Download Quantitative Reasoning: Computers, Number Theory and Cryptography: Congruence and more Study notes Mathematics in PDF only on Docsity!
V55.0106 Quantitative Reasoning: Computers, Number Theory and Cryptography
3 Congruence
Congruences are an important and useful tool for the study of divisibility. As we shall see, they are also critical in the art of cryptography.
Definition 3.1 If a and b are integers and n > 0 , we write
a ≡ b mod n
to mean n|(b − a). We read this as “a is congruent to b modulo (or mod) n.
For example, 29 ≡ 8 mod 7, and 60 ≡ 0 mod 15.
The notation is used because the properties of congruence “≡” are very similar to the properties of equality “=”. The next few result make this clear.
Theorem 3.2 For any integers a and b, and positive integer n, we have:
- a ≡ a mod n.
- If a ≡ b mod n then b ≡ a mod n.
- If a ≡ b mod n and b ≡ c mod n then a ≡ c mod n
These results are classically called: 1. Reflexivity; 2. Symmetry; and 3. Transitivity. The proof is as follows:
- n|(a − a) since 0 is divisible by any integer. Therefore a ≡ a mod n.
- If a ≡ b mod n then n|(b − a). Therefore, n|(−1)(b − a) or n|(a − b). Therefore, b ≡ a mod n.
- If a ≡ b mod n and b ≡ c mod n then n|(b−a) and n|(c−b). Using the linear combination theorem, we have n|(b − a + c − b) or n|(c − a). Thus, a ≡ c mod n.
The following result gives an equivalent way of looking at congruence. It replaces the con- gruence sign with an equality.
Theorem 3.3 If a ≡ b mod n then b = a + nq for some integer q, and conversely.
Proof: If a ≡ b mod n then by definition n|(b − a). Therefore, b − a = nq for some q. Thus b = a + nq. Conversely if b = a + nq, then b − a = nq and so n|(b − a) and hence a ≡ b mod n then b = a + nq.
We will use often this theorem for calculations. Thus, we can write 15 ≡ −2 mod 17 by subtracting 17 from 15: −2 = 15 + (−1) · 17. Similarly, 52 ≡ 12 mod 20. Just subtract 40 (2 times 20) from 52.
A simple consequence is this: Any number is congruent mod n to its remainder when divided by n. For if a = nq + r, the above result shows that a ≡ r mod n. Thus for example, 23 ≡ 2 mod 7 and 103 ≡ 3 mod 10. For this reason, the remainder of a number a when divided by n is called a mod n. In EXCEL, as in many spreadsheets, this is written ”MOD(a,n).” If you put the expression =MOD(23,7) in a cell, the readout will be simply 2. Try it!
Another way of relating congruence to remainders is as follows.
Theorem 3.4 If a ≡ b mod n then a and b leave the same remainder when divided by n. Conversely if a and b leave the same remainder when divided by n, then a ≡ b mod n.
Proof: Suppose a ≡ b mod n. Then by Theorem 3.3, b = a + nq. If a leaves the remainder r when divided by n, we have a = nQ + r with 0 ≤ r < n. Therefore, b = a + nq = nQ + r + nq = n(Q + r) + r, and so b leaves the same remainder when divided by n. The converse is straightforward and we omit the proof.
We can now show some useful algebraic properties of congruences. Briefly, congruences can be added and multiplied.
Theorem 3.5 If a ≡ b mod n and c ≡ d mod n then
- a + c ≡ b + d mod n.
- ac ≡ bd mod n.
Proof: Write b = a + nq 1 and d = c + nq 2 , using Theorem 3.3. Then adding equalities, we get b + d = a + c + nq 1 + nq 2 = a + c + n(q 1 + q 2 ). This shows that a + c ≡ b + d mod n by Theorem 3.3.
Similarly, multiplying, we get bd = (a + nq 1 )(c + nq 2 ) = ac + naq 2 + ncq 1 + n^2 q 1 q 2. Thus, bd = ac + n(aq 2 + cq 1 + nq 1 q 2 , and so ac ≡ bd mod n, again by Theorem 3.3.
