Ln = Ln−1 + Ln−2, n ≥ 3 (p. 136) Binet’s Formulas Fn = αn − βn α − β and Ln = αn + βn where α = (1 + √ 5)/2 and β = (1 − √ 5)/2. (p. 136) Fermat Numbers fn fn = 22n + 1 (p. 139) = f2 n−1 − 2fn−1 + 2, where f0 = 3 (p. 139) • f5 is a composite number. (p. 141) • Every prime factor of fn is of the form k · 2n+2 + 1, where n ≥ 2. (p. 141) • A regular polygon of n sides is constructible with a ruler and compass if and only if n is of the form f1f2 ···fk or 2kf1f2 ···fk, where k ≥ 0 and f1,f2,..., and fk are distinct Fermat primes. (p. 142)
- 184. 146 CHAPTER 2 Divisibility X REVIEW EXERCISES Find the number of positive integers ≤ 2776 and 1. Divisible by 2 or 5. 2. Not divisible by 2 or 3. 3. Divisible by 2, 3, or 5. 4. Not divisible by 2, 5, or 7. Express each number in base ten. 5. 2000eight 6. 2345sixteen 7. BADsixteen 8. BAD.CAsixteen Rewrite each number in the indicated base b. 9. 245, b = 2 10. 348, b = 8 11. 1221, b = 8 12. 1976, b = 16 In Exercises 13–16, perform the indicated operation. 13. 11010two + 111two 14. 5768sixteen + 78CBsixteen 15. 5AB8sixteen × BADsixteen 16. 110110two − 11011two Rewrite each binary integer in base eight. 17. 10110101 18. 1101101101 19. 100110011 20. 10011011001 21–24. Rewrite each integer in Exercises 17–20 in base sixteen. Find the value of x resulting from the execution of each algorithm fragment. 25. x ← 0 for i = 1 to n do for j = 1 to n do x ← x + 1 26. x ← 0 for i = 1 to n do for j = 1 to i do for k = 1 to j do x ← x + 1 27. Find a formula for the number an of times the statement x ← x + 1 is executed by the following loops. for i = 1 to n do for j = 1 to i/2 do x ← x + 1 Using induction, prove each for every positive integer n.
- 185. Review Exercises 147 28. n2 − n is divisible by 2. 29. n3 − n is divisible by 3. 30. n i=1 (2i − 1)2 = n(4n2 − 1) 3 31. n i=1 1 (2i − 1)(2i + 1) = n 2n + 1 32. The product of any two consecutive positive integers is even. 33. Suppose you have an unlimited supply of identical black and white socks. Using induction and the pigeonhole principle, show that you must select at least 2n + 1 socks in order to ensure n matching pairs. (C. T. Long) Add two more lines to each number pattern. (F. B. Selkin) 34. 9 · 9 = 81 99 · 99 = 9801 999 · 999 = 998001 9999 · 9999 = 99980001 99999 · 99999 = 9999800001 35. 7 · 9 = 63 77 · 99 = 7623 777 · 999 = 776223 7777 · 9999 = 77762223 77777 · 99999 = 7777622223 Determine if each is prime or composite. 36. 237 37. 327 38. 1229 39. 1997 Using Theorem 2.10, find the number of primes ≤ n for each value of n. 40. 129 41. 135 42. 140 43. 149 Find n consecutive integers that are composite numbers for each value of n. 44. 4 45. 6 46. 11 47. 13 48. Find all twin primes whose arithmetic mean is a square. 49. The introduction to L. Poletti’s Tavole diNumeri Primi (Milan, 1920) contains the following statements by H. J. Scherk, where pn denotes the nth prime, p0 = 1, and n ≥ 1: • p2n may be expressed as the algebraic sum of all its preceding primes and p0 each taken exactly once. • p2n−1 may be expressed in the same way, except that the last addend is to be taken twice, where n ≥ 2. Verify Scherk’s statement for 1 ≤ n ≤ 8. 50. Euler’s formula E(n) = n2 − n + 41 yields a prime for 0 ≤ n ≤ 40. Find 41 consecutive values of n for which E(n) is composite. (S. Kravitz, 1963)
- 186. 148 CHAPTER 2 Divisibility 51. In 1953, J. E. Foster of Evanston, Illinois, conjectured that 2p + 1 = 3q, where p and q are odd primes. Show that his conjecture is false. Prove each, where n is an arbitrary positive integer. 52. n3 + n is divisible by 2. 53. n4 − n2 is divisible by 3. 54. Hm|R6m, where Hm = 102m − 10m + 1. (Chico Problem Group, 1990) 55. The square of every odd integer is of the form 8m + 1. 56. Thomas Greenwood claimed that if n is a prime, then one more than an even triangular number tn or two less than an odd triangular number is a prime. 57. b3n ± 1 is composite, where b ≥ 2 and n ≥ 1. 58. 1 + 5n + 52n + 53n + 54n is composite. (LSU Problem-Solving Group, 2002) 59. 346|(365n + 1848n − 2021n − 3482n) (R. S. Luthar, 1970) 60. Find all triplets (a,b,c) of consecutive integers a,b,c such that abc|(a3 + b3 + c3). (M. J. Zerger, 2003) 61. Prove or disprove: If n is a prime, then Fn is a prime. Determine if a regular polygon of n sides can be constructed with a straightedge and compass for each value of n. 62. 16 63. 408 64. 1275 65. 3855 Let α and β be the solutions of the equation x2 = x + 1. Prove each. 66. xn = Fnx + Fn−1, n ≥ 2 67. Fn = αn − βn α − β , n ≥ 1 68. F1F2 + F2F3 + ··· + F2n−1F2n = F2 2n 69. Fn is even if and only if 3|n. X SUPPLEMENTARY EXERCISES 1. In 1981, O. Higgins discovered that the formula h(x) = 9x2 − 471x + 6203 generates a prime for 40 consecutive values of x. Give a counterexample to show that not every value of h(x) is a prime. 2. The formula g(x) = x2 − 2999x + 2248541 yields a prime for 80 consecutive values of x. Give a counterexample to disprove that every value of g(x) is a prime. Let n be a four-digit decimal integer, with not all digits the same. Let n and n be the integers obtained by arranging the digits of n in nondecreasing and nonincreasing
- 187. Supplementary Exercises 149 orders, respectively. Define K(n) = n −n. For example, K(1995) = 9951−1599 = 8352. 3. Find K(K(1995)). 4. Show that K(6174) = 6174. (The integer 6174 is the only four-digit integer that has this property. It is called Kaprekar’s constant.) 5. Charles W. Trigg of California, who has written extensively on recreational mathematics, showed in 1968 (the year the Journal of Recreational Mathemat- ics was first published) that K6(1968) = 6174, where Kn(m) = K(Kn−1(m)) and K1 = K. Verify this. An absolute prime is a prime such that every permutation of its digits yields a prime. For example, 2, 3, and 5 are absolute primes. Every repunit prime is an absolute prime. 6. There are eight two-digit absolute primes with distinct digits. Find them. 7. There are nine three-digit absolute primes with two distinct digits. Find them. 8. Show that an absolute prime with two or more digits may contain only the digits 1, 3, 7, and 9. A cyclic prime is a prime such that every cyclic permutation of its digits yields a prime. For example, 79 and 97 are cyclic primes. Every absolute prime is also a cyclic prime. 9. Find the cyclic primes that can be obtained from the cyclic prime 3779. 10. There are three three-digit cyclic primes that are not absolute primes; each consists of distinct digits. Find them. 11. Show that a cyclic prime with two or more digits may contain only the digits 1, 3, 7, and 9. 12. A reversible prime is a prime that yields a prime when read from right to left. For instance, 113 is a reversible prime. Determine if 199 and 733 are reversible primes. 13. Find all reversible primes 100. Give a reversible prime that is not: 14. An absolute prime. 15. A palindromic prime. A sieving algorithm similar to Eratosthenes’ can be employed to generate lucky numbers. From the list of positive integers, first strike out every other integer, leav- ing all odd positive integers. The smallest odd integer left after 1 is 3, so counting with 1 strike out every third integer in the new list. The next integer left is 7, so again starting at 1 cross out every seventh integer in the resulting list. Continuing like this,
- 188. 150 CHAPTER 2 Divisibility in step i strike out every ith integer left from step (i − 1), where i 1. The numbers that remain are lucky numbers. 16. Find all lucky numbers 50. (There are 13 such lucky numbers.) 17. Show that there are infinitely many lucky numbers. Let a,b ∈ W, a = (anan−1 ...a0)two, and b = (bnbn−1 ...b0)two. If ai ≥ bi for every i, we say a implies b and write a ⇒ b; otherwise a ⇒ b. 18. Determine if 43 ⇒ 25 and 47 ⇒ 29. 19. The binomial coefficient C(n,r) is odd if and only if n ⇒ r. Using this fact, determine the parity (oddness or evenness) of C(25,18) and C(29,19). 20. Justify the Russian peasant algorithm. Let b and n be integers ≥ 2. Numbers of the form Sn = bn − 1 b − 1 are called Sylvester numbers, after the English mathematician James Joseph Sylvester (1814–1897), who investigated them in 1888. 21. Define Sn recursively. 22. If n is a composite number, prove that Sn is composite. 23. If n 2 and b is a square, prove that Sn is composite. Prove each, where n is an arbitrary positive integer. 24. 12|n(3n4 + 7n2 + 2) 25. 24|n(3n4 + 13n2 + 8) 26. Guess the number of odd binomial coefficients in row n of Pascal’s triangle. (Hint: Compare the number of odd binomial coefficients in row n and the binary expansion of n.) 27. Find two distinct positive integers A and B such that A + n is a factor of B + n for every integer n, where 0 ≤ n ≤ 10. (A. Friedland, 1970) 28. Characterize all positive integers n such that k + 1| n k , where 0 ≤ k n. (E. T. H. Wang, 1994) A set of integers A is fat if each of its elements is ≥ the number of elements in A. For example, {5,7,91} is a fat set, but {3,7,36,41} is not. ∅ is considered a fat set. Let gn denote the number of fat subsets of the set {1,2,...,n}. (G. F. Andrews) 29. Define gn recursively. 30. Find an explicit formula for gn. Let f(n,k) denote the number of k-element subsets of the set S = {1,2,...,n} that do not contain consecutive integers. Let gn denote the total number of subsets of S that do not contain consecutive integers. (I. Kaplansky) 31. Define f(n,k) recursively.
- 189. Computer Exercises 151 32. Find an explicit formula for gn. Suppose we introduce a mixed pair of 1-month-old rabbits into a large enclosure on the first day of a certain month. By the end of each month, the rabbits become mature and each pair produces k − 1 mixed pairs of offspring at the beginning of the following month. (Note: k ≥ 2.) For instance, at the beginning of the second month, there is one pair of 2-month-old rabbits and k − 1 pairs of 0-month-olds; at the beginning of the third month, there is one pair of 3-month-olds, k − 1 pairs of 1-month-olds, and k(k − 1) pairs of 0-month-olds. Assume the rabbits are immortal. Let an denote the average age of the rabbit-pairs at the beginning of the nth month. (P. Filipponi, 1990) 33. Define an recursively. 34. Predict an explicit formula for an. 35. Prove the formula in Exercise 34. 36. Find lim n→∞ an. 37. Find the sum of the numbers in the nth row of the following triangular array of Fibonacci numbers. 1 1 2 3 5 8 13 21 34 55 89 144 233 377 610 . . . X COMPUTER EXERCISES Write a program to do each task. 1. Read in an integer b ≥ 2 and select b + 1 integers at random. Find two integers in the list such that their difference is divisible by b. 2. Read in an integer n ≥ 2 and select n positive integers at random. Find a se- quence of integers from the list whose sum is divisible by n. 3. Assign the numbers 0–51 in order to the 52 playing cards in a standard deck. Read in a number x, where 0 ≤ x ≤ 51. Identify the card numbered x. Use the suit labels 0 = clubs, 1 = diamonds, 2 = hearts, and 3 = spades, and the card labels 0 = ace, l = deuce, 2 = three, ..., in each suit.
- 190. 152 CHAPTER 2 Divisibility 4. Assign the numbers 0–63, row by row, to the various squares on an 8 × 8 chess- board. Read in two numbers x and y, where 0 ≤ x,y ≤ 63. Determine if the queen at square x can capture the queen at square y. 5. Read in a sequence of pairs of integers n and b. For each integer n, determine its base-b representation and use this representation to compute the correspond- ing decimal value. Print each integer n, base-b, base-b representation, and its decimal value in a tabular form. 6. Print the first eight rows of the number patterns in Examples 2.18, 2.19, and 2.21. 7. Read in a positive integer n and determine if it is a prime. 8. Construct a table of values of the function E(n) = n2 −n+41, where 0 ≤ n ≤ 41, and identify each value as prime or composite. 9. Redo program 8 with L(n) = n2 + n + 41, where 0 ≤ n ≤ 41, and identify each value as prime or composite. 10. Redo program 8 with H(n) = 9n2 −471n+6203, where 0 ≤ n ≤ 39, and identify each value as prime or composite. 11. Redo program 8 with G(n) = n2 − 2999n + 2248541, where 1460 ≤ n ≤ 1539, and identify each value as prime or composite. 12. Read in a positive integer n, and list all primes ≤ n and of the form k2 + 1. 13. Read in a positive integer n and find a prime between: a) n and 2n b) n2 and n2 + 1. 14. Verify Goldbach’s conjecture for all even integers ≤ 100. 15. List all twin primes ≤ 100. 16. Find all palindromic primes 100. 17. Find all cyclic primes 100. 18. Find all reversible primes 100. 19. There are nine positive integers ≤ 100 for which n! + 1 is a prime. Find them. 20. Make a list of 12 pairs of odd primes p and q such that 2p + 1 = 3q. 21. Find a counterexample to show that the statement 2p + 1 = 3q is false, where p and q are odd primes. 22. (Bocard’s problem) Only three positive integers n are known for which n! + 1 is a square and they are 100. Find them. 23. There are exactly two primes p for which the Fermat quotient (2p−1 − 1)/p is a square and they are 100. Find them. 24. Verify that R19 and R23 are primes. 25. Find all three-digit cyclic primes, each with distinct digits. 26. List all five-digit cyclic primes that can be generated from cyclic primes 11,939 and 19,937. 27. Compute the value of p (1 − 1/p2), where p is a prime 1000.
- 191. Enrichment Readings 153 28. Compute the sum of the reciprocals of twin primes correct to four decimal places. 29. Read in a positive integer n, and compute the first n Fibonacci numbers using recursion and iteration. 30. Verify that Fermat numbers f0 through f4 are primes. 31. Compute f5 and verify that 641|f5. 32. Verify that both 7 and 1913 are factors of f6. 33. Read in a positive integer n, and compute the first n Lucas numbers Ln. 34. Compute the values of Fn+1/Fn and Ln+1/Ln correct to 10 decimal places for 1 ≤ n ≤ 100. X ENRICHMENT READINGS 1. P. T. Bateman et al., “A Hundred Years of Prime Numbers,” The American Math- ematical Monthly, 103 (Nov. 1996), 729–741. 2. A. H. Beiler, Recreations in the Theory of Numbers, Dover, New York, 1966, 39–66, 83–87. 3. L. E. Card, “Patterns in Primes,” J. Recreational Mathematics, 1 (April 1968), 93–99. 4. L. E. Card, “More Patterns in Primes,” J. Recreational Mathematics, 2 (April 1969), 112–116. 5. D. Deutsch and B. Goldman, “Kaprekar’s Constant,” Mathematics Teacher, 98 (Nov. 2004), 234–242. 6. P. Hoffman, The Man Who Loved Only Numbers, Hyperion, New York, 1998. 7. T. Koshy, Fibonacci and Lucas Numbers with Applications, John Wiley Sons, New York, 2001. 8. M. Křížek et al., “17 Lectures on Fermat Numbers,” Springer-Verlag, New York, 2001. 9. C. Oliver, “The Twelve Days of Christmas,” Mathematics Teacher, 70 (Dec. 1977), 752–754. 10. R. Ondrejka, “Ten Extraordinary Primes,” J. Recreational Mathematics, 18 (1985–86), 87–92. 11. C. Pomerance, “The Search for Prime Numbers,” Scientific American, 247 (Dec. 1982), 136–147. 12. J. Varnadore, “Pascal’s Triangle and Fibonacci Numbers,” Mathematics Teacher, 84 (April 1991), 314–316, 319.
- 193. 3 Greatest Common Divisors What science can there be more noble, more excellent, more useful for men, more admirably high and demonstrative than this of the Mathematics. — BENJAMIN FRANKLIN his chapter continues to deal with the divisibility theory. We begin by explor- Ting the common factors of two or more positive integers. We establish the fundamental theorem of arithmetic, the cornerstone of number theory, and then turn to the common multiples of two or more positive integers. Finally, we in- vestigate the important class of linear diophantine equations. 3.1 Greatest Common Divisor A positive integer can be a factor of two positive integers, a and b. Such factors are common divisors, or common factors, of a and b. For example, 12 and 18 have four common divisors, namely, 1, 2, 3, and 6; whereas 12 and 25 have exactly one common factor, namely, 1. Often we are not interested in all common divisors of a and b, but in the largest common divisor, so we make the following definition. Greatest Common Divisor The greatest common divisor (gcd) of two integers a and b, not both zero, is the largest positive integer that divides both a and b; it is denoted by (a,b). For example, (12,18) = 6, (12,25) = 1, (11,19) = 1, (−15,25) = 5, and (3,0) = 3. 155
- 194. 156 CHAPTER 3 Greatest Common Divisors Because (a,−b) = (−a,b) = (−a,−b) = (a,b), we confine our discussion of gcds to positive integers. How do we know that the gcd of a and b always exists? Since 1|a and 1|b, 1 is a common divisor of a and b, so they have a least common divisor, namely, 1. If d is a common divisor, then d ≤ a and d ≤ b, so d ≤ min{a,b}. Thus, the set of common factors is finite, so (a,b) exists. A second important question is uniqueness: Is the gcd of a and b unique? It is, so we can talk about the gcd of a and b (see Exercise 46). The preceding verbal definition of gcd, although simple and clear, is not a prac- tical one, so we rewrite it symbolically. A Symbolic Definition of gcd A positive integer d is the gcd of two positive integers a and b if • d|a and d|b; and • if d|a and d|b, then d ≤ d, where d is also a positive integer. Thus, d = (a,b) if two conditions are satisfied: • d must be a common factor of a and b. • d must be the largest common factor of a and b; in other words, any other common factor d must be ≤ d. In the next section, we develop an efficient method for finding the gcd of two positive integers. There are positive integers whose gcd is 1. For example, (6,35) = 1. Accord- ingly, we make the following definition. Relatively Prime Integers Two positive integers a and b are relatively prime if their gcd is 1; that is, if (a,b) = 1. Thus, 6 and 35 are relatively prime; so are 11 and 24. This possible relationship between integers will be useful in our later discus- sions. Cassini’s formula now yields the following fascinating byproduct. THEOREM 3.1 Any two consecutive Fibonacci numbers are relatively prime. PROOF (by contradiction) Let p be a prime factor of both Fn and Fn+1. Then, by Theorems 2.4 and 2.15, p|±1, which is a contradiction. Thus, (Fn+1,Fn) = 1.
- 195. 3.1 Greatest Common Divisor 157 Interestingly, we can use Fermat numbers to reconfirm the infinitude of primes. To this end, we need the following two results. LEMMA 3.1 Let fi denote the ith Fermat number. Then f0 f1 ···fn−1 = fn − 2, where n ≥ 1. PROOF (by weak induction) When n = 1, LHS = f0 = 3 = 5 − 2 = f1 − 2 = RHS. Thus, the result holds when n = 1. Now assume the given result is true when n = k: f0 f1 ···fk−1 = fk − 2 Then f0 f1 ···fk−1fk = (f0 f1 ···fk−1)fk = (fk − 2)fk, by the inductive hypothesis = 22k − 1 22k + 1 = 22k+1 − 1 = 22k+1 + 1 − 2 = fk+1 − 2 So, if the result is true when n = k, it is also true when n = k +1. Thus, by induction, the result holds for every integer n ≥ 1. The formula in this lemma, known as Duncan’s identity, was discovered in 1964 by D. C. Duncan. Using this result, we now show that any two distinct Fermat numbers are rel- atively prime; it was established in 1925 by G. Polya of Stanford University. (See Exercises 69 and 70 for an alternate proof of the lemma.) THEOREM 3.2 (Polya, 1925) Let m and n be distinct nonnegative integers. Then fm and fn are relatively prime. PROOF Assume, for convenience, that m n. Let d = (fm,fn). Then d|fm and d|fn. But fn − 2 = f0 f1 ···fm ···fn−1, by Lemma 3.1. Since d|fm, d|f0 f1 ···fm ···fn. So d|(fn − 2), but d|fn; therefore, d|2, by Theorem 2.4. Consequently, d must be 1 or 2. But Fermat numbers are all odd, so d = 2. Therefore, d = 1; that is, (fm,fn) = 1. Polya’s result can be generalized: Let gn = (2k)2n + 1, where k 0. Then (gm,gn) = 1, where m = n; see Exercise 66.
- 196. 158 CHAPTER 3 Greatest Common Divisors Using these two results, we can now prove again that there are infinitely many primes. THEOREM 3.3 There is an infinitude of primes. PROOF By Lemma 2.1, every Fermat number has a prime factor. Therefore, by Polya’s theo- rem, no two distinct Fermat numbers have common prime factors, meaning each has a distinct prime factor. So, since there are infinitely many Fermat numbers, there are also infinitely many primes. This result can be established more formally using induction. See Exercise 71. Next, we present an amazing confluence of number theory, probability, and analysis. Relatively Prime Numbers and Pi (optional) In Section 2.5, we found a close link between prime numbers and π, given by the formula p∈P (1 − 1/p2) = π2/6. Using advanced techniques, it can be shown that the infinite product represents the reciprocal of the probability that two positive integers selected at random are relatively prime.† Thus, the probability that two positive inte- gers selected at random are relatively prime is given by p∈P 1/(1 − 1/p2) = 6/π2. We now turn our attention to some interesting and useful properties of gcds. THEOREM 3.4 Let (a,b) = d. Then 1. (a/d,b/d) = 1 2. (a,a − b) = d. PROOF 1. Let d = (a/d,b/d). To show that d = 1: Since d is a common factor of a/d and b/d, a/d = d and b/d = md for some integers and m. Then a = dd and b = mdd, so dd is a common factor of both a and b. Then, by definition, dd ≤ d, so d ≤ 1. Thus, d is a positive integer such that d ≤ 1, so d = 1. Thus, if (a,b) = d, then a/d and b/d are relatively prime. 2. Let d = (a,a−b). To show that d = d, we shall show that d ≤ d and d ≤ d. To show that d ≤ d: Since d is a common divisor of a and b, a = md and b = nd for some integers m and n. Then a − b = (m − n)d. Thus d|a and d|(a − b);so d is a common † See Ogilvy and Anderson.
- 197. 3.1 Greatest Common Divisor 159 divisor of a and a − b. Then, by definition, d must be less than or equal to (a,a − b); that is, d ≤ d. To show that d ≤ d: Since d is a common factor of a and a − b, a = αd and a − b = βd for some integers α and β. Then a − (a − b) = αd − βd; that is, b = (α − β)d. Thus, d is a common divisor of a and b, so d ≤ d. Thus, d ≤ d and d ≤ d, so d = d. It follows by part (2) of this theorem that (a,a + b) = (a,b). (See Exercise 50.) Next, we prove that the gcd(a,b) can be expressed as a sum of multiples of a and b, but first we must make a definition. Linear Combination A linear combination of the integers a and b is a sum of multiples of a and b, that is, a sum of the form αa + βb, where α and β are integers. For example, 2·3+5·7 is a linear combination of 3 and 7; so is (−4)·3+0·7. We now state and prove the result mentioned in the preceding paragraph. Its proof is an elegant application of the well-ordering principle. THEOREM 3.5 (Euler) The gcd of the positive integers a and b is a linear combination of a and b. PROOF Let S be the set of positive linear combinations of a and b; that is, S = {ma+nb|ma+ nb 0,m,n ∈ Z}. To show that S has a least element: Since a 0,a = 1 · a + 0 · b ∈ S, so S is nonempty. So, by the well-ordering principle, S has a least positive element d. To show that d = (a,b): Since d belongs to S, d = αa + βb for some integers α and β. 1. First we will show that d|a and d|b: By the division algorithm, there exist integers q and r such that a = dq + r, where 0 ≤ r d. Substituting for d, r = a − dq = a − (αa + βb)q = (1 − αq)a + (−βq)b This shows r is a linear combination of a and b. If r 0, then r ∈ S. Since r d, r is less than the smallest element in S, which is a contradiction. So r = 0; thus, a = dq, so d|a. Similarly, d|b. Thus d is a common divisor of a and b.
- 198. 160 CHAPTER 3 Greatest Common Divisors 2. To show that any positive common divisor d of a and b is ≤ d: Since d|a and d|b, d|(αa + βb), by Theorem 2.4; that is, d|d. So d ≤ d. Thus, by parts (1) and (2), d = (a,b). It follows by this theorem that the gcd (a,b) can always be expressed as a linear combination αa + βb. In fact, it is the smallest positive such linear combination. One way to find such a linear combination is by trial and error, especially when a and b are small, as the following example shows. EXAMPLE 3.1 Express (28,12) as a linear combination of 28 and 12. SOLUTION First, notice that (28,12) = 4. Next, we need to find integers α and β such that α · 28 + β · 12 = 4. By trial and error, α = 1 and β = −2 works: 1 · 28 + (−2) · 12 = 4. Note that the values of α and β in the linear combination need not be unique. For instance, in this example, you may notice that (−5) · 28 + 12 · 12 = 4. A second way to find α and β is by using a table of multiples of a and b and then picking a right combination, as Table 3.1 shows. Table 3.1 The next section presents a systematic method for finding α and β. Theorem 3.5 can be used to refine the definition of gcd and to derive several useful results about gcds. THEOREM 3.6 If d = (a,b) and d is any common divisor of a and b, then d|d.
- 199. 3.1 Greatest Common Divisor 161 PROOF Since d = (a,b), by Theorem 3.5, there exist α and β such that d = αa + βb. Since d|a and d|b, by Theorem 2.4, d|(αa + βb); so d|d. Thus, every common divisor d of a and b is a factor of their gcd d, and d ≤ d. Conversely, suppose that • d|a and d|b; and • if d|a and d|b, then d|d. Then d ≤ d, so d = (a,b). Thus, the symbolic definition of gcd can be modified as follows. An Alternate Definition of gcd A positive integer d is the gcd of a and b if • d|a and d|b; and • if d|a and d|b, then d|d, where d is a positive integer. THEOREM 3.7 Let a, b, and c be any positive integers. Then (ac,bc) = c(a,b). The proof of this is fairly straightforward, so we leave it as an exercise (see Exercise 51). THEOREM 3.8 Two positive integers, a and b, are relatively prime if and only if there are integers α and β such that αa + βb = 1. PROOF If a and b are relatively prime, then (a,b) = 1. Therefore, by Theorem 3.5, there are integers α and β such that αa + βb = 1. Conversely, suppose αa+βb = 1. To demonstrate that (a,b) = 1, let d = (a,b). Then, by Theorem 2.4, d|(αa+βb); that is, d|1, so d = 1. Thus, a and b are relatively prime. We can deduce part (1) of Theorem 3.4 from this theorem, and it is useful to do so as an exercise (see Exercise 54). COROLLARY 3.1 If d = (a,b), then (a/d,b/d) = 1. The next corollary follows by Theorem 3.5 (see Exercise 59). COROLLARY 3.2 If (a,b) = 1 = (a,c), then (a,bc) = 1.
- 200. 162 CHAPTER 3 Greatest Common Divisors Suppose a|c and b|c. Does this mean ab|c? No. For example, 3|12 and 6|12, but 3 · 6 12. The next corollary provides a criterion under which ab|c. COROLLARY 3.3 If a|c and b|c, and (a,b) = 1, then ab|c. PROOF Because a|c, c = ma for some integer m. Similarly, c = nb for some integer n. Be- cause (a, b) = 1, by Theorem 3.8, αa + βb = 1 for some integers α and β. Then αac + βbc = c. Now substitute nb for the first c and ma for the second: αa(nb) + βb(ma) = c That is, ab(nα + mβ) = c, so ab|c. Remember that a|bc does not mean a|b or a|c, although under some conditions it does. The following corollary explains when it is true. COROLLARY 3.4 (Euclid) If a and b are relatively prime, and if a|bc, then a|c. PROOF Since a and b are relatively prime, by Theorem 3.8, there exist integers α and β such that αa + βb = 1. Then αac + βbc = c. Since a|αac and a|βbc, a|αac + βbc by Theorem 2.4; that is, a|c. The definition of gcd can be extended to three or more positive integers, as the following definition shows. The gcd of n Positive Integers The gcd of n (≥ 2) positive integers a1,a2,...,an is the largest positive integer that divides each ai. It is denoted by (a1,a2,...an). The following example illustrates this definition. EXAMPLE 3.2 Find (12,18,28), (12,36,60,108), and (15,28,50). SOLUTION a) The largest positive integer that divides 12, 18, and 28 is 2, so (12,18,28) = 2. b) 12 is the largest factor of 12, and 12 is a factor of 12, 36, 60, and 108; so (12,36,60,108) = 12. c) Since (15,28) = 1, the largest common factor of 15, 28, and 50 is 1; that is, (15,28,50) = 1.
- 201. 3.1 Greatest Common Divisor 163 Theorem 3.5 can be extended to n integers. But first, we will extend the defini- tion of a linear combination to n positive integers. A Linear Combination of n Positive Integers A linear combination of n positive integers a1,a2,...,an is a sum of the form α1a1 + α2a2 + ··· + αnan, where α1,α2,...,αn are integers. For instance, (−1) · 12 + 1 · 15 + 0 · 21 is a linear combination of 12, 15, and 21; so is 3 · 12 + (−2) · 15 + (−5) · 21. We now state the extension of Theorem 3.5 and leave its proof as an exercise. THEOREM 3.9 The gcd of the positive integers a1,a2,...,an is the least positive integer that is a linear combination of a1,a2,...,an. The following example illustrates this theorem. EXAMPLE 3.3 Express (12,15,21) as a linear combination of 12, 15, and 21. SOLUTION First, you may notice that (12,15,21) = 3. Next, find integers α, β, and γ , by trial and error, such that α · 12 + β · 15 + γ · 21 = 3; α = −1, β = 1, and γ = 0 is such a combination: (−1) · 12 + 1 · 15 + 0 · 21 = 3. The following theorem shows how nicely recursion can be used to find the gcd of three or more integers. THEOREM 3.10 Let a1,a2,...,an be n (≥ 3) positive integers. Then (a1,a2,...,an) = ((a1,a2, ...,an−1),an). PROOF Let d = (a1,a2,...,an), d = (a1,a2,...,an−1), and d = (d,an). We will show that d = d: • To show that d|d. Since d = (a1,a2,...,an), d|ai for every i. So d|d and d|an. Then d|(d,an); that is, d|d. • To show that d|d: Since d = (d,an), d|d and d|an. But d|d implies d|ai for 1 ≤ i ≤ n − 1. Thus, d|ai for 1 ≤ i ≤ n, so d|d. Thus, d|d and d|d, so d = d, by Theorem 2.3.
- 202. 164 CHAPTER 3 Greatest Common Divisors The following example illustrates this theorem. EXAMPLE 3.4 Using recursion, evaluate (18,30,60,75,132). SOLUTION (18,30,60,75,132) = ((18,30,60,75),132) = (((18,30,60),75),132) = ((((18,30),60),75),132) = (((6,60),75),132) = ((6,75),132) = (3,132) = 3 The following corollary follows by induction and Theorem 3.10. You can pro- vide a proof (see Exercise 55). COROLLARY 3.5 If d = (a1,a2,...,an), then d|ai for every integer i, where 1 ≤ i ≤ n. The following corollary is an extension of Corollary 3.4. COROLLARY 3.6 If d|a1a2 ···an and (d,ai) = 1 for 1 ≤ i ≤ n − 1, then d|an. Before we move on to another corollary, we make the following definition. Pairwise Relatively Prime Integers The positive integers a1,a2,...,an are pairwise relatively prime if every pair of integers is relatively prime; that is, (ai,aj) = 1, whenever i = j. For example, the integers 8, 15, and 49 are pairwise relatively prime, whereas the integers 6, 25, 77, and 91 are not pairwise relatively prime. The following result follows from Theorem 3.8. COROLLARY 3.7 If the positive integers a1,a2,...,an are pairwise relatively prime, then (a1,a2, ...,an) = 1. For instance, since the integers 8, 15, and 49 are pairwise relatively prime, (8,15,49) = 1. Be aware that the converse of this corollary is not true; that is, if (a1,a2,...,an) = 1, then the integers a1,a2,...,an need not be pairwise relatively prime. For example, (6,15,49) = 1, but 6, 15, and 49 are not pairwise relatively prime. (Why?)
- 203. 3.1 Greatest Common Divisor 165 Theorem 3.1 now yields an intriguing byproduct. In 1965, M. Wunderlich of the University of Colorado employed the theorem to provide a beautiful proof that there are infinitely many primes, as the next corollary shows; it is based on the fact that (Fm,Fn) = F(m,n).† COROLLARY 3.8 There are infinitely many primes. PROOF Suppose there is only a finite number of primes, p1,p2,...,pk. Consider the Fi- bonacci numbers Fp1 ,Fp2 ,...,Fpk . Clearly, they are pairwise relatively prime. Since there are only k primes, each of these Fibonacci numbers has exactly one prime factor; that is, each is a prime. This is a contradiction, since F19 = 4181 = 37 · 113. Thus, our assumption that there are only finitely many primes is false. In other words, there are infinitely many prime numbers. E X E R C I S E S 3.1 Mark true or false, where a, b, and c are any positive in- tegers, and p is an arbitrary prime. 1. (a,b) = (b,a) 2. (a,b) = (a,a − b) 3. (a,b) = (a,a − 2b) 4. (a,a + 2) = 1 5. (p,p + 2) = 1 6. (ac,bc) = c(a,b) 7. If (a,b) = 1, then a and b are relatively prime. 8. If a and b are relatively prime, then (a,b) = 1. 9. If (a,b) = 1 = (b,c), then (a,c) = 1. 10. If (a,b) = 2 = (b,c), then (a,c) = 2. 11. If (a,b) = d, then (a + b,a − b) = d. Express the gcd of each pair as a linear combination of the numbers. 12. 18, 28 13. 24, 28 14. 15, 28 15. 21, 26 Let f(n) denote the number of positive integers ≤ n and relatively prime to it. For example, f(1) = 1, f(2) = 1, f(3) = 2, and f(4) = 2. Find each. 16. f(10) 17. f(13) 18. f(18) 19. f(24) 20. Evaluate d|n f(d) for n = 12, 18, 19, and 25. 21. Using Exercise 20, predict a formula for d|n f(d). 22. Find the least possible value of (a,b). Find (a,b) if 23. b = 1 24. b = a 25. b = a + 1 26. b|a 27. b = a2 28. b = an 29. b = na 30. b = (b, a) Find the gcd of each pair, where a b. 31. a + b, a2 − b2 32. a2 − b2, a3 − b3 33. a2 − b2, a4 − b4 Express the gcd of the given numbers as a linear combi- nation of the numbers. 34. 12, 15, 18 35. 15, 18, 24 36. 12, 18, 20, 24 37. 15, 18, 20, 28 † See author’s Fibonacci and Lucas Numbers with Applications.
- 204. 166 CHAPTER 3 Greatest Common Divisors Using recursion, evaluate each. 38. (12, 18, 28, 38, 44) 39. (15, 24, 28, 45) 40. (14, 18, 21, 36, 48) 41. (18, 24, 36, 63) 42. (a2b, ab3, a2b2, a3b4, ab4) 43. (a2b2, ab3, a2b3, a3b4, a4b4) Disprove each statement. 44. If (a, b) = 1 = (b, c), then (a, c) = 1. 45. If (a, b) = 2 = (b, c), then (a, c) = 2. Prove each, where a, b, c, d,k, m, and n are arbitrary positive integers, p any prime, Fn the nth Fibonacci num- ber, fn the nth Fermat number, and tn the nth triangular number. 46. The gcd of any two positive integers is unique. 47. (a,−b) = (a,b) 48. (−a,b) = (a,b) 49. (−a,−b) = (a,b) 50. (a,a + b) = (a,b) 51. (ac,bc) = c(a,b) 52. Any two consecutive integers are relatively prime. 53. If p a, then p and a are relatively prime. 54. Using Theorem 3.8, prove that if d = (a, b), then (a/d,b/d) = 1. 55. If d = (a1,a2,...,an), then d|ai for every integer i, where 1 ≤ i ≤ n. 56. (a, (a, b)) = (a, b) 57. (a, a − b) = 1 if and only if (a, b) = 1. 58. If (a, b) = 1, then (a + b, a − b) = 1 or 2. 59. If (a,b) = 1 = (a,c), then (a,bc) = 1. 60. Let (a,b) = 1. Then (a2 + b2,a + 2ab) = 1 or 5. (V. E. Hoggatt, Jr., 1972) 61. Let (a2 + b2,a + 2ab) = 1 or 5. Then (a,b) = 1 (V. E. Hoggatt, Jr., 1972) 62. (n + 1,n2 + 1) = 1, where n is even. (N. Schaum- berger and J. Soriano, 1967) 63. (an − 1,am + 1) = 1 or 2. (E. Just, 1972) 64. (tn−1,tn) · (tn,tn+1) = tn (T. E. Moore, 2004) 65. a!b!|(a,b)(a + b − 1)! (J. H. Conway, 1988) 66. Let gn = (2k)2n +1, where n ≥ 0. Then (gm,gn) = 1, where m = n. 67. Fm|Fn if and only if m|n. [Hint: (Fm,Fn) = F(m,n).] 68. 3|Fn if and only if 4|n. 69. Let n m ≥ 0. Show that fm|(fn − 2). 70. Using Exercise 69, show that (fm,fn) = 1, where m = n. 71. Using Theorem 3.2 and induction, prove that there are infinitely many primes. 72. If (a,b) = 1, then (a2,b2) = 1. 73. Let m,n ≥ 1. Prove that m (m,n) | m n (C. Hermite) 74. Let m,n ≥ 1. Prove that m − n + 1 (m,n) | m n (C. Her- mite) 3.2 The Euclidean Algorithm Several procedures exist for finding the gcd of two positive integers. One efficient algorithm is the euclidean algorithm, named after Euclid, who included it in Book VII of his extraordinary work, The Elements. The algorithm, however, was most likely known before him. It is a fundamental tool in algorithmic number theory. The following theorem lays the groundwork for the euclidean algorithm. THEOREM 3.11 Let a and b be any positive integers, and r the remainder, when a is divided by b. Then (a,b) = (b,r).
- 205. 3.2 The Euclidean Algorithm 167 PROOF Let d = (a,b) and d = (b,r). To prove that d = d, it suffices to show that d|d and d|d. By the division algorithm, a unique quotient q exists such that a = bq + r (3.1) To show that d|d: Since d = (a,b), d|a and d|b, so d|bq, by Theorem 2.4. Then d|(a − bq), again by Theorem 2.4. In other words, d|r, by equation (3.1). Thus, d|b and d|r, so d|(b,r); that is, d|d. Similarly, it can be shown that d|d (see Exercise 17). Thus, by Theorem 2.3, d = d, that is, (a,b) = (b,r). The following example illustrates this theorem. EXAMPLE 3.5 Illustrate Theorem 3.11 with a = 120 and b = 28. SOLUTION First, you may verify that (120,28) = 4. Now, by the division algorithm, 120 = 4 · 28 + 8, so, by Theorem 3.11, (120,28) = (28,8). But (28,8) = 4. Therefore, (120,28) = 4. The following example illustrates how Theorem 3.11 can be used to find (a,b). EXAMPLE 3.6 Using Theorem 3.11, evaluate (2076,1776). SOLUTION Apply the division algorithm with 2076 (the larger of the two numbers) as the divi- dend and 1776 as the divisor: 2076 = 1 · 1776 + 300 Apply the division algorithm with 1776 as the dividend and 300 as the divisor: 1776 = 5 · 300 + 276
- 206. 168 CHAPTER 3 Greatest Common Divisors Continue this procedure until a zero remainder is reached: By the repeated application of Theorem 3.11, we have: (2076,1776) = (1776,300) = (300,276) = (276,24) = (24,12) = 12 Thus, the last nonzero remainder in this procedure is the gcd. We now justify this algorithm, although it is somewhat obvious. The Euclidean Algorithm Let a and b be any two positive integers with a ≥ b. If a = b, then (a,b) = a, so assume a b. (If this is not true, simply switch them.) Let r0 = b. Then by successive application of the division algorithm, we get a sequence of equations: a = q0r0 + r1, 0 ≤ r1 r0 r0 = q1r1 + r2, 0 ≤ r2 r1 r1 = q2r2 + r3, 0 ≤ r3 r2 . . . Continuing like this, we get the following sequence of remainders: b = r0 r1 r2 r3 ··· ≥ 0 Since the remainders are nonnegative and are getting smaller and smaller, this se- quence should eventually terminate with remainder rn+1 = 0. Thus, the last two equations in the above procedure are rn−2 = qn−1rn−1 + rn, 0 ≤ rn rn−1 and rn−1 = qnrn
- 207. 3.2 The Euclidean Algorithm 169 It follows by induction that (a,b) = (a,r0) = (r0,r1) = (r1,r2) = ··· = (rn−1,rn) = rn, the last nonzero remainder (see Exercise 18). The following example also demonstrates the euclidean algorithm. EXAMPLE 3.7 Apply the euclidean algorithm to find (4076, 1024). SOLUTION By the successive application of the division algorithm, we get: Since the last nonzero remainder is 4, (4076,1024) = 4. The euclidean algorithm is purely mechanical. All we need to do is make our divisor the new dividend, and the remainder the new divisor. That is, just follow the southwest arrows in the example. The euclidean algorithm is formally presented in Algorithm 3.1. Algorithm Euclid (x,y,divisor) (* This algorithm returns the gcd (x,y) in divisor, where x ≥ y 0 *) Begin (* algorithm *) dividend ← x divisor ← y remainder ← dividend mod divisor while reminder 0 do (* update dividend, divisor, and remainder *) begin (* while *) dividend ← divisor divisor ← dividend mod divisor endwhile End (* algorithm *) Algorithm 3.1 A Jigsaw Puzzle (optional) The euclidean algorithm has a delightful application to geometry. To this end, sup- pose we would like to find (23,13). By the euclidean algorithm, we have
- 208. 170 CHAPTER 3 Greatest Common Divisors 23 = 1 · 13 + 10 13 = 1 · 10 + 3 10 = 3 · 3 + 1 3 = 3 · 1 So (23,13) = 1. Now consider a 23 × 13 rectangle; see Figure 3.1. The largest square we can place inside it is a 13 × 13 square, and only one such square will fit it. Now we can use one 10 × 10 square, three 3 × 3 squares, and three 1 × 1 squares to fit the rest of the rectangle; see Figure 3.2. Figure 3.1 Figure 3.2 Each divisor d in the algorithm represents the length of the side of a d×d square, and the length of a side of the smallest square gives the gcd. We shall revisit this jigsaw-puzzle application in Section 12.1. As a byproduct, the euclidean algorithm provides a procedure for expressing the gcd (a,b) as a linear combination of a and b, as the following example shows. EXAMPLE 3.8 Using the euclidean algorithm, express (4076, 1024) as a linear combination of 4076 and 1024. SOLUTION All we need to do is use the equations in Example 3.7 in the reverse order, each time substituting for the remainder from the previous equation: (4076,1024) = 4 = last nonzero remainder = 1004 − 50 · 20 = 1004 − 50(1024 − 1 · 1004) (substitute for 20) = 51 · 1004 − 50 · 1024 = 51(4076 − 3 · 1024) − 50 · 1024 (substitute for 1004) = 51 · 4076 + (−203) · 1024 (We can confirm this by direct computation.)
- 209. 3.2 The Euclidean Algorithm 171 Next, we shall derive an upper bound for the number of divisions needed to eval- uate (a,b) by the euclidean algorithm. However, first we need to lay some ground- work in the form of a lemma that investigates yet another property of Fibonacci numbers. LEMMA 3.2 Let α = (1 + √ 5)/2. Then αn−2 Fn αn−1, where n ≥ 3. PROOF (by strong induction) (We shall prove that αn−2 Fn and leave the other half as an exercise.) You can verify that α is a solution of the equation x2 = x + 1, so α2 = α + 1. Let P(n): αn−2 Fn, where n ≥ 3 basis step Since the induction step below uses the recurrence relation Fk+1 = Fk + Fk−1, the basis step involves verifying that both P(3) and P(4) are true. 1. To show that P(3) is true: When n = 3, αn−2 = α = 1 + √ 5 2 1 + 3 2 = 2 = F3, so P(3) is true. 2. To show that P(4) is true: α2 = 1 + √ 5 2 2 = 3 + √ 5 2 3 + 3 2 = 3 = F4 Therefore, P(4) is also true. induction step Assume P(3),P(4),...,P(k) are true; that is, assume αi−2 Fi for 5 ≤ i ≤ K. We must show that P(k + 1) is true; that is, αk−1 Fk+1. We have α2 = α + 1 Multiplying both sides by αk−3, we get αk−1 = αk−2 + αk−3 (Note: k − 3 ≥ 2) Fk + Fk−1, by the inductive hypothesis = Fk+1, by the recurrence relation So P(k + 1) is true. Thus, by induction, αn−2 Fn for every integer n ≥ 3.
- 210. 172 CHAPTER 3 Greatest Common Divisors The irrational number α is called the golden ratio. It has many intriguing appli- cations. The following theorem, established in 1844 by Lamé, employs this result to estimate the number of divisions required by the euclidean algorithm for computing the gcd. THEOREM 3.12 (Lamé’s Theorem) The number of divisions needed to compute (a,b) by the euclidean algorithm is no more than five times the number of decimal digits in b, where a ≥ b ≥ 2. PROOF Let Fn denote the nth Fibonacci number, a = r0 and b = r1. By the repeated applica- tion of the division algorithm we have r0 = r1q1 + r2, 0 ≤ r2 r1 r1 = r2q2 + r3, 0 ≤ r3 r2 . . . rn−2 = rn−1qn−1 + rn, 0 ≤ rn rn−1 rn−1 = rnqn Clearly, it takes n divisions to evaluate gcd (a,b) = rn. Since ri ri−1, qi ≥ 1 for 1 ≤ i ≤ n. In particular, since rn rn−1, qn ≥ 2, so rn ≥ 1 and rn−1 ≥ 2 = F3. Consequently, we have rn−2 = rn−1qn−1 + rn ≥ rn−1 + rn ≥ F3 + 1 = F3 + F2 = F4 rn−3 = rn−2qn−2 + rn−1 ≥ rn−2 + rn−1 ≥ F4 + F3 = F5 . . . Continuing like this, r1 = r2q2 + r3 ≥ r2 + r3 ≥ Fn + Fn−1 = Fn+1 That is, b ≥ Fn+1.
- 211. 3.3 The Fundamental Theorem of Arithmetic 173 By Lemma 3.2, Fn+1 αn−1, where α = (1 + √ 5)/2 and n ≥ 3. Therefore, b αn−1 logb (n − 1)logα Since α = (1 + √ 5)/2 ≈ 1.618033989, logα ≈ 0.2089876403 1/5. Therefore, logb n − 1 5 Suppose b contains k decimal digits. Then b 10k. Therefore, logb k and hence k (n − 1)/5. Thus, n 5k + 1 or n ≤ 5k. Thus, the number of divisions needed by the algorithm is no more than five times the number of decimal digits in n. E X E R C I S E S 3.2 Using the euclidean algorithm, find the gcd of the given integers. 1. 1024, 1000 2. 2024, 1024 3. 2076, 1076 4. 2076, 1776 5. 1976, 1776 6. 3076, 1776 7. 3076, 1976 8. 4076, 2076 9–16. Using the euclidean algorithm, express the gcd of each pair in Exercises 1–8 as a linear combination of the given numbers. 17. Let a and b be any two positive integers, and let r be the remainder when a is divided by b. Let d = (a,b) and d = (b,r). Prove that d|d. 18. Let a and b be any two positive integers with a ≥ b. Using the sequence of equations in the euclidean algorithm, prove that (a,b) = (rn−1,rn), where n ≥ 1. Prove each, where α = (1 + √ 5)/2. 19. Fn αn−1, n ≥ 2 20. Fn ≤ 2n, n ≥ 1 3.3 The Fundamental Theorem of Arithmetic We now continue our study of primes. We can establish unequivocally the asser- tion that prime numbers are the building blocks of all integers. In other words, inte- gers ≥ 2 are made up of primes; that is, every integer ≥ 2 can be decomposed into primes. This result, called the fundamental theorem of arithmetic, is certainly the cornerstone of number theory and one of its cardinal results. It appears in Euclid’s Elements. Before we state it formally and prove it, we need to lay some groundwork in the form of two lemmas. Throughout, assume all letters denote positive integers.
- 212. 174 CHAPTER 3 Greatest Common Divisors LEMMA 3.3 (Euclid) If p is a prime and p|ab, then p|a or p|b. PROOF Suppose p a. Then p and a are relatively prime, so by Theorem 3.8, there are inte- gers α and β such that αp+βa = 1. Multiply both sides of this equation by b; we get αpb + βab = b. Since p|p and p|ab, p|(αpb + βab) by Theorem 2.4; that is, p|b. The following lemma extends this result to three or more factors, using induc- tion. LEMMA 3.4 Let p be a prime and p|a1a2 ···an, where a1,a2,...,an are positive integers, then p|ai for some i, where 1 ≤ i ≤ n. PROOF (by weak induction) When n = 1, the result follows clearly. So assume it is true for an arbitrary posi- tive integer k: If p|a1a2 ···ak, then p|ai for some i. Suppose p|a1a2 ···ak+1, that is, p|(a1a2 ···ak)ak+1. Then, by Lemma 3.3, p|a1a2 ···ak or p|ak+1. If p|a1a2 ···ak, then p|ai, for some i, where 1 ≤ i ≤ k. Thus, p|ai, where 1 ≤ i ≤ k, or p|ak+1. In any event, p|ai for some i, where 1 ≤ i ≤ k + 1. Thus, by induction, the result holds for every positive integer n. The following result follows nicely from this lemma. COROLLARY 3.9 If p,q1,q2,...,qn are primes such that p|q1q2 ···qn, then p = qi for some i, where 1 ≤ i ≤ n. PROOF Since p|q1q2 ···qn, by Lemma 3.4, p|qi for some i. But p and qi are primes, so p = qi. We can now state and establish the fundamental theorem of arithmetic, the most fundamental result in number theory. The proof consists of two parts and is a bit long, so we need to follow it carefully. THEOREM 3.13 (The Fundamental Theorem of Arithmetic) Every integer n ≥ 2 either is a prime or can be expressed as a product of primes. The factorization into primes is unique except for the order of the factors. PROOF First, we will show by strong induction that n either is a prime or can be expressed as a product of primes. Then we will establish the uniqueness of such a factorization.
- 213. 3.3 The Fundamental Theorem of Arithmetic 175 1. Let P(n) denote the statement that n is a prime or can be expressed as a product of primes. To show that P(n) is true for every integer n ≥ 2: Since 2 is a prime, clearly P(2) is true. Now assume P(2),P(3),...,P(k) are true; that is, every integer 2 through k either is a prime or can be expressed as a product of primes. If k + 1 is a prime, then P(k + 1) is true. So suppose k + 1 is composite. Then k + 1 = ab for some integers a and b, where 1 a, b k + 1. By the inductive hypothesis, a and b either are primes or can be expressed as products of primes; in any event, k + 1 = ab can be expressed as a product of primes. Thus, P(k + 1) is also true. Thus, by strong induction, the result holds for every integer n ≥ 2. 2. To establish the uniqueness of the factorization: Let n be a composite number with two factorizations into primes: n = p1p2 ···pr = q1q2 ···qS. We will show that r = s and every pi equals some qj, where 1 ≤ i, j ≤ r; that is, the primes q1,q2,...,qs are a permutation of the primes p1,p2,...,pr. Assume, for convenience, that r ≤ s. Since p1p2 ···pr = q1q2 ···qs, p1|q1q2 ···qs, by Corollary 3.9, p1 = qi for some i. Dividing both sides by p1, we get: p2 ···pr = q1q2 ···qi−1 qiqi+1 ···qs Now p2 divides the RHS, so again by Corollary 3.9, p2 = qj for some j. Cancel p2 from both sides: p3 ···pr = q1q2 ···qi−1 qiqi+1 ···qj−1 qjqj+1qs Since r ≤ s, continuing like this, we can cancel every pt with some qk. This yields a 1 on the LHS at the end. Then the RHS cannot be left with any primes, since a product of primes can never yield a 1; thus, we must have exhausted all qks by now. Therefore, r = s and hence the primes q1,q2,...,qs are the same as the primes p1,p2,...,pr in some order. Thus, the factorization of n is unique, except for the order in which the primes are written. It follows from this theorem that every composite number n can be factored into primes. Such a factorization is called a prime factorization of n. For example, 5544 = 2 · 2 · 3 · 7 · 2 · 11 · 3 is a prime factorization of 5544. Using the exponential notation, this product is often written as 5544 = 23 · 32 · 7 · 11. Such a product is the prime-power decomposition of n; if the primes occur in increasing order, then it is the canonical decomposition.
- 214. 176 CHAPTER 3 Greatest Common Divisors Canonical Decomposition The canonical decomposition of a positive integer n is of the form n = pa1 1 pa2 2 ···p ak k , where p1,p2,...,pk are distinct primes with p1 p2 ··· pr and each exponent ai is a positive integer. There are two commonly used techniques for finding the canonical decompo- sition of a composite number. The first method involves finding all prime factors, beginning with the smallest prime, as the following example demonstrates. EXAMPLE 3.9 Find the canonical decomposition of 2520. SOLUTION Beginning with the smallest prime 2, since 2|2520, 2520 = 2·1260. Now 2 is a factor of 1260, so 2520 = 2·2·630; 2|630 again, so 2520 = 2·2·2·315. Now 2 315, but 3 does, so 2520 = 2·2·2·3·105; 3 is a factor of 105 also, so 2520 = 2·2·2·3·3·35. Continuing like this we get 2520 = 2 · 2 · 2 · 3 · 3 · 5 · 7 = 23 · 32 · 5 · 7 which is the desired canonical decomposition. This method can be quite time consuming if the number n is fairly large. The second method, which is generally more efficient, involves splitting n as the product of two positive integers, not necessarily prime numbers, and continuing to split each factor into further factors until all factors are primes. To make this method short, look for large factors; as you will soon see, the larger the factors, the fewer the steps. The following example clarifies this fairly straightforward method. EXAMPLE 3.10 Find the canonical decomposition of 2520 by the second method. SOLUTION Notice that 2520 = 40 · 63. Since none of the factors are primes, split them again: 40 = 4·10 and 63 = 7·9, so 2520 = (4·10)·(7·9). Since 4, 10, and 9 are composites, split each of them:2520 = (2 · 2)(2 · 5)(7)(3 · 3). Now all the factors are primes, so the procedure stops. Rearranging them yields the canonical decomposition: 2520 = 23 · 32 · 5 · 7. Factor Tree This method can be illustrated in a tree diagram, called a factor tree. In such a diagram, if a|b, we connect them by a line segment. Figure 3.3 shows the factor tree
- 215. 3.3 The Fundamental Theorem of Arithmetic 177 Figure 3.3 for 2520 using the above decomposition steps. To find the canonical decomposition, simply take the product of all primes at the “leaves”: 2520 = 2 · 2 · 2 · 5 · 7 · 3 · 3 = 23 · 32 · 5 · 7. The canonical decomposition of a composite number can be used to find its positive factors, as the following example shows. (It can also be used to find the number of positive factors without listing them; we will discuss this in Section 8.2.) EXAMPLE 3.11 Find the positive factors of 60. SOLUTION First, notice that 60 = 22 · 3 · 5. By the fundamental theorem of arithmetic, every factor of 60 is of the form 2a · 3b · 5c, where 0 ≤ a ≤ 2, and 0 ≤ b, c ≤ 1. Thus, the various factors are 20 · 30 · 50 = 1 20 · 30 · 51 = 5 20 · 31 · 50 = 3 20 · 31 · 51 = 15 21 · 30 · 50 = 2 21 · 30 · 51 = 10 21 · 31 · 50 = 6 21 · 31 · 51 = 30 22 · 30 · 50 = 4 22 · 30 · 51 = 20 22 · 31 · 50 = 12 22 · 31 · 51 = 60 (Thus, 60 has 12 factors. Can you think of a better way to find the number of positive factors without listing them?) The following example presents a beautiful application of the fundamental the- orem of arithmetic and the floor function. It shows how nicely we can determine the number of trailing zeros in the decimal value of n!, without computing it. (For instance, 11! = 39,916,800 has two trailing zeros.)
- 216. 178 CHAPTER 3 Greatest Common Divisors EXAMPLE 3.12 Find the number of trailing zeros in 234!. SOLUTION By the fundamental theorem of arithmetic, 234! can be factored as 2a · 5b · c, where a and b are positive integers (why?) and c denotes the product of primes other than 2 and 5. Clearly, a b (why?). Each trailing zero in 234! corresponds to a 10 in a factorization and vice versa; each 10 is the product of a 2 and a 5. No. of trailing zeros in 234! = ⎛ ⎝ No. of products of the form 2 · 5 in a prime factorization of 234! ⎞ ⎠ = minimum of a and b (why?) = b To find b, we proceed as follows: No. of positive integers ≤ 234 and divisible by 5 = 234/5 = 46. Each of them contributes a 5 to the prime factorization of 234!. No. of positive integers ≤ 234 and divisible by 25 = 234/25 = 9. Each of them contributes an additional 5 to the prime factorization of 234!. No. of positive integers ≤ 234 and divisible by 125 = 234/125 = 1. It contributes a still additional 5 to the prime factorization. No higher power of 5 contributes a 5 to the prime factorization of 234!, so the total number of 5s in the prime factorization equals 46 + 9 + 1 = 56. Thus, 234! has 56 trailing zeros. (This example is pursued further in Example 4.25.) It follows from this example that the highest power e of a prime p that divides n! is given by e = n/p + n/p2 + n/p3 + ··· Let k be the smallest integer such that pk n. Then n/pk = 0, so the sum is a finite one. For example, the largest power of 2 that divides 97! is e = 97/2 + 97/22 + 97/23 + 97/24 + 97/25 + 97/26 = 48 + 24 + 12 + 6 + 3 + 1 = 94 Interestingly enough, there is a close relationship between the number of ones in the binary representation of 97 and the highest power of 2 that divides 97!. To see this, notice that 97 = 1100001two, so the binary representation contains three 1s and 97 = 94 + 3.
- 217. 3.3 The Fundamental Theorem of Arithmetic 179 More generally, we have the following result due to the French mathematician Adrien-Mari Legendre. THEOREM 3.14 Let e denote the highest power of 2 that divides n! and b the number of 1s in the binary representation of n. Then n = e + b. PROOF Let n = (akak−1 ...a1a0)two = a0 + a1 · 2 + ··· + ak · 2k. Let 1 ≤ i ≤ k. Then
- 218. n 2i =
- 219. a0 + a1 · 2 + ··· + ai−1 · 2i−1 2i + ai + ai+1 · 2 + ··· + ak · 2k−i But a0 + a1 · 2 + ··· + ai−1 · 2i−1 ≤ 1 + 2 + 22 + ··· + 2i−1 = 2i − 1 2i , so
- 220. a0 + a1 · 2 + ··· + ai−1 · 2i−1 2i = 0 Therefore,
- 221. n 2i = ai + ai+1 · 2 + ··· + ak · 2k−i Thus, k i=1
- 222. n 2i = a1 + a2 · 2 + a3 · 22 + ··· + ak · 2k−1 + a2 · 1 + a3 · 2 + ··· + ak · 2k−2 + a3 · 1 + ··· + ak · 2k−3 . . . + ak · 1 That is, e = a1 + a2(1 + 2) + a3(1 + 2 + 22 ) + ··· + ak(1 + 22 + ··· + 2k−1 ) = a1(2 − 1) + a2(22 − 1) + a3(23 − 1) + ··· + ak(2k − 1) = (a0 + a1 · 2 + a2 · 22 + ··· + ak · 2k ) − (a0 + a1 + ··· + ak) = n − b Thus, n = e + b.
- 223. 180 CHAPTER 3 Greatest Common Divisors The canonical decompositions of positive integers provide a new method for finding their gcds, as the following example illustrates. EXAMPLE 3.13 Using the canonical decompositions of 168 and 180, find their gcd. SOLUTION You can verify that 168 = 23 · 3 · 7 and 180 = 22 · 32 · 5. The only common prime factors are 2 and 3, so 5 or 7 cannot appear in their gcd. Since 2 appears thrice in the canonical decomposition of 168, but only twice in the canonical decomposition of 180, 22 is a factor in the gcd. Similarly, 3 is also a common factor, so (168,180) = 22 · 3 = 12. An important observation: (168,180) = 22 · 3 = 22 · 31 · 50 · 70 = 2min{3,2} · 3min{1,2} · 5min{1,0} · 7min{1,0} This technique can be generalized as follows. Let a and b be positive integers with the following canonical decompositions: a = pa1 1 pa2 2 ···pan n and b = pb1 1 pb2 2 ···pbn n , where ai,bi ≥ 0. (By letting exponents zero, we can always assume that both decom- positions contain exactly the same prime bases pi.) Then (a,b) = p min{a1,b1} 1 p min{a2,b2} 2 ···pmin{an,bn} n Let us look again at the distribution of primes, which we studied in the preceding chapter. Distribution of Primes Revisited By the division algorithm, every integer is of the form 4n+r, where r = 0,1,2, or 3; so every odd integer is of the form 4n + 1 or 4n + 3. For instance, 13 and 25 are of the form 4n + 1 : 13 = 4 · 3 + 1 and 25 = 4 · 6 + 1, whereas 11 and 31 are of the form 4n + 3 : 11 = 4 · 2 + 3 and 31 = 4 · 7 + 3.
- 224. 3.3 The Fundamental Theorem of Arithmetic 181 Look at positive integers of the form 4n + 3. The first eleven such numbers are 3, 7, 11, 15, 19, 23, 27, 31, 35, 39, and 43, of which seven (about 64%) are primes. What can we reasonably conjecture from this observation? If you guessed there are infinitely many primes of the form 4n + 3, you are correct. Before we establish the validity of this educated guess, we need to lay its groundwork in the form of the following lemma. LEMMA 3.5 The product of any two integers of the form 4n + 1 is also of the same form. PROOF Let a and b be any two integers of the form 4n + 1, say, a = 4 + 1 and b = 4m + 1 for some integers and m. Then ab = (4 + 1)(4m + 1) = 16m + 4 + 4m + 1 = 4(4m + + m) + 1 = 4k + 1 where k = 4m + + m is an integer Thus, ab is also of the same form. This result can be extended to any finite number of such integers (see Review Exercise 60). We are now ready to prove our conjecture. The proof looks similar to Euclid’s proof, which established the infinitude of primes. See Example 11.7 also. THEOREM 3.15 There are infinitely many primes of the form 4n + 3. PROOF (by contradiction) Suppose there are only finitely many primes of the form 4n+3, say, p0,p1,p2,...,pk, where p0 = 3. Consider the positive integer N = 4p1p2 ···pk + 3. Clearly, N pk and is also of the same form. case 1 If N itself is a prime, then N would be larger than the largest prime pk of the form 4n + 3, which is a contradiction. case 2 Suppose N is composite. Since N is odd, every factor of N is of the form 4n + 1 or 4n + 3. If every factor is of the form 4n + 1, then, by Lemma 3.5, N would be of the same form. But, since N is of the form 4n + 3, at least one of the prime factors, say, p, must be of the form 4n + 3.
- 225. 182 CHAPTER 3 Greatest Common Divisors subcase 1 Let p = p0 = 3. Then 3|N, so 3|(N − 3) by Theorem 2.4; that is, 3|4p1p2 ···pk. So, by Lemma 3.4, 3|2 or 3|pi, where 1 ≤ i ≤ k, but both are im- possible. subcase 2 Let p = pi, where 1 ≤ i ≤ k. Then p|N and p|4p1p2 ···pk, so p|(N − 4p1p2 ···pk), that is, p|3, again a contradiction. Both cases lead us to a contradiction, so our assumption must be false. Thus, there is an infinite number of primes of the given form. Now that we have established the infiniteness of the number of primes of the form 4n + 3, we ask the next logical question: Are there infinitely many primes of the form 4n + 1? Fortunately, the answer is again yes (see Example 11.7). In fact, both results are special cases of the following remarkable result, proved by Dirichlet in 1837, but stated originally by Legendre in 1785. Its proof is extremely complicated, so we omit it. THEOREM 3.16 (Dirichlet’s Theorem) If a and b are relatively prime, then the arithmetic sequence a, a + b, a + 2b, a + 3b,... contains infinitely many primes. For example, let a = 3 and b = 4; then the sequence 3, 4 · 1 + 3,4 · 2 + 3, 4·3+3,... contains an infinite number of primes, namely, primes of the form 4n+3. Likewise, choosing a = 1 and b = 4, it follows there is an infinite number of primes of the form 4n + 1. For yet another example, choose a = 7 and b = 100. Then a+nb = 100n+7, so the sequence 7,107,207,307,... contains an infinite number of primes, all ending in 7. Note the crucial condition in Dirichlet’s theorem that a and b be relatively prime. If they are not, then the sequence need not contain any primes at all. To verify this, choose a = 6 and b = 9; then the sequence 6,15,24,33,42,51,... contains only composite numbers. E X E R C I S E S 3.3 Find the canonical decomposition of each composite num- ber. 1. 1947 2. 1661 3. 1863 4. 1976 5. 227 + 1 6. 248 − 1 7. 10,510,100,501 8. 1,004,006,004,001 Find the positive factors of each, where p and q are dis- tinct primes. 9. p 10. p2 11. pq 12. pq2
- 226. 3.3 The Fundamental Theorem of Arithmetic 183 Find the positive factors of each composite number. 13. 48 14. 90 15. 210 16. 1040 Find the number of trailing zeros in the decimal value of each. 17. 100! 18. 376! 19. 609! 20. 1010! Find the values of n for which n! contains the given num- ber of trailing zeros. 21. 58 22. 93 Find the gcd of each pair, where p, q, and r are distinct primes. 23. 23 · 3 · 5,2 · 32 · 53 · 72 24. 24 · 32 · 75,34 · 5 · 112 25. p2q3, pq2r 26. p3qr3, p3q4r5 Using canonical decompositions, find the gcd of each pair. 27. 48, 162 28. 72, 108 29. 175, 192 30. 294, 450 Find the number of trailing zeros in the binary represen- tation of each integer. 31. 28 32. 32 33. 208 34. 235 35. Using Exercises 31–34, predict the number of trailing zeros in the binary representation of a positive inte- ger n. Find the highest power of each that divides 1001! 36. 2 37. 3 38. 5 39. 7 Using Theorem 3.14, find the number of ones in the bi- nary representation of each integer. 40. 234 41. 1001 42. 1976 43. 3076 44. Using Example 3.12, conjecture the number of trail- ing zeros in the decimal value of n! Prove each, where p is a prime, and a, b, and n are posi- tive integers. 45. If p|a2, then p|a. 46. If p|an, then p|a. 47. The product of any n integers of the form 4k + 1 is also of the same form. 48. If (a,b) = 1, then (an,bn) = 1. 49. If (an,bn) = 1, then (a,b) = 1. 50. There are infinitely many primes of the form 2n + 3. 51. There are infinitely many primes of the form 8n + 5. 52. Every positive integer n can be written as n = 2em, where e ≥ 0 and m is an odd integer. 53. Every positive integer n can be written as n = 2a5bc, where c is not divisible by 2 or 5. 54. A positive integer is a square if and only if every ex- ponent in its canonical decomposition is an even inte- ger. Find the number of positive factors of each, where p, q, and r are distinct primes. 55. pq 56. pq2 57. p2q2 58. pq2r3 Find the sum of the positive factors of each, where p, q, and r are distinct primes. 59. pi 60. pqj 61. piqj 62. piqjrk A positive integer is square-free if it is not divisible by the square of any positive integer 1. For instance, 105 = 3 · 5 · 7 is square-free. 63. An integer 1 is square-free if and only if its prime factorization consists of distinct primes. 64. Any integer n 1 can be written as the product of a square and a square-free integer. A positive integer is said to be powerful if whenever a prime p is a factor of n, p2 is also a factor. For example, 72 is a powerful number since both 3 and 32 are factors of 72. 65. Find the first three powerful numbers. 66. Show that every powerful number can be written in the form a2b3, where a and b are positive integers. Let p be a prime, and n and a positive integers. Then pa exactly divides n if pa|n, but pa+1 n; we then write pa
- 227. n. Thus, pa
- 228. n if a is the largest exponent of p such that pa|a. Prove each. 67. If pa
- 229. m and pb
- 230. n, then pa+b|mn. 68. If pa
- 231. m, then pka
- 232. mk, where k is a positive integer. 69. If pa
- 233. m and pb
- 234. n, then pmin(a,b)
- 235. (m + n).
- 236. 184 CHAPTER 3 Greatest Common Divisors 3.4 Least Common Multiple The least common multiple (lcm) of two positive integers a and b is closely related to their gcd. In fact, we use the lcm every time we add and subtract fractions. Now we will explore two methods for finding the lcm of a and b. The first method em- ploys canonical decompositions, and the second employs their gcd. We begin with a definition. Least Common Multiple The least common multiple of two positive integers a and b is the least positive integer divisible by both a and b; it is denoted by [a,b]. For example, suppose we want to evaluate [18,24]. The positive multiples of 18 are 18,36,54,72,90,... and those of 24 are 24,48,72,96,.... So their common multiples are 72,144,216,.... Thus, [18,24] = their lcm = 72. How do we know that [a,b] always exists? Since ab is a multiple of both a and b, the set of common multiples is always nonempty; so, by the well-ordering principle, the set contains a least element; thus, [a,b] always exists. Is it unique? The answer is again yes (see Exercise 32). Next, we rewrite the previous definition of lcm symbolically. A Symbolic Definition of lcm The lcm of two positive integers a and b is the positive integer m such that • a|m and b|m; and • if a|m and b|m, then m ≤ m, where m is a positive integer. Canonical decompositions of a and b can be employed to find their lcm. Suppose we want to find [90,168]. Notice that 90 = 2 · 32 · 5 and 168 = 23 · 3 · 7. Looking at the prime powers, it follows that their lcm must be a multiple of 23,32,5, and 7; so their lcm is 23 · 32 · 5 · 7 = 2520. An important observation: [90,168] = 23 · 32 · 5 · 7 = 2max{1,3} · 3max{2,1} · 5max{1,0} · 7max{0,1}
- 237. 3.4 Least Common Multiple 185 This leads us to the following generalization. Let a and b be two positive integers with the following canonical decomposi- tions: a = pa1 1 pa2 2 ···pan n and b = pb1 1 pb2 2 ···pbn n , where ai,bi ≥ 0. (Again, we assume that both decompositions contain exactly the same prime bases pi.) Then [a,b] = p max{a1,b1} 1 p max{a2,b2} 2 ...pmax{an,bn} n The following example illustrates this technique. EXAMPLE 3.14 Using the canonical decompositions of 1050 and 2574, find their lcm. SOLUTION Notice that 1050 = 2 · 3 · 52 · 7 and 2574 = 2 · 32 · 11 · 13. Therefore, [1050,574] = 2max{1,1} · 3max{1,2} · 5max{2,0} · 7max{1,0} · 11max{0,1} · 13max{0,1} = 21 · 32 · 52 · 71 · 111 · 131 = 450,450 Next, we derive a close relationship between the gcd and the lcm of two positive integers. But first, let us study an example and make an observation. Notice that (18,24) = 6 and [18,24] = 72. Also, 6·72 = 18·24; in other words, [18,24] = 18 · 24 (18,24) . The following theorem shows this is not a sheer coincidence but is always the case. It is a direct application of Theorem 1.1 and canonical decompositions. THEOREM 3.17 Let a and b be positive integers. Then [a,b] = ab (a,b) . PROOF Let a = pa1 1 pa2 2 ···pan n and b = pb1 1 pb2 2 ···pbn n be the canonical decompositions of a and b, respectively. Then (a,b) = p min{a1,b1} 1 p min{a2,b2} 2 ···pmin{an,bn} n
- 238. 186 CHAPTER 3 Greatest Common Divisors and [a,b] = p max{a1,b1} 1 p max{a2,b2} 2 ···pmax{an,bn} n Therefore, (a,b) · [a,b] = p min{a1,b1} 1 ···pmin{an,bn} n ,p max{a1,b1} 1 ···pmax{an,bn} n = p min{a1,b1}+max{a1,b1} 1 ···pmin{an,bn}+max{an,bn} n = pa1+b1 1 pa2+b2 2 ···pan+bn n = pa1 1 pa2 2 ···pan n pb1 1 pb2 2 ···pbn n = ab Thus, [a,b] = ab (a,b) This theorem provides a second way of computing [a,b], provided (a,b) is known, as the following example illustrates. EXAMPLE 3.15 Using (252,360), compute [252,360]. SOLUTION You may notice that 252 = 22 ·32 ·7 and 360 = 23 ·32 ·5, so (252,360) = 22 ·32 = 36. Therefore, by Theorem 3.17, [252,360] = 252 · 360 36 = 2520 Returning to Theorem 3.17, suppose (a,b) = 1. Then [a,b] = ab. Accordingly, we have the following corollary. COROLLARY 3.10 Two positive integers a and b are relatively prime if and only if [a,b] = ab. For instance, since 15 and 28 are relatively prime, [15,28] = 15 · 28 = 420. As in the case of gcd, the idea of lcm can be extended to three or more positive integers. For example, 24 = 23 · 3,28 = 22 · 7, and 36 = 22 · 32. Therefore, [24,28,36] = 2max{3,2,2} · 3max{1,0,2} · 7max{0,1,0} = 23 · 32 · 71 = 504
- 239. 3.4 Least Common Multiple 187 Again, as in the case of gcd, recursion can be applied to evaluate the lcm of three or more positive integers, as the following result shows. We leave its proof as an exercise (see Exercise 36). THEOREM 3.18 Let a1,a2,...,an be n (≥ 3) positive integers. Then [a1,a2,...,an] = [[a1,a2,..., an−1],an]. The following example illustrates this result. EXAMPLE 3.16 Using recursion, evaluate [24,28,36,40]. SOLUTION [24,28,36,40] = [[24,28,36],40] = [[[24,28],36],40] = [[168,36],40] = [504,40] = 2520 (You can verify this using the canonical decompositions of 24, 28, 36, and 40.) The following two results follow from Theorem 3.18. COROLLARY 3.11 If the positive integers a1,a2,...,an are pairwise relatively prime, then [a1,a2, ...,an] = a1a2 ···an−1an. For instance, 12, 25, and 77 are pairwise relatively prime, so [12,25,77] = 12 · 25 · 77 = 23,100. Is the converse of this corollary true? You can determine this in Exercise 38. COROLLARY 3.12 Let m1,m2,...,mk and a be positive integers such that mi|a for 1 ≤ i ≤ k. Then [m1,m2,...,mk]|a. PROOF (by strong induction on k) The statement is clearly true when k = 1 and k = 2. So assume it is true for integers 1 through t. Now let mi|a for 1 ≤ i ≤ t + 1. Then [m1,m2,...,mt]|a by the inductive hypothesis and mt+1|a; so, again by the hypothesis, [[m1,m2,...,mt],mt+1]|a; that is, [m1,m2,...,mt+1]|a by Theorem 3.18. Thus, by induction, the result is true for every positive integer k.
- 240. 188 CHAPTER 3 Greatest Common Divisors E X E R C I S E S 3.4 Mark true or false, where a, b, and c are arbitrary positive integers and p is any prime. 1. The lcm of two primes is their product. 2. The lcm of two consecutive positive integers is their product. 3. The lcm of two distinct primes is their product. 4. If (a,b) = 1, then [a,b] = ab. 5. If p a, then [p,a] = pa. 6. If [a,b] = 1, then a = 1 = b. 7. If [a,b] = b, then a = 1. 8. If [a,b] = b, then a|b. 9. If [a,b] = ab, then a = b. 10. If [a,b] = ab and [b,c] = bc, then [a,c] = ac. Find the lcm of each pair of integers. 11. 110, 210 12. 65, 66 Find [a,b] if 13. a|b 14. b|a 15. a = 1 16. a = b 17. a and b are distinct primes. 18. b = a + 1 Find [a,b] if 19. (a,b) = 3 and ab = 693. 20. ab = 156 and a and b are relatively prime. 21. Find the positive integer a if [a,a + 1] = 132. 22. Find the twin primes p and q such that [p,q] = 323. Find the positive integers a and b such that 23. (a,b) = 20 and [a,b] = 840 24. (a,b) = 18 and [a,b] = 3780 25. What is your conclusion if (a,b) = [a,b]? Why? Using recursion, find the lcm of the given integers. 26. 12, 18, 20, 28 27. 15, 18, 24, 30 28. 10, 16, 18, 24, 28 29. 12, 15, 18, 25, 30 30. Prove or disprove: [a,b,c] = abc/(a,b,c). 31. Find the smallest positive integer ≥ 2 that is a square, a cube, and a fifth power. (A. Dunn, 1983) Prove each, where a,b,c,k,m,a1,a2,...,an,x,y, and z are positive integers. 32. The lcm of any two integers is unique. 33. (a,b)|[a,b] 34. [ka,kb] = k[a,b] 35. Let m be any multiple of a and b. Then [a,b]|m. 36. Let a1,a2,...,an be n (≥ 3) positive integers. Then [a1,a2,...,an] = [[a1,a2,...,an−1],an]. 37. [ka1,ka2,...,kan] = k[a1,a2,...,an−1,an]. 38. If [a1,a2,...,an] = a1a2 ···an−1an, then a1,a2, ...,an are pairwise relatively prime. 39. max{x,y,z} − min{x,y,z} + min{x,y} + min{y,z} + min{z,x} = x + y + z 40. The sum of the twin primes p and p + 2 is divisible by 12, where p 3. (C. Ziegenfus, 1963) 41. (a,[b,c]) = [(a,b),(a,c)] 42. [a,(b,c)] = ([a,b],[a,c]) 3.5 Linear Diophantine Equations Often we are interested in integral solutions of equations with integral coefficients. Such equations are called diophantine equations, after Diophantus, who wrote ex- tensively on them. For example, when we restrict the solutions to integers, the equa- tions 2x + 3y = 4,x2 + y2 = 1, and x2 + y2 = z2 are diophantine equations.
- 241. 3.5 Linear Diophantine Equations 189 Diophantus lived in Alexandria around A.D. 250. Not much is known about his life or nationality, except what is found in an epigram in the Greek Anthology: “Diophantus passed one-sixth of his life in childhood, one-twentieth in youth, and one-seventh more as a bachelor. Five years after his marriage was born a son who died four years before his father, at half his father’s age (at the time of the father’s death).” Diophantus wrote three books, all in Greek: Arithmetica, On Polygonal Numbers, and Porisms. Arithmetica, considered the earliest book on algebra, contains the first systematic use of mathematical notation for unknowns in equations. He had a symbol for subtraction and for equality. Six out of the thirteen copies of Arithmetica and a portion of On Polygonal Numbers are still in existence; Porisms is lost. The Bishop of Laodicea, a friend of Diophantus who assumed his episcopacy around A.D. 270, dedicated a book on Egyptian computation in his honor. Geometrically, such solutions of the equation 2x + 3y = 4 are points on the line 2x + 3y = 4 with integral coordinates. Points with integral coordinates are called lattice points. For example, (−1,2) is such a solution; in fact, it has infinitely many solutions (2 + 3t,−2t), where t is an arbitrary integer. The diophantine equation x2 + y2 = 1 has exactly four solutions: (±1,0) and (0,±1), the points where the unit circle x2 + y2 = 1 intersects the axes. The solutions of the diophantine equation x2 + y2 = z2 represent the lengths of the sides of a right triangle; (3,4,5) is one solution. This equation also has an infinite number of solutions, as we shall see in Section 13.1. Linear Diophantine Equations The simplest class of diophantine equations is the class of linear diophantine equa- tions (LDEs). A linear diophantine equation in two variables x and y is a diophan- tine equation of the form ax + by = c. Solving such a LDE systematically involves the euclidean algorithm, as you will see shortly. First, we study LDEs in two vari- ables. LDEs were known in ancient China and India as applications to astronomy and riddles, so we begin our discussion with two interesting puzzles. The first puzzle is due to the Indian mathematician Mahavira (ca. A.D. 850). EXAMPLE 3.17 Twenty-three weary travelers entered the outskirts of a lush and beautiful forest. They found 63 equal heaps of plantains and seven single fruits, and divided them equally. Find the number of fruits in each heap.
- 242. 190 CHAPTER 3 Greatest Common Divisors Mahavira, an astronomer and mathematician at the court of King Amoghavardana Vripatunga (814–877), was born in Mysore, India. Only little is known about his life. A staunch Jain by religion, he is known for his Ganita-Sara- Sangraha, the most scholarly treatise of the time on Indian mathematics. Written in nine chapters, it summarizes the body of knowledge then known in India, in arithmetic, including zero, fractions, and the decimal system, and geometry. It was translated from Sanskrit into English in 1912. SOLUTION Let x denote the number of plantains in a heap and y the number of plantains received by a traveler. Then we get the LDE 63x + 7 = 23y (3.2) Since both x and y must be positive, we are interested in finding only the positive integral solutions of the LDE (3.2). Solving it for y, y = 63x + 7 23 When x 0, clearly y 0. So try the values 1, 2, 3, and so on for x until the value of y becomes an integer (Table 3.2). It follows from the table that x = 5, y = 14 is a solution. We can verify that x = 28, y = 77 is yet another solution. In fact, the LDE has infinitely many solutions. See Example 3.20. x 1 2 3 4 5 ... 28 ... y 70 23 133 23 196 23 252 23 14 ... 77 ... Table 3.2 Another ancient riddle, called the hundred fowls puzzle, is found in the Math- ematical Classic, a book by the sixth-century Chinese mathematician Chang Chiu- chien. EXAMPLE 3.18 If a cock is worth five coins, a hen three coins, and three chicks together one coin, how many cocks, hens, and chicks, totaling 100, can be bought for 100 coins?
- 243. 3.5 Linear Diophantine Equations 191 SOLUTION Let x,y, and z denote the number of cocks, the number of hens, and the number of chicks respectively. Clearly, x,y,z ≥ 0. Then the given data yield two LDEs: x + y + z = 100 (3.3) 5x + 3y + z 3 = 100 (3.4) Substituting for z [= 100 − x − y from equation (3.3)] in equation (3.4) yields 5x + 3y + 1 3 (100 − x − y) = 100 That is, 7x + 4y = 100 y = 100 − 7x 4 = 25 − 7 4 x (3.5) So, for y to be an integer, 7x/4 must be an integer; but 4 7, so x must be a multiple of 4: x = 4t, where t is an integer. Then, y = 25 − 7 4 x = 25 − 7(4t) 4 = 25 − 7t and z = 100 − x − y = 100 − 4t − (25 − 7t) = 75 + 3t Thus, every solution to the puzzle is of the form x = 4t,y = 25−7t,z = 75+3t, where t is an arbitrary integer. Now, to find the possible actual solutions of the puzzle, we take the following steps: Since x ≥ 0,t ≥ 0. Since y ≥ 0,25 − 7t ≥ 0; that is, t ≤ 25/7, so t ≤ 3. Since z ≥ 0,75 + 3t ≥ 0; that is, t ≥ −25; but this does not give us any additional informa- tion, so 0 ≤ t ≤ 3. Thus, the riddle has four possible solutions, corresponding to t = 0, 1, 2, and 3: x = 0, y = 25, z = 75; x = 4, y = 18, z = 78; x = 8, y = 11, z = 81; and x = 12, y = 4, z = 84. Although we were able to solve successfully the LDEs in both examples, we should ask three questions:
- 244. 192 CHAPTER 3 Greatest Common Divisors Aryabhata (ca. 476–ca. 550), the first prominent Indian mathematician-astronomer, was born in Kusumapura, near Patna on the Ganges. He studied at Nalanda University, Kusumapura, and later became its head. Although he used mathematics to solve astronomical problems, he was very much interested in Diophantus’ work on inde- terminate equations and on the Indian astronomer Parasara’s work on comets and planetary motion. Aryabhata described the earth as spherical and computed its diameter as 7980 miles. He understood the nature of eclipses and that the sun was the source of moonlight, both ideas unknown to the West until the observations of Coperni- cus and Galileo a thousand years later. Aryabhata’s accurate astronomical calculations contributed to the devel- opment of a calendar in India. He also devised the expansions of (x+y)2 and (x+y)3, and formulas for extracting square roots and cube roots. Around 500, he calculated an accurate value of π as 62832/20000 = 3.1416, more accurately than previously known. His masterpiece, The Aryabhatiya, written in A.D. 499, deals with astronomy, plane and spherical trigonom- etry, algebra, quadratic equations, sums of powers of the first n natural numbers, and a table of sines. It was translated into Arabic around 800 and into Latin in the thirteenth century. In recognition of his outstanding contributions to astronomy and mathematics, India’s first satellite was named Aryabhata. • Does every LDE have a solution? • If not, under what conditions does an LDE have a solution? • If an LDE is solvable, what is the maximum number of solutions it can have? The first question can be answered easily. Consider the LDE 2x + 4y = 5. No matter what the integers x and y are, the LHS 2x + 4y is always even, whereas the RHS is always odd, so the LDE has no solution. Thus, not every LDE has a solution. Next, we establish a necessary and sufficient condition for the LDE ax + by = c to be solvable. Its proof, in fact, provides a formula for an arbitrary solution, when it is solvable. The Indian mathematician Aryabhata provided a complete solution of the LDE in two variables. A portion of the proof of Theorem 3.19, which is long, but fairly straightforward, is a variation of his method. THEOREM 3.19 The LDE ax + by = c is solvable if and only if d|c, where d = (a,b). If x0,y0 is a particular solution of the LDE, then all its solutions are given by x = x0 + b d t and y = y0 − a d t where t is an arbitrary integer. PROOF The proof consists of four parts: • If the LDE is solvable, then d|c.
- 245. 3.5 Linear Diophantine Equations 193 • Conversely, if d|c, then the LDE is solvable. • x = x0 + b d t and y = y0 − a d t is a solution of the LDE. • Every solution of the LDE is of this form. We shall prove each part one by one in that order. • To prove that if the LDE is solvable, then d|c: Suppose x = α,y = β is a solution. Then aα + bβ = c (3.6) Since d = (a,b),d|a and d|b, so d|(aα + bβ) by Theorem 2.4; that is, d|c. • To prove that if d|c, then the LDE is solvable: Suppose d|c. Then c = de for some integer e. Since d = (a,b), by Theo- rem 3.5, there exist integers r and s such that ra + sb = d. Multiplying both sides of this equation by e yields rae + sbe = de That is, a(re) + b(se) = c Thus, x0 = re and y0 = se is a solution of the LDE; that is, it is solvable. • To show that x = x0 + b d t and y = y0 − a d t is a solution: We have ax + by = a x0 + b d t + b y0 − a d t = (ax0 + by0) + abt d − abt d = ax0 + by0 = c Thus, x = x0 + b d t and y = y0 − a d t is a solution for any integer t. • To show that every solution x,y is of the desired form: Since x0,y0 and x,y are solutions of the LDE, we have: ax0 + by0 = c and ax + by = c ax0 + by0 = ax + by Therefore, a(x − x0) = b(y0 − y ) (3.7)
- 246. 194 CHAPTER 3 Greatest Common Divisors Divide both sides of this equation by d: a d (x − x0) = b d (y0 − y ) By Theorem 3.4, (a/d,b/d) = 1, so, by Corollary 3.4, b d |(x − x0) and hence x − x0 = b d t for some integer t. That is, x = x0 + b d t Now substituting for x − x0 in equation (3.7), we have a b d t = b(y0 − y ) a d t = y0 − y y = y0 − a d t Thus, every solution of the LDE is of the desired form. It follows by this theorem that if the LDE ax+by = c is solvable, then it has infinitely many solutions. They are given by the general solution x = x0 + b d t and y = y0 − a d t, t being an arbitrary integer. By giving different values to t, we can find any number of particular solutions. This theorem has an interesting and useful corollary. COROLLARY 3.13 If (a,b) = 1, then the LDE ax + by = c is solvable and the general solution is given by x = x0 + bt,y = y0 − at, where x0,y0 is a particular solution. The following three examples demonstrate Theorem 3.19. EXAMPLE 3.19 Determine whether the LDEs 12x + 18y = 30,2x + 3y = 4, and 6x + 8y = 25 are solvable.
- 247. 3.5 Linear Diophantine Equations 195 SOLUTION • (12,18) = 6 and 6|30, so the LDE 12x + 18y = 30 has a solution. • (2,3) = 1, so by Corollary 3.13, the LDE has a solution. • (6,8) = 2, but 2 25, so the LDE 6x + 8y = 25 is not solvable. The following two examples illustrate in detail how to find the general solution of an LDE in two variables. EXAMPLE 3.20 Find the general solution to Mahavira’s puzzle in Example 3.17. SOLUTION The LDE in Mahavira’s puzzle is 63x − 23y = −7. Since (63,23) = 1, by Corol- lary 3.13, the LDE has a solution. To find a particular solution x0,y0, first we express the gcd 1 as a linear combi- nation of 63 and 23. To accomplish this, we apply the euclidean algorithm: 63 = 2 · 23 + 17 23 = 1 · 17 + 6 17 = 2 · 6 + 5 6 = 1 · 5 + 1 5 = 5 · 1 + 0 Now, use the first four equations in reverse order: 1 = 6 − 1 · 5 = 6 − 1(17 − 2 · 6) = 3 · 6 − 1 · 17 = 3(23 − 1 · 17) − 1 · 17 = 3 · 23 − 4 · 17 = 3 · 23 − 4(63 − 2 · 23) = (−4) · 63 + 11 · 23 Multiply both sides of this equation by −7 (why?): −7 = (−7)(−4) · 63 + (−7) · 11 · 23 = 63 · 28 − 23 · 77
- 248. 196 CHAPTER 3 Greatest Common Divisors which shows x0 = 28, y0 = 77 is a particular solution of the LDE. [See part (2) of the proof of the theorem. Also, note that we obtained this solution in Example 3.17.] Therefore, by Corollary 3.13, the general solution is given by x = x0 + bt = 28 − 23t and y = y0 − at = 77 − 63t, where t is an arbitrary integer. EXAMPLE 3.21 Using Theorem 3.19, find the general solution of the hundred fowls puzzle in Exam- ple 3.18. SOLUTION By Example 3.18, we have x + y + z = 100 (3.8) 5x + 3y + z 3 = 100 (3.9) Eliminating z between these two equations, we obtain the LDE 7x + 4y = 100 (3.10) Notice that (7,4) = 1 and by trial and error, 1 = (−1) · 7 + 2 · 4 Now multiply both sides of this equation by 100: 100 = (−100) · 7 + 200 · 4 Therefore, x0 = −100,y0 = 200 is a particular solution of the LDE (3.10). Thus, by Corollary 3.13, the general solution of the LDE (3.10) is x = −100 + 4t, y = 200 − 7t. Then z = 100 − x − y = 100 − (−100 + 4t ) − (200 − 7t ) = 3t Thus, the general solution of the puzzle is x = −100 + 4t, y = 200 − 7t, z = 3t, where t is an arbitrary integer. This solution can be rewritten in such a way that we can recover the general solution obtained earlier. We have x = −100 + 4t = 4(−25 + t ) = 4t, where t = t − 25
- 249. 3.5 Linear Diophantine Equations 197 Then y = 200 − 7(t + 25) = 25 − 7t and z = 3(t + 25) = 75 + 3t Thus, the general solution is also given by x = 4t, y = 25−7t, and z = 75+3t, where t is an arbitrary integer. EXAMPLE 3.22 Solve, if possible, Mahavira’s puzzle if there were 24 travelers. SOLUTION With 24 travelers, the diophantine equation becomes 63x − 24y = −7. Since (63,24) = 3 and 3 7, the diophantine equation has no integral solutions, so the puzzle has no solutions. We now pursue a fascinating puzzle. The Monkey and Coconuts Puzzle The October 9, 1926, issue of The Saturday Evening Post carried a fascinating puzzle by Ben Ames Williams, titled Coconuts. It concerned a building contractor desperate to prevent a tough competitor from getting a lucrative contract. A shrewd employee of the contractor, knowing their competitor’s love for recreational mathematics, gave him a problem so intriguing that he became obsessed with solving it and forgot to enter his bid before the deadline. Williams’ problem is actually a slightly modified version of the ancient prob- lem described in the following example. We leave his version as an exercise (see Exercise 40). EXAMPLE 3.23 Five sailors and a monkey are marooned on a desert island. During the day they gather coconuts for food. They decide to divide them up in the morning, but first they retire for the night. While the others sleep, one sailor gets up and divides them into five equal piles, with one left over, which he throws out for the monkey. He hides his share, puts the remaining coconuts together, and goes back to sleep. Later a second sailor gets up, divides the pile into five equal shares with one coconut left over, which he discards for the monkey. One by one the remaining sailors repeat the process. In the morning, they divide the pile equally among them with one coconut
- 250. 198 CHAPTER 3 Greatest Common Divisors left over, which they throw out for the monkey. Find the smallest possible number of coconuts in the original pile. SOLUTION Let n denote the number of coconuts in the original pile. Let u,v,w,x, and y denote the number of coconuts each sailor took after each division, and let z be the number of coconuts each received after the final division. Then n = 5u + 1 4u = 5v + 1 4v = 5w + 1 4w = 5x + 1 4x = 5y + 1 4y = 5z + 1 These equations yield the LDE 15625z − 1024n = −11529 (3.11) Because (15625,1024) = 1, the LDE has a solution. Using the euclidean algorithm, we can verify that 1 = 313 · 15625 − 4776 · 1024, so 15625 · [(−11529) · 313] − 1024 · [4776 · (−11529)] = −11529 That is, 15625 · (−3608577) − 1024 · (−55062504) = −11529 So z0 = −3608577 and n0 = −55062504 is a particular solution, and the general solution is z = −3608577 − 1024t, n = −55062504 − 15625t, t being an arbitrary integer. Because n 0, −55062504 − 15625t 0, so t − 55062504 15625 ; that is, t −3524. Because n is a minimum when t is a maximum, t = −3525. Then n = −55062504 − 15625 · (−3525) = 15621. Thus, the least number of coconuts in the original pile is 15,621. We shall return to this puzzle in the next section. Now, we make a geometric interpretation of the general solution in Theo- rem 3.20.
- 251. 3.5 Linear Diophantine Equations 199 Figure 3.4 Recall that the solutions of the LDE ax + by = c are the lattice points that lie on the line ax + by = c. (Assume a,t 0 for convenience.) The slope of this line is − a b = − a/d b/d where d = (a,b). Locate the point P(x0,y0), on the line. Then move b d t units to the right and a d t units down if b 0 (see Figure 3.4a), and |b| d t units to the left and a d t units down if b 0 (see Figure 3.4b). In either case, the procedure determines a lattice point on the line. The cases a 0 and t 0 can be interpreted similarly. Euler’s Method for Solving LDEs Euler devised a method for solving LDEs that employs the division algorithm, but not the euclidean algorithm. EXAMPLE 3.24 Solve the LDE 1076x + 2076y = 3076 by Euler’s method. SOLUTION Since (1076,2076) = 4 and 4|3076, the LDE has infinitely many solutions. Euler’s method involves solving the LDE for the variable with the smaller coefficient, x in this case: x = −2076y + 3076 1076 = −y + 2 + −1000y + 924 1076 , by the division algorithm (3.12)
- 252. 200 CHAPTER 3 Greatest Common Divisors Let u = −1000y + 924 1076 . (Notice that u is an integer. Why?) This yields the LDE 1076u + 1000y = 924. (This LDE has smaller coefficients than the original one.) Solve for y: y = −1076u + 924 1000 = −u + −76u + 924 1000 , by the division algorithm (3.13) Let v = −76u + 924 1000 , so 76u + 1000v = 924; solve for u: u = −1000v + 924 76 = −13v + 12 + −12v + 12 76 , by the division algorithm (3.14) Let w = −12v + 12 76 , so 12v + 76w = 12; solve for v: v = −76w + 12 12 = −6w + 1 − w 3 Because v is an integer, w/3 must be an integer, so we let w/3 = t. To obtain a particular solution, we let t = 0; then w = 0 and work through the chain of equations (3.12), (3.13), and (3.14) in the reverse order: v = −6w + 1 − w 3 = −6(0) + 1 − 0 = 1 u = −1000v + 924 76 = −1000 + 924 76 = −1 y = −1076u + 924 1000 = 1076 + 924 1000 = 2 x = −2076y + 3076 1076 = −4152 + 3076 1076 = −1 You can verify that x0 = −1, y0 = 2 is in fact a solution of the LDE.
- 253. 3.5 Linear Diophantine Equations 201 To find the general solution, with t as an arbitrary integer, use successive substi- tution, again in the reverse order: w = 3t v = −6w + 1 − w 3 = −19t + 1 u = −13v + 12 + w = 250t − 1 y = −u + v = −269t + 2 x = −y + 2 + u = 519t − 1 Thus, the general solution is x = 519t−1, y = −269t+2. (We can confirm this using Theorem 3.20.) Next, we investigate LDEs with Fibonacci coefficients. Fibonacci Numbers and LDEs Consider the LDE Fn+1x + Fny = c. By Theorem 3.1, (Fn+1,Fn) = 1, so the LDE is solvable. By Cassini’s formula, Fn+1Fn−1 − F2 n = (−1)n. Suppose n is even. Then Fn+1Fn−1 −F2 n = 1; so Fn+1(cFn−1)+Fn(−cFn) = c. Thus, x0 = cFn−1,y0 = −cFn is a particular solution of the LDE Fn+1x + Fny = c. On the other hand, let n be odd. Then Fn+1(−Fn−1)+F2 n = 1; so Fn+1(−cFn−1) + Fn(cFn) = c. Thus, x0 = −cFn−1,y0 = cFn is a particular solution of the LDE Fn+1x + Fny = c. For example, consider the LDE 34x + 21y = 17. Since F9F7 − F2 8 = 34 · 13 − 212 = (−1)8 and c = 17, it follows that x0 = cF7 = 17 · 13 = 221,y0 = −cF8 = −17 · 21 = −357 is a particular solution. So the general solution is x = x0 + bt = 221 + 21t, y = y0 − at = −357 − 34t. We now study an intriguing puzzle† whose solution involves solving LDEs. EXAMPLE 3.25 A six-digit positive integer is cut up in the middle into two three-digit numbers. If the square of their sum yields the original number, find the number. SOLUTION Let N be the six-digit number, and let a and b be the two three-digit numbers. Then N = 1000a + b and N = (a + b)2. † Based on A. Dunn (ed.), Mathematical Bafflers, Dover, New York, 1980, p. 183.
- 254. 202 CHAPTER 3 Greatest Common Divisors Let a + b = c. Then (1000a + b) − (a + b) = c2 − c 999a = c(c − 1) If c = 999, then 999a = 999 · 998, so a = 998 and b = 1. Then N = 998,001 works: 998001 = (998 + 001)2. If c = 999, then 999|c(c − 1), where 999 = 27 · 37,(27,37) = 1 = (c,c − 1). Therefore, 27|c and 37|(c − 1), or 27|(c − 1) and 37|c. case 1 Suppose 27|c and 37|(c − 1). Then c = 27x and c − 1 = 37y for some integers x and y. These two equations yield the LDE 27x − 37y = 1. Solving this, we get x = 11 − 37t and y = 8 − 27t. Therefore, c = 27(11 − 37t) = 297 − 999t. Unfortunately, no t yields a value for c such that c2 has the desired property. case 2 Suppose 27|(c − 1) and 37|c. Then 37y − 27x = 1. Solving this we get y = −8−27t and x = −11−37t; so c = 37(−8−27t) = −296−999t = 703+999t, t being arbitrary;t = 0 yields c = 703. Then 999a = 703 · 702, so a = 494 and b = 209. Then N = 494,209 has the desired property: 494209 = (494 + 209)2. No other value of t produces such a number. Thus, there are two six-digit positive integers satisfying the required property: 998,001 and 494,209. The following theorem shows that Theorem 3.19 can be extended to LDEs con- taining three or more unknowns. Its proof depends on induction. See Exercises 41 and 42. THEOREM 3.20 The LDE a1x1 + a2x2 + ··· + anxn = c is solvable if and only if (a1,a2,...,an)|c. When it is solvable, it has infinitely many solutions. The following two examples illustrate this theorem. EXAMPLE 3.26 Determine whether the LDEs 6x + 8y + 12z = 10 and 6x + 12y + 15z = 10 are solvable. SOLUTION • Since (6,8,12) = 2 and 2|10, the LDE 6x + 8y + 12z = 10 is solvable. • (6,12,15) = 3, but 3 10, so the 6x + 12y + 15z = 10 has no integral solu- tions.
- 255. 3.5 Linear Diophantine Equations 203 We conclude this section with an example that demonstrates solving a LDE in three variables. EXAMPLE 3.27 Find the general solution of the LDE 6x + 8y + 12z = 10. SOLUTION By the preceding example, the LDE has infinitely many solutions. Since 8y + 12z is a linear combination of 8 and 12, it must be a multiple of (8,12) = 4; so we let 8y + 12z = 4u (3.15) This leads to a LDE in two variables: 6x + 4u = 10. Solving this, we get x = 5 + 2t and u = −5 − 3t, with t as an arbitrary integer (verify this). Now substitute for u in equation (3.15): 8y + 12z = 4(−5 − 3t) Notice that (8,12) = 4 and 4 = 2 · 8 + (−1) · 12. Therefore, 4(−5 − 3t) = (−10 − 6t) · 8 + (5 − 3t) · 12 So, by Theorem 3.19, the general solution of equation (3.15) is y = −10 − 6t + 3t, z = 5 + 3t − 2t. Thus, the general solution of the given linear diophantine equation is x = 5 + 2t y = −10 − 6t + 3t z = 5 + 3t − 2t where t and t are arbitrary integers. Obviously, this method of reducing the number of unknowns can be extended to LDEs with any finite number of unknowns. See Exercises 33–36 for additional practice. E X E R C I S E S 3.5 1. Using the biographical sketch of Diophantus on p. 189, determine his age at the time of his death. Using Theorem 3.19, determine whether each LDE is solvable.
- 256. 204 CHAPTER 3 Greatest Common Divisors 2. 12x + 16y = 18 3. 14x + 16y = 15 4. 12x + 13y = 14 5. 28x + 91y = 119 6. 1776x + 1976y = 4152 7. 1076x + 2076y = 1155 Find the general solution of each LDE using Theo- rem 3.19. 8. 2x + 3y = 4 9. 12x + 16y = 20 10. 12x + 13y = 14 11. 15x + 21y = 39 12. 28x + 91y = 119 13. 1776x + 1976y = 4152 14. Verify the general solution of the LDE in Exam- ple 3.24 using Theorem 3.19. 15–20. Using Euler’s method, solve the LDEs in Exer- cises 8–13. 21. A pile of mangoes was collected. The king took one- sixth, the queen one-fifth of the remainder, the three princes one-fourth, one-third, and one-half of the suc- cessive remainders, and the youngest child took the three remaining mangoes. Find the number of man- goes in the pile. (Mahavira) 22. The total cost of nine citrons and seven fragrant wood apples is 107 coins; the cost of seven citrons and nine fragrant wood apples is 101 coins. Find the cost of a citron and a wood apple. (Mahavira) 23. A person bought some 12-cent stamps and some 15- cent stamps. The postal clerk told her the total cost was $5.50. Is that possible? 24. A piggy bank contains nickels and dimes for a total value of $3.15. Find the possible number of nickels and dimes. 25. A fruit basket contains apples and oranges. Each ap- ple costs 65¢ and each orange 45¢, for a total of $8.10. Find the minimum possible number of apples in the basket. Solve each Fibonacci LDE. 26. 144x + 89y = 23 27. 233x − 144y = 19 28. Verify that x = 5 − 4t, y = −10 + 12t + 3t, z = 5 − 6t − 2t is a solution of the LDE 6x + 8y + 12z = 10 for any integers t and t. Determine whether each LDE is solvable. 29. 2x + 3y + 4z = 5 30. 8x + 10y + 16z = 25 31. 12x + 30y − 42z = 66 32. 76w + 176x + 276y + 376z = 476 Solve the following LDEs. 33. x + 2y + 3z = 6 34. 2x − 3y + 4z = 5 35. 6x + 12y − 15z = 33 36. 12x + 30y − 42z = 66 37. A collection plate contains nickels, dimes, and quar- ters. The total value is $4, and there are twice as many quarters as there are dimes. Find the possible number of combinations of each kind, if there are more quar- ters than nickels. Mrs. Hall bought 10 hot dogs, 15 cheeseburgers, and 20 sandwiches for a pool party. The total bill was $73.50. 38. Find the general solution. 39. Find the possible combinations of the numbers of hot dogs, cheeseburgers, and sandwiches she could have bought if a cheeseburger cost 65¢ more than a hot dog. 40. (Williams’ version) Five sailors and a monkey are marooned on a desert island. During the day they gather coconuts for food. They decide to divide them up in the morning and retire for the night. While the others are asleep, one sailor gets up and divides them into equal piles, with one left over, which he throws out for the monkey. He hides his share, puts the re- maining coconuts together, and goes back to sleep. Later a second sailor gets up, divides the pile into five equal shares with one coconut left over which he dis- cards for the monkey. Later the remaining sailors re- peat the process. Find the smallest possible number of coconuts in the original pile. Prove each. 41. The LDE n i=1 aixi = c is solvable if and only if (a1,a2,...,an)|c. 42. If the LDE n i=1 aixi = c is solvable, then it has infi- nitely many solutions. (Hint: Use induction.)
