(n) = L:7=1 (n)/n for increasingly large values of n, such as n = 100, n = 1000, and n = 10 ,000. Can you make a conjecture about the limit of this ratio as n grows large without bound? 1.
Programming Projects 1.
Construct a reduced residue system modulo n for a given positive integer n.
2.
Solve linear congruences using Euler's theorem.
3.
Find the solutions of a simultaneous system of linear congruences using Euler's theorem and the Chinese remainder theorem (see Exercise 14).
7
Multiplicative Functions
I multiplicative functions.
n this chapter, we will study a special class of functions on the set of integers called A multiplicative function has the property that its value at
an integer is the product of its values at each of the prime powers in its prime-power factorization. We will show that some important functions are multiplicative, including the number of divisors function, the sum of divisors function, and the Euler phi-function. We will use the fact that each of these functions is multiplicative to obtain a closed formula for the value of these functions at a positive integer factorization of
n based on the prime-power
n.
Furthermore, we will study a special type of positive integer, called a perfect number, which is equal to the sum of its proper divisors. We will show that all even perfect numbers are generated by a special kind of prime, called a Mersenne prime, which is a prime that is 1 less than a power of 2. The quest for new Mersenne primes has been under way since ancient times, accelerated by the invention of powerful computers, and accelerated even more with the advent of the Internet. We will also show how the summatory function of an
arithmetic fanction, that is,
a function defined for all positive integers, can be used to obtain information about the
f takes a value at n equal to the sum of the values of f at each of the positive divisors of n. The famous Mobius inversion formula shows how to obtain the values of f from the values of its summatory function. function itself. The summatory function of a function
Finally, we will study arithmetic functions that count unrestricted and restricted partitions. By a partition, we mean a way to express a positive integer as a sum of positive integers where order does not matter; a partition is restricted when there are constraints on the terms in the sum. We will establish a variety of surprising identities between these arithmetic functions, and introduce many of the important concepts in the study of partitions.
7.1
The Euler Phi-Function We will show in this section that the Euler phi-function has the property that its value
n is the product of the values of the Euler phi-function at the prime powers that occur in the factorization of n. Functions with this property are called multiplicative;
at an integer
such functions arise throughout number theory. Using the fact that the Euler phi-function is multiplicative, we will derive a formula for its values based on prime factorizations. 239
240
Multiplicative Functions
Later in this chapter, we will study other multiplicative functions, including the number of divisors function and the sum of divisors function. We first present some definitions. Definition.
An
arithmetic function is a function that is defined for all positive integers.
Throughout this chapter, we are interested in arithmetic functions that have a special property.
f(mn) f(m)f(n) whenever m and n are relatively prime positive integers. It is called complete ly multipli cative if f(mn) f(m)f(n) for all positive integers m and n. Definition.
An arithmetic function
f
multiplicative
is called
if
=
=
f(n) 1 for all n is completely multiplicative, and hence also multiplicative, because f(mn) 1, f(m) 1, and f(n) 1, so that f(mn) f(m)f(n). Similarly, the function g(n) n is completely multiplicative, and hence .,.. multiplicative, since g(mn) mn g(m)g(n). The function
Example 7.1.
=
=
=
=
=
=
=
f(n) given n.This result is particularly useful, because it shows us how to find f(n) from the values of f(p�i) for i 1, 2, ... where n p�1p;2 p:s is the prime-power factorization of n. If
f
=
is a multiplicative function, then we can find a simple formula for
the prime-power factorization of
, s,
=
=
•
•
•
n p�1p;2 p:s is the prime f(p�1)f(p;2) f(p:s). power factorization of the positive integer n, then f(n) Proof We will prove this theorem using mathematical induction on the number of different primes in the prime factorization of the integer n. If n has one prime in its prime-power factorization, then n p�1 for some prime Pi. and it follows that the result If
Theorem 7.1.
f
is a multiplicative function and if
•
=
=
•
•
•
•
•
=
is trivially true. Suppose that the theorem is true for all integers with k different primes in their
n has k + 1 different primes in its prime power factorization, say, n p�1p;2 p:kp:�+l. Because f is multiplicative and (p�1p;2 p;k, p:1:;D 1, we see that f(n) f(p�1p;2 p:k)f(p:�+D. By the inductive hypothesis, we know that f(p�1p;2p;3 p:k) f(p�1)f(p;2)f(p;3) f(p:k). It follows that f(n) f(p�1)f(p;2) f(p:k)f(p:�+D. This completes the prime-power factorization. Now suppose that •
=
•
•
•
•
=
•
=
•
•
=
•
•
•
•
•
•
=
•
•
•
•
inductive proof.
•
We now return to the Euler phi-function. We first consider its values at primes and then at prime powers. Theorem 7.2. with
(p)
Proof
=
p
If pis prime, then -
1, then
p is prime, Because there are p If
-
(p) p =
-
p is prime.
1. Conversely, if pis a positive integer
then every positive integer less than 1 such integers, we have
(p)
=
p
p is relatively
-
prime to
1. Conversely, if
p.
p is not
241
7.1 The Euler Phi-Function
prime, then p=1 or p is composite.If p=1, then
<
d
<
p, and, of course, p and d are not
relatively prime.Because we know that at least one of the p - 1 integers 1, 2, ..., p - 1, namely, d, is not relatively prime to p,
•
We now find the values of the phi-function at prime powers. Theorem 7.3.
Proof
Let p be a prime and
a
1 a positive integer. Then
The positive integers less than or equal to pa that are not relatively prime to p
are those integers not exceeding pa that are divisible by p. These are the integers kp, 1 l l where 1 :::::: k :::::: pa- • Since there are exactly pa- such integers, there are pa - paintegers less than pa that are relatively prime to pa.Hence,
l.
•
2 3 3 1 Example 7.2. Using Theorem 7.3, we find that
Let m =4 and n=9, so that mn=36.We list the integers from 1 to 36
in a rectangular chart, as shown in Figure 7.1.
ICD
0
9
2
6
10
3 4
(j) @ 8
12
@ @ 14 15 16
18
21 22
@ @ 20
24
@) ®
33
26
30
34
27
®
®I
28
32
36
Figure 7.1 Demonstrating that
=
Neither the second nor the fourth row contains integers relatively prime to 36, since each element in these rows is not relatively prime to 4, and hence not relatively prime to 36.We enclose the other two rows; each element of these rows is relatively prime to 4. Within each of these rows, there are 6 integers relatively prime to 9. We circle these; they are the 12 integers in the list relatively prime to 36. Hence,
·
6=
We now state and prove the theorem that shows that
Let m and n be relatively prime positive integers. Then
Proof
We display the positive integers not exceeding mn in the following way.
242
Multiplicative Functions
1
m+1 2m+1
(n
2
m+2
(n
3
m+3 2m+3
(n
r
m+r
(n
m
2m
2m+2
2m+r
3m
-
-
-
-
l)m +1 l)m +2 l)m +3 l)m +r mn
Now, suppose thatr is a positive integer not exceedingm, and suppose that (m, r) d
>
=
1. Then no number in the r th row is relatively prime to mn , because any element of
this row is ofthe form km +r , where k is an integer with1:::::
k ::::: n
-
1, and d I
(km+r ) ,
because d Im and d I r. Consequently, to find those integers in the display that are relatively prime to mn , we need to look at the rth row only if (m, r)
=
l. If (m, r)
=
1 and1::::: r ::::: m, we must
determine how many integers in this row are relatively prime to mn. The elements in this row are r, m+r, 2m+r,
. . . , (n
-
l)m +r. Because (r, m)
=
1, each of these integers
is relatively prime tom. By Theorem 4.6 the n integers in the r th row form a complete system of residues modulo n. Hence, exactly
to n . Because these
=
•
Combining Theorems 7.3 and 7. 4, we derive the following formula for
Theorem 7.5.
Let n
=
p�1 p;2
•
•
•
p:k be the prime-power factorization of the positive
integer n. Then
Proof.
Because
In addition, by Theorem 7.3, we know that
for j
=
1, 2 ,
... , k. Hence,
7.1 The Euler Phi-Function
This is the desired formula for
•
We illustrate the use of Theorem Using Theorem
Example 7.4.
=
7.5, we note that
=
and
=
720
Let
( �) ( �)
100
1-
1-
=
40
( �) ( �) ( �) 1-
Theorem 7.6.
Proof
=
243
1-
=
1-
=
192.
2, as the following theorem shows.
n be an integer greater than 2. Then
Suppose that n
=
p�1 p;2
•
•
•
p�s is the prime-power factorization ofn. Because
;
j
j
j
1, because then p i- l is even. Given that n > 2, at least one of these two conditions holds, so that
1 is even, or ifp j
=
j
2 and aj
>
;
;
Let f be an arithmetic function. Then
F(n)
=
L f(d) din
represents the sum of the values off at all the positive divisors of n. The function called the
F is
summatoryjunction off.
Example 7.5.
F(l2)
Iff is an arithmetic function with summatory function =
L f(d)
=f
F, then
(1) + f (2) + f (3) + f (4) + f (6) + f (12) .
dl12 For instance, iff(d)
=
d2 and Fis the summatory function off, then
because
I: d2 dl12
=
12 + 22 + 32 + 42 + 62 + 122
=
1 + 4 + 9 + 16 + 36 + 144
=
210.
F(l2)
=
210,
244
Multiplicative Functions
The following result, which states that n is the sum of the values of the phi-function at all the positive divisors of n, will also be useful in the sequel. It says that the summatory function of
2. Euler's theorem tells us that 1 and we have
p/2 ( ) = 0k1 p/2 ( � ) = ni��l)/21 (�) (-l)N,
a
a with (a, m)
=
=
(a
1. By Exercise I3 of Section 9.3, we know that when m
2 =I (mod m) are x =±I (mod m). Hence,
has a primitive root, the only solutions of x
2 a
r be a primitive root of modulo m with ±I-exponent e. Then re= ±I (mod m),
so that
2 r e =I (mod m). Because ordmr (
e.
=
Hence, the maximum ±I-exponent J..0(m) is at least
we know that J..(m) ::::= ..0(m)
=
=
J..(m)/2.
We now will find the maximal ±I-exponent of integers without primitive roots.
•
10.3 An Application to the Splicing of Telephone Cables
409
m is a positive integer without a primitive root, then the maximal ±I-exponent A.0(m) equals A.(m), the minimal universal exponent of m. Proof We first show that if a is an integer of order A.(m) modulo m with ±I-exponent e such that T heorem 10.6.
If
a)..(m)/2 ¢=-I (modm),
e = A.(m).Consequently, once we have found such an integer a, we will have shown that A.0(m) = A.(m). Assume that a is an integer of order A.(m) modulo m with ±I-exponent e such that then
a)..(m)/2 ¢=-I (modm). ae =±I (mod m), it follows that a2e =I (mod m). By Theorem 9.I, we know that A.(m) I 2e. Because A.(m) I 2e and e:::: A.(m), either e = A.(m)/2 or e = A.(m). To see that e =j:. A.(m)/2, note that ae =±I (mod m), but a)..(m)/2 ¢= I (mod m), because ordma = A.(m), and aA(m)/2 ¢=-I (mod m), by hy pothesis. Therefore, we can conclude that if ordma = A.(m), a has ±I-exponent e, and ae =-I (mod m), then e = A.(m). Because
We now find an integer
a with the desired properties. Let the prime-power factor
m be m = 210p�1p�2 P!s.We consider several cases. We first consider those m with at least two different odd prime factors. Among the prime powers p? dividing m, let pj be one with the smallest power of 2 dividing (pj). Let ri be a primitive root of P? for i = I, 2, . . . , s. Let a be an integer satisfying the ization of
•
•
•
simultaneous congruences
a= 3 (mod 210),
a= ri (mod p?)
for all i with i
t·
=j:. j,
a= r.2 (mod p !). J
J
Such an integer
a is guaranteed to exist by the Chinese remainder theorem. Note that ordma
and, by our choice of Because t.
a= r.2 (mod J
= [A.(210), (p:2), PJ, pJt.!),
•
•
•
, (PJ)/2, ...,
we know that this least common multiple equals tj tj p.) t.
(pj)/2 I A.(m)/2, we know that a)..(m)/2= I (mod
/J!),
so that
a)..(m)/2 ¢=-I (modm). Consequently, the ±I-exponent of
a is
A.(m).
pJ
410
Applications of Primitive Roots and the Order of an Integer
2to pt1, where p is an odd prime, t1 � 1 and t0 � 2, because m has no primitive roots. W hen t0 2 or 3, The next case that we consider deals with integers of the form m
=
=
we have
Let
a be a solution of the simultaneous congruences a_ 1 (mod4) a= r (mod p:1),
where
r
is a primitive root of
(p�1). We see that ordma
=
A.(m). Because
a'A(m)/2 = 1 (mod4), we know that
a'A(m)/2 ¢ -1 (mod m). Consequently, the ±1-exponent of a is A.(m).
a be a solution of the simultaneous congruences
W hen t0 ::::; 4, let
2t0) (mod p:1);
a= 3 (mod a= r
the Chinese remainder theorem tells us that such an integer exists. We see that ordma A.(m). Because4 I
=
A.(2to), we know that4 I A.(m). Hence, a'A(m)/2 - 3'A(m)/2 - (32)'A(m)/4 - 1 (mod 8).
Thus,
a'A(m)/2 ¢ -1 (mod m), so that the ±1-exponent of a is A.(m). Finally, when m
=
2to with t0 � 3, we know from Theorem 9.12 that ordm5
=
A.(m),
but
5'A(m)/2= (s2)'A(m)/4= 1 (mod 8). Therefore, we see that
5'A(m)f2 ¢ -1 (mod m); we conclude that the ±1-exponent of 5 is A.(m). This finishes the argument, because we have dealt with all cases where m does not have a primitive root.
•
We now develop a sy stem for splicing telephone cables. Telephone cables are made up of concentric layers of insulated copper wire, as illustrated in Figure 10.1, and are produced in sections of specified length.
10.3 An Application to the Splicing of Telephone Cables
0
411
0
Figure 10.1 A cross-section of one layer of a telephone cable.
Telephone lines are constructed by splicing together sections of cable. W hen two wires are adjacent in the same layer in multiple sections of the cable, there are often problems with interference and crosstalk. Consequently, two wires adjacent in the same layer in one section should not be adjacent in the same layer in any nearby sections. For practical purposes, the splicing system should be simple. We use the following rules to describe the system: Wires in concentric layers are spliced to wires in the corresponding layers of the next section, following the identical splicing direction at each connection. In a layer with m wires, we connect the wire in position j in one section, where l ::::;
j
::::;
m,
S(j) in the next section, where S(j) is the least positive residue of 1 + (j - l)s modulo m. Here, sis called the spread of the splicing system. We see
to the wire in position
that when a wire in one section is spliced to a wire in the next section, the adjacent wire in the first section is spliced to the wire in the next section in the position obtained by counting forward s modulo m from the position of the last wire spliced in this section. To have a one-to-one correspondence between wires of adjacent sections, we require that
s be relatively prime to the number of wires m. This shows that if wires in positions j and k are sent to the same wire in the next section, then S(j) S(k) and
the spread
=
1+
(j - l)s _ 1 + (k - l)s (mod m) ,
js _ks (mod m) . Because (m, s) (mod m), which is impossible.
so that
Example 10.8.
=
1, from Corollary 4.4. 1 we see that
j _k
Let us connect nine wires with a spread of 2. We have the correspon
dence 1 ---+ 1
3---+ 5
4---+ 7
6---+ 2
7---+ 4
9---+ 8,
as illustrated in Figure 10.2.
412
Applications of Primitive Roots and the Order of an Integer
-------1- -------------t------
Figure 10.2 Splicing ofnine wires with a spread of2. The following result tells us the correspondence of wires in the first section of cable to the wires in the nth section.
Theorem 10.7.
Let Sn (j) denote the position of the wire in the nth section spliced to
the jth wire of the first section. Then
Sn (j) Proof
For n
=
=
n 1 + (j - l)s -l (mod m).
2, by the rules for the splicing system, we have
S2(j) so the proposition is true for n
=
Sn (j)
=
1 + (j - l)s (mod m),
2. Now assume that
=
n 1 + (j - l)s -l (mod m).
Then, in the next section, we have the wire in position Sn (j) spliced to the wire in position.
Sn+1U)
=
1 + (Sn (j) - l)s
=
1 + ((j - l)s -l)s
=
1 + (j - l)s (mod m).
n
n
This shows that the proposition is true.
•
In the splicing system, we want to have wires adjacent in one section separated as long as possible in the following sections. Theorem
10. 7 tells us that after
n
splices,
the adjacent wires in the jth and (j + l)th positions are connected to wires in positions
Sn (j)
=
1 + (j - l)sn (mod m) and Sn (j + 1)
=
1 + jsn (mod m), respectively. These
wires are adjacent in the nth section if, and only if, Sn (j)
- Sn (j + 1)
=
±1 (mod m),
or, equivalently,
n
n
(1 + (j - l)s ) - (1 + js )
=
±1 (mod m),
10.3 An Application to the Splicing of Telephone Cables
413
which holds if and only if sn =±I (mod m). We can now apply the material at the beginning of this section. To keep wires that are adjacent in the first section separated as long as possible thereafter, we should pick for the spreads an integer with maximal ±I-exponent A.0(m). With I00 wires, we should choose a spread sso that the ±I-exponent
Example 10.9.
ofsis A.0(IOO) = A.(IOO) = 20. T he appropriate computations show thats= 3 is such a �re�.
10.3
�
EXERCISES 1. Find the maximal ±I-exponent of each of the following positive integers. a) 17
c) 2 4
e) 99
b) 2 2
d) 36
f ) 100
2. Find an integer with maximal ± 1-exponent modulo each of the following positive integers. a) 13
c) 15
e) 36
b) 14
d) 25
f ) 60
3. Devise a splicing scheme for telephone cables containing each of the following number of wires. a) 50 wires *
b) 76 wires
c) 125 wires
4. Show that using any splicing system of telephone cables with m wires arranged in a concentric layer, adjacent wires in one section can be kept separated in at most [ (m - 1) /2] successive sections of cable. Show that when m is prime, this upper limit is achieved using the system developed in this section.
Computations and Explorations 1. Find the maximal ±I-exponent of each positive integer less than 1000.
Programming Projects 1. Given an integer m, find the maximal ± 1 -exponent of m. 2. Develop a scheme for splicing telephone cables as described in this section.
This page intentionally left blank
11 W
Quadratic Residues
hen is an integer
a
a perfect square modulo a prime p? The work of the great
number theorists Euler, Legendre, and Gauss on this and related questions led to
the development of much of modem number theory. In this chapter, we develop results,
both old and new, created in the study of such questions. We first define the concept of a quadratic residue, an integer
a
that is a square modulo p, and establish basic properties
of quadratic residues. We introduce the Legendre symbol, a notation that tells us whether an integer is a quadratic residue of p, and develop its basic properties. We state and prove two important criteria, discovered by Euler and by Gauss, for determining whether
a
is
a quadratic residue modulo p, and use these criteria to determine whether -1and2 are quadratic residues of p. We also show that an integer that is a perfect square modulo pq, where p and q are primes, has exactly four incongruent square roots modulo pq. Modular square roots are used extensively in cryptography, such as in a protocol for fairly choosing a random bit ("flipping a coin electronically"). We will also illustrate (in the last section of the chapter) how modular square roots can be used in an interactive protocol to show that a person has some secret information, without revealing this information. Suppose that p and q are distinct odd primes. We can ask whether p is a square modulo q and whether q is a square modulo p. Is there any relationship between the answers to these two questions? In this chapter, we will show that these answers are closely related in a way specified by the famous theorem called the law of quadratic reciprocity. This law was observed by Euler and Legendre, and ultimately proved by Gauss at the end of the eighteenth century. We will present one of the many proofs of this famous theorem, selected because it is one of the easiest to understand. The law of quadratic reciprocity has both theoretical and practical implications. We show how it can be used in computations and to prove useful results, such as Pepin's test, which can be used to determine whether Fermat numbers are prime. The Legendre symbol, which tells us whether an integer is a quadratic residue mod ulo p, can be generalized to the Jacobi symbol. We will establish the basic properties of Jacobi symbols and show that they satisfy a reciprocity law that is a consequence of the law of quadratic reciprocity. We show how Jacobi symbols can be used to simplify com putations of Legendre symbols. We also use Jacobi symbols to introduce a particular type of pseudoprime, known as an Euler pseudoprime, which is an integer that masquerades as a prime by satisfying Euler's criteria for quadratic residues. We will use this concept to develop a probabilistic primality test.
415
416
Quadratic Residues
11.1
Quadratic Residues and Nonresidues Let p be an odd prime and a an integer relatively prime to p. In this chapter, we devote our attention to the question: Is a a perfect square modulo p? We begin with a definition.
Definition. If m is a positive integer, we say that an integer a is a quadratic residue of m if (a, m) 1 and the congruence x2 =a (mod m) has a solution. If the congruence x2 =a (mod m) has no solution, we say that a is a quadratic nonresidue of m. =
Example 11.1. To determine which integers are quadratic residues of 11, we compute the squares of the integers 1, 2, 3, ..., 10. We find that 12 =102 =1 (mod 11), 22 = 92 = 4 (mod 11), 32 = 82 = 9 (mod 11), 42 = 72 = 5 (mod 11), and 52 = 62 = 3 (mod 11). Hence, the quadratic residues of 11 are 1, 3, 4, 5, 9; the integers 2, 6, 7, 8, 10 are .,.. quadratic nonresidues of 11. Note that the quadratic residues of the positive integer m are just the kth power residues of m with k 2, as defined in Section 9.4. We will show that if p is an odd prime, then there are exactly as many quadratic residues as quadratic nonresidues of p among the integers 1, 2, ..., p - 1. To demonstrate this fact, we use the following lemma. =
Lemma 11.1. congruence
Let p be an odd prime and a an integer not divisible by p. Then, the 2 x =a(mod p)
has either no solutions or exactly two incongruent solutions modulo p.
Proof. If x2 =a (mod p) has a solution, say, x x0, then we can easily demonstrate that x -x0 is a second incongruent solution.Because ( -x0) 2 x5 =a (mod p), we see that -x0 is a solution. We note that x0 ¢=. -x0 (mod p), for if x0 = -x0 (mod p), then we have 2x0 =0 (mod p). This is impossible by Lemma 3.5 because p is odd and pl x0.(We see that pl x0 by noting that x5 =a (mod p) and p l a.) =
=
=
To show that there are no more than two incongruent solutions, assume that x x0 and x x1 are both solutions of x2 =a (mod p). T hen we have x5 = x� =a (mod p), =
=
(x0 + x1)(x0 - x1) =0 (mod p).Hence, p I (x0 + x1) or p I (x0 - x1), so that x1 = -x0 (mod p) or x1 =x0 (mod p).Therefore, if there is a solution of x2 =a • (mod p), there are exactly two incongruent solutions. so that x5 - x�
=
This leads us to the following theorem.
Theorem 11.1. If p is an odd prime, then there are exactly (p - 1) /2 quadratic residues of p and (p - 1) /2 quadratic nonresidues of p among the integers 1, 2, ..., p - 1. Proof. To find all the quadratic residues of p among the integers 1, 2, ... , p - 1, we compute the least positive residues modulo p of the squares of the integers 1, 2, ... , p 1. Because there are p - 1 squares to consider, and because each congruence x2 =a (mod p) has either zero or two solutions, there must be exactly (p - 1) /2 quadratic residues of
11.1 Quadratic Residues and Nonresidues p among the integers
l, 2,
.
positive integers less than p
-1 .
.
•
p
- 1.
are
The rema ining p
- 1 - - 1) /2 (p
=
quadratic nonresidues of p.
(p
417
- 1) /2
•
Primitive roots and indices, studied in Chapter 9, provide an alternative method for proving results about quadratic residues.
Theorem 11.2.
Let p be a prime and let
r be a primitive root of p. If a is an integer
not divisible by p, then a is a quadratic residue of p if ind,.a is even, and a is a quadratic nonresidue of p if ind,.a is odd.
Proof
Suppose that indra is even. Then
(rindraf2)2 =a (mod p). which shows that a
is a quadratic residue of p.Now suppose that a is a quadratic residue of p.Then there exists an integer x such that x2 =a (mod p).It follows that ind,.x2
=
ind,a.By Part (iii)
of Theorem 9.16, it follows that 2 ind,.x - ind,.a (modcp(p)). so ind,a is even.We have ·
shown that a is a quadratic residue of p if and only if ind,.a is even.It follows that a is a quadratic nonresidue of p Note that by Theorem nonresidue of p.
if and only if ind,.a is odd.
11.2,
•
every primitive root of an odd prime p is a quadratic
We illustrate how the relationship between primitive roots and indices and quadratic
11.1.
residues can be used to prove results about quadratic residues by giving an alternative proof of Theorem
Proof
residues of p among the integers r.
1, 2, -1 1 � k � - 1.
Let p be an odd prime with primitive root ... , p
r. By Theorem
exactly (p
- 1)/2
such integers.
p
the quadratic
are those with even index to the base
It follows that the quadratic residue of p in this set
rk, where k is an even integer with
11.2,
are
the least positive residues of
The result follows because there
are •
The special notation associated with quadratic residues is described in the following definition. Let p be an odd prime and a be an integer not divisible by p.The Legendre
Definition. symbol
(i)
is defined by
if a is a quadratic residue of p;
if a is a quadratic nonresidue of p.
V
This symbol is named after the French mathematician
Adrien-Marie Legendre, who
introduced the use of this notation.
Example 11.2. The previous example shows that the Legendre symbols 2, . have the following values:
1, .. , 10,
-(�)-(�)(�) 11_11_ 11_(�)11_(�)-1 11_' (:1) (:1) (:1) (181) (��) -1. =
=
=
=
=
(f1),
a
=
418
Quadratic Residues We now present a criterion for deciding whether an integer is a quadratic residue of a prime. This criterion is useful in demonstrating properties of the Legendre symbol. Theorem 11.3.
Let p be an odd prime and let a be an integer not
Euler's Criterion.
divisible by p.Then
(;) =aCP-ll/l (i)
(mod p).
1. Then, the congruence x2 =a (mod p) has a solution,
Proof.
First, assume that
say x
x0• Using Fermat's little theore� we see that a( p-1)/2 (x5)(p-l/2) xc-1 =1 (mod p).
=
=
=
=
Hence, if Now
(i) =aCP-1)/2 (mod p). consider the case where (i) - 1. Then the congruence x2 =a (mod p) has
(i)
=
1, we know that
=
no solutions. By Corollary 4.1 1 .1, for each integer i with (i, p) 1 there is an integer j such that ij = a (mod p ). Furthermore, because the congruence x2 = a (mod p) has no solutions, we know that i #= j. Thus, we can group the integers 1, 2, ... , p - 1 into (p - 1)/2 pairs, each with product a. Multiplying these pairs together, we find that =
(p - 1) != a(p-l)/l (mod p). Because Wtlson's theorem tells us that (p
-
1)! = - 1 (mod p), we see that
- 1 = a
(i) = a
Example 11.3.
23 and a
tells us that
(�)
Let p =
=
=
S. Because
•
511 = - 1 (mod 23), Euler's criterion
- 1. Hence, 5 is a quadratic nonresidue of 23.
We now prove some properties of the Legendre symbol.
ADRIEN-MARIE LEGENDRE (1752-1833) was bom into a well-to-do fam
ily. He was a professor at the Ecole Militaire in Paris from 1775 to 1780. In 1795, he was appointed professor at the Ecole No.rmale. His memoir Recherches
d'Analyse Indeterminee, published in 1785, contains a discussion of the law of
quadratic reciprocity, a statement of Dirichlet's theorem on primes in arithmetic
progressions, and a discussion of the representation of positive integers as the sum of three squares. He established then
=
5 case of Fermat's last theorem.
Legendre wrote a textbook on geometry, Elements de geomitrie, that was used
for
more
than 100 years and
served
as a model for other textbooks. Legendre made fundamental
discoveries in mathematical astronomy and geodesy, and gave the first treatment of the law of least
squares.
"'ill
11.1
Theorem 11.4.
Let
a= b (mod p), then
if
(ii)
(5J;)(%) =(a;); (�) =1.
Proofof(i). (mod
If a=b (mod
(!J;) =(%);
p), then x2=a (mod p) has a solution if and only if x2=b
p) has a solution. Hence
Proofof (ii).
(!];) =(%) .
By Euler's criterion, we know that
( ;)
(!)
2 =a(p-l)/ (mod p),
and
( :) a
Hence,
419
p be an odd prime and a and b be integers not divisible by p. Then
(i)
(iii)
Quadratic Residues and Nonresidues
(;)(!)
2 =b(p-l)/ (mod p),
2 = (ab)(p-l)/ (mod p).
2 2 =a(p-l)/ b(p-l)/
= (ab)(p-1)/2= ( a: )
(mod
p).
Because the only possible values of a Legendre symbol are ±1, we conclude that
(;)(!)=(a;).
Proofof (iii).
Because
(!J;) =
± 1, from part (ii) it follows that
•
Part (ii) of Theorem 11.4 has the following interesting consequence. The product of two quadratic residues, or of two quadratic nonresidues, of a prime is a quadratic residue of that prime, whereas the product of a quadratic residue and a quadratic nonresidue of a prime is a quadratic nonresidue.
11.3 and 11.4 can be constructed using the concepts of primitive roots and indices, together with Theorem 11.2. (See Exercises 30 and 31 at the end of this section.) Relatively simple proofs of Theorems
When is -1 a Quadratic Residue of the Prime p? -1 a quadratic residue? Because 2 2= -1 (mod 5), 52= -1 (mod 13), and 42= -1 (mod 17), we see that -1 is a quadratic residue of 5, 13, and 17. However, it is easy to see (as the reader should verify) that the congruence x2= -1 (mod p) has no solution when p 3, 7, 11, and 19. This evidence leads to the conjecture that -1 is a quadratic residue of the prime p if and only if p = 1 (mod 4). For which odd primes not exceeding 20 is
=
420
Quadratic Residues Using Euler's criterion, we can prove this conjecture.
Theorem 11.5.
If p is an odd prime, then
( ) { -1
p
Proof
=
if p= 1 (mod4); if p= -1 (mod4).
By Euler's criterion, we know that
(� ) l
If p=
1 -1
1 (mod4), then p
=
l = (-l)(p- )/2 (mod p).
4k + 1 for some positive integer k. Thus, (-l)(p-1)/2
so that
( -;1 )
=
1.If p= 3 (mod4), then p (-l)(p-1)/2
so that
( -;1 )
=
=
=
=
(-1)2k
=
1,
4k + 3 for some positive integer k. Thus,
(-1)2k+l
=
-1,
-1.
•
Gauss's Lemma
The following elegant result of Gauss provides another criterion to determine whether an integer a relatively prime to the prime p is a quadratic residue of p.
Lemma 11.2. Gauss's Lemma. Let p be an odd prime and a an integer with (a, p) 1.Ifs is the number ofleast positive residues ofthe integers a, 2a, 3a, ..., ((p - 1)/2)a =
that are greater than p/2, then
( i)
=
(-1)8.
Proof Consider the integers a, 2a, ..., ((p - l)/2)a.Let ui. u2, ... , us be the least positive residues of those that are greater than p/2, and let vi. v2, ... , vt be the least positive residues of those integers that are less than p/2.Because (j a, p) 1 for all j with 1 :::::: j :::::: (p - 1) /2, these least positive residues are in the set 1, 2, ..., p - 1. =
We will show that p - ui. p - u2, ... , p - us, vi. v2, ... , vt comprise the set of integers 1, 2, ..., (p - 1)/2, in some order.To see this, we need only show that no two of these integers are congruent modulo p, because there are exactly (p - 1)/2 numbers in the set and all are positive integers not exceeding (p - 1) /2. Clearly, no two ofthe ui are congruent modulo p and no two of the vj are congruent modulo p; if a congruence of either of these two sorts held, we would have ma= na (mod p), where m and n are both positive integers not exceeding (p - 1) /2. Because p 1 a, this would imply that m= n (mod p), which is impossible. In addition, one of the integers p - ui cannot be congruent to a vj, for if such a congruence held, we would have ma= p - na (mod p), so that ma= -na (mod p). Because p 1 a, this would imply that m= -n (mod p), which is impossible because both m and n are in the set 1, 2, ..., (p - 1) /2.
11.1
Quadratic Residues and Nonresidues
421
Now that we know that p - ui. p - u2, . . . , p - u , vi. v2, ... , vt are the integers s 1, 2, ... , (p - 1)/2, in some order, we conclude that
(p - U1)(p - U2)
·
·
·
(p - U )V1V2 s
·
·
·
=
Vt
(
p
�
l
)
!
which implies that
(11.1) But, because ui. u2, ... , u , Vi. v2, ... , vt are the least positive residues of a, 2a, ... ,
s ((p - l)/2)a we also know that
U1U2 ... U V1V2 ... Vt= a . 2a . .. ((p - l)/2))a s
(11.2)
p-1
= a-2 ((p - 1)/2)! (mod p).
Hence, from (11.1) and (11.2), we see that -1
p (-l)sa 2 ((p - 1)/2)! = ((p - 1)/2)! (mod p).
Because (p, ((p - 1)/2)!) = 1, this congruence implies that p-1
(-l)sa-2 = 1 (mod p). By multiplying both sides by (-l)s, we obtain p-1
a-2 = (-l)s (mod p). P 1
Because Euler's criterion tells us that a � =
(; )
( 5J;)
(mod p), it follows that
= (-l)s (mod p),
establishing Gauss's lemma.
Example 11.4.
•
Let a = 5 and p = 11. To find
the least positive residues of 1
( {1 )
by Gauss's lemma, we compute
5, 2 5, 3 5, 4 5, and 5 5. T hese are 5, 10, 4, 9, and 3, respectively. Because exactly two of these are greater than 1112, Gauss's lemma tells
us that
( f1 )
=
·
·
·
·
( -1)2 = 1.
·
.,..
When is 2 a Quadratic Residue of a Prime p? 2 2 2 6 = 2 (mod 17), 5 = 2 (mod 23), 8 = 2 (mod 31), 172 = 2 (mod 41), and 7 = 2 (mod 2 47), we see that 2 is a quadratic residue of 7, 17, 23, 31, 41, and 47. However, x = 2 (mod p) has no solution when p = 3, 5, 11, 13, 19, 29, 37, and 43 (as the reader should verify). Is there a pattern to the primes p for which 2 is a quadratic residue modulo p?
For which odd primes not exceeding 50 is 2 a quadratic residue? Because 3 = 2 (mod 7),
2
2
422
Quadratic Residues Examining these primes and noting that whether 2 is a quadratic residue of p seems to depend on the congruence of p modulo 8, we conjecture that 2 is a quadratic residue of the odd prime p if and only if p
=
±1 (mod8).Using Gauss's lemma, we can prove this
conjecture. If p is an odd prime, then
Theorem 11.6.
(;)
=
(-l)(p2-l)/8.
Hence, 2 is a quadratic residue of all primes p of all primes p
Proof.
=
=
±1 (mod8) and a quadratic nonresidue
±3 (mod 8).
By Gauss's lemma, we know that ifs is the number of least positive residues of
the integers 1 .2, 2 .2, that are greater than p/2, then
( %)
3 .2, ... ((p - 1) /2) .2 '
=
(-l)s. Because all of these integers are less than p,
we need only count those greater than p/2 to find how many have least positive residues greater than p/2. The integer 2j, where 1 � j � (p - 1)/2, is less than p/2 when j � p/4. Hence, there are [p/4]integers in the set less than p/2.Consequently, there ares
=
(p - 1)/2 -
[p/4] greater than p/2.Therefore, by Gauss's lemma, we see that
(�)
=
p 1 (-l) 2 -[p/4].
To prove the theorem, it is enough to show that for every odd integer p, p-1
(1 1 .3)
-2-
- [p/4] =
p2 - 1 8
(mod 2).
Note that (1 1 .3) holds for a positive integer p if and only if it holds for p+8. This follows because (p+8) - 1 2
- [(p+8)/4]
=
(
)
p-1 2
+4
- ([p/4]+2)
p-1 =
2
- [p/4](mod 2)
and (p+8)2 - 1
p2 - 1
8
8
p2 - 1
+2p+8 =
8
(mod 2).
Thus, we can conclude that (1 1 .3) holds for every odd integer
n
if it holds for p
=
±1
and ±3.We leave it to the reader to verify that (1 1 .3) holds for these four values of p. It follows that for every prime p, we have
(%)
(%)
=
(-l)
From the computations of the congruence class of (p2 - 1) /8 (mod 2), we see that =
1 if p
=
±1 (mod 8), while
( %)
=
-1 if p
=
± 3 (mod 8).
•
11.1
423
Quadratic Residues and Nonresidues
By Theorem 11.6, we see that
Example 11.5.
( 3-) - ( _3__ ) -- ( _3__23 ) -- (_3__3 ) -
7
-
1
17
1 '
whereas
2 ( ) (�) (�) : (:3) ( 9) (;9) =
1
=
=
1
=
=
=
-1.
We now present an example to show how to evaluate some Legendre symbols. To evaluate
Example 11.6. obtain
( ) 3
N , we use parts (i),(ii), and (iii) of Theorem 11.4 to
17
1-
3 - ( 2-) - ( ) ( ) 11
because 317
=
9
To evaluate
Because 1
3=
-
-
11
11
2
1
-
'
(mod 11).
( )
�� ,because
89 =
-2
(mod 13), we have
1(mod4),Theorem 11.5 tells us that
8), we see from Theorem 11.6 that
( ) 123
=
( 1])
=
1. Because 13
( )
-1. Consequently, ��
=
=
-3
-1.
(mod
In the next section,we will state and prove one of the most intriguing and challeng
ing results of elementary number theory,the relates the values of
( �)
and
( �),
law of quadratic reciprocity. This theorem where p and q are odd primes. The law of quadratic
reciprocity has many implications,both theoretical and practical,as we will see through
out this chapter. From a computational standpoint,we will see that it can help us evaluate
Legendre symbols.
Modular Square Roots Suppose that
q are distinct odd =a (mod n) , where 0
n
congruence x2
=
pq , where p and
primes, and suppose that the =
1, has a solution x
=
x0. We
will show that there are exactly four incongruent solutions modulo n. In other words,we will show that a has four incongruent
square roots modulo n. To see this,letx0 =x1 (mod p),0
2
424
Quadratic Residues
From the Chinese remainder theorem, there are exactly four incongruent solutions of the congruence x2=a (mod n ); these four incongruent solutions are the unique solutions modulo pq of the four sets of simultaneous congruences: (i)
x =x1 (mod p)
(ii)
x =x (mod q), 2 x =x1 (mod p)
(iii)
x =p -x1 (mod p)
(iv)
x =x (mod q), 2 x =p x1 (mod p) -
x =q -x (mod q). x =q -x (mod q), 2 2 We denote solutions of (i) and (ii) by x and y, respectively. Solutions of (iii) and (iv) are easily seen to be
n
- y and
n
-x, respectively.
We also note that when p=q=3 (mod 4 ), the solutions of x2=a (mod p) and of x2=a (mod q) are x = ±a
(i)
=
1 (mod p) and a
( �)
=
1
(mod q) (recall that we are assuming that x2=a (mod pq) has a solution, so that a is a quadratic residue of both p and q). Hence, (a(p+l)/4)2
=
a
=
a
=
1 a
and (a(q+l)/4)2
=
1 a
Using the Chinese remainder theorem, together with the explicit solutions just constructed, we can easily find the four incongruent solutions of x2=a (mod
n ).
The
following example illustrates this procedure. Example 11.7.
Suppose that we know a priori that the congruence x2= 860 (mod 11,021)
has a solution. Because 11,021
=
103 107, to find the four incongruent solutions we ·
solve the congruences x2=860=36 (mod 103) and x2= 860=4 (mod 107). The solutions of these congruences are 1 x =±36< 03+l)/4 =±3626 =±6 (mod 103) and 1 x =±4 < 07+l)/4 =±427 =±2 (mod 107), respectively. Using the Chinese remainder theorem, we obtain x =±212, ±109 (mod 11,021) as the solutions of the four systems of congruences described by the four possible choices of signs in the system of congruences x = ±6 (mod 103), x =±2 (mod 107). ....
11.1 Quadratic Residues and Nonresidues
425
Flipping Coins Electronically An interesting and useful application of the properties of quadratic residues is a method to "flip coins" electronically, invented by Blum [Bl82]. This method takes advantage of the difference in the length of time needed to find primes and needed to factor integers that are the products of two primes, also the basis of the RSA cipher discussed in Chapter 8. We now describe a method for electronically flipping coins. S uppose that Bob and Alice are communicating electronically. Alice picks two distinct large primes p and q, with p _ q _3 (mod 4). Alice sends Bob the integer n = pq. Bob picks, at random, 2 a positive integer x less than n and sends to Alice the integer a with x _ a (mod n ), 2 0
y. Alice picks one of these four solutions and sends it to Bob. Note that because x + y = 2x1¢=0 (mod p) and x + y = 0 (mod q), we have (x + y, n) = q, and, similarly, (x + (n - y), n) = p. Thus, if Bob receives either y or n - y, he can rapidly factor n
n
-
by using the Euclidean algorithm to find one of the two prime factors of n. On the other hand, if Bob receives either x or n
-
x, he has no way to factor n in a reasonable length
of time. Consequently, Bob wins the coin flip if he can factor n, whereas Alice wins if Bob cannot factor n. From previous comments, we know that there is an equal chance for 2 Bob to receive a solution of x = a (mod n) that helps him rapidly factor n, or a solution 2 of x = a (mod n) that does not help him factor n. Hence, the coin flip is fair.
11.1
EXERCISES 1. Find all of the quadratic residues of each of the following integers. a)3
b)5
c) 13
d) 19
2. Find all of the quadratic residues of each of the following integers.
a) 7
b) 8
c) 15
d) 1 8
( �) for j Find the value of the Legendre symbols ( 4) for j Evaluate the Legendre symbol ( li )
3. Find the value of the Legendre symbols
=
1, 2, 3, 4.
4.
=
1, 2, 3, 4, 5, 6.
5.
a) using Euler's criterion. b) using Gauss's lemma. 6. Let a and b be integers not divisible by the prime p. Show that either one or all three of the
integers a, b, and ab are quadratic residues of p. 7. Show that if p is an odd prime, then
if p
=
1 or 3 (mod 8);
if p = -1 or -3 (mod 8).
426
Quadratic Residues
8. Show that if the prime-power factorization of n is
n
=
and q is a prime not dividing
tk 2t1+1 2t2+1 2tk+1 2 +1 2t ···Pk Pk+l ···Pm m P1 P 2
n, then ...
(�) = (�1) (� ) (�k) . 2
9. Show that if p is prime and p
=
3 (mod 4), then [(p - 1) /2] !
=
t ( - l) (mod p), where t is
the number of positive integers less than p /2 that are nonquadratic residues of p.
10. Show that if bis a positive integer not divisible by the prime p, then
(; ) (�) (�) +
+
... + +
(
(p
�
l)b
)=
0
.
11. Let p be prime and a be a quadratic residue of p. Show that if p = 1(mod4), then -a is also a quadratic residue of p, whereas if p = 3 (mod 4), then -a is a quadratic nonresidue of p.
12. Consider the quadratic congruence ax2 +bx+ c = 0 (mod p), where p is prime and a, b, and c are integers with p l a. a) Let p
=
2. Determine which quadratic congruences (mod 2) have solutions.
b) Let p be an odd prime and let d
=
b2 -4ac. Show that the congruence ax2 +bx+ c = 0
(mod p) is equivalent to the congruence y2 = d(mod p), where y
=
2ax +b. Conclude
that if d= 0 (mod p), then there is exactly one solution x modulo p; if dis a quadratic residue of p, then there are two incongruent solutions; and if dis a quadratic nonresidue of p, then there are no solutions.
13. Find all solutions of the following quadratic congruences. a) x2 + x + 1
=
b) x2 + 5x + 1
0 (mod
=
7)
0 (mod
7)
c) x2 + 3x+ 1 = 0 (mod
7)
14. Show that if p is prime and p � 7, then there are always two consecutive quadratic residues of p.
*
(Hint: First show that at least one of 2, 5, and 10 is a quadratic residue of p.)
15. Show that if p is prime and p � 7, then there are always two quadratic residues of p that differ by 2.
16. Show that if p is prime and p � 7, then there are always two quadratic residues of p that differ by 3.
17. Show that if a is a quadratic residue of the prime p, then the solutions of x2 = a (mod p) are a) x = ±an+l (mod p), if p 4n + 3.
= =
b) x = ±an+l or ±22n+lan+1 (mod p), if p
*
18. Show that if p is a prime and p of x2
=
=
8n + 5.
8n + 1, and r is a primitive root modulo p, then the solutions
±2 (mod p) are given by x
=
±(r1n ± rn) (mod p),
where the ± sign in the first congruence corresponds to the ± sign inside the parentheses in the second congruence.
427
11.1 Quadratic Residues and Nonresidues
19. Find all solutions of the congruence x
2
=
1 (mod 1 5).
2
20. Find all solutions of the congruence x = 58 (mod 77). 2
21. Find all solutions of the congruence x = 207 (mod 1001). 22. Let
p be an odd prime,
p.
e a positive integer, and a an integer relatively prime to Show that 2 the congruence x =a (mod e ) has either no solutions or exactly two incongruent solutions.
p
*
23. Let
p be an odd prime,
p.
a positive integer, and a an integer relatively prime to Show that 2 l there is a solution to the congruence x =a (mod pe+ ) if and only if there is a solution to 2 2 the congruence x =a (mod p e ). Use Exercise 22 to conclude that the congruence x =a
(mod
e
pe) has no solutions ifa is a quadratic nonresidue of p, and exactly two incongruent p ifa is a quadratic residue of p.
solutions modulo
24. Let n be an odd integer.Find the number ofincongruent solutions modulo n of the congruence 2 x =a (mod
n),
where
Legendre symbols
n
has prime-power factorization
(;J , ... , (;m )
n
. (Hint: Use Exercise
=
p�1p�2
•
p�, in terms of the
•
•
23.)
25. Find the number of incongruent solutions of each of the following congruences. 2 a) x = 31 (mod 7 5) 2 b) x = 16 (mod 10 5) *
2 c) x = 46 (mod 2 31) 23 5 2 6 d) x = 11 56 (mod 3 5 7 11 ) 2
26. Show that the congruence x =a (mod 2e), where e is an integer, e :=:: 3, has either no solutions
2 2 or exactlyfour incongruent solutions.(Hint: Use the fact that (±x) = (2e-l ± x) (mod 2e).)
27. Show that there are infinitely many primes oftheform 4k + 1.(Hint: Assume that pi. p2, ... , Pn are the only such primes.Form N
=
4(p1p2
•
·
•
2 Pn) + 1, and show, using Theorem 11.5,
that N has a prime factor of the form 4k+1 that is not one of Pi. p2, *
.
•
, Pw)
.
28. Show that there are infinitely many primes of each of the following forms. a)8k+3
b)8k+ 5
c)8k+7
(Hint: For each
part, assume that there are only finitely many primes Pi. p2, , Pn of the 2 2 Pn) + ), look at (p1p for part + 2 Pn) ; (b particular form.For part (a), look at (p1p2 2 2 4; and for part (c), look at (4p1p2 Pn) - 2. In each part, show that there is a prime factor .
•
·
•
•
·
•
•
•
•
·
•
ofthis integer ofthe requiredform not among the primes pi. p2, ... , Pw Use Theorems 11.5 and 11.6.)
29. Let
p and q be odd primes with p q =
=
pq. pq is a quadratic
3 (mod 4) and let a be a quadratic residue of n
Show that exactly one of the four incongruent square roots of a modulo
=
residue of n.
30. Prove Theorem 11.3 using the concept of primitive roots and indices. 31. Prove Theorem 11.4 using the concept of primitive roots and indices. 32. Let p be an odd prime. Show that there are
*
33.
*
34.
*
35.
(p - 1)/2 - ¢ (p - 1) quadratic nonresidues of
p that are not primitive roots of p. Let p and q 2p + 1 both be odd primes.Show that the p - 1 primitive roots of q are the quadratic nonresidues of q, other than the nonresidue 2p of q. Show that if p and q 4p+1 are both primes and ifa is a quadratic nonresidue of q with ord a 'f=. 4, then a is a primitive root of q. q Show that a prime p is a Fermat prime if and only if every quadratic nonresidue of p is also a primitive root of p. =
=
428
*
Quadratic Residues 36. Show that a prime divisor p ofthe Fermat number F (Hint: Show that ordP2
=
2n+I. Then show that
Conclude that 2n+l I (p - 1)/2.) *
n
=l + 22n
2
+
=
lmust be oftheform2n+2k
1.
1 (mod p) using Theorem 1 1.6.
= +
37. a) Show that if p is a prime of the form 4k 3 and q 2p 1 is prime, then q divides the P Mersenne number MP 2 - 1. (Hint: Consider the Legendre symbol
=
( �).)
b) From part (a), show that 231M11 ,471M 3, and 5031M1s1· 2 *
+
38. Show that if n is a positive integer and 2n
+
1 is prime, and if n
=
+ +
0 or 3(mod 4), then 2n
1
dividestheMersenne number M = 2n - 1, whereas ifn = lor2(mod4), then2n ldivides n 2 2n 1. (Hint: Consider the Legendre symbol and use Theorem 11.5.) M n 2n l
+= +
(
�
)
39. Show that if p is an odd prime, then every prime divisor q ofthe Mersenne number MP must be ofthe form q
=
8k ±
1,
where k is a positive integer. (Hint: Use Exercise 38.)
40. Show how Exercise 39, together with Theorem 7.12, can be used to help show that M17 is prime.
*
41. Show that if p is an odd prime, then
I: e(j + I))= p
j=l
(Hint: First show that *
e(jp+l)) = ('; ) 1
. where
-1.
} is an inverse
j
of modulo p.)
42. Let p be an odd prime. Among pairs of consecutive positive integers less than p, let
(RN), (NR), (NN) and
(RR),
denote the number of pairs of two quadratic residues, of a quadratic
residuefollowed by a quadratic nonresidue, ofa quadratic nonresidue followed by a quadratic residue, and of two quadratic nonresidues, respectively. a) Show that
(RR)+(RN)= _! (NR)+ (NN)= _! (RR)+ (NR)= 2, (RN)+(NN)= 2, ( 2
2 1 1
(p -2 - (-l)(p-l)/2) (p - 2
+ (- ) p- )/ ) l(
l 2
(p - 1) - 1 p - 1).
b) Using Exercise 41, show that
I: e(j +I))= (RR)+ (NN)- (RN)- (NR)= p
j=l
c) From parts (a) and
(b),
find
-1.
(RR), (RN), (NR), (NN). and
43. Use Theorem 9.16 to prove Theorem 1 1.1. *
44. Let p and q be odd primes. Show that 2 is a primitive root of q, if q
= + 4p
1.
11.1 Quadratic Residues and Nonresidues
*
45. Let p and q be odd primes. Show that 2 is a primitive root of q, if p is of the form 4k + 1 andq
*
=
2p + 1.
46. Let p and q be odd primes. Show that -2is a primitive root of q, if p is of the form 4k - 1 andq
*
=
2p + 1.
47. Let p and q be odd primes. Show that -4 is a primitive root of q, if q 48. Find the solutions of x2
*
429
=
482 (mod 2773) (note that 2773
=
=
2p + 1.
47 59). ·
49. In this exercise, we develop a method for decrypting messages encrypted using a Rabin cipher. Recall that the relationship between a ciphertext block C and the corresponding plaintext block Pin a Rabin cipher is C
=
P(P+ 2b) (mod n), wheren
=
pq, p and q are distinct
odd primes, and b is a positive integer less thann. a) Show that C +a= (P+ 2b)2 (modn), where a= (2b)2 (modn), and 2 is an inverse of 2modulon. b) Using the algorithm in the text for solving congruences of the type x2= a (mod n), together with part (a), show how to find a plaintext block P from the corresponding ci phertext block C. Explain why there are four possible plaintext messages. (This ambiguity is a disadvantage of Rabin ciphers.) c) Decrypt the ciphertext message 1 819 0459 0803 that was encrypted using the Rabin cryptosystem with b
=
3 andn
=
47 59 ·
=
2773.
50. Let p be an odd prime, and let C be the ciphertext obtained in modular exponentiation, with exponent e and modulus p, from the plaintext P, that is, C
(e,p - 1)
=
=
pe (mod p ), 0
<
C
< n,
where
1. Show that C is a quadratic residue of p if and only if Pis a quadratic residue
of p. *
51. a) Show that the second player in a game of electronic poker (see Section 8.6) can obtain an advantage by noting which cards have numerical equivalents that are quadratic residues modulo p. (Hint: Use Exercise 50.) b) Show that the advantage of the second player noted in part (a) can be eliminated if the numerical equivalents of cards that are quadratic nonresidues are all multiplied by a fixed quadratic nonresidue.
*
52. Show that if the probing sequence for resolving collisions in a hashing scheme is hi(K)= h(K) +a j + bj2 (mod m), where h(K) is a hashing function, m is a positive integer, and a
and b are integers with (b, m)
=
1, then only half the possible file locations are probed. This
is called the quadratic search. We say that x and y form a chain of quadratic residues modulo p if x, y, and x + y are all quadratic residues modulo p.
53. Find a chain x, y, x + y of quadratic residues modulo 1 1. 54. Is there a chain of quadratic residues modulo 7?
Computations and Explorations 1. Find the value of each of the following Legendre symbols:
(
6,818,811 15,454,356,666,611
)
.
( 4ii��9), (
2
2ff,5�'6�2
1 15
2
,
07
)
, and
Quadratic Residues
430
2. Show that the prime p= 30,059,924,764,123 has
(i) = -1 for all primes q with 2::: q :::
181. xi. x2, , Xn, where n is a positive integer, is called chain of quadratic residues if all sums of consecutive subsets of these numbers are quadratic residues. Show
3. A set of integers
•
•
•
that the integers l, 4, 45, 94, 261, 310, 344, 387, 393, 394, and 456 form a chain of quadratic residues modulo 631. (Note: There are 66 values to check.) 4. Find the smallest quadratic nonresidue of each prime less than 1000. 5. Find the smallest quadratic nonresidue of 100 randomly selected primes between 100,000
and 1,000,000, and 100 randomly selected primes between 100,000,000 and 1,000,000,000. Can you make any conjectures based on your evidence? 6. Use numerical evidence to determine for which odd primes
p there are more quadratic residues a of p with 1 ::: a ::: (p - 1)/2 than there are with (p + 1)/2 ::: a ::: p - 1.
7. Let p be a prime with p = 3 (mod 4). It has been proved that if R is the largest number of
consecutive quadratic residues of p and N is the largest number of consecutive quadratic nonresidues of p, then R = N
<
,JP. Verify this result for all primes of this type less than
1000. 8. Let p be a prime with p = 1 (mod 4). It has been conjectured that if N is the largest number
of consecutive quadratic nonresidues of p, then N
<
,JP when p is sufficiently large . Find
evidence for this conjecture. For which small primes does this inequality fail? 9. Find the four modular square roots of 4,609,126 modulo 14,438,821=4003 3607. ·
10. Find the square roots of 11,535 modulo 142,661. Which one is a quadratic residue of 142,661?
Programming Projects 1. Evaluate Legendre symbols using Euler's criterion. 2. Evaluate Legendre symbols using Gauss's lemma. 3. Given a positive integer n that is the product of two distinct primes both congruent to 3 modulo
4, find the four square roots of the least positive residue of x 2, where x is an integer relatively
prime ton. * **
4. Flip coins electronically using the procedure described in this section. 5. Decrypt messages that were encrypted using a Rabin cryptosystem (see Exercise 49).
11.2
The Law of Quadratic Reciprocity Suppose that p and q
are
distinct odd primes. Suppose further that we know whether
q is a quadratic residue of p. Do we also know whether p is a quadratic residue of
q?
The answer to this question was found by Euler in the mid-1700s. He found the answer by examining numerical evidence, but he did not prove that his answer was correct.
G
Later, in 1785, Legendre reformulated Euler's answer, in its modem, elegant form, in a theorem known as the law of quadratic reciprocity. This theorem tells us whether the congruence x2 x2
-
-
p (mod q).
q (mod p) has solutions, once we know whether there are solutions of
11.2
Theorem
11.7.
The
Law
The Law of Quadratic Reciprocity
of Quadratic Reciprocity.
primes. Then
( )( ) p
q
-
-
q
p
=
(-1)
p-1 q-l . 2 2
Let
p
431
and q be distinct odd
•
Legendre published several proposed proofs of this theorem, but each of his proofs contained a serious gap. The first correct proof was provided by Gauss, who claimed to have rediscovered this result when he was 18 years old. Gauss devoted considerable attention to his search for a proof. In fact, he wrote that "for an entire year this theorem tormented me and absorbed my greatest efforts until at last I obtained a proof."
Once Gauss found his first proof in 1796, he continued searching for additional proofs. He found at least six different proofs of the law of quadratic reciprocity. His goal in looking for more proofs was to find an approach that could be generalized to higher powers. In particular, he was interested in cubic and biquadratic residues of primes; that
is, he was interested in determining when, given a prime p and an integer a not divisible by
p, the congruences x3 =a
(mod
p) and x4 =a
(mod
p) are solvable. With his sixth
proof, Gauss finally succeeded in his goal, as this proof could be generalized to higher powers. (See [lrRo95], [Go98], and [LeOO] for more information about Gauss's proofs and the generalization to higher power residues.) Finding new and different approaches did not stop with Gauss. Some of the well known mathematicians who have published original proofs of the law of quadratic reciprocity are Cauchy, Dedekind, Dirichlet, Kronecker, and Eisenstein. One count in
G
1921 stated that there were 56 different proofs of the law of quadratic reciprocity, and in 1963 an article published by M. Gerstenhaber [Ge63] offered the 152nd proof of the law of quadratic reciprocity.In 2000, Franz Lemmermeyer [LeOO] compiled a comprehensive list of 192 proofs of quadratic reciprocity, noting for each proof the year, the prover, and the method of proof. Lemmermeyer maintains a current version of this on the Web; as of early 2010, 233 different proofs were listed. Not only does he add new proofs to this list, but he also adds overlooked older proofs. According to his count, Gerstenhaber's proof is number 159, and 34 of the proofs were completed in the last ten years. It will be interesting to see if new proofs continue to be found at the rate of one per year. (See Exercise 17 for an outline of the 221st proof.) Although many of the different proofs of the law of quadratic reciprocity are similar, they encompass an amazing variety of approaches. The ideas in different approaches can have useful consequences. For example, the ideas behind Gauss's first proof, which is a complicated argument using mathematical induction, were of little interest to mathematicians for more than 175 years, until they were used in the 1970s in computations in an advanced area of algebra known as K-theory. The version of the law of quadratic reciprocity that we have stated and proved is different from the version originally conjectured by Euler. This version, which we now state, turns out to be equivalent to the version we have stated as Theorem 11. 7. Euler formulated this version based on the evidence of many computations of special cases.
432
Quadratic Residues
Suppose that p is an odd prime and a is an integer not divisible by p.
Theorem 11.8.
If q is a prime with p
=
±q (mod4a), then
(!Ji) (�). =
This version of the law of quadratic reciprocity shows that the value of the Legendre sy mbol
(!Ji)
depends only on the residue class of p modulo4a, and that the value of r
takes the same value for all primes p with remainder
or4a -
r
(!Ji)
when divided by 4a.
We leave it to the reader as Exercises 10 and 11 to show that this form of the law of quadratic reciprocity is equivalent to the form given in Theorem 11 . 7. We also ask the reader to prove, in Exercise 12, this form of quadratic reciprocity directly, using Gauss's lemma. Before we prove the law of quadratic reciprocity, we will discuss its consequences and how it is used to evaluate Legendre sy mbols. We first note that the quantity(p - 1) /2 =
is even when p
2 2
P
1
·
q
l
=
1 (mod 4) and odd when p
is even ifp
=
l(mod4) orq
=
3 (mod 4). Consequently, we see that
l(mod4), whereas
2 2
P
1
·
q
l
is odd ifp
=q =
3
(mod4). Hence, we have
( ) (9._) { p
q
=
p
1 -1
�
p
q
-
{
-
(;) (;)
1(mod4) or q
=q =
1f p
Because the only possible values of
()
=
fp
(*) =
if p
=q =
(;)
are ± 1, we see that =
1(mod4) or q
(*) (;) (*) (;)
dratic reciprocity tells us that
( g) ( �), =
= -
( g) ( g). =
.
=q =
1 (mod 4), the law of qua
and from part (iii) of Theorem 11.4, it follows that
( g)
quadratic reciprocity, we know that
( 1i) (�) =
=
( l9)
= -
( i) 1
( �) (i�) =
.
=q =
3 (mod 4), by the law of
From part (i) of Theorem 11.4,
. Again, using the law of quadratic reciprocity, because 5
(�) (�) (�) (�)
3 (mod 4), we have
Theorem 11.6, we know that
=
=
= 1.
= 1.
Let p = 7 and q = 19. Because p
Example 11.9.
(mod4) and 7
, unless both p and q are
By part(i) of Theorem 11.4, we know that
Combining these equalities, we conclude that
we see that
=
Let p = 13 and q = 17. Because p
Example 11.8.
1(mod4)(or both);
3(mod4).
This means that if p and q are odd primes, then congruent to 3 modulo4, and in that case,
1(mod4)(or both);
3(mod4).
and
if p
=
=
1
. By part (i) of Theorem 11.4 and
= -1. Hence,
( l9)
= 1.
11.2
The Law of Quadratic Reciprocity
433
We can use the law of quadratic reciprocity and Theorems 11.4 and 11.6 to evaluate Legendre symbols. Unfortunately, prime factorizations must be computed to evaluate Legendre symbols in this way.
Example 11.10.
We will calculate
(?�)
(note that 1009 is prime). We factor 713
=
23 31, so that by part(ii) of Theorem 11.4, we have ·
( ) ( �
· 23 31
=
1009
1009
) (�)(�). =
1009
1009
To evaluate the two Legendre symbols on the right side of this equality, we use the law of quadratic reciprocity. Because 1009 - 1(mod4), we see that
( ) ( ) (�) ( ) 23 ' 23
1009
1009
=
1009
=
1009
31
·
Using Theorem 11.4, part(i), we have
( ) (��). ( ) (��)9
1
:
1 9 �
=
=
By parts(ii) and (iii) of Theorem 11.4, it follows that
(�) c:�s) G:)(�) G ) =
=
=
3
.
The law of quadratic reciprocity, part(i) of Theorem 11.4, and Theorem 11.6 tell us that
( ) ( :) (�) (�) (�)
Thus,
( 1��9)
2
: 3
=
=
=
=
=
=
-1.
-1.
Likewise, using the law of quadratic reciprocity, Theorem 11.4, and Theorem 11.6, we find that
(��) (��) (��) (�1) ( ) ( ) (�) (�) -G) -(D - (�) 7
=
=
=
Consequently, Therefore,
A
G
( 1�) ( ?0�9)
=
=
=
7
17
=
=
=
17
=
=
-1.
-1.
=
(-1)(-1)
=
1.
Proof of the Law of Quadratic Reciprocity
We now present a proof of the law of quadratic reciprocity originally given by Max Eisen stein. This proof is a simplification of the third proof given by Gauss. This simplification
434
Quadratic Residues
was made possible by the following lemma of Eisenstein, which will help us reduce the proof of the law of quadratic reciprocity to counting lattice points in triangles. Lemma 11.3.
If p is an odd prime and a is an odd integer not divisible by p, then
( ;)
=
(-l)T(a,p),
where
(p-1)/2
T(a, p) = L [ja/p]. j=l
Consider the least positive residues of the integers a, 2a, ...,
Proof.
u1, u2,
•
•
•
,
u8 be those greater than p/2 and let vlt v2,
•
•
•
( (p
-
1)/2)a; let
, v1 be those less than p/2.
The division algorithm tells us that
ja
=
where the remainder is one of the sort, we obtain
p[ja/p]+
remainder,
u i or vi.By adding the (p - 1) /2 equations of this
(p-1)/2
(p-1)/2
s
t
j=l
j=l
j=l
j=l
L ja= L p[j a/p]+ L"i+ LVi.
(11.4)
v1,
•
•
•
,
-
- u1, , p u,,, v, are precisely the integers 1, 2, ... , (p -1)/2,in someorder.Hence, summing
As we showed in the proof of Gauss's lemma, the integers p
•
•
•
FERDINAND GO'ITHOLD MAX EISENSTEIN (1823-1852) suffered from poor health his entire life. He moved with his family to England, Ire land, and Wales before returning to Germany. In Ireland, Eisenstein met Sir William Rowan Hamilton. who stimulated his interest in mathematics by giv ing him a paper that discussed the impossibility of solving quintic equations in radicals. On his return to Germany in 1843, at the age of 20, Eisenstein ent.ered the University of Berlin. Eisenstein amued the mathematical community when he quickly began producing new results soon after entering the university. In 1844, Eisenstein met Gauss in GOttingen. where they discussed reciprocity for cubic residues. Gauss was ex1remely impressed by Eisenst.ein, and 1ried to obtain financial support for him. Gauss wrote to the explorer and scientist Alexander von Humboldt that the talent Eisenstein had was "that nature bestows upon only a few in each century." Eisenstein was
amazingly prolific. In 1844, he published 16 papers in Volume 27 of Crelle's Journal alone. In the third semester of his studies, he received an honorary doctorate from the University of Breslau. Eistenst.ein was appointed to an unsalarid e position as a Privatdozent at the University of Berlin; however, after 1847, Eisenstein's health worsened
so
much that he was mostly confined to bed. Nevertheless, bis
mathematical output continued unabated. After spending a year in Sicily in a futile attempt to improve his health, he returned to Germany, where he died from tuberculosis at the age of 29. His early death was considered a tremendous loss by mathematicians.
11.2 The Law of Quadratic Reciprocity
435
all these integers, we obtain
(p-1)/2
(11.5)
L
j=
j=l
Subtracting
t
s
L (P - ui)+ L vi= ps - L ui+ L vi. j=l
j=l
(11.5) from (11.4), (p-1)/2
L
ja-
(p-1)/2
i=
L
L
j=l
j=l
j=l
j=l
j=l
we find that
(p-1)/2
or, equivalently, because
t
s
s
p[ja/p]- ps+2 L ui j=l
T(a, p) = L, 1:_�l)f2[ja/p],
j
�-DP
(a- 1)
s
j = pT(a, p) - ps+2 L u j·
L
j=l
j=l
Reducing this last equation modulo 2, because a and 0
=
p are odd,
yields
T(a, p) - s (mod 2).
Hence,
T(a, p) = s (mod 2). To finish the proof, we note that from Gauss's lemma,
s = (-l)T(a,p), it follows that
Consequently, because (- l)
(;)
= (-l)T(a,p).
•
Although Lemma 11.3 is used primarily as a tool in the proof of the law of quadratic reciprocity, it can also be used to evaluate Legendre symbols. Example 11.11.
To find
( ?_1 )
using Lemma
11 .3 ,
we evaluate the sum
5
1: [7i111]= [7111] + [14/11]+ [21;11]+ [28/11]+ [35/11] j=l
= 0 +1+1+2+3 = 7 . Hence,
( ?_1 ) = (-1) = -1. ( V), 7
Likewise, to find 3
we note that
I: [ l1j 11]= [11;1]+ [2211]+ [33/7]= 1+3 +4= 8, j=l
436
Quadratic Residues
so that
( V) = (-1)8 =1.
Before we present a proof of the law of quadratic reciprocity, we use an example to illustrate the method of proof. Let p =7 and q =11. We consider pairs of integers (x, y) with 1 :::: x :::: (7- 1)/2= 3 and 1:::: y:::: (11- 1)/2=5. There are 15 such pairs. We note that none of these pairs satisfies 1 lx =7y, because the equality 1 lx =7y implies that 11 I 7y, so that either 11 I 7, which is absurd, or 11 I y, which is impossible because 1:::: y:::: 5. We divide these 15 pairs into two groups, depending on the relative sizes of 1 lx and
1y, as shown in Figure 11.1.
1
2
3
Figure 11.1 Counting lattice points to determine
( ?_1) ( V).
(x, y) with 1 :::: x :::: 3, 1 :::: y :::: 5, and 1 lx > 7y are precisely those pairs satisfying 1:::: x :::: 3 and 1:::: y:::: 1 lx /7. For a fixed integer x with 1 :::: x :::: 3, there are [1 lx /7] allowable values of y. Hence, the total number of pairs satisfying 1 :::: x :::: 3, 1:::: y:::: 5, and 1 lx > 1y is The pairs of integers
3
I )11j111=[11111+[22111+[33111=1+3+4= 8; j=l these eight pairs are
(1, 1 ), (2, 1), (2, 2), (2, 3), (3, 1), (3, 2), (3, 3), and (3, 4).
(x, y) with 1 :::: x :::: 3, 1 :::: y :::: 5, and 1 lx < 1y are precisely y:::: 5 and 1:::: x :::: 7y/11. For a fixed integer y with 1:::: y:::: 5, there are [7y/11] allowable values of x. Hence, the total number of pairs satisfying 1:::: x :::: 3, 1:::: y:::: 5, and 1 lx < 1y is The pairs of integers
those pairs satisfying 1::::
5
I )1j1111=[71111+[14;111+[211111+[281111+[35;111 j =l
=0+1+1+2+3=7. These seven pairs are
(1, 2), (1, 3), (1, 4), (1, 5), (2, 4), (2, 5), and (3, 5).
11.2
437
The Law of Quadratic Reciprocity
Consequently, we see that 3
5
11- 1 7- 1 -- . - =s . 3=1s = I)11j111 + I)1j1111 = s + 1. 2 2 . 1 . 1 ]= ]= Hence,
11 1 1 c-1) 2 ·72 = c-1)L�=1[11j ;1]+L�=1[1j ;111 � 11 = c-1)L =1[ j111(-1)L�=1[1j1111_ BecauseLemmall .3tells us that we see that
"' 3
( V) =(-l)L..,i=1[11 "/7] and ( {1 ) =(-l)L..,i=1[7 "/11] "'5
1
1
,
( {1 ) ( V) =(-1) 121·1121.
This establishes the special case of the law of quadratic reciprocity when p = 7 and
q =11.
We now prove the law of quadratic reciprocity, using the idea illustrated in the example.
Proof. We consider pairs of integers (x, y) with 1 :::: x :::: (p - 1)/2 and 1:::: y :::: (q 1 1)/2. There are P2 · q2 l such pairs. We divide these pairs into two groups, depending on the relative sizes of q x and py, as shown in Figure 11.2 ((p - 1)/2, (q - 1)/2)
(0, (q - 1)/2) (q-1)/2
L [pj/q] j=l
lattice points
(p--1)/2
L [qj/p] j=l
lattice points
(0, 0)
Figure 11.2 Counting lattice points to determine
((p - 1)/2, 0)
( �) ( 9p).
First, we note that qx =f=. py for all these pairs. For if qx = py, then q I py, which implies that q I p or q I y. However, because q and p are distinct primes, we know that q l p, and because 1:::: y:::: (q - 1)/2, we know that q l y. To enumerate the pairs of integers (x, y) with 1:::: x :::: (p- 1)/2, 1:::: y :::: (q - 1)/2, and qx > py, we note that these pairs are precisely those where 1:::: x :::: (p - 1)/2 and 1 :::: y :::: q x/p. For each fixed value of the integer x, with 1 :::: x :::: (p - 1)/2, there are [q x/p] integers satisfy ing 1:::: y :::: q x/p. Consequently, the total number of
438
Quadratic Residues pairs of integers
" (p-1)/2 ·; [q] p] Lj=l
(x, y)
with
1 � x � (p- 1)/2, 1 � y � (q -1)/2,
and
qx > py is
·
We now consider the pairs of integers ( x, y) with 1 � x � (p - 1)/2, 1 � y � (q - 1)/2, and qx < py. These pairs are precisely the pairs of integers (x, y) with 1 � y � (q -1)/2 and 1 � x � py/q. Hence, for each fixed value of the integer y, where 1 � y � (q -1)/2, there are exactly [py/q] integers x satisfying 1 � x � py/q. This shows that the total number of pairs of integers (x, y) with 1 � x � (p-1)/2, l /2 1 � y � (q-1)/2, and qx < py is L �� ) [pj/q].
J
Adding the numbers of pairs in these classes, and recalling that the total number of
1
such pairs is P2
·
q2l, we see that (p-1)/2
I:
[qj/p]+
(q-1)/2
I:
[pj/q]=
j=l
j=l
or, using the notation of Lemma
-1 -1 � · 7·
11.3,
T(q, p)+ T(p, q) =
p-1 q- 1 2 2
--
·
--.
Hence,
(-l)T(q,p)+T(p,q) = (-l)T(q,p)(-l)T(p,q) = Lemma 11.
3
tells us that (-l)T(q,p) =
(%)
(-1/�l·q�l.
and (-l)T(p,q) =
( :) ( �) = (-1)p�l. q�l.
( �)
.Hence
This concludes the proof of the law of quadratic reciprocity.
•
The law of quadratic reciprocity has many applications. One use is to prove the validity of the following primality test for Fermat numbers.
Theorem 11.9.
The Fermat number F
Pepin's Test.
3(Fm-l)f2
Proof.
We will first show that
theorem holds. Assume that
=
m= 22m + 1 is prime if and only if
-1 (mod Fm).
Fm is prime if the congruence in
the statement of the
Then, by squaring both sides, we obtain
3Fm-l
=
1 (mod Fm).
Using this congruence, we see that if p is a prime dividing
3Fm-l
=
1 (mod p),
Fm, then
The Law of Quadratic Reciprocity
11.2
439
and hence,
Consequently, ord 3 must be a power of 2. However, P 2 ord 3 J2 m-l = (Fm - 1)/2, p because 3CF -l)/2 = -1 (mod Fm). Hence, the only possibility is that ord 3 = 22m = P m Fm - 1. Because ord 3 =Fm - 1 ::=: p - 1 and p I Fm, we see that p =Fm and, conse P quently, Fm must be prime. 2 Conversely, ifFm = 2 m + 1 is prime form '.'.:'.: 1 , then the law of quadratic reciprocity
tells us that
m
GJ (� ) G)
(116 . )
=
=
=-1,
becauseFm= 1(mod4) andFm= 2(mod 3). Now, using Euler's criterion, we know that
(} )
(11.7)
m
By the two equations involving
3CF -1)/2 (modFm). m
=
(1t).
(11.6 ) and (11.7), we conclude that
•
This finishes the proof.
Example 11.12.
Let
m
2 = 2. ThenF = 2 2 + 1= 17 and 2 3(Fz-l)/2 = 38
=
-1(mod 17).
By Pepin's test, we see thatF = 17 is prime. 2 Let
m
32 25 = 5. ThenF5 = 2 + 1= 2 + 1 =4 ,294 , 967,297. We note that
2 83 3(F5-l)/2 = 3 231 = 3 ·146·4 ·648
=
1 0 ,324,303
Hence, by Pepin's test, we see thatF5 is composite.
11.2
EXERCISES 1. Evaluate each of the following Legendre symbols. a) b)
(s33) (;9)
c) d)
(l51) ( ll1)
e) f)
o�n ( 1��9)
¢= -1 (mod4,294, 967,297).
440
Quadratic Residues 2. Using the law of quadratic reciprocity, show that if p is an odd prime, then if p
if p
=
±1 (mod12);
=
±5(mod12).
3. Show that if p is an odd prime, then if p if p
4. Find a congruence describing all primes for which
= =
1(mod6); -1(mod6).
5 is a quadratic residue.
5. Find a congruence describing all primes for which 7 is a quadratic residue. 6. Show that there are infinitely many primes of the form integer and form Q = than then
5k + 4. (Hint: Let n be a positive 5(n!)2 -1. Show that Q has a prime divisor ofthe form 5k + 4 greater
n. To do this, use the law of quadratic reciprocity to show that if a prime p divides ( ! ) =1.)
Q,
7. Use Pepin's test to show that the following Fermat numbers are primes.
*
8. Use Pepin's test to conclude that 3 is a primitive root of every Fermat prime.
*
9. In this exercise, we give another proof of the law of quadratic reciprocity. Let
p and q be distinct odd primes. Let R be the interior of the rectangle with vertices Q = (0, 0), A= (p/2, 0), B = (q/2, 0), and C = ( p /2, q/2), as shown. B
(q/2, 0)
c (p/2,
0
(0, 0)
A
q/2)
(p/2, 0)
a) Show that the number oflattice points(points with integer coordinates) in
R is p�l q�l
·
·
b) Show that there are no lattice points on the diagonal connecting 0 and C. c) Show that the number of lattice points in the triangle with vertices 0,
"
Lj=l
]
pJ
A, and C is
·
d) Show that the number of lattice points in the triangle with vertices 0, B, and C is
"
Lj=l
JP Iq J
·
e) Conclude from parts(a), (b), (c), and(d) that
(p-1)/2
I:
j=l
(q-1)/2 [jqf p]+
I: j=l
[jpfq]=
� - �- 1
- 1
Derive the law ofquadratic reciprocity using this equation and Lemma 11.3.
11.2
The Law of Quadratic Reciprocity
441
Exercises
10 and 11 ask that you show that Euler's form of the law of quadratic reciprocity (Theorem 11.8) and the form given in Theorem 11.7 are equivalent.
10.
11.
12.
Show that Euler's form of the law of quadratic reciprocity, Theorem
quadratic reciprocity as stated in Theorem
p = q (mod 4) and p ¢. q (mod 4).)
11.8, implies the law of
11.7. (Hint: Consider separately the cases when
Show that the law of quadratic reciprocity as stated in Theorem
11 .7 implies Euler's form of 11.8. (Hint: First consider the cases when a = 2 and when a is an odd prime. Then consider the case when a is composite.)
the law of quadratic reciprocity, Theorem
Prove Euler's form of the law of quadratic reciprocity, Theorem
(Hint: Show that to find
( �),
11.8, using Gauss's lemma.
we need only find the parity of the number of integers
k
satisfying one of the inequalities
(2t - l)(p/2a) :::; k:::; t(p/a) for t = 1, 2, ... , 2u - 1, u =a/2 if a is even and u =(a - 1)/2 if a is odd. Then, take p = 4am + r with r < 4a, and show that finding the parity of the number of integers k satisfying one of the
where
0<
inequalities listed is the same as finding the parity of the number of integers satisfying one of the inequalities (2 t depends only on
- l)r/2a :::; k :::; tr/a fort = 1, 2, . . . , 2u - 1. Show that this number r. Then, repeat the last step of the argument with r replaced by 4a - r).
Exercise 13 asks that you fill in the details of a proof of the law of quadratic reciprocity originally developed by Eisenstein. This proof requires familiarity with the complex numbers.
13. A complex numbers is an nth root ofu nity , where n is a positive integer, ifsn = 1. If n is the i least positive integer for which sn = 1, then s is called a primitive nth root of u nity. Recall 2 that e 1C = 1. a) Show that e<21Ci/n)k is an nth root of unity if primitive if and only if
(k, n) = 1.
k is an integer
with
0:::; k:::; n - 1, which is
m = l (mod n), then sm = s.e. Furthermore, .e show that ifs is a primitive nth root of unity and sm = s.e, then m = (mod n). i i -2 c) Define f(z) = e21C z - e 1C z = 2i sin(2nz). Show that f(z+ 1) = f(z) and f(- z) = - f(z) , and that the only real zeros of f(z) are the numbers n/2, where n is an integer. i 2 d) Show that ifn is a positive integer, thenxn - n = (skx - s-k ), wheres= e 1C fn.
b) Show that if s is an nth root of unity and
e) Show that if
�
--
)
(n-l)/2 ( k f z+= f(z) n k=l
f(nz)
f ) Show that if
�
n =
y
y
n is an odd positive integer and f(z) is as defined in part (c), then
n
)
(
k f z-n
.
p is an odd prime and a is an integer not divisible by p , then
-
()
(p-1)/2 (l ) ( )(p-1)/2 .f, a a -f fp p p i=l i=l
n
n
.
g) Prove the law of quadratic reciprocity using parts (e) and (f), starting with
(p-1)/2
n
i=l
f
( ) f,q
p
)
)
(q (p-1)/2 (.e f - . - p p i=l
(Hint: Use part (e) to obtain a formula for f
n
( ; ) If( � ) .)
442
Quadratic Residues 14. Suppose that
p
integers k and
(1f;) =
is an odd prime with m.
Show that
n
-1, where
is prime if and only if
n = k2m + 1 with k < 2m for some n 2 p< -l)/ = -1 (mod n). (Hint: Use
Proth's theorem from Section 9.5 for the "only if' part, and Euler's criterion and the law of quadratic reciprocity for the "if' part.) 15. The integer
p = 1+8
·
3
·
5 7·1 1·1 3·17·1 9·23 ·
= 892,371,481
is prime (as the reader
can verify using computational software). Show that for all primes q with Conclude that there is no quadratic nonresidue of
p
less than 29 and that
q:::;
p
23,
(i) =
1.
has no primitive
root less than 29.(This fact is a particular case of the result established in the following exercise.) 16. In this exercise, we will show that given any integer M, there exist infinitely many primes such that M
< r < P
p - M,
= 2, q2 = 3, q3 =
a) Let q1
where
r P
5, ... ,
qn
is the least primitive root modulo
be all the primes not exceeding M. Using Dirichlet's
p = 1 + 8q1q2
theorem on primes in arithmetic progressions, there is a prime where
r
p
p.
is a positive integer. Show that
i = 2, 3, ... , n.
b) Deduce that all integers t +kp with -M :::; integer, are quadratic residues modulo
p
1 --;, = 1,
( ) t
( %) =
1, and that
+ kp :::; M, where
t
·
·
·
( �) =
qn r , 1 for
is an arbitrarily chosen
and hence not primitive roots modulo
p.
Show
that this implies the result of interest. *
17. New proofs of the law of quadratic reciprocity are found surprisingly often. In this exercise, we fill in the steps of a proof discovered by Kim [Ki04], the 221st proof of quadratic
p and q pq2- and (a, pq) = 1,
reciprocity according to Lemmermeyer as of early 2010. To set up the proof, let be distinct odd primes and R be the set of integers a such that 1 :::;
1 pq2-
let S be the set of integers a with 1 :::;
a
1
:::;
a :::; and (a, p) = 1, and let T be the set of integers 1 q 1, q ·2, ... , q P;- . Finally, let A = TI a. ·
·
a ER
a) Show that T is a subset of S and that R
= S - T.
b) Use part(a) and Euler's criterion to show that c) Show that
A=(-1) P�1
( �)
A=(-1) q�l
(i)
(mod q) by switching the roles of
(mod
p
p).
and q in parts(a) and
(b). d) Use parts (b) and (c) to show that (-1) q�l (mod
(i) =
(-1) P�1
( �)
if and only if
A=
±1
pq).
e) Show that
A= 1 or -1(mod pq)
if and only if
(Hint: First, show that A=± TI a (mod pq),
p = q = 1(mod 4).
where U
={a
ER
2 I a =± 1(mod pq)}
by pair
aeu
ing together elements of R that have either 1 or -1 as their product. Then, consider the solutions of each of the congruences
2 a = 1(mod pq)
and
2 a = -1(mod pq).)
f ) Conclude from parts(d) and(e) that(-1) q�l
(-1) P�1
(i) =
(�)
if and only if p = q = 1
(mod 4). Deduce the law of quadratic reciprocity from this congruence.
Computations and Explorations 1. Use Pepin's test to show that the Fermat numbers F6, F7, and F8 are all composite. Can you go further?
11.3 The Jacobi Symbol
Progr
amm
443
ing Projects
1. Evaluat.e Legendre symbols, using the law of quadratic reciprocity. 2. Given a positive int.eger n, determine whether the nth Fermat
Pepin's t.est.
11.3
0
number
F,, is prime, us ing
The Jacobi Symbol In this section, we define the Jacobi symbol, named after the German mathematician
Carl Jacobi, who introduced it The Jacobi symbol is a
generalization of the Legendre
symbol studied in the previous two sections. Jacobi symbols enjoy a reciprocity law identical to law of quadratic reciprocity, but which holds for all pairs of relatively prime
odd odd evaluateare are
integers. This reciprocity law reduces to the law of quadratic reciprocity for all pairs
of distinct
primes. We will also see the reciprocity law for Jacobi symbols can be
used to efficiently
Legendre symbols,
Moreover, Jacobi symbols
and let
the law of quadratic reciprocity.
also used to define another
Euler pseudoprimes, which
Definition.
unlike type
of pseudoprimes, namely,
discussed in Section 11.4.
Let n be an odd positive integer with prime factorizationn =
p�1p�
·
·
·
p::S
a be an integer relatively prime ton. Then, the Jacobi symbol(�) is defined by a
() ( = p�1p� ;;
a ·
·
·
a
a
Pt
P2
a
) ( )'1( ) ( ) p',:: = are
where the symbols on the right-hand side of the equality
'2
.
•
•
'm
Pm
,
Legendre symbols.
When (a, n)= 1, the Jacobi symbol(�)= ±1, as each Legendre symbol in the definition is ±1. When
(a, n) -::/= 1, we have(�)= 0. To see this, note that if (a, n) -::/= 1, there must
be a prime p dividing both a and n. This implies that the Legendre symbol
(i)
, which
equals 0, occurs in the definition of(�).
Example 11.13.
From the definition of the Jacobi symbol, we
see
that
CARL GUSTAV JACOB JACOBI (1804-1851) was born into a well-to-do German banking family. Jacobi received an excellent early education at home.
mastered made
He studied at the University of Ber�
mathematics through the texts
of Euler. and obtained his doctorate in 1825. In 1826. he became a lecturer at the University of Konigsberg; he was appointed a professor there in 1831. Besides his work in number theory, Jacobi
important contributions
to
analysis,
geometry, and mechanics. He was also interested in the history of mathematics, and was a catalyst in the publication of the collected yet completed although it
was more than began
125 years ago!
works
of Euler, a job not
444
Quadratic Residues
U ) ( � ) (ff G) =
s
=
J2 s
=
(-1)2(-l) = -l
and
(���) (5_1�� 1) (1�9)(1�9)(1�:) (�)(*)(��) 1 (ff (ff(�:) =
=
=
=
=
(-1)212(-1) = -1.
W hen n is prime, the Jacobi symbol is the same as the Legendre symbol.However,
n is composite, the value of the Jacobi symbol
when
rn)
does not tell us whether the
x2 = a (mod n) has solutions. We do know that if the congruence x2 = a (mod n) has solutions, then �) = 1. To see this, note that if p is a prime divisor of n and (
congruence if x2 =
a
( i)
Thus,
n is n = to
n) has solutions, then the congruence x2 = a (mod p) also has solutions.
(mod
= 1. Consequently,
p�1 p�2
•
•
•
(�) = 0j=1
= 1, where the prime factorization of
p�. To see that it is possible that (�) = 1 when there are no solutions
x2 = a (mod n ), let
a
= 2 and
3) and x2 = 2 (mod
5)
5
n = 15. Note that
However, there are no solutions to (mod
( ;i Yi
( fs) ( j) (�) =
= ( -1)(-1) = 1.
x2 = 2 (mod 1 ), because the congruences x2 = 2
have no solutions.
Properties of Jacobi Symbols We now show that the Jacobi symbol enjoys some properties similar to those of the Legendre symbol.
Theorem 11.10. prime to
n. Then
(i)
if a= b (mod
n), then
(a,n = rnH*) ; C�/) = c-1)
(ii) (iii) (iv)
Proof.
Let n be an odd positive integer and let a and b be integers relatively
(�) = (*) ;
p�1p{ p�. b (mod p ) . Hence, by
In the proof of this theorem, we use the prime factorization
Proof of (i).
We know that if
Theorem 11.4 (i), we have
Proof of
(ii).
1, 2, 3, . .. ,
m.
(;) (:)
By T heorem Hence,
p is a prime dividing n, then =
a=
n=
·
·
·
. Consequently, we see that
11.4 (ii), we know that
( ��) ( ;i) ( ;i) =
for i
11.3 The Jacobi Symbol
Theorem 1 1.5 tells us that if p is prime, then
Proof of (iii). Consequently,
445
(-�/) = (-l)(p-l)/2.
Using the prime factorization of n, we see that
Because Pi - 1 is even, it follows that
and
Therefore, n= 1 + t1(P1 - 1)
+
t2(P2 - 1)
+
·
·
tm(Pm - 1) ( mod 4),
+
·
which implies that (n - 1)/2= t1(P1 - 1)/2 + t2(P2 - 1)/2 +
·
·
·
+
tm(Pm - 1)/2 (mod 2).
Combining this congruence for (n - 1)/2 with the expression for 1 1 2 � = (-l)(n- )/ .
( )
Proofof(iv).
By Theorem 1 1 .6, if pis prime, then
(�) GJ GJ' GJ'· =
...
(�1 ) shows that
(%) = (-l)CP2-l)/8.Hence,
= (-l)''(pi-1)/•+r,v?,-l)/•+···+t.(p!-l)f•.
As in the proof of ( iii), we note that 2 n = ( 1 + (PI - 1))11( 1 + (p� - 1))12
Because p� - 1=0 ( mod 8) for i = 1, 2,
. . . , m,
•
•
•
( 1 + (p� - 1))1m.
we see that
( 1 + (p; - 1))1i = 1 + ti(P; - 1) ( mod 64)
446
Quadratic Residues and
Hence,
which implies that
(n2 - 1)/8 t1(PI - 1)/8 + t2(P� - 1)/8 + =
Combining this congruence for
(�)
=
(-l)(n2-l)/8.
·
·
·
+
tm(P! - 1)/8 (mod 8).
(n2 - 1)/8 with the expression for
(�)
tells us that •
The Reciprocity Law for Jacobi Symbols We now demonstrate that the reciprocity law holds for the Jacobi symbol as well as the Legendre symbol.
Theorem 11.11.
The Reciprocity Lawfor Jacobi Symbols. 1. Then
( )( )
Let n and m be relatively
prime odd positive integers greater than n m
Proof
=
( -1 )
m-2 1.n-2 1
Let the primefactorizations ofm andn hem=
q;r. We see that
( ) n (q ) m n
and
m n
=
r
m
i=l
b
·
I=
i
•
p�1p;s p�s ·
( )
n n Pj i=l j=l qi r
s
b
Thus,
(:: ) ( ;� )
By the law of quadratic reciprocity, we know that
=
( -1
1) (qi-1) (pr -2- . -2)
·
a
I ·
·
·
J
andn =
q�1q;2
•
•
•
11.3 The Jacobi Symbol
447
Hence,
(11.8)
We note that
As we demonstrated in the proof of Theorem 11.10(iii), s
L aj j=l
(
p -1 1
)
·
2
=
-1 (mod2) 2
m
and
Thus, (11.9)
tt ( i =l j=l
aj
P
1 j2
b i
) (
qi - 1 2
)
=
-1. 2
m
n
-1 (mod2). 2
Therefore, by equations(11.8) and(11.9), we can conclude that
( ) ( )= m
n
-
-
n
m
(-1)
m-1.n-1 2 2
•
•
Evaluating Legendre and Jacobi Symbols W hen we use quadratic reciprocity to evaluate Legendre symbols, we often have to factor one or more Legendre symbols before we can exchange the numerators and denominators of the Legendre symbols that arise. This is illustrated in Example 11.10 where we calculated
( l0�9).
As there is no efficient algorithm known for factoring
integers, evaluating Legendre symbols by successive use of quadratic reciprocity is not efficient. As Jacobi realized, we can avoid this problem when we use Jacobi sybmols and their reciprocity law to compute Legendre symbols. Compare the following example to Example 11.10 to see the difference.
Example 11.14.
Successively using the reciprocity law for Jacobi symbols, Theorem
11.11, and the properties of Jacobi symbols in Theorem 11.10, we find that
= (��) = ( 27) (:1) =
3
-
( 3;) = (�) = -
1.
448
Quadratic Residues We have used the reciprocity law for Jacobi symbols to establish the first, fourth, and seventh equalities. We used part (i) of Theorem 11.10 to obtain the second, fifth, and eighth equalities, part (ii) to obtain the third and sixth equalities, and part (iv) to obtain <11111
the fourth, sixth, and ninth equalities.
We now use Theorem 11.10 and the reciprocity law for Jacobi symbols to develop an efficient algorithm for computing Jacobi symbols, and consequently, for computing Legendre symbols. Let R0
=
a
and R1
=
a
and b be relatively prime positive integers with
a
>
b. Let
b. Using the division algorithm and factoring out the highest power of
2 dividing the remainder, we obtain
where s1 is a nonnegative integer and R2 is an odd positive integer less than R1. W hen we successively use the division algorithm, and factor out the highest power of 2 that divides remainders, we obtain Rl
=
R2
=
Rn-3
=
Rn-2
=
R2q2 + 2s2R3 s R3q3 + 2 3 R4 s Rn-2qn-2 + 2 n-zRn-1 s Rn-lqn-1 + 2 n-1. 1,
where sj is a nonnegative integer and Rj is an odd positive integer less than Rj-l for j
=
2, 3, ...,
n
-
1. Note that the number of divisions required to reach the final equation
does not exceed the number of divisions required to find the greatest common divisor of
a
and b using the Euclidean algorithm. We illustrate this sequence of equations with the following example.
Example 11.15.
Let
a
=
401 and b
=
111. Then
2 401 = 111 .3 + 2 . 11 111 = 17 · 6 + 20 · 9 3 11 = 9 . 1 + 2 . L
Using the sequence of equations that we have described, together with the properties of the Jacobi symbol, we prove the following theorem, which gives an algorithm for evaluating Jacobi symbols.
Theorem 11.12.
(a) -
b
Let
=
(
a
-
and b be positive integers with
l)s1
R i -1
-
8
+···+sn-1
where the integers Rj and sj, j
=
1, 2,
R�_c1
--
8
a
>
b. Then
Rn_z-1 Rn_1-1 R1-1 R2-1 +-· · 2 2 +···+ 2 2 '
. . . , n
-
-
--
--
1, are as previously described.
11.3
Proof.
The Jacobi Symbol
449
From the first equation with (i), (ii), and (iv) of Theorem 11.10, we have
(�) (�:) (2:�2) GJ(��) =
=
=
=
(-l)'''i,-'
(��).
Using Theorem 11.11, the reciprocity law for Jacobi symbols, we have
so that
(�)
=
<-1>
• ' · '+ r · ',- <,
t'
(��}
Similarly, using the subsequent divisions, we find that
( -·--1) R 1 Rj
Rrl Rj+1-l
=
R -1
J
2 ·-2 +s 1·-s(- l)--
( ) R. Rj+l
__J_
for j 2, 3, . . . , n - 1. When we combine all the equalities, we obtain the desired • expression for( % ). =
The following example illustrates the use of Theorem 11.12.
( )
To evaluate i?� , we use the sequence of divisions in Example 11.15 and Theorem 11.12. This tells us that 2 2 (-1) ·111:-1+0·17�-1+3·981+11�-1. 1721+1721· 921 1. ....
Example 11.16.
(���)
=
=
The following corollary describes the computational complexity of the algorithm for evaluating Jacobi symbols given in Theorem 11.12. Let a and b be relatively prime positive integers with a > b. Then the Jacobi symbol(%) can be evaluated using O((log2 b)3) bit operations. Corollary 11.12.1.
Proof.
To find( %) using Theorem 11.12, we perform a sequence of 0 (Iog2 b) divisions. To see this, note that the number of divisions does not exceed the number of divisions needed to find (a, b) using the Euclidean algorithm. Thus, by Lame's theorem, we know 2 that 0 (Iog2 b) divisions are needed. Each division can be done using 0 ((log2 b) ) bit operations. Each pair of integers Rj and sj can be found using 0 (Iog2 b) bit operations once the appropriate division has been carried out.
Consequently, O((log2 b)3) bit operations are required to find the integers Rj, sj, j 1, 2, . . . , n - 1, from a and b. Finally, to evaluate the exponent of -1 in the expression for ( %) in Theorem 11.12, we use the last three bits in the binary expansions of Rj, j 1, 2, . . . , n - 1, and the last bit in the binary expansions of sj, j 1, 2, . . . , n - 1. Therefore, we use 0 (Iog2 b) additional bit operations to find (%)·Because O((log2 b)3) + O(Iog2 b) O((Iog2 b)3), the corollary holds. • =
=
=
=
Quadratic Residues
450
We can improve this corollary if we use more care when estimating the number of bit operations used by divisions. In particular, we can show that 0 ( (log2 b )2) bit operations suffice for evaluating % . We leave this as an exercise.
( )
11.3
EXERCISES 1. Evaluate each of the following Jacobi symbols. a)
(i )
2663 ( 3299 ) f) ( )
( 1�1 ) d) O m )
c)
1
e)
10001 20003
2. For which positive integers n that are relatively prime to 1 5 does the Jacobi symbol
( �)
equal l? 3. For which positive integers n that are relatively prime to 30 does the Jacobi symbol
( 3n° )
equal l?
= pq, where p and q are primes. We say that the integer a is a pseudo-square ( ; ) = 1. 4. Show that if a is a pseudo-square modulo n, then ( 5J;) = ( �) = -1.
Suppose that n
modulo n if a is a quadratic nonresidue of n, but
5. Find all the pseudo-squares modulo 21 . 6. Find all the pseudo-squares modulo 35. 7. Find all the pseudo-squares modulo 143. 8. Let a and b be relatively prime integers such that b is odd and positive and a where q is odd. Show that
=(- l) 2tq, 8
( b) =(-1)"""2 ·s+--g ·t ( b ) . a
b-t
b2-1
q
9. Let n be an odd square-free positive integer. Show that there is an integer a such that (a, n) and
( ; ) = -1.
=1
10. Let n be an odd square-free positive integer. a) Show that
L
( �) = 0, where the sum is taken over all k in a reduced set of residues
modulo n. (Hint: Use Exercise 9.) b) From part (a), show that the number of integers in a reduced set of residues modulo n such
( �) = 1 is equal to the number with ( �) = -1. 11. Let a and b = r0 be relatively prime odd positive integers such that a = roq 1 + e1r1 ro = rlq2 + e2r2 that
*
11.3 The Jacobi Symbol
451
where qi is a nonnegative even integer, si =±1, ri is a positive integer with ri < ri-1' for i =1, 2, ... , n i, and rn =1. These equations are obtained by successively using the modified division algorithm given in Exercise 18 of Section 1.5. a) Show that Jacobi symbol
() a -
b
( � ) is given by
=(
-
b) Show that the Jacobi symbol
1)
(
ro-1 q71-l 71-l 8272-1 + 2 2 + 2 2
-·--
-·--
···
+
Tn-1-l BnTn-1 2 2
--·--
)
.
( � ) is given by
where Tis the number of integers i, 1:::; i :::; n, with ri-l= siri = 3(mod 4). *
12. Show that if a andb are odd integers and(a, b) =1, then the following reciprocity law holds for the Jacobi symbol:
( )( a
Thi
)-{-(-l)a21b21 � b
if a
(-1) 9 ¥
otherwise.
In Exercises 13-19, we deal with the Kronecker symbol (named after Leopold Kronecker), a generalization of the Jacobi symbol and which is defined even when the integer
n
in the symbol
(i) is even. Let a be a positive integer that is not a perfect square such that a= 0 or 1 (mod 4).
We define the Kronecker symbol by setting:
(�) -_ { (;) (�) TI (�)ti 2
1
if a= 1(mod 8);
-1
if a= 5(mod 8),
=the Legendre symbol
n
=
i=l
P1
(5J;)
if p is an odd prime such that p l a, and
if (a, n) = 1 and n =fl =1 P
j
J
is the prime factorization of n.
13. Evaluate each of the following Kronecker symbols.
a)
( [2)
b)
(i�)
c)
(i&)
For Exercises 14-19, let a be a positive integer that is not a perfect square such that a= 0 or 1 (mod 4). 14. Show that
(�) ( 1�1) =
if 2 la, where the symbol on the right is a Jacobi symbol.
15. Show that if n1 and n2 are positive integers and if(ai. ni. n2) =1, then *
( ) ( ) ( ) (i) ( 1:1 ) -an 1n2
=
16. Show that if n is a positive integer relatively prime to a and if a is odd, then whereas if a is even and a =2s t, where
t
is odd, then
.!!:. ni ...
·
=
.!!:. n1 ...
.
,
452
Quadratic Residues
(;) (2)8 ( ) ; (-1)2·---r Ill . a
*
17. Show that if n 1 and 112 (mod
lal), then
r-1
11-1
=
are positi ve
(:i) (:J.
integers greater
n
than 1 relatively prime to a and n1
=
112
=
*
18. Show that if I a I> 3, then there exists a positive integer n such that (�)
*
19. Show that if a # 0, then
Cai-I)
=
{ -!
=
-1.
:�: : �:
20. Show that if a and b are relatively prime integers with a < b, then the Jacobi symbol ( i) can 2 be evaluated using 0 ((log2 b) ) bit operations.
LEOPOLD KRONECKER
(1823-1891) was born in Liegnitz, Prussia, to
prosperous Jewish parents. His father was a successful businessman and his mother came from a wealthy family. As a child, Kronecker was taught by private tutors. He later entered the Liegniz t Gymnasium, where he was taught mathematics by the number theorist Kummer. Kronecker's mathematical talents were quickly recognized by Kummer, who encouraged Kronecker to engage in mathematics research. In 1841, Kronecker entered Berlin University, where he studied mathematics, astronomy, meteorology, chemistry, and philosophy. In 1845, Kronecker wrote his doctoral thesis on algebraic number theory; his supervisor was Dirichlet. Kronecker could have begun a promising academic career, but instead he returned to Liegnitz to help manage the banking business of an uncle. In
1848,
Kronecker married a daughter of this
uncle. During his time back in Liegnitz, Kronecker continued his research for his own enjoyment. In 1855, when his family obligations
eased, Kronecker returned to Berlin. He was eager to participate
in the mathematical life of the university. Not holding a university post, he did not teach any classes. However, he was extremely active in research, and he published extensively in number theory, elliptic functions and algebra, and their interconnections. In
1860,
Kronecker was elected to the Berlin
Academy, giving him the right to lecture at Berlin University. He took advantage of this opportunity and lectured on number theory and other mathematical topics. Kronecker's lectures were considered very demanding but were also considered to be stimulating. Unfortunately, he was not a popular teacher with average students; most of these dropped out of his courses by the end of the semester. Kronecker was a strong believer in constructive mathematics, thinking that mathematics should
d
be concerned only with finite numbers and with a finite number of operations. He doubted the vali ity of nonconstructive existence proofs and was opposed to objects defined nonconstructively, such as irrational numbers. He did not believe that transcendental numbers could exist. He is famous for his statement: "God created the integers, all else is the work of man.t• Kronecker's belief in constructive mathematics was not shared by most of his colleagues. although he was not the only prominent mathematician to hold such beliefs. Many mathematicians found it difficult to get along with Kronecker, especially because he was prone to fallings out
over
mathematica l disagreements.
Also, Kronecker was self-a>nscious about his short height, reacting badly references to his short stature.
even
to good-natured
11.4 Euler Pseudoprimes
453
Computations and Explorations 1. Find the value of the Legendre symbol 2. Find
(
( �..���'.��i).
the value of the following Jacobi symbols: 3
20,001 11, 111, 111, 111, 111
)
(
65
.�ii,;
9
1
) ( ,
i0\3i,�
5•4
333
)
,
and
•
Programming Projects 1. Evaluate Jacobi symbols using the method of Theorem 11. 12. 2. Evaluate Jacobi symbols using Exercises
8 and 11.
3. Evaluate Kronecker symbols (as defined in the preamble to Exercise 13).
11.4
Euler Pseudoprimes Let p be an odd prime number and let b be an integer not divisible by p. By Euler's criterion, we know that l 2 b(p- )/
=
(: )
(mod p).
Hence, if we wish to test the odd positive integer n for primality, we can take an integer b, with (b, n)
=
1, and determine whether l 2 b(n- )/
=
(�-)
(mod n),
where the symbol on the right-hand side of the congruence is the Jacobi symbol. If we find that this congruence fails, then n is composite. Example 11.17. 341 21
70
=
¢.
-3 (mod
(�) 3
1
Letn
=
341 andb=2. We calculate that 2
8), using Theorem 11 .10 (iv), we see that
170
=
(�)
1 (mod 341). Because
3 1
=
-1. Consequently,
(mod 341). This demonstrates that 341 is not prime.
..,..
Thus, we can define a type of pseudoprime based on Euler's criterion. Definition.
An odd, composite, positive integer n that satisfies the congruence l 2 b(n- )/
=
(�-)
(mod n),
where b is a positive integer, is called an Euler pseudoprime to the base b. An Euler pseudoprime to the base b is a composite integer that masquerades as a prime by satisfying the congruence given in the definition.
454
Quadratic Residues 1105 and b = 2. We calculate that 2552 = 1 (mod 1105). 552 = Because 1105 = 1 (mod 8), we see that 1 = 1. Hence, 2 (mod 1105). 1
Example 11.18.
Let
n =
( ?os)
( ?os)
Because 1105 is composite, it is an Euler pseudoprime to the base
2.
..,..
The following theorem shows that every Euler pseudoprime to the base b is a pseudoprime to this base.
Theorem 11.13.
If n is an Euler pseudoprime to the base b, then
n
is a pseudoprime
to the base b. If n is an Euler pseudoprime to the base b, then
Proof
l 2 b(n- )/
=
(�)
(mod
n).
Hence, by squaring both sides of this congruence, we find that
Because
(�)
=
±1, we see that bn-l
=
1 (mod n ), which means that n is a pseudoprime
to the base b.
•
Not every pseudoprime is an Euler pseudoprime. For example, the integer not an Euler pseudoprime to the base
341 is
2, as we have shown, but is a pseudoprime to this
base. We know that every Euler pseudoprime is a pseudoprime. Next, we show that every strong pseudoprime is an Euler pseudoprime.
Theorem 11.14.
If n is a strong pseudoprime to the base b, then
n
is an Euler pseudo
prime to this base. be a strong pseudoprime to the base b. Then, if n - 1 = 28t, where t is r odd, either bt = 1 (mod n) or b2 t = -1 (mod n) , where 0 ::Sr ::S s - 1. Let n =
Proof
Let
n
07=1 p�i
be the prime-power factorization of n. First, consider the case where bt bt
1 (mod
=
1 (mod n ). Let p be a prime divisor of n. Because
p),
we know that ord b It. Because t is odd, we see that ord b is also p p odd. Hence, ord b I 1)/2, because ord b is an odd divisor of the even integer p p (p) = - 1. Therefore, =
(p
p
l 2 b(p- )/
=
Consequently, by Euler's criterion, we have To compute the Jacobi symbol n.
Hence,
(�),
1 (mod p).
(%)
=
1.
we note that
(%)
=
1 for all primes p dividing
( )-( b -
n
Because ht= have
11.4 Euler Pseudoprimes
) - n (-i ) -- 1 i=l P r P�i m
b
n
ai
=l
1 (mod n), we know that b(n-l)/2 l b(n- )/2 =
We conclude that
b
(; )
=
=
(bt)2s-I =
455
.
1 (mod n). Therefore, we
1 (mod n).
n is an Euler pseudoprime to the base b.
Next, we consider the case where
-1 (mod n)
2r b t= for some r with
0:::: r::::
s
- 1. If pis a prime divisor of n, then 2r b t=
-1 (mod p).
Squaring both sides of this congruence, we obtain 2r+lt b =
which implies that ordpb Hence,
ordpb
where
2r+11
J27t.
I
2r+1t
,
1 (mod p),
and from the previous congruence we know that
I (p - 1) and 2r+1 I ordpb, it follows that l 2r+ d + 1, where dis an integer. Because
is an odd integer. Because ordpb (p - 1). Therefore, we have p = c
b(ordpb)/2
(: )
we have
= b(p-1)/2
=
=
c
,
b(ordpb/2)((p-l)/ordpb)
= (-l)(p-1)/ordpb Because
-1 (mod p)
is odd, we know that (-l)c
=
=
1 ) l (-l)(p- )/(27+ c (mod
p).
-1. Hence,
(11.10) recalling that d=
(p
- 1)/27+1. Because each prime Pi dividing n is of the form P i
2r+1di + 1, it follows that
=
456
Quadratic Residues m
n=
TI pi' i=l
a·
m
=
TI (2r+ldi + l)ai i=l m
=
TI(1 + 2r+laidi) i=l
=
m
1 + 2r+1
L aidi (mod 22r+2). i=l
Therefore, m
t2s-l = (n - 1)/2
=
2'
L aidi (mod 2'+1). i=l
This congruence implies that
and (11.11) On the other hand, from (11.10), we have
Therefore, combining the preceding equation with (11.11 ), we see that
( b n-l)/2 Consequently,
n
=
(�)
(mod
is an Euler pseudoprime to the base
n).
b.
•
b is an Euler pseudoprime to this base, note that not every Euler pseudoprime to the base b is a strong pseudoprime to the base b, as the following example shows. Although every strong pseudoprime to the base
Example
11.19.
We have shown in Example 11.18 that the integer 1105 is an Euler
pseudoprime to the base
2. However, 1105 is not a strong pseudoprime to the base 2,
because
2(1105-1)/2 = 2552
=
1(mod 1105),
whereas
2(1105-1)/22 = 2276
=
781
¢=
±1(mod 1105).
11.4 Euler Pseudoprimes
457
Although an Euler pseudoprime to the base b is not alway s a strong pseudoprime to this base, when certain additional conditions are met, an Euler pseudoprime to the base
b is, in fact, a strong pseudoprime to this base. The following two theorems give results of this kind.
4) and n is an Euler pseudoprime to the base b, then n is a strong pseudoprime to the base b.
Theorem 11.15.
If
n
=
3 (mod
Proof. From the congruence n = 3 (mod 4), we know that n 1 = 2 t, where (n - 1) /2 is odd. Because n is an Euler pseudoprime to the base b, it follows that -
bt Because
( *)
=
=
b(n-1)/2
±1, we know that either
(;)
=
b1
=
(mod
·
t
=
n).
1 (mod n) or b1
=
-1 (mod n).
Hence, one of the congruences in the definition of a strong pseudoprime to the base
b must hold. Consequently, n is a strong pseudoprime to the base b. If n is an Euler pseudoprime to the base
Theorem 11.16.
strong pseudoprime to the base
b.
( *)
=
-1, then n is a
1 = 2s t, where t is odd and s is a positive integer. Because n is an Euler pseudoprime to the base b, we have
Proof.
We write
n
b and
•
-
1 b2s- t But because
( *)
=
=
b(n-1)/2
=
( ;)
(mod
n).
-1, we see that bt2s-l
=
-1 (mod n).
This is one of the congruences in the definition of a strong pseudoprime to the base Because
n is composite, it is a strong pseudoprime to the base b.
b. •
Using the concept of Euler pseudoprimality, we will develop a probabilistic primal ity test. This test was first suggested by Solovay and Strassen [SoSt
77].
Before presenting the test, we give some helpful lemmas. Lemma 11.4.
If n is an odd positive integer that is not a perfect square, then there is at
least one integer
b with 1 < b
<
n, (b, n)
=
1, and
( *)
=
-1, where
( *)
is the Jacobi
symbol.
Proof. If n is prime, the existence of such an integer b is guaranteed by Theorem 11.1. If n is composite, because n is not a perfect square, we can write n = rs, where (r, s) = 1 e and r = p , with p an odd prime and e an odd positive integer. Now let t be a quadratic nonresidue of the prime p; such a t exists by Theorem 11.1.
We use the Chinese remainder theorem to find an integer b such that 1 <
b
<
n, (b, n)
=
1,
458
Quadratic Residues and such that b satisfies the two congruences b= t (mod r) b= Then
1 (mod s).
( �) ( : ) er =
=
=
(-1)'
=
-1
.
( %)
and
=
Lemma 11.5. with
( �) ( �) ( %)
1. Because
=
, it follows that
=
-1.
•
Let n be an odd composite integer. Then there is at least one integer b
1< b
=
1, and b(n-l)/2 ¢=
Proof
( �)
(�-)
(mod n).
Assume, for all positive integers not exceedingn and relatively prime ton, that
b(n-l)/2 =
(11.12)
(�-)
(mod n).
Squaring both sides of this congruence tells us that
bn-I=
(�)'
= ( ± 1) 2
=
1 (modn),
1. Hence, n must be a Carmichael number. Therefore, by Theorem 9.24, we know thatn q1q · qn where Qi. Qi. . . . , qr are distinct odd primes. 2 if (b, n)
=
=
·
·
We will now show that
b(n-l)/2 = 1 (modn) for all integers b with
1:::::: b:::::: n and (b, n)
=
1. Suppose that b is an integer such that
b(n-l)/2 = -1 (modn). We use the Chinese remainder theorem to find an integer
a with 1
and
a= b (mod Q1 ) a= 1 (mod q q3 ···qr). 2 Then, we observe that
(11.13)
1 1 a(n- )/2 = b(n- )/2 = -1 (mod Q1),
whereas
(11.1 4) From congruences (11.13) and (11.14), we see that
a(n-l)/2 ¢= ±1 (modn),
=
1,
11.4 Euler Pseudoprimes
contradicting congruence
(11.12).
Hence, we must have
h(n-l)/2 for all h with 1
459
=
1 (mod n),
� h � n and (h, n) = 1. Consequently, from hypotheses (11.12), we know
that
( ;)
which implies that
( �)
=
1 for
= h(n-l)/2 ==
all
h
with
1�h�n
11.4 tells us that this is impossible. Hence, the be at least one integer h with 1 < h < n, (h, n)
(;)
h(n-l)/2 ¢=
1 (mod n) and
(h, n)
=
1.
However, Lemma
original assumption is false. There must =
1,
and
(mod
n).
•
We can now state and prove the theorem that is the basis of the probabilistic primality test. Theorem 11.17.
n be an odd composite integer. Then the number of positive integers less than n and relatively prime to n that are bases to which n is an Euler pseudoprime does not exceed (n) /2.
Proof
Let
By Lemma 11.5, we know that there is an integer
and
Now, let
ai. a , ... , am 2
Let modulo
1, 2,
1, 2,
(mod
;n
=
(�)
(mod
<
n, (h, n) = 1,
n).
denote the integers satisfying
a -l)/2
(11.16) for j =
(;)
h(n-l)/2 ¢=
(11.15)
h with 1 < h
1 � aj � n, (aj, n) = 1,
and
n),
. . . , m.
ri. r , ... , rm be the least positive residues of the integers hai. ha , ... , ham 2 2 n. We note that the integers rj are distinct and that (rj, n) = 1 for j =
. . . , m.
