Notes on Number Theory

7/29/2019 Notes on Number Theory

1/32

NUMBER THEORY AND CRYPTOGRAPHY

Gopikrishnan C RIntegrated BS MS Student

IMS 10026Yr. IV, Batch 2010

Indian Institute of Science Education and Research Thiruvananthapuram

September 17, 2013


2/32

Contents

1 Three Major Theorems 3

1.1 Multiplicative group modulo an integer . . . . . . . . . . . . . . . . . . . . . . 31.1.1 Defenition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.1.2 Eulers Totient Function . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.1.3 Special cases ofU(Zn) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

1.2 Fermats Little Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

1.3 Eulers Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.4 Wilsons Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2 Division 5

2.1 Division Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52.2 Greatest Common Devisor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

3 Diophantine Equations 7

3.1 Linear Diophantine Equations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

4 Modular Arithmetic 9

4.1 Prime Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94.2 Linear Congruence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104.3 Quadratic Congruence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

5 Chinese Remainder Theorem 13

5.1 Analytical Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135.2 Ring Theoretic Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

6 Polynomials 16

6.1 Lagranges Polynomial Congruence Theorem . . . . . . . . . . . . . . . . . . . . 166.2 Division Algorithm for Polynomial Rings . . . . . . . . . . . . . . . . . . . . . . 17

7 Some Important Theorems 19

7.1 Fundamental Theorem of Finitely Generated Abelian Groups . . . . . . . . . . . 197.2 Primary Decomposition Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . 19

7.2.1 Primitive Roots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

8 Cyclic groups 21

8.1 Existence of Primitive Root Modulo a Prime . . . . . . . . . . . . . . . . . . . . 218.2 Existence of Primtive Root Modulo Odd Prime Power . . . . . . . . . . . . . . . 22

9 Quadratic Reciprocity 259.1 Quadratic Residue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259.2 Legendre Symbol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259.3 Eulers Criterion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

1


3/32

CONTENTS 2

9.4 Gauss Sum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269.4.1 Roots of Unity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269.4.2 Gauss Sum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Bibliography 31


4/32

Chapter 1

Three Major Theorems

1.1 Multiplicative group modulo an integer

1.1.1 Defenition

For an integer n Z, multiplicative group modulo an integer n is defined as

U(Zn) = {x Zn | (x, n) = 1} (1.1)

where (a, b) denotes the greatest common devisor of a and b.

1.1.2 Eulers Totient Function

Eulers totient function is defined as,

(n) =| {x | (n, x) = 1} | (1.2)

It is trivial to conclude from (1) and (2) that, cardinality of U(Zn) = (n).

1.1.3 Special cases of U(Zn)

Ifp is a prime number, then | U(Zp) | is p 1, since all numbers less than p are relatively prime

to it. For an odd prime p, | U(Zpl) | is pl1(p 1). Beacuse the numbers less that pl having

a common factor with p are p, 2p, 3p . . . (pl1)p. Expect these pl1 numbers, all other numbers

less than p

l

are realtively prime to p

l

. There fore (p

l

) = p

l

p

l1

= p

l1

(p 1).

1.2 Fermats Little Theorem

Theorem 1.2.1. For p a prime number and a an integer, ap a (mod p).

Proof. Consider the unit group (multiplicative group modulo p) U(Zp). Since the order of this

group is (p) = p 1, for any integer a, [a]p1 = [1] [a]p = [a]. But this is equivalent to

saying that, ap

a (mod p).

3


5/32

CHAPTER 1. THREE MAJOR THEOREMS 4

1.3 Eulers Theorem

Theorem 1.3.1. For any two integers r and a with (a, r) = 1, a(r) 1 (mod r).

Proof. Consider the unit group U(Zr). Since the order of this group is (r), for any integer

with (a, r) = 1, [a](r) = [1]. But this is equivalent to saying that a(r) 1 (mod r).

Note : Eulers theorem is a generalisation of Fermats Little theorem.

1.4 Wilsons Theorem

Theorem 1.4.1. For any prime number p, (p 1)! 1 (mod p).

Proof. Consider the unit group U(Zp), the product of all elemets in this group, 1 2

(p 1) = (p 1)! . Since U(Zp) is an abelian group, all the elements except which are inverses

of itself will get cancelled from this product. Note that, only two elements with this property

in U(Zp) are 1 and p 1. There fore (p 1)! = 1 (p 1) [(p 1)!] = [p 1] = [1]. But

this is same as saying (p 1)! 1 mod p.


6/32

Chapter 2

Division

2.1 Division Algorithm

Theorem 2.1.1. For any two integers a and b with 0 < a < b, there exists unique integers q

and r such that b = aq+ r, where 0 r < a.

Proof. Consider the arithmetic progression . . . , b 3a, b 2a, b a,b,b + a, b + 2a, b + 3a . . . .

Let r is the smallest non negative number in this sequence. Then r = b qa, for some q Z.

By definition 0 r < a. For this choice of q and r we have b = qa + r, with 0 r < a.

So we established the existence of a pair of such integers q and r. If possible suppose there

exists distinct pair of integers q1 and r1 such that, b = aq1 + r1. Then aq1 + r1 = aq + r.

Suppose r < r1, then 0 < r1 r < a. Since (r1 r) = a(q q1) a|(r1 r). But it is not

possible since 0 < r1 r < a. The same contradiction arises also when r > r1. There fore

r1 = r a(q q1) = 0 q1 = q. There fore uniqueness is proved.

2.2 Greatest Common Devisor

Greatest common devisor of two integers a and b is an integer d > 0, such that d|a, d|b and for

all d, with d|a, d|b d|d. Greatest common devisor of two integers a and b is denoted by

(a, b).

