Module 5: Basic Number Theory

Theme 1: Division
Given two integers, say

and , the quotient

may or may not be an integer (e.g.,

but

). Number theory concerns the former case, and discovers criteria upon which one can

decide about divisibility of two integers. More formally, for

we say that

divides if there is another integer

such that

and we write

. In short: if and only if

This simple denition leads to many properties of divisibility. For example, let us establish the following lemma. Lemma 1 If and , then
.

Proof. We give a direct proof. From the denition of divisibility and the hypotheses we know that there are integers and such that

Hence

Since is an integer, we prove that

Exercise 5A: Prove the following two facts: 1. If 2. If , then and for all integers . , then .

We already noted that an integer may be or not divisible by another integer. However, when dividing one number by another there is always a quotient and a remainder. More precisely, if are positive integers then there is a unique and such that and

where

is a remainder. Observe that the remainder can take only

values

Theme 2: Primes
Primes numbers occupy very prominent role in number theory. A prime number is an integer greater than that is divisible only by and itself. A number that is not prime is called composite. Example 1: The primes less than are:

How many primes are there? We rst prove that there are innite number of primes. Theorem 1. There are innite number of primes. Proof. We provide a proof by contradiction. Actually, it is due to Euclid and it is more than 2000 years old. Let us assume that there is a nite number of primes, say, Construct another number

where is the

largest prime (there is the largest prime since we assumed there are only nitely many of them).

which is a product of all primes plus one. First, observe that none of the primes

can divide , since the remainder of dividing by any of the primes is equal to . Since every number, including , is divisible by at least two numbers, and itself, there must be another prime, possible itself, that is not among the primes

. This contradicts the assumption that

are the only primes.

But how many primes are there smaller than , where is a xed number. This is a very difcult

problem that was solved only in the last century. Basically, there are approximately about primes smaller than . For example, there are primes smaller than , and as the Fundamental Theorem of Arithmetics and we will prove it below. Example 2: Observe that
.

Primes are important since every integer can be represented as a product of primes. This is known

Theorem 2. [Fundamental Theorem of Arithmetics ] Every positive integer can be written uniquely as the product of primes where the prime factors are written in order of increasing size, that is, if is a natural numbers and

are distinct primes, then

where

are exponents of (i.e., the number of times occurs in the factorization of ).

Proof. We give an indirect proof. Let us assume that there are two different prime factorizations of

, say
where

are primes. Since we factorize the same number we must have

We rst prove that

, then can not divide any of the primes (we say ). Indeed, since and are primes, none of them equal, then they must be relatively prime. But, then cannot divide which is nonsense since . Thus, we must conclude that . Now we prove that that we just established above. Again, assume provided contrary that . Then after dividing everything by we obtain , say ,

. If that is relatively prime to all

But then the right-hand side of the above is divisible by while the left-hand side is not, which is impossible since there is an equality sign between the left-hand side and the right-hand side of the above. This completes the proof. How to nd out whether an integer is a prime or not? Unfortunately, there is no fast way of doing it (i.e., there is no efcient algorithm), but one can use some properties of primes and composite numbers to speed up the process. Here is one useful result. Lemma 2.If is a composite integer, then has a prime divisor less than or equal to Proof. Since is a composite integer, it must have a factor where
is an integer. Let us now assume contrary that

such that

and . But then

, that is,

. We must conclude that has at

which is the desired contradiction since we assumed that

least one divisor not exceeding .

This divisor is prime or not. If it is not prime, it must have a

prime divisor, which certainly must be smaller than

We can use this lemma, in its contrapositive form, to decide whether is a prime or not. Indeed. the above lemma is equivalent to: if has no prime divisor less than or equal to prime number. 3

, then is a

Example 3: Let us show that is a prime number. If would be composite, then it has had prime divisor smaller than

. Primes smaller than are , and . None of it divides ,

thus it must be a prime number. There were several attempts to nd a systematic way of computing prime numbers. Euclid suggested that -st prime can be computed recursively as follows:

For example, the rst few numbers are

This is an example of a recurrence that we already encountered in the previous module. All numbers computed so far are primes. But, unfortunately,

is not a prime. In the seventeenth century, a French mathematician Marin Marsenne suggested that prime provided is prime. Unfortunately,

is

From now on we shall work under the assumption that there is no easy, simple and fast algorithm to compute prime numbers.