Furthermore,
(11.17) for, if it were true that
;
r n-l)/2 =
(�)
then we would have
(haj)(n-l)/2 =
(mod
( -;!-) ha·
n),
(mod
n),
Quadratic Residues
460
which would imply that b(n-l)f2a
;n-l)f2
( ;) (�)
=
(mod n),
and because (11.16) holds, we would have b(n-l)/2
=
( ;)
(mod n),
contradicting (11.15). Because aj, j = 1, 2, ... , m, satisfies the congruence (11.16), whereas rj, j = 1, 2, ... , m, does not, as (11.17) shows, we know that these two sets of integers share no common elements. Hence, looking at the two sets together, we have a total of 2m distinct positive integers less than n and relatively prime to n. Because there are
-
Theorem 11.18. The Solovay-Strassen Probabilistic Primality Test. Let n be a pos itive integer. Select, at random, k integers bi. b2, ... , bk from the integers 1, 2, ... , n 1.For each of these integers bj, j = 1, 2, ... , k, determine whether -
l)/2 b n-
J
=
( �)
(mod n).
If any of these congruences fails, then n is composite. If n is prime, then all these congruences hold. If n is composite, the probability that all k congruences hold is less than 1/2k. Therefore, if n passes this test when k is large, then n is "almost certainly prime." Because every strong pseudoprime to the base b is an Euler pseudoprime to this base, more composite integers pass the Solovay-Strassen probabilistic primality test than the Rabin probabilistic primality test, although both require O(k (Iog 2 n)3) bit operations.
11.4
EXERCISES 1.
Show that the integer 561 is an Euler pseudoprime to the base 2.
2.
Show that the integer 15,841 is an Euler pseudoprime to the base 2, a strong pseudoprime to the base 2, and a Carmichael number.
3.
Show that if n is an Euler pseudoprime to the bases a and b, then n is an Euler pseudoprime to the base ab.
4.
Show that if n is an Euler pseudoprime to the base b, then n is also an Euler pseudoprime to the base n b. -
11.5 Zero-Knowledge Proofs S. Show that if n
=
5 (mod 8)
and n is an Euler pseudoprime to the base
2,
461
then n is a strong
pseudoprime to the base 2. 6. Show that if n =
5 (mod 12)
and n is an Euler pseudoprime to the base 3, then n is a strong
pseudoprime to the base 3.
7. Find a congruence condition for an Euler pseudoprime n to the base 5 that guarantees that n
is a strong pseudoprime to the base **
5.
8. Let the composite positive integer n have prime-power factorization n
where Pj
=
1+2kiqj for j
=
1, 2,
=
p�1p;,2 ··· P':n"'•
... , m, wherek1::;k2::; ···::;km, and where n
=
1+2kq.
Show that n is an Euler pseudoprime to exactly m �n
different bases b with
TI ((n - 1)/2, Pj - 1)
j=l
1::: b < n, where if ki
=
if kj
k;
and ai is odd for some j;
otherwise. 9. For how many integers b, 10. For how many integers b,
1 ::: b < 561,
is
1 ::: b < 1729,
561 an Euler pseudoprime to the base b?
is
1729 an Euler pseudoprime to the base b?
Computations and Explorations 1. Find all Euler pseudoprimes to the base 2 less than 3,
1,000,000. Do the same thing for the bases
5, 7, and 11. Devise a primality test based on your results.
2. Find
10
integers, each with between
because they pass more than
20
50
and
60
decimal digits, that are "probably prime"
iterations of the Solovay-Strassen probabilistic primality
test.
Programming Projects 1. Given an integer n and a positive integer b greater than 1, determine whether n passes the test for Euler pseudoprimes to the base b. 2. Given an integer n, perform the Solovay-Strassen probabilistic primality test on n.
11.5
Zero-Knowledge Proofs Suppose that you want to convince another person that you have some important private information, without revealing this information. For example, you may want to convince someone that you know the prime factorization of a 200-digit positive integer without telling them the prime factors. Or you may have a proof of an important theorem and you want to convince the mathematical community that you have such a proof without revealing it. In this section, we will discuss methods, commonly known as
zero
0 knowledge or minimum-disclosure proofs, that can be used to convince someone that you
462
Quadratic Residues
have certain private, verifiable information, without revealing it. Zero-knowledge proofs were invented in the mid-1980s. In a zero-knowledge proof, there are two parties, the prover, the person who has the secret information, and the verifier, who wants to be convinced that the prover has this secret information. When a zero-knowledge proof is used, the probability is extremely small that someone who does not have the information can successfully cheat the verifier by masquerading as the prover. Moreover, the verifier learns nothing, or almost nothing, about the information other than that the prover possesses it. In particular, the verifier cannot convince a third party that the verifier knows this information. Remark.
Because zero-knowledge proofs supply the verifier with a small amount of in
formation, zero-knowledge proofs are more properly called minimum-disclosure proofs. Nevertheless, we will use the original terminology for such proofs. We will illustrate the use of zero-knowledge proofs by describing several examples of such proofs, each based on the ease of finding square roots modulo products of two primes compared with the difficulty of finding square roots when the two primes are not known. (See the end of Section 11.1 for a discussion of this topic.) Our first example presents a proposed scheme for a zero-knowledge proof that turned out to have a flaw making it unsuitable for this use. Nevertheless, we introduce this scheme as our first example because it illustrates the concept of zero-knowledge proofs and is relatively simple. Moreover, understanding why it fails to be a valid scheme for zero-knowledge proofs adds valuable insight (see Exercise 11). In this scheme, Paula, the prover, attempts to convince Vince, the verifier, that she knows the prime factors of n, where n is the product of two large primes p and q, without helping him find these two prime factors. When this scheme was originally devised, it was thought that someone who does not know p and q would be unable to find the square root of y modulo n in a reasonable amount of time, unlike Paula, who knows these primes. This turns out not to be the case, as Exercise 11 illustrates. The proposed scheme is based on iterating the following procedure. (i)
Vince, who knows n, but not p and q, chooses an integer computes y, the least nonnegative residue of
x4
x
at random. He
modulo n, and sends this to
Paula. (ii)
When Paula receives y, she computes its square root modulo n. (We will explain how she can do this after describing the steps of the procedure.) This square root is the least positive residue of x2 modulo n. She sends this integer to Vince.
(iii) Vince checks Paula's answer by finding the remainder of
x2
when it is divided
by n. To see why Paula can find the least positive residue of x2 modulo n in step (ii), note that because she knows p and q, she can easily find the four square roots of
x4
modulo
n. Next, note that only one of the four square roots of x4 modulo n is a quadratic residue modulo n (see Exercise
3). So, to find x2, she can select the correct square root of the
463
11.5 Zero-Knowledge Proofs four square roots of x4 modulo
n
by computing the value of the Legendre symbols of
each of these square roots modulo know
p and modulo q. Note that someone who does not
p and q is unable to find the square root of y modulo n in a reasonable amount of
time, unlike Paula, who knows these primes. We illustrate this procedure in the following example.
Example 11.20. 103 239 ·
=
Suppose that Paula's private information is her factorization of
n =
24,617. She can use the procedure just described to convince Vince that
she knows the primes
p
=
103 and q
=
239 without revealing them to him. (In practice,
primes p and q with hundreds of digits would be used, rather than the small primes used in this example.) To illustrate the procedure, suppose that in step (i) Vince selects the integer 9134 at random. He computes the least positive residue of 91344 modulo 24,617, which equals 20,682. He sends the integer 20,682 to Paula. In step (ii), Paula determines the integer x2 using the congruences x2 = ±20,682(l03+l)/4
=
±20,68226 = ±59 (mod 103)
x2 = ±20,682(239+l)/4
=
±20,68260 = ±75 (mod 239).
p = q = 3 (mod 4), the solutions of x2 =a (mod p) andx2 =a (mod q) arex2 = ±a(p+l)/4 (mod p) andx2 = ±a(q+l)/4 (mod q),
(Note that we have used the fact that when respectively.)
Because x2 is a quadratic residue modulo 24,627
=
103 239, we know that it also ·
is a quadratic residue modulo 103 and 239. Computing Legendre symbols, we find that
( {53)
=
1,
(1&j)
=
-1,
(Jf9)
=
1, and
(;Jg)
=
-1. Therefore, Paula finds x2 by
solving the system x2 = 59 (mod 103) and x2 = 75 (mod 239). W hen she solves this system, she concludes that x2 = 2943 (mod 24,617). In step (iii), Vince checks Paula's answer by noting that x2
=
91342 = 2943 (mod
24,617).
....
We now describe a method to verify the identity of the prover, based on zero knowledge techniques, invented by Shamir in 1985. We again suppose that where
n =
pq,
p and q are two large primes both congruent to 3 modulo 4. Let I be a positive
integer that represents some particular information, such as a personal identification number. The prover selects a small positive integer
c, which has the property that the c (the number obtained by writing the digits of I followed by the digits of c) is a quadratic residue modulo n. (The number c can be integer
v
obtained by concatenating I with
found by trial and error, with probability close to 1/2.) The prover can easily find square root of
v
modulo
u,
a
n.
The prover convinces the verifier that she knows the primes
p and q using an
interactive proof. Each cycle of the proof is based on the following steps.
464
Quadratic Residues (i)
The prover, Paula, chooses a random number r, and sends to the verifier a message containing two values: x, where x where y
(ii)
=
vx(mod n), 0 ::S y
<
n, and y, n. Here, as usual, x is an inverse of x modulo n.
The verifier, Vince, checks that xy
=
=
v (mod
r2 (mod
n), 0 ::S x
<
n) and chooses, at random, a bit
b, which he sends to the prover.
(iii) If the bit b sent by Vince is 0, Paula sends r to Vince. Otherwise, if the bit b is 1, Paula sends the least positive residue of of r modulo
r modulo n, where r is an inverse
u
n.
(iv) Vince computes the square of what Paula has sent. If Vince sent a that this square is x, that is, that r2 this square is y, that is, that s2
=
=
x (mod
y (mod
n ).
0, he checks
n). If he sent a 1, he checks that
This procedure is also based on the fact that the prover can find
u,
a square root of
v modulo
n, whereas someone who does not know p and q will not be able to compute a square root modulo n in a reasonable amount of time. The four steps of this procedure form one cy cle. Cycles can be repeated sufficiently often to guarantee a high degree of security, as we will subsequently describe. We illustrate this type of zero-knowledge proof with the following example. Example 11.21.
Suppose Paula wants to verify her identity to Vince by convincing
him that she knows the prime factors of n =31·61=1891. Her identification number is I=391. Note that 391 is a quadratic residue of 1891 because, as the reader can verify, it
is a quadratic residue of both 31 and61, so she can take v =391(that is, in this case, she does not have to concatenate an integer
c
with
J). Paula finds that
u = 239
is a square
root of 391 modulo 1891. She can easily perform this calculation, because she knows the primes 31 and61. (Note that we have selected small primes p and q in this example to illustrate the procedure. In practice, primes with hundreds of digits should be used.) We illustrate one cycle of this procedure. In step(i), Paula chooses a random number, say, r = 998. She sends Vince two numbers, x y
=
vx
=
391 · 1296
=
=
r2
=
9982
=
1338 (mod 1891) and
1839 (mod 1891).
In step (ii), Vince checks that xy
=
1338 · 1839
=
391(mod 1891) and chooses, at
random, a bit b, say, b =1, which he sends to Paula. In step (iii), Paula sends s
= u
in step (iv), Vince checks that s2
=
r =239 · 1855 8512
=
1839
=
=
851(mod 1891) to Vince. Finally,
y (mod 1891).
..,..
Note that if the prover sends the verifier both r and s, the verifier will know the private information
u = rs,
which is the secret information held by the prover. By passing the
test with sufficiently many cycles, the prover has shown that she can produce either r or s on request. It follows that she must know
u
because, in each cycle, she knows both r
and s. The choice of the random bit by the verifier makes it impossible for someone to fix the procedure by using numbers that have been rigged to pass the test. For example, someone could compute the square of a known number r and send x =r2, instead of choosing a random number. Similarly, someone could select a number x such that vx is
465
11.5 Zero-Knowledge Proofs
a known square.However, it is impossible to do precalculations to make both the squares of known numbers without knowing
x
and
y
u.
Because the bit chosen by the verifier is chosen at random, the probability that it will be a 0 is 1/2, as is the probability that it will be a 1. If someone does not know the square root of
u,
v, the probability that they will pass one iteration of this test is almost
exactly 1/2. Consequently, the probability that someone masquerading as the prover will 30 pass the test with 30 cycles is approximately 1/2 , which is less than one in a billion. A variation of this procedure, known as the Fiat-Shamir method, is the basis for verification procedures used by smart cards, such as for verifying personal identification numbers. Next, we describe a method that can be used to prove, using a zero-knowledge proof, that someone has certain information. Suppose that the prover, Paula, has in formation represented by a sequence of numbers j
=
1, 2,
. . . , m.
vi. v , ..., vm, 2
where 1 :::::
vj
< n
for
Here, as before, n is the product of two primes p and q that are both con
gruent to 3 modulo 4. Paula makes public the sequence of integers si.
s , ..., sm, where 2
sj = v ] (mod n ), 1 ::::: sj < n. Paula wants to convince the verifier, Vince, that she knows the private information vi. v , ... , vm, without revealing this information to Vince. What 2 Vince knows is her public modulus n and her public information si. s , ..., sm. 2 The following procedure can be used to convince Vince she has this information. Each cycle of the procedure has the following steps. (i)
Paula chooses a random number
r
and computes
x =
r2,
which she sends to
Vince. (ii) (iii)
(iv)
. .., m} and sends this subset to Paula. Paula computes y, the least positive residue modulo n of the product of r and the integers V , with j in S, that is, y = r n ES V (mod n ), 0::::: y < n, and she j j j sends y to Vince. Vince verifies that x = y2z (mod n ), where z is the product of the integers sj, with j in S, that is, z = n ES s (mod n ), 0::::: z < n . j j Vince selects a subset S of the set { 1, 2,
Note that the congruence in step (iv) holds, because
y2z = r2 n v] n sj jES jES r2 n v�v� J J jES = r2 (mod n ). =
The random number r is used so that the verifier cannot determine the value of the integer
v j,
part of the secret information, by selecting the set S
=
{j}.When this procedure is
carried out, the verifier is given no new information that will help him determine the private information
Vi. ..., vm.
466
Quadratic Residues We illustrate one cycle of this interactive zero-knowledge proof in the following example.
Example
Suppose that Paula wants to convince Vince that she has secret information, which is represented by the integers v1 = 1 1 44, v2 = 877, v3 = 2001, v4 = 1221, and v5 = 1 01.Her secret modulus is n = 47 53 = 2491.(In practice, primes with hundreds of digits are used rather than the small primes used in this example.) 11.22.
·
Her public information consists of the integers sj• with sj
=
] (mod 2491), 0
v
<
2491, j = 1,2,3,4,5. It follows, after routine calculation, that her public information consists of the integers s1 = 1 97, s2 = 2453, s3 = 1553, s4 = 941, and s5 = 494.
sj
<
Paula can convince Vince that she has the secret information using the procedure described in the text.We describe one cycle of the procedure.In step (i), Paula chooses a random number, say, r = 1253.Next, she sends x 2 r modulo 2491, to Vince.
=
679, the least positive residue of
In step (ii), Vince selects a subset of {1, 2, 3, 4, 5}, say, s
=
{1, 3, 4, 5}, and informs
Paula of this choice. In step (iii), Paula computes the number y, with 0 :Sy y
Consequently, she sends y
<
=
rv1V3V4V5
=
1253 .1 1 44 .2001 1221 1 01
=
68 (mod 2491).
=
·
2491 and
·
68 to Vince. 2
Finally, in step (iv), Vince confirms that x = y s1s3s4s5 (mod 2491) by verifying that x = 679 = 682 1 97 1 553 941 494 (mod 2491). ·
·
·
·
Vince can ask Paula to run through more cycles of this procedure to verify that she does have the secret information. He stops when he feels that the probability that she is ..,... cheating is small enough to satisfy his needs.
How can the prover cheat in this interactive procedure for zero-knowledge proofs of information? That is, how can the prover fool the verifier into thinking that she really knows the private information vi. ... , vm when she does not? The only obvious way is for the prover to guess the set S before the verifier supplies this; in step (i), to take x =
2 r
njES v] ; and in step (iii), to take y = r. Because there are 2m possible sets s (as
there are that many subsets of {1, 2, ..., m}), the probability that someone not knowing the private information fools the verifier using this technique is lf2m. Furthermore, when this cycle is iterated T times, the probability decreases to lj2mT.For instance, if m = 1 0 and T = 3, the probability of the verifier being fooled is less than one i n a billion. In this section, we have only briefly touched upon zero-knowledge proofs. The reader interested in learning more about this subject should refer to the chapter by Goldwasser in [Po90], as well as to the reference supplied in that chapter.
11.5 Zero-Knowledge Proofs
11.5
467
EXERCISES 4 1. Suppose that n =3149 =47 67 and that x 2 residue of x modulo 3149. ·
2. Suppose that
n
3. Suppose that
n
=
2070 (mod 3149). Find the least nonnegative 4
=11,021=103 107 and that x 2 negative residue of x modulo 11,021. ·
=
1686 (mod 11,021). Find the least non
=pq, where p and q are primes both congruent to 3 modulo 4, and that x is
an integer relatively prime to
n.
4
Show that of the four square roots of x modulo
n,
only one
is the least nonnegative residue of a square of an integer.
4. Suppose that Paula has identification number 1760 and modulus 1961=37 53. Show how ·
she verifies her identity to Vince in one cycle of the Shamir procedure, if she selects the random number
1101 and he chooses 1 as his random bit.
5. Suppose that Paula has identification number 7 and modulus 1411=17 83. Show how she ·
verifies her identify to Vince in one cycle of the Shamir procedure, if she selects the random number
822 and he chooses 1 as his random bit.
6. Run through the steps used to verify that the prover has the secret information in Example
11.22, when the random number r =888 is selected by the prover in step (i) and the verifier selects the subset {2, 3, 5} of {1, 2, 3, 4, 5}. 7. Run through the steps used to verify that the prover has the secret information in Example
11.22, when the random number r =1403 is selected by the prover in step (i) and the verifier selects the subset {l, 5} of {l, 2, 3, 4, 5}. 8. Let
=2491=47 53. Suppose that Paula's identification information consists of the se quence of six numbers v1 =881, v2 =1199, v3 =2144, v4 =110, v5 =557, and v6 =2200. n
·
a) Find Paula's public identification information, si. s2, s3, s4, s5, s6. b) Suppose that Paula selects at random the number r =1091, and Vince chooses the subset
S =2, 3, 5, 6 and sends this to Paula. Find the number that Paula computes and sends back to Vince. c) What computation does Vince make to verify Paula's knowledge of her secret information?
9. Let
n
=3953 =59 67. Suppose that Paula's identification information consists of the se ·
quence of six numbers v1 =1001, v2 =21, v3 = 3097, v4 = 989, v5 =157, and v6 =1039. a) Find Paula's public identification information si. s2, s3, s4, s5, s6. b) Suppose that Paula selects at random the number
r
=403, and Vince chooses the subset
S = {l, 2, 4, 6} and sends this to Paula. Find the number that Paula computes and sends back to Vince. c) What computation does Vince make to verify Paula's knowledge of her secret information?
10. Suppose that n =pq, where p and q are large odd primes and that you are able to efficiently extract square roots modulo n without knowing p and q. Show that you can, with probability close to
1, find the prime factors p and q. (Hint: Base your algorithm on the following
procedure. Select an integer modulo
n.
x.
Extract a square root of the least nonnegative residue of x
You will need to show that there is a
congruent to ±x modulo
n.
2
1/2 chance that you found a square root not
)
11. In this exercise, we expose a flaw in the proposed scheme of a zero-knowledge proof presented
11.20. Suppose that Vince randomly chooses integers w until he finds a for which the Jacobi symbol ( 1!f-) equals -1 and that he sends Paula z, the least
prior to Example value of
w
468
Quadratic Residues
nonnegative residue of
w2
modulon. Show that Vince can factorn once Paula sends back
the square root of z that she computes.
Computations and Explorations 1. Give one of your classmates the integern, wheren
=
pq and p and q are primes with more
than 50 decimal digits, both congruent to 3 modulo 4. Convince your classmate that you know both p and q using a zero-knowledge proof.
2. Convince one of your classmates that you know a secret in the form of a sequence of 10 positive integers each less than 10,000, using the zero-knowledge proof described in the text.
Programming Projects 1. Given n, the product of two distinct primes both congruent to 3 modulo 4, and the least positive residue of x4 modulon, where positive residue of x2 modulon.
x
is an integer relatively prime ton, find the least
12 I
Decimal Fractions and Continued Fractions
n this chapter, we will discuss the representation of rational and irrational numbers as decimal fractions and continued fractions. We will show that every rational number
can be expressed as a terminating or periodic decimal fraction, and provide some results that tell us the length of the period of the decimal fraction of a rational number. We will also construct irrational numbers using decimal fractions, and show how decimal fractions can be used to express a transcendental number and to demonstrate that the set of real numbers is uncountable. Continued fractions provide a useful way of expressing numbers. We will show that every rational number has a finite continued fraction, that every irrational number has an infinite continued fraction, and that continued fractions are the best rational approximations to numbers.We will establish a key result that will tell us that the set of quadratic irrationals can be characterized as the set of numbers with periodic continued fractions. Finally, we will show how continued fractions can be used to help factor integers.
12.1
Decimal Fractions In this section, we discuss the representation of rational and irrational numbers as decimal
b expansions of real numbers, where b is a positive b > 1. Let a be a positive real number, and let a= [a] be the integer part of a, so that y =a - [a] is the fractional part of a and a=a+ y with 0 ::'.:: y < 1. By Theorem 2.1, the integer a has a unique base b expansion. We now show that the fractional part y also has a unique base b expansion. fractions. We first consider base
integer,
Theorem 12.1.
b
>
Let y be a real number with 0 ::'.:: y
<
1, and let
b be a positive integer,
1. Then y can be uniquely written as 00
y= where the coefficients
'L cj/bj,
j=l
cj are integers with 0 ::'.:: cj ::'.:: b
-
1 for j
restriction that for every positive integer N there is an integer
b
-
n
=
1, 2, ... , with the
with
n
� N and
en
=fa
1. In the proof of Theorem 12.1, we deal with infinite series.We will use the following
formula for the sum of the terms of an infinite geometric series. 469
470
Decimal Fractions and Continued Fractions Let a and
Theorem 12.2.
r be real numbers
with
Ir I
<
1. Then
00
Lari=a/(1- r). j=O Most books on calculus or mathematical analysis contain a proof of Theorem 12.2 (see [Ru64], for instance). We can now prove Theorem 12.1.
Proof.
We first let
C1=[by], so that 0
�c1 �b-
so that 0
� y1
<
1, because 0
�by
<
b. In addition,
let
1 and
Y1
y= C1 b We recursively define
ck
and
Yb
+
for k=2, 3,
b
...
. , by
ck=[bYk-1] and
Yk=byk-1 - ck so that 0
� ck
�
b-
1, because 0 �
� Yn <
C1
<
b and 0 � Yk
�
<
1. Then,
it follows that
� . n b + b2 + ... + b + bn 1, we see that 0 � Yn/bn < 1/bn. Consequently, n lim Y fb =0. n�oo n
Y=
Because 0
bYk-l
Therefore, we can conclude that
y=
. n�oo hm
(
Cl b
�
C b2
Cn bn
)
2 -+-+···+-
00
=I: cjfbi . j=l To show that this expansion is unique, assume that 00
00
j y=I: cjfb =I: djfbi, j=l j=l where 0 � integers
n
cj � b -
and
m
dj � b- 1 and, for every positive integer N, there are cn i=- b- 1 and dm i=- b- 1. Assume that k is the smallest index
1 and 0 �
with
12.1 Decimal Fractions
for which
ck =f=. dk> and assume that ck
>
dk (the case ck
<
471
dk is handled by switching the
roles of the two expansions). Then 00
00
so that
k
(12.1 )
Because
( ck- dk)fb =
ck
>
00
L
j=k+l
(di- cj )/bi.
dk> we have
(12.2) whereas 00
I:
(12.3)
j=k+l
00
j
(dj- cj )/b ::s
I:
j=k+l
(b - 1)/b
= (b - 1)
j
k 1/b +l 1- 1/b
12.2 to evaluate the sum on the right-hand side of the inequality. Note that equality holds in (12.3) if and only if di- ci= b - 1 for all j with j::::: k + 1, and this occurs if and only if di= b - 1 and cj = 0 for j::::: k + 1. However, where we have used Theorem
such an instance is excluded by the hypotheses of the theorem.Hence, the inequality in
(12.3) is strict, and therefore (12.2) and (12.3) contradict (12.1). This shows that the base b expansion of a is unique. • L:
The unique expansion of a real number in the form expansion of this number and is denoted by To find the base b expansion
(.c1c2c3 .. h ·
j:1 cj/bi is called the base b
·
( .c1c2c3 .. h of a real number y, we can use the ·
recursive formula for the digits given in the proof of Theorem 12.1, namely,
where Yo = y, fork = 1,
2, 3, ....(Note that there is also an explicit formula for these digits-see Exercise 21. )
Example 12.1.
Let
( .c1c2c3 ...)b be the base 8 expansion of 1/6.Then
472
Decimal Fractions and Continued Fractions 1 C1 = [8 · - ] = 1,
Y1 = 8 ·
6 - 1= 3'
1 C2= [8 · -] = 2,
Y2 = 8 ·
3 - 2 = 3,
6
3
2
C3 = [8 ·
-] = 5,
C4 = [8 ·
-] = 2,
C5 = [8 ·
-] = 5,
3
1
3
2 3
1
1
1
2
2 1 Y3 = 8 . - - 5 = - ' Y4 = 8 ·
3
3
1
2
3 - 2 = 3'
2 1 Ys = 8 . - - 5 = - ' 3
3
and so on. We see that the expansion repeats; hence,
1/ 6 = (.1252525 ...)g. b expansions of rational numbers. We will show that a number is rational if and only if its base b expansion is periodic or terminates. We will now discuss base
Definition. integer
n
b expansion (.c1c2c3 ...)b is said to terminate if there is a positive such that en = en+1 = Cn+2 = · · · = 0. A base
Example 12.2.
1/8, (.125000 ...)i0= (.125)10, terminates.
The decimal expansion of
Also, the base 6 expansion of 4/9,
To describe those real numbers with terminating base
b expansion, we prove the
following theorem.
Theorem 12.3.
0 ::=:: a < 1, has a terminating base b expansion if and only if a is rational and can be written as a= r/s, where 0 ::=:: r < s and every prime factor of s also divides b. Proof
The real number a,
First, suppose that a has a terminating base
b expansion,
Then a=
C C + 2 + ... + n 2 b b bn l 2 c1bn- + c2bn- + ... +en bn
C1
so that a is rational, and can be written with a denominator divisible only by primes dividing
b.
Conversely, suppose that 0 ::=:: a
<
1, and a=
r/s,
12.1 Decimal Fractions
where each prime dividing
473
s also divides b.Hence, there is a power of b, say, bN, that
s (for instance, take N to be the largest exponent in the prime-power factorization of s ).Then
is divisible by
bNa=bNr /s=ar, sa=bN, and a is a positive integer because slbN.Now let ( amam-1... aiaohbe the base b expansion of ar. Then where
m m1 amb + am -lb - + ...+ aib + ao N a=ar /b = bN l m1 m =amb -N + am-1b - -N + ...+ alb -N + aob -N --------
=(.00 ... amam-1... aiaoh· Hence,
a has a terminating base b expansion.
•
b expansion can be written as a nonterminat ing base b expansion with a tail-end consisting entirely of the digit b - 1, because (.c1c2 ... cmh=(.c1c2 ... cm - 1 b - 1 b - 1...)b. For instance, (.12 )10= (.11999 .. -ho· This is why we require in Theorem 12.1 that for every integer N there is an integer n such that n > N and en i=- b - 1; without this restriction, base b expansions Note that every terminating base
would not be unique. A base
b expansion that does not terminate may be periodic, for instance, 1/3=(.333..-ho. 1/6=(.1666..-ho.
and
1/7=(.142857142857142857..-ho· b expansion (.c1c2c3 ...)b is called periodic if there are positive integers N and k such that cn+k=en for n '.'.:'.: N.
Definition.
A base
(.c1c2 ... cN - lcN ... cN+k -Ih the periodic base b expansion (.c1c2... cN -lcN ... cN+k -lcN ... cN+k -lcN .. -h· For instance, we have We denote by
1/3=(.3)10)• 1/6=(.16)10 . and
1/7=(.142857)10. Note that the periodic parts of the decimal expansions of
113 and 117 begin imme
1/6 the digit 1 precedes the periodic part of the expansion. We call the part of a periodic base b expansion preceding the periodic part the pre-period, and the periodic part the period, where we take the period to have
diately, whereas in the decimal expansion of
minimal possible length.
474
Decimal Fractions and Continued Fractions Example 12.3.
The base 3 expansion of 2/45 is
and the period is
(1012)).
(.001012)) . The pre-period is (00))
The next theorem tells us that the rational numbers are those real numbers with periodic or terminating base b expansions. Moreover, the theorem gives the lengths of the pre-period and period of the base b expansion of a rational number.
Theorem 12.4.
Let b be a positive integer. Then a periodic base b expansion represents
a rational number. Conversely, the base b expansion of a rational number either terminates or is periodic. Further, if 0
1, a=r/s, where r ands are relatively prime positive integers, ands=T U, where every prime factor of T divides b and (U, b) =1, then the <
a
<
period length of the base b expansion of a is ordub, and the pre-period length is N, N where N is the smallest positive integer such that T lb .
Proof.
First, suppose that the base b expansion of a is periodic, so that
(� )
a= ( .C1C2 · · · CNCN+l · · · CN+k) b
=
=
C1
b Cl
b
+
+
1
CN
C2
b2 + ... + bN + � bik C2 b2
+ ... +
where we have used Theorem
( +
CN bN
1=0
bk
bk -
1
)(
CN+l bN+l
+ ... +
CN+K bN+k
)
'
12.2 to see that 00
1
L: bi k j=O
=
1 1
_
_!_ bk
Because a is the sum of rational numbers, it is rational.
1, a=r/s, where r and s are relatively prime positive integers, s=TU, where every prime factor of T divides b, (U, b) =1, and N Conversely, suppose that
0
<
a
<
N is the smallest integer such that T lb .
N N Because T l b , we have aT =b , where a is a positive integer. Hence, ar N N b a=b _!___ = . U TU
(12.4) Furthermore, we can write
ar
(12.5) where A and
u
=A+
0
<
C
<
U, bNa= ':;
N b , which N when both sides are multiplied by b . ) The fact
( C, U) =1. (The inequality for A follows because 0
<
<
0
results from the inequality that
' u
C are integers with 0 :S: A < bN,
and
C
base b expansion A= (anan-1 ... a1aoh ·
12.1 Decimal Fractions
If
475
U = 1, then the base b expansion of a terminates as shown. Otherwise, let
v =ordub.
Then
bv C
(12.6)
u
where tis an integer,because b
bv C
(12.7)
u
where (.c1c2c3
.
.
=
(tU
l)C
u
t + C, = C u
v = 1 (mod U). However,we also have
v =b
(
cl + C2 b
b2
+
...
Cv
+
bV
Yv
+
bV
)
'
� ,so that
·his the base b expansion of
ck = [bYk-1], where Yo=
+
b Yk =hYk-1 - [ Yk-1],
�, fork = 1, 2, 3, .... From (12.7), we see that
(
bv C = bv-1 + C2bv-2 + C1 U
(12.8)
Equating the fractional parts of
·
·
·
)
+ Cv
+ Yv·
(12.6) and (12.8), noting that 0:::: Yv
<
1, we find that
c
Yv=-. u
Consequently, we see that c
Yv=Yo=-, u
so that from the recursive definition of ci. c2,
k = 1,
..., we can conclude that ck+v=ck for
2, 3, . . . . Hence, � has a periodic base b expansion c
- = (.C1C2 u
Combining
·
·
·
Cv)b.
(12.4) and (1 0.5), and inserting the base b expansions of A and
� ,we have
(12.9) Dividing both sides of
(12.9) by bN,we obtain
(where we have shifted the decimal point in the base b expansion of bNa N spaces to
the left to obtain the base b expansion of a). In this base b expansion of a, the pre-period
(.00 ... anan-l ... a1a0h is of length N, beginning with N - (n + 1) zeros, and the
period length is
v.
We have shown that there is a base b expansion of and a period of length
v.
a with a pre-period of length N
To finish the proof,we must show that we cannot regroup the
base b expansion of a, so that either the pre-period has length less than N or the period
476
Decimal Fractions and Continued Fractions has length less than a=
=
v. To do this, suppose that
(.C1 C2 ... CMCM+l ... CM+ h k bk CM+l CM+k Cl C2 CM b + b + ... + bM + bk + ... + M+ + 1 M b b k 1 2 1 2 (c1bM-l + c2bM- + ... + cM) (bk - 1) + (cM+lbk- + ... + CM+k) bM(bk - 1)
(
Because a= r/ s , with
(r,
s) = 1,
)
)(
we see that
slbM(bk -
TlbM and (mod U) and
1). Consequently,
Ul (bk - 1). Hence, M � N, and vlk (by Theorem 9.1 , because bk= 1 v = ordub).Therefore, the pre-period length cannot be less than N and the period length • cannot be less than v. We can use Theorem 12.4 to determine the lengths of the pre-period and period of decimal expansions.Let a= r/ s, 0
ands = 2 s1 5s2 t , where
Theorem 12. 4, the pre-period has length max (si.
Example 12.4.
Let a= 5/28.Because 28 = 2
s2 )
2 ·
(t, 10) = 1.Then, by
and the period has length ordt 10.
7, Theorem 12.4 tells us that the pre
period has length two and the period has length ord710 = 6. As 5/28 = ( .17857 1 42), we ..,...
see that these lengths are correct.
Note that the pre-period and period lengths of a rational number r/ s, in lowest terms,
depend only on the denominator
s, and not on the numerator r.
We observe that by Theorem 12.4 a base b expansion that is not terminating and is
not periodic represents an irrational number.
Example 12.5.
The number with decimal expansion a=
.101001000 10000 ... ,
consisting of a one followed by a zero, a one followed by two zeros, a one followed by three zeroes, and so on, is irrational because this decimal expansion does not terminate ..,...
and is not periodic.
The number a in the preceding example is concocted so that its decimal expansion is clearly not periodic. To show that naturally occurring numbers such as
e
and
rr
are
irrational, we cannot use Theorem 12.4, because we do not have explicit formulas for the decimal digits of these numbers.No matter how many decimal digits of their expansions we compute, we still cannot conclude that they are irrational from this evidence, because the period could be longer than the number of digits that we have computed.
Transcendental Numbers The French mathematician Liouville was the first person to show that a particular number is transcendental.(Recall from Section 1 .1 that a transcendental number is one that is not the root of a poly nomial with integer coefficients. ) The number that Liouville showed is
12.1
477
Decimal Fractions
transcendental is the number 00
a=
z=
1
, = 0.110001000000000000000001oo
. l 101. z= -
. ...
.
T his number has a one in the n !th place for each positive integer n and a zero elsewhere. To show that this number is transcendental, Liouville proved the following theorem, which shows that algebraic numbers cannot be approximated very well by rational numbers. In particular, this theorem provides a lower bound for how well an algebraic number of degree
n can be approximated by rational numbers. Note that an algebraic number ofdegree n is a real number that is a root of a polynomial of degree n with integer coefficients which is not a root of any polynomial with integer coefficients of degree less than!n.
Theorem 12.5. If a is an algebraic number of degree n, where n is a positive integer greater than 1, then there exists a positive real number C such that
l : I> > a
C/q"
-
for every rational number
p/q,
where q
Because the proof of Theorem
12.5,
0.
although not difficult, relies on calculus, we
will not supply it here. We refer the reader to [HaWr08] for a proof. We will be content to use this theorem to show that Liouville's number is transcendental.
Corollary 12.5.1.
Proof.
The number a=
I:�11/10i! is transcendental.
First, note that a is not rational, because its decimal expansion does not terminate
and is not periodic. To see that it is not periodic, note that there are increasingly larger numbers of zeros between successive ones in the expansion.
Pkfqk denote the sum of k qk = 1o !_ Because lOi! � 10Ck+l)!i
I
a -
Pk qk
I
=
>
the first k terms in the sum defining a. Note that
Let
whenever
1 10ck+l)!
i
k + 1, we have
00
2=
+
z=k+2
1 (lo(k+l)!)i
·
.
Because 00
. 2=
l=k+2
1 10ck+l)!i
::s
1 10ck+l)! •
it follows that
l :: I a
-
<
:
10< +1)!"
>
It therefore follows that a cannot be algebraic, for if it were algebraic of degree by T heorem 12.5 there would be a positive real number C such that la
Pk!qk I -
n, then C/qk.
478
Decimal Fractions and Continued Fractions 1bis is not the case, because we have seen that
la
p1/q11
-
<
2/qf+1, and
taking k to
be sufficiently larger than n produces a contradiction.
•
The notion of the decimal expansion of real numbers can be used to show that the set of real numbers is not countable. A countable set is one that can be put into a one to-one correspondence with the set of positive integers. Equivalently, the elements of a countable set can be listed as the terms of a sequence. The element corresponding to the
G
integer 1 is listed first, the element corresponding to the integer
2 is
listed second, and
so on. We will give the proof found by German mathematician Georg Cantor.
Theorem 12.6. Proof.
The set of real numbers is an uncountable set.
We assume that the set of real numbers is countable. Then the subset of all real
numbers between 0 and 1 would also be countable, as a subset of a countable set is also countable (as the reader should verify). With this assumption, the set of real numbers between 0 and 1 can be listed as terms of a sequence rlt r2, r3,
•
•
•
•
Suppose that the
decimal expansions of these real numbers are r 1 = O.dud12d13d14 r2
=
O.d21d22dnd24
r3 = O.d31d32d33d34 T4
=
O.d41d42d43d44
•
•
•
·
•
•
•
•
•
•
•
•
and so on. Now form a new real number r with the decimal expansion 0.d1tJid3d4 where the decimal digits
are
determined by d;
=
4 if d;; =I= 4 and d;
=
5 if du
=
•
•
4.
GEORG CANTOR (1845-1918) was born in St. Petersburg, Russia, where his father was a successful merchant. When he was 11, bis family moved to Germany to escape the harsh weather of Russia Cantor developed his interest in mathematics while in Gennan high schools. He attended university at Zurich and later at the University of Berlin, studying under the famous :mathematicians
Kummer, Weierstrass, and Kronecker. He received his doctorate in 1867 for work in number theory. Cantor took a position at the University of Halle in 1869, a position that he held until he retired in 1913. Cantor is considered the founder of set theory; he is also noted for bis contributions to mathe matical analysis. Many mathematicians had extremely high regard for Cantor's work, such as Hilbert, who said that it was "the finest product of mathematical genius and one of the supreme achievements of purely intellectual human activity." Besides mathematics, Cantor was interested in philosophy, and he wrote papers connecting his theory of sets and metaphysics. Cantor was married in 1874 and had five children. He had a melancholy temperament that was balanced by his wife's happy disposition. He received a large inheritance from bis father, but since he was poorly paid as a professor at Halle, he applied for a better-paying position at the University of Berlin. His appointment there was blocked by Kronecker, who did not agree with Cantor's views on set theory. Unfortunately, Cantor suffered from mental illness throughout the later years of his life; he died of a heart attack in 1918 in a psychiatric clinic.
•
,
12.1 Decimal Fractions
479
Because every real number has a unique decimal expansion (when the possibility that the expansion has a tail end that consists entirely of 9s is excluded), the real number r
that we constructed is between 0 and 1 and is not equal to any of the real numbers
ri. r2, r3,
... , because the decimal is a real number
r
between 0 and 1 not in the list,
the assumption that all real numbers between 0 and 1 could be listed is false. It follows that the set of real numbers between 0 and 1, and hence the set of all real numbers, is uncountable.
12.1
•
EXERCISES 1. Find the decimal expansion of each of the following numbers. a) 2/5
b) 5/12
c) 12/13
d) 8/15
e) 1/111
f) 1/1001
2. Find the base 8expansions of each of the following numbers. a) 1/3
b) 1/4
c) 1/5
d) 1/6
e) 1/12
f) 1/22
3. Find the fraction, in lowest terms, represented by each of the following expansions. a) .12
c) .12
b) .12
4. Find the fraction, in lowest terms, represented by each of the following expansions. a) (.123)?
c) (.17)11
b) (.013)6
d) (.ABC)i6
5. For which positive integers bdoes the base bexpansion of 11/210 terminate? 6. Find the pre-period and period lengths of the decimal expansion of each of the following rational numbers. a) 7/12
b) 11/30
c) 1175
d) 10/23
e) 13/56
f) 1/61
7. Find the pre-period and period lengths of the base 12 expansions of each of the following rational numbers. a) 1/4
b) 1/8
c) 7/10
d) 5/24
e) 17/132
f) 7/360
8. Let b be a positive integer. Show that the period length of the base b expansion of 1/ m is m - 1if and only if m is prime and bis a primitive root of m.
9. For which primes p does the decimal expansion of 11p have period length equal to each of the following integers? a) 1
b) 2
c) 3
d) 4
e) 5
f) 6
10. Find the base bexpansion of each of the following numbers. a) 1/(b - 1)
b) 1/(b+ 1)
11. Let b be an integer with b > 2. Show that the base b expansion of 1/(b - 1)2 is (.0123... b - 3b - l)b. 12. Show that the real number with base bexpansion (.0123...b - 1 101112.. ·h· constructed by successively listing the base bexpansions of the integers, is irrational. 13. Show that
480
Decimal Fractions and Continued Fractions
is irrational, whenever 14. Let
b is a positive integer greater than 1.
bi. b2, b3, ...be an infinite sequence of positive integers greater than 1. Show that every
real number can be represented as
where c0, Ci. c2, c3, ...are integers such that 0 � ck
< k fork
=
1, 2, 3, ... .
15. Show that every real number has an expansion C3 C1 C2 co+-+-+-+···
1!
2!
3!
where c0, ci. c2, c3, ...are integers and 0 � ck
< k fork
'
=
1, 2, 3,
.
..
.
16. Show that every rational number has a terminating expansion of the type described in Exercise 15. *
b expansion of 1/pis (.c1c2 ... cp-Ih• so that the b expansion of 1/pis p- 1. Show that if m is a positive integer
17. Suppose that pis a prime and the base period length of the base with 1 � m
then m/p= (.ck+l... c
c c2 ... ck-lck)b, P_1 1
wherek is the least positive residue of indbm modulo p. *
/ 2, ... , t.
18. Show that if pis prime and 1 p= (.c1c2 ... ck)b has an even period length, k
j
c + cj+t
=
b - 1for j
=
1,
=
2t, then
n is the length of the period of the binary expansion of
1/ n equal
20. For which positive integers n is the length of the period of the decimal expansion of
1/ n equal
19. For which positive integers ton ton
- 1?
- 1?
b is a positive integer.Show that the coefficients in the base b expansion of the 2:�1 cj/bi withO � y lare given by theformula cj [ybi]-b[ybi-1] for j 1, 2, .... (Hint: First, show that 0 � [ybi] - b[ybi-1] � b - 1. Then, show that L:f=1([ybi] - b[ybi-1])/bi y - (ybN[ybN]/bN) and let N--+ oo.) 22. Use the formula in Exercise 21 to find the base 14 expansion of 1/ 6. 23. Show that the number L�1(- l)a; / 1Qi1 is transcendentalfor all sequences of positive integers
21. Suppose that
realnumbery
<
=
=
=
=
ai. a2,
.
•
.
.
24. Is the set of all real numbers with decimal expansions consisting of only zeros and ones countable? *
e is irrational.
25. Show that the number
1/ P, where P is a j, the position of the seed, is This is called the P generator. Find the first
26. Pseudorandom numbers can be generated using the base m expansion of positive integer relatively prime to m.We set Xn a positive integer and
1/ P
=
(.c1c2 c3
. . .
)m.
=
cj+n, where
1/
ten terms of the pseudorandom sequence generator with each of the following parameters. a) m = 7,
P
=
19, and
j
=
6
b) m = 8,
2
P = 1, and j
=
5
12.2
Finite Continued Fractions
481
Computations and Explorations 1. Find the pre-period and period of the decimal expansions of 212/3159
81327/1666669 9.
2. Find as many positive integers expansion of 3. Find the first
1/ n is n - 1.
7, 1053/4437189 , and
n as you can such that the length of the period of the decimal
10,000 terms of the decimal expansion of n:.
Can you find any patterns? Make
some conjectures about this expansion. 4. Find the first
10,000 terms of the decimal expansion of e.
Can you find any patterns? Make
some conjectures about this expansion.
Programming Projects 1. Find the base b expansion of a rational number, where b is a positive integer. 2. Find the numerator and denominator of a rational number in lowest terms from its base b expans10n. 3. Find the pre-period and period lengths of the base b expansion of a rational number, where b is a positive integer. 4. Generate pseudorandom numbers using the modulus
m
greater than
12.2
1/ P
generator (introduced in Exercise
and seed in position j, where P and
m
1 and j is a positive integer.
26)
with
are relatively prime positive integers
Finite Continued Fractions The remainder of this chapter deals with continued fractions. In particular, in this section we define finite continued fractions. We will show that every rational number can be written as a finite continued fraction. Later sections will discuss infinite continued fractions. Using the Euclidean algorithm, we can express rational numbers as
fractions.
continued
For instance, the Euclidean algorithm produces the following sequence of
equations:
62 = 2. 23 + 16 23 = 1·16 + 7 16 = 2. 7 + 2 7=
3 · 2 + 1.
W hen we divide both sides of each equation by the divisor of that equation, we obtain
482
Decimal Fractions and Continued Fractions 16 1 2+ - 2+ 23/16 23 23
62
1 1+ 2_ - 1+ __ 16 16 16/7
23
2 1 = 2+- = 2+7/2 7 7
16
-
7 1 - =3+-. 2 2 By combining these equations, we find that 62 23
= 2+
1 23/16
1 =2+-- 1 1+ 16/7 -
=
1
2+---1-1+ 1 2+7/2 1
=2+ 1+
2+
1 1 1 3+2
The final expression in this string of equations is a continued fraction expansion of 62/23. We now define continued fractions. Definition.
Afmite continued fraction is an expression of the form ao +
1 1
---
a1 +
a2+.
----
1 +--- 1 , an-1 +
an
-
where ao, ai. a1, ... , an are real numbers with ai. a1, a3, ... , an positive. The real numbers ai. a2, ... , an are called the partial quotients of the continued fraction. The continued fraction is called simple if the real numbers a0, ai. ... , an are all integers. Because it is cumbersome to fully write out continued fractions, we use the nota tion [a0; ai. a2, ... , an] to represent the continued fraction in the definition of a finite continued fraction.
12.2 Finite Continued Fractions
483
We will now show that every finite simple continued fraction represents a rational number.Later we will demonstrate that every rational number can be expressed as a finite simple continued fraction.
Theorem 12.7.
Proof
Every finite simple continued fraction represents a rational number.
We will prove the theorem using mathematical induction. For
n
= 1, we have
which is rational. Now, we assume that for the positive integer k the simple continued fraction [a0; ai. a2, ..., ak] is rational whenever a0, ai. ..., ak are integers with ai. ..., ak positive.Let a0, ai. ..., ak+l be integers with ai. ..., ak+l positive.Note that [ao; ai. ...' ak+il =a o +
1 [a1; a2, ..., ab ak+il
-------
By the induction hypothesis, [a1; a2, ..., ab ak+l] is rational; hence, there are integers r and s, with s =f=. 0, such that this continued fraction equals r/ s. Then
which is again a rational number.
•
We now show, using the Euclidean algorithm, that every rational number can be written as a finite simple continued fraction.
Theorem 12.8.
Every rational number can be expressed by a finite simple continued
fraction.
Proof
Letx = a/b, where a andb are integers withb
>
0. Letr0 =a andr1 =b.Then,
the Euclidean algorithm produces the following sequence of equations: ro = r1q1 + r2
0
<
r2
<
ri.
r1 = r2q2 + r3
0
<
r3
<
r2,
r2 = r3q3 + r4
0
<
r4
<
r3,
rn-3 = rn-2qn-2 + rn-1
0
<
rn-1
<
rn-2 = rn-lqn-1 + rn
0
<
rn
rn-1'
<
rn-2•
rn-1 = rnqnIn these equations, q2, q3, ... , qn are positive integers. Writing these equations in fractional form, we have
484
Decimal Fractions and Continued Fractions � a 1 � - = - =ql+ - =ql+ b rtf r2 r1 r1
--
r3 r1 -=q2+-=q2+ �
�
1 � /�
--
1 r4 r2 -=q3+ -=q3+ �/� � �
--
1 rn-1 rn-3 --=qn-2+ --=qn-2+ rn-2/rn-l rn-2 rn-2
----
1 rn-2 rn --=qn-1+ --=qn-1+ rn-1/rn rn-1 rn-1
---
rn-1 -- =qn. rn Substituting the value of rtf r2 from the second equation into the first equation, we obtain
a
(12.10)
=ql+
b
1 q1+
1 -
r2/r3
Similarly, substituting the value of r2/r3 from the third equation into c
b
(12.10),
we obtain
1
=ql+ ----l-q2+ 1 q 3+ r3/r4 ----
--
Continuing in this manner, we find that
a - =ql+ b
1
1 q 2+ _ q3+.
-------
______
1
+qn-1+ qn Hence,
�= [q1; q2, ..., qn].This shows that every rational number can be written as a
finite simple continued fraction.
•
We note that continued fractions for rational numbers are not unique. From the identity 1
an= (an - 1) + -, 1
we see that
whenever an
>
1.
12.2 Finite Continued Fractions
Example 12.6.
485
We have 7 -= [O;1, 1, 1, 3 ]= [O;1, 1, 1, 2, l].
11
In fact, it can be shown that every rational number can be written as a finite simple continued fraction in exactly two ways, one with an odd number of terms, the other with an even number (see Exercise 12 at the end of this section). Next, we will discuss the numbers obtained from a finite continued fraction by cutting off the expression at various stages. The continued fraction [a0;ai. a2, ... , ak], where k is a nonnegative in
Definition.
teger less than or equal to
n,
is called the
kth convergent
of the continued fraction
[ao;ai, a2, ..., anl· Thekth convergent is denoted by Ck. In our subsequent work, we will need some properties of the convergents of a continued fraction. We now develop these properties, starting with a formula for the convergents. Theorem 12.9.
Let a0, ai. a2, ..., an be real numbers, with ai. a2, ..., an positive.
Let the sequences p0, Pi. ..., Pn and q0, qi. ..., qn be defined recursively by
Po=ao Pt=aoa1+1 and
Pk= akPk-t + Pk-2 fork= 2, 3, ... ,
n. Then thekth convergent Ck= [a0;ai. ... , ak] is given by Ck= Pkfqk.
Proof.
We will prove this theorem using mathematical induction.We first find the three
initial convergents. They are
Co= [ao]=ao/1=Po/qo, C1= [ao;a1]= ao +
1 ai
-
=
C2= [a0;ai. a2]=ao +
a0a1+1 ai 1
al +
1 a2
Pt
= -,
qt
a2(a1a0 +1) + ao
p2
a1a1 + 1
q2
Hence, the theorem is valid fork= 0, k= 1, andk = 2. Now assume that the theorem is true for the positive integer k, where 2:::: k
<
n.
This means that
(12.11)
akPk-t + Pk-2 Pk . ck= [ao;ai. ... 'ak]= -= qk akqk-1 + qk-2
Because of the way in which the p/ s and q / s are defined, we see that the real num bers Pk-1' Pk-2, qk-1' and qk_2 depend only on the partial quotients a0, ai. ..., a l· k-
486
Decimal Fractions and Continued Fractions Consequently, we can replace the real number ak by ak+1/ak+l in (12.11 ), to obtain
1 Ck+l = [ao; ai. ... , ab ak+I] = a0; ai. . . . , ak-1' ak+-ak+l
[
J
(ak+att) Pk-I+Pk-2 (ak+ak�J qk-1+qk-2 ak+1(akPk-l +Pk-2) +Pk-I ak+1(akqk-l +qk-2) +qk-1 ak+IPk+Pk-1 ak+lqk+qk-1 Pk+l qk+l This finishes the proof by induction.
•
We will illustrate how to use Theorem 12.9 with the following example. We have 173/55 = [3; 6, 1, 7]. We compute the sequences Pj and qj for j = 0, 1, 2, 3, by
Example 12.7.
qo=1
Po=3 P1=3 6+1=19
ql =6
P2=1·19+3=22
q2=1·6+1=7 q3=7. 7 +6=55.
·
p3=7 . 22 +19=173
Hence, the convergents of the above continued fraction are
Co= Po/qo=3/1=3 C1= pifq1=19/6 C2= P2/q2=22 /7 C3= p3/q3=173/55. We now state and prove another important property of the convergents of a continued fraction. Let Ck= Pkfqk be the kth convergent of the continued fraction [a0; ai. ... , an], where k is a positive integer, 1 ::::= k ::::= n. If Pk are as defined in Theorem
Theorem 12.10.
12.9, then
Proof
We use mathematical induction to prove the theorem. For k=1, we have
12.2 Finite Continued Fractions
Assume that the theorem is true for an integer k, where 1:::: k
< n,
487
so that
Then we have
Pk+lqk - Pkqk+l = (ak+lPk + Pk-1)qk - Pk(ak+lqk + qk-1) k-l = Pk-lqk - Pkqk-1 = -(-l) = (-ll, so that the theorem is true for k + 1. This finishes the proof by induction.
•
We illustrate this theorem with the example that we used to illustrate Theorem 12.9.
Example 12.8.
For the continued fraction [3; 6, 1, 7], we have
Poq1 - P1qo = 3 6 - 19 · 1 = -1 ·
P1q2 - P2q1=19·7 - 22 · 6 = 1
. P2q3 - p3q2= 22 · 55 - 173 · 7= -1 As a consequence of Theorem 12.10, we see that fork= 1, 2 , ... , the convergents Pkfqk
of a simple continued fraction are in lowest terms. Corollary 12.10.1 demonstrates this. ....
Corollary 12.10.1.
Let Ck=Pkfqk be the kth convergent of the simple continued
fraction [a0; ai. ... , an], where the integers Pk and qk are as defined in Theorem 12.9. Then the integers Pk and qk are relatively prime.
Proof.
Let d=(pk, qk)· By Theorem 12.10, we know that
k-l. Pkqk-1 - qkPk-1 = (-l) Hence,
Therefore, d = 1.
•
We also have the following useful corollary of Theorem 12.10.
Corollary 12.10.2.
Let Ck=Pkfqk be the kth convergent of the simple continued
fraction [a0; ai. a2, ... , ak].Then
ck - ck-1 = for all integers k with 1 :::: k ::::
n.
(-l)k-1 qkqk-1
--
Also,
a ( l)k - k Ck - Ck-2 qkqk-2 for all integers k with 2 :::: k ::::
n.
488
Decimal Fractions and Continued Fractions
Proof
Subtracting fractions and applying Theorem 12.10 tells us that
1 k-1 - Pk-lqk ck - ck-1 =Pk - Pk- =PkQ qkqk-1 qk Qk-1 giving us the first identity of the corollary. To obtain the second identity, note that
2 k-2 - Pk-2qk ck - ck-2=Pk - Pk- =PkQ qk Qk-2 QkQk-2 Because Pk=akPk-l + Pk-2 and qk =akqk-l + qk_ , we see that the numerator of the 2 fraction on the right is
PkQk-2 - Pk-2Qk =(akPk-1 + Pk-2)Qk-2 - Pk-2(akqk-l + Qk-2) =ak(Pk-lQk-2 - Pk-2Qk-1 ) =ak(-l)k-2, using Theorem 12.10 to see that Pk-lQk-2 - Pk-2Qk-l =(-l)k-2. Therefore, we find that
This is the second identity ofthe corollary.
•
Using Corollary 12.10.2, we can prove the following theorem, which is useful when developing infinite continued fractions. Theorem 12.11.
Let Ck be the kth convergent of the finite simple continued fraction
[ao; ai. a2, ... , an].Then
C1 >C3 >Cs>..., Co
<
C2
<
and every odd-numbered convergent C2j+1'
numbered convergent C2j,
Proof
j =0,
C4
< . . .
j =0,
'
1, 2, ... , is greaterthan every even
1, 2, ....
Because Corollary 12.10.2 tells us that, fork= 2, 3, ... ,
Ck - Ck-2= we know that
whenk is odd, and
k ak(-l) qkqk-2
'
n,
12.2 Finite Continued Fractions
489
when k is even.Hence,
and
Co< C2 < C4 < .... To show that every odd-numbered convergent is greater than every even-numbered convergent, note that from Corollary 1 2.1 0.2, we have
(-1)2m 1
< 0, C2m - C2m-l= Q2mQ2m-l so that C2m-l
>
C2m. To compare C2k and C2j-1' we see that C2j-l
>
C2j+2k-1
>
C2j+2k
>
C2b
so that every odd-numbered convergent is greater than every even-numbered convergent. •
Example 12.9.
Consider the finite simple continued fraction [2; 3, 1, 1, 2, 4]. T hen the
convergents are
Co=
2/1=2
C1=
7/3=2.3333 ...
C2 =
9/4=2.25
C3= 16/7=2.2857 ... C4= 41/1 8=2.2777 ... Cs=1 80/79=2.2784 .... We see that
Co=2 < C2 =2.25 < C4=2.2777 ... < Cs=2.2784 ...< C3=2.2857 ...< C1=2.3333 ....
12.2
EXERCISES 1. Find the rational number, expressed in lowest terms, represented by each of the following simple continued fractions. a) [ 2;7]
c ) [0;5, 6]
e ) [l; l]
g) [l; 1, 1, l]
b ) [1 ;2, 3]
d) [3;7, 15, 1]
f) [1; 1, 1]
h) [1; 1, 1, 1, 1 ]
2. Find the rational number, expressed in lowest terms, represented by each of the following simple continued fractions. a) [10;3]
c ) [0;1, 2, 3]
e) [2;1, 2, 1, 1, 4]
g) [1 ;2, 1, 2, l]
b ) [ 3;2, l]
d) [2;1, 2, l]
f) [l; 2, 1, 2]
h) [l;2, 1, 2, 1, 2]
3. Find the simple continued fraction expansion, not terminating with the partial quotient of 1, of each of the following rational numbers.
490
Decimal Fractions and Continued Fractions a)18/13
c)19/9
e) -931/1005
b) 32/17
d)310/99
f) 831/8110
4. Find the simple continued fraction expansion, not terminating with the partial quotient of 1, of each of the following rational numbers. a)6/5
c)19/29
e) -943/1001
b)22/7
d)5/999
f) 873/4867
5. Find the convergents of each of the continued fractions found in Exercise 3. 6. Find the convergents of each of the continued fractions found in Exercise 4. 7. Show that the convergents that you found in Exercise 5 satisfy Theorem 12.11. 8. Let
fk denote thekth Fibonacci number.Find the simple continued fraction, terminating with
the partial quotient of 1, of fk+iifk, wherek is a positive integer.
9. Show that if the simple continued fraction expression of the rational number
[a0; ai. ..., ak], then the simple
>
10. Show that if a0
>
continued fraction expression of 1/ a is
a, a >
1, is
[0; ai. ..., ad.
0, then
and
qkfqk-l = [ak ; ak-1'
·
·
·
,
a1, ai],
Ck-l=Pk-iiqk-l and Ck=Pk! qk>k :::'.:: 1, are successive convergents of the continued fraction [a0; ai. ..., an].(Hint: Use the relation Pk=akPk-l + Pk-2 to show that PklPk-l= ak + l/ (Pk-ilPk-2).) where
>
11. Show that
qk
:::=::
fk
continued fraction
fork= 1, 2, ..., where Ck= Pkfqk is thekth convergent of the [a0; ai. ..., an] and fk denotes thekth Fibonacci number.
simple
12. Show that every rational number has exactly two finite simple continued fraction expansions. *
[a0; ai. a2, ..., an] be the simple continued fraction expansion of r/s, where (r, s) =1 and r :::'.:: 1. Show that this continued fraction is symmetric, that is, a0=an, a1=an-I> a2= 2 2 an_2, ... , if and only if r l (s + 1) if n is odd and r l (s - 1) if n is even. (Hint: Use Exercise
13. Let
10 and Theorem 12.10.) *
14. Explain how finite continued fractions for rational numbers, with both plus and minus signs allowed, can be generated from the division algorithm given in Exercise 18 of Section 1.5.
a0, ai. a2, ... , ak be real numbers with ai. a2, ...positive, and let x be a positive real number. Show that [a0; ai. ..., ak] < [a0; a1 ..., ak + x] ifk is odd and [a0; ai. ..., ak] > [ao; a1... , ak + x] ifk is even.
15. Let
16. Determine whether
n can be expressed as the sum of positive integers a
and b, where all the
partial quotients of the finite simple continued fraction of a/ b are either 1 or 2, for each of the following integers n. a)13
b)l7
c)19
d)23
e)27
f)29
Computations and Explorations 1. Find the simple continued fractions of 1001/3000, 10,001/30,000, and 100,001/300,000. 2. Find the finite continued fractions of x and 2x for 20 different rational numbers.Can you find a rule for finding the finite simple continued fraction of 2x from that of x?
12.3
Infinite Continued Fractions
491
3. Determine for each integer n, n::::: 1000, whether there are integers a and b with n =a+ b such that the partial quotients of the continued fraction of a/b are all either 1 or 2. Can you make any conjectures?
Programming Projects 1. Given a rational number, find its simple continued fraction expansion. 2. Given a finite simple continued fraction, find its convergents and the rational number that this continued fraction represents.
12.3
Infinite Continued Fractions In this section, we will define infinite continued fractions and show how to represent a real number using an infinite continued fraction. We will show how to use the continued fraction representation of a real number to produce rational numbers that are excellent approximations of this real number.We will also show how to apply continued fractions to explain a certain kind of attack on the RSA cryptosystem. In the next section, we will study the continued fractions of quadratic irrationalities. To begin suppose that we have an infinite sequence of positive integers a0; ai. a2, .... How can we define the infinite continued fraction [a0; a1, a2,
•
•
.
]? To make sense
of infinite continued fractions, we need a result from mathematical analysis.We state the result, and refer the reader to a mathematical analysis text, such as [Ru64], for a proof.
Theorem 12.12. Let x0, xi. x2, be a sequence of real numbers such that x0 < x1 < x2 < and xk < U fork =0, 1, 2, ...for some real number U, or x0 > x1 > x2 > ... and xk > L fork =0, 1, 2, ... for some real number L. Then the terms of the sequence x0, xi. x2, tend to a limit x, that is, there exists a real number x such that •
·
·
.
•
·
•
.
•
lim xk=x.
k-+oo
Theorem 12.12 tells us that the terms of an infinite sequence tend to a limit in two special situations: when the terms of the sequence are increasing and all are less than an upper bound, and when the terms of the sequence are decreasing and all are greater than a lower bound. We can now define infinite continued fractions as limits of finite continued fractions, as the following theorem shows.
Theorem 12.13.
Let a0, ai. a2, ...be an infinite sequence of integers with ai. a2, ...
positive, and let Ck= [a0; ai. a2, ... , ak]. Then the convergents Ck tend to a limit
a,
that is, lim ck=
k-+oo
a.
Before proving Theorem 12.13, we note that the limit
a
described in the statement of
the theorem is called the value of the infi . nite simple continuedfraction [a0; ai. a2, ...].
492
Decimal Fractions and Continued Fractions To prove Theorem 12.13, we will show that the infinite sequence of even-numbered convergents is increasing and has an upper bound and that the infinite sequence of odd numbered convergents is decreasing and has a lower bound.We then show that the limits of these two sequences, guaranteed to exist by Theorem 12.12, are in fact equal.
Proof
Let m be an even positive integer.By Theorem 12.11, we see that C1>C3>Cs>...>Cm-1' Co< C2< C4 < ...
and C2j
·
·
Co
·
>C2n-1>C2n+1> ·
·
·
·
·
·
,
,
and C2j >C2k+1 for all positive integers j and k. We see that the hypotheses of Theorem 12.12 are satisfied for each of the two sequences Ci. C3, C2, ... and C0, C2, C4, ... . Hence, the sequence Ci. C3, Cs, ...tends to a limit a1 and the sequence C0, C2, C4, ... tends to a limit a2, that is,
and
Our goal is to show that these two limits a1 and a2 are equal.Using Corollary 12.10.2, we have C2n+l - C2n -
_
P2n+l --
Q2n+l
-
P2n -
Q2n
-
_
(-1) (
2n+l)-l
Q2n+1Q2n
1 Q2n+1Q2n
Because qk ::::: k for all positive integers k (see Exercise 11 of Section 12.2 ), we know that 1 --
Q2n+1Q2n
<
1 (2n+ 1( ) 2n)
'
and, hence,
tends to zero, that is,
Hence, the sequences Ci. C3, Cs, ...and C0, C2, C4, ...have the same limit, because lim (C2n+l - C2n )
n�oo
Therefore, a1
=
=
lim C2n+l - lim C2n
n�oo
n�oo
=
0.
a2, and we conclude that all the convergents tend to the limit a
a2.This finishes the proof of the theorem.
=
a1
=
•
12.3 Infinite Continued Fractions
493
Previously, we showed that rational numbers have finite simple continued fractions. Next, we will show that the value of any infinite simple continued fraction is irrational.
Theorem 12.14.
Let a0, ai. a2, ...be integers with ai. a2, ...positive.Then [a0; ai.
a2, ...] is irrational.
Proof.
Let a= [a0; ai. a2, ...], and let
Ck= Pkfqk= [ao; ai. a2, denote the kth convergent of a.W hen
n
·
·
ak]
·
is a positive integer, Theorem 12.13 shows that
C2n < a < C2n+ i. so that
0 <
·
However, by Corollary 12.10.2, we know that
which means that
P2n
1
q2n
q2n+ lq2n
0 <
1 --
q2n+l
.
Assume that a is rational, so that a= a/b, where a and b are integers with bi=- 0.Then
aq2n 1 , 0 < -- - P2n < b q2n+l --
and by multiplying this inequality by b, we see that 0 < aq2n - hP2n <
b --
q2n+l
.
Note that aq2n - bp2n is an integer for all positive integers n. However, because q2n+ 1 > 2n + 1, for each integer n there is an integer no such that q2no+1 > b, so that b/q2no+1 < 1.
This is a contradiction, because the integer aq2n0 - bp2n0 cannot be between 0 and 1.
We conclude that a is irrational.
•
We have demonstrated that every infinite simple continued fraction represents an irrational number. We will now show that every irrational number can be uniquely expressed by an infinite simple continued fraction, by first constructing such a continued fraction, and then by showing that it is unique.
Theorem 12.15. Let a = a0 be an irrational number, and define the sequence a0, ai. a2, .. . recursively by
494
Decimal Fractions and Continued Fractions for k =0,
1, 2, .... Then a is the value of the infinite simple continued fraction
[a0; ai. a2, ...].
Proof
From the recursive definition of the integers
ab we see that ak is an integer for
every k. Furthermore, using mathematical induction, we can show that ak is irrational for every nonnegative integer k and that, as a consequence, ak+l exists. First, note that a0 =a is irrational, so that a0 I- a0= [a0] and a1= 1/ (a0 - a0) exists. Next, we assume that ak is irrational. As a consequence, ak+l exists. We can easily see that ak+l is also irrational, because the relation
implies that ak
(12.12)
1 =ak + -- , ak+l
and if ak+l were rational, then ak would also be rational.Now, because ak is irrational
and
ak is an integer, we know that ak I- ab and
so that
Hence,
and, consequently,
ak+l = [ak+1l fork=0, 1,
'.'.:'.: 1
2, ....This means that all the integers ai. a2, ... are positive.
Note that by repeatedly using
(12.12), we see that
1 a =a0 =a0 + - = [a0; ail ai
=ao +
1
1 ai+a2
= [ao; ai.
1
a1]
=ao + ------ = [ao; ai.
a1, ... ' ab ak+ll·
12.3 Infinite Continued Fractions What we must now show is that the value of
[a0; ai. a2, ... , ab ak+ll
tends to
495
a ask
tends to infinity, that is, ask grows without bound. By Theorem 12.9, we see that
where
C j =pj /qj
is the jth convergent of
a_ Ck=
[a0; ai. a2, ...]. Hence,
ak+lPk + Pk-1
Pk
ak+lQk + Qk-1
Qk
-(pkqk-1 - Pk-lqk) (ak+lQk + Qk-1)Qk -
l k-1 -(- ) (ak+lQk + Qk-1)Qk
'
where we have used Theorem 12.10 to simplify the numerator on the right-hand side of the second equality.Because
we see that
l a - Ck l Because qk
>k
1 <
--
qkqk+l
(from Exercise 11 of Section 12.2), we note that 1/ (qkqk+ 1) tends to zero
a ask tends to infinity or, phrased differently, the value of the infinite simple continued fraction [a0; ai. a2, ...] is a. • ask tends to infinity.Hence,
Ck
tends to
To show that the infinite simple continued fraction that represent an irrational number is unique, we prove the following theorem.
Theorem 12.16. If the two infinite simple continued fractions [a0; ai. a2, ...] and [b0; bi. b2, ...] represent the same irrational number, then ak= bk fork = 0, 1, 2, ....
Proof.
Suppose that
a= [a0; ai. a2, ...]. Then, because C0=a0 and C1=a0+1/ai.
Theorem 12.11tells us that
so that a0= [a]. Further, we note that
because
496
Decimal Fractions and Continued Fractions a =[a0; ai. a2, ...] = lim [a0; ai. a2, ... , ak] k--+oo . = l1m k--+oo
(
= ao +
.
a0 +
1 -------
[a1; a2, a3, ... , ak] 1
)
-----
hm [a1; a1, ... , ak] k--+oo
Suppose that
Our remarks show that a0 =b0 =[a] and that
so that [a1; a1, ...] =[b1; b2, ...]. Now, assume that ak =bb and that [ak+l; ak+2, ...] =[bk+l; bk+2, ...]. Using the same argument, we see that ak+1 =bk+ i. and ak+l +
1 [ak+2; ak+3•
·
·
.]
=hk+l +
1 [bk+l; hk+3•
·
·
.]
'
which implies that [ak+2; ak+3
·
·
.] =[bk+2; hk+3•
·
·
.].
Hence, by mathematical induction, we see that ak =bk fork= 0, 1, 2 ,
. . . .
•
To find the simple continued fraction expansion of a real number, we use the algorithm given in Theorem 12.15. We illustrate this procedure with the following example. Example 12.10. ao =
ai -
-
Let a = ,J6. We find that
[J6] =2,
[ ,J6 ] +2
2
-2 -
'
12.3 Infinite Continued Fractions Because
a3
=
ai.
we see that a3
=
,J6
=
The simple continued fraction of
ai. a4
=
a2,
497
... , and so on.Hence,
[2; 2, 4, 2, 4, 2, 4, ...].
,J6 is periodic.We
will discuss periodic simple con
tinued fractions in the next section.
..,..
The convergents of the infinite simple continued fraction of an irrational number are good approximations to
Theorem 12.17.
a. This leads to the following theorem, which we introduced in
1.1.
Exercise 34 of Section
Dirichlet's Theorem on Diophantine Approximation.
irrational number, then there are infinitely many rational numbers
p /q
If
a
is an
such that
la - p/ql < 1/q2. Proof
Let
Pkfqk
proof of Theorem
Because
be the kth convergent of the continued fraction of
a.
Then, by the
12.15, we know that
qk < qk+i. it follows that I a - Pkfqk I< 1/q'f.
Consequently, the convergents of
a, Pkfqb
k
=
1, 2, ... ,
are infinitely many rational
numbers meeting the conditions of the theorem.
•
The next theorem and corollary show that the convergents of the simple continued fraction of a are the to
a than any
best rational approximations to a, in the sense that Pk/qk is closer qk. (See Exercise 17
other rational number with a denominator less than
for the best rational approximations to a real number for all denominators.)
Theorem 12.18.
Pj/qj, j 1, 2, ... , be the convergents of the infinite simple continued fraction of a. If r and s are integers with s >
Let
a
be an irrational number and let
=
0 and if k is a positive integer such that
thens :::::
Proof
qk+l· Assume that
Isa - rl
<
lqka - Pkl,
but that
1 ::S s < qk+l· We consider the
simultaneous equations
PkX + Pk+lY r qkx + qk+lY s. =
=
By multiplying the first equation by second from the first, we find that
qk and the second by Pb
and then subtracting the
498
Decimal Fractions and Continued Fractions
By Theorem 12.10, we know that
y
Pk+lqk - Pkqk+l =
=
k (-l) , so that
k (-l) (rqk - spk).
Similarly, multiplying the first equation by
qk+1 and the second by Pk+i. and then
subtracting the first from the second, we find that
x
=
k (-l) (SPk+l - rqk+l).
s =j:. 0 and y =j:. 0. If x 0, then SPk+l rqk+l· Because 1, Lemma 3.4 tells us that qk+ils, which implies that qk+l � s, contrary (Pk+I> qk+l) to our assumption. If y 0, then r PkX ands qkx, so that
We will now show that
=
=
=
=
because
=
=
IxI � 1, contrary to our assumption.
x and y have opposite signs. First, suppose that y <0. Because qkx s - qk+1y, we know that x > 0, because qkx > 0 and qk > 0. W hen y > 0, because qk+IY � qk+l > s, we see that qk x s - qk+IY <0, so that x <0. Next, we show that
=
=
Pkfqk < a < Pk+if qk+l or that Pk+ifqk+l
Theorem
12.11,
we know
that
either
have opposite signs. From the simultaneous equations we started with, we see that
Isa - rl
=
=
l(qkx + qk+1Y)a - (pkx+ Pk+1Y)I lx(qka - Pk)+ y(qk+la - Pk+1)I.
Combining the conclusions of the previous two paragraphs, we see that x(qka - Pk) and
y(qk+la - Pk+1) have the same sign, so that Isa - rl
because
=
lxl lqka - Pkl + IYI lqk+la - Pk+II
�
lxl lqka - Pkl
�
lqka - Pkl,
IxI � 1. This contradicts our assumption.
We have shown that our assumption is false, and, consequently, the proof is complete.
•
a be an irrational number and let p j /q j, j 1, 2, ... , be the convergents of the infinite simple continued fraction of a. If r/s is a rational number, where r and s are integers with s > 0, and if k is a positive integer such that Corollary 12.18.1.
Let
thens> qk. Proof.
Suppose that
s � qk and that
=
12.3 Infinite Continued Fractions
499
By multiplying these two inequalities, we find that
sla - r/sl < qkla - Pkfqkl , so that
violating the conclusion of Theorem 12.18.
•
Example 12.11. The simple continued fraction of the real numberrr isrr [3; 7, 15, 1, 292 , 1, 1, 1, 2 , 1, 3, . . . ]. Note that there is no discernible pattern in the sequence =
of partial quotients. The convergents of this continued fraction are the best rational
3, 2217, 333/106, 355/113, and 103,993/33,102. 12.18.1 that 2217 is the best rational approximation of rr
approximations torr. The first five are We conclude from Corollary
Finally, we conclude this section with a result that shows that any sufficiently close rational approximation to an irrational number must be a convergent of the infinite simple continued fraction expansion of this number.
Theorem 12.19. If a is an irrational number and if r/s is a rational number in lowest terms, where r and s are integers with s > 0 such that
la - r/sl < 1/(2s2), then
r/s is a convergent of the simple continued fraction expansion of a.
Proof Assume that r/s is not a convergent of the simple continued fraction expansion of a. Then there are successive convergents Pk!qk and Pk+ ifqk+ 1 such that qk ::S s < qk+ 1 By Theorem 12.18, we see that ·
lqka - Pkl ::S Isa - rl Dividing by
sla - r/sl < 1/(2s).
qb we obtain
Because we know that because
=
lspk - rqkl ::'.:'.: 1 (we know that spk - rqk is a nonzero integer
r/s I- Pklqk), it follows that 1 sqk
-
<
=
<
lspk - rqkl
----
sqk
l�:-;1 1 2sqk
--
+
1 2s2
-
500
Decimal Fractions and Continued Fractions (where we have used the triangle inequality to obtain the second inequality). Hence, we see that
1/2sqk < 1/2s2. Consequently,
2sqk > 2s2, which implies that
qk > s, contradicting the assumption.
•
Applying Continued Fractions to Attack the RSA Cryptosystem version of Theorem
12.19
We can use a
for rational numbers to explain why an attack on certain
implementations of RSA ciphers works. We leave it as an exercise to prove that this version of Theorem
Theorem 12.20.
12.19 is valid.
Wiener's Low Encryption Exponent Attack on RSA.
Suppose that
d < n 114/3. Then, given an RSA encryption key (e, n), the decryption key can be found using 0 ((log n)3)
n
=
pq,
where
p
and
q
are odd primes with
q < p < 2q,
and that
bit operations.
Proof
We will base the proof on approximation of a rational number by continued
de= 1 (mod (n)), there is an integer k k(n). Dividing both sides of this equation by d
fractions. First, note that because
de - 1
=
such that
--
which implies that
e (n) This shows that the fraction
1 d(n)
k d
k/ d is a good approximation of e/ (n).
Note also that q
< ,Jn, because q < p and n Using the hypothesis that q < p, it follows that p+ q - 1 :::: 2q + q - 1 (n) q - 1 < 3,Jn.
Because
=
n - p - q + 1,
we see that
=
pq by the hypotheses of the theorem.
3q - 1 < 3,./n,.
=
n - (n)
We can make use of this last inequality to show that
=
n - (n - p - q+ 1)
=
I 1
(de - k(n)) �(kn+ k(n)) n 1 - k(n - (n)) < 3k,Jn _]!___ d,Jn nd - nd
I
p+
k/ d is an excellent approxima
tion of e/n. We see that
=
=
I
=
12.3
Infinite Continued Fractions
501
e <
It follows that
_
:__ k
3k,Jn, 3(n114/3),./n, 1_ 1 < < < _ _. = d nd nd dn114 2d2
In I
We now use the version of Theorem
12.19 for
rational numbers. By this theorem, we
k/d is a convergent of the continued fraction expansion of e/ n. Note also that both e and n are public information. Consequently, to find k/d we need only examine the convergents of e/ n. Because k/d is a reduced fraction, to check each convergent to see whether it equals k /d, we suppose that its numerator equals k. We then use this value to compute
12.3
EXERCISES 1. Find the simple continued fractions of each of the following real numbers. a)
�
b)
v'3
c)
�
d)
(1 + �)/2
2. Find the first five partial quotients of the simple continued fractions of each of the following real numbers. a)
�
b)
2n
c)
(e - l)/(e + 1)
3. Find the best rational approximation to
n
d)
(e2 - l)/(2e + 1)
with a denominator less than or equal to
4. The infinite simple continued fraction expansion of the number
e= [2; 1, 2, 1, 1, 4, 1, 1,
6,
1, 1,
8,
100,000.
e is
...].
a) Find the first eight convergents of the continued fraction of e.
e having a denominator less than or equal to 536.
b) Find the best rational approximation to *
5. Let
a2, a3,
*
.
•
.
•
]. Show that the simple continued fraction of ] if a1 > 1 and [-a0 - 1; a2 + 1, a3, ] if a1 = 1.
•
•
6. Show that if
•
•
-a
a=
•
Pkfqk and Pk+ifqk+I are consecutive convergents of the simple continued
fraction of an irrational number a, then
or
[a0; ai. is [-a0 - 1; 1, a1 - 1, a2,
be an irrational number with simple continued fraction expansion
a
Decimal Fractions and Continued Fractions
502
(Hint: First 1/(qkqk+l).) >
that
la - Pk+if qk+ll + la - Pkfqkl = IPk+ifqk+l - Pkf qkl =
7. Let a be an irrational number a fraction of of
*
show
> 1. Show that the kth convergent of the simple continued 1/a is the reciprocal of the (k - l)th convergent of the simple continued fraction
a.
8. Let a be an irrational number and let pj/ qj denote the jth convergent of the simple continued
fraction expansion of a. Show that at least one of any three consecutive convergents satisfies
the inequality
Conclude that there are infinitely many rational numbers p /q, where p and with
*
q are integers
q =j:. 0, such that
a= (1 + ,,/5)/2, and c > ,,/5, then there are only a finite number of rational numbers p / q, where p and q are integers, q =j:. 0, such that
9. Show that if
la - pf qi
<
l/(cq
2
).
(Hint: Consider the convergents of the simple continued fraction expansion of ,,/5.) If a and f3 are two real numbers, we say that f3 is equivalent to a if there are integers a, b, c, and d such that ad - be= ± 1 and f3= �:��. 10. Show that a real number a is equivalent to itself. 11. Show that if a and f3 are real numbers with f3 equivalent to a, then a is equivalent to f3.Hence, we can say that two numbers a and f3 are equivalent.
a, {3, and 'A are real numbers such that a and f3 are equivalent and f3 and 'A are equivalent, then a and 'A are equivalent.
12. Show that if
13. Show that any two rational numbers are equivalent. *
a and f3 are equivalent if and only if the tails of their simple continued fractions agree, that is, if a= [a0; ai. a2, ..., aj, ci. c2, c3, ...], f3 = [b0; bi. b2, ..., bk> ci. c2, c3, ...], where ai, i = 0, 1, 2, ... , j; bi, i= 0, 1, 2, ..., k; and ci, i= 1, 2, 3, ... are integers, all positive except perhaps a0 and b0.
14. Show that two irrational numbers
a be an irrational number, and let the simple continued fraction expansion of a be a= ]. Let Pkfqk denote, as usual, the kth convergent of this continued fraction. We [a0; ai. a2, define the pseudoconvergents of this continued fraction to be
Let
•
•
.
where k is a positive integer, k �
2, and tis an integer with 0
<
t
<
ak .
15. Show that each pseudoconvergent is in lowest terms. *
16. Show that the sequence of rational numbers Pk,21 qk,2, ing if k is even, and decreasing if k is odd.
•
•
.
, Pk,ak_/qk,ak-l' Pdqk is increas
12.4 Periodic Continued Fractions *
503
17. Show that ifrands are integers withs> 0 such that la - r/sl .:=::l a where k is a positive integer and 0
<< t
Pk,tlqk,tl•
ak> thens> qk,t or r/s = Pk-ifqk-l· This shows
that the closest rational approximations to a real number are the convergents and pseudocon vergents of its simple continued fraction.
18. Find the pseudoconvergents of the simple continued fraction of n: for k = 2. 19. Find a rational number r/ s that is closer to
n:
than 22/7 with denominator s less than 106.
(Hint: Use Exercise 17.)
20. Find the rational number r/s that is closest to e with denominators less than 100. 21. Show that the version of Theorem 12.19 for rational numbers is valid. That is, show that if a, b, c, and dare all integers with b and dnonzero, (a, b ) = (c, d) = 1, and
then
c
I� - �I< 2�2•
/ dis a convergent of the continued fraction expansion of a/b.
22. Show that computing all convergents of a rational number with denominator using 0 ((log n)3) bit operations.
n
can be done
Computations and Explorations 1. Compute the first 100 partial quotients of each of the real numbers in Exercise 2. 2. Compute the first 100 partial quotients of the simple continued fraction of e2. From this, find the rule for the partial quotients of this simple continued fraction. 3. Compute the first 1000 partial quotients of the simple continued fraction of n:. What is the
largest partial quotient that appears? How often does the integer 1 appear as a partial quotient?
Programming Projects 1. Given a real number x, find the simple continued fraction of x. 2. Given an irrational number x and a positive integer n, find the best rational approximation to x
12.4
with denominator not exceeding
n.
Periodic Continued Fractions In this section, we study infinite continued fractions that are periodic.We will show that an infinite continued fraction is periodic if and only if the real number it represents is a quadratic irrationality.We begin with a definition.
Definition. Periodic Continued Fractions. We call the infinite simple continued fraction [a0; ai. a2, ...]periadicifthere are positive integers N andk such that an = an+k for all positive integers
n
with
n
'.:'.: N. We use the notation
504
Decimal Fractions and Continued Fractions to express the periodic infinite simple continued fraction
For instance, [1; 2, 3, 4] denotes the infinite simple continued fraction [1; 2, 3,
4, 3, 4, 3, 4, ...].
In Section 12.1, we showed that the base b expansion of a number is periodic if and only if the number is rational. To characterize those irrational numbers with periodic infinite simple continued fractions, we need the following definition. The real number a is said to be a quadratic irrationality if a is irrational and is a root of a quadratic polynomial with integer coefficients, that is,
Definition.
Quadratic Irrationalities.
Aa2+Ba+C= 0, where A,
B, and C are integers and A 'I- 0.
Let a= 2+J3. Then a is irrational, for if a were rational, then by Exercise 3 of Section 1.1, a - 2= J3 would be rational, contradicting Theorem 3.18. Next, note that
Example
12.12.
a2-4a+1= (7+4J3) -4(2+J3) +1= 0. Hence,
a is a quadratic irrationality.
We will show that the infinite simple continued fraction of an irrational number is periodic if and only if this number is a quadratic irrationality. Before we do this, we first develop some useful results about quadratic irrationalities.
Lemma integers
The real number a is a quadratic irrationality if and only if there are b, and c with b > 0 and c 'I- 0 such that b is not a perfect square and
12.1.
a,
a= (a+Jb)/c. Proof If a is a quadratic irrationality, then a is irrational, and there are integers A, B, and C such that Aa2+Ba+C= 0. From the quadratic formula, we know that a=
-B ±JB2-4AC 2A
-------
a is a real number, we have B2 -4AC > 0, and because a is irrational, B2-4AC is not a perfect square and A 'I- 0. By either taking a= -B, b= B2-4AC, and c= 2A, or a= B, b= B2-4A C, and c= -2A, we have our desired representation
Because
ofa. Conversely, if
a= (a+Jb)/c,
12.4 Periodic Continued Fractions
where
a, b,
and
c
are integers with
b>
0,
c 'I- 0,
and
b
505
not a perfect square, then by
Exercise 3 of Section 1.1 and Theorem 3.18, we can easily see that
a
is irrational.
Furthermore, we note that
c2a2 - 2aca+(a2 -b) = 0, so that a is a quadratic irrationality.
•
The following lemma will be used when we show that periodic simple continued fractions represent quadratic irrationalities. Lemma 12.2.
a
If
(ra+s)/(ta+u) Proof.
is a quadratic irrationality and if
r, s, t ,
and
u
are integers, then
0,
c 'I- 0,
is either rational or a quadratic irrationality.
From Lemma 12.1, there are integers
a, b,
and c with b
>
and b not a
perfect square, such that
a= (a+ .Jb)/c. Thus,
ra+s ta+u
=
[
r(a+,Jb) c
]/[
+s
t(a+ -Jb) c
]
+u
(ar+cs)+ r,Jb (at+cu)+ t,Jb [(ar+cs)+ r,Jb][(at+cu)- t,Jb] [(at+cu)+ t,Jb][(at+cu)- t,Jb] [(ar+cs)(at+cu)- r tb]+[ r(at+cu)- t(ar+cs) ],Jb (at+cu)2- t2b Hence, by Lemma 12.1, ficient of
,Jb is zero,
(ra+s)/(ta+u)
is a quadratic irrationality, unless the coef
which would imply that this number is rational.
•
In our subsequent discussions of simple continued fractions of quadratic irrational ities, we will use the notion of the conjugate of a quadratic irrationality. Definition.
Let a= (a+,Jb)/c be a quadratic irrationality. Then the c onjugate of a ,
denoted by a', is defined by a'= (a-,Jb)/c. Lemma 12.3.
C= 0, Proof.
If the quadratic irrationality a is a root of the polynomial
Ax2+ Bx+
then the other root of this polynomial is a', the conjugate of a. From the quadratic formula, we see that the two roots of
Ax2+ Bx+C= 0
are
-B ±JB2-4AC 2A If
a
is one of these roots, then
reversed to obtain
a' from a.
a' is the
other root, because the sign of JB2-4AC is •
506
Decimal Fractions and Continued Fractions The following lemma tells us how to find the conjugates of arithmetic expressions involving quadratic irrationalities.
Lemma 12.4.
If a1
= (a1 + b1,Jd)/c1 and a2 = (a2 + b2,Jd)/c2 are rational numbers
or quadratic irrationalities, then
(a1 + a2)' =a� +a� ( ) (a1 - a2)' =al' - a2' (1°l0l0 ) (a1a2 )' =ala ' '2 (i) · · 11
(iv)
(aifa2)' =ava�.
The proof of (iv) will be given here; the proofs of the other parts are easier and appear at the end of this section as problems for the reader.
Proofof(iv).
Note that
a1 Ia2 =
(a1 + h1,Jd)/c1 (a2 + b2,Jd)I c2
------
c2(a1 + b1,Jd)(a2 - b2,Jd) c1(a2 + b2,Jd)(a2 - b2,Jd) (c2a1a2 - c2b1b2d) + (c2a2b1 - c2a1b2),Jd c1(a� - b�d) whereas
(a1 - h1,Jd)/c1 al'!a2 = fJ ,
(a2 - b2vd)/c2
c2(a1 - b1,Jd)(a2 + b2,Jd) c1(a2 - b2,Jd)(a2 + b2,Jd) (c2a1a2 - c2b1b2d) - (c2a2b1 - c2a1b2),Jd c1(a� - b�d) •
The fundamental result about periodic simple continued fractions is called La grange's theorem (although part of the theorem was proved by Euler). (Note that this theorem is different from Lagrange's theorem on polynomial congruences discussed in Chapter 9. In this chapter, we do not refer to that result.) Euler proved in 1737 that a periodic infinite simple continued fraction represents a quadratic irrationality. Lagrange showed in 1770 that a quadratic irrationality has a periodic continued fraction.
Theorem 12.21.
Lo,grange's Theorem.
The infinite simple continued fraction of an
irrational number is periodic if and only if this number is a quadratic irrationality.
12.4 Periodic Continued Fractions
507
We first prove that a periodic continued fraction represents a quadratic irrationality. The converse, that the simple continued fraction of a quadratic irrationality is periodic, will be proved after a special algorithm for obtaining the continued fraction of a quadratic irrationality is developed.
Proof.
Let the simple continued fraction of a be periodic, so that
Now, let
Then fJ=[aN; aN+b · · · 'aN+b fJ], and by Theorem 12.9, it follows that
(12.13)
fJ=
fJPk + Pk-1 {Jqk + qk-1
,
where Pkfqk and Pk-ifqk-l are convergents of [aN; aN+b ... , aN+kl· Because the simple continued fraction of fJ is infinite, fJ is irrational, and by (12. 13), we have
so that fJ is a quadratic irrationality.Now, note that
so that, from Theorem 12.11, we have
fJPN-1+ PN-2 fJqN-1+ qN-2
'
wherepN_ifqN_1 andpN_2/qN_2 are convergents of[a0;ai. a2, ..., aN_1].BecausefJ is a quadratic irrationality, Lemma 12.2 tells us that a is also a quadratic irrationality (we know that a is irrational because it has an infinite simple continued fraction expansion) . •
The following example shows how to use the proof of Theorem 12.21 to find the quadratic irrationality represented by a periodic simple continued fraction. Example 12.13.
Let x =[3; 1, 2]. By Theorem 12.21, we know that x is a quadratic
irrationality. To find the value of x, we let x =[3; y ], where y=[ 1; 2], as in the proof of Theorem 12.21 . We have y=[l;2, y], so that
y=l+
3y + 1
1 --
2+ l y
2y + 1
508
Decimal Fractions and Continued Fractions 2
- 2y - 1 =0. Because y + have y = 1 /3. Because x =3+ �, we have
It follows that 2y
is positive, by the quadratic formula, we
To develop an algorithm for finding the simple continued fraction of a quadratic irrationality, we need the following lemma.
Lemma 12.5.
If
a is a quadratic irrationality, then a can be written as a=(P + -Jd)/Q,
where P ,
Proof
Q, and dare integers, Q =j:. 0,
Because
d > 0, dis not a perfect square, and QI (d -
a is a quadratic irrationality, Lemma
P2).
12.1 tells us that
a=(a+ ,./b)/c, where a, b, and care integers, b
>
0, and c=j:. 0.We multiply both the numerator and
the denominator of this expression for
a
by I cI to obtain
alei + ,Jb2I. a=---clcl (where we have used the fact that lei =v'c2). Now, let
Q =j:. 0, because c=j:. 0, d > 0 (because b > 0), d is not b a perfect square because is not a perfect square, and, finally, QI (d - P2) because 2 2 2 2 2 2 d - P2=bc - a c =c (b - a )= ±Q(b - a ). •
Then
P , Q,
2 P =alcl, Q=cc l ,l and d=bc .
and d are integers,
We now present an algorithm for finding the simple continued fractions of quadratic irrationalities.
Theorem 12.22. integers
Let
a
be a quadratic irrationality, so that by Lemma 12.5 there are
P0, Q0, and d such that
a=(Po+ -Jd)/Qo , where
Q0 =j:. 0,
d > 0, d is not a perfect square, and
Q0 1 (d - PJ'). Recursively
define
ak=(Pk+ -Jd)/Qk> ak= [ak], Pk+l=akQk - Pk> fork=0, 1, 2,
Qk+l= (d - Pf+1)f Qk> ....Then a= [a0; ai. a2, ...].
Proof Using mathematical induction, we will show that Pk and Qk are integers with Qk =j:. 0 and Qkl(d - Pf), fork= 0, 1, 2, ....First, note that this assertion is true for
Periodic Continued Fractions
12.4
509
k= 0 from the hypotheses of the theorem.Next, assume that Pk and Qk are integers with
Qk � 0 and Qkl(d - Pf ). Then,
is also an integer.Further,
Qk+l=
(d
- Pf+1)fQk
=
[d
- (akQk - Pk)2]/Qk
=
(d
- Pf )/Qk + (2akPk - aiQk).
Qkl(d - Pf ), by the induction hypothesis we see that Qk+l is an integer, and becaused is not a perfect square, we see thatd �Pf , so that Qk+l= (d - Pf+1)/Qk �0. Because
Because
Qk= we can conclude that
(d
- Pf+1)fQk+b
Qk+il(d - Pf+1).This finishes the inductive argument.
To demonstrate that the integersa0, ai. a2, ...are the partial quotients of the simple continued fraction of
fork= 0,
1, 2,
a,
we use Theorem
..., then we know that
12.1 5. If we can show that
a=
[a0; ai. a2,
. ..]. Note that
,Jd, ak - ak= pk+ - ak Qk = [ Jd - (akQk - Pk)]/Qk = (Jd - Pk+1)/Qk = (Jd - Pk+1HJd+ Pk+1)/Qk(Jd+ Pk+1) =
(d
- Pf+1)/(Qk(Jd + Pk+l))
= QkQk+if(Qk(Jd+ Pk+l)) = Qk+if(Jd+ Pk+1) = 1/ak+b where we have used the defining relation for Hence, we can conclude that
a=
[a0; ai. a2,
Qk+l ...].
to replace d
- Pf+i
12.22
with the following
example. Let
a= (3+ ,./7)/2. Using Lemma 12.5, a= (6 + J28)/4,
QkQk+l· •
We illustrate the use of the algorithm given in Theorem
Example 12.14.
with
we write
510
Decimal Fractions and Continued Fractions where we set P 0=6,
Q0= 4, and d =28.Hence, a0=[a]=2, and
P1=2 4 - 6=2, Qi= (28 - 22)/4=6,
ai=(2 + J28)/6,
P2=1 6 - 2= 4, Q2= (28 - 42)/6=2,
a2=( 4 + J28)/2
P3= 4 2 - 4= 4, Q3= (28 - 42)/2=6
a3= ( 4 + J28)/6,
P4=1 6 - 4=2, Q4= (28 - 22)/6= 4,
a4=(2 + J28)/4,
Ps=1 4 - 2=2, Qs= (28 - 22)/4=6,
as= (2 + J28)/6,
·
a1= [(2 + J28)/6] = 1,
·
a2= [( 4 + J28)/2] = 4,
·
a3= [( 4 + J28)/6] =1,
·
a4= [(2 + J28)/4] =1,
·
as= [(2 + J28)/6] =1,
and so on, with repetition, because P1=Ps and
Q1=Qs.Hence,
we see that
(3 + v'?)/2=[2; 1, 4, 1, 1, 1, 4, 1, 1, ...]
=[2; 1, 4, 1, l]. We now finish the proof of Lagrange's theorem by showing that the simple continued fraction expansion of a quadratic irrationalities is periodic.
Proof of Theorem Lemma
12.21
(continued).
12.5, we can write a as
Let
a
be a quadratic irrationality, so that by
a=(Po + .Jd)/Qo. Furthermore, by Theorem 12.20, we have
a=[a0; ai. a2, ...],
where
ak=(Pk + .Jd)/Qb ak=[ak], Pk+l=akQk - Pb Qk+l=(d - Pf+1)f Qb fork=0,
1, 2, ....
Because
a=[a0; ai. a2, ..., ak], Theorem 12.11
tells us that
a=(Pk-lak + Pk-2)/(qk-lak + qk-2). Taking conjugates of both sides of this equation, and using Lemma
(12.1 4)
12.4, we see that
12.4 Periodic Continued Fractions
When we solve
(12.14) for
a�, a
we find that
' - -qk-2 kqk-1
Pk-2
(aa'_'_ ) qk-2
Pk-1
.
qk-1
Note that the convergents Pk-2fqk_2 and Pk-ifqk-l tend to that
a
ask tends to infinity, so
(a'_ ) /(a'_ ) a� Pk-2
Pk-1
qk-2
qk-1
tends to 1. Hence, there is an integer N such that k>
1,
511
<
0 fork ::::: N. Because
a
k
>
0 for
we have
ak -a� so that Qk
>
=
pk
+
,Jd,
Qk
-
pk - ,Jd, 2 = ,Jd, Qk Qk
>
0,
0 fork :'.:'.: N.
f
Because QkQk+l = d - P +l we see that fork:'.:'.: N, '
Qk:::::: QkQk+l = d - Pf+1:::::: d. Also fork ::::: N, we have
so that
-,./d < Pk+l
<
,Jd.
From the inequalities 0:::::: Qk:::::: d and -,Jd, < Pk+1 < ,Jd,, which hold fork :'.:'.: N, we see that there are only a finite number of possible values for the pair of integers Pb Qk for k > N. Because there are infinitely many integersk with k ::::: N, there are two integers i and j such that Pi = Pj and Qi = Qj with i < j. Hence, from the defining relation for ab we see that = aj. Consequently, we can see that ai = aj, ai+l = aj+h ai+2 =
ai
aj+2• . . . . Hence,
a= [a0;ai. a2, ... , ai-1' ai, ai+h ... , aj-1' ai, ai+h ... , aj-1' ...] = [a0;ai. a2, ... , ai-1' ai, ai+h ... , aj_1]. This shows that
a
has a periodic simple continued fraction.
Purely Periodic Continued Fractions
•
Next, we investigate those periodic simple
continued fractions that are purely periodic, that is, those without a pre-period.
Definition. integer
n
The continued fraction [a0;ai. a2, ...] is purely periodic if there is an
such that ak = an+b fork= 0,
1, 2, ... ,
so that
512
Decimal Fractions and Continued Fractions
Example 12.15.
The continued fraction [2; 3] = (1 +,J3)/2 is purely periodic,
whereas [2; 2, 4]=,J6 is not.
<11111
The next definition and theorem describe those quadratic irrationalities with purely periodic simple continued fractions. Definition.
A quadratic irrationality a is called
reduced if a
>
1 and -1< a' < 0,
where a' is the conjugate of a. Theorem 12.23. The simple continued fraction of the quadratic irrationality a is purely periodic if and only if a is reduced.Further, if a is reduced and a=[a0; ai. a2, ..., an], then the continued fraction of -1/a' is [an; an-1' ..., ao].
Proof. First, assume that a is a reduced quadratic irrationality. Recall from Theorem 12.18 that the partial fractions of the simple continued fraction of a are given by ak=[ ak],
ak+l= 1/(ak -ak),
fork=0, 1, 2, ..., where a0=a.We see that 1/ak+l= ak -ak> and by taking conjugates and using Lemma 12.4, we see that (12.15) We can prove, by mathematical induction, that -1< a�< 0 fork=0, 1, 2, ....First, note that because a0=a is reduced, -1< a�< 0. Now, assume that -1< a�< 0. Then, because ak � 1 fork=0, 1, 2, ... (note that a0 � 1 because a > 1), we see from (12.15) that 1/a�+l<-1, so that -1< a� l< 0. Hence, -1< a�< 0 fork=0, 1, 2, .... + Next, note that from (12.15) we have a�=ak+1/a�+l' and because -1< a�< 0, it follows that -1
12.4 Periodic Continued Fractions
513
-1 /a . Because ai-l= [ -1/a ] and aj-l= [ -1/a ], we see that ai-l=aj-l· Further
�
j
j
more, because ai-l=ai-l + 1/ai andaj-l=a j-l + 1/aj, we also see thatai-l=aj-l· Continuing this argument, we see that ai_2=aj-2, aj-3=aj-3, ... , and, finally, that
ao=aj-l· Because
a0=a= [a0;ai. ... , aj-i-1' aj-ll = [a0;ai. ... , aj-i-1' ao] = [ao;ai. ...'aj-i-1], we see that the simple continued fraction of a is purely periodic.
a is a quadratic irrationality with a purely pe a= [a0;ai. a2, ... , ak].Because a= [a0;ai. a2, ..., ab a],
To prove the converse, assume that riodic continued fraction Theorem 12.11 tells that
a=
(12.16)
Pk-ifqk-l
apk + Pk-1 aqk + qk-1
----
Pkfqk are the (k - l)th and fraction expansion of a. From (12.16), we see that where
and
kth convergents of the continued
( 1 2.1 7) Now let ,8 be the quadratic irrationality such that ,8= [ak;ak-1' ... , ai. a0], that is, with the period of the simple continued fraction for
a reversed.Then ,8= [ak;ak-1'... , ai.
a0, ,8 ], so that by Theorem 12.11, it follows that ,8Pk +
Pk-1 ,8= ' ,Bq� + q�-1 I
(12.18)
where
p�_1/q�_1
and
p�/q�
I
are the (k - l)th and kth convergents of the continued
fraction expansion of ,8.Note, however, from Exercise 10 of Section 12.2, that
Pk/ Pk-1 = [ak;ak-1' · · ·, ai. ao]= PUq� and
qkfqk-1 = [ak;ak-1' · · ·, ai. a1]= P�_1/q�_1. p�_1/q�_1 and PVq� are convergents, we know that they are in lowest terms. Also, Pk! Pk-1 and qkfqk-1 are in lowest terms, because Theorem 12.12 tells us that k-l Pkqk-1 - Pk-lqk = ( -l) .Hence, Because
and
Pk-1 =qb I
qk-1=qk-1· I
Inserting these values into (12.18), we see that ,8=
fJPk + qk fJPk-1 + qk-1
514
Decimal Fractions and Continued Fractions
Therefore, we know that
This implies that
(12.19) (12.17) and (12.19), we see that the two roots of the quadratic equation 2 qkx + (qk-1 - Pk) x - Pk-1=0 are and -1/f3, so that by the quadratic equation, we have = -1/f3. Because f3 =[an;an-1' ..., ai. a0] , we see that f3 -1/f3 0.Hence, is 1, so that -1
By
' a
a
'
>
<
a
a reduced quadratic irrationality. Furthermore, note that because f3
' a ,
= -1/
it follows that •
We now find the form of the periodic simple continued fraction of ,J/5, where D is a positive integer that is not a perfect square. Although
reduced, because its
-1 and 0, the quadratic irrationality [JD]+ ,Jl5 is reduced because its conjugate,[JD] ,J/5, does lie between -1 and0.Therefore, from Theorem 12.23, we know that the continued fraction of[JD]+ ,Jl5 is purely periodic. Because the initial partial quotient of the simple continued fraction of[JD]+ ,Jl5 is [[JD]+ JD]= 2[JD]= 2a0, wherea0=[JD], we can write conjugate,
-,J/5,
,Jl5 is not
is not between
-
[.Jn] + .JD = [ 2ao;ai. a2, ... ' an] Subtracting
[a0=JD] from both sides of this equality, we find that .JD= [a0;ai. a2, ... , 2a0, ai. a2, ... 2a0, ... ] = [a0;ai. a2, ... , an, 2a0.]
To obtain even more information about the partial quotients of the continued fraction
,J/5,
12.23, the simple continued fraction expansion of -1/ ([JD] - .JD) can be obtained from that for[JD]+ ,Jl5 by reversing the period,
of
we note that from Theorem
so that
But also note that
.JD -[.JD]= [0;ai. a2, ..., an, 2ao]. so that by taking reciprocals, we find that
12.4 Periodic Continued Fractions
515
Therefore, when we equate these two expressions for the simple continued fraction of
1/(v'D- [,JD]), we o btain so that the periodic part of the continued fraction for
v'D is symmetric from the first to
the penultimate term. In conclusion, we see that the simple continued fraction of v'D has the form
Jl5
=
[a0; ai. a2, ..., a2, ai. 2a0].
We illustrate this with some examples.
Example 12.16.
Note that
[4; 1, 3, 1, 8], J3i [5, 1, 1, 3, 5, 3, 1, 1, 10 ], J46 [6; 1, 2, 1, 1, 2, 6, 2, 1, 1, 2, 1, 12], 56 [8; 1, 2, 1, 1, 5, 4, 5, 1, 1, 2, 1, 16], 53
=
=
=
=
and
V97
[9; 1, 5, 1, 1, 1, 1, 1, 1, 5, 1, 18], where each continued fraction has a pre-period of length 1, and a period ending with =
twice the first partial quotient, which is symmetric from the first to the next-to-the-last ..,...
term.
The simple continued fraction expansions of ,Jd, for positive integers d such that d is not a perfect square and d
12.4
<
100
can be found in Table
5 of Appendix D.
EXERCISES 1. Find the simple continued fractions of each of the following numbers. a)
�
b)
v'IT
c)
�
d)
./47
e)
�
f)
,J94
f)
,J209
2. Find the simple continued fractions of each of the following numbers. a)
,JlOI
b)
v'103
c)
v'107
d)
J201
e)
JW3
3. Find the simple continued fractions of each of the following numbers. a)
1+ J2
c)
(5- �) /4
4. Find the simple continued fractions of each of the following numbers. a)
( 1+ v13) ;2
b)
( 14+ v13?)!3
c)
( 13 - J2)!7
5. Find the quadratic irrationality with each of the following simple continued fraction expan sions. a)
[2; 1, 5]
b)
[2; 1,
5]
c)
[2; 1, 5]
516
Decimal Fractions and Continued Fractions
6. Find the quadratic irrationality with each of the following simple continued fraction expan
sions. b) [1; 2, 3]
a) [1; 2, 3]
c) [1; 2, 3]
7. Find the quadratic irrationality with each of the following simple continued fraction expan
sions. a) [3; 6 ]
b) [4; 8]
c) [5; 10]
d) [6; 12]
d be a positive integer. Show that the simple continued fraction of Jd 2 + 1 is [d; 2d]. b) Use part (a) to find the simple continued fractions of .JTIIT, ,J290, and .J2210.
8. a) Let
9. Let
d be an integer, d
�
2.
a) Show that the simple continued fraction of Jd 2 - 1 is [d - 1; 1, 2d - 2]. b) Show that the simple continued fraction of Jd 2 - dis [d - 1; 2, 2d - 2]. c) Use parts (a) and (b) to find the simple continued fractions of .J99, .JTIO, ,J272, and
,J600. d is an integer, d � 3, then the simple continued fraction of Jd 2- 2 is [d - 1; 1, d - 2, 1, 2d - 2]. b) Show that if d is a positive integer, then the simple continued fraction of Jd 2 + 2 is [d; d, 2d]. c) Find the simple continued fraction expansions of ,,/47, ,J51, and ,J287.
10. a) Show that if
11. Let
d be an odd positive integer.
a) Show that the simple continued fraction of Jd 2 + 4 is [d; (d - 1)/2, 1, 1, (d - 1)/ 2, 2d], if d > 1. b) Show that the simple continued fraction of Jd 2 - 4 is [d - 1; 1, (d - 3)/2, 2, (d - 3)/2, 1, 2d - 2], if d > 3. 12. Show that the simple continued fraction of ,Jd, where d is a positive integer, has period length
one if and only if d = a2 + 1, where a is a nonnegative integer.
13. Show that the simple continued fraction of ,Jd, where d is a positive integer, has period length
two if and only if d = a2 + b, where a and b are integers, b > 1, and bl2a.
14. Prove that ifa1= (a1 + b1,Jd)/c1 anda = (a + b ,Jd)/c are quadratic irrationalities, then
the following hold.
2
2
2
2
15. Which of the following quadratic irrationalities have purely periodic continued fractions?
a) 1 +,JS
c) 4 + ,./17
e) (3 + ,./23)/2
b) 2 + v'8
d) (11- �)/9
f ) (17 + ,Jl88)/3
0, and b is not a perfect square. Show that ex is a reduced quadratic irrationality if and only if 0 < a < Jb and Jb - a < c < Jb + a < 2../b.
16. Suppose that a= (a+ ../b)/c, where a, b, and c are integers, b
>
17. Show that if a is a reduced quadratic irrationalities, then -1/a' is also a reduced quadratic
irrationality.
12.5
Factoring Using Continued Fractions
517
*
18. Letk be a positive integer. Show that there are not infinitely many positive integers D, such
*
that the simple continued fraction expansion of ,JD has a period of lengthk. (Hint: Let a1 = 2, a2 = 5, and fork::=:: 3, let ak = 2ak-l + ak_2• Show that if D = (tak + 1)2 + 2tak-l + 1, where t is a nonnegative integer, then ,JD has a period of lengthk + 1.) k 19. Letk be a positive integer. Let Dk = (3 + 1)2 + 3. Show that the simple continued fraction of
ID; has a period of length 6k.
Computations and Explorations 1. Find the simple continued fraction of
,Jl00,007, ,Jl,000,007, and ,Jl0,000,007.
2. Find the smallest positive integer D such that the length of the period of the simple continued fraction of
,JD is 10, 100, 1000, and 10,000. ,JD, where D is a 1003, less than 10,000, and less than 100,000. Can y ou make any
3. Find the length of the largest period of the simple continued fraction of positive integer less than conjectures? 4. Look for patterns in the continued fractions of
,JD for many different values of D.
Programming Projects *
1. Find the quadratic irrationality that is the value of a periodic simple continued fraction. 2. Find the periodic simple continued fraction expansion of a quadratic irrationality.
12.5
Factoring Using Continued Fractions We can factor the positive integer n if we can find positive integers
x and y such that - y =j:. 1. This is the basis of the Fermat factorization method discussed in Section 3.6. However, it is possible to factor n if we can find positive integers x and y that satisfy the weaker condition x2 - y2
=
n and x
(12.20)
x
2
=
2 y (mod n),
0
<
y
<
x
<
n,
and
x + y =j:. n.
x2 - y2 (x + y)(x - y), and n divides neither x - y nor x + y. It follows that (n, x - y) and (n, x + y) are divisors
To see this, note that if (12.20) holds, then n divides of n that do not equal
l
=
or n. We can find these divisors rapidly using the Euclidean
algorithm.
Example 12.17. 292 - 172
=
Note that 292 - 172
(29 - 17)(29 + 17)
(29 + 17, 69)
=
=
=
841- 289
=
0 (mod 69). Because =
(12, 69) and
(46, 69) are divisors of 69 not equal to either 1 or 69; using the Eu
The continued fraction expansion of =
=
0 (mod 69), both (29 - 17, 69)
clidean algorithm, we find that these factors are (12, 69)
2 gruence x
552
,Jn can be
=
3 and (46, 69)
=
23.
..,..
used to find solutions of the con
y2 (mod n ) . The following theorem is the basis for this.
518
Decimal Fractions and Continued Fractions
Theorem 12.24.
Let
be a positive integer that is not a perfect square. Define
n
ak=
(Pk+vfn)fQb ak= [ak], Pk+l=akQk - Pb and Qk+l= (n - Pf+1)/Qb fork= 0, 1, 2, . . . , where a0= Jn . Furthermore, let Pk! qk denote thekth convergent of the simple continued fraction expansion of Jn. Then 2 2 k-l Pk - nqk= (-l) Qk+l· The proof of Theorem 12.24 depends on the following useful lemma. Lemma 12.6.
n
Let
r +s Jn=t +u,Jn,,
where
r, s, t,
is a positive integer that is not a perfect square. Then
P ro of
Because
r +s,Jn,=t +u,Jn,,
we see that if
and
r=t
s I- u,
u
are rational numbers and
and
s= u.
then
r-t
vn=--. u-s
Because
(r -t)/(u-s) consequently, that r=t.
is rational and
Jn
is irrational, it follows that
s= u
and, •
We can now prove Theorem 12.24.
Proof
Because
Jn=a0= [a0 ; ai. a2 , vn=
Because
•
•
•
,
ab ak+1], Theorem 12.9 tells us that
ak+lPk+Pk-1. ak+lqk+qk-1
ak+l= (Pk+l+Jn)fQk+h we have vn=
(Pk+l+Jn) Pk+Qk+lPk-1. (Pk+l+Jn) qk+Qk+lqk-1
Therefore, we see that
nqk+(Pk+lqk+Qk+lqk_1)vn= (Pk+IPk+Qk+IPk-1)+Pkvn· nqk=Pk+IPk+Qk+IPk-1 and Pk+lqk+Qk+lqk-1=Pk· the first of these two equations by qk and the second by Pb subtract
By Lemma 12.6, we see that W hen we multiply
the first from the second, and then simplify, we obtain
k-I Pi- nqf= (pkqk-1 - Pk-lqk)Qk+l= (-l) Qk+h where we have used Theorem 12.10 to complete the proof. We now outline the technique known as the toring an integer
n,
•
continued fraction algorithm
for fac
which was proposed by D. H. Lehmer and R. E. Powers in 1931,
and further developed by J. Brillhart and M. A. Morrison in 1975 (see [LePo31] and [MoBr75] for details). Suppose that the terms
Pb qb Qb ab
and
ak
meanings in the computation of the continued fraction expansion of 12.24, it follows that for every nonnegative integerk,
k-l Pi= (-l) Qk+l (mod n),
have their usual
,Jn,.
By Theorem
12.5 Factoring Using Continued Fractions
519
where Pk and Qk+l are as defined in the statement of the theorem. Now, suppose that k 2 is odd and that Qk+l is a square, that is, Qk+l =s , wheres is a positive integer. Then 2 P =s (mod n), and we may be able to use this congruence of two squares modulo
i
n
to find factors of n. Summarizing, to factor
n
we carry out the algorithm described
in Theorem 12.10 to find the continued fraction expansion of ,Jn. We look for squares among the terms with even indices in the sequence {Qk}. Each such occurrence may lead to a nonproper factor of n (or may just lead to the factorization
n =1
·
n).
We illustrate
this technique with several examples.
