Lecture 23: Primitive Roots and Polynomials mod p

Coursenotes » Chapter 5: Primitive Roots » Lecture 23: Primitive Roots and Polynomials mod p

Summary

Today we started our search for those integers which do have a primitive root. We began by considering the case of a prime number p. The main tool we used was an analysis of the properties of polynomials mod p, particularly the number of roots that a given polynomial can have. By counting roots in this way, we were able to conclude that every prime number has a primitive root.

Counting Polynomial Solutions

We're used to thinking about polynomials whose coefficients are integers (or, more generally, real numbers). In this case, we have a result that tells us that a polynomial of a given degree doesn't have too many roots.

Fundamental Theorem of Algebra: A polynomial of degree n with real coefficients has exactly n complex solutions, and therefore at most n real solutions.

If we consider polynomials mod a given integer, though, this kind of result might not still hold.

Example

Consider the polynomial $f(x) = x^2+1$ . How many solutions does it have mod 65? Well, a solution to

(1)

$x^2 +1 \equiv 0 \mod{65}$

forces a solutions to

(2)

$x^2+1\equiv 0 \mod{5} \quad \mbox{and} \quad x^2+1 \equiv 0 \mod{13}.$

We know that the first equation has solutions $x \equiv \pm 2 \mod{5}$ , and the latter has solutions $x \equiv \pm 5 \mod{13}$ . We can stitch these solutions together to give solutions to the original equation (1). The different choices of solutions mod 5 and 13 will in fact produce 4 solutions to this equation! This is quite different from what we're used to: we've shown that this degree 2 polynomial has at least 4 solutions. $\square$

Though we might get more solutions to a given polynomial for a general modulus m, the situation for a prime modulus p is more in line with what we're used to.

Lagrange's Theorem: Let p be prime and let

$f(x) = a_nx^n + a_{n-1}x^{n-1} + \cdots + a_1x + a_0$

be a polynomial of degree $n \geq 1$ with integer coefficients so that not every coefficient is divisible by p. Then $f(x)$ has at most n distinct solutions mod p.

Proof: We'll prove the result by induction. In the case that $n=1$ , we're looking to count the roots of a linear polynomial $a_1x + a_0 \equiv 0 \mod{p}$ . Now if $p \nmid a_1$ then we get $(a_1,p) = 1$ , and so the linear congruence

(3)

$a_1x^1 \equiv -a_0 \mod{p}$

has exactly one solution. In the case $p \nmid a_1$ , then, we've established what we wanted to prove. If, on the other hand, we have $p \mid a_1$ then we can conclude that $p \nmid a_0$ (since not all the coefficients are allowed to be divisible by p). In this case we get

(4)

$f(x) \equiv a_1x + a_0 \equiv a_0 \not\equiv 0 \mod{p}.$

So the polynomial is a non-zero constant function, and hence has no solutions. In this case, then, we again have that the linear polynomial has no more than 1 solution mod p.

So suppose that we know the result for polynomials of degree n, and let $f(x)$ be a polynomial of degree n+1 where not every coefficient of f is divisible by p. If f has no roots mod p then we're done. Otherwise, suppose that a is a solution. Dividing the polynomial $f(x)$ by $x-a$ then gives

(5)

$f(x) = (x-a)q(x)+r$

where r is a polynomial of degree 0 (i.e., r is just an integer) and $q(x)$ is a polynomial of degree n. Notice that not every coefficient of q can be divisible by p, since this would force every coefficient of f to be divisible by p — something we know doesn't hold. Returning to the equation above, since a is a root of f mod p we must have

(6)

$0 \equiv f(a) = (a-a)q(a)+r,$

and so $r \equiv 0 \mod{p}$ . Hence we get

(7)

$f(x) \equiv (x-a)q(x) \mod{p}.$

Now if b is any solution to $f(x) \equiv 0 \mod{p}$ then we have $0 \equiv f(b) \equiv (b-a)q(b) \mod{p}$ , meaning that $p \mid (b-a)q(b)$ . By Euclid's Lemma we conclude that $p \mid b-a$ or $p \mid q(b)$ . In the first case we have $b \equiv a \mod{p}$ , and in the second we get that b is a root of $q(x)$ mod p. So we see that any root of f is either a root of $x-a$ or a root of $q(x)$ , so that

