Module

1
Module 8Basic Number Theory

• Rosen 5th ed., 2.4-2.6
• 31 slides, 2 lectures

2
2.4 The Integers and Division

• Of course you already know what the integers are,
  and what division is
• But There are some specific notations,
  terminology, and theorems associated with these
  concepts which you may not know.
• These form the basics of number theory.
• Vital in many important algorithms today (hash
  functions, cryptography, digital signatures).

3
Divides, Factor, Multiple

• Let a,b?Z with a?0.
• ab ? a divides b ? ?c?Z bacThere is an
  integer c such that c times a equals b.
• Example 3??12 ? True, but 3?7 ? False.
• Iff a divides b, then we say a is a factor or a
  divisor of b, and b is a multiple of a.
• b is even 2b. Is 0 even? Is -4?

4
Facts re the Divides Relation

• ?a,b,c ? Z
• 1. a0
• 2. (ab ? ac) ? a (b c)
• 3. ab ? abc
• 4. (ab ? bc) ? ac
• Proof of (2) ab means there is an s such that
  bas, and ac means that there is a t such that
  cat, so bc asat a(st), so a(bc) also.

5
More Detailed Version of Proof

• Show ?a,b,c ? Z (ab ? ac) ? a (b c).
• Let a, b, c be any integers such that ab and
  ac, and show that a (b c).
• By defn. of , we know ?s bas, and ?t cat.
  Let s, t, be such integers.
• Then bc as at a(st), so ?u bcau,
  namely ust. Thus a(bc).

6
Prime Numbers

• An integer pgt1 is prime iff it is not the product
  of any two integers greater than 1 pgt1 ?
  ??a,b?N agt1, bgt1, abp.
• The only positive factors of a prime p are 1 and
  p itself. Some primes 2,3,5,7,11,13...
• Non-prime integers greater than 1 are called
  composite, because they can be composed by
  multiplying two integers greater than 1.

7
Review of 2.4 So Far

• ab ? a divides b ? ?c?Z bac
• p is prime ? pgt1 ? ??a?N (1 lt a lt p ? ap)
• Terms factor, divisor, multiple, composite.

8
Fundamental Theorem of Arithmetic

• Every positive has a unique representation as the
  product of a non-decreasing series of zero or
  more primes.
• 1 (product of empty series) 1
• 2 2 (product of series with one element 2)
• 4 22 (product of series 2,2)
• 2000 2222555 2001 32329
• 2002 271113 2003 2003

Its "Prime Factorization"
9
n has a Divisor less than n
??
If n is a composite integer, then n has a prime
divisor less than or equal to n. Proof Since
n is a composite, n has a factor a with
1ltaltn. Hence nab, where a,b?N and agt1, bgt1. We
see that a ? n or b ? n , otherwise ab
gt n. Hence, n has a positive divisor not
exceeding n . This divisor is either prime,
or has a prime divisor (Why?).
??
??
??
??
10
An Application of Primes

• When you visit a secure web site (https
  address, indicated by padlock icon in IE, key
  icon in Netscape), the browser and web site may
  be using a technology called RSA encryption.
• This public-key cryptography scheme involves
  exchanging public keys containing the product pq
  of two random large primes p and q (a private
  key) which must be kept secret by a given party.
• So, the security of your day-to-day web
  transactions depends critically on the fact that
  all known factoring algorithms are intractable!
• Note There is a tractable quantum algorithm for
  factoring so if we can ever build big quantum
  computers, RSA will be insecure.

11
The Division Algorithm

• Really just a theorem, not an algorithm
• The name is used here for historical reasons.
• For any integer dividend a and divisor d?0, there
  is a unique integer quotient q and remainder r?N
  ? a dq r and 0 ? r lt d.
• ?a,d?Z, dgt0 ?!q,r?Z 0?rltd, adqr.
• We can find q and r by q?a?d?, ra?qd.