Theme 3: Greatest Common Divisor

The largest divisor that divides both and is called the greatest common divisor of and . It is denoted as

. Formally:

and

Example 4: What is the greatest common divisor of and . One way of nding it is to list all divisors of and and pick up the largest common to both lists. For example, divisors of divisors of

Thus

. Another, more systematic way is to do prime factorization of both numbers

and pick up the largest common factors. In our case,

Thus

Generalizing the last example, let

be prime factorizations with possible zero exponents. Then

where is the minimum of and . Indeed, take the last example to see that

Exercise 5B: Let us dene the least common multiple of and as the smallest positive integer that is divisible by both and . It is denoted as (e.g., any positive integers and
). Prove that for

We need some more denitions. Two integers, say and , may be composite but the only common divisor of both is . In such a case we say that and are relatively prime. More generally:

Denition 1. The integers

are pairwise relatively prime if

Unlike nding primes, there is an efcient algorithm (a procedure) that nds the greatest common divisor. We start with an example. Example 5: Find
. We rst divide by to nd

Observe that any divisor of and must also be a divisor of divisor of and so must be a divisor of and such that

, and vice versa any

then there are integers

. (Indeed, if

and

, hence

is a divisor of and ,

is divisible by .) Thus we concluded that

We now repeat this procedure: we divide by

to get
, and vice versa. This means that

Again any divisor of

and must be a divisor of

.

But

hence nally

and we conclude that

From the last example, we should conclude that the greatest common divisor of and

is the same as the greatest common divisor of and the remainder of the division of by (i.e.,

, where is an integer and ). Indeed, if is a divisor of and , then it must also divides , and vice versa if divides and , then it divides .
Therefore,

In previous modules we have used an abbreviation for a remainder. Indeed, we write

where

. This is called modular arithmetic and we will be devoted the next section it. For now, we just use the fact that the remainder can be also written as . Then the last
equation, can be expressed as

(1)

From the example above, we conclude that we can use (1) successively until we reach In summary, we design the following algorithm that computes A LGORITHM: The Euclidean Algorithm 6

 while
end

do

.
. According to the Euclidean algorithm we proceed as follows:

Example 6: Find

Theme 4: Modular Arithmetic

We have already seen in previous modules modular arithmetic. It is about the remainder of an integer when it is divided by another specic natural integer. It occurs in many applications (e.g., when counting time over a 24-hour clock since after 24:00 we have am, am, etc.). We start with a denition. Denition 2. (i) Let be an integer and be a positive integer. We denote by

the remainder when is divided by , that is,

where is an integer and

if divides . We shall write

(ii) Let and be integers and a positive integer. We say that is congruent to modulo

Example 7: We have

if and only if

If are are not congruent modulo , then we write

We also have

Exercise 5C: Find

. Is

The following result is useful when computing congruences. 7

Theorem 3. Let

and

. Then

(2) (3)

Proof. Since

and

, hence there are integers and such that

Therefore

which prove (2) and (3). Example 8: Let

and

. Then

and

From Theorem 3 we conclude that

. Then

(4) (5)

Identities (4)(5) are useful when one needs to compute modulo over large numbers or products of large numbers. For example, let
and

In fact, (5) is often used in the following form

Let us compute likely occur since

. If one tries to estimate this directly on a computer, overow will

is a huge number. But let us use (5). We rst represent the exponent as

We now compute

to each of the powers

and modulo . Here is the calculation

(observe how easy it is!):

Theme 5: Applications
We shall discuss here some applications of numbers theory, namely, hashing, pseudo random generators, and cryptosystems based on modular arithmetic.

Hashing
Often one needs a fast methods of locating a given record in a huge set of records. Hashing is a possible solution. It works as follows. Every record has a key, , which uniquely identies it. A hashing function maps the set of keys into the available memory locations. In practice, the most common hashing function is

where is the size of the memory. Example 9: Let

and let keys be social security numbers of students. In particular,

Observe that hashing is not one-to-one function, hence some records may be hashed into the same location. For example,

Thus two records are mapped into the location . Since this location was already occupied by the previous record, the new collided record is moved to the next empty location modulo our case, it is at memory location .
. In

Pseudo Random Number Generators

In many applications, including hashing, one needs to generate numbers that look randomly. For example, in hashing we want to spread out uniformly all records over the memory so to minimize the number of collisions. We should point out that most random generators compute deterministically numbers, therefore, we call them pseudo random generators. We require, however, that a statistical test applied to them will not distinguish these numbers from randomly generated numbers. The most common procedure to generate pseudo random numbers is the linear congruential method. In this method we choose (very carefully) the modulus , multiplier , increment , and seed with as

, and

. Then we generate recursively a sequence

with given. Observe that

, hence at most after generations a repetition occurs. Of

course, this is not good for random generations, and one must select very carefully the parameters , and (which should be large) to obtain a long sequence without a repetition. The following result is known. Theorem 4. [T. Hull and A. Dobel, 1962]The linear congruential generator has a full period (i.e., there is no repetition in the rst generations) if and only if the following three conditions hold: (i) Both and are relatively prime, that is,
.