- 257. Chapter summary 205 X CHAPTER SUMMARY One of the most celebrated results in number theory is the fundamental theorem of arithmetic, which is indeed the cornerstone of the subject. Two concepts indis- pensable to its development are the gcd and the lcm. We developed a necessary and sufficient condition for an LDE to be solvable, and the general solution when it is solvable. Greatest Common Divisor (gcd) • The gcd (a,b) of two positive integers a and b is the largest positive integer that divides both. (p. 155) • A positive integer d is the gcd of a and b if: • d|a and d|b; and • if d|a and d|b, then d ≤ d, where d is a positive integer. (p. 156) • Two positive integers a and b are relatively prime if (a,b) = 1. (p. 156) • f0 f1 ···fn−1 = fn − 2, where n ≥ 1. (p. 157) • Let m and n be distinct nonnegative integers. Then (fm,fn) = 1. (p. 157) • If (a,b) = d, then (a/d,b/d) = 1 and (a,a − b) = d. (p. 158) • d = (a,b) is the least positive linear combination of a and b. (p. 159) • If d is a common divisor of a and b, then d|(a,b). (p. 160) • A positive integer d is the gcd of a and b if: • d|a and d|b; and • if d|a and d|b, then d|d, where d is a positive integer. (p. 161) • (ac,bc) = c(a,b) (p. 161) • The positive integers a and b are relatively prime if and only if αa + βb = 1 for some integers α and β. (p. 161) • If (a,b) = 1 and a|bc, then a|c. (p. 162) • If a|c,b|c, and (a,b) = 1, then ab|c. (p. 162) • (a1,a2,...,an) = ((a1,a2,...,an−1),an) (p. 163) Euclidean Algorithm The euclidean algorithm for finding (a,b) is a successive application of the division algorithm and is based on the following result, where a ≥ b: • Let r = a mod b. Then (a,b) = (b,r). (p. 166) • The algorithm provides a systematic method for expressing (a,b) as a linear combination of a and b. (p. 170) • The number of divisions needed to compute (a,b) by the euclidean algorithm is no more than five times the number of decimal digits in b, where a ≥ b ≥ 2. (Lamé’s theorem) (p. 172)
- 258. 206 CHAPTER 3 Greatest Common Divisors Fundamental Theorem of Arithmetic • If p is a prime and p|ab, then p|a or p|b. (p. 174) • If p is a prime such that p|a1a2 ···an, where a1,a2,...,an are positive inte- gers, then p|ai for some i, where 1 ≤ i ≤ n. (p. 174) • If p,q1,q2,...,qn are primes such that p|q1q2 ···qn, then p = qi for some i, where 1 ≤ i ≤ n. (p. 174) • Every positive integer n ≥ 2 either is a prime or can be expressed as a product of primes. The factorization into primes is unique except for the order of the factors. (p. 174) Canonical Decomposition of a Positive Integer N • N = pa1 1 pa2 2 ···p ak k , where p1,p2,...,pk are distinct primes, p1 p2 ··· pk and ai ≥ 0. (p. 176) Dirichlet’s Theorem If a and b are relatively prime, then the arithmetic sequence a,a + b,a + 2b,a + 3b,... contains infinitely many primes. (p. 182) Least Common Multiple (lcm) • The lcm [a,b] of two positive integers a and b is the least positive integer divisible by both. (p. 184) • A positive integer m = [a,b] if • a|m and b|m; and • if a|m and b|m, then m ≤ m, where m is a positive integer. (p. 184) • [a,b] = ab/(a,b) (p. 185) • [a1,a2,...,an] = [[a1,a2,...,an−1],an] (p. 187) • If a1,a2,...,an are pairwise relatively prime, then [a1,a2,...,an] = a1a2 ···an−1an. (p. 187) Linear Diophantine Equations (LDEs) • An LDE in two variables x and y is of the form ax + by = c, where a, b, and c are integers. (p. 189) • It is solvable if and only if d|c, where d = (a,b). (p. 192) • If d|c, the general solution of the LDE is x = x0 + (b/d)t, y = y0 − (a/d)t, where x0, y0 is a particular solution. (p. 192) • LDEs can be solved by Euler’s method. (p. 199)
- 259. Review Exercises 207 X REVIEW EXERCISES Find the gcd of each pair of integers. 1. 2 · 32 · 53,25 · 33 · 5 2. 2 · 32 · 5 · 73,23 · 3 · 52 · 113 3. 32, 48 4. 56, 260 Using the euclidean algorithm, find the gcd of each pair of integers. 5. 28, 12 6. 784, 48 7. 1947, 63 8. 5076, 1076 Using recursion, find the gcd of the given integers. 9. 16, 20, 36, 48 10. 20, 32, 56, 68 11. 28, 48, 68, 78 12. 24, 36, 40, 60, 88 Express the gcd of the given numbers as a linear combination of the numbers. 13. 14, 18 14. 12, 20 15. 12, 18, 20 16. 10, 12, 14, 18 Find the positive factors of each, where p and q are distinct primes. 17. 98 18. 1575 19. piq 20. piqj Find the canonical decomposition of each. 21. 2000 22. 3230 23. 1771 24. 4076 Find the number of trailing zeros in the decimal value of each integer. 25. 260! 26. 345! 27. 1400! 28. 1947! Find the number of trailing zeros in the binary representation of each integer. 29. 39 30. 191 31. 243 32. 576 Find the number of trailing zeros in the ternary (base three) representation of each integer. 33. 45 34. 61 35. 118 36. 343 Find the lcm of each pair of integers. 37. 2 · 32 · 5, 2 · 3 · 7 38. 3 · 72 · 11, 22 · 5 · 7 39. 48, 66 40. 42, 78 41. The lcm of two consecutive positive integers is 812. Find them. 42. The lcm of twin primes is 899. Find them.
- 260. 208 CHAPTER 3 Greatest Common Divisors Using Theorem 3.17, find the lcm of the given integers. 43. 48, 64 44. 56, 76 45. 70, 90 46. 123, 243 47–50. Find the lcm of the integers in Exercises 9–12. Prove each, where a, b, c, d, m, and n are positive integers. 51. Let p be a prime such that p|an. Then pn|an. 52. If a|m and b|m, then [a,b]|m. 53. The product of three consecutive integers is divisible by 6. 54. The gcd of two consecutive integers is 1. 55. The gcd of twin primes is 1. 56. If d|ab, d|ac, and (b,c) = 1, then d|a. 57. If a|b and c|d, then (a,c)|(b,d). 58. If a|b and c|d, then [a,c]|[b,d]. 59. The product of two integers of the form 4n + 3 is of the form 4n + 1. 60. The product of n integers of the form 4k + 1 is also of the same form. 61. A positive integer is a cube if and only if each exponent in its canonical decom- position is divisible by 3. 62. There is an infinite number of primes of the form 6n + 1. 63. There is an infinite number of primes of the form 7n + 4. 64. (ca1,ca2,...,can) = c(a1,a2,...,an) 65. Let p be a prime such that p|n!. Then the exponent of p in the canonical decom- position of n! is n/p + n/p2 + n/p3 + ···. (Note: This sum is finite since n/pm = 0 when pm n.) 66. Let b = a + 2, where a is odd and 3 ab. Then 12|(a + b). (M. Beiler, 1967) 67. ([a,b],[b,c],[c,a]) = [(a,b),(b,c),(c,a)] 68. [a,b,c] = abc(a,b,c) (a,b),(b,c),(c,a) 69. 6nn!|(3n)!, where n ≥ 0. (C. W. Trigg, 1968) Using Exercise 65, find the canonical decomposition of each. 70. 12! 71. 15! 72. 18! 73. 23! Determine whether each LDE is solvable. 74. 24x + 52y = 102 75. 76x + 176y = 276 Find the general solution of each LDE. 76. 12x + 20y = 28 77. 76x + 176y = 276 78–79. Solve the LDEs in Exercises 76 and 77 by Euler’s method. 80. Solve the LDE in Example 3.23 by Euler’s method.
- 261. Supplementary Exercises 209 81. Solve the LDE in Exercise 40 in Section 3.5 by Euler’s method. 82. A farmer bought some calves and sheep for $39,500, at $475 a calf and $275 a sheep. If she bought more calves than sheep, find the minimum number of calves she must have bought. 83. A shopper bought some apples, oranges, and pears, a total of a dozen fruits. They cost 75¢, 30¢, and 60¢ apiece respectively, for a total of $6.30. If he bought at least one fruit of each kind, how many apples, oranges, and pears did he buy? X SUPPLEMENTARY EXERCISES In Exercises 1–10, n is a positive integer and n = [1,2,3,...,n]. 1. Find n for n = 5, 6, 7, and 8. 2. Let n = pk, where p is a prime and k is a positive integer. Prove that n = p(n − 1). 3. Using Exercise 2, compute 9. 4. Using the fact that n = p≤n pe, where pe denotes the largest prime-power ≤ n, compute 9, 10, and 11. 5. Show that (n + 1) + 2,(n + 1) + 3,...,(n + 1) + (n + 1) are consecutive composite numbers. 6. Using Exercise 5, find six consecutive composite numbers. 7. Compute n + 1 for 1 ≤ n ≤ 7 and make a conjecture. 8. Is 8 + 1 a prime? 9. Compute n − 1 for 3 ≤ n ≤ 8 and make a conjecture. 10. Is 9 − 1 a prime? 11. Let a, b, and c be positive integers such that a + b = c. Let m = [a,b]. Prove that (c,m) = (a,b). (H. H. Berry, 1951) Let a, b, m, and n be any positive integers, where a b. Prove each. 12. (am − 1,an − 1) = a(m,n) − 1 13. an − bn a − b ,a − b = (n(a,b)n−1,a − b). (T. M. Apostol, 1980) 14. Use Exercise 13 to deduce that if p is a prime and (a,b) = 1, then ap − bp a − b ,a − b = 1 or p. (T. M. Apostol, 1980) 15. Let m and n be any positive integers, and let a and b be relatively prime inte- gers with a b. Prove that (am − bm,an − bn) = a(m,n) − b(m,n). (T. M. Apos- tol, 1981)
- 262. 210 CHAPTER 3 Greatest Common Divisors X COMPUTER EXERCISES Write a program to do each task. 1. Read in a positive integer n and determine the number of trailing zeros in each. (a) The decimal value of n!. (b) The binary representation of n. (c) The ternary expansion of n. 2. Read in two positive integers a and b, and find their gcd using the euclidean algorithm. 3. Read in an integer n (≥ 0) and a positive integer k, and find the first k primes of the form 4n + 1. 4. Read in an integer n (≥ 0) and a positive integer k, and find the first k primes of the form 4n + 3. 5. Read in a positive integer n (≥ 2) and n positive integers. Using recursion and the euclidean algorithm, find their gcd. 6. Read in a positive integer n, and print all powerful numbers ≤ n. 7. Read in integers a,b, and c, and check if the LDE ax + by = c is solvable. X ENRICHMENT READINGS 1. M. P. Cohen and W. A. Juraschek, “GCD, LCM, and Boolean Algebra,” Mathe- matics Teacher, 69 (Nov. 1976), 602–605. 2. U. Dudley, Elementary Number Theory, W. H. Freeman, New York, 1969. 3. M. W. Kappel, “Backtracking the Euclidean Algorithm,” Mathematics Teacher, 69 (Nov. 1976), 598–600. 4. T. Koshy, “The Euclidean Algorithm via Matrices and a Calculator,” The Mathe- matical Gazette, 80 (Nov. 1996), 570–574. 5. T. Koshy, Fibonacci and Lucas Numbers with Applications, Wiley, New York, 2001. 6. C. S. Ogilvy and J. T. Anderson, Excursions in Number Theory, Dover, New York, 1988. 7. M. Polezzi, “A Geometrical Method for Finding an Explicit Formula for the Greatest Common Divisor,” The American Mathematical Monthly, 104 (May 2000), 445–446.
- 263. 4 Congruences The invention of the symbol ≡ by Gauss affords a striking example of the advantage which may be derived from an appropriate notation, and marks an epoch in the development of the science of arithmetic. — G. B. MATHEWS his chapter investigates the congruence relation, an extremely useful and pow- Terful number-theoretic relation used throughout number theory, and its fun- damental properties. LDEs and the congruence relation are closely related, as you will see in Section 4.2. Furthermore, we discuss a practical factoring algorithm based on gcd and congruence. 4.1 Congruences One of the most remarkable relations in number theory is the congruence relation, introduced and developed by the German mathematician Karl Friedrich Gauss, who is ranked with Archimedes (287–212 B.C.) and Isaac Newton (1642–1727) as one of the greatest mathematicians of all time. Gauss, known as the “prince of math- ematics,” presented the theory of congruences, a beautiful arm of divisibility the- ory, in his outstanding work Disquistiones Arithmeticae, published in 1801 when he was only 24. Gauss is believed to have submitted a major portion of the book to the French Academy for publication, but they rejected it. “It is really astonishing,” writes the German mathematician Leopold Kronecker, “to think that a single man of 211
- 264. 212 CHAPTER 4 Congruences Karl Friedrich Gauss (1777–1855), the son of a laborer, was born in Brunswick, Germany. A child prodigy, he detected an error in his father’s book- keeping at the age of three. Recognizing his remarkable talents, the Duke of Brunswick sponsored his education. Gauss received his doctorate in 1799 from the University of Göttingen. In his doctoral dissertation, he gave the first rigorous proof of the fundamental theorem of algebra, which states, “Every polynomial of degree n (≥ 1) with real coefficients has at least one zero.” New- ton and Euler, among others, had attempted unsuccessfully to prove this. Gauss made significant contributions to algebra, geometry, analysis, physics, and astronomy. His Disquisitiones Arithmeticae laid the foundation for modern number theory. From 1807 until his death, he was the director of the Observatory and professor of mathematics at the University of Göttingen. such young years was able to bring to light such a wealth of results, and above all to present such a profound and well-organized treatment of an entirely new discipline.” The congruence relation, as we will see shortly, shares many interesting proper- ties with the equality relation, so it is no accident that the congruence symbol ≡, in- vented by Gauss around 1800, parallels the equality symbol =. The congruence sym- bol facilitates the study of divisibility theory and has many fascinating applications. Let us begin our discussion with a definition. Congruence Modulo m Let m be a positive integer. Then an integer a is congruent to an integer b modulo m if m|(a − b). In symbols, we then write a ≡ b (mod m); m is the modulus of the congruence relation. If a is not congruent to b modulo m, then a is incongruent to b modulo m; we then write a ≡ b (mod m). The following example illustrates these definitions. EXAMPLE 4.1 Since 5|(23 − 3),23 ≡ 3 (mod 5); likewise, 6|(48 − 12), so 48 ≡ 12 (mod 6); also 28 ≡ −4 (mod 16). But 20 ≡ 3 (mod 4), since 4 (20 − 3); likewise, 18 ≡ −6 (mod 7). Note that we use congruences in everyday life, often without realizing it. We use congruences modulo 12 to tell the time of the day and congruence modulo 7 to tell the day of the week. Odometers in automobiles use 1,000,000 as the modulus.
- 265. 4.1 Congruences 213 The following result is simple, but useful. It translates congruence into equality and enables us to characterize congruences in a different way. Throughout our dis- cussion of congruences, assume that all letters denote integers and all moduli (plural of modulus) are positive integers. THEOREM 4.1 a ≡ b (mod m) if and only if a = b + km for some integer k. PROOF Suppose a ≡ b (mod m). Then m|(a − b), so a − b = km for some integer k; that is, a = b + km. Conversely, suppose a = b + km for some integer k. Then a − b = km, so m|(a − b) and consequently, a ≡ b (mod m). For example, 23 ≡ 3 (mod 5) and 23 = 3 + 4 · 5; on the other hand, 49 = −5 + 9 · 6, so 49 ≡ −5 (mod 6). A useful observation: It follows from the definition (also from Theorem 4.1) that a ≡ 0 (mod m) if and only if m|a; that is, an integer is congruent to 0 if and only if it is divisible by m. Thus, a ≡ 0 (mod m) and m|a mean exactly the same thing. For instance, 28 ≡ 0 (mod 4) and 4|28. Using the congruence relation, Dirichlet’s theorem (Theorem 3.16) can be re- stated as follows: There are infinitely many primes p such that p ≡ a (mod b), where (a,b) = 1. The following theorem presents three additional properties of congruence. THEOREM 4.2 • a ≡ a (mod m). (Reflexive property) • If a ≡ b (mod m), then b ≡ a (mod m). (Symmetric property) • If a ≡ b (mod m) and b ≡ c (mod m), then a ≡ c (mod m). (Transitive property) PROOF • Since m|(a − a), a ≡ a (mod m). • Suppose a ≡ b (mod m). Then m|(a − b); that is, m|−(b − a). So m|(b − a); that is, b ≡ a (mod m). • Suppose a ≡ b (mod m) and b ≡ c (mod m). Then m|(a − b) and m|(b − c), so, by Theorem 2.4, m|[(a − b) + (b − c)]; that is, m|(a − c); consequently, a ≡ c (mod m).
- 266. 214 CHAPTER 4 Congruences For example, 6 ≡ 6 (mod 5); since 3 ≡ 5 (mod 2), 5 ≡ 3 (mod 2); also, since 7 ≡ −5 (mod 4) and −5 ≡ 15 (mod 4), 7 ≡ 15 (mod 4). (You may verify these congruences.) It follows by Theorem 4.2 that the congruence relation is an equivalence rela- tion.† The following theorem also characterizes congruences. THEOREM 4.3 a ≡ b (mod m) if and only if a and b leave the same remainder when divided by m. PROOF Suppose a ≡ b (mod m). Then, by Theorem 4.1, a = b + km for some integer k. By the division algorithm, b = mq+r, where 0 ≤ r m. Then a = b+km = (mq+r)+ km = m(q+k)+r; therefore, by the division algorithm, a leaves the same remainder r when divided by m. Conversely, suppose both a and b leave the same remainder r when divided by m. Then, again by the division algorithm, a = mq + r and b = mq + r, where 0 ≤ r m. Then a − b = (mq + r) − (mq + r) = m(q − q), so a ≡ b (mod m). For example, 48 ≡ 28 (mod 5); both 48 and 28, when divided by 5, leave the same remainder 3. On the other hand, when 29 and −3 are divided by 8, the remain- ders are the same, 5, so 29 ≡ −3 (mod 8). The next corollary follows from Theorem 4.3. COROLLARY 4.1 The integer r is the remainder when a is divided by m if and only if a ≡ r (mod m), where 0 ≤ r m. By this corollary, every integer a is congruent to its remainder r modulo m; r is called the least residue of a modulo m. For example, the least residues of 23, 4, and −3 modulo 5 are 3, 4, and 2, respectively. Since r has exactly m choices 0,1,2,...,(m − 1), a is congruent to exactly one of them, modulo m. Accordingly, we have the following result. COROLLARY 4.2 Every integer is congruent to exactly one of the least residues 0,1,2,...,(m − 1) modulo m. The next example uses this result. † An equivalence relation is a relation that is reflexive, symmetric, and transitive.
- 267. 4.1 Congruences 215 EXAMPLE 4.2 Prove that no prime of the form 4n + 3 can be expressed as the sum of two squares. PROOF (by contradiction) Let N be a prime of the form 4n + 3. Then N ≡ 3 (mod 4). Suppose N = A2 + B2 for some integers A and B. Since N is odd, one of the squares, say, A2, must be odd and hence B2 must be even. Then A must be odd and B even. Let A = 2a + 1 and B = 2b for some integers a and b. Then N = (2a + 1)2 + (2b)2 = 4(a2 + b2 + a) + 1 ≡ 1 (mod 4) which is a contradiction, since N ≡ 3 (mod 4). Returning to Corollary 4.1, we find that it justifies the definition of the mod operator in Section 2.1. Thus, if a ≡ r (mod m) and 0 ≤ r m, then a mod m = r; conversely, if a mod m = r, then a ≡ r (mod m) and 0 ≤ r m. We now digress briefly with an unusual application of congruence. Friday-the-Thirteenth (optional) Congruences can be employed to find the number of Friday-the-Thirteenths in a given year. Whether or not Friday-the-Thirteenth occurs in a given month depends on two factors: the day on which the thirteenth fell in the previous month and the number of days in the previous month. Suppose that this is a nonleap year and that we would like to find the number of Friday-the-Thirteenths in this year. Suppose also that we know the day the thirteenth occurred in December of last year. Let Mi denote each of the months December through November in that order and Di the number of days in month Mi. The various values of Di are 31, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, and 30, respectively. We label the days Sunday through Saturday by 0 through 6, respectively; so day 5 is a Friday. Let Di ≡ di (mod 7), where 0 ≤ di 7. The corresponding values of di are 3, 3, 0, 3, 2, 3, 2, 3, 3, 2, 3, and 2, respectively. Each value of di indicates the number of days the day of the thirteenth in month Mi must be advanced to find the day the thirteenth falls in month Mi+1. For example, December 13, 2000, was a Wednesday. So January 13, 2001, fell on day (3 + 3) = day 6, which was a Saturday.
- 268. 216 CHAPTER 4 Congruences Let ti ≡ i j=1 dj (mod 7), where 1 ≤ i ≤ 12. Then ti represents the total number of days the day of December 13 must be moved forward to determine the day of the thirteenth in month Mi. For example, t3 ≡ d1 + d2 + d3 = 3 + 3 + 0 ≡ 6 (mod 7). So, the day of De- cember 13, 2000 (Wednesday), must be advanced by six days to determine the day of March 13, 2001; it is given by day (3 + 6) = day 2 = Tuesday. Notice that the various values of ti modulo 7 are 3, 6, 6, 2, 4, 0, 2, 5, 1, 3, 6, and 1, respectively; they include all the least residues modulo 7. Knowing the day of December 13, we can use these least residues to determine the day of the thirteenth of each month Mi in a nonleap year. Table 4.1 summarizes the day of the thirteenth of each month in a nonleap year, corresponding to every choice of the day of December 13 of the previous year. You can verify this. Notice from the table that there can be at most three Friday-the- Thirteenths in a nonleap year. ti Jan. Feb. March April May June July Aug. Sept. Oct. Nov. Dec. 3 6 6 2 4 0 2 5 1 3 6 1 Dec. 13 Sun 3 6 6 2 4 0 2 5 1 3 6 1 Mon 4 0 0 3 5 1 3 6 2 4 0 2 Tue 5 1 1 4 6 2 4 0 3 5 1 3 Wed 6 2 2 5 0 3 5 1 4 6 2 4 Thu 0 3 3 6 1 4 6 2 5 0 3 5 Fri 1 4 4 0 2 5 0 3 6 1 4 6 Sat 2 5 5 1 3 6 1 4 0 2 5 0 Table 4.1 Day of the thirteenth in each month in a nonleap year. For a leap year, the various values of di are 3, 3, 1, 3, 2, 3, 2, 3, 3, 2, 3, and 2; and the corresponding values of ti are 3, 6, 0, 3, 5, 1, 3, 6, 2, 4, 0, and 2. Using these, we can construct a similar table for a leap year. We now return to additional properties of congruence. Congruence Classes Using least residues, the set of integers Z can be partitioned into m nonempty pair- wise disjoint classes, called congruence classes modulo m. To elucidate this, let [r] denote the set of integers that have r as their least residue modulo m. For example,
- 269. 4.1 Congruences 217 the various congruence classes modulo 5 are [0] = {...,−10,−5,0,5,10,...} [1] = {...,−9,−4,1,6,11,...} [2] = {...,−8,−3,2,7,12,...} [3] = {...,−7,−2,3,8,13,...} [4] = {...,−6,−1,4,9,14,...} Clearly, these classes are nonempty, pairwise disjoint, and their union is the set of integers. Accordingly, these classes form a partitioning of the set of integers, as Figure 4.1 shows. The least residues 0, 1, 2, 3, and 4 serve as representatives (or goodwill ambassadors) of the classes [0], [1], [2], [3], and [4], respectively. Figure 4.1 In general, we do not need to select the least residues to represent the congruence classes. By Theorem 4.3, two integers belong to the same class if and only if they leave the same remainder when divided by m; therefore, any element of the class [r] can serve as a valid representative. For example, 5, 6, −3, 8, and −6 can serve as ambassadors of the classes [0], [1], [2], [3], and [4], respectively. Such a set of integers is a complete set of residues modulo 5. A Complete Set of Residues Modulo m A set of m integers is a complete set of residues modulo m if every integer is con- gruent modulo m to exactly one of them. Thus, the set of integers {a1,a2,...,am} is a complete set of residues modulo m, if they are congruent modulo m to the least residues 0,1,2,...,(m − 1) in some order. For instance, the set {−12,9,6,23} is a complete set of residues modulo 4 since −12 ≡ 0 (mod 4), 9 ≡ 1 (mod 4), 6 ≡ 2 (mod 4), and 23 ≡ 3 (mod 4).
- 270. 218 CHAPTER 4 Congruences The following theorem shows that two congruences with the same modulus can be added and multiplied, just as with equality. THEOREM 4.4 Let a ≡ b (mod m) and c ≡ d (mod m). Then (1) a+c ≡ b+d (mod m) and (2) ac ≡ bd (mod m). PROOF Since a ≡ b (mod m) and c ≡ d (mod m), a = b + m and c = d + km for some integers and m. Then (1) a + c = (b + m) + (d + km) = (b + d) + ( + k)m ≡ b + d (mod m) (2) ac − bd = (ac − bc) + (bc − bd) = c(a − b) + b(c − d) = cm + bkm = (c + bk)m So ac ≡ bd (mod m). EXAMPLE 4.3 We have 17 ≡ −4 (mod 3) and 28 ≡ 7 (mod 3). So, by Theorem 4.4, 17 + 28 ≡ −4 + 7 (mod 3); that is, 45 ≡ 3 (mod 3). Also, 17 · 28 ≡ (−4) · 7 (mod 3); that is, 476 ≡ −28 (mod 3). The following two examples are interesting applications of Corollary 4.1 and Theorem 4.4. EXAMPLE 4.4 Find the remainder when 1! + 2! + ··· + 100! is divided by 15. SOLUTION Notice that when k ≥ 5, k! ≡ 0 (mod 15) (why?). Therefore, 1! + 2! + ··· + 100! ≡ 1! + 2! + 3! + 4! + 0 + ··· + 0 (mod 15) ≡ 1 + 2 + 6 + 24 (mod 15) ≡ 1 + 2 + 0 (mod 15) ≡ 3 (mod 15) Thus, when the given sum is divided by 15, the remainder is 3.
- 271. 4.1 Congruences 219 EXAMPLE 4.5 Find the positive integers n for which n k=1 k! is a square. SOLUTION Notice that when k ≥ 5, k! ≡ 0 (mod 10) (why?), so let n ≥ 5. Let S denote the given sum. Then S ≡ ones digit in n k=1 k! (mod 10) ≡ (1! + 2! + 3! + 4!) (mod 10) ≡ (1 + 2 + 6 + 24) (mod 10) ≡ 3 (mod 10) Thus, the ones digit in S is 3, if n ≥ 5. But 02 ≡ 0 (mod 10), 12 ≡ 1 (mod 10), 22 ≡ 4 (mod 10), 32 ≡ 9 (mod 10), 42 ≡ 6 (mod 10), 52 ≡ 5 (mod 10), 62 ≡ 6 (mod 10), 72 ≡ 9 (mod 10), 82 ≡ 4 (mod 10), and 92 ≡ 1 (mod 10). Consequently, the square of every integer must end in 0, 1, 4, 5, 6, or 9. Thus, if n ≥ 5, S cannot be a square. When n = 1, S = 1, and when n = 3, S = 9, both squares; but S is not a square when n = 2 or 4. Thus, there are exactly two positive integers n for which S is a square, namely, 1 and 3. (See Example 11.19 also.) It follows from Theorem 4.4 that one congruence can be subtracted from an- other, provided they have the same modulus, as the following corollary states. We leave its proof as an exercise. See Exercise 70. COROLLARY 4.3 If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m). For example, 23 ≡ 13 (mod 5) and 30 ≡ −5 (mod 5); so 23 − 30 ≡ 13 − (−5) (mod 5); that is, −7 ≡ 18 (mod 5), which is true. The following corollary also follows from Theorem 4.4. Again, we leave its proof as an exercise. See Exercises 69–72. COROLLARY 4.4 If a ≡ b (mod m) and c is any integer, then • a + c ≡ b + c (mod m) • a − c ≡ b − c (mod m) • ac ≡ bc (mod m) • a2 ≡ b2 (mod m)
- 272. 220 CHAPTER 4 Congruences For example, notice that 19 ≡ 5 (mod 7). So 19 + 11 ≡ 5 + 11 (mod 7), 19 − 11 ≡ 5 − 11 (mod 7), and 19 · 11 ≡ 5 · 11 (mod 7). Part (4) of Corollary 4.4 can be generalized to any positive integral exponent n, as the following theorem shows. THEOREM 4.5 If a ≡ b (mod m), then an ≡ bn (mod m) for any positive integer n. PROOF (by weak induction) The statement is clearly true when n = 1, so assume it is true for an arbitrary positive integer k: ak ≡ bk (mod m). Then, by Theorem 4.4, a · ak ≡ b · bk (mod m); that is, ak+1 ≡ bk+1 (mod m). Thus, the result follows by induction. The following two examples are nice applications of Corollaries 4.3 and 4.4, and Theorem 4.5. They show how congruence can be applied to a wide variety of situations. EXAMPLE 4.6 Show that 1919 cannot be expressed as the sum of the cube of an integer and the fourth power of another integer.† PROOF (by contradiction) Notice that 1919 ≡ 619 (mod 13). But 62 ≡ −3 (mod 13) and 64 ≡ −4 (mod 13), so 66 ≡ −1 (mod 13). Therefore, 1919 ≡ 619 ≡ (66)3 · 6 ≡ (−1)3 · 6 ≡ −6 ≡ 7 (mod 13). Suppose 1919 can be expressed as x3 + y4 for some integers x and y. With a bit of patience, we can see that x3 ≡ 0, 1, 5, 8, or 12 modulo 13, and y4 ≡ 0, 1, 3, or 9 modulo 13. Thus, x3 + y4 can be congruent to any least residue modulo 13, except 7. This is a contradiction since 1919 ≡ 7 (mod 13). Thus, 1919 cannot be expressed as the sum of the cube of an integer and the fourth power of another integer. EXAMPLE 4.7 Prove that no integer of the form 8n + 7 can be expressed as a sum of three squares. PROOF (by contradiction) Suppose there is an integer N of the form 8n + 7 that can be expressed as the sum x2 + y2 + z2 of three integers x, y, and z. Then N ≡ 7 (mod 8), so x2 + y2 + z2 ≡ 7 (mod 8). By Corollary 4.2, x must be congruent modulo 8 to 0, 1, 2, 3, 4, 5, 6, or 7; but 5 ≡ −3 (mod 8), 6 ≡ −2 (mod 8), 7 ≡ −1 (mod 8); so, by Corollary 4.4, † Based on A. Dunn (ed.), Mathematical Bafflers, Dover, New York, 1980, p. 187.
- 273. 4.1 Congruences 221 x2 must be congruent modulo 8 to 02, 12, 22, 32, 42, (−3)2, (−2)2, (−1)2, that is, to 0, 1, or 4. Likewise, both y2 and z2 must be congruent to 0, 1, or 4 mod- ulo 8. Therefore, by Theorem 4.4, x2 + y2 + z2 must be congruent modulo 8 to exactly one of the sums 0 + 0 + 0, 0 + 0 + 1, 0 + 0 + 4, 0 + 1 + 0, ..., 4 + 4 + 4, but none of them is congruent to 7 modulo 8, which is a contradic- tion. Thus, no integer of the form 8n + 7 can be expressed as the sum of three squares. Theorems 4.4 and 4.5 can effectively be used to compute the remainder when an integer bn is divided by m, as the following two examples illustrate. EXAMPLE 4.8 Find the remainder when 1653 is divided by 7. SOLUTION First, reduce the base to its least residue: 16 ≡ 2 (mod 7). So, by Theorem 4.5, 1653 ≡ 253 (mod 7). Now express a suitable power of 2 congruent modulo 7 to a number less than 7: 23 ≡ 1 (mod 7). Therefore, 253 = 23·17+2 = (23 )17 · 22 ≡ 117 · 4 (mod 7) ≡ 4 (mod 7) So 1653 ≡ 4 (mod 7), by the transitive property. Thus, when 1653 is divided by 7, the remainder is 4. Notice the tremendous power of congruences in finding the remainder quickly and easily when a very large number bn is divided by m. EXAMPLE 4.9 Find the remainder when 3247 is divided by 17. SOLUTION Once again, we let the congruence do the job for us. We have 33 = 27 ≡ 10 (mod 17)
- 274. 222 CHAPTER 4 Congruences Squaring both sides, 36 ≡ 100 (mod 17) ≡ −2 (mod 17) Raise both sides to the fourth power: 324 ≡ (−2)4 (mod 17) ≡ −1 (mod 17) Now apply the division algorithm with 24 as the divisor: 3247 = 324·10+7 = (324 )10 · 36 · 3 ≡ (−1)10 · (−2) · 3 (mod 17) ≡ −6 (mod 17) Change −6 to its least residue: ≡ 11 (mod 17) Thus, the remainder is 11. (Once again, appreciate the power of congruences.) Modular Exponentiation Modular exponentiation is a less efficient method for determining the remain- der when bn is divided by m. It is based on the binary representation of n = (nknk−1 ...n1n0)two, successive squaring, the least residue of bni , where 0 ≤ i ≤ k, and Theorems 4.4 and 4.5: bn = bnk2k+nk−12k−1+···+n0 ≡ bnk2k · bnk−12k−1 ···bn0 (mod m) The following example illustrates this method. EXAMPLE 4.10 Compute the remainder when 3247 is divided by 25. SOLUTION First, notice that 247 = 11110111two. Now find the least residues of 32 and its suc- cessive squares modulo 25:
- 275. 4.1 Congruences 223 32 ≡ 9 (mod 25) 34 = 92 ≡ 6 (mod 25) 38 ≡ 62 ≡ 11 (mod 25) 316 ≡ 112 ≡ 21 (mod 25) 332 ≡ 212 ≡ 16 (mod 25) 364 ≡ 162 ≡ 6 (mod 25) 3128 ≡ 62 ≡ 11 (mod 25) (128 is the largest power of 2 contained in 247.) Then 3247 = 3128+64+32+16+4+2+1 = 3128 · 364 · 332 · 316 · 34 · 32 · 31 ≡ 11 · 6 · 16 · 21 · 6 · 9 · 3 (mod 25) ≡ 11 · (6 · 16) · 21 · (6 · 9) · 3 (mod 25) ≡ [11 · (−4)] · [(−4) · 4] · 3 ≡ 6 · 9 · 3 ≡ (6 · 9) · 3 (mod 25) ≡ 4 · 3 ≡ 12 (mod 25) Thus, 12 is the desired remainder. The amount of work in such a problem can be greatly reduced if we introduce negative residues, as the following example shows. EXAMPLE 4.11 Find the remainder when 3181 is divided by 17. SOLUTION We have 32 ≡ 9 (mod 17) 34 ≡ −4 (mod 17) 38 ≡ −1 (mod 17) 316 ≡ 1 (mod 17) 332 ≡ 1 (mod 17) 364 ≡ 1 (mod 17) 3128 ≡ 1 (mod 17) Therefore: 3181 = 3128 · 332 · 316 · 34 · 31 ≡ 1 · 1 · 1 · 13 · 3 (mod 17) ≡ 5 (mod 17) Thus, the desired remainder is 5.
- 276. 224 CHAPTER 4 Congruences Towers of Powers Modulo m The technique of finding remainders using congruences can be extended to numbers with exponents, which are towers of powers, as the following example demonstrates. EXAMPLE 4.12 Find the last digit in the decimal value of 199719981999 . SOLUTION First, notice that abc = a(bc). Let N denote the given number. The last digit in N equals the least residue of N modulo 10. Since 1997 ≡ 7 (mod 10), let us study the various powers of 7: 71 ≡ 7 (mod 10), 72 ≡ 9 (mod 10), 73 ≡ 3 (mod 10), 74 ≡ 1 (mod 10), 75 ≡ 7 (mod 10) and clearly a pattern emerges: 7a ≡ ⎧ ⎪ ⎪ ⎨ ⎪ ⎪ ⎩ 1 (mod 10) if a ≡ 0 (mod 4) 7 (mod 10) if a ≡ 1 (mod 4) 9 (mod 10) if a ≡ 2 (mod 4) 3 (mod 10) if a ≡ 3 (mod 4) Now let us look at 1998. Since 1998 ≡ 2 (mod 4), 1998n ≡ 2n (mod 4), so if n ≥ 2, then 1998n ≡ 0 (mod 4). Thus, since 1999 ≥ 2, 19981999 ≡ 0 (mod 4), so N ≡ 1 (mod 10). In other words, the last digit in the decimal value of N is 1. The following two examples also demonstrate the power of congruences. EXAMPLE 4.13 Show that 11 · 14n + 1 is a composite number.† PROOF Let N = 11 · 14n + 1. We shall show that p|N for some prime p. Suppose n is even. Since 14 ≡ −1 (mod 3), 14n ≡ 1 (mod 3). Then N ≡ 2 · 1 + 1 ≡ 0 (mod 3), so 3|N. On the other hand, let n be odd. Since 14 ≡ −1 (mod 5), 14n ≡ −1 (mod 5). Then N ≡ 1 · (−1) + 1 ≡ 0 (mod 5), so 5|N. Thus, in both cases, N is composite. It is well known that N = n2 + n + 41 is a prime for 0 ≤ n 41. The following example shows how to compute the remainder when N2 is divided by 12, for every integer n. † Based on A. Dunn (ed.), Mathematical Bafflers, Dover, New York, 1980, p. 192. The elegant proof given here is due to J. N. A. Hawkins of Pacific Palisades, California.
- 277. 4.1 Congruences 225 EXAMPLE 4.14 Find the remainder when (n2 + n + 41)2 is divided by 12. PROOF First, notice that the product of four consecutive integers is divisible by 12; that is, (n − 1)n(n + 1)(n + 2) ≡ 0 (mod 12). We have (n2 + n + 41)2 ≡ (n2 + n + 5)2 (mod 12) ≡ (n4 + 2n3 + 11n2 + 10n + 25) (mod 12) ≡ (n4 + 2n3 − n2 − 2n) + 1 (mod 12) ≡ n(n3 + 2n2 − n − 2) + 1 (mod 12) ≡ n[n2 (n + 2) − (n + 2)] + 1 (mod 12) ≡ n(n + 2)(n2 − 1) + 1 (mod 12) ≡ (n − 1)n(n + 1)(n + 2) + 1 (mod 12) ≡ 1 (mod 12) Thus when (n2 + n + 41)2 is divided by 12, the remainder is 1. In Example 2.29 we found that the Fermat number f5 = 225 + 1 is divisible by 641. The next example furnishes an elegant alternate proof of this fact, using congruences. EXAMPLE 4.15 Show that f5 = 225 + 1 is divisible by 641. PROOF First, notice that 640 ≡ −1 (mod 641); that is, 5 · 27 ≡ −1 (mod 641). Therefore, 54 · 228 ≡ 1 (mod 641) (4.1) But 54 = 625 ≡ −16 ≡ −24 (mod 641), so congruence (4.1) can be rewritten as (−24)(228) ≡ 1 (mod 641); that is, 232 ≡ −1 (mod 641). Thus, 641|f5. We now examine some additional properties of congruences. The cancellation property of multiplication says, if ac = bc and c = 0, then a = b.
- 278. 226 CHAPTER 4 Congruences Does this have an analogous result for congruences? In other words, if ac ≡ bc (mod m) and c ≡ 0 (mod m), is a ≡ b (mod m)? To answer this, notice that 3·8 ≡ 3·4 (mod 6), but 8 ≡ 4 (mod 6), so the answer is a definite no. But under some circumstances, the answer is yes, as the following theorem shows. THEOREM 4.6 If ac ≡ bc (mod m) and (c,m) = 1, then a ≡ b (mod m). PROOF Suppose ac ≡ bc (mod m), where (c,m) = 1. Then m|(ac − bc); that is, m|c(a − b). But (m,c) = 1, so, by Corollary 3.4, m|(a − b); that is, a ≡ b (mod m). Thus, we can cancel the same number c from both sides of a congruence, pro- vided c and m are relatively prime, as the following example demonstrates. EXAMPLE 4.16 Notice that 78 ≡ 48 (mod 5); that is, 6 · 13 ≡ 6 · 8 (mod 5). Since (6,5) = 1, we can cancel 6 from both sides: 6 · 13 ≡ 6 · 8 (mod 5) That is, 13 ≡ 8 (mod 5) which is clearly true. The following example, an application of Theorem 4.6, revisits the monkey and coconuts riddle we solved earlier. The Monkey and Coconuts Puzzle Revisited EXAMPLE 4.17 Using congruences, solve the monkey and coconuts riddle in Example 3.23. SOLUTION Once again, let n denote the least possible number of coconuts in the original puzzle and z each sailor’s share after the final division. Then 1 5 4 5 4 5 4 5 4 5 4 5 (n − 1) − 1 − 1 − 1 − 1 − 1 = z
- 279. 4.1 Congruences 227 With a bit of patience, we can rewrite this equation as n 4 5 5 − 1 + 4 5 + 4 5 2 + 4 5 3 + 4 5 4 + 4 5 5 = 5z n 4 5 5 − 1 − (4/5)6 1 − 4/5 = 5z n 4 5 5 − 56 − 46 55 = 5z 45 n + 46 − 56 = 56 z (n + 4)45 = (z + 1)56 ≡ 0 (mod 56 ) But (45,56) = 1, so n + 4 ≡ 0 (mod 56). Thus, for n to be a minimum, n + 4 = 56 = 15,625; so n = 15,621, as found earlier. Returning to Theorem 4.6, we can generalize it as follows. THEOREM 4.7 If ac ≡ bc (mod m) and (c,m) = d, then a ≡ b (mod m/d). PROOF Suppose ac ≡ bc (mod m), where (c,m) = d. Then m|(ac − bc), so ac − bc = km for some integer k; that is, c(a − b) = km. Divide both sides by d: c d (a − b) = k m d By Theorem 3.4, (c/d,m/d) = 1, so m d |(a − b); that is, a ≡ b (mod m/d). EXAMPLE 4.18 You can verify that 8 · 37 ≡ 8 · 7 (mod 12). Since (8,12) = 4, by Theorem 4.7, we can cancel 8 from both sides: 8 · 37 ≡ 8 · 7 (mod 12/4) That is, 37 ≡ 7 (mod 3)
- 280. 228 CHAPTER 4 Congruences Now we will see how congruences of two numbers with different moduli can be combined into a single congruence. THEOREM 4.8 If a ≡ b (mod m1), a ≡ b (mod m2), ..., a ≡ b (mod mk), then a ≡ b (mod [m1,m2, ...,mk]). PROOF By the given hypotheses, m1|(a − b), m2|(a − b),...,mk|(a − b), so, by Corol- lary 3.12, [m1,m2,...,mk]|(a − b); that is, a ≡ b (mod [m1,m2,...,mk]). The following example illustrates this result. EXAMPLE 4.19 You can verify that 197 ≡ 77 (mod 6), 197 ≡ 77 (mod 10), and 197 ≡ 77 (mod 15); so by Theorem 4.8, 197 ≡ 77 (mod [6,10,15]); that is, 197 ≡ 77 (mod 30). The following corollary follows easily from this theorem. COROLLARY 4.5 If a ≡ b (mod m1), a ≡ b (mod m2), ..., a ≡ b (mod mk), where the moduli are pairwise relatively prime, then a ≡ b (mod m1m2 ···mk). E X E R C I S E S 4.1 Mark True or False, where a, b, c, and d are arbitrary integers, m a positive integer, and p a prime. 1. 12 ≡ −3 (mod 5) 2. 18 ≡ −2 (mod 4) 3. 10 ≡ 1 (mod 9) 4. 10 ≡ −1 (mod 11) 5. a ≡ a (mod m) 6. If a ≡ b (mod m), then b ≡ a (mod m). 7. If a ≡ b (mod m) and b ≡ c (mod m), then a ≡ c (mod m). 8. If a ≡ b (mod m), then −a ≡ −b (mod m). 9. If a ≡ b (mod m) and c ≡ d (mod m), then a + c ≡ b + d (mod m). 10. If a + c ≡ b + c (mod m), then a ≡ b (mod m). 11. If a ≡ b (mod m) and c ≡ d (mod m), then ac ≡ bd (mod m). 12. If ac ≡ bc (mod m), then a ≡ b (mod m). 13. If a ≡ b (mod m), then a2 ≡ b2 (mod m). 14. If a2 ≡ b2 (mod m), then a ≡ b (mod m). 15. If a ≡ b (mod m) and a ≡ b (mod n), then a ≡ b (mod m + n). 16. If a ≡ b (mod m) and a ≡ b (mod n), then a ≡ b (mod mn). 17. If ab ≡ 0 (mod m), then a ≡ 0 (mod m) and b ≡ 0 (mod m). 18. If a ≡ b (mod m), then m (a − b). 19. If a ≡ b (mod m), then b ≡ a (mod m). 20. If a ≡ b (mod m) and b ≡ c (mod m), then a ≡ c (mod m). 21. If a ≡ 0 (mod m) and b ≡ 0 (mod m), then ab ≡ 0 (mod m). 22. If ac ≡ bc (mod p) and p c, then a ≡ b (mod p). 23. 9100 − 1 is divisible by 10. 24. 102001 + 1 is divisible by 11. Rewrite each sentence in Exercises 25–28, using the con- gruence symbol.
- 281. 4.1 Congruences 229 25. n is an odd integer. 26. n is an even integer. 27. n is divisible by 5. 28. The product of any three consecutive integers is di- visible by 6. 29. If today is Tuesday, what day will it be in 129 days? 30. If today is Friday, what day will it be in 1976 days? 31. If it is 9 A.M. now, what time will it be in 1900 hours? 32. If it is 3 P.M. now, what time will it be in 4334 hours? Give a counterexample to disprove each statement. 33. If a2 ≡ b2 (mod m), then a ≡ b (mod m). 34. If a ≡ 0 (mod m) and b ≡ 0 (mod m), then ab ≡ 0 (mod m). Find the remainder when 1! + 2! + 3! + ··· + 1000! is di- vided by each integer. 35. 10 36. 11 37. 12 38. 13 Find the remainder when the first integer is divided by the second. 39. 235,7 40. 531,12 41. 231001,17 42. 191976,23 Using modular exponentiation, find the remainder when the first integer is divided by the second. 43. 297,13 44. 4117,15 45. 13218,17 46. 19343,23 Find the units digit in the decimal value of each. 47. 177617771778 48. 194316421053 49. 1077117712771377 50. 1089208930894089 Find the last two digits in the decimal value of each. 51. 17761976 52. 18291829 53. Let n ≡ r (mod 10), where 0 ≤ r 10. Identify the units digit in the decimal expansion of n. Find the least residues x such that x2 ≡ 1 (mod m) for each value of m. 54. 5 55. 6 56. 7 57. 8 Using Exercises 54–57, conjecture the number of least residues x such that 58. x2 ≡ 1 (mod p), where p is a prime. 59. x2 ≡ 1 (mod m), where m is a positive integer. 60. Let a be a least residue modulo 5. Compute the least residue of a5 for each a. 61. Let a be a least residue modulo 7. Compute the least residue of a7 for each a. 62. Using Exercises 60 and 61, predict the least residue of ap modulo p, where p is a prime. Compute the least residue of (p − 1)! modulo p for each prime. 63. 3 64. 5 65. 7 66. 11 67. Using Exercises 63–65, conjecture the least residue of (p − 1)! modulo p. Prove each, where a, b, c, d, and n are any integers, m is a positive integer, and p is a prime. 68. If a ≡ b (mod m) and c ≡ d (mod m), then a − c ≡ b − d (mod m). If a ≡ b (mod m) and c is any integer, then: 69. a + c ≡ b + c (mod m) 70. a − c ≡ b − c (mod m) 71. ac ≡ bc (mod m) 72. a2 ≡ b2 (mod m) 73. If ac ≡ bc (mod p) and p c, then a ≡ b (mod p). 74. If a2 ≡ 1, then a ≡ ±1 (mod p). 75. Let f(x) be a polynomial with integral coefficients and a ≡ b (mod m). Then f(a) ≡ f(b) (mod m). 76. The square of every even integer is congruent to 0 modulo 4. 77. Every odd integer is congruent to 1 or 3 modulo 4. 78. If ab ≡ 0 (mod p), then a ≡ 0 (mod p) or b ≡ 0 (mod p). 79. The square of every odd integer is congruent to 1 modulo 4. 80. Every prime 3 is congruent to ±1 modulo 6. 81. If 2a ≡ 0 (mod p) and p is an odd prime, then a ≡ 0 (mod p). 82. n2 + n ≡ 0 (mod 2) 83. n4 + 2n3 + n2 ≡ 0 (mod 4) 84. 2n3 + 3n2 + n ≡ 0 (mod 6)
- 282. 230 CHAPTER 4 Congruences 85. Using congruences, show that the only Fermat num- ber that is also triangular is 3. (S. Asadulla, 1987) 86. 1155 n7777 +7777n+1, where n is a square. (A. Ku- mar, 2003) 87. The last n + 1 digits of 52n are the same as those of 52n−1 , where n ≥ 3. (P. A. Lindstrom, 2005) 88. 2p p ≡ 2 (mod p), where p 2. (J. M. Gandhi, 1959) 89. p| 2p r , where 0 r p. 90. By Theorem 3.18, every prime factor of fn is of the form k · 2n+2 + 1, where n ≥ 2. Then k2n ≡ (−1)n (mod p). 91. Find all primes p such that p,p + 2d, and p + 4d are primes, where 3 d. (M. S. Klamkin, 1967) 92. Find the number of entries in row 2p of Pascal’s tri- angle that are divisible by p, where p is an odd prime. 93. Find the remainder when googolplex is divided by 7. (H. W. Kickey, 1966) 4.2 Linear Congruences In the previous section we studied the language of congruences and some fundamen- tal properties of congruences. Now we look at congruences containing variables, such as 3x ≡ 4 (mod 5), x2 ≡ 1 (mod 8), and x2 + 2 ≡ 3x (mod 5). The simplest such congruence is the linear congruence ax ≡ b (mod m). We will now see that linear congruences and LDEs are interlinked. We will also learn a necessary and sufficient condition for a linear congruence to be solvable. By a solution of the linear congruence, we mean an integer x0 such that ax0 ≡ b (mod m). For example, 3 · 3 ≡ 4 (mod 5), so 3 is a solution of the congruence 3x ≡ 4 (mod 5). But the congruence 4x ≡ 1 (mod 2) has no solutions, since 2 (4x − 1) for any integer x. To see the link between linear congruences and LDEs, consider ax ≡ b (mod m). Then, by Theorem 4.1, ax = b + my for some integer y. Consequently, ax ≡ b (mod m) is solvable if and only if the LDE ax − my = b is solvable. Suppose x0 is a solution of the congruence ax ≡ b (mod m); then ax0 ≡ b (mod m). Suppose, in addition, x1 ≡ x0 (mod m). Then, by Corollary 4.4, ax1 ≡ ax0 (mod m), so, by transitivity, ax1 ≡ b (mod m); thus, x1 is also a solution of the con- gruence. But x1 and x0 belong to the same congruence class; so if x0 is a solution, then every member of its class is also a solution. For instance, since 3 is a solution of the linear congruence 3x ≡ 4 (mod 5), every member of the congruence class [3] = {...,−7,−2,3,8,13,...} is also a solution; they are given by x = 3 + 5t: 3(3 + 5t) = 9 + 15t
- 283. 4.2 Linear Congruences 231 ≡ 4 + 0 (mod 5) ≡ 4 (mod 5) Thus, if the congruence ax ≡ b (mod m) is solvable, it has infinitely many solu- tions. Consequently, we are interested in its incongruent solutions only. For example, the congruence 9x ≡ 6 (mod 12) has three incongruent solutions, namely, 2, 6, and 10: 9 · 2 ≡ 6 (mod 12), 9 · 6 ≡ 6 (mod 12), and 9 · 10 ≡ 6 (mod 12). The following theorem provides a necessary and sufficient condition for a lin- ear congruence to be solvable. This theorem also gives the number of incongruent solutions, and a formula for finding them when the congruence is solvable. THEOREM 4.9 The linear congruence ax ≡ b (mod m) is solvable if and only if d|b, where d = (a,m). If d|b, then it has d incongruent solutions. PROOF The linear congruence ax ≡ b (mod m) is equivalent to the LDE ax − my = b; so the congruence is solvable if and only if the LDE is solvable. But, by Theorem 3.19, the LDE is solvable if and only if d|b. Thus ax ≡ b (mod m) is solvable if and only if d|b. When d|b, the LDE has infinitely many solutions, given by x = x0 + m d t, y = y0 + a d t so the congruence has infinitely many solutions x = x0 + m d t, where x0 is a par- ticular solution. To find the number of incongruent solutions when the congruence is solvable, suppose x1 = x0 + m d t1, x2 = x0 + m d t2, are two congruence solutions: x0 + m d t1 ≡ x0 + m d t2 (mod m) Subtracting x0 from both sides, m d t1 ≡ m d t2 (mod m) Since m d
- 287. m, by Theorem 4.7, t1 ≡ t2 (mod d). Thus, the solutions x1 and x2 are congruent if and only if t1 ≡ t2 (mod d); that is, if and only if t1 and t2 belong to the
- 288. 232 CHAPTER 4 Congruences same congruence class modulo d. In other words, they are incongruent solutions if and only if they belong to distinct congruence classes. By Corollary 4.2, there are exactly d incongruent classes modulo d. Therefore, the linear congruence, when solvable, has exactly d incongruent solutions, given by x = x0 + m d t, where 0 ≤ t d. Note: x = x0 + m d t, where 0 ≤ t d, is the general solution of the linear congruence. This theorem has a useful corollary. COROLLARY 4.6 The linear congruence ax ≡ b (mod m) has a unique solution if and only if (a,m) = 1. The following two examples illustrate these fundamental results. EXAMPLE 4.20 Determine if the congruences 8x ≡ 10 (mod 6), 2x ≡ 3 (mod 4), and 4x ≡ 7 (mod 5) are solvable. Find the number of incongruent solutions when a congruence is solv- able. SOLUTION • (8,6) = 2 and 2|10, so the congruence 8x ≡ 10 (mod 6) is solvable and it has two incongruent solutions modulo 6. • (2,4) = 2, but 2 3, so the congruence 2x ≡ 3 (mod 4) has no solutions. • (4,7) = 1, so by Corollary 4.6, the congruence 4x ≡ 7 (mod 5) has a unique solution modulo 5. The following example illustrates how to find the incongruent solutions of a linear congruence. EXAMPLE 4.21 Solve the congruence 12x ≡ 48 (mod 18). SOLUTION Since (12,18) = 6 and 6|48, the congruence has six incongruent solutions modu- lo 6. They are given by x = x0 + m d t = x0 + (18/6)t = x0 + 3t, where x0 is a particular solution and 0 ≤ t 6. By trial and error, x0 = 1 is a solution. Thus, the six incongruent solutions modulo 18 are 1 + 3t, where 0 ≤ t 6, that is, 1, 4, 7, 10, 13, and 16.
- 289. 4.2 Linear Congruences 233 The same congruence can be solved in a slightly different way. Using Theo- rem 4.7, divide the congruence by 6: 2x ≡ 8 (mod 3) Now multiply both sides by 2 (to yield one x on the LHS): 2(2x) ≡ 2 · 8 (mod 3) x ≡ 1 (mod 3) So the solutions of this congruence are of the form x = 1 + 3t. Now, proceeding as before, we get all the desired solutions. The following example shows how congruences are useful in solving LDEs. EXAMPLE 4.22 Using congruences, solve Mahavira’s puzzle in Example 3.20. SOLUTION From Example 3.20, we have 63x − 23y = −7. This LDE creates two linear congru- ences: 63x ≡ −7 (mod 23) and −23y ≡ −7 (mod 63). The first one yields −6x ≡ −7 (mod 23); that is, 6x ≡ 7 (mod 23), where (6,23) = 1. Multiply both sides by 4, 4(6x) ≡ 4 · 7 (mod 23) x ≡ 5 (mod 23) So the general solution of the congruence 63x ≡ −7 (mod 23) is x = 5 + 23t. Substitute for x in the LDE and solve for y: 63(5 + 23t) − 23y = −7 315 + 1449t − 23y = −7 y = 14 + 63t Thus, the general solution of the LDE is x = 5+23t, y = 14+63t, with t an arbitrary integer. (Notice that this agrees with the solution obtained earlier.) In this example, we could have solved the second congruence −23y ≡ −7 (mod 63) and obtained the same solution. Try this and convince yourself, in Ex- ercise 20.
- 290. 234 CHAPTER 4 Congruences Modular Inverses Consider the special case b = 1 in Corollary 4.6. The linear congruence ax ≡ 1 (mod m) has a unique solution if and only if (a,m) = 1; in other words, when (a,m) = 1, there is a unique least residue x such that ax ≡ 1 (mod m). Then a is said to be invertible and x is called an inverse of a modulo m, denoted by a−1: aa−1 ≡ 1 (mod m). If a−1 = a, then a is self-invertible. EXAMPLE 4.23 Since 7 · 8 ≡ 1 (mod 11), 7 is invertible and 8 is an inverse of 7 modulo 11; that is, 7−1 is 8 modulo 11; 10 is its own inverse modulo 11, since 10 · 10 ≡ 1 (mod 11). Inverses are useful in solving linear congruences. To see this, let us return to the congruence ax ≡ b (mod m), where (a,m) = 1. Since (a,m) = 1, a has an inverse a−1 modulo m. Multiplying both sides of the congruence by a−1, we get a−1 (ax) ≡ a−1 b (mod m) (a−1 a)x ≡ a−1 b (mod m) 1x ≡ a−1 b (mod m) That is, x ≡ a−1 b (mod m) Accordingly, we have the following result. THEOREM 4.10 The unique solution of the linear congruence ax ≡ b (mod m), where (a,m) = 1, is the least residue of a−1b (mod m). The following example employs this result. EXAMPLE 4.24 Using Theorem 4.10, solve the hundreds fowls riddle in Example 3.18. SOLUTION From Example 3.21, we have x + y + z = 100 (4.2) 5x + 3y + z 3 = 100 (4.3) Eliminating z between these equations, we get 7x + 4y = 100 (4.4)
- 291. 4.2 Linear Congruences 235 This yields 7x ≡ 100 (mod 4) 3x ≡ 0 (mod 4) Therefore, 3(3x) ≡ 3 · 0 (mod 4) [Note: 3−1 ≡ 3 (mod 4)] x ≡ 0 (mod 4) So x = 4t. Substituting for x in equation (4.4), we get 7(4t) + 4y = 100 y = 25 − 7t Now substitute for x and y in equation (4.2): 4t + (25 − 7t) + z = 100 z = 3t + 75 Thus, the general solution is x = 4t, y = 25 − 7t, z = 75 + 3t, exactly the same as the one obtained in Example 3.21. The following example is an interesting application of Theorems 3.13 and 4.10, and is a continuation of Example 3.12. EXAMPLE 4.25 Find the last nonzero digit (from the left) in the decimal value of 234!. SOLUTION First, notice that the product of the four integers between any two consecutive multiples of 5 is congruent to −1 modulo 5; that is, if n ≡ 0 (mod 5), then (n + 1)(n + 2)(n + 3)(n + 4) ≡ 1 · 2 · 3 · 4 ≡ −1 (mod 5). In Example 3.12, we found that 234! has 46 + 9 + 1 = 56 trailing zeros. Con- sequently, the desired digit d is the ones digit in 234!/1056. Since the canonical decomposition of 234! contains more 2s than 5s, d must be even. Thus, d = 2,4,6, or 8. To extract the correct value of d, we compute 234!/1056 (mod 5) in seven steps:
- 292. 236 CHAPTER 4 Congruences 231 · 232 · 233 · 234 ≡ −1 (mod 5) 230! 546 · 46! = 230! 5 · 10 · 15···230 ≡ (−1)46 ≡ 1 (mod 5) 46! 59 · 9! = 46! 5 · 10 · 15···45 ≡ (−1)9 ≡ −1 (mod 5) 9! 5 ≡ (−1)2 ≡ 1 (mod 5) 230! 546 · 46! · 46! 59 · 9! · 9! 5 ≡ 1 · (−1) · 1 ≡ 4 (mod 5) 234! 556 = 230!(231 · 232 · 233 · 234) 556 ≡ (−1) · 4 ≡ −4 ≡ 1 (mod 5) Since 256 = 428 ≡ (−1)28 ≡ 1 (mod 5) and (2,5) = 1, this implies 234! 1056 = 234! 256556 ≡ 1 (mod 5) that is, d ≡ 1 (mod 5), so d = 6. Thus, the 56 zeros in 234! follow the digit 6. (See Example 7.2 also.) We now redo this example differently, using a clever notation introduced by P. M. Dunson in 1980. Let n denote the product of the integers 1 through n, omitting all multiples of 5. For example, 9 = 1 · 2 · 3 · 4 · 6 · 7 · 8 · 9. Clearly, 230 ≡ 9 ≡ 6 (mod 10), 45 ≡ 4 (mod 10) and, 231 · 232 · 233 · 234 ≡ 4 (mod 10). Notice that 234! = 234 · 233 · 232 · 231 · 230 · 546 · 46! = 234 · 233 · 232 · 231 · 230 · 546 · 46 · 45 · 59 · 9! = 234 · 233 · 232 · 231 · 46 · 230 · 45 · 555 · 5 · 9 = 234 · 233 · 232 · 231 · 46 · 230 · 45 · 9 · 556 Therefore, 234! 556 = (234 · 233 · 232 · 231) · 46 · 230 · 45 · 9 ≡ 4 · 6 · 6 · 4 · 6 (mod 10) ≡ 6 (mod 10) Since 234! contains exactly 56 trailing zeros, 234! 556 (mod 10) yields its last nonzero digit. Thus, the last nonzero digit in 234! is 6.
- 293. 4.2 Linear Congruences 237 E X E R C I S E S 4.2 Using Theorem 4.9, determine whether each linear con- gruence is solvable. 1. 12x ≡ 18 (mod 15) 2. 16y ≡ 18 (mod 12) 3. 12x ≡ 14 (mod 13) 4. 28u ≡ 119 (mod 91) 5. 76v ≡ 50 (mod 176) 6. 2076y ≡ 3076 (mod 1076) Determine the number of incongruent solutions of each linear congruence. 7. 12x ≡ 18 (mod 15) 8. 28u ≡ 119 (mod 91) 9. 49x ≡ 94 (mod 36) 10. 91y ≡ 119 (mod 28) 11. 48v ≡ 144 (mod 84) 12. 2076x ≡ 3076 (mod 1076) 13. Suppose x0 is a solution of the congruence ax ≡ b (mod m). Show that x = x0 + m d t is also a solu- tion of the congruence, where d = (a,m). 14–19. Find the incongruent solutions of each congru- ence in Exercises 7–12. 20. Using the congruence −23y ≡ −7 (mod 63), solve the LDE 63x − 23y = −7. Using congruences, solve each LDE. 21. 3x + 4y = 5 22. 6x + 9y = 15 23. 15x + 21y = 39 24. 28x + 91y = 119 25. 48x + 84y = 144 26. 1776x + 1976y = 4152 Find the least residues modulo m that are invertible for each value of m. 27. five 28. six Find the least residues modulo m that are self-invertible for each value of m. 29. seven 30. twelve Using inverses, find the incongruent solutions of each lin- ear congruence. 31. 5x ≡ 3 (mod 6) 32. 4x ≡ 11 (mod 13) 33. 19x ≡ 29 (mod 16) 34. 48x ≡ 39 (mod 17) 35. Suppose b is an inverse of a modulo m. Show that a is an inverse of b modulo m. 36. Let f(n) denote the number of positive integers ≤ n and relatively prime to n. Using the function f , give the number of least residues modulo m that are invert- ible. 37. Let p be a prime. Prove that a least residue modulo p is self-invertible if and only if a ≡ ±1 (mod p). Find the last two digits of each number. 38. 7777 39. 191991 Find the last three digits of each number. 40. 42076 41. 171776 Find the last nonzero digit in the decimal value of each. (Hint: Use Exercises 17–20 in Section 3.3.) 42. 100! 43. 376! 44. 609! 45. 1010! The linear congruence ax ≡ c (mod b) is solvable if and only if rn|c, and the solutions are given by x = x0 + (−1)nb rn t, where rn = (a,b). Using this fact, solve each linear congruence. 46. 1024x ≡ 376 (mod 1000) 47. 2076x ≡ 564 (mod 1776)
- 294. 238 CHAPTER 4 Congruences 4.3 The Pollard Rho Factoring Method Over the years, number theorists have expended considerable time and effort to de- velop efficient algorithms for primality and factorization. In this section, we pursue a factorization technique developed in 1974 by John M. Pollard. Although Pollard called it the Monte Carlo method to reflect the seemingly random nature of the num- bers generated in the factorization process, it is now called the Pollard rho method for reasons that will become clear later. This method works remarkably well for factors with no more than 20 digits. The composite nature of the Fermat number f8 had been known since 1909. However, no factors were discovered until 1980, when R. P. Brent and Pollard suc- cessfully employed the rho method to find one of its two prime factors. To describe the algorithm, consider a large odd integer n known to be composite. Choose some seed value x0 and a diophantine polynomial f(x) of degree ≥ 2, say, f(x) = x2 + a where a = 0,−2. We then generate a “random” sequence {xk} of distinct least non- negative residues modulo n using the recursive formula xk+1 ≡ f(xk) (mod n) where k ≥ 0. Our goal is to find a nontrivial factor d of n. Assume it is very small compared to n. Since there are exactly d congruent classes modulo d and d n, the integers xk modulo d must become periodic; that is, there must exist residues xi and xj such that xi ≡ xj (mod d), where i j. Thus, the choice of x0 and f(x) must be such that xi ≡ xj (mod d), but xi ≡ xj (mod n). Since d|(xj − xi) and n (xj − xi), it follows that the gcd (xj − xi,n) is a nontrivial factor of n, which can be found using the euclidean algorithm. Notice that the knowledge of d does not occur in the computation of (xj − xi,n). Thus, to find a nontrivial factor of n, we continue computing (xj − xi,n) for every distinct pair xj,xi until we encounter a nontrivial gcd. Such a gcd need not be a prime or the smallest factor of n. The following example illustrates this sophisticated algorithm. EXAMPLE 4.26 Let n = 7943,x0 = 2, and f(x) = x2 + 1. Then x1 = 5, x2 = 26, x3 = 677, x4 = 5579, x5 = 4568, x6 = 364, x7 = 5409, ...
- 295. 4.3 The Pollard Rho Factoring Method 239 We now compute the gcd (xj − xi,n) for every distinct pair xj, xi until a non- trivial gcd emerges. Since (x6 − x2,n) = (364 − 26,7943) = (338,7943) = 169, 169|7943. The above algorithm has the disadvantage that we need to compute (xj − xi,n) for every distinct pair xj, xi until a nontrivial gcd occurs. This can be time consuming. Fortunately, we can do better. A Refined Version Since xi ≡ xj (mod d), xi+1 ≡ f(xi) ≡ f(xj) ≡ xj+1 (mod d) where i j. Consequently, the elements of the sequence {xk} reduced modulo d re- peat in every block of j−i elements; that is, xr ≡ xs (mod d), where r ≡ s (mod j−i), and r,s ≥ i. In fact, {xk} reduced modulo d is periodic with period that is a factor of j − i. In particular, let t be the smallest multiple of j − i that is greater than i. Then t ≡ 0 (mod j − i); so 2t ≡ t (mod j − i). Consequently, xt ≡ x2t (mod d). Thus, to find a nontrivial factor of n, we compute the gcd’s (x2k − xk,n), where k ≥ 1, as the next example demonstrates. EXAMPLE 4.27 Using the Pollard rho method, factor the integer 3893. SOLUTION We have n = 3893. Choosing x0 = 2 and f(x) = x2 + 1, we generate the sequence {xk}: 5,26,677,2849,3790,2824,2113,3392,1850,554,3263,3708,... Next, we compute (x2k − xk,n) for each value of k ≥ 1 until a nontrivial gcd appears: (x2 − x1,n) = (21,3893) = 1 (x4 − x2,n) = (2823,3893) = 1 (x6 − x3,n) = (2147,3893) = 1 (x8 − x4,n) = (543,3893) = 1 (x10 − x5,n) = (3236,3893) = 1 (x12 − x6,n) = (884,3893) = 17 Thus, 17|3893 and 3893 = 17 · 229.
- 296. 240 CHAPTER 4 Congruences The sequence {xk} in Example 4.26 2,5,26,677,5579,4568,364,5409,... when reduced modulo 13, yields the periodic sequence 2,5,0,1,2 ,5,0,1,2 ,5,0,1,2 ,5,0,... with period 4. This periodic behavior can be displayed pictorially, as in Figure 4.2. Since it resembles the Greek letter ρ (rho), the factoring method is now known as the rho method. Figure 4.2 In Section 7.2, we shall describe another factoring technique developed by Pol- lard. E X E R C I S E S 4.3 Using the Pollard rho method with x0 = 2 and f(x) = x2 + 1, find the canonical decomposition of each integer. 1. 377 2. 3199 3. 5567 4. 9773 Find a factor of 39,997 using the Pollard rho method, the given seed x0, and the given polynomial f(x). 5. x0 = 1, f(x) = x2 + 1 6. x0 = 2, f(x) = x2 + 1 7. x0 = 2, f(x) = x2 − 1 8. x0 = 3, f(x) = x2 − 1 X CHAPTER SUMMARY We developed the language of congruences, some fundamental properties, and some simple applications, including a practical factoring technique.
- 297. Review Exercises 241 Congruences • a ≡ b (mod m) if and only if m|(a − b). (p. 212) • a ≡ b (mod m) if and only if a = b + km for some integer k. (p. 213) • a ≡ a (mod m) (reflexive property) (p. 213) • If a ≡ b (mod m), then b ≡ a (mod m) (symmetric property). (p. 213) • If a ≡ b (mod m) and b ≡ c (mod m), then a ≡ c (mod m) (transitive prop- erty). (p. 213) • If a ≡ b (mod m), then • a + c ≡ b + c (mod m) (p. 219) • ac ≡ bc (mod m) (p. 219) • an ≡ bn (mod m) (p. 220) • If ac ≡ bc (mod m) and (c, m) = 1, then a ≡ b (mod m). (p. 226) • If ac ≡ bc (mod m) and (c, m) = d, then a ≡ b (mod m/d). (p. 227) • If a ≡ b (mod mi), where 1 ≤ i ≤ k, then a ≡ b (mod [m1,m2,...,mk]). (p. 228) Linear Congruences • A congruence of the form ax ≡ b (mod m) is a linear congruence. (p. 230) • The linear congruence ax ≡ b (mod m) is solvable if and only if d|b, where d = (a,m); when solvable, it has d incongruent solutions. (p. 231) • The unique solution of ax ≡ b (mod m), where (a,m) = 1, is the least residue of a−1b modulo m. (p. 234) The Pollard Rho Factoring Method • Let x0 be a starting value and f(x) = x2 +a, where a = 0, −2. Then (xj −xi,n) is a nontrivial factor of n. (p. 238) X REVIEW EXERCISES 1. If today is Thursday, what day will it be in 1001 days? 2. If today is Wednesday, what day will it be in 4567 days? 3. If it is 11:30 A.M. now, what time will it be in 1770 hours? 4. If it is 11:30 P.M. now, what time will it be in 4455 hours? 5. Give a counterexample to show that (a,m) = (b,m) does not imply that a ≡ b (mod m). Let p be a prime. What is your conclusion if
- 298. 242 CHAPTER 4 Congruences 6. p ≡ 2 (mod 10)? 7. p ≡ 5 (mod 10)? Determine whether each linear congruence is solvable. 8. 7x ≡ 10 (mod 13) 9. 15x ≡ 24 (mod 20) Determine the number of incongruent solutions of each linear congruence. 10. 13x ≡ 14 (mod 15) 11. 15x ≡ 40 (mod 25) Find the incongruent solutions of each linear congruence. 12. 5x ≡ 7 (mod 8) 13. 13x ≡ 14 (mod 15) 14. 15x ≡ 40 (mod 25) 15. 36x ≡ 96 (mod 156) Using congruences, solve each LDE. 16. 15x + 25y = 40 17. 36x + 156y = 96 18. Find the least residues modulo 15 that are invertible. 19. Find the least residues modulo 18 that are self-invertible. Find the remainder when 20. 1! + 2! + ··· + 100! is divided by 11. 21. 1! + 2! + ··· + 300! is divided by 13. 22. Find the ones digit in the sum 1! + 2! + ··· + 100!. 23. Find the ones digit in the ternary representation of a triangular number tn. 24. Find the ones digit in the base-four representation of a square number sn. Using modular exponentiation, find the remainder when 25. 5103 is divided by 13. 26. 131001 is divided by 17. Find the remainder when 27. 3100 is divided by 91. 28. 23243 is divided by 17. 29. 2100 + 3123 is divided by 11. 30. 72002 − 131024 is divided by 19. 31. 1313! is divided by 17. 32. 2318! is divided by 19. Find the last two digits in each number. 33. 33434 34. 44444 Find the last three digits in each number. 35. 33003 36. 191776 Find the units digit in the decimal value of each. 37. 1024102510261027 38. 1773 177617792002 39. Find the remainder when 100 k=1 k! is divided by 12.
- 299. Supplementary Exercises 243 40. Find the ones digit when 100 k=1 k! is represented in base fifteen. It is 3 P.M. now. What time will it be in 41. 100 k=1 k! hours? 42. 1000 k=1 k! hours? 43. Let p and q be twin primes such that pq − 2 is also a prime. Find the possible values of p. (J. D. Baum, 1977) 44. Find the ones digit in 1020000 10100 + 3 . (Putnam Mathematics Competition, 1986) Using the Pollard rho method, find the canonical decomposition of each integer. 45. 7429 46. 12121 Prove each, where p and q are distinct primes. 47. If a2 ≡ b2 (mod p), a ≡ ±b (mod p). 48. n2 ≡ n (mod 2) 49. n3 ≡ n (mod 3) 50. 24n + 3n ≡ 1 (mod 9) 51. 42n + 10n ≡ 1 (mod 25) 52. If a ≡ b (mod m), then (a,m) = (b,m). 53. Let a ≡ b (mod p) and a ≡ b (mod q). Then a ≡ b (mod pq). 54. Let pn denote the nth prime. Then p1p2 ···pn + 1 is not a square. (L. Moser, 1951) 55. If 12 · 900n + 1 is a prime, then it is a twin prime. (L. Marvin, 1970) 56. 99991|{1 + [1 + (1010 − 1)99989](10999890 − 1)} (F. J. Durante, 1955) 57. 2p + 3p is never a perfect power, where p 2. (E. Just, 1973) 58. Let p2 ≡ p (mod p). Then p2n−1 +p2n−3 +···+p+n ≡ 0 (mod 3) (R. S. Luthar and S. Wurzel, 1966) X SUPPLEMENTARY EXERCISES 1. The integer 1287xy6 is a multiple of 72. Find the number xy. (Mathematics Teacher, 1986) 2. Solve: 1! + 2! + 3! + ··· + n! = m2. (E. T. H. Wang, 1979) 3. Find the largest factor of An = 2801n − 2696n − 2269n + 169n, for all n ≥ 1. (The Mathematica Gazette, 1995)
- 300. 244 CHAPTER 4 Congruences 4. The year 1456 was the only recorded perihelion year of Halley’s comet that was a multiple of 7. The most recent Halley years were 1835, 1910, and 1986, and the next one is 2061. Show that 18351910 + 19862061 is a multiple of 7. 5. Show that 11999 + 21999 + ··· + 20001999 is a multiple of 2001. An n-digit positive integer a is an automorphic number if the last n digits of a2 equals a. Clearly, 0 and 1 are automorphic. 6. Find four nontrivial automorphic numbers. 7. Prove: Every automorphic number must end in 0, 1, 5, or 6. 8. Prove: If a is automorphic, then a2 ≡ a (mod 10n). 9. Find all integer triplets (x,y,z) such that xy ≡ 1 (mod z), yz ≡ 1 (mod x), and zx ≡ 1 (mod y), where 2 ≤ x ≤ y ≤ z. (G. Gilbert, 1991) 10. Let n ≥ 2. Prove that n is a prime if and only if n − 1 k ≡ (−1)k (mod n), where 0 ≤ k n. (E. Deutsch and I. M. Gessel, 1997) 11. Find all integer solutions (x,y,z) of the equations xy mod z = yz mod x = zx mod y = 2. (D. Knuth, 2003) 12. Find all positive integers m and n such that 2m + 3n is a square. (E. Just, 1973) X COMPUTER EXERCISES Write a program to perform each task. 1. Read in a positive integer n. Suppose today is day d, where 0 ≤ d 7. Determine the day in n days. 2. Read in a certain time of the day and a positive integer n. Determine the time of the day in n hours. 3. Read in integers a,b, and m, and determine if the congruence ax ≡ b (mod m) is solvable. Find the number of incongruent solutions when it is solvable. 4. Read in a positive integer n. Find the least residues modulo n that are (a) invertible. (b) self-invertible. 5. Verify that the sum of no combination of the integers 0, 1, and 4 is congruent to 7 modulo 8. 6. Using modular exponentiation, find the remainder when (a) 3181 is divided by 17. (b) 3247 is divided by 25.
- 301. Enrichment Readings 245 7. Solve the original monkey and coconuts puzzle. 8. Solve Williams’ version of the monkey and coconuts puzzle. 9. Construct a table of values of the function K(n) = [(n+8d)/9]2 −[(n+8d)/9]+ 41, where −167 ≤ n ≤ 168 and d is the least residue of n modulo 9. Identify each value as prime or composite. (T. Koshy, 1994) 10. Redo Program 9 with K(n) = [(n + 8d)/9]2 − 79[(n + 8d)/9] + 1601, where 0 ≤ n ≤ 367 and d is the least residue of n modulo 9. Identify each value as prime or composite. (T. Koshy, 1994) 11. Using the Pollard rho method, factor 232 + 1 and 264 + 1. X ENRICHMENT READINGS 1. I. G. Bashmakova, Diophantus and Diophantine Equations, Mathematical Asso- ciation of America, Washington, DC, 1997. 2. A. H. Beiler, Recreations in the Theory of Numbers, Dover, New York, 1966, pp. 31–38. 3. M. Gardner, Mathematical Puzzles and Diversions, University of Chicago Press, Chicago, 1987. 4. T. Koshy, “Linear Diophantine Equations, Linear Congruences, and Matrices,” The Mathematics Gazette, 82 (July 1998), 274–277. 5. C. S. Ogilvy and J. T. Anderson, Excursions in Number Theory, Dover, New York, 1966. 6. F. Sajdak, “The Rosberry Conjecture,” Mathematical Spectrum, 28 (1995–1996), 33. 7. S. Singh and D. Bhattacharya, “On Dividing Coconuts,” The College Mathematics Journal, 28 (May 1987), 203–204.
- 303. 5 Congruence Applications Mighty are numbers, joined with art resistless. — EURIPIDES ongruence applications, as we will see shortly, are part of everyday life. The Capplications include the standard divisibility tests, interesting puzzles, mod- ular designs, product identification codes, German bank notes, round-robin tournaments, and a perpetual calendar. 5.1 Divisibility Tests The theory of congruences can be used to develop simple tests for checking whether a given integer n is divisible by an integer m. This section presents a few of them. Let n = (nknk−1 ...n1n0)ten be the decimal representation of n; that is, n = nk10k + nk−110k−1 + ··· + n110 + n0. We shall use this expansion to develop di- visibility tests for 10, 5, 2i, 3,9, and 11. We begin with the test for 10. Divisibility Test for 10 Because 10 ≡ 0 (mod 10), by Theorems 4.4 and 4.5, n ≡ n0 (mod 10). So n is divis- ible by 10 if and only if n0 is divisible by 10; that is, if and only if n0 = 0. Thus, an integer is divisible by 10 if and only if its units digit is zero. 247
- 304. 248 CHAPTER 5 Congruence Applications Divisibility Test for 5 Because n ≡ n0 (mod 10), n is divisible by 5 if and only if n0 is divisible by 5. But the only single-digit numbers divisible by 5 are 0 and 5, so an integer is divisible by 5 if and only if it ends in a 0 or 5. Divisibility Test for 2i Because 10 ≡ 0 (mod 2), 10i ≡ 0 (mod 2i) for all positive integers i. Therefore, by Theorems 4.4 and 4.5, we have n ≡ n0 (mod 2) ≡ n1n0 (mod 22 ) (Note: n1n0 denotes a two-digit number.) ≡ n2n1n0 (mod 23 ) . . . ≡ ni−1ni−2 ...n1n0 (mod 2i ) Thus, an integer n is divisible by 2i if and only if the number formed by the last i digits in n is divisible by 2i. In particular, n is divisible by 2 if and only if the ones digit n0 is divisible by 2; it is divisible by 4 if the two-digit number n1n0 is divisible by 4; it is divisible by 8 if the three-digit number n2n1n0 is divisible by 8, and so on. For example, let n = 343,506,076. Since 2|6, 2|n; 4|76, so 4|n; but 8 076, so 8 n. Divisibility Tests for 3 and 9 Because 10 ≡ 1 (mod 3), 10i ≡ 1 (mod 3), by Theorem 4.5. So by Theorem 4.4, n ≡ nk + nk−1 + ··· + n1 + n0 (mod 3). Thus, an integer is divisible by 3 if and only if the sum of its digits is divisible by 3. Likewise, since n ≡ nk + nk−1 + ··· + n1 + n0 (mod 9), an integer is divisible by 9 if and only if the sum of its digits is divisible by 9. For example, let n = 243,506,076. The sum of its digits is 2 + 4 + 3 + 5 + 0 + 6 + 0 + 7 + 6 = 33. Since 3|33, 3|n; but 9 33, so 9 n. Next we turn to the divisibility test for 11. Divisibility Test for 11 Notice that 10 ≡ −1 (mod 11), 10i ≡ (−1)i (mod 11), by Theorem 4.5. So again by Theorem 4.5, n ≡ (−1)k nk + ··· − n3 + n2 − n1 + n0 (mod 11)
- 305. 5.1 Divisibility Tests 249 Thus, 11|n if and only if (n0 + n2 + ···) − (n1 + n3 + ···) is divisible by 11; that is, if and only if the sum of the digits in the “even” positions minus that in the “odd” positions is divisible by 11. For example, let n = 243,506,076. Desired difference = (6 + 0 + 0 + 3 + 2) − (7 + 6 + 5 + 4) = 11 − 22 = −11 Because 11|−11, 11|n also. The following theorem identifies a class of integers that are divisible by 11. THEOREM 5.1 A palindrome with an even number of digits is divisible by 11. PROOF Let n = n2k−1n2k−2 ...n1n0 be a palindrome with an even number of digits. Then n ≡ (n0 + n2 + ··· + n2k−2) − (n1 + n3 + ··· + n2k−1) (mod 11) ≡ 0 (mod 11) because n is a palindrome with an even number of digits. Thus, 11|n. For example, both palindromes 1331 and 60,588,506 contain an even number of digits, so both are divisible by 11. You should be aware, however, that this theorem does not apply to palindromes with an odd number of digits. For instance, the palindrome 131 contains an odd number of digits. However, it is not divisible by 11. Note that these divisibility tests can be extended to nondecimal bases. See Sup- plementary Exercises 4 and 5. Casting Out Nines Next we can demonstrate a technique called casting out nines (in other words, can- celing numbers that add up to 9). This technique can be used to detect computational errors, as the following two examples show. Casting out nines is based on the fact that every integer is congruent to the sum of its digits modulo 9.
- 306. 250 CHAPTER 5 Congruence Applications EXAMPLE 5.1 Using casting out nines, check if the sum of the numbers 3569, 24,387, and 49,508 is 78,464. SOLUTION We have 3569 ≡ 3 + 5 + 6 + 9 ≡ 5 (mod 9) 24387 ≡ 2 + 4 + 3 + 8 + 7 ≡ 6 (mod 9) 49508 ≡ 4 + 9 + 5 + 0 + 8 ≡ 8 (mod 9) Their sum ≡ 5 + 6 + 8 (mod 9) ≡ 1 (mod 9) Given answer = 78464 ≡ 7 + 8 + 4 + 6 + 4 (mod 9) ≡ 2 (mod 9) Thus, the given answer is not congruent to the actual sum modulo 9; consequently, the given sum is definitely wrong. (The correct sum is 77,464.) EXAMPLE 5.2 Using casting out nines, determine whether the product of 1976 and 3458 is 6,833,080. SOLUTION 1976 ≡ 1 + 9 + 7 + 6 ≡ 5 (mod 9) 3458 ≡ 3 + 4 + 5 + 8 ≡ 2 (mod 9) Their product ≡ 1 (mod 9) Given answer = 6,833,080 ≡ 6 + 8 + 3 + 3 + 0 + 8 + 0 (mod 9) ≡ 1 (mod 9) Because the given answer is congruent to the actual product modulo 9, we might be tempted to say that the given answer is correct. In fact, all we can say is, it is probably correct. This is so because any rearrangement of the digits of an integer yields the same least residue modulo 9, an idea used by today’s accountants. (The given answer is in fact wrong. The correct answer is 6,833,008.) As these two examples indicate, the only answer we can provide by using casting out nines is that the given solution is either definitely wrong or probably correct. Digital Root Closely related to casting out nines is the concept of the digital root of a positive integer N. It is computed by iteration: Find the sum s of its digits; then find the sum
- 307. 5.1 Divisibility Tests 251 of the digits in s; continue this procedure until a single digit d emerges; then d is the digital root of N. For example, to find the digital root of 1976, add its digits: 1 + 9 + 7 + 6 = 23; now add its digits: 2 + 3 = 5; so the digital root of 1976 is 5. Notice that 1976 ≡ 5 (mod 9). More generally, let N = (an ...a1a0)ten and let d be its digital root. Then d ≡ (an + ··· + a1 + a0) (mod 9). Thus, the digital root of N is the remainder when N is divided by 9, with one exception: It is 9 if the remainder is 0. The following example identifies the possible digital roots of perfect squares. EXAMPLE 5.3 Find the digital roots of square numbers. SOLUTION By the division algorithm, every integer n is of the form 9k + r, where 0 ≤ r 9. So n ≡ r (mod 9) and hence n2 ≡ r2 (mod 9). Since r ≡ r − 9 (mod 9), 02 ≡ 0 (mod 9), (±1)2 ≡ 1 (mod 9), (±2)2 ≡ 4 (mod 9), (±3)2 ≡ 0 (mod 9), and (±4)2 ≡ 7 (mod 9). Thus, n2 is congruent to 0, 1, 4, or 7, so its digital root is 1, 4, 7, or 9. This example can serve as a test to determine whether a positive integer can be a square: If an integer is a square, then its digital root must be 1, 4, 7, or 9. EXAMPLE 5.4 Determine whether N = 16,151,613,924 can be a square. SOLUTION Digital root of N ≡ (1 + 6 + 1 + 5 + 1 + 6 + 1 + 3 + 9 + 2 + 4) (mod 9) ≡ 3 (mod 9) Because the digital root is 3, N is not a square.
- 308. 252 CHAPTER 5 Congruence Applications Note that the converse of the preceding statement is false; that is, if the digital root of N is 1, 4, 7, or 9, then N need not be a square. For instance, the digital root of 43 is 7, but 43 is not a square. The following example identifies the digital root of the product of twin primes, except for the pair 3 and 5. EXAMPLE 5.5 Prove that the digital root of the product of twin primes, other than 3 and 5, is 8. PROOF Every prime 3 is of the form 6k−1 or 6k+1 (see Exercise 80 in Section 4.1), so we can take the twin primes to be 6k −1 and 6k +1. Their product = (6k −1)(6k +1) = 36k2 − 1 ≡ 0 − 1 ≡ 8 (mod 9). So the digital root of the product is 8. (Notice that the digital root of 3 · 5 is 6 and not 8.) E X E R C I S E S 5.1 Mark True or False. 1. Every integer divisible by 5 is odd. 2. Every integer divisible by 11 is odd. 3. 11 is a palindrome. 4. Every palindrome is divisible by 9. 5. 101000 − 1 is divisible by 9. 6. 101000 − 1 is divisible by 11. Which of the following numbers are divisible by 2? By 4? By 8? 7. 427,364 8. 30,587,648 9. 800,358,816 10. 398,008,576 Which of the following numbers are divisible by 3? By 9? 11. 205,876 12. 31,876,203 13. 5,588,610,911 14. 767,767,767 Determine whether each number is divisible by 6. 15. 87,654 16. 327,723 17. 639,576 18. 2,197,584 Determine whether each number is divisible by 11. 19. 43,979 20. 548,152 21. 502,458 22. 1,928,388 Using casting out nines, identify each computation as probably correct or definitely wrong. 23. 35897 750971 + 908085 1684953 24. 58807 83291 + 601756 748354 25. 7958036 − 2309859 5948177 26. 8314302 − 3708594 4605798 27. 2076 × 1076 223766 28. 4556 × 3443 15745034 Using casting out nines, find the missing nonzero digit d in each computation.
- 309. 5.2 Modular Designs 253 29. 7961 − 1976 = 59d5 30. 7167 − 1776 = 53d1 31. 253 · 86 = 2d758 32. 123 · 98 = 120d4 33. Find all four-digit integers of the form 4ab8 that are divisible by 2, 3, 4, 6, 8, and 9. (Mathematics Teacher, 1992) 34. The seven-digit number 21358ab is divisible by 99. Find a and b. (Mathematics Teacher, 1992) 35. Find the smallest number that leaves a remainder i when divided by i + 1, where 1 ≤ i ≤ 9. (Mathemat- ics Teacher, 1993) 36. Show that every six-digit number of the form abcabc is divisible by 7, 11, and 13. 37. Develop a divisibility test for 37. [Hint: 103 ≡ 1 (mod 37).] A procedure similar to casting out nines, called casting out twos, can be applied to check the accuracy of numeric computations of binary numbers. In this process, we can- cel pairs of bits that add up to 0 modulo 2. Using casting out twos, determine whether each computation is proba- bly correct or definitely wrong. 38. 10110110 1011111 + 1110011 110001100 39. 110110111 − 11001101 11101010 40. 1011101 × 1011 1111110011 Find the digital root of each. 41. 16,429,058 42. 1776 43. 17761776 44. 20209999 45. Suppose the digital root of an integer n is 9. Show that the digital root of any multiple of n is also 9. Determine whether each can be a square. 46. 54,893,534,046 47. 61,194,858,376 48. Find the possible values of the digital root of a cube. Prove each. 49. The units digit of a triangular number is 0, 1, 3, 5, 6, or 8. 50. If a three-digit integer abc is divisible by 37, then its cyclic permutations are also divisible by 37. 51. Let d|Rn, where Rn is a repunit. If d|anan−1 ...a0, then d divides every cyclic permutation of anan−1 ...a0. 52. The digital root ρ(fn) of the nth Fermat number fn is given by ρ(fn) = 5 if n is odd 8 otherwise 53. 22000 + 22001 + 22003 + 22007 is not a square. 54. Every integer n in base b is congruent to the sum of its digits modulo b − 1. 5.2 Modular Designs Modular arithmetic can be used to create beautiful designs. We will now explore three such designs: an m-pointed star, an (m, n) residue design, and quilt designs. They are really fun, so enjoy them. m-Pointed Stars To construct an m-pointed star, mark m equally spaced points on a large circle, and label them with the least residues 0 through (m−1) modulo m. Choose a least residue
- 310. 254 CHAPTER 5 Congruence Applications i modulo m, where (i,m) = 1. Join each point x with the point x + i modulo m. Now color in the various regions inside the circle with some solid colors. You should get a nice m-pointed star. Figure 5.1 shows a seven-pointed star and a twelve-pointed star. Figure 5.1 (m,n) Residue Designs To construct an (m,n) residue design, where 1 ≤ n m and (m,n) = 1, select m − 1 equally spaced points on a large circle, label them 1 through m − 1, and join each point x to point nx modulo m. Then color in the various regions formed in a system- atic way to create exciting designs. For example, to construct a (19,9) residue, divide a large circle into 18 equal arcs and label the points 1 through 18. Multiply each nonzero residue modulo 19 by 9: Then join the points 1 and 9, 2 and 18, 3 and 8, ..., and 18 and 10. Color the re- sulting regions systematically to obtain the beautiful design in Figure 5.2. Additional designs are shown in Figures 5.3 through 5.6.
- 311. 5.2 Modular Designs 255 Figure 5.2 Figure 5.3 Figure 5.4 Quilt Designs We can use addition and multiplication tables for least residues modulo m to gener- ate other artistic and interesting designs. For example, choose m = 9. Construct the addition table for the set of least residues 0 through 8 modulo 9, as Table 5.1 shows.
- 312. 256 CHAPTER 5 Congruence Applications Figure 5.5 Figure 5.6 + 0 1 2 3 4 5 6 7 8 0 0 1 2 3 4 5 6 7 8 1 1 2 3 4 5 6 7 8 0 2 2 3 4 5 6 7 8 0 1 3 3 4 5 6 7 8 0 1 2 4 4 5 6 7 8 0 1 2 3 5 5 6 7 8 0 1 2 3 4 6 6 7 8 0 1 2 3 4 5 7 7 8 0 1 2 3 4 5 6 8 8 0 1 2 3 4 5 6 7 Table 5.1 In this example, the circled number 7 in row 3 and column 4 is 3 + 4 modulo 9. Devise nine basic design elements to represent each of the numbers 0 through 8, as Figure 5.7 shows. (This design translation uses additive inverses and complements.) Now replace each entry in the main body of Table 5.1 with the corresponding design element. Figure 5.8 shows the resulting beautiful design. This basic design can be used to generate new designs. For example, flip this design about its right-side edge and then flip the ensuing design about the bottom edge. The two flips produce the fascinating design in Figure 5.9. Instead of a square grid, we could use a rectangular grid, like the one in Fig- ure 5.10. Use the design elements in Figure 5.11 to develop the basic design for modulo 5. Make the two flips to produce the sensational design in Figure 5.12.
- 313. 5.2 Modular Designs 257 Figure 5.7 Design elements in mod 9. Figure 5.8 Basic design. We can develop designs using different grids, design elements, and multiplica- tion tables. E X E R C I S E S 5.2 Construct a seven-pointed star by joining 1. Point x to x + 4 modulo 7. 2. Point x to x + 6 modulo 7. Construct a 12-pointed star by joining 3. Point x to x + 7 modulo 12. 4. Point x to x + 11 modulo 12. 5. Construct an 11-pointed star by joining every point x to x + 4 modulo 11.
- 314. 258 CHAPTER 5 Congruence Applications Figure 5.9 Figure 5.10 Figure 5.11 Design elements in mod 5. Figure 5.12
- 315. 5.3 Check Digits 259 6. Construct a 11-pointed star by joining point x to x+7 modulo 11. 7. Construct a 13-pointed star by joining point x to x+4 modulo 13. Construct each residue design. 8. (17,2) 9. (17,9) 10. (23,11) 11. (23,5) 12. (23,10) 13. Using the design elements in Figure 5.13 and the ad- dition table in modulo 3, create the basic design in modulo 3. Figure 5.13 14. Flip the basic design in Exercise 13 about its right edge and the resulting design about its bottom edge. 15. Create a 12-pointed star joining point x to point 5x+3 modulo 12. 5.3 Check Digits Coding theory is a branch of mathematics devoted to the detection and correction of errors in codes. We will now see how congruences are used to detect and correct errors in transmitted messages. Binary Codes First, we turn to binary codes, which are messages converted (encoded) into bits and transmitted over a channel such as a telephone line. The receiver tries to recover the original message by decoding the received message. Any errors in the received message must be detected and then corrected. The process of casting out twos plays a significant role in detecting and correct- ing errors in binary codes. Before transmission, we append a parity check bit xn+1 to each binary string x1x2 ...xn, defined by xn+1 ≡ x1 + x2 + ··· + xn (mod 2). That is, append a 1 if the number of 1s is odd and a 0 otherwise. This procedure keeps the number of 1s in the string always even. The following example illustrates this technique. EXAMPLE 5.6 Consider the ten-bit string 1101011101. Then x11 ≡ 1 + 1 + 0 + 1 + 0 + 1 + 1 + 1 + 0+1 ≡ 1 (mod 2), so the check bit is 1 and the transmitted message is 11010111011. Suppose we receive the string 11010111001; since it contains an odd number of ones,
- 316. 260 CHAPTER 5 Congruence Applications an odd number of errors has occurred during transmission. If there is a single error and its location is known, by changing the bit in that location, we can recover the original message. Check digits are often used to detect errors in strings of decimal digits. Banks, book publishers, libraries, and companies, such as United Parcel Service, that track large numbers of items use check digits to detect errors in their identification num- bers, as the next two examples demonstrate. But first, a simple definition. Dot Product The dot product of the vectors (x1,x2,...,xn) and (y1,y2,...,yn), is defined by (x1,x2,...,xn) · (y1,y2,...,yn) = n i=1 xiyi. The following two examples employ dot products. EXAMPLE 5.7 Every bank check has an eight-digit identification number d1d2 ...d8 followed by a check digit d, defined by d ≡ (d1,d2,...,d8) · (7,3,9,7,3,9,7,3) (mod 10). Com- pute the check digit for the identification number 17,761,976. SOLUTION Check digit ≡ (1,7,7,6,1,9,7,6) · (7,3,9,7,3,9,7,3) (mod 10) ≡ 1 · 7 + 7 · 3 + 7 · 9 + 6 · 7 + 1 · 3 + 9 · 9 + 7 · 7 + 6 · 3 (mod 10) ≡ 4 (mod 10) So the nine-digit check number is 177,619,764. The universal product code (UPC) found on grocery items in a supermarket contains a check digit. A UPC number consists of 12 digits d1, d2, ..., d12, of which the first six digits identify the country and the manufacturer, the next five identify the product, and the last digit d12 is the check digit. For example, the UPC number for Maxwell House Instant Coffee made by Kraft General Foods, Inc., in the United States is 043000794708. The codes for country, manufacturer, and the product are 0, 43000, and 79470, respectively: 0 3000 79470 − ↑ ↑ ↑ ↑ country manu. product check digit
- 317. 5.3 Check Digits 261 The check digit d12 in the UPC number must satisfy the condition (d1,d2, ...,d12) · (3,1,3,1,3,1,3,1,3,1,3,1) ≡ 0 (mod 10); that is, d12 ≡ −(d1,d2,...,d11) · (3,1,3,1,3,1,3,1,3,1,3) (mod 10) The following example illustrates this method. EXAMPLE 5.8 Compute the check digit d12 in the UPC number for Maxwell House Instant Coffee. SOLUTION d12 ≡ −(d1,d2,...,d11) · (3,1,3,1,3,1,3,1,3,1,3) (mod 10) ≡ −(0,4,3,0,0,0,7,9,4,7,0) · (3,1,3,1,3,1,3,1,3,1,3) (mod 10) ≡ −(0 + 4 + 9 + 0 + 0 + 0 + 21 + 9 + 12 + 7 + 0) (mod 10) ≡ −62 ≡ 8 (mod 10) So the check digit is 8 and the UPC identification number is 0-43000-79470-8. Zip Codes The United States Postal Service† uses bar codes to encode zip code information on mail, which can be readily and rapidly read by inexpensive bar code readers. The POSTNET (POSTal Numeric Encoding Technique) bar code may represent a five- digit zip code (32 bars), a nine-digit zip + 4 code (52 bars), or an 11-digit delivery point code (62 bars). It employs both binary numbers and check digits. Some bars are long and the others are short. See Figure 5.14. Figure 5.14 A long bar (or full bar) represents a 1, and a short one (a half bar) a 0. The two extreme bars are always long and can be ignored. The remaining bars are grouped into blocks of five bars each, indicating that the last block represents a check digit. † Based on Designing Business Letter Mail, United States Postal Service.
- 318. 262 CHAPTER 5 Congruence Applications The scheme for converting decimal digits into binary is based on the coding scheme used by the Bell Telephone Labs (now Lucent Technologies) in the early 1940s. There are exactly 5! 2!3! = 10 arrangements of two long bars and three short bars, and they represent the 10 digits, as Table 5.2 shows. With the exception of 0, the numeric value of each combination of five bars is found by adding the weights of the two long bars. From right to left, the bar positions are assigned the weights 0, 1, 2, 4, and 7. For example, the value of the code in Figure 5.15 is 5; and the value of the code in Figure 5.16 is 9. (A weight of 8 is not used, because then the weight of the group would be 10.) The only exception to this rule is the combination , which has a total weight of 11 but has been assigned the value 0. Bar Position Weights Numeric Binary Bar code Value 74210 74210 1 00011 2 00101 3 00110 4 01001 5 01010 6 01100 7 10001 8 10010 9 10100 0 11000 Table 5.2 Figure 5.15 Figure 5.16 Consider the five-digit zip code z1z2 ...z5. A check digit d is appended to it to detect errors: d ≡ − 5 i=1 zi (mod 10)
- 319. 5.3 Check Digits 263 For example, the check digit for the zip code 12345 is d ≡ −(1 + 2 + 3 + 4 + 5) (mod 10) ≡ −5 ≡ 5 (mod 10) So d = 5. The bar code for the zip code is shown in Figure 5.17. Figure 5.17 A check digit is also appended to every zip + 4 code, which was introduced by the Postal Service in 1983. For instance, consider the nine-digit zip code 12345- 6789; its check digit d is given by d ≡ −(1 + 2 + 3 + 4 + 5 + 6 + 7 + 8 + 9) (mod 10) ≡ −5 ≡ 5 (mod 10) So d = 5 and the corresponding bar code is shown in Figure 5.18. Figure 5.18 The delivery point bar code (DPBC) was introduced in 1993 by the Postal Service to uniquely identify each of the 115 million delivery points in the United States. It eliminates the need for carriers to sort mail prior to delivery. The delivery point bar code is formed by adding 10 bars to an existing zip + 4 code. The 10
- 320. 264 CHAPTER 5 Congruence Applications bars represent two additional numbers (normally, the last two numbers of the street address, P.O. box, rural route box, or highway contract route box). See Figure 5.19. Figure 5.19 An example of the DPBC number is 12345-6789-014, where 01 is the delivery point and 4 is the check digit. See Figure 5.19. ISBN Since 1972, virtually every book published anywhere in the world has an Interna- tional Standard Book Number (ISBN), a 10-digit identification number. The ISBN enables computerized transmission and storage of book data. It grew out of the book numbering system introduced into the United Kingdom in 1967 by F. G. Foster of the London School of Economics. In 1968, R. R. Bowker Company introduced it into the United States. An ISBN consists of four parts: a group code (one digit), a publisher code (two digits), a book code (six digits), and a check digit. For instance, the ISBN of a text by the author is 0-07-035471-5. The group code 0 or 1 indicates the book was pub- lished in an English-speaking country†; the publisher code 07 identifies the pub- lisher, McGraw-Hill; and the book code 035471 is assigned by the publisher to the book. The check digit d, where 0 ≤ d ≤ 10, and 10 is denoted by X, is defined by d ≡ −(x1,x2,...,x9) · (10,9,8,7,6,5,4,3,2) (mod 11), where x1,x2,...,x9 de- note the first nine digits in the ISBN. The following example demonstrates this coding scheme. EXAMPLE 5.9 Using the ISBN coding scheme, compute the check digit d if the first nine digits are 0-07-035472. † Australia, English-speaking Canada, New Zealand, South Africa, the United Kingdom, the United States, and Zimbabwe.
- 321. 5.3 Check Digits 265 SOLUTION d ≡ −(x1,x2,...,x9) · (10,9,8,7,6,5,4,3,2) (mod 11) ≡ −(0,0,7,0,3,5,4,7,2) · (10,9,8,7,6,5,4,3,2) (mod 11) ≡ −(0 + 0 + 56 + 0 + 18 + 25 + 16 + 21 + 4) (mod 11) ≡ −140 ≡ 3 (mod 11) Thus, the check digit is 3 and the ISBN is 0-07-035472-3. EAN Bar Codes In 1980, the International Article Numbering Association (formerly, the European Article Numbering Association, EAN) and the International ISBN Agency reached an agreement by which the ISBN can be translated into an EAN bar code. All EAN bar codes begin with a national identifier (00-09 for the United States) with one exception: For books and periodicals, the national identifier is replaced with a “bookland” identifier: 978 for books and 977 for periodicals. The 978 book- land/EAN prefix is followed by the first nine ISBN digits; the ISBN check digit is dropped and replaced with a check digit computed according to the EAN rules. See Figure 5.20. Figure 5.20 Five-Digit Add-On Code In the United States and a few other countries, a five-digit add-on code is used to provide additional information. This code is often used for price information. The lead digit in the five-digit add-on code designates the national currency; for example, a 5 indicates the U.S. dollar and a 6 the Canadian dollar.
- 322. 266 CHAPTER 5 Congruence Applications Figure 5.21 Publishers who do not want to indicate the price in the add-on code print the code 90090. See Figure 5.21. Driver’s License Numbers In the United States, the method used to assign driver’s license numbers varies widely from state to state. Some states use check digits when assigning driver’s license num- bers, in order to detect forgery or errors. For example, Utah assigns an eight-digit number d1d2 ...d8 in sequential or- der and then appends a check digit d9 defined by d9 ≡ 8 i=1 (10 − i)di (mod 10). The American Chemical Society uses this same system for registering chemicals, while the Canadian Province of Newfoundland uses a nearly identical scheme for driver’s licenses. The following example illustrates this coding scheme. EXAMPLE 5.10 Compute the check digit d9 in a driver’s license in Utah if the eight-digit number is 24923056. SOLUTION d9 ≡ (9,8,7,6,5,4,3,2) · (2,4,9,2,3,0,5,6) (mod 10) ≡ (18 + 32 + 63 + 12 + 15 + 0 + 15 + 12) (mod 10) ≡ 7 (mod 10) So the full license number is 249230567. Some states use even more complicated coding schemes in assigning driver’s license numbers. Arkansas, New Mexico, and Tennessee append a check digit d8 to the seven-digit number d1d2 ...d7, determined as follows:
- 323. 5.3 Check Digits 267 Let x ≡ −(d1,d2,...,d7) · (2,7,6,5,4,3,2) (mod 11) Then d8 = 1 if x = 0 0 if x = 10 x otherwise Vermont uses the same scheme, except that when x = 0, the letter A is used as the check symbol. The following example illustrates this system. EXAMPLE 5.11 Determine the check digit d8 in a driver’s license number assigned by the state of New Mexico, if the seven-digit number identification number in it is 0354729. SOLUTION First we compute x: x ≡ −(0,3,5,4,7,2,9) · (2,7,6,5,4,3,2) (mod 11) ≡ −(0 + 21 + 30 + 20 + 28 + 6 + 18) (mod 11) ≡ −123 ≡ 9 (mod 11) So, by definition, d8 = 9 and the full license number is 03547299. Exotic coding schemes are sometimes used to construct identification numbers. Norway, for instance, uses a two-check-digit scheme to assign registration numbers to its citizens. The last two digits of an eleven-digit registration number d1d2 ...d11 are check digits, defined as follows: d10 ≡ −(d1,d2,...,d9) · (3,7,6,1,8,9,4,5,2) (mod 11) d11 ≡ −(d1,d2,...,d10) · (5,4,3,2,7,6,5,4,3,2) (mod 11) Numbers for which d10 or d11 is “10” are not assigned. The following example illustrates this scheme. EXAMPLE 5.12 A registration number in Norway begins with the nine-digit number 065463334. Compute the two check digits in the identification number.