(such that)
12
Greatest Common Divisor

• The greatest common divisor gcd(a,b) of integers
  a,b (not both 0) is the largest (most positive)
  integer d that is a divisor both of a and of b.
• d gcd(a,b) max(d da ? db) ? da ? db ?
  ?e?Z, (ea ? eb) ? d e
• Example gcd(24,36)?Positive common divisors
  1,2,3,4,6,12Greatest is 12.

13
GCD shortcut

• If the prime factorizations are written as
  and
  ,then the GCD is given by
• Example
• a842237 223171
• b96222223 253170
• gcd(84,96) 223170 223 12.

14
Relative Primality

• Integers a and b are called relatively prime or
  coprime iff their gcd 1.
• Example Neither 21 and 10 are prime, but they
  are coprime. 2137 and 1025, so they have no
  common factors gt 1, so their gcd 1.
• A set of integers a1,a2, is (pairwise)
  relatively prime if all pairs ai, aj, i?j, are
  relatively prime.

15
Least Common Multiple

• lcm(a,b) of positive integers a, b, is the
  smallest positive integer that is a multiple both
  of a and of b. E.g. lcm(6,10)30
• m lcm(a,b) min(m am ? bm) ? am ? bm
  ? ?n?Z (an ? bn) ? (m n)
• If the prime factorizations are written as
  and , then the
  LCM is given by

16
Modular Arithmetic

• An integer division remainder operator.
• Let a,d?Z with dgt1. Then a mod d denotes the
  remainder r from the division algorithm with
  dividend a and divisor d i.e. the remainder when
  a is divided by d. (Using e.g. long division.)
• We can compute (a mod d) by a ? d?a/d?.
• In C programming language, ? mod.

17
Modular Congruence

• Let Zn?Z ngt0, the positive integers.
• Let a,b?Z, m?Z.
• Then a is congruent to b modulo m, written a?b
  (mod m), iff m a?b .
• Also equivalent to (a?b) mod m 0.
• (Note this is a different use of ? than the
  meaning is defined as Ive used before.)

18
Spiral Visualization of mod

Example shownmodulo-5arithmetic
0(mod 5)
20
15
1(mod 5)
10
4(mod 5)
21
5
19
14
16
9
11
0
4
6
1
3
2
8
7
13
12
18
17
2(mod 5)
22
3(mod 5)
19
Useful Congruence Theorems

• Theorem 9 Let a,b?Z, m?Z. Then a?b (mod m) ?
  ?k?Z abkm.
• Theorem 10 Let a,b,c,d?Z, m?Z. Then if a?b
  (mod m) and c?d (mod m), then
• ? ac ? bd (mod m), and
• ? ac ? bd (mod m)

20
Applications of Congruence

• Hashing function. E.g. let k be your id. no.
  Assume we have m locations and hashing function
  h(k) k mod m
• h(064212848) 064212848 mod 11114
• h(037149212) 037149212 mod 11165
• What if collision occurs?

21
Applications of Congruence

• Pseudorandom Numbers. Let modulus m, multiplier
  a, increment c, seed x0.
• xn1(axnc) mod m

22
2.5 Integers Algorithms

• Topics
• Base-b representations of integers.
• Especially binary, hexadecimal, octal.
• Also Twos complement representation of negative
  numbers.
• Modular Exponentiation
• Euclidean algorithm for finding GCDs.
• Algorithms for computer arithmetic
• Binary addition, multiplication, division.

23
Base-b number systems

• Ordinarily we write base-10 representations of
  numbers (using digits 0-9).
• 10 isnt special any base bgt1 will work.
• For any positive integers n,b there is a unique
  sequence ak ak-1 a1a0 of digits ailtb such that

The base b expansionof n
See module 12 for summation notation.
24
Particular Bases of Interest
Used only because we have 10 fingers

• Base b10 (decimal)10 digits
  0,1,2,3,4,5,6,7,8,9.
• Base b2 (binary)2 digits 0,1. (Bitsbinary
  digits.)
• Base b8 (octal)8 digits 0,1,2,3,4,5,6,7.
• Base b16 (hexadecimal)16 digits
  0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F

Usedinternally in all modern computers
Octal digits correspond to groups of 3 bits
Hex digits give groups of 4 bits
25
Converting to Base b

• (Algorithm, informally stated)
• To convert any integer n to any base bgt1
• To find the value of the rightmost (lowest-order)
  digit, simply compute n mod b.
• Now replace n with the quotient ?n/b?.
• Repeat above two steps to find subsequent digits,
  until n is gone (0).

