Lecture 10 - Consequences of flt

# Summary

We started today by finishing off the proof of Fermat's Little Theorem, then proceeded to use this theorem to give various properties which make life modulo p nice. In particular, we saw a test which can be used to prove a number is composite without actually factoring the number! We also saw that there are certain composite numbers which behave much like prime numbers do.

# The Proof of flt

To prove flt, last class period we picked up a number a satisfying $(a,p) = 1$, then explained why the sets

(1)
\begin{align} \begin{split} \{1,2,\cdots,p-1\}\\ \{a,2a,\cdots,(p-1)a\} \end{split} \end{align}

are the same modulo p. This came in two parts: first showing the second set consisted of distinct elements mod p, and then showing that the elements of the second set were all relatively prime to p. You can go back to the notes from last class to see how we proved these results.

With this equality of sets (modulo p) established, we now notice that the products of all elements in both sets must be the same

(2)
\begin{align} 1\cdot 2 \cdot \cdots \cdot (p-1) \equiv a \cdot 2a \cdot \cdots \cdot (p-1)a \mod{p}. \end{align}

Now the left-hand side is just $(p-1)! \equiv -1 \mod{p}$ (using Wilson's Theorem), whereas the right hand side is just [{$a^{p-1}(p-1)! \equiv -a^{p-1} \mod{p}$]]. Hence we get

(3)
\begin{align} -1 \equiv -a^{p-1} \mod{p} \end{align}

or, equivalently, $a^{p-1} \equiv 1 \mod{p}$. $\square$

# Some Useful Corollaries

There are several nice things that can be taken away from flt. The first is an extension of flt to all bases, not just those relatively prime to p.

Corollary: If p is prime, then for any integer a we have $a^p \equiv a \mod{p}$.

Proof: Let a be an integer. If $(a,p) = 1$ then flt says that $a^{p-1} \equiv 1 \mod{p}$. Multiplying this equation on both sides by a, we have $a^p \equiv a \mod{p}$.

If, on the other hand, we have $(a,p) \neq 1$, then we must have $p \mid a$ (note: we need p to be prime in order to make this conclusion. Why?). Therefore we get $a \equiv 0 \mod{p}$. But since a and 0 are congruent mod p, we must then have $a^p \equiv 0^p \equiv 0 \mod{p}$ as well. Hence in this case, we again have $a^p \equiv a \mod{p}$.
$\square$

Another useful application let's us compute large exponentials very easily

Corollary: If p is prime and $p \nmid a$, and if $b \equiv c \mod{p-1}$, then $a^b \equiv a^c \mod{p}$.

Proof: To see that this is true, notice that $b \equiv c \mod{p-1}$ means there is some $k \in \mathbb{Z}$ so that $b = c + (p-1)k$. Hence we have

(4)
\begin{align} a^b \equiv a^{c+(p-1)k} \equiv a^c \left(a^{p-1})^{k} \equiv a^c \cdot 1^k \equiv a^c \mod{p}. \end{align}

$\square$

#### Example: Reducing Exponents

Suppose someone asked you to compute $1376427^{1376427} \mod{11}$. We start by reducing the base modulo 11, which is easy to do because we have the "alternating sum" trick:

(5)
\begin{align} 1376427 \equiv 7 - 2 + 4 - 6 + 7 - 3 + 1 \equiv 8 \mod{11}. \end{align}

Hence

(6)
\begin{align} 1376427^{1376427} \equiv 8^{1376427} \mod{11}. \end{align}

This is certainly easier to compute, but the exponent we're dealing with is ridiculously huge. To improve this situation, the previous corollary let's us instead replace the exponent with any number congruence to 1376427 mod 10 (note: we need that $(8,11) = 1$ if we want to use this exponent-reduction trick). We'll choose 7, since that's easiest.

(7)
\begin{align} 8^{1376427} \equiv 8^7 \mod{11}. \end{align}

Now to compute this last number, I just calculate successive squares of 8. In fact, to make life easier I'll compute successive squares of -3, since $-3 \equiv 8 \mod{11}$:

(8)
\begin{split} (-3)^2 &\equiv 9 \equiv -2 \mod{11}\\ (-3)^4 &\equiv (-2)^2 \equiv 4 \mod{11}. \end{split}

Hence we have

(9)
\begin{align} 8^7 \equiv (-3)^7 \equiv (-3)^4(-3)^2(-3) \equiv 4 \cdot -2 \cdot (-3) \equiv 2 \mod{11} \end{align}

$\square$

There is also a corollary to this result that can help us in proving that a number is composite. Amazingly, we can do this without factoring the number at all! This is incredibly sweet.

Corollary: If there exists an integer a so that $a^n \not\equiv a \mod{n}$, then n is not prime.

Proof:

This is just the contrapositive of our first corollary. $\square$

#### Example: Proving composite-ness without factoring

We'll compute $2^{90} \mod{91}$. To do this, we'll use successive squaring:

(10)
\begin{align} \begin{split} 2^2 &\equiv 4 \mod{91}\\ 2^4 &\equiv 4^2 \equiv 16 \mod{91}\\ 2^8 &\equiv 16^2 \equiv 256 \mod{91} \equiv 74 \mod{91}\\ 2^{16} &\equiv 74^2 \equiv (-17)^2 \equiv 289 \equiv 16 \mod{91}\\ 2^{32} &\equiv 16^2 \equiv 74 \mod{91}\\ 2^{64} &\equiv 74^2 \equiv 16 \mod{91}. \end{split} \end{align}

