An open door to number theory 9781470443481, 1470443481


260 66 2MB

English Pages xii, 283 pages; 26 cm [297] Year 2018

Report DMCA / Copyright

DOWNLOAD PDF FILE

Table of contents :
Cover......Page 1
Title page......Page 4
Contents......Page 8
Preface......Page 12
1. Number systems......Page 14
2. Rings and fields......Page 16
3. Some fundamental facts about \Z and \N......Page 20
4. Proofs by induction......Page 26
5. The binomial theorem......Page 31
6. The fundamental theorem of arithmetic (foreshadowing)......Page 39
7. Divisibility......Page 42
8. Greatest common divisors......Page 44
9. The Euclidean algorithm......Page 46
10. The amazing array......Page 52
11. Convergents......Page 55
12. The amazing super-array......Page 62
13. The modified division algorithm......Page 69
14. Why does the amazing array work?......Page 71
15. Primes......Page 74
16. The proof of the fundamental theorem of arithmetic......Page 77
17. Unique factorization in other rings......Page 81
18. The integers mod ��, \Z/��\Z......Page 84
19. Congruences......Page 89
20. Units and zero-divisors in \Z/��\Z......Page 94
21. Cancellation law in \Z/��\Z......Page 98
22. Solving linear equations in \Z/��\Z......Page 100
23. Solving polynomial equations in \Z/��\Z......Page 101
24. Solving systems of linear equations in \Z/��\Z......Page 108
25. Lifting roots in \Z/��ⁿ\Z......Page 116
26. Wilson’s theorem and its converse......Page 121
27. Calculating ��(��)......Page 123
28. Euler’s and Fermat’s theorems......Page 128
29. The order of an integer modulo ��......Page 131
30. Divisibility tests......Page 135
31. Divisibility in \Z[��]......Page 140
32. The Euclidean algorithm in \Z[��]......Page 143
33. Unique factorization in \Z[��]......Page 148
34. The structure of \Z[√2]......Page 151
35. The Euclidean algorithm in \Z[√��]......Page 153
36. Factoring in \Z[��]......Page 157
37. The primes in \Z[��]......Page 162
38. The distribution of primes in \Z......Page 166
39. Perfect squares......Page 170
40. Quadratic residues......Page 173
41. Calculating the Legendre symbol (hard way)......Page 180
42. The arithmetic of \Z[√-2] and the Legendre symbol \Leg{-2}��......Page 182
43. Gauss’s lemma......Page 184
44. Calculating the Legendre symbol (easier way)......Page 187
45. The arithmetic of \Z[√-3]......Page 193
46. The arithmetic of \Z[��]......Page 195
47. Calculating the Legendre symbol (easiest way)......Page 206
48. The Jacobi symbol......Page 210
49. When \Z/��\Z has a primitive root......Page 216
50. Minkowski’s theorem (geometry in the aid of algebra)......Page 221
Appendix A. Tables......Page 236
Appendix B. Projects......Page 246
Bibliography......Page 292
Index......Page 294
Back Cover......Page 297
Recommend Papers

An open door to number theory
 9781470443481, 1470443481

  • 0 0 0
  • Like this paper and download? You can publish your own PDF file online for free in a few minutes! Sign Up
File loading please wait...
Citation preview

AMS / MAA

TEXTBOOKS

An Open Door to Number Theory Duff Campbell

VOL 39

An Open Door to Number Theory

AMS / MAA

TEXTBOOKS

VOL 39

An Open Door to Number Theory Duff Campbell

Providence, Rhode Island

Committee on Books Jennifer J. Quinn, Chair MAA Textbooks Editorial Board Stanley E. Seltzer, Editor Bela Bajnok Matthias Beck Otto Bretscher Heather Ann Dye

William Robert Green John Lorch Charles R. Hampton Virginia A. Noonburg Jacqueline A. Jensen-Vallin Jeffrey L. Stuart Suzanne Lynne Larson Ruth Vanderpool

2010 Mathematics Subject Classification. Primary 11-01, 11A05, 11A07, 11A15, 11A41, 11A51, 11A55.

For additional information and updates on this book, visit www.ams.org/bookpages/text-39

The cover photograph is courtesy of Kristin McCullough/Moonlight Photography. All illustrations in this book were made by the author using Mathematica software.

Library of Congress Cataloging-in-Publication Data Names: Campbell, Duff, 1959– author. Title: An open door to number theory / Duff Campbell. Description: Providence, Rhode Island: MAA Press, an imprint of the American Mathematical Society, [2018] | Series: AMS/MAA textbooks; volume 39 | Includes bibliographical references and index. Identifiers: LCCN 2017055802 | ISBN 9781470443481 (alk. paper) Subjects: LCSH: Number theory–Textbooks. | AMS: Number theory – Instructional exposition (textbooks, tutorial papers, etc.). msc | Number theory – Elementary number theory – Multiplicative structure; Euclidean algorithm; greatest common divisors. msc | Number theory – Elementary number theory – Congruences; primitive roots; residue systems. msc | Number theory – Elementary number theory – Power residues, reciprocity. msc | Number theory – Elementary number theory – Primes. msc | Number theory – Elementary number theory – Factorization; primality. msc | Number theory – Elementary number theory – Continued fractions. msc Classification: LCC QA241 .C2725 2018 | DDC 512.7/2–dc23 LC record available at https://lccn.loc.gov/2017055802 Color graphic policy. Any graphics created in color will be rendered in grayscale for the printed version unless color printing is authorized by the Publisher. In general, color graphics will appear in color in the online version. Copying and reprinting. Individual readers of this publication, and nonprofit libraries acting for them, are permitted to make fair use of the material, such as to copy select pages for use in teaching or research. Permission is granted to quote brief passages from this publication in reviews, provided the customary acknowledgment of the source is given. Republication, systematic copying, or multiple reproduction of any material in this publication is permitted only under license from the American Mathematical Society. Requests for permission to reuse portions of AMS publication content are handled by the Copyright Clearance Center. For more information, please visit www.ams.org/publications/pubpermissions. Send requests for translation rights and licensed reprints to [email protected]. c 2018 by the American Mathematical Society. All rights reserved.  The American Mathematical Society retains all rights except those granted to the United States Government. Printed in the United States of America. ∞ The paper used in this book is acid-free and falls within the guidelines 

established to ensure permanence and durability. Visit the AMS home page at http://www.ams.org/ 10 9 8 7 6 5 4 3 2 1

23 22 21 20 19 18

To my grandfather, LeRoy Archer Campbell

Contents 1 The Integers, Z

1

1

Number systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

1

2

Rings and fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

3

3

Some fundamental facts about Z and N . . . . . . . . . . . . . . . .

7

4

Proofs by induction . . . . . . . . . . . . . . . . . . . . . . . . . . . .

13

5

The binomial theorem . . . . . . . . . . . . . . . . . . . . . . . . . .

18

6

The fundamental theorem of arithmetic (foreshadowing) . . . . . . .

26

7

Divisibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

29

8

Greatest common divisors . . . . . . . . . . . . . . . . . . . . . . . .

31

9

The Euclidean algorithm . . . . . . . . . . . . . . . . . . . . . . . . .

33

10

The amazing array . . . . . . . . . . . . . . . . . . . . . . . . . . . .

39

11

Convergents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

42

12

The amazing super-array

. . . . . . . . . . . . . . . . . . . . . . . .

49

13

The modified division algorithm . . . . . . . . . . . . . . . . . . . . .

56

14

Why does the amazing array work? . . . . . . . . . . . . . . . . . . .

58

15

Primes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

61

16

The proof of the fundamental theorem of arithmetic . . . . . . . . .

64

17

Unique factorization in other rings . . . . . . . . . . . . . . . . . . .

68

2 Modular Arithmetic in Z/mZ 18

71

The integers mod m, Z/mZ . . . . . . . . . . . . . . . . . . . . . . . vii

71

viii

Contents 19

Congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

76

20

Units and zero-divisors in Z/mZ . . . . . . . . . . . . . . . . . . . .

81

21

Cancellation law in Z/mZ . . . . . . . . . . . . . . . . . . . . . . . .

85

22

Solving linear equations in Z/mZ . . . . . . . . . . . . . . . . . . . .

87

23

Solving polynomial equations in Z/mZ . . . . . . . . . . . . . . . . .

88

24

Solving systems of linear equations in Z/mZ . . . . . . . . . . . . . .

95

25

Lifting roots in Z/pn Z . . . . . . . . . . . . . . . . . . . . . . . . . . 103

26

Wilson’s theorem and its converse . . . . . . . . . . . . . . . . . . . 108

27

Calculating ϕ(n) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

28

Euler’s and Fermat’s theorems . . . . . . . . . . . . . . . . . . . . . 115

29

The order of an integer modulo m . . . . . . . . . . . . . . . . . . . 118

30

Divisibility tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

√ 3 Quadratic Extensions of the Integers, Z[ d]

127

31

Divisibility in Z[i] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

32

The Euclidean algorithm in Z[i] . . . . . . . . . . . . . . . . . . . . . 130

33

35

Unique factorization in Z[i] . . . . . . . . . . . . . . . . . . . . . . . 135 √ The structure of Z[ 2] . . . . . . . . . . . . . . . . . . . . . . . . . . 138 √ The Euclidean algorithm in Z[ d] . . . . . . . . . . . . . . . . . . . 140

36

Factoring in Z[i] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

37

The primes in Z[i] . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

34

4 An Interlude of Analytic Number Theory 38

153

The distribution of primes in Z . . . . . . . . . . . . . . . . . . . . . 153

5 Quadratic Residues

157

39

Perfect squares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

40

Quadratic residues . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

41

Calculating the Legendre symbol (hard way) . . . . . . . . . . . . . 167

Contents

ix

42

  √ . . . . . . 169 The arithmetic of Z[ −2] and the Legendre symbol −2 p

43

Gauss’s lemma . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171

44 45

Calculating the Legendre symbol (easier way) . . . . . . . . . . . . . 174 √ The arithmetic of Z[ −3] . . . . . . . . . . . . . . . . . . . . . . . . 180

46

The arithmetic of Z[ρ] . . . . . . . . . . . . . . . . . . . . . . . . . . 182

47

Calculating the Legendre symbol (easiest way) . . . . . . . . . . . . 193

48

The Jacobi symbol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

6 Further Topics

203

49

When Z/nZ has a primitive root . . . . . . . . . . . . . . . . . . . . 203

50

Minkowski’s theorem (geometry in the aid of algebra) . . . . . . . . 208

Appendix A Tables

223

Appendix B Projects

233

Bibliography

279

Index

281

Preface One of my graduate school professors said, on the first day of our number theory course, that in other courses he could adapt himself to some standard texts in the field, but in number theory, which was his discipline, he needed to present the material in the way he thought best, which would not match any textbook. This book grew slowly, over many years, as I wrestled with how to present number theory in the way that I saw it, and no existing textbook could fit that vision. Number theory is the study of the integers, which can make it sound easy and shallow. It isn’t. Kronecker said, “God made the integers, all else is the work of man.” Leaving God out of it, one thing having children has taught me is that the natural numbers (1, 2, 3, . . . ) are in fact very natural to human beings. We count things, automatically, from a very early age. More complicated operations like addition and multiplication come along later, but the integers provide a very comfortable place for calculations. Thus one of the themes of this book is to emphasize not just theory, but also actual calculations with numbers. I have always been a generalist in mathematics, and one aspect that attracted me to number theory is how, though firmly set in the algebra part of mathematics, number theorists have always reached out to use other branches of mathematics: geometry, real and complex analysis, differential topology, functional analysis, etc. Particularly in the projects, I have tried to show how number theorists use these tools from other areas of mathematics. This text is intended for a one-semester course in what is often called elementary number theory; its intended audience is students at the sophomore or junior level in college who may not have taken abstract algebra but who have some knowledge of what it means to write a proof. I try to cover essentially the whole book during a semester-long course, but I would consider Sections 12, 14, 29, 30, 38, 48, 49, and 50 optional. (I personally sacrifice other aspects of the book in order to get to Section 50 at the end.) I have tried to put as much as possible into the exercises, since we learn best by doing things ourselves. On a similar note, I have included nine projects; I usually assign four during a semester-long course. The projects are intended to give students an opportunity to wrestle with larger problems than they might see in the exercises, and also to give some exposure to topics not normally covered in an undergraduate course. At least two possible projects are missing at present: a project on elliptic curves and another on quadratic forms. The former is difficult to introduce without some preliminaries (and definitions) from abstract algebra; writing the latter eluded me, though there are so many exercises involving quadratic forms throughout the book that I think their importance has been made clear. xi

xii

Preface

Readers of this book may be surprised, disappointed, or puzzled to see very little of the history of number theory, or biographies of mathematicians, included. Such extra material is traditional in a book of this sort, but I have decided to omit it. Partly that is because there are so many great resources available nowadays. Please do visit, for example, the excellent website at the University of St. Andrews. Sir Isaac Newton said, “If I have seen further it is by standing on the shoulders of giants,” and that is certainly how I feel about this book. I am indebted to any number of people whom I have learned from: professors such as Andrew Wiles, Barry Mazur, David Rohrlich, and Ralph Greenberg; authors such as Tom Apostol, Harold Edwards, G. H. Hardy and E. M. Wright, Erich Hecke, Neal Koblitz, and Daniel Marcus; friends and peers such as Patricia Pacelli, Ryota Matsuura, Michelle Manes, Mike King, and Caleb Shor; and all the students who have studied number theory with me at Boston University, West Point, and Hendrix College. A special thank you goes to Olivier Kwizera, who helped tremendously with writing a solutions manual for this textbook. Above all I would like to mention my dissertation advisor, Glenn Stevens, who knows what a debt this book and I owe to him; and Deb Hughes Hallett and Paul Blanchard, who despite showing me how much work it is to author a textbook, inspired me to follow them down that same difficult path. I couldn’t have written this book without a lot of inspiration from all of these people and many others. I would also like to thank my wife, Beth Levi, and my children, Eva and Rafael, for their love and support. Finally, I thank Hendrix College: teaching here has been a joy, and my sabbaticals in 2006 and especially 2014 were just what I needed to finish this book. I very much appreciate the support and encouragement I have gotten here over the last seventeen years. Duff Campbell Hendrix College Notation We will use the following in this book; see your instructor if you don’t understand something here. =⇒ means “implies” ⇐⇒ means “if and only if” so each side implies the other (two proofs) ∈ means “is an element of” ⊆ means “is a subset of” ∀ means “for all” ∃ means “there exists”  means “add up all such things,” depending on the limits at the top and bottom means “multiply all such things,” depending on the limits at the top and bottom f : D → C means that f is a function from the domain, D, to the co-domain, C, so f takes in elements of the set D as inputs, and then outputs elements of the set C x means “round x down to the nearest integer ≤ x” In this book we will use to mark the ends of proofs. The symbol will mark the ends of examples.

Chapter 1

The Integers, Z 1

Number systems

When humans first started using numbers, they probably used the counting or natural numbers, N, first. These are the numbers in the set N = {1, 2, 3, . . .}. With these numbers one can do many useful things, like count cattle, levy taxes, or build pyramids and temples; also mathematical things like add and multiply, but we can’t always subtract. What is 5 − 5? We need a new number, call it zero, to mean nothing. Then we get the whole numbers, W = {0, 1, 2, 3, . . .}. Now we still have trouble subtracting—what is 6−9? So we invent negative integers and call the new system the integers: Z = {. . . , −3, −2, −1, 0, 1, 2, 3, . . .}. The symbol Z is from Zahlen, German for “number.” Now we can add, subtract, and multiply, but we can’t always divide: 6 ÷ 3 = 2, but 6 ÷ 5 = ? So we invent fractions, or rational numbers:   p Q= : p, q in Z, q = 0 . q (Actually, this definition is incomplete, since, for instance, 36 is considered to be the same number as 12 , but we will ignore that complication for now.) Using Q, we can solve equations like 3x − 7 = 0, but what about x3 − 7 = 0? If we throw in all√solutions to all polynomial equations (with integer coefficients), we get things like 3 7, which are called roots, or more complicated numbers like  √ √ 4 5− 43 + 2 − 85 8 √ . 3+2 1

Chapter 1. The Integers, Z

2

Those are the algebraic numbers, denoted A or Q, which is where most algebraic number theory in fact occurs. But there are other ways of proceeding from Q. What is π? It doesn’t solve a polynomial equation with integer coefficients, so it isn’t “an algebraic number”, but we can find (or approximate) it on the number line. We write π = 3.1415926 . . . to mean that the rational numbers 3, 3.1, 3.14, 3.141, etc., approach π as a limit. This is the basis for calculus and analysis, the idea of a limit. This fills in the holes in Q and gives us the real numbers R = {all real numbers} = {x : −∞ < x < ∞}. So when proceeding from Q we have two choices: fill in the algebraic holes, or fill in the geometric holes. We can fill in these holes in either order; if we do both, we will get the complex numbers, C. Define √ i ∈ A as a solution to the equation x2 + 1 = 0, so i can be thought of as i = −1. It turns out that we can picture C as a two-dimensional plane and write C

= {a + bi : a and b are real numbers} = {a + bi : a, b in R},

where a + bi corresponds to the point (a, b) in the plane. Each set of numbers N, W, Z, Q, A, R, is a subset of C (see Figure 1). In this book we are mainly going to be concerned with N, Z, and number systems that are related to them. Some of these number systems are subsets of C, but some are not. C @ @ @

A @ @

@

R

Q

Z

W

N

Figure 1: A hierarchy of sets

2. Rings and fields

3

Exercises 1. Write a precise definition of the set of rational numbers. Include in your definition formulas for the addition, subtraction, multiplication, and division of two rational numbers. √ √ √ √ 2. Show that 2, 3, and 2 + 3 are algebraic numbers by finding three polynomials with integer coefficients for which these numbers are roots. √ √ a 3. Show that 2 ∈ Q by ruling out the possibility that 2 = for integers a b and b. Why may you assume that a and b are not both even? 4. Show that if n is an odd integer, then n2 − 1 is an integral multiple of 8.

2

Rings and fields

To formalize two concepts you have encountered many times in your mathematical career, we define rings and then fields. Definition 1 A ring R is a set of objects (numbers) with two operations (usually called “addition” and “multiplication”) and seven properties: 1. Closure under addition: a + b ∈ R for all a, b ∈ R. 2. Closure under multiplication: a · b ∈ R for all a, b ∈ R. 3. Existence of the additive identity (zero): there is 0 ∈ R such that 0 + a = a for all a ∈ R. 4. Existence of additive inverses: for each a ∈ R, there exists b ∈ R such that a + b = 0. 5. Commutativity of addition: a + b = b + a for all a, b ∈ R. 6. Associativity: (a + b) + c = a + (b + c) and (a · b) · c = a · (b · c) for all a, b, c ∈ R. 7. The distributive laws: a · (b + c) = a · b + a · c and (b + c) · a = b · a + c · a for all a, b, c ∈ R. If, moreover, we have 8. Existence of the multiplicative identity (one): there is 1 ∈ R, such that 1 · a = a · 1 = a for all a ∈ R, then R is called a ring with identity.

Chapter 1. The Integers, Z

4

The sets Z, Q, R, A, and C are all examples of rings with identity, as is the set of n × n matrices with entries in Z (or in Q, or in R, or in A, or in C). In general, the ring of n × n matrices with entries in a ring R is denoted Mn (R). An example of a ring without identity is 2Z, the set of even numbers. You may also know about a set that is almost a ring, with different operations than what you might think of at first: the set of vectors in three-space, R3 , with vector addition and the cross-product; but there we have a problem with associativity: in general, (a × b)×c = a×(b × c). An unfamiliar ring is the set of subsets of some fixed finite set M , with operations set intersection, ∩, and symmetric difference, . Sometimes we have another property: 9. Commutativity of multiplication: a · b = b · a for all a, b ∈ R. If we have properties 8 and 9 we call R a commutative ring with identity. (You should already have seen the non-commutative rings Mn (Z) and Mn (R).)

In this book, when we say ring, we will mean commutative ring with identity (unless specifically excepted). Although our definition doesn’t talk about subtraction, we can define a − b in Definition 2 Given a, b in a ring R, we define −b (pronounced “negative bee”) as notation for the additive inverse of b. Further, we define subtraction, a − b, as a − b = a + (−b). It is a straightforward consequence of the definitions that additive and multiplicative identities are unique and that every element has exactly one additive inverse. (See exercises.) We need two further definitions. Definition 3 In a commutative ring with identity R, an element u is a unit if it has a multiplicative inverse: if there exists v ∈ R such that u · v = 1. The multiplicative inverse of u is often denoted u−1 . Definition 4 A commutative ring with identity, R, is called a field if all nonzero elements are units. There is an additional, technical requirement that the multiplicative identity and the additive identity be different (0 = 1). A consequence of this definition is that in fields, you can always divide (except by zero): a ÷ b is defined to be a · b−1 . In fact, my mental shorthand for “ring” is “a set where one can add, subtract, and multiply,” while the equivalent for “field” is “a set where one can add, subtract, multiply (commutatively), and divide.” This is just

2. Rings and fields

5

shorthand, as it is imprecise and leaves out some crucial facts like distributivity, but it captures the essence of the definitions. Some of the number systems we mentioned earlier are rings, some are fields, some are neither: which is which for N, W, Z, Q, A, R, C? In rings that are not fields, we will be particularly interested in the units—how many there are, how they multiply together, how they can be written explicitly, etc. What are the units in Z, for instance? in Q? Two examples of rings that you are familiar with are the polynomial rings Z[x] and R[x]: Z[x] = {all polynomials in the variable x whose coefficients are integers} and R[x] = {all polynomials in the variable x whose coefficients are real numbers}. In general, the notation R[x] where R is a ring means R[x]

= {all polynomials in the variable x whose coefficients are elements of R} n

= ai xi : n ∈ W, ai ∈ R . i=0

We will use these polynomial rings at various times in our study of number theory, √ but even more often we will look at some closely related rings, for instance Z[ 2] and√Z[i], which you can think of as polynomials with integer coefficients and powers of 2 or polynomials with integer coefficients and powers of i. Of course since √ 2 2 = 2 is an integer, we really don’t have to worry about any powers higher than the first: for example, if we start with the polynomial 3x3 − 5x2 + x − 7 and √ replace each x with 2, we get √ 2 √ 1 √ 3 √ √ √ 2 −5 2 + 2 − 7 = 6 2 − 10 + 2 − 7 = 7 2 − 17. 3 So we really have the following definition: √ √ Z[ 2] = {a + b 2 ∈ R : a and b are integers}. By similar reasoning, we can see that √ √ √ 3 3 3 Z[ 2] = {a + b 2 + c( 2)2 ∈ R : a, b, and c are integers}. Similarly, since i2 = −1 ∈ Z, we get Z[i] = {a + bi ∈ C : a and b are integers}. The ring Z[i] will play a fundamental rule in this book; it is known as the ring of Gaussian integers in honor of Carl Friedrich Gauss, who studied them extensively. We will explore Z[i] quite thoroughly, but just to show you that things are very different than they are in Z, we will multiply out (1 + 2i)(1 − 2i): what do you get? You should get 5 if you do this correctly; so what? The point is that in Z we know that 5 is a prime, which cannot be factored; yet we have just seen that in Z[i], which contains Z, 5 is no longer prime! So the differences start showing up immediately.

Chapter 1. The Integers, Z

6

Exercises 1. Show that in any ring R, the additive identity, 0, is unique. You might start by assuming there are two such elements, 0 and ˆ0. 2. Show that in any ring R, each element has a unique additive inverse (thus the notation −a is unambiguous). 3. Suppose u is a unit in R, a ring. Show that the inverse of u is unique (thus the notation u−1 is unambiguous). 4. Let R be a ring. Using the definition given for R[x], namely that

R[x] =

n

ai x : n ∈ W, ai ∈ R , i

i=0

define f + g and f − g and f · g for elements f , g ∈ R[x]. Also write the additive inverse of f . 5. Below is a list of the primes between 2 and 100. I have indicated which of them can be written in the form p = x2 + y 2 , for x, y ∈ Z, as well as which can be written as p = x2 − 2y 2 , which as p = x2 + 2y 2 , and which as p = x2 + 3y 2 . Fill out the fourth column to indicate which primes can be written as p = x2 − 3y 2 . Then conjecture a separate rule for each quadratic form.

Prime 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67

p = x2 + y 2 ? yes

p = x2 − 2y 2 ? yes

p = x2 + 2y 2 ? yes yes

p = x2 − 3y 2 ?

p = x2 + 3y 2 ? yes

yes yes

yes yes

yes yes

yes yes

yes yes

yes

yes yes yes yes yes

yes

yes yes yes yes

yes

yes yes yes yes yes

yes yes

continued on next page

3. Some fundamental facts about Z and N

7

continued from previous page Prime 71 73 79 83 89 97

p = x2 + y 2 ? yes

p = x2 − 2y 2 ? yes yes yes

yes yes

p = x2 + 2y 2 ?

yes yes

p = x2 − 3y 2 ?

yes yes yes yes

p = x2 + 3y 2 ? yes yes

yes

You may find the following lists helpful. Perfect squares: 1, 4, 9, 16, 25, 36, 49, 64, 81, 100, 121, 144, 169, 196, 225, 256, 289, 324, 361, 400, 441, 484, 529, 576, 625, 676, 729, 784, 841, 900, . . . 2y 2 = 2, 8, 18, 32, 50, 72, 98, 128, 162, 200, 242, 288, 338, 392, 450, 512, 578, 648, 722, 800, 882, 968, 1058, 1152, 1250, 1352, 1458, 1568, 1682, 1800, . . . 3y 2 = 3, 12, 27, 48, 75, 108, 147, 192, 243, 300, 363, 432, 507, 588, 675, 768, 867, 972, 1083, 1200, 1323, 1452, 1587, 1728, 1875, 2028, 2187, 2352, 2523, 2700, . . .

3

Some fundamental facts about Z and N

To get the study of number theory going, we need to really nail down the ring Z. So far, we know it is a commutative ring with identity. But there are many such rings. Which one, exactly, is Z? We start with an axiom (“trichotomy” means “cut into three,” from the Greek): Trichotomy Axiom: In Z, there is a non-empty subset N (the set of positive integers) that is closed under addition and multiplication, and for any integer a, one and only one of the following is true: a ∈ N, that is, “a is positive”; a = 0; −a ∈ N, that is, “a is negative.” √ This distinguished set still isn’t enough to distinguish Z from Q, R, or even Z[ 2], but the next axiom (our last!) does. First we need a definition:

Definition 5 We say of two integers a and b that “a is greater than b,” written a > b, ⇐⇒ a − b ∈ N. We also have ⎧ ⎫ ⎨ a>b ⎬ or a ≥ b ⇐⇒ ; ⎩ ⎭ a=b a < b ⇐⇒ b − a ∈ N;

Chapter 1. The Integers, Z

8 ⎧ ⎫ ⎨ a 0} 2. a > b and b > c =⇒ a > c 3. a > b and c > 0 =⇒ ac > bc 4. there are no integers between 0 and 1 5. If a = 0 then a2 > 0 6. Given a, b > 0, we have a > b ⇐⇒ a2 ⎧ ⎨ a and b are in N or 7. a · b ∈ N ⇐⇒ ⎩ −a and −b are in N

> b2 ⎫ ⎬ ⎭

8. The only units in Z are ±1.

Proof . The proofs of 3 and 6 are left to the reader. 1. This is obvious, from the definition of the symbols > and 0. 2. a > b and b > c =⇒ a−b ∈ N and b−c ∈ N. Thus a−c = (a−b)+(b−c) ∈ N by closure, so a > c. 4. We know that 1 ∈ N, so N is a non-empty subset of N. Thus N has a smallest element by the well-ordering principle. Call this smallest element s. We have 0 < s by part 1. If s < 1, then we would have 0 < s < 1 and so, multiplying by s, we get 0 < s2 < s by part 2. But s2 ∈ N since N is closed under multiplication; this is a contradiction to the fact that s is the smallest element in N. Thus we must have s ≥ 1, and since 1 ∈ N we can’t have s > 1. Thus s = 1 and we see that 1 is the smallest integer larger than zero. Thus there are no integers between 0 and 1. 5. Clear from the nine-case box on page 10. 7. Proved earlier.

Chapter 1. The Integers, Z

12

8. Let u be a positive unit in Z, so u > 0 and u · v = 1 for some v ∈ Z. Then by part 7, we know v > 0 also. If u > 1 then we get 1 = u·v > 1·v = v > 0, which contradicts the fact that there are no integers between 0 and 1. Similarly, we cannot have u < 1; thus we must have u = 1, and so v = 1. Thus 1 is the only positive unit. However, 1 = u · v = (−u) · (−v) so if u is a unit, then −u is also. Thus if u is a negative unit, then −u is a positive unit =⇒ −u = 1 =⇒ u = −1 and so the only negative unit is −1. Zero cannot be a unit since 0 · v = 0 = 1; thus the only units in Z are ±1.

Exercises 1. Prove that, for a, b, and c ∈ Z, a > b and c > 0 =⇒ ac > bc (part 3 of Proposition 2). 2. Given a, b ∈ N, we have a > b ⇐⇒ a2 > b2 (part 6 of Proposition 2). 3. Suppose S ⊆ Z[i] is closed under addition and multiplication, and that Z[i] has trichotomy: for any non-zero z ∈ Z[i], z ∈ S or −z ∈ S (but not both). By considering the numbers 1, −1, i, and −i, show that the existence of such a subset S is impossible. 4. Suppose that an integer n can be written in the form n = a2 + b2 , where a, b ∈ Z. (a) Prove that n ≥ 0. (b) Prove that n = 0 ⇐⇒ a = b = 0. (c) Show that if n > 0, then there are at least three other ways to write n as a sum of squared integers. 5. Suppose that an integer n can be written in the form n = a2 − ab + b2 , where a, b ∈ Z. (a) Prove that n ≥ 0. (b) Prove that n = 0 ⇐⇒ a = b = 0. (c) Show that if n > 0, then there are at least five other ways to write n in the form n = X 2 − XY + Y 2 , including n = b2 − b(b − a) + (b − a)2 and n = (a − b)2 − (a − b)a + a2 . 6. Suppose that n ∈ N, and there is some interesting fact about n that makes n unique: for example, 6 is the smallest positive integer that is the sum of its positive proper divisors (6 = 1 + 2 + 3). Or, 2 is the only even prime (which is not very surprising if you think about what “even” means), or, better yet, 2 is the smallest positive prime. We will call such positive integers interesting. (a) Use the well-ordering principle to show that all positive integers are interesting.

4. Proofs by induction

13

(b) Make a list like that below, and continue it as far as you can n 1 2 3 4 5 6 7 8 ...

Interesting fact about n additive identity for Z smallest positive prime integer smallest positive integer that is not a sum of squares, a2 + b2 smallest positive composite integer smallest positive integer that is the sum of distinct positive squares: 5 = 12 + 22 smallest positive integer that is the sum of its positive proper divisors (6 = 1 + 2 + 3) smallest positive prime of the form 1 + 6k

You may find it fun (or “interesting”) to update this list (and make it longer) as you progress through this book.

4

Proofs by induction

The well-ordering principle allows us to prove facts about N by induction. For example, suppose I ask you to prove that every positive integer can be written as the sum of four squares: 1 2 3 4 5 ...

= = = = =

12 + 02 + 02 + 02 12 + 12 + 02 + 02 12 + 12 + 12 + 02 12 + 12 + 12 + 12 22 + 12 + 02 + 02

or

22 + 02 + 02 + 02

97 = 82 + 52 + 22 + 22 ... How can you prove it? You have to give a rule for each number, and that might be hard. However, suppose you know that (a) You can do it for 1. (b) If you can do it for k in N, you can do it for k + 1. Then you know that you can do it for every element of N. For example, to show that you can do it for 8, you use rule (a) once and rule (b) seven times. Example. Suppose I want to prove that, for n ∈ N, 1+

1 1 1 1 1 + + + ···+ n = 2 − n. 2 4 8 2 2

Chapter 1. The Integers, Z

14 First I prove it for n = 1: 1+

3 1 = 2 2

and

2−

1 3 1 = 2− = 21 2 2

so when n = 1 both sides are equal. Now suppose it is true for n = k. Then 1+ If we add

1 2k+1

1 1 1 1 1 + + + ··· + k = 2 − k. 2 4 8 2 2

to each side, we get

1+

1 1 1 1 1 + + + · · · + k + k+1 2 4 8 2 2

1 1 + k+1 k 2 2 2 1 = 2 − k+1 + k+1 2 2 1 = 2 − k+1 , 2 = 2−

which is what we wanted to prove—this is the formula when n = k + 1. We have just completed our first proof by induction.

This was a simple case of the general formula a + ar + ar 2 + ar 3 + · · · + ar n =

ar n+1 − a r−1

for r = 1, n ∈ N, and a ∈ C.

Suppose we want to prove this. When n = 1 the right-hand side becomes a(r 2 − 1) a(r − 1)(r + 1) ar 2 − a = = = a(r + 1) = a + ar, r−1 r−1 r−1 which is what the left-hand side is for n = 1. So the first step is finished. Now suppose the formula is true for n = k; we will try to prove it for n = k + 1. Starting with ar k+1 − a , a + ar + ar 2 + ar 3 + · · · + ar k = r−1 we add ar k+1 to both sides to get a + ar + ar 2 + ar 3 + · · · + ar k + ar k+1

= = =

ar k+1 − a + ar k+1 r−1 ar k+1 − a ar k+2 − ar k+1 + r−1 r−1 k+2 −a ar , r−1

which is the correct formula for n = k + 1, so we are done. You may have seen this formula in calculus; or had it applied to your money, if you’ve ever taken out a loan, or put money in something like a retirement account. How does proof by induction rely on the well-ordering principle? We can rephrase what we are doing above as follows: Let S ⊆ N be the set of numbers n for which

4. Proofs by induction

15

the statement doesn’t hold (the set of counterexamples). Assume that S is nonempty. Then S has a smallest element; call it s0 . The integer s0 represents the smallest counterexample. Our first step shows that 1 = s0 . Thus we may write s0 = k + 1, where k ∈ N (here we are using part 4 of Proposition 2). What we are trying to prove must be true for the integer k, since s0 > k represents the smallest counterexample. But then we show that “true for k” implies “true for k + 1 = s0 .” This contradiction shows that our assumption is false: S must be empty, and there are no counterexamples. Thus every proof by induction is in fact a proof by contradiction, applying the well-ordering principle to the set of counter-examples. There is a variant of this called strong induction. Here the steps are (a) It’s true for 1. (b) It’s true for k + 1 if it’s true for all numbers between 1 and k. This is just a more powerful version—here we need all the statements before the (k + 1)st to be true, not just the most recent one. One might be able to prove that every positive integer can be written as the sum of four squares using Strong Induction; it would be much harder (or impossible) to prove using simple (or “weak”) induction. Example. We will show that 7n has ones digit 7 9 3 1

if if if if

n n n n

is is is is

of of of of

the the the the

form form form form

4k + 1 4k + 2 4k + 3 4k.

Note that 71 = 7, 72 = 49, 73 = 343, and 74 = 2401. We thus have shown that the statement is true for n = 1, 2, 3, and 4. So we will assume the statement is true for n = 1, 2, 3, . . . , N , with N ≥ 4. Now we have four cases to deal with: N could be of the form 4k, 4k +1, 4k +2, or 4k +3. That means N +1 could be of the form 4k +1, 4k + 2, 4k + 3, or 4k + 4 = 4(k + 1). We deal with each case separately: if N + 1 = 4k + 1, then 7N +1 = 7N · 7 = (10M + 1)7 by hypothesis, so 7N +1 = 10(7M ) + 7 has ones digit 7, as was to be proved. If N +1 = 4k+2, then 7N +1 = 7N ·7 = (10M +7)7 by hypothesis, so 7N +1 = 10(7M ) + 49 = 10(7M + 4) + 9 has ones digit 9, as was to be proved. If N + 1 = 4k + 3, then 7N +1 = 7N · 7 = (10M + 9)7 by hypothesis, so 7N +1 = 10(7M ) + 63 = 10(7M + 6) + 3 has ones digit 3, as was to be proved. And, finally, if N + 1 = 4(k + 1) = 4n + 4, then 7N +1 = 7N · 7 = (10M + 3)7 by hypothesis, so 7N +1 = 10(7M ) + 21 = 10(7M + 2) + 1 has ones digit 1, as was to be proved.

Exercises 1. Use induction to show that the ones digit of 6n (for n ∈ N) is a 6.

Chapter 1. The Integers, Z

16





2. Use induction and integration by parts to show that

xn e−x dx = n!.

0

3. Use induction to show that cos(nx) may be written as a polynomial in cos(x) with integer coefficients. 4. (a) Use induction to show that 7n has last two digits 07 49 43 01

if if if if

n n n n

is is is is

of of of of

the the the the

form form form form

4k + 1 4k + 2 4k + 3 4k

···7

(b) Let an = 77 , where there are n 7s in the expression. Use induction to show that an has units digit 7 if n = 1, and 3 if n > 1. 5. What is wrong with the following proof by induction? Proposition: All horses are the same color. Proof: By (strong) induction on the number of horses. Base cases: This is clearly true if there are zero horses. It is also clearly true if there is only one horse. Assume it is true for any group of k horses (or smaller). Inductive step: Suppose we have a group of k + 1 horses. Choose one, call it Trigger. The group, minus Trigger, has only k horses, so those horses are all the same color by assumption. Now choose another horse, call it Silver. The group, minus Silver (but including Trigger), has k horses again, and so they are all the same color by assumption. The overlap, k − 1 horses, are also all of the same color by assumption. Therefore, any group of horses are the same color. Since there are a finite number of horses in the world, they must all be of the same color. 6. Prove that for n ≥ 1, n

k5 =

k=1

7. Prove that for n ≥ 1,

n

1 2 n (n + 1)2 (2n2 + 2n − 1). 12

(2k − 1)3 = n2 (2n2 − 1). (You are adding up the

k=1

cubes of the first n odd integers.) 8. In the Towers of Hanoi problem, there are three dowels and n disks that must be transferred from the left dowel to the right dowel (see Figure 2). Disks may only be moved one at a time, from one dowel to any other dowel, and disks may only be placed on top of larger disks, not smaller ones. At the start, there are n disks, each of a different radius, stacked on top of one another on the left dowel, with the sizes decreasing as you go up the tower. Use induction to show that the n disks may be moved to the right dowel in exactly 2n − 1 moves.

4. Proofs by induction

17

Figure 2: Towers of Hanoi, for Exercise 8 9. In the text we showed that a + ar + ar 2 + ar 3 + · · · + ar n =

n

k=0

Take limits to show that



k=0

ar k =

ar k =

ar n+1 − a . r−1

a , 1−r

so long as |r| < 1. Why is the condition |r| < 1 necessary? These two formulas are called the finite geometric sum and the geometric series, respectively. 10. Given a set S, we define |S| to be the number of elements in it; thus |{a}| = 1, |{a, b, c, d}| = 4, |{}| = 0, and |Z| = ∞. (a) Show that |A ∪ B| = |A| + |B| − |A ∩ B|. (b) Show that |A ∪ B ∪ C| = |A| + |B| + |C| − |A ∩ B| − |A ∩ C| − |B ∩ C| + |A ∩ B ∩ C|. (c) Given a finite number n of sets A 1 , A2 , A3 , . . . An , give an expression n     for the size of their union,  Ai . This expression is sometimes called   i=1 the Inclusion-Exclusion Principle. (d) Given a set A that is a subset of some universal set U , we denote the complement of A by A, with the definition A := U \ A = {u ∈ U : u ∈ A}. Give an expression for the number of elements  n of U that are not in any     of the Ai s; that is, give an expression for  Ai . This is another form   i=1 of the Inclusion-Exclusion Principle. We use the first expression when the sets Ai define properties we want our elements to have; when the sets Ai define properties we do not want our elements to have, we use the second expression. 11. Use induction to show that xn =

3n+1 is a solution to the recurrence relation 2n−1

10xn+1 − 15xn = 0 with x0 = 6.

Chapter 1. The Integers, Z

18

A

A

B

B

D C

C

Figure 3: Three- and four-set Venn diagrams

12. Use induction to show that xn = 5 · 6n − 4n is a solution to the recurrence relation xn+2 − 10xn+1 + 24xn = 0 with x0 = 4 and x1 = 26. For extra credit, use generating functions to show this in a different way. 13. Let n be a fixed positive integer. How many ways are there to write n as a sum of positive integers, n = a1 + a2 + a3 + · · · + ak , with k an arbitrary positive integer and a1 ≤ a2 ≤ a3 ≤ · · · ≤ ak ≤ a1 + 1? For example, with n = 4, there are four ways: 4, 2 + 2, 1 + 1 + 2, 1 + 1 + 1 + 1. 14. A sequence is defined by a1 = 2 and an = 3an−1 + 1. Find the sum a1 + a2 + a3 + · · · + an . 15. Let f0 (x) = f2017 (2018).

5

1 and fn (x) = f0 (fn−1 (x)) for n = 1, 2, 3, . . . . Evaluate 1−x

The binomial theorem

Now we need some more notation: for n ∈ W, we define n!, pronounced “n factorial,” as 1 if n = 0 n! = n · (n − 1)! else,

5. The binomial theorem

19

so 0! 1! 2! 3! 4! 5!

= = =

= = = ... 15! = ... 65! ≈

1 1 2 6 24 120 1, 307, 674, 368, 000 8.247 × 1090 .

One of the most common uses of factorials is to define the binomial coefficients. Thereason for this name will be made clear soon. A binomial coefficient is written  n and pronounced “n choose k.” It is defined (for n ∈ N and 0 ≤ k ≤ n) k as the number of distinct waysofchoosing a subset of size k out of a set of n 4 (distinguishable) objects. Thus = 6 because out of the set {a, b, c, d} we may 2   5 choose {a, b}, {a, c}, {a, d}, {b, c}, {b, d}, or {c, d}. Similarly, = 10. It is pretty 3       n n n easy to see that = 1, = 1, and = n straight from the definition. A 0 n   1  n n , since choosing a subset of little thought should convince you that = k n−k   n size k is the same as choosing the complement, of size n − k. Note also that k is always a positive integer.   n So how might we calculate for other values of n and k? If we choose 1 person k out of this class, we clearly have n choices. If we choose 2, we have n choices for the first person and n − 1 choices for the second, but now we have let order matter— since we could have chosen in the other order, we have counted each outcome twice. We must therefore divide by two. We have just proven that   n n(n − 1) = . 2 2   n or something else? You What about ? Is it n(n − 1)(n − 2) or n(n−1)(n−2) 2! 3   n n(n − 1)(n − 2) · · · (n − k + 1) should convince yourself that = since n(n − k k! 1)(n − 2) · · · (n − k + 1) is the number of ways to choose k objects, but the k! in the denominator takes care of the fact that the order in which the objects are chosen doesn’t matter. We can rewrite the above in a clever way by seeing that n! = n(n − 1)(n − 2) · · · (n − k + 1)((n − k)!)

Chapter 1. The Integers, Z

20 so n(n − 1)(n − 2) · · · (n − k + 1) = Thus

n! . (n − k)!

  n n! . = k k!(n − k)!

One other formula out to be very handy when dealing with binomial coeffi turns  n cients: it relates to other binomial coefficients. Thus suppose we have a set, k S, of size n, with n ∈ N, and we label one of the elements of this set Beth. When we choose a subset of size k out of the set S, we will either choose the element labeled Beth, or we won’t.If we  do choose Beth, then we need to make k − 1 other n−1 choices, and so there are ways to choose a subset of size k that contains k−1   n−1 Beth. On the other hand, there are ways to choose a subset of size k that k does not contain Beth. Thus there are     n−1 n−1 + k−1 k ways to choose this subset, and we have thus proven the formula       n n−1 n−1 = + . k k−1 k       n+1 n n We can rewrite this as = + . k k k−1 We often  seebinomial coefficients formed into a triangle, called Pascal’s Triann gle with being the kth entry in the nth row (provided one always starts by k counting “zero, one, two, three, . . . ”). The rule above shows that entries in the triangle can be calculated by adding the two entries (diagonally) above the entry in question. See Figure 4.   n The reason is called a binomial coefficient is that these integers come up in k Theorem 1 (The binomial theorem) Let R be a ring. If x, y ∈ R and xy = yx, then for n ∈ N, n  

n n−k k n (x + y) = y . x k k=0

We will prove this theorem in two ways. The first is combinatorial. Proof . like

When we multiply out (x + y)n , we get many terms, each of which looks x(power) · y (another power) .

5. The binomial theorem

21

Figure 4: Pascal’s triangle

If you think about how you would use the distributive law to multiply out

(x + y)(x + y)(x + y) · · · (x + y)

you should be able to see that each termwill  have n letters in it, each of which is n terms that have k xs and thus n − k either x or y. And we will get precisely k   n k n−k ys. Thus we get x y , and k ranges from k = 0 (no xs, all ys) to k = n (all k xs, no ys).

The second is by induction on n.

Proof . When n = 1 the right-hand side is

    1  

1 1 0 1 0 1 1 1−k k y = x y + x y = x + y. x 0 1 k k=0

Chapter 1. The Integers, Z

22

This is what the left-hand side is for n = 1, so we assume the theorem is true for n ≥ 1 and try to prove it for n + 1: n  

n n−k k y x k k=0 n   n  

n n+1−k k n n−k k+1 = y + y x x k k k=0 k=0  n   n+1 

n n+1−k k

n = y + (letting j = k + 1) x xn−j+1 y j k j − 1 j=1 k=0    n   n  n n+1 0 n n+1−k k

n = x y + y + x xn−j+1 y j 0 k j − 1 j=1 k=1   n 0 n+1 + x y n  n     

n n n+1 0 n+1−k k =x y + y + x0 y n+1 + x k k−1 k=1  n  

n + 1 n+1 0 n+1−k k =x y + y + x0 y n+1 x k k=1   n+1

n+1 xn+1−k y k , = k

(x + y)n+1 = (x + y)(x + y)n = (x + y)

k=0

which is the correct formula for n + 1 so we are done.

Example. To expand (3 − 2x)5 we get       5 5 5 5 4 (3 )(−2x) + (33 )(−2x)2 3 + 1 2 0       5 5 5 + (32 )(−2x)3 + (3)(−2x)4 + (−2x)5 , 3 4 5 which equals 1 · 35 + 5(34 )(−2x) + 10(33 )(−2x)2 + 10(32 )(−2x)3 + 5(3)(−2x)4 + 1(−2x)5 , which equals 243 − 810x + 1080x2 − 720x3 + 240x4 − 32x5 .

Exercises 1. You will do several calculation in the Gaussian integers, Z[i]: calculate

5. The binomial theorem

23

(a) (4 + 5i) + (3 − 6i) (b) (4 + 5i)(3 − 6i) (c) (2 + i)3 (d) (3 + 2i)5 3 + 4i . This may not be an element of Z[i], since Z[i] is not a field, (e) 2 + 3i though it is definitely in C since C is a field and you can always divide in a field (except by zero). Can you be more specific about where the answer is (in what ring it lives)? Is that ring a field or not? 2. Let ρ = − 12 +



3 2 i

∈ C.

(a) Verify that ρ3 = 1. (b) Verify that ρ satisfies the equation x2 + x + 1 = 0. (c) Verify that ρ is on the unit circle in C. 3. Prove that for 0 ≤ k ≤ m ≤ n,       n n−k n m = . k m−k m k 4. Prove that

n  

n j=0

5. Prove that

n

(−1)j

j=0

6. Prove that

j

n

j=0

2j

= 2n .

  n = 0. j

  n = 3n . j

7. Prove that

  2n 1 · 3 · 5 · · · (2n − 1) n 2 . = n n!

8. Prove that

    4n 1 · 3 · 5 · · · (4n − 1) 2n = . 2n [1 · 3 · 5 · · · (2n − 1)]2 n

9. Prove that

  4n (2n + 1)(2n + 3)(2n + 5) · · · (4n − 1) n 2 . = 2n n!

10. Prove that for 0 ≤ m ≤ n,  

 m   n m n−m = . k j k−j j=0 What does this formula say when m = 1?

Chapter 1. The Integers, Z

24 11. Prove that for 0 ≤ m ≤ n,

  n  

m n+1 = . k k+1

m=k

12. Prove that for n ≥ 0,          

 n  n n+1 n+2 n+3 n+n n+j + + + +· · ·+ = = F2n+1 , 0 2 4 6 2n 2j j=0 where Fn is the nth Fibonacci number, defined by F1 = F2 = 1, and Fn+1 = Fn + Fn−1 for n ≥ 2. 13. (a) Show that the Fibonacci numbers, defined in Exercise 12, satisfy Binet’s formula:  √ n  √ n  1+ 5 1 1− 5 − Fn = √ 2 2 5 for all n ∈ N. √ 1+ 5 . Show that the formula can be simplified to Fn = (b) Let ω =  n 2 ω round √ . 5 14. Show that the Fibonacci numbers, defined in Exercise 12, satisfy Fk−1 Fk+1 − Fk2 = (−1)k for all k ≥ 2. 15. Find the sum of the coefficients in the expansion of (3x2 + x − 2)2017 . 1 16. Suppose that x is a real number such that x + is an integer. Prove that x 1 x2017 + 2017 is an integer. x 17. Prove that for n ≥ 0,           n

n n+1 n+2 n+3 j n+j (−1) − + − ± ··· = 2j 0 2 4 6 j=0  π 2 (n + 2) . = √ sin 3 3 (This last expression is a way of saying “repeats the values 1, 0, −1, −1, 0, 1, over and over again, with period six”.) 18. Let d be a square-free integer (that is, m ∈ Z and m > 1 =⇒ m2 /|d). We then have the ring √ √ Z[ d] = {a + b d ∈ C : a and b are in Z} ⊂ C. √ √ We define the conjugate function j : Z[ d] → Z[ d] by √ √ j(a + b d) = a − b d, √ and we define the norm function N : Z[ d] → Z by N (z) = z · j(z), so √ √ √ N (a + b d) = (a + b d)(a − b d) = a2 − db2 .

5. The binomial theorem

25

√ (a) Prove that for any z1 and z2 in Z[ d], j(z1 · z2 ) = j(z1 ) · j(z2 ). √ (b) Prove that for any z1 and z2 in Z[ d], N (z1 · z2 ) = N (z1 ) · N (z2 ). √ (c) Can you draw Z[ d] when d = 2? What are the difficulties? (d) What is the geometric significance of N when d = −1? √ (e) List all the elements of Z[i] (which is the same as Z[ −1]) with norm less than 35, and draw a picture of what you have found. Hint: Group them by norm—which element(s), if any, have norm 0? norm 1? norm 2? norm 3? etc. How does this relate to your picture? 19. Suppose that for z ∈ Z[i] we have N (z) = p, where p is a prime in Z. (a) Prove that z is a prime in Z[i]. (b) Eight examples of primes in Z[i] are ±2 ± i and ±1 ± 2i, all of which have norm 5. Give some other examples of primes in Z[i]. √ 20. Suppose that for z ∈ Z[ d] we have N (z) = p, where p is a prime in Z. √ (a) Prove that z is a prime in Z[ d]. √ √ √ (b) Sixteen examples of primes in Z[ √ 2] are ±2 ± 2√and ±10 ± 7 2, all of which have norm 2, and ±1 ± 2 2 and ±5 ± 4 2, √ all of which have norm −7. Give some other examples of primes in Z[ 2]. √ (c) Give some examples of primes in Z[ 3]. √ (d) Give some examples of primes in Z[ −3]. 21. Suppose ρ ∈ C is such that ρ3 = 1, ρ = 1 (ρ is called a cube root of unity). (x − 1)(x2 + x + 1), conclude that ρ2 + ρ + 1 = 0, and thus Since x3 − 1 = √ that ρ = − 12 ± 23 i. We define √ 1 3 ρ=− + i. 2 2 We thus have the ring Z[ρ] = {a + bρ ∈ C : a, b ∈ Z}, with addition defined by (a+bρ)+(c+dρ) = (a+c)+(b+d)ρ and multiplication defined by (a + bρ) · (c + dρ)

= ac + (bc + ad)ρ + bdρ2 = ac + (bc + ad)ρ + bd(−1 − ρ) = (ac − bd) + (bc − bd + ad)ρ.

This ring is sometimes called the ring of Eisenstein integers, or the ring of Eulerian integers. The ring Z[ρ] has a norm function, N : Z[ρ] → Z, defined by N (a + bρ) = (a + bρ)(a + bρ2 ). √ (a) Show that Z[ −3] ⊆ Z[ρ]. √ √ (b) Show that z ∈ Z[ρ] ⇐⇒ (z ∈ Z[ −3]) or (z − ρ ∈ Z[ −3]). (c) Show that N (a+bρ) = a2 −ab+b2 , and that this norm is positive-definite.

Chapter 1. The Integers, Z

26

(d) Show that the norm function defined above always gives the square of the distance from the point a + bρ ∈ C to the origin. In this way the norm in Z[ρ] is exactly the same as the norm in Z[i]. (e) Show that N (z · w) = N (z) · N (w) for all z, w ∈ Z[ρ]. Hint: it is easier, and more general, to show that the conjugate of a product is the product of the conjugates. Thus show that (a + bρ)(c + dρ) = m + nρ =⇒ (a + bρ2 )(c + dρ2 ) = m + nρ2 , then explain what that implies about norms. (f) Find all the units in Z[ρ]. (g) Suppose that for z ∈ Z[ρ] we have N (z) = p, where p is a prime in Z. i. Prove that z is a prime in Z[ρ]. ii. Give four examples of primes in Z[ρ]. 22. This exercise generalizes Exercise 21. Let d be an integer of the form d = √ −1+ d . 1 + 4k, with k ∈ Z. Define D = 2  √  (a) Show that Z[D] = Z 1+2 d . (b) Show that D is a root of the polynomial x2 + x + 1−d 4 .

d−1 (c) Show that (a + bD)(r + sD) = ar + 4 bs + (br + as − bs)D. (d) Define conjugation as a map j : Z[D] → Z[D] given by j(a + bD) = (a − b) − bD. Show that j(z + w) = j(z) + j(w)

j(z · w) = j(z) · j(w)

and

for all z, w ∈ Z[D]. (e) Define the norm function, N : Z[D] → Z by N (z) = z · j(z). Show that 2 N (a + bD) = a2 − ab + 1−d 4 b , and that N (z · w) = N (z)N (w) for all z, w ∈ Z[D]. (f) Show that if d < 0, N (z) is the square of the geometric distance from the point z ∈ C to the origin. For the factor d−1 4 to be an integer d = 1 + 4k is necessary; a more important reason is discussed in Exercise 9, page 144.

6

The fundamental theorem of arithmetic (foreshadowing)

Our goal in the next few sections is to prove, understand, and use the fundamental theorem of arithmetic: Any integer n = 0, ±1, can be written as k

n = ±pe11 pe22 pe33 · · · pekk = ±

pei i , i=1

where the pi are distinct positive primes, k ∈ N is the number of distinct prime factors of n, and each ei ∈ N. This factorization is unique up to reordering of the primes pi .

6. The fundamental theorem of arithmetic (foreshadowing)

27

We left out the special cases where n is the additive identity and the only two units in Z, ±1. We will later try to come up with a similar theorem for Z[i], and see if all non-zero, non-unit elements of Z[i] can be factored uniquely as products of primes in Z[i]. So we need to get a feel for what the units are, what the primes are, and how to factor in Z[i]. There is also a problem with order , since “positive primes” √ won’t make any √ sense in Z[i]. After that we will look at other rings, notably Z[ 2] and other Z[ d], to see if they have unique factorization also, and to look at the nature of the units and certain other properties of primes, such as how they are distributed. A major tool in our proof of the fundamental theorem of arithmetic will be the division algorithm. Theorem 2 (Division Algorithm) Given integers a and b, with b = 0, there exist unique integers q (the quotient) and r (the remainder) with a = bq + r

and

0 ≤ r < |b|.

There is an important proof of this theorem, based on set theory, which we write later (and then use the same method to prove other theorems); right now I will give a more intuitive, geometric, but non-rigorous explanation. It is not rigorous because our axioms don’t mention geometry at all; however, the picture may help you to visualize the division algorithm. We have the real line, and we can put the multiples of b on it like so:

Near a we have a picture like:

so we have qb ≤ a < qb + |b| = b(q ± 1). Thus if we let r = a − qb we get a = qb + r, and since a is one of the numbers in {qb, qb + 1, qb + 2, . . . , qb + |b| − 1} we must have that r = a − qb is in the set {0, 1, 2, . . . , |b| − 1}. Thus 0 ≤ r ≤ |b| − 1 so we must have 0 ≤ r < |b|. Now we give a formal proof. Proof . We will show the existence of q and r first.

Chapter 1. The Integers, Z

28

Suppose there exists a q ∈ Z such that a = bq. Then we let r = 0 and we are done. Otherwise, b does not divide a evenly. For technical reasons, we will now use trichotomy on a and three cases. • If a = 0 then we may let q = r = 0 and the conditions are satisfied. • If a > 0 then we form the set S = {a − bt ∈ N : where t ∈ Z}. By construction, this set is subset of N, and t = 0 corresponds to a, a positive integer, so S is a non-empty subset of N. Thus we may apply the wellordering principle and define r to be the smallest element of S. Thus r is of the form r = a − bt0 for some integer t0 , and defining q = t0 gives us r = a − bq, or a = bq + r, as desired. Now consider the number r − |b|. We have r − |b| = a − bq − |b| = a − b(q ± 1) = a − bt1 , so r − |b| has the correct form to be an element of S. Since r − |b| < r, the smallest element of S, we must have r − |b| ∈ N, so r − |b| ≤ 0. Now r = |b| =⇒ a = bq + |b| = b(q ± 1), and since we have ruled that case out, we must have r − |b| < 0, so r < |b|; therefore 0 < r < |b| and we have shown that the required q and r exist in the case a > 0. • If a < 0, then we will use the case above, applied to −a, to find −a = bq1 + r1 , so a = b(−q1 ) + (−r1 ) = b(−q1 ± 1) + (|b| − r1 ), with q1 ∈ Z and 0 < r1 < |b|. But then −q1 ± 1 ∈ Z also, and 0 < |b| − r1 < |b|, so if we let q = −q1 ± 1 and r = |b| − r1 we have found the requisite q and r. Now that we have shown the existence of q and r, the hard work is done, and showing uniqueness is fairly straightforward. Suppose a = bq2 + r2 = bq3 + r3 are two ways to represent a, with 0 ≤ r2 < |b| and 0 ≤ r3 < |b|. Rearranging, we get r3 − r2 = (a − bq3 ) − (a − bq2 ) = b(q2 − q3 ). Since q2 − q3 ∈ N, we see that r3 − r2 is a multiple of b. Furthermore, since −|b| < r3 − r2 < |b|, and the only multiple of b between −|b| and |b| is zero (here we are using part 4 of Proposition 2 on page 11), we must have r3 − r2 = 0. Thus b(q2 − q3 ) = 0, and since b = 0 we have q2 − q3 = 0. Thus we have proven that q2 = q3 , and r2 = r3 , so we have shown that the division algorithm gives a unique q and a unique r.

Definition 7 Suppose n ∈ Z. If n can be written as n = 2k, for some k ∈ Z, we say n is even; otherwise we say n is odd.

Exercises 1. (a) Use the division algorithm to show that every odd integer can be written as n = 2j + 1 for some j ∈ Z. (b) Prove that for n ∈ Z, n is odd =⇒ n2 can be written as 1 + 8m.

7. Divisibility

29

(c) Prove that for n ∈ Z, n2 can be written as 1 + 8m =⇒ n is odd. 2. Show that every integer falls into one of four categories: even n is even. threven n can be written in the form n = 3k for some k ∈ Z. plus one n can be written in the form n = 6r + 1 for some r ∈ Z. plus five n can be written in the form n = 6s + 5 for some s ∈ Z. Are these categories disjoint? 3. Find the integers q and r guaranteed to exist by the division algorithm if (a) a = 29 and b = 11 (b) a = 100 and b = 7 (c) a = 100 and b = −7 (d) a = −358 and b = −16 (e) a = 84 and b = 24 (f) a = 0 and b = 52 (g) a = −65 and b = 8 4. Show that every odd integer n can be written as n = 4k + 1 or as n = 4k + 3 for some integer k. 5. Suppose we are given integers a and b, and we calculate q and r such that a = bq + r with 0 ≤ r < |b|. Now we run the division algorithm on −a and b. What are the new integers Q and R such that −a = bQ + R with 0 ≤ R < |b|? 6. Some experimentation (try dividing 2x − 3 into x3 ) will quickly show you that the polynomial ring Z[x] does not have a division algorithm. However, the closely associated polynomial ring Q[x] does have a division algorithm. State this fact precisely.

7

Divisibility

Next we shall look at divisibility, which is the property that b divides a, written b|a. We have the Definition 8 If a and b are integers, then we write b|a if a = bq for some q ∈ Z. This is the same as saying r = 0 in the division algorithm: there is no remainder. This is a relationship between two numbers, not an operation: it is a statement that is true or false (like a < b), not a way of combining two numbers to get a third (like a + b). The statement 3|6 is true because 63 = 2 is an integer; −5/|6 is true because 6 is not an integer multiple of −5. We have the following properties:

Chapter 1. The Integers, Z

30 Proposition 3 Let a, b, c, and d be integers. Then 1. a|0, 1|a, and a|a. 2. a|1 ⇐⇒ a = ±1. 3. a|b and b|c =⇒ a|c. 4. a|b and b|a ⇐⇒ a = ±b. 5. a|b and c|d =⇒ ac|bd. 6. a|b and b = 0 =⇒ |a| ≤ |b|.

7. a|b and a|c =⇒ a|(bx + cy) for any integers x and y. We will prove 7 now, and then show how 4 follows from 2. We proved 2 earlier; do you see where? Proof . For 7, we have a|b =⇒ b = am for some m ∈ Z, and a|c =⇒ c = an for some n ∈ Z. Thus bx + cy = (am)x + (an)y = a(mx) + a(ny) = a(mx + ny) so a|(bx + cy) and we are done. We used the associative and distributive properties of the integers, as well as closure under addition and multiplication, since we must assert that mx + ny is an integer to complete the proof. To prove 4 from 2, a|b and b|a imply that b = au and a = bv for some integers u and v. Thus a = bv = auv so 0 = a − auv = a(1 − uv), so (here we use Proposition 1, that Z has no zero-divisors) we see that a = 0 or 1 − uv = 0. If a = 0 then b = au = 0 · u = 0 and we are done, since ±0 = 0. Otherwise, we get uv = 1, so v|1 and we use 2 to assert that v = ±1, in which case a = bv = b(±1) = ±b.

Exercises 1. Prove parts 1, 3, and 5 of Proposition 3. 2. Prove part 6 of Proposition 3. 3. Prove that for all a, b ∈ Z, a|b ⇐⇒ (−a)|b ⇐⇒ a|(−b) ⇐⇒ (−a)|(−b). 4. Show that for all n ∈ Z, 6|n(n + 1)(2n + 1). 5. Suppose k ∈ N. Show that k!|(n(n − 1)(n − 2) · · · (n − k + 1)) for any n ≥ k. Is this true for all n ∈ Z? 6. Recall the Fibonacci numbers, Fn (Exercise 12 on page 24). (a) Show that 5|Fn ⇐⇒ 5|n. (b) Give a criterion for when 2|Fn . (c) Give a criterion for when 3|Fn . (d) Give a criterion for when 7|Fn . (e) Conjecture a criterion (condition(s) on m, n) for when Fm |Fn .

8. Greatest common divisors

31

7. Here is a definition for divisibility in Z[i]: Definition 9 For z and w in Z[i], we write z|w and say that z divides w if there exists a v in Z[i] such that z · v = w. In other words, if z = a + bi and w = r + si and if (a + bi)(c + di) = r + si for some c + di = v ∈ Z[i], then we write (a + bi)|(r + si) (and, in fact, (c + di)|(r + si)). Determine whether (a) (1 + i)|(−3 − i) (b) (1 + 2i)|(5 − 15i) (c) (1 − 2i)|(3 − 4i) (d) 2|(4 − 7i) (e) (5 + i)|17 (f) (1 + 4i)|85. (g) (2 − i)|(2 − 11i) 8. Suppose a + bi ∈ Z[i] and c ∈ Z. (a) Under what conditions is it true that c|(a + bi) (in Z[i])? Give conditions on the integers a, b, and c. (b) Under what conditions is it true that (a + bi)|c (in Z[i])? Give conditions on the integers a, b, and c. √ √ 9. Suppose a + b d ∈ Z[ d], and c ∈ Z.  √ √  (a) Under what conditions is it true that c (a + b d) (in Z[ d])? Give conditions on the integers a, b, c, and d. √ √  (b) Under what conditions is it true that (a + b d) c (in Z[ d])? Give conditions on the integers a, b, c, and d. 10. Using the definition of divisibility (in Z[i]) defined in Exercise 7, show that (2 + 5i)  |(−11 + 13i). If you try to divide, what is the best quotient to use? What remainder is left?

8

Greatest common divisors

Now we want to define the greatest common divisor , d, of two integers a and b. How should we? Certainly, we want d|a and d|b, but what else? If c|a and c|b, then |c| ≤ d? In rings besides Z we don’t have order, so we won’t be able to use this definition elsewhere. Let’s look at some examples: what is the greatest common divisor of

Chapter 1. The Integers, Z

32 1. 4 and 6? 2. 14 and 15? 3. −12 and 18? 4. 105 and 44? 5. 203567 and 765302?

, , and We can calculate in our heads that the first three answers are (answers left to the reader). Since 105 = 3 · 5 · 7 and 44 = 22 · 11, we see that the greatest common divisor of 105 and 44 is 1. (We are using the fundamental theorem of arithmetic here, before we prove it!) But how do we find the last answer? Before we do that, I want you to notice the following: the common divisors of 4 and 6 are ±1, ±2, and the greatest common divisor is 2. The common divisors of 14 and 15 are ±1, and the greatest common divisor is 1. The common divisors of −12 and 18 are ±1, ±2, ±3, and ±6, and the greatest common divisor is 6. What do you notice? It appears that we can make Definition 10 The greatest common divisor, or GCD, of integers a and b is denoted by (a, b). If d = (a, b), then the integer d must satisfy 1. d ≥ 0 2. d|a and d|b 3. if c|a and c|b then c|d. Let’s examine some special cases. What is (1, n) for any integer n? What is (0, n)? What is (0, 0)? What is (n, n)? Does the definition cover all the cases? Are we confident that the GCD always exists? Could we have a pair of integers whose set of common divisors is, for example {±1, ±3, ±4, ±6}? It turns out that every pair of integers does have a GCD, but that is not yet obvious.

Exercises 1. Find the following greatest common divisors: (a) (29, 11) (b) (100, 7) (c) (−359, −16) 2. If a, b ∈ Z, find the greatest common divisors: (0, 0), (a, 0), (a, 1), (a, a), and (a, ab). 3. Show that for integers a, b, and c, we have (ab, ac) = |a|(b, c). 4. Let (a, b) = 1. Show that (a + b, a − b) = 1 or 2. When is this GCD 1? When is it 2?

9. The Euclidean algorithm

33 

5. For integers a, b, and c, let d = (a, b). Show that if c|d, then

a b , c c

 =

d . c

6. (a) Write a definition of the least common multiple of two integers, a and b. We will designate this least common multiple as [a, b]. (b) Prove that for integers a and b, we have (a, b)[a, b] = |ab|.

9

The Euclidean algorithm

Suppose we want to find d = (60, 34). What is d? How did you get it? Notice that 60 60 34 26 8

= = = = =

34 · q + r 34 · 1 + 26 26 · 1 + 8 8·3+ 2 2·4+0

We get that (60, 34) = 2. Let’s try to find (104, 39): 104 = 39 · 2 + 26 39 = 26 · 1 + 13 26 = 13 · 2 + 0 So (104, 39) = 13. Try (105, 44): 105 44 17 10 7 3

= = = = = =

44 · 2 + 17 17 · 2 + 10 10 · 1 + 7 7·1+3 3·2+ 1 1·3+0

Hence (105, 44) = 1. In general, repeated use of the division algorithm is known as the Euclidean algorithm: Given integers a and b with b = 0, we repeatedly apply the division algorithm and produce a b r1 rn−2 rn−1

= = =

b · q1 + r1 r1 · q2 + r2 r2 · q3 + r3

0 < r1 < |b| 0 < r2 < r1 0 < r3 < r2

... = rn−1 · qn + rn = rn · qn+1 + 0.

0 < rn < rn−1

Chapter 1. The Integers, Z

34

The last step, where rn divides evenly into rn−1 , must happen eventually since the remainders are all positive, and they are decreasing (what property of the integers did we just use?). Also, if c|a and c|b, then c|(a − b · q1 ) = r1 , by Property 7 of divisibility; similarly, we get c|(b − r1 · q2 ) = r2 , c|r3 , . . . , c|rn . So we have rn ≥ 0 by the first step, and now we know that c|rn . So rn satisfies the first and third properties of a GCD. We need to know whether it satisfies rn |a and rn |b, i.e., we need to know whether rn is a common divisor of a and b. The last equation states that rn |rn−1 . Then looking at the equation before that we get that rn |(rn−1 · qn + rn ) = rn−2 , and similarly we get that rn |rn−3 , rn |rn−4 , . . . , rn |r1 , rn |b, rn |a. Thus rn satisfies all three properties of a GCD, so we have proven that the Euclidean algorithm always works, and that it always produces the GCD. Furthermore, if we rearrange the above, we get rn rn−1 rn−2 r3 r2 r1

= = = ... = = =

rn−2 − rn−1 qn rn−3 − rn−2 qn−1 rn−4 − rn−3 qn−2 r1 − r2 q3 b − r1 q2 a − bq1 .