Example 12.18. We can factor 1037 using the continued fraction algorithm. Take a = JT037=(0 + JT037)/1 with P0 =0 and Q0 =1, and generate the terms Pb Qb ab and ak. We look for squares among the terms with even indices in the sequence {Qk}. 2 We find that Q1= 13 and Q2 = 49. Because 49 = 7 is a square, and the index of 2 Q2 is even, we examine the congruence P = (-1) Q2 (mod 1037). Computing the 2 terms of the sequence {Pk}, we find that =129. This gives the congruence 129 = 49 2 2 (mod 1037). Hence, 129 - 7 =(129 - 7)(129 +7) = 0 (mod 1037). This produces the
I
p1
factors (129 - 7, 1037) =(122, 1037) =61 and (129 +7, 1037) =(136, 1037) =17 of .....
1037.
Example 12.19.
We can use the continued fraction algorithm to find factors of
1,000,009 (we follow computations of [Ri85]). We have Q1=9, Q2 =445, Q3 =873, 4 2 and Q4 =81. Because 81=9 is a square, we examine the congruence = (-1) Q4 (mod 1,000,009). However,
p�
p3=2,000,009 = -9 (mod 1,000,009), so that p3 +9 is
divisible by 1,000,009. It follows that we do not get any proper factors of 1,000,009 from this. We continue until we reach another square in the sequence {Qk} with k even. This
p17
p17
happens when k =18 with Q18 =16. Calculating gives =494, 881. From the 18 2 congruence = (-1) Q18 (mod 1,000,009), we have 494,881 = 2 4 (mod 1,000,009). It follows that (494881 - 4, 1000009) =(494877, 1000009) =293
p f7
and (494881+4, 1000009) =(494885, 1000009) =3413 are factors of 1,000,009.
..,...
More powerful techniques based on continued fraction expansions are known. These are described in [Di84], [Gu75], and [WaSm87]. We describe one such generalization in the exercises.
12.5
EXERCISES 1. Find factors of 119 using the congruence 192 = 22 (mod 119).
2. Factor 1537 using the continued fraction algorithm. 3. Factor the integer 13,290,059 using the continued fraction algorithm.
(Hint: Use a computer
program to generate the integers Qk for the continued fraction for J13,290,059. You will need more than 50 terms.) 4. Let
n
be a positive integer and let PI> , X7 such that
integers xl> x , 2
•
.
•
p2,
•
•
.
, and Pm be primes. Suppose that there exist
520
Decimal Fractions and Continued Fractions
x i = (-l)e01p �11
•
•
•
�
p m1(modn),
x� = (-l)eo2 P?2 ...p�m2(modn),
where
eo1 + e02 + ...+ ea, = 2eo eu + e12 + ... + ei, = 2ei
x 2 = y2 (modn),
y = (-lyo P? ·· · p:r.Explain how to factorn using this information.Here, the primes Pi. ..., p,, together with -1, are called the factor base. Show that
5. Show that
{3, 5}.
where
x = xix2 · · · x,
and
143 can be factored by setting xi = 17 and x2 = 19,
talcing the factor base to be
�ii
Pi. p2, ... , Pr be primes. Suppose that Qki = flj=1 p for i = 1, ... , t, where the integers Qj have their usual meaning with respect to the continued fraction of y'n. Explain how n can be factored if L�=i ki is even and L�=i kij is even for j = 1, 2, ... , r.
6. Letnbe a positive integer and let
12,007,001 can be factored using the continued fraction expansions of Jl2,007,001 with factor base -1, 2, 31, 71, 97. (Hint: Use the factorizations Qi= 23 · 97, 4 Q12 = 2 · 71, Q28 = 211, Q34 = 31·97, and Q4i = 31·71, and show that Po P11P21P33 P4o = 9,815,310.)
7. Show that
8. Factor
197,209 using the continued fraction expansion of J197,209 and factor base 2, 3, 5.
Computations and Explorations 1. Use the continued fraction algorithm to factor F7 = *
227 + 1.
2. Use the continued fraction algorithm to find the prime factorization of N 11, where
Nj is the
Ni= 2, Nj+i = PiP2 ... Pj + 1, where Pj is the largest prime factor of Nj. (For example, N2 = 3, N3 = 7, N4 = 43, N5 = 1807, and so on.) jth term of the sequence defined by
Programming Projects * * *
1. Factor positive integers using the continued fraction algorithm. 2. Factor positive integers using factor bases and continued fraction expansions (see Exercise
6).
13 A
Some Nonlinear Diophantine Equations
n equation with the restriction that only integer (or sometimes rational) solutions
diophantine equation. We have already studied a simple type of diophantine equation, namely, linear diophantine equations (Section 3.6). We learned are sought is called a
how all solutions in integers of a linear diophantine equation can be found. But what about nonlinear diophantine equations? It is a deep theorem (beyond the scope of this text) that there is no general method
for solving all nonlinear diophantine equations. However, many results have been es tablished about particular nonlinear diophantine equations, as well as certain families of nonlinear diophantine equations. This chapter addresses several types of nonlinear diophantine equations. First, we will consider the diophantine equation
x2
satisfied by the lengths of the sides of a right triangle. A triple of integers
y2 = z2, y, z) that
+
(x,
solves this equation is called a Pythagorean triple. After finding an explicit formula for Pythagorean triples, we will show this formula can be found by determining all the points
(x, y) on the unit circle with rational coefficients using geometric reasoning. After studying the diophantine equation x2 + diophantine equation xn +
y2 = z2, we will consider the famous
zn = zn, where n is an integer greater than 2. That is, we will
be interested in whether the sum of the nth powers of two integers can also be the nth power of an integer, where none of the three integers equals are no solutions of this diophantine equation whenn last theorem), but for more than
>
0. Fermat stated that there
2 (a statement known as Fermat's
350 years no one could find a proof. The first proof of 1995, which ended one of the greatest
this theorem was discovered by Andrew Wiles in
challenges of mathematics. The proof of Fermat's last theorem is far beyond the scope of this book, but we will be able to provide a proof for the case when
n = 4.
Next, we will consider the problem of representing integers as the sums of squares. We will determine which integers can be written as the sum of two squares. Furthermore, we will prove that every positive integer is the sum of four squares. We will also study the diophantine equation x2
- dy2
=
1, known as Pell's equation.
We will show that the solutions of this equation can be found using the simple continued fraction of
,Jd, providing another example of the usefulness of continued fractions.
Finally, we will study the famous
congruent number problem, which asks which
integers are the area of a right triangle with sides of integer length. Progress on this ancient problem has been made in recent years through the use of elliptic curves, a type of cubic diophantine equation. We will show how finding rational points on certain elliptic curves can be used to study the congruent number problem. 521
522
Some Nonlinear Diophantine Equations
13.1
Pythagorean Triples The Pythagorean theorem tells us that the sum of the squares of the lengths of the legs of a right triangle equals the square of the length of the hypotenuse. Conversely, any triangle for which the sum of the squares of the lengths of the two shortest sides equals the square of the third side is a right triangle. Consequently, to find all right triangles with integral side lengths, we need to find all triples of positive integers
(x, y, z)
satisfying
the diophantine equation
(13.1)
(,
Triples of positive integers satisfying this equation are called
Pythagoras. integer side lengths a Pythagorean triangle. the ancient Greek mathematician
Pythagorean triples
after
Similarly, we call a right triangle with
Enmple 13.1. The triples (3, 4, 5), (6, 8, 10), and (S, 12, 13) are Pythagorean triples because 32+42=s2, 62+82= 1<>2, and 52+ 122= 13 2• <11111 Unlike most nonlinear diophantine equations, it is possible to explicitly describe all the integral solutions of (13.1). Before developing the result describing all Pythagorean triples, we need a definition.
Definition.
(x, y, z) is called primitive ifx, y, and z are relatively prime, that is, if (x, y, z) = 1. We call a triangle a primitive right triangle if its sides have A Pythagorean triple
lengths from a primitive Pythagorean triple.
Remark. Unfortunately, the notation (x, y, z) can denote the ordered triple of numbers x, y, and z or the greatest common divisor of x, y, and z. Fortunately, the context in which this notation is used will always make it clear which meaning is intended.
PYTHAGORAS (c. 572-c. SOO B.C.E.) was bom on the Greek island of Sam.as.
After extensive travels and studies, Pythagoras founded his famous school at the Greek port of Crotona, in what is now southern Italy. Besides being an academy devoted to the study of mathematics, philosophy, and science, the school was the sit.e of a brotherhood sharing secret rites. The Pythagoreans, as the members of this brotherhood were called, published nothing and ascribed all their discoveries to Pythagoras himself. However, it is believed that Pythagoras himself discovered what is a2 + b2
=
now called the Pythagorean theorem, namely, that
c2, where a, b, and c are the lengths of the two legs and of the hypotenuse of a right triangle,
respectively. The Pythagoreans believed that the key to understanding the world lay with natural
numbers and form. Their central tenet was "Everything is Number." Because of their fascination with the natural numbers, the Pythagoreans made many discoveries in number theory. In particular,
studied perfect possessed.
they numbers and amicable numbers for the mystical properties they felt these numbers
13.1 Pythagorean Triples
Example 13.2.
The Pythagorean triples
the Pythagorean triple
523
(3, 4, 5) and (5, 12, 13) are primitive, whereas .,..
(6, 8, 10) is not.
Let (x, y, z) be a Pythagorean triple with (x, y, z)=d. Then there are integers xi. Yi. z1 with x=dxi. y=dyi. z=dzi. and (xi. Yi. z1)= 1. Furthermore, because
x2+y2=Z2, we have
(x/d)2+(y/d)2=(z/d)2, so that
X12+Y12=Z12· Hence,
(xi. Yi. z1)
is a primitive Pythagorean triple, and the original triple
(x, y, z)
is
simply an integral multiple of this primitive Pythagorean triple. Also note that any integral multiple of a primitive (or for that matter any) Pythagorean triple is again a Pythagorean triple. If (xi.
Yi. z1) is a primitive Pythagorean
triple, then we have
and hence,
(dx1)2+(dy1)2=(dz1)2, so that
(dxi. dyi. dz1)
is a Pythagorean triple.
Consequently, all Pythagorean triples can be found by forming integral multiples of primitive Pythagorean triples. To find all primitive Pythagorean triples, we need some lemmas. The first lemma tells us that any two integers of a primitive Pythagorean triple are relatively prime. Lemma 13.1.
If
(x, y, z)
is a primitive Pythagorean triple, then
(x, y)= (x, z)=
(y, z)= 1. (x, y, z) is a primitive Pythagorean triple and (x, y) > 1. Then, I (x, y), so that p Ix and p I y. Because p Ix and p I y, we know that p I (x2+y2)=z2. Because p Iz2, we can conclude that p Iz. This is a contradiction, because (x, y, z)= 1. Therefore, (x, y)= 1. In a similar manner, we can easily show that (x, z)= (y, z)=1. •
Proof.
Suppose that
there is a prime p such that p
Next, we establish a lemma about the parity of the integers of a primitive Pythago rean triple. Lemma 13.2. or
If (x,
y, z) is a primitive Pythagorean triple, then x is even and y is odd
x is odd and y is even.
Proof. Let (x, y, z) be a primitive Pythagorean triple. By Lemma 13.1, we know (x, y)=1, so that x and y cannot both be even. Also, x and y cannot both be odd.
that If x
524
Some Nonlinear Diophantine Equations and y were both odd, then we would have
x2
=
2 y
=
1 (mod4),
so that
z2 This is impossible. Therefore,
2
=x2 + y = 2 (mod4).
x is even and y is odd, or vice versa.
•
The final lemma that we need is a consequence of the fundamental theorem of arithmetic. It tells us that two relatively prime integers that multiply together to give a square must both be squares.
Lemma 13.3.
If r,
there are integers m
s, and t are positive integers such that (r, s) and n such that r =m2 ands= n2 .
= 1 and
rs = t2 , then
Proof If r = 1 ors = 1, then the lemma is obviously true, so we may suppose that r and s > 1. Let the prime-power factorizations of r, s, and t be
>
1
and t
-
qb1qb2 ... qbk k . 1 2
(r, s) = 1, the primes occurring in the factorizations of r and s are distinct. Because rs = t 2 , we have Because
Pa1pa2 ...paupau+lpau+2 ...pav q2b1q2b2 ...q2bk = 1 1 v k u u+l u+2 2 2
From the fundamental theorem of arithmetic, the prime powers occurring on the two sides of the above equation are the same. Hence, each j with matching exponents, so that and therefore
ai
Pi must be equal to
q i for some
= 2bj. Consequently, every exponent
aif2 is an integer. We see that r
integers
ai is even,
=m2 ands= n2 , where m and n are the
and pau+tf2pau+2/2 ... pav/2 n = u+l u+2 v
•
We can now prove the desired result that describes all primitive Pythagorean triples.
Theorem 13.1.
The triple
(x, y, z) of positive integers is a primitive Pythagorean triple,
with y even, if and only if there are relatively prime positive integers m and n, m with m odd and n even or m even and n odd, such that
x
=m2-n2 ,
y = 2mn,
z
=m2 + n2.
>
n,
13.1 Pythagorean Triples
525
y, z) be a primitive Pythagorean triple. We will show that there are integers m and n as specified in the statement of the theorem. Lemma 13.2 tells us that x is odd and y is even, or vice versa. Because we have assumed that y is even, x and z are both odd. Hence, z+x and z- x are both even, so that there are positive integers r ands with r = (z+x)/2 ands= (z-x)/2. 2 2 2 2 2 2 Because x + y =z , we have y =z -x = (z+ x)(z - x). Hence,
Proof
Let (x,
(r, s)= 1. To see this, let (r, s)=d. Because d Ir and d Is, d I (r +s)=z I (r -s)=x. This means that d I(x, z)= 1, so that d= 1. 2 Using Lemma 13.3, we see that there are positive integers m and n such that r =m 2 ands= n • W riting x, y, and z in terms of m and n, we have
We note that and d
x=r -s=m2-n2, y=�= ./4m2n2=2mn, z =r +s=m2+n2. (m, n)= 1, because any common divisor of m and n must also divide 2 2 2 2 x=m -n , y=2mn, and z=m +n , and we know that (x, y, z)= 1. We also note that m and n cannot both be odd, for if they were, then x, y, and z would all be even, contradicting the condition (x, y, z)= 1. Because (m, n)= 1 and m and n cannot both be odd, we see that m is even and n is odd, or vice versa. This shows that every primitive
We also see that
Pythagorean triple has the appropriate form. To complete the proof, we must show that every triple (x,
y, z) with
2-n2,
x=m
y=2mn, z=m2+n2, > n, (m, n)= 1, and m ¢. n (mod 2), is a primitive 2 2 2 2 note that m -n , 2mn, m +n forms a Pythagorean triple
where m and n are positive integers m Pythagorean triple. First, because
2 x2+ y2= (m2 -n2)2+ (2mn) = (m4-2m2n2+n4)+4m2n2 =m4+2m2n2+n4 = (m2+n2)2 =z2. To see that this triple forms a primitive Pythagorean triple, we must show that these values of x,
y, and z are mutually relatively prime. Assume for the sake of contradiction that (x, y, z) =d > 1. Then there is a prime p I(x, y, z). We note that p =f=. 2, because 2 2 2 2 x is odd (because x=m -n , where m and n have opposite parity). Also, note that
526
Some Nonlinear Diophantine Equations p I x and p I z, p I (z + x) 2m2 and p I (z - x) contradicting the fact that (m, n) 1. Therefore, (x, y, z) because
=
=
=
=
2n2. Hence, p I m and p I n, 1, and (x, y, z) is a primitive
Pythagorean triple, concluding the proof.
•
The following example illustrates the use of Theorem 13.1 to produce a Pythagorean triple.
Example 13.3.
2, so that (m, n) Hence, Theorem 13.1 tells us that (x, y, z) with Let
m
=
5 and n x
=
y
=
z
=
=
2 2 m -n
=
2 2 5 -2
=
=
1,
21
m ¢= n (mod 2), and m
>
n.
'
2mn 2 5 2 20, 2 2 52 + 22 29 m +n =
·
·
=
=
=
is a primitive Pythagorean triple. We list the primitive Pythagorean triple generated using Theorem 13.1 with
m :::; 6
in Table 13.1.
Rational Points on the Unit Circle We now turn our attention to a problem in
diophantine geometry, the subject of finding
points on algebraic curves whose coordinates are all integers or are all rational numbers. Points with rational coefficients on a curve are called
2 will find all rational points on the unit circle x2 + y
rational points on this curve. We
=
1 using geometric reasoning.
An immediate benefit of finding all rational points on the unit circle is that we can find all Pythagorean triples from these rational points. To see the relationship between
a, b, and c 2 c (so that (a, b, c) is a Pythagorean triple when 2 these integers are positive). Dividing both sides of this equation by c , we obtain Pythagorean triples and rational points on the unit circle, first suppose that
2 2 are integers with c 'I- 0 and a + b
=
2 2 (a/c) + (b/c)
=
1.
=m2-n2
y=2mn
z=m2 +n2
1
3
4
3
2
12
4
1
8
17
4
3
5 15 7
5 13
24
25
5
2
21
29
5
4
9
20 40
41
6
1
35
12
37
6
5
11
60
61
m
n
2
x
Table 13.1 Some primitive Pythagorean triples.
527
13.1 Pythagorean Triples Hence, the point (a/c, b/c) is a rational point on the unit circle x2 + y2
=
1, so that every
Pythagorean triple has an associated rational point on the unit circle. Conversely, suppose that the point (x, y) is a rational point on the unit circle, so
that x2 + y2
=
1 where x and y are rational numbers. Because both x and y are rational
numbers, we can express each as a ratio of two integers where the denominator is not zero. By choosing the least common denominator for these rational numbers, we can write x
=
a/c and y
=
b/c where a, b, and c are integers with c 'I- 0 and (a/c)2 + (b/c)2
Multiplying both sides by c 2 tells us that a2 + b2
=
1.
=
c2. So, if a and b are both positive,
then (a, b, c) is a Pythagorean triple. We now use some simple ideas from geometry to find the rational points on the unit circle. First, note that the points (0, 1), (0, -1), (1, 0), and (-1, 0) are rational points on this circle. Of these four points, we choose the point (-1, 0) to begin our work. Next, observe that if (x, y) is a point with rational coefficients in the plane, then the slope of the line between (x, y) and (-1, 0) is t
y/(x + 1), which is also rational. Now suppose that t is rational number and consider the line y t (x + 1) that goes through (-1, 0). =
=
We will show that this line intersects the unit circle in a second rational point (see Figure 13.1 ). T his will allow us to parameterize all rational points of the unit circle other than (-1, 0) in terms of the rational number t. (In general, the parameterization of a curve is the specification of the points on this curve in terms of one or more variables.)
y 2t 1
+
t2
)
x
Figure 13.1 Parameterizing rational points on the unit circle.
t (x + 1) with the unit circle x2 + y2 1, we substitute t (x + 1) for y in the equation for this circle and solve for x. We find that To find the intersection of the line y
=
x2 + t2(x + 1)2
=
=
1.
We next subtract 1 from both sides and factor x2 - 1 to obtain
(x2 - 1) + t2(x + 1)2
=
(x + l)(x - 1) + t2(x + 1)2
Factoring out the common factor x + 1 tells us that
(x + l)[(x - 1) + t2(x + l)]
=
0.
=
0.
528
Some Nonlinear Diophantine Equations
x
We note that
=
-1 is a solution; this is no surprise because ( -1, 0) is on the line. The
other solution is found by solving
(x- 1) + t2(x + 1) for
(1- t2)/(1 + t2). We find the corresponding of the line y t(x + 1). This tells us that
x. This gives x
equation
0
=
=
=
y
=
t (x + 1)
=
t
(
) (
1- t2 +1 1 + t2
=
t
1- t2
1 + t2
1 + t2 1 + t2
+
We conclude that the second point of intersection of the line
y
)
=
y using the
value for
2t =
1 + t2
t (x + 1)
.
with the unit
� circle is the point ( ��� , 1�2). This is a rational point when t is rational, because both
of its coordinates are rational functions of t (and rational functions of a rational number
t are rational because they are the quotient of two polynomials in t, and products, sums, and quotients of rational numbers are rational). We have found all the rational points on the unit circle, namely, points of the form
����, 1��2) where t is rational.
(
When we take t
=
(-1, 0)
and all
m/ n, where m and n are positive integers, in the parameterization
we have found for the rational points on the unit circle, we obtain a formula for all Pythagorean triples. That is, given positive integers
m
and
n,
we obtain the rational
(m�-n�, ;mn 2) on the unit circle. From our earlier comments, we see that (m2point m +n2 m +n 2 2
n , 2mn, m + n )
is a Pythagorean triple.
Note that when we found the rational points on the unit circle, we found the rational points on an algebraic curve of the form
f (x, y)
=
0 where f (x, y) is a polynomial with
integer coefficients. This is an important type of diophantine problem.By expressing the rational points in terms of the rational number this curve.See Exercises
t,
we gave a rational parameterization of
21-24 for additional examples of rational parameterizations of
algebraic curves.
13.1
EXERCISES 1. a) Find all primitive Pythagorean triples
b) Find all Pythagorean triples (x,
y, z)
(x, y, z) with
z
::=::
with
z
::=::
40.
40.
2. Show that if (x, y, z) is a primitive Pythagorean triple, then either x or y is divisible by 3. 3. Show that if
(x, y, z)
is a primitive Pythagorean triple, then exactly one of
x, y,
and
z is
(x, y, z)
is a primitive Pythagorean triple, then at least one of
x, y,
and
z is
divisible by 5. 4. Show that if
divisible by
4.
5. Show that every positive integer greater than 6. Let
x1
=
3, y1
=
4, z 1
=
2 is part of at least one Pythagorean triple.
5, and let Xn, Yn• Zn, for
n
=
2, 3, 4,
... , be defined recursively by
529
13.1 Pythagorean Triples
Show that
Xn+l
=
3xn + 2zn + 1,
Yn+l
=
3xn + 2zn + 2,
Zn+l
=
4xn + 3zn + 2.
(xn, Yn, Zn) is a Pythagorean triple.
7. Show that if
(x, y, z) is a Pythagorean triple with y
=
Pythagorean triples given in Exercise 6.
*
x + 1, then (x, y, z) is one of the
8. Find all solutions in positive integers of the diophantine equation
x2 + 2y2
=
2 z•
9. Find all solutions in positive integers of the diophantine equation
x2 + 3y2
=
2 z•
2 10. Find all solutions in positive integers of the diophantine equation w + 11. Find all Pythagorean triples containing the integer
x2 + y2
=
12.
12. Find formulas for the integers of all Pythagorean triples
(x, y, z) with z
y + 1.
13. Find formulas for the integers of all Pythagorean triples
(x, y, z) with z
y + 2.
=
=
y, z) (with x2 + y2 xis (r(x2) - 1)/2 if xis odd, and (r(x2/4) - 1)/2 if xis even.
2 z ) with a fixed integer
*
14. Show that the number of Pythagorean triples (x,
*
2 15. Find all solutions in positive integers of the diophantine equation x + a prime. 16. Find all solutions in positive integers of the diophantine equation 17. Show that
2 z.
=
py2
=
2 z , where pis
1/ x2 + 1/ y2
=
1/ z2.
(fnln+3, 2fn+dn+l• f;+l + f;+ ) is a Pythagorean triple, where fk denotes the 2
kth Fibonacci number.
18. Find the length of the sides of all right triangles, where the sides have integer lengths and the area equals the perimeter.
x2 + y2 1 by determining the intersection of a line t that goes through the point (1, 0) with the unit circle.
19. Find all rational points on the unit circle with rational slope
=
x2 + y2 1 by determining the intersection of a line t that goes through (0, 1) with the unit circle.
20. Find all rational points on the unit circle with rational slope
=
x2 + y2 2 by determining the intersection of a line with rational slope t that goes through (1, 1) with this circle.
21. Find all rational points on the circle
=
x2 + 3y2 4 by determining the intersection of a line t that goes through (1, 1) with this ellipse.
22. Find all rational points on the ellipse with rational slope
=
x2 + xy + y2 1 by determining the intersection of a t that goes through the point ( -1, 0) with this ellipse.
23. Find all rational points on the ellipse line with rational slope
=
2 24. Suppose that dis a positive integer. Find all rational points on the hyperbola x
dy2 1 by determining the intersection of a line with rational slope t that goes through the point ( -1, 0) -
=
on the hyperbola.
*
2 25. Show that there are no rational points on the circle x +
y2
=
2 26. Show that there are no rational points on the circle x +
3.
y2
=
15.
x2 + y2 + z2 1. (Hint: Use the stereographic projection of the unit sphere to the plane z 0. This projection maps the point (x, y, z) on the sphere to the a point (u, v, 0) that is the intersection of the line through this point and (0, 0, 1), the north pole of the sphere, and the plane z 0. Parameterize the rational
27. Find all rational points on the unit sphere
=
=
=
530
Some Nonlinear Diophantine Equations points on the unit sphere using two rational parameters
u
and
v
corresponding to this point
of intersection.)
Computations and Explorations 1. Find as many Pythagorean triples (x, y, z) as you can, where each of x, y, and z is 1 less than the square of an integer. Do you think that there are infinitely many such triples? 2. Let� (n) denote the number of primitive Pythaogrean triples with hypotenuse less than n. Find �(lOi) for 1::::: i::::: 6. By examining �(1Qi)/10i for these values of i, formulate a conjecture for the value approached by � (n) /n as n grows without bound.
Programming Projects 1. Given a positive integer n, find all Pythagorean triples containing n. 2. Given a positive integer n, find all Pythagorean triples with hypotenuse
13.2
Fermat's Last Theorem 2
In the previous section, we showed that the diophantine equation x + y
2
=
z2 has
infinitely many solutions in nonzero integers x, y, z. W hat happens when we replace the exponent 2 in this equation with an integer greater than 2? Next to the discussion of
2
the equation x + y
2
=
z2 in his copy of the works of Diophantus, Fermat wrote in the
margin: However, it is impossible to write a cube as the sum of two cubes, a fourth power as the sum of two fourth powers and in general any power as the sum of two similar powers. For this I have discovered a truly wonderful proof, but the margin is too small to contain it. Fermat did have a proof of this theorem for the special case of n
=
4. We will present
a proof for this case, using his basic methods, later in this section. Although we will never know for certain whether Fermat had a proof of this result for all integers
n >
2,
mathematicians believe it is extremely unlikely that he did. By 1800, all other statements that he made in the margins of his copy of the works of Diophantus were resolved; some were proved and some were shown to be false. Nevertheless, the following theorem is called Fermat's last theorem.
Theorem 13.2.
Fermat's Lo,st Theorem.
The diophantine equation
has no solutions in nonzero integers x, y, and z when
n
is an integer with n � 3.
13.2 Fermat's Last Theorem
531
Note that if we could show that the diophantine equation xP
+ yP= zP
has no solution in nonzero integers x, y, and z whenever p is an odd prime, we would know that Fermat's last theorem is true (see Exercise 2 at the end of this section). The quest for a proof of Fermat's last theorem challenged mathematicians for more than 350 years. Many great mathematicians have worked on this problem without ul timate success. However, a long series of interesting partial results was established, and new areas of number theory were born as mathematicians attempted to solve this problem. The first major development was Euler's proof in 1770 of Fermat's last theo rem for the case n tion x3 + y3
=
=
3. (That is, he showed that there are no solutions of the equa
z3 in nonzero integers.) Euler's proof contained an important
error, but
Legendre managed to fill in the gap soon afterward.
0
In 1805, French mathematician Sophie Germain proved a general result about Fermat's last theorem, as opposed to a proof for a particular value of the exponent n. She showed that if p and 2p + 1 are both primes, then xP + yP
=
zP has no solutions in
integers x, y, and z, with xyz 1= 0 when pl xyz. As a special case, she showed that if xs + y5 = zs, then one of the integers x, y,
and z must be divisible by 5. In 1825, both
Dirichlet and Legendre, in independent work, completed the proof of the case when n
=
S, using the method of infinite descent used by Fermat to prove then
=
4 case (and
which we will demonstrate later in this section). Fourteen years later, the case of
n=7
was settled by Lame, also using a proof by infinite descent.
G
In the mid-nineteenth century, mathematicians took some new approaches in at tempts to prove Fermat's last theorem for all exponents n. The greatest success in this direction was made by the German mathematician Ernst Kummer. He realized that a potentially promising approach, based on the assumption that unique factorization into primes held for certain sets of algebraic integers, was doomed to failure. To overcome this difficulty, Kummer developed a theory that supported unique factorization into primes. His basic idea was the concept of "ideal numbers!' Using this concept, Kummer could
SOPHIEGERMAIN(1776-1831)wasbominParisand educated at home,us ing her father's extensive library as a resource. She decided as a young teenager
to study mathematics when she discovered that Archimedes was
murdered by
the Romans. She started by reading the works of Euler and Newton. Although Germain did not attend classes, she learned from university course notes that she
managed to obtain. After reading the notes from Lagrange's lectures, she sent
him a letter under the pseudonym M. Leblanc. Lagrange, impressed with the insights displayed in this letter, decided to meet M. Leblanc; he was surprised
to find that its author was a young woman. Germain corresponded under the pseudonym M. LeBlanc with many mathematicians,
including Legendre, who included many of her discoveries in his book
Theorie des Hombres. She also made important contributions to the mathematical theories of elasticity
and acoustics. Gauss was impressed by her work and recommended that she receive a doctorate from
the University of Gtittingen. Unfortunately, she died just before she was to receive this degree.
532
Some Nonlinear Diophantine Equations prove Fermat's last theorem for a large class of primes called regular primes. Although
there are primes, and perhaps infinitely many primes, that are irregular, Kummer's work showed that Fermat's last theorem was true for many values of n. In particular, Kwn mer's work showed that Fermat's last theorem was true for all prime exponents less than 100 other than 37, 59, and 67, because these are the only primes less than 100 that are ir regular. Kummer's introduction of ''ideal numbers" gave birth to the subject of algebraic number theory, which blossomed into a major field of study, and to the part of abstract algebra known as ring theory. The exponents Kummer's work did not address-37, 59, 67, and other relatively irregular primes-fell to a variety of more powerful techniques in subsequent years. In 1983, the German mathematician Gerd Faltings managed to show that xn + yn
=
z" can have only a finite number of solutions in nonzero integers for a fixed positive integer n > 3. Of course, if this finite number could have been shown to be zero for all integers n � 3, Fermat's last theorem would have been proved. The path to the ultimate proof of Fermat's last theorem began in 1986 when the German mathematician Gerhard Frey made the first connection of Fermat's last theorem to the subject of elliptic curves. His remarkable work surprised mathematicians by linking two seemingly unrelated
areas. Computers were used to run several different numerical tests that could verify that Fermat's last theorem was true for particular values of n. By 1977, Sam Wagstaff used such tests (and several years of computer time) to verify that Fermat's last theorem held
for all exponents n with n < 125,000. By 1993, such tests had been used to verify that
ERNST EDUARD KUMM ER (1810-1893) was born in Sorau, Prussia (now
Germany). His father, a physician, died in 1813. Kummer received private tutoring before entering the Gymnasium in Sorau in 1819. In 1828, he entered the University of Halle to study theology; bis training for philosophy included the study of mathematics. Inspired by his mathematics instructor, H. F. Scherk, he switched to mathematics as his major field of study. Kummer was awarded a doctorate from the University of Halle in 1831, and began teaching at the Gymnasium in Sorau, his old school, that same year. The following year he took a similar position teaching at the Gymnasium in Liegnitz (now the Polish city of Legnica), holding the post for ten years. His research on topics in function theoi:y, including extensions of Gauss's work on hypergeometric series, attracted the attention of leading German mathematicians. They worked to find him a university position. In 1842, Kummer was appointed to a position at the University of Breslau (now Wroclaw, Poland) and began working on number theory. In 1843, in an attempt to prove Fermat's last theorem, he introduced the concept of "ideal numbers." Although this did not lead to a proof of Fermat's last theorem, Kummer's ideas led to the development of new areas of abstract algebra and the new subject of algebraic number theory. In 1855, he moved to the University of Berlin, where he remained until bis retirement in 1883. Kummer was a popular instructor. He was noted for the clarity of his lectures as well as his sense of humor and concern for his students. He was mani.ed twice. His first wife, the cousin of Dirichlet's wife, died in 1848, eight years after she and Kmnmer were married.
13.2 Fermat's Last Theorem Fermat's last theorem was true for all exponents
n
with
n <
time, no proof of Fermat's last theorem seemed to be in sight
(;
533
4 106• However, at that ·
Then, in 1993, Andrew Wiles, a professor at Princeton University, shocked the
mathematical world when he showed that he could prove Fermat's last theorem. He did
ANDREW WILES
(b. 1953) became interested in Fermat's last theorem at
the age of 10 when, during a visit to his local library, he found a book stating
the problem. He was struck that though it looked simple, none of the great
mathematicans i could solve it, and he knew that he would never let this problem go. In 1971, Wtles entered Merton College, Oxford. He graduated with his B.A.
in 1974, and entered Clare College, Cambridge, where he pursued his doctorate,
working on the theory of elliptic curves under John Coates. He was a ReseaJCh Fellow at Clare College and a Benjamin Pierce Assistant Professor at Harvard from 1977 until 1980. In 1981, he held a post at the Institute for Advanced Study in Princeton, and
in 1982 he was appointed to a professorship at Princeton University. He was awarded a Guggenheim.
Fellowship in 1985 and spent a year studying at the lnstitut des Hautes Etudes Scientifique and the Ecole Nonnale Superieure in Paris. Ironically, he did not realize that during his years of work in the
field of elliptic
curves
he was learning techniques that would someday help him solve the problem
th.at obsessed him.
'Wiles's Seven-Year Quest In 1986, Wtles learned of work by Frey and Ribet th.at showed th.at Fermat's last theorem fol lows from a conjecture in the theory of elliptic curves, known as the Shimura-Thniyama con jecture. Realizing that this led to a possible strategy for proving the theorem, he abandoned his ongoing reseaJCh and devoted himself entirely to working on Fermat's last theorem. Dwing the first few years of this work, he talked to colleagues about his progress. How ever, he decided that talking to others generated too much interest and was too distracting. During his seven years of concentrated, solitary work on Fermat's last theorem, he decided th.at he only had time for "his problem" and his family. His best way to relax during time away from his work was to spend time with his young children. In 1993, Wtles revealed to several colleagues that he was close to a proof of Fermat's last theorem. After filling what he thought were the remaining gaps, he presented an outline of his proof at Cambridge. Although there had been false alarms in the past about promising proofs of Fermat's last theorem, mathematicians generally believed Wtles had a valid proof. However, a subtle but serious
error
in reasoning was found when he wrote up his results
for publication. Wtles worked diligently, with the help of a former student, for more th.an a year, a1most giving up in frustration, before he found a way to fill the gap. Wtles's success has brought him countless awards and accolades. It has also brought
him peace of mind. He has said th.at "having solved this problem there's certainly a sense of loss, but at the same time there is this tremendous sense of freedom. I was so obsessed by this problem that for eight years I was thinking about it all the timo-when I woke up in the morning to when I went to sleep at night. That particular odyssey is now over. My mind is at rest.11
534
Some Nonlinear Diophantine Equations
this in a series of lectures in Cambridge, England. He had given no hint that the subject of his lectures was a proof of this notorious theorem. The proof he outlined was the culmination of seven years of solitary work. It used a vast array of highly sophisticated methods related to the theory of elliptic curves. Knowledgeable mathematicians were impressed with Wiles's arguments. Word began to spread that Fermat's last theorem had finally been proved. However, when Wiles's 200-page manuscript was studied carefully, a serious problem was found. Although it appeared for a time that it might not be possible to fill the gap in the proof, more than a year later, Wiles (with the help of R. Taylor) managed to fill in the remaining portions of the proof. In 1995, Wiles published his revised proof of Fermat's last theorem, now only 125 pages long. This version passed careful review. Wiles's 1995 proof marked the end of the more than 350-year search for a proof of Fermat's last theorem.
G
Wiles's proof of Fermat's last theorem is one of those rare mathematical discoveries covered by the popular media. An excellent NOVA episode about this discovery was produced by PBS (information on this show can be found at the PBS Web site). Another source of general information about the proof is Fermat's Enigma: The Epic Quest to Solve the World's Greatest Mathematical Problem by Simon Singh ([Si97)]. A thorough
treatment of the proof, including the mathematics of elliptic curves used in it, can be found in [CoSiSt97]. The original proof by Wiles was published in the Annals of Mathematics in 1995 ([Wi95]).
c
The Wolfskehl Prize There was rulded incentive besides fame to prove Fermat's last theorem. In 1908, the German industrialist Paul Wolfskehl bequeathed a prize of 100,000 marks to the Gottingen Acrulemy of Sciences, to be awarded to the first person to publish a proof of Fermat's last theorem. Unfortunately, thousands of incorrect proofs were published in a vain attempt to w in the prize, with more than 1000 published, usually as privately printed pamphlets, between 1908 and 1912 alone. (Many people, often without serious mathematical training and sometimes without a clear notion of what a correct proof is, attempt to solve famous problems such as this one even if no prize is available.) Even though Wiles's proof was acclaimed to be correct, it took two years for the GOttingen Academy of Sciences to award the Wolfskehl prize to Wiles; they wanted to be certain the proof was really correct. Contrary to rumors that the prize had been reduced by inflation to almost nothing, maybe even a pfennig (a German penny), Wtles received approximately $50,000. The prize of 100,000 marks, originally worth around $1,500,000, had been reduced to approximately $500,000 after World War I by German hyper inflation, and the introduction of the deutsche mark after World War II further reduced its value. Many people have speculated about why Wolfskehl left such a large prize for a proof of Fermat's last theorem. People with a romantic slant enjoyed the rumor that, suicidal after being jilted by his true love, he had regained his will to live when he found out about Fermat's last theorem. However, more realistic biographical research indicates that he donated the money to spite his wife, Marie, whom he was forced to marr y by his family. He did not want his fortune going to her after he died, so instead it went to the first person who could prove Fermat's last theorem.
13.2 Fermat's Last Theorem
535
Readers interested in learning more about the history of Fermat's last theorem, and how investigations relating to this conjecture led to the genesis of the theory of algebraic numbers, are encouraged to consult [Ed96], [Ri79], and [Va96].
The Proof for n
=
4
The proof we will give for the case when n = 4 uses the method ofin.finite descent devised by Fermat. This method is an offshoot of the well-ordering property, and shows that a diophantine equation has no solutions by showing that for every solution there is a "smaller" solution, contradicting the well-ordering property. Using the method of infinite descent, we will show that the diophantine equation 4 + y = z2 has no solutions in nonzero integers x, y, and z. This is stronger than 4 4 4 showing Fermat's last theorem is true for n = 4, because any x + y = z = (z2)2 gives 4 2 4 a solution ofx + y =z .
x4
Theorem 13.3.
The diophantine equation
x4 + Y4 = z2 has no solutions in nonzero integers x, y, and z.
Proof.
Assume that this equation has a solution in nonzero integersx, y, andz. Because
we may replace any number of the variables with their negatives without changing the validity of the equation, we may assume that x, y, and z are positive integers. We may also suppose that (x, y) = 1. To see this, let (x, y) = d. Then x = dx1 and 4 4 y = dyi. with (xi. y1) = 1, where x1 and y1 are positive integers. Because x + y =z2, we have
so that
d4(x { + y{) =z2. d4 I z2 and, by Exercise 43 of Section 2 z = d z i. where z1 is a positive integer. Thus, Hence,
3.5, we know that
d2 I z.
Therefore,
d4(x{ + y{) = (d2z1)2 = d4z f , so that
4 4 2 X1 + Y1 = Z1 . 4
This gives a solution of x +
y4 =z2 in positive integers x =xi.
y = Yi. and z =z1 with
(xi. Y1) = 1. So suppose that x = x0, y = y0, and z = z0 is a solution of
x4 + y4
=z2, where
x0, y0, and z0 are positive integers with (x0, y0) = 1. We will show that there is another solution in positive integersx =xi. y =Yi. andz =z1 with (xi. y1) = 1, such thatz1
< z0.
536
Some Nonlinear Diophantine Equations Because x
ci +Yci°=z5, we have (x 5)2 + (y5)2=z� ,
5 5
6 5
so that x , y , z0 is a Pythagorean triple. Furthermore, we have Cx , y ) =1, for if p is a prime such that p
I x5 and
p
I y 5, then
p
I x0 and
p
I y0, contradicting the fact that
(xo, y0) = 1. Hence, x 5, y 5, zo is a primitive Pythagorean triple, and, by Theorem 13. 1, ¢. n (mod 2), and
we know that there are positive integers m and n with (m, n) = 1, m
x 5=m2 - n2, Y5=2mn, zo=m2 +n2, where we have interchanged x
5 and y5, if necessary, to make y5 the even integer of this
part.
5
From the equation for x , we see that
x5 +n2=m2. Because (m, n) =1, it follows that x0, n, m is a primitive Pythagorean triple, mis odd, and n is even. Again, using Theorem 13.1 , we see that there are positive integers rand
s with (r, s) = 1, r ¢. s (mod 2), and xo=r 2 - s2, n=2rs, m=r 2 + s2• Because m is odd and (m, n) = 1, we know that (m, 2n) = 1. We note that because
y 5= (2n)m, Lemma 13.3 tells us that there are positive integers z1 and and 2n= w 2. Because
w
is even,
w
w
with m=z
i
=2v, where vis a positive integer, so that v2=n/2=rs.
Because (r, s) =1, Lemma 13.3 tells us that there are positive integers x1 and y1 such that r =x
f ands= Yf · Note that because (r, s) =1, it easily follows that (xi. y1) = 1.
Hence,
4 x4 1 +y1 =r 2 + s2=m=z12, where xi. Yi. z1 are positive integers with (xi. y1) = 1. Moreover, we have z1 < z0, because
z1:::z41=m2
To complete the proof, assume that x
By the well-ordering property, we know that among the solutions in positive integers there is a solution with the smallest value zo of the variable z. However, we have shown that from this solution we can find another solution with a smaller value of the variable
z, leading to a contradiction. This completes the proof by the method of infinite descent. •
13.2
Fermat's Last Theorem
537
Conjectures About Some Diophantine Equations The resolution of a longstanding conjecture in mathematics often leads to new conjec tures, and this certainly is the case for Fermat's last theorem. For example, Andrew Beal, a banker and amateur mathematician, conjectured that a generalized version of Fermat's last theorem is true, where the exponents on the three terms in the equation xn + yn
= zn
are allowed to be different.
C
Seal's Conjecture
x, y, z, a, b,
c,
where a�
xa +
yh
zc has no solutions in positive integers 3, b� 3, and c� 3 and (x, y) = (y, z) = (x, z) = 1.
The equation
=
Beal's conjecture has not been solved. To generate interest in his conjecture, Andrew Beal has offered a prize of $100,000 for a proof or a counterexample. The proof of Fermat's last theorem in the 1990s settled what was the best-known conjecture related to diophantine equations. Surprisingly, in 2002, another well-known,
c
longstanding conjecture about diophantine equations was also settled. In 1844, the Belgian mathematician Eugene Catalan conjectured that the only consecutive positive integers that are both powers (squares, cubes, or higher powers) of integers are 8 23 =
and 9 =
c
32• In other words, he made the following conjecture.
The Catalan Conjecture
The diophantine equation
has no solutions in positive integers
x, y, m, and n, where m � 2 and n � 2, other than
x = 3, y = 2, and m = 2, and n = 3.
C
Certain cases of the Catalan conjecture have been settled since the fourteenth century when Levi hen Gerson proved that 8 and 9 were the only consecutive integers that are powers of 2 and
3. That is, he showed that if 3n - 2m f= ± 1, where m and n are = 3 and n = 2. In the eighteenth century,
positive integers with m � 2 and n � 2, then m
Euler used the method of infinite descent to prove that the only consecutive cube and square are 8 and 9. That is, he proved that the only solution of the diophantine equation
x3 - y2 =
± 1 is
x = 2 and y = 3. Additional progress was made during the nineteenth
and early twentieth centuries, and in 1976, R. Tijdeman showed that the Catalan equation
had at most a finite number of solutions. It was not until 2002 that the Catalan conjecture
was settled, when Preda Mihailescu finally proved that this conjecture is correct.
A new conjecture has been formulated that attempts to unify Fermat's last theorem and Mihailescu's theorem proving the Catalan conjecture.
Fermat-Catalan Conjecture solutions if
(x, y)
=
(y, z)
=
The equation
(x, z)
=
1 and
xa +
yh
�+�+�
=
<
zc has at most finitely many 1.
The Fermat-Catalan conjecture remains open. At the present time, ten solutions of this diophantine equation are known that satisfy the hypotheses. They are:
538
Some Nonlinear Diophantine Equations 1+23
=
32,
2 5 + 72
=
34 ,
73 +132
=
29,
27 +173
=
712,
35 +114
=
1222,
177 +762713
=
21 0639282,
2 14143 +2213459
=
657,
92623 +153122832
=
11 37,
438 +962223
=
300429072'
338 + 15490342
=
15613 3.
The abc Conjecture In 1985, Joseph Oesterle and David Masser formulated a conjecture that intrigues many mathematicians. If true, their conjecture could be used to resolve questions about many well-known diophantine equations. Before stating the conjecture, we need to introduce some notation.
Definition.
If n is a positive integer, then rad(n) is the product of the distinct prime
factors of n. Note that rad(n) is also called the
squarefree
part of n because it can be
LEVI BEN GERSON (1288-1344), born at Bagnols in southern France, was a man of many talents. He was a Jewish philosopher and biblical scholar, a mathematician, an astronomer, and a physician. Most likely he made his living by practicing medicine, especially because he never held a rabbinical post. Little is known about the particulars of his life other than that he lived in Orange and later in Avignon. In 1321, Levi wrote
Book of Numbers
The
dealing with arithmetical operations, including the extraction of roots.
Later in life, he wrote
On Sines, Chords and Arcs, a book dealing with trigonometry, which
gives sine tables that were long noted for their accuracy. In 1343, the bishop of Meaux asked Levi to write a commentary on the first five books of Euclid, which he called
of Numbers.
The Harmony
Levi also invented an instrument to measure the angular distance between
celestial objects called Jacob's staff. He observed both lunar and solar eclipses and proposed new astronomical models based on the data he collected. His philosophical writings are extensive. They are considered to be major contributions to medieval philosophy. Levi maintained contacts with prominent Christians, and was noted for the universality of his thinking. Pope Clement VI even translated some of Levi's astronomical writings into Latin, and the astronomer Kepler made use of this translation. Levi was fortunate to live in Provence, where popes provided some protection to Jews, rather than another part of France. However, at times persecution made it difficult for Levi to work, even preventing him from obtaining important volumes of Jewish scholarship.
13.2 Fermat's Last Theorem
539
obtained by eliminating all the factors that produce squares from the prime factorization of n.
Example 13.4. We
0
can
If n= 24 · 32·53·12·11, then rad(n) =2 · 3 · 5 · 7·11=2310.
<11111
now state the conjecture.
Conjecture For every real number e > 0 there exists a constant K(e) such that if a, b, and c are integers such that a + b =c and (a, b)=1, then abc
max(lal, l bl, lcl) < K(e)(rad(abc)) 1+'. Many deep results have been shown to be consequences of this conjecture. It would take
us too far afield to develop the background and motivation for the abc conjecture. To
learn about the origins of the conjecture and its consequences, see the expository articles [GrTu02] and [MaOO]. In the following example, we will show how the abc conjecture
can be used to prove a result related to Fermat's last theorem. Example 13.5.
We can apply the abc conjecture to obtain a partial solution of Fermat's
last theorem. We follow an argument of Granville and Tucker [GrTu02]. Suppose that
where x, y, and z are pairwise relatively prime integers. Let a =xn, We can estimate rad(abc)=rad(x11y11z11) by noting that rad(xnynt') The equality rad(x11y11zlt)
=
=
rad(xyz)
<
xyz
<
b =yn, and c =zn.
z3•
rad(xyz) holds because the primes dividing x11y 11z11 are the
same as the prim.es dividing xyz. The first inequality follows because rad(m)
<
m for
every positive integer m, and the last inequality holds because x and y are positive,
that x
<
z and y
<
z.
EUGENE CATALAN (1814-1894) was born in Bruges, Belgium. He gradu ated from the Ecole Polytechnique in 1835. He then was appointed to a teaching post at Ch8lons sur Marne. Catalan obtained a lectureship in descriptive geome try at the Ecole Polytechnique in 1838, with the help of his schoolmate Joseph Liouville, who was impressed by Catalan's mathematical talents. Unfortunately, Catalan's career was aversely affected by the reaction of the authorities to bis political activity in favor of the French Republic. Catalan published extensively on topics in number theory and other areas of mathematics. He is perhaps best known for his definition of the numbers
now
known as Catalan numbers, which appear in so many
contexts in enumeration problems. He used these numbers to solve the problem of det.ermining the number of regions produced by the dissection of a polygon into triangles by nonintersecting diagonals. It turns out that Catalan was not the first to solve this problem, because it was solved in the eighteenth century by Segner, who presented a less elegant solution than Catalan.
so
Some Nonlinear Diophantine Equations
540
Now applying the abc conjecture and noting that E
>
0, there exists a constant K(E)
>
max(lal, lbl, lei)= zn, for every
0 such that
zn ::'.::: K(E)(z3)1+€. If we can take E= 1/6 andn that
� 4, it is easy to see thatn - 3(1 + E) � n/8. This implies n Z ::'.::: K(1/6)8,
where K(l/6) is the value of the constant K(E) for E= 1/6. It follows that z ::'.::: K(l/6)8/n.
Consequently, in a solution of xn +
yn = zn with n � 4, the numbers x, y, and z
less than a fixed bound, which implies that there
are
are
all
only finitely many such solutions. ....
13.2
EXERCISES 1. Show that if
xn + yn =f=. Zn.
x, y, z is a Pythagorean triple and n is an integer with n
2. Show that Fermat's last theorem is a consequence of Theorem
>
2, then
13.3, and of the assertion that
xP + yP= zP has no solutions in nonzero integers when pis an odd prime.
3. Using Fermat's little theorem, show that if pis prime, and
+ yP-l= zP-1, then p I xyz. xP + yP= zP, then pI (x + y - z).
a) if xP-l
b) if >
4. Show that the diophantine equation x4 - y4= z2 has no solutions in nonzero integers using
the method of infinite descent.
S. Using Exercise 4, show that the area of a right triangle with integer sides is never a perfect
square.
*
6. Show that the diophantine equation x4 + 4y4 = z2 has no solutions in nonzero integers.
*
7. Show that the diophantine equation x4 + 8y4 = z2 has no solutions in nonzero integers.
3y4= z2 has infinitely many solutions. Find all solutions in the rational numbers of the diophantine equation y2= x4 + 1.
8. Show that the diophantine equation x4 + 9.
(,
A diophantine equation of the form y2
=
x3 +
k, where k is an integer, is called a Bachet equation
after Claude Bachet, a French mathematician of the early seventeenth century.
10. Show that the Bachet equation y2= x3 + 7 has no solutions. (Hint: Consider the congruence
resulting by first adding 1 to both sides of the equation and reducing modulo 4.)
*
11. Show that the Bachet equation y2= x3 + 23 has no solutions in integers x and
y. (Hint: Look
12. Show that the Bachet equation y2= x3 + 45 has no solutions in integers x and
y. (Hint: Look
at the congruence obtained by reducing this equation modulo 4.)
*
at the congruence obtained by reducing this equation modulo 8.)
13. Show that in a Pythagorean triple there is at most one square. 14. Show that the diophantine equation x2
+ y2 = z3 has infinitely many integer solutions, k, the integers x = 3k2 - 1, y = k(k2 - 3), and
by showing that for each positive integer z
=
k2 + 1 form a solution.
13.2 Fermat's Last Theorem 15. This
exercise
541
asks for a proof of a theorem proved by Sophie Germain in 1805. Suppose
that n and p are odd primes, such that p I xyz whenever x , y , and z are integers such that xn + yn + zn = 0 {mod p). Further suppose that there are no solutions of the congruence wn
=
n {mod p). Show that ifx, y , andz areintegers such thatxn + yn + zn=0, thenn I xyz.
16. Show that the diophantine equation w3 + x 3 + y 3 = z3 has infinitely many nontrivial solu tions. (Hint: Take w = 9zk4 ,x =z(l- 9k 3), andy = 3zk(l- 3 k 3), wherez andk are nonzero integers.)
17. Can you find four consecutive positive integers such that the sum of the cubes of the first three is the cube of the fourth integer?
18. Prove that the cliophantine equation w4 + x4=y4 + z 4 has infinitely many nontrivial solu tions. (Hint: Follow Euler by taking w=m 7 +m5n2 - 2m 3n4 + 3m2n5 +m n6 , x =m6n 3ms n2 - 2m4n3 +m 2 nS + n7' y =m 7 +ms n2 - 2m 3n4 - 3m2nS +mn6 ' and z =m6n + 5 3msn2 - 2m 4n3 +m2 n + n7, wherem and n are positive integers.) 19. Show that the only solution of the cliophantine equation 3 n - 2m=-1 in positive integersm andn ism = 2 and n = 1. 20. Show that the only solution of the cliophantine equation 3" - 2m = 1 in positive integers m andn ism=3 andn=2 .
21. The diophantine equationx2 + y2 + z2 =3xyz is called Markov's equation. a) Show that ifx=a, y=b, andz=c is a solution of Markov's equation, thenx=a, y=b, and z ='Jab- c is also a solution of Markov's equation.
CLAUDE GASPAR BACHET DE MEZIRIAC (1581-1638) was born in Bourg-en-Bresse, France. his father was an aristocrat and was the highest ju
dicial officer in the province. His early education too k place at a house of the
Jesuit order of the Duchy of Savoy. Later, he studied under the Jesuis t in Lyon, Padua, and Milan. In 1601, he entered the Jesuit Order in Milan where it is
presumed that he taught. Unfortunately, he became ill in 1602 and left the Je
suit order. He resolved to live a life of leisure on his estate at Bourg-en-Bresse, which produced a considerable annual income for him. Bachet married in 1612
and had seven children. Bachet spent almost all of his life living on his estate, except for 1619-1620,
when he lived in Paris. While in Paris, it was suggested that he become tutor to Louis XIII. This led
to
a hasty departure from the royal court.
Bachet's work in number theory concentrated on diopbantine equations. In 1612, he presented
a complete discussion on the solution of linear diophantine equations. In 1621, Bachet conjectured
that every positive integer can be written as the sum of four squares; he checked his conjecture for all
integers up to 325. Also, in 1621, Bachet discussed the diophantine equation that now bears his name.
He is best known, however, for his Latin translation from the original Greek of Diophantus' book
Arithmetica. It was m his copy of this book that Fermat wrote his marginal note about what we now
call Fermat's last theorem. Bachet also wrote books on mathematical puzzles. His writings were the basis of most later boo ks on mathematical recreations. Bachet discovered a method of constructing magic squares. He was elected to the French Academy in 1635.
Bachet also composed literary works, including poems in French, Italian, and Latin, translated religious works and some of Ovid's writings, and published an anthology of French poems entitled
Delices.
542
Some Nonlinear Diophantine Equations
*
b) Show that every solution in positive integers of Markov's equation is generated starting with the solution x
**
1, y
=
1, and z
=
1 and successively using part(a).
22. Apply the abc conjecture to the Catalan equation xm - yn with
* *
=
m
=
1, where
m
and n are integers
� 2 and n � 2, to obtain a partial solution of the Catalan conjecture.
23. Apply the abc conjecture to show that there are no solutions to Beal's conjecture when the exponents are sufficiently large.
Computations and Explorations 1. Euler conjectured that no sum of fewer than n nth powers of nonzero integers is equal to the nth power of an integer. Show that this conjecture is false(as was shown in 1966 by Lander and Parkin) by finding four fifth powers of integers whose sum is also the fifth power of an integer. Can you find other counterexamples to Euler's claim? 2. Given a positive integer n, find as many pairs of equal sums of nth powers as you can.
Programming Projects 1. Given a positive integer n, search for solutions of the diophantine equation xn + yn 2. Generate solutions of the diophantine equation x2 + y2
=
=
zn.
z3(see Exercise 16).
3. Given a positive integer k, search for solutions in integers of Bachet's equation y2
=
x3 + k.
4. Generate the solutions of Markov's equation, defined in Exercise 21 .
13.3
Sums of Squares Mathematicians throughout history have been interested in problems regarding the rep resentation of integers as sums of squares. Diophantus, Fermat, Euler, and Lagrange are among the mathematicians who made important contributions to the solution of such problems. In this section, we discuss two questions of this kind: Which integers are the sum of two squares? What is the least integer n such that every positive integer is the sum of
n
squares?
We begin by considering the first question. Not every positive integer is the sum of two squares. In fact, n is not the sum of two squares if it is of the form4k + 3. To see this, note that because a2
=
0 or 1(mod4) for every integer a, x2 + y2
=
0, 1, or 2(mod 4).
To conjecture which integers are the sum of two squares, we first examine some small positive integers.
Example 13.6.
Among the first 20 positive integers, note that
13.3 Sums of Squares 1= 02 +12,
11 is not the sum of two squares,
2= 12+12,
12 is not the sum of two squares,
3 is not the sum of two squares,
13=32+22,
4=22+02,
14 is not the sum of two squares,
5=12+22,
15 is not the sum of two squares,
6 is not the sum of two squares,
16= 42+02,
7 is not the sum of two squares,
17=42+12,
8=22+22,
18=32+32,
9=32+02,
19 is not the sum of two squares,
10 =32+12,
20=22+42.
543
It is not immediately obvious from the evidence in Example 13.6 which integers, in general, are the sum of two squares. (Can you see anything in common among those positive integers not representable as the sum of two squares?) We now begin a discussion that will show that the prime factorization of an integer determines whether this integer is the sum of two squares. There are two reasons for this. The first is that the product of two integers that are sums of two squares is again the sum of two squares; the second is that a prime is representable as the sum of two squares if and only if it is not of the form 4k +3. We will prove both of these results. Then we will state and prove the theorem that specifies which integers are the sum of two squares. The proof that the product of sums of two squares is again the sum of two squares relies on an important algebraic identity that we will use several times in this section. Theorem 13.4.
If m and
n
are both sums of two squares, then
mn
is also the sum of
two squares. Proof.
Let
m = a2+b2
and n = c2+d2. Then
mn = (a2 +b2)(c2 + d2)= (ac+bd)2 +(ad
(13.2)
- bc)2.
The reader can easily verify this identity by expanding all the terms. Example 13.7.
•
Because 5=22+ 12 and 13 =32+22, it follows from (13.2) that 65= 5 . 13= (22+12)(32+22) = (2 . 3+1·2)2 +(2 . 2 - 1·3)2=82+12.
One crucial result is that every prime of the form 4k +1 is the sum of two squares. To prove this result, we will need the following lemma. Lemma 13.4.
If p is a prime of the form 4m +1, where
m
is an integer, then there
exist integers x and y such that x2+y2 = kp for some positive integer k with k < p. Proof.
By Theorem 11.5, we know that -1 is a quadratic residue of p. Hence, there is
an integer a, a< p, such that a2
=
-1 (mod p). It follows that a2 +1= kp for some
544
Some Nonlinear Diophantine Equations 2 2 positive integer k. Hence, x +y =kp, where x=a and y=1. From the inequality 2 2 2 2 • kp=x +y :::: ( p - 1) +1 < p , we see that k < p. We can now prove the following theorem, which tells us that all primes not of the form 4k+3 are the sum of two squares.
Theorem 13.5. If p is a prime not of the form 4k+3, then there are integers x and y 2 2 such that x +y = p.
Proof.
2 2 Note that 2 is the sum of two squares, because 1 + 1 = 2. Now, suppose
that p is a prime of the form 4k+ 1. Let m be the smallest positive integer such that 2 2 x +y =mp has a solution in integers x and y. By Lemma 13.4, there is such an integer less than p; by the well-ordering property, a least such integer exists. We will show that m=1. Assume that m
>
1. Let a and b be defined by a=x (modm),
b=y (modm)
and -m/2
-m/2 < b:::: m/2.
2 2 2 2 It follows that a +b =x +y =mp=0 (mod m ). Hence, there is an integer k such that 2 2 a +b =km. We have 2 2 2 2 2 (a +b )(x +y )=(km)(mp)=km p. By equation (13.2), we have 2 2 2 2 2 2 (a +b )(x +y )=(ax+by) +(ay - bx) . Furthermore, because a=x (mod m) and b=y (mod m), we have 2 2 ax+by=x +y =0 (mod m) ay - bx=xy - yx=0 (mod m). Hence, (ax+by)/m and (ay - bx)/m are integers, so that
(
ax
:
by
r ( +
ax
: by ) '=km2 p/m2=kp
is the sum of two squares. If we show that 0
13.3 Sums of Squares
545
m Ix and m I y. Because x2 + y2 =mp, this implies that m2 Imp, which implies that m I p. Because m is less than p, this implies that m= 1, which is
which shows that
•
what we wanted to prove.
We can now put all the pieces together and prove the fundamental result that classifies the positive integers that are representable as the sum of two squares.
Theorem 13.6.
n is the sum of two squares if and only if each 4k+3 occurs to an even power in the prime factorization
The positive integer
prime factor of n of the form ofn.
n there are no primes of the form 4k+3 that appear to an odd power. We write n= t2u, where u is the product of primes. No primes of the form 4k+3 appear in u. By Theorem 13.5, each prime in u can be written as the sum of two squares. Applying Theorem 13.4 one time fewer than the
Proof
Suppose that in the prime factorization of
number of different primes in
u
shows that U
u
is also the sum of two squares, say,
=X2+ y2 .
It then follows that n is also the sum of two squares, namely, n= (tx)2+(ty)2. Now, suppose that there is a prime
p, p=3 (mod 4), that occurs in the prime factorization n is the sum
of n to an odd power, say, the (2j + l)th power. Furthermore, suppose that of two squares, that is,
n=X2+ y2. Let
(x, y)= d, a= x/d, b= y/d, and m= n/d2• It follows that (a, b)= 1 and a2+b2=m.
pk is the largest power of p that divides d. Then m is divisible by p2j-2k+ 1, and 2j - 2k+1 is at least 1 because it is nonnegative; hence, p Im. We know that p does not divide a, for if p I a, then p I b because b2 =m - a2, but (a, b)= 1. Suppose that
Thus, there is an integer
z such that az= b (mod p ). It follows that
a2 +b2 = a2 +(az)2 = a2 (1+z2) (mod p). Because
a2+b2=m and p Im, we see that a2(1+z2)=0 (mod p).
(a, p) = 1, it follows that 1 + z2 = 0 (mod p). This implies that z2 = -1 (mod p), which is impossible because -1 is not a quadratic residue of p, because p=3 (mod 4). This contradiction shows that n could not have been the sum of two
Because
squares.
•
Because there are positive integers not representable as the sum of two squares, we can ask whether every positive integer is the sum of three squares. The answer is no, as it is impossible to write 7 as the sum of three squares (as the reader should show). Because
546
Some Nonlinear Diophantine Equations three squares do not suffice, we ask whether four squares do. The answer to this is yes, as we will show. Fermat wrote that he had a proof of this fact, although he never published it (and most historians of mathematics believe that he actually had such a proof). Euler was unable to find a proof, although he made substantial progress toward a solution. It was in
1770 that Lagrange presented the first published solution.
The proof that every positive integer is the sum of four squares depends on the following theorem, which shows that the product of two integers both representable as the sum of four squares can also be so represented. Just as with the analogous result for two squares, there is an important algebraic identity used in the proof.
Theorem 13.7.
If m and n are positive integers that are each the sum of four squares,
then mn is also the sum of four squares.
Proof.
2 2 2 2 2 2 2 2 +b + c + d andn= e + f + g +h . Thefact thatmn is also
Letm = a
the sum of four squares follows from the following algebraic identity:
2 2 2 2 2 2 2 2 +b + c + d )(e + f + g +h ) 2 2 = (ae+bf+ cg+ dh) +(af - be+ ch - dg) 2 2 +(ag - bh - ce+ df) +(ah+bg - cf - de) .
mn = (a
(13.3)
The reader can easily verify this identity by multiplying all the terms. We illustrate the use of Theorem
•
13.7 with an example.
2 2 2 2 2 2 2 2 Example 13.8. Because 7 = 2 + 1 + 1 + 1 and 10 = 3 + 1 +0 +0 , from (13.3) it follows that 2 2 2 2 2 2 2 2 10=1 . 10= c2 +1 +1 +1 )(3 +1 +0 + o ) 2 2 = (2 . 3+1 . 1+ 1 . 0+ 1 . 0) +(2 . 1 - 1 . 3+1 . 0 - 1 . 0) 2 2 +(2 . 0 - 1 . 0 - 1 . 3+1 . 1) +(2 . 0+1 . 0 - 1 . 1 - 1 . 3) 2 2 2 2 =7 +1 +2 +4 . We will now begin our work to show that every prime is the sum of four squares. We begin with a lemma.
Lemma 13.5.
If p is an odd prime, then there exists an integer
k, k
2 2 2 2 kp= x + y + z + w has a solution in integers
Proof.
x, y, z, and w.
We will first show that there are integers x and
2 2 x + y +1 with 0
:::: x
<
p /2 and 0 :::: y
<
p/2.
=
y such that
0 (mod p)
<
p, such that
13.3 Sums of Squares
547
Let s
=
{
02 ' 12 ' ... '
2
( )} p- 1 -2
and
{
T= -1-02, -1- 12, . .. , -1-
2
( )} p- 1 -2
.
No two elements of Sare congruent modulo p (because x2 =y2 (mod p) implies that x= ±y (mod p)). Likewise, no two elements of Tare congruent modulo p.It is easy to see that the set SU Tcontains p + 1 distinct integers. By the pigeonhole principle, there are two integers in this union that are congruent modulo p. It follows that there are integers x and y such that x2 =-1- y2 (mod p) with0 ::::: x ::::: (p - 1)/2 and 0 ::::: y ::::: (p- 1) /2. We have x2 + y2 + 1= 0(mod p); it follows that x2 + y2 + 1 +02
=
kp for some integer k. Because x2 + y2 + 1 ::::= 2((p-
1)/2)2 + 1 < p2, it follows that k < p.
•
We can now prove that every prime is the sum of four squares. Theorem 13.8.
Let p be a prime. Then the equation x2 + y2 + z2 + w2
=
p has a
solution, where x, y, z, and w are integers. The result is true when p
Proof
=
2, because 2
=
12 + 12 +02 +02.Now, assume that
p is an odd prime.Letm be the smallest integer such that x2 + y2 + z2 + w2
=
mp has
a solution, where x, y, z, and w are integers. (By Lemma13.5, such integers exist, and by the well-ordering property, there is a minimal such integer.) The theorem will follow if we can show that m
=
1. To do this, we assume that m
>
1 and find a smaller such
integer. Ifm is even, then either all of x, y, z, and w are odd, all are even, or two are odd and two are even.In all these cases, we can rearrange these integers(if necessary ) so that x=y(mod 2) and z=w(mod 2). It then follows that(x- y)/2, (x + y) /2, (z- w)/2, and (x + w)/2 are integers, and
(;r ( r ( x
y
+
x
�
y
+
'
�
w
r ( +
'
:
w
r
=
(m/2)p.
This contradicts the minimality ofm. Now suppose thatm is odd andm a=x(modm),
>
1.Let a, b, c, and d be integers such that
b=y(modm),
c=z(modm),
d=w(modm),
and -m/2
-m/2 < b
-m/2 < c
-m/2 < d
548
Some Nonlinear Diophantine Equations We have a2 +b2 + c2 +d2 = x2 + y2 +z2 +w2 (mod m); hence, a2 +b2 + c2 +d2 =km for some integer k, and 0 ::::: a2+b2 + c2 +d2 Consequently, 0 ::::= k
<
>
4(m/2)2 =m2.
m. If k =0, we have a =b =c =d =0, so that x= y= z= w=
0 (mod m). From this, it follows that m2 It follows that k
<
I mp, which is impossible because 1 < m
<
p.
0.
We have 2 (x2 + y2 +z2 +w2)(a2 +b2 + c2 +d2) =mp ·km =m kp. But by the identity in the proof of Theorem 13.7, we have (ax+by+ cz+dw)2 +(bx - ay+dz - cw)2 +(ex - dy - az+bw)2 +(dx +cy - bz - aw)2 =m2kp. Each of the four terms being squared is divisible by m, because ax+by+ cz+dw = x2 + y2 +z2 +w2= 0 (mod m), bx - ay+dz - cw= yx - xy+wz - zw= 0 (mod m), ex - dy - az+bw= zx - wy - xz+ yw= 0 (mod m), dx + cy - bz - aw= wx +zy - yz - xw= 0 (mod m). Let X, Y, Z, and W be the integers obtained by dividing these quantities by m, that is, X =(ax+by+ cz+dw)/m, Y =(bx - ay+dz - cw)/m, Z =(ex - dy - az+bw)/m, W =(dx+ cy - bz - aw)/m. It then follows that X2 + Y 2 + Z2 + W2 =m2kp/m2 =kp. But this contradicts the choice of m; hence, m must be 1.
•
We now can state and prove the fundamental theorem about representations of integers as sums of four squares.
Theorem 13.9.
Proof.
Every positive integer is the sum of the squares of four integers.
Suppose that
arithmetic,
n
n
is a positive integer. Then, by the fundamental theorem of
is the product of primes. By Theorem 13.8, each of these prime factors
can be written as the sum of four squares. Applying Theorem 13.7 a sufficient number of times, it follows that
n
is also the sum of four squares.
•
13.3 Sums of Squares
549
We have shown that every positive integer can be written as the sum of four squares.
0
As mentioned, this theorem was originally proved by Lagrange in 1770. Around the same time, the English mathematician Edward Waring generalized this problem. He stated, but did not prove, that every positive integer is the sum of nine cubes of nonnegative integers, the sum of 19 fourth powers of nonnegative integers, and so on. We can phrase this conjecture in the following way.
k is a positive integer, is there an integer g(k) such that every positive integer can be written as the sum of g(k) kth powers of nonnegative integers, Waring's Problem.
If
and no smaller number of kth powers will suffice? Lagrange's theorem shows that we can take
g(2)
=
4 (because there are integers
that are not the sum of three squares). In the nineteenth century, mathematicians showed that such an integer
g(k) exists for 3 < k < 8 and k
=
David Hilbert showed that for every positive integer
10. But it was not until 1906 that
k, there is a constant g(k) such that
EDWARD WARING (1736-1798) was born in Old Heath in Shropshire, En gland, where his father was a farmer. As a youth, Edward attended Shrewsbury School. He entered Magdalene College, Cambridge, in 1753, winning a schol arship qualifying him for a reduced fee if he also worked as a servant. His mathematical talents quickly impressed his teachers and he was elected a fellow of the college in 1754, graduating in 1757. Noted by many as a prodigy, Waring was nominated for the Lucasian Chair of Mathematics at Cambridge in 1759; after some controversy, he was confirmed as the Lucasian professor in 1760 at the age of 23. Waring's most important work was Meditationes Algebraicae, which covered topics in the theory of equations, number theory, and geometry. In this book, he makes one of the first important contributions to the part of abstract algebra now known as Galois theory. It was also in this book that he stated without proof that every integer is equal to the sum of not more than nine cubes, that every integer is the sum of not more than 19 fourth powers, and so on-the result we now call Waring's theorem. To honor his contributions in the Meditationes Algebraicae, Waring was elected a Fellow of the Royal Society in 1763. However, few scholars read the book, because of its difficult subject matter and because Waring used a notation that made his work hard to understand. Surprisingly, Waring also studied medicine while holding his chair in mathematics. He graduated with an M.D. in 1767 and for a brief time practiced medicine at several hospitals, before giving up medicine in 1770. His lack of success in medicine has been attributed to his shy manne r and poor eyesight. Waring was able to pursue medicine while holding his chair in mathematics because he did not present lectures on mathematics. In fact, Waring was noted as a poor communicator with
handwriting almost impossible to read. Waring was married to Mary Oswell in 1776. He and his wife lived in the town of Shrewsbury for a while, but his wife did not like the town. The couple later moved to Waring's country estate. Waring was considered by his contemporaries to possess an odd combination of vanity and mod esty, but with vanity predominating. He is recogni7.ed as one of the greatest English mathematicians of his time, although his poor communication skills limited his reputation while he was alive. More
over, according to one account, near the end of his life he fell into a deep religious melancholy that approached insanity and prevented him from accepting several awards.
Some Nonlinear Diophantine Equations
550
every positive integer may be expressed as the swn of g(k) kth powers of nonnegative integers. Hilbert's proof is extremely complicated and is not constructive, so that it gives no formula for g(k). It is now known that g(3) g(k)
=
=
9, g(4)
=
19, g(5)
=
37, and
k k [(3/2) ] + 2 - 2
for 6.:::: k.:::: 471,600,000. Proofs of these formulas rely on nonelementary results from analytical number theory. There are still many unanswered questions about the values of g(k). Although every positive integer can be written as the sum of nine cubes, it is known that the only positive integers not representable as the sum of eight cubes are 23 and 239.
c
It is also known that every sufficiently large integer can be represented as the sum of at
most seven cubes. Observations of this sort lead to the definition of the function G(k), which equals the least positive integer such that all sufficiently large positive integers can be represented as the swn of at most G(k) kth powers. The preceding remarks imply that G(3).:::: 7. It is also not hard to see that G(3) � 4, because no positive integer with
n =
n
±4 (mod 9) can be expressed as the sum of three cubes (see Exercise 22).
This implies that 4.:::: G(3).:::: 7. It may surprise you to learn that it is still not known whether G(3)
=
4, 5, 6, or 7. The value of G(k) is extremely difficult to determine;
the only known values of G(k) are G(2) inequalities for G(k), with k
=
=
4 and G(4)
=
16. The best currently known
5, 6, 7, and 8, are 6.:::: G(5).:::: 17, 9.:::: G(6).:::: 24, 8.::::
G(7).:::: 32, and 32.:::: G(8).:::: 42. The interested reader can learn about recent results regarding Waring's problem by consulting the numerous articles on this problem described in [Le74]. The paper of Wunderlich and Kubina [WuKu90] established the upper limit of the range for which it has been verified that g(k) is given by this formula.
13.3
EXERCISES 1. Given that 13 = 3 2 + 2 2, 29 = 52 + 2 2, and 50 = 7 2 + 12, write each of the following integers as
the sum of two squares.
a) 377
=
13 29 ·
b) 650
=
13 50 ·
c) 1450
=
29 50 ·
d) 18,850
=
13 29 50 ·
·
2. Determine whether each of the following integers can be written as the sum of two squares.
a) 19
c) 29
e) 65
g) 99
b) 25
d) 45
f) 80
h) 999
i) 1000
3. Represent each of the following integers as the sum of two squares.
a) 34
b) 90
c) 101
d) 490
e) 21,658
f) 324,608
4. Show that a positive integer is the difference of two squares if and only if it is not of the form
4k + 2, where k is an integer. 5. Represent each of the following integers as the sum of three squares if possible.
a) 3
b) 90
c) 11
d) 18
e) 23
f) 28
6. Show that the positive integer n is not the sum of three squares of integers if n is of the form
8k + 7, where k is an integer.
13.3 Sums of Squares
551
7. Show that the positive integer n is not the sum of three squares of integers if n is of the form 4m(8k+ 7), where m and k are nonnegative integers. 8. Prove or disprove that the sum of two integers each representable as the sum of three squares of integers is also thus representable. 9. Given that7 = 2 2+ 12+ 12+12, 15 = J2+ 2 2+ 12+ 12, and 34 = 42+ 42+12+ 12, write each of the following integers as the sum of four squares. a) 105=1 15 ·
b) 510 = 15 34
c) 238= 7 34
·
10. Write each of the followin g positive integers a) 6
b) 12
d) 3570 = 7 15 34
·
as
·
the sum of four squares.
d) 89
c) 21
·
e) 99
f ) 555
11. Show that every integer n, n � 170, is the sum of the squares of five positive integers. (Hint: Write m = n 169 as the sum of the squares of four integers, and use the fact that 169 = 132 = 12 2+52 = 122+ 42+32 = 10 2+ 82+ 22+ 12.) -
12. Show that the only positive integers that are not expressible as the sum of five squares of positive integers are 1, 2, 3, 4, 6, 7, 9, 10, 12, 15, 18, 33.
(Hint: Use Exercise 11, show that
each of these integers cannot be expressed as stated, and then show all remaining positive integers less than 170 can be expressed *
as
stated.)
13. Show that there are arbitrarily large integers that are not the sums of the squares of four positive integers. We outline a second proof for Theorem 13.S in Exercises 14-15.
*
V
a is an integer not divisible by p, then there exist integers x = y (mod p) with 0
14. Show that if pis prime and and y such that ax
that are congruent modulo p. Construct x and y from the two values of
of v, respectively.)
u
and the two values
(Hint: Show that there is an integer a with a2 = -1 (mod p). Then apply Thue's lemma with this value of a.)
15. Use Exercise 14 to prove Theorem 13.S.
16. Show that 23is the sum of nine cubes of nonnegative integers but not the sum of eight cubes of nonnegative integers. Exercises 17-21 give an elementary proof that g(4)::; SO.
AXEL THUE (1863-1922) was born in T0nsberg, Norway. He :received his degree from the
University of Oslo in 1889. He studied under the German
mathematician Lie in Liepzig and in Berlin from 1891 until 1894, and he was professor of applied mechanics at the University of Oslo from 1903 until 1922. Thue was the first person to study the problem of finding an infinite sequence over a
finite alphabet that does not contain any
occurs rence
of adjacent identical
blocks. His work on the approximations of algebraic numbers was seminal, and was later improved by Siegel and by Roth. Using his results, he managed 3 2x3 = 1 have a finite number of solutions.
to prove that certain diophantine equations such as y
-
Edmund Landau characterized Thue's theorem on approximation as "the most important discovery in elementary number theory that I know."
Some Nonlinear Diophantine Equations
552
17.
Show that
(t )
2
(x xi j)4+(x1 - Xj)4) 6 1� � ( 1 + X 4 (Hint: Start with the identity (xi+ xj)4+(xi - xj)4 2x(+ 12xtxJ + 2xj.)
t7
=
=
18.
Show from Exercise 17 that every integer of the form 6n2, where n is a positive integer, is the sum of 12 fourth powers.
19.
Use Exercise 18 and the fact that every positive integer is the sum of four squares to show that every positive integer of the form 6m, where m is a positive integer, can be written as the sum of 48 fourth powers.
20.
Show that the integers 0, 1, 2, 81, 1 6, 1 7 form a complete system of residues modulo 6, each of which is the sum of at most two fourth powers. Show from this that every integer n with n > 81 can be written as 6m + k, where m is a positive integer and k comes from this complete system of residues. Conclude from this that every integer n with n < 81 is the sum of50 fourth powers.
21.
Show that every positive integer n with n:::; 81 is the sum of at most 50 fourth powers. (Hint: For 51:::; n:::; 81, start by using three terms equal to 24.) Conclude from this exercise and Exercise 20 that g(4):::; 50.
22.
Show that no positive integer n, n = ±4 (mod 9), is the sum of three cubes.
23.
Show that G(4) � 15 by showing that if n is a positive integer with n = 15 (mod 1 6), then n cannot be represented as the sum of fewer than 15 fourth powers of integers.
24.
Use the fact that 31 is not the sum of 15 fourth powers and the method of infinite descent, to show that no positive integer of the form 31 1 6m is the sum of 15 fourth powers. (Hint: Suppose that LJ:,1 x( = 31 1 6m. Show that each xi must be even, so that LJ:,1(xi/2)4 = 31 16m-l.) ·
·
·
Computations and Explorations 1.
Find the number of ways that each integer less than 100 can be written as the sum of two squares. (Count the sum (±x2) + (±y2) four times, once for each choice of signs.)
2.
Using numerical evidence, make a conjecture concerning which positive integers can be expressed as the sum of three squares. (Be sure to consult Exercise 7.)
3.
Explore which positive integers can be written as the sum of n cubes of nonnegative integers for n = 2, 3, 4, 5.
Programming Projects *
1.
Determine whether a positive integer n can be represented as the sum of two squares and so represent it if possible.
*
2.
Given a positive integer n, represent n as the sum of four squares.
13.4 Pell's Equation
13.4
553
Pell's Equation In this section, we study diophantine equations of the form x2 - dy2= n,
(13.4)
where dand n are fixed integers. When d < 0 and n < 0, there are no solutions of (13.4). When d < 0 and n > 0, there can be at most a finite number of solutions, because the equationx2 - dy2= n implies that Ix I� ,Jn and I y I� Jn/ Id I. Also, note that when d is a square, say, d=D2, then x2 - dy2=x2 - D2y2= (x +Dy)(x - Dy)= n. Hence, any solution of (13.4), when dis a square, corresponds to a simultaneous solution of the equations x+Dy=a, x - Dy=b, where a and b are integers such that n =ab. In this case, there are only a finite number of solutions, because there is at most one solution in integers of these two equations for each factorization n =ab. For the rest of this section, we are interested in the diophantine equationx2 - dy2= n, where d and n are integers and d is a positive integer that is not a square. As the following theorem shows, the simple continued fraction of ,Jd, is very useful for the study of this equation.
Let d and n be integers such that d > 0, d is not a square, and ,Jd,. Ifx2 - dy2= n, thenx/ y is a convergent of the simple continued fraction of
Theorem
I n I< ,Jd,.
13.10.
Proof First consider the case where n (13.5)
>
0.
Becausex2 - dy2= n, we see that
(x+ yJd )(x - yJd )=n.
From (13.5), we see that x - y,Jd, >
0,
and, because 0 < n < ,Jd,, we see that
so thatx > y,Jd,. Consequently,
554
Some Nonlinear Diophantine Equations
� ,Jd (x - .Jd y) = y y x2 - dy2 y(x+ y../d) In I < ---
y(2y../d)
<
Because 0 < !. y
.Jd 2y2../d 1 2y2"
---
- ../d < 212, Theorem 12.19 tells us that x/ y must be y
a convergent of
the simple continued fraction of ../d. W hen n < 0, we divide both sides of x2
- dy2 = n by -d, to obtain
y2 - (l/d)x2 = -n/d. By a similar argument to that given when n
>
0, we see that
y/ x
is a convergent of
the simple continued fraction expansion of 1/../d.Therefore, from Exercise 7 of Section
12.3, we know that x/ y = 1/(y/ x) must be a convergent of the simple continued fraction • of ../d = 1/(1/../d). We have shown that solutions of the diophantine equation
x2 - dy2 = n,
where
I n I< ../d, are given by the convergents of the simple continued fraction expansion of ../d.We will restate Theorem 12.24 here, replacing n by d, because it will help us to use these convergents to find solutions of this diophantine equation. Theorem 12.24.
Let
d
ak =(Pk+ Qk+l = (d - Pf+1)fQk, for k = 0, l,
be a positive integer that is not a square. Define
../d)fQko ak = [ak], Pk+l = akQk - Pk, and 2, ..., where a0 = ../d.Furthermore, let Pkfqk denote the kth convergent of the simple continued fraction expansion of ../d.Then
Pi- dq'f =(-ll-1Qk+l·
c
The special case of the diophantine equation x2
- dy2 =n with n = lis called Pell's
equation, after John Pell. Although Pell played an important role in the mathematical community of his day, he played only a minor part in solving the equation named in his honor. The problem of finding the solutions of this equation has a long history. Special
c
cases of Pell's equations are discussed in ancient works by Archimedes and Diophantus. Moreover, the twelfth-century Indian mathematician Bhaskara described a method for finding the solutions of Pell's equation. In more recent times, in a letter written in 1657, Fermat posed to the "mathematicians of Europe" the problem of showing that there are infinitely many integral solutions of the equation integer greater than
1
x2 - dy2 = 1,
when
d
is a positive
that is not a square. Soon afterward, the English mathematicians
13.4 Pell's Equation
555
Wallis and Brouncker developed a method to find these solutions, but did not provide a proof that their method works. Euler provided all the theory needed for a proof in a paper published in 1767, and Lagrange published such a proof in 1768. The methods of Wallis and Brouncker, Euler, and Lagrange all are related to the use of the continued fraction of ,Jd. We will show how this continued fraction is used to find the solutions of Pell's equation. In particular, we will use Theorems 13.9and12.24 to find all solutions of 2 2 Pell's equation and the related equation x - dy -1. More information about Pell's =
equation can be found in [Ba03], a book entirely devoted to this equation. Theorem 13.11.
Let d be a positive integer that is not a square.Let
kth convergent of the simple continued fraction of ,Jd, k
=
Pklqk denote the
1, 2, 3 ..., and let
n
be the
period length of this continued fraction. Then, when n is even, the positive solutions of 2 2 the diophantine equation x - dy 1 are x Pjn-1' y qjn-1' j 1, 2, 3 ..., and 2 2 the diophantine equation x - dy -1 has no solutions. W hen n is odd, the positive =
=
=
=
=
JOHN PELL (1611-1683), the son of a clergyman, was born in Sussex, England, and was educated at Trinity College, Cambridge. He became a schoolmaster instead of following his father's wishes that he enter the clergy. After developing a reputation for scholarship in both mathematics and languages, he took a position at the University of Amsterdam. He remained there until, at the request of the Prince of Orange, he joined the faculty of a new college at Breda. Among Pell' s writings in mathematics are a book, Idea ofMathematics, as well as many pamphlets and articles. He corresponded and discussed mathematics with the leading mathematicians of his day, including Leibniz and Newton, the inventors of calculus. 2 2 Euler may have called x - dy = 1 "Pell's equation" because he was familiar with a book in which Pell augmented the work of other mathematicians on the solutions of the equation 2 x 12y2 = n. -
Pell was involved with diplomacy; he served in Switzerland as an agent of Oliver Cromwell, and he joined the English diplomatic service in 1654. He finally decided to join the clergy in 1661, when he took his holy orders and became chaplain to the Bishop of London. Unfortunately, at the time of his death, Pell was living in abject poverty.
BHASKARA (1114-1185) was born in Biddur, in the Indian state of Mysore. Bhaskara was the head of the astronomical observatory at Ujjain, the center of mathematical studies in India for many centuries. He is the best known of all Indian mathematicians of his era. Bhaskara's works on mathematics include Lilavati (The Beautiful) and Bijaganita (Seed Counting), which are both textbooks that cover parts of algebra, arithmetic, and geometry. Bhaskara studied systems of linear equations in more unknowns than equations, and knew many combinatorial formulas. He investigated the solutions of many different 2 2 diophantine equations. In particular, he solved the equation x - dy = 1 in integers ford =
8, 11, 32, 61, and 67, using what he called the "cycle method." One illustration of his keen 2 2 computational skill is his discovery of the solution of x - 61y = 1 with x = 1, 7 66,319,049 and y
=
226, 153,980. Bhaskara also wrote several important books on astronomy, including
the Siddhantasiromani.
556
Some Nonlinear Diophantine Equations solutions of x2-dy2= 1 are x=
p jn-1' y= q jn-1'j= 1, 2, 3, ..., and the solutions 2 2 of x2- dy2= -1 are x= P( j -l)n-1' y= q( j -l)n-1' j= 1, 2, 3, .... 2 2
Proof. Theorem 13.9 tells us that if x0, Yo is a positive solution of x2-dy2= ±1, then xo= Pb Yo= qb where Pk!qk is a convergent of the simple continued fraction of ,Jd. On the other hand, from Theorem 1 2.24, we know that
Pi-dqi= (-l)
k-1
Qk+1'
where Qk+l is as defined as in the statement of Theorem 12.24. Because the period of the continued expansion of
Q0= 1 forj= 1,
2, 3, ... , because
,Jd=
,Jd is
n,
we know that
Qjn=
Po�;. Hence,
jn jn Pj2n-1- d qj2n-1- (-l) Qnj- (-l) _
_
·
Pjn-1' qjn-l is a solution of x2-dy2= 1for j= 1, 2, 3 .. , and when n is odd, p jn-1' q jn-l is a solution of x2- dy2= 1 and 2 2 P (j-l)n-1' q (j-l)n-1 is a solution of x2- dy2= -1forj= 1, 2, 3, .... 2 2 This equation shows that when
n
is even,
.
x2- dy2= 1 and x2- dy2= -1 have no solutions other than those already found, we will show that Qk+l= 1 implies that n I k and that Qi=f. -1forj=1, 2, 3, .... To show that the diophantine equations
We first note that if Qk+l= 1, then
exk+l= Pk+l Because
exk+l= [ak+l; ak+ , 2
+
...], the continued fraction expansion of exk+l is purely
periodic.Hence, Theorem 1 2.23 tells us that -1 that
Pk+l= [ ,Jd], so that exk- ex0, and n I k. To see that
,Jd.
Qj=f. -1 for j=
<
exk+1= Pk+1- ,Jd < 0. This implies
1, 2, 3, ... , note that
Qj =
-1 implies that
exj=
-Pi- ,Jd. Because exj has a purely periodic simple continued fraction expansion, we know that
and
exj=-Pj-,./d>l. From the first of these inequalities, we see that
Pj >-,Jd, and from the second, we see
that Pi < -1 - ,Jd. Because these two inequalities for pj are contradictory, we see that Qj=f.-1.
and
Because we havefound all solutions of x2- dy2= 1 and x2-dy2= -1, where x y are positive integers, we have completed the proof. • We illustrate the use of Theorem 1 3.10 with thefollowing examples.
13.4 Pell 's Equation
557
Because the simple continued fraction of JTI is [3; 1, 1, 1, 1, 6], the positive solutions of the diophantine equation x2 - 13y2 = 1 are PlOj-1' q10j-1' j = 1, 2, 3, ..., where P10j-ifq10j-l is the (lOj - l)th convergent of the simple continued
Example 13.9.
fraction expansion of JTI. The least positive solution is p9 =649, q9 = 180.The positive solutions of the diophantine equation x2 - 13y2 = -1 are p10j_6, j = 1, 2, 3, ...; the ..,... least positive solution is p4 = 18, q + 4 =5. Because the continued fraction of .JI4 is [3; 1, 2, 1, 6], the positive solutions of x2 - 14y2 = 1 are p4j-1' q4j-1' j =1, 2, 3, ..., where p4j_ifqj-l is the Example 13.10.
jth convergent of the simple continued fraction expansion of .JI4. The least positive solution is p3 = 15, q3 =4.The diophantine equation x2 - 14 y2 = -1 has no solutions, because the period length of the simple continued fraction expansion of
.JI4 is even. .....
We conclude this section with the following theorem, which shows how to find all the positive solutions of Pell's equation, x2 - dy2 = 1, from the least positive solution, without finding subsequent convergents of the continued fraction expansion of ,Jd. Let xi, y1 be the least positive solution of the diophantine equation x2 - dy2 = 1, where d is a positive integer that is not a square.Then all positive solutions xb Yk are given by
Theorem 13.12.
k xk + Yk,Jd=(x1 + Y1-Jd) fork = 1, 2, 3, ....(Note that xk and Yk are determined by the use of Lemma 13.4.)
Proof. We must show that xb Yk is a solution fork =1, 2, 3, ..., and that every solution is of this form.
To show that xb Yk is a solution, first note that by taking conjugates, it follows that xk - Yk.Jd =(x1 - y1,Jd)k because, from Lemma 12.4, the conjugate of a power is the power of the conjugate.Now, note that xi - dyi =(xk + Yk,Jd)(xk - Yk,Jd)
k k =(x1 + Y1-Jd) (x1 - Y1-Jd) k =(x i - dy i )
= 1. Hence, xb Yk is a solution fork = 1, 2, 3, .... To show that every positive solution is equal to xb Yk for some positive integerk, assume that X, Y is a positive solution from xb Yk fork =1, 2, 3, ....Then there is an integer n such that (x1 + Y1-Jd)n
<
X + Y ,Jd < (x1 + Y1-Jd)n+l.
When we multiply this inequality by (x1 + y1,Jd)-n, we obtain 1
<
(x1 - Y1-Jd)n(X + Y-Jd)
<
x1 + Y1-Jd,
558
Some Nonlinear Diophantine Equations because
xi- dyi
=
1 implies that x1- y1,Jd
=
1 (x1 + y1,Jd,)- .
Now let
and note that
s2- dt2
=
=
=
=
(s- t,Jd)(s +t,Jd) (x1 + Y1,Jd)n(X- Y,Jd)(x1- Y1,Jd)n(X + Y,Jd) (x;- dy;)n(X2- dY2) 1.
s, t is a solution of x2 - dy2 s + t,Jd < x1 + y1,Jd. Moreover, because 1 0 < (s + t,Jd)- < 1. Hence,
We see that
s
=
and
t This means thats,
t
=
=
1, and,
s + t,Jd
we know that
� [(s + t,Jd) +
(s- t,Jd)
� [(s + t,Jd)-
2
furthermore, we know that
J
(s- t,Jd)
is a positive solution, so thats 2'.:
>
]
xi.
>
1,
1<
we see that
0
>
O.
and
t
2'.:
Yi.
by the choice of
xi. y1 as the smallest positive solution. But this contradicts the inequality s + t,Jd x1 +y1,Jd . Therefore, X, Y must be xb Yk for some choice of k. The following example illustrates the use of Theorem
Example 13.11.
From Example
diophantine equation are given by
xb Yk
x2- 13y2
=
< •
13.11.
13.9, we know that the least positive solution of the 1 is x1 649, y 180. Hence, all positive solutions =
=
where
For instance, we have
X2 + Y2 .Ji3 842,401+233,640.Ji3. Hence, x 842,401, y 233,640 is the least positive solution of x2- 13y2 2 2 than x1 649, y1 180. =
=
=
=
13.4
=
=
1, other .,..
EXERCISES 1. Find all of the solutions, where x and y are integers, of each of the following equations. a)
x2 +3y2
=
4
b) x2 +5y2
=
7
c)
2x2 +7y2
=
x and y are integers, of each of the following equations. b) x2 +4y2 40 c) 4x2 +9y2 100
2. Find all of the solutions, where a)
x2- y2
=
8
30
=
=
13.4 Pell 's Equation
559
3. For which of the following values of n does the diophantine equation x2- 3 ly2 = n have a solution? a) 1
b) -1
d)-3
c) 2
e) 4
f)-45
4. Find the least positive solution in integers of each of the following diophantine equations. a) x2- 29y2 = -1
b) x2- 29y2 = 1
5. Find the three smallest positive solutions of the diophantine equation x2 - 37y2 = 1. 6. For each of the following values of d, determine whether the diophantine equation x2 - dy2 = -1 has solutions in integers. a) 2
c) 6
e) 17
g) 41
b) 3
d) 13
f) 31
h) 5 0
7 . The least positive solution o f th e diophantine equation x 2 - 61y2 = 1 is Xi= 1 ,766,319,049, Yi= 226,1 53,980. Find the least positive solution other than Xi. Yi· *
Pk!qk is a convergent of the simple continued fraction expansion of ../d, then qf I< 1+2../d. I Pi-
8. Show that if d
9. Show that if d is a positive integer divisible by a prime of the form 4k + 3, then the diophantine equation x2 - dy2 = -1 has no solutions.
10. Let d and n be positive integers. a) Show that if r, s is a solution of the diophantine equation x2 - dy2 = 1 and X, Y is a solution of the diophantine equation x2- dy2 = n, then X r ± dYs, Xs ± Yr is also a solution of x2 - dy2 =
n.
b) Show that the diophantine equation x2- dy2 = n either has no solutions or has infinitely many solutions.
11. Find those right triangles having legs with lengths that are consecutive integers. (Hint: Use Theorem 13.1 to write the lengths of the legs as x = s2 - t2 and y = 2st, wheres and t are positive integers such that (s, t) = 1, s
>
t, ands and t have opposite parity.Then x - y = ± 1
implies that (s- t)2 - 2t2 = ±1.)
12. Show that the diophantine equation x4 - 2y4 = 1 has no nontrivial solutions. 13. Show that the diophantine equation x4 - 2y2 = -1 has no nontrivial solutions. 14. Show that if tn, the nth triangular number, equals the mth square, so that n( n + 1)/2 = m2, then x = 2n + 1 and y = m are solutions of the diophantine equation x2 - 8y2 = 1. Find the first five solutions of this diophantine equation in terms of increasing values of the positive integer x and the corresponding pairs of triangular and square numbers.
Computations and Explorations 1. Find the least positive solution of the diophantine equation x2- 109y2 = 1. (This problem was posed by Fermat to English mathematicians in the mid-1600s.)
2. Find the least positive solution of the diophantine equation x2 - 991y2 = 1. 3. Find the least positive solution of the diophantine equation x2- 1,000,099y2 = 1.
560
Some Nonlinear Diophantine Equations
Programming Projects 1. Find those integers n with I n I<
.Jd, such that the diophantine equation x2 - dy2
=
n has no
solutions. 2
2. Find the least positive solutions of the diophantine equations x - dy -1.
2
=
2 2 1 and x - dy
=
3. Find the solutions of Pell's equation from the least positive solution (see Theorem 13.12).
13.5
Congruent Numbers In Section 13 .1, we showed that all Py thagorean triples can be found by determining the rational points on the unit circle. Finding all Py thagorean triples is just one of many problems in number theory that can be studied by finding the rational points on an algebraic curve. We study another such problem in this section. The positive integer N is called a congruent number when there is a rational right triangle with area N. By a rational right triangle, we mean a triangle that has rational side lengths. Similarly, by an integer right triangle, we mean a triangle whose side lengths are integers. Recall that if x, y are the lengths of the legs of a right triangle and z is the 2 2 2 hypothenuse, then x + y = z and the area of the triangle is xy /2. Consequently, the positive rational number N is a congruent number if and only there are rational numbers 2 2 2 z such that x + y = z and xy /2 = N.
x, y and
Example 13.12.
We see that 6 is a congruent number because it is the area of the integer
right triangle with sides of length 3, 4, and 5.
Determining which positive integers are congruent numbers is known as the con
gruent number problem. The earliest known discussion of this problem is found in an anonymous Arabian manuscript written in 972. This manuscript tells us that early Arab mathematicians knew of 30 different congruent numbers. The smallest of these are 5, 6, 14, 15, 21, 30, 34, 65, and 70; the largest is 10,374. In the 13th century, Fibonacci demonstrated that 7 is a congruent number. Furthemore, he stated, but did not prove, that no square is a congruent number. (By a square we mean the square of a positive integer.) In the 17th century, Fermat proved that each of the integers 1, 2, and 3 is not a congruent number. His proof that 1 is not a congruent number established that no square is a congruent number, as we will soon see. The term "congruent number" was introduced in the eighteenth century by Euler. (The reason behind the terminology "congruent number" will be discussed later. The reader should note that the use of the word "congruent" in this terminology is not directly related to congruent integers or congruent triangles.) The history of the congruent number problem is quite extensive; more about this history can be found in [Gu94] and volume 2 of [Di05]. Later in this section we will explain how the congruent number problem is related to finding rational points on certain curves. To learn more recent progress on the congruent number problem, the reader should consult [Ch98], [Ch06],[Co08], [Ko96],
13.5
Congruent Numbers
561
and [SaSa07]. Some of the exposition in this section has been based on material in [Co08] and [SaSa07].
Pythagorean triples and congruent numbers To begin our study of congruent numbers, we first observe that we have to consider only square-free integers when we look for congruent numbers. The reason for this is that an integer is a congruent number if and only its square-free part is a congruent number. (Recall, by Exercise 8 in Section 3.5, that if N is a positive integer, then it can be written as N= u2v where u and v are positive integers; here, v is the square-free part of N). To see this, note that if N is a congruent number, then there is a rational right triangle with area N. Scaling this rational right triangle down by a factor of u, so that the side lengths of the new triangle are the side lengths of the original triangle divided by u, produces a rational right triangle with area v. Similarly, scaling a rational right triangle with area v up by a factor of u gives us a rational right triangle with area N. Recall from Section 13.1 that the integers (a, b, c) is a primitive Pythagorean triple, with b even, if and only there are relatively prime positive integers m and n of opposite parity where m > n such that a= m2 - n2, b= 2mn, and c= m2 + n2. The area of this triangle is ab/2 = (m2 - n2)mn, which is a positive integer. The connection between Pythagorean triples and congruent numbers is made clear by the following theorem, which shows that every congruent number arises from a Pythagorean triple.
Theorem 13.13. If N is a square-free positive integer, then N is a congruent number if and only if there is a positive integer s such that s2N is the area of a primitive right triangle. Consequently, a square-free integer N is a congruent number ifand only ifthere are relatively prime integers m and n of opposite parity and a positive integer s so that • s2N= mn(m + n)(m - n). Proof Suppose that N is a square-free positive integer that is a congruent number. Then N is the area ofa rational right triangle with sides oflength A, B, and C. Lets be the least common multiple of the denominators of the rational numbers A, B, and C. It follows that (sA, sB, sC) is Pythagorian triple and the right triangle with sides of these lengths has area s2N. We will show that (sA, sB, sC) must be a primitive Pythagorian triple. To see this, assume that MisA, MlsB, and MlsC where M is a positive integer. We will show that M= 1. Observe that (sA/M, sB/M, sC/M) is a Pythagorean triple and that the area of the corresponding right triangle is s2N/M2• Because this area is an integer, we know that M21s2N. As N is square-free, it follows that M21s2, and by Exercise 43 in Section 3.5, it follows that MIs. Hence, there is an integer t such that s= Mt and t A, t B, t C are positive integers. Ass is the least common multiple of the denominators of A, B, and C, t must be a multiple of these denominators, and t ::S s; this implies that s= t and M= 1. We have already established the converse in our previous discussion. That is, ifthere is a positive integer s such that s2N is the area of a primitive right triangle with sides of lengths a, b, and c, then N is the area of a rational right triangle with sides of lengths a/s, b/s, and c/s.
562
Some Nonlinear Diophantine Equations
To conclude the proof, we recall that a primitive right triangle has sides of length 2 2 2 2 m - n , 2mn, and m + n where m and n are relatively prime positive integers of 2 2 opposite parity. This means that the area of this triangle is (l/2)(m - n )(2mn) = mn(m + n)(m - n).
•
Theorem 13.13 provides a way to find congruent numbers. More specifically, we 2 2 take the square-free part of (m - n )mn as m and n run through pairs of integers m and n of opposite parity with m
>
n to generate congruent numbers. This process is begun
in Table 13.2, which expands the table of primitive Pythagorean triples in Table 13.1 to include areas and the square-free part of these areas. Theorem 13.13 tell us that if N is a congruent number, it will show up in the last column of a row if we extend this table far enough. However, we may have to wait a long time before a particular square-free congruent number shows up; there is no way to know beforehand how long we will have to wait. We also note that 210 appears twice in the last column of Table 13.2. This means that it is the square-free part of the area of the triangles corresponding to two different Pythagorean triples. We will return to this observation later in this section. The following example illustrates the difficulty of using this approach to show that a positive integer is a congruent number. Example 13.13.
The integers 5, 7, and 53 are all congruent numbers, as we will show.
Looking at Table 13.2, we see that 5 is a congruent number, as it is the square-free part of the area of the primitive right triangle with sides of length 9, 40, and 41, which has 2 = 6 5. Scaling this triangle by dividing the length of each side by 6, we obtain
area 180
a right triangle with sides of length 9 /6 = 3 /2, 40 /6
=
20 /3, and 41/6 with area 5.
We have not included enough rows in Table 13.2 for 7 to appear in the last column. However, 7 would appear if we extended the table far enough to include the values m and n
=
16
9, which produce a primitive right triangle with sides of length 175, 288, and 2 337. The area of this triangle is 25,200 = 60 7. It follows that 7 is a congruent number; =
·
scaling gives us a right triangle with sides of length 175/60
=
35/12, 288/60
=
24/5,
and 337 /60 with area 7.
2
x =m
-n
2
y=2mn
z =m
2
2 +n
2 2 (m -n )mn
square-free part
m
n
2
1
3
4
5
6
6
3
2
5
12
13
30
30
4
1
15
8
17
60
15
4
3
7
24
25
84
21
5
2
21
20
29
210
210
5
4
9
40
41
180
5
6
1
35
12
37
210
210
6
5
11
60
61
330
330
Table 13.2 Some primitive Pythagorean triples and the congruent numbers they produce.
13.5 Congruent Numbers
We also do not see
53
as an entry in the last column of Table
version of this table would have to be huge to show that
13.2. An
563
extended
53 is a congruent number. The
53 appears as the square-free part of the area of a primitive Pythagorean triple produced is form= 1,873,180,325 and n = 1,158,313,156. The area of the associated 2 53. ..,.. triangle is (297,855,654,284,978,790) first time
·
The following theorem, proved by Fibonacci, can help find congruent numbers. It is also a useful tool in many proofs.
a and b are relatively prime positive integers of opposite parity with a> b. W hen any three of a, b, a+ b, and a - b are squares, the fourth of 2 • these numbers equals s N where N is a congruent number and s is an integer.
Theorem 13.14.
Proof
Suppose that
W hen a and
b are relatively prime positive integers of opposite parity and a> b, 2 2 2 2 it follows that (a - b , 2ab, a + b ) is a primitive Pythagorean triple. The primitive 2 2 right triangle corresponding to this triple has area (a - b )ab =(a+ b)(a - b)ab. Of the four cases to consider, we will only consider the case when a, b, and a+ b are squares; we leave the other three cases as an exercise. W hen a, b, anda +bare squares, it follows that (a+
b)ab is a square. Consequently,
J(a+ b)ab is a positive integer and the area of the triangle corresponding to our M2(a - b). This means that a - b is the area of a rational right 2 2 triangle that has legs of lengths (a - b )/M and 2ab /M. Now lets be the least common 2 multiple of the denominators of the lengths of these legs. It then follows that a - b = s N
M=
Pythagorean triple is
where N is a congruent number, completing the proof in this case.
•
We now explain how Theorem 13.14 can be used to find congruent numbers, starting with primitive Pythagorean triples. If (x, x and
y are
y, z)
is a primitive Pythagorean triple, then
relatively prime positive integers of opposite parity. As the reader should
2 y2 are relatively prime integers of opposite parity. We also 2 2 2 2 2 2 2 note that x , y , and x + y = z are all squares. By Theorem 13.14, if x > y , we 2 2 2 2 2 see that x - y = s N where N is a congruent number, while if x < y , we see that y2 - x2 = s 2N where N is a congruent number. The next example illustrate this process. verify, this means that x and
y, x) = (3, 4, 5), we can find 2 2 a congruent number using the process we have just described. We have x = 9, y = 16, 2 2 2 2 x + y = 25, y - x = 7. This means that 7 is a congruent number, as it is square-free. 2 Similarly, beginning with the Pythagorean triple (x, y, z) = (5, 12, 13), we havex = 25, y2 = 144, x2+ y2 = 169, and y2 - x2 = 119. We conclude that 119 is a congruent Example 13.14.
Starting with the Pythagorean triple (x,
number, as it is square-free.
..,..
Determining the Smallest Congruent Number
13.12 and 13.13, we showed that 5, 6, and 7 are congruent numbers. As we mentioned earlier, Fermat showed that none of 1, 2, or 3 is a congruent number. We also 2 know that 4 is not a congruent number, for if 4 were a congruent number, (1/2) 4 = 1 would also be one. Hence, 5 is the smallest integer that is a congruent number.
In Examples
564
Some Nonlinear Diophantine Equations
We now show that no square can be a congruent number. This, of course, shows that 1 is not a congruent number, as it is a square. We leave the proofs that 2 and 3 are not congruent numbers as exercises at the end of this section. Theorem 13.15.
Proof.
The area of a rational right triangle cannot be a square.
•
We use infinite descent to prove the theorem. To begin, suppose that there exists
a rational right triangle with an area that is a square. By multiplying each side by the least common multiple of the demoninators of the sides, we obtain a integer right triangle with an area that is a square. W hen we divide the sides of the integer right triangle by the greatest common divisor of the lengths of its three sides, we obtain a primitive right triangle. So, it follows that the set S of primitive right triangles that have a square as their area is nonempty. By the well-ordering property, applied to the squares of the lengths of the hypotenuses of elements of S, there is a triangle in S with hypotenuse of shortest length. Now suppose that the primitive Pythagorean triple corresponding to this triangle 2 2 2 2 is (m - n , 2mn, m + n ), where m and n are relatively prime positive integers of opposite parity and m
>
n. The area of this triangle is 2 2 (m - n )mn=(m+n)(m - n)mn.
As m and n are relatively prime, the reader can verify that the factors m+ n, m - n, m, and n are pairwise relatively prime. So, because (m+ n)(m - n)mn is a square, each of 2 2 2 2 the four factors are squares. We let m+n=a , m - n=b , m=c , and n=d , where a, b, c, and d are integers. Note that a and b are relatively prime odd integers (as m and n 2 2 have opposite parity), (a +b )/2=m, and the length of the hypotenuse of this triangle 4 4 2 2 is m +n =c +d . Observe that 2 2 2 2d =a - b =(a - b)(a+b). Note that both a - b and a+ b are even (as a and b are odd) and that a common divisor of them divides both (a+b)+(a - b)=2a and (a+b) - (a - b)=2b. Hence, 2 (a - b, a+ b) I 2(a, b)=2, so that (a - b, a+b)=2. This, and the equation 2d = (a - b)(a+ b), implies (as the reader should verify) that one of the two integers a - b 2 2 and a+b is of the form 2u and the other is of the form v where (u, v)= 1. Because 2 2 (a+ b)+(a - b)=2a=2u + v , 2 we see that v must be even. Hence, v is even and v=2w for some positive integer 2 2 2 2 2 2 w. Hence, v =4w and a=u + 2w . Likewise, we find that b=±(u - 2w ) and d=2uw. Consequently, 2 2 2 2 2 2 2 2 m=(a + b )/2=((u + 2w ) +(u - 2w ) )/2=u 4+4w4. 2 2 It follows that (u , 2w , c) is a primitive Pythagorean triple and the corresponding 2 2 4 4 2 triangle has area (u 2w )/2=(uw) and hypotenuse of length c. Because c < c +d ·
13.5 Congruent Numbers
(which follows because
565
c is a positive integer), we have produced another primitive right
triangle whose area is a square with a hypotenuse that is shorter than what we stated was the shortest hypotenuse. This completes the proof by infinite descent.
•
Arithmetic Progressions of Three Squares and Congruent Numbers We will now study a problem that is equivalent to the congruent number problem, but which, at first blush, does not seem to be related to it. This problem asks: W hich positive integers are the common difference of an arithmetic progression of three squares of integers? For example, examining the sequence of squares
1, 4, 9 , 16, 25, 36, 49, 64, 81, 100, 121, 144, . . .
'
we observe that that 1,
25, 49 is such a sequence of three squares with common difference 24. In his 1225 book Liber Quadratorum, Fibonacci called an integer n a congruum if there is an integer x such that x2 ± n are both squares. Consequently, the integer n is a congruum if and only if there is an integer x such that x2 - n, x2, x2+ n is an arithmetic progression of three squares with common difference n. (Equivalently, n is a congruum if and only if there is a solution p, q, r of the two simultaneous diophantine equations q2 - p2= N and r 2 - q2= N.) The word congruum comes from the Latin word congruere, which means to meet together, as do three squares in an arithmetic progression. Fibonacci was concerned with arithmetic progressions of three squares of nonzero integers. What if we broaden our study to include arithmetic progressions of three rational
a2, b2, c2 is an arithmetic progression of three squares of rational N if and only if (sa) 2, (sb) 2, (sc) 2 is a progression of three rational squares with common difference s2N whenever s is an integer. So, if we find an arithmetic progression of three squares with with common difference s2N where N is square-free, we can obtain an arithmetic progression of three rational squares with N as its common difference by dividing each term by s2. numbers? Note that
numbers with common difference
We now show that asking whether a positive integer
N is a congruent number is
the same as asking whether it is the common difference of an arithmetic progression of
N is a congruent number. Then a, b, and c such that a2+ b2= c2 and ab/2= N. Note that (a+ b)2= a2+ 2ab+ b2= (a2+ b2) + 2ab= c2+ 2ab and (a - b) 2= a2 - 2ab+ b2= (a2+ b2) - 2ab= c2 - 2ab. Consequently, (a - b) 2, c2, (a+ b) 2 is an arithmetic progression of three squares with common difference 2ab= 4(ab/2) = 4N. Dividing all the terms of this arithmetic progression by 4 produces the arithmetic progression ((a - b)/2) 2, (c/2) 2, ((a+ b) /2) 2. This is an arithmetic progression of three squares of rational numbers with common difference N. We illustrate this construction with an three squares. First, suppose that the positive integer
there are positive integers
example.
13.13, we showed that 5 is a congruent number because it is the area of the right triangle with sides of lengths a= 3/2, b= 20/3, and c= 41/6. Hence, ((3/2) - (20/3) /2) 2= (31/12) 2, ((41/6) /2) 2= (41/12) 2, and ((3/2) + Example 13.15.
In Example
566
Some Nonlinear Diophantine Equations (20/3))2= (49/12)2 is an arithmetic progression of three squares with common differ ence 5.
<11111
Now suppose that we have an arithmetic progression of three squares of rational numbers x2 - N, x2, x2 + N. How can we construct a rational right triangle with area N? If we let a=Jx2+ N - Jx2 - N, b=Jx2+ N + Jx2 - N, and c = 2x, then
a, b, and c are rational numbers, and we find that a2+ b2= (Jx2+ N - Jx2 - N)2+ (Jx2+ N+ Jx2 - N)2= 4x2=c2 andab/2= (Jx2+ N - Jx2 - N)(Jx2+ N+
Jx2 - N)/2= ( ( x2+ N) - ( x2 - N))/2= N. Hence, N is a congruent number. We illustrate this construction with an example.
Example 13.16.
We have observed that 1, 25, 49 is an arithmetic progression of three
squares with common difference 24= 22 6. We divide each term of this arithmetic ·
progression by 22 = 4 to obtain the arithemtic progression 1/4, 25/4, 49/4 of three rational squares with common difference N=6, which is square-free. To find a rational right triangle with sides oflengthsa, b, andc and area6, we use the value x2= 25/4 in our
J(5/2)2+ 6 b = j(5/2)2+ 6+ j(5/2)2 - 6 =
construction. This produces the right triangle with sidesa, b, c wherea=
j(5/2)2 - 6= J4974 - �= 7/2 - 1/2= 3, J4974+ �= 7/2+ 1/2= 4, and c= 2x= 2(5/2)=5.
<11111
We summarize our observations in the following theorem.
Theorem 13.16.
The positive integer N is a congruent number if and only if N is the
common difference of an arithmetic progression of three squares of rational numbers. •
We have seen that the congruent number problem is equivalent to determining which positive integers are congruum. This equivalence is what is behind the use of the term "congruent number," as the word "congruent" also comes from the Latin word congru ere.