Exercise for student Write this out in
pseudocode
26
Addition of Binary Numbers

• (ALGORITHM 2)
• procedure add(an-1a0, bn-1b0 binary
  representations of non-negative integers a,b)
• c0 0
• for i 0 to n-1 go through bits
• begin
• Sum aibici 2-bit sum
• si Sum mod 2 low bit of sum
• ci1 ?Sum / 2? high bit of sum
• end
• return sn-1s0 binary representation of integer
  s cncarry

27
Twos Complement

• In binary, negative numbers can be conveniently
  represented using twos complement notation.
• In this scheme, a string of n bits can represent
  any integer i such that -2n-1 i lt 2n-1.
• The bit (msb) in the highest-order bit-position
  (n-1) represents a coefficient multiplying -2n-1
• The other positions i lt n-1 just represent 2i, as
  before.
• The negation of any n-bit twos complement number
  a an-1a0 is given by an-1a0 1.

The bitwise logical complement of the n-bit
string an-1a0.
28
Correctness of Negation Algorithm

• Theorem For an integer a represented in twos
  complement notation, -a a 1.
• Proof
• Since a -an-12n-1 an-22n-2 a020,
• so -a an-12n-1 - an-22n-2 - - a020.
• Note an-12n-1 (1-an-1)2n-1 2n-1 - an-12n-1.
• (because an-1 can be only 0 or 1)
• Replace 2n-1 2n-2 20 1.
• We have -a - an-12n-1 (1-an-2)2n-2
  (1-a0)20 1 a 1.

29
Subtraction of Binary Numbers

• procedure (a,b)
• begin
• return a (2s complement of b)
• end
• Note for An overflow occurs when
• cn?cn-11

30
Multiplication of Binary Numbers

• procedure multiply(an-1a0, bn-1b0 binary
  representations of a,b?N)
• product 0
• for i 0 to n-1
• if bi 1 then
• product add(an-1a00i, product)
• return product

i extra 0-bitsappended afterthe digits of a
31
Binary Division with Remainder

• procedure div-mod(a,d ? Z) Quotient rem. of
  a/d.
• n max(length of a in bits, length of d in
  bits)
• for i n-1 downto 0
• if a d0i then Can we subtract at this
  position?
• qi 1 This bit of quotient is 1.
• a a - d0i Subtract to get remainder.
• else
• qi 0 This bit of quotient is 0.
• r a
• return q,r q quotient, r remainder

32
Euclids Algorithm for GCD

• Finding GCDs by comparing prime factorizations
  can be difficult if the prime factors are
  unknown.
• Euclid discovered For all integers a, b, gcd(a,
  b) gcd((a mod b), b).
• Sort a,b so that agtb, and then (given bgt1) (a
  mod b) lt a, so problem is simplified.

Euclid of Alexandria325-265 B.C.
33
Euclids Algorithm Example

• gcd(372,164) gcd(372 mod 164, 164).
• 372 mod 164 372?164?372/164? 372?1642
  372?328 44.
• gcd(164,44) gcd(164 mod 44, 44).
• 164 mod 44 164?44?164/44? 164?443 164?132
  32.
• gcd(44,32) gcd(44 mod 32, 32) gcd(12, 32)
  gcd(32 mod 12, 12) gcd(8,12) gcd(12 mod 8, 8)
  gcd(4,8) gcd(8 mod 4, 4) gcd(0,4) 4.