So rn is what is called a linear combination of rn−1 and rn−2 , that is, a sum of terms each of which is linear in rk . Hence rn is also a linear combination of rn−2 and rn−3 , . . . , and thus rn is a linear combination of a and b. That is, we can write rn = (a, b) = ax + by for some integers x and y. Try it for the first one we did, (60, 34) = 2: 2

= 26 + (−3)(8) = (26) + (−3)[34 + (−1)(26)] = (−3)(34) + (4)(26) = (−3)(34) + (4)[60 + (−1)(34)] = (4)(60) + (−7)(34).

For the second we get 13 = 39 + (−1)(26) = (39) + (−1)[104 + (−2)(39)] = (−1)(104) + (3)(39). We thus have the Proposition 4 The GCD of two integers a and b always exists and may be found by the Euclidean algorithm. Also, if (a, b) = d, then there exist integers x and y such that d = ax + by. Though this has already been proven above, I present here an alternate proof that there exist integers x and y for which (a, b) = ax + by. This proof uses the WellOrdering Principle.

9. The Euclidean algorithm

35

Proof . Suppose a = 0. Then (a, b) = |b| = a · 0 + b · (±1) so we are done. Now suppose a = 0. Then we form the set of positive linear combinations of a and b: let S = {n ∈ N : n = ax + by for some x, y ∈ Z}. We see that a2 = a · a + b · 0 ∈ S so S is a non-empty subset of N, and thus has a smallest element, call it n0 . We know n0 = ax0 + by0 for some integers x0 and y0 . I claim that n0 = (a, b). To see this, note that by the division algorithm, a = n0 q + r with 0 ≤ r < n0 . But then r = a − n0 q = a − (ax0 + by0 )q = a(1 − x0 q) + b(−y0 q) has the requisite form to be in the set S. Since r < n0 , r is not in S, and the only way that can happen is if r ∈ N; thus r ≤ 0. But then we must have r = 0 since r ≥ 0 by construction. And r = 0 implies that n0 |a. A similar proof shows that n0 |b. Thus n0 is a common divisor of a and b. Finally, if c|a and c|b, then c divides any linear combination of a and b, so c|n0 . Therefore n0 satisfies all the criteria to be a greatest common divisor, so we have shown that ax0 + by0 = n0 = (a, b) = d.

Hence one way to characterize the GCD (a, b) is that it is simultaneously the smallest positive integer that can be written as a linear combination of a and b, and the largest positive integer that divides into both a and b. Now suppose we are given two integers a and b, and suppose further that we can find integers x and y such that ax + by = 1. Then since d = (a, b) divides any linear combination of a and b, we have d|1. Thus d is a unit, and since d ≥ 0 we must have d = 1. Thus we have a theorem: Theorem 3 For a, b ∈ Z, (a, b) = 1 ⇐⇒ there are x, y ∈ Z with ax + by = 1. We will find this to be an important special case. Note: The implication only goes both ways when (a, b) = 1. We have 3·7+5·8 = 61, but 61 = (7, 8) (nor is 61 equal to (7, 5) or (3, 5) or (3, 8)). Definition 11 We call integers a and b relatively prime if their only common divisors are units; thus a and b are relatively prime ⇐⇒ (a, b) = 1 ⇐⇒ there are x, y ∈ Z with ax + by = 1. Furthermore, we have the following Theorem 4 Suppose a and b are integers and d = (a, b). Then {ax + by ∈ Z : x and y integers} = {dq : q ∈ Z}; i.e., the set of linear combinations of a and b, and the set of multiples of d, are the same set.

Chapter 1. The Integers, Z

36

This implies that d = 0 (in which case a = b = 0 also) or d is the smallest positive integer that is a linear combination of a and b. Proof . We know that d|a and d|b, so d|(ax + by) for any integers x and y (by Property 7 of divisibility). Thus d divides every element of the first set, so every element of the first set is a multiple of d; all the multiples of d are in the second set, so we have proved that {ax + by : x and y integers} ⊆ {dq : q ∈ Z}. On the other hand, we know that d = ax0 + by0 for some integers x0 and y0 . Thus dq = a(x0 q) + b(y0 q) for any integer q, so all the multiples of d are in the first set. Thus the sets are equal.

Often we will want to actually find the x and y such that ax+by = (a, b). Reversing the algebra as we did on page 34 is tedious, so we seek a simpler method. This will appear in the next section. Let’s look at (29, 11): 29 = 11(2) + 7

=⇒

11 = 7(1) + 4

=⇒

7 = 4(1) + 3

=⇒

4 = 3(1) + 1

7 29 =2+ 11 11 11 4 =1+ 7 7 7 3 =1+ 4 4 1 4 =1+ 3 3 3 = 1. 3

=⇒

3 = 1(3) + 0

=⇒

So we get that (29, 11) = 1; we can now rewrite the first fraction as 29 11

7 1 = 2 + 11 11 7 1 1 = 2+ =2+ 1 + 47 1+

= 2+

= 2+

= 2+

1 1+

1 1+ 34

=2+

1 1+

1 1+ 14

.

1 1+

7 4

3

1 1+

1

1 1+ 1 3

We will call such a form a continued fraction. A (finite) continued fraction is a representation of a (rational) number x such that x = a0 +

1 a1 +

,

1 a2 +

1 a3 +

1

..

.

1 an−1 + 1 an

9. The Euclidean algorithm

37

where a0 ∈ Z and ai ∈ N for all i. You will see infinite continued fractions in the future. To make things more convenient, we’ll write a0 +

Thus

29 11

1 a1 +

as

1 a2 +

[a0 ; a1 , a2 , . . . , an ].

1 a3 +

1

..

.

1 an−1 + 1 an

= [2; 1, 1, 1, 3].

You can find the continued fraction representation of a number with a calculator if you are wary of round-off error. Just plug in 29 11 , and look at the integer part, which is 2. Subtract 2, then take a reciprocal to get the expression [1; 1, 1, 3] = 1 +

1 1+

1 1+ 13

.

Keep subtracting and taking reciprocals until you are done, which is when what 105 happens? Try 105 44 . You should get 44 = [2; 2, 1, 1, 2, 3]. This is essentially doing the Euclidean algorithm. This will work with any fraction, even if pq < 0, so long as “integer part” is correctly interpreted as “round down” for the first step. Use this algorithm to show that −

85 = [−3; 2, 1, 10]. 32

Exercises 1. (a) Find the greatest common divisor (15, 6). (b) Find integers x and y such that 15x + 6y = (15, 6). (c) Find two more pairs of integers x and y that satisfy 15x + 6y = (15, 6). (d) How many solutions of the equation 15x + 6y = (15, 6) are there? 2. Find (n, 0). Does your answer change if n < 0? How many solutions are there to nx + 0 · y = (n, 0)? 3. Find (n, 1). Does your answer change if n < 0? How many solutions are there to nx + 1 · y = (n, 1)? 4. (a) Note that (2)(79) + (31)(−5) = 3. What is (2, 31)? (2, −5)? (79, 31)? (79, −5)? (b) Note that (3)(53)+(−12)(13) = 3. What is (3, −12)? (3, 13)? (53, −12)? (53, 13)? (c) Suppose that ax + by = 3. What can you conclude about (a, b)? (d) Suppose that ax + by = 6. What can you conclude about (a, b)? 5. Use Theorem 3 to prove that for a, b, and c in Z, (a, bc) = 1 ⇐⇒ (a, b) = 1 and

(a, c) = 1.

Chapter 1. The Integers, Z

38

6. Find the continued fraction for

31 12 , and for . 12 31

7. Find the continued fraction for

73 162 , and for . 73 162

8. Find the continued fraction for

233 144 , and for . 144 233

9. Find the continued fraction for

1001 . 847

10. This exercise deals with functions from N → Z; such functions are often called arithmetic functions. Many arithmetic functions f : N → Z are multiplicative: that is, (m, n) = 1 =⇒ f (m · n) = f (m) · f (n). When f (m · n) = f (m) · f (n), regardless of the GCD (m, n), we say f is completely multiplicative. For multiplicative functions, f (1) = 1 is necessary. Some examples of arithmetic functions are the power functions, Pk (n) = nk

for k ∈ W, the powers of divisors functions σk (n) = dk for k ∈ W, d>0, d|n

and the function that has value 1 if n is prime and value 0 if n is not. (a) Show that Pk (n) is completely multiplicative. (b) Show that σk (n) is multiplicative. (c) Show that if f is completely multiplicative, then F (n) =



f (d) is

d>0, d|n

multiplicative. (d) Give an example to show that even if f is completely multiplicative, then

F (n) = f (d) may not be completely multiplicative. d>0, d|n

(e) Show that if f is multiplicative, then F (n) =



f (d) is multiplica-

d>0, d|n

tive. 11. For integers a, b, and c, (a) Write a definition of the greatest common divisor, d, of a, b, and c. (b) Show that the greatest common divisors (a, (b, c)) and ((a, b), c) are equal. (c) Conclude that we may define the integer (a, (b, c)) = ((a, b), c) as the greatest common divisor (a, b, c). (d) What is (6, 10, 15)? (e) What is (91, 119, 259)? (f) Let a, b, and c be integers, and d = (a, b, c). Prove or disprove: d can be written as d = ax + by + cz for some integers x, y, and z.

10. The amazing array

10

39

The amazing array

In mathematics, once we have performed some process, we often want to reverse it. After multiplying, we factor. After raising to a power, we take roots. After learning about exponential functions, we learn about logarithmic functions. Earlier, we calculated that 29 11 = [2; 1, 1, 1, 3]. Now suppose we are given the continued fraction [2; 1, 1, 1, 3] and we want to figure out what rational number it represents. We can write it as 1 2+ 1 + 1+ 1 1 1+ 1 3

and simplify using grade school algebra, or we can use what we shall call the amazing array:

0 1

1 0

2 2 1

1 3 1

1 5 2

1 8 3

3 29 11

This was built as follows: we start with

0 1

1 0

Now we use the entries in the continued fraction to fill in the top row:

2 0 1

1

1

1

3

1 0

So in general this will look like

a0 0 1

a1

a2

···

ak

···

am

1 0

The entries in the middle of the amazing array are labeled Pk on the top row and Qk on the bottom row:

0 1

1 0

a0 P0 Q0

a1 P1 Q1

a2 P2 Q2

··· ··· ···

ak Pk Qk

··· ··· ···

am Pm Qm

Chapter 1. The Integers, Z

40 The Pk and Qk are filled in according to: P0 = a0 , P1 = a0 a1 + 1, Q1 = a1 , Q0 = 1,

Pk = ak Pk−1 + Pk−2 for k ≥ 2; Qk = ak Qk−1 + Qk−2 for k ≥ 2.

If this is thought of as “multiply the last entry by ak and add the entry before that”, then the 0, 1, 1, 0 entries on the left tell us how to start. Starting with the continued fraction 29 11 = [2; 1, 1, 1, 3], we thus get

0 1

2 2 1

1 0

1 3 1

1 5 2

1 8 3

3 29 11

This is the easy way of undoing the Euclidean algorithm. We will be using the amazing array in a variety of settings (that is, different rings, not just the integers) in the coming sections. Now how does this help? Using the last two columns in the array, we have (8)(11) − (29)(3) = 88 − 87 = 1 so x = −3, y = 8 solves the equation 29x + 11y = 1. So we used the last 2 × 2 determinant. What about the other determinants? They are −1, +1, −1, +1, . . . . Is this always true? Hold that thought while we do another 737 = [4; 1, 2, 3, 1, 2, 4]. Filling in Example. It is an easy calculation to see that 157 the amazing array, we get

0 1

1 0

4 4 1

1 5 1

2 14 3

3 47 10

1 61 13

2 169 36

4 737 157

The last two columns of the amazing array give us the determinant (169)(157) − (737)(36) = 26, 533−26, 532 = +1. Therefore (737, 157) = 1, and x = −36, y = 169 is a solution to the equation 737x + 157y = (737, 157).

Example. To try another example, let’s try to solve 111x + 2405y = (111, 2405). We calculate 74 1 1 1 2405 = 21 + = 21 + 111 = 21 + = 21 + 37 111 111 1 + 74 1+ 74 so we have

0 1

1 0

21 21 1

1 22 1

2 65 3

1 2

= [21; 1, 2],

10. The amazing array

41

2405 The determinant is (22)(3) − (65)(1) = +1, and we can also see that 65 3 = 111 . We 65 2405 65·37 may then calculate that 111 = 3 · 37, so 3 = 111 = 3·37 , and (111, 2405) = 37. Multiplying the determinant calculation by 37 and rearranging, we get (22)(3)(37)− (65)(1)(37) = 37 = (111, 2405), so (111)(22) + (2405)(−1) = 37 = (111, 2405). Hence x = 22, y = −1 is a solution to 111x + 2405y = (111, 2405).

For

737 157

= [4; 1, 2, 3, 1, 2, 4], we have P0 4 = = 4.0, Q0 1 P2 14 = = 4.66, Q2 3 P4 61 ≈ 4.6923, = Q4 13 P6 737 ≈ 4.694267516 = Q6 157

so

P1 5 = = 5.0, Q1 1 P3 47 = = 4.7, Q3 10 P5 169 = 4.694, = Q5 36

P0 P2 P4 P6 P5 P3 P1 < < < < < < . Q0 Q2 Q4 Q6 Q5 Q3 Q1

Is this true in general? These fractions seem to converge towards our actual value of Pk 737 157 , so we will call Qk the kth convergent to the continued fraction [a0 ; a1 , a2 , . . .].

Exercises 183 and then fill out the amazing array for 68 it. Solve the equation 183x + 68y = (183, 68).

1. Find the continued fraction for

2094 and then fill out the amazing array 685 for it. Solve the equation −2094x + 685y = (−2094, 685).

2. Find the continued fraction for −

294 and then fill out the amazing array for 686 it. Solve the equation 294x + 686y = (294, 686).

3. Find the continued fraction for

4. In the text we found one solution to the equation 111x + 2405y = (111, 2405). Find all its integer solutions (x, y). 5. Find all integer solutions (x, y) to the equation 2465x + 3298y = (2465, 3298). 6. To simplify somewhat, in football a team may score seven points (for a touchdown) or three points (for a field goal). (a) How many different combinations of touchdowns and field goals will result in a score of 42 points? (b) If we also consider the ordering of the scoring events, in how ways can a team score 42 points? (c) In how many ways can two teams end with a final score of 42 to 41, regardless of order? if we consider order?

Chapter 1. The Integers, Z

42

(d) If we also consider safeties, which are worth two points, in how ways can a team score 21 points (regardless of order)? 7. Suppose a chemist has one unscaled container that holds 14cc, another that holds 33cc, and an abundant supply of water. (a) What can she do to end up with 18cc of water for an experiment? (b) Find another way to answer part (a). (c) Which of your two answers uses the least amount of water? 8. Suppose PVC pipe comes in two lengths: 44 feet long and 19 feet long. (a) Can you lay pipe to connect two buildings that are 755 feet apart, without cutting any pipes? (b) Can you lay pipe to connect two buildings that are 754 feet apart, without cutting any pipes? (c) Obviously laying pipe is possible for 19 feet, or 38 feet, or 44 feet. No other distances less than 57 feet are possible (without cutting any pipes), but all distances from 780 to 784 are possible. What is the longest distance that cannot be connected with pipes of length 44 feet and 19 feet (without cutting any pipes)?

11

Convergents

Given a continued fraction, we want to prove that the even convergents increase, that the odd ones decrease, that all the odd convergents are larger than all the even convergents, and that the determinants Pk Qk+1 − Pk+1 Qk are alternately ±1. There is one further fact about determinants we would like to prove—let’s see if we can conjecture it. We will build the amazing array for the continued fraction [1; 2, 3, 4, 5, 6, 7, 8]:

0 1

1 0

1 1 1

2 3 2

3 10 7

4 43 30

5 225 157

6 1393 972

7 9976 6961

8 81201 56660

If we take skipped determinants, by leaving out a column, we get −1, 2, −3, 4, −5, 6, −7, 8, don’t we? Thus, we have Proposition 5 Given an amazing array for any continued fraction [a0 ; a1 , a2 , . . . , Pk P1 P2 Pm , Q , ..., Q , ..., Q , we have am ], of level m, with convergents PQO0 , Q 1 2 m k (a) Pk Qk+1 − Pk+1 Qk = (−1)k+1

for k ≥ 0

and, in particular, notice that Pk and Qk are relatively prime, for all k ≥ 0. (b) Pk Qk+2 − Pk+2 Qk = ak+2 (−1)k+1

for k ≥ 0.

11. Convergents

43

(c) P0 P2 P4 Pm P5 P3 P1 < < < ... < < ... < < < . Q0 Q2 Q4 Qm Q5 Q3 Q1

Proof . The proof of parts (a) and (b) are left to the reader. We will now use these Pk+2 Pk and Q , we will two facts to prove part (c). To see the relationship between Q k k+2 look at the sign of their difference. We get Pk+2 Pk Qk+2 − Pk+2 Qk ak+2 (−1)k+1 Pk − = = . Qk Qk+2 Qk Qk+2 Qk Qk+2 Since the Qk are all positive, and all the ak are positive except possibly for a0 , we see that this difference is positive for k odd and negative for k even. Thus the odd convergents decrease and the even convergents increase. On the other hand, looking at the difference between an odd and an even convergent, we have Pk+1 Pk Qk+1 − Pk+1 Qk (−1)k+1 Pk − = = Qk Qk+1 Qk Qk+1 Qk Qk+1 so this difference is positive when k is odd and negative when k is even. Thus each even convergent is smaller than the odd convergent before it, and each odd convergent is larger than the even convergent before it. These two facts tell us (make sure you are convinced) that indeed we have P2 P4 Pm P5 P3 P1 P0 < < < ... < < ... < < < . Q0 Q2 Q4 Qm Q5 Q3 Q1

√ In the exercises you are asked to work out the continued fraction for 2, which must be infinite if there is such a thing. We get similar results for irrational numbers: Conjecture: Any irrational number (an element of R that is not in Q) can be written as an infinite continued fraction: r = [a0 ; a1 , a2 , . . . , ak , . . .], where a0 = r ∈ Z and the ak are in N for k ≥ 1; the amazing array works as before:

0 1

1 0

a0 a0 1

a1 a0 a1 + 1 a1

a2 a0 a1 a2 + a2 + a0 a1 a2 + 1

··· ··· ···

ak Pk Qk

··· ··· ···

with the same rules as before for generating the Pk and Qk , and the same properties proved before: 1. Qk > 0 for all k ≥ 0.

Chapter 1. The Integers, Z

44 2. Pk Qk+1 − Pk+1 Qk = (−1)k+1

for k ≥ 0.

3. Pk Qk+2 − Pk+2 Qk = ak+2 (−1)k+1 We get convergents

Pk Qk

for k ≥ 0.

that are in lowest terms, so (Pk , Qk ) = 1, and

P0 P2 P4 P5 P3 P1 < < < ... < < < . Q0 Q2 Q4 Q5 Q3 Q1 We conjecture that lim

k→∞

Pk = r. Qk

Let’s see an example of this process and see why our conjecture is so. We will √ find the continued fraction for 19 and then construct the first several columns of √ the amazing array. As a first step, we see that 19 is between 4 and 5. Thus we subtract 4, and as a first step we have √ √ 19 = 4 + ( 19 − 4). √ We know 19 − 4 is some number between 0 and 1, so we invert to get a number bigger than 1: √ √ 1 19 = 4 + ( 19 − 4) = 4 + . 1 √ 19−4

1 is? We could use technology, How do we figure out what the integral part of √19−4 but the old multiply-by-the-conjugate trick we learned in high school works √ here: when we multiply the top and the bottom of the innermost fraction by 19 + 4, we get √ √ 1 1 √ 19 = 4 + ( 19 − 4) = 4 + =4+ . 1 √ 19−4

19+4 √ √ ( 19−4)( 19+4)

Simplifying, we get √ 19 = 4 +

1

√ 19+4 √ √ ( 19−4)( 19+4)

=4+

1

√ 19+4 3

.

√ √ √ Now since 19 is between 4 and 5, we have 8 < 19 + 4 < 9, so 83 < 19+4 < 3. 3 Thus the integer part is 2, and we subtract 2 = 63 off to find the next fractional part: √ 1 1 1 . √  =4+ √ 19 = 4 + √ =4+ 19+4 19+4 19−2 2+ −2 2+ 3 3 3

Inverting as before, we get √ 19 = 4 +

1 √ 2+

19−2 3

 = 4+

1 2+

1

.

√ 3 19−2

Once again multiplying by the conjugate and simplifying, we get √

19 = 4 +

1 2+

1

√ 3( 19+2) √ √ ( 19−2)( 19+2)

=4+

1 2+

1

√ 3( 19+2) 15

=4+

1 2+



1 19+2 5

.

11. Convergents

45

Is it easy to see that √

√ 19+2 5

is between 1 and 2, so we subtract 1 =

19 = 4 +

1 2+

1

√ 19+2 5

=4+

1 2+

 √1 1+

19−3 5



5( 19+3) √ √ ( 19−3)( 19+3)

5

=4+ Continuing, we get √  √ 19 + 3 19 − 3 =3+ =3+ 2 2

1 √ 2 19−3

=3+

and get

.

√ Now we invert and multiply by the conjugate 19 + 3 to get √ 1 1 19 = 4 + =4+ =4+ 1 1   √ 2+ 2 + 1+ 2+ 19−3 √1 1+

5 5

1 1 1+

5(

√1 19+3) 10

1 2+

1

√ 2( 19+3) √ √ ( 19−3)( 19+3)



.

1 1+

√ 1 19+3 2

1

=3+

√ 2( 19+3) 10

=3+

√ 19+3 5

1

.

Now 19+3 is between 1 and 2, so we subtract 1 = 55 and multiply by the necessary 5 √ conjugate, 19 + 2, to get √  √ 1 19 + 3 19 − 2 1 1 √ =1+ =1+ 5 =1+ =1+ √ . 5( 19+2) 19+2 √ 5 5 √ √ 19−2

( 19−2)( 19+2)

3

√ 19+2 3

The next step is to see that is between 2 and 3, so we subtract 2 = 63 and multiply by the conjugate to get √  √ 1 19 + 2 19 − 4 1 1 √ =2+ =2+ 3 =2+ =2+ √ . 3( 19+4) 3( 19+4) √ 3 3 √ √ 19−4

( 19−4)( 19+4)

3

√ And now (finally!), we get the payoff. The last denominator is 19 + 4, √which is between 8 and 9. And when we subtract 8, we get a fractional part of 19 − 4, which we dealt with before (at the first step). Therefore we would simply repeat the work above over and over, so we get the infinite continued fraction [4; 2, 1, 3, 1, 2, 8]. At each step, when we rounded √ down, we produced numbers that were alternately under- and over-estimates of 19: rounding down a denominator produces a number with a denominator that is too small, and thus the number is an overestimate; but rounding down the denominator of a denominator will make the truncated continued fraction have a numerator that is too small, and " thus we would have an ! P2k is an increasing sequence, underestimate. Continuing in the way we see that Q 2k ! " P2k+1 bounded above by r, and Q is a decreasing sequence, bounded below by r, 2k+1 and we have P0 P2 P4 P5 P3 P1 < < < ... < r < ... < < < . Q0 Q2 Q4 Q5 Q3 Q1

Chapter 1. The Integers, Z

46 On the other hand, we have the following Lemma 2 Qk ≥ k for all k ≥ 0.

Proof . By induction on k, after proving the three cases k = 0, 1, 2 separately. We have Q0 = 1, Q1 = a1 , and Q2 = a1 a2 + 1, and we know that ak ≥ 1 for all k > 0. Hence we have Q0 > 0, Q1 ≥ 1 and Q2 ≥ 1 + 1 = 2 so the first three cases are proved. Now we assume that Qk ≥ k for k = 0, 1, 2, . . ., n, and try to prove it for k = n + 1. We have Qn+1 = an+1 Qn + Qn−1 ≥ an+1 (n) + (n − 1) ≥ n + n − 1 = (n + 1) + (n − 2) ≥ n + 1 for n ≥ 2. Since we have taken care of the first three cases, this completes the proof.

Thus the Qk are increasing at least as fast as k, and      Pk   Pk Pk+1      Qk − r  <  Qk − Qk+1     Pk Qk+1 − Pk+1 Qk    =   Qk Qk+1   k+1  (−1)   =  Qk Qk+1  = ≤ ≤

1 Qk Qk+1 1 k(k + 1) 1 . k2

Thus successive convergents narrow in on r from each side. Hence we have proved Proposition 6 For r ∈ R with convergents Pk /Qk , we have P0 P2 P4 P5 P3 P1 < < < ... < r < ... < < < Q0 Q2 Q4 Q5 Q3 Q1 If we look at

and

lim

k→∞

Pk = r. Qk

√ 3, we get √ 3 = [1; 1, 2, 1, 2, 1, 2, 1, . . .] = [1; 1, 2]

so our amazing array starts:

0 1

1 0

1 1 1

1 2 1

2 5 3

1 7 4

2 19 11

1 26 15

2 71 41

1 97 56

2 265 153

1 362 209

2 989 571

··· ··· ···

11. Convergents

47

From this we can gather the following data   √ Pk Pk   k decimal error =  3 − Qk  Qk 0 1 1.0 0.73205 . . . 2 2.0 0.26795 . . . 1 5 1.6 0.06538414 . . . 2 3 7 3 1.75 0.017949192 . . . 4 19 4 1.72 0.00477808 . . . 11 26 5 1.73 0.001282525 . . . 15 71 6 1.73170 0.00034349 . . . 41 97 7 1.732142857 0.000092049 . . . 56 265 8 1.732026144 . . . 0.000024663 . . . 153 362 9 1.732057416 . . . 0.0000066087 . . . 209 989 10 1.732049037 . . . 0.00000177079 . . . 571

Qk Qk+1

#

1

$

error

1 3

1 3

12

15

44

55

165

209

615

779

2296

2911

8568

10,863

31,977

40,545

119,339

151,316

445,380

564,719

1 in absolute value. Qk Qk+1 √ We should note the significance of this calculation here. If we take 3 = 1.73205 . . . and truncate the decimal expansion at the nth place, we would expect√the resulting 1 3. Since the approximation to be within 12 · 10−n = 2·10 n of the actual value of n , we are getting, in general, an resulting approximation has a denominator of 10  √ 1 . This is much less accuracy (and a error estimate that looks like  3 − rs  < 2s much larger error, in √ general) than we get from the convergents to the continued fraction expansion of 3. We will not explore this theme of rational approximation much more in this book, but Project J on pages 275–277 touches on this topic. More can be found in [Davenport]. The last two columns confirm that the error is less than

Exercises 12 15 27 1. Find the continued fractions for , , and . Then use the amazing array 7 6 18 to solve the equations 12x + 7y = (12, 7),

15w + 6t = (15, 6),

and 27r + 18s = (27, 18).

297 132 159 , , and . Then use the amazing 2. Find the continued fractions for 17 87 139 array to solve the equations 132x+17y = (132, 17),

159w+87t = (159, 87),

and

297r+139s = (297, 139).

Chapter 1. The Integers, Z

48

1032 1597 2197 3. Find the continued fractions for , , and . Then use the amazing 217 987 1339 array to solve the equations 1032x + 217y = (1032, 217), 1597w + 987t = (1597, 987), 2197r + 1339s = (2197, 1339).

and

√ 4. Find the first several terms of the continued fraction for 2 and then fill out six columns of the amazing array. √ 5. Find the first several terms of the continued fraction for 11 and then fill out six columns of the amazing array. 6. Find the first several terms of the continued fraction for e and then fill out six columns of the amazing array. 7. Find the first several terms of the continued fraction for ln(2) and then fill out six columns of the amazing array. 8. Find the first several terms of the continued fraction for π and then fill out six columns of the amazing array. Do you notice anything odd? 9. Prove parts (a) and (b) of Proposition 5. 10. Modify the proof given in Lemma 2 that Qk ≥ k to show that Qk ≥ Fk where Fk is the kth Fibonacci number (the Fibonacci numbers are defined in Exercise 12 on page 24). Conclude (using Exercise 13a on page 24) that the denominators of the convergents to any continued fraction are growing at least exponentially, whereas Lemma 2 only shows that these denominators are growing at least linearly. 11. Show that the area of the parallelogram spanned by the vectors a = (a1 , a2 ) and b = (b1 , b2 ) is the absolute value |a1 b2 − a2 b1 | (see Figure 5).

Figure 5: Area of a parallelogram 12. Find the pattern for the infinite continued fraction for

√ 28.

13. Let m ∈ N. Find the pattern for the infinite continued fraction for Then prove this pattern. 14. Let m ∈ N. Find the pattern for the infinite continued fraction for Then prove this pattern.

√ √

m2 + 1. m2 + 2.

12. The amazing super-array

49

15. Let m ∈ N. Find the pattern for the infinite continued fraction for Then prove this pattern.



m2 − 1.

√ 16. Let m ∈ N. Find the pattern for the infinite continued fraction for m2 − 2. Then prove this pattern. √ 17. Let m ∈ N. Find the pattern for the infinite continued fraction for m2 + m. Then prove this pattern. 1 1 + = 1. Consider α β

18. Let α and β be positive irrational numbers such that the two sequences of integers given by S = { α · k : k ∈ N} and T = { β · k : k ∈ N}.

Show that every positive integer shows up exactly once (either in S or in T ). That is, show that S ∩ T = ∅ and S ∪ T = N.

12

The amazing super-array

The extended calculation on pages 44–45 is rather tedious, and we seek a way to streamline it. To that end, we will introduce some notation. If r ∈ R is a real number for which we seek a continued fraction, then we will define real numbers r0 , 1 (so that r = a0 + r11 ), r1 , r2 , . . . to keep track of our calculation: r0 = r, r1 = r0 −r 0 1 and in general rn+1 = rn −rn  , so that at the nth step we have r = [a0 ; a1 , a2 , a3 , . . . , an−1 , rn ] = a0 +

1 a1 +

.

1 a2 +

1 a3 +

1

..

.

1 an−1 + 1 rn

Finding the terms of the continued fraction, the ak , is then a simple matter of this calculation rounding: ak = rk . The amazing super-array is a way to make √ a+ d automatic in the important case where r is√of the form r = b (with a, b, and d ∈ Z); note that every pure square root n is of this form, as is every root of a quadratic in Z[x], or for that matter any root of a quadratic in Q[x]. What we √ k will do is define integer sequences {Ak } and {Bk } via rk = d+A Bk . Thus in the calculation on pages 44–45, we have 0√ k √ rk 19 = 19+0 1 Ak 0 1 Bk 4 ak

1

√ 19+4 3

4 3 2



2 19+2 5

2 5 1

3

4

√ 19+3 2

√ 19+3 5

3 2 3

3 5 1



5 19+2 3

2 3 2

6

7

√ 19+4 1

√ 19+4 3

4 1 8

4 3 2

... ... ... ... ...

and the columns repeat after this. So how do we generate % √ the &numbers Ak , Bk , and d+A0 ak ? Clearly A0 and B0 have to be given, and a0 = ; in general we have B0

Chapter 1. The Integers, Z

50

%√ & d+Ak ak = . Furthermore Ak+1 = ak · Bk − Ak , while Bk+1 = Bk comes from the following calculation: rk

= =

√ d + Ak Bk √ ak +

d + Ak − ak Bk

= =

ak +

√ Bk ( d+Ak+1 ) d−A2k+1

=

ak +

√ d+Ak+1 (d−A2k+1 )/Bk

=

ak +

√ d+Ak+1 Bk+1

=

ak +

=

This all



√ d + (Ak − ak Bk ) ak + Bk √ d − Ak+1 ak + Bk 1 ak + Bk

=

d−A2k+1 . Bk

√ d−Ak+1

1

1

1

1 . rk+1

It is left to the reader to check that these rules √have been applied correctly in the √ 19 calculation above; another example is r = 34+8 : 5

k Ak Bk ak

0 8 5 2

1 2 6 1

2 4 3 3

3 5 3 3

4 4 6 1

5 2 5 1

6 3 5 1

7 2 6 1

8 4 3 3

9 5 3 3

... ... ... ...





thus r = 34+8 = [2; 1, 3, 3, 1, 1, 1]. The terms of the continued fraction for 34+8 5 5 appear on the bottom row; we could use them in the usual way to produce the √ convergents to 34+8 (that is why this is called the amazing super-array): 5

k Ak Bk ak 0 1 1 0

0 8 5 2 2 1

1 2 6 1 3 1

2 4 3 3 11 4

3 5 3 3 36 13

4 4 6 1 47 17

5 2 5 1 83 30

6 3 5 1 130 47

7 2 6 1 213 77

8 4 3 3 769 278

9 5 3 3 2520 911

... ... ... ... ... ...

12. The amazing super-array √

One further example, r =

34+9 , 3

k Ak Bk ak

2

3

25 3

16 3 2 3

16 3 25 3

1

16

1

0 9 3 4

1 3

51 may help illuminate this process. 4 3 3 2

5 3

6

7

25 3

16 3 2 3

16 3 25 3

1

16

1

8 3 3 2

9 3

10

11

25 3

16 3 2 3

16 3 25 3

1

16

1

... ... ... ...



Thus r = 34+9 = [4; 1, 16, 1, 2]. As we might expect from the formula for Bk , these 3 numbers Bk are sometimes not integers, which implies the Ak are non-integral as well. However, the first two situations are covered by the following lemma. √

2 k Lemma 3 With rk = d+A Bk , ak = rk , Ak+1 = ak Bk − Ak, Bk+1 = d − Ak 2 defined as on page 50, we have B0 |(d − A0 ) =⇒ all the Bk (and thus all the Ak ) will be integers.

Proof . We proceed by induction on k. For the base case, note that d − A21 = d − (a0 · B0 − A0 )2 = d − A20 + B0 (2a0 A0 − a20 B0 ) so d − A21 is a multiple of B0 , and B0 |d − A21 =⇒ B1 ∈ Z. But then suppose we assume that all Bk ∈ Z for k = 0, 1, 2, . . . , m. In particular Bm ∈ Z, so Bm−1 |d − A2m , in fact d − A2m = Bm Bm−1 . Now Am+1 = am Bm − Am , so d − A2m+1 = d − (am Bm − Am )2 = d − A2m + Bm (2am Am − a2m Bm ) = Bm Bm−1 + Bm (2am Am − a2m Bm ) is an integer multiple of Bm , so Bm+1 is an integer.

In addition to making the calculations easier, having all the Bk and Ak be integers allows us to draw conclusions, such as ensuring that we get repetition, as we did for √ 19 and the other examples, and thus an eventually periodic continued fraction. Definition 12 A continued fraction r = [a0 ; a1 , a2 , a3 , . . .] is called purely periodic if there exists a k ∈ N such that aj+k = aj for all j ∈ W. A continued fraction [a0 ; a1 , a2 , a3 , . . .] is called eventually periodic if there exist positive integers k and N such that aj+k = aj for all j ≥ N . In either case, the smallest k for which this is true is the called the period of r. Proposition 7 Let d ∈ N be not a perfect square. Then r = periodic continued fraction expansion.

Proof . In this important special case where r = can show the following inequalities (for k ≥ 0): • 0 ≤ Ak
1 for the calculation to be interesting, and d > 1 =⇒ a0 = d ≥ 1. Thus we assume these three inequalities hold up to k and we examine the (k + 1)st case. The calculation on page 50 shows us that √ d − Ak+1 rk = a k + Bk √

k+1 and by the choice of ak = rk we see that we have 0 < d−A < 1. This Bk √ implies that Ak+1 < d since we have assumed Bk > 0. This in turn implies that

d−A2

1 ≤ Bk+1 ≤ d, since Bk+1 = Bkk+1 ≤ d was shown earlier to be an integer. And & %√ √ √ d+Ak+1 < 2 d, while then Bk+1 ≥ 1 and Ak+1 < d together show that ak+1 = Bk+1 ak+1 ≥ 1 by definition. Thus we have bounded Ak , Bk , and ak . The significance √ d+Ak of this is that there are now a finite number of possibilities for rk = Bk and so the amazing super-array (or the algebraic calculation) must repeat at some point, which shows that the continued fraction is eventually periodic. √ What about quadratic irrationals that are not as simple as d? Though a similar approach might be made to work, a full proof is beyond the scope of this book. As √ 34+9 shows, the Bk and thus the Ak may not always be the example with r = 3 B0 /|d − A20 , we integers. One trick allows us to avoid non-integral Bk and Ak : if √ 2 0 employ an algebra trick to make sure that B0 |d − A0 : given r = d+A B0 , rewrite it as r =

√ dt2 +A0 t , B0 t

then adjust t so that B0 t|dt2 − A20 t2 ⇐⇒ B0 |(d − A20 )t (for

example, t = B0 always works). If we employ this trick to re-write r = √ , we get r = 306+27 9 k Ak Bk ak

0 1 2 3 4 5 6 7 27 9 16 16 9 9 16 16 9 25 2 25 9 25 2 25 4 1 16 1 2 1 16 1

√ 34+9 3

as

8 9 10 11 · · · 9 9 16 16 · · · 9 25 2 25 · · · 2 1 16 1 · · ·

Why do we concentrate on the case where r is the root of a quadratic polynomial? Our next theorem will show why, but first we have some definitions: Definition 13 A real number r is called a quadratic irrational if r ∈ Q and r is the root of a quadratic polynomial in Z[x].

Thus



19 is a quadratic irrational, as are

√ 34+8 5

and

√ 34+9 . 3

If r is the root of √ a quadratic polynomial, then by the quadratic formula we know r b2 −4ac . Since for each d ∈ Z adx2 + bdx + cd has the same roots has the form −b± 2a 2 as ax + bx + c, we see that there may be scaling involved, but we shall make the following definition.

12. The amazing super-array

53

Definition 14 Let r be a quadratic irrational. The type of r is (a, b, c) where a, √ b2 −4ac b, c ∈ Z, the GCD (a, b, c) = 1, and r = −b+ 2a . Furthermore, each quadratic irrational has a discriminant, Δ, defined to be Δ = b2 − 4ac. √ (1, 0, −d) with We have Δ > 0 for all real quadratic irrationals. Thus d is of type √ √ discriminant 4d, − d is of type (−1, 0, d) with discriminant 4d, 34+8 is of type √ 5 − 34+8 , is of type (5, −16, 6) with discriminant 136 = 4 · 34 while its conjugate, 5 √ (−5, 16, −6) with discriminant 136, and −15−7 23 is of type (−49, −210, −202) with discriminant 4508 = 142 · 23. Also note that the purely periodic continued fraction, x = [a0 , a1 , a2 , . . . , ak ], Pk x+Pk−1 , thus Qk x2 + Qk−1 x = Pk x + Pk−1 , satisfies x = [a0 , a1 , a2 , . . . , ak , x] = Q k x+Qk−1 so x is of type (Qk , Qk−1 − Pk , −Pk−1 ), with discriminant Δ = (Qk−1 − Pk )2 + 4Pk−1 Qk = (Qk−1 + Pk )2 + 4(Pk−1 Qk − Pk Qk−1 ) = (Qk−1 + Pk )2 + 4(−1)k . Since f (x) = Qk x2 + (Qk−1 − Pk )x − Pk−1 has f (0) = −pk−1 < 0 and f (−1) = Qk − Qk−1 + Pk − Pk−1 = Qk−2 + Pk−2 > 0, f must have two roots, x > a0 ≥ 1 and its conjugate, x, for which −1 < x < 0. This leads to another definition.

Definition 15 Let√ r be a quadratic irrational of type (a, b, c). If r > 1 and the b2 −4ac conjugate r = −b− 2a , of type (−a, −b, −c), satisfies −1 < r < 0, then we say r is a reduced quadratic irrational. The significance of this is the following proposition. Proposition 8 Of the many quadratic irrationals of a given discriminant Δ ∈ N, there are a finite number of reduced quadratic irrationals. Proposition 9 Let r be a quadratic irrational of type (a, b, c) and discriminant Δ ∈ N. Then for n ∈ Z, r − n is a quadratic irrational of type (a, b + 2an, c + bn + an2 ) and discriminant Δ, and 1r is a quadratic irrational of type (−c, −b, −a) and discriminant Δ. Theorem 5 • A real number q is represented by a finite continued fraction ⇐⇒ q ∈ Q. • A real number r is represented by a periodic infinite continued fraction ⇐⇒ r is a reduced quadratic irrational. • A real number r is represented by an eventually periodic infinite continued fraction ⇐⇒ r is a quadratic irrational.

Proof . The first statement is quite clear: if q ∈ Q then the Euclidean algorithm will stop after a finite number of steps, and q will be represented by a finite continued

Chapter 1. The Integers, Z

54

fraction. On the other hand, a finite continued fraction can clearly be simplified (using algebra or the amazing array) into a rational number. As for the second part, suppose we have an eventually periodic continued fraction. Call it y, so we have y = [a0 ; a1 , . . . , aN , aN +1 , aN +2 , . . . , aN +k−1 ]. If we define x to be the purely periodic continued fraction x = [aN , aN +1 , aN +2 , . . . , aN +k−1 ], then we may find x by substituting x back into itself: x = [aN ; aN +1 , aN +2 , . . . , aN +k−1 , x]. The right-hand side simplifies (via the amazing array, if we wish) to something of Pk x+Pk−1 , and Pk , Pk−1 , Qk , and Qk−1 are all integers (since all the ak the form Q k x+Qk−1 are). Thus we have Pk x + Pk−1 , x= Qk x + Qk−1 which leads to Qk x2 + (Qk−1 − Pk )x − Pk−1 = 0, so x is a reduced quadratic irrational (the first part of our theorem shows us that x is irrational, and it was shown above that x is reduced). Going further, y = [a0 ; a1 , . . . , aN −1 , x], so y can be gotten from x by a finite number of operations, either adding an integer or taking a reciprocal. Thus y is also a quadratic irrational (see√Exercise 14); d for integers furthermore, that implies that y can be written in the form y = M + N M , N and d (where d is not a perfect square), and we have shown that eventually periodic continued fractions simplify to quadratic irrationals. The last two proofs (that r is a quadratic irrational =⇒ r is represented by an eventually periodic infinite continued fraction, and that r is a reduced quadratic irrational =⇒ r is represented by a periodic infinite continued √ √ fraction) are beyond d above, and r = − d the scope √ of this book. We have shown the special case r = √ and r = d + d are dealt with in the exercises.

Exercises 1. In analogy with continued fractions expansions, for which real numbers is the decimal expansion eventually periodic? finite? non-periodic? 2. (a) Find a quadratic polynomial in Z[x] for which (b) Find a quadratic polynomial in Z[x] for which

√ 34+8 5 √ 34+9 3

is a root.

is a root. √ 3. Use the amazing super-array to find the continued fraction for 22. √ 4. Use the amazing super-array to find the continued fraction for 59.

12. The amazing super-array

55

5. Use the amazing super-array to find the continued fraction for 6. Use the amazing super-array to find the continued fraction for 7. Use the amazing super-array to find the continued fraction for



71.

√ 3+ 59 . 5 √ 1+ 59 . 2

8. Use the amazing super-array to find the continued fraction for the positive root of f (x) = 8x2 − 7x − 13. 9. (a) Let r be a reduced quadratic irrational of type (a, b, c) and discriminant Δ. Show that a > 0, b < 0, c < 0 and b < a + c < −b. (b) Use part (a) to prove Proposition 8. √ 10. Suppose m ∈ Z, and k a positive integer less than 2m + 1, so m2 + k is between m and m + 1. √ (a) Show that r = m + m2 + k is a reduced quadratic irrational in two ways: i. directly from the definition. ii. using the criteria developed in Exercise 9. What second-degree polynomial is r a root of? √ (b) Conclude that m2 + k = [m; a1 , a2 , . . . , at−1 , 2m]. 11. Find all reduced quadratic irrationals with discriminant Δ = 12. You may use Exercise 9. 12. Find all reduced quadratic irrationals with discriminant Δ = 17. You may use Exercise 9. 13. Find all reduced quadratic irrationals with discriminant Δ = 28. You may use Exercise 9. 14. Prove Proposition 9. 15. Suppose r = [a0 ]. (a) Show that −r = [−(a0 + 1); 1, a0 − 1, a0 ]. √ (b) Use part (a) to show that − 2 = [−2; 1, 1, 2]. √ (c) Use part (a) to show that − 17 = [−5; 1, 7, 8]. (d) Use part (a) to show that −ω = [−2; 2, 1], where ω = the positive root of the polynomial x2 − x − 1.

√ 1+ 5 2

is defined as

16. Suppose r = [a0 ; a1 ]. (a) Show that −r = [−(a0 + 1); 1, a1 − 1, a1 , a0 ]. √ (b) Use part (a) to show that − 11 = [−4, 1, 2, 6, 3]. √ (c) Use part (a) to show that − 12 = [−4, 1, 1, 6, 2]. √ (d) Use part (a) to show that − 15 = [−4; 7, 1, 6].

√ (e) Use part (a) to find the continued fraction representation of − 63. (f) Find the continued fractions for

√ 120 5

and −

√ 120 5 .

Chapter 1. The Integers, Z

56

√ 17. Below is a table of continued fractions for n with period three (this period is rather rare). Conjecture a rule that accounts for this data. √ √ −√130 = [−12, 1, 1, 2, 22, 2] √130 = [11; 2, 2, 22] −√269 = [−17, 1, 1, 2, 32, 2] √269 = [16; 2, 2, 32] 370 = [19; 4, 4, 38] −√370 = [−20, 1, 3, 4, 38, 4] √ 458 = [21; 2, 2, 42] −√458 = [−22, 1, 1, 2, 42, 2] √ −√697 = [−27, 1, 1, 2, 52, 2] √697 = [26; 2, 2, 52] 986 = [31; 2, 2, 62] −√ 986 = [−32, 1, 1, 2, 62, 2] √ 1313 = [36; 4, 4, 72] − √1313 = [−37, 1, 3, 4, 72, 4] √ 1325 = [36; 2, 2, 72] − √ √1325 = [−37, 1, 1, 2, 72, 2] 1613 = [40; 6, 6, 80] − √1613 = [−41, 1, 5, 6, 80, 6] √ 1714 = [41; 2, 2, 82] − 1714 = [−42, 1, 1, 2, 82, 2] √ 18. Below is a table of continued fractions for n with period four. Conjecture a rule that accounts for this data. √ √ −√ 7 = [−3, 2, 1, 4, 1, 1] √ 7 = [2; 1, 1, 1, 4] −√14 = [−4, 3, 1, 6, 1, 2] √14 = [3; 1, 2, 1, 4] 23 = [4; 1, 3, 1, 8] − √ √ 23 = [−5, 4, 1, 8, 1, 3] 28 = [5; 3, 2, 3, 10] − √28 = [−6, 1, 2, 2, 3, 10, 3] √ −√32 = [−6, 2, 1, 10, 1, 1] √32 = [5; 1, 1, 1, 10] 33 = [5; 1, 2, 1, 10] −√33 = [−6, 3, 1, 10, 1, 2] √ 34 = [5; 1, 4, 1, 10] −√34 = [−6, 5, 1, 10, 1, 4] √ 47 = [6; 1, 5, 1, 12] −√ 47 = [−7, 6, 1, 12, 1, 5] √ 55 = [7; 2, 2, 2, 14] − √55 = [−8, 1, 1, 2, 2, 14, 2] √ 60 = [7; 1, 2, 1, 14] − 60 = [−8, 3, 1, 14, 1, 2] 19. Based on Exercises 15–18, conjecture and prove a rule for the continued fraction representation of −r, based on the continued fraction representation r = [a0 ; a1 , a2 , a3 , . . .]. 20. Is the number 0.123456789101112131415161718192021 . . . rational or irrational?

13

The modified division algorithm

We return to the division algorithm and modify it, using the usual way of rounding, instead of always rounding down. This gives us the modified division algorithm. Modified division algorithm: If a and b are integers, with b = 0, then there exist unique integers q and r with a = bq + r

1 1 − |b| < r ≤ |b|. 2 2

13. The modified division algorithm

57

Let’s use both versions to find (144, 89): 144 89 55 34 21 13 8 5 3 2

1 · 89 + 55 1 · 55 + 34 1 · 34 + 21 1 · 21 + 13 1 · 13 + 8 1·8+5 1·5+3 1·3+2 1·2+ 1 2·1+0

= = = = = = = = = =

144 89 −34 −13

= = = =

2 · 89 + (−34) (−3) · (−34) + (−13) 3 · (−13) + 5 (−3) · 5 + 2

5 = 2·2+ 1 2 = 2·1+0

We can write 144 1 =1+ 89 1+

or

1

1+

..

144 1 =2+ 89 −3 +

.

1

3+

..

.

so = [1; 1, 1, 1, 1, 1, 1, 1, 1, 2] = [2; −3, 3, −3, 2, 2]. If we try the amazing array again, we get 144 89

0 1

1 0

Pk Qk

1 1 1

1 2 1

1 3 2

1 5 3

1 8 5

1 13 8

1 21 13

1 34 21

1 55 34

2 144 89

1.0 2.0 1.5 1.6 1.6 1.625 1.61538 . . . 1.61904 . . . 1.61764 . . . 1.61799 . . .

or

0 1 Pk Qk

1 0

2 2 1

−3 −5 −3

3 −13 −8

−3 34 21

2 55 34

2 144 89

2.0

1.6

1.625

1.61904 . . .

1.61764 . . .

1.61799 . . .

so for the modified division algorithm we have P4 P5 P3 P2 P1 P0 < < < < < . Q4 Q5 Q3 Q2 Q1 Q0 Which convergents are out of order? Which elements of the continued fraction are negative? Try [2; −1, −1, 2, −2, −2, −2, 3]: 0 1 Pk Qk

1 0

2 2 1

−1 −1 −1

−1 3 2

2 5 3

−2 −7 −4

−2 19 11

3 50 29

2.0

1.0

1.5

1.6

1.75

1.72

1.7241 . . .

Chapter 1. The Integers, Z

58 So we get

P1 P2 P3 P6 P5 P4 P0 < < < < < < . Q1 Q2 Q3 Q6 Q5 Q4 Q0 Which convergents are out of order? Which elements of the continued fraction are negative? You can do this on a calculator by not just taking the integer part, x , but by taking the rounded-off value, x or x + 1 = x, whichever is closer. How many of the other things we proved about the amazing array will still hold true? The determinants are −1, +1, −1, +1, −1, etc. just as they should be, and the 2 × 2 (skipped) determinants are +1, +2, +2, −2, −3, as they should be. So we get 50 = [2; −1, −1, 2, −2, −2, 3] 29 = [1; 1, 2, 1, 1, 1, 2] = [2; −4, 3, −3] and representations of rational numbers by continued fractions aren’t unique anymore.

Exercises 1. Verify that

50 = [1; 1, 2, 1, 1, 1, 2] = [2; −4, 3, −3]. 29

35 . Which 13 one(s) are canonical (that is, which ones follow from the algorithms given so far in this book)? (b) Use the continued fractions found in part (a) to solve the equation 35x + 13y = 1.

2. (a) Find four different continued fraction representations for

284 . Which 75 one(s) are canonical (that is, which ones follow from the algorithms given so far in this book)? (b) Use the continued fractions found in part (a) to solve the equation 284x+ 75y = 1. a 4. (a) Suppose we have the following pattern of signs: = [+; −, +, +, +, −, −, +]. b Predict the order of the convergents to ab . a = (b) Check your prediction in part (a) with the continued fraction b [2; −3, 1, 1, 3, −2, −4, 6]. 3. (a) Find four different continued fraction representations for

14

Why does the amazing array work?

One thing we have not shown is that the amazing array does what it is supposed to do, namely simplify the algebraic calculations involved in simplifying continued

14. Why does the amazing array work?

59

fractions. Why should the amazing array work? One reason to believe that it works 144 into a continued fraction is that we have evidence: on page 57 we expanded 89 144 (twice), and then used the amazing array to go the other way and recover 89 (twice). One reason not to believe that the amazing array works, though, is that the algebra is backwards! Notice that when we simplify a continued fraction of the form 1 a0 + 1 a1 + a + 1 2

a3 +

1

..

.

1 an−1 + 1 an

we start by multiplying an by an−1 and adding 1 to get a0 +

1 a1 +

.

1 a2 +

1 a3 +

1

..

. an−2 + an a an

n−1 +1

At the next step we simplify 1 an−2 +

an an an−1 +1

,

etc., and eventually we end up with a rational expression that represents the continued fraction [a0 ; a1 , a2 , . . . , an ]. However, when we calculate convergents in the amazing array, the whole process proceeds, seemingly, backwards: we start by multiplying by a0 , then by a1 , etc. How could this possibly work? Well, it turns out that this process does work. We will be using the amazing array in a variety of settings in the coming sections, so rather than prove that it works again and again in different settings (such as Q, R, Q[i], C, the polynomial ring Z[x], etc.), we shall show it works in any field, F . It is left to the reader to see that we will always have a field handy in which to do calculations. Theorem 6 Let a0 , a1 , a2 , . . . , an be elements of a field F and let A be the continued fraction A = [a0 ; a1 , a2 , a3 , . . . , an ] = a0 +

1 a1 +

.

1 a2 +

1 a3 +

1

..

. an−2 +

1 an−1 + 1 an

Define the elements P0 , P1 , P2 , . . . , Pn , Q0 , Q1 , Q2 , . . . , Qn of F by the rules P0 = a0 , P1 = a0 a1 + 1, Pk = ak Pk−1 + Pk−2 for k ≥ 2 and Q0 = 1, Q1 = a1 , Qk = ak Qk−1 + Qk−2 for k ≥ 2. Then A=

Proof .

Pn . Qn

We proceed by induction on n. If n = 0, then A = a0 =

are done. If n = 1, then A = [a0 ; a1 ] = a0 +

P0 and we Q0

1 a0 a1 + 1 P1 = = and again a1 a1 Q1

Chapter 1. The Integers, Z

60

we are done. Thus we will assume the theorem is true for all continued fractions consisting of k ≥ 1 elements and try to prove it is true for continued fractions with k + 1 elements. To do this, we employ a trick: we consider the last level of the 1 continued fraction [a0 ; a1 , a2 , a3 , . . . , ak , ak+1 ] to be the single term ak + . In ak+1 other words, we construct convergents using the amazing array as follows:

0 1

1 0

a0 P0 Q0

a1 P1 Q1

··· ··· ···

a2 P2 Q2

1 ak + ak+1 Pk Qk

ak−1 Pk−1 Qk−1

Then we use the induction hypothesis to simplify this new continued fraction. By the induction hypothesis, we know that 



1

a0 ; a1 , a2 , a3 , . . . , ak−1 , ak +

ak+1

= a0 +

1 a1 +

1 a2 +

1 a3 +

1

..

. ak−1 +

1 1 ak + ak+1

Pk , where the elements P0 , . . . , Pk−1 , Q0 , . . . , Qk−1 are defined as Qk usual, and Pk and Qk are defined by

is equal to

Pk =

 ak +

1 ak+1

 Pk−1 + Pk−2

and

Qk =

 ak +

1



ak+1

Qk−1 + Qk−2 .

Therefore we have  a0 ; a1 , a2 , a3 , . . . , ak−1 , ak +

1 ak+1

 = = =

Pk Qk ak+1 Pk ak+1 Qk (ak ak+1 + 1)Pk−1 + ak+1 Pk−2 . (ak ak+1 + 1)Qk−1 + ak+1 Qk−2

On the other hand, if we start with the continued fraction [a0 ; a1 , a2 , a3 , . . . , ak−1 , ak , ak+1 ], we would have the same values for the elements P0 , . . . , Pk−1 , Q0 , . . . , Qk−1 , but then the last two numerators and denominators would be Pˆk = ak Pk−1 + Pk−2 , ˆ k + Qk−1 . This ˆ k = ak Qk−1 + Qk−2 , and Q ˆ k+1 = ak+1 Q Pˆk+1 = ak+1 Pˆk + Pk−1 , Q would correspond to the following amazing array:

0 1

1 0

a0 P0 Q0

a1 P1 Q1

a2 P2 Q2

··· ··· ···

ak−1 Pk−1 Qk−1

ak Pˆk ˆk Q

ak+1 Pˆk+1 ˆ k+1 Q

15. Primes

61

The algebra in this case would give us Pˆk+1 ˆ k+1 Q

= = = = =

ak+1 Pˆk + Pk−1 ˆ k + Qk−1 ak+1 Q ak+1 (ak Pk−1 + Pk−2 ) + Pk−1 ak+1 (ak Qk−1 + Qk−2 ) + Qk−1 (ak ak+1 + 1)Pk−1 + ak+1 Pk−2 (ak ak+1 + 1)Qk−1 + ak+1 Qk−2 Pk Qk [a0 ; a1 , a2 , a3 , . . . , ak−1 , ak , ak+1 ] .

Thus we get the correct result, and by induction we have shown that the amazing array always works as it should.

Exercises 1. Show that [a0 ; a1 , a2 , . . . , an , 1] = [a0 ; a1 , a2 , . . . , an + 1]. This implies that no continued fraction should end with a 1. (This is reminiscent of the fact that 0.999 . . . = 1, and the rule that no decimal expansion should end with repeating nines forever.) What other possibility (which might occur when using the modified division algorithm) can be ruled out? 2. Use the amazing array to simplify the continued fraction [1+i; 2−i, 3+2i, 1−i]. 3. Use the amazing array to simplify the continued fraction [2 + ρ; 3 − ρ, 1 − 2ρ, 4 + 5ρ]. The number ρ is defined on page 25. 4. Use the amazing array to simplify the continued fraction [ω; 1−4ω, 2+3ω, 5− ω]. The golden ratio, ω, is defined as the positive root of the polynomial x2 − x − 1. 5. Use the amazing array to simplify the continued fraction [x; x2 +2, x+1, 2x+3].

15

Primes

The fundamental theorem of arithmetic talks about primes, so we need a definition of what it means to be prime. There are alternative definitions, but we will use the following Definition 16 Suppose p is an integer that is not zero and is not a unit. We say p is prime if p = a · b =⇒ a is a unit or b is a unit. This leads immediately to an important fact.

Chapter 1. The Integers, Z

62

Proposition 10 If p is a prime in Z and d|p then d = ±1 or d = ±p. Proof . d|p =⇒ p = db =⇒ d is a unit or b is a unit. If d is a unit then d = ±1. If b is a unit then b = ±1, so d = p/b = ±p. The following formulation will also be handy to have. Proposition 11 If n is an integer and n = 0, ±1, then n is not prime ⇐⇒ n can be written n = a · b where 1 < |a|, |b| < |n|. Proof . ( =⇒ ) We can certainly write n = a · b for some integers a and b, since for instance n = 1 · n. If n is not prime, we must have that there is a pair a and b with n = a · b and a is neither ±1 nor ±n. We thus have that a|n; since n = 0, a = 0 is impossible. Thus 0 < |a| and we know |a| = 1; hence we have 1 < |a|. Similarly, b = 0 and b = ±1 =⇒ 1 < |b|. Multiplying both sides by |a|, we get |a| < |a| · |b| = |ab| = |n|. Thus we get 1 < |a| < |n|; 1 < |b| < |n| is proved similarly. (⇐=) If n is prime, ⎧ ⎨ a = ±1 ⇐⇒ n = ±b ⇐⇒ b = ±n or n = a · b =⇒ ⎩ b = ±1 ⇐⇒ n = ±a ⇐⇒ a = ±n Thus there are only four ways to write n as a product: n

= (+1)(+n) = (−1)(−n) = (+n)(+1) = (−n)(−1).

In each case, 1 < |a|, |b| < |n| is false. Thus we are done as we have proved the contrapositive of the statement we needed to prove.

The advantage of our definition is that it readily generalizes to other rings: Definition 17 In a ring R, a non-zero element p that is not a unit is called prime if p = a · b =⇒ a or b is a unit of R. Recall the three facts about linear combinations: • (a, b) = d =⇒ there are x, y ∈ Z with ax + by = d. • d|a and d|b =⇒ d|(ax + by) for all x and y ∈ Z. • (a, b) = 1 ⇐⇒ there are x, y ∈ Z with ax + by = 1.

15. Primes

63

Why do we care about the equation ax + by = d = (a, b)? We have seen how this equation has helped us in the past; it also helps in the proof of the next theorem. Theorem 7 (Prime Theorem) Suppose p is a prime in Z and a and b are integers. Then p|ab =⇒ p|a or p|b.

Proof . If p|a we are done, so assume p/|a. Then let d = (a, p). We have d|p and d ≥ 0, so d = 1 or p, by Proposition 10. If d = p then we have d|a, a contradiction; thus we must have d = 1. Thus (a, p) = 1 = d so we can write 1 = ax + py for some integers x and y. Therefore we get b = abx + bpy = (ab)x + p(by) and since we have written b as a linear combination of multiples of p, p|b.

In the proof of the prime theorem, where and how did we use the fact that p was a prime? Only to get the statement that (a, p) = 1. Thus we can get the following, similar statement. (This is traditionally called Euclid’s lemma, though some would call it a proposition or even a theorem.) Proposition 12 (Euclid’s lemma) For d, a, and b in Z, if d|ab and (a, d) = 1, then d|b.

Proof . (a, d) = 1 so we can write 1 = ax + dy for some integers x and y. Therefore we get b = abx + bdy = (ab)x + d(by) and so d|b.

Corollary 1 Suppose p is a prime in Z, and a is any integer. Then p/|a =⇒ (a, p) = 1.

Before we proceed to the proof of the fundamental theorem of arithmetic, we state the following

Proposition 13 If a|c and b|c and (a, b) = 1, then ab|c.

Chapter 1. The Integers, Z

64

Exercises 1. Prove that for integers a, b, and c (a) If (a, b) = 1 and c|a, then (c, b) = 1. (b) If (a, b) = 1, then (b, c) = (b, ac). Is the converse true? ⇐⇒

(c) If  c isa positive common divisor of a and b, then c = (a, b) a b , = 1. c c (d) If c|ab, then c|(a, c)(b, c).

2. Show that 0|ab =⇒ 0|a or 0|b. (In this way, zero acts like a prime integer. But zero is not a prime.) 3. Let p be a positive prime integer, and suppose 1 ≤ a ≤ p − 1. Prove that (a, p) = 1 and that (p, a + kp) = 1 for all k ∈ Z.    p 4. Let p be a prime integer. Prove that for 1 ≤ k ≤ p − 1, p  . k 5. Suppose ak − 1 is a prime integer (with a ≥ 1 and k ≥ 2). Show that a = 2 and that k is a prime integer. 6. If (a, b) = 1, then show that (a2 − ab + b2 , a + b) ≤ 3. 7. A fraction is in lowest terms when it is written as c d are in lowest terms, prove that

a b

with (a, b) = 1. If

a b

and

a c + ∈ N =⇒ b = ±d. b d 8. Prove that every composite integer is expressible in the form xy + xz + yz + 1 with positive integers x, y, and z. 9. Prove Corollary 1. 10. Prove Proposition 13. 11. Using a compass and straightedge, divide a 19◦ angle into nineteen equal parts.

16

The proof of the fundamental theorem of arithmetic

Before we actually prove the fundamental theorem of arithmetic, we need three lemmas: Lemma 4 If p is a prime and p|a1 a2 a3 · · · an , then p|ak for some k with 1 ≤ k ≤ n.

16. The proof of the fundamental theorem of arithmetic

65

Proof . We know that p|a1 or p|a2 a3 · · · an by the prime theorem. If p|a1 we are done; otherwise p|a2 a3 · · · an and so p|a2 or p|a3 · · · an by the prime theorem. Continuing in this way, we get that if p|an−1 we are done; otherwise p|an and the proof is complete.

(Technically, such a result should be written as a proof by induction, but here the reasoning should be clear (and convincing!).) Lemma 5 If p|q1 q2 q3 · · · qn where p and the qi are all primes, then p = ±qk for some k with 1 ≤ k ≤ n.

Proof . By Lemma 4, p|qk for some k. Since qk is a prime, this implies that p = ±1 or p = ±qk . Since p is prime, p = ±1; hence p = ±qk .

Lemma 6 Any positive integer n = 1 has a positive prime factorization; i.e., n can be written as a product of positive primes.

Proof . Let S = {n ∈ Z : n > 1 and n has no prime factorization}. We have S ⊆ N. Suppose S is non-empty—then it has a smallest element by the well-ordering principle, call it n0 . If n0 is prime, then n0 = n0 is a prime factorization and so n0 ∈ S. Thus n0 is not prime, so it can be factored as n0 = a · b where neither a nor b is a unit. We know that either a and b are both positive or they are both negative; by changing signs we may assume they are both positive. Thus a, b > 0 and a, b = 1; hence we have 1 < a, b. Therefore it follows that a < a · b = n0 , so a ∈ S. Why is a not an element of S? It must not satisfy (at least) one of the conditions. We have 1 < a and a ∈ Z, so the only condition left must be that a has a prime factorization. In exactly the same way, we can show that 1 < b < n0 , so b ∈ S and hence b also has a prime factorization. But then n0 = a · b has a prime factorization; this contradiction shows us that S must be empty. Therefore every n ∈ N has a prime factorization, so the lemma is proved.

Theorem 8 (Fundamental Theorem of Arithmetic) Any integer n = 0, ±1 can be written as k

n = ±pe11 pe22 pe33 · · · pekk = ±

pei i i=1

where the pi are distinct positive primes and ei ∈ N for each i. This factorization is unique up to a reordering of the primes.

Chapter 1. The Integers, Z

66

Proof . We know any integer greater than 1 has a factorization into primes, so if n < −1, −n has a factorization into primes and by factoring out all the negative signs we can write n as ±1 · (product of positive primes). Thus we can concentrate on uniqueness for positive n—any factorization of n corresponds to a factorization of |n|. Therefore let S = {n ∈ N : n > 1, with more than one factorization into positive primes}. Assuming S is non-empty, let n0 be its smallest element. Then we have fm , n0 = pe11 pe22 pe33 · · · pekk = q1f1 q2f2 q3f3 · · · qm

where all the pi and all the qi are positive primes, and all the powers are positive fm so we know by our earlier lemma integers. We have p1 |n0 , so p1 |q1f1 q2f2 q3f3 · · · qm that p1 = qr for some r with 1 ≤ r ≤ m. Then np10 is an integer and we have n0 fm = pe11 −1 pe22 pe33 · · · pekk = q1f1 q2f2 q3f3 · · · qrfr −1 · · · qm . p1 If np10 = 1, then n0 = p1 = qr and there are no other terms. If np10 > 1, then we have n0 > np10 > 1, so np10 is not in S so this is the unique factorization (up to order) of n0 p1 . Hence we must have e1 = fr , k = m, and for each i, pi = qj and ei = fj for some j. In either event, we have shown that n0 only has one factorization (up to order); thus S is empty and the theorem is proved.

Exercises 1. Define

    1 p k ∈ Q : p is an integer and q = 2 for some k ∈ W . Z = 2 q ' ( (a) Show that Z 12 is a ring. (Since Z[ 21 ] ⊆ Q, which we know is a ring (in fact, a field), you need only show that Z[ 12 ] is closed under addition, multiplication, and inversion.) ' ( (b) Find the units in Z 12 . ' ( (c) Find the primes in Z 12 .

2. For integers a and b, show that (a, b) = 1 ⇐⇒ there is p ∈ Z, a prime, such that p|a and p|b. Does your proof require the fundamental theorem of arithmetic? 3. Define the M¨obius function, μ : N → N, by ⎧ ⎪ if n = 1 ⎨1 μ(n) = 0 if m2 |n for some m ∈ N, m > 1 ⎪ ⎩ k (−1) if n is the product of k distinct primes. Show that the function μ is multiplicative (see Exercise 10 in Section 9, page 38).

16. The proof of the fundamental theorem of arithmetic

67

4. Let n ∈ N. Using the definition in Exercise 3, show that n

k=1

μ(k)

%n& k

= 1.

5. Using the prime theorem and Lemma 6, prove that for a, b, and c in Z, (a, bc) = 1 ⇐⇒ (a, b) = 1 and

(a, c) = 1.

6. Find the smallest positive integer n such that n/2 is a perfect square, n/3 is a perfect cube, and n/5 is a perfect fifth power. 7. Given positive integers a, b, and c, that have factorizations a = pe11 pe22 pe33 · · · pekk

f

b = q1f1 q2f2 q3f3 · · · qj j

c = r1g1 r2g2 r3g3 · · · rtgt ,

where all the ps, qs, and rs are positive prime integers, how do you determine (using the factorizations above) (a) If a|b? (b) If (a, b) = 1? (c) If (a, b) = c? (d) If [a, b] = c (where [a, b] is the LCM of a and b, defined in Exercise 6 in Section 8)? (e) If a is a perfect square (a = n2 for some integer n)? (f) If a is a perfect cube? (g) If a is a perfect mth power (a = nm for some integer n)? (h) If a · b = c? (i) Food for thought: Is a = N (z) = u2 + v 2 (where z = u + vi ∈ Z[i])? You probably can’t answer this one yet, but it’s a good final exam question . . . . 8. Define the function τ : N → N by τ (n) = the number of positive divisors of n. (In the language of Exercise 10 on page 38, this is the function σ0 . It is more common to call it τ .) (a) What is τ (p) where p is a positive prime integer? (b) What is τ (p · q) where p and q are distinct positive primes? (c) What is τ (pk ) where p is a positive prime integer? (d) By Exercise 10b on page 38, τ is multiplicative. Use this fact to give a formula for τ (n), where n = pe11 pe22 pe33 · · · pekk . (e) Show that τ (n) is odd ⇐⇒ n is a perfect square. 9. Prove that for integers a and b, we have (a, b)[a, b] = |ab|, where [a, b] is the least common multiple of a and b. √ 10. Let p be a positive prime in Z. Prove that p is irrational.