Theorem 2.2.1. Euclids Algorithm: Given any two positive two positive integers a and b,with a > b, by the repeated application of division algorithm we can have a series of equations,

a = q1b + r1 0 < r1 < b

b = r1q2 + r2 0 < r2 < r1

r1 = r2q3 + r3 0 < r3 < r2

.

.

.rj2 = rj1qj + rj 0 < rj < rj1

rj1 = rjqj+1

5


7/32

CHAPTER 2. DIVISION 6

The process stops when the division is exact, and the last non zero remainder is the g.c.d of aand b. Moreover there exists x and y two integers such that ax + by = d

Proof. By division of algorithm we can obtain this series of equations. In division algorithm

we have 0 rj < rj1, while here the inequality is strict, because if rj = 0, then the division

will become exact, and the process stops. Now we shall show that rj is the greatest commondevisor.But it is straight forward since, (a, b) = (a q1b, b) = (r1, b) = (r1, b r1q2) = (r1, r2) =

(r1 r2q3, r2) = (r3, r2), and continuing inductively, the chain simply boils down to (a, b) =

(rj1, rj) = (rj, 0) = rj.

Note that r1 is a linear combination of b and c. r2 is linear combination of b and r1, and

therefore of a and b. Proceeding inductively we will obtain rj is a linear combination of rj2

and rj1, which are in turn the linear combination of a and b, which proves the theorem.

Theorem 2.2.2. Consider the ideal (a,b). If (a,b) = (d), principal ideal generated by d, thengreatest common devisor of a and b is d.

Proof. We have a (d) and b (d). Therefore a = r1d and b = r2d, for r1, r2 Z d|a, d|b.

Now suppose r|a, r|b. d (a, b) d = ax + by, where x, y Z. But r|a, r|b r|ax + by r|d,

which was the precise condition for d = (a, b).

Lemma 2.2.3. Euclid: If a|bc and (a, b) = 1, then a|c.

Proof. (a, b) = 1 ax + by = 1 for some x, y Z. Multiplying the expression by c, we will

get, acx + bcy = c. Now a|ac, and a|bc (given) a|acx + bcy a|c.


8/32

Chapter 3

Diophantine Equations

3.1 Linear Diophantine Equations

A linear Diophantine equations is an equation of the form ax + by = c, where the variables are

integers. Given a, b and c, we want to know for what all integer values of x and y the equality

is satisfied. For example consider 10x + 2y = 17. It is apparent that this equation has no

solutions, since RHS is odd and LHS is even. This may not be the case always. Some times it

will be quiet untrivial to guess the existence of solutions. More over we want to know which

all integers can be the solutions, therefore we present the following thorem.

Theorem 3.1.1. The linear Diophantine equation ax + by = c has a solution iff (a, b) = d|c.More over if x0, y0 is a particular solution then all solutions are of the form

x = x0 + (b

d)t

y = y0 (a

d)t

where t Z.

Proof. Suppose x0, y0 is a solution of equation ax + by = c. Then ax0 + by0 = c. But d|a, d|b

d|ax0 + by0 d|c.

Conversly assume the d|c c = kd,k Z, now since (a, b) = d, there exists x

, y

such thatax + by = d a(kx) + b(ky ) = kd = c. Then x0 = kx

, y0 = ky is a solution.

Let x, y is a general solution. ax + by = c = ax0 + by0 a(x x0) = b(y0 y). Since

d = (a, b) there exists r, s Z such that a = dr,b = ds.

a(x x0) = b(y0 y)

dr(x x0) = ds(y0 y)

r(x x0) = s(y0 y)

But observe that (ka,kb) = |k|(a, b). From this (a, b) = (dr, ds) = d(r, s) (since d 0)

7


9/32

CHAPTER 3. DIOPHANTINE EQUATIONS 8

(r, s) = 1. We have s|r(x x0), but (s, r) = 1 s|(x x0).

st = x x0 t Z

x = x0 + st

x = x0 + (

b

d)t str = r(x x0) = s(y0 y)

tr = y0 y

y = y0 rt

y = y0 (a

d)t

which finishes the proof.


10/32

Chapter 4

Modular Arithmetic

4.1 Prime Numbers

We begin this section by giving a strong theorem without proof but proving a special case of

it.

Theorem 4.1.1. Dirichlet: There are infinitely many primes of the form ax + b, where (a,b)= 1.

Lemma 4.1.2. If p1 and p2 are primes of the form 4k + 1, so is p1p2.

Proof. Let p1 = 4k1 + 1 and p2 = 4k2 + 1.

p1p2 = (4k1 + 1)(4k2 + 1)

= 4(4k1k2 + k1 + k2) + 1

= 4k3 + 1,where k3 = 4k1k2 + k1 + k2

Theorem 4.1.3. There are infintely many primes of the form 4x + 3.

Proof. Suppose there are only finitely many primes of the form 4x + 3. Let p1, p2, . . . pn is an

enumeration of them. Define

pN = 4p1p2 . . . pn 1;

We can write this is the form

pN = 4(p1p2 . . . pn 1) + 3

By fundamental theorem of arithmetic each integer has a prime factorisation. Let pN =

r1r2 . . . rk. Since pN is odd, so is r1r2 . . . rk. Therefore each ri has to be odd. If all ri is

an odd number of the form 4x +1 then so is pN by lemma 4.2. Therefore at least one of the ris

must be of the form 4x + 3, say rq = 4x + 3 for some q between 1 and k. Now rq|pN, meaning

rq devides 4(p1p2 . . . pn 1) + 3 rq|4(p1p2 . . . pn 1). Since rq is odd, rq|p1p2 . . . pn 1, rq

is of the form 4x + 3, therfore it belongs to {p1, p2, . . . pn}. Therefore rq|p1p2 . . . pn. Then rq

9


11/32

CHAPTER 4. MODULAR ARITHMETIC 10

must devide 1, which is not possible. Therefore the enumeration of primes was wrong and there

exists infinintely many primes of the form 4x + 3.

