Inverses and GCDs Supplementary Notes Prepared by Raymond Wong Presented by Raymond Wong

e.g.1 (Page 4) E.g., 30 can be expressed as 1 x 2 x 3 x 5 composite 1 divides 30 1 | 30 6 divides 30 6 | 30 7 does not divide 30 7 | 30 2 divides 30 2 | 30 10 divides 30 10 | 30 3 divides 30 3 | 30 15 divides 30 15 | 30 5 divides 30 5 | 30 30 divides 30 30 | 30

e.g.2 (Page 4) E.g., 24 can be expressed as 1 x 2 x 2 x 2 x 3 composite 1 divides 24 1 | 24 4 divides 24 4 | 24 7 does not divide 24 7 | 24 2 divides 24 2 | 24 6 divides 24 6 | 24 3 divides 24 3 | 24 8 divides 24 8 | 24 12 divides 24 12 | 24 24 divides 24 24 | 24

e.g.3 (Page 4) E.g., 11 can be expressed as 1 x 11 prime 1 divides 11 1 | 11 7 does not divide 11 11 divides 11 11 | 11 7 | 11

e.g.4 (Page 4) E.g., Is the following correct? 7 | 0 0 can be expressed as 0 x 7

e.g.5 (Page 5) E.g., What is gcd(7, 0)? 7 | 7 and 7 | 0 E.g., Let n be a non-negative integer. What is gcd(n, 0)? n | n and n | 0

e.g.6 (Page 7) Illustration of Theorem 2.15 E.g., j = 27 k = 58 if 27 and 58 are relatively prime (i.e., gcd(27, 58) = 1) then there exists two integers x and y such that 27x + 58y = 1 x = -15 y = 7 there exists two integers x and y such that 27x + 58y = 1 if then 27 and 58 are relatively prime (i.e., gcd(27, 58) = 1)

e.g.6 (Page 7) Illustration of Corollary 2.16 E.g. a = 27 n = 58 if 27 has a multiplicative inverse (with respect to 58) then gcd(27, 58) = 1 if gcd(27, 58) = 1 then 27 has a multiplicative inverse (with respect to 58)

e.g.7 (Page 10) E.g., m = 21 n = 9 21 can be expressed as 9 x 2 + 3 (i.e., nq + r) r is defined to be 21 mod 9 q = 2 r = 3 21 mod 9 is equal to 3 0  r < n

e.g.8 (Page 11) Illustration of “Proof by Contradiction” We are going to prove that a claim C is correct Proof by Contradiction: Suppose “NOT C” …. Derive some results, which may contradict to 1. “NOT C”, OR 2. some facts e.g., we derived that C is true finally e.g., we derived that “1 = 4”

e.g.9 (Page 11) Illustration of “Proof by smallest counter example” Suppose that I want to prove that the above claim is correct by “Proof by Contradiction”. Illustration of “Proof by smallest counter example” We are going to prove the following claim C: statement P(m) is true for each non-negative integer m, namely 0, 1, 2, … P(0) true If we can prove that statement P(m) is true for each non-negative integer separately, then we can prove the above claim C is correct. P(1) true P(2) true P(3) true P(4) true … true

e.g.9 Illustration of “Proof by smallest counter example” Suppose that I want to prove that the above claim is correct by “Proof by Contradiction”. Illustration of “Proof by smallest counter example” We are going to prove the following claim C: statement P(m) is true for each non-negative integer m, namely 0, 1, 2, … P(0) true Suppose “NOT C”. We can assume that there exists a non-negative integer k’ such that P(k’) is false P(1) true P(2) false true P(3) true There may exist another non-negative integer k such that P(k) is false P(4) false true … true

e.g.9 Illustration of “Proof by smallest counter example” Suppose that I want to prove that the above claim is correct by “Proof by Contradiction”. Illustration of “Proof by smallest counter example” We are going to prove the following claim C: statement P(m) is true for each non-negative integer m, namely 0, 1, 2, … P(0) true Suppose “NOT C”. P(1) true We can assume that there exists a smallest non-negative integer k such that P(k) is false P(2) true false P(3) true Why? P(4) false true This is called by “Proof by smallest counter example”. … true

e.g.10 (Page 11) We want to prove the following theorem. Theorem 2.12 (Euclid’s Division Theorem): Let n be a positive integer. For every nonnegative integer m, there exist unique integers q, r such that m = nq + r and 0  r < n

e.g.10 We want to prove the following theorem. Theorem 2.12 (Euclid’s Division Theorem): Let n be a positive integer. For every nonnegative integer m, there exist unique integers q, r such that m = nq + r and 0  r < n Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n Claim 2: This pair q, r is unique.

e.g.10 Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n

Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n e.g.10 P(m) Proof by contradiction. Claim C Suppose that there exists an integer m that P(m) is false Proof by smallest counter example. Suppose that there exists a “smallest” integer m that P(m) is false There do not exist integers q, r such that m = nq + r and 0  r < n Consider two cases. Case 1: m < n Case 2: m  n We can write m = 0 + m = n.0 + m = nq + r where q = 0 and r = m We conclude that there exist integers q, r such that m = nq + r and 0  r < n Contradiction

Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n e.g.10 P(m) Proof by contradiction. Claim C Suppose that there exists an integer m that P(m) is false Proof by smallest counter example. Suppose that there exists a “smallest” integer m that P(m) is false There do not exist integers q, r such that m = nq + r and 0  r < n Consider two cases. Case 2: m  n

Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n e.g.10 P(m) Proof by contradiction. Claim C Suppose that there exists an integer m that P(m) is false Proof by smallest counter example. Suppose that there exists a “smallest” integer m that P(m) is false There do not exist integers q, r such that m = nq + r and 0  r < n Consider two cases. Consider m-n = nq’ + r’ Case 2: m  n m = nq’ + n + r’ We know that m-n  0 = n(q’ + 1) + r’ Thus, m-n is a non-negative integer. = nq + r Since m-n is smaller than m, where q = q’+1 and r = r’ there exist integers q’, r’ such that m-n = nq’ + r’ and 0  r’ < n We conclude that there exist integers q, r such that m = nq + r and 0  r < n Contradiction

Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n e.g.10 P(m) Proof by contradiction. Claim C Suppose that there exists an integer m that P(m) is false Proof by smallest counter example. Suppose that there exists a “smallest” integer m that P(m) is false There do not exist integers q, r such that m = nq + r and 0  r < n Consider two cases. In both cases, there are contradictions. This implies that Claim 1 is correct.

e.g.10 We want to prove the following theorem. Theorem 2.12 (Euclid’s Division Theorem): Let n be a positive integer. For every nonnegative integer m, there exist unique integers q, r such that m = nq + r and 0  r < n Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n Claim 2: This pair q, r is unique.

e.g.10 Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n Claim 2: This pair q, r is unique.

Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n e.g.10 Claim 2: This pair q, r is unique. Proof by contradiction. Suppose that this pair q, r is not unique. There exists a pair (q, r) and another pair (q’, r’) (where (q, r)  (q’, r’)) such that m = nq + r …(*) and 0  r < n and m = nq’ + r’ …(**) and 0  r’ < n What is the greatest possible value? Consider (*) – (**) Consider r’ - r < n - r m - m = (nq+r) – (nq’ + r’)  n - 0 r’ – r < n 0 = nq+r – nq’ - r’ = n 0 = n(q-q’)+(r - r’) What is the smallest possible value? r’ - r = n(q-q’) Consider r’ - r > r’ - n r’ – r > -n n(q-q’)= r’ - r  0 - n -(r’ – r) < n We conclude that |r’ – r| < n = -n

Claim 1: For every nonnegative integer m, there exist integers q, r such that m = nq + r and 0  r < n e.g.10 Claim 2: This pair q, r is unique. Proof by contradiction. Suppose that this pair q, r is not unique. There exists a pair (q, r) and another pair (q’, r’) (where (q, r)  (q’, r’)) such that m = nq + r …(*) and 0  r < n and m = nq’ + r’ …(**) and 0  r’ < n Consider (*) – (**) We conclude that |r’ – r| < n integer |n(q-q’)| < n m - m = (nq+r) – (nq’ + r’) We conclude that q – q’ = 0 0 = nq+r – nq’ - r’ q = q’ 0 = n(q-q’)+(r - r’) Note that n(q-q’)= r’ - r r’ - r = n(q-q’) 0 = r’ – r n(q-q’)= r’ - r r = r’ Contradiction We conclude that q = q’ and r = r’ (i.e., (q, r) = (q’, r’)) We conclude that |r’ – r| < n

e.g.11 (Page 17) Illustration of Lemma 2.13 k = 102 j = 70 Consider two integers 102 and 70. Suppose that we can write 102 as 102 = 70.1 + 32 q = 1 r = 32 According to the lemma, we have gcd(102, 70) = gcd(70, 32)

e.g.12 (Page 17) Prove the following lemma is correct. If j, k, q and r are non-negative integers such that k = jq + r then gcd(j, k) = gcd(r, j)

e.g.12 If j, k, q and r are non-negative integers such that k = jq + r then gcd(j, k) = gcd(r, j) e.g.12 Consider two cases. Case 1: r = 0 Case 2: r > 0 e.g., if 10 = 2q then gcd(2, 10) = 2 Since k = jq + r, we have k = jq Consider gcd(j, k) = j e.g., gcd(0, 7) = 7 Consider gcd(r, j) = gcd(0, j) = j Thus, gcd(j, k) = gcd(r, j)

e.g.12 If j, k, q and r are non-negative integers such that k = jq + r then gcd(j, k) = gcd(r, j) e.g.12 Consider two cases. Case 2: r > 0

e.g.12 If j, k, q and r are non-negative integers such that k = jq + r then gcd(j, k) = gcd(r, j) e.g.12 Consider two cases. Case 2: r > 0 We want to prove the following. Claim 1: If d is a common divisor of j and k, then d is a common divisor of r and j. Claim 2: If d is a common divisor of r and j, then d is a common divisor of j and k.