Chapter 1. The Integers, Z

68 11. Let a, n ∈ N, with n > 1. Prove that if

√ √ n a is rational, then n a is an integer.

12. Decompose 24024 and 11628 into prime factors in Z and then find (24024, 11628) and [24024, 11628]. 13. For integers a and b, (a, b) = 1 =⇒ (ak , bn ) = 1 for all k, n ∈ N. (a) Prove this using Exercise 5. (b) Prove this again, using the fundamental theorem of arithmetic (and the ideas from problem 7). 14. How many zeros are there at the end of 2017!? In general, how many zeros are there at the end of n!? 15. Given that the integers a and b satisfy 56a = 65b, prove that a + b is composite. 16. How many times does 2 appear in the factorization of (n + 1)(n + 2) · · · (2n − 1)(2n) into primes? 17. Prove that log2 (3) is irrational. 18. Find all integer solutions of the equation x2 − y 2 = 221. 19. Is there an integer n satisfying the following equation? If so, find it and show that it satisfies the equation. If not, show why not. 2017 1 + 3 + 5 + · · · + (2n − 1) = . 2 + 4 + 6 + · · · + 2n 2018 20. Out of the numbers 1, 2, 3, . . . , 200, one chooses 101 numbers. Prove that among the numbers chosen there are at least two such that one is a multiple of the other. 21. Let N (n) denote the smallest positive integer N such that xN = 1 for every permutation x on n symbols, where 1 denotes the identity permutation. Prove that if n > 1, 1 if n is divisible by two distinct primes N (n) = N (n − 1) p if n is a power of a prime p.

17

Unique factorization in other rings

Let’s think about what we’ve just proven. We used two fundamental results to prove the fundamental theorem of arithmetic—the well-ordering principle and Euclid’s lemma that d|ab and (d, a) = 1 =⇒ d|b. What goes wrong in other rings? In some cases, we don’t have the Euclidean algorithm (or other reasons) to force (d, a) = 1 ⇐⇒ 1 = ax + by for some x and y in the ring. In other cases, we might lose the well-ordering principle (which allowed us to reason about the smallest√counterexamples to our lemmas and theorem). We will prove in the future that Z[ 2] and Z[i] and other rings have unique factorization, and the proofs will

17. Unique factorization in other rings

69

look similar to this one. But our lists of primes and units will change: 2 and 7 are primes in Z, but 2 = (1 + i)(1 − i) √ and in Z[ 2], we have

in Z[i] and 7 is still a prime

√ √ 2)(2 − 2) and √ so neither 2 nor 7 is a prime in Z[ 2]. 2 = (2 +

7 = (3 +



2)(3 −

√ 2)

On the other hand, consider     1 p k Z ∈ Q : p is an integer and q = 2 for some k ∈ W , = 2 q that is, the ring of all rational numbers where the denominator is a power of 2. Here, the element 2 is a unit! (Why?) √ What other rings will we look at? Mostly Z[ d] where d is an integer. I’ve already asked you questions about Z[i] (when d = −1)—this is the lattice Z[i] = {a + bi ∈ C : a and b are integers}. This has unique factorization, but four units, not just two. And though Z ⊆ Z[i], the primes in each ring are different. For another example, √ √ Z[ 2] = {a + b 2 ∈ R : a and b are integers} has unique factorization but an infinite number of units! And √ √ Z[ −5] = {a + b −5 ∈ C : a and b are integers} has only two units, but it does not have unique factorization, as we’ll see. How do we show something doesn’t have unique factorization? Two ways: find a number that doesn’t have a factorization into primes—for instance, perhaps we can factor n = p1 q1 = p1 p2 q2 = p1 p2 p3 q3 = · · · but this factoring process never ends! This could happen if we cannot order our numbers and so we are unable to use the wellordering principle. Or it may has more than one factorization: √ number √ √ be that some that’s what happens in Z[ −5] and Z[ 10]. In Z[ −5] we get √ √ 6 = 2 · 3 = (1 + −5)(1 − −5) √ and in Z[ 10] we get 6 = 2 · 3 = (2 +

√ √ 10)(−2 + 10).

We will prove later, using the norm function defined in Exercise 18 on page 24, that all these factors are in fact primes; thus in each of these rings, 6 has (at least) two prime factorizations.

Chapter 1. The Integers, Z

70

Exercises 1. Consider the ring 2Z = {m ∈ Z : m = 2n for some n ∈ Z}. (a) What are the primes in this ring (this is a ring without identity); i.e., which elements cannot be factored? (This is much easier to answer than it was in Z.) (b) By considering the factorizations of 36 (or 60, or 84, or 100, or . . . ), show that this ring does not have unique factorization into primes. (c) Does Lemma 4 apply to 2Z? If so, prove it. If not, give a counterexample. (d) Does Lemma 5 apply to 2Z? If so, prove it. If not, give a counterexample. (e) Does Lemma 6 apply to 2Z? If so, prove it. If not, give a counterexample. (f) What are the primes in the ring 3Z = {m ∈ Z : m = 3n for some n ∈ Z}? Does this ring without identity have unique factorization? √ √ √ 2. Show that 4 = 2 · 2 = (1 + −3)(1 − −3) implies that Z[ −3] does not have the property of unique factorization into primes. Hint: √ map √ Use the norm −3, and 1 − −3 are defined in Exercise 18 in Section 5 to show that 2, 1 + √ primes in Z[ −3]. 3. The rings in Exercises 1 √ and 2 are a little unusual in that 2Z has no multi√ The ring Z[√ 10] plicative identity and Z[ −3] contains complex numbers. √ has neither of these defects. Show that 6 = 2 · 3 = (2 + 10)(−2 + 10) √ implies that Z[ 10] does not have the property of unique factorization into primes. 4. In the ring Z[i], we have 10 = 2 · 5 = (3 + i)(3 − i). Explain why this does not show that Z[i] fails to have the unique factorization into primes property.

Chapter 2

Modular Arithmetic in Z/mZ We have been studying the ring of integers, Z, but now we will “zoom in”, so to speak, and look at smaller, simpler versions of the integers. One way to picture this approach is to simply look at the units place of any integers we encounter, and ignore the tens place, the hundreds place, etc. Thus if we want to raise 2 to higher and higher powers, we might think about the sequence 2, 4, 8, 16, 32, 64, etc., in Chapter One. In this chapter, however, we would only see the sequence 2, 4, 8, 6, 2, 4, 8, 6, 2, etc., repeated endlessly with a period of four. We have thrown away much information in this process of zooming in, but we have gained perspective at the same time.

18

The integers mod m, Z/mZ

Up to now, each ring we have considered is a subring of C. That will now change. One way to think of Z is as integers on the real line:

We want to wrap this around in a circle, so that we get

In other words, we are letting 7 = 0. 71

Chapter 2. Modular Arithmetic in Z/mZ

72

We can add still, but we get, for instance, 2+4 = 6 4+5 = 2 3 − 6 = 4,

etc. We must let all multiples of zero be zero, since we have proved that 0 · r = 0 for any r in any ring, R! Thus we get, say, 5 · 6 = 30 = 4 · 7 + 2 = 0 + 2 = 2 or 4 · 5 = 20 = 2 · 7 + 6 = 0 + 6 = 6. What we are actually doing is using the division algorithm with b = 7 to write each number as its remainder. We designate this system of numbers Z/7Z to indicate that 7 (and all its multiples) is zero. In this sense the Z that you are used to is Z/0Z. I tell you that this is a ring. You may accept this on faith, or check yourself if you doubt it. How to see this? We really ought to verify all the axioms: closure is immediate from the definition, and clearly we still have additive and multiplicative identities, and addition is still commutative, and additive inverses still exist; but the other properties may be hard to verify. Since we will look at several different Z/mZs, let’s see if we can do this all at once. Another picture to keep in mind is Figure 6. In this picture, all the integers are sorted into bins, depending on their remainders when divided by n.

Figure 6: Bins for integers , you just pull numbers out of the appropriate So if you want to add, say, bins, perform the addition in Z, then look for the bin that contains the answer. For example, you might get (2m + 1) + (−18m + 3) = −16m + 4 and the correct answer is Does this work out? It always does, for any positive integer m. It is easy to see that and are still 0 and 1 in the old Z, and still work as the additive and multiplicative identities. Closure works by definition, but we have to make sure that it is well-defined: we will be in big trouble if two different people get two different answers for the same calculation. This works out also, because the Euclidean algorithm says that the remainder is unique, and so when we add

18. The integers mod m, Z/mZ

73

we are off by a multiple of m in each place, perhaps, but we only end up with uncertainty about a multiple of m, and so for multiplication. That is, if we multiply

is determined. The same goes

(km + a)(nm + b) we get (knm + an + bk)m + ab and so using a and b would work just fine—the answer will be the remainder of a · b using the division algorithm: a · b = mq + r = mq +

that is the

.

You have actually used this mod arithmetic before, when you tell time: hours and months are calculated in Z/12Z, minutes and seconds are calculated in Z/60Z. Multiplication and addition are still commutative just as in Z, and associative also for the same reason, and in fact the distributive property still works also. Additive inverses also exist (clearly the inverse of a is m − a). Thus Z/mZ is a ring. Another way to verify this is to build the addition and multiplication tables—these are finite, so in theory they can always be computed just once and then used forever. These are the tables for Z/7Z: + 0 1 2 3 4 5 6

0 0 1 2 3 4 5 6

1 1 2 3 4 5 6 0

2 2 3 4 5 6 0 1

3 3 4 5 6 0 1 2

4 4 5 6 0 1 2 3

5 5 6 0 1 2 3 4

· 0 1 2 3 4 5 6

6 6 0 1 2 3 4 5

0 0 0 0 0 0 0 0

1 0 1 2 3 4 5 6

2 0 2 4 6 1 3 5

3 0 3 6 2 5 1 4

4 0 4 1 5 2 6 3

5 0 5 3 1 6 4 2

6 0 6 5 4 3 2 1

Actually, the addition table for Z/mZ always looks the same: + 0 1 2 3 .. . m−2 m−1

0 0 1 2 3 .. . m−2 m−1

1 1 2 3 4 .. . m−1 0

2 2 3 4 5 .. . 0 1

3 3 4 5 6 .. . 1 2

··· ··· ··· ··· ··· .. . ··· ···

m−1 m−1 0 1 2 .. . m−3 m−2

So this is always the same and it is boring but necessary. The multiplication table is different in each case, and is much more interesting. We √ want to √ look √ at it now. Let’s look at Z/11Z. What are these numbers? −1, 12 , 23 , −1, 3, −2, 42 , 43 ,

Chapter 2. Modular Arithmetic in Z/mZ

74

√ √ 44 , 3 5, 5 −1. These are solutions to the equations x + 1 = 0, 2x = 1, 3x = 2, x2 + 1 = 0, x2 = 3, x2 + 2 = 0; then just powers of four, then solutions to x3 = 5 and x5 + 1 = 0. We get answers 10, 6, 8, nothing, 5 or 6, 3 or 8, 5, 9, 3, 3, 2 or 6 or 7 or 8 or 10. So here we had none or two square roots, one cube root, and five fifth roots. We will see later how this can be analyzed. In Z/7Z we have 1 · 1 = 2 · 4 = 3 · 5 = 6 · 6 = 1 so all the non-zero elements are units. Thus Z/7Z is a field. One could verify all axioms directly, by a finite (but large!) number of calculations. For instance, to verify associativity in Z/mZ would take m3 different calculations. Let’s show the tables for Z/6Z, to illustrate a different property: + 0 1 2 3 4 5

0 0 1 2 3 4 5

1 1 2 3 4 5 0

2 2 3 4 5 0 1

3 3 4 5 0 1 2

4 4 5 0 1 2 3

· 0 1 2 3 4 5

5 5 0 1 2 3 4

0 0 0 0 0 0 0

1 0 1 2 3 4 5

2 0 2 4 0 2 4

3 0 3 0 3 0 3

4 0 4 2 0 4 2

5 0 5 4 3 2 1

We have 2 · 3 = 3 · 4 = 0, yet 2 = 0, 3 = 0, and 4 = 0! We have encountered a concept we mentioned earlier: Definition 18 In a ring R, a = 0 is called a zero-divisor if there is a non-zero b such that a · b = 0. Zero-divisors, like units, come in pairs; and in fact the equation for zero-divisors is x · y = 0 while the equation for units is x · y = 1. We may think of zero-divisors as being almost zero. In Z, what are the zero-divisors? In Z/7Z, what are the zero-divisors? In Z/6Z, what are the zero-divisors? Notice that in Z/7Z, a field, we had {0} and {units}. In Z/6Z, we have {0} and {units} and {zero-divisors}. We will return to this later.

Exercises 1. Complete the multiplication tables below, identifying which ring each one is for. Then list any patterns you see, and any conjectures you can make.

· 0 1 2

0

1

2

· 0 1 2 3

0

1

2

3

· 0 1 2 3 4

0

1

2

3

4

18. The integers mod m, Z/mZ · 0 1 2 3 4 5

0

1

2

3

4

5

· 0 1 2 3 4 5 6 7

0

1

2

3

4

5

75

6

7

· 0 1 2 3 4 5 6 7 8

0

· 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 · 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 10

· 0 1 2 3 4 5 6

0

1

2

3

4

5

6

1

2

3

4

5

6

7

8

10

2. In Z/9Z, find all the units, and pair them explicitly with their inverses. 3. In Z/12Z, find all the units, and pair them explicitly with their inverses. 4. In Z/18Z, find all the units, and pair them explicitly with their inverses. 5. In Z/25Z, find all the units, and pair them explicitly with their inverses.

Chapter 2. Modular Arithmetic in Z/mZ

76

6. In Z/55Z, find all the units, and pair them explicitly with their inverses. 7. In Z/18Z, find all the zero-divisors, and pair each one explicitly with another zero-divisor, such that their product is zero. In each case, give all of the possible pairings. For example, the zero-divisor 12 can pair with 3 or 6 or 9 or 15 or itself. So 12 has five possible partners in Z/18Z. 8. In Z/21Z, find all the zero-divisors, and pair each one explicitly with another zero-divisor, such that their product is zero. In each case, give all of the possible pairings. For example, the zero-divisor 14 can pair with 3 or 6 or 9 or 12 or 15 or 18. So 14 has six possible partners in Z/21Z. 9. Generalize the results of the last two exercises: in Z/mZ, if a is a zero-divisor, how many possible zero-divisor partners does a have? 10. Let a ∈ Z, and m ∈ N. Show that {a, a + 1, a + 2, a + 3, . . . , a + (m − 1)} is a set of representatives of the integers mod m, Z/mZ. 11. Let a, d ∈ Z, m ∈ N, and (d, m) = 1. Show that {a, a+d, a+2d, a+3d, . . . , a+ (m − 1)d} is a set of representatives of the integers mod m, Z/mZ.

19

Congruences

What we are saying above can also be written as a ≡ b (mod m) ⇐⇒ m|(a − b) in Z. That is, a and b differ by a multiple of m (which is zero in Z/mZ). We get Proposition 14 For a ∈ Z, a ≡ a (mod m) for a unique a ∈ Z/mZ, that is, for a in {0, 1, 2, . . . , m − 1}. Also 1. a ≡ a (mod m) 2. a ≡ b (mod m) ⇐⇒ b ≡ a (mod m) 3. a ≡ b (mod m) and b ≡ c (mod m) =⇒ a ≡ c (mod m) 4. a ≡ b (mod m) =⇒ a + c ≡ b + c (mod m) and ac ≡ bc (mod m) for any c in Z or in Z/mZ 5. a ≡ b (mod m) and c ≡ d (mod m) =⇒ a + c ≡ b + d (mod m) and a · c ≡ b · d (mod m) 6. a ≡ b (mod m) =⇒ ak ≡ bk (mod m) for any positive integer k. The first statement comes from applying the division algorithm to a and getting a = mq + a. The other five statements are straightforward; their proofs are left to the exercises.

19. Congruences

77

Notice that we did not get the cancellation law ac ≡ bc (mod m) =⇒  a ≡ b (mod m). Canceling in Z/mZ is a little trickier than one might expect, as we will see in Section 21. But in most ways arithmetic in Z/mZ acts like arithmetic in Z. Let’s look at the multiplication tables again—what are our conjectures?

Exercises 1. (a) Prove part 1 of Proposition 14. (b) Prove part 2 of Proposition 14. (c) Prove part 3 of Proposition 14. (d) Prove part 4 of Proposition 14. (e) Prove part 5 of Proposition 14. (f) Prove part 6 of Proposition 14. 7

2. (a) What are the last two digits of 77 ? (b) What are the last two digits of 3100 ? 3. What are the last two digits of 31234 ? of 72017 ? 4. Show that 43n+1 + 23n+1 + 1 is divisible by 7 for all integers n ≥ 0. 5. Assume that a ≡ b (mod m). Prove that n|m =⇒ a ≡ b

(mod n).

6. Show that a ≡ b (mod m) =⇒ (a, m) = (b, m). 7. Show that n ≡ 1 (mod 2) =⇒ n2 ≡ 1 (mod 8). Compare this to Exercise 1b in Section 6. 8. Show that for an odd positive prime integer, p, we have p = a2 + b2 for some integers a and b =⇒ p ≡ 1 (mod 4). 9. What is (m − 1)! congruent to, mod m, for m = 2, 3, . . . , 14? That is, solve x ≡ (m − 1)! (mod m) for m ∈ {2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14}. Conjecture a general rule. 10. Consider Table 1. The columns and rows are labeled with the primes p > 2. Conjecture a rule for when ♥ occurs and when ♣ occurs.

3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79

3 ♥ ♥ ♣ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♣ ♣ ♥ ♣

5 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

7 ♣ ♥ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♣ ♣ ♥ ♣

11 ♣ ♥ ♣ ♥ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♣ ♣ ♥ ♣

13 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

17 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

19 ♣ ♥ ♣ ♣ ♥ ♥ ♥ ♣ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♣ ♣ ♥ ♣

29 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

31 ♣ ♥ ♣ ♣ ♥ ♥ ♣ ♣ ♥ ♥ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♣ ♣ ♥ ♣

37 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

41 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

Table 1: ♥s and ♣s

23 ♣ ♥ ♣ ♣ ♥ ♥ ♣ ♥ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♣ ♣ ♥ ♣

43 ♣ ♥ ♣ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♥ ♣ ♥ ♣ ♥ ♣ ♣ ♥ ♣

47 ♣ ♥ ♣ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♥ ♥ ♣ ♥ ♣ ♣ ♥ ♣

53 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

59 ♣ ♥ ♣ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♥ ♥ ♣ ♣ ♥ ♣

61 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

67 ♣ ♥ ♣ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♥ ♣

71 ♣ ♥ ♣ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♣ ♥ ♥ ♣

73 ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥ ♥

79 ♣ ♥ ♣ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♥ ♣ ♣ ♥ ♣ ♥ ♣ ♣ ♥ ♥

78 Chapter 2. Modular Arithmetic in Z/mZ

19. Congruences

79

11. Solve x2 + 2x + 8 ≡ 0 (mod 11). Hint: Possible methods include factoring, using the quadratic formula (will it work?), completing the square, and just plugging in values. 12. Solve x2 + 18x + 8 ≡ 0 (mod 24). There are eight solutions. 13. Solve x2 + x + 33 ≡ 0 (mod 105). There are eight solutions. 14. Prove that for any integer n, n can be written as n = a2 + b2 =⇒ n ≡ 3 (mod 4). 15. Prove that for any prime integer p > 2, p can be written as p = a2 + 2b2 =⇒ p ≡ 1, 3 (mod 8). 16. Here is a list of prime integers up to 223 that can be written in the form a2 − ab + b2 (see Exercise 21, page 25, for the significance of this expression). Conjecture a rule for when a prime integer p can and cannot be written in the form p = a2 − ab + b2 . {3, 7, 13, 19, 31, 37, 43, 61, 67, 73, 79, 97, 103, 109, 127, 139, 151, 157, 163, 181, 193, 199, 211, 223} 17. Here √ is a list of prime integers up to 223 that occur as norms of elements of Z[ −3]. Conjecture √ a rule for when a prime integer p occurs as the norm of an element of Z[ −3]. {3, 7, 13, 19, 31, 37, 43, 61, 67, 73, 79, 97, 103, 109, 127, 139, 151, 157, 163, 181, 193, 199, 211, 223} 18. Similar to Exercise 17, we√wish to find a rule about which primes can occur as norms of elements of Z[ −7]: p = a2 + 7b2 . It turns out that the rule is in (mod 4 · 7), and we need only check the seven possibilties for each of a and b (mod 7). Table 2 shows what a2 + 7b2 is (mod 4 · 7), based on what a and b are (mod 7). Conjecture a rule (mod 28) for when a prime integer p occurs as a\b 0 1 2 3 4 5 6

0 0 1 4 9 16 25 8

1 7 8 11 16 23 4 15

2 0 1 4 9 16 25 8

3 7 8 11 16 23 4 15

4 0 1 4 9 16 25 8

5 7 8 11 16 23 4 15

6 0 1 4 9 16 25 8

Table 2: What is a2 + 7b2 (mod 4 · 7)? √ the norm of an element of Z[ −7]. You may want to treat p = 2 and p = 7 as separate cases, since all other integer primes are relatively prime to 28.

Chapter 2. Modular Arithmetic in Z/mZ

80

19. Make a list of primes up to 223 which can be written in the form a2 − ab + 2b2 (note that “p is prime” =⇒ (a, b) = 1, and p > 2 =⇒ a is odd). Conjecture a rule (mod 28) for when a prime integer p can and cannot be written in the form p = a2 − ab + 2b2 . 20. Similar to Exercises 17 and 18, we √wish to find a rule about which primes can occur as norms of elements of Z[ −11]: p = a2 + 11b2 . It turns out that the rule is in (mod 4 · 11), and we need only check the eleven possibilties for each of a and b (mod 11). Table 3 shows what a2 + 11b2 is (mod 4 · 11), based on what a and b are (mod 11). Conjecture a rule (mod 44) for when a prime a\b 0 1 2 3 4 5 6 7 8 9 10

0 0 1 4 9 16 25 36 5 20 37 12

1 11 12 15 20 27 36 3 16 31 4 23

2 0 1 4 9 16 25 36 5 20 37 12

3 11 12 15 20 27 36 3 16 31 4 23

4 0 1 4 9 16 25 36 5 20 37 12

5 11 12 15 20 27 36 3 16 31 4 23

6 0 1 4 9 16 25 36 5 20 37 12

7 11 12 15 20 27 36 3 16 31 4 23

8 0 1 4 9 16 25 36 5 20 37 12

9 11 12 15 20 27 36 3 16 31 4 23

10 0 1 4 9 16 25 36 5 20 37 12

Table 3: What is a2 + 11b2 (mod 4 · 11)? √ integer p occurs as the norm of an element of Z[ −11]. You may want to treat p = 2 and p = 11 as separate cases, since all other prime integers are relatively prime to 44. 21. Here is a list of prime integers up to 251 which can be written in the form a2 − ab + 3b2 . Conjecture a (mod 44) rule for when a prime integer p can and cannot be written in the form p = a2 − ab + 3b2 . {3, 5, 11, 23, 31, 37, 47, 53, 59, 67, 71, 89, 97, 103, 113, 137, 157, 163, 179, 181, 191, 199, 223, 229, 251} 22. The ring Z[ρ] was defined in Exercise 21 on page 25. An alternate definition is this: √   √ a + b −3 Z[ρ] = ∈ Q[ −3] : a, b ∈ Z and a ≡ b (mod 2) . 2 √ With this characterization (as a subring of the ring (field) Q[ −3]), one need only show that this set is closed under addition, subtraction, and multiplication to show that it is indeed a ring itself. Do so. 23. Prove that if a prime integer is divided by 30, the remainder is either a prime integer or 1. 24. Starting with 18 slips of paper, some are selected and each is cut into 18 pieces. Then some of the smaller pieces are selected and each is cut into

20. Units and zero-divisors in Z/mZ

81

18 pieces. This process is continued for a time, and when it is stopped, the total number of pieces of paper (which are not necessarily of the same size) is more than 1990 but less than 2020. What is the exact number? Justify your answer. 25. Prove that n2 + 3n + 5, where n is a positive integer, is never divisible by 121. 26. 44 birds sit on 44 trees planted in a circle, one bird per tree. From time to time, two birds simultaneously fly to the adjacent trees, one flying clockwise and the other counterclockwise. Is it possible for all birds to get together on a single tree? 27. Show that it is impossible to form a regular pentagon by joining points in the plane with integer coordinates.

20

Units and zero-divisors in Z/mZ

You should find the next theorem easy to believe, and easy to prove.

Theorem 9 If p is a prime, Z/pZ is a field.

What are the units in Z/11Z? The set {1, 2, 3, 4, 5, 6, 7, 8, 9, 10}. So Z/11Z is a × field. In general, the set of units in Z/mZ is denoted (Z/mZ) , pronounced “zee mod m zee cross”. We have #Z/11Z = 11 × # (Z/11Z) = 10

#Z/mZ = m × # (Z/mZ) = ??? ×

The number of units in Z/mZ, i.e., the size of (Z/mZ) , is denoted ϕ(m), where ϕ : N → N is an arithmetic function (we define ϕ(1) = 1). In the exercises, you are asked to find ϕ(m) for m = 2, 3, 4, . . . , 15. We will start to work out patterns and use this function in the future. Historically, this function was named Euler’s totient function. We have been writing things like 3 · 4 = 1, which is confusing, since it isn’t true in C, the usual place our equations live. So we will write things differently: 3 · 4 ≡ 1 (mod 11). Here, we use ≡ instead of =, and the notation (mod m) ((mod 11) in this case) is used to remind us that we are working in Z/mZ (Z/11Z in this case). It is a matter of interpretation as to whether writing a ≡ b (mod m) is a statement about divisibility in the integers, Z, or about equality in the integers (mod m), Z/mZ. I

Chapter 2. Modular Arithmetic in Z/mZ

82

find it handy to be able to interpret this statement in several different ways: a ≡ b (mod m)  m|a − b in Z  a = b in Z/mZ  there is k ∈ Z with a = b + km  there is j ∈ Z with b = a + jm.

We had before −1 2(6) 3(8) x2 + 1 (6)2 ≡ (5)2 (3)2 ≡ (8)2 42 43 44 33 5 5 5 5 2 ≡ 6 ≡ 7 ≡ 8 ≡ 105

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

10 (mod 11) 1 (mod 11) 2 (mod 11) 0 (mod 11) is impossible 3 (mod 11) −2 (mod 11) 5 (mod 11) 9 (mod 11) 3 (mod 11) 5 (mod 11) 3 (mod 11).

We would like a criterion for when an element of Z/mZ is a unit or a zero-divisor. Possibly you have already conjectured something. Proposition 15 For m not prime and a ∈ Z/mZ, if (a, m) = 1 then a is a unit. If a = 0 and (a, m) = d > 1, then a is a zero-divisor.

Proof . If (a, m) = 1 then there are integers x and y with ax+my = 1. Thus ax ≡ 1 (mod m) so a is a unit in Z/mZ. This is one of the reasons the equation ax+by = 1 shows up so much in number theory. Now suppose (a, m) = d > 1 so d|m and d|a. Then 1 < d ≤ a < m and a = dk, m = dj. We also get d > 1 =⇒ m = dj > j > 1, so j can be considered a non-zero element of Z/mZ. Then aj ≡ dkj ≡ djk ≡ mk ≡ 0 (mod m) so a is a zero-divisor, as is j.

20. Units and zero-divisors in Z/mZ

83

Thus we get, for all a = 0 in Z/mZ, (a, m) = 1 (a, m) = d > 1

⇐⇒ ⇐⇒

a is a unit a is a zero-divisor.

Corollary 2 Let m ∈ N. Then if m is prime, ×

Z/mZ = {0} ∪ (Z/mZ) and if m is not prime, ×

Z/mZ = {0} ∪ (Z/mZ) ∪ {zero-divisors}. These are disjoint unions. Notice, in Z/6Z, that 2 · 3 ≡ 4 · 3 (mod 6) but 2 ≡ 4 (mod 6). We do not get to cancel everything in Z/mZ; you should think about what and how one does cancel in Z/mZ. Notice also that + m *

1 ϕ(m) = (a, m) a=1 since each term is 1 if a is a unit, 0 if a is not a unit.

Exercises 1. Prove Theorem 9. 2. Calculate ϕ(m) = # (Z/mZ)× for m = 2, 3, 4, . . . , 15. 3. Suppose that m is an integer, m ≥ 2, and m is not prime. Thus we know that ×

Z/mZ = {0} ∪ (Z/mZ) ∪ {zero-divisors}. Suppose u and v are units in Z/mZ and w and z are zero-divisors. We could have u = v or u = v −1 ; we don’t know. They are just two units. Similarly, we may have w = z or not; they are just two zero-divisors. Tell me what you know about • u·v • u·z • w·z An answer like “u · z may be zero or a unit” is expected. Be as specific as possible in your answer, and explain your reasoning. In other words, give your answer and then prove it. 4. (a) Use Exercise 2 in Section 16 (page 66) and the Inclusion-Exclusion Principle (Exercise 10 in Section 4, page 17) to show that

n μ(d) . ϕ(n) = d d|n, d>0

The M¨ obius function, μ, is defined in Exercise 3 in Section 16 (page 66).

Chapter 2. Modular Arithmetic in Z/mZ

84

(b) Use part (a) and Exercise 10 in Section 9 (page 38) to conclude that ϕ is multiplicative. 5. Let S = {a, b, c, d} be a set with four elements, and define addition and multiplication as given by Table 4. You may assume that the associative, distributive, and commutative rules are satisfied. How can you tell that S is a field? Which element is the additive identity? Which element is the multiplicative identity? Is this a familiar field? What is the significance of the main diagonal in the addition table? What is the significance of the main diagonal in the multiplication table? + a b c d

a b a d c

b a b c d

c d c b a

· a b c d

d c d a b

a c b d a

b b b b b

c d b a c

d a b c d

Table 4: A field with four elements 6. Let T = {a, b, c, d, e, f, g, h, i} be a set with nine elements, and define addition and multiplication as given by Table 5. You may assume that the associative, distributive, and commutative rules are satisfied. How can you tell that T is a field? Which element is the additive identity? Which element is the multiplicative identity? Is this a familiar field? What is the significance of the main diagonal in the multiplication table? + a b c d e f g h i

a i f b a g c h e d

b f e h b d g a i c

c b h g c i e d a f

d a b c d e f g h i

e g d i e b a f c h

f c g e f a h i d b

g h a d g f i c b e

h e i a h c d b f g

i d c f i h b e g a

· a b c d e f g h i

a b g f d c a h i e

b g h a d f b i e c

c f a e d i c b g h

d d d d d d d d d d

e c f i d h e a b g

f a b c d e f g h i

g h i b d a g e c f

h i e g d b h c f a

i e c h d g i f a b

Table 5: A field with nine elements

7. Look at Table 5, which has the addition and multiplication tables for T = {a, b, c, d, e, f, g, h, i}, a field with nine elements. (a) Which elements of T satisfy x2 = 1? (b) Which elements of T satisfy x4 = 1? (c) Which elements of T satisfy x8 = 1? (d) Which elements of T satisfy x2 + 1 = 0?

21. Cancellation law in Z/mZ

21

85

Cancellation law in Z/mZ

In Z, our cancellation law may be written as ac = bc and c = 0 =⇒ a = b. This is because ⇐⇒ ⇐⇒ ⇐⇒

ac = bc Key Step!

ac − bc = 0 (a − b)c = 0 c = 0 or a − b = 0 ⇐⇒ a = b.

We can do this because there are no zero-divisors in Z. But there can be in Z/mZ; in fact we get xy = 0 =⇒ x = 0 or y = 0 or x and y are zero-divisors. We get as a consequence the Proposition 16 (Cancellation Law in Z/mZ) If ac ≡ bc (mod m) and (c, m) = d, then m a ≡ b (mod ). d Proof . If (c, m) = 1, then c is a unit in Z/mZ, so there is a v in Z/mZ with c · v ≡ 1 (mod m). Thus acv ≡ a (mod m); but acv ≡ bcv ≡ b (mod m) also, so a ≡ b (mod m) and the theorem is proved. If (c, m) = d > 1 we have c = dk, m = dj for some k and j in Z/mZ. Then m|bc − ac =⇒ bc − ac = mn for some integer n. Thus mn = bc − ac = (b − a)c = (b − a)dk djn = (b − a)dk jn = (b − a)k = bk − ak (by the cancellation law in Z) so j|(bk − ak) and since j =

m d

we get ak ≡ bk (mod j)

or a

c

≡b

c

(mod

m ). d

d d  c m Now (c, m) = d =⇒ , = 1 (see Exercise 5 on page 33), so we may cancel d d c the unit from both sides to obtain d m a ≡ b (mod ). d

Chapter 2. Modular Arithmetic in Z/mZ

86 Example. 3·4 ≡ 4 ≡

3 · x (mod 19) x (mod 19)

Clearly 3 · 4 = 12 ≡ 3 · 4 (mod 19); you can check all other possibilities for x to see that this is the only answer in Z/19Z if you like.

Example. 3·4 ≡ 4 ≡

3 · x (mod 18) x (mod 6).

Thus the answers in Z are . . ., −2, 4, 10, 16, 22, . . ., but in Z/18Z we get x ≡ 4, 10, or 16 (mod 18). You may check that x = 4, 10, and 16 are the only answers in Z/18Z.

Example. 5·9 ≡ 5 ≡ x ≡

x · 9 (mod 12) x (mod 4) 1 (mod 4).

Thus the answers in Z are . . ., −7, −3, 1, 5, 9, 13, . . ., but in Z/12Z we get x ≡ 1, 5, or 9 (mod 12).

How many answers did we get in each case? Any conjectures?

Exercises 1. Solve the following congruences (a) 6x ≡ 8 (mod 12) (b) 15t ≡ 24 (mod 105) 2. What are the roots of the polynomial f (x) = 4x − 8 in Z/16Z? 3. Suppose (as in Exercise 7 on page 42) a chemist has two unscaled containers, one with a capacity of 14cc and the other with a capacity of 34cc. Can she measure out exactly 18cc? If so, how? Can she measure out exactly 19cc? If so, how?

22. Solving linear equations in Z/mZ

87

4. Can we say, in contrast to the statement on page 85, that x = 0 or y = 0 or x and y are zero-divisors =⇒ xy = 0? 5. Let a ∈ Z/mZ. How many solutions does ax ≡ 0 (mod m) have? How does your answer depend on a and on m? You might try a few examples, such as 12x ≡ 0 (mod m) for m = 5, 6, 7, 8, 9, and 10.

22

Solving linear equations in Z/mZ

Suppose we want to solve ax ≡ b (mod m). If (a, m) = 1, then a is a unit with inverse a−1 and we get the single solution x ≡ a−1 b (mod m). If (a, m) = d > 1 and if we have a solution s, then we get m|b − as so d|b − as. Also, d|a, so we get d|(+1)(b − as) + (s)(a) = b. Thus if d/|b we solve the equation. On the other hand, if d|b, then b = dk,

cannot = 1), and we get a = dj (and j, m d ≡ b (mod m) ≡ dk (mod m) m jx ≡ k (mod ) d m x ≡ j −1 k (mod ). d m a m Because (a, m) = d =⇒ j, d = d , d = 1 the j −1 in the last congruence makes sense. We get the answers ax djx

. . . , j −1 k, j −1 k +

m −1 m m m , j k + 2 , j −1 k + 3 , . . . j −1 k + (d − 1) , . . . d d d d

and they start to repeat (mod m) after that, so we have a total of d answers. They are all actually answers since for any i:   m m a j −1 k + i ≡ dj j −1 k + i (mod m) d d ≡ dk + ijm (mod m) ≡ b (mod m). −1 They are all distinct since if j −1 k + r m k + tm d ≡j d (mod m) with 0 ≤ r < t < d then we have m m (mod m) r ≡t d d

and we can cancel

m d

to get r ≡ t (mod d)

which is impossible since r and t are between 0 and d − 1. Thus we get d solutions if d|b and none if d/|b. Putting this all together, we have proved

Chapter 2. Modular Arithmetic in Z/mZ

88

Proposition 17 The linear congruence ax ≡ b (mod m), where (a, m) = d, has 1 solution 0 solutions d solutions

if d = 1 if d/|b if d|b.

Corollary 3 If p is a prime and p/|a, there is exactly one solution to the linear equation ax ≡ b (mod p), namely, x ≡ a−1 b (mod p).

Exercises 1. Solve the congruences (a) 6x ≡ 2 (mod 9) (b) 2y ≡ 5 (mod 9) (c) 2z ≡ 6 (mod 10) (d) 6t ≡ 3 (mod 12) (e) 6s ≡ 3 (mod 13) (f) 5m ≡ 11 (mod 15) (g) 7n ≡ 13 (mod 24) (h) 107p ≡ 136 (mod 1001) (i) 2718q ≡ 7 (mod 31416) (j) 2718r ≡ 777 (mod 3137) 2. Show directly that for p a prime integer, p can be written as p = a2 − db2 =⇒ d is a perfect square in Z/pZ. Hint: Are a and b ∈ Z/pZ? Are a and b ∈ (Z/pZ)× ? 3. A cubical box with sides of length 7 has vertices at (0, 0, 0), (7, 0, 0), (0, 7, 0), (7, 7, 0), (0, 0, 7), (7, 0, 7), (0, 7, 7), (7, 7, 7). The inside of the box is lined with mirrors and from the point (0, 1, 2) a beam of light is directed toward the point (1, 3, 4). The light then reflects repeatedly off the mirrors on the inside of the box. Determine how far the light travels before it first returns to its starting point (0, 1, 2).

23

Solving polynomial equations in Z/mZ

What about higher degree (polynomial) equations? We’ve already seen that they can cause trouble: x2 ≡ 6 ≡ −1 (mod 7) has no solutions, while x2 ≡ 2 (mod 7)

23. Solving polynomial equations in Z/mZ

89

has two solutions, namely x ≡ 3 or 4 (mod 7). Also, x2 + 18x + 8 ≡ 0 (mod 24) has eight solutions, as we saw in Exercise 12 in Section 19. However, we have n k Proposition 18 If P (x) = k=0 ck x is a polynomial of degree n with integer coefficients, and a ≡ b (mod m), then P (a) ≡ P (b) (mod m).

Proof . By property 6 of congruences, we have ak ≡ bk (mod m) for any k ∈ N, and by property 4 we have ck ak ≡ ck bk (mod m) for any k ∈ N. Adding the congruences by property 5 we get n

k=0

ck ak ≡

n

ck bk (mod m)

k=0

so P (a) ≡ P (b) (mod m).

Before we prove a special case of polynomials in Z/pZ, we need the following Lemma 7 In any ring R, if P (x) is a polynomial with coefficients in R, we have r is a root of P (x) ⇐⇒ P (x) = (x − r)Q(x) for some polynomial Q(x). In other words, r is a root ⇐⇒ (x − r) is a factor. Proof . (⇐=) Clearly if P (x) = (x − r)Q(x), then P (r) = 0 · Q(r) = 0 so r is a root. ( =⇒ ) Since x − r is linear with leading coefficient 1, we can perform long division to get P (x) = Q(x) with some remainder. (This is proven more explicitly in Exercise 4 x−r on page 93.) Now, since x − r is linear, the remainder will have degree less than 1; thus the remainder will be a constant, say a. Then we have P (x) = (x − r)Q(x) + a.

Chapter 2. Modular Arithmetic in Z/mZ

90

Letting x = r and using the fact that r is a root of P (x), we get 0 = 0 · Q(0) + a = a. Thus a = 0 and we have P (x) = (x − r)Q(x).

Theorem 10 (Lagrange’s Theorem) If p is a prime, and P (x) is a polynomial with integer coefficients of degree n, then P (x) ≡ 0 (mod p) has at most n solutions. Proof . By induction on the degree of P , namely n. We have already proved the case n = 1 in the last section; thus we assume that all polynomials of degree n have at most n roots, and let n+1

P (x) = c k xk k=0

be a polynomial of degree n + 1 with integer coefficients (assume cn+1 = 0). We need to show that P (x) has at most n + 1 roots. If it has no roots, we are done. Otherwise, P (x) has at least one root; let r be a root of P (x). Then by the lemma, P (x) factors as P (x) = (x − r)Q(x), where Q(x) has degree n and hence has at most n roots by our inductive assumption. Hence for any x ∈ Z/pZ we get P (x) ≡ (x − r)Q(x) (mod p). To get P (x) ≡ 0 (mod p) we must have x − r ≡ 0 (mod p) or Q(x) ≡ 0 (mod p) because Z/pZ is a field and thus has no zero-divisors. There are at most n values of x that make Q(x) ≡ 0 (mod p), and there is only one value, namely x = r, that makes x − r ≡ 0 (mod p). Thus P (x) has at most n + 1 roots and the theorem is proved.

Note that, reworded properly, Lagrange’s theorem is true for any ring that has no zero-divisors. Lemma 7 pushes us in the direction of dividing polynomials into other polynomials, and in fact if we generalize the statement that P (x) = (x − r)Q(x) + a by dividing x − r into Q(x), and then proceeding, we can see that eventually we get P (x) = (x − r)((x − r)Q2 (x) + a2 ) + a1 = (x − r)((x − r)((x − r)Q3 (x) + a3 ) + a2 ) + a1 ··· = a1 + a2 (x − r) + a3 (x − r)2 + · · · + an (x − r)n ,

23. Solving polynomial equations in Z/mZ

91

where n is the degree of the polynomial P (x). This form may or may not look familiar to you. More importantly, we can try dividing P (x) by something more general than x − r. It turns out that the important way in which x − r is special is not that it is degree one, but that it has leading coefficient 1 (the adjective for that is that any polynomial with leading coefficient 1 is called monic). That is, we would not have much difficulty dividing, say, x3 − 4x + 6 into any polynomial P (x), but we might have difficulty dividing, say, 4x2 − 5x + 11 into 6x12 − 11x11 + 3x5 − 21x + 17. Do you see the difficulty? If your long division skills are rusty, I will remind you that when you do long division on polynomials you only need look at the leading term of both what you are dividing (the divisor ) and what you are dividing into (the dividend ). Thus the first step of dividing x3 − 4x + 6 into, say, 6x12 − 11x11 + 3x5 − 21x + 17 is finding how many times x3 goes into 6x12 (the answer is 6x9 ). But if we try to divide 4x2 − 5x + 11 into 6x12 − 11x11 + 3x5 − 21x + 17 then we first attempt to divide 4x2 into 6x12 , and then we may be stuck—it depends on which ring we are in. If 4 is a unit (as in Z/35Z, say), or if 6 is a multiple of 4 (as in, say, Z/10Z), then we are all set. But that is just the first step. After the first step, long division consists of a series of multiplications, subtractions, and then finding the correct multiplier again. We may keep having an issue with the leading coefficients, which change at different steps. How might we resolve this problem? The simplest way is, as in Lagrange’s theorem, just stick with prime moduli where everything is a unit. At the risk of moving from number theory into abstract algebra, I will state the result we are headed towards for a general field, F: Proposition 19 Let F be a field, so F[x] is the ring of polynomials in the variable x with coefficients in F. Then F[x] has a division algorithm: given p(x) and b(x) ∈ F[x], with b(x) not the zero polynomial, then there exist q(x) and r(x) ∈ F[x] with with r(x) ≡ 0 or 0 ≤ deg(r) < deg(b).

p(x) = b(x)q(x) + r(x),

Just to make sure things are clear: the zero polynomial is usually said to have no degree. Non-zero constants are polynomials of degree zero, etc. That is why there is a separate statement that r(x) ≡ 0 is possible (we write “≡” here to say that r(x) is the zero polynomial, not that it equals zero for some particular value of x). Proof . We take care of some simple cases first. If b(x) ∈ F, that is if b(x) is a non-zero constant b, then p(x) = b(b−1 p(x)) and we are done. If deg(p) < deg(b), then using q(x) ≡ 0 and r(x) = p(x) we are done, also: p(x) = 0 · b(x) + p(x) is the division-with-remainder we seek. What if deg(p) = deg(b)? Well, if p(x) = d d ad j j j=0 aj x and b(x) = j=0 cj x , then the constant q(x) ≡ cd will work, and r(x) = p(x) − q(x) · b(x)  d 

ad = · c j xj aj − c d j=0 =

d−1

 j=0

aj −

 ad · c j xj cd

has degree d − 1 (or less) since the leading term has been eliminated. Since this degree is less than d = deg(b), we are done once again.

Chapter 2. Modular Arithmetic in Z/mZ

92

What do we do when deg(p) > deg(b)? We construct, as we did before, a set of counterexamples, assume this set is non-empty, and then use the degree (and the well-ordering principle) to find a smallest counterexample: given some non-zero b(x), let S

= {p(x) ∈ F[x] : p(x) cannot be written as p(x) = b(x)q(x) + r(x) with r(x) = 0, nor with 0 ≤ deg(r) < deg(b)}

be the set of counterexamples. We assume S is non-empty. Then we will choose an element of S with lowest degree; if there are several with the same degree, we choose any one of them. We know that degree is greater than the degree of b by the work we did above. So let’s call our counterexample of the smallest possible d j degree A(x), and to make things concrete we will write b(x) = j=0 cj x and d+k A(x) = j=0 aj xj , for some k ∈ N. Now consider the polynomial g(x) defined by g(x) = A(x) −

ad+k k x · b(x). cd

I claim that deg(g) < deg(A), so by the choice of A, we know g ∈ S. To determine the degree of g, we look for the highest degree non-zero term. It is clear that the cd k term x · b(x) has degree d + k (it was constructed to), since deg(xk ) = k and ad+k deg(b) = d. Thus g was built out of two degree d + k polynomials and so it has k degree at most d + k. But there is only one term of degree d + k in ad+k cd x · b(x), ad+k d+k and another in A, so the coefficient of x in g is ad+k − cd · cd = 0. Hence g has degree strictly less than d + k = deg(A) and, as claimed, g ∈ S. Now g ∈ S means that g can be written in the needed way: g(x) = b(x)q(x) + r(x), but then ad+k k ad+k k x · b(x) = b(x)q(x) + r(x) + x · b(x) A(x) = g(x) + cd cd   ad+k k = q(x) + x · b(x) + r(x) cd is also in the correct form so in fact A(x) is not a counterexample. This contradiction shows that our assumption that S was non-empty was false, so S is empty and the proposition is proved.

With a division algorithm, as well as the notion of degree to measure size, F[x] looks like a good candidate for a ring with unique factorization, and in fact that is true. Before we state that theorem, we need the equivalent of prime in F[x]. Here we introduce a word that, while multisyllabic, captures the flavor that the word “prime” is supposed to convey. Definition 19 Let F be a field. We call a polynomial p(x) ∈ F[x] an irreducible of F[x] if p(x) = a(x)b(x) =⇒ a(x) is a unit or b(x) is a unit. In other words, an irreducible is an element that cannot be factored in a non-trivial way. For historical reasons, we use the word “prime” in Z to indicate the property of being irreducible. If you study more abstract algebra, ring theory, or number theory, the differences and similarities between the two notions will become clearer.

23. Solving polynomial equations in Z/mZ

93

Theorem 11 Let F be a field, so F[x] is the ring of polynomials in the variable x with coefficients in F. Then F[x] has unique factorization into irreducibles of F[x]: for any g(x) ∈ F[x] that is not zero and not a unit, g(x) factors as g(x) = u · (p1 (x))e1 (p2 (x))e2 (p3 (x))e3 · · · (pk (x))ek , where u is a unit in F[x], the pi (x) are distinct monic irreducible polynomials, ei ∈ N, and k ∈ N. Moreover, this factorization is unique (up to reordering the pi ). We require the factors to be monic to avoid the following difficulty: in Z/7Z[x], we have 2x4 + 5 = (5x − 5)(2x + 2)(3x2 + 3) = (3x − 3)(4x + 4)(6x2 + 6), and all the factors in the center and on the right are irreducibles of Z/7Z[x]. The unique factorization guaranteed by the theorem is 2x4 + 5 = 2(x − 1)(x + 1)(x2 + 1). Proving unique factorization in this setting would take us too far afield, but it is a fact worth knowing. Some √ of the subtleties of this situation will show up when we prove that Z[i] and Z[ 2] have unique factorization.

Exercises 1. How many solutions are there to the equation 3x2 − 9x + 2 = 0 in the rings (a) Z

(d) C

(g) Z/41Z

(b) Q

(e) Z/3Z

(h) Z/25Z

(c) R

(f) Z/19Z

(i) Z/49Z?

2. How many solutions are there to the equation 4x2 − 3x − 11 = 0 in the rings (a) Z

(d) C

(g) Z/37Z

(b) Q

(e) Z/5Z

(h) Z/25Z

(c) R

(f) Z/19Z

(i) Z/49Z?

3. How many solutions are there to the equation 5x − 8x + 11 = 0 in the rings 2

(a) Z

(d) C

(g) Z/41Z

(b) Q

(e) Z/5Z

(h) Z/25Z

(c) R

(f) Z/13Z

(i) Z/49Z?

4. In the proof of Lemma 7, it was asserted that, given a polynomial P (x) ∈ R[x], and r ∈ R, we can find a polynomial Q(x) ∈ R[x] and a ∈ R such that P (x) = (x − r)Q(x) + a. If P (x) =

n

ck xk , find Q(x) and a in explicit terms. Can you characterize

k=0

a in terms of P (x)?

Chapter 2. Modular Arithmetic in Z/mZ

94

5. Factor x4 − 10x2 − 39 into irreducibles in (a) Q[x] (b) R[x] (c) C[x] (d) Z/13Z[x] (e) Z/43Z[x] 6. Factor x8 − 1 into irreducibles in (a) R[x] (b) C[x] (c) Z/13Z[x] (d) Z/43Z[x] (e) T [x], where T is the field given on page 84. 7. Factor x12 − 1 into irreducibles in (a) R[x] (b) C[x] (c) Z/13Z[x] (d) Z/43Z[x] (e) S[x], where S is the field given on page 84. 8. Factor x3 + 5x2 + 7x − 13 into irreducibles in (a) R[x] (b) C[x] (c) Z/5Z[x] (d) Z/7Z[x] (e) Z/13Z[x] 9. Let f (x) ∈ Z[x], so that f (x) =

d

ck xk for some d ∈ W and integers ck .

k=0

Define the formal derivative of f (x), denoted f  (x), by f  (x) =

d

kck xk−1 =

k=1

d−1

(j + 1)cj+1 xj .

j=0

Prove that, for a ∈ Z and f , g ∈ Z[x], we have (a) the degree of f  is one less than the degree of f (b) (a · f ) = a · f  for any integer a (c) (f + g) = f  + g  (d) (f · g) = f  · g + f · g  (e) ((f (x))n ) = n(f (x))n−1 · f  (x) for n ∈ N.

24. Solving systems of linear equations in Z/mZ

95

(f) (f ◦ g) = (f  ◦ g) · g  , where ◦ denotes composition of the polynomials 10. Using the definition in Exercise 9, show that if f ∈ Z[x], then for a ∈ Z

f (j) (a) 1 1 xj , f (x + a) = f (a) + f  (a)x + f  (a)x2 + f  (a)x3 + · · · = 2 6 j! j=0 d

where f (0) = f , f (1) = f  , and recursively f (j) = (f (j−1) ) is the jth formal derivative of f , found by taking the formal derivative j times. This expression for f is sometimes called the finite Taylor expansion of f at a. 11. How would Exercises 9 and 10 change if the polynomial ring used were C[x]? Z/mZ[x]? F [x] for a general field F ? R[x] for a general ring R? 12. Generalize Exercise 10 to the polynomial ring in two variables, Z[x, y]. 13. Let f be a polynomial with positive integer coefficients. Prove that if n is a positive integer, then f (n) divides f (f (n) + 1) if and only if n = 1.

24

Solving systems of linear equations in Z/mZ

In the previous section we generalized solving linear equations to solving polynomial equations, the way we often do in algebra. Another way to generalize is the linear algebra way: solving systems of linear equations. To choose an example at random, let’s work backward from the solution. Say x = 31. Then we get x x

≡ 1 (mod 5) ≡ 3 (mod 7).

Are there any other integers that solve this system also? We have two equations in two completely different rings, but we are asking to solve them simultaneously. This can be done since all the rings Z/mZ have the integers Z as a parent ring above them. Other solutions you might find are x = 66 or x = −4. There are infinitely many other solutions, but they all have this in common: for each solution x, we have x ≡ 31 (mod 35). It may occur to you that the 35 in this case is significant; let’s try to solve another: solve x x

≡ 3 (mod 4) ≡ 6 (mod 9).

What are some solutions? x = 15, −21, 51, . . . . Do you notice what they have in common? They all have x ≡ 15 (mod 36). Another: solve x x

≡ 4 (mod 12) ≡ 6 (mod 10).

What are some solutions? x = . . . , −44, 16, 76, . . . . What do they have in common? They all have x ≡ 16 (mod 60). Why is this situation different than the last? One last one: solve x x

≡ 1 (mod 2) ≡ 2 (mod 4).

Chapter 2. Modular Arithmetic in Z/mZ

96

What are some solutions? There are none. What do you think has happened here? As another example, consider Exercise 13 on page 79, solving x2 + x + 33 ≡ 0 (mod 105). Now, any solution s will have 105|(s2 + s + 33), so, since 105 = 3 · 5 · 7, we will have 3|s2 + s + 33,

5|s2 + s + 33,

and

7|s2 + s + 33.

We thus need to solve the equations x2 + x + 33 ≡ 0 (mod 3), x2 + x + 33 ≡ 0 (mod 5), and x2 + x + 33 ≡ 0 (mod 7). Solving the first we get x2 + x + 33 x2 + x x(x + 1) x

≡ ≡ ≡ ≡

0 (mod 3) 0 (mod 3) 0 (mod 3) 0, −1 (mod 3).

Solving the second we get x2 + x + 33 x2 + x + 3 x2 − 4x + 3 (x − 1)(x − 3) x

≡ ≡ ≡ ≡ ≡

0 (mod 5) 0 (mod 5) 0 (mod 5) 0 (mod 5) 1, 3 (mod 5).

Solving the third we get x2 + x + 33 ≡ 0 (mod 7) x2 + x − 2 ≡ 0 (mod 7) (x + 2)(x − 1) ≡ 0 (mod 7) x ≡ 1, −2 (mod 7). Trial-and-error (or some more sophisticated reasoning you that ⎧ ⎪ ⎨ x≡0 x ≡ 36 (mod 105) =⇒ x≡1 ⎪ ⎩ x≡1 and x ≡ 26 (mod 105) =⇒

⎧ ⎪ ⎨ ⎪ ⎩

or calculation) should show (mod 3) (mod 5) (mod 7)

x ≡ −1 (mod 3) x ≡ 1 (mod 5) x ≡ −2 (mod 7).

The other six combinations of solutions lead to the other six solutions: x ≡ 8, 33, 68, 71, 78, 96 (mod 105). It’s rather harder to see that all of these implications are in fact double implications, but that is the case. When we generalize, we get the Chinese remainder theorem. Theorem 12 (Chinese Remainder Theorem) Given n numbers m1 , m2 , . . . , mn , all positive and relatively prime in pairs ((mi , mj ) = 1 for i = j), and given a

24. Solving systems of linear equations in Z/mZ

97

linear equation in each mod: x x x x

≡ a1 ≡ a2 ≡ a3 ... ≡ an

(mod m1 ) (mod m2 ) (mod m3 ) (mod mn ),

where the ai are integers, there is one and only one solution to this system (mod m1 m2 m3 · · · mn ): x ≡ S (mod M ) n where M = m1 m2 m3 · · · mn = k=1 mk . For example, there is a unique solution to the system x

≡ 7 (mod 8)

x x x x

≡ ≡ ≡ ≡

1 (mod 9) 67 (mod 125) 5 (mod 7) 4 (mod 121)

and it is x ≡ 1234567 (mod 7623000). Proof . By induction on n, of course! We have proved the theorem is true when we have only one equation (which is obvious, anyway). Thus we may assume we have a solution, S, to the first n equations in a system and try to find a solution when we add one more equation xn+1 ≡ an+1 (mod mn+1 ). Let M = m1 m2 m3 · · · mn . We have (M, mn+1 ) = 1 by hypothesis, so there are integers x0 and y0 such that M x0 + mn+1 y0 = 1. Thus mn+1 y0 ≡ 1 (mod M ) and M x0 ≡ 1 (mod mn+1 ). Set x = an+1 M x0 + Smn+1 y0 . Then x ≡ S (mod M ) so it solves the first n equations, and x ≡ an+1 (mod mn+1 ) so it solves the last equation also; thus it is a solution to the entire system. We just need to prove that it is unique. If we have another solution, R, then for each index i we have S ≡ ai (mod mi )

and

R ≡ ai (mod mi )

so we have S − R ≡ 0 (mod mi ) and thus mi |(S − R) for each index i. Since all the mi are relatively prime in pairs, we apply Proposition 13 (page 63) repeatedly and get m1 m2 m3 · · · mn+1 |(S − R). Therefore, S − R ≡ 0 (mod m1 m2 m3 · · · mn+1 )

Chapter 2. Modular Arithmetic in Z/mZ

98 so

S ≡ R (mod m1 m2 m3 · · · mn+1 ) and we only have a single solution in Z/(m1 m2 m3 · · · mn+1 )Z.

Suppose we wish to solve x x x

≡ a2 (mod 2) ≡ a3 (mod 3) ≡ a5 (mod 5).

Then look at S = a2 (15) + a3 (10) + a5 (6). It is a solution to the system of congruences above. Try the system x x x

≡ a2 (mod 2) ≡ a3 (mod 3) ≡ a7 (mod 7).

Look at S = a2 (21) + a3 (14 · 2) + a7 (6 · (−1)). It is a solution to the system of congruences above. The idea, which is another, more constructive way to prove the n

Chinese remainder theorem, is to consider the integers Ni =

mk , find approprik=1 k=i

ate multipliers vi , and write the solution as S = a1 (N1 · v1 ) + a2 (N2 · v2 ) + a3 (N3 · v3 ) + · · · + an (Nn · vn ) where vi is the inverse of Ni : Ni · vi ≡ 1 (mod mi ). Example. We shall illustrate by solving the system x x x x

≡ ≡ ≡ ≡

a3 (mod 3) a5 (mod 5) a11 (mod 11) a13 (mod 13).

We let S = a3 (715 · v3 ) + a5 (429 · v5 ) + a11 (195 · v11 ) + a13 (165 · v13 ) where

715 · v3 v3

≡ ≡

1 (mod 3) 1 (mod 3)

429 · v5 (−1)v5 v5

≡ 1 (mod 5) ≡ 1 (mod 5) ≡ −1 (mod 5)

1 (mod 11) 1 (mod 11) −4 (mod 11)

165 · v13 (−4)v13 v13

≡ 1 (mod 13) ≡ 1 (mod 13) ≡ 3 (mod 13).

and 195 · v11 (−3)v11 v11

≡ ≡ ≡

24. Solving systems of linear equations in Z/mZ

99

Hence S = 715a3 − 429a5 − 780a11 + 495a13 is the solution (mod 2145)! Try this for any ai you wish to choose. This gives you a way of solving systems of linear equations, just as you may have already done in linear algebra. Example. Let’s try another system, where the linear equations must each be solved first: 2x 3x 4x 5x

≡ ≡ ≡ ≡

1 9 1 9

(mod (mod (mod (mod

5) 6) 7) 11)

=⇒

x x x x

≡ ≡ ≡ ≡

3 (mod 5) 1 (mod 2) 2 (mod 7) −18 ≡ 4 (mod 11).

So we look at S ≡ 3(154 · (−1)) + 1(385) + 2(110 · 3) + 4(70 · 3) (mod 770) so S ≡ 1423 ≡ 653 (mod 770). Check this: 2 · 653 3 · 653 4 · 653 5 · 653

≡ ≡ ≡ ≡

2 · 3 = 6 ≡ 1 (mod 5) 3 · (−1) = −3 ≡ 9 (mod 6) 4 · 2 = 8 ≡ 1 (mod 7) 5 · (−7) = −35 ≡ 9 (mod 11).

So this works as the unique solution (mod 770) promised by the theorem. Example. Let’s try another system: x ≡ 3 (mod 8) x ≡ 11 (mod 20) x ≡ 16 (mod 75). We cannot use the Chinese remainder theorem here—why? But you have shown in Exercise 5 in Section 19 (see page 77) that given a ≡ b (mod m), we have n|m =⇒ a ≡ b (mod n); in other words, given a congruence, you can change the modulus to a lower one, as long as it is a divisor of the original modulus. So what? Well, in this case, we get ⎧ ⎨ x ≡ 11 ≡ 3 (mod 4) and x ≡ 11 (mod 20) =⇒ ⎩ x ≡ 11 ≡ 1 (mod 5). Also, x ≡ 16 (mod 75) =⇒

⎧ ⎨

x ≡ 16 (mod 25) and ⎩ x ≡ 16 ≡ 1 (mod 3).

Chapter 2. Modular Arithmetic in Z/mZ

100

In fact, the Chinese remainder theorem states that the opposite implications also hold, so we get

x x x

≡ 3 (mod 8) ≡ 11 (mod 20) ≡ 16 (mod 75)

x x x x x

⇐⇒

≡ ≡ ≡ ≡ ≡

3 (mod 8) 3 (mod 4) 1 (mod 5) 16 (mod 25) 1 (mod 3).

Now consider the two congruences x ≡ 3 (mod 8)

and

x ≡ 3 (mod 4).

How can we satisfy both? The integers that satisfy the first are . . ., −5, 3, 11, 19, . . . while the integers that satisfy the second are . . ., −5, −1, 3, 7, 11, 15, . . .. Thus the second one is redundant, and we can throw it away. Similarly, when we consider the two congruences x ≡ 1 (mod 5)

and

x ≡ 16 (mod 25)

we find that the first one is redundant, so we throw it away. We are left with x x x

≡ 3 (mod 8) ≡ 1 (mod 3) ≡ 16 (mod 25),

and since we now have (8, 3) = (3, 25) = (8, 25) = 1, we can use the Chinese remainder theorem to get the answer S ≡ 3(75 · v1 ) + 1(200 · v2 ) + 16(24 · v3 ) (mod 600). Again, we need 75 · v1 ≡ 1 (mod 8) ⇐⇒ 3 · v1 ≡ 1 (mod 8) ⇐⇒ v1 ≡ 3 (mod 8), 200 · v2 ≡ 1 (mod 3) ⇐⇒ 2 · v2 ≡ 1 (mod 3) ⇐⇒ v2 ≡ −1 (mod 3), and 24 · v3 ≡ 1 (mod 25) ⇐⇒ −1 · v3 ≡ 1 (mod 25) ⇐⇒ v3 ≡ −1 (mod 25). Thus we have S ≡ 3(75 · 3) + 1(200 · (−1)) + 16(24 · (−1)) ≡ 675 − 200 − 384 ≡ 91 (mod 600) In fact 91 ≡ 3 (mod 8) 91 ≡ 11 (mod 20) 91 ≡ 16 (mod 75) so 91 is the solution to the original system of equations.

24. Solving systems of linear equations in Z/mZ

101

Example. As a final example, suppose we have x x x

≡ 5 (mod 8) ≡ 13 (mod 20) ≡ 16 (mod 75).

Proceeding as before, we get

x x x

≡ 5 (mod 8) ≡ 13 (mod 20) ≡ 16 (mod 75)

⇐⇒

x

≡ 5 (mod 8)

x x x x

≡ ≡ ≡ ≡

1 (mod 4) 3 (mod 5) 16 (mod 25) 1 (mod 3).

We can eliminate x ≡ 1 (mod 4) as redundant, since x ≡ 5 (mod 8) =⇒ x ≡ 1 (mod 4), but we get a different situation when we consider the two equations involving 5. The condition x ≡ 16 (mod 25) implies that x ≡ 1 (mod 5), which is inconsistent with the condition x ≡ 3 (mod 5), and since we need to satisfy both conditions, we see that there is no solution to this system of equations.

To summarize, if we need to solve several linear equations in different moduli simultaneously, we • Break each equation down into equations (mod pk ) (using one direction of the Chinese remainder theorem). • Solve each equation (mod pk ), using what we know about linear equations in Z/mZ. (See Section 22.) • For each prime p that occurs to different powers, resolve any contradictions or redundancies into a single equation. • Use the (other direction of the) Chinese remainder theorem to get a single answer.

Exercises 1. A troop of monkeys find some bananas in the jungle, mysteriously grouped into seventeen equal piles. There are eleven monkeys, so they divide the bananas up and find there are four bananas left over; the queen monkey gets the extra four. How many bananas did they find? 2. A band of pirates steal a bag of gold doubloons. There are nine pirates, and when they try to divide the doubloons evenly, there is one left over. In the ensuing fight, one pirate is killed. When they try to divide up the loot again (among the eight survivors), there is still one doubloon left over. In

Chapter 2. Modular Arithmetic in Z/mZ

102

the ensuing fight, a pirate is killed. They try to divide again, again one is left over, there’s another fight. This time two pirates are killed! After they wipe all the blood off the gold doubloons, the five survivors find that they can finally divide the gold up evenly. How much gold did they steal? 3. Three children (Eva, Rafael, and Carly) try to measure their living room: they have no rulers, so they use their feet. Each child steps off a certain number of foot-lengths, and they all end up three inches short of the far wall. Unfortunately, being children, they forgot to count how many steps long the living room was. If the children’s feet were five, seven, and nine inches long, how long do you think the living room was? 4. Calculate 6618095 (mod 63). 5. Solve the system of congruences x ≡ 4 (mod 11) x ≡ 3 (mod 17) 6. Solve the system of congruences y ≡ 1 (mod 2) y ≡ 2 (mod 3) y ≡ 3 (mod 5) 7. Solve the system of congruences 5z 8z 3z 4z

≡1 ≡2 ≡3 ≡1

(mod (mod (mod (mod

2) 3) 5) 7)

8. Solve the system of congruences 6t ≡ 1 5t ≡ 3 3t ≡ 12 2t ≡ 10 t≡6

(mod 11) (mod 12) (mod 13) (mod 17) (mod 19)

9. Solve the system of congruences s ≡ 5 (mod 6) s ≡ 3 (mod 10) s ≡ 8 (mod 15) 10. Solve the system of congruences v ≡ 2 (mod 14) v ≡ 16 (mod 21) v ≡ 10 (mod 30)

25. Lifting roots in Z/pn Z

103

11. Solve the system of congruences 3w ≡ 6 (mod 27) 4w ≡ 2 (mod 15) 3w ≡ 5 (mod 25) 12. Solve the system of congruences 10m ≡ 20 (mod 12) 3m ≡ 4 (mod 8) 3m ≡ 6 (mod 14) 7m ≡ 8 (mod 15) 13. Solve the system of congruences 4p ≡ 1 7p ≡ 4 5p ≡ 3 4p ≡ 9

(mod (mod (mod (mod

9) 10) 12) 15)

14. If y = x2 for x ∈ Z, what are the possibilities for y ≡ a (mod 10)? That is, what are the possible last digits for perfect square integers? 15. If y = x2 for x ∈ Z, what are the possibilities for y ≡ a (mod 100)? That is, what are the possible last pair of digits for perfect square integers? 16. Prove that 1110 − 1 is divisible by 100. 17. Use the Chinese remainder theorem to show that 7n has last two digits 07 49 43 01

if if if if

n n n n

is is is is

of of of of

the the the the

form form form form

4k + 1 4k + 2 4k + 3 4k

(Compare to Exercise 4a on page 16.)

25

Lifting roots in Z/pn Z

With a little modification, we can use the template on page 101 to solve polynomial equations in Z/mZ as well. We therefore need something similar to Section 22; that is, a method for solving polynomial equations (mod pk ). Lagrange’s theorem is a step in that direction, but only applies to (mod p) and even there it merely limits the number of possible roots. We start our investigation with an example: can we solve x2 + 5 ≡ 0 (mod 81)? Our first step is to see if we can solve x2 + 5 ≡ 0 (mod 3); clearly if this cannot be solved then neither can the original equation. By inspection, x ≡ ±1 (mod 3) are

104

Chapter 2. Modular Arithmetic in Z/mZ

both solutions. Thus any integer solution must be in the form x = ±1 + 3k. We now use this to work upwards to a solution in Z/9Z: let x = 1 + 3k, substitute, and try to find k. We get (1 + 3k)2 + 5 1 + 6k + 9k2 + 5 6k + 6 2k + 2 k

≡ ≡ ≡ ≡ ≡

0 0 0 0 2

(mod (mod (mod (mod (mod

9) 9) 9) 3) 3).