Theorem 4.1.4. There are infinitely many primes.

Proof. Suppose {p1, p2, . . . pn} is an enumeration of primes. Then consider,

pN = p1p2 . . . pn + 1

pN > pi for each i from 1 to n. Observe that no number less pN devides it, therefore pN is

a prime, but not present in the former enumeration. Therefore there exists infintiely many

primes.

4.2 Linear Congruence

Theorem 4.2.1. Letca cd mod n and (c, n) = d. Then a b mod (nd

)

Proof.

ca cb mod n

n|(ca cb)

n|c(a b)

n

d|

c

d(a b)

The last step is beacuse (c, n) = d. But this means nd

|(a b), since (nd

, cd

) = 1. Therefore

a b mod nd

Theorem 4.2.2. The linear congruence ax b mod n has a solution if and only if (a, n) = dand d|b. If d|b then the congruence has exactly d mutually incongruent solutions.

Proof. Given congruence can be written as,

ny = b ax

ny + ax = b

But from theroem 3.1 of chapter 3, this linear Diophantine equation has a solution iff (a, n) =d|b. One of the solution of x is of the form x0 + (

nd

)t where t Z. Consider the set of solutions

{x0, x0 +nd

, x0 +2nd

, x0 +3nd

. . . , x0 +(d1)n

d}. If possible suppose,

x0 +t1n

d x0 +

t2n

d mod n


12/32


, where 0 t1 < t2 < n. Therefore,

t1n

d

t2n

dmod n

t1 t2 mod n

n|t1 t2

n < t1 t2

But n > |t1 t2|, which makes a contradiction. There for all the solutions listed above areincongruent, so there exists d incongruent solutions.

Let x = x0 + (nd

)t is a solution mod n with t > d, we shall prove that is one among solutionswe previously listed. By division algorithm there exists integers q and r such that t = qd + r,0 r d 1. Therefore ,

x = x0 + (n

d)(qd + r)

= x0 + nq+nr

d

x0 + nrd

mod n

which was exactly what we wanted. Therefore there exists precisely d solutions.

Theorem 4.2.3. Base b representation theorem: Let b 2, an integer. Then we can representany integer a > 0, in the form,

a = r0 + r1b + r2b2 + . . . rnb

n

Proof. Proof is by induction.

If a = 1, then a = 1.b0. Therefore the base case holds. Assume that the theorem holds

for any integer strictly less than a. We shall prove the theorem also hold for a. By division

algorithm there exists integers q, r such that a = bq + r where 0 r b. q is less than a,

therefore q has a base b representation, let q = r0 + r1b + r2b2 + . . . rnb

n. Therefore,

a = b(r0 + r1b + r2b2 + + rnb

n) + r

= br0 + r1b2 + r2b

3 + + rnbn+1 + r

= r0 + r

1b + r

2b2 + + rn+1b

n+1

where r0 = r, r

j = rj1, and each r < b by defenition. Therefore a has a base b representation,

which proves the theorem.

4.3 Quadratic Congruence

Theorem 4.3.1. For a prime number p, the quadratic congruence x2 1 mod p has a solu-tion iff p = 2 or p 1 mod 4

Proof. Wilsons theorem states that (p 1)! 1 mod p, for a prime number p. Thereforeif p = 2, we have 1 1 mod 2. Therefore if p = 2, x = 1 is a solution to the quadratic

congruence.


13/32


Let p > 2, and is a prime of the form 4k + 1, k Z, again by Wilsons theorem (p 1)!

1 mod p. Observe that (p 1)! = 1 2 . . . p12

p+12

(p 1), which can be written

as,

(p 1)! =

p12

j=1j(p j) (4.1)

p12

j=1

j(p j) 1 mod p (4.2)

But j(p j) = pj j2. Therefore if j(p j) 1 mod p j2 1 mod p. Therefore (4)

reduces to,

p12

j=1

j2 1 mod p (4.3)

(1)p12

p12

j=1

j2 1 mod p (4.4)

Since p 1 mod 4, p12

is even and the first factor in the last product is 1, reducing (6)

to p1

2

j=1 j2 1 mod p (

p12

j=1 j)2 1 mod p. Therefore x = (p1

2)! is a solution the

quadratic congruence.

Conversly assume that x2 1 mod p has a solution, for p > 2, a prime number. Raisingthe congruence to the power p1

2we have xp1 1

p12 mod p. But by Fermats little theorem

xp1 1 mod p. For both of the last expressions to be consistent 1p12 = 1 p1

2= 2k, k

Z p 1 = 4k p 1 mod 4. Other case p = 2 is trivial.


14/32

Chapter 5

Chinese Remainder Theorem

This is one of the classic theorems in Analytical number theory, having a large number of

applications. There are two versions of this theorem. First we will present an analytical version

which deals about solving simultaneous congruences and later we will have a more general ringtheoretic version.

5.1 Analytical Version

Theorem 5.1.1. Letm1, m2, . . . mr are distinct coprime integers, anda1, a2, . . . ar are arbitraryintegers. Then the simultaneous congruences,

x a1 mod m1

x a2 mod m2

x a3 mod m3

.

.