e.g.12 If j, k, q and r are non-negative integers such that k = jq + r then gcd(j, k) = gcd(r, j) e.g.12 Claim 1: If d is a common divisor of j and k, then d is a common divisor of r and j. Consider two cases. Case 2: r > 0 Let d be a common divisor of j and k d is a divisor of j j can be written as j = i1d where i1 is a non-negative integer d is a divisor of k k can be written as k = i2d where i2 is a non-negative integer Consider k = jq + r r = k – jq =i2d – i1d.q =(i2 – i1q)d We conclude that d is a divisor of r Since d is a divisor of j d is a common divisor of r and j

e.g.12 If j, k, q and r are non-negative integers such that k = jq + r then gcd(j, k) = gcd(r, j) e.g.12 Claim 1: If d is a common divisor of j and k, then d is a common divisor of r and j. Consider two cases. Claim 2: If d is a common divisor of r and j, then d is a common divisor of j and k. Case 2: r > 0 Let d be a common divisor of r and j d is a divisor of r r can be written as r = i3d where i3 is a non-negative integer d is a divisor of j j can be written as j = i1d where i1 is a non-negative integer Consider k = jq + r = i1d.q + i3d = (i1q + i3)d We conclude that d is a divisor of k Since d is a divisor of j d is a common divisor of j and k

e.g.12 If j, k, q and r are non-negative integers such that k = jq + r then gcd(j, k) = gcd(r, j) e.g.12 Claim 1: If d is a common divisor of j and k, then d is a common divisor of r and j. Consider two cases. Claim 2: If d is a common divisor of r and j, then d is a common divisor of j and k. Case 2: r > 0 From Claim 1 and Claim 2, we conclude that d is a common divisor of j and k if and only if d is a common divisor of r and j. d is not a common divisor of j and k if and only if d is not a common divisor of r and j. A set of common divisors of j and k 5 7 11 5 7 11 A set of common divisors of r and j 2 … 3 2 … 3 A set of non-common divisors of r and j A set of non-common divisors of j and k We conclude that gcd(j, k) = gcd(r, j)

e.g.13 (Page 17) How to use Lemma 2.13 for Euclid’s GCD algorithm Suppose that we want to find gcd(102, 70) k = 102 J = 70 We can use Lemma 2.13 to compute gcd(102, 70) Consider two integers 102 and 70. Suppose that we can write 102 as 102 = 70.1 + 32 q = 1 r = 32 This corresponds to r. r decreases and finally its value becomes 0. According to the lemma, we have gcd(102, 70) = gcd(70, 32) Note that 70 = 32.2 + 6 gcd(70, 32) = gcd(32, 6) Note that 32 = 6.5 + 2 gcd(32, 6) = gcd(6, 2) Note that 6 = 2.3 + 0 gcd(6, 2) = gcd(2, 0) Thus, gcd(102, 70) = gcd(2, 0) = 2

e.g.13 Suppose that we want to find gcd(102, 70) k = j.q + r k j q r 102 = 70.1 + 32 102 70 1 32 70 = 32.2 + 6 70 32 2 6 32 = 6.5 + 2 32 6 5 2 6 2 3 6 = 2.3 + 0 gcd(102, 70) = gcd(2, 0) = 2

e.g.14 (Page 24) Definition of Multiplicative Inverse Given a positive integer n, we define Zn = {0, 1, 2, …, n-1} Given a value a  Zn, a is said to have a multiplicative inverse a’ in Zn if a’ .n a = 1

e.g.14 E.g., n = 9 Z9 = {0, 1, 2, …, 8} Does 2 have a multiplicative inverse in Z9? We may try all possible values in Z9 0 .9 2 = 0 0 is not a multiplicative inverse of 2 in Z9 1 .9 2 = 2 1 is not a multiplicative inverse of 2 in Z9 2 .9 2 = 4 2 is not a multiplicative inverse of 2 in Z9 3 .9 2 = 6 3 is not a multiplicative inverse of 2 in Z9 4 .9 2 = 8 4 is not a multiplicative inverse of 2 in Z9 5 .9 2 = 1 5 is a multiplicative inverse of 2 in Z9 6 .9 2 = 3 6 is not a multiplicative inverse of 2 in Z9 7 .9 2 = 5 7 is not a multiplicative inverse of 2 in Z9 8 .9 2 = 7 8 is not a multiplicative inverse of 2 in Z9 Yes 2 has a multiplicative inverse 5 in Z9.

e.g.14 E.g., n = 9 Z9 = {0, 1, 2, …, 8} Does 3 have a multiplicative inverse in Z9? We may try all possible values in Z9 0 .9 3 = 0 0 is not a multiplicative inverse of 3 in Z9 1 .9 3 = 3 1 is not a multiplicative inverse of 3 in Z9 2 .9 3 = 6 2 is not a multiplicative inverse of 3 in Z9 3 .9 3 = 0 3 is not a multiplicative inverse of 3 in Z9 4 .9 3 = 3 4 is not a multiplicative inverse of 3 in Z9 5 .9 3 = 6 5 is not a multiplicative inverse of 3 in Z9 6 .9 3 = 0 6 is not a multiplicative inverse of 3 in Z9 7 .9 3 = 3 7 is not a multiplicative inverse of 3 in Z9 8 .9 3 = 6 8 is not a multiplicative inverse of 3 in Z9 No 3 does not have a multiplicative inverse in Z9.