- 324. 268 CHAPTER 5 Congruence Applications SOLUTION We have d10 ≡ −(d1,d2,...,d9) · (3,7,6,1,8,9,4,5,2) (mod 11) ≡ −(0,6,5,4,6,3,3,3,4) · (3,7,6,1,8,9,4,5,2) (mod 11) ≡ −(0 + 42 + 30 + 4 + 48 + 27 + 12 + 15 + 8) (mod 11) ≡ −186 ≡ 1 (mod 11) d11 ≡ −(d1,d2,...,d10) · (5,4,3,2,7,6,5,4,3,2) (mod 11) ≡ −(0,6,5,4,6,3,3,3,4,1) · (5,4,3,2,7,6,5,4,3,2) (mod 11) ≡ −(0 + 24 + 15 + 8 + 42 + 18 + 15 + 12 + 12 + 2) (mod 11) ≡ −148 ≡ 6 (mod 11) So the two check digits are 1 and 6, and hence the registration number is 06546333416. Vehicle Identification Numbers Automobiles and trucks built since the early 1980s have been assigned a unique vehicle identification number (VIN) by the manufacturer. A typical VIN consists of 17 alphanumeric symbols; it contains coded information for the country where the vehicle was built, manufacturer, vehicle type, body type, engine type, series, restraint system, car line, check digit, model year, plant code, and plant sequential number. See Figure 5.22. The Vehicle Identification Number for a 1991 Toyota Camry Figure 5.22 Unlike check-digit schemes discussed earlier, the check digit in a VIN is not appended at the end, but placed in the middle. To compute the check digit d9, we employ the following algorithm:
- 325. 5.3 Check Digits 269 • Convert the letters A through Z into the numbers 1–9, 1–9, and 2–9, respec- tively. This yields a 16-digit number d1d2 ... / d9 ...d17. • Assign the weights 8,7,...,2,10,9,...,2 to the positions d1,..., / d9,..., d17, respectively. • Compute the least nonnegative residue r ≡ (d1,d2,..., / d9,...,d17) · (8,7, ...,2,10,8,...,2) (mod 11). • Check digit = d9 = r if 0 ≤ r 10 X otherwise The following example illustrates this algorithm. EXAMPLE 5.13 Compute the check digit in the vehicle identification number in Figure 5.22. SOLUTION Replacing the letters in the VIN with their numeric codes yields the following nu- meric equivalents: VIN: J T 2 V V 2 2 W – M 0 1 4 4 8 8 2 Numeric code: 1 3 2 5 5 2 2 6 – 4 0 1 4 4 8 8 2 Vertically align each numeric code by the corresponding weight: Numeric code: 1 3 2 5 5 2 2 6 – 4 0 1 4 4 8 8 2 Weight: 8 7 6 5 4 3 2 10 – 9 8 7 6 5 4 3 2 Now compute the weighted sum modulo 11: Weighted sum = 8 · 1 + 7 · 3 + 6 · 2 + 5 · 5 + 4 · 5 + 3 · 2 + 2 · 2 + 10 · 6 + 9 · 4 + 8 · 0 + 7 · 1 + 6 · 4 + 5 · 4 + 4 · 8 + 3 · 8 + 2 · 2 ≡ 6 (mod 11) Since 0 ≤ 6 10, the check digit is 6, as desired. German Bank Notes (optional)† In 1990, the German Bundesbank adopted a mathematically sophisticated scheme based on group theory from abstract algebra to compute the check digit in the serial † Although Germany has switched to Euro, this is still a delightful application.
- 326. 270 CHAPTER 5 Congruence Applications number of a bank note. A typical serial number consists of ten alphanumeric symbols s1,s2,...,s10, and a check digit s11. For example, the alphanumeric serial number of the bank note in Figure 5.23 is DD4170295U7 and the check digit is 7; the bank note features Gauss and his celebrated normal curve. Figure 5.23 A German bank note with serial number DD4170295U7 and check digit 7. To compute the check digit, we apply the following algorithm: • Convert the letters into their numeric codes, using Table 5.3: A D G K L N S U Y Z 0 1 2 3 4 5 6 7 8 9 Table 5.3 • Let f : S → S, defined as follows, where S = {0,1,...,9}: f(0) = 1 f(1) = 5 f(2) = 7 f(3) = 6 f(4) = 2 f(5) = 8 f(6) = 3 f(7) = 0 f(8) = 9 f(9) = 4 ( f is a permutation of the elements of S.) Let fn = f ◦ fn−1, where ◦ denotes the composition of functions, f0 is the identity function, and n ≥ 1. [For ex- ample, f3(5) = f(f(f(5))) = f(f(8)) = f(9) = 4.]
- 327. 5.3 Check Digits 271 • Define an operation ∗ on S using Table 5.4. ∗ 0 1 2 3 4 5 6 7 8 9 0 0 1 2 3 4 5 6 7 8 9 1 1 2 3 4 0 6 7 8 9 5 2 2 3 4 0 1 7 8 9 5 6 3 3 4 0 1 2 8 9 5 6 7 4 4 0 1 2 3 9 5 6 7 8 5 5 9 8 7 6 0 4 3 2 1 6 6 5 9 8 7 1 0 4 3 2 7 7 6 5 9 8 2 1 0 4 3 8 8 7 6 5 9 3 2 1 0 4 9 9 8 7 6 5 4 3 2 1 0 Table 5.4 (For those familiar with group theory, Table 5.4 represents the multiplication table for the dihedral group D10 of symmetries of a regular 5-gon. Notice that ∗ is a noncommutative operation; for example, 4 ∗ 5 = 9 = 6 = 5 ∗ 4.) • Select the check digit s11 such that f(s1) ∗ f2 (s2) ∗ f3 (s3) ∗ ··· ∗ f9 (s9) ∗ f10 (s10) ∗ s11 = 0 (5.1) (These steps can be stated more efficiently using group-theoretic language.) The following example illustrates this fancy algorithm. EXAMPLE 5.14 Compute the missing check digit in the German bank note serial number DD4170295U–. SOLUTION Using Table 5.3, first we convert the letters into numbers: Serial number: DD4170295U Numeric code: 1 1 4 1702957 Since s1 = 1 = s2 = s5, s3 = 4, s4 = 7 = s10, s6 = 0, s7 = 2, s8 = 9, and s9 = 5, f(s1) = 5, f2(s2) = 8, f3(s3) = 0, f4(s4) = 4, f5(s5) = 9, f6(s6) = 2, f7(s7) = 4, f8(s8) = 9, f9(s9) = 8, and f10(s10) = 1 (verify these). By equation (5.1), the check digit must satisfy the equation 5 ∗ 8 ∗ 0 ∗ 4 ∗ 9 ∗ 2 ∗ 4 ∗ 9 ∗ 8 ∗ 1 ∗ s11 = 0
- 328. 272 CHAPTER 5 Congruence Applications Using Table 5.4, this yields: (5 ∗ 8) ∗ (0 ∗ 4) ∗ (9 ∗ 2) ∗ (4 ∗ 9) ∗ (8 ∗ 1) ∗ s11 = 0 2 ∗ 4 ∗ 7 ∗ 8 ∗ 7 ∗ s11 = 0 (2 ∗ 4) ∗ (7 ∗ 8) ∗ 7 ∗ s11 = 0 1 ∗ 4 ∗ 7 ∗ s11 = 0 (1 ∗ 4) ∗ 7 ∗ s11 = 0 0 ∗ 7 ∗ s11 = 0 7 ∗ s11 = 0 s11 = 7 Thus, the check digit in the bank note is 7, as expected. E X E R C I S E S 5.3 Find the parity check bit that must be appended to each bit string for even parity. 1. 101101 2. 110110111 3. 10111011 4. 11011101 An n-bit string containing an even parity check bit is transmitted. What is your conclusion if the received string 5. Agrees for even parity? 6. Does not agree for even parity? Airlines assign a check digit d to their 11-digit ticket num- bers d1d2 ...d11, defined by d ≡ d1d2 ...d11 (mod 7). (In fact, the ticket number contains 14 digits and the check digit, but the three-digit airline code is not entered into the calculation of the check digit.) Compute the check digit if the 11-digit ticket number is 7. 20754376405 8. 17330207806 VISA traveler’s checks use the negative of the least residue modulo 9 as a check digit. For instance, the check digit for the check number 1967633314327 is 8 since 1967633314327 ≡ 1 (mod 9) and −1 ≡ 8 (mod 9). Com- pute the check digit for each check number. 9. 300706202013 10. 1942300317768 Using Example 5.7, compute the check digit if the eight- digit identification number is 11. 79002966 12. 88049338 Using Example 5.7, determine the missing digit d in each identification number. 13. 3313d4473 14. 78d035442 Using the ISBN coding scheme, compute the check digit if the first nine digits are 15. 0-87-620321 16. 0-201-57889 Determine whether each is a valid ISBN. 17. 0-201-57603-1 18. 0-07-095831-2 Compute the check digit in the UPC number for
- 329. 5.4 The p-Queens Puzzle (optional) 273 19. Cheerios by General Mills, Inc., if the 11-digit iden- tification number is 0-16000-66610. 20. Kellogg’s Product 19, if the 11-digit identification number is 0-38000-01912. Determine whether each is a valid UPC number for a gro- cery item. 21. 0-70734-06310-8 22. 0-16000-42080-9 Determine whether each is a valid Norway registration number. 23. 06546330708 24. 34040455642 The International Standard Serial Number (ISSN) is an internationally accepted code for identifying serial publi- cations. It consists of two four-digit groups. The eighth digit d8, which can be an X (for 10), is a check digit, defined by d8 ≡ −(d1,d2,...,d7) · (8,7,6,5,4,3,2) (mod 11). Compute the check digit for each seven-digit identification number. 25. 1234-567 26. 0593-303 Many European countries use check digits to detect er- rors in passport numbers. The check digit d8 of the identification number d1d2 ...d7 is defined by d8 ≡ (d1,d2,...,d7) · (7,3,1,7,3,1,7) (mod 10). Determine the check digit in each case. 27. 3157406 28. 4005372 Using the Utah scheme, find the check digit in a driver’s license number if the eight-digit identification number is 29. 14921994 30. 30435167 Determine the check digit d8 in a Tennessee driver’s li- cense number if the seven-digit identification number is 31. 0243579 32. 2730373 33–34. Redo Exercises 31 and 32 using the Vermont li- cense number scheme. Both South Dakota and Saskatchewan employ a complex scheme developed by IBM to compute the check digit d7 that is appended to the six-digit identification number d1d2 ...d6 in a driver’s license number. It is computed as follows: Multiply d2, d4, and d6 by 2; add the digits in the products; add the resulting sum to d1 + d3 + d5 to yield s; then d7 ≡ −s (mod 10). (This scheme is used by credit card companies, libraries, and drug stores in the United States, and by banks in Germany.) 35. Develop an algebraic formula for d7. Compute the check digit d7 for each six-digit identifica- tion number. 36. 204817 37. 764076 Compute the missing check digit in each vehicle identifi- cation number. 38. 2T1BB02E–VC194572 39. 2HGES165–1H541873 Determine if each is a valid alphanumeric serial number for a German bank note. 40. GD2414993L0 41. GD3994142L0 5.4 The p-Queens Puzzle (optional) The n-queens puzzle, a well-known problem used in undergraduate programming courses, gives us an excellent example of backtracking. The goal of the puzzle is to place n queens on an n × n chessboard in such a way that no two queens can attack each other. It follows by observation that the puzzle has no solution if n = 2 or 3.
- 330. 274 CHAPTER 5 Congruence Applications We can develop a formula for successfully placing p queens on a p × p chess- board, where p is a prime 3. The following section shows how the solution yields an algorithm for constructing a schedule for a round-robin tournament with p teams. The p-Queens Puzzle To present a formula for solving the p-queens problem, we place the queens row by row. Let f(i) denote the location (column index) of the ith queen, where 1 ≤ i ≤ p; then f(i) can be defined recursively. A Recursive Definition of f f(0) = 0 f(i) ≡ f(i − 1) + p + 1 2 (mod p), 1 ≤ i ≤ p − 1 f(p) = p (5.2) Using iteration, we can use this definition to find the following explicit formula for f(i). An Explicit Formula for f(i) f(i) ≡ p + 1 2 i (mod p) if 1 ≤ i ≤ p (5.3) Here f(i) is the least residue of (p+1)i/2 modulo p, where the residue 0 is interpreted as p. The following theorem singles out a property of f . THEOREM 5.2 The function f is injective. PROOF Let i and j be least residues modulo p such that f(i) = f(j) Then p + 1 2 i ≡ p + 1 2 j (mod p) Since ((p + 1)/2,p) = 1, this implies i ≡ j (mod p). But i and j are least residues modulo p, so i = j.
- 331. 5.4 The p-Queens Puzzle (optional) 275 This theorem shows f assigns exactly one queen to each row and each column, as Table 5.5 shows for p = 7. j i 1 2 3 4 5 6 7 1 . . . Q . . . 2 Q . . . . . . 3 . . . . Q . . 4 . Q . . . . . 5 . . . . . Q . 6 . . Q . . . . 7 . . . . . . Q Table 5.5 Next we show that no two queens placed by the preceding assignment can attack each other. THEOREM 5.3 No two queens placed on a p × p chessboard by the assignment f can attack each other. PROOF Since every row and every column contains exactly one queen, no two queens can attack each other along a row or column. So it suffices to show that they cannot attack along any southeast or northeast diagonal. For each northeast diagonal, the sum i + j of the row index i and the column index j is a constant k, where 2 ≤ k ≤ 2p. Clearly, we need only look at the diagonals, where 3 ≤ k ≤ 2p − 1. Suppose there are two such queens in positions (i1,j1) and (i2,j2). Then f(i1) ≡ p + 1 2 i1 (mod p) f(i2) ≡ p + 1 2 i2 (mod p) That is, j1 ≡ p + 1 2 i1 (mod p) and j2 ≡ p + 1 2 i2 (mod p) (5.4)
- 332. 276 CHAPTER 5 Congruence Applications where i1 + j1 = k = i2 + j2. Then i1 + j1 ≡ p + 3 2 i1 (mod p) That is, k ≡ p + 3 2 i1 (mod p) Similarly, k ≡ p + 3 2 i2 (mod p) These two congruences imply that (p + 3)i1/2 ≡ (p + 3)i2/2 (mod p), so i1 ≡ i2 (mod p) since (p,(p + 3)/2) = 1. Thus, i1 = i2, since they are least residues mod- ulo p. Then, by congruences (5.4), j1 = j2. Thus, no northeast diagonal contains two queens. To show that no southeast diagonal contains two queens, notice that for each such diagonal, i − j is a constant , where 1 − p ≤ ≤ p − 1. Clearly we can assume = 1 − p and = p − 1. Suppose a southeast diagonal contains two queens in positions (i1,j1) and (i2,j2). Then f(i1) ≡ p + 1 2 i1 (mod p) f(i2) ≡ p + 1 2 i2 (mod p) That is, j1 ≡ p + 1 2 i1 (mod p) and j2 ≡ p + 1 2 i2 (mod p) (5.5) where i1 − j1 = = i2 − j2. Then i1 − j1 ≡ i1 − p + 1 2 i1 (mod p) ≡ 1 − p 2 i1 (mod p) ≡ p + 1 2 i1 (mod p)
- 333. 5.5 Round-Robin Tournaments (optional) 277 Similarly, ≡ p + 1 2 i2 (mod p) These two congruences yield i1 = i2, since ((p + 1)/2,p) = 1, and i1 and i2 are least residues modulo p. Thus, by congruences (5.5), j1 = j2, so no southeast diagonal contains two queens. Thus, no two queens on the p × p chessboard can attack each other. An Algorithm for Placing p Queens on a p × p Chessboard The recursive definition of f provides an algorithm for placing the queens row by row on the p × p chessboard: • Place the first queen in column (p + 1)/2. In each successive row, cyclically advance to the right by (p + 1)/2 cells and place a queen in the resulting cell, and continue like this until a queen is placed in every row. 5.5 Round-Robin Tournaments (optional) In round-robin tournaments, every team plays every other team exactly once. Sup- pose there are n teams, labeled 1 through n. Then the tournament can be represented by a polygon with n vertices with every pair of vertices connected; every vertex represents a team and every line segment with endpoints i and j represents a game between teams i and j. (Such a figure is called a complete graph with n vertices.) For example, Figure 5.24 shows a round-robin tournament with five teams. Figure 5.24 A round-robin tournament with five teams. Let gn denote the number of games by n teams in a round-robin tournament. It can be defined recursively:
- 334. 278 CHAPTER 5 Congruence Applications g1 = 0 gn = gn−1 + (n − 1), n ≥ 2 Solving this recurrence relation, we get gn = n(n − 1) 2 = n 2 . For example, five teams will play 10 games. Congruences can be applied nicely to schedule round-robin tournaments. If n is even, then every team can be paired with another team; but if n is odd, not all teams can be paired, so one team gets a bye in that round. So, whenever n is odd, we add a dummy team X, so that if a team is paired with X in a certain round, it gets a bye in that round. Consequently, we assume n is even. Solving the p-queens puzzle is closely related to constructing a schedule for a round-robin tournament with p teams. Let g(i,j) denote the team played in round i by team j. If g(i,j) = j, team j gets a bye in round i. We define g as g(i,j) ≡ i − j (mod p) (5.6) where the least residue 0 modulo p is interpreted as p. For example, let p = 7. Then g(1,1) = 0 (mod 7), so g(1,1) = 7; similarly, g(1,2) ≡ −1 (mod 7), so g(1,2) = 6, and so on. Table 5.6 shows a schedule for a round-robin tournament with seven teams. Team j Round i 1 2 3 4 5 6 7 1 7 6 5 bye 3 2 1 2 bye 7 6 5 4 3 2 3 2 1 7 6 bye 4 3 4 3 bye 1 7 6 5 4 5 4 3 2 1 7 bye 5 6 5 4 bye 2 1 7 6 7 6 5 4 3 2 1 bye Table 5.6 A round-robin tournament for seven teams. We will now show that g constructs a round-robin tournament schedule for p teams. First, we must prove the following three theorems.
- 335. 5.5 Round-Robin Tournaments (optional) 279 THEOREM 5.4 Exactly one team draws a bye in each round. PROOF Suppose teams j1 and j2 draw byes in round i. Then g(i,j1) ≡ j1 (mod p) and g(i,j2) ≡ j2 (mod p) case 1 If i = j1, then i = j1 = p. Because g(i,j2) ≡ j2 (mod p), i−j2 ≡ j2 (mod p); that is, p − j2 ≡ j2 (mod p) 2j2 ≡ 0 (mod p) j2 ≡ 0 (mod p) So j2 = p. Thus, j1 = j2. case 2 If i = j1, then g(i,j1) ≡ i − j1 ≡ j1 (mod p), so i ≡ 2j1 (mod p). If i = j2,g(i,j2) ≡ i ≡ p (mod p). Then p ≡ 2j1 (mod p), so 2j1 ≡ 0 (mod p); that is, j1 ≡ 0 (mod p) or j1 = p. Then i ≡ 2p ≡ 0 (mod p), so i = p. Thus, i = j1, a contradiction. So i = j2. Therefore, g(i,j2) ≡ i − j2 ≡ j2 (mod p). This yields i ≡ 2j2 (mod p), so 2j1 ≡ 2j2 (mod p) j1 ≡ j2 (mod p) Therefore, j1 = j2, since they are least residues modulo p. Thus, in both cases, j1 = j2, so exactly one team gets a bye in each round. The following theorem identifies the team that draws a bye in each round. THEOREM 5.5 g(i,j) ≡ j (mod p) if and only if j ≡ p + 1 2 i (mod p). PROOF Assume g(i,j) ≡ j (mod p). If i = j, then g(i,j) ≡ p (mod p), so i ≡ j ≡ p ≡ 0 (mod p). Therefore, j ≡ (p + 1)i/2 (mod p). If i = j, then g(i,j) ≡ i − j (mod p). Then i − j ≡ j (mod p)
- 336. 280 CHAPTER 5 Congruence Applications That is, i ≡ 2j (mod p) Therefore, (p + 1)i/2 ≡ (p + 1)2j/2 ≡ pj + j ≡ j (mod p). Thus, in both cases, team j draws a bye in round i if j ≡ (p + 1)i/2 (mod p). Conversely, suppose j ≡ (p + 1)i/2 (mod p). Then g(i,j) ≡ i − j (mod p) ≡ i − (p + 1)i/2 ≡ (1 − p)i/2 (mod p) ≡ (p + 1)i/2 ≡ j (mod p) Thus, team j draws a bye in round i. The following theorem shows that g schedules every team exactly once in each round; that is, g outputs every value 1 through p exactly once. THEOREM 5.6 The function g is injective for each i. PROOF Suppose g(i,j1) = g(i,j2). Then i − j1 ≡ i − j2 (mod p), so j1 ≡ j2 (mod p); thus, j1 = j2 and g is injective. It follows by Theorems 5.4 through 5.6 that the function g determines uniquely the opponent of team j in every round i, where 1 ≤ i,j ≤ p; in round i, team j draws a bye, where j ≡ (p + 1)i/2 (mod p). Interestingly enough, this is exactly the same value (5.3) obtained earlier for placing the ith queen, where 1 ≤ i ≤ p. Thus, a bye occurs in round i in the round-robin schedule in exactly the same cell as the one in which a Q occurs in row i of the p × p chessboard. With this result, we can use the function g to modify the p-queens algorithm to develop an algorithm for a round-robin schedule for p teams, where p ≥ 3. An Algorithm for Constructing a Round-Robin Schedule for p Teams • Place the first bye in column (p + 1)/2; in each successive row, cyclically advance to the right by (p + 1)/2 cells, and place a bye in the resulting cell; continue like this until a bye is placed in every row. • Beginning with the first cell in row 1, count down the numbers p through 1 and enter them in empty cells (i.e., skip over the cell occupied by a bye), to obtain the permutation p,p − 1,..., bye, ..., 2, 1; to obtain each remaining
- 337. 5.5 Round-Robin Tournaments (optional) 281 row, cyclically permute to the right the numbers in the preceding row. (Always skip over the byes. See Table 5.6.) Suppose the number of teams n is not a prime. We pair the teams in round k as follows†: Team i( = n) plays team j( = n) if i + j ≡ k (mod n − 1), where i = j. This schedules all teams except teams n and i, where 2i ≡ k (mod n − 1). The linear congruence 2i ≡ k (mod n − 1), where 1 ≤ i n, has a unique solution i exactly when (2,n − 1) = 1 (by Corollary 4.6); so pair team i with team n in round k. We can now show that this procedure pairs every team with every other team in each round. Consider team i, where 1 ≤ i n. Since the congruence 2i ≡ k (mod n − 1) has a unique solution i and team n is paired with team i, team n plays n−1 distinct games. Also, suppose teams i and j play in two distinct rounds k and k; then i+j ≡ k (mod n−1) and i+j ≡ k (mod n−1); this implies k ≡ k (mod n−1), a contradiction; in other words, teams i and j do not meet in two distinct rounds. Thus, each of the first n − 1 teams plays n − 1 games and no two teams play twice, so each plays exactly n − 1 games. Team n also plays exactly n − 1 games. The following example illustrates this algorithm. EXAMPLE 5.15 Develop a schedule for a round-robin tournament with seven teams. SOLUTION First, label the teams 1 through 7. Since the number of teams is odd, we add a dummy team X. We now prepare the schedule round by round. To develop the schedule for round 1: Team 1 plays team j, where 1 + j ≡ 1 (mod 7); then j = 7, so team 1 plays team 7. Team 2 plays team j, where 2 + j ≡ 1 (mod 7); this yields j = 6, so team 2 plays team 6. Similarly, team 3 plays team 5. Because i = 4 is the solution of the congruence 2i ≡ 1 (mod 7), team 4 plays team 8; that is, team 4 gets a bye in round 1. To develop the schedule for round 2: Because 2i ≡ 2 (mod 7) implies i = 1, team 1 plays team 8; that is, team 1 enjoys a bye in round 2. Team 2 plays team j, where 2 + j ≡ 2 (mod 7), so j = 7; thus, team 2 plays team 7. Similarly, team 3 plays team 6 and team 4 plays team 5. Continuing like this, we can find the pairings in other rounds. The resulting schedule is given in Table 5.7. † This method was developed in 1956 by J. E. Freund.
- 338. 282 CHAPTER 5 Congruence Applications Team Round 1 2 3 4 5 6 7 1 7 6 5 bye 3 2 1 2 bye 7 6 5 4 3 2 3 2 1 7 6 bye 4 3 4 3 bye 1 7 6 5 4 5 4 3 2 1 7 bye 5 6 5 4 bye 2 1 7 6 7 6 5 4 3 2 1 bye Table 5.7 A schedule for a round-robin tournament for seven teams. E X E R C I S E S 5.5 1. Solve the recurrence relation gn = gn−1 + (n − 1), where g1 = 0. Develop a round-robin tournament schedule with 2. Five teams 3. Six teams 4. Eight teams 5. Nine teams 6. We would like to schedule a round-robin tournament with seven teams, 1 through 7. Pair team i with team j in round k, where j ≡ i + 1 + k (mod 7). Will this pair- ing provide a conflict-free and duplication-free sched- ule? If not, explain why. 7. Redo Exercise 6 if team i is paired with team j, where j ≡ k(i + 1) (mod 7). 8. A company wants to schedule 1-hour meetings be- tween every two of its six regional managers—A, B, C, D, E, and F—so each can spend an hour with each of the other five to get better acquainted. The meetings begin at 7 A.M. Find the various possible schedule- pairings. (S. W. Golomb, 1993) 5.6 The Perpetual Calendar (optional) In this section, we develop an interesting formula to determine the day of the week for any date in any year. Since the same day occurs every seventh day, we shall em- ploy congruence modulo 7 to accomplish this goal, but first a few words of historical background. Around 738 B.C., Romulus, the legendary founder of Rome, is said to have introduced a calendar consisting of 10 months, comprising a year of 304 days. His successor, Nauma, is credited with adding two months to the calendar. This new calendar was followed until Julius Caesar introduced the Julian calendar in 46 B.C.,
- 339. 5.6 The Perpetual Calendar (optional) 283 to minimize the distortions between the solar calendar and the Roman year. The Julian calendar consisted of 12 months of 30 and 31 days, except for February, which had 29 days, and every fourth year 30 days. The first Julian year began on January 1, 45 B.C. It contained 365.25 days, was 11 minutes 14 seconds longer than the solar year, and made every fourth year a leap year of 366 days. By 1580, the Julian calendar, although the primary calendar in use, was 10 days off. It was, however, widely used until 1582. In October 1582, astronomers Fr. Christopher Clavius and Aloysius Giglio in- troduced the Gregorian calendar at the request of Pope Gregory XIII, to rectify the errors of the Julian calendar. The accumulated error of 10 days was compensated by dropping 10 days in October, 1582. (October 5 became October 15.) The Gregorian calendar designates those century years divisible by 400 as leap years; all noncen- tury years divisible by 4 are also leap years. For example, 1776 and 2000 were leap years, but 1900 and 1974 were not. The Gregorian calendar, now used throughout the world, is so accurate that it differs from the solar year only by about 24.5376 seconds. This discrepancy exists because a Gregorian year contains about 365.2425 days, whereas a solar year con- tains about 365.242216 days. The result is an error of 3 days every 10,000 years. With this in mind, we can now return to our goal: Determine the day d of the week for the rth day in a given month m of any given year y in the Gregorian cal- endar. The first century leap year occurred in 1600 (18 years after the introduction of the Gregorian calendar); so we will develop the formula to hold for years beyond 1600. Also, since a leap year adds a day to February, we will count the new year be- ginning with March 1. For example, January 3000 is considered the eleventh month of 2999, whereas April 3000 is the second month of year 3000; also February 29 of 1976 is the last day of the 12th month of 1975. So we assign the numbers 1 through 12 for March through February, and 0 through 6 for Sunday through Saturday, so 1 ≤ m ≤ 12, 1 ≤ r ≤ 31, and 0 ≤ d ≤ 6. For example, m = 3 denotes May and d = 5 indicates Friday. The derivation is lengthy and complicated, so we shall develop the formula in small steps. Let dy denote the day of the week of March 1 (the first day of the year) in year y, where y ≥ 1600. To Compute d from d1600: Because 365 ≡ 1 (mod 7), dy is advanced from dy−1 by 1 if y is not a leap year and by 2 if y is a leap year: dy = dy−1 + 1 if y is not a leap year dy−1 + 2 otherwise
- 340. 284 CHAPTER 5 Congruence Applications To compute dy from d1600, we need to know the number of leap years since 1600. By Example 2.5, =
- 341. y/4 −
- 342. y/100 +
- 343. y/400 − 388 (5.7) By the division algorithm, y = 100C + D, where 0 ≤ D 100, so C denotes the number of centuries in y and D the leftover: C =
- 344. y/100 and D = y (mod 100) (For example, if y = 2345, then C = 23 and D = 45.) Then =
- 345. (100C + D)/4 −
- 346. (100C + D)/100 +
- 347. (100C + D)/400 − 388 =
- 348. 25C + D/4 −
- 349. C + D/100 +
- 350. C/4 + D/400 − 388 = 25C +
- 351. D/4 − C +
- 352. C/4 − 388, since D 100 = 24C +
- 353. D/4 +
- 354. C/4 − 388 ≡ 3C +
- 355. C/4 +
- 356. D/4 − 3 (mod 7) (5.8) Therefore, dy ≡ d1600 + one day for each year since 1600 + one extra day for each leap year since 1600 (mod 7) ≡ d1600 + (y − 1600) + (mod 7) Substituting for y and , dy ≡ d1600 + (100C + D − 1600) + 3C +
- 357. C/4 +
- 358. D/4 − 3 (mod 7) ≡ d1600 + (2C + D − 4 + 3C − 3) +
- 359. C/4 +
- 360. D/4 (mod 7) ≡ d1600 + 5C + D +
- 361. C/4 +
- 362. D/4 (mod 7) ≡ d1600 − 2C + D +
- 363. C/4 +
- 364. D/4 (mod 7) (5.9) We can use this formula to identify dy, the day of March 1 in year y, provided we know d1600. In fact, we can also use it to find d1600 from some known value of dy. To Determine d1600: Because March 1, 1994, fell on a Tuesday, d1994 = 2. For y = 1994,C = 19, and D = 94, so, by formula (5.9),
- 365. 5.6 The Perpetual Calendar (optional) 285 d1600 ≡ 2 + 2 · 19 − 94 −
- 366. 19/4 −
- 367. 94/4 (mod 7) ≡ 2 + 3 − 3 − 4 − 2 (mod 7) ≡ −4 ≡ 3 (mod 7) Thus, d1600 was a Wednesday. Substituting for d1600 in formula (5.9), dy ≡ 3 − 2C + D +
- 368. C/4 +
- 369. D/4 (mod 7) (5.10) This formula enables us to determine the day on which March 1 of any year falls. Now we extend this formula for an arbitrary day of a given month of the year. To Extend Formula (5.10) to the rth Day of Month m in Year y: To generalize formula (5.10), we need to know the number of days the first of the month is moved up from that of the previous month modulo 7. For this, notice that 30 ≡ 2 (mod 7) and 31 ≡ 3 (mod 7). So the day of the first of the month following a month with 30 days is advanced by 2 days, whereas that following a month with 31 days is advanced by 3 days. For example, December 1, 1992, was a Tuesday. So January 1, 1993, fell on day (2 + 3) = day 5, a Friday. Thus, we have the following eleven monthly increments: March 1 to April 1: 3 days April 1 to May 1: 2 days May 1 to June 1: 3 days June 1 to July 1: 2 days July 1 to August 1: 3 days August 1 to September 1: 3 days September 1 to October 1: 2 days October 1 to November 1: 3 days November 1 to December 1: 2 days December 1 to January 1: 3 days January 1 to February 1: 3 days Next, we look for a function that yields these incremental values. To Find a Function f That Produces These Increments: First, notice that the sum of the increments = 29 days. So, the average number of increments = 29/11 ≈ 2.6 days, so it was observed by Christian Zeller that the func- tion f(m) =
- 370. 2.6m − 0.2 − 2 can be employed to yield the above increments as m
- 371. 286 CHAPTER 5 Congruence Applications Christian Julius Johannes Zeller (1824–1899) was born at Mühlhausen on the Neckar. After studying theology, he became a priest at Schöckingen in 1854. From 1874 to 1898 he was the principal of Women’s Elementary School Teachers’ College at Markgröningen. Zeller spent his spare time studying mathematics, especially number theory. He published on remainders, Bernoulli numbers, and arithmetic progressions. His article on the calendar problem was published in a bulletin of the French Mathematical Society. Zeller died in Cannstadt. varies from 2 to 12. For example, f(3) − f(2) = (
- 372. 7.8 − 0.2 − 2) − (
- 373. 5.2 − 0.2 − 2) = (7 − 2) − (5 − 2) = 2 so there is an increment of 2 days from month 2 (April 1) to month 3 (May 1). Therefore, by formula (5.10), the first day d of month m is given by dy +
- 374. 2.6m − 0.2 − 2 (mod 7); that is, d ≡ 3 − 2C + D +
- 375. C/4 +
- 376. D/4 +
- 377. 2.6m − 0.2 − 2 (mod 7) ≡ 1 +
- 378. 2.6m − 0.2 − 2C + D +
- 379. C/4 +
- 380. D/4 (mod 7) To Find the Formula for the rth Day of Month m: The day d of the week for the rth day of month m is given by d + (r − 1) (mod 7); that is, d ≡ r +
- 381. 2.6m − 0.2 − 2C + D +
- 382. C/4 +
- 383. D/4 (mod 7) (5.11) This formula enables us to determine the day of the week of any given day in the Gregorian calendar, as the next example demonstrates. EXAMPLE 5.16 Determine the day of the week on which January 13, 2020, falls. SOLUTION Notice that January 2020 is the eleventh month of year 2019, so here y = 2019, C = 20, D = 19, m = 11, and r = 13. Therefore, by formula (5.11),
- 384. 5.6 The Perpetual Calendar (optional) 287 d ≡ 13 +
- 385. 2.6 × 11 − 0.2 − 2 × 20 + 19 +
- 386. 20/4 +
- 387. 19/4 (mod 7) ≡ 13 + 28 − 40 + 19 + 5 + 4 (mod 7) ≡ 1 (mod 7) Thus, January 13, 2020, falls on a Monday. E X E R C I S E S 5.6 Find the day of the week in each case. 1. 234 days from Monday. 2. 365 days from Friday. 3. 1776 days from Wednesday. 4. 2076 days from Saturday. Let S = {true, false}. Define a boolean function f :N → S by f(n) = true if year n is a leap year and false other- wise. Find f(n) for each year n. 5. 1996 6. 2020 7. 2076 8. 3000 9. January 1, 2000, falls on a Saturday. What day of the week will January 1, 2020, be? (Hint: Look for leap years.) 10. January 1, 1990, was a Monday. What day of the week was January 1, 1976? (Hint: Again, look for leap years.) Determine the day of the week of each historical date. 11. January 17, 1706 (Benjamin Franklin’s date of birth) 12. February 22, 1732 (George Washington’s date of birth) 13. July 4, 1776 (U.S. Declaration of Independence) 14. November 19, 1863 (Gettysburg Address) 15. March 7, 1876 (first telephone patent issued to Alexander Graham Bell) 16. December 17, 1903 (world’s first flight) 17. July 16, 1945 (first atomic bomb detonation) 18. October 24, 1945 (United Nations established) 19. April 12, 1961 (first human travel in space) 20. July 20, 1969 (first lunar landing) The day of January 1 of any year y can be determined using the formula x ≡ y +
- 388. (y − 1)/4 −
- 389. (y − 1)/100 +
- 390. (y − 1)/400 (mod 7) (5.12) where 0 ≤ x ≤ 6. (G. L. Ritter, 1977) Using this formula, determine the first day in each year. 21. 2000 22. 2020 23. 2076 24. 3000 The number of Friday-the-thirteenths in a given year y can be computed using formula (5.12) and Table 5.8. For example, suppose that January 1 of a year falls on a Sunday (0). If it is not a leap year, there will be two Friday-the-thirteenths: January 13 and October 13; if it is a leap year, there will be three: January 13, April 13, and July 13. Compute the number of Friday-the-thirteenths in each year. Code, x January 1 Nonleap Year, y Leap Year, y 0 Sunday January, January, April, October July 1 Monday April, July September, December 2 Tuesday September, June December 3 Wednesday June March, November 4 Thursday February, March, February, November August 5 Friday August May 6 Saturday May October Table 5.8
- 391. 288 CHAPTER 5 Congruence Applications 25. 2000 26. 2020 27. 2076 28. 3076 (Easter Sunday) The date for Easter Sunday in any year y can be computed as follows. Let a = y mod 19, b = y mod 4, c = y mod 7, d = (19a + 24) mod 30, e = (2b + 4c + 6d + 5) mod 7, and r = 22 + d + e. If r ≤ 31, then Easter Sunday is March r; otherwise, it is April [r (mod 31)]. Compute the date for Easter Sunday in each year. 29. 1996 30. 2000 31. 2076 32. 3000 We can calculate the day of the week for the rth day of an arbitrary month m in year y in the Gregorian calendar by a different formula d ≡
- 392. 23m/9 + r + 4 + y +
- 393. z/4 −
- 394. z/100 +
- 395. z/400 − k (mod 7) where z = y − 1 and k = 0 if m 3; and z = y and k = 2 if m ≥ 3. (M. Keith, 1990) 33–42. Using this formula, compute the days of each date in Exercises 11–20. 43. Show that
- 396. C/4 + D/400 =
- 397. C/4 , where 0 ≤ D 100. X CHAPTER SUMMARY This chapter explored the power of congruences in several applications. Divisibility Tests • An integer is divisible by 10 if and only if it ends in 0. (p. 247) • An integer is divisible by 5 if and only if it ends in 0 or 5. (p. 248) • An integer is divisible by 2i if and only if the number formed by the last i digits is divisible by 2i. (p. 248) • An integer is divisible by 3 if and only if the sum of its digits is divisible by 3. (p. 248) • An integer is divisible by 9 if and only if the sum of its digits is divisible by 9. (p. 248) • An integer is divisible by 11 if and only if the sum of its digits in the even po- sitions minus that of its digits in the odd positions is divisible by 11. (p. 249) • Every palindrome with an even number of digits is divisible by 11. (p. 249) Casting Out Nines • This technique can detect computational errors. (p. 249) • The digital root of a positive integer is its least residue modulo 9; if it is zero, the digital root is 9. (p. 251)
- 398. Review Exercises 289 Dot Product • The dot product of two vectors (x1,x2,...,xn) and (y1,y2,...,yn) is n i=1 xiyi. (p. 260) X REVIEW EXERCISES Find the largest exponent i such that 2i divides each integer. 1. 24,050,856 2. 300,472,336 Determine whether each number is divisible by 6. 3. 140,736 4. 3,041,079 Determine whether each number is divisible by 11. 5. 9,240,622 6. 85,140,643 Find the missing nonzero digit d in each case. 7. 645d56 ≡ 4 (mod 8) 8. 29d224 ≡ 3 (mod 3) 9. 889d849 ≡ 2 (mod 11) 10. 29992d5 ≡ 4 (mod 11) Using casting out nines, identify each computation as probably correct or definitely wrong. 11. 53467 498773 + 877008 1439248 12. 8700579 − 4099247 4610332 13. 780086 × 27753 21549726758 Find the parity check bit that must be appended to each bit string for even parity. 14. 110110110 15. 11101101101 16. 10101011011 17. 101011011111 Find the digital root of each. 18. 999,000,555 19. 888,777,666 20. 23233232 21. 55551122 Determine whether each can be a square. 22. 1,161,310,084 23. 3,656,973,729 Determine whether each can be a cube. 24. 15,064,223 25. 95,506,664,111
- 399. 290 CHAPTER 5 Congruence Applications Determine whether each is a valid UPC number. 26. 0-49200-05100-9 27. 0-13130-03622-4 28. Prego spaghetti sauce, made by Campbell Soup Company, has a country code, manufacturer code, and product code of 0, 51000, and 02549, respectively. Com- pute its UPC number. 29. Compute the UPC number for Classic Ovaltine by Sandoz Nutrition Corpora- tion if the country code, manufacturer code, and product code are 7, 51746, and 03361, respectively. 30. The United Parcel Service assigns to each parcel an identification number of nine digits and a check digit. The check digit is the least residue modulo 9 of the nine-digit number. Find the check digit for 038575447. 31. Libraries use a sophisticated code-a-bar system to assign each book a 13- digit identification number d1d2 ...d13 and a check digit d14. The check digit is computed as d14 ≡ [−(d1,d2,...,d13) · (2,1,2,1,2,1,2,1,2,1,2,1,2) − k] (mod 10), where k denotes the number of digits among d1, d3, d5, d7, d9, d11, and d13 greater than or equal to 5. Compute the check digit for 3-3014-00099- 073. A MasterCard number contains 16 digits d1 through d16, with d16 being the check digit. It is computed as d16 ≡ − 8 i=1 ρ(2d2i−1) + 7 i=1 d2i (mod 10) where ρ(m) denotes the digital root of m. (ρ is the Greek letter rho.) Compute the check digit if the 15-digit identification number is 32. 5300-7402-4001-638 33. 5329-0419-4253-736 Determine the day of the week of each historical date. 34. December 21, 1620 (the Pilgrims landed at Plymouth, Massachusetts) 35. February 1, 1790 (the first meeting of the U.S. Supreme Court) Compute the missing check digit in each VIN. 36. JT2DB02T–T0049506 37. 1B4GP44R–XB582510 Compute the missing check digit in each German bank note serial number. 38. YA8174491A– 39. DG6244129Y–
- 400. Computer Exercises 291 X SUPPLEMENTARY EXERCISES Let ρ(n) denote the digital root of a positive integer n. Prove each, where m and n are positive integers. 1. ρ(ρ(n)) = ρ(n) 2. ρ(m + n) = ρ(ρ(m) + ρ(n)) 3. ρ(mn) = ρ(ρ(m)ρ(n)) Prove each. 4. An integer n = (nknk−1 ...n1n0)b is divisible by di if and only if the integer (ni−1 ...n1n0)b is divisible by di, where d|b and i 0. 5. An integer n = (nknk−1 ...n1n0)b is divisible by d if and only if the integer nk + ··· + n1 + n0 is divisible by d, where d|(b − 1). 6. Let a and d be positive integers such that d|(10a − 1). Then d|10q + r if and only if d|q + ar. (C. F. Liljevalch, 1838) Using Liljevalch’s theorem in Exercise 6, deduce a divisibility test for each number. 7. 3 8. 7 9. 9 10. 11 11. 13 12. 17 13. 19 Using the divisibility tests in Exercises 7–13, determine whether each integer is di- visible by the corresponding second integer. 14. 1953, 7 15. 28303, 11 16. 51814, 17 17. 61731, 19 18. Suppose a two-digit number N is divisible by 7. Reverse its digits; add the tens digit of N to it. Prove that the resulting number N is also divisible by 7. (A. P. Stevens, 1951) 19. Suppose a three-digit number N is divisible by 7. Reverse its digits; subtract the difference of its end digits from the reverse. Prove that the resulting number N is also divisible by 7. (A. P. Stevens, 1951) 20. Find the least positive integer that equals eleven times the sum of its digits. 21. Find the digital root of the integer n = 2p−1(2p − 1), where p and 2p − 1 are primes. [Hint: 2 ≡ −1 (mod 3).] X COMPUTER EXERCISES Write a program to perform each task. 1. Read in a positive integer n and find the largest exponent i such that 2i|n.
- 401. 292 CHAPTER 5 Congruence Applications 2. Read in a positive integer n. Using divisibility tests, determine if it is divisible by 3, 5, 6, 9, or 11. 3. Read in a bit string and append a bit for even parity. 4. Read in the first nine digits of an ISBN and print the corresponding ISBN. 5. Read in the first eight digits in a Utah driver’s license number and print the nine- digit license number. 6. Read in the first seven digits in a New Mexico driver’s license number and print the eight-digit license number. 7. Redo program 6 if the driver lives in Vermont. 8. Read in a 12-digit number and determine whether is a valid UPC number. 9. Read in the country code, manufacturer code, and the product code of a grocery item. Compute its UPC number. 10. Read in an 11-digit number and determine if it is a valid Norwegian registration number. 11. Read in the nine-digit identification number in a Norwegian registration number and determine the 11-digit registration number. 12. Read in a prime p 3 and place p queens on a p × p chessboard. 13. Read in a positive integer n 2 and print a schedule for a round-robin tourna- ment with n teams. 14. Read in a date in the form month/date/year in the Gregorian calendar. Print the day of the week corresponding to the date using (a) Formula (5.11) in Section 5.6. (b) Formula in problems 33–42 of Exercises 5.6. X ENRICHMENT READINGS 1. J. A. Gallian, “The Zip Code Bar Code,” UMAP J., 7 (1986), 191–194. 2. J. A. Gallian, “Assigning Driver’s License Numbers,” Mathematics Magazine, 64 (Feb. 1991), 13–22. 3. J. A. Gallian, “The Mathematics of Identification Numbers,” College Mathemat- ics J., 22 (May 1991), 194–202. 4. M. Keith, “A Mental Perpetual Calendar,” J. Recreational Mathematics, 8 (1975– 1976), 242–245. 5. M. Keith and T. Craver, “The Ultimate Perpetual Calendar?” J. Recreational Mathematics, 22 (1990), 280–282. 6. J. Kirkland, “Identification Numbers and Check Digit Schemes,” Math. Associa- tion of America, Washington, DC, 2001. 7. P. M. Tuchinsky, “International Standard Book Numbers,” UMAP J., 5 (1985), 41–54.
- 402. Enrichment Readings 293 8. S. J. Winters, “Error Detecting Schemes Using Dihedral Groups,” UMAP J., 11 (1990), 299–308. 9. E. F. Wood, “Self-Checking Codes—An Application of Modular Arithmetic,” Mathematics Teacher, 80 (1987), 312–316.
- 404. 6 Systems of Linear Congruences Time as he grows old teaches many lessons. — AESCHYLUS e have studied linear congruences and seen how to solve such congru- Wences when they are solvable. We now turn to solving a set of two or more linear congruences in the same number of variables. Such a set is called a system of linear congruences. To begin with, we shall study systems of linear congruences in a single variable x with pairwise relatively prime moduli. We then turn to systems in x with moduli that are not necessarily relatively prime, and finally to systems in two variables x and y with the same modulus. 6.1 The Chinese Remainder Theorem Systems of linear congruences in a single variable were known in ancient China, India, and Greece; originally, they were used by astronomers for calendar making. The following puzzle, for example, is due to the Chinese mathematician Sun-Tsu, and appears in Master Sun’s Mathematical Manual, written between 287 A.D. and 473 A.D.: Find a number that leaves a remainder of 1 when divided by 3, a remainder of 2 when divided by 5, and a remainder of 3 when divided by 7. Using the congruence language, the riddle is to find an integer x such that x ≡ 1 (mod 3), x ≡ 2 (mod5), and x ≡ 3 (mod7). 295
- 405. 296 CHAPTER 6 Systems of Linear Congruences A solution of a linear system is a number that satisfies every member of the system. For example, since 52 ≡ 1 (mod3), 52 ≡ 2 (mod5), and 52 ≡ 3 (mod7), 52 is a solution of the above Chinese riddle; so are −53 and 157; in fact, the system has infinitely many solutions (see Example 6.1). You may verify that 22 is not a solution of the system. A straightforward method for solving such a linear system is iteration: succes- sive substitution for x until the last congruence is used, as the following example demonstrates. EXAMPLE 6.1 Solve Sun-Tsu’s puzzle by iteration. SOLUTION We have x ≡ 1 (mod3), x ≡ 2 (mod5), and x ≡ 3 (mod7). Since x ≡ 1 (mod3), by Theorem 4.3, x = 1 + 3t1, where t1 is an arbitrary integer. Substitute for x in the second congruence x ≡ 2 (mod5): 1 + 3t1 ≡ 2 (mod5) 3t1 ≡ 1 (mod5) t1 ≡ 2 (mod5) That is, t1 = 2 + 5t2, with t2 being an arbitrary integer. Therefore, x = 1 + 3t1 = 1 + 3(2 + 5t2) = 7 + 15t2 Now substitute this value of x in the third congruence x ≡ 3 (mod7): 7 + 15t2 ≡ 3 (mod7) 15t2 ≡ 3 (mod7) t2 ≡ 3 (mod7) So t2 = 3 + 7t, with t being arbitrary. Therefore, x = 7 + 15t2 = 7 + 15(3 + 7t) = 52 + 105t Thus, any integer of the form x = 52 + 105t is a solution of the linear system; it is the general solution of the system. (Note: 105 = 3 · 5 · 7.)
- 406. 6.1 The Chinese Remainder Theorem 297 In this example, 52 is the unique solution to the puzzle modulo 105, where the moduli are pairwise relatively prime. The following theorem is called the Chinese Remainder Theorem (CRT) in honor of early contributions by Chinese mathemati- cians to the theory of congruences. It shows that every linear system in the same single variable with pairwise relatively prime moduli has a unique solution. Sun- Tsu’s puzzle is the earliest known instance of the CRT. A general method for solving such linear systems can be found in Mathematical Treatise in Nine Sections, written by Ch’in Chiu-Shao (1202–1261) in 1247. THEOREM 6.1 (The Chinese Remainder Theorem) The linear system of congruences x ≡ ai (modmi), where the moduli are pairwise relatively prime and 1 ≤ i ≤ k, has a unique solution modulo m1m2 ···mk. PROOF The proof consists of two parts. First, we will construct a solution and then show that it is unique modulo m1m2 ···mk. Let M = m1m2 ···mk and Mi = M/mi, 1 ≤ i ≤ k. Since the moduli are pairwise relatively prime, (Mi,mi) = 1 for every i. Also, Mi ≡ 0 (modmj) whenever i = j. To construct a solution to the linear system: Since (Mi, mi) = 1, by Corollary 4.6, the congruence Miyi ≡ 1 (modmi) has a unique solution yi. (yi is in fact the inverse of Mi modulo mi.) Let x = a1M1y1 + a2M2y2 + ··· + akMkyk. To show that x is a solution of the linear system, we have x = k i=1 i=j aiMiyi + ajMjyj ≡ i=j ai · 0 · yi + aj · 1 (modmj) ≡ 0 + aj (modmj) ≡ aj (modmj), 1 ≤ j ≤ k Thus, x satisfies every congruence in the system, so x is a solution of the linear system. To show that the solution is unique modulo M: Let x0 and x1 be two solutions of the system. We shall show that x0 ≡ x1 (modM). Since x0 ≡ aj (modmj) and x1 ≡ aj (modmj) for 1 ≤ j ≤ k, x1 −x0 ≡ 0 (modmj); that is, mj|(x1 − x0) for every j. By Corollary 3.12, [m1,m2,...,mk]|(x1 − x0). But, by Corollary 3.11, [m1,m2,...,mk] = M. Therefore, M|(x1 − x0), so x1 − x0 ≡
- 407. 298 CHAPTER 6 Systems of Linear Congruences 0 (modM); that is, x1 ≡ x0 (modM). Thus, any two solutions of the linear system are congruent modulo M, so the solution is unique modulo M. The following examples illustrate this theorem. EXAMPLE 6.2 Using the CRT, solve Sun-Tsu’s puzzle: x ≡ 1 (mod3), x ≡ 2 (mod5), and x ≡ 3 (mod7) SOLUTION Since the moduli m1 = 3, m2 = 5, and m3 = 7 are pairwise relatively prime, by the CRT, the linear system has a unique solution. To find it, first we find the M1, M2, M3, y1, y2, and y3 in the proof of the theorem. To find M1, M2, and M3: M1 = M m1 = 3 · 5 · 7 3 = 35 M2 = M m2 = 3 · 5 · 7 5 = 21 M3 = M m3 = 3 · 5 · 7 7 = 15 To find y1, y2, and y3: y1 is the solution of the congruence M1y1 ≡ 1 (modm1); that is, 35y1 ≡ 1 (mod3) (−1)y1 ≡ 1 (mod3) y1 ≡ 2 (mod3) Similarly, M2y2 ≡ 1 (modm2) implies 21y2 ≡ 1 (mod5) y2 ≡ 1 (mod5) Finally, M3y3 ≡ 1 (modm3) yields 15y3 ≡ 1 (mod7) y3 ≡ 1 (mod7)
- 408. 6.1 The Chinese Remainder Theorem 299 Thus, by the CRT, x ≡ 3 i=1 aiMiyi (modM) ≡ 1 · 35 · 2 + 2 · 21 · 1 + 3 · 15 · 1 (mod105) ≡ 52 (mod105) Therefore, 52 is the unique solution of the linear system modulo 105. Thus, the general solution is x = 52 + 105t. The following example also demonstrates the CRT, but we leave the details for you to fill in, so follow the steps carefully. EXAMPLE 6.3 Solve the linear system x ≡ 1 (mod3), x ≡ 2 (mod4), and x ≡ 3 (mod5) SOLUTION Here M = 3 · 4 · 5 = 60, M1 = M/3 = 20, M2 = M/4 = 15, and M3 = M/5 = 12. The unique solutions of the congruences M1y1 ≡ 1 (modm1), M2y2 ≡ 1 (modm2), and M3y3 ≡ 1 (modm3), that is, 20y1 ≡ 1 (mod3), 15y2 ≡ 1 (mod4), and 12y3 ≡ 1 (mod5) are 2, 3, and 3, respectively. Thus, by the CRT, x ≡ 3 i=1 aiMiyi (modM) ≡ 1 · 20 · 2 + 2 · 15 · 3 + 3 · 12 · 3 (mod60) ≡ 58 (mod60) We close this section with the following example, which presents an interesting application of the CRT. EXAMPLE 6.4 The largest integer the scientific calculator Casio fx 330A can handle is the eight- digit number 99,999,999. Compute the exact value of 231 using this calculator and the CRT. SOLUTION To compute the value of x = 231, we select k pairwise relatively prime numbers m1,m2,...,mk, where M = m1m2 ···mk x, and then compute the least residue r
- 409. 300 CHAPTER 6 Systems of Linear Congruences of x modulo M. Since x ≡ r (modM) and 0 r M, r would be the exact value of x. The largest power of 2 the eight-digit calculator can handle is 226 = 67,108,864, whereas 231 ≈ 2.1474836 × 109. So we select four pairwise relatively prime num- bers m1 = 300, m2 = 301, m3 = 307, and m4 = 311 such that M = m1m2m3m4 = 300 · 301 · 307 · 311 x; to check this, we have M 34 × 108 = 81 × 108 8 × 109 so M x. (We do not need to know the exact value of M.) Notice that 210 = 1024 ≡ 124 (mod300) ≡ 121 (mod301) ≡ 103 (mod307) ≡ 91 (mod311) Since 231 = 2 · 210 · 210 · 210, 231 ≡ 2 · 124 · 124 · 124 (mod300) ≡ −52 (mod300) Similarly, 231 ≡ 51 (mod301), 231 ≡ 228 (mod307), and 231 ≡ 36 (mod311). (Ver- ify these.) Thus, x = 231 satisfies the linear system: x ≡ −52 (mod300) x ≡ 51 (mod301) x ≡ 228 (mod307) x ≡ 36 (mod311) To apply the CRT, we have M1 = M/m1 = 301 · 307 · 311, M2 = M/m2 = 300 · 307 · 311 M3 = M/m3 = 300 · 301 · 311, and M4 = M/m4 = 300 · 301 · 307
- 410. 6.1 The Chinese Remainder Theorem 301 To find the values of y1,y2,y3, and y4 in the CRT: The congruence M1y1 ≡ 1 (modm1) yields 301 · 307 · 311y1 ≡ 1 (mod300) 1 · 7 · 11y1 ≡ 1 (mod300) 77y1 ≡ 1 (mod300) y1 ≡ 113 (mod300) The congruence M2y2 ≡ 1 (modm2) yields 300 · 307 · 311y2 ≡ 1 (mod301) (−1) · 6 · 10y2 ≡ 1 (mod301) 60y2 ≡ −1 (mod301) y2 ≡ 5 (mod301) Similarly, y3 ≡ 53 (mod307) and y4 ≡ 135 (mod311) (verify these). Therefore, by the CRT, x ≡ a1M1y1 + a2M2y2 + a3M3y3 + a4M4y4 (modM) ≡ (−52) · 301 · 307 · 311 · 113 + 51 · 300 · 307 · 311 · 5 + 228 · 300 · 301 · 311 · 53 + 36 · 300 · 301 · 307 · 135 (modM) Each individual term in this sum contains 12 digits, so we reduce each modulo M as follows. (−52) · 113 ≡ 124 (mod300) (−52) · 301 · 307 · 311 · 113 ≡ 124 · 301 · 307 · 311 (modM) 51 · 5 ≡ −46 (mod301) 51 · 300 · 307 · 311 · 5 ≡ −46 · 300 · 307 · 311 (modM) Similarly, 228 · 300 · 301 · 311 · 53 ≡ 111 · 300 · 301 · 311 (modM) and 36 · 300 · 301 · 307 · 135 ≡ −116 · 300 · 301 · 307 (modM)
- 411. 302 CHAPTER 6 Systems of Linear Congruences Therefore, x ≡ 124 · 301 · 307 · 311 − 46 · 300 · 307 · 311 + 111 · 300 · 301 · 311 − 116 · 300 · 301 · 307 (modM) ≡ (124 · 301 − 46 · 300) · 307 · 311 + (111 · 311 − 116 · 307) · 300 · 301 (modM) ≡ 23524 · 307 · 311 − 1091 · 300 · 301 (modM) ≡ 23000 · 307 · 311 + 524 · 307 · 311 − 1091 · 300 · 301 (modM) ≡ 2,195,971,000 + 50,029,948 − 98,517,300 (modM) ≡ 2,147,483,648 (modM) Thus, 231 = 2,147,483,648. (Fortunately, a calculator such as the TI-86 will find this answer in seconds. Nevertheless, the solution exemplifies the power of the CRT.) E X E R C I S E S 6.1 Determine whether the given number is a solution of the corresponding system of linear congruences. 1. 52; x ≡ 2 (mod5) 2. 43; x ≡ 1 (mod2) x ≡ 3 (mod7) x ≡ 2 (mod3) x ≡ 3 (mod5) 3. 14; x ≡ 2 (mod3) 4. 67; x ≡ 1 (mod3) x ≡ 4 (mod5) x ≡ 5 (mod4) x ≡ 5 (mod7) x ≡ 4 (mod7) x ≡ 7 (mod11) Solve the following linear systems using iteration. 5. x ≡ 2 (mod5) 6. x ≡ 3 (mod4) x ≡ 3 (mod7) x ≡ 5 (mod9) 7. x ≡ 1 (mod2) 8. x ≡ 2 (mod3) x ≡ 2 (mod3) x ≡ 4 (mod5) x ≡ 3 (mod5) x ≡ 5 (mod7) 9. x ≡ 1 (mod3) 10. x ≡ 2 (mod4) x ≡ 3 (mod4) x ≡ 3 (mod5) x ≡ 4 (mod7) x ≡ 4 (mod9) x ≡ 7 (mod11) x ≡ 5 (mod13) 11–16. Using the CRT, solve the linear systems in Exer- cises 5–10. Show that the following linear systems are not solvable. 17. x ≡ 2 (mod4) 18. x ≡ 3 (mod4) x ≡ 3 (mod6) x ≡ 4 (mod5) x ≡ 4 (mod6) Find the least positive integer that leaves 19. The remainder 3 when divided by 7, 4 when divided by 9, and 8 when divided by 11. 20. The remainder 2 when divided by 5, 4 when divided by 6, and 5 when divided by 11, and 6 when divided by 13. 21. Find the least positive multiple of 7 that leaves the re- mainder 2 when divided by 5, 3 when divided by 6, and 5 when divided by 11. 22. Find the least positive multiple of 12 that leaves the remainder 4 when divided by 8, 6 when divided by 9, and 8 when divided by 14. 23. Find the smallest positive integer n such that 2|n, 3|n + 1, 5|n + 2, 7|n + 3, and 11|n + 4. 24. Find the smallest integer 10000 such that 3|n, 4|n + 3, 5|n + 4, 7|n + 5, and 11|n + 7. 25. Find the smallest positive integer n such that 32|n, 42|n + 1, and 52|n + 2.
- 412. 6.2 General Linear Systems (optional) 303 26. A child has some marbles in a box. If the marbles are grouped in sevens, there will be five left over; if they are grouped in elevens, there will be six left over; if they are grouped in thirteens, eight will be left over. Determine the least number of marbles in the box. 27. Find the largest integer 6000 that leaves the re- mainders 0, 2, 3, and 5 when divided by 3, 5, 7, and 13, respectively. 28. Find the largest integer 4000 that leaves the re- mainders 1, 2, 3, and 4 when divided by 5, 6, 7, and 11, respectively. 29. Find the smallest positive integer n, if it exists, such that 23|n, 33|n + 1, and 43|n + 2. 30. Find the smallest positive integer n such that 33|n and 53|n + 1. 6.2 General Linear Systems (optional) The proof of the CRT establishes a solution to a linear system with pairwise rela- tively prime moduli and shows the solution is unique. It does not, however, indicate anything about a system where the moduli are not necessarily pairwise relatively prime. We will establish a necessary and sufficient condition for such a system to be solvable. We begin with the following theorem for a system consisting of two linear con- gruences. THEOREM 6.2 The linear system x ≡ a (modm) x ≡ b (modn) is solvable if and only if (m, n)|(a − b). When it is solvable, the solution is unique modulo [m,n]. PROOF The proof consists of two parts. We will show that the linear system is solvable if and only if (m,n)|(a − b); and when the system is solvable, the solution is unique modulo [m,n]. • To show that the linear system is solvable if and only if (m,n)|(a − b): Suppose x0 is a solution of the linear system. Then x0 ≡ a (modm) and x0 ≡ b (modn). The first congruence implies x0 = a + km for some integer k. So, a + km ≡ b (modn); that is, mk ≡ b − a (modn). This congruence, by Theorem 4.9, has a solution (for k) if and only if (m,n)|(b−a); that is, if and only if (m,n)|(a−b).
- 413. 304 CHAPTER 6 Systems of Linear Congruences • To show that the linear system has a unique solution when the system is solv- able: Suppose (m,n)|(a−b) and x0 is a solution of the linear system. Let x1 be an arbitrary solution of the system. We will show that x1 ≡ x0 (mod[m,n]). Because x1 and x0 are solutions of the linear system, x1 ≡ a (modm), x1 ≡ b (modn), x0 ≡ a (modm), and x0 ≡ b (modn). Therefore, by symmetry and transitivity, x1 ≡ x0 (modm) and x1 ≡ x0 (modn). Then m|(x1 − x0) and n|(x1 − x0), so by Corollary 3.11, [m,n]|(x1 − x0); that is, x1 ≡ x0 (mod[m,n]). Thus, every solution is congruent to x0 mod[m,n]; that is, the solution is unique modulo [m,n]. Unlike the CRT, this theorem does not supply a formula for the solution to the system. However, if we can find one solution x0, then the general solution is x = x0 + [m,n]t, with t being an arbitrary integer. The following example illustrates the theorem. EXAMPLE 6.5 Determine whether the following linear systems are solvable. 1. x ≡ 3 (mod6) 2. x ≡ 7 (mod9) x ≡ 5 (mod8) x ≡ 11 (mod12) SOLUTION 1. Since (6,8) = 2 and 2|(3 − 5), the first linear system has a solution. 2. We have (9,12) = 3, but 3 (7 − 11), so the second system is not solvable. The following example illustrates once again how we can employ iteration to solve linear systems of congruences. EXAMPLE 6.6 Solve the linear system x ≡ 3 (mod6) x ≡ 5 (mod8) SOLUTION By the preceding example, the system has a unique solution. Because x ≡ 3 (mod6), x = 3 + 6t, with t being an arbitrary integer. Now substitute for x in the second
- 414. 6.2 General Linear Systems (optional) 305 congruence: 3 + 6t ≡ 5 (mod8) 6t ≡ 2 (mod8) Dividing both sides by 2, using Theorem 4.9, 3t ≡ 1 (mod4) t ≡ 3 (mod4) so t = 3 + 4t, with t being an arbitrary integer. Then x = 3 + 6(3 + 4t) = 21 + 24t. Thus, x = 21 is the unique solution modulo [6,8] = 24. Theorem 6.2 can be generalized to any system of linear congruences, as the following theorem shows. We leave its proof as an exercise. THEOREM 6.3 The linear system x ≡ ai (modmi) is solvable if and only if (mi,mj)|(ai − aj) for every i and j, where 1 ≤ i j ≤ k. When it is solvable, the solution is unique modulo [m1,m2,...,mk]. The following two examples demonstrate this theorem. EXAMPLE 6.7 Determine whether the following linear systems are solvable: 1. x ≡ 4 (mod6) 2. x ≡ 3 (mod4) x ≡ 2 (mod8) x ≡ 5 (mod9) x ≡ 1 (mod9) x ≡ 7 (mod12) SOLUTION 1. Since (6,8)|(4 − 2), (8,9)|(2 − 1), and (6,9)|(4 − 1), the first linear system has a solution. 2. For the second congruence, (4,9)|(3−5), and (9,12)|(5−8), but (4,12) = 4 and 4 (3 − 8); so the second system is not solvable. The following example shows how to solve a linear system using iteration. EXAMPLE 6.8 Solve the linear system (1) in Example 6.7. SOLUTION By the preceding example, we know the system has a unique solution. To find it, the first congruence implies x = 4 + 6w, with w being arbitrary.
- 415. 306 CHAPTER 6 Systems of Linear Congruences Now substitute for x in the second congruence: 4 + 6w ≡ 2 (mod8) 6w ≡ −2 (mod8) 3w ≡ −1 (mod4), by Theorem 4.7 w ≡ 1 (mod4) that is, w = 1 + 4v, so x = 4 + 6w = 10 + 24v. Substitute for x in the third congruence: 10 + 24v ≡ 1 (mod9) 6v ≡ 0 (mod9) 2v ≡ 0 (mod3) v ≡ 0 (mod3) that is, v = 3t. Therefore, x = 10 + 24v = 10 + 72t, where 72 = [6,8,9]. So the unique solution is 10 modulo 72. Suppose the moduli of the linear system in Theorem 6.3 are pairwise relatively prime. Then (mi,mj) = 1 for every pair of i and j, so (mi,mj)|(ai −aj) for i = j. Thus, the system is solvable; further, since [m1,m2,...,mk] = m1m2 ···mk, the solution is unique modulo m1m2 ···mk. Thus, the CRT follows from Theorem 6.3 in the form of the following corollary. COROLLARY 6.1 (The Chinese Remainder Theorem) The linear system x ≡ ai (modmi), where 1 ≤ i ≤ k and the moduli are pairwise relatively prime, is solvable and has a unique solution modulo m1m2 ···mk. E X E R C I S E S 6.2 Determine whether each linear system is solvable. 1. x ≡ 2 (mod10) 2. x ≡ 5 (mod9) x ≡ 7 (mod15) x ≡ 8 (mod12) 3. x ≡ 4 (mod9) 4. x ≡ 7 (mod8) x ≡ 10 (mod12) x ≡ 3 (mod10) x ≡ −2 (mod18) x ≡ 2 (mod 15) Check whether the given value is a solution of the corre- sponding linear system. 5. 22 + 30t; x ≡ 2 (mod10) x ≡ 7 (mod15) 6. 7 + 24t; x ≡ −1 (mod8) x ≡ 7 (mod12)
- 416. 6.3 2 × 2 Linear Systems (optional) 307 7. 426; x ≡ 2 (mod8) x ≡ 3 (mod9) x ≡ 6 (mod10) 8. 170; x ≡ 3 (mod12) x ≡ 6 (mod15) x ≡ 11 (mod20) Using the given solution, find the general solution of each linear system. 9. 66; x ≡ 2 (mod8) x ≡ 3 (mod9) x ≡ 6 (mod10) 10. 51; x ≡ 3 (mod12) x ≡ 6 (mod15) x ≡ 11 (mod20) Solve each linear system using iteration. 11. x ≡ 10 (mod12) 12. x ≡ 17 (mod20) x ≡ 4 (mod15) x ≡ 5 (mod28) 13. x ≡ 1 (mod10) 14. x ≡ 7 (mod12) x ≡ 5 (mod12) x ≡ 7 (mod15) x ≡ −4 (mod15) x ≡ 7 (mod18) 15. x ≡ 2 (mod6) 16. x ≡ 2 (mod6) x ≡ 5 (mod9) x ≡ 5 (mod7) x ≡ 8 (mod11) x ≡ 6 (mod8) x ≡ 11 (mod15) x ≡ 8 (mod9) 17. Assuming the linear system x ≡ a (modmi), where 1 ≤ i ≤ k, is solvable, find a formula for its general solution. 18. A piggy bank contains no more than 300 coins. When the coins are grouped in stacks of sixes, three coins are left; when they are grouped in eights, five are left; when they are grouped in twelves, nine are left. Find the maximum number of coins possible in the piggy bank. 19. A person has more than 500 fruits. If they are arranged in piles of 12, 16, and 18, then 5, 9, and 11 fruits are left over. Find the least number of fruits he has. 20. Find the smallest integer n ≥ 3 such that 2|n,3|n + 1, 4|n + 2, 5|n + 3, and 6|n + 4. 21. Find the smallest integer n ≥ 4 such that 3|n, 4|n + 1, 5|n + 2, 6|n + 3, and 7|n + 4. 22. Find an integer n, if it exists, such that 22|n, 32|n+1, and 42|n + 2. 23. When eggs in a basket are removed 2, 3, 4, 5, or 6 at a time, there remain 1, 2, 3, 4, and 5 eggs, respectively. However, when 7 eggs are removed at a time, no eggs are left. Find the least number of eggs that could have been in the basket.† 24. Determine if there is an integer n such that 22|n, 32|n + 1, 42|n + 2, and 52|n + 3. 25. Find the smallest integer n such that 32|n, 42|n + 1, 52|n + 2, and 72|n + 3. † This problem was proposed by Brahmagupta (ca. 628), the most prominent Indian mathematician of the seventh century. 6.3 2 × 2 Linear Systems (optional) In the two preceding sections, we demonstrated in detail how to solve systems of linear congruences involving a single variable. Now we turn to systems of two linear congruences in two variables with the same modulus m. Such a linear system is a 2 × 2 linear system.
- 417. 308 CHAPTER 6 Systems of Linear Congruences 2 × 2 Linear Systems A 2 × 2 linear system is a system of linear congruences of the form ax + by ≡ e (modm) cx + dy ≡ f (modm) A solution of the linear system is a pair x ≡ x0 (modm), y ≡ y0 (modm) that satisfies both congruences. EXAMPLE 6.9 Show that x ≡ 12 (mod13) and y ≡ 2 (mod13) is a solution of the 2×2 linear system 2x + 3y ≡ 4 (mod13) 3x + 4y ≡ 5 (mod13) SOLUTION When x ≡ 12 (mod13) and y ≡ 2 (mod13), 2x + 3y ≡ 2(12) + 3(2) ≡ 4 (mod13) 3x + 4y ≡ 3(12) + 4(2) ≡ 5 (mod13) Therefore, every pair x ≡ 12 (mod13), y ≡ 2 (mod13) is a solution of the system. (The general solution of the system is x = 12 + 13t, y = 2 + 13t, with t being an arbitrary integer.) We will now study two methods for solving 2 × 2 linear systems. One is the method of elimination and the other is a rule that resembles the well-known Cramer’s rule for solving linear systems of equations. The following example illustrates the method of elimination, which involves eliminating one of the variables and solving the resulting linear congruences. EXAMPLE 6.10 Using the method of elimination, solve the linear system 2x + 3y ≡ 4 (mod13) (6.1) 3x + 4y ≡ 5 (mod13) (6.2)
- 418. 6.3 2 × 2 Linear Systems (optional) 309 SOLUTION To eliminate y, multiply congruence (6.1) by 4 and congruence (6.2) by 3: 8x + 12y ≡ 3 (mod13) 9x + 12y ≡ 2 (mod13) Subtracting, −x ≡ 1 (mod13) x ≡ 12 (mod13) To find y, substitute for x in congruence (6.1): 2 · 12 + 3y ≡ 4 (mod13) 3y ≡ −7 (mod13) y ≡ 2 (mod13) Thus, the solution is given by x ≡ 12 (mod13), y ≡ 2 (mod13). (Notice that this agrees with Example 6.9.) The following theorem provides a necessary and sufficient condition for a 2 × 2 linear system to have a unique solution. THEOREM 6.4 The linear system ax + by ≡ e (modm) cx + dy ≡ f (modm) has a unique solution if and only if (,m) = 1, where ≡ ad − bc (modm). PROOF Suppose the system has a solution x ≡ x0 (modm) and y ≡ y0 (modm): ax0 + by0 ≡ e (modm) (6.3) cx0 + dy0 ≡ f (modm) (6.4) Multiply congruence (6.3) by d and congruence (6.4) by b: adx0 + bdy0 ≡ ed (modm) bcx0 + bdy0 ≡ bf (modm)
- 419. 310 CHAPTER 6 Systems of Linear Congruences Subtracting, (ad − bc)x0 ≡ (ed − bf) (modm) By Corollary 4.6, x0 has a unique value modulo m if and only if (,m) = 1. Simi- larly, y0 has a unique value modulo m if and only if (,m) = 1. Thus, the system has a unique solution modulo m if and only if (,m) = 1. The following example demonstrates this theorem. EXAMPLE 6.11 Verify that the linear system 2x + 3y ≡ 4 (mod13) 3x + 4y ≡ 5 (mod13) has a unique solution modulo 13. SOLUTION By Theorem 6.4, all we need to check is whether (,13) = 1 for the linear system: ≡ ad −bc ≡ 2·4−3·3 ≡ −1 ≡ 12 (mod13). Since (12,13) = 1, by Theorem 6.4, the system has a unique solution modulo 13. Although Theorem 6.4 can be used to determine whether a system has a unique solution, it does not furnish us with the solution when it is solvable. However, the following theorem does. THEOREM 6.5 When the linear system ax + by ≡ e (modm) cx + dy ≡ f (modm) has a unique solution modulo m, it is given by x0 ≡ −1(ed − bf) (modm) and y0 ≡ −1(af − ce) (modm), where ≡ ad − bc (modm) and −1 is an inverse of modulo m. PROOF By Theorem 6.4, since the system has a unique solution modulo m,(,m) = 1; so, by Corollary 4.6, is invertible.
- 420. 6.3 2 × 2 Linear Systems (optional) 311 Because the linear system has a unique solution, it suffices to show that x0,y0 satisfies the system: ax0 + by0 ≡ a−1 (de − bf) + b−1 (af − ce) (modm) ≡ (ad − bc)−1 e + −1 (abf − abf) (modm) ≡ −1 e + 0 (modm) ≡ e (modm), since −1 ≡ 1 (modm) Also, cx0 + dy0 ≡ c−1 (de − bf) + d−1 (af − ce) (modm) ≡ (ad − bc)−1 f + −1 (cde − cde) (modm) ≡ −1 f + 0 (modm) ≡ f (modm), because −1 ≡ 1 (modm) Thus, x ≡ x0 (modm), y ≡ y0 (modm) is the unique solution of the linear system. The formulas for x0 (modm) and y0 (modm) closely resemble those for x and y in Cramer’s rule for a linear system of equations. To see this, we can rewrite the values of , x0, and y0 in terms of determinants: ≡ ad − bc ≡ a b c d (modm) x0 ≡ −1 (ed − bf) ≡ −1 e b f d (modm) y0 ≡ −1 (af − ce) ≡ −1 a e c f (modm) The following example illustrates Theorem 6.5. EXAMPLE 6.12 Solve the linear system 3x + 13y ≡ 8 (mod55) 5x + 21y ≡ 34 (mod55) SOLUTION First notice that ≡ 3 · 21 − 13 · 5 ≡ 53 (mod55) and (53,55) = 1, so the system has a unique solution modulo 55. Also, −1 ≡ 27 (mod55). Therefore,
- 421. 312 CHAPTER 6 Systems of Linear Congruences x0 ≡ −1 (de − bf) ≡ 27(21 · 8 − 13 · 34) ≡ 27 (mod55) y0 ≡ −1 (af − ce) ≡ 27(3 · 34 − 5 · 8) ≡ 24 (mod55) Thus, x ≡ 27 (mod55) and y ≡ 24 (mod55) is the unique solution to the given sys- tem. Note that the techniques employed to solve linear systems of equations using matrices and determinants can be adapted nicely to solve higher order linear systems of congruences. Some are explored in the following exercises. E X E R C I S E S 6.3 Determine whether each linear system is solvable. 1. 3x + 4y ≡ 5 (mod7) 4x + 5y ≡ 6 (mod7) 2. 4x + 5y ≡ 5 (mod8) 3x − 6y ≡ 3 (mod8) 3. 5x + 6y ≡ 10 (mod13) 6x − 7y ≡ 2 (mod13) 4. 7x + 8y ≡ 10 (mod15) 5x − 9y ≡ 10 (mod15) 5. x + 3y ≡ 3 (mod11) 5x + y ≡ 5 (mod11) 6. 6x − 7y ≡ 15 (mod17) 11x − 9y ≡ 13 (mod17) Solve the following linear systems using elimination. 7. 3x + 4y ≡ 5 (mod7) 4x + 5y ≡ 6 (mod7) 8. 4x + 5y ≡ 5 (mod8) 3x − 6y ≡ 3 (mod8) 9. 5x + 6y ≡ 10 (mod13) 6x − 7y ≡ 2 (mod13) 10. 7x + 8y ≡ 11 (mod15) 5x − 9y ≡ 10 (mod15) 11. x + 3y ≡ 3 (mod11) 5x + y ≡ 5 (mod11) 12. 6x + 11y ≡ 9 (mod16) 7x + 8y ≡ 9 (mod16) 13–18. Solve the linear systems in Exercises 7–12 using Theorem 6.5. Solve each linear system using Theorem 6.5. 19. 5x + 11y ≡ 8 (mod13) 11x + 5y ≡ 9 (mod13) 20. 4x − 6y ≡ 2 (mod14) 7x + 11y ≡ 11 (mod14) 21. 7x − 11y ≡ 12 (mod18) 11x − 12y ≡ 2 (mod18) Solve each 3 × 3 linear system using elimination. 22. x + y + z ≡ 6 (mod7) x + 2y + 3z ≡ 6 (mod7) 2x + 3y + 4z ≡ 5 (mod7) 23. x − 2y − z ≡ 6 (mod11) 2x + 3y + z ≡ 5 (mod11) 3x + y + 2z ≡ 2 (mod11) The 3 × 3 linear system a1x + b1y + c1z ≡ d1 (modm) a2x + b2y + c2z ≡ d2 (modm) (6.5) a3x + b3y + c3z ≡ d3 (modm)
- 422. Chapter Summary 313 has a unique solution modulo m if and only if (,m) = 1, where ≡ a1 b1 c1 a2 b2 c2 a3 b3 c3 (modm) Using this fact, determine whether each system has a unique solution. 24. x + y + z ≡ 6 (mod7) x + 2y + 3z ≡ 6 (mod7) 2x + 3y + 4z ≡ 5 (mod7) 25. x − 2y − z ≡ 6 (mod11) 2x + 3y + z ≡ 5 (mod11) 3x + y + 2z ≡ 2 (mod11) 26. x − y + 2z ≡ 7 (mod8) 2x + y − z ≡ 7 (mod8) 3x + 2y + z ≡ 2 (mod8) 27. 2x − 3y + z ≡ 12 (mod13) x + 2y − z ≡ 6 (mod13) 3x − y + 2z ≡ 2 (mod13) 28–31. When the linear system (6.5) has a unique solu- tion, it is given by x ≡ −1 d1 b1 c1 d2 b2 c2 d3 b3 c3 (modm) y ≡ −1 a1 d1 c1 a2 d2 c2 a3 d3 c3 (modm) z ≡ −1 a1 b1 d1 a2 b2 d2 a3 b3 d3 (modm) Using this result, solve linear systems in Exer- cises 24–27. X CHAPTER SUMMARY We have established the solvability of systems of linear congruences x ≡ ai (modmi), where 1 ≤ i ≤ k and the moduli mi are pairwise relatively prime. Also, we have shown that the solution is unique modulo m1m2 ···mk. We have obtained necessary and sufficient conditions for the solvability of such systems when the moduli are not necessarily pairwise relatively prime and have proved that the solution is unique modulo [m1,m2,...,mk]. We have solved linear systems in a single variable using iteration and the CRT, and 2 × 2 linear systems using elimination and determinants. The Chinese Remainder Theorem • The linear system x ≡ ai (modmi), where 1 ≤ i ≤ k and the moduli are pair- wise relatively prime, has a unique solution modulo m1m2 ···mk. (p. 297) • The solution of the linear system is given by x ≡ a1M1y1 + a2M2y2 + ··· + akMkyk (modM), where M = m1m2 ···mk, Mi = M/mi, and yi is an inverse of Mi modulo mi. (p. 297)
- 423. 314 CHAPTER 6 Systems of Linear Congruences • The linear system x ≡ ai (modmi) is solvable if and only if (mi, mj)|(ai − aj) for every i and j, where 1 ≤ i j ≤ k; when it is solvable, the system has a unique solution modulo [m1,m2,...,mk]. (p. 305) 2 × 2 Linear Systems • The 2 × 2 linear system ax + by ≡ e (modm) cx + dy ≡ f (modm) has a unique solution modulo m if and only if (,m) = 1, where ≡ ad − bc (modm). (p. 309) • The solution is given by x0 ≡ −1(de − bf) (modm), y0 ≡ −1(af − ce) (modm), where −1 denotes an inverse of modulo m. (p. 310) X REVIEW EXERCISES Solve each linear system using iteration. 1. x ≡ 3 (mod7) x ≡ 5 (mod10) 2. x ≡ 6 (mod8) x ≡ −2 (mod12) 3. x ≡ 2 (mod5) x ≡ 3 (mod7) x ≡ 5 (mod8) 4. x ≡ 4 (mod6) x ≡ −2 (mod10) x ≡ −2 (mod15) Using the CRT, solve each linear system. 5. x ≡ 3 (mod7) x ≡ 5 (mod10) 6. x ≡ 5 (mod9) x ≡ 8 (mod16) 7. x ≡ 2 (mod5) x ≡ 3 (mod7) x ≡ 5 (mod8) 8. x ≡ 3 (mod5) x ≡ 5 (mod7) x ≡ 8 (mod12) Find the smallest positive integer that leaves 9. The remainders 8, 7, and 11 when divided by 7, 11, and 15, respectively. 10. The remainders 8, 5, and 14 when divided by 11, 12, and 15, respectively. Find the largest integer 15,000 that leaves: 11. The remainders 2, 5, 0, and 1 when divided by 5, 11, 12, and 13, respectively. 12. The remainders 3, 7, 9, and 11 when divided by 8, 12, 14, and 17, respectively.
- 424. Review Exercises 315 13. Find the smallest positive integer n such that 3|n, 4|n + 1, 5|n + 2, 7|n + 3, and 11|n + 4. 14. Find the smallest positive integer n such that 22|n, 32|n + 2, 52|n + 3, and 112|n + 5. 15. A jar contains at least 300 pennies. If they are grouped in fives, sixes, sevens, and elevens, there will be three, five, four, and eight pennies left over. Find the least possible number of coins in the jar. 16. A fruit basket contains not more than 3000 plums. When they are grouped in piles of sixes, nines, elevens, and fifteens, there will be two, eight, seven, and fourteen plums left over, respectively. Find the maximum possible number of plums in the basket. Determine whether each linear system is solvable. 17. 5x + 7y ≡ 3 (mod9) 6x + 5y ≡ 4 (mod9) 18. 6x + 5y ≡ 7 (mod12) 3x + 11y ≡ 8 (mod12) 19. 8x + 11y ≡ 5 (mod13) 7x + 9y ≡ 10 (mod13) 20. 3x + 8y ≡ 11 (mod15) 7x + 12y ≡ 13 (mod15) Solve each linear system using elimination. 21. 5x + 7y ≡ 3 (mod9) 6x + 5y ≡ 4 (mod9) 22. 8x + 11y ≡ 5 (mod13) 7x + 9y ≡ 10 (mod13) 23. 8x + 5y ≡ 4 (mod15) 3x + 11y ≡ 7 (mod15) 24. x + y − z ≡ 8 (mod11) x − y + z ≡ 5 (mod11) x − y − z ≡ 10 (mod11) 25. x − y − z ≡ 5 (mod17) x + 2y + z ≡ 2 (mod17) 2x − 3y − z ≡ 0 (mod17) 26. x + 2y − 3z ≡ 3 (mod19) 2x − y + 4z ≡ 10 (mod19) 3x + 4y + 5z ≡ 9 (mod19) 27–32. Using determinants, solve the linear systems in Exercises 21–26. 33. An apartment complex contains one- and two-bedroom apartments. They are rented for $675 and $975 a month, respectively. If all apartments are rented, the total monthly revenue would leave a remainder of $54 when it is divided by 101. But if the rents are lowered by $100 apiece, and if all apartments are rented, then the total monthly revenue would leave a remainder of $53 when it is divided by 101. Find the number of one- and two-bedroom apartments if the total income does not exceed $100,000. 34. Judy bought some 29-cent and 35-cent stamps. The total value of the stamps (in cents) leaves a remainder 1 when it is divided by 23. But when the stamps’ costs are increased by 10¢ each, the total value leaves a remainder of 6 when divided
- 425. 316 CHAPTER 6 Systems of Linear Congruences by 23. Find the number of 29-cent and 35-cent stamps she bought if the total cost is no more than $18. X SUPPLEMENTARY EXERCISES To do these exercises, you will need knowledge of matrices and the following defini- tions: Let A = (aij)k×l and B = (bij)k×l be two matrices with integral entries. Then A is congruent to B modulo m if aij ≡ bij (modm) for every i and j, and we then write A ≡ B (modm). For example, 8 −5 17 6 ≡ 2 1 −1 0 (mod6) The matrix A = (aij)n×n is the identity matrix of order n if aij = 1 when i = j and 0 otherwise; it is denoted by In or simply I. For instance, the identity matrix of order 2 is 1 0 0 1 A matrix A−1 is an inverse of matrix A modulo m if AA−1 ≡ I ≡ A−1A (modm). For example, let A = 2 3 4 5 Then A−1 ≡ 1 5 2 6 (mod7), because AA−1 ≡ 2 3 4 5 1 5 2 6 ≡ 1 0 0 1 ≡ I (mod7); similarly, A−1A ≡ I (mod7).
- 426. Supplementary Exercises 317 Verify that the given matrices are inverses of each other for the indicated modu- lus. 1. 3 5 4 7 , 7 6 7 3 ; m = 11 2. 6 8 −7 4 , 2 9 10 3 ; m = 13 The 2 × 2 linear system ax + by ≡ e (modm) cx + dy ≡ f (modm) can be written as the matrix congruence AX ≡ B (modm), where A = a b c d , X = x y , and B = e f Rewrite the following linear systems as matrix congruences. 3. 3x + 5y ≡ 7 (mod11) 4x + 7y ≡ 9 (mod11) 4. 6x + 8y ≡ 5 (mod13) −7x + 4y ≡ 8 (mod13) 5–6. The coefficient matrix A in the congruence AX ≡ B (modm) has an inverse A−1 modulo m if and only if (,m) = 1, where ≡ ad − bc (modm). Then X ≡ A−1B (modm). Using these facts, and Exercises 1 and 2, solve the linear systems in Exercises 3 and 4. 7. Let A = a b c d , where a, b, c, and d are integers. Let (,m) = 1, where ≡ ad − bc (modm). Prove that A−1 ≡ −1 d −b −c a (modm). Using Exercise 7, find an inverse of each matrix for the indicated modulus m. 8. 3 4 5 6 , m = 7 9. 5 8 3 7 , m = 13 10. 8 13 10 11 , m = 17 Solve each linear system using matrices. 11. 3x + 4y ≡ 2 (mod7) 5x + 6y ≡ 3 (mod7) 12. 5x + 8y ≡ 3 (mod13) 3x + 7y ≡ 5 (mod13) 13. 8x + 13y ≡ 9 (mod17) 10x + 11y ≡ 8 (mod17) 14. 4x + 7y ≡ 3 (mod16) 11x + 8y ≡ 7 (mod16)
- 427. 318 CHAPTER 6 Systems of Linear Congruences X COMPUTER EXERCISES Write a program to perform each task. 1. Solve Sun-Tsu’s puzzle using the CRT. 2. Find the smallest integer n ≥ 3 such that 2|n, 3|n + 1,4|n + 2,5|n + 3, and 6|n + 4. 3. Find the smallest integer n ≥ 4 such that 3|n, 4|n + 1,5|n + 2,6|n + 3, and 7|n + 4. 4. Find the smallest positive integer n such that 32|n, 42|n + 1, and 52|n + 2. 5. Find the smallest positive integer n such that 32|n, 42|n + 1, 52|n + 2, and 72|n + 3. Determine whether each linear system is solvable. 6. x ≡ 4 (mod6) x ≡ 2 (mod8) x ≡ 1 (mod9) 7. x ≡ 3 (mod4) x ≡ 5 (mod9) x ≡ 8 (mod12) Solve each linear system. 8. x ≡ 7 (mod12) x ≡ 7 (mod15) x ≡ 7 (mod18) 9. x ≡ 2 (mod6) x ≡ 5 (mod9) x ≡ 8 (mod11) x ≡ 11 (mod15) 10. x ≡ 2 (mod6) x ≡ 5 (mod7) x ≡ 6 (mod8) x ≡ 8 (mod9) 11. Let m1 = 400, m2 = 401, m3 = 403, M = m1m2m3, and Mi = M/mi, where 1 ≤ i ≤ 3. Solve each congruence Miyi ≡ 1 (modmi); give the least residue in each case. 12. Let m1 = 300, m2 = 301, m3 = 307, m4 = 311, M = m1m2m3m4, and Mi = M/mi, where 1 ≤ i ≤ 4. Solve each congruence Miyi ≡ 1 (modmi); give the least residue in each case. 13. Read in a 2 × 2 matrix with integral elements and a modulus m. Determine if it is invertible; if it is, find an inverse modulo m. 14. Read in a 2×2 linear system of congruences. Solve it using matrix congruences. 15. Read in a 3 × 3 matrix with integral elements and a modulus m. Determine if it is invertible. X ENRICHMENT READINGS 1. H. Eves, An Introduction to the History of Mathematics, 3rd ed., Holt, Rinehart and Winston, New York, 1969, 197–202.
- 428. Enrichment Readings 319 2. F. T. Howard, “A Generalized Chinese Remainder Theorem,” College Math. J., 33 (Sept. 2002), 279–282. 3. S. Kangsheng, “Historical Development of the Chinese Remainder Theorem,” Archive for History of Exact Sciences, 38 (1988), 285–305. 4. C. S. Ogilvy and J. T. Anderson, Excursions in Number Theory, Dover, New York, 1966. 5. O. Ore, Invitation to Number Theory, Math. Association of America, Washington, DC, 1967. 6. A. Rothbart, The Theory of Remainders, Janson Publications, Dedham, MA, 1995.
- 430. 7 Three Classical Milestones Euler calculated without effort, as men breathe, or as eagles sustain themselves in the wind. — FRANÇOIS ARAGO hree classical results—Wilson’s theorem, Fermat’s little theorem, and Euler’s Ttheorem—have played a significant role in the development of the theory of congruences. All three theorems illustrate the power of congruences and the congruence notation. We begin our discussion with Wilson’s theorem, which involves the factorial function. 7.1 Wilson’s Theorem In 1770, the English mathematician Edward Waring described in his Meditationes Algebraicae the following conjecture by John Wilson, one of his former students: “If p is a prime, then p|[(p − 1)! + 1].” Wilson is likely to have guessed this by using some pattern recognition. In any case, neither he nor Waring could furnish a proof of the result. Three years after the conjecture was announced, Lagrange provided the first proof. He observed that its converse is also true. Wilson, in fact, was not the first mathematician to discover the theorem, although it bears his name. There is evidence that the outstanding German mathematician 321
- 431. 322 CHAPTER 7 Three Classical Milestones Edward Waring (1734–1798) was born in Shrewsbury, England. Little is known about his early life. In 1753 he entered Magdalene College, Cambridge, where his mathematical talent blossomed. He graduated four years later, received his masters in 1760, and then became the sixth Lucasian professor of mathematics at Cambridge University, although some opposed his appointment because of his young age. His Miscellanea Analytics, published in 1762, silenced his critics and proved him a first-rate mathematician. He wrote five more treatises, the most im- portant of them being Meditationes Algebraicae. A fellow of the Royal Society, he received the Copley Medal in 1784. Not all his activities, however, were mathematical. Concurrent with the writ- ing of books, he pursued medicine and received his M.D. from Cambridge in 1767. He gave up his practice in 1770, but continued to serve as the Lucasian professor until his death. John Wilson (1741–1793) was born in Applethwaite, Westmoreland, England. After completing undergraduate work at Cambridge University and being a private tutor there for a brief period, he was called to the bar in 1766 and acquired considerable practice on the northern circuit. In 1786 he was elevated to the bench of the Court of Common Pleas. A fellow of the Royal Society, Wilson died in Kendal. Baron Gottfried Wilhelm Leibniz (1646–1716) knew it as early as 1682, although he did not publish it. Recall from Corollary 4.6 that the congruence ax ≡ 1 (mod m) has a unique so- lution if and only if (a,m) = 1. Further, the solution is an inverse a−1 of a modulo m. In particular, suppose the modulus is a prime p. Then positive least residues mod- ulo p, that is, integers 1 through p − 1, are invertible. For example, let p = 7. Then the positive least residues 1 through 6 are invertible: 1 · 1 ≡ 2 · 4 ≡ 3 · 5 ≡ 6 ≡ 6 ≡ 1 (mod 7). The following lemma shows that exactly two of them are self-invertible. LEMMA 7.1 A positive integer a is self-invertible modulo p if and only if a ≡ ±1 (mod p). PROOF Suppose a is self-invertible. Then a2 ≡ 1 (mod p); that is, p|(a2 − 1); so p|(a − 1)(a + 1). Then, by Lemma 3.3, p|a − 1 or p|a + 1; thus, either a ≡ 1 (mod p) or a ≡ −1 (mod p). Conversely, suppose a ≡ 1 (mod p) or a ≡ −1 (mod p). In either case, a2 ≡ 1 (mod p), so a is self-invertible modulo p.
- 432. 7.1 Wilson’s Theorem 323 It follows by this lemma that exactly two least residues modulo p are self- invertible; they are 1 and p − 1. Thus, the congruence x2 ≡ 1 (mod p) has exactly two solutions, 1 and p − 1 modulo p. For example, the self-invertible least residues modulo 13 are 1 and 12: 12 ≡ 1 (mod 13) and 122 ≡ 1 (mod 13). In other words, the solutions of the congruence x2 ≡ 1 (mod 13) are 1 and 12 modulo 13. Before formally stating Wilson’s theorem, we study an example that will facili- tate its proof. EXAMPLE 7.1 Let p = 11. Then (p − 1)! = 10! = 1 · 2 · 3 · 4 · 5 · 6 · 7 · 8 · 9 · 10. The least residues modulo 11 that are self-invertible are 1 and 10; rearrange the remaining factors into pairs in such a way that the residues in each pair are inverses of each other modulo 11: 10! = 1 · (2 · 6) · (3 · 4) · (5 · 9) · (7 · 8) · 10 ≡ 1 · 1 · 1 · 1 · 1 · 10 (mod 11) ≡ 10 (mod 11) ≡ −1 (mod 11) Thus, (p − 1)! ≡ −1 (mod 11), illustrating Wilson’s theorem. The technique used in this example is essentially the same one employed in the proof of the theorem: Arrange into (p−3)/2 = (11−3)/2 = 4 pairs the positive least residues modulo p (= 11) that are not self-invertible. We can now state and prove the first feature theorem. THEOREM 7.1 (Wilson’s Theorem) If p is a prime, then (p − 1)! ≡ −1 (mod p). PROOF When p = 2, (p − 1)! = 1 ≡ −1 (mod 2); thus, the theorem is true when p = 2. So, let p 2. By Corollary 4.6, the least positive residues 1 through p − 1 are invertible modulo p. But, by Lemma 7.1, two of them, 1 and p − 1, are their own in- verses. So we can group the remaining p−3 residues, 2 through p−2, into (p−3)/2 pairs of inverses a and b = a−1 such that ab ≡ 1 (mod p) for every pair a and b. Thus, 2 · 3···(p − 2) ≡ 1 (mod p) (p − 1)! = 1 · [2 · 3···(p − 2)] · (p − 1) ≡ 1 · 1 · (p − 1) (mod p) ≡ −1 (mod p)
- 433. 324 CHAPTER 7 Three Classical Milestones The following example shows an interesting application of Wilson’s theorem. EXAMPLE 7.2 Let p be a prime and n any positive integer. Prove that (np)! n!pn ≡ (−1)n (mod p) SOLUTION First, we can make an observation. Let a be any positive integer congruent to 1 modulo p. Then, by Wilson’s theorem, a(a + 1)···[a + (p − 2)] ≡ (p − 1)! ≡ −1 (mod p). In other words, the product of the p − 1 integers between any two consecutive mul- tiples of p is congruent to −1 modulo p. Then (np)! n!pn = (np)! p · 2p · 3p···(np) = n r=1 [(r − 1)p + 1]···[(r − 1)p + (p − 1)] ≡ n r=1 (p − 1)! (mod p) ≡ n r=1 (−1) (mod p) ≡ (−1)n (mod p) In particular, let p = 5 and n = 46. Then (np)! n!pn = 230! 46!546 ≡ (−1)46 ≡ 1 (mod 5). In 1957, F. G. Elston of New York generalized Wilson’s theorem: Let p be a prime and 0 ≤ r ≤ p − 1. Then r!(p − 1 − r)! + (−1)r ≡ 0 (mod p). See Exercise 17. We now turn to the converse of Wilson’s theorem. THEOREM 7.2 If n is a positive integer such that (n − 1)! ≡ −1 (mod n), then n is a prime. PROOF (by contradiction) Suppose n is composite, say, n = ab, where 1 a,b n. Since a|n and n|[(n−1)!+ 1], a|[(n − 1)! + 1]. Since 1 a n, a is one of the integers 2 through n − 1, so
- 434. 7.1 Wilson’s Theorem 325 a|(n − 1)!. Therefore, by Theorem 2.4, a|[(n − 1)! + 1 − (n − 1)!]; that is, a|1. So a = 1, a contradiction. Thus, n must be a prime. Theorems 7.1 and 7.2 together furnish a necessary and sufficient condition for a positive integer to be a prime: A positive integer n ≥ 2 is a prime if and only if (n−1)! ≡ −1 (mod n). This condition provides a seemingly simple test for primality. To check if n is a prime, all we need is to determine whether (n − 1)! ≡ −1 (mod n). For example, (7 − 1)! = 720 ≡ −1 (mod 7), so 7 is a prime. On the other hand, (12 − 1)! = 39,916,800 ≡ 0 (mod 12), so (12 − 1)! ≡ −1 (mod 12), showing that 12 is not a prime. Unfortunately, this test has no practical significance, because (n − 1)! becomes extremely large as n gets large. Factorial, Multifactorial, and Primorial Primes Theorem 7.2 naturally prompts several questions in the minds of the curious: Are ? there primes of the form m! + 1? If yes, how many such primes are there? Since 1! + 1 = 2,2! + 1 = 3,3! + 1 = 7 are primes, there do exist primes of the form m! + 1. There are in fact nine such primes for m ≤ 100. The largest known such prime, as of 2005, was 32659! + 1, discovered by Steven L. Harvey; it contains 44,416 digits. On the other hand, n! − 1 is a prime for n = 3, 4, and 6. The largest known such prime is 974! − 1, discovered by Harvey Dubner of New Jersey; n! − 1 is composite for 975 ≤ n ≤ 1155. It remains unresolved as to whether there is an infinitude of ? primes of the form n! ± 1; such primes are factorial primes. In 1930, S. S. Pillai asked if every prime factor of n! + 1 is congruent to 1 modulo n. For example, 11|(5!+1) and 11 ≡ 1 (mod 5). In the same year, the Indian number theorist S. Chowla discovered two exceptions: 14! + 1 ≡ 0 (mod 23) and 18! + 1 ≡ 0 (mod 23), where 23 ≡ 1 (mod 14) and 23 ≡ 1 (mod 18). In fact, the smallest such counterexample is 8! + 1 ≡ 0 (mod 61), where 61 ≡ 1 (mod 8). In 1993, Erdös and M. V. Subbarao of the University of Alberta independently proved that there are infinitely many primes p for which there is an integer n such that n! + 1 ≡ 0 (mod p), where p ≡ 1 (mod n). Primes of the form n!k ± 1 are multifactorial primes, where n!k = n(n − k)(n − 2k)(n−3k)···(n−rk), k is a positive integer, and r is the largest positive integer such that n − rk ≥ 1. (Notice that n!1 = n!.) For example, 7!3 + 1 = 7(7 − 3)(7 − 6) + 1 = 29 and 7!5 − 1 = 7(7 − 5) − 1 = 13 are multifactorial primes. Primes of the form n# ± 1 are primorial primes, where n# denotes the product of all primes ≤ n; for example, 10# + 1 = 2 · 3 · 5 · 7 + 1 = 211 is a primorial prime. ? Establishing the infinitude of primorial primes remains unresolved.
- 435. 326 CHAPTER 7 Three Classical Milestones E X E R C I S E S 7.1 Find the self-invertible least residues modulo each prime p. 1. 7 2. 13 3. 19 4. 23 Solve the congruence x2 ≡ 1 (mod m) for each modu- lus m. 5. 6 6. 8 7. 12 8. 15 9. Prove or disprove: If the congruence x2 ≡ 1 (mod m) has exactly two solutions, then m is a prime. 10. If x2 ≡ 1 (mod p) and x2 ≡ 1 (mod q), does it fol- low that x2 ≡ 1 (mod pq), where p and q are distinct primes? 11. Let a be a solution of the congruence x2 ≡ 1 (mod m). Show that m − a is also a solution. Without using Wilson’s theorem, verify that (p−1)! ≡ −1 (mod p) for each p. 12. 3 13. 5 14. 7 15. 13 Prove each, where p is a prime. 16. Let p be odd. Then 2(p − 3)! ≡ −1 (mod p). 17. (p − 1)(p − 2)···(p − k) ≡ (−1)kk! (mod p), where 1 ≤ k p. 18. Let p be odd. Then 12 · 32 ···(p − 2)2 ≡ (−1)(p+1)/2 (mod p). 19. Let p be odd. Then 22 · 42 ···(p − 1)2 ≡ (−1)(p+1)/2 (mod p). 20. A positive integer n ≥ 2 is a prime if and only if (n − 2)! ≡ 1 (mod n). 21. Let r be a positive integer p such that r! ≡ (−1)r (mod p). Then (p − r − 1)! ≡ −1 (mod p). 22. 1 · 3 · 5···(p − 2) 2 · 4 · 6···(p − 1) ≡ (−1)(p−1)/2 (mod p), where p 2. (P. S. Bruckman, 1975) 23. Let 0 ≤ r ≤ p − 1. Then r!(p − 1 − r)! + (−1)r ≡ 0 (mod p) (F. G. Elston, 1957) 24. np p ≡ n (mod p) (J. H. Hodges, 1959) 25. np − 1 p − 1 ≡ −1 (mod p), where p n. (This result, true even if p|n, was established in 1874 by Catalan.) 26. p − 1 r ≡ (−1)r (mod p), where 0 ≤ r p. 27. Let p = m + n + 3, where m,n ≥ 0. Then [m! + (m + 1)!][n! + (n + 1)!] ≡ (−1)m (mod p) (A. Cusumano, 2005) 28. Using Exercise 21, show that 63! ≡ −1 (mod 71). Verify that [((p − 1)/2)!]2 ≡ −1 (mod p) for each prime p. 29. 5 30. 13 31. 17 32. 29 33. Make a conjecture using Exercises 29–32. 34. Does your conjecture hold for p = 2, 3, or 7? 35. Establish the conjecture in Exercise 33. 36. Prove that p−1 n=1 (1 + p/n) ≡ 1 (mod p). (L. Talbot, 1995) 7.2 Fermat’s Little Theorem On October 18, 1640, Fermat wrote a letter to Bernhard Frenicle de Bessy (1605– 1675), an official at the French mint who was a gifted student of number theory. In his letter, Fermat communicated the following result: If p is a prime and p a, then p|ap−1 − 1. Fermat did not provide a proof of this result but enclosed a note promising that he would send along a proof, provided it was not too long. This result
- 436. 7.2 Fermat’s Little Theorem 327 is known as Fermat’s little theorem or simply Fermat’s theorem, to distinguish it from Fermat’s last theorem, which is presented in Chapter 13. Incidentally, the special case of Fermat’s little theorem for a = 2 was known to the Chinese as early as 500 B.C. The first proof of Fermat’s little theorem was given by Euler in 1736, almost a century after Fermat’s announcement. Leibniz had given an identical proof in an unpublished work about 50 years prior to Euler’s, but once again Leibniz did not receive his share of credit. We need the following lemma for the proof of Fermat’s little theorem, but before we turn to the lemma, let us study a special case. EXAMPLE 7.3 Let p = 7 and a = 12. Clearly, p a. Then, 1 · 12 ≡ 5 (mod 7) 2 · 12 ≡ 3 (mod 7) 3 · 12 ≡ 1 (mod 7) 4 · 12 ≡ 6 (mod 7) 5 · 12 ≡ 4 (mod 7) 6 · 12 ≡ 2 (mod 7) Thus, the least residues of 1 · 12, 2 · 12, 3 · 12, 4 · 12, 5 · 12, and 6 · 12 are the same as the integers 1, 2, 3, 4, 5, and 6 in some order. More generally, we have the following result. LEMMA 7.2 Let p be a prime and a any integer such that p a. Then the least residues of the integers a,2a,3a,...,(p − 1)a modulo p are a permutation of the integers 1,2,3,...,(p − 1). PROOF The proof consists of two parts. [First, we will show that ia ≡ 0 (mod p), where 1 ≤ i ≤ p − 1. Then we will show that the least residues of ia and ja modulo p are distinct if i = j, where 1 ≤ j ≤ p − 1.] To show that ia ≡ 0 (mod p), where 1 ≤ i ≤ p − 1: Suppose ia ≡ 0 (mod p). Then p|ia. But (p,a) = 1, so p|i, which is impossible since i p. Therefore, ia ≡ 0 (mod p). To show that if ia ≡ ja (mod p), where 1 ≤ i,j ≤ p − 1 then i = j: Suppose ia ≡ ja (mod p), where 1 ≤ i,j ≤ p − 1. Since (p,a) = 1, by Theorem 4.6, i ≡ j (mod p). But both i and j are least residues modulo p, so i = j. Thus, if ia ≡ ja (mod p), where 1 ≤ i,j ≤ p − 1, then i = j. In other words, no two least residues of a,2a,3a,...,(p − 1)a are congruent modulo p. We are now ready to present Fermat’s little theorem formally and to prove it. Using the preceding lemma, we will find that the proof is short and clear.