(8)

$\#\mbox{roots of }f(x) \leq \#\mbox{roots of }(x-a) + \#\mbox{roots of }q(x)$

Since $q(x)$ is a polynomial of degree n which doesn't have all its coefficients divisible by p, there are at most n roots of $q(x)$ mod p. Equation (8) then says that there are at most n+1 solutions to $f(x)$ mod p. $\square$

Though this result gives an upper bound on the number of solutions a particular polynomial can have mod p, for certain special polynomials this is enough to count solutions exactly.

Lemma: For $d \mid p-1$ , the polynomial $x^d-1$ has exactly d roots mod p.

Proof:
Fermat's Little Theorem says that $a^{p-1} \equiv 1 \mod{p}$ whenever $(a,p) = 1$ . This means that the polynomial $x^{p-1} - 1$ has $p-1$ distinct solutions mod p.

Now if $d \mid p-1$ then we get $de \ p-1$ for some integer e. Hence we can factor the polynomial $x^{p-1}-1$ has

(9)

$x^{p-1}-1 = (x^d-1)(x^{p-1-d}+x^{p-1-2d}+\cdots+x^{p-1-(e-1)d}+x^{p-1-ed} = (x^d-1)(x^{d(e-1)}+x^{d(e-2)}+\cdots+x^{d(1)}+1).$

Now the polynomial on the left hand side has exactly p-1 roots. By Lagrange's theorem, the first polynomial in the factorization on the right hand side has at most d roots, and the second polynomial on the right hand side has at most $d(e-1)$ roots.

(10)

$\underbrace{x^{p-1}-1}_{p-1\mbox{\tiny{ roots}}} = \underbrace{(x^d-1)}_{\leq d\mbox{\tiny{ roots}}}\underbrace{(x^{d(e-1)}+x^{d(e-2)}+\cdots+x^{d(1)}+1).}_{\leq d(e-1)\mbox{\tiny{ roots}}}$

Now if $x^d-1$ has fewer than d distinct solutions, this means that the right side has at most $d-1+d(e-1) = d-1+de-d=p-2$ solutions — contrary to the fact that we know it ahs $p-1$ solutions because it's equal to the right-hand side of the equation. We conclude, then, that $x^d-1$ has d distinct solutions, as desired. $\square$

The benefit of the previous theorem is that it provides a means for calculating precisely how many elements of a given order exists mod p.

Counting Elements of a Given Order

Theorem: If $d \mid p-1$ , then there are precisely $\phi(d)$ elements of order d mod p.

Proof: For a given divisor d, let $f(d)$ be the number of elements of order d mod p. The previous theorem tells us that there are d solutions to $x^d-1 \equiv 0 \mod{p}$ . Therefore we have

(11)

$d = \#\|\{1 \leq a \leq p: a^d-1 \equiv 0 \mod{p}\}.$

But notice that if $a^d - 1 \equiv 0 \mod{p}$ then we get $a^d \equiv 1 \mod{p}.$ This in turn tells us that $\mbox{ord}_p(a) \mid d$ . Hence any element $a$ in the set above must be an element of order c, where c is a divisor of c. Hence we have

(12)

$\{1 \leq a \leq p : a^d-1\equiv 0 \mod{p}\} = \bigcup_{c \mid d}\{1 \leq a \leq p: \mbox{ord}_p(a) = c\}.$

By counting the number of elements on the left- and right-hand sides, we get

(13)

$\begin{split}d &= \#\{1 \leq a \leq p : a^d-1\equiv 0 \mod{p}\} \\&= \#\left(\bigcup_{c \mid d}\{1 \leq a \leq p: \mbox{ord}_p(a) = c\}\right) \\&= \sum_{c \mid d}\#\{1 \leq a \leq p: \mbox{ord}_p(a) = c\} \\&= \sum_{c \mid d}f(c). \end{split}$