e.g.15 (Page 25) Illustration of Lemma 2.5 Suppose that we want to find a value x in Z9 such that 2 .9 x = 3 ……………(*) If 2 has a multiplicative inverse 5 in Z9 Why is it correct? then x = 5 .9 3 and this solution is unique. 2 .9 x = 3 Why is this solution unique? 5 .9 (2 .9 x) = 5 .9 3 The computation/derivation in the right-hand-side box is valid for any x that satisfies equation (*). (5 .9 2) .9 x = 5 .9 3 1 .9 x = 5 .9 3 Thus, we conclude that only x that satisfies the equation (*) is 5 .9 3 x = 5 .9 3

e.g.16 (Page 26) Illustration of Theorem 2.7 If 2 has a multiplicative inverse 5 in Z9 then the inverse 5 is unique. Why is it correct? According to Lemma 2.5 Consider 2 .9 x = b ……(*) If 2 has a multiplicative inverse 5 in Z9 then x = 5 .9 b and this solution is unique. If we set b = 1, the equation (*) becomes 2 .9 x = 1 According to the inverse definition, x is an inverse of 2 According to Lemma 2.5, we have x = 5 .9 1 and this solution is unique.

e.g.17 (Page 27) Please find each non-zero value a  Z5 such that a has a multiplicative inverse a’ in Z5. (i.e., a .5 a’ = 1) For each non-zero a  Z5 and each non-zero b  Z5, we compute a .5 b if the above answer = 1 then we know that a has a multiplicative inverse b in Z5 or b has a multiplicative inverse a in Z5

For each non-zero a  Z5 and each non-zero b  Z5, we compute a .5 b e.g.17 if the above answer = 1 then we know that a has a multiplicative inverse b in Z5 or b has a multiplicative inverse a in Z5 Z5 = {0, 1, 2, 3, 4} a = 1 and b = 1 a = 1 and b = 2 a = 1 and b = 3 a = 1 and b = 4 1 .5 1 = 1 1 .5 2 = 2 1 .5 3 = 3 1 .5 4 = 4 a = 2 and b = 1 a = 2 and b = 2 a = 2 and b = 3 a = 2 and b = 4 2 .5 1 = 2 2 .5 2 = 4 2 .5 3 = 1 2 .5 4 = 3 a = 3 and b = 1 3 .5 1 = 3 a = 3 and b = 2 3 .5 2 = 1 a = 3 and b = 3 3 .5 3 = 4 a = 3 and b = 4 3 .5 4 = 2 a = 4 and b = 1 4 .5 1 = 4 a = 4 and b = 2 4 .5 2 = 3 a = 4 and b = 3 4 .5 3 = 2 a = 4 and b = 4 4 .5 4 = 1

For each non-zero a  Z5 and each non-zero b  Z5, we compute a .5 b e.g.17 a 1 2 3 4 Inverse if the above answer = 1 then we know that a has a multiplicative inverse b in Z5 or b has a multiplicative inverse a in Z5 1 3 2 4 Z5 = {0, 1, 2, 3, 4} 1 has a multiplicative inverse 1 in Z5 a = 1 and b = 1 a = 1 and b = 2 a = 1 and b = 3 a = 1 and b = 4 2 has a multiplicative inverse 3 in Z5 3 has a multiplicative inverse 2 in Z5 1 .5 1 = 1 1 .5 2 = 2 1 .5 3 = 3 1 .5 4 = 4 a = 2 and b = 1 a = 2 and b = 2 a = 2 and b = 3 a = 2 and b = 4 2 .5 1 = 2 2 .5 2 = 4 2 .5 3 = 1 2 .5 4 = 3 3 has a multiplicative inverse 2 in Z5 2 has a multiplicative inverse 3 in Z5 a = 3 and b = 1 3 .5 1 = 3 a = 3 and b = 2 3 .5 2 = 1 a = 3 and b = 3 3 .5 3 = 4 a = 3 and b = 4 3 .5 4 = 2 4 has a multiplicative inverse 4 in Z5 a = 4 and b = 1 4 .5 1 = 4 a = 4 and b = 2 4 .5 2 = 3 a = 4 and b = 3 4 .5 3 = 2 a = 4 and b = 4 4 .5 4 = 1

e.g.18 (Page 27) Please find each non-zero value a  Z6 such that a has a multiplicative inverse a’ in Z6. (i.e., a .6 a’ = 1) For each non-zero a  Z6 and each non-zero b  Z6, we compute a .6 b if the above answer = 1 then we know that a has a multiplicative inverse b in Z6 or b has a multiplicative inverse a in Z6

For each non-zero a  Z6 and each non-zero b  Z6, we compute a .6 b e.g.18 if the above answer = 1 then we know that a has a multiplicative inverse b in Z6 or b has a multiplicative inverse a in Z6 Z6 = {0, 1, 2, 3, 4, 5} a = 1 and b = 1 1 .6 1 = 1 a = 1 and b = 2 1 .6 2 = 2 a = 1 and b = 3 1 .6 3 = 3 a = 1 and b = 4 1 .6 4 = 4 a = 1 and b = 5 1 .6 5 = 5 a = 2 and b = 1 2 .6 1 = 2 a = 2 and b = 2 2 .6 2 = 4 a = 2 and b = 3 2 .6 3 = 0 a = 2 and b = 4 2 .6 4 = 2 a = 2 and b = 5 2 .6 5 = 4 a = 3 and b = 1 3 .6 1 = 3 a = 3 and b = 2 3 .6 2 = 0 a = 3 and b = 3 3 .6 3 = 3 a = 3 and b = 4 3 .6 4 = 0 a = 3 and b = 5 3 .6 5 = 3 a = 4 and b = 1 4 .6 1 = 4 a = 4 and b = 2 4 .6 2 = 2 a = 4 and b = 3 4 .6 3 = 0 a = 4 and b = 4 4 .6 4 = 4 a = 4 and b = 5 4 .6 5 = 2 a = 5 and b = 1 5 .6 1 = 5 a = 5 and b = 2 5 .6 2 = 4 a = 5 and b = 3 5 .6 3 = 3 a = 5 and b = 4 5 .6 4 = 2 a = 5 and b = 5 5 .6 5 = 1