- 437. 328 CHAPTER 7 Three Classical Milestones THEOREM 7.3 (Fermat’s Little Theorem) Let p be a prime and a any integer such that p a. Then ap−1 ≡ 1 (mod p). PROOF By Lemma 7.2, the least residues of the integers a,2a,3a,...,(p−1)a modulo p are the same as the integers 1,2,3,...,(p − 1) in some order, so their products are con- gruent modulo p; that is, a · 2a · 3a···(p − 1)a ≡ 1 · 2 · 3···(p − 1) (mod p). In other words, (p − 1)!ap−1 ≡ (p − 1)! (mod p). But ((p − 1)!,p) = 1, so by Theorem 4.6, ap−1 ≡ 1 (mod p), as desired. The following example illustrates this proof. EXAMPLE 7.4 Let p = 7 and a = 12. By Lemma 7.2, the least residues of 1 · 12, 2 · 12, 3 · 12, 4 · 12, 5 · 12, 6 · 12 modulo 7 are a permutation of the integers 1 through 6, so (1 · 12)(2 · 12)(3 · 12)(4 · 12)(5 · 12)(6 · 12) ≡ 1 · 2 · 3 · 4 · 5 · 6 (mod 7). That is, 6!126 ≡ 6! (mod 7). Since (6!,7) = 1, this yields 126 ≡ 1 (mod 7). Fermat’s little theorem, coupled with the congruence properties we studied in Chapter 4, provides an efficient recipe to evaluate the remainder when an is divided by p, where p a and n ≥ p − 1, as the following example demonstrates. EXAMPLE 7.5 Find the remainder when 241947 is divided by 17. SOLUTION 24 ≡ 7 (mod 17) Therefore, 241947 ≡ 71947 (mod 17) But, by Fermat’s little theorem, 716 ≡ 1 (mod 17). So 71947 = 716·121+11 = (716 )121 · 711 ≡ 1121 · 711 ≡ 711 (mod 17) But 72 ≡ −2 (mod 17), so 711 ≡ (72)5 · 7 ≡ (−2)5 · 7 ≡ −32 · 7 ≡ 2 · 7 ≡ 14 (mod 17). Thus, when 241947 is divided by 17, the remainder is 14.
- 438. 7.2 Fermat’s Little Theorem 329 By Fermat’s little theorem, p|ap−1 − 1, so (ap−1 − 1)/p is an integer. The fol- lowing example, a delightful application of the theorem, identifies the primes p for which (2p−1 − 1)/p is a square. EXAMPLE 7.6 Find the primes p for which 2p−1 − 1 p is a square. SOLUTION Suppose 2p−1 − 1 p = n2 for some positive integer n. Then 2p−1 − 1 = pn2. Clearly, both p and n must be odd. Let p = 2k +1 for some positive integer k. Then 22k −1 = pn2; that is, (2k − 1)(2k + 1) = pn2. Since 2k − 1 and 2k + 1 are consecutive odd integers, they are relatively prime. Consequently, either 2k − 1 or 2k + 1 must be a perfect square. Suppose 2k − 1 is a perfect square r2: 2k − 1 = r2 2k = r2 + 1 That is, 2p−1 = r2 + 1 2 Since r ≥ 1 and is odd, r = 2i + 1 for some integer ≥ 0. Then 2k = (2i + 1)2 = 2(2i2 +2i+1); this is possible if and only if i = 0. Then r = 1, so 2p−1 = (12 +1)2 = 4, and hence p = 3. Suppose 2k + 1 is a perfect square s2: 2k + 1 = s2 2k = s2 − 1 That is, 2p−1 = (s − 1)2 (s + 1)2 Since s ≥ 3 and is odd, s = 2i+1 for some i ≥ 1. Then 2k = (2i+1)2 −1 = 4i(i+1); that is, 2k−2 = i(i + 1). This is possible if and only if i = 1. Then s = 3 and hence 2p−1 = 22 · 42 = 26; so p = 7. Thus, p must be 3 or 7.
- 439. 330 CHAPTER 7 Three Classical Milestones An Alternate Proof of Wilson’s Theorem (optional) Lagrange developed a delightful proof of Wilson’s theorem as an application of Fer- mat’s little theorem and Euler’s formula in Theorem 7.4. In the interest of brevity, we omit the proof of Theorem 7.4, which can be proved by induction. In 1996, S. M. Ruiz of Spain rediscovered the same proof. THEOREM 7.4 (Euler’s formula) Let n ≥ 0 and x any real number. Then n i=0 (−1)i n i (x−i)n = n! COROLLARY 7.1 (Wilson’s Theorem) Let p be a prime. Then (p − 1)! ≡ −1 (mod p). PROOF Since the result is true when p = 2, assume that p 2. Letting n = p − 1 and x = 0, Euler’s formula yields p−1 i=0 (−1)i p − 1 i (−i)p−1 = (p − 1)! Since p is odd, by Fermat’s little theorem, this implies (p − 1)! ≡ p−1 i=1 (−1)i p − 1 i (mod p) ≡ p−1 i=0 (−1)i p − 1 i − 1 (mod p) ≡ (1 − 1)p−1 − 1 (mod p) ≡ 0 − 1 (mod p) ≡ −1 (mod p) as desired. The following theorem, another useful application of Fermat’s little theorem, identifies an inverse of a modulo p, when p a. THEOREM 7.5 Let p be a prime and a any integer such that p a. Then ap−2 is an inverse of a modulo p.
- 440. 7.2 Fermat’s Little Theorem 331 PROOF By Fermat’s little theorem, ap−1 ≡ 1 (mod p). That is, a · ap−2 ≡ 1 (mod p), so ap−2 is an inverse of a modulo p. The following example illustrates this theorem. EXAMPLE 7.7 Let p = 7 and a = 12. Then, by Theorem 7.5 (see Example 7.4 also), 125 is an inverse of 12 modulo 7. Since 12 ≡ −2 (mod 7), 125 ≡ (−2)5 ≡ −22 · 23 ≡ −4 · 1 ≡ 3 (mod 7). Thus, 3 is an inverse of 12 modulo 7: 12 · 3 ≡ 1 (mod 7), as expected! Theorem 7.5 can be used to derive a formula for solving linear congruences with prime moduli. THEOREM 7.6 Let p be a prime and a any integer such that p a. Then the solution of the linear congruence ax ≡ b (mod p) is given by x ≡ ap−2b (mod p). PROOF Since p a, by Corollary 4.6, the congruence ax ≡ b (mod p) has a unique solution. Since, by Theorem 7.5, ap−2 is an inverse of a modulo p, multiplying both sides of the congruence by ap−2, we have ap−2 (ax) ≡ ap−2 b (mod p) ap−1 x ≡ ap−2 b (mod p) x ≡ ap−2 b (mod p), by Fermat’s little theorem The following two examples employ this theorem. EXAMPLE 7.8 Solve the linear congruence 12x ≡ 6 (mod 7). SOLUTION By Example 7.7, 125 ≡ 3 (mod 7) is an inverse of 12 modulo 7. Multiply both sides of the congruence by 3: 3(12x) ≡ 3 · 6 (mod 7) x ≡ 4 (mod 7)
- 441. 332 CHAPTER 7 Three Classical Milestones EXAMPLE 7.9 Solve the congruence 24x ≡ 11 (mod 17). SOLUTION 24x ≡ 11 (mod 17) 7x ≡ 11 (mod 17) So, by Theorem 7.6, x ≡ 715 · 11 (mod 17). Now, we need to find the least residue of 715 · 11 (mod 17). To this end, notice that 72 ≡ −2 (mod 17), 74 ≡ 4 (mod 17), and 78 ≡ −1 (mod 17). Therefore, 715 ≡ 78 · 74 · 72 · 7 ≡ (−1) · 4 · (−2) · 7 ≡ 5 (mod 17). Thus, x ≡ 5 · 11 ≡ 4 (mod 17). We now discuss an interesting application of Fermat’s little theorem, the pigeon- hole principle, and the well-ordering principle. Factors of 2n + 1 (optional) Consider the prime factorization of N = 2n + 1 for various values of n. It appears from Table 7.1 that when a prime p makes its debut in the prime factorization of N, p ≡ 1 (mod n). This phenomenon was first observed in 2001 by J. E. Parkes of Staffordshire, England, and then pursued by K. R. McLean of the University of Liverpool, where n 1. For example, p = 43 occurs first when n = 7 and 43 ≡ 1 (mod 7). n 2n + 1 n 2n + 1 n 2n + 1 n 2n + 1 1 3 5 3 · 11 9 33 · 19 13 3 · 2731 2 5 6 5 · 13 10 52 · 41 14 5 · 29 · 113 3 32 7 3 · 43 11 3 · 683 15 32 · 11 · 331 4 17 8 257 12 17 · 241 16 65537 Table 7.1 To confirm this observation, notice that p first appears in the prime factorization of N corresponding to the least exponent n, 2n ≡ −1 (mod p). By the pigeonhole principle, the least residues of 21,22,23,...,2p+1 modulo p cannot all be distinct. Therefore, there exist positive integers a and b such that 2a ≡ 2b (mod p), where a b. Then 2b−a ≡ 1 (mod p). Consequently, by the well-ordering principle, there is a least positive integer d such that 2d ≡ 1 (mod p).
- 442. 7.2 Fermat’s Little Theorem 333 Let t be any positive integer such that 2t ≡ 1 (mod p). By the division algorithm, t = qd + r, where 0 ≤ r d. Then 1 ≡ 2t ≡ 2qd+r ≡ 2d q · 2r ≡ 1q · 2r ≡ 2r (mod p) Since r d, this implies that r = 0. Then t = qd and d|t. Since 2n ≡ −1 (mod p), 22n ≡ 1 (mod p). Consequently, d|2n. Since 2n ≡ −1 (mod p) and 2d ≡ 1 (mod p), it follows that d = n. Suppose d n. Then 2n−d ≡ −1 (mod p), which contradicts the choice of n. Thus, d n and d|2n; so d = 2n. By Fermat’s little theorem, 2p−1 ≡ 1 (mod p). So d|p − 1; thus, p ≡ 1 (mod d) and hence p ≡ 1 (mod n), as desired. The following theorem shows Fermat’s little theorem can be extended to all positive integers a. THEOREM 7.7 Let p be a prime and a any positive integer. Then ap ≡ a (mod p). PROOF (by cases) case 1 Suppose p a. Then, by Fermat’s little theorem, ap−1 ≡ 1 (mod p), so ap ≡ a (mod p). case 2 Suppose p|a. Then p ≡ a ≡ 0 (mod p), so ap ≡ 0 (mod p), by Theorem 4.5. Therefore, by Theorem 4.2, ap ≡ a (mod p). Thus, in both cases, ap ≡ a (mod p). The following example illustrates this theorem. EXAMPLE 7.10 Let p = 7. If a = 12, then by Example 7.4, 126 ≡ 1 (mod 7), so 127 ≡ 12 (mod 7). On the other hand, if a = 28, then 28 ≡ 0 (mod 7), so 287 ≡ 0 (mod 7). But 0 ≡ 8 (mod 7), so 287 ≡ 28 (mod 7). Next, we present an alternate and elegant proof of Theorem 7.7, based on the binomial theorem and induction, developed in 1989 by R. J. Hendel of Dowling College, New York. An Alternate Proof of Theorem 7.7 (optional) Let x be any integer. Because p| p k , where 0 k p, by the binomial theorem, it can be shown that (x + 1)p ≡ xp + 1 (mod p). (See Exercise 33.)
- 443. 334 CHAPTER 7 Three Classical Milestones Let g(t) = tp − t. Then g(x + 1) − g(x) = (x + 1)p − (x + 1) − xp + x = (x + 1)p − xp − 1 ≡ 0 (mod p) Therefore, g(x + 1) ≡ g(x) (mod p). Replacing x with x + 1, this yields g(x + 2) ≡ g(x + 1) ≡ g(x) (mod p). More generally, it can be shown that g(x+a) ≡ g(x) for every positive integer a. (See Exercise 36.) Letting x = 0 in this result yields g(a) ≡ g(0) (mod p); that is, ap − a ≡ 0 (mod p). In other words, ap ≡ a (mod p). In 1970, J. E. Phythian of Tanzania extended Theorem 7.7 to a finite number of distinct primes, as the following theorem shows. THEOREM 7.8 Let p1,p2,...,pk be any distinct primes, a any positive integer, and = [p1 − 1, p2 − 1,...,pk − 1]. Then a+1 ≡ a (mod p1p2 ···pk). PROOF By Fermat’s little theorem, api−1 ≡ 1 (mod pi), where 1 ≤ i ≤ k. Since pi − 1|, this implies (api − 1)/(pi−1) ≡ 1 (mod pi); that is, a ≡ 1 (mod pi). Thus, a+1 ≡ a (mod pi). Consequently, a+1 ≡ a (mod [p1,p2,...,pk]); that is, a+1 ≡ a (mod p1p2 ···pk). For example, let p1 = 3, p2 = 7, and p3 = 11. Then = [2,6,10] = 30 and p1p2p3 = 3 · 7 · 11 = 231. So, by Theorem 7.8, a31 ≡ a (mod 231) for any positive integer a. In particular, 4331 ≡ 43 (mod 231). Theorem 7.8 yields an interesting byproduct. This observation was made inde- pendently in 1985 by G. Duckworth of England and J. Suck of Germany. COROLLARY 7.2 Let a be any integer and p any prime 3. Then ap ≡ a (mod 6p). PROOF Let p1 = 2, p2 = 3, and p3 = p in Theorem 7.8. Since 2 · 3 · p = 6p and [p1 − 1, p2 − 1,p3 − 1] = [1,2,p − 1] = p − 1, the result follows by the theorem. For example, let a = 20 and p = 13. Then 2013 = (202)6 · 20 ≡ 106 · 20 = (103)2 · 20 ≡ (−14)2 · 20 ≡ 20 (mod 78), as expected by this corollary. This corollary can be proved without using Theorem 7.8. See Exercise 31. We now present an application of Fermat’s little theorem to the factoring of large composite numbers.
- 444. 7.2 Fermat’s Little Theorem 335 The Pollard p − 1 Factoring Method In 1974, Pollard developed a factoring method based on Fermat’s little theorem, called the Pollard p − 1 method. Suppose n is an odd integer known to be composite. Let p be a prime factor of n such that the prime factors of p − 1 are relatively small. Let k be a large enough positive integer such that (p − 1)|k!. For example, let p = 2393. Then p − 1 = 2392 = 23 · 13 · 23 and (p − 1)|23!. Let k! = m(p − 1) for some integer m. Since 2 p, by Fermat’s little theorem, 2p−1 ≡ 1 (mod p). Then 2k! = 2m(p−1) = 2p−1 m ≡ 1m ≡ 1 (mod p) So p|(2k! − 1). Let r be the least positive residue of 2k! modulo n; so r − 1 ≡ 2k! − 1 (mod n). Since p|n and p|(2k! − 1), p|(r − 1). So the gcd (r − 1,n) is a nontrivial factor of n. Notice that, as in the case of the rho method, the choice of p does not occur in the computation of (r − 1,n). To implement this technique, first notice that 2k! = ((((21)2)3)···)k; then com- pute the least residue r of 2k! modulo n; and at each step, compute (r − 1,n) until a nontrivial factor emerges, as the following example illustrates. EXAMPLE 7.11 Using the Pollard p − 1 method, find a nontrivial factor of n = 2813. SOLUTION Using the fact that 2k! = (2(k−1)!)k, we continue computing the least positive residue r ≡ 2k! (mod 2813) and the gcd (r−1,n) until a nontrivial factor of n appears, where k ≥ 1: 21! = 2 ≡ 2 (mod 2813) (1,2813) = 1 22! = 22 ≡ 4 (mod 2813) (3,2813) = 1 23! = 43 ≡ 64 (mod 2813) (63,2813) = 1 24! ≡ 644 ≡ 484 (mod 2813) (483,2813) = 1 25! ≡ 4845 ≡ 1648 (mod 2813) (1647,2813) = 1 26! ≡ 16486 ≡ 777 (mod 2813) (776,2813) = 97 Thus, 97|2813. The p−1 method fails if 2k! ≡ 1 (mod n). For example, when n = 3277, 27! ≡ 1 (mod 3277) and (0,3277) = 3277. Interestingly, we can use any base b in lieu of 2 in the algorithm, where 1 b p.
- 445. 336 CHAPTER 7 Three Classical Milestones Returning to Fermat’s little theorem, we would like to examine its converse: If an−1 ≡ (mod n) and n a, then n is a prime. Is this true or false? If it is true, can we prove it? If it is not, can we produce a counterexample? We will continue this discussion in the next section. E X E R C I S E S 7.2 Compute the remainder when the first integer is divided by the second. 1. 71001, 17 2. 302020, 19 3. 151976, 23 4. 435555, 31 Find the ones digit in the base-seven expansion of each decimal number. 5. 5101 6. 121111 7. 292076 8. 373434 Solve each linear congruence. 9. 8x ≡ 3 (mod 11) 10. 15x ≡ 7 (mod 13) 11. 26x ≡ 12 (mod 17) 12. 43x ≡ 17 (mod 23) Compute the least residue of each. 13. 2340 (mod 341) 14. 1116 + 1710 (mod 187) 15. 1318 + 1912 (mod 247) Verify each. 16. (12 + 15)17 ≡ 1217 + 1517 (mod 17) 17. (16 + 21)23 ≡ 1623 + 2123 (mod 23) 18. Find the primes p such that (2p−1 − 1)/p is a perfect cube. Let p and q be distinct primes, and a,b, and n arbitrary positive integers. Prove each. 19. Let ap ≡ a (mod q) and aq ≡ a (mod p). Then apq ≡ a (mod pq). 20. apq − ap − aq + a ≡ 0 (mod pq) 21. If ap ≡ bp (mod p), then a ≡ b (mod p). 22. If ap ≡ bp (mod p), then ap ≡ bp (mod p2). 23. pq−1 + qp−1 ≡ 1 (mod pq) 24. pq + qp ≡ p + q (mod pq) 25. 30|(n5 − n) (R. S. Hatcher, 1970) 26. There are infinitely many values of n such that p|2n+1 + 3n − 17. (E. Just, 1976) Let p be any odd prime and a any nonnegative integer. Prove the following. 27. 1p−1 + 2p−1 + ··· + (p − 1)p−1 ≡ −1 (mod p) 28. 1p + 2p + ··· + (p − 1)p ≡ 0 (mod p) 29. (a+1)p +(a+2)p +···+(a+p−1)p ≡ −a (mod p) Let p be any prime, a any positive integer, and x an arbi- trary integer ≥ 0. Prove each. 30. p k ≡ 0 (mod p), where 0 k p. 31. Let p 3. Then ap ≡ a (mod 6p). Do not use Theo- rem 7.8. (G. Duckworth, 1985) 32. Using induction, prove that ap ≡ a (mod p). 33. Using the binomial theorem, prove that (a + b)p ≡ ap + bp (mod p). 34. Using Fermat’s little theorem, prove that (a + b)p ≡ ap + bp (mod p). 35. Using induction, prove that (x + 1)p ≡ xp + 1 (mod p). 36. Let g(t) = tp − t. Then g(x + a) ≡ g(x) (mod p) for every positive integer a. 37. Let p be a prime, and a and b be any integers such that a ≥ b ≥ 0. Prove that pa pb ≡ a b (mod p). (Putnam Mathematics Competition, 1977) Using the Pollard p − 1 method, find a nontrivial factor of each. 38. 2323 39. 7967
- 446. 7.3 Pseudoprimes (optional) 337 7.3 Pseudoprimes (optional) In Theorem 7.7, we found that if n is a prime, then an ≡ a (mod n) for every integer a. As a result, if this congruence fails for some integer b, that is, if bn ≡ b (mod n) for some integer n, then n cannot be a prime. Thus, in order to show that n is composite, it suffices to produce an integer b such that bn ≡ b (mod n). This provides a test for compositeness, as the following example shows. EXAMPLE 7.12 Verify that 33 is a composite number. PROOF If 33 were a prime, then 233 ≡ 2 (mod 33). But 233 = (25 )6 · 23 ≡ (−1)6 · 8 ≡ 8 (mod 33) ≡ 2 (mod 33) Therefore, 33 is not a prime, as expected. We still have not answered whether the converse of Theorem 7.7 is true: If an ≡ a (mod n), then n is a prime. Interestingly, the ancient Chinese mathematicians claimed that if 2n ≡ 2 (mod n), then n must be a prime. In support of this conjecture, we find that the claim holds for all positive integers n ≤ 340. Unfortunately, however, it fails when n = 341 = 11 · 31, a composite number discovered by Sarrus in 1819. The following example confirms this. EXAMPLE 7.13 Show that 2341 ≡ 2 (mod 341). PROOF By Fermat’s little theorem, 210 ≡ 1 (mod 11), so 2341 = (210)34 · 2 ≡ 134 · 2 ≡ 2 (mod 11). Also, 25 ≡ 1 (mod 31), so 2341 = (25)68 ·2 ≡ 168 ·2 ≡ 2 (mod 31). There- fore, by Theorem 4.8, 2341 ≡ 2 (mod [11,31]); that is, 2341 ≡ 2 (mod 341), although 341 is a composite number. This example voids the Chinese claim and thus disproves the converse of Fer- mat’s little theorem. It follows from the preceding discussion that n = 341 is the smallest composite number such that 2n ≡ 2 (mod n). The next three are 561, 645, and 1105 (see Ex- ercises 5–8). Such numbers, although not as important as primes, have been given a name of their own, so we make the following definition.
- 447. 338 CHAPTER 7 Three Classical Milestones Pseudoprimes A composite number n is called a pseudoprime if 2n ≡ 2 (mod n). Thus, the first four pseudoprimes are 341, 561, 645, and 1105; they are all odd. The smallest even pseudoprime is 161,038, found in 1950. Pseudoprimes appear to be rare and sparsely spaced. For example, there are 455,052,512 primes less than 10 billion, but only 14,884 pseudoprimes less than 10 billion. But this should not lead us to draw any false conclusions, since the next theorem establishes categorically the infinitude of pseudoprimes. First, we pave the way for its proof by introducing two lemmas. LEMMA 7.3 Let m and n be positive integers such that m|n. Then 2m − 1|2n − 1. PROOF Since m|n, n = km for some positive integer k. Then 2n − 1 = 2km − 1 = (2m − 1) 2(k−1)m + 2(k−2)m + ··· + 2m + 1 Therefore, 2m − 1|2n − 1. LEMMA 7.4 If n is an odd pseudoprime, then N = 2n − 1 is also an odd pseudoprime. PROOF Let n be an odd pseudoprime. Then n is composite and 2n ≡ 2 (mod n). But n is odd, so 2n−1 ≡ 1 (mod n). Since n is composite, let n = rs, where 1 r, s n. Since r|n, by Lemma 7.3, 2r − 1|2n − 1; that is, 2r − 1|N, so N is a composite. It remains to show that 2N ≡ 2 (mod N). To this end, since 2n ≡ 2 (mod n), n|2n −2, so 2n −2 = kn for some integer k; that is, N −1 = kn. Therefore, 2N−1 −1 = 2kn − 1. Again, by Lemma 7.3, N = 2n − 1|2kn − 1, so 2N−1 − 1 ≡ 0 (mod N); that is, 2N−1 ≡ 1 (mod N). So 2N ≡ 2 (mod N). Thus, if n is an odd pseudoprime, then 2n − 1 is a larger odd pseudoprime. This lemma gives us a recipe for constructing a larger odd pseudoprime from a given odd pseudoprime. For example, since 341 is an odd pseudoprime, 2341 − 1 is a larger odd pseudoprime. We can now establish the existence of infinitely many pseudoprimes. THEOREM 7.9 There are infinitely many pseudoprimes.
- 448. 7.3 Pseudoprimes (optional) 339 Robert Daniel Carmichael (1879–1967) was born in Goodwater, Alabama. He re- ceived his B.A. from Lineville College in 1898 and Ph.D. from Princeton three years later under the guidance of George D. Birkhoff. His dissertation was a significant contribution to difference equations. He taught at Alabama Presbyterian College, Indiana University, and the University of Illinois, where he later served as the dean of the graduate school for 15 years. Carmichael was president of the Mathematical Association of America, editor-in-chief of The American Mathematical Monthly, and a significant contributor to difference equations, number theory, relativity theory, group theory, and mathematical philosophy. PROOF By Lemma 7.4, we can construct an infinite number of odd pseudoprimes ni+1 = 2ni − 1 for i = 0,1,2,... from a given odd pseudoprime ni. Since 341 is such a pseudoprime, by choosing n0 = 341, we obtain the odd pseudoprimes n0 n1 n2 ···. Thus, there is an infinite number of pseudoprimes. The following two questions about pseudoprimes remain unresolved: ? • Are there infinitely many square pseudoprimes? • Are there infinitely many primes p such that 2p−1 ≡ 1 (mod p2)? The smallest pseudoprimes that are not square-free are 1,194,649 = 10932; 12,327,121 = 35112; and 3,914,864,773 = 29 · 113 · 10932. Carmichael Numbers Besides base 2, there are other bases a and composite numbers n such that an−1 ≡ 1 (mod n). For example, 390 ≡ 1 (mod 91) and 414 ≡ 1 (mod 15). (See Exercises 10 and 11.) In 1907, the American mathematician Robert D. Carmichael established the ex- istence of composite numbers n such that an−1 ≡ 1 (mod n) for all positive integers a relatively prime to n. Such composite numbers are called Carmichael numbers. One such number is 561, as the following example shows. EXAMPLE 7.14 Show that 561 is a Carmichael number. PROOF Since 561 = 3 · 11 · 17, 561 is a composite number. So it remains to show that a560 ≡ 1 (mod 561) for all positive integers a relatively prime to 561.
- 449. 340 CHAPTER 7 Three Classical Milestones By Fermat’s little theorem, a2 ≡ 1 (mod 3), a10 ≡ 1 (mod 11), a16 ≡ 1 (mod 17). Therefore, a560 = (a2)280 ≡ 1 (mod 3), a560 = (a10)56 ≡ 1 (mod 11), and a560 = (a16)35 ≡ 1 (mod 17). So, by Theorem 4.8, a560 ≡ 1 (mod [3,11,17]); that is, a560 ≡ 1 (mod 561), as desired. In fact, 561 is the smallest Carmichael number. The next two are 1105 = 5 · 13 · 17 and 1729 = 7 · 13 · 19. There are four more numbers below 10,000, and 1547 less than 10 billion. In 1992, using high-powered computers, Richard G. E. Pinch (1954–) at Cambridge University found that there are 105,212 less than one quadrillion. And the search continues. As we saw, Carmichael numbers are sparsely spaced and appear to be rare. In 1992, however, Andrew Granville, Carl Pomerance, and Red Alford of the University of Georgia established the existence of infinitely many Carmichael numbers. Interestingly, it has been found that one Carmichael number can be a factor of another; for instance, 1729 and 63,973 = 7 · 13 · 19 · 37 are Carmichael numbers, and 1729|63,973. It was also established in 1948 that the product of two Carmichael numbers can also be a Carmichael number; for example, 1729, 294,409 = 37 · 73 · 109 and 509,033,161 = 1729 · 294,409 are Carmichael numbers. In 1990, H. Dubner and H. Nelson discovered two Carmichael numbers that are products of three Carmichael numbers; one is 97 digits long and the other 124 digits long. E X E R C I S E S 7.3 Using Lemma 7.3, factor each. 1. 210 − 1 2. 214 − 1 3. 215 − 1 4. 221 − 1 Verify that 2n ≡ 2 (mod n) for each value of n. 5. 561 6. 645 7. 1105 8. 161,038 Verify each. 9. 2340 ≡ 2 (mod 340) 10. 390 ≡ 1 (mod 91) 11. 414 ≡ 1 (mod 15) 12. 5123 ≡ 1 (mod 124) 13. 634 ≡ 1 (mod 35) 14. 1264 ≡ 1 (mod 65) Determine whether each is true. 15. 290 ≡ 1 (mod 91) 16. 3340 ≡ 1 (mod 341) Verify that each is a Carmichael number. 17. 1105 = 5 · 13 · 17 18. 1729 = 7 · 13 · 19 19. 2465 = 5 · 17 · 29 20. 2821 = 7 · 13 · 31 There can exist positive integers a and n, and a prime p with p a such that ap−1 ≡ 1 (mod pn). Exercises 21–26 present six such instances. Verify each. 21. 74 ≡ 1 (mod 52) 22. 310 ≡ 1 (mod 112) 23. 196 ≡ 1 (mod 73) 24. 1912 ≡ 1 (mod 132) 25. 23912 ≡ 1 (mod 134) 26. 3816 ≡ 1 (mod 172)
- 450. 7.4 Euler’s Theorem 341 7.4 Euler’s Theorem Fermat’s little theorem enables us to work with congruences involving only prime moduli. It tells us that there is a positive integer f(p) such that af(p) ≡ 1 (mod p), where f(p) = p − 1. So an obvious question arises: Can we extend Fermat’s little theorem to congruences with arbitrary moduli m? In other words, is there an expo- nent f(m) such that af(m) ≡ 1 (mod m), where (a,m) = 1? Before we answer this, we will find it helpful to study the following example. EXAMPLE 7.15 Determine if there exists a positive integer f(m) such that af(m) ≡ 1 (mod m) for m = 4, 9, and 12, where a is a positive integer ≤ m and relatively prime to it. SOLUTION 1. With m = 4, there are two positive integers a ≤ m and relatively prime to it, namely, 1 and 3: 12 ≡ 1 (mod 4) and 32 ≡ 1 (mod 4). So when m = 4, f(m) = 2 works. 2. For m = 9, there are six residues ≤ 9 and relatively prime to it: 1, 2, 4, 5, 7, and 8. After computing their first sixth powers, we find that 16 ≡ 1 (mod 9) 26 ≡ 1 (mod 9) 46 ≡ 1 (mod 9) 56 ≡ 1 (mod 9) 76 ≡ 1 (mod 9) 86 ≡ 1 (mod 9) (See Table 7.2.) Thus, when m = 9, f(m) = 6 does the job. Table 7.2 Table 7.3 3. There are four positive integers ≤ 12 and relatively prime to 12; namely, 1, 5, 7, and 11. Let us compute the first four powers of each modulo 12. It follows from Table 7.3 that 14 ≡ 1 (mod 12), 54 ≡ 1 (mod 12), 74 ≡ 1 (mod 12), and 114 ≡ 1 (mod 12). Once again, we have a candidate for f(12),
- 451. 342 CHAPTER 7 Three Classical Milestones Leonhard Euler (1707–1783) was born in Basel, Switzerland. His father, a mathematician and a Calvinist pastor, wanted him also to become a pastor. Although Euler had different ideas, he followed his father’s wishes, and studied Hebrew and theology at the University of Basel. His hard work at the university and remarkable ability brought him to the attention of the well-known mathe- matician Johann Bernoulli (1667–1748). Realizing the young Euler’s talents, Bernoulli persuaded the boy’s father to change his mind, and Euler pursued his studies in mathematics. At the age of 19, Euler brought out his first paper. His paper failed to win the Paris Academy Prize in 1727; however, he won it 72 times in later years. Euler was the most prolific mathematician, making significant contribu- tions to every branch of mathematics. With his phenomenal memory, he had every formula at his fingertips. A genius, he could work anywhere and under any conditions. Euler belongs to a class by himself. namely, 4. [Notice that 2 also works: 12 ≡ 1 (mod 12), 52 ≡ 1 (mod 12), 72 ≡ 1 (mod 12), and 112 ≡ 1 (mod 12).] From the three cases presented in this example, we can make an educated guess about the exponent f(m): It is the number of positive integers ≤ m and relatively prime to m. Accordingly, we now turn to an important number-theoretic function, named after the great Swiss mathematician Leonhard Euler. Euler’s Phi Function Let m be a positive integer. Then Euler’s phi function ϕ(m) denotes the number of positive integers ≤ m and relatively prime to m. It follows by Example 7.15 that ϕ(4) = 2, ϕ(9) = 6, and ϕ(12) = 4. Since 1 ≤ 1 and relatively prime to 1, ϕ(1) = 1. EXAMPLE 7.16 Compute ϕ(11) and ϕ(18). SOLUTION Since 11 is a prime, every positive integer 11 is relatively prime to 11, so ϕ(11) = 10. There are six positive integers ≤ 18 and relatively prime to it, namely, 1, 5, 7, 11, 13, and 17. Therefore, ϕ(18) = 6. (We can verify that each raised to the sixth power is congruent to 1 modulo 18.)
- 452. 7.4 Euler’s Theorem 343 The following lemma, which we will use again later, shows the value of ϕ(m) if m is a prime. LEMMA 7.5 A positive integer p is a prime if and only if ϕ(p) = p − 1. PROOF Let p be a prime. Then there are p−1 positive integers ≤ p and relatively prime to p, so ϕ(p) = p − 1. Conversely, let p be a positive integer such that ϕ(p) = p − 1. Let d|p, where 1 d p. Since there are exactly p − 1 positive integers p,d is one of them, and (d,p) = 1; so ϕ(p) p − 1, a contradiction. Thus, p must be a prime. We can now examine Euler’s theorem, the next milestone in the development of number theory and one of its most celebrated results. Proved by Euler in 1760, it extends Fermat’s little theorem to arbitrary moduli. But before we study the theorem, we need to lay some groundwork in the form of a lemma. In Lemma 7.2, we found that the least residues of the integers a,2a,...,(p−1)a modulo p are a rearrangement of the integers 1,2,...,(p−1), where a is any integer with p = a. The following lemma extends this result to an arbitrary modulus. Its proof resembles quite closely that of Lemma 7.2, but first an example to shed some light on its proof. EXAMPLE 7.17 Let m = 12 and a = 35, so (a,m) = (35,12) = 1. By Example 7.15, the least residues modulo 12 that are relatively prime to 12 are 1, 5, 7, and 11. Multiply each by 35: 35 · 1 ≡ 11 (mod 12), 35 · 5 ≡ 7 (mod 12), 35 · 7 ≡ 5 (mod 12), and 35 · 11 ≡ 1 (mod 12). Thus, the least residues of 35 · 1, 35 · 5, 35 · 7, and 35 · 11 modulo 12 are a rearrangement of the least residues 1, 5, 7, and 11 modulo 12. LEMMA 7.6 Let m be a positive integer and a any integer with (a,m) = 1. Let r1,r2,...,rϕ(m) be the positive integers ≤ m and relatively prime to m. Then the least residues of the integers ar1,ar2,...,arϕ(m) modulo m are a permutation of the integers r1,r2,...,rϕ(m). PROOF Again, the proof consists of two parts. First, we will show that (ari,m) = 1 for every i. Then we will show that no two numbers ari and arj can be congruent modulo m if i = j, where 1 ≤ i j ≤ ϕ(m). To show that each ari is relatively prime to m: Suppose (ari,m) 1. Let p be a prime factor of (ari,m). Then p|ari and p|m. Since p|ari, p|a or p|ri. If p|ri, then p|ri and p|m, so (ri,m) = 1, a contradiction. So
- 453. 344 CHAPTER 7 Three Classical Milestones p|a. This coupled with p|m implies p|(a,m), again a contradiction. Thus, (ari,m) = 1; that is, the integers ar1,ar2,...,arϕ(m) are relatively prime to m. To show that no two of the integers ari can be congruent modulo m; that is, ari ≡ arj, where 1 ≤ i j ≤ ϕ(m): To this end, suppose ari ≡ arj (mod m). Since (a,m) = 1, by Theorem 4.6, ri ≡ rj (mod m). But ri and rj are least residues modulo m, so ri = rj. Thus, if i = j, then ari ≡ arj (mod m). Thus, the least residues of ar1,ar2,...,arϕ(m) modulo m are distinct and are ϕ(m) in number. So they are a permutation of the least residues r1,r2,...,rϕ(m) modulo m. The following example demonstrates the technique used to prove Euler’s theo- rem. EXAMPLE 7.18 Let m = 12 and a = 35. The least residues modulo 12 that are relatively prime to 12 are 1, 5, 7, and 11, so ϕ(12) = 4. By Example 7.17, the least residues of 35 · 1, 35 · 5, 35 · 7, and 35 · 11 modulo 12 are a rearrangement of the least residues 1, 5, 7, and 11. Therefore, (35 · 1)(35 · 5)(35 · 7)(35 · 11) ≡ 1 · 5 · 7 · 11 (mod 12) That is, 354 · (1 · 5 · 7 · 11) ≡ 1 · 5 · 7 · 11 (mod 12) But (1 · 5 · 7 · 11,12) = 1, so by Theorem 4.6, 354 ≡ 1 (mod 12); that is, 35ϕ(12) ≡ 1 (mod 12). We are now ready to present Euler’s theorem. With Lemma 7.6 in hand, the proof is very short, but still elegant. THEOREM 7.10 (Euler’s Theorem) Let m be a positive integer and a any integer with (a,m) = 1. Then aϕ(m) ≡ 1 (mod m). PROOF Let r1,r2,...,rϕ(m) be the least residues modulo m that are relatively prime to m. Then, by Lemma 7.6, the integers ar1,ar2,...,arϕ(m) are congruent modulo m to r1,r2,...,rϕ(m) in some order. Consequently, (ar1)(ar2)···(arϕ(m)) ≡ r1r2 ···rϕ(m) (mod m)
- 454. 7.4 Euler’s Theorem 345 That is, aϕ(m) r1r2 ···rϕ(m) ≡ r1r2 ···rϕ(m) (mod m) Since each ri is relatively prime to m, (r1r2 ···rϕ(m),m) = 1; so, by Theorem 4.6, aϕ(m) ≡ 1 (mod m). The following example illustrates Euler’s theorem. EXAMPLE 7.19 Let m = 24 and a any integer relatively prime to 24. There are eight positive in- tegers ≤ 24 and relatively prime to 24, namely, 1, 5, 7, 11, 13, 17, 19, and 23; so ϕ(24) = 8. Thus, by Euler’s theorem, a8 ≡ 1 (mod 24). In particular, let a = 77. Since 77 = 7 · 11, (77,24) = 1, so 778 ≡ 1 (mod 24). We can confirm this using the fundamental properties of congruence: 77 ≡ 5 (mod 24) Therefore, 778 ≡ 58 (mod 24) Since 52 ≡ 1 (mod 24), 778 ≡ 58 ≡ (52)4 ≡ 14 ≡ 1 (mod 24), as expected. Euler’s theorem is useful for finding remainders of numbers involving large ex- ponents even if the divisor is composite, provided the divisor is relatively prime to the base. The following example illustrates this. EXAMPLE 7.20 Find the remainder when 2451040 is divided by 18. SOLUTION Since 245 ≡ 11 (mod 18), 2451040 ≡ 111040 (mod 18). Since (11,18) = 1, by Euler’s theorem, 11ϕ(18) ≡ 116 ≡ 1 (mod 18). Therefore, 111040 = (116)173 · 112 ≡ 1173 · 13 ≡ 13 (mod 18). Thus, the desired remainder is 13. Using Lemma 7.5, the following corollary deduces Fermat’s little theorem from Euler’s theorem. COROLLARY 7.3 (Fermat’s Little Theorem) Let p be a prime and a any integer such that p a. Then ap−1 ≡ 1 (mod p).
- 455. 346 CHAPTER 7 Three Classical Milestones PROOF By Euler’s theorem, aϕ(p) ≡ 1 (mod p). But ϕ(p) = p − 1, by Lemma 7.5, so ap−1 ≡ 1 (mod p). Using Euler’s theorem, we can extend Theorems 7.5 and 7.6 to an arbitrary modulus m in an obvious way, as the following two theorems show. We leave their proofs as exercises. THEOREM 7.11 Let m be a positive integer and a any integer with (a,m) = 1. Then aϕ(m)−1 is an inverse of a modulo m. THEOREM 7.12 Let m be a positive integer and a any integer with (a,m) = 1. Then the solution of the linear congruence ax ≡ b (mod m) is given by x ≡ aϕ(m)−1b (mod m). The following example uses this result. EXAMPLE 7.21 Solve the linear congruence 35x ≡ 47 (mod 24). SOLUTION The congruence can be simplified as 11x ≡ −1 (mod 24). Since (11,24) = 1, by Theorem 7.12, x ≡ 11ϕ(24)−1 · (−1) ≡ 117 · (−1) (mod 24) ≡ (112)3 · 11 · (−1) ≡ 13 · (−11) (mod 24) ≡ 13 (mod 24) In order to find an inverse of a modulo m in Theorem 7.11 and hence to solve the congruence ax ≡ b (mod m), we need to compute ϕ(m). Lemma 7.5 gives its value if m is a prime. Suppose m is composite. It is not practical to list all positive integers ≤ m and relatively prime to it, and then count them. In Section 8.1 we will return to this issue and derive a formula for ϕ(m) for every positive integer m. Additionally, Euler’s theorem can be used to develop a formula to solve a system of linear congruences with pairwise relatively prime moduli. (See Exercises 62–67.) Next, we give a generalization of Euler’s theorem. Its proof is fairly straightfor- ward, so we leave its proof as an exercise. See Exercises 59 and 60. THEOREM 7.13 (Koshy, 1996) Let m1,m2,...,mk be any positive integers and a any integer such that (a,mi) = 1 for 1 ≤ i ≤ k. Then a[ϕ(m1),ϕ(m2),...,ϕ(mk)] ≡ 1 (mod [m1,m2,...,mk])
- 456. 7.4 Euler’s Theorem 347 The next result follows from Theorem 7.10. COROLLARY 7.4 Let m1,m2,...,mk be pairwise relatively prime integers and a any integer such that (a, mi) = 1 for 1 ≤ i ≤ k. Then a[ϕ(m1),ϕ(m2),...,ϕ(mk)] ≡ 1 (mod m1m2 ···mk) E X E R C I S E S 7.4 Compute ϕ(m) for each integer m. 1. 8 2. 15 3. 21 4. 28 Use the modulus m = 15 and a = 28 for Exercises 5–6. 5. List the positive integers ≤ m and relatively prime to it. 6. Multiply each by a and find their least residues mod- ulo m. 7–8. Redo Exercises 5 and 6 with m = 28 and a = 15. 9. Verify that a6 ≡ 1 (mod 18) for a = 1, 5, 7, 11, 13, and 17. 10. Using the values of ϕ(m) for m ≤ 15, make a conjec- ture on the evenness of ϕ(m). Let m be a positive integer and a any positive integer ≤ m and relatively prime to it. Verify Euler’s theorem for each modulus. 11. 6 12. 10 13. 15 14. 28 Find the remainder when the first integer is divided by the second. 15. 71020, 15 16. 252550, 18 17. 791776, 24 18. 1992020, 28 Using Euler’s theorem, find the ones digit in the decimal value of each. 19. 176666 20. 237777 Using Euler’s theorem, find the ones digit in the hexadec- imal value of each. 21. 71030 22. 134444 Solve each linear congruence. 23. 7x ≡ 8 (mod 10) 24. 23x ≡ 17 (mod 12) 25. 25x ≡ 13 (mod 18) 26. 17x ≡ 20 (mod 24) 27. 143x ≡ 47 (mod 20) 28. 79x ≡ 17 (mod 25) If m and n are relatively prime, then ϕ(mn) = ϕ(m)·ϕ(n). Using this fact, compute each. 29. ϕ(15) 30. ϕ(35) 31. ϕ(105) 32. ϕ(462) Compute d|n ϕ(d) for each n. 33. 7 34. 10 35. 12 36. 17 37. Conjecture a formula for d|n ϕ(d) using Exercises 33–36. 38–41. Compute the value of d|n (−1)n/dϕ(d) for each n in Exercises 33–36. 42. Conjecture a formula using Exercises 38–41. Verify each. 43. 1 + 9 + 92 + ··· + 923 ≡ 0 (mod 35). 44. 1 + 11 + 112 + ··· + 1131 ≡ 0 (mod 51). Prove or disprove each. 45. ϕ((a,b)) = (ϕ(a),ϕ(b)) 46. ϕ([a,b]) = [ϕ(a),ϕ(b)] Prove each. 47. Let m be a positive integer and a any integer with (a,m) = 1. Then aϕ(m)−1 is an inverse of a mod- ulo m.
- 457. 348 CHAPTER 7 Three Classical Milestones 48. Let m be a positive integer and a any integer with (a,m) = 1. Then the solution of the linear congruence ax ≡ b (mod m) is given by x ≡ aϕ(m)−1b (mod m). 49. If a and b are relatively prime, then aϕ(b) +bϕ(a) ≡ 1 (mod ab). (M. Charosh, 1982) 50. If p and q are distinct primes, then pq−1 + qp−1 ≡ 1 (mod pq). 51. Let a and m be positive integers such that (a,m) = 1 = (a − 1,m). Then 1 + a + a2 + ··· + aϕ(m)−1 ≡ 0 (mod m). 52. Every integer n with (n,10) = 1 divides some integer N consisting of all 1s. For example, 3|111. (Hint: Use Euler’s theorem.) Compute ϕ(pn) for the given values of p and n. 53. p = 2, n = 3 54. p = 2, n = 4 55. p = 3, n = 3 56. p = 5, n = 2 57. Using Exercises 53–56, predict the value of ϕ(pn). 58. Prove that ϕ(pn) = pn − pn−1, where n ≥ 1. Prove Theorem 7.13 using 59. Theorem 4.8. 60. Induction. 61. Show that the solutions of the linear system x ≡ ai (mod mi), where 1 ≤ i ≤ k, and (mi,mj) = 1 if i = j, are given by x ≡ a1M ϕ(m1) 1 + a2M ϕ(m2) 2 + ··· + akM ϕ(mk) k (mod M) where M = m1m2 ···mk and Mi = M/mi. 62–67. Using Exercise 61, solve the linear systems 5–10 in Exercises 6.1. 68. Let an = 2n + 1 and m = n + kϕ(n), where k is a pos- itive integer. Prove that am|an. (J. Linkovskiǐ-Condé, 1980) X CHAPTER SUMMARY We have studied three celebrated results that have played a significant role in the de- velopment of number theory: Wilson’s theorem, Fermat’s little theorem, and Euler’s theorem. Wilson’s Theorem • A positive integer a is self-invertible modulo p if and only if a ≡ ±1 (mod p). (p. 322) • If p is prime, then (p − 1)! ≡ −1 (mod p). (Wilson’s theorem) (p. 323) • If n is a positive integer such that (n − 1)! ≡ −1 (mod n), then n is a prime. (p. 324) Fermat’s Little Theorem • If a is an integer such that p a, then the integers 1a,2a,3a,...,(p − 1)a modulo p are a permutation of the integers 1,2,3,...,(p − 1). (p. 327) • If a is an integer such that p a, then ap−1 ≡ 1 (mod p). (Fermat’s little theorem) (p. 328) • If a is an integer such that p a, then ap−2 is an inverse of a modulo p. (p. 330)
- 458. Review Exercises 349 • If a is an integer such that p a, then the solution of the congruence ax ≡ b (mod p) is given by x ≡ ap−2b (mod p). (p. 331) • If a is an integer such that p a, then ap ≡ a (mod p). (p. 333) • Let p1,p2,...,pk be any distinct primes, a any positive integer, and = [p1 − 1,p2 −1,...,pk −1]. Then a+1 ≡ a (mod p1p2 ···pk). (J. E. Phythian, 1970) (p. 334) The Pollard p − 1 Factoring Method • Let r = 2k! (mod n). Then (r − 1,n) is a nontrivial factor of n, provided r ≡ 1 (mod n). (p. 335) Pseudoprimes • A composite number n such that 2n ≡ 2 (mod n) is a pseudoprime. (p. 338) • The smallest pseudoprime is 341. (p. 338) • If m and n are positive integers such that m|n, then 2m − 1|2n − 1. (p. 338) • If n is an odd pseudoprime, then so is 2n − 1. (p. 338) • There is an infinite number of odd pseudoprimes. (p. 338) • A composite number n such that an−1 ≡ 1 (mod n) for all positive integers a relatively prime to n is a Carmichael number. (p. 339) • The smallest Carmichael number is 561. (p. 340) • There are infinitely many Carmichael numbers. (p. 340) Euler’s Theorem • Euler’s phi function ϕ(m) denotes the number of positive integers ≤ m and relatively prime to m. (p. 342) • ϕ(p) = p − 1. (p. 343) • Let a be any integer with (a, m) = 1. Let r1,r2,...,rϕ(m) be the positive integers ≤ m and relatively prime to m. Then the integers ar1,ar2,...,arϕ(m) modulo m are the same as r1,r2,...,rϕ(m) in some order. (p. 343) • Let a be any integer with (a,m) = 1. Then aϕ(m) ≡ 1 (mod m). (Euler’s the- orem) (p. 344) • Let a be any integer with (a,m) = 1. Then aϕ(m)−1 is an inverse of a (mod m). (p. 346) • Let a be any integer with (a,m) = 1. Then the solution of the congruence ax ≡ b (mod m) is given by x ≡ aϕ(m)−1b (mod m). (p. 346) • Let m1,m2,...,mk be any positive integers and a any integer such that (a,mi) = 1 for 1 ≤ i ≤ k. Then a[ϕ(m1),ϕ(m2),...,ϕ(mk)] ≡ 1 (mod [m1,m2, ...,mk]). (Koshy, 1996) (p. 346)
- 459. 350 CHAPTER 7 Three Classical Milestones X REVIEW EXERCISES Verify Wilson’s theorem for each prime p. 1. 19 2. 23 Verify each. 3. (12 − 1)! ≡ −1 (mod 12) 4. (15 − 1)! ≡ −1 (mod 15) Verify Fermat’s little theorem for each integer a and the corresponding prime p. 5. a = 19, p = 23 6. a = 20, p = 31 Compute the remainder when the first integer is divided by the second. 7. 184567, 13 8. 311706,23 9. 551876, 12 10. 7151863, 28 11. 1316 + 1712, 221 12. 2342 + 4322, 989 13. 1119 + 1911, 209 14. 2329 + 2923, 667 15. 1820 + 256, 450 16. 3532 + 5124, 1785 Find the ones digit in the base-eleven representation of each integer. 17. 151942 18. 241010 Using the Pollard p − 1 method, find a nontrivial factor of each. 19. 5899 20. 9353 Compute ϕ(m) for each m. 21. 16 22. 17 23. 200 24. 3675 Determine the number of least residues that are invertible modulo m for each m. 25. 17 26. 20 27. 25 28. 28 Verify Euler’s theorem for each m. 29. 16 30. 20 Find the last two digits in the decimal value of each. 31. 2731961 32. 13091732 Solve each linear congruence. 33. 33x ≡ 23 (mod 13) 34. 94x ≡ 32 (mod 19) 35. 65x ≡ 27 (mod 18) 36. 255x ≡ 63 (mod 28) Verify that each is a pseudoprime.
- 460. Supplementary Exercises 351 37. 2047 38. 18705 Verify each. 39. 1 + 7 + 72 + ··· + 717 ≡ 0 (mod 19) 40. 1 + 14 + 142 + ··· + 1410 ≡ 0 (mod 27) 41. 1265 ≡ 12 (mod 65) 42. 15341 ≡ 15 (mod 341) 43. 2887 ≡ 28 (mod 87) 44. 3551 ≡ 35 (mod 51) 45. 3816 ≡ 1 (mod 172) 46. 1170 ≡ 1 (mod 712) Compute d|n ϕ(d) for each n. 47. 8 48. 11 49. 18 50. 28 51–54. Compute d|n (−1)n/dϕ(d) for each n in Exercises 47–50. Verify that each is a Carmichael number. 55. 8911 = 7 · 19 · 67 56. 6601 = 7 · 23 · 41 Prove each, where p is an odd prime. 57. Let a be any integer such that p a. Then p−1 i=1 ai ≡ 0 (mod p). 58. The least nonzero residues 1,2,...,(p − 1)/2 modulo p are congruent to −(p − 1)/2,...,−2,−1, in some order. 59. If p ≡ 3 (mod 4), then ((p − 1)/2)! ≡ ±1 (mod p). X SUPPLEMENTARY EXERCISES By Wilson’s theorem, (p − 1)! ≡ −1 (mod p), so W(p) = (p − 1)! + 1 p is an integer. If W(p) ≡ 0 (mod p), then p is a Wilson prime. 1. Show that 5 and 13 are Wilson primes. (They were found in 1953 by Goldberg by an exhaustive computer search; the next larger Wilson prime is 563. In spite of continued searches, no other Wilson prime has been found less than 4 million. Also, nothing is known about the infinitude of Wilson primes.) 2. Prove that p is a Wilson prime if and only if (p − 1)! ≡ −1 (mod p2). In 1982, Albert Wilansky of Lehigh University reported that his brother-in-law Harold Smith had a telephone number 493-7775 with the property that the sum of its digits equals the sum of the digits of its prime factors. Since 4,937,775 = 3 · 5 · 5 · 65,837, 4 + 9 + 3 + 7 + 7 + 7 + 5 = 3 + 5 + 5 + 6 + 5 + 8 + 3 + 7, so it
- 461. 352 CHAPTER 7 Three Classical Milestones has the said property. Such a number is a Smith number. The smallest Smith num- ber is 4. In 1987, W. L. McDaniel showed that there are infinitely many palindromic Smith numbers. 3. Show that 202, 265, 666, and 1111 are Smith numbers. 4. There are six Smith numbers 100. Find them. 5. In 1917, R. Ratat gave four solutions to the equation ϕ(n) = ϕ(n+1), namely, 1, 3, 15, and 104. A year later, R. Goormaghtigh added four more to the list: 164, 194, 255, and 495. In 1974, T. E. Moore found a new solution, namely, 65535. Verify that they are indeed solutions of the equation. Let f(n) = ϕ(n) + ϕ2(n) + ϕ3(n) + ··· + ϕ(1), where ϕi(n) = ϕ(ϕi−1(n)) and ϕ1(n) = ϕ(n). (D. L. Silverman, 1982) 6. Compute f(5) and f(8). 7. Prove that f(2k) = 2k. Prove each, where p is any prime, and m and n are any positive integers. 8. Every positive integer n is a factor of some integer N consisting of 0s and 1s. 9. (np − 1)! (n − 1)!pn−1 ≡ (−1)n (mod p). (H. Sazegar, 1993) 10. Let m ≥ 2 such that (nm − 1)! (n − 1)!mn−1 ≡ (−1)n (mod m). Then m is a prime. (Hint: Use contradiction to prove this converse of Sazegar’s result.) X COMPUTER EXERCISES Write a program to perform each task, where p is a prime ≤ 100. 1. Read in a prime p and list all least residues modulo p that are self-invertible. 2. Read in a prime p and verify Wilson’s theorem. 3. Find all Wilson primes ≤ 1000. 4. Read in a positive integer n ≤ 100 and list all primes of the form n! + 1. 5. Verify that 2n ≡ 2 (mod n) for all primes ≤ 340. 6. Verify that 2341 ≡ 2 (mod 341). 7. List all positive integers n ≤ 341 such that 2n ≡ 2 (mod n). Identify those that are composite numbers. Verify each. 8. a23 ≡ a (mod 23) for 0 ≤ a ≤ 22. 9. a31 ≡ a (mod 31) for 0 ≤ a ≤ 30. 10. Find all primes p ≤ 1000 such that 2p−1 ≡ 1 (mod p2).
- 462. Enrichment Readings 353 X ENRICHMENT READINGS 1. A. H. Beiler, Recreations in the Theory of Numbers, Dover, New York, 1966, 39–53. 2. H. Dubner and H. Nelson, “Carmichael Numbers which Are the Product of Three Carmichael Numbers,” J. Recreational Mathematics, 22 (1990), 2–6. 3. D. H. Lehmer, “On the Converse of Fermat’s Theorem,” The American Mathe- matical Monthly, 43 (1936), 347–348. 4. C. S. Ogilvy and J. T. Anderson, Excursions in Number Theory, Dover, New York, 1966. 5. S. M. Ruiz, “An Algebraic Identity Leading to Wilson’s Theorem,” The Mathe- matical Gazette 80 (Nov. 1996), 579–582.
- 464. 8 Multiplicative Functions It is the man, not the method, that solves the problem. — H. MASCHKE n the preceding chapter, we explored Euler’s phi function, one of the most im- Iportant number-theoretic functions (also known as arithmetic functions). Arith- metic functions are defined for all positive integers. Euler’s phi function belongs to a large class of arithmetic functions called multiplicative functions. In addition to revisiting the phi function, we will learn three new multiplicative functions, τ (tau), σ (sigma), and μ (mu)† and study some of their fascinating prop- erties. We will also investigate two classes of positive integers, perfect numbers and Mersenne primes, and see how they are related. 8.1 Euler’s Phi Function Revisited Recall from Section 7.4 that ϕ(n) denotes the number of positive integers ≤ n and relatively prime to it. We found in Lemma 7.5 that if n is a prime, then ϕ(n) = n − 1. Suppose n is not a prime; is there a way to compute ϕ(n)? We will now develop a formula to compute ϕ(n) for any positive integer n using its prime-power decomposition. To this end, first we derive a formula for ϕ(pe) and then develop a mechanism for computing ϕ(mn) when (m, n) = 1. To achieve this goal, we first introduce multiplicative functions. † τ, σ, and μ are lowercase Greek symbols. 355
- 465. 356 CHAPTER 8 Multiplicative Functions Multiplicative Function A number-theoretic function f is multiplicative if f(mn) = f(m)f(n) whenever m and n are relatively prime. EXAMPLE 8.1 The constant function f(n) = 1 is multiplicative, since f(mn) = 1 = 1 · 1 = f(m)f(n). So is the function g(n) = nk, k being a fixed integer, since g(mn) = (mn)k = mknk = g(m)g(n). Notice that in both cases, we did not have to assume that (m,n) = 1; nevertheless they have the desired property. (We shall use a special case of g in Corollary 8.1.) The following theorem, called the fundamental theorem for multiplicative functions, enables us to compute the value of a multiplicative function f for any positive integer, provided we know its values for prime powers in n. For example, suppose we know the values of f(pa) and f(qb), where p and q are distinct primes and a and b positive integers. Then f(paqb) = f(pa)f(qb), since f is multiplicative. More generally, we have the following result. THEOREM 8.1 Let f be a multiplicative function and n a positive integer with canonical decompo- sition n = pe1 1 pe2 2 ···p ek k . Then f(n) = f(pe1 1 )f(pe2 2 )···f(p ek k ). PROOF (by induction on the number of distinct primes in n) If k = 1, that is, if n = pe1 1 , then f(n) = f(pe1 1 ), so the theorem is trivially true. Assume it is true for any integer with canonical decomposition consisting of k distinct primes: f(n) = f(pe1 1 )f(pe2 2 )···f(p ek k ). Let n be any integer with k + 1 distinct primes in its canonical decomposi- tion, say, n = pe1 1 pe2 2 ···p ek+1 k+1 . Since (pe1 1 ···p ek k , p ek+1 k+1 ) = 1 and f is multiplicative, f(pe1 1 ···p ek k p ek+1 k+1 ) = f(pe1 1 ···pe kk )f(p ek+1 k+1 ) = f(pe1 1 )···f(p ek k )f(p ek+1 k+1 ), by the induc- tive hypothesis. Therefore, by induction, the result is true for any positive integer n. This theorem is invaluable in our quest for finding a formula for ϕ(n). If we know ϕ is multiplicative, and if we know the value of ϕ(pe), then we can use the theorem to derive the formula. We now take up these issues one by one in the next two theorems. THEOREM 8.2 Let p be a prime and e any positive integer. Then ϕ(pe) = pe − pe−1. PROOF ϕ(pe ) = number of positive integers ≤ pe and relatively prime to it = number of positive integers ≤ pe − number of positive integers ≤ pe and not relatively prime to it
- 466. 8.1 Euler’s Phi Function Revisited 357 The positive integers ≤ pe and not relatively prime to it are the various multiples of p, namely, p,2p,3p,...,(pe−1)p, and they are pe−1 in number. Thus, ϕ(pe) = pe − pe−1. The following example demonstrates this theorem. EXAMPLE 8.2 Compute ϕ(8), ϕ(81), and ϕ(15,625). SOLUTION ϕ(8) = ϕ(23 ) = 23 − 22 = 8 − 4 = 4 ϕ(81) = ϕ(34 ) = 34 − 33 = 54 ϕ(15,625) = ϕ(56 ) = 56 − 55 = 12,500 Thus, there are four positive integers ≤ 8 and relatively prime to it; they are 1, 3, 5, and 7. Notice that the value of ϕ(pe) can also be written as ϕ(pe ) = pe 1 − 1 p . You will find this version useful in Theorem 8.4. The Monkey and Coconuts Puzzle Revisited Once Again Next, we revisit the monkey and coconuts riddle, as an application of Theorems 7.10 and 8.2. EXAMPLE 8.3 Using Theorems 7.10 and 8.2, solve the monkey and coconuts riddle. SOLUTION Let n denote the least possible number of coconuts in the original pile and z each sailor’s share after the final division. Then, by Example 3.23, 1024n − 15625z = 11529 That is, 1024n ≡ 11529 (mod 15625) n ≡ 1024−1 · 11529 (mod 15625) ≡ 1024ϕ(15625)−1 · (−4096) (mod 15625)
- 467. 358 CHAPTER 8 Multiplicative Functions But ϕ(15625) = 12500, by Example 8.2. Therefore, n ≡ 102412499 · (−4096) (mod 15625) (8.1) We can evaluate this using a scientific calculator, but it is time consuming. The key steps are listed below, and the details can be filled in as an exercise: 10242 ≡ 1701 (mod 15625) 102416 ≡ −3899 (mod 15625) 102432 ≡ −924 (mod 15625) Therefore, 102412499 = (102432 )390 · 102416 · 10242 · 1024 ≡ (−924)390 · (−3899) · 1701 · 1024 (mod 15625) (8.2) 9246 ≡ 701 (mod 15265) 92418 ≡ 3351 (mod 15265) 92472 ≡ 4651 (mod 15265) 924216 ≡ 6451 (mod 15265) Therefore, 924390 = 924216 · (92472 )2 · 92418 · (9246 )2 ≡ 6451 · 46512 · 3351 · 7012 ≡ 6451 · 6801 · 3351 · 7012 (mod 15625) ≡ 6451 · (6801 · 701) · (3351 · 701) ≡ 6451 · 1876 · 5301 (mod 15625) ≡ 6451 · 7176 (mod 15625) So, by congruence (8.2), 102412499 ≡ 6451 · 7176 · 3224 (mod 15625). Therefore, by congruence (8.1), n ≡ (6451 · 3224) · 7176 · (−4096) ≡ (1149 · 7176) · (−4096) (mod 15625) ≡ (−4776)(−4096) ≡ 4776 · 4096 (mod 15625) ≡ 15621 (mod 15625) Thus, the minimum number of coconuts in the original pile is 15,621. Before we tackle the second issue directly, we will study an example, which sug- gests a method for showing that ϕ is multiplicative. Suppose we would like to com- pute ϕ(28). If we know that ϕ is multiplicative, then ϕ(28) = ϕ(4 · 7) = ϕ(4)ϕ(7) = 2 · 6 = 12. The following example confirms this result.
- 468. 8.1 Euler’s Phi Function Revisited 359 EXAMPLE 8.4 Let m = 4 and n = 7. Then (m,n) = 1 and mn = 28. To find ϕ(mn) = ϕ(28), we list the positive integers ≤ 28 in four rows of 7 each and then ignore the ones that are not relatively prime to 28 (see Table 8.1): 1 5 9 13 17 21 25 2 6 10 14 18 22 26 3 7 11 15 19 23 27 4 8 12 16 20 24 28 Table 8.1 Clearly, the first element in the second and fourth rows is not relatively prime to m; in fact, no element in either row is relatively prime to m. So none of them is relatively prime to mn. Consequently, the positive integers ≤ 28 and relatively prime to it must come from the 2 = ϕ(4) remaining rows: 1 5 9 13 17 21 25 3 7 11 15 19 23 27 Each of them is relatively prime to m. Each row contains 6 = ϕ(7) elements relatively prime to 7: 1 5 9 13 17 25 3 11 15 19 23 27 The resulting array contains 12 elements and they are indeed relatively prime to 28. Thus, ϕ(28) = 12 = 2 · 6 = ϕ(4)ϕ(7). This example contains the essence of the proof of the next theorem, which con- firms what you probably have been guessing all along. First, we need the following lemma. LEMMA 8.1 Let m and n be relatively prime positive integers, and r any integer. Then the integers r,m + r,2m + r,...,(n − 1)m + r are congruent modulo n to 0,1,2,...,(n − 1) in some order. PROOF It suffices to show that no two elements in the list are congruent modulo n. To this end, suppose km + r ≡ m + r (mod n), where 0 ≤ k, n. Then km ≡ m (mod n). But (m,n) = 1, so k ≡ (mod n). Since k and are least residues modulo n, this implies k = .
- 469. 360 CHAPTER 8 Multiplicative Functions Thus, if k = , then km + r ≡ m + r (mod n); that is, no two elements in the given list yield the same least residue. But it contains n elements, so their least residues modulo n are a rearrangement to the integers 0 through n − 1. The following example illustrates this lemma. EXAMPLE 8.5 Let m = 4 and n = 7, so (m,n) = (4,7) = 1. Choose r = 3. Then the list r,m + r,2m + r,...,(n − 1)m + r becomes 3, 7, 11, 15, 19, 23, and 27. Their least residues modulo 7 are 3, 0, 4, 1, 5, 2, and 6, which are a permutation of 0, 1, 2, 3, 4, 5, and 6. Now, we are prepared to present the theorem. THEOREM 8.3 The function ϕ is multiplicative. PROOF (The argument mirrors Example 8.4, so look for parallels if or when the proof gets confusing.) Let m and n be positive integers such that (m,n) = 1. We would like to show that ϕ(mn) = ϕ(m)ϕ(n). Arrange the integers 1 through mn in m rows of n each: 1 m + 1 2m + 1 ... (n − 1)m + 1 2 m + 2 2m + 2 ... (n − 1)m + 2 3 m + 3 2m + 3 ... (n − 1)m + 3 . . . r m + r 2m + r ... (n − 1)m + r ← rth row . . . m 2m 3m ... nm Let r be a positive integer ≤ m such that (r,m) 1. We will show that no element of the rth row in the array is relatively prime to mn. Let d = (r,m). Then d|r and d|m, so d|km + r for any integer k; that is, d is a factor of every element in the rth row. Thus, no element in the rth row is relatively prime to m and hence to mn if (r,m) 1; in other words, the elements in the array relatively prime to mn come from the rth row only if (r,m) = 1. By definition, there are ϕ(m) such integers r and hence ϕ(m) such rows. Now let us concentrate on the rth row, where (r,m) = 1: r,m + r,2m + r,...,(n − 1)m + r
- 470. 8.1 Euler’s Phi Function Revisited 361 By Lemma 8.1, their least residues modulo n are a permutation of 0,1,2,...,(n−1) of which ϕ(n) are relatively prime to n. Therefore, exactly ϕ(n) elements in the rth row are relatively prime to n and hence to mn. Thus, there are ϕ(m) rows containing positive integers relatively prime to mn, and each row contains ϕ(n) elements relatively prime to it. So the array contains ϕ(m)ϕ(n) positive integers ≤ mn and relatively prime to mn; that is, ϕ(mn) = ϕ(m)ϕ(n). Using Lemma 7.5 and Theorems 8.2 and 8.3, we can compute ϕ(n) for any positive integer n, as the following example demonstrates. EXAMPLE 8.6 Evaluate ϕ(221) and ϕ(6125). SOLUTION • ϕ(221) = ϕ(13 · 17) = ϕ(13) · ϕ(17), by Theorem 8.3 = 12 · 16, by Lemma 7.5 = 192 • ϕ(6125) = ϕ(53 · 72) = ϕ(53)ϕ(72), by Theorem 8.3 = (53 − 52)(72 − 7), by Theorem 8.2 = 4200 Theorems 8.2 and 8.3 can now be effectively applied to derive an explicit formula for ϕ(n) using its canonical decomposition. THEOREM 8.4 Let n = pe1 1 pe2 2 ···p ek k be the canonical decomposition of a positive integer n. Then ϕ(n) = n 1 − 1 p1 1 − 1 p2 ··· 1 − 1 pk PROOF Since ϕ is multiplicative, by Theorem 8.1, ϕ(n) = ϕ pe1 1 ϕ pe2 2 ···ϕ p ek k = pe1 1 1 − 1 p1 pe2 2 1 − 1 p2 ···p ek k 1 − 1 pk , by Theorem 8.2
- 471. 362 CHAPTER 8 Multiplicative Functions = pe1 1 pe2 2 ···p ek k 1 − 1 p1 1 − 1 p2 ··· 1 − 1 pk = n 1 − 1 p1 1 − 1 p2 ··· 1 − 1 pk The following example illustrates this theorem. EXAMPLE 8.7 Compute ϕ(666) and ϕ(1976). SOLUTION • 666 = 2 · 32 · 37 ϕ(666) = 666 1 − 1 2 1 − 1 3 1 − 1 37 = 216 [An interesting observation: ϕ(666) = 6 · 6 · 6] • 1976 = 23 · 13 · 19 ϕ(1976) = 1976 1 − 1 2 1 − 1 13 1 − 1 19 = 864 You must have observed in Exercise 10 in Section 7.4, and in Examples 8.6 and 8.7, that ϕ(n) is nearly always even. In fact, it is odd only if n = 1 or 2. We leave the proof as an exercise. Before pursuing another result involving ϕ, we investigate d|n ϕ(d)n in an exam- ple. EXAMPLE 8.8 Let n = 28 and d|28. Let Cd denote the class of those positive integers m ≤ n, where (m,n) = d. Since 28 has six positive factors 1, 2, 4, 7, 14, and 28, there are six such classes: C1 = {1,3,5,9,11,13,15,17,19,23,25,27} C2 = {2,6,10,18,22,26} C4 = {4,8,12,16,20,24} C7 = {7,21} C14 = {14} C28 = {28}
- 472. 8.1 Euler’s Phi Function Revisited 363 Figure 8.1 They contain 12 = ϕ(28) = ϕ(28/1), 6 = ϕ(14) = ϕ(28/2), 6 = ϕ(7) = ϕ(28/4), 2 = ϕ(4) = ϕ(28/7), 1 = ϕ(2) = ϕ(28/14), and 1 = ϕ(1) = ϕ(28/28) elements, respectively. Also, they form a partitioning of the set of positive integers ≤ 28, as Figure 8.1 shows. Therefore, the sum of the numbers of elements in the various classes must equal 28; that is, 12 + 6 + 6 + 2 + 1 + 1 = 28. In other words, ϕ(28) + ϕ(14) + ϕ(7) + ϕ(4) + ϕ(2) + ϕ(1) = 28; that is, d|28 ϕ(d) = 28. More generally, we have the following result. The technique behind its proof, illustrated in the preceding example, was originally conceived by Gauss. THEOREM 8.5 Let n be a positive integer. Then d|n ϕ(d) = n. PROOF We partition the set of positive integers 1 through n into various classes Cd as follows, where d|n. Let m be a positive integer ≤ n. Then m belongs to class Cd if and only if (m,n) = d; that is, if and only if (m/d,n/d) = 1. The number of elements in Cd equals the number of positive integers ≤ n/d and relatively prime to it, namely, ϕ(n/d); thus, each class Cd contains ϕ(n/d) elements. Since there is a class corresponding to every factor d of n and every integer m belongs to exactly one class, the sum of the elements in the various classes must yield the total number of elements. That is, d|n ϕ(n/d) = n But as d runs over the divisors of n, so does n/d. Consequently, d|n ϕ(n/d) = d|n ϕ(d), thus d|n ϕ(d) = n
- 473. 364 CHAPTER 8 Multiplicative Functions The following example illustrates this theorem. EXAMPLE 8.9 Verify that d|18 ϕ(d) = 18. PROOF The positive divisors of 18 are 1, 2, 3, 6, 9, and 18. So d|18 ϕ(d) = ϕ(1) + ϕ(2) + ϕ(3) + ϕ(6) + ϕ(9) + ϕ(18) = 1 + 1 + 2 + 2 + 6 + 6 = 18 E X E R C I S E S 8.1 1. Let f be the number-theoretic function such that f(n) = 0 for every positive integer n. Show that f is multiplicative. Compute ϕ(n) for each n. 2. 56 3. 341 4. 561 5. 1105 6. 2047 7. 6860 8. 98,865 9. 183,920 10. Show that ϕ(5186) = ϕ(5187) = ϕ(5188). (These are the only three known consecutive integers with this property.) Compute ϕ(p!) for each prime p. 11. 3 12. 5 13. 7 14. 11 Find the positive integers n such that 15. ϕ(n) = n 16. ϕ(n) = 4 17. ϕ(n) = 6 18. ϕ(n) = 12 19. Derive a formula for ϕ(pq), where p and q are twin primes. Find the twin primes p and q if 20. ϕ(pq) = 120 21. ϕ(pq) = 288 22. If p and q are twin primes with p q, show that ϕ(q) = ϕ(p) + 2. 23. Can ϕ(n) = 2n for any positive integer? If yes, find such an integer. Prove each, where m, n, and e are arbitrary positive inte- gers and p is any prime. 24. Let f be a multiplicative function. Then f(1) = 1. 25. If n = 2k, then ϕ(n) = n/2. 26. Let fn denote a Fermat prime. Then ϕ(fn) = fn − 1. 27. ϕ(4n) = 2ϕ(n), where n is odd. 28. ϕ(2n) = ϕ(n) if n is odd 2ϕ(n) if n is even 29. If n = 2j, where j ≥ 1, then n = 2ϕ(n). 30. If n = 2ϕ(n), then n = 2j, where j ≥ 1. 31. If n = 2j3k, where j, k ≥ 1, n = 3ϕ(n). 32. If n = 3ϕ(n), then n = 2j3k, where j, k ≥ 1. 33. ϕ(22k+1) is a square. 34. If ϕ(pe) is a square, then p − 1 must be a square and e must be odd. 35. If p n, then ϕ(pn) = (p − 1)ϕ(n). 36. If ϕ(pn) = (p − 1)ϕ(n), then p n. 37. ϕ(ϕ(pe)) = pe−2ϕ(p(p − 1)), where e ≥ 2. 38. If m|n, then ϕ(m)|ϕ(n). 39. Let (m, n) = p. Then ϕ(mn) = p p − 1 ϕ(m)ϕ(n). 40. Deduce from Exercise 39 that ϕ(p2) = p(p − 1). 41. Let (m, n) = d. Prove that ϕ(mn) = d ϕ(d) ϕ(m)ϕ(n).
- 474. 8.2 The Tau and Sigma Functions 365 42. Deduce from Exercise 41 that ϕ is multiplicative. Prove each, where n and e are positive integers. 43. ϕ(n2) = nϕ(n) 44. ϕ(n3) = n2ϕ(n) 45. ϕ(ne) = ne−1ϕ(n) 46. Using Exercise 29, compute ϕ(256) and ϕ(4096). Evaluate each using Exercise 41. 47. ϕ(48) 48. ϕ(90) 49. ϕ(375) 50. ϕ(1690) Evaluate each using Exercise 45. 51. ϕ(16) 52. ϕ(81) 53. ϕ(2401) 54. ϕ(1728) Let S(n) denote the sum of the positive integers ≤ n and relatively prime to it. Compute S(n) for each value of n. 55. 6 56. 8 57. 9 58. 12 59. Using Exercises 55–58, predict a formula for S(n). Let m and n be positive integers and p a prime. Prove each. 60. Let n ≡ 0 (mod 4). Then ϕ(n/2) = ϕ(n)/2. 61. If n − 1 and n + 1 are twin primes, then ϕ(n/2) ≤ n. (H. Demir, 1960) 62. ϕ m n = ϕ(m) ϕ(n) if and only if m = nk, where (n,k) = 1. (L. Marvin, 1975) 63. There are infinitely many positive integers n such that ϕ(n) = n/3, but none such that ϕ(n) = n/4. 8.2 The Tau and Sigma Functions We now turn to two additional number-theoretic functions: τ (tau) and σ (sigma). We will show that both are multiplicative and will derive formulas for τ(n) and σ(n) using the canonical decomposition of n. Both functions are employed in the study of perfect numbers, as you will see in the next section. Let us begin with the definition of the tau function. The Tau Function Let n be a positive integer. Then τ(n) denotes the number of positive factors of n; that is, τ(n) = d|n 1 The following example illustrates this simple definition. EXAMPLE 8.10 Evaluate τ(18) and τ(23). SOLUTION • The positive divisors of 18 are 1, 2, 3, 6, 9, and 18, so τ(18) = 6. • 23, being a prime, has exactly two positive divisors, so τ(23) = 2.
- 475. 366 CHAPTER 8 Multiplicative Functions It follows by definition that if n is a prime, then τ(n) = 2; conversely, if τ(n) = 2, then n is a prime. Next we define the sigma function. The Sigma Function Let n be a positive integer. Then σ(n) denotes the sum of the positive factors of n; that is, σ(n) = d|n d The following example illustrates this definition. EXAMPLE 8.11 Evaluate σ(12) and σ(28). SOLUTION • The positive divisors of 12 are 1, 2, 3, 4, 6, and 12; so σ(12) = 1 + 2 + 3 + 4 + 6 + 12 = 28 • The positive divisors of 28 are 1, 2, 4, 7, 14, and 28; so σ(28) = 1 + 2 + 4 + 7 + 14 + 28 = 56 Again, if n is a prime, then it has exactly two positive factors, 1 and n, so σ(n) = n + 1; on the other hand, if σ(n) = n + 1, then n must be a prime. To derive formulas for τ(n) and σ(n), we need to show that both functions are multiplicative. To this end, we introduce a new function F. Let f be a multiplicative function. Then F is defined by F(n) = d|n f(d) For example, F(12) = d|12 f(d) = f(1) + f(2) + f(3) + f(4) + f(6) + f(12) What properties does F possess? For example, is it multiplicative? The following example shows we can compute the value of F(28) provided we know the values of F(4) and F(7). Follow the steps carefully; we will need them soon.
- 476. 8.2 The Tau and Sigma Functions 367 EXAMPLE 8.12 Determine if F(mn) = F(m)F(n), where m = 4 and n = 7. SOLUTION Clearly, (m, n) = (4,7) = 1. Then F(4 · 7) = d|28 f(d) = f(1) + f(2) + f(4) + f(7) + f(14) + f(28) = f(1 · 1) + f(1 · 2) + f(1 · 4) + f(1 · 7) + f(2 · 7) + f(4 · 7) = f(1)f(1) + f(1)f(2) + f(1)f(4) + f(1)f(7) + f(2)f(7) + f(4)f(7), since f is multiplicative = f(1) + f(2) + f(4) f(1) + f(1) + f(2) + f(4) f(7) = f(1) + f(2) + f(4) f(1) + f(7) = d|4 f(d) · d|7 f(d) = F(4)F(7) More generally, we have the following result, which is the cornerstone of this section; it shows that F is indeed multiplicative. THEOREM 8.6 If f is a multiplicative function, then F(n) = d|n f(d) is also multiplicative. PROOF Let m and n be relatively prime positive integers. We would like to show that F(mn) = F(m)F(n). By definition, F(mn) = d|mn f(d) Since (m, n) = 1, every positive divisor d of mn is the product of a unique pair of positive divisors d1 of m and d2 of n, where (d1, d2) = 1. Therefore, F(mn) = d1|m d2|n f(d1d2)
- 477. 368 CHAPTER 8 Multiplicative Functions But since f is multiplicative, f(d1d2) = f(d1)f(d2). So F(mn) = d1|m d2|n f(d1d2) = d2|n d1|m f(d1)
- 478. f(d2) = d2|n F(m)f(d2), by the definition of F = F(m) d2|n f(d2) = F(m)F(n) Thus, F is multiplicative. With this theorem at our disposal, we can easily conclude that both τ and σ are multiplicative, as the following corollary shows. COROLLARY 8.1 The tau and sigma functions are multiplicative. PROOF In Example 8.1 we found that the constant function f(n) = 1 and the identity function g(n) = n are multiplicative. Therefore, by Theorem 8.6, the functions d|n f(d) = d|n 1 = τ(n) and d|n g(d) = d|n d = σ(n) are multiplicative; that is, if (m, n) = 1, then τ(mn) = τ(m)τ(n) and σ(mn) = σ(m)σ(n). The following example demonstrates these results. EXAMPLE 8.13 Compute τ(36) and σ(36). SOLUTION Because 36 = 4 · 9, where (4, 9) = 1, by Corollary 8.1, τ(36) = τ(4) · τ(9) = 3 · 3 = 9 and σ(36) = σ(4) · σ(9) = (1 + 2 + 4)(1 + 3 + 9) = 91
- 479. 8.2 The Tau and Sigma Functions 369 Corollary 8.1 certainly takes us a step closer to the derivation of the formulas for τ(n) and σ(n), but first we need to develop the formulas for τ(pe) and σ(pe). THEOREM 8.7 Let p be any prime and e any positive integer. Then τ(pe) = e + 1 and σ(pe) = pe+1 − 1 p − 1 . PROOF The positive factors of pe are of the form pi, where 0 ≤ i ≤ e; there are e+1 of them, so τ(pe) = e + 1. Also, σ(pe ) = e i=0 pi = pe+1 − 1 p − 1 For example, τ(81) = τ(34) = 5; that is, 81 has five positive factors, namely, 1, 3, 9, 27, and 81; and σ(81) = σ(34) = 35 − 1 3 − 1 = 121. The following theorem gives the two formulas promised earlier. They are a con- sequence of Corollary 8.1 and Theorem 8.7. THEOREM 8.8 Let n be a positive integer with canonical decomposition n = pe1 1 pe2 2 ···p ek k . Then τ(n) = (e1 + 1)(e2 + 1)···(ek + 1) and σ(n) = pe1+1 1 − 1 p1 − 1 · pe2+1 2 − 1 p2 − 1 ··· p ek+1 k − 1 pk − 1 PROOF Since τ is multiplicative, by Corollary 8.1, τ(n) = τ pe1 1 · τ pe2 2 ···τ p ek k = (e1 + 1)(e2 + 1)···(ek + 1), by Theorem 8.7 Since σ is multiplicative, σ(n) = σ(pe1 1 ) · σ(pe2 2 )···σ(p ek k ) = pe1+1 1 − 1 p1 − 1 · pe2+1 2 − 1 p2 − 1 ··· p ek+1 k − 1 pk − 1 , by Theorem 8.7 Notice that the formulas for τ(n) and σ(n) can be rewritten as follows: τ(n) = k i=1 (ei + 1) and σ(n) = k i=1 pei+1 i − 1 pi − 1
- 480. 370 CHAPTER 8 Multiplicative Functions The following example demonstrates this theorem. EXAMPLE 8.14 Compute τ(6120) and σ(6120). SOLUTION First, we find the canonical decomposition of 6120: 6120 = 23 ·32 ·5·17. Therefore, τ(6120) = (3 + 1)(2 + 1)(1 + 1)(1 + 1) = 48 and σ(6120) = 23+1 − 1 2 − 1 · 32+1 − 1 3 − 1 · 51+1 − 1 5 − 1 · 171+1 − 1 17 − 1 = 15 · 13 · 6 · 18 = 21,060 A Brainteaser (optional) We now turn to a fascinating brainteaser. Marilyn vos Savant, who is listed in The Guinness Book of World Records as having the highest IQ ever recorded, writes a regular column on puzzles in Parade Magazine. The following is from the book Ask Marilyn (1992), a collection of puz- zles from her column: There are 1000 tenants and 1000 apartments. The first tenant opens all the doors. The second tenant closes every other door. The third tenant goes to every third door, opens it if it is closed and closes it if it is open. The fourth tenant goes to every fourth door, closes it if it is open and opens it if it is closed. This continues with each tenant until the 1000th tenant closes the 1000th door. How many doors remain open? The solution employs three simple properties from number theory: • Every non-square integer has an even number of positive factors. Assume N is not a square. Then, by the Fundamental Theorem of Arithmetic, N = pe1 1 pe2 2 ···pet t where p1,p2,...,pt are distinct prime numbers and not all exponents ei are even. (If all exponents are even, then N would be a square.) By Theorem 8.8, τ(N) = (e1 + 1)(e2 + 1)···(et + 1). Since at least one of the exponents ei is odd, et + 1 is even, so the product (e1 + 1)(e2 + 1)···(et + 1) is an even integer. • Every square has an odd number of positive factors.
- 481. 8.2 The Tau and Sigma Functions 371 To establish this result, let M be a square. Then M = p f1 1 p f2 2 ···p fk k 2 = p 2f1 1 p 2f2 2 ···p 2fk k Then τ(M) = (2f1 +1)(2f2 +1)···(2fk +1). This, being the product of odd integers, is clearly an odd integer. • There are √ n squares ≤ n. To see this, suppose there are k squares ≤ n. Then k is the largest positive integer such that k2 ≤ n (k + 1)2, so k ≤ √ n k + 1; thus, k = √ n . Before we apply these results to solve the puzzle, we study a miniversion with 10 tenants and 10 apartments. The first tenant opens all 10 doors; the second tenant closes the 2nd, 4th, 6th, 8th, and 10th doors; the third closes the 3rd door, opens the 6th door, and closes the 9th door; the fourth tenant opens the 4th and 8th doors. Continuing like this, the 10th tenant closes the 10th door. These data are summarized in Table 8.2, where O indicates the door is open and C indicates the door is closed. Door Tenant 1 2 3 4 5 6 7 8 9 10 1 O O O O O O O O O O 2 . C . C . C . C . C 3 . . C . . O . . C . 4 . . . O . . . O . . 5 . . . . C . . . . O 6 . . . . . C . . . . 7 . . . . . . C . . . 8 . . . . . . . C . . 9 . . . . . . . . O . 10 . . . . . . . . . C Table 8.2 It follows from the table that doors 1, 4, and 9 remain open at the end, so the number of such doors is three. (Notice that 3 = √ 10 ; can you predict the answer to the given problem? Construct tables like Table 8.2 for 13 tenants and 13 apartments, 18 tenants and 18 apartments, and 25 tenants and 25 apartments, and look for a pattern.) Returning to the original problem, recall that the first tenant opens all doors. Consider the nth tenant, where 2 ≤ n ≤ 1000. case 1 Let n be a square, where n2 ≤ 1000. Since n has an odd number of positive factors, the last person to touch an open door will close it. Thus, every nth door will
- 482. 372 CHAPTER 8 Multiplicative Functions remain open if n is a square. The number of such doors equals the number of squares ≤ 1000, namely, √ 1000 = 31. case 2 Suppose n is not a square, where n2 ≤ 1000. Since n has an even number of positive factors, the last person to touch an open door will close it. In other words, every nth door will remain closed if n is not a square. Thus, since the two cases are disjoint, 31+0 = 31 doors will remain open. They are doors numbered 1,4,9,16,25,...,900, and 961. Can you generalize this puzzle? Suppose there are m tenants and m apartments, and the first tenant opens all doors. The jth tenant closes every jth door if it is open and opens it otherwise, where 2 ≤ j ≤ m. How many doors will remain open at the end? E X E R C I S E S 8.2 Compute τ(n) for each n. 1. 43 2. 1560 3. 2187 4. 44,982 5–8. Compute σ(n) for each n in Exercises 1–4. List the positive factors of each, where p and q are distinct primes. 9. pq 10. pq2 11. p2q 12. p2q3 13–16. Find the sum of the positive divisors of each num- ber in Exercises 9–12. Let p and q be distinct primes in Exercises 17 and 18. 17. List the positive factors of piqj. 18. Find the sum of the positive factors of piqj. 19. Identify the positive integers with exactly two posi- tive divisors. 20. Identify the positive integers with exactly three posi- tive divisors. 21. Let n = p1p2 ···pk be a product of k distinct primes. Find τ(n) and σ(n). Use n = 22e for Exercises 22 and 23. 22. Find τ(n) and σ(n). 23. Find the product of the positive divisors of n. 24. Find the product of the positive divisors of pe. 25. Find the product of the positive divisors of paqb. 26. In 1638, the French mathematician and philosopher René Descartes (1596–1650) showed that σ(pe) − pe = pe − 1 p − 1 . Verify this. Let n = 2p−1(2p − 1), where p and 2p − 1 are primes. Find each. 27. τ(n) 28. σ(n) Compute σ(n) for each n. 29. 6 30. 28 31. 496 32. 8128 33. Predict the pattern observed in Exercises 29–32. Let n be the product of a pair of twin primes, p being the smaller of the two. 34. Find τ(n). 35. Show that σ(p + 2) = σ(p) + 2. 36. Show that σ(n) = (p + 1)(p + 3). 37. Find p for which σ(p) is odd. Verify each. (D. E. Iannucci, 2002) 38. ϕ(σ(666)) = 2ϕ(666) 39. σ(668) = 2σ(ϕ(668)) 40. σ(ϕ(667)) = 2σ(667) 41. ϕ(665) = 2ϕ(666) Prove each, where m, n, and e are positive integers and p is a prime.
- 483. 8.3 Perfect Numbers 373 42. d|n 1 d = σ(n) n 43. ϕ(p) + σ(p) = 2p 44. If ϕ(pe) + σ(pe) = 2pe, then e = 1. 45. If τ(n) is odd, then n is a square. 46. If n is a square, then τ(n) is odd. 47. If τ(n) is a prime, then n is of the form p or p2e. 48. If n is a power of 2, then σ(n) is odd. 49. If p is odd, then 1 + p + p2 + ··· + pk is odd if and only if k is even. 50. If n is a square, then σ(n) is odd. 51. If σ(n) is odd, then n is a square or twice a square. 52. Let n and σ(n) be odd. Then n must be a square. 53. If m|n, then σ(m) m ≤ σ(n) n . 54. σ(pe) pe p p − 1 (P. A. Weiner, 2000) 55. σ(n) n p|n p p − 1 , where n ≥ 2. (P. A. Weiner, 2000) Let σk(n) denote the sum of the kth powers of the positive factors of n; that is, σk(n) = d0 d|n dk. Clearly σ1(n) = σ(n). Compute each. 56. σ2(12) 57. σ2(18) 58. σ3(23) 59. σ3(28) Find a formula for σk(n) for each n. 60. p 61. pe 62. paqb 63. Prove that σk(n) is multiplicative. 64. Derive a formula for σk(paqb). (Hint: Use Exercise 65.) 65. Derive a formula for σk(n), where n = k i=1 p ei i . (Hint: Use Exercises 65 and 66.) Compute each using Exercise 66. 66. σ2(16) 67. σ3(18) 68. σ3(36) 69. σ4(84) 70. Prove that the product of the positive divisors of a positive integer n is nτ(n)/2. 8.3 Perfect Numbers We can use the sigma function to study a marvelous class of numbers, called perfect numbers. The term perfect numbers was coined by the Pythagoreans. The ancient Greeks thought these numbers had mystical powers and held them to be “good” numbers. They were also studied by the early Hebrews; Rabbi Josef ben Jehuda in the twelfth century recommended their study in his book, Healing of Souls. Historically, some biblical scholars considered 6 a perfect number, because they believed God created the world in six days and God’s work is perfect. St. Augustine, on the other hand, believed God’s work to be perfect because 6 is a perfect number. He writes, “Six is a number perfect in itself, and not because God created all things in six days; rather the inverse is true; God created all things in six days because this number is perfect. And it would remain perfect even if the work of the six days did not exist.”
- 484. 374 CHAPTER 8 Multiplicative Functions The Pythagoreans regarded 6 as the symbol of “marriage and health and beauty on account of the integrity of its parts and the agreement existing in it.” What is mystical about 6? The Pythagoreans observed that 6 equals the sum of its proper factors: 6 = 1 + 2 + 3. The next two perfect numbers are 28 and 496: 28 = 1 + 2 + 4 + 7 + 14 496 = 1 + 2 + 4 + 8 + 16 + 31 + 62 + 124 + 248 Their discovery is sometimes attributed to the Greek mathematician Nichoma- chus (ca. A.D. 100). Notice that the moon orbits the earth every 28 days, the second perfect number. We can now formalize the definition of a perfect number. Perfect Number A positive integer n is a perfect number if the sum of its proper factors equals n. Thus, n is perfect if σ(n) − n = n, that is, if σ(n) = 2n. The first eight perfect numbers are 6 = 2(22 − 1) 28 = 22 (23 − 1) 496 = 24 (25 − 1) 8128 = 26 (27 − 1) 33,550,336 = 212 (213 − 1) 8,589,869,056 = 216 (217 − 1) 137,438,691,328 = 218 (219 − 1) 2,305,843,008,139,952,128 = 230 (231 − 1) of which only the first four were known to the ancient Greeks; they are listed in Nichomachus’ Introductio Arithmeticae. The next perfect number was discovered by the Greek mathematician Hudalrichus Regius around 1536. The Italian mathe- matician Pietro Antonio Cataldi (1548–1626) discovered the next two in 1588. Euler discovered the eighth perfect number in 1750. Interestingly, a medieval German nun, Hrotsvit, a Benedictine in the Abbey of Gandersheim in Saxony and the first known woman German poet, listed the first four perfect numbers in her tenth-century play, Sapientia.
- 485. 8.3 Perfect Numbers 375 Mathematicians of the Middle Ages, basing their assumptions on the first four perfect numbers, conjectured that • There is a perfect number between any two consecutive powers of 10; that is, there is a perfect number of n digits long for every positive integer n; and • Perfect numbers end alternately in 6 and 8. Unfortunately, both conjectures are false. There are no perfect numbers that are five digits long. Even perfect numbers do end in 6 or 8, but not alternately; for in- stance, the fifth and sixth even perfect numbers end in 6; the next four end in 8. Notice that every perfect number in the preceding list is even and is of the form 2p−1(2p − 1), where p and 2p − 1 are primes. We should be doubly impressed that Euclid proved that every such number is a perfect number, as the following theorem confirms. THEOREM 8.9 (Euclid) If n is an integer ≥ 2 such that 2n − 1 is a prime, then N = 2n−1(2n − 1) is a perfect number. PROOF Since 2n − 1 is a prime, σ(2n − 1) = 1 + (2n − 1) = 2n. Because σ is multiplicative, σ(N) = σ(2n−1 )σ(2n − 1) = (2n − 1)(2n ) = 2 · 2n−1 (2n − 1) = 2N Thus, N is a perfect number, as anticipated. About 2000 years after Euclid’s discovery, Euler proved that the converse of this theorem is also true: If N = 2n−1(2n − 1) is an even perfect number, then 2n − 1 is a prime. Theorems 8.9 and 8.10 categorically characterize even perfect numbers. THEOREM 8.10 (Euler) If N = 2n−1(2n − 1) is an even perfect number, then 2n − 1 is a prime. PROOF Let N be of the form 2es, where s is odd and e ≥ 1. Since N is perfect, σ(N) = 2N = 2e+1 s Clearly, (2e,s) = 1, so σ(N) = σ(2e s) = σ(2e )σ(s) = (2e+1 − 1)σ(s)
- 486. 376 CHAPTER 8 Multiplicative Functions Thus, 2e+1 s = (2e+1 − 1)σ(s) (8.3) Since (2e+1, 2e+1 − 1) = 1, it follows by Corollary 3.4 that 2e+1|σ(s), so σ(s) = 2e+1t for some positive integer t. Substituting for σ(s) in equation (8.3), 2e+1 s = (2e+1 − 1)2e+1 t (8.4) s = (2e+1 − 1)t (8.5) This implies t|s and t s, since t = s implies e = 0, a contradiction. We will now show that t = 1. To this end, equation (8.5) can be rewritten as s + t = 2e+1 t s + t = σ(s) (8.6) This shows t is the sum of the proper factors of s, but, by equation (8.5), t is itself a proper factor of s. So, for the relationship (8.6) to hold, t must be 1. Thus, s + 1 = σ(s), so s has exactly two positive factors 1 and s. Consequently, s = 2e+1 − 1 must be a prime. Thus, N = 2e(2e+1 − 1), where 2e+1 − 1 is a prime. Although this theorem furnishes a remarkable formula for constructing even per- fect numbers, it is not known whether there are infinitely many even perfect numbers; ? the answer has eluded number theorists all over the world in spite of their relentless pursuit. We now present a fascinating problem proposed in 1990 by Peter L. Mont- gomery of the University of California at Los Angeles and John L. Selfridge of Northern Illinois University at DeKalb. It explicitly identifies a very special class of even perfect numbers. The solution† is a bit lengthy and needs to be followed carefully. EXAMPLE 8.15 Find all perfect numbers of the form nn + 1. SOLUTION Let N = nn + 1. † The solution presented here is based on the one by D. E. Iannucci and G. L. Cohen of Temple University. Selfridge raised the problem for odd N at the 1990 Western Number Theory Conference after solving it for N even. Montgomery solved it during the conference; this is why both are credited with proposing the problem.
- 487. 8.3 Perfect Numbers 377 case 1 Let n be odd. Since N is an even perfect number, so N must be of the form N = 2m−1(2m − 1), where 2m − 1 is a prime. Clearly, N can be factored as N = nn + 1 = (n + 1)r, where r = nn−1 − nn−2 + ··· − n + 1. We now claim that (n + 1, r) = 1. To show this, notice that since n is odd, r is odd and n + 1 is even. Let n + 1 = 2st, where t is an odd integer ≥ 1. Then N = 2str, where both t and r are odd. Since N is an even perfect number, this is possible only if t = 1; so n + 1 = 2s and hence (n + 1, r) = 1. (Notice that if r = 1, then N = nn + 1 = n + 1; so n = 1. Then N = 2, which is not a perfect number.) Since N = 2m−1(2m − 1) = (n + 1)r = 2sr, where 2m − 1 is a prime and r is odd, 2s = 2m−1 = n + 1 and r = 2m − 1 = 2 · 2m−1 − 1 = 2(n + 1) − 1 = 2n + 1. Therefore, N = nn + 1 = (n + 1)(2n + 1) = 2n2 + 3n + 1 This yields nn = 2n2 + 3n nn−1 = 2n + 3 Since n is an integer, this equation has a unique solution 3. (See Figure 8.2. It can be verified algebraically also; see Exercise 9.) Then N = 33 + 1 = 28. Thus, 28 is the only even perfect number of the desired form. Figure 8.2 case 2 Let n be even, say, n = 2k. Then N is odd, nn is a square, and nn ≡ −1 (mod N).
- 488. 378 CHAPTER 8 Multiplicative Functions We claim that 3 N, for suppose 3|N. Then nn ≡ −1 (mod 3); that is, (2k)2k ≡ −1 (mod 3) 4k · k2k ≡ 2 (mod 3) 1 · k2k ≡ 2 (mod 3) k2k ≡ 2 (mod 3) (8.7) Clearly, k ≡ 0 or 1 modulo 3. If k ≡ 2 (mod 3), then congruence (8.7) yields 22k ≡ 2 (mod 3) 4k ≡ 2 (mod 3) 1 ≡ 2 (mod 3), a contradiction So k cannot be congruent to 0, 1, or 2, which is absurd. Thus, 3 N. By Touchard’s theorem,† N = 12m + 1 or 36m + 9 for some integer m. If N = 36m+9, then 3|N, a contradiction. So N = 12m+1; that is, nn = 12m. Since 3|12m, 3|nn, so 3|n. Thus, 2|n and 3|n, so 6|n. Let N = a6 + 1, where a = nn/6 1. Then N can be factored as N = (a2 + 1)(a4 − a2 + 1) (8.8) We will now see that these factors of N are relatively prime. To this end, let p be a common prime factor of the two factors a2 + 1 and a4 − a2 + 1. Since a4 − a2 + 1 = (a4 + 2a2 + 1) − 3a2 = (a2 + 1)2 − 3a2 = (a2 + 1)2 − 3(a2 + 1) + 3 p|3; that is, p = 3. This implies 3|N, a contradiction; so the factors a2 + 1 and a4 − a2 + 1 are relatively prime. Besides, since N is odd, both factors are also odd. Since N is perfect and σ is multiplicative, equation (8.8) σ(N) = σ(a2 + 1) · σ(a4 − a2 + 1) That is, 2N = σ(a2 + 1) · σ(a4 − a2 + 1) Since N is odd, one of the factors on the RHS must be odd. But, if m and σ(m) are both odd, then m is a square. This implies that either a2 +1 or a4 −a2 +1 is a square. † Every odd perfect number is of the form 12m + 1 or 36m + 9.
- 489. 8.3 Perfect Numbers 379 But a2 a2 + 1 (a + 1)2 and (a2 − 1)2 a4 − a2 + 1 (a2)2, so neither can be a square, a contradiction. Consequently, there are no odd perfect numbers of the form nn + 1. Thus, 28 is the only perfect number of the desired form. Odd Perfect Numbers The question remains unanswered as to whether there are any odd perfect num- ? bers N. Although a host of conditions that N must satisfy have been established, no one has been successful in finding one, in spite of large computer searches with modern supercomputers. For example, in 1953, J. Touchard of France established that N must be of the form 12k + 1 or 36k + 9. Fifty years later, W. Chau of Soft Techies Corporation, E. Brunswick, New Jersey, showed that if N is of the form 36k + 9, then it must be of the form 108k + 9,108k + 35, or 324k + 81; it must have at least eight different prime factors (E. Z. Chein, 1979; P. Hagis, 1980); if N has exactly eight distinct prime factors, then the smallest prime factor must be 3, 5, or 7; N must be of the form p4a+1n2, where p is a prime of the form 4m + 1,a ≥ 0, and p n; and in 1991 R. P. Brent, G. L. Cohen, and H. J. J. te Riele showed that it must be greater than 10300. In 1998, G. L. Cohen of the University of Technology, Syd- ney, and P. Hagis, Jr., of Temple University proved that the largest prime factor of an odd perfect number exceeds 106; and three years earlier, D. E. Iannucci showed that the second prime factor exceeds 104 and the third prime factor exceeds 100. In 2000, Paul A. Weiner of St. Mary’s University of Minnesota established that if 3σ(n) = 5n for some integer n, then 5n is an odd perfect number. There is, however, a strong belief in the mathematical community that there may not be any odd perfect numbers. By Theorem 8.10, the search for even perfect numbers boils down to finding primes of the form 2m − 1, so we need to examine them closely. By Lemma 7.3, if m is composite, then 2m −1 is also composite. Therefore, m must be a prime for 2m −1 to be a prime. We will analyze such numbers in the following section. E X E R C I S E S 8.3 1. If 2p is a perfect number, show that p = 3. Assume p is a prime. Let n = 2p−1(2p − 1) be an even perfect number, where p is a prime. Show that 2. ϕ(n) = 2p−1(2p−1 − 1) 3. ϕ(n) = n − 22p−2 4. Show that n = 210(211 − 1) is not a perfect number. 5. Show that every even perfect number is a triangular number. (J. Broscius, 1652) 6. Show that the sum of the first 2p − 1 positive integers is an even perfect number, where p and 2p − 1 are primes.
- 490. 380 CHAPTER 8 Multiplicative Functions 7. Show that pq is not a perfect number, where p and q are distinct primes. 8. Show that pe is not a perfect number, where p is a prime. 9. Solve the equation nn−1 = 2n + 3, where n is a posi- tive integer. Prove each. 10. The sum of the cubes of the first n odd positive inte- gers is n2(2n2 − 1). 11. Every even perfect number 2p−1(2p − 1) is the sum of the cubes of the first 2(p−1)/2 odd positive integers. 12. The digital root of every even perfect number 6 is one. 13. The product of two even perfect numbers cannot be a perfect number. 14. Let n be a perfect number. Then 0dn d|n (d/n) = 1. 15. Let n = 2p−1(2p − 1) be an even perfect number. Then d|n d = np. (P. A. Lindstrom, 2004) 16. Suppose σ(n) n = 5 3 . Then 5n is an odd perfect num- ber. (P. A. Weiner, 2000) Every odd perfect number n, if it exists, is of the form n = pem2, where p is an odd prime and m is odd. Using this fact, prove each. 17. p ≡ e ≡ 1 (mod 4) 18. n ≡ p (mod 8) 19. n ≡ 1 (mod 4) A positive integer n is deficient if σ(n) 2n and abun- dant if σ(n) 2n. Such numbers were also originally studied by the Pythagoreans. For example, σ(9) = 1 + 3 + 9 = 13 2 · 9, so 9 is a deficient number, whereas σ(12) = 1 + 2 + 3 + 4 + 6 + 12 = 28 2 · 12, so 12 is an abundant number. Determine if each number is deficient or abundant, where Mp = 2p − 1. 20. 23 21. 88 22. 24 23. 315 24. 210M11 25. 222M23 26. 2p(2p − 1), where p and 2p − 1 are primes. 27. 2k−1(2k − 1), where 2k − 1 is a composite. A positive integer n is k-perfect if σ(n) = kn, where k ≥ 2. (A perfect number is 2-perfect.) Verify the follow- ing. 28. 672 is 3-perfect. 29. 30,240 is 4-perfect. Two positive integers m and n are amicable (or friendly) if σ(m) − m = n and σ(n) − n = m, that is, if σ(m) = m + n = σ(n). For example, σ(220) − 220 = 1 + 2 + 4 + 5 + 10 + 11 + 20 + 22 + 44 + 55 + 110 = 284 and σ(284) − 284 = 1 + 2 + 4 + 71 + 142 = 220, so 220 and 284 are an amicable pair, found by Pythagoras around 540 B.C. Interestingly enough, this pair is mentioned in the Bible in Genesis 32:14. The next smallest pair, 1184 and 1210, was discovered in 1866 by a 16-year-old Ital- ian student, B. N. I. Paganini. It is not known if there are infinitely many amicable pairs. Verify that each is an am- ? icable pair. (The pairs 2620 and 2924, and 6232 and 6368 were discovered during 1747–1750 by Euler.) 30. 1184, 1210 31. 2620, 2924 32. 6232, 6368 The Arabian mathematician Thabit ben Korrah developed an algorithm for constructing amicable numbers: If a = 3 · 2n − 1, b = 3 · 2n−1 − 1, and c = 9 · 22n−1 − 1 are all primes, then 2nab and 2nc are amicable, where n ≥ 2. 33. Find two amicable pairs using Korrah’s method. 34. Verify that 2nab and 2nc are amicable numbers. 35. In 1978, Elvin J. Lee made an interesting observa- tion about the numbers 220 and 284: The sum of the first 17 primes is 2 · 220 and that of their squares is 59 · 284. Verify this. 36. A positive integer n is superperfect if σ(σ(n)) = 2n. Verify that 16 is superperfect. Let ν(n) = d|n dn d, the product of the proper divisors of n. Some positive integers have the property that ν(n) = nk for some positive integer k. For example, ν(12) = 1·2·3· 4 · 6 = 122. Verify that ν(n) = nk for each integer n. 37. 20 38. 45 39. 24 40. 48 41. Verify that ν(pq) = pq, where p and q are distinct primes. 42. Find a formula for v(paqb).