Thus we get the solution x ≡ 7 (mod 9); if we had started with x ≡ −1 (mod 3) we would also have x ≡ −7 (mod 9). We now work upward again in the same way: substitute x = 7 + 9k into the equation and try to find a solution in Z/27Z: (7 + 9k)2 + 5 49 + 2 · 7 · 9k + 5 54 + 2 · 7 · 9k 6 + 2 · 7k 2k k

≡ ≡ ≡ ≡ ≡ ≡

0 0 0 0 0 0

(mod (mod (mod (mod (mod (mod

27) 27) 27) 3) 3) 3).

Thus we have x ≡ 7 (mod 27) ⇐⇒ x = 7 + 27k, and we work upward one more step: (7 + 27k)2 + 5 49 + 2 · 7 · 27k + 5 54 + 2 · 7 · 27k 2 + 2 · 7k 2 + 2k k

≡ ≡ ≡ ≡ ≡ ≡

0 0 0 0 0 2

(mod (mod (mod (mod (mod (mod

81) 81) 81) 3) 3) 3).

Therefore, we get x = 7 + 2 · 27 ≡ 61 (mod 81). This process is known as lifting roots, and it is very similar to the process in Project F. If we had lifted the solution x ≡ −1 (mod 3) it is not hard to see that we would have found the solution x ≡ −61 ≡ 20 (mod 81). Brute force will confirm that x ≡ 20, 61 (mod 81) are in fact the only solutions to the equation x2 + 5 ≡ 0 (mod 81). Another example is the following: solve x2 + x + 4 ≡ 0 (mod 125). As before, we first solve the simpler equation x2 + x + 4 ≡ 0 (mod 5) and get x ≡ 2 (mod 5) as the only solution. Thus x = 2 + 5k and we substitute to get (2 + 5k)2 + (2 + 5k) + 4 ≡ 0 (mod 25) 4 + 2 · 2 · 5k + 2 + 5k + 4 ≡ 0 (mod 25) 10 + 25k ≡ 0 (mod 25), which clearly has no solutions. Thus we cannot solve x2 + x + 4 ≡ 0 (mod 25), let alone x2 + x + 4 ≡ 0 (mod 125); again brute force confirms this.

25. Lifting roots in Z/pn Z

105

As a final example, let’s solve x4 + 3x + 45 ≡ 0 (mod 343). First, we find roots of x4 +3x+45 in Z/7Z; by inspection, x ≡ 1 (mod 7) is the only solution. Substituting x = 1 + 7k, we get (1 + 7k)4 + 3(1 + 7k) + 45 1 + 4 · 7k + 3 + 21k + 45 49 + 4 · 7k + 21k 4k + 3k 0

≡ ≡ ≡ ≡ ≡

0 0 0 0 0

(mod (mod (mod (mod (mod

49) 49) 49) 7) 49),

so any value of k works. Thus we get solutions x ≡ 1, 8, 15, 22, 29, 36, 43 (mod 49), and we must attempt to lift each one to a solution or solutions in Z343 . To attempt to do so without making seven separate calculations, we may write x = 1+7k+49m, where we already know that k = 0, 1, 2, 3, 4, 5, or 6 and we are trying to find m. We get (1 + 7k + 49m)4 + 3(1 + 7k + 49m) + 45 (1 + 7k) + 4(1 + 7k)3 49m + 3(1 + 7k + 49m) + 45 f (1 + 7k) + 4(1 + 7k)3 49m + 3 · 49m f (1 + 7k) + (4(1 + 7k)3 + 3)49m f (1 + 7k) + f  (1 + 7k) · 49m 4

≡ ≡ ≡ ≡ ≡

0 0 0 0 0

(mod (mod (mod (mod (mod

343) 343) 343) 343) 343),

where we are using the formal derivative f  (x) = 4x3 + 3 of f (x) = x4 + 3x + 45 (see Exercise 9 in Section 23). This last equation can clearly be reduced to f (1 + 7k) + f  (1 + 7k)m ≡ 0 (mod 7), 49 since we know that f (1 + 7k) ≡ 0 (mod 49) from the work above. Since 1 + 7k ≡ 1 (mod 7), we have f  (1 + 7k) ≡ f  (1) ≡ 0 (mod 7). Thus this equation reduces to f (1 + 7k) ≡ 0 (mod 7), 49 and we are merely checking whether the seven answers above, for each of which f (r) ≡ 0 (mod 49), also satisfy f (r) ≡ 0 (mod 343). It turns out that none of the seven solutions in Z/49Z is a solution in Z/343Z: f (1) f (8) f (15) f (22) f (29) f (36) f (43)

≡ ≡ ≡ ≡ ≡ ≡ ≡

49 (mod 343) 49 (mod 343) 294 (mod 343) 98 (mod 343) 147 (mod 343) 98 (mod 343) 294 (mod 343);

therefore the equation x4 + 3x + 45 ≡ 0 (mod 343) has no solutions. How can we make sense of what is going on? One thing to note is that although at the first step we have to solve a polynomial equation in Z/pZ, as we lift we only

106

Chapter 2. Modular Arithmetic in Z/mZ

have to solve linear equations (in Z/pZ) from then on. The higher order terms always disappear, and after dividing out an appropriate power of p, we are always left with a linear equation, in Z/pZ. Section 22 gave us a mechanism for dealing with that problem, and in fact what we saw is that we will always get a unique solution if the coefficient of x is non-zero (remember, we are in Z/pZ), else we will get either p roots or no roots, depending on whether the constant term is zero or non-zero. Can we get our hands on the coefficient of x, and on the constant term? In general, we are faced with the following problem: suppose f (x) ∈ Z[x] is a polynomial with integer coefficients, and suppose r ∈ Z/pn Z is a root: f (r) ≡ 0 (mod pn ), so f (r) = s · pn for some integer s. Then we write x = r + k · pn and substitute, using a finite Taylor expansion (see Exercise 10 in Section 24): f (r + k · pn ) f (r) + k · pn f  (r) + terms involving at least pn+1 f (r) + k · pn f  (r) s · pn + k · pn f  (r) s + kf  (r)

≡ ≡ ≡ ≡ ≡

0 0 0 0 0

(mod (mod (mod (mod (mod

pn+1 ) pn+1 ) pn+1 ) pn+1 ) p).

We thus will get a unique value for k ⇐⇒ (f  (r), p) = 1; if p|f  (r) then we get p solutions if p|s, and zero solutions otherwise. We may rephrase p|s as f (r) ≡ 0 (mod pn+1 ), and we get something I will call the lifting roots theorem, which has traditionally been called Hensel’s lemma. (A lemma for what? Answering that would take us beyond the scope of this book, but a partial answer may be found in Project F.) Theorem 13 (Lifting Roots Theorem orHensel’s Lemma) Given f (x) =  kak xk−1 . Suppose p is a positive ak xk ∈ Z[x], define f  ∈ Z[x] by f  (x) = prime, and suppose r is an integer such that f (r) ≡ 0 (mod pn ). Then f (x) has a unique solution (mod pn+1 ) that is ≡ r (mod pn ) if (p, f  (r)) = 1, p solutions (mod pn+1 ) that are ≡ r (mod pn ) if p|f  (r) and pn+1 |f (r), no solutions (mod pn+1 ) that are ≡ r (mod pn ) otherwise; that is, if p|f  (r) and pn+1 /|f (r).

In other words, a root r (mod pn ) lifts uniquely if p does not divide the formal derivative f  (r). If p does divide the formal derivative f  (r), then we get p roots above r if r was already a root (mod pn+1 ); if r was a solution (mod pn ) but not a solution (mod pn+1 ), then there are no solutions above r (mod pn+1 ) (or, obviously, in (mod pt ) for any t > n). For the three examples at the beginning of the section, we had 1. f (x) = x2 + 5, p = 3, r = ±1. Since the formal derivative f  (x) = 2x, f  (r) = ±2 ≡ 0 (mod 3) and so the roots each lifted uniquely (up to p2 , then to p3 , and then to p4 = 81). 2. f (x) = x2 + x + 4, p = 5, r = 2. The formal derivative is f  (x) = 2x + 1, so f  (r) = f  (2) ≡ 0 (mod 5). r = 2 is a solution (mod 5), but not (mod 25), so r = 2 doesn’t lift, and there are no solutions in Z/25Z, nor in Z/125Z.

25. Lifting roots in Z/pn Z

107

3. f (x) = x4 + 3x + 45, p = 7, r = 1. Then f  (x) = 4x3 + 3, so f  (1) = 7. Since f (r) = 49 is a solution (mod 49) as well as (mod 7), the root x = 1 splits into the seven solution x = 1, 8, 15, 22, 29, 36, and 43 (mod 49); however, none of these roots is a solution (mod 343), so none of them lift to Z/343Z. As a final example, let’s look back at Exercise 12 (page 79). How do we solve x2 + 18x + 8 ≡ 0 (mod 24)? The Chinese remainder theorem says we can solve this by solving x2 + 18x + 8 ≡ 0 (mod 3) and x2 + 18x + 8 ≡ 0 (mod 8). The first equation reduces to x2 + 2 ≡ 0 (mod 3) or better yet x2 ≡ 1 (mod 3) and we see the solutions are x ≡ ±1 (mod 3). As for the second equation, we will attack it by starting in Z/2Z and lifting roots up to Z/8Z. In Z/2Z we have to solve x2 ≡ 0 (mod 2), which clearly has the single root x ≡ 0 (mod 2). Now f  (x) = 2x + 18, so this will always be zero (mod 2), so roots will either fail to lift at all, or they will split into two roots in the higher modulus. In this case, f (0) = 8 ≡ 0 (mod 4), so the single root x ≡ 0 (mod 2) becomes the two roots x ≡ 0, 2 (mod 4). Once again f  (r) ≡ 0 (mod 2) for both roots r, and now we see that f (0) = 8 ≡ 0 (mod 8) and f (2) = 48 ≡ 0 (mod 8); thus these two roots again split into four roots: x ≡ 0, 2, 4, 6 (mod 8). At this point we can stop and glue our Z/8Z and Z/3Z answers together to get the eight solutions x ≡ 2, 4, 8, 10, 14, 16, 20, 22 (mod 24). It is instructive, though, to continue from Z/8Z up to Z/16Z. Now we get f (0) ≡ f (6) ≡ 8 (mod 16), so these two roots do not lift at all, but f (2) ≡ f (4) ≡ 0 (mod 16), so these two roots split and we have the four solutions x ≡ 2, 4, 10, 12 (mod 16). Going one more step up to Z/32Z, the two roots x = 2 and x = 12 fail to lift, but the two roots x = 4 and x = 10 do lift and split into the four roots x ≡ 4, 10, 20, 26 (mod 32). One could keep going, but at this point we will stop and hope that the method, and the reasoning, is clear.

Exercises 1. Find the roots of x4 + x2 + x − 3 in Z/49Z. 2. Find the roots of x4 + x2 + 3x − 1 in Z/49Z. 3. Find the roots of x4 − 1 in (a) Z/125Z (b) Z/27Z (c) Z/73 Z. 4. Find the roots of x6 − 1 in Z/27Z. 5. How many roots does x2 + x + 1 have in Z/3k Z? 6. A unit in Zm is its own inverse ⇐⇒ u2 ≡ 1 (mod m) ⇐⇒ u is a root of x2 − 1 in (Z/mZ)× . How many roots does x2 − 1 have (how many self-inverse units are there) in (a) Z/7Z, Z/49Z, Z/343Z (b) Z/pZ, Z/p2 Z, Z/p3 Z (here p is an odd prime integer) (c) Z/pqZ, Z/pq 2 Z, Z/p2 qZ, Z/p2 q 2 Z, . . . , Z/pm q n Z (here p and q are distinct odd prime integers)

Chapter 2. Modular Arithmetic in Z/mZ

108

(d) Z/2Z, Z/4Z, Z/8Z, Z/16Z, . . . , Z/2k Z (here k is a positive integer) (e) Z/mZ, in general? 7. Consider the equation xd ≡ 0 (mod pk ), for d and k ∈ N and p a prime integer. (a) Count how many solutions there are by considering the prime factorization of any solution. (b) Use Theorem 13 to count how many solutions there are.

26

Wilson’s theorem and its converse

If you have done Exercise 9 in Section 19 (see page 77), you should have conjectured the following: Theorem 14 (Wilson’s Theorem (plus)) ⎧ ⎪ if m = 4; ⎨2 (mod m) (m − 1)! ≡ −1 (mod m) if m is a prime; ⎪ ⎩ 0 (mod m) otherwise. Wilson’s original theorem only stated that “if m is a prime, then (m − 1)! ≡ −1 (mod m).” We have improved on that. Proof . Clearly the statement is true for m = 4, since in that case (m − 1)! = 3! = 6 ≡ 2 (mod 4). It is also clear that the statement is true when m = 2, since (1 − 1)! = 1 ≡ −1 (mod 2). Now, suppose m > 2 is a prime. Then we are multiplying together all the units in Z/mZ. Now, we know all the units have (unique) inverses, so we expect them all to cancel out in pairs and give us 1. Why do we get −1 instead? Well, some units may be their own inverses, hence they won’t cancel out of the product. In fact, those are the only units we need to worry about, since the other units will cancel out in pairs. So we need to think about which units are their own inverses. We already know 1 and −1 are their own inverses; are there others? Well, we need to worry about u ∈ (Z/mZ)× such that u · u ≡ 1 (mod m). But Lagrange’s theorem states that this equation has at most two solutions, since we are trying to solve the quadratic equation x2 − 1 = 0 in a prime modulus. Thus we already have the only solutions, x = ±1. (If m = 1 we have a single solution, which we may call +1 or −1.) Thus all the other units cancel in pairs and we are left with (m − 1)! ≡ 1 · (−1) ≡ −1 (mod p). The second statement is proved. For the third statement, we must realize that m is not a prime ⇐⇒ m = a · b where 1 < a < m and 1 < b < m.

26. Wilson’s theorem and its converse

109

Thus when we multiply out (m − 1)! = (m − 1)(m − 2)(m − 3) · · · (3)(2)(1), we will get a · b · (rest) as long as a = b. Thus we must only worry about numbers m that can only be factored as m = a · a. A little thought or experimentation will convince you that this can only occur for m = p2 where p is a prime. But in that case we get (m − 1)! = (1)(2)(3) · · · (p)(p + 1) · · · (2p)(2p + 1) · · · (p2 − 1) and since m = p2 , we will have m|(m − 1)! =⇒ (m − 1)! ≡ 0 (mod m). Thus we will have proved the theorem as long as 2p < p2 , because in that case 2p as well as p will appear when we multiply out (m − 1)!, so we will get zero. But p > 2 =⇒ p2 > 2p, so we have proved the third statement in all cases except p = 2, m = p2 = 4; and that is exactly the exception most of you noted and we wrote into the theorem. Thus the theorem is proved.

You will notice that we got zero when m is not a prime because we were multiplying out everything in Z/mZ, units as well as zero-divisors. When m is a prime, we multiplied out all the units and got −1. What if we just multiply out all the units: what is u (mod m)? u∈(Z/mZ)×

We have proved that m is prime implies that the product is −1; what do we get for m not a prime? A little experimentation gives product = 1 · 3 product = 1 · 5 product = 1 · 2 · 4 · 5 · 7 · 8 product = 1 · 3 · 7 · 9

≡ ≡ ≡ ≡

−1 −1 −1 −1

(mod (mod (mod (mod

4) 6) 9) 10),

so you may think it is always −1, just like in the prime case. But we also have product = 1 · 3 · 5 · 7 product = 1 · 5 · 7 · 11 product = 1 · 3 · 5 · 9 · 11 · 13 product = 1 · 2 · 4 · 7 · 8 · 11 · 13 · 14

≡ ≡ ≡ ≡

1 (mod 8) 1 (mod 12) −1 (mod 14) 1 (mod 15),

so it’s not so clear.

Exercises 1. If p is an odd positive prime in Z, prove that 12 · 32 · 52 · · · (p − 4)2 (p − 2)2 ≡ (−1)

p+1 2

(mod p)

and that 22 · 42 · 62 · · · (p − 3)2 (p − 1)2 ≡ (−1) 2. Let p be a positive prime integer.

p+1 2

(mod p).

Chapter 2. Modular Arithmetic in Z/mZ

110

(a) What is the constant term of the polynomial p−1

fp (x) = (x − 1)(x − 2)(x − 3) · · · (x − (p − 1)) =

(x − k) k=1

in Z/pZ[x]? (b) Calculate f2 (x), f3 (x), f5 (x), and f7 (x). (c) Conjecture a closed-form expression for fp (x), where p is a positive prime integer. 3. Prove that the product of all the units in Z/mZ,

u, is always ±1. u∈(Z/mZ)×

4. After gathering more evidence, conjecture a rule for when the product of units in Zm is +1, and when the product is −1. 5. Let p > 2 be aprimeinteger. Rather than calculate (p−1)! (mod p), suppose p−1 we calculate ! (mod p), as in the table 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 p−1 p . ! (mod p) 1 2 6 10 5 13 18 1 12 1 31 9 42 46 23 1 2   p−1 Conjecture a rule for ! (mod p). 2

27

Calculating ϕ(n)

The function ϕ(n) goes from N to N (that is, it takes as input positive integers and × gives back positive integers), and it counts the number of elements in (Z/nZ) ; i.e., the number of units in Z/nZ. We have conjectured that (m, n) = 1 =⇒ ϕ(mn) = ϕ(m) · ϕ(n) and that n > 2 =⇒ ϕ(n) is even. We will prove these, and also come up with a formula for ϕ(n). First, consider the two statements (a, mn) = 1

and

(a, m) = (a, n) = 1.

The first is equivalent to saying “a is a unit in Z/mnZ” and the second is equivalent to saying “a is a unit in Z/mZ and also in Z/nZ.” What is the relationship between the two statements? We will prove the

Proposition 20 For integers a, m, and n, we have (a, mn) = 1 ⇐⇒ (a, m) = (a, n) = 1.

27. Calculating ϕ(n)

111

Proof . ( =⇒ ) We have (a, mn) = 1 ⇐⇒ ax + mny = 1 for some integers x and y. But then we get a(x) + m(ny) = 1 =⇒ (a, m) = 1 and a(x) + n(my) = 1 =⇒ (a, n) = 1. (⇐=) Now suppose (a, mn) = 1. Then we have (a, mn) > 1 (you can take care of the case (a, mn) = 0 yourself), so there is a prime p that divides (a, mn). Then we have p|a and p|mn =⇒ p|m or p|n. Therefore p|(a, m) or p|(a, n); in either case, we must have that (a, m) = (a, n) = 1 is false. Thus we have proved the implication in both directions, and the theorem is proved.

(A quicker proof of the ⇐= direction above is this: (a, m) = (a, n) = 1 =⇒ ar + ms = ax+ny = 1, so 1 = (ar +ms)(ax+ny) = a(arx+msx+rny)+(mn)(sy) =⇒ (a, mn) = 1. It’s a silly trick, but it’s quick.) ×

×

So we have proved that a is in (Z/mnZ) ⇐⇒ a is in (Z/mZ) and a is in (Z/nZ)× . Before we proceed to the proof that ϕ is multiplicative, i.e., that (m, n) = 1 =⇒ ϕ(mn) = ϕ(m)ϕ(n), let’s try an example of how the proof will proceed. Let’s write Z/36Z as 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36. We can consider the first row as Z/4Z. What we will do is cross out every number a such that (a, 4) = 1 and then cross out all the numbers such that (a, 9) = 1. We will be left with all a such that (a, 4) = (a, 9) = 1, hence with all a such that × (a, 36) = 1, hence we will have (Z/36Z) . We can then count to get ϕ(36). In Exercise 6 in Section 19 (see page 77) it was shown that a ≡ b (mod m) =⇒ (a, m) = (b, m). Since all the numbers in each column are congruent (mod 4), when we cross out one number we can cross out its whole column. We thus cross out the second and fourth columns, and we are left with all the odd numbers, which are all relatively prime to 4. Now consider each column that is left. There are nine numbers in each. Do these nine numbers represent Z/9Z? Why or why not? From Exercise 11 in Section 18 (page 76), you can see that since each column is the set {a, a + 4, a + 2 · 4, a + 3 · 4, . . . , a + (9 − 1) · 4} and since (4, 9) = 1 (this fact is crucial), we must have that each column (crossed out or not) is in fact a set of representatives of Z/9Z. There are ϕ(4) columns left

Chapter 2. Modular Arithmetic in Z/mZ

112

(since we crossed out all the columns whose top number was not in (Z/4Z)× ), and each column contains ϕ(9) units in Z/9Z, hence in Z/36Z. We have proved that ϕ(36) = ϕ(4·9) = ϕ(4)·ϕ(9), and the fact that (4, 9) = 1 was crucial; we could have arranged it in six columns of six numbers, and crossed out until there were only two columns left (ϕ(6) = 2), but then each column would not have represented Z/6Z, and we could not have proceeded as we did. Let’s try this in general, to make sure the reasoning is sound. Suppose we have positive integers m and n that are relatively prime: (m, n) = 1. Then we wish to calculate ϕ(mn) = #(Z/mnZ)× . We thus write Z/mnZ in a rectangular m × n array and cross out everything that is not relatively prime to mn. By the above proposition, that is all the numbers that are not relatively prime to m, as well as all the numbers that are not relatively prime to n. So we proceed: write Z/mnZ as ··· ··· ··· ··· .. .

m 2m 3m 4m .. .

(n − 1)m + 1 (n − 1)m + 2 (n − 1)m + 3 (n − 1)m + 4 · · ·

nm.

1 m+1 2m + 1 3m + 1 .. .

2 m+2 2m + 2 3m + 2 .. .

3 m+3 2m + 3 3m + 3 .. .

4 m+4 2m + 4 3m + 4 .. .

Each row represents Z/mZ, that is clear; but each column is the set {a, a + m, a + 2m, a + 3m, . . . , a + (n − 1)m} and we know from Exercise 11 in Section 18 (page 76) that because (m, n) = 1, this is a set of representatives for Z/nZ. Thus each row is Z/mZ and each column is Z/nZ. We cross out whole columns when the top number is not in (Z/mZ)× ; this leaves ϕ(m) columns. In each column not crossed out, we cross out everything that is not in (Z/nZ)× ; now each column has either zero or ϕ(n) units in it. Every number left is relatively prime to mn, since it is relatively prime to m and relatively prime to n; every number crossed out had something in common with m or with n, thus it has something in common with mn. We are thus left with ϕ(n) numbers in each of ϕ(m) columns, and these are all the elements of (Z/mnZ)× . This proves Proposition 21 For m and n in N with (m, n) = 1, we have ϕ(mn) = ϕ(m) · ϕ(n). What is ϕ(n), therefore? We have said before that ϕ(1) = 1, so we may assume n > 1. Thus n has a factorization into powers of primes: r

n = pe11 pe22 pe33 · · · perr =

pei i . i=1

Therefore ϕ(n) = ϕ (pe11 ) ϕ (pe22 pe33 · · · perr ) since (pe11 , rest) = 1. Similarly, we may break up n into relatively prime chunks and get r

ϕ(n) = ϕ (pe11 ) ϕ (pe22 ) ϕ (pe33 ) · · · ϕ (perr ) =

ϕ (pei i ) . i=1

27. Calculating ϕ(n)

113

So to calculate ϕ(n) all we need to know is how to calculate ϕ(pk ) where p is a prime and k ≥ 1. We already know

that ϕ(p)

= p − 1, since we have proved that Z/pZ is a field; what about ϕ p2 ? or ϕ p3 ? The thing to notice is that for any integer a, whether or not (a, pk ) is 1 is a very easy question to answer. What can (a, pk ) be? It must be a divisor of pk , and the only divisors of pk are 1, or p, or p2 , etc., i.e., pj where 0 ≤ j ≤ k. All of the divisors except 1 are divisible by p. Thus (a, pk ) = 1 ⇐⇒ p|a. Thus to calculate ϕ(pk ) we need only see how many of the numbers in Z/pk Z are divisible by p; once we’ve crossed them off, only the units will remain. We have Z/pk Z = {1, 2, 3, . . . , p, p + 1, . . . , 2p, . . . , 3p, . . . , p2 , p2 + 1, . . . , pk }. There are pk elements, and among every p of them we get one that is divisible by p, and hence is not a unit. Thus there are p1 pk = pk−1 non-units, hence pk − pk−1 units. Therefore ϕ(pk ) = pk − pk−1 = pk−1 (p − 1) for p a prime and k ≥ 1. We may use this to calculate ϕ(n) for any positive integer. We get ϕ(n) = ϕ (pe11 ) ϕ (pe22 ) ϕ (pe33 ) · · · ϕ (perr ) r

ϕ (pei i )

= i=1 r

=

pei i −1 (pi − 1)

i=1 r

pei i

=

i=1 r

pi − 1 pi

pi − 1 pi i=1  r  1 = n 1− pi i=1 = n

This is the formula that many people use to calculate ϕ(n). Thus to calculate ϕ(60) we just notice that 60 = 22 · 3 · 5, and we get         1 2 4 1 1 1 ϕ(60) = 60 1 − 1− 1− = 60 = 16. 2 3 5 2 3 5 A good way, I find, to think of this formula, is to realize that for a in Z/nZ, a is not a unit ⇐⇒ there is a prime p such that p|n and p|a. Since for each prime p, p1 of all numbers are divisible by it, we can get (Z/nZ)× by starting with  Z/nZ (n elements) and throwing away the numbers divisible by p1  (n 1 − p11 elements left), then of the numbers that are left, throwing away those    divisible by p2 (n 1 − p11 1 − p12 elements left), and continuing this way for all the primes that divide n. In the example above, we start with Z/60Z = {1, 2, 3, . . . , 60}

Chapter 2. Modular Arithmetic in Z/mZ

114

then throw away all the even numbers (those that share the prime 2 with 60) to get {1, 3, 5, 7, 9, . . . , 57, 59} (thirty are left) then throw away the ones that are left that are divisible by 3, namely 3, 9, 15, 21, 27, 33, 39, 45, 51, and 57, to get {1, 5, 7, 11, 13, 17, 19, 23, 25, 29, 31, 35, 37, 41, 43, 47, 49, 53, 55, 59}

(twenty left)

and then throw away those that share the prime 5 with 60: namely, 5, 25, 35, and 55. Thus (Z/60Z)× = {1, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 49, 53, 59}

(sixteen left).

You might try this for, say n = 105 = 3 · 5 · 7 and see why we get     2 4 6 ϕ(105) = 105 = 48 3 5 7 because we kept the 23 that were not divisible by 3 (70 numbers), then kept the 45 of what was left that were not divisible by 5 (56 numbers), then kept the 67 of what was left that were not divisible by 7 (48 units). Another thing you can try is to prove that

ϕ(d) = n; d|n,d>0

that is, if you add up ϕ(d) for all the positive divisors, d, of n, you will get n itself. An example is to take, say, n = 60. Then the positive divisors of 60 are d = 1, 2, 3, 4, 5, 6, 10, 12, 15, 20, 30, and 60; and we have

ϕ(d) = ϕ(1) + ϕ(2) + ϕ(3) + ϕ(4) + ϕ(5) + ϕ(6) + ϕ(10) + ϕ(12) + ϕ(15) d|60,d>0

+ ϕ(20) + ϕ(30) + ϕ(60) = 1 + 1 + 2 + 2 + 4 + 2 + 4 + 4 + 8 + 8 + 8 + 16 = 60.

Exercises 1. Show that ϕ(n) = 2 ⇐⇒ n = 3, 4 or 6. 2. Show that ϕ(n) = 4 ⇐⇒ n = 5, 8, 10, or 12. 3. Calculate ϕ(n) for n = 21, 22, 23, 24, 25, 26, and 27. 4. Show that n is odd =⇒ ϕ(2n) = ϕ(n). Is the converse true? State and prove a theorem relating ϕ(2n) to ϕ(n). 5. Explain why ϕ(p3 q 2 r) = ϕ(pq 3 r 2 ) for distinct primes p, q, and r. 6. Explain why ϕ(n) is even if n > 2

28. Euler’s and Fermat’s theorems

115

(a) by using the formulas derived in this section (b) by pairing the units (in some way) in (Z/mZ)× . 7. If u is a unit (mod m) then u−1 , −u, and −u−1 are also. However, the units 1 and −1 are self-inverses as well as being additive inverses of each other. This would seem to imply that ϕ(m) ≡ 2 (mod 4), but that would sometimes contradict the rule ϕ(p) = p − 1 for prime integers p. What can we conclude, when p ≡ 1 (mod 4)? 8. If u is a unit (mod m) then u−1 , −u, and −u−1 are also. However, the units 1 and −1 are self-inverses as well as being additive inverses of each other. This would seem to imply that ϕ(m) ≡ 2 (mod 4); however this is false. The prime case is taken care of in the previous exercise; in this exercise we look at the composite case. For composite m < 150, we have ϕ(m) = 4k+2 ⇐⇒ m ∈ {4, 6, 9, 14, 18, 22, 27, 38, 46, 49, 54, 62, 81, 86, 94, 98, 118, 121, 134, 142}. Conjecture a rule for when ϕ(m) ≡ 2 (mod 4) for composite m. 9. ϕ(10) = 4 = ϕ(12). Can you find other sets of primes p, q, and r for which ϕ(pq) = ϕ(p2 r)? 10. Suppose ϕ(n) = 23 n. What can you deduce about the prime factorization of n? 11. Suppose ϕ(n) = n?

8 17 n.

What can you deduce about the prime factorization of

12. Suppose ϕ(n) = n?

8 35 n.

What can you deduce about the prime factorization of

13. There are five values of n (all < 100) for which ϕ(n) = 20. Find these values (without the use of technology). 14. There are ten values of n (all < 100) for which ϕ(n) = 24. Find these values (without the use of technology). 15. Show that, for n ∈ N, we have

ϕ(d) = n.

d|n, d>0

16. Let m, n ∈ N. Show that m|n =⇒ ϕ(m)|ϕ(n). Is the converse true?

28

Euler’s and Fermat’s theorems

Given m ∈ N, the number ϕ(m) counts how many elements of Z/mZ are units, but there are other significant facts about the function ϕ. We have the following very important

116

Chapter 2. Modular Arithmetic in Z/mZ

Theorem 15 (Euler’s Theorem) If m ≥ 2 is an integer, and (a, m) = 1 for some integer a, then aϕ(m) ≡ 1 (mod m) i.e., × a ∈ (Z/mZ)× =⇒ a(size of (Z/mZ) ) ≡ 1 (mod m).

Proof . Some of you, those who have taken abstract algebra, already know this theorem; in that course, it is an example of the fact that an element of a finite group, raised to the power of the size of the group, is the identity. We will prove it by looking at the set (Z/mZ)× = {u1 , u2 , u3 , . . . , uϕ(m) }. It was proved in Exercise 3 (page 110) that b = u1 u2 u3 · · · uϕ(m) =

u u∈(Z/mZ)×

is ±1; but all we care about is that this element, which is a product of units, is also a unit in Z/mZ. Now suppose a is any unit in (Z/mZ)× , and consider the set S = {au1 , au2 , au3 , . . . , auϕ(m) }. What is this set? Everything in S is a unit, so S ⊆ (Z/mZ)× . On the other hand, if two elements of S were equal, then we would have aui ≡ auj (mod m) ⇐⇒ ui ≡ uj (mod m) since a is a unit. Thus we have no repeats, so S is the same size as (Z/mZ)× and so we must have S = (Z/mZ)× . So if we multiply all the elements of S, we must get b again. Thus we have b ≡ (au1 )(au2 )(au3 ) · · · (auϕ(m) ) = aϕ(m) u1 u2 u3 · · · uϕ(m) = aϕ(m) b (mod m) and since b is a unit we can cancel it to get 1 ≡ aϕ(m) (mod m).

An important corollary is called Fermat’s little theorem. Theorem 16 (Fermat’s Little Theorem) If p is a prime integer and p/|a, then ap−1 ≡ 1 (mod p).

28. Euler’s and Fermat’s theorems

117

Proof . We have p/|a ⇐⇒ (a, p) = 1, and p a prime =⇒ ϕ(p) = p − 1, so we may use Euler’s theorem to prove Fermat’s little theorem.

This theorem should not be confused with Fermat’s last theorem, which was unproved from when Fermat stated it (“no positive solution in integers x, y and z exists to the equation xn + y n = z n if the (integral) power n is greater than 2”) in 1637 until 358 years later, when it was proven by Andrew Wiles, building on earlier work by Gerd Faltings, Gerhard Frey, Goro Shimura, Hitaka Taniyama, Kenneth Ribet, and many others. (Andrew Wiles was the present author’s calculus professor freshman year.) Corollary 4 If p is a prime in Z, we have ap ≡ a (mod p) for all integers a. Corollary 5 If p is a prime in Z, we have (x + y)p ≡ xp + y p (mod p) for any integers x and y.

Exercises 1. Prove Corollary 4. 2. Prove Corollary 5. 3. Prove that 5n3 + 7n5 ≡ 0 (mod 12) for all integers n. 4. Find all positive integers n for which n13 ≡ n

(mod 1365).

5. One of the following statements is always true and one is sometimes false: n7 ≡ n3

n6 ≡ n2

(mod 40)

(mod 40).

By thinking a little first you should know which one is true and which isn’t; you should prove the true statement and give a counterexample for the false statement. 6. For which integers n is the following true? n21 ≡ n

(mod 2310).

Hint: It is true for n = 1 but false for n = 2, so we see it is sometimes true and sometimes false. Your answer to this problem should tell your reader if is true or false for n = 99, or n = −35, or n = 123456789, etc. 7. Let p be a prime integer. Factor xp−1 − 1 in Z/pZ[x]. Use this factorization to prove Wilson’s theorem again. 8. One of the themes in this book is whether a given ring contains a solution to the equation x2 = −1 (such a solution plays the role of the complex number i). Suppose p > 2 is a prime integer, and suppose a solution exists to the equation x2 ≡ −1 (mod p). Use Fermat’s little theorem to show that p ≡ 1 (mod 4).

Chapter 2. Modular Arithmetic in Z/mZ

118

9. Extending the definition of Z/pZ[x], we denote by Z/pZ[x, y] the ring of all polynomials in the two variables x and y with coefficients in Z/pZ. We may also write ⎧ ⎫ n ⎨

⎬ Z/pZ[x, y] = cj,k xj y k : such that n ∈ W, cj,k ∈ Z/pZ . ⎩ ⎭ j=0,k=0

Use Exercise 4 in Section 15 to show that in Z/pZ[x, y], (x + y)p = xp + y p . Is this statement weaker than, equivalent to, or stronger than Corollary 5? 10. Sum the series 1 + 22 + 333 + · · · + n(11 · · · 1/). , -. n

29

The order of an integer modulo m

We have looked at addition in Z/mZ and Z/pZ, which is pretty boring, and we have looked at multiplication, from which we got the ideas of units and zero-divisors. In Chapter 5 we will look closely at squaring in the field Z/pZ, and try to find rules about which elements of Z/pZ are perfect squares. Right now we want to look at the whole idea of raising to powers or exponentiation, and see if we can see some patterns. Let’s look at the powers of 1, 2, . . . , 22 in (Z/23Z)× : 1k = 1 always 2, 4, 8, 16, 9, 18, 13, 3, 6, 12, 1, then we repeat 3, 9, 4, 12, 13, 16, 2, 6, 18, 8, 1, then we repeat 4, 16, 18, 3, 12, 2, 8, 9, 13, 6, 1, then we repeat 5, 2, 10, 4, 20, 8, 17, 16, 11, 9, 22, 18, 21, 13, 19, 3, 15, 6, 7, 12, 14, 1, so we got all 22 units 6, 13, 9, 8, 2, 12, 3, 18, 16, 4, 1, then we repeat 7, 3, 21, 9, 17, 4, 5, 12, 15, 13, 22, 16, 20, 2, 14, 6, 19, 18, 11, 8, 10, 1, all 22 units 8, 18, 6, 2, 16, 13, 12, 4, 9, 3, 1, then we repeat 9, 12, 16, 6, 8, 3, 4, 13, 2, 18, 1, then we repeat 10, 8, 11, 18, 19, 6, 14, 2, 20, 16, 22, 13, 15, 12, 5, 4, 17, 9, 21, 3, 7, 1, all 22 units 11, 6, 20, 13, 5, 9, 7, 8, 19, 2, 22, 12, 17, 3, 10, 18, 14, 16, 15, 4, 21, 1, all 22 units 12, 6, 3, 13, 18, 9, 16, 8, 4, 2, 1, then we repeat 13, 8, 12, 18, 4, 6, 9, 2, 3, 16, 1, then we repeat 14, 12, 7, 6, 15, 3, 19, 12, 21, 18, 22, 9, 11, 16, 17, 8, 20, 4, 10, 2, 5, 1, all 22 units 15, 18, 17, 2, 7, 13, 11, 4, 14, 3, 22, 8, 5, 6, 21, 16, 10, 12, 19, 9, 20, 1, all 22 units 16, 3, 2, 9, 6, 4, 18, 12, 8, 13, 1, then we repeat 17, 13, 14, 8, 21, 12, 20, 18, 7, 4, 22, 6, 10, 9, 15, 2, 11, 3, 5, 16, 19, 1, all 22 units 18, 2, 13, 4, 3, 8, 6, 16, 12, 9, 1, then we repeat 19, 16, 5, 3, 11, 2, 15, 9, 10, 6, 22, 4, 7, 18, 20, 12, 21, 8, 14, 13, 17, 1, all 22 units 20, 9, 19, 12, 10, 16, 21, 6, 5, 8, 22, 3, 14, 4, 11, 13, 7, 2, 17, 18, 15, 1, all 22 units 21, 4, 15, 16, 14, 18, 10, 3, 17, 12, 22, 2, 19, 8, 7, 9, 5, 13, 20, 6, 11, 1, all 22 units 22, 1, then we repeat.

29. The order of an integer modulo m

119

What do you notice here? There are several observations one might make: • We always eventually repeat • We always repeat after we get 1 • We always repeat after 1, 2, 11, or 22 steps • If u · v = 1 then the steps are reversed for u and for v • At step 11, we either have 1 or −1; if we have −1, we get all the units • There are ten elements that generate all the units. Can we prove or explain any of these observations? Let’s see: it is clear that since we are staying inside (Z/23Z)× , which only has 22 elements, we must eventually repeat. Why don’t we repeat anywhere else besides 1? Well, suppose we do: suppose that for some a such that (a, p) = 1, we get ar ≡ as (mod p) for some positive integers r and s, and we may as well assume r < s. Then since a is a unit, we can cancel it from each side of the equation r times to get 1 ≡ as−r (mod p). Thus we always repeat 1 first. You can also see this by realizing that a0 = 1, so this is really the first power that can be repeated. In fact, this leads to a Definition 20 In Z/mZ where m ∈ N, the order (mod m) of a unit, a, is the smallest positive power of a that is congruent to 1 (mod m), if such a power exists. I.e., k is the order of a (mod m) if and only if • ak ≡ 1 (mod m) • an ≡ 1 (mod m) for any n such that 1 ≤ n < k We will sometimes write this as ordm (a) = k. If you get all the units by raising r to powers, we have a special name for r. Definition 21 An element r of the group of units (Z/mZ)× is a primitive root modulo m if {r k : k ∈ N} = (Z/mZ)× , that is, every unit in Z/mZ can be written as a positive power of r. Another way to say this is r ∈ (Z/mZ)× is a primitive root modulo m ⇐⇒ ordm (r) = ϕ(m) = #(Z/mZ)× .

Chapter 2. Modular Arithmetic in Z/mZ

120 Thus we have shown above that ord23 (a) = 1 ord23 (a) = 2 ord23 (a) = 11 ord23 (a) = 22

⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒

a=1 a = −1 a = 2, 3, 4, 6, 8, 9, 12, 13, 16, 18 a = 5, 7, 10, 11, 14, 15, 17, 19, 20, 21.

From these lists, we can also notice that in Z/23Z, we have (except for a = ±1) a is a primitive root modulo 23 ⇐⇒ −a is not a primitive root modulo 23 and a is a primitive root modulo 23 ⇐⇒ a−1 is a primitive root modulo 23. We will soon see how to generalize this. Let’s try another modulus to see if this holds true in general: in Z/19Z, we get 1k = 1 always; 2, 4, 8, 16, 13, 7, 14, 9, 18, 17, 15, 11, 3, 6, 12, 5, 10, 1, so we got all 18 units 3, 9, 8, 5, 15, 7, 2, 6, 18, 16, 10, 11, 14, 4, 12, 17, 13, 1, so we got all 18 units 4, 16, 7, 9, 17, 11, 6, 5, 1, then we repeat 5, 6, 11, 17, 9, 7, 16, 4, 1, then we repeat 6, 17, 7, 4, 5, 11, 9, 16, 1, then we repeat 7, 11, 1, then we repeat 8, 7, 18, 11, 12, 1, then we repeat 9, 5, 7, 6, 16, 11, 4, 17, 1, then we repeat 10, 5, 12, 6, 3, 11, 15, 17, 18, 9, 14, 7, 13, 16, 8, 4, 2, 1, all 18 units 11, 7, 1, then we repeat 12, 11, 18, 7, 8, 1, then we repeat 13, 17, 12, 4, 14, 11, 10, 16, 18, 6, 2, 7, 15, 5, 8, 9, 3, 1, all 18 units 14, 6, 8, 17, 10, 7, 3, 4, 18, 5, 13, 11, 2, 9, 12, 16, 15, 1, all 18 units 15, 16, 12, 9, 2, 11, 13, 5, 18, 4, 3, 7, 10, 17, 8, 6, 14, 1, all 18 units 16, 9, 11, 5, 4, 7, 17, 6, 1, then we repeat 17, 4, 11, 16, 6, 7, 5, 9, 1, then we repeat 18, 1, then we repeat. Thus we have that ord19 (a) = 1 ord19 (a) = 2 ord19 (a) = 3 ord19 (a) = 6 ord19 (a) = 9 ord19 (a) = 18

⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒

a=1 a = −1 a = 7, 11 a = 8, 12 a = 4, 5, 6, 9, 16, 17 a = 2, 3, 10, 13, 14, 15.

In Z/19Z, we have 2 · 10 = 3 · 13 = 4 · 5 = 6 · 16 = 7 · 11 = 8 · 12 = 9 · 17 = 14 · 15 = 1.

29. The order of an integer modulo m

121

We have only gathered data in the two rings Z/23Z and Z/19Z, but maybe we can conjecture that (for p a prime) • ordp (a) = 1 ⇐⇒ a = 1 • ordp (a) = 2 ⇐⇒ a = −1 • ordp (a) is always a divisor of p − 1 = ϕ(p) • a is a primitive root modulo p ⇐⇒ a−1 is a primitive root modulo p • a is a primitive root modulo p ⇐⇒ −a is not a primitive root modulo p (except for a = 1) • There are always ϕ(p − 1) primitive roots modulo p • In fact, there are always ϕ(k) elements of order k, as long as k|(p − 1). If k/|(p − 1), there are no elements of order k. If we prove the last fact, we will get the first three and the second-to-last fact for free! Also, we will have proved that for any prime p, we have

ϕ(k) = p − 1. k|p−1 k>0

This is just a special case of the formula

ϕ(d) = n

d|n, d>0

that was mentioned earlier, in Exercise 15 on page 115; in the exercises below we will suggest a second approach.

Exercises 1. Find ord31 (2), ord31 (3), ord31 (4), ord31 (5), and ord31 (6). 2. Find ord11 (a) for all a ∈ (Z/11Z)× . 3. Find ord13 (a) for all a ∈ (Z/13Z)× . 4. Find ord17 (a) for all a ∈ (Z/17Z)× . 5. Show that ordm (a) = s =⇒ ordm (ak ) = ds , where d = (k, s). 6. Show that for m ∈ N and a ∈ Z/mZ, ordm (a) exists ⇐⇒ (a, m) = 1. 7. Suppose p is prime, and ordp (a) = k. What can you say about ordp (a−1 )? about ordp (−a)? 8. Suppose m ∈ N, and ordm (a) = k. What can you say about ordm (a−1 )? about ordm (−a)?

Chapter 2. Modular Arithmetic in Z/mZ

122

9. For n ∈ N, define F (n) =

ϕ(d).

d|n, d>0

(a) Show that F (pk ) = pk for any prime p and k ∈ N. (b) Use Exercise 10(e) in Section 9 (page 38) to conclude that F (n) = n for all n ∈ N.

30

Divisibility tests

Now we want to look at one of the uses of congruences: divisibility tests. Classically, there are tests for divisibility by 2, 4, 8, 3, 5, 25, 9, 11, and all other powers of 2 and 5. They are consequences of • 10 = 2 · 5 • 10k = 2k · 5k • 10 = 9 + 1 • 10 = 32 + 1 • 10 = 11 − 1. Suppose we have a large number, n, and we want to know how (or whether) it factors. We all know the test for evenness—look at the last digit. This works because if n has m + 1 decimal digits, so n can be written as n = am am−1 am−2 · · · a3 a2 a1 a0 , then we have m

ak 10k , n = am am−1 am−2 · · · a3 a2 a1 a0 = k=0

so n=

m

ak 10k ≡ a0 (mod 2).

k=0

Similarly, since 10 ≡ 0 (mod 4) for all k ≥ 2, we need only look at the last two digits to check for divisibility by 4. And in fact one can look at just the last t digits to check for divisibility by 2t . In exactly the same way, one need only look at the last digit to check divisibility by 5, the last two digits for divisibility by 25, the last t digits to check for divisibility by 5t , since 10k ≡ 0 (mod 5t ) for all k ≥ t. So we can tell at a glance that 5|43562364029643640 but 25/|43562364029643640, while just a little more work will show us that 43562364029643640 is divisible by 2, 4, and 8, but not by 16. k

What about the test for 9? Do you know it? We have 10k ≡ 1k ≡ 1 (mod 9) for all k, so n=

m

k=0

ak 10k ≡

m

k=0

ak = a0 + a1 + a2 + · · · + am (mod 9);

30. Divisibility tests

123

i.e., just add up the digits. This can be done again and again: to check 614302945982634, we get 614302945982634 ≡ 6+1+4+3+0+2+9+4+5+9+8+2+6+3+4 = 66 ≡ 6+6 = 12 ≡ 1+2 = 3 (mod 9) so 9/|614302945982634. Similarly, we have 10k ≡ 1k ≡ 1 (mod 3) for all k, so adding up the digits works for 3 as well as for 9. We have shown above that 3|614302945982634. What is the test for 11? Do you know it? Since 10k ≡ (−1)k (mod 11) for all k, we can alternately add and subtract digits to check for divisibility by 11: n=

m

ak 10k ≡

k=0

m

(−1)k ak = a0 − a1 + a2 − · · · + (−1)m am (mod 11).

k=0

Thus we get 614302945982634 ≡ 4 − 3 + 6 − 2 + 8 − 9 + 5 − 4 + 9 − 2 + 0 − 3 + 4 − 1 + 6 = 18 ≡ 8 − 1 = 7 (mod 11) so 11/|614302945982634. If all we care about is does 11|n?, we can reverse the order and subtract from left to right the way we read: since m|a ⇐⇒ m|(−a) ⇐⇒ a ≡ 0 (mod m), we don’t care about the sign of the answer, only whether or not we get zero. So you may subtract in either direction, so long as you alternate. These tests allow us to test for divisibility by all the primes less than 13, except for 7. What do we do to test for divisibility by 7? Of course we can do long division, which is not terribly hard if we know our sevens table well. Does 7|43562364029643640? It should not take you long to say no, and you might even see that the remainder on division by 7 is 6 (and the quotient is 6223194871377662). Can we speed up this process? I will suggest three possibilities. First, notice that 21 ≡ 0 (mod 7) =⇒ 1 ≡ −2 · 10 (mod 7). Thus, starting with n = 614302945982634, we get 614302945982634 = 614302945982630 + 4 ≡ 614302945982630 + (−80) (mod 7). If all we care about is divisibility (or not), then 7|614302945982634 ⇐⇒ 7|(614302945982630 + (−80)) ⇐⇒ 7|61430294598263 + (−8) = 61430294598260 + (−5), and so we can proceed iteratively by taking −2 times the units digit, adding that to the tens digit (and lopping off the 0 at the end), and keeping track of the resulting ones digit, which we can adjust by a multiple of 7 if that makes it easier to keep track. Thus the successive ones digits for n = 614302945982634 would be 4, −5 ≡ 2

Chapter 2. Modular Arithmetic in Z/mZ

124

(mod 7), 2, −2, 12 ≡ −2 (mod 7), 13 ≡ −1 (mod 7), 7 ≡ 0 (mod 7), 4, 1, 0, 0, 3, −2, 5 ≡ −2 (mod 7), and 10 ≡ 0 (mod 7), and we are done, so 7/|614302945982634. As another test, we could try n = 43562364029643641, which we know from the last paragraph is divisible by 7. Again keeping track of the units digit, we get 1, 2, 2, −1, 6 ≡ −1 (mod 7), 8 ≡ 1 (mod 7), 7 ≡ 0 (mod 7), 2, −4 ≡ 3 (mod 7), −2, 10 ≡ 3 (mod 7), −3, 8 ≡ 1 (mod 7), 4, −3, 9 ≡ 2 (mod 7), and 0, which indicates that, as expected, 7|43562364029643641. It takes getting used to, but I’d say this method is somewhat faster (and less error-prone) than trial division by 7, though of course one does not get the remainder (or the quotient) (mod 7), just a yes or no answer to divisibility. Alternatively, we might note that 1 ≡ 5 · 10 (mod 7). We can thus calculate in a manner similar to above, but use +5 as our multiplier rather than −2. That is, we we can proceed iteratively by taking 5 times the units digit, adding that to the tens digit (and lopping off the 0 at the end), and keeping track of the resulting ones digit. The calculation for n = 614302945982634 would be 4, 23 ≡ 2 (mod 7), 16 ≡ 2 (mod 7), 12 ≡ 5 (mod 7), 33 ≡ 5 (mod 7), 34 ≡ 6 (mod 7), 35 ≡ 0 (mod 7), 4, 29 ≡ 1 (mod 7), 7 ≡ 0 (mod 7), 0, 3, 19 ≡ 5 (mod 7), 26 ≡ 5 (mod 7), and 31 ≡ 0 (mod 7), so 7/|614302945982634. The intermediate results are the same (mod 7) as the results obtained above. All the calculations involve non-negative integers, but we deal with larger integers, on average. Which method is best is a matter of taste; they are essentially the same calculation. In a similar vein, we might try using the fact that

98 ≡ 0 (mod 7) =⇒ 100 ≡ 2 (mod 7).

This avoids the negative signs, but we have to deal with two digits at a time. If we test the integer 860706209262639264 for divisibility by 7, we get (note that 26 ≡ 1 (mod 7) by Fermat’s little theorem)

860706209262639264 = ≡ ≡ ≡ ≡

86 · 1008 + 7 · 1007 + 6 · 1006 + 20 · 1005 + 92 · 1004 + 62 · 1003 + 63 · 1002 + 92 · 100 + 64 8 86 · 2 + 7 · 27 + 6 · 26 + 20 · 25 + 92 · 24 + 62 · 23 + 63 · 22 + 92 · 2 + 64 (mod 7) 2 · 22 + 0 · 2 + 6 · 1 + 6 · 4 + 1 · 2 + 6 · 1 + 0 · 4 + 1 · 2 + 1 (mod 7) 49 (mod 7) 0 (mod 7),

using the fact that the powers of 2 (mod 7) are 2, 4, 1, 2, 4, 1, . . . . As another example, we know from above that 43562364029643640 ≡ 6 (mod 7); can we confirm

30. Divisibility tests

125

this? The calculation is 43562364029643640 = = ≡ ≡

4 · 1008 + 35 · 1007 + 62 · 1006 + 36 · 1005 + 40 · 1004 + 29 · 1003 + 64 · 1002 + 36 · 100 + 40 4·4+0·2+6·1+1·4+5·2+1·1+1·4+1·2+5 48 (mod 7) 6 (mod 7),

as expected. One final test relies on the interesting numerical happenstance that 1001 = 7·11·13. Thus we can test for the three primes 7, 11, and 13 by setting 1000 equal to −1. Starting with the number n = 87640660954693, we get 87640660954693 = 87 · 10004 + 640 · 10003 + 660 · 10002 + 954 · 1000 + 693 ≡ 87 · (−1)4 + 640 · (−1)3 + 660 · (−1)2 + 954 · (−1) + 693 (mod 1001) ≡ 87 − 640 + 660 − 954 + 693 (mod 1001) ≡ −154 (mod 1001).

It is then very easy to see that 7|87640660954693,

11|87640660954693,

and

13/|87640660954693,

and in fact 87640660954693 ≡ 2 (mod 13).

Exercises 1. Test n = 25083587439645 for divisibility by (a) 5 (b) 25 (c) 3 (d) 9 (e) 11 (f) 7 (g) 13. 2. Find the remainder when m = 6666666666 is divided by (a) 4 (b) 8 (c) 16 (d) 3

Chapter 2. Modular Arithmetic in Z/mZ

126 (e) 9 (f) 11 (g) 7 (h) 13.

3. Find the remainder when k = 7777777777 is divided by (a) 25 (b) 8 (c) 3 (d) 9 (e) 11 (f) 7 (g) 13. 4. Factor 2155140 into primes. You may want to use Table 10 that starts on page 226. 5. Factor 6629589316350 into primes. You may want to use Table 10 that starts on page 226. 6. Use the four methods given in the text to test whether 7 divides 309346530823754. Which method is easiest? 7. To test divisibility by 7, we used the fact that 7|21 =⇒ 1 ≡ −2 · 10 (mod 7). (a) Write your own test for divisibility by 19, based on 1 ≡ 2 · 10 (mod 19). (b) Use your test to see if 19|6474984387639. (c) Use your test to see if 19|6274976398438. (d) Use your test to see if 19|9367884874726. 8. To test divisibility by 7, we used the fact that 7|21 =⇒ 1 ≡ −2 · 10 (mod 7). (a) Write your own test for divisibility by 37, based on 1 ≡ 1000 (mod 37). (b) Use your test to see if 37|940973429245965. (c) Use your test to see if 37|2853450843793482. (d) Use your test to see if 37|135393678348745365.

Chapter 3

Quadratic Extensions of the √ Integers, Z[ d] If Chapter Two represented a zoom in to look at smaller, simpler rings than Z, then this chapter will represent more of a zoom out as we situate Z inside some √ other rings, mostly the Gaussian integers Z[i], but also other rings of the form Z[ d] (for a square-free integer d). By seeing how these rings are similar to, and different from, the ring of integers Z, we hope to learn more about both of these objects of study. For example, you have most likely seen and used the fundamental theorem of arithmetic so often that you probably don’t find its statement very interesting nor its proof very illuminating. But by repeating this argument (rather, making analogous arguments) in a less familiar setting, I hope that you will see the power of unique factorization; and by seeing how it can fail, we see what an important fact it is about the ring Z.

31

Divisibility in Z[i]

In Z, to prove that we have unique factorization into primes, we needed the wellordering principle and the fact that for integers a and b with (a, b) = d, we have d = ax + by for some integers x and y. This was proved via the Euclidean algorithm, using the amazing array to undo the continued fraction for ab . Our norm function, N , (or its absolute value) will give √ us a way to use the well-ordering principle, since the norm of an element in Z[ d] is in some sense a measure the Euclidean algorithm? Will √ √ of its size. What about this work in Z[i]? in Z[ 2]? in other rings Z[ d]? 127

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

128

Let’s try to find the GCD of −23 − i and 2 + 5i. Notice that N (−23 − i) = 530 and N (2 + 5i) = 29. We calculate: −23 − i = (2 + 5i)(−2 + 4i) + (1 + i) 2 + 5i = (1 + i)(3 + 2i) + 1 1 + i = 1(1 + i) + 0 so it works—we think the GCD of −23 − i and 2 + 5i is 1 and they are relatively prime. If 2 + 5i = (z1 )(z2 ) then by taking norms we get 29 = N (z1 )N (z2 ) so N (z1 ) = 1 or N (z2 ) = 1 so one of them is a unit. Thus 2 + 5i acts like a prime in Z[i], since any factorization must have one factor being a unit. What could (−23 − i, 2 + 5i) be? It must divide 2 + 5i so it must be 2 + 5i or 1, right? But if it is 2 + 5i, then (2 + 5i)|(−23 − i) so −23 − i = (2 + 5i)z for some Gaussian integer z, and then by taking norms we get 530 = 29 · N (z) so 29|530 and this is false! So we can use the norm function to prove that the two Gaussian integers are relatively prime, just as we found from the Euclidean algorithm. We need some preliminaries before we generalize this. Recall the definition of a prime in any ring R: Definition 22 In a ring R, an element p that is not a unit is called prime if p = a · b =⇒ a or b is a unit. Proposition 22 If N (z) is a prime in Z, then z is prime in Z[i]. Proof . Just as we did above, suppose N (z) is prime and suppose z factors in Z[i] as z = a · b. Then we have N (z) = N (a)N (b) so either N (a) or N (b) is a unit in Z. But norms in Z[i] are non-negative, so we must have N (a) = 1 or N (b) = 1. Thus either a or b is a unit.

The converse of this theorem is false; for instance we will prove soon that 3 is a prime in Z[i], but it certainly not true that N (3) = 9 is a prime in Z. Following Exercise 7 in Section 7, we have Definition 23 For Gaussian integers a and b, we write a|b if there is a Gaussian integer c such that b = a · c. We immediately get a|b =⇒ b = a · c =⇒ N (b) = N (a)N (c) =⇒ N (a)|N (b).

31. Divisibility in Z[i]

129

You should think about whether the converse is true: does N (a)|N (b) =⇒ a|b? All the properties of divisibility still hold (compare Proposition 23 to Proposition 3 in Section 7), sometimes modified as follows: Proposition 23 For a, b, c, and d in Z[i], 1. a|0, 1|a, and a|a for all a ∈ Z[i] 2. a|1 ⇐⇒ a is a unit ⇐⇒ N (a) = 1 ⇐⇒ a = ±1 or ±i 3. a|b and b|c =⇒ a|c 4. a|b and b|a ⇐⇒ a = (unit)b ⇐⇒ a = ±b or a = ±ib 5. a|b and c|d =⇒ ac|bd 6. a|b and b = 0 =⇒ N (a) ≤ N (b) 7. a|b and a|c =⇒ a|(bx + cy) for any Gaussian integers x and y.

Proof . The proofs of 1, 3, 5, and 7 are exactly like their analogs in Z, since all that was used there were closure, the distributive property, the definition of divisibility, etc.; facts that are true in any ring. The proofs of 2, 4, and 6 are left to the reader.

Exercises 1. (a) Show that 3, 7, and 107 are primes in Z[i]. (b) Conjecture a rule for which prime integers are prime in Z[i]. 2. Is 6 + 7i a prime in Z[i]? You will need to either factor this Gaussian integer (to show the answer is no) or give an argument as to why it cannot be factored (to show the answer is yes). 3. Prove part 2 of Proposition 23. 4. Prove part 4 of Proposition 23. 5. Prove part 6 of Proposition 23. 6. Prove that, just like Z, Z[i] has no zero divisors. 7. Show that if (N (z), N (w)) = 1, then z and w ∈ Z[i] are relatively prime. 8. Calculate (2 − i)(3 − 3i) + (9 + 2i)(i). Use this to show that 2 − i and 9 + 2i are relatively prime. Note that this shows the converse of Exercise 7 is false.

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

130

32

The Euclidean algorithm in Z[i]

What is (60, 34)? It’s 2, remember. Why? Because 2|60 and 2|34, so 2 is a common divisor; and if c|60 and c|34 so that c is also a common divisor, we must also have c|2. But the above also holds for −2; we write (60, 34) = 2 only because we always want our GCDs to be positive. Without that condition, we could write, say, (60, 34) = ±2 = (unit)2. Earlier, we had −23 − i = (2 + 5i)(−2 + 4i) + (1 + i) 2 + 5i = (1 + i)(3 + 2i) + 1 1 + i = 1(1 + i) + 0 but the last two steps could have easily been 2 + 5i = (1 + i)(4 + i) + (−1) 1 + i = −1(−1 − i) + 0 2 + 5i = (1 + i)(3 + i) + i 1 + i = i(1 − i) + 0

or

or

2 + 5i = (1 + i)(4 + 2i) + (−i) 1 + i = −i(−1 + i) + 0 So we could have ended with a GCD of any unit. How did I find the correct quotients, especially in the step −23 − i = (2 + 5i)(−2 + 4i) + (1 + i)? Think about the modified division algorithm in Section 13, where we divide and choose the nearest integer as the quotient, rather than always rounding down as we did originally. We can do the same here: we divide and choose the nearest Gaussian integer! Let’s see: −23 − i −51 113 −23 − i 2 − 5i −51 + 113i = = · = + i ≈ −1.76 + 3.89i. 2 2 2 + 5i 2 + 5i 2 − 5i 2 +5 29 29 Now you can see why I chose −2 + 4i as the correct multiplier to use: it was the nearest Gaussian integer to the fraction above (which is in the field Q[i]). When we try this for the next step we get 2 + 5i 2 + 5i 1 − i 7 + 3i 7 3 = · = 2 = + i = 3.5 + 1.5i, 1+i 1+i 1−i 1 + 12 2 2 and it isn’t clear what to choose, since the Gaussian integers 4 + 2i, 4 + i, 3 + 2i, and 3 + i are all the same distance away. That’s why we have a choice as to what the GCD is. What we get, in general, is a + bi ac + bd bc − ad a + bi c − di (ac + bd) + (bc − ad)i = 2 + 2 i = · = c + di c + di c − di c2 + d2 c + d2 c + d2 = (q1 + q2 i) + ( 1 + 2 i)

32. The Euclidean algorithm in Z[i]

131

where q1 + q2 i is a Gaussian integer and 1 + 2 i isn’t, but we have that 1 and 2 are fractions with | 1 | ≤ 12 and | 2 | ≤ 12 . Then a + bi = (c + di)(q1 + q2 i) + (c + di)( 1 + 2 i) and the remainder, (c + di)( 1 + 2 i), must be a Gaussian integer since it is also a + bi − (c + di)(q1 + q2 i). We also have N (remainder)

= N ((c + di)( 1 + 2 i)) = N (c + di)N ( 1 + 2 i) = (c2 + d2 )(( 1 )2 + ( 2 )2 )   1 1 2 2 ≤ (c + d ) + 4 4 1 N (c + di). = 2

We have just proved that we have a division algorithm, and hence a Euclidean algorithm, for Z[i]—therefore, we should be able to prove that Z[i] has unique factorization also! Proposition 24 If z and w = 0 are in Z[i], then there are Gaussian integers q = q1 + q2 i and r = r1 + r2 i (not necessarily unique), with z =w·q+r and 0 ≤ N (r) ≤ 12 N (w). Let’s look at the situation geometrically, which will provide a different proof of this very important proposition. We will draw Z[i] as a lattice in two dimensions, where the Gaussian integer a+bi is graphed as the point (a, b); thus we have identified the usual plane R2 as the complex plane C, and then we see that Z[i] is a discrete subset of that plane. The word “discrete” is often contrasted with the word “continuous” in mathematics, but I would like instead to contrast discrete with dense. The rational numbers, Q, are said to be dense in R, by which we mean that in any small neighborhood (or open interval (c, d) ⊆ R), there exists at least one element of Q (and thus an infinite number of them). You may or may not have seen that idea in another class. Thus Q may be thought of as appearing almost everywhere in R (though if you know the difference between countable and uncountable you know that there is still a wide gap between Q and R). By contrast, when we think of Z as a subset of the real line R, we see that for each z ∈ Z, there exists a neighborhood (z − h, z + h) such that no other element of Z (besides z itself) lies within this interval. So in some sense Z appears hardly anywhere in R. That is the intuitive sense of discrete. Now when we thought about the usual (or the modified) division algorithm geometrically, we first thought about all the integer multiples of the integer b. The integer we were trying to divide, a, could be found between two of them, etc. So our first step now is to think about all the multiples of w by all other Gaussian integers. As before, multiplication by an integer simply increases the distance from the origin, perhaps with a flip if the integer multiplier is negative. But what does

132

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

multiplication by i, or by −4i, or by 3 − 6i, do? Well, multiplying a + bi by i gives −b + ai, and a little experimentation should convince you that what happens is that multiplication by i corresponds to rotation by 90◦ counterclockwise. Some more experimentation with multiplication will show that all the multiples of w form a square sublattice of Z[i]; see Figure 7.

Figure 7: Multiples of 3 − 5i in Z[i] All multiples of w = c + di form a lattice, so in general z = a + bi will fall inside one of the squares making up this sublattice, and thus z will be between four multiples of w, namely the four corners of the square in which z resides. Hence we can write z = a + bi as a multiple of c + di plus a remainder that will make up the difference between z and the closest (or most convenient) corner of this square. Hence we get N (remainder)

= (length of remainder)2 2 √ 2 length of side ≤ 2 = =

1 2 (length of side) 2 1 N (w). 2

The picture for the division we did on page 130 looks like Figure 8. This completes a second proof that the ring Z[i] has a division algorithm. The fact that the norm decreases at each step (and is a positive integer) immediately implies that Z[i] has a Euclidean algorithm, which will end in a finite number of steps, and thus the final non-zero remainder will be a common divisor, d, of z and w, and by reversing the algebra of the Euclidean algorithm (perhaps by using the

32. The Euclidean algorithm in Z[i]

133

Figure 8: Dividing −23 − i by 2 + 5i in Z[i] (see page 130) amazing array?), we know that we can write d as a linear combination of z and w: d = rz + sw for some Gaussian integers r and s. Does that imply that d is a GCD? In fact, how do we make sense of or define the GCD in Z[i]? Recall our old definition of the GCD in Z: d = (a, b) means • d ≥ 0, and d = 0 ⇐⇒ a = b = 0 • d|a and d|b • if c|a and c|b, then c|d. We can’t use the first condition since there is no easy way to order the Gaussian integers. What we will do is just to give up the idea of having a unique GCD. We need the following definition, which deals with the slipperiness of Gaussian integers.

Definition 24 In a ring R, a and b are said to be associates if a = bu where u is a unit in R. We write a ∼ b. Thus, in Z, a ∼ b ⇐⇒ a = ±b. In Z[i], a ∼ b ⇐⇒ a = ±b or a = ±ib. We also have

Proposition 25 In any ring R, 1. a ∼ a for all a ∈ R 2. a ∼ b ⇐⇒ b ∼ a 3. a ∼ b and b ∼ c =⇒ a ∼ c.

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

134

Thus being associates is an example of an equivalence relation. Notice that a ∼ 1 ⇐⇒ a = 1 · (unit) ⇐⇒ a is a unit. We will often write “a ∼ 1” instead of “a is a unit” from now on. Another way to characterize this equivalence relation is Proposition 26 In a ring with no zero-divisors, R, a ∼ b ⇐⇒ (a|b and b|a). Definition 25 In Z[i], the GCD of two numbers is defined (by the Euclidean algorithm as modified for Z[i] above) only up to associates. For z, w ∈ Z[i], we write (z, w) ∼ d if d is a Gaussian integer such that • d|z and d|w • if c|z and c|w, then c|d. Thus we proved earlier that (−23 − i, 2 + 5i) ∼ 1. As in Z, having only trivial common divisors means that two Gaussian integers will be called relatively prime. Definition 26 Elements z and w are relatively prime in Z[i] if (z, w) ∼ 1 (i.e., the only common divisors of z and w are the units).

Exercises 1. Prove part 1 of Proposition 25. 2. Prove part 2 of Proposition 25. 3. Prove part 3 of Proposition 25. 4. Prove Proposition 26. 5. Note that 4 + 3i ∼ 3 + 4i, but 4 + 3i ∼ 3 − 4i. Is it always true that N (z) = N (w) =⇒ (z ∼ w)

or

(z ∼ w)?

6. Use the Euclidean algorithm in Z[i] to find d ∼ (1 + 2i, 9 − 12i). Use the amazing array to solve (1 + 2i)u + (9 − 12i)v = d for u and v ∈ Z[i]. 7. Use the Euclidean algorithm in Z[i] to find d ∼ (3 − 4i, 15 + 5i). Use the amazing array to solve (3 − 4i)u + (15 + 5i)v = d for u and v ∈ Z[i]. 8. Let z, w, and d be Gaussian integers, with (z, w) ∼ d. Mimic the proof of Proposition 4 on page 34 and prove that there exist Gaussian integers u and v such that zu + wv = d.

33. Unique factorization in Z[i]

33

135

Unique factorization in Z[i]

Theorem 17 (Unique Factorization in Z[i]) Any Gaussian integer z that is not zero and not a unit can be written as z = upe11 pe22 pe33 . . . perr or

r e

z ∼ pe11 pe22 pe33 . . . perr =

pj j j=1

where u is a unit and the pj are distinct primes in Z[i]. This representation is unique in the sense that if s

z = vq1f1 q2f2 q3f3 . . . qsfs ∼

qkfk k=1

with v a unit and the qj primes in Z[i], then we have • r=s • For each j, there is a k for which pj ∼ qk and ej = fk . In fact we could reword the fundamental theorem of arithmetic exactly this way: any integer n ∈ Z can be written as n ∼ pe11 pe22 pe33 . . . perr where the pj are distinct integer primes (not necessarily positive), and this representation is unique in the sense that if s

n = vq1f1 q2f2 q3f3 . . . qsfs ∼

qkfk j=1

with v a unit in Z and the qj ’s primes in Z, then we have • r=s • For each j, there is a k such that pj ∼ qk and ej = fk . We prove the theorem exactly the same way we proved the theorem in Z: First we see that if (a, b) ∼ d then d = ax + by

for some x, y in Z[i].