.

x ar mod mr

has a solution. Moreover if x0 is a particular solution all solutions are of the form x = x0 +km,where m = m1m2m3 . . . mr and k Z.

Proof. Writing m = m1m2m3 . . . mr, and note that (m/mj, mj) = 1. Then there exists yj and

bj such that mjyj +mmj

bj = 1. Thereforemmj

bj 1 mod mj. Ifi = j thenmmj

0 mod mi. Take,

x0 =r

i=1

(m/mj)bjaj (5.1)

Then x0 (m/mi)biai ai mod mi. Therefore x0 ai mod mi for all i, making x0 as a

solution to the system of congruences.

Now suppose x is a solution to the system, then x ai mod mi, and x0 ai mod mi x0 x 0 mod mi (by subtraction property of congruences). Therefore x0 x mod mi for all

i. Since m1, m2 . . . mr are coprime integers, x0 x mod m. Therefore x = x0 + km,k Z.

13


15/32

CHAPTER 5. CHINESE REMAINDER THEOREM 14

Example

Find an integer x such that x 5 mod 7, x 7 mod 11 and x 3 mod 13.

Solution Following from the theorem, m1 = 7, m2 = 11, m3 = 13 all coprime to each other,

and a1 = 5, a2 = 7, a3 = 3. Then m = m1m2m3 = 1001. Let us write k1 = m/m1 = 143, k2 =m/m2 = 91, k3 = m/m3 = 77. Using Euclids algorithm for g.c.d we can find b1, b2, b3 and turns

out to be b1 = 2, b2 = 4, b3 = 1. Then x0 = k1a1b1 + k2a2b2 + k3a3b3 = 887.

5.2 Ring Theoretic Version

Theorem 5.2.1. Let R is a commutative ring with unity, and I1, I2, ...In are coprime idealsof R, meaning Ii + Ij = R whenever i = j. Define as a natural homomorphism, : R

R/I1 R/I2 R/In such that (r) = (r + I1, r + I2, . . . , r + In). Then,

1.n

j=1 Ij =n

j=1 Ij

2. is a surjective homomorphism iff Ijs are coprime.

3. is injective iffn

j=1 Ij = {0}.

Proof. 1. Proof is by induction. First we will check base case for n = 2. Let x I1I2 , then

there exists a I1, b I2 such that x = ab. By the multiplicative closureness of ideals

ab I1 and ab I2, therefore ab I1 I2 I1I2 I1 I2. For the reverse containment,

I1 I2 = R(I1 I2)

= (I1 + I2)(I1 I2)

= I1(I1 I2) + I2(I1 I2)

I1I2 + I1I2 = I1I2

Therefore I1I2 = I1 I2. So base case is proved.

Let J =n1

j=1 Ij . We claim that J + In = R. Assume that this does not hold, thenthere exists a proper maximal ideal such that J + In P R. A maximal ideal is

a prime ideal. Therefore P is a prime ideal. By the property of prime ideals since

J + In = I1I2 . . . I n1 + In P, we have In P and It P, t = n. In + It = R,

since Ins are coprime. Collecting all the arguments we will get R = In + It P R,

which is a contradiction to our assumption. Therefore J + In = R. Now apply the

base case to I1 = J, I2 = In to obatin JIn = J In. But by induction hypothesis

J = n1j=1 Ij =

n1j=1 Ij. Therefore

nj=1

Ij =n1j=1

IjIn = JIn = J In =n1j=1

In =n

j=1

Ij (5.2)


16/32

CHAPTER 5. CHINESE REMAINDER THEOREM 15

which proves part 1.

2. Assume that is surjective. Clearly I1 + It R, t = 1. We have (1 + I1, I2, . . . I n)

R/I1 R/I2 . . . R /In. By the surjectivity of there exists y R such that (y) =

(y + I1, y + I2, . . . y + In) = (1 + I1, I2, . . . I n). But this implies 1 y I1, y It, t = 1.

But then 1 y + y = 1 I1 + It. Since I1 and It are ideals we have R I1 + It, t = 1 R = I1 + It, t = 1. This way taking (I1, I2, . . . , 1 + Ij , . . . I n) R/I1 R/I2 . . . R /In we

will get Ii + Ij = R, j = i.

Conversly assume that Ijs are coprime to each other. Let (a1 + I1, a2 + I2, . . . , an + In)

R/I1 R/I2 R/In. Define ei = (I1, I2, . . . , 1 + Ii, . . . I n). Then (a1 + I1, a2 +

I2 . . . an + In) = (a1)e1 + (a2)e2 + + (an)en. We claim that ei Im(). Suppose

the claim is true then there exists yi R such that ei = (yi). Then we will get

(a1 + I1, a2 + I2 . . . an + In) = (a1)e1 + (a2)e2 + + (an)en = ni=1 (ai)(yi). Since is a ring homomorphism we have (a1 + I1, a2 + I2 . . . an + In) = (

ni=1 aiyi). Thus we

will get is surjective.

So it suffices to prove the claim. We shall prove the claim for e1 and the rest follow in a

similar way. By the assumption we have I1 + I2 . . . I n = R. 1 R 1 I1 + I2 . . . I n.

Therefore there exists x I1 and y I2 . . . I n such that x+y = 1. But this gives y = 1x.

Consider (y) = (y + I1, y + I2, . . . y + In) = (1 x + I1, y + I2, . . . , y + In). x I1 and

y I2I3 . . . I n gives (y) = (1 + I1, I2, . . . , I n) = e1. Therefore the claim is threw.