Congruent Numbers and Elliptic Curves According to the definition, a positive integer N is a congruent number if there is a solution in positive rational numbers (a, b, c) to the simultaneous pair of diophantine equations a2+ b2=c2 and ab/2= N. We have also seen that N is a congruent number if there is a solution in rational numbers tine equations
(r, s, t) to the simultaneous pair of diophan s2 - r2 = N and t2 - s2 = N. However, there is a third condition that
characterizes congruent numbers in terms of rational solutions of a single diophantine equation. Suppose that N is a congruent number and that a, b, and c are positive rational numbers with a2 + b2=c2 and ab/2= N. We will show that the triple (a, b, c) cor responds to a rational point on a certain curve. To find this curve and to set up the correspondence, first set
u =c - a, so that c=a+ u. We note that u > 0, because b2=c2 - a2= (c+ a)(c - a)= (c+ a)u. Next, we substitute a+ u for c in the equa 2 tion a2+ b2=c2, which gives us a2+ b2=a2+ 2au+ u . We now simplify and re-
13.5 Congruent Numbers
567
2au=b2- u2. Next, we divide both sides of the equation ab/2=N by b (note that b =j:. 0 because ab= 2N) to see that a= 2N/b. When we substitute 2N/b for a in the equation 2au=b2-u2, we obtain arrange terms to see that
4nu/b=b2-u2. We then multiply both sides of this last equation by b/u3 (note that
u =j:. O; if u=0, then
a=c, which would imply that b=0) to obtain 4N/u2=(b/u)3-(b/u). N3, yielding
Next, we multiply both sides by
(2N2/u)2=(Nb/u)3-N2(Nb/u). We can now conclude that the point
(x, y) where x=Nb/u=Nb/(c-a) and y= 2N2/u=2N2/(c-a) lies on the curve y2=x3- N2x with both
x and y positive because c- a
>
0.
y) is a rational point on the curve y2=x3- N2x. We will find a triple of positive rational numbers (a, b, c) with a2 + b2=c2 and ab/2=N. Observe that if a, b, and c are rational numbers with x=Nb/(c- a) and y=2N2/(c-a), then Now suppose that (x,
x/y=(Nb/(c-a))/(2N2/(c-a))=b/2N. So, we take
b=2Nx/y. Because we want ab/2=N, it follows that a=2N/b. This
tells to take
2 2 2 a=2N/(2Nx/y)=y/2x=y2/2xy=(x3-N x)/2xy=(x -N )/y. We see, after simplification, that
a2 + b2=((x2
_
2 2 2 2 2 N2)/y)2 + (2Nx/y) =(x + N ) /y .
Taking the positive square root, we find that we should take
c=(x2 + N2)/y.
We now summarize what we have shown. Theorem 13.17.
Suppose that
N is a congruent number. Then there is a bijection between the set of triples of positive rational numbers (a, b, c) with a2 + b2= c2 and ab/2= N and rational points (x, y) with x and y both positive on the curve y2=x3-N2x. Under this bijection, the triple (a, b, c) is mapped to the point (x, y) where
x= and the point
Nb --
c-a
, y=
2N2 --
c-a
(x, y) on the curve y2=x3- N2x is mapped to the triple (a, b, c) where a=
x2- N2 2Nx x2 + N2 b = c = ' ' y y y
•
568
Some Nonlinear Diophantine Equations The next theorem is an immediate consequence of Theorem 13.17.
Theorem 13.18.
The positive integer N is a congruent number if and only if there is a 3 - N2x. • = x
rational point (x, y) with both x and y positive on the curve y2
The next two examples illustrate how to use Theorem 13.17.
Example 13.17.
The primitive right triangle with sides 3, 4, and 5 has area N = 6.
Under the correspondence in Theorem 13.17, the triple (3, 4, 5) corresponds to the point 3 2 2 2 (x, y) = ((6 4)/(5 - 3), (2 6 )/(5 - 3)) = (12, 36) on the curve y = x - 6 x = .,.. x3 - 36x. ·
·
Example 13.18.
Table 13.2 shows us that 210 is the area of a right triangle with
sides of length 21, 20, and 29 and the area of a right triangle with sides of length 35, 12, and 37. By Theorem 13.17, we know that these two rational right triangles each 2 3 = x - 210 2x. Under the correspondence
correspond to rational points on the curve y
in this theorem, (21, 20, 29) is mapped to the point (x, y) = ((210 · 20)/(29 - 21), (2 · 2 210 )/(29 - 21)) = (525, 11025) and (35, 12, 37) is mapped to the point (x, y) = ((210 . 12)/(37 - 35), (2 . 210 2)/(37 - 35)) = (1260, 44100). .... Curves of the form y 2
=
x3 - N2x that have arisen in our study of congruent
numbers are examples of elliptic curves. More generally, an elliptic curve is the set of 3 2 points (x, y) that satisfy y = x +ax+ b where a and b are real numbers. Elliptic curves played an essential and surprising role in the proof of Fermat's last theorem. Elliptic curves are also the basis of a powerful factorization method. Furthermore, there is an important public key cryptosystem based on elliptic curves. We will only briefly address some of the properties of elliptic curves here. The study of elliptic curves is fascinating and leads to many unsettled conjectures which have important consequences. The interested reader can learn much more about elliptic curves by consulting [Wa08].
Adding Points on an Elliptic Curve
A key feature of elliptic curves is that we can
use algebraic techniques to construct new points on them using points we already know. In particular, given two points on an elliptic curve e, we can find a new point on e by computing their sum, where this sum is defined using the geometry of the curve, as explained below. (As we shall see, this sum is different from the point whose coordinates are the sums of the respective coordinates of the two points). To see how we define this sum, suppose that P1 = (xi. y1) and P2 = (x2, y2) with x1 =f=. x2 are two points on the 3 = x +ax+ b. To define their sum P1+ P 2 geometrically, we draw the line .e connecting P1 and P2. We will show that this line intersects e in a third point
elliptic curve y2
P�. The sum P1+ P2 is then defined to be the point P3, which is obtained from P� by changing the sign of the y-coordinate. Geometrically, this corresponds to reflecting P� across the x-axis. (A key reason for defining the sum this way is to make it associative; see [Wa08].) We illustrate this procedure in Figure 13.2.
To develop an algebraic formula for P3 = P1+ P2, first note that the slope of the line .e through P1 and P2 is m = (y2 - y1)/(x2 - x1) and that the equation of .e is y
=
m(x - X1)+YI· To determine the third point of intersection of .e and e (P1 and
13.5 Cong ruent Numbers
569
Figure 13.2 Addition of two points with distinct x-coordinates on an elliptic curve. P2 are the other two points of intersection), we substitute the value for y given by the equation of .e into the equation fore. This gives us (m(x - x1)+y1)
2 =
3 x +ax+b.
From this equation, we see that if the point (x, y) is a point of intersection of .e and e, then x is a root of a cubic equation for x, obtained by subtacting the left-hand side of the last displayed equation from the right-hand side. Hence, the coefficient of 2 2 x in this cubic equation is -m • Now, recall that if ri. ri. and r3 are the roots of a 3 2 cubic polynomial x +a2x + a1x +a0, then r1 +r2+r3 -a2. Our third point of 2 intersection of lande is p� (-X3, y3). Consequently, weknow that x1+X2 - X3 m , 2 m(x1 - x3) - Y1· so that x3 m - x1 - x2. It follows that y3 =
=
=
=
=
We now consider the case when when P1
=
P2. Note that as P2 approaches P1
on e, the line between P2 and P1 approaches the tangent line to e at P1. To define P1+P2
=
2Pi. we first draw the tangent line l toe at P1. This line intersects the curve
in a point P'. We change the sign of the y-coordinate to produce the point P3. (We can use implicit differentiation to find the slope ofe at the point P1.) We leave it to reader to complete the details of this case; the resulting algebraic formula is given in the statement of the next theorem. Before we give a formula for the sum of two points P1 and P2 on an elliptic curve that includes all possible cases, we need to introduce the point at infinity, denoted by oo.
This point can be thought of as a point sitting both on top and at the bottom of the
y-axis. For example, when x1 intersect the elliptic curve at this same point
=
oo.
x2 and y1 'I- Yi. .e is a vertical line that is considered to W hen we reflect this point across the x-axis, we obtain
oo.
We can define the sum of two points on an elliptic curve for all possible values of these points.
570
Some Nonlinear Diophantine Equations
Definition.
Addition Formula for Elliptic Curves.
2
Suppose that P1= (xi. y1) and
3 P2= (x2, y2) are points on the elliptic curve y =x +ax+b.
(i)
When P1 i=- P2 and neither is the point at infinity, if x1 i=- x2, define 2 P1 +P2 = (m - x1 - x2' m(x1 - x3) - Y1)
where m= (y2 - y1)/(x2 - x1) and if x1=x2' but y1 i=- Y2' define P1 +P2= oo.
(ii) When P1=P2 is not the point at infinity, if y1=y2 i=- 0, define 2 P1 +P2 = 2P1= (m - 2xi. m(x1 - x3) - Y1)
where m= ( 3xf +a)/2Y1 and define P1 +P2= oo
if Y1=Y2=0. (iii) Finally, define P +oo=P
for all points P on the elliptic curve (including oo). Addition of points on an elliptic curve, as we have defined it, satisfies commutativity, P1 +P2 =P2 +P1 for all points P1 and P2; existence of identity, P +oo=P for all points P; existence of invers es, for all points P, there exists a point P' such that P +P'= oo; and ass oci ativity, (P1 +P2) +P3=P1 +(P2 +P3) for all points Pi. P2, and P3 . (See [Wa08] for proofs of these properties.) Note that given two distinct rational points P1 and P2 on an elliptic curve, their sum is again a rational point, as the reader should verify from the definition. Similarly, given a rational point P on an elliptic curve, its algebraic do uble 2P, and all points of the form kP, where k is a positive integer, are also rational points on this curve. Hence, when 2 2 3 we know one or more rational points on the elliptic curve y =x - N x where N is a positive integer, we can use addition of points to construct other rational points. Each rational point we find corresponds to a rational right triangle with area N. T he following example shows how to use algebraic doubling to find additional right triangles with a given area. In Example 13.17, we found the rational point P= (x, y) = (12, 36) 2 3 on the elliptic curve y =x - 36x corresponding to the rational right triangle with sides 3, 4, 5. We can find another rational right triangle with area 6 by finding the rational right triangle that corresponds to 2P, the algebraic double of (12, 36) on this elliptic curve. Example 13.19.
To compute 2P, we first find the slope of the tangent line i to the curve at (12, 36) . This slope is m= (3 122 - 36)/(2 36)= 11/2. We use the value of the slope to find 2 2 that x1= m - 2x1= (1 1/2) - 2 12= 25/4. Next, we use the value of x1 to find ·
·
·
13.5 Congruent Numbers that m(xI - x3) -
571
YI= 11/2(12 - 25/4) - 36= 11/2 23/4 - 36= 253/8 - 288/8= -35/8. This means that 2P = (25/4, -35/8). ·
To use the correspondence in Theorem 13.17, we want a point with positive y coordinate. Note that we can change the sign of the y-coordinate to get the point (25/4, 35/8) on the curve. By Theorem 13.17, we find that the triple (a, b, c) correspond 2 ing to (25/4, 35/8) has a= ((25/4) - 36)/(35/8)= 7 /10, b= (2 6 25/4)/(35/8)= 2 2 120/7, and c= ((25/4) + (35/8) )/(35/8)= 1201/70. It follows that that the rational ·
·
right triangle with sides of length 7 /10, 120/7, and 1201/70 also has area 6. This pro cedure can be iterated to find additional rational right triangles with area 6 (see Exercise .,..
6 in the Computations and Explorations).
Using the doubling formula illustrated in Example 13.19, it can be shown that when N is a congruent number, there are infinitely many different rational triangles with area N. A proof of this result, using properties of rational points on elliptic curves beyond the scope of this book, can be found in [Ch06]. The next example shows how to use the two rational right triangles with area N to find additional rational right triangles with the same area.
Example 13.20. In Example 13.18, we found two rational points on the elliptic curve 3 y2= x - 2102 x. These points are PI= (525, 11025), which corresponds to the rational right triangle with side lengths 21, 20, and 29, and P2= (1260, 44100), which corre sponds to the rational right triangle with side lengths 35, 12, and 37. We can find another rational right triangle with area 210 by computing PI+ P2 . To find this sum, first note that 2 2 m= (44100 - 11025)/(1260 - 525)= 45. Consequently, x3= m - xI - x2= 45 525 - 1260= 240 and y3= m(xI - x3) - YI= 45(525 - 240) - 11025= 1800. We find that PI+ P2= (240, 1800). 2 By Theorem 13.17, (240, 1800) corresponds to the triple (a, b, c) with a= (240 2 210 )/1800= (57600 - 44100)/1800= 15/2, b= 2 210 240/1800 = 56, and c= 2 2 (240 + 210 )/1800= 113/2. This means that the rational right triangle with sides of ·
length 15/2, 56, and 113/2 also has area 210.
An Algorithm for Congruent Numbers
·
.,..
We conclude this section with an efficient
algorithm for determining whether a positive integer is a congruent number. Unfortu nately, it is not yet known whether this algorithm always yield the correct answer. This algorithm is based on a theorem proved in 1983 by Jerrold Tunnell in [Tu83]. The proof of this theorem is based on deep results about elliptic curves and modular forms and is beyond the scope of this book (see [Ko96] for a proof ).
Theorem 13.19.
Tunnell's Theorem.
Let
An, Bn, en, and Dn, where n is a positive 2 integer, be the number of solutions in integers x, y, z of the equations n = 2x + 2 2 2 2 2 2 2 2 2 2 2 y + 32z , n = 2x + y + 8z , n = 8x + 2y + 64z , and n = 8x + 2y + 16z , respectively. If n is a congruent number, then if n is odd, An= Bn/2, and if n is even, en= Dn/2. Conversely, under the assumption that the Birch-Swinnerton Dyer
572
Some Nonlinear Diophantine Equations
conjecture holds, if
n
is odd and
An= Bn/2 or
if
n
is even and
en= Dn/2,
then
n
is a
congruent number.
•
To use Tunnell's theorem to determine whether a postive integer is a congruent number, we find
An, Bn, en,
and
Dn
and check the appropriate equality. This can be
done efficiently because these quantities can be found quickly by brute force. Tunnell's theorem can tell us that an integer is not a congruent number, but it cannot itself tell us with certainty that an integer is a congruent number. Of course, this uncertainty would be removed if the Birch-Swinnerton Dyer conjecture were proved. The following example illustrate the use of Tunnell's theorem.
Example 13.21.
Tunnell's theorem can confirm Fermat's result that 3 is not a congruent
number. We note that
A3=
4 and
B3=
4, as the solution in integers of both 3= 2x2 +
y2 + 32z2 and 3= 2x2 + y2 + 8z2 are x= ±1, y= ± 1, z= 0. Because
A3 'I- B3/2,
it
follows that 3 is not a congruent number. The conjectural part of Tunnell's theorem predicts that 34 is a congruent number.
e34= 4 because the solutions in integers x, y, z of 34= 8x2 + 2y2 + 64z2 are x = ±2, y= ± 1, z= 0 and D34= 8 because the solutions in integers x, y, z of 34= 8x2 + 2y2 + 16z2 are x= ±2, y= ±1, z= 0, and x= ±0, y= ±3, z= ±1. Hence, e34= D34/2. So, under the assumption that the Birch-Swinnerton Dyer To see this, note that
conjecture holds, it follows that 34 is a congruent number. We leave it to the reader to confirm this by finding a rational right triangle with area 34. (See Exercise 2 in the ..,...
Computations and Explorations).
13.5
EXERCISES 1. Show that the area of a primitive Pythagorean triangle is even. 2. Find the congruent numbers that appear in the last column of an extended version of Table
13.2 that includes rows corresponding to m = 7 and
n
= 2,
4, 6.
3. Find the congruent numbers that appear in the last column of an extended version of Table
13.2 that includes rows corresponding to m = 8 and
n
= 1, 3,
5, 7.
4. Find the congruent numbers that appear in the last column of an extended version of Table
13.2 that includes rows corresponding to m = 9 and
n
= 2,
4, 8.
5. Find the square-free congruent number corresponding to the area of the primitive right triangle corresponding to these Pythagorean triples. a) (1 5, 8, 17)
b) (7, 24, 25)
c) (21, 20, 29)
d) ( 9, 40, 41)
6. Find the square-free congruent number corresponding to the area of the primitive right triangle corresponding to these Pythagorean triples. a) (35, 12, 37)
b) (11, 60, 61)
c) (45, 28, 53)
d) (33, 56, 65)
7. Show that there are infinitely many different congruent numbers. 8. Complete the proof of Theorem 13.14 by dealing with the three cases not addressed in the text.
13.5 Congruent Numbers 9. Use the fact that 1 is not a congruent number to show that the right triangle with two legs of length
,./2,.)
10. Use the fact that 2 is not a congruent number to show that
573
,./2, is not rational. (Hint: Consider ,./2, is not rational. (Hint: Consider
the right triangle with two legs of length 2.) *
11. Use the method of infinite descent to show that no integer that is twice a square is a congruent number.
**
12. Prove that 3 is not a congruent number. (Hint: Use Theorem 13.14. Three of the four cases are straightfor ward, but the fourth is quite complicated.) 13. Explain why these integers cannot be the common difference of an arithmetic progression of three squares. a) 1
c) 25
b) 8
d) 48
14. Explain why these integers cannot be the common difference of an arithmetic progression of three squares. b) 9
a) 2
c) 32
d) 300
2 15. Find a rational number such that r ± 7 are both squares of rational numbers. 2 16. Find a rational number such that r ± 15 are both squares of rational numbers. 17. Construct a right triangle with rational sides with area 21 starting with the arithmetic pro gression of three squares 289, 625, 961 with common difference 336. 18. Construct a right triangle with rational sides with area 210 starting with the arithmetic progression of three squares 529, 1369, 2209 with common difference 840. 19. In this exercise, we show that finding all arithmetic progressions of three rational squares is 2 2 equivalent to finding all rational points on the circle x + y 2. (See Exercise 21 inSection =
13 .1 for a parameterization of these points.) a) Show that if a
2, b2, c2 is an arithmetic progression of positive integers, then (a/b, c/b) is
2 2 a rational point on the circle x + y 2. 2 2 2 b) Show that if x + y 2, wherex andy are rational, andt is a nonzero integer, then (tx ) , 2 2 t , (ty) is a progression of three rational squares. =
=
2 20. Use the mapping in Theorem 13.17 to find the rational point on the elliptic curve y x3 25x corresponding to the rational right triangle with sides of lengths 3/2, 20/3, and =
-
41/6. 2 21. Use the mapping in Theorem 13.17 to find the rational point on the elliptic curve y x3 49x corresponding to the rational right triangle with sides of length 35/12, 24/ 5, and =
-
337/60. 22. Show that there are no rational points (x, y) with x and y positive on the elliptic curve 2 y x3 x. (Hint: Use the fact that 1 is not a congruent number.) =
-
23. Show that there are no rational points (x, y) with x and y positive on the elliptic curve 2 y x3 4x. (Hint: Use the fact that 2 is not a congruent number.) =
-
24. Complete the derivation of the algebraic doubling formula for a point on an elliptic curve. 2 25. Use algebraic doubling, starting with the point on the elliptic curve y x3 25x found in Exercise 20, to find a rational right triangle with area 5 different than the one with sides of =
length 3/2, 20/3, and 41/6.
-
574
Some Nonlinear Diophantine Equations 26. Use algebraic doubling, starting with the point on the elliptic curve y
2
3 x - 49x found in
=
Exercise 21, to find a rational right triangle with area 7 different than the one with sides of length 35/12, 24/5, and 337 /60.
27. Add the points (12, 36) and (25/4, -35/8) on the elliptic curve y
2
=
x3 - 36x, and use
Theorem 13.17 to find a rational right triangle with area 6 different from the ones with side lengths of 3,4, and 5 and 7/10, 120/7, and 1201/70.
2 28. Add the points (240, 1800) and (1260, 44100) on the elliptic curve y
=
x3 - 210X, and
use Theorem 13.17 to find a rational right triangle with area 210 different from the three mentioned in Example 13.20.
29. Find two arithmetic progressions of three rational squares with common difference 6 other 2 2 2 than the arithmetic progression (1/2) , (5/2) , (7 /2) . 30. Find two different arithmetic progressions of three rational squares with common differ ence 21.
31. Use Tunnell's theorem to show that these integers are not congruent numbers. a) 1
b) 10
c) 17
32. Use Tunnell's theorem to show that these integers are not congruent numbers. b) 10
a)2
c) 126
33. Assuming the Birch-Swinnerton Dyer conjecture, use Tunnell's theorem to show that 41 is a congruent number.
34. Assuming the Birch-Swinerton Dyer conjecture, use Tunnell's theorem to show that 157 is a congruent number.
35. Euler conjectured, but did not prove, that if n is a square-free positive integer and n
=
5, 6 or
7 (mod 8), then n is a congruent number. Assuming the Birch-Swinnterton Dyer conjecture, use Tunnell's theorem to prove this conjecture. A triangle is called a Heron triangle if the lengths of its sides and its area are all rational. These triangles are named after Heron of Alexandria, who showed that the area of a triangle with sides of length a, b, c is
.Js(s - a)(s - b)(s - c) wheres= (a + b +
c)/2. Recall that if() is the angle
formed by the sides of length a and b, then the area equals ab sin() /2. Also recall that by the law 2 2 2 of cosines, c = a + b - 2ab cos().
36. Show that if a triangle has sides of length 13, 14, 15, then it is a Heron triangle. *
37. Show that if n is positive integer, then there is a Heron triangle of area n. (Hint: Glue together two triangles with sides of length 2, Ir - (1/r)I , Is - (1/s)I where r
=
2n/(n - 2)
ands= (n - 2) /4, and scale the triangle appropriately.) 38. Show that if a Heron triangle has side lengths x, y,
z,
and the angle between the sides of
length x and y is(), then cos() and sin() are rational numbers and the point (sin(), cos()) is a rational number t such that sin()
=
J!
1
and cos ()
=
:���.
We call an integer a t-congrue nt number if there are rational numbers a, b, c such that ab(
2 2 2n and a + b number.)
=
2ab(
:���)
=
2 c . (When t
=
J!1)
=
1, a t-congruent number is the same as a congruent
39. a) Suppose that t is a rational number. Show that a positive integer n is at-congruent number 2 if and only if both n / t and t + 1 are rational squares or if there is a rational point (x, y)
13.5 Congruent Numbers with y =j:. 0 on the curve y2 = (x -
575
T) (x + nt). (Hint: Show that if a, b, and c satisfy the
equations in the definition and b =j:. c, then (a2 /4, (ab2 - ac2)/8) lies on this curve. When (x, y) lies on the curve and y =j:. 0, let a= l(x2 + y2)/yl, b= l(x - (n/t))(x + nt)/yl; and when y= 0, let a= 2...;nri, b= c= Jn(t2 + l)/t.) b) Show that the point (-6, 30) lies on the curve y2 = (x - !j-)(x + nt) when n= 12 and t= 4/3.
c) Use part (a) to show that 12 is a 4/3-congruent number and find the lengths of the sides and the area of a triangle with rational side lengths and area 12. d) Conclude from Exercise 31 that if n is a positive integer, then there is a rational number t such that n is a t-congruent number. 40.
This exercise introduces another problem that can be solved by finding rational points on an elliptic curve. Consider a collection of balls arranged in a square pyramid with x square layers, with one ball in the top layer, four in the layer below that, and so on, with x2 in the bottom layer. a) Show that we can rearrange the balls in the pyramid into a single square of side y if and only if there is a positive integer solution (x, y) to y2 = x (x + 1)(2x + 1) /6. b) Show that if 1 ::::= x ::::= 10, it is possible to arrange the balls into a square pyramid only when X= 1. c) Show that both (0, 0) and (1, 1) lie on the curve y2 = x(x + 1)(2x + 1)/6. Find the sum of (0, 0) and (1, 1) on this curve. d) Find sum of the point youfound in part{c) and (1, 1). Show that this sum leads to a positive integer solution.
Computations and Explorations 1. Extend Table 13.2 to include rows for every pair of integers m and n of opposite parity with 50 ::=: n > m. 2.
Show that 34 is a congruent number by finding a Pythagorean triple such that the square-free part of the area of the corresponding triangle is 34.
3.
Show that 39 is a congruent number by finding a Pythagorean triple such that the square-free part of the area of the corresponding triangle is 39.
4.
Find the rational point on the elliptic curve y2 = x3 - 532x corresponding to the primitive Pythagorean triple a= m2 - n2, b= 2mn, c= m2 + n2 with m= 1,873,180,325 and n= 1, 158,313, 156.
5. Find as many arithmetic progressions of three squares as you can by examining the sequence of squares of integers. 6.
Find as many different rational right triangles as you can with area 6 by successive algebraic doubling of points on the elliptic curve y2 = x3 - 36x.
7.
Find as many different rational right triangles as you can with area 210 by successive algebraic doubling of points on the elliptic curve y2 = x3 - 2102x.
8.
Use the fact that (111, 6160, 6161), (231, 2960, 2969), (518, 1320, 1418), and (280, 2442, 2458) are four Pythagorean triples each corresponding to a right triangle with area 341,880= 22 170, 940 to find four different rational points on the elliptic curve y2 = x3 - 170, 9402x. By adding pairs of these points, find additional rational right triangles with area 170,940. •
576
Some Nonlinear Diophantine Equations
Programming Projects 1. Given a positive integer U, extend Table 13.2 to include rows for every pair of integers and
n
of opposite parity with U
2. Given an elliptic curve y
2
=
m
> m > n.
3 x + ax + b and two points on this curve, find the sum of these
points. 3. Given the side lengths of a rational right triangle with area N, find the associated point on the 3 2 2 elliptic curve y x - N x. Then use algebraic doubling to find additional rational points =
on the curve and the associated rational right triangles with area N.
14 I
The Gaussian Integers
n previous chapters, we studied properties of the set of integers. A particularly appeal ing aspect of number theory is that many basic properties of the integers relating to
divisibility, primality, and factorization can be carried over to other sets of numbers. In this chapter, we study the set of Gaussian integers, numbers of the form
a+bi, where
a and b are integers and i= .J=I. We introduce the concept of divisibility for Gaussian
integers, and establish a version of the division algorithm for them. We describe what it means for a Gaussian integer to be prime, and develop the notion of greatest common divisors for pairs of Gaussian integers. Moreover, we show that Gaussian integers can be written uniquely as the product of Gaussian primes (taking into account a few minor details). Finally, we show how to use the Gaussian integers to determine how many ways a positive integer can be written as the sum of two squares. The material in this chapter is a small step into the world of algebraic number theory, the branch of number theory devoted to the study of algebraic numbers and their properties. Students continuing their study of number theory will find this fairly concrete treatment of the Gaussian integers a useful bridge to more advanced studies. Excellent references for the study of algebraic number theory include [A1Wi03], [Mo99], [Po99], and [RiOl].
14.1
Gaussian Integers and Gaussian Primes In this chapter, we extend our study of number theory into the realm of complex numbers. We begin with a brief review of the basic properties of the complex numbers for those who have either never seen this material or need a brief refresher. The complex numbers are the numbers of the formx +y i, where i=
.J=I. Complex
numbers can be added, subtracted, multiplied, and divided, according to the following rule:
(a+bi)+(c+di)= (a+c)+(b+d)i (a+bi) - (c+di)= (a - c)+(b - d)i (a+ bi)(c+di)= ac+adi+bci+ bdi2= (ac - bd)+(ad+bc)i a+bi --
c+di
=
a+bi c+di
.
c - di c - di
=
ac+bd c2+d2
+
(-ad+bc)i c2+d2
.
Note that addition and multiplication of complex numbers are commutative. We use the absolute value of an integer to describe the size of this integer. For complex numbers, there are several commonly used ways to describe the size of numbers. 577
578
The Gaussian Integers Definition.
If z
x + iy is a complex number, then lzl, the absolute value of z, equals
=
lzl and
=
Jx2 + y2,
N (z), the norm of z, equals
Given a complex number, we can form another complex number with the same absolute value and norm by changing the sign of the imaginary part of the number.
Definition.
conjugate of the complex number z complex number x - iy. The
=
a + bi, denoted by z, is the
Note that if w and z are two complex numbers, then the conjugate of wz is the product of the conjugates of
w and z. That is, (wz)
=
(W)(Z). Also note that if
z
=
x + iy is a
complex number, then
zz
=
(x + iy)(x - iy)
=
x2 + y2
=
N (z).
Next, we prove some useful properties of norms.
Theorem 14.1.
The norm function
N from the set of complex numbers to the set of
nonnegative real numbers satisfies the following properties. (i)
N (z) is a nonnegative real number for all complex numbers z.
(ii)
N (zw)
(iii)
N (z)
=
=
N (z) N (w) for all complex numbers z and w.
0 if and only if z
=
0.
Proof. To prove (i), suppose that z is a complex number. Then z x + iy, where x and y are real numbers. It follows that N (z) x2 + y2 is a nonnegative real number because both x2 and y2 are nonnegative real numbers. =
=
To prove (ii), note that
N (zw) whenever
=
(zw)(zw)
=
(zw)(Z W)
=
(zZ)(wW)
=
N (z) N (w),
z and w are complex numbers.
0 + Oi, so that N (0) 02 + 02 0. Conversely, suppose that N(x + iy) 0, where x and y are integers. Then x2 + y2 0, which implies that x 0 and y 0 because both x2 and y2 are nonnegative. Hence, x + iy 0 + iO 0. To prove (iii), note that 0 =
=
=
=
=
=
=
=
=
•
Gaussian Integers In previous chapters, we generally restricted ourselves to the rational numbers and integers. An important branch of number theory, called algebraic number theory, extends the theory we have developed for the integers to particular sets of algebraic integers. By an algebraic integer, we mean a root of a monic polynomial (that is, with leading
14.1 Gaussian Integers and Gaussian Primes
G
coefficient
579
1) with integer coefficients. We now introduce the particular set of algebraic
integers we will study in this chapter.
Definition. Complex numbers of the form a +bi, where a and b are integers, are called Gaussian integers. The set of all Gaussian integers is denoted by Z[i]. Note that if y
=
a +bi is a Gaussian integer, then it is an algebraic integer satisfying
the equation
y 2 - 2ay + (a2 + b2)
=
0,
as the reader should verify. Because
y satisfies a manic polynomial with integer coeffi cients of degree two, it is called a quadratic irrationality. Conversely, note that ifex is a number of the form r + si, where r and s are rational numbers and ex is a root of a monic quadratic polynomial with integer coefficients, then ex is a Gaussian integer (see Exercise
22.) The Gaussian integers
are
named after the great German mathematician
Carl Friedrich Gauss, who was the first to extensively study their properties. The usual convention is to use Greek lett.ers, such as Gaussian integers. Note that if
a, {3, y, and S, to denote n + Oi is also a Gaussian integer.
n is an integer, then n We call an integer n a rational integer when we are discussing Gaussian integers. =
The Gaussian integers are closed under addition, subtraction, and multiplication, as the following theorem shows.
Theorem 14.2. Suppose that a x + iy and f3 w+ iz are Gaussian integers, where x, y, w, and z are rational integers. Then ex + {3, ex - {3, and exf3 are all Gaussian integers. =
=
Proof We have a+ f3 (x + iy) + (w + iz) (x + w) + i(y + z), a - f3 (x+ iy) - (w + iz) (x - w)+ i(y - z), andex/3 (x + iy)(w + iz) xw + iyw + ixz + i 2 yz (xw - yz) + i(yw + xz). Because the rational integers are closed under addition, subtraction, and multiplication, it follows that each of a+ {3, a - {3, and af3 =
=
=
=
=
=
=
are
Gaussian integers.
•
Although the Gaussian integers are closed under addition, subtraction, and multipli cation, they are not closed under division, which is also the case for the rational integers. Also, note that if a
=
a +bi is a Gaussian integer, then N(a)
=
a2 +b 2 is a nonnegative
rational integer.
Divisibility of Gaussian Integers We can study the set of Gaussian integers much as we have studied the set of rational integers. There are straightforward analogies to many of the basic properties of the integers for the Gaussian integers. To develop these properties for the Gaussian integers, we need to introduce some concepts for the Gaussian integers analogous to those for the ordinary integers. In particular, we need to define what it means for a Gaussian integer to divide another. Later, we will define Gaussian primes, greatest common divisors of pairs of Gaussian integers, and other important notions.
580
The Gaussian Integers
Definition.
Suppose that a and fJ are Gaussian integers. We say that a
exists a Gaussian integer y such that fJ a does not divide fJ, we write a Example 14.1.
We see that
=
1 fJ.
2 - i 113+i because (2 - i)(S+3i)
However,
divides fJ if there I fJ, whereas if
ay. If a divides fJ, we write a
=
13+i.
3+2i 1 6+Si because 6+Si 3+2i
(6+Si)(3 - 2i)
28+3i
(3+2i)(3 - 2i)
28
1_3 _
_
=
13
+
-
3i 13
-,
which is not a Gaussian integer.
-i I (a+bi) for all Gaussian integers a+ bi because a+bi -i(-b+ai), whenever a and bare integers. The only other Gaussian integers that divide all other Gaussian integers are 1, -1, and i. We will see why this is true later
Example 14.2.
We see that
=
..,...
in this section.
3+2i are the numbers (3+ 2i)(a+ib), where a and b are integers. Note that (3+ 2i)(a+ib) 3a+2ia+3ib+2i2b (3a - 2b)+i(2a+ 3b). We display these Gaussian integers
Example 14.3.
The Gaussian integers divisible by the Gaussian integer
=
=
in Figure 14.1.
..,...
4 +1i
1+5i 6 +4i -2 +3i 3 +2i -5 +i
8 +i
5-i -3-2i
10-2i 2- 3i 1- 4i
-l- 5i 4-6i
Figure 14.1 The Gaussian integers divisible by 3 + 2i.
14.1 Gaussian Integers and Gaussian Primes
581
Divisibility in the Gaussian integers satisfies many of the same properties satisfied by divisibility of rational integers. For example, if
a, f3, and y are Gaussian integers and a I f3 and f3 I y, then a I y. Furthermore, if a, f3, y, v, and µ, are Gaussian integers and y I a and y I {J, then y I (µa+ vf3). We leave it to the reader to verify that these
properties hold. In the integers, there are exactly two integers that are divisors of the integer
1,
1 and -1. We now determine which Gaussian integers are divisors of 1. We
namely,
begin with a definition.
Definition. A Gaussian integerEis called a unit ifEdivides 1. WhenEis a unit, Ea is an associate of the Gaussian integer a We now characterize which Gaussian integers are units in a way that will make them easy to find.
Theorem 14.3.
A Gaussian integerEis a unit if and only if
N (E)=1.
v such thatEV= 1. By part (ii ) of Theorem 14.1, it follows that N(Ev)=N(E)N(v)=1. Because E and v are Gaussian integers, both N(E) and N(v) are positive integers. It follows that N(E)=N(v)=1. Proof
First suppose thatEis a unit. Then there a Gaussian integer
Conversely, suppose that N(E)=1. ThenEE=N(E)=1. It follows thatE 11 andE is a unit.
•
We now determine which Gaussian integers are units.
Theorem 14.4.
The Gaussian integers that are units are
1, -1, i, and -i.
Proof By Theorem 14.3, the Gaussian integer E=a+bi is a unit if and only if N(E)=1. Because N(E)=N(a+bi)=a2+b2,Eis a unit if and only if a2+b2=1. Because a and b are rational integers, we can conclude that E=a+bi is a unit if and only if (a, b)=(1, 0), (-1, 0), (0, 1), or (0, -1). It follows that Eis a unit if and only • ifE=1, -1, i, or -i. Now that we know which Gaussian integers are units, we see that the associates of a Gaussian integer f3 are the four Gaussian integers
f3, -f3, if3, and -if3.
Example 14.4. The associates of the Gaussian integer -2+3i are -2+3i, -(-2+ 3i)=2 - 3i, i(-2+3i)=-2i+3i2=-3 - 2i, and -i(-2+3i)=2i - 3i2=3+ ..... 2i.
Gaussian Primes Note that a rational integer is prime if and only if it is not divisible by an integer other than
1, -1, itself, or its negative. To define Gaussian primes, we want to ignore divisibility by units and associates.
582
The Gaussian Integers
Definition.
A nonzero Gaussian integer
rr is a Gaussian prime if it is not a unit and is
divisible only by units and its associates. It follows from the definition of a Gaussian prime that a Gaussian integer rr is prime if and only if it has exactly eight divisors, the four units and its four associates, namely, 1, -1,
i, -i, rr, -rr, irr, and -irr. (Units in the Gaussian integers have exactly four
divisors, namely, the four units. Gaussian integers that are not prime and are not units have more than eight different divisors.) An integer that is prime in the set of integers is called a rational prime. Later we will see that some rational primes are Gaussian primes, but some are not. Prior to providing examples of Gaussian primes, we prove a useful result that we can use to help determine whether a Gaussian integer is prime.
Theorem 14.5. then
If rr is a Gaussian integer and N(rr)
=
p, where p is a rational prime,
rr and rr are Gaussian primes, but p is not a Gaussian prime.
Proof Suppose that rr afJ, where a and fJ are Gaussian integers. Then N(rr) N(afJ) N(a)N(fJ), so that p N(a)N(fJ). Because N(a) and N(fJ) are positive in tegers, it follows that N(a) 1 and N(fJ) p or N(a) p and N(fJ) 1. We conclude by Theorem 14.3 that either a is a unit or fJ is a unit. This means that rr cannot be factored =
=
=
=
=
=
=
=
into two Gaussian integers neither of which is a unit, so it must be a Gaussian prime. Note that N(rr)
=
rr · rr. Because N(rr)
=
p, it follows that p
that pis not a Gaussian prime. Note that because N Of)
=
rrrr, which means p, rr is also a Gaussian prime. =
•
We now give some examples of Gaussian primes.
Example 14.5.
We can use Theorem 14.5 to show that
2 - i is a Gaussian prime because N(2 - i) 5 and 5 is a rational prime. Also, note that 5 (2 +i)(2 i), so that 5 is not a Gaussian prime. Similarly, 2 +3i is a Gaussian prime because N(2 +3i) 22 +32 1 3 and 13 is a rational prime. Moreover, 13 is not a Gaussian
22 + 12
=
=
=
=
=
The converse of Theorem 14.5 is not true. It is possible for a Gaussian prime to have a norm that is not a rational prime, as we will see in Example 14.6.
Example 14.6.
The integer 3 is a Gaussian prime, as we will show, but N(3) 2 N(3 +Oi) 3 +02 9 is not a rational prime. To see that 3 is a Gaussian prime, suppose that 3 (a +bi)(c +di), where a +bi and c +di are not units. By taking =
=
=
=
norms of both sides of this equation, we find that
N(3)
=
N((a +bi)· (c +di)).
It follows that 9
=
N(a +ib)N(c +id),
14.1 Gaussian Integers and Gaussian Primes
583
a+ib nor c+id is a unit, N(a+ ib) f. 1 and N(c+id) f. 1. Consequently, N(a+ib)= N(c+id)= 3. This means that N(a+ib)= a2+b2= 3, which is impossible because 3 is not the sum of two squares. using part (ii) of Theorem 14.1 . Because neither
It follows that 3 is a Gaussian prime.
<11111
We now determine whether the rational prime
2 is also a Gaussian prime.
2 is a Gaussian prime, we determine whether there are Gaussian integers a and fJ neither a unit such that 2 = afJ, where a= a+ib and fJ= c+ id. If 2= afJ, by taking norms, we see that
Example 14.7.
To determine whether
N(2)= N(a)N(fJ). Because
N(2)= N(2+Oi)= 22+02 = 4, this means that N(a)N(fJ)= (a2+b2)(c2+d2)= 4.
Because neither a nor fJ is a unit, we know that N(a) f. 1 and N(fJ) f. 1. It follows that
a2+b2= 2 and c2+d2= 2 so that each of a, b, c, and d equals 1 or -1. Consequently, a and fJ must take on one of the values 1+i, -1+i, 1 - i, or -1 - i. On inspection, we find that when a= 1+i and fJ= 1 - i, we have afJ= 2. We conclude that 2 is not a Gaussian prime and 2= (1+i)(l - i). However, 1+i and 1 - i are both Gaussian primes, because N( 1+i)= N( 1 - i)=
2 and 2 is prime, so that Theorem 14.5 applies.
<11111
Looking at Examples 14.5, 14.6, and 14.7, we see that some rational primes are also
2 = (1 - i)(l+i) and (2+i)(2 - i), are not Gaussian primes. In Section 14.3, we will determine which
Gaussian primes, such as 3, while other rational primes, such as 5=
rational primes are also Gaussian primes and which are not.
The Division Algorithm for Gaussian Integers In the first chapter of this book, we introduced the division algorithm for rational integers, which shows that when we divide an integer a nonnegative remainder
r
less than
a by a positive integer divisor b, we obtain
b. Furthermore, the quotient and remainder we
obtain are unique. We would like an analogous result for the Gaussian integers, but in the Gaussian integers it does not make sense to say that a remainder of a division is smaller than the divisor. We overcome this difficulty by developing a division algorithm where the remainder of a division has norm less than the norm of the divisor. However, unlike the situation for rational integers, the quotient and remainder we compute are not unique, as we will illustrate with a subsequent example.
The Division Algorithm for Gaussian Integers. Let a and fJ be Gaussian integers with fJ f. 0. Then there exist Gaussian integers y and p such that
Theorem 14.6.
a= {Jy + p
584
The Gaussian Integers and 0 :S
N(p)
<
N(fJ). Here y is called the quotient and p is called the remainder of
this division.
Proof
Suppose that a/fJ
=x +i y. Then x +iy is a complex number that is a Gaussian integer if and only if fJ divides a. Let s = [x + -! ] and t = [y + -! ] (these are the integers closest to x and y, respectively, rounded up if the fractional part of x or y equals 1/2; see Figure 14.2).
I I I I I
----1�1/j I
r
Figure 14.2 Determining the quotient y when a is divided by {3. With these choices for
s and t, we find that
x +iy = (s +f) +i(t + g), f and g are real numbers with Iii :S 1/2 and lgl :S 1/2. Now let y = s +ti and p =a - fJy. By Theorem 14.1 , we know that N(p) � 0. where
To show that
N(p)
<
N(fJ), recalling that a/fJ =x +iy and using Theorem 14.1
(ii), we see that
N(p) =N(a - fJy) =N(((a/fJ) - y)fJ) =N((x +iy) - y)fJ) =N((x +iy) - y)N(fJ). Because
y =s +ti, x - s =f, and y - t = g, we find that N(p) =N((x +iy) - (s +ti))N(fJ) =N(f +ig)N(fJ).
Finally, because
If I
:S
1/2 and lgl :S 1/2, we conclude that
N(p) =N(f +ig)N(fJ) :S ((1/2)2 +(l/2)2)N(fJ) :S N(fJ)/2
<
N(fJ).
14.1 Gaussian Integers and Gaussian Primes
585
This completes the proof . Remark.
•
In the proof of Theorem 14.6, when we divide a Gaussian integer a by a
nonzero Gaussian integer
fJ,
we construct a remainder p such that 0:::: N(p) :::: N({J)/2.
That is, the norm of the remainder does not exceed 112 of the norm of the divisor. This will be a useful fact to remember. Example 14.8 illustrates how to find the quotient and remainder computed in the proof of Theorem 14.6. This example also illustrates that these values are not unique, in the sense that there are other possible values that satisfy the conclusions of the theorem.
Example 14.8.
Let a = 13 +20i and
proof of Theorem 14.6 to find y
fJ = -3 +Si. We can follow and p such that a = fJ y +p andN(p)
with 13 +20i = (-3 +Si)y +p and 0:::: N(p) by
< N(-3
the steps in the < N({J),
that is,
+Si)= 34. We first divide a
fJ to obtain 13 +20i
61 12S. =---z. 34 -3 +Si 34
---
Next, we find the integers closest to
�l and -jJ5, namely, 2 and -4, respectively.
Consequently, we take y = 2 - 4i as the quotient. The corresponding remainder is p =
a - {Jy = (13 +20i) - (-3 +Si)y = (13 +20i) - (-3 +Si)(2 - 4i) = -1 - 2i. We
verify thatN(p):::: N({J)/2
< N({J)
by noting thatN(-1 - 2i) = S
< N(-3
+Si)/2 =
34/2 = 17, as expected (see the previous Remark). Other choices for y and p besides those produced by the construction in the proof of Theorem 14.6 satisfy the consequences of the division algorithm. For example, we can take y = 2 - 3i and p= 4 +i, because 13 +20i = (-3 +Si)(2 - 3i) +(4 +i) and N(4 +i) = 17:::: N(-3 +Si)/2 = 34/2 = 17
14.1
< N(-3
+Si). (See Exercise 19.)
<11111
EXERCISES 1. Simplify each of the following expressions, expressing your answer in the form of a Gaussian integer a +bi.
a) (2 +i)2(3 +i)
b) (2-3i)3
c)-i(-i +3)3
2. Simplify each of the following expressions, expressing your answer in the form of a Gaussian integer a +bi.
a) (-1+ i)\l + i)3
b) (3+2i)(3 -i)2
c) (2 +i)2(5 -i)3
3. Determine whether the Gaussian integer a divides the Gaussian integer fJ if a) a=2- i, fJ =5 +Si.
c) a=5, fJ=2 +3i.
b)a=l-i,fJ=8.
d)a=3+2i,fJ=26.
4. Determine whether the Gaussian integer a divides the Gaussian integer fJ, where a) a=3, fJ = 4 +?i.
c) a=5 +3i, fJ= 30 +6i.
b) a=2+ i, fJ = 15.
d) a= 11+4i, fJ=274.
586
The Gaussian Integers 5. Give a formula for all Gaussian integers divisible by 4 + 3i, and display the set of all such
Gaussian integers in the plane. 6. Give a formula for all Gaussian integers divisible by 4 - i, and display the set of all such
Gaussian integers in the plane. 7. Show that if a, fJ,and y are Gaussian integers and a I fJ and fJ I y, then a I y. 8. Show that if a,{J, y, µ,and
v
are Gaussian integers and y I a and y I {J,then y I (µa+ v{J).
9. Show that if f is a unit for the Gaussian integers,then
E5
= f.
10. Find all Gaussian integers a=a + bi such that a=a - bi,the conjugate of a,is an associate
of a. 11. Show that the Gaussian integers a and fJ are associates if a I fJ and fJ I a. 12. Show that if a and fJ are Gaussian integers and a I {J, then N(a) I N{{J). 13. Suppose that N(a) I N({J), where a and fJ are Gaussian integers. Does it necessarily follow
that a I fJ? Supply either a proof or a counterexample. 14. Show that if a divides {J, where a and fJ are Gaussian integers, then a divides {J. 15. Show that if a=a + bi is a nonzero Gaussian integer,then a has exactly one associate c+ di
(including a itself),where c
>
0 and d '.'.:: 0.
16. For each pair of values for a and {J, find the quotient y and the remainder p when a is
divided by fJ computed following the construction in the proof of Theorem 14.6, and verify that N(p) < N{{J). a) a= 14+ 17i,fJ= 2 + 3i b) a= 7 - 19i, fJ= 3 - 4i
c) a= 33,fJ= 5+ i
17. For each pair of values for a and fJ, find the quotient y and the remainder p when a is
divided by fJ computed following the construction in the proof of Theorem 14.6, and verify that N(p) < N{{J). a) a= 24- 9i,fJ= 3 + 3i
b) a= 18 + 15i, fJ= 3 + 4i c) a= 87i,fJ= 11- 2i
18. For each pair of values for a and fJ in Exercise 16,find a pair of Gaussian integers y and p such
that a= fJ y+ p and N (p) < N{fJ) different from that computed following the construction in Theorem 14.6. 19. For each pair of values for a and fJ in Exercise 17,find a pair of Gaussian integers y and p such
that a= fJ y+ p and N (p) < N{fJ) different from that computed following the construction in Theorem 14.6. 20. Show that for every pair of Gaussian integers a and fJ with fJ f=. 0 and fJ J
a,
there are at least two different pairs of Gaussian integers y and p such that a= fJ y+ p and N (p) < N{fJ).
*
21. Determine all possible values for the number of pairs of Gaussian integers y and p such
that a= {Jy + p and N(p) < N(fJ) when a and fJ are Gaussian integers and fJ f=. 0. (Hint: Analyze this geometrically by looking at the position of a/fJ in the square containing it and with four lattice points as its comers.) 22. Show that if a number of the form r + s i, where r and s are rational numbers,is an algebraic
integer,then r and s are integers. 23. Show that 1+ i divides a Gaussian integer a + ib if and only ifa and b are both even or both
odd. 24. Show that if rr: is a Gaussian prime, then N(rr:)= 2 or N(rr: )
2
=
1(mod 4).
25. Find all Gaussian primes of the form a + 1, where a is a Gaussian integer.
14.1
Gaussian Integers and Gaussian Primes
587
26. Show that if a+bi is aGaussian prime,thenb + ai is also aGaussian prime. 27. Show that the rational prime7 is also aGaussian prime by adapting theargument given in Example 14 .6 that shows3 is aGaussian prime.
28. Show that every rational primep of theform4k+ 3 is also aGaussian prime. 29. Suppose that a is a nonzeroGaussian integer that is neither a unit nor a prime.Show that a Gaussian integerf3 exists such thatf3 I a and1
<
N (/3)
�
JN(a).
30. Explain how to adapt the sieve of Eratosthenes to find all theGaussian primes with norm less than a specified limit.
31. Find all theGaussian primes with norm less than100. 32. Display all theGaussian primes with norm less than 200 as lattice points in the plane. We can define the notion of congruence for Gaussian integers. Suppose that a, f3, and y are
'f=. 0. We say that a is congruent to f3 modulo y and we write a= f3 (mody) if y I (a - {3).
Gaussian integers and that y
33. Suppose that µ, is a nonzero Gaussian integer.Show that each of the following properties holds. a) If a is aGaussian integer,thena= a (modµ,). b) If a=f3 (modµ,),thenf3=a (modµ,). c) If a= f3 (modµ,) andf3= y (modµ,),thena= y (modµ,).
34. Suppose that a= f3 (modµ,) and y=
8
(modµ,), where a,
integers andµ,'f=. 0.Show that each of these properties holds. a)a+ y= f3 +
8 (modµ,)
b)a
- y= f3 - 8 (modµ,)
{3, y, 8,
c) ay =
and µ, are Gaussian
{38 (modµ,)
35. Show that twoGaussian integersa=a1 +ib1 andf3 =a2 +ib2 can multiplied using only three multiplications of rational integers, rather than the four in the equation shown in the text,together with five additions and subtractions.(Hint: One way to do this uses the product (a1 +b1)(a2 +b2). A second way uses the productb2(a1 +b1).)
36. When a andbare real numbers,let{ a+bi}= { a} +{b}i, where{x} is the closest integer to the real number x, rounding up in the case of a tie. Show that if z is a complex number,then noGaussian integer is closer to z than{z} andN (z - {z}) � 1/2. Let k be a nonnegative integer.The Gaussian Fibonacci number Gk is defined in terms of the Fibonacci numbers withGk= fk +ifk+i·Exercises37-39 involveGaussianFibonacci numbers.
37.
a) List the terms of the Gaussian Fibonacci sequence fork=0,1, 2,3, 4, 5. (Recall that
fo
=0.)
b) Show that Gk =Gk-l+ Gk_2 fork=2,3, ....
38. Show thatN(Gk) =fik+l for all nonnegative integers k. 39. Show that Gn+2Gn+l - G n+3 G n =(-l)ll(2+ i),whenever n is a positive integer. n 40. Show that every Gaussian integer can be written in the form an (-1+ i) + an- l (-1+ n l i) - +···+a1(-l+i)+a0,where aj=Oorlforj=0,1,. ..,n-1,n.
41. Show that if a is a number of theformr + s i,wherer ands are rational numbers and a is a root of a monic quadratic polynomial with integer coefficients,then a is aGaussian integer.
The Gaussian Integers
588
42. What can you conclude if rr =a +bi is a Gaussian prime and one of the Gaussian integers (a+1) +bi, (a - 1) +bi,a+(b + l)i , and a+ (b - l)i is also a Gaussian prime? 43. Show that if rr1=a- l + bi ,rr2=a + l +bi,rr3=a+(b- l) i,andn4=a+(b+ l)i all Gaussian primes and lal + lbl
>
are
5, then 5 divides both a and band neither a nor bis zero.
44. Describe the block of Gaussian integers containing no Gaussian primes that can be con structed by first forming the product of all Gaussian integers a + bi with a and b rational integers,0�a� m, and 0� b� n. 45. Find all Gaussian integers a, {3, andy such that af3y=a+ f3 +y=1. 46. Show that if rr is a Gaussian prime with N(rr) # 2,then exactly one of the associates of rr is congruent to either 1 or 3 + 2i modulo 4.
Computations and Explorations 1. Find all pairs of Gaussian integers y and p such that 180 - 18 l i =(12+ 13i)y +p and N(p)
<
N(12 +13i).
2. Use a version of the sieve of Eratosthenes to find all Gaussian primes with norm less than 1000. 3. Find as many different pairs of Gaussian primes that differ by 2 as you can. 4. Find as many triples of Gaussian primes that form an arithmetic progression with a common difference of 2 as you can. S. Find as many Gaussian primes as you can of the form 1 + bi where b is an integer. (It is unknown whether there are infinitely many such primes.) 6. Find as many Gaussian primes of the form a2 +a+(9 +4 i) as you can. 7. Estimate the probability that two randomly chosen Gaussian integers
are
relatively prime by
testing whether a large number of randomly chosen pairs of Gaussian integers
are
relatively
prime. **
0
8. Search for Gaussian moats, which are regions of width k, where k is a positive real number,in the complex plane surrounding the origin that contain no Gaussian primes. (See [GeWaWi98] for more information about Gaussian moats.)
Programming Projects 1. Given two Gaussian integers a and {3, find all pairs of Gaussian integersy and p such that a=yf3 +p. 2. Implement a version of the sieve of Eratosthenes to find all Gaussian primes with norm less than a specified integer. 3. Given a positive real number k and a positive integer n, find all Gaussian primes with norm less than
n
that can be reached, starting with a Gaussian prime with norm not exceeding 5
moving from one Gaussian prime to the next in steps not exceeding k. 4. Display a graph of the Gaussian primes that can be reached as described in the preceding programming project.
14.2
14.2
Greatest Common Divisors and Unique Factorization
589
Greatest Common Divisors and Unique Factorization In Chapter 3, we showed that every pair of rational integers not both zero has a greatest common divisor. Using properties of the greatest common divisor, we showed that if a prime divides the product of two integers, it must divide one of these integers. We used this fact to show that every integer can be uniquely written as the product of the powers of primes when these primes are written in increasing order. In this section, we will establish analogous results for the Gaussian integers. We first develop the concept of greatest common divisors for Gaussian integers. We will show that every pair of Gaussian integers, not both zero, has a greatest common divisor. Then we will show that if a Gaussian prime divides the product of two Gaussian integers, it must divide one of these integers. We will use this result to develop a unique factorization theorem for the Gaussian integers.
Greatest Common Divisors We cannot adapt the original definition we gave for greatest common divisors of integers, because it does not make sense to say that one Gaussian integer is larger than another one. However, we will be able to define the notion of a greatest common divisor for a pair of Gaussian integers by adapting the characterization of the greatest common divisor of two rational integers that does not use the ordering of the integers given in Theorem 3 .10.
Definition.
Let a and fJ be Gaussian integers. A greatest
common divisor
of a and fJ
is a Gaussian integer y with these two properties: (i)
y I a and y I {J;
(ii)
if o I a and o I {J, then o I y.
and
If y is a greatest common divisor of the Gaussian integers a and fJ, then it is straightforward to show that all associates of y are also greatest common divisors of a and fJ (see Exercise then -y, i y, and
5). Consequently, if y is a greatest common divisor of a and {J,
-i y are also greatest common divisors of
a and fJ. The converse is also
true, that is, any two greatest common divisors of two Gaussian integers are associates, as we will prove later in this section. First, we will show that a greatest common divisor exists for every two Gaussian integers.
Theorem 14.7. (i)
If a and fJ are Gaussian integers, not both zero, then
there exists a greatest common divisor y of a and fJ;
and (ii)
if y is a greatest common divisor of a and {J, then there exist Gaussian integers µ,and v (called Bezout coefficients of a and {J) such that y =µ,a+ v{J.
Proof.
Let S be the set of norms of nonzero Gaussian integers of the form µ,a+ v{J,
590
The Gaussian Integers µ and v are Gaussian integers. Because µa+ vfJ is a Gaussian integer when µ and v are Gaussian integers and the norm of a nonzero Gaussian integer is a positive
where
integer, every element of Sis a positive integer. Sis nonempty, which can be seen because
N(l ·a+ 0 ·fJ) = N(a) and N(O ·a+ 1 ·fJ) = N(fJ) both belong to S and cannot be both 0. Because S is a nonempty set of positive integers, by the well-ordering property, it contains a least element. Consequently, a Gaussian integer
y exists with
Y = JLoa+ vofJ, µ0 and v0 are Gaussian integers and N(y) :::: N(µa+ vfJ) for all Gaussian integers µand v. where
y is a greatest common divisor of a and fJ. First, suppose that o I a and o I fJ. Then there exist Gaussian integers p and a such that a = op and fJ = oa. We will show that
It follows that
y = JLoa+ VofJ = JLoOP+ Vooa = o(JLoP+ Voa). We see that
o I y.
y la and y lfJ, we will show that y divides every Gaussian integer of µa+ vfJ. So, suppose that r = µ1 a+ v1{J for Gaussian integers µ1 and v1. By
To show that the form
Theorem 14.6, the division algorithm for Gaussian integers, we see that
s are Gaussian integers with 0:::: N(s) < N(y). Furthermore, s is a Gaussian integer of the form µa+ vfJ. To see this, note that where 1J and
y was chosen as an element with smallest possible norm among the nonzero Gaussian integers of the form µa+ vfJ. Consequently, because s has this form and 0:::: N(s) < N(y), we know that N(S) = 0. By Theorem 14.1, we see that s = 0. Consequently, r = y17. We conclude that every Gaussian integer of the form µa+ vfJ is divisible by y. • Recall that
We now show that any two greatest common divisors of two Gaussian integers must be associates.
Theorem 14.8. If both y1 and y2 are greatest common divisors of the Gaussian integers a and fJ, not both zero, then y1 and y2 are associates of each other. y1 and y2 are both greatest common divisors of a and fJ. By part y1 I y2 and y2 I Y1. This means there are Gaussian integers E and () such that y2 = E y1 and y1 = () y2. Combining
Proof.
Suppose that
(ii) of the definition of greatest common divisor, it follows that
these two equations, we see that
14.2 Greatest Common Divisors and Unique Factorization Divide both sides by
591
y1 (which does not equal 0 because 0 is not a common divisor of
two Gaussian integers if they are not both zero) to see that
BE= 1. We conclude that () and
E are both units. Because y1 = () y2, we see that y1 and y2 are
associates.
•
The demonstration that the converse of Theorem 14.8 is also true is left as Exercise S at the end of this section.
Definition. The Gaussian integers a and fJ are relatively prime if 1 is a greatest common divisor of a and fJ. Note that 1 is a greatest common divisor of a and fJ if and only if the associates of 1,
-1, i, and -i, are also greatest common divisors of a and fJ. For example, if we know that i is a greatest common divisor of a and fJ, then these two Gaussian integers
namely,
are relatively prime. We can adapt the Euclidean algorithm (Theorem
3 .11) to find a greatest common
divisor of two Gaussian integers.
Theorem 14.9. A Euclidean Algorithm for Gaussian Integers. Let Po= a and p1 = fJ be nonzero Gaussian integers. If the division algorithm for Gaussian integers is successively applied to obtain Pj = Pj+lYj+l + rj+2• with N(Pj+2) < N(Pj+1) for j = 0 , 1, 2, ... , n - 2 and Pn+l= 0, then Pn• the last nonzero remainder, is a greatest common divisor of a and fJ. We leave the proof of Theorem of the proof of Theorem
14.9 to the reader; it is a straightforward adaption
3.11. Note that we can also work backward through the steps
of the Euclidean algorithm for Gaussian integers to express the greatest common divisor found by the algorithm as a linear combination of the two Gaussian integers provided as input to the algorithm. We illustrate this in the following example.
Example 14.9.
Suppose that
a= 97 + 210i and fJ = 123 + 16i. The version of the
Euclidean algorithm based on the version of the division algorithm in the proof of Theorem
4.6 can be used to find the greatest common divisors of a and fJ with the
following steps:
97 + 210i = (123 + 16i)(l + 2i) + (6 - S2i) 123 + 16i = (6 - S2i)(2i) + (19 + 4i) 6 - S2i = (19 + 4i)(-3i) + (-6 +Si) 19 + 4i = (-6 +Si)(-2 - 2i) + (-3 + 2i) -6 +Si = (-3 + 2i)2 + i -3 + 2i = i(2 + 3i) + 0. We conclude that
i is a greatest common divisor of 97 + 210i and 123 + 16i.
Consequently, all greatest common divisors of these two Gaussian integers are the
592
The Gaussian Integers i, namely, 1, -1, i, and -i. It follows that 97+ 210i and 123+ 6i are
associates of
relatively prime. Because 97+ 210i and 123+ 16i are relatively prime, we can express 1 as a linear
v such that vfJ by working backward through these steps and then multiplying both sides
combination of these Gaussian integers. We can find Gaussian integersµ, and
1
=
µ,a+
by -i to obtain
1. These computations, which we leave to the reader, show that (97+ 210i)(-24+ 21i)+ (123+ 16i)(57+ 17i)
=
1.
Unique Factorization for Gaussian Integers The fundamental theorem of arithmetic states that every rational integer has a unique factorization into primes. Its proof depends on the fact that if the rational prime p divides the product of two rational integers ab, then p divides either a orb. We now prove an analogous fact about the Gaussian integers that will play the crucial role in proving unique factorization for the Gaussian integers.
Lemma 14.1. rr
If rr is a Gaussian prime and
a
and
fJ are
Gaussian integers such that
I afJ, then rr I a or rr I fJ.
Proof.
Suppose that
Because
rr
of rr are 1,
1 a,
rr
we also know that
-1, i, -i,
a. We will show that rr must then divide fJ. 1 a when E is a unit. Because the only divisors
does not divide Err
irr, and -irr, it follows that a greatest common divisor of rr and a must be a unit. This means that 1 is a greatest common divisor of rr and a. By Theorem 14.7, we know that there exist Gaussian integersµ, and v such that rr, -rr,
1
=
µ,rr+
Multiplying both sides of this equation by
fJ
=
va. fJ, we see that
rr(µ,fJ)+ v(afJ).
I afJ so that rr I v(a{J). Because rr(µ,fJ ) + v(afJ), it follows (using Exercise 8 of Section 14.1) that rr I {J. •
By the hypotheses of the theorem, we know that
fJ
=
Lemma
rr
14.1 is a key ingredient in proving that the Gaussian integers enjoy the
unique factorization property. Other sets of algebraic integers, such as Z [ .J=S], the set of quadratic integers of the form a+b,J=S, do not enjoy a property analogous to Lemma 14.1 and do not enjoy unique factorization. We can extend Lemma 14.1 to products with more than two terms.
Lemma 14.2. that
rr
Proof.
I
a1a2
·
If rr is a Gaussian prime and ai. ·
·
am ,
then there is an integer
j
a2, ···, am
such that
rr
are Gaussian integers such
I aj•
where 1:::::::
We can prove this result using mathematical induction. W hen m
is trivial. Now suppose that the result is true form is, suppose that if
=
j ::::::: m.
=
1, the result
k, where k is a positive integer. That
14.2 where
Greatest Common Divisors and Unique Factorization
593
ai is a Gaussian integer for i = 1, 2, ... , k, then rr I ai for some integer i with
1:::: i :::: k. Now suppose that
rr I a1a2 · · · akak+b ai, i = 1, 2, ... , k + 1 are Gaussian integers. Then rr I a1(a2 ···akak+1), so that by Lemma 14.1, we know that rr I a1 or rr I a2 ···akak+l· If rr I a2 ···akak+b we can use the induction hy pothesis to conclude that rr I ai for some integer j with 2:::: j :::: k + 1.It follows that rr I aj for some integer j with 1:::: j :::: k + 1, completing where
the proof.
•
We can now state and prove the unique factorization theorem for Gaussian integers. Not surprising, Carl Friedrich Gauss was the first to prove this theorem.
Theorem 14.10.
The Unique Factorization Theorem for Gaussian Integers.
Sup
pose that y is a nonzero Gaussian integer that is not a unit.Then (i)
y can be written as the product of Gaussian primes; and
(ii)
this factorization is unique in the sense that if
rri. rr2, ...,
Pi. p2, ... , Pt are all Gaussian primes, then s= t, and after renumbering the terms, if necessary, rri and Pi are associates for where
i = 1, 2,
Proof.
7r8,
. . . 's.
We will prove part (i) using the second principle of mathematical induction
where the variable is N(y), the norm of y.First note that because y i=- 0 and y is not a unit, by Theorem 14.3, we know that N(y) i=-1.It follows that N(y) 2: 2. W hen N(y)= 2, by Theorem 14.5, we know that y is a Gaussian prime. Conse quently, in this case, y is the product of exactly one Gaussian prime, itself. Now assume that N(y)
>
2. We assume that every Gaussian integer 8 with N(8)
<
N(y) can be written as the product of Gaussian primes; this is the induction hy pothesis. If y is a Gaussian prime, it can be written as the product of exactly one Gaussian prime, itself.Otherwise, y= rJ(), where rJ and() are Gaussian integers that are not units.Because rJ and() are not units, by Theorems 14.1 and14.3, we know that N(rJ) Furthermore, because N(y) = N(rJ)N(()), we know that 2:::: N(rJ) N(())
<
> <
1 and N(())
>
1.
N(y) and 2::::
N(y).Using the induction hy pothesis, we know that both rJ and() are products
rr1rr2 · · · rrs, where rri. rr2, ... , rrk are Gaussian primes and()= P1P2 ···Pt• where Pi. p2, ... , Pt are Gaussian primes.Consequently,
of Gaussian primes.That is, rJ=
Y = ()'YJ =
rr1rr2 ···lrsP1P2 ···Pt
is the product of Gaussian primes. This finishes the proof that every Gaussian integer can be written as the product of Gaussian primes. We will also use the second principle of mathematical induction to prove part (ii) of the theorem, the uniqueness of the factorization in the sense described in the statement of the theorem. Suppose that y is a nonzero Gaussian integer that is not a unit. By Theorem
594
The Gaussian Integers
14.3, we know that N(y) � 2. To begin the proof by mathematical induction, note that 2, y is a Gaussian prime, so y can only be written in one way as the
when N(y)
=
product of Gaussian primes, namely, the product with one term, y. Now assume that part (ii) of the statement of the theorem is true when 8 is a Gaussian integer with N(o)
<
N(y). Assume that y can be written as the product of Gaussian
primes in two ways, that is,
whereni. n2, ..., 1l's, Pi. p2, ..., Pt are allGaussian primes.Note thats >I; otherwise, y is a Gaussian prime that already can be written uniquely as the product of Gaussian primes. Becausen1In1n2···1l's andn1n2···1l's
=
p1p2···Pt• we see thatn1 I p1p2···Pt·
14.2, we know that n1 I Pk for some integer k with 1 ::; k ::; t. We can reorder the primes Pi. p2, ..., Pk> if necessary, so that n1 I p1 .Because p1 is a Gaussian prime,
By Lemma
it is only divisible by units and associates, so that n1 and p1 must be associates.It follows
that p1
=
EJri, where E is a unit.T his implies that
We now divide both sides of this last equation by n1 to obtain
Because n1 is a Gaussian prime, we know that N(n1 ) �
By the induction hypothesis and the fact that n2n3 ···1l's
1 associate of ni for i conclude that s
-
=
=
2. Consequently,
=
(Ep2)p3 ···Pt• we can
1, and that after reordering of terms, if necessary, Pi is an 1, 2, ..., s 1. T his completes the proof of part (ii). • t
-
-
Factoring a Gaussian integer into a product of Gaussian primes can be done by computing its norm.For each prime in the factorization of this norm as a rational integer, we look for possible Gaussian prime divisors of the Gaussian integer with this norm.We can perform trial division by each possible Gaussian prime divisor to see whether it divides the Gaussian integer.
Example 14.10. To find the factorization of 20 into Gaussian integers, we note that 2 N(20) 400. It follows that the possible Gaussian prime divisors of 20 have 20 =
=
2 or 5. We find that we can divide 20 by 1 + i four times, leaving a quotient of -5. Because 5 (1 + 2i)(l - 2i), we see that norm
=
20
=
-(1 + i)\ 1 + 2i)(l - 2i).
14.2 Greatest Common Divisors and Unique Factorization
14.2
595
EXERCISES 1. Use the definition of the greatest common divisor of two Gaussian integers to show that if n:1 and
n:2
and
n:2•
are Gaussian primes that are not associates, then 1 is a greatest common divisor of
n:1
2. Use the definition of the greatest common divisor of two Gaussian integers to show that if E is a unit and
a is a Gaussian integer, then 1 is a greatest common divisor of a and E.
3. Show that if y is a greatest common divisor of the Gaussian integers a and fJ, then y is a greatest common divisor of
a and fJ.
4. a) By extending the definition of a greatest common divisor of two Gaussian integers, define the greatest common divisor of a set of more than two Gaussian integers. b) Show from your definition that a greatest common divisor of three Gaussian integers and
a, fJ,
y is a greatest common divisor of y and a greatest common divisor of a and fJ.
5. Show that if a and fJ are Gaussian integers and y is a greatest common divisor of a and fJ, then all associates of
y are also greatest common divisors of a and fJ.
6. Show that if a and fJ are Gaussian integers and N(a) and N{fJ) are relatively prime rational integers, then
a and fJ are relatively prime Gaussian integers.
7. Show that the converse of the statement in Exercise 6 is not necessarily true, that is, find
a and fJ such that a and fJ are relatively prime Gaussian integers, but N(a) N(fJ) are not relatively prime positive integers.
Gaussian integers and
8. Show that if a and fJ are Gaussian integers and y is a greatest common divisor of a and fJ, then
N(y) divides (N(a), N(fJ)).
9. Show if
a
and b are relatively prime rational integers, then they are also relatively prime
Gaussian integers.
10. Show that if a, fJ, and y are Gaussian integers and n is a positive integer such that afJ= yn and
a and fJ are relatively prime, then a= E8n, where E is a unit and 8 is a Gaussian integer.
11. a) Show all steps of the version of the Euclidean algorithm for the Gaussian integers de scribed in the text to find a greatest common divisor of
a= 44 + 18i and fJ= 12 - 16i .
b) Use the steps in part (a) to find Gaussian integersµ and v such thatµ(44 + 18i) + v(12 16i) equals the greatest common divisor found in part (a).
12. a) Show all steps of the version of the Euclidean algorithm for the Gaussian integers de scribed in the text to show that 2
-
1 li and 7 + Si are relatively prime.
b) Use the steps in part (a) to find Gaussian integersµ and
v such that µ(2 - 11i ) + v(7 +
8i)= 1. 13. Show that two consecutive Gaussian Fibonacci numbers Gk and Gk+ 1 (defined in the pream ble to Exercise 37 of Section 14.1 ), where k is a positive integer, are relatively prime Gaussian integers.
14. How many divisions are used to find a greatest common divisor of two consecutive Gaussian Fibonacci numbers Gk and Gk+l (defined in Exercise 37 of Section 14.1), where k is a positive integer? Justify your answer.
15. Derive a big-0 estimate for the number of bit operations required to find a greatest common divisor of two nonzero Gaussian integers a and fJ, where N (a) :S following the proof of Theorem 14.6.)
N (fJ). (Hint: Use the remark
596
The Gaussian Integers
16. For each of these Gaussian integers, find its factorization into Gaussian primes and a unit where each Gaussian prime has a positive real part and a nonnegative imaginary part. d)210+2100i
c)22+7i
b)4
a)9+i
17. For each of these Gaussian integers, find its factorization into Gaussian primes and a unit where each Gaussian prime has a positive real part and a nonnegative imaginary part. a)7+6i
b)3-13i
c)28
d)400i
18. Find the factorization into Gaussian primes of each of the Gaussian integers k+ (7-k)i for k
=
1, 2 , 3, 4, 5, 6, 7, where each Gaussian prime has a positive real part and a nonnegative
imaginary part. 19. Determine the number of different Gaussian integers, counting associates separately, that divide b)256+128i
a)10
d) 5040+40 , 320i
c)27 ,000
20. Determine the number of different Gaussian integers, counting associates separately, that divide a)198 .
c)169 ,000.
b)128+256i.
d)4004+8008i.
21. Suppose that a+ibis a Gaussian integer and n is a rational integer. Show that n and a+ib are relatively prime if and only if n and b+ ai are relatively prime. 22. Use the unique factorization theorem for Gaussian integers (Theorem 14.10) and Exercise 13 of Section 14.1 to show that every nonzero Gaussian integer can be written uniquely, except for the order of terms, as nj
=
En
� 1n;2
·
·
a j+ ibj is a Gaussian prime with a j
·
>
;\ where E is a unit and for j
n
=
1, 2 , . . . , k,
0 and bj � 0 , and ej is a positive integer.
23. Adapt Euclid's proof that there are infinitely many primes (Theorem 3 .1 ) to show that there are infinitely many Gaussian primes. Exercises 24--41 rely on the notion of a congruence for Gaussian integers defined in the preamble to Exercise 33 in Section 14.1. 24. a) Define what it means for fJ to be an inverse of the a moduloµ, where a, {J, andµ are Gaussian integers. b) Show that if a andµ are relatively prime Gaussian integers, then there exists a Gaussian integer fJ that is an inverse of a moduloµ. 25. Find an inverse of 1+ 2i modulo 2+ 3i. 26. Find an inverse of 4 modulo 5+2i. 27. Explain how a linear congruence of the form ax
=
fJ (modµ) can be solved, where a, fJ, and
µ are Gaussian integers and a andµ are relatively prime. 28. Solve each of these linear congruences in Gaussian integers. a) (2+i)x
=
3 (mod 4 - i)
b)4x
=
-3+4i (mod 5+2i)
c)2x
=
5 (mod 3 - 2i)
29. Solve each of these linear congruences in Gaussian integers. a)3x
=
2+ i (mod 13 )
b) 5x
=
3-2i (mod 4+ i)
c) (3+ i)x
=
4 (mod 2+ 3i)
30. Solve each of these linear congruences in Gaussian integers. a) 5x
=
2 - 3i (mod 11)
b)4x
=
7+i (mod 3+2i)
c) (2+5i)x
=
3 (mod 4 - 7i)
31. Develop and prove a version of the Chinese remainder theorem for systems of congruences for Gaussian integers.
14.2 Greatest Common Divisors and Unique Factorization
597
32. Find the simultaneous solutions in Gaussian integers of the system of congruences x = 2(mod 2
+3 i )
x = 3(mod1+4i).
33. Find the simultaneous solutions in Gaussian integers of the system of congruences x = 1 +3i(mod 2+ x =2
-
5i)
i (mod 3 - 4 i ).
34. Find a Gaussian integer congruent to 1 modulo 11 , to 2 modulo 4+3i, and to 3 modulo
1+7i. A complete residue system modulo y, where y is a Gaussian integer, is a set of Gaussian integers such that every Gaussian integer is congruent modulo y to exactly one element of this set.
35. Find a complete residue system modulo b)2.
a)l-i.
c)2+3i.
36. Find a complete residue system modulo a)1+2i.
c)4-i.
b)3.
37. Prove that a complete residue system of a, where a is a Gaussian integer, has N(a) elements. A reduced residue system modulo y, where y is a Gaussian integer, is a set of Gaussian integers such that every Gaussian integer that is relatively prime to y is congruent to exactly one element of this set.
38. Find a reduced residue system modulo c) 5- i .
b)2.
a)1+3i.
39. Find a reduced residue system modulo a)2+2i.
b)4.
c)4+2i.
40. Suppose that n is a Gaussian prime. Determine the number of elements in a reduced residue system modulo
n.
41. Suppose that n is a Gaussian prime. Determine the number of elements in a reduced residue system modulo
e n ,
where
e is a positive integer.
42. a) Show that the algebraic integers of the form r + s../=3, where r and s are rational
a + bw, where a and b are integers and where w= ( -1 + ../=3) /2. Numbers of this form are called Eisenstein integers after Max numbers, are the numbers of the form
Eisenstein, who studied them in the mid-nineteenth century. (They are also sometimes called Eisenstein-Jacobi
integers because they were also studied by Carl Jacobi.) The set of Eisenstein integers is denoted by Z [w]. b) Show that the sum, difference, and product of two Eisenstein integers is also an Eisenstein integer. c) Show that if a is an Eisenstein integer, then a, the complex conjugate of a, is also an Eisenstein integer.
(Hint: First show that w = w2.)
d) If a is an Eisenstein integer, we define the a=
norm of this integer by N(a)= a2 - ab+ b2 if
a+ bw, where a andb are integers. Show thatN(a)= aa whenever a is an Eisenstein
integer.
The Gaussian Integers
598
e) If a and fJ are Eisenstein integers, we say that a divides fJ if there exists an element y in Z[w] such that fJ= ay. Determine whether 1+2w divides 1+5w and whether 3+w divides 9 + 8w. f) An Eisenstein integer units.
E
is a unit if E divides 1. Find all the Eisenstein integers that are
g) An Eisenstein prime n in Z[w] is an element divisible only by a unit or an associate of n. (An associate of an Eisenstein integer is the product of that integer and a unit.) Determine whether each of the following elements are Eisenstein primes: 1 + 2w, 3- 2w, 5 + 4w, and-7- 2w. *
h) Show that if a and fJ f= 0 belong to Z[w], there are numbers y and p such that a= fJ y+p and N (p) < N({J). That is, establish a version of the division algorithm for the Eisenstein integers. i) Using part (h), show that Eisenstein integers can be uniquely written as the product of Eisenstein primes, with the appropriate considerations about associated primes taken into account.
j) Find the factorization into Eisenstein primes of each of the following Eisenstein integers: 6, 5 43.
+ 9w, 114, 37 + 74w.
a) Show that the algebraic integers of the form r +s �.where r ands are rational numbers, are the numbers of the form a+b�, where a and b are rational integers. (Recall that we briefly studied such numbers in Chapter 3. In this exercise, we look at these numbers in more detail.) b) Show that the sum, difference, and product of numbers of the form a + b�, where a and b are rational integers, is again of this form. c) We denote the set of numbers a+b� by Z[�]. Suppose that a and fJ belong to Z[�]. We say that a divides fJ if there exists a number y in Z[�] such that fJ ay. Determine whether -9+11� is divisible by 2+3� and whether 8+13� is divisible by 1 + 4�. =
d) We define the norm of a number a= a+b� to be N(a)= a2+5b2• Show that N(a{J)= N(a)N({J) whenever a and fJ belong to Z[�]. e) We say E is a unit of Z[�] if E divides 1. Show that the units in Z[�] are 1 and-1. f) We say that an element a in Z[�] is prime if its only divisors in Z[�] are 1, -1, a, and -a. Show that 2, 3, 1+�. and 1- � are all primes, and that 2 does not divide either 1+� or 1- �.Conclude that 6= 2 3= (1+�)(1- �) can be written as the product of primes in two different ways. This means that Z[�] does not have unique factorization into primes. ·
g) Show that there do not exist elements y and p in Z[�] such that 7 - 2�= (1 + �)y + p, where N (p) < N(1 + �) 6. Conclude that there is no analog for the division algorithm in Z[�]. =
h) Show that if a 3 and fJ 1 + �. there do not exist numbers µ and v in Z[�] such that aµ +fJ v= 1, even though a and fJ are both primes, neither of which divides the other. =
=
Computations and Explorations 1.
Find the unique factorization into a unit and a product of Gaussian primes, where each Gaussian prime has a positive real part and a nonnegative imaginary part, of (2007 - k) + (2008- k)i for all positive integers k with k � 8.
14.3 Gaussian Integers and Sums of Squares
599
2. Find a prime factor of smallest norm of each of the Gaussian integers formed by adding 1 to the product of all Gaussian primes with norm less than n for as many
n
as possible. Do you
think that infinitely many of these numbers are Gaussian primes? 3. Determine whether two randomly selected Gaussian integers are relatively prime, and by doing this repeatedly, estimate the probability that two randomly selected Gaussian integers are relatively prime.
Programming Projects 1. Find a greatest common divisor of two Gaussian integers using a version of the Euclidean algorithm for Gaussian integers.
2. Express a greatest common divisor of two Gaussian integers as a linear combination of these Gaussian integers.
3. Keep track ofthe number ofsteps used by the version ofthe Euclidean algorithm for Gaussian integers that uses the construction in the proofof the division algorithm for Gaussian integers to find quotients and remainders.
4. Find the unique factorization of a Gaussian integer into a unit times Gaussian primes, where each Gaussian prime in the factorization is in the first quadrant.
14.3
Gaussian Integers and Sums of Squares In Section 13.3, we determined which positive integers are the sum of two squares. In this section, we will show that we can prove this result using what we have learned about Gaussian primes. We will also be able to determine the number of different way s that a positive integer can be written as the sum of two squares using Gaussian primes. In Section 13.3, we proved that every prime of the form 4k + 1 is the sum of two squares. We can prove this fact in a different way using Gaussian primes.
Theorem 14.11. then
p
Ifp is a rational prime oftheform4k + 1, wherek is a positive integer,
is the sum of two squares, which these squares are unique up to their order.
Proof. Suppose that p is of the form 4k + 1, where k is a positive integer. To prove that p can be written as the sum of two squares, we show that p is not a Gaussian prime. By Theorem 11.5, we know that -1 is a quadratic residue of p. Consequently, we know that 2 2 there is a rational integer t such that t = -1 (mod p). It follows that p I (t + 1). We can use this divisibility relation for rational integers to conclude that p I (t+i)(t - i). If p is a Gaussian prime, then by Lemma 14 .1 , it follows that p I t + i or p I t - i. Both of these cases are impossible because the Gaussian integers divisible by p have the form p(a+bi)= pa+ pbi, where a and bare rational integers. Neither t+i nor t - i has this form. We can conclude that p is not a Gaussian prime. Because
p is not a Gaussian prime, there are Gaussian integers a and f3, neither a p = af3. Taking norms of both sides of this equation, we find that
unit, such that
N(p)= p2 = N(af3) = N(a)N(f3).
600
The Gaussian Integers
a
Because neither
N(fJ)= p.
nor
fJ
N(a) =f. 1 and N(fJ) =f. 1.T his implies if a= a+bi and fJ= c+di, we know that
is a unit,
Consequently,
p= N(a)= a2 +b2 It follows that
p
and
that
N(a)=
p= N(fJ)= c2+d2 .
is the sum of two squares.
We leave the proof that
p
can be written uniquely as the sum of two squares to the
reader.
•
To find which rational integers are the sum of two squares, we will need to determine which rational integers are Gaussian primes and which factor into Gaussian primes. To accomplish that task, we will need the following lemma. If rr is a Gaussian prime, then there is exactly one rational prime p such
Lemma 14.3. that
rr
divides
p.
Proof We first factor the rational integer N(rr) into prime factors, say, N(rr)= P1P2 Pt where Pj is prime for j= 1, 2, ... , t. Because N(rr)= rrrr, it follows that rr I N(rr), so that rr I p1p2 Pt By Lemma 14.2, it follows that rr I Pj for some integer j with 1 ::'.S j ::'.S t. We have shown that rr divides a rational prime. ·
·
·
•
·
·
·
·
rr cannot divide two different rational primes. So suppose that rr I p1 and rr I p2, where p1 and p2 are different rational primes. Because p1 and p2 are relatively prime, by Corollary 3.8.1, there are rational integers m and n such that mp1+np2= 1. Moreover, because rr I p1 and rr I Pi. we see that rr 11 (using the divisibility property in Exercise 8 of Section 14.1 ). But this implies that rr is • a unit, which is impossible, so rr does not divide two different rational primes. To complete the proof, we must show that
We can now determine which rational primes are also Gaussian primes and the factorization into Gaussian primes of those that are not. If p is a rational prime, then p factors as a Gaussian integer according
Theorem 14.12. to these rules: (i)
If
p= 2,
then
p= -i(l+i)2= i(l - i)2 ,
where 1+ i and
1-i
are both
Gaussian primes with norm 2. If p
=
3
(iii) If p
=
1 (mod 4), then p=
(ii)
(mod 4), then p=
not associates with
rr
is a Gaussian prime with
N(rr)= p 2.
rrrr', where rr and rr' are Gaussian primes that are N(rr)= N(rr')= p.
-i(1+i)2= i ( 1 - i)2 , where the factors -i and i 2 2 are units.Furthermore, N(l+i)= N(l - i)= 1 + 1 = 2. Since N(l+i)= N(l - i) is a rational prime by Theorem 14.5, it follows that 1+i and 1 - i are Gaussian primes.
Proof
To prove (i), we note that 2=
p = 3 (mod 4). Suppose that p= afJ, where a and fJ are Gaussian integers with a= a+bi and fJ= c+di and neither a nor fJ is a unit. By part (ii) of T heorem 14.1, it follows that N(p)= N(afJ)= N(a)N(fJ). Because N(p)= p 2, N(a)= a2 +b2, and N(fJ)= c2 +d2, we see that p2= (a2 +b2)(c2 +d2). Neither a nor fJ is a unit, so neither has norm 1. It follows To prove (ii), let
p
be a rational prime with
14.3 Gaussian Integers and Sums of Squares
601
that N(a)=a2+ b2=p and N(fJ)=c2+ d2=p. However, this is impossible because p = 3 (mod 4), so that p is not the sum of two squares. To prove (iii), let p be a rational prime with p = 1 (mod 4). By Theorem 14.11, there are integers a and b such that p=a2+ b2. If n1=a - bi and n =a+ bi, then 2 p 2=N(p)=N(n1)N(n ), so that N(n1)=N(n )=p. It follows by Theorem 14.5 2 2 that n1 and n are Gaussian primes. 2
Next, we show that n1 and n are not associates. Suppose that n1=En , where Eis 2 2 a unit. Because Eis a unit, E= 1, -1, i, or -i. If E=1, then n1=n .This means that a+ bi=a - bi, so that b=0. This implies 2 that p=a2+ b2=a2, which is impossible because p is prime. Similarly, when E= -1, then n1=-n . This implies that a+ bi=-a+ bi, which makes a=0. This implies 2 that b2=p, which is also impossible. If E=i, then a+ ib=i(a - ib)=b+ ia, so that a=b. Similarly, if E=-i, then a+ ib=-i(a - ib), so that a=-b. In both of these cases, p=a2+ b2=2a2, which is impossible because p is an odd prime. We have shown that all four possible values of Eare impossible. It follows that n1 and n are not 2 • associates, completing the proof of (iii). We have all the ingredients we need to determine the number of representations of a positive integer as the sum of two squares using the unique factorization theorem for the Gaussian integers. Recall that we determined which positive integers can be written as the sum of two squares in Theorem 13.6 in Section 13.3. Theorem 14.13.
Suppose that n is a positive integer with prime power factorization n
-
-
... qft 2mp1e1 pe2 ... pesqfiqh t• s 1 2 2
is a nonnegative integer, Pi. p , ..., Ps are primes of the form 4k+ 1, qi. 2 q 2, ... , qt are primes of the form 4k+ 3, ei. e2 ... , es are nonnegative integers, and f1,f , ..., ft are even nonnegative integers. Then there are where
m
2
4(e1+ l)(e + 1) 2
·
·
·
(es + 1)
ways to express n as the sum of two squares. (Here the order in which squares appear in the sum and the sign of the integer being squared both matter.)
Proof. To count the number of ways to write n as the sum of the squares, that is, the number of solutions (a, b) of n=a2+ b2, we can count the number of ways to factor n into Gaussian integers a+ ib and a - ib, that is, to write n=(a+ ib)(a - ib). We will use the factorization of n to count the number of ways we can factor n as the product of two conjugates, that is, n=(a+ ib)(a - ib). First, note that by Theorem 14.11, for each prime Pk of the form 4k+ 1 that divides n, there are integers ak and bk such that Pk=ai +hi. Also note that because 1+ i =i(l - i), we have zm= (1+ i)m(l- i)m=(i(l- i))m(l - i)m=im(l- i)2m. Consequently, we have
602
The Gaussian Integers
n=
2 im(l - i) m(a1 + b1i)el(a1 - b1i)el(a2 + b2i)e2(a2 - b2i)e2 ... (as - bsi)es(as + bsi)esq/1q/2 ... q/t.
Next, note that E=
im is a unit because it takes on one of the values 1, -1, i, or -i. This
means that a factorization of n into the product of a unit and Gaussian primes is
2 E(l - i) m(a1+ b1i)el(a1 - b1i)el(a2 + b2i)e2(a2 - b2i)e2
n=
... (as+bsi)es(as - bsi)esq/1q/2 ... q/t. Because the Gaussian integer
u + iv divides n, its factorization into a unit and Gaussian
primes must have the form
u+iv= Eo(l - i)w(a1+ b1i)8l(a1 - b1i)h1(a2 + b2i)82(a2 - b2i)h2 ... (as+ bsi)8s(as - bsi)hsq�lql2 ... q/t' Eo is a unit, w, gi. . .. , gs, hi. ... , hs, and ki. . .. , k t are nonnegative integers with 0 :=: w :=: 2m, 0 :=: gi :=: ei, 0 :=:hi :=: ei for i= 1, . .. , s, and 0 :=: ki :=: fj for j= 1, ... ' t. where
u +iv, we find
Forming the conjugate of
u - iv= Eo(l + i)w(a1 - b1i)81(a1 + b1i)h1(a2 - b2i)82(a2+ b2i)h2 ·
·
·
(as - bs1")8s(as + bs1")hsqlki q2k1
We can now rewrite the equation n=
n=
·
·
·
qtk
t ·
(u + iv)(u - iv) as
2t 2 + 2wp81 1 h1 ... ps8s+hsq1 k1 ... qt k .
Comparing this with the factorization of
n
into a unit and Gaussian primes, we
m, gi +hi= ei for i= 1, . . . , s, and 2ki= fj for j= 1, . . . , t. We see that the values of w and ki for j = 1, .. . , t are determined, but we have ei + 1 choices for gi, namely, gi= 0, 1, 2, . . . , ei, and that once gi is determined, so is hi= ei - gi. Furthermore, we have four choices for the unit E0• We conclude that there are 4(e1 + l)(e2+ 1) (es+ 1) choices for the factor u +iv and for the number of see that
w=
·
ways to write
n
·
·
as the sum of two squares.
•
25= 52. Then by Theorem 14.13, there are 4 3= 12 ways to write 25 as the sum of two squares. (These are (±3)2 + (±4)2, (±4)2+ (±3)2, 2 (±5)2 + 0 , and 0+(±5)2. Note that the order in which terms appear matters when we Example 14.11.
Suppose that
n=
·
count these representations.)
90= 2 5 32. Then by Theorem 14.13, there are 4 2= 8 ways 2 2 2 2 to write 90 as the sum of two squares. (These are (±3) + (±9) and (±9) +(±3) . Suppose that
n=
·
·
·
Note that the order in which terms appear matters when we count these representations.) Let n=
16,200= 23 52 34. By Theorem 14.13, there are 4 3= 12 ways to write ·
·
·
16,200 as the sum of two squares. We leave it to the reader to find these representations. ....
14.3 Gaussian Integers and Sums of Squares
603
Conclusion In this section, we used the Gaussian integers to study the solutions of the diophantine equation x 2 + y2 =
n,
where
n
is a positive integer. The Gaussian integers are useful
in studying a variety of other types of diophantine equations. For example, we can find Pythagorean triples using the Gaussian integers (Exercise 7), and we can find the solutions in rational integers of the diophantine equation x2 + y 2 = z3 (Exercise 8).
14.3
EXERCISES 1. Determine the number of ways to write each of the following rational integers as the sum of squares of two rational integers. a) 5
b) 20
c) 120
d) 1000
2. Determine the number of ways to write each of the following rational integers as the sum of squares of two rational integers. a) 16
b) 99
c) 650
d) 1,001,000
3. Explain how to solve a linear diophantine equation of the form ax + {Jy= y, where a, {J, and y are Gaussian integers, so that the solution (x, y) is a pair of Gaussian integers.
4. Find all solutions in pairs of Gaussian integers (x, y) of each of these linear diophantine equations. a) (3 + 2i) x +Sy= 7i
b) 5x + (2 - i) y= 3
5. Find all solutions in pairs of Gaussian integers (x, y) of each of the following linear diophan tine equations. a) (3 + 4i) x + (3 - i) y= 7i
b) (7 + i) x + (7 - i) y= 1
6. Explain how to solve a linear diophantine equation of the form ax + f3 y + 8 z= y, where a,
{3, 8, and y are Gaussian integers, so that the solution (x, y, z) is a triple of Gaussian integers. 7. Prove the uniqueness part of Theorem 14.11. That is, show that if p is a prime of the form
4k + 1 and p = a2 + b2 = c2 + d2 where a, b, c and d are integers, then either a2 = c2 and b2= d2 or a2= d2 and b2= c2.
8. In this exercise, we will use the Gaussian integers to find the solutions in pairs (x, y) of rational integers of the diophantine equation x2 + 1 = y3. a) Show that if x and y are integers such that x2 + 1= y3, then x - i and x + i are relatively prime. b) Show that there are integers r and s such that x= r3 - 3rs2 and 3r2s - s3= 1. (Hint:
Use part (a) and Exercise 10 in Section 14.2 to show that there is a unit E and a Gaussian integer 8 such that x + i = (E8)3.)
c) Find all solutions in integers x2 + 1= y3 by analyzing the equations for r and s in part (b).
9. Use the Gaussian integers to prove Theorem 13.1 in Section 13.1, which gives primitive Pythagorean triples, that is, solutions of the equation x2 + y2= z2 in integers x, y, and
z, where x, y, and z are pairwise relatively prime. (Hint: Begin with the factorization x2 + y2 = (x + iy) (x - iy) . Show that x + iy and x - iy are relatively prime Gaussian integers, and then use Exercise 10 in Section 14.1.)
604
*
The Gaussian Integers 10. Use the Gaussian integers to find all solutions of the diophantine equation rational integers x, y, and z.
*
x2 + y2
=
z 3 in
11. Prove the analog of Fermat's little theorem for the Gaussian integers, which states that if a and n are relatively prime, then
aN(n)-l
=
1(mod n).
(Hint: Suppose that p is the unique = 1(mod 4), p = 2(mod 4),
rational prime withn Ip. Consider separately the cases where p and p
=
3(mod 4).)
12. Define
y is a Gaussian integer, to be the number of elements in a reduced residue
y. Prove the analog of Euler's theorem for the Gaussian integers, which states a is a Gaussian integer that is relatively prime to y, then
that if y is a Gaussian integer and
a
=
1(mod
y).
13. Prove the analog of Wilson's theorem for the Gaussian integers, which states that if n is a Gaussian prime and
{ai. a2, ... , a,} is a reduced system of residues modulo n, then
14. Show that in the Eisenstein integers(defined in Exercise a) the rational prime
42 in Section 14.2),
2 is an Eisenstein prime.
b) a rational prime of the form
3k + 2, where k is a positive integer, is an Eisenstein prime.
c) a rational prime of the form
3k + 1, where k is a positive integer, factors into the product
of two primes that are not associates of one another.
Computations and Explorations 23 and 32 are the only powers of rational integers that differ by 1. An open question for Gaussian integers is to find all powers of Gaussian integers that differ by a unit. Show that(11 + 1 li)2 and (3i)5, (1 - i)5 and (1 + 2i)2, and (78 + 78i)2 and (23i)3 are such pairs of powers. Can
1. In Chapter 13, we mentioned that Catalan's conjecture has been settled, showing that
you find other such pairs?
(3 + 13i)3 + (7 + i)3 (3 + 10i)3 + (1 + 10i)3, (6 + 3i)4 + (2 + 6i)4 (4 + 2i)4 + (2 + i)4, (2 + 3i)5 + (2 - 3i)5 35 + 1, (1 + 6i)5 + (3 - 2i)5 (6 + i)5 + (-2 + 3i)5, (9 + 6i)5 + (3 - 10i)5 (6 + i)5 + (6 - 5i)5, and (1 5 + 14i)5 + (5 - 18i)5 (18 7i)5 + (2 + 3i)5. Can you find other solutions of the equation xn + yn wn + zn, where
2. Show that
=
=
=
=
=
=
=
x, y, z, and w are Gaussian integers and
n
is a positive integer?
3. Show that Beal's conjecture, which asserts that there are no nontrivial solutions of the diophantine equationxa + yb zc, where a, b, andc are integers with a� 3, b � 3, andc � 3, =
does not hold when x, y, and z are allowed to be pairwise relatively prime Gaussian integers by showing that
(-2 + i)3 + (-2 - i)3
=
(1
+ i)4. Can you find other counterexamples?
Programming Projects 1. Find the number of ways to write a positive integer 2. Find all representations of a positive integer
n
n
as the sum of two squares.
as the sum of two squares.
Axioms for the Set
A
of Integers
In this appendix, we state a collection of fundamental properties for the set of
integers
{..., -2, -1, 0, 1, 2, ...} that we have taken as axioms in the main body of the text. These properties provide the foundations for proving results in number theory.We begin with properties dealing with addition and multiplication. As usual, we denote the sum and product of
a and b by a+ b and a·b, respectively. Following convention, we write
ab for a·b. •
Closure: a+ b and a·b are integers whenever a and b are integers.
•
Commutative laws: a+ b=b+a and a·b=b·a for all integers a and b.
•
Associative laws: (a+ b) + c=a+ (b+ c) and (a·b) ·c=a·(b·c) for all integers a, b, and c .
•
Distributive law: (a+ b) ·c=a·c+ b·c for all integers a, b, and c.
•
Identity elements: a+ 0=a and a· 1=a for all integers a.
•
•
Additive inverse: For every integer a there is an integer solution x to the equation a+x=O; this integer xis called the additive inverse of a and is denoted by -a. By b - a, we mean b+(-a). Cancellation law: If a, b, and care integers with a·c=b·c, c ¥=- 0, then a=b. We can use these axioms and the usual properties of equality to establish additional
properties of integers.An example illustrating how this is done follows. In the main body of the text, results that are easily proved from these axioms are used without comment. Example A.1.
To show that
0· a=0, begin with the equation 0+0=O; this holds because 0 is an identity element for addition. Next, multiply both sides by a to obtain (0+0) ·a=0 a. By the distributive law, the left-hand side of this equation equals (0+ 0) a=0·a+ 0 a. Hence, 0·a+0·a=0·a. Next, subtract 0·a from both sides (which is the same as adding the inverse of 0·a). Using the associative law for addition and the fact that 0 is an additive identity element, the left-hand side becomes 0·a+ (0·a 0·a) =0·a+ 0=0·a. The right-hand side becomes 0·a 0·a=0. We conclude that 0·a=0. ..,.. ·
·
·
-
Ordering of integers is defined using the set of positive
-
integers { 1, 2, 3, ...} . We
have the following definition. Definition.
If
a and b are integers, then a < b if b - a is a positive integer.If a < b, we also write b >a. 605
606
Axioms for the Set of Integers Note that a is a positive integer if and only if a> 0. The fundamental properties of ordering of integers follow. •
•
Closure for the positive integers: a + b and a · b are positive integers whenever a and b are positive integers. Trichotomy law: For every integer a, exactly one of the statements a> 0, a= 0, and a< 0 is true. The set of integers is said to be an ordered set because it has a subset that is closed
under addition and multiplication and because the trichotomy law holds for every integer. Basic properties of ordering of integers can now be proved using our axioms, as the following example shows. Throughout the text, we have used without proof properties of ordering that easily follow from our axioms.
Example A.2. Suppose that a, b, and c are integers with a< b and c> 0. We can show that ac< be. First, note that by the definition of a < b we have b - a> 0. Because the set of positive integers is closed under multiplication, c(b - a)> 0. Because ..,.. c(b - a)= cb - ca, it follows that ca< cb. We need one more property to complete our set of axioms. •
The well-ordering property: Every nonempty set of positive integers has a least ele ment. We say that the set of positive integers is well ordered. On the other hand, the set of all
integers is not well ordered, because there are sets of integers that do not have a smallest element (as the reader should verify). Note that the principle of mathematical induction discussed in Section 1.3 is a consequence of the set of axioms listed in this appendix. Sometimes, the principle of mathematical induction is taken as an axiom replacing the well-ordering property. W hen this is done, the well-ordering property follows as a consequence.
EXERCISES 1. Use the axioms for the set of integers to prove the following statements for all integers a, b,
and c
.
a) a· (b+c) =a· b+a· c
c) a+(b+c) = (c+a)+ b
b) (a+b)2 =a2 +2ab+ b2
d) (b - a)+ (c - b)+(a - c) =0
2. Use the axioms for the set of integers to prove the following statements for all integers a and b. a) (-1)· a =-a
c) (-a)· (-1) =ab
b) -(a· b) =a· (-b)
d) -(a+b) =(-a)+ (-b)
3. W hat is the value of -0? Give a reason for your answer.
Axioms for the Set of Integers
607
4. Use the axioms for the set of integers to show that if a and bare integers with ab= 0, then a= 0 or b= 0.
5. Show that an integer ais positive if and only if a> 0. 6. Use the definition of the ordering of integers, and the properties of the set of positive integers, to prove the following statements for integers a, b, and c with a
b)
2 a > 0
ac > be 3 d) c <0
c)
7. Show that if a, b, and c are integers with a> band b> c, then a> c. *
8. Show that there is no positive integer that is less than 1.
B
Binomial Coefficients
Sums of two terms are called
binomial expressions. Powers of binomial expressions are
used throughout number theory and throughout mathematics. In this section, we will define the
binomial coefficients and show that these are precisely the coefficients that
arise in expansions of powers of binomial expressions.
Definition.
Let
(�) is defined by
m and k be nonnegative integers with k ::=:: m. T he binomial coefficient
() m k
W hen
m! - k!(m - k)!.
k and m are positive integers with k
In computing
() m k
>
m, we define
(�)
=
0.
(�) , we see that there is a good deal of cancellation, because m!
=
k!(m - k)!
=
1·2·3···(m - k) (m - k + 1) ···(m - l)m k! 1·2·3·· ·(m - k) (m - k + 1) ···(m - l)m k!
Example B.1.
To evaluate the binomial coefficient
G), we note that
() 7
7! 1·2·3·4·5·6·7 5·6·7 - 35. - 3!4! 1. 2. 3 3 1 . 2 . 3 . 1 . 2. 3 . 4
We now prove some simple properties of binomial coefficients.
608
Binomial Coefficients Theorem B.1. (i)
(ii)
Proof
Let
n and k be nonnegative integers with k ::::; n. Then
(�) (:) (�) ( ) =
=
n
=
609
n
k
1, and .
To see that (i) is true, note that
() n
� _n! _ 1 0 O!n! n!
and
()
n! _ � 1 n!O! n! n n
To verify
-
·
(ii), we see that
(�)-
n
�
k!(n
(n - k)!(n k)!
� (n - k))!-(n � k) ·
n
•
An important property of binomial coefficients is the following identity.
Theorem B.2.
Proof
Pascal's Identity.
Let
n and k be positive integers with n
�
k. Then
We perform the addition
(�) ( ) n
+
1
k
n =
k!(n
by using the common denominator
() ( ) k
+
k- 1
+
(k - l)!
(;�
k + l)!
k!(n - k + l)!. This gives
n
n
� k)!
=
n!(n - k + 1) k!(n - k + l)! n!((n - k + 1)
+ +
n!k k!(n - k + l)! k)
k!(n - k + l)! n!(n + 1) k!(n - k + l)! (n + l)! k!(n - k + l)! •
c
B.2, we can construct Pascal's triangle, named after French math ematician Blaise Pascal, who used the binomial coefficients in his analysis of gambling games. In Pascal's triangle, the binomial coefficient (i) is the (k + l)st number in the Using T heorem
61 O
Binomial Coefficients
(n + l)st row. The first nine rows of Pascal's triangle are displayed in Figure B.1. Pas cal's triangle appeared in Indian and Islamic mathematics several hundred years before it was studied by Pascal. 1 12 1 1 3 31 1 4 64 1 1 51010 51 1 615 20 15 61 1 7 21 35 35 21 7 1 1 8 28
56 70 56 2 8 8 1
Figure B.1 Pascal's triangle. We see that the exterior numbers in the triangle
are all
1. To find an interior number,
we simply add the two numbers in the positions above, and to either side, of the position being filled. From Theorem B.2, this yields the correct integer. Binomial coefficients occur is described by the
Theorem B.3.
occur in
the expansion of powers of sums. Exactly how they
binomial theorem.
The Binomial Theorem.
Let
x
and y be variable, and
n be a positive
integer. Then
or, using summation notation,
BLAISE PASCAL (1623-1662) exhibited his mathematical talents early
even
though his father, who had made discoveries in analytic geometry, kept math ematical books from him to encourage his other interests. At 16, Pascal dis covered
an important result concerning conic sections. At 18 , he designed a
calculating machine, which he had built and successfully sold. Later, Pascal made substantial contributions to hydrostatics. Pascal, together with Fermat. laid the foundations for the modem theory of probability. It was in his work on probability that Pascal made new discoveries concerning what is now called Pascal's triangle, and gave what is considered to be the first lucid description of the principle of mathematical induction. In1654, catalyzed by an intense religious experience, Pascal abandoned his mathematical and scientific pursuits to devote himself to theology. He returned to mathematics only once: one night, he had insomnia caused by the discomfort of a toothache and, as a distraction, he smdied the mathematical properties of the cycloid. Miraculously, his pain subsided, which he took as a signal of divine approval of the study of mathematics.
Binomial Coefficients
(x + y)" = Proof.
611
n x•-iyi.
t() j=O
We use mathematical induction. W hen
]
n = 1, according to the binomial theorem,
the formula becomes
(x + y)l =
(�) xiyo (�) xoy1. +
(�) = G) = 1, this states that (x + y)1 =x + y, which is obviously true. We now assume that the theorem is true for the positive integer n, that is, we assume
But because
that
(x + y)• =
t() j=O
� x•-iyi. ]
We must now verify that the corresponding formula holds with
n. Hence, we have (x + y)n+l =(x + y)n(x + y)
n replaced by n + 1,
assuming the result holds for
n x•-iyi (x + y)
[t ( ) ] t e) t ( ) t() t() =
=
1=0
j=O
]
]
x•-i+lyj +
j=O
� x•-iyi+l. ]
We see, by removing terms from the sums and subsequently shifting indices, that
j=O
n x•-i+lyi =x•+l + ]
n x•-i+lyi
j=l
]
and
Hence, we find that
(x + y)"+l =x•+l + By Pascal's identity, we have
� [ (;) c � ) ] x•-i+lyi +
,
+
ri .
Binomial Coefficients
612
This establishes the theorem.
(n
•
The binomial theorem shows that the coefficients of
(x+ y)n are the numbers in the
+ l)st row of Pascal's triangle.
We now illustrate one use of the binomial theorem.
Corollary B.1.
Let
n be a nonnegative integer. Then
2" = (1 + 1)" =
t n 1•-
j=O
Proof
Let
]
j ti
=
x= 1 and y=1 in the binomial theorem.
n
t( )
j=O
Corollary B.1 shows that if we add all elements of the triangle, we get
]
. •
(n
2n. For instance , for the fifth row, we find that
+ l)st row of Pascal's
(�) + (�) + (�) + (�) + (�) = 1+4+6+4+ 1=16=24• EXERCISES 1.
Find the value of each of the following binomial coefficients.
(1�0) b) (5?)
(�0) o G�) Find the binomial coefficients (�), (�), and (�0), and verify that (�) + (�)= (�0). a)
2.
(2�) 1 d) (� )
c)
e)
3. Use the binomial theorem to write out all terms in the expansions of the following expressions.
- n)1 e) (3x - 4y)5 f) (5x+ 7)8 d) (2a+ 3b)4 What is the coefficient of x99y1 01 in (2x+ 3y)200?
(a+ b)5 1 b) (x+ y) 0 a)
4.
5. Let
c)
(m
n be a positive integer. Using the binomial theorem to expand
6. Use Corollary B
.1 and Exercise 5 to find
(�) (;) (:) +
+
+ ...
(
(1 + -1) )ll, show that
Binomial Coefficients
613
and
(�) (�) (�) +
+
+
.
.. .
7. Show that if n, r, and k are integers with 0:::; k:::; r :::; n, then
*
8. What is the largest value of
(�), where m is a positive integer and n is an integer such that
0:::; n :::; m? Justify your answer. 9. Show that
(�) ( � 1) +
r
+
.
.. +
(;) (; : �). =
where n and r are integers with 1 :::; r :::; n.
(�), where x is a real number and n is a positive integer, can be defined recursively by the equations G) x and
The binomial coefficients
=
() ) ( : 1 : �� : =
n
.
10. Show from the recursive definition that if x is a positive integer, then is a integer with 1 :::; k:::;
G)
=
k!
(:2k) ! , where k
x.
11. Show from the recursive definition that if x is a positive integer, then whenever n is a positive integer.
12. Show that the binomial coefficient
(�) + (n: 1)
=
(�! D,
(�) , where n and k are integers with 0:::; k:::; n, gives the
number of subsets with k elements of a set with n elements.
13. Use Exercise
12
to give an alternate proof of the binomial theorem.
14. Let Sbe a set with n elements and let P1 and P2 be two properties that an element of Smay
have. Show that the number of elements of Spossessing neither property P1 nor property P2
is
n - [n(P1)
+
n(P2) - n(Pi. P2)],
where n(P1), n(P2), and n(Pi. P2) are the number of elements of S with property Pi. with property P2, and both properties P1 and P2, respectively.
15. Let Sbe a set with n elements and let Pi. P2, and P3 be three properties that an element S may have. Show that the number of elements of Spossessing none of the properties Pi. P2, and P3 is
n - [n(P1)
+
n(P2) + n(P3)]
- n(Pi. P2) - n(Pi. P3) - n(P2, P3) where n(Pi1, *
•
•
•
+
n(Pi. P2, P 3)],
, Pik) is the number of elements of Swith properties Pi1
•
•
•
, Pik·
16. In this exercise, we develop the principle of inclusion-exclusion. Suppose that Sis a set with
n elements and let Pi. P2, ... , P1 bet different properties that an element of Smay have.
Binomial Coefficients
614
Show that the number of elements of S possessing
n - [n(P1) + n(P2) +
·
·
·
none of the t
+ n(Pt)]
+ [n(Pi. P2) + n(Pi. P3) +
·
·
·
+ n(Pt-1• Pt)]
[n(Pi. P2, P3) + n(Pi. P2, P4) + t + (-l) n(Pi. P2, ... , Pt), + ·
where n(Pi1, Pi2,
Pi1, Pi2,
•
•
•
, Pi i.
•
·
properties is
·
·
·
+ n(Pt-2• Pt-1• Pt)]
·
, Pi ) is the number of elements of S possessing all of the properties i The first expression in brackets contains a term for each property, the •
•
second expression in brackets contains terms for all combinations of two properties, the third expression contains terms for all combinations of three properties, and so forth.
(Hint:
For
each element of S, determine the number of times it is counted in the above expression. If an element has k of the properties, show that it is counted 1 this is 0 when k *
17.
>
0, by Exercise 5.)
What are the coefficients of (x1 + x2 +
coefficients. 18. 19.
·
·
·
(�) + (�) -
·
·
·
+ (-l)k
(�) times;
+ xm)"? These coefficients are called multinomial
Write out all terms in the expansion of (x + y + z)7.
2 3 What is the coefficient of x y4z5 in the expansion of (2x - 3y + 5z)1 ?
COMPUTATIONAL AND PROGRAMMING EXERCISES 1.
Find the least integer
n
such that there is a binomial coefficient
G), where k is a positive
integer greater than 1,000,000.
Programming Projects 1.
Evaluate binomial coefficients.
2. Given a positive integer n, print out the first
n
rows of Pascal's triangle.
3. Expand (x + y)n, given a positive integer n, using the binomial theorem.
Using Maple and Mathematica
c
for Number Theory
Investigating questions in number theory often requires computations with large integers. Fortunately, there are many tools available today that can be used for such computations. This appendix describes how two of the most popular of these tools, Maple and Mathe
matica, can be used to perform computations in number theory. We will concentrate on existing commands in these two systems, both of which support extensive programming environments that can be used to create useful programs for studying number theory. We will not describe these programming environments here.
C.1
Using Maple for Number Theory The Maple system is a comprehensive environment for numerical and symbolic compu tations. It can also be used to develop additional functionality. We will briefly describe
c
some of the existing support for number theory in Maple. For additional information about Maple, consult the Maple Web site at http://www.maplesoft.com. In Maple, commands for computations in number theory can be found in the
numtheory package. Some useful commands for number theory
are
included in the
standard set of Maple commands, and a few are found in other packages, such as the
combinat package of combinatorics commands. You need to let Maple know when you want to use one or more commands from a package. This can be done in two ways: You can either load the package and then use any of its commands, or you can prepend the name of the package to a particular command. For example, after running the command with (numtheory), you can use commands from the numtheory package as you would standard commands. You can also run commands from this package by simply prepending the name of the package before the command. You will need to do this every time you use a command from the package, unless you run the with (numtheory) command. Additional Maple commands for number theory can be found in the Maple V Share Library, which can be accessed at the Maplesoft Application Center on the Web. A useful reference for using Maple to explore number theory (and other topics in dis crete mathematics) is Exploring Discrete Mathematics with Maple [Ro97] (an updated version available will available at the Web site for the seventh edition of [Ro07]). This book explains how to use Maple to find greatest common divisors and least common mul tiples, apply the Chinese remainder theorem, factor integers, run primality tests, find base
b expansions, encrypt and decrypt using classical ciphers and the RSA cryptosystem, and 615
616
Using Maple and Mathematica for Number Theory perform other number theoretic computations. Also, Maple worksheets for number the
G
ory and cryptography, written by John Cosgrave for a course at St. Patrick's College in Dublin, Ireland, can be found at http://www.spd.dcu.ie/johnbcos/Maple_3rd_year.htm.
Maple Number Theory Commands The Maple commands relevant to material in this text are presented according to the chapter in which that material is covered. These commands are useful for checking com putations in the text, for working or checking some exercises, and for the computations and explorations at the end of each section. Furthermore, programs in Maple can be written for many of the explorations and programming projects listed at the end of each section. For information about programming in Maple, consult the appropriate Maple ref erence materials, such as the introductory and advanced programming guides available on the Maplesoft Web site.
Chapter 1 combinat [fibonacci] (n) computes the nth Fibonacci number. iquo (inti, int2) computes the quotient when inti is divided by int2. irem (inti· int2) computes the remainder when int 1 is divided by int2. floor (expr) computes the largest integer less than or equal to the real expression expr. numtheory [divisors] (n) computes the positive divisors of the integer n. Maple code for investigating the Collatz 3x + 1 problem has been written by Gaston Gannet and is available in the Maple V Release 5 Share Library.