This comes from the Euclidean algorithm, exactly as before (recall that you can use the amazing array to find x and y). Next we prove the (reworded) prime theorem and Euclid’s lemma: Theorem 18 (Prime Theorem in Z[i]) For p a prime in Z[i] and Gaussian integers a and b, p|ab =⇒ p|a or p|b.

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

136

Theorem 19 (Euclid’s Lemma) For Gaussian integers a, b, and c, c|ab

and

(a, c) ∼ 1 =⇒ c|b.

Then we write down the same lemmas as before: Lemma 8 For p a prime in Z[i] and Gaussian integers ai , we have p|a1 a2 a3 · · · an =⇒ p|aj

for some j, 1 ≤ j ≤ n.

Lemma 9 If p and all qi are prime in Z[i], then we have p|q1 q2 q3 · · · qn =⇒ p ∼ qj

for some j, 1 ≤ j ≤ n.

The proofs of Lemmas 8 and 9 are left to the reader. Lemma 10 Any z in Z[i] that is not zero and not a unit has a factorization into primes: we can write z ∼ p1 p2 p3 · · · pr where the pi are primes in Z[i].

Proof . Let S = {z ∈ Z[i] : z = 0, z is not a unit, and z has no such factorization} and assume S is non-empty. Then choose an element of smallest norm (the wellordering principle insures there is such an element, but it may not be unique). Call this smallest element s. We know s is not prime, so we must have s = z · w, where neither z nor w is a unit. Thus N (z) > 1 and N (w) > 1, so we have 1 < N (z), N (w) < N (s). Thus z and w have factorizations into primes, say z ∼ p1 p2 p3 · · · ps and w ∼ q1 q2 q3 · · · qt , so s = z · w ∼ p1 p2 p3 · · · ps q1 q2 q3 · · · qt does also. This contradiction shows us that S is indeed empty.

We thus have only to prove the uniqueness of the factorization. Let S = {z ∈ Z[i] : z = 0, z is not a unit, and z has more than one such factorization} and assume S is non-empty. Then we may choose an element of S with the smallest norm (there may be choice involved in choosing it, but the smallest norm represented by elements of S exists, by the well-ordering principle), call it s, so we have at least two factorizations of s: s ∼ pe11 pe22 pe33 . . . perr ∼ q1f1 q2f2 q3f3 . . . qsfs and we have p1 |q1f1 q2f2 q3f3 . . . qsfs =⇒ p1 ∼ qk for some k, by Lemma 9. If ps1 ∼ 1, we have s ∼ p1 ∼ qk and the factorization must be unique. Otherwise, we have

33. Unique factorization in Z[i]

137

  that ps1 is a Gaussian integer that is not a unit, and 1 < N ps1 < N (s), so the unique factorization s ∼ p1e1 −1 pe22 pe33 . . . perr ∼ q1f1 q2f2 q3f3 . . . qkfk −1 · · · qsfs p1

s p1

has

so we must have e1 = fk , r = s, and for each j, there is a k with pj ∼ qk and ej = fk . But then the two factorizations of s are not different. This contradiction shows that S is empty, and the theorem is proved.

Exercises 1. Let d ∼ (3 + 5i, 7 − 6i). (a) Find d. (b) Solve (3 + 5i)(z + wi) + (7 − 6i)(x + yi) = d. 2. Let d ∼ (3 + 4i, 4 + 3i). (a) Find d. (b) Solve (3 + 4i)(z + wi) + (4 + 3i)(x + yi) = d. 3. Let d ∼ (6 − 57i, 14 + 29i). (a) Find d. (b) Solve (6 − 57i)(z + wi) + (14 + 29i)(x + yi) = d. 4. Prove Lemma 8 on page 136. 5. Prove Lemma 9 on page 136. 6. (Compare this to Exercise 7 on page 67.) Given Gaussian integers z, w, and v, which have factorizations z ∼ pe11 pe22 pe33 · · · pekk

f

w ∼ q1f1 q2f2 q3f3 · · · qj j

v ∼ r1g1 r2g2 r3g3 · · · rtgt ,

where all the ps qs, and rs are prime Gaussian integers, how do you determine (using the factorizations above) if (a) z|w? (b) (z, w) ∼ 1? (c) (z, w) ∼ v? (d) [z, w] ∼ v (where [a, b] is a least common multiple of a and b, as defined by you in analogy with Exercise 6 in Section 8)? (e) z is a perfect square? (That is, z = u2 for some Gaussian integer u.) (f) z is a perfect cube? (g) z is a perfect mth power? (That is, z = um for some Gaussian integer u and some positive integer m.) (h) z · w = v? 7. Prove Theorem 18 on page 135. 8. Prove Theorem 19 on page 136.

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

138

34

√ The structure of Z[ 2]

Recall that

√ √ Z[ 2] = {a + b 2 ∈ R : a, b ∈ Z} √ √ √ 2 2 and we have the norm √ function N (a + b 2) = (a + b 2)(a − b 2) = a − 2b . Unlike in Z[i], in Z[ 2] the norm may be negative. √ √ Proposition 27 u = a + b 2 is a unit in Z[ 2] ⇐⇒ N (u) = a2 − 2b2 = ±1. √ Proof . If u is a unit, then there is a u−1 in Z[ 2] such that u · u−1 = 1. Then we get √ N (u)N (u−1 ) = N (u · u−1 ) = N (1) = N (1 + 0 2) = 12 − 2 · 02 = 1 so N (u) is a unit in Z, hence N (u) = ±1. √ √ √ √ If N (a + b √ 2) = 1, then (a √ + b 2)(a − b 2) =√1 so u =√a + b 2 is a unit, with √ = −1, then (a√+ b 2)(a − b 2) = −1 so u = a + b 2 inverse a − b 2. If N (a + b 2)√ is a unit, with inverse −(a − b 2) = −a + b 2. √ It is straightforward to show that 2 = [1, 2]. This gives the following amazing array, with an added row for the values of Pn2 − 2Q2n :

0 1 1 0 Pn2 − 2Q2n

1 1 1 −1

2 3 2 1

2 7 5 −1

2 17 12 1

2 41 29 −1

2 99 70 1

2 239 169 −1

2 577 408 1

2 1393 985 −1

··· ··· ··· ···

There seems to be a pattern to the Qn ; can you see it? The sum of the nth column is always Qn+1 : for n ≥ 1, we have Pn + Qn = Qn+1 . Also, with a little more effort we can find a pattern for the Pn : Pn = Qn + Qn−1 for n ≥ 1. Can we prove these assertions? What are the rules for constructing the Pn and Qn ? They are n ≥ 2 =⇒ Pn = 2Pn−1 + Pn−2

and Qn = 2Qn−1 + Qn−2

and we have verified (by eye) that these formulas hold for 1 ≤ n ≤ 8. That is more than adequate for a base case to do induction: let’s assume the formulas are true for n = 1, 2, 3, . . . , k and let’s try to prove them for n = k + 1: we have Qk+1

= = = =

2Qk + Qk−1 2(Pk−1 + Qk−1 ) + (Pk−2 + Qk−2 ) 2Pk−1 + Pk−2 + 2Qk−1 + Qk−2 Pk + Qk

√ 34. The structure of Z[ 2]

139

and the first formula is proved for all n ≥ 1. As for the second formula, we assume Pn = Qn + Qn−1 for all n = 1, 2, 3, . . . , k, and try to prove it for n = k + 1: Pk+1

= = = =

2Pk + Pk−1 2(Qk + Qk−1 ) + (Qk−1 + Qk−2 ) (2Qk + Qk−1 ) + (2Qk−1 + Qk−2 ) Qk+1 + Qk

and the formula is proved for all n ≥ 1. Also,

√ 2 √ 2) = 3 + 2 2 √ √ √ √ (1 + 2)3 = 3 + 2 2 + 3 2 + 4 = 7 + 5 2 √ √ √ (1 + 2)4 = 9 + 8 + 12 2 = 17 + 12 2. √ √ We conjecture that (1 + 2)n+1 = Pn + Qn 2. We have just checked that the equation is true for n = 0, 1, 2, and 3, so we may assume it is true for 0 ≤ n ≤ k and try to prove it for n = k + 1: √ √ √ (1 + 2)k+2 = (1 + 2)k+1 (1 + 2) √ √ = (Pk + Qk 2)(1 + 2) √ = (Pk + 2Qk ) + (Pk + Qk ) 2 √ = (Pk + Qk + Qk ) + Qk+1 2 √ = (Qk+1 + Qk ) + Qk+1 2 √ = Pk+1 + Qk+1 2 √ and the formula is proved for all√ n ≥ 0. So these units are all powers of 1 + 2, the fundamental unit of the ring Z[ 2]! Also, √ their inverses must √ be negative powers √ of 1 + 2, and so are all the units −(1 + 2)n = −Pn − Qn 2. We hope that these are all the units. Can we prove this? See Exercise 5. (1 +

√ √ Proposition 28 For u = a + b 2 in Z[ 2], we have √ N (u) = ±1 ⇐⇒ u is a unit ⇐⇒ u = ±(1 + 2)n for some integer n. √ In other words, the group of units in Z[ 2] is √ √ (Z[ 2])× = {±(1 + 2)n , n ∈ Z}. This proposition generalizes as follows. Theorem 20 Let d be a positive, square-free integer. Form the amazing array for √ Ps d, and let be the first convergent for which Pk2 − dQ2k = ±1. Then the group Q√s of units in Z[ d] is √ √ (Z[ d])× = {±(Ps + Qs d)n , n ∈ Z}. √ Furthermore, if the √ continued fraction for√ d has period t, then√the fundamental unit is Pt−1 + Qt−1 d, and (Pt−1 + Qt−1 d)n = Ptn−1 + Qtn−1 d for all n ∈ N.

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

140

For a proof of almost all of this, see Project J. The proof of the rest is beyond the scope of this book.

Exercises 1. Show that every column of the amazing √ array for the continued fraction ex√ pansion√of 5 represents a unit in Z[ 5]. Are these√ units all of the form ±(a + b 5)n , n ∈ Z, for some fundamental unit a + b 5? √ √ in Z[ 2], and noticing the 2. Find units in Z[ 3], recalling how we found √ them n differences. √ Are they all of the form ±(a+b 3) , n ∈ Z, for some fundamental unit a + b 3? √ √ in Z[ 2], and noticing the 3. Find units in Z[ 7], recalling how we found √ them n differences. √ Are they all of the form ±(a+b 7) , n ∈ Z, for some fundamental unit a + b 7? √ √ 2], and noticing 4. Find units in Z[ 13], recalling how we found them √ in Z[ n 13) , n ∈ Z, for some the differences. Are they all of the form ±(a + b √ fundamental unit a + b 13? √ √ 5. Prove that every unit in Z[ 2] is of the form ±(1 + 2)n for some integer n. (This completes the proof of Proposition 28.)

35

√ The Euclidean algorithm in Z[ d]

√ Let’s try the Euclidean algorithm in Z[ d]: √ √ √ a+b d a+b d c−e d √ √ · √ = c+e d c+e d c−e d √ (ac − bde) + (bc − ae) d = c2 − de2 ac − bde bc − ae √ = + d c2 − de2 c2 − de2 √ √ = (q1 + q2 d) + ( 1 + 2 d), √ √ √ √ where q1 + q2 d is in Z[ d] and 1 + 2 d ∈ Q[ d], and 1 and 2 are fractions with | 1 | ≤ 12 and | 2 | ≤ 12 . Then √ √ √ √ √ a + b d = (c + e d)(q1 + q2 d) + (c + e d)( 1 + 2 d) √ √ and √ remainder, √ (c + e d)(

√ 1 + 2 d), must be in the ring √ despite appearances the Z[ d] since it is also a + b d − (c + e d)(q1 + q2 d). We also have   √ √   |N (remainder)| = N (c + e d)( 1 + 2 d)   √ √   = N (c + e d)N ( 1 + 2 d)    = c2 − de2  ( 1 )2 − d( 2 )2  .

√ 35. The Euclidean algorithm in Z[ d] Now we have 0 ≤ 1 ≤ also

1 2

141

and 0 ≤ 2 ≤ 12 . If d < 0, we have ( 1 )2 − d( 2 )2 ≥ 0 and

1 (1 − d) 4 so we can get a Euclidean algorithm as long as ( 1 )2 − d( 2 )2 ≤

1 (1 − d) < 1 ⇐⇒ 1 − d < 4 ⇐⇒ −3 < d 4

√ well as so we have proved √ there is a Euclidean algorithm for the ring Z[2 −2], as for the ring Z[ −1] = Z[i]. On the other hand, if d > 0 then ( 1 ) − d( 2 )2 may be negative as well as positive, depending on 1 and 2 . But we certainly have 1 1 1 − d ≤ −d( 2 )2 ≤ ( 1 )2 − d( 2 )2 ≤ ≤ d 4 4 4 and thus

  1 0 ≤ ( 1 )2 − d( 2 )2  ≤ d. 4 Since we want this to be less than 1, we must have d < 4; thus there is a Euclidean √ √ algorithm for the rings Z[ 2] and Z[ 3] also. The norm function, or rather its absolute value, will provide us a way of using the well-ordering principle to find smallest elements, and so you should be able to√see that we have (the beginnings of) a proof of unique factorization in the ring Z[ d] for d = −2, −1, 2, and 3.

On the other hand, just because we can’t prove it doesn’t mean that we don’t have unique factorization in other rings as well. We need some counterexamples: in √ Z[ −3] we have √ √ 4 = 2 · 2 = (1 + −3)(1 − −3) √ and in √ this ring N (a + b −3) = a2 + 3b2 . Thus N (2) = 4, N (4) = 16, and 2 2 2, so there are no N (1 ± −3) = 4. But it is clear that √ √ a + 3b can never equal elements with norm 2. If 2 or 1 ± −3 were to factor in Z[ −3], it would have to be into two elements of norm 2; since there are no such elements, these numbers must be primes! We have thus used the√norm function to prove √ that 4 has two different factorizations into primes in√ Z[ −3], so the ring Z[ −3] does not have unique factorization. Similarly, in Z[ −5] we have √ √ 6 = 2 · 3 = (1 + −5)(1 − −5) √ and in √this ring N (a + b −5) = a2 + 5b2 . Thus N (2) = 4, N (3) = 9, and N (1 ± −5) = 6. But it is clear that a2 + 5b2 can never equal 2 or 3, so there are no elements of norm 2 or 3. Just as above, we conclude that the elements √ above −5], so must be primes. Thus 6 has two different factorizations into primes in Z[ √ √ the ring Z[ −5] does not have unique factorization. Similarly, in Z[ 10] we have √ √ 6 = 2 · 3 = (−2 + 10)(2 + 10) √ 2 2 and the norm function is N (a + b 10) √= a − 10b . Thus N (2) = 4 and N (3) = 9 as before, but now we have N (±2 + 10) = −6. Suppose we could find integers such that a2 − 10b2 = ±2. Then in Z/5Z this equation would be a2 ≡ ±2 (mod 5), which has no solutions since the only squares in Z/5Z are 0 and ±1. Thus there are no integers a and b that solve a2 − 10b2 = ±2. Similarly, there√are no integers a and b that solve a2 − 10b2 = ±3. Thus there are no elements of Z[ 10] with norm ±2 or

142

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

√ ±3, so the elements above, with norms 4, 9, and −6, must be primes √ in Z[ 10], so again 6 has two different factorizations into primes in the ring √ Z[ 10]. Thus once again we have given a counterexample to show that the ring Z[ 10] does not have unique factorization. We√ have not given here a complete characterization of which rings of the form Z[ d] have unique factorization and which do not; it is beyond the scope of this book, and such questions are the subject of ongoing research. These questions have been the subject of some controversy in the past; most of the controversy has to do with which rings are eligible (Z[ρ]? Z[φ]?) and what exactly is meant by unique factorization vs. whether a Euclidean algorithm exists, etc. Feel free to research this topic further on your own (see [Marcus]). To return to the case where √ d < 0, we have shown that there exists a Euclidean algorithm in Z[i] and Z[ −2]. √ The geometric picture in Z[i] was based√on the If we √ draw Z[ −2] as square lattice Z[i]; the ring Z[ −2] has a different geometry. √ a subset of C, we √ will need to have the number a + b −2 = a + (b 2)i correspond to the point (a, b 2), and thus we will get a rectangular lattice, stretched in the vertical direction, as shown in Figure 9.

√ Figure 9: The geometry of Z[ −2] √ √ Now if we √ multiply all the elements of Z[ −2] by some non-zero w ∈ Z[ −2], say w = 5 + 3 −2, we will get a rectangular sublattice, as in Figure 10. And if we want to divide w into some z, we can see that z lies inside one rectangle, and so we should once again choose the nearest corner, and that will give the correct q and r to use for the division algorithm. The largest possible remainder will occur if z happens to be in the very center on the rectangle, but a√simple calculation shows that in that case the length of the remainder, q, will be 23 the length of the short side of the rectangle, which means that N (r) ≤ 34 N (w); thus the geometry exactly confirms the algebra done earlier. √ What happens in Z[ −3]? Well, the rectangular lattice is now stretched a√little more in the vertical direction, but essentially we have the same picture as in Z[ −2]. However, once we form the rectangular sublattice of multiples of w, an interesting change occurs: the worst possible case, when z is in the center of a rectangle, makes the length of the remainder equal to the length of the shortest side of the rectangle, and so we have N (r) ≤ N(w), which is not enough to ensure that the norm shrinks (in fact, it is possible to do a division algorithm calculation over and over and never

√ 35. The Euclidean algorithm in Z[ d]

143

√ √ Figure 10: Multiples of 5 + 3 −2 in Z[ −2] get anywhere, since the norms don’t shrink). Again, this agrees with the algebra √ we saw earlier, and so we are in difficulty with Z[ −3]. This difficulty will √ be dealt 2] and with in subsequent sections. None of this geometry applies to the cases Z[ √ Z[ 3], where a Euclidean algorithm also exists; we will see if we can look at these rings from another perspective.

Exercises √ √ √ 1. Find a GCD d for a = 104 √ − 79 2 and b = 18 + 22 2 in Z[ 2], and solve ax + by = d for x, y ∈ Z[ 2]. √ √ √ 2. Find a GCD d for a = 104 √ − 79 3 and b = 18 + 22 3 in Z[ 3], and solve ax + by = d for x, y ∈ Z[ 3]. √ √ √ 3. Find the GCD d for a = 16 +√25 −3 and b = 25 − 3 −3 in Z[ −3], and solve ax + by = d for x, y ∈ Z[ −3]. 4. Is the following statement true or false? √ √ √ √ √ (26+15 3)(10−3 3) = 125+72 3 =⇒ 125 + 72 3 is not a prime in Z[ 3]. Explain your reasoning why or why not. 5. Prove that for p a positive prime in Z, and d an integer,

√ can write ±p = a2 − db2 ⇐⇒ p is not prime in Z[ d].

6. Show directly that for p a prime integer, p can be written as p = a2 − db2 =⇒ d is a perfect square in Z/pZ. Hint: Are a and b ∈ Z/pZ? Are a and b ∈ (Z/pZ)× ? √ 7. Can you draw Z[ 2]? What are the difficulties? If you succeed in drawing a picture, what is the significance of the norm in your picture? Does√it measure distance from zero? Also, what is the effect of multiplying by 2 in your picture?

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

144

√ 8. Calculate the continued fraction for 7 and set √ up the amazing2 array, adding a final row where you calculate N (Pn + Qn 7) = Pn2 − 7Q √ n . Are all the columns units, as proved in Exercise 1 on page 140 for Z[ 2]? Are all the units powers of some fundamental unit? For √ extra credit, you may try to prove that you have found all the units in Z[ 7]. 9. Every element of Q is a root of a polynomial in Z[x]; namely, ab is a root of the polynomial bx − a. The integers are special in that they are the only elements of Q that are roots of monic polynomials, those whose leading coefficient is one. This is one way number theorists have used to distinguish the equivalent of the integers within certain fields (namely, finitely generated subfields of A, or (what is the same thing) finite field extensions of Q). If K is the field in question, then OK is the ring of integers in that field. Thus OQ = Z itself. As another example, if we start with the field Q[i] = {a + bi ∈ C : a and b ∈ Q}, each element of which is a root of a polynomial in Z[x], then we could ask which elements of Q[i] satisfy monic polynomials in Z[x]. That subset of Q[i] (which is actually a subring of Q[i]) is the ring of integers in Q[i], designated OQ[i] . (a) Show that every element of Q[i] is a root of a quadratic polynomial in Z[x]. (b) Determine OQ[i] , the ring of integers in Q[i].

√ (c) Now let √ d be a fixed, square-free integer. Consider the field Q[ d]√= {a + b d ∈ C : a and b ∈ Q}. Show that every element of Q[ d] satisfies a quadratic polynomial in Z[x]. !  √  "  √  (d) Show that the sets Z 1+2 d := a + b 1+2 d : a and b ∈ Z and !r 2

+

s√ d : r≡s 2

" (mod 2)

are the same.

√ (e) Show that OQ[√d] , the ring of integers in Q[ d], is  √  Z 1+2 d if d ≡ 1 (mod 4) √ else. Z[ d] " !r s√ + d : r ≡ s (mod 2) (f) Show that if d ≡ 1 (mod 4), then the set 2 2 is not a ring: in particular, show that it is not closed under multiplica √ 2 tion, by considering 1+2 d .

36

Factoring in Z[i]

We want to figure out how to factor Gaussian integers. We will get a partial converse to the earlier statement that for Gaussian integers z and w, z|w =⇒ N (z)|N (w). First, we need the

36. Factoring in Z[i]

145

Definition 27 In Z[i], the conjugate of z = a + bi is z = a − bi. Proposition 29 For any z and w in Z[i], we have z+w =z+w

z · w = z · w.

and

Proof . Let z = a + bi and w = c + di. Then z + w = (a + c) + (b + d)i and z + w = (a − bi) + (c − di) = (a + c) − (b + d)i; these Gaussian integers are clearly conjugates of each other. Similarly, z · w = (a + bi)(c + di) = (ac − bd) + (bc + ad)i and z · w = (a − bi) · (c − di) = (ac − bd) − (bc + ad)i; again, these Gaussian integers are clearly conjugates of each other.

Proposition 30 For z and w in Z[i], we have z|w ⇐⇒ z|w. Proof . z|w =⇒ w = z · v for some Gaussian integer v. But then w = z · v = z · v so z|w. On the other hand, we have just proved that z|w =⇒ z|w and it is clear that z = z and w = w.

Proposition 31 If a + bi ∈ Z[i] and 2|N (a + bi) = a2 + b2 , then • a2 + b2 = 2 ⇐⇒ a + bi ∼ 1 + i • a2 + b2 > 2 =⇒ (1 + i)|(a + bi). Proof . Clearly, a2 + b2 = 2 ⇐⇒ a = ±1 and b = ±1. But ±1 ± i ∼ 1 + i, so we are done. We have (1 + i)(1 − i) = 2 so (1 + i)|2. Then 2|(a2 + b2 ) =⇒ (1 + i)|(a2 + b2 ) = (a + bi)(a − bi) so we conclude that (1 + i)|(a + bi)

or

(1 + i)|(a − bi).

146

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

This is because N (1 + i) = 2, which is a prime in Z, so we know that 1 + i is a prime in Z[i], and we may apply the prime theorem in Z[i]. If 1 + i|a − bi, then since 1 + i|2, we know that 1 + i divides the linear combination (a − bi) + 2(bi) = a + bi. Thus we are done. We might also notice that 2|a2 + b2 ⇐⇒ a and b are both even or they are both odd. Thus we have a very simple criterion for whether 1 + i is a factor of a + bi: we know that (1 + i)|9817461027 + 31606813423i but (1 + i)/|14329485671497 − 109834172632i. This actually leads to a different proof: if 2|(a2 + b2 ), then it is clear that a and b are both even or they are both odd. Now a + bi a + bi 1 − i (a + b) + (b − a)i a+b b−a = · = = + i 1+i 1+i 1−i 2 2 2 and this is a Gaussian integer since a + b and b − a are each even. Thus (1 + i)|(a + bi).

What about other Gaussian integers? What we used in this proof was the fact that N (1 + i) = 2 is a prime in Z, so 1 + i was a prime in Z[i]. Thus we could use the prime theorem in Z[i]. Can we imitate this proof to get something like 5|(a2 + b2 ) =⇒ (1 + 2i)|(a + bi)? This seems promising, but an example may be instructive here: what about the Gaussian integer 4 + 7i? It has norm 16 + 49 = 65, so we have that 5|(a2 + b2 ). But 4 + 7i 4 + 7i 1 − 2i 18 − i = · = 1 + 2i 1 + 2i 1 − 2i 5 and this is not a Gaussian integer, so 1 + 2i/|4 + 7i. What is happening here may be clearer if we notice that 4 + 7i = (2 + i)(3 + 2i), so 1 + 2i/|4 + 7i, but 2 + i|4 + 7i. Also, notice that the only Gaussian integers with norm 5 are ±2 ± i and ±1 ± 2i, and we have that 2 + i ∼ −1 + 2i ∼ −2 − i ∼ 1 − 2i while 1 + 2i ∼ −2 + i ∼ −1 − 2i ∼ 2 − i so these eight Gaussian integers split into two sets of four associates. The correct statement about this situation is Proposition 32 For a Gaussian integer a + bi, we have 5|(a2 + b2 ) =⇒ (1 + 2i)|(a + bi)

or

(2 + i)|(a + bi).

Proof . Once again, we have two proofs: we have 5|(a + bi)(a − bi) and (2 + i)|5 since (2 + i)(1 + 2i) = 5. Thus (2 + i)|(a + bi)(a − bi) and, using the prime theorem in Z[i], we get (2 + i)|(a + bi) or (2 + i)|(a − bi).

36. Factoring in Z[i]

147

In the first case, we are done; in the second, we get (2 − i)|(a + bi) by taking conjugates, and then we can multiply by the divisibility statement i|1 to get (1 + 2i)|(a + bi), and we are done. Alternate proof: 5|(a2 + b2 ) =⇒ a2 + b2 ≡ 0 (mod 5). What are the perfect squares in Z/5Z? They are 0 and ±1. Thus ⎧ ⎪ a2 ≡ b2 ≡ 0 (mod 5) ⎪ ⎪ ⎪ ⎪ ⎪ ⎨or 2 2 a + b ≡ 0 (mod 5) =⇒ a2 ≡ 1 (mod 5) and b2 ≡ −1 (mod 5) ⎪ ⎪ ⎪ or ⎪ ⎪ ⎪ ⎩a2 ≡ −1 (mod 5) and b2 ≡ 1 (mod 5). Now, if a2 ≡ b2 ≡ 0 (mod 5), then 5|a and 5|b, so 5|(a + bi) and then (2 + i)|(a + bi) and (1 + 2i)|(a + bi). So in this case we are done. On the other hand, x2 ≡ 1 (mod 5) ⇐⇒ x ≡ ±1 (mod 5), and x2 ≡ −1 (mod 5) ⇐⇒ x ≡ ±2 (mod 5). Also, we have a + bi a + bi 2 − i (2a + b) + (2b − a)i = · = 2+i 2+i 2−i 5 and

a + bi a + bi 1 − 2i (a + 2b) + (b − 2a)i = · = . 1 + 2i 1 + 2i 1 − 2i 5

You may check for yourself that ⎧ ⎫ ⎨ a ≡ 1 (mod 5) ⎬ and =⇒ (2 + i)|(a + bi) ⎩ ⎭ b ≡ −2 (mod 5) ⎫ ⎧ ⎨ a ≡ 1 (mod 5) ⎬ and =⇒ (1 + 2i)|(a + bi) ⎭ ⎩ b ≡ 2 (mod 5) ⎧ ⎫ ⎨ a ≡ −1 (mod 5) ⎬ and =⇒ (1 + 2i)|(a + bi) ⎩ ⎭ b ≡ −2 (mod 5) ⎧ ⎫ ⎨ a ≡ −1 (mod 5) ⎬ and =⇒ (2 + i)|(a + bi). ⎩ ⎭ b ≡ 2 (mod 5) The other four possibilities are checked similarly.

Can we generalize this to other Gaussian integers? We can try to prove the following Proposition 33 If N (r + si) = p, a prime in Z, then r + si is a prime in Z[i], and therefore p|(a2 + b2 ) =⇒ (r + si)|(a + bi)

or

(s + ri)|(a + bi).

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

148

Before we prove this proposition, let’s see how it can be useful. Suppose we wish to factor 18 + 25i. We have N (18 + 25i) = 182 + 252 = 324 + 625 = 949 = 13 · 73. We have 13 = 22 + 32 and 73 = 82 + 32 . Thus if our proposition is true, we will know that (2 + 3i)|(18 + 25i) or (3 + 2i)|(18 + 25i); and further we will know the other factor also: it will be either 8 + 3i or 3 + 8i, right? Let’s just try: 18 + 25i 2 − 3i 111 − 4i 18 + 25i = · = , 2 + 3i 2 + 3i 2 − 3i 13 which is not a Gaussian integer. But, we also have 18 + 25i 3 − 2i 104 + 39i 18 + 25i = · = = 8 + 3i 3 + 2i 3 + 2i 3 − 2i 13 so we see that 18+25i = (3+2i)(8+3i). Let’s try another example: how does 34+13i factor? We have N (34 + 13i) = 342 + 132 = 1156 + 169 = 1325 = 5 · 265 = 52 · 53. The 5 tells us that 2 + i or 1 + 2i is a factor; the 53 tells us that 7 + 2i or 2 + 7i is a factor. Let’s try: 34 + 13i 2 − i 81 − 8i 34 + 13i = · = , 2+i 2+i 2−i 5 which doesn’t work, but 34 + 13i 34 + 13i 1 − 2i 60 − 55i = · = = 12 − 11i. 1 + 2i 1 + 2i 1 − 2i 5 Now we must factor 12 − 11i, which has norm 122 + 112 = 144 + 121 = 265 = 5 · 53. Once again we have two options, 2 + i or 1 + 2i: 12 − 11i 2 − i 13 − 34i 12 − 11i = · = , 2+i 2+i 2−i 5 which doesn’t work, but 12 − 11i 1 − 2i −10 − 35i 12 − 11i = · = = −2 − 7i. 1 + 2i 1 + 2i 1 − 2i 5 So, we have 34 + 13i = (1 + 2i)(12 − 11i) = (1 + 2i)2 (−2 − 7i) = (−1)(1 + 2i)2 (2 + 7i). Now we have the Proof . We have p = r 2 + s2 = (r + si)(r − si), and p|(a2 + b2 ) = (a + bi)(a − bi); thus (r + si)|p and (r + si)|(a + bi)(a − bi), so we have (r + si)|(a + bi)

or

(r + si)|(a − bi)

since we can apply the prime theorem in Z[i]. Then if (r + si)|(a + bi) we are done, and if (r + si)|(a − bi) then (r − si)|(a + bi) and we can multiply by i|1 to get (s + ri)|(a + bi).

This will be a powerful weapon when we try to factor Gaussian integers.

37. The primes in Z[i]

149

Exercises 1. Factor 231 + 1792i into primes in Z[i]. 2. Factor 4275 − 4121i into primes in Z[i]. 3. Factor 1235 − 4121i into primes in Z[i]. 4. Factor 28259 − 4240i into primes in Z[i]. 5. How many Gaussian integers have norm 2 · 5 · 13? Try to count them without doing a lot of calculations. 6. How many Gaussian integers have norm 2 · 32 · 5 · 13? Try to count them without doing a lot of calculations. 7. How many Gaussian integers have norm 2 · 33 · 53 · 133 ? Try to count them without doing a lot of calculations. 8. How many Gaussian integers have norm 32 · 52 · 72 · 294 ? Try to count them without doing a lot of calculations.

37

The primes in Z[i]

Now, which sort of primes in Z can be written as p = r 2 + s2 ? We have gathered some evidence in the exercises: Can 5 13 17 29 37 41

Can’t 3 7 11 19 23 31 43 47 51

Any guesses about the prime 101? 103? 107? 109? We get a Proposition 34 For p a prime in Z, we have there are a, b ∈ Z with p = a2 + b2 ⇐⇒ p ≡ 1 (mod 4) or p = 2.

Proof . You will prove =⇒ in the exercises. We will prove ⇐= later.

150

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d]

We have seen that prime integers are the building blocks of Z, and prime Gaussian integers are building blocks of Z[i]. How can we find them? One way is directly: since a|b =⇒ |a| ≤ |b| in Z, we can just try all numbers less than some integer n—if none is a proper factor, n must be a prime! An ancient Greek mathematician, Eratosthenes, had a good method for doing this: list all the positive integers up to some large number, say 1000. Then since 1 is the only integer less than 2, 2 must be a prime. Now cross out all multiples of 2, since they aren’t prime. Now what is the next integer not crossed out? 3, of course. So 3 must be prime, since it is not a multiple of anything smaller than it. Cross out all the multiples of 3, since they aren’t prime, and look for the next prime—5. Continue until you have finished your list. (Which happens once you have crossed out all multiples of 31—why?) This is called the Sieve of Eratosthenes: all the non-primes fall through the sieve, leaving the primes behind. There are other methods for checking specific numbers, but we will see them later. One way we’ve seen already (see Section 26, page 108): for n = 4, we have −1 (mod n) if n is a prime (n − 1)! ≡ 0 (mod n) otherwise. However, this is not practical in the case of large numbers, since (n − 1)! gets very large very quickly as n gets large. We can use something similar to the Sieve of Eratosthenes to find the primes in Z[i], but now the work we have done in Z helps. First you list all the Gaussian integers, grouped by norm, up to some limit. Then you see that anything with prime norm must be a prime. Then you look at the Gaussian integers that remain and try to factor them, using the norm to eliminate all but a few candidates. Thus to factor the Gaussian integers with norm 65, we need only see if they can be divided by some Gaussian integer with norm 5. It turns out that this will always work, as we proved in Proposition 33, but even before we knew that proposition, we could see that we needed to perform at most two divisions to check all eight elements with norm 5 (since they come in two sets, of four associates each). Thus we have a (tedious) way of finding all the primes in Z[i]. In fact, we can do more. Though we have not yet proved Proposition 34, we can use it to completely characterize all Gaussian integers and their factorizations into Gaussian integer primes. Theorem 21 Let z = a+bi be a Gaussian integer. Then N (z) has the factorization (into prime integers) N (z) = a2 + b2 = 2t pe11 pe22 pe33 . . . perr q12f1 q22f2 q32f3 . . . qs2fs where t ∈ W, each pj ≡ 1 (mod 4) and each qj ≡ 3 (mod 4), r and s are in W, and each power ej and fj is a positive integer. Furthermore, z itself factors (uniquely, by Theorem 17) into Gaussian integers as follows z ∼ (1 + i)t ℘g11 ℘ˆe11 −g1 ℘g22 ℘ˆe22 −g2 . . . ℘grr ℘ˆgrr −er q1f1 q2f2 q3f3 . . . qsfs where pj = a2j + b2j and ℘j = aj + bj i, ℘ˆj = bj + aj i, and for each j, 0 ≤ gj ≤ ej .

37. The primes in Z[i]

151

Specifically, every prime, ℘, in Z[i] takes one of three forms • ℘∼1+i • ℘ ∼ a + bi where N (℘) = a2 + b2 = p ≡ 1 (mod 4) is a prime integer • ℘ ∼ qj where qj ≡ 3 (mod 4) is a prime integer. We have phrased this as facts about the primes in the larger ring, Z[i]. We could instead phrase this as facts about what happens to the primes in Z when we pass to the larger ring, Z[i]. Now we see that every prime integer, p, falls into one of three categories: • p ∼ (a + bi)2

(the prime p is said to be ramified in Z[i], or to ramify in Z[i])

• p ∼ (a + bi)(c + di) with a + bi ∼ c + di • p is a prime element of the larger ring Z[i]

(the prime p is said to split in Z[i]) (the prime p is said to remain inert in Z[i])

The only positive prime integer that ramifies in Z[i] is 2. Positive prime integers that are 1 (mod 4) split in Z[i], and positive prime integers that are 3 (mod 4) remain inert in Z[i]. (Alternatively, one may say that a prime in Z of the form 4k + 1 is a split prime and a prime in Z of the form 4k + 3 is an inert prime. This phrasing assumes that the larger ring (in this case, Z[i]) is clear.) These facts (about how elements of the larger rings factor into primes, and √ how 2], prime integers factor in the larger ring) will be shown to have analogs in Z[ √ √ √ √ Z[ 3], Z[ −2], Z[ρ], Z[ −3], Z[ 5], and Z[ω] (where ω is the golden ratio). Each time, there will only be a finite number of ramified primes, which are distinguished from the split primes by the fact that they factor √ into2 powers of primes, not into −2) is the only ramified prime products of distinct primes. As examples, 2 ∼ ( √ in Z[ −2], and 3 ∼ (1 + 2ρ)2 is the only ramified prime in Z[ρ].

Exercises 1. Prove the forward implication ( =⇒ ) in Proposition 34. 2. Prove Theorem 21. You may use Proposition 34, which will be proved in Section 39. You may well wish to write (and prove) a lemma along the lines of “If p ≡ 3 (mod 4) is a prime and p|a2 + b2 , then p|a and p|b.” 3. Use Theorem 21 to characterize those integers that can be written in the form a2 + b2 , and which cannot. 4. Following Exercise 3, and following up on Exercise 16 (page 79), characterize those integers n that can be written in the form n = a2 − ab + b2 . We do not have a theorem that applies (yet). However, we have the following data:

152

√ Chapter 3. Quadratic Extensions of the Integers, Z[ d] primes that can be written as p = a2 − ab + b2 3, 7, 13, 19, 31, 37, 43, 61, 67, 73, 79, 97, 103, 109, 127, 139, 151, 157, 163, 181, 193, 199, . . . composites that can be written as n = a2 − ab + b2 4, 9, 12, 16, 21, 25, 27, 28, 36, 39, 48, 49, 52, 57, 63, 64, 75, 76, 81, 84, 91, 93, 100, . . .

primes that cannot be written as p = a2 − ab + b2 2, 5, 11, 17, 23, 29, 41, 47, 53, 59, 71, 83, 89, 101, 107, 113, 131, 137, 149, 167, 173, 179, 191, 197, . . . composites that cannot be written as n = a2 − ab + b2 6, 8, 10, 14, 15, 18, 20, 22, 24, 26, 30, 32, 33, 34, 35, 38, 40, 42, 44, 45, 46, 50, 51, 54, 55, 56, 58, 60, 62, 65, 66, 68, 69, 70, 72, 74, . . .

Chapter 4

An Interlude of Analytic Number Theory 38

The distribution of primes in Z

There are five theorems I want you to know about how the primes in Z are distributed (we will only prove two of them here; one more is proved in the Project H on arithmetic functions and Dirichlet series). The branch of mathematics that deals with the distribution of the primes in Z is called analytic number theory; most of this course is instead from algebraic number theory. It is important to see these theorems, even if we won’t go into this topic in depth. 1. Theorem 22 (Euclid’s Theorem on Primes) There are infinitely many primes in Z. Proof . Suppose not, so the only primes in Z are p1 = 2, p2 = 3, p3 = 5, . . . , pn . Let N = (p1 p2 p3 · · · pn ) + 1. Then by the fundamental theorem of arithmetic (actually we only need Lemma 6 from page 65 here), since N > 1 we know that N has a factorization into primes. However, p1 /|N , p2 /|N , p3 /|N , . . . , pn /|N ; so we get a contradiction, since these are the only primes in Z. This contradiction shows that we must have an infinite number of primes in Z. 2. Theorem 23 The primes in Z are scattered irregularly: there are arbitrarily large gaps between the primes. Proof . Look at the numbers n! + 2, n! + 3, n! + 4, . . . , n! + (n − 1), n! + n. It is clear that n! + 2 is not prime since 2 divides it; similarly, 3|(n! + 3), 4|(n! + 4), . . . , n|(n! + n). Thus we have n − 1 consecutive numbers that are not primes.

153

154

Chapter 4. An Interlude of Analytic Number Theory

3. Theorem 24 There are more primes than perfect squares, so there are lots of primes. One way to measure this is to notice that

1 diverges, n

n∈N

p prime ∈ N

1 diverges, but p

1 converges. n2

n∈N

You should already have seen the first and third facts in calculus. 4. Theorem 25 (Prime Number Theorem) The primes are distributed evenly: If π(x) denotes the number of primes p such that 2 ≤ p ≤ x, then lim

π(x) x ln x

x→∞

or lim

x→∞

=1

π(x) =1 Li(x) 

where Li(x) =

2

x

1 dt. ln t

This theorem says that in contrast to Theorem 23, the number of primes in any given range is statistically predictable. So there is an evenness to the unevenness. 5. Theorem 26 (Dirichlet’s Theorem on Primes in an Arithmetic Progression) If (a, n) = 1 then there are infinitely many primes p such that p ≡ a (mod n). Thus, for instance, since (100, 21) = 1, this very important theorem states that there are infinitely many primes in the set {21, 121, 221, 321, 421, . . . , 21 + 100k, . . .}. In fact, Dirichlet proved much more. He showed that if (a, n) = 1, then as N → ∞, the proportion of primes that are congruent to a (mod n) and less 1 . Since than N (as compared to all the primes less than N ) approached ϕ(n) there are exactly ϕ(n) such congruence classes, Dirichlet is telling us that, in the long run, the primes are distributed across congruence classes as evenly as possible. The proof of Dirichlet’s theorem is beyond the scope of this book, but we will explore several special cases in the exercises. Here is one special case (the proof is similar to the proof of Theorem 22, but there’s a slight twist): Proposition 35 There are infinitely many primes in Z of the form 4k + 3; i.e., there are infinitely many primes p such that p ≡ 3 (mod 4). Proof . Assume there are only finitely many such primes, say p1 ≡ p2 ≡ p3 ≡ · · · ≡ pn ≡ 3 (mod 4).

38. The distribution of primes in Z

155

Then consider the number N = 4p1 p2 p3 · · · pn − 1. We have N > 1 so N has a factorization into primes. Also N ≡ −1 ≡ 3 (mod 4). N is odd so all its prime factors are odd; in particular, they are all congruent to either 1 or 3 (mod 4). If all the prime factors of N were ≡ 1 (mod 4), then N ≡ 1 (mod 4) also. Thus N must have at least one prime factor, p, with p ≡ 3 (mod 4); and so p = pk for some k with 1 ≤ k ≤ n. But p1 /|N , p2 /|N , p3 /|N , . . . , pn /|N . This is a contradiction, so the list must be infinite.

Exercises 1. Prove the converse of Dirichlet’s theorem: If there are infinitely many primes, p, with p ≡ a (mod n), then (a, n) = 1. 2. The proof of Proposition 35 is written as a proof by contradiction. Proofs by contradiction should be avoided when possible; rephrase the proof as a construction proof that shows how to construct a new prime, given a finite list of primes. 3. Mimic the proof of Proposition 35 to prove that there are infinitely many primes of the form 3k + 2. 4. Mimic the proof of Proposition 35 to prove that there are infinitely many primes of the form 6k + 5. 5. Every odd prime is ≡ 1, 3, 5, or 7 (mod 8). Since there are now four groups of primes, the ideas used in Proposition 35 and Exercises 3 and 4 won’t quite work in modulus 8. But we can add another twist: suppose we take a finite list of odd primes, p1 , p2 , p3 , . . . , pn . Consider the numbers A = (p1 p2 p3 · · · pn )2 + 2, B = (p1 p2 p3 · · · pn )2 + 4, and C = (p1 p2 p3 · · · pn )2 − 2. We have A ≡ 3 (mod 8), B ≡ 5 (mod 8), and C ≡ 7 (mod 8). If we define Pk = {integer primes that are ≡ k

(mod 8)},

argue that at least two of the sets P3 , P5 , and P7 are infinitely large. 6. Since ϕ(5) = ϕ(10) = ϕ(12) = 4, we have a chance to deal with the mod 5, mod 10, and mod 12 cases in the same way as we dealt with mod 8. Can you extend Exercise 5 to cover one or more of these other moduli? 7. Consider the arithmetic progression a, a + d, a + 2d, . . . , where a and d are positive integers. For any positive integer k, prove that the progression has either no exact kth powers or infinitely many.

Chapter 5

Quadratic Residues In the complex field C, every number is a perfect square. In the real field R, all non-negative numbers are perfect squares, and none of the negative numbers are. Which numbers are perfect squares in the rational field Q and in the ring of integers Z is essentially answered by the fundamental theorem of arithmetic (see Exercise 7 on page 67). There is thus an analogous answer in the ring Z[i] (see Exercise 6 on page 137). Most of the present chapter will be devoted to answering this seemingly simple question in the ring Z/pZ. The Law of Quadratic Reciprocity, conjectured by Euler and Legendre and first proved by Gauss, answers this question. Its statement and proof are one of the high points of any first course in number theory.

39

Perfect squares

In the exercises most of the following has been proved. Proposition 36 For p a prime in Z, p ≡ 3 (mod 4)

=⇒ ⇐⇒ ⇐⇒

p cannot be written as p = a2 + b2 for integers a and b p is prime in Z[i] there are no Gaussian integers with norm p.

Proof . The first implication is the contrapositive of Exercise 8 in Section 19, and the first double implication is Exercise 20(a) in Section 5. We will prove the second double implication here. Suppose there were no Gaussian integers with norm p. If p = z · w then taking norms we get p2 = N (z)N (w); so if N (z) = p is impossible we must have N (z) = 1 and N (w) = p2 , or N (z) = p2 and N (w) = 1. Thus we must have that either z or w is a unit. Thus p fulfills the definition of a prime in Z[i]. Conversely, suppose there are Gaussian integers with norm p, for example suppose N (r + si) = p. Then 157

158

Chapter 5. Quadratic Residues

(r + si)(r − si) = p and N (r + si) = N (r − si) = p so we have factored p into non-units; thus p is not a prime in Z[i].

Now suppose p is an odd prime in Z and suppose also that we have a solution, S, to the equation x2 ≡ −1 (mod p). We may assume that S is an integer with 1 ≤ S ≤ p − 1 (in fact we may even assume 1 ≤ S ≤ p−1 2 , but we don’t need to), so we have S 2 ≡ −1 (mod p) ⇐⇒ p|(S 2 + 1) so p|(S 2 + 1) in Z and thus p|(S + i)(S − i) in Z[i]. Now if p is a prime in Z[i], then p|(S + i) or p|(S − i) by the prime theorem for Z[i]. But this is impossible (see Exercise 8a on page 31 if this isn’t clear to you), so p is not a prime in Z[i]. Hence we have there is a solution to x2 ≡ −1 (mod p) =⇒ p is not a prime in Z[i] and p is a prime in Z[i] =⇒ there is no solution to x2 ≡ −1 (mod p). Between this and Exercise 5 in Section 35 and Exercise 8 in Section 19, we have proved something we will call “le carr´e,” which is French for “the square.” (The reason for this choice of terminology is that the term “square,” as in perfect square, has already been taken. Also, I like French. Also, I like reading John le Carr´e.) For p an odd prime in Z, we have le carr´e: can’t write p = a2 + b2 in Z ⇑

⇐⇒

p is prime in Z[i] ⇓

p ≡ 3 (mod 4)

???

−1 is not a perfect square in Z/pZ

We want “ ⇐⇒ ” in the second line, so that we will know that any of the statements is equivalent to the others. All we need is to show that −1 is not a perfect square in Z/pZ implies that p ≡ 3 (mod 4). We will prove the contrapositive:

Lemma 11 If p is a prime in Z and p ≡ 1 (mod 4), then x2 ≡ −1 (mod p) can be solved; in fact this equation has the two solutions  x≡±

 p−1 ! (mod p). 2

39. Perfect squares

159

Proof . By Wilson’s theorem we know that (p − 1)! ≡ −1 (mod p). Thus we have 

  p−1 p+1 (1)(2)(3) · · · · · · (p − 3)(p − 2)(p − 1) 2 2    p−1 p−1 − · · · (−3)(−2)(−1) (1)(2)(3) · · · 2 2     p−1 p−1 p−1 ! · · · (3)(2)(1)(−1) 2 2 2   2 p−1 p−1 ! (−1) 2 2   2 p−1 ! 2

≡ −1 (mod p) ≡ −1 (mod p) ≡ −1 (mod p) ≡ −1 (mod p) ≡ (−1)1−

p−1 2

(mod p).

Now, if p ≡ 1 (mod 4) then p = 1 + 4k for some k in Z. But then 1 − p−1 2 = 1 − 2k is odd, so we have   2 p−1 ! ≡ −1 (mod p) 2 and we have a solution to the equation x2 ≡ −1 (mod p). Of course, if p ≡ 3 (mod 4), all we have found is that we can solve the equation x2 ≡ 1 (mod p), which clearly has solutions x ≡ ±1 (mod p)!

The theorem is thus proved.

Theorem 27 For p an odd prime in Z, we have: can’t write p = a2 + b2 in Z  p ≡ 3 (mod 4)

⇐⇒ ⇐⇒

p is prime in Z[i]  −1 is not a perfect square in Z/pZ

The four equivalent statements are about different rings: Z, Z[i], Z/4Z, and Z/pZ. It will be handy on occasion to also rephrase this theorem as

Theorem 27 For p an odd prime in Z, we have: p = a2 + b2 is possible in Z 

⇐⇒

p is not prime in Z[i] 

p ≡ 1 (mod 4)

⇐⇒

−1 is a perfect square in Z/pZ

160

Chapter 5. Quadratic Residues

Exercises 1. We can illustrate Theorem 27 in the case p = 37 by writing • 37 = 62 + 12 in Z. • 37 = (6 + i)(6 − i) in Z[i]. • 37 = 9 · 4 + 1 so 37 ≡ 1 (mod 4). • 62 ≡ −1 (mod 37). Do the same for p = 73, p = 113, and p = 829. 2. Let p be an odd prime in Z, and p ≡ 1 (mod 4). Show that p can be written as a sum of squares uniquely; that is, if p = a2 + b2 = c2 + d2 , then the sets {±a, ±b} and {±c, ±d} are the same. 3. The goal of this exercise is to show that there are infinitely many prime integers of the form 4k + 1. Together with Proposition 35, this will demonstrate Dirichlet’s theorem in the case n = 4. Assume there is a finite number of prime integers p such that p ≡ 1 (mod 4), and let N = (2p1 p2 p3 · · · pk )2 + 1 be formed from their product. N > 1 so N has a prime factor q. (a) Show that q ∼ pi for any i, 1 ≤ i ≤ k. (b) Show that the equation x2 ≡ −1 (mod q) has solutions. (c) Conclude that q ≡ 1 (mod 4). (d) State the contradiction you have found, and conclude that there must be an infinite number of prime integers of the form 4k + 1. 4. Table 6 shows data calculated about which prime integers p are perfect squares (mod q): a “+” indicates that x2 ≡ p (mod q) can be solved, and a “−” indicates that x2 ≡ p (mod q) cannot be solved. (a) Calculate the entries for the q = 113 and q = 127 rows of the table, by whatever method you choose. (b) Make conjectures about how the columns of the table can be organized. For instance, you might note that x2 ≡ 5 (mod q) can be solved ⇐⇒ q ends with the digit one or nine, i.e., ⇐⇒ q ≡ ±1 (mod 10). Try to come up with similar rules for each of the other columns. 5. A number is written with 300 ones and 300 zeros. Can it be a perfect square? 6. Let N = 44444444 and let the sum of the digits of N be A. Let B be the sum of the digits of A. Let C be the sum of the digits of B. Find C.

40

Quadratic residues

The proof of Theorem 27 (le carr´e) is part of why we care about the question What are the perfect squares in Z/pZ?

40. Quadratic residues

q\p 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97 101 103 107 109 113 127

2 0 − − + − − + − + − + − + − + − − − − + + + − + + − + − −

161

3 + 0 − − + + − − + − − + − − + − + + − + + − + − + − − + +

5 + − 0 − + − − + − + + − + − − − + + − + − + − + − + − − +

7 + + − 0 − − − + − + + + − − + + + − − − − − + − − − + − +

11 + − + + 0 − − + − − − + − + − + − − − − − + + + + − − + −

13 + + − − − 0 + − + + − − − + − + − + − − − + − − − + + + −

17 + − − − − + 0 + − − − − − + + + + − + − − − + + − + + − −

19 + + + − − − + 0 − − + − − − − − + + + + + + − − − + + + −

23 + − − + + + − + 0 + − − + + − − − − + − + + + − − + + + −

Table 6: Can x2 ≡ p (mod q) be solved?

29 + − + + − + − − + 0 − − − − − + + − + + − − + − − − + + +

162

Chapter 5. Quadratic Residues

but there are other reasons, for instance we may want to solve quadratic equations in Z/pZ. As we saw earlier, we can solve any linear equation, ax + b ≡ 0 (mod p), and given a quadratic equation, ax2 + bx + c ≡ 0 (mod p), we proved that there are at most two roots, but we aren’t sure how many there are nor can we find them easily, in general. Finding them will remain a problem, but we will see that counting how many there are is an easy calculation. Suppose we want to solve ax2 + bx + c = 0 in Z. How would we know whether or not we had any solutions? What if we want to solve the same equation in Q? in R? in C? Our procedure is different in each case, but we have a simple test in each case that will tell us whether we can solve the equation, and in fact with a little more work we can see how many roots we have in each ring. The quadratic formula gives us the answer in each case, because using purely algebraic operations we see that

ax2 + bx + c = 0 =⇒ x =

−b ±

√ b2 − 4ac . 2a

In the fields Q, R, and C we have no problem with anything but the square root; in Z there is a further problem with division; in C the fundamental theorem of algebra tells us there are exactly two roots (though we may get a double root if b2 −4ac = 0). The test for Q and R is exactly this: “is b2 −4ac a perfect square”? The answer in Q is difficult, depending on the factorization into primes of the numerator and of the denominator of the rational number; in R it reduces to asking “is b2 −4ac positive?” We will start with the same test as in Q, but we can simplify it considerably, until it is almost as easy to answer as it is in R. Let’s try some examples: what are the perfect squares in Z? Z/2Z? Z/3Z? Z/5Z? Z/7Z? Z/11Z? Z/13Z? Z/17Z? Z/19Z? Z/23Z? As we answer these questions, do any pattern emerge? How many answers do we have in each case? We get a more striking pattern if we leave out zero and just look at the units that are perfect squares. In fact we have the following

Definition 28 Given a prime p and an integer r we call r a quadratic residue (mod p) if (r, p) = 1 and the equation x2 ≡ r (mod p) has a solution. We call n a quadratic non-residue (mod p) if (n, p) = 1 and the equation x2 ≡ n (mod p) has no solution.

We have split up Z/pZ into Z/pZ = {0} ∪ {quadratic residues} ∪ {quadratic non-residues.}

40. Quadratic residues

163

We have Z/2Z Z/3Z Z/5Z Z/7Z Z/11Z Z/13Z Z/17Z

= {0} ∪ {1} ∪ {} = = = = = =

{0} ∪ {1} ∪ {2} {0} ∪ {1, 4} ∪ {2, 3} {0} ∪ {1, 2, 4} ∪ {3, 5, 6} {0} ∪ {1, 3, 4, 5, 9} ∪ {2, 6, 7, 8, 10} {0} ∪ {1, 3, 4, 9, 10, 12} ∪ {2, 5, 6, 7, 8, 11} {0} ∪ {1, 2, 4, 8, 9, 13, 15, 16} ∪ {3, 5, 6, 7, 10, 11, 12, 14}.

What do you notice? Unlike the splitting up of Z/mZ we did before, as Z/mZ = {0} ∪ {units} ∪ {zero-divisors}, where we had 1 + ϕ(m)+ an undetermined number, here we seem to have 1 + p−1 2 + p−1 2 elements; the units split exactly into two equal pieces! Can we prove this? We usually think of Z/pZ as {0, 1, 2, . . . , p − 1}, but this time it is more convenient to think of it as   p−1 Z/pZ = {0} ∪ (Z/pZ)× = {0} ∪ ±1, ±2, ±3, . . . , ± . 2 Then when we square everything we get {the quadratic residues in Z/pZ} =



(p − 1)2 1, 4, 9, . . . , 4

 .

Are there in fact exactly p−1 2 quadratic residues? This is equivalent to asking “Do we get any repeats?” As we always do, we answer this by looking at a2 ≡ b2 (mod p), p−1 2 2 where 1 ≤ a ≤ p−1 2 and 1 ≤ b ≤ 2 . Then we have p|(a − b ) = (a + b)(a − b) so p|(a + b) or p|(a − b) by the prime theorem. But we have 2 ≤ a + b ≤ p − 1 so p|(a + b) is impossible; therefore p|(a − b) and a ≡ b (mod p). Thus we get no repeats, and we have proved

quadratic residues and exactly Proposition 37 In Z/pZ, there are exactly p−1 2 p−1 quadratic non-residues. The set of quadratic residues is exactly 2  2 p−1 1, 22 , 32 , . . . , . 2 Although this proposition tells us how many quadratic residues there are in Z/pZ, we still don’t know what they are. Can we solve x2 ≡ 56 (mod 1009)? Right now all we know is that we have a 50–50 chance of a “yes” answer and a 50–50 chance of a “no” answer, but the only way to answer the question is to calculate {1, 22 , 32 , . . . , (504)2 },

164

Chapter 5. Quadratic Residues

reduce these integers (mod 1009), and look in the list for 56. Yuck! We need an easier method. What happens when we multiply residues and non-residues? In Exercise 3 on page 83, you were asked to figure out what happens when you multiply a unit and a zero-divisor, or two zero-divisors, etc. What are the analogous rules here, if any? Let’s try an example: the residues in Z/7Z are {1, 2, 4}, and we have the following multiplication table for (Z/7Z)× : · 1 2 3 4 5 6

1 1 2 3 4 5 6

2 2 4 6 1 3 5

3 3 6 2 5 1 4

4 4 1 5 2 6 3

5 5 3 1 6 4 2

6 6 5 4 3 2 1

Furthermore, the residues in Z/13Z are {1, 3, 4, 9, 10, 12}, and we have the following multiplication table for (Z/13Z)× : · 1 2 3 4 5 6 7 8 9 10 11 12

1 1 2 3 4 5 6 7 8 9 10 11 12

2 2 4 6 8 10 12 1 3 5 7 9 11

3 3 6 9 12 2 5 8 11 1 4 7 10

4 4 8 12 3 7 11 2 6 10 1 5 9

5 5 10 2 7 12 4 9 1 6 11 3 8

6 6 12 5 11 4 10 3 9 2 8 1 7

7 7 1 8 2 9 3 10 4 11 5 12 6

8 8 3 11 6 1 9 4 12 7 2 10 5

9 9 5 1 10 6 2 11 7 3 12 8 4

10 10 7 4 1 11 8 5 2 12 9 6 3

11 11 9 7 5 3 1 12 10 8 6 4 2

12 12 11 10 9 8 7 6 5 4 3 2 1

We conjecture that Res · Res = Res Res · Non = Non Non · Non = Res. These rules look like what? Maybe the rules for adding odds and evens! Or the rules for multiplying positives and negatives! Keep that in mind. Some notation will be handy from this point onward; rather than continuing to say “a is a quadratic residue (mod p),” we will introduce the Legendre symbol:   a and say p “the Legendre of a over p” for the Legendre symbol. It is defined as follows

Definition 29 Given an odd prime p and any integer a, we write

40. Quadratic residues

165

  a = 0 ⇐⇒ p|a p   a • = +1 ⇐⇒ a is a quadratic residue mod p, i.e., p/|a and a is a perfect p square in Z/pZ   a • = −1 ⇐⇒ a is a quadratic non-residue mod p, i.e., p/|a and a is not p a perfect square in Z/pZ



We have proved most of the following Proposition 38 For integers a and b and a prime p, we have      ab a b = . p p p Also, if p/|a, we have



a2 p

 = +1.

Further, we have

    a b a ≡ b (mod p) =⇒ = . p p   a 2 Finally, the equation x ≡ a (mod p) has 1 + solutions. p

  = 0 ⇐⇒ p|ab. But if p|ab then p|a or p|b by the prime Proof . We have ab p theorem, so in either case we get      a b ab =0= . p p p Similarly, if p|a or p|b then p|ab and so both of the equation are zero.      Thus  sides ab a we may assume p/|a, p/|b, and p/|ab. Then p = ±1, p = ±1, and pb = ±1, and we only need to prove that the signs match up the correct way. But that is exactly rules we conjectured above say. You will have a chance to prove  what  the   ab a b that = in the exercises. The other statements are immediate from p p p the definition of the Legendre symbol.

We have already proved Proposition 39



−1 p



 =

+1 −1

if p ≡ 1 (mod 4) if p ≡ 3 (mod 4).

166

Chapter 5. Quadratic Residues

    What we are ultimately interested in is a rule that will relate pq and pq for odd primes p and q. Exercise 10 and  Table   1 on page 77 presented the data for this p rule, with ♥ showing when q = pq and ♣ showing when they are unequal. It is not hard to conjecture a rule; it will take us a while to justify that rule. We will begin with an example of how we may calculate the Legendre symbol:       56 2 4 7 = 1009 1009 1009 1009    2 −1002 = 1009 1009      2 −1 2 501 = 1009 1009 1009 1009     −1 3 167 = 1009 1009 1009     −1 3 −842 = 1009 1009 1009     3 2 421 = 1009 1009 1009     3 2 −588 = 1009 1009 1009       3 2 −1 4 147 = 1009 1009 1009 1009 1009       3 2 −1 3 49 = 1009 1009 1009 1009 1009    2 −1 = 1009 1009 −1 and we know that 1009 = +1 because 1009 ≡ 1 (mod 4). Thus if we know the   56 2 rule for p we can calculate this answer. We will also be able to calculate 1009 in another way later, by using a rule for flipping theLegendre symbol:    clearly for distinct odd primes p and q we have p/|q and q/|p, so pq = ±1 and pq = ±1 and         we only need to see whether pq = pq or pq = − pq . Once we have this rule to use, we can calculate the above as       56 2 4 7 = 1009 1009 1009 1009     2 1009 = ± 1009 7      2 1 = ± 1009 7   2 = ± . 1009 7 1009 = 7 ; it remains for us From the above two calculations we can see that 1009 to find and prove the general rule.

41. Calculating the Legendre symbol (hard way)

167

Exercises 1. Show that a is a quadratic residue (mod p) ⇐⇒ a−1 is a quadratic residue (mod p). 2. Suppose that a and b are quadratic residues (mod p). Show that ab is also a quadratic residue (mod p). 3. Suppose that a is a quadratic residue (mod p) and that b is a quadratic nonresidue (mod p). Show that ab is a quadratic non-residue (mod p). 4. Suppose that a and b are quadratic non-residues (mod p). Use Exercise 3 or some other way to show that ab is a quadratic residue (mod p). 61 = +1. Using the 5. To choose a simple example, 372 ≡ 61 (mod 109), so 109 known rules for Legendre symbols, find a chain of calculations similar to the 61 = +1. one on page 166 to show that 109 449 = +1. 6. To choose a nearly random example, 2552 ≡ 449 (mod 1009), so 1009 Using the known rules for Legendre symbols, find a chain of calculations 449 = +1. similar to the one on page 166 to show that 1009

41

Calculating the Legendre symbol (hard way)

To choose three examples, we have: • The quadratic residues in Z/7Z are 1, 2, and 4. • The quadratic residues in Z/11Z are 1, 3, 4, 5, and 9. • The quadratic residues in Z/13Z are 1, 3, 4, 9, 10, and 12. 

Euler’s Theorem tells us that if p/|a, then 1 ≡ ap−1 ≡ p−1 2

a p−1 2

know that a ≡ ±1 (mod p). Thus we will calculate a (Z/7Z)× = {1, 2, 3, 4, 5, 6} so when we raise to the power

p−1 2

2 (mod p), so we

in each case. We have = 3, we get

p−1 2

{1, 23 = 8 = 1, 33 = 27 = −1, 43 = 64 = 1, 53 = 125 = −1, 63 = (−1)3 = −1}. What do you notice? Let’s try (Z/11Z)× = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10}: we get {1, 25 = 32 = −1, 35 = 243 = 1, 45 = (−1)2 = 1, 55 = 3125 = 1, 65 = 25 · 35 = (−1)(1) = −1, 75 = (−4)5 = −45 = −1, 85 = (−3)5 = −35 = −1, 95 = (−2)5 = −25 = 1, 105 = (−1)5 = −1}. What do you notice? Finally, let’s try (Z/13Z)× = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12}: we get {1, 26 = 64 = −1, 36 = 93 = (−4)3 = −64 = 1, 46 = (26 )2 = (−1)2 = 1, 56 = 1252 = (−5)2 = 25 = −1, 66 = 26 · 36 = (−1)(1) = −1, 76 = (−6)6 = 66 = −1, 86 = (−5)6 = 56 = −1, 96 = (−4)6 = 46 = 1, 106 = (−3)6 = 36 = 1, 116 = (−2)6 = 26 = −1, 126 = (−1)6 = 1}.

168

Chapter 5. Quadratic Residues

We might thus conjecture what is called Euler’s criterion.

Proposition 40 (Euler’s Criterion) For any integer a, we have   p−1 a 2 a ≡ (mod p). p

Proof  . If p|a, both sides of the equation are zero, so the proposition is true. If  a = +1, then we can solve the equation x2 ≡ a (mod p), so suppose S is a p solution. Then we have S 2 ≡ a (mod p), and we get a

p−1 2

≡ (S 2 )

p−1 2

≡ S p−1 ≡ 1 (mod p)

  by Fermat’s little theorem. Thus in this case we get equality also. What if ap = −1? The trick here is to use Fermat’s little theorem in a different way. We know that xp−1 − 1 ≡ 0 (mod p) has p − 1 solutions by Fermat’s little theorem. But we can factor this polynomial, since p − 1 is even, as  p−1   p−1  x 2 − 1 x 2 + 1 ≡ 0 (mod p). We know that there are no zero-divisors in Z/pZ, since it is a field, so if a is an integer such that ap−1 ≡ 1 (mod p), we must have a

p−1 2

− 1 ≡ 0 (mod p)

or

a

p−1 2

+ 1 ≡ 0 (mod p).

Thus a is a root of the polynomial xp−1 − 1 ⇐⇒ a is a root of one of the p−1 p−1 polynomials x 2 − 1 or x 2 + 1. We know that each smaller polynomial has at most p−1 2 roots, by Lagrange’s theorem, and we have found that all the quadratic residues are roots of the first polynomial. Since there are exactly p−1 2 quadratic p−1 2 − 1. Hence, the p−1 residues, we have found all the roots of the polynomial x 2 p−1 quadratic non-residues must all be roots of the polynomial x 2 + 1. We have just proved that   p−1 a = −1 =⇒ a 2 ≡ −1 (mod p) p and the proposition is proved.

We now have a way to calculate already proved that 

−1 p

  a p . We will use this in the future. Also, we have

 =

+1 if p ≡ 1 (mod 4) −1 if p ≡ 3 (mod 4),

  √ 42. The arithmetic of Z[ −2] and the Legendre symbol −2 p

169

but we can now prove this fact another way: if p ≡ 1 (mod 4), then p = 1 + 4k for some integer k, and so p−1 2 = 2k is even. Thus we get   This does not say that

−1 p

−1 p

 ≡ (−1)

p−1 2

≡ +1 (mod p).



 = +1, until we notice that since

−1 p



= ±1, saying it

is congruent to +1 (mod p) means it must equal +1. Similarly, if p ≡ 3 (mod 4), then p = 3 + 4k for some integer k, and so p−1 2 = 2k + 1 is odd, and we get 

−1 p

 and this must mean that



−1 p

≡ (−1) 

p−1 2

≡ −1 (mod p),

= −1, as expected.

Exercises 

 2 . You may want to use the fact that 31



 3 . You may want to use the fact that 13



 2 . You may want to use the fact that 41

1. Use Euler’s criterion to calculate 25 ≡ 1 (mod 31). 2. Use Euler’s criterion to calculate 33 ≡ 1 (mod 13). 3. Use Euler’s criterion to calculate 210 = 1024 ≡ −1 (mod 41).

 4. Use Euler’s criterion to show that

ab p

 =

   a b . p p

5. Suppose (using the notation of  Section  29) ordp (a) = p − 1, so a is a prima = −1. Thus primitive roots are never itive root (mod p). Prove that p quadratic residues, and vice versa.

42

√ The arithmetic of Z[ −2] and the Legendre   symbol −2 p

√ We can now √ form a new le carr´e (sorry, “le carr´e neuf”?) for the ring Z[ −2], because Z[ −2] has unique factorization, as was proved in Section 35. Given a prime integer p > 2, we have the four conditions:

170

Chapter 5. Quadratic Residues

√ p is not prime in Z[ −2]

can write p = a2 + 2b2 p ≡??? (mod ???)