For each non-zero a  Z6 and each non-zero b  Z6, we compute a .6 b e.g.18 a 1 2 3 4 5 Inverse if the above answer = 1 then we know that a has a multiplicative inverse b in Z6 or b has a multiplicative inverse a in Z6 1 X X X 5 Z6 = {0, 1, 2, 3, 4, 5} a = 1 and b = 1 1 .6 1 = 1 a = 1 and b = 2 1 .6 2 = 2 a = 1 and b = 3 1 .6 3 = 3 a = 1 and b = 4 1 .6 4 = 4 a = 1 and b = 5 1 .6 5 = 5 1 has a multiplicative inverse 1 in Z6 a = 2 and b = 1 2 .6 1 = 2 a = 2 and b = 2 2 .6 2 = 4 a = 2 and b = 3 2 .6 3 = 0 a = 2 and b = 4 2 .6 4 = 2 a = 2 and b = 5 2 .6 5 = 4 a = 3 and b = 1 3 .6 1 = 3 a = 3 and b = 2 3 .6 2 = 0 a = 3 and b = 3 3 .6 3 = 3 a = 3 and b = 4 3 .6 4 = 0 a = 3 and b = 5 3 .6 5 = 3 a = 4 and b = 1 4 .6 1 = 4 a = 4 and b = 2 4 .6 2 = 2 a = 4 and b = 3 4 .6 3 = 0 a = 4 and b = 4 4 .6 4 = 4 a = 4 and b = 5 4 .6 5 = 2 5 has a multiplicative inverse 5 in Z6 a = 5 and b = 1 5 .6 1 = 5 a = 5 and b = 2 5 .6 2 = 4 a = 5 and b = 3 5 .6 3 = 3 a = 5 and b = 4 5 .6 4 = 2 a = 5 and b = 5 5 .6 5 = 1

e.g.18 a 1 2 3 4 Multiplicative inverse Z5: a 1 2 3 4 5 X Z6: a 1 2 3 4 5 6 Multiplicative inverse Z7: a 1 2 3 4 5 6 7 Multiplicative inverse X Z8: a 1 2 3 4 5 6 7 8 Multiplicative inverse X Z9:

e.g.19 (Page 30) Illustration of Corollary 2.6 Lemma 2.5 Consider equation 2 .6 x = b If 2 has a multiplicative inverse x’ in Z6 equation “2 .6 x = b” has a solution x = x’ .6 b e.g.19 (Page 30) The equation “2x mod 6 = 3” does not have a solution Illustration of Corollary 2.6 If there is a b  Z6 (e.g., 3) such that 2 .6 x = b ………… (*) does not have a solution, then 2 does not have a multiplicative inverse in Z6 2x is equal to an even number. 2x mod 6 is also equal to an even number. Why is it correct? Proof by contradiction Suppose that 2 has a multiplicative inverse x’ in Z6 By Lemma 2.5, we know that equation “2 .6 x = b” has a solution x = x’ .6 b This leads to a contradiction that equation “2 .6 x = b” does not have a solution.

e.g.19 Illustration of Corollary 2.6 a 1 2 3 4 5 In some of our previous slides, we derive that 2 does not have a multiplicative inverse in Z6 by checking the table. Z6 e.g.19 a 1 2 3 4 5 Inverse 1 5 X The equation “2x mod 6 = 3” does not have a solution Illustration of Corollary 2.6 If there is a b  Z6 (e.g., 3) such that 2 .6 x = b ………… (*) does not have a solution, then 2 does not have a multiplicative inverse in Z6 2x is equal to an even number. 2x mod 6 is also equal to an even number. How will we use this corollary? Consider that the exam question asks you whether 2 has a multiplicative inverse in Z6. Suppose that we find that the equation “2x mod 6 = 3” does not have a solution (i.e., 2 .6 x = 3 does not have a solution) According to this corollary, we conclude that 2 does not have a multiplicative inverse in Z6.

e.g.20 (Page 36) Illustration of Lemma 2.8 The modular equation 2 .7 x = 1 has a solution in Z7 if and only if there exist integers x, y such that 2x + 7y = 1 Only if Suppose that we know the modular equation 2 .7 x = 1 has a solution x = 4 We know that there exist integers x, y such that 2x + 7y = 1 (In this case, x = -3 and y = 1) If Suppose that we know that there exist integers x, y such that 2x + 7y = 1 (In this case, x = -3 and y = 1) We know the modular equation 2 .7 x = 1 has a solution x = 4

e.g.20 Illustration of Lemma 2.8 The modular equation 2 .7 x = 1 has a solution in Z7 if and only if there exist integers x, y such that 2x + 7y = 1 Why is it correct? Only if The modular equation 2 .7 x = 1 has a solution x in Z7 We can write as 2x mod 7 = 1 We can re-write as 2x = 7q + 1 where q is an integer 2x – 7q = 1 2x + 7(-q) = 1 Thus, there exist integers x, y such that 2x + 7y = 1 where y = -q