Hence we have

(11)
\begin{align} 2^{90} \equiv 2^{64+16+8+2} \equiv 16 \cdot 16 \cdot 74 \cdot 4 \equiv 74 \cdot 74 \cdot 4 \equiv 16 \cdot 4 \equiv 64 \mod{91}. \end{align}

After all this math, it's now easy to see that $2^{91} \equiv 64 \cdot 2 \not\equiv 2 \mod{91}$. With $a = 2$ and $n = 91$ in the previous corollary, this tells us that 91 isn't prime. $\square$

# Fake Primes

You should be careful not to think that this last corollary is a perfect test for primality, as there are numbers composite numbers n which satisfy

(12)
\begin{align} a^n \equiv a \mod{n} \quad \quad \mbox{ for all integers }a. \end{align}

Since this congruence is a property that primes have, we think of composites which share this property as "behaving like prime numbers." In that sense, these composite numbers are fake prime numbers; even though they walk like primes and talk like primes, they aren't actually prime.

There are degrees to which a composite number can fake being a prime. For instance, we have the following

Definition: A composite number is called a psuedoprime if $2^n \equiv 2 \mod{n}$.

These kinds of fake primes satisfy an flt-like congruence when the base is 2, so they are "somewhat fake" primes.

#### Example: 645 is psuedoprime

We'll show that $645 = 3\cdot 5 \cdot 43$ is a pseudoprime. To do this, we need to show that $2^{645} \equiv 2 \mod{645}$. Now we could do this using successive squaring, but since we know the factorization of 645 we could instead verify that the following congruences all hold

(13)
\begin{align} \begin{split} 2^{645} &\equiv 2 \mod{3}\\ 2^{645} &\equiv 2 \mod{5}\\ 2^{645} &\equiv 2 \mod{43}. \end{split} \end{align}

Why is this the same thing as checking $2^{645} \equiv 2 \mod{645}$, you ask? Our good old friend the CRT.

Ok, let's check these congruences. First, we know that $2^{2} \equiv 1 \mod{3}$ using flt, and so we have

(14)
\begin{align} 2^{645} \equiv 2^{2\cdot 322 + 1} \equiv \left(2^2\right)^{322}2 \equiv 1^{322}2 \equiv 2 \mod{3}. \end{align}

Likewise we know that $2^{4} \equiv 1 \mod{5}$ by flt, and so

(15)
\begin{align} 2^{645} \equiv 2^{4\cdot 161 + 1} \equiv \left(2^4\right)^{161}2 \equiv 2 \mod{5}. \end{align}

Finally, since $2^{42} \equiv 1 \mod{43}$ by flt, we have

(16)
\begin{align} 2^{645} \equiv 2^{42\cdot 15+ 15} \equiv \left(2^{42}\right)^{15}2^{15} \equiv 2^{15} \mod{43}. \end{align}

Using successive squaring, we have

(17)
\begin{split} 2^2 &\equiv 4 \mod{43}\\ 2^4 &\equiv (4)^2 \equiv 16 \mod{43}\\ 2^8 &\equiv (16)^2 \equiv 256 \equiv 41 \equiv -2 \mod{43}. \end{split}

Hence we get

(18)
\begin{align} 2^{15} \equiv 2^{8+4+2+1} \equiv 2^8 2^42^22^1 \equiv -2 \cdot 16\cdot 4 \cdot 2 \equiv (-16)(16) \equiv 2 \mod{43}. \end{align}

Now that we know that $2^{645} \equiv 2$ modulo 3,5 and 43, the CRT says that we must have $2^{645} \equiv 2 \mod{3\cdot 5\cdot 43}$.
$\square$

There are other composite numbers which are a kind of "strong" psuedoprimes, in the sense that they satisfy the conditions of psuedoprime numbers but with 2 replaced by an arbitrary integer a.

Definition: A Carmichael number is a composite number n such that every integer a satisfies $a^{n} \equiv a \mod{n}$.

#### Example: 561 is Carmichael

In class we showed that $561 = 3\cdot 11 \cdot 17$ is Carmichael. To do this, we showed that for an arbitrary integer a with $(a,561) = 1$, the congruences

(19)
\begin{align} \begin{split} a^{561} &\equiv a \mod{3}\\ a^{561} &\equiv a \mod{11}\\ a^{561} &\equiv a \mod{17} \end{split} \end{align}

are satisfied. To do this, notice first that since $(a,561) = 1$ we must also have $(a,3) = (a,11) = (a,17) = 1$. This has to be the case since any common divisor of a with any of 3,7 of 17 would mean that a has a common divisor with 561, something we already know doesn't exist. Because a is relatively prime to all these prime numbers, then, we can apply flt in each case, as follows:

(20)
\begin{align} \begin{split} a^{561} &\equiv a^{2\cdot 280+1} \equiv a \mod{3}\\ a^{561} &\equiv a^{10\cdot 56+1} \equiv a \mod{11}\\ a^{561} &\equiv a^{16\cdot 35+1} \equiv a \mod{17}. \end{split} \end{align}

$\square$

Notice that this same technique can be used to show that a number $n = p_1\cdots p_k$ such that [{$p_i-1 \mid n-1$]] for every i is a Carmichael number.

# A Preview of Next Class

We finished the class today by asking if we could find a generalization of flt that applies to composites. More specifically, for prime numbers flt says

For every integer a with $(a,p) = 1$, the congruence $a^{p-1} \equiv 1 \mod{p}$.

We want to know whether there is a "magic exponent" e so that

For every integer a with $(a,n) = 1$, the congruence $a^{e} \equiv 1 \mod{n}$.