−2 is a quadratic residue mod p

√ The two conditions on top are equivalent, as they are equivalent in any ring Z[ d]; this was proved in Exercise 5 in Section 35. If −2 is a quadratic residue (mod p) we have an integer S such that S 2 ≡ −2 (mod p) ⇐⇒ p|(S 2 + 2)√in Z. But√then 2 S 2 +√ 2 = pn for some integer √ n, and we can √ factor S√ + 2 = (S + −2)(S − −2) in Z[ −2], and we in Z[ −2]. But then √ conclude that if √ p|(S + −2)(S − −2) √ or p|(S − −2), because the p is a prime in Z[ −2], we must have p|(S + −2) √ −2] gives us the prime theorem Euclidean algorithm we have proved exists in Z[ √ in Z[ −2]. But just as we proved earlier in Z[i], we have for any integer n √ √ n|(a + b d) in Z[ d] ⇐⇒ n|a and n|b. Thus √ we have a contradiction, since p/|1, so we see that p must not be a prime in Z[ −2]. Also, from Exercise 15 in Section 19 (page 79), we have p can be written as p = a2 + 2b2 =⇒ p ≡ 1, 3 (mod 8). Thus our conditions become

can write p = a2 + 2b2 ⇓ p ≡ 1, 3 (mod 8)

⇐⇒

√ p is not prime in Z[ −2] ⇑ −2 is a quadratic residue mod p

Last time, Wilson’s theorem allowed us to get p ≡ 1 (mod 4) =⇒ −1 is a quadratic residue (mod p), but we can’t use that here. Nor can we (easily) use Euler’s criterion. What can we do? We would like to show that p ≡ 1, 3 (mod 8) ⇐⇒ −2 is a quadratic residue mod p but we can’t (yet). We can prove that p can be written p = a2 + 2b2 =⇒ −2 is a quadratic residue mod p in the same way that we did this for Z[i]: use Exercise 2 in Section 22 (page 88). Thus we do get the equivalence of the three conditions (three corners of le carr´e)

p ≡ 1, 3 (mod 8)

⇐⇒

⇒ ⇐

p can be written as p = a2 + 2b2 ⇓

√ p is not prime in Z[ −2]  

−2 p

 = +1.

To connect the fourth (and easiest) condition to the others, we need another tool.

43. Gauss’s lemma

171

Exercises 1. We can illustrate the four conditions on page 170 in the case p = 41 by writing • 41 = 32 + 2 · 42 in Z. √ √ √ • 41 = (3 + 4 −2)(3 − 4 −2) in Z[ −2]. • 41 = 5 · 8 + 1 or 41 ≡ 1 (mod 8). • 112 ≡ −2 (mod 41). Do the same for p = 73, p = 107, and p = 827.     2. For which primes p is p2 = +1, and for which primes p is p2 = −1? Give your answer in terms of a (simple) mod calculation.

43

Gauss’s lemma

Recall the modified division algorithm, which was introduced in Section 13: for any integers a and b, with b = 0, we know there are unique integers q and r such that a = bq + r

1 1 where − |b| < r ≤ |b|. 2 2

This says that we can divide by b and always get a remainder that is less than or equal to 12 |b| in absolute value. Now suppose p is a positive odd prime, and a is any integer such that p/|a. Then we can write a = pq + r

1 1 where − p < r ≤ p. 2 2

Now p/|a ⇐⇒ r = 0, and 12 p is not an integer, so we can rewrite the condition on r as 1 p−1 0 < |r| < p ⇐⇒ 1 ≤ |r| ≤ . 2 2 Thus any integer a that is not a multiple of p can be written as a ≡ pq + r ≡ r ≡ ±a (mod p), where a is an integer in the set {1, 2, 3, . . . , p−1 2 }. We will make use of that in the following. 5 . We can calculate it if we can evaluate 515 Suppose we want to evaluate 31 (mod 31), but this could be tedious to do. Let’s try a different method: consider the set S = {1, 2, 3, . . . , 15}. Then multiply everything by 5 to get T = 5S: T

= ≡

{5, 10, 15, 20, 25, 30, 4, 9, 14, 19, 24, 29, 3, 8, 13} {5, 10, 15, −11, −6, −1, 4, 9, 14, −12, −7, −2, 3, 8, 13} (mod 31).

172

Chapter 5. Quadratic Residues

What do you notice? We have T

= {−1, −2, 3, 4, 5, −6, −7, 8, 9, 10, −11, −12, 13, 14, 15} ≡ {5 · 1, 5 · 2, 5 · 3, . . . , 5 · 15} (mod 31).

Thus if we multiply everything in T together the six negative signs will cancel and we will get product

= (−1)(−2)(3)(4)(5)(−6)(−7)(8)(9)(10)(−11)(−12)(13)(14)(15) ≡ (5 · 1)(5 · 2)(5 · 3) · · · (5 · 15) (mod 31) 15! ≡ 515 15! (mod 31)   5 1 ≡ 515 ≡ (mod 31). 31 5 = +1 and we can solve x2 ≡ 5 (mod 31). (The solutions are Thus we have 31 clearly x ≡ ±6 (mod 31).) This method will be the basis for our next proposition, often called Gauss’s lemma. Proposition 41 (Gauss’s lemma) Given an odd prime p and an integer such   a that p/|a, we have p = (−1)N where N is the number of negative remainders in the set p−1 a} T = {a, 2a, 3a, 4a, . . . , 2 when the numbers are reduced to their smallest remainder (mod p) (i.e., the remainder, positive or negative, that is closest to zero).

p−1 !. What we need to Proof . The product of the elements of T is clearly a 2 · p−1 2 prove is that when we reduce these numbers to their smallest remainder (mod p), we get each number 1, 2, 3, . . . , p−1 2 exactly once, but with a plus or a minus sign. Thus suppose we have i · a ≡ ±j · a (mod p). Then we can cancel a since p/|a ⇐⇒ a is a unit, and get i ≡ ±j (mod p) p−1 so p|(i∓j). But we have 1 ≤ i ≤ p−1 2 and 1 ≤ j ≤ 2 . Thus 2 ≤ i+j ≤ p−1 so we p−1 cannot have p|(i + j). Thus we must have p|(i − j). But 1 − p−1 2 ≤ i − j ≤ 2 − 1. And the only number in this range that is divisible by p is zero. So we have i−j = 0, so i = j and we have proved that there are no repeats! Thus we get that the product of the elements of T is     p−1 p−1 p−1 !≡a 2 ! (mod p). (−1)N 2 2

and so (−1)

N

≡a

p−1 2

  a ≡ (mod p) p

and again, since each number is ±1 we must have that they are equal.

43. Gauss’s lemma

173

Notice the similarity of this proof to the proof of Euler’s theorem in Section 28. For Euler’s theorem, we multiply a specific unit by all the units, and see that this simply rearranges all the units. For Gauss’s lemma, we multiply a specific unit (in a prime mod) by half of the units, and observe that they are again rearranged, though with changes of signs this time. Such is the genius of Gauss (and of Euler).   Gauss’s lemma allows us to calculate p2 directly, since the numbers are so simple: the set T is T = {2, 4, 6, . . . , p − 1} = {2, 4, 6, . . . , −3, −1} = {−1, 2, −3, 4, . . . , ±

p−1 }, 2

and we need to calculate the number of negative remainders we get. Since we only need to know this number (mod 2), we can calculate the sum 1 + 2 + 3 + 4 + ··· +

p−1 , 2

since each odd number in this sum corresponds to a negative sign in T , and each even number corresponds to a positive sign in T . Thus   2 = (−1)N , p where N = 1 + 2 + 3 + 4 + · · · +

p−1 1 p−1 p+1 p2 − 1 = · · = . 2 2 2 2 8

  p2 −1 2 = (−1) 8 . However, this is inconvenient; generp ally one uses the proposition We have thus proved that

  +1 2 Proposition 42 For p an odd prime integer, = p −1

if p ≡ ±1 (mod 8) if p ≡ ±3 (mod 8).

The proof is left to the reader (see Exercise 3).      −2 −1 2 As a corollary, we can calculate = : p p p • If p ≡ 1 (mod 8), we have • If p ≡ 3 (mod 8), we have • If p ≡ 5 (mod 8), we have • If p ≡ 7 (mod 8), we have

  2 p

  2 p

  2 p

 = +1 and = −1 and = −1 and

  2 p

  

= +1 and

−1 p −1 p −1 p −1 p



 = +1 so



= −1 so



 

= +1 so 

= −1 so



−2 p −2 p −2 p −2 p

 = +1.  = +1.  

= −1. = −1.

174

Chapter 5. Quadratic Residues

We thus have the  Corollary 6 For p an odd prime integer,

−2 p



 =

+1 −1

if p ≡ 1, 3 (mod 8) if p ≡ 5, 7 (mod 8).

Corollary 7 For a prime integer p > 2, we have p can be written as p = a2 + 2b2 

⇐⇒

p ≡ 1, 3 (mod 8)

⇐⇒

√ p is not prime in Z[ −2]    −2 = +1. p

Exercises 1. Calculate



7 11 6 29

using Gauss’s lemma.

using Gauss’s lemma.   +1 if p ≡ ±1 (mod 8) 2 3. Show that = p −1 if p ≡ ±3 (mod 8). √ 4. (a) Write le carr´e for Z[ 2], analogous to le carr´e for Z[i] on page 158. √ (b) Write an analog of Theorem 21 (page 150) for the ring Z[ 2]. Include a characterization of which prime integers split, and which prime integers are inert. √ 5. Write an analog of Theorem 21 for the ring Z[ −2]. Include a characterization of which prime integers split, and which prime integers are inert. 2. Calculate

6. Use Proposition 42 and mimic Exercise 3 in Section 39 to show that there are infinitely many prime integers of the form 8k + 7. 7. Use Corollary 6 and mimic Exercise 3 in Section 39 to show that there are infinitely many prime integers of the form 8k + 3.

44

Calculating the Legendre symbol (easier way)

We want to use Gauss’slemma to calculate Legendre symbols in general. We will  2 do it just as we did for p , by looking at smallest remainders. The greatest integer function, written x , is defined by x = the greatest integer n such that n ≤ x i.e., given an integer n such that n ≤ x < n + 1, we have x = n. We will use this function quite a bit in this section.

44. Calculating the Legendre symbol (easier way)

175

Proposition 43 If p is a positive odd prime, then any integer a can be written as p a ≡ r (mod p) where 0 ≤ r < 2 and

2a

= (−1) p .

We have r = 0 ⇐⇒ p|a. Proof . Using the usual Euclidean algorithm, we know we can write a as a = pq + r

where

0 ≤ r < p.

Then we get 2a = 2pq + 2r where 0 ≤ 2r < 2p 2a 2r 2r = 2q + where 0 ≤ p2 , use r  = p − r so 0 < r  < p2 , and then r  ≡ p − r ≡ −r ≡ (−1) p r (mod p) 2a

so the claim is true in this case also.

We have found a way to calculate when we get positive remainders and when we get negative remainders—this proposition and Gauss’s lemma tell us how to calculate   a p . We will put them together in the following Proposition 44 If p is an odd positive prime in Z, and a is an integer such that p/|a (so that (a, p) = 1), then   p−1 a ≡ a 2 ≡ (−1)S (mod p) p where

+ 2 *

2at p−1

S=

t=1

p

.

176

Chapter 5. Quadratic Residues

This is really just a restatement of Gauss’s lemma, using the modified division algorithm in Proposition 43. Instead of counting negative 5 signs we are adding up using Gauss’s lemma, we odd and even numbers. In fact, when we calculated 31 had the set T = {5, 10, 15, −11, −6, −1, 4, 9, 14, −12, −7, −2, 3, 8, 13}. Now we have the calculation + 2 *

2at

+ 15 *

10t

p−1

t=1

=

p

t=1

*

31

* + * + * + 10 20 30 150 + + + ··· + 31 31 31 31 0+0+0+1+1+1+2+2+2+3+3+3+4+4+4 20.

= = =

+

In this calculation we got odd numbers in exactly the same spots we had negative signs when we applied Gauss’s lemma.   Let’s see an example to illustrate how this allows us to calculate ap . We have 72 ≡ 49 ≡ 20 (mod 29). Thus we know that 20 29 = +1. Let’s calculate it anyway, using Gauss’s lemma and the above rule. For Gauss’s lemma we have T = 20 · {1, 2, 3, . . . , 14}. Multiplying and reducing, we get T = {−9, 11, 2, −7, 13, 4, −5, −14, 6, −3, −12, 8, −1, −10}, and eight negative signs means that

20 29

= +1. On the other hand, we can find

+ 2 *

2at p−1

S=

t=1

p

where a = 20 and p = 29. We thus have

S

=

+ 14 *

40t t=1

*

+

29

* + * + * + 40 80 120 560 = + + + ···+ 29 29 29 29 = 1 + 2 + 4 + 5 + 6 + 8 + 9 + 11 + 12 + 13 + 15 + 16 + 17 + 19 = 138. Since this is even, we know that 20 29 = +1, as expected. Once again we got odd numbers in exactly the spots where we had negative signs using Gauss’s lemma.

44. Calculating the Legendre symbol (easier way)

177

20 4 5 5 A simpler way to calculate 20 29 would be to realize that 29 = 29 29 = 29 , 5 and then use Proposition 44 to calculate 29 : S

=

+ 14 *

10t t=1

*

= = = once again we get

+

29

* + * + * + 10 20 30 140 + + + ··· + 29 29 29 29 0+0+1+1+1+2+2+2+3+3+3+4+4+4 30; 5 an even number, so the answer is 20 29 = 29 = +1.

So this allows us a method of calculation, but it is not much better than just squaring all the numbers in {1, 2, 3, . . . , p−1 2 }. We need something better! First we will get rid of the factor 2 in the sum S: Lemma 12 If p is an odd positive prime in Z, and a is an odd integer such that p/|a, we have p−1 p−1 * * + +

2 2

2at at ≡ (mod 2). p p t=1 t=1

Proof . We will use lattice sums to prove this lemma. Our basic set of points will be those shown in Figure 11, inside the triangle with vertices at the origin, the point (p, 0), and the point (p, a). The line that connects the origin to the point

Figure 11: The points in S (p, a) is the line y = ap x, hence the points we are interested in may be described as the set S = {(x, y) ∈ R2 : x, y ∈ Z, 0 < x < p, 0 < y < ap x}. There are no integer points on the line y = ap x between the points (0, 0) and (p, a), since if x and y are integers and y = ap x, then py = ax, so p|ax, and since p/|a, p|x. But there are no multiples of p between x = 0 and x = p, so no such integral points exist. Now the points in S that have first coordinate t are (t, 1), & 2), (t, 3), . . . , % (t, of them. That for which the second coordinate is less than ap t. There are thus at p

178

Chapter 5. Quadratic Residues

is the connection between the lattice pictures and the sums we have been seeing involved in the calculation of Legendre symbols. We can thus conclude that the p−1 + 2 *

2at sum from Proposition 44, , is the number of points in S with even first p t=1 cooordinate. Those points are marked in white in Figure 12 (left). They fall into

Figure 12: The regions A, B, C and D, before and after transformation four regions marked A, B, C and D. Now note that the points in region B have even x coordinates, but if we fold them over into region A, they will have odd x coordinates, since p − even = odd. Thus after folding region B into region A, we get Figure 12 (right), where all the points in region A are now white. The last thing is for us to see that there are exactly as many white points in region C as in region D, since a point (2r, s) in region C can be folded up into a point (2r, a − s) in region D, and vice versa. So there is an even number of white points in regions C and D; thus we have + 2 *

2at p−1

t=1

p

+ 2 *

at p−1



t=1

(mod 2),

p

as was to be proved. (In the figures given, p = 29 and a = 25, so there are 45 white points in A, 39 black points in A, 39 white points in B, and 45 white points each in C and in D.)

Putting Lemma 12 together with Proposition 44, we get an immediate Corollary 8 If p is an odd positive prime in Z, and a is an odd integer such that p/|a, we have   a = (−1)R p where

* + 2

at p−1

R=

t=1

We now have five ways to calculate

p

.

  31 a p . To illustrate, we will calculate 43 :

44. Calculating the Legendre symbol (easier way)

179

Brute Force: We can calculate {12 , 22 , 32 , . . . , 212 = 441}, reduce them all (mod 43) and see if any is equal to 31. That is 21 calculations. Alternatively, we can calculate 31 ≡ 74 ≡ 117 ≡ · · · (mod 43) and see if any of these is a perfect square integer. The second way we only need to do about 11 calculations, though recognizing perfect squares isn’t always easy. In this case we get 31 ≡ 74 ≡ 117 ≡ 160 ≡ 203 ≡ 246 ≡ 289 (mod 43) and we recognize 289 = 172 so 31 43 = +1. Euler’s Criterion: We need to calculate 3121 (mod 43). There are many ways to calculate this, but notice that 312 ≡ (−12)2 = 144 ≡ 15 (mod 43). Also, 314 ≡ 152 = 225 ≡ 10 (mod 43). Thus 318 ≡ 102 = 100 ≡ 14 (mod 43). Finally, 3116 ≡ 142 = 196 ≡ 24 (mod 43). Hence 3121 = 31 16 · 314 · 31 ≡ 24 · 10 · 31 = 24 · 310 ≡ 24 · 9 = 216 ≡ 1 (mod 43). Therefore 31 43 = +1. Gauss’s lemma: The set T = 31S = {31, 62, . . . , 31·21} can be reduced (mod 43) to T = {−12, 19, 7, −5, −17, 14, 2, −10, 21, 9, −3, −15, 16, 4, −8, −20, 11, −1, − 13, 18, 6}, which has ten negative signs. Hence

31 43

= +1.

Proposition 44: + 21 *

2 · 31x 43

x=1

* =

+ * + * + 62 124 1302 + + ··· + 43 43 43

= 1 + 2 + 4 + 5 + 7 + 8 + 10 + 11 + 12 + 14 + 15 + 17 + 18 + 20 + 21 + 23 + 24 + 25 + 27 + 28 + 30 = 322

so

31 43

= +1.

Corollary 8: + 21 *

31x 43

x=1

* =

+ * + * + 31 62 651 + + ··· + 43 43 43

= 0 + 1 + 2 + 2 + 3 + 4 + 5 + 5 + 6 + 7 + 7 + 8 + 9 + 10 + 10 + 11 + 12 + 12 + 13 + 14 + 15 = 156

so

31 43

= +1.

Exercises 1. Draw a picture of the situation of Lemma 12 with p = 13, a = 11, and verify the counts of the points in the various regions.

180

Chapter 5. Quadratic Residues

2. Repeat the five calculations done at the end of this section to find 3. Repeat the five calculations done at the end of this section to find



7 19

11 23

. .

6 4. Repeat the five calculations done at the end of this section to find 31 . 5. Suppose you had to calculate 65 89 . Which of the five methods used at the end of this section would you use? Does your answer change depending on whether 109 you are allowed to use technology? How about if you had to calculate 331 ? 6. In this exercise, we will get rid of the 2 using algebra rather than geometry (as in Lemma 12). Suppose p is an odd positive prime integer, and a is an odd integer such that p/|a.     p+a 2a 2 (a) Show that = . p p   p+a p2 − 1 2 + = (−1)U where U = (b) Use Proposition 44 to show that p 8 p−1 + 2 *

at . p t=1 p−1 +   2 *

at a R = (−1) where R = . (c) Conclude that p p t=1

45

√ The arithmetic of Z[ −3]

For an odd positive prime that is not 3, we clearly have √ it is possible to write p = a2 + 3b2 ⇐⇒ p is not prime in Z[ −3], and from what we have done earlier it is reasonable to expect that we can relate these two facts to a statement of the form   −3 p ≡ ??? (mod ???) ⇐⇒ −3 is a quadratic residue mod p ⇐⇒ = +1. p In fact, from previous experience, one would think that the modulus on the left is 12. A brute force calculation in Z/12Z then gives us

it is possible to write p = a2 + 3b2 ⇓ p ≡ 1, 7 (mod 12)

⇐⇒

√ p is not prime in Z[ −3] −3 is a quadratic residue mod p

√ 45. The arithmetic of Z[ −3]

181

    3 −3 We continue this process by calculating and using Gauss’s lemma: to p p   3 calculate we have to consider the set p   p−1 . 3, 6, 9, · · · , 3 · 2 We begin this analysis by noting that 0 < a < p2 ⇐⇒ 0 < 3a < 3p 2 . Thus when we reduce these numbers using the modified division algorithm, roughly the first third will give positive remainders, then about one-third will give negative remainders, then the last third (approximately) will give positive remainders. To be concrete, we will get a positive remainder whenever 0 < 3a < p2 , a negative remainder when p2 < 3a < p, and then a positive remainder when p < 3a < 3p 2 . p Thus we may apply Gauss’s lemma by counting how many integers a satisfy 2 < # $ # $ 3a < p ⇐⇒ p6 < a < p3 . The count is thus exactly p3 − p6 . When p = 1 + 12k, $ # 1+12k $ # − = 4k − 2k = 2k, so there is an even number of negative we get 1+12k 3 6   # $ # 5+12k $ 3 − = remainders and we get p = +1. When p = 5 + 12k, we get 5+12k 3 6 4k number of negative remainders and we get  1 − 2k = 2k + 1, so there is an odd  + # 7+12k $ # 7+12k $ 3 = −1. When p = 7+12k, we get − = 4k+2−(2k+1) = 2k+1, p 6  3 so an odd number of −1s and we get p3 = −1. And finally, when p = 11 + 12k, # $ # 11+12k $ we get 11+12k − = 4k 3 6  + 3 − (2k + 1) = 2k + 2, so an even number of negative remainders and we get p3 = +1. Thus   3 = +1 ⇐⇒ p ≡ ±1 (mod 12). p It follows from this that      −1 3 −3 = = +1 ⇐⇒ p ≡ 1, 7 (mod 12) ⇐⇒ p ≡ 1 (mod 6). p p p We now have it is possible to write p = a2 + 3b2

⇐⇒

√ p is not prime in Z[ −3]

⇓ p ≡ 1 (mod 6) ⇐⇒ p ≡ 1, 7 (mod 12)

⇐⇒

−3 is a quadratic residue mod p.

We could also replicate an earlier argument to show that p = a2 + 3b2 =⇒ a2 + 3b2 ≡ 0 (mod p) =⇒ (ab−1 )2 ≡ −3 (mod p)   −3 =⇒ = +1 p and thus get ⇐⇒

p ≡ 1 (mod 6) ⇐⇒ p ≡ 1, 7 (mod 12)

⇐⇒

√ p is not prime in Z[ −3]

=⇒

it is possible to write p = a2 + 3b2 ⇓

−3 is a quadratic residue mod p

182

Chapter 5. Quadratic Residues

√ but we are now stuck, because Z[ −3] does not have a division algorithm and in fact we have shown by counterexample that the prime theorem does not hold, and that is the avenue by which we have gone from the bottom to the top before. Numerical experimentation may convince you that it is indeed true that p ≡ 1 (mod 6) ⇐⇒ p can be written as p = a2 + 3b2 , but that is far from a proof. How can we rectify this?

Exercises 31 −12 1. Calculate 31 43 via 43 = 43 . Compare with the calculations at the end of Section 44. √ √ 2. The√only primes in Z[ −3 √ with even√norms are 2, p = 1 + −3 and q = 1 − −3. Thus if z = a + b −3 ∈ Z[ −3] is divisible by any of these three primes, N (z) must be even. Give conditions on a and b for when 2|z, when √ p|z, and when q|z in Z[ −3]. 3. Does the table in Exercise 5 in Section 2 (page 6) solidify the claim that p ≡ 1 (mod 6) ⇐⇒ p can be written as p = a2 + 3b2 ? Demonstrate that this claim is correct for the primes 101, 103, 107, and 109.     4. For which primes p is p6 = +1, and for which primes p is p6 = −1? Give your answer in terms of a (simple) mod calculation.

46

The arithmetic of Z[ρ]

√ As we have seen in Exercise 21 in Section 5 (page 25), Z[ −3] ⊆ Z[ρ]. In fact, Exercise 21b implies that geometrically, what we have done to produce Z[ρ] is to √ take the rectangular lattice of Z[ −3] and added a single point inside each rectangle of the lattice. In fact, that point is the center of the rectangle, and we then get a lattice based on equilateral triangles; see Figure 13. We will now show that Z[ρ] does have a division algorithm and a version of the prime theorem. The proper statement of the division algorithm in Z[ρ] follows. Proposition 45 If z and w = 0 are elements of Z[ρ], then there are elements of Z[ρ] q = q1 + q2 ρ and r = r1 + r2 ρ (not necessarily unique), with z =w·q+r and 0 ≤ N (r) ≤ 13 N (w). This should be provable by algebra, calculus, or geometry, and the last two approaches are sketched in the exercises. Unfortunately, an algebraic proof has been elusive (to me). We will use algebra to prove the weaker statement that “there exist elements of Z[ρ] q and r with z = w · q + r and 0 ≤ N (r) ≤ 34 N (w).” (This is all we need, but it is misleading; in particular, it says that we might need as many

46. The arithmetic of Z[ρ]

183

√ Figure 13: The lattices Z[ −3] and Z[ρ]

as eighteen steps to reduce the norm by a factor of 200, when in fact at most five steps are needed.) √ Proof . As we did with the division algorithm in a general Z[ d], we start with a calculation: if we try to divide a + bρ by c + dρ we will get a + bρ (a + bρ)(c + dρ2 ) (ac + bd − ad) + (bc − ad)ρ = = = (q1 + q2 ρ) + ( 1 + 2 ρ), c + dρ (c + dρ)(c + dρ2 ) N (w) where q = q1 + q2 ρ ∈ Z[ρ], r = r1 + r2 ρ = (c + dρ)( 1 + 2 ρ) is also in Z[ρ], and | 1 | ≤ 12 and | 2 | ≤ 12 . Now N (r) = N (c + dρ)N ( 1 + 2 ρ) = N (w)( 21 − 1 2 + 22 ), and the largest 21 − 1 2 + 22 could be is 14 + 14 + 14 = 34 . Thus z = w · q + r with N (r) ≤ 34 N (w) and we are done.

For a prime integer p > 3, we thus get: 

−3 p

 = +1 =⇒ p|(s2 + 3) = (s +



−3)(s −

√ −3).

√ √ Now ρ = − 12 + 12 −3, so −3 = 2ρ + 1. Furthermore, p(r + sρ) = (pr) + (ps)ρ, so p|(e + f ρ) ⇐⇒ p|e and p|f . Thus p|(s +



−3)(s −

√ −3) =⇒ p|(s + 1 + 2ρ)(s − 1 − 2ρ),

but p/|2 =⇒ p/|(s + 1 + 2ρ) and p/|(s − 1 − 2ρ) (all divisibility statements are statements in Z[ρ]). The prime theorem (which holds in Z[ρ], because it follows from the Euclidean algorithm) thus implies that p is not prime in Z[ρ]. Thus we

184

Chapter 5. Quadratic Residues

have proved that for a prime integer p > 3 it is possible to write p = a2 − ab + b2 ⇓ p ≡ 1 (mod 6) ⇐⇒ p ≡ 1, 7 (mod 12)

⇐⇒ ⇐⇒

p is not prime in Z[ρ] ⇑ −3 is a quadratic residue mod p

and it follows that for a prime integer p > 3 we get the full le carr´e: it is possible to write p = a2 − ab + b2  p ≡ 1 (mod 6) ⇐⇒ p ≡ 1, 7 (mod 12)

⇐⇒ ⇐⇒

p is not prime in Z[ρ]  −3 is a quadratic residue mod p.

Thus an integer prime p > 3 that is 1 (mod 6) is factorable in Z[ρ]. Unfortunately, √ being factorable in Z[ρ] does not imply being factorable in the smaller ring Z[ −3]. Can we fix this small discrepancy? Note that p = (a + bρ)(c + dρ) ⇐⇒ ac − bd = p, bc + ad − bd = 0 √ and using ρ = − 12 + 12 −3 implies that    d d√ b b√ −3 c− + −3 . p = (a + bρ)(c + dρ) = a − + 2 2 2 2 √ Thus we have factored p in Z[ −3] if b and d are both even. What if one or both of them are odd? If (without loss of generality) b is odd and d is even, then ac = p + bd is odd, so a and c are both odd. But then 0 = bc + ad − bd ≡ 1 + 0 − 0 ≡ 1 (mod 2), which is impossible. On the other hand, if both b and d are odd, then bd is odd, and then ac = p + bd is even, so at least one of a and c must be even. In addition, since b ≡ d ≡ 1 (mod 2), we get 0 = bc + ad − bd ≡ c + a + 1 (mod 2), so c + a ≡ 1 (mod 2), and we may assume without loss of generality that a is odd and c is even. But then p = = = = =

(a + bρ)(c + dρ) ρ3 (a + bρ)(c + dρ) ρ(a + bρ) · ρ2 (c + dρ) (aρ + bρ2 ) · (cρ2 + d) (−b + (a − b)ρ) · (d − c − cρ),

and now the coefficients of ρ are both even, so this is a factorization of p into two √ elements of Z[ −3]! We have thus √ proved a lemma: a prime integer p is not prime in Z[ρ] ⇐⇒ p is not prime in Z[ −3]. An example of this is 7 = = = = =

(3 + ρ)(2 − ρ) ρ(3 + ρ) · ρ2 (2 − ρ) (3ρ + ρ2 ) · (2ρ2 − 1) (−1 + 2ρ) · (−3 − 2ρ) √ √ (−2 + −3) · (−2 − −3).

46. The arithmetic of Z[ρ]

185

√ We thus have used the arithmetic and the geometry of Z[ρ] ⊇ Z[ −3] to conclude that for any prime p > 3, we have

it is possible to write p = a2 + 3b2  p ≡ 1 (mod 6) ⇐⇒ p ≡ 1, 7 (mod 12)

⇐⇒ ⇐⇒

√ p is not prime in Z[ −3]  −3 is a quadratic residue mod p.

√ √ √ It turns out that something similar can be done for Z[ 5], Z[ −7] and Z[ −11].   √ √ The rings Z[ 5] and Z 1+2 5 are explored in Project G; as subrings of R, these may be more comfortable rings for you to explore, is hard to deal √ √ but the geometry −7] and Z[ −11] form rectangular with. On the other hand, the complex rings Z[ √ √ like the lattices in the plane, just as Z[ −3] does. Just as Z[ −3] looked √Gaussian √ integers, but stretched in the vertical direction, so too do Z[ −7] and Z[ −11]; see Figures 14 and 15. The comparisons and contrasts between these rings are explored in the exercises.

  √ √ Figure 14: The lattices Z[ −7] and Z −1+2 −7

Exercises √ 1. Factor 13 into primes in Z[ρ] and in Z[ −3]. √ 2. Factor 19 into primes in Z[ρ] and in Z[ −3]. √ 3. Factor 155 into primes in Z[ρ] and in Z[ −3].

186

Chapter 5. Quadratic Residues

  √ √ Figure 15: The lattices Z[ −11] and Z −1+2 −11 4. Factor 20 + 31ρ into primes in Z[ρ]. √ √ 5. Factor 20 + 31 −3 into primes in Z[ −3] and in Z[ρ]. √ √ 6. Factor 83 + 13 −3 into primes in Z[ −3] and in Z[ρ]. √ 7. In Exercise 3 on√page 143 you were asked to find √ the GCD of a = 16 + 25 −3 and b = 18+22 −3 using the arithmetic of Z[ −3]. The Euclidean algorithm took eight steps and the norms of the remainders were 652, 49, 36, 25, 16, 9, 4, and 1. What happens when you use the Euclidean algorithm in Z[ρ] to do the same problem? Find the amazing array for ab and solve ax + by = (a, b) for x and y in Z[ρ]. 8. The prime 241 is in the form 1 (mod 6). Show that it can be written as 241 = a2 + 3b2 as well as in the form 241 = c2 − cd + d2 . Are your solutions unique (up to sign)? 9. The prime 439 is in the form 1 (mod 6). Show that it can be written as 439 = a2 + 3b2 as well as in the form 439 = c2 − cd + d2 . Are your solutions unique (up to sign)? 10. Use le carr´e above and mimic Exercise 3 in Section 39 to show that there are infinitely many primes of the form 6k + 1. 11. Write an analog of Theorem 21 for the ring Z[ρ]. Include a characterization of which prime integers split, and which prime integers are inert. √ 12. Write an analog of Theorem 21 for the ring Z[ −3]. Include a characterization of which prime integers split, and which prime integers are inert.

46. The arithmetic of Z[ρ]

187

13. The powers of ρ are ρ0 = 1, ρ1 = ρ, ρ2 = −ρ − 1, ρ3 = 1, and so on; they repeat in a cycle of three, since ρ3 = 1. On the other hand, the powers of the golden ratio, ω, obey the rule ω k+1 = Fk + Fk+1 ω, where Fk is the kth Fibonacci number (see Exercise 12, page 24 for a definition). (a) Show that ω k+1 = Fk + Fk+1 ω, where Fk is the kth Fibonacci number. √ √ −1 + −7 (b) In analogy with ρ, define θ = , and show that Z[θ] ⊇ Z[ −7]. 2 Then find the first eight powers of θ in the form θ k = ak θ + bk . Do you see a pattern to the ak s or the bk s? √ √ −1 + −11 (c) Now define η = , and show that Z[η] ⊇ Z[ −11]. Then find 2 the first eight powers of η in the form η k = ck η + dk . Do you see a pattern to the ck s or the dk s? √ √ √ 14. In Z[ −7], 8 = (1 + −7)(1 − −7) = 23 is an example of a number that has more than one factorization into primes. √ √ √ (a) Show that 1 + −7, 1 − −7, and 2 are all primes in Z[ −7]. (b) Factor 8 into primes in Z[θ]. 15. In Z[i], the multiples of w form a square lattice, and it was relatively easy to use geometry to see that the largest possible norm of a remainder was 1 2 the norm of w. For Z[ρ] the corresponding picture is a rhombus, and the calculations involved are rather more complicated. Figure 16 shows four multiples of w: w · (q1 + q2 ρ), w · ((q1 + 1) + q2 ρ), w · (q1 + (q2 + 1)ρ), and w·((q1 +1)+(q2 +1)ρ). When z lies inside this rhombus, one of these multiples should be chosen so as to minimize the norm of the remainder: in region III choose w ·(q1 +q2 ρ), in region II choose w ·(q1 +(q2 +1)ρ), etc. The two points where three regions meet give the largest possible remainder; they 1 0 correspond, in the notation given in the proof on page 183, to { 1 , 2 } = 13 , 23 , which corresponds to a norm (for i + j ρ) of 4−2+1 = 39 = 13 . Your goal in this 9 problem is to justify all these statements, thus proving that Z[ρ] has a division algorithm. (a) Verify that the points in Figure 17 are labeled correctly in terms of 1 and 2 . (b) Write down inequalities on 1 and 2 that describe each of the areas I, II, III, and IV. For example, the inequalities that describe the rhombus itself are 0 ≤ 1 ≤ 1 and 0 ≤ 2 ≤ 1. (c) Use geometry (recall that the norm in Z[ρ] corresponds to geometric 1 length, squared) to show that the largest possible norm

(which is 3 ) 1 2 2 1 occurs at the points ( 1 , 2 ) = 3 , 3 and ( 1 , 2 ) = 3 , 3 . (d) Use multivariable calculus (or algebra? or anything else) to show that the function f ( 1 , 2 ) = 21 − 1 2 + 22 attains its maximum

value in Region III at the points ( 1 , 2 ) = 13 , 23 and ( 1 , 2 ) = 23 , 13 . (e) Use multivariable calculus (or algebra? or anything else) to show that the function f ( 1 , 2 ) = (1 − 1 )2 − (1 − 1 )(1 − 2 ) + (1 − 2 )2 attains

its maximum in Region IV at the points ( 1 , 2 ) = 13 , 23 and

2 1value ( 1 , 2 ) = 3 , 3 .

188

Chapter 5. Quadratic Residues

Figure 16: Multiples of w in Z[ρ]

Figure 17: Coordinates in terms of 1 and 2

46. The arithmetic of Z[ρ]

189

(f) Use multivariable calculus (or algebra? or anything else) to show that the function f ( 1 , 2 ) = (1 − 1 )2 − (1 − 1 ) 2 + 22 attains its maximum value in Region I at the point ( 1 , 2 ) = 23 , 13 . (g) Use multivariable calculus (or algebra? or anything else) to show that the function f ( 1 , 2 ) = 21 − 1 (1 − 2 ) + (1 − 2 )2 attains its maximum value in Region II at the point ( 1 , 2 ) = 13 , 23 . You may find Figure 18 helpful to think about as you work on this problem; it shows four parallelograms surrounding the point w · (q1 + q2 ρ), rather than just one parallelogram. The reasons for the strange shapes shown in Figure 17 are perhaps clearer now.

Figure 18: Coordinates in terms of 1 and 2 16. Using the definitions in Exercise 13, we know that given two elements of the ring Z[θ], z and w, with w = 0, then we can find q ∈ Z[θ] and = 1 + 2 θ ∈ Q[θ], such that wz = q + and so if we define r = w , we have z = qw + r. We would like to assert that N (r) < N (w); this will show that Z[θ] has a division algorithm. (a) Using algebra, show that since | 1 | ≤ 12 and | 2 | ≤ 12 , N (r) < N (w). You may want to use two cases: one where 1 = 12 = 2 , and all other situations. (b) Use Figure 19 to show that in fact N (r) ≤ 47 N (w). Here points A, B, √ C, and D form a rectangle as elements of Z[ −7] which are multiples of w, E ∈ Z[θ] lies at the center of that rectangle, and point P is the worst possible case, the point equidistant from points A, D, and E. In analogy with Figure 18, Figure 20 shows how four parallelograms with corners at elements of Z[θ] join to form a hexagonal region closest to one multiple of w. 17. Exercise 16 showed that Z[θ] has a division algorithm and thus has unique factorization. Write an analog of Theorem 21 (page 150) for the ring Z[θ].

190

Chapter 5. Quadratic Residues

√ Figure 19: Geometry of Z[ −7] and Z[θ]

√ Figure 20: Geometry of Z[ −7] and Z[θ]

46. The arithmetic of Z[ρ]

191

Include a characterization of which prime integers split, and which prime integers are inert. 18. Factor 23 + 31θ into primes in Z[θ]. 19. Factor 27 − 37θ into primes in Z[θ]. 20. Suppose p is a prime integer, p = 2, p = 7, and p factors non-trivially in Z[θ] (defined in Exercise 13). (a) Show that p can be written as p = a2 − ab + 2b2 . (b) Show that a is odd. (c) Show that a is odd =⇒ b is even.

√ (d) Conclude that p can be factored non-trivially in Z[ −7]. (e) Write down le carr´e for Z[θ]. Then demonstrate how each of the four statements applies specifically to the primes p = 79, 277, and 617 (see Exercise 1 on page 160 if you need an example). √ (f) Write down le carr´e for Z[ −7]. Then demonstrate how each of the four statements applies specifically to the primes p = 79, 277, and 617 (see Exercise 1 on page 160 if you need an example). 21. Using the definitions in Exercise 13, we know that given two elements of the ring Z[η], z and w, with w = 0, then we can find q ∈ Z[η] and = 1 + 2 η ∈ Q[η], such that wz = q + and so if we define r = w , we have z = qw + r. We would like to assert that N (r) < N (w); this will show that Z[η] has a division algorithm. An algebraic proof is elusive, but using geometry we can prove it. 9 N (w). Here points A, B, C, and Use Figure 21 to show that in fact N (r) ≤ 11 √ D form a rectangle as elements of Z[ −11] that are multiples of w, E ∈ Z[η] lies at the center of that rectangle, and point P is the worst possible case, the point equidistant from points A, D, and E. In analogy with Figure 18,

√ Figure 21: Geometry of Z[ −11] and Z[η] Figure 22 shows how four parallelograms with corners at elements of Z[η] join to form a hexagonal region closest to one multiple of w. 22. Exercise 21 showed that Z[η] has a division algorithm and thus has unique factorization. Write an analog of Theorem 21 (page 150) for the ring Z[η]. Include a characterization of which prime integers split, and which prime integers are inert.

192

Chapter 5. Quadratic Residues

√ Figure 22: Geometry of Z[ −11] and Z[η] 23. Factor √ 27 − 34η into primes in Z[η]. Also factor 27 − 34η into primes in Z[ −11]. 24. Factor √ 35 + 114η into primes in Z[η]. Also factor 35 + 114η into primes in Z[ −11]. √ 25. The relationship between √is not as simple as that √ the rings Z[η] and Z[ −11] between Z[ρ] and Z[ −3], or between Z[θ] and Z[ −7]. In particular, we have primes like 31 that can be written as 31 = a2 − ab + 3b2 but cannot be written as 31 = c2 + 11d2 . In fact, odd primes p = 11 now fall into one of three categories: p can be written both ways 47, 53, 103, 163, 199, 257, 269, 311, 397, 401, 419, 421, 499, 587, 599, 617, 683, 757, 773, 863, 883, 907, 911, 929, 991, 1021, . . .

p = a2 − ab + 3b2 , p = c2 + 11d2 3, 5, 23, 31, 37, 59, 67, 71, 89, 97, 113, 137, 157, 179, 181, 191, 223, 229, 251, 313, 317, . . .

p can’t be written either way 7, 13, 17, 19, 29, 41, 43, 61, 73, 79, 83, 101, 107, 109, 127, 131, 139, 149, 151, 167, 173, . . .

(a) Suppose p is a prime integer, p = 2, p = 11, and p factors non-trivially in Z[η] (defined in Exercise 13). Show that p can be written as p = a2 − ab + 3b2 . (b) Write down le carr´e for Z[η]. Then demonstrate how each of the four statements applies specifically to the primes p = 53, 179, and 313 (see Exercise 1 on page 160 if you need an example). √ (c) Write down le carr´e for Z[ −11] (“le carr´e manqu´e”? There will not be four double implications for this le carr´e). Then demonstrate how each of the four statements applies specifically to the primes p = 53, 251, and 401 (see Exercise 1 on page 160 if you need an example). √ √ 26. Building on Exercises 21 and 25, note that 1 + 2 −11 ∈ Z[ −11] has norm 45 = 32 · 5. √ √ √ (a) Show that 1 + 2 −11, 1 − 2 −11, 3, and √ 5 are all primes in Z[ −11], so that 45 is an example of an element in Z[ −11] which has two different factorizations into primes. √ (b) Factor 1 + 2 −11 = 3 + 4η into primes in Z[η].

47. Calculating the Legendre symbol (easiest way)

193

√ (c) Factor 1 − 2 −11 = −1 − 4η into primes in Z[η]. (d) Factor 45 into primes in Z[η]. √ √ 27. (a) Factor −4 + 15 −11 into primes in Z[ −11]. √ (b) Factor −4 + 15 −11 = 11 + 30η into primes in Z[η]. (c) What is the connection between the answers in parts (a) and (b)?

47

Calculating the Legendre symbol (easiest way)

Finally, we state and prove the lemma: Lemma 13 If p and q are positive odd integers such that (p, q) = 1, we have + 2 *

qx p−1

x=1

p

+ 2 *

py



q−1

+

y=1

q

=

p−1 2



q−1 2

 .

Proof . Let’s graph the point (p, q) and look at the rectangle defined by 0 < x < p2 ,

Figure 23: Lemma 13 in the case p = 23, q = 17 0 < y < q2 (outlined in dashed lines in Figure 23). We want to count the number of integer points in this rectangle. Hence we must count the points (x, y) such that x and y are integers and 0 0 we would have a contradiction of the definition of ordp (a) as the smallest positive power of a that gives 1. Thus we must have r = 0, so ordp (a)|k. k

ordp (a)q+r

ordp (a) q

r

Lemma 16 Suppose a, b ∈ Z/mZ for some positive integer m, and suppose r = ordm (a), s = ordm (b), with (r, s) = 1. Then ordm (a · b) = r · s. That is, the order of a product is the product of the orders, if those orders are relatively prime. Proof . Let ordm (a · b) = t. Clearly (a · b)rs ≡ (ar )s · (bs )r ≡ 1 (mod m), so by the last lemma we have t|rs. But we also have 1 ≡ ((a·b)t )s ≡ ats ·(bs )t ≡ ats (mod m), so r|ts by the previous lemma. It follows that r|t, since (r, s) = 1. Similarly, it can be shown that s|t (by considering ((a · b)t )r ). Another use of the fact that (r, s) = 1 shows that rs|t. And thus we have that r · s = t, which was to be proved.

t e Proof of Theorem. Now let p − 1 = j=1 qj j = q1e1 q2e2 q3e3 · · · qtet be the prime factorization of p − 1. Consider the polynomial f (x) = xp−1 − 1 ∈ Z/pZ[x]. By Fermat’s little theorem, we know that f has roots 1, 2, 3, . . . , p − 1. By Lagrange’s theorem f has at most pe − 1 roots, so this must be all of them. Now consider the j polynomial gj (x) = xqj − 1 in Z/pZ[x]. By Lemma 14, there is a polynomial Pj such that gj (x)Pj (x) = f (x). Thus any root of gj is a root of f , and Pj has e e degree p − 1 − qj j . By Lagrange’s theorem, gj has at most qj j roots, and Pj has e at most p − 1 − qj j roots. But f has p − 1 roots and there are no zero-divisors e in Z/pZ, so of these p − 1 roots, exactly qj j of them must be roots of gj (the rest ej

being roots of Pj ). Now consider the roots of gj . Each of them satisfies r qj ≡ 1 e e (mod p), so each one has an order that divides qj j . The only divisors of qj j are of e the form qjs , 0 ≤ s ≤ ej . If every root of gj had order strictly less than qj j , then each e −1

order would divide qj j

e

ej −1

, and we would have qj j roots for the polynomial xqj

−1,

e −1 which has at most qj j roots by Lagrange’s theorem. Thus there must exist exactly e e −1 e e qj j − qj j = ϕ(qj j ) elements of (Z/pZ)× that have order exactly qj j . Proceeding

in this fashion with each of the primes q1 , q2 , q3 , . . . , qt , we see that there are ϕ(qkek ) elements of (Z/pZ)× with order qkek for each k, 1 ≤ k ≤ t. We can therefore use Lemma 16 to produce exactly ϕ(q1e1 )ϕ(q2e2 ) · · · ϕ(qtet ) = ϕ(p − 1) elements of (Z/pZ)× of order q1e1 q2e2 q3e3 · · · qtet = p − 1; namely, the products. These products are the sought-for primitive roots. We have thus shown (in a semi-constructive fashion) that for primes p, (Z/pZ)× always has ϕ(p − 1) primitive roots. The fact that each of these products is different from all the others is left to the reader (see Exercise 7).

49. When Z/nZ has a primitive root

205

As an illustration, let’s find a primitive root of 109. We have ϕ(109) = 108 = 22 ·33 ; thus we seek two elements, one of order 4 and the other of order 27. We start by finding the order of 2, because 2 is small and therefore easy to calculate with. The powers of 2 (mod 109) are 2, 4, 8, 16, 32, 64, 128 = 19, 38, 76, 152 = 43, 86 = −23, −46, −92 = 17, 34, 68, 136 = 27, 54, 108 = −1, and then it is clear we will get the additive inverses until we get 236 = 1. Thus ord109 (2) = 36. We can get a unit of order 4 by raising 2 to the ninth power: ord109 (29 ) = ord109 (76) = 4. If we do the same with 3 we get 3, 9, 27, 81 = −28, −84 = 25, 75, 225 = 7, 21, 63, 189 = −29, −87 = 22, 66, 198 = −20, −60, −180 = 38, 114 = 5, 15, 45, 135 = 26, 78, 234 = 16, 48, 144 = 35, 105 = −4, −12, −36, −108 = 1. So ord109 (3) = 27. And thus by our theorem we know that ord109 (76 · 3) = ord109 (10) = 108, so 10 is a primitive root modulo 109. Let’s try again in (Z/151Z)× . Then ϕ(151) = 150 = 2 · 3 · 52 . The powers of 2 are 2, 4, 8, 16, 32, 64, 128 = −23, −46, −92 = 59, 118 = −33, −66, −132 = 19, 38, 76, 152 = 1, so ord151 (2) = 15. The powers of 3 are 3, 9, 27, 81, 243 = −59, −177 = −26, −78 = 73, 219 = 68, 204 = 53, 159 = 8, 24, 72, 216 = 65, 195 = 44, 132 = −19, −57, −171 = −20, −60, −180 = −29, −87 = 64, 192 = 41, 123 = −28, −84 = 67, 201 = 50, 150 = −1, etc., so ord151 (3) = 50. Thus ord151 (9) = 25, and ord151 (32) = 3. In any modulus, we have ordp (−1) = 2, and so we may use this to see that ord151 (−1 · 9 · 32) = ord151 (14) = 150, so 14 is a primitive root modulo 151. It is, of course, easily checked that (Z/2Z)× and (Z/4Z)× have primitive roots. How can we show that we get primitive roots not just when the modulus is a prime p but also when the modulus is a prime power pm (where p is odd and m ∈ N)? Here our theorem about lifting roots (see Theorem 13 on page 106) is a key tool. Given a prime power pm , p odd, we seek r ∈ Z/pm Z with order ϕ(pm ), that is, for m which r ϕ(p ) ≡ 1 (mod pm ), but r k ≡ 1 (mod pm ) for smaller powers k. We know that ϕ(pm ) = pm−1 (p − 1), and since (pm−1 , p − 1) = 1, we will work on each term separately (and then use Lemma 16 to find the r that we seek). We will start by showing that an element of order pm−1 exists. For technical t reasons, we turn our attention to the polynomial g(x) = xp − 1; we will specify t later. Once again, we start with Z/pZ and see if we can lift any roots we find up to Z/pm Z. In this case, we use Corollary 4 to Fermat’s little theorem (page 117). That corollary tells us that raising elements of Z/pZ to the pth power has no effect, t and thus if we do that t times, we see that ap = (· · · (((ap )p )p ) · · · )p ≡ a (mod p) t for any integer. Thus we see that the only root of g(x) = xp − 1 in Z/pZ is the t number 1 itself. Moreover, g  (1) = pt (1)p −1 ≡ 0 (mod p), and since 1 is a root of g(x) in any modulus, we see that 1 splits into p roots in Z/p2 Z: namely the roots x = 1, 1 + p, 1 + 2p, . . . , 1 + (p − 1)p. What happens at the next step, when we try to raise these roots to Z/p3 Z? Well, the derivative is still 0 (mod p), so we have to see whether the roots we have, which are roots in Z/p2 Z, are still roots of the polynomial g(x) in Z/p3 Z. We calculate 1 g(1 + kp) = g(1) + (kp)g  (1) + (kp)2 g  (1) + · · · ≡ g(1) ≡ 0 (mod p3 ), 2 since all the formal derivatives are divisible by pt , and thus we get zero (so long as t ≥ 2). In fact, we claim that this situation obtains at all levels up to pt : suppose r

206

Chapter 6. Further Topics

is a root of g(x), (mod pj ), with j ≤ t. Then we know r = 1 + kp for some integer k, and 1 g(r) = g(1 + kp) = g(1) + (kp)g  (1) + (kp)2 g  (1) + · · · ≡ g(1) ≡ 0 (mod pj+1 ) 2 since each term after the first has at least t + 1 ≥ j + 1 ps in it. Thus the roots keep splitting as we move upwards, and we have pt roots of g in Z/pt+1 Z. Now suppose we go one step further, to Z/pt+2 Z. If r is a root of g(x) (mod pt+1 ), then we see t that again g  (r) ≡ pt (t)p −1 ≡ 0 (mod p), but now 1 g(r) = g(1 + kp) = g(1) + (kp)g  (1) + (kp)2 g  (1) + · · · ≡ g(1) + (kp)pt 2 ≡ kpt+1 (mod pt+2 ). Thus roots will only lift if p|k, so all the roots of the form 1 + jp2 (of which there are pt−1 ) split into p roots each in Z/pt+2 Z; all the other roots don’t lift at all. So we end up with pt roots of g(x) in Z/pt+2 Z. The payoff to all of these calculations is this: in Z/pm Z we know we have pm−1 m−1 roots of the polynomial xp − 1. However, these roots may not have order pm−1 ; the order of any particular root could be smaller. But now (here we are using the same reasoning we used in the proof of Theorem 29), any order of such a root must divide pm−1 , and so in fact any order smaller than pm−1 will be a divisor of pm−2 . m−1 − 1 that does not have order pm−1 Thus any root of the polynomial f (x) = xp m−2 p will be a root of the polynomial g(x) = x − 1. But there are only pm−2 roots m−1 roots. Thus there must be pm−1 − pm−2 = ϕ(pm−1 ) roots of of g, while f has p m−1 . We will use them to build our primitive roots modulo pm . f that have order p So now we try to find an element of order p−1, by looking at roots of the polynomial q(x) = xp−1 −1. Clearly there are p−1 roots of this polynomial in Z/pZ, by Fermat’s little theorem, and these roots are all prime to p. Now q  (x) = (p − 1)xp−2 , so q  (u) ≡ 0 (mod p) for any of the units in Z/pZ, so each of these roots lifts uniquely up to Z/p2 Z, and then up to Z/p3 Z, etc., all the way to Z/pn Z. Thus the polynomial q(x) has exactly p − 1 roots in Z/pm Z; in fact, all these roots are units in Z/pm Z, since they each lifted from a unit in Z/pZ, and thus each root is relatively prime to p. Once again we face the issue of whether these units have order p − 1, or some smaller number (which necessarily divides p − 1, by Lemma 15). And here we are going to wave our hands a little. (That’s what mathematicians say when they are going to sketch a proof and skip some important details.) Everything we have said above about roots of q(x) = xp−1 − 1 is true of roots of s(x) = xd − 1, with d|p − 1. Using this fact repeatedly, we can see that the number of units of order d, with d|(p − 1), stays the same as we lift from Z/pZ to Z/p2 Z, to Z/p3 Z, etc. Since there are ϕ(p − 1) roots of q(x) with order p − 1 in Z/pZ (namely, the primitive roots modulo p), and they each lift uniquely at each level, we end up with ϕ(p − 1) units of order p − 1 in Z/pn Z. Multiplying the ϕ(pm−1 ) elements of order pm−1 by the ϕ(p − 1) elements of order p − 1 gives us exactly ϕ(pm−1 )ϕ(p − 1) = ϕ(pm−1 (p − 1)) = ϕ(ϕ(pm )) elements of order pm−1 (p − 1) = ϕ(pm ), namely, the primitive roots modulo pm . We have thus (mostly) proven the

49. When Z/nZ has a primitive root

207

Proposition 47 Let p > 0 be an odd prime. Then there exist exactly ϕ(ϕ(pm )) units r ∈ (Z/pm Z)× such that ordp (r) = ϕ(pm ). In other words, Z/pm Z has ϕ(ϕ(pm )) primitive roots modulo pm . As an illustration, consider Table 7, which shows how many elements of the specified orders each ring has. Notice that the numbers of elements of orders dividing 12 = p − 1 don’t change at any level. ring\order Z/13Z Z/132 Z Z/133 Z Z/134 Z

1 1 1 1 1

2 1 1 1 1

3 2 2 2 2

4 2 2 2 2

6 2 2 2 2

12 4 4 4 4

13 0 12 12 12

132 0 0 156 = 12 · 13 156 = 12 · 13

133 0 0 0 2028 = 12 · 132

Table 7: Table of significant orders occurring in the rings Z/13k Z Finally, this leads to the following Theorem. Theorem 30 The ring Z/mZ has a primitive root ⇐⇒ m = 2, m = 4, m = pk where p is an odd prime and k ∈ N, or m = 2pk where p is an odd prime and k ∈ N. Proof . See Exercises 10 and 11.

Exercises 1. Find a primitive root modulo 25. 2. Find a primitive root modulo 125. 3. Find a primitive root modulo 49. 4. Find all the primitive roots modulo 25. 5. Find all the primitive roots modulo 27. 6. Given that 10 is a primitive root modulo 109, find all the other primitive roots modulo 109. 7. Suppose a, b, c and d ∈ (Z/mZ)× for some positive integer m, and suppose r = ordm (a) = ordm (b) and s = ordm (c) = ordm (d), with (r, s) = 1. Show that ac ≡ bd

(mod m) ⇐⇒ (a ≡ b

(mod m) and c ≡ d (mod m)).

8. Where does the proof of Proposition 47 break down if p = 2? 9. Suppose r  is a primitive root modulo p, where p is an odd prime integer. r Show that = −1. (This can be a quick way to eliminate a candidate for p being a primitive root modulo p.)

208

Chapter 6. Further Topics

10. State and prove a proposition about the existence of primitive roots modulo 2pm , where p is an odd prime. Note that ϕ(2pm ) = ϕ(pm ). 11. (a) Prove that if m = 2j and j ≥ 3, then there are no primitive roots modulo m. (b) Prove that if p is an odd prime and m = 2j pk where j ≥ 2, then there are no primitive roots modulo m. (c) Prove that if there exist two distinct odd primes, p and q, such that pq|m, then there are no primitive roots modulo m.

50

Minkowski’s theorem (geometry in the aid of algebra)

Hermann Minkowski devised a very interesting geometric approach to the question of deciding when a prime integer can be written as a sum of squares (p = a2 + b2 ) or other forms like p = a2 + 2b2 , p = a2 + 3b2 , p = a2 − ab + b2 , etc. The approach rests on Proposition 48 Let L be the square lattice defined by L = {(a, b) ∈ R2 : a and b are in Z}. Let R be a convex region, symmetric about the origin. Suppose the area of R is greater than 4. Then R contains at least one element of L that is not the origin. Examples of convex regions R, symmetric about the origin are given in Figure 24. (A geometric region R is convex if, given any two points in R, the entire line segment joining the two points lies within R.)

Figure 24: Convex regions symmetric about the origin The proof of the theorem relies on the following idea: Let F = {(x, y) ∈ R2 : 0 ≤ x < 1, 0 ≤ y < 1}. This is a fundamental region for the lattice L, as for any point P = (x, y) ∈ R2 , there exists an element  of L and a point Pˆ ∈ F such that P = Pˆ + . That is, any point can be transported, via an element of L, so that it lands in F. (The point P and the element  are unique in this case, but that will not matter in what follows.) We now expand F to F4 = {(x, y) ∈ R2 : −1 ≤ x < 1, −1 ≤ y < 1}

50. Minkowski’s theorem (geometry in the aid of algebra)

209

and use a sub-lattice of L, namely 2L = {(2a, 2b) ∈ R2 : (a, b) ∈ L}. Given a region R ⊆ R2 with area greater than 4, we may chop R up into pieces and use elements of 2L to translate them back into subsets of F4 . Since R has area greater than 4, we will inevitably get overlapping points of R in F4 . That is, we will have points P1 = (c, d) and P2 = (r, s), both in R, such that (c, d) = (r, s) + (2a, 2b) with a, b ∈ Z (since (a, b) ∈ L). We may now use the convexity of R and symmetry about the origin to produce a lattice point in R that is not the origin. Details are left to the reader. (See the exercises.) Minkowski realized that this didn’t only apply to the square lattice defined by the integers, but could be generalized to Proposition 49 Let v1 and v2 be two vectors in R2 . Define L to be the lattice defined by v1 and v2 : L = {mv1 + nv2 : m and n are in Z}. Define F to be a fundamental region for L (often F is chosen to be the parallelogram with corners at the origin and at the heads of the vectors v1 , v2 , and v1 + v2 ). Let R be a convex region, symmetric about the origin. Suppose the area of R is greater than 4 · (area of F). Then R contains at least one element of L that is not the origin. How is this used? We will use this proposition to prove that for p > 2 an odd prime integer,   −1 = +1 =⇒ p = a2 + b2 for a, b in Z. p The proof proceeds as follows. Let r be a solution to the equation x2 ≡ −1 (mod p). Then define L = {(a, b) ∈ Z2 : a ≡ br (mod p)}. An example with p = 13, r = 5 is shown below, and it can easily be shown that each point in L is of the form m(r, 1) + n(p, 0) with m, n ∈ Z. Thus this is a lattice spanned by the vectors (r, 1) and (p, 0), whose fundamental region has area p. Now define R to be the disk defined by x2 + y 2 < 2p. This region has area π · 2p, which is greater than 4p, so we see that a lattice point other than the origin lies in R. All points of L are of the form (mr + np, m), which satisfies x2 + y 2 = (mr + np)2 + m2 ≡ (mr)2 + m2 = m2 (r 2 + 1) ≡ 0 (mod p). But points inside R also satisfy x2 + y 2 < 2p, so we must have a lattice point with x2 + y 2 = p, and we are done. We thus yet another proof concerning le carr´e (more specifically, the implica  have = +1 =⇒ it is possible to write p = a2 + b2 ): tion −1 p

it is possible to write p = a2 + b2 

⇐⇒

p ≡ 1 (mod 4)

⇐⇒

p is not prime in Z[i]    −1 = +1. p

One thing to point out is that we have phrased this proof in terms of points and vectors in R2 , rather than complex numbers and elements of Z[i]. That is partially

210

Chapter 6. Further Topics

Figure 25: The lattice L = {(a, b) ∈ Z2 : a ≡ 5b (mod 13)} and the region x2 + y 2 < 2 · 13 to stay true to Minkowski’s original formulation, and partly to be able to use earlier will results that were phrased in terms of R2 rather than C. In what follows we √ rather than C, and thus write, say, the point (a, b 2) consider the plane√to be R2 √ rather than a + b −2 ∈ Z[ −2]. Hopefully this will not undercut the work we have done getting comfortable with these rings earlier. Now, can we generalize this argument to other carr´es of this form?

it is possible to write ±p = a2 − db2 

⇐⇒

p ≡ ??? (mod 4d)

⇐⇒

√ p is not prime in Z[ d]    d = +1. p

We need geometrical distance to make this argument work, so it seems we may need d to be negative. Suppose we try to prove that   −2 = +1 =⇒ p = a2 + 2b2 for a, b in Z. p √ We start by forming the lattice that corresponds to Z[ −2] ⊂ C, namely   M = √ = +1, {(a, b 2) ∈ R2 : a, b ∈ Z}. If we have a prime integer p for which −2 p then we can find an r such that r 2 ≡ −2 (mod p). We may then, as above, form a sublattice of M , namely √ L = {(a, b 2) ∈ M : a ≡ br (mod p)}. √ This lattice is spanned by the vectors (r, 2) and (p, 0), and thus the fundamental √ region has area 2p. Once again we let R be the disk defined by x2 + y 2 < 2p. This

50. Minkowski’s theorem (geometry in the aid of algebra)

211

√ region has area π · 2p, which is greater than 4 2p, so we see that a lattice point √ other than the origin lies in R. All points of L are of the form (mr + np, m 2), which satisfies x2 + y 2 = (mr + np)2 + 2m2 ≡ (mr)2 + 2m2 = m2 (r 2 + 2) ≡ 0 (mod p). But points inside R also satisfy x2 + y 2 < 2p, so we must have a lattice point with x2 + y 2 = p, and we are done. The case with p = 43 and r = 16 is shown in Figure 26.

√ Figure 26: The lattice L = {(a, b 2) ∈ R2 : a ≡ 16b (mod 43)} and the region x2 + y 2 < 2 · 43 √ √ 2 Now what if d = −3? We can form the lattice  Z[ −3] = {(a, b 3) ∈ R : a, b ∈ Z}, −3 and we can find a prime integer p for which p = +1, and thus we have a solution to the equation x2 ≡ −3 (mod p), namely, r. We can even form the sublattice √ {(a, b 3) ∈ R2 : a ≡ br (mod p)}. But √ now we cannot √ apply Minkowski’s theorem, since the fundamental region has size 3p, and 4 3p > π√· 2p. This agrees with the algebraic calculations we did earlier, showing that Z[ −3] did not have a division algorithm where we could guarantee a remainder with a smaller radius or norm. However, just as we did in Section 46, we can use the larger ring Z[ρ] to rescue the situation. We form the lattice that corresponds√to Z[ρ], which simply adds a point in the center of all the rectangles formed by Z[ −3]: let    a b√ , 3 ∈ R2 : a ≡ b (mod 2) . M= 2 2 Then we define the sublattice L as follows. First, we find a solution, s, to the equation x2 ≡ −3 (mod p) that is also an odd integer. (This is possible because if

212

Chapter 6. Further Topics

r is one solution, then p − r is the other solution; one of r and p − r must be odd, since p is odd.) Then we define    a b√ , L= 3 ∈ R2 : a ≡ bs (mod 2p) . 2 2 This new lattice is a sublattice of M , since s is odd (thus a ≡ bs (mod 2p) =⇒ a ≡ b (mod But now the fundamental region is a parallelogram spanned by the vec 2)). √  s 3 tors 2 , 2 and (p, 0). This parallelogram is half as large as the (rectangular) fun√ √ damental region for Z[ −3], and we have the comparison 2 3p < π · 2p. √ Examples of these two fundamental regions are shown in Figure 27. Because 2 3p < π · 2p,

√ Figure 27: Two versions of F4 , for Z[ −3] and for Z[ρ] (with p = 43 and s = 13) we can conclude that there is an element of L, call it u + vρ, inside the circle x2 + y 2 = 2p, and thus we have a solution to p = u2 − uv + v 2 . (The quantity u2 − uv + v 2 is the square √ of the distance from the point u + vρ to the origin.) If v is even, then u + vρ ∈ Z[ −3] and so we also have a solution to p = x2 + 3y 2 . On the other hand, if v is odd, then we may replace u + vρ by (u + vρ)ρ = −v + (u − v)ρ 2 (if u is odd) √ or by (u + vρ)ρ = (v − u) − uρ (if u is even), again finding an element of Z[ −3] inside the circle. An example with p = 43 and s = 13√is shown in Figure 28. One of the points inside the circle is −1 + 6ρ = −4 + 3 −3; this corresponds to the solutions 43 = (−1)2 − (−1)6 + 62 as well as 43 = 42 + 3 · (−3)2 . Another point is 7 + ρ; this corresponds to the solution 43 = 72 − 7 · 1 + 12 , and √ (7 + ρ)ρ = −1 + 6ρ = −4 + 3 −3. A third point inside the circle is 6 + 7ρ, which √ corresponds to the solution 43 = 62 − 6 · 7 + 72 and (6 + 7ρ)ρ2 = 1 − 6ρ = 4 − 3 −3. (We end up with three different solutions to p = a2 − ab + b2 but only one solution to p = x2 + 3y 2 .) We thus have a direct proof, without using the division algorithm or the prime theorem, that   −3 = +1 =⇒ p = c2 − cd + d2 for c, d in Z ⇐⇒ p = a2 + 3b2 for a, b in Z. p The results we have seen here exactly mirror what we saw when we used √ the division algorithm and the prime theorem: the√applications to Z[i] and Z[ −2] are direct and immediate. The application to Z[ −3] is not direct or immediate, but takes place through Z[ρ], and the fact √ that Z[ρ] has six units comes into play in bridging −3]. Now we shall see whether and how this extends the gap between Z[ρ] and Z[ √ √ to Z[ −7] and Z[ −11] (and beyond?).

50. Minkowski’s theorem (geometry in the aid of algebra)

213

√ Figure 28: Two related lattices L, and the region x2 + y 2 < 2 · 43, inside Z[ −3] and Z[ρ] √ When we consider the rectangular lattice that corresponds to Z[ −7], we see immediately apply Minkowski’s theorem, since the fundamental region √ √ that we cannot on parallelohas size 7p, and 4 7p > π · 2p. When we introduce the lattice based √ grams that corresponds to Z[θ], Minkowski’s theorem does apply, as 2 7p < π · 2p. And, just as in Section 46 we see that by a quirk of the algebra we get √ not only an element of Z[θ] with norm p, but an element of the smaller ring Z[ −7] as well. (See Exercise 4.) √ The situations with Z[ −11] and Z[η] are similar, but√there is a major difference. First of all, the rectangular lattice corresponding to Z[ −11] and the lattice based on parallelograms that corresponds to Z[η] both have fundamental regions that are √ √ too large to apply Minkowski’s theorem to, as both 4 11p and 2 11p are bigger 2 2 than π · 2p. However, we √ get to cheat a little here and use the disk x + y < 3p, which is big enough (2 11p < π · 3p) to ensure that an element of Z[η] can be found with norm p or 2p. And now we use some low-level algebra to eliminate the 2p possibility. But there is a fundamental disconnect in that there are √ primes that are norms of elements of Z[η], but are not norms of elements of Z[ −11] (just as we saw in Exercise 25 in Section 46, page 192). (See Exercise 5.) In Section 46 we had to stop at d = −11 since the geometry of these rectangular and other lattices prevented us from getting the division algorithm after that point. (That means that we can’t write a division algorithm based on the rings we were dealing with and using geometric distance to measure the size of the remainders; it is still possible that one could find an associated ring or a different way to measure the size of the remainders in such a way that the Euclidean algorithm could proceed; we will not explore those ideas further here. But it is worth emphasizing that being unable to adapt our existing proof to show unique factorization is not the same as saying some ring in which we are interested does not have unique factorization—there could be other routes to the same goal, as Minkowski shows us in this section.) It turns out that Minkowski’s ideas can go a step or two further. Using the same trick that helped in Z[η] means that need  to skip d = −15 and  we √ √ −1+ −19 . Here we can use the proceed to Z[ −19] as well as the larger ring Z 2 √ 2 2 disk +y < 4p, which is big enough (2 19p < π ·4p) to ensure that an element of  x √ Z −1+2 −19 can be found with norm p or 2p or 3p, but then some low-level algebra

214

Chapter 6. Further Topics

eliminates the   2p and 3p possibilities, and we can thus be sure to find an element √ −1+ −19 Z with norm exactly p. Once again we see that there are primes that 2   √ √ are norms of elements of Z −1+2 −19 , but are not norms of elements of Z[ −19]. (See Exercise 6.) We close with one final illustration of what Minkowski can tell us. To extend the ad hoc tricks we have seen above, we need to go to d = −43(!). This rectangular lattice √ will be very elongated, and since the fundamental region has area 2 43 ≈ 13.1, we will need to use a circle of radius 5p to ensure that Minkowski’s thorem applies. One more ad hoc trick allows us to get the conclusion we desire. (See Exercise 7.) So the final results we have, all courtesy of Minkowski’s geometric approach, are that  •  •  •

 •

 •

 •

 •

−1 p −2 p −3 p

−7 p

 = +1 =⇒ p = a2 + b2 for a, b in Z.  = +1 =⇒ p = a2 + 2b2 for a, b in Z.  = +1 =⇒ p = j 2 − jk + k2 for j, k in Z ⇐⇒ p = a2 + 3b2 for a, b in Z. 