Chapter2 convert (int, base, posint) converts the integer int in decimal notation to a list representing its digits base posint. convert (int, binary) converts the integer int in decimal notation to its binary equiv alent.
convert (int ,hex) converts the integer int in decimal notation to its hexadecimal equivalent.
convert (bin, decimal,binary) converts the integer bin in binary notation to its decimal equivalent.
convert (oct, decimal, octal) converts the integer oct in octal notation to its decimal equivalent.
convert (hex, decimal, octal) converts the integer hex in hexadecimal notation to its decimal equivalent.
Chapter3 isprime (n) tests whether n is prime. ithprime (n) calculates the nth prime number where n is a positive integer.
C.1 Using Maple for Number Theory
617
prevprime (n) calculates the largest prime smaller than the integer n. numbertheory[fermat] (n) calculates the nth Fermat number. ifactor(n) finds the prime-power factorization of an integer n. ifactors (n) finds the prime integer factors of an integer n. igcd (inti. ..., intn) computes the greatest common divisor of integers inti. ..., intn igcdex (inti. int2) computes the greatest common divisor of the integers inti and int2 using the extended Euclidean algorithm, which also expresses the greatest common divisor as a linear combination of inti and int2•
i 1 cm (inth ..., intn ) computes the least common multiple of the integers inth ..., intnChapter 4 The operator mod can be used in Maple; for example, 17 mod 4 tells Maple to reduce 17 to its least residue modulo 4.
msolve (eqn, m) finds the integer solutions modulo m of the equation eqn. chrem ([ni ..., nr], [mi. ..., mrD computes the unique positive integer int such that int mod mi= ni for i = 1,
. . . , r.
Chapter 6 numtheory[phi] (n) computes the value of the Euler phi function at n. Chapter 7 numtheory[invphi] (n) computes the positive integers m with
n
numtheory[mersenne] (n) determines whether the nth Mersenne number Mn= 2 1 is prime.
numtheory[mobius] (n) computes the value of the Mobius function at the integer n. combinat [partition] (n) lists all partitions of the positive integer n. combinat [partition] (n, m) lists all patitions of the positive integer n with all parts not exceeding m.
Chapter 9 numtheory[order] (ni. n2) computes the order of ni modulo n2. numtheory[primroot] (n) computes the smallest primitive root modulo n. numtheory [mlog] (ni. n2, n3) computes the index, or discrete logarithm, of ni to the base n2 modulo n3. (The function numtheory [index] (ni. n2, n3) is identical to this function.)
618
Using Maple and Mathematica for Number Theory
nurntheory [lambda] (n) computes the minimal universal exponent of n. Chapter 11
nurntheory [quadres] (int i. int 2) determines whetherint1 is a quadratic residue mod uloint 2.
nurntheory [legendre] (ni. n2) computes the value of the Legendre symbol nurntheory [j acobi] Cni. n2) computes the value of the Jacobi symbol
( :�).
( :�).
nurntheory [rnsqrt] Cni. n2) computes the square root of n1 modulon2. Chapter 12
nurntheory [pdexpand] (rat ) computes the periodic decimal expansion of the rational numberrat.
nurntheory [cfrac] (rat ) computes the continued fraction of the rational numberrat. nurntheory [invcfrac] (cf) converts a periodic continued fraction cf to a quadratic irrational number.
Chapter 13
nurntheory [surn2sqr] (n) computes all sums of two squares that sum ton. Chapter 14 Maple supports a special package for working with Gaussian integers. To use the com mands in this package, first run the command
with(Gauss!nt); After running this command, you can add, subtract, multiply, and form powers of Gaussian integers using the same operators as you ordinarily do. Maple requires that you enter the Gaussian integer a+ib as a+ b*I. (That is, you must include the* operator between b and the letter I, which Maple uses to represent the imaginary numberi .)
Gauss Int [Ginearest] (c) returns the Gaussian integer closest to the complex number
c,
where the Gaussian integer of smallest norm is chosen in the case of ties.
Gauss Int [Giquo] (m, n) finds the Gaussian integer quotient whenm is divided byn. Gaussint [Girern] (m, n) finds the remainder Gaussian integer divisor when m is divided byn.
Gaussint [Ginorrn] (m) gives the norm of the complex numberm. Gauss Int [Giprirne] (m) returns true whenm is a Gaussian prime and false otherwise. Gauss Int [Gifactor] (m) returns a factorization ofm into a unit and Gaussian primes. Gaussint [Gifactors] (m) finds a unit and Gaussian prime factors and their multi plicities in a factorization of the Gaussian integerm.
Gauss Int [Gisieve] (m), wherem is a positive integer, generates a list of Gauss primes
2 a+ib with 0 � a �b and norm not exceedingm .
C.2 Using Mathematica for Number Theory
619
Gauss!nt [Gidivisor] (m) finds the set of divisors of the Gaussian integer min the
first quadrant. Gauss Int [Ginodiv] (m) computes the number of nonassociated divisors of m. Gauss!nt [Gigcd] (mi. m2, ..., mr) finds the greatest common divisor in the first
quadrant of the Gaussian integers mi. m2, ..., mr. Gauss Int [Gigcdex] (a, b, 's', 't ') finds the greatest common divisor in the first
quadrant of the Gaussian integers a and b and finds integers s and t such that as as + ht equals this greatest common divisor. Gauss!nt [Gichrem] ([a0, ai. ..., ar], [u0, ui. ..., urD computes the unique Gaus
sian integer m such that m is congruent to ai modulo ui for i
=
1, 2, . . . , r.
Gauss!nt [Gilcm] (ai. ..., ar) finds the least common multiple in the first quadrant
(that is, with positive real part and nonnegative part), in terms of norm, of the Gaussian integers ai. ..., ar. Gauss Int [Giphi] (n) returns the number of Gaussian integers in a reduced residue set
modulo n, where n is a Gaussian integer. Gauss Int [Giquadres] (a, b) returns 1 if the Gaussian integer a is a quadratic residue
of the Gaussian integer b and -1 if a is a quadratic nonresidue of b.
Appendices binomial (n, r) computes the binomial coefficient n chooser.
C.2
Using Mathematica for Number Theory The Mathematica system provides a comprehensive environment for numerical and symbolic computations. It can also be used to develop additional functionality. We will describe the existing Mathematica support for computations relating to the number theory covered in this text. For additional information on Mathematica, consult the
Mathematica Web site at http://www.mathematica.com. Mathematica supports many number theory commands as part of its basic system. Additional number theory commands can be found in Mathematica packages that are collections of programs implementing functions in particular areas. The Mathematica system bundles some add-on packages, called standard packages, with its basic of ferings. These standard packages include a group supporting commands for functions from number theory, including ContinuedFractions,
FactorintegerECM,
Num
berTheoryFunctions, and PrimeQ. There are other Mathematica packages that can
be obtained using the Internet; access them at http://www.mathsource.com. Consult the
Mathematica Book [Wo03] to learn how to load and use them. You cannot use a command form package without having first told Mathematica that you want to run commands from this package, which is done by loading it. For example, to load the package NumberTheoryFunctions, use the command
620
Using Maple and Mathematica for Number Theory In[1] :=NurnberTheory'NurnberTheoryFunctions' Another resource for using Mathematica for number theory computations is Math
ematica in Action by Stan Wagon [Wa99]. This book contains useful discussions of how to use Mathematica to investigate large primes, run extended versions of the Euclidean algorithm, solve linear diophantine equations, use the Chinese remainder theorem, work with continued fractions, and generate prime certificates.
Number Theory Commands in Mathematica The Mathematica commands relevant to material covered in this book are presented here according to the chapter in which that material is covered. (The command for loading these functions if they are part of add-on packages is also provided.) These commands are useful for checking computations in the text, for working or checking some of the exercises, and for the computations and explorations at the end of each section. Fur thermore, it is possible to write programs in Mathematica for many of the explorations and programming projects listed at the end of each section. Consult Mathematica ref erence materials, such as the Mathematica Book [Wo03], for information about writing programs in Mathematica.
Chapter 1 Fibonacci [n] gives the nth Fibonacci number fnQuotient [m, n] gives the integer quotient whenm is divided by n. Mod [rn, n] gives the remainder when m is divided by n. The Collatz (3x + 1) problem has been implemented in Mathematica by Ilan Vardi. You can access this Mathematica package at http://library.wolfram.com/infocenter/ Demos/153/.
Chapter 2 IntegerDigits[n b] gives a list of the base b digits of n. ,
Chapter 3 PrirneQ [n] produces output True if n is prime and False if n is not prime. Prime[n] gives the nth prime number. PrirnePi[x] gives the number of primes less than or equal to x. In[1] :=NurnberTheory'NurnberTheoryFunctions' NextPrirne [n] gives the smallest prime larger than n. GCD [ni. n2, ..., nk] gives the greatest common divisor of the integers ni. n2, ..., nk. ExtendedGCD [n, m] gives the extended greatest common divisor of the integers n andm.
LCM [ni. n2, ..., nk] gives the least common multiple of the integers ni. n2, ..., nk. Factor Integer[n] produces a list of the prime factors of n and their exponents.
C.2 Using Mathematica for Number Theory
621
Divisors[n] gives a list of the integers that divide n. IntegerExponent[n, b] gives the highest power of b that divides n. In[1] :=NumberTheory'NumberTheoryFunctions' SquareFreeQ [n] returns True if n contains a squared factor and False otherwise. In[1] :=NumberTheory'FactorintegerECM' FactorintegerECM[n] gives a factor of a composite integer n produced using Lenstra's elliptic curve factorization method.
Chapter 4 Mod[k, n] gives the least nonnegative residue of k modulo n. Mod[k, n, lJ gives the least positive residue of k modulo n. Mod[k, n, -n/2] gives the absolute least residue of k modulo n. PowerMod [a, b, n] gives the value of ab mod n. Taking b
=
-1 gives the inverse of
a
modulo n, if it exists.
In[1] :=NumberTheory'NumberTheoryFunctions' ChineseRemainder [listi. list2] gives the smallest nonnegative integer r such that Mod [r, list2] equals list1. (For example, ChineseRemainder[{ri. r2}, {m1m2}J pro duces the solution of the simultaneous congruence
x =
r1 mod m1 and x
=
r2 mod m2.)
Chapter 6 EulerPhi[n] gives the value of the Euler phi function at n.
Chapter 7 DivisorSigma[k, n] gives the value of the sum of the kth powers of divisors function at n. Taking k
=
1 gives the sum of divisors function at n. Taking k
=
0 gives the number
of divisors of n.
MoebiusMu[n] gives the value of µ,(n). PartitionsP[n] gives p(n), the number of partitions of the positive integer n. IntegerPartitions[n] gives a list of all partitions of the integer n. IntegerParti tions[n, k] gives a list of partitions of n into at most k integers.
Chapter 8 T he RSA Public Key Cryptosystem has been implemented in Mathematica by Stephan Kaufmann. You can obtain the Mathematica package, instructions for how to use it, and a Mathematica notebook at http://library.wolfram.com/infocenter/MathSource/1966/.
Chapter 9 MultiplicativeOrder[k, n] gives the order of k modulo n. PrimitiveRoot[n] gives a primitive root of n when n has a primitive root, and does not evaluate when it does not.
622
Using Maple and Mathematica for Number Theory
In[1]:=NumberTheory'PrimeQ' PrimeQCertif icate [n] produces a certificate verifying that n is prime or composite. CarmichaelLambda [n] gives the minimal universal exponent A.(n). Chapter 11
JacobiSymbol [n , m] gives the value of the Jacobi symbol
(�) .
SqrtMod[d, n] gives a square root of d modulo n for odd n. Chapter 12
RealDigits [x] gives a list of the digits in the decimal expansion of x. RealDigits[x, b] gives a list of the digits in the base b expansion of x. The following functions dealing with decimal expansions are part of the Number
Theory'ContinuedFractions' package .Load this package using In[1]:=Number Theory' Continued Fractions' before using them. PeriodicForm[{a0, ... , {am, ...}}, exp] presents a repeated decimal expansion in terms of a preperiodic and a periodic part.
PeriodicForm[{a0, ..., {am, ...}}, expr, b] represents a base b expansion. Normal [PeriodicForm [args]] gives the rational number corresponding to a decimal expansion. The following functions dealing with continued fractions are part of the Number
Theory'Continued Fractions' package.Load this package using In[1]:=Number Theory'Continued Fractions' before using them. ContinuedFraction[x, n] gives the first n terms of the continued fraction expansion of
x.
ContinuedFraction [x] gives the complete continued fraction expansion of a qua dratic irrational number.
FromContinued Fraction [list] finds a number from its continued fraction expan s10n.
ContinuedFractionForm[{a0, ai. ...}] represents the continued fraction with partial quotients ao, a1 ...
ContinuedFractionForm [{a0, ai. ..., {p0, Pi. ...}}] represents the continued frac tion with partial quotients a0, a1 ... and additional quotients Pi. p2, .... Normal [ContinuedFractionForm [quotients]] gives the rational or quadratic irra tional number corresponding to the given continued fraction.
Convergents [rat] gives the convergents for all terms of the continued fraction of a rational or quadratic irrational
x.
Convergents [num, terms] gives the convergents for the given number of terms of the continued fraction expansion of
num.
Convergents [cf] gives the convergents for the particular continued fraction c f re turned from ContinuedFraction or ContinuedFractionForm.
C.2 Using Mathematica for Number Theory
623
QuadraticirrationalQ [expr] tests whether expr is a quadratic irrational. Chapter 14 Divisors [n, Gaussianlntegers
->
True] lists all Gaussian integer divisors of the
Gaussian integer n.
DivisorSigma [k, n, Gaussianlntegers
->
True] gives the sum of the kth powers of
the Gaussian integer divisors of the Gaussian integer n.
Factor!nteger [n, Gaussianlntegers
->
True] produces a list of the Gaussian prime
factors of the Gaussian integer n with positive real parts, and nonnegative imaginary parts, their exponents, and a unit.
PrimeQ [n, Gaussianlntegers
->
True] returns the value of True if n is a Gaussian
prime and False otherwise.
Appendices Binomial [n, m] gives the values of the binomial coefficient
(� ) .
D
Number Theory Web Links
In this appendix, we provide an annotated list of key number theory Web sites. These sites are excellent starting points for an exploration of number theory resources on the Web. At the time of publication of this book, these sites could be found at the URLs listed here. However, with the ephemeral nature of the Web, the addresses of these sites may change, they may cease to exist, or their content may change, and neither the author nor the publisher of this book is able to vouch for the contents of these sites. If you have trouble locating these sites, you may want to try using a search engine to see whether they can be found at a new URL. You will also want to consult the comprehensive guide to all the Web references for this book at http://www.awlonline.com/rosen. This guide will help you locate some of the more difficult-to-find sites relevant to number theory and to cryptography.
The Fibonacci Numbers and the Golden Section (http://www.maths.surrey.ac.uk /hosted-sites/R.KnottJFibonacci/) An amazing collection of information about the Fibonacci numbers, including their history, where they arise in nature, puzzles involving the Fibonacci numbers, and their mathematical properties can be found on this site. Additional material addresses the golden section. An extensive collection of links to other sites makes this an excellent place to start your exploration for information about Fibonacci numbers.
The Prime Pages (http://www.utm.edu/research/primes/) This is the premier site for information about prime numbers. You can find a glossary, primers, articles, the Prime FAQ, current records, conjectures, extensive lists of primes and prime factorizations, as well as links to other sites, including those that provide useful software. This is a great site for exploring the world of primes!
The Great Internet Prime Search (http://www.mersenne.org) Find the latest discoveries about Mersenne primes at this site. You can download software from this site to search for Mersenne primes, as well as primes of other special forms. Links to other sites related to searching for primes and factoring are provided. This is the site to visit to sign up for the communal search for a new prime of world-record size! 624
Number Theory Web Links
625
The MacTutor History of Mathematics Archives (http://www-groups.dcs.st-and.ac. uk/history/index.html) This is the main site to visit for biographies of mathematicians. Hundreds of important mathematicians from ancient to modem times are covered. You can also find essays on the history of important mathematical topics, including the prime numbers and Fermat's last theorem. Frequently Asked Questions in Mathematics (http://www.cs.uwaterloo.ca/rvalopez o/math-faq/math-faq.html) This is a compilation of the frequently asked questions from the USENET newsgroup sci
.
math.
It contains several sections of questions relating to number theory, including
primes and Fermat's last theorem, as well as a potpourri of historical information and mathematical trivia. The Number Theory Web (http://www.numbertheory.org/ntw/web.html) This site provides an amazing collection to links to sites containing information relevant to number theory. You can find links to sites providing software for number theory cal culations, course notes, articles, online theses, historical and biographical information, conference information, job postings, and everything else on the Web related to number theory. RSA Labs-Cryptography FAQ (http://www.rsa.com/products/bsafe/documentation /crypto-c_me2lhtml/RSA_Labs_FAQ_4.1.pdf/) This site provides an excellent overview of modem cryptography. You can find de scriptions of cryptographic applications, cryptographic protocols, public and private key cryptosystems, and the mathematics behind them. The Mathematics of Fermat's Last Theorem (http://cgd.best.vwh.net/home/flt/fltOl .htm) This site provides an excellent introduction to Fermat's last theorem. It provides discus sions of each of the important topics involved in the proof of the theorem. NOVA Online-The Proof (http://www.pbs.org/wgbh/nova/proof) This site provides material relating to a television program on the proof of Fermat's last theorem. Included are transcripts of the program and of an interview with Andrew Wiles, as well as links to other sites on Fermat's last theorem.
E
Tables
Table E.1 gives the least prime factor of each odd positive integer less than 10,000 and not divisible by 5. T he initial digits of the integer are listed to the side, and the last digit is at the top of the column. Primes are indicated with a dash. The table is reprinted with permission from U. Dudley, Elementary Number Theory, Second Edition, Copyright© 1969 and 1978 by W. H. Freeman and Company. All rights reserved. Table E.3 gives the least primitive root r modulo p for each prime p, p
<
1000.
Table E.4 is reprinted with permission from J. V. Uspensky and M. A. Heaslet, Elemen tary Number Theory, McGraw-Hill Book Company. Copyright© 1939.
626
Tables
0 1 2 3 4 5 6 7
1
3
7
-
-
-
-
-
-
3 -
-
3 -
-
-
3 -
-
3 -
8
3
9
7
3
-
-
10 11
3
-
-
12 11
3
13
7
14 15
-
3 11 -
16
7
17
3
18 19 20 21
-
-
3 -
22 13 23 24 25 26 27 28
3 -
-
3 -
-
3 -
-
3 -
-
3 -
7 3 -
-
3 -
-
3 -
-
3
3 11 -
-
11 -
3 -
3 -
37
7
38
7
39 17
7 -
3 -
-
3
-
-
3 -
13 3 -
3
-
-
7
51
7
3
52
-
-
3 13 -
3 -
-
53 54
57
3
3
7
-
-
3 -
3 17 -
3 -
3 7 -
3
59
3
60
-
61 13 62 63
7
65 66
3 -
-
3 -
67 11 3 -
19 3 -
-
3 -
7 3
3 11 -
7 11
64
3
7
3 13 -
7
13 11
58
3
-
-
55 19 56
3
3 11
3
11
-
-
50
-
70
3
3
49
3
3 17
-
3 -
48 13
69
-
36 19
3
47
3 13
-
3
-
-
46
68
-
35
3
-
45 11
7 17
3
34 11
-
-
7
-
43
-
-
42 44
-
3 13
41
3
3
3
40
7
7
30
33
-
3
3
32
-
3 11
29 31
3
7
-
1
9
-
3 -
3 -
-
3 -
-
3 -
-
-
-
3
77
3
78 11 79
85 23
7
86
3 -
-
3
3 23 -
-
-
88 89
3 -
-
3
-
11 3 -
7 13 -
3
7 13
3 -
-
3
3
94
13
95
3
3 23 -
96 31
3
3
97
7
19
98
-
-
3 -
99
-
105 107
3
-
109 110
3
111 11 112 19
3
-
3 -
3 11
7
114
7
3
115
-
116 117 118
17
119
-
3 -
-
3
3
7
3
-
-
3
131 132
-
3 13
3
-
3
3
136
11
137
3 23
138
-
-
3 17
11
3 -
-
3 -
-
3 -
140
7
143
3
144 11 145 146
3
148
7
149
3 -
7
-
3 -
3 17 3
13 19
151 152 153
-
3 -
155
3 7
157 158
3 11
3
-
3
159 37
3
3 13 -
-
3 7
-
3
7 11
3 -
-
3 19
-
154 23
3
29 -
-
150 19
29
-
-
3 23
3 23
142
147
-
3 -
141 17
3 13 -
-
139 13
3 11
Table E.1 Factor table.
-
7
-
-
3 7 -
3
3 19
156
-
-
3
-
7 13
7
7
-
3
-
133 11 31
3
-
3
-
135
3 31 -
126 13
7
3
7
-
3
3 17
3
-
-
3 -
7
134
3
108 23
-
3 -
23 -
3
125
13
-
7
113
-
-
3
3 29
3
-
124 17 11 29
130
3 13
-
123
3
-
-
-
3 -
-
129
-
-
122
3
3 29
3
-
7
3 17 -
128
101
7
-
3
121
9
7
7 17 19
106
-
3 -
-
-
-
7
127 31 19
-
100
3
3
-
3
120
3
3
-
3
3 13 7
-
3 11
7
93
-
-
11
92
3
-
-
3 19
90 17
3 19 -
-
-
7
3 13
3 17
3
87 13
104
73 17
-
7
11
-
3
76
3
3
103
7
3
7
83
3
72
75
3
84 29
82
7
7
3
3
-
3
-
-
-
3
-
3
-
102
-
3 11
1
9
3 19
3 17
3
-
-
7
-
7
3 23
74
3 -
3
-
81
17 23
71
-
-
80
91
7
-
-
3
19
-
1
9
627
-
3 -
31
3 37 7 3 -
-
3 -
-
3 -
3 13
3
7
3
-
-
-
-
3
-
3 11
3
17 37
7
-
3 11
3 29 -
-
3
7 3 -
11 19 -
3
3 -
3 -
-
3 -
7 3
628
Tables
1 160 161 162
-
3 -
3 7 -
3
163
7 23
164
3 31
165 13 166 11
3 -
7
9
-
-
3 -
-
-
3 11
3 17 -
-
3 -
1 200 201
3 -
202 43 203 205
7
206
3
7
3 23
207 19
168 41
208
3
7
3
-
-
-
3 13
3
169 19 170
171 29 172 173 174
-
3 -
175 17
-
3 41
177
7
179 180 181 182 183
3
-
222
3 17
187
-
3
3
189 31
3
7
191
3
192 17 193 194 195
-
11 -
3 29 -
197 198
3 7
199 11
230
3 19
231
13 3
3 19
196 37 13 -
3 -
229 29
23
-
3 41 -
3
228
-
3 -
-
3
29 13 3
-
248
3 13
249 47 250 41 251 252 253
7
254
3 17
255
19
7
3 -
3 11
7 11
236
3
237
-
3 -
238 239
-
-
3
-
3 -
7 -
-
257
259
3 13
3 37
-
3
-
3 -
-
263
11
269
3
3
7
13 3 -
-
3
-
3 -
-
-
270 37
7 3
273
3
274
7
275
3 23 -
3 -
-
-
279
23 13
290
3
-
3
3 -
3
3 13 -
-
293
-
296 297
3 -
3
3
7
303
7
3
304
3 -
-
3
3 17 -
-
3 -
11
7
13 41 -
3
3 11 3
3 -
-
3 -
-
3 -
305 306
-
-
307 37 308
3
309 11
312
-
314
3
318
3
-
3 -
7 17 -
3
3 19
319
-
3
3 53 7
3 17 7 3
-
3 13 -
3 29 -
3 11 -
3 7 -
3 -
-
3 -
7 3 -
-
3 -
-
3 43
3 47
3
7
3
-
-
-
3 19 -
-
3 13
17 11
313 31 13
317
3
3
7
3 11
7
-
-
311
316 29
-
3 31 23
7 29 13
3
3
3
310
315 23
-
3
3 13
3 43 -
3 31 -
-
3 41 -
302
-
-
298 11 19 29
43 37 11
-
3 -
-
300
-
-
-
301
-
3
3 -
7
3
-
-
3
3 -
3
294 17
7
-
-
3
295 13
3
3
7
3
-
7 53
3
299
3
Table E.1 (continued)
3 -
7 23
3
-
3
292 23 37
277 17 47 278
3 13
288 43
9
7 47 19
7 11
7
276 11
287
-
3
289
3
3
37
-
-
3
-
-
286
3 19
-
-
3
3
7
3 11 -
7
7
266
285
-
3
265 11
7
3
-
17 43
3
268
7
-
-
284
-
291 41
264 19
3
-
3
3
267
-
-
7 -
3 43 -
3
31
3
3 11
3 31
258 29
3
-
-
1
7
262
-
3 -
3 11 -
3
3 17 -
3 -
-
-
256 13 11 17
233 234
3
7
3
-
3 11
247
7
3
283 19
-
246 23
272
235
-
3
232 11 23 13 17
-
3
245
3
-
7
11 29
271
-
282
-
3
-
3
3
-
3
7
3
7
3
7
3 29
3 17
227
3
281
19
3
7 31
-
41
-
3 19
226
-
280
261
3 -
3
260
225
3 -
3 29
47
3 11 -
-
-
223 23
7
3
-
224
-
190
-
9
7
3 13 -
43
-
-
188
3
3
7
244
3 11
220 31
3 31
185
-
-
3
221
7 19
3
-
217 13 41
7 23 17 3 11
-
3
7
3 13
-
3 11 -
219
3
3
216
-
7
3 11
-
215
-
242
3
243 11
3 31
3 37
-
-
-
218
-
184
186
214
3
-
-
1
3
3
3 23
7
3
-
-
3
213
3 29
241
210 11
212
-
3
-
3
7
-
240
7
3 37 7
7
3
209
11
-
3
-
211
3
7
9
-
3
-
3
7
-
3 17 -
176
178 13
-
-
3 19
204 13
3
167
3
3
3 11 -
31 23
3 7
Tables
1 320
3
321 13 322
-
3
-
3 11
323
3 53
324
7
325 326 327
-
330
339
-
3 -
-
3
342 11 343 47
368
3 -
-
3 -
31 3
3 47 -
-
7
3
3
7
-
-
-
7 13
354
3 -
-
3
355 53 11 356 357 358 359
3 -
-
3
3
381 37
-
3 -
-
385
-
3
-
3
7
387
7
3
388
3 -
-
3 -
3 13 53
389
-
-
393
-
3
413
3
3 7 -
7
3
7
3
3
7
441 11 442 443 444
-
445
7 13
446
3
447 17
17
-
3 -
448
-
3
-
449
3 7
3
7
450
3 23
3
451 13
7 -
-
3
3 11
3 23
-
-
-
-
3 -
-
3 11 -
3
-
3 61 -
416
61 -
-
3 -
3
19 43 3 23 -
-
3 7
3 41
3 11 -
-
3
7 67 3 11 -
-
3 -
3
7
453 23
3 13
3
454 19
7
452
455
3
3
9
-
3 29
-
3 47
7 17 23 19
418 37 47 53 59
458
3
29
419
3 31
420
3
426
3
427
-
-
11 13 3 -
-
3
3 31
3 -
-
-
-
3 -
-
3
3 19 -
-
31 3
3 17 -
-
461 462
3 -
3
465
3
466 59 467
3
468 31
3
469 470
3
431
7
471
7
3
472
-
-
3 11
3 19
432 29
3
433 61
7
434
3 43
3
7
397 11 29 41 23
437
3
398
438 13
-
3
3
439
-
Table E.1 (continued)
3 -
-
3 -
-
-
473
-
-
3
3 13 -
3
7
3
-
-
-
3 -
-
3 -
13 3
3 43 13 -
-
29 3
3
475
7 67
11 17
476
3 29
-
-
3 11
477 13
3
478
7
53
479
3
-
7 -
3
3 -
7 3 -
3 19
3 17 -
3
7 37
3 53 -
-
3 17
3 47
-
3
17 11
474 11
3 -
3 41 23
-
3
3 31
464
-
-
7
7 -
7 11
-
3 -
463 11 41
3
-
-
3
7
7
7
460 43
430 11 13 59 31
3 7
3 -
429
435 19
3
7 -
7
3
399 13
3 11
3
3 59 37
3
459
3
395
3
3 13
-
428
-
7
-
-
7
3 41
394
-
3
-
3
-
457
417 43
436
3 59
3
-
440
3
3
-
3
-
-
19
1
456
-
396 17
3
3
9
3 11
-
3 43 17 37
-
7
7
-
3
415
3 53
-
3
3 11 -
414 41
425
-
-
412 13
7 17
7
3
-
411
424
391 392
3
410
3
3
-
409
-
-
3 13
3 -
423
3 17
-
7
3 11
3
3
408
422
-
-
7
7
3
-
3
43
-
-
407
421
-
7
13
3
-
3
406 31 17
3 11
390 47 -
3
3 23
-
386
3 11
37
-
384 23
349
-
3 -
7
3
-
-
3
383
3 11
405
378 19
7 19
348 59
3
-
1
403 29 37 11 404
3
382
-
3
3
7 41
7
3
3
402
3
380
3
353
-
7
3 23
7 13
375 11
379 17
-
352
3 47
3
-
3 19 -
7 11
3 19
3 13
-
3
374
377
3
-
17
-
401
3
372 61
11 31
7
-
3 29
7
-
400
-
-
9 3
-
-
373
-
3
371
-
7
3 19
3
3
3 31
370
376
3 23 -
3 -
369
3
3 43
-
-
-
-
3 -
7 19 11
7
351
364 11
367
-
350
363
3 -
-
3
345
-
362
-
7
3 11
347
361 23
366
344 346
3
7
3 17 -
360 13
3 13
3 37 -
3
365
340 19 41 341
3
3 29
-
334 13
338
3 41
3 17 3
3
337
-
3 13
332
336
7
3
-
7
335
-
-
-
331 333
3
1
9
-
328 17 329
7
629
-
3
3 -
-
630
Tables
1 480
-
481 17 482
3
3
7
9
3 11
3
520
7 11 41
61
521
3 13
-
-
7
3 11
3
7
1
522 23
3
523
484 47 29 37 13
524
483 485 486 487 488
-
3 23 -
-
3 31 11
3 19
489 67 490 13
-
3 17
492
7
494 495
-
3 -
496 11 497
3
498 17 499
7
500
3
501 502
-
-
3
3 59
491 493
3 43
7 3
3 13 -
-
3 7 -
3 -
-
-
3 -
-
19 3
3 29
7
508 509 510
-
31 13 3 13
3 11 -
511 19
3 -
512
3 47
513
7
515
3
-
-
3 -
7
-
3
3
517
7 31
518
3 71
519 29
3
532 17
3
535
-
3 -
-
3 13 -
-
3
-
3 -
601
7
17 13
602
3 -
-
-
3
7
3
3
7
568 13
7
569
3
-
-
571
7 73
572
3 19
573 11
-
29
3 59 3
3
574
53 11 23
575
3 11 7
-
11
-
539
3
540 11
3
543 544
-
-
3
3 -
-
17 -
3 -
578 579 580 581
3 61
582
3
583
-
13
-
3
7
3 53
585
546 43
3
7
3
586
-
-
545
-
3
549 17 550 551 552
19
13 -
3 11
3 23 -
-
3 37
3
-
-
3
-
584
-
-
587 588
3
3
-
612
3
613
7
3 13
3
592 31
7
555
7
3
595 11
3
556 67 557 558 559
3 -
-
3 -
19
-
597 598
7 29 11
599
-
3 13
Table E.1 (continued)
3 -
-
3
17
3 -
-
3 -
-
627
3 7
3 23 3
-
-
3
628 11 61
7
632
3 -
-
3
633 13 634 17 635
3 47
636
3
-
3
631
3
3
626
7 59
-
-
3 -
637 23
3 -
-
-
59
-
3 -
53
638
3 13
7
639
7
3
-
-
3
11
3 7
3 11 47
3
7 31 3 37 23
3
-
-
3 -
13
7 3 -
3 17 -
-
3 -
-
7
3
3
17
3
-
3 23
311 29
7
-
-
31 41
3 59
3
3 73
7
-
9
11 13
3
7 13
3
3
-
-
3
625
630
-
3
624 79
629
3 43 31
-
623
17
3 19 -
-
3 19
-
3 61
7
7 3
-
7
3 67
3
3 -
3
596
3 37
-
622
3
594 13
-
7
3
-
3 17
3 31
3
3
621
-
3 23
-
617
3 11
-
554
3 -
616 61
620
3
-
591 23
615
37
-
7
590
593
-
11
589 43 71
7 29
-
3
7 -
3 -
614
-
7
7
619 41 11
3
3
-
-
-
3
-
3
609
3
3
3 11
3
-
608
3 17 -
7 19 13 3
607 13
-
618
-
-
606 11
-
7
7
-
3
3
3
-
-
3 -
605
611
3 73
-
-
7
7
7 -
-
-
3 19
604
610
538
-
3
-
603 37
3
-
577 29 23 53
3 31
-
3 41
3 13
-
11
3
3
3
553
-
3
3 19
3
-
600 17
-
3
-
3 71
537 41
548
-
3
567 53
570
3
576
7 3
3
-
-
3
-
1
7
547
-
-
-
9
3
536
3
3 23
516 13 -
531 47
7
3 37 -
3 11
514 53 37
3
-
7
3
507 11
529 11 67 530
3
3 17
3 11
504 71
3 61
-
542
3
506
528
3 -
11 47
7
505
566
541
3
-
19 23 11
3
-
3 43
565
534
-
563
3
7
3
13
7
3
-
7
3
533
-
562
525 59
7
3 41
3
564
-
-
3 13
561 31
3 29
11
3 13 -
-
503
3
3 17 -
560
7
527
-
-
3
1
3
7
-
9
-
526
3
3
7
-
3
-
3
-
3 -
11 3 -
7 3 -
3 11 -
3 19 -
3 71 -
3 7 -
3 -
-
3
Tables
1
3
7
1
9
640 37 19 43 13
680
3
641
7
681
7
3
682 19
642
3 11 -
643 59 644 645 646 647 648 649
3
7 41 47
3 19 -
3 -
3
3 11
7 23 29 3 -
-
-
-
3 -
3 11
3 13
656 657 658
11 61
3 47
-
3 -
-
3 -
-
3 29
659
3 19
660
7
3
3 37
663 19 664 29 665 666
3 -
3
-
79 3
668
3 41
669
-
-
3 11 3
3 37 19
7
3
672 11
3
7
-
-
3 11
675 43 676 677 678 679
-
-
696
700
3
-
704
-
3 -
-
3 19 -
3 47
-
-
729 23
3
741
-
-
3
3 11
-
3
766 47 79 11
7 19 29
767
3 37
768
3
769
-
3
3 17
3 -
7
744
3
745
-
746
3
-
29
7 41 47 31
749
750 13
713
-
3 11 17
-
3 -
3
7
3 11
714 37
3
7
7
716
-
23 17
3 13
717 71
3
718 43 11 719
3
-
3 -
3 67
3 59 7 11
752
3
754 755 756
-
3 -
3
757 67
7
758
3 23
759
-
-
3
751
753 17
3 -
Table E.1 (continued)
3 31 -
-
3 19
3
-
3
780 29
3 -
-
3 -
-
3
3
7
-
-
3
3 71
-
784
3
-
786
7
3
787 17 788
3
-
-
3
3 17 11 -
3 -
-
791
-
3 11 -
3
3
-
3 -
793
7
-
-
794
3 13
3
795
-
796 19
3 73 -
3
3
7
73
792 89
7 -
3
7
3 41
3
-
3 53
-
3 -
-
790
3
-
3 29 -
789 13
-
3
7 47
3
-
59
3 11
3 37
781 73 13
7
-
3
7
3
-
3 -
3
785
3 -
7
777 19
783 41
-
-
3 17
3 43
-
3
7
782
7
-
3
-
3
776
7 17
3 11
3
711 13
-
779
709
-
-
7
710
3
3 61
13
7
-
3 47
775 23
3 -
3 71
778 31 43 13
3 17
-
-
-
-
3
748
3 19
-
3
774
-
7
3 13 -
3 83 -
3 11
7
3
7
-
3 -
7 43 -
3 11
7
-
771 11
3
773
3
3
3
-
772
3
742 41 13 743
-
3 13
3
7
-
770
3 -
-
11 41
3
3 73
-
3 13
-
3
708 73
-
-
3
3
-
737
740
3 29
3 13
3
9
3 19
7
7
-
762
3 23 -
765
-
736 17 37 53
7 43
761
7
-
3
3
-
-
3
-
3 71
739 19
-
-
7
731
-
760 11
7
3
11
735
3
3
3
3
7 67
-
7
1
764
730
734
-
9
11
3 -
3
-
7
763 13 17
747 31
707
23
7 13
3
-
3
3
7 37
712
3
728
738 11
706 23
3
-
-
727 11
3 29 -
3
67
-
-
3
705 11
715
3
3 17
703 79 13 31
-
3
3
726 53
-
3
-
-
725
-
7
3
19
733
702
-
7
724 13
732
7
-
723
3
3
3 17
3 11
-
701
-
7 3
7
3
3 13 -
31
3
-
3 31
71 83
-
-
722
3 13
3 29 -
3
721
7
699
3
3
695
3
-
3 13 -
7
-
3
3
3
3
674
-
694 11 53
-
3
3
692
698
-
-
720 19
693 29
7 11
-
673 53
691
697
-
671
690 67
3
-
3 59
7
670
7
3
7 17 61 -
667
-
3 -
3 13
661 11 17 13 662
-
3 11
3
3 61
7
655
687
3
3
3 41
-
689
3
654 31
686
1
-
43 73 67
651 17 652
685 13
9
-
7
3 23
653
3 -
7
3 17 -
688
7
-
684
-
3
3
650
683
3
631
3 11 -
3 17 -
3
31 13
3
7
3 79
798 23
3
7
797
799 61
-
3
11 19
632
Tables
3
7
3 53
3
1 800 801
-
3
-
802 13 71 23 803
3 29
804 11 805 83 806 807 808 809 810 811 812
-
3 11 7 -
3 -
-
3
813 47
59
7
817 818 819
3 -
3
822 823 824
-
3
825 37 826 11
837 11 3
-
3
7
3 19
23
851
3
7
891
7
3 11
852
3
892 11
-
3 29
3 41 -
3
3 -
3 -
853 19 854
3
855 17 856
7
857
3
3 -
-
860
-
3 7
-
3
83
894
3 43
3
895
13
11
896
3
23
897
3
-
-
-
7
-
-
-
3 89
3
53
864
7
3 17 -
-
866
867 13
43
869
3
7
870
7
3
871 31 872 873
3
874
61 13
875
3
-
3
868
-
-
3 -
3 37
3
-
865 41 17 11
3
3 31
-
-
3
-
3
3 73 3
-
7
863
-
3 31
3
7
876
-
-
3 19 -
3 -
3 11 -
-
3 -
3 7 -
3 -
7 3 -
23 3 -
-
3
7 31 67
926
3 59
928
7 11
929
3 59
930 71
3
931
-
3
-
3 -
-
67
932
3 7
3
3 23
3
934
-
-
7 13 17
935
-
47
-
37
3 7
3 17
7
3 -
3 19 -
13
3 -
7 13 11 89
938
899
3 17
939
900 901
-
3 -
-
-
3
3 47
3
3
940
7
941
3
3
7
3
903 11
3
7
-
3 11
906 13
3
83 3 -
907 47 43 29 908 909
3 31 -
910 19 912
7
3
913 23
916 917
11
918
3 19
3
919
7
7
947
3
3
948 19 949 950
-
953
3
7
954
7
3
955
7 89 53
956
3
-
3
-
-
-
-
3
-
7 3
3 53 -
-
3
3 -
3 73
3
957 17
3 61
958 11
7
959
3 17 -
3 7 3
-
3
41 19 11
3 -
-
7 13
3 67 -
3
3 37
3 31 89
-
3 11
-
11
3
23 97
3
-
83
3 41 -
-
3 13
13
7 29 17
Table E.1 (continued)
946
-
7
-
-
3 11
3
945 13
3
-
-
952
-
3
3
944
3 -
-
3
3
3 41
-
-
-
943
-
951
-
-
3
942
3 11
-
-
-
3 61
3 11 -
3 11 -
3
-
-
-
-
71 29
-
-
902
-
3 47
3
3 13
3 41
933
-
-
11 -
898
3
-
7
3
7
915
3
3
7 3
79
7 3
925 11 19 927 73
-
-
937
3 193
878
3 -
23
7
7
3
924
3 13
3
-
3 31
-
923
3
3
914
3 11
922
-
3
3 13 -
3 37 -
911
-
921 61
-
3
905
-
-
3
9
3 14
7 3
-
920
7
936 11
904
-
-
23
3
7
3
-
3
3 -
-
1
9
3
13
-
877
879 59
893
-
3
862 37
-
-
861 79
3
3 17
3
-
3 29
7 11
-
-
890
3 23
-
886
67
3 19
3
3
3
3 17
11 47 -
859 11 13
-
885 53
850
7
-
11
11
3 37
3
-
3
-
884
889 17
-
858
-
-
883
7
3 -
3
3
3 19
838 17 83 839
3
7
3 13
3
3 79
3
7 -
3 29
3
836
846
-
3
7
3 19
7
845
3 11 -
-
3
849
-
835
-
844 23
882
-
7
7
3
834 19
-
843
3
3
888 83
-
833
3
3 -
-
881
-
13
7
832 53
842
-
-
-
3
-
-
880 13
3 17
828
831
3
848
3
830
7
887
827 829
3
7
61
11 13
3 43 -
840 31
3
7
820 59 13 29 821
1
847 43 37
3 79
3 31
9
7 -
3 11
-
7
841 13 47 19
3
-
3
3
-
815
-
3
-
-
7 17
-
7
3 41
814 816
3
3 13
1
9
3 53
-
7 3 43
3 29
Tables
1
3
7
9
960
-
3
13
3
961
7
-
59
962
3
-
963
-
964
633
1
3
7
9
990
-
3
-
3
3
991
11
23
47
7
31
-
992
3
-
3
-
-
3
-
993
-
3
19
3
13
3
43
3
994
-
61
7
-
985
-
59
-
-
995
3
37
3
23
-
986
3
7
3
71
996
7
3
-
3
3
7
987
-
3
7
3
997
13
-
11
17
3
-
3
988
41
-
-
11
998
3
67
3
7
7
97
41
989
3
13
3
19
999
97
3
13
3
1
3
7
9
1
3
7
9
970
89
31
18
7
980
3
-
3
17
-
971
3
11
3
-
981
-
3
-
3
-
972
-
3
71
3
982
7
11
3
23
3
973
37
-
7
-
983
3
31
-
11
-
974
3
-
3
-
984
965
3
7
3
13
975
7
3
11
3
966
-
3
7
3
976
43
13
-
967
19
17
-
-
977
3
29
968
3
23
3
-
978
-
969
11
3
-
3
979
-
Table E.1 (continued)
Tables
634
n
r(n)
a(n)
n
r(n)
a(n)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
1 1 2 2 4 2 6 4 6 4 10 4 12 6 8 8 16 6 18 8 12 10 22 8 20 12 18 12 28 8 30 16 20 16
1 2 2 3 2 4 2 4 3 4 2 6 2 4 4 5 2 6 2 6 4 4 2 8 3 4 4 6 2 8 2 6 4 4 4 9 2 4 4 8 2 8 2 6 6 6 2 10 3 6
1 3 4 7 6 12 8 15 13 18 12 28 14 24 24 31 18 39 20 42 32 36 24 60 31 42 40 56 30 72 32 63 48 54 48 91 38 60 56 90 42 96 44 84 78 72 48 124 57 93
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100
32 24 52 18 40
4 6 2 8 4 8 4 4 2 12 2 4 6 7 4 8 2 6 4 8 2 12 2 4 6 6 4 8 2 10 5 4 2 12 4 4 4 8 2 12 4 6 4 4 4 12 2 6 6 9
72 98 54 120 72 120 80 90 60 168 62 96 104 127 84 144 68 126 96 144 72 195 74 114 124 140 96 168 80 186 121 126 84 224 108 132 120 180 90 234 112 168 128 144 120 252 98 171 156 217
24
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
45 46 47 48 49 50
24
12 36 18 24
16 40 12 42 20 24
22 46 16 42 20
24
36 28 58 16 60 30 36 32 48 20 66 32 44 24
70 24
72 36 40 36 60 24
78 32 54 40 82 24
64 42 56 40 88 24
72 44
60 46 72 32 96 42 60 40
Table E.2 Values of some arithmetic functions.
Tables
p
r
p
r
p
r
p
r
2
1
191
19
439
15
709
2
3
2
193
5
443
2
719
11
5
2
197
2
449
3
727
5
7
3
199
3
457
13
733
6
11
2
211
2
461
2
739
3
13
2
223
3
463
3
743
5
17
3
227
2
467
2
751
3
19
2
229
6
479
13
757
2
23
5
233
3
487
3
761
6
29
2
239
7
491
2
769
11
31
3
241
7
499
7
773
2
37
2
251
6
503
5
787
2
41
6
257
3
509
2
797
2
43
3
263
5
521
3
809
3
47
5
269
2
523
2
811
3
53
2
271
6
541
2
821
2
59
2
277
5
547
2
823
3
61
2
281
3
557
2
827
2
67
2
283
3
563
2
829
2
71
7
293
2
569
3
839
11
73
5
307
5
571
3
853
2
79
3
311
17
577
5
857
3
83
2
313
10
587
2
859
2
89
3
317
2
593
3
863
5
97
5
331
3
599
7
877
2
101
2
337
10
601
7
881
3
103
5
347
2
607
3
883
2
107
2
349
2
613
2
887
5
109
6
353
3
617
3
907
2
113
3
359
7
619
2
911
17
127
3
367
6
631
3
919
7
131
2
373
2
641
3
929
3
137
3
379
2
643
11
937
5
139
2
383
5
647
5
941
2
149
2
389
2
653
2
947
2
151
6
397
5
659
2
953
3
157
5
401
3
601
2
967
5
163
2
409
21
673
5
971
6
167
5
419
2
677
2
977
3
173
2
421
2
683
5
983
5
179
2
431
7
691
3
991
6
181
2
433
5
701
2
997
7
Table E.3 Primitive roots modulo primes.
635
636
Tables
Numbers p
3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97
1
2
3
4
5
6
2 4 6 10 12 16 18 22 28 30 36 40 42 46 52 58 60 66 70 72 78 82 88 96
1 1 2 1 1 14 1 2 1 24 1 26 27 18 1 1 1 1 6 8 4 1 16 34
3 1 8 4 1 13 16 5 1 26 15 1 20 17 50 6 39 26 6 1 72 1 70
2 4 2 2 12 2 4 2 18 2 12 12 36 2 2 2 2 12 16 8 2 32 68
5 4 9 5 16 1 22 20 23 22 25 1 47 6 22 15 28 1 62 27 70 1
3 9 5 15 14 18 6 25 27 1 28 38 18 51 7 40 32 14 5 73 17 8
7
8
9
10
11
12
13
14
15
16
Indices 7 11 11 6 19 12 28 32 39 35 32 14 18 49 23 1 33 53 8 81 31
3 3 10 3 6 3 12 3 38 39 8 3 3 3 3 18 24 12 3 48 6
6 8 2 8 10 10 2 16 30 2 40 34 42 12 12 52 12 2 62 2 44
5 10 3 17 3 23 14 24 8 10 19 48 7 23 16 34 9 66 28 86 35
7 7 12 9 25 23 30 3 30 7 6 25 15 59 31 55 68 24 84 86
6 13 15 20 7 19 28 27 13 10 19 52 8 41 38 22 9 74 33 42
4 5 14 18 11 11 31 32 11 24 45 40 19 39 59 34 77 23 25
9 7 21 13 22 33 25 20 4 15 19 50 24 7 41 57 9 9 65
6 11 17 27 21 13 37 26 21 12 56 28 54 54 7 63 17 71 71
8 4 8 4 0 4 24 24 26 4 4 4 4 24 32 16 4 64 40
29
30
31
32
33
5 10 9 44 5 5 5 5 30 40 20 5 80 74
20 18 31 27 23 17 21 32 57 61 69 14 85 60
Numbers p
19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97
17
18
19
20
21
22
23
24
25
26
27
28
10 7 21 7 7 33 38 16 10 40 47 64 49 21 21 56 6 89
9 12 11 26 17 16 29 12 35 43 13 13 58 20 6 63 18 78
15 9 4 35 9 19 45 37 38 26 10 16 62 32 47 35 81
5 24 8 25 34 37 37 49 8 24 17 40 17 70 29 14 69
13 17 29 22 14 36 6 31 10 55 62 27 39 54 80 82 5
11 26 17 31 29 15 25 7 26 16 60 37 63 72 25 12 24
20 27 15 36 16 5 39 15 57 28 15 46 26 60 57 77
8 13 29 13 40 28 20 53 9 42 44 30 13 75 49 76
16 10 10 4 8 2 42 12 44 30 56 2 46 56 52 2
19 5 12 17 17 29 25 46 41 20 45 67 38 78 39 59
15 3 6 5 3 14 51 34 18 51 8 18 3 52 3 18
14 16 34 11 5 22 16 20 51 25 13 49 61 10 25 3
Indices
Table E.4 Indices.
9 21 7 41 35 46 28 35 44 68 35 11 12 59 13
15 14 23 11 39 13 57 29 55 60 15 67 18 87 9
9 28 34 3 33 49 59 47 11 11 56 38 31 46
Tables
637
Numbers p
34
35
36
37 41 43 47 53 59 61 67 71 78 79 83 89 97
8 19 23 34 11 41 48 65 55 29 25 57 22 27
19 21 18 33 9 24 11 38 29 34 37 35 63 32
18 2 14 30 36 44 14 14 64 28 10 64 34 16
37
38
39
40
41
42
32 7 42 30 55 39 22 20
35 4 17 38 39 27 11 22 70 36 48 51 19
6 33 31 41 37 46 58 65 65 35 67
20 22 9 50 9 25 18 46 25 74 30 30 7
6 15 45 14 54 53 25 4 75 40 21 85
21
64
19 20 11 91
24
95
43
44
45
46
47
48
49
44
23 20 50 9 31 59 23 54 84
21 54 10 43 50 38 17 76 65 14
23 36 38 46 2 66 28 16 74 62
63
64
65
Indices 24
32 11 56 63 33 47 58 81 10 39
13 22 33 43 9 48 51 49 71 29 4
43 8 27 17 61 43 71 76 26 28 58
41 29 48 34 27 10 13 64 7 72 45
23 40 16 58 29 21 54 30 61 73 15
61
62
Numbers p
50
51
52
53
54
55
56
57
58
59
60
53 59 61 67 71 73 79 83 89 97
43 13 45 31 62 10 50 55 68 36
27 32 53 37 5 27 22 46 7 63
26 47 42 21 51 3 42 79 55 93
22 33 57 23 53 77 59 78 10
35 19 52 14 26 7 53 19 52
31 37 8 59 56 52 51 66 87
21 52 26 19 57 65 11 41 37
30 32 49 42 68 33 37 36 55
29 36 45 4 43 15 13 75 47
31 36 3 5 31 34 43 67
30 56 66 23 71 19 15 43
7 69 58 45 66 69 64
48 17 19 60 39 47 80
35 53 45 55 70 83 75
6 36 48 24 6 8 12
34 67 60 18 22 5 26
75
76
77
78
79
80
81
42 4 88
Indices
Numbers p
66
67
68
69
70
67 71 78 79 83 89 97
33 63 69 73 15 13 94
47 50 48 45 56 57
61 37 29 58 38 61
41 52 27 50 58 51
35 42 41 36 79 66
71
72
44
36 14 65 50 50
73
74
Indices 51 33 62 11
44 69 20 28
23 21 27 29
47 44 53 72
40 49 67 53
43 32 77 21
39 68 40 33
43 42 30
31 46 41
94
95
96
82
48
Numbers p
83 89 97
82
83
84
85
86
87
88
41 37 23
61 17
26 73
76 90
45 38
60 83
44
92
89
90
91
92
93
54
79
56
49
Indices 20 22
Table E.4 (continued)
638
Tables
Indices p
3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97
1
2
3
4
5
6
2 2 3 2 2 3 2 5 2 3 2 6 3 5 2 2 2 2 7 5 3 2 3 2
1 4 2 4 4 9 4 2 4 9 4 36 9 25 4 4 4 4 49 25 9 4 9 25
3 6 8 8 10 8 10 8 27 8 11 27 31 8 8 8 8 59 52 27 8 27 28
1 4 5 3 13 16 4 16 19 16 25 38 14 16 16 16 16 58 41 2 16 81 43
5 10 6 5 13 20 3 26 32 27 28 23 32 32 32 32 51 59 6 32 65 21
1 9 12 15 7 8 6 16 27 39 41 21 11 5 3 64 2 3 18 64 17 8
7
8
9
10
11
12
13
14
15
16
2 6 13 28 10 30 21 36 27 7 41 36 36 54 6 72 33 20 48
6 12 19 27 30 23 3 22 41 14 23 11 5 23 30 58 66 60 46
1 5 3 25 28 9 18 23 17 28 46 22 10 19 4 16 49 2 36
Numbers 7 11 11 14 17 12 17 17 29 37 11 22 10 6 61 14 15 54 45 51 40
3 9 16 9 16 24 20 34 10 25 8 44 20 12 55 27 2 4 7 64 6
6 5 14 18 11 19 29 31 19 32 40 35 40 24 43 47 10 12 14 14 30
1 10 8 17 9 9 25 25 32 10 12 17 21 48 19 45 50 36 28 42 53
7 7 15 22 18 13 13 28 30 13 34 42 35 38 31 31 29 56 37 71
1 4 11 18 7 8 26 4 4 18 15 25 9 9 4 9 8 29 22 64
12 3 21 14 24 15 24 12 43 30 50 18 18 28 45 24 58 66 29
Indices p
19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97
17
18
19
20
21
22
23
24
25
26
27
28
10 15 21 22 18 26 26 38 3 33 44 20 62 20 48 15 6 83
1 6 13 4 36 33 35 2 6 7 27 40 8 27 65 30 18 27
7 26 12 35 34 19 10 12 14 54 13 56 62 37 60 54 38
12 23 5 33 40 14 3 24 28 47 26 37 18 32 37 73 93
14 17 15 29 35 42 15 48 56 33 52 46 17 17 74 41 77
1 5 14 21 5 40 28 43 53 5 37 38 12 51 65 34 94
10 11 5 30 34 46 33 47 10 7 53 60 74 47 13 82
20 2 10 16 16 42 13 35 20 14 16 8 64 11 39 22
11 6 20 14 5 22 26 11 40 28 41 40 34 22 28 13
22 18 3 2 15 16 52 22 19 56 3 54 23 44 84 65
15 23 6 12 2 33 51 44 38 45 21 51 69 5 74 34
1 7 12 31 6 24 49 29 15 23 5 36 49 10 44 73
29
30
31
32
33
22 13 33 39 21 55 59 50 11 47 59 80 31 7
7 37 13 7 42 51 57 33 6 16 19 77 4 35
14 17 39 35 31 43 53 66 42 7 57 71 12 78
Numbers
Table E.4 (continued)
21 24 22 18 26 45 58 30 46 35 34 68 20 43 74
1 11 9 11 36 37 57 60 25 32 24 46 40 40 79
Tables
639
Indices p
34
35
36
37
38
39
37 41 43 47 53 59 61 67 71 73 79 83 89 97
28 20 31 34 9 27 45 65 10 35 13 59 36 2
19 38 7 29 18 54 29 63 70 29 39 35 19 10
1 23 21 4 36 49 58 59 64 72 38 70 57 50
15 20 20 19 39 55 51 22 68 35 57 82 56
8 17 6 38 19 49 35 12 48 26 31 68 86
7 8 30 23 38 37 3 13 21 78 62 26 42
40
41
42
29 45 39 34 26 12 69 14 70 82 56 80
1 37 25 9 52 24 57 70 52 81 79 12
43
44
1 24
9 46 17 13 6 20 32 76 41 78 16
45
46
47
48
49
Numbers 44 50 18 43 48 44 58 77 79 59 60
32 47 36 25 29 24 71 73 75 88 9
19 41 13 50 58 26 63 61 67 86 45
1 29 26 39 49 40 23 25 51 80 31
5 52 17 31 67 42 75 19 62 58
10 45 34 62 43 64 67 38 8 96
20 31 7 57 17 28 43 76 24 92
61
62
63
64
65
Indices p
50
51
52
53 59 61 67 71 73 79 83 89 97
40 3 14 47 48 67 50 69 72 72
27 6 28 27 52 43 71 55 38 69
1 12 56 54 9 69 55 27 25 54
53
54
55
56
57
58
59
60
24
48 41 15 15 46 21 25 47 89
37 21 30 34 11 63 50 52 57
15 42 60 25 55 31 17 67 91
30 23 53 33 56 14 34 23 67
1 46 39 18 61 42 68 69 44
31 11 55 13 47 53 29 26
1 22 30 65 62 23 87 33
51 41 63 53 7 54 75 76
Numbers
68 33 28 46 83 68
21 50 19 5 9 71 49
42 66 22 15 18 35 51
17 36 37 45 36 16 61
34 39 39 56 72 48 14
44
Indices p
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
67 71 73 79 83 89 97
1 60 49 10 61 55 70
65 26 30 39 76 59
29 57 11 78 50 4
61 66 33 73 61
1 38 20 63 5 3
44 60 43 15 15
1 22 3 45 75
66 6 46 84
40 12 49 32
41 24 58 63
44 48 85 24
53 13 77 23
1 26 53 18
52 70 90
21 32 62
42 7 19
90
91
92
93
94
95
96
66
39
1
20
Indices p
82
83
84
85
86
87
88
83 89 97
1 21 95
63 87
11 47
33 41
10 11
30 55
1 81
89
Numbers 17
85
37
Table E.4 (continued)
88
52
640
Tables
d
,jd
d
,jd
2
[1; 2]
53
[7; 3, 1, 1, 3, 14]
3
[1; 1, 2]
54
[7; 2, 1, 6, 2, 14]
5
[2; 4]
55
[7; 2, 2, 2, 14]
6
[2; 2, 4]
56
[7; 2, 14]
7
[2; 1, 1, 1, 4]
57
[7; 1, 1, 4, 1, 1, 14]
8
[2; 1, 4]
58
[7; 1, 1, 1, 1, 1, 1, 14]
[3; 6]
59
[7; 1, 2, 7, 2, 1, 14]
11
[3; 3, 6]
60
[7; 1, 2, 1, 14]
12
[3; 2, 6]
61
[7; 1, 4, 3, 1, 2, 2, 1, 3, 4, 1, 14]
13
[3; 1, 1, 1, 1, 6]
62
[7; 1, 6, 1, 14]
14
[3; 1, 2, 1, 6]
63
[7; 1, 14]
15
[3; 1, 6]
65
[8; 16]
17
[4; 8]
66
[8; 8, 16]
18
[4; 4, 8]
67
[8; 5, 2, 1, 1, 7, 1, 1, 2, 5, 16]
10
19
[4; 2, 1, 3, 1, 2, 8]
68
[8; 4, 16]
20
[4; 2, 8]
69
[8; 3, 3, 1, 4, 1, 3, 3, 16]
21
[4; 1, 1, 2, 1, 1, 8]
70
[8; 2, 1, 2, 1, 2, 16]
22
[4; 1, 2, 4, 2, 1, 8]
71
[8; 2, 2, 1, 7, 1, 2, 2, 16]
23
[4; 1, 3, 1, 8]
72
[8; 2, 16]
24
[4; 1, 8]
73
[8; 1, 1, 5, 5, 1, 1, 16]
26
[5; 10]
74
[8; 1, 1, 1, 1, 16]
27
[5; 5, 10]
75
[8; 1, 1, 1, 16]
28
[5; 3, 2, 3, 10]
76
[8; 1, 2, 1, 1, 5, 4, 5, 1, 1, 2, 1, 16]
29
[5; 2, 1, 1, 2, 10]
77
[8; 1, 3, 2, 3, 1, 16]
30
[5; 2, 10]
78
[8; 1, 4, 1, 16]
31
[5; 1, 1, 3, 5, 3, 1, 1, 10]
79
[8; 1, 7, 1, 16]
32
[5; 1, 1, 1, 10]
80
[8; 1, 16]
33
[5; 1, 2, 1, 10]
82
[9; 18]
34
[5; 1, 4, 1, 10]
83
[9; 9, 18]
35
[5; 5, 10]
84
[9; 6, 18]
37
[6; 12]
85
[9; 4, 1, 1, 4, 18]
38
[6; 6, 12]
86
[9; 3, 1, 1, 1, 8, 1, 1, 1, 3, 18]
39
[6; 4, 12]
87
[9; 3, 18]
40
[6; 3, 12]
88
[9; 2, 1, 1, 1, 2, 18]
41
[6; 2, 2, 12]
89
[9; 2, 3, 3, 2, 18]
42
[6; 2, 12]
90
[9; 2, 18]
43
[6; 1, 1, 3, 1, 5, 1, 3, 1, 1, 12]
91
[9; 1, 1, 5, 1, 5, 1, 1, 18]
44
[6; 1, 1, 1, 2, 1, 1, 1, 12]
92
[9; 1, 1, 2, 4, 2, 1, 1, 18]
45
[6; 1, 2, 2, 2, 1, 12]
93
[9; 1, 1, 1, 4, 6, 4, 1, 1, 1, 18]
46
[6; 1, 3, 1, 1, 2, 6, 2, 1, 1, 3, 1, 12]
94
[9; 1, 2, 3, 1, 1, 5, 1, 8, 1, 5, 1, 1, 3, 2, 1, 18]
47
[6; 1, 5, 1, 12]
95
[9; 1, 2, 1, 18]
48
[6; 1, 12]
96
[9; 1, 3, 1, 18]
50
[7; 14]
97
[9; 1, 5, 1, 1, 1, 1, 1, 1, 5, 1, 18]
51
[7; 7, 14]
98
[9; 1, 8, 1, 18]
52
[7; 4, 1, 2, 1, 4, 14]
99
[9; 1, 18]
Table E.5 Simple continued fractions for square roots of positive integers.
Answers to Odd-Numbered Exercises
Section 1.1 1.
a.
b. well-ordered
well-ordered
c.
not well-ordered
d. well-ordered
e.
not well-ordered
x and y are rational numbers. Then x=a/bandy=c/d, where a, b, c, and d are integers with b "I- 0 and d "I- 0. Then xy= (a/b) (c/d)=ac/bd and x+ y=a/b+c/d= (ad+bc)/bd where bd "I- 0. Because both x+ y and xy are ratios of integers, they are both
3. Suppose that
·
rational.
./3 were rational. Then there would exist positive integers a and b with ./3 = a/b. Consequently, the set S ={k./31 k and k./3 are positive integers} is nonempty because a =b./3. Therefore, by the well-ordering property, S has a smallest element, say, s=t./3. We have s./3 - s=s./3 - t./3= (s - t)./3. Because s./3=3t ands are both integers, s./3 - s = (s - t)./3 must also be an integer. Furthermore, it is positive, because s./3 - s=s (./3 - 1) and ./3 1. It is less than s because s=t./3, s./3=3t, and ./3 3. This contradicts the choice of s as the smallest positive integer in S. It follows that ./3 is irrational. 0 b. -1 3 d. -2 0 f. -4 {8/5} =3/5 b. {1/7} =1/7 {-11/4} =1/4 d. {7} =0 0 if x is an integer; -1 otherwise We have [xl:::; x and [yl:::; y. Adding these two inequalities gives [xl+[yl :::; x + y. Hence, [x+yl � [[xl+[y]]=[xl+[yl. Let x =a+ r and y =b + s, where a and b are integers and r and s are real numbers such that 0:::; r, s 1. Then [xyl=[ab+ as+ hr+ srl=ab+[as+hr+srl, whereas [xl[yl=ab. Thus we have [xy l � [xl[yl when x and y are both positive. If x and y are both negative, then [xyl:::; [xl[yl. If one of x and y is positive and the other negative, then the inequality could go
5. Suppose that
>
7. 9. 11. 13.
15.
a.
c.
<
e.
a.
c.
<
either direction.
x=[xl+r. Because 0:::; r 1, x+ f=[xl+r+ f. If r f, then [xl is the integer nearest to x and [x +fl=[xl because [xl:::; x + f=[xl +r + f [xl+1. If r � f, then [xl+1 is the integer nearest to (choosing this integer if x is midway between [xl and [x+ 11) and [x+fl=[xl+1 because [xl+1:::; x+r+ f [xl+2. Let x=k+ where k is an integer and 0:::; 1. Further, let k=a2+b, where a is the largest integer such that a2:::; k. Then a2:::; k =a2+ b:::; x =a2+ b+ (a+ 1)2. Then [JXl =a and [Ml=[.Jkl=a also, proving the theorem. 8n - 5 b. 2n+3 [[.Jill/ Jn] d. an=an-I+ an-2• for n � 3, and al=1, and a2=3 nan=2 l; an=(n2 - n+2)/2; and an=an-I+2an-2• for n � 3 This set is exactly the sequence an = n - 100, and hence is countable. The function f (a+ b,./2) =2a3b is a one-to-one map of this set into the rational numbers, which
17. Let
<
<
<
x
<
19.
E
E <
E <
21. 23. 25. 27.
a.
c.
is countable.
641
Answers to Odd-Numbered Exercises
642
29. Suppose {Aj} is a countable collection of countable sets. Then each Ai can be represented by a sequence, as follows:
A1
au a21
a11 a22
A2 A3
a23
a3l
a32
a33
Consider the listing au, a12, a2i. a13, a22, a3i.
ai3
..., in which we first list the elements with
subscripts adding to 2, then the elements with subscripts adding to 3, and so on.Further, we order the elements with subscripts adding to k in order of the first subscript.Form a new sequence ci as follows.Let c1=a1. Given that cn is determined, let cn+l be the next element in the listing that is different from each ci with i= 1, 2, ..., n.It follows that the terms of this sequence are exactly 00
the elements of
31.
a.
a = 4, b= 7
LJ Ai, which is therefore countable.
i=l
b. a= 7, b= 10
c.
a = 7, b=69
d. a = 1, b=20
33. The number a must lie in some interval of the form r/ k:::; a < (r + 1)/ k. If we divide this
a must lie in one of the halves, so either r/ k:::; a < (2r + 1)/2k or (2r + 1)/2k:::; a< (r + 1)/ k.In the first case, we have la - r/ kl < 1/2k, so we take u= r.In the second case, we have la - (r + 1)/ kl < 1/2k, so we take u=r + 1. 35. First, we have IJ2 - 1/11=0.414 ... < 1/12 .Second, Exercise 30, part a, gives us IJ2 - 7/51 < 1/50 < 1/52. Third, observing that 3/7=0.428 ... leads us to try IJ2 - 10/71=0.014 ... < 1/72=0.0204 .... Fourth, observing that 5/12=0.4166 ... leads us to try IJ2 - 17 /121= 0.00245 ... < 1/122=0.00694 .... interval into equal halves, then
37. We may assume that b and q are positive. Note that if q
> b, we have lp/q - a/bl= lpb - aql/qb :=::: l/qb > l/q2. Therefore, solutions to the inequality must have 1:::; q:::; b.For a given q, there can be only finitely many p such that the distance between the rational numbers a /b and p/q is less than l/q2 (indeed there is at most one.) Therefore, there are only finitely many p/q satisfying the inequality.
39.
3, 6, 9, 12, 15, 18,21, 24, 27,30 b. 1,3, 5,6,8, 10, 12, 13, 15, 17 18,21,23 d.3,6,9, 12, 15, 18,21,25,28,31 a.
c.
2,4,7, 9, 11, 14, 16,
41. Assume that 1/a + 1/ f3 = 1.First, show that the sequences ma and nf3 are disjoint.Then, for an integer k, define N(k) to be the number of elements of the sequences ma and nf3 that are less than k. Then N(k) = [k/a] +
[k/{3].By definition of the greatest integer function, k/a - 1 < [k/a] < k/a k/ f3 - 1 < [k/{3] < k/{3. Add these inequalities to deduce that k - 2 < N(k) < k. Hence N(k) = k - 1, and the conclusion follows.To prove the converse, note that if 1/a + 1/ f3f= 1, then
and
the spectrum sequence can not partition the positive integers.
43. Assume that there are only finitely many Ulam numbers.Let the two largest Ulam numbers be
un-l and un. Then the integer un + un-l is an Ulam number larger than Un. It is the unique sum of two Ulam numbers because ui + uj < un + un-l if
j
45. To get a contradiction, suppose that the set of real numbers is countable. Then the subset of real numbers strictly between
0 and 1 is also countable.Then there is a one-to-one correspondence (0, 1). Each real number b E (0, 1) has a decimal representation of the form b= O.b1b2b3 ..., where bi is the ith digit after the decimal point. For each k = 1, 2, 3, ..., let f (k) =ak E (0, 1).Then each ak has a decimal representation of the form ak =aklak2ak3 ... . Form the real number c = c1c2c3 ... as follows: If akk= 5, then let ck= 4. If akkf= 5, then let ck= 5. Then cf= ak for every k because it differs in the kth decimal place.Therefore f (k) f= c for all k, and so f is not a one-to-one correspondence. f : z+---+
Answers to Odd-Numbered Exercises
643
Section 1.2 1.
a.
55
3.
a.
510
5.
The sum L�=l [,Jk] counts 1 for every value of k with ,Jk � 1. There are n such values of k in the range k= 1, 2, 3, ..., n. It counts another 1 for every value of k with ,Jk � 2. There are n - 3 such values in the range.The sum counts another 1 for each value of k with ,Jk � 3. There are n - 8 such values in the range. In general, for m=1, 2, 3, ..., [Jn] the sum counts a 1 for each value of k with ,Jk � m, and there are n - (m2- 1) values in the range. Therefore, L�=1[,Jk]= L��l n - (m2 - 1)= [Jii"](n + 1) - L��l m2 = [Jll](n + 1) - ([Jll]([Jll] + 1)(2[,Jll] + 1))/6.
7.
The total number of dots in the n by n + 1 rectangle, namely, n (n + 1), is 2tn because the rectangle is madefrom two triangular arrays.Dividing both sides by 2 gives the desired formula.
9.
From the closed formula for the nth triangular number, we have t;+l - t; = ((n + l)(n + 1+1)/2)2- (n(n +1)/2)2=(n +1)2((n +2)2/4- n2/4)=(n +1)2(n2+4n +4- n2)/4= (n + 1)2(4n + 4)/4=(n + 1)3, as desired.
11.
13.
15.
17.
19.
21.
b. -15 b.
c.
24,600
29/20 c.
-255/256
From Exercise 10, we have Pn =(3n2- n)/2.On the other hand, tn-l +n2=(n - l)n/2+n2= (3n2 - n)/2, which is the same as above. Consider a regular heptagon that we border successively by heptagons with 3, 4, 5, ... on each side.Define the heptagonal numbers sk to be the number of dots contained in the k nested heptagons. b. (5k2 - 3k)/2
a.
From Exercise 10, we have Pn =(3n2 - n)/2. Also, l)(n)/2=(3n2- n)/2=Pn·
t3n_if3 =(1/3)(3n - 1)(3n)/2=(3n -
By Exercise 16, we have Tn =L�=l tk =L�=l k(k + 1)/2.Note that (k + 1)3 - k3=3k2 + 3k + 1=3(k2 + k) + 1 so that k2 + k=((k + 1)3 - k3)/3 - (1/3).Then Tn =(1/2) L�=l k(k + 1)= (1/6) L�=1((k + 1)3 - k3) - (1/6) L�=1 1.The first sum is telescoping and the second sum is trivial, so we have Tn =(1/6)((n + 1)3 - 13) - (n/6)= (n3 + 3n2 + 2n)/6. 1 Each of these four quantities are products of 100 integers.The largest product is 100 00, because it is the product of 100 factors of 100. The second largest is 100 !, which is the product of the integers 1, 2, ..., 100, and each of these terms is less or equal to 100.The third largest is (50!)2, which is the product of 12, 22, ... , 502, and each of these factors j2 is less than j(50 + j), whose 1 product is 100!.The smallest is 2 00, which is the product of 100 twos.
( k(k�l) ) =L�=l (f- k!i ) · Let aj=1/(j+1). Notice that this is a telescop ing sum, as in Example 1.19. Therefore, we have L�=l ( k (k�l) ) =L:j=1(aj-1- aj)= L�=l
ao - an=1- 1/(n +1)=n/(n +1).
23.
25.
We sum both sides of the identity (k+1)3 - k3 =3k2+3k+1from k=1 to k= n. L�=1((k+ 1)3 - k3) =(n +1)3 - 1, because the sum is telescoping.L�=1(3k2+3k+1)=3(L:�=l k2)+ 3(L:�=l k) + L�=1 1=3(L�=l k2) + 3n(n + 1)/2 + n. As these two expressions are equal, solving for L�=l k2, we find that L�=l k2=(n(2n +l)(n +1))/6. 10!=(7!)(8· 9 · 10)=(7!)(720)=(7!)(6!). b. 10!=(7!)(6!)=(7!)(5!) · 6=(7!)(5!)(3!). 16!= (14!)(15 .16)= (14!)(240)=(14!)(5!)(2!). d. 9!=(7!)(8. 9)= (7!)(6 .6 .2)= (7!)(3!)(3!)(2!)
a. c.
27.
x
=y = 1 and z =2
644
Answers to Odd-Numbered Exercises Section 1.3
n=1, we have 1<21=2. Now assume n<2n. Then n+1<2n+1<2n+2n=2n+l. 1 1 For the basis step, Li=l k 2 =1 :'.S 2- t =1. For the inductive step, we assume that L�=l k 2 :'.S 1 Then "n=+1 1 ="n= 1 + 1 2 2 - 1 + 1 2 by them · This · duction · hypothes1s. 2 - ii· ii (n+1) L..,k, l kz L..,,k l kz (n+1) :'.S is less than 2- !l + (n�l)2 =2- n!l (1- n!1 ) :'.S 2- n!l' as desired. n
1. For 3.
5.
An = Then
(� �)
. The basis step is trivial. For the inductive step, assume that
An+l=AnA=
( � � ) ( � � ) =( �
n
1
)
An =
(� �)
.
l .
L}=1 j2=1=1(1+1)(2 · 1+1)/6. For the inductive step, we assume that LJ=l j2 =n(n+ 1)(2n +1)/6. Then L}�� j2 = LJ=l j2+ (n +1)2 = n(n+1)(2n+1)/6+(n +1)2=(n+1) (n(2n+1)/6+n+1)=(n+1)(2n2+7n+6)/6= (n+ l)(n+2)[2(n+1)+1]/6. For the basis step, we have L}=l j(j + 1) =2 =1(2)(3)/3. Assume it is true for n. Then L}�� j(j+1)=n(n+ l)(n+2)/3+(n+ l)(n+2)=(n+ l)(n+2)(n/3+1)=(n+ l)(n+ 2)(n+3)/3. 2nCn+l)/2 For the basis step, we note that 12 =4 · 3. For the inductive step, assume that postage of n cents can be formed, with n=4a+5b, where a and b are nonnegative integers. To form n+1 cents postage, if a 0 we can replace a 4-cent stamp with a 5-cent stamp; that is, n+1=4(a- 1) +5(b+1). If no 4-cent stamps are present, then all 5-cent stamps were used. It
7. For the basis step, we have
9.
11. 13.
>
follows that there must be at least three 5-cent stamps and these can be replaced by four 4-cent stamps; that is,
n+1=4(a+4) +5(b - 3).
n=0 because H o =H1=1 :'.:: 1= 2 1+0/2. Now assume that the inequality is true for n, that is, H2n :'.:: 1+n/2. Then H n+1 = 2 "2n l/ · +"2n+In l/ · :'.:: H n+"2n+ln 1/2n+l :'.:: 1+n/2+2n · 1/2n+l - 1+n/2+ 1/2= L..,j, =1 J L..,j, =2 +1 J , j L.., l + 2 2 1+(n+1)/2. 1 For the basis step, we have (2 · 1)!=2<22" (1!)2=4. For the inductive step, we assume that (2n)!<22n(n!)2. Then [2(n +1)]!=(2n)!(2n +1)(2n +2)<22n(n!)2(2n + 1)(2n + 2)< 22n(n!)2(2n+2)2=22Cn+l)[(n+1)!]2. Let A be such a set. Define B as B= {x - k + 11 x EA and x :'.:: k}. Because x :'.:: k, B is a set of positive integers. Because k EA and k :'.:: k, k - k+1=1 is in B. Because n+1 is in A whenever n is, n +1 - k+1 is in B whenever n - k+1 is. Thus, B satisfies the hypothesis for
15. We use mathematical induction. The inequality is true for
_
17.
19.
_
mathematical induction, i.e., B is the set of positive integers. Mapping B back to A in the natural manner, we find that A contains the set of integers greater than or equal to k.
2=1 6<24=4!. For the inductive step, we assume that n2
21 . For the basis step, we have 4 Then
23. We use the second principle of mathematical induction. For the basis step, if the puzzle has only
0 moves. For the induction step, assume that all puzzles n pieces require k - 1 moves to assemble. Suppose it takes moves to assemble a puzzle n+1 pieces. Then the move consists of joining two blocks of size a and b, respectively, with a+b=n+1. But by the induction hypothesis, it requires exactly a - 1 and b - 1 moves to assemble each of these blocks. Thus, =(a - 1)+(b - 1)+1=a+b+1=n+1. one piece, then it is assembled with exactly with k :'.S with
m
m
m
Answers to Odd-Numbered Exercises 25.
645
f(n) is defined recursively by specifying the value of f(1) and a rule for finding f(n +1) from f(n). We will prove by mathematical induction that such a function is well-defined. First, note that f(1) is well-defined because this value is explicitly stated. Now assume that f(n) is well-defined. Then f(n +1) also is well-defined because a rule is given for determining this value from f(n). Suppose that
27. 65,536
29. We use the second principle of mathematical induction. The basis step consists of verifying the
1 1 n =1 and n=2.For n=1, we have f(1)=1=2 +(-1) , and for n= 2, we have 2 2 k k f(2)=5=2 +(-1) . Now assume that f (k) = 2 +(-l) for all positive integers k with k < n where n > 2. By the induction hypothesis, it follows that f(n)=f(n - 1) + 2f(n - 2)= 1 c2n-l+(-l)n- )+2c2n-2+(-l)n-2)=c2n-l + 2n-l) + (-l)n-2(-1+2)=2n+(-l)n. formula for
31.
We use the second principle of mathematical induction. We see that a0=
1 � 3°= 1, a1= 3 � 3i = 2 3, and a2 =9 � 3 =9. These are the basis cases. Now assume that ak � 3k for all integers k with n-l 3n-2 3n-3= 3n-3(l 3 9 = + + ) 0 � k < n.It follows that an= an-l+ an-2 +an-3 � 3 + + n n n -3 -3 13·3 < 27·3 =3 . 33. Let Pn be the statement for n. Then P2 is true, because we have ((a1 +a2 )/2)2 - a1a2 = 2 ((a1 - a2)/2) � 0. Assume Pn is true. Then by P2, for 2n positive real numbers ai. ... , a2n we have a1 + ···+a1n � 2(,Jaill2+,J
35.
Note that because
0
< p/q < 1.The proposition is trivially true if p= 1.We p.Let p and q be given and assume the proposition is true for all rational numbers between 0 and 1 with numerators less than p. To apply the algorithm, we find the unit fraction 1/s such that 1/(s - 1) > p/q > 1/s. W hen we subtract, the remaining fraction is p/q - l/s= (ps - q)/qs.On the other hand, if we multiply the first inequality by q(s - 1), we have q > p(s - 1), which leads to p > ps - q, which shows that the numerator of p/q is strictly greater than the numerator of the remainder (ps - q)/qs after one step of the algorithm. By the induction hypothesis, this remainder is expressible as a sum of unit fractions, 1/u1 + ··· + l/uk. Therefore, p/q= l/s+ 1/u1+ · ··+ l/uk> which completes the induction step. <
p
we have 0
proceed by strong induction on
Section 1.4 1.
a.
55
b.
233
c.
610
d.
2584
e.
6765
f.
75025
2fn+2 - fn=fn+2 + Un+2 - fn)=fn+2 +fn+l=fn+3·Add fn to both sides. 2 5. For n=1, we have h.1=1=1 + 2·1·0= !f + 2f0fi, and for n =2, we have h.2 =3= 12 + 2 ·1 ·1=/J+2fif2• So the basis step holds for strong induction. Assume, then, that hn-4= J;_2 +2fn-3fn-2 and hn-2 = J;_l + 2fn-2fn-l· Now compute hn= hn-l + hn-2 = 2fin-2 + hn-3= 3 hn-2 - hn-4· We may now substitute in our induction hypotheses to set this last expression equal to 3J;_1+6fn-2fn-l - !L2 - 2fn-3fn-2= 3J;_1 +6(fn - fn-1)fn-l 2 Un - fn-1) - 2Un-l - fn-2 )Un - fn-l)= -2J;_l +6fnfn-l - J; +2fnUn - fn-l) -
3.
Note that
2fn-1Un - fn-1)=J; + 2fn-dn• which completes the induction step. 7. LJ=l hj-l= hn· The basis step is trivial. Assume that our formula is true for n, and consider Ji +h + fs +···+hn-l +hn+l= hn +hn+l= hn+2• which is the induction step. n 1 9. First suppose n=2k is even. Then fn - fn-l+···+(-l) + !1=U2k+hk-l+···+Ji) 2(f2k-l + hk-3 +···+Ji)= U2k+2 - 1) - 2(f2k) by the formulas in Example 1.27 and
646
Answers to Odd-Numbered Exercises Exercise 7. This last equals U2k+2 - hk) - hk - 1 = hk+l - hk - 1 = hk-l - 1 = fn-l - 1. +l Now suppose n =2k + 1 is odd. Then fn - fn-l + ··· + (-l)n =hk+I - U2k - hk-l + 1 + n ···- (- l) Ji) = hk+1 - U2k-l - 1) by the formula just proved for the even case. This last equals U2k+1 - hk-1)+ 1 = hk +1 = fn-l+ 1. We can unite the formulas for the odd and even cases by writing the formula as fn-l - (-l)n. 11. FromExercise5 , we have
fn-1)=J;+l - J;_l.
hn=J; + 2fn-dn=fnUn + fn-l + fn-1)=Un+l - fn-1)Un+l +
L:}=l !J = ff= fif2. To make the inductive step, we assume that LJ=l !J = fn!n+l· Then L:j�� !J = LJ=l !J +J;+l = fnfn+I+ J;+l =
13. We use mathematical induction. For the basis step,
fn+dn+2·
!n+dn - fn-dn-2 = U{ +···+ J; ) - U{+ ··· 1;_2) = J; + 1;_1. The identity in Exercise 10 shows that this is equal to hn-l when n is a positive integer, and in particular when n is greater than 2. 17. For fixed m, we proceed by induction on n. The basis step is fm+l=fmh + fm-d1 =fm·1+ fm-l · 1, which is true. Assume the identity holds for 1, 2, ... , k. Then fm+k=fmfk+l + fm-dk and !m+k-l = fmfk +fm-dk-l· Adding these equations gives us !m+k +!m+k-l = fm(fk+1 + fk)+ fm-1Cfk +fk-1). Applying the recursive definition yields fm+k+l = fmfk+2+ fm-dk+I· 19. L:7=1 Li = Ln+2 - 3. We use mathematical induction. The basis step is L1 = 1 = L3 - 3. Assume that the formula holds for n and compute L:7::J Li =L:7=l Li + Ln+l=Ln+2 - 3 + Ln+l= (Ln+2+ Ln+l) - 3 = Ln+3 - 3. 21. L:7=1 L2i =L2n+l - 1. We use mathematical induction. The basis step is L2=3=L3 - 1. Assume that the formula holds for n and compute L:7::f L1i = L:7=1 L1i +L1n+2 = L2n+l1 + L2n+2=L2n+3 - 1. 23. We proceed by induction. The basis step is Li=1=L1L2 - 2. Assume the formula holds for n and consider L:7::J Lf =L:7=l Lf + L�+l=LnLn+l - 2 + L�+l=Ln+1(Ln + Ln+l) - 2= Ln+lLn+2 - 2. 25. For the basis step, we check that Lif1=1·1=1 =hand L2h=3·1=3=f4• Assume the identity is true for all positive integers up ton. Then we have !n+lLn+l = Un+2 - fn)Un+2 - fn) 2 2 from Exercise 16. This equals !;+2 - J; = Un+l +fn) - Un-I+ fn-2) = I;+l+ 2fn+dn + 1; - 1;_1 - 2fn-dn-2 - 1;_2= u;+i - 1;_1) + u; - 1;_2) + 2Un+dn - fn-dn-2)= Un+l - fn-1)Un+l +fn-1) +Un - fn-2)Un +fn-2)+ 2U2n-1), where the last parenthetical expression is obtained from Exercise 8 . This equals fnLn+ fn-lLn-l +2hn-l· Applying the induction hypothesis yields hn + hn-2 + 2hn-l=Chn + hn-1) + Chn-l + hn-2)= hn+I +hn = hn+2• which completes the induction. 27. We prove this by induction on n. Fix m a positive integer. If n=2, then for the basis step we need to show that Lm+2=fm+IL2 + fmLl =3fm+I + fm, for which we will use induction on m. Form = 1 we have L3 = 4 = 3·h+ Ji, and form = 2 we have L4 = 7 = 3· h+ h, so the 15. From Exercise 13, we have
basis step form holds. Now assume that the basis step for n holds for all values ofm less than and equal tom. Then Lm+3=Lm+2 + Lm+l=3fm+l + fm + 3fm + fm-l=3fm+2 + fm+l• which completes the induction step onm and proves the basis step for n. To prove the induction step on n, we compute Lm+n+l = Lm+n +Lm+n-l = Um+lLn+ fmLn-1) +Um+lLn-l+ fmLn-2) = !m+1(Ln + Ln-1) + fm(Ln-l + Ln-2)=!m+lLn+l + fmLn, which completes the induction on n and proves the identity.
=34 + 13 + 3=f9 + h + f4, 85 =55 + 21 + 8 + 1=/10 + /8 + f6 + h, 110 =89 + 21= /11 +/8 and 200 = 144 +55 +1 = !12 +/10+ h·
29. 50
Answers to Odd-Numbered Exercises
647
31. We proceed by mathematical induction. The basis steps (n = 2 and
3) are easily seen to hold. For the inductive step, we assume that I ::'::an-land I -I::'::a - · Now I + = I + I -I::':: n n n n n 2 n l an-I+an-2=an, because a satisfies an =an-I+an-2. 33. We use Theorem 1.3. Note that a2 =a+1 and /J2 = fJ + 1, because they are roots of x2 - x - 1=0. Then we have fzn= (a2n - {J2n)j,./5= (1/,./5)((a+ l)n - (/J + l)n)= (1/,./5) (j)ai (j) [Ji)= (1/,./5) (j)(ai - [Ji)= (j)I because i fi
(LJ=O
the
- LJ=O
LJ=l
LJ=O
rst term is zero in the second-to-last sum.
35. On one hand, det(Fn) = det(F)n = (- l)n. On the other hand, det
3 7. 39.
41.
43.
45.
( If:l L�l ) =In+dn-l - I!;.
Io=0, I-1=1, I-2= -1, I-3= 2, I-4 = -3, I-s = 5, I-6 = -8, I-1=13, I-s = -21, I-9 = 34, I-10= -55 The square has area 64 square units, while the rectangle has area 65 square units. This corresponds to the identity in Exercise 14, which tells us that his - fi =1. Notice that the slope of the hypotenuse of the triangular piece is 3/8, while the slope of the top of the trapezoidal piece is 2/5. We have 2/5 - 3/8=1/40. Thus, the "diagonal" of the rectangle is really a very skinny parallelogram of area 1, hidden visually by the fact that the two slopes are nearly equal. We solve the equation r 2- r - 1=0 to discover the roots r1 = (1+ ,./5)/2 and r = (1- ,./5)/2. 2 Then, according to the theory in the paragraph above, I = C1r1 + C r2. For n=0, we have 0= 2 n C1r?+ C2rg = C1+ C2.For n =1, we have 1= C1r1+ C2r2= C1(1+ ,./5)/2+ C2(1- ,./5)/2. Solving these two equations simultaneously yields C1 =1/,JS and C =-1/,./5. So the explicit 2 formula is I = (1/,./5)r1 - (1/,./5)rz= ( r! - rz)/,./5. n We seek to solve the recurrence relation L = L - + L - subject to the initial conditions n n l n l L1=1 and L2= 3. We solve the equation r 2 - r - 1=0 to discover the roots a= (1+ ,./5)/2 and fJ = (1- ,./5)/2. Then, according to the theory in the paragraph above Exercise 41, L = n C1an+ C2{Jn. For n=1, we have L1=1= C1a+ C2{J.For n= 2, we have 3= C1a2+ C2{J2. Solving these two equations simultaneously yields C1=1 and C =1. So the explicit formula is 2 Ln=an+ {Jn. First check that a2=a+ 1 and {J2= fJ + 1. We proceed by induction. The basis steps are (1/,./5)(a- {J) = (1/,./5)(,./5) =1=Ji and (1/,./5)(a2- {32)= (1/,./5)((1+a)- (1+ {J))= (1/,./5)(a - /J) =1= fz. Assume the identity is true for all positive integers up ton. Then In+l= In+ In-l = (1/,./5)(an _{Jn)+ (1/,./5)(an-l _{Jn-l) = (1/,./5)(an-l(a+1) _{Jn-l({J+ 1 1))= (1/,./5)(an-l(a2) - {Jn- ({32))= (1/,./5)(an+l - {Jn+l), which completes the induction.
Section 1.5 1.
3199 because 99 = 3 · 33, 51145 because 145= 5 · 29, 71 343 because 343=7 · 49, and 88810 because 0 = 888 · 0
3.
a.
yes
5.
a.
q = 5,
7.
a.
1 and 13
b. yes
c.
r =15 b. 1,
no
d. no
b. q =17,
e.
r =0
3, 7, and 21
c.
no c.
f. no q =-3,
r =7
1, 2, 3, 4, 6, 9, 12, 18, and 36
(11, 22)=11 b. ( 36, 42)= 6 c. ( 21, 22 )=1 11. Each of 1, 2, 3, . .. , 10 is relatively prime to 11. 9.
a.
d. q =-6,
d.
r =2
d.
1, 2, 4, 11, 22, and 44
(16, 64)=16
648
Answers to Odd-Numbered Exercises
13. (10, 11), (10, 13), (10, 17), (10, 19), (11, 12), (11, 13), ... ' (11, 20), (12, 13), (12, 17),
(12, 19), (13, 1 4), (13, 15), . . . ' (13, 20), (14, 15), (14, 17), (14, 19), (15, 16), (15, 17), (15, 19), (16, 17), (16, 19), (17, 18), (17, 19), (17, 20), (18, 19) and (19, 20)
15. By hypothesis, b =ra and d =sc, for some r and s. Thus, bd =rs(ac) and ac I bd. 17. If a I b, then b =na and be=n(ca), i.e., ac I be.Now suppose ac I be. Thus, be= nae and, as c
=j:. 0, b= na, i.e., a I b.
19. By definition, a I b if and only if b = na for some integer n. Then raising both sides of this equation to the kth power yields
k k k k k b =n a whence a I b .
21. Let a and b be odd, and c even. Then ab= (2x+1)(2y+1)= 4xy+2x +2y+1= 2(2xy+ x +y)+1, so ab is odd.On the other hand, for any integer n, we have en=(2z)n=2(zn), which 1s even.
23. By the division algorithm, a=bq+r, with 0:::; r If 0:::; b - r
25.
a.
<
<
b.Thus -a=-bq - r=-(q+ l)b +b - r.
b, then we are done. Otherwise, b - r= b, or r= 0 and -a= -qb+0.
The division algorithm covers the case when b is positive.If b is negative, then we may apply
the division algorithm to a and lbl to get a quotient q and remainder r such that a= qlbl+r and 0:::; r
<
lbl.But because b is negative, we have a=q(-b) +r =(-q)b+ r, as desired.
27. By the division algorithm, let m= qn +r, with 0:::; r
<
n - 1 and q= [m/n]. Then
[(m+ l)/n] = [(qn+r+ l)/n] = [q+(r+ l)/n] =q+ [(r+ l)/n] ,
If r =0, 1, 2, . . . , n - 2, then m
b. 3
as in Example 1 .31 .
=j:. kn - 1 for any integer k and 1/n:::; (r+ l)/n
<
1 and so
[(r + l)/n] = 0. In this case, we have [(m+ l )/n]= q+0= [m/n]. On the other hand, if r=n - 1, then m=qn+n - 1=n(q+1) - 1=nk - 1, and [(r+ l )/n]=1. In this case, we have [(m+ l )/n]=q+1=[m/n]+1.
29. The positive integers divisible by the positive integer d are those integers of the form kd where k is a positive integer. The number of these that are less than x is the number of positive integers k with kd :::; x , or equivalently with k:::; x /d . There are [x /d] such integers.
31. 128; 18 33. 457 35. It costs 44 - [1 -
w ]17
cents to mail a letter weighing x ounces. It can not cost $ 1 .8 1 ; a 13-ounce
letter costs $2. 65.
37. Multiplying two integers of this form gives us (4n +1)(4m+1) = l6mn + 4m+4n + 1= 4(4mn+m+n) +1. Similarly, (4n+3)(4m+3) = l6mn + l2m + l2n +9=4(4mn+3m+ 3n +2) +1.
39. Every odd integer may be written in the form 4k+1 or 4k+3.Observe that (4k+1)4 =162k4 + 4(4k)3+6(4k)2+4(4k) +1= 16(16k4 +16k3 +6k2+k)+1. Proceeding further, (4k+3)4=
(4k)4 +12(4k)3 +54(4k)2 +108(4k) +34= 16(16k4 +48k3+54k2 +21k+5) +1.
41. Of any consecutive three integers, one is a multiple of three. Also, at least one is even. Therefore, the product is a multiple of 2 · 3= 6.
43. For the basis step, note that 03+13+23= 9 is a multiple of 9. Suppose that n3 +(n+1)3 +(n+ 2)3 =9k for some integer k. Then (n+1)3 +(n+2)3 +(n+3)3 =n3 +(n+1)3 +(n+2)3 + (n+3)3 - n3 =9k+n3 +9n2 +27n +27 - n3=9k+9n2 +27n+27=9(k+ n2 +3n+3), which is a multiple of 9.
45. We proceed by mathematical induction.The basis step is clear.Assume that only f4n 's are divisible
fi, i :::; 4k. Then, as f4k+1= f4k +f4k-1' 31 f4k and 3 I f4k+1 gives us the contradiction · I f4k-1 Thus, 3 l f4k+1· Continuing on, if 3 I f4k and 3 I f4k+2• then 3 I f4k+l• which contradicts the statement just proved. If 31 f4k and 3 1 f4k+3• then, because f4k+3 =2f4k+l + f4k> we again have a contradiction. But, as f4k+4 = 3f4k+1 +2f4k, and 31 f4k and 31 3 · f4k+1' we see that 31 f4k+4· by 3 for
3
Answers to Odd-Numbered Exercises 47. First note that for n
649
5, 5fn-4 + 3fn-5 = 2fn-4 + 3
induction.
49.
39,59,89, 134,67, 101, 152,76,38,19,29,44,22,11,17,26,13,20, 10,5,8,4,2,1
51. We prove this using the second principle of mathematical induction. Because T(2) =
1,the Collatz
conjecture is true for n=2. Now assume that the conjecture holds for all integers less that n.
By assumption, there is an integer k such that k iterations of the transformation T, starting at n, produces an integer
m
less than n. By the inductive hypothesis, there is an integer l such that
iterating T l times starting at with n leads to
produces the integer
m
1.
Hence, iterating T k + l times starting
1.
(2 + ../3)ll + (2 - ../3)n is an even integer. B y the binomial theorem, it n n n n n follows that (2 + ../3) + (2 - ../3) = LJ=O (})2i ../3 -j + LJ=O (})2i (-l) -j .j3 -j = 2(2n + (�)3 2n-2+ (�)32 2n-4 + ) =21 where l is an integer.Next, note that (2 - ../3)n< 1. n n n n Because (2 + ../3) is not an integer, we see that [(2 + ../3) ] = (2 + ../3) + (2 - ../3) - 1. It n follows that [(2 + ../3) ] is odd.
53. We first show that
·
·
·
·
·
55. We prove existence of q and r by induction on
a.
a� 0. Assume existence in the division algorithm holds for all nonnegative integers less than a. If a< b, then let q = 0 and r=a, so that a=qb +r and 0:::; r=a< b. If a� b, then a - b is nonnegative and by the induction hypothesis, there exist q' and r' such that a - b = q'b + r', with 0:::; r'< b. Then a= (q' + l)b +r', so we letq=q' + landr=r'.This establishes the induction step, so existence is proved for a� 0. Now suppose a< 0. Then -a > 0, so, from our work above, there exist q' and r' such that -a=q'b + r' and 0:::; r'< b.Then a= -q'b - r'.Ifr'=0, we're done.If not, then 0 :::; b - r'< b and a = ( -q' - l)b + b - r', so letting q = -q' - 1 and r = b - r' satisfies First assume that
the theorem.Uniqueness is proved just as in the text.
Section 2.1 1.
(5554h; (2112) 1 0
3.
(175)i0; (lllllOOlllh
5.
(8F5)i6; (74Eh6
7. This is because we are using the blocks of three digits as one "digit," which has
1000 possible
values.
9.
-39; 26
k 2 , then by Theorem 1.10, m has a base two expansion 1 + a12 + a02°, where each ai is 0 or 1. The 2i weight is used if
11. If m is any integer weight less than
k l k 2 m = ak_12 - + ak_ 22 - + and only if ai = 1.
13. Let
·
·
·
10, w has a unique balanced ternary expansion. i Place the object in pan 1. If ei = 1, then place a weight of 3 into pan 2. If ei = -1, then place a i i weight of 3 in pan 1. If ei =0,then do not use the weight of 3 . Now the pans will be balanced. w
be the weight to be measured.By Exercise
15. To convert a number from base r to base rn, take the number in blocks of size n.To go the other way, convert each digit of a base
17.
(akak l ... a1a000 ...OOh, ofn
rn number to base r, and concatenate the results.
where we have placed
m
zeroes at the end of the base b expansion
Answers to Odd-Numbered Exercises
650
19.
a.
21.
If m is positive, then an-l= 0 and an_2an_3 ... a0 is the binary expansion of m. Hence,
-6
m=
b. 13
c.
d. 0
-14
L7:;:J ai2i as desired. If m is negative, then the one's complement expansion for m has
its leading bit equal to 1. If we view the bit string an_2an_3 ... a0 as a a binary number, then it represents
(2n
-l
-
1)
-
(-m), because finding the one's complement is equivalent to subtracting
the binary number from 111
·
·
·
1. That is, (2n
-l
- 1)
-
(-m)
=
L7:;:J ai2i. Solving form gives
us the desired identity.
23.
a.
25.
Complement each of the digits in the two's complement representation form and then add 1.
-7
b. 13
c.
-15
d. -1
27. 4n 29.
We first show that every positive integer has a Cantor expansion. To find a Cantor expansion
� n< (m + 1) !. By am such that n = m! am + rm where 0 � am �m and 0 �rm< m!. We iterate, finding that rm= (m - 1)! am-l + rm-l where 0 � am-l �m - 1 and 0 �rm-l< (m - 1)!. We iterate m - 2 more times, where we have ri= (i - 1) ! ai-l + ri-l where 0 � ai-1 �i- 1and0 �ri-1< (i 1)! for i = m + 1, m, m 1, ... , 2 with rm+l = n. At the last stage, we have r 2= 1 ! a 1 + 0 where r2= 0 or 1 and r2= a 1 . Uniqueness is proven as of the positive integer
n,
let m be the unique positive integer such that m!
the division algorithm there is an integer
·
·
·
-
-
·
in the base-b expansion.
31.
Call a position good if the number of ones in each column is even, and bad otherwise. Because a player can only affect one row, he or she must affect some column sums. Thus, any move from a good position produces a bad position. To find a move from a bad position to a good one, construct a binary number by putting a 1 in the place of each column with odd sum, and a 0 in the place of each column with even sum. Subtracting this number of matches from the largest pile will produce a good position.
33.
a.
First show that the result of the operation must yield a multiple of 9. Then it suffices to check
only multiples of 9 with decreasing digits. There are only 79 of these. If we perform the operation on each of these 79 numbers and reorder the digits, we will have one of the following 23 numbers:
7551, 9954, 5553, 9990, 9981, 8820, 9810, 9620, 8532, 8550, 9720, 9972, 7731, 6543, 8730, 8640, 8721, 7443, 9963, 7632, 6552, 6642, or 6174. It will suffice to check only 9810, 7551, 9990, 8550, 9720, 8640, and 7632, because the other numbers will appear in the sequences which these 8 numbers generate. b. 8
35.
Consider a0
= (3043k We find that T6 repeats with period 6. Therefore, it never goes to a
Kaprekar's constant for the base 6.
37.
Suppose n= ai + ai = ak + a1 with i � j and k � l. First, suppose if. j. Then n = ai + ai = i 2 + 2 i is the binary expansion of n. By Theorem 2.1, this expansion is unique. If k= l, then
k 1
ak + a1 = 2 + , which would be a different binary expansion of
n,
so k f. l. Then we must have
i l
i= k and j= l by Theorem 2.1, so the sum is unique. Next, supposei= j. Then n= 2 + and so k 1 i l ak + a1= 2 + 2 = 2 + . This forces k= l= i, and again the sum is unique. Therefore, {ai} is a Sidon sequence.
Section 2.2 1. (10010110110h 3. (1011101100h 5. (10110001101h 7. q= (lllllh, r = (1100h
Answers to Odd-Numbered Exercises
651
9. (3314430)5 11. (4320023)5 13. (16665h6 15. (B705736)i6 17. We represent the integer (18235187)i0 using three words-((018)(235)(187))i000-and the
integer (22135674)10 using three words-((022)(1 35)(674))i000-where each base 1000 digit is
represented by three base 10 digits in parentheses.To find the sum, difference, and product of these integers from their base 1000 representations, we carry out the algorithms for such computations
for base 1000 .
19. To add numbers using the one's complement representation, first decide whether the answer
will be negative or positive.To do this is easy if both numbers have the same lead (sign) bit;
otherwise, conduct a bit-by-bit comparison of a positive summand's digits and the complement of
the negative's.Now add the other digits (all but the initial (sign) bit) as an ordinary binary number. n If the sum is greater than 2 , we have an overflow error.If not, consider the three quantities of the two summands and the sum.If exactly zero or two of these are negative, we're done. Otherwise, we need to add (lh to this answer.Also, add an appropriate sign bit to the front of the number.
21. Let a= (amam-l ...a a1)1 and b = (bmbm-l ...b b1)1 . Then a+ b is obtained by adding the 2 2 digits from right to left with the following rule for producing carries.If aj+ bj+ cj-l• where cj-l is the carry from adding aj-l and bj-1' is greater than j, then c j = 1, and the resulting
jth digit is aj+ bj+ cj-l - j - 1.Otherwise, cj = 0 .To subtract b from a, assuming a> b, we let di = ai - bi +ci-l and set ci = 0 if ai - bi +ci-l is between 0 and j. Otherwise, di= ai - bi+ ci-1+j+1 and set ci = -1.In this manner, a - b = (d md m-l ...dzd1)1.
23. We have (an ...a15)i0 = (lO(an ...a1)i0+ 5)2 = lOO(an ...a1)i0+ lOO(an ...a1)i0+ 25 =
100 (an ...a1)i0 ( (an ...a1)i0 +1)+25.The decimal digits of this number consist of the decimal
digits of (an ...a1)i0((an ...a1)i0 +1) followed by 25 because this first product is multiplied by
100, which shifts its decimal expansion two digits .
Section 2.3 1.
a.
yes
b. no
c.
yes
d. yes
e.
yes
f. yes
3. First note that (n3+ 4n2 log n+ 101n2) is O(n3) and that (14n log n+ 8n) is O(n log n) as in Example 2.12.Now applying Theorem 2.3 yields the result.
5. Use Exercise 4 and follow Example 2.12 noting that (log n)3:::; n3 whenever n is a positive integer. 7. Let k be an integer with 1:::; k:::; n.Consider the function f(k)= (n+1- k)k, whose graph is a
concave-down parabola with k-intercepts at k = 0 and k = n+ 1.Because f (1) = f (n) = n, it is clear that f (k) 2: n for k= 1, 2, 3, ..., n.Now consider the product (n!)2= CT�=l k(n+1- k) 2: n n CT�=l n, by the inequality above. This last is equal to n . Thus, we have n :::; (n!)2• Taking logarithms of both sides yields n log(n):::; 2 log(n!), which shows that n log(n) is O(log(n!)).
9. Suppose that f is 0 (g) where f (n) and g (n) are positive integers for every integer n.Then there is an integer C such that f (n) fk is O(gk).
<
Cg (n) for all x
E
S. Then fk(n)
<
ckgk(n) for all x
E
S. Hence,
11. The number of digits in the base b expansion of n is 1+ k where k is the largest integer such that 1 0 l bk:::; n < bk+ because there is a digit for each of the powers of b , b , ..., bk. Note that this inequality is equivalent to k:::; logb n digits in the base b expansion of n.
<
k+1, so that k = [logb n].Hence, there are [logb n]+1
13. To multiply an n-digit integer by an m-digit integer in the conventional manner, one must multiply every digit of the first number by every digit of the second number.There are nm such pairs.
Answers to Odd-Numbered Exercises
652
15.
�
b. O ((n logn)l+E) for any
O(n log n log2 log2 n log2 log2 log2 n)
a.
E >
0
17. (llOOOll)z 19.
2 ab= (10 n+ lQll)A1B 1+10n(A1 - Ao)(Bo - B1)+ (lOn+ l)AoBo where Ai and Bi are
a.
defined as in identity (2.2).
b. 6351
c.
11,522,328
21. That the given equation is an identity may be seen by direct calculation. The seven multiplications necessary to use this identity are aubu, a12b21. (au - az1 - az2Hbu - biz - bzz), (a21+ az2)(b12 - bu). (au+a12 - az1 - azz)bzz, (au - az1)(b22 - biz), and azz (bu - bz1 - biz+ bzz).
23. Let k = [log2 n]+1. Then the number of multiplications for 2k x 2k matrices is 0(7k). But, nJ+l) = O (2logz n logz 72Iogz 7) = O (nlogz 7). The other bit operations are absorbed 0 7k =2 ogz 7)([logz into this term.
Section 3.1 1.
a.
yes
b. yes
c.
yes
d. no
e.
yes
f. no
3. 2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103, 107,109,113,127,131,137,139,149
5. none 7. Using the identity given in the hint with k such that 1 < k
an - 1 is prime by hypothesis, ak - 1=1. From this, we see that a =2 and k =1, k > 1. Thus,we must have a =2 and n is prime.
contradicting the fact that
9. We need to assume n '.'.'.: 3 to assure that S
n
>
1. Then by Lemma 3.1, S
n
has a prime divisor
p :::; n,then p In!,and so p In! - S = 1,a contradiction.Therefore,we must have p n
p. If
> n.Because
we can find arbitrarily large primes, there must be infinitely many.
11. 3, 7, 31, 211,2311,59
2
13. Ifn is prime,we are done. Otherwise n / p < ( ffe,) . Ifn/ p is prime,then we are done. Otherwise, by Theorem 3.2,nj p has a prime factor less than .jn[p
15.
a.
7
b. 19
c.
< ffe, a contradiction.
71
17. A positive integer has a decimal expansion ending in 1 if and only if it is of the form l Ok+1 for some integer
k. This represents an arithmetic progression.Because (10, 1)= 1,we may apply
Dirichlet's theorem to conclude that there are infinitely many primes of this form.
19. A positive integer has a decimal expansion ending in 123 ifand only ifit is ofthe form lOOOk+123 for some integer
k. This represents an arithmetic progression. Because (1000, 123) =1,we may
apply Dirichlet's theorem to conclude that there are infinitely many primes of this form.
21. Let n be fixed, and let a be the integer with decimal expansion a string ofn ls followed by a 3. Consider the arithmetic progression 2 or 5, so
10n+Ik+a. Because a ends in 3, it can not be divisible by 1 (1Qll+ , a)= 1.Then by Dirichlet's theorem, there are infinitely many primes in this
progression, and each has the desired form.
23. If n is prime the statement is true for n. Otherwise,n is composite, so n is the product of two integers a and b such that 1
both
:::; b
a and b are the product of primes,we conclude that n is also the product of primes.
25. 53 27. Forn= 0, 1, 2, ...10,the values ofthefunction are 11, 13, 19, 29, 43, 61, 83, 109, 139, 173, 211, each of which is prime.But 2 ·
2 11 +11=11(2 · 11+1) =11·23,.
29. Assume not. Let x0 be a positive integer. It follows that f(x0) = p where p is prime. Let
k be an integer. We have f(x0+kp)= a (x0+kpr + · · · +a1(x0+kp)+a0. Note that n
Answers to Odd-Numbered Exercises
653
i k = (x0 +kp)j = L,{=1 ({)xt (kp)i. It follows that f(x0 + p) LJ=O ajx� +Np= f(x0) +Np, for some integer N. Because p I f(x0) it follows that p I (f(x0) +Np)= f(x0 +kp). Because f(x0 +kp) is supposed to be prime, it follows that f(x0 + p) k = p for all integers k. This contradicts the fact that a polynomial of degree n takes on each value no more than n times. Hence f (y) is composite for at least one integer y. by the binomial theorem,
31. At each stage of the procedure for generating the lucky numbers the smallest number left, say k, is designated to be a lucky number and infinitely many numbers are left after the deletion of every kth integer left. It follows that there are infinitely many steps, and at each step a new lucky number is added to the sequence. Hence there are infinitely many lucky numbers.
Section 3.2 1. 24 ,25,26 ,27' 28
p, p +2, and p +4 were all prime. We consider three cases. First, suppose that p is of the form 3k. Then p cannot be prime unless k= 1, and the prime triplet is 3, 5, and 7. Next, suppose that pis of the form 3k+1. Then p +2 = 3k+3= 3(k+1) is not prime. We obtain no prime triplets in this case. Finally, suppose that p is of the form 3 k +2 . Then p +4 = 3 k +6 = 3(k+2) is not prime. We obtain no prime triplet in this case either.
3. Suppose that
5. (7, 11, 13), (13, 17, 19), (37, 41, 43), (67, 71, 73) 7.
a.
5
b. 7
c.
29
d. 53
9. 127,149,173,197,227,257,293,331,367,401
p is a prime of the form 105n+97,then p +2 =105n+99 =3(35n+33) which is not prime, sopcan not be the first member of a prime triple. Also, p - 2 = l05n+95=5(21n+19),which is not prime, sopcan not be the second member of a prime triple. Finally, p - 6 = l05n+91= 7( l5n+13) is not prime, so p can not be the third member of a prime triple. Because (97, 105)= 1,
11. If
Dirichlet's theorem tells us that the arithmetic progression l05n+97 contains infinitely many such primes.
13.
a.
7=3+2 +2
e.
101=97+2 +2
b. 17=11+3+3
c.
27=23+2 +2
d. 97=89 +5+3
f. 199 =191+5+3
15. Suppose that n > 5 and that Goldbach's conjecture is true. Apply Goldbach's conjecture ton - 2 if n is even, or n - 3 if n is odd. Conversely, suppose that every integer greater than 5 is the sum of three primes. Let n
>
2 be an even integer. Then n+2 is also an even integer that is the sum
of three primes, not all odd.
p < n be prime. Using the division algorithm, we divide each of the first p +1 integers in the sequence by p to get a= q0p +r0, a+ k = q1p +rI> ..., a +pk= q +r with 0 � ri < p P for each i. By the pigeonhole principle, at least two of the remainders must be equal, say, ri=rj. We subtract the corresponding equations to get a +ik - a - jk = qip +ri - qjp +rj, which reduces to (i - j)k = (qi - qj)p. Therefore pl(i - j)k, and because pis prime, it must divide one of the factors. But because (i - j)< p, we must have plk.
17. Let
P
'
19. The difference is 6, achieved with 5, 11, 17, 23. 21. The difference is 30,achieved with 7, 37, 67, 97, 127, 157.
- qf3 = 1, with p, q primes, then por q is even, sopor q is 2. If p = 2 , there are several qf3 = 1. If a is even, say, a= 2k, (22k - 1)= (2k - 1)(2k +1)= qf3. So q I (2k - 1) and q I (2k +1); hence, q = 1,a contradiction. If a is odd and f3 is odd, 2a= 1+qf3 = (1+q)(qf3- I - q/3-2 + +1). So 1 +q = 2n for some n. Then 2a = (2n - l)f3 +1= 2n(odd number ), because f3 is odd. So 2a-n =odd number, and so a= n. Therefore, 2a =1+ (2a - l)f3 1 and so f3 = 1, which is not allowed. If a= 2 k +1 and f3 = 2 n we have 22k+ = 1+q2n. Because
23. If pa
cases: we have 2a -
·
·
·
654
Answers to Odd-Numbered Exercises q is odd, q2 is of the form 4m + 1, and by the binomial theorem, so is q2n. Thus, the right hand side of the last equation is of the form 4m + 2, but this forces k=0, a contradiction. If -l q= 2, we have pa - 2/J =1.Whence 2/J = (p - l)(prx + pa-2 + + p + 1), where the last factor is the sum of a odd terms but must be a power of 2; therefore, a =2k for some k. k k Then 2/J =(p - l)(p + 1).These last two factors are powers of 2 that differ by 2, which forces k =1, a =2, f3 =3, p =3, and q =2 as the only solution: 32 - 23=1. ·
·
·
2n, p and 2p are the only multiples of p that appear as factors in (2n)!. So p divides (2n)! exactly twice.Because 2p > n, p is the only multiple of p that appears as a factor in 2 n!. So p In! exactly once. Then, because { :) =2n!f(n!n!), the two factors of p in the numerator
25. Because 3p
>
are canceled by the two in the denominator.
l (2k- , 2k), for k =2, 3, 4, .... Thus, there are at least k - 1 primes less than 2k. Because the prime 2 isn't k counted here, we have at least k primes less than 2 .
