CSE 311 Lecture 14: Euclidean Algorithm and Modular Equations

$\newcommand{\T}{\mathsf{T}} \newcommand{\F}{\mathsf{F}}$

$\newcommand{rule}[2]{\begin{array}{c}#1\\ \hline \therefore #2\end{array}}$ $\newcommand{ruletemplate}[2]{\begin{array}{c}#1\\ \hline #2\end{array}}$ $\newcommand{hilite}[2]{\color{#1}{#2}}$ $\newcommand{arbitrary}[1]{\color{SteelBlue}{#1}}$ $\newcommand{specific}[1]{\color{MediumSeaGreen}{#1}}$ $\newcommand{qed}{\square}$

$\newcommand{\Z}{\mathbb{Z}}$ $\newcommand{\N}{\mathbb{N}}$ $\newcommand{\R}{\mathbb{R}}$ $\newcommand{\Q}{\mathbb{Q}}$ $\newcommand{\mod}[2]{#1\ \text{mod}\ #2}$ $\renewcommand{\div}[2]{#1\ \text{div}\ #2}$ $\newcommand{\congruent}[3]{#1\equiv #2\,(\text{mod}\,#3)}$ $\newcommand{\gcd}[2]{\text{GCD}(#1, #2)}$ $\newcommand{ra}[1]{\color{SteelBlue}{#1}}$ $\newcommand{rb}[1]{\color{MediumSeaGreen}{#1}}$

Topics

Primes and GCD: A quick review of Lecture 13.
Extended Euclidean algorithm: Bézout’s theorem and the extended Euclidean algorithm.
Modular equations: Solving modular equations with the extended Euclidean algorithm.

Primes and GCD

A quick review of Lecture 13.

Primes and composites: definitions and theorems

Prime number: An integer $p > 1$ is called prime if its only positive factors are $1$ and $p$.

Composite number: An integer $c > 1$ is called composite if it is not prime.

Fundamental theorem of arithmetic: Every positive integer greater than 1 has a unique prime factorization.

Euclid’s theorem: There are infinitely many primes.

Greatest common divisor (GCD): definition

Greatest common divisor (GCD): The greatest common divisor of integers $a$ and $b$, written as $\gcd{a}{b}$, is the largest integer $d$ such that $d\vert a$ and $d\vert b$.

We can compute GCDs efficiently using the Euclidean algorithm. Invented in 300 BC!

Euclidean algorithm: review

Euclidean algorithm is based on two useful facts:: $\gcd{a}{0} = a$ for all positive integers $a$.; $\gcd{a}{b} = \gcd{b}{\mod{a}{b}}$ for all positive integers $a$ and $b$.

Example implementation:

// Assumes a >= b >= 0.
public static int gcd(int a, int b) {
  if (b == 0)
    return a;             // GCD(a, 0) = a
  else  
    return gcd(b, a % b); // GCD(a, b) = GCD(b, a mod b)
}

$\gcd{660}{126}$: $= \gcd{126}{\mod{660}{126}} = \gcd{126}{30}$; $= \gcd{30}{\mod{126}{30}} = \gcd{30}{6}$; $= \gcd{6}{\mod{30}{6}} = \gcd{6}{0}$; $= 6$

In tableau form:

660 =	5 *	126 +	30
126 =	4 *	30 +	6
30 =	5 *	6 +	0

Extended Euclidean algorithm

Bézout’s theorem and the extended Euclidean algorithm.

Bézout’s theorem about GCDs

Bézout’s theorem: If $a$ and $b$ are positive integers, then there exist integers $s$ and $t$ such that $\gcd{a}{b} = sa + tb$.

We can extend Euclidean algorithm to find $s$ and $t$ in addition to computing $\gcd{a}{b}$.

Extended Euclidean algorithm

Compute GCD and keep the tableau.

$\gcd{35}{27} = 35s + 27t$.