Some Examples. We have noted that 23 ≡ 2 mod 7. We can square this (i.e. multiply this congruence by itself) to get 23^2 ≡ 4 mod 7. What a nice way to find the remainder of 23^2 when it is divided by 7! Multiply again by 23 ≡ 2 mod 7, to get
233 ≡ 8 ≡ 1 mod 7
So one solution is x = 5. More generally, if x ≡ 5 mod 12 then
5 x ≡ 25 ≡ 1 mod 12
Here is another approach: Start with the equation 5x ≡ 1 mod 12. If this were an equality, we would simply divide by 5 to get x = 1/5. But we are in the realm of integers so this won’t work. Instead we multiply by 5 to get 25x ≡ 5 mod 12 or x ≡ 5 mod 12. Note that we multiplied by 5 to get a coefficient of 1: 5 · 5 ≡ 1 mod 12.
The algebra of congruences is sometime referred to as “clock arithmetic.” This example illustrates this. Imagine you are a mouse and that each day you travel clockwise around a clock, passing through 25 minutes on the clock. You start at 12 o’clock. Here is what you journey will look like:
Start Day 1 Day 2 Day 3 Day 4 Day 5 12 Midnight 5 o’clock 10 o’clock 3 o’clock 8 o’clock 1 o’clock
Note that the transition from 10 o’clock was not to 15 o’clock, but (working mod 12) to 15 mod 12 or 3 o’clock. In terms of clocks, we asked when the mouse would land at the 1 o’clock spot on the clock.
We can quickly find when the mouse will land at 4 o‘clock. The equation is
5 x ≡ 4 mod 12
Multiply by 5 to get 25x ≡ 20 mod 12 or simply x ≡ 8 mod 12. It take 8 days.
Example 3.8 Same clock, different mouse. This mouse goes 23 minutes a day and starts at 12 o’clock. How many days before she reaches 9 minutes before 12?
The appropriate congruence is 23x ≡ −9 mod 60. We’ll use the gcd method and find 1 as a linear combination of 23 and 60. A spreadsheet calculation gives
1 = − 13 · 23 + 5 · 60
Taking this mod 60, we find 23(−13) ≡ 1 mod 60.
Multiply by −9 to get 23(117) ≡ −9 mod 60.
But 117 ≡ 57 mod 60. And so the mouse must travel 57 days to reach 9 minutes before the hour. Note that 57 ≡ −3 mod 60 so the mouse will take 3 days if she goes in the other direction.
Up to now, all of our congruences have been modulo one fixed n. The following results show how to change the modulus in certain situations.
Theorem 3.9 If a ≡ b mod n, and c is a positive integer, then ca ≡ cb mod cn
Proof: This is little more than a divisibility theorem. Since n|(b − a), we have cn|c(b − a) or cn|(cb − ca), and this is the result.
The converse is also valid. Thus, if ca ≡ cb mod cn with c > 0 then a ≡ b mod n.
These results can be stated: A congruence can by multiplied through (including the modulus) and similarly, it can be divided by a common divisor.
Finally, we can mention that if a ≡ b mod n and if d|n, then a ≡ b mod d. We leave the proof to the reader.
We can now tackle the general question of solving a linear congruence ax ≡ b mod n. We will find when this congruence has a solution, and how many solutions it has. We first consider the case gcd(a, n) = 1. (In the examples above, this was the situation.) The following theorem answers this question and also shows how to find the solution.
Theorem 3.10 If gcd(a, n) = 1, then the congruence ax ≡ b mod n has a solution x = c. In this case, the general solution of the congruence is given by x ≡ c mod n.
Proof: Since a and n are relative prime, we can express 1 as a linear combination of them:
ar + ns = 1
Multiply this by b to get abr + nbs = b. Take this mod n to get
abr + nbs ≡ b mod n or abr ≡ b mod n
Thus c = br is a solution of the congruence ax ≡ b mod n. In general, if x ≡ c mod n we have ax ≡ ac ≡ b mod n.
We now claim that any solution of ax ≡ b mod n is necessarily congruent to c mod n. For suppose ax ≡ b mod n. We already know that ac ≡ b mod n. Subtract to get
ax − ac ≡ 0 mod n or a(x − c) ≡ 0 mod n
But this means that n|a(x − br). But since a and n are relatively prime, this implies that n|(x − c) and x ≡ c mod n. This completes the proof.
An important special case occurs when n is a prime p.