27. By Bertrand's conjecture, there must be a prime in each interval of the form
n. Then l/n + 1/(n + 1) + + 1/(n+ m) :'.'.:: l/n+ 1/(n+ 1)+ + 1/(2n - 1)< l/n+ l/n+ + l/n :'.'.:: n(l/n) =1, so the sum can not be an integer. Now suppose m::: n. Then by Bertrand's postulate, there is a prime p such that n < p < n + m. Let p be the largest such prime. Then n + m < 2p; otherwise, there would be a prime q with p< q< 2 p :'.'.:: n+ m, contradicting the choice of p. Suppose that l/n + 1/(n + 1) + · ·· + 1/ p + ·· · + 1/(n + m)=a where a is an integer. Note that p occurs as a factor in only one denominator, because 2 p > n + m. Let Q= n1�: j ' and let Qi = Q/i, for i =n, n + 1, ..., n+ m. If we multiply the equation by Q, we get Q n + Qn+l + + QP + + Qn+m = Qa. Note that every term on both sides of the equation
29. Because 1/lis an integer, we may assume n ·
·
·
·
·
·
·
·
·
·
>
1.First suppose thatm <
·
·
·
·
·
is divisible by p except for QP. If we solve the equation for Q P and factor a p out of the other side, we have an equation of the form Q
divides QP' a contradiction.
P
=pN where N is some integer.But this implies that p
2 2 2 must a prime dividing both p and n, and the only possibility for this is p itself, that is, pin. Now 2 2 2 2 if n::: 7 , then it is greater than 2 , 3 , and 5 , and hence divisible by 2, 3, 5, and 7. This is the
31. Suppose n has the stated property and n::: p for some prime p.Because p is not prime, there
basis step for induction. Now assume
n is divisible by Pi. p2, ..., Pk· By Bonse's inequality,
Pi+l< P1P1 ···Pk< n, so Pk+iln also.This induction implies that every prime divides n, which is absurd. Therefore, if
n has the stated property, it must be less than 72=49. To finish, check the
remaining cases.
33. First suppose n::: 8. Note that by Bertrand's postulate we have Pn-l < Pn < 2Pn-l and
Pn-2< Pn-1 < 2Pn-2· Therefore, P� < (2Pn-1)(2Pn-1) < (2Pn-1)(4Pn-2) = 8Pn-1Pn-2 = Pn-1Pn-2P5 :'.'.:: Pn-1Pn-2Pn-3• because n ::: 8. Now check the cases n=6 and 7. 6 6 35. From Corollary 3.4.1, we expect p1,ooo,ooo"" 10 log 10
�
6 10 6(2.306)
=13, 836,000. The
millionth prime is, in fact, 15, 485, 863.
Section 3.3 1.
a.
5
b. 111
c.
6
d. 1
e.
11
f. 2
3. a 5. 1
a and b be even integers.Then a=2k and b=21 for some integers k and l. Letd=(a, b). m and n such thatd =ma+ nb =m2k+ n2l = 2(mk + nl). Therefore 21 d, and sod is even.
7. Let
Then by Bezout's theorem, there exist integers
Answers to Odd-Numbered Exercises
655
3.8, (ca, cb) =cma+ cnb =lcl ·Ima+ nbl, where cma+ cnb is as small as possible. Therefore, Ima+nbl is as small a positive integer as possible, i.e., equal to (a, b).
9. By Theorem
11. 1or2
a=2k. Because (a, b)I b, (a, b)=(k, b)=(a/2, b).
13. Let So
and b is odd,
(a,
b) is odd. But
(a,
b)I
a=2k. Thus, (a,
b)I
k.
d =(a, b). Then (a/d, b/d) =1, so if gla/d, then (g, b/d)=1. In particular, if we let e=(a/d, bc/d), then ela/d, so (e, b/d)=1, so we must have elc. Because ela/d, then ela, so el(a, c). Conversely, if f =(a, c), then (f, b) =1, so (d, f)=1, so fla/d, and, trivially, flbc/d. Therefore fie, whence e=f. Then (a, b)(a, c)=de= d(a/d, bc/d)=(a, be).
15. Let
17.
10, 26, 65
19.
a.
2
b.
5
c.
99
d. 3
e.
7
f.
1001
A=(ai. a2, , an) and D=(cai. ca2, , can). Then for each i, we have AI ai, so that cAI cai. Thus, cAID. Next, note that for each i, cI cai, socID. Then D=cd for some integer d. Then for each i, D=cdI cai, and hence dI ai. Therefore dI A, and so D=cdI cA. Because cAID and DI cA, we have cA=D, which completes the proof.
21. Let
•
.
•
•
•
•
(6k+a, 6k+b)=d. Then d I b- a. We have a, b E {-1, 1, 2, 3, 5} , so if a< b, it follows that b - a E {1, 2, 3, 4, 6}. Hence, d E {1, 2, 3, 4, 6}. To show that d=1, it is sufficient to show that neither 2 nor 3 divides (6k+a, 6k+b). If p =2 or p =3 and p I (6k+a, 6k+b), then p I a and p I b. However, there are no such pairs a, b in the set { -1, 1, 2, 3, 5}.
23. Suppose that
3.7, we have (8a +3, 5a+2)=(8a+3 - (Sa+2), 5a+2)=(3a+ 1, 5a+ 2)=(3a+ 1, 5a+ 2 - (3a+ 1))=(3a+ 1, 2a + 1)=(3a+ 1 - (2a+ 1), 2a+ 1)= (a, 2a+1)=(a, 2a+1- 2a)=(a, 1)=1, so 8a+3 and 5a+2 are relatively prime.
25. Applying Theorem
3.7 to the numerator and denominator, we have (15k+ 4, lOk+ 3)=(l5k+ 4- (lOk+3), lOk+3)=(5k+1, lOk+3)=(5k+1, lOk+3- 2(5k+1))=(5k+1, 1)=1.
27. Applying Theorem
Because the numerator and denominator are relatively prime, the fraction must be in lowest terms.
29. From Exercise
21,
we know that
6k- 1, 6k+1, 6k+2, 6k+3,
and
6k+5
are pairwise
n as the sum of two relatively prime integers greater than 1, n=l2k+h , 0:::; h< 12. W e now examine the twelve cases, one fo r each possible value o f h:
relatively prime. To represent let
h
0 1 2 3 4
5 6 7 8 9 10 11
n (6k - 1)+ (6k+ 1) (6k- 1)+(6k+2) (6k - 1)+ (6k+ 3) (6k+ 1)+ (6k+ 2) (6k+1)+(6k+3) (6k+ 2)+ (6k+ 3) (6k+1)+(6k+5) (6k+2)+(6k+5) (6k+ 3)+ (6k+ 5) (12k+ 7)+ 2 (12k+ 7)+ 3 (12k+ 9) + 2
3.7, we have (2n2+6n- 4, 2n2+4n- 3)=(2n2+6n- 4- (2n2+4n2 3), 2n + 4n - 3)=(2n - 1, 2n2+ 4n - 3)=(2n - 1, 2n2+ 4n - 3 - n(2n - 1))=(2n 1, 5n- 3)=(2n- 1, 5n- 3- 2(2n- 1)) =(2n- 1, n- 1)=(2n- 1- 2(n- 1) , n- 1)= (1, n - 1)=1, so the numbers are relatively prime.
31. Applying Theorem
Answers to Odd-Numbered Exercises
656
132 341 2 2• 330111 T• 5• 4• 3• 5• 5• 3• 4• 5• I •
35. From Exercise 36, we have cb - ad= de - cf=1. Then c(b + f) = d(a+e), and so c/d=(a+e)/(b +f). 37. Because a/b <(a+c)/(b +d)
, a - 1. The equation of the diagonal is y =(b /a)x, so for a given i, [ bi/a]. So the total number of interior points in the triangle plus the points on the diagonal is L:f==-f [ bi/a]. Then the right-hand boundary has b points (not counting (a, 0)) and the lower boundary has a+1 points (counting (0, 0)). So in all, 1 bi/a]+a+b +1 points in or on the triangle. If we equate our two expressions we have L:f==-1[ starting with
i=1, 2, .
.
.
the number of points on or below the diagonal is
and multiply through by
2, we have (a+ l)(b +1)+(a, b)+1=2 L:f==-f [ bi/a]+2a +2b +2,
which simplifies to our expression.
43. Assume there are exactly r primes and consider the r +1 numbers (r +1) ! +1. From Lemma 3.1, each of these numbers has a prime divisor, but from Exercise 34, these numbers are pairwise relatively prime, so these prime divisors must be unique, and so we must have at least r +1 different prime divisors, a contradiction.
Section 3.4 1.
a.
3.
a.
5.
a.
1
7.
a.
16 6 - 8 10 - 1 5
15
b.
6
c.
2
(-1)7 5+(2)45 800(44,350) b. ·
7
c. ·
d.
5
b. (6)222+(-13)102
c.
-138(666)+(65)1414
d. -1707(20,785)+
5 b.
105 - 21 70+14 98 ·
·
c.
0 280+0 330 - 7 5 405+62 490 ·
·
·
·
9. 2 11. 2n - 2 13. Suppose we have the balanced ternary expansions for integers a 2: b. If both expansions end in zero, then both are divisible by 3, and we can divide this factor of 3 out by deleting the trailing zeros (a shift), in which case (a, b)=3(a/3, b/3). If exactly one expansion ends in zero, then we can divide the factor of 3 out by shifting, and we have (a, b)=(a/3, b), say. If both expansions end in 1 or in -1, then we can subtract the larger from the smaller to get (a, b) =(a - b, b), say, and then the expansion for a - b ends in zero. Finally, if one expansion ends in 1 and the other in -1, then we can add the two to get (a+b, b), where the expansion of a+b now ends in zero.
Answers to Odd-Numbered Exercises
657
Because a + b is no larger than 2a and because we can now divide a + b by 3, the larger term is reduced by a factor of at least 2/3 after two steps. Therefore, this algorithm will terminate in a finite number of steps, when we finally have a=b=1.
15. Letr0=a and r1=b be positive integers with a� b. By successively applying the least-remainder division algorithm, we find that
-rn-1 enrn, - 2 rn-1 =rnqn.
rn-2 =rn-lqn-1 +
<
rn-1 enrn � 2
We eventually obtain a remainder of zero because the sequence of remainders a =r0 ·
19.
·
� O cannot contain more than a terms. ByLemma3.3, we see that (a, b)= (r0,
·
·
= (rn-2•
> r1 > r2 > r1) =(ri. r2) =
rn-1)= (rn-1' rn)= (rn, 0) =rn. Hence (a, b)=rn, the last nonzero remainder. Let v2=v3=2, and for i � 4, vi=2vi-l + vi_2. Performing the Euclidean algorithm with r0 =m and r1 =n, we find that r0 =r1q1 + r2, 0 � r2 < ri. r1 =r2q2 + r3, 0 � r3 < r2, ' rk-3 =rk-2qk-2 + rk-1' 0 � rk-1 < rk-2• and rk-2= rk-lqk-l· We have (m, n) =rk-l· We will use these steps to find the greatest common divisor n am - 1 and a - 1. First, we show that if u and v are positive integers, then the least positive residue of au - 1 modulo av - 1 is ar - 1, where r is the least positive residue of u modulo v. To see this, note that u =vq + r, where r is the least positive residue of u modulo v. It follows -l that au - 1=avq+r - 1=(av - l)(av (q ) + r + · · · + av+r + ar) + (ar - 1). This shows that n the remainder is ar - 1 when au - 1 is divided by av - 1. Now let R0 =am - 1 and R1=a - 1. W hen we perform the Euclidean algorithm starting with R0 and Ri. we obtain R0 =R1Q 1 + R2, where R2 =ar2 - 1, R1 =R2Q2 + R3 where R3 =ar3 - 1, . . . , Rk_3 =Rk_2Qk_2 + Rk-l where n Rk-l =ark-1-1. Hence, the last nonzero remainder, Rk-l =ark-1 - 1 =aCm , ) - 1, is the greatest n common divisor of am - 1 and a - 1. ·
17.
·
·
·
·
y is also a divisor of x - ty. Therefore, every move in the game of Euclid preserves the g.c.d. of the two numbers. Because (a, 0) =a, if
21. Note that (x, y) = (x - ty, y), as any divisor of
x
and
the game beginning with {a, b} terminates, then it must do so at {(a, b), O)}. Because the sum of the two numbers is always decreasing and positive, the game must terminate.
q has 2m bits, appending extra q) = 0 (log2 d). Then from Theorems 2.7 2 dividing q by d in 0 (m ) = 0 (log2 q log2 d)
23. Choose the integer m so that d has no more than m bits and that zeros to the front of and
2.5,
q
if necessary. Then m = 0 (log2
we know that there is an algorithm for
bit operations. Now let
n be the number of steps needed in the Euclidean algorithm to find the greatest common divisor of a and b. Then by Theorem 3.12, n = O(log2 a). Let qi and ri be as in the proof of Theorem 3.12. Then the total number of bit operations for divisions in the Euclidean
L:7=1 O(log2 qi log2 ri)= L:7=1 O(log2 qi log2 b)= 0 (1og2 b L:7=1 log2 qi) = 0 (1og2 b log2 07=1 qi) . By dropping the remainder in each step of the Euclidean algorithm, we have the system of inequalities ri � ri+lqi+l• for i =0, 1, ... , n - 1. Multiplying these inequalities together yields 07==-J ri � 07 1 riqi. Cancelling common factors reduces this to = a=r0 � rn 07=1 qi. Therefore, from above, we have that the total number of bit operations is 2 0 {log2 b log2 07=1 qi) = O(log2 b log2 a)= O((log2 a) ). We apply the Qi' s one at a time. W hen we multiply qn 11 OrnO=qnrnrn=rn -lrn, the top algorithm is
25.
component is the last equation in the series of equations in the proof of Lemma 3.3. W hen we
multiply this result on the left by the next matrix we get
qn-11lOrn-1rn =qn-lrn-1 + rnrn-1 =
Answers to Odd-Numbered Exercises
658
rn_2rn-1' which is the matrix version of the last two equations in the proof of Lemma 3.3. In general, at the ith step we have qn-ilIOrn-i-lrn-i = qn-irn-i-l+ rn-irn-i-l = rn-i-2rn-i-1'
so that we inductively work our way up the equations in the proof of Lemma 3.3, until finally we have r0r1 =ab.
Section 3.5 1.
a.
22·32
b. 3·13 c. 10 2 = 22·52 d. 172 e. 2 ·111= 2·3·37 f. 28 g. 5·103 i. 10 . 504 = 2 . 5 . 4 . 126 = 24. 32 . 5 . 7 j. 8 . 10 3 = 26 . 53 k. 3 . 5 . 72 . 13
h. 23 . 43
I. 9·1111= 32·11· 101 3. 3·5·7·11·13·17·19 5.
a.
b. 2, 3, 5
2, 3
c.
2, 3, 5, 7, 11, 13, 17, 19
d. 2, 3, 7, 13, 29, 31, 37, 41, 43, 47
7. integers of the form p2 where p is prime; integers of the of the form pq or p3 where p and q are distinct primes.
. . 1 2a2 1+3 2b2+3 k 1+3 · 2a 2b ··· q12b be the factonzation of a powerful number. Then 9. Let n=p2a q2 1 p2 ·· pk q 1 k 1 z 1 z 1 · n= ( P a P a ··· P a q1b q2b ··· q1b )2( qlq2··· qz )3 1s a product of a square and a cube. k 1 2 11. a. Suppose that pa 11 m and pb 11 n. Then m = paQ and n = pb R, where both Q and R are products of primes other thanp. Hence, mn = (paQ)(pb R) =pa+hQR. ltfollows thatpa+b mn
II
because p does not divide QR. b. If pa II m then m =pa n, where pl n. Then pl nk and we have mk =pka nk and we see that pka 11 mk . c. Suppose that pa 11 m and pb 11 n witha f. b. Then
m =pa Q and n =pb R where bothQ and R are products of primes other thanp. Suppose, without loss of generality, thata= min(a, b). Thenm+ n=paQ+pb R=pmin(a,b)(Q+pb-a R). Then pl (Q+pb-a R) because pl Q but p I pb-a R. It follows that pmin(a,b)
11 (m + n).
13. 218. 38. 54. 72·11·13·17·19 15. 300, 301, 302, 303, 304 17. We compute
af3 = (ac - 5bd)+ (ad+ bc)H.
Thus, N(af3) = (ac - 5bd)2+ 5(ad+ bc)2 =
a2c2 - lOacbd+25b2d2+5a2d2+lOadbc+5b2c2 =a2( c2+5d2)+5b2( 5d2 + c2) = (a2+ 5b2)( c2+ 5d2) = N(a)N(f3).
19. Suppose 3 =
a
af3.
Then by Exercise 17, 9= N(3) = N(a)N(f3). Then
N(a) = 1, 3,
or 9. Let
=a+ bH. Then we must have a2+ 5b2 = 1, 3, or 9. So either b = 0 and a =±1 or ±3,
or b=±1 and a=±2. Because a=±1, b= 0 is excluded, and because a=±3 forces
f3 =±1,
we must have b =±1. That is, a=±2± H. But then N(a) = 9, and hence N(/3) = 1, which forces
f3
=±1.
21. Note that 21 = 3·7 = ( 1+2H)(l - 2H). We know 3 is prime from Exercise 19. Similarly, if we seek a=a+ bH such that
N(a) =a2 + 5b2= 7,
lbl = O impliesa2 = 7, lbl =limpliesa2 = 2, and lbl no such a. Hence, if
af3 = 7,
we find there are no solutions. For
> limpliesa2 <
0, and in each case there is
then N(af3) = N(a)N(f3) = N(7) =49. So one of N(a) and N(/3)
must be equal to 49 and the other equal to 1. Hence, 7 is also prime. We have shown that there are no numbers of the form a+ bH with norm 3 or 7. So in a similar fashion to the argument above, if
af3
= 1± 2H, then
N(af3) = N(a)N(f3) = N(l± 2H) = 21. And there are no a and f3 has norm 21 and the other has norm 1. Hence,
numbers with norm 3 or 7, so one of 1± 2H is also prime.
23. The product of4k +land4l+lis (4k +1)(41+1)= 1 6kl+4k +41+1=4(4kl+k +l)+1= 4m+1, where m =4kl+k + l. Hence, the product of two integers of the form 4k +1 is also of this form.
25. We proceed by strong mathematical induction on the elements of H. The first Hilbert number greater than 1-5-is a Hilbert prime because it is an integer prime. This completes the basis step.
Answers to Odd-Numbered Exercises
659
For the inductive step, we assume that all numbers in H less than or equal to n can be factored into Hilbert primes.The next greatest number in H isn + 4. Ifn + 4 is a Hilbert prime, then we are done.Otherwise,n + 4 = hk, where h and k are less thann + 4 and in H, and so both are less than or equal ton.By the inductive hypothesis, hand k can be factored into Hilbert primes.Thus, n + 4 can be written as the product of Hilbert primes. 27.
1, 2, 3, 4, 6, 8, 12, 24
29.
33,633 e. 605,605 f. 277,200 a. 22335372, 27355577 b. 1, 2 .3. 5 · 7 · 11·13 · 17 · 19 · 23 · 29 1 d. 1011000 , 4111471179 illg3i11101100i c. 2. 5 .11, 23 .3 . 57 .7. 11 3. 13
31. 33. 35
•
a.
77
b.
36
c.
150
d.
the year 2121
. . sk t a = PirJpr1 ···prk , where Pi 1s a pnme and ri and si are nonand b = PiSJps2 ···pk k 2 2 negative. (a, b) = _P�(ri.sJ)··· pr;n(rk>sk>_ and [a, b] = p�ax(ri.sJ)··· l;x(rk,sk). So [a, b] =
Le
max(ri.sJ)-=(ri.sJ) ... max(rk,sk)-=(rk>sk) b)p p
Because max(r· s·) - min(r· s·) is clearly k i nonnegative, we now see that (a, b) I [a, b], and we have equality when max(ri, si) - min(ri, si)= 0 for each i, that is, if ri= si for each i, that is if a= b. (a'
"
I'
I
I'
I
37.
b] I c, then because a I [a, b], a I c. Similarly, b I c. Conversely, suppose that a= an bn bJ b2 Cn CJ C2 PiP2 ···Pn and b=PiP2 ···Pn and C=PiP2 ···Pn · If aIc and bIc, then max(ai, bi) :'.Sci for i = 1, 2, ..., n.Hence, [a, b] I c.b. We proceed by induction onn. The basis step is given by part (a). Suppose the result holds for sets of n - 1 integers.Then [al> ..., a ] Id if and only if n [[al> ..., a -il. a ] Id.(See Exercise 49.)This is true if and only if [al> ..., a -il Id and a Id n n n n by part (a). By the induction hypothesis, this is true if and only if ai Id for i = 1, 2, ... , n.This completes the induction step.
39.
Assume thatp I an=± I a I· I a I··· I a I.Then by Lemma 3.5,p II a I and sop I a.
41.
a. Suppose that (a, b)= 1 andp I (an, bn) where p is a prime. It follows that p I an and p I bn. By Exercise 41,p I a andp I b.But thenp I (a, b)= 1, which is a contradiction.b. Suppose that a does not divide b, but an I bn.Then there is some prime power, say,pr, that divides a but does not divide b (or else a I b by the fundamental theorem of arithmetic).Thus, a =pr Q, where Q is an integer.Now an= (pr Qr =pr n Qn, sopr n I an I bn.Then bn= mpr n, from which it follows that each of then h's must by symmetry contain r p's.But this is a contradiction.
43.
45.
47
a.
If [a ,
llJ
a2
Suppose that x= ../2 + ../3. Then x2= 2 + 2../2../3 + 3= 5 + 2../6.Hence, x2 - 5= 2../6. It follows that x4 - l0x2 + 25= 24.Consequently, x4 - l0x2 + 1= 0.ByTheorem 3.17, it follows that ../2 + ../3 is irrational, because it is not an integer (we can see this because 3 < ../2 + ../3 < 4). Suppose that m/n= logP b.This implies that p� = b, from which it follows that pm=bn. Because b is not a power ofp, there must be another prime, say, q, such that q I b. But then q I b I bn =pm=p ·p· ··p. By Lemma 2.4, q Ip, which is impossible because p is a prime number. tk rJ r2 ... rk tJ t2 SJ s2 ... sk Let a=Pi Pk , and c=PiP2 ...Pk' w1"th Pi pnme and ri, si, and ti Pk , b=PiP2 P2 nonnegative.Observe that min(x, max(y, z))= max(min(x, y), min(x, z)). We also know that min(ti.max(ri.sJ)) min(t2,max(r2,s2)) max(r2,s2) . . max(rk>sk) . pk [a, b] - Pmax(rJ,SJ) ' and so ([a, b]' c) = Pi P2 P2 i min(rk>tk) min(ri.tJ) min(r2.ti) min(tk>max(rk,sk)) ···pk . vve also know that (a, c) = Pi p and (b, c) = ···pk 2 min(si.tJ) min(s2.ti) ... min(sk>tk) Th max(min(rJ,tJ),min(si tJ)) . . en [(a, c)' (b' c)]= Pi Pk Pi P2 max(min(r2,ti),min(s2,ti)) ... max(min(rk,tk),min(sk,tk)) .Thereiore, p pk -" ([a, b], c) - [(a, c) , (b, c)]. In 2 a similar manner, noting that min(max(x, z), max(y, z)) = max(min(x, y), z), we find that [(a, b), c]=([a, c], [b, c]). ·
•
_
ur
_
Answers to Odd-Numbered Exercises
660
49. Let c=[ai. ..., an], d = [[ai. ..., an_i], an], and e =[ai ... , an_i]. If c Im, then all ai's divide m, and hence e Im and an Im, sod Im. Conversely, ifd Im, then e Im and an Im, and so all ai's divide m; thus c Im. Because c andd divide all the same numbers, they must be equal. .
Sl.
a.
There are six cases, all handled the same way. So without loss of generality, suppose
that a:::; b:::; c. Then max(a, b, c)=c, min(a, b)=a, min(a, c)=a, min(b, c) =b, and min(a, b, c)=a. Hence, c=max(a, b, c)=a+ b+ c - min(a, b) - min(a, c) - min(b, c)+ min(a, b, c)=a+b+c - a - a - b+a. b. The power of a prime p that occurs in the prime factorization of [a, b, c] is max(a, b, c) where a, b, and care the powers of this prime in the factorizations of a, b, and c, respectively. Also, a+b+c is the power of p in abc, min(a, b) is the power of p in (a, b), min(a, c) is the power of p in (a, c), min(b, c) is the power of p in (b, c), and min(a, b, c) is the power of p in (a, b, c). It follows that a+ b + c min(a, b) - min(a, c) - min(b, c) is the power of p in abc(a, b, c)/((a, b)(a, c)(b, c)).Hence, [a, b, c]=abc(a, b, c)/((a, b)(a, c)(b, c)). S J s2 !J t 2 sk tk =Pi P2 ...pk, and c=Pi P2 ... pk, with Pi pnme and ri, si, (r ,s;,ti) I s; ; m (r s +s;+ti j I (a, b, c) and P + +t - in i, i,ti) and ti nonnegative. Then P II abc, but p min(r;,s;,ti) r;+s;+t; r;+s;+ti-min(ri,s;,ti) TJ
S3. Let a=Pi
rk r2 P2 ...pk,
b
?
·pi
rk TJ r2 SS. Let a=Pi P2 ...pk,
SJ
t·I
?
�
[ab, ac, ab], and pi
and
·
·
II
=Pi
!J
tk · ... pk, wit h Pi pnme and ri, si, i m n(ri.si.tJ) min (r2,s2.ti) ... min(rk,sbtk) and pk p2 nonnegative Then ' using that (a ' b ' c) =pi ' ax(r bsbtk> ax(r2,s2,ti) ax(ri.si.tJ) c]=p ·p p , we can write the prime factorization of
b=Pi
sk s2 P2 ...pk, and
"
�
�
2
c=Pi P2t
·
:
[a, b, ([a, b], [a, c], [b, c]) and [(a, b), (a, c), (b, c)]. For instance, consider the case where k= 1. Then ([a, Similarly,
•
m (max(rJ,SJ),max(rJ,!J),max(sJ,tJ) max(ri.tJ) max(ri. sJ) max(si.tJ) ) - Pi in , Pi , Pi ax(min (ri. sJ),min(ri.tJ),min(si.tJ) c)]=p Clearly, these two are equal .
b], [a, c] , [b, c]) - (Pi _
•
_
·
�
[(a, b), (a, c), (b, ri 2: si 2: ti. ...).
( examine the six orderings
S7. First note that there are arbitrarily long sequences of composites in the integers. For example, (n+ 2)!+ 2, (n+ 2)!+ 3, ... , (n+ 2)!+ (n+ 2) is a sequence of n consecutive composites. To find a sequence of n composites in the sequence a, a+ b, a+ 2b, ..., look at the integers in a, a+b, a+2b, ... with absolute values between (nb+ 2)!+2 and (nb+2)!+(nb+2). There are clearly n or n+ 1 such integers, and all are composite. S9. 103 61. 701
� i and b=CT�=i pf;.The condition (a, b)=1 is equivalent to min(ai, /Ji)=0 for
63. Let a=n:=i p
all i, and the condition
ab=en is equivalent ton I (ai+/Ji) for all i.Hence, n I ai and /Ji=0 or ; /n
�
I /Ji and ai=0. Letd be the product of p over all i of the first kind, and let e be the product dn of p over all i of the second kind.Then dn=a and en=b.
n
f
6S. Suppose the contrary and that a :::; n is in the set.Then 2a cannot be in the set.Thus, if there are k elements in the set not exceeding n, then there are k integers between n+ 1 and 2n that cannot be in the set.So there are at most k+ (n - k) =n elements in the set. 67. m =n or {m, n} = {2, 4} 69. For j f. i, PilQj, because it is one of the factors. So Pi must divide S- Liofai Qj =Qi= Pi Pi-iPi+i Pn but by the fundamental theorem of arithmetic, Pi must be equal to one of ·
·
·
·
·
·
these last factors, a contradiction.
71. Let p be the largest prime less than or equal ton.If 2p were less than or equal ton, then Bertrand's postulate would guarantee another prime q such that p < q < 2p :::; n, contradicting the choice of p. Therefore, we know that n < 2p. Therefore, in the product n!=1 ·2 ·3 · · ·n, there appears
Answers to Odd-Numbered Exercises
661
only one multiple of p, namely, p itself, and so in the prime factorization of n, p appears with exponent 1. 73.
a. Uniqueness follows from the Fundamental Theorem. If a prime Pi doesn't appear in the prime factorization, then we include it in the product with an exponent of 0. Because ei� 0, we have e· e· e1 e1 Q o e1 ez Pi = Pi P ···Pr :S p1 p ···P:' = m. b. Because p1' < Pi :::; m :::; Q = p�, we take logs of 2 2 both sides to get ei log p1:::; n log Pr·Solving for ei gives the first inequality. If 1:::; m :::; Q, then '
m has a prime-power factorization of the form given in part (a), so the r-tuples of exponents count the number of integers in the range 1:::; m :::; Q. c. To bound the number of r-tuples, by part (b) there are at most Cn + 1 choices for each ei, and therefore there are at most (Cn + 1)' r-tuples, r which by part (b) gives us p�:::; (Cn + 1)'= (n(C + l/ n)Y :::; n (C + 1)'. d. Taking logs of both sides of the inequality in part (c) and solving for n yields n:::; (r log n + log(C + 1))/ log p,, but because n grows much faster than log n, the left side must be larger than the right for large values of n. This contradiction shows there must be infinitely many primes.
75.
S(40)= 5, S(41)= 41, S(43)= 43
77.
a (n)= 1, 2, 3, 4, 5, 9, 7, 32, 27, 25, 11, ...
79.
From Exercise 78, we have S(p)= p whenever p is prime. If m< p and mlS(p)!= p!, then ml(p - 1)!, so S(p) must be the first time that S(n) takes on the value p. Therefore, of all the inverses of p, p is the least.
81.
Let n be a positive integer and suppose n is square-free. Then no prime can appear to a power greater than 1 in the prime-power factorization of n. So n= p1p ···Pr for some distinct primes 2 Pi· Then rad(n) = p1p ··· Pr=n. Conversely, if n is not square-free, then some prime factor 2 p1 appears to a power greater than 1 in the prime-power factorization of n. So n =pf p�2 ··· p�r with a� 2. Then rad(n)= P1P2 ···Pr< n.
83.
Because every prime occurring in the prime-power factorization of mn occurs in either the factorization of m or n, every factor in rad(mn) occurs at least once in the product rad(m)rad(n), • which gives us the inequality. If m= p�1 p�' and n= q �1 q: are relatively prime, then we have rad(mn) =Pi··· Prq ·· · q8 =rad(m)rad(n). •
•
•
•
•
•
l
85.
First note that if p I (2:), then p:::; 2n. This is true because every factor of the numerator of 1 p�k be the factorization of (2:) into (2:) = ��':}d is less than or equal to 2n. Let (2:) = p� p;2 distinct primes. By the definition of n, k:::; n(2n). By Exercise 84, P? :::; 2n. It now follows that (2:) = p�1p;2 ··· p�k:::; (2n)(2n) ··· (2n):::; (2n)rr<2n). •
87.
89.
•
•
Note that (2nn ):::; L�:o (2an) = (1 + 1)2 n= 22n. Then from Exercise 86, nrr<2n)-rr(n)< en) :::; 22n. Taking logarithms gives ( n(2n) - n(n)) log n < log(22n) =n log 4. Now divide by log n. Note that 2n=n:= 2:::; n:=1(n + a )/a = (2 n). Then by Exercise 85, 2n:::; (2n)rr<2n). Taking logs n l gives n(2n)� n log 2/ log 2n. Hence, for a real number x, we have n(x)� [x/2] log 2/ log [x] > c1xj log x. For the other half, Exercise 65 gives n(x) - n(x/2)
Section 3.6 1.
a. 3 · 52 · 73 · 13 · 101
b. 113 · 13 · 19·641
3.
a.143=122 - 1=(12+1)(12 - 1)=13 . 11 b. 2279=482 - 52 =(48 + 5)(48 - 5)=53. 43 c. 43 is prime. d. 11413= 1072 - 62 = (107 + 6)(107 - 6) =113·101
c.
13 · 17 ·19 · 47 · 71·97
662
Answers to Odd-Numbered Exercises
5. Note that (50+ n)2 =2500+ lOO n+ n2 and (50 - n)2 =2500 - lOO n+ n2• The first equation shows that the possible final two digits of squares can be found by examining the squares of the integers
0, 1, ..., 49, and the second equation shows that these final two digits can be 0, 1, ... , 25. We find that 02 = 0, 12 = 1, 22 = 4, 32 =9, 42 =16, 52 =25, 6 2 =36, 72 =49, 82 =64, 92 =81, 102 =100, 112 =121, 122 = 144, 132 = 169, 14 2 = 196, 152 = 225, 162 = 256, 172 = 289, 182 = 324, 19 2 = 361, 202 = 400, 212 =441, 222 =484, 232 =529, 24 2 =576, and 252 =625. It follows that the last two digits of a square are 00, el, e4, 25, 06, and e9, where e represents an even digit and o represents found by examining the squares of the integers
an odd digit.
7. Suppose that x 2 - n is a perfect square with x
> (n+ p 2)/2p, say, a 2• Now, a 2 =x 2 - n > = ((n - p 2)/2p )2. It follows that a > (n - p 2)/2p . From these inequalities for x and a, we see that x+a> n/p, or n < p (x+a). Also, a 2 = x2 - n tells us that (x - a) (x+a) = n. Now, (x - a)(x +a) = n < p (x+a). Canceling, we find that x - a < p. But because x - a is a divisor of n less than p, the smallest prime divisor of n, it follows that x - a=1.In this case, x =(n+1)/2.
((n+ p 2)/2p )2 - n
9. From the identity in Exercise 8, it is clear that if n = n1 is a multiple of 2k+ 1, then so is nk> because it is the sum of two multiples of
2k+1. If (2k+ 1) I nk, then (2k+1) I rk 2k+ 1 that rk = 0. Thus, nk = (2k+ l)qk. Continuing, we see that n =n+2nk - 2(2k+ l)qk = (2k+ l)n+2(nk - kn) - 2(2k+ l)qk. It follows from Exercise 8
and it follows from rk that n =(2k+ l)n Exercise
<
- 2(2k+1) L�:;;:f qi - 2(2k+ l)qk = (2k+ l)n - 2(2k+1) L�=l qi. Using
8 again, we conclude that n =(2k+ l)(n - 2 L�=l qi) =(2k+ l)mk+l·
11. To see that u is even, note that a - c is the difference of odd numbers and that b - d is the difference of even numbers. Thus,
a - c and b - d are even, and u must be as well. That (r, s) = 1 follows trivially from Theorem 2.1 (i). To continue, a2+ b2 = c2+ d 2 implies that (a+ c)(a - c) = (d - b)(d+ b). Dividing both sides of this equation by u, we find that r (a+c) =s(d+ b). From this, it is clear thats I r (a+c). But because (r, s) =1,s I a+c. 13. Tofactor n, observe that[( �-) 2+ < ¥ )2](r 2+s2) =( l/4)(r2u2+r 2v2+s2u2+s2v2). Substituting
a - c, d - b, a+ c, and d+b for ru, su, sv, and rv, respectively, will allow everything to be simplified down to n. As u and v are both even, both of the factors are integers.
15. We have 24n+2+1=4(2n)4+1=(2·22n+2 · 2n+1)(2 · 22n - 2 ·2n+1). Using this identity,
218+ 1=4(24 )4+ 1 = (2 · 28+2 · 24+ 1)(2 · 28 - 2 · 24+ 1) = 5 5 9 9 (2 +2 +1)(2 - 2 +1) =545 · 481. we have the factorization
17. We can prove that the last digit in the decimal expansion of F is 7 for n � 2 by proving that the last digit in the decimal expansion of
n n 2 2 is 6 for n � 2. This can be done using mathematical
induction. We have 222 =16, so the result is true for n =2.Now assume that the last decimal digit . n . n n+I n n+I- n n+I - n of 22 IS 6, that Is, 2 2 = 6 (mod 10).It follows that 22 =(22 )2 2 = 62 2 = 6 (mod 10). This completes the proof.
19. Because every prime factor of F5 =225+ 1=4,294,967,297 is of the form 27k+1=128k+ 1, attempt to factor
F5 by trial division by primes of this form. We find that 128 · 1+ 1 = 129 is not prime, 128 · 2+1 =257 is prime but does not divide 4,294,967,297, 128 ·3+ 1 =385 is not prime, 128 · 4+ 1 = 513 is not prime, and 128 · 5+ 1 = 641 is prime and does divide 4,294,967,297 with 4, 294, 967, 297 =641·6, 700,417.Any factor of 6,700,417 is also a factor of 4,294,967,297. We attempt to factor 6,700,417 by trial division by primes of the form 128k+1 beginning with 641.We first note that 641 does not divide 6,700,417. Among the other integers of the form 128k+1 less than ,J6,700,417, namely the integers 769, 897, 1025, 1153, 1281, 1409, 1537, 1665, 1793, 1921, 2049, 2177, 2305, 2433, and 2561, only 769, 1153, and 1409 are prime, and none of them divide 6,700,417. Hence, 6,700,417 is prime and the prime factorization of F5 is 641·6,700,417.
Answers to Odd-Numbered Exercises
663
21. 2n / log2 10+1 23. See Exercise 23 in Section 3.2.
Section 3.7 1.
33 - St, y= -11+2t b. x= -300+13t, y= 400 - 17t -21+3t d. no solutions e. x=889 - 1969t, y=-633 + 1402t a.
x=
c.
x=
21 - 2t, y=
3. 63 US$, 41 Can$ 5. 53 Euros, 35 Pounds 7. 17 apples, 23 oranges 9. 11.
(1, 16), (4, 14), (7, 12), ... , (22, 2 ), (25, 0) c. 18 solutions: (0, 37), (3, 35), ..., (54, 1) a.
-5 + 3s - 2t, y= 5 - 2s, z= t l - 10ls - 2t,z=t
a.
x=
b. no solutions
b. no solutions
c.
x=
-1+102s +t, y=
13. Let x, y, andz be the number of pennies, dimes, and quarters, respectively. Whenz= 0, we have x=9,
y=9;x=19, y=8;x=29, y=7;x=39, y=6;x=49, y=5;x=59, y=4;x= 69, y= 3;x= 79, y= 2;x= 89, y= 1;x= 99, y= 0.When z= 1, we have x= 4, y= 7;x= 14, y=6;x=24, y=5;x=34, y=4;x=44, y=3;x=54, y=2;x=64, y= l;x=74, y= 0.Whenz= 2, we havex= 9, y= 4;x= 19, y= 3;x= 29, y= 2;x= 39, y= l;x= 49, y= 0. Whenz =3, we have x=4, y=2;x=14, y =1;x=24, y =0.
15.
6t, y= 8 - 7t,z= t 150 - 3t, w =t a.
x= 92 +
b. no solution
c.
x=
50 - t, y= -100 + 3t, z=
17. 9, 19, 41 19. The quadrilateral with vertices (b, 0), (0, a ), (b - 1, -1), and (-1, a - 1) has area a+b.Pick's Theorem, from elementary geometry, states that the area of a simple polygon whose vertices are lattice points(points with integer coordinates) is given by
-1-x+ y - 1, where xis the number of
y is the number of lattice points inside the polygon. Because (a , b)= 1, x= 4, and therefore, by Pick's Theorem, the quadrilateral contains a+b - 1 lattice points. Every point corresponds to a different value of n in the range ab - a - b < n
lattice points on the boundary and
Therefore, every
n
in the range must get hit, so the equation is solvable.
21. See the solution to Exercise 19.The line ax+ by=ab - a - b bisects the rectangle with vertices
(-1, a - 1), (-1, -1), (b - 1, a - 1), and (b - 1, -1) but contains no lattice points. Hence, half the interior points are below the line and half are above. The half below correspond to n
23. (0, 25, 75); (4, 18, 78); (8, 11, 81); (12, 4, 84)
Section 4.1 t.
3.
a. 2 I (13 - 1)= 12 b. 5 I (22 - 7)= 15 31 (-2 - 1)=-3 f. 111 (-3 - 30) =-33 666 a.
1, 2, 11, 22
c.
131 (91 - O)= 91
d. 7 I (69 - 62)= 7
g. 40 I (111 - (-9))=120
b. 1, 3, 9, 27, 37, 111, 333, 999
c.
e.
h. 37 I (666 - O) =
1, 11, 121, 1331 2
2
5. Suppose thata is odd. Then a= 2k+1 for some integer k.Then a = (2 k+ 1) = 4k2 +4k+ 1=
4k(k +1)+1.If k is even, then k =21 where l is an integer. Then a 2 =81 (21 +1)+1.Hence, a 2 = 1(mod 8).If k is odd, then k= 21 +1 when l is an integer. Then a 2= 4(21 +1)(21 +2 )+1= 8(21 + 1)(1 + 1)+1.Hence, a 2 = 1(mod8). It follows that a 2 = 1(mod8) whenever a is odd.
7.
a.
15
b. 8
c.
25
d. 27
e.
8
f. 27
Answers to Odd-Numbered Exercises
664
9.
a.
1
b. 5
c.
d. 13
9
11.
By the Division Algorithm, there exist integers qi. q2, ri. r2 such that
a= q1m + r1 and b=q2m+ r2, with 0:::; ri. r2 < m. Then a mod m= r1 and b mod m= r2• Suppose that r1=r2; then a - b= m(q1 - q2) + (r1 - r2)= m(q1 - q1). Then mla - b, and so a= b (mod m).
13.
Because a= b (mod m), there exists an integer k such that a= b +km. Thus, ae= (b +km)e= be+ k(me). By Theorem4.1 , ae=be (mod me).
15.
n. It is clearly true for n= 1. For the inductive step, we assume that LJ=l a = LJ=l b (mod m) and that an+l= bn+l (mod m). Now L:j!� a = j j j (LJ=l aj) +an+l= (LJ=l bj) +bn+l= L:j!� bj (mod m) by Theorem4.6(i). This completes the proof. b. We use induction on n. For n= 1, the identity clearly holds. This completes the basis step. For the inductive step, we assume that CTJ=l ai = CTJ =l bi (mod m) and an+l =bn+l a.
We proceed by induction on
m). Then
(mod
CTj!� ai= an+1CCTj =1 aj)= b
n
4.6(iii). This completes the proof.
+1C
CTj=1 bi)= CTj!� bi (mod m) by Theorem
17.
Let
m=6, a=4, and b= 5. Then4 mod 6=4 and 5 mod 6= 5, but4 5 mod 6=2 � 4 5.
19.
By the Division Algorithm, there exist integers qi. q2, ri. r2 such that
·
·
a= q1m+ r1 and b= q2m+ r2, with 0:::; ri. r2 < m. Then ab=r1r2 (mod m) by Theorem4.6(iii). By definition, a mod m= r1 and b mod m=r2, so ((a mod m)(b mod m) mod m= (r1r2) mod m=ab mod m, by Exercise 10. 0
1
0
0
5 4
1
1
2
3 4
5
3
2
1
0
5 4
3
2
2
1
0
5 4
3
3
3
2
1
0
5
4
4
4
3
2
1
0
5
5 4
3
2
1
0
21.
5
23.
a. 4
o'clock
2
b. 6 o'clock
c. 4
o'clock
25. a= ±b (mod p) 27.
Note that 1
+2 +3 + +(n +1)= (n - l)n/2. If n is odd, then (n - 1) is even, so (n - l)n/2 is an integer. Hence, n I (1 +2 +3 + +(n - 1)) if n is odd, and 1 +2 +3 + +(n - 1)= 0 (mod n). If n is even, then n=2k where k is an integer. Then (n - l)n/2=(n - l)k. We can easily see that n does not divide (n - l)k, because (n, n - 1)= 1 and k < n. It follows that 1+ 2+ + (n - 1) is not congruent to 0 modulo n if n is even. ·
·
·
·
·
29. 31.
those
·
·
·
·
·
·
·
n relatively prime to 6
1 If n= 1, then 5= 5 =1+4(1) (mod 16), so the basis step holds. For the inductive step, we assume n n n l that 5 = 1+ 4n (mod 16). Now 5 + = 5 5= (1+4n)5 (mod 16) by Theorem 4.4(iii). Further, n+l = 1 +4(n +1) (1 +4n )5= 5 +20n= 5 +4n (mod 16). Finally, 5 +4n= 1 +4(n +1). So 5 (mod 16).
33.
2 2 Note that if x=0 (mod4) then x =0 (mod4), if x= 1 (mod4) then x =1 (mod4), if x=2 2 2 2 (mod4) then x =4=0 (mod4), and if x=3 (mod4) then x =9= 1 (mod4). Hence, x =0 2 2 or 1 (mod4) whenever x is an integer. It follows that x + y =0, 1 or2 (mod4) whenever x and y are integers. We see that
35.
n is not the sum of two squares when n= 3 (mod4).
By Theorem 4. 1, for some integer
2
a, apk= x - x= x(x - 1). By the fundamental theorem of arithmetic, pk is a factor of x(x - 1). Because p cannot divide both x and x - 1, we know that pk I x or pk I x - 1. Thus, x= 0 or x= 1 (mod pk).
Answers to Odd-Numbered Exercises
665
37. First note that there are m1 possibilities for a1, m2 possibilities for a2, and in general mi possibilities for ai. Thus, there are m1m2 where ai. a2,
.
•
.
·
·
·
+M2a2+
mk expressions of the form M1a1
, ak run through complete systems of residues modulo mi. m2,
•
.
•
·
·
·
Mkak
, mk>
respectively. Because this is exactly the size of a complete system of residues modulo M, the result will follow if we can show distinctness of each of these expressions modulo M . Suppose that M1a1+ M2a2+
·
·
·
+ Mkak = M1a �+ M2a�+
·
·
·
+ Mka� (mod M). Then M1a1 =M1a �
(mod m1), because m1 divides each of M2, M3, ..., Mk> and, further, a1 =a � (mod m1), because (Mi. m1) = 1. Similarly, ai (mod mi). Thus, a is in the same congruence class modulo mi
=a;
;
as ai for all i. The result now follows.
39.
r, where a is an integer and 0:::; r < 1. We now consider two cases, when 0:::; r < -! and when -!:::; r < 1. For the first case, T = [.jii+ -!J =a, and sot=T2 - n = -(2ar+r2). Thus, It I=2ar+ r2 < 2a c-!) +(-!)2 =a + {-. Because both T and n are integers, t is also an integer.It follows that ltl :::; [a+ {-J=a=T. For the second case, when -! :::; r < 1, we find that T = [.jii+-!J =a+ 1 and t =2a(l - r)+ (1- r2). Because -! :::; r < 1, 0 < (1- r):::; -! and 0 < 1- r2 < 1. It follows that t:::; 2a( -! )+ (1- r2). Because t is an integer, we can say that It I :::; [a + (1 - r2)] =a < T. b. By the division algorithm, we see that if we divide x by T, we get x=aT + b, where 0:::; b < T. If a were negative, then x=aT+ b:::; (-l)T + b < O; but we assumed x to be nonnegative.This shows that 0:::; a.Suppose now that a > T. Then x = a T+b �(T+ l)T =T2+T �(./ii - -!)2+(./ii - -!) =n - {- and, as x and n are integers, x �n.This is a contradiction, which shows that a :::; T. Similarly, 0:::; c:::; T and 0:::; d < T. c. xy =(aT+b)(cT+d) =acT2+(ad+bc)T+bd =ac(t +n)+zT+bd =act+zT +bd (mod n). d. Use part (c), substituting eT+ f for ac. e. The fi r st half is identical to part (b); the second half follows by substituting gT+ h for z+ et in part (c) and noting that T2 =t (mod n). f. Certainly, ft and gt can be computed because all three numbers are less than T, which is less than .jii+ 1. So (f + g)t is less than 2n < w. Similarly, we can compute j +bd without exceeding the word size. And, finally, using the same arguments, we can compute h T+ k a. Let .jii=a+
without exceeding the word size.
41.
a.
1
b. 1
c.
1
d. 1
e.
Fermat's little theorem (Section
6.1)
43. Because fn-2+fn-l =fn (mod m), if two consecutive numbers recur in the same order, then the sequence must be repeating both as n increases and as it decreases. But there are only m residues, 2 and so m ordered sequence of two residues. As the sequence is infinite, some two elements of the sequence must recur by the pigeonhole principle.Thus, the sequence of least positive residues of the Fibonacci numbers repeats.It follows that if m divides some Fibonacci number, that is, if fn =0 (mod m), then m divides infinitely many Fibonacci numbers.To see that m does divide some Fibonacci number, note that the sequence must contain a 0, namely, fo 0 (mod m).
=
45. Let a and b be positive integers less than m.Then they have 0 (log m) digits (bits). Therefore by
2 2 Theorem 2.4, we can multiply them using 0 (log m) operations. Division by m takes 0 (log m) 2 operations by Theorem 2.7. Therefore, in all we have O(log m) operations.
47. Let Ni be the number of coconuts the ith man leaves for the next man and let N0= N . A t each stage, the ith man finds Ni-I coconuts, gives k coconuts to the monkeys, takes (l/n)(Ni-l - k) coconuts for himself, and leaves the rest for the next man. This y ields the recursive formula Ni= (Ni-I - k)(n - l)/n. For convenience, let w=(n - l)/n. If we iterate this formula a few times, we get N1 =(N0 - k)w, N2 =(N1 - k)w =((N0 2 2 2 k)w - k)w=N0w - kw - kw, N3=N0w3 - kw3 - kw - kw, .... The general pattern i i i-l i i Ni= N0w - kw - kw - kw=N0w - kw(w - l)/(w - 1) may be proved by n n induction. W hen the men rise in the morning, they find Nn =N0w - kw(w - l)/(w - 1) n n coconuts, and we must have Nn k (mod n), that is, Nn =N0w - kw(w - l)/(w - 1) =k -
·
·
=
for some integer
t.
·
+tn
Substituting w=(n - l)/n back in for w, solving for N0, and simplifying
Answers to Odd-Numbered Exercises
666
N0= nn+l(t + k)/(n - l)n - kn+ k.For N to be an integer, because (n, n - 1)= 1, we must have (t +k) / (n - 1r an integer. Because we seek the smallest positive value for N, we take t +k = (n - l)n, so t = (n - l)n - k. Substituting this value back into the formula for N yields N= nn+l _kn+ k. i i i i 49. a. Let fi(x)= L�o aix , fz(x)= L�i bix , gi(x)= L�i cix , and g2 (x)= L�i dix , where yields N=
the leading coefficients may be zero to keep the limits of summation the same for all polynomials.
ai= ci(mod n) and bi= di(mod n), for i = 0, 1, ... , m. Therefore by Theorem 4.6 part i ai +bi= ci +di(modn) for i =0, 1, .. , m. Because Ui + fz) (x) = L�i (ai+bi)x i and (gi + g2) (x) = L�i (ci + di)x , this shows the sums of the polynomials are congruent k modulo n. b. With the same set up as in part(a), the coefficient on x in (fif2) (x) is given by a0bk + aibk-i + + akb0, and the corresponding coefficient in (gig2) (x) is given by c0dk+cidk-i + +ckd0.Because each ai= ci(mod n) and bi= di(mod n), by Theorem 4.6 the two expressions are congruent modulo n, and so, therefore, are the polynomials. Then
(i),
.
·
·
·
·
·
·
k is Exercise 42. Assume that f (x) = h(x) (mod p) and f (x) = (x - ai) (x - ak-i)h(x), where h(x) is a polynomial with integer coefficients. Substituting ak for x in this congruence gives us 0= (ak - ai) (ak - ai)h(ak) (mod p).None of the factors ak - ai can be congruent to zero modulo p, so we must have h(ak) = 0(mod p). Applying Exercise 50 to h(x) and ak gives us h(x) = (x - ak)g(x)(mod p), and substituting this in the congruence for f (x) yields f (x) = (x - ai) (x - ak)g(x) (mod p), which completes
51. The basis step for induction on ·
·
·
·
·
·
·
·
·
the induction step.
Section 4.2 1.
a. e.
x= 6(mod 7) b. x= 2, 5 or 8(mod 9) c. x= 10(mod 40) d. x= 20(mod 25) x= 111(mod 999) f. x= 75+ 80k(mod 1600) where k is an integer
3.
x= 1074+ 3157k (mod 28927591)
5.
19 hours
7.
77 solutions when c is a multiple of 77
9.
a.
13
a.
1, 7, 11, 13, 17, 19, 23, 29
11.
b.
7
c.
5
d.
16
inverses of each other, as are
b. Note that
1, 11, 19 and 29 are their own inverses; 7 and 13 are
23 and 17.
ax+ by= c(mod m), then there exists an integer k such that ax+ by - mk= c. Because d I ax+by - mk, d I c. Thus, there are no solutions when d l c. Now assume that d I c and let a= da', b =db', c =de', and m =dm', so that (a', b', m') =1. Then we can divide the original congruence by d to get(*) a'x+b'y= c'(mod m'), or a'x= c' - b'y(mod m'), which has solutions if and only if g= (a', m') I c - b'y, which is equivalent to b'y= c'(mod g) having solutions. Because (a', b', m') = 1, and (a', m') = g, we must have (b', g) = 1, and so the last congruence has only one incongruent solution Yo modulo g. But the m'/g solutions Yo. Yo+g, Yo+2g, ... , Yo+ (m'/g - l)g are incongruent modulo m'. Each of these yields g incongruent values of x in the congruence (*). Therefore, there are g (m'/g) = m' incongruent
13. If
solutions to(*). Now let (xi. Yi) be one solution of the original congruence. Then the d values xi. xi+ m', xi+ 2m', ... , xi+ (d - l)m' are congruent modulo m' but incongruent modulo m.Likewise, the d values Yi. Yi+m', Yi+2m', ... , Yi+ (d - l)m' are congruent modulo m' but incongruent modulo m. So for each solution of(*), we can generate d 2 solutions of the original congruence. Because there are m' solutions to(*), we have d 2m'= dm solutions to the original congruence. k 15. Suppose that x2= 1(mod p ), where p is an odd prime and k is a positive integer. Then k k x2 - 1= (x+ l) (x - 1)= 0(mod p ).Hence, p I (x+ l) (x - 1). Because (x+ 1) - (x - 1)= 2
Answers to Odd-Numbered Exercises
667
p divides at most one of (x - 1) and (x + l). It follows that k k k either p I (x + 1) or p I (x - 1), so that p = ±1(mod p ).
and pis an odd prime, we know that
17. To find the inverse of a modulo m, we must solve the Diophantine equation ax+ my= 1, which can be done using the Euclidean algorithm. Using Corollary 2.5.1, we can find the greatest 3 common divisor in 0(log m) bit operations. The back substitution to find x and y will take 2 no more than 0(log m) multiplications, each taking 0(log m) operations. Therefore, the total 3 2 3 number of operations is 0(log m)+ 0(log m) 0(log m)= 0(log m).
Section 4.3 1. x = 1(mod
6)
3. 32 + 60m 5. x = 1523(mod 2310 ) 7. 204 9. 1023 11. x = 210 1(mod 2310 ) 13. We can construct a sequence of k consecutive integers each divisible by a square as follows. Con sider the system of congruences x = 0 (mod
-k + 1(mod
Pi), x = - 1(mod p�), x = -2(mod p�), ..., x =
Pi), where Pk is the kth prime. By the Chinese remainder theorem, there is a
solution to this simultaneous system of congruence because the moduli are relatively prime. It
N that satisfies each of these congruences. Each of the k integers N, N + 1, ... , N + k - 1 is divisible by a square because PJ divides N+ j - 1 for j =1, 2, ... 'k. follows that there is a positive integer
15. Suppose that x is a solution to the system of congruences. Then x = a1 (mod m1), so that x =a1 +km1 for some integer k. We substitute this into the second congruence to
get a1 + km1 = a2(mod m2) or km1 = (a2 - a1)(mod m2), which has a solution in k
I (a2 - a1). Now assume such a solution k0 exists. Then all in congruent solutions are given by k =k0 + m2t/(mi. m2), where t is an integer. Then m2t m1m2 x=a1+km1=a1+ k0+ m1=a1+k0m1+ t.Note that (mi. m1) (mi. m1) m1m2/(mi. m2)=[mi. m2], so that if we set x1 =a1+k0m1, we have x =x1+ [m1, m2]t = x1 (mod [mi. m2]), and so the solution is unique modulo [m1, m2]. if and only if (mi. m2)
)
(
17.
a.
x =430 + 2100j
b. x =9102+ 10010j
19. First, suppose the system has a solution. Then for any distinct i and j, there is a solution to the two-congruence system x = ai(mod mi), x = aj(mod mj). By Exercise 15, we must have (mi, mj)
I (ai - aj). For the converse, we proceed by mathematical induction on the r. For r =2, Exercise 15 shows that the system has a solution.
number of congruences
This is the basis step. Now suppose the proposition is true for systems of and consider a system of
r
+ 1 congruences. Let
M =[mi. m2,
•
•
•
r
congruences
, mrl· By the induction
A(mod M). Consider the system of two congruences x =A(mod M), x = ar+l(mod mr+1). A solution to this system will be a solution to the system of r + 1 congruences. Note that for i =1 .. r, we have (mi, mr+i) I mr+l 1 ai - ar+l• and likewise (mi, mr+l) I mi I (ai - A), because we must have A= ai(mod mi). Therefore, A= ar+l(mod (mi, mr+i)), which is equivalent to A= ar+l(mod [(mi. mr+l), (mz, mr+l), ..., (m,, mr+l)]). Check that this last modulus is equal to (M, mr+l). Then we have (M, mr+l) I (A - ar+1). Therefore, by the induction hypothesis, the system of the the first
r
congruences has a unique solution
.
Answers to Odd-Numbered Exercises
668
hypothesis, the system [M, mr+ll
=[mi. m2,
.
x =A (mod M),x = ar+l (mod mr+l) has a unique solution modulo , mr+1], and this is a solution to the system of r + 1 congruences. •
.
21. 2101 23. 73,800 pounds 25. 0000,0001,0625,9376 27. We need to solve the system x = 23 + 2(mod 4 · 23),x = 28 + 1(mod 4 · 28),x = 33(mod 4 · 33), where we have added 2 and 1 to make the system solvable under the conditions of Exercise 19. The solution to this system is x = 4257(mod 85008).
29. every 85,008 quarter-days, starting at 0 31. We examine each congruence class modulo 24. If x is congruent to an odd number modulo 24, then
x = 1(mod 2), so all the odd congruence classes are covered. Note that the congruence
classes of 2, 6, 10, 14, 18,22 are all congruent to 2(mod 4). This leaves only 0, 4,8, 12, 16,20. 0 = 0 (mod 24),4 = 12 = 20 = 4 (mod 8),8 = 8(mod 12),and 16 = 1(mod 3),so all congruence classes modulo 24 are covered.
33. If the set of distinct congruences covers the integers modulo the least common multiple of the moduli, then that set will cover all integers. Examine the integers modulo 210, the l.c.m. of the moduli in this set of congruences. The first four congruences take care of all numbers containing a prime divisor of 2,3,5, or 7. The remaining numbers can be examined one at a time,and each can be seen to satisfy one(or more) of the congruences.
35. most likely 318 inches 37. x =225a1 + l000a2 + 576a3 + 1800k, where k is an integer and a1 is 3 or 7,a2 is 2 or 7,and a3 is 14 or 18
Section 4.4 1.
a.
1 or 2(mod 7)
b. 8 or 37(mod 39)
c.
106 or 233(mod 343)
3. 785 or 1615(mod 2401) 5. 184, 373,562,751, 940, 1129,and 1318 (mod ()1323) 7. 3404 or 279(mod 4375) 9. two 11. Because (a, p) = 1, we know that a has an inverse b modulo p. Let f(x) =ax - 1. Then
x = b (mod p) is the unique solution to f(x) = 0 (mod p). Because f'(x) =a¢=. 0 (mod p), we k know that r = b lifts uniquely to solutions modulo p for all natural numbers k. By Corollary 4.14.1, we have that rk =rk-1 - f(rk_1)f'(b) =rk-1 - (ark-1 - l)a =rk-1 - (ark-1 - l)b = k rk-l(1 - ab) + b. This gives a recursive formula for lifting b to a solution modulo p for any k. 13. There are 1,3,3,9, and 18 solutions for n = 1,2, 3, 4, and 5,respectively.
Section 4.5 1.
x = 2(mod 5) and y = 2(mod 5) b. no solutions c. x = 3(mod 5), y = 0 (mod 5); x = 4 (mod 5), y = 1(mod 5); x = 0 (mod 5), y = 2 (mod 5); x = 1(mod 5), y = 3(mod 5); and x = 2 a.
(mod 5), y = 4(mod 5).
3. 0, 1, p, or p
2
5. The basis step, where k = 1, is clear by assumption. For the inductive hypothesis, assume that
m) andAk =Bk (mod m).Then,A· Ak =A· Bk (mod m) byTheorem 4.16. Further, k+1 (mod m). k k k k 1 A + =A · A =A· B =B · B =B
A=B(mod
Answers to Odd-Numbered Exercises
7. false; take m= 8 and A=
9.
a.
11.
a.
( � �)
4 3 4
0 1 4
c D �o n 4 3
b. 5
5
c.5
c.
d. l
5 5 4 5
5 4 5 5
669
4 5 5 5
c ) 5 5 4
13. In Gaussian elimination, the chief operation is to subtract a multiple of one equation or row from
0 in a desirable place. Given that an entry a must be changed to 0 by subtracting a multiple of b, we proceed as follows: Let b be the inverse for b (mod k). Then a - (ab)b = 0, and elimination proceeds as for real numbers. If b doesn't exist, and one cannot another, in order to put a
swap rows to get an invertible b, then the system is underdetermined.
15. Consider summing the ith row. Let k= xn + y, where 0 ::=: y
<
n. Then x
and y must satisfy the
=a+cy+ex (mod n), if k is in the ith row. Then x - ct and y+et t. By Exercise 14, there must be n positive solutions that yield 2 n numbers k between 0 and n . Let s, s+1, . . . , s+n - 1 be the values for t that give these solutions. Then the sum of the ith row is L:�,:�(n(x - c(s + r)) + y + e(s + r))= n(n + 1), Diophantine equation i
is also a solution for any integer
which is independent of i.
Section 4.6 1.
a.
7 ·19
b. 29·41
c.
41·47
d. 47 ·173
e.
131·277
f. 29·1663
3. Numbers generated by linear functions where a
> 1 will not be random in the sense that X28 - X8= ax2s-l + b - (axs-l + b)= a(x2s-l - X8_1) is a multiple of a for all s. If a= 1, then x28 - x8 = x0+sb. In this case, if x0 f. 0, then we will not notice if a factor of b that is not a factor of x0 is a divisor of n.
Section 5.1 b. 16= 24
10 1024= 2
1
1.
a.
256= 28
3.
a.
by
5.
a.
3 but not by 9 b. by both 3 and 9 c. by both 3 and 9 2 = 2 b. 2° = 1 c. 26 = 64 d. 2° = 1
7.
a.
no
9.
a.
by neither 3 nor
c.
d. 2= 2
d. by neither 3 nor 9
1
b. no
c.
yes
5
d. yes b. by both 3 and 5
c.
by neither
3 nor 5
d. by 5 but not by 3
11. if and only if the number of digits is a multiple of 3 (respectively, 9) 13. if and only if the number of digits is a multiple of 6 in each case 15. if and only if the number of digits is a multiple of d, where d I b - 1 17. A palindromic integer with 2k digits has the form (akak-l ...a1a1a2 ...akho· Using the test for divisibility by 11 developed in this section, we find that ak - ak-l + · · · ± a1 =f a1 ± a2 =f · · · ak = 0, and so (akak-l ...a1a1a2 ...akho is divisible by 11.
19. An integer akak-l ...a1a0 is divisible by 37 if and only if a0a1a2+a3a4a5+a6a1a8+·
37 J 443692; 37111092785
21.
a.
no
b. by 5 but not by 2
c.
by neither 5 nor
13
d. yes
23. 6 25.
a.
no solutions
27. no
b. 0, 3, 6, or 9
c.
any digit is a solution
d. 9
e.
9
f. no solutions
·
·
is;
Answers to Odd-Numbered Exercises
670
k k k = ak1o + ak_110 -l + + a110 + a0, so that (n - a0)/l0 = (ak1o + k k ak_110 -l + + a110)/10 = ak1oJc-l + + a1. Now suppose d In. Then n = ak1o + k k ak_110 -l + + a110 + a0 = lO(ak10 -l + + a1) + a0 = 0 (modd). Multiplying both k sides by e , which is an inverse for 10 modulo d, gives us (ak10 -l + + a1) + ea0 = 0 (modd). W hich is n' = (n - a0)/l0 + ea0 = 0 (modd). These steps are reversible, so we have thatd In if and only ifd In'. To show the technique will work, we need to show that n, n', (n')', . . . is a decreasing sequence until we get a term that is not much bigger thand. Suppose that n > 1Od. Then, because a0::::; 9, we have 9 n > l0a0d. Because e is a least positive residue modulod, we have e < d, so, in particular, lOe - 1 < lOd. Using this in the above inequality gives us 9 n > a0(10e - 1). Adding n to both sides gives us lOn > n - a0 + l0ea0, or n > (n - a0)/l0 + ea0 = n '. This shows that
29. First note that n ·
·
·
·
·
·
·
·
·
·
·
·
·
·
·
·
·
·
the sequence generated will be decreasing at least until some term is less than 1Od, which we may examine by hand. 31.
a.
Multiply the last digit by 4 and add this result to the number formed by deleting the last digit of
the integer and repeat.
b. Multiply the last digit by 2 and add this result to the number formed
by deleting the last digit of the integer and repeat.
c.
Multiply the last digit by 2 and subtract this
result from the number formed by deleting the last digit of the integer and repeat.
d. Multiply
the last digit by 8 and subtract this result from the number formed by deleting the last digit of the integer and repeat. 33.
a.
131798; 191798; 211798; 27 l 798
b. 1312340; 1912340; 2112340; 27 l 2340
13134257; 19 I34257; 21134257; 27 l 34257.
c.
d. 131348327; 19 I348327; 211348327;
271348327.
Section 5.2 1. Happy Birthday! 3. twice 5. W
=
k + [2.6m - 0.2] - 2C + Y + [Y /4] + [C/4] - [C/40] (mod 7).
7. answer is person dependent 9. 2500 11. If the 13th falls on the same day of the week on two consecutive months, then the number of days
in the first month must be congruent to 0 modulo 7, and the only such month is February during non-leap year. If February 13th is a Friday, then January 1st is a Thursday. 13. In the perpetual calendar formula, we let W
=
5 and k
=
13 to get 5 = 13 + [2.6m - 0.2] - 2C +
Y + [Y /4] + [C/4] (mod 7). Then [2.6m - 0.2] = 6 + 2C - Y - [Y /4] - [C/4] (mod 7). We note that as the month varies from March to December, the expression [2.6m - 0.2] takes on every residue class modulo 7. So regardless of the year, there is always an m which makes the left side of the last congruence congruent to the right side. 15. The months with 31 days are March, May, July, August, October, December, and January, which
is considered in the previous year. The corresponding numbers for these months are 1, 3, 5, 6, 8, 10, and 12. Given Y and C, we let k = 31 in the perpetual calendar formula and get W = 31 + [2.6m - 0.2] - 2C + Y + [Y /4] + [C/4] = 3 + [2.6m - 0.2] - 2C + Y + [Y/4] + [C/4] (mod 7). To see which days of the week the 31st will fall on, we let m take on the values 1, 3, 5, 6, 8, 10 and reduce. Finally, we decrease the year by 1 (which may require decreasing the century by 1) and let m take on the value 12 and reduce modulo 7. The collection of values of W tells us the days of the week on which the 31st will fall.
Answers to Odd-Numbered Exercises
671
Section 5.3 1.
a.
Teams i and j are paired in round k if and only if i + j
if 2i
=
k (mod 7) with team i drawing a bye
k (mod 7). Round 1: 1-7,2-6,3-5,4--bye; round 2: 2-7,3--6,4--5, 1-bye; round 3: 1-2,
=
3-7,4--6, 5-bye; round 4: 1-3,4-7,5-6,2-bye; round 5: 1-4,2-3,5-7,6--bye; round 6: 1-5,2-
b. Teams i and j are paired in round k if and
4, 6--7, 3-bye; round 7: 1-6, 2-5, 3-4, 7-bye. only if i + j
=
k (mod 7),i, j f. 8; team i plays team 8 if 2i
paired in round k if and only if i + j
=
3.
a.
=
k (mod 7).
c.
Teams i and j are
k (mod 9), with team i drawing a bye if 2i
d. Teams i and j are paired in round k if and only if i + j team 10 if 2i
=
=
k (mod 9).
=
k (mod 9), i, j f. 10; team i plays
k (mod 9).
home teams in round 1: 4 and 5; round 2: 2 and 3; round 3: 1 and 5; round 4: 3 and 4; round 5:
b. home teams in round 1: 5,6,and 7; round 2: 2,3,and 4; round 3: 1,6,and 7; round
1 and 2
4: 3,4,and 5; round 5: 1,2,and 7; round 6: 4,5,and 6; round 7: 1,2,and 3
c.
home teams in
round 1: 6, 7, 8, and 9; round 2: 2, 3, 4, and 5; round 3: 1, 7, 8, and 9; round 4: 3, 4, 5, and 6; round 5: 1, 2, 8, and 9; round 6: 4, 5, 6, and 7; round 7: 1, 2, 3, and 9; round 8: 5, 6, 7, and 8; round 9: 1,2,3,and 4
Section 5.4 1. Let k be the six-digit number on the license plate of a car. We can assign this car the space numbered h(k)
=
k (mod 101),where the spaces are numbered 0, 1,2, . . . , 100. When a car is assigned the
same space as another car we can assign it to the space h(k) + g(k) where g(k) and 0
<
=
k + 1(mod 99)
g(k) � 98. When this space is occupied, we next try h(k) + 2g(k), then h(k) + 3g(k),
and so on. All spaces are examined because (g(k), 101)= 1.
3.
a.
It is clear that m memory locations will be probed as j = 0, 1, 2, ... ,m - 1. To see that
they are all distinct, and hence every memory location is probed, assume that hi(K) (modm). Then h(K) + iq and as (q,m)= 1,i thanm.
=
=
h(K) + jq (modm). From this it follows that iq
=
=
h j(K)
jq (modm),
j (modm) by Corollary 4.5.1. And so i= j because i and j are both less
b. It is clear thatm memory locations will be probed as j= 0, 1,2,... ,m - 1. To see
that they are all distinct,and hence every memory location is probed,assume that hi(K) (modm). T hen h(K) + iq and as (q,m)= 1,i
=
=
h(K) + jq (modm). From this it follows that iq
=
=
h j(K)
jq (modm),
j (modm) by Corollary 4.5.1. And so i= j because i and j are both less
thanm.
5. 558,1002,2174,4035
Section 5.5 1.
a.
0
b. 0
c.
1
3.
a.
0
b. 1
c.
0
5.
a.
7
b. 1
c.
4
d. 1
e.
0
f. 1
7. Transposition means that adjacent digits are in the wrong order. Suppose, first, that the first two digits, x1 and x2, or equivalently, the fourth and fifth digits, are exchanged, and the error is not detected. Then x7
=
7x1 + 3x2 + x3 + 7x4 + 3x5 + x6
(mod 10). It follows that 7x1 + 3x2 4.5.1, we see that x1
=
=
=
7x2 + 3x1 + x3 + 7x4 + 3x5 + x6
7x2 + 3x1 (mod 10) or 4x1
=
4x2 (mod 10). By Corollary
x2 (mod 5). This is equivalent to I x1 - x2 = I 5, as x1 and x2
are
single
digits. Similarly, if the second and third (or fifth and sixth) digits are transposed, we find that 2x2
=
2x3 (mod 10),which again reduces to x2
=
and fourth digits are transposed, we find that 6x3
x3 (mod 5) by Corollary 4.5.1. Also,if the third =
6x4 (mod 10) and x3
as before. The reverse argument will complete the proof.
=
x4 (mod 5),similarly
Answers to Odd-Numbered Exercises
672
b. 3
9.
a.
0
11.
a.
valid
4
c.
d.X
b.not valid
c.
valid
d. valid
e.
not valid
13. 0-07-289905-0 15.
a.
b. yes
no
c.
yes
d.no
17. lt can. 19.
a.
valid
b.not valid
c.
valid
d. not valid
e.
valid
21. Let ci=1 if i is odd and ci= 3 if i is even, for i =1, 2,
.
.
.
13. Then I:
Suppose that one digit, say, ab of an ISBN-13 code is misread as b
t;,,1 ciai=0 (mod 10).
-=f. ai. To get a contradiction,
suppose that when the above congruence is changed by replacing ak by b the sum is still congruent to 0 modulo 10. If we subtract these two congruences, we get ck(ak - b)=0 (mod 10). Because 1 both 1 and 3 are relatively prime to 10, we can multiply both sides by cj; , which gives us ak - b=0 (mod 10). But because ak and bare both integers between 0 and 9, we must have
ak= b, contradicting the assumption that b code.
23.
a.
yes
25.
a.
94
-=f. ak. Therefore, any single error is detected by the
b. no b.If xi is misentered as Yi, then if the congruence defining x10 holds, we see that axi= ayi
(mod 11) by setting the two definitions of x10 congruent. From this, it follows by Corollary
4.5.1 that xi=Yi (mod 11) and so xi=Yi· If the last digit, x11, is misentered as y11, then the congruence defining x11 will hold if and only if x11= y11. c. Suppose that xi is misentered as
Yi and xj is misentered as Yj• with i
the case that ad - be
-=f. b. If it is ¢. 0 (mod 11), then the coefficient matrix is invertible and we can multiply
both sides of this system of congruences by the inverse to obtain xi=Yi and xj= yj. Indeed, after (tediously) checking each possible choice of a, b, c, and d , we find that all the matrices are invertible modulo 11.
27.
a.
1
b.1
c.
6
29. Errors involving a difference of 7 cannot be detected: 0 for 7, 1 for 8, 2 for 9, or vice versa. All others can be detected.
31.
a.
1
b.X
c.
2
d. 8
33. Yes. Assume not and compare the expressions modulo 11 to get a congruence of the form
adi+ bdj= adj+ bdi (mod 11), which reduces to (a - b)di= (a - b)dj (mod 11). Because
0
Section 6.1 1. Note that 10! + 1=1(2·6)(3· 4)(5· 9)(7· 8)10 + 1=1·12·12· 45· 56·10 + 1=1·1·1·1· 1· (-1)+ 1=0 (mod 11). Therefore, 11 divides 10!+ 1.
3. 9 5. 6 7. 436 9. 2 11. 6 13. (35) 2= 243 2= 1 2=1 (mod 112).
Answers to Odd-Numbered Exercises
15.
a.
x = 9(mod 17)
673
b. x =17(mod 19)
17. Suppose that pis an odd prime. Then Wilson's theorem tells us that (p - 1)! =-1 (mod p). Because (p - 1)! = (p - 3) !(p- l)(p - 2) =(p - 3)!(-1)(- 2) = 2 (p - 3)! (mod p), this ·
implies that 2 (p - 3)! =-1 (mod p). ·
19. Because (a, 35) = 1, we have (a, 7) =(a, 5) = 1, so we may apply Fermat's little theorem to get a12 - 1=(a6)2 - 1=12 - 1=0 (mod 7) and a12 - 1=(a4) 3 - 1=13 - 1=0 (mod 5). Because both 5 and 7divide a12 - 1, then 35 must also divide it.
21. When nis even, so is n7, and when nis odd, so is n7. It follows that n7 =n(mod 2). Furthermore, because n3=n(mod 3) , it follows that n7 =(n3)2 n=n2 n=n3 =n(mod 3). We also know •
·
by Fermat's little theorem that n7 =n(mod 7). Because 42 = 2
·
3 7, it follows that n7 =n ·
(mod42).
23. By Fermat's little theorem,
Lf:i kP-l =Lf:i 1=p- 1 (mod p).
25. By Fermat's little theorem, we have a= aP =bP =b (mod p); hence, b = a+ kp for some integer k. Then by the binomial theorem, bP = (a + kp) P = aP + aP-1kp +p2N, where N is some integer.Then bP =aP + p2aP-1k + p2N =aP (mod p2), as desired.
(�)
27. 641 29. Suppose that pis prime.Then by Fermat's little theorem, for every integer a, aP =a (mod p), and by Wilson's theorem, (p - 1)! =-1 (mod p), so that a(p - 1)! =-a (mod p). It follows that aP + (p - l)! a=a+ (-a) =0 (mod p).Consequently, p I [ aP + (p - l)! a].
31. Because p- 1=-1, p- 2=-2, ..., (p- 1)/2=-(p- 1)/2 (mod p), we have ((p - 1)/2)!2
=-(p - 1)! =1 (mod p).(Because p=3 (mod 4) the minus signs work out.) If x2 =1 (mod p),
then p I x2 - 1= (x - l)(x + 1) , sox =±1(mod p).
33. Suppose that p=1(mod4). Let y =±[(p - 1)/2]!. Then y2 =[(p - 1)/2]!2 =[(p 1)/2]!2(-l)(p-l)/2 =(1. 2. 3 ...(p - 1)/2)(-1. (- 2) . (-3) ... (-(p - 1)/2) ) =1 2. ·
3
·
·
·
(p - 1)/2 (p+ 1)/2 ·
·
·
·
(p- 3)(p - 2)(p - 1) =(p - 1)! = -1 (mod p), where we
have used Wilson's theorem.Now suppose that x2=-1 (mod p). Then x2=y2 (mod p) where
y = [(p - 1)/2]!. Hence, (x2 - y2) = (x - y)(x +y) (mod p). It follows that p I(x - y) or
p I(x + y) so that x =±y (mod p).
35. If n is composite and n -=f. 4, then Exercise 16 shows that (n - 1)!/n is an integer, so [((n - 1)! +1)/n - [(n - l)!jn]] = [(n - l)!jn +1/n - (n - 1)!/n] = [ 1/n] = 0, and if n= 4, then the same expression is also equal to 0. But if n is prime, then by Wilson's Theorem (n - 1)! =Kn - 1 for some integer K. So [((n - 1)! + 1)/n - [(n - 1)!/n]] =[(Kn - 1+
1)/n - [(Kn - 1)/n]] = [K - (K - 1) ] = 1. Therefore, the sum increases by 1 exactly when nis prime, so it must be equal to
rr (n).
37. Let n=4k + r with 0 � r < 4. Then by Fermat's little theorem, we have bn = b4k+r =
(b4) kbr =lkbr =br (mod 5) for any integer b. Then 1 n +2n +3n +4n =1' +2r +3r +4r (mod 5). We consider each of the 4 possibilities for r. If r = 0, then 1' +2r +3r +4r = 1+ 1+ 1+ 1=4 (mod 5). If r = 1, then 1' + 2r + 3r + 4r =1+ 2+ 3+ 4=0 (mod 5). If r = 2, then l' + 2r + 3r +4r =1+4 +9+16 =30 =0 (mod 5). If r = 3, then l' +2r +3r +4r = 1+ 8 + 27 + 64=1+ 3+ 2+ 4=0 (mod 5). So 5 divides 1n + 2n + 3n + 4n if and only if r =0, that is, if and only if 4 In.
39. Suppose that n and n+2 are twin primes. By Wilson's theorem, n is prime if and only if (n - 1)! = -1 (mod n). Hence, 4[(n - 1)! + 1] + n=4
0+ n=0 (mod n). Also, because n+ 2 is prime, by Wilson's theorem it follows that (n + 1)! = -1 (mod n+ 2) , so that (n+l)n (n - 1)! =(-1)(- 2)(n - 1)! = 2(n - 1)! =-1(mod n+2).Hence, 4[(n - 1)! +1] + n= 2(2 (n- 1)! ) + 4+ n= 2 (-1) + 4+ n= n + 2=0 (mod n + 2). Because (n, n+ 2) = 1, ·
·
·
·
Answers to Odd-Numbered Exercises
674
it follows that 4[(n - 1)! + 1] + n =0 (mod n(n + 2)). The converse follows for n odd, by reversing these calculations. For n even, it's easy to check that one of the congruences in the system fails to hold. 41.
We have 1·2 ·· · (p - 1) =(p+ l)(p +2)· · · (2p - 1) (mod p). Each factor is prime to p, so 1 =((p+ l)(p+2)·· · (2p - 1))/(1·2· · ·(p - 1)) (mod p). Thus, 2 =((p+ l)(p+ 2) ...(2p - 1)2p)/(1·2 ...(p - l)p) = e:) (mod p).
43.
We first note that IP= 1 (mod p).Now suppose that aP=a (mod p).Then by Exercise 42, we see that (a+ l)P =aP+ 1 (mod p). But by the inductive hypothesis aP =a (mod p), we see that aP+1=a+1(mod p). Hence, (a+ l)P =a+ 1 (mod p). If c < 26, then c cards are put into the deck above the card, so it ends up in the 2cth position and 2c < 52, so b= 2c. If c � 26, then the card is in the c -26th place in the bottom half of the deck. In the shuffle, c -26 - 1 cards are put into the deck above the card, so it ends up in the b = (c -26 + c -26 - l)th place.Then b = 2c - 53=2c (mod 53). b. 52
45.
a.
47.
Assume without loss of generality that
a =b =0 (mod p). Then by Wilson's theorem, P P bp-l=-1 (mod p). Then a1b1· · · ap- bp- =(-1)2 =1 (mod p). l l If the set were a complete system, the last product would be = -1 (mod p).
a 1a 2
•
•
•
ap-l=b1b2
•
•
•
49.
The basis step is omitted.Assume(p - l)Pk-J = -1 (mod pk). Then(p - l)Pk =((p - l)Pk-1)P = (-1 + mpk)P = -1+ (�) mpk+ · · · + (mpk)P = -1 (mod pk+1), where we have used the fact that p I (�) for j � 0 or p.
51.
First suppose n is prime. Then from Exercise 72 in Section 3.5 , we have n fork= 1, 2, 3, ..., n - 1. Then by the binomial theorem,
(�)
is divisible by
(x - a)n = xn - (�)xn-la +
(�)xn-2a 2 + ...+ (-a)n=xn + (-a)n (mod n), because all the binomial coefficients, except
the first and last, are divisible by n. Then by Fermat's little theorem, because (n, -a)= 1, we have xn+ (-a)n =xn - a (mod n), so these two polynomials are congruent modulo n as polynomials. Conversely, suppose n is not prime and let p be the smallest prime dividing n, and let q = pa 11 n . Looking at the expression above, it suffices to show that one of the binomial coefficients is not divisible by q, and hence not divisible by n. Let n = mq. Then n(n - 1)··· (n - (q - 1)) m(n - 1)··· (n - (q - 1)) n . . = = . Because q 1s the highest q qi (q - 1)! power of p dividing n, we have (q, m) = 1. Further, if q I (n - b), for b= 1, 2, . .., q - 1, then q I b, but 1:::; b:::; q - 1, a contradiction. Therefore, q doesn't divide the numerator of the fraction, and so neither does n. Therefore, (;) ¢=. 0 (mod n). Because the coefficient of xq is 0 in xn - a, these two polynomials cannot be congruent modulo n as polynomials.
()
Section 6.2 1.
390 =1(mod91), but91= 7 · 13
3.
2161038 =2 (mod 161038)
(n - a)n= (-a)n=-(an)=-a=(n - a) (mod n) m 2 7. Raise the congruence22m=-1 (mod Fm) to the22m- th power, to obtain22 m =1(mod22m + 1), which says that 2F -1=1 (mod Fm). m 9. Suppose that n is a pseudoprime to the bases a and b.Then bn=b (mod n) and a =a (mod n). n It follows that (ab)n =anbn =ab (mod n). Hence, n is a pseudoprime to the base ab.
5.
(ab)n-l =1 (mod n), then, 1=an-lbn-l=1 · bn-l (mod n), which implies that n is a pseudoprime to the base b, a contradiction.
11. If
Answers to Odd-Numbered Exercises 13.
A computation shows 21387 and 2693
= 2(mod 1387), so 1387
= 512(mod 1387), which
is a pseudoprime. But 1387 - 1 = 2·693
is all that must be checked, because
Miller's test and hence is not a strong pseudoprime.
15.
Notethat 25326001- 1=241582875=28t and with this value oft, 21
-1(mod 25326001), and 51
17.
= 1(mod 25326001).
Suppose c= 7 · 23· q, with
q
675
s = 1.
Thus, 1387 fails
=-1(mod 25326001), 31 =
an odd prime, is a Carmichael number. Then by Theorem
6.7, we must have (7 - l)l(c- 1), so c = 7 · 23· q
= 1(mod 6). Solving this yields q = 5 = 1(mod 22). Solving this yields
(mod 6).Also, we must have (23- l)l(c- 1), so c= 7·23· q
q = 19 (mod 22) If we apply the Chinese remainder theorem to these two congruences, we obtain q = 41(mod 66), that is, q = 41+66k. Then we must have (q - l)l(c- 1), which is (40 +66k)l(7·23·(41+66k) - 1. So there is an integer m such that m(40 +66k) =
6600 + l0626k = 160 + 6440 + l0626k = 160 + 161(40 + 66k). Therefore, 160 must be a
multiple of 40+66k, which happens only when k = 0. Therefore, q = 41 is the only such prime.
19.
We have 321,197,185- 1=321,197,184=4·80,299,296= 18· 17,844,288=22· 14,599,872=
28· 11,471,328 =36·8,922,144 = 136· 2,361,744, so p - 11321, 197, 185 - 1 for every prime
p which divides 321, 197,185. Therefore, by Theorem 6.7, 321,197,185 is a Carmichael number.
21.
We can assume that b
< n.Then b has fewer than log2 n bits. Also,t < n so it has fewer than log2 n 2 bits.It takes at most log2 n multiplications to calculate b ', so it takes 0(log2 n) multiplications to 2 21 1 calculate b 0g2 =b1• Each multiplication is of two log2 n bit numbers, and so takes 0((log2 n) )
operations.So all together we have O((log2 n)3) operations.
Section 6.3 1. a.
1, 5
b. 1, 2, 4, 5, 7, 8
c.
d. 1, 3, 5, 9, 11, 13
1, 3, 7, 9
e.
f. 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16
3.
If
1, 3, 5, 7, 9, 11, 13, 15
(a, m)= 1, then (-a, m)=1, so-ci must appear among the cj.Also ci ¢. -ci(mod m), or = 0(mod m) and so (ci, m) f. 1.Hence, the elements of in the sum can be paired so that
else 2ci
each pair sums to 0(mod m), and thus the entire sum is 0 (mod m).
5.
1
7.
11
9.
2 2 Becausea = 1(mod 8) whenever a is odd, it follows thata1 = 1(mod 8) whenever l.Euler's theorem tells us thatarf>(9) =a6
(mod 9) whenever
(a, 32760)= = (a6)2 = 1 that a4 = 1
= 1(mod 9) whenever(a, 9)=1, so thata1
2
(a, 32760)= 1. Furthermore, Fermat's little theorem tells us (a, 5) = 1, a6 = 1(mod 7) whenever (a, 7) = 1, and a12 = 1(mod 13) whenever (a, 13) = 1. It follows that a12 = (a4)3 = 1(mod 5), a12 = (a6)2 = 1(mod 7), and 2 a12 = 1(mod 13) whenever (a, 32760) = 1. Because 32760= 233 · 5· 7· 13 and the moduli 8, 9, 5, 7, and 13 are pairwise relatively prime, we see that a12 = 1(mod 32760).
(mod 5) whenever
11. a. x = 9(mod 13.
14)
b. x
= 13(mod 15)
c. x
= 7(mod 16)
For a particular i =1, 2, . ..k, note that
a set of k linear congruences with moduli mutually relatively prime. So by the Chinese remainder
theorem, the unique solution to the system modulo n is a. So arf>(n)+l
15. a.x =37(mod 187)
b.x
=23(mod 30)
c.x
=6 (mod 210)
=a (mod n).
d. x
=150,999(mod 554,268).
17.
1
19.
4>(13) = 12, 4>(14)=6, 4>(15)=8, 4>(16) =8, 4>(17)= 16, 4>(18) =6, 4>(19) = 18, 4>(20) =8
Answers to Odd-Numbered Exercises
676
21. If (a, b) = 1 and (a, b- 1) = 1,then a I (bk
1) =d
>
1,then d divides any repunit of length k(b - 1),and (a/d) I (bk
these sets intersect infinitely often.
23. Let ai. a ,
, ar be the bases to which n is a pseudoprime and for which (ai, n) =1 for each i. n is not a pseudoprime to the base bai. Thus, we have 2r different elements relatively prime ton. Then by the definition of
.
•
•
Then by part (a), we know that, for each i,
Section 7.1 1.
m and n, f(mn) = 0 = 0 0 = f(m) f(n), f is completely multiplicative. b. Because f(6) = 2, but f(2) f(3) = 2 2 = 4, f is not completely multiplicative. c. Because f(6) = 3, but /(2) /(3) = = f is not completely multiplicative. d. Because f(4) = log(4) > 1, but f(2) f(2) = log(2) log(2) < 1, f is not completely multiplicative. e. Because for any positive integers m and n, f(mn) = (mn)2 = m2n2 = f(m) f(n), f is completely multiplicative. f. Because /(4) = 4! = 24, but /(2) /(2) = 2!2! = 4, f is not completely multiplicative. g. Because /(6) =7, but /(2) /(3) =4 3 =12, f is not completely multiplicative h. Because /(4) = 44 =256,but f(2) f(2) = 2222 = 16,f is not completely multiplicative. i. Because for any positive integers m and n, f(mn) = ,Jmn = rm..rn = f(m) . f(n), f is completely multiplicative. Because for all positive integers
a.
·
·
·
·
� � �.
·
·
·
·
·
·
·
·
·
3. We have the following prime factorizations of 5186, 5187, and 5188: 5186 = 2
2593, 5187 =3 7 13 19, and 5188 =221 297. Hence,
·
·
·
·
·
·
·
·
5. 7,9,1 4,18 7. 35,39,45,52,56,70,72,78,84,90 9.
with t odd. Then
Pr where each Pi is a distinct Fermat prime. 1 2 19. Let n = p 1 p r be the factorization for n. If n = 2
�
·
•
•
•
·
•
�
·
·
·
�
nj =l
•
•
•
nJ=l ; \
�
of the product on the right-hand side. Therefore, no odd primes appear in the product. That is,
n = 2j for some j.
21. Because (m, n) = p, p divides one of the terms, say, n, exactly once, so n =kp with (m, k) =1 =(n, k). Then
23. Let Pi.
Pr be those primes dividing a but not b. Let qi. but not a. Let Ti. ...rt be those primes dividing a and b. Let p = ·
·
·
,
·
·
·
,
q be those primes dividing b 5 (1- ), Q = (1and
n ;i n t) R =n (l- f,). Then we have
R- 1. so
-
'
·
Answers to Odd-Numbered Exercises
677
25. Assume there are only finitely many primes, 2, 3, . . . , p. Let N = 2 · 3 · 5 ·· · p. Then 1. This contradiction shows that there are infinitely many primes. 27. From the formula for the
33. Let n = p�1p; ···p:k . Let Pi be the property that an integer is divisible by Pi· Let S be the set {1, 2, ... , n- l}. To compute
p11p12
p1m
n_) = n )+...+(-l)k( _
p , ;1 2
Pi
P;1P;2
hand, notice that each term in the expansion of by choosing either
P2
P1
P2
Pk
;; from each factor and multiplying the choices together. This · �����p· . Note that each term can occur in only one way. Thus, p11 12 1m
n(l- _!_)(1- _!_)·· · (1- _!_) = n(l- '°' P1
.
(1- _!_)(1 - _!_) · · · (1 - _!_) is obtained
1 or -
gives each term the form
_ _ P1 Pk
,p;1 2P;3 P;1P;2P;3
Pk
_!_ +'°'
L..,,p;ln Pi
n ) =
L..,,pi1Pi2 P;1P;2
P1···Pk
35. Note that 1:::; 1. Hence ifn :'.:: 2, n>n >n 2> · ·· :'.:: 1 where ni = 1. Because ni, i = 1, 2, 3, ... is a decreasing sequence of positive integers, there must be a positive integer r such that nr = 1. 37. Note that the definition of f * g can also be expressed as (f * g)(n) = La·= b f(a)g(b). Then n the fact that f * g = g * f is evident. 39.
a.
If either m>1 or n>1, then mn>1 and one of t(m) or t(n) is equal to zero. Then
t(mn) = 0 = t(m)t(n). Otherwise, m = n = 1 and we have t(mn) = 1=1 · 1 = t(m)t(n). b. (t * f)(n) = Ld t(d)J(9J) = t(l)f(1) = f(n) because ln t(d) = 0 except when d = l.(f * t)(n) = (t * f)(n) = f(n) by Exercise 37.
Therefore, t(n) is multiplicative.
41. Leth= f * g and let (m, n) = 1. Then h(mn) = Ld m f(d)g(";t). Because (m, n) = 1, each l n divisor d of mn can be expressed in exactly one way as d = ab where a I m and b In. Then (a, b) = 1 and( � , �) = 1. Then there is a one-to-one correspondence between the divisors d of mn and the pairs of products ab where a I m and b In.Then
Answers to Odd-Numbered Exercises
678
'°'
h(mn) = � f(ab)g(
mn
aim bin
'°' m n ) = � f(a)f(b)g(-)g(-)
ab
-
a
aim bin
b
m
= L f(a)g( ) L f(b)g('!.) = h(m)h(n), a bn b aim i as desired.
43.
a.
-1
b. -1
c. 1
d. 1
e.
-1
f. -1
g. 1
= Ldln J...(d). Suppose pt II n. Then f(pt) = J...(1) +J...(p) +J...(p 2) +... +J...(pt) = 1- 1 + 1+(-1)1 = 0 if tis odd and equal to 1 if tis even. Note that f(n) = f(ptb) = = ( ) J...(pt)) = f(b)f(pt). By induction, this shows that l J... Leib J...(e)(J...(l) +J...(p) + Ld n d 2 p�r) =fl f(p�i) = 0 if any ai is odd (n is not a f is multiplicative. Then f(n) = f(p�1p; square) and equal to 1 if all ai are even (n is a square).
45. Let f(n)
·
·
·
·
·
·
•
•
•
47. If f and g are completely multiplicative and m and n are positive integers, then we have
(fg)(mn) = f(mn)g(mn) = f(m)f(n)g(m)g(n) = f(m)g(m)f(n)g(n) = (fg)(m)(fg)(n), so fg is also completely multiplicative.
49. f(mn) =log mn =log m +log n 51.
a.
2
b. 3
c. 1
d. 4
e.
8
= f(m) + f(n)
f. 15
= 1. Then by the additivity of f, we have f(mn) = f(m) + f(n). Then g(mn) = 2f(mn) = 2f(m)+f(n) = 2f(m)2f(n) = g(m)g(n).
53. Let (m, n)
Section 7.2 1.
48 b. 399 c. 2340 d. 2101 - 1 h. 13, 891, 399, 238, 731, 734, 720 a.
e.
6912
f. 813,404,592
g. 15,334,088
3. perfect squares 5.
a.
6,11
7. Note that
b. 10,17
c. 14, 15, 23
d. 33, 35, 47
e.
none
f. 44, 65,83
r(pk-l) = k whenever pis prime and k is a positive integer k
r(n) = k has infinitely many solutions.
>
1. Hence, the equation
9. squares of primes 11. nr(n)/2 13.
a.
Thenth term is a(2n).
integer
m with r(m) = n.
b. Thenth term is a (n) - r(n).
c. Thenth term is the least positive = n.
d. Thenth term is the number of solutions k to the equation a (k)
15. 2, 4, 6, 12, 24,36
a be the largest highly composite integer less than or equal ton. Note that 2a is less than or a, and hence r(2a) > r(a). By Exercise 16, there must be a highly composite integer bwith a < b::: 2a. If b::: n, this contradicts the choice of a. Therefore, n < b ::: 2n. It follows that there must be a highly composite integer k with 2m < k ::: 2m+ 1 for
17. Let
equal to 2n and has more divisors than
every nonnegative integer or equal to
m.
Therefore, there are at least
m
highly composite integers less than
2m. Thus, the mth highly composite integer is less than or equal to 2m.
19. 1, 2, 4,6, 12, 24,36, 48
21. 1 +pk
23. Suppose that a and bare positive integers with (a, b)
Ld21a df Ld21a d� = ak(a)ak(b).
25. prime numbers
= 1. Then Ldlab dk =Ldila,d2lb(d1d2)k =
Answers to Odd-Numbered Exercises 27. Let
n=
we have
p�1p;2 p�r x pb1 1 p2bz b •
•
•
=
[x, y]=n,
be integers such that x , y] =n. Then x In and y In, so c1 cz c , where b and =0 , 1 , 2 , ..., ai.Because ·· ·Pr' · · ·Pr' and y = and let
x
and
y
i
p1 p2 i ..., ai.
cd = a 0, 1,
we must have max { b ,
ai and the other can range over
i , ci)
pair ( b
679
[
i
ci ci 2ai + 1 b1, b , ... bro ci. . . . , Cr 2
for each i. Then one of bi and Therefore, we have
must be equal to
ways to choose the
for each i. Then in total, we can choose the exponents
(2a1 + 1)(2a2 +
1) ··· (2 ar + 1)=r(n2)
ways.
29. Suppose that n is composite. Then n= ab where a and b are integers with 1
<
a ::'.Sb
<
in
n. It follows
.j7i, or b � .jii,. Consequently, a (n) � 1 + a + b + n > 1 + .j7i, + n > n + .jii,. Conversely, suppose that n is prime. Then a (n) =n + 1 so that a (n) ::'.S n + .jii,. Hence, a(n) > n +.j7i, implies that n is composite. that either a �
31. For
I:j;:�r(j)=2 I:}�l [ j J -[.Jn-=1]2. r(n) 2 I:}�l ([7 ]- [ j ]) =2Lj:s[Jn=!J1,
n=1, the statement is true. Suppose that
the induction step, it suffices to show that
n
n
=
l
For
1
Jin
which is true by the definition of r(n), because there is one factor less than
.j7i, for every factor greater than .jii,. Note that if n is a perfect square, we must add the term 2 .jii, -(2 .jii, -1) =1 to the last two sums. For
[7 J -100
n=1 00, we have 1:}�1r(j)=21:}�1
=482.
ci i) i. L p�i L p:; b + 2 d TIP; L�;=O pfa(p�i i i) Ldl( ,b) da ( d2) a d· d TIPi di. di ::'.Sci i, pi'a(p/a·+b·-2d· b d b d TIP P1ia(p�i+ i-2 i) da (TI P P�i+ i-2 i) =da (Tip/P�i IP1i)(p:i IP1i)) i i L�=0(pa+b-j + pa+b-j-I ... +pi), c pk k -c ::'.S k c 1 (pa pa-I + ··· + l)(pb pb-I ··· 1)= a(pa)a(ph), pk k=(a + - n), 0 0 n pk + 1, + 1)=c + 1 · pia--1 ··· 1)(Pib· + Pib--1 + ··· . a a =TIPi pia'+ a· ' ' ' b I + ··· +pf ) 1) =TI P L�i=0(p�i i i +p�i+h; i i 35. 52 53 7.1, (n)=2w( ) g(n), h(n)=Ldln 2w(d) = 33. Let a=
and b=
and let
=min(ai, b ab/
=
=
Then
for each
for each
We first prove that the product
.To see this, let
be any divisor of (a, b), say, '
so each of the terms
') appears in exactly
one of the sums in the product. Therefore, if we expand the product, we will find, exactly
=
=
once, the term
da((a/d)(b/d)). This proves the first identity. Next, consider the sum +
that
where
=min(a, b). The term
the other hand, in the expansion of the product the same term
::'.S
appears in this sum once each time
=a+ b - j, which happens exactly when a+ b
< a) (b)
+
+
+
appears whenever
m)
::'.Sb.Each of m andn determines the other, so
times. IVen this1.dentity, we have .
::'.Sa+ b, that is,
+
(b
where
appears exactly min(a +
<
times.On +
::'.Sm ::'.Sa and
b
+
+
, which is the right side of the identity, as we
+
proved above.
From Exercises
and
in Section
we know that the arithmetic function f
is multiplicative. Further, because the Dirichlet product
g(n)= 1
is also multiplicative, we know that
7.1.
Becauser(n) and
Lf=0 pi
Ldlpa
39.
*
n
where
h(n) is also multiplicative. See Exercise 41 in n2 are multiplicative, so isr(n2). Therefore, it sufficient to prove the identity for n equal to a prime power, We have =(2a + 1). On the other hand, we 1 2 =2 a + 1. 2 w( ) = 1 + 2 w( d ) = have
37.
f
p
a
p
pa. Lf=1
a(p) p
Section 7.3 1.
6; 28; 496; 8128; 33,5 50,336; 8,589,869,0 56
3.
a.
5.
12, 18,20,24,30,36
31
b.
127
c.
127
r(p2a)
Answers to Odd-Numbered Exercises
680
n=pk wherepis prime and k is a positive integer. Then a(pk) = P:+�11 . Note that 2pk - 1 < pk+1 because p::: 2. It follows that pk+1 - 1 < 2(pk+1 - pk)=2pk(p - 1), so that (p:+�l l) < 2pk=2n. It follows that n=pk is deficient. Suppose thatn is abundant or perfect. Then a(n)::: 2n. Suppose thatn Im. Thenm=nk for some integer k. The divisors of m include the integers kd and d I n. Hence, a(m)::: Ldln(k + l)d = (k + 1) Ldln d = (k + l)a(n) :'.:: (k + 1)2n > 2kn=2m. Hence, m is abundant. Ifpis any prime, then a(p) =p + 1 < 2p, sopis deficient. Because there are infinitely many
7. Suppose that
9.
11.
primes, we must have infinitely many deficient numbers.
6 and 9 for an alternate solution. For a positive integer a, let n=3a 5 · 7 and =a(3a 5 · 7) =(3a +l 1) /(3 - 1)(5 + 1)(7 + 1) =(3a +l 1)24 =3a +l24 24 = 2 · 3a(36) - 24 =2 · 3a(35) + 2 · 3a - 24 =2n+ 2 · 3a - 24, which will be greater than 2n whenever a::: 3. This demonstrates infinitely many odd abundant integers. a. The prime factorizations of 220 and 284 are 220 =22 · 5 · 11 and 284 =22 · 71. Hence, o-(220) =a(22)a(5)a(ll) =7 · 6 · 12 =504 and o-(284) =a(22)a(71) =7 · 72 =504. Because o-(220) =o-(284) =220 + 284 =504, it follows that 220 and 284 form an amicable pair. b. The prime factorizations of 1184 and 1210 are 1184 = 25 37 and 1210=2 · 5 · 112• Hence, o-(1184) =a(25)a(37) =63 · 38 = 2394 and o-(1210) =a(2)a(5)a(112) =3 · 6 · 133 = 2394. Because o-(1184) =o-(1210) = 1184 + 1210 = 2394, 1184 and 1210 form an amicable pair. c. The prime factorizations of 79,750 and 88,730 are 79, 750 =2 · 53 · 11 · 29 and 88, 730 = 2 · 5 · 19 · 467. Hence, o-(79,750) + a(2)a(53)a(ll)a(29) =3 · 156 · 12 · 30 =168,480 and similarly a(88, 730) =a(2)a (5)a (19)a( 467) =3 · ·6 · 20 · 468= 168,480. Because a(79,750) = o-(88,730) =79,750 + 88,730 = 168,480, it follows that 79,750 and 88,730 form an amicable
13. See Exercises computea(n)
15.
_
_
_
•
pair.
17. 19. 21.
o-(120) =o-(23 · 3 · 5) =a(23)a(3)a(5) =15 · 4 · 6 =360 =3 · 120 o-(27345 . 7 . 112. 17 . 19) = ��l · 3;�l<5 + 1)(7 + 1) w�l(17 + 1)(19 + 1) =255 . 121 . 6 . 8 . 133 . 18 . 20 =5 . 14, 182,439,040. Suppose that n is 3-perfect and 3 does not divide n. Then a( 3n) =a(3)a(n) =4 · 3n. Hence, 3n is 4-perfect.
107 ,200 a(o-(16)) =o-(31) =32 =2 · 16
23. 908, 25.
a(rs)::: rs+ r + s+ 1. Suppose n=2qt is superperfect t odd and t > 1. Then 2n=2q+lt =a (a(2qt)) =a ((2q+l 1) a(t))::: (2q+l - l)a(t) + (2q+l 1) + a(t) + 1 > 2q+1a(t)::: 2q+t(t + 1). Then t > t + 1, a contradiction. Therefore, we must have n=2q, in which case we have 2n= 2q+I =a (a(2q)) =a (2q+I 1) =a(2n - 1). Therefore, 2n - 1=2q+l - 1 is prime.
27. Certainly if rands are integers, then with
_
_
_
29.
a.
31.
Mn(Mn + 2) =(2n - 1)(2 n
33.
35.
yes
b. no
c.
yes
d. no
n
+ 1) =22n - 1. If 2n + 1 is prime, then (2n + 1) =2n and 22 = 1 (mod2n+ 1). Then (2n+ 1) I 22n - 1=Mn(Mn+2). Therefore, (2n+ 1) I Mn or (2n + 1) I (Mn + 2). Becausemis odd,m2= 1(mod 8), son= pam2= pa (mod 8). By Exercise 32(a), a= 1(mod 4), so pa = p4kp= p (mod 8),because p4k is an odd square. Therefore, n=p (mod 8). First suppose that n=pa where pis prime and a is a positive integer. Then a(n) = P:+�11 < P:: ::: 4 = 3; so that a(n) =f:. 2n and n is not perfect. Next suppose that n=pa qb p = p�1 = � 1-p 3 � a+I where a and bare primes and a and bare positive integers. Then a(n) = p -l 1 · < p q-l
Answers to Odd-Numbered Exercises pa+lqb+1 n pq 15 n n n (p-l)(q-1) - (p-l)(q-l) - (l-l)(l-l) ::S (l)(.±) - 8 3 5 p q perfect. _
_
_
<
2n. Hence, a(n)
681
f. 2n and n 1s not ·
37. integers of the form p5 and p2q where p and q are primes. 39. Suppose M =2n - 1=ak,with n and k integers greater than 1. Then a must be odd. If k=2j, n then 2n - 1=(ai)2• Because n > 1 and the square of an odd integer is congruent to 1 modulo 4, reduction of the last equation modulo 4 yields the contradiction -1 = 1 (mod 4); therefore,k must be odd. Then 2n=ak+ 1=(a+ l)(ak-l - ak-2+ + 1). So a+ 1=2m for some integer m. ·
Then 2n - 1=(2m - l)k. Now n
>
·
·
mk so reduction modulo 22m gives -1
=
or,because k is odd,2m = 0 (mod 22m),a contradiction.
k2m - 1 (mod 22m)
Section 7.4 1.
a.
0
b. 1
c.
-1
d. 0
e.
-1
f. 1
g. 0
3. 0, -1, -1, -1,0, -1,1, -1,0, -1, -1, respectively 5. 1,6,10, 14, 15,21 ,22,26,33,34,35,38,39,46,51,55,57,58,62,65,69,74,77,82, 85,86, 87,91,93,94,95
7. 1,0, -1, -1, -2, -1, -2, -2, -2, -1, respectively 9. Becauseµ(n) is 0 for nonsquarefree n,1 for n a product of an even number of distinct primes and
L:7=1µ(i) is unaffected
-1 for n a product of a odd number of distinct primes,the sum M(n)=
by the nonsquarefree numbers,but counts 1 for every even product and -1 for every odd product.
Thus,M (n) counts how many more even products than odd products there are.
11. For any nonnegative integer k,the numbers n=36k+ 8 and n+ 1=36k+ 9 are consecutive and divisible by 4=22 and 9=32,respectively. Therefore,µ(36k+8)+µ(36k+ 9)=0+0=0.
13. 3 15. Let h(n) =n be the identity function. Then from Theorem 7.7,we have h(n)=n= Ldln (n).
Then by the Mobius inversion formula,we have (n) =Ldln µ(d)h(n/d)=Ldln µ(d)(n/d)= n
Ldln µ(d)/d.
17. Becauseµ and f are multiplicative, then so is their product,µf, by Exercise 46 of Section
7.1. Further, the summatory function Ldln µ(d)f(d) is also multiplicative by Theorem 7.17. Therefore,it suffices to prove the proposition for n a prime power. We compute Ldlpaµ(d)f(d)= µ(pa)f(pa)+µ(pa-l)f(pa-1)+ . . . +µ(p)f(p)+µ(l)f(d). But for exponents greater than 1,µ(pi)=0,so the above sum equalsµ(p)f(p) +µ(l)f(1) = -f(p)+ 1.
19. (n) / n 21. (-l)k
n�=l Pi
23. Because both sides of the equation are known to be multiplicative (see Exercise 35 in Section 7.2), it suffices to prove the identity for n=pa, a prime power. On one hand, we have
Ldlpa µ2(d)=µ2(p)+µ2(1)=1+1=2.
right side is 21=2.
On the other hand, we have w(pa) =1, so the
�
25. Let'A play the role of f in the identity of Exercise 17. Then the left side equals n = (1 -'A(pj)) = 1 n = (l - (-1)) =2k=2w( n)_ l
�
27. We computeµ* v(n) =Ldln µ(d)v(n/d)=Ldln µ(d)=t(n), by Theorem 7.15. 29. Because v(n) is identically 1,we have F(n)=Ldln f(d) =Ldln f(d)v(n/d)=f * v(n). If we Dirichlet multiply both sides by µ,we have F *µ=f * v*µ=f * t =f.
Answers to Odd-Numbered Exercises
682
31. From the Mobius inversion formula, we have A(n)= Ldln µ(d) log(n/d)= Ldln µ(d)(log n log d) = Ldln µ(d) log(n) - L dln µ(d) log(d) =log n Ldln µ(d) - Ldln µ(d) log(d) = log nv(n) - Ldln µ(d) log(d)= - Ldln µ(d) log(d), because v(n) = 0 if n is not 1, and log n = 0 if n = 1. 33.
k be an integer in the range 0 � k � n - 1, and let d= (k, n), so that n= dj for s is a primitive nth root of unity, we have sn = (sd)i = 1, so sa is a jth root of unity. If sd were not a primitive jth root of unity, then 1= (sd)b= sdb with db< dj= n, contradicting the assumption that s is a primitive nth root of unity. So IT(k,n)=d(x - (sd)k ) =j(x) as the product runs through a complete set of reduced residues k n modulo j. It remains to note that x - 1 = rr�;:6(x - s ) because both poly nomials have dk the same degree and the same roots. The last product equals IIa1nn(k,n)=d(x - (s ) )= I1a1n
Let
some integer j. If
·
·
·
·
·
·
·
·
·
·
·
·
Section 7.5 1.
(2), (1, 1); p(2)= 2 b. (4), (3, 1), (2, 2), (2, 1, 1), (1, 1, 1, 1); p(4)= 5 c. (6), (5, 1), (4, 2), (4, 1, 1), (3, 3), (3, 2, 1), (3, 1, 1, 1), (2, 2, 2), (2, 2, 1, 1), (2, 1, 1, 1, 1), (1, 1, 1, 1, 1, 1); p(6) = 11 d. (9), (8, 1), (7, 2), (7, 1, 1), (6, 3), (6, 2, 1), (6, 1, 1, 1), (5, 4), (5, 3, 1), (5, 2, 2), (5, 2, 1, 1), (5, 1, 1, 1, 1), (4, 4, 1), (4, 3, 2), (4, 3, 1, 1), (4, 2, 2, 1), (4, 2, 1, 1, 1), (4, 1, 1, 1, 1, 1), (3, 3, 3), (3, 3, 2, 1), (3, 3, 1, 1, 1), (3, 2, 2, 2), (3, 2, 2, 1, 1), (3, 2, 1, 1, 1, 1), (3, 1, 1, 1, 1, 1, 1), (2, 2, 2, 2, 1), (2, 2, 2, 1, 1, 1), (2, 2, 1, 1, 1, 1, 1), (2, 1, 1, 1, 1, 1, 1, 1), (1, 1, 1, 1, 1, 1, 1, 1, 1); p (9)= 30 a.
3. Pa(6)= 4, pD(6)= 4, P2(6)= 4 5.
a.
8
b. 0
c.
4
d. 7
e.
8
f. 2
g. 4
h. 2
A be the set of all partitions of n. Then there are p(n) elements in A. Create subsets of A, named A 1' A 2, , An, as follows. For each partition in A, count the number of parts. If the number of parts is k, put the partition in Ak. Then the number of elements in Ak will be p(n, k). Because every partition of n has between 1 and n parts, all partitions go into
7. Let n be a positive integer and let
•
•
•
Answers to Odd-Numbered Exercises exactly one subset. Further, any two distinct subsets must be disjoint, so
683
A is the disjoint union of
I L�=l p(n, k). A . Thus, p(n) =I A l=I Ai I+ I A1 I+···+ I A = n k 9. p(5, 1) = 1, p(5, 2) =2, p(5, 3) =2, p(5, 4) = 1, p(5, 5)= 1. Then 1+ 2 + 2 + 1 + 1=7=p(5). the
11. 13.
[n/2] (greatest integer function) a. c.
15.
(5, 4, 2, 2, 1, 1), not self-conjugate b. (2, 2, 2, 2, 2, 2, 2, 1), not self-conjugate (7, 4, 3, 1), not self-conjugate d. ( 10 , 5), not self-conjugate
(8, 1, 1, 1, 1, 1, 1, 1), (6, 3, 3, 1, 1, 1) , (5, 4, 3, 2, 1) , (4, 4, 4, 3) m and n be integers with 1 :'.S m :'.Sn. If P is a partition of n into at most m parts, then m rows. Let Q be the conjugate of P. Then the Ferrers diagram for Q will have at most m columns, and hence represents a partition of n into parts not greater than m. Therefore, p(n I at most m parts) :'.S p(n I parts no greater than m). Conversely, suppose Q is a partition of n into parts no greater than m. Then the Ferrers diagram of Q has at most m columns. If P is the conjugate of Q, then the Ferrers diagram for P has at most m rows, and hence represents a partition of n into parts no greater than m. Therefore, p(n I parts no greater than m) :'.S p(n I at most m parts). The two inequalities together prove the
17. Let
the Ferrers diagram with have at most
assertion.
k n�1(1 + x2 ) = L:�=1xn=1;c1- x) 1 21. n�l(l + x2k)/(l- x2k- ); 1, 2, 3, 4, 6, 12, 1 6, 22, 29 19.
n�l(l- xdk)/(l- xk); l, 2, 3, 4, 6, 12, 16, 22, 29 oo 2 25. n =l(l- xk )/(1- xk). 0, 1 , 1, 1, 2, 3, 3, 5, 5, 8 k
23.
•
27. From the formula for the sum of a finite geometric series, we have
( 1- xk)= 1 + xk + x2k +
l ( 1- x
+ xdk. From Exercise 23, the generating function for P{ l )' +l}(n) kd k l) is n�1(1- xd(k+ )/(1- xk) = n�1(1 + xk + x2k + + xdk). But this last expression is the ·
·
·
·
generating function for 29.
