Lecture 9 - Sweet Congruences for Prime Numbers


We started today by saying a few more words about techniques for solving CRT problems aside from the method developed in class last time. We then shifted gears; instead of trying to solve congruence equations, we instead asked if there were any interesting congruence properties of numbers. This led us to Wilson's Theorem as well as Fermat's little Theorem (flt).

Solving CRT Problems

We'll start by going back to the problem of solving simultaneous congruences. There were two new suggestions for solving these problems, and we'll provide a glimpse into both.

Back Substitution

Josh posted on the forum an idea for using the back substitution technique we discussed in class last time to solve any CRT problem you come across. It's definitely worth taking a look at, so check it out here.

Solving by Inspection

Sometimes you'll come across a system of congruences that looks something like this:

\begin{align} \begin{split} x &\equiv 1 \mod{m}\\ x &\equiv 1 \mod{n}. \end{split} \end{align}

How do you go about solving such a system? Well, the easiest way is to just look at the system and notice that $x = 1$ is a perfectly good solution, no matter what m and n are. You've just solved this system "by inspection."

A sneakier version of this same technique can be used to solve the following system

\begin{align} \begin{split} x &\equiv 2 \mod{5}\\ x &\equiv 4 \mod{7}. \end{split} \end{align}

While it might not seem that you can "see" a solution to this equally, notice that these equations are the same as

\begin{align} \begin{split} x &\equiv -3 \mod{5}\\ x &\equiv -3 \mod{7}. \end{split} \end{align}

Now we can see that $x = -3$ is a solution. If you'd prefer a nonnegative solution, remember that since $(5,7) = 1$ we must have a unique solution to this equation modulo 35. Hence $-3+35 = 32$ is another solution to this system (and happens to be the "least nonnegative" solution).

Wilson's Theorem

Now that we've talked about how one goes about solving equations that involve congruences, we're going to switch gears slightly. Instead of solving equations, we're going to ask the question: does modular arithmetic have any "interesting" intrinsic properties. That is to say, if you fix a modulus m, what kind of general statements can you make about congruences modulo m.

We'll start by trying to compute $(m-1)! \mod{m}$ for various m. (Why didn't we consider $m! \mod{m}$?) In class I split people into teams and had them compute this factorial for various values of m. We came up with the following

m (m-1)! mod m m (m-1)! mod m m (m-1)! mod m
2 1 9 0 16 0
3 2 10 0 17 16
4 2 11 10 18 0
5 4 12 0 19 18
6 0 13 12 20 0
7 6 14 0 21 0
8 0 15 0 22 0

We noticed some patterns. For instance, it seemed that for a prime p we had $(p-1)! \equiv p-1 \mod{p}$, and that for "most" composite numbers m we had $(m-1)! \equiv 0 \mod{m}$. This led us to

Wilson's Theorem: An integer n satisfies $(n-1)! \equiv -1 \mod{n}$ if and only if n is prime.

Before we tried to prove this result, we did a sample computation to see why this might be happening.

Example: The prime 11

We know, of course, that

\begin{align} 10! = 10 \cdot 9 \cdot 8 \cdot 7 \cdot 6 \cdot 5 \cdot 4 \cdot 3 \cdot 2 \cdot 1. \end{align}

To compute this product mod 11, we could just multiply these integers out and reduce mod 11, though this might take a while. Instead, we tried to compute a few "small" products and group them together. For instance, we know that $6\cdot 2 \equiv 12 \equiv 1 \mod{11}$, and so these two factors "cancel each other out." Similarly, we have $3\cdot 4 \equiv 12 \equiv 1 \mod{11}$, $5\cdot 9 \equiv 45 \equiv 1 \mod{11}$, and $7\cdot 8 \equiv 56 \equiv 1 \mod{11}$. Hence we get

\begin{split} 10! &\equiv 10 \cdot 9 \cdot 8 \cdot 7 \cdot 6 \cdot 5 \cdot 4 \cdot 3 \cdot 2 \cdot 1\\ &\equiv 10 \cdot (9 \cdot 5) (2\cdot 6)(3\cdot 4)(7\cdot 8) \cdot 1 \\ &\equiv 10\cdot 1^5 \equiv 10 \mod{11}. \end{split}


Notice that 1 and 10 were the only numbers in our product which didn't get paired with another number. This is because 1 and 10 are their own multiplicative inverses. That is to say, $10 \cdot 10 \equiv 1 \mod{11}$ and $1 \cdot 1 \equiv 1 \mod{11}$. If we're going to employ this strategy for other primes, we need to know which elements have multiplicative inverses mod p, and furthermore which numbers are their own multiplicative inverses.

Lemma: If p is prime and $1 \leq k \leq p-1$, then k has a multiplicative inverse mod p.

Proof: We already know that k has a multiplicative inverse if and only if $(k,p) = 1$. But notice that since $1 \leq k \leq p-1$ we cannot have $p \mid k$, and hence the only common factor of k and p is 1, as desired.$\square$

Lemma: If p is prime, then the only congruence classes which are their own inverses (modulo p) are $\pm 1$. That is to say, the only a such that $aa \equiv 1 \mod{p}$ are those a which satisfy $a \equiv \pm 1 \mod{p}$.

