modulararithmetic - github pagesmodulararithmetic congruence modulararithmetic multiplicativeinverse...

Modular Arithmetic

DefinitionsFundamentaltheorem of arithmeticGCD is a linearcombinationRelative primesModular arithmeticCongruenceModular arithmeticMultiplicative inverseExtended Euclid’sAlgorithm

p. 2

Previously, we defined

Def (Divisibility). We say that a divides b if there is an integer ksuch that

b = a · k.

We write a | b if a divides b. Otherwise, we write a - b.

Theorem (The Division Algorithm). Let a be an integer and d apositive integer. Then there are unique integers q and r, such that0≤ r < d and

a = dq+ r.


p. 3

Fundamental theorem of arithmetic

Def (Prime numbers). A number p > 1 with no positive divisorsother than 1 and itself is called a prime.

Every other number greater than 1 is called composite.

The number 1 is considered neither prime nor composite.

Theorem (Fundamental theorem of arithmetic). Every positiveinteger n can be written in a unique way as a product of primes

n= p1 · p2 · . . . · p j (p1 ≤ p2 ≤ . . .≤ p j)

This product is called prime factorization.

See Lehman and Leighton (p. 67) for the proof.


p. 4

Divisibility by a prime

One more result about primes we are going to use in the future:

Theorem. Let p be a prime. If

p | a1a2 · . . . · an,

then p divides some ai (at least one of them).

Example: If you know that 19 | 403·629, then you know that either19 | 403 or 19 | 629, though you might not know which.


p. 5

GCD is a linear combination

Def (GCD).Theorem (Bezout’s Theorem). If a and b are positive integers,then there exist integers s and t such that

gcd(a, b) = sa+ t b.

Exmaple: gcd(52,44) = 4

6 · 52+ (−7) · 44= 4

So called Extended Euclid’s algorithm constructs such s and t, andso proves the theorem. The algorithm is described in the last sec-tion of this lecture.


p. 6

Relative primes (co-primes)

Def (Relative primes). a and b are relative primes (or co-primes) if

gcd(a, b) = 1.

By Bezout’s theorem, a and b are co-primes if and only if there exists and t such that

sa+ t b = 1


p. 7

Modular arithmetic

. . .− 2 − 1 → 0 1 2 3 4 5 6 → 7 8 . . .

What if instead of integers, we deal with

a finite set of periodically repeating integers?

. . . 5 6 → 0 1 2 3 4 5 6 → 0 1 . . .

For example, the days of the week behave in this way.

Mon, Tue, Wed, Thr, Fri, Sat, Sun,

are followed again by Mon, Tue, and so on.


p. 8

Modular arithmetic

. . .− 2 − 1 → 0 1 2 3 4 5 6 → 7 8 . . .

What if instead of integers, we deal with

a finite set of periodically repeating integers?

. . . 5 6 → 0 1 2 3 4 5 6 → 0 1 . . .

For example, the days of the week behave in this way.

Sun, Mon, Tue, Wed, Thr, Fri, Sat,

are followed again by Sun, Mon, and so on.


p. 9

Modular arithmetic

. . . 5 6 → 0 1 2 3 4 5 6 → 0 1 . . .

We want to add, subtract, multiply, and, hopefully, divide such spe-cial “integers” . . .

4+ 4 is 1

2− 3 is 6

14 · 5 is 0

−7 is 0 is 7 is 14 is 21 . . .

First, we need to rigorously define, which integers can be called“equal” in such modular arithmetic. We will call them congruent.


p. 10

CongruenceDef. For a positive integer n, a is congruent to b modulo n if

n | (a− b).

This is denoteda ≡ b (mod n).

Example:

8≡ 1 (mod 7)15≡ 1 (mod 7)8≡ 15 (mod 7)

because7 | (8− 1︸︷︷︸

=7

), 7 | (15− 1︸︷︷︸

=14

), 7 | (15− 8︸︷︷︸

=7

).


p. 11

CongruenceLemma. If a ≡ b (mod n), then exists k ∈ Z s.t. a = b+ kn.