e.g.20 Illustration of Lemma 2.8 The modular equation 2 .7 x = 1 has a solution in Z7 if and only if there exist integers x, y such that 2x + 7y = 1 Why is it correct? if There exist integers x, y such that 2x + 7y = 1 2x = -7y + 1 2x = (-y)7 + 1 We can re-write 2x mod 7 = 1 We can re-write 2 .7 x = 1 Thus, the modular equation 2 .7 x = 1 has a solution in Z7

e.g.21 (Page 37) Illustration of Lemma 2.8/Theorem 2.9 Lemma 2.8 The modular equation 2 .7 x = 1 has a solution in Z7 if and only if there exist integers x, y such that 2x + 7y = 1 The above lemma can be restated as follows. Theorem 2.9 2 has a multiplicative inverse in Z7 if and only if there exist integers x, y such that 2x + 7y = 1

e.g.21 Theorem 2.9 2 has a multiplicative inverse in Z7 if and only if there exist integers x, y such that 2x + 7y = 1

e.g.21 Theorem 2.9 2 has a multiplicative inverse in Z7 if and only if there exist integers x, y such that 2x + 7y = 1 e.g.21 This theorem can help us find the inverse. Corollary 2.10 If there exist integers x, y such that 2x + 7y = 1, then the multiplicative inverse of 2 in Z7 is x mod 7 Why is it correct? We want to show that 2 .7 x = 1 If this is true, then the multiplicative inverse of 2 in Z7 is x mod 7. Consider 2 .7 x = 2 . x mod 7 = (2 . x + 7y) mod 7 = (2x + 7y) mod 7 = 1 mod 7 = 1

e.g.22 (Page 40) Illustration of Lemma 2.11 Lemma 2.11 If there exist integers x, y such that 2x + 7y = 1, then gcd(2, 7) = 1 (i.e., 2 and 7 are relatively prime.) Why is it correct? Let k be a common divisor of 2 and 7 2 can be written as 2 = sk where s is an integer 7 can be written as 7 = qk where q is an integer Consider 2x + 7y = 1 The only common divisors of 2 and 7 are 1 and -1 sk.x + qk.y = 1 k(sx + qy) = 1 Thus, gcd(2, 7) = 1 k is an integer and the RHS is equal to 1 k must be equal to 1 or -1

e.g.23 (Page 44) Suppose that we want to find gcd(102, 70) k = j.q + r 102 = 70.1 + 32 102 70 1 32 2 6 5 3 70 = 32.2 + 6 32 = 6.5 + 2 6 = 2.3 + 0 gcd(102, 70) = gcd(2, 0) = 2

e.g.23 Suppose that we want to find gcd(102, 70) Suppose that we want to find two integers x, y such that 70x + 102y = gcd(102, 70) i k[i] = j[i].q[i] + r[i] k = j.q + r k[i] k j q r j[i] q[i] r[i] y[i] x[i] 102 = 70.1 + 32 102 70 1 32 2 6 5 3 1 70 = 32.2 + 6 2 32 = 6.5 + 2 1 3 6 = 2.3 + 0 gcd(102, 70) = gcd(2, 0) = 2

e.g.23 Suppose that we want to find gcd(102, 70) Suppose that we want to find two integers x, y such that 70x + 102y = gcd(102, 70) i k[i] = j[i].q[i] + r[i] k = j.q + r k[i] k j q r j[i] q[i] r[i] y[i] x[i] 102 = 70.1 + 32 102 70 1 32 2 6 5 3 1 70 = 32.2 + 6 2 32 = 6.5 + 2 1 -5 0 – 5.1 1 3 6 = 2.3 + 0 gcd(102, 70) = gcd(2, 0) = 2

e.g.23 Suppose that we want to find gcd(102, 70) Suppose that we want to find two integers x, y such that 70x + 102y = gcd(102, 70) i k[i] = j[i].q[i] + r[i] k = j.q + r k[i] k j q r j[i] q[i] r[i] y[i] x[i] 102 = 70.1 + 32 102 70 1 32 2 6 5 3 1 70 = 32.2 + 6 -5 11 1 – 2.(-5) 2 32 = 6.5 + 2 1 -5 1 3 6 = 2.3 + 0 gcd(102, 70) = gcd(2, 0) = 2

e.g.23 Suppose that we want to find gcd(102, 70) Suppose that we want to find two integers x, y such that 70x + 102y = gcd(102, 70) i k[i] = j[i].q[i] + r[i] k = j.q + r k[i] k j q r j[i] q[i] r[i] y[i] x[i] -5 – 1.(11) 102 = 70.1 + 32 102 70 1 32 2 6 5 3 11 -16 1 70 = 32.2 + 6 -5 11 2 32 = 6.5 + 2 1 -5 1 3 6 = 2.3 + 0 gcd(102, 70) = gcd(2, 0) = 2

e.g.23 This algorithm is called Euclid’s extended GCD algorithm. y = 11 Note that 70 (a smaller value) is multiplied by x (not y). Let us verify it! 70 (-16) + 102 (11) = 2 Suppose that we want to find gcd(102, 70) = gcd(102, 70) Suppose that we want to find two integers x, y such that 70x + 102y = gcd(102, 70) i k[i] = j[i].q[i] + r[i] k = j.q + r k[i] k j q r j[i] q[i] r[i] y[i] x[i] 102 = 70.1 + 32 102 70 1 32 2 6 5 3 11 -16 1 70 = 32.2 + 6 -5 11 2 32 = 6.5 + 2 1 -5 1 3 6 = 2.3 + 0 gcd(102, 70) = gcd(2, 0) = 2

e.g.24 (Page 48) Illustration of Theorem 2.14 Theorem 2.14 Given two integers 102, 70, Euclid’s extended GCD algorithm computes (1) gcd (102, 70), and (2) two integers x, y such that 70x + 102y = gcd(102, 70) We have already proved it. How about this? Why is it correct?