−11 p

−19 p

−43 p

= +1 =⇒ p = j 2 − jk + 2k2 for j, k in Z ⇐⇒ p = a2 + 7b2 for a, b in Z.  = +1 =⇒ p = j 2 − jk + 3k2 for j, k in Z ⇐= p = a2 + 11b2 for a, b in Z.  = +1 =⇒ p = j 2 − jk + 5k2 for j, k in Z ⇐= p = a2 + 19b2 for a, b in Z.  = +1 =⇒ p = j 2 − jk + 11k2 for j, k in Z ⇐= p = a2 + 43b2 for a, b in Z.

We can get from the last condition to the first using Exercise 2 on page 88, so in the first four situations we have equivalent conditions, and thus a version of le carr´e. In the other cases we get a more complicated setup. For example, the fifth situation may be reorganized to give the following six statements (in the five rings √ Z/pZ, Z/44Z, Z, Z[ −11], and Z[η]):

50. Minkowski’s theorem (geometry in the aid of algebra)

215

Proposition 50 For an odd positive prime integer p that is not 11, we have

p can be written as p = a2 + 11b2 ⇓ 2 p can be written as p = a − ab + 3b2 

⇐⇒

p ≡ 1, 3, 4, 5, 9 (mod 11)

⇐⇒

⇐⇒

√ p splits in Z[ −11] ⇓ p splits in Z[η]    −11 = +1. p

The sixth and seventh situations lead to Proposition 51 For an odd positive prime integer p that is not 19, we have

p can be written as p = a2 + 19b2 ⇓

⇐⇒

p can be written as p = a2 − ab + 5b2

⇐⇒

 p ≡ 1, 4, 5, 6, 7, 9, 11, 16, 17 (mod 19)

√ p splits in Z[ −19] ⇓   √ p splits in Z −1+2 −19 

⇐⇒

−19 p

  = +1.

Proposition 52 For an odd positive prime integer p that is not 43, we have

p can be written as p = a2 + 43b2 ⇓

⇐⇒

p can be written as p = a2 − ab + 11b2

⇐⇒

 p ≡ 1, 4, 6, 9, 10, 11, 13, 14, 15, 16, 17, 21, 23, 24, 25, 31, 35, 36, 38, 40, 41 (mod 43)

√ p splits in Z[ −43] ⇓   √ p splits in Z −1+2 −43  

⇐⇒

−43 p

 = +1.

The details of these various situations are worked out in the exercises.

Exercises 1. Finish the proof of Proposition 48.

216

Chapter 6. Further Topics

2. Prove Proposition 49.  3. As on page 211, let p be an odd prime for which

−3 p

 = +1, and let s be an

odd integer satisfying x ≡ −3 (mod p). Define a lattice    a b√ L= , 3 ∈ R2 : a ≡ bs (mod 2p) . 2 2  √  (a) Show that L is spanned by the vectors 2s , 23 and (p, 0). That is, show  √  √ that any element a2 , 2b 3 can be written as c· 2s , 23 +d·(p, 0), where c and d are integers. 2

(b) Use the results of Exercise 11 in Section 11 (page 48) to show that √ the fundamental region for the lattice has area 23 p (so F4 has area √ 2 3p < 2πp). (c) Show that for any element of the lattice (x, y) the number x2 + y 2 is an integral multiple of p.  √  k k 3 , with (d) Rewrite an element of the lattice (x, y) as the point j − , 2 2 2 j and k ∈ Z, and show that we have p|(j − jk + k2 ). (If we reinterpret √ k k 3 may be thought the plane as C rather than R2 , the point j − , 2 2 of as the complex number j + kρ.) This cleans up the details of the proof that 

−3 p

 = +1 =⇒ p = j 2 − jk + k2 for j, k in Z ⇐⇒ p = a2 + 3b2 for a, b in Z.

(e) In the specific case p = 37, find s, and then use Figure 29 to solve 37 = a2 + 3b2 for integers a, b as well as 37 = j 2 − jk + k2 for integers j and k.

Figure 29: For Exercise 3, with p = 37

50. Minkowski’s theorem (geometry in the aid of algebra)  4. As on page 211, let p be an odd prime for which

−7 p

217  = +1, and let r be an

odd integer satisfying x ≡ −7 (mod p). Define a lattice    a b√ , L= 7 ∈ R2 : a ≡ br (mod 2p) . 2 2  √  (a) Show that the lattice is spanned by the vectors r2 , 27 and (p, 0). That  √  √ is, show that any element a2 , 2b 7 can be written as c· 2r , 27 +d·(p, 0), where c and d are integers. 2

(b) Use the results of Exercise 11 in Section 11 (page 48) to show that √ 7 the fundamental region for the lattice has area 2 p (so F4 has area √ 2 7p < 2πp). (c) Show that for any element of the lattice (x, y) the number x2 + y 2 is an integral multiple of p.  √  k k 7 , with (d) Rewrite an element of the lattice (x, y) as the point j − , 2 2 2 j and k ∈ Z, and show that we have p|(j  − jk + 2k2 ).(If we reinterpret √ k k 7 2 the plane as C rather than R , the point j − , may be thought 2 2 of as the complex number j + kθ.) (e) Show that p = j 2 − jk + 2k2 =⇒ k is even, and thus not only is there an√element of Z[θ] with norm p, but it is a element of the smaller ring Z[ −7] already. We may thus conclude that 

−7 p

 = +1 =⇒ p = j 2 − jk + 2k2 for j, k in Z ⇐⇒ p = a2 + 7b2 for a, b in Z.

(f) In the specific case p = 53, find r, and then use Figure 30 to solve 53 = j 2 − jk + 2k2 for integers j and k as well as 53 = a2 + 7b2 for integers a and b .   = +1, and let t be 5. As on page 211, let p be an odd prime for which −11 p an odd integer satisfying x2 ≡ −11 (mod p). Define a lattice    a b√ 2 L= , 11 ∈ R : a ≡ bt (mod 2p) . 2 2  √  (a) Show that the lattice is spanned by the vectors 2t , 211 and (p, 0). That  √  √ is, show that any element a2 , 2b 11 can be written as c · 2t , 211 + d · (p, 0), where c and d are integers. (b) Use the results of Exercise 11 in Section 11 (page 48) to show that √ the fundamental region for the lattice has area 211 p (so F4 has area √ 2 11p < 3πp).

218

Chapter 6. Further Topics

Figure 30: For Exercise 4, with p = 53 (c) Using the region x2 + y 2 < 3p this time, show that for any element of this lattice, (x, y), the number x2 + y 2 is an integral multiple of p.  √  k k 11 , (d) Rewrite an element of the lattice (x, y) as the point j − , 2 2 with j and k ∈ Z, and show that we have p|(j 2 − jk+ 3k2 ). (If we √  k k 11 2 reinterpret the plane as C rather than R , the point j − , 2 2 may be thought of as the complex number j + kη.) (e) Show that 2p = a2 − ab + 3b2 is impossible for integers a and b. We may thus conclude that   −11 = +1 =⇒ p = j 2 − jk + 3k2 for j, k in Z. p (f) In the specific case p = 89, find t, and then use Figure 31 to solve 89 = j 2 − jk + 3k2 for integers j and k.   6. As on page 211, let p be an odd prime for which −19 = +1, and let u be p an odd integer satisfying x2 ≡ −19 (mod p). Define a lattice    a b√ , L= 19 ∈ R2 : a ≡ bu (mod 2p) . 2 2  √  (a) Show that the lattice is spanned by the vectors u2 , 219 and (p, 0). That  √  √ is, show that any element a2 , 2b 19 can be written as c · u2 , 219 + d · (p, 0), where c and d are integers.

50. Minkowski’s theorem (geometry in the aid of algebra)

219

Figure 31: For Exercise 5, with p = 89; the disks shown have radii



2p and



3p

(b) Use the results of Exercise 11 in Section 11 (page 48) to show that √ the fundamental region for the lattice has area 219 p (so F4 has area √ 2 19p < 3πp). (c) Using the region x2 + y 2 < 3p this time, show that for any element of this lattice, (x, y), the number x2 + y 2 is an integral multiple of p.  √  k k 19 , (d) Rewrite an element of the lattice (x, y) as the point j − , 2 2 with j and k ∈ Z, and show that we have p|(j 2 − jk+ 5k2 ). (If we √  k k 19 2 reinterpret the plane as C rather than R , the point j − , 2 2 √

may be thought of as the complex number j + k −1+2 −19 .) (e) Show that 2p = a2 − ab + 5b2 is impossible for integers a and b. We may thus conclude that   −19 = +1 =⇒ p = j 2 − jk + 5k2 for j, k in Z. p (g) In the specific case p = 73, find u, and then use Figure 32 to solve 73 = j 2 − jk + 5k2 for integers j and k.   = +1, and let w be 7. As on page 211, let p be an odd prime for which −43 p an odd integer satisfying x2 ≡ −43 (mod p). Define a lattice  L=

 a b√ 43 ∈ R2 : a ≡ bw , 2 2

 (mod 2p) .

220

Chapter 6. Further Topics

Figure 32: For Exercise 6 with p = 73; the disks shown have radii



2p and



3p

 √  (a) Show that the lattice is spanned by the vectors w2 , 243 and (p, 0). That  √  √ is, show that any element a2 , 2b 43 can be written as c · w2 , 243 + d · (p, 0), where c and d are integers. (b) Use the results of Exercise 11 in Section 11√ (page 48) to show that the √ fundamental region for the lattice has area 243 p (so F4 has area 2 43p). √ √ (c) Check that 2 43p > 4πp but 2 43p < 5πp. (d) Using the region x2 + y 2 < 5p this time, show that for any element of this lattice, (x, y), the number x2 + y 2 is an integral multiple of p.  √  k k 43 , (e) Rewrite an element of the lattice (x, y) as the point j − , 2 2 with j and k ∈ Z, and show that we have p|(j 2 − jk  + 11k2 ). (If we √  k 43 k reinterpret the plane as C rather than R2 , the point j − , 2 2 √

may be thought of as the complex number j + k −1+2 −43 .) (f) Show that 2p = a2 − ab + 11b2 is impossible for integers a and b. (g) Show that 3p = a2 − ab + 11b2 is impossible for integers a and b. (h) Show that if 4p = a2 − ab + 11b2 is possible for integers a and b, then p = A2 − AB + 11B 2 is also possible for integers A and B. We may thus conclude that   −43 = +1 =⇒ p = j 2 − jk + 11k2 for j, k in Z. p (i) In the specific case p = 139, find w, and then use Figure 33 to solve 139 = j 2 − jk + 11k2 for integers j and k.

50. Minkowski’s theorem (geometry in the aid of algebra)

Figure √ 33: For Exercise 7 with p = 139; the disks shown have radii and 5p

221

√ √ √ 2p, 3p, 4p,

Appendix A

Tables On the next few pages are • Tables 8 and 9, which list the prime integers up to 12,689. • Tables 10–13, which list integers below 4000 together with their smallest proper divisor. Thus in Table 10 on page 226 the entry for 9 (with 3 below it) shows that 3 is the smallest divisor of 9. The entry for 11 (with — below it) shows that 11 is prime. Even integers and integers ending in 5 were excluded for the obvious reason. • Tables 14–16, which list each of the primes up to 9049 together with the smallest primitive root of that prime modulus. Thus in Table 16 (on page 232), the last two entries show that 7 is the smallest primitive root of p = 9049.

223

224

2 53 127 199 283 383 467 577 661 769 877 983 1087 1193 1297 1429 1523 1619 1741 1871 1993 2089 2221 2339 2437 2579 2689 2791 2909 3041 3187 3313 3433 3541 3659 3779 3911 4021 4153 4271 4421 4547 4663 4799 4943 5051

Appendix A. Tables

3 59 131 211 293 389 479 587 673 773 881 991 1091 1201 1301 1433 1531 1621 1747 1873 1997 2099 2237 2341 2441 2591 2693 2797 2917 3049 3191 3319 3449 3547 3671 3793 3917 4027 4157 4273 4423 4549 4673 4801 4951 5059

5 61 137 223 307 397 487 593 677 787 883 997 1093 1213 1303 1439 1543 1627 1753 1877 1999 2111 2239 2347 2447 2593 2699 2801 2927 3061 3203 3323 3457 3557 3673 3797 3919 4049 4159 4283 4441 4561 4679 4813 4957 5077

7 67 139 227 311 401 491 599 683 797 887 1009 1097 1217 1307 1447 1549 1637 1759 1879 2003 2113 2243 2351 2459 2609 2707 2803 2939 3067 3209 3329 3461 3559 3677 3803 3923 4051 4177 4289 4447 4567 4691 4817 4967 5081

11 71 149 229 313 409 499 601 691 809 907 1013 1103 1223 1319 1451 1553 1657 1777 1889 2011 2129 2251 2357 2467 2617 2711 2819 2953 3079 3217 3331 3463 3571 3691 3821 3929 4057 4201 4297 4451 4583 4703 4831 4969 5087

13 73 151 233 317 419 503 607 701 811 911 1019 1109 1229 1321 1453 1559 1663 1783 1901 2017 2131 2267 2371 2473 2621 2713 2833 2957 3083 3221 3343 3467 3581 3697 3823 3931 4073 4211 4327 4457 4591 4721 4861 4973 5099

17 79 157 239 331 421 509 613 709 821 919 1021 1117 1231 1327 1459 1567 1667 1787 1907 2027 2137 2269 2377 2477 2633 2719 2837 2963 3089 3229 3347 3469 3583 3701 3833 3943 4079 4217 4337 4463 4597 4723 4871 4987 5101

19 83 163 241 337 431 521 617 719 823 929 1031 1123 1237 1361 1471 1571 1669 1789 1913 2029 2141 2273 2381 2503 2647 2729 2843 2969 3109 3251 3359 3491 3593 3709 3847 3947 4091 4219 4339 4481 4603 4729 4877 4993 5107

23 89 167 251 347 433 523 619 727 827 937 1033 1129 1249 1367 1481 1579 1693 1801 1931 2039 2143 2281 2383 2521 2657 2731 2851 2971 3119 3253 3361 3499 3607 3719 3851 3967 4093 4229 4349 4483 4621 4733 4889 4999 5113

29 97 173 257 349 439 541 631 733 829 941 1039 1151 1259 1373 1483 1583 1697 1811 1933 2053 2153 2287 2389 2531 2659 2741 2857 2999 3121 3257 3371 3511 3613 3727 3853 3989 4099 4231 4357 4493 4637 4751 4903 5003 5119

31 101 179 263 353 443 547 641 739 839 947 1049 1153 1277 1381 1487 1597 1699 1823 1949 2063 2161 2293 2393 2539 2663 2749 2861 3001 3137 3259 3373 3517 3617 3733 3863 4001 4111 4241 4363 4507 4639 4759 4909 5009 5147

Table 8: The primes up to 5179

37 103 181 269 359 449 557 643 743 853 953 1051 1163 1279 1399 1489 1601 1709 1831 1951 2069 2179 2297 2399 2543 2671 2753 2879 3011 3163 3271 3389 3527 3623 3739 3877 4003 4127 4243 4373 4513 4643 4783 4919 5011 5153

41 107 191 271 367 457 563 647 751 857 967 1061 1171 1283 1409 1493 1607 1721 1847 1973 2081 2203 2309 2411 2549 2677 2767 2887 3019 3167 3299 3391 3529 3631 3761 3881 4007 4129 4253 4391 4517 4649 4787 4931 5021 5167

43 109 193 277 373 461 569 653 757 859 971 1063 1181 1289 1423 1499 1609 1723 1861 1979 2083 2207 2311 2417 2551 2683 2777 2897 3023 3169 3301 3407 3533 3637 3767 3889 4013 4133 4259 4397 4519 4651 4789 4933 5023 5171

47 113 197 281 379 463 571 659 761 863 977 1069 1187 1291 1427 1511 1613 1733 1867 1987 2087 2213 2333 2423 2557 2687 2789 2903 3037 3181 3307 3413 3539 3643 3769 3907 4019 4139 4261 4409 4523 4657 4793 4937 5039 5179

Appendix A. Tables

5189 5333 5449 5573 5701 5839 5953 6101 6229 6343 6481 6637 6763 6883 7001 7159 7307 7477 7573 7691 7841 7963 8117 8263 8389 8543 8681 8803 8933 9059 9203 9341 9461 9613 9739 9857 10009 10151 10273 10429 10589 10711 10861 11003 11159 11299 11447 11597 11779 11903 12037 12161 12301 12451 12569

5197 5347 5471 5581 5711 5843 5981 6113 6247 6353 6491 6653 6779 6899 7013 7177 7309 7481 7577 7699 7853 7993 8123 8269 8419 8563 8689 8807 8941 9067 9209 9343 9463 9619 9743 9859 10037 10159 10289 10433 10597 10723 10867 11027 11161 11311 11467 11617 11783 11909 12041 12163 12323 12457 12577

5209 5351 5477 5591 5717 5849 5987 6121 6257 6359 6521 6659 6781 6907 7019 7187 7321 7487 7583 7703 7867 8009 8147 8273 8423 8573 8693 8819 8951 9091 9221 9349 9467 9623 9749 9871 10039 10163 10301 10453 10601 10729 10883 11047 11171 11317 11471 11621 11789 11923 12043 12197 12329 12473 12583

5227 5381 5479 5623 5737 5851 6007 6131 6263 6361 6529 6661 6791 6911 7027 7193 7331 7489 7589 7717 7873 8011 8161 8287 8429 8581 8699 8821 8963 9103 9227 9371 9473 9629 9767 9883 10061 10169 10303 10457 10607 10733 10889 11057 11173 11321 11483 11633 11801 11927 12049 12203 12343 12479 12589

225

5231 5387 5483 5639 5741 5857 6011 6133 6269 6367 6547 6673 6793 6917 7039 7207 7333 7499 7591 7723 7877 8017 8167 8291 8431 8597 8707 8831 8969 9109 9239 9377 9479 9631 9769 9887 10067 10177 10313 10459 10613 10739 10891 11059 11177 11329 11489 11657 11807 11933 12071 12211 12347 12487 12601

5233 5393 5501 5641 5743 5861 6029 6143 6271 6373 6551 6679 6803 6947 7043 7211 7349 7507 7603 7727 7879 8039 8171 8293 8443 8599 8713 8837 8971 9127 9241 9391 9491 9643 9781 9901 10069 10181 10321 10463 10627 10753 10903 11069 11197 11351 11491 11677 11813 11939 12073 12227 12373 12491 12611

5237 5399 5503 5647 5749 5867 6037 6151 6277 6379 6553 6689 6823 6949 7057 7213 7351 7517 7607 7741 7883 8053 8179 8297 8447 8609 8719 8839 8999 9133 9257 9397 9497 9649 9787 9907 10079 10193 10331 10477 10631 10771 10909 11071 11213 11353 11497 11681 11821 11941 12097 12239 12377 12497 12613

5261 5407 5507 5651 5779 5869 6043 6163 6287 6389 6563 6691 6827 6959 7069 7219 7369 7523 7621 7753 7901 8059 8191 8311 8461 8623 8731 8849 9001 9137 9277 9403 9511 9661 9791 9923 10091 10211 10333 10487 10639 10781 10937 11083 11239 11369 11503 11689 11827 11953 12101 12241 12379 12503 12619

5273 5413 5519 5653 5783 5879 6047 6173 6299 6397 6569 6701 6829 6961 7079 7229 7393 7529 7639 7757 7907 8069 8209 8317 8467 8627 8737 8861 9007 9151 9281 9413 9521 9677 9803 9929 10093 10223 10337 10499 10651 10789 10939 11087 11243 11383 11519 11699 11831 11959 12107 12251 12391 12511 12637

5279 5417 5521 5657 5791 5881 6053 6197 6301 6421 6571 6703 6833 6967 7103 7237 7411 7537 7643 7759 7919 8081 8219 8329 8501 8629 8741 8863 9011 9157 9283 9419 9533 9679 9811 9931 10099 10243 10343 10501 10657 10799 10949 11093 11251 11393 11527 11701 11833 11969 12109 12253 12401 12517 12641

5281 5419 5527 5659 5801 5897 6067 6199 6311 6427 6577 6709 6841 6971 7109 7243 7417 7541 7649 7789 7927 8087 8221 8353 8513 8641 8747 8867 9013 9161 9293 9421 9539 9689 9817 9941 10103 10247 10357 10513 10663 10831 10957 11113 11257 11399 11549 11717 11839 11971 12113 12263 12409 12527 12647

5297 5431 5531 5669 5807 5903 6073 6203 6317 6449 6581 6719 6857 6977 7121 7247 7433 7547 7669 7793 7933 8089 8231 8363 8521 8647 8753 8887 9029 9173 9311 9431 9547 9697 9829 9949 10111 10253 10369 10529 10667 10837 10973 11117 11261 11411 11551 11719 11863 11981 12119 12269 12413 12539 12653

Table 9: The primes from 5189 to 12689

5303 5437 5557 5683 5813 5923 6079 6211 6323 6451 6599 6733 6863 6983 7127 7253 7451 7549 7673 7817 7937 8093 8233 8369 8527 8663 8761 8893 9041 9181 9319 9433 9551 9719 9833 9967 10133 10259 10391 10531 10687 10847 10979 11119 11273 11423 11579 11731 11867 11987 12143 12277 12421 12541 12659

5309 5441 5563 5689 5821 5927 6089 6217 6329 6469 6607 6737 6869 6991 7129 7283 7457 7559 7681 7823 7949 8101 8237 8377 8537 8669 8779 8923 9043 9187 9323 9437 9587 9721 9839 9973 10139 10267 10399 10559 10691 10853 10987 11131 11279 11437 11587 11743 11887 12007 12149 12281 12433 12547 12671

5323 5443 5569 5693 5827 5939 6091 6221 6337 6473 6619 6761 6871 6997 7151 7297 7459 7561 7687 7829 7951 8111 8243 8387 8539 8677 8783 8929 9049 9199 9337 9439 9601 9733 9851 10007 10141 10271 10427 10567 10709 10859 10993 11149 11287 11443 11593 11777 11897 12011 12157 12289 12437 12553 12689

226

1 — 41 — 81 3 121 11 161 7 201 3 241 — 281 — 321 3 361 19 401 — 441 3 481 13 521 — 561 3 601 — 641 — 681 3 721 7 761 — 801 3 841 29 881 — 921 3 961 31

Appendix A. Tables

3 — 43 — 83 — 123 3 163 — 203 7 243 3 283 — 323 17 363 3 403 13 443 — 483 3 523 — 563 — 603 3 643 — 683 — 723 3 763 7 803 11 843 3 883 — 923 13 963 3

7 — 47 — 87 3 127 — 167 — 207 3 247 13 287 7 327 3 367 — 407 11 447 3 487 — 527 17 567 3 607 — 647 — 687 3 727 — 767 13 807 3 847 7 887 — 927 3 967 —

9 3 49 7 89 — 129 3 169 13 209 11 249 3 289 17 329 7 369 3 409 — 449 — 489 3 529 23 569 — 609 3 649 11 689 13 729 3 769 — 809 — 849 3 889 7 929 — 969 3

11 — 51 3 91 7 131 — 171 3 211 — 251 — 291 3 331 — 371 7 411 3 451 11 491 — 531 3 571 — 611 13 651 3 691 — 731 17 771 3 811 — 851 23 891 3 931 7 971 —

13 — 53 — 93 3 133 7 173 — 213 3 253 11 293 — 333 3 373 — 413 7 453 3 493 17 533 13 573 3 613 — 653 — 693 3 733 — 773 — 813 3 853 — 893 19 933 3 973 7

17 — 57 3 97 — 137 — 177 3 217 7 257 — 297 3 337 — 377 13 417 3 457 — 497 7 537 3 577 — 617 — 657 3 697 17 737 11 777 3 817 19 857 — 897 3 937 — 977 —

19 — 59 — 99 3 139 — 179 — 219 3 259 7 299 13 339 3 379 — 419 — 459 3 499 — 539 7 579 3 619 — 659 — 699 3 739 — 779 19 819 3 859 — 899 29 939 3 979 11

21 3 61 — 101 — 141 3 181 — 221 13 261 3 301 7 341 11 381 3 421 — 461 — 501 3 541 — 581 7 621 3 661 — 701 — 741 3 781 11 821 — 861 3 901 17 941 — 981 3

23 — 63 3 103 — 143 11 183 3 223 — 263 — 303 3 343 7 383 — 423 3 463 — 503 — 543 3 583 11 623 7 663 3 703 19 743 — 783 3 823 — 863 — 903 3 943 23 983 —

27 3 67 — 107 — 147 3 187 11 227 — 267 3 307 — 347 — 387 3 427 7 467 — 507 3 547 — 587 — 627 3 667 23 707 7 747 3 787 — 827 — 867 3 907 — 947 — 987 3

29 — 69 3 109 — 149 — 189 3 229 — 269 — 309 3 349 — 389 — 429 3 469 7 509 — 549 3 589 19 629 17 669 3 709 — 749 7 789 3 829 — 869 11 909 3 949 13 989 23

31 — 71 — 111 3 151 — 191 — 231 3 271 — 311 — 351 3 391 17 431 — 471 3 511 7 551 19 591 3 631 — 671 11 711 3 751 — 791 7 831 3 871 13 911 — 951 3 991 —

33 3 73 — 113 — 153 3 193 — 233 — 273 3 313 — 353 — 393 3 433 — 473 11 513 3 553 7 593 — 633 3 673 — 713 23 753 3 793 13 833 7 873 3 913 11 953 — 993 3

37 — 77 7 117 3 157 — 197 — 237 3 277 — 317 — 357 3 397 — 437 19 477 3 517 11 557 — 597 3 637 7 677 — 717 3 757 — 797 — 837 3 877 — 917 7 957 3 997 —

Table 10: Odd integers with their smallest proper divisor

39 3 79 — 119 7 159 3 199 — 239 — 279 3 319 11 359 — 399 3 439 — 479 — 519 3 559 13 599 — 639 3 679 7 719 — 759 3 799 17 839 — 879 3 919 — 959 7 999 3

Appendix A. Tables

1001 7 1041 3 1081 23 1121 19 1161 3 1201 — 1241 17 1281 3 1321 — 1361 — 1401 3 1441 11 1481 — 1521 3 1561 7 1601 — 1641 3 1681 41 1721 — 1761 3 1801 — 1841 7 1881 3 1921 17 1961 37

1003 17 1043 7 1083 3 1123 — 1163 — 1203 3 1243 11 1283 — 1323 3 1363 29 1403 23 1443 3 1483 — 1523 — 1563 3 1603 7 1643 31 1683 3 1723 — 1763 41 1803 3 1843 19 1883 7 1923 3 1963 13

1007 19 1047 3 1087 — 1127 7 1167 3 1207 17 1247 29 1287 3 1327 — 1367 — 1407 3 1447 — 1487 — 1527 3 1567 — 1607 — 1647 3 1687 7 1727 11 1767 3 1807 13 1847 — 1887 3 1927 41 1967 7

1009 — 1049 — 1089 3 1129 — 1169 7 1209 3 1249 — 1289 — 1329 3 1369 37 1409 — 1449 3 1489 — 1529 11 1569 3 1609 — 1649 17 1689 3 1729 7 1769 29 1809 3 1849 43 1889 — 1929 3 1969 11

227

1011 3 1051 — 1091 — 1131 3 1171 — 1211 7 1251 3 1291 — 1331 11 1371 3 1411 17 1451 — 1491 3 1531 — 1571 — 1611 3 1651 13 1691 19 1731 3 1771 7 1811 — 1851 3 1891 31 1931 — 1971 3

1013 — 1053 3 1093 — 1133 11 1173 3 1213 — 1253 7 1293 3 1333 31 1373 — 1413 3 1453 — 1493 — 1533 3 1573 11 1613 — 1653 3 1693 — 1733 — 1773 3 1813 7 1853 17 1893 3 1933 — 1973 —

1017 3 1057 7 1097 — 1137 3 1177 11 1217 — 1257 3 1297 — 1337 7 1377 3 1417 13 1457 31 1497 3 1537 29 1577 19 1617 3 1657 — 1697 — 1737 3 1777 — 1817 23 1857 3 1897 7 1937 13 1977 3

1019 — 1059 3 1099 7 1139 17 1179 3 1219 23 1259 — 1299 3 1339 13 1379 7 1419 3 1459 — 1499 — 1539 3 1579 — 1619 — 1659 3 1699 — 1739 37 1779 3 1819 17 1859 11 1899 3 1939 7 1979 —

1021 — 1061 — 1101 3 1141 7 1181 — 1221 3 1261 13 1301 — 1341 3 1381 — 1421 7 1461 3 1501 19 1541 23 1581 3 1621 — 1661 11 1701 3 1741 — 1781 13 1821 3 1861 — 1901 — 1941 3 1981 7

1023 3 1063 — 1103 — 1143 3 1183 7 1223 — 1263 3 1303 — 1343 17 1383 3 1423 — 1463 7 1503 3 1543 — 1583 — 1623 3 1663 — 1703 13 1743 3 1783 — 1823 — 1863 3 1903 11 1943 29 1983 3

1027 13 1067 11 1107 3 1147 31 1187 — 1227 3 1267 7 1307 — 1347 3 1387 19 1427 — 1467 3 1507 11 1547 7 1587 3 1627 — 1667 — 1707 3 1747 — 1787 — 1827 3 1867 — 1907 — 1947 3 1987 —

1029 3 1069 — 1109 — 1149 3 1189 29 1229 — 1269 3 1309 7 1349 19 1389 3 1429 — 1469 13 1509 3 1549 — 1589 7 1629 3 1669 — 1709 — 1749 3 1789 — 1829 31 1869 3 1909 23 1949 — 1989 3

1031 — 1071 3 1111 11 1151 — 1191 3 1231 — 1271 31 1311 3 1351 7 1391 13 1431 3 1471 — 1511 — 1551 3 1591 37 1631 7 1671 3 1711 29 1751 17 1791 3 1831 — 1871 — 1911 3 1951 — 1991 11

1033 — 1073 29 1113 3 1153 — 1193 — 1233 3 1273 19 1313 13 1353 3 1393 7 1433 — 1473 3 1513 17 1553 — 1593 3 1633 23 1673 7 1713 3 1753 — 1793 11 1833 3 1873 — 1913 — 1953 3 1993 —

1037 17 1077 3 1117 — 1157 13 1197 3 1237 — 1277 — 1317 3 1357 23 1397 11 1437 3 1477 7 1517 37 1557 3 1597 — 1637 — 1677 3 1717 17 1757 7 1797 3 1837 11 1877 — 1917 3 1957 19 1997 —

Table 11: Odd integers with their smallest proper divisor

1039 — 1079 13 1119 3 1159 19 1199 11 1239 3 1279 — 1319 — 1359 3 1399 — 1439 — 1479 3 1519 7 1559 — 1599 3 1639 11 1679 23 1719 3 1759 — 1799 7 1839 3 1879 — 1919 19 1959 3 1999 —

228

Appendix A. Tables

2001 3 2041 13 2081 — 2121 3 2161 — 2201 31 2241 3 2281 — 2321 11 2361 3 2401 7 2441 — 2481 3 2521 — 2561 13 2601 3 2641 19 2681 7 2721 3 2761 11 2801 — 2841 3 2881 43 2921 23 2961 3

2003 — 2043 3 2083 — 2123 11 2163 3 2203 — 2243 — 2283 3 2323 23 2363 17 2403 3 2443 7 2483 13 2523 3 2563 11 2603 19 2643 3 2683 — 2723 7 2763 3 2803 — 2843 — 2883 3 2923 37 2963 —

2007 3 2047 23 2087 — 2127 3 2167 11 2207 — 2247 3 2287 — 2327 13 2367 3 2407 29 2447 — 2487 3 2527 7 2567 17 2607 3 2647 — 2687 — 2727 3 2767 — 2807 7 2847 3 2887 — 2927 — 2967 3

2009 7 2049 3 2089 — 2129 — 2169 3 2209 47 2249 13 2289 3 2329 17 2369 23 2409 3 2449 31 2489 19 2529 3 2569 7 2609 — 2649 3 2689 — 2729 — 2769 3 2809 53 2849 7 2889 3 2929 29 2969 —

2011 — 2051 7 2091 3 2131 — 2171 13 2211 3 2251 — 2291 29 2331 3 2371 — 2411 — 2451 3 2491 47 2531 — 2571 3 2611 7 2651 11 2691 3 2731 — 2771 17 2811 3 2851 — 2891 7 2931 3 2971 —

2013 3 2053 — 2093 7 2133 3 2173 41 2213 — 2253 3 2293 — 2333 — 2373 3 2413 19 2453 11 2493 3 2533 17 2573 31 2613 3 2653 7 2693 — 2733 3 2773 47 2813 29 2853 3 2893 11 2933 7 2973 3

2017 — 2057 11 2097 3 2137 — 2177 7 2217 3 2257 37 2297 — 2337 3 2377 — 2417 — 2457 3 2497 11 2537 43 2577 3 2617 — 2657 — 2697 3 2737 7 2777 — 2817 3 2857 — 2897 — 2937 3 2977 13

2019 3 2059 29 2099 — 2139 3 2179 — 2219 7 2259 3 2299 11 2339 — 2379 3 2419 41 2459 — 2499 3 2539 — 2579 — 2619 3 2659 — 2699 — 2739 3 2779 7 2819 — 2859 3 2899 13 2939 — 2979 3

2021 43 2061 3 2101 11 2141 — 2181 3 2221 — 2261 7 2301 3 2341 — 2381 — 2421 3 2461 23 2501 41 2541 3 2581 29 2621 — 2661 3 2701 37 2741 — 2781 3 2821 7 2861 — 2901 3 2941 17 2981 11

2023 7 2063 — 2103 3 2143 — 2183 37 2223 3 2263 31 2303 7 2343 3 2383 — 2423 — 2463 3 2503 — 2543 — 2583 3 2623 43 2663 — 2703 3 2743 13 2783 11 2823 3 2863 7 2903 — 2943 3 2983 19

2027 — 2067 3 2107 7 2147 19 2187 3 2227 17 2267 — 2307 3 2347 — 2387 7 2427 3 2467 — 2507 23 2547 3 2587 13 2627 37 2667 3 2707 — 2747 41 2787 3 2827 11 2867 47 2907 3 2947 7 2987 29

2029 — 2069 — 2109 3 2149 7 2189 11 2229 3 2269 — 2309 — 2349 3 2389 — 2429 7 2469 3 2509 13 2549 — 2589 3 2629 11 2669 17 2709 3 2749 — 2789 — 2829 3 2869 19 2909 — 2949 3 2989 7

2031 3 2071 19 2111 — 2151 3 2191 7 2231 23 2271 3 2311 — 2351 — 2391 3 2431 11 2471 7 2511 3 2551 — 2591 — 2631 3 2671 — 2711 — 2751 3 2791 — 2831 19 2871 3 2911 41 2951 13 2991 3

2033 19 2073 3 2113 — 2153 — 2193 3 2233 7 2273 — 2313 3 2353 13 2393 — 2433 3 2473 — 2513 7 2553 3 2593 — 2633 — 2673 3 2713 — 2753 — 2793 3 2833 — 2873 13 2913 3 2953 — 2993 41

2037 3 2077 31 2117 29 2157 3 2197 13 2237 — 2277 3 2317 7 2357 — 2397 3 2437 — 2477 — 2517 3 2557 — 2597 7 2637 3 2677 — 2717 11 2757 3 2797 — 2837 — 2877 3 2917 — 2957 — 2997 3

Table 12: Odd integers with their smallest proper divisor

2039 — 2079 3 2119 13 2159 17 2199 3 2239 — 2279 43 2319 3 2359 7 2399 — 2439 3 2479 37 2519 11 2559 3 2599 23 2639 7 2679 3 2719 — 2759 31 2799 3 2839 17 2879 — 2919 3 2959 11 2999 —

Appendix A. Tables

3001 — 3041 — 3081 3 3121 — 3161 29 3201 3 3241 7 3281 17 3321 3 3361 — 3401 19 3441 3 3481 59 3521 7 3561 3 3601 13 3641 11 3681 3 3721 61 3761 — 3801 3 3841 23 3881 — 3921 3 3961 17

3003 3 3043 17 3083 — 3123 3 3163 — 3203 — 3243 3 3283 7 3323 — 3363 3 3403 41 3443 11 3483 3 3523 13 3563 7 3603 3 3643 — 3683 29 3723 3 3763 53 3803 — 3843 3 3883 11 3923 — 3963 3

3007 31 3047 11 3087 3 3127 53 3167 — 3207 3 3247 17 3287 19 3327 3 3367 7 3407 — 3447 3 3487 11 3527 — 3567 3 3607 — 3647 7 3687 3 3727 — 3767 — 3807 3 3847 — 3887 13 3927 3 3967 —

3009 3 3049 — 3089 — 3129 3 3169 — 3209 — 3249 3 3289 11 3329 — 3369 3 3409 7 3449 — 3489 3 3529 — 3569 43 3609 3 3649 41 3689 7 3729 3 3769 — 3809 13 3849 3 3889 — 3929 — 3969 3

229

3011 — 3051 3 3091 11 3131 31 3171 3 3211 13 3251 — 3291 3 3331 — 3371 — 3411 3 3451 7 3491 — 3531 3 3571 — 3611 23 3651 3 3691 — 3731 7 3771 3 3811 37 3851 — 3891 3 3931 — 3971 11

3013 23 3053 43 3093 3 3133 13 3173 19 3213 3 3253 — 3293 37 3333 3 3373 — 3413 — 3453 3 3493 7 3533 — 3573 3 3613 — 3653 13 3693 3 3733 — 3773 7 3813 3 3853 — 3893 17 3933 3 3973 29

3017 7 3057 3 3097 19 3137 — 3177 3 3217 — 3257 — 3297 3 3337 47 3377 11 3417 3 3457 — 3497 13 3537 3 3577 7 3617 — 3657 3 3697 — 3737 37 3777 3 3817 11 3857 7 3897 3 3937 31 3977 41

3019 — 3059 7 3099 3 3139 43 3179 11 3219 3 3259 — 3299 — 3339 3 3379 31 3419 13 3459 3 3499 — 3539 — 3579 3 3619 7 3659 — 3699 3 3739 — 3779 — 3819 3 3859 17 3899 7 3939 3 3979 23

3021 3 3061 — 3101 7 3141 3 3181 — 3221 — 3261 3 3301 — 3341 13 3381 3 3421 11 3461 — 3501 3 3541 — 3581 — 3621 3 3661 7 3701 — 3741 3 3781 19 3821 — 3861 3 3901 47 3941 7 3981 3

3023 — 3063 3 3103 29 3143 7 3183 3 3223 11 3263 13 3303 3 3343 — 3383 17 3423 3 3463 — 3503 31 3543 3 3583 — 3623 — 3663 3 3703 7 3743 19 3783 3 3823 — 3863 — 3903 3 3943 — 3983 7

3027 3 3067 — 3107 13 3147 3 3187 — 3227 7 3267 3 3307 — 3347 — 3387 3 3427 23 3467 — 3507 3 3547 — 3587 17 3627 3 3667 19 3707 11 3747 3 3787 7 3827 43 3867 3 3907 — 3947 — 3987 3

3029 13 3069 3 3109 — 3149 47 3189 3 3229 — 3269 7 3309 3 3349 17 3389 — 3429 3 3469 — 3509 11 3549 3 3589 37 3629 19 3669 3 3709 — 3749 23 3789 3 3829 7 3869 53 3909 3 3949 11 3989 —

3031 7 3071 37 3111 3 3151 23 3191 — 3231 3 3271 — 3311 7 3351 3 3391 — 3431 47 3471 3 3511 — 3551 53 3591 3 3631 — 3671 — 3711 3 3751 11 3791 17 3831 3 3871 7 3911 — 3951 3 3991 13

3033 3 3073 7 3113 11 3153 3 3193 31 3233 53 3273 3 3313 — 3353 7 3393 3 3433 — 3473 23 3513 3 3553 11 3593 — 3633 3 3673 — 3713 47 3753 3 3793 — 3833 — 3873 3 3913 7 3953 59 3993 3

3037 — 3077 17 3117 3 3157 7 3197 23 3237 3 3277 29 3317 31 3357 3 3397 43 3437 7 3477 3 3517 — 3557 — 3597 3 3637 — 3677 — 3717 3 3757 13 3797 — 3837 3 3877 — 3917 — 3957 3 3997 7

Table 13: Odd integers with their smallest proper divisor

3039 3 3079 — 3119 — 3159 3 3199 7 3239 41 3279 3 3319 — 3359 — 3399 3 3439 19 3479 7 3519 3 3559 — 3599 59 3639 3 3679 13 3719 — 3759 3 3799 29 3839 11 3879 3 3919 — 3959 37 3999 3

230

2 1 53 2 127 3 199 3 283 3 383 5 467 2 577 5 661 2 769 11 877 2 983 5 1087 3 1193 3 1297 10 1429 6 1523 2 1619 2 1741 2 1871 14 1993 5 2089 7 2221 2 2339 2 2437 2

Appendix A. Tables

3 2 59 2 131 2 211 2 293 2 389 2 479 13 587 2 673 5 773 2 881 3 991 6 1091 2 1201 11 1301 2 1433 3 1531 2 1621 2 1747 2 1873 10 1997 2 2099 2 2237 2 2341 7 2441 6

5 2 61 2 137 3 223 3 307 5 397 5 487 3 593 3 677 2 787 2 883 2 997 7 1093 5 1213 2 1303 6 1439 7 1543 5 1627 3 1753 7 1877 2 1999 3 2111 7 2239 3 2347 3 2447 5

7 3 67 2 139 2 227 2 311 17 401 3 491 2 599 7 683 5 797 2 887 5 1009 11 1097 3 1217 3 1307 2 1447 3 1549 2 1637 2 1759 6 1879 6 2003 5 2113 5 2243 2 2351 13 2459 2

11 2 71 7 149 2 229 6 313 10 409 21 499 7 601 7 691 3 809 3 907 2 1013 3 1103 5 1223 5 1319 13 1451 2 1553 3 1657 11 1777 5 1889 3 2011 3 2129 3 2251 7 2357 2 2467 2

13 2 73 5 151 6 233 3 317 2 419 2 503 5 607 3 701 2 811 3 911 17 1019 2 1109 2 1229 2 1321 13 1453 2 1559 19 1663 3 1783 10 1901 2 2017 5 2131 2 2267 2 2371 2 2473 5

17 3 79 3 157 5 239 7 331 3 421 2 509 2 613 2 709 2 821 2 919 7 1021 10 1117 2 1231 3 1327 3 1459 3 1567 3 1667 2 1787 2 1907 2 2027 2 2137 10 2269 2 2377 5 2477 2

19 2 83 2 163 2 241 7 337 10 431 7 521 3 617 3 719 11 823 3 929 3 1031 14 1123 2 1237 2 1361 3 1471 6 1571 2 1669 2 1789 6 1913 3 2029 2 2141 2 2273 3 2381 3 2503 3

23 5 89 3 167 5 251 6 347 2 433 5 523 2 619 2 727 5 827 2 937 5 1033 5 1129 11 1249 7 1367 5 1481 3 1579 3 1693 2 1801 11 1931 2 2039 7 2143 3 2281 7 2383 5 2521 17

29 2 97 5 173 2 257 3 349 2 439 15 541 2 631 3 733 6 829 2 941 2 1039 3 1151 17 1259 2 1373 2 1483 2 1583 5 1697 3 1811 6 1933 5 2053 2 2153 3 2287 19 2389 2 2531 2

31 3 101 2 179 2 263 5 353 3 443 2 547 2 641 3 739 3 839 11 947 2 1049 3 1153 5 1277 2 1381 2 1487 5 1597 11 1699 3 1823 5 1949 2 2063 5 2161 23 2293 2 2393 3 2539 2

37 2 103 5 181 2 269 2 359 7 449 3 557 2 643 11 743 5 853 2 953 3 1051 7 1163 5 1279 3 1399 13 1489 14 1601 3 1709 3 1831 3 1951 3 2069 2 2179 7 2297 5 2399 11 2543 5

41 6 107 2 191 19 271 6 367 6 457 13 563 2 647 5 751 3 857 3 967 5 1061 2 1171 2 1283 2 1409 3 1493 2 1607 5 1721 3 1847 5 1973 2 2081 3 2203 5 2309 2 2411 6 2549 2

43 3 109 6 193 5 277 5 373 2 461 2 569 3 653 2 757 2 859 2 971 6 1063 3 1181 7 1289 6 1423 3 1499 2 1609 7 1723 3 1861 2 1979 2 2083 2 2207 5 2311 3 2417 3 2551 6

Table 14: Each prime (up to 2557) with its smallest primitive root

47 5 113 3 197 2 281 3 379 2 463 3 571 3 659 2 761 6 863 5 977 3 1069 6 1187 2 1291 2 1427 2 1511 11 1613 3 1733 2 1867 2 1987 2 2087 5 2213 2 2333 2 2423 5 2557 2

Appendix A. Tables

2579 2 2689 19 2791 6 2909 2 3041 3 3187 2 3313 10 3433 5 3541 7 3659 2 3779 2 3911 13 4021 2 4153 5 4271 7 4421 3 4547 2 4663 3 4799 7 4943 7 5051 2 5189 2 5333 2 5449 7 5573 2

2591 7 2693 2 2797 2 2917 5 3049 11 3191 11 3319 6 3449 3 3547 2 3671 13 3793 5 3917 2 4027 3 4157 2 4273 5 4423 3 4549 6 4673 3 4801 7 4951 6 5059 2 5197 7 5347 3 5471 7 5581 6

2593 7 2699 2 2801 3 2927 5 3061 6 3203 2 3323 2 3457 7 3557 2 3673 5 3797 2 3919 3 4049 3 4159 3 4283 2 4441 21 4561 11 4679 11 4813 2 4957 2 5077 2 5209 17 5351 11 5477 2 5591 11

2609 3 2707 2 2803 2 2939 2 3067 2 3209 3 3329 3 3461 2 3559 3 3677 2 3803 2 3923 2 4051 10 4177 5 4289 3 4447 3 4567 3 4691 2 4817 3 4967 5 5081 3 5227 2 5381 3 5479 3 5623 5

231

2617 5 2711 7 2819 2 2953 13 3079 6 3217 5 3331 3 3463 3 3571 2 3691 2 3821 3 3929 3 4057 5 4201 11 4297 5 4451 2 4583 5 4703 5 4831 3 4969 11 5087 5 5231 7 5387 2 5483 2 5639 7

2621 2 2713 5 2833 5 2957 2 3083 2 3221 10 3343 5 3467 2 3581 2 3697 5 3823 3 3931 2 4073 3 4211 6 4327 3 4457 3 4591 11 4721 6 4861 11 4973 2 5099 2 5233 10 5393 3 5501 2 5641 14

2633 3 2719 3 2837 2 2963 2 3089 3 3229 6 3347 2 3469 2 3583 3 3701 2 3833 3 3943 3 4079 11 4217 3 4337 3 4463 5 4597 5 4723 2 4871 11 4987 2 5101 6 5237 3 5399 7 5503 3 5647 3

2647 3 2729 3 2843 2 2969 3 3109 6 3251 6 3359 11 3491 2 3593 3 3709 2 3847 5 3947 2 4091 2 4219 2 4339 10 4481 3 4603 2 4729 17 4877 2 4993 5 5107 2 5261 2 5407 3 5507 2 5651 2

2657 3 2731 3 2851 2 2971 10 3119 7 3253 2 3361 22 3499 2 3607 5 3719 7 3851 2 3967 6 4093 2 4229 2 4349 2 4483 2 4621 2 4733 5 4889 3 4999 3 5113 19 5273 3 5413 5 5519 13 5653 5

2659 2 2741 2 2857 11 2999 17 3121 7 3257 3 3371 2 3511 7 3613 2 3727 3 3853 2 3989 2 4099 2 4231 3 4357 2 4493 2 4637 2 4751 19 4903 3 5003 2 5119 3 5279 7 5417 3 5521 11 5657 3

2663 5 2749 6 2861 2 3001 14 3137 3 3259 3 3373 5 3517 2 3617 3 3733 2 3863 5 4001 3 4111 12 4241 3 4363 2 4507 2 4639 3 4759 3 4909 6 5009 3 5147 2 5281 7 5419 3 5527 5 5659 2

2671 7 2753 3 2879 7 3011 2 3163 3 3271 3 3389 3 3527 5 3623 5 3739 7 3877 2 4003 2 4127 5 4243 2 4373 2 4513 7 4643 5 4783 6 4919 13 5011 2 5153 5 5297 3 5431 3 5531 10 5669 3

2677 2 2767 3 2887 5 3019 2 3167 5 3299 2 3391 3 3529 17 3631 15 3761 3 3881 13 4007 5 4129 13 4253 2 4391 14 4517 2 4649 3 4787 2 4931 6 5021 3 5167 6 5303 5 5437 5 5557 2 5683 2

2683 2 2777 3 2897 3 3023 5 3169 7 3301 6 3407 5 3533 2 3637 2 3767 5 3889 11 4013 2 4133 2 4259 2 4397 2 4519 3 4651 3 4789 2 4933 2 5023 3 5171 2 5309 2 5441 3 5563 2 5689 11

Table 15: Each prime (2579–5693) with its smallest primitive root

2687 5 2789 2 2903 5 3037 2 3181 7 3307 2 3413 2 3539 2 3643 2 3769 7 3907 2 4019 2 4139 2 4261 2 4409 3 4523 5 4657 15 4793 3 4937 3 5039 11 5179 2 5323 5 5443 2 5569 13 5693 2

232

5701 2 5839 6 5953 7 6101 2 6229 2 6343 3 6481 7 6637 2 6763 2 6883 2 7001 3 7159 3 7307 2 7477 2 7573 2 7691 2 7841 12 7963 5 8117 2 8263 3 8389 6 8543 5 8681 15 8803 2 8933 2

Appendix A. Tables

5711 19 5843 2 5981 3 6113 3 6247 5 6353 3 6491 2 6653 2 6779 2 6899 2 7013 2 7177 10 7309 6 7481 6 7577 3 7699 3 7853 2 7993 5 8123 2 8269 2 8419 3 8563 2 8689 13 8807 5 8941 6

5717 2 5849 3 5987 2 6121 7 6257 3 6359 13 6521 6 6659 2 6781 2 6907 2 7019 2 7187 2 7321 7 7487 5 7583 5 7703 5 7867 3 8009 3 8147 2 8273 3 8423 5 8573 2 8693 2 8819 2 8951 13

5737 5 5851 2 6007 3 6131 2 6263 5 6361 19 6529 7 6661 6 6791 7 6911 7 7027 2 7193 3 7331 2 7489 7 7589 2 7717 2 7873 5 8011 14 8161 7 8287 3 8429 2 8581 6 8699 2 8821 2 8963 2

5741 2 5857 7 6011 2 6133 5 6269 2 6367 3 6547 2 6673 5 6793 10 6917 2 7039 3 7207 3 7333 6 7499 2 7591 6 7723 3 7877 2 8017 5 8167 3 8291 2 8431 3 8597 2 8707 5 8831 7 8969 3

5743 10 5861 3 6029 2 6143 5 6271 11 6373 2 6551 17 6679 7 6803 2 6947 2 7043 2 7211 2 7349 2 7507 2 7603 2 7727 5 7879 3 8039 11 8171 2 8293 2 8443 2 8599 3 8713 5 8837 2 8971 2

5749 2 5867 5 6037 5 6151 3 6277 2 6379 2 6553 10 6689 3 6823 3 6949 2 7057 5 7213 5 7351 6 7517 2 7607 5 7741 7 7883 2 8053 2 8179 2 8297 3 8447 5 8609 3 8719 3 8839 3 8999 7

5779 2 5869 2 6043 5 6163 3 6287 7 6389 2 6563 5 6691 2 6827 2 6959 7 7069 2 7219 2 7369 7 7523 2 7621 2 7753 10 7901 2 8059 3 8191 17 8311 3 8461 6 8623 3 8731 2 8849 3 9001 7

5783 7 5879 11 6047 5 6173 2 6299 2 6397 2 6569 3 6701 2 6829 2 6961 13 7079 7 7229 2 7393 5 7529 3 7639 7 7757 2 7907 2 8069 2 8209 7 8317 6 8467 2 8627 2 8737 5 8861 2 9007 3

5791 6 5881 31 6053 2 6197 2 6301 10 6421 6 6571 3 6703 5 6833 3 6967 5 7103 5 7237 2 7411 2 7537 7 7643 2 7759 3 7919 7 8081 3 8219 2 8329 7 8501 7 8629 6 8741 2 8863 3 9011 2

5801 3 5897 3 6067 2 6199 3 6311 7 6427 3 6577 5 6709 2 6841 22 6971 2 7109 2 7243 2 7417 5 7541 2 7649 3 7789 2 7927 3 8087 5 8221 2 8353 5 8513 5 8641 17 8747 2 8867 2 9013 5

5807 5 5903 5 6073 10 6203 2 6317 2 6449 3 6581 14 6719 11 6857 3 6977 3 7121 3 7247 5 7433 3 7547 2 7669 2 7793 3 7933 2 8089 17 8231 11 8363 2 8521 13 8647 3 8753 3 8887 3 9029 2

5813 2 5923 2 6079 17 6211 2 6323 2 6451 3 6599 13 6733 2 6863 5 6983 5 7127 5 7253 2 7451 2 7549 2 7673 3 7817 3 7937 3 8093 2 8233 10 8369 3 8527 5 8663 5 8761 23 8893 5 9041 3

5821 6 5927 5 6089 3 6217 5 6329 3 6469 2 6607 3 6737 3 6869 2 6991 6 7129 7 7283 2 7457 3 7559 13 7681 17 7823 5 7949 2 8101 6 8237 2 8377 5 8537 3 8669 2 8779 11 8923 2 9043 3

Table 16: Each prime (5701–9049) with its smallest primitive root

5827 2 5939 2 6091 7 6221 3 6337 10 6473 3 6619 2 6761 3 6871 3 6997 5 7151 7 7297 5 7459 2 7561 13 7687 6 7829 2 7951 6 8111 11 8243 2 8387 2 8539 2 8677 2 8783 5 8929 11 9049 7

Appendix B

Projects In my own teaching, I have found assigning projects to be invaluable. Not every student loves them, but most appreciate them. These longer assignments give students a chance to explore topics that aren’t in the text, delve deeper into a topic touched on in the text, or pull together a body of knowledge that otherwise might be parceled out in several exercises. Writing up their results is also an invaluable exercise in getting students to work on their mathematical writing. I have generally assigned four projects during a semester of number theory (I often assign Project A on the first day of class); in most other courses I assign three. Enjoy!

233

234

Appendix B. Projects

Project A: Patterns in Number Theoretic Data One of the most important skills in mathematics is the ability to generalize. In this project you are asked to look for patterns in numerical data (most of which have some number theoretic interest), and to describe any patterns you find or conjecture. Some of the patterns may be proved to exist later in the course. This project will not require much in the way of writing.

Part One - Number Theoretic Functions One of the tools we will use to study number theory are functions. They will typically map the natural numbers to the integers; thus we want to be familiar with functions f : N → Z. On the next four pages you see a table containing data for eighteen such functions. Your goal is to deduce, from the data, what each function is. Thus your answers will take the form of eighteen definitions; each definition can be given as a formula, or a paragraph of explanation, or an algorithm for computing values, etc. If you are unable to deduce one (or more) function’s definition, try to give partial answers, and some indication of where you got stuck. If you need more data than is given, just ask. This project was inspired by [Davenport], specifically the table on p. 105.

Appendix B. Projects

n 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

prime factorization of n – 2 3 22 5 2·3 7 23 32 2·5 11 22 · 3 13 2·7 3·5 24 17 2 · 32 19 22 · 5 3·7 2 · 11 23 23 · 3 52 2 · 13 33 22 · 7 29 2·3·5 31 25 3 · 11 2 · 17 5·7 22 · 32 37 2 · 19 3 · 13 23 · 5 41 2·3·7 43 22 · 11 32 · 5 2 · 23 47 24 · 3 72 2 · 52

235

f1 (n)

f2 (n)

f3 (n)

f4 (n)

f5 (n)

f6 (n)

f7 (n)

f8 (n)

f9 (n)

−1 1 1 0 1 1 1 0 0 1 1 1 1 1 1 0 1 1 1 1 1 1 1 1 0 1 0 1 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 0 1

1 1 1 2 1 1 1 3 2 1 1 2 1 1 1 4 1 2 1 2 1 1 1 3 2 1 3 2 1 1 1 5 1 1 1 4 1 1 1 3 1 1 1 2 2 1 1 4 2 2

1 −1 −1 0 −1 1 −1 0 0 1 −1 0 −1 1 1 0 −1 0 −1 0 1 1 −1 0 0 1 0 0 −1 −1 −1 0 1 1 1 0 −1 1 1 0 −1 −1 −1 0 0 1 −1 0 0 0

1 2 3 2 5 3 7 2 3 5 11 3 13 7 5 2 17 3 19 5 7 11 23 3 5 13 3 7 29 5 31 2 11 17 7 3 37 19 13 5 41 7 43 11 5 23 47 3 7 5

0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1

1 2 2 3 2 4 2 4 3 4 2 6 2 4 4 5 2 6 2 6 4 4 2 8 3 4 4 6 2 8 2 6 4 4 4 9 2 4 4 8 2 8 2 6 6 4 2 10 3 6

3 7 7 7 7 3 7 7 7 3 7 3 7 3 3 7 7 3 7 3 3 3 7 3 7 3 7 3 7 3 7 7 3 3 3 3 7 3 3 3 7 3 7 3 3 3 7 3 7 3

0 3 8 15 24 35 48 63 80 99 120 143 168 195 224 255 288 323 360 399 440 483 528 575 624 675 728 783 840 899 960 1023 1088 1155 1224 1295 1368 1443 1520 1599 1680 1763 1848 1935 2024 2115 2208 2303 2400 2499

1 2 3 2 5 2 7 2 3 2 11 2 13 2 3 2 17 2 19 2 3 2 23 2 5 2 3 2 29 2 31 2 3 2 5 2 37 2 3 2 41 2 43 2 3 2 47 2 7 2

236

n 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100

Appendix B. Projects

prime factorization of n 3 · 17 22 · 13 53 2 · 33 5 · 11 23 · 7 3 · 19 2 · 29 59 22 · 3 · 5 61 2 · 31 32 · 7 26 5 · 13 2 · 3 · 11 67 22 · 17 3 · 23 2·5·7 71 23 · 32 73 2 · 37 3 · 52 22 · 19 7 · 11 2 · 3 · 13 79 24 · 5 34 2 · 41 83 22 · 3 · 7 5 · 17 2 · 43 3 · 29 23 · 11 89 2 · 32 · 5 7 · 13 22 · 23 3 · 31 2 · 47 5 · 19 25 · 3 97 2 · 72 32 · 11 22 · 52

f1 (n)

f2 (n)

f3 (n)

f4 (n)

f5 (n)

f6 (n)

f7 (n)

f8 (n)

f9 (n)

1 1 1 1 1 1 1 1 1 1 1 1 1 −1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0

1 2 1 3 1 3 1 1 1 2 1 1 2 6 1 1 1 2 1 1 1 6 1 1 2 2 1 1 1 4 4 1 1 2 1 1 1 3 1 2 1 2 1 1 1 5 1 2 2 4

1 0 −1 0 1 0 1 1 −1 0 −1 1 0 0 1 −1 −1 0 1 −1 −1 0 −1 1 0 0 1 −1 −1 0 0 1 −1 0 1 1 1 0 −1 0 1 0 1 1 1 0 −1 0 0 0

17 13 53 3 11 7 19 29 59 5 61 31 7 2 13 11 67 17 23 7 71 3 73 37 5 19 11 13 79 5 3 41 83 7 17 43 29 11 89 5 13 23 31 47 19 3 97 7 11 5

1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1 0 1 0 1 1 1

4 6 2 8 4 8 4 4 2 12 2 4 6 7 4 8 2 6 4 8 2 12 2 4 6 6 4 8 2 10 5 4 2 12 4 4 4 8 2 12 4 6 4 4 4 12 2 6 6 9

3 3 7 3 3 3 3 3 7 3 7 3 3 7 3 3 7 3 3 3 7 3 7 3 3 3 3 3 7 3 7 3 7 3 3 3 3 3 7 3 3 3 3 3 3 3 7 3 3 3

2600 2703 2808 2915 3024 3135 3248 3363 3480 3599 3720 3843 3968 4095 4224 4355 4488 4623 4760 4899 5040 5183 5328 5475 5624 5775 5928 6083 6240 6399 6560 6723 6888 7055 7224 7395 7568 7743 7920 8099 8280 8463 8648 8835 9024 9215 9408 9603 9800 9999

3 2 53 2 5 2 3 2 59 2 61 2 3 2 5 2 67 2 3 2 71 2 73 2 3 2 7 2 79 2 3 2 83 2 5 2 3 2 89 2 7 2 3 2 5 2 97 2 3 2

Appendix B. Projects

n 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

prime factorization of n – 2 3 22 5 2·3 7 23 32 2·5 11 22 · 3 13 2·7 3·5 24 17 2 · 32 19 22 · 5 3·7 2 · 11 23 23 · 3 52 2 · 13 33 22 · 7 29 2·3·5 31 25 3 · 11 2 · 17 5·7 22 · 32 37 2 · 19 3 · 13 23 · 5 41 2·3·7 43 22 · 11 32 · 5 2 · 23 47 24 · 3 72 2 · 52

237

f10 (n) f11 (n) f12 (n) f13 (n) f14 (n) f15 (n) f16 (n) f17 (n) f18 (n) 1 1 2 2 4 2 6 4 6 4 10 4 12 6 8 8 16 6 18 8 12 10 22 8 20 12 18 12 28 8 30 16 20 16 24 12 36 18 24 16 40 12 42 20 24 22 46 16 42 20

1 1 1 2 1 2 1 4 3 2 1 4 1 2 3 8 1 6 1 4 3 2 1 8 5 2 9 4 1 6 1 16 3 2 5 12 1 2 3 8 1 6 1 4 9 2 1 16 7 10

0 1 1 0 1 0 1 0 0 0 1 0 1 0 0 0 1 0 1 0 0 0 1 0 0 0 0 0 1 0 1 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 1 0 0 0

0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1

0 −1 −1 −1 −1 −1 −1 1 −1 −1 −1 1 −1 −1 1 1 −1 −1 −1 1 1 −1 −1 1 −1 −1 −1 1 −1 1 −1 1 1 −1 1 1 −1 −1 1 1 −1 1 −1 1 1 −1 −1 1 −1 −1

0 1 1 0 1 1 1 0 0 1 1 1 1 1 1 0 1 1 1 1 1 1 1 1 0 1 0 1 1 1 1 0 1 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 0 1

1 2 3 2 5 6 7 2 3 10 11 6 13 14 15 2 17 6 19 10 21 22 23 6 5 26 3 14 29 30 31 2 33 34 35 6 37 38 39 10 41 42 43 22 15 46 47 6 7 10

1 −1 1 −1 −1 1 −1 −1 −1 1 −1 −1 −1 −1 1 −1 −1 −1 −1 −1 1 −1 −1 −1 −1 −1 −1 1 −1 −1 −1 −1 −1 −1 −1 1 −1 −1 −1 −1 −1 −1 −1 −1 1 −1 −1 −1 −1 −1

1 3 4 7 6 12 8 15 13 18 12 28 14 24 24 31 18 39 20 42 32 36 24 60 31 42 40 56 30 72 32 63 48 54 48 91 38 60 56 90 42 96 44 84 78 72 48 124 57 93

238

n 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100

Appendix B. Projects

prime factorization of n 3 · 17 22 · 13 53 2 · 33 5 · 11 23 · 7 3 · 19 2 · 29 59 22 · 3 · 5 61 2 · 31 32 · 7 26 5 · 13 2 · 3 · 11 67 22 · 17 3 · 23 2·5·7 71 23 · 32 73 2 · 37 3 · 52 22 · 19 7 · 11 2 · 3 · 13 79 24 · 5 34 2 · 41 83 22 · 3 · 7 5 · 17 2 · 43 3 · 29 23 · 11 89 2 · 32 · 5 7 · 13 22 · 23 3 · 31 2 · 47 5 · 19 25 · 3 97 2 · 72 32 · 11 22 · 52

f10 (n) f11 (n) f12 (n) f13 (n) f14 (n) f15 (n) f16 (n) f17 (n) f18 (n) 32 24 52 18 40 24 36 28 58 16 60 30 36 32 48 20 66 32 44 24 70 24 72 36 40 36 60 24 78 32 54 40 82 24 64 42 56 40 88 24 72 44 60 46 72 32 96 42 60 40

3 4 1 18 5 8 3 2 1 12 1 2 9 32 5 6 1 4 3 10 1 24 1 2 15 4 7 6 1 16 27 2 1 12 5 2 3 8 1 18 7 4 3 2 5 32 1 14 9 20

0 0 1 0 0 0 0 0 1 0 1 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 0 1 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0

0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1

1 1 −1 −1 1 1 1 −1 −1 1 −1 −1 1 1 1 1 −1 1 1 1 −1 1 −1 −1 1 1 1 1 −1 1 −1 −1 −1 1 1 −1 1 1 −1 1 1 1 1 −1 1 1 −1 −1 1 1

1 1 1 1 1 1 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0

51 26 53 6 55 14 57 58 59 30 61 62 21 2 65 66 67 34 69 70 71 6 73 74 15 38 77 78 79 10 3 82 83 42 85 86 87 22 89 30 91 46 93 94 95 6 97 14 33 10

−1 −1 −1 −1 1 −1 −1 −1 −1 −1 −1 −1 −1 −1 −1 1 −1 −1 −1 −1 −1 −1 −1 −1 −1 −1 −1 1 −1 −1 −1 −1 −1 −1 −1 −1 −1 −1 −1 −1 1 −1 −1 −1 −1 −1 −1 −1 −1 −1

72 98 54 120 72 120 80 90 60 168 62 96 104 127 84 144 68 126 96 144 72 195 74 114 124 140 96 168 80 186 121 126 84 224 108 132 120 180 90 234 112 168 128 144 120 252 98 171 156 217

Appendix B. Projects

239

Part Two - CF Expansions Below and on the next page are CF expansions for the first 120 natural numbers. These are similar to, for example, decimal expansions such as 14 = 0.25, 15 = 0.2, 1 1 6 = 0.16, 7 = 0.142857, . . . , in that some CF expansions are finite, and some are infinite with repetition; in those that repeat the part that repeats is indicated by the bar. Thus the CF expansion for the natural number 33 is an initial five, followed by the infinitely-repeated pattern “one, then two, then one, then ten.” Describe as many patterns as you can detect in these CF expansions. (The most obvious one is that “The CF expansion for m2 is [m], with no repetition.”) n 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

CF expansion for n [1] [1; 2] [1; 1, 2] [2] [2; 4] [2; 2, 4] [2; 1, 1, 1, 4] [2; 1, 4] [3] [3; 6] [3; 3, 6] [3; 2, 6] [3; 1, 1, 1, 1, 6] [3; 1, 2, 1, 6] [3; 1, 6] [4] [4; 8] [4; 4, 8] [4; 2, 1, 3, 1, 2, 8] [4; 2, 8] [4; 1, 1, 2, 1, 1, 8] [4; 1, 2, 4, 2, 1, 8] [4; 1, 3, 1, 8] [4; 1, 8] [5]

n 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

CF expansion for n [5; 10] [5; 5, 10] [5; 3, 2, 3, 10] [5; 2, 1, 1, 2, 10] [5; 2, 10] [5; 1, 1, 3, 5, 3, 1, 1, 10] [5; 1, 1, 1, 10] [5; 1, 2, 1, 10] [5; 1, 4, 1, 10] [5; 1, 10] [6] [6; 12] [6; 6, 12] [6; 4, 12] [6; 3, 12] [6; 2, 2, 12] [6; 2, 12] [6; 1, 1, 3, 1, 5, 1, 3, 1, 1, 12] [6; 1, 1, 1, 2, 1, 1, 1, 12] [6; 1, 2, 2, 2, 1, 12] [6; 1, 3, 1, 1, 2, 6, 2, 1, 1, 3, 1, 12] [6; 1, 5, 1, 12] [6; 1, 12] [7] [7; 14]

240

n 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85

Appendix B. Projects

CF expansion for n [7; 7, 14] [7; 4, 1, 2, 1, 4, 14] [7; 3, 1, 1, 3, 14] [7; 2, 1, 6, 1, 2, 14] [7; 2, 2, 2, 14] [7; 2, 14] [7; 1, 1, 4, 1, 1, 14] [7; 1, 1, 1, 1, 1, 1, 14] [7; 1, 2, 7, 2, 1, 14] [7; 1, 2, 1, 14] [7; 1, 4, 3, 1, 2, 2, 1, 3, 4, 1, 14] [7; 1, 6, 1, 14] [7; 1, 14] [8] [8; 16] [8; 8, 16] [8; 5, 2, 1, 1, 7, 1, 1, 2, 5, 16] [8; 4, 16] [8; 3, 3, 1, 4, 1, 3, 3, 16] [8; 2, 1, 2, 1, 2, 16] [8; 2, 2, 1, 7, 1, 2, 2, 16] [8; 2, 16] [8; 1, 1, 5, 5, 1, 1, 16] [8; 1, 1, 1, 1, 16] [8; 1, 1, 1, 16] [8; 1, 2, 1, 1, 5, 4, 5, 1, 1, 2, 1, 16] [8; 1, 3, 2, 3, 1, 16] [8; 1, 4, 1, 16] [8; 1, 7, 1, 16] [8; 1, 16] [9] [9; 18] [9; 9, 18] [9; 6, 18] [9; 4, 1, 1, 4, 18]

n 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120

CF expansion for n [9; 3, 1, 1, 1, 8, 1, 1, 1, 3, 18] [9; 3, 18] [9; 2, 1, 1, 1, 2, 18] [9; 2, 3, 3, 2, 18] [9; 2, 18] [9; 1, 1, 5, 1, 5, 1, 1, 18] [9; 1, 1, 2, 4, 2, 1, 1, 18] [9; 1, 1, 1, 4, 6, 4, 1, 1, 1, 18] [9; 1, 2, 3, 1, 1, 5, 1, 8, 1, 5, 1, 1, 3, 2, 1, 18] [9; 1, 2, 1, 18] [9; 1, 3, 1, 18] [9; 1, 5, 1, 1, 1, 1, 1, 1, 5, 1, 18] [9; 1, 8, 1, 18] [9; 1, 18] [10] [10; 20] [10; 10, 20] [10; 6, 1, 2, 1, 1, 9, 1, 1, 2, 1, 6, 20] [10; 5, 20] [10; 4, 20] [10; 3, 2, 1, 1, 1, 1, 2, 3, 20] [10; 2, 1, 9, 1, 2, 20] [10; 2, 1, 1, 4, 1, 1, 2, 20] [10; 2, 3, 1, 2, 4, 1, 6, 6, 1, 4, 2, 1, 3, 2, 20] [10; 2, 20] [10; 1, 1, 6, 1, 1, 20] [10; 1, 1, 2, 1, 1, 20] [10; 1, 1, 1, 2, 2, 1, 1, 1, 20] [10; 1, 2, 10, 2, 1, 20] [10; 1, 2, 1, 1, 1, 1, 1, 2, 1, 20] [10; 1, 3, 2, 1, 4, 1, 2, 3, 1, 20] [10; 1, 4, 2, 4, 1, 20] [10; 1, 6, 3, 2, 10, 2, 3, 6, 1, 20] [10; 1, 9, 1, 20] [10; 1, 20]

Appendix B. Projects

241

  n Project B: Binomial Coefficients, k In this project we will Newton’s lead and generalize the definition of the  follow  n binomial coefficients, , and use these generalized binomial coefficients in various k ways.   n We have defined the binomial coefficients as , the number of distinct subsets of k   n a set S that contain n distinguishable objects (see page 19). Thus is defined k for n ∈ N and k = 0, 1, 2, . . . , n. We may extend this  definition to n = 0, since our n set S could be empty, and then we can agree that = 1 for all n ∈ W, since the 0 empty set is the unique subset of S that has size zero.   The first part of this project n , for other numbers n and k. is to see how far we can extend the definition of k First we might see that the restriction k ≤ n is unnecessary, since for instance we   4 can see that = 0 since a set of size four has no subsets of size seven. Similarly, 7   n the restriction k ≥ 0 is unnecessary, since = 0 for all n ∈ W. −3   n Exercise 1: Make a careful definition of for n ∈ W and k ∈ Z. What are the k   n values of when k < 0 or k > n? k   n Exercise 2: In a similar vein, we can extend the definition of to the case k where n < 0, even sizes. Make a careful  though there are no sets with  negative  n n definition of for n ∈ Z and k ∈ Z. Compute for −5 ≤ n ≤ 7, −5 ≤ k ≤ 7 k k and fill in the table on page 245. Exercise 3: Recall the addition rule for binomial coefficients:       n n−1 n−1 = + . k k−1 k There is exactly one pair of integers (n, k) for which this rule is false, and that pair of values appears in the table you produced in Exercise 2. What is it?   n In Section 5, page 20, we showed that may be computed with the formula k   n n! = but this formula only makes sense for our original set of ns and k k!(n − k)! ks. We may rewrite, this, however, to cancel the factors of (n − k)! with some of

242

Appendix B. Projects

the factors of n!, and obtain:   n n(n − 1)(n − 2) · · · (n − k + 1) , = k k! which can be computed for any real number n and any non-negative integer k. Exercise 4: Extend the definition above to all n ∈ R and all integers k in a way consistent with Exercise 1. That is, complete the following definition ⎧ n(n−1)(n−2)···(n−k+1) ⎪ if k > 0 ⎪ k! ⎪ ⎪ ⎪   ⎪ ⎨ n = if k = 0 ⎪ k ⎪ ⎪ ⎪ ⎪ ⎪ ⎩ if k < 0. Is your definition consistent with Exercise 1 when k > n? Is your definition consistent with Exercise 2 when n < 0? Exercise 5: Show that with the definition in Exercise 4, we have       n n−1 n−1 = + k k−1 k for all n ∈ R and k ∈ Z. This new definition leads to the table of values in Table 17 on page 246. We wish to use these new, extended-definition binomial coefficients to calculate things like square Newton was the first to do this; he wanted to use the  1roots. 2 π definite integral 1 − x2 dx = as a way to calculate π. Our first step towards 4 0 this calculation is √ Exercise 6: Assume that the function f (x) = 1 + x can be written as f (x) =



1 + x = c 0 + c 1 x + c 2 x2 + c 3 x3 + c 4 x4 + · · · =



c k xk .

k=0

Use f (0) = 1 and (f (x))2 = 1 + x to calculate the first six coefficients, c0 up to c5 . You will want to use the method of equating coefficients. Exercise 7: Use Taylor’s theorem (from calculus) to write out the Taylor series at a = 0 for f (x). Check that the first five coefficients are the same as those you found in Exercise 6. Exercise 8: Use Taylor’s theorem (from calculus) to write out the Taylor series at a = 0 for g(t) = (1 + t)p , where p is a constant. Write it in the form (1 + t)p = g(t) =



k=0

c k tk .

 p = Then substitute t = xy , and multiply by y p to get an expression for y p 1 + xy p (y + x) . Is your expression consistent with the binomial theorem? What are the similarities, and what are the differences?