·
·
p(nlno part appears more than d times) as found in Exercise 22.
p(nlno part equals 1) is, by Theorem 7.21, n� 1/( 1- xk) = 2 ( 1- x) n�1 l/(1- xk) = n�1 l/(1- xk)- x n�1 l/(1- xk). The coefficient of xn in the first product is p(n). The coefficient of xn in the second product is p(n- 1) , because of the extra factor of x in front of the product. Therefore, the coefficient of xn in the combined expression is p(n)- p(n- 1). b. If we have a partition of n- 1, then we can add 1 as an additional part to get a partition of n that contains a 1. Conversely, if we have a partition of n having 1 as a part, then we can remove the 1 and obtain a partition of n - 1. So there is a one-to-one correspondence between the set of partitions of n having 1 as a part and the set of partitions of n- 1. Therefore, the number of partitions of n not having one as a part equals p(n)- p(n 11 is not a part) = p(n)- p(n - 1). a.
The generating function for
n into distinct powers of 2. Define a process that changes the partition into l l a partition all of whose parts is 1, by taldng any part 2k and writing it as 2k- + 2k- . By iterating this process, all parts will be reduced to 2° = 1 and we will arrive at a partition of n into parts of size 1. Also define a reverse process in which, if any two like powers of 2 are present, say, 2k and 2k, they are merged into one part of size 2k. If we iterate this process on a partition into parts of size 1 = 2°, then we must eventually have all distinct powers of 2. Thus, we have a bijection between the set of partitions of n into parts of size 1 and the set of partitions of n into distinct powers of two. Therefore, p{l}(n) =p(n Idistinct powers of 2). Because there is only one partition of n into parts of size 1, there must be only one partition of n into distinct powers of 2. Because such a partition is the binary expansion of n, this shows that the binary expansion is unique.
31. Consider a partition of
33. From Exercise
30,
we know that
pg (n) equals the number of self-conjugate partitions of n. Call n. The subset of non-self-conjugate partitions
this number N, and consider the set of partitions of of
n has an even number of elements, because each partition can be paired with its conjugate.
684
Answers to Odd-Numbered Exercises Then p(n) equals the number of non-self-conjugate partitions plus the number of self-conjugate partitions, which is an even number plus N, which in turn is odd if and only if N is odd. 35. First, note that p(n - 2) = p(nlat least one part equals 2) because adding and removing of a part
of size 2 gives us a bijection between the two sets of partitions. Second, note that we can change an partition of n with no part of size 1 into at least one partition with a part of size 2 by taking the smallest part (which must be at least 2) and splitting off as many parts of size 1 as necessary. Therefore, p(nlat least one part of size 2) � p(nlno part equals 1). Now from Exercise 34, we have p(n) = p(n - 1) + p(nlno part equals 1)::: p(n - 1) + p(nlat least one part equals 2) = p(n- 1)+ p(n- 2). Next, note that p(l) =1 =hand p(2) = 2 = f3. This is our basis step. Suppose p(n)::: ln+l for all integers up to n. Then p(n+1) ::: p(n)+ p(n- 1) ::: ln+l+ fn= ln+2• which proves the induction step. So by mathematical induction, we have p(n)::: fn+l for every n. 37 . p(l) = 1; p(2) = 2; p(3) = 3 ; p(4) = 5; p(5) = 7 ; p(6) = 11; p(7) = 15; p(8) = 22; p(9) = 30 ;
p(lO)= 42; p(l1) = 56 ; p(l2)= 77
niES 1/(1- xi)= n n ES(l+xi+x i+ ) Then the coefficient of X , when we expand this product, is the i number of ways we can write n = a1k1+ a2k2 + where the ai are positive integers and the ki are elements from S, but this is exactly the number of partitions of n into parts from S. For the second part of the theorem, note that when we expand the product n ES(l+xi), the coefficient i of xn is the number of ways to write n= k1+ k2+ where the ki are elements of S. But this is just the number of partitions into distinct parts from S.
39. For the first part of the theorem, note that the product can be rewritten as
2
·
·
·
.
·
·
·
·
·
·
41. The partitions of ll into parts differing by at least 2 are(ll), ( 10, 1), (9, 2), (8, 3), (7, 4), (7, 3, 1),
and (6, 4, 1), for a total of 7. The positive integers less than or equal to 11 that are congruent to 1 or 4 modulo 5 are 1, 4, 6, 9, and 11, so the partitions of 11 into parts congruent to 1 or 5 modulo 5 are (11), (9, 1, 1), (6, 4, 1), (6, 1, 1, 1, 1, 1), (4, 4, 1, 1, 1), (4, 1, 1, 1, 1, 1, 1, 1), and (1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1), for a total of 7 also. This verifies the first Rogers-Ramanujan identity for n = 11. The partitions of 11 into parts differing by at least 2 and that are at least two are (11), (9, 2), (8, 3), and(?, 4), for a total of 4. The partitions of 11 into parts congruent to 2 or 3 modulo 5 are (8, 3), (7, 2, 2), (3, 3, 3, 2), and (3, 2, 2, 2, 2), for a total of 4 also. This verifies the second Rogers-Ramanujan identity for n= 11.
Section 8.1 1. DWWDF NDWGD ZQ 3. IEXXK FZKXC UUKZC STIGW 5. READ MY LIPS 7. 12 9. AN IDEA IS LIKE A CHILD NONE IS BETTER THAN YOUR OWN FROM CHINESE
FORTUNE COOKIE 11. 9, 12 13. THIS MESSAGE WAS ENCIPHERED USING AN AFFINE TRANSFORMATION 15. C
=
7P + 16 (mod 26)
Section 8.2 1. VSPFXH HIPKLB KIPMIE GTG
Answers to Odd-Numbered Exercises
685
3. TJE VT EESPZ TJIAN IARAB GSHW Q HASBU BJGAO XYACF XPHML AW VMO XANLB GABMS HNEIA TIEZ V VW NQF TLEZF HJW PB WKEAG AENOF UACIH LAT PR RDADR GKTJR XJDWA XXENB KA
S. Let n be the key length, and suppose ki. k2, of the keyword. If
Pi
•
•
•
,
kn
are the numerical equivalents of the letters
pj are two plaintext characters separated by a multiple of the key
=
length, when we separate the plaintext into blocks of length n,
Pi
and pj will be in the same
position in their respective blocks, say, the mth position. So when we encrypt them, we get
Ci= Pi+km= Pj +km= cj
(mod 26).
7. The key is YES, and the plaintext is MISTA KESAR EAPAR TOFBE INGHU MANAP PRECI ATEYO URMIS TAKES FORW H ATTHE YAREP RECIO USLIF ELESS ONSTH AT CAN ONLYB ELEAR NEDTH ERARD WAYUN LESSI T ISAF ATALM ISTAK EWHIC HATLE AST OT HERSC ANLEA RNFRO M.
9. The key is BIRD, and the plaintext is IONCE HADAS PARRO WALIG HTUPO NMYSH OULDE RFORA MOMEN TWHIL EIWAS HOEIN GINAV ILLAG EGARD ENAND IFELT THATI WASMO REDIS TINGU ISHED BYTHA T CIRC UMSTA NCETH AT ISH OULDH AVEBE ENBYA NYEPA ULETI COULD HAVEW ORN.
11. The key is SAGAN, and the plaintext is BU TTH EFACT THAT S OMEGE NIUSE SW ERE LAUGH EDATD OESNO TIMPL YTHAT ALLWH OAREL AUGHE DATAR EGENI USEST HEYLA UGHED AT COL UMBUS T HEYL AUGHE DATFU LTONT HEYLA UGHED ATTHE W RIGH T BROT HERSB UTTHE YALSO LAUGH EDATB OZOTH ECLOW N.
13. RL OQ NZ OF XM CQ KG QI VD AZ
3,
15. TO SLEEP PERCHANCE TO DREAMX 17.
24, 24, 25
19. We have C=AP (mod 26). Multiplying both sides on the left by A gives AC=A2P=IP=P (mod 26). The congruence A2 =I (mod 26) follows because A is involutory. It follows that A is also a deciphering matrix.
21. C
=
( �l i63 )
(mod 26)
23. If the plaintext is grouped into blocks of sizem, we may take block of size m [ , n]. If A is them
with
[�nl
xm
[m nl �
will encipher
(� 1 < � )
enciphering matrix, form the m [ , n]
copies of A on the diagonal and zeros elsewhere: B=
[�nl
of these blocks to form a super
0
·
·
x
m [ , n] matrix B
. T hen B
A
·
blocks of sizem at once. Similarly, if C is the n
x
n enciphering matrix, form
[m, n] matrix D. Then BD is an [m, n]
x
[m, n] enciphering matrix
the corresponding [m, n]
x
that does everything at once.
25. Multiplication of (0
·
·
·
010
·
·
·
0)
So if the jth row of a matrix A is if every row of A has its
(:)
(0
.
.
·
with the I in the ith place yields the I
010 . . 0), then A ·
( ;J ( :J �
x
I matrix (P1).
gives C �
i
P1• So
1 in a different column, then each Cj is equal to a different Pi. Hence, A
is a "permutation" matrix.
686
Answers to Odd-Numbered Exercises
27. P =
( ; �) 1
C +
( i�)
(mod 2 6)
29. TO XIC WASTE 31. Make a frequency count of the trigraphs and use a published English language count of frequencies of trigraphs. Then proceed as in problem 18. There are 12 variables to determine, so 4 guesses are needed.
33. yes 35. 01 1101 1010 37. RENDEZVOUS
1 2 ···Pm
39. Let p p
and
q1q2 • • qm •
be two different plaintext bit streams. Let
, km ki. k2, = 1, 2, ... •
•
•
the keystream by which the plaintexts are encrypted. Then note that for any i
be
, m,
Ek. (Pi)+Ek. (qi)=ki+Pi+ki+qi=2ki+Pi+qi= Pi+qi (mod 2 ). Therefore, by adding '
'
corresponding bits of the ciphertext streams, we get the sums of the corresponding bits of the plaintext streams. This partial information can lead to successful cryptanalysis of encrypted messages.
Section 8.3 1. 14 17172711 17 65 76 0776 14 3. BEAMMEUP 5. We encipher messages using the transformation
c
=P
11 (mod 31). The deciphering exponent is
=30. But 11 is its own inverse modulo 30 because
the inverse of 11 modulo 30 because (31)
·
11 11=121=1 (mod 30).It follows that 11 is both the enciphering and deciphering exponent.
Section 8.4 1. 151, 97
= p or q. Therefore,
3. Because a block of ciphertext p is less than n, we must have (p, n)
the
cryptanalyst has a factor of n.
5. 1215 1224 1471 0023 011 6 7. GREETINGSX 9. 0872 22 63 15372392
(e1e2, n), and it is no more difficult (or easy) to discover the e=e1e2 than it would be to discover the inverse of either of the factors modulo
x
x
small, then it may not be too difficult to compute ath roots of pa and thereby recover P.
15. Encryption works the same as for the two prime case.For decryption, we must compute an inverse d for
e modulo (n)= (p -
l)(
q-
= pq r the product of three primes. Then
l)(r - 1) where n
we proceed as in the two prime case.
17. Let the encryption key be
(e, n).Then C1= P{ (mod n) and C2= P; (mod n), where C1 and C2 (P1P2Y= P{ P;= C1C2
are reduced residues modulo n. W hen we encrypt the product, we getC = (mod n), as desired.
Answers to Odd-Numbered Exercises
687
Section 8.5 1.
a.
c.
b. no
yes
d. no
yes
a1<2a1
3. Proceed by induction. Certainly
5.
(17, 51, 85, 7, 14, 45, 73)
7. NUTS 9. If the multipliers and moduli are (wb m1), [O](w2, m2),
, [O](wn mr),[O] the inverse , Wr can be computed with respect to their corresponding moduli. Then we multiply and reduce succesively by (W;, mr), (wr-1' mr_1), , (.'WI, m1). The result will be the plaintext wl> w2,
•
•
•
.
.
•
•
•
•
sequence of easy knapsack problems.
11.
8. 21·95 1, 2, ...,n, we have ba; = ai (mod m). Then b8 = P = (ba1) x1(ba2y2 ... (banyn = ba1x1+···+anxn (mod m). Then S = a1x1+···+anxn (mod
13. For i
=
•
•
•
Section 8.6 1.
90
3.
476
n
, k be the private keys for parties 1 throughn, respectively.There aren steps in this protocol. The first step is for each of the parties 1 throughn to compute the least positive residue k of r ; (mod p) and send this value Yi to the i + 1st party. (Thenth party sends his value to the 1st party.) Now the ith party has the value Yi-I (where we take Yo to be Y ).The second step is for each
5. Let kb k2,
•
•
.
n
party to compute the least positive residue of
l�1 (mod p) and send this value to the i + 1st party.
Now the ith party has the least positive residue of
k k r ;-1+ ;-2 (mod p). This process is continued
for a total ofn steps. However, at thenth step, the computed value is not sent on to the next party. Then the ith party will have the least positive residue of (mod
7. 9.
k k k k k k k r i-l+ ;-2+···+ 1+ n+ n-1+··· ;+1+ ;
p), which is exactly the value of K desired.
0371 0354 0858 0858 0087 1369 0354 0000 0087 1543 1797 0535 0621 0105 0621 0865 0421 0000 0746 0803 0105 0621 0421
a.
b.
0833 0457 0074 0323
Ifni
Dk·· Therefore we can apply Ek. to Dk.(P) and retain uniqueness of blocks. Ifni>n ·, the 1 ' J J argument is similar. b. Ifni n ·, individual j receives Ek.(Dk.(P)) and knows an inverse 1 I
<
J
for e · modulo
I
I
=
Dk.(Ek.(P)). Because he knows ei, he can apply Ek.(Dk.(Ek.(P))) I I I J
he also knows e1·, he can apply
Dk.(Ek.(P)) J
J
J
=
=
P and discover the plaintext P.
Ek.(P). Because J
c.
Because only
Dk.I and thereby make Ek.(Dk.(P)) I I intelligible. d.ni = 2867>n = 2537, so we compute Dk (Ek (P)). Bothni andn > 2525, ; j so we use blocks of four. REGARDS FRED becomes 1704 0600 1703 1805 1704 0323 (adding 1 an X to fill out the last block). ei 11 and
j =
(mod
j
=
=
I
2867) and get 0479 2564 0518 1571 0479 1064. Now becauseni
Answers to Odd-Numbered Exercises
688
send Ek_(Dk_(P)), l
J
e1·
= 13,
e1·
= 937. Then Dk_(P) = P937 (mod 2537) J
and Ek_(D) = D11(mod 2867). The cipher text is 1609 1 802 0790 2508 1949 0267. I
11.
k1 = 4(mod 8), k2 = 5(mod 9), k3 = 2(mod 11)
13. The three shadows from Exercise 11 are k = 4,
If k and k2 are known, we 1 x = 5(mod 9) to get x =68. If k and k3 are 1 known, we solve the system of congruences x = 4(mod 8), x =2(mod 11) to get x =68. If k2 1 solve the system of congruences x = 4(mod 8),
and
x
k2 = 5,
are known, we solve the system of congruences
k3
and
k3 =2.
x = 5(mod
9),
= 68. In all three cases, we recover K0. Then K = K0 - tp = 68 - 13
x = 2(mod ·
11) to get
5 = 3.
Section 9.1 1.
a.
4
b. 4
c.
6
d. 4
3. 21=2(mod 3) and22 =1(mod 3), so ord 2 = 2. 21=2 (mod 5), 22 = 4(mod 5) and24 = 16 =1 3 (mod 5), so ord 5 2 = 4. 21 = 2(mod 7), 22 = 4(mod 7) and 23 = 1(mod 7), so ord7 2 = 3. 0 5. a.
7. Only 1, 5, 7, and 11 are prime to 12. Each one squared is congruent to 1, but
at= 1(modn). Then at = {atat)(at) = (aa)tat = 1t 1=1(modn). The ·
converse is shown in a similar manner.
13. We have 15. Let
[r, s]/(r, s) �
r =ordmat.
Then
(mod n), we have s �
17. Suppose that
r
or� a b
� [r, s]
atr = 1(mod m), and hence tr� ts and r� s. Because 1 = ast = (at)s
r.
prime divisors q of p - 1 because no smaller power than the
modulo p. Conversely, suppose that
r
is not a primitive root of p. Then there is an integer t
such that rt=1(mod p) with t < p - 1. Because t must divide some positive integer
(p -
p
r< -l)/q ¢=. 1(mod p) for all (p - l)st of r is congruent to 1
is a primitive root modulo the odd prime p. Then
p
- 1, we have p - 1
s greater than 1. Then (p - 1)/ s =t . Let q be a prime p l)/q = t(s/q), so that r< -l)/q= rt(s/q) =(rt)sfq =1(mod p).
divisor
=st for of s. Then
19. Because 22n + 1 = 0 (mod Fn), then 22n = -1(mod Fn). Squaring gives (22n)2 = 1(mod Fn).
n n Thus, ordp 2 � 2 2 =2 +1. n n 21. Note that at< m = a - 1 whenever 1
� t < n.
Hence, at cannot be congruent to 1 modulo m n whent is a positive integer less thann. However, a = 1(mod m) because m =(an - 1) I (an - 1).
It follows that ordma =n. Because or� a
I
23. First suppose that pq is a pseudoprime to the base 2. By Fermat's little theorem, 2P = 2(mod p), so there exists an integer
k
such that 2P - 2 = kp. Then
last expression is divisible by 2P - 1= M
2MP = 2(mod Mp).
2MP-l
- 1=22P-2 - 1=2
kp
- 1. This
2MP-l=1(mod Mp),
by Lemma 6.1. Hence, or P Because pq is a pseudoprime to the base 2, we have 2Pq=2(mod pq), so
2Pq = 2(mod p). But 2Pq =(2P)q = 2q(mod p). Therefore, 2q = 2(mod p). Then there exists divides
2Mq-l
M
l
- 1 = 2q - 2 =Ip. Then 2 q- - 1 = 22q_2 = 21P - 1, so 2P - 1 = M q P M M M M M M - 1. Therefore, 2 q =2(mod Mp). Then we have 2 p q = (2 P ) q = 2 q =2
an integer l such that M
(mod Mp). Similarly,
2MpMq =2(mod M
). By the Chinese remainder theorem, noting that q M M M and M are relatively prime, we have 2 p q = 2(mod MpM ). Therefore, MpM is q q q P a pseudoprime to the base 2. Conversely, suppose MpM is a pseudoprime to the base 2. q M From the reasoning in the proof of Theorem 6.6, we have that 2 P = 2(mod p). Therefore,
2MpMq = 2
But because M =2P - 1=0 (mod Mp), we have P
Answers to Odd-Numbered Exercises
689
that the order of 2 modulo M is p. Therefore, p IM - 1. In other words, 2q =2(mod p). Then P q 2Pq =2q =2(mod p).Similarly, 2Pq =2(mod q).Therefore, by the Chinese remainder theorem, 2Pq =2(mod pq). Therefore, because pq is composite, it is a pseudoprime to the base 2.
25.
a.
Let k be an integer that satisfies all of the congruences. If n =1(mod 2), then because 1 = 2, we have 2n + k=22m+l - 2 =(22r2 - 2=1m2 - 2=0(mod 3), so 3 I 2n + k. If
ord3 2
n=2(mod 4), then because ord5 2 = 4, we have 2n + k=24m+2 - 22=22 - 22=0(mod 5), so 3 1 n=1(mod 3), then because ord7 2 = 3, we have 2n + k=2 m+l - 2 =2 - 2=0 (mod 7), so 71 2n + k. If n =8(mod 12), then because ord13 2 = 12, we have 2n + k= 212m+s - 28 =28 - 28=0(mod 13), so 13 I 2n + k. If n =4(mod 8), then because ord17 2 = 8, we have 2n + k=28m+4 - 24=24 - 24=0(mod 17), so 17 I 2n + k. If n=0(mod 24), then 5 I 2n + k. If
because ord
if
12 24
=
24, we have 2n + k=224m - 2° =1 - 1=0(mod 241), so 241 I 2n + k. So
n satisfies any of the above congruences, we see that 2n + k cannot be prime. Let r the least nonnegative residue of n modulo 24. If r is odd, then n =1(mod 2). If r = 2, 6, 1 0, 1 4, 18, or 22, then n =2(mod 4). If r = 4 or 16, then n =1(mod 3).If r = 8 or 20, then n =8(mod 12). If r = 12, then n =4(mod 8). If r = 0, then n=0(mod 24). This shows that every positive integer n must satisfy one of the congruences n=1(mod 2), n=3(mod 4), n=1(mod 3), n=8 (mod 12), n=4(mod 8), and n=0(mod 24). So if k simultaneously satisfies all the congruences stated in the exercise, then 2n + k must be composite for all positive integers n. b. Simplifying
the congruences in part(a) gives us k=1(mod 3), k=1(mod 5), k=5(mod 7), k=4(mod 13),
k=1(mod 17), and k=-1(mod 241). Using computational software, we use the Chinese
remainder theorem to simultaneously solve this system of congruences to get k= 1,518,781
(mod 5,592,405). Note that the modulus is equal to 3 is composite for all positive integers
27. Let j
·
5 7 13 17 241. Then 2n + 1,518,781 ·
·
·
·
n.
= ordq,(
) e. Then ei =1(mod (n)). Because ord P I (n), we have ei =1(mod n n j-1 j j-1 j ord P). Then by Theorem 9 .2, pe =P(mod n), so ce = (Pe)e = pe =P(mod n) and n cej = pe= c (mod n).
Section 9.2 1.
a.
2
b. 2
c.
3
d. 0
3.
a.
2
b. 4
c.
8
d. 6
e.
12
f. 22
5. 2, 6, 7, 1 1 7 . 2, 3, 1 0, 13, 14, 1 5 9 . B y Lagrange's theorem, there are a t most two solutions to x 2=1(mod p), and w e know x=±1 are the two solutions. Because p=1(mod 4), 4 I (p - 1)
order 4 modulo p. Then x4
= (x2)2=1(mod
=
(p), so there is an element x of
p), so x2=±1(mod p). If x2=1(mod p), then x
does not have order 4.Therefore, x2=-1(mod p).
11.
a xn + a _1xn-l + a0, and let k be the largest integer such p does not divide n k n k akx + ak_ x -l + a0. Then f(x)=g(x)(mod p) for every value of x. In 1 particular, g(x) has the same set of roots as f(x). Because the number of roots is greater than
a.
Let f(x)
=
ak. Let g(x)
n
>
·
=
·
·
·
·
·
k, this contradicts Lagrange's theorem. Therefore, no such k exists and p must divide every
coefficient off(x).
b. Note that the degree off(x) is p - 2. By Fermat's little theorem, we have
that xP-l - 1=0(mod p), for x
(x - l)(x - 2)
·
·
·
=
1, 2, ... , p - 1.Further, each x in the same range is a zero for
(x - p + 1). Therefore, each x
=
1, 2, ... , p - 1 is a root of f(x). Because
f(x) has degree p - 2 and p - 1 roots, part(a) tells us that all the coefficients off(x) are divisible by p.
c.
From part(b), we know that the constant term of f(x) is divisible by p.The constant
term is given by f(O)
= (-1)(-2)
·
·
(mod p), which is Wilson's theorem.
·
(-p + 1) + 1=(-l)P-1(p - 1)! + 1=(p - 1)! + 1=0
Answers to Odd-Numbered Exercises
690
t·
� � q/ I
13.
a.
Because
=
relatively prime.
c.
2
18
15. If n is odd, composite, and not a power of 3, then the product in Exercise 14 is
1) � (n - 1, 3 - 1)(n - 1, 5 - 1) � 2 ·2 17.
a.
=4.
CTJ=l(n - 1, pi -
So there must be two bases other than
-1 and + 1.
f(x) is a polynomial with integer coefficients o f degree n - 1. Suppose x2 , ·, Xn are incongruent modulo p where p is prime. Consider the polynomial f(x) - LJ=l (xj) ni;6/x - xi)(xj - xi) . Note that Xj, j 1, 2, ... 'n is a root of
Suppose that
that xi.
g(x)
=
•
•
(1
)
=
f(xj) -[0 +0 +···+ f(xj) ni;fj(Xj xi)(xj - xi) +···+O]= f(xj) - f(xj) · 1=0(mod p). Because g(x) has n incongruent roots modulo p, and because it is of degree n - 1 or less, we can easily use Lagrange's theorem (Theorem 9.6) to see that g(x) = 0(mod p) for every integer x. b. 10 this polynomial modulo
p
because its value at
Xj
is
(n e. The decrypter needs ei = 1(mod n), but this choice of e forces j p' - 1, which )
19. By Exercise 27 of Section 9.1, j I ord (n e. Here,
)
=
=
=
=
will take quite some time to find.
Section 9.3 1. 4, 10,22 3.
a.
2
b.2
c.
5
d.2
5.
a.
2
b.2
c. 2
d.3
7.
a.
7
b.3
c. 2
1
d.27
9. 7, 13, 17, 19 11. 3, 13, 1 5,2 1,29,33
x 2 = 1(mod m). Let x = r' t :::= p - 1.Then r2' = 1(mod m). Because r is a primitive root, it follows that (m)/2 rC
13. Suppose that
r
is a primitive root of m, and suppose further that
(mod m) where 0 :::=
=
=
=
=
15. By Theorem 9.12, we know that ord k5
=
i
j are integers, because 5i= 1(mod4) but _ 5 =3(mod4). It follows that the integers k z l k 2 1 1, 5, ... , 52 - - , -1, -5, ..., - 5 2 are 2k-l incongruent integers modulo 2k. Because
-_
=
Answers to Odd-Numbered Exercises
691
Section 9.4 1. The values of ind5i, i = 1,2,.. .,22 are 22,2,16,4,1,18,19,6,10,3,9,20,14,21,17,8,7,
12,15,5,13,11,respectively.
3.
a.
b. none
7,18
5. 8,9,20,21,29 (mod 29) 7. all positive integers x = 1,12,23,24, 45,46,47,67,69,70,78,89,91,92,93,100,111,115,
116,133,137,138,139,144, 155,161,162,177, 183,184,185,188,199,207,208,210,221, 229,230,231,232,243,253,254,265,275,276,277,287,299,300,309,321,322,323,331, 345,346,353,367,368,369,375,386,391,392,397,413,414,415,419,430,437,438,441, 459,460,461,463,483,484,485,496,505 (mod 506) 9. Suppose that x4 = -1 (mod p) and let y =indrx.Then -x is also a solution and by Exercise 8, indr(-x) = indr(-1) + indr(x) =
(p - 1)/2 + y (mod p - 1). So, without loss of generality, (p - 1)/2, or 0 < 4y < 2(p - 1). Taking indices of both sides of the congruence yields 4y = indr(-1) = (p - 1)/2 (mod p - 1), again using Exercise 8. So 4y = (p - 1)/2 + m(p - 1) for some m. But 4y < 2(p - 1),so either 4y = (p - 1)/2 and so p = 8y + 1 or 4y = 3(p - 1)/2.In this last case, 3 must divide y,so we have p = 8(y/3) + 1.So in either case, p is of the desired form.Conversely, suppose p = 8k + 1 and let r be a primitive k k root of p.Take x = r . Then x4 = r 4 = r(p-l)/2 = -1 (mod p) by Exercise 8. So this x is a we may take
0
<
y
<
solution.
11. (1,2),(0,2) 13. x = 29 (mod 32); x = 4 (mod 8) 15. (0,0,1,1),(0,0,1,4) 17. x = 17 (mod 60)
k s .B a= (-1r5 and x = (-l)Y5 Then we have ind xk = (ky, k8) and ind a= (a, {J), so ky =a (mod 2) and k8 = fJ (mod 2e-2 ). Because k is odd, both congruences are solvable for y and 8,
19. We seek a solution to x = a (mod 2e).We take indices as described before Exercise 11. Suppose
which determine x.
l
21. First we show that ord .5 = 2e-2• Indeed, (2e) = 2e- , so it suffices to show that the highest power of 2
2 dividing 52•-2 - 1 is
2e. We proceed by induction.The basis step is the case
e
=
2,
which is true.Note that 52•-2 - 1 = (52•-3 - 1)(52•-3 +
1). The first factor is exactly divisible by 2e- l by the induction hypothesis.The second factor differs from the first by 2,so it is exactly
2,and therefore 52•-2 - 1 is exactly divisible by 2e,as desired.Hence, if k is odd, ±5k,±52k,..., ±52•-2k are 2e-l incongruent kth power residues, which is the the numbers k k number given by the formula.If 2m exactly divides k, then 5 = _5 (mod 2e),so the formula must be divided by 2,hence the factor (k, 2) in the denominator.Further, 52m has order 2e-2 ;2m if m :::: e - 2 and order 1 if m > e - 2,so the list must repeat modulo 2e every ord .52m terms, divisible by
whence the other factor in the denominator.
23.
2
(i) of the proof of Theorem 6.10,if n is not square-free, the 2n/9,which is substantially smaller than (n - 1)/4 for large n. If n is square-free, the argument following inequality (9.6) shows that if n has four or more factors, then the probability is less than n/8.The next inequality shows that the worst case for n = p1p
a.
From the first inequality in case
probability is strictly less than
is when
s1 = s2
b. 0.24999 .. .
and
s1
is as small as possible, which is the case stated in this exercise.
2
Answers to Odd-Numbered Exercises
692
Section 9.5 1. We have 22= 4 (mod 101), 25= 32 (mod 101), 210= (25)2= 322= 14 (mod 101), 220=
(210 ) 2= 142= 95(mod 101), 225= (25)5= 325= (322)232= 1024232= 14232= 196 -6
00
·
32=
0
32 = -192 = 10 (mod 101), 250 = (225)2 = 10 2 =100 = -1(mod 101), 21 = (25 )2 = (101-1) -1 2 = 1(mod 101). Because 2-q ¢=. 1(mod 101) for every proper divisor q of 100, and ·
( )
-
0
because 2<1 l-l) = 1(mod 101), it follows that 101 is prime.
3. 233 - 1= 2329, 3116 = -1(mod 233), 38 = 37 ¢=. 1(mod 233) 5. The first condition implies xFn-l = 1(mod Fn . The only prime dividing Fn - 1=2 2n is 2, and
(
)
n Fn - 1)/2 = 22 _1, so the second condition implies 2{Fn-l)/2
¢=. 1(mod
)
Fn . Then by Theorem
9.18, Fn is prime.
7. See [Le80 ] 9. Because n - 1=9928=2317 73, we take F = 2317 = 136 and R = 73, noting that F ·
>
R. We
apply Pocldington's test with a=3. We check(using a calculator or computational software) that 99 1 117 3 2 8 = 1(mod 9929) and (39928 2 - 1, 9929)=1 and (39928 - 1, 9929)=1, because 2 and 17 are the only primes dividing F. Therefore, n passes Pocklington's test and so is prime.
11. Note that 3329=2813 + 1 and 1 3
try 2<332
9
<
28 , so it is of the form that can be tested by Proth's test. We
-l)/2= 21664= 1(mod 3329)(using a calculator or computational software). So Proth's
test fails for a =2. Next we
try a=3 and compute 31664
= -1(mod 3329), which shows that
3329 is prime.
k k 13. We apply Pocklington's test to this situation. Note that n - 1=hq , so we let F =q and R=h and observe that by hypothesis F
>
R. Because q is the only prime dividing F , we need only n
n
check that there is an integer a such that a -l = 1(mod n) and (a< -l)/q - 1, n)=1. But both of these conditions are hypotheses.
Section 9.6 1.
a.
20
b. 12
c.
36
d. 48
e.
180
f. 388,080
g. 8640
h. 125,411, 328,000
3. 65, 520
�
�
!
!
,
5. Suppose that m = 2top 1
�
•
•
•
•
•
•
p '. Then }..(m) = [}..(2to),
!
•
•
•
set of numbers divides the product of these numbers, or their multiples, we see that }..(m)
(
I
(
7. For any integer x with x, n)= x, m)=1, we have xa = 1(mod n) and xa = 1(mod m). Then the Chinese remainder theorem gives us xa= 1(mod [n, m]). But because n is the largest integer with this property, we must have [n, m]=n, so min.
9. Suppose that ax= b (mod m). Multiplying both sides of this congruence by aA.(m)-l gives aA.(m)x = aA.(m)-lb (mod m). Because aA.(m) = 1(mod m), it follows that x = aA.(m)-lb (mod m).
Conversely, let x0 = aA.(m)-lb (mod m). Then ax0 = aaA.(m)-lb = aA.(m)b = b (mod m), so x0 is a solution.
11.
a.
(
First suppose that m=pa. Then we have x xc-l - 1)= 0 (mod pa). Lets be a primitive root k with c - l)k = 1(mod
for pa; then the solutions to xc-l = 1 are exactly the powers s and there are
(
(c - 1,
solutions all together. Now if m=p
�1
•
•
•
�
�
p ', we can count the number of solutions modulo p i
for each i. There is a one-to-one correspondence between solutions modulo m and the set of tuples of solutions to the system of congruences modulo each of the prime powers.
r
b. Suppose
(c - 1,
Answers to Odd-Numbered Exercises have
693
(c - 1,
is a prime factor, then
13. Let n =3pq, with p
<
q odd primes, be a Carmichael number.Then by Theorem 9.27,
p - ll3pq -1=3(p - l)q +3q -1, so p -113q -1, say, (p - l)a =3q -1. Because q> p, we must have a� 4. Similarly, there is an integer b such that (q - l)b =3p - 1.Solving these two equations for p and q y ields q =(2a +ab -3) /(ab -9) and p =(2b +ab -3) /(ab -9) = 1+(2b+6 )/(ab - 9).Then because p is an odd prime greater than 3, we must have 4(ab - 9) :'S 2b +6, which reduces to b(2a - 1) :'S 21. Because a� 4, this implies that b :'S 3. Then 4(ab -9) :'S 2b + 6 :'S 12, so ab :'S 21/4, so a :'S 5. Therefore, a =4 or 5.If b =3, then the denominator in the expression for q is a multiple of 3, so the numerator must be a multiple of 3, but that is impossible because there is no choice for a that is divisible by 3. Thus, b =1 or 2. The denominator of q must be positive, so ab> 9, which eliminates all remaining possibilities except a
=5, b =2, in which case p =11 and q =17. So the only Carmichael number of this form is
561=3 . 11 17. ·
15. Assume q
<
r.ByTheorem 9.23, q - llpqr -1=(q - l)pr +pr -1. Therefore, q - llpr -1,
=pr - 1. Similarly, b(r - 1) =pq - 1.Because q < r, we must have a> b. Solving these two equations for q and r y ields r = (p(a -1) + a(b - l))/(ab - p2) and q =(p(b - 1) +b(a - l))/(ab - p2) =1 +(p2 + pb - p -b )/(ab - p2). Because this last fraction must be an integer, we have ab - p2 :'S p2 + pb - p -b, which reduces to a(b - 1) :'S 2p2 +p(b - 1) or a - 1 :'S 2p2 /b + p(b - l)/b :'S 2p2 + p. So there are only finitely many values for a. Likewise, the same inequality gives us b(a -1) :'S 2p2 + pb - p or b(a - 1- p) :'S 2p2 - p. Because a> b and the denominator of the expression for q must be positive, we have that a� p +1.If a =p +1, we have (p + l)(q - 1) =pq - p +q - 1 = pr -1, which implies that p lq, a contradiction.Therefore, a> p +1, and so a -1 - p is a positive integer.The last inequality gives us b :'S b(a - 1- p) :'S 2p2 - p. Therefore, there are say, a(q - 1)
only finitely many values for b.Because a and b determine q and r, we see that there can be only finitely many Carmichael numbers of this form.
17. We have q (ab) = ((ab)A.(n) - l)/n =(aA.(n)bA.(n) - aA.(n) - bA.(n) +1+aA.(n) +bA.(n) - 2 )/n = n (aA.(n) - l)(bA.(n) - l)/n + ((aA.(n) -1) + (bA.(n) - l))/n = q (a) + q (b) (mod n). At the last n n step, we use the fact that n2 must divide (aA.(n) - l)(bA.(n) - 1), because ).(n) is the universal exponent.
Section 10.1 1. 69, 76, 77, 92, 46, 11, 12, 14, 19, 36, 29, 84, 05, 02, 00, 00, 00, ... 3. 10 5.
a.
a= 1 (mod 20)
7.
a.
31
b. a= 1 (mod 30030)
b. 715,827,882
c.
31
c.
a= 1 (mod 111111)
d. 195,225,786
e.
1,073,741,823
d. a= 1 (mod 225 -1). f. 1,073,741,823
9. 8, 64, 15, 71, 36, 64, 15, 71, 36, . .. 11. First we find that ord778 is 10.Because ord52 =4, the period length is 4. 13. Using the notation ofTheorem 10.4, we have Then the only possible values for
s
are the odd divisors of 60, which are 3, 5, and 15. Then we
note that 22 = 1 (mod 3), 24 = 1 (mod 5), and 24 = 16 = 1 (mod 15). In each case we have shown that ords2 :'S 4. Hence by Theorem 10.4, the maximum period length is 4.
15. 1, 24, 25, 18, 12, 30, 11, 10, 21
Answers to Odd-Numbered Exercises
694
17. Check that 7 has maximal order 1800 modulo 225 - 1. To make a large enough multiplier, raise 7 to a power relatively prime to
=
32,400,000, for example, to the 11th power.
19. 665 21.
a.
b. 9, 12, 6, 13, 8, 18, 2, 4, 16, 3, 9, 12, 6, . . .
8, 2, 8, 2, 8, 2, . . .
Section 10.2 1. We select k
=
1234 for our random integer. Converting the plaintext into numerical equiv
alents results in 0700 1515 2401 0817 1907 0300 2423, where we filled out the last block with an X. Using a calculator or computational software, we find y =rk=6i234 =517
(mod 2551). Then for each block P, we compute 8 = P ·bk= P · 33i234= P · 651 (mod 2551).
The resulting blocks are 0700 ·651= 1622 (mod 2551), 1515·651= 1579 (mod 2551), 2401·651=1839 (mod 2551), 0817·651=1259 (mod 2551), 1907 · 651=1671 (mod 2551), 0300 · 651=1424 (mod 2551), and 2423 · 651=855 (mod 2551). Therefore, the ciphertext is (517, 1622), (517, 1579), (517, 1839), (517, 1259), (517, 1671), (517, 1424), (517, 855). To y P -i-a =517255i-i-i 3 =5172537 =337 (mod 2551). Then
decrypt this ciphertext, we compute
for each block of the cipher text, we compute P =337· 8 (mod 2551). For the first block, we have 337 · 1622=0700 (mod 2551), which was the first block of the plaintext. The other blocks are decrypted the same way.
3. RABBIT 5.
(2022, 833); to verify this signature, we compute Vi= 202283 38012022 =1014=3823 = V (mod 2657) using computational software. 2 7. Let 8i = Pibk and 8 = P bk as in the ElGamal cryptosystem. If Pi is known, it is easy to compute 2 2 an inverse for Pi modulo p. Then bk= Pi8i (mod p). Then it is also easy to compute an inverse for bk (mod p). Then P =bk8 (mod p). Hence, the plaintext P is recovered. 2 2 2
(y, s)
=
Section 10.3 b. 5
2
d. 6
f. 20
30
1.
a.
8
3.
a.
At each stage of the splicing, the kth wire of one section is connected to the S(k)th wire, where
c.
e.
S(k) is the least positive residue of 3k - 2 (mod 50).
b. At each stage of the splicing, the kth
wire of one section is connected to the S(k)th wire, where S(k) is the least positive residue of 21K + 56 (mod 76).
c.
At each stage of the splicing, the kth wire of one section is connected
to the S(k)th wire, where S(k) is the least positive residue of 2k - 1 (mod 125).
Section 11.1 1.
a.
1
b. 1, 4
c.
1, 3, 4, 9, 10, 12
d. 1, 4, 5, 6, 7, 9, 11, 16, 17
3. 1, -1, -1, 1 5.
a.
( li ) =7Cll-i/2=75=492
•
7=52 · 7=3 · 7=-1 (mod 11)
(7, 3, 10, 6, 2) (mod 11) and three of these
are
greater than 11/2, so
b. (7, 14, 21, 28, 35)=
( li )
=
(-1)3
=
-1
( -;2) ( -;i ) ( % ) by Theorem 11.4. Using Theorems 1 1 .5 and 11.6, we have: If p=1 (mod 8) then, ( -;2 ) (1)(1) 1.If p=3 (mod 8), then ( -;2 ) (-1)(-1) 1.If p=-1 (mod 8), then ( -;2 ) (-1)(1) -1.If p =-3 (mod 8), then ( -;2 ) (1)(-1) -1.
7. We have
=
=
=
9. Because
=
=
=
=
=
=
p - 1=-1, p - 2=-2, .. . , (p + 1)/2= -(p - 1)/2 (mod p), we have ((p - 1)/ p) by Wilson's theorem. (Because p =3 (mod 4), we have that
2)!2 = -(p - 1)! =1 (mod
Answers to Odd-Numbered Exercises
695
(p - 1)/2 is odd, so that (-l)(p-l)/2 = -1.) By Euler's criterion, ((p - 1)/2)!(p-l)/2 =
(�-) (%) · · · (
(mod
p), by definition of the Legendre symbol. Because
((p - 1)/2)!=±1 (mod p), and (p - 1)/2 is odd, we have the result. 11. If p=
l(mod4), (7) = (-;,1) (i) =1· 1=1. If p=3 (mod4), (7) = (-;,1) (i) =
(-1) . 1= -1. 13.
a.
x = 2 or 4 (mod 7)
b. x =1 (mod 7)
c.
no solutions
15. Suppose that p is a prime that is at least 7. At least one of the three incongruent integers 2, 3, and
6 is a quadratic residue of p, because if neither 2 nor 3 is a quadratic residue of p, then 2 · 3= 6 is a quadratic residue of p. If 2 is a quadratic residue, then 2 and 4 are quadratic residues that differ by 2; if 3 is a quadratic residue, then 1 and 3 are quadratic residues that differ by 2; while if 6 is a quadratic residue, then 4 and 6 are quadratic residues that differ by 2.
17.
p = 4n + 3, 2n + 2 = (p + 1)/2. Then x2 = (±an+1)2 =a2n+2 = a
Because
19. x=1, 4, 11, or 14 (mod 15) 21. 47, 96, 135, 278, 723, 866, 905, 954 (mod 1001) 23. If x5 =a (mod pe+l), then x5 =a (mod pe). Conversely, if x5 =a (mod pe), then x5 = a + bpe
2x0y = -b (mod p), say, y = y0. x1 = x0 + y0pe. Then xi= x5 + 2x0y0pe=a+ pe(b + 2x0y0)=a (mod pe+l) because
for some integer b. We can solve the linear congruence Let
p I 2x0y0 + b. This is the induction step in showing that x2 =a (mod pe) has solutions if and only if ( = 1.
i)
25.
a.
4
b. 8
c.
0
d. 16
27. Suppose Pi. p , ... , Pn are the only primes of the form 4k + 1. Let N= 4(p1p2 · · · Pn)2 + 1.
2 q be an odd prime factor of N. Then q f= Pi i = 1, 2, . . . , n, but N = 0 (mod q), so 4(p1p2 · · · Pn)2 = -1 (mod q) and therefore ( �1 ) = 1, so q =1 (mod 4) by Theorem 11.5.
•
Let
29. Let bi. b , b , and b be four incongruent modular square roots of a modulo pq. Then each
2
4
3
bi is a solution to exactly one of the four sy stems of congruences in the text. For convenience, let the subscripts correspond to the lowercase Roman numerals of the systems. Suppose two of
pq. Without loss of generality, say b 1 =YI (mod pq) and b =Yi (mod pq). Then from sy stems (i) and (ii), we have that YI =b 1 = x (mod q) and 2 2 Yi =b = -x (mod q). Therefore, both x and -x are quadratic residues modulo q, but this is 2 2 2 2 impossible because q = 3 (mod 4). The other cases are identical. Next we show that one of the modular square roots is a quadratic residue. Because a is a quadratic residue modulo p, there exists b such that (±b)2 =a (mod p). Likewise, there exists c such that (±c)2 =a (mod q). One of b or -b is a quadratic residue modulo p, by Exercise 11. Without loss of generality, suppose b=d2 (mod p). Likewise, suppose c= e2 (mod q). Solve the system of congruences x= d (mod p), x = e (mod q). Then x2 =b (mod p) and x2 =c (mod q). Thus, x2 satisfies one of the the bi's were quadratic residues modulo
four congruences in the text and hence must be one of the bi. Therefore, this bi is a quadratic residue modulo
pq.
Answers to Odd-Numbered Exercises
696
31. Let r be a primitive root for p and let a If a=
b (mod p),
=
rs (mod p) and b = rt (mod p) with 1 � s,
t
� p- 1.
thens= t and sos and t have the same parity. By Theorem 11.2, we have part
ab= rs+t
(i). Further, we have
(mod
p).
Then the right-hand side of (ii) is 1 exactly whens and
t have the same parity, which is exactly when the left-hand side is 1. This proves part (ii). Finally,
because a 2
=
r2s (mod p) and 2s is even, we must have that a2 is a quadratic residue modulo p,
proving part (iii).
33. If r is a primitive root of q, then the set of all primitive roots is given by {rk: (k,
p-
1 numbers
On the other hand,
{rk : k is odd and k f. p, 1 � k
< 2 p} are all the primitive roots of
has (q - 1)/2=p quadratic residues, which are given by
q
{r2, r ,
4
This set has no intersection with the first one.
•
.
•
,
q. r2P}.
35. First suppose p = 22n +1 is a Fermat prime and let r be a primitive root for p. Then
also a primitive root. Conversely, suppose that of
p
is also a primitive root of
p.
Let
p
is an odd prime and every quadratic nonresidue
r be a particular primitive root of p. Then rk is a quadratic
nonresidue and hence a primitive root for
p if and only if k is odd. But this implies that every odd number is relatively prime to
q =2p + 1=2(4k + 3) + 1=8k + 7, so ( � )=1 by Theorem 11.6. Then by Euler's criterion, 2
39. Let q = 2k + 1. Because q does not divide 2P + 1, we must have, by Exercise 38, that k = 0 or 3 (mod 4). That is, k
41. Note that ��- 2 L.., j=l
e u +l) ) P
'(' 1) ( L.1±_ ) p
=
0, 3, 4, or 7 (mod 8). Then
=
(
) ( ( )
q
=
) (;) (l J)
i·i +J) = i2< +J) =
�
��-
=L.., j= 2
l
�
"71 1+ =��-1 L.., ]= p 2
2(0, 3, 4, or 7) + 1
( ')
��-1
L = L.., j=l p
because
( ') L p
=
±1 (mod 8).
j2 is a perfect square. Then
1= -1. Here we have used the
method in the solution to Exercise 10 to evaluate the last sum, and the fact that as the values 1 through
p-
2, so does }.
43. Let r be a primitive root of p. Then x2 (mod
p-
j runs through
p) has a solution if and only if 2 indrx = indra p - 1 is even, the last congruence is solvable if and 1 which happens when a=r2, r4, ... , rP- , i.e., (p - 1)/2 times. =
a (mod
1) has a solution in indrx. Because
only if indra is even,
45. q =2(4k + 1) + 1=8k + 3, so 2 is a quadratic nonresidue of q. By Exercise 33, 2 is a primitive root.
47. Check that q
=
3 (mod4), so -1 is a quadratic nonresidue of
( �4) ( �1 ) ( �2 ) =
q.
Because 4=22, we have
= (-1)(1) = - 1. Therefore, -4 is a nonresidue of
q.
By Exercise 33, -4 is
a primitive root.
49.
a. By adding
(2b)2
to both sides, we complete the square.
x2= C +a (mod pq). From each, subtract 2b.
51.
b. There are four solutions to
c. DETOUR
a. By noting this, the second player can tell which cards dealt are quadratic residues, because the
ciphertext will also be quadratic residues modulo modulo
53. 1, 3, 4
p.
p.
b. All ciphers will be quadratic residues
Answers to Odd-Numbered Exercises
697
Section 11.2 1.
a.
-1
b. 1
c.
1
d. 1
e.
1
f. 1
( �1)=1 and (* )={f) = (1)=1. 3(mod 4), then ( �1)=-1 and ( * )=- {f), so ( �3)=(-1)(-1)=1.If So ( �3 )=1.Ifp p -1(mod6) and p 1(mod4), then ( �3 ) = ( �1) ( * ) = 1 · {f) = ( 31) = -1. If p 3 (mod4), then ( �3 )=( �1) ( * )=(-1) {- {f)) = {f) = ( 31 )=-1.
3. If
p
=
1(mod6), there are2 cases: If
p
=
1(mod4), then
=
=
=
=
3, 9, 19, 25, or27(mod28) 1 7. a. F1=22 + 1= 5. We find that 3CF1-l)/2=3C5-l)/2=32=9 -1(mod F1).Hence by Pepin's test, we come(to the already obvious) conclusion that F1=5 is prime. b. F =2 2 + 1=257. Fr 8 8 l)/2=3c257-l)/2=312 (3 ) 16 1 3616 (1364)4 64 4 3 (64 2) 2 241 2 We find that 3C 3255·1283128 256 -1(mod257). Hence by Pepin's test, F =257 is prime. c. 3 327 68 3 8 831 1 94 2 2 -1(mod F4). 9. a. The lattice points in the rectangle are the points (i, j) where 0 < i < p/2 and 0 < j < q/2. There are the lattice points (i, j) with i = 1, 2, ..., (p - 1)/2 and j = 1, 2, ... , (q - 1)/2. Consequently, there are (p - 1)/2 · (q - 1)/2 such lattice points. b. The points on the diagonal connecting 0 and C are the points (x, y) where y=(q/p)x. Suppose that x and y are integers with y=(q/p)x. Then py=qx. Because (p, q)=1, it follows that p I x, which is impossible if 0 < x < p/2. Hence, there are no lattice points on this diagonal. c. The number of lattice points in the triangle with vertices O, A, and C is the number of lattice points (i, j) with i = 1, 2, ..., (p - 1)/2 and 1 � j � iq/p.For a fixed value of i in the indicated range, there are [iq/p] lattice points (i, j) in the triangle. Hence, the total number of lattice points in the triangle is L���l)/2[iq/p]. d. The number of lattice points in the triangle with vertices O, B, and C is the number of lattice points (i, j) with j = 1, 2, ..., (q - 1)/2 and 1 � i < jp/q. For a fixed value of j in the indicated range, there are [jp/q]lattice points (i, j) in the triangle. Hence the total number of lattice points in the triangle is L:j�-;l)/2[jp/q]. e. Because there are (p - 1)/2 · (q - 1)/2 lattice points in the rectangle, and no points on the diagonal OC, the sum of the numbers oflattice points in the triangles OBC and OAC is (p - 1)/2 · (q - 1)/2. By parts(b) and (c), it follows that LJ��l)/2[jq/p] + L:)�-;l)/2[jp/q] = (p - 1)/2 · (q - 1)/2.By Lemma 11 .3 , it follows that ( �) = (-l)T(p,q ) and (7J) = (-l)T(q,p ) where T(p, q) = LJ��l)/2[jp/q] and T(q, p) = L:j�-;l)/2[jq/ p].We conclude that ( �) ( ; ) = (-l)(p-l)/2·(q-l)/2 .This is the 5.
p
=
1,
=
3
=
=
=
=
=
=
=
=
=
=
=
law of quadratic reciprocity.
a = 2. Then we have p ±q(mod 8) and so (i) = (�) by Theorem 11 6 .. Now suppose a is an odd prime. If p q(mod 4a), then p q(mod a) and so {�) = {�). And because p q(mod 4), (p - 1)/2 (q - 1)/2(mod2). Then by Theorem 11.7, (i) = {�) (-l)(p-l)/2·(a-1)/2={�) (-l)(q-l)/2·Ca-l)/2=(�) But ifp -q(mod 4a), then p -q =
11. First suppose
=
=
=
=
.
=
=
a) and so ( 7)={�).And because p -q(mod 4), (p - 1)/2 (q - 1)/2 + 1(mod2). Then by Theorem 11 .7, (i) = {�) (-l)(p-l)/2·Ca-l)/2=(7) (-l)((q-1)/2+1)-(a-1)/2=
(mod
=
=
(-�/) (-l)Ca-l)/2 (�)=(�). The general casefollowsfrom the multiplicativity oftheLegendre
symbol.
13.
exi = 1 if and only if x is a multiple of27r. First, we compute (e(27ri/n)k)n = eC27ri/n)nk = (e(27ri>)k = l k = 1, so e(27ri/n)k is an nth root of unity. Now, if (k, n) = 1, then a.
Recall that
698
Answers to Odd-Numbered Exercises ((2ni/n)k)a
2ni
is a multiple of
nla.Therefore, a= n
if and only if
is the least posi
(eC2rri/n) k)a = 1.Therefore, eC2rri/n) k is a primitive nth root of unity. Conversely, suppose (k, n) = d > 1.Then (eC2rri/n) k )(n/d) = eC2rri ) k/d = 1, because k/d is an integer, and so in this case eC2rri/n) k is not a primitive nth root of unity. b. Let m = l + kn + where k is an integer. Then sm = sz kn = s1skn = s1• Now suppose s is a primitive nth root of unity and that sm = s1, and without loss of generality, assume m 2: l. From the first part of this exercise, we may take O:::: l:::: m < n.Then O = sm - s1 = s1 (sm-z - 1). Hence, sm-l = 1.Because n is the least positive integer such that sn = 1, we must have m - l = 0. c. e-2rri(z+l) = e2rrize2rri e-2rrize-2rri = e2rrizi e-2rrizi = l(z). First, l(z + 1) = e2rri(z+l) Next, I (-z) = e-2rriz - e2rriz = -(e2rriz - e-2rriz) = - I (z). Finally, suppose I (z) = 0. Then O = e2rriz - e-2rriz = e-2rriz(e4rriz - 1), so e4rriz = 1.Therefore, 4niz = 2nin for some in teger n, and so z = n/2. d. Fix y and consider g(x) = xn - yn and h(x) = (x - y)(sx n (n s-1y) · · · (s -lx - s- -l)y) as polynomials in x. Both polynomials have degree n.The lead i + ing coefficient in h(x) is s +2+·· n-l = sn(n-l)/2 = (sn) Cn-l)/2 = 1, because n - 1 is even. So both polynomials are monic. Further, note that g(s-2ky) = (s-2ky)n - yn = yn - yn = O for k = 0, 1, 2, ..., n - 1.Also, h(s-2ky) has (sk s-2ky - s-ky) = (s-kY - s-ky) = 0 as one of its factors. So g and h are monic polynomials sharing these n distinct zeros (because -2k runs tive integer for which
_
_
_
through a complete set of residues modulo
n,
by Theorem
4.7)
By the fundamental theorem of
g and h are identical. e e. Let x = e2rriz and y = -2rriz in the identity from part (d).Then the right-hand comesn�:6 (ske2rriz - s-ke-2rriz) =n�:6 (e2rri(z+k/n) - e-2rri(z+k/n) ) =n�:6 I algebra,
CTk:�l)/2 I
( ;) CT�:tn+l)/2 ( ;) 1)/2 ( nnk=-1(n+l)/2 ( ;;) n(nk=l CTk:�l)/2 ( - ;) ni:�l)/2 ( ;) ( - ;) 1 (z - ;) I (z)
z
+
I
I
uct becomes
I
z
k
+
z
+
=
=l(z)
1
z
I
I
+
( ;) z
+
=
. From the identities in part (c), this last prodz
z
1)/2 n(nk=l I l(z) CTk:�l)/21 z +
n-k
+
- n
. So the product above is equal to
z
side be-
)
k
( ;;) ( ;) CTk:�l)/2
=
z
+1-
=
. Then noting that the left side of the
(e2rriz)n - (e-2rriz)n = e2rrinz - e-2rrinz = I (nz) finishes the proof. f. For l = 1, 2, ..., (p - 1)/2, let k be the least positive residue of la modulo p.Then 1 /2 /2 l) l) = by the perodicity of I established in part (c). We break CTz�� I CTz�� I identity in part (d) is
( z;)
(;)
(;) nk1>p/2 (;) nk1
this product into two pieces
- 1
nk1
- kz
I
p
the number of identity.
k1
exceeding
g. Let z
p/2. But
=
I
p
I
kz
where N is
by Gauss' lemma,
()
(-l)N = �
.This establishes the
= l/p and n = q in the identities in parts (e) and (f).Then we have
n i��1)121
(�) =
(1;)/1 (�) =ni��1)12ni��1)12 (� ;) (� - ;) =ni��1)12 n(k�-1l)/2 1 ( � !:._)1 ( � - !:._) (-l)(p-l)/2·( q-l)/2, · (;) (-l)(p-l)/2·Cq-l)/2, /
+
I (-z)
=
p q I (z) and
q
p
the fact that there are exactly
+
where we have used the fact that
(p - 1)/2 (q
ble product. But, by symmetry, this is exactly the expression for completes the proof.
/
1)/2
factors in the douwhich
Answers to Odd-Numbered Exercises 15. Because p= 1 (mod4), we have q :::; 23, then
( f) ( �)
a= p1p2
Pk> then each Pi
·
·
•
=
( ;) = ( f)
. And because p= 1 (mod q) for all primes
= 1. Then if a is an integer with 1 <
29 and
699
<
( �) ( �1) ( �) =
•
•
•
a
<
29 and prime factorization
= lk = 1. So there are no quadratic
nonresidues modulo p less than 29. Further,because a quadratic residue must be an even power of any primitive root r, then r1 cannot be less than 29.
17.
a.
If a E T,then a= qk for some k = 1, 2, ... (p - 1)/2. So 1:::; a:::; q(p - 1)/2
<
(pq - 1)/2.
Further, because k:::; (p - 1)/2, and p is prime, we have (p, k) = 1. Because (q, p) = 1, then (a, p) = (qk, p) = 1, so a ES, and hence Tc S. Now suppose a ES - T. Then 1:::; a:::; (pq - 1)/2 and (a, p) = 1,and because a ¢. T, then a f. qk for any k.Thus,(a, q) = 1, so (a, pq) = 1, and so a ER. Thus, S - Tc R. Conversely, if a ER,then 1:::; a:::; (pq - 1)/2 and (a, pq)= 1, so certainly (a, q)= 1, and so a is not a multiple of q, and hence a¢. T. Hence,
a ES - T. Thus,R c S - T. Therefore,R= S - T. b. Because by part (a),R= S - T we . ... have naES a= naER a naET a= A(q 2 q ((p - 1)/2)a)=Aq(p-l)/2 ((p - 1)/2)!= A
(;)
((p - 1)/2)! (mod p) by Euler's criterion. Note that (pq - 1)/2= p(q - 1)/2 + (p -
1)/2, SOthat we can evaluate naES a=: ((p - l)!)(q-l)/2 ((p - 1)/2)! =:(-l)(q-l)/2 ((p - 1)/2)! (mod p) by Wilson's theorem. W hen we set these two expressions congruent to each other
(;) (-l)(p-l)/2 ( f). (-l)(q-l)/2 ( ; )
modulo p and cancel,we get A= (-l)(q-l)/2
,as desired.
c.
Because the roles of p and
q are identical in the hypotheses and in parts (a) and (b),the result follows by symmetry. Assume that
d.
By part (b),A=±1 (mod p),and by part (c),
=
A=±1 (mod q).So by the Chinese remainder theorem,we have A=±1 (mod pq).Conversely, suppose A= 1 (mod pq). Then A= 1 (mod p) and A= 1 (mod q). Then by parts (b) and (c),
( ;) =A=
we have (-l)(q-l)/2 that (-l)(q-l)/2
( ;)
1 (mod p) and (-l)(p-l)/2
= (-l)(p-l)/2
works if A= -1 (mod pq).
e.
( f)
( f)=A=
1 (mod q).We conclude
, because each side is equal to 1. A similar argument
If a is an integer in R, it is in the range 1:::; a:::; (pq - 1)/2 and
therefore its additive inverse modulo pq is in the range (pq + 1)/2:::; -a:::; pq - 1 in the set of reduced residue classes. By the Chinese remainder theorem,the congruence a2= 1 (mod pq) has exactly four solutions, 1, -1,
b, and -b (mod pq),and the congruence a2 = -1 (mod pq) has i, -i, ib, and -ib (mod pq). Now for each element a ER, (a, pq) = 1,so a has a multiplicative inverse v. By the remark above,exactly one of v, -vis in R. We let U be the set of those elements that are their own inverse or their own negative inverse,that is,let U ={a ERla2 =±1 (mod pq)}. Then when we compute A, all other elements will be paired with another element that is either solutions if and only p= q= 1 (mod4),and in this case it has exactly four solutions
its inverse or the negative of its inverse. Thus, we have A=
n a=± n a (mod pq). So if
aER p= q= 1 (mod pq),then A=±
n a=±(1
·
a EU the other case, A=
n a= ±(1 · c) ¢=. ±1 (mod pq), which completes the proof.
aEU
(; ) (; ) (: )
= (-l)(p-l)/2
(d) and (e),we have that (-l)(q-l)/2 So if p= q= 1 (mod4),we have we must have -
a EU
b · i · ib) = b2i2 = :r=l (mod pq). Conversely,in
(; ) (: ) f.
=
(:)
f. By parts
if and only if p= q= 1 (mod4).
· But if p= 1 (mod4) while q= 3 (mod4),then
, which means we must change the sign and have
(;) (:) =
.
700
Answers to Odd-Numbered Exercises The case where p= 3(mod 4) but q = 1(mod 4) is identical.If p = q = 3(mod 4),then we must
( �)
have -
f. -
(:)
so that we must have -
( �) (:) =
, which concludes the proof.
Section 11.3 1. a. 1
c. 1
b. -1
d. 1
e. -1
f. 1
3. 1,7,13,17,19,29,37,49,61,67,71,77,83,91,101,103,107,113,or 119(mod 120) 5. The pseudo-squares modulo 21 are 5 ,17, and 20 . 7. The pseudo-squares modulo 143 are 1, 3, 4, 9, 12, 14, 16, 23, 2 5, 27, 36,38, 42 , 48, 49, 53, 56, 64,69,75 ,81,82 ,92,100,103,108,113,114,126,and 133 .
9. Because n is odd and square-free, n has prime factorization n = p1p2 · · · Pr · Let b be one of the (p1 - 1)/2 quadratic nonresidues of Pi. so that
(; )
= -1.By the Chinese remainder theorem,
1
let a be a solution to the system of linear congruences
x = b (mod p1) x = 1(mod p2) x = 1(mod Pr ). Then
(;J (;J (;z) (;z) (; ) (�) (;J (;z) =
= -1,
Theref ore,
=
=
···
,
, (;J ( ;,)
= 1,.. .
=
= 1.
= ( -1) · 1 · · · 1 = -1.
11. a. Note that (a, b) = (b, r1) = (ri. r2) = · · · = (r -1' r ) = 1 and because the qi are even, n n the ri are odd. Because r0 =
(;�) (��)
b and a= E1r1(mod b), we have
(-l )(ro-l)/2·(r1-l)/2 byTheorem ll .11.If E1 = l,then
(%) = ( E�:1 ) =
(;�) (;�)
=
(%) = (-l)(ro-l)/2·(E1r1-l)/2 (�)
(%) = (-l)(ro-l)/2·(r1+1)/2 (��) = 1 1 1 1 (-l)(ro- )/2·(-ri- )/2 (��) = (-l)(ro- )/2· (E1r1- )/2 ( � ) ,because (r1+1)/2 and (- r1 - 1)/2 1 1 have the same parity. Similarly, ( � ) = (-l)(r1- )/2·(E2r2- )/2 (;�), 1 1 1 so (%) = (-l)(ro- )/2· (E1r1- )/2+(r1- )/2·(E2r2-l)/2 (;�) .Proceed inductively until the last step,
If E1 = -1,then
when
..!IL
(;�)
= (-l)(ro-l)/2 and we have
( ) ( ) rn-I
=
1 - rn-I
= 1.
b. If either ri-l= 1(mod 4) or Eiri= 1(mod 4), then (ri-l - 1)/2 ·
(E1ri - 1)/2 is even. Otherwise, that is, if ri = Eiri= 3(mod 4), then (ri - 1)/2 · (Eiri - 1)/2 -l -l
is odd. Then the exponent in part(a) is even or odd as Tis even or odd.
13. a. -1
c. -1
b. -1
� ;
�
� ;
1 15. Let n1 = p 1p 2 · · · p ' and n2 = q q 2
•
•
:
q • be the prime factorizations of n1 and n2. Then by
•
the definition of theKronecker symbol, we have
(:J (:J. 17. If a is odd, then by Exercise 16, we have
( � ) (�I ) ( : ) 11
=
=
2
( ) ( ) a n1n2
-
(:J ( � ) =
, using Exercise 16 again. If
s > 2 and t odd' Exercise 16 gives
.!!..
( ) (1..) s n1
=
=
ni
11
..f!... a1 ... PI
..f!... a Pr
,
.!!.. bi ... qi
( ) ( )
.!!.. q,
( )
b, =
. By Theorem 11.lO(i), we have
a is a multiple of 4, say, a = 2 s t with 1 1 (-l)(t- )/2·(n1- )/2
( ) ni ltl
and
..£..
( ) nz
=
Answers to Odd-Numbered Exercises
( ;2 y (-l)
701
n1 n2 (mod ItI), we have (�I) = ( itl ) and because 4 I a, n =n (mod 4), and so (-l)
=
.
Section 11.4
2<56l-l)/2 = 2280 = (210)28 = (-98)28 = (-982)14 =6714 = (672) 7 = 17 = 1(mod 561). Furthermore, we see that ( 5� ) = 1 because 561 = 1(mod 8). But 561 = 3 1 1 17 is not prime. 1
1. We have
·
·
b. Then a
a
and
=
=
=
7. n
=
=
5 (mod 40)
9. 80
Section 11.5 1. 1229
3. Because p, q =3 (mod 4), -1 is not a quadratic residue modulo p or q. If the four square roots are found using the method in Example 9.19, then only one of each possibility for choosing+ or - can yield a quadratic residue in each congruence, so there is only one system that results in a square.
5. If Paula chooses
c=
13, then v = 713, which is a quadratic residue of 141 1 , and which has
x =8222 = 1226 (mod 1411) and y vx 713 961 858 (mod 1411). She sends x = 1226, y = 858 to Vince. Vince checks that xy = 1226 858 =713 (mod 1411) and then sends the bit b = 1 to Paula, so she computes r =822 = 1193 (mod 1411) and ur =837 . 1 193 = 964(mod 141 1), which she sends to Vince. Because Vince sent b = 1, he computes 9642 =858(mod 1411) and notes that it is indeed equal to y. 7. The prover sends x = 14032 = 1,968,409 5 19 (mod 249 1). The verifier sends {1, 5}. The prover sends y = 1425. The verifier computes y2z = 14252 197 494 519 x (mod 249 1) square root u = 837(mod 141 1). Her random number is =
=
·
822,
so she computes
=
·
=
·
·
=
=
Answers to Odd-Numbered Exercises
702
9.
a.959, 1730, 2895, 441, 2900, 2684 (mod 3953)
b. 1074
c.1074 2 · 959· 1730 · 441·2684 = 336 = 4032
a to Vince, then a 2 = w2 (mod n), with a¢=. w (mod n). Then a 2 - w2 = (a - w)(a+ w) = 0 (mod n). By computing (a - w, n) and (a+ w, n), Vince will likely produce
11. If Paula sends back
a nontrivial factor of n.
Section 12.1 1.
a .4
3.
a.3/25 b. 11/90 c.4/33 b =2r3s5t7u, with r, s, t, and u
5.
•
b
•
.416
c.. 923076
d..53
e
•
.
009
f..000999
nonnegative integers
7.
a. pre-period 1, period 0 b. pre-period 2, period 0 c. pre-period 1, 2, period 0 e. pre-period 1, period 1 f. pre-period 2, period 4
9.
a.3
b.
11
c.37
d. 101
e.
41and271
f.
period
4
d. pre-period
7 and 13
11. Using the construction from Theorem 12.2 and Example 12.1, we use induction to show that ck =
k - 1 and Yk =(kb - k+ 1) /(b - 1 )2. Clearly, c1 =c and y1 =b/(b - 1 )2.The induction step is as 2 2 follows: ck+l= [byk]= [(kb2 - bk+ b)/(b - 1) ]= [(k(b - 1)2+ b(k + 1) - k )/(b - 1) ]= [k+(b(k+ 1) - k )/(b - 1 )2] =k , and Yk+l =((k +l)b - k )/(b - 1 )2, if k-=!= b - 2. If k= b - 2, we have cb_2= b - 1, so we have determinedb - lconsecutive digits ofthe expansion. From the binomial theorem, (x+l)a =ax+ 1 (mod x2), so ord (b l) 2b =b - 1, which is the period length. Therefore, we have determined the entire expansion.
b expansion is (.100100001 ...h, 12.4 represents an irrational number.
13. The base
which is non-repeating and therefore by Theorem
y be a real number. Set c0 =[y] and and y1 =y - c0. Then 0 :S y1 < 1 and y =c0+y1 . < k for k= 1, 2, 3, .. . , we must have c1= 0. Let c2= [2y1] and y2= 2y1 - c2. Then y1= (c2+ y2)/2, soy= c0 + cifl!+ c2/2! + y2/2! Now let c3= [3y2] and y3 =3y2 - c3. Then y2 =(c3+y3)/3 and so y =c0+cifl!+c2/2!+c3/3! +y3/3!. Continuing in this fashion, for each k= 2, 3, . .., define ck= [kYk 1] and Yk= k Yk 1 - ck. Then y =c0+cifl!+c2/2!+c3/3!+···+ck / k!+ Yk l k!. Because each Yk < 1, we know that limk-Hlo Ykl k! = 0, so we conclude that y =c0+cifl!+c2/2!+c3/3!+· ··+ck / k!+
15. Let
From the condition that ck
·
·
·
.
PY are the remainders of bn upon division by p. n =(.c1c2 c p l) has period length p - 1, we have by Theorem 12.4 that ordpb= p - 1, so there is an integer k such that bk = m (mod p). So the remainders of mbn upon division by p are the same as the remainders of bkbn upon division by p. Hence, the nth digit of the expansion of m / pis determined by the remainder ofbk+n upon division by p. Therefore, it will be the same as the (k+ n)th digit of1/ p.
17. In the proof of Theorem
12.2,
the numbers
The process recurs as soon as some Yi repeats a value.Because 1/ p
.
.
.
19. n must be prime with 2 a primitive root.
1 =a+E , where a is an integer and 0 :s E < 1. Then [ybi] - b[ybi- ] = [(a+E )b] b[a + E]= ab+ [Eb] - ab= [Eb]. Because 0 :S E < 0, this last expression is an integer between 1 0 and b - 1. Therefore, 0 :s [ybi] - b[ybi- ] :s b - 1. Now consider the sum L:f=1([ybi] 1 b[ybi- ])/bi. Factor out l/bN to clear fractions and this becomes (l/bN ) L:f=1(bN-i [ybi] 1 l bN-(j- )[ybi- ]). This sum telescopes to (-bN[y]+[ybN])/bN = [ybN]/bN because [y] = 0.
21. Let ybi-
l
[ybN]/bN= (ybN - ybN + [ybN])/bN= y - (ybN - [ybN])/bN. But 0 :s ybN [ybN] < 1, so taking limits as N---+ oo of both sides of this equation y ields y= L:�1( [ybi] 1 b[ybi- ])/bi. By the uniqueness of the base b expansion given in Theorem 12.1, we must have 1 cj = [ybi] - b[ybi- ] for each j. But
Answers to Odd-Numbered Exercises
� (-l)ai
�
a
� (-l)ai
703
�
(-l) i 1 Pk Pk . .-,and - =L-23. Let a =L---.- ::: -. .Asm .-.Then a--= L L 1 , , , Z Z Z Z lQ lQ . qk qk . i=l lQ . i= k+l i= k+l lQ . i=l the proof of Corollary 12.5.1, it follows that
I I I :: I ;
( ! , which shows that there can be 1Q +l) must be transcendental. <
a -
no real number C as in Theorem 12.5.Hence,a
=hfk. Thenk!(e - 1 - 1/1 ! - 1/2! - · · · 1/k! ) is an integer.But this is equal to k!( l/(k + 1)! + 1/(k + 2)! + ..·) = 1/(k + 1) + 1/(k + l)(k + 2) + ... < 1/(k + 1) + 1/(k + 2 ) is positive,and therefore cannot be = 1/k < 1.Butk!( 1/(k + 1) ! + 1/(k+ 2)! + 1) +
25. Suppose
·
·
e
·
·
·
·
an integer,a contradiction.
Section 12.2 1. 3.
a.
15/7
b. 10/7
a.
[1; 2,1,1,2]
c.
d. 355/113
6/31
b. [1; 1,7,2]
c.
[2; 9]
f. [O; 9,1,3,6,2, 4,1,2]
5.
a.
1,3/2, 4/3,7/5, 18/13
119/38,310/99. -931/1005
7.
a. 3/2
e.
e.
2
f. 3/2
g. 5/3
d. [3; 7,1,1,1,1,2]
b. 1,2,15/8, 32/17
c.
2,19/9
h. 8/5 e.
[-1 ; 13,1,1,2,1,1,2,2]
d. 3, 22/7, 25/8, 47/15, 72/23,
-1, -12/13,-13/14, -25/27,-63/68,-88/95, -151/163, -390/421,
to, 1/9,1;10, 4/39,25/244,54/527,241/2352,295/2879,831/8110
> 7/5 and 1 < 4/3 < 18/13
b. 2 > 32/17and 1 < 15/8
119/38 and 3 < 25/8 < 72/23 < 310/99
e.
c.
vacuous
d. 22/7 > 47/15 >
-12/13 > -25/27 > -88/95 > -390/421 and
-1 < -13/14 < -63/68 < -151/163 < -931/1005
f.1/9 > 4/39 > 54/527 > 295/2879 and
0 < 1/10 < 25/244 < 241/2352 < 831/8110
r/s.The Euclidean algorithm for 1/a =s/ r < 1 givess= O(r)+s; r= a0(s)+ ai. and continues just like for r/s.
9. Let
a=
11. Proceed by induction. The basis case is trivial. Assume qj '.::'.: fj for j
qn = Pn-l =s and Pn = r, so by Theorem n n 12.10 we have Pnqn-1 - qnPn-1 = rqn-1 - s = (-l) -l . Then rqn-1 = s2 + (-l) -l and so nnr ls2 - ( -l)n.Conversely,if rls2 + (- l) l, then ( - l) l= Pnqn-1 - qnPn-1= rqn-1 - Pn-s. l nn-l n-l 2 l) - ( and hence rl(s + ( -l) )=s(s - Pn-1).Because So rlPn-ls+ (-l) Pn-ls + ( -l) s,Pn-l
2
[ao; ai. ... , an].
15. Note that the notation [a0; ai. ... , an] makes sense, even when the a j's are not integers.
ai = ' Then [ak; ak+b ak+2 ] ai < [ak; ak+b ak+2 + x] = ai + x . [a0; ai. ... , ak+2] = [ao; ai. ... , ail> [ao; ai. ... , ai + x'] = [a0; ai. ... , ak+2 + x]. Proceed similarly fork even.
Use induction. Assume the statement is true fork odd and prove it fork+ 2. Define and check that
Section 12.3 1.
a.
[1; 2,2,2,...]
b. [1; 1,2,1,2,...]
c.
[2; 4, 4,...]
d. [1; 1,1,1,. ..]
3. 312689/99532 5. If a1 > 1, let A= [a2; a3, ...]. Then [a0; a1, ...] + [-a0 - 1; 1,a1 - 1,a2 , a3, ...] = a0 + a1
A
+ /A) +
1 -ao - 1 + 1+ 1 ai-1+(1/A)
(
)
= 0.Similarly if a1 = 1.
Answers to Odd-Numbered Exercises
704
1 =[O; a0, ai. a2, ...].Then =[a0; ai. a2, ...], then 1/a =1/[a0; a1, a2, ...] =0+ + ao ai+··· the kth convergent of 1/a is [O; a0, ai. a2, ... , ak_1]=1/[a0; ai. a2, ... , ak_1], which is the
7. If a
reciprocal of the (k- 1)st convergent of a.
p/q
(,JS+ 1)/2=[1; 1, 1, ...], so qn = fn (Fibonacci) and pn=qn+l· Then limn�oo qn_ifqn=limn�oo qn-ifPn-l=2/ (J5 + 1)=(J51)/2. So limn�oo ((JS+1)/2+ (qn_ifqn)) =(JS+1)/2+(JS - 1)/2 =JS. So (JS+
9. By Theorem 12.19, such a
1)/2+
(qn_ifqn)
>
is a convergent of a. Now
c only finitely often. Whence, 1/ ((JS+ 1)/2 + (qn_ifqn)) q;
only finitely often. The following identity finishes the proof. Note that an= a for all
n. Then
(Pnfqn)I = l(an+lPn+ Pn-1)/(an+lqn+qn_l) - (Pnfqn)I =1(-(pnqn-1 - Pn-lqn))/ (qn(aqn+ qn-1))1=1/(q;(a + (qn_ifqn)). If /3 is equivalent toa, thenf3=(aa+ b)/(ca+ d). Solving for a gives a=(-d/3 + b)/(c/3 - a), la -
11.
1/( cq;)
<
so a is equivalent to f3.
13. By symmetry and transitivity (Exercises 11 and 12), it suffices to show that every rational
number a=m/n ( which we can assume is in lowest terms) is equivalent to 1 . By the Euclidean
algorithm, we can find
a
(aa+ b)/(ca+ d) =1. 15. Note that Pk,tqk-l
and
b such that ma+ nb =1. Let d =m +band c =a - n. Then
- qk,tPk-l =t(Pk-lqk-l - qk-lPk-1)+(Pk-2qk-l - Pk-lqk-2) = ±1. Thus,
Pk,t and qk,t are relatively prime.
17. See, for example, the classic work by 0. Perron, Die Lehre von den Kett enbriichen, Leipzig, Teubner (1929).
19. 179/57 21. Note first that if b < d, then la/b - c/dl < 1/2d2 implies that lad - bcl < b/2 d < 1/2, but because
bf. d, lad - bcl is a positive integer, and so is greater than 1/2. Thus, b � d. c/d is not a convergent of the continued fraction for a/b. Because the denominators of the convergents increase to b, there must be two successive convergents Pnfqn and Pn+ifqn+l such that qn < d < qn+l· Next, by the triangle inequality we have Now assume that
1/2d2 >
I� - �I =I� - Pnqn 1-1� - Pnqn I I� - Pnqn I - Pnqn+l+l - Pnqn �
b
d
d
b
convergent is on the other side of
a/b
d
'
because then+ 1st
from the nth convergent. Because the numerator of the
first difference on the right side is a nonzero integer, and applying Corollary 12.3 to the second difference, we have the last expression greater than or equal to through by
d2, we get
deduce that 1/2
<
.!.
2
d/qn+l·
>
.!!:._ qn
(
1-
� qn+l
)
> 1-
�
qn+l
1/dqn - 1/qn+lqn.If we multiply
because
d/qn
> 1. From which we
The convergents Pnfqn and Pn+ifqn+l divide the line into three regions. As any of these, there are three cases. Case 1 : If
c/d could be in
:::; I � - Pn I dqn d qn 1
c/ d is between the convergents, then - -
because the numerator of the fraction is a positive integer and the denominators on both sides of the inequality are the same. This last is less than or equal to the
1 Pn+1 Pn = qn qn+l qn+lqn c/ d and where we have
because
n + 1st convergent is farther from thenth convergent than applied d � qn+l• a contradiction. Case 2: If c/d is closer to Pnfqn,
Corollary 12.3. But this implies that
:::; I� - Pn I :::; I� - �I dqn d qn
1 then again - -
because a/ b is on the other side of thenth convergent d 2 from c/ d. But this last is less than 1/2 d , and if we multiply through by d, we have 1/qn < 1/2 d,
b
Answers to Odd-Numbered Exercises which implies that qn
>
d,
a contradiction. Case
d/qn+i <1/2,
If c/d is closer to Pn+ifqn+i• then with the
1 -- :::; !:.. d dqn+l
Pn+l
I� I
< - !:.. <1/2d2. But this implies b d qn+l contradicting the inequality established above. Having exhausted all the cases,
same reasoning as in Case 2, we have that
3:
705
we must conclude that
c/d must be a convergent of the continued fraction for a/b.
Section 12.4 1. 3. 5. 7.
[2; 1, 1, 1, 4] b. [3; 3, 6] c. [4; 1, 3, 1, 8] d. [6; 1, 5, 1, 12] f. [9; 1, 2, 3, 1, 1, 5, 1, 8, 1, 5, 1, 1, 3, 2, 1, 18] a. [2; 2] b. [1; 2, 2, 2, 1, 12, 1] c. [O; 1, 1, 2, 3, 10, 3] a.
(23+,J29)/10 a. ,JIO b. ,JU a.
b. c.
(-1+3J5)/2
./26
d
•
c.
e.
[7; 1, 2, 7, 2, 1, 14]
(8+.J82)/6
./37
We have a0= Jd2
- 1, a0=d - 1, P0=0, Q0=1, Pi=(d - 1)(1) - 0=d - 1, Qi= 2 2 ((d - 1) - (d - 1) )/1=2d - 2, ai=(d - 1 + Jd2 - 1)/(2(d - 1))=1/2+ 1/2J(d+1)/(d - 1), ai=1, P =1(2d - 2) - (d - 1)=d - 1, Q1 =(d2 - 1 - (d 2 1)2)/(2d - 2)=1, a2=(d - 1 + Jd2 - 1)/1, a =2d - 2, P3=2(d - 1)(1) - (d - 1)= 2 d - 1=PI> Q3=((d2 - 1) - (d - 1)2)/1=2d - 2=QI> so a=[d - 1; 1, 2(d - 1)]. b. We have a0=Jd2 - d, a0= [ Jd2 - d]=d - 1, because (d - 1)2
a.
,,/J, has period length 2. Then ,,/J,= [a; c, 2a] from the discussion preceding Example 12.16. Then ,,/J,=[a; y] with y =[c; 2a] =[c; 2a, y]=c+ 1/(2a +(1/ y))= (2acy + c + y)/(2ay + 1). Then 2ay2 - 2acy - c=0, and because y is positive, we have y=(2ac+J(2ac)2+4(2a)c)/(4a)=(ac+J(ac)2+2ac)/(2a). Then ,,/J,=[a; y]=a+ (1/y)=a+2a/(ac+J(ac)2+2ac)=Ja2+2a/c, sod= a2+2a/c, and b=2a/c is an integral divisor of 2a. Conversely, let a=Ja2+b and bl2a, say, kb=2a. Then a0 = [Ja2+b]=a, becausea2
13. Suppose
15.
a.
no
b. yes
c.
yes
d. no
e.
yes
f. no
Answers to Odd-Numbered Exercises
706
17. Let a=( a+ ,./b)jc. Then -1/a'= -(c)/(a - ,./b) =( ca+ ,../bc!i)j(b - a2) =(A+ ./B)/C,
16, 0
19. Start with a0=/Dk+ 3k + 1(this will have the same period because it differs from /Dk by an integer) and use induction. Apply the continued fraction algorithm to show a3i =/Dk+ 3k - 2 i i 3k- +2/(2 3k- ), i =1, 2, . .. , k, but a3k+3i =/Dk+ 3k - 2/(2 3i), i =1, 2, . . . , k- 1, and a6k =/Dk+ 3k +1 = a0• Because ai f. a0 for i <6k, we see that the period is 6k. ·
·
·
Section 12.5 1. Note that 192 - 22 =(19 - 2)(19+ 2) = 0(mod 119). Then (19 - 2, 119) =(17, 119) =17 and
(19+2, 119) = (21, 119) =7 are factors of 119. 3. 3119. 4261
5. We have 172 = 289 = 3(mod 143) and 192 = 361=3 52 (mod 143). Combining these, we have ·
3252 (mod 143). Hence,
3232 = 152(mod 143). It follows that 3232 - 152 =(323 (17 19)2 = 15)( 323+15)= 0(mod 143). This produces the two factors ( 323- 15, 143) = ( 308, 143) =11 and ( 323+15, 143) = (338, 143) =13of143. ·
7. 3001 4001 ·
Section 13.1 1.
( 3, 4, 5), (5, 12, 13), (15, 8, 17), (7, 24, 25), (21, 20, 29), ( 35, 12, 37) b. those in part(a) (6, 8, 10), (9, 12, 15), (12, 16, 20), (15, 20, 25), (18, 24 , 30), (21, 28, 35), (24, 32, 40), (10, 24 , 26), (15, 36, 39), ( 30, 16, 34)
a.
and
2
3. By Lemma 13.1 , 5 divides at most one of x, y, and z. If 5 J x or y, then x = ±1(mod5) and 2
y = ±1(mod5). Then z2 = 0, 2, z2 = 0(mod 5), whence 51 z.
or
-2(mod 5). But ±2 is not a quadratic residue modulo 5, so
5. Let k be an integer 2: 3. If k =2n+1, let m = n+1. Then m and n have opposite parity, m
> n m and n define the desired triple. If k has an odd divisor d > 1, then use the construction above for d and multiply the result by k/d. If k has no odd divisors, then k=2i for some integer j > 1. Let m =2i-l and n=1. Then k =2mn, m > n, and m and n have opposite parity, so m and n define the desired triple.
and
m2 - n2 =2n+ 1 =k,
so
7. Substituting y = x +1 into the Pythagorean equation gives us 2x2+2x+1 = z2, which is
2z2 =-1 where m =2x+1. Dividing by z2 yields m2/z2- 2 =-1/z2. Note that m/z 2: 1, 1/z2 =2- m2/z2 = (../2+ m/z)(../2- m/z)<2(../2- m/z). So by Theorem 12.18, m/z must be a convergent of the continued fraction expansion of ../2. Further, by the proof of Theorem 12.13 , it must be one of the even-subscripted convergents. Therefore, each solution is given by the recurrence mn+l = 3mn+ 2zn, Zn+i =2mn + 3mn. (See, e.g., Theorem 13.11.) Substituting x back in yields the recurrences of Exercise 6. equivalent to m2-
9. See Exercise 15 with p = 3. 11. (9, 12, 15), (35, 12, 37), (5, 12, 13), (12, 16, 20) 13. x =2m, y =m2 - 1, z =m2+ 1, m
>
1
15. primitive solutions given by x = ( m2 - pn2)/2, y =mn, z =( m2+ pn2 )/2 where m
>
...[Pn
Answers to Odd-Numbered Exercises
707
fn = ln+2 - ln+l and ln+3 = ln+2 + ln+l into Unln+3)2 + (2fn+dn+2)2 yields Un+ - !n+1)2Un+ +fn+i)2+4J;+i1;+ =u;+ - 1;+1)2+4J;+il;+ =1:+ 2 2 2 2 2 2 21;+i1;+ +1:+1+4J;+i1;+ =ln\ +21;+11;+ +1:+1=u;+ +1;+1)2, proving the 2 2 2 2 2
17. Substituting
result.
19. the point (1,
0) and all points (r,s) with r = (t2 - 1)/(t2 + 1) ands= -2t/(t2 + 1), with t
rational
21. the point (1, -1) and all points (r, s) with r =(t2
- t - 1)/(t2+1) ands= (1- 2t)/(t2+1)
with t rational
23. the point(-1, 1) and all points(r,s) withr = (1 - t2)/(1+t+t2) ands=
(t2+2t)/(t2+t+1)
with t rational
y are rational numbers such that x2 +y2= 3. Then there exists integers p, q, and r such that x=p/ r and y=q/ r, where we assume without loss of generality that x and y have 2 equal denominators. Then we have p2+q2=3r . Further, without loss of generality, we may assume p, q and r are not all even, because we could divide the equation by 4 and have another solution. First suppose r is odd. Then r 2 = 1(mod4) so p2+q2 = 3(mod 4). Because a square modulo 4 must be congruent to either 0 or 1, there are no solutions to this last congruence. Now suppose r is even. Then r 2 = 0(mod 4), so that p2 +q2 = 0(mod 4). The only solutions to this congruence requires that p and q are both even, which contradicts our assumption that p, q and r are not all even. Therefore, there are no rational points on the circle x2 + y2= 3.
25. Suppose x and
(0, 0, 1) and all points (r,s, t) where r = -2u/(u2 +v2 - 1),s= -2v/(u2 +v2 - 1) 2 2 and t=(u +v2 +1)/(u +v2 - 1) with u and v rational
27. the point
Section 13.2 1. Assume without loss of generality that x
y2)yn-2=z2yn-2
3.
<
z2zn-2=Zn.
<
y. Then xn+yn=x2xn-2+y2yn-2
<
(x2+
If p Ix, y, or z, then certainly p Ixyz. If not, then by Fermat's Little Theorem, xP-l = yP-l = zP-l = 1(mod p). Hence, 1+1= 1(mod p), which is impossible. b. We knowaP =a(mod p) for every integer a. Then xP +yP = zP(mod p) implies x+y = z(mod p), sop Ix+ y - z.
a.
y be the lengths of the legs and let z be the hypotenuse. Then x2+y2=z2. If the 2 area is a perfect square, we have A= �xy=r . Then, if x=m2- n2, and y=2 mn, we have 2 2 2 r 2=mn(m2- n2). All of these factors are relatively prime, som=a , n=b , andm - n2=c2, 4 4 say. Then, a - b =c2, which contradicts Exercise 4.
S. Let x and
7. We use the method of infinite descent. Assume there is a nonzero solution where Ix I is minimal.
y)= 1. Also x and z cannot both be even, because then y would be odd and then z2 = 8 (mod 1 8), but 8 is not a quadratic residue modulo 16. Therefore, x and z are both 4 odd, because 8y is even. From here it is easy to check that (x, z)= 1. We may also assume (by negating if necessary) that x = 1(mod4) and z = 3(mod4). Clearly, x2 > lz l . We have 8y4=x4- z2=(x2 - z)(x2+z). Because z = 3(mod 4), we have x2 - z = 2 (mod 4), so 2 2 m= (x - z)/2 is odd, and n=(x +z)/4 is an integer. Because no odd prime can divide both m 4 4 4 and n, we have (m, n) = 1, m, n > 0 and mn= y , whence m= r and n=s , with(r, s)= 1. So 2 4 4 now r +2s =m+2n=x . This implies(x, r )=1, because no odd prime divides r and x but not 4 4 2 s, and r and x are both odd. Also, lxl > r 2 > 0. Now consider2s = (x2 - r )= (x - r )(x+r 2). Thens must be even because a difference of squares is not congruent to 2(mod 4), sos= 2t and 4 2 3 2t =(x- r )(x+r2). Recalling x = 1(mod4) and r is odd, we have U =(x+r2)/2 is odd and V= (x - r2)/16 is an integer. Again (U, V)= 1 and UV= t4, but we don't know the sign of 4 4 4 4 x. So U=± u and V= ±v , depending on the sign of x. Now r 2= ±(u - 8v ). But because u is odd, we can rule out the case with the minus sign(or else r 2 = 7(mod 8)). Therefore, we must Then (x,
708
Answers to Odd-Numbered Exercises have the plus sign (hence, x is positive), and we have u4 - 8v4=r2. Finally, Iv I Ix+ r21
>
0. So we haven't reduced to a trivial case.Then u4= U
<
Ix+r21/ 2
>
<
0 because
x, so lul
<
x,
and so Ix I was not minimal.This contradiction shows that there are no nontrivial solutions.
9. Suppose that x=a/b, where a and b are relatively prime and bf= 0. Then y2 =(a4+ b4)jb4, from which we deduce that y=z/b2 from some integer z. Then z2 =a4+ b4, which has no nonzero solutions by Theorem 13.3.Because bf= 0, it follows that zf= 0. Therefore, a=0, and hence x=0, and consequently y=± 1.These are the only solutions.
11. If x were even, the y2=x3 + 23= 3 (mod4), which is impossible, so x must be odd, making y even, say, y = 2v. If x= 3 (mod4), then y2= 33 + 23= 2 (mod4), which is also impossible, so x= 1 (mod4). Add 4 to both sides of the equation to get y2+4 =4v2+ 4 = x3 + 27 = (x+3)(x2 - 3x+9).Then z=x2 - 3x+9= 1 - 3+9= 3 (mod4), so a prime must divide z. Then 4v2+4= 0 (mod
p= 3 (mod4) p) or v2= -1 (mod p). But this shows that a prime
congruent to 3 modulo4 has-1 as a quadratic residue, which contradicts Theorem 11.5.Therefore, the equation has no solutions.
13. This follows from Exercise4 and Theorem 1 3.2. 15. Assume that n ·
·
·
J xyz, and (x, y, z)=1. Now (-x)n= yn+zn=(y+z)(yn-l - yn-2z+
+ zn-1), and these factors are relatively prime, so they are nth powers, say, y + z =an,
+zn-l=an, whence x= aa. Similarly, z+x=bn, and (zn-l and yn-l - yn-2z+ zn-2x + ...+ xn-1) =fr, -y = bf3, x + y =en, and (xn-1 - xn-2y + ...+ yn-1) =yn, ·
·
·
and -z=ey. Because xn + yn + zn= 0 (mod
p), we have p I xyz, say, p I x. Then yn = p). Also, 2x= bn+en+ (-a)n = 0 (mod p), so by the condition on p, we have p I abe. If p I b, then y =-bf3= 0 (mod p), but then p I x and y, a contradiction.Similarly, p cannot divide e. Therefore, p I a, so y= -z (mod p), and so an= (yn-1 - yn-2z+ ...+zn-l)= nyn-l= nyn (mod p). Let g be the inverse of y (mod p); then (agr = n (mod p), which contradicts the condition that there is no solution town= n (mod p). (xn-l - xn-2y+
·
·
·
+ yn-l)= yn-l (mod
17. 3,4, 5,6 19. If m :=::: 3, then modulo 8 we have 3n= -1 (mod 8), which is impossible, so m =1 or 2.If m =1, then 3n = 2 - 1 =1, which implies that n =0, which is not a positive integer, so we have no solutions in this case. If m = 2, then 3n = 22- 1 =3, which implies that
n
=1, and this is the
only solution.
21. a.Substituting the expressions into the left-hand side of the equation yields a2+ b2+ (3ab- e)2 = a2+b2+9a2b2 -6abe+e2=(a2+b2+e2)+9a2b2 -6abe.Because (a, b, e) is a solution to Markoff's equation, we substitute a2+ b2+ e2 =3abe to get the last expression equal to 3abe+9a2b2-6abe =9a2b2- 3abe =3ab(3ab- e), which is the right-hand side ofMarkoff's equation evaluated at these expressions.
b. Case 1: If x= y=z, then Markoff's equation
becomes 3x2 =3xyz, so that 1 = yz.Then y =z =1 and then x =1, so the only solution in this case is (1, 1, 1). Case 2: If x= yf= z, then 2x2+z2=3x2z, which implies that x21z2 or xlz, say dx=z. Then 2x2+ d2x2 =3dx3 or 2+ d2 =3dx or 2 =d(3x - d).So dl 2, but because xf= z, we must have d= 2. Then 3x - d=1, so that x=1= y and z= 2, so the only solution in this case is (1, 1, 2). Case 3: Assume x
<
formula to get 2z=3xy ± 1)+4y2(x2 - 1) 3xy -
>
y
<
z. From z2- 3xyz+ x2+ y2+ z2, we apply the quadratic
J9x2y2 -4(x2+y2). Note that 8x2y2 -4x2 -4y2=4x2(y2 -
0, so in the "minus" case of the quadratic formula, we have 2z
J9x2y2- 8x2y2 =3xy - xy = 2xy,
that xy
<
or z
<
xy. But 3xyz = x2+ y2+ z2
<
<
3z2, so
z, a contradiction; therefore, we must have the "plus" case in the quadratic formula and
2z =3xy+
J9x2y2 -4(x2+ y2)
>
3xy, so that z
>
3xy - z.This last expression is the formula
Answers to Odd-Numbered Exercises
23.
709
for the generation of z in part (a). Therefore, by successive use of the formula in part (a), we will reduce the value of x + y + z until it is one of the solutions in case 1 or case 2. Let E > 0 be given then the abc conjecture gives us max(lal, lbl, lei)� K(E)rad(abc)l+E for integers (a, b) = 1 and a+ b =c. Set M =log K(E)/ log 2+(3+3E). Suppose x, y, z, a, b, c are positive integers with (x, y) 1 and xa + yb cz, so that we have a solution to Beal's equation. Assume min(a, b, c) > M. From the abc conjecture, and because rad(xaybyc) =rad(xyz), we have max(xa, yb, ye)�K(E)rad(xyz)l+E�(xyz)l+E. If max(x, y, z) x, then we would have xa� K(E)x3(1+E). Taking log's of both sides yields a�log K(E)/ log x+(3+ 3E) < log K(E)/ log 2 + (3 + 3E) M, a contradiction. Similarly if the maximum is y or z. Therefore, if the abc conjecture is true, there are no solutions to the Beal conjecture for sufficiently large exponents. =
=
=
=
Section 13.3 1. 3. 5.
7.
a.
1 92 + 4 2
b.
232 + 1 12
c.
372 + 92
1 372 + 92 d. 212 +72 e. 1 332 +632 d.
52 +32 b. 92+32 c. 102 +02 f. 4482 + 3522 c. 32 + 12 + 12 a. 12 + 12 + 12 b. 82 +52 + 12 d. 32 + 32+02 e. not possible f. not possible Let n x2 + y2 + z2 4m(8k + 7). If m 0, then see Exercise 6. If m 2: 1, then n is even, so none or two of x, y, z are odd. If two are odd, x2 + y2 + z2 2 or 6 (mod 8), but then 4 Jn, a contradiction, so all of x, y, z are even. Then 4m-1(8k + 7) (I )2 + (�)2 + (�)2 is the sum of three squares. Repeat until m=0 and use Exercise 6 to get a contradiction. c. 142+42+ 12+52 a. la2 + 12 +02 +22 b. 222+42 +12 +32 d. 562+ 122+ 1 72+ 12 a.
=
=
=
=
=
9. 11.
Let m n - 169. Then mis the sum of four squares: m x2 + y2 + z2 + w2. If, say, x, y, z are 0, then n =w2+ 169 =w2+ 102+82 +22+ 12. If, say, x, y are 0, then n =z2 + w2 + 169 = z2 + w2 + 122 + 4 2 + 32. If, say, x is 0, thenn y2 + z2 + w2 + 169 y2 + z2 + w2 + 122 + 52. If none are 0, then n =x2 + y2 + z2 + w2 + 132. If k is odd, then 2k is not the sum of four positive squares. Suppose k 2: 3, and 2k = x2 + y2 + z2 + w2. Then either none, two, or four of the squares are odd. Modulo 8, we have 0 x2+ y2+z2+ w2, and because an odd square is congruent to 1 modulo 8, the only possibility is to have x, y, z, w all even. But then we can divide by 4 to get 2k-2 (!)2 + (�)2 + (�)2 + ('!-)2. Either k - 2 2: 3 and we can repeat the argument, or k - 2 = 1, in which case we have two equal to the sum of four positive squares, a contradiction. If p 2 the theorem is obvious. Else, p 4k + 1, whence - 1 is a quadratic residue modulo p, say, a2 -1 (mod p). Let x and y be as in Thue's lemma. Then x2 < p and y2 < p and -x2 (ax)2 y2 (mod p). Thus, p I x2 + y2 < 2p; therefore, p x2 + y2 as desired. The left sum runs over every pair of integers i < j, for 1 � i < j � 4, so there are six terms. Each integer subscript 1, 2, 3, and 4 appears in exactly three pairs, so =
=
=
13.
=
=
=
15.
=
=
=
=
17.
=
=
L [(xi+ xj)4 +(xi - xj)4] = L l�i
=
19.
(2xi + l2x1x] +2xJ)
l�i
t
k=l
6xt +
L l�i
l2x1x] =6
(t ) k=l
xi
2
If mis positive, then m=L:=l x;, for some xk's. Then 6m=6 L:=lXf =L:=16xi- Each term of the last sum is the sum of 12 fourth powers by Exercise 18. Therefore, 6m is the sum of 48 fourth powers.
Answers to Odd-Numbered Exercises
710
21.
23.
For n=1, 2, ... ,50, n =I:7 14. For n=51,52, ..., 81, n - 48=n - 3(24)=I:7-48 14, so n=24 + 24 + 24 + I:7-48 14 is the sum of (n - 45) fourth powers, and n=45 � 36 � 50.This result, coupled with the result from Exercise 20, shows that all positive integers can be written as the sum of50 or fewer fourth powers. That is, g(4) � 50. The only quartic residues modulo 16 are 0 and 1. Therefore, the sum of fewer than 15 fourth powers must have a least nonnegative residue between 0 and 14 (mod 16), which excludes any integer congruent to 15 (mod 16).
Section 13.4 1.
a.
3.
a.
5. 7. 9. 11. 13.
(±2, 0), (±1, ±1)
b.
none
c.
(±1,±2)
yes b. no c. yes d. yes e. yes f. no (73, 12), (10657, 1752), (1555849, 255780) (6239765965720528801, 798920165762330040)
Reduce modulo p to get x2 -1(mod p). Because -1 is a quadratic nonresidue modulo p if p =4k + 3, there is no solution. Let p1=0, p1=3, Pk=2Pk-l + 2k_ , q0=1, q1=1, and qk=2qk-l + qk_2.Then the legs are 2 x=Pi+ 2pkq + k and y =2pkqk + 2qf. =
Suppose there is a solution (x, y). Then x must be odd. Note that (x2 + 1)2=x4 + 2x2 + 1= 2y2 + 2x2 and (x2 - 1)2=x4 - 2x2 + 1=2y2 - 2x2.Multiplying these two equations together yields (x4 - 1)2=4(y4 - x4), or because x4 1(mod4), ((x4 - 1)/2)2 =y4 -x4. This contradicts Exercise 4 in Section 13.2. =
Section 13.5 1.
Let (x, y, z) be a primitive Pythagorean triple. Then there exist relatively prime integers m and n of opposite parity such thatx=m2 - n2, y=2mn and z=m2 + n2.Then the area of the triangle is xy/2=(m2 - n2)2nm/2=mn(m2 - n2) which is even because one of m and n must be even.
3.
14,330,390,210
5.
15 b. 21 c. 210 d. 5 Let n be any positive integer and consider the Pythagorean triangle with sides 3n,4n, and Sn.The area of this triangle is (3n)(4n)/2=6n2.Therefore, 6n2 is a congruent number for every positive integer n.
7.
9.
11.
a.
J
Consider the right triangle with legs oflength ,J2.The length ofthe hypotenuse is ,J22 + ,J22= 2, so if we assume that ,J2 is rational, this is a rational triangle. We compute its area to be (1/2),J2,J2= 1. This implies that 1 is a congruent number, which is false. Therefore, ,J2 must be irrational. Let n be a congruent number and suppose n =2k2 where k is an integer. Assume n is a congruent number. Then Theorem 13.16 tells us that n must be the common difference of a progression of three squares. Specifically, there are integers r, s, and t such that t2 - s2=n and s2 - r2 =n. Then t2 =s2 + n and r2 =s2 - n. Multiplying these last two equations yields (rt)2=s4 - n2=s4 -4k4. Let z=rt, x=s, and y= k. Then the equation becomes x4 - 4y4 =z2• Suppose that the equation has solutions in the positive integers. By the well ordering property, there is a solution (x, y, z) having the smallest value for x. Rewriting the equation as z2 + (2y2)2=(x2)2 shows that (z, 2y2, x2) is a Pythagorean triple. Check that this triple must be primitive. Then there exist relatively prime integers u and v of opposite parity such that z=u2 - v2, 2y2=2uv, and x2=u2 + v2. Then y2=uv and (u, v)=1, sou=a2 and
Answers to Odd-Numbered Exercises 2
v =b
711
4 4 2 for some integers a and b. Then x =a +b , which has no nonzero solutions according
to Theorem 1 3.3. Therefore, n can not be congruent.
13.
Because 1 is not a congruent number, Theorem 13.16 says that it cannot be the common 2 difference of an arithmetic progression of three squares. b. Because 8=2 2 and 2 is not a
a.
congruent number, we know that 8 is not a congruent number. By Theorem 13.16, 8 cannot be the common difference of an arithmetic progression of three squares. c. By Theorem 1 3.15, 2 25=5 cannot be the area of a rational right triangle and therefore cannot be a congruent number. Then by Theorem 1 3.16, 25 cannot be the common difference of an arithmetic progression of 2 three squares. d. If 48=4 3 were the common difference of an arithmetic progression of three squares, then it would be a congruent number by Theorem 1 3.16. By definition, it would be the area of a rational right triangle. But then we could divide the lengths of the sides of the triangle by
4 and we would have a rational right triangle of area 3, which implies that 3 would be a congruent number, contrary to Exercise 1 2.
15. r= 337 /1 20 17. (12, 7/2, 25/2) 19.
2 2 2 2 r be the common difference of the arithmetic progression. Then a =b - r and c =b +r. 2 2 2 2 2 2 2 2 2 2 Then (a/b) +(c/b) =(a +c )/b =((b - r)+(b +r))/b = 2b /b = 2. Therefore, 2 2 2 2 (a/b, c/b) is a rational point on x + y = 2. b. Because x +y =2 =1+1, we have 2 2 2 2 2 2 2 y - 1 =1 - x . Multiply through by t to get (ty) - t =t - (tx) , which shows that 2 2 2 (tx) , t , (ty) is an arithmetic progression. a. Let
21. (x, y)=(1 1 2/9, 980/27) 2 2 23. If there is a rational point on the elliptic curve y =x3 - 2 x, then by Theorem 1 3.18, 2 would be a congruent number, a contradiction.
25. (1 1 894/1 443, 26760/3367, 1 1 5658/10101) 27. P3 =(16689/2704, -1074861/1 40608) and the triangle is (761 30/10101, 321 1 2/3367, 1 12768/10101) 2 2 2 2 2 29. (1151/140) , (1201/1 40) , (1249/1 40) and (4319999/2639802) , (7776485/2639802) , 2 (101 13607/2639802)
31.
2 2 2 The solutions to 1=2x + y + 32z are x = z =0, y =±1, so A1=2. The solutions to 2 2 2 1=2x + y +8z are x =z=0, y=±1, so B1=2. Because A1 f= Bif2, we conclude that 1 is 2 2 2 not a congruent number by Tunnell's theorem. b. The solutions to 10= 8x + 2y + 64z 2 2 2 are (±1, ±1, 0), so C10 = 4. The solutions to 10 = 8x + 2y + 16z are (±1, ±1, 0), so
a.
D10= 4. Because C10 f= D10/2, we conclude that 10 is not a congruent number by Tunnell's 2 2 2 theorem. c. The solutions to 17 =2x + y + 32z are (±2, ±3, 0), so A17 =4. The solutions 2 2 2 to 17 =2x + y + 8z are (±2, ±3, 0), (±2, ±1, ±1), and (0, ±3, ±1), so B11=16. Because A17 f= B17/2, we conclude that 17 is not a congruent number by Tunnell's theorem. 2 2 2 33. The solutions to 41=2x +y +32z are (±4, ±3, 0), (±2, ±1, ±1), and (0, ±3, ±1), so 2 2 2 A41=16. The solutions to 41=2x + y + 8z are (±4, ±3, 0), (±4, ±1, ±1), (±2, ±5, ±1), (±2, ±1, ±2), and (0, ±3, ±2) so B41=32. Because A41= B4if2 we conclude that 41 is a congruent number by Tunnell's theorem.
35. For the case n
= 5 or 7 (mod 8), we note that n is odd and reduce the left sides of the first two 2 2 equations in Tunnell's theorem modulo 8. Both expressions become 2x +y (mod 8). Because a
square must be congruent to 0, 1, or 4 (mod 8), the right side of the congruence must be congruent to 0, 1, 2, 3, 4, or 6, and none of these are 5 or 7 (mod 8). Therefore An=0=Bn/2. By Tunnell's theorem, n must be a congruent number. For the case n
= 6 (mod 8), we note that n is even and 2 reduce the last two equations in Tunnell's theorem modulo 8. Both equations reduce to 6 = n = 2 y 2 (mod 8). Because n is even, we may divide by 2 to get 3 = n/2 = y (mod 4). Because 3 is not a
Answers to Odd-Numbered Exercises
712
quadratic residue modulo 4, there are no solutions to either equation. Therefore, Cn= 0= Dn/2. By Tunnell's theorem,
n must be a congruent number.
37. First suppose n :=:::: 2. Let r =2n/(n - 2) and s= (n - 2)/4. Check that (2, r - l/r, r + l/r)
s - 1/s, s+ 1/s) satisfy the Pythagorean theorem, so these triples represent right triangles. Because n is an integer, we see that the sides of both triangles are have rational and (2,
lengths. If we glue these triangles together along the side of length 2, then we have a triangle with sides (r+ 1/2,
s+ l/ s, r - l/r + s - l/s). Note that the common side of length 2 is now an altitude of the new triangle. Therefore, the area of the triangle is ( l/2)2(r - 1/r + s - 1/ s) = 2n/(n - 2)- (n - 2)/2n+ (n - 2)/4 - 4/(n - 2)= (2n - 4)/(n - 2)+ (n2 - 4n+ 4)/4n= 2+ (n2- 4n+ 4)/4n= (n2+ 4n+ 4)/4n= (n+ 2)2/4n, which is rational, making this aHeron triangle. If we multiply all the sides by the rational number 2n/(n+ 2), then the area will by multiplied by its square, yielding ((n+ 2)2/4n)(4n2/(n+ 2)2)= n for the final area. If n= 1 or 2, then we perform the above construction to get a Heron triangle of area 4 or 8, respectively, and then divide all sides by 2, which will divide the area by 4, yielding a Heron triangle of area 1 or 2, respectively.
39.
a.
Suppose
n is a t-congruent number. Then there exist rational numbers a, b, and c satisfying
(2t)/(t2+ 1) and c2= a2+ b2- 2ab (t2 - l)/(t2+ 1). Note that the first equation implies n/t= ab / (t2+ 1). We seek to show that the point (c2/ 4, (ca2- cb2)/ 8) is a point on the curve. First note that x- n/t= c2 / 4- n/t = (a2+ b2- 2ab (t2 - l)/(t2+ 1))/4ab/ (t2+ 1)= (a2+ b2 - 2ab)/4 = (a - b)2/4. Then note that x+ nt= c2 / 4+ nt= (a2+ 2 2 2 2 b - 2ab(t2 - l)/(t + 1))/4+ 2abt2 /(t2+ 1)= (a2+ b + 2ab)/4 =(a+ b) /4. Then 2 2 2 2 2 2 2 x(x - n/ t)(x+ nt) = (c / 4)((a- b ) / 4)((a+ b) )/4 = (( ca - cb )/ 8) = y , so this is a
2n= ab
rational point on the curve. Note that y =j:. 0 unless a= b. If a= b, then the defining equations 2a2- 2a2 t2 - l)/(t2+ 1)= c2, and n/t= a2 t2+ 1). Solve the first equation to get
become
(
/(
t2+ 1= (2a/c )2 and use this in the second equation to get n/t= (c /a)2, so both t2+ 1 and n/ t are rational squares. Conversely, suppose (x, y) is a rational point on the curve with y =j:. 0. 2 Substitute the values a= nlx( l + t2)/(yt)I , b = l(x - n/ t)(x+ nt)/y l , and c = l(x + n2 )/y l into the defining equations to see that n is a t-congruent number. If n/t and t2+ 1 are nonzero rational squares, then substitute c=2 ,./llli and a= c= ..jn (t2+ 1)/ t into the defining equations to see that n is a t-congruent number. b. For the given values, x(x- n /t)(x + nt) = -6(-6 - 12/(4/3))(-6+ 12(4/3))= -6(-6 - 9)(-6+ 16) = 6(15)(10)= 900= 302= y2• 2 c. Part (b) shows that, for n = 12 and t = 4/3, the curve y = x(x- n / t ) (x + nt) has a rational point, (-6, 30) with y =j:. 0. Therefore, 12 is a 4/3-congruent number. Then using the formulas from 2 2 part (a), we have a= 1((-6) + 12 )/301= 6, b= 1(-6 - 12/(4/3))(-6+ 12(4/3))/301=5,
c = 121 - 6((4/3+ 1/(4/3))/301=5. Check that the triangle with sides 6, 5, and 5 has area equal to 12. d. Given a positive integer n, Exercise 37 tells us there exists a Heron triangle (x, y, z) of area n. Then from Exercise 38, if the angle between x and y is (), then sin () =2t/(t2+ 1) and cos() = (t2 - 1)/(t2+ 1) for some rational t. The law of cosines tells us that z2= x2+ y2 - 2xy cos()= x2+ y2- 2xy(t2 - l)/(t2+ 1). Because the area is n= xy sin(0)/2 =xy(2t/(t2+ 1), we see that n is a t-congruent number. and
Section 14.1 1.
a.
5+ l 5 i
b. 46 - 9 i
3.
a.
yes
5.
( 4a - 3b)+ (4b+ 3a) i where a and b are rational integers (see the Student Solutions Manual for
b. yes
c.
no
c.
-26 - 18i
d. yes
the display of such integers).
7. Because a 1,8 and ,81 y, there exist Gaussian integers µ and v such that µa = ,8 and v,8 = y. Because the product of Gaussian integers is a Gaussian integer, v µ is also a Gaussian integer. It follows that a I y.
Answers to Odd-Numbered Exercises
713
9. Note that xs= x if and only if xs - x= x(x - l)(x+l)(x - i)(x+i)= 0. The solutions of this equation are with
0, 1, -1, i, and -i. These are the four Gaussian integers that are units, together
0.
11. Because al,8 and ,Bia, there exist Gaussian integersµ, and v such that aµ=,8 and ,Bv =a. Then
a= aµv. Ta1cing norms of both sides yields N(a)= N(aµv)= N(a)N(µv) by Theorem 14.1. So that N(µ)N(v)= 1. Becauseµ, and v are Gaussian integers, their norms must be nonnegative rational integers. Therefore, N(µ)= N(v)= 1, and so µ, and v are units, and hence, a and ,8 are associates.