Proof: It isn't hard to see that if $a \equiv \pm 1 \mod{p}$, then we must have $a^2 \equiv 1 \mod{p}$. So suppose we're told that $a^2 \equiv 1 \mod{p}$, and we'll show that $a \equiv \pm 1 \mod{p}$.

Notice that the congruence $a^2 \equiv 1 \mod{p}$ means that $p \mid a^2 - 1= (a-1)(a+1)$. Euclid says that either $p \mid a-1$ — in which case $a \equiv 1 \mod{p}$ — or $p \mid a+1$ — in which case $a \equiv -1 \mod{p}$. In either case, then, we get the desired conclusion.$\square$

With our example mod 11 and these new results, we're ready to attack the following piece of Wilson's Theorem

Proposition: If p is prime, then $(p-1)! \equiv -1 \mod{p}$.

Proof: If p is prime, then we know that every integer between 1 and p-1 is relatively prime to p. We'll take the integers between 1 and p-1 and put them into groups by pairing a number a with its multiplicative inverse modulo p. According to our lemma, only 1 and -1 can't be paired with another (different) integer in this way. Hence we can rearrange the numbers between 2 and p-2 so that they sit in a sequence where every pair of numbers multiplies to 1 modulo p. Hence we have

\begin{align} (p-1)! \equiv 1 \cdot 2 \cdot \cdots \cdot (p-2) \cdot (p-1) \equiv 1 \cdot (p-1) \equiv -1 \mod{p}. \end{align}


In the homework, you'll show that the converse of this statement is true as well, and that will finish the proof of Wilson's Theorem.

Fermat's Little Theorem

Wilson's Theorem is a neat little congruence identity to have around, but there's one which is actually much handier. This is one of the many number theoretic problems which Fermat worked on, and so it bears the name Fermat's Little Theorem (flt).

We started by asking: is there a exponent e to which we can raise any number $1 \leq a \leq 12$ so that $a^e \equiv 1 \mod{13}$?

We noticed that we could raise 1 to any power and still get 1 mod 13. It took a little more work to show that

\begin{align} 2^{12} \equiv 1 \mod{13}, \end{align}

and it didn't take quite as much work to show that

\begin{align} 3^{3} \equiv 1 \mod{13}. \end{align}

From these few example, we saw that 12 was an exponent such that

\begin{align} 1^{12} \equiv 2^{12} \equiv 3^{12} \equiv 1 \mod{13}, \end{align}

and so we conjectured

Fermat's Little Theorem: If p is prime and $(a,p)=1$, then $a^{p-1}\equiv 1 \mod{p}$.

Example: Testing flt

Before proving flt, let's show that it holds in the case $a = 5, p = 17$. In other words, we'll show that $5^{16} \equiv 1 \mod{17}$.

To do this, we need to compute a large power of 5. This can be done using "successive squaring":

\begin{align} \begin{split} 5^2 &\equiv 25 \equiv 8 \mod{17}\\ 5^4 &\equiv 8^2 \equiv 13 \mod{17}\\ 5^8 &\equiv 13^2 \equiv (-4)^2 \equiv 16 \equiv -1 \mod{17}\\ 5^{16} &\equiv 16^2 \equiv (-1)^2 \equiv 1 \mod{17}. \end{split} \end{align}

Hence we have the desired congruence. $\square$

The Proof of flt

With some examples under our belt, we're now prepared to prove flt. So let a be given with $(a,p) =1$.

We start by explaining why the sets

\begin{align} \begin{split} \{1,2,\cdots,p-1\}\\ \{a,2a,\cdots,(p-1)a\} \end{split} \end{align}

are the same modulo p. We'll prove this by showing that the elements of the second set are all distinct, and that they are all relatively prime to p. Since the initial set gives a complete set of residues which satisfy these two properties, this will tell us that our two sets are the same mod p.

For the first condition, notice that since $(a,p) = 1$, two elements ia and ja of our set are the same (i.e., $ia \equiv ja \mod{p}$) if and only if $i \equiv j \mod{p}$. But since $1 \leq i,j \leq p-1$, we cannot have $i \equiv j \mod{p}$.

For the second condition, take a given element ka in our second set. Now we know that $(a,p)=1$, so that there exist integers m and n with

\begin{equation} 1 = ma+np. \end{equation}

Since $1 \leq k \leq p-1$ we also have $(k,p)=1$, and so there exist integers $\tilde m$ and $\tilde n$ satisfying

\begin{align} 1 = \tilde mk+\tilde np. \end{align}

If we multiply these two equations together (the left hand side by the left hand side, and the right hand side by the right hand side), then we get

\begin{align} 1 = m\tilde mak + m\tilde n ap + \tilde mnkp + n\tilde np^2 = (m\tilde m)ak + (m\tilde na + \tilde mnk + n\tilde np)p. \end{align}

Since we can write 1 as an integral linear combination of ak and p, we know that $(ak,p)=1$, as promised.

We'll finish this proof in class on Friday.

Add a New Comment
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License