$\gcd{a}{b}$		$\gcd{b}{\mod{a}{b}}$		$r=\mod{a}{b}$
$\gcd{35}{27}$	$=$	$\gcd{27}{\mod{35}{27}}$	$=$	$\gcd{27}{8}$
	$=$	$\gcd{8}{\mod{27}{8}}$	$=$	$\gcd{8}{3}$
	$=$	$\gcd{3}{\mod{8}{3}}$	$=$	$\gcd{3}{2}$
	$=$	$\gcd{2}{\mod{3}{2}}$	$=$	$\gcd{2}{1}$
	$=$	$\gcd{1}{\mod{2}{1}}$	$=$	$\gcd{1}{0}$

Extended Euclidean algorithm

Compute GCD and keep the tableau.
Solve the equations for $r$ in the tableau.

$\gcd{35}{27} = 35s + 27t$.

Extended Euclidean algorithm

Compute GCD and keep the tableau.
Solve the equations for $r$ in the tableau.
Back substitute the equations for $r$.

$\gcd{35}{27} = 35s + 27t$.

$r_i = r_{i-2} - q_i*r_{i-1}$

$r_0 = a = 35$

$r_1 = b = 27$

$r_2 = r_0 - q_2*r_1 = 8$

$r_3 = r_1 - q_3*r_2 = 3$

$r_4 = r_2 - q_4*r_3 = 2$

$r_5 = r_3 - q_5*r_4 = 1$

$1\ $	$ = \ra{3} - 1 * \rb{2}$	$r_5 = \ra{r_3} - q_5 * \rb{r_4}$.
	$ = 3 - 1 * (\ra{8} - 2 * \rb{3})$	Plug in $r_4 = \ra{r_2} - q_4 * \rb{r_3}$.
	$ = (-1) * \ra{8} + 3*\rb{3}$	Combine $\ra{r_2}, \rb{r_3}$ terms.
	$ = (-1) * 8 + 3(\ra{27} - 3\rb{8})$	Plug in $r_3 = \ra{r_1} - q_3 * \rb{r_2}$.
	$ = 3 * \ra{27} + (-10) * \rb{8}$	Combine $\ra{r_1}, \rb{r_2}$ terms.
	$ = 3 * 27 + (-10) * (\ra{35} - 1*\rb{27})$	Plug in $r_2 = \ra{r_0} - q_2 * \rb{r_1}$.
	$ = (-10) * \ra{35} + 13 * \rb{27}$	Combine $\ra{r_0}, \rb{r_1}$ terms.

Multiplicative inverse $\mod{}{m}$

Suppose $\gcd{a}{m} = 1$.

By Bézout’s theorem, there exist integers $s$ and $t$ such that $sa + tm = 1$.

$\mod{s}{m}$ is the multiplicative inverse of $a$ modulo $m$: $\congruent{(\mod{s}{m})a}{1}{m}$: To see why, note that $\congruent{sa}{1}{m}$ and $\congruent{s}{\mod{s}{m}}{m}$, so by the multiplication property, $\congruent{(\mod{s}{m})a}{sa}{m}$, and by transitivity of congruence modulo $m$, we have that $\congruent{(\mod{s}{m})a}{1}{m}$.

So, we can compute multiplicative inverses with the extended Euclidean algorithm. These inverses let us solve modular equations.

Modular equations

Solving modular equations with the extended Euclidean algorithm.

Using multiplicative inverses to solve modular equations

Solve: $\congruent{7x}{1}{26}$

① Compute GCD and keep the tableau.

$\begin{align} \gcd{26}{7} &= \gcd{7}{5} = \gcd{5}{2} \\ &= \gcd{2}{1} = \gcd{1}{0} \\ &= 1 \end{align}$

② Solve the equations for $r$ in the tableau.

③ Back substitute the equations for $r$.

$\begin{align} 1 &= 5 - 2 * (7 - 1*5) \\ &= (-2) * 7 + 3 * 5 \\ &= (-2) * 7 + 3 * (26 - 3 * 7) \\ &= 3*26 + (-11) * 7 \\ \end{align}$

④ Solve for $x$.

Multiplicative inverse of 7 mod 26
- $\mod{(-11)}{26}=15$
So, $x=26k + 15$ for $k\in\Z$.

Solving a more general equation

Solve: $\congruent{7y}{3}{26}$

We computed that 15 is the multiplicative inverse of 7 modulo 26:: That is, $\congruent{7 * 15}{1}{26}$.
By the multiplication property of mod, we have: $\congruent{7 * 15 * 3}{1 * 3}{26}$.
So, any $\congruent{y}{15 * 3}{26}$ is a solution.: That is, $y = 19 + 26k$ for any $k\in\Z$ is a solution.