- 491. 8.4 Mersenne Primes 381 Prove each, where p is a prime and n any positive integer. 43. Every prime is deficient. 44. The product of two distinct odd primes is deficient. 45. Any positive power of a prime is deficient. 46. If 2 p and 2p is deficient, then p ≥ 5. 47. A number of the form 2ep, where 2 p, is abundant if e ≥ lg(p + 1) − 1. 48. If n is p-perfect and p n, then pn is (p + 1)-perfect. 49. Every number of the form 2k, where 2k+1 − 1 is a prime, is superperfect. 50. Let n = 2k−1(2k − 1) be an even perfect number. Then σ(σ(n)) = 2k(2k+1−1). 51. If m and n are amicable, then d|m 1 d −1 + d|n 1 d −1 = 1 52. If n is 3-perfect, and 3 n, then 3n is 4-perfect. 53. ν(pe) is a power of pe if and only if e is an odd integer ≥ 3. 54. ν(paqb) is a power of paqb if and only if (a + 1)(b + 1) is an even integer ≥ 4. 55. ν(n) is a power of n if and only if τ(n) is an even integer ≥ 4. 56. ν(n) = nτ(n)/2−1 The harmonic mean m of the numbers a1,a2,...,an is the reciprocal of the arithmetic mean of their reciprocals; that is, 1 m = 1 n n i=1 1 ai 57. Show that the harmonic mean h(n) of the positive factors of a positive integer n is given by h(n) = nτ(n)/σ(n). 58. Find the harmonic mean of the positive factors of a perfect number n. 8.4 Mersenne Primes It was originally thought that if m is a prime, then 2m −1 is also a prime. However, in 1536, Hudalrichus Regius found that it fails when m = 11: 211 − 1 = 2047 = 23 · 89. Mersenne Primes Numbers of the form 2m − 1 were studied extensively by the French mathemati- cian and Franciscan monk Marin Mersenne. Accordingly, they are called Mersenne numbers, a name given to them by W. W. Rouse Ball of Trinity College, Cambridge, England. Primes of the form Mp = 2p − 1 are Mersenne primes. In 1644, Mersenne wrote in his Cogitata Physica-Mathematica that Mp is a prime for p = 2, 3, 5, 7, 13, 17, 19, 31, 67, 127, and 257 and composite for other primes 257. No one knew how he arrived at this claim. His statement contains some omissions and errors. In any case, it took over three centuries to settle his claim. In 1814, Peter Barlow wrote in A New Mathematical and Philosophical Dictio- nary: “Euler ascertained that 231 − 1 = 2,147,483,647 is a prime number; and this
- 492. 382 CHAPTER 8 Multiplicative Functions Marin Mersenne (1588–1648), “best known as the priest-scientist who facilitated the cross-fertilization of the most eminent minds of his time,” was born in Soultière, France. He was baptized on the same day and christened as Marin since it was the feast of the Nativity of Mary. After attending the College de Mans and the Je- suit College at La Flêche, he went to Paris to study theology and became a Minim friar in 1611. Science began to dominate his religious thought, and in 1624 he ac- cepted the Copernican theory that the sun, and not the earth, was the center of the universe. Mersenne corresponded with many scientists and philosophers, including René Descartes; his residence became a meeting place for such eminent thinkers as Fermat, Girard Desargues, and Fr. Pierre Gassendi. He even came to the defense of Descartes and Galileo when their works were attacked by the Church. He also made important contributions to music and acoustics. is the greatest at present known to be such, and, consequently, the last of the above perfect numbers, which depends upon this, is the greatest perfect number known at present, and probably the greatest that ever will be discovered; for, as they are merely curious without being useful, it is not likely that any person will attempt to find one beyond it.”† As it turns out, Barlow underestimated human curiosity, and he could not have foreseen the power of computers. In 1876, Lucas proved that M67 is composite, although he did not provide any factors; but in October 1903, the American mathematician Frank Nelson Cole pro- vided a factorization: 267 − 1 = 193,707,721 × 761,838,257,287 It is said that Cole spent his Sunday afternoons for 20 years trying to find the two factors. In 1883, I. M. Pervushin showed that M61 = 261 −1 is a prime, which Mersenne missed. R. E. Powers discovered that 289 − 1 and 2107 − 1 are primes, in 1911 and 1914, respectively. In 1922, M. Kraitchik showed that M257 = 2257 − 1 is composite. Ironically, on March 27, 1936, the New York Herald Tribune erroneously reported that 2257 − 1 was discovered to be a prime by Samuel I. Krieger of Chicago; it was shown in 1931, and then in 1947 using a desk calculator, and then reconfirmed in 1952 using computers, that 2257 − 1 is actually a composite. The question of whether there are infinitely many Mersenne primes is still unan- swered. If there are, then there would be an infinitude of even perfect numbers and ? hence of perfect numbers. † D. Shanks, Solved and Unsolved Problems in Number Theory, Vol. 1, Spartan Books (1962).
- 493. 8.4 Mersenne Primes 383 ? It is also not known if every Mp is square-free; it also remains unresolved. Mersenne primes Mp appear to be scarce as p increases. In 1963, Donald B. Gillies of the University of Illinois conjectured that there are about two such primes p in the interval [n, 2n]. Interestingly enough, his conjecture is consistent with the observed frequency of primes p. It also agrees well with the Eberhart conjecture that for the ith Mersenne prime Mp, p ≈ 1.5i. For example, when i = 23, p ≈ 1.523 ≈ 11223, which is not that far from the actual value of p = 11213. Modern computers have become a powerful tool for finding larger Mersenne primes. For instance, the next five larger Mersenne primes corresponding to p = 521,607,1279,2203, and 2281 were discovered in 1952; the next one corresponding to p = 3217 in 1957; the next two with p = 4253 and 4423 in 1961; the next three were found in 1963 at the University of Illinois at Urbana-Champaign (see the meter stamp in Figure 8.3). In 1971, a still larger prime was found by Bryant Tuckerman of International Business Machines (IBM); see Figure 8.4, which shows the top portion of IBM’s office envelope spreading its news. Figure 8.3 Figure 8.4 As of 1994, 33 Mersenne primes had been discovered; the 33rd largest known Mersenne prime, M859433, was discovered in 1993 by David Slowinski of Harwell Laboratory, England; it took 7.2 hours on a Cray C90 supercomputer to determine its primality; its decimal value is 258,716 digits long (see Figure 8.5). The next two larger ones were also discovered by Slowinski. The largest known prime by the year 1999, M6972593, was discovered by N. Hajrawala, G. Woltman, and S. Kurowski; its decimal value is 2,098,960 digits long. So the largest known even perfect number in 1999 was 26972592(26972593 − 1); its decimal value is 4,197,919 digits long.
- 494. 384 CHAPTER 8 Multiplicative Functions Worldwide Number Search Inspires Prime Competition Baltimore Sun BALTIMORE – It just didn’t add up. Technicians at US West, the Denver-based tele- phone company, couldn’t understand last May why directory- assistance computers were grinding away for minutes to find the numbers when they normally needed seconds. At one point, the slowdown threatened to shutter the company’s Phoenix service center. Alarmed that hackers were afoot, US West scrambled its Intrusion Response Team. The squad of computer spe- cialists combed through the company’s computer network and found a mysterious software program running on more than 2,500 machines. The case has brought to light a mathematical treasure hunt taking place around the globe. It’s called the Great Inter- net Mersenne Prime Search—GIMPS for short—and it has captured the imagination of everyone from PhD’s to grade- schoolers. Their goal is to hunt down world-record prime numbers. Most record-seekers now focus their attention on Mersenne primes. These special prime numbers are the Hope Diamonds of the mathematical world, as large as they are rare. Named after the 17th-century French mathemati- cian Marin Mersenne, they are primes generated by the for- mula 2 to the nth power minus 1, where n is also a prime. Just 37 have been found in all of human history. The most recent was unearthed in January by a 19-year-old stu- dent using PCs in the computer lab at California State Uni- versity, Dominguez Hills, in Los Angeles County. It had a whopping 909,526 digits, making it the largest Mersenne prime yet found. Until recently it took a supercomputer to flush out these elephantine numbers. But in 1996 a retired Orlando, Fla., computer programmer and a California engineer devised a way to use home computers to find them. The idea was to link PCs through the Internet, turning them into a single, massively parallel supercomputer. They wrote the software, and the Great Internet Mersenne Prime Search was born. Today more than 4,000 number lovers around the world are using GIMPS software to hunt for Mersenne primes, each vying for 15 minutes of fame and a $1,100 cash prize. Collectively, the group churns through 280 billion calcula- tions per second, a computing punch roughly equivalent to five of the world’s most powerful supercomputers working full-steam. The GIMPS software is designed to look for primes when its host PC isn’t occupied with other tasks. On a Web site (www.mersenne.org), it gets an untested number and then grinds through a formula to determine whether it is prime. The calculations can take days or weeks to complete. If the number turns out to be a dud, the process is repeated. But if it turns out to be prime, it should mean fame and for- tune. Figure 8.5 The Mersenne prime M25964951 was discovered in 2005 by Martin Nowak, an eye surgeon in Germany (see Figure 8.6). It is 7,816,230 digits long and took 50 days of computations on his 1 GHz Pentium 4 computer. Today, the largest known such prime is 230402457 − 1 with 9,152,052 digits; it was discovered on Decem- ber 15, 2005, by C. Cooper and S. R. Boone of Central Missouri State Univer- sity. Table 8.3 lists the 43 known Mersenne primes Mp, the number of decimal digits in each, the number of decimal digits in the corresponding perfect numbers 2p−1Mp, the years of discovery of Mp, and their discoverers.
- 495. 8.4 Mersenne Primes 385 No. of Digits No. of Digits Year of Rank Prime, p in Mp in 2p − 1Mp Discovery Discoverer(s) 1 2 1 1 unknown Pythagoreans 2 3 1 2 unknown Pythagoreans 3 5 2 3 unknown Pythagoreans 4 7 3 4 unknown Pythagoreans 5 13 4 8 15th century H. Regius 6 17 6 10 1588 P. A. Cataldi 7 19 6 12 1588 P. A. Cataldi 8 31 10 19 1772 L. Euler 9 61 19 37 1883 I. M. Pervushin 10 89 27 54 1911 R. E. Powers 11 107 33 65 1914 R. E. Powers E. Fauquembergue 12 127 39 77 1876 E. Lucas 13 521 157 314 1952 D. H. Lehmer 14 607 183 366 1952 D. H. Lehmer 15 1279 386 770 1952 D. H. Lehmer 16 2203 664 1327 1952 D. H. Lehmer 17 2281 687 1373 1952 D. H. Lehmer 18 3217 969 1937 1957 H. Riesel 19 4253 1281 2561 1961 A. Hurwitz 20 4423 1332 2663 1961 A. Hurwitz 21 9689 2917 5834 1963 D. B. Gillies 22 9941 2993 5985 1963 D. B. Gillies 23 11,213 3376 6751 1963 D. B. Gillies 24 19,937 6002 12,003 1971 B. Tuckerman 25 21,701 6533 13,066 1978 L. Nickel C. Noll 26 23,209 6987 13,973 1979 C. Noll 27 44,497 13,395 26,790 1979 D. Slowinski H. Nelson 28 86,243 25,962 51,924 1983 D. Slowinski 29 110,503 33,265 66,530 1988 W. N. Colquitt L. Welch, Jr. 30 132,049 39,751 79,502 1983 D. Slowinski 31 216,091 65,050 130,100 1985 D. Slowinski 32 756,839 227,832 455,663 1992 D. Slowinski P. Gage 33 859,433 258,716 517,430 1993 D. Slowinski P. Gage 34 1,257,787 378,632 757,263 1996 D. Slowinski P. Gage 35 1,398,269 420,921 841,842 1996 J. Armengaud G. Woltman 36 2,976,221 895,932 1,791,864 1997 G. Spence G. Woltman 37 3,021,377 900,526 1,819,050 1998 R. Clarkson et al. 38 6,972,593 2,098,960 4,197,919 1999 N. Hajrawala et al. 39 13,466,917 4,053,946 8,107,892 2001 M. Cameron 40 20,996,011 6,320,430 12,640,858 2003 M. Shafer 41 24,036,583 7,235,733 14,471,465 2004 J. Findley 42 25,964,951 7,816,230 15,632,458 2005 M. Novak 43 30,402,457 9,152,052 18,304,103 2005 C. Cooper S. R. Boone 44 32,582,657 9,808,358 19,616,715 2006 C. Cooper S. R. Boone Table 8.3 The 44 known Mersenne primes.
- 496. 386 CHAPTER 8 Multiplicative Functions Prime Number Is Largest Ever Reuters EAGAN, Minn. – Scientists announced yesterday that they have discovered the largest prime number found to date— a 258,716-digit behemoth that would take eight newspaper pages to print. Prime numbers are those that can be divided only by themselves or 1. Simple examples are 2, 3, 5, 7 and 11. There are an infinite number of them, but they do not oc- cur in a regular sequence, meaning that supercomputers are needed to hunt for them. Cray Research Inc. said its supercomputer had chased down the new number—two multiplied by itself 859,433 times, minus 1. The previous largest such number, tracked down in 1992, had 227,832 digits. Figure 8.6 Their discoveries often generated considerable media publicity. In October 1978, for instance, the discovery of the 25th Mersenne prime, M21701, was carried by every news agency in the United States and announced by Walter Cronkite on the CBS Evening News. The discovery of M20,996,011 by 26-year-old Michigan State University chemical engineering student M. Shafer was announced by Peter Jennings on ABC World News Tonight on December 11, 2003. The discovery of M25,964,951 made The New York Times on March 29, 2005 (see Figure 8.7). The discovery of M21701 by L. Nickell and C. Noll was reported erroneously in The Times of London on November 17, 1978: “Two 18-year-old American stu- dents have discovered with the help of a computer at California State University the biggest known prime number, the number two to the 21,701st power.” Fortunately, a correction was soon published by The Times. The Great Internet Mersenne Prime Search The Great Internet Mersenne Prime Search (GIMPS), based in Orlando, Florida, was formed in 1996 by George Woltman for discovering record Mersenne primes. Like the recent discoverers, with a powerful personal computer, you can join the global search by downloading the necessary software for free at www.Mersenne.org. You can share the thrill of discovering larger primes and make history in the process. The Electronic Frontier Foundation has announced a $100,000 cash award for the discovery of the first 10-million-digit prime. The GIMPS participant who discov- ers it will receive $50,000; charity will receive $25,000; and the rest will fund new discoveries. So join the fun.
- 497. 8.4 Mersenne Primes 387 Now, Can You Find Its Square Root? Kenneth Chang An eye surgeon in Germany has discovered the world’s largest known prime number—or at least his computer did. The surgeon, Dr. Martin Nowak of Michelfeld, is among thousands of participants in the Great Internet Mersenne Prime Search, one of several big projects that tap idle com- puters worldwide. Last month, Dr. Nowak’s Pentium 4 computer con- cluded that a number it had been crunching on for more than 50 days was indeed prime with only two integer divi- sors, 1 and itself. A different computer using different software verified the result. The number, rendered in exponential shorthand, is 225,964,951 − 1. It has 7,816,230 digits, and if printed in its entirety, would fill 235 pages of this newspaper. In addition, it falls in a rare category of primes known as Mersenne primes, which can be written as 2n − 1, where n is also prime. The first few Mersenne primes are easily verifiable— inserting 2, 3 and 5 for n produces 3, 7, and 31, all prime— but the math quickly becomes overwhelming for larger val- ues. In 1644, Marin Mersenne a French monk, published a list of 11 prime numbers—the highest being 257—for which he asserted that 2n − 1 was also prime. That list was not fully checked until 1947, three cen- turies later. Mersenne turned out to be wrong about two num- bers on his list and had missed three others, but his name still remains attached to the concept. Even with computers to speed up the search, Dr. Nowak’s number is still only the 42nd Mersenne prime to be found. The announcement did not, however, cause much of a stir because what mathematicians really want to know is: Are there an infinite number of such numbers? “Finding an addi- tional prime doesn’t enlighten us very much,” said Dr. Andrew M. Odlyzko, a mathematician at the University Minnesota. The search nevertheless goes on, on about 75,000 computers. Begun in 1996 by George Woltman, a computer scientist, the project has discovered eight Mersenne primes. For those who want to join, to the free software is avail- able at www.mersenne.org. The Web site informs would-be volunteers, “Your chance of finding a new Mersenne prime is about 1 in 150,000.” Figure 8.7 A New Mersenne Conjecture In 1989, P. T. Bateman and J. L. Selfridge of Northern Illinois University and S. S. Wagstaff, Jr., of Purdue University made an interesting conjecture about Mersenne primes: ? If two of the following statements about an odd prime p are true, then the third one is also true: • p = 2k ± 1 or p = 4k ± 3. • Mp is prime. • (2p + 1)/3 is prime.
- 498. 388 CHAPTER 8 Multiplicative Functions For example, let p = 7. Then 7 = 23 − 1 and (27 + 1)/3 = 43 is prime. As we already know, M7 is a prime. Thus, the conjecture holds when p = 7. In fact, it has been verified that the conjecture holds for all p 100,000. Number of Digits in Mp We can easily pre-determine the number of digits in the Mersenne number Mp. First, recall that every odd prime p is of the form 4k + 1 or 4k + 3. If p = 4k + 1, then 2p = 24k+1 = (24)k · 2 ≡ 6k · 2 ≡ 6 · 2 ≡ 2 (mod 10); likewise, if p = 4k + 3, then 2p ≡ 8 (mod 10). Thus, 2p = Mp + 1 ends in 2 or 8. Consequently, Mp ends in 1 or 7 and hence has the same number of digits as 2p. To compute the number of digits in 2p, notice that log2p = p · log2. Therefore, Number of digits in 2p = 1 + characteristic of plog2 = plog2
- 499. For example, M25964951 contains 25964951log2
- 501. = 7,816,230 digits, as expected. Interestingly, the largest known composite Mersenne number is Mp with p = 39051 × 26001 − 1, discovered by W. Keller in 1987. It follows from Supplementary Exercise 14 in Chapter 3 that any two distinct Mersenne numbers are relatively prime; that is, if p and q are distinct primes, then (Mp, Mq) = 1. Primality of Mersenne Numbers A host of conditions exist for testing the primality of Mersenne numbers. The follow- ing theorem presents a possible prime factor of the Mersenne number Mp. Its proof involves quadratic residues, developed in Chapter 11, so we omit it. A simple proof is given in the classic book An Introduction to the Theory of Numbers by G. H. Hardy and E. M. Wright. THEOREM 8.11 (Euler) Let p = 4k + 3 be a prime, where k 1. Then 2p + 1 is a prime if and only if 2p ≡ 1 (mod 2p + 1). It follows by this theorem that if p = 4k + 3 and 2p + 1 are primes, where k 1, then 2p + 1|Mp and Mp is composite. The following example demonstrates an interesting application of this theo- rem. It was proposed as a problem in 1988 by David Grannis of Vancouver, British Columbia.
- 502. 8.4 Mersenne Primes 389 EXAMPLE 8.16 Find a factor of the Mersenne number M1000151. SOLUTION Both p = 1,000,151 = 4·250,037+3 and 2p+1 = 2,000,303 are primes. Therefore, by Theorem 8.11, 2,000,303|M1000151. (This simple solution was provided in 1991 by Warut Roonguthai of Bangkok, Thailand.) Before presenting a primality test for Mersenne primes in Theorem 8.12, we prepare the way with Lemma 8.2. But first, let us look at an example. Let a and n be relatively prime positive integers. Then, by Euler’s theorem, aϕ(n) ≡ 1 (mod n). Often, however, there can be exponents k smaller than ϕ(n) such that ak ≡ 1 (mod n), as the following example illustrates. EXAMPLE 8.17 Let n = 12; then ϕ(n) = ϕ(12) = 4. The least residues a modulo 12 that are relatively prime to 12 are 1, 5, 7, and 11; by Euler’s theorem aϕ(n) = a4 ≡ 1 (mod 12). But 12 ≡ 1 (mod 12), 52 ≡ 1 (mod 12), 72 ≡ 1 (mod 12), and 112 ≡ 1 (mod 12); so k = 2 is the least positive exponent such that ak ≡ 1 (mod 12). [Notice that k|ϕ(n).] More generally, we have the following result. LEMMA 8.2 Let a, m, and n be positive integers with (a,n) = 1, and k the smallest positive integer such that ak ≡ 1 (mod n). Then am ≡ 1 (mod n) if and only if k|m. PROOF Suppose am ≡ 1 (mod n). By the division algorithm, m = kq + r for some integers q and r, where 0 ≤ r k. Then am = akq+r = (ak )q · ar Since ak ≡ 1 (mod n) and am ≡ 1 (mod n), this yields 1 ≡ 1q · ar (mod n) 1 ≡ ar (mod n) That is, ar ≡ 1 (mod n), where 0 ≤ r k If r 0, this would contradict the minimality of k. So r = 0 and hence m = kq. Thus, k|m.
- 503. 390 CHAPTER 8 Multiplicative Functions Conversely, let k|m, so let m = kq for some integer q. Then am = akq = (ak )q ≡ 1q ≡ 1 (mod n) Thus, am ≡ 1 (mod n) if and only if k|m. This lemma has an immediate corollary, and we will revisit it in Section 10.1. COROLLARY 8.2 Let a and n be relatively prime positive integers, and k the smallest positive integer such that ak ≡ 1 (mod n). Then k|ϕ(n). We can now undertake a primality test for Mersenne primes. THEOREM 8.12 (Fermat, 1640) If p is an odd prime, every prime factor of Mp is of the form 2kp + 1, where k is a positive integer. PROOF Let q be a prime factor of Mp. (Clearly, q is odd.) Then q|Mp, so 2p ≡ 1 (mod q). Let k be the smallest positive integer such that 2k ≡ 1 (mod q). Then, by Lemma 8.2, k|p. But k = 1, for if k = 1, then 21 ≡ 1 (mod q); that is, q = 1, a contradiction. Therefore, k = p; that is, p is the smallest positive integer such that 2p ≡ 1 (mod q). By Fermat’s little theorem, 2q−1 ≡ 1 (mod q), so by Lemma 8.2, p|q − 1. Let q − 1 = pm for some positive integer m. Since q − 1 is even and p is odd, m must also be even, say, m = 2k for some positive integer k. Then q − 1 = 2pk; that is, q = 2kp + 1. Thus, if p is odd, every prime factor of Mp is of the form 2kp + 1. The following two examples illustrate this test. EXAMPLE 8.18 Verify that M11 is a composite number. PROOF M11 = 211 − 1 = 2047. By Theorem 8.12, every prime factor of M11 is of the form 22k + 1. If M11 is composite, by Theorem 2.11, it must have a prime factor ≤ √ M11 , that is, ≤ 45. There is exactly one prime of the form 22k + 1 and ≤ 45, namely, 23. Since 23|M11, M11 is composite. EXAMPLE 8.19 Determine whether M19 is a prime.
- 504. 8.4 Mersenne Primes 391 PROOF M19 = 219 −1 = 524287. If M19 is composite, it must have a prime factor ≤ √ M19 , that is, ≤ 724. By Theorem 8.12, every prime factor of M19 is of the form 38k + 1 and ≤ 725; such primes are 191, 229, 419, 457, 571, and 647. None of them divides M19, so M19 is a prime. Lucas–Lehmer Test Next, we turn to the Lucas–Lehmer test, an extremely efficient primality test for Mersenne primes, developed in 1877 by Lucas and then refined in 1930 by the Amer- ican mathematician Derrick H. Lehmer. Lucas used his version to establish the pri- mality of M127, the largest Mersenne number ever to be checked without the help of a computing device. The Lucas–Lehmer test, used since 1930 to prove the primality of Mersenne primes, is based on the number sequence 4,14,194,37634,1416317954,...; it is defined recursively as follows: S1 = 4 Sk = S2 k−1 − 2, k ≥ 2 According to the test, Mp is a prime if and only if Sp−1 ≡ 0 (mod Mp), where p is an odd prime. Lehmer used this test to prove the primality of M521, M607, M1279, M2203, and M2281 using the National Bureau of Standard’s Western Automatic Computer (SWAC). He also reconfirmed, using SWAC for 48 seconds, that M257 is composite, a task that had taken 700 work-hours 20 years earlier. The test is formally presented in the following theorem. THEOREM 8.13 (Lucas–Lehmer Test)† Let p ≥ 3. Then the Mersenne number Mp is prime if and only if Sp−1 ≡ 0 (mod Mp), where Sk is the least residue modulo Mp defined recur- sively as S1 = 4 Sk ≡ S2 k−1 − 2 (mod Mp), k ≥ 2 The next two examples illustrate this test. † A proof of the test can be found in W. Sierpinski, Elementary Theory of Numbers, 2nd edition, North-Holland, Amsterdam, 1988.
- 505. 392 CHAPTER 8 Multiplicative Functions Derrick Henry Lehmer (1905–1991) was born in Berkeley, California. (His fa- ther, Derrick Norman Lehmer, was a professor at Berkeley.) After graduating from Berkeley in physics in 1927, he received his Ph.D. in mathematics from Brown three years later. During the Great Depression, he worked at the Califor- nia Institute of Technology, the Institute of Advanced Study, and Lehigh; and in 1940 he joined the faculty at Berkeley and remained there until his retirement in 1972. Lehmer, known as the father of computational number theory, shared with his wife, Emma, a life-long fascination with number theory. A prolific writer, he published extensively on Lucas functions, primality testing, factoring, power residues, continued fractions, Bernoulli numbers and polynomials, Diophantine equations, cyclotomy, and combinatorics. The Lucas–Lehmer primality test for Mersenne numbers is the result of his investigations into what are now called Lehmer functions, which he discussed in his dissertation. Lehmer was a founding father of the journal Mathematical Tables and Aids to Computation, which became Mathematics of Computation in 1960. EXAMPLE 8.20 Using the Lucas–Lehmer test, verify that M13 is a prime. PROOF Here p = 13 and M13 = 213 − 1 = 8191. Compute S2 through S12 modulo M13: S2 ≡ 42 − 2 ≡ 14 (mod M13) S3 ≡ 142 − 2 ≡ 194 (mod M13) S4 ≡ 1942 − 2 ≡ 4870 (mod M13) S5 ≡ 48702 − 2 ≡ 3953 (mod M13) S6 ≡ 39532 − 2 ≡ −2221 (mod M13) S7 ≡ 22212 − 2 ≡ 1857 (mod M13) S8 ≡ 18572 − 2 ≡ 36 (mod M13) S9 ≡ 362 − 2 ≡ 1294 (mod M13) S10 ≡ 12942 − 2 ≡ 3470 (mod M13) S11 ≡ 34702 − 2 ≡ 128 (mod M13) S12 ≡ 1282 − 2 ≡ 0 (mod M13) Since S12 ≡ 0 (mod M13), M13 is a prime as expected. EXAMPLE 8.21 Using the Lucas–Lehmer test, verify that M11 is not a prime. PROOF As in the preceding example, we compute S2 through S10 modulo M11. You may verify each:
- 506. 8.4 Mersenne Primes 393 S2 ≡ 14 (mod M11) S3 ≡ 194 (mod M11) S4 ≡ 788 (mod M11) S5 ≡ 701 (mod M11) S6 ≡ 119 (mod M11) S7 ≡ −170 (mod M11) S8 ≡ 240 (mod M11) S9 ≡ 282 (mod M11) S10 ≡ 1736 (mod M11) Since S10 ≡ 0 (mod M11), M11 is not a prime, as we already knew. To date, the largest known prime that is not a Mersenne prime is 27653 · 29167433 + 1, discovered by Samuel Yates in 2005; it is 2,759,677 digits long. The following problem was proposed in 1989 by Jeffrey Shallit of Dartmouth College, New Hampshire. EXAMPLE 8.22 Prove that σ(n) is a power of 2 if and only if n is the product of distinct Mersenne primes. PROOF Let n = pe1 1 pe2 2 ···p ek k be the canonical decomposition of n. Then σ(n) = k i=1 pi ei+1 − 1 pi − 1 . Assume it is a power of 2. Let pe be an arbitrary prime-power in the canonical decomposition of n. Then σ(pe ) = pe+1 − 1 p − 1 = pe + ··· + p + 1 must be a power of 2, so both p and e must be odd. Let e = 2s + 1. Then σ(pe ) = p2s+1 + ··· + p + 1 = (p + 1)(p2s + p2s−2 + ··· + p2 + 1) (8.9) Since (p + 1)|σ(pe) and σ(pe) is a power of 2, p + 1 must be a power of 2, so p is a Mersenne prime. It remains to show that e = 1; that is, s = 0. Suppose s 0. From equation (8.9), since p2s + p2s−2 + ··· + p2 + 1 is a power of 2 and p is odd, s must be odd, so let s = 2t + 1. Then p2s + p2s−2 + ··· + p2 + 1 = p4t+2 + p4t + ··· + p2 + 1 = (p2 + 1)(p4t + p4t−4 + ··· + p4 + 1) is a power of 2, so p2 + 1 must be a power of 2. Therefore, 4|(p2 + 1); that is, p2 ≡ −1 (mod 4), a contradiction. Thus, s = 0 and hence e = 1. Consequently, n is the product of distinct Mersenne primes.
- 507. 394 CHAPTER 8 Multiplicative Functions Conversely, let n = i pi be the product of Mersenne primes pi = 2mi − 1. Then σ(n) = i σ(pi) = i (pi + 1) = i 2mi = 2 i mi is a power of 2. Pascal’s Triangle and Mersenne Numbers There is an intriguing relationship between Mersenne numbers and Pascal’s trian- gle. The numbers in rows 1,3,7,15,31,63,..., which are Mersenne numbers, are all odd and each of the other rows contains at least one even entry. The following theorem shows this is always the case; that is, every entry in row n, where n is a Mersenne number, is odd; the proof given below is due to Rade M. Dacic of Bel- grade, Serbia. THEOREM 8.14 A positive integer n is a Mersenne number if and only if every binomial coefficient n r is odd, where 0 ≤ r ≤ n. PROOF Let n = 2s − 1, where s ≥ 0. Then n r = 2s − 1 r = 2s − 1 1 · 2s − 2 2 ··· 2s − r r (8.10) Let 1 ≤ i ≤ r and i = 2ab, where 0 ≤ a ≤ s and b is odd. Then 2s − i i = 2s − 2ab 2ab = 2s−a − b b which is a quotient of odd integers. Thus, every factor on the RHS of equation (8.10) is a quotient of odd integers, so the product is an odd integer; that is, every entry n r in row n is odd. Conversely, suppose every binomial coefficient n r in row n is odd. Let n be odd, but not a Mersenne number. Then 2m−1 n 2m for some positive integer m. So n = 2m−1 + 2k + 1, where 0 ≤ k ≤ 2m−2 − 1. Let r = 2k + 2. Then
- 508. 8.4 Mersenne Primes 395 n r = n r − 1 · n − r + 1 r = s · 2m−1 2k + 2 = s · 2m−2 k + 1 where s is an integer. If k +1 2m−2, not all 2s on the RHS can be canceled; so n r is even. If k + 1 = 2m−2, then n r = 0, still an even integer. Both cases contradict the hypothesis, so n must be a Mersenne number. Pascal’s Triangle and Even Perfect Numbers Suppose we replace each even number in Pascal’s triangle by a white dot (0) and each odd number by a blue dot (1). Figure 8.8 shows the resulting delightful binary pattern, Pascal’s binary triangle. Figure 8.8 Pascal’s binary triangle.
- 509. 396 CHAPTER 8 Multiplicative Functions It follows by Theorem 8.14 that if n is Mersenne prime, then row n consists of blue dots only. There are exactly four such rows n, where 1 ≤ n ≤ 100, namely, rows 1, 3, 7, and 31. In addition to the aesthetic beauty of the binary triangle, it contains a fascinating treasure. To see it, consider the centrally located triangles ∇n pointing downward and having their bases in row 2n, where n ≥ 1. Since the base of ∇n contains 2n − 1 zeros, the number of zeros inside ∇n equals N = (2n − 1)(2n − 1 + 1) 2 = 2n−1 (2n − 1) which is a perfect number if 2n − 1 is a Mersenne prime. For example, the base of ∇4 lies in row 32 and it contains 25 − 1 = 31 zeros. So the number of zeros inside ∇4 equals 31 + 30 + ··· + 2 + 1 = 31 · 32 2 = 496 which is the third perfect number. More generally, every number N = 2n−1(2n − 1) is represented by ∇n. Conse- quently, every even perfect number N = 2p−1(2p − 1) is represented by ∇p, where 2p −1 is a prime; in other words, even perfect numbers are represented geometrically by a subsequence of the sequence {∇n}, as observed in 1956 by Alan L. Brown of South Orange, New Jersey. Parity of Catalan Numbers Mersenne numbers play a pivotal role in the parity of Catalan numbers, as the next theorem shows. We omit the proof for brevity; see Exercise 47. THEOREM 8.15 (Koshy and Salmassi, 2004) The Catalan number Cn is odd if and only if n is a Mersenne number, where n ≥ 1. Suppose Mp is prime. What can we say about the primality of MMp ? In 1954, D. J. Wheeler of the University of Illinois showed that MM13 = 2M13 − 1 = 28191 − 1 is composite; it has 2466 digits and 338,193,759,479|MM13 . A related problem was observed in 1876 by Catalan. To this end, notice that the numbers c1 = 22 − 1 = M2 c2 = 2c1 − 1 = M3 c3 = 2c2 − 1 = M7 c4 = 2c3 − 1 = M127
- 510. 8.4 Mersenne Primes 397 ? are all primes. The primality of cn remains unresolved, as is the infinitude of such primes. E X E R C I S E S 8.4 1. Find the binary representations of the first five Mersenne numbers Mn. 2. Find the binary representations of the reciprocals of the first five Mersenne numbers. Compute the number of digits in each Mersenne number Mp for the given prime p. 3. 2281 4. 19,937 5. 110,503 6. 756,839 Compute the last digit in each Mersenne number Mp for the given prime p. 7. 127 8. 2281 9. 11,213 10. 132,049 Compute the last two digits in each Mersenne number Mp for the given prime p. 11. 127 12. 1279 13. 9941 14. 110,503 Compute the last three digits in each Mersenne number Mp for the given prime p. 15. 1279 16. 9941 17. 110,503 18. 756,839 19. Show that every Fermat number fn ends in 7, where n ≥ 2. 20. Find the number of digits in the Fermat number fn. Find the number of digits in the Fermat number fn for the given value of n. 21. 13 22. 19 23. 23 24. 31 Find the binary expansion of each. 25. fn 26. Mp 27. 2p−1Mp Let a be an arbitrary least residue relatively prime to a modulus m. Find the least positive exponent k such that ak ≡ 1 (mod m) for each m. 28. 7 29. 10 30. 15 31. 18 Verify that each Mersenne number Mp is a prime for the given prime p. 32. 5 33. 7 34. 13 35. 17 Verify that each Mersenne number Mp is composite for the given prime p. Provide a factor in each case. 36. 23 37. 29 38. 37 39. 43 40. Add the next line to the following number pattern. 28 = 13 + 33 496 = 13 + 33 + 53 + 73 8128 = 13 + 33 + 53 + 73 + 93 + 113 + 133 + 153 . . . 41. Beiler states in his book Recreations in the Theory of Numbers that every even perfect number 2n(2n+1 − 1) is the sum of the cubes of the first 2n/2 odd posi- tive integers, where n is an even integer 2. Confirm this. 42. Is (2i − 1)3 always an even perfect number, where 1 ≤ i ≤ 2n/2? If not, give a counterexample. 43. Prove that the sum S = m i=1 (2i − 1)3 ends in 6 or 28, where m = 2n/2 and n is even. 44. Find the number of digits in the perfect number N = 2p−1Mp. Compute the digital root of each. 45. Mp 46. 2p−1Mp 47. The Catalan number Cn is odd if and only if n is a Mersenne number, where n ≥ 1.
- 511. 398 CHAPTER 8 Multiplicative Functions August Ferdinand Möbius (1790–1868) was born in Schulfpforta near Ham- burg, Germany. His father was a dance teacher and his mother a descendant of Martin Luther. He was home-taught until he was 13; by then he had shown an in- terest in mathematics. After receiving formal education in Schulfpforta, in 1809 he entered Leipzig University, where he intended to study law, but instead decided to pursue mathematics, physics, and astronomy. In 1813 he went to Göttingen to study with Gauss and then to Halle to study mathematics with Johann F. Pfaff. In the following year, he received his doctorate from Leipzig, where he became professor of astronomy and remained until his death. Möbius made contributions to astronomy, mechanics, affine and projective geometry, statics, optics, and number theory. He is well known for his discovery of the one-sided surface, the Möbius strip, formed by joining the ends of a rectangular strip of paper after giving it a half-twist. 8.5 The Möbius Function (optional) The Möbius function μ† is an important number-theoretic function discovered by the German mathematician August Ferdinand Möbius. It plays an important role in the study of the distribution of primes. The Möbius function is defined as follows. The Möbius Function μ Let n be a positive integer. Then μ(n) = ⎧ ⎨ ⎩ 1 if n = 1 0 if p2|n for some prime p (−1)k if n = p1p2 ···pk, where the pi’s are distinct primes For example, μ(2) = −1, μ(3) = −1, μ(4) = 0, μ(12) = 0, μ(35) = μ(5·7) = (−1)2 = 1, and μ(672) = μ(25 · 3 · 7) = 0. † μ is the Greek letter mu.
- 512. 8.5 The Möbius Function (optional) 399 In words, μ assigns −1, 0, or 1 to each positive integer; μ(n) = 0 if the canonical decomposition of n contains a square, that is, if n is not square-free; it is (−1)k if it consists of k distinct prime factors. Before we determine whether μ is multiplicative, let us study the next example. EXAMPLE 8.23 Determine whether μ(mn) = μ(m)μ(n), where m = 15 and n = 28. SOLUTION m = 15 = 3 · 5, so μ(m) = 1, by definition; n = 28 = 22 · 7, so μ(n) = 0, again by definition. Then mn = 28 · 15 = 22 · 3 · 5 · 7. Since mn is not square-free, μ(mn) = 0. Thus, μ(mn) = 0 = 1·0 = μ(m)μ(n). More generally, we have the following result, which confirms what we already suspected. THEOREM 8.16 The function μ is multiplicative. PROOF Let m and n be relatively prime positive integers. If m = 1 or n = 1, then clearly μ(mn) = μ(m)μ(n). Suppose m or n (but not both) is divisible by p2 for some prime p. Then μ(m)μ(n) = 0. Since p2|m or p2|n, then p2|mn, so μ(mn) = 0. Thus, μ(mn) = μ(m)μ(n). Finally, suppose both m and n are square-free, so let m = p1p2 ...pr and n = q1q2 ...qs, where the pis and the qjs are distinct primes, since (m, n) = 1. So μ(m) = (−1)r and μ(n) = (−1)s. Then mn = p1p2 ···prq1q2 ···qS, a product of distinct primes. Therefore, μ(mn) = (−1)r+s = (−1)r · (−1)s = μ(m)μ(n) Thus, in every case, μ(mn) = μ(m)μ(n), so μ is multiplicative. Next, we develop a formula for d|n μ(d). When n = 1, d|1 μ(d) = μ(1) = 1. If n 1, we can compute the sum using the canonical decomposition of n and Theo- rem 8.6, provided we know the sum when n is a prime-power pe. For this we need to introduce a new function, as the following lemma shows.
- 513. 400 CHAPTER 8 Multiplicative Functions LEMMA 8.3 Let F(n) = d|n μ(d). Then F(pe) = 0, where e 1. PROOF F(pe ) = d|pe μ(d) = e i=0 μ(pi ) = μ(1) + μ(p) + μ(p2 ) + ··· + μ(pe ) = 1 + (−1) + 0 + ··· + 0 = 0 EXAMPLE 8.24 Illustrate Lemma 8.3 for n = 81. SOLUTION d|81 μ(d) = d|34 μ(d) = μ(1) + μ(3) + μ(32 ) + μ(33 ) + μ(34 ) = 1 + (−1) + 0 + 0 + 0 = 0 We are now ready to display and prove the desired formula in the following theorem. THEOREM 8.17 Let n be a positive integer. Then d|n μ(d) = 1 if n = 1 0 otherwise PROOF If n = 1, d|1 μ(d) = μ(1) = 1. So let n 1 and let n = pe1 1 pe 22 ···p ek k be the canon- ical decomposition of n. Let F(n) = d|n μ(d). Since μ is multiplicative, so is F by Theorem 8.6. Therefore, F(n) = k i=1 F(pei ) = k i=1 (0) = 0, by Lemma 8.3
- 514. 8.5 The Möbius Function (optional) 401 The following example illustrates this theorem. EXAMPLE 8.25 Compute d|18 μ(d). SOLUTION d|18 μ(d) = μ(1) + μ(2) + μ(3) + μ(6) + μ(9) + μ(18) = 1 + (−1) + (−1) + (−1)2 + 0 + 0 = 0 which agrees with the theorem. Theorem 8.17 plays a crucial role in the derivation of the Möbius inversion for- mula. Its derivation involves double summations over positive divisors, which can be confusing, so we use the following example to clarify it. EXAMPLE 8.26 Let f be a number-theoretic function. Show that d|6 d|(6/d) μ(d)f(d ) = d|6 d|(6/d) f(d )μ(d) PROOF d|6 d|(6/d) μ(d)f(d ) = d|6 μ(1)f(d ) + d|3 μ(2)f(d ) + d|2 μ(3)f(d ) + d|1 μ(6)f(d ) = μ(1) d|6 f(d ) + μ(2) d|3 f(d ) + μ(3) d|2 f(d ) + μ(6) d|1 f(d ) = μ(1)[f(1) + f(2) + f(3) + f(6)] + μ(2)[f(1) + f(3)] + μ(3)[f(1) + f(2)] + μ(6)f(1) = f(1)[μ(1) + μ(2) + μ(3) + μ(6)] + f(2)[μ(1) + μ(3)] + f(3)[μ(1) + μ(2)] + f(6)[μ(1)] = f(1) d|6 μ(d) + f(2) d|3 μ(d) + f(3) d|2 μ(d) + f(6) d|1 μ(d) = d|6 f(d ) d|(6/d) μ(d) = d|6 d|(6/d) f(d )μ(d)
- 515. 402 CHAPTER 8 Multiplicative Functions (Notice that as d runs over the positive divisors 1, 2, 3, and 6, 6/d runs over them in the reverse order. We can also rewrite the double sum as dd|6 f(d)μ(d).) We can now turn to the next major result. THEOREM 8.18 (Möbius Inversion Formula) Let f be a number-theoretic function and let F(n) = d|n f(d). Then f(n) = d|n μ(d)F(n/d) (8.11) PROOF F(n) = d|n f(d). Then F(n/d) = d|(n/d) f(d). So μ(d)F(n/d) = μ(d) d|(n/d) f(d ) = d|(n/d) μ(d)f(d ) d|n μ(d)F(n/d) = d|n d|(n/d) μ(d)f(d ) As d runs over the positive divisors of n, so does d; also dd|n. Therefore, the sum on the RHS is the sum of all values of μ(d)f(d) as dd runs over the positive factors of n; that is, the sum of all its values for all pairs d and d such that d|n and d|(n/d). That is, d|n d|(n/d) μ(d)f(d ) = d|n d|(n/d) μ(d)f(d ) Thus, d|n μ(d)F(n/d) = dl|n f(d ) d|(n/d) μ(d)
- 516. But, by Theorem 8.17, d|(n/d) μ(d) equals 1 if n/d = 1; that is, if n = d, and 0 otherwise. Thus d|n μ(d)F(n/d) = f(d ) · 1, where d = n = f(n) In other words, f(n) = d|n μ(d)F(n/d).
- 517. 8.5 The Möbius Function (optional) 403 As d runs over the positive factors of n, so does n/d. Therefore, the inversion formula (8.11) can also be written as f(n) = d|n μ(n/d)F(d) Notice that the definition F(n) = d|n f(d) expresses F in terms of f , whereas the inversion formula (8.11) expresses f in terms of F. To illustrate the inversion formula, recall that τ(n) = d|n 1 and σ(n) = d|n d Because both the constant function f(n) = 1 and the identity function g(n) = n are multiplicative, it follows by Theorem 8.18 that 1 = d|n μ(d)τ(n/d) = d|n μ(n/d)τ(d) (8.12) and n = d|n μ(d)σ(n/d) = d|n μ(n/d)σ(d) (8.13) The following example illustrates these results. EXAMPLE 8.27 Verify formulas (8.12) and (8.13) for n = 6. PROOF • d|6 μ(d)τ(6/d) = μ(1)τ(6) + μ(2)τ(3) + μ(3)τ(2) + μ(6)τ(1) = 1 · 4 + (−1) · 2 + (−1) · 2 + (−1)2 · 1 = 1 • d|6 μ(d)σ(6/d) = μ(1)σ(6) + μ(2)σ(3) + μ(3)σ(2) + μ(6)σ(1) = 1 · 12 + (−1) · 4 + (−1) · 3 + (−1)2 · 1 = 6
- 518. 404 CHAPTER 8 Multiplicative Functions Using the inversion formula, the following theorem derives an explicit formula for ϕ(n). We leave its proof as an exercise (see Exercise 43). THEOREM 8.19 ϕ(n) = n d|n μ(d) d . The following example illustrates this result. EXAMPLE 8.28 Verify the formula in Theorem 8.19 for n = 12. PROOF By Theorem 8.4, ϕ(12) = ϕ(22 · 3) = 4. Let us now compute the RHS: 12 d|12 μ(d) d = d|12 (12/d)μ(d) = 12μ(1) + 6μ(2) + 4μ(3) + 3μ(4) + 2μ(6) + 1μ(12) = 12 · 1 + 6 · (−1) + 4(−1) + 3 · 0 + 2 · (−1)2 + 1 · 0 = 4 = ϕ(12) We conclude this section with the following theorem; it shows that the converse of Theorem 8.18 is also true. Once again, the proof contains double sums, so we need to proceed carefully. THEOREM 8.20 Let F and f be number-theoretic functions such that f(n) = d|n μ(d)F(n/d). Then F(n) = d|n f(d). PROOF By the definition of f , f(d) = d|d μ(d )F(d/d ) d|n f(d) = d|n d|d μ(d )F(d/d ) Letting d/d = k, this equation yields
- 519. 8.5 The Möbius Function (optional) 405 d|n f(d) = d|n kd=d μ(d )F(k) = kd|n μ(d )F(k) = k|n F(k) d|(n/k) μ(d )
- 520. By Theorem 8.17, d|(n/k) μ(d) equals 1 if n = k, and 0 otherwise. So the equation becomes d|n f(d) = F(k) · (1), where n = k = F(n) That is, F(n) = d|n f(d), the desired result. E X E R C I S E S 8.5 Compute μ(n) for each n, where p is an odd prime. 1. 101 2. 496 3. 2047 4. 11,319 5. p 6. p13 7. 2p−1(2p − 1) 8. ϕ(ϕ(M11)) Verify formula (8.12) for each n. 9. 5 10. 6 11. 10 12. 13 13–16. Verify formula (8.13) for each n in Exercises 9– 12. Using Theorem 8.19, compute ϕ(n) for each n. 17. 23 18. 28 19. 36 20. 1352 Using the definition of μ, verify Theorem 8.16 for each canonical factorization of n. 21. pq 22. pqr 23. p2qr 24. p1p2 ···pk 25–28. Evaluate d|n μ(d)τ(d) for each canonical decom- position of each n in Exercises 21–24. Evaluate d|n μ(d)σ(d) for each canonical decomposition of the given integer n. 29. p 30. pq 31. p2q 32. pqr 33. Using Exercises 29–32, predict the value of d|n μ(d)σ(d), where n = k i=1 pi. Another useful number-theoretic function that resembles the μ function is the Liouville function λ (lambda), in- troduced by the French mathematician Joseph Liouville (1809–1882). It is defined by λ(1) = 1 λ(n) = (−1)e1+e2+···+ek where n = p e1 1 p e2 2 ···p ek k . Compute λ(n) for each n. 34. 17 35. 104 36. 990 37. 3024 Compute d|n λ(d) for each n. 38. 9 39. 12 40. 16 41. 28
- 521. 406 CHAPTER 8 Multiplicative Functions Prove each. 42. μ(n) n is multiplicative. 43. ϕ(n) = n d|n μ(d) d 44. d|n μ(d) d = 1 − 1 p , where n = pe. 45. d|n μ(d) d = 1 − 1 p 1 − 1 q , where n = paqb. 46. d|n μ(d) d = k i=1 1 − 1 pi , where n = k i=1 p ei i . 47. Using Theorem 8.19, prove that ϕ(pe) = pe − pe−1. 48. Using Theorem 8.19, prove that ϕ is multiplicative. 49. λ is multiplicative. 50. λ(n) = 1 if n is a square. 51. d|n λ(d) = 1 if n is a perfect square 0 otherwise. 52. Using Exercise 46, derive a formula for ϕ(n). 53. Let F be a multiplicative function and f a number- theoretic function such that F(n) = d|n f(d). Prove that f is also multiplicative. X CHAPTER SUMMARY Five important multiplicative functions have played a significant role in the develop- ment of number theory: ϕ, τ, σ, μ, and λ. The first three play a pivotal role in the study of perfect numbers, Mersenne primes, amicable numbers, abundant numbers, and deficient numbers. They satisfy a variety of useful and beautifully appealing properties. Multiplicative Functions • A number-theoretic function f is multiplicative if f(mn) = f(m)f(n) when- ever (m, n) = 1. (p. 356) • If f is multiplicative and n = i pei i , then f(n) = i f(pei i ). (p. 356) Euler’s Phi Function ϕ • ϕ(n) = number of positive integers ≤ n and relatively prime to it. (p. 342) • ϕ(pe) = pe − pe−1 = pe(1 − 1/p) (p. 356) • If (m, n) = 1, then the integers r, m + r, 2m + r, ..., (n − 1)m + r are congruent modulo n to 0, 1, 2, ..., (n − 1) in some order. (p. 359) • ϕ is multiplicative. (p. 360) • If n = i pei i , then ϕ(n) = n i (1 − 1/pi). (p. 361) • If n ≥ 3, then ϕ(n) is even. (p. 362) • d|n ϕ(d) = n (p. 363)
- 522. Chapter Summary 407 The Tau and Sigma Functions τ and σ • τ(n) = d|n 1 = number of positive factors of n. (p. 365) • σ(n) = d|n d = sum of positive factors of n. (p. 366) • If f is multiplicative, so is F(n) = d|n f(d). (p. 367) • Both τ and σ are multiplicative. (p. 368) • τ(pe) = e + 1 and σ(pe) = (pe+1 − 1)/(p − 1) (p. 369) • If n = i pei i , then τ(n) = i (ei + 1) and σ(n) = i pei+1 i − 1 pi − 1 . (p. 369) Perfect Numbers • A positive integer n is perfect if σ(n) = 2n. (p. 374) • (Euclid’s theorem) Every integer N = 2n−1(2n −1), where 2n −1 is a prime, is a perfect number. (p. 375) • (Euler’s theorem) Every even perfect number is of the form 2n−1(2n − 1), where 2n − 1 is a prime. (p. 375) • Even perfect numbers end in 6 or 8. (p. 375) • The infinitude of even perfect numbers is unresolved. (p. 376) • The existence of odd perfect numbers is unsettled. (p. 379) Mersenne Numbers • Numbers of the form 2m − 1 are Mersenne numbers. Such numbers that are primes are Mersenne primes Mp. For 2m − 1 to be a prime, m must be a prime. (p. 381) • (Euler’s theorem) Let p = 4k + 3 be a prime, where k 1. Then 2p + 1 is a prime if and only if 2p ≡ 1 (mod 2p + 1). (p. 388) • Let (a, n) = 1 and k the least positive integer such that ak ≡ 1 (mod n). Then k|n. In particular, k|ϕ(n). (p. 389) • Every prime factor of Mp is of the form 2kp + 1, where p is an odd prime. (p. 390) • (Lucas–Lehmer test) Mp is a prime if and only if Sp−1 ≡ 0 (mod Mp), where S1 = 4 and Sk ≡ S2 k−1 − 2 (mod Mp). (p. 391) • A positive integer n is a Mersenne number if and only if every binomial coef- ficient n r is odd. (p. 394) • The Catalan number Cn is odd if and only if n = 0 or n is a Mersenne number, where n ≥ 1. (p. 396)
- 523. 408 CHAPTER 8 Multiplicative Functions The Möbius Function μ • μ(n) = ⎧ ⎨ ⎩ 1 if n = 1 0 if p2|n for some prime p (−1)k if n is the product of k distinct primes. (p. 398) • μ is multiplicative. (p. 399) • d|n μ(d) = 1 if n = 1 0 otherwise. (p. 400) • (Möbius Inversion Formula) Let f be a number-theoretic function and let F(n) = d|n f(d). Then f(n) = d|n μ(d)F(n/d). (p. 402) • ϕ(n) = n d|n μ(d) d (p. 404) • Let F and f be number-theoretic functions such that f(n) = d|n μ(d)F(n/d). Then F(n) = d|n f(d). (p. 404) X REVIEW EXERCISES Evaluate each. 1. 1≤n≤2020 (n,2020)=1 1 2. 1≤n≤5850 (n,5850)=1 1 3. Until 1509, mathematicians believed that odd abundant numbers did not exist. Then Charles de Bouvelles (1470–1553) showed that 45,045 = 32 · 5 · 7 · 11 · 13 and that its odd multiples are odd abundant numbers. Nearly 400 years later, in 1891, Lucas showed that 945 = 33 · 5 · 7 is the smallest odd abundant number. Show that 945 and 45,045 are abundant numbers. 4. Verify that 17,296 = 24 · 23 · 47 and 18,416 = 24 · 1151 are amicable numbers. (This pair, discovered by Fermat in 1636, was the second to be found; the origi- nal pair was found by the Pythagoreans in 540 B.C.) 5. Verify that 12,285 = 33 · 5 · 7 · 13 and 14,595 = 3 · 5 · 7 · 139 are amicable numbers. (This smallest odd amicable pair was discovered in 1939 by B. H. Brown.) Verify that each Mersenne number Mp is composite for the indicated prime p. Furnish a factor in each case. 6. 47 7. 53 8. Verify that 64 is superperfect.
- 524. Supplementary Exercises 409 Evaluate each. 9. n i=0 σ(2i) 10. n i=0 ϕ(pi) 11. Show that the sum of two multiplicative functions need not be multiplicative. 12. Find the product of the positive factors of the even perfect number n = 2p−1(2p − 1). Prove each, where f and g are multiplicative functions and p is any prime. 13. fg is multiplicative. 14. f/g is multiplicative. 15. Every even perfect number is a hexagonal number. 16. No twin primes can be an amicable pair. 17. Let n be the product of distinct Mersenne primes. Then σ(n) is a power of 2. 18. Let fn be a Fermat prime. Then σ(fn) is even. 19. Let fn be a Fermat prime. Then σ(fn) − ϕ(fn) = 2. 20. If n ≥ 4, then n k=1 μ(k!) = −1. 21. Let (a, p) = 1. Then aϕ(pe) ≡ 1 (mod pe). (Hint: Use the binomial theorem.) 22. Prove Euler’s theorem using Exercise 21. 23. Every even perfect number ends in 6 or 8. (Hint: Consider p (mod 10).) 24. Every even perfect number ends in 6 or 28. 25. The only 3-perfect numbers of the form 2k · 3 · p, where p is odd, are 120 and 672. 26. Find all even perfect numbers that are superperfect. X SUPPLEMENTARY EXERCISES 1. Find two consecutive abundant numbers. 2. Find three consecutive abundant numbers. (S. Kravitz, 1994) Korrah’s formula for an amicable pair M, N can be developed as follows. Suppose M = dab and N = dc, where d = (M, N) and a, b, and c are distinct odd primes. 3. Using the conditions σ(M) = σ(N) = M + N, show that (a + 1)(b + 1) = c + 1 (8.14) and σ(d)(a + 1)(b + 1) = d(ab + c) (8.15)
- 525. 410 CHAPTER 8 Multiplicative Functions 4. Using equations (8.14) and (8.15), show that σ(d)(a + 1)(b + 1) = d(2ab + a + b) (8.16) 5. Let d = 2n. Show that equation (8.16) can be written as [a − (2n − 1)][b − (2n − 1)] = 22n (8.17) 6. By equation (8.17), a − (2n − 1) = 2n+m and b − (2n − 1) = 2n−m for some integer m. Solve for a, b, and c using these equations. 7. Deduce Korrah’s formula from the solutions in Exercise 4. 8. Using equation (8.16), show that σ(d)/d = 2 − 1/g, where g = (p + 1)(q + 1)/[(p + 1) + (q + 1)]. 9. Let g = 9/2 and d = 32 · 7 · 13. Show that (2a − 7)(2b − 7) = 81 (8.18) (Hint: Use Exercise 8.) 10. Find the possible values of a, b, and c using equation (8.18). 11. Using the values of a, b, and c, find the corresponding amicable pair. 12. In 1951, the Dutch electrical engineer Balthazar van der Pol (1889–1959) estab- lished the recurrence relation n2(n − 1) 6 σ(n) = n−1 k=1 3n2 − 10k2 σ(k)σ(n − k) Using this formula, find a recurrence relation for σ(n) for n = 2, 3, 4, and 5. 13. Let m = m1m2 ···mn, where (mi, mj) = 1 for i = j. Prove that n i=1 m ϕ(m)/ϕ(mi) i ≡ n − 1 (mod m). (J. O. Silva, 1996) 14. Show that every even perfect number 6 is one more than nine times a triangu- lar number. (C. F. Eaton, 1995) 15. Using the formulas in Exercise 10, compute σ(n) for n = 2,3,4, and 5. 16. Let sk(n) = s(sk−1(n)), where k ≥ 2 and s1(n) = s(n) = σ(n) − n. A number n such that sk(n) = n for some integer k is a sociable number. Show that 12496 is a sociable number. (The sociable numbers 12496, 14288, 15472, 14536, and 14264 were discovered in 1918 by P. Poulet.) Let n = k i=1 pei i be the canonical decomposition of n. Prove each. 17. d|n μ(d)τ(d) = (−1)k
- 526. Computer Exercises 411 18. d|n μ(d)σ(d) = (−1)k k i=1 pi 19. d|n μ(d)ϕ(d) = k i=1 (2 − pi) 20. Let f be a multiplicative function. Prove that d|n μ(d)f(d) = k i=1 [1 − f(pi)]. Using the formula in Exercise 20, deduce the formula in 21. Exercise 17. 22. Exercise 18. 23. Exercise 19. Using the formula in Exercise 20, deduce a formula for each. 24. d|n dμ(d) 25. d|n μ(d) d 26. Derive a formula for n d=1 μ(d)λ(d). A positive integer n is near-perfect if the sum of its proper factors is n − 1; that is, if σ(n) = 2n − 1. It is not known if odd near-perfect numbers exist. 27. Show that 16 is near-perfect. 28. Prove that every power of 2 is near-perfect. X COMPUTER EXERCISES Write a program to perform each task. 1. Read in a positive integer n ≤ 1000. Compute ϕ(n) and list all positive integers ≤ n and relatively prime to it. 2. Solve the monkey and coconuts riddle in Example 8.3 by solving congru- ence (8.1) in Section 8.1. 3. Read in a positive integer n ≤ 1000. Compute τ(n) and σ(n). 4. Read in a Mersenne number 2m − 1 and determine whether it is a prime; if it is not, find a factor. 5. Using the Lucas–Lehmer test, determine whether a Mersenne number is a prime. 6. Read in an integer of the form 2n−1(2n −1), and determine whether it is a perfect number. 7. Read in a positive integer and determine whether it is deficient, perfect, or abun- dant. 8. Read in an even perfect number of the form 2p−1(2p − 1) and compute its ones digit.
- 527. 412 CHAPTER 8 Multiplicative Functions 9. Read in two positive integers m and n, and determine if they are amicable. 10. Read in a positive integer n and determine if it is (a) k-perfect; if yes, find k. (b) Superperfect. 11. Construct Pascal’s binary triangle through row 50. 12. Find all positive integers 3 ≤ n ≤ 104 such that (a) σ(n) = σ(n − 1) + σ(n − 2) (b) τ(n) = τ(n − 1) + τ(n − 2) 13. Read in a positive integer n, and determine μ(n) and λ(n). 14. Read in a positive integer n and a least residue a modulo n, where (a, n) = 1. Find the least positive integer k such that ak ≡ 1 (mod n). X ENRICHMENT READINGS 1. W. W. R. Ball, Mathematical Recreations and Essays, Macmillan, New York, 1973, 65–73. 2. P. T. Bateman et al., “The New Mersenne Conjecture,” The American Mathemat- ical Monthly, 96 (Feb. 1989), 125–128. 3. A. H. Beiler, Recreations in the Theory of Numbers, 2nd ed., Dover, New York, 1966, 11–30. 4. T. Koshy, “Digital Roots of Mersenne Primes and Even Perfect Numbers,” The Mathematical Gazette, 89 (Nov. 2005), 464–466. 5. T. Koshy, “The Ends of a Mersenne Prime and an Even Perfect Number,” J. Recre- ational Mathematics, 29 (1998), 196–202. 6. A. R. G. MacDivitt, “The Most Recently Discovered Prime Number,” The Math- ematical Gazette, 63 (1979), 268–270. 7. M. R. Schroeder, “Where Is the Next Mersenne Number Hiding?” The Mathe- matical Intelligencer, 5 (1983), 31–33. 8. M. T. Whalen and G. L. Miller, “Odd Abundant Numbers: Some Interesting Ob- servations,” J. Recreational Mathematics, 22 (1990), 257–261.
- 528. 9 Cryptology Mathematicians are like Frenchmen: whatever you say to them they translate into their own language and forthwith it is something entirely different. — GOETHE he great English number theorist Godfrey H. Hardy apparently believed that Tnumber theory had no practical applications. In his book A Mathematician’s Apology, Hardy wrote that Theorem 2.10, which established the infinitude of primes, had only the slightest practical importance. Despite his opinion, ingenious mathematicians over the years, as we saw in Chapter 5, have discovered many prac- tical and interesting applications of number theory. We will now study several useful and charming applications that show that de- spite Hardy’s conservative judgment, human creativity can turn virtually every aspect of mathematical knowledge to some practical use. One exciting application of number theory is cryptology, the study of secrecy systems, which can be traced back to the early Egyptians. For centuries, a power- ful tool in military and diplomatic circles, cryptology has become indispensable in commerce as well. Governments often want to keep policy decisions secret until an appropriate time; multinational corporations protect proprietary research and devel- opment, and marketing strategies. In 1917, at the height of World War I, Germany cabled the Mexican government that it would commence submarine warfare and promised Arizona, New Mexico, and Texas to Mexico if it would join the Axis against the United States, in the event that the United States entered the war. The cable was intercepted, the code broken by British intelligence, the message passed on to President Woodrow Wilson, and the rest is history. 413
- 529. 414 CHAPTER 9 Cryptology Godfrey Harold Hardy (1877–1947), an eminent English number theorist, was born in Cranleigh, England. Even as a child, he showed a precocious interest in mathematics. At the age of thirteen, he left Cranleigh School, where his father was a master, and moved to Winchester College. In 1896, he entered Trinity College, Cambridge, and was elected a fellow four years later. Ten years later, Hardy became a lecturer at Cambridge University, a position he held until 1919. He plunged into research, wrote many papers in analysis, and completed his well-known book, A Course of Pure Mathematics (1908). The text, designed for undergraduates, provided the first rigorous exposition of analysis, and trans- formed mathematics teaching forever. In 1919, Hardy left Cambridge to become Savilian professor of geometry at Oxford University, where he also was an active researcher. He was suc- ceeded at Cambridge by John E. Littlewood (1885–1977). Eleven years later, Hardy returned to Cambridge, where he remained until his retirement in 1942. They had the most remarkable and productive partnership in the history of mathematics; they coauthored about 100 papers. Hardy’s most spectacular contribution to the mathematical community is generally considered to be his 1913 discovery of the unsophisticated Indian mathematical genius Srinivasa Ramanujan (1887–1920), whom Hardy brought to England in April 1914. Their relentless collaboration produced many spectacular discoveries. Today, electronic banking and computer data banks commonly use encryption for secrecy and security. In 1984, R. Sedgewick of the University of Illinois noted that “a computer user wants to keep his computer files just as private as papers in his file cabinet, and a bank wants electronic funds transfer to be just as secure as funds transfer by armored car.” Recent developments in computer technology and sophisticated techniques in cryptology have revolutionized information security, protecting secret communica- tions over insecure channels such as telephone lines and microwaves from being accessed by unauthorized users. See Figure 9.1. Cryptography and Cryptanalysis Cryptology consists of cryptography and cryptanalysis. The word cryptography is derived from the Greek words kryptos, meaning hidden, and graphein, meaning to write. Cryptography is the art and science of concealing the meaning of confiden- tial communications from all except the intended recipients. Cryptanalysis deals with breaking secret messages. During World War II, 30,000 people were engaged in cryptographic work. The breaking of Japan’s Purple machine code by U.S. crypt- analysts shortly before the attack on Pearl Harbor led to the Allied victory in the
- 530. CHAPTER 9 Cryptology 415 A New Encryption System Would Protect a Coveted Digital Data Stream—Music on the Web Sabra Chartrand As the Internet continues to influence the evolution of intel- lectual property law and policy, an issue currently generating tremendous controversy is the free and anonymous swap- ping of digital music files. Various companies have proposed terms of encryption as solutions to the problem. Now add another candidate: three mathematicians at Brown University have capped six years of research with a patent for an encryption code they say will make it impractical—if not impossible—to infringe copyrighted data like digital music. The mathematicians, Jeffrey Hoffmein and Jill Pipher, both of Pawtucket, R.I., and Joseph Silverman of Needham, Mass., patented a system they said could quickly encode every second of a data stream with a different encryption key. That means that a typical three-minute song could be scrambled into 180 different codes; anyone taking the time to break a single code would be rewarded with only one sec- ond of music. Like other encryption systems, the new invention grew out of advanced mathematical formulas. NTRU’s technology differs from other encryption processes, Mr. Crenshaw said, because it relies on a mathematical system called a “convo- lution product” to make it faster and more efficient. With that kind of math, he said, encoding requires only one step, while decoding requires only two. Some other encryption systems need more than 1,000, he said. The invention uses what is called “public key” encryp- tion, which does not require the sender and receiver to pri- vately exchange code keys to complete a transaction. Mr. Crenshaw said that when a person ordered music online, his computer or music player would provide the encoding key to the server computer of a Web site dispensing the music. Figure 9.1 Pacific. Today the U.S. government and business employ tens of thousands of people and spend billions of dollars annually on cryptology. Cryptography is by no means the exclusive domain of professionals. Franklin Delano Roosevelt, when he was 21, used a simple code in his diary. American poet Edgar Allan Poe, who was a skilled cryptanalyst, wrote that human ingenuity could invent no code that human ingenuity could not crack. Section 9.4, however, will prove otherwise. Before we turn to some number-theoretic secrecy systems, we must define our terminology. Plaintext is the original message that is to be transmitted in secret form. Ciphertext is its secret version. A cipher is a method of translating plaintext to ci- phertext. The key is an explicit formulation of the cipher, so the job of the crypt- analyst is to discover the key and then break the code. The process of converting plaintext to ciphertext is enciphering (or encrypting) and the converting device the encryptor. The reverse process by the intended recipient who knows the key is deci- phering (or decrypting) and it is accomplished by a decryptor. The encryptor and decryptor may be algorithms executed by people or computers. Thus, the method used by an unintended receiver to recover the original message is cryptanalysis. A cryptosystem is a system for encrypting a plaintext to a ciphertext using a key.
- 531. 416 CHAPTER 9 Cryptology This chapter presents five cryptosystems—affine, Hill, exponentiation, RSA, and knapsack—based on modular arithmetic. The first three are conventional and the last two are public-key. In a conventional cryptosystem, pictured in Figure 9.2, the encryption key, from which the decryption key can be found fairly quickly, is kept secret from unintended users of the system. In a public-key system, the enciphering key is made public while only the intended receiver knows the deciphering key. Figure 9.2 We now turn to our first cryptosystem. 9.1 Affine Ciphers We will restrict our discussion to plaintext messages written in capital letters of the English alphabet and ignore blank spaces and punctuation marks. In all cryptosys- tems we first translate each letter to a number. A convenient way of doing this is by numbering the letters A through Z by their ordinal numbers 00 through 25, re- spectively, as Table 9.1 shows. Using this scheme, we translate the plaintext into a numeric message which is then enciphered into a numeric ciphertext. Each number is then replaced by a letter. The recipient of the ciphertext substitutes the ordinal num- ber for each letter and uses the key to decipher the numeric message by substituting letters for the various numbers. Letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ordinal Number 00 01 01 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Table 9.1 Substitution Ciphers In a substitution cipher, we substitute a letter of the alphabet for each letter of the plaintext. It is, in fact, a permutation cipher, since each substitution is a permutation
- 532. 9.1 Affine Ciphers 417 of the letters of the alphabet. Since there are 26! permutations of the letters, there is a total of 26! possible substitution ciphers; one of them is the trivial one, where each letter is substituted for itself. Caesar Cipher Around 50 B.C. the Roman emperor Julius Caesar (100–44 B.C.) sent encoded mes- sages to his general, Marcus T. Cicero (106–43 B.C.), during the Gallic Wars, using a substitution cipher based on modular arithmetic. A Caesar cipher shifts each letter by three places to the right, with the last three letters X, Y, and Z shifted to A, B, and C respectively, in a cyclic fashion: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Let P denote the ordinal number of a plaintext letter and C that of the corre- sponding ciphertext letter. Then the Caesar cipher can be described by the congru- ence C ≡ P + 3 (mod 26) (9.1) where 0 ≤ P,C ≤ 25. Ciphertext is often grouped into blocks of five letters to prevent short words from being quickly recognized by cryptanalysts. The following example illustrates the Caesar enciphering algorithm. EXAMPLE 9.1 Encipher the message HAVE A NICE DAY using the Caesar key. SOLUTION step 1 Using Table 9.1 replace each letter by its ordinal number. 07 00 21 04 00 13 08 02 04 03 00 24 step 2 Apply the Caesar transformation C ≡ P + 3 (mod 26). The resulting numbers are 10 03 24 07 03 16 11 05 07 06 03 01. For example, when P = 24, C ≡ 24 + 3 ≡ 01 (mod 26). step 3 Substitute the letter corresponding to each ordinal number and group them in blocks of five. The resulting ciphertext message is KDYHD QLFHG DB.
- 533. 418 CHAPTER 9 Cryptology To decipher such a ciphertext, the recipient simply reverses the steps. From the congruence C ≡ P + 3 (mod 26), we have the deciphering formula P ≡ C − 3 (mod 26), which enables us to recover the original plaintext, as the following exam- ple demonstrates. EXAMPLE 9.2 Decipher the ciphertext KDYHD QLFHG DB in Example 9.1. SOLUTION step 1 Using Table 9.1, replace each number with its ordinal number. 10 03 24 07 03 16 11 05 07 06 03 01 step 2 Using the deciphering formula P ≡ C − 3 (mod 26), retrieve the numeric plaintext. The resulting numeric string is 07 00 21 04 00 13 08 02 04 03 00 24 step 3 Translate these numbers back to the alphabetic format. This yields HAVEA NICED AY. step 4 Regroup the letters to recover the original message: HAVE A NICE DAY. Shift Ciphers Clearly there is nothing sacred about the choice of the shift factor 3 in the Caesar cipher. It is one possible choice out of all the shift ciphers C ≡ P+k (mod 26), where k is the shift factor and 0 ≤ k ≤ 25. There are 26 possible shift ciphers, one of which is C ≡ P (mod 26); that is, C = P. A shift cipher is a substitution cipher. By substituting one letter for another, a cryptanalyst can crack a code by using the universally available knowledge of the relative frequency distribution of letters in ordinary text. The most frequently occur- ring letters in the ciphertext correspond to those in the plaintext. For example, E is the most frequently occurring letter in an arbitrary text, occurring about 12.5% of the time; the next three letters are T, A, and O, occurring about 9%, 8%, and 8% of the time, respectively. Table 9.2 shows the relative frequencies of the various letters in the English alphabet. Letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Relative Frequency in % 8 1.5 3 4 12.5 2 2 5.5 7 0.1 0.7 4 2.5 7 8 2 0.1 6 6.5 9 3 1 2 0.2 2 0.1 Table 9.2
- 534. 9.1 Affine Ciphers 419 The following example illustrates how this table can be used in cryptanalysis. However, for short and selective messages, the percentages might not be helpful. Consider, for instance, the following well-known passage from President John F. Kennedy’s inaugural address in 1961: ASK NOT WHAT YOUR COUNTRY CAN DO FOR YOU, ASK WHAT YOU CAN DO FOR YOUR COUNTRY. This sentence does not contain a single E, and the most frequent letter in it is O. EXAMPLE 9.3 Assuming that the following ciphertext was created by the shift cipher C ≡ P + k (mod 26), decipher it: SLABZ ULCLY ULNVA PHALV BAVMM LHYIB ASLAB ZULCL YMLHY AVULN VAPHA L SOLUTION The given ciphertext can be cracked if we can determine the value of k. To this end, first we construct a frequency table for the letters in the ciphertext, as in Table 9.3. Letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Frequency 9 4 2 0 0 0 0 4 1 0 0 12 3 2 0 2 0 0 2 0 4 5 0 0 4 2 Table 9.3 The most frequently occurring letter in the ciphertext is L, so our best guess is that it must correspond to the plaintext letter E. Since their ordinal numbers are 11 and 4, this implies 11 ≡ 4 + k (mod 26); that is, k = 7. Then C ≡ P + 7 (mod 26), so P ≡ C − 7 (mod 26). Using this congruence, we can now determine the ordinal number of each letter in the plaintext, as Table 9.4 shows. It follows from the table that the plaintext, after regrouping the blocks, is LET US NEVER NEGOTIATE OUT OF FEAR BUT LET US NEVER FEAR TO NEGOTIATE, another passage from President Kennedy’s inaugural address. Ciphertext Letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Plaintext Letter 19 20 21 22 23 24 25 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 T U V W X Y Z A B C D E F G H I J K L M N O P Q R S Table 9.4
- 535. 420 CHAPTER 9 Cryptology In Example 9.3, our initial guess did in fact produce an intelligible message. On the other hand, if it had resulted in gobbledygook, then we would continue the preceding procedure with the next frequently occurring letters until we suc- ceeded. Affine Ciphers Shift ciphers belong to a large family of affine ciphers defined by the formula C ≡ aP + k (mod 26) (9.2) where a is a positive integer ≤ 25 and (a,26) = 1. The condition that (a,26) = 1 guarantees that as P runs through the least residues modulo 26, so does C; it ensures that congruence (9.2) has a unique so- lution for P, by Corollary 4.6: P ≡ a−1 (C − k) (mod 26) (9.3) Since (a,26) = 1, there are ϕ(26) = 12 choices for a, so there are 12 · 26 = 312 affine ciphers. One of them is the identity transformation C ≡ P (mod 26), corre- sponding to a = 1 and k = 0. When a = 5 and k = 11, C ≡ 5P + 11 (mod 26). If P = 8, then C ≡ 5 · 8 + 11 ≡ 25 (mod 26), so under the affine cipher C ≡ 5P + 11 (mod 26), the letter I is transformed into Z and the letter Q into N. Table 9.5 shows the plaintext letters and the corresponding ciphertext letters created by this affine cipher, which shifts A to L, and in which each successive letter is paired with every fifth letter. Plaintext Letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Ciphertext Letter 11 16 21 00 05 10 15 20 25 04 09 14 19 24 03 08 13 18 23 02 07 12 17 22 01 06 L Q V A F K P U Z E J O T Y D I N S X C H M R W B G Table 9.5 The following example illustrates the encrypting procedure for this affine cipher. EXAMPLE 9.4 Using the affine cipher C ≡ 5P + 11 (mod 26), encipher the message THE MOON IS MADE OF CREAM CHEESE.
- 536. 9.1 Affine Ciphers 421 SOLUTION Since most of the work has been done in Table 9.5, we group the letters into blocks of length five: THEMO ONISM ADEOF CREAM CHEES E Then replace each letter by the corresponding ciphertext letter in the table. The re- sulting encrypted message is CUFTD DYZXT LAFDK VSFLT VUFFX F. The following example demonstrates how to decrypt a message generated by an affine cipher. EXAMPLE 9.5 Decipher the ciphertext message OZKFZ XPDDA created by the affine cipher C ≡ 5P + 11 (mod 26). SOLUTION Since C ≡ 5P + 11 (mod 26), P ≡ 5−1(C − 11) ≡ 21(C − 11) ≡ 21C + 3 (mod 26). For example, when C = 14, P ≡ 21 · 14 + 3 ≡ 11 (mod 26). Thus, the ciphertext letter O is decrypted as L. The other letters can be deciphered in a similar fashion. (We could also use Table 9.5 in the reverse order.) This yields the message LIFEI SGOOD. Reassembling the blocks, we find that the original plaintext is LIFE IS GOOD. If a cryptanalyst knows that the enciphered message was generated by an affine cipher, then he or she will be able to break the cipher using the frequency counts of letters in Table 9.2, as the following example shows. EXAMPLE 9.6 Cryptanalyze the ciphertext BYTUH NCGKN DUBIH UVNYX HUTYP QNGYV IVROH GSU that was generated by an affine cipher. SOLUTION Assume the cipher we are searching for is C ≡ aP + k (mod 26). To make an ed- ucated guess as to which are the most frequently occurring letters in the plaintext, construct a frequency table of letters in the ciphertext, as Table 9.6 shows. Accord- ing to the table, the most commonly occurring letter in the ciphertext is U, so it is reasonable to assume that it corresponds to the plaintext letter E; that is, 20 ≡ 4a + k (mod 26). Now there are three choices for the next most commonly occurring letter, namely, H, N, and Y. If we assume H corresponds to T, then 7 ≡ 19a + k (mod 26).
- 537. 422 CHAPTER 9 Cryptology Ciphertext Letter A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Frequency 0 2 1 1 0 0 3 4 2 0 1 0 0 4 1 1 1 1 1 2 5 3 0 1 4 0 Table 9.6 Thus, we have 4a + k ≡ 20 (mod 26) 19a + k ≡ 7 (mod 26) Solving this linear system, we get a ≡ 13 (mod 26) and k ≡ 20 (mod 26), so C ≡ 13P + 20 (mod 26). But (13,26) = 1, so this is not a valid cipher. Thus, our guess that H corresponds to T was not a valid one. So let us assume that N corresponds to T. This yields the linear system 4a + k ≡ 20 (mod 26) 19a + k ≡ 13 (mod 26) Solving this system, a ≡ 3 (mod 26) and k ≡ 8 (mod 26). Since (3,26) = 1, this yields a valid cipher C ≡ 3P + 8 (mod 26). Then P ≡ 3−1(C − 8) ≡ 9(C − 8) ≡ 9C + 6 (mod 26). Using this deciphering formula, next we construct Table 9.7, which displays the plaintext letters corresponding to the ciphertext ones. Using the table, we can translate the given encryptic message as POVER TYIST HEPAR ENTOF REVOL UTION ANDCR IME, that is, POVERTY IS THE PARENT OF REVOLUTION AND CRIME, a statement made by the Greek philosopher Aristotle. (It would be interesting to check if the third choice leads to an intelligent plaintext message.) Table 9.7 An interesting bonus: It follows from Table 9.7 that the plaintext letters J and W are not affected by the transformation C ≡ 3P + 8 (mod 26). They are said to be left fixed by the cipher. See Exercises 15–18 also.
- 538. 9.1 Affine Ciphers 423 By and large, a ciphertext generated by an affine cipher does not provide ade- quate security. One way to make breaking complicated is by using a finite sequence of affine ciphers C ≡ aiP + ki (mod 26), as Figure 9.3 shows, where 1 ≤ i ≤ n. Such a cipher is the product (or composition) of the n ciphers. Exercises 22–25 further explore such ciphers. Figure 9.3 Vigenère Ciphers Another option is to use the enciphering scheme developed by the French cryp- tographer B. de Vigenère in 1586. The Vigenère cryptosystem employs a keyword w1w2 ...wn of length n and n shift ciphers C ≡ Pi + ki (mod 26) to each plaintext block of length n, where ki is the ordinal number of the letter wi and 1 ≤ i ≤ n. The following example illustrates Vigenère encrypting. EXAMPLE 9.7 Using the keyword CIPHER and a Vigenère cipher, encrypt the message CRYPTOG- RAPHY IS FUN. SOLUTION Since the ordinal numbers of the letters C, I, P, H, E, and R in the word CIPHER are 02, 08, 15, 07, 04, and 17, respectively, they serve as the shift factors for each shift cipher for every block. So the six shift ciphers are C ≡ P + k (mod 26), where k = 2, 8, 15, 7, 4, and 17. Since the keyword is a six-letter word, first we group the letters of the plaintext into blocks of length six: CRYPTO GRAPHY ISFUN. Now apply the ith cipher to the letter wi in each block, where 1 ≤ i ≤ n. For in- stance, consider the first block CRYPTO. Since the ordinary numbers of its letters are 02, 17, 24, 15, 19, and 14, respectively, add to them the key values 2, 8, 15, 7, 4, and 17 in that order modulo 26. The resulting numbers are 4, 25, 13, 22, 23, and 5, and the corresponding letters are E, Z, N, W, X, and F, respectively, so the first ciphertext block is EZNWXF. The other two blocks are similarly transformed to IZPWLP and KAUBR, as Table 9.8 shows. Thus, the resulting ciphertext is EZNWXF IZPWLP KAUBR. It is important to remember that an affine cipher substitutes the very same letter C for each occurrence of the plaintext letter P, whereas a Vigenère cipher need not. A Vigenère cipher may substitute the same letter C for different plaintext letters. For instance, in the preceding example the plaintext letters A and Y are enciphered
- 539. 424 CHAPTER 9 Cryptology Plaintext Block C R Y P T O G R A P H Y I S F U N 02 17 24 15 19 14 06 17 00 15 07 24 08 18 05 20 13 Ciphertext Block 04 25 13 22 23 05 08 25 15 22 11 15 10 00 20 01 17 E Z N W X F I Z P W L P K A U B R Table 9.8 into P. This makes both encrypting and decrypting in Vigenère more difficult. The two Rs are transformed into Z because they occupy the same spot in their respective blocks. E X E R C I S E S 9.1 Using the Caesar cipher, encipher each proverb. 1. ALL IS WELL THAT ENDS WELL. 2. ALL THAT GLITTERS IS NOT GOLD. Decipher each ciphertext created by the Caesar cipher. 3. QHFHV VLWBL VWKHP RWKHU RILQY HQWLR Q 4. PDWKH PDWLF VLVWK HTXHH QRIWK HVFLH QFHV Encipher each quotation using the shift cipher C ≡ P+11 (mod 26). 5. NO LEGACY IS SO GREAT AS HONESTY. (W. Shakespeare) 6. THERE IS NO ROYAL ROAD TO GEOMETRY. (Euclid) Decrypt each quotation below encrypted by the shift ci- pher C ≡ P + k (mod 26). 7. GVZRV FGURO RFGZR QVPVA R 8. NSOZX YNHJF SDBMJ WJNXF YMWJF YYTOZ XYNHJ JAJWD BMJWJ Encipher each using the affine cipher C ≡ 3P + 7 (mod 26). 9. A THING OF BEAUTY IS A JOY FOR EVER. (John Keats) 10. A JOURNEY OF A THOUSAND MILES MUST BEGIN WITH A SINGLE STEP. (Lao-Tzu) 11–12. Encrypt the messages in Exercises 9 and 10 using the cipher C ≡ 7P + 10 (mod 26). The enciphered messages in Exercises 13 and 14 were generated by the affine cipher C ≡ 5P + 3 (mod 26). De- cipher each. 13. UMXIZ NBPUV APMXK X 14. XEXKT IVSTP IZPRQ XPPRP QVIVS TPIZP RQXPP A plaintext letter is left fixed by a cipher if it remains the same in the ciphertext generated by the cipher. Find the letters left fixed by each affine cipher. 15. C ≡ 5P + 11 (mod 26) 16. C ≡ 7P + 13 (mod 26) 17. C ≡ 5P + 14 (mod 26) 18. C ≡ 9P + 18 (mod 26) Cryptanalyze each ciphertext created by an affine cipher C ≡ aP + k (mod 26). 19. IRCCH EKKEV CLLFK EIOKL XKKLF ILIGM EKOIV EKKE 20. KARRH HRSLR VUXER FKSRH HDHKA RYREL RYKDV SKAFK QDEKN RDHRS VNXA
- 540. 9.2 Hill Ciphers 425 21. Find the total number of affine ciphers possible. Encipher the message, SEND MORE MONEY, using the product of the given affine ciphers. 22. C ≡ 3P + 7 (mod 26), C ≡ 5P + 8 (mod 26) 23. C ≡ 5P + 7 (mod 26), C ≡ 7P + 5 (mod 26) Cryptanalyze each ciphertext generated by the product of two affine ciphers. (Hint: The product of two affine ciphers is also an affine cipher.) 24. GIPJU QDHQG PCUHG XKPGJ LJPOX RGPUL PXRLJ APRGC VLGXJ U 25. ZLFYL FCZFP TBLOO RSBYL FQPON CRELA JOSLE LYCRE RSB Encrypt each message using the keyword CIPHER for a Vigenère cipher. 26. SEND MORE MONEY. 27. MATHEMATICS IS THE DOOR AND THE KEY TO THE SCIENCES. Decrypt each ciphertext generated by a Vigenère cipher using the keyword MATH. 28. TETS FHBZ IETS FH 29. XIYL IOGA IABA 9.2 Hill Ciphers The ciphers we just studied do not provide adequate protection from the cryptana- lysts. For this we turn to a new class of ciphers called block ciphers (or polygraphic ciphers), developed by Lester S. Hill of Hunter College in 1929. In a block cryp- tosystem, we substitute for each block of plaintext letters of length n a ciphertext block of the same length n, where n ≥ 2. Block ciphers with n = 2 are called digraphic ciphers. In such a system, we group the letters of the plaintext into blocks of length two, adding a dummy letter X at the end, if necessary, to make all blocks of the same length, and then replace each letter with its ordinal number. Each plaintext block P1P2 is then replaced by a numeric ciphertext block C1C2, where C1 and C2 are different linear combinations of P1 and P2 modulo 26: C1 ≡ aP1 + bP2 (mod 26) C2 ≡ cP1 + dP2 (mod 26) (9.4) where (ad −bc,26) = 1. (This condition is needed by Theorem 6.4 to uniquely solve the linear system for P1 and P2.) Then we translate each number into a ciphertext letter; the resulting text is the ciphertext. The following example illustrates this algorithm.
- 541. 426 CHAPTER 9 Cryptology EXAMPLE 9.8 Using the 2 × 2 linear system C1 ≡ 5P1 + 13P2 (mod 26) C2 ≡ 3P1 + 18P2 (mod 26), (9.5) encipher the message SLOW AND STEADY WINS THE RACE. (Aesop, The Hare and the Tortoise) SOLUTION step 1 Assemble the plaintext into blocks of length two: SL OW AN DS TE AD YW IN ST HE RA CE step 2 Replace each letter by its cardinal number: 18 11 14 22 00 13 03 18 19 04 00 03 24 22 08 13 18 19 07 04 17 00 02 04 step 3 Using the linear system (9.5), convert each block into a ciphertext numeric block: When P1 = 18 and P2 = 11, we have C1 ≡ 5 · 18 + 13 · 11 ≡ 25 (mod 26) C2 ≡ 3 · 18 + 18 · 11 ≡ 18 (mod 26) so the first block 18 11 is converted into 25 18. Transforming the other blocks in a similar fashion yields the numeric string 25 18 18 22 13 00 15 21 17 25 13 02 16 00 01 24 25 06 09 15 07 25 10 00 step 4 Translate the numbers into letters. The resulting ciphertext is ZS SW NA PV RZ NC QA BY ZG JP HZ KA. Matrices are useful in the study of Hill cryptosystems. For example, that the linear system (9.5) can be written as C1 C2 ≡ 5 13 3 18 P1 P2 (mod 26)
- 542. 9.2 Hill Ciphers 427 Since = 5 13 3 18 = 51 and (51,26) = 1, the matrix 5 13 3 18 is invertible modulo 26, with inverse 8 13 3 21 modulo 26. So the deciphering procedure can be effected using the congruence P1 P2 ≡ 8 13 3 21 C1 C2 (mod 26) (9.6) as the following example demonstrates. (A scientific calculator, such as TI-86, can facilitate the computations.) EXAMPLE 9.9 Using congruence (9.6), decipher the ciphertext ZS SW NA PV RZ NC QA BY ZG JP HZ KA. SOLUTION Translating the ciphertext letters into numbers, we get 25 18 18 22 13 00 15 21 17 25 13 02 16 00 01 24 25 06 09 15 07 25 10 00 The plaintext numbers corresponding to the block 25 18 are given by P1 P2 ≡ 8 13 3 21 25 18 ≡ 18 11 (mod 26) so P1 = 18 and P2 = 11. The other blocks can be converted similarly. The ensuing plaintext numeric string is 18 11 14 22 00 13 03 18 19 04 00 03 24 22 08 13 18 19 07 04 17 00 02 04 which yields the plaintext SL OW AN DS TE AD YW IN ST HE RA CE, that is, SLOW AND STEADY WINS THE RACE. It is obvious from the preceding two examples that the size of a block can be any size n ≥ 2, and that the enciphering and deciphering tasks can be accomplished by choosing an n×n enciphering matrix A modulo 26 such that (|A|, 26) = 1, where |A| denotes the determinant of A. Let P1,P2,...,Pn be the ordinal numbers of an arbitrary plaintext block and C1,C2,...,Cn the corresponding ciphertext numbers.
- 543. 428 CHAPTER 9 Cryptology Let P = ⎡ ⎢ ⎢ ⎢ ⎣ P1 P2 . . . Pn ⎤ ⎥ ⎥ ⎥ ⎦ and C = ⎡ ⎢ ⎢ ⎢ ⎣ C1 C2 . . . Cn ⎤ ⎥ ⎥ ⎥ ⎦ The congruence C ≡ AP (mod 26) provides the enciphering recipe, as the following example shows for n = 3. (Once again, a scientific calculator can speed up your computations and minimize the number of errors.) EXAMPLE 9.10 Using the matrix A = ⎡ ⎣ 3 2 6 5 7 11 13 4 1 ⎤ ⎦ encrypt the English proverb A PROVERB IS THE CHILD OF EXPERIENCE. SOLUTION First, notice that |A| = −261 ≡ 25 (mod 26), so (|A|,26) = 1. Since A is a 3 × 3 matrix, split the plaintext into blocks of length three: APR OVE RBI STH ECH ILD OFE XPE RIE NCE The corresponding numeric string is 00 15 17 14 21 04 17 01 08 18 19 07 04 02 07 08 11 03 14 05 04 23 15 04 17 08 04 13 02 04 The first numeric ciphertext block is given by ⎡ ⎣ C1 C2 C3 ⎤ ⎦ ≡ ⎡ ⎣ 3 2 6 5 7 11 13 4 1 ⎤ ⎦ ⎡ ⎣ 00 15 17 ⎤ ⎦ ≡ ⎡ ⎣ 2 6 25 ⎤ ⎦ (mod 26) that is, 02 06 25. Continuing in this fashion, we get the numeric string 02 06 25 04 01 10 23 24 25 04 14 05 06 07 15 12 20 21 24 19 24 19 04 25 13 03 23 15 19 25 Convening this into the alphabetic form, we get the desired ciphertext CGZ EBK XYZ EOF GHP MUV YTY TEZ NDX PTZ.
- 544. 9.2 Hill Ciphers 429 To decipher such an encrypted message, we use the fact P ≡ A−1C (mod 26), as the following example demonstrates. EXAMPLE 9.11 Using the enciphering matrix A in the preceding example, decrypt the ciphertext CGZ EBK XYZ EOF GHP MUV YTY TEZ HVL PTZ. SOLUTION Since (|A|,26) = 1, A−1 exists and A−1 ≡ ⎡ ⎣ 11 4 −6 −8 −3 3 −7 12 −11 ⎤ ⎦ (mod 26) (We could use any method, such as Gaussian elimination or adjoints, to find A−1, keeping in mind that we are using modular arithmetic. In any case, we can verify that AA−1 ≡ I3 (mod 26), where I3 is the 3 × 3 identity matrix.) Substituting the numeric equivalents for the ciphertext letters yields the string 02 06 25 04 01 10 23 24 25 04 14 05 06 07 15 12 20 21 24 19 24 19 04 25 07 21 11 15 19 25 To decrypt each block, we employ the formula P ≡ A−1C (mod 26); that is, ⎡ ⎣ P1 P2 P3 ⎤ ⎦ ≡ ⎡ ⎣ 11 4 −6 −8 −3 3 −7 12 −11 ⎤ ⎦ ⎡ ⎣ 02 06 25 ⎤ ⎦ ≡ ⎡ ⎣ 00 15 17 ⎤ ⎦ (mod 26) so the first numeric plaintext block is 00 15 17. Continuing in this fashion, we get all blocks: 00 15 17 14 21 04 17 01 08 18 19 07 04 02 07 08 11 03 14 05 04 23 15 04 17 08 04 13 02 04 The corresponding plaintext is APR OVE RBI STH ECH ILD OFE XPE RIE NCE, that is, A PROVERB IS THE CHILD OF EXPERIENCE. Because Hill ciphers deal with blocks, they are more difficult to break. A crypt- analyst could, however, employ the publicly known data about the relative frequency distribution of words of length n to crack the cipher, similar to the case of affine ciphers. When n = 2, for instance, there are 26 · 26 = 676 possible words of length two. So using their frequency counts in an arbitrary plaintext with those of two-letter
- 545. 430 CHAPTER 9 Cryptology words in the ciphertext, a cryptanalyst might be able to guess the enciphering matrix A and hence A−1. Obviously, as n gets larger, this task becomes infeasible. In the next three sections, we will study ciphers that are more difficult to break than Hill ciphers. E X E R C I S E S 9.2 Using the enciphering matrix A in Example 9.8, encrypt each message. 1. HAVE A NICE DAY. 2. ENJOY THE WEEKEND. Using the deciphering matrix A−1 in Example 9.9, de- crypt each. 3. MW AP IC HT IC NH DS 4. NF XT BY ZC SU AO NZ Using the enciphering key ⎡ ⎢ ⎣ 1 25 25 25 1 24 2 9 5 ⎤ ⎥ ⎦, encipher each plaintext. 5. TIME AND TIDE WAIT FOR NO MAN. (Proverb) 6. THE PEN IS MIGHTIER THAN THE SWORD. (E. G. Bulwer-Lytton) Using the deciphering key ⎡ ⎢ ⎣ 7 18 19 15 1 19 17 17 0 ⎤ ⎥ ⎦, decipher each ciphertext. 7. ZTH QLJ MOA NLG GPN EXA OCA QTY 8. IGR LDX LRR CIU DIH YVM DYF NBT Find the blocks of letters left fixed by each enciphering matrix in a block cipher. 9. 5 13 3 18
- 546. 10. ⎡ ⎢ ⎣ 3 2 6 5 7 11 13 4 1 ⎤ ⎥ ⎦ Let A be the n × n enciphering matrix of a Hill cipher and B that of another with the same size, so C ≡ AP (mod 26) and C ≡ BP (mod 26), where (|A|,26) = 1 = (|B|,26). Then C ≡ B(AP) ≡ (BA)P (mod 26) is the en- ciphering formula for the product of the two ciphers. En- cipher each message using the product cipher formed by the Hill cipher with A = 2 11 5 13
- 547. followed by that with B = 7 15 3 4
- 548. . 11. VANITY FAIR 12. PRIDE AND PREJUDICE 13. Find the blocks of letters left fixed by the product of the block ciphers with the enciphering matrices A = 2 11 5 13
- 549. and B = 7 15 3 4
- 550. . The following messages were generated by the product of the block ciphers with the enciphering matrices in Exer- cise 13. Decrypt each. 14. RA XU PV CM EC IS SN XF 15. CZ MH UP GJ DU TC KN DC CX 9.3 Exponentiation Ciphers The class of exponentiation ciphers was developed by Stephen C. Pohlig and Mar- tin E. Hellman of Stanford University in 1978. Exponentiation ciphers provide an
- 551. 9.3 Exponentiation Ciphers 431 interesting confluence of the euclidean algorithm, modular exponentiation, and Fer- mat’s little theorem. Let p, the exponentiation modulus, be an odd prime and let e be a positive integer such that (e,p−1) = 1. Since we use the numbers 00 through 25 to represent the letters of the alphabet, clearly p 25; thus, p ≥ 29. (In fact, we will observe later that the security of the exponentiation cryptosystem is directly related to the size of p, so in practice we choose p to be extremely large.) As we will see shortly, e uniquely determines the ciphertext numeric string corresponding to a given plaintext numeric string, so e serves as the enciphering exponent. To encrypt a plaintext, first translate it into a numeric string using the two-digit ordinal representations in Table 9.1. Then assemble the numbers into blocks of length 2m such that the numeric face value of every block is p; in other words, choose m as the largest integer such that the number formed by the concatenation of m 25s is p; that is, 2guatda.com/cmx.p525...25 m 25s p. For example, if p = 3037, then m = 2, since 2525 3037 252525. This makes sense since p is the modulus. Now, convert each plaintext numeric block P of length 2m into a ciphertext numeric block of the same length using the enciphering congruence C ≡ Pe (mod p) (9.7) where 0 ≤ P,C ≤ p − 1. The following example illustrates this encrypting procedure. EXAMPLE 9.12 Using p = 3037 as the exponentiation modulus and e = 31 as the enciphering expo- nent, encrypt the message SILENCE IS GOLDEN. SOLUTION Using Table 9.1, the plaintext yields the numeric sequence 18 08 11 04 13 02 04 08 18 06 14 11 03 04 13 Since 2525 p 252525, choose m = 2 and group the numbers in blocks of length four: 1808 1104 1302 0408 1806 1411 0304 1323 (The last block has been padded with a 23 for X at the end to make all blocks of the same length.) Now translate each block into a ciphertext block using the enciphering congru- ence C ≡ P31 (mod 3037). For instance, when P = 1808, by modular exponentiation, C ≡ 180816+8+4+2+1 (mod 3037) ≡ 1151 · 85 · 1236 · 1052 · 1808 ≡ 1450 (mod 3037)
- 552. 432 CHAPTER 9 Cryptology so C = 1450. The remaining blocks can be computed similarly. The resulting cipher- text is 1450 0186 1435 0523 1894 2531 2340 0990. To decipher a ciphertext generated by the enciphering formula (9.7), notice that (e,p − 1) = 1; so e has an inverse d modulo p − 1; that is, e · d ≡ 1 (mod p − 1). Then ed = 1 + q(p − 1) for some integer q. Thus, to recover the plaintext P from the ciphertext block C, we raise C to the power d and reduce it modulo p: Cd ≡ (Pe )d = Ped = P1+q(p−1) = P(Pp−1 )q ≡ P · 1q ≡ P (mod p) using Fermat’s little theorem. Since the enciphering key uniquely determines d mod- ulo p − 1, the congruence Cd ≡ P (mod p) provides the deciphering algorithm, as the following example demonstrates. EXAMPLE 9.13 Using the exponentiation modulus p = 3037 and the enciphering key e = 31, deci- pher the ciphertext 1450 0186 1435 0523 1894 2531 2340 0990. SOLUTION First, notice that (e,p−1) = (31,3036) = 1. We need to compute the inverse d of 31 modulo p − 1 = 3036. Using the euclidean algorithm, we can verify that 15 · 3036 − 1469 · 31 = 1, so (−1469) · 31 ≡ 1567 · 31 ≡ 1 (mod 3036). Thus, the deciphering key is 1567 modulo 3036. Since P ≡ C1567 (mod 3037), to decipher a block we raise it to the power 1567 and reduce it modulo 3037 using modular exponentiation. For instance, 14501567 ≡ 14501024+512+16+8+4+2+1 (mod 3037) ≡ 2777 · 2304 · 633 · 1947 · 1048 · 896 · 1450 (mod 3037) ≡ 1808 (mod 3037) Thus, the corresponding plaintext numeric block is 1808. The other blocks can be found similarly. The resulting numeric string is 1808 1104 1302 0408 1806 1411 0304 1323. This yields the plaintext SILENCE IS GOLDEN. As this example demonstrates, once the values of p and e are known, a cryptan- alyst can break the cipher. First, he or she must find the deciphering key d and then apply modular exponentiation to each ciphertext block. This, however, is not an easy task for very large primes p.
- 553. 9.3 Exponentiation Ciphers 433 However, fast algorithms do exist for finding d with only small factors for p−1. So to avoid this problem, we choose p = 2q + 1, where q is a large prime. As another application of modular exponentiation, a common key k known only to two individuals can be established in such a way that it would be computationally infeasible for a cryptanalyst to crack it. This can be accomplished without exchang- ing their enciphering keys at all. To see this, let p be a large prime as before and let x be a positive integer such that (x,p) = 1, known to both people. Each person chooses his own key ei, where (ei,p − 1) = 1 and 1 ≤ i ≤ 2. The first individual sends the other the integer y1, where y1 ≡ xe1 (mod p), and the second individual then sends the first person integer y2, where y2 ≡ xe2 (mod p). The first person determines the common key e by computing e ≡ ye1 2 ≡ (xe2 )e1 ≡ xe1e2 (mod p) and the second by computing e ≡ ye2 1 ≡ (xe1 )e2 ≡ xe1e2 (mod p), where 0 e p. Because e1 and e2 are known only to the two individuals, e is known only to them. It is computationally infeasible for an unauthorized individual to determine it in a reasonable amount of time. This technique can obviously be extended to a network of n individuals with individual keys e1,e2,...,en who want to share a common key e ≡ xe1e2···en (mod p) for secret communication. E X E R C I S E S 9.3 1. Find the number of letters grouped for an exponen- tiation cipher in a plaintext numeric block that is 12 digits long. 2. Find the smallest prime that can be used as the mod- ulus in an exponentiation cryptosystem if the letters are grouped in blocks of two letters. 3. Show that the plaintext AB is left fixed by every ex- ponentiation cipher. With p = 3037 as the exponentiation modulus and e = 31 as the enciphering exponent, encipher each message. 4. ALL IS WELL. 5. HAVE A NICE DAY. Using p = 2549 as the exponentiation modulus and e = 11 as the enciphering exponent, encrypt each message. 6. NO PAINS NO GAINS. 7. NOTHING TO EXCESS. (Solon) Each ciphertext below was generated by an exponentia- tion cipher with p = 3037 and e = 31. Decipher each. 8. 0790 0778 1509 0499 9. 0624 1435 2669 0998 Each ciphertext below was created by an exponentiation cipher with p = 2333 and e = 13. Decrypt each. 10. 1194 1693 2202 1185 0008 11. 1560 1250 0522 0631 1505 Two persons would like to share secret messages by using a common key and an exponentiation cipher with p = 131. Using x = 2 as in the text, compute the common key e for the given pair of individual keys. 12. 11, 23 13. 7, 17 14–15. Determine the common deciphering key in Exer- cises 12 and 13.
- 554. 434 CHAPTER 9 Cryptology 9.4 The RSA Cryptosystem In a conventional cipher system, the enciphering key is known only to the sender and the intended receiver. Since once the enciphering key is known, an unauthorized individual can discover the deciphering key in a short time. Consequently, before coded messages are sent, the key must be transmitted over a secure communication channel. However, in 1976, Whitfield Diffie and Martin E. Hellman of Stanford Univer- sity proposed a revolutionary cipher system, called a public-key cryptosystem, that makes it unnecessary to keep the key away from unauthorized users. In a public-key system, the enciphering algorithm E of every user of the system is made public as in a telephone directory, while the corresponding decrypting algorithm D is known only to the intended user. Although the encryption key E is public knowledge, it is computationally infeasible to employ it to discover the decryption key D, so it is virtually impossible for a cryptanalyst to crack the system. Although Diffie and Hellman did not provide a practical implementation of a public-key cipher system, they developed three properties such a cryptosystem must have: • Each user must have an encryption key E (which is made public) and a de- cryption key D (which is kept secret) such that M = E(D(M)) = D(E(M)) for every message M. Thus, the algorithms E and D are inverse operations. • It is computationally easy for the user to compute the keys E and D. • It is computationally infeasible for an unauthorized user to employ the en- cryption key E to develop the decryption key D, ensuring the security of the system. How does such a cipher system work? Suppose there are n users of the system. Each person i has an encryption key Ei in the public directory, where 1 ≤ i ≤ n. For him to send a message P to person j, he looks up j’s encryption key Ej and then sends him the encrypted message C = Ej(P). Then j applies his secret deciphering algorithm Dj to C to recover the original plaintext P, since Dj(C) = Dj(Ej(P)) = P. No other person k can crack the message C since Dk(C) = Dk(Ej(P)) = P, when k = j. In 1978, Ronald L. Rivest, Adi Shamir, and Leonard Adelman of the Massa- chusetts Institute of Technology developed a practical way of implementing Diffie and Hellman’s elegant concept. Popularly known as the RSA cryptosystem, this public-key system is an exponentiation cipher system based on modular exponenti- ation and Euler’s theorem. (RSA is an acronym for Rivest, Shamir, and Adelman.) See Figures 9.4 and 9.5.