34
Euclids Algorithm Pseudocode

• procedure gcd(a, b positive integers)
• while b ? 0
• begin
• r a mod b a b b r
• end
• return a

Sorting inputs not needed b/c order will be
reversed each iteration.
Fast! Number of while loop iterationsturns out
to be O(log(max(a,b))).
35
Modular Exponentiation

• In cryptography, its important to calculate bn
  mod m efficiently. E.g. 2644 mod 645.
• procedure modular exponentiation (binteger, ak-1
  ak-2 a0binary representation of n, m positive
  integer)
• x 1
• power b mod m
• for i 0 to k-1
• begin
• if ai 1 then x (x.power) mod m
• power (power.power) mod m
• end
• return x
• Check example 11 for each steps in calculating
  2644 mod 645

36
2.6 Applications of Number Theory

• Topics
• Linear combination of gcd
• Linear congruence
• Chinese remainder theorem
• Pseudoprimes-Fermats little theorem
• Public key cryptography
• RSA encryption
• RSA decryption
• RSA as a public key system

37
Linear Combination of GCD

• Theorem 1 If a and b are positive integers, then
  there exists integers s and t such that
  gcd(a,b)satb.
• How to calculate s and t ?
• Lemma 1 If a, b, and c are positive integers
  such that gcd(a,b)1 and abc, then ac.
• Lemma 2 If p is prime and ,
  where each ai is an integer, then pai for some
  i.(pp.S-27)

38
Uniqueness of prime factorization

• There is only one way that an integer be
  factorized by Primes in nondecreasing order.
• Proof let and
  be 2 different ways to factorize n, each pi
  and qj are primes such that
  and .
• Remove common primes from the 2 factorizations,
• we have , where . This
  implies that for some k (by
  Lemma2), which is impossible.

39
Reduction of Congruence

• Theorem 2 Let m be a positive integer and let a,
  b, and c be integers. If
  and gcd(c,m)1, then .
• Proof Since , we have
  
• .
• Since gcd(c,m)1, it follows that ma-b by
  Lemma1. We conclude that .

40
Existence of Inverse of Modulo

• Theorem3 If gcd(a,m)1 and mgt1, then
• .
• Proof
• Since mgt1, we have
  .
• 
  .
• Suppose
• Hence
• Since gcd(a,m)1 , (Theorem2)

existence
uniqueness
41
Examples

• Find an inverse of 3 modulo 7. Since
  gcd(3,7)1, by Euclidean algorithm , we see
  that . This shows that 2
  is an inverse of 3 modulo 7.
• What are the solutions of the linear congruence 3
  4(mod 7)? (see next slide)

42
Linear Congruence

• A congruence of the form is called a
  linear congruence, where m is a positive integer,
  a and b are integers, and x is a variable.
• How to solve? Multiply both side of linear
  congruence by inverse.
• What are the solution of ?
• Sol Since -1 is the inverse of 3 modulo 7, we
  have -2?3x -2?4(mod 7), So x 6(mod 7).

43
Chinese Remainder Theorem

• Let m1,m2,,mn be pairwise relatively prime
  positive integers. The system
• has a unique solution modulo m, where
• (That is, there is a solution x with , and all
  other solutions are congruent modulo m to this
  solution)

44
Proof of Chinese Remainder Theorem

• Proof Let Mkm/mk for k1,2,,n.
• Since gcd(mi , mk)1 for , gcd(mk, Mk)1.
• Consequently, .
• Let .
• Since whenever .
• Since ,
• , for k1,2,,n.

45
Application of Chinese Remainder Theorem

• E.g.6 in pp.187
• Every nonnegative integer a less than
  can be represented by

46
Pseudo Primes

• Fermats Little Theorem If p is a prime and a is
  an integer not divisible by p, then
• Further more, for every integer a we have
• However, there are integers n that are NOT
  primes, but (Some nonprime integers p also
  satisfy )
• Instead, they are pseudoprimes.

47
PseudoPrime

• Definition1 Let . If n is a composite
  positive integer, and then n is called a
  pseudoprime to the base b.
• Definition2 A composite integer n that satisfies
  the congruence for all with
  gcd(b,n)1 is called a CarMichael number.