Solving equations modulo a prime number

$\gcd{a}{m}=1$ if $m$ is prime and $0 < a < m$, so we can always solve modular equations for prime $m$.

$a +_ 7 b = \mod{(a + b)}{7}$

$+$	0	1	2	3	4	5	6
0	0	1	2	3	4	5	6
1	1	2	3	4	5	6	0
2	2	3	4	5	6	0	1
3	3	4	5	6	0	1	2
4	4	5	6	0	1	2	3
5	5	6	0	1	2	3	4
6	6	0	1	2	3	4	5

$a *_ 7 b = \mod{(a * b)}{7}$

$*$	1	2	3	4	5	6
0	0	0	0	0	0	0
1	1	2	3	4	5	6
2	2	4	6	1	3	5
3	3	6	2	5	1	4
4	4	1	5	2	6	3
5	5	3	1	6	4	2
6	6	5	4	3	2	1

A useful proof technique based on modular equations

Suppose that $x,y\in\Z$ and $(x, y)$ satisfies linear equations: $ax + by = c$ and $dx + ey = f$,; where $a,b,c,d,e,f$ are integer coefficients.
Then $(x, y)$ also satisfies the corresponding equations mod $m > 0\in\Z$:: $\congruent{ax + by}{c}{m}$ and $\congruent{dx + ey}{f}{m}$.
The reverse doesn’t hold. Can you think of a counterexample?: $(0, 0)$ is a solution to $\congruent{x + y}{2}{2}$ and $\congruent{2x + 2y}{4}{2}$.; But it’s not a solution to $x + y = 2$ and $2x + 2y = 4$.
The contrapositive is a useful proof technique:: You can prove that a system of linear equations with integer coefficients has no integer solutions by showing that those equations modulo $m$ have no solutions.

Summary

$\gcd{a}{b}$ is the greatest integer that divides both $a$ and $b$.: It can be computed efficiently using the Euclidean algorithm.
By Bézout’s theorem, $\gcd{a}{b} = sa + tb\,$ for some integers $s, t$.: $s, t$ can be computed using the extended Euclidean algorithm.; If $\gcd{a}{b} = 1$, $\mod{s}{b}$ is the multiplicative inverse of $a$ modulo $b$.; Multiplicative inverses can be used to solve modular equations.

$a$ $=$	$q$ $*$	$b$ $+$	$r$
$35$ $=$	$1$ $*$	$27$ $+$	$8$
$27$ $=$	$3$ $*$	$8$ $+$	$3$
$8$ $=$	$2$ $*$	$3$ $+$	$2$
$3$ $=$	$1$ $*$	$2$ $+$	$1$

$a$ $=$	$q$ $*$	$b$ $+$	$r$
$35$ $=$	$1$ $*$	$27$ $+$	$8$
$27$ $=$	$3$ $*$	$8$ $+$	$3$
$8$ $=$	$2$ $*$	$3$ $+$	$2$
$3$ $=$	$1$ $*$	$2$ $+$	$1$

$r$ $=$	$a$ $-$	$q$ $*$	$b$
$8$ $=$	$35$ $-$	$1$ $*$	$27$
$3$ $=$	$27$ $-$	$3$ $*$	$8$
$2$ $=$	$8$ $-$	$2$ $*$	$3$
$1$ $=$	$3$ $-$	$1$ $*$	$2$

$r$ $=$	$a$ $-$	$q$ $*$	$b$
$8$ $=$	$35$ $-$	$1$ $*$	$27$
$3$ $=$	$27$ $-$	$3$ $*$	$8$
$2$ $=$	$8$ $-$	$2$ $*$	$3$
$1$ $=$	$3$ $-$	$1$ $*$	$2$

$a$ $=$	$q$ $*$	$b$ $+$	$r$
$26$ $=$	$3$ $*$	$7$ $+$	$5$
$7$ $=$	$1$ $*$	$5$ $+$	$2$
$5$ $=$	$2$ $*$	$2$ $+$	$1$