- 555. 9.4 The RSA Cryptosystem 435 Computer Science Prize to Honor 3 Forerunners of Internet Security John Markoff The Association of Computing Machinery plans to announce today that Ronald Le Rivest, Adi Shamir and Leonard M. Adleman will receive the 2002 A. M. Turing Award for their development work in public-key cryptography. The award, which carries a $100,000 prize financed by the Intel Corporation, is gives annually to leading re- searchers in the field of computer science. Working at the Massachusetts Institute of Technology in 1977, the three men developed the RSA algorithm, which is widely used today as a basic mechanism for secure Inter- net transactions, as well as in the banking and credit card industries. The strength of this approach is that it provides highly secure communications over distances between parties that have never previously been in contact. Dr. Rivest now teaches in the electrical engineering and computer science department at M.I.T. Dr. Shamir is a professor in the applied mathematics department at the Weizmann Institute of Science in Israel. Dr. Adleman is a professor of computer science and of molecular biology at the University of Southern California. Figure 9.4 A Prime Argument in Patent Debate Simson Garfinkel SPECIAL TO THE GLOBE In a move that will likely inflame the debate over the gov- ernment’s patent application procedures, a California math- ematician has received what is believed to be the first patent on a prime number. But collecting royalties for its use might be difficult. Actually, Roger Schlafly has patented two prime num- bers, but only when they are used together. According to the US Patent and Trade office, the numbers are trade-marked under patent No. 5,373,560, a figure that doesn’t nearly ap- proach the size of the two patented numbers themselves— one is 150 digits long, the other 300 digits. The patent, titled “partial modular reduction method,” was awarded to Schlafly, an independent mathematician and specialist in the field of cryptography, in December but only recently came to public attention. The patent claims a new technique for finding certain kinds of prime numbers, which can be used to rapidly per- form the kinds of mathematical operations necessary for public key cryptography. (A prime number is a number that cannot be evenly di- vided by any number other than 1 and itself. The numbers 2, 3, 13 and 29 are all prime and are not covered by any known patent. Public key cryptography is a technique, based on prime number theory, that allows two individuals to ex- change secret messages by computer.) “I’m sure if you just went to someone and said, ‘Can you patent a prime number?’ they would say ‘No, that’s ridiculous,’ ” said Schlafly, interviewed from his home in So- quel, near Santa Cruz, Calif. Schlafly said he developed the patented algorithm while working on a program called SE- CRET AGENT, which is used to encrypt electronic mail. He added the patent claims for the two prime numbers as an experiment. “I was kind of interested in pushing the sys- tem to see how far you could go with allowable claims.” (continued) Figure 9.5
- 556. 436 CHAPTER 9 Cryptology Nevertheless, Schlafly said, the two prime numbers satisfy the patent office’s conditions for patentability: They are use- ful, have never been used before by anyone else, and their use for this particular technique is not obvious. Others see the prime number patent as evidence that the patent office has lost its grip on the patenting process. “That’s outrageous,” said Pamela Samuelson, a profes- sor of law at the University of Pittsburgh and an expert on software patents and copyrights. “It also seems inconsistent with some of the recent de- cisions issued by the Federal Circuit [Court of Appeals] . . . Unless you claim some physical structure [that is used by] an algorithm or a data structure, you can’t patent it.” Nearly two years ago, the patent office awarded a sweeping patent that covered the field of multimedia to Compton’s New Media. At the time, an outraged computer in- dustry argued that there was nothing new or novel in Comp- ton’s programs that deserved a patent. Eventually, the patent office reconsidered the Compton’s patent, and threw it out. Whether or not that will happen with Schlafly’s patent remains to be seen. Under most circumstances, patents are invalid if the invention that they described is published before the patent application is filed. “There are entire journals and conference proceedings devoted to the general subject of this application,” says Gre- gory Aharonian, who published the Internet Patent News Services and maintains a database of several hundred thou- sand pieces of software art. But few software patents that have been awarded in recent years cite any prior art other than previous patents, Aharonian says. But whereas the algorithm may be covered under the doctrine of prior art, says Aharonian, the prime numbers themselves are probably patentable. “The claiming of cer- tain prime numbers as part of an encryption process doesn’t seem to me to be unnatural,” said Aharonian. “I can claim certain specific chemicals as part of a chemical engineer- ing process, so why not a specific number as part of a math engineering process?” The numbers claimed in the patent are 512 bits and 1,024 bits long, or roughly 150 and 300 decimal digits. While these numbers are quite large by everyday standards, they are typical of the size of numbers used for cryptographic processes. By design, the numbers are so large that it is exceedingly unlikely that a person could guess them or oth- erwise intentionally discover what they are. The two principle techniques of public key cryptogra- phy were discovered and patented by scientists at Stanford University and at the Massachusetts Institute of Technology in the 1970s. In 1990, they were both licensed to Public Key Partners, a holding company based in California. Last year, Schlafly filed suit against PKP in federal court, claiming that the PKP patents are invalid. Regarding his own patent, Schlafly said, its real value is the technique that it describes for finding the special prime numbers, rather than the two specific prime numbers that it describes. “I really don’t anticipate somebody reading this patent and saying, ‘look, here’s a good prime number, let’s use it!’ ” he said. Nevertheless, the patent gives Schlafly the legal right to sue anybody in the United States for using his numbers without permission. “I suppose that you can tell people that if they want to license these prime numbers, they should just call me up.” Figure 9.5 The Enciphering Algorithm In an RSA system, the enciphering key is a pair (e,n) of positive integers e and n, where the enciphering modulus n is the product of two very large and distinct primes p and q, each about 100 digits long, and (e,ϕ(n)) = 1. To encrypt a plaintext mes- sage, as in the exponentiation cryptosystem, we group the plaintext numeric equiva- lents into blocks of length 2m, with padding at the end if necessary. Then we convert
- 557. 9.4 The RSA Cryptosystem 437 I.B.M. Researchers Develop a New Encryption Formula Laurence Zuckerman I.B.M. plans to announce today that two of its researchers have come up with a new computer encryption formula that they say is nearly impossible to crack. The International Business Machines Corporation said that the breakthrough was still a long way from being em- ployed outside the lab and that it did nothing to resolve the running dispute between the computer industry and the Fed- eral Government over whether law enforcement agencies should be given access to encrypted communications. But it could ultimately help reduce the vulnerability of so-called public-key encryption, which is the favored security method used to safeguard commerce and privacy on the Internet. In public-key encryption, the sender of an electronic communication uses software that automatically scrambles the information by incorporating a publicly known numerical key. Decoding the scrambled transmission requires a private key, a number supposedly known only by the recipient. The system is based on a problem that has defied so- lution by mathematicians for 150 years, I.B.M. said. Figure 9.6 each block P into a ciphertext block C using the encrypting congruence C = E(P) ≡ Pe (mod n) (9.8) where 0 ≤ C,P n. See Figure 9.6. The following example illustrates this algorithm. EXAMPLE 9.14 Using the RSA enciphering modulus n = 2773 and the enciphering key e = 21, en- crypt the message SILENCE IS GOLDEN. SOLUTION As in Example 9.12, after the numeric translation and grouping into blocks, the plain- text yields 1808 1104 1302 0408 1806 1411 0304 1323 Now, using modular exponentiation and formula (9.8), convert each block P into a ciphertext block C: C ≡ Pe = P21 (mod 2773) For instance, when P = 1808, C ≡ 180821 ≡ 180816+4+1 ≡ 1511 · 666 · 1808 ≡ 0010 (mod 2773) The other blocks can be found similarly. The ensuing ciphertext message is 0010 0325 2015 2693 2113 2398 2031 1857.
- 558. 438 CHAPTER 9 Cryptology The Deciphering Algorithm To decipher a ciphertext C generated by an RSA system, we need to compute the in- verse d of the enciphering exponent e modulo ϕ(n), which exists since (e,ϕ(n)) = 1. Then de ≡ 1 (mod ϕ(n)); that is, de = 1 + kϕ(n) for some constant k. Knowing the deciphering exponent d, we can recover the plaintext P by raising both sides of con- gruence (9.8) to the power d modulo n: C = Pe (mod n) Cd ≡ (Pe )d = Ped = P1+kϕ(n) (mod n) = P · [Pϕ(n) ]k ≡ P · 1k = P (mod n) (9.9) where, by Euler’s theorem, Pϕ(n) ≡ 1 (mod n), if (P,n) = 1. The pair (d,n) is the deciphering key. Even in the highly unlikely event that (P,n) = 1, the RSA algorithm works. To see this, let n = pq. Then (P,n) = p, q, or pq. Since P n, (P,n) = n. When (P,n) = p,(P,q) = 1, so by Fermat’s little theorem, Pq−1 ≡ 1 (mod q). Since de ≡ 1 (mod (p − 1)(q − 1)), de = 1 + k(p − 1)(q − 1) for some integer k. Therefore, Pde = P · (Pq−1 )k(p−1) ≡ P · 1k(p−1) ≡ P (mod q) That is, Cd ≡ P (mod q) When (P, n) = p, Cd ≡ Pde ≡ 0 ≡ P (mod p). Thus, Cd ≡ P (mod p) and Cd ≡ P (mod q), so Cd ≡ P (mod n). The case (P,n) = q yields the same conclusion. For instance, if p and q are 100-digit primes, the probability of such an occur- rence of a plaintext block is extremely negligible, namely, less than 2 · 10−99. See Supplementary Exercises 6 and 7. The following example demonstrates the decrypting algorithm D. EXAMPLE 9.15 Decrypt the ciphertext message 0010 0325 2015 2693 2113 2398 2031 1857 that was created using the RSA enciphering key (e,n) = (21,2773). SOLUTION Because ϕ(n) = ϕ(2773) = ϕ(47 · 59) = 46 · 58 = 2668 = 127 · 21 + 1, (−127) · 21 ≡ 1 (mod 2668); that is, 2541 · 21 ≡ 1 (mod 2668), so the deciphering exponent is d = 2541. Because P ≡ Cd (mod n), raise each ciphertext C to the power 2541 modulo 2773. For instance, when C = 0010:
- 559. 9.4 The RSA Cryptosystem 439 P ≡ 00102541 ≡ 102541 (mod 2773) ≡ 102048+256+128+64+32+8+4+1 (mod 2773) ≡ 1024 · 2431 · 2500 · 1366 · 2127 · 74 · 1681 · 10 (mod 2773) ≡ 1808 (mod 2773) as expected. The other blocks can be decrypted similarly. Digital Signatures The property E(D(M)) = M, found in public-key cryptosystems, can be effectively used to transmit “digitally signed” messages. This is a practical and highly desir- able feature, since such a cipher system ensures authentication and protects against forgeries. Such digital signatures are widely used in electronic banking. Interestingly, in June 2000, President Bill Clinton signed into law a bill allowing businesses and consumers to enter into legally binding arrangements with electronic rather than handwritten signatures. E-signing, as the new process is called, is ex- pected to spur new technologies, accelerate electronic transactions, and save billions of dollars in administrative costs. See Figure 9.7. To see how signed messages work in public-key cipher systems and, in particu- lar, RSA systems, suppose that person i wishes to send person j a signed message P. First, person i applies his secret deciphering algorithm Di to P. This yields Di(P) ≡ Pdi (mod n); he then applies j’s enciphering algorithm Ej to it, since Ej is public knowledge. This produces the message Ej(Di(P)) ≡ Pdiej (mod n). Person i now sends this convoluted message to j. To decipher this message, allegedly sent by person i, first person j applies his deciphering key to it to yield Dj(Ej(Dl(P))) ≡ (Pdiej )dj = (Pejdj )di ≡ Pdi (mod n) = Di(P) because Dj and Ej are inverse operations. He then applies person i’s public encryption algorithm Ei to it to yield Ei(Di(P)) ≡ (Pdi )ei = Pdiei ≡ P (mod n) Once again, because Ei and Di are inverse operations, this operation produces the original plaintext P. This ensures that the original message was in fact sent by person i and nobody else, since Ei(Dk(P)) = P if k = i. Consequently, i can never claim that he did not send the plaintext P, since he is in sole possession of the secret key Di. As these two examples demonstrate, both encryption and decryption become tedious as n gets larger and larger; so for an RSA system to be realistically useful, n must be very large. Both processes require fast computers for implementation.
- 560. 440 CHAPTER 9 Cryptology E-Signing Law Seen as a Boon to E-Business Barnaby J. Feder The law President Clinton signed last week allowing busi- nesses and consumers to seal a variety of legally binding arrangements with electronic rather than hand-written sig- natures raised the speed limit on e-business development, analysts say. They project that many enterprises awash in docu- ments, especially financial services, real estate and the government itself, will accelerate efforts to use computer transactions to limit paperwork once the law takes effect in October. Such a transition is expected to save billions of dol- lars annually in administrative costs and cut some online transactions—like setting up a trading account or applying for a home loan—from days to minutes. “E-signing,” as the new process is called, is also ex- pected to spur a variety of technologies that provide digital variations on penning one’s name on paper, including the use of coded messages, penlike styluses or thumb prints on electronic pads, or camera shots of the signer’s face or eye. The new law came after 46 states and many foreign countries had adopted laws encouraging online deal-making, and many online businesses have already incorporated such capabilities. So it may be hard to calculate the immediate fi- nancial impact of the federal law on the major companies supplying such technology. “It validates the market but it won’t really add to their revenue in the near term,” said Mark Fernandes of Merrill Lynch, who follows companies that provide the software and support services needed for electronic business. All of them rely on public key encryption, a technol- ogy invented in the 1970’s but not widely used until the e- commerce wave hit the Internet. Such systems use a combi- nation of public and private keys, or snippets of numbers, to pass secure messages through a trusted third party, or cer- tification authority. The system not only allows a recipient to be assured the message came from the party that claims to have sent it but also that it has not been tampered with. The digital signature such systems produce looks noth- ing like a scrawled John Hancock—in fact, it is invisible. As a result, many entrepreneurs are betting that other systems will be used instead of public key encryption, or in addi- tion to it, to complete e-commerce deals. President Clinton signed the bill into law on Friday with a smart card—a credit card-sized device programmed to work in combination with a password furnished by the user. Such systems are already widely used in Europe. Figure 9.7 To choose n, first find two large primes p and q, about 100 digits long. Then n = pq is about 200 digits long. That the value of n is public information does not imply that its prime factors are publicly known. The factoring of a 200-digit number is an extremely time-consuming proposition. Once p and q have been selected, the enciphering exponent e must be chosen in such a way that (e,ϕ(n)) = 1. One way to do this is by choosing a prime greater than both p and q. The exponent e must also be chosen so that 2e n; this ensures that every plain- text block, except 0 and 1, will be subjected to reduction modulo n. Otherwise, since C ≡ Pe (mod n), P can be recovered by taking the eth root of C. The deciphering exponent d can easily be computed using the euclidean algo- rithm, where de ≡ 1 (mod ϕ(n)) and ϕ(n) = (p − 1)(q − 1). Publishing the enciphering key (e, n) does not compromise security, because a cryptanalyst must know the value of ϕ(n) to compute the deciphering expo-
- 561. 9.4 The RSA Cryptosystem 441 Cracking Huge Numbers Ivars Peterson It’s easy to multiply two large prime numbers to obtain a larger number as the answer. But the reverse process— factoring a large number to determine its components— presents a formidable challenge. The problem appears so hard that the difficulty of factoring underlies the so-called RSA method of encrypting digital information. An international team of computer scientists, mathe- maticians, and other experts recently succeeded in finding the factors of a 129-digit number (see fig. 1) suggested sev- enteen years ago as a test of the security of the RSA cryp- tographic scheme. 114, 381, 625, 757, 888, 867, 669, 235, 779, 976, 146, 612, 010, 218, 296, 721, 242, 362, 562, 561, 842, 935, 706, 935, 245, 733, 897, 830, 597, 123, 563, 958, 705, 058, 989, 075, 147, 599, 290, 026, 879, 543, 541 = 3, 490, 529, 510, 847, 650, 949, 147, 849, 619, 903, 898, 133, 417, 764, 638, 493, 387, 843, 990, 820, 577 × 32, 769, 132, 993, 266, 709, 549, 961, 988, 190, 834, 461, 413, 177, 642, 967, 992, 942, 539, 798, 288, 533 Fig. 1 The number and its two prime factors This feat and other work now complicate encoding schemes used for national and commercial security. The effort required the use of more than 600 comput- ers scattered throughout the world. Partial results were sent electronically to graduate student Derek Atkins at the Massa- chusetts Institute of Technology, who assembled and passed the calculations on to Arjen K. Lenstra of Bell Communica- tions Research in Morristown, New Jersey. In the final step, which by itself consumed forty-five hours of computer time, Lenstra used these data and a MasPar MP-1 computer with 16000 processors to compute the factors. “It was a nice piece of work—a huge computation done over 8 months,” says Burton S. Kaliski Jr. of RSA Data Secu- rity in Redwood City, California. The magnitude of the effort required to factor a 129- digit number demonstrates the strength of the RSA cryp- tosystem, which typically involves numbers of 155 or more digits. However, steady improvements in factoring methods are likely to force the use of significantly larger numbers in the future to ensure security. More worrisome are the conse- quences of new research apparently proving that under cer- tain circumstances, factoring may actually be easy.—From Science News, 7 May 1994. Figure 9.8 nent d. Clearly, ϕ(n) can be computed if p and q are known, since ϕ(n) = ϕ(pq) = (p − 1)(q − 1). Since computing ϕ(n) involves the factoring of n, it is an equally difficult task. Since p and q are 100 digits long and n = pq is about 200 decimal dig- its long, the fastest known factorization algorithm will take about four billion years of computing time on the fastest available computer, as Table 9.9† shows. Although this could change with time and technology, the RSA system is virtually secure at present. If faster factorization techniques and faster computers become available, then the size of the factors can be increased accordingly to maintain the security of the system. See Figure 9.8. Note that the primes p and q can be computed from ϕ(n). See Exercises 9 and 10. † Based on R. L. Rivest et al., “A Method for Obtaining Digital Signatures and Public-Key Cryptosys- tems,” Communications of the ACM, 21 (Feb. 1978), 120–126.
- 562. 442 CHAPTER 9 Cryptology Number of digits Time 50 3.9 hours 75 104 days 100 74 years 200 3.8 × 109 years 300 4.9 × 1015 years 500 4.2 × 1025 years Table 9.9 Also, to prevent a cryptanalyst from resorting to special techniques to factor n, both p and q should be of about the same size, with p − 1 and q − 1 having large prime factors and (p − 1,q − 1) small. However, if d is known then ed − 1, a multiple of ϕ(n) can be computed; know- ing a multiple of ϕ(n), n can be factored fairly easily using an algorithm developed in 1976 by G. L. Miller. E X E R C I S E S 9.4 Using the RSA enciphering key (e,n) = (11,2867), en- crypt each message. 1. SEAFOOD 2. OPEN DOOR 3–4. Redo Exercises 1 and 2 using the RSA enciphering key (e,n) = (17,2867). Each ciphertext below was generated by the RSA enci- phering key (e,n) = (11,2867). Decipher each. 5. 1420 0614 1301 1694 6. 1959 1384 1174 2050 Decrypt each ciphertext below that was created by the RSA enciphering key (e,n) = (17,2867). 7. 0579 0341 0827 1511 8. 0592 2131 2584 2188 Let n = pq, where p and q are primes with p q. [Exer- cises 9–11 show that if n and ϕ(n) are known, then the prime factors of n can be determined.] 9. Show that p + q = n − ϕ(n) + 1. 10. Show that p − q = (p + q)2 − 4n. 11. Express p and q in terms of n and ϕ(n). 12. Using Exercises 9–11, determine the primes p and q if n = pq = 3869 and ϕ(n) = 3744. 13. Redo Exercise 12 if n = 3953 and ϕ(n) = 3828. Anne and Betsey would like to send each other a signed message using an RSA cipher. Their encryption keys are (13,2747) and (17,2747), respectively. Find the signed cipher message sent by 14. Anne if the plaintext message is MARKET. 15. Betsey if the plaintext message is INPUT. With the enciphering keys as before, find the plaintext sent by 16. Anne if her signed message to Betsey is 1148 0194 2715. 17. Betsey if her signed message to Anne is 1130 2414 2737.
- 563. 9.5 Knapsack Ciphers 443 9.5 Knapsack Ciphers In 1978, Ralph C. Merkle and Martin E. Hellman, both electrical engineers at Stan- ford University, developed a public-key cryptosystem based on the knapsack prob- lem, a celebrated problem in combinatorics. It can be stated as follows: Given a knapsack of volume S and n items of various volumes a1,a2,...,an, which of the items can fill the knapsack? In other words, given the positive integers a1,a2,...,an, called weights, and a positive integer S, solve the LDE S = a1x1 + a2x2 + ··· + anxn (9.10) where xi = 0 or 1. [Note that S is the dot product of the vectors (a1,a2,...,an) and (x1,x2,...,xn).] The knapsack problem may have no solutions, one solution, or more than one solution. For example, the knapsack problem 3x1 +5x2 +9x3 +19x4 +37x5 = 45 has one solution (1,1,0,0,1), since 3+5+0+0+37 = 45. On the other hand, the knapsack problem 3x1 +5x2 +8x3 +13x4 +21x5 = 34 has two solutions; they are (0,0,0,1,1) and (0,1,1,0,1), because 0 + 0 + 0 + 13 + 21 = 34 = 0 + 5 + 8 + 0 + 21. But the problem 5x1 + 14x2 + 15x3 + 27x4 + 11x5 = 23 has no solutions. Solving a knapsack problem is usually a very difficult task. An obvious, but certainly impractical, method is to check the various 2n possibilities for a solution (x1,x2,...,xn), where xi = 0 or 1, until a solution emerges or all cases have been exhausted. Even the best-known method for solving the problem requires about 2n/2 computational operations, so for n = 100 a computer solution becomes computation- ally infeasible. Nonetheless, problem (9.10) can be solved fairly easily if the weights have spe- cial properties. For instance, if ai = 2i−1, then S = x1 + 2x2 + 22x3 + ··· + 2n−1xn has a solution (x1,x2,...,xn) if (xn,xn−1,...,x1)two = S. It is also easy to solve it if j−1 i=1 ai aj, where 2 ≤ j ≤ n. A sequence with this property is said to be superincreasing. For example, consider the sequence 3, 5, 9, 19, 37. Because 3 5, 3 + 5 9, 3 + 5 + 9 19, and 3 + 5 + 9 + 19 37, the sequence is superincreasing. The following example shows how to solve a knapsack problem with superin- creasing weights. EXAMPLE 9.16 Solve the knapsack problem 3x1 + 5x2 + 9x3 + 19x4 + 37x5 = 45. SOLUTION Since the weights are superincreasing and since 3 + 5 + 9 + 19 37 45, x5 = 1. Then 3x1 + 5x2 + 9x3 + 19x4 = 8. Since 19 8 and 9 8, x4 = 0 = x3. This
- 564. 444 CHAPTER 9 Cryptology yields 3x1 + 5x2 = 8, so x1 = 1 = x2. Thus the solution to the given problem is (1,1,0,0,1). An Algorithm for Solving the Knapsack Problem with Superincreasing Weights This solution can be generalized to derive a solution to problem (9.10) with superin- creasing weights, if a solution exists. It is given by the following algorithm: xn = 1 if S ≥ an 0 otherwise Once xn is determined, the remaining components xn−1,xn−2,...,x1 can be com- puted using the formula xj = ⎧ ⎨ ⎩ 1 if S − n i=j+1 aixi ≥ aj 0 otherwise where j = n − 1,n − 2,...,1. As the preceding example demonstrates and these formulas indicate, we must work from right to left to find a solution. To see why these formulas work, suppose xn = 0 when S ≥ an. Then S = n i=1 aixi ≤ n−1 i=1 ai an, which is a contradiction. Therefore, xn = 1 when S ≥ an. It also implies that xn = 0 if S an. Now let 1 ≤ j ≤ n − 1. Assume xj = 0 when S − n i=j+1 aixi ≥ aj. Then S − n i=j+1 aixi = j i=1 aixi = j−1 i=1 aixi ≤ j−1 i=1 ai aj, again a contradiction. Thus, both halves do hold. The following example illustrates this algorithm. EXAMPLE 9.17 Solve the knapsack problem 2x1 + 3x2 + 7x3 + 13x4 + 27x5 = 39. SOLUTION First, notice that the sequence of weights is superincreasing. Here S = 39 and (a1,a2,a3,a4,a5) = (2,3,7,13,27). Because S ≥ a5, x5 = 1. Then 2x1 + 3x2 + 7x3 +13x4 = 12 13(= a4), so x4 = 0. This yields, 2x1 +3x2 +7x3 = 12 7(= a3), so x3 = 1. Then 2x1 +3x2 = 5 3, so x2 = 1. This implies x1 = 1. Thus, the solution is (1,1,1,0,1); that is, 2 + 3 + 7 + 0 + 27 = 39.
- 565. 9.5 Knapsack Ciphers 445 The Enciphering Algorithm We can build a public-key system based on knapsack problems with superincreasing weights a1,a2,...,an. To this end, choose a positive integer m 2an and a positive integer w relatively prime to m. Now form the sequence b1, b2, ..., bn, where bi ≡ wai (mod m), 0 ≤ bi m. This sequence need not be superincreasing. A user of the knapsack cryptosystem makes the enciphering sequence b1,b2, ...,bn public in a directory, keeping secret the original sequence a1,a2,...,an, the enciphering modulus m, and the multiplier w. Before encrypting a plaintext, con- vert it into a bit string using the five-digit binary equivalents in Table 9.10. The string is then partitioned into blocks P of length n, where n is the number of elements in the enciphering sequence. If the last block does not have n bits, then pad it with enough 1s, so all blocks will be of the same length n. Now transform each numeric plaintext block x1x2 ...xn into the sum S = b1x1 + b2x2 + ··· + bnxn (9.11) The sums thus generated form the ciphertext message. Binary Binary Letter Equivalent Letter Equivalent A 00000 N 01101 B 00001 O 01110 C 00010 P 01111 D 00011 Q 10000 E 00100 R 10001 F 00101 S 10010 G 00110 T 10011 H 00111 U 10100 I 01000 V 10101 J 01001 W 10110 K 01010 X 10111 L 01011 Y 11000 M 01100 Z 11001 Table 9.10 The following example illustrates this method. EXAMPLE 9.18 Using the knapsack cipher based on the superincreasing weights 6, 8, 15, and 31, modulus m = 65, and multiplier w = 12, encipher the message ON SALE.
- 566. 446 CHAPTER 9 Cryptology SOLUTION First, notice that the sequence has n = 4 elements, m 2a4, and (m,w) = (65,12) = 1. step 1 Multiply each element in the sequence by 12 and reduce each product mod- ulo 65: 6 · 12 ≡ 7 (mod 65), 8 · 12 ≡ 31 (mod 65), 15 · 12 ≡ 50 (mod 65), and 31 · 12 ≡ 47 (mod 65). The resulting enciphering sequence is 7, 31, 50, 47. step 2 Using Table 9.10, translate the letters into binary and then group the bits into blocks of length 4. Pad the last block with 1s if necessary: 01110 01101 10010 00000 01011 00100. This yields 0111 0011 0110 0100 0000 0101 1001 0011. step 3 Find the ciphertext message: To this end, convert each block into a sum by multiplying the bits by the elements 7, 31, 50, and 47 of the enciphering sequence and then by adding the products. For example, 0 · 7 + 1 · 31 + 1 · 50 + 1 · 47 = 128. Similarly, the other sums are 97, 81, 31, 0, 78, 54, and 97. Thus, the ciphertext message is 128 97 81 31 0 78 54 97. The Deciphering Algorithm Deciphering a knapsack ciphertext is equally easy. Multiply equation (9.11) by w−1 modulo m, which exists since (m,w) = 1: w−1 S ≡ n i=1 w−1 bixi (mod m) ≡ n i=1 (w−1 bi)xi ≡ n i=1 aixi (mod m) Because m 2an and 2an n i=1 aixi, m n i=1 aixi. Let S ≡ w−1S (mod m), where 0 ≤ S m. Then S = n i=1 aixi. This knapsack problem can be solved because the original coefficients a1,a2,...,an are superincreasing. The unique solution (x1,x2,...,xn) yields the block x1x2 ...xn. After finding all the blocks, all we need to do is regroup the bits into blocks of five bits and then substitute the letter corre- sponding to each block.
- 567. 9.5 Knapsack Ciphers 447 The following example illustrates this algorithm. EXAMPLE 9.19 Decipher the knapsack ciphertext message 128 97 81 31 0 78 54 97 created with modulus m = 65, multiplier w = 12, and the enciphering sequence 7, 31, 50, 47. SOLUTION step 1 Use the euclidean algorithm to find the inverse of w modulo m. Since 38 · 12 ≡ 1 (mod 65), w−1 ≡ 38 (mod 65). step 2 Construct a knapsack problem for each numeric ciphertext block and solve it. S = b1x1 + b2x2 + b3x3 + b4x4 128 = 7x1 + 31x2 + 50x3 + 47x4 Multiply both sides by w−1 ≡ 38 modulo 65: 38 · 128 ≡ 38 · 7x1 + 38 · 31x2 + 38 · 50x3 + 38 · 47x4 (mod 65) This yields 54 = 6x1 + 8x2 + 15x3 + 31x4. Solving, x1x2x3x4 = 0111. Similarly, we get the other blocks: 0011 0110 0100 0000 0101 1001 0011. step 3 Recover the plaintext by regrouping the bits into blocks of length five, and then replace each with the corresponding letter. This yields the original message ON SALE. (Verify this.) A Drawback of the Knapsack Cryptosystem The Merkle–Hellman knapsack cryptosystem does not possess the property E(D(M)) = M as proposed for a public-key system by Diffie and Hellman. Consequently, it is not a candidate for a signature system. Initially, the Merkle–Hellman system generated a great deal of interest since the encryption and decryption algorithms are easier and faster to implement. It seemed to be a major breakthrough, since it is based on a difficult problem. In April 1982, however, A. Shamir established otherwise; he developed an efficient algorithm for solving knapsack problems involving the encryption weights b1,b2,...,bn, where bi ≡ wai (mod m) and a1,a2,...,an is a superincreasing sequence. The flaw lies in the fact that multiplying ai by w and then reducing it modulo m does not hide ai well enough. Since 1982, several knapsack ciphers have been proposed and broken. For instance, the scheme proposed by R. L. Graham and A. Shamir was broken by
- 568. 448 CHAPTER 9 Cryptology L. M. Adelman in 1983. More recently, a new knapsack cipher based on finite fields in abstract algebra was proposed by B. Chor and R. L. Rivest. Referring to Poe’s claim that any code could be cracked, they remarked, “At the moment we do not know of any attacks capable of breaking this system in a reasonable amount of time.” E X E R C I S E S 9.5 Determine whether the given sequence is superincreasing. 1. 3, 5, 10, 19, 36 2. 3, 6, 12, 24, 48 Solve each knapsack problem with superincreasing weights. 3. x1 + 2x2 + 4x3 + 8x4 + 16x5 = 23 4. 3x1 + 6x2 + 12x3 + 24x4 + 48x5 = 57 5. 4x1 + 5x2 + 11x3 + 23x4 + 45x5 = 60 6. 2x1 + 3x2 + 6x3 + 12x4 + 24x5 + 48x6 + 96x7 = 65 7. Using the superincreasing sequence 3, 6, 12, 24, con- struct the knapsack enciphering sequence with mod- ulus m = 53 and multiplier w = 23. 8. Redo Exercise 7 with the superincreasing sequence 2, 3, 7, 13, 29, and with m = 63 and w = 25. Encrypt each message using Exercise 7. 9. SELL ALL. 10. EUREKA. 11–12. Using Exercise 8, encipher the messages in Exer- cises 9 and 10. Each knapsack ciphertext below was generated with mod- ulus 65, multiplier 12, and the enciphering sequence 7, 31, 50, 47. Decrypt each. 13. 54 47 47 57 97 81 97 57 50 31 14. 104 47 47 81 104 47 104 54 57 31 Each knapsack ciphertext was created with modulus 53, multiplier 23, and the enciphering sequence 16, 32, 11, 22. Decipher each. 15. 65 33 48 16 70 00 49 38 48 27 16. 33 33 38 48 33 32 49 16 33 X CHAPTER SUMMARY This chapter discussed the art of secrecy systems, a widely used application of num- ber theory in the form of cryptology. A cipher system can be conventional or public- key. In a conventional cryptosystem, the enciphering and deciphering keys are kept secret between the sender and the intended receiver; in a public-key system, the en- ciphering key is published in a public directory. The conventional systems presented here are affine, Vigenère, Hill, and expo- nentiation.
- 569. Review Exercises 449 Affine Ciphers • C ≡ aP + k (mod 26), where a is a positive integer ≤ 25 and (a,26) = 1. (p. 420) • When a = 1 and k = 3, it yields the Caesar cipher. (p. 417) Vigenère Ciphers • Vigenère ciphers employ a keyword w1w2 ...wn of length n and n shift ci- phers Ci ≡ Pi + ki (mod 26). (p. 423) Hill Ciphers • Hill ciphers are block ciphers that convert plaintext blocks P of length n into ciphertext blocks of the same length using an n × n enciphering matrix A: C ≡ AP (mod 26). (p. 425) Exponentiation Ciphers • C ≡ Pe (mod p), where 0 ≤ P,C p, and (e,p − 1) = 1; e is the encryption exponent of the cryptosystem. Exponentiation ciphers employ the euclidean algorithm, modular exponentiation, and Fermat’s little theorem. The multi- plicative inverse d of e modulo p serves as the deciphering exponent: P ≡ Cd (mod p). (p. 431) The RSA Cryptosystems • C = E(P) ≡ Pe (mod n), where 0 ≤ P,C n, n = pq, and (e,ϕ(n)) = 1. (p. 437) • P = D(C) ≡ Cd (mod n), where d is the multiplicative inverse of e modulo ϕ(n). (p. 438) • The RSA system uses the euclidean algorithm, modular exponentiation, and Euler’s theorem. Since E(D(M)) = M for any message M, the RSA system enables the transmission of digitally signed messages. (p. 439) Knapsack Ciphers • Based on the classic knapsack problem, S = aixi, where the weights ai are superincreasing, xi = 1 or 0, and 1 ≤ i ≤ n, the knapsack system makes the sequence b1,b2,...,bn and m 2an public, where bi ≡ wai (mod m), 0 ≤ bi m, and (w,m) = 1. (p. 445) • The decrypting strategy involves solving the knapsack problem S = aixi, where S is the least residue of w−1S modulo m. Unlike the RSA system, knapsack ciphers do not have the property E(D(M)) = M, so they are not a signature system. (p. 446)
- 570. 450 CHAPTER 9 Cryptology X REVIEW EXERCISES Encipher each using the affine cipher C ≡ 5P + 11 (mod 26). 1. NO ROSE WITHOUT A THORN. 2. THE HIGHEST RESULT OF EDUCATION IS TOLERANCE. (Helen Keller) Decipher each ciphertext created by the affine cipher C ≡ 7P + 13 (mod 26). 3. QHOJP BSPCS 4. JPNWH HIJNM NISSS Cryptanalyze each ciphertext created by an affine cipher C ≡ aP + k (mod 26). 5. VDGVT VLONN 6. JAMWM KJWJW TBBBB Using the keyword SECRET for a Vigenère cipher, encipher each message. 7. FOR SALE. 8. EXIT ONLY. Use the matrix A = ⎡ ⎣ 2 11 5 7 0 4 9 3 8 ⎤ ⎦ for Exercises 9–13. Using the Hill enciphering matrix A, encrypt each message. 9. GOODBYE. 10. VIOLETS ARE BLUE. Each ciphertext below was generated by the Hill enciphering matrix A. Decrypt each. 11. ZXB UYW NUM 12. DAT SKO DOB UQR 13. Find the blocks left fixed by the Hill enciphering matrix A. 14. Find the blocks left fixed by the Hill encrypting matrix 3 5 8 13 . With p = 2729 as the exponentiation modulus and e = 37 as the enciphering expo- nent, encrypt each message. 15. LABOR DAY 16. MARATHON Decipher each ciphertext created by an exponentiation cipher with p = 2729 and e = 29. 17. 2740 2652 0996 18. 0920 1279 0466 1146 1575 Using the RSA enciphering key (e,n) = (23,3599), encrypt each message. 19. CLOSED BOOK 20. TOP SECRET Decipher each ciphertext generated by the RSA enciphering key (e,n) = (23,3599). 21. 0710 0854 0182 1587 22. 1549 1816 2376 0699
- 571. Supplementary Exercises 451 Ann and Bob would like to send each other a secret message using the RSA enci- phering keys (17,2537) and (13,2537), respectively. Find the signed ciphertext sent by: 23. Ann if the plaintext is MAIL. 24. Bob if the plaintext is FINE. With the RSA enciphering keys as defined, find the plaintext message sent by 25. Ann if her signed message to Bob is 1206 1821. 26. Bob if his signed message to Ann is 0386 1611. Determine whether the given sequence is superincreasing. 27. 3, 5, 8, 13, 21 28. 2, 3, 6, 12, 24 Solve each knapsack problem. 29. 2x1 + 3x2 + 6x3 + 12x4 + 24x5 = 17 30. 3x1 + 4x2 + 9x3 + 19x4 + 43x5 = 55 Encipher each message using the knapsack cipher with modulus 65, multiplier 17, and superincreasing sequence 2, 3, 6, 12. 31. FOR SALE 32. TOP RANK The knapsack ciphertext here was created with the enciphering sequence 36, 5, 22, 13, modulus 43, and multiplier 12. Decrypt each. 33. 27 00 22 22 58 22 05 54 41 76 22 35 40 34. 27 49 22 76 35 22 18 54 13 35 X SUPPLEMENTARY EXERCISES 1. Define the product cipher resulting from the affine ciphers C ≡ aP + b (mod 26) and C ≡ cP + d (mod 26), where (a,26) = 1 = (c,26). 2. Find a deciphering formula to decipher a ciphertext generated by the affine ciphers C ≡ aP + b (mod 26) and C ≡ cP + d (mod 26), where (ac,26) = 1. 3. Find the number of blocks of letters left fixed by the enciphering matrix a b c d . 4. Prove that the product of two Hill ciphers is a Hill cipher. 5. Let A and B be two enciphering matrices of the same size for two different block ciphers. Does the product cipher formed by A followed by B yield the same cipher as the one formed by B followed by A? If not, why not? 6. Show that the probability that a plaintext block P selected at random is not rela- tively prime to the RSA enciphering modulus n = pq is 1 p + 1 q − 1 pq .
- 572. 452 CHAPTER 9 Cryptology 7. Suppose the primes p and q in the RSA enciphering modulus n = pq are 100 digits long. Show that the probability that an arbitrarily selected block is not relatively prime to n is less than 2 · 10−99. 8. Show that the sequence of positive integers a1,a2,...,an is superincreasing, where ai = 2i−1 and 1 ≤ i ≤ n. 9. Show that the sequence of positive integers a1,a2,...,an is superincreasing if ai+1 2ai, where 1 ≤ i ≤ n − 1. X COMPUTER EXERCISES Write a program to perform each task. Ignore all blank spaces and punctuation marks in all plaintext messages. 1. Read in a plaintext and encipher it using the Caesar cipher. 2. Read in a positive integer k and construct a table showing the alphabetic let- ters, the corresponding ciphertext letters created by the shift cipher C ≡ P + k (mod 26) and their ordinal numbers, as in Table 9.4. 3. Read in a plaintext, a shift factor k, and encipher it using the shift cipher C ≡ P + k (mod 26). 4. Read in a ciphertext encrypted by the Caesar cipher and decrypt it. 5. Read in a ciphertext encrypted by the shift cipher and the shift factor k, and decrypt it. 6. Read in two positive integers a and k, and a ciphertext enciphered using the affine cipher C ≡ aP + k (mod 26), where (a,26) = 1. Decrypt it. 7. Read in two positive integers a and k with (a,26) = 1. Find the letters of the plaintext left fixed by the affine cipher C ≡ aP + k (mod 26). 8. Read in two positive integers a and k with (a,26) = 1 and a plaintext. Encipher it using the affine cipher C ≡ aP + k (mod 26). 9. Read in arbitrary text and construct a percent frequency distribution of letters in the text. 10. Read in a ciphertext enciphered using a shift cipher C ≡ P + k (mod 26). Using Table 9.2, cryptanalyze it. 11. Read in a ciphertext enciphered using an affine cipher C ≡ aP + k (mod 26). Using Table 9.2, cryptanalyze it. 12. Read in two positive integers a and k with (a,26) = 1 and a plaintext. Con- struct a table that shows the alphabetic letters, the corresponding ciphertext let- ters generated by the cipher C ≡ aP + k (mod 26), and their ordinal numbers, as in Table 9.5. 13. Read in a plaintext and an n × n enciphering matrix A for Hill encipherment. Translate it into ciphertext.
- 573. Enrichment Readings 453 14. Read in a ciphertext encrypted by a Hill enciphering matrix A and decrypt it. 15. Read in a plaintext, a prime modulus p for an exponentiation cipher, and an enciphering exponent e. Convert it into ciphertext using modular exponentiation. 16. Read in a numeric ciphertext generated by an exponentiation cipher with a prime modulus p and an enciphering exponent e. Translate it into plaintext. 17. Read in a plaintext and encrypt it using the RSA enciphering key (e,n). 18. Read in a numeric ciphertext generated using an RSA enciphering key (e,n). Translate it into plaintext. 19. Read in the enciphering keys (e1,n) and (e2,n) of Anne and Betsey. Send each a signed message by the other. Convert the received message by each to recover the original message. 20. Read in the weights of a knapsack problem and determine whether they are superincreasing. 21. Read in the superincreasing weights of a knapsack problem and solve it. 22. Read in a superincreasing sequence, a modulus m, and a multiplier w. Compute the corresponding knapsack enciphering sequence. 23. Read in a superincreasing sequence, a modulus m, a multiplier w, and a plaintext. Translate it into a knapsack ciphertext. 24. Read in a knapsack ciphertext, the enciphering sequence that generated it, the knapsack modulus m, and multiplier w. Convert it into plaintext. X ENRICHMENT READINGS 1. W. Diffie and M. E. Hellman, “New Directions in Cryptography,” IEEE Transac- tions on Information Theory, 22 (Nov. 1976), 644–654. 2. H. Feistel, “Cryptography and Computer Privacy,” Scientific American, 228 (May 1973), 15–23. 3. M. E. Hellman, “The Mathematics of Public-Key Cryptography,” Scientific Amer- ican, 241 (Aug. 1979), 146–157. 4. P. Hilton, “Cryptanalysis in World War II—and Mathematics Education,” Mathe- matics Teacher, 77 (Oct. 1984), 548–552. 5. P. Lefton, “Number Theory and Public-Key Cryptography,” Mathematics Teacher (Jan. 1991), 54–62. 6. D. Luciano and G. Prichett, “Cryptology: From Caesar Ciphers to Public-Key Cryptosystems,” The College Mathematics Journal, 18 (Jan. 1987), 2–17. 7. R. C. Merkle and M. E. Hellman, “Hiding Information and Signatures in Trapdoor Knapsacks,” IEEE Transactions on Information Theory, 24 (Sept. 1976), 525– 530.
- 574. 454 CHAPTER 9 Cryptology 8. R. L. Rivest et al., “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, 21 (Feb. 1978), 120–126. 9. J. Smith, “Public-Key Cryptography,” Byte, 8 (Jan. 1983), 198–218.
- 575. 10 Primitive Roots and Indices An expert problem solver must be endowed with two incompatible qualities—a restless imagination and a pertinent pertinacity. — HOWARD W. EVES n this chapter, we will continue to study the least residues modulo a positive Iinteger m, this time using three important concepts: the order of an element a, the primitive root modulo m, and the index of a. We will then identify those positive integers that possess primitive roots and study some interesting applications. Anyone familiar with group theory in abstract algebra will find the first two sections familiar territory. 10.1 The Order of a Positive Integer Let m be a positive integer, and a any positive integer such that (a,m) = 1. Then, by Euler’s theorem, there is a positive exponent e such that ae ≡ 1 (mod m), namely, e = ϕ(m). In general, ϕ(m) need not be the smallest such exponent. By the well- ordering principle, there is always such a least positive exponent. For example, let us compute the least residues of the first 6 = ϕ(7) powers of every positive least residue a modulo 7 and look for the smallest such exponent in each case. For convenience, they are summarized in Table 10.1. The smallest positive exponent e such that ae ≡ 1 (mod 7) for each positive residue a is circled in the table; they are 1, 3, 6, 3, 6, and 2 for a = 1, 2, 3, 4, 5, and 6, respectively. Such an exponent e is called the order of a modulo 7, a concept introduced by Gauss. 455
- 576. 456 CHAPTER 10 Primitive Roots and Indices a a2 a3 a4 a5 a6 1 1 1 1 1 1 2 4 1 2 4 1 3 2 6 4 5 1 4 2 1 4 2 1 5 4 6 2 3 1 6 1 6 1 6 1 Table 10.1 The Order of a Positive Integer Let m and a be any positive integers such that (a,m) = 1. Then the least positive exponent e such that ae ≡ 1 (mod m) is the order of a modulo m. It is denoted by ordm a, or simply ord a, if omitting the modulus does not lead to confusion. The term order is borrowed here from group theory. (If you have already studied group theory, you should find this definition and this section relatively familiar.) It follows from Table 10.1 that ord7 1 = 1, ord7 2 = ord7 4 = 3, ord7 3 = ord7 5 = 6, and ord7 6 = 2. The following example illustrates the definition further. EXAMPLE 10.1 Compute ord13 5 and ord13 7. SOLUTION First, notice that (5,13) = 1 = (7,13). To evaluate each order, we compute the least residues of powers of 5 and 7 modulo 13 until we reach the residue 1. (Feel free to introduce negative residues when convenient.) 52 ≡ −1 (mod 13), 53 ≡ −5 (mod 13), 54 ≡ 1 (mod 13) Thus, 4 is the least positive exponent e such that 5e ≡ 1 (mod 13), so ord13 5 = 4. To evaluate ord13 7, notice that 72 ≡ −3 (mod 13) 73 ≡ 5 (mod 13) 74 ≡ −4 (mod 13) 75 ≡ −2 (mod 13) 76 ≡ −1 (mod 13) 77 ≡ 6 (mod 13) 78 ≡ 3 (mod 13) 79 ≡ −5 (mod 13) 710 ≡ 4 (mod 13) 711 ≡ 2 (mod 13) 712 ≡ 1 (mod 13) Thus, ord13 7 = 12. It appears from this example that to compute ordm a, we need to compute ak modulo m for every positive integer k ≤ ϕ(m). Fortunately, the following theorem helps us eliminate many of them as possible candidates for ordm a.
- 577. 10.1 The Order of a Positive Integer 457 THEOREM 10.1 Let a be a positive integer such that (a,m) = 1 and ordm a = e. Then an ≡ 1 (mod m) if and only if e|n. PROOF Suppose an ≡ 1 (mod m). By the division algorithm, there are integers q and r such that n = qe + r, where 0 ≤ r e. Then an = aqe+r = (ae )q · ar ≡ 1q · ar ≡ ar (mod m) But an ≡ 1 (mod m), so ar ≡ 1 (mod m), where 0 ≤ r e. Since e is the least positive integer such that ae ≡ 1 (mod m) and r e, this forces r = 0. Thus, n = qe and hence e|n. Conversely, let e|n. Then n = be for some positive integer b. Therefore, an = abe = (ae )b ≡ 1b ≡ 1 (mod m) This completes the proof. This theorem has a very useful corollary that provides a practical tool for com- puting ordm a. COROLLARY 10.1 Let a be a positive integer such that (a,m) = 1. Then ordm a|ϕ(m). In particular, if p is a prime and p a, then ordp a|p − 1. PROOF By Euler’s theorem, aϕ(m) ≡ 1 (mod m). Therefore, by Theorem 10.1, ordm a|ϕ(m). The special case follows since ϕ(p) = p − 1. This result narrows down considerably the list of possible candidates for ordm a to the set of positive factors of ϕ(m). Consequently, to compute ordm a, we do not need to look at all positive powers of a that are ≤ ϕ(m), but need only consider those positive powers d of a, where d|ϕ(m). The following two examples illustrate this. EXAMPLE 10.2 Compute ord21 5. SOLUTION First, notice that ϕ(21) = ϕ(3 · 7) = ϕ(3)ϕ(7) = 2 · 6 = 12. The positive factors d of ϕ(21) = 12 are 1, 2, 3, 4, 6, and 12, so only these are the possible values of ord21 5.
- 578. 458 CHAPTER 10 Primitive Roots and Indices To find it, compute 5d modulo 21 for each d until the residue becomes 1: 51 ≡ 5 (mod 21) 52 ≡ 4 (mod 21) 53 ≡ −1 (mod 21) 54 ≡ −5 (mod 21) but 56 ≡ 1 (mod 21) Thus, we conclude that ord21 5 = 6. Suppose ai ≡ aj (mod m). Then a reasonable question to ask is: How are i and j related? This is answered by the following corollary. COROLLARY 10.2 Let ordm a = e. Then ai ≡ aj (mod m) if and only if i ≡ j (mod e). PROOF Suppose ai ≡ aj (mod m) and i ≥ j. Since (a,m) = 1, (aj,m) = 1. So, by Corol- lary 4.6, a−j exists modulo m. Therefore, ai · a−j ≡ aj · a−j (mod m) That is, ai−j ≡ 1 (mod m) Thus, by Theorem 10.1, e|i − j; that is, i ≡ j (mod e). Conversely, let i ≡ j (mod e), where i ≥ j. Then i = j + ke for some integer k. Therefore, ai = aj+ke = aj · (ae )k ≡ aj · 1k ≡ aj (mod m) which is the desired result. The following example illustrates this result. It will be useful to us later. EXAMPLE 10.3 Recall from Example 10.2 that ord21 5 = 6. You may verify that 514 ≡ 52 (mod 21), where 14 ≡ 2 (mod 6). But 517 ≡ 53 (mod 21), since 17 ≡ 3 (mod 6). Suppose we know that ordm a = e. How then is ordm(ak) related to e, where k 0? This is answered by the following theorem. THEOREM 10.2 Let ordm a = e and k any positive integer. Then ordm(ak) = e (e,k) .
- 579. 10.1 The Order of a Positive Integer 459 PROOF Let ordm(ak) = r and d = (e,k). Then e = sd and k = td, where s and t are positive integers such that (s,t) = 1. Since (ak )s = (atd )s = (asd )t = (ae )t ≡ 1t ≡ 1 (mod m) by Theorem 10.1, r|s. Since ordm(ak) = r, (ak)r = akr ≡ 1 (mod m), so e|kr. Thus, sd|kr and hence, sd|tdr. So s|tr. But (s,t) = 1, so s|r. Thus, r|s and s|r. Therefore, s = r; that is, ordm(ak ) = r = s = e d = e (e,k) The following example illustrates this theorem. EXAMPLE 10.4 In Example 10.2, we found that ord21 5 = 6. Therefore, by Theorem 10.2, ord21(59) = 6 (6,9) = 6 3 = 2. To confirm this, notice that 52 ≡ 4 (mod 21) 54 ≡ 16 (mod 21) 58 ≡ 4 (mod 21) 59 ≡ −1 (mod 21) 518 ≡ 1 (mod 21) So ord21(59) = 2, as expected. Theorem 10.2 leads us to the following result. COROLLARY 10.3 Let ordm a = e and k any positive integer. Then ordm(ak) = e if and only if (e,k) = 1. PROOF By Theorem 10.2, ordm(ak) = e (e,k) . This equals e if and only if (e,k) = 1. For instance, by Example 10.2, ord21 5 = 6. Therefore, ord21(511) = 6, since (11,6) = 1. We can confirm this by direct computation. Once again, let a be a positive integer such that (a,m) = 1. Then, by Corol- lary 10.1, ordm a|ϕ(m); so the maximum possible value of ordm a is ϕ(m). Such least residues do exist. For example, in Example 10.1 we found that ord13 7 = 12 = ϕ(13). Such least residues possess remarkable properties and consequently deserve special attention, so we make the following definition.
- 580. 460 CHAPTER 10 Primitive Roots and Indices Primitive Roots Let α be a positive integer such that (α,m) = 1. Then α is a primitive root modulo m if ordm α = ϕ(m). The following two examples illustrate this definition. EXAMPLE 10.5 It follows by Table 10.1 that ord7 3 = 6 = ϕ(7) = ord7 5; so both 3 and 5 are primitive roots modulo 7. In Example 10.1, we found that ord13 7 = 12 = ϕ(13), so 7 is a primitive root modulo 13. EXAMPLE 10.6 Verify that 2 is a primitive root modulo 9. SOLUTION Since ϕ(9) = 6, it suffices to show that 26 ≡ 1 (mod 9) and 2k ≡ 1 (mod 9) if 0 k 6. Since ord9 2 = 1, 2, 3, or 6, we compute 21, 22, 23, and 26 modulo 9: 21 ≡ 2 (mod 9) 22 ≡ 4 (mod 9) 23 ≡ −1 (mod 9) and 26 ≡ 1 (mod 9) Thus, ord9 2 = 6 = ϕ(9), and hence 2 is a primitive root modulo 9. Examples 10.5 and 10.6 might give the impression that every positive integer m has a primitive root. However, this is not always the case. For example, there are no primitive roots modulo 12. Note that there are ϕ(12) = 4 positive integers less than 12 and relatively prime to it, namely, 1, 5, 7, and 11. But ord12 1 = 1 and ord12 5 = ord12 7 = ord12 11 = 2; so none of them are primitive roots. Primitive Roots Modulo Fermat Primes fn Next, we take a look at the primitive roots modulo Fermat primes fn, where n ≥ 0. Clearly, 2 is a primitive root modulo the Fermat primes f0 = 3 and f1 = 5. The fol- lowing example demonstrates that these are the only Fermat primes for which 2 is a primitive root. EXAMPLE 10.7 Show that 2 is not a primitive root modulo any Fermat prime fn, where n ≥ 2. PROOF We have 22n + 1 = fn ≡ 0 (mod fn)
- 581. 10.1 The Order of a Positive Integer 461 so 22n ≡ −1 (mod fn) Then 22n+1 ≡ 1 (mod fn) ordfn 2 ≤ 2n+1 22n , because 2n n + 1 for n ≥ 2 = ϕ(fn) Thus, 2 is not a primitive root modulo fn, where n ≥ 2. In Section 10.4, we shall conclusively identify those positive integers that pos- sess primitive roots. The following theorem plays an important role in our search. THEOREM 10.3 If α is a primitive root modulo m, then the least residues of α,α2,...,αϕ(m) modulo m are a permutation of the ϕ(m) positive integers ≤ m and relatively prime to m. PROOF It suffices to show that α,α2,...,αϕ(m) are relatively prime to m and no two of them are congruent modulo m. • Since (α,m) = 1, by Corollary 3.2, (αk,m) = 1 for every positive integer k. • To show that no two of the first ϕ(m) powers of α are congruent modulo m, assume that αi ≡ αj (mod m), where 1 ≤ i,j ≤ ϕ(m). Assume further that i ≤ j. Then, by Corollary 10.2, i ≡ j (mod ϕ(m)). But i,j ≤ ϕ(m), so i = j. Thus, no two of the powers of α are congruent modulo m. Thus, the least residues of α,α2,...,αϕ(m) modulo m are a rearrangement of the ϕ(m) positive integers ≤ m and relatively prime to m. The following example illustrates this theorem. EXAMPLE 10.8 Let m = 18. There are ϕ(18) = 6 positive integers ≤ 18 and relatively prime to 18. They are 1, 5, 7, 11, 13, and 17. You may verify that α = 5 is a primitive root modulo 18. The first ϕ(18) = 6 powers of 5 are 5, 52, 53, 54, 55, and 56. Their least residues modulo 18 are 5, 7, 17, 13, 11, and 1, respectively; they are a rearrangement of the residues 1, 5, 7, 11, 13, and 17, as expected.
- 582. 462 CHAPTER 10 Primitive Roots and Indices Theorem 10.3 has a powerful corollary. It gives us the exact number of primitive roots modulo m, if they exist. COROLLARY 10.4 If m has a primitive root, then it has ϕ(ϕ(m)) primitive roots. In particular, if m is a prime p, then it has ϕ(p − 1) primitive roots. PROOF Let α be a primitive root modulo m. Then, by Theorem 10.3, the least residues of α,α2,...,αϕ(m) modulo m are distinct and relatively prime to m. By Corollary 10.3, ordm(αk) = ϕ(m) if and only if (k,ϕ(m)) = 1; that is, αk is a primitive root modulo m if and only if (k,ϕ(m)) = 1. But there are ϕ(ϕ(m)) positive integers ≤ ϕ(m) and relatively prime to ϕ(m). Thus, m has ϕ(ϕ(m)) primitive roots. The special case follows trivially since ϕ(p) = p − 1. This proof provides a constructive method for finding all ϕ(ϕ(m)) primitive roots modulo m from a given primitive root α modulo m. They are given by αk, where (k,ϕ(m)) = 1, as the following example demonstrates. EXAMPLE 10.9 Using the fact that 5 is a primitive root modulo 54, find the remaining incongruent primitive roots. SOLUTION By Corollary 10.4, 54 has ϕ(ϕ(54)) = ϕ(18) = 6 primitive roots. They are given by 5k, where (k,18) = 1. The positive integers ≤ 18 and relatively prime to it are 1, 5, 7, 11, 13, and 17, so the corresponding primitive roots are given by 51, 55, 57, 511, 513, and 517 modulo 54, that is, 5, 47, 41, 29, 23, and 11, respectively. Thus, the remaining primitive roots modulo 54, in increasing order, are 11, 23, 29, 41, and 47. The following example employs the special case in Corollary 10.4. EXAMPLE 10.10 Find the incongruent primitive roots modulo 19. SOLUTION By trial and error, we find that 2 is a primitive root modulo 19. Therefore, by Corol- lary 10.5, 19 has ϕ(18) = 6 primitive roots 2k, where (k,18) = 1. Thus they are 21, 25, 27, 211, 213, and 217 modulo 19, that is, 2, 3, 10, 13, 14, and 15 in ascending order.
- 583. 10.1 The Order of a Positive Integer 463 E X E R C I S E S 10.1 Evaluate each. 1. ord7 3 2. ord8 5 3. ord11 5 4. ord13 8 5. Given that ord23 9 = 11, find ord23 14. 6. Given that ord19 11 = 3, find ord19 8. 7. Using the congruence 58 ≡ 1 (mod 13), compute ord13 5. 8. Using the congruence 39 ≡ −1 (mod 19), compute ord19 3. Using the given order of the least residue a of a prime p, find the order of the given element b modulo p. 9. ord13 4 = 6, b = 45 10. ord17 8 = 16, b = 89 11. ord11 7 = 10, b = 74 12. ord17 2 = 8, b = 26 13. Show, by an example, that ordp(−a) = ordp a. Verify each. 14. ord11 3 = 5 15. 34 + 33 + 32 + 3 + 1 ≡ 0 (mod 11) 16. ord13 4 = 6 17. 45 + 44 + ··· + 4 + 1 ≡ 0 (mod 13) Find the least positive integer m such that 18. ordm 9 = 16 19. ordm 5 = 22 20. ordm 5 = 6 21. ordm 7 = 10 22. Make a conjecture using Exercises 18–21. Give a counterexample to disprove each statement, where p is a prime. 23. ordp(p − a) = ordp a. 24. If d|ϕ(m), then there is a least residue a modulo m with order d. 25. Every prime p has an even number of primitive roots. 26. Without direct computation, show that ord8 a ≤ 2, where (a,8) = 1. 27. Using the fact that ord13 5 = 4, compute the remain- der when 51001 is divided by 13. 28. Using the fact that 6 is a primitive root modulo 41, compute the remainder when 62020 is divided by 41. Using the orders of the given least residues a and b mod- ulo m, compute ordm(ab). 29. ord9 7 = 3, ord9 8 = 2 30. ord13 3 = 3, ord13 5 = 4 Assuming each prime p has a primitive root, find the num- ber of primitive roots modulo p. 31. 11 32. 17 33. 29 34. 101 Find the incongruent primitive roots modulo the given prime. Assume each has a primitive root. 35. 7 36. 11 37. 13 38. 17 39. Using Exercises 35–38, make a conjecture about the product of the incongruent primitive roots modulo an odd prime p. 40. Show that 8 has no primitive roots. 41. Show that 12 has no primitive roots. 42. Let p be an odd prime. Then every prime factor of Mp is of the form 2kp + 1. Using this fact, find the small- est prime factor of M11. (See Exercise 54 for a proof of this fact.) 43. Let p and q be primes 3 and q|Rp, where Rp is the repunit with p ones. Then q must be of the form 2kp + 1. Using this fact, find the least prime factors of R5, R7, R13, and R41. (See Exercise 55 for a proof of this fact.) Prove each, where p is a prime, and a and m are positive integers. 44. If a prime p 3 has a primitive root, then it has an even number of primitive roots. 45. Let a−1 be a multiplicative inverse of a modulo m. Then ordm(a−1) = ordm a. 46. A least residue a is a primitive root modulo m if and only if a−1 is a primitive root modulo m. 47. Let (a,m) = 1 such that ordm a = m − 1. Then m is a prime. 48. Let p be an odd prime and ordp r = e. Then re−1 + re−2 + ··· + r + 1 ≡ 0 (mod p). 49. Let p ≡ 1 (mod 4) be a prime and a a positive integer such that p a. Then a is a primitive root modulo p if and only if p − a is also a primitive root. 50. Let α be a primitive root modulo a positive integer m ≥ 3. Then αϕ(m)/2 ≡ −1 (mod m).
- 584. 464 CHAPTER 10 Primitive Roots and Indices 51. Let ordm a = hk. Then ordm(ah) = k. 52. Let ordm a = h and ordm b = k, where (h,k) = 1. Then ordm ab = hk. 53. Let p and q be odd primes such that q|ap − 1. Then either q|a − 1 or q = 2kp + 1 for some integer k. 54. Let p be an odd prime. Then every prime factor of Mp is of the form 2kp + 1. (Hint: Use Exercise 53.) 55. Let p and q be primes 3 and q|Rp, where Rp is the repunit with p ones. Then q must be of the form 2kp + 1. 56. The odd prime factors of the integers n2 + 1 are of the form 4k + 1. 57. The odd prime factors of the integers n4 + 1 are of the form 8k + 1. 58. There are infinitely primes of the form 4k + 1. [Hint: Assume there is only a finite number of such primes, p1,p2,...,pr. Then consider N = (2p1p2 ···pr)2 + 1 and use Exercise 56.] 59. There are infinitely many primes of the form 8k + 1. [Hint: Assume there is only a finite number of such primes, p1,p2,...,pr. Then consider N = (2p1p2 ···pr)4 + 1 and use Exercise 57.] 10.2 Primality Tests We can use the concept of the order of an integer to develop primality tests. Lucas’ theorem, discovered in 1876, provides one such test; it is based on the fact that a positive integer n is prime if and only if ϕ(n) = n − 1. THEOREM 10.4 (Lucas’ Theorem) Let n be a positive integer. If there is a positive integer x such that xn−1 ≡ 1 (mod n) and x(n−1)/q ≡ 1 (mod n) for all prime factors q of n − 1, then n is prime. PROOF Let ordn x = e. Since xn−1 ≡ 1 (mod n), by Theorem 10.1, e|n − 1. We would like to show that e = n − 1, so assume that e = n − 1. Since e|n − 1, n − 1 = ke for some integer k 1. Let q be a prime factor of k. Then: x(n−1)/q = xke/q = (xe )(k/q) ≡ 1 (mod n), which is a contradiction. So e = n−1; that is, ordn x = n−1 = ϕ(n), because n−1 = ordn x|ϕ(n) ≤ n − 1. Thus, n is a prime. The following example illustrates this test.
- 585. 10.2 Primality Tests 465 EXAMPLE 10.11 Using Lucas’ theorem, show that n = 1117 is a prime. SOLUTION We shall choose x = 2 to show that n satisfies the conditions of the test. First, notice that 21116 = (2100 )11 · 216 ≡ 29311 · 750 ≡ 70 · 750 ≡ 1 (mod 1117) Since 1116 = 22 · 32 · 31, the prime factors of n − 1 = 1116 are 2, 3, and 31. When q = 2, 2(n−1)/q = 2558 = (250 )11 · 28 ≡ 6911 · 256 ≡ 1069 · 256 ≡ −1 (mod 1117); when q = 3, 2(n−1)/q = 2372 = (250 )7 · 222 ≡ 697 · 1086 ≡ 112 · 1086 ≡ 996 (mod 1117); when q = 31, 2(n−1)/q = 236 = (210 )3 · 26 ≡ (−93)3 · 64 ≡ 1000 · 64 ≡ 331 (mod 1117) Thus, 21116/q ≡ 1 (mod 1117) for all prime factors q of 1116. Therefore, by Lucas’ theorem, 1117 is a prime. Note: As this example indicates, a scientific calculator, such as TI-86, with a built-in mod operator will speed up your computation. We can refine Lucas’ theorem to yield the following more efficient primality test. COROLLARY 10.5 Let n be an odd positive integer. If there is a positive integer x such that x(n−1)/2 ≡ −1 (mod n) and x(n−1)/q ≡ 1 (mod n) for all odd prime factors q of n−1, then n is prime. PROOF Since x(n−1)/2 ≡ −1 (mod n), xn−1 = (x(n−1)/2)2 ≡ (−1)2 ≡ 1 (mod n). Further-
- 586. 466 CHAPTER 10 Primitive Roots and Indices more, x(n−1)/q ≡ 1 (mod n), when q = 2 or q is any odd prime factor of n − 1. Thus, both conditions in Lucas’ theorem are satisfied, so n is prime. The following example illustrates this refined test. EXAMPLE 10.12 Using Corollary 10.5, verify that n = 1213 is a prime. SOLUTION We shall use x = 5 here. Since n − 1 = 1212 = 22 · 3 · 101, the odd prime factors of n − 1 are 3 and 101. Notice that 5(n−1)/2 = 5606 = (5100 )6 · 56 ≡ (−252)6 · 1069 ≡ 497 · 1069 ≡ −1 (mod 1213) When q = 3, 5(n−1)/q = 5404 = (5100 )4 · 54 ≡ (−252)4 · 625 ≡ 21 · 625 ≡ 995 (mod 1213) When q = 101, 5(n−1)/q = 512 = 510 · 52 ≡ (−238) · 25 ≡ 115 (mod 1213) Thus, in both cases, 5(n−1)/q ≡ 1 (mod 1213), so 1213 is a prime. E X E R C I S E S 10.2 Verify that each number is a prime, using Lucas’ theorem and the given value of x. 1. 101, x = 2 2. 257, x = 3 3. 773, x = 3 4. 823, x = 3 Verify that each number is a prime, using Corollary 10.5 and the given value of x. 5. 127, x = 3 6. 241, x = 7 7. 577, x = 5 8. 797, x = 2 9. Let fn denote the nth Fermat number. Suppose there exists a positive integer x such that x22n ≡ 1 (mod fn) and x22n−1 ≡ 1 (mod fn). Prove that fn is a prime. 10. Using Exercise 9, show that both f2 and f3 are primes.
- 587. 10.3 Primitive Roots for Primes 467 10.3 Primitive Roots for Primes In Corollary 10.4, we found that if a positive integer m has a primitive root, then it has ϕ(ϕ(m)) primitive roots. The corollary, however, does not assure us that every positive integer m has a primitive root. For example, 8 does not have a primitive root. To see this, notice that ϕ(8) = 4. For a positive integer a to be a primitive root modulo 8, (a,8) = 1 and hence a must be odd. So a ≡ ±1 or ±3 (mod 8). Then a2 ≡ 1 (mod 8). Thus ord8 a ≤ 2. Consequently, ord8 a = ϕ(8), so a cannot be a primitive root. The obvious question is: What kind of positive integers m have primitive roots? First, we need to show that every prime has a primitive root. To this end, we need to lay some groundwork by using polynomial congruences. Let f(x) be a polynomial with integral coefficients. An integer α is a solution of f(x) ≡ 0 (mod m) if f(α) ≡ 0 (mod m). Clearly, if β ≡ α (mod m), then β is also a solution modulo m. EXAMPLE 10.13 Consider the polynomial congruence f(x) = x2 − x + 1 ≡ 0 (mod 13). It has two incongruent solutions modulo 13, namely 4 and 10: f(4) ≡ 16 − 4 + 1 ≡ 0 (mod 13) f(10) ≡ 100 − 10 + 1 ≡ 0 (mod 13) But the congruence 2x2 + 3x + 4 ≡ 0 (mod 5) has no solutions. (Verify this.) The following theorem about the number of solutions of polynomial congru- ences f(x) ≡ 0 (mod p) plays a pivotal role in the existence proof of primitive roots for primes. THEOREM 10.5 (Lagrange’s Theorem) Let f(x) = n i=0 aixi be a polynomial of degree n ≥ 1 with integral coefficients, where p an. Then the congruence f(x) ≡ 0 (mod p) has at most n incongruent solutions modulo p. PROOF (by induction on n) When n = 1, f(x) = a1x + a0, where p a1. Since (p,a1) = 1, the congruence a1x + a0 ≡ 0 (mod p) has a unique solution, by Corollary 4.6. So when n = 1, f(x) ≡ 0 (mod p) has at most one solution. Thus the theorem is true when n = 1.
- 588. 468 CHAPTER 10 Primitive Roots and Indices Now assume it is true for polynomials of degree k − 1. Let f(x) = k i=0 aixi be a polynomial of degree k, where p ak. If f(x) ≡ 0 (mod p) has no solutions, then the result follows. So assume that it has at least one solution α, where 0 ≤ α p. Let q(x) be the quotient and r (an integer) be the remainder when f(x) is divided by x − α, where q(x) is a polynomial of degree k − 1 with integral coefficients. (This follows by the remainder theorem.) Then f(x) = (x − α)q(x) + r Then f(α) = (α − α)q(α) + r 0 ≡ 0 + r (mod p) r ≡ 0 (mod p) Therefore, f(x) ≡ (x − α)q(x) (mod p) where degree q(x) ≤ k − 1. Let β be any other incongruent solution of f(x) ≡ 0 (mod p), where 0 ≤ β p. Then f(β) ≡ (β − α)q(β) (mod p) 0 ≡ (β − α)q(β) (mod p) Since β ≡ α (mod p), this implies q(β) ≡ 0 (mod p). Thus, every solution of f(x) ≡ 0 (mod p), different from α, is a solution of q(x) ≡ 0 (mod p). Clearly, every solution of q(x) ≡ 0 (mod p) is also a solution of f(x) ≡ 0 (mod p). Since degq(x) ≤ k−1, by the inductive hypothesis, q(x) ≡ 0 (mod p) has at most k − 1 solutions, so f(x) ≡ 0 (mod p) has at most 1 + (k − 1) = k solutions. Thus, by induction, the theorem is true for every polynomial of degree n ≥ 1. For example, the polynomial f(x) = x2 −x+1 in Example 10.13 has degree two and the congruence f(x) ≡ 0 (mod 13) has at most two solutions modulo 13. The polynomial g(x) = 2x2 + 3x + 4 also has degree two, but the congruence g(x) ≡ 0 (mod 5) has no solutions modulo 5; in any case, it has at most two solutions. The following result is a very important consequence of this theorem. It plays a crucial role in establishing the existence of primitive roots for primes. COROLLARY 10.6 If p is a prime and d|p − 1, then the congruence xd − 1 ≡ 0 (mod p) has exactly d incongruent solutions modulo p.
- 589. 10.3 Primitive Roots for Primes 469 PROOF By Fermat’s little theorem, the congruence xp−1 − 1 ≡ 0 (mod p) has exactly p − 1 solutions modulo p, namely, 1 through p − 1. Since d|p − 1, xp−1 − 1 = (xd − 1)(xp−1−d + xp−1−2d + ··· + xd + 1) = (xd − 1)g(x) where g(x) = xp−1−d +xp−1−2d +···+xd +1 is a polynomial of degree p−1−d. By Lagrange’s theorem, g(x) ≡ 0 (mod p) has at most p − 1 − d incongruent solutions. Therefore, xd − 1 ≡ 0 (mod p) has at least (p − 1) − (p − 1 − d) = d incongruent solutions. But, again, by Lagrange’s theorem, xd − 1 ≡ 0 (mod p) has at most d incongruent solutions. Thus, it has exactly d incongruent solutions modulo p. The following example illustrates this result. EXAMPLE 10.14 Find the incongruent solutions of the congruence x3 − 1 ≡ 0 (mod 13). SOLUTION Since x3 − 1 = (x − 1)(x2 + x + 1), the congruence x3 − 1 ≡ 0 (mod 13) implies x −1 ≡ 0 (mod 13) or x2 +x +1 ≡ 0 (mod 13). The congruence x −1 ≡ 0 (mod 13) yields x = 1. Because x2 + x + 1 ≡ x2 + x − 12 ≡ (x + 4)(x − 3) ≡ 0 (mod 13), x ≡ 3 (mod 13) or x ≡ −4 ≡ 9 (mod 13). (Verify both.) It has no other incongruent solutions. Thus, the given congruence has exactly three incongruent solutions: 1, 3, and 9. Wilson’s theorem, presented in Section 7.1, can be derived elegantly from Corol- lary 10.6, as shown below. But first, we should note that Lagrange’s theorem can be restated as follows: Let f(x) = n i=0 aixi be a polynomial of degree n with integral co- efficients. If the congruence f(x) ≡ 0 (mod p) has more than n incongruent solutions, then ai ≡ 0 (mod p) for every i. COROLLARY 10.7 (Wilson’s Theorem) If p is a prime, then (p − 1)! ≡ −1 (mod p). PROOF [The essence of the proof lies in cleverly selecting a suitable polynomial f(x).] Let f(x) = (x−1)(x−2)···(x−p+1)−xp−1 +1. Clearly, f(x) is a polynomial of degree p−2 with integral coefficients. By Fermat’s little theorem, xp−1 −1 ≡ 0 (mod p) has p−1 incongruent solutions. Each is also a solution of (x−1)(x−2)···(x−p+1) ≡ 0 (mod p). Therefore, f(x) ≡ 0 (mod p) has p − 1 incongruent solutions, one more
- 590. 470 CHAPTER 10 Primitive Roots and Indices than the degree of f(x). Therefore, every coefficient of f(x) must be congruent to 0 modulo p. In particular, the constant term f(0) must be congruent to 0 modulo p. But f(0) = (−1)(−2)···[−(p − 1)] − 0 + 1 = (−1)p−1 (p − 1)! + 1 Therefore, (−1)p−1(p − 1)! + 1 ≡ 0 (mod p); that is, (p − 1)! ≡ (−1)p (mod p). If p = 2, then (−1)p ≡ 1 ≡ −1 (mod p); if p is odd, then (−1)p = −1. Thus, in both cases, (p − 1)! ≡ −1 (mod p). Next, we turn to a major result on the number of incongruent residues of order d modulo p. However, before we do, let us study an example that will illuminate the proof of the theorem. EXAMPLE 10.15 Let p = 19 and d|p − 1. Let ψ(d)† denote the number of incongruent residues of order d modulo p. Compute ψ(d) and ϕ(d) for each d, and d|p−1 ψ(d). SOLUTION (The details are left for you to fill in.) Because d|18, d = 1, 2, 3, 6, 9, or 18. The number ψ(d) of incongruent residues of order d, the incongruent residues of order d, and ϕ(d) are listed in Table 10.2 for various values of d. (Verify them.) d 1 2 3 6 9 18 Incongruent 4, 5, 2, 3, residues 1 18 7, 11 8, 12 6, 9 10, 13 of order d 16, 17 14, 15 ψ(d) 1 1 2 2 6 6 ϕ(d) 1 1 2 2 6 6 Table 10.2 It follows from the table that d|p−1 ψ(d) = d|18 ψ(d) = 1 + 1 + 2 + 2 + 6 + 6 = 18 = p − 1 † ψ is the lowercase Greek letter psi.
- 591. 10.3 Primitive Roots for Primes 471 Figure 10.1 A partitioning of the set of positive residues modulo 19. Let’s pursue this example a bit further. Notice that the incongruent residues of order d modulo 19 form a partitioning of the set of positive residues modulo 19, as Figure 10.1 shows; ψ(d) denotes the number of elements in each class. Interestingly enough, ψ(d) = ϕ(d) for each d. (See Exercises 12–15.) We now arrive at the main result, proved by the French mathematician Adrien- Marie Legendre in 1785. THEOREM 10.6 Let p be a prime and d a positive factor of p − 1. Then there are exactly ϕ(d) incon- gruent integers of order d modulo p. PROOF For every positive factor d of p − 1, let ψ(d) denote the number of positive residues modulo p that have order d. Because there are p − 1 positive residues and each has a unique order d, the positive residues of order d form a partitioning of the set of positive residues. Therefore, d|p−1 ψ(d) = p − 1 But, by Theorem 8.6, d|p−1 ϕ(d) = p − 1 Therefore, d|p−1 ψ(d) = d|p−1 ϕ(d) (10.1) Next, we need to show that ψ(d) = ϕ(d) for every d. To this end, we consider two cases. case 1 Let ψ(d) = 0. Then, clearly, ψ(d) ϕ(d), so ψ(d) ≤ ϕ(d).
- 592. 472 CHAPTER 10 Primitive Roots and Indices case 2 Let ψ(d) = 0. Then there must be an integer a of order d modulo p. Consequently, by Corollary 10.3, the d integers a,a2,...,ad are incongruent mod- ulo p. Besides, each is a solution of the congruence xd − 1 ≡ 0 (mod p), since (ak)d = (ad)k ≡ 1 (mod p), where 1 ≤ k ≤ d. Therefore, by Corollary 10.6, they are the d incongruent solutions of the congruence xd − 1 ≡ 0 (mod p) and ordp(ak)|d by Theorem 10.1. But, by Corollary 10.3, ordp(ak) = ordp a = d if and only if (k,d) = 1. Since there are ϕ(d) positive integers ≤ d and relatively prime to d, there are exactly ϕ(d) residues of ak modulo p that have order d. Therefore, ψ(d) = ϕ(d). Thus, in both cases, ψ(d) ≤ ϕ(d). So, for equality (10.1) to hold, we must have ψ(d) = ϕ(d) for all d. In other words, there are exactly ϕ(d) incongruent integers (or residues) of order d modulo p. The following example illustrates this theorem. EXAMPLE 10.16 Find the number of incongruent integers of order d modulo 13, where d|12. SOLUTION Since d|12, d = 1, 2, 3, 4, 6, or 12. Let ψ(d) denote the number of incongruent residues of order d modulo 13. Then ψ(1) = ϕ(1) = 1 ψ(2) = ϕ(2) = 1 ψ(3) = ϕ(3) = 2 ψ(4) = ϕ(4) = 2 ψ(6) = ϕ(6) = 2 ψ(12) = ϕ(12) = 4 It will be useful to find the least positive residues modulo 13 of order d (see Exer- cise 12). Since ψ(12) = 4, it follows that there are four primitive roots modulo 13. In the following corollary, Theorem 10.6 yields a class of positive integers that have primitive roots. COROLLARY 10.8 Every prime p has ϕ(p − 1) incongruent primitive roots. PROOF Since p − 1|p − 1, by Theorem 10.6, there are ϕ(p − 1) incongruent integers of order p − 1 modulo p. Each of them, by definition, is a primitive root. Therefore, there are ϕ(p − 1) primitive roots modulo p. For instance, p = 19 has ϕ(18) = 6 incongruent primitive roots. Try to find them. The fact that every prime has a primitive root was established by Euler in 1773. He even constructed a list of primitive roots modulo primes ≤ 37.
- 593. 10.3 Primitive Roots for Primes 473 Notice that the proof of Corollary 10.8 is nonconstructive; that is, it does not tell us how to find the primitive roots modulo primes. They need to be found by direct computation. In 1839, the German mathematician Karl Gustave Jacob Jacobi pub- lished an extensive table of primitive roots modulo primes 1000. For convenience, Table T.3 at the end of this book lists the least positive primitive roots modulo primes p ≤ 100. E X E R C I S E S 10.3 Find the incongruent roots of the congruence f(x) ≡ 0 (mod 7) for each polynomial f(x). 1. x2 + 3 2. x3 + 1 3. x2 + x + 1 4. x3 + 2x2 + 3x + 4 Find the incongruent roots of the congruence f(x) ≡ 0 (mod 11) for each polynomial f(x). 5. x2 + 3 6. x2 − x − 1 7. 2x2 + 3x + 1 8. 2x3 + x2 − 3x + 1 9. Find the incongruent roots modulo 7 of the polyno- mial xd − 1 for every factor d of 6. 10. Find the incongruent roots modulo 13 of the polyno- mial xd − 1 for every factor d of 12. 11. Verify that 5 is a factor of every coefficient of the polynomial f(x) = (x − 1)(x − 2)(x − 3)(x − 4) − x4 + 1 Find the number of incongruent integers of order d mod- ulo the given prime p. 12. d = 4, p = 13 13. d = 6, p = 19 14. d = 11, p = 23 15. d = 48, p = 97 16. Let α be a primitive root modulo an odd prime p. What can you say about αk if (k,p − 1) = 1? 17. Let α be a primitive root modulo an odd prime p. Can the least residue of α(p−1)/2 modulo p be 1? 18. Let α be a primitive root modulo an odd prime p. Find the least residue of α(p−1)/2 modulo p. Both 3 and 5 are primitive roots modulo 7. Verify each. 19. 35 + 34 + ··· + 3 + 1 ≡ 0 (mod 7) 20. 55 + 54 + ··· + 5 + 1 ≡ 0 (mod 7) Disprove each statement in Exercises 21 and 22. 21. The product of two primitive roots modulo an odd prime p is a primitive root modulo p. 22. The sum of two primitive roots modulo an odd prime p is a primitive root modulo p. 23. Show, by an example, that the sum of two primitive roots modulo an odd prime p can also be a primitive root. 24. The prime p = 7 has two primitive roots α. Find ordp (−α) in each case. 25. The prime p = 11 has four primitive roots α. Find ordp(−α) in each case. 26. Let α be a primitive root modulo a prime p ≡ 3 (mod 4). Using Exercises 24 and 25, make a conjec- ture about ordp(−α). Using the fact that α is a primitive root modulo an odd prime, determine whether −α is also a primitive root. 27. α = 2, p = 5 28. α = 2, p = 13 29. α = 5, p = 17 30. α = 2, p = 29 31. Using Exercises 27–30, make a conjecture about the prime p for which both α and −α are primitive roots. 32. Find an odd prime p such that α is a primitive root modulo p, but −α is not. 33. Using Exercises 35–38 in Exercises 10.1, make a con- jecture about the product of incongruent primitive roots modulo a prime p. Let p = 13 and d a positive factor of p − 1. Let ψ(d) de- note the number of positive residues of order d modulo p. 34. Find ψ(d) for each d. 35. Verify that d|p−1 ψ(d) = p − 1. 36. Verify that ψ(d) = ϕ(d) for each d.
- 594. 474 CHAPTER 10 Primitive Roots and Indices 37–39. Redo Exercises 34–36 with p = 17. Find the least residues of order d modulo p for each posi- tive factor d of p − 1, where 40. p = 13 41. p = 23 Using the given primitive root α modulo a prime p, find the remaining least incongruent primitive roots modulo p. 42. α = 2, p = 13 43. α = 3, p = 17 44. α = 5, p = 23 45. α = 3, p = 31 Prove each. 46. Let α be a solution of the congruence f(x) ≡ 0 (mod m) and β ≡ α (mod m), where f(x) is a poly- nomial with integral coefficients. Then β is also a so- lution of the congruence. 47. Let α be a primitive root modulo an odd prime p. Then αp−2 + αp−3 + ··· + α + 1 ≡ 0 (mod p). 48. The product of the incongruent primitive roots mod- ulo a prime p is congruent to 1 modulo p. 49. If α is a primitive root modulo a prime p ≡ 1 (mod 4), then α(p−1)/4 satisfies the congruence x2 + 1 ≡ 0 (mod p). 50. If α is a primitive root modulo a prime p ≡ 3 (mod 4), then α(p−3)/4 cannot be a solution of the congruence x2 + 1 ≡ 0 (mod p). 51. If α is a primitive root modulo a prime p ≡ 3 (mod 4), then ordp(−α) = p − 1 2 . 52. Let α be a primitive root modulo an odd prime p. Then −α is a primitive root modulo p if and only if p ≡ 1 (mod 4). 53. Let α be a primitive root modulo pj, where p is an odd prime, α is odd, and j ≥ 1. Then α is also a primitive root modulo 2pj. 54. Let α be a primitive root modulo pj, where p is an odd prime, α is even, and j ≥ 1. Then α + pj is a primitive root modulo 2pj. 10.4 Composites with Primitive Roots (optional) In the preceding section, we established that every prime p has a primitive root; in fact, it has ϕ(p−1) primitive roots. We will now identify the class of positive integers that possess primitive roots; it consists of 1, 2, 4, pk, and 2pk, where p is an odd prime and k any positive integer. In Example 10.9, for instance, we found that 54 = 2 · 33 has (six) incongruent primitive roots. The development of this major result is a bit complicated. We begin by showing that p2 has a primitive root, but first, we need to study an example. EXAMPLE 10.17 Notice that α = 2 is the only primitive root modulo p = 3. It is also a primitive root modulo p2 = 9: 2ϕ(9) = 26 ≡ 1 (mod 9), and 2k ≡ 1 (mod 9) for k 6. Thus, α is a primitive root modulo both p and p2. Likewise, 3 is a primitive root modulo both 5 and 52. (Verify this.)
- 595. 10.4 Composites with Primitive Roots (optional) 475 Before moving on to our first result, we add a lemma to shorten its proof. LEMMA 10.1 Let α be a primitive root modulo an odd prime p. Then ordp2 (α + p) = p − 1. PROOF (by contradiction) Let β = α + p. Assume that ordp2 β = p − 1. Then βp−1 ≡ 1 (mod p2). We have βp−1 = (α + p)p−1 = αp−1 + (p − 1)αp−2 p + p − 1 2 αp−3 p2 + ··· + pp−1 1 ≡ αp−1 + p(p − 1)αp−2 (mod p2 ) 1 ≡ 1 − pαp−2 (mod p2 ) This yields pαp−2 ≡ 0 (mod p2); that is, αp−2 ≡ 0 (mod p). This is a contradiction, since α is a primitive root. Thus, ordp2 β = ordp2 (α + p) = p − 1 The following example illustrates this result. EXAMPLE 10.18 Notice that α = 5 is a primitive root modulo 7. Verify that ordp2 (α + p) = ord49 12 = ord7 5 = ordpα PROOF Notice that 122 ≡ −3 (mod 49), 123 ≡ 13 (mod 49), 126 ≡ 22 (mod 49), 127 ≡ 19 (mod 49), and 1221 ≡ −1 (mod 49). Therefore, ord49 12 = 42 = 6 = ord7 5. The following theorem shows that p2 has a primitive root for every odd prime p. THEOREM 10.7 If α is a primitive root modulo an odd prime p, then either α or α + p is a primitive root modulo p2. PROOF Since α is a primitive root modulo p, ordp α = p − 1. Let ordp2 α = e. Then αe ≡ 1 (mod p2), so e|ϕ(p2), but ϕ(p2) = p(p − 1). Therefore, e|p(p − 1). Since αe ≡ 1 (mod p2), αe ≡ 1 (mod p), so p − 1|e. Then e = k(p − 1) for some integer k. Therefore, k(p − 1)|p(p − 1), so k|p. Thus, either k = 1 or k = p; that is, either e = p − 1 or e = p(p − 1).
- 596. 476 CHAPTER 10 Primitive Roots and Indices case 1 Let e = p(p − 1). Then e = ϕ(p2), so α is a primitive root modulo p2. case 2 Let e = p − 1. We shall show that β = α + p is a primitive root modulo p2. Since β ≡ α (mod p), β is also a primitive root modulo p. Therefore, by the preced- ing discussion, ordp2 β = p − 1 or p(p − 1). But, by Lemma 10.1, ordp2 β = p − 1. So ordp2 β = p(p − 1) = ϕ(p2). Thus, β = α + p is a primitive root modulo p2. This theorem shows that the square of every odd prime has a primitive root. It also provides a mechanism for finding such a primitive root, as the following example illustrates. EXAMPLE 10.19 Recall from Example 10.17 that α = 3 is a primitive root modulo both 5 and 52. In Example 10.18, we found that α = 5 is a primitive root modulo 7. Although it is not a primitive root modulo 49, α +p = 5+7 = 12 is a primitive root modulo 49. (Verify this.) Now we can show that every power pk of an odd prime p has a primitive root. We know that it is true for k = 1 and 2. So it suffices to show that it is true for k ≥ 3. Again, we split the proof into smaller units, for the sake of clarity. LEMMA 10.2 Let α be a primitive root modulo an odd prime p such that αp−1 ≡ 1 (mod p2). Then αpk−2(p−1) ≡ 1 (mod pk) for every integer k ≥ 2. PROOF (by induction on k) When k = 2, αpk−2(p−1) = αp−1 ≡ 1 (mod p2 ) by the hypothesis. Thus, the statement is true when k = 2. Assume it is true for an arbitrary integer t ≥ 2: αpt−2(p−1) ≡ 1 (mod pt ) Since (α,p) = 1,(α,pt−1) = 1. So, by Euler’s theorem, αϕ(pt−1) ≡ 1 (mod pt−1 ) That is, αpt−2(p−1) ≡ 1 (mod pt−1 )
- 597. 10.4 Composites with Primitive Roots (optional) 477 Then αpt−2(p−1) = 1 + qpt−1 (10.2) for some integer q. By the inductive hypothesis, this implies p q. Now we take the pth power of both sides of equation (10.2) and expand the RHS using the binomial theorem: αpt−1(p−1) = (1 + qpt−1 )p = 1 + qpt + p 2 q2 p2(t−1) + ··· + qp pp(t−1) ≡ 1 + qpt (mod pt+1 ) Since p q, this implies αpt−1(p−1) ≡ 1 (mod pt+1 ) Thus, by induction, the given statement is true for every integer k ≥ 2. This lemma enables us to complete the next segment of our proof. THEOREM 10.8 Every power pk of an odd prime p has a primitive root, where k ≥ 2. PROOF Let α be a primitive root modulo p. If α is also a primitive root modulo p2, then αp−1 ≡ 1 (mod p2). On the other hand, if α is not a primitive root modulo p2, then, by Theorem 10.7, β = α + p is a primitive root modulo p2,where β ≡ α (mod p) and βp−1 ≡ 1 (mod p2). Thus, in both cases, p2 has a primitive root γ such that γ p−1 ≡ 1 (mod p2). (Note: γ = α if α is a primitive root modulo p2; otherwise, γ = β.) Therefore, by Lemma 10.2, γ pk−2(p−1) ≡ 1 (mod pk ) for every integer k ≥ 2. Next we need to show that γ is in fact a primitive root modulo pk; that is, ordpk γ = ϕ(pk). To this end, assume that ordpk γ = e. Then e|ϕ(pk), where ϕ(pk) = pk−1(p − 1). Since γ e ≡ 1 (mod pk), γ e ≡ 1 (mod p). This implies p − 1|e. Let e = (p − 1)t for some integer t. Then (p − 1)t|pk−1(p − 1); that is, t|pk−1. So t = pi, where 0 ≤ i ≤ k − 1 and hence e = pi(p − 1). If i ≤ k − 2, then γ pi(p−1) ≡ 1 (mod pk ) which is a contradiction. Therefore, i = k − 1 and hence ordpk γ = pk−1(p − 1) = ϕ(pk). Thus, γ is a primitive root modulo pk for every k ≥ 2.
- 598. 478 CHAPTER 10 Primitive Roots and Indices Two interesting observations: (1) The proof of this theorem gives us a bonus. It shows every primitive root modulo p2 is also a primitive root modulo pk, where k ≥ 2. (2) So, by Theorems 10.7 and 10.8, a primitive root α modulo an odd prime p can be employed to find a primitive root γ modulo pk. If α is a primitive root modulo p2, then γ = α; otherwise, γ = α + p. The following example illustrates both cases. EXAMPLE 10.20 In Example 10.19, we found that 3 is a primitive root modulo both 5 and 52. So, by Theorem 10.8, 3 is a primitive root modulo every power of 5. For instance, it is a primitive root modulo 56 = 15,625. To verify this, we shall just show that 3ϕ(56)/2 = 32·55 = 36250 ≡ −1 (mod 56), leaving out the details. Since 3125 ≡ 11693 (mod 56) and 32000 ≡ 2501 (mod 56) (verify both), 36250 = (32000 )3 · (3125 )2 ≡ 25013 · 116932 (mod 56 ) ≡ 15624 ≡ −1 (mod 56 ) Remember that in Example 10.19, we found that α = 5 is a primitive root mod- ulo 7, but not of 49. However, α + p = 5 + 7 = 12 is a primitive root modulo 72. So, by Theorem 10.8, 12 is a primitive root modulo 7k, where k ≥ 2. For exam- ple, 12 is a primitive root modulo 75 = 16,807. To verify this, we can show that 12ϕ(75)/2 = 123·74 = 127203 ≡ −1 (mod 75), leaving out the details. We have 123 ≡ 1728 (mod 75), 12200 ≡ −4336 (mod 75) and 127000 ≡ −4184 (mod 75). (Verify them.) Therefore, 127203 = 127000 · 12200 · 123 ≡ (−4184)(−4336)(1728) ≡ −1 (mod 75 ) Next, we can determine whether the integer 2k has primitive roots. Clearly, 1, 2, and 4 have primitive roots, namely, 1, 1, and 3, respectively. At this point, the natural question to ask is: Does 2k have primitive roots if k ≥ 3? Before we can answer, we introduce two lemmas that enable us to shorten the proof of the next theorem, Theorem 10.9. LEMMA 10.3 The square of every odd integer is congruent to 1 modulo 8.
- 599. 10.4 Composites with Primitive Roots (optional) 479 PROOF Let a be an odd integer, say, a = 2i + 1 for some integer i. Then a2 = 4i2 + 4i + 1 = 4i(i + 1) + 1. Since 2|i(i + 1),8|4i(i + 1), so a2 ≡ 1 (mod 8). LEMMA 10.4 Let a be an odd integer and t ≥ 3. Then a2t−2 ≡ 1 (mod 2t). PROOF (by induction on t) The given conclusion is clearly true when t = 3, by Lemma 10.3. So assume it is true for an arbitrary integer k ≥ 3: a2k−2 ≡ 1 (mod 2k ) a2k−2 = 1 + q · 2k for some integer q Then a2k−1 = (a2k−2 )2 = (1 + q · 2k )2 = 1 + q · 2k+1 + q2 22k ≡ 1 (mod 2k+1 ) Thus, if the statement holds for t = k, it also holds for t = k + 1. Therefore, by induction, the conclusion is true for every integer t ≥ 3. Using this lemma, we can conclude that 2k has no primitive roots if k ≥ 3, as the following theorem shows. THEOREM 10.9 The integer 2k has no primitive roots if k ≥ 3. PROOF (by contradiction) Suppose 2k has a primitive root α. Then ord2k α = ϕ(2k) = 2k−1. But, since (α,2) = 1, α is odd. Then, by Lemma 10.4, α2k−2 ≡ 1 (mod 2k). Consequently, ord2k α ≤ 2k−2, which is a contradiction. Thus, 2k has no primitive roots for k ≥ 3. By virtue of this theorem, the integers 8, 16, 32, 64, and so on, possess no prim- itive roots. Next we can prove that a positive integer cannot have a primitive root, if it is divisible by two distinct odd primes, or if it has the form 2ipj, where i ≥ 2 and p is an odd prime. To this end, we need the following lemma. LEMMA 10.5 The integer ab possesses no primitive roots if a,b 2 and (a,b) = 1. PROOF (by contradiction) Suppose ab has a primitive root α. Then (α,ab) = 1 and αϕ(ab) ≡ 1 (mod ab). Since (α,ab) = 1, (α,a) = 1 = (α,b).
- 600. 480 CHAPTER 10 Primitive Roots and Indices Let d = (ϕ(a),ϕ(b)). Since a, b 2, both ϕ(a) and ϕ(b) are even by Theo- rem 8.5, so d ≥ 2. Besides, since d|ϕ(a) and d|ϕ(b), ϕ(a)ϕ(b) d = ϕ(ab) d is an integer. But d 1, so ϕ(ab) d ϕ(ab). Since (α,a) = 1 and αϕ(a) ≡ 1 (mod a), αϕ(ab)/d = αϕ(a)ϕ(b)/d = [αϕ(a) ]ϕ(b)/d [Note: d|ϕ(b).] ≡ 1ϕ(b)/d ≡ 1 (mod a) Similarly, αϕ(ab)/d ≡ 1 (mod b). Therefore, αϕ(ab)/d ≡ 1 (mod ab), which is a con- tradiction, since α is a primitive root modulo ab and ϕ(ab)/d ϕ(ab). Thus, ab has no primitive roots. For example, 20 has no primitive roots, since 20 = 4 · 5, where 4, 5 2 and (4,5) = 1. Likewise, 150 = 6 · 25 has no primitive roots. THEOREM 10.10 A positive integer has no primitive roots if it has two distinct odd prime factors, or if it is of the form 2ipj, where p is an odd prime and i ≥ 2. PROOF Suppose a positive integer n has two distinct odd prime factors p and q. Then, by Lemma 10.5, piqj and hence n has no primitive roots. On the other hand, let n = 2ipj, where i ≥ 2 and p is an odd prime. Again, by Lemma 10.5 with a = 2i and b = pj, n = ab = 2ipj does not have a primitive root. This concludes the proof. EXAMPLE 10.21 The integer 1125 = 32 · 53 has no primitive roots, since it is divisible by two distinct odd primes. Likewise, 3780 = 22 · 33 · 5 · 7 also has no primitive roots. The integer 19,208 = 23 · 74 also has none since it has the form 2ipj, where i ≥ 2. Theorem 10.10 brings us a giant step forward in our search for positive integers with primitive roots. It narrows the list considerably to a list of integers of the form n = 2ipj, where p is an odd prime. If i = 0 and j = 0, then n = 1 has a primitive root. On the other hand, if j 0, then by Corollary 10.8 and Theorems 10.7 and 10.8, n = pj has a primitive root. If i ≥ 2, then, by Theorem 10.10, n has no primitive roots. We will now take up the remaining case n = 2pj in the following theorem. THEOREM 10.11 The integer n = 2pj, where p is an odd prime, has a primitive root.
- 601. 10.4 Composites with Primitive Roots (optional) 481 PROOF Let α be a primitive root modulo pj. (Such an integer exists by Corollary 10.10 and Theorem 10.8.) So αϕ(pj) ≡ 1 (mod pj ) case 1 Suppose α is odd. (We shall show that α is a primitive root modulo n.) Since ϕ(n) = ϕ(2pj) = ϕ(2)ϕ(pj) = ϕ(pj), αϕ(n) = αϕ(pj) ≡ 1 (mod pj ) (10.3) Since α is odd, α ≡ 1 (mod 2), so αϕ(pj) ≡ 1 (mod 2) (10.4) Therefore, by congruences (10.3) and (10.4), αϕ(n) ≡ 1 (mod 2pj ); that is, αϕ(n) ≡ 1 (mod n) Suppose ordn α = e ϕ(n) = ϕ(2pj). Then αe ≡ 1 (mod pj). Thus ϕ(pj) ≤ e ϕ(pj), which is clearly a contradiction. Therefore, ordn α = ϕ(n) and α is a primitive root modulo n. case 2 Suppose α is even. Then β = α + pj is odd, so βϕ(pj) ≡ 1 (mod 2) Besides, since β ≡ α (mod pj), βϕ(n) ≡ αϕ(pj) ≡ 1 (mod 2pj); that is, βϕ(n) ≡ 1 (mod n). As in case 1, it follows that β is a primitive root modulo n. Thus, in both cases, n = 2pj has a primitive root. The following example illustrates this theorem. EXAMPLE 10.22 Let n = 38 = 2 · 19. By Example 10.10, 3 is a primitive root modulo 19. So, by Theorem 10.11, 3 is also a primitive root modulo 38. (Verify this.) On the other hand, 10 is also a primitive root modulo 19. Since 10 is even, 10 + 19 = 29 is a primitive root modulo 38, by Theorem 10.11. To verify this, we shall just show that 29ϕ(38)/2 = 299 ≡ −1 (mod 38), leaving out the details. Since 29 ≡ −9 (mod 38), 293 ≡ −7 (mod 38). Thus 299 = (293)3 ≡ (−7)3 ≡ −1 (mod 38). In conclusion, we can now combine the results in Corollary 10.8 and Theo- rems 10.7, 10.8, 10.9, and 10.11 into Theorem 10.12, which conclusively identifies the integers with primitive roots. It was published by Gauss in 1801.
- 602. 482 CHAPTER 10 Primitive Roots and Indices THEOREM 10.12 The only positive integers that possess primitive roots are 1, 2, 4, pk, and 2pk, where p is an odd prime and k a positive integer. Accordingly, the first 12 positive integers that have primitive roots are 1, 2, 3, 4, 5, 6, 7, 9, 10, 11, 13, and 14; the integers 8, 12, and 15 do not have primitive roots. E X E R C I S E S 10.4 Verify that 3 is a primitive root modulo each. 1. 52 2. 53 3. 54 4. 55 5. Verify that 3 is a primitive root modulo 72. 6. Verify that 12 is a primitive root modulo 74. Find a primitive root modulo p2 for each odd prime p. 7. 11 8. 13 9. 17 10. 19 Find a primitive root modulo pk for each odd prime p and k ≥ 2. 11. 3, k = 4 12. 5, k = 3 13. 7, k = 3 14. 23, k = 2 Two is a primitive root modulo 5. Determine whether each is a primitive root modulo 52. 15. 2 16. 2 + 5 Five is a primitive root modulo 7. Determine whether each is a primitive root modulo 72. 17. 5 18. 5 + 7 Using the given primitive root α modulo the odd prime p, find a primitive root modulo n. 19. α = 3, p = 5, n = 10 20. α = 5, p = 23, n = 1058 21. α = 2, p = 3, n = 486 22. α = 6, p = 13, n = 4394 Determine whether each integer has a primitive root. 23. 46 24. 486 25. 1024 26. 1029 27. 2187 28. 5324 29. 11,466 30. 742,586 Find the incongruent primitive roots modulo each. 31. 22 32. 26 33. 33 34. 34 Prove each. 35. If p is an odd prime, both pk and 2pk have the same number of primitive roots. 36. If a positive integer n (7) has no primitive roots, then nm has no primitive roots for any integer m ≥ 1. 10.5 The Algebra of Indices The concept of an index, which is analogous to a logarithm, was introduced by Gauss in his Disquisitiones Arithmeticae. As we will see shortly, the concept of index is very useful for solving certain congruences and for computing remainders.
- 603. 10.5 The Algebra of Indices 483 Let α be a primitive root modulo a positive integer m. (Recall from Theo- rem 10.12 that m = 1, 2, 4, pk, or 2pk, where p is an odd prime.) Then, by Theo- rem 10.3, the least residues of α,α2,...,αϕ(m) modulo m are a permutation of the ϕ(m) positive integers ≤ m and relatively prime to it. For instance, in Example 10.10 we found that α = 5 is a primitive root modulo 18 and the least residues of 5, 52, 53, 54, 55, and 56 are a rearrangement of the ϕ(18) = 6 positive integers 1, 5, 7, 11, 13, and 17 that are ≤ 18 and relatively prime to it. Let a be a positive integer ≤ 18 and relatively prime to it. Then a ≡ 5k (mod 18) for some positive integer k, where 1 ≤ k ≤ 6. For instance, let a = 13; then k = 4 since 13 ≡ 54 (mod 18). Accordingly, we say that 4 is the index of 13 to the base 5 modulo 18 and make the following definition. Index Let m be a positive integer with a primitive root α, and a a positive integer such that (a,m) = 1. Then the least positive integer k such that αk ≡ a (mod m) is called the index of a to the base α modulo m. It is denoted by indα a or simply ind a when no confusion arises. Note that 1 ≤ k ≤ ϕ(m). The following example illustrates this definition. EXAMPLE 10.23 The integer 5 is a primitive root modulo 18. Notice that 51 ≡ 5 (mod 18) 52 ≡ 7 (mod 18) 53 ≡ 17 (mod 18) 54 ≡ 13 (mod 18) 55 ≡ 11 (mod 18) 56 ≡ 1 (mod 18) Consequently, ind5 5 = 1 ind5 7 = 2 ind5 17 = 3 ind5 13 = 4 ind5 11 = 5 ind5 1 = 6 Suppose we choose a different primitive root modulo 18, say, 11. Then, 111 ≡ 11 (mod 18) 112 ≡ 13 (mod 18) 113 ≡ 17 (mod 18) 114 ≡ 7 (mod 18) 115 ≡ 5 (mod 18) 116 ≡ 1 (mod 18) Consequently, ind11 5 = 5 ind11 7 = 4 ind11 17 = 3 ind11 13 = 2 ind11 11 = 1 ind11 1 = 6 Notice that, in general, ind5 a = ind11 a. For instance, 2 = ind5 7 = ind11 7 = 4. Con- sequently, the value of indα a depends on the primitive root α (and the modulus m).
- 604. 484 CHAPTER 10 Primitive Roots and Indices It follows from the definition that, as in the case of logarithms, indα a is a positive exponent. Notice that αindα a ≡ a (mod m) and that indα a is the least such positive exponent, where 1 ≤ indα a ≤ ϕ(m). Suppose a ≡ b (mod m). To see how ind a and ind b are related, let us as- sume that α is a primitive root modulo m. Then αindαa ≡ a (mod m) and αindαb ≡ b (mod m). Because a ≡ b (mod m), αindαa ≡ αindαb (mod m). Then, by Corol- lary 10.2, indα a = indα b. Thus, a ≡ b (mod m) if and only if indα a = indα b. For example, 67 ≡ 13 (mod 18). Recall from Example 10.23 that ind5 13 = 4. Since 54 ≡ 67 (mod 18), ind5 67 = 4. Thus, ind5 13 = ind5 67. The property αindαa ≡ a (mod m) reminds us of the logarithmic property, blogb a = a for any legal base b and any positive real number a. Likewise, the prop- erty indα a = indα b if and only if a ≡ b (mod m) reminds us of another logarithmic property: logb x = logb y if and only if x = y. Indices obey three additional properties, analogous to the following logarithmic properties: • logb 1 = 0 • logb(xy) = logb x + logb y • logb(xn) = nlogb x They are presented in the following theorem. THEOREM 10.13 Let m be a positive integer with a primitive root α, and a and b be positive integers relatively prime to m. Then: • indα 1 ≡ 0 (mod ϕ(m)) • indα(ab) ≡ indα a + indα b (mod ϕ(m)) • indα(an) ≡ n · indα a (mod ϕ(m)) PROOF (1) Since α is a primitive root modulo m, ϕ(m) is the least positive integer such that αϕ(m) ≡ 1 (mod m). Consequently, indα 1 = ϕ(m) ≡ 0 (mod ϕ(m)). (2) By definition, αindaa ≡ a (mod m) and αindab ≡ b (mod m). Therefore, ab ≡ αindα a · αindα b ≡ αindα a+indα b (mod m) Again, by definition, ab ≡ αindα(ab) (mod m). Thus, αindα(ab) ≡ αindα a+indα b (mod m) Therefore, by Corollary 10.2, indα(ab) ≡ indα a + indα b (mod ϕ(m)). (3) By definition, αindα(an) ≡ an (mod m). But αn·indα a = (αindα a )n ≡ an (mod m)
- 605. 10.5 The Algebra of Indices 485 Thus, αindα(an) ≡ αn·indα a (mod m) indα(an ) ≡ n · indα a (mod (m)) EXAMPLE 10.24 Verify properties (2) and (3) of Theorem 10.13 with α = 5, m = 18, a = 11, b = 13, and n = 7. SOLUTION From Example 10.23, ind5 11 = 5 and ind5 13 = 4. (1) ind5 11 + ind5 13 = 5 + 4 ≡ 3 (mod 6). [Note: ϕ(18) = 6.] By direct computation, ind5(11 · 13) = ind5 17 = 3 ≡ ind5 11 + ind5 13 (mod 6) (2) 7 · ind5 11 = 7 · 5 ≡ 5 (mod 6) By direct computation, ind5(117) = ind5 11 ≡ 5 (mod 6) Therefore, 5(117) ≡ 7 · ind5 11 (mod 6). Just as we can use logarithms to convert multiplication problems to addition problems, we can use Theorem 10.13 to do the same. Accordingly, indices are useful in solving congruences of the form axb ≡ c (mod m) and abx ≡ c (mod m), where (a,m) = 1. The following three examples illustrate this technique. EXAMPLE 10.25 Solve the congruence 11x ≡ 7 (mod 18). SOLUTION Since 5 is a primitive root modulo 18 by Example 10.8, we take ind5 of both sides of the given congruence: ind5(11x) ≡ ind5 7 (mod ϕ(18)) By Theorem 10.13, this yields, ind5 11 + ind5 x ≡ ind5 7 (mod 6) But, by Example 10.23, ind5 11 = 5 and ind5 7 = 2. Therefore:
- 606. 486 CHAPTER 10 Primitive Roots and Indices 5 + ind5 x ≡ 2 (mod 6) ind5 x ≡ 3 (mod 6) x ≡ 53 ≡ 17 (mod 18) We can verify this by direct substitution. (Note: This method requires the availability of indices of positive integers ≤ 18 and relatively prime to it.) The following two examples involve a knowledge of the indices to the base 2 modulo 13. (Notice that 2 is a primitive root modulo 13.) So, for convenience, we construct a necessary table, as Table 10.3 shows. a 1 2 3 4 5 6 7 8 9 10 11 12 ind2 a 12 1 4 2 9 5 11 3 8 10 7 6 Table 10.3 EXAMPLE 10.26 Solve the congruence 8x5 ≡ 3 (mod 13). SOLUTION We have 8x5 ≡ 3 (mod 13). Take ind2 of both sides: ind2(8x5 ) ≡ ind2 3 (mod 12) Applying Theorem 10.13 twice, this yields ind2 8 + 5ind2 x ≡ ind2 3 (mod 12) Using Table 10.3, this becomes 3 + 5ind2 x ≡ 4 (mod 12) 5ind2 x ≡ 1 (mod 12) ind2 x ≡ 5 (mod 12) x ≡ 6 (mod 13), by Table 10.3 Again, we can verify this by direct computation.