Lemma. Two numbers are congruent modulo n if and only if theyhave the same remainder when divided by n.

a ≡ b (mod n) if and only if a rem n= b rem n.

Proof: By the division algorithm,

a = q1n+ r1, b = q2n+ r2.

a− b = (q1 − q2)n+ (r1 − r2)

“⇒”: If a ≡ b (mod n) then n | (a − b). So r1 − r2 = 0, theremainders are equal.

“⇐”: If r1 = r2, then n | (a− b), so a ≡ b (mod n).


p. 12

Congruence-3 0 3 6

-2 1 4 7-1 2 5 8

x rem 3 0 1 2 0 1 2 0 1 2 0 1 2

Integers are divided into 3 congruence classes:

. . . , -3, 0, 3, 6, 9, 12, . . . are congruent modulo 3.



By the way, all Mondays, all Tuesdays, all Wednesdays, etc. arecongruence classes too.


p. 13

Modular arithmeticAddition, subtraction, and multiplication preserve congruence.

Theorem. if a ≡ b (mod n) and c ≡ d (mod n), then

a+ c ≡ b+ d (mod n).

Theorem. if a ≡ b (mod n) and c ≡ d (mod n), then

ac ≡ bd (mod n).

Proof.Exist x , y ∈ Z such that a− b = xn and c − d = yn.

ac − bd = (b+ xn)(d + yn)− bd = n(xd + b y + xny)

Thus ac ≡ bd (mod n).


p. 14

Modular arithmeticAddition, subtraction, and multiplication preserve congruence.What does it mean practically?

If we have to find x such that

122 · (−11) + 80≡ x (mod 5)

We know that

12≡ 2 (mod 5),−11≡ −1 (mod 5),

80≡ 0 (mod 5)

Therefore, we are free to substitute 12 with 2, −11 with −1, and80 with 0:

122 ·(−11)+80 ≡ 22 ·(−1)+0 ≡ 2 ·2 ·(−1) ≡ −4 ≡ 1 (mod 5).


p. 15

Multiplicative inverse

What about division?

Theorem. if a and n are relative primes, i.e. gcd(a, n) = 1, thenexists integer a−1 called multiplicative inverse, such that

aa−1 ≡ 1 (mod n)

Proof.Exist s and t, such that sa+ tn= 1. Therefore,

sa− 1= tn

sa ≡ 1 (mod n)

Therefore, a−1 = s.


p. 16


Corollary. If a and n are relative primes, then there exists a uniquemultiplicative inverse a−1 ∈ {1, 2, . . . , n− 1} such that

aa−1 ≡ 1 (mod n).

Ok, uniqueness is great, but we need a procedure for finding mul-tiplicative inverses.


p. 17


Find inverse of 101 modulo 4620, that is x such that

101 · x ≡ 1 (mod 4620)

If 101 and 4620 are relative primes:

gcd(101, 4620) = 1,

by Bezout’s theorem: Exist s and t such that

101 · s+ 4620 · t = gcd(101, 4620) = 1

101 · s ≡ 1 (mod 4620)

We have to find Bezout coefficients s and t. Then s is the inverse.


p. 18


Find inverse of 101 modulo 4620, that is x such that

101 · x ≡ 1 (mod 4620)

If 101 and 4620 are relative primes:

gcd(101, 4620) = 1,

by Bezout’s theorem: Exist s and t such that

101 · s+ 4620 · t = gcd(101, 4620) = 1

101 · s ≡ 1 (mod 4620)

We have to find Bezout coefficients s and t. Then s is the inverse.


p. 19

Recall Euclid’s Algorithm

a0 = 4620= 45 · 101+ 75

a1 = 101= 1 · 75+ 26

a2 = 75= 2 · 26+ 23

a3 = 26= 1 · 23+ 3

a4 = 23= 7 · 3+ 2

a5 = 3= 1 · 2+ 1

a6 = 2= 2 · 1a7 = 1

Let’s adapt this algorithm for finding Bezout coefficients s and t:

101 · s+ 4620 · t = 1


p. 20

Extended Euclid’s Algorithm

101 · s+ 4620 · t = 1

Run Euclid’s algorithm:

a0 = 4620= 45 · 101+ 75

a1 = 101= 1 · 75+ 26

a2 = 75= 2 · 26+ 23

a3 = 26= 1 · 23+ 3

a4 = 23= 7 · 3+ 2

a5 = 3= 1 · 2+ 1

a6 = 2= 2 · 1a7 = 1

Work backwards, to express GCD interms of a1 = 101 and a0 = 4620:

1= 3− 1 · 2= 3− 1 · (23− 7 · 3) = −1 · 23+ 8 · 3= −1 · 23+ 8 · (26− 1 · 23) = 8 · 26− 9 · 23= 8 · 26− 9(75− 2 · 26) = −9 · 75+ 26 · 26= −9 · 75+ 26 · (101− 1 · 75) = 26 · 101− 35 · 75= 26 · 101− 35 · (4620− 45 · 101)

= −35 · 4620+ 1601 · 101


p. 21


101 · s+ 4620 · t = 1


a0 = 4620= 45 · 101+ 75

a1 = 101= 1 · 75+ 26

a2 = 75= 2 · 26+ 23

a3 = 26= 1 · 23+ 3

a4 = 23= 7 · 3+ 2

a5 = 3= 1 · 2+ 1

a6 = 2= 2 · 1a7 = 1


1= 3− 1 · 2= 3− 1 · (23− 7 · 3) = −1 · 23+ 8 · 3= −1 · 23+ 8 · (26− 1 · 23) = 8 · 26− 9 · 23= 8 · 26− 9(75− 2 · 26) = −9 · 75+ 26 · 26= −9 · 75+ 26 · (101− 1 · 75) = 26 · 101− 35 · 75= 26 · 101− 35 · (4620− 45 · 101)

= −35 · 4620+ 1601 · 101


p. 22


101 · s+ 4620 · t = 1


a0 = 4620= 45 · 101+ 75

a1 = 101= 1 · 75+ 26

a2 = 75= 2 · 26+ 23

a3 = 26= 1 · 23+ 3

a4 = 23= 7 · 3+ 2

a5 = 3= 1 · 2+ 1

a6 = 2= 2 · 1a7 = 1


1= 3− 1 · 2= 3− 1 · (23− 7 · 3) = −1 · 23+ 8 · 3= −1 · 23+ 8 · (26− 1 · 23) = 8 · 26− 9 · 23= 8 · 26− 9(75− 2 · 26) = −9 · 75+ 26 · 26= −9 · 75+ 26 · (101− 1 · 75) = 26 · 101− 35 · 75= 26 · 101− 35 · (4620− 45 · 101)

= −35 · 4620+ 1601 · 101


p. 23


101 · s+ 4620 · t = 1


a0 = 4620= 45 · 101+ 75

a1 = 101= 1 · 75+ 26

a2 = 75= 2 · 26+ 23

a3 = 26= 1 · 23+ 3

a4 = 23= 7 · 3+ 2

a5 = 3= 1 · 2+ 1

a6 = 2= 2 · 1a7 = 1


1= 3− 1 · 2= 3− 1 · (23− 7 · 3) = −1 · 23+ 8 · 3= −1 · 23+ 8 · (26− 1 · 23) = 8 · 26− 9 · 23= 8 · 26− 9(75− 2 · 26) = −9 · 75+ 26 · 26= −9 · 75+ 26 · (101− 1 · 75) = 26 · 101− 35 · 75= 26 · 101− 35 · (4620− 45 · 101)

= −35 · 4620+ 1601 · 101


p. 24


101 · s+ 4620 · t = 1


a0 = 4620= 45 · 101+ 75

a1 = 101= 1 · 75+ 26

a2 = 75= 2 · 26+ 23

a3 = 26= 1 · 23+ 3

a4 = 23= 7 · 3+ 2

a5 = 3= 1 · 2+ 1

a6 = 2= 2 · 1a7 = 1


1= 3− 1 · 2= 3− 1 · (23− 7 · 3) = −1 · 23+ 8 · 3= −1 · 23+ 8 · (26− 1 · 23) = 8 · 26− 9 · 23= 8 · 26− 9(75− 2 · 26) = −9 · 75+ 26 · 26= −9 · 75+ 26 · (101− 1 · 75) = 26 · 101− 35 · 75= 26 · 101− 35 · (4620− 45 · 101)

