Lecture 8 - Multiplicative Inverses; the Chinese Remainder Theorem


We started off today by talking about a special class of linear congruence equations, namely those of the form $ax \equiv 1 \mod{m}$. These led to multiplicative inverses, which we saw were useful in solving certain congruence equations. We drove this point home when we used multiplicative inverses to prove the Chinese Remainder Theorem, a tool that is used to solve simultaneous linear congruence equations.

Multiplicative Inverses

Last time we talked about solving linear congruence equations. Let's do another example of this kind of problem.

Example: Solving the linear congruence $5x \equiv 1 \mod{67}$

Suppose we want to solve the equation $5x \equiv 1 \mod{67}$. We first check to see if solutions exist. In this case, we know that $(5,67) = 1$, and since $(5,67) = 1 \mid 1$, we know there are solutions. In fact, we know that there is exactly 1 solution mod 67. To compute it, we first need to write $(5,67)$ as a linear combination. We'll use the Euclidean Algorithm. This gives

\begin{align} \begin{split} 67 &= 13 \cdot 5 + 2\\ 5 &= 2\cdot 2 + 1\\ 2 &= 2\cdot 1 + 0 \end{split} \end{align}

Now we can use these equations to express 1 as a combination of 5 and 67:

\begin{align} 1 = 5 - 2\cdot 2 = 5 - 2 ( 67 - 13\cdot 5) = 27 \cdot 5 - 2\cdot 67. \end{align}

Taking this equation modulo 67 shows that $1 \equiv 27\cdot 5 \mod{67}$, and so 27 is the multiplicative inverse of 5 modulo 67.$\square$

This example leads to the following

Definition: A solution to the linear congruence $ax \equiv 1 \mod{m}$ is called a multiplicative inverse for a modulo m.

Example: The Inverse of 5 mod 67

The previous example can be translated to say "27 is the multiplicative inverse of 5 modulo 67."$\square$

Notice that we already have machinery that tells us when multiplicative inverses exist.

Theorem: An integer a has a multiplicative inverse modulo m if and only if $(a,m) = 1$. When a and m are relatively prime, the multiplicative inverse of a mod m is unique mod m.

Proof: Recall that $ax \equiv 1 \mod{m}$ has a solution if and only if $(a,m) \mid 1$. Of course there aren't a lot of choices for what $(a,m)$ can be if this divisibility is going to hold; in fact, $(a,m) = 1$ is the only way this divisibility can hold. Hence a and m must be relatively prime if a is going to have a multiplicative inverse mod m.

When a solution does exist, our theorem on solving linear congruences says that the number of distinct solutions modulo m is given by the gcd of a and m. We've already seen that a solution exists if and only if $(a,m) = 1$, and so in this case there is only one solution modulo m.$\square$

Solving Congruences Using Inverses

Multiplicative inverses can be quite useful in solving other linear congruences, since they allow one to solve a congruence by a simple multiplication.

Example: Solving $5x \equiv 11 \mod{67}$

Suppose we wish to solve $5x \equiv 11 \mod{67}$. We could proceed as we have before — finding a gcd, writing that gcd as a linear combination, etc. Alternatively, we can use the fact that we've already computed the multiplicative inverse of 5 as 27. To take this latter route, notice that we have

\begin{align} 5x \equiv 11 \mod{67} \quad \Longleftrightarrow 27 \cdot 5x \equiv 27\cdot 11 \mod{67}. \end{align}

(Notice: we're allowed to multiply by 27 on both sides of the expression without disturbing the solution set because $(27,67) = 1$, and you'll recall our theorem which says that $ca \equiv cb \mod{m}$ if and only if $a \equiv b \mod{\frac{m}{(c,m)}}$).

Using the fact that $27 \cdot 5 \equiv 1 \mod{67}$ by our previous example, this means that our solution is $x \equiv 27 \cdot 11 \mod{67}$. $\square$

The Chinese Remainder Theorem

We've now defined arithmetic on congruence classes mod m, and we've also managed to solve linear equations mod m. Now we're going to try to solve simultaneous linear congruences mod m.

Example: Simultaneous Congruence equations

Suppose you want to find an integer x which satisfies both of the congruences

\begin{align} \begin{split} x &\equiv 1 \mod{2}\\ x &\equiv 2 \mod{3}. \end{split} \end{align}

We don't have a really good way for doing this systematically right now, but you can try out some small numbers to see if you can find a solution. For instance, we know that we can't have $x = 1$ since this fails the second congruence; we also can't have $x = 2$ since this fails the first congruence. We can similarly rule out $x = 3$ and $x = 4$, but notice that $x = 5$ does satisfy both of these equations. A little more experimentation shows that $x = 11$ works too, and the particularly diligent student might also come across the solution $x = 17$. $\square$

This example shows us that we "experimentally" solve these simultaneous congruences, but they don't provide a very systematic (or efficient) way of computing solutions. For this, we turn to

The Chinese Remainder Theorem: If $m_1,\cdots,m_k$ are pairwise relatively prime integers, then the congruence equations $x \equiv a_i \mod{m_i}$ for each $1 \leq i \leq k$ have a unique solution modulo $\prod_{i=1}^k m_i$.

Proof: We'll break the proof into two pieces: first we'll construct a simultaneous solution to the given congruences, and then we'll show this solution is unique in the given modulus.

To start, we'll define $M = \prod_{j=1}^k m_j$, and for each $1 \leq i \leq k$ we'll write $N_i$ for $\frac{M}{m_i}$. Now since the $m_i$ are pairwise relatively prime, you showed in your homework (in the course of #43(c) in chapter 1) that $(N_i,m_i) = 1$. Hence for every i, there exists an integer $x_i$ which satisfies $N_ix_i \equiv 1 \mod{m_i}$.