3. is injective iff Ker() = 0. Consider,

Ker() = {r R|(r) = (I1, I2, . . . , I n)}

= {r R|(r + I1, r + I2, . . . , r + In) = (I1, I2, . . . , I n)}

= {r R|r I, . . . , r , In}

= {r R|r n

j=1

Ij}

=

nj=1

Ij

Therefore is injective iffn

j=1 Ij = 0


17/32

Chapter 6

Polynomials

6.1 Lagranges Polynomial Congruence Theorem

Theorem 6.1.1. If f(x) is a polynomial of degree n with integer coefficients and p is a prime,

then the congruence f(x) 0 mod p has at the most n incongrunet solutions mod p.

Proof. Proof is by induction. If no solutions exists, then the proof is trivial.

Suppose that r is a solution.Then we have

f(r) 0 mod p (6.1)

where f(x) = a0 + a1x + a2x2 + + anx

n.Then we have

f(x) f(r) (anxn + + a0) (anrn + + a0) mod p

an(xn rn) + an1(x

n1 rn1) + + a1(x r) mod p

Each of the factors in the last congruence can be factorised into ( x r) and some other

polynomials to obtain,

f(x) f(r) (x r)g(x) mod p (6.2)

where deg(g(x)) = n 1.Being x is a root of the polynomial f(x) we have f(x) f(r) 0 mod p. Using the additive

property of congruences we can write, (x r)g(x) 0 mod p. But this precisely means either

(x r) 0 mod p or g(x) 0 mod p since p is a prime. Since degree of g(x) is n 1 is can

have at the most n 1 incongruent roots modulo p by induction hypothesis. (x r) 0 mod p

has one and only one root. Therefore the polynomial f(x) can have at the most n incongruent

solutions modulo p.

Example

In Lagranges polynomial congruence theorem primeness of p is an important condtion.

Consider the polynomial x2 1 in the ring Z15Z

[X]. Then one can figure out that 1,14,4 and

16


18/32

CHAPTER 6. POLYNOMIALS 17

11 are incongruent roots of the equation (for example 142 1 = 196 1 = 195 = 15 13

142 1 0 mod 15). In the proof for concluding (x r)g(x) 0 mod p (x r) 0 mod p

or g(x) 0 mod p we need that the ring ZpZ

[X] is an integral domain. But Z15Z

[X] is not an

integral domain.

6.2 Division Algorithm for Polynomial Rings

Theorem 6.2.1. Let R be a commutative ring and g R[X], with leading coeffients invertiblein R. To each f R[X], there exists a unique pair of polynomials q, r R[X] such that

f = qg + r (6.3)

where deg(r) < deg(g) ()

Proof. Proof is by induction on the degree of f = n. Let deg(g) = m. Suppose m > n

f = 0 g + f, and holds. Therefore we can assume that m n. Let the leading coeffient

of f be fn and that of g be gm. Consider the polynomial f = f (fng

1m x

nm)g. Degree of

g is m. There fore degree of (fng1m x

nm)g is n m + m = n. Therefore leading coefficient of

(fng1m x

nm)g is the coefficient ofxn = fng1m gm = fn. Therefore the term ofx

n in f cancels

with that in (fng1m x

nm)g, making f, a degree n 1 polynomial.

Now by induction hypothesis, there exists polynomials q, r R[X] with f = qg + r

f (fng1m x

nm)g = qg + r f = (fng1m x

nm + q)g + r. Also deg(r) < deg(g). This proves

the exsitence of such a pair.

Uniqueness: Suppose these exists two such pairs q, r and q, r. Then,

qg + r = qg + r

r r = g(q q)

g|r r

But this is already a contradiction, since deg(g) > deg(r r), makes (r r) not divisible by

g.

Now we will present some quick consequences of these theorems.

Theorem 6.2.2. Remainder theorem: Let R be a commutative ring. If a polynomial f R[X]

is devided by a monic linear polynomial g(x) = x c, then the remainder is f(c).

Proof. By Division algortihm, f(x) = q(x)(x c) + r(x), where deg(r) < deg(x c), meaing c

is a constant. Now evaluating the last expression at c, we will get,

f(c) = 0 + r = r (6.4)


19/32

CHAPTER 6. POLYNOMIALS 18

Therefore f(c) is the remainder.

Corollary 6.2.3. A polynomial f(x) is divisble in R[X] by a monic linear polynomial x c iff

c is a zero of f(x).

Proof. If c is a zero of f(x) then by above theorem, remainder when x c|f(x) is f(c) = 0.

Therefore x c devides f(x). Suppose x c devides f(x), then f(c) = 0, again by the above

theorem, making c as a zero of f(x).

Corollary 6.2.4. Let R be an integral domain, a polynomial f R[X] of degree k 0 has at

the most k zeros in R

Proof. Proof is by induction. Let c is a root of the polynomial f(x) then f(x) = (x c)q(x).

But degree of q(x) is k 1. By induction hypothesis it can have at the most k 1 roots.

Therefore f(x) has at the most k roots.


20/32

Chapter 7

Some Important Theorems

We will state two important decompostion theorems with out proof, that we will be using inthe further course.

7.1 Fundamental Theorem of Finitely Generated AbelianGroups

Let G be a finitely generated abelian group. Then

G = Zr Zn1 Zn2 Zns (7.1)

for some integers r, n1, n2, . . . , ns satisfying

1. r 0, nj 2 for all j

2. ni+1|ni for all 1 i s 1

This decomposition is called invariant factor decompostion.

7.2 Primary Decomposition Theorem

Let G be an abelian group of order n > 1 and let the unique factorization of n into distinctprime powers be n = pa11 p

a22 . . . p

akk . Then

G = A1 A2 Ak (7.2)

, where |Ai| = paii

7.2.1 Primitive Roots

A primitive root modulo an integer n is an element of U(nZ) of order (n). The existence of aprimitive root shows that the group is cyclic.