13. The pair a=1+2i, ,8=2+i is a counterexample. 15. We show that such an associate exists. If a
> 0 and b� 0, then the desired inequalities are met. 0 and b > 0, then we multiply by -i to get -ia= b - ai= c+di which has c > 0 and d� 0. If a< 0 and b::::: 0, then we multiply by -1 to get -a= -a - bi=c+di, which has c > 0 and d� 0. If a� 0 and b< 0 then we multiply by i to get ia= -b+ai= c+di, which has c > 0 and d� 0. (We have covered the quadrants in the plane in counterclockwise order.) Having found the associate c+di in the first quadrant, we observe that it is unique, because if we multiply by any unit other than one, we get, respectively, -c - di, which has -c< 0, -d+ci, which has -d ::::: 0, or d - ci, which has -c< 0. 17. a. y= 3 - 5i, p= -3i, N (p)= 32+02= 9< N(,8)= 32+32= 18 b. y= 5 - i, p= -1 - 2i, 2 2 N (p) = 5< N(,8) = 25 c. y = -1+8i, p = -5 - 3i, N (p) = 5 +3 = 34< N(,8) = 112+22=125
If a::=::
19.
a.
y= 2 - 5i, p= 3
b. y= 4- i, p= 2+2i
c.
y= -1+7i., p= -3+8i
21. 1, 2, and 4 23. If a and bare both even, then the Gaussian integer is divisible by 2. Because (1+i)(l - i) =2,
1+i is a divisor of 2, which is in turn a divisor of a+bi. If a and b are both odd, we may write a+bi= (1+i)+(a - 1)+(b - l)i, and a - 1 and b - 1 are both even. Because both of theses Gaussian integers are multiples of 1+i, so is their sum. If a is odd and b is even, then a - 1+bi is a multiple of 1+i and hence (a+bi) - (a - 1+bi)=1 is a multiple of 1+i if a+bi is, a contradiction. A similar argument shows that if a is even and b is odd, then 1+i does not divide a+bi. then
25. ±1± 2i 27. Suppose 7 =(a+bi)(c+di) where a+bi and c+di are nonunit Gaussian integers. Ta1cing
2+b2)(c2+d2). Because a+bi and c+di are not units, we 2 2 have that the factors on the right are not equal to 1, so we must have a +b = 7, a contradiction, because 7 is not the sum of two squares. norms of both sides yields 49=(a
29. Because a in neither a unit nor a prime, it has factors a= ,By with ,8 and y nonunits, so that 1< N(,8) and 1 < N(y). Then N(a)= N(,B)N(y). If N(,8) > JN(a), then N(y)= N(a)/N(,8)< N(a)/JN(a)=JN(a). Consequently, either ,8 or y divides a and has norm not exceeding JN(a).
31. The Gaussian primes with norm less than 100 are 3, 7, 1+i, 2+i, 4+i, 6+i, 3+2i, 5+2i,
7+2i, 8+3i, 5+4i, 9+4i, 6+5i, and 8+5i, together with their conjugates and associates. 33.
a - a=0= 0 ·µ,so µla - a. Thus, a= a (modµ,). b. Because a= ,8 (modµ,), µla - ,8, so there exists a Gaussian integer y such that µy =a - ,8. But then µ(-y) = ,8 - a, so µ1,8 - a. Therefore, ,8= a (modµ,). c. Because a= ,8 (modµ,) and ,8= y (modµ,), there exist Gaussian integers 8 and E such that µ8= a - ,8 and µE= ,8 - y. Then a - y=a - ,8+,8 - y = µ8+µE =µ(8+E). Therefore a= y (modµ,). a. Note that
we have
35. Let a=a1+ibi. ,8 =a2+ib2, and p =(a1+b1)(a2+b2). Then the real part of a,8 is given by the two multiplications R= a1a2
- b1b2, and the imaginary part is given by p - R, which requires
Answers to Odd-Numbered Exercises
714
only one more multiplication. The second way in the hint goes as follows. Let
mi= b2(ai+bi),
m2= a2(ai - bi), and m3= bi(a2 - b2). These are the three multiplications. Then the real part m2+m3, and the imaginary part by mi+m3.
of a{J is given by
37.
a.
i, 1+i, 1+2i, 2+ 3i, 3+5i, 5+ 8i
of the Fibonacci sequence, we have
b. Using the definition of Gk and the properties Gk= fk+ifk+i= (fk_i+fk 2)+(fk+ fk_i)i=
Uk-i+ fki)+ Uk-2+fk_ii)= Gk-i+Gk-2·
-
39. We proceed by induction. For the basis step, note that G2Gi - G3G0= (1+2i)(l+i) (2+3i)(i) = 2+ i, so the basis step holds. Now assume the identity holds for values less n. We compute, using the identity in Exercise 37, Gn+2Gn+i - Gn+3Gn= (Gn+i+ Gn)Gn+l - (Gn+2+Gn+i)Gn= G; +l - Gn+2Gn= G; +l - (Gn+l+Gn)Gn= G; +l - G; n i Gn+lGn= (Gn+l+Gn)(Gn+i - Gn) - Gn+iGn= Gn+2Gn-i - Gn+iGn= -(-l) - (2+ n i)= (-l) (2+i), which completes the induction step.
than
41. Because the coefficients of the polynomial are real, the other root is r
si, and over the complex
2 2 - 2rz+r2+s . The 2 2 2 z-coefficients, a= 2r and b= r +s2, are integers. Then r= a/2 and s = (4b - a )/4, which 2 2 shows thats= c/2 for some integer c. Multiplying by 4, we have a +c = 0 (mod 4), which can be true only if both a and c are even; hence, r ands are integers and r+si is a Gaussian integer. -
numbers the polynomial must factor as (z - (r+si))(z - (r -si))= z
43. Let fJ= 1 + 2i so that N(/J) = 5. From the proof of the Division algorithm, we have for a Gaussian integer a that there exist Gaussian integers y and p such that a= y fJ+p with
N(p):::; N(/J)/2= 5/2. Therefore, the only possible remainders upon division by 1+2i are
0, 1, i, 1+i and their associates. Furthermore, we can always replace a remainder of 1+i with
a remainder of-1 because a= {Jy +(1+ i) = /J(y +1)+(1 +i)- (1+2i) = /J(y +1)- i. So we may take the entire set of remainders to be 0, 1, -1, i and -i. Consider dividing each of
ni. .. . , n4 by /J. If any two left the same remainder p, then fJ divides the difference between the two primes. But all these differences are either 2 or ±1 ± i, which are not the Gaussian primes
divisible by fJ. Further, since these are all prime, none of the remainders are 0. Therefore, the
a+bi by fJ and let the remainder ni. .. . , n4 leaves the same remainder upon division by /J, say nk. Then fJ divides nk - (a+bi) which is a unit, a contradiction. Therefore, p = 0. Therefore, 1+2i divides a+bi.A similar argument shows that 1- 2i also divides a+bi.Therefore, the product of these primes (1- 2i)(1+2i)= 5 also divides a+bi, and hence each of the components. Now suppose that b= 0. Then a± 1 are prime and by Exercise 23, a± 1 are odd. Therefore, one of them, say a+1, is a prime congruent to 1 modulo 2 2 4.By Theorem 1 3.5, there exist integers x, and y such that a+1 = x +y = (x+yi)(x- yi). Because a+1 is prime, one of x ± yi is a unit, which implies that one of x or y is zero, which in turn implies that a+1 is a square. So in any case, one of a± 1 is not a Gaussian prime. Therefore, b f:. 0. Similarly, if we apply Exercise 26, we see that a f:. 0. remainders are exactly the set 1,-1, i, and-i. Now divide
be p. If p is not zero, then it is one of 1, -1, i, or -i. But then one of
45. Taking norms of the equation a{J y = 1 shows that all three numbers must be units in the Gaussian integers, which restricts our choices to 1,-1, i, and-i. Choosing three of these in the equation a+fJ+y = 1, we have the possible solutions, up to permutation, (1, 1,-1), (1, i,-i), but only the second solution works in the first equation, leaving (1, i, -i) as the only solution.
Section 14.2 1. Certainly llni and lln . Suppose 81ni and 81n2. Because ni and n2 are Gaussian primes, 8 must 2 be either a unit or an associate of the primes. But because ni and n2 are not associates, then they
8 is a unit and so 811.Therefore, 1 satisfies the definition ni and n2.
can not have an associate in common, so
of a greatest common divisor for
Answers to Odd-Numbered Exercises
715
3. Because y is a greatest common divisor of a and {3, we have yla and ylf3, so there exist Gaussian
v such thatµ,y =a and vy = {3. So thatµ,y =µ, Y=a and vy = v y = {3; so that y is a common divisor of a and f3. Further, if 81 a and 81f3, then 81 a and 81f3, and so 81 y by the integersµ,and
·
-
definition of greatest common divisor. But then
·
-
81Y and 8=8, which shows that y is a greatest
common divisor for a and f3.
5. Let Ey, where Eis a unit, be an associate of y. Because y Ia, there is a Gaussian integerµ,such thatµ,y=a. Because Eis a unit, 1/Eis also a Gaussian integer. Then (1/E)µ,(Ey)=a, so Eyla. Similarly, EY lf3. If 81a and
81{3, then 81y by definition of greatest common divisor, so there exists a Gaussian integer v such that v8 = y. Then Ev8 =Ey, and because Ev is a Gaussian integer, we have 81Ey, so Ey satisfies the definition of a greatest common divisor. 7. Take (3 - 2i) and (3 + 2i), for example. 9. Because a and b are relatively prime rational integers, there exist rational integers m and n such
am + bn = 1. Let 8 be a greatest common divisor of the Gaussian integers a and b . Then 8 divides am + bn = 1. Therefore, 8 is a unit in the Gaussian integers and hence a and b are that
relatively prime Gaussian integers.
11.
a.
We have 44 + 18i= (12 - 16i)(l+2i)+ IOi; 12 - 16i= (lOi)(-2 - i)+ (2 +4i);
IOi= (2 +4i)(2 +i)+0. The last nonzero remainder, 2 +4i, is a greatest common divisor.
b. By part (a), 2 + 4i = (12 - 16i) - (lOi)(-2 - i) = (12 - 16i) - ((44 + 18i) - (12 -
16i)(l+2i))(-2 - i)= (2 +i)(44 +18i)+ (1+(1+2i)(-2 - i))(l2 - 16i)= (2 +i)(44 + 18i) + (1 - 5i)(l2 - 16i). Takeµ,=2 + i and
v = 1 - Si.
13. We proceed by induction. We have G0 = i and G 1 = 1 + i. Because G0 is a unit, these are relatively
Gk l are relatively prime. 81Gk+l· Then 81(Gk+l - Gk)= (Gk+ Gk-l - Gk)= Gk-1' so 8 is a common divisor of Gk and Gk-1' which are relatively prime. Hence, 1 is a greatest common divisor of Gk+1 and Gk. prime and this completes the basis step. Assume we know that Gk and Suppose 81Gk and
k 2 .Dividing f3= Po by a=p1 in the first k l step of the Euclidean algorithm gives us f3 = y2a + p2 with N(p2) < N(a) < 2 - .The next step kof the Euclidean algorithm gives us a= y3p2 +p3 with N(p3) < N(p2) < 2 2.Continuing with k k l the algorithm shows us that N (pk ) < 2 -( - ) = 2, so that the Euclidean algorithm must terminate
15. Letk be the smallest rational integer such that N(a)
<
in no more thank= [log2 N(a)] + 1 steps. And thus we havek= O(Iog2(N(a)).
17.
a.
(-1)(1 - 2i)(l - 4i)
b. 3 - 13i= (-1)(1 + i)(5 + 8i)
c.
(-1)(1 + i)4(7)
d. i(1+i)8(1+2i)2(1 - 2i)2 19.
a.
48
b. 120
c.
1792
d. 25 92
21. Assume n and a + bi are relatively prime. Then there exist Gaussian integers µ,and v such that µ,n + v (a +bi)= 1. If we take conjugates of both sides and recall that the conjugate of a rational integer is itself, we have µ,n +v(a - bi)= 1, so n is also relatively prime to a - bi. Because a - bi is an associate of b + ai (multiply by i), we have the result. The converse is true by symmetry.
23. Suppose that rri. rr2, ... , Jl'k are all of the Gaussian primes and form the Gaussian integer
· Jl'k + 1. From Theorem 14.10, we know that Q has a unique factorization into Gaussian primes, and hence is divisible by some Gaussian prime p. Then p IQ and p lrr1rr2 Jl'b
Q =rr1rr2
·
·
·
·
·
so p divides their difference, which is 1, a contradiction, unless p is a prime different from rri. rr2,
25. -2i
..., Jl'b proving that we did not have all the Gaussian primes.
Answers to Odd-Numbered Exercises
716
27. Because a andµ are relatively prime, there existGaussian integerscr and r such that era+rµ=
{3, we get f3aa +{Jrµ= {3, so that we know a(f3a) f3 (modµ) and f3a (modµ) is the solution. a. x 5- 4i (mod 13) b. x 1- 2i (mod 4+i) c. x 3i (mod 2+3i) Chinese Remainder The orem for Gaussian Integers. Let µi. µ2, , µr be pairwise relatively prime Gaussian integers, and let ai. a 2, , ar be Gaussian integers. Then the system of congruences x ai (mod µi), i = 1, ... , r has a unique solution modulo M =µ1µ2 µr. Proof" To construct a solution, for each k= 1, ... , r, let Mk= M/µk. Then Mk and µk If we multiply through by thus x
29. 31.
1.
=
=
=
=
=
.
•
•
•
.
•
=
•
•
•
are relatively prime, because µk is relatively prime to all of the factors of Mk. Then from Exercise 24, we know Mk has an inverse ).,k modulo µk> so that Mk)..k x= a1 M1A1
+
=
1 (modµk).
Now let
+arMr)..r· We will show x is the solution to the system. f. k, we have ajMj)..k 0 (modµk) whenever j f. k. Therefore, akMk)..k (modµk) Also, because )..k is an inverse for Mk moduloµk> we have x ak (modµk) ·
·
·
Becauseµkl Mj whenever j
x
=
=
=
for every k, as desired. Now suppose there is another solution
y to the system. Then x = ak = y (modµk), and so
µkl(x - y) for every k. Because theµk are pairwise relatively prime, no Gaussian prime appears in more than one of their prime factorizations. Therefore, if a Gaussian prime power TCe I (x
then it divides exactly one of the µk's. Therefore, the product M and so x
33. x 35. 37.
=
=
- y), of the µk's also divides x- y,
y (mod M ), showing that x is unique modulo M.
9 +23i (mod 26+7i)
{O, 1, i, 1+i} c. {O, 1, 2, 2i, -1- i, -i, 1- i, -1+i, i, 1+i, -2i, -2, -1} Leta= a+bi andd= gcd(a, b).We assert that the setS= {p +qilO::::; p < N(a)/d, 0::::; q < d} a.
{O, 1}
b.
is a complete residue system. Note that this represents a rectangle of lattice points in the plane.
a. First, N(a)/d= a(ii/d) is a real number and a multiple of a. Second, there exist rational integers r ands such that ra+ sb= d.So we have the multiple of a given by v = (s +ir)a = (s + ir)(a+bi)= (as - br)+di. Now it is clear that any Gaussian integer is congruent modulo a to an integer in the rectangle S, because first we can add or subtract multiples of v until the imaginary part is between 0 and d - 1 and then add and subtract multiples of N(a)/d until the real part is between 0 and N(a)/d - 1. It remains to show the elements of S are incongruent to each other modulo a. Suppose f3 and y are in S and congruent to each other modulo a. Then the imaginary part of f3 - y must be divisible by d, but because these must lie in the interval from 0 to d- 1, they must be equal. Therefore, the difference between f3 and y is real and divisibly by a, hence by a and hence by aa/d= N(a)/d, which proves they are equal. Because S has N(a) elements, we are done. c. {i, 2 - i, -2+ i, -i, 1, 1+ a. {i, -i, 1, -1} b. {i, -i, 1, 1+2i, 2+i, 2 - i, -1, -1 +2i} 2i, -1- 2i, -1} By the properties of the norm function and Exercise 37, we know that there are N(TCe)= N(TCY residue classes modulo TCe. Let TC= r + si, and d= gcd(r, s). Also, by Exercise 37, a complete residue system modulo TCe is given by the rectangle S= {p +qi 10::::; p < N(TCe)/d, 0::::; q < d}, while a complete residue system modulo TC is given by the rectangle T= {p + qilO::::; p < N(TC)jd, 0::::; q < d}. Note that in T there is exactly one element not relatively prime to TC, and that there are N(TC)e-l copies of T, congruent modulo TC, inside of S. Therefore, there are exactly 1 1 N(TC y- elements in S not relatively prime to TC. Thus, there are N(TC)e - N(TC y- elements in a reduced residue system modulo TCe. a. First note that because r + s H is a root of a monic polynomial with integer coefficient, the other root must be r - sH and the polynomial is (x - (r +sH))(x - (r - sH))= x2- 2rx+(r2 + 5s2)= x2- ax+ b, where a and b are rational integers. Then r = a/2 and 5 s 2= (4b - a2)/4, so that s= c/2 for some integer c. (Note that 5 cannot appear in
We create two multiples of
39. 41.
43.
Answers to Odd-Numbered Exercises the denominator of s, or else when we square it, the single factor of
5
717
in the expression
leaves a remaining factor in the denominator, which does not appear on the right side of the equation.) Substituting these expressions for
r
ands, we have
(a/2)2+5(c/2)2=b2,
4, a2+ 5c2 = 4b2 0 (mod 4), which has solutions only when c are even. Therefore, r and s are rational integers. b. Let a = a+ bH and f3 =c+dH. Then a + f3 =(a +c)+(b+d)H and a - f3 =(a - c)+(b - d)H, and af3 =(ac - 5bd) +(ad+ bc)H. Because the rational integers are closed under addition, subtraction, and multiplication, all of the results are again of the form p +q H with p and q rational integers. c. yes, no d. Let a= a+ bH and f3 = c+ dH. Then N(a)N(f3) = (a2+ 5b2)(c2+ 5d2)= a2c2+ 5a2d2+ 5b2c2+ 25b2d2. On the other hand, af3 = (ac - 5bd)+(ad+bc)H and N((ac - 5bd)+(ad+bc)H)=(ac - 5bd)2+5(ad+ bc)2= a2c2 - lOacbd+ 25b2d2+ 5(a2d2+ 2adbc+ b2c2)= a2c2+ 5a2d2+ 5b2c2+ 25b2d2, which is equal to the expression above, proving the assertion. e. If E is a unit in Z[ H], then there exists an 'fJ such that E'f/ =1. From part (d), we have N(E'f/) =N(E)N(rJ) =N(l)=1, so N(E) = 1. Suppose E = a+ bH, then N(E) = a2+ 5b2= 1, which shows that b= 0, and hence a2=1, so that we know a=±1. Therefore, the only units are 1 and -1. f. If an integer a in Z[Hl is not a unit and not prime, then it must have two non-unit divisors f3 and y such that 2 N(f3)N(y) =N(a). To see that 2 is prime, note that a divisor f3 =a+bH has norma +5b2, while N(2) = 4, which forces b= 0. If f3 is not a unit, then a = ±2, but then this forces y to be a unit; hence 2 is prime. To see that 3 is prime, we seek divisors of N(3)=9 among a2+5b2. We see that b can be only 0 or ±1, or else the norm is too large. And if b= ±1, then the only possible divisor is 9 itself, forcing the other divisor to be a unit. If b = 0, then a = ±3, and hence 3 is prime. To see that 1 ± H is prime, note that its norm is 6. A divisor a+bi can have b take on the values 0 and ±1, else the norm is too large. If b = 0, then a216 a contradiction, so b=±1. But then (a2+5)16, forcing a=±1. But N(±l ± H)=6, so the other divisor is a unit, and so 1 ± ../5 is also prime. Note then that 2 3= 6 and (1 - H)(1+ H)= 6, so that we do not have unique factorization into primes in Z[H]. g. Suppose y and p exist. Note first that (7 - 2H)/(1+ H)= -1/2 - 3/2H, so pf= 0. Let y =a+ bH and p =c+dH. Then from 7 - 2 H=(1+H)(a+bH)+(c+dH)=(a 5b+c)+(a+b+d)H, we get 7=a - 5b+c and -2 =a+b+d. If we subtract the second equation from the first, we have 9 = -6b+ c - d or c - d = 6b+ 9. Therefore, 31c - d, and because pf= 0, c - df= 0, so le - di 2:: 3. We consider N(p) =c2+5d2. If d = 0, then N(p) 2:: c2 2:: 32 > 6. If d= ±1, then lcl 2:: 2 and N(p) = c2+ 5d2 2:: 4+ 5 > 6. If Id I 2:: 2, then N(p) 2:: 5d2 2:: 5 2 2= 20 > 6, so in every case the norm of p is greater than 6. So no such y and p exist, and there is no analog for the division algorithm in Z[H]. h. Suppose µ= a+ bH and v= c+ dH is a solution to the equation. Then 3(a+bH)+(1+H)(c+dH)=(3a+c - 5d)+(3b+c+d)H=1. So we must have 3a + c - 5d= 1 and 3b+ c+ d= 0. If we subtract the second equation from the first, we get 3a - 3b - 6d=1, which implies that 311, an absurdity. Therefore, no such solution exists. or upon multiplication by
a
=
and
·
·
Section 14.3 1.
a.
8
b. 8
c.
0
d.
16
3. We first check that a greatest common divisor 8 of a and f3 divides y, otherwise no solution exists. If a solution exists, we use the Euclidean algorithm and back substitution to express 8 as a linear combination of a and f3: aµ+f3v=8. Because 8 divides y, there is a Gaussian integer 'f} such that 8'f}= y. If we multiply the last equation by 'f}, we have aµ'f}+ f3vrJ = 8'f}= y, so we may take
x0 =
µ'f} and Yo= V'f/ as a solution. The set of all solutions is given by
y =Yo - a r:/8, where
r
ranges over the Gaussian integers.
x = x0
+{Jr/8,
Answers to Odd-Numbered Exercises
718
5.
a.
no solutions
b. no solutions
7. Let a =a+bi. Then N(a) =a2+ b2= p, and by Theorem 14.5, we know that a and Ci are
=c+di, then y and y are Gaussian primes. By Theorem 14.10, a must be an associate of y or y. So a must equal one of the following: ±c ± di, ±d ± ci, and in any of these cases we must have a= ±c and b= ±d or a= ±d and b= ±c. Squaring these Gaussian primes. Similarly, if y
equations gives the result.
9. Supposex, y, z is a primitive Pythagorean triple with y even, so that x and z are necessarily odd.
z2= x2+ y2= (x+iy)(x - iy) in the Gaussian integers. If a rational prime p divides y, which contradicts the fact that the triple is primitive. Therefore, the only Gaussian primes that divide x+ iy are of the form m+in with n -=f. 0. Also, if 1+ i Ix+iy, then we have the conjugate relationship 1-i Ix - iy, which implies that 2=( 1 - i)( 1+i) divides z2, which is odd, a contradiction. Therefore, we conclude that 1+i does not divide x+ iy, and hence neither does 2. Suppose 8 is a common divisor ofx+iy and x - iy. Then 8 divides the sum 2x and the difference 2iy. Because we know that 2 is not a common factor, 8 must divide both x and y, which we know are relatively prime. Hence, 8 is a unit and x+iy and x - iy are also relatively prime. Then we know that every prime that divides x+ iy is of the form rr =u + iv, and so rr =u - iv divides x - iy. Because their product equals a square, each factor is a square. Thus,x+iy =(m+ in)2 and x - iy =(m - in)2 for some Gaussian integer m+in and its conjugate. But thenx+iy=m2 - n2+2mni, sox=m2 - n2 and y= 2mn. And z2 =(m+ ni)2(m - ni)2 =(m2+ n2)2, so z =m2+ n2. Further, if m and n were both odd or both even, we would have z even, a contradiction, so we may conclude that m and n have opposite parity. Finally, having found m and n that work, if m < n, then we can multiply by i and reverse their roles to get m > n. The converse is exactly as in Section 13.1. Then
x+ iy, then it must divide both x and
11. By Lemma 14.3, there is a unique rational prime p such that rr IP· Let a =a+bi and consider 3 cases.
1: If p= 2, then rr is an associate of 1+i and N(rr) - 1= 1. Since there are only two congruence classes modulo 1+ i and since a and 1+ i are relatively prime, we have aN(rr)-l =a=1 (mod 1+i). Case 2: If p = 3 (mod 4), then rr and p are associates and N(rr) - 1=p2-1. Also (-i)P= -i. By the binomial theorem, we have aP =(a+ bi)P =aP + (bi)P = -ibP =a - bi=a Case
2
=a (mod p), so that aP =aP =a (mod p), l and since p = rr and a and rr are relatively prime, we have aN(rr)- = 1 (mod p). Case 3: If p = 1 (mod 4), then rrrr= p, iP = i, and N(rr) - 1= p-1. By the Binomial theorem, we have aP =(a+ bi)P =aP + (bi)P =a+bi=a (mod p), using Fermat's little l l theorem. Cancelling an a gives us aP- = 1 (mod p), and because rrlp, we have aN(rr)- = 1 (mod p), using Fermat's little theorem. Similarly,aP
(mod rr), which concludes the proof.
13. Let rr be a Gaussian prime. If a2 = 1 (mod rr), then rrla2 -1= (a -l)(a + 1), so that either
a = 1 or a =-1 (mod rr). Therefore, only 1 and -1 can be their own inverses modulo rr. Now let a1=1, a , , ar-1' ar =-1 be a reduced residue system modulo rr. For each ako 2 k= 2, 3, . , r - 1, there is a multiplicative inverse modulo rr a� such that aka� = 1 (mod rr). If .
.
•
.
.
we group all such pairs in the reduced residue system together, then the product is easy to evaluate:
ala2
·
·
·
ar = l(a2a; )(a3a� ) · · · (ar_1)(a;_1)(-1)=-1 (mod rr), which proves the theorem.
Appendix A 1.
a(b+ c)=(b+c)a = ba+ca= ab+ac b. (a+ b)2=(a+b)(a+ b) = a(a+ b)+ b(a+b) =a2+ab+ba+b2 =a2+2ab+b2 c. a+(b+c) =a+(c+b) =(a+c)+b = (c+a)+b d. (b - a)+(c - b)+(a - c)=(-a+b)+(-b+c)+(-c+a)=-a+(b b)+ (c - c)+a a.
Answers to Odd-Numbered Exercises
719
3. By the definition of the inverse of an element,
0+ ( -0)= 0. But because 0 is an identity element, we have 0 + (-0) -0. It follows that -0 0. Let x be a positive integer. Because x x - 0 is positive, x > 0. Now let x > 0. Then x - 0 x =
5.
=
=
=
is positive.
7. We have
a - c= a+ (-b + b) - c= (a - b) + (b - c), which is positive from our hypothesis
and the closure of the positive integers.
9. Suppose that there are positive integers less than
1. By the well-ordering property, there is a least such integer, say, a. Because a < 1 and a > 0, Example A.2 shows that a2= aa < la= a. Because a2 > 0, it follows that a2 is a positive integer less than a, which is a contradiction.
AppendixB 1.
(1g0) 100!/(0!100!) 1. b. We have (5�) 50!/(1!49!) 50. c. We have (23°) 20!/(3!17!) 1140. d. We have (�1) 11!/(5!6!) 462. e. We have (1�) 10!/(7!3!) 120. f. We have Gg) 70!/(70!0!) 1. a. a5 + 5a4b + 10a3b2 + 10a2b3 + 5ab4 + b5 b. x10 + 10x9y + 45x8y2 + 120x7y3 + 210x6y4 + 252x5y5 +210x4y6 +120x3y7 + 45x2y8 + 10xy9 + y10 c. m1 - 7m6n + 21m5n2 - 35m4n3+ 35m3n4 - 21m2n5 + 7mn6 - n7 d. 16a4 + 96a3b + 216a2b2 + 216ab3 + 81b4 e. 243x5 - 1620x4y + 4320x3y2 - 5760x2y3 + 3840xy4 - 1024y5 f. 390625x8 + 4375000x7 + 21437500x6 + 60025000x5 + 105043750x4 + 117649000x3 + 82354300x2 + 32941720x +5764801 On the one hand, (1 +(-l))n on 0. On the other hand, by the binomial theorem, L�=O(-l)k(�) (1 + (-l))n. (;) (�) = n!j(r!(n - r)!) · r!/(k!(r - k)!)= n!(n - k)!/(k!(n - k)!(n - r)!(n - k - n + r)!)= (�) (:=�) We fix rand proceed by induction on n. It is easy to check the cases when n =rand n= r + 1. Suppose the identity holds for all values from r ton - 1. Then consider the sum (�) + ( � 1) + ·· · + (�) = (�=D + ( C) + C�1) ) + ( ( �1) + (��D) +··· + ( (n� l) + (�=D) . where we have used (�) = (�=D and Pascal's identity. Regrouping this sum gives us ( (�=D + C� ) + · · · + (�::::D) + 1 1 1 ( (�) + ( � ) + · · · + e� )) . By our induction hypothesis, these two sums are equal to c: ) + (�!D (�!D. which concludes the induction step. 1 Using Exercise 10, (�) + ( �J = x!j(n!(x - n)!) + x!/((n + l)!(x - n - 1)!)= (x!(n + n - n))/((n +l)!(x - n)!) (x!(x - n +n +l))/((n + l)!(x l))/((n + l)!(x - n)!) + (x!(x n)!)= (x + 1)!/((n + l)!(x - n)!)= (�!D· Let S be a set of n copies of x + y. Consider the coefficient of xkyn -k in the expansion of (x + y) Choosing the x from each element of a k-element subset of S, we notice that the coefficient of xkyn-k is the number of k-element subsets of S, (�). By counting elements with exactly 0, 1, 2, and 3 properties, we see that only elements with 0 properties are counted in n - [n(P ) + n(P ) + n(P3)] + [n(Pi. P ) + n(Pi. P3) + n(P , P3)] 2 2 2 1 [n(Pi. P2, P3)], and those only once. x! where k1 + k2+···+ km= n and a= ' �'·· ,. A term of the sum is of the form axk1 xk kk k 1 2 56133000000 a.
=
We have
=
=
=
=
3.
5.
=
=
=
=
=
=
=
=
=
=
7. 9.
7
7
7
=
11.
=
13.
15.
17. 19.
n.
2
•
•
•
m
1· 2·
m·
This page intentionally left blank
Bibliography
Printed resources in this bibliography include comprehensive books on number theory, as well as books and articles covering particular topics or applications. In particular , some of these references focus on factorization and primality testing , the history of number theory, or cryptography. To learn more about number theory, you may want to consult other number theory textooks such as [AdGo76], [An94], [Ar70], [Ba69], [Be66], [Bo07], [BoSh66], [BulO], [Da99], [Di05], [Du08], [Er Su03], [Fl89], [Gi70], [Go98], [Gr82], [Gu80], [HaW r08], [Hu82], [lr Ro95], [Ki74], [La58], [Le90], [Le96], [Le02], [Lo95], [Ma-], [Na81], [NiZu Mo91], [Or67], [O r88], [PeBy70], [Ra77], [Re96a], [Ro77], [Sh85], [Sh83], [Sh67], [Si87], [Si64], [Si 70], [St 78], [St64], [UsHe39], [VaOl], [V i54], and [W r39]. Additional information on number theory, including the latest discoveries , can be found on Web sites. Appendix D lists some top number theory and cryptography Web sites. A comprehensive set of links to relevant Web sites can be found on the Web site for this book www .pearsonhighered.com/rosen.
[AdGo76]
W.W. Adams and L.J. Goldstein, Introduction to Number Theory, Prentice Hall, Englewood Cliffs, New Jersey, 1976.
[Ad79]
L.M. Adleman, "A subexponential algorithm for the discrete logarithm problem with applications to cryptography," Proceedings of the 20th Annual Symposium on the Foundations of Computer Science, 1979, 55-60.
[AdPoRu83]
L.M. Adleman, C. Pomerance, and R.S. Rumely, "On distinguishing prime num bers from composite numbers," Annals of Mathematics, Volume 117 (1983).
[AgKaSa02]
M.A. Agrawal, N. Kayal, N. Saxena, " PRIMES is in P," Department of Computer Science & Engineering, Indian Institute of Technology, Kanpur, India, August 6, 2002.
[AiZilO]
M. Aigner and G.M. Ziegler, Proofs from THE BOOK, 4th ed., Springer-Verlag, Berlin, 2010.
[A1Wi03]
S. Alaca and K. Williams, Introductory Algebraic Number Theory, Cambridge University Press, 2003.
[AlGrPo94]
W.R. Alford, A. Granville, and C. Pomerance,
"There are infinitely many
Carmichael Numbers," Annals of Mathematics, Volume 140 (1994), 703-722. [An98]
G.E. Andrews, The Theory of Partitions, Cambridge University Press, Cambridge, UK, 1976
[An94]
G.E. Andrews, Number Theory, Dover, New York, 1994.
721
722
Bibliography
[AnEr04]
G.E. Andrews and K. Ericksson, Integer Partitions, Cambridge University Press, Cambridge, U.K., 2004.
[Ap76]
T.A. Apostol, Introduction to Analytic Number Theory, Springer-Verlag, New York, 1976.
[Ar70]
R.G. Archibald, An Introduction to the Theory of Numbers, Merrill, Columbus, Ohio, 1970.
[BaSh96]
E. Bach and J. Shallit, Algorithmic Number Theory, MIT P ress, Cambridge, Mas sachusetts, 1996.
[Ba94]
P. Bachmann, Die Analytische Zahlentheorie, Teubner, Leipzig, Germany, 1894.
[Ba03]
E.J. Barbeau, Pell's Equation, Springer-Verlag, New York, 2003.
[Ba69]
I.A. Barnett, Elements of Number Theory, P rindle, Weber, and Schmidt, Boston, 1969.
[Be66]
A.H. Beiler, Recreations in the Theory of Numbers, 2nd ed., Dover, New York, 1966.
[BePi82]
H. Beker and F. Piper, Cipher Systems, Wiley, New York, 1982.
[Be65]
E.T. Bell, Men of Mathematics, Simon & Schuster, New York, 1965.
[Bl82]
M. Blum, "Coin-flipping by telephone-a protocol for solving impossible prob lems," IEEE Proceedings, Spring Compcon 82, 133-137.
[Bo07]
E.D. Bolker, Elementary Number Theory, Dover, New York, 2007.
[Bo99]
D. Boneh, "Twenty years of attacks on the RSA cryptosy stem," American Mathe
matical Society Notices, Volumn 46 (1999), 203-213. [Bo82]
B. Bosworth, Codes, Ciphers, and Computers, Hayden, Rochelle Park, New Jersey, 1982.
[Bo91]
C.B. Boyer, A History of Mathematics, 2nd ed., Wiley, New York, 1991.
[BoSh66]
Z.I. Borevich and l.R. Shafarevich, Number Theory, Academic P ress, New York, 1966.
[Br91]
R.P. Brent, "Improved techniques for lower bounds for odd perfect numbers,"
Mathematics of Computation, Volume 57 (1991), 857-868. [BrOO]
R.P. Brent, "Recent progress and prospects for integer factorization algorithms,"
Proc. COCOON 2000, LNCS 1858, pages 3-22, Springer-Verlag, 2000. [BrCote93]
R.P. Brent, G.L. Cohen, and H.J.J. te Riele, "Improved techniques for lower bounds for odd perfect numbers," Mathematics of Computation, Volume 61 (1993), 857868.
[Br89]
D.M. Bressoud, Factorization and Primality Testing, Springer-Verlag, New York, 1989.
[BrWaOO]
D. Bressoud and S. Wagon, A Course in Computational Number Theory, Key College Publishing, Emer yville, California, 2000.
[Br81]
J. Brill hart, "Fermat's factoring method and its variants," Congressus Numeran
tium, Volume 32 (1981), 29--48. [Br88]
J. Brillhart, D.H. Lehmer, J.L. Selfridge, B. Tuckerman, S.S. Wagstaff, Jr., Fac
torizations of bn ± 1, b
=
2, 3, 5, 6, 7, 10, 11, 12 up to high powers, revised ed.,
American Mathematical Society, Providence, Rhode Island, 1988. [BulO]
D.M. Burton, Elementary Number Theory, 7th ed., McGraw-Hill, New York, 2010.
[Bu02]
D.M. Burton, The History ofMathematics, 5th ed., McGraw-Hill, New York, 2002.
Bibliography
[Ca59]
723
R.D. Carmichael, The Theory of Numbers and Diophantine Analysis, Dover, New York, 1959 (reprint of the original 1914 and 1915 editions).
[Ch06]
J. Chahal, "Congruent numbers and elliptic curve," American Mathematical Monthly, Volume 113 (2006), 308-317.
[Ch83]
D. Chaum, ed., Advances inCryptology-Proceedings ofCrypto 83, Plenum, New York, 1984.
[ChRiSh83]
D. Chaum, R.L. Rivest, A.T. Sherman, eds., Advances inCryptology-Proceedings ofCrypto 82, Plenum, New York, 1983.
[Ch98]
V. Chandrashekar, "The congruent number problem," Resonance, Volume 8 (1998), 33-45.
[Ci88]
B. Cipra, "PCs factor a 'most wanted' number," Science, Volume 242 (1988), 16341635.
[Ci90] [Co87]
B. Cipra, "Big number breakdown," Science, Volume 248 (1990), 1608. G.L. Cohen, "On the largest component of an odd perfect number," Journal of the Australian Mathematical Society, (A), Volume 42 (1987), 280-286.
[CoWe91]
W.N. Colquitt and L. Welsh, Jr., "A new Mersenne prime," Mathematics of Com putation, Volume 56 (1991), 867-870.
[Co08]
K. Conrad, "The congruent number problem," Harvard College Mathematics Re view, Volume 2 (2008), No. 2, 58-74.
[CoGu96]
R.H. Conway and R.K. Guy, The Book of Numbers, Copernicus Books, New York, 1996.
[Co97]
D. Coppersmith, "Small solutions to polynomial equations, and low exponent RSA vulnerabilities," Journals ofCryptology, Volume 10 (1997), 233-260.
[CoLeRiStlO] T.H. Carmen, C.E. Leierson, R.L. Rivest, C. Stein, Introduction to Algorithms, 3rd ed., MIT Press, Cambridge, Massachusetts, 2010. [CoSiSt97]
G. Cornell, J.H. Silverman, and G. Stevens, Modular Forms and Fermat's Last Theorem, Springer-Verlag, New York, 1997.
[Cr94]
R.E. Crandall, Projects in Scientific Computation, Springer-Verlag, New York, 1994.
[CrPo05]
R. Crandall and C. Pomerance, Prime Numbers, AComputational Perspective, 2nd ed., Springer-Verlag, New York, 2005.
[Cs07]
G.P. Csicery (director), N Is a Number: Portrait of Paul Erdos (DV D), Facets, Chicago, 2007.
[Da99]
H. Davenport, The Higher Arithmetic, 7th ed., Cambridge University Press, Cam bridge, England, 1999.
[De82]
D.E.R. Denning, Cryptography and Data Security, Addison-Wesley, Reading, Massachusetts, 1982.
[De03] [Di57]
J. Derbyshire, Prime Obsession, Joseph Henry Press, Washington, D.C., 2003. L.E. Dickson, Introduction to the Theory of Numbers, Dover, New York, 1957 (reprint of the original 1929 edition).
[Di05]
L.E. Dickson, History of the Theory of Numbers, th ree volumes, Dover, New York, 2005 (reprint of the 1919 original).
[Di70] [DiHe76]
Dictionary of Scientific Biography, Scribners, New York, 1970. W. Diffie and M. Hellman, "New directions in cry ptography," IEEE Transactions on Information Theory, Volume 22 (1976), 644-655.
724
Bibliography
[Di84]
J.D. Dixon, "Factorization and primality tests," American Mathematical Monthly, Volume 91 (1984), 333-353.
[Du08]
U. Dudley, Elementary Number Theory, 2nd ed., Dover, New York, 2008.
[Ed96]
H.M. Edwards, Fermat's Last Theorem, 5th ed., Springer-Verlag, New York, 1996.
[EdOl]
H.M. Edwards, Riemann's Zeta Function, Dover, New York, 2001.
[ErSu03]
P. Erdos and J. Suranyi, Topics in the History of Numbers, Springer-Verlag, New York, 2003.
[Ev92]
H. Eves, An Introduction to the History of Mathematics, 6th ed., Elsevier, New York, 1992.
[Ew83]
243 J. Ewing, "286
-
1 is prime," The Mathematical Intelligencer, Volume 5 (1983),
60. [F189] [Fl83]
D. Flath, Introduction to Number Theory, Wiley, New York, 1989. D.R. Floyd, "Annotated bibliographical in conventional and public key cryptogra phy," Cryptologia, Volume 7 (1983), 12-24.
[Fr56]
J.E. Freund, "Round robin mathematics," American Mathematical Monthly, Vol ume 63 (1956), 112-114.
[Fr78]
W.F. Friedman, Elements of Cryptanalysis, Aegean Park Press, Laguna Hills, California, 1978.
[Ga91]
J. Gallian, "The mathematics of identification numbers," College Mathematics Journal, Volume 22 (1991), 194-202.
[Ga92]
J. Gallian, ''Assigning drivers license numbers," Mathematics Magazine, Volume 64 (1992), 13-22.
[Ga96]
J. Gallian, "Error detection methods," ACM Computing Surveys, Volume 28 (1996), 504-517.
[GaWi88]
J. Gallian and S. Winters, "Modular arithmetic in the marketplace," American Mathematical Monthly, Volume 95 (1988), 584-551.
[Ga86]
C.F. Gauss, Disquisitiones Arithmeticae, revised English translation by W.C. Wa terhouse, Springer-Verlag, New York, 1986.
[Ge63]
M. Gerstenhaber, "The 152nd proof of the law of quadratic reciprocity," American Mathematical Monthly, Volume 70 (1963), 397-398.
[Ge82]
A. Gersho, ed., Advances in Cryptography, Department of Electrical and Computer Engineering, University of California, Santa Barbara, 1982.
[GeWaWi98]
E. Gethner, S. Wagon, and B. Wick, "A stroll through the Gaussian primes," American Mathematical Monthly, Volume 104 (1998), 216--225.
[Gi70] [Go98]
A.A. Gioia, The Theory of Numbers, Markham, Chicago, 1970. J.R. Goldman, The Queen of Mathematics: An Historically Motivated Guide to Number Theory, A.K. Peters, Wellesley, Massachusetts, 1998.
[Go80]
J. Gordon, "Use of intractable problems in cryptography," Information Privacy, Volume 2 (1980), 178-184.
[Go0h08]
T. Goto and Y. Ohno, "Odd perfect numbers have a prime factor exceeding 108," Mathematics of Computation, Volume 77 (2008), 1859-1868.
[Gr04]
A. Granville, "It is easy to determine whether a given integer is prime," Current Events in Mathematics, American Mathematical Society, 2004.
[GrTu02]
A. Granville and T.J. Tucker, "It's as easy as abc," Notices of the American Math ematical Society, Volume 49 (2002), 1224-1231.
Bibliography
[Gr82]
725
E. Grosswald, Topics from the Theory of Numbers, 2nd ed., Birkhauser, Boston, 1982.
[GrKnPa94]
R.L. Graham, D.E. Knuth, and 0. Patashnik, Concrete Mathematics, 2nd ed., Addison-Wesley, Reading, Massachusetts, 1994.
[Gu80]
H. Gupta, Selected Topics in Number Theory, Abacus Press, Kent, England, 1980.
[Gu75]
R.K. Guy, "How tofactor a number," Proceedings of the Fifth Manitoba Conference on Numerical Mathematics, Utilitas, Winnepeg, Manitoba, 1975, 49-89.
[Gu94]
R.K. Guy, Unsolved Problems in Number Theory, 2nd ed., Springer-Verlag, New York, 1994.
[Ha83]
P. Hagis, Jr., "Sketch of a proof that an odd perfect number relatively prime to 3 has at least eleven prime factors," Mathematics of Computations, Volume 46 (1983), 399-404.
[HaWr08]
G.H. Hardy and E.M. W right, An Introduction to the Theory of Numbers, 6th ed., Oxford University Press, Oxford, 2008.
[He80]
A.K. Head, "Multiplication modulo n," BIT, Volume 20(1980), 115-116.
[He79]
M.E. Hellman, "The mathematics of public-key cryptography," Scientific Ameri can, Volume 241(1979) 146-157.
[Hi31]
L.S. Hill, "Concerning certain linear transformation apparatus of cryptography," American Mathematical Monthly, Volume 38(1931), 135-154.
[Ho99]
P. Hoffman, The Man who Loved Only Numbers, Hyperion, New York, 1999.
[Hu82]
L. Hua, Introduction to Number Theory, Springer-Verlag, New York, 1982.
[Hw79]
K. Hwang, Computer Arithmetic: Principles, Architecture and Design, Wiley, New York, 1979.
[IrRo95]
K.F. Ireland and M.I. Rosen, A Classical Introduction to Modem Number Theory, 2nd ed., Springer-Verlag, New York, 1995.
[Ka96]
D. Kahn, The Codebreakers, the Story of Secret Writing, 2nd ed., Scribners, New York, 1996.
[Ka98]
V. Katz, A History of Mathematics: An Introduction, 2nd ed., Addison-Wesley, Boston, 1998.
[Ki04]
S.V. Kim, "An elementary proof of the quadratic reciprocity law," American Math ematical Monthly, Volume 111, Number 1 (2004), 45-50.
[Ki74]
A.M. Kirch, Elementary Number Theory: A Computer Approach, lntext, New York, 1974.
[KiOl]
J. Kirtland, Identification Numbers and Check Digit Schemes, Mathematical Asso ciation of America, Washington, D.C., 2001.
[Kl72]
M. Kline, Mathematical Thought from Ancient to Modem Times, Oxford Univer sity, New York, 1972.
[Kn97]
D.E. Knuth, Art of Computer Programming: Semi-Numerical Algorithms, Volume 2, 3rd ed., Addison-Wesley, Reading, Massachusetts, 1997.
[Kn97a]
D.E. Knuth, Art of Computer Programming: Sorting and Searching, Volume 3, 2nd ed., Addison-Wesley, Reading, Massachusetts, 1997.
[Ko96]
N. Koblitz, Introduction to Elliptic Curves and Modular Forms, 2nd ed., Springer Verlag, New York, 1996.
[Ko94]
N. Koblitz, A Course in Number Theory and Cryptography, 2nd ed., Springer Verlag, New York, 1994.
726
Bibliography
[Ko96a]
P. Kocher, "Timing attacks on implementations ofDiffie-Hellman, RS A, DSS, and other systems," Advances in Cryptology-CRYPTO '96, LNCS 1109, Springer Verlag, New York, 1996, 104-113.
[Ko83]
G. Kolata, "Factoring gets easier," Science, Volume 222 (1983), 999-1001.
[Ko81]
A.G. Konheim, Cryptography: A Primer, Wiley, New York, 1981.
[Kr86]
E. Kranakis, Primality and Cryptography, Wiley-Teubner, Stuttgart, Germany, 1986.
[K r79]
L.Kronsjo, Algorithms: Their Complexity and Efficiency, Wiley, New York, 1979.
[Ku76]
S. Kullback, Statistical Methods in Cryptanalysis, Aegean Park Press, Laguna Hills, California, 1976.
[La90]
J.C. Lagarias, "Pseudo-random number generators in cryptography and number theory,"pages 115-143 in Cryptology and Computational Number Theory, Volume 42 ofProceedings ofSymposia in Advanced Mathematics, American Mathematical Society, Providence, Rhode Island, 1990.
[La0d82]
J.C. Lagarias and A.M. Odlyzko, "New algorithms for computing n(x)," Bell Laboratories Technical Memorandum T M-82-11218-57.
[La58]
E. Landau, Elementary Number Theory, Chelsea, New York, 1958.
[La60]
E. Landau, Foundations ofAnalysis, 2nd ed., Chelsea, New York, 1960.
[La35]
H.P. Lawther, Jr., "An application of number theory to the splicing of telephone cables,"American Mathematical Monthly, Volume 42 (1935), 81-91.
[LePo31]
D.H. Lehmer and R.E. Powers, "On factoring large numbers," Bulletin of the American Mathematical Society, Volume 37 (1931), 770-776.
[LeOO]
F. Lemmermeyer, Reciprocity Laws I, Springer-Verlag, Berlin, 2000.
[Le79]
A. Lempel, "Cryptology in transition," Computing Surveys, Volume 11 (1979), 285-303.
[Le80]
H.W. Lenstra, Jr., "Primality testing," Studieweek Getaltheorie en Computers, 1-5 September 1980, Stichting Mathematisch Centrum, Amsterdam, Holland.
[Le90]
W.J. LeVeque, Elementary Theory of Numbers, Dover, New York, 1990.
[Le96]
W.J. LeVeque, F undamentals of Number Theory, Dover, New York, 1996.
[Le02]
W.J. LeVeque, Topics in Number Theory, Dover, New York, 2002.
[Le74]
W.J. LeVeque, editor, Reviews in Number Theory [1940-1972], and R.K. Guy, editor, Reviews in Number Theory [1973-1983], six volumes each, American Mathematical Society, Washington, D.C., 1974 and 1984, respectively.
[LiDu87]
Y. Li and S. Du, Chinese Mathematics: A Concise History, translated by J. Crossley and A. Lun, Clarendon Press, Oxford, England, 1987.
[Li73]
U. Libbrecht, Chinese Mathematics in the Thirteenth Century, The Shu-shu chiu chang of Ch'in Chiu-shao, MIT Press, 1973.
[Li79]
R.J. Lipton, "How to cheat at mental poker," and "An improved power encryption method," unpublished reports, Department of Computer Science, University of California, Berkeley, 1979.
[Lo95]
C.T. Long, Elementary Introduction to Number Theory, 3rd ed., Waveland Press, Prospect Heights, Illinois, 1995.
[Lo90]
J.H. Loxton, editor, Number Theory and Cryptography, Cambridge University Press, Cambridge, England, 1990.
Bibliography
[Ma79]
727
D.G. Malm, A Computer Laboratory Manual for Number Theory, COMPress, Wentworth,New Hampshire, 1979.
[McRa79]
J.H. McClellan and C.M. Rader, Number Theory in Digital Signal Processing, Prentice Hall,Englewood Cliffs,New Jersey,1979.
[Ma-]
G.B. Matthews, Theory of Numbers, Chelsea, New York (no publication date provided).
[Ma94]
U. Maurer,"Towards the equivalence of breaking the Diffie-Hellman protocol and computing discrete logarithms," Advances in Cryptology-CRYPTO '94, LNCS 839,1994,271-281.
[Ma95]
U. Maurer,"Fast generation of prime numbers and secure public-key cryptographic parameters," Journal of Cryptology, Volume 8 (1995),123-155.
[MaOO]
B. Mazur,"Questions about powers of numbers," Notices of the American Mathe matical Society, Volume 47 (2000),195-202.
[MevaVa97]
A.I. Menezes, P.C. van Oorschot, S.A. Vanstone,Handbook of Applied Cryptog raphy, CRC Press,Boca Raton,Florida,1997.
[Me82]
R.C. Merkle, Secrecy, Authentication, and Public Key Systems, UMI Research Press,Ann Arbor,Michigan,1982.
[MeHe78]
R.C. Merkle and M.E. Hellman, " Hiding information and signatures in trapdoor knapsacks," IEEE Transactions in Information Theory, Volume 24 (1978), 525530.
[MeMa82]
C.H. Meyer and S.M. Matyas,Cryptography: A New Dimension in Computer Data Security, Wiley,New York,1982.
[Mi76]
G.L. Miller, "Riemann's hypothesis and tests for primality," Journal of Computer and Systems Science, Volume 13 (1976),300--317.
[Mi47]
W.H. Mills,''A prime-representing function," Bulletin of the American Mathematical Society, Volume 53 (1947),604.
[Mo96]
R.A. Mollin,Quadratics, CRC Press,Boca Raton,Florida,1996.
[Mo99]
R.A. Mollin,Algebraic Number Theory, CRC Press,Boca Raton,Florida,1999.
[Mo96]
M.B. Monagan,K.O. Geddes,K.M. Heal,G. Labahn,and S.M. Vorkoetter,Maple
V Programming Guide, Springer-Verlag,New York,1996. [Mo80]
L. Monier, "Evaluation and comparison of two efficient probabilistic primality testing algorithms," Theoretical Computer Science, Volume 11 (1980),97-108.
[Mo69] [MoBr75]
L.J. Mordell,Diophantine Equations, Academic Press,New York,1969. M.A. Morrison and J. Brillhart,"A method of factoring and the factorization of F7 ," Mathematics of Computation, Volume 29 (1985),183-205.
[Na81]
T. Nagell,Introduction to Number Theory, Chelsea,New York,1981.
[Ne69]
O.E. Neugebauer,The Exact Sciences in Antiquity, Dover,New York,1969.
[NeSc99]
J. Neukirch and N. Schappacher,Algebraic Number Theory, Springer-Verlag,New York,1999.
[NiZuMo91]
I. Niven, H.S. Zuckerman, and H.L. Montgomery,An Introduction to the Theory of Numbers, 5th ed.,Wiley,New York,1991.
[Odte85]
A.M. Odlyzko and H.J.J. te Riele, "Disproof of the Mertens conjecture," Journal far die reine und angewandte Mathematik, Volume 357 (1985),138-160.
[Od90]
A.M. Odlyzko, "The rise and fall of knapsack cryptosystems," pages 75-88 in Cryptology and Computational Number Theory, Volume 42 of Proceedings of
728
Bibliography
Symposia in Applied Mathematics, American Mathematical Society,Providence, Rhode Island,1990. [Od95]
A.M. Odlyzko, "The future of integer factorization," RSA CrytoBytes, Volume 2, Number 1,1995,5-12.
[Or67]
0. Ore,An Invitation to Number Theory, Random House,New York,1967.
[Or88]
0. Ore,Number Theory and its History, Dover,New York,1988.
[PaMi88]
S.K. Park and K.W. Miller, "Random number generators: Good ones are hard to find," Communications of the ACM, Volume 31 (1988),1192-1201.
[PeBy70]
A.J. Pettofrezzo and D.R. Byrkit, Elements of Number Theory, Prentice Hall, Englewood Cliffs,New Jersey,1970.
[Pf89]
C.P. Pfleeger,Security in Computing, Prentice Hall,Englewood Cliffs,New Jersey, 1989.
[Po14]
H.C. Pocklington, "The determination of the prime or composite nature of large numbers by Fermat's theorem," Proceedings of the Cambridge Philosophical So
ciety, Volume 18 (1914/6),29-30. [PoHe78]
S. Pohlig and M. Hellman, "An improved algorithm for computing logarithms over GF(p) and its cryptographic significance," IEEE Transactions on Information
Theory, Volume 24 (1978),106-110. [Po99]
H. Pollard and H. Diamond, The Theory of Algebraic Numbers, 3rd ed., Dover, New York,1999.
[Po74]
J.M. Pollard,"Theorems on factorization and primality testing," Proceedings of the
Cambridge Philosophical Society, Volume 76 (1974),521-528. [Po75]
J.M. Pollard, "A Monte Carlo method for factorization," Nordisk Tidskrift for
Informationsbehandling (BIT), Volume 15 (1975),331-334. [Po81]
C. Pomerance, "Recent developments in primality testing," The Mathematical
Intelligencer , Volume 3 (1981),97-105. [Po82]
C. Pomerance,"The search for prime numbers," Scientific American, Volume 247 (1982), 136-147.
[Po84]
C. Pomerance, Lecture Notes on Primality Testing and Factoring, Mathematical Association of America,Washington,D.C.,1984.
[Po90]
C. Pomerance, ed., Cryptology and Computational Number Theory, American Mathematical Society,Providence,Rhode Island,1990.
[Po93]
C. Pomerance,"Carmichael numbers," Nieuw Arch. v. Wiskunde, Volume 4,number 11 (1993),199-209.
[Ra79]
M.O. Rabin, "Digitalized signatures and public-key functions as intractable as factorization," M.l.T. Laboratory for Computer Science Technical Report LCS/TR212,Cambridge, Massachusetts, 1979.
[Ra80]
M.O. Rabin, "Probabilistic algorithms for testing primality," Journal of Number
Theory, Volume 12 (1980),128-138. [Ra77]
H. Rademacher,Lectures on Elementary Number Theory, Krieger,1977.
[Re96]
D. Redfern,The Maple Handbook, Springer-Verlag,New York,1996.
[Re96a]
D. Redmond,Number Theory: An Introduction, Marcel Dekker,Inc.,New York, 1996
[Ri79]
P. Ribenboim,13 Lectures on Fermat's Last Theorem, Springer-Verlag,New York, 1979.
729
Bibliography
[Ri96]
P. Ribenboim, The New Book of Prime Number Record, Springer-Verlag, New York, 1996.
[RiOl]
P. Ribenboim, Classical Theory of Algebraic Integers, 2nd ed., Springer-Verlag, New York, 2001.
[Ri71]
F. Richman, Number Theory, An Introduction to Algebra, Brooks/Cole, Belmont, California, 1971.
[Ri59]
B. Riemann, "Uber die Anzahl der Primzahlen unter einer gegeben Grosse," Monatsberichte der Berliner Akademie, November, 1859.
[Ri85]
H. Riesel, "Modem factorization methods," BIT(1985), 205-222.
[Ri94]
H. Riesel, Prime Numbers and Computer Methods for Factorization, 2nd ed., Birkhauser, Boston, 1994.
[Ri78]
R.L. Rivest, "Remarks on a proposed cr yptanalytic attack on the M.l.T. public-key cryptosystem," Cryptologia, Volume 2 (1978), 62-65.
[RiShAd78]
R.L. Rivest, A. Shamir, and L.M. Adleman, "A method for obtaining digital sig natures and public-key cryptosystems," Communications of the ACM, Volume 21 (1978), 120-126.
[RiShAd83]
R.L. Rivest, A. Shamir, and L.M. Adleman, "Cryptographic communications sys tem and method," United States Patent #4,405,8239, issued September 20, 1983.
[Ro77]
J. Roberts, Elementary Number Theory, MIT Press, Cambridge, Massachusetts, 1977.
[Ro97]
K. Rosen et. al., Exploring Discrete Mathematics with Maple, McGraw-Hill, New York, 1997.
[Ro99a]
K.H. Rosen, Handbook of Discrete and Combinatorial Mathematics, CRC Press, Boca Raton, Florida, 1999.
[Ro07]
K.H.
Rosen,
Discrete
Mathematics
and
its
Applications,
6th
ed.,
McGraw-Hill, New York, 2007. [Ru64]
W. Rudin, Principles of Mathematical Analysis, 2nd ed., McGraw-Hill, New York, 1964.
[Ru83]
R. Rumely, "Recent advances in primality testing," Notices of the American Math ematical Society, Volume 30 (1983), 475-477.
[Sa03a]
K. Sabbagh, The Riemann Hypothesis, Farrar, Strauss, and Giroux, New York, 2003.
[SaSa07]
J. Sally and P.J. Sally, Jr., Roots to Research, AMS, Providence, Rhode Island, 2007.
[Sa90]
A. Salomaa, Public-Key Cryptography, Springer-Verlag, New York, 1990.
[Sa03b]
M. du Sautoy, The Music of the Primes, Harper Collins, New York, 2003.
[Sc0p85]
W. Scharlau and H. Opolka, From Fermat to Minkowski, Lectures on the Theory of Numbers and its Historical Development, Springer-Verlag, New York, 1985.
[Sc98] [Sc86]
B. Schechter, My Brain is Open, Simon and Schuster, New York, 1998. M.R. Schroeder, Number Theory in Science and Communication, 2nd ed., Springer Verlag, Berlin, 1986.
[SePi89]
J. Seberry and J. Pieprzyk, Cryptography: An Introduction to Computer Security, Prentice Hall, New York, 1989.
[Sh79]
A. Shamir, "How to share a secret," Communications of the ACM, Volume 22 (1979), 612-613.
730
Bibliography
[Sh83]
A. Shamir, "A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem," in Advances in Cryptology-Proceedings of Crypto 82, 279-288.
[Sh84]
A. Shamir, "A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem," IEEE Transactions on Information Theory, Volume 30 (1984), 699704. (This is an improved version of [Sh83].)
[ShRiAd81]
A. Shamir, R.L. Rivest, and L.M. Adleman, "Mental poker," The Mathematical Gardner, ed. D.A. Klarner, Wadsworth International, Belmont, California, 1981,
37-43. [Sh85]
D. Shanks, Solved and Unsolved Problems in Number Theory, 3rd ed., Chelsea, New York, 1985.
[Sh83] [Sh67]
H.S. Shapiro, Introduction to the Theory of Numbers, Wiley, New York, 1983. J.E. Shockley, Introduction to Number Theory, Holt, Rinehart, and Winston, New York, 1967.
[Si64]
W. Sierpinski, A Selection of Problems in the Theory of Numbers, Pergamon Press, New York, 1964.
[Si70]
W. Sierpinski, 250 Problems in Elementary Number Theory, Polish Scientific Publishers, Warsaw, 1970.
[Si87]
W. Sierpinski, Elementary Theory of Numbers, 2nd ed., North-Holland, Amster dam, 1987.
[Si82]
G.J. Simmons, ed., Secure Communications and Asymmetric Cryptosystems, AAAS Selected Symposium Series Volume 69, Westview Press, Boulder, Col orado, 1982.
[Si97]
S. Singh, Fermat's Enigma: The Epic Quest to Solve the World's Greatest Mathe matical Problem, Walker and Company, New York, 1997.
[Si66]
A. Sinkov, Elementary Cryptanalysis, Mathematical Association of America, Washington, D.C., 1966.
[SlP195]
N.J.A. Sloane and S. Plouffe, The Encyclopedia of Integer Sequences, Academic Press, New York, 1995.
[Sl78]
D. Slowinski, "Searching for the 27th Mersenne prime," Journal of Recreational Mathematics, Volume 11 (1978/9), 258-261.
[SoSt77]
R. Solovay and V. Strassen, "A fast Monte Carlo test for primality," SIAM Journal for Computing, Volume 6 (1977), 84-85 and erratum, Volume 7 (1978), 118.
[So86]
M.A. Soderstrand et al., editors, Residue Number System Arithmetic: Modern Applications in Digital Signal Processing, IEEE Press, New York, 1986.
[Sp82]
D.D. Spencer, Computers in Number Theory, Computer Science Press, Rockville, Maryland, 1982.
[St78]
H.M. Stark, An Introduction to Number Theory, Markham, Chicago, 1970; reprint MIT Press, Cambridge, Massachusetts, 1978.
[St64] [St05]
B.M. Stewart, The Theory of Numbers, 2nd ed., Macmillan, New York, 1964. D.R. Stinson, Cryptography, Theory and Practice, 3rd ed., Chapman & Hall/CRC, Boca Raton, Florida, 2005.
[SzTa67]
N.S. Szabo and R.J. Tanaka, Residue Arithmetic and its Applications to Computer Technology, McGraw-Hill, 1967.
[TrWa02]
W. Trappe and L. Washington, Introduction to Cryptography with Coding Theory, Prentice Hall, Upper Saddle River, New Jersey, 2002.
Bibliography
[Tu83]
731
J. Tunnell, "A classical diophantine problem and modular forms of weight 3/2," Inventiones Mathematicae, Volume 72(1983), 323-334.
[UsHe39]
J.V. Uspensky and M.A. Heaslet, Elementary Number Theory, McGraw-Hill, New York, 1939.
[Va89]
S. V ajda, Fibonacci and Lucas Numbers and the Golden Section: Theory and Applications, Ellis Horwood, Chichester, England, 1989.
[Va96]
A.J. van der Poorten, Notes on Fermat's Last Theorem, Wiley, New York, 1996.
[VaOl]
C. VandenEynden, Elementary Number Theory, McGraw-Hill, New York, 2001.
[V i54]
l.M. Vinogradov, Elements of Number Theory, Dover, New York, 1954.
[Wa86]
S. Wagon, "Primality testing," The Mathematical Intelligencer, Volume 8, Number 3(1986), 58-61.
[Wa99] [Wa86]
S. Wagon, Mathematica in Action, 2nd ed. Telos, New York, 1999. S.S. Wagstaff, "Using computers to teach number theory," SIAM News, Volume 19 (1986), 14 and 18.
[Wa90]
S.S. Wagstaff, "Some uses of microcomputers in number theory research," Com puters and Mathematics with Applications, Volume 19(1990), 53-58.
[WaSm87]
S.S. Wagstaff and J.W. Smith, "Methods of factoring large integers," in Number Theory, New York, 1984-1985, LNM, Volume 1240, Springer-Verlag, Berlin, 1987, 281-303.
[Wa08]
L. Washington, EllipticCurves: Number Theory andCryptography, 2nd ed., Chap man and Hall/CRC, Boca Raton, Florida, 2008.
[We84]
A. Weil, Number Theory: An Approach Through History From Hummurapi to Legendre, Birkhauser, Boston, 1984.
[Wi90]
M.J. Wiener, "Cryptanalysis of short RS A secret exponents," IEEE Transactions on Information Theory, Volume 36(1990), 553-558.
[Wi95]
A. Wiles, "Modular elliptic-curves and Fermat's last theorem," Annals of Mathe matics, Volume 141(1995), 443-551.
[Wi86]
H.C. Williams, ed., Advances in Cryptology-CRYPTO '85, Springer-Verlag, Berlin, 1986.
[Wi78]
H.C. Williams, "Primality testing on a computer," Ars Combinatorica, Volume 5 (1978), 127-185.
[Wi82]
H.C. Williams, "The influence of computers in the development of number theory," Computers and Mathematics with Applications, Volume 8(1982), 75-93.
[Wi84]
H.C. Williams, "An overview of factoring," inAdvances inCryptology, Proceedings ofCrypto 83, Plenum, New York, 1984, 87-102.
[Wo03]
S. Wolfram, The Mathematica Book, 5th ed., Cambridge University Press, New York, 2003.
[Wr39]
H.N. Wright, First Course in Theory of Numbers, Wiley, New York, 1939.
[Wu85]
M.C. Wunderlich, "Implementing the continued fraction algorithm on parallel machines," Mathematics ofComputation, Volume 44(1985), 251-260.
[WuKu90]
M.C.
Wunderlich
and
J.M.
Kubina,
"Extending
Waring's
conjecture
471,600,000," Mathematics ofComputation, Volume 55(1990), 815-820.
to
This page intentionally left blank
Index of Biographies
Adleman, Leonard (b. 1945), 324 Al-Khwarizmi, Abu Ja'Far Mohammed lbn Musa (c. 780--c. 850), 57 Artin, Emil (1898-1962), 358 Aryabhata (476-550), 103 Bachet de Meziriac, Claude Gaspar (1581-1638), 541 Bachmann, Paul Gustav Heinrich (1837-1920), 62 Ben Gerson, Levi (1288-1344), 538 Bertrand, Joseph Fran\:ois (1822-1900), 85 Bezout Etienne (1730-1783), 96 Bhaskara (1114-1185), 555 Brahmagupta (598-670), 139 Cantor, Georg (1845-1918), 478 Carmichael, Robert Daniel (1879-1967), 228 Catalan, Eugene (1884-1894), 539 Chebyshev, Pafnuty Lvovich (1821-1894), 80 Chen, Jing Run (1933-1996), 86 Chiu-Shao, Ch'in (1202-1261), 163 Cocks, Clifford (b. 1950), 325 Diophantus (c. 250
B.C.E.), 137
Dirichlet, G. Lejeune (1805-1859), 73 Eisenstein, Ferdinand Gotthold Max (1823-1852), 434 Eratosthenes (c. 276-194
B.C.E.), 72
Erdos, Paul (1913-1996), 82 Euclid (c. 350
B.C.E.), 102
Euler, Leonhard (1707-1783), 235 Farey, John (1766-1826), 101 Fermat, Pierre de (1601-1665), 128 Ferrers, Norman MacLeod (1829-1903), 280 Fibonacci (c. 1180--1228), 30 Gauss, Karl Friedrich ( 1777-1855), 146 Germain, Sophie (1776-1831), 531 733
734
Index of Biographies
Goldbach,Christian (1690-1764),88 Hadamard,Jacques (1865-1963),80 Hensel,Kurt (1861-1941),174 Hilbert,David (1862-1943),122 Hill,Lester S. (1891-1961). 306 Jacobi, Carl Gustav Jacob (1804-1851),443 Kaprekar,D. R. (1905-1986),53 Knuth,Donald (b. 1938),63 Kronecker,Leopold (1823-1891),452 Kummer, Ernst Eduard (1810-1893),532 LaGrange,Joseph Louis (1736-1855),218 Lame,Gabriel (1795-1870),106 Landau,Edmund (1877-1938),62 Legendre,Adrien-Marie (1752-1833),418 Lehmer,Derrick H. (1905-1991),260 Liouville,Joseph (1809-1882),248 Lucas,Fran�ois-Edouard-Anatole (1842-1891),259 Mersenne,Marin (1588-1648),258 Mobius,August Ferdinand (1790-1868),271 Pascal,Blaise (1623-1662),610 Pell,John (1611-1683),555 Pythagoras (c. 572-e. 500 B.C.E.), 522 Ramanujan,Srinivasa (1887-1920),254 Riemann,Georg Friedrich Bernhard (1826-1866),232 Rivest,Ronald (b. 1948),324 Selberg,Atle (1917-2007),81 Shamir,Adi (b. 1952),324 Sierpinski, Waclaw,384 Tao,Terrence (b. 1975),87 T hue,Axel (1863-1922),551 Ulam,Stanislaw M. (1909-1984),15 Vallee-Poussin,Charles-Jean-Gustave-Nicholas de la (1866-1962),81 Vernam,Gilbert S. (1890-1960),311 Vigenere,Blaise de (1523-1596),301 Von Neumann, John (1903-1957),394 Waring, Edward (1736-1798),549 Wiles,Andrew (b. 1953),533
Index
abc conjecture,538-540
polynomial time,75
Absolute least residues,148
Rijndael,310
Absolute pseudoprime,227
for subtraction,56-57
Absolute value function, 9
Algren,Scott,287
Absolute value of complex number,578
Aliquot parts,268
Abundant integer,267
Aliquot sequence,268
Addition,
al-Khwarizmi, Abu Ja'far Mohammed ibn
algorithm for,55 complexity of,64 of points on elliptic curve,568-570
Musa,56,57 Amicable pair,267 Andrica,Dorin,93
Additive function,248
Andrica's conjecture,93
Additive inverse,605
Approximation,
Adjoint,183
best rational,497
Adleman,Leonard,75,323,324
diophantine,8
Advanced Encryption Standard (AES),310
by rationals,497-500
Affine transformation,294-295,316
Archimedes,554
Agrawal,M.,75
Arithmetic, computer, 164-167
Alchemists,258,301
Arithmetic, fundamental theorem of,112
Algebra, origin of the word,57
Arithmetic,modular,148
Algebraic number,7
Arithmetic function,240
Algorithm,55 for addition,55
inverse of,247 summatory function of,243
for base b expansion,48
Arithmetic mean,29
for computing Jacobi symbols,448-449
Arithmetic progression,10
for computing p(n),286,290
of consecutive primes,92
for congruent numbers,571
of primes,86-87
continued fraction factoring,517-519
of three squares,565-566
Data Encryption,309-310
primes in,73
definition of,55
Arrow in exercises,xii
deterministic,76
Artin,Emil,357,358
division,37
Artin's conjecture,357-358
for division,58-59
Aryabhata,102,103
Euclidean,102-109
Associates,581
extended Euclidean algorithm,108-109
Associative law,605
for greatest common divisors, 102-109,
Astrologers,258
110,111
Asymptotic to,82
least-remainder,111
Attacks on RSA,328-329,500--501
for matrix multiplication,67
Atomic bomb,15
for modular exponentiation,151-152
Auric,A.,125
for modular multiplication,155
Average gap between consecutive primes,86
for multiplication,57-58
Axioms for the integers,605
origin of the word,56
Autokey cipher,312
735
736
Index
Automorph,169 Away team,203 Babbage,Charles,302 Babylonians,45 Bachet,Claude Gaspar,95,540,541 Bachet equation,540 Bachmann,Paul,62 Balanced ternary expansion,50 Barlow,Peter,261 Base,45-46 Base,factor,520 Base b expansion, of an integer,46 periodic,473 terminating,472 of a real number,469-471 Basis step,23 Beal's conjecture,537 Best rational approximation,497 Bertrand,Joseph,85 Bertrand's conjecture, 85,86,91 BESK computer,262 Bezout,Etienne, 96 Bezout, coefficients,96
Caesar,Julius, 197, 292-293 Cafe,Scottish,15 Calendar,197-200 Gregorian,197-198 International Fixed,201-202 Julian,197 perpetual,198-200 Cameron,Michael,263 Cancellation law,605 Cantor,George,478 Cantor expansion,52 Card shuffling,224 Carmichael,Robert,227,228 Carmichael number,227-228,388-389 Carry,55 Casting out nines,196 Casting out ninety nines,196 Catalan,Eugene,537,539 Catalan conjecture,537 Cataldi,Pietro,261 Ceiling function,7 Ceres,146 Certificate of primality, 7 4 Chain of quadratic residues,430 Challenge,RSA factoring,130
Character cipher,291
identity, 95
Chebyshev,Pafnuty,79,80,85,126
theorem, 95
Check bit,parity,209
Bhaskara,554,555 Big-0 notation,61-64 Bijective proofs of partition identities,281, 284-285
Binary coded decimal notation,51 Binary expansion, 48 Binary notation, 48 Binomial coefficient,608
Check digit, 209 Chen, J. R.,86,88 Chernac,79 Chessboard,29 Ch'in Chiu-Shao,162,163,169 Chinese,ancient,162-163,225 Chinese remainder theorem,162-167 for Gaussian integers,596
Binomial expression,608
Cicada,periodic,122
Binomial theorem,610-611
Cipher, 292
Biorhythms,170 Bit,48
parity check, 209
affine transformation,294 autokey,312 block,300
Bit operation,61
Caesar,292
Block cipher,300
character,292-293
Bomb,atomic,15 Bonse's inequality,91 Borrow,56 Brahmagupta, 137, 139,162 Brent,Richard,132 Brillhart, John,518
DES,309-310 digraphic,305 exponentiation,318-319 Hill,305-307 iterated knapsack,335-336 knapsack,331-335
Brouncker,Lord William, 555
monographic,292
Brun,Viggo,86
polygraphic,300,308
Brun's constant,86
product,299
Index
public-key,321-323
of multiplication, 64-65
Rabin,329
of primality testing,74-75
RSA,323-327
of subtraction,64
stream,310
of trial division,74,127
substitution,293
Computer arithmetic,164-167
symmetric,310
Congruence,145
transposition,316
class,147
Vernam,311
of Gaussian integers,587
Vigenere,300--301
linear,157
Ciphertext,292
of matrices,180--181
Clarkson,Roland, 263
of polynomials,156
Class,congruence,147
polynomial,171-177
Closure property, 605,606
Ramanujan, 287
Clustering,205
737
Zeller,200
Cocks,Clifford,323,325
Congruences,covering set,170
Coconut problem,156
Congruent number,560
Coefficient,
Congruent numbers, algorithm for, 571-
Bezout,96 binomial, 608 multinomial,614
572 Congruent to,145 in the Gaussian integers, 587
Coin flipping,electronic,425
Congruum, 565
Coincidence,index of,303
Conjecture,
Cole,Frank,261
abc,538-540
Collatz conjecture,42,616,620
Andrica's,93
Collected works of Euler,235,443,560
Artin,357-358
Collision,205
Beal,537
Colquitt,Walter,262
Bertrand,85,91
Combination,linear,94
of Carmichael,249
Combinatorial number theory, 277
Catalan,537
Comet, 301
Collatz,42, 616,620
Common key, 338
consecutive primes in arithmetic
Common ratio,10 Commutative law,605 Complete system of residues,148,150
progression,92 Erdos, on arithmetic progressions of primes, 87
Completely additive function,248
Fermat-Catalan,537-538
Completely multiplicative function,240
Goldbach,88
Complex number,
of Lehmer,D. H., 249
absolute value of,578
Legendre,89-90
conjugate of, 578
Mertens,276 2 n +1,88-89
norm of,578 Complexity, computational, 61 of Euclidean algorithm,106 of factorization,128-130 Composite,70 highly,253 Composite integers,consecutive,85 Computational complexity,61
about primes,85-90 twin prime,86 Conjugate, of a complex number,578 partition,279 of a quadratic irrational,505 Consecutive composite integers, 85
of addition,64
Consecutive quadratic residues,428
of division,66
Constant,
of Euclidean algorithm,106 of matrix multiplication,67 of modular exponentiation,151-153
Kaprekar,52 Skewes', 84 Construction of regular polygons,134
738
Index
Continued fraction, 4Sl-519, 640
Deficient integer,267
factoring with,517-519
Definition, recursive,26
finite,4S2
de Polignac, A.,91
infinite,491--492
Derivative of a polynomial, 173
periodic,503-504
Descent, proof by,535
purely periodic,511-512
Deterministic algorithm,76
simple,4S2
Diabolic square, 1S7
Convergent, 4S5
Diagonal,
Countable set, 11,47S--479
negative,1S7
Countability of rationals,11-12
positive,1S7
Counterexample, extremely large,S4,276
Diagram, Ferrers,279
Covering set of congruences,170
Diffie, W., 33S
Cray computer,262
Diffie-Hellman key exchange,33S-339
Crelle's Journal, 174,434
Digit,45
Cromwell,Oliver,555
Digit,check,209
Crosstalk,411
Digital signature,339-340
Cryptanalysis,291
Digital Signature Algorithm (DSA),
of block ciphers,30S-309 of character ciphers,295-296 of Vigenere ciphers,302-303
407 Digraphs, frequencies of,30S-309
Cryptographic protocol,33S
Digraphic cipher,305
Cryptographically secure,399
Diophantine approximation,S
Cryptography,291
Diophantine equation,137
FAQ,625 Cryptology,291-343 definition of,291 Cryptosystem,
linear,137 nonlinear,522-572 Diophantine geometry,526 Diophantus,S,12S,137,541
definition of,292
Dirichlet, G. Lejeune,S,73,531
ElGamal, 402--406
Dirichlet product, 247
private-key,321
Dirichlet's approximation theorem, 9, 14,
public-key,322 Rabin,329,429 RSA, 323-32S, 625 symmetric, 321
497 Dirichlet's theorem on primes in arithmetic progression,73,1lS for the progression 4n + 1,427
Cubes, sum of,550
for the progression 4n + 3,1lS
Cubic residue,37S
for the progression Sn + 4, 440
Cullen number,234
for the progression Sn + 3,427
Cunningham, A. J., 133
for the progression Sn + 5,427
Cunnigham project,133
for the progression Sn + 7,427
Curve, elliptic,56S
Discrete exponential generator,401
Cyber computer,262
Discrete logarirthm,36S-369
Cycling attack on RSA,354
Discrete logarithm problem,372
Cyclotomic polynomial,276-277
Distribution of primes,79-90
Data Encryption Algorithm (DEA),309-310
Distributive law,605
Data Encryption Standard (DES),309-310
Divide, 36, SSO
gaps in,S6
Decimal fraction,469--476
exactly,121
Decimal notation,4S
Dividend,37
Deciphering,292
Divisibility,36-37
Decryption,292 Decryption key,for RSA cipher, 326
of Gaussian integers,SSO Divisibility tests,191-194
Index
Division,36-37 algorithrn.,37,583-584
Eratosthenes,71,72 Eratosthenes, sieve of,71-72
complexity of,66
Erdos,Paul,29,81, 82,87
trial,74,127
Euclid,70,71,78,102
Division algorithm,37 for Gaussian integers,583-584 modified,41,111 Divisor,37 greatest common, 39,93-98 DNA computing,324
739
game of,111 Euclidean algorithm,102-107,481-483 complexity of,105-107 extended,108-109 for Gaussian integers,591 Euler,Leonhard,78, 88, 96,135,219,234,
Double hashing,205
235,261,277,283,284,286,350,
Double Mersenne number,268
415,430,431,506,531,537,542,
Dozen,60
546,555,560,574
Draim factorization, 135
collected works,235,443,560
Dummy variable,16,20
Euler-Mullin sequence,78
Duodecimal notation,60
Euler parity theorem,283 Euler phi -function,234,239-245,634
e, 6,7,15,501 convergent fraction of,501
formula for,242 multiplicativity of,241
Eclipses,103,139
Euler pseudoprime, 453
Eggs,60,168
Euler's criterion,418
Egyptian fraction,29
Euler's factorization,135
Eisenstein,Max,433,434,597
Euler's method,135
Eisenstein integers,597
Euler's partition formula,286
Eisenstein prime,598
Euler's pentagonal number theorem,284
Electronic Frontier Foundation,265
Euler's theorem,236-237
Electronic poker,340--341,429 Elementary number theory,definition of,3
Elements (Euclid),70,102
Gaussian integers,analogue for,604 Euler's version of quadratic reciprocity, 431-432,441
ElGamal,T., 402
Even number,39
ElGamal cryptosystem,402-405
Everything,522
signing messages in,405-407 Elliptic curve, 568
Exactly divide,121 Expansion,
addition of points on,568-570
balanced ternary,50
doubling formula,570--571
base b, 48,469
rational points on,568
binary,48
Ellis,James,325
binary coded decimal,51
Elvenich,Hans-Michael,264
Cantor,52
Enciphering,292
continued fraction,482
Encryption,292
decimal,48
Encryption key,292
hexadecimal,48
for RSA cipher,323
Encyclopedia of Integer Sequences, 11 End of the world,28 Equation,
periodic base b, 473 periodic continued function,503-515 terminating base b, 473
±1-exponent,408
Bachet,540
Experimentation in number theory,3
diophantine, 137
Exponent,
Fermat's,3,530 Markov's, 542 Pell's,553-557 Equivalent real numbers,502
minimal universal,386 universal,386 Exponentiation,modular,151-152 Exponentiation cipher,318-321
740
Index
Expression,binomial,608 Extended Euclidean algorithm,108-109
Fibonacci numbers, 30-33, 104-105, 340, 490,624 explicit formula for,33
Factor,36
Gaussian,587
Factor base,520
generalized,35
Factor table,627-633
growth of,32-33
Factorial function,20,26 Factorization,112-118,127-131,187-189, 221-222,517-519
with negative indices,35 Fibonacci pseudorandom number generator, 400
Draim,135
Fibonacci Quarterly, 33
Euler,135
Fibonacci sequence,30
Fermat,128,130-131
Field's medal,81,87
of Fermat numbers,132-133
Finding primes,71
Pollard p
Findley,Josh,263
-
1,221-222
Pollard rho,187-189
Flaw in Pentium chip,86,89
prime-power,113
Flipping coins electronically,425
speed of,127-130
Floor function,7
using continued fractions,518-519
Formula,
Failure of unique factorization,114,121 FAQs,
Euler's partition,286 for primes,74
cryptography,625 mathematics,625 prime,624
for sum of terms of a geometric series,18 for terms of a sequence,11 Fortune,R. F., 78
Farey,John,100
Four squares,sums of, 218, 541, 545-548,
Farey series,101
532-535
Pefferman,Charles,87
Fowls,143
Fermat, Pierre de,128, 130, 131,219, 521,
Fractals,384
530,542,546,554,560,563 Fermat equation,3,530
Fraction, continued,481-519,640
Fermat factorization, 130-131
Egyptian,29
Fermat number,131-133,340,414
unit,29
factorization of,625 Fermat prime,131 Fermat quotient,224 generalized,390
vulgar,101 Fractional part, 8,469 Franklin, Fabian,284 Frauds,258
Fermat-Catalan conjecture,537-538
Frenicle de Bessy,Bernard,219
Fermat's last theorem, 106, 418, 530-
Frequencies, of letters 295-296,
536 history of, 531-534
of digraphs,308
proof for n
of polygraphs,309
=
3,531
proof for n 4,535-536 Fermat's Last Theorem, the Mathematics of, =
600 Fermat's little theorem,219 Gaussian integers,analogue for,604 Lucas's converse of,379
Frequency, 278 Frequently Asked Questions, of letters 295-296, of digraphs,308 of polygraphs,309 Friedman,William,303
Ferrers,Norman,279,280
Frey, Gerhard,532
Ferrers diagram,279
Function,
Fiat-Shamir method,465
absolute value,9
Fibonacci,30,560,563,565
additive,248
Fibonacci,generator,400
arithmetic,240
Index
ceiling,7
Euler's theorem for,604
completely additive,248
Fermat's little theorem for,604
completely multiplicative,240
greatest common divisor of,599
Euler phi,234, 239-245, 634
Maple, working with,618
factorial, 20,26
unique factorization for,592-594
floor,7
units of,581
generating,35-36,281
Wilson's theorem for,604
greatest integer,7 hashing,204 l,
247
741
Gaussian Fibonacci sequence,587 Gaussian moats,588 Gaussian prime,581-582
Li, 79,81
Generalized Fermat quotient,390
Liouville's,247
Generalized Fibonacci number,35
Mangoldt,276
Generalized pentagonal numbers,286
Mertens,276
Generalized Riemann hypothesis,75,231
Mobius, 270--271
Generals,Chinese,168
mod,147
Generating function,34, 281
multiplicative,240
Genghis Khan,163
number of divisors, 250
Geometric mean, 29
w,248
Geometric progression,10
partition, 278 Jr,72,77,223 Jr2,92 rad,125,538-539
sum of terms,17-18 Geometric series, sum of infinite,469-470 sum of terms of,17-18
Riemann zeta,80
Geometry,diophantine,526
Smarandache,125
Germain,Sophie,75,531
strongly multiplicative,247
Gerstenhaber,M.,431
sum of divisors,249
GHCQ,325
summatory,250
Gillies,Donald,262
zeta,80
GIMPS,262-265,624
Fundamental theorem of arithmetic,112
Goldbach,Christian,88 Goldbach's conjecture,88
Gage, Paul, 262
Goldston,Daniel,86
Game,
Government Communications Headquarters,
of Euclid,111 of nim,52 Gaps,
325 Great Internet Mersenne Prime Search, 262-265,624
between consecutive primes,86 in distribution of primes,84 Gauss, Karl Friedrich, 73, 79, 84, 106,134, 145, 146,348,350,420,431,433, 531,579 Gauss' generalization of Wilson's theorem, 224 Gauss' lemma,420 Gaussian integers,577-603 associates,581
Greatest common divisor,39, 93-99 algorithms for,103-109,110,111 finding using prime factorizations, 114-115 of Gaussian integers,589-592 as least positive linear combination, 94-97' 107-109 of more than two integers,98 of two integers,39 using to break Vigenere ciphers,302
Chinese remainder theorem for,596
Greatest integer function,7
congruence of,587
Greeks,ancient,19, 69,70,256
divisibility of,579-580
Green,Ben,87
division algorithm for,583-585
Green-Tao theorem,87
Euclidean algorithm for,591
Gregorian calendar, 197-198
742
Index
Gross, 60
Indices, 368, 636--639
Gynecologist,62
Induction,mathematical,23-27 lnduction,strong,25
Hadamard,Jacques,79,80
Inductive step,23
Hajratwala,Nayan,263
Inequality,Bonse's,91
Hanoi,tower of,28
Infinite continued fraction,491
Hardy,G. H., 2,78, 92, 254,278
Infinite descent,531,535
Harmonic series,27
Infinite simple continued fraction,491
Haros, C.,101
Infinitude of primes, 70-71, 76, 101, 102,
Hashing, 204-206
124,125,133-134
double,205-206
Initial term of a geometric progression,10
function, 204
Integer,6
quadratic, 429
abundant,267
Hashing function,202
composite,70
Hastad broadcast attack,328,330
deficient,267
Hellman,M. E.,318,324,333
Eisenstein,597
Hensel,Kurt, 173
Gaussian,579
Hensel's lemma,173
k-abundant,267
Heptadecagon,146
k-perfect,267
Heptagonal number,21
order of,347-348
Heron triangle,574
palindromic,195
Hex,48,49
powerful,120
Hexadecimal notation,48,49
rational,579
Hexagonal number,21
sequences,11
Highly composite,253
square-free,120
Hilbert,David,122,478
superperfect,268
Hilbert prime,121
Integers,6
Hill,Lester S.,305,306
Gaussian,579
Hill cipher, 305-309
most wanted,ten,133
Home team,203
Intel,86,89,266
House of Wisdom,57
International fixed calendar,201
Horses,same color,28
International Mathematical Olympics, 87,
Hundred fowls problem,143
325
Hurwitz,Alexander,262
International Standard Book Number,210
Hyperinflation,534
International Standard Serial Number,
Hypothesis,Riemann,83
215 Internet,239,261,624
IBM 360 computer,262
Interpolation, Lagrange,359
IBM 7090 computer,262
Inverse,additive,605
Identity,
Inverse of an arithmetic function,247
Bezout, 95-96
Inverse of a matrix modulo
Rogers-Ramanujan,287
Inverse modulo
m,
m,
182
Identity elements,605
Inversion,Mobius,272-274
ILLIAC, 262
Involutory matrix, 185
Inclusion-exclusion, principle of, 77,
Irrational number,6,118-119
613-614
quadratic,503-506,579
,J2, 6-7,119
Incongruent,145
Irrationality of
Index arithmetic,368-371
ISBN, 210
Index of coincidence,303
ISBN-10,210,211
Index of an integer, 368, 636-639
ISBN-13,210,212
Index of summation,16
Iterated knapsack cipher,336
Index system, 377
lwaniec,Henryk,89
178
Index
Jackpot,265
Law,
Jacobi,Carl G. J.,443,597
associative,605
Jacobi symbol,443
cancellation,605
reciprocity law for,446--447 Jeans,J.H.,225 Jigsaw puzzle,28
743
commutative,605 distributive,605 trichotomy,606
Julian calendar,197
Law of quadratic reciprocity,418,430-438
Julius Caesar,197,292
Leap year,197
Jurca,Dan,262
Least common multiple, finding using prime factorizations,116
k-abundant number,267 k-perfect number,267
of more than two integers,123 of two integers,116
Kaprekar,D. R., 53
Least nonnegative residue,147
Kaprekar constant,52
Least nonnegative residues,148
Kasiski,F., 302
Least positive residue,147
Kasiski test,302
Least primitive root for a prime,358
Kayal,N., 75
Least-remainder algorithm,111
Key,292
Leblanc, M. (pseudonym of Sophie
agreement protocol,338
Germain),531
common,338-339
Legendre,Adrien-Marie,79,417,418,531
decryption,292
Legendre conjecture,89-90
encryption,292
Legendre symbol,417
exchange,338-339
Lehmer,Derrick,249,259,518
for hashing,204
Lehmer,Emma,262
master, 342
Lemma,
public,322
Gauss's,420
Keyspace,292
Hensel's, 173
Keystream,310
Thue's,551
Knapsack ciphers,331-336 weakness in,335 Knapsack problem,334 multiplicative,336-337
Lemmermeyer,Franz,431 Lenstra,Arjen,130 Lenstra,H.,75 Letters,frequencies of,295-296
Knuth,Donald,62,63
Lifting solutions,173
Kocher,Paul,329
Linear combination,94
Kronecker, Leopold, 174, 434, 451, 452
greatest common divisor as a, 94-97, 107-109,110
Kronecker symbol,451
Linear congruence,157
kth power residue,372
Linear congruences,systems of,162,178
Kummer,Ernst,452,478,531-532
Linear congruential method,395-396 Linear diophantine equation,137
Lagarias,Jeffrey,84
in more than two variables,140
Lagrange,Joseph,217,218,350,355,359,
nonnegative solutions,142
506-507,531,542,546,549,555
Linear homogeneous recurrence relation, 33
Lagrange interpolation,359
Liouville, Joseph,247,248,476
Lagrange's theorem
Liouville's function,247
on continued functions,506-507
Little theorem,Fermat's,219
on polynomial congruences,355
Littlewood,J.E.,78,84,92,254
Lame,Gabriel,105,106,531
Lobsters,142,169
Lame's theorem,105-106
Logarithm,discrete,368
Landau,Edmund,62,89-90
Logarithmic integral,79
Largest known primes,73-74
Logarithms modulo p, 368
Largest number naturally appearing,84
Lowest terms,94
744
Index
Lucas,Edouard,30,34,259,261,379 Lucas converse of Fermat's little theorem, 379 Lucas numbers,34
l\1iller's test, 228-229,373 l\1ills,W. H.,74 l\1ills formula,74 l\1inimal universal exponent,386
Lucas-Lehmer test, 259-260
l\1inims,order of the,258
Lucifer,310
l\1inimum-disclosure proof,461-462
Lucky numbers,77
l\1IPS-years,129 l\1oats,Gaussian,588
l\1acl\1ahon,Percy,286
l\1obius,A. F., 271
l\1acTutor History of l\1athematics Archives,
l\1obius function, 270-271
625
l\1obius inversion,272-274
MAD Magazine, 63
l\1obius strip,271
l\1agic square,186
l\1odified division division, 41
l\1ahavira, 141
l\1odular arithmetic,148
l\1angoldt function, 276
l\1odular exponentiation algorithm, 151-152
l\1anhattan project,15 l\1aple,615-619 Gaussian integer package,618
complexity of,152-153 l\1odular inverses,159 l\1odular square roots,423-424
l\1arkov's equation,542
l\1odulus,145
l\1aster key,342,359
l\1onkeys,156,168
l\1aster Sun,162
l\1onks,28
Mathematica, 619-623
l\1onographic cipher,292
l\1athematical induction,23-26
l\1onte Carlo method,15,187
origins of,24 second principle,25 l\1athematics,Prince of,146
l\1orrison,l\1.A.,518 l\1ost wanted integers,133
l\1r. Fix-It, 87
l\1atrices,congruent,180-181
l\1ultinomial coefficient,614
l\1atrix,involutory,185
l\1ultiple,36
l\1atrix multiplication,67
least common,116
l\1aurolico,Francesco, 24
l\1ultiple precision,55
l\1aximal ± 1-exponent,408
l\1ultiplication,
l\1ayans,45
algorithm for,57
l\1ean,
complexity of,64-65
arithmetic,29 geometric, 29
matrix,67 l\1ultiplicative function,239,240
l\1erkle, R. C.,333
l\1ultiplicative knapsack problem,336-337
l\1ersenne,l\1arin,128, 258
l\1utually relatively prime,98
l\1ersenne numbers, 258,428
l\1ysteries of the universe,301
double,268 l\1ersenne primes,73-74,258-266,382,396, 428,624 search for,261-265, 624 l\1ertens,Franz,274
Namaigiri,254 National Institute of Standards and Technology,310 Nicely,Thomas,86,89
l\1ertens conjecture,276
Nickel, Laura, 262
l\1ertens function,274,276
Nicomachus,162
l\1essage expansion factor,403
Nim,52
l\1ethod,
Noll,Landon,262
Kasiski's,302
Nonresidue,quadratic,416
l\1onte Carlo,187
Norm,121
l\1ethod of infinite descent,531,535 l\1iddle-square method,394 l\1ihailescu,Preda,537
of complex number,578 Notation, Arabic,30, 56
Index
big-0,61
p-adic,173
binary,48
pseudorandom,393-398
binary coded decimal,51
random,393
decimal,48 duodecimal,60 hexadecimal,48
ten most wanted,133 Number of divisors function,250,634 multiplicativity of,251
octal,48
Number system,positional,45
one's complement,51
Number theory,definition of,1
product,19-20
combinatorial,277
summation,16-19
elementary,definition of,3
two's complement,51 NOVA,534,625
745
Number T heory Web,625 Numerals,Hindu-Arabic,56
NOVA Online-The Proof, 625 Number,
Octal notation,48
abundant, 267
Odd number,39
algebraic,7
Odd perlect number,266,268
Carmichael,227,228,388-389
Odlyzko,Andrew,84
composite,70
Oliveira e Silva,Tomas,84
congruent,560
One-time pad,311
Cullen,234
One-to-one correspondence,11
deficient,267
One's complement representation, 51
double Mersenne,268
Ono,Kenneth,287
even,39
Operation,bit, 61
everything is,522
Orange, Prince of,555
Fermat,131-133,353,414,428
Order of an integer,348
Fibonacci,30
Ordered set,6,606
generalized Fibonacci,35
Origin of,
heptagonal,21
mathematical induction,24
hexagonal,21
the word "algebra," 57
irrational,6 k-abundant,267
the word "algorithm," 56 Origins of mathematical induction,24
k-perlect,267 Lucas,34
Pad,one-time,311
lucky,77
p-adic numbers,173
Mersenne,258
Pair,amicable,267
most wanted,133
Pairwise relatively prime,98-99
odd,39
Palindromic integer,195
odd perlect,266
Parameterization,527
pentagonal,21
Parity check bit,209
perlect,256
Parity theorem,Euler,283
pseudorandom,393-398
Partial key disclosure attack on RSA,328
random,15, 393
Partial quotient,482
rational,6
Partial remainder,59
Sierpinski,384
Partition,277
superperlect,268
conjugate,279
t-congruent,574
function,278
tetrahedral, 21
restricted,278
transcendental,7,452, 476-478
self-conjugate,279
triangular, 19,20 Ulam,15 Numbers, lucky,77
unrestricted,278 Parts,aliquot,268 Pascal,Blaise,609-610 Pascal's identity,609
746
Index
Pascal's triangle,610
Primality test,71,379-381
Pell,John,554
Pocklington's,381
Pell's equation,553-558
probabilistic,231,459
Pentagonal number,21,284 Pentagonal number theorem,Euler's,284 Pentagonal numbers,generalized,286
Proth's,382 Prime, in arithmetic progressions,73
Pentium,54,86,89,129,262,263,266
definition of,70
Pepin's test,438-439
Eisenstein,597
Perfect number,256,266
Fermat,131-132
even,256-257
Gaussian,582
odd,266,268
Hilbert,121
Perfect square, last two decimal digits,135 modulo p, 416 Period, of a base b expansion,4 74
largest known,73-74 Mersenne, 73-74, 258-266, 382, 396, 428,624 power,91 relatively, 39
of a continued fraction,516
size of the nth,84
length of a pseudorandom number
Sophie Germain,75
generator,396
Wilson,224
Periodic base b expansion,473
Prime number theorem,79-83
Periodic cicada,122
Prime Pages, The, 624
Periodic continued fraction,503
Prime power,91
Perpetual calendar, 197-200
PrimeNet,262,266
Phyllotaxis, 31
Prime-power factorization,113
Jl''
6,499
Pigeonhole principle 8,9 Pintz,Janos,86 Pirates,169
using to find greatest common divisors, 115 using to find least common multiples,116 Primes,
Plaintext,292
in arithmetic progressions,73
Pocklington,Henry,381
infinitude of, 70--71, 76, 101, 102,124,
Pocklington's primality test,381
125,133-134
Poker,electronic,340--341,429
distribution of,79-90
Pollard,J.M.,128,129,187,221
finding,71-72
Pollard,
p
-
1 factorization,221
rho factorization, 187-189 Polygon,regular,134 Polygraphic cipher,300,308
formula for,74 gaps,84-85 largest known,73-74 primitive roots of,357 twin,86
Polynomial,cyclotomic,276-277
PRIMES is in P,75
Polynomial congruences, solving,
Primitive Pythagorean triple,522,536,561
171-177,355-356 Polynomial time algorithm,75
Primitive root,350,635 Primitive root,
Polynomials,congruence of,156-157
method for constructing,359
Pomerance,Carl,75,129
modulo primes, 354-358, 635
Positional number system,45
modulo prime squares,360--362
Potrzebie system,63
modulo powers of primes,362-365
Power,prime,91 Power generator,401
of unity,276,441 Prince of Orange,555
Power residue,372
Principle, pigeonhole,8-9
Powerful integer,120
Principle of inclusion-exclusion,77,613-614
Powers,R. E.,518
Principle of mathematical induction,23-26
Pre-period,473
second,25
Index
Private-key cryptosystem,321
middle-square,394
Prize,
1/ P, 480
for factorizations,130
power,401
for finding large primes,265
pure multiplicative,396
for proving the Riemann hypothesis,83
quadratic congruential,402
for settling Beal's conjecture,537
square,397-398
Wolfskehl,534 Probabilistic primality test,231,459 Solovay-Strassen,459
747
Pseudorandom numbers,393-399,480 Ptolemy II, 72 Public-key cipher,321-323
Probing sequence,206
Public-key cryptography,321-329, 402-403
Problem,
Public-key cryptosystem,321-322
coconut,156
Pulvizer,the,102
congruent number,560
Pure multiplicative congruential method,
discrete logarithm,368-369,372
396--397
hundred fowls,143
Purely periodic continued fraction,511-512
knapsack,331
Puzzle,141,143,162
multiplicative knapsack,336--337
jigsaw, 28
Waring's,549
tower of Hanoi,28
Problems,Landau,89-90
Pythagoras, 522
Product,Dirichlet,247
Pythagorean theorem,522
Product cipher,299
Pythagorean triple,522,561
Product notation,19-20 Progression,
primitive,522,524, 561,603 Pythagoreans,522
arithmetic,10 geometric,10,17-18 Project,
Quadratic character of -1,419-420 Quadratic character of 2,421-422
Cunningham,133
Quadratic congruential generator, 402
Manhattan,15
Quadratic hashing,429
Proof, minimum-disclosure,461-462
Quadratic irrationality,504,579 reduced,512
primality,74-75
Quadratic nonresidue,416
zero-knowledge,461-462
Quadratic reciprocity law,418, 430-438
Property,
different proofs of,431
reflexive,146
Euler's version of,431-432
symmetric,147
Gauss's proofs of,431
transitive,147
history of, 430-431
well-ordering,6,606
proof oL434-437,441,442
Proth,E.,382
Quadratic residue,416
Proth's primality test,382
Quadratic residues
Protocol, cryptographic,338 failure,328 key agreement protocol,338
chain of,429,430 consecutive,428 Quadratic residues and primitive roots,417 Quadratic sieve,129
Prover,in a zero-knowledge proof,462
Queen of mathematics,146
Pseudoconvergent,502
Quotient,37
Pseudoprime,225-227 Euler,453-455
Fermat, 224 partial, 482
strong,229,456 Pseudorandom number generator,393-399
Rabbits,30
discrete exponential,401
Rabin, Michael, 329
Fibonacci,400-401
Rabin cryptosystem,329,429
linear congruential,395
Rabin's probabilistic primality test,231
748
Index
rad function,125,538-539
Restricted partitions,278
Radix,48
Riemann,George F riedrich,80,83,232
Ramanujan,Smivasa,253,254, 286-287
Riemann hypothesis,83
Ramanujan congruences,287
Riemann hypothesis,generalized,231
Random numbers,15,393
Riesel,Hans, 262
Ratio,common,10
Right triangle,
Rational integer, 579
integer, 560
Rational number,6
rational, 560
Rational numbers,
Rijndael algorithm,310
countability of,11-12 Rational point,
Rivest,Ronald,324 Robinson,Raphael,262
on curve, 526
Rogers,Leonard James,287
on elliptic curve,568
Rogers-Ramanujan identities,287
on unit circle,526-528
Root,primitive,350
Real number,base b expansion of,469--471 Real numbers,
of unity,276 Root of a polynomial modulo
equivalent,502
m,
350
Root of unity,441
uncountability of,478--479 Reciprocity law,
primitive,276,441 Roman numerals,45
for Jacobi symbols,446--447 quadratic,418,430--438 Recurrence relation,
Romans, 45 Round-robin tournament, 202-203 RSA cryptosystem,323-328,354,390,500,
linear homogeneous,
621,625 attacks on implementations of,328-329
35 for the partition function,286
cycling attack on,354
Recursive definition,26-27
digital signatures in,339-340
Reduced quadratic irrational,512
Hastad broadcast attack on,328,330
Reduced residue system,235
partial key disclosure attack on,328-329
Reducing modulo
security of,326-327
m,
147
Reflexive property,146 Regular polygon,constructability,134,146 Relatively prime,39,93 mutually,98 pairwise, 98-99
Wiener's low encryption exponent attack, 328,500-501 RSA factoring challenge,130 RSA Labs,130,625 cryptography FAQ,625
Remainder,37
RSA-129,129,130
Remainder,partial,59
RSA-130,130
Representation,
RSA-140,130
one's complement,51
RSA-155,130
two's complement,51
RSA-200,129,130
Zeckendorf,34
Rule for squaring an integer with final digit 5,
Repunit,195 base b, 195
60 Rumely, Robert,75
Residue, cubic,378
Sarrus,P.F., 225
kth power,372
Saxena,N., 75
least nonnegative,147
Scottish Cafe,15
quadratic,416
Second principle of mathematical induction,
system,reduced,235 Residues, absolute least,148
25 Secret sharing,342-343 Security of RSA,326-327
complete system of,148
Seed,395
reduced,235
Selberg,A.,73,81
Index
Self-conjugate partition,279
Spread of a splicing scheme,411
Sequence,10
Square,
aliquot,268 Euler-Mullin,78 Fibonacci,30
diabolic,187 magic,186 Square pseudorandom number generator, 397-399
formula for terms,10 integer,11
Square root,modular,423-424
probing,206,429
Square-free integer,120
Sidon,53
Square-free part,561
spectrum,14
Squaring an integer with final digit 5,60
super-increasing,332
Squares, sums of, 542-548, 599-602 Stark,Harold,260
Series, Farey,100
Strauss,E.,29
harmonic,27
Step,
Set,
basis,23
countable, 11,478
inductive,23
ordered,606
Stream cipher, 310-311
uncountable,11,478
Stridmo,Odd. M.,264
well-ordered,6 Shadows,342 Shamir,Adi,323,324,340,463
Strip,Mobius,271 Strong pseudoprime, 229, 373-376, 454
Sharing,secret,342-343
Strongly multiplicative function, 247
Shift transformation,294
Subexponential time,128
Shifting,57
Substitution cipher,293
Shuffling cards,224
Subtraction,algorithm for,56
Sidon, Simon,53
Subtraction,complexity of,54
Sidon sequence,53
Sum, telescoping,18
Sierpinski,Wadaw,384
Sum of divisors function,249,634
Sierpinski number,384 Sieve,
multiplicativity of,251 Summation,
of Eratosthenes,71-72
index of,16
number field,129
notation, 16
quadratic,129
terms of a geometric series,18
Signature, digital, 339-340, 344-345, 405-407 Signed message,339 Simple continued fraction, 482
Summations, properties of,17 Summatory function,243 of Mobius function,270-271
Shafer,Michael,263
Sums of cubes,549-550
Sinning,301
Sums of squares,542-548,599-602
Skewes, S.,84
Super-increasing sequence,332
Skewes' constant,84
Superperfect integer,268
Sloane,Neil,11
SWAC,262
Slowinski,D., 262
Sylvester,James Joseph,96,266,280
Smith,Edson,264
Symbol,
Sneakers, 324
Jacobi,443
Solovay-Strassen probabilistic primality test,
Kronecker,451
460 Solving
Legendre,417 Symmetric cipher,321
linear congruences,157-160
Symmetric property,147
linear diophantine equations,137-141
System,index,377
polynomial congruences,171-177
System of congruences,178-185
Splicing of telephone cables,411-412
749
System of linear congruences,174--181
750
Index
System of residues,
Thue, Axel, 551
complete, 148
Thue's lemma, 551
reduced, 235
Tijdeman, R., 537 Tournament, round-robin, 202-203 Tower of Hanoi, 28,259
Table, factor, 627-633
Transcendental number, 7,452, 476--478
of arithmetic functions, 634
Transformation, affine, 294, 316
of continued fractions, 640
Transformation, shift, 294
of indices, 636--639
Transitive property, 147
of primitive roots, 635
Transposition cipher, 316
Tao, Terrence, 87
Trial division, 71,127
t-congruent number, 574
Triangle, Heron, 574
Team, away, 203
Pascal's, 609--610
home, 203
Pythagorean, 522
Telephone cables, 411--413 Telescoping sum, 18
right, integer, 560 right, rational, 560
Ten most wanted integers, 133
Triangular number, 19,20
Term, initial, of a geometric progression, 10
Trichotomy law, 606
Terminate, 472
Trivial zeros, 83
Terminating base b expansion, 472
Tuberculosis, 62,232, 254,434
Test,
Tunnell, J., 571-572
divisibility, 191-194
Tuckerman, Bryant, 262
Kasiski, 302
Twin prime conjecture, 86
Lucas-Lehmer, 260
Twin primes, 86
Miller's, 228-229 Pepin's, 438--439 primality, 71-72, 74-75, 228-230,
378-383,460
asymptotic formula conjecture, 92 application to hashing, 206 Two squares, sums of, 542-545, 601-602 Two's complement representation, 51
probabilistic primality, 228-230, 460 Tetrahedral number, 21
Ujjain, astronomical observatory at, 555
Theorem,
Ulam, S. M., 15
Bezout's, 95
Ulam number, 15
binomial, 610--611
Uncountable set, 12,15,478--479
Chinese remainder, 162-163
Unique factorization, 112-114
Dirichlet's, 9, 73, 118, 497 Euler parity, 283
of Gaussian integers, 592-594 Unique factorization, failure of, 114, 121,
Euler's, 234
598
Euler's pentagonal number, 284
Unit, in the Gaussian integers, 581
Fermat's last, 530-536
Unit circle,
Fermat's little, 219-220
rational points on, 526,527
fundamental, of arithmetic, 112
Unit fraction, 29
Gauss's generalization of Wilson's, 224
Unity
Green-Tao, 87
primitive root of, 276, 441
Lagrange's (on continued fractions),
root of, 441
506-507 Lagrange's (on polynomial congruences),
355 Lame's, 105-106
Universal exponent, 386 Universal product code, 213 Unrestricted partitions, 278 Uzbekistan, 57
prime number, 81 Wilson's, 217 Threshold scheme, 342-343,359-360
Valle-Poussin, C. de la, 79, 81 van der Corput, Johannes, 87
Index
Variable, dummy, 16, 20
Wilson, John, 217
Vega, Jurij, 79
Wilson prime, 224
Vegitarianism, 254
Wilson's theorem, 217-218
Verifier, in a zero-knowledge proof, 462
Gauss' generalization of, 224
Vemam, Gilbert, 311
Gaussian integers, analogue for, 604
Vemam cipher, 311
Winning move in game of Euclid, 111
Vigenere, Blaise de 300, 301, 312
Winning position in nim, 52
Vigenere cipher, 300-301
Wisdom, House of, 57
cryptanalysis of, 302-305
Wolfskehl prize, 534
von Humboldt, Alexander, 434
Woltman, George, 262
von Neumann, John, 394
Word size, 54 World, end of, 28
Wagstaff, Samuel, 133, 532 Wallis, John, 554-555
Year end day, 201
Waring, Edward, 217, 549
Year, leap, 197-198
Waring's problem, 549
Yildrim, Cem, 86
Web, Number Theory, 625 Web sites, 624-625
Zeckendorf representation, 34
Wedeniwski, Sebastian, 83
Zeller, Christian Julius, 200
Weights, 50, 169
Zero-knowledge proof, 461-462
Well-ordered set, 6, 606
Zeros, trivial, 83
Well-ordering property, 6, 606
Zeta function, Riemann, 81, 83
Welsh, Luke, 262
ZetaGrid, 83
Wiener, M., 328, 500--501
Ziegler's Giant Bar, 63
Wiles, Andrew, 533-534
751
Photo Credits
Courtesy of The MacTutor History of Mathematics Archive, University of St. Andrews, Scotland: Stanislaw M. Ulam, Fibonacci, Francois-Edouard-Anatole Lucas, Paul Gustav Heinrich Bachmann, Edmund Landau, Pafnuty Lvovich Chebyshev, Jacques Hadamard, Alte Selberg, Joseph Louis Fran9ois Bertrand, G. Lejeune Dirichlet, Gabriel Lame, David Hilbert, Karl Friedrich Gauss, Kurt Hensel, Joseph Louis LaGrange, Georg Friedrich Bernhard Reimann, Leonhard Euler, Joesph Liouville, Srinivasa Ramanujan, Marin Mersenne, August Ferdinand Mobius, Adrien-Marie Legendre, Ferdinand Gotthold Max Eisenstein, Carl Gustav Jacob Jacobi, Leopold Kroneker, Georg Cantor, Pythagoras, Sophie Germain, Ernst Eduard Kummer, Andrew Wiles, Claude Bachet, Edward Waring, Axel Thue, and Blaise Pascal; Eratosthenes©Culver Pictures, Inc.; Paul Erdos©1985 W lodzimierz Kuperberg; Euclid©The Granger Collection; Pierre de Fermat©Giraudon/Art Resource, N.Y.; Derrick H. Lehmer© 1993 the American Mathematical Society; Gilbert S. Vernam©Worcester Polytechnic Institute, Class of 1914; Adi Shamir©the Weizmann Institute of Science, Israel; Ronald Rivest©1999 Ronald Rivest; Leonard Adleman©1999 Eric Mankin, University of Southern California; John Von Neumann© Corbis; Emil Artin ©The Hall of Great Mathematicians, Southern Illinois University, Edwardsville; Eugene Catalan ©Collections artistiques de l'Universite de Liege; Terrence Tao©Reed Hutchinson 2009/UCLA; Norman MacLeod Ferrers by permission of the Master and Fellows of Gonville and Caius College, Cambridge; Etienne Bezout, St. Andrew's University; Clifford Cocks, Simon Singh; Wadaw Sierpinski, St. Andrew's University; Robert Daniel Carmichael, Mathematical Association of America Records, 1916-present, Archives of American Mathematics, Dolph Briscoe Center for American History, University of Texas at Austin;
752
List of Symbols
[x]
Greatest integer, 7
I:
Summation, 16
TI
Product, 19
n!
Factorial, 20
In
Fibonacci number, 30
alb
Divides, 37
aJb
Does not divide, 37
(a, b) (akak-1
Greatest common divisor, 39 ·
·
·
aiaoh
Base
b expansion, 48
O(f)
Big-0 notation, 61
n(x)
Number of primes, 72
f(x)
rv
g(x)
(a1a2, ... ' an)
Asymptotic to, 82 Greatest common divisor (of n integers), 98
:fn
Farey series of order n, 100
min(x , y)
Minimum, 115
y)
Maximum, 116
max(x,
[a, b] Pa
II n
Least common multiple, 116 Exactly divides, 121
[ai. a2, ... , an]
Least common multiple (of n integers), 123
Fn
Fermat number, 131
a=b(modm)
Congruent, 145
a¢. b (modm)
Incongruent, 145
a
Inverse, 159
A= B (modm)
Congruent (matrices), 180
I
Identity matrix, 182
A
Inverse (of matrix), 182
adj(A)
Adjoint, 183
h(k)
Hashing function, 204
Euler's phi-function, 234
L:
Summatory function, 243
f
Dirichlet product, 247
din
*g
A.(n)
Liouville's function, 247
a(n)
Sum of divisors functions, 249
r(n)
Number of divisors function, 250 Mersenne number, 258
µ(n)
Mobius function, 270
p(n)
partition function, 278
Ek(P)
Enciphering transformation, 292
Dk(P)
Deciphering transformation, 292
x
Keyspace, 292
ordm(a)
Order of
a
modulo
indr(a)
Index of
a
to the base
A.(n)
Minimal universal exponent, 386
A.0(n)
Maximal ±I-exponent, 409
348
m,
r,
369
Legendre symbol, 417
Jacobi symbol, 443 Base b expansion, 471 Periodic base b expansion, 473 Finite simple continued fraction, 482 Convergent of a continued fraction, 485 Infinite simple continued fraction, 491
[a0; ai, ... , aN-1' aN, ... , aN+k-1]
Periodic continued fraction, 503
a'
Conjugate, 505
N(z)
Norm of complex number, 578
z
Complex conjugate, 578
(�)
Binomial coefficient, 608
.
..
I
... ,"I..
t: ,•
'��, ., •
.l ..
.
�·.,
,