Appendix B. Projects

243

√ Exercise 9: We wish to use the results of Exercise 6 to approximate 2, which technology gives as 1.41421356237310 . . .. We will use the approximation √ f (x) = 1 + x ≈ p(x) = c0 + c1 x + c2 x2 + c3 x3 + c4 x4 + c5 x5 , for the coefficients you found in Exercise 6. It turns out that we can use this approximation in several ways to estimate square roots. 1. Calculate p(1) and see how close it is, in relative error, to √ 2 = 1.41421356237310 . . . . Relative error is defined to be |estimated value − actual value| |absolute error| = . actual value actual value       1 1 1 4 7 2. Repeat part 1 using 2p − . Then calculate p , p , and 2 3 8 5 49   √ 10 1 p − (note that each of these expressions is equal to 2). Present 50 7 your results in a table: relative error =

approximation

absolute error

relative error

p(1) 

 1 2p − 2   4 1 p 8 3   7 1 p 49 5   10 1 p − 50 7 In a vein similar to Exercise 9, we can manipulate the results of Exercise 6 to approximate the transcendental number, π. The first step is to use the quartercircle rule, for r > 0:  r2 1 r 2 − x2 dx = πr 2 . 4 0  12 √ Exercise 10: Calculate π = 4 1 − x2 dx, using the idea that 1 − x2 = 0 2 1 + (−x2 ) = f (−x2 ), which can thus be approximated by p(−x2 ). Exercise 11: A better approximation to π can be found using the following: √  12 2 3 π 2 + , 1 − x dx = piece of pie + triangle = 12 8 0

244

Appendix B. Projects

√ 2 3 3 2 . (Draw a picture of the area represented by the 1 − x dx − so π = 12 2 0 definite integral to see why it splits into a piece of pie and a triangle.) Calculate √ the as you did the integral in Exercise 10. We could approximate 3 using 3 3 integral 4 4    4  2 1 5 2 7 1 1 3 12 3 1+ − , 1+ , 1+ , 1+ − 1 + ; you should , or 3 2 3 3 25 4 49 7 48 use the most accurate approximation. 

1 2

Exercise 12: Use the results of Exercise 8 to write the series representation for

b(t) =

1 = (1 + (−t))−1 . 1−t

Does this agree with what you learned about this series in calculus?

Exercise 13: Some people have a difficult time understanding what number the expression 0.99999 . . . represents. Rewrite this number as

0.9999 . . . = = = =

9(0.11111 . . .)   1 1 1 1 9 + + + + ··· 10 100 1000 10, 000   9 1 1 1 1+ + + + ··· 10 10 100 1000 ∞ 9 1 . 10 10k k=0

Use the expression obtained in Exercise 12 to simplify this number.

Appendix B. Projects

245

Table for Exercise 2: Fill in the values of n\k −5 −4 −3 −2 −1

0

1

2

  n . k 3

4

5

6

7

8

−5

0

−4

0

−3

0

−2

0

−1

0

0

0

1

0

2

0

3

0

4

0

5

0

6

0

7

0

8

0

0

0

0

0

1

8

28

56

70

56

28

8

1

246

n\k

Appendix B. Projects

−5 −4 −3 −2 −1

0

1

2

3

4

5

6

7

8

−5

0

0

0

0

0

1

−5 15 −35 70 −126 210 −330 495

−4

0

0

0

0

0

1

−4 10 −20 35

−56

84

−120 165

−3

0

0

0

0

0

1

−3

6

−10 15

−21

28

−36

45

−2

0

0

0

0

0

1

−2

3

−4

5

−6

7

−8

9

−1

0

0

0

0

0

1

−1

1

−1

1

−1

1

−1

1

0

0

0

0

0

0

1

0

0

0

0

0

0

0

0

1

0

0

0

0

0

1

1

0

0

0

0

0

0

0

2

0

0

0

0

0

1

2

1

0

0

0

0

0

0

3

0

0

0

0

0

1

3

3

1

0

0

0

0

0

4

0

0

0

0

0

1

4

6

4

1

0

0

0

0

5

0

0

0

0

0

1

5

10

10

5

1

0

0

0

6

0

0

0

0

0

1

6

15

20

15

6

1

0

0

7

0

0

0

0

0

1

7

21

35

35

21

7

1

0

8

0

0

0

0

0

1

8

28

56

70

56

28

8

1

  n Table 17: A table of values using the extended definition of k

Appendix B. Projects

247

Project C: Bernoulli Numbers and Bernoulli Polynomials This project was inspired by a summer course taught by David Rohrlich of Boston University. The Bernoulli numbers, b0 , b1 , b2 , b3 , . . . , are defined by: ∞

tk t = bk . et − 1 k! k=0

t into a power series centered at a = 0, et − 1 and then define the Bernoulli numbers to be the coefficients of the resulting power series. The way to do this is not to use Taylor’s theorem and differentiation; instead, write  ∞

tk t t = (e − 1) , bk k! That is, expand the function f (t) =

k=0

expand the right-hand side as a single series, and then equate coefficients. (So you should think of the left-hand side as a power series, all of whose coefficients are zero except the coefficient of t, which is one.) Exercise 1: Calculate the first seven Bernoulli numbers, b0 up to b6 . Exercise 2: Explain why the Bernoulli numbers are rational: bk ∈ Q. Exercise 3: Use the method above (equating coefficients) to justify the following recursive formula for bk , k ∈ N:   k  k−1 

k+1 1 k+1 so bk = − bj = 0, bj . j j k + 1 j=0 j=0 t 1 + Exercise 4: Show that the function g(t) = f (t) + t = t 2 e −1 is, g(−t) = g(t)), and thus conclude that when k is odd, k > 1, bk

1 t is even (that 2 = 0.

Now define the Bernoulli polynomials, B0 (x), B1 (x), B2 (x), B3 (x), . . . by: ∞

f (t)ext =

text tk = . B (x) k et − 1 k! k=0

Exercise 5: Calculate the first four Bernoulli polynomials (using text = (et −   k ∞ t 1) k=0 Bk (x) k! ) and then explain why Bk (x) ∈ Q[x]. That is, explain why the definition above implies that Bk (x) is a polynomial (rather than a power series), and why the coefficients must be rational numbers. Exercise 6: What is the connection between the Bernoulli numbers and the Bernoulli polynomials? (Hint: you can let x equal . . . .)

248

Appendix B. Projects

As I was writing my Ph.D. dissertation, I noticed that I kept doing similar calculations, all of which looked like m  

m Bj (x) (something)m−j = something in closed form. j j=0 I finally realized I needed a lemma: Lemma 17

m  

m Bj (x)y m−j = Bm (x + y). j j=0

Proof . Let m(t, x, y) = mials, we have

te(x+y)t . Then by the definition of the Bernoulli polynoet − 1 ∞

te(x+y)t tm = . B (x + y) m et − 1 m! m=0

Then we may expand the left-hand side (with different indices) to get te(x+y)t et − 1

text · eyt et − 1 ⎞ ⎛ ∞ ∞

tk ⎝ (yt)j ⎠ . = Bk (x) k! j! j=0

=

k=0

Multiplying out the two series on the right, we get a power series in t. When we collect all terms that involve the power tm , say, we will need terms in the first sum with tk and terms in the second sum with tj , and we also need k + j = m. Thus the coefficient of tm will be a sum that looks like

 Bk (x)   y j  . k! j! k+j=m

Since k ≥ 0 and j ≥ 0, we will have m + 1 terms, with k = 0, 1, 2, . . . , m and m − k = j = m, m − 1, m − 2, . . . , 3, 2, 1, 0. Thus the coefficient of tm will be   m−k 

  m  m

Bk (x) 1 m y = Bk (x)y m−k . k! (m − k)! m! k k=0

k=0

Thus we have shown that

m    ∞

m te(x+y)t tm m−k = . Bk (x)y t k e −1 m! m=0 k=0

Since power series are uniquely determined by their coefficients, we see that m  

m Bk (x)y m−k = Bm (x + y). k k=0

Appendix B. Projects

249

Exercise 7: Justify the formula k  

k Bk (x) = bj xk−j . j j=0

Exercise 8: Use Exercise 7 to conclude that Bk (x) is monic; that is, that the leading term has coefficient one. Exercise 9: Show that 



1

(a)

Bk (x) dx = 0

(b)

1 if k = 0 0 else.

d Bk (x) = kBk−1 (x) for k ∈ W. dx

(c) Bk (1 − x) = (−1)k Bk (x) for k ∈ W. (d) Bk (x + 1) − Bk (x) = kxk−1 for k ∈ W. (e) Bk (1) = Bk (0) for k ∈ N, k ≥ 2. (f)

n

jk =

j=1

(g) N

k−1

Bk+1 (n + 1) − Bk+1 (0) for k, n ∈ N. k+1

N −1

 Bk

j=0

x+j N

 = Bk (x) for k ∈ W, N ∈ N.

Exercise 10: Show that the formula in Exercise 9(f) above is consistent with the formulas for the sums of first, second and third powers of positive integers: n

j=1

j=

n(n + 1) , 2

n

j=1

j=

n(n + 1)(2n + 1) , 6

and

n

j=1

 j3 =

n(n + 1) 2

2

Exercise 11: On the next page are the factorizations of the denominators of the Bernoulli numbers into primes. Use the data to formulate a rule that gives the denominators of the Bernoulli numbers. You are welcome to try to prove your rule, but that is above and beyond the call of duty. Okay, that was fun, but why do we care? The Bernoulli numbers and Bernoulli polynomials come up all over number theory: • Of course, the formulas in Exercise 9(f) above are handy to have (in number theory as well as in calculus and elsewhere). This was in fact the reason Jakob Bernoulli first studied the polynomials.

.

250

Appendix B. Projects • The Riemann zeta function, defined by ζ(s) = 1−s + 2−s + 3−s + 4−s + 5−s + · · · =



n−s ,

n=1

which is the subject of the celebrated Riemann hypothesis, can be shown to satisfy ζ(2k) = (−1)k+1

(2π)k B2k , 2(2k)!

for k ∈ N.

• In 1847 Ernst Kummer showed that Fermat’s last theorem was true for those exponents that are regular primes; a prime p is regular ⇐⇒ p does not divide the numerators of b2 , b4 , . . . , bp−3 . That still leaves all the irregular primes, but it was a major step forward in showing that Fermat’s last theorem was true. √ • For certain rings R such as the Z[ d]’s you may have worked with in the exercises, the class number of R is a measure of how badly unique factorization fails; many class numbers may be calculated using Bernoulli numbers. • In my Ph.D. dissertation, a theory of integration in the p-adic numbers is developed. It turns out that the formula in Exercise 9(g) is crucial in that development, and the Bernoulli polynomials form the basis for the work my advisor and I did on p-adic integration.

Further facts:

• Though the Bernoulli numbers b1 , b2 , b4 , b6 , . . . are non-integral rational numbers, they are close to being integral; in fact, bk +

1 ∈ Z. p

(p−1)|k

• For x ∈ R, define {x} = x − x , so 0 ≤ {x} < 1. Then the Bernoulli function Bk (x) = Bk ({x}) is periodic with period 1. By Exercise 9(e), the functions Bk are continuous for k ≥ 2. They have Fourier series expansions given by

Bk (x) =

−k! (2πi)k

n∈Z, n =0

e2πinx . nk

Appendix B. Projects

251

Factorization of

Factorization of

k

denominator of bk

k

denominator of bk

8

2·3·5

56

2 · 3 · 5 · 29

10

2 · 3 · 11

58

2 · 3 · 59

12

2 · 3 · 5 · 7 · 13

60

2 · 3 · 5 · 7 · 11 · 13 · 31 · 61

14

2·3

62

2·3

16

2 · 3 · 5 · 17

64

2 · 3 · 5 · 17

18

2 · 3 · 7 · 19

66

2 · 3 · 7 · 23 · 67

20

2 · 3 · 5 · 11

68

2·3·5

22

2 · 3 · 23

70

2 · 3 · 11 · 71

24

2 · 3 · 5 · 7 · 13

72

2 · 3 · 5 · 7 · 13 · 19 · 37 · 73

26

2·3

74

2·3

28

2 · 3 · 5 · 29

76

2·3·5

30

2 · 3 · 7 · 11 · 31

78

2 · 3 · 7 · 79

32

2 · 3 · 5 · 17

80

2 · 3 · 5 · 11 · 17 · 41

34

2·3

82

2 · 3 · 83

36

2 · 3 · 5 · 7 · 13 · 19 · 37

84

2 · 3 · 5 · 7 · 13 · 29 · 43

38

2·3

86

2·3

40

2 · 3 · 5 · 11 · 41

88

2 · 3 · 5 · 23 · 89

42

2 · 3 · 7 · 43

90

2 · 3 · 7 · 11 · 19 · 31

44

2 · 3 · 5 · 23

92

2 · 3 · 5 · 47

46

2 · 3 · 47

94

2·3

48

2 · 3 · 5 · 7 · 13 · 17

96

2 · 3 · 5 · 7 · 13 · 17 · 97

50

2 · 3 · 11

98

2·3

52

2 · 3 · 5 · 53

100

2 · 3 · 5 · 11 · 101

54

2 · 3 · 7 · 19

102

2 · 3 · 7 · 103

252

Appendix B. Projects

Project D: Polygons in Lattices In this project we will find, and justify, an easy formula to calculate the areas of simple polygons that are formed on a (square) lattice. Exercise 1: On page 256 you will see a lattice of points that looks like a pegboard. The lattice is the subset L = Z2 ⊆ R2 ; L = {(a, b) ∈ R2 : a, b ∈ Z}. It turns out that if you draw a polygon using only straight lines to connect points of the lattice (and the lines you draw never intersect), the area of the polygon is easy to find. There is a formula for the area of such a figure, based only on two numbers: let I be the number of interior lattice points (those entirely within the polygon) and let B be the number of lattice points that are on the boundary of the polygon. Your task is to find a formula for the area A based on the two numbers I and B. An (incorrect) example of such a formula would be A = B 2 sin(3I). Some examples of polygons are drawn for you in Figure 39 on page 255. Your answer to this question should consist of a formula and some indication of how you arrived at it. (Page 256 has an empty lattice, if you wish to draw your own figures to test conjectures, etc.) Exercise 2: As an easiest case, show that your formula is correct for all rectangles with sides parallel to the axes (Figure 34).

Figure 34: Rectangles with sides parallel to the axes Exercise 3: Now cut such a rectangle diagonally and show that your formula is correct for all right triangles with legs parallel to the axes (Figure 35). Exercise 4: Show that if your formula works for two separate figures P and Q, then it works when P and Q are joined to form a single figure (Figure 36). Exercise 5: Show that if your formula works for a figure P , and it also works when P and Q are joined to form a single figure, then your formula works for the separate figure Q also (Figure 37). Exercise 6: Use the previous exercises to show that your result works for any triangle drawn in the lattice (Figure 38).

Appendix B. Projects

Figure 35: Triangles with legs parallel to the axes

Figure 36: Two separate polygons, joined

Figure 37: One polygon, separated into two polygons

253

254

Appendix B. Projects

Figure 38: Triangles with any orientation Exercise 7: Since any polygon can be cut up into triangles, Exercises 4 and 6 show that your formula works for any (simple) polygon drawn on the lattice. Use your formula to find the area of the polygon shown in Figure 40.

(Most of the) Data for Figure 39 B (Boundary)

I (Interior)

A (Area)

small square

4

0

1

small rectangle

6

0

2

medium rectangle

0

3

long rectangle

0

4

small triangle

0

1/2

medium triangle

0

2

large triangle

1

9/2

backwards “L”

0

4

“I”

0

8

pointy triangle

0

3

6

11

“E”

0

11

“F”

0

10

“M”

0

14

1

4

large square

4

9

fat “T”

7

14

20

37

Figure

“D”

medium square

monster

12

8

36

Exercise 8: Show that your formula does not work when the polygon is not simple. Can you conjecture a rule for the areas of non-simple polygons (Figure 41)?

Appendix B. Projects

255

Figure 39: Some simple polygons

Figure 40: A more complicated polygon

Figure 41: Some non-simple polygons

256

Appendix B. Projects

Figure 42: A blank lattice upon which you may practice

Appendix B. Projects

257

Project E: Primes of the form p = x2 + y 2 Your goal in this project is to prove a conjecture most of you made on Exercise 5, Section 2. Theorem 31 Let p > 2 be a prime integer. Then p can be written as p = a2 + b2 ⇐⇒ p is of the form p = 4k + 1. Exercise 1: Prove the forward implication. That was easy; the rest of the project is devoted to proving the other implication. We start by defining the set S = {(x, y, z) ∈ N3 : x2 + 4yz = p}. Exercise 2: You have been assigned a prime, p (see the Table 18 on page 258). Find the set S, based on your prime p. Exercise 3: Prove that the set S is finite (no matter what prime p is chosen). Now define a map f : N3 → N3 by ⎧ ⎪ ⎨(x + 2z, z, y − x − z) f (x, y, z) = (2y − x, y, x − y + z) ⎪ ⎩ (x − 2y, x − y + z, y)

if x < y − z if y − z < x < 2y if 2y < x.

Exercise 4: Prove that f does in fact map elements of N3 to elements of N3 . Exercise 5: Prove further that f maps S to S. Exercise 6: For your set S, describe the action of f on S. Exercise 7: Show that if f has a fixed point (that is, a solution to f (x, y, z) = (x, y, z)), that it must take the form (1, 1, p−1 4 ), and thus that the fixed point is unique. Exercise 8: Prove that if p is of the form p = 1 + 4k, then the point (1, 1, k) is a fixed point for f . Conclude that p = 4k + 1 ⇐⇒ the function f : S → S has a unique fixed point. Exercise 9: Show that the function f is an involution, that is, that f ◦ f is the identity. You will want to consider cases here. Exercise 10: Use Exercises 8 and 9 to conclude that S always has an odd number of elements. Hint: pair up the elements as (P, f (P )) and note that the unique fixed point pairs up with itself.

258

Appendix B. Projects

Exercise 11: As a general lemma, show that if X is a finite set with an odd number of elements, any involution ι : X → X must have at least one fixed point. Exercise 12: Now define g : N3 → N3 by g(x, y, z) = (x, z, y). Prove that g also maps S to itself, and that it is an involution on S. Conclude that S has a fixed point under g, which must be of the form (a, c, c). Show that this gives the desired solution: p = a2 + (2c)2 . In fact you have shown the stronger statement that a prime p is of the form p = 4k + 1 =⇒ p can be written uniquely as p = a2 + b2 . Exercise 13: For your set S, describe the action of g on S. Give the unique solution (in positive integers a and b) to p = a2 + b2 for your prime, p. student

prime 197 181 173 157 149 137 113 109

Table 18: For Exercise 2 Most of the material for this project was taken from the excellent book [Moll]. The author of that work references the article [Zagier].

Appendix B. Projects

259

Project F: The p-adic Numbers The real numbers R may be thought of as being built out of the rational numbers Q by filling in the holes through the use of limits. This is implicit in decimal notation, as we write “π = 3.1415926 . . .” to mean that the number ∞ π1 is the limit 314 3141 , , , . . . . Similarly, e = of the rational numbers 31 , 31 k=0 k! means e is 10 100 1000  1 . To create the p-adic defined to be the limit of the rational numbers qn = nk=0 k! numbers, denoted Qp , we fill in the holes in a different manner. The p-adic norm: Given a field A and a function f : A → R we say that f is a norm if • f (a) > 0 for all a = 0 and f (0) = 0

(positive-definiteness)

• for all a, b ∈ A, f (a · b) = f (a) · f (b)

(multiplicativity)

• for all a, b ∈ A, f (a + b) ≤ f (a) + f (b)

(triangle inequality).

The usual absolute value (also known as the Archimedean norm), |·| : Q → R, satisfies the properties; in addition, there is a non-Archimedean norm associated to each positive prime, p. We define the p-adic absolute value |·|p : Q → R as follows: |0|p = 0. Given q ∈ Q× , write q = ab with (a, b) = 1, a ∈ Z, and b ∈ N (convince yourself that this representation is unique). Then the prime factorizations  consider  of a and of b. If (ab, p) = 1, then define |q|p =  ab p = 1. Otherwise, p appears in n the prime factorization of a, or of b, but not in  both. If p is the highest power of p that divides the numerator a then |q|p =  ab p = p−n . If pm is the highest power   of p that divides the denominator b then |q|p =  ab p = pm . Thus, for example,

  − 

    32 · 5  32 · 5    = 23 · 72 · 11 p  23 · 72 · 11 p

⎧1 ⎪ ⎪ 9 ⎪ ⎪1 ⎪ ⎪ ⎪ ⎪5 ⎨ 8 = ⎪ 49 ⎪ ⎪ ⎪ ⎪ ⎪11 ⎪ ⎪ ⎩ 1

if p = 3 if p = 5 if p = 2 if p = 7 if p = 11 else.

Representations in base p: Choose a positive prime, p. Each positive integer can be written uniquely in base p by expressing it as a polynomial in p, with coefficients that are non-negative but less than p: 100 = 1 + 0 · 3 + 2 · 32 + 0 · 33 + 1 · 34 , and 142 = 1 + 2 · 3 + 0 · 32 + 2 · 33 + 1 · 34 . Denote by Dp the set of digits {0, 1, 2, . . . p − 1}. Then the representations are unique: ⎫ ⎧ M ⎬ ⎨

aj pj : aj ∈ Dp , M ∈ W, aM = 0 . N= ⎭ ⎩ j=0

For typographical reasons, I will write the expansion as a0 .a1 a2 a3 · · · aM ; thus for example, we have 100 = (1.0201)3

and

142 = (1.2021)3 .

260

Appendix B. Projects

You may confirm that 125 = (1.011111)2 = (2.2111)3 = (0.01)5 = (6.32)7 = (4.01)11 , etc. The number zero is of course written as (0.)p (all digits are zero). What about the negative numbers? It turns out that we are forced to write them as infinite series in p: −100 = (2.2021222222 . . .)3 , or better yet −100 = (2.20212)3 . This may seem since we are adding higher and higher powers of p, but note  bizarre,  that limk→∞ pk p = 0, and these series converge! Exercise 1: Confirm that −N

= {−n ∈ Z : n ∈ N} ∞

aj pj : aj ∈ Dp , = j=0

and there is M ∈ W such that aj = p − 1 for all j ≥ M .

Now that we have represented the integers in this way, two natural questions arise: what is the set ⎫ ⎧ ∞ ⎬ ⎨

aj pj : aj ∈ Dp ? Zp = ⎭ ⎩ j=0

and what about the rational numbers? The questions are related, in fact, but we will work on them in order. If q = ab ∈ Q and (b, p) = 1 then q can be written as an element of Zp : there is a simple way, involving a geometric series. Suppose we wish to express, for example, 9/7 in Z5 . Then we have 9 7

5 5 · 2232 =2− 7 7 · 2232 11160 1 = 2− = 2 − 11160 · 6 15624 5 −1 1 = 2 + 11160 · 1 − 56 = 2 + 11160 · (1 + 56 + 512 + 518 + · · · ). = 2−

It is now a simple matter to write 11160 in base 5 as 11160 = 0 · 1 + 2 · 5 + 1 · 52 + 4 · 53 + 2 · 54 + 3 · 55 = (0.21423)5 , and thus

9 = (2.0)5 + (0.21423)5 = (2.214230)5 . 7

In general, we round q up (to make the negative signs work out) to the nearest integer, take the fractional part (which is between 0 and 1) and multiply top and bottom so that the bottom is in the form pt − 1, and then use a geometric series as above. We will always get a repeating pattern to the digits: convince yourself that even when the integer part is negative (and thus has an infinite number of digits), we will still get digits that eventually repeat.

Appendix B. Projects

261

Now, what happens when p|b? Well, it is a simple matter to factor out all the ps from the denominator, and proceed as above. What happens when we multiply all the ps back in? We get a Laurent series in powers of p: define ⎧ ⎫ ∞ ⎨

⎬ Qp = aj pj : aj ∈ Dp , m ∈ Z, am = 0 {0}. ⎩ ⎭ j=m

Thus each element of Qp is a series in powers of p, with coefficients in Dp , and there are only finitely many negative powers of p. A typical element of Qp will look like, for m ∈ N, a−m a−m+1 a−m+2 a−1 + a0 + a1 p + a2 p 2 + · · · + ak p k + · · · , + m−1 + m−2 + · · · + pm p p p where the digits aj are taken from the set Dp = {0, 1, 2, . . . , p − 1} and a−m = 0. So far, this looks very much like decimal notation, though you should note that the powers of p are in the opposite order of the powers of 10. A real number can be written in decimal notation with a finite number of positive powers of 10: a typical real number has the form am ·10m +am−1 ·10m−1 +am−2 ·10m−2 +· · ·+a1 ·10+a0 +a−1 ·10−1 +a−2 ·10−2 +· · · , with ai ∈ {0, 1, 2, 3, 4, 5, 6, 7, 8, 9}, and m ∈ N. In decimal notation we call the symbols ai digits, and a1 is the tens digit, a0 is the ones digit, a−1 is the tenths digit, etc. So far all we have is a set, Qp (together with a map from Q into Qp ). But Qp is actually a ring, with addition and multiplication defined just as in decimal notation: add corresponding digits, but carry (in the correct direction!) if necessary. (In fact, it is not hard to show that, with this definition, Qp is in fact a field. You may do so for extra credit.) Thus you may check that in Q7 we have     2 4 5 2 2 + 2 + 4 · 7 + 6 · 7 + 3 + 6 · 7 + 2 · 7 + + · · · + + · · · 72 7 7 2 2 = 2 + + 6 + 3 · 7 + 2 · 72 + · · · 7 7 and



2 5 + + 2 + 4 · 7 + 6 · 72 + · · · 72 7 1 6 3 = 3 + 2 + + 5 + ··· . 7 7 7

   4 2 + 3 + 6 · 7 + 2 · 7 + ··· · 7

Again for typographical reasons, I will write the two calculations as (252.46 . . .)7 + (43.62 . . .)7 = (226.32 . . .)7 and (252.46 . . .)7 · (43.62 . . .)7 = (1635.3 . . .)7 Exercise 2: Show that the rational number (1.110)2 ,

(21.0)3 ,

(0.231)5 ,

5 can be expressed as 3 (4.2)7 ,

and

(9.37)11 .

262

Appendix B. Projects

Exercise 3: Express

98 as an element of Q7 . 5

Exercise 4: One can of course go in the other direction, in much the same way that one can show that the real number 15.3142 = 153127 9999 . Express (34.423)5 and (0.04316)7 as rational numbers. Exercise 5: Explain why, for q ∈ Qp , q ∈ Q ⇐⇒ q has a terminating or repeating representation in Qp .

Exercise 6: Find the first five 5-adic digits of the number α =

√ 6 by

√  √ 1. showing that  65 = 1 by using the definition ( 6)2 = 6 and the properties of the norm map 2. assuming α can be written as α =



ak · 5k

k=0

 3. writing 6 = α2 =



2 ak · 5k

, collecting like terms, and solving for a0 , a1 ,

k=0

. . . , a4 . (You will have to make a choice, since there are two answers.) Exercise 7: Find the first five 5-adic digits of the number β = i. (You will first need to express −1 as element of Q5 .) √ √ Exercise 8: Explain why 2 ∈ Q7 (you need not find many digits of 2, but explain why they could be found, if needed), but i does not exist in Q7 (that is, x2 + 1 = 0 has no solutions in Q7 ). Exercise 9: Explain why neither



6 nor i exists in Q3 .

Now that you have some familiarity with Qp , we extend the definition of the p-adic −n where an absolute value to |·|p : Qp → R by defining, for z ∈ Q× p , |z|p = p is the first non-zero digit of z; that is, an is the coefficient of the lowest power of p (for k < n, the coefficient ak = 0). This definition is consistent with the p-adic absolute value defined earlier on Q, and with this definition we may say that Zp = {z ∈ Qp : |z| ≤ 1}, so Zp is the unit disk in Qp . Exercise 10: (For those who have taken analysis—this is a self-graded exercise.) Convince yourself that Qp is complete. For everyone, the content of Exercise 10 is that Qp fills in the holes in Q, and so Qp is a number-theoretic analog to the analysts’ R: a geometric extension of Q, with no holes. It is a place where one can do calculus and analysis, since limits exist. Another way to say this is that we are using analysis tools and geometry to do arithmetic: the size of a number depends on how divisible it is by the prime p.

Appendix B. Projects

263

Consequences: Exercise 11: Show that the p-adic absolute value defined above satisfies the three axioms a norm must satisfy (listed on page one). Exercise 12: Show that the p-adic absolute value defined above satisfies a stronger third condition: for all a, b ∈ Qp , f (a + b) ≤ max{f (a), f (b)}. This property is called the non-Archimedean property; the reason for this name is that the Archimedean property of the integers states that for any real number x, there exists an integer n with n > x. However, by contrast, we have this: Exercise 13: Show that z ∈ Z =⇒ |z|p ≤ 1. That is, the integers lie in the unit ball of Qp , which is Zp . (This is surprising.) Extra Credit: Show that the integers are dense in the unit ball Zp . Extra Credit: Show that the positive integers are dense in Zp . Extra Credit: Let p be an odd prime. Show that the positive even integers are dense in Zp . (I needed this result in my dissertation.) Any norm defined on a field A gives a distance function d : A × A → R; namely d(a, b) = norm of (a − b). Given a ∈ Qp and r ∈ R, r > 0, define the open ball B(a, r) = {b ∈ Qp : |a − b|p < r} and the closed ball B[a, r] = {b ∈ Qp : |a − b|p ≤ r}. We may thus rephrase Exercise 13 as saying that Z ⊆ Zp = B[0, 1]: the integers lie in the closed unit ball centered at the origin. (This is surprising.) Exercise 14: Show that for all a, b, and c, the distance property given by the p-adic norm satisfies d(a, c) = max{d(a, b), d(b, c)} if d(a, b) = d(b, c). Conclude that in Qp , all triangles are isosceles. (This is surprising.) Exercise 15: Given a, b ∈ Qp , and positive real numbers r1 and r2 , show that B(a, r1 ) ∩ B(b, r2 ) = {} or B(a, r1 ) ⊆ B(b, r2 ) or B(b, r2 ) ⊆ B(a, r1 ). Thus open balls in Qp never intersect non-trivially. (This is surprising.) In contrast with R, series in Qp are easy to analyze: a series



k=0

ak , ak ∈ Qp , converges ⇐⇒ lim |ak |p = 0. (This is surprising.) k→∞

264

Appendix B. Projects



1 k x , the k! k=0 denominators, which make the series converge for all x ∈ R, now make convergence much more difficult in Qp .

That’s the good news. The bad news is that in series like ex =



∞ 

n pk

 n

≥ p 1−p . Conclude that ex converges Exercise 16: Show that |n!|p = p   1 for x ∈ B 0, p 1−p . In particular, the number e doesn’t exist in Qp , even though the function ex does. (This is surprising.) k=1



(−1)k+1

(x − 1)k converges for k k=1 x ∈ B(1, 1). The logarithm function thus has a larger radius of convergence than the exponential function. (This is surprising.) Exercise 17: Show that the function log(x) =

Okay, that was fun, but why do we care?

• This construction allows us to use analysis tools to study algebraic objects. Much as I usually prefer algebra over analysis, it can be a very powerful tool. • There are many possible norms on Q, but one can prove that each is equivalent to the usual absolute value or to one of the p-adic norms. If only for the sake of diversity, we should study them. • Seeing the construction of the p-adic numbers Qp as a completion of Q, and how it mirrors the construction of R from Q, can be very illuminating. Many students think of R as a simple object, but it isn’t. R is a very complicated object (it can be thought of as an infinite-dimensional vector space over the field Q, and the degree of the extension is not just infinite, it is uncountably infinite). • One way to build analysis is to start with Q, do a geometric completion and get R, and then do an algebraic completion and get C, which is both algebraically complete and geometrically complete (and is only a degree-two extension of R). Alternatively, one can start with Q, form the algebraic completion A = Q, and then do a geometric completion, again getting C. If you use the p-adic norm, things are a little trickier. A geometric completion gets you Qp , as outlined in this project. Then an algebraic completion gets you Qp . This field is not geometrically closed, so you can make a geometric completion once again. In theory, this could go on forever, but in fact this is the last step: the geometric closure of Qp is algebraically complete as well as geometrically complete. We thus denote this enormous field Cp , in analogy with C. Again, seeing this construction in such an unfamiliar setting (I am nowhere close to understanding all of this) helps us to see the construction of C in a very different light. Though algebraically complete and geometrically complete, like C, Cp has some real differences from C: Cp is not locally compact, and Cp is totally disconnected. (This is surprising.)

Appendix B. Projects

265

• p-adic L-functions are in my Ph.D. dissertation, which is entitled The Eisenstein Distribution, p-adic L-Functions, and Dedekind Symbols (Boston University, 1997). Most of the material for this project was taken from the excellent book [Koblitz]. I also used the book [Gouvea].

266

Appendix B. Projects

√ Project G: The Arithmetic of Z[ 5] and of Z[ω] In this project we will mimic Section 45 and Section √ 46 of the text and try to examine the arithmetic of two closely related rings, Z[ 5] and Z[ω]. Here we define ω, the golden ratio, as the positive root of the polynomial x2 − x − 1. (The notation for the golden ratio has not been standardized; some authors call it ϕ. We will not use this Greek letter, for obvious reasons.) Furthermore, we have √ √ Q[ 5] = {a + b 5 ∈ R : a, b ∈ Q}, √ √ Z[ 5] = {a + b 5 ∈ R : a, b ∈ Z}, and Z[ω] = {a + bω ∈ R : a, b ∈ Z}.

Part One √ √ Exercise 1: Show that if we define N : √ Z[ 5] ⊆ Z[ω] √ ⊆ Q[ √5]. Furthermore, √ Q[ 5] → Q by N (a + b 5) = (a + b 5)(a − b 5) = a2 − 5b2 , show that √ (a) In Q[ 5], N (z) = 0 ⇐⇒ z = 0. (b) If z ∈ Z[ω], then N (z) ∈ Z. (c) In Z[ω], we may calculate N (a + bω) by using the formula N (a + bω) = a2 + ab − b2 . (d) Since ω 2 − ω = 1, we see that ω(ω − 1) = 1. We will define the conjugate of ω to be ω − 1. Does this agree with the usual definition? (e) Show that N (a + bω) = (a + bω)(a − b(ω − 1)). √ √ Exercise 2: The prime 5 factors as 5 = ( 5)2 in Z[ 5]. Show that 5 ramifies in Z[ω] also (the definition of ramify is in Section 37). Exercise 3: We already know (from Exercise 5 in Section 35 on page 143) that for a prime integer p √ we can write ±p = a2 − 5b2 ⇐⇒ p is not prime in Z[ 5]. Show the analogous fact for Z[ω]: we can write ±p = a2 + ab − b2 ⇐⇒ p is not prime in Z[ω]. Exercise 4: Show that for a prime integer p, we can write ±p = a2 − 5b2 =⇒ p = ±5 or p ≡ ±1 (mod 5). Exercise 5: Show that for a prime integer p, we can write ±p = a2 + ab − b2 =⇒ p = ±5 or p ≡ ±1 (mod 5).

Appendix B. Projects

267

√ √ Exercise 6: Unlike Z[ √−3] and Z[ρ], Z[ 5] and Z[ω] have many units. Find a fundamental unit for Z[ 5]. Exercise 7: Find the continued fraction for ω and calculate the first eight convergents to ω. Do you notice anything interesting about the entries in the amazing array? Exercise 8: Show that Fn + Fn+1 ω is a unit for all n ∈ W. Here Fn is the nth Fibonacci number (see Exercise 12, page 24 for a definition). For extra credit, give the inverse of Fn + Fn+1 ω explicitly. Exercise 9: Show that, given elements of Z[ω] a and b, with b = 0, that one can find q and r ∈ Z[ω] with a = bq + r and 0 ≤ |N (r)| ≤ 34 |N (b)|. Conclude that Z[ω] has a Euclidean algorithm, and thus that Z[ω] has unique factorization. Exercise 10: Use the unique factorization in Z[ω] to show that for a positive prime p = 5, we have   5 = +1 =⇒ p is not prime in Z[ω]. p Exercise 11: Conclude that for an odd prime integer p = ±5, we have le carr´e: p can be written as p = a2 + ab − b2 

⇐⇒

p ≡ ±1 (mod 5)

⇐⇒

p is not prime in Z[ω]    5 = +1. p

√ √ Our next objective is to get le carr´e for Z[ 5]. If we have a p that factors in Z[ 5], then that factorization √ carries over to the larger ring, Z[ω]. How do we go the other way? As in the Z[ −3] and Z[ρ] situation, one way to proceed√is to adjust any factorization we get in Z[ω] so as to produce a factorization in Z[ 5]. We will then have √ p is not prime in Z[ω] ⇐⇒ p is not prime in Z[ 5] √ and that will give us le carr´e for Z[ 5]. For Exercises 12–14, suppose p is an odd positive prime, and p factors in Z[ω] as p = (a + bω)(c + dω). √ Exercise 12: Show that if b and d are both even, then p factors in Z[ 5]. Exercise 13: Show that if one of b and d is odd and the other is even, then a and c are both odd. But this leads to a contradiction, so this case is ruled out. Exercise 14: Show that if b and d are both odd, then without loss of generality, you may assume a is odd and c is even. Then rewrite p = (a + bω)(c + dω) as p = ((a + bω)ω)((c + dω)(−1 + ω)).

268

Appendix B. Projects

√ Conclude that p factors in Z[ 5], and thus for an odd prime integer p = ±5, we have le carr´e √ p can be written as p = a2 − 5b2 ⇐⇒ p is not prime in Z[ 5]     5 p ≡ ±1 (mod 5) ⇐⇒ = +1. p

Exercise 15: The prime integer 19 factors as 19 = (4 + ω)(5 − ω). Show √ that 4 + ω and 5 − ω are primes in Z[ω]. Factor the integer√19 into primes Z[ 5], and show that the two factors you obtain are primes in Z[ 5]. Repeat this exercise starting with of 19 into primes in √ √ 19 = (11 + 17ω)(28 − 17ω). Find another factorization Z[ 5]. Relate this exercise to whether or not the rings Z[ 5] and Z[ω] have unique factorization. Exercise 16: Let p = 29. Illustrate the four facts in le carr´e in Exercise 11 explicitly, for p = 29. Do the same for le carr´e in Exercise 14. Repeat this for p = 41 and p = 109. Present your results in table form, like Table 19 on page 269.

Part Two Finally, we would like to show that every unit in Z[ω] is in the form ±ω k for k ∈ Z; equivalently, Z[ω]× = {±1} ∪ {±(Fn + Fn+1 ω) : n ∈ Z} ∪ {±(Fn+1 − Fn ω) : n ∈ Z}. Exercise 17: Assume that u = a + bω is a unit in Z[ω]. If either a or b is zero, show that u ∈ {±1, ±ω}. Exercise 18: Assume that u = a + bω is a unit in Z[ω]. Show that b − aω, −b + aω, and −a − bω are all units also. Exercise 19: Assume that u = a + bω is a unit in Z[ω]. By Exercises 17 and 18 we may assume that a and b are both positive. Show that if a = b then a = b = 1, so u = 1 + ω = ω 2 . Also show that if a = b, then a < b. Exercise 20: Assume that u = a + bω is a unit in Z[ω]. By the previous exercises, if u = 1 + ω, we may assume 0 < a < b. Show that c + dω = u(ω −1 ) = u(−1 + ω) is also a unit, with 0 < c and d < b. Conclude that we may divide out ω repeatedly until c = d = 1. Thus u = (1 + ω)ω k = ω k+2 for some k ∈ N. Exercise 21: Show that ω n = Fn−1 + Fn ω for n = 2, 3, 4, . . . . Conclude that, by Exercises 18 and 20, Z[ω]× = {±1} ∪ {±(Fn + Fn+1 ω) : n ∈ Z} ∪ {±(Fn+1 − Fn ω) : n ∈ Z}. Exercise 22: Exercise 20 shows that if u = a + bω is a unit with a and b positive, then u = ω n for n = 2, 3, 4, . . . . The case with a and b negative is thus easy: if u = a + bω is a unit with a and b both negative, then u = −ω n for n = 2, 3,

Appendix B. Projects

269

4, . . . . What if a is positive and b is negative? Show that if u is a unit in Z[ω] and u = c − dω for positive integers c and d, then c = d =⇒ c = d = 1, and otherwise 0 < d < c. Exercise 23: Finally, show that if u = c − dω is a unit in Z[ω] with 0 < d < c, then u(−ω) = a − bω with 0 < a < c and b > 0. Conclude that after multiplying by −ω repeatedly, we must get 1 − ω = (−ω)−1 . Thus u(−ω)k = (−ω)−1 , so u = ±ω −m for some m = 2, 3, 4, . . . . Exercise 24: Putting this all together, conclude that (in addition to the expression in Exercise 21) Z[ω]× = {±ω k : k ∈ Z}.

p = 29

p = 41

p = a2 + ab − b2 p factors in Z[ω] p≡

(mod 5)

Solutions to x2 ≡ 5 (mod p) p = a2 − 5b2 √ p factors in Z[ 5] Table 19: For Exercise 16

p = 109

270

Appendix B. Projects

Project H: Arithmetic Functions and Dirichlet Series In Project A we looked at several arithmetic functions f : N → Z. One way these are studied systematically is in terms of generating functions, which some of you have seen in combinatorics or other courses; these were also used in Project C. Although the generating functions you are used to are all power series in x or t, we will look at number-theoretic generating functions, or Dirichlet series, that take a different form. Given a function f : N → C, we define the associated Dirichlet series by Df (s) =



f (n)n−s = f (1) + f (2)2−s + f (3)3−s + f (4)4−s + · · · .

n=1

The differences are that our variable is s, not x or t; the starting index is one, not zero; and the variable appears in the exponent, not the base. Thus instead of an infinite polynomial, we have an infinite sum of exponentials. (All the functions we will deal with will be functions from N → Z, and we will treat Dirichlet series as formal objects, i.e., there are no questions of convergence; but in their most general form, Dirichlet series have complex coefficients, and s is considered a complex variable: s ∈ C.) Suppose we have functions p, q : N → Z defined by √ n −1 if n is a prime p(n) = and q(n) = 1 1 else,

if n is a perfect square else.

Then we can construct Dirichlet series from each and get Dp (s) =



p(n)n−s = 1 − 2−s − 3−s + 4−s − 5−s + 6−s − 7−s ± · · ·

n=1

and Dq (s) =



q(n)n−s = 1 + 2−s + 3−s + 2 · 4−s + 5−s + 6−s + 7−s + 8−s + 3 · 9−s + · · · .

n=1

Just as with regular generating functions, we may combine these two by multiplying to get

Dp (s) · Dq (s) = 1 − 2−s − 3−s + 4−s − 5−s + 6−s ± · · ·

· 1 + 2−s + 3−s + 2 · 4−s + 5−s + 6−s + 7−s + · · · ∞

v(n)n−s = n=1

= Dv (s). for some function v : N → Z. Exercise 1: Calculate v(n) for n = 1, 2, 3, 4, 5, 6, 7, 8, 9, and 10.

Appendix B. Projects

271

We may generalize this to the product of any two functions: if Df (s) =



f (n)n

−s

and

Dg (s) =

n=1



g(n)n−s ,

n=1

then the product Df (s) · Dg (s) = Dh (s) is a new Dirichlet series, and the formula for the coefficient function h(n) is n

f (d)g h(n) = . d d|n, d>0

Exercise 2: Justify this formula. The formula defines an operation ∗ on the set F = {functions f : N → C}. For f , g ∈ F, define f ∗ g by Df ∗g (s) = Df (s)·Dg (s),

and thus

(f ∗g)(n) =



f (d)g

d|n, d>0

n d

.

The makes the set F into a monoid : a set with an associative binary operation (you may check this yourself) and an identity element. Thus monoids have three of the four properties that define groups, and monoid is to group as ring is to field. A further fact which will be useful in this project is that the operation ∗ is commutative. Exercise 3: Find the identity element for the operation ∗. That is, define a function ι : N → Z such that f ∗ ι = ι ∗ f = f for all f ∈ F. Dirichlet generating functions give us a way to systematically study arithmetic functions. Some examples of arithmetic functions are 1 if n = 1 B(n) = 0 else Pk (n) = τ (n) = σk (n) = ϕ(n) = G(n) = r(n) =

R(n) =

nk , for k ∈ W P0 ∗ P0 Pk ∗ P0 , k ≥ 0 Euler’s ϕ-function 1 if n = a2 + b2 for integers a and b 0 else the number of ways of representing n as n = a2 + b2 (not counting rearrangements and sign changes) 1 if n = a2 − ab + b2 for integers a and b 0 else.

272

Appendix B. Projects

Several other examples (as well as some of these) appeared in Project A. Exercise 4: Note that τ = σ0 (both notations are prevalent in the literature). Show that τ (n) = number of positive divisors of n.

t

Exercise 5: Show that τ (1) = 1. For n > 1, let n = pe11 pe22 pe33 · · · pet t =

pei i be i=1

the unique factorization of n into distinct positive primes. Show that for n > 1, t

τ (n) = (1 + e1 )(1 + e2 )(1 + e3 ) · · · (1 + et ) =

(1 + ei ). i=1

Many arithmetic functions f : N → Z are multiplicative: that is, (m, n) = 1 =⇒ f (m · n) = f (m) · f (n); we have seen in Proposition 21 on page 112 that the Euler ϕ-function is multiplicative, and Exercise 5 shows that τ is multiplicative. It is not hard to show that if f and g are multiplicative, so is f ∗ g. You may use that fact in the rest of this project. When f (m · n) = f (m) · f (n), regardless of (m, n), we say f is completely multiplicative. For multiplicative functions, f (1) = 1 is necessary. Exercise 6: Show that the functions Pk defined above are completely multiplicative. Exercise 7: Generalize Exercises 4 and 5. Let k > 0. Show that σk (n) = sum of the kth powers of the positive divisors of n. Show that σk (1) = 1. For n > 1, let t

n = pe11 pe22 pe33 · · · pet t =

pei i be the unique factorization of n into distinct positive i=1

primes. Use the formula for finite geometric sums to show that t

σk (n) =

k(1+ei )

1 − pi 1 − pki i=1

.

Euler Products The Dirichlet series ζ(s) = DP0 (s) is generally called the Riemann zeta-function; its properties are the subject of the Riemann hypothesis, perhaps the most important open question in number theory at present.

Appendix B. Projects

273

Exercise 8: Show that the Riemann zeta-function can be written as ∞

ζ(s) = n−s n=1

= (1 + 2−s + 4−s + 8−s + · · · )(1 + 3−s + 9−s + 27−s + · · · ) ·(1 + 5−s + 25−s + · · · ) · · · ∞ 

−si p

=

primes p > 0

= primes p > 0



i=0

1 1 − p−s

 .

This may be called the analytic statement of the fundamental theorem of arithmetic; make sure your proof mentions the fundamental theorem of arithmetic. Exercise 9: Substituting in s = 1, we get ∞

1 = n n=1

 primes p > 0

1 1 − p−1

 .

As the harmonic series on the left diverges, this may be thought of as a proof that there are infinitely many positive primes. Explain. Exercise 10: Show that for a multiplicative function f , we have Df (s) =



f (n)n−s

n=1

= f (1) + f (2)2−s + f (3)3−s + f (4)4−s + · · ·

= 1 + f (2)2−s + f (4)4−s + f (8)8−s + · · ·

· 1 + f (3)3−s + f (9)9−s + f (27)27−s + · · · · · · ∞ 

= f (pi )p−si . primes p > 0

i=0

Exercise 11: Show that for a completely multiplicative function f , we may use a geometric series to go a step further: ∞  ∞ 



f (pi )p−si = (f (p)p−s )i Df (s) = primes p > 0

= primes p > 0



i=0

1 1 − f (p)p−s

Exercise 12: We may expand

1 = ζ(s)

primes p > 0



i=0

.

(1 − p−s ) = primes p > 0



μ(n)n−s =

n=1

Dμ (s), for some function μ : N → Z. Give an explicit formula for μ(n). This function is called the M¨ obius μ-function.

274

Appendix B. Projects

Exercise 13: The M¨obius μ-function gives rise to the M¨ obius inversion formula: F = f ∗ P0 ⇐⇒ f = F ∗ μ. Prove this. Hint: F = f ∗ P0 =⇒ F ∗ μ = f ∗ P0 ∗ μ. So prove that P0 ∗ μ = ι. Exercise 14: We have conjectured that ϕ ∗ P0 = P1 . By the previous exercise, this is equivalent to P1 ∗ μ = ϕ. Define A : N → Z by A = P1 ∗ μ. Give a general formula for A(pk ), where p is a positive prime. Does this agree with ϕ(pk )? Use the fact that P1 and μ are multiplicative to conclude that A = ϕ, and thus that ϕ ∗ P0 = P1 . Exercise 15: Give a formula for μ2 = μ ∗ μ. Show that μ2 ∗ τ = ι. Exercise 16: Give a formula for P1 ∗ P1 . Exercise 17: Show that ϕ ∗ τ = σ1 . Illustrate this surprising fact by calculating (ϕ ∗ τ )(n) for n = 18, 42, and 72. Also calculate (ϕ ∗ τ )(p) and (ϕ ∗ τ )(p2 ), where p is a positive prime integer. Extra Credit: Is the arithmetic function G(n) (defined on page 271) multiplicative? is r(n)? Extra Credit: Is R(n) (defined on page 271) multiplicative? The inspiration for this project, and many of the ideas in it, came from the excellent article [Berberian].

Appendix B. Projects

275

Project J: The Geometry of Continued Fraction Convergents The purpose of this project is to use geometry to organize some of our earlier results on convergents to infinite continued fractions, and to provide a partial proof of Theorem 20 (page 139). Let d > 0 be an integer that is not a perfect square. Then we have seen numerical √ evidence that we can√use the convergents to the continued fraction for α = d to find the units in Z[ d]. Namely, we calculate the convergents, and √ we see that eventually we get Pk2 − dQ2k = ±1 for some k ∈ N. Then Pk + Qk d becomes our fundamental unit, and √ √ Z[ d]× = {±(Pk + Qk d)n n ∈ Z}. We will use some geometry in R2 to examine these results. To start, we will consider the line y = √1d x. Since it has an irrational slope, the only point with integer coordinates that lies on it is the origin. However, there are points with integer coordinates (that is, elements of the lattice Z2 ) that lie close to this line. The Metaphor of the Rubber Bands: Now pretend that every point in the integer lattice Z2 = {(a, b) ∈ R2 : a, b ∈ Z} is a peg protruding perpendicular to the plane, and that we have two rubber bands stretched along the line y = √1d x, with one end at the origin and the other end anchored out “at infinity” in the first quadrant. We move one elastic band to the right until its lower left end is at the point (1, 0), and we see which pegs it now touches; we also move the other rubber band up until its lower left end is at the point (0, 1), and also ask what pegs this rubber band touches. In the language of geometry, we have described the convex hulls of two sets in the first quadrant, namely   a S1 = (a, b) ∈ Z2 : a ≥ 0, 0 ≤ b < √ d and S2 =

  a (a, b) ∈ Z2 : a ≥ 0, b > √ . d

We will name these convex hulls H1 and H2 , respectively. Exercise 1: Consider the two hyperbolas x2 − dy 2 = 1 and x2 − dy 2 = −1. Show that the only element of Z2 strictly between them is the origin. Conclude that any first quadrant point on either hyperbola that has integer coefficients must lie in H1 or H2 . Exercise 2: Define points in the plane A0 = (0, 1), Ak = (P2k−2 , Q2k−2 ) for k ≥ 1, and B0 = (1, 0), Bk = (P2k−1 , Q2k−1 ) for k ≥ 1. Show that the A points lie above the line y = √1d x and the B points lie below it. Exercise 3: Show that there are exactly ak + 1 integer points on the line segment connecting the points (Pk−2 , Qk−2 ) and (Pk , Qk ).

276

Appendix B. Projects

Exercise 4: Consider the region R defined by the set of points {. . . , B3 , B2 , B1 , B0 , origin, A0 , A1 , A2 , A3 , . . .}. Use the results of Exercise 11 (page 48) and Project D to show that there are no points inside R. Exercise 5: Show that the boundary of R makes a non-zero change of direction at each point in the list {. . . , B3 , B2 , B1 , B0 , origin, A0 , A1 , A2 , A3 , . . .}. Exercise 6: Conclude that H1 is the set {B0 , B1 , B2 , B3 , . . .} and H2 = {A0 , A1 , A2 , A3 , . . .}.

Figure 43: The geometry of convergents The metaphor of the √ rubber bands thus shows that the convergents to the continued fraction for d (or, really, any irrational number) are the closest rational approximations one can get. Exercises 7–10 expand on that theme. Exercise 7: Show that r ∈ R is irrational if and only if there are infinitely many  p  p 1 rational numbers q such that  q − r  < q2 . Pk be the usual kth convergent to the continued fraction for Exercise 8: Let Q k Pk r ∈ R. Show that if pq is closer to r than the convergent Q is, then q > Qk . k

Exercise 9: Show that  if r ∈ R is irrational then there are infinitely many rational   numbers pq such that  pq − r  < 2q12 .

Appendix B. Projects

277

Exercise 10: Let r ∈ R be irrational. Prove that of any two consecutive  conver P  gents to the continued fraction for r, at least one satisfies the inequality  Q − r < 1 2Q2 .

√ We now show that there is at least one non-trivial element of Z[ d]× : namely, a unit that is neither +1 nor −1. √   Exercise 11: Show that for all n ≥ 0, Pn2 − dQ2n  < 2 d + 1. Hint: difference of squares. √ Exercise 12: Show that there exists an integer M with |M | < 2 d + 1 such that x2 − dy 2 = M has an infinite number of integral solutions (x, y). √ Exercise 13: Conclude that there exists an integer M with |M | < 2 d + 1 such √ that there are infinitely many α ∈ Z[ d] such that N (α) = M . √ Exercise 14: Suppose M ∈ Z and α, β ∈ Z[ d] with N (α) = N (β) = M . Suppose further that α ≡ β (mod M√ ). (What does this statement mean?) Conclude that α = βu for some unit u ∈ Z[ d]. √ Exercise 15: Use Exercise √ 14 to show that Z[ d] has a unit that is neither +1 nor −1. Conclude that Z[ d] has an infinite number of units. Putting the geometry together with the algebra, you have proved most of Theorem 20. Extra Credit: What exactly is missing to complete the proof of Theorem 20?

Bibliography [Apostol] Tom M. Apostol, Introduction to Analytic Number Theory, SpringerVerlag, New York, 1976. [Berberian] S. K. Berberian, “Number-theoretic functions via convolution rings”, Mathematics Magazine, 65–2 (1992), 75–90. [Burton] David M. Burton, Elementary Number Theory, 3rd ed., Wm. C. Brown, Dubuque, 1994. [Davenport] Harold Davenport, The Higher Arithmetic, 8th ed., Cambridge University Press, Cambridge, 2008. [Gouvea] Fernando Gouvˆea, p-adic Numbers, Springer-Verlag, New York, 1993. [Hardy] G.H. Hardy and E. M. Wright, An Introduction to the Theory of Numbers, 5th ed., Oxford University Press, Oxford, 1980. [Hecke] Erich Hecke, Lectures on the Theory of Algebraic Numbers, Springer-Verlag, New York, 1981. [Koblitz] Neal Koblitz, p-adic Numbers, p-adic Analysis, and Zeta-Functions, Springer-Verlag, New York, 1976. [Marcus] Daniel A. Marcus, Number Fields, Springer-Verlag, New York, 1977. [Moll] Victor Moll, Numbers and Functions, American Mathematical Society, 2012. [Wilf] Herbert S. Wilf, generatingfunctionology, Academic Press, San Diego, 1980. [Zagier] Don Zagier, “A one-sentence proof that every prime p ≡ 1 (mod 4) is a sum of two squares”, American Mathematical Monthly, 97–2 (1990), 144.

279

Index p-adics, 259

complex, 145 multiplication by, 44 algebraic integers, 26, 144 continued fraction, 36, 61, 275 algorithm contrapositive, 62 division, 29, 33, 56, 72, 73, 76, 91, convex, 208 171 counterexample in Z, 27 smallest, 15 in Z[η], 191 in Z[ρ], daughter, see Eva √ 182, 187 in Z[√−2], 142 derivative, 105 in Z[ d], 140 Dirichlet series, 270 in Z[θ], 189 discriminant, 53 in Z[i], 130, 132 distributivity, 3, 9, 73 modified, 56, 175 divisibility, 29, 31 Euclidean, 33, 132, 170 division amazing array, 39, 138, 139 long, 91 super, 49 division algorithm, see algorithm, diviapproximation, 243 sion Archimedean property, 263 Eisenstein integers, Z[ρ], 23, 25, 61, 80, arithmetic functions, 38, 270 182 σk , 38 equation ax + by = 1, 35, 62, 68 Euler’s ϕ, 81, 110 Euler’s ϕ function, 81, 110 M¨ obius, μ, 66, 273 Euler’s criterion, 168 tau, τ , 67, 272 Eva, 102 arithmetic progression, 154, 155 even, 28 associate, 133 existence, 28, 65, 135, 150, 174 associativity, 3, 9, 74 Bernoulli numbers, 247 polynomials, 247 Beth, 20 Binet’s formula, 24 binomial coefficient, 19, 64, 241 cancellation, 77 cancellation law, 85 Carly, 102 chemist, 42 class number, 250 congruence, 76 conjugate, 24, 26, 266

Fibonacci numbers, 24, 30, 48, 187, 267 field, 4, 74, 80 football, 41 fundamental region, 208 fundamental theorem of arithmetic, 26, 32, 65, 66, 127, 135, 157 fundamental unit, see unit, fundamental Gauss’s lemma, 172 Gaussian integers, Z[i], 5, 22, 25, 27, 61, 68 generating functions, 248, 270 geometric series, 17 finite, 14 281

282 golden ratio, 61, 266

Index

in 2Z, 70 in Z, 61 Hensel’s lemma, 106, 197 in Z[ρ], √ 26 hyperbola, 275 in Z[ 2], 25 in Z[i], ' (25, 70 Inclusion-Exclusion Principle, 17 in Z 12 , 66 induction of the form x2 + y 2 , 6, 7 strong, 15 of the form x2 − 2y 2 , 6, 7 inert, 151 of the form x2 + 2y 2 , 6, 7 interesting, 12 of the form 3k + 2, 155 irrational, 43 of the form 4k + 3, 154, 155 irreducible, 92 of the form 6k + 1, 186 of the form 6k + 5, 155 Kummer, 250 of the form 8k + 3, 155 of the form 8k + 5, 155 lattice, 69, 208, 275 of the form 8k + 7, 155 Laurent series, 261 of the form a2 − ab + 11b2 , 214 le carr´e, 158, 159, 170, 174, 184, 185, of the form a2 − ab + 2b2 , 80, 214 209, 215, 267, 268 of the form a2 − ab + 3b2 , 80, 214 least common multiple, 33, 67, 137 of the form a2 − ab + 5b2 , 214 Legendre symbol, 164, 171 of the form a2 − ab + b2 , 79, 214 lemma, 8 of the form x2 + 11y 2 , 214 lifting roots, 106, 197 of the form x2 + 19y 2 , 214 limit, 44, 46, 259 of the form x2 + 2y 2 , 214 linear combination, 30, 34, 35, 41, 62, of the form x2 + 3y 2 , 6, 7, 214 133 of the form x2 + 43y 2 , 214 of the form x2 + 7y 2 , 79, 214 M¨ obius inversion formula, 274 of the form x2 + y 2 , 214 Minkowski, 208 of the form x2 − 3y 2 , 6, 7 monic, 91, 93, 144, 249 relatively, 35 monkeys, 101 theorem, 63 multiplicative, 38, 66, 67, 272 primitive root, 119 negative, 3, 4, 8 PVC pipe, 42 niece, see Carly quadratic irrational, 52 norm function, 24–26, 69 reduced, 53 odd, 28 quadratic reciprocity order, 119 law of, 157, 194 evidence, 77 parallelogram area of, 48 Rafael, 102 Pascal’s triangle, 20 ramify, 151, 266 periodic, 250 recurrence relation, 17, 18 pirates, 101 reduced, 53 polynomial relatively prime, 35 counting roots, 90 Riemann hypothesis, 250, 272 long division, 89 Riemann zeta-function, 272 ring, 5, 61, 118, 144 ring, 3, 66, 70, 72, 80 solving polynomial equations, 88 ring of integers, 144 power series, 242, 248 root prime, 5, 61, 62 lifting, 106, 197

Index

283

rubber band, 275

wife, see Beth

Sieve of Eratosthenes, 150 son, see Rafael split, 151 square-free, 24, 127, 139, 144 squares perfect, 7, 154, 157 subring, 11, 71, 80 subtraction, 4 sums of powers, 249

zero-divisor, 8, 10, 30, 74, 82, 134, 163, 164, 168, 204

Taylor series, 106, 242 theorem binomial, 20, 242 Chinese remainder, 96, 107, 197 Dirichlet’s, 154 Euclid’s, 153 Euler’s, 116, 173 Fermat’s last, 250 Fermat’s little, 116 Lagrange’s, 90 prime, 63 prime number, 154 Taylor’s, 242, 247 Wilson’s, 77, 108 threven, 29 totient, 81 Towers of Hanoi, 16 trichotomy, 7, 8, 10, 28 type, 53 unique factorization, 250 in 2Z, 70 in 3Z, 70 in Z, see fundamental theorem of arithmetic in Z[η], 191 in Z[ω], √ 267 in Z[√2], 68 in Z[ d], 27, 142 in Z[i], 27, 68, 70, 135 uniqueness, 6, 12, 28, 65, 135, 150, 174 unit, 4, 26, 62, 66, 69, 74, 81, 82, 119, 133 fundamental, 139, 144 vector, 48, 216 well-ordering principle, 8, 11, 14, 28, 65, 69, 127

AMS / MAA

TEXTBOOKS

A well-written, inviting textbook designed for a one-semester, junior-level course in elementary number theory. The intended audience will have had exposure to proof writing, but not necessarily to abstract algebra. That audience will be well prepared by this text for a second-semester course focusing on algebraic number theory. The approach throughout is geometric and intuitive; there are over 400 carefully designed exercises, which include a balance of calculations, conjectures, and proofs. There are also nine substantial student projects on topics not usually covered in a first-semester course, including Bernoulli numbers and polynomials, geometric approaches to number theory, the p-adic numbers, quadratic extensions of the integers, and arithmetic generating functions.

For additional information and updates on this book, visit www.ams.org/bookpages/text-39

TEXT/39