Theorem 7.2.1. Any subgroup G of the multiplicative group of a finite field F is cyclic.

Proof. Let G F\{0}. Let G = Zr Zn1 Zn2 Zns, by the fundamental theorem of

finitely generated abelian groups. Let m = ns. Consider the polynomial xm 1 F[X]. This

polynomial has at the most m roots. Let a Zni . Then ani = 1. But since ni|ns = m, a

m = 1.

19


21/32

CHAPTER 7. SOME IMPORTANT THEOREMS 20

That means all element of Zni for all i are roots of xm 1, therefore xm 1 has n1n2 . . . ns

roots, which is clearly greater than m, which is not possible. Fot this to admit we must have

o(G) = m = ns, that is G is cyclic.

Proposition 7.2.2. Let p be a prime and d be devisor of p-1. Then the polynomial

f(x) = xd 1 U(pZ) (7.3)

has exactly d roots in U(pZ)

Proof. Let e = p1d

. Then

xp 1 = (xd)e 1

= (xd 1)((xd)e1 + (xd)e2 + + 1)

= g(x)(xd 1)

where deg(g) = p 1 d.

By Fermats little theorem, (p, a) = 1 ap1 1 mod p. But this gives 1, 2, . . . , p 1 all

are roots of xp1 1 in U(pZ). But g(x) can have at the most p 1 d roots and xd 1 has

at the most d roots in U(pZ). For the product of these two polynomials which is xp1 1 to

have exactly p 1 roots both must have the maximum possible roots they can have. Therefore

xd 1 has precisley d roots.

Lemma 7.2.3. Let G be a group and letg, h G having relatively prime orders m,n respectively.Then (g) (h) = {1}.

Proof. Let x (g) (h). That is o(x)|o(g) = m, o(x)|o(h) = n o(x) = 1 since m, n are

relatively prime. That means x = 1 (g) (h) = {1}.

Lemma 7.2.4. Let G be a group and let g, h G be commuting elements of relatively prime

orders m, n respectively. Then |gh| = mn

Proof. By the commutativity property we have (gh)mn = gmnhmn = 1 o(gh)|mn. Let

o(gh) = r (gh)r = 1 gr = hr (g) (h) = {1} (by previous lemma). But this gives

gr = 1 = hr. Therefore m = o(g)|r, n = o(h)|r mn|r (since m and n are relatively prime).

But then mn|o(gh) mn = o(gh).


22/32

Chapter 8

Cyclic groups

8.1 Existence of Primitive Root Modulo a Prime

In this section we will prove that there exists a primtive root modulo p a prime number.

Equivalently we will prove that U(pZ) is cyclic.

U(2Z) is trivilally cyclic. Therefore assume that p is odd. Let the unique prime power

factorization of p 1 is

p 1 = qn11 qn22 . . . q

nrr (8.1)

Note that qnii |p 1 for all i. Then by proposition 7.2 of chapter 7 we have xqnii 1 has exactly

qnii roots for all i. Similarly xqni1

i 1 has qni1i roots for all i. Therefore qnii q

ni1i elements

a of U(pZ) are such that aqnii = 1 but aq

ni1

i = 1. That is o(a) = qnii .

For each i choose such an ai of order qnii . Now consider a = a1a2 . . . ar. Then o(a) =

o(a1) o(a2) o(ar) by Lemma 7.4 of chapter 7. This gives o(a) = p 1 = (p).

Therefore there exists a primitve root modulo p, and the group is cyclic.

In the following course we will establish that the only cyclic groups are U(nZ) where n =

p, pa, 2pa, p is an odd prime or n = 2, 4. We present some important lemmas.

Lemma 8.1.1. If l 1 and a b mod pl then ap bp mod pl+1.

Proof. Since a b mod pl

, we can write

a = b + kpl

ap = (b + kpl)p

ap = bp + bp1pl+1 +

2

p

bp2(pl)2 + + (pl)p

ap bp = bp1pl+1 + A;

Each term in A contains at least p2l

, and therefore pl+1

|A. Therefore pl+1

|bp1

pl+1

+ A pl+1|ap bp which gives ap bp mod pl+1

21


23/32

CHAPTER 8. CYCLIC GROUPS 22

Lemma 8.1.2. If l 2 and p = 2, then (1 + ap)pl2

1 + apl1 mod pl

Proof. Proof is by induction. We have, (1 + ap)pl2

1 + apl1 mod pl. Then by previous

lemma, ((1 + ap)pl2

)p (1 + apl1)p mod pl+1 (1 + ap)pl1

(1 + apl1)p mod pl+1. Again

by taking the binomial expansion we will get,

(1 + ap)pl1

1 + apl +

2

p

(apl1)2 + + (apl1)p mod pl+1

(1 + ap)pl1

1 + apl + B mod pl+1

Each term in B contains at least the factor p2l1, l 2 l + 1 2l 1. Therefore pl+1|B

pl+1|(1 + ap)pl1

(1 + apl) (1 + ap)pl1

1 + apl mod pl+1, which completes the induction

process, and proves the lemma.

Definition 1. Let (a, n) = 1. Then a has the order e mod n if e is the smallest integer suchthat ae 1 mod n.

Lemma 8.1.3. If p = 2 and p does not devide a, then pl1 is the order of 1 + ap mod pl.