= −35 · 4620+ 1601 · 101


p. 25


101 · s+ 4620 · t = 1


a0 = 4620= 45 · 101+ 75

a1 = 101= 1 · 75+ 26

a2 = 75= 2 · 26+ 23

a3 = 26= 1 · 23+ 3

a4 = 23= 7 · 3+ 2

a5 = 3= 1 · 2+ 1

a6 = 2= 2 · 1a7 = 1


1= 3− 1 · 2= 3− 1 · (23− 7 · 3) = −1 · 23+ 8 · 3= −1 · 23+ 8 · (26− 1 · 23) = 8 · 26− 9 · 23= 8 · 26− 9(75− 2 · 26) = −9 · 75+ 26 · 26= −9 · 75+ 26 · (101− 1 · 75) = 26 · 101− 35 · 75= 26 · 101− 35 · (4620− 45 · 101)

= −35 · 4620+ 1601 · 101


p. 26


−35 · 4620+ 1601 · 101= 1

Bezout coefficients are s = 1601 and t = −35.

Therefore, s = 1601 is the multiplicative inverse:

101 · 1601≡ 1 (mod 4620)

It works, but it’s easy to make a mistake using this method. Let’sdescribe the extended Euclid’s algorithm more systematically.


p. 27

Extended Euclid’s Algorithm (II)

The task:

Given two numbers a0 ≥ a1, run Euclid’s agorithm, computing

a2 = . . .

a3 = . . .

. . .

ak = gcd(a0, a1)

In addition, find the coefficients xk and yk such that

ak = xka0 + yka1

We find a recurrent solution for xk and yk.


p. 28

Extended Euclid’s Algorithm (II)Need to find the coefficients xk and yk such that

ak = gcd(a0, a1) = xka0 + yka1

But we compute more than that. We want to represent all ai as alinear combination of a0 and a1

a0 = x0a0 + y0a1

a1 = x1a0 + y1a1

a2 = x2a0 + y2a1

a3 = x3a0 + y3a1

. . .

ak = gcd(a0, a1) = xka0 + yka1


p. 29


a0 = x0a0 + y0a1

a1 = x1a0 + y1a1

a2 = x2a0 + y2a1

a3 = x3a0 + y3a1

. . .

ak = xka0 + yka1

The other x i and yi can be derived using the relations between ai ’s:

ai = ai−2 − qi−1 · ai−1


p. 30


a0 = x0a0 + y0a1

a1 = x1a0 + y1a1

a2 = x2a0 + y2a1

a3 = x3a0 + y3a1

. . .

ak = xka0 + yka1

a0 = 1a0 + 0a1, x0 = 1, y0 = 0,

a1 = 0a0 + 1a1, x1 = 0, y1 = 1,


ai = ai−2 − qi−1 · ai−1


p. 31


a0 = x0a0 + y0a1

a1 = x1a0 + y1a1

a2 = x2a0 + y2a1

a3 = x3a0 + y3a1

. . .

ak = xka0 + yka1

a0 = 1a0 + 0a1, x0 = 1, y0 = 0,

a1 = 0a0 + 1a1, x1 = 0, y1 = 1,


ai = ai−2 − qi−1 · ai−1


p. 32

Extended Euclid’s Algorithm (II)Euclid’s algorithm computes the next remainder, ai, this way:

ai = ai−2 − qi−1 · ai−1

Two previous remainders are

ai−2 = x i−2a0 + yi−2a1 and ai−1 = x i−1a0 + yi−1a1

ai = ai−2 − qi−1 · ai−1

= x i−2 · a0 + yi−2 · a1 − qi−1(x i−1 · a0 + yi−1 · a1)= (x i−2 − qi−1 x i−1) · a0 + (yi−2 − qi−1 yi−1) · a1