(ii) If is a prime number that divides , then divides (iii) If divides , then divides

Cryptology
One of the most important application of congruences is in cryptology, which is a study of secret messages. The rst encryption algorithms were very simple. For example, Julius Caesar designed an encryption system by shifting each letter three letters in the alphabet. Mathematically speaking, in this case the encryption function is dened as

Then decryption is merely nding the inverse function

, which in this case is

The above encryption system is too easy to break. Therefore, in mid-1970 the concept of public key cryptosystem was introduced. In such a system, every person can have a publicly known encryption key to send encrypted message, but only those who have secret key can decrypt the message. We 10

describe below a system known as the RSA encryption system (RSA name is built from the initials of the inventors Rivest, Shamir and Adleman). In the RSA system, the message to be sent is rst transformed into an integer representing it (with some abuse of notation we denote such an integer by ). The RSA is based on modular exponentiation modulo of the product of two large primes, say and . Dene

and

In practice, and have digits each, thus has digits. Dene now an

exponent as

that is,

is relatively prime to

. The cipher text

of the original message is (6) dened as

computed as follows

The RSA decryption works as follows: We rst nd a number

The number is called inverse of modulo . It should be underlined that can be found fast (based on the Euclidean algorithm) only if one knows both primes and , not the product . Then, it can be proved (see below) that

, and one nds since

and

(7)

Example 10: Let us encrypt the message using the RSA with
.

. Thus
,

We now transform the message into its numerical equivalent (where

) and group them in pairs. We obtain

We will encrypt each of the two blocks separately. We have

Hence, the encrypted message is

. . Then (with

Now, to decrypt it, we rst nd the inverse . Using the Euclidean algorithm (and knowing

) we compute that

and

hence, we recover the original message. 11

Mathematics behind RSA

In this subsection, we present in some details mathematical ideas used in the construction of the RSA algorithm. Our main goal is to justify mathematically the decoding procedure (7). Let us start with introducing an inverse modulo . We say that

is an inverse of

modulo if

In order to compute the inverse, we must plunge into another aspect of number theory. We claim that for any positive and there exist integers and such that

(8)

We explain how to construct these two numbers on an example. Example 11: Let us use Euclidean algorithm to compute the algorithm as follows:
. We proceed according to

Thus

. To nd the representation (8) we work backward the Euclidean algorithm

starting from the next-to-last devision above, that is,

where

and

. Thus

and

in the representation (8). It is not much harder

to prove (8) in general terms. Now we can go back to the inverse modulo construction. Let us assume that

Then from the fact just proved we conclude that there must exist integers and such that

This certainly implies that

12

But since divides we conclude that

Consequently Theorem 5. If is the inverse of

and

modulo .

In summary, weve just established the following result.

(i.e., and are relatively prime), then an inverse of modulo exists and it is equal to in the following representation of

which can be found efciently by the Euclidean algorithm. Example 12: Lets nd the inverse of modulo . Since Euclidean algorithm gives:
, the inverse exists, and the

hence and the inverse of modulo

is equal to .

We need two more results before we can explain the decryption algorithm of RSA. The rst one goes back to ancient Chinese and Hindu mathematicians and it is known as the Chinese Remainder Theorem. Here is the problem: let Find a solution modulo

of the following system;

be pairwise relatively prime positive integers.

. . .

We now construct a solution to the above system of congruences. Let us dene for

Observe that that is,

. Therefore, by Theorem 5 there exists inverse of modulo ,

Let us now dene

13

(9)

We claim it is a simultaneous solution of the above system modulo . Indeed, we rst observe that

for

. But

since

. Thus we have shown that (9) is a simultaneous solution of the above

congruences. This is called the Chinese Remainder Theorem. Example 13: Solve

We have of
modulo 3,

and . We nd that is inverse

, and

is inverse of modulo , and

is an inverse of modulo .

Thus the solution of the above system of congruences

thus the solution

Finally, we quote (without a proof) the Fermat Little Theorem. Theorem 6. [Fermats Little Theorem] If is a prime number and is an integers not divisible by

, then

or equivalently

Now, we are ready to explain the decryption procedure (7) of the RSA algorithm. We recall that is inverse of modulo
, that is,

This implies that there is an integer

such that

Therefore by the Fermat theorem

14

and since

and by Fermats theorem. But

, hence it

follows from the Chinese Remainder Theorem that

as desired.

15

Assignment 5.1: Basic Number Theory Problems

Each assignment is worth 10 points. 1. Show that if and
are integers such that , then

2. Find the prime factorization of . 3. Use the Euclidean algorithm to nd (a) (b)
, .

4. Find an inverse of modulo . 5. Encrypt the message ATTACK using the RSA system with each letter into integers (where did in our Example 10.
,

and

, translating

) and grouping pairs of integers, as we

16

Solutions to Exercises
Solution to Exercise 5A We rst prove that if such that and such that , then and and for all integers . Indeed, since there must be an integer

. This implies

, hence

for any integer .

Now we prove if

, then

. From the hypotheses we conclude that there are integers

. Therefore,

, hence

17