Proof. By Lemma 8.2 we have

(1 + ap)pl1

1 + apl mod pl+1 (8.2)

(1 + ap)pl1

1 mod pl (8.3)

Also by the same lemma,

(1 + ap)pl2

1 + apl1 mod pl (8.4)

(1 + ap)pl2

1 mod pl (8.5)

Therefore pl1 is the smallest one with (1 + ap)pl1

1 mod pl, which proves the lemma.

8.2 Existence of Primtive Root Modulo Odd Prime Power

We shall now prove that U(plZ) is cyclic for any odd prime p and l Z

We already proved the existence of primtive root modulo p for a prime number p. Let g is

a primtive root modulo p such that gp1 1 mod p2. We claim that there always exists such a

choice of g. Suppose that gp1 1 mod p2. Then g + p will be such a choice.

(g + p)(p)

= (g + p)p1

= gp1

+ pK 1 mod p (8.6)(g + p)p2 = gp2 + pK 1 mod p (8.7)


24/32


(22) is since g is a primtive root modulo p. Together we will get g +p is a primitive root modulo

p. Now observe that,

(g + p)p1 = gp1 + (p 1)gp2p + Kp2

= gp1 + p2gp2 gp2p + Kp2

1 + p2gp2 gp2p mod p2

1 mod p2

Therefore g + p serves as the desired choice, proving our claim. We further clain that such

a g is already a primtive root mod pl. It suffices to show that if gn 1 mod p then (pl) =

pl1(p 1)|n. But,

gn 1 mod pl gn 1 mod p

(p 1)|n

gp1 1 mod p gp1 = 1 + Ap, p |A

(1 + ap)n 1 mod pl (Raising to the power n)

pl1|n

(p 1)pl1|n

Lemma 8.2.1. Let n = 2kp, k 3. Then there are no primitive roots modulo n.

Proof. We have a2k2

1 mod 2k. Also we have (2k) = 2k1. But 2k1 |2k2 (2k) |2k2.

But this exactly means that there does not exists any primitive roots modulo n, for n = 2k.

Next we shall prove that primitive roots exists for 2pn where p being a prime number. It is

a simple consequence of the chinese remainder theorem. We have,

Z2pnZ

= Z2Z

ZpnZ

(8.8)

Taking the unit group on both sides we will get,

U(2pnZ) = U(2Z) U(pnZ) (8.9)

But U(2Z) is simply {e, e1} and U(pnZ) is already cyclic making LHS also cyclic.

We will complete this chapter by proving primitive roots does not exists for mn, with

(m, n) = 1, which together with the previous lemmas and theorems will span the whole integers.

Lemma 8.2.2. Primitive roots does not exists for mn where (m, n) = 1.


25/32


Proof. Again by chinese remainder theorem,

U(mnZ) = U(mZ) U(nZ) (8.10)

Recall Cauchys Theorem, states that if a prime devides the order of a group G, then there

exists a unique element of that prime order. Order ofU(mZ) is (m) and U(nZ) is (n). But

2|(m), (n). Therefore U(nZ) contains a unique element of order 2, and similarly U(mZ)

contains an element of order 2.

Now recall that for a cyclic group for every devisor of order of that group, there exists a

unique element of that order. But we have already proved that U(mnZ) contains two elements

of order 2, one from U(mZ) and other from U(nZ), which violates the uniqueness. Therefore

U(mnZ) is not cyclic.


26/32

Chapter 9

Quadratic Reciprocity

9.1 Quadratic Residue

Fix a prime p, an integer b is called a quadratic residue mod p if p |b and b is a square mod p.

If b is not a quadratic residue mod p, we will call it as a quadratic non residue.

Example Fix p = 5, then 12 = 1, 22 = 4, 32 = 4 and 42 = 1. Therefore the quadratic

residues are 4, 1 and quadratic non residues are 2, 3. Similarly for p = 7, quadratic residues are

1, 2, 4 and quadratic non residues are 3, 5, 6.

9.2 Legendre Symbol

Let p is an odd prime integer and a is any integer, then Legendre symbol read as a over p, isdefined as,

a

p

=

0 if p|a1 if a is a quadratic residue1 if a is a quadratic non residue

(9.1)

Theorem 9.2.1. The map : U(pZ) {1, 1} defined by

(p) =

a

p

(9.2)

is a surjective group homomorphism.

Proof. We have U(pZ) is a cyclic group. Let g is a primitive root modulo p. Then g generates

U(pZ). Therefore all elements in U(pZ) can be writen as g, g2, g3, . . . , gp12 , g

p+12 , . . . , gp1 =

e. Taking squares of all elements we have U(pZ) = {g2, g4, . . . , gp1, gp+1, . . . , g2(p1)}. Now

gp+m = gp1gm+1 = gm+1 gp+1 = g2, . . . , g2(p1) = e. Therefore the quadratic residues mod

p are g2, g4, . . . , gp1 and quadratic non residues are g, g3, . . . , gp2, both are p12

in number,

which shows that is a surjective map. Now it is enough to prove that is a homomorphism.

We will prove it case by case. For that let gs, gt U(pZ).

Case 1. Let s,t both even. Then (gs) = (gt) = 1. s + t is also even, there fore (gs gt) =

(gs+t) = 1 = (gs) (gt)

25


27/32

CHAPTER 9. QUADRATIC RECIPROCITY 26

Case 2. Let s is even, and t is odd. Then (gs) = 1 and (gt) = 1. s + t is odd, there fore

(gs gt) = (gs+t) = 1 = (gs) (gt)

Case 3. Let both s and t are odd, then (gs) = 1 = (gt), s+t is even there fore(gt)(gs) =

1 = (gs+t) = (gs.gt)

9.3 Eulers Criterion

Eulers criterion provies a strong tool to determine quadratic reciprocity for small integers, but

fails for larger integers. The precise statement is, let p be an odd prime and a is an integer,

then

ap

= 1 iff a

p12 1 mod p, where p |a.