e.g.24 We want to show that there exist two integers x’ and y’ such that gcd(2, 6) = 2x’ + 6y’ e.g.24 i k[i] = j[i].q[i] + r[i] k = j.q + r k[i] k j q r j[i] q[i] r[i] y[i] x[i] gcd(70, 102) = 70x + 102y 102 = 70.1 + 32 102 70 1 32 2 6 5 3 11 -16 gcd(32, 70) = 32x + 70y 1 70 = 32.2 + 6 -5 11 gcd(6, 32) = 6x + 32y 2 32 = 6.5 + 2 1 -5 gcd(2, 6) = 2x + 6y 1 3 6 = 2.3 + 0 Why is it correct? gcd(102, 70) = gcd(2, 0) = 2

e.g.24 We want to show that there exist two integers x’ and y’ such that gcd(2, 6) = 2x’ + 6y’ e.g.24 Note that, by Euclid’s Division Theorem, we can write 6 = 2.3 + r where r is equal to 0 gcd(2, 6) = 2 We can re-write the above expression as follows. gcd(2, 6) = 2.1 + 6.0 = 2x’ + 6y’ where x’ = 1 and y’ = 0 This is reason why we need to set x’ = 1 and y’ = 0 in the Extended GCD Algorithm

e.g.24 We want to show that there exist two integers x and y such that gcd(6, 32) = 6x + 32y e.g.24 i k[i] = j[i].q[i] + r[i] k = j.q + r k[i] k j q r j[i] q[i] r[i] y[i] x[i] gcd(70, 102) = 70x + 102y 102 = 70.1 + 32 102 70 1 32 2 6 5 3 11 -16 Why is it correct? gcd(32, 70) = 32x + 70y 1 70 = 32.2 + 6 -5 11 This is correct. gcd(6, 32) = 6x + 32y 2 32 = 6.5 + 2 1 -5 gcd(2, 6) = 2x’ + 6y’ gcd(2, 6) = 2x + 6y 1 3 6 = 2.3 + 0 gcd(102, 70) = gcd(2, 0) = 2

e.g.24 We want to show that there exist two integers x and y such that gcd(6, 32) = 6x + 32y e.g.24 gcd(6, 32) = 6x + 32y 2 32 = 6.5 + 2 gcd(2, 6) = 2x’ + 6y’ 2x + 6y = gcd(2, 6) 3 6 = 2.3 + 0

e.g.24 We want to show that there exist two integers x and y such that gcd(6, 32) = 6x + 32y e.g.24 x = y’ – 5x’ and y = x’ According to x’, y’ and 5, we can find the exact values of x and y. Consider gcd(6, 32) = gcd(2, 6) = 2x’ + 6y’ = (32 – 6.5) x’ + 6y’ = 32x’ – 6.5.x’ + 6y’ This is the step we used in the Extended GCD algorithm. = 6y’ – 6.5.x’ + 32x’ = 6(y’ – 5.x’) + 32x’ = 6x + 32y where x = y’ – 5x’ and y = x’ Next, we want to prove this is also correct. 2 32 = 6.5 + 2 gcd(6, 32) = 6x + 32y 3 6 = 2.3 + 0 gcd(2, 6) = 2x’ + 6y’ We have already proved that this is correct. Note that gcd(6, 32) = gcd(2, 6)

e.g.24 We want to show that there exist two integers x and y such that gcd(6, 32) = 6x + 32y e.g.24 x = y’ – 5x’ and y = x’ According to x’, y’ and 5, we can find the exact values of x and y. 2 32 = 6.5 + 2 gcd(6, 32) = 6x + 32y 3 6 = 2.3 + 0 gcd(2, 6) = 2x’ + 6y’

We want to show that there exist two integers x and y such that gcd(6, 32) = 6x + 32y x = y’ – 5x’ and y = x’ According to x’, y’ and 5, we can find the exact values of x and y. 2 32 = 6.5 + 2 gcd(6, 32) = 6x + 32y 3 6 = 2.3 + 0 gcd(2, 6) = 2x’ + 6y’