- 607. 10.5 The Algebra of Indices 487 Note: In this example, we have used an index table to make solving this relatively difficult problem surprisingly easy. In fact, there is nothing sacred about the choice of 2 as the base. We can use any primitive root modulo 13 as the base. See Exercises 17 and 19. Indices are useful for solving congruences with variable exponents, as the next example illustrates. EXAMPLE 10.27 Solve the congruence 113x ≡ 5 (mod 13). SOLUTION Take ind2 of both sides of the congruence: ind2(113x ) ≡ ind2 5 (mod 12) Using Theorem 10.13, this yields 3x · ind2 11 ≡ ind2 5 (mod 12) Now use Table 10.3: (3x) · 7 ≡ 9 (mod 12) 7x ≡ 3 (mod 4) x ≡ 1 (mod 4) x ≡ 1,5, or 9 (mod 13) Thus, the given congruence has three incongruent solutions. (See Exercises 18 and 20 also.) E X E R C I S E S 10.5 1. Let α be a primitive root modulo an odd prime p and (α,p) = 1. Evaluate indα α. 2. Let α be a primitive root modulo a positive integer m. Find indα 1. Let α be a primitive root modulo an odd prime p and (a,p) = 1. Then indα(p − a) ≡ indα a + p − 1 2 (mod p − 1). This formula enables us to compute indα(p − a) using indα a. In Exercises 3–6, use the given data to compute the corresponding index. 3. p = 13, ind2 5 = 9, ind2 8 4. p = 13, ind2 9 = 8, ind2 4 5. p = 17, ind3 11 = 7, ind3 6 6. p = 19, ind2 13 = 5, ind2 6 Using the preceding formula for indα(p − a), complete each table. 7. p = 7, a 1 2 3 4 5 6 ind3 a 6 2 1 . . .
- 608. 488 CHAPTER 10 Primitive Roots and Indices 8. p = 11, a 1 2 3 4 5 6 7 8 9 10 ind7 a 10 3 4 6 2 . . . . . Let m be a positive integer with a primitive root α and a a positive integer relatively prime to m. Let b be a mul- tiplicative inverse of a modulo m. Then indα b = ϕ(m) − indα a. Using this fact, compute indα b for the given val- ues of m, α, and a. 9. m = 13, α = 2, a = 5 10. m = 17, α = 3, a = 7 11. m = 19, α = 2, a = 8 12. m = 18, α = 5, a = 13 Let m be a positive integer with a primitive root α. Let a and b be positive integers such that (a,m) = 1 = (b,m) and indα b = ϕ(m) − indα a. Then a and b are multiplica- tive inverses of each other modulo m. Using this fact, de- termine if the given integers a and b are multiplicative inverses of each other for the given value of m. 13. m = 13, α = 2, a = 6, b = 11 14. m = 17, α = 3, a = 12, b = 10 15. m = 19, α = 2, a = 5, b = 13 16. m = 18, α = 11, a = 7, b = 13 Solve each congruence using indices to the base 6. 17. 8x5 ≡ 3 (mod 13) 18. 113x ≡ 5 (mod 13) 19–20. Solve the congruences in Exercises 17 and 18 using indices to the base 11. Solve each congruence using indices. 21. 7x ≡ 13 (mod 18) 22. 5x ≡ 8 (mod 17) 23. 2x4 ≡ 5 (mod 13) 24. 3x2 ≡ 10 (mod 13) 25. 4x3 ≡ 5 (mod 17) 26. 85x ≡ 5 (mod 13) 27. 75x−1 ≡ 5 (mod 13) 28. 34x+1 ≡ 10 (mod 19) Using indices, determine the remainder when the first in- teger is divided by the second. 29. 231001, 13 30. 411776, 19 31. 517 · 719, 13 32. 23111 + 11123, 17 Prove each. 33. Let α be a primitive root modulo a positive integer m 2. Then indα(m − 1) = ϕ(m)/2. 34. Let α be a primitive root modulo an odd prime p. Then indα(p − 1) = (p − 1)/2. (Hint: Use Exer- cise 33.) 35. Let α be a primitive root modulo a positive integer m 2 and (a,m) = 1. Then indα(m − a) = indα a + ϕ(m)/2. 36. Let m be a positive integer with a primitive root α. Let a and b be positive integers such that (a,m) = 1 = (b,m). Then a and b are multiplicative inverses of each other modulo m if and only if indα b = ϕ(m) − indα a. 37. Let p be an odd prime. Let b be a multiplicative in- verse of an integer a modulo p, where p a. Then ind b = p − 1 − inda. 38. Let p be an odd prime. Then the congruence x2 ≡ −1 (mod p) is solvable if and only if p is of the form 4k + 1. 39. There are infinitely many primes of the form 4k + 1. [Hint: Assume there is only a finite number of primes p1,p2,...,pn of the form 4k + 1. Using Exercise 38, show that q = (p1p2 ···pn)2 + 1 has a prime factor of the form 4k + 1, but different from p1,p2,... , and pn.] 40. Let p be an odd prime. Then the congruence x4 ≡ −1 (mod p) is solvable if and only if p is of the form 8k + 1. 41. There are infinitely many primes of the form 8k + 1. [Hint: Assume there is only a finite number of primes p1,p2,...,pn of the form 8k + 1. Using Exercise 40, show that q = (p1p2 ···pn)4 + 1 has a prime factor of the form 8k + 1, but different from p1,p2,... , and pn.] 42. Let m be a positive integer with a primitive root and a a positive integer such that (a,m) = 1. Then the congruence xk ≡ a (mod m) is solvable if and only if aϕ(m)/d ≡ 1 (mod m), where d = (k,ϕ(m)). 43. Let p be a prime and a a positive integer such that p a. Then the congruence xk ≡ a (mod p) is solv- able if and only if a(p−1)/d ≡ 1 (mod p), where d = (k,p − 1). (Hint: Use Exercise 42.)
- 609. Chapter Summary 489 X CHAPTER SUMMARY In this chapter we studied three important concepts: the order of a positive integer modulo m, primitive root, and the index of a least residue modulo m. We learned their fundamental properties and a few applications, including the existence of infinitely many primes of certain types; two primality tests; and methods of finding remainders and solving special congruences. The Order of a Positive Integer • The order of a positive integer a, where (a,m) = 1, is the least positive ex- ponent e such that ae ≡ 1 (mod m). It is denoted by ordm a or simply orda. (p. 456) • Let ordm a = e. Then an ≡ 1 (mod m) if and only if e|n. (p. 457) • In particular, ordm a|ϕ(m). (p. 457) • If p is a prime, then ordm a|p − 1. (p. 457) • Let ordm a = e. Then ai ≡ aj (mod m) if and only if i ≡ j (mod e). (p. 458) • Let ordm a = e and k any positive integer. Then ordm(ak) = e/(e,k). (p. 458) • ordm(ak) = e if and only if (e,k) = 1. (p. 459) Primitive Root • A positive integer α such that (α,m) = 1 is a primitive root modulo m if ordm α = ϕ(m). (p. 460) • If α is a primitive root modulo m, then the least residues of α,α2,...,αϕ(m) modulo m are a permutation of the ϕ(m) positive integers ≤ m and relatively prime to it. (p. 461) • If m has a primitive root, then it has ϕ(ϕ(m)) primitive roots. (p. 462) • If a prime p has a primitive root, then it has ϕ(p − 1) primitive roots. (p. 462) Primality Tests • (Lucas’ theorem) Let n be a positive integer. If there is a positive integer x such that xn−1 ≡ 1 (mod n) and x(n−1)/q ≡ 1 (mod n) for all prime factors q of n − 1, then n is prime. (p. 464) • Let n be an odd positive integer. If there is a positive integer x such that x(n−1)/2 ≡ −1 (mod n) and x(n−1)/q ≡ 1 (mod n) for all odd prime factors q of n − 1, then n is prime. (p. 465) Primitive Roots for Primes • (Lagrange’s theorem) Let f(x) = n i=0 aixi be a polynomial of degree n ≥ 1 with integral coefficients, where p an. Then the congruence f(x) ≡ 0 (mod p) has at most n incongruent solutions modulo p. (p. 467)
- 610. 490 CHAPTER 10 Primitive Roots and Indices • If p is a prime and d|p − 1, then the congruence xd − 1 ≡ 0 (mod p) has exactly d incongruent solutions modulo p. (p. 469) • (Wilson’s theorem) If p is a prime, then (p − 1)! ≡ −1 (mod p). (p. 469) • Let p be a prime and d|p−1. Then there are exactly ϕ(d) incongruent integers of order d modulo p. (p. 471) • Every prime p has ϕ(p − 1) incongruent primitive roots. (p. 472) Composites with Primitive Roots • If α is a primitive root modulo an odd prime p, then ordp2 (α + p) = p − 1. (p. 475) • If α is a primitive root modulo an odd prime p, then either α or α + p is a primitive root modulo p2. (p. 475) • Let α be a primitive root modulo an odd prime p such that αp−1 ≡ 1 (mod p2). Then αpk−2(p−1) ≡ 1 (mod pk) for every integer k ≥ 2. (p. 476) • Every power pk of an odd prime p has a primitive root, where k ≥ 2. (p. 477) • The square of every odd integer is congruent to 1 modulo 8. (p. 478) • Let a be an odd integer and t ≥ 3. Then a2t−2 − ≡ 1 (mod 2t). (p. 479) • The integer 2k has no primitive roots if k ≥ 3. (p. 479) • The integer ab possesses no primitive roots if a,b 2 and (a,b) = 1. (p. 479) • A positive integer has no primitive roots if it has two distinct odd prime factors or if it is of the form 2ipj, where p is an odd prime and i ≥ 2. (p. 480) • The integer n = 2pj, where p is an odd prime, has a primitive root. (p. 480) • The only positive integers that possess primitive roots are 1, 2, 4, pk, and 2pk, where p is an odd prime and k a positive integer. (p. 482) Index of an Integer • Let α be a primitive root modulo m and (a,m) = 1. The least positive integer k such that αk ≡ a (mod m) is the index of a to the base α modulo m, denoted by indαa or simply ind a. For a given modulus m, it depends on the choice of α. (p. 483) • Let m be a positive integer with a primitive root α, and a and b be positive integers relatively prime to m. Then: • indα 1 ≡ 0 (mod ϕ(m)) • indα(ab) ≡ indα a + indα b (mod ϕ(m)) • indα(an) ≡ n · indα a (mod ϕ(m)) (p. 484)
- 611. Review Exercises 491 X REVIEW EXERCISES Evaluate each. 1. ord7 4 2. ord9 4 3. ord11 4 4. ord13 4 Using the given order of the least residue a of a prime p, compute the order of the element b modulo p. 5. ord13 5 = 4, b = 57 6. ord17 8 = 8, b = 86 Using the given orders of the least residues a and b, compute ordm(ab). 7. ord13 5 = 4, ord13 9 = 3 8. ord18 7 = 3, ord18 17 = 2 Find the number of primitive roots modulo each. 9. 24 10. 38 11. 1024 12. 33,614 Determine whether each integer has a primitive root. 13. 1723 14. 2116 15. 48,778 16. 167,042 Using the given primitive root α modulo m, find the remaining primitive roots. 17. α = 3, m = 50 18. α = 2, m = 81 19. Let α be a primitive root modulo pj, where p is an odd prime and j ≥ 1. Find a primitive root β modulo 2pj. Using the given primitive root α modulo each prime p, find a primitive root modulo n. 20. α = 3, p = 7, n = 2p 21. α = 5, p = 23, n = p2 22. α = 2, p = 29, n = p2 23. α = 2, p = 5, n = 2p3 Find the incongruent primitive roots modulo each. 24. 10 25. 50 26. 54 27. 81 28. 98 29. 121 30. 125 31. 162 32. Using the fact that ord15 7 = 4, compute the remainder when 372002 is divided by 15. 33. Using the fact that 6 is a primitive root modulo 109, compute the remainder when 4242076 is divided by 109. 34. Find ordp(p − a) if ordp a = q, where p and q are odd primes. Compute each, where 3 and 5 are primitive roots modulo 14. 35. ind3 11 36. ind3 3 37. ind5 13 38. ind3 9 Using the modulus 50 and the fact that ind3 13 = 17 and ind3 47 = 11, compute each. 39. ind3(13 · 47) 40. ind3(474)
- 612. 492 CHAPTER 10 Primitive Roots and Indices Let α be a primitive root modulo a positive integer m 2 and (a,m) = 1. Then indα(m − a) ≡ indα a + ϕ(m)/2 (mod ϕ(m)). Using this fact, α = 3, m = 14, and the given indα a, compute indα(m − a). 41. ind3 5 = 5 42. ind3 13 = 3 Solve each congruence using indices. 43. 3x7 ≡ 4 (mod 11) 44. 5x3 ≡ 8 (mod 13) 45. 54x−1 ≡ 11 (mod 17) 46. 133x−4 ≡ 16 (mod 19) Using indices, find the remainder when the first integer is divided by the second. 47. 501976, 13 48. 10301030, 17 Verify that each integer n is a prime, using Lucas’ theorem and the given value of x. 49. n = 137, x = 3 50. n = 1193, x = 3 Verify that each integer n is a prime, using Corollary 10.5 and the given value of x. 51. n = 137, x = 3 52. n = 709, x = 2 X SUPPLEMENTARY EXERCISES Let fn denote the nth Fermat number, where n ≥ 0. 1. Prove that ordfn 2|2n+1. 2. Find ordfn 2, where fn is a prime. 3. Prove that ordp 2 = 2n+1, where p is a prime factor of fn. 4. Prove that every prime factor of fn is of the form 2n+1k + 1. (This was shown by Euler in 1747; eight years earlier, he had shown that every such factor must be of the form 2t+1k + 1. (Hint: Use Exercise 3.) 5. Using the fact ord19 7 = 3, find ord19 8. (Hint: 8 = 7 + 1.) 6. Using the fact ord31 26 = 6, find ord31 25. (Hint: 25 = 26 − 1.) 7. Let ordp a = 3, where p is an odd prime. Prove that ordp(a + 1) = 6. 8. Let ordp(a + 1) = 6, where p is an odd prime. Prove that ordp a = 3. Let k, m, and n be any positive integers. Prove or disprove each. 9. ordmn 10 = [ordm 10,ordn 10], where (m,10) = (n,10) = (m,n) = 1. (C. Cooper and R. E. Kennedy, 1995) 10. If p is a prime 3, then ordpk 10 = pk−1 ·ordp10. (C. Cooper and R. E. Kennedy, 1995) 11. Find an odd prime p and a primitive root g modulo p such that 1 g p and g is not a primitive root modulo p2. (S. W. Golomb, 1993)
- 613. Computer Exercises 493 X COMPUTER EXERCISES Write a program to perform each task. 1. Read in a prime p and find the order of each least residue modulo p. 2. Read in a positive integer m. Find the order of each least residue modulo m, if it exists. 3. Read in a positive integer m and list all its primitive roots, if they exist. 4. Find the smallest prime p with a primitive root α such that it is not a primitive root modulo p2. 5. Make a list of primes p ≤ 100 and the smallest primitive root modulo each. 6. Read in a primitive root α modulo a prime p and print the remaining incongruent primitive roots modulo p. 7. Read in a primitive root α modulo pj, where p is an odd prime and j ≥ 1. Using α, find a primitive root modulo 2pj. 8. Read in an odd prime p. Find a primitive root α modulo p and use it to find a primitive root modulo p2 and 2pj, where j ≥ 1. 9. Read in the first 10 odd primes p. Find a primitive root α modulo p and use it to find a primitive root modulo p2 and 2pj for each p, where j ≥ 1. Print the output in tabular form. 10. Read in an odd prime p. Find a primitive root α modulo p and use it to construct a table of indices of every least positive residue a modulo p. Use the table to pair the least residues that are multiplicative inverses of each other. X ENRICHMENT READINGS 1. J. D. Dixon, “Factorization and Primality Tests,” The American Mathematical Monthly, 91 (1984), 333–353. 2. N. Robbins, “Calculating a Primitive Root (mod pe),” The Mathematical Gazette, 59 (1975), 195.
- 615. 11 Quadratic Congruences . . . mathematical proofs, like diamonds, are hard as well as clear, and will be touched by nothing but strict reasoning. — JOHN LOCKE e studied the solvability of linear congruences in Section 4.2 and dis- Wcussed primitive roots in Chapter 10. Now we turn to quadratic con- gruences. This includes the concept of a quadratic residue; a test for an integer to be a quadratic residue; two powerful notations—the Legendre symbol and the Jacobi symbol; the fascinating law of quadratic reciprocity, which is one of the jewels of number theory; and a primality test for Fermat numbers. 11.1 Quadratic Residues We begin by considering the quadratic congruence Ax2 + Bx + C ≡ 0 (modp) (11.1) where p is an odd prime and p A. (If p|A, then it reduces to a linear congruence.) Since p is odd and p A, p 4A. So we multiply both sides of congruence (11.1) by 4A to yield a perfect square on the LHS: 4A(Ax2 + Bx + C) ≡ 0 (modp) (11.2) But 4A(Ax2 + Bx + C) = 4A2 x2 + 4ABx + 4AC = (2Ax + B)2 − B2 − 4AC 495
- 616. 496 CHAPTER 11 Quadratic Congruences Therefore, congruence (11.2) can be rewritten as (2Ax + B)2 ≡ B2 − 4AC (modp) (11.3) which is of the form y2 ≡ a (modp) (11.4) where y = 2Ax + B and a = B2 − 4AC. Since these steps are reversible, this discussion shows that congruence (11.1) is solvable if and only if congruence (11.4) is solvable. The following numeric example demonstrates this. EXAMPLE 11.1 Solve the quadratic congruence 3x2 − 4x + 7 ≡ 0 (mod13). SOLUTION 3x2 − 4x + 7 ≡ 0 (mod13) Multiply both sides by 4 · 3 = 12: 36x2 − 48x + 84 ≡ 0 (mod13) That is, (6x − 4)2 ≡ (16 − 84) (mod13) (6x − 4)2 ≡ 10 (mod13) Let y = 6x − 4. Then y2 ≡ 10 (mod13). This congruence has exactly two solutions, y ≡ 6, 7 (mod13). (Verify this.) Therefore, the solutions of the congruence are given by those of the linear con- gruences 6x − 4 ≡ 6 (mod13) and 6x − 4 ≡ 7 (mod13), namely, x ≡ 6, 4 (mod13). Verify this, too. Notice that the quadratic congruence in this example has exactly two solutions. But the next example shows that not every quadratic congruence has a solution. EXAMPLE 11.2 Solve, if possible, the quadratic congruence 3x2 + 7x + 5 ≡ 0 (mod13). SOLUTION The congruence 3x2 + 7x + 5 ≡ 0 (mod13) yields (6x + 7)2 ≡ 2 (mod13) (verify this). But the square of none of the least residues modulo 13 yields 2. So this con- gruence, and hence the given one, is not solvable.
- 617. 11.1 Quadratic Residues 497 Since congruences (11.1) and (11.4) are equivalent, meaning they have exactly the same solutions when solvable, we restrict our study to congruences of the form x2 ≡ a (modp) (11.5) Since x2 ≡ 10 (mod13) has exactly two solutions, but x2 ≡ 2 (mod13) has none, we are tempted to ask: When is congruence (11.5) solvable? When solvable, how many incongruent solutions does it have modulo p? To answer the second question first, suppose that p|a. Then x2 ≡ 0 (modp), so x ≡ 0 (modp) is the only solution. Now assume p a. Then congruence (11.5) has exactly two incongruent solutions. To see this, let α be a solution of (11.5): α2 ≡ a (modp). Let β = p − α. Then β2 = (p − α)2 ≡ (−α)2 ≡ α2 ≡ a (modp). So β is also a solution of the congruence. Besides, α and β are incongruent, since if β ≡ α (modp), then p − α ≡ α (modp); that is, −α ≡ α (modp), so 2α ≡ 0 (modp). But (2,p) = 1; therefore, α ≡ 0 (modp), which is a contradiction. Thus, α and p − α are two incongruent solutions of congru- ence (11.5). Suppose congruence (11.5) has a third solution γ . Then γ 2 ≡ α2 (modp), so p|γ 2 − α2. Then either γ ≡ α (modp) or γ ≡ −α ≡ β (modp). Consequently, con- gruence (11.5) has no more than two solutions. We have thus established the following result. LEMMA 11.1 Let p be an odd prime and a an integer such that p a. Then the congruence x2 ≡ a (modp) has either no solutions or exactly two incongruent solutions. This discussion shows that if we can find one solution α, we can find the other by simply taking its additive inverse −α. For instance, in Example 11.1 we found that 6 is a solution of x2 ≡ 10 (mod13); so the other solution is −6 ≡ 7 (mod13), as expected. Before we answer the question concerning when congruence (11.5) is solvable, we need to make the following definition. Quadratic Residue Let m be a positive integer and a any integer such that (a,m) = 1. Then a is a quadratic residue of m if the congruence x2 ≡ a (modm) is solvable; otherwise, it is a quadratic nonresidue of m. Notice that if b ≡ a (modm), and if a is a quadratic residue of m, then b is also a quadratic residue of m. Accordingly, we confine our discussion of quadratic residues to the least residues modulo m. The following example illustrates the definition.
- 618. 498 CHAPTER 11 Quadratic Congruences EXAMPLE 11.3 Find the quadratic residues and nonresidues of p = 13. SOLUTION Notice that 12 ≡ 1 ≡ 122 (mod13) 22 ≡ 4 ≡ 112 (mod13) 32 ≡ 9 ≡ 102 (mod13) 42 ≡ 3 ≡ 92 (mod13) 52 ≡ 12 ≡ 82 (mod13) 62 ≡ 10 ≡ 72 (mod13) Accordingly, 13 has exactly six quadratic residues, namely, 1, 3, 4, 9, 10, and 12; and it has six quadratic nonresidues also, namely, 2, 5, 6, 7, 8, and 11. (In 1973, R. H. Hudson of the University of South Carolina proved that 13 is the only prime p that has more than √ p consecutive quadratic nonresidues.) This example provides us with two interesting bonuses: • The prime 13 has the same number of quadratic residues and nonresidues, namely, 6; and • They form a partitioning of the set of positive residues of 13 (see Figure 11.1). Figure 11.1 The set of positive residues of 13. The following theorem shows that it is not a coincidence that 13 has the same number of quadratic residues and nonresidues. THEOREM 11.1 Every odd prime p has exactly (p − 1)/2 quadratic residues and (p − 1)/2 quadratic nonresidues. PROOF Suppose p has k (incongruent) quadratic residues. By Lemma 11.1, each yields two incongruent solutions, so the total number of solutions is 2k. But there are p − 1
- 619. 11.1 Quadratic Residues 499 squares of the least positive residues, 1 through p − 1. So 2k = p − 1; that is, k = (p − 1)/2. Thus, there are (p − 1)/2 quadratic residues and (p − 1)/2 quadratic nonresidues. We still have not answered the question we asked earlier: When is congru- ence (11.5) solvable? This is answered by the following theorem, developed by Euler. THEOREM 11.2 (Euler’s Criterion) Let p be an odd prime. Then a positive integer a with p a is a quadratic residue of p if and only if a(p−1)/2 ≡ 1 (modp). PROOF Suppose that a is a quadratic residue of p. Then the congruence x2 ≡ a (modp) has a solution α, where (p,α) = 1. Consequently, by Fermat’s little theorem, αp−1 ≡ 1 (modp). Then a(p−1)/2 ≡ (α2)(p−1)/2 = αp−1 ≡ 1 (modp). Conversely, suppose that a(p−1)/2 ≡ 1 (modp). By Corollary 10.8, p has a prim- itive root β. Then a ≡ βk (modp) for some positive integer k, where 1 ≤ k ≤ p − 1. Then βk(p−1)/2 ≡ a(p−1)/2 ≡ 1 (modp). Since β is a primitive root modulo p, ordp β = p − 1|k(p − 1)/2; that is, k must be an even integer, say, k = 2i. Then a ≡ β2i ≡ (βi)2 (modp), so a is a quadratic residue of p. This completes the proof. The following example demonstrates this test. EXAMPLE 11.4 Determine whether 10 and 7 are quadratic residues of 13. SOLUTION • Notice that 10(13−1)/2 = 106 ≡ (−3)6 ≡ 1 (mod13), so, by Euler’s criterion, 10 is a quadratic residue of 13, as found in Example 11.3. (Consequently, the congruence x2 ≡ 10 (mod13) is solvable.) • This time, we compute 7(13−1)/2 (mod13): 7(13−1)/2 ≡ 76 ≡ (73)2 ≡ 52 ≡ −1 (mod13). Since 76 ≡ 1 (mod13), by Euler’s criterion, 7 is a quadratic nonresidue of 13, as found in Example 11.3. In Theorem 11.2, suppose a(p−1)/2 ≡ 1 (modp). Then a is a quadratic non- residue. We can then tell exactly what the least residue of a(p−1)/2 modulo p is. To this end, notice that, by Fermat’s little theorem, ap−1 ≡ 1 (modp). Since p is odd and ap−1 − 1 = [a(p−1)/2 + 1][a(p−1)/2 − 1], this implies either a(p−1)/2 ≡ 1 (modp) or a(p−1)/2 ≡ −1 (modp). But a(p−1)/2 ≡ 1 (modp), so a(p−1)/2 ≡ −1 (modp). Thus, if a is a quadratic nonresidue, then a(p−1)/2 ≡ −1 (modp). Conversely, let a be an integer such that p a and a(p−1)/2 ≡ −1 (modp). Then a cannot be a quadratic residue, since if it is, then, by Euler’s criterion, a(p−1)/2 ≡
- 620. 500 CHAPTER 11 Quadratic Congruences 1 (modp). This implies −1 ≡ 1 (modp); that is, p = 2, which is a contradiction. Thus, if a(p−1)/2 ≡ −1 (modp), then a must be a quadratic nonresidue. Accordingly, we have the following result. COROLLARY 11.1 Let p be an odd prime. Then a positive integer a, where p a, is a quadratic non- residue if and only if a(p−1)/2 ≡ −1 (modp). For instance, in Example 10.12 we found that 5(1213−1)/2 ≡ 5606 ≡ −1 (mod1213). So, by this corollary, 5 is a quadratic nonresidue of 1213. It follows, by Euler’s criterion, that congruence (11.5) is solvable if and only if a(p−1)/2 ≡ 1 (modp). Although Theorem 11.2 provides a test for determining the solvability of the congruence, it is not practical when p is fairly large. We will explore this further in the next section. E X E R C I S E S 11.1 Solve each quadratic congruence, if possible. 1. x2 ≡ 1 (mod6) 2. x2 ≡ 1 (mod8) 3. x2 ≡ 1 (mod12) 4. x2 ≡ 3 (mod6) 5. x2 ≡ 5 (mod6) 6. 7x2 ≡ 1 (mod18) 7. 3x2 ≡ 5 (mod7) 8. 7x2 ≡ 6 (mod13) 9. 4x2 ≡ 7 (mod11) 10. 4x2 + 4x − 3 ≡ 0 (mod5) 11. 2x2 + 3x + 1 ≡ 0 (mod7) 12. 2x2 + x + 1 ≡ 0 (mod11) 13. 25x2 + 70x + 37 ≡ 0 (mod13) Find the number of quadratic residues of each integer. 14. 17 15. 12 16. 19 17. 101 Find the quadratic residues of each integer. 18. 8 19. 18 20. 17 21. 23 Determine whether the given integer a is a quadratic residue of the corresponding prime p. 22. a = 5, p = 23 23. a = 7, p = 29 24. a = 2, p = 37 25. a = 3, p = 47 Verify that the congruences x2 ≡ a (modp) and x2 ≡ b (modp) are not solvable, but x2 ≡ ab (modp) is solv- able for the given values of a, b, and p. (See Exer- cise 34.) 26. a = 3, b = 5, p = 7 27. a = 7, b = 10, p = 11 28. Find the number of quadratic residues of the Fermat prime fn. Prove each. 29. Every primitive root modulo an odd prime p is a quadratic nonresidue. 30. The integer p − 1 is a quadratic residue of an odd prime p if and only if p ≡ 1 (mod4). 31. Let a be a quadratic residue of an odd prime p. Then p − a is a quadratic residue if and only if p ≡ 1 (mod4). 32. Let a be a quadratic residue of an odd prime p. Then p − a is a quadratic nonresidue if and only if p ≡ 3 (mod4). 33. The product of two quadratic residues of an odd prime p is a quadratic residue. 34. The product of two quadratic nonresidues of an odd prime p is a quadratic residue. 35. The square of a quadratic nonresidue of an odd prime p is a quadratic residue. 36. The product of a quadratic residue and a quadratic nonresidue of an odd prime p is a quadratic non- residue.
- 621. 11.2 The Legendre Symbol 501 37. The multiplicative inverse of a quadratic residue of an odd prime is also a quadratic residue. (Hint: Use Exercise 36.) 38. The integer p − 1 is a quadratic nonresidue of every Mersenne prime Mp. 39. An integer a is a quadratic residue of a Mersenne prime Mp if and only if p−a is a quadratic nonresidue of Mp. 40. If p = 2n + 1 is a prime, then every quadratic non- residue of p is a primitive root of p. 41. Let p be an odd prime such that (a, p) = 1 = (b, p). Then either all three quadratic congruences x2 ≡ a (modp), and x2 ≡ b (modp), x2 ≡ ab (modp) are solvable or exactly one of them is solvable. (Hint: Use Exercises 33 and 34.) 11.2 The Legendre Symbol Although Euler’s criterion provides us with a beautiful test for determining the solv- ability of the congruence x2 ≡ a (modp), computing a(p−1)/2 (modp) is tedious when p and a are large. For example, it is not easy to apply the test for determining the solvability of x2 ≡ 3797 (mod7297). (See Example 11.18.) So we now present the Legendre symbol, a powerful notation introduced by the French mathematician Adrien-Marie Legendre in his 1798 book, Essai sur la Theorie de Nombres. Legen- dre’s Theories des Nombres and Gauss’ Disquisitiones Arithmeticae were the stan- dard works on number theory for many years. The Legendre symbol, as we will see shortly, greatly simplifies our task of de- termining the solvability of congruence (11.5). The Legendre Symbol Let p be an odd prime and a any integer such that p a. The Legendre symbol (a/p) is defined by (a/p) = 1 if a is a quadratic residue of p −1 otherwise Notice that the Legendre symbol (a/p) is not defined if p|a. The next example illustrates this definition. EXAMPLE 11.5 In Example 11.3, we found that the residues 1, 3, 4, 9, 10, and 12 are quadratic residues of 13, whereas the residues 2, 5, 6, 7, 8, and 11 are not. Therefore, (1/13) = (3/13) = (4/13) = (9/13) = (10/13) = (12/13) = 1, whereas (2/13) = (5/13) = (6/13) = (7/13) = (8/13) = (11/13) = −1.
- 622. 502 CHAPTER 11 Quadratic Congruences Adrien-Marie Legendre (1752–1833) was born into a well-to-do Parisian family and studied at the Collège Mazarin. His first published articles appeared in 1774 in a treatise on mechanics by his mathematics professor, although he was not given credit in the book. He was a professor of mathematics at the École Militaire in Paris from 1775 to 1780 and afterward appointed professor at then École Nor- male. In 1782 Legendre won the Berlin Academy prize for his essay on ballistics. His memoir, Recherches d’Analyse Indeterminee, published in 1785, contains a nonrigorous account of the law of quadratic reciprocity, as well as many applica- tions, a discussion of the decomposition of positive integers as the sum of three squares, and a Statement of Dirichlet’s theorem on the existence of infinitely many primes in arithmetic progressions (Theorem 3.16). In 1823 he provided a beauti- ful demonstration of Fermat’s last theorem for the case n = 5. Although best known for his work on elliptic integrals, Legendre made significant contributions to number theory, calculus of variations, spherical harmonics, and geometry. His Éléments de Géométrie, a pedagogical improvement of Euclid’s Elements, was so popular that it went through numerous editions and translations, and was used as a text for over a century, the first English translation appearing in 1819. Legendre had a second edition of his number theory book published in 1808, a third edition in 1830 in two volumes under the title Théories des Nombres, and a fourth edition in 1900. A disciple of Euler and Lagrange, a marvelous calculator, and a skillful analyst, Legendre raised “numerous questions that were fruitful subjects of investigation for mathematicians of the 19th century.” Using the Legendre symbol, it follows that (a/p) ≡ a(p−1)/2 (modp). Accord- ingly, Euler’s criterion can be rewritten as follows. THEOREM 11.3 (Euler’s Criterion) Let p be an odd prime. Then a positive integer a with p a is a quadratic residue of p if and only if (a/p) = 1. In other words, x2 ≡ a (modp) is solvable if and only if (a/p) = 1. For instance, since (10/13) = 1, x2 ≡ 10 (mod13) is solvable. (See Example 11.5.) But (7/13) = −1, so x2 ≡ 7 (mod13) is not solvable. Thus, to determine the solvability of the congruence x2 ≡ 3797 (mod7297), we need to compute the symbol (3797/7297). But how do we evaluate it? We do not have enough tools to work with the symbol, so we present three fundamental properties of the symbol in the following theorem. THEOREM 11.4 Let p be an odd prime, and a and b be any integers with p ab. Then (1) If a ≡ b (modp), then (a/p) = (b/p). (2) (a/p)(b/p) = (ab/p) (3) (a2/p) = 1
- 623. 11.2 The Legendre Symbol 503 PROOF (1) Suppose a ≡ b (modp). Then the congruence x2 ≡ a (modp) is solvable if and only if x2 ≡ b (modp) is solvable. Therefore, (a/p) = (b/p). (2) By Euler’s criterion, (ab/p) ≡ (ab)(p−1)/2 ≡ a(p−1)/2b(p−1)/2 ≡ (a/p)(b/p) (modp). Again, since p is odd and the value of a Legendre symbol is 1 or −1, this is so if and only if equality holds. (3) By part (2), (a2/p) = (a/p)(a/p). But (a/p) = ±1. So (a2/p) = 1 in both cases. This completes the proof. Property (1) in the theorem can also be proved as follows. Suppose a ≡ b (modp) and the congruence x2 ≡ a (modp) is solvable; that is, (a/p) = 1. Since a ≡ b (modp), x2 ≡ b (modp) is also solvable. Therefore, (b/p) = 1 = (a/p). On the other hand, suppose x2 ≡ a (modp) is not solvable; that is, (a/p) = −1. Since a ≡ b (modp), x2 ≡ b (modp) is also not solvable. So (b/p) = −1 = (a/p). Thus, in both cases, (a/p) = (b/p). Property (3) can also be proven using congruence. Since x2 ≡ a2 (modp) is always solvable, (a2/p) = 1. The preceding properties have beautiful consequences (see Exercises 33–36 in Section 11.1): • If a ≡ b (modp), then either both are quadratic residues or both are quadratic nonresidues. • The product of two quadratic residues is a quadratic residue. • The product of a quadratic residue and a quadratic nonresidue is a quadratic nonresidue. • The product of two quadratic nonresidues is a quadratic residue. • The square of every integer relatively prime to p is a quadratic residue. Properties (2) and (3) can be employed to evaluate the Legendre symbol (a2b/p), where p ab, provided we know the value of (b/p). To see this, notice that (a2 b/p) = (a2 /p)(b/p), by property (2) = (b/p), by property (3) For example, suppose we know that (7/31) = 1. Then (28/31) = (4/31)(7/31) = 1 · (7/31) = (7/31) = 1. (We will see later how to compute (7/31) without using Euler’s criterion.) Using Euler’s criterion, we can now identify the primes for which −1 is a quadratic residue. COROLLARY 11.2 If p is an odd prime, then (−1/p) = (−1)(p−1)/2. That is, (−1/p) = 1 if p ≡ 1 (mod4) −1 if p ≡ −1 (mod4)
- 624. 504 CHAPTER 11 Quadratic Congruences PROOF By Euler’s criterion, (−1/p) ≡ (−1)(p−1)/2 (modp) = (−1)(p−1)/2 since (−1)(p−1)/2 = ±1 = 1 if p is of the form 4k + 1 −1 if p is of the form 4k + 3 = 1 if p ≡ 1 (mod4) −1 if p ≡ −1 (mod4) According to this corollary, −1 is a quadratic residue of p if and only if p ≡ 1 (mod4); that is, x2 ≡ p − 1 (modp) is solvable if and only if p ≡ 1 (mod4). For example, x2 ≡ 12 (mod13) is solvable, but x2 ≡ 22 (mod23) is not. Corollary 11.2 can now be used to evaluate Legendre symbols of the form (−a2/p), as the following example shows. EXAMPLE 11.6 Evaluate (−4/41) and (−9/83). SOLUTION • (−4/41) = (4/41)(−1/41), by property (2) = (−1/41) by property (3) = 1, by Corollary 11.2 • (−9/83) = (9/83)(−1/83) = (−1/83) = −1 Another interesting application of Theorem 11.4 and Corollary 11.2 is that they can be used to establish the existence of infinitely many primes of the form 4n + 1, as the following example shows (see Section 3.4). EXAMPLE 11.7 Prove that there are infinitely many primes of the form 4n + 1. PROOF (by contradiction) Assume that there is only a finite number of such primes, say, p1,p2,...,pk. Let N = (2p1p2 ···pk)2 + 1. Since N is odd, it must have an odd prime factor p. Then N ≡ 0 (modp), so (2p1p2 ···pk)2 ≡ −1 (modp).
- 625. 11.2 The Legendre Symbol 505 By property (3) in Theorem 11.4, ((2p1p2 ···pk)2/p) = 1 and so, by prop- erty (1), (−1/p) = 1. Then, by Corollary 11.2, p must be of the form 4n + 1. So p = pi for some i, where 1 ≤ i ≤ k. This implies, N ≡ 1 (modp), which is a contra- diction. Thus, there are infinitely many primes of the desired form. Property (2) in Theorem 11.4 can be applied to evaluate Legendre symbols of the form (qi/p), where p q, as the following corollary shows. COROLLARY 11.3 Let p be an odd prime, q a prime such that p q, and i a positive integer. Then (qi/p) = (q/p)i. The following example illustrates this. EXAMPLE 11.8 Using the fact that (5/17) = −1, compute (125/17) and (15625/17). SOLUTION • (125/17) = (53/17) = (5/17)3, by Corollary 11.3 = (−1)3 = −1 • (15625/17) = (56/17) = (5/17)6 = (−1)6 = 1 Returning to Theorem 11.4, we find that property (2) can obviously be extended to any finite number of primes not divisible by p. Accordingly, we have the following result, which follows by induction. COROLLARY 11.4 Let p be an odd prime and let n i=1 pei i be the canonical decomposition of a, where (a,p) = 1. Then (a/p) = n i=1 (pi/p)ei . PROOF Since (a, p) = 1, (pi, p) = 1 for every i. So (pei i /p) = (pi/p)ei , by Corollary 11.3. Thus, (a/p) = n i=1 (pei i /p) = n i=1 (pi/p)ei
- 626. 506 CHAPTER 11 Quadratic Congruences This result can be employed to evaluate (a/p), provided we know the value of (pi/p) for every prime factor pi of a, as the following example illustrates. EXAMPLE 11.9 Using the fact that (2/23) = 1 and (5/23) = −1, compute (5000/23). SOLUTION Notice that 5000 = 2354. So, by Corollary 11.4, (5000/23) = (2/23)3 (5/23)4 = 13 · (−1)4 = 1 How did we know that (2/23) = 1 and (5/23) = −1? We could certainly use Euler’s criterion to evaluate each, but we would like to avoid that tedious undertak- ing. Instead, we can derive additional properties of the Legendre symbol in the rest of this section and in the next, which will enable us to compute (a/p). To this end, we now prove an elegant criterion due to Gauss, although this also is theoretical in nature. Its proof is a bit long and complicated, so we will first study two examples to clarify the proof. EXAMPLE 11.10 Let p = 23 and a = 5. Let ν† denote the number of least positive residues of the 11 = (p − 1)/2 integers 1 · 5,2 · 5,3 · 5,...,11 · 5 modulo p that exceed p/2. Find ν and determine whether (5/23) = (−1)ν. SOLUTION Notice that the least positive residues of the integers 1 · 5, 2 · 5, 3 · 5, 4 · 5, 5 · 5, 6 · 5, 7 · 5, 8 · 5, 9 · 5, 10 · 5, and 11 · 5 modulo 23 are 5, 10, 15, 20, 2, 7, 12, 17, 22, 4, and 9, respectively. Clearly, five of them exceed p/2 = 11.5, so ν = 5. To evaluate (5/23), we apply Euler’s criterion: 5(p−1)/2 = 511 = 55 2 · 5 ≡ (−3)2 · 5 ≡ −1 (mod23) Thus, (5/23) = −1 and hence (5/23) = (−1)ν. This example shows that 5 is a quadratic nonresidue of 23; furthermore, the quadratic nature of 5 modulo 23 is determined by the value of ν. This fact is not a coincidence and is the essence of the next theorem, but first, let us examine one more example. † ν is the lower case Greek letter nu.
- 627. 11.2 The Legendre Symbol 507 EXAMPLE 11.11 (Example 11.10 continued) There are v = 5 least positive residues p/2, namely, 12, 15, 17, 20, and 22. Call them s1 through s5. Then the integers p−s1 through p−s5 are 23 − 12, 23 − 15, 23 − 17, 23 − 20, and 23 − 22 respectively, namely, 11, 8, 6, 3, and 1, respectively; no two of them are congruent modulo 23. There are k = 11 − v = 11 − 5 = 6 residues, r1 through r6, that are p/2, namely, 2, 4, 5, 7, 9, and 10; no two of them are congruent modulo 23 either. Furthermore, none of them is congruent to 11, 8, 6, 3, or 1 modulo 23. Thus the residues 2, 4, 5, 7, 9, 10, 11, 8, 6, 3, and 1 are positive and ≤ (p − 1)/2. (Amazingly enough, they are a permutation of the residues 1 through (p − 1)/2 modulo p.) We are now ready for the next milestone in our journey, discovered by Gauss in 1808. The proof is a bit long, so follow it patiently. THEOREM 11.5 (Gauss’ Lemma) Let p be an odd prime and a an integer such that p a. Let ν denote the number of least positive residues of the integers a,2a,3a,...,[(p−1)/2]a that exceed p/2. Then (a/p) = (−1)ν. PROOF Let r1,r2,...,rk be the least positive residues of the integers a,2a,3a,..., [(p − 1)/2]a modulo p that are ≤ p/2, and s1,s2,...,sν those that exceed p/2. Then k + ν = (p − 1)/2. Now, consider the integers r1,r2,...,rk,p − s1,p − s2,...,p − sν. Each is pos- itive and less than p/2. We would like to show that no two of them are congruent modulo p. First, notice that no two ris are congruent, since if ri ≡ rj (modp), then tia ≡ tja (modp) for some ti and tj, where i j and 1 ≤ ti, tj ≤ (p − 1)/2. But p a, so ti ≡ tj (modp), which is impossible. Thus, no two ris are congruent. Likewise, no two sis and hence no two p − sis are congruent modulo p. Next we would like to show that no ri is congruent to any p − sj. If ri ≡ p − sj (modp), then ri ≡ −sj (modp), so ri + sj ≡ 0 (modp). This is impossible, since both ri and sj are less than p/2 and hence ri + sj p. Thus, no ri is congruent to p − sj modulo p. Consequently, the positive integers r1,r2,...,rk,p − s1,p − s2,...,p − sν are all p/2 and are incongruent modulo p. Since there are k + ν = (p − 1)/2 of them, they must be the same as the least residues 1,2,...,(p − 1)/2. Therefore, r1r2 ···rk(p − s1)(p − s2)···(p − sν) ≡ 1 · 2··· p − 1 2 (modp) That is, (−1)ν r1r2 ···rks1s2 ···sν ≡ p − 1 2 ! (modp) (11.6)
- 628. 508 CHAPTER 11 Quadratic Congruences But r1,r2,...,rk, s1,s2,...,sν are the least positive residues of a,2a,..., p − 1 2 a. Therefore, r1r2 ···rks1s2 ···sν ≡ a(2a)(3a)··· p − 1 2 a (modp) Thus, (−1)ν a(2a)(3a)··· p − 1 2 a ≡ p − 1 2 ! (modp), by equation (11.6). Thus, (−1)ν a(p−1)/2 p − 1 2 ! ≡ p − 1 2 ! (modp) But p ((p − 1)/2)!, so (−1)ν a(p−1)/2 ≡ 1 (modp) That is, a(p−1)/2 ≡ (−1)ν (modp) But, by Euler’s criterion, (a/p) ≡ a(p−1)/2 (modp) Thus, (a/p) = (−1)ν, because (a/p) = ±1 and p is an odd prime. EXAMPLE 11.12 Evaluate (10/13) and (7/13) using Gauss’ lemma. SOLUTION • We have p = 13, a = 10, and (p − 1)/2 = 6. The least positive residues of the integers 1 · 10, 2 · 10, 3 · 10, 4 · 10, 5 · 10, and 6 · 10 modulo 13 are 10, 7, 4, 1, 11, and 8, respectively. Exactly ν = 4 of them are greater than p/2 = 6.5. Therefore, by Gauss’ lemma, (10/13) = (−1)4 = 1. • With a = 7, the least positive residues of the integers 1 · 7, 2 · 7, 3 · 7, 4 · 7, 5 · 7, and 6 · 7 modulo 13 are 7, 1, 8, 2, 9, and 3, respectively. Since ν = 3 of them are greater than p/2 = 6.5, (7/13) = (−1)3 = −1. (Notice that these values agree with the ones found in Example 11.5.) The following is an immediate consequence of Gauss’ lemma. COROLLARY 11.5 Let p be an odd prime with p a. Let ν denote the number of least positive residues of the integers a,2a,...,[(p − 1)/2]a that exceed p/2. Then (a/p) = 1 if and only if ν is even.
- 629. 11.2 The Legendre Symbol 509 An elegant application of Gauss’ lemma is that it can be used to determine the quadratic nature of 2 modulo an odd prime p, as the next theorem shows. First, we will study an example. EXAMPLE 11.13 Evaluate (2/13) using Gauss’ lemma. SOLUTION Here p = 13. By Gauss’ lemma, (2/13) = (−1)ν, where ν denotes the number of least positive residues of the integers 1 · 2, 2 · 2, 3 · 2, 4 · 2, 5 · 2, and 6 · 2 modulo 13 that exceed p/2 = 6.5. Notice that they are all less than p. This time, we shall find ν in a different way. v = number of the residues 2r that exceed p/2 = (p − 1)/2 − (number of positive integers 2r p/2) = 6 − (number of positive integersr p/4) = 6 − p/4 = 6 − 13/4 = 6 − 3 = 3 Therefore, (2/13) = (−1)3 = −1. (See Example 11.5 also.) This example paves the way for the following important result. THEOREM 11.6 Let p be an odd prime. Then (2/p) = 1 if p ≡ ±1 (mod8) −1 if p ≡ ±3 (mod8) PROOF By Gauss’ lemma, (2/p) = (−1)v, where ν denotes the number of least positive residues of the integers 1 · 2,2 · 2,3 · 2,..., p − 1 2 · 2 modulo p that are greater than p/2. Each of them is positive and less than p, so they are (p−1)/2 least residues modulo p. Thus, ν = number of the residues 2r that exceed p/2 = (p − 1)/2 − (number of positive integers 2r p/2) = (p − 1)/2 − (number of positive integers r p/4) = (p − 1)/2 − p/4 (11.7)
- 630. 510 CHAPTER 11 Quadratic Congruences case 1 Let p ≡ 1 (mod8). Then p = 8k + 1 for some integer k. So, ν = (p − 1)/2 − p/4 = 4k − 2k = 2k case 2 Let p ≡ −1 (mod8). Then p = 8k − 1 for some integer k. So, ν = (p − 1)/2 − p/4 = (4k − 1) − (2k − 1) = 2k case 3 Let p ≡ 3 (mod8). Then p = 8k + 3 for some integer k. So, ν = (p − 1)/2 − p/4 = (4k + 1) − 2k = 2k + 1 case 4 Let p ≡ −3 (mod8). Then p = 8k − 3 for some integer k. So, ν = (p − 1)/2 − p/4 = (4k − 2) − (2k − 1) = 2k − 1 Thus, if p ≡ ±1 (mod8), then ν is even, so (2/p) = 1; if p ≡ ±3, v is odd and hence (2/p) = −1. It follows from this theorem that 2 is a quadratic residue of an odd prime p if and only if p ≡ ±1 (mod8); that is, x2 ≡ 2 (modp) is solvable if and only if p ≡ ±1 (mod8). Using this result, we can now compute Legendre symbols of the form (±2a2/p), where p is an odd prime and p a, as the following example illustrates. EXAMPLE 11.14 Compute (8/19) and (22/31). SOLUTION • (8/19) = (4 · 2/19) = (4/19)(2/19), by Theorem 11.4 = (2/19), by Theorem 11.4 = −1, by Theorem 11.6 • (13/31) = (−18/31), by Theorem 11.4 = (9/31)(2/31)(−1/31), by Theorem 11.4 = (−1/31), by Theorems 11.4 and 11.6 = −1, by Corollary 11.2 The following example is an interesting application of Theorem 11.6 and Euler’s criterion. It illustrates the combined power of the two results.
- 631. 11.2 The Legendre Symbol 511 EXAMPLE 11.15 Verify that 9973|(24986 + 1). SOLUTION Notice that 9973 is a prime and is ≡ 5 (mod8). So, by Theorem 11.6, (2/9973) = −1. Thus, by Euler’s criterion, (2/9973) ≡ 24986 ≡ −1 (mod9973), so 9973|(24986 + 1). In this example, we could use properties of congruence and arrive at the same conclusion by showing that 24986 ≡ −1 (mod9973), but this would involve tedious and time-consuming computations. The dual power of Theorem 11.6 and Euler’s criterion makes our job a lot easier. Returning to Theorem 11.6, we can restate the formula for (2/p) in a compact way, as the following result shows. COROLLARY 11.6 Let p be an odd prime. Then (2/p) = (−1)(p2−1)/8. PROOF We consider the four cases as in the preceding proof. If p ≡ 1 (mod8), then p2 − 1 8 = p − 1 8 (p + 1) is an even integer; if p ≡ −1 (mod8), then p2 − 1 8 = p + 1 8 (p − 1) is also an even integer. Thus, if p ≡ ±1 (mod8), then (−1)(p2−1)/8 = 1 = (2/p), by Theorem 11.6. On the other hand, let p ≡ ±3 (mod8). Then p = 8k ± 3 for some integer k. Therefore, p2 − 1 8 = 64k2 ± 48k + 8 8 = 8k2 ± 6k + 1 which is clearly an odd integer. Consequently, (−1)(p2−1)/8 = −1 = (2/p), again, by Theorem 11.6. For example, (2/13) = (−1)(169−1)/8 = (−1)21 = −1. (See Example 11.13 also.) The following example, proposed by O. N. Dalton of Texas in 1982, is an interesting application of this corollary and Theorem 11.6. (See Example 11.27 also.) EXAMPLE 11.16 Let p be a prime of the form 4n ± 1. Compute the value of nn modulo p.
- 632. 512 CHAPTER 11 Quadratic Congruences SOLUTION Let p = 4n + r, where r = ±1. Then 4n ≡ −r (modp). So (4n)n ≡ (−r)n (modp); that is, 22n nn ≡ (−r)n (modp) (11.8) case 1 Let r = 1. Then 2n = (p − 1)/2, so 22n = 2(p−1)/2 ≡ (2/p) = (−1)(p2−1)/8 = (−1)n(2n+1) = (−1)2n+1 n ≡ (−1)n (modp) So congruence (11.8) yields (−1)n nn ≡ (−1)n (modp); thus, nn ≡ 1 (modp) case 2 Let r = −1. Then 22nnn ≡ 1 ≡ p + 1 (modp). Since (2/p) ≡ 2(p−1)/2 = 22n−1 (modp), this implies (2/p)nn ≡ (p + 1)/2 (modp); that is, nn ≡ (2/p)(p + 1)/2 (modp). Since p ≡ −1 (mod4), p ≡ 3 or 7 modulo 8. If p ≡ 3 (mod8), (2/p) = −1, so nn ≡ −(p+1)/2 ≡ (p−1)/2 = 2n−1 (modp). On the other hand, if p ≡ 7 (mod8), (2/p) = 1, so nn ≡ (p + 1)/2 = 2n (modp). Thus, nn = ⎧ ⎨ ⎩ 1 (modp) if p ≡ 1 or 5 (mod8) 2n (modp) if p ≡ 7 (mod8) 2n − 1 (modp) if p ≡ 3 (mod8) If p = 4n ± 1 is a prime, it is easy to show that n is a quadratic residue of p. See Exercise 44. Theorem 11.6 also has a fine application to primitive roots. Although we estab- lished in Chapter 10 that the integers 1, 2, 4, pk, and 2pk have primitive roots, we did not provide a constructive mechanism for finding them. We shall now see that 2 · (−1)(p−1)/2 is a primitive root modulo primes of the form 2p + 1, where p is an odd prime. THEOREM 11.7 If p and 2p+1 are odd primes, then 2·(−1)(p−1)/2 is a primitive root modulo 2p+1. PROOF Let q = 2p + 1 and α = 2 · (−1)(p−1)/2. Clearly, (α,p) = 1 and ϕ(q) = 2p. It suffices to show that ordqα = 2p. case 1 Let p ≡ 1 (mod4). Then q ≡ 3 (mod8), so (2/q) = −1, by Theorem 11.6. But, by Euler’s criterion, (2/q) ≡ 2(q−1)/2 (modq), so 2p = 2(q−1)/2 ≡ (2/q) ≡
- 633. 11.2 The Legendre Symbol 513 −1 (modq). Then α2p = [2 · (−1)(p−1)/2]2p = 22p · (−1)p(p−1) = 22p · 1 = 22p ≡ (−1)2 ≡ 1 (modq). Thus, ordq α|2p, so ordq α = 1, 2, p, or 2p. Clearly, ordq α = 1. If ordq α = 2, then α2 ≡ 1 (modq). Since α2 = 4, this means 4 ≡ 1 (modq); so q = 3; this implies p = 1, which is a contradiction. Now suppose that ordq α = p. Then αp ≡ 1 (modq). This implies, [2 · (−1)(p−1)/2]p = (2 · 1)p = 2p ≡ 1 (modq), since (p − 1)/2 is even. This is also a contradiction, since 2p ≡ −1 (modq) from the first paragraph. Therefore, ordq α = p. Thus, ordq α = 2p and α is a primitive root modulo q. case 2 Let p ≡ −1 (mod4). Then q ≡ −1 (mod8), so (2/q) = 1, by Theorem 11.6. Then 2p ≡ 1 (modq) and α2p ≡ 1 (modq). Consequently, ordq α = 1, 2, p, or 2p. Proceeding, as in case 1, we can show that ordq α = 1 or 2. So assume ordq α = p. Then αp ≡ 1 (modq). Since p and (p − 1)/2 are odd, this implies [2 · (−1)(p−1)/2]p = [2 · (−1)]p = −2p ≡ 1 (modq); that is, 2p ≡ −1 (modq). This is a contradiction, so ordq α = p. Consequently, ordq α = 2p and α is a primitive root modulo q. Thus, in both cases, α is a primitive root. It follows by this theorem that 2 is a primitive root modulo the primes 11, 59, 83, and 107, and −2 is a primitive root modulo 7, 23, and 47. (Verify these.) Interestingly, there is a similar result that shows 2 is a primitive root modulo yet another class of primes: If p and 4p + 1 are primes, then 2 is a primitive root modulo 4p + 1. (See Exercise 62.) E X E R C I S E S 11.2 Evaluate each Legendre symbol, using Euler’s crite- rion. 1. (5/7) 2. (3/11) 3. (7/11) 4. (11/17) Evaluate each, using Corollary 11.2. 5. (16/17) 6. (18/19) 7. (−1/29) 8. (−1/47) Using the fact that (2/23) = 1 = (3/23) and (5/23) = −1, evaluate each. 9. (128/23) 10. (125/23) 11. (600/23) 12. (1250/23) Using the fact that (3/19) = −1 = (7/19), compute each. 13. (27/19) 14. (63/19) 15. (147/19) 16. (9261/19) Let p be an odd prime with p a. Let ν denote the number of least positive residues of the integers a,2a, 3a,...,[(p − 1)/2]a that exceed p/2. Find the value of ν for the given values of p and a. 17. p = 13, a = 3 18. p = 13, a = 5 19. p = 17, a = 4 20. p = 19, a = 7 Using Gauss’ lemma, evaluate each. 21. (5/13) 22. (4/17) 23. (7/19) 24. (13/31) Compute each. 25. (2/19) 26. (2/23) 27. (2/41) 28. (2/43) 29. (13/31) 30. (−50/29) 31. (41/43) 32. (110/59)
- 634. 514 CHAPTER 11 Quadratic Congruences 33. If p and 4p + 1 are primes, then 2 is a primitive root modulo 4p + 1. Using this fact, find five primes for which 2 is a primitive root. (See Exercise 62.) Using the fact that (3/p) = 1 if p ≡ ±1 (mod12) −1 if p ≡ ±5 (mod12) evaluate each. (See Exercise 32 in Section 11.3.) 34. (3/17) 35. (12/19) 36. (−3/31) 37. (35/47) 38. Let p ≡ 3 (mod4) and q = 2p + 1 be primes. Then q|Mp. Using this fact, verify that 23|M11 and 47|M23. (See Exercise 52.) Let p be an odd prime with a primitive root α and a a positive integer ≤ p − 1. Then there exists an integer k such that αk ≡ a (modp), where 1 ≤ k ≤ p − 1. Then a is a quadratic residue of p if and only if k is even. Using this fact and the given primitive root α, find the quadratic residues of the corresponding prime. 39. p = 13, α = 2 40. p = 17, α = 3 Verify each. (Hint: Use Euler’s criterion.) 41. 1913|(2956 − 1) 42. 2029|(21014 − 1) Prove each, where p is an odd prime and (a, p) = 1 = (b, p). 43. If a ≡ b (modp), then either both a and b are quadratic residues or both are quadratic nonresidues. 44. If p = 4n ± 1 is a prime, then n is a quadratic residue of p. (O. N. Dalton, 1981) 45. Let p ≡ 1 (mod4) and a be a quadratic residue of p. Then p − a is a quadratic residue of p. 46. Let p ≡ 3 (mod4) and a be a quadratic residue of p. Then p − a is a quadratic nonresidue of p. 47. Let p ≡ ±1 (mod8) and a be a quadratic residue of p. Then 2a is a quadratic residue of p. 48. Let p ≡ 3 (mod8) and a be a quadratic residue of p. Then p − 2a is a quadratic residue of p. 49. (1/p) + (2/p) + ··· + ((p − 1)/p) = 0. (Hint: Use Theorem 11.1.) 50. (−2/p) = 1 if p ≡ 1 or 3 (mod8) −1 if p ≡ −1 or − 3 (mod8) 51. Let q be a prime factor of Mp. Then 2 is a quadratic residue of q if and only if q is of the form 2kp + 1. 52. Let p ≡ 3 (mod4) and q = 2p + 1 be primes. Then q|Mp. (Euler) Let a and b be positive integers such that ab ≡ 1 (modp). Then: 53. (a/p) = (b/p) 54. (a(a + 1)/p) = ((b + 1)/p) 55. Let p 3. Then p divides the sum of its quadratic residues. 56. Every primitive root modulo a Fermat prime fn is a quadratic nonresidue. Let p be an odd prime with a primitive root α and a a pos- itive integer ≤ p − 1. Then there exists an integer k such that αk ≡ a (modp), where 1 ≤ k ≤ p − 1. Using this fact, prove each. 57. The integer a is a quadratic residue of p if and only if k is even. 58. There are exactly (p − 1)/2 quadratic residues of p. 59. Using PMI, prove Corollary 11.4. Prove each. 60. There are infinitely many primes of the form 8n−1. [Hint: Assume there is only a finite number of such primes, p1,p2,...,pk. Consider the integer N = (4p1p2 ···pk)2 − 2 and apply Theorem 11.6.] 61. p−2 a=1 (a(a + 1)/p) = −1 (Hint: The integer a has a multiplicative inverse b. Then use Exercises 54 and 58.) 62. If p and 4p + 1 are primes, then 2 is a primitive root modulo 4p + 1. 63. Every quadratic nonresidue of a Fermat prime fn is a primitive root modulo fn. 64. Using the technique used in the proof of Theorem 11.6, derive a formula for (3/p), where p is a prime 3.
- 635. 11.3 Quadratic Reciprocity 515 11.3 Quadratic Reciprocity Let p be an odd prime and a = i pei i be the canonical decomposition of a, where (p, pi) = 1 for all pi. Then, as we found in Corollary 11.4, the Legendre symbol (a/p) can be evaluated, provided we know the value of (pi/p), where p and pi are distinct primes. To evaluate the Legendre symbol, suppose that p and q are distinct odd primes. Suppose we know the value of (p/q). Can we then compute (q/p)? In other words, if p is a square modulo q, is q a square modulo p? Astonishingly, such a remarkable relationship exists between them. Based on numerical evidence, it was conjectured by Euler in 1783 and by Lagrange in 1785. Two years later, Legendre restated the relationship, the law of quadratic reciprocity, in its present elegant form, and pro- vided a long but incomplete proof in the Mémoires of the French Academy. He tried another proof in his 1798 Essai, but that also was imperfect. Gauss began his work on quadratic residues before he entered the University of Göttingen. After a year of intense study and perhaps unaware of the earlier work by Euler, Lagrange, and Legendre, Gauss gave the first complete, rigorous proof of the law; he was only 18 years old then. He called it the fundamental theorem, “the gem of higher arithmetic.” “For a whole year,” he later wrote, “this theorem tormented me and absorbed my greatest efforts until, at last, I obtained the proof explained in the fourth section of the Disquisitiones Arithmeticae.” Gauss took credit for the law, claiming that a theorem belongs to the one who provides the first demonstration of it. An irate Legendre complained: “This excessive impudence is unbelievable in a man who has sufficient personal merit not to have the need of appropriating the discoveries of others.” In any case, in 1808 Legendre adopted the proof by his young critic. Gauss was so intrigued by the law that he went on to publish seven more independent proofs, one in 1796, 1801, and 1805, two in 1808, and two in 1818; he also searched for an analogue in the theory of cubic and biquadratic residues. Since that time, mathematicians have attempted to construct newer proofs of the law. In 1830, Jacobi supplied a proof that Legendre called superior to Gauss’. Since 1796, more than 190 proofs have been published, the most recent in 2004 by S. Y. Kim of McMaster University, Ontario, Canada, in The American Mathematical Monthly. The following lemma, which appears complicated, paves the way for the law of quadratic reciprocity. LEMMA 11.2 Let p and q be distinct odd primes. Then (p−1)/2 k=1 kq p + (q−1)/2 k=1 kp q = (p − 1) 2 · (q − 1) 2
- 636. 516 CHAPTER 11 Quadratic Congruences Before we prove the lemma, let us study the following example for a better understanding of its proof. EXAMPLE 11.17 Verify Lemma 11.2 with p = 7 and q = 11. SOLUTION (p−1)/2 k=1 kq p = 3 k=1 11k 7 = 11 · 1 7 + 11 · 2 7 + 11 · 3 7 = 1 + 3 + 4 = 8 (q−1)/2 k=1 kp q = 5 k=1 7k 11 = 7 · 1 11 + 7 · 2 11 + 7 · 3 11 + 7 · 4 11 + 7 · 5 11 = 0 + 1 + 1 + 2 + 3 = 7 Therefore, LHS = 8 + 7 = 15 = 3 · 5 = RHS. Unfortunately, although this example illustrates the lemma, the algebraic ap- proach does not shed any light on its proof. Therefore, we demonstrate it geometri- cally. Notice that 11k 7 is the number of positive integers ≤ 11k 7 ; that is, 11k 7 equals the number of lattice points (which are points with integral coordinates on the cartesian plane) that lie on the line x = k, above the x-axis, and below the line y = 11 7 x. Therefore, 3 i=1 11k 7 is the number of lattice points inside or on the polygon ABCD in Figure 11.2. It equals 1 + 3 + 4 = 8. On the other hand, 7k 11 equals the number of lattice points that lie on the line y = k, but to the right of the y-axis, and above line x = 7 11 y; that is, y = 11 7 x. Thus, 5 k=1 7k 11 is the number of lattice points that lie on or inside the polygon ADEF in the figure; it equals 0 + 1 + 1 + 2 + 3 = 7. Thus the total number of lattice points = 8 + 7 = 15 = 3 · 5 = number of lattice points inside or on the rectangle BCEF.
- 637. 11.3 Quadratic Reciprocity 517 Ferdinand Gotthold Eisenstein (1823–1852), born in Berlin, entered the Univer- sity of Berlin at the late age of 20 due to ill health. But by then he had mastered the work of Gauss, Dirichlet, and Jacobi. In 1844, he published two proofs of the law of quadratic reciprocity, and the analogous laws of cubic reciprocity and biquadratic reciprocity. Four years later in Berlin he was imprisoned briefly by the Prussian army for his revolutionary activities in Berlin. Elected to the Berlin Academy of Sci- ences as Jacobi’s successor in 1852, he made significant contributions to number theory and algebra. Eisenstein died of tuberculosis at the age of 29. Figure 11.2 We now employ this geometric approach to establish the lemma. It is due to the German mathematician Ferdinand Eisenstein, a student of Gauss at Berlin. PROOF (of the lemma) Let S(p,q) = (p−1)/2 k=1 kq p and S(q,p) = (q−1)/2 k=1 kp q . Since p and q are distinct odd primes, kq/p and kp/q are never integers. Since kq p is the number of positive integers ≤ kq p , kq p gives the number of lattice points on the vertical line x = k, above the x-axis, and below the line y = q p x. (Notice that no points on the line y = q p x are lattice points when x p.) Therefore, S(p,q) denotes the number of lattice points above the x-axis, below the line y = q p x, and on the vertical lines x = k, where 1 ≤ k ≤ p − 1 2 . Referring to Figure 11.3, S(p,q) equals the number of lattice points on or inside the polygon ABCDE.
- 638. 518 CHAPTER 11 Quadratic Congruences Figure 11.3 A similar argument shows that S(q, p) denotes the total number of lattice points lying to the right of the y-axis, above the line x = p q y; that is, y = q p x, and on the lines y = k, where 1 ≤ k ≤ q − 1 2 . In other words, S(q, p) denotes the number of lattice points inside or on AEF. Thus, S(p,q)+S(q, p) denotes the total number of lattice points inside or on the rectangle BCDF, namely, p − 1 2 · q − 1 2 . This yields the desired result. At last we arrive at the law of quadratic reciprocity, which is quite aesthetically appealing. The proof given is Gauss’ third proof of the law, and hinges on his earlier lemma and Lemma 11.2, just proved. The proof begins identically to that of Gauss’ lemma, so you may review its proof. THEOREM 11.8 (Law of Quadratic Reciprocity) Let p and q be distinct odd primes. Then (p/q)(q/p) = (−1) p−1 2 · q−1 2 PROOF Let r1,r2,...,rk denote the least positive residues of the integers q,2q,..., p − 1 2 q modulo p that are ≤ p/2 and s1,s2,...,sv those that exceed p/2. Clearly, k + ν = p − 1 2 and (q/p) = (−1)ν.
- 639. 11.3 Quadratic Reciprocity 519 In the proof of Gauss’ lemma, we established that the p − 1 2 integers r1,r2, ...,rk, p−s1,p−s2,...,p−sν are a permutation of the integers 1,2,...,(p−1)/2. Therefore, k i=1 ri + ν j=1 (p − sj) = (p−1)/2 k=1 k = p − 1 2 p + 1 2 2 Thus, k i=1 ri + νp − ν j=1 sj = p2 − 1 8 Let R = k i=1 ri and S = ν j=1 sj. Then, this yields, p2 − 1 8 = R + νp − S (11.9) Returning to the preceding integers kq, where 1 ≤ k ≤ p − 1 2 , kq p denotes the quotient when kq is divided by p. Let tk denote the remainder when kq is divided by p, where 0 ≤ tk p. Thus tk is the least residue of kq modulo p. Then, by the division algorithm, kq = kq p · p + tk where 0 ≤ tk ≤ p − 1 Therefore, (p−1)/2 k=1 kq = (p−1)/2 k=1 kq p · p + (p−1)/2 k=1 tk That is, q (p−1)/2 k=1 k = pS(p,q) + R + S q · p2 − 1 8 = pS(p,q) + R + S (11.10) Subtracting equation (11.9) from equation (11.10), we get (q − 1) · p2 − 1 8 = p[S(p,q) − ν] + 2S
- 640. 520 CHAPTER 11 Quadratic Congruences Since the LHS and 2S are even, it follows that S(p, q) − ν is even. Therefore, (−1)S(p,q)−ν = 1; that is, (−1)S(p,q) = (−1)ν. But, by Gauss’ lemma, (q/p) = (−1)ν. Therefore, (q/p) = (−1)S(p,q). Similarly, (p/q) = (−1)S(q,p). Therefore, (p/q)(q/p) = (−1)S(q,p) · (−1)S(p,q) = (−1)S(q,p)+S(p,q) = (−1) p−1 2 · q−1 2 , by Lemma 11.2 This concludes the proof. The law of quadratic reciprocity can be restated in a more practical form, as the following corollary shows. COROLLARY 11.7 Let p and q be distinct odd primes. Then (q/p) = (p/q) if p ≡ 1 (mod4) or q ≡ 1 (mod4) −(p/q) if p ≡ q ≡ 3 (mod4) PROOF If p ≡ 1 (mod4), then (p − 1)/2 is even; so (p − 1)(q − 1)/4 is even. Therefore, by the law of quadratic reciprocity, (p/q)(q/p) = 1. But (p/q) = ±1 = (q/p), so (q/p) = (p/q). Similarly, if q ≡ 1 (mod4), then (q/p) = (p/q). On the other hand, assume that p ≡ q ≡ 3 (mod4). Then (p − 1)/2,(q − 1)/2, and hence (p − 1)/2 · (q − 1)/2 are odd. Therefore, again by the law of quadratic reciprocity, (p/q)(q/p) = −1. Thus, (q/p) = −(p/q). For example, since 17 ≡ 1 (mod4), (17/29) = (29/17); and since 23 ≡ 3 (mod4) and 47 ≡ 3 (mod4), (23/47) = −(47/23). Corollary 11.7, together with Theorems 11.4 and 11.6, and Corollaries 11.2 and 11.4, can be applied to evaluate any Legendre symbol (a/p), where p is an odd prime and p a, as the following example illustrates. It demonstrates the power of the law of quadratic reciprocity. EXAMPLE 11.18 Compute (152/43) and (3797/7297). SOLUTION • Notice that 152 ≡ 23 (mod43), so (152/43) = (23/43). Since 23 ≡ 3 (mod4) and 43 ≡ 3 (mod4), by Corollary 11.7, (23/43) = −(43/23) = −(20/23) = −(4/23)(5/23) = −(5/23) = 1. Therefore, (152/43) = (23/43) = 1. [Con- sequently, the congruence x2 ≡ 152 (mod43) is solvable.]
- 641. 11.3 Quadratic Reciprocity 521 • First, notice that both 3797 and 7297 are primes; also, 3797 ≡ 1 (mod4) and 7297 ≡ 1 (mod4). Therefore, by the law of quadratic reciprocity, (3797/7297) = (7297/3797) = (3500/3797) = (22 · 53 · 7/3797) = (22 /3797)(53 /3797)(7/3797) = (22 /3797)(5/3797)3 (7/3797) (11.11) By Theorem 11.4, (22/3797) = 1; furthermore, (5/3797) = (3797/5) = (2/5) = −1, by Theorem 11.6; (7/3797) = (3797/7) = (3/7) = −1; there- fore, by equation (11.11), (3797/7297) = 1 · (−1)3(−1) = 1. [Thus the con- gruence x2 ≡ 3797 (mod 7297) is also solvable.] The following example is a simple but interesting application of the law of quadratic reciprocity and Theorem 11.6. EXAMPLE 11.19 Show that 1! + 2! + 3! + ··· + n! is never a square, where n 3. PROOF (by contradiction) Let N = 1! + 2! + 3! + ··· + n!. Assume that N = x2 for some positive integer x. Since n 3, N 5. Then (N/5) = (x2/5) = 1. Since N ≡ 1! + 2! + 3! + 4! ≡ 3 (mod5), (N/5) = (3/5). But (3/5) = (5/3) = (2/3) = −1, so (N/5) = −1, which is a contradiction. Thus, N cannot be a perfect square, where n 3. (Notice that N is a square if n = 0,1, or 3.) The following example, a bit complicated, is also a fine application of the law of quadratic reciprocity. In addition to Theorem 11.4, it employs two additional facts: • The product of two integers of the form 5k + 1 is also of the same form. • If p is an odd prime = 5, then (5/p) = 1 if and only if p ≡ ±1 (mod5). Try to confirm both. See Exercises 21 and 29. EXAMPLE 11.20 Prove that there are infinitely many primes of the form 10k − 1. PROOF Let N = 5(n!)2 − 1, where n 1. Clearly, N is of the form 10k − 1. Let p be a prime factor of N. Clearly, p must be odd. Since p|N, 5(n!)2 ≡ 1 (modp), so (5(n!)2/p) = (1/p) = 1; that is, (5/p)((n!)2/p) = (5/p) = 1. Thus, p ≡ ±1 (mod5), so p is of the
- 642. 522 CHAPTER 11 Quadratic Congruences form 5k ± 1. Since N is of the form 5k − 1, not all prime factors of N can be of the form 5k + 1. Therefore, N must have a prime factor q of the form 5k − 1. If k is an odd integer 2j + 1, then q = 5k − 1 = 5(2j + 1) − 1 = 10j + 4 is not a prime. Therefore, k must be even and hence q must be of the form 10k − 1. Notice that if q ≤ n, then q|n!. But q|N, so q|−1, which is a contradiction. Thus, q n. Thus, for every positive integer n 1, there is a prime factor q greater than n and of the form 10k − 1. In other words, there are infinitely many such primes; they all end in the digit 9. (See Exercise 42 for an alternate proof.) The next example is a bonus. It is a fine confluence of the binomial theorem, Fermat’s little theorem, Euler’s criterion, and the law of quadratic reciprocity. EXAMPLE 11.21 Let Fn denote the nth Fibonacci number and p an odd prime = 5. Then Fp ≡ 1 (modp) if p ≡ ±1 (mod5) −1 (modp) if p ≡ ±2 (mod5) SOLUTION Recall from Section 2.6 that Fn = αn − βn α − β = αn − βn √ 5 ← Binet’s formula where α = 1 + √ 5 2 and β = −1 α = 1 − √ 5 2 . Thus, √ 5Fp = 1 + √ 5 2 p − 1 − √ 5 2 p √ 52p Fp = 1 + √ 5 p − 1 − √ 5 p = p r=0 p r √ 5 r − p r=0 p r − √ 5 r = 2 p 1 √ 5 + p 3 √ 5 3 + p 5 √ 5 5 + ··· + p p √ 5 p That is, 2p−1 Fp = p 1 + p 3 5 + p 5 52 + ··· + p p 5(p−1)/2
- 643. 11.3 Quadratic Reciprocity 523 Since p p k for 1 ≤ k ≤ p−1 and p p = 1, this implies 2p−1Fp ≡ 5(p−1)/2 (modp). By Fermat’s little theorem, 2p−1 ≡ 1 (modp) and by Euler’s criterion, 5(p−1)/2 ≡ (5/p) (modp). Thus Fp ≡ (5/p) (modp). But (5/p) = 1 if p ≡ ±1 (mod5) −1 if p ≡ ±2 (mod5) Therefore, Fp ≡ 1 (modp) if p ≡ ±1 (mod5) −1 (modp) if p ≡ ±2 (mod5) For example, 41 ≡ 1 (mod5) and F41 = 165,580,141 ≡ 1 (mod41), whereas 43 ≡ 3 (mod5) and F43 = 433,494,437 ≡ 42 (mod43), as expected. In 1877, T. Pepin of France employed the law of quadratic reciprocity to develop an elegant test for determining the primality of the Fermat number fn. His test is the essence of the following theorem. THEOREM 11.9 (Pepin’s Test, 1877) The Fermat number fn is a prime if and only if 3(fn−1)/2 ≡ −1 (modfn), where n ≥ 1. PROOF Assume that fn = 22n + 1 is a prime. Since fn ≡ 1 (mod4), by the law of quadratic reciprocity, (3/fn) = (fn/3). But fn ≡ (−1)2n + 1 ≡ 2 (mod3), so (fn/3) = (2/3) = −1. Thus (3/fn) = −1. But, by Euler’s criterion, (3/fn) ≡ 3(fn−1)/2 (modfn). Therefore, 3(fn−1)/2 ≡ −1 (modfn) Conversely, assume that 3(fn−1)/2 ≡ −1 (modfn); so 3(fn−1)/2 ≡ −1 (modp) for a prime factor p of fn. Then 3fn−1 ≡ 1 (modp), so ordp 3|fn − 1; that is, ordp 3|22n . Consequently, ordp 3 = 2k for some positive integer k. We would like to show that k = 2n. Suppose that k 2n; then 2n − k − 1 ≥ 0. Since 32k ≡ 1 (modp), (32k )22n−k−1 ≡ 1 (modp); that is, 322n−1 ≡ 3(fn−1)/2 ≡ 1 (modp). This yields 1 ≡ −1 (modp); that is, p = 2, which is a con- tradiction. Therefore, k = 2n and hence ordp 3 = fn − 1. By Fermat’s little theorem, ordp 3 ≤ p−1. Therefore, fn −1 = ordp 3 ≤ p−1, where p|fn. This implies that fn = p, a prime. The following example illustrates this test.
- 644. 524 CHAPTER 11 Quadratic Congruences EXAMPLE 11.22 Show that f4 = 224 + 1 = 65,537 is a prime. PROOF By Pepin’s test, it suffices to show that 3(f4−1)/2 = 3215 = 332768 ≡ −1 (mod f4). We have 38 ≡ 6561 (mod f4), 320 ≡ 19390 (mod f4), 340 ≡ −13669 (mod f4), 360 ≡ −10282 (mod f4), 3200 ≡ −28787 (modf4), 3500 ≡ 26868 (mod f4), and 332000 ≡ 27748 (mod f4). Therefore: 332768 = 332000 · 3500 · 3200 · 360 · 38 ≡ (27748)(26868)(−28787)(−10282)(6561) (mod f4) ≡ −1 (mod f4) Thus, f4 is a prime. In 1905, J. C. Moorehead and A. E. Western, independently applied Pepin’s test and established the compositeness of the 39-digit Fermat number f7, although no factors were provided. The actual prime factorization of f7 was provided 65 years later, in 1970, by J. Brillhart and M. A. Morrison: f7 = (29 × 116,503,103,764,643 + 1)(29 × 11,141,971,095,088,142,685 + 1) In 1909, Moorehead and Western, this time working together, proved the compos- ite nature of f8, again using Pepin’s test. However, the smallest prime factor of f8 was not discovered until 1980, when R. P. Brent and J. M. Pollard found it to be 1,238,926,361,552,897. The other prime factor, found shortly thereafter by H. C. Williams, is 62 digits long. The search for Fermat primes did not end there. In 1960, G. A. Paxson used the test to determine the composite nature of f13. Two years later, J. L. Selfridge and A. Hurwitz, again using Pepin’s test, demonstrated the compositeness of f14, without finding any of its prime factors. In 1980, W. Keller determined that f9448 is composite, with 19 × 29450 + 1 as a factor. In the same year, G. Gostin discovered that 31,065,037,602,817 is a prime factor of f17. In 1988, Brent successfully factored f11 = 22048 + 1; f11 is 617 digits long and 319,489 is the smallest prime factor of f11. In the same year, J. Young and D. Buell applied Pepin’s test using a supercomputer, to determine that f20, which is 315,653 digits long, is composite. Two years later, Pollard factored the 155-digit f9 into three primes, the smallest of which is 2,424,833; the other two are 49 and 99 digits long. It took Pollard two months to factor f9 using techniques in algebraic number fields and a worldwide network of 1000 computers.
- 645. 11.3 Quadratic Reciprocity 525 n Status of fn Year Discoverer(s) 0–4 primes 1640 P. Fermat 5 composite 1732 L. Euler 6 composite 1880 F. Landry (at age 82) 7 composite 1905 J. C. Moorehead A. E. Western 8 composite 1909 J. C. Moorehead A. E. Western 9 composite 1903 A. E. Western 10 composite 1952 R. M. Robinson 11 composite 1899 A. J. C. Cunningham 12 composite 1877 I. M. Pervouchine E. Lucas 13 composite 1960 G. A. Paxson 14 composite 1961 A. Hurwitz J. L. Selfridge 15 composite 1925 M. Kraitchik 16 composite 1953 J. L. Selfridge 17 composite 1980 G. B. Gostin 18 composite 1903 A. E. Western 19 composite 1962 H. Riesel 20 composite 1988 J. Young D. A. Buell 21 composite 1963 C. P. Wrathall 22 composite 1993 R. E. Crandall et al. 23 composite 1878 I. M. Pervouchine 24 composite 1999 E. Mayer et al. 25 composite 1963 C. P. Wrathall 26 composite 1963 C. P. Wrathall 27 composite 1963 C. P. Wrathall 28 composite 1997 T. Taura 29 composite 1980 G. B. Gostin P. B. Mclaughlin 30 composite 1963 C. P. Wrathall Table 11.1 Although Fermat numbers f10 through f30 are known to be composite, not all their prime factors have been discovered; f14, f20, f22, and f24 are known to be com- posite, but no prime factors are known. Thus, f4 = 65,537 remains the largest known Fermat prime. Table 11.1 summarizes the primality status of Fermat numbers fn, where 0 ≤ n ≤ 30, their discoverers, and the years of discovery. As of January 1, 2006, 225 Fermat numbers are known to be composite, 258 prime factors are known, and f5 through f11 are completely factored. Besides, the largest known composite Fermat number is f2478782, discovered in 2003 by Cosgrave, Jobling, Woltman, and Gallot: 3 · 22478785 + 1 is a factor. In 1878, Pepin’s test was generalized by François Proth,† although he never gave a proof. † François Proth (1852–1879) was a self-taught farmer, who lived near Verdun, France.
- 646. 526 CHAPTER 11 Quadratic Congruences THEOREM 11.10 (Proth’s Theorem, 1878) Let N = k · 2n + 1, where 0 k 2n. Suppose there is a positive integer a such that (a/N) = −1. Then N is a prime if and only if a(N−1)/2 ≡ −1 (modN). Since the proof of Proth’s theorem involves results not yet discussed, we omit the proof.† E X E R C I S E S 11.3 Verify Lemma 11.2 for the given values of p and q. 1. p = 5, q = 11 2. p = 13, q = 11 Compute each Legendre symbol. 3. (261/47) 4. (−267/61) 5. (176/241) 6. (1188/379) 7. (−1776/1013) 8. (−2020/3593) 9. (1428/2411) 10. (3533/4133) Let p and q be odd primes such that p = 4a + q. Then (a/p) = (a/q) (see Exercise 31). Using this fact, evaluate each. 11. (3/17) 12. (10/43) 13. (43/191) 14. (114/479) Let p be a prime ≡ 3 (mod4). Then the solutions of the congruence x2 ≡ a (modp) are x ≡ ±a(p+1)/4 (modp) (see Exercise 30). Using this fact, solve each quadratic congruence. 15. x2 ≡ 13 (mod23) 16. x2 ≡ 17 (mod43) Using Pepin’s test, if possible, verify that each Fermat number is a prime. 17. f0 18. f1 19. f2 20. f3 21. Derive a formula for (5/p), where p is an odd prime = 5. Compute the least residue of the Fibonacci number Fp modulo p corresponding to each prime p. (Hint: Use Example 11.21.) 22. 53 23. 79 24. 89 25. 97 Solve each quadratic congruence with composite mod- ulus. Each has four incongruent solutions. [Hint: To solve x2 ≡ a (modpq), solve x2 ≡ a (modp) and x2 ≡ a (modq), and then use the CRT.] 26. x2 ≡ 13 (mod391) 27. x2 ≡ 17 (mod817) 28. In 1891, Lucas proved that the prime factors of 24q + 1 are of the form 16hq + 1. Using this fact, find a prime factor of the Fermat numbers f5 and f6. Prove each. 29. The product of two integers of the form 5k + 1 is also of the same form. 30. Let p be a prime ≡ 3 (mod4). Then x ≡ ±a(p+1)/4 (modp) are solutions of the congruence x2 ≡ a (modp), where a is a quadratic residue of p. 31. Let p and q be odd primes such that p = 4a + q. Then (a/p) = (a/q). 32. Let p be a prime 3. Then (3/p) = 1 if p ≡ ±1 (mod12) −1 if p ≡ ±5 (mod12) 33. Let p be a prime 3. Then (−3/p) = 1 if p ≡ 1 (mod6) −1 if p ≡ 5 (mod6) † For a proof, see K. H. Rosen, Elementary Number Theory and Its Applications, Addison- Wesley, Boston, 2005.
- 647. 11.4 The Jacobi Symbol 527 34. Let p be an odd prime = 5. Then (5−1/p) = (p−1/5). 35. Let fn denote the nth Fermat number. Then fn ≡ 1 (mod4), where n ≥ 1. (Hint: Use induction.) 36. Let fm and fn denote distinct Fermat primes. Then (fm/fn) = (fn/fm). (Hint: Use Exercise 35.) 37. Let fn be a Fermat prime and Mp a Mersenne prime, where n 0 and p 2. Then (fn/Mp) = (Mp/fn). 38. Three is a primitive root modulo every Fermat prime fn, where n ≥ 1. (Hint: Use Pepin’s test.) 39. Let Mp and Mq be distinct Mersenne primes 3. Then (Mp/Mq) = −(Mq/Mp). 40. Let p and q be distinct odd primes. The congruence x2 ≡ a (modpq) is solvable if both x2 ≡ a (modp) and x2 ≡ a (modq) are solvable. 41. There are infinitely many primes of the form 6n+1. [Hint: Assume that there are only finitely many such primes, p1,p2,...,pk. Then consider N = (2p1p2 ···pk)2 + 3 and use Exercise 33.] 42. Prove by contradiction that there are infinitely many primes of the form 10k − 1. 43. Derive a formula for (7/p), where p is an odd prime = 7. 44. Let p be an odd prime = 5, and Fn the nth Fibonacci number. Then Fp+1 ≡ 1 (modp) if p ≡ ±1 (mod5) 0 (modp) if p ≡ ±2 (mod5) 11.4 The Jacobi Symbol Our discussion of the solvability of the quadratic congruence x2 ≡ a (modm) led us to the definition of the Legendre symbol (a/p) and a detailed investigation of its properties in Sections 11.1–11.3. We will now generalize the Legendre symbol to the Jacobi symbol, which was introduced in 1846 by the German mathematician Karl G. J. Jacobi. In the Jacobi symbol (a/m), the modulus m need not be a prime, but must be odd and relatively prime to a. We now define it in terms of the Legendre symbol. The Jacobi Symbol Let m be an odd positive integer with the canonical decomposition m = k i=1 pei i , and a any integer with (a, m) = 1. Then the Jacobi symbol (a/m) is defined by (a/m) = a k i=1 pei i = k i=1 (a/pi)ei where (a/pi) denotes the familiar Legendre symbol. Although we are using the same notation for both symbols, it should be clear from the context whether the symbol is Legendre or Jacobi. Bear in mind that the symbol (a/m) is the Legendre symbol if and only if m is a prime. The following example clarifies the definition.
- 648. 528 CHAPTER 11 Quadratic Congruences Karl Gustav Jacob Jacobi (1804–1851) was born into a wealthy family in Pots- dam, Germany. After graduating in 1821 from the local Gymnasium, where he ex- celled in Greek, Latin, history, and mathematics, he pursued his mathematical in- terest at the University of Berlin. There he mastered the works of Euler, Lagrange, and other leading mathematicians, and received his Ph.D. in 1825. Although his professional career began at the age of 20 at Berlin, there was little prospect for promotion, so in 1826 he joined the faculty at the University of Königsberg. Be- coming a full professor there in 1832, he remained there until he became a royal prisoner in 1842. An early founder of the theory of determinants, he developed (independently of Abel) the theory of elliptic functions, and invented the functional determinant, Jacobian. He made important contributions to number theory, calculus of variations, analytical mechanics, and dynamics. A prolific writer, Jacobi died of smallpox in Berlin. EXAMPLE 11.23 Evaluate the Jacobi symbols (55/273) and (364/935). SOLUTION • Notice that 273 = 3 · 7 · 13. So, by the definition of the Jacobi symbol, (55/273) = (55/3)(55/7)(55/13) = (1/3)(−1/7)(3/13) = 1 · (−1)(13/3) = −(1/3) = −1 • 935 = 5 · 11 · 17, so (364/935) = (364/5)(364/11)(364/17) = (4/5)(1/11)(7/17) = 1 · 1 · (7/17) = (7/17) = (17/7) = (3/7) = −(7/3) = −(1/3) = −1 We can now ask if knowing the value of (a/m) helps us to determine the solv- ability of the congruence x2 ≡ a (modm). From Sections 11.1 and 11.2, we know the answer if m is a prime p: It is solvable if and only if (a/p) = 1.
- 649. 11.4 The Jacobi Symbol 529 First, suppose that x2 ≡ a (modm) is solvable, where m is composite and pi is a prime factor of m. Then x2 ≡ a (modpi) is solvable, so (a/pi) = 1. Therefore, (a/m) = k i=1 (a/pi)ei = k i=1 1ei = 1 Thus, if x2 ≡ a (modm) is solvable, then the Jacobi symbol (a/m) = 1. On the other hand, assume that (a/m) = 1. Unfortunately, this does not imply that the congruence x2 ≡ a (modm) is solvable. For example, notice that (2/33) = (2/3 · 11) = (2/3)(2/11) = (−1)(−1) = 1, but x2 ≡ 2 (mod33) has no solutions. (Verify this. See Exercise 1.) Interestingly enough, the Jacobi symbol and the Legendre symbol share several analogous properties, as the following two theorems show. THEOREM 11.11 Let m be an odd positive integer, and a and b be any integers with (a, m) = 1 = (b, m). Then (1) If a ≡ b (modm), then (a/m) = (b/m). (2) (ab/m) = (a/m)(b/m) (3) (a2/m) = 1 PROOF Let m = k i=1 pei i be the canonical decomposition of m. (1) Since a ≡ b (modm), a ≡ b (modpi), so (a/pi) = (b/pi), by Theorem 11.4. Therefore, (a/pi)ei = (b/pi)ei Thus, (a/m) = k i=1 (a/pi)ei = k i=1 (b/pi)ei = (b/m) (2) By Theorem 11.4, (ab/pi) = (a/pi)(b/pi). Therefore, (ab/pi)ei = (a/pi)ei (b/pi)ei Thus, (ab/m) = k i=1 (ab/pi)ei = k i=1 (a/pi)ei (b/pi)ei = k i=1 (a/pi)ei k i=1 (b/pi)ei = (a/m)(b/m) (3) Since (a2/m) = (a/m)2, by property (2), the desired result follows.
- 650. 530 CHAPTER 11 Quadratic Congruences The following example demonstrates the first two properties. EXAMPLE 11.24 Let m = 231 = 3 · 7 · 11. • First, notice that 211 ≡ −20 (mod231). Then (211/231) = (211/3 · 7 · 11) = (211/3)(211/7)(211/11) = (1/3)(1/7)(2/11) (−20/231) = (−20/3 · 7 · 11) = (−20/3)(−20/7)(−20/11) = (1/3)(1/7)(2/11) Thus, (211/231) = (−20/231). [You may verify that (211/231) = −1.] • (4 · 50/231) = (4 · 50/3 · 7 · 11) = (4 · 50/3)(4 · 50/7)(4 · 50/11) = (4/3)(50/3)(4/7)(50/7)(4/11)(50/11) = [(4/3)(4/7)(4/11)][(50/3)(50/7)(50/11)] = (4/3 · 7 · 11)(50/3 · 7 · 11) = (4/231)(50/231) (You may verify that (4 · 50/231) = 1.) The next theorem generalizes Corollary 11.2 and Theorem 11.6, but we add a lemma to make its proof simpler and shorter. LEMMA 11.3 Let m be an odd positive integer with canonical decomposition k i=1 pei i . Then (1) k i=1 ei(pi − 1)/2 ≡ (m − 1)/2 (mod2) (2) k i=1 ei(p2 i − 1)/8 ≡ (m2 − 1)/8 (mod2) PROOF First, notice that pi − 1 ≡ 0 (mod2) and p2 i − 1 ≡ 0 (mod8). (1) We write pi as pi = 1 + (pi − 1), so pei i = 1 + (pi − 1) ei Using the binomial theorem, since pi − 1 is even, this yields pei i ≡ 1 + ei(pi − 1) (mod4)
- 651. 11.4 The Jacobi Symbol 531 Therefore, m = k i=1 pei i ≡ k i=1 1 + ei(pi − 1) (mod 4) (11.12) But 1 + ei(pi − 1) 1 + ej(pj − 1) ≡ 1 + ei(pi − 1) + ej(pj − 1) (mod4) So, by congruence (11.12), m ≡ 1 + k i=1 ei(pi − 1) (mod4) Thus, k i=1 ei(pi − 1)/2 ≡ (m − 1)/2 (mod2). (2) Since p2 i − 1 ≡ 0 (mod8), by the binomial theorem, p2ei i = (p2 i )ei = 1 + (p2 i − 1) ei ≡ 1 + ei(p2 i − 1) (mod64) But 1 + ei(p2 i − 1) 1 + ej(p2 j − 1) ≡ 1 + ei(p2 i − 1) + ej(p2 j − 1) (mod64) Therefore, m2 = k i=1 p2ei i ≡ k i=1 1 + ei p2 i − 1 (mod64) ≡ 1 + k i=1 ei(p2 i − 1) (mod64) Thus, k i=1 ei(p2 i − 1)/8 ≡ (m2 − 1)/8 (mod2). This concludes the proof. We are now ready for the next major result. THEOREM 11.12 Let m be an odd positive integer. Then (1) (−1/m) = (−1)(m−1)/2 (2) (2/m) = (−1)(m2−1)/8
- 652. 532 CHAPTER 11 Quadratic Congruences PROOF Let m = k i=1 pei i be the canonical decomposition of m. Then (1) (−1/m) = k i=1 (−1/pi)ei = k i=1 (−1)(pi−1)/2 ei , by Corollary 11.2 = (−1) k i=1 ei(pi−1)/2 = (−1)(m−1)/2 , by Lemma 11.3 (2) (2/m) = k i=1 (2/pi)ei = k i=1 (−1)ei(p2 i −1)/8 , by Corollary 11.6 = (−1) k i=1 ei(p2 i −1)/8 = (−1)(m2−1)/8 , by Lemma 11.3 For example, (−1/39) = (−1)(39−1)/2 = (−1)19 = −1 (2/819) = (−1)(8192−1)/8 = (−1)83845 = −1 We now present the analogous law of quadratic reciprocity for Jacobi symbol. It employs both the earlier version and Lemma 11.3. THEOREM 11.13 (The Generalized Law of Quadratic Reciprocity) Let m and n be relatively prime odd positive integers. Then (m/n)(n/m) = (−1) m−1 2 · n−1 2 PROOF Let m = r i=1 pai i and n = s i=1 q bj j be the canonical decompositions of m and n, respec- tively. Then, by definition, (m/n) = s j=1 (m/qj)bj = s j=1 r i=1 (pi/qj)aibj = s j=1 r i=1 (pi/qj)aibj
- 653. 11.4 The Jacobi Symbol 533 and (n/m) = r i=1 (n/pi)ai = r i=1 s j=1 (qj/pi)bjai = r i=1 s j=1 (qj/pi)bjai Therefore, (m/n)(n/m) = r i=1 s j=1 [(pi/qj)(qj/pi)]aibj = r i=1 s j=1 (−1) pi−1 2 · qj−1 2 aibj = (−1) i j aibj pi−1 2 qj−1 2 = (−1) i ai( pi−1 2 ) j bj( qj−1 2 ) = (−1) m−1 2 · n−1 2 , by Lemma 11.3 This concludes the proof. The following two examples demonstrate the power of this generalized version. EXAMPLE 11.25 Using the generalized law of quadratic reciprocity, compute the Jacobi symbol (221/399). SOLUTION By the generalized law of quadratic reciprocity, (221/399) = (−1) 221−1 2 · 399−1 2 (399/221) = (399/221) = (178/221) = (2/221)(89/221) (11.13) By Theorem 11.12, (2/221) = (−1)(2212−1)/8 = −1. By the generalized law of quadratic reciprocity, (89/221) = (−1) 89−1 2 · 221−1 2 (221/89) = (221/89) = (43/89) = (−1) 43−1 2 · 89−1 2 (89/43) = (89/43) = (3/43) = (−1) 3−1 2 · 43−1 2 (43/3)
- 654. 534 CHAPTER 11 Quadratic Congruences = −(43/3) = −(1/3) = −1 Therefore, by equation (11.13), (221/399) = (−1)(−1) = 1. The generalized law of quadratic reciprocity is extremely useful for evaluating the Legendre symbol (a/p), where a is an odd composite number and p an odd prime with p a, as the following example illustrates. EXAMPLE 11.26 Using the generalized law of quadratic reciprocity, evaluate (391/439). SOLUTION By the generalized law of quadratic reciprocity, (391/439) = (−1) 391−1 2 · 439−1 2 (439/391) = −(439/391) = −(48/391) = −(16/391)(3/391) = −(3/391) = −(−1) 3−1 2 · 391−1 2 (391/3) = (391/3) = (1/3) = 1 The following example, a continuation of Example 11.16, is a fine application of the generalized law of quadratic reciprocity. EXAMPLE 11.27 Let p be a prime of the form 4n ± 1. Prove that every positive factor d of n is a quadratic residue of p. PROOF Let p = 4n + r, where r = ±1. Let d = 2st, where s ≥ 0 and t is odd. If s ≥ 1, then p ≡ r (mod8), so (2/p) = 1, by Theorem 11.6. Thus, for s ≥ 0, (d/p) = (2st/p) = (2/p)s(t/p) = (t/p). So (d/p) = 1 if t = 1. If t = 1, then, by the generalized law of quadratic reciprocity, (t/p) = (−1) t−1 2 · p−1 2 (p/t) If r = 1, then (p − 1)/2 is even and (p/t) = (1/t) = 1, so (t/p) = 1. If r = −1, then (p − 1)/2 is odd, so (t/p) = (−1)(t−1)/2(−1/t) = (−1/t)2 = 1. Thus, in both cases, (d/p) = (t/p) = 1, so d is a quadratic residue of p.
- 655. 11.5 Quadratic Congruences with Composite Moduli (optional) 535 E X E R C I S E S 11.4 1. Find the quadratic residues of 33. Evaluate each Jacobi symbol. 2. (2/21) 3. (3/35) 4. (12/25) 5. (23/65) 6. (52/129) 7. (442/385) 8. (−68/665) 9. (−198/2873) Evaluate each Jacobi symbol. 10. (2/15) 11. (17/33) Verify that each congruence is not solvable. 12. x2 ≡ 2 (mod15) 13. x2 ≡ 17 (mod33) Compute each. 14. (3/72) 15. (3/53 · 75) 16. (3/57 · 75 · 113) 17. (3/5 · 73 · 136) 18. Let m be an odd positive integer with prime- power factorization paqbrc, where p ≡ q ≡ r ≡ ±5 (mod12). Under what conditions will (3/m) = 1? (Hint: Study Exercises 14–17.) 19. Let m be an odd positive integer with prime- power factorization paqbrcsd, where p ≡ q ≡ r ≡ ±5 (mod12) and s ≡ ±1 (mod12). Under what con- ditions will (3/m) = 1? (Hint: Study Exercises 14–18.) Prove each. 20. Let m be an odd integer such that (a/m) = −1. Then the congruence x2 ≡ a (modm) is not solvable. 21. Let m be an odd positive integer. Then (−1/m) = 1 if m ≡ 1 (mod4) −1 if m ≡ −1 (mod4) 22. Let m be an odd positive integer. Then (2/m) = 1 if m ≡ ±1 (mod8) −1 if m ≡ ±3 (mod8) 23. Let m and n be relatively prime odd positive inte- gers. Then (n/m) = (m/n) if m ≡ 1 or n ≡ l (mod4) −(m/n) if m ≡ n ≡ 3 (mod4) 24. Let m be an odd positive integer such that 3 m. Then (3/m) = 1 if and only if the sum of the ex- ponents of the prime factors ≡ ±5 (mod12) of m is even. 11.5 Quadratic Congruences with Composite Moduli (optional) Thus far, we have focused on solving quadratic congruences x2 ≡ a (modp), where p is an odd prime and p a. In fact, we have enough tools to solve quadratic con- gruences even if the modulus m is the product of a finite number of distinct odd primes. For instance, let p and q be distinct odd primes such that (a,pq) = 1. Since (a/pq) = (a/p)(a/q), x2 ≡ a (modpq) is solvable if both x2 ≡ a (modp) and x2 ≡ a (modq) are solvable. Consequently, if we know their solutions, we can then apply the CRT to generate the solutions of x2 ≡ a (modpq), as the following two examples illustrate.
- 656. 536 CHAPTER 11 Quadratic Congruences EXAMPLE 11.28 Solve the quadratic congruence x2 ≡ 15 (mod187). SOLUTION First, notice that 187 = 11 · 17, and (15/11) = 1 = (15/17), so the congruences x2 ≡ 15 (mod11) and x2 ≡ 15 (mod17) are solvable. Thus, x2 ≡ 15 (mod187) is also solvable. You may verify that the two incongruent solutions of x2 ≡ 15 (mod11) are x ≡ ±2 (mod11) and those of x2 ≡ 15 (mod17) are x ≡ ±7 (mod17). Therefore, by the CRT, the given congruence has four incongruent solutions: x ≡ ±24,±75 (mod187); that is, x ≡ 24,75,112,163 modulo 187. If p ≡ 3 (mod4) and x2 ≡ a (modp) is solvable, then its solutions are known explicitly. (See Exercise 30 in Section 11.3.) Consequently, in such cases, x2 ≡ a (modpq) can be solved fairly easily, as the following example shows. EXAMPLE 11.29 Solve the congruence x2 ≡ 6 (mod437). SOLUTION First, notice that 437 = 19 · 23 and (6/19) = 1 = (6/23), so the congruences x2 ≡ 6 (mod19) and x2 ≡ 6 (mod23) are solvable. When p ≡ 3 (mod4), the so- lutions of x2 ≡ a (modp) are x ≡ ±a(p+1)/4 (modp). Since 19 ≡ 3 ≡ 23 (mod4), the solutions of x2 ≡ 6 (mod19) are x ≡ ±6(19+1)/4 ≡ ±65 ≡ ±5 (mod19), and those of x2 ≡ 6 (mod23) are x ≡ ±6(23+1)/4 ≡ ±66 ≡ ±12 (mod23). Thus, by the CRT, the solutions of x2 ≡ 6 (mod437) are x ≡ ±81,±195 (mod437); that is, x ≡ 81,195,242,356 modulo 437. It follows from these two examples that if the modulus m is the product of a finite number of distinct primes and (a/p) = 1 for every prime factor p of m, then the congruence can be solved. See Exercises 1–4. We now turn our attention to the case where m is a prime-power pn, p being odd. Two questions we can reasonably ask are: • When is the congruence x2 ≡ a (modpn) solvable? • When it is solvable, how do we find the solutions? Before answering, let us study the following example, since it should clarify the proof of the next theorem. EXAMPLE 11.30 Find a solution of the congruence x2 ≡ 23 (mod73).
- 657. 11.5 Quadratic Congruences with Composite Moduli (optional) 537 SOLUTION We shall illustrate the strategy step by step. step 1 Solve the congruence x2 = 23 (mod7). Since 23 ≡ 2 (mod7) and (2/7) = 1, x2 ≡ 23 (mod7) is solvable; its solutions are x ≡ 3, 4 (mod7). step 2 Construct a solution of x2 ≡ 23 (mod72). Since 3 is a solution of x2 ≡ 23 (mod7), 32 = 23 + 7i for some integer i, namely, i = −2; thus, 9 = 23 + (−2) · 7. We now ingeniously look for a solution of the form 3 + 7j, so square it: (3 + 7j)2 = 9 + 42j + 49j2 ≡ 9 + 42j (mod72 ) ≡ [23 + (−2) · 7] + 42j(mod72 ) ≡ 23 + 7(−2 + 6j) (mod72 ) Now choose j such that −2 + 6j ≡ 0 (mod7); that is, 6j ≡ 2 (mod7); thus, choose j ≡ 5 (mod7) or j = 5. Then 3+7j ≡ 3+7·5 ≡ 38 (mod72) and 382 ≡ 23 (mod72). Thus, 38 is a solution of x2 ≡ 23 (mod72). step 3 Now use 38 to generate a solution of x2 ≡ 23 (mod73). Since 382 ≡ 23 (mod72), 382 = 23 + k · 72 for some integer k, namely, 29: 382 = 23 + 29 · 72. Now look for a solution of the form 38 + 72 . Since (38 + 72 )2 = 382 + 76 · 72 + 74 2 ≡ 382 + 76 · 72 (mod73 ) ≡ (23 + 29 · 72 ) + 76 · 72 (mod73 ) ≡ 23 + 72 (29 + 76 ) (mod73 ) Choose such that 29 + 76 ≡ 0 (mod7); that is, such that 1 + 6 ≡ 0 (mod7); thus choose = 1. Then 38 + 72 = 38 + 72 · 1 ≡ 87 (mod73). Thus, 872 ≡ 23 (mod73), so 87 is a solution of the given congruence. [Now use the solution 4 of x2 ≡ 23 (mod7), and steps 2 and 3 to find the other solution of x2 ≡ 23 (mod73); it is 256.] This example shows that if the congruence x2 ≡ a (modp) is solvable, then x2 ≡ a (modpn) is also solvable. Further, its solutions can be used step by step to generate the solutions of x2 ≡ a (modpn). This is the essence of the following theorem.