Consider the map : U(pZ) U(pZ) defined as,

(a) = ap12 (9.3)

and : U(pZ) 1, 1, defined as,

(a) =

a

p

(9.4)

Observe that and are group homomorphisms. Let a Ker() (a) = 1

ap

= 1.

This means a = b2 for some b U(pZ) ap12 = bp1 = 1 a Ker(). There fore

Ker() Ker(). Now we have the chain Ker() Ker() U(pZ) = G, this gives[G : Ker()] = [G : Ker()] [Ker() : Ker()]. But [G : Ker()] = 2, since there are only

two distinct cosets. There fore we will get two cases.

Suppose that [G : Ker()] = 1 G = Ker() (a) = 1 ap12 = 1, for all a G.

|G| = p1. Therefore the polynomial xp12 1 has p1 solutions in U(pZ). But the polynomial

xp12 1 can at the most have p1

2solutions, which is a contradiction. There fore we abandon

this case.

Otherways suppose that [Ker() : Ker()] = 1. This means that Ker() = Ker()

(a) = 1 iff(a) = 1 ap1

2 1 mod p iffap

= 1, which was precisely required.

9.4 Gauss Sum

9.4.1 Roots of Unity

nth roots of unity is a complex number such that n = 1, and if n is the least such integer

then is the primitive nth root of unity.


28/32


9.4.2 Gauss Sum

Fix an odd prime p, then the Gauss sum associated to an integer a is defined as

ga =

p1

n=0

n

p an (9.5)

, where = e2ip , 0 i p 1

Lemma 9.4.1. For any integer a

p1n=0

an =

p if p|a0 else

(9.6)

Proof. Let p|a, then a = kp an

= kpn

= (p

)kn

= 1. Therefore,

p1n=0

an =

p1n=0

1 = p (9.7)

Else let p |a. Therefore a 1 = 0, Observe that ap 1 = 0. Therefore we have

p1n=0

an =ap 1

a 1= 0 (9.8)


Lemma 9.4.2. g0 = 0

Proof.

g0 =

p1n=0

n

p

= 0 (9.9)

, since half of the Legendre symbols in the sum goes to +1 and half goes to -1.

Lemma 9.4.3. ga =

ap

g1

Proof. Let p|a then,

ga =

p1n=0

n

p

an =

p1n=0

n

p

= g0 = 0 (9.10)

Also we have ap g1 = 0. Therefore this case is threw.


29/32


Otherways assume that p |a. Then,

a

p

ga =

a

p

p1n=0

n

p

an

=

p1n=0

apn

p

an

=

p1n=0

an

p

an

=

p1n=0

m

p

m (since multiplication by a only permutes the elements)

= g1

a

p

a

p

ga =

a

p

g1

a2

p

ga = ga =

a

p

g1

which proves the lemma.

Proposition 9.4.4.

g2a = p(1)p1

2 (9.11)

Proof. Consider,p1a=0

gaga (9.12)

We have gaga =

ap

g1

ap

g1 =

1p

a2

p

g21 = (1)

p12 g21. Therefore,

p1

a=0

gaga =

p1

a=1

gaga

=

p1a=0

(1)p12 g21

= (1)p12 g21(p 1)


30/32


Now we will evaluate this sum in a another way,

p1a=0

gaga =

p1a=0

p1n=0

p1m=0

n

p

m

p

a(nm)

=

p1

a=0

p1

n=0

p1

m=0

nmp

(m, n)

=

p1n=0

p1m=0

mn

p

p1a=0

(m, n)

=

p1n=0

p1m=0

p((m, n))

=

p1n=0

a2

p

p

= p(p 1)

Combining both the evaluations,

(1)p12 g21(p 1) = p(p 1)

(1)p12 g2a = p

g2a = p(1)p12

which was precisely required.

For p, q distinct odd primes, p

q

= (1)

p12

q12

q

p

(9.13)

Proof of Quadratic Reciprocity Theorem employs many of the machinaries we have so far

developed. Set p = (1)p12 p. Then,

p = g21 = g2 (9.14)

Now by Eulers Criterion,

(p)q12

p

q

mod q (9.15)

Observe that,

gq1 = (g2)q12 = (p)

q12 (9.16)

Substitute 16 in 15 to obatain,

gq g

p

q

mod q (9.17)

Note that in Z[],

q| gq g

p

q

(9.18)


31/32


Consider the ring Z[](q)

having characteristic q, then

gq =

p1n=0

n

p

n

q=

p1n=0

n

p

qnq = gq (9.19)

Now ga =

ap

g1, which gives,

gq

a

p

g mod q (9.20)

17,19 and 20 gives, q

p

g g

p

q

mod q

q

p

=

p

q

(9.21)

The last step is since g2 = p and p = q. Conclusively,

p

q

=

(1)

p12

pq

=

(1)

p12

q

p

q

=

1

q

p12

p

q

= (1)p12

q12

p

q

q

p

= (1)p1

2

q1

2p

q



32/32

Bibliography

[1] Ivan Niven, Herbert S Suckerman and Hugh L Montgomery An Introduction To The Theory

Of Numbers. New York: Wiley 5th Edition, 2008.

[2] Kenneth Ireland and Michael Rosen, A Classical Introduction To Modern Number Theory.

Springer Verlag New York, Inc. Second Edition, 1990

Notes on Number Theory

Documents

Transcript of Notes on Number Theory