With the $N_i,x_i$ so constructed, we claim that

\begin{align} x = N_1x_1a_1 + \cdots + N_kx_ka_k \end{align}

is a solution to all the congruences $x \equiv a_i \mod{m_i}$. To see this is true, fix an integer i, and we'll show that $x \equiv a_i \mod{m_i}$. Notice that for every $j \neq i$ we have $m_i \mid N_j$, since $N_j$ is the product of all the moduli except for $m_j$ — in particular, $m_i$ shows up in the product which defines N_j$]]. Hence we have

\begin{align} x = N_1x_1a_1 + \cdots + N_kx_ka_k \equiv N_ix_ia_i \mod{m_i}. \end{align}

But now recall that $N_ix_i \equiv 1 \mod{m_i}$, and so the previous equation becomes $x \equiv a_i \mod{m_i}$ as desired.

Hence we've constructed a solution. To show that all solutions are equivalent modulo $M = m_1\cdots m_k$, notice that if $x_0,x_1$ are two solutions to the congruence equations, then we have $x_0 \equiv a_i \equiv x_1 \mod{m_i}$ for every i/. It follows that $x_0 \equiv x_1 \mod{m_i}$ for every i, and so $m_i \mid x_0 - x_1$. By homework 43(c) in Chapter 1, since the $m_i$ are relatively prime we can conclude that $M = m_1\cdots m_k \mid x_0 - x_1$. $\square$

Example: CRT in Action

Suppose that we're given the simultaneous congruences

\begin{align} \begin{split} x &\equiv 3 \mod{10}\\ x &\equiv 4 \mod{7}\\ x &\equiv 2 \mod{9}. \end{split} \end{align}

Our proof of the CRT says that we need to start by computing $N_1,N_2,N_3$, which in this case are given as $N_1 = 7\cdot 9 = 63$, $N_2 = 10 \cdot 9 = 90$ and $N_3 = 10\cdot 7 = 70$. With these numbers in hand, we now need to solve the congruence equations $N_i x_i \equiv 1 \mod{m_i}$ for each i.

To solve $63x_1 \equiv 1 \mod{10}$, notice that $63 \equiv 3 \mod{10}$. Hence we're really trying to solve $3x \equiv 1 \mod{10}$. Now we could solve this equation by using the Euclidean Algorithm to express the gcd of 10 and 3 as a linear combination of the two, but since the modulus is so small, we can just use "guess and check" to find this inverse. For this, notice that $3\cdot 7 = 21$, and that $21 \equiv 1 \mod{10}$. Hence we have $x_1 = 7$.

To solve $90x_2 \equiv 1 \mod{7}$, we'll do a similar trick: since $90 \equiv -1 \mod{7}$, we're really trying to solve $-x_2 \equiv 1 \mod{7}$. But this makes it clear that we can take $x_2 = -1$.

Finally, we need to solve $70x_3 \equiv 1 \mod{9}$. Since $70 \equiv 7 \mod{9}$, we're trying to solve $7x_3 \equiv 1 \mod{9}$. Using "guess and check", we see that $x_3 = 4$ is the solution we're after.

Now that we've computed all the appropriate terms, our desired solution modulo $10 \cdot 7 \cdot 9 = 630$ is therefore

\begin{align} x = N_1x_1a_1 + N_2x_2a_2 + N_3x_3a_3 = 63 \cdot 7 \cdot 3 + 90 \cdot (-1)\cdot 4 + 70 \cdot 4 \cdot 2. \end{align}

You can expand that out and see what its least non-negative residue is, but you don't need to if you don't want.$\square$

The Chinese Remainder Theorem is a really powerful tool for solving simultaneous congruences, but it only tells us how to solve problems where the given moduli are pairwise relatively prime. There are plenty of "real life" scenarios in which the moduli for your system of congruences won't be so nice, though, in which case it's handy to know this stronger version of the CRT:

Strengthened Chinese Remainder Theorem: For arbitrary integers $m_1,\cdots,m_k$ and congruence equations $x \equiv a_i \mod{m_i}$, there exists a simultaneous solution if and only if $(m_i,m_j) \mid a_i - a_j$ for every $i \neq j$. When a solution exists, it is unique modulo the least common multiple of the $m_i$.

We won't worry about proving this for now, but it is good to have in mind.

Example: The Strengthened CRT

Suppose someone asks you to solve the simultaneous equations

\begin{align} \begin{split} x &\equiv 3 \mod{4}\\ x &\equiv 5 \mod{8}. \end{split} \end{align}

Since you know that $(4,8) = 4$ and since $4 \nmid 5-3 = 2$, you know that this simultaneous system has no solutions.

Example: The Strengthened CRT

Suppose someone asks you to solve the simultaneous equations

\begin{split} x&\equiv 1 \mod{6}\\ x&\equiv 10 \mod{15}. \end{split}

Note that since $(6,15) = 3 \mid 10 - 1$, there will be a solution to this equation (and the solution will be unique modulo $[6,15]= 30$). To find this solution, we note that the first equation translates to the existence of an integer e so that $6e = x-1$. This means that $x = 6e+1$, and we can plug this value of x into the second equation:

\begin{align} 6e+1 \equiv 10 \mod{15}. \end{align}

Of course this equation is equivalent to $6e \equiv 9 \mod{15}$, which is just a linear congruence in the variable e. We can use the methodology we've already developed to solve this equation, and doing so will show that $e = 4, 9, 14$ are the solutions mod 15. Plugging these values back into our initial expression for x, we see that $x = 25, 55, 85$. Notice that all these values of x are congruence mod $[6,15]$, so they all give the same solution to our equation (mod $[6,15]$).$\square$

Add a New Comment
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License