=�

x i−2 −�ai−2 − ai

ai−1

�

x i−1

︸︷︷︸

=x i

�

· a0 +�

yi−2 −�ai−2 − ai

ai−1

�

yi−1

︸︷︷︸

=yi

�

· a1


p. 33

Extended Euclid’s Algorithm (II)ai = ai−2 − qi−1 · ai−1

This is how we compute all x i and yi up to xk and yk:

x0 = 1 y0 = 0x1 = 0 y1 = 1. . . . . .

x i = x i−2 −�ai−2 − ai

ai−1

�

︸︷︷︸

=qi−1

x i−1 yi = yi−2 −�ai−2 − ai

ai−1

�

︸︷︷︸

=qi−1

yi−1

. . . . . .

In the end, we get two numbers xk and yk, so we can express theGCD as a linear combination of a0 and a1:

gcd(a0, a1) = ak = xk · a0 + yk · a1


p. 34

Extended Euclid’s Algorithm (II)x i = x i−2 −�ai−2 − ai

ai−1

�

︸︷︷︸

=qi−1

x i−1 yi = yi−2 −�ai−2 − ai

ai−1

�

︸︷︷︸

=qi−1

yi−1

i ai q x i yi

0 a0 = 4620 - 1 01 a1 = 101 - 0 1

2 4620= 45 · 101+ 75a2 = 75 45 1− 45 · 0= 0− 45 · 1=

1 −45


p. 35

Extended Euclid’s Algorithm (II)x i = x i−2 −�ai−2 − ai

ai−1

�

︸︷︷︸

=qi−1

x i−1 yi = yi−2 −�ai−2 − ai

ai−1

�

︸︷︷︸

=qi−1

yi−1

i ai q x i yi

0 a0 = 4620 - 1 01 a1 = 101 - 0 1

2 4620= 45 · 101+ 75a2 = 75 45 1− 45 · 0= 0− 45 · 1=

1 −45

3 101= 1 · 75+ 26 0− 1 · 1= 1− 1 · (−45) =a3 = 26 1 −1 46

4 75= 2 · 26+ 23 1− 2 · (−1) = −45− 2 · 46=a4 = 23 2 3 −137


p. 36

Extended Euclid’s Algorithm (II)i ai q x i yi

0 a0 = 4620 - 1 01 a1 = 101 - 0 12 a2 = 75 45 1 −453 a3 = 26 1 −1 464 a4 = 23 2 3 −137

5 26= 1 · 23+ 3 −1− 1 · 3= 46− 1 · (−137) =

a5 = 3 1 −4 183

6 23= 7 · 3+ 2 3− 7 · (−4) = −137− 7 · 183=

a6 = 2 7 31 −1418

7 3= 1 · 2+ 1 −4− 1 · 31= 183− 1 · 1418=

a7 = 1 1 −35 1601


p. 37


While computing the sequence of ai ’s with Euclid’s algorithm, weeventually produced coefficients

x7 = −35, y7 = 1601

By construction, they satisfy the equation

a7 = x7 · a0 + y7 · a1

1= −35︸︷︷︸

=x7

·4620︸︷︷︸

=a0

+1601︸︷︷︸

=y7

· 101︸︷︷︸

=a1

But from the last equation we can find the inverse of 101 modulo4620, and the inverse of 4620 modulo 101.


p. 38

Finding amultiplicative inverse

Take this equation and find the multuiplicative inverse of a1 = 101modulo a0 = 4620.

1= −35︸︷︷︸

=x7

·4620︸︷︷︸

=a0

+1601︸︷︷︸

=y7

· 101︸︷︷︸

=a1

1601 · 101− 1= 35 · 4620

Therefore, by definition of congruence,

101 · 1601≡ 1 (mod 4620).

So, 1601 is a multiplicative inverse of 101 modulo 4620.

We were able to find the inverse, because 101 and 4620 are relativeprimes, that is, their GCD is equal to 1.

modulararithmetic - github pagesmodulararithmetic congruence modulararithmetic multiplicativeinverse...

Documents