- 658. 538 CHAPTER 11 Quadratic Congruences THEOREM 11.14 Let p be an odd prime, a any integer such that p a, and n any positive integer. Then the congruence x2 ≡ a (modpn) is solvable if and only if (a/p) = 1. PROOF Suppose that x2 ≡ a (modpn) is solvable. Then x2 ≡ a (modp) is also solvable, so (a/p) = 1. Conversely, let (a/p) = 1; that is, assume that x2 ≡ a (modp) is solvable. We shall now prove by induction that x2 ≡ a (modpn) is solvable for every positive integer n. Clearly it is true when n = 1. So assume it is true for an arbitrary integer k ≥ 1: x2 ≡ a (modpk) is solvable. We shall now show that x2 ≡ a (modpk+1) is also solvable by constructing a solution. Let α be a solution of x2 ≡ a (modpk). Then α2 ≡ a (modpk); that is, α2 = a + ipk for some integer i (see Step 2 in Example 11.30). We now generate a solution of the form α + jpk of x2 ≡ a (modpk+1). Then (α + jpk )2 = α2 + 2αjpk + j2 p2k ≡ α2 + 2αjpk (modpk+1 ), since 2k ≥ k + 1 ≡ (a + ipk ) + 2αjpk (modpk+1 ) ≡ a + (i + 2αj)pk (modpk+1 ) Now choose j such that i + 2αj ≡ 0 (modp). Such a j exists by Theorem 4.9, since (2α, p) = 1. With such a j,(α + jpk)2 ≡ a (modpk+1). Thus, α + jpk is a solution of x2 ≡ a (modpk+1). Thus, by induction, x2 ≡ a (modpn) is solvable for every positive integer n. This theorem provides a test to determine the solvability of x2 ≡ a (modpn), and an algorithm to construct a solution of the congruence from that of x2 ≡ a (modpn−1). Thus, knowing the solutions of x2 ≡ a (modp), we can step by step build up to those of x2 ≡ a (modpn), as the following example illustrates. EXAMPLE 11.31 In Example 11.30, we found that 87 is a solution of x2 ≡ 23 (mod73). Using Theo- rem 11.14, find the remaining solution. SOLUTION Recall that x2 ≡ 23 (mod7) has two solutions, 3 and 4 modulo 7, and we used 3 to arrive at the solution 87. To find the remaining solution we proceed as follows, where a = 23 and p = 7. step 1 Initialize α and k. (k is the current exponent of the modulus 7.) α = 4 and k = 1.
- 659. 11.5 Quadratic Congruences with Composite Moduli (optional) 539 step 2 Express α2 in the form a + ip and solve for i. α2 = a + ip yields 16 = 23 + 7i, thus i = −1. step 3 Solve the linear congruence i + 2αj ≡ 0 (modp) for j. Then −1 + 2 · 4j ≡ 0 (mod7); that is, j ≡ 1 (mod7), so choose j = 1. step 4 Extract a solution of x2 ≡ a (modp2). α + jp = 4 + 1 · 7 = 11 is a solution of x2 ≡ 23 (mod72). (Verify this.) step 5 Update α and k. α = 11 and k = 2. With the new values of α and k, repeat steps 2–4 to find a solution of x2 ≡ a (modp3). step 6 Express α2 in the form a + ip2. α2 = a + ip2 yields 121 = 23 + i · 72; thus i = 2. step 7 Solve the linear congruence i + 2αj ≡ 0 (modp) for j. 2 + 2 · 11j ≡ 0 (mod7) yields j = 5. step 8 Generate a solution of x2 ≡ a (modp3). α + jp2 = 11 + 5 · 72 = 256 is a solution of x2 ≡ 23 (mod73), as expected. Using the preceding two examples, we can solve x2 ≡ 23 (mod74) and x2 ≡ 23 (mod75). See Exercises 7 and 8. Next we examine congruences of the form x2 ≡ a (mod2n). Suppose a is even and a = 2bc ≡ 0 (mod2n), where c is odd. Clearly, b n. If b is odd, the congruence has no solution. (See Exercise 52.) If b is even, say, b = 2i, then x2 ≡ 22ic (mod2n); that is, (x/2i)2 ≡ c (mod2n−b). This is of the form y2 ≡ c (mod2k), where c is odd. Consequently, we restrict our investigation to the case where a is odd. Then, depend- ing on the value of k, the congruence can have exactly one, two, or four solutions. This is the essence of the following theorem. A portion of its proof runs along the same lines as the proof of Theorem 11.14. THEOREM 11.15 Let a be an odd integer and n any integer ≥ 3. Then the congruence • x2 ≡ a (mod2) is solvable. • x2 ≡ a (mod4) is solvable if and only if a ≡ 1 (mod4). • x2 ≡ a (mod2n) is solvable if and only if a ≡ 1 (mod8). PROOF • Because a ≡ 1 (mod2), x2 ≡ 1 (mod2) has exactly one solution, namely, 1. • Suppose x2 ≡ a (mod4) is solvable. Since a is odd, so is x2. Then x must be odd and hence x2 ≡ 1 (mod8). (See Exercise 46.) Consequently, x2 ≡ 1 (mod4) and hence a ≡ 1 (mod4).
- 660. 540 CHAPTER 11 Quadratic Congruences Conversely, assume that a ≡ 1 (mod4). Then x2 ≡ 1 (mod4) is solvable since it has (exactly) two incongruent solutions, namely, 1 and 3. • Suppose x2 ≡ a (mod2n) is solvable. Then, x2 ≡ 1 (mod8), so a ≡ 1 (mod8). Conversely, suppose a ≡ 1 (mod8). We will then prove by induction that x2 ≡ a (mod2n) is solvable for every n ≥ 3. First, notice that x2 ≡ 1 (mod8) is solvable with exactly four incongruent solutions, namely, 1, 3, 5, and 7. Now assume that x2 ≡ a (mod2k) has a solution α for an arbitrary integer k ≥ 3. Then α2 ≡ a (mod2k); that is, α2 = a + i2k for some integer i. We now generate a solution of x2 ≡ a (mod2k+1) in the form α +j2k−1 (similar to that in Theorem 11.14). Then: (α + j2k−1 )2 = α2 + αj2k + j2 22k−2 ≡ α2 + αj2k (mod2k+1 ), since k ≥ 3 ≡ (a + i2k ) + αj2k (mod2k+1 ) ≡ a + (i + αj)2k (mod2k+1 ) Now choose j such that i + αj ≡ 0 (mod2). Since α is odd, such a j ex- ists by Corollary 4.7. Then (α + j2k−1)2 ≡ a (mod2k+1). Consequently, x2 ≡ a (mod2k+1) is solvable with α+j2k−1 as a solution. Thus, by induction, x2 ≡ a (mod2n) is solvable for every integer n ≥ 3. We can take another example: Since 37 ≡ 1 (mod8), it follows by the theorem that x2 ≡ 37 (mod64) is not solvable; likewise, x2 ≡ 5 (mod8) is also not solvable. Since every solution of x2 ≡ a (mod2k) yields a solution of x2 ≡ a (mod2k+1), where k ≥ 3, and x2 ≡ a (mod8) has four solutions, it follows that x2 ≡ a (mod2n) has at least four solutions, where n ≥ 3. In fact, if α is a solution, then it can be shown that 2n − α and 2n−1 ± α are also solutions. (See Exercise 53.) It can also be shown that it has no other incongruent solutions. Accordingly, we have the following result. COROLLARY 11.8 If a ≡ 1 (mod8) and n ≥ 3, then the congruence x2 ≡ a (mod2n) has exactly four incongruent solutions. The following example illustrates the theorem. EXAMPLE 11.32 Solve the congruence x2 ≡ 17 (mod32). SOLUTION Since 17 ≡ 1 (mod8), the congruence is solvable.
- 661. 11.5 Quadratic Congruences with Composite Moduli (optional) 541 step 1 Find a solution of x2 ≡ a (mod23). Since 12 ≡ 17 (mod23),α = 1 is a solution of x2 ≡ 17 (mod23). Then 12 = 17 + 8i, where i = −2. step 2 Find a solution of x2 ≡ a (mod24) with k = 3. (See the proof of Theorem 11.15.) Choose j such that i+αj = −2+1·j ≡ 0 (mod2). Thus, we choose j = 0. Then α + j2k−1 = 1 + 0 · 4 = 1 is a solution of x2 ≡ 17 (mod24), which is obviously true. step 3 Update the values of α,k, and i. Clearly, α = 1 and k = 4. Since 12 ≡ 17 (mod16), 12 = 17 + 16i; so choose i = −1. step 4 Find a solution of x2 ≡ a (mod25), where k = 4. Choose j such that i+αj = −1+1·j ≡ 0 (mod2), so choose j = 1. Then α +j2k−1 = 1 + 1 · 23 = 9 is a solution of x2 ≡ 17 (mod25). (You may verify this.) step 5 Find the remaining solutions of x2 ≡ a (mod25). They are given by −9 = 23 and 2n−1 ± 9 = 24 ± 9 modulo 32. Thus, the four solutions of the given congruence are 7, 9, 23, and 25 mod- ulo 32. As the theorem shows and this example illustrates, finding a solution of x2 ≡ a (mod8) is a good starting place to construct a solution of x2 ≡ a (mod2n), where n ≥ 4. The exercises to follow provide ample opportunities for such a pur- suit. We now tie all pieces together. Let m = 2e0 i pei i be the canonical decomposi- tion of m and (a, m) = 1. Theorems 11.14 and 11.15 enable us to solve the con- gruences x2 ≡ a (modpj) and x2 ≡ a (mod2k). Consequently, x2 ≡ a (modm) is solvable if and only if they are solvable. Accordingly, we have the following re- sult. THEOREM 11.16 Let m be a positive integer with canonical decomposition 2e0 i pei i and a any integer with (a, m) = 1. Then x2 ≡ a (modm) is solvable if and only if x2 ≡ a (mod2e0 ) and x2 ≡ a (modpei i ) are solvable. Knowing the solutions of the congruences x2 ≡ a (mod2e0 ) and x2 ≡ a (modp el i ), we can solve the congruence x2 ≡ a (modm) using the CRT, as the next example il- lustrates. Obviously, the task will be long and complicated if m contains several distinct prime factors.
- 662. 542 CHAPTER 11 Quadratic Congruences EXAMPLE 11.33 Solve the quadratic congruence x2 ≡ 97 (mod7688). SOLUTION (We leave the details for you to fill in.) Since 7688 = 23 · 312, we first solve the congruences x2 ≡ 97 (mod8) and x2 ≡ 97 (mod312), and then use their solutions to solve the given congruence. step 1 Solve x2 ≡ 97 (mod8). Since x2 ≡ 1 (mod8), x ≡ 1,3,5,7 (mod8). step 2 Solve x2 ≡ 97 (mod31). Then x2 ≡ 4 (mod31), so x ≡ 2,29 (mod31). step 3 Solve x2 ≡ 97 (mod312). Using Theorem 11.14, the two solutions are x ≡ 215,746 (mod312). step 4 Use the solutions in steps 1 and 3 to solve x2 ≡ 97 (mod7688). By the CRT, it has eight incongruent solutions, namely, x ≡ 215, 1707, 2137, 3629, 4059, 5551, 5981, 7473 (mod7688). E X E R C I S E S 11.5 Solve each quadratic congruence. 1. x2 ≡ 4 (mod35) 2. x2 ≡ 23 (mod77) 3. x2 ≡ 43 (mod221) 4. x2 ≡ 69 (mod2431) Using the given solution of the congruence, solve the cor- responding congruence. 5. 108 is a solution of x2 ≡ 3 (mod132); x2 ≡ 3 (mod133) 6. 211 is a solution of x2 ≡ 15 (mod172); x2 ≡ 15 (mod173) Solve each congruence. (Hint: Use Examples 11.30 and 11.31.) 7. x2 ≡ 23 (mod74) 8. x2 ≡ 23 (mod75) Solve each congruence. 9. x2 ≡ 10 (mod132) 10. x2 ≡ 10 (mod133) 11. x2 ≡ 5 (mod112) 12. x2 ≡ 5 (mod113) 13. x2 ≡ 13 (mod172) 14. x2 ≡ 17 (mod192) 15. x2 ≡ 17 (mod64) 16. x2 ≡ 17 (mod256) 17. x2 ≡ 25 (mod32) 18. x2 ≡ 25 (mod128) 19. x2 ≡ 33 (mod64) 20. x2 ≡ 33 (mod128) 21. x2 ≡ 41 (mod32) 22. x2 ≡ 41 (mod256) 23. x2 ≡ 41 (mod1024) Solve each. (See Example 11.1 and Exercise 10 in Sec- tion 11.1.) 24. 3x2 − 4x + 7 ≡ 0 (mod132) 25. 4x2 + 4x − 3 ≡ 0 (mod52) Solve each congruence. (Hint: Find a least residue b such that ab ≡ 1 (modp).) 26. 2x2 +1 ≡ 0 (mod11) 27. 2x2 +1 ≡ 0 (mod17) 28. 3x2 +1 ≡ 0 (mod13) 29. 3x2 +1 ≡ 0 (mod19)
- 663. Chapter Summary 543 Solve each congruence, if possible. (Hint: Use Exercises 1–4.) 30. x2 ≡ 4 (mod140) 31. x2 ≡ 23 (mod308) 32. x2 ≡ 43 (mod1768) 33. x2 ≡ 13 (mod1156) 34. x2 ≡ 5 (mod5324) 35. x2 ≡ 17 (mod2888) Assuming that the congruence x2 ≡ a (modm) is solvable, find the number of solutions for the indicated value of m, where p,q, and r are distinct odd primes, and a is an inte- ger with (a, pqr) = 1. 36. m = pq 37. m = p2 38. m = 4pq 39. m = pqr 40. m = p2q3r4 41. m = 8p2q3r4 Let m = 2e0 k i=1 p ei i be the canonical decomposition of m and (a,m) = 1. Assuming that x2 ≡ a (modm) is solv- able, find its number of solutions in each case. 42. e0 = 0 43. e0 = 1 44. e0 = 2 45. e0 ≥ 3 Prove each. 46. The square of every odd integer is congruent to 1 modulo 8. 47. Let a and b be two positive integers and p an odd prime such that ab ≡ 1 (modp). Then (a/p) = (b/p). 48. Let p be an odd prime. Then the congruence 2x2 + 1 ≡ 0 (modp) is solvable if and only if p ≡ 1 or p ≡ 3 (mod8). (Hint: Use Exercise 47.) 49. Let p be a prime 3. Then 3x2 + 1 ≡ 0 (modp) if and only if p ≡ 1 (mod6). 50. Let α be a solution of x2 ≡ a (modpn), where p is an odd prime and p a. Show that pn − α is also a solution. 51. Let p be an odd prime and a an integer such that p a. If the congruence x2 ≡ a (modpn) is solvable, it has exactly two solutions, where n ≥ 2. (Hint: Use Exercise 50.) 52. Let n be a positive integer and a = 2bc ≡ 0 (mod2n), where b and c are odd integers. Then the congruence x2 ≡ a (mod2n) is not solvable. 53. Let α be a solution of x2 ≡ a (mod2n), where n ≥ 3 and a ≡ 1 (mod8). Then 2n − α and 2n−1 ± α are also solutions. 54. The congruence x2 ≡ a (mod2n), where n ≥ 3 and a ≡ 1 (mod8) has exactly four incongruent solu- tions. (Hint: Use Exercise 53.) X CHAPTER SUMMARY In this chapter, we explored the theory of quadratic congruences via the concept of a quadratic residue, and established several criteria for determining the solvability of the congruence x2 ≡ a (modp), where p is an odd prime and p a. The congruence has either two or no incongruent solutions. Quadratic Residue • An integer a is a quadratic residue of a positive integer m, where (a, m) = 1, if x2 ≡ a (modm) has a solution; otherwise, it is a quadratic nonresidue. (p. 497) • Every odd prime p has exactly (p − 1)/2 quadratic residues and exactly (p − 1)/2 quadratic nonresidues. (p. 498)
- 664. 544 CHAPTER 11 Quadratic Congruences • (Euler’s criterion) Let p be an odd prime. Then a positive integer a with p a is a quadratic residue of p if and only if a(p−1)/2 ≡ 1 (modp). (p. 499) • Let p be an odd prime. Then a positive integer a, where p a, is a quadratic nonresidue if and only if a(p−1)/2 ≡ −1 (modp). (p. 500) The Legendre Symbol • Let p be an odd prime and a any integer such that p a. The Legendre symbol (a/p) is defined by (a/p) = 1 if a is a quadratic residue of p −1 otherwise (p. 501) • Euler’s criterion Let p be an odd prime. Then a positive integer a with p a is a quadratic residue of p if and only if (a/p) = 1. (p. 502) • Let p be an odd prime, and a and b be integers with p ab. Then: • If a ≡ b (modp), then (a/p) = (b/p). • (a/p)(b/p) = (ab/p). • (a2/p) = 1. (p. 502) • If p is an odd prime, then (−1/p) = 1 if p ≡ 1 (mod4) −1 if p ≡ −1 (mod4) (p. 503) • Let p be an odd prime, q a prime such that p q, and i a positive integer. Then (qi/p) = (q/p)i. (p. 505) • Let p be an odd prime and let a = n i=1 pei i be the canonical decomposition of a, where (a, p) = 1. Then (a/p) = n i=1 (pi/p)ei . (p. 505) • Gauss’ Lemma Let p be an odd prime and a an integer such that p a. Let ν denote the number of least positive residues of the integers a,2a,3a, ...,[(p − 1)/2]a that exceed p/2. Then (a/p) = (−1)ν. (p. 507) • Let p be an odd prime with p a. Let v denote the number of least positive residues of the integers a,2a,...,[(p−1)/2]a that exceed p/2. Then (a/p) = 1 if and only if v is even. (p. 508). • Let p be an odd prime. Then (2/p) = 1 if p ≡ ±1 (mod8) −1 if p ≡ ±3 (mod8) (p. 509) • Let p be an odd prime. Then (2/p) = (−1)(p2−1)/8. (p. 511)
- 665. Chapter Summary 545 • If p and 2p + 1 are odd primes, then 2(−1)(p−1)/2 is a primitive root modulo 2p + 1. (p. 512) • Let p and q be distinct odd primes. Then (p−1)/2 k=1 kq p + (q−1)/2 k=1 kp q = (p − 1) 2 · (q − 1) 2 (p. 515) • Law of Quadratic Reciprocity Let p and q be distinct odd primes. Then (p/q)(q/p) = (−1) (p−1) 2 · (q−1) 2 (p. 518) • Let p and q be distinct odd primes. Then (q/p) = (p/q) if p ≡ 1 (mod4) or q ≡ 1 (mod4) −(p/q) if p ≡ q ≡ 3 (mod4) (p. 520) • Pepin’s Test The Fermat number fn is a prime if and only if 3(fn−1)/2 ≡ −1 (modfn). (p. 523) The Jacobi Symbol • Let m be an odd positive integer with the canonical decomposition k i=1 pei i , where (a, m) = 1. Then the Jacobi symbol (a/m) is defined by (a/m) = a k i=1 pei i = k i=1 (a/pi)ei where (a/pi) denotes the Legendre symbol. (p. 527) • Let m be an odd positive integer, and a and b be any integers with (a, m) = 1 = (b, m). Then • If a ≡ b (modm), then (a/m) = (b/m). • (ab/m) = (a/m)(b/m) • (a2/m) = 1 (p. 529) • Let m be an odd positive integer with prime-power decomposition k i=1 pei i . Then • k i=1 ei(pi − 1)/2 ≡ (m − 1)/2 (mod 2) • k i=1 ei p2 i − 1 /8 ≡ (m2 − 1)/8 (mod 2). (p. 530)
- 666. 546 CHAPTER 11 Quadratic Congruences • Let m be an odd positive integer. Then • (−1/m) = (−1)(m−1)/2 • (2/m) = (−1)(m2−1)/8. (p. 531) • The Generalized Quadratic Reciprocity Law Let m and n be relatively prime odd positive integers. Then (m/n)(n/m) = (−1) m−1 2 n−1 2 (p. 532) • Let p be an odd prime, and a and n any positive integers such that p a. Then the congruence x2 ≡ a (modpn) is solvable if and only if (a/p) = 1. (p. 538) • Let a be an odd integer and n any integer ≥ 3. Then the congruence • x2 ≡ a (mod2) is solvable. • x2 ≡ a (mod4) is solvable if and only if a ≡ 1 (mod4). • x2 ≡ a (mod2n) is solvable if and only if a ≡ 1 (mod8). (p. 539) • If a ≡ 1 (mod8) and n ≥ 3, then x2 ≡ a (mod2n) has exactly four incongruent solutions. (p. 540) • Let m be a positive integer with canonical decomposition 2e0 i pei i and a any integer with (a, m) = 1. Then the congruence x2 ≡ a (modm) is solvable if and only if x2 ≡ a (mod2e0 ) and x2 ≡ a (modpei i ) are solvable. (p. 541) X REVIEW EXERCISES Solve each quadratic congruence. 1. x2 ≡ 13 (mod17) 2. x2 ≡ 31 (mod33) Evaluate each, where Mp is a Mersenne number, fn a Fermat number, and p an odd prime, and n 0. 3. (116/73) 4. (1033/1999) 5. (1739/3749) 6. (2327/4367) 7. (1/Mp) 8. (1/fn) 9. (−1/Mp) 10. (−1/fn) 11. (3/Mp) 12. (−3/Mp) 13. (3/fn) 14. (−3/fn) 15. (5/p), where p = n! + 1 is a prime and n ≥ 5. 16. (5/p), where p = n! − 1 is a prime and n ≥ 5. 17. (3/p), where p = 2n + 1 is a prime and n is even. 18. (p/3), where p = 2n + 1 is a prime and n is even. 19. (5/p), where p = 24n + 1 is a prime.
- 667. Review Exercises 547 20. (p/5), where p = 24n + 1 is a prime. 21. Both 13 and 29 are quadratic nonresidues of 47. Using this fact, find a quadratic residue of 47. Verify each. (Hint: Use Euler’s criterion.) 22. 2999|(21499 − 1) 23. 3989|(21994 + 1) 24. 3347|(31673 − 1) 25. 4793|(32396 + 1) Given that α is a solution of the congruence x2 ≡ a (modp), where p is an odd prime. Find a solution of x2 ≡ 4a (modp) for the given values of a,p, and α. 26. a = 10, p = 13, and α = 6 27. a = 9, p = 17, and α = 14 If p is a prime ≡ ±1 (mod8), then p|(2(p−1)/2 − 1). (See Exercise 51.) Using this fact, find a prime factor of each Mersenne number. 28. 223 − 1 29. 283 − 1 30. 289 − 1 31. 21013 − 1 32. Let p be an odd prime such that q = 2p + 1 is also a prime. If p ≡ 1 (mod4), then 2 is a primitive root modulo q. Otherwise, −2 is a primitive root modulo q. (See Exercise 53.) Using these facts, find four primes for which 2 is a primitive root and four primes for which −2 is a primitive root. 33. Characterize the prime factors p of the integer n2 + 1, where n 1. Solve each quadratic congruence. (See Exercises 11 and 12 in Section 1.) 34. 2x2 + 3x + 1 ≡ 0 (mod72) 35. 2x2 + x + 1 ≡ 0 (mod112) Solve each congruence, if possible. 36. x2 ≡ 27 (mod253) 37. x2 ≡ 53 (mod2431) 38. x2 ≡ 5 (mod968) 39. x2 ≡ 169 (mod9724) 40. x2 ≡ 47 (mod173) 41. x2 ≡ 226 (mod193) 42. Let α be a solution of the congruence x2 ≡ a (modp), where p is an odd prime and p 4a. Find a solution of x2 ≡ 4a (modp). 43. Find a factor of the Mersenne number 21000151 − 1. Prove each. 44. Let p be an odd prime, e an even positive integer, and a an integer such that p a. Then (2ea/p) = (a/p). 45. Let a be a positive integer and p an odd prime such that p 4a. Then the congru- ence x2 ≡ a (modp) is solvable if and only if x2 ≡ 4a (modp) is solvable. 46. Let p be a prime factor of a positive integer n and q = n! + 1 be a prime. Then (p/q) = 1. 47. Let p be a prime factor of a positive integer n and q = n! − 1 be a prime, where p ≡ 1 (mod4). Then (p/q) = 1.
- 668. 548 CHAPTER 11 Quadratic Congruences 48. Let p and q be distinct odd primes. Then the congruence x2 ≡ q (modp) is solvable if and only if x2 ≡ p (modq) is solvable, unless p ≡ q ≡ 3 (mod4). 49. If p is a prime ≡ ±1 (mod8), then p|[2(p−1)/2 − 1]. 50. Let p be an odd prime such that p|(a2n + b2n), where p ab and n ≥ 1. Then p is of the form 4k + 1. 51. Every quadratic nonresidue of a Fermat prime fn is a primitive root. 52. Every primitive root modulo a Fermat prime is a quadratic nonresidue. 53. Let p be an odd prime such that q = 2p + 1 is also a prime. If p ≡ 1 (mod4), then 2 is a primitive root modulo q. Otherwise, −2 is a primitive root modulo q. 54. There is an infinite number of primes of the form 8n − 1. (Hint: Assume there are only finitely many such primes p1,p2,...,pk. Consider N = (p1p2 ···pk)2 − 2.) 55. There is an infinite number of primes of the form 8n + 3. (Hint: Assume there are only finitely many such primes p1,p2,...,pk. Consider N = (p1p2 ···pk)2 + 2.) 56. There is an infinite number of primes of the form 6n + 1. (Hint: Assume there are only finitely many such primes p1,p2,...,pk. Consider N = (p1p2 ···pk)2 + 3.) 57. Three is a primitive root modulo every prime p = 2n + 1, where n 1. 58. Let p and q be distinct odd primes and p = p(−1)(p−1)/2. Then (p/q) = (q/p). 58. Let m and n be relatively prime odd integers and m = m(−1)(m−1)/2. Then (m/n) = (n/m). X SUPPLEMENTARY EXERCISES Let Z p denote the set of least positive residues modulo an odd prime p. Let f :Z p → {±1} defined by f(a) = (a/p). (The function f is a fine example of a homomorphism in group theory.) 1. Prove that f(ab) = f(a) · f(b), where p ab. 2. Prove that f is a surjection. 3. Identify the set K of least positive residues a modulo p such that f(a) = 1. (K is the kernel of f.) 4. Find K when p = 13. Let p be an odd prime and a any integer such that p a. Then a is a cubic residue if x3 ≡ a (modp) is solvable; it is a biquadratic residue if x4 ≡ a (modp) is solvable. 5. Find the cubic residues of 5 and 7. 6. Find the biquadratic residues of 7 and 11. 7. Prove that every biquadratic residue of p is also a quadratic residue.
- 669. Computer Exercises 549 8. Show that a quadratic residue of p need not be a biquadratic residue. 9. Gauss proved that −1 is a biquadratic residue of p if and only if p ≡ 1 (mod8). Verify that −1 is a biquadratic residue of 17, but a biquadratic nonresidue of 13. Let a be a nonsquare positive integer ≡ 0 or 1 (mod4), p an odd prime with p a, and n a positive integer with prime factorization k i=1 pei i , where (a, n) = 1. Then the Kronecker symbol (a/n), named for the German mathematician Leopold Kronecker (1823–1891), is defined as follows: (a/2) = 1 if a ≡ 1 (mod8) −1 if a ≡ 5 (mod8) (a/p) = Legendre symbol (a/p) = 1 if a is a quadratic residue modulo p −1 otherwise (a/n) = Jacobi symbol (a/n) = k i=1 (a/pi)ei In Exercises 10–15, (a/n) denotes the Kronecker symbol. Evaluate each. 10. (108/239) 11. (85/2) 12. (28/153) 13. (85/3861) Prove each. 14. (a/2) = (2/a), if 2 a. 15. Let m and n be positive integers such that (a, mn) = 1. Then (a/mn) = (a/m)(a/n). X COMPUTER EXERCISES Write a program to perform each task, where p is an odd prime. 1. Read in p and a positive integer a relatively prime to p. Find the incongruent solutions of the quadratic congruence x2 ≡ a (modp). 2. Read in p and list the quadratic residues of p. 3. Read in p and two positive integers a and b relatively prime to p. Determine if they are quadratic residues of p. If neither of them is a quadratic residue, use them to find one. 4. Read in p and an integer a, where p a. Evaluate (a/p) using (a) Euler’s criterion. (b) The law of quadratic reciprocity.
- 670. 550 CHAPTER 11 Quadratic Congruences 5. Read in p and a positive integer such that p a. (a) Compute (a/p). (b) Let ν denote the number of least residues of the integers a,2a,3a,..., [(p − 1)/2]a that exceed p/2. Find ν. (c) Is (a/p) = (−1)ν? 6. Read in two distinct odd primes p and q, and verify the law of quadratic reci- procity. 7. Read in a prime p ≡ ±1 (mod8). (a) Verify that 2(p−1)/2 ≡ 1 (modp). (b) Find a prime factor of 2(p−1)/2 − 1. 8. Read in two distinct odd primes p and q, and a positive integer a such that (a, pq) = 1. Using the solutions of the congruences x2 ≡ a (modp) and x2 ≡ a (modq), solve x2 ≡ a (modpq). 9. Read in an odd positive integer m and an integer a such that (a, m) = 1. Evaluate the Jacobi symbol (a/m). 10. Read in two relatively prime odd integers, and verify Theorems 11.12 and 11.13. 11. Read in a positive integer n and an integer a such that p a. Determine if the congruence x2 ≡ a (modpn) is solvable. 12. Read in a positive integer n and an integer a such that p a. Solve the congruence x2 ≡ a (modpn). 13. Read in an odd integer a and an integer n ≥ 3. Determine if the congruence x2 ≡ a (mod2n) is solvable; if so, find its solutions. 14. Read in an integer m ≥ 2 and an integer a such that (a, m) = 1. Solve the con- gruence x2 ≡ a (modm), if possible. X ENRICHMENT READINGS 1. H. M. Edwards, “Euler and Quadratic Reciprocity,” Mathematics Magazine, 56 (Nov. 1983), 285–291. 2. M. Gerstenhaber, “The 152nd Proof of Quadratic Reciprocity,” The American Mathematical Monthly, 70 (1963), 397–398. 3. D. E. Rowe, “Gauss, Dirichlet, and the Law of Biquadratic Reciprocity,” The Mathematical Intelligencer, 10 (1988), 13–25. 4. W. Watkins, “The Quadratic Residues −1 and −3,” The American Mathematical Monthly, 107 (Dec. 2000), 934.
- 671. 12 Continued Fractions If I have seen farther than other men, it is because I have stood on the shoulders of giants. — ISAAC NEWTON This chapter explores fractions of a special nature that we do not encounter in every- day life, fractions such as 113 77 = 1 + 1 2 + 1 3 + 1 4 + 1 5 + ··· Such a multi-layered fraction is a continued fraction, a term coined by the English mathematician John Wallis (1616–1703). His book, Opera Mathematica (1695) con- tains some basic work on continued fractions. Aryabhata used them to solve specific LDEs. Italian mathematician Rafael Bombelli (1526–1573) is often credited with laying the foundation for the theory of continued fractions, since he attempted to approximate √ 13 by such fractions in his L’Algebra Opera (1572). In 1613, Ital- ian mathematician Pietro Antonio Cataldi (1548–1626) pursued approximating √ 18 by continued fractions. The Dutch physicist and mathematician Christiaan Huygens (1629–1695) investigated such fractions for the design of a mathematical model for the planets in his Descriptio Automati Planetari (1703). Although these mathematicians made contributions to the development of con- tinued fractions, the modern theory of such fractions did not flourish until Euler, Johan Heinrich Lambert (1728–1777), and Lagrange embraced the topic. Euler stud- ied them around 1730 and his De Fractionlous Continious (1737) contains much of his work. In 1759, he employed them to solve equations of the form x2 − Ny2 = 1, 551
- 672. 552 CHAPTER 12 Continued Fractions called Pell’s equation (see Section 13.1). Seven years later, Lagrange developed the fundamental properties of periodic continued fractions. In 1931, D. H. Lehmer and R. E. Powers developed a factoring method based on continued fractions. M. A. Morrison and J. Brillhart demonstrated the power of this method by factoring f7 in 1974. We now study a brief introduction to continued fractions. 12.1 Finite Continued Fractions A finite continued fraction is an expression of the form x = a0 + 1 a1 + 1 a2 + 1 ... + 1 an−1 + 1 an (12.1) where each ai is a real number, a0 ≥ 0, ai+1 0 and i ≥ 0. The numbers a1,a2,...,an are the partial quotients of the finite continued fraction. The frac- tion is simple if each ai is an integer. Since this notation is a bit cumbersome to manage, the fraction is often written as [a0;a1,a2,a3,...,an] where a0 = x and the semicolon separates the fractional part from the integral part. For example, [1;2,3,4,5,6] = 1 + 1 2 + 1 3 + 1 4 + 1 5 + 1 6 = 1393 972 Although it follows from the definition that every simple finite continued frac- tion represents a rational number, we shall now formally prove it, using induction.
- 673. 12.1 Finite Continued Fractions 553 THEOREM 12.1 Every finite simple continued fraction represents a rational number. PROOF (We shall apply induction on the number of partial quotients.) Let [a0;a1,a2,...,an] be a finite simple continued fraction. When n = 1, [a0;a1] = a0 + 1 a1 = a0a1 + 1 a1 is a rational number. Now assume that every finite simple continued fraction with k partial quotients is a rational number, where k ≥ 1. Then [a0;a1,a2,...,ak,ak+1] = a0 + 1 [a1;a2,...,ak,ak+1] Since [a1;a2,...,ak+1] contains k partial quotients, it is a rational number r/s, where s = 0. Then [a0;a1,a2,...,ak,ak+1] = a0 + 1 r/s = a0 + s r = a0r + s r is a rational number. Thus, by induction, [a0;a1,a2,...,an] is a rational number for every positive integer n. The following theorem shows that the converse is also true: Every rational num- ber can be represented by a finite simple continued fraction. This was discovered by Euler. The proof invokes the euclidean algorithm from Section 3.2. THEOREM 12.2 Every rational number can be represented by a finite simple continued fraction. PROOF Let x = a/b be a rational number, where b 0. For convenience, we let r0 = a and r1 = b. By the euclidean algorithm, we have r0 = r1q1 + r2, 0 r2 r1 r1 = r2q2 + r3, 0 r3 r2 r2 = r3q3 + r4, 0 r4 r3 . . . rn−2 = rn−1qn−1 + rn, 0 rn rn−1 rn−1 = rnqn
- 674. 554 CHAPTER 12 Continued Fractions where the quotients q2,q3,...,qn and the remainders r2,r3,...,rn are positive. It follows from these equations that a b = r0 r1 = q1 + r2 r1 = q1 + 1 r1/r2 r1 r2 = q2 + r3 r2 = q2 + 1 r2/r3 r2 r3 = q3 + r4 r3 = q3 + 1 r3/r4 . . . rn−2 rn−1 = qn−1 + rn rn−1 = qn−1 + 1 rn−1/rn rn−1 rn = qn Substituting for r1/r2 in the first equation yields a b = q1 + 1 q2 + r3/r2 Now substitute for r2/r3: a b = q1 + 1 q2 + 1 q3 + 1 r3/r4 Continuing like this, we get a b = q1 + 1 q2 + 1 q3 + 1 ... + 1 qn−1 + 1 qn = [q1;q2,q3,...,qn−1,qn] Thus, every rational number can be represented by a finite simple continued fraction.
- 675. 12.1 Finite Continued Fractions 555 The following example illustrates this algorithm. EXAMPLE 12.1 Express 225 157 as a finite simple continued fraction. SOLUTION By the euclidean algorithm, we have 225 = 1 · 157 + 68 157 = 2 · 68 + 21 68 = 3 · 21 + 5 21 = 4 · 5 + 1 5 = 5 · 1 Thus, 225 157 = 1 + 68 157 = 1 + 1 157/68 = 1 + 1 2 + 21 68 = 1 + 1 2 + 1 68/21 = 1 + 1 2 + 1 3 + 5 21 = 1 + 1 2 + 1 3 + 1 21/5 = 1 + 1 2 + 1 3 + 1 4 + 1 5 = [1;2,3,4,5] The Jigsaw Puzzle Revisited In Section 3.2, we saw that the euclidean algorithm yields a jigsaw puzzle. We will now show how the numbers of different-size squares in the puzzle yield an interesting dividend. To this end, suppose we would like to convert 23 13 into a simple continued
- 676. 556 CHAPTER 12 Continued Fractions fraction. By the euclidean algorithm, we have 23 = 1 · 13 + 10 13 = 1 · 10 + 3 10 = 3 · 3 + 1 3 = 3 · 1 So 23 13 = [1;1,3,3]. It follows from Figure 12.1 that the 23 × 13 rectangle can be cut up into one 13 × 13 square, one 10 × 10 square, three 3 × 3 squares, and three 1 × 1 squares. Notice that the numbers of squares of the various sizes are the partial quotients in the continued fraction. Figure 12.1 Suppose an 1 in the finite simple continued fraction [a0;a1,...,an]. Since an = (an − 1) + 1 1 , it follows that [a0;a1,...,an] = [a0;a1,...,an − 1,1]. For ex- ample, [1;2,3,4,5] = [1;2,3,4,1]. On the other hand, let an = 1. Then [a0;a1,...,an] = [a0;a1,...,an−1,1] = [a0,a1,...,an−1 + 1] For example, [1;2,3,4,1] = [1;2,3,5]. Thus, every rational number can be written as a finite simple continued frac- tion in two different ways. In other words, the continued fraction representation of a rational number is not unique. Next, we discuss approximations of continued fractions. Convergents of a Continued Fraction By truncating the continued fraction for x = [a0;a1,...,an] at the various plus signs [see equation (12.1)], we can generate a sequence {ck} of approximations of x, where 0 ≤ k ≤ n; thus, ck = [a0,a1,...,ak]; ck is called the kth convergent of x, a concept introduced by Wallis in his Opera Mathematica.
- 677. 12.1 Finite Continued Fractions 557 For example, you may verify that F8 F7 = 21 13 = [1;1,1,1,1,1,1] The various convergents are c0 = [1] = 1 1 = 1 c1 = [1;1] = 2 1 = 2 c2 = [1;1,1] = 3 2 = 1.5 c3 = [1;1,1,1] = 5 3 ≈ 1.6666666667 c4 = [1;1,1,1,1] = 8 5 = 1.6 c5 = [1;1,1,1,1,1] = 13 8 = 1.625 c6 = [1;1,1,1,1,1,1] = 21 13 ≈ 1.6153846154 Some interesting observations: • These convergents ck approach the actual value 21 13 as k increases, where 0 ≤ k ≤ 6. • The convergents c2k approach it from below and the convergents c2k+1 from above; so the convergents are alternately less than and greater than 21 13 , ex- cept the last convergent; that is, c0 c2 c4 21 13 c5 c3 c1; see Fig- ure 12.2. Figure 12.2 • The convergents display a remarkable pattern: ck = Fk+2 Fk+1 , 0 ≤ k ≤ 6.
- 678. 558 CHAPTER 12 Continued Fractions We shall return to these observations later. We can facilitate the computation of the convergents ck = pk qk by developing formulas for its numerator and denominator, as the next theorem shows. THEOREM 12.3 The kth convergent of the finite simple continued fraction [a0;a1,...,an] is ck = pk qk where 2 ≤ k ≤ n, and the sequences {pk} and {qk} are defined recursively as follows: p0 = a0 q0 = 1 p1 = a0a1 + 1 q1 = a1 pk = akpk−1 + pk−2 qk = akqk−1 + qk−2 PROOF We shall prove by induction that ck = pk qk yields the kth convergent of the continued fraction for each value of k, where 0 ≤ k ≤ n. When k = 0, c0 = [a0] = a0 1 = p0 q0 and when k = 1, c1 = [a0;a1] = a0 + 1 a1 = a0a1 + 1 a1 = p1 q1 Thus, the theorem is true when k = 0 and k = 1. Now assume that the formula for ck works for an arbitrary integer m, where 2 ≤ m n. That is, cm = pm qm = ampm−1 + pm−2 amqm−1 + qm−2 (12.2) Then cm+1 = [a0;a1,...,am,am+1] = a0;a1,...,am−1,am + 1 am+1 Notice that the integers pm−1, pm−2, qm−1, and qm−2 depend only on the partial quotients a0,a1,...,am−1, and not on am. So the convergent cm+1 can be computed from formula (12.2) by replacing am with am + 1 am+1 :
- 679. 12.1 Finite Continued Fractions 559 cm+1 = am + 1 am+1 pm−1 + pm−2 am + 1 am+1 qm−1 + qm−2 = am+1(ampm−1 + pm−2) + pm−1 am+1(amqm−1 + qm−2) + qm−1 = am+1pm + pm−1 am+1qm + qm−1 , by formula (12.2) Thus, by induction, the formula works for every value of k, where 0 ≤ k ≤ n. The following example illustrates this theorem. EXAMPLE 12.2 Using Theorem 12.3, compute the convergents of the continued fraction [2;3,1,5] = 52 23 . SOLUTION We have a0 = 2,a1 = 3,a2 = 1, and a3 = 5. First, we compute pk and qk for each k, where 0 ≤ k ≤ 3: p0 = a0 = 2 q0 = 1 p1 = a0a1 + 1 = 2 · 3 + 1 = 7 q1 = a1 = 3 p2 = a2p1 + p0 = 1 · 7 + 2 = 9 q2 = a2q1 + q0 = 1 · 3 + 1 = 4 p3 = a3p2 + p1 = 5 · 9 + 7 = 52 q3 = a3q2 + q1 = 5 · 4 + 3 = 23 Thus, the various convergents are c0 = p0 q0 = 2 1 c1 = p1 q1 = 7 3 c2 = p2 q2 = 9 4 c3 = p3 q3 = 52 23 A table such as Table 12.1 can be used effectively to compute pk and qk, from which ck can be computed. For example, p2 = 9 = 1 · 7 + 2 and q3 = 23 = 5 · 4 + 3. k 0 1 2 3 ak 2 3 1 5 pk 2 7 9 52 qk 1 3 4 23 Table 12.1
- 680. 560 CHAPTER 12 Continued Fractions The next theorem reveals a Cassini-like relationship among the numerators and the denominators of two successive convergents of a finite simple continued fraction. THEOREM 12.4 Let ck = pk qk be the kth convergent of the simple continued fraction [a0;a1,...,an], where 1 ≤ k ≤ n. Then pkqk−1 − qkpk−1 = (−1)k−1. PROOF (by induction) Using the definitions of the sequences {pk} and {qk} in Theorem 12.3, p1q0 − q1p0 = (a0a1 + 1) · 1 − a1a0 = 1 = (−1)1−1 So the formula works when k = 1. Now assume that it is true for an arbitrary positive integer k n: pkqk−1 − qkpk−1 = (−1)k−1 Then, by the recursive definition of pk and qk, pk+1qk − qk+1pk = (ak+1pk + pk−1)qk − (ak+1qk + qk−1)pk = −(pkqk−1 − qkpk−1) = −(−1)k−1 , by the inductive hypothesis = (−1)k So the formula works for k +1 also. Thus, by induction, the theorem is true for every positive integer ≤ n. The following example illustrates this theorem. EXAMPLE 12.3 Verify Theorem 12.4 using the convergents of the continued fraction [2;3,1,5]. SOLUTION Using Example 12.2, we have p1q0 − q1p0 = 7 · 1 −3 · 2 = 1 = (−1)1−1 p2q1 − q2p1 = 9 · 3 −4 · 7 = −1 = (−1)2−1 p3q2 − q3p2 = 52 · 4 −23 · 9 = 1 = (−1)3−1 Thus, pkqk−1 − qkpk−1 = (−1)k−1 for every value of k, where 1 ≤ k ≤ 3. As in the case of Cassini’s formula, Theorem 12.4 has an interesting byproduct about pk and qk, as the next corollary shows.
- 681. 12.1 Finite Continued Fractions 561 COROLLARY 12.1 Let ck = pk qk be the kth convergent of the simple continued fraction [a0;a1,...,an]. Then (pk,qk) = 1, where 1 ≤ k ≤ n. PROOF Let d = (pk,qk). Since pkqk−1 − qkpk−1 = (−1)k−1, it follows by Theorem 2.4 that d|(−1)k−1. But d 0, so d = 1. Thus, (pk,qk) = 1, as desired. For example, consider the convergents of the continued fraction [2;3,1,5] in Example 12.2. Notice that (p1,q1) = (7,3) = 1; (p2,q2) = (9,4) = 1; and (p3,q3) = (52,23) = 1. The following corollary shows another interesting consequence of Theo- rem 12.4. COROLLARY 12.2 Let ck = pk qk be the kth convergent of the simple continued fraction [a0;a1,...,an], where 1 ≤ k ≤ n. Then ck − ck−1 = (−1)k−1 qkqk−1 PROOF By Theorem 12.3, ck − ck−1 = pk qk − pk−1 qk−1 = pkqk−1 − qkpk−1 qkqk−1 = (−1)k−1 qkqk−1 , by Theorem 12.4 This leads us to following result. COROLLARY 12.3 Let ck = pk qk be the kth convergent of the simple continued fraction [a0;a1,...,an]. Then ck − ck−2 = ak(−1)k qkqk−2 where 2 ≤ k ≤ n. PROOF By Corollary 12.2, ck − ck−1 = (−1)k−1 qkqk−1
- 682. 562 CHAPTER 12 Continued Fractions and ck−1 − ck−2 = (−1)k−2 qk−1qk−2 Adding these two equations, ck − ck−2 = (−1)k−1 qkqk−1 + (−1)k−2 qk−1qk−2 = (−1)k−2(qk − qk−2) qkqk−1qk−2 = (−1)k−2(akqk−1) qkqk−1qk−2 , by Theorem 12.3 = (−1)kak qkqk−2 We are now ready to confirm the observation made earlier (in Figure 12.2). THEOREM 12.5 Let ck = pk qk be the kth convergent of the simple continued fraction [a0;a1,...,an]. Then c2i c2i+2, c2i+3 c2i+1, and c2i c2j+1, where i,j ≥ 0. PROOF By Corollary 12.3, ck − ck−2 = ak(−1)k qkqk−2 where 2 ≤ k ≤ n. Let k = 2i + 2, where i ≥ 0. This equation yields c2i+2 − c2i = a2i+2(−1)2i+2 q2i+2q2i Since a2i+2,q2i+2,q2i 0, the RHS is positive; so c2i c2i+2; thus c0 c2 c4 ··· . Likewise, by letting k = 2i + 3 in Corollary 12.3, we get c2i+3 c2i+1; thus c1 c3 c5 ··· . Finally, by Corollary 12.2, c2s c2s−1; so c2i+2j c2i+2j−1. But c2i+2j−1 c2j−1. Thus c2i c2i+2j c2i+2j−1 c2j−1, so c2i c2j−1 for every i,j ≥ 0. In words, every even-numbered convergent is less than every odd-numbered conver- gent. It follows from the theorem that c0 c2 c4 ··· c5 c3 c1
- 683. 12.1 Finite Continued Fractions 563 For example, returning to the convergents of the continued fraction 21 13 = [1;1,1,1,1,1,1], notice that c0 c2 c4 c6,c1 c3 c5, and c0 c2 c4 c6 c5 c3 c1. Next we present an interesting application of finite simple continued fractions to LDEs. Continued Fractions and LDEs Recall from Theorem 4.1 that the LDE ax + by = c is solvable if and only if d | c, where d = (a,b). If x0,y0 is a particular solution, then it has infinitely many solutions x = x0 + (b/d)t,y = y0 − (a/d)t. Continued fractions can be employed to solve LDEs. To see this, first consider the LDE ax + by = 1, where b 0 and (a,b) = 1. Since a/b is a rational number, by Theorem 12.2, it can be represented by a continued fraction [a0;a1,...,an]. Then cn = pn qn = a b Since (pn,qn) = 1 = (a,b), it follows that a = pn and b = qn. By Theorem 12.4, pnqn−1 − qnpn−1 = (−1)n−1; so aqn−1 − bpn−1 = (−1)n−1. When n is odd, it becomes aqn−1 + b(−pn−1) = 1; so x0 = qn−1,y0 = −pn−1 is a solution of the LDE ax + by = 1. On the other hand, when n is even, it becomes a(−qn−1) + bpn−1 = 1; so x0 = −qn−1,y0 = pn−1 is a solution. When x0,y0 is a solution of the LDE ax + by = 1, ax0 + by0 = 1; so a(cx0) + b(cy0) = c; thus, cx0,cy0 is a particular solution of the LDE ax + by = c. The following example illustrates this technique. EXAMPLE 12.4 Using continued fractions, solve Mahavira’s puzzle in Example 3.17. SOLUTION By Example 3.17, we have 63x−23y = −7; that is, (−63)x+23y = 7. First, we find a particular solution of the LDE (−63)x + 23y = 1, where (−63,23) = 1. To this end, we express −63 23 as a continued fraction, using the euclidean algorithm: −63 = (−3) · 23 + 6 23 = 3 · 6 + 5 6 = 1 · 5 + 1 5 = 5 · 1 So −63 23 = [−3;3,1,5]. Then c2 = p2 q2 = −11 4 and c3 = p3 q3 = −63 23 ; so p2 = −11,q2 = 4,p3 = −63, and q3 = 23.
- 684. 564 CHAPTER 12 Continued Fractions By Theorem 12.4, p3q2 − q3p2 = (−1)3−1; that is, (−63) · 4 + 23 · 11 = 1. Consequently, x0 = 4,y0 = 11 is a particular solution of the LDE (−63)x + 23y = 1. Therefore, 7x0 = 28, 7y0 = 77 is a particular solution of the LDE (−63)x + 23y = 7. So, by Theorem 3.20, its general solution is x = 7x0 + bt = 28 + 23t, y = 7y0 − at = 77 + 63t. (Notice that this is consistent with the solution in Example 3.17.) E X E R C I S E S 12.1 Rewrite each as a finite simple continued fraction. 1. 57 23 2. 1199 199 3. −43 17 4. 89 55 Represent each continued fraction as a rational number. 5. [1;2,3,4,5] 6. [1;1,1,1,1,1] 7. [−3;5,4,3,2] 8. [5;4,3,2,1] Use Figure 12.3 to answer Exercises 9 and 10, where each smallest square is a 1 × 1 square. (R. Knott) Figure 12.3 9. Find the continued fraction corresponding to the split- ting up of the rectangle into squares. 10. Find the rational number (in lowest terms) repre- sented by the continued fraction. Using Theorem 12.3, compute the convergents of each continued fraction. 11. [1;1,1,1,1,1,1] 12. [0;2,7,7,6] 13. [3;1,4,2,7] 14. [−2;5,4,7,1] The second and third convergents of the continued frac- tion [1;2,3,4,5,6,7,8] are 10/7 and 43/30, respec- tively. Using them, find each convergent: 15. c4 16. c6 The fourth and fifth convergents of the continued fraction [1;1,1,1,1,1,1,3] are 8/5 and 13/8, respectively. Using them, compute each convergent. 17. c6 18. c7 19. Let cn denote the nth convergent of the finite contin- ued fraction [1;1,1,1,...,1]. Prove that cn = Fn+2 Fn+1 , where n ≥ 1. 20. Using the finite continued fraction [1;1,1,1,...,1], prove that Fn+2Fn − F2 n+1 = (−1)n+1, where n ≥ 1. Let ck = pk qk be the kth convergent of the simple continued fraction [1;2,3,4,5,6], where 1 ≤ k ≤ n. Express each as a simple continued fraction. 21. p4 p3 22. p5 p4 23. q4 q3 24. q5 q4 25. Using Exercises 21 and 22, make a conjecture about pk pk−1 , where pk qk denotes the kth convergent of the simple continued fraction [a0;a1,...,an], where 2 ≤ k ≤ n. 26. Using Exercises 23 and 24, make a conjecture about qk qk−1 , where pk qk denotes the kth convergent of the simple continued fraction [a0;a1,...,an], where 2 ≤ k ≤ n. Using the continued fraction of the given rational num- ber r, find the continued fraction of 1/r. 27. 57/23 28. 1199/199 29. Let r be a rational number with simple continued fraction [a0;a1,...,an]. Using Exercises 25 and 26, conjecture the continued fraction for 1/r. 30. Establish the conjecture in Exercise 29.
- 685. 12.2 Infinite Continued Fractions 565 Solve each LDE, using continued fractions. 31. 12x + 13y = 14 32. 28x + 91y = 119 33. 1776x + 1976y = 4152 34. 1076x + 2076y = 3076 12.2 Infinite Continued Fractions Suppose there are infinitely many terms in the expression [a0;a1,...,an,...], where a0 ≥ 0 and ai 0 for i ≥ 1. Such a fraction is an infinite continued fraction. In particular, if each aj is an integer, then it is an infinite simple continued fraction. More generally, an infinite simple continued fraction is of the form a0 + b1 a1 + b2 a2 + b3 a3 + ··· where a0 ≥ 0, and ai and bi+1 are integers for each i. An interesting example of such a continued fraction is the identity for 4 π , dis- covered in 1655 by Lord William V. Brouncker (1620–1684), the first president of the Royal Society. He discovered it by converting Wallis’ celebrated infinite product 4 π = 3 · 3 · 5 · 5 · 7 · 7··· 2 · 4 · 4 · 6 · 6··· into a continued fraction: 4 π = 1 + 12 2 + 32 2 + 52 2 + 72 2 + ··· This is the first recorded infinite continued fraction, but Brouncker did not provide a proof; it was given by Euler in 1775.
- 686. 566 CHAPTER 12 Continued Fractions An infinite continued fraction for π 4 is π 4 = 1 + 12 3 + 22 5 + 32 7 + 42 9 + ··· In 1999, L. J. Lange of the University of Missouri developed an equally fasci- nating continued fraction for π: π = 3 + 12 6 + 32 6 + 52 6 + 72 6 + ··· For convenience, we restrict our discussion to infinite simple continued frac- tions, where bi = 1. The simplest such continued fraction is [1;1,1,1,...]. One of the most astounding continued fractions was developed by the Indian mathematical genius Srinivasa Ramanujan, who studied them in 1908: √ 5α − α e2π/5 = 0;e−2π ,e−4π ,e−6π ,... where α denotes the golden ratio. When Ramanujan communicated this marvelous result to Hardy in his first letter to him in 1913, Hardy was stunned by the discovery and could not derive it himself. Equally intriguing is its reciprocal: e−2π/5 √ 5α − α = 1;e−2π ,e−4π ,e−6π ,... Ramanujan discovered about 200 such infinite continued fractions. How do we evaluate infinite simple continued fractions? We will answer this gradually. First, notice that although the continued fraction [a0;a1,a2,...] is infinite, the convergents cn = [a0;a1,...,an] are finite, and hence represent rational numbers, so the properties of convergents from the previous section can be applied to these convergents also. Since c0 c2 c4 ··· c5 c3 c1
- 687. 12.2 Infinite Continued Fractions 567 Srinivasa Aiyangar Ramanujan (1887–1920), the greatest Indian mathemati- cian, was born in Erode, near Madras, the son of a bookkeeper at a cloth store in Kumbakonam. After two years of elementary school, he transferred to the high school at age seven. At ten, he placed first in the district primary examination. In 1903, his passion for mathematics was sparked when he borrowed a copy of George Schoobridge Carr’s A Synopsis of Elementary Results in Pure and Ap- plied Mathematics from a university student. Without any formal training or out- side help, Ramanujan established the 6000 theorems in the book, stated without proofs or any explanation, and kept their proofs in a notebook. Graduating from high school in 1904, he entered the University of Madras on a scholarship. However, his neglect of all subjects except mathematics caused Ramanujan to lose the scholarship after a year, and he dropped out of college. He returned to the University after traveling through the countryside, but never graduated. During this period, he pursued his passion, rediscovering previously known results and dis- covering new ones in hypergeometric series and elliptic functions. His marriage in 1909 compelled him to earn a living. Three years later, he secured a low-paying clerk’s job with the Madras Port Trust. He published his first article in 1911 on Bernoulli numbers in the Journal of the Indian Mathematical Society and two more the following year. In 1913, Ramanujan began corresponding with the eminent English mathematician Godfrey H. Hardy of Cambridge University. His first letter included more than 100 theorems, some without proofs. After examining them carefully, Hardy concluded that “they could only be written down by a mathematician of the highest class; they must be true because if they were not true, no one would have the imagination to invent them.” Ramanujan arrived in Cambridge in 1914 with the help of a scholarship arranged by Hardy. During his five- year stay, he and Hardy collaborated on a number of articles in the theory of partitions, analytic number theory, continued fractions, infinite series, and elliptic functions. In 1917, Ramanujan became seriously ill. He was incorrectly diagnosed with tuberculosis; however, it is now believed that he suffered from a vitamin deficiency caused by his strict vegetarianism. When Ramanujan was sick in a nursing home, Hardy visited him. Hardy told him that the number of the cab he came in, 1729, was a “rather dull number” and he hoped that it wasn’t a bad omen. “No, sir,” Ramanujan responded. “It is a very interesting number. It is the smallest number expressible as the sum of two cubes in two different ways.” In 1918, Ramanujan became one of the youngest members of the Fellow of the Royal Society and a fellow of Trinity College. Ramanujan returned to India the following year. He pursued his mathematical passion even on his deathbed. His short but extremely productive life ended when he was only 32. by Theorem 12.5, the sequence {c2n} is an increasing sequence that is bounded above by c1, and the sequence {c2n+1} is a decreasing sequence that is bounded below by c0. Consequently, both sequences have limits; that is, as n approaches infinity, sequence {c2n} approaches a limit ; and the sequence {c2n+1} approaches a limit ; thus, lim n→∞ c2n = and lim n→∞ c2n+1 =
- 688. 568 CHAPTER 12 Continued Fractions The next theorem shows that = . THEOREM 12.6 Let ck = [a0;a1,...,ak] denote the kth convergent of the simple continued fraction [a0;a1,a2,...]. Then lim n→∞ c2n = lim n→∞ c2n+1 PROOF By Corollary 12.2, c2n+1 − c2n = (−1)2n q2n+1q2n = 1 q2n+1q2n 1 q2 2n , since q2n+1 q2n As n gets larger and larger, qn and hence q2 n get larger and larger; then 1 q2 n gets smaller and smaller, but never negative. So lim n→∞ (c2n+1 − c2n) = 0. Thus, lim n→∞ c2n+1 − lim n→∞ c2n = lim n→∞ (c2n+1 − c2n) = 0 So the two limits are equal. It follows from this theorem that the sequences {c2n} and {c2n+1} of convergents of the continued fraction [a0;a1,a2,...] approaches a unique limit . This common limit is the value of the continued fraction: = lim n→∞ cn = [a0;a1,a2,...] For example, let cn denote the nth convergent of the continued fraction [1;1,1,1,...], where n ≥ 0. Then cn = Fn+2 Fn+1 ; this can be established using induc- tion (see Exercise 13). Thus, cn = pn qn = Fn+2 Fn+1 [This relationship was first observed in 1753 by the English mathematician Robert Simson (1687–1768).] Since lim n→∞ cn = lim n→∞ Fn+2 Fn+1
- 689. 12.2 Infinite Continued Fractions 569 (see Exercise 14), the sequence {cn} converges to the golden ratio α; that is, [1;1,1,1,...] = α. We can establish this fact by using an alternate route, without employing conver- gents. To this end, let x = [1;1,1,1,...]. Then [1;1,1,1,...] = [1;[1;1,1,1,...]], so x = [1;x] = 1+ 1 x . Then x2 −x−1 = 0. Solving it, we get x = 1 ± √ 5 2 , but x 0; so x = 1 + √ 5 2 = α; see Figure 12.4. Figure 12.4 In Theorem 12.1, we proved that every finite simple continued fraction repre- sents a rational number. We now show that every infinite simple continued fraction represents an irrational number. THEOREM 12.7 The infinite simple continued fraction [a0;a1,a2,...] represents an irrational num- ber. PROOF (by contradiction) Let x = [a0;a1,a2,...]. Then x is the limit of the sequence {cn} of convergents cn = pn qn = [a0;,a1,...,an]. Since c0 c2 ··· c2n ··· c2n+1 ··· c3 c1 ↑ x it follows that c2n x c2n+1; so 0 x − c2n c2n+1 − c2n By Corollary 12.2, this implies that 0 x − p2n q2n 1 q2n+1q2n
- 690. 570 CHAPTER 12 Continued Fractions Suppose x is a rational number a/b, where b 0. Then 0 a b − p2n q2n 1 q2n+1q2n That is, 0 aq2n − bp2n b q2n+1 Thus, aq2n − bp2n is a positive integer b q2n+1 . But as n gets larger and larger, so does q2n+1. Hence, there is an integer k such that q2k+1 b, that is, b q2k+1 1. Then 0 aq2k − bp2k 1. This implies that aq2k − bp2k is a positive integer 1. Since this is impossible, x cannot be a rational number; in other words, x is an irrational number. The next theorem shows that every irrational number x can be represented by an infinite simple continued fraction. Therefore, every irrational number can be ap- proximated by a rational number. It provides an algorithm for constructing such a continued fraction and uses the floor function from Section 1.1. The proof is a bit long, so follow it carefully. THEOREM 12.8 Let x = x0 be an irrational number. Define the sequence {ak}∞ k=0 of integers ak recur- sively as follows: ak = xk, xk+1 = 1 xk − ak where k ≥ 0. Then x = [a0;a1,a2,...]. PROOF It follows from the recursive definition that ak is an integer for every k. We now establish by induction that xk is an irrational number for every k ≥ 0. To this end, first notice that x0 is irrational and a0 = x0 = x0. Besides, since x0 is irrational, x0 − a0 is irrational; so x1 = 1 x0 − a0 is an irrational number. Now assume that xk is irrational for an arbitrary integer k ≥ 0. Then xk − ak and hence 1 xk − ak are irrational; that is, xk+1 is irrational. Thus, by induction, every xk is an irrational number. Next we will show that ak ≥ 1 for every k ≥ 1. Since ak is an integer and xk is an irrational number, ak = xk; so xk − ak 0. But xk − ak = xk − xk 1; so 0 xk − ak 1. Hence
- 691. 12.2 Infinite Continued Fractions 571 xk+1 = 1 xk − ak 1 Consequently, ak+1 = xk+1 ≥ 1 for every k ≥ 0. That is, the integers a1,a2,... are all positive. We will now show that x = [a0;a1,a2,...]. From the recursive formula xk+1 = 1 xk − ak it follows that xk = ak + 1 xk+1 where k ≥ 0. Successively substituting for x1,x2,x3,..., this yields x0 = a0 + 1 x1 = [a0;x1] = a0 + 1 a1 + 1 x2 = [a0;a1,x2] = a0 + 1 a1 + 1 a2 + 1 x3 = [a0;a1,a2,x3] . . . = a0 + 1 a1 + 1 a2 + 1 ... + 1 an + 1 xn+1 = [a0;a1,a2,...,an,xn+1] where n ≥ 0. Finally, we must show that x0 = lim n→∞ [a0;a1,...,an,xn+1]. To this end, let ck = pk qk denote the kth convergent of the continued fraction [a0;a1,a2,...]. Then, by Theorem 12.3, x0 = [a0;a1,...,an,xn+1] = xn+1pn + pn−1 xn+1qn + qn−1
- 692. 572 CHAPTER 12 Continued Fractions Then x0 − cn = xn+1pn + pn−1 xn+1qn + qn−1 − pn qn = −(pnqn−1 − qnpn−1) (xn+1qn + qn−1)qn = (−1)n (xn+1qn + qn−1)qn , by Theorem 12.4 Since xn+1 an+1, this yields |x0 − cn| = 1 (xn+1qn + qn−1)qn 1 (an+1qn + qn−1)qn = 1 qn+1qn As n gets larger and larger, so does qn. Therefore, as n approaches infinity, 1 qn+1qn approaches zero; that is, cn → x0 as n → ∞. Thus, x = x0 = lim n→∞ cn = [a0;a1,a2,...] as desired. The next theorem shows that the infinite continued fraction representation of an irrational number is unique. We omit its proof in the interest of brevity; see Supple- mentary Exercise 4. THEOREM 12.9 If [a0;a1,a2,...] and [b0;b1,b2,...] represent the same irrational number, then ak = bk for every k ≥ 0. The following example illustrates the constructive algorithm in Theorem 12.8. EXAMPLE 12.5 Express √ 13 as an infinite simple continued fraction.
- 693. 12.2 Infinite Continued Fractions 573 SOLUTION Let x = x0 = √ 13. Then a0 = √ 13 = 3. By the recursive definition in Theo- rem 12.8, we have x1 = 1 x0 − a0 = 1 √ 13 − 3 = √ 13 + 3 4 a1 = x1 = 1 x2 = 1 x1 − a1 = √ 13 − 3 4 − √ 13 = √ 13 + 1 3 a2 = x2 = 1 x3 = 1 x2 − a2 = 3 √ 13 − 2 = √ 13 + 2 3 a3 = x3 = 1 x4 = 1 x3 − a3 = 3 √ 13 − 1 = √ 13 + 1 4 a4 = x4 = 1 x5 = 1 x4 − a4 = 4 √ 13 − 3 = √ 13 + 3 a5 = x5 = 6 x6 = 1 x5 − a5 = 1 √ 13 − 3 = √ 13 + 3 4 a6 = x6 = 1 Clearly, the pattern continues. Thus, √ 13 = [3;1,1,1,1,6,1,1,1,1,6,...] This is often written as √ 13 = 3;1,1,1,1,6 to indicate the periodic behavior. An Infinite Continued Fraction for 1 α In 1951, F. C. Ogg of Bowling Green State University discovered a sophisticated way of converting √ 5 − 1 into an infinite simple continued fraction: √ 5 − 1 = 1 + √ 5 − 2 = 1 + 1 √ 5 + 2 = 1 + 1 4 + √ 5 − 2 = 1 + 1 4 + 1 √ 5 + 2 = 1 + 1 4 + 1 4 + √ 5 − 2
- 694. 574 CHAPTER 12 Continued Fractions = 1 + 1 4 + 1 4 + 1 4 + ··· = [1;4,4,4,...] = 1;4 The various convergents of this continued fraction are 1, 5 4 , 21 17 , 89 72 , 377 305 ,.... Now divide each by 2. The resulting numbers are 1 2 , 5 8 , 21 34 , 89 144 , 377 610 ,...; so the nth convergent of the continued fraction for √ 5 − 1 2 is F3n+2 F3n+3 , where n ≥ 0. Since lim n→∞ F3n+2 F3n+3 = lim n→∞ 1 F3n+3/F3n+2 = 1 α = √ 5 − 1 2 So the continued fraction for √ 5 − 1 2 is that of 1 α . Since α = [1;1,1,1,...], it fol- lows that 1 α = [0;1,1,1,...]. Using Theorem 12.8, the next example develops the infinite continued fraction for e = 2.718281828..., the base of the natural logarithm. It was discovered by Euler in 1737. EXAMPLE 12.6 Find the continued fraction expansion for e. SOLUTION We have x0 = e = 2.718281828..., so a0 = 2. Using the algorithm in Theorem 12.8, we have x1 = 1 x0 − a0 = 1 0.7182818280... = 1.3922111920... a1 = 1 x2 = 1 x1 − a1 = 1 0.3922111920... = 2.5496467725... a2 = 2 x3 = 1 x2 − a2 = 1 0.5496467725... = 1.8193502627... a3 = 1 x4 = 1 x3 − a3 = 1 0.8193502627... = 1.2204792571... a4 = 1 x5 = 1 x4 − a4 = 1 0.2204792571... = 4.5355740627... a5 = 4
- 695. Chapter Summary 575 Continuing like this, we get e = [2;1,2,1,1,4,1,1,6,1,1,8,...] where the even partial quotients are separated by two 1s. Euler also showed that e − 1 e + 1 = [0;2,6,10,14,18,...] and e2 − 1 e2 + 1 = [0;1,3,5,7,9,...] E X E R C I S E S 12.2 Convert each into an infinite simple continued fraction. 1. √ 2 2. √ 3 3. √ 5 4. √ 12 5. π 6. √ π Compute the first five convergents of the continued frac- tion for each. 7. √ 2 8. √ 3 9. π 10. √ π 11. Using the continued fraction π = [3;7,15,1,292, 1,...], compute the value of π correct to eight deci- mal places. 12. Using the continued fraction e = [2;1,2,1,1,4,1,1, 6,1,1,8,...], compute the value of e correct to six decimal places. 13. Let cn denote the nth convergent of the continued fraction [1;1,1,1,1,...], where n ≥ 1. Prove that cn = Fn+2 Fn+1 . 14. Prove that lim n→∞ Fn+1 Fn = α, the golden ratio. Evaluate each simple infinite continued fraction. 15. [Fn;Fn,Fn,Fn,...] 16. [Ln;Ln,Ln,Ln,...] X CHAPTER SUMMARY In this chapter, we presented a brief introduction to the theory of continued fractions. A continued fraction is simple if each partial quotient is an integer. We learned how to identify rational and irrational numbers, using their continued fraction representa- tions.
- 696. 576 CHAPTER 12 Continued Fractions Finite Simple Continued Fractions • Compact notation [a0;a1,...,an] (p. 552) • Every rational number can be represented by a finite simple continued frac- tion. (p. 553) • ck = pk qk = [a0;a1,...,ak] gives the kth convergent of the continued fraction. (p. 556) • ck can be defined recursively (p. 558): p0 = a0 q0 = 1 p1 = a0a1 + 1 q1 = a1 pk = akpk−1 + pk−2 qk = akqk−1 + qk−2 • pkqk−1 − qkpk−1 = (−1)k−1 (p. 560) • (pk,qk) = 1 (p. 561) • ck − ck−1 = (−1)k−1 qkqk−1 (p. 561) • ck − ck−2 = ak(−1)k qkqk−2 (p. 561) • c0 c2 c4 ··· c5 c3 c1 (p. 562) • Finite simple continued fractions can be used to solve LDEs. (p. 563) Infinite Simple Continued Fractions • Notation [a0;a1,...,an,...] (p. 565) • The sequence of convergents {cn} approaches a unique limit. (p. 568) • An infinite simple continued fraction represents an irrational number. (p. 569) • The continued fraction representation [a0;a1,...] of an irrational number x = x0 can be found recursively: ak = xk, xk+1 = 1 xk − ak (p. 570) • Every irrational number has a unique continued fraction representation. (p. 572) X REVIEW EXERCISES Rewrite each rational number as a continued fraction. 1. 47 19 2. −1023 43
- 697. Supplementary Exercises 577 Represent each continued fraction as a rational number. 3. [5;4,3,2,1] 4. [3;1,2,1,2,1] The third and fourth convergents of the continued fraction [0;1,3,5,7,9,11] are 16/21 and 115/151, respectively. Using them, compute each convergent. 5. c5 6. c6 Using the continued fraction for the given rational number r, find the continued frac- tion for 1 r . 7. 25 18 8. 464 675 Using continued fractions, solve each LDE, if possible. 9. 43x + 23y = 33 10. 33x + 55y = 93 11. 76x + 176y = 276 12. 365x + 185y = 135 Using continued fractions, solve each Fibonacci LDE. 13. 144x + 89y = 23 14. 233x − 144y = 19 Rewrite each as an infinite simple continued fraction. 15. √ 7 16. √ 10 17. √ e 18. lg2 19. Using the continued fraction e − 1 e + 1 = [0;2,6,10,14,18,...] (Euler, 1737) compute the value of e − 1 e + 1 correct to eight decimal places. 20. Using the continued fraction e2 − 1 e2 + 1 = [0;1,3,5,7,9,...] (Euler, 1737) compute the value of e2 − 1 e2 + 1 correct to eight decimal places. 21. Let r be a rational number 1 with finite simple continued fraction [a0;a1, ...,an]. Prove that 1 r = [a1;a2,...,an]. 22. Using Cassini’s formula, prove that lim n→∞ (cn − cn−1) = 0, where cn denotes the nth convergent of the continued fraction [1;1,1,1,1,...].
- 698. 578 CHAPTER 12 Continued Fractions X SUPPLEMENTARY EXERCISES Let pk qk denote the kth convergent of the simple continued fraction [a0;a1,...,an], where a0 0 and 1 ≤ k ≤ n. Prove each. (See Exercises 21–24 in Section 12.1.) 1. pk pk−1 = [ak;ak−1,...,a1,a0] 2. qk qk−1 = [ak;ak−1,...,a2,a1] 3. qk ≥ 2k/2, where k ≥ 2. 4. Theorem 12.9. X COMPUTER EXERCISES Write a program to perform each task: 1. Express the rational numbers 3191 2191 and 9587 9439 as finite simple continued fractions. 2. Using continued fractions, compute the golden ratio correct to 50 decimal places. 3. Using continued fractions, solve the LDEs 5717x + 4799y = 3076 and 9767x + 3919y = 6677, if possible. 4. Using the continued fraction for e, compute e correct to 50 decimal places. 5. Using the continued fraction for π, compute it correct to 50 decimal places. 6. Using continued fractions, compute √ 1001 and √ 10001 correct to 50 decimal places. X ENRICHMENT READINGS 1. G. H. Hardy and E. M. Wright, An Introduction to the Theory of Numbers, 5th edition, Oxford, New York, 1995, 129–153. 2. I. Niven et al., An Introduction to the Theory of Numbers, 5th edition, Wiley, New York, 1991, 325–351. 3. C. S. Ogilvy and J. T. Anderson, Excursions in Number Theory, Dover, New York, 1988, 115–131.
- 699. 13 Miscellaneous Nonlinear Diophantine Equations And perhaps posterity will thank me for having shown it that the ancients did not know everything. — PIERRE DE FERMAT n this chapter we will deal with some important nonlinear diophantine equations Iand discover how to solve them, when possible. The most common nonlinear diophantine equations are x2 +y2 = z2, xn +yn = zn, and x2 −Ny2 = ±1. We will see how the solutions of x2 + y2 = z2 and x2 − Ny2 = ±1 are related to Pythagorean triangles. We will also explore the celebrated Fermat’s last theorem, as well as Beal’s conjecture, which is related to it. We will also see that while some positive integers can be expressed as the sum of two squares, all can be written as the sum of four squares. 13.1 Pythagorean Triangles The Pythagorean theorem is one of the most elegant and remarkable results in ele- mentary mathematics. It states that the sum of the squares of the lengths of the legs of a right triangle equals the square of the length of its hypotenuse. Its converse is also true: If the sum of the squares of the lengths of two sides of a triangle equals the square of the length of its third side, then the triangle is a right triangle. Right triangles whose sides have integral lengths are called Pythagorean triangles. This relationship was known even before Pythagoras. The Babylonian clay tablet (see Figure 13.1) in the G. A. Plympton Collection at Columbia University reveals that the Babylonians knew of the theorem more than 3500 years ago. 579
- 700. 580 CHAPTER 13 Miscellaneous Nonlinear Diophantine Equations Figure 13.1 Babylonian tablet. They described Pythagorean triangles with sides of the following lengths: 60,45,75;72,65,97;120,119,169;360,319,481; 2700,2291,3541;4800,4601,6649;6480,4961,8161 The ancient Egyptians used right angles for surveying and resurveying their lands, the boundaries of which were often destroyed by Nile floods. According to S. J. Kolpas of Glendale Community College, around 2000 B.C., they discovered the simplest and universally known 3-4-5 Pythagorean triangle. Around the same time, the ancient Indians also employed right angles. They used the 3-4-5 triangle and also found the 12-16-20, 5-12-13, and 8-15-17 triangles. The Cairo Mathematical Papyrus (ca. 300 B.C.) is an Egyptian document that when it was examined in 1962 was found to contain 40 problems, 9 of which deal with the Pythagorean relation. The ancient Greeks learned the technique of constructing the 3-4-5 triangle from the Egyptians. The Pythagoreans explored it and generalized it to all right triangles, resulting in the Pythagorean theorem. It seems clear that the seed for the Pythagorean theorem was planted centuries before Pythagoras, although he is credited with its independent discovery and its first proof about 2500 years ago. Interestingly, in modern times, six stamps featuring Pythagoras or the Pythago- rean theorem have been issued; one by Nicaragua, one by Surinam, and four by Greece. The Greek stamp in Figure 13.2 provides a geometric illustration of the 3-4- 5 Pythagorean triangle. Numerous proofs of the Pythagorean theorem exist in mathematical literature, including one by James A. Garfield (1831–1881), who constructed a proof before he became the twentieth president of the United States. The Pythagorean Proposition, by E. S. Loomis, contains 230 different proofs of the theorem.
- 701. 13.1 Pythagorean Triangles 581 Figure 13.2 A Greek stamp illustrating the Pythagorean theorem. Pythagorean Triples Let x and y denote the lengths of the legs of a right triangle and z the length of its hypotenuse. Then, by the Pythagorean theorem, x, y, and z satisfy the diophantine equation x2 + y2 = z2 (13.1) The positive integral triplet x-y-z is called a Pythagorean triple. Thus, the task of finding all Pythagorean triangles is the same as that of finding all Pythagorean triples. Clearly, 3-4-5 is a Pythagorean triple. Because (3n)2 + (4n)2 = (5n)2, it follows that 3n-4n-5n is also a Pythagorean triple for every positive integer n. Thus, there are infinitely many Pythagorean triples. For the curious-minded, there is a Pythagorean triplet that contains the beastly number: 2162 + 6302 = 6662; it can also be written as (6 · 6 · 6)2 + (666 − 6 · 6)2 = 6662, as observed by M. Keith in 2002. Pythagorean Triples and Fibonacci Numbers We can digress briefly to discuss how Fibonacci numbers can be used to construct Pythagorean triples. To this end, consider four consecutive Fibonacci numbers Fn, Fn+1, Fn+2, and Fn+3. Let x = FnFn+3, y = 2Fn+1Fn+2, and z = F2 n+1 + F2 n+2. Then x2 + y2 = z2 (see Exercise 4), so x-y-z is a Pythagorean triple. For example, let n = 4. Then x = 3·13 = 39, y = 2·5·8 = 80, and z = 52 +82 = 89. Since 392 + 802 = 892, 39-80-89 is a Pythagorean triple. Two Ancient Methods Since m2 + [(m2 − 1)/2]2 = [(m2 + 1)/2]2, where m is odd, this formula yields Pythagorean triples. The Pythagoreans are credited with its discovery.
- 702. 582 CHAPTER 13 Miscellaneous Nonlinear Diophantine Equations A similar formula was discovered by the Greek philosopher Plato (ca. 427–347 B.C.): (2m)2 + (m2 − 1)2 = (m2 + 1)2 where m is any integer. This formula also yields infinitely many Pythagorean triples. Unfortunately, neither of these two formulas yields all Pythagorean triples, so our task is to find them all, just as Euclid did in his Elements. To this end, we begin with a definition. Primitive Pythagorean Triples A Pythagorean triple x-y-z is primitive if (x,y,z) = 1. For example, the Pythagorean triples 3-4-5 and 120-119-169 are primitive, whereas 6-8-10 and 60-45-75 are not. In 1934, M. Willey of Mississippi and E. C. Kennedy of the University of Texas developed a delightful scheme for constructing mechanically any number of primi- tive Pythagorean triples, which manifest an intriguing pattern. The scheme appeared as a solution to a problem proposed in 1933 by Kennedy. Table 13.1 shows the scheme. Study the pattern, and add a few more lines to the pattern. See Exercises 5 and 6. x y z 21 220 221 201 20200 20201 2001 2002000 2002001 20001 200020000 200020001 200001 2000020000 20000200001 Table 13.1 In our search for all Pythagorean triples, we first make an important observation. Let x-y-z be an arbitrary Pythagorean triple, where (x,y,z) = d. Then x = du, y = dv, and z = dw, where (u,v,w) = 1. Since u2 + v2 = w2, u-v-w is also a Pythagorean triple. Thus, every Pythagorean triple is a multiple of a primitive Pythagorean triple. In order to develop a formula that produces all primitive Pythagorean triples, we need to develop a series of lemmas. LEMMA 13.1 If x-y-z is a primitive Pythagorean triple, then (x,y) = (y,z) = (z,x) = 1. PROOF Let x-y-z be a primitive Pythagorean triple and (x,y) = d 1. Let p be a prime factor of d. Then p|x and p|y. Since x2 + y2 = z2, this implies p|z2 and hence p|z.
- 703. 13.1 Pythagorean Triangles 583 Consequently, x-y-z is not a primitive Pythagorean triple, which is a contradiction. Thus, (x,y) = 1. Similarly, (y,z) = 1 = (z,x). The following lemma establishes that in a primitive Pythagorean triple x-y-z, exactly one of the numbers x and y is even; in other words, x and y have opposite parity. LEMMA 13.2 If x-y-z is a primitive Pythagorean triple, then x and y have different parity. PROOF Suppose both x and y are even. Then (x,y) ≥ 2. This violates Lemma 13.1, so both cannot be even. Suppose both x and y are odd. Then x2 ≡ 1 ≡ y2 (mod 4), so z2 = x2 + y2 ≡ 2 (mod 4). Since this is also impossible (this can be shown using the technique in Example 4.7), both cannot be odd, either. Thus, exactly one of the integers x and y is even. For example, 5-12-13 is a primitive Pythagorean triple, where 5 is odd and 12 is even; and 120-119-169 is a primitive Pythagorean triple, where 120 is even and 119 is odd. This lemma has an immediate byproduct. Its proof can be completed as an exer- cise. COROLLARY 13.1 If x-y-z is a primitive Pythagorean triple, where x is even, then y and z are odd. We need one other lemma in order to find a formula for primitive Pythagorean triples. The following lemma, an application of the Fundamental Theorem of Arith- metic, proves that if the product of two relatively prime integers is a square, then both integers must be squares. LEMMA 13.3 Let r and s be relatively prime integers such that rs is a square, then both r and s are also squares. PROOF Let r = pe1 1 pe2 2 ···p ek k and s = q f1 1 q f2 2 ···q fl l be the canonical decompositions of r and s, respectively. Since (r,s) = 1, the decompositions have no common prime factors; that is, pi = qj for every i and j. Then, by the Fundamental Theorem of Arithmetic, pe1 1 pe2 2 ···p ek k q f1 1 q f2 2 ···q fl l is the prime-power decomposition of rs. Since rs is a square, it follows that each ei and fj must be even. Thus, both r and s are squares.
- 704. 584 CHAPTER 13 Miscellaneous Nonlinear Diophantine Equations For example, 15,876 = 22 · 34 · 72 and 75,625 = 54 · 112 are relatively prime; their product 15,876 · 75,625 = (2 · 32 · 7 · 52 · 11)2 is a square; and so are 15,876 = (2 · 32 · 7)2 and 75,625 = (52 · 11)2. We are now ready to establish our main result, but we split its proof into two lemmas for the sake of brevity. Lemma 13.4 delineates the conditions all primitive Pythagorean triples must satisfy. LEMMA 13.4 Let x-y-z be a primitive Pythagorean triple. Then there are relatively prime integers m and n with different parity such that x = 2mn, y = m2 −n2, and z = m2 +n2, where m n. PROOF By Lemma 13.2, exactly one of the integers x and y is even. Without loss of general- ity, we assume that x is even; so both y and z are odd, by Corollary 13.1. Then z+y and z−y are even, so z+y = 2u and z−y = 2v for some integers u and v. Therefore, x2 = z2 − y2 = (z + y)(z − y) = (2u)(2v) = 4uv and hence (x/2)2 = uv. We now claim that (u,v) = 1. To see this, let d = (u,v) 1. Then d|u and d|v; that is, d|(z + y) and d|(z − y). So d|y and d|z, by Theorem 2.4. But this contradicts Lemma 13.1. Therefore, (u,v) = 1. Since uv is a square, by Lemma 13.3, both u and v are squares. Thus, there are positive integers m and n such that u = m2 and v = n2. Then x2 = 4uv = 4m2n2, so x = 2mn; y = u − v = m2 − n2; and z = u + v = m2 + n2. Since y 0, m n. Next we show that (m,n) = 1. To this end, let d = (m,n). Then d|m and d|n, so d|u and d|v, and hence d|(u,v) = 1. Thus, d = (m,n) = 1. It remains to show that m and n have different parity. If both m and n are even, then both u and v would be even. This is impossible, since (u,v) = 1. If both m and n are odd, then y = m2 − n2 and z = m2 + n2 would be even. This is again a contradiction, since (y,z) = 1. Thus, every primitive Pythagorean triple must satisfy the given conditions. The integers m and n in this lemma are called the generators of the primitive Pythagorean triple x-y-z. For example, consider the primitive Pythagorean triple 120-119-169. In this case x = 120 = 2·12·5, y = 119 = 122 −52, and z = 122 +52, where 12 5; (12,5) = 1; and 12 and 5 have opposite parity. The integers 12 and 5 are the generators of this primitive Pythagorean triple. The following lemma establishes the converse of this lemma. LEMMA 13.5 Let x = 2mn, y = m2 − n2, and z = m2 + n2, where m and n are relatively prime with different parity, and m n. Then x-y-z is a primitive Pythagorean triple.
- 705. 13.1 Pythagorean Triangles 585 PROOF Since x2 + y2 = (2mn)2 + (m2 − n2 )2 = 4m2 n2 + (m4 + n4 − 2m2 n2 ) = (m4 + n4 + 2m2 n2 ) = (m2 + n2 )2 = z2 x-y-z is a Pythagorean triple. So it remains to demonstrate that x-y-z is primitive. To confirm this, suppose that (x,y,z) 1. Let p be a prime factor of (x,y,z). Then p|y and p|z. Since m and n have different parity, both y and z are odd. So p = 2. Since p|y and p|z, it follows that p|2m2 and p|2n2; but p = 2, so p|m2 and p|n2. Hence p|m and p|n, so (m,n) 1. Since this is a contradiction, it follows that (x,y,z) = 1. Thus, x-y-z is a primitive Pythagorean triple. This lemma provides an algorithm for constructing a primitive Pythagorean triple, as the following example shows. EXAMPLE 13.1 Let m = 9 and n = 4. Clearly, m n; (m,n) = 1; and m and n have opposite parity. Therefore, by Lemma 13.5, x-y-z is a primitive Pythagorean triple, where x = 2 · 9 · 4 = 72, y = 92 − 42 = 65, and z = 92 + 42 = 97. Combining Lemmas 13.4 and 13.5, we get the following elegant characterization of primitive Pythagorean triples. THEOREM 13.1 Let x,y, and z be positive integers, where x is even. Then x-y-z is a primitive Pythagorean triple if and only if there are relatively prime integers m and n with different parity such that x = 2mn, y = m2 − n2, and z = m2 + n2, where m n. Table 13.2 lists all primitive Pythagorean triples with m ≤ 10. This table reveals some interesting patterns among the primitive Pythagorean triples x-y-z: • Either x or y is divisible by 3. • Exactly one of the numbers x, y, and z is divisible by 5. • The number x is divisible by 4. • The product of the lengths of the legs of a Pythagorean triangle is divisible by 12. • The product of the lengths of the sides of a Pythagorean triangle is divisible by 60.
- 706. 586 CHAPTER 13 Miscellaneous Nonlinear Diophantine Equations Table 13.2 Pythagorean triples with m ≤ 10. We can establish these results with little or no difficulty. See Exercises 15–19. Next, we present certain Pythagorean triangles with special properties. Intriguing Pythagorean Triangles A close examination of Table 13.2 shows that the lengths of the legs of a prim- itive Pythagorean triangle can be consecutive integers. The triangles 3-4-5 and 20-21-29 are two such triangles. Such primitive Pythagorean triples x-y-z can be employed to construct a family of infinitely many primitive Pythagorean triples. See Exercise 30. The table also shows that the lengths of the sides of a Pythagorean triangle can be squares. See the circled numbers in the table. Table 13.3 lists the lengths x, y, and z of the sides of four Pythagorean triangles, where z is a square, and Table 13.4 lists the lengths of the sides of four Pythagorean triangles, where x or y is a square.
- 707. 13.1 Pythagorean Triangles 587 Table 13.3 Pythagorean triangles with z a square. Table 13.4 Pythagorean triangles with x or y a square. Pythagorean Triangles with the Same Perimeter Pythagorean triangles with the same perimeter do exist. They are rare and not easy to find, if primitive Pythagorean triples are used. Three such triangles are 7080- 119-7081, 5032-3255-5993, and 168-7055-7057, generated by m = 60 and n = 59; m = 68 and n = 37; and m = 84 and n = 1, respectively. Their common perimeter is 14,280. Notice that the Pythagorean triangles 48-20-52, 24-45-51, and 40-30-50 share a smaller common perimeter, namely, 120. Pythagorean Triangles with the Same Area Do Pythagorean triangles with the same area exist? A close investigation of Ta- ble 13.2 reveals a pleasant surprise. It contains two such triangles, 20-21-29 and 12-35-37, with the same area, 210. Pythagorean triangles with equal areas were studied by Diophantus, Fermat, and the English logician Lewis Carroll. A note in Carroll’s diary, dated December 19, 1897, reads as follows: “Sat up last night till 4 A.M. [sic] over a tempting problem sent me from New York: to find three equal rational sided right triangles. I found two whose sides are 20, 21, 29 and 12, 35, 37 but could not find three.” The smallest area common to three primitive Pythagorean triangles is 13, 123, 110. Their sides are generated by 77, 38; 138, 5; and 78, 55. See Exercise 28.
- 708. 588 CHAPTER 13 Miscellaneous Nonlinear Diophantine Equations Lewis Carroll (1832–1898), the son of a clergyman, was born in Daresbury, Eng- land. He graduated from Christ College, Oxford University, in 1854. He began teaching mathematics at his alma mater in 1855, where he spent most of his life. He became a deacon in the Church of England in 1861. Carroll’s famous books, Alice in Wonderland and its sequel, Through the Looking- Glass and What Alice Found There, have provided a lot of pleasure to both children and adults all over the world. Alice in Wonderland is available in more than 30 lan- guages, including Arabic and Chinese, and also in Braille. The character is named for Alice Liddell, a daughter of the dean of Christ Church. Pythagorean Triangles with the Same Numerical Area and Perimeter Interestingly, Pythagorean triangles with the same numerical areas and perimeters do exist. For example, let x-y-z = 12-5-13. Then x + y + z = 30 = 12 · 5 2 = 1 2 xy. To check if there are any others, we have x2 + y2 = z2 and x + y + z = xy 2 . Eliminating z between the two equations, we get x(y − 4) = 8 + 4(y − 4) x = 4 + 8 y − 4 This implies that (y − 4)|8; so y − 4 = 1,2,4, or 8; that is, y = 5,6,8,12. Corre- spondingly, x = 12,8,6,5. They yield two distinct Pythagorean triangles: 12-5-13 and 8-6-10. Palindromic Pythagorean Triples The Pythagorean triple 3-4-5 has the interesting property that each component is a palindrome. Such a triple is a palindromic Pythagorean triple. For example, 33- 44-55 and 303-404-505 are both palindromic Pythagorean triples; the latter was dis- covered in 1997 by Patrick DeGeest of Belgium. There is a systematic way of constructing an infinite number of such triples from the 3-4-5 triple. To see this, let s be a finite binary word beginning with a 1. Let sR denote the word obtained by reversing order of the digits in s. Then their concate- nation t = ssR is palindromic, and so are the numbers 3t, 4t, and 5t. Consequently, 3t-4t-5t is also a palindromic Pythagorean triple.
- 709. 13.1 Pythagorean Triangles 589 E X E R C I S E S 13.1 1. Rewrite symbolically the statement that the integers m and n have different parity. 2. Let x-y-z be a primitive Pythagorean triple, where x is even. Prove that y and z are odd. 3. Show that 3-4-5 is the only primitive Pythagorean triple consisting of consecutive integers. 4. Let Fn denote the nth Fibonacci number, where n ≥ 1. Show that (FnFn+3)2 + (2Fn+1Fn+2)2 = (F2 n+1 + F2 n+2)2 5. Add the next two lines to Table 13.1. 6. Study the following primitive Pythagorean triples pattern. Add the next two lines. 412 + 8402 = 8412 4012 + 804002 = 804012 40012 + 80040002 = 80040012 400012 + 8000400002 = 8000400012 . . . Find all primitive Pythagorean triples with the given value of m. 7. 11 8. 12 Study the following pattern of Pythagorean triples: 32 + 42 = 52 52 + 122 = 132 72 + 242 = 252 92 + 402 = 412 112 + 602 = 612 . . . 9. Add the next two lines. 10. Predict a formula for the nth line, where n ≥ 1. 11. Establish the formula in Exercise 9. 12–14. Redo Exercises 9–11 with the following pattern of Pythagorean triples. 82 + 152 = 172 122 + 352 = 372 162 + 632 = 652 202 + 992 = 1012 . . . Let x-y-z be a primitive Pythagorean triple. Prove each. 15. Either x or y is divisible by 3. 16. Exactly one of the numbers x, y, or z is divisible by 5. 17. At least one of the numbers x, y, or z is divisible by 4. 18. The product of the lengths of the legs of a Pythag- orean triangle is divisible by 12. 19. The product of the lengths of the sides of a Pythag- orean triangle is divisible by 60. 20. Let x-y-z be a primitive Pythagorean triple such that z = x + 1. Prove that x = 2n(n + 1), y = 2n + 1, and z = 2n(n + 1) + 1, where n ≥ 1. (This formula characterizes the primitive Pythagorean triples with z = x + 1.) (Hint: Consider z − x in the proof of Lemma 13.4.) 21. Let x-y-z be a primitive Pythagorean triple touch that z = x + 2. Prove that x = 2m, y = m2 − 1, and z = m2 + 1, where m ≥ 2. Consider a Pythagorean triangle with sides x = 2mn, y = m2 − n2, and z = m2 + n2, where x-y-z is a primitive Pythagorean triple. 22. Compute its perimeter. 23. Compute its area. 24. Compute its area if the hypotenuse is longer than the even leg by one. 25. Is it possible for the triangle to have its hypotenuse longer than its odd side by one? Justify your answer. 26. Compute the perimeter of an arbitrary Pythagorean triangle. 27. Compute the area of an arbitrary Pythagorean trian- gle. 28. Verify that the primitive Pythagorean triangles gener- ated by 77, 38; 138, 5; and 78, 55 enclose the same area. (C. L. Shedd, 1945) 29. In 1943, W. P. Whitlock, Jr., studied the areas of over 1300 primitive Pythagorean triangles and made an in- teresting observation: The areas of only two of them
- 710. 590 CHAPTER 13 Miscellaneous Nonlinear Diophantine Equations could be expressed using a single digit; they are the 3-4-5 and 1924-693-2045 triangles. Compute the area of the primitive Pythagorean triangle 1924-693-2045. (Watch for the beastly number.) 30. Let ak be a positive integer defined by ak = 2ak−1 + ak−2, where a1 = 1, a2 = 2, and k ≥ 3. Prove that m = ak, n = ak−1 generate a primitive Pythagorean triangle whose legs differ by unity. (W. P. Whitlock, Jr., 1943) 31. Let xn-yn-zn be a primitive Pythagorean triple, where yn = xn + 1. Prove that xn+1-yn+1-zn+1 is also a primitive Pythagorean triple, where ⎡ ⎢ ⎣ xn+1 yn+1 zn+1 ⎤ ⎥ ⎦ = ⎡ ⎢ ⎣ 3 2 1 3 2 2 4 3 2 ⎤ ⎥ ⎦ ⎡ ⎢ ⎣ xn zn 1 ⎤ ⎥ ⎦, n ≥ 1 (This yields a recursive algorithm for computing an infinite family of primitive Pythagorean triples.) 32. Show that x = (m2 − pn2)/p,y = mn, and z = (m2 + pn2)/p is a solution of the diophantine equation x2 + py2 = z2. Consider the diophantine equation 1/x2 + 1/y2 = 1/z2. 33. Find the smallest solution. (A. Dunn, 1980) 34. Find the general solution. (A. Dunn, 1980) 13.2 Fermat’s Last Theorem In the preceding section, we established that there are infinitely many solutions of the diophantine equation x2 + y2 = z2, where x, y, and z are positive integers. Now we can ask if the equation x3 + y3 = z3 is solvable with positive integers. Or is x4 + y4 = z4? More generally, is the diophantine equation xn + yn = zn (13.2) solvable with positive integers only, where n ≥ 3? Fermat’s Conjecture Fermat, around the year 1637, conjectured that Fermat’s equation (13.2) has no pos- itive integral solutions when n ≥ 3. Unfortunately, he did not confirm the claim with a proof, which he had done on several occasions. In fact, in one of his many marginal notes in his copy of Claude Bachet de Méziriac’s (1581–1638) Latin translation of Diophantus’ Arithmetica, Fermat comments that he has “discovered a truly wonder- ful proof of this, but the margin is too small to contain it.” Whether he indeed had a proof, or whether he, realizing its complexity, wrote the comment to challenge fu- ture mathematicians, we may never know. “Fermat’s reputation for veracity should be strong evidence for believing he had a proof. Only once he has been found incor- rect,” writes Beiler in his delightful book, Recreations in the Theory of Numbers. He
- 711. 13.2 Fermat’s Last Theorem 591 adds, “Posterity has wished many times that the margin of Bachet’s Diophantus had been wider or Fermat less secretive” about his techniques. Although no proof of Fermat’s conjecture existed for over three centuries, the conjecture came to be known as Fermat’s Last Theorem for two reasons: First, the name distinguishes it from Fermat’s Little Theorem; and second, this was the last of his conjectures that was neither proved nor disproved. In 1823 and then in 1850, the Academy of Science in Paris offered a prize for a correct proof. Unfortunately, this produced a wave of thousands of mathematical misadventures. A third prize was offered in 1883 by the Academy of Brussels. When Gauss was told of the Paris Prize, he claimed that “Fermat’s theorem as an isolated proposition has very little interest for me, because I could easily lay down a multitude of such proportions, which could neither prove nor dispose of.” When the German mathematician David Hilbert (1862–1943) was asked, he said, “Before beginning I should have to put in three years of intensive study, and I haven’t that much time to squander on a probable failure.” In 1908, the German physician and amateur mathematician F. Paul Wolfskehl bequeathed 100,000 marks to the Göttingen Academy of Sciences to be offered as a prize for a complete proof of Fermat’s Last Theorem. As a result, from 1908–1911, a flood of over 1000 incorrect proofs were presented. According to mathematical historian Howard Eves, “Fermat’s Last Theorem has the peculiar distinction of being the mathematical problem for which the greatest number of incorrect proofs have been published.” In 1770, Euler provided the first proof of Fermat’s Last Theorem for the case n = 3, but his proof contained a few gaps. It was later perfected by Legendre. Fermat himself gave a proof for the case n = 4, employing the method of infinite descent, which we shall demonstrate shortly. Around 1825, Dirichlet and Legendre, capitaliz- ing on Fermat’s technique of infinite descent, independently confirmed the conjecture for n = 5. About fourteen years later, Lamé established the conjecture for n = 7. Since the proof for n = 3 is complicated, we will omit it. We can instead go directly to the case n = 4 and establish the validity of the theorem as a corollary to the following stronger theorem. Its proof, employing Theorem 13.1, illustrates Fermat’s technique of infinite descent, which is really rooted in the well-ordering principle. The essence of this method lies in constructing a solution “smaller” than a given positive integral solution. THEOREM 13.2 (Fermat) The diophantine equation x4 + y4 = z2 has no positive integral solutions. PROOF Let a-b-c be a solution of the equation, so a4 + b4 = c2. Let (a,b) = d. Then a = dα and b = dβ for some positive integers α and β, where (α,β) = 1. This implies (dα)4 +(dβ)4 = c2, so d4|c2 and hence d2|c. Therefore, c = d2γ for some integer γ .
- 712. 592 CHAPTER 13 Miscellaneous Nonlinear Diophantine Equations Thus, d4(α4 + β4) = d4γ 2, that is, α4 + β4 = γ 2. In other words, α-β-γ is also a solution, where (α,β) = 1. Thus, we can assume that (a,b) = 1. Since z is a positive integer, we also assume that a-b-c is a solution such that the value of c is the least among such solutions x-y-z of the given diophantine equation. The equation a4 + b4 = c2 can be rewritten as (a2)2 + (b2)2 = c2, so a2-b2-c is a Pythagorean triple. Since (a,b) = 1, it follows by Exercise 72 in Section 3.1 that (a2,b2) = 1. Thus, a2-b2-c is in fact a primitive Pythagorean triple. Therefore, by Theorem 13.1, there are positive integers m and n such that a2 = 2mn, b2 = m2 − n2, and c = m2 + n2, where (m,n) = 1, m ≡ n (mod 2), and m n and b is odd. Because m ≡ n (mod 2), exactly one of them is even. To identify it, suppose n is odd, so m is even. Then 1 ≡ b2 ≡ 0 − 1 ≡ 3 (mod 4), which is a contradiction. Therefore, n is even (and hence m is odd). Let n = 2q. Then a2 = 4mq, so (a/2)2 = mq. (Remember, a is even.) Since (m,n) = 1, it follows that (m,q) = 1. Therefore, by Lemma 13.3, both m and q are squares. Let m = t2 and q = u2. Because n2 + b2 = m2, n-b-m is a Pythagorean triple. Furthermore, (n,b) = 1, so n-b-m is a primitive Pythagorean triple. Therefore, since n is even, again by The- orem 13.1, there are positive integers v and w such that n = 2vw, b = v2 − w2, and m = v2 + w2, where v w, (v,w) = 1, and v ≡ w (mod 2). Then vw = n/2 = q = u2. Because (v,w) = 1, it follows, again by Lemma 13.3, that v = r2 and w = s2 for some positive integers r and s. Substituting for v, w, and m in the equation v2 + w2 = m, we get r4 + s4 = t2. This shows that r-s-t is also a solution of the equation x4 + y4 = z2, where 0 t ≤ t2 = m ≤ m2 m2 + n2 = c Thus, we have systematically constructed a solution r-s-t of the given equation, where 0 t c. This is a contradiction, since we assumed that the solution a-b-c has the least value of z. Hence, our assumption that the equation x4 + y4 = z2 has positive integral solutions is invalid. This concludes the proof. As a byproduct, this theorem establishes Fermat’s conjecture for n = 4, as the following corollary shows. COROLLARY 13.2 The diophantine equation x4 + y4 = z4 has no positive integral solutions. PROOF Let a-b-c be a solution of the equation. Then a4 + b4 = (c2)2, showing that a-b-c2 is a solution of the equation x4 + y4 = z2. Since this contradicts Theorem 13.2, the result follows.
- 713. 13.2 Fermat’s Last Theorem 593 This corollary yields the following intriguing result. COROLLARY 13.3 The lengths of the sides of a Pythagorean triangle cannot all be squares. PROOF Let x and y denote the lengths of the legs of a Pythagorean triangle and z the length of its hypotenuse. Suppose x, y, and z are squares, say, x = u2, y = v2, and z = w2. Then u4 + v4 = w4, which is impossible by Corollary 13.2. Thus, the lengths cannot all be squares. The Rest of the Story Corollary 13.2 plays an important role in establishing Fermat’s Last Theorem for any exponent n ≥ 3. It tells us that we need only concentrate on exponents that are odd primes. We can see this as follows: By the Fundamental Theorem of Arithmetic, n is either a power of 2 or is divisible by an odd prime. If n is a power of 2, then n = 4m, where m ≥ 1. Then the equation xn + yn = zn becomes (xm)4 + (ym)4 = (zm)4. This implies xm-ym-zm is a solution of x4 + y4 = z4, which is a contradiction. Thus, if n is a power of 2, equation (13.2) has no positive integral solutions. On the other hand, let n = mp. Then equation (13.2) becomes (xm)p + (ym)p = (zm)p. So if we can show that the equation xp + yp = zp is not solvable, it will imply that equation (13.2) is not solvable when n = mp. Thus, Fermat’s Last Theorem can be established if we can show that the equa- tion xp + yp = zp is not solvable for any odd prime, as Euler, Dirichlet and Legendre, and Lamé showed for p = 3,5, and 7, respectively. For over 350 years, numerous tenacious mathematicians, in addition to these great ones, worked diligently to de- molish what Beiler, in his book, calls “the stone wall” of Fermat’s Last Theorem, “chipping off a piece of granite here and another there.” The German mathematician Ernst E. Kummer played a pivotal role in the de- velopment of a proof. In 1843, he submitted a purported proof to Dirichlet, who im- mediately found a flaw in his reasoning. Kummer returned to his search with added determination, developing a new class of numbers called algebraic numbers, and a new branch of modern algebra called the theory of ideals. Kummer succeeded in proving Fermat’s Last Theorem for a large family of primes. In fact, all subsequent pursuits of a valid proof were based on Kummer’s work. In 1983, the German-born mathematician Gerd Faltings of Princeton University proved that the number of solutions of Fermat’s equation is finite for n ≥ 3, a re- sult conjectured many years earlier by Louis Mordell. In 1988, the Japanese mathe- matician Yoichi Miyaoka claimed that he had a proof. Unfortunately, the stone wall remained insurmountable.
- 714. 594 CHAPTER 13 Miscellaneous Nonlinear Diophantine Equations Ernst Eduard Kummer (1810–1893) was born at Sorau, Germany (now Zary, Poland). After his early education at the Gymnasium in Sorau, he entered the University of Halle in 1828 to study theology, but soon gave it up to pur- sue mathematics. After receiving his doctorate in 1831, Kummer taught at the Gymnasium in Sorau for a year and then at the Gymnasium at Liegnitz (now Legnica, Poland) for 10 years. In 1842, Kummer was appointed professor of mathematics at the Univer- sity of Breslau (now Wroclaw, Poland), where he remained until 1855. When Dirichlet left the University of Berlin in 1855 to succeed Gauss at Göttingen, Kummer was appointed professor at Berlin. In his quest for a proof of Fermat’s Last Theorem, Kummer created the so-called algebraic numbers. His proof failed, since he assumed the funda- mental theorem of arithmetic for such numbers, which he later restored by de- veloping the theory of ideals. For this, Kummer was awarded the grand prize of the Paris Academy of Sciences in 1857, although he had not competed. He made significant contributions to the study of hypergeometric series and geometry. A creative pioneer of nineteenth-century mathematics, Kummer died at Berlin after a productive career and quiet retirement. The Stone Wall Crumbles and Wiles Meets Fermat Finally, in June 1993, the stone wall started to crumble. The English mathematician Andrew Wiles of Princeton University announced at a number theory conference at Cambridge University, England, that he had solved Fermat’s Last Theorem using elliptic functions and modular forms. The news was taken so seriously that it made the front page of The New York News (see Figure 13.3) and was covered by Time and Newsweek, and the NBC Nightly News. The discovery caused Wiles to be named one of “the 25 most important people of the year” in People magazine. Five months later, a flaw was detected (see Figure 13.4), which was corrected in October 1994. The corrected version has withstood intense scrutiny by experts. Although the German prize offered in 1908 had lost most of its cash value due to inflation, Wiles still collected $50,000 in 1997 for his singular achievement. Wiles’ discovery was so outstanding that in 1997 the British Broadcasting Com- pany (BBC) produced The Proof, an inspiring and delightful television documentary shown also in the United States on PBS. I