We want to show that there exist two integers x and y such that gcd(6, 32) = 6x + 32y x = y’ – 5x’ and y = x’ According to x’, y’ and 5, we can find the exact values of x and y. 2 32 = 6.5 + 2 gcd(6, 32) = 6x + 32y 3 6 = 2.3 + 0 gcd(2, 6) = 2x’ + 6y’ i k[i] = j[i].q[i] + r[i] k = j.q + r k[i] k j q r j[i] q[i] r[i] y[i] x[i] 102 = 70.1 + 32 102 70 1 32 2 6 5 3 1 70 = 32.2 + 6 y = x’ 2 32 = 6.5 + 2 1 -5 0 – 5.1 y x x = y’ – 5x’ 1 3 6 = 2.3 + 0 y’ x’

e.g.25 (Page 48) Illustration of Theorem 2.15 Theorem 2.14 Given two integers 27, 58, Euclid’s extended GCD algorithm computes (1) gcd (27, 58), and (2) two integers x, y such that 27x + 58y = gcd(27, 58) e.g.25 (Page 48) Illustration of Theorem 2.15 Theorem 2.15 Two positive integers 27, 58 have gcd(27, 58) = 1 (and thus they are relatively prime) if and only if there are integers x, y such that 27x + 58y =1 Why is it correct? Only if We know that two positive integers 27, 58 have gcd(27, 58) = 1 (and thus they are relatively prime) By Theorem 2.14, we know that there are integers x, y such that 27x + 58y = 1

e.g.25 Illustration of Theorem 2.15 Lemma 2.11 If there exist integers x, y such that 27x + 58y = 1, then gcd(27, 58) = 1 (i.e., 27 and 58 are relatively prime.) Illustration of Theorem 2.15 Theorem 2.15 Two positive integers 27, 58 have gcd(27, 58) = 1 (and thus they are relatively prime) if and only if there are integers x, y such that 27x + 58y =1 Why is it correct? If We know that there are integers x, y such that 27x + 58y = 1 By Lemma 2.11, we know that gcd(27, 58) = 1

e.g.26 (Page 49) Corollary 2.16 Consider a positive integer 7. 2 has a multiplicative inverse in Z7 iff gcd(2, 7) = 1. Why is it correct? Lemma 2.8 The modular equation 2 .7 x = 1 has a solution in Z7 if and only if there exist integers x, y such that 2x + 7y = 1 Theorem 2.15 Two positive integers 2, 7 have gcd(2, 7) = 1 (and thus they are relatively prime) if and only if there are integers x, y such that 2x + 7y =1

e.g.26 Corollary 2.16 Consider a positive integer 7. 2 has a multiplicative inverse in Z7 iff gcd(2, 7) = 1. Why is it correct? Lemma 2.8 The modular equation 2 .7 x = 1 has a solution in Z7 if and only if there exist integers x, y such that 2x + 7y = 1 2 has a multiplicative inverse in Z7 Theorem 2.15 Two positive integers 2, 7 have gcd(2, 7) = 1 (and thus they are relatively prime) if and only if there are integers x, y such that 2x + 7y =1 gcd(2, 7) = 1

Multiplicative inverse 1 2 3 4 Multiplicative inverse e.g.26 Since gcd(3, 5) = 1, 3 has the multiplicative inverse in Z5 Z5:

e.g.26 a 1 2 3 4 Multiplicative inverse Z5: a 1 2 3 4 5 X Since gcd(3, 6) = 2  1, 3 has no multiplicative inverse in Z6 Z6:

e.g.26 a 1 2 3 4 Multiplicative inverse Z5: a 1 2 3 4 5 X Z6: a 1 2 3 4 5 6 Multiplicative inverse Z7: a 1 2 3 4 5 6 7 Multiplicative inverse X Z8: a 1 2 3 4 5 6 7 8 Multiplicative inverse X Z9:

e.g.27 (Page 49) Corollary 2.17 Note that 7 is a prime number. Every nonzero a  Z7 has a multiplicative inverse. Why is it correct? Since 7 is a prime number, gcd(a, 7) = 1 We know the following corollary. Corollary 2.16 Consider a positive integer 7. a has a multiplicative inverse in Z7 iff gcd(a, 7) = 1. By the above corollary, we conclude that a has a multiplicative inverse.

e.g.27 a 1 2 3 4 Multiplicative inverse Since 5 is a prime number, every non-zero a  Z5 has a multiplicative inverse. Z5: a 1 2 3 4 5 Multiplicative inverse X Z6: a 1 2 3 4 5 6 Multiplicative inverse Since 5 is a prime number, every non-zero a  Z5 has a multiplicative inverse. Z7: a 1 2 3 4 5 6 7 Multiplicative inverse X Z8: a 1 2 3 4 5 6 7 8 Multiplicative inverse X Z9:

e.g.27 (Page 52) Illustration of Corollary 2.18 If there exist integers x, y such that 2x + 7y = 1, then the multiplicative inverse of 2 in Z7 is x mod 7 Illustration of Corollary 2.18 Corollary 2.18 If 2 has a multiplicative inverse in Z7, we can compute it by running Euclid’s extended GCD algorithm to determine integers x, y so that 2x + 7y = 1 The inverse of 2 in Z7 is equal to x mod 7 Why is it correct?

x = -3 y = 1 The algorithm finds 2x +7y = 1 (i.e., 2(-3) + 7(1) = 1) e.g.28 (Page 52) The multiplicative inverse of 2 in Z7 is -3 mod 7 = 4 We want to find the multiplicative inverse of 2 in Z7 Consider two integers 2 and 7 k = j.q + r i k[i] = j[i].q[i] + r[i] k j q r k[i] j[i] q[i] r[i] y[i] x[i] 0-3.1 7 = 2.3 + 1 7 2 3 1 1 -3 1 2 = 1.2 + 0 2 1 2 1 gcd(2, 7) = gcd(1, 0) = 1 This implies that there exists a multiplicative inverse of 2 in Z7