Corollary 3.11 If p is a prime, the congruence ax ≡ b mod p has a unique solution x mod p provided a 6 ≡ 0 mod p.
Example 3.14 What is the value of 5 −^1 mod 7?
Method. It is required to find the solution of 5x ≡ 1 mod 7. We can do this using the method of Example 3. Since 3 · 5 + (−2)7 = 1
be observation, we have 3 · 5 ≡ 1 mod 7
So 5−^1 ≡ 3 mod 7, or simply 5−^1 = 3 mod 7, where equality if used because it is understood that we are working mod 7.
Since we are working mod 7, there are only 7 different numbers mod 7, namely the remainders 0 through 6 when a number is divided by 7. So the algebra of numbers mod 7 is a strictly finite algebra. Here is the multiplication table for these numbers mod 7. We omit 0.
× 1 2 3 4 5 6
Multiplication Table mod 7
The number 1 is underlined in the body of the table. The row and column where a 1 appears are inverses, because the product is 1. By observation, we can see that 2 and 4 are inverses mod 7, as are 3 and 5. Both 1 and 6 are self inverses. (Note that 6 = −1 mod 7, and so it is not surprising that 6 is its own inverse: (−1)−^1 = −1.
Let us go one step further with the analogy with ordinary algebra.
Example 3.15 Solve the congruence 8 x ≡ 13 mod 29.
First method. In analogy with algebra we expect the solution x ≡ 13 · 8 −^1 mod 29. So we first compute 8−^1 mod 29. We express 1 as a linear combination of 8 and 29 by the method given in section 1, or using a spreadsheet. A possible result is
1 = 11 · 8 − 3 · 29
Taking this mod 29, we find 8−^1 ≡ 11 mod 29. So, solving for x, we find
x ≡ 13 · 8 −^1 ≡ 13 · 11 = 143 ≡ 27 mod 29
Second method. Using fractions, we write
x ≡
mod 29
Ordinarily, we cancel factors in the numerator and denominator. We can’t do this here, but we can multiply numerator and denominator by the same (non-zero) number. We choose 4, because this gets the denominator close to the modulus 29, making the quotient simpler. Thus
x ≡
mod 29
Now do it again, using a factor 10:
23 3
≡ 27 mod 29
This is the same answer, of course. Here’s the way the full solution works in one line:
x ≡
≡ 27 mod 29
Third method. When we write x ≡
mod 29, we can cancel at least one factor 2, if we
add 29 to the numerator. Thus,
x ≡
≡ 27 mod 29
We don’t necessarily recommend this method, but we use it to illustrate that there are often many ways to attack a problem and to show the inner consistency of our small scale arithmetic.
Divisibility Tricks. The number 345,546,711 is divisible by 3. In fact it is divisible by 9. We can discover this easily using the following trick, which we shall prove.
A number is congruent mod 9 to the sum of the digits in that number.
Here we have
345 , 546 , 711 ≡ 3 + 4 + 5 + 5 + 4 + 6 + 7 + 1 + 1 = 36 ≡ 3 + 6 = 9 ≡ 0 mod 9
In fact, using this result, it is not even necessary to find the sum. There are short cuts. For example 3 + 4 + 5 = 12 which is congruent to its digit sum 1 + 2 = 3 mod 9. Continuing, add 5 + 5 = 10 ≡ 1, so we add 1 to 3 to get 4. And so on. This is a lot easier to do than to explain. Briefly, any time you get a two digit answer, replace it by its digit sum.
The proof of this trick depends on the knowledge that the digits in an expansion of a number represent coefficient of powers of 10. Thus,
3 , 412 = 3 × 103 + 4 × 102 + 1 × 101 + 2 × 1
- How would you interpret the congruence a ≡ b mod 0?
- If a ≡ b mod 4 and a ≡ b mod 5, show that a ≡ b mod 20.
- Prove: a ≡ b mod m and a ≡ b mod n, and gcd(m, n) = 1, then a ≡ b mod mn.
- Find 2^501 mod 17.
- Find 3^701 mod 80.
- Find 7−^1 mod 13.
- Find 13−^1 mod 17.
- Solve for x: 6x ≡ 5 mod 7.
- Solve for x: 7x ≡ 4 mod 11.
- Solve for x: 41x ≡ 5 mod 51.
- Solve for x: 62x ≡ 55 mod 125.
