Lecture 9 - Fermat's Little Theorem

Coursenotes » Chapter 2: Congruences » Lecture 9 - Fermat's Little Theorem

Summary

Today we started by introducing a few methods for solving simultaneous congruences suggested by students in the class. We then finished our proof of Wilson's Theorem before moving on to introduce and prove the "other" theorem of Fermat: Fermat's Little Theorem (aka, flt). We saw several applications and corollaries of this result which made some modular computations really quite simple.

Revisiting CRT

We'll start by going back to the problem of solving simultaneous congruences. There were two new suggestions for solving these problems, and we'll provide a glimpse into both.

Solving by Inspection

Sometimes you'll come across a system of congruences that looks something like this:

(1)

$\begin{equation*}\begin{split} x &\equiv 1 \mod{m}\ x &\equiv 1 \mod{n}. \end{split}\end{equation*}$

How do you go about solving such a system? Well, the easiest way is to just look at the system and notice that $x = 1$ is a perfectly good solution, no matter what m and n are. You've just solved this system "by inspection."

A sneakier version of this same technique can be used to solve the following system

(2)

$\begin{equation*}\begin{split} x &\equiv 2 \mod{5}\ x &\equiv 4 \mod{7}. \end{split}\end{equation*}$

While it might not seem that you can "see" a solution to this equally, notice that these equations are the same as

(3)

$\begin{equation*}\begin{split} x &\equiv -3 \mod{5}\ x &\equiv -3 \mod{7}. \end{split}\end{equation*}$

Now we can see that $x = -3$ is a solution. If you'd prefer a nonnegative solution, remember that since $(5,7) = 1$ we must have a unique solution to this equation modulo 35. Hence $-3+35 = 32$ is another solution to this system (and happens to be the "least nonnegative" solution).

Back Substitution

Suppose you're given the system

(4)

$\begin{equation*}\begin{split} x &\equiv 6 \mod{12}\ x &\equiv 10 \mod{14} \end{split}\end{equation*}$

and you want to find a solution. First, recall that our strong version of CRT says there's a solution if and only if $(12,14) \mid 10-6$ . Since this is true, we know there is a unique solution modulo $[12,14] = 84$ . That's all well and good, but how do we actually find such a solution?

First, notice that the first congruence is equivalent to saying $x = 6 + 12a$ for some integer a. Now we can substitute this expression in for x into the second congruence, and we have $6+12a \equiv 10 \mod{14}$ — which is of course the same as $12a \equiv 4 \mod{14}$ . Since $(12,14) = 2$ and $2 \mid 4$ , we know this system has 2 distinct solutions modulo 14. We could find these systematically (using the Euclidean Algorithm, etc.), but for the sake of time let's just notice that $a \equiv -2,5 \mod{14}$ are solutions. Plugging these values back in for a in our initial expression for x — $x = 6 + 12a$ — gives us $x = -18, 66$ . You can check that both of these values for x solve the given congruences, and in fact at the same solution modulo 84 (as we'd expect!). Nice.

Finishing off Wilson's Theorem

Last class period we proved

If p is prime, then $(p-1)! \equiv -1 \mod{p}$ .

We also started to prove the converse,

If n is composite, then $(n-1)! \nequiv -1 \mod{n}$ .

In our proof, we had shown that if n has a factorization into distinct factors, then $(n-1)! \equiv 0 \mod{n}$ . To finish off the proof, then, we need to consider when n does not have a factorization into distinct factors. For this to be true, then we know that since both factors are the same, then $n = a^2$ . But in fact, we know that these factors must be prime: if $n = a^2$ and $a = cd$ for some $1<c,d<a$ , then we get $n = c(dcd)$ , and we're back in the case where n can be factored into distinct factors. Hence we're left with the case $n = p^2$ for some prime p.

Now in this case, if we happen to have a prime $p>2$ , then we know that $2p < p^2$ . Hence we have

(5)

$(n-1)! \equiv (p^2-1)! \equiv 1 \cdot 2 \cdot \cdots \cdot p \cdots 2p \cdots (p^2-1) \equiv 0 \mod{p^2}.$

Hence when $n = p^2$ for some prime bigger than 2, we know that $(n-1)! \nequiv -1 \mod{n}$ . The only remaining case to consider is when $n = 2^2$ . In this case, we can see that

(6)

$(4-1)! \equiv 1\cdot 2\cdot 3 \equiv 6 \equiv 2 \nequiv -1 \mod{4}.$

Hence in all cases where n is composite, we have $(n-1)! \nequiv -1 \mod{n}$ . $\square$

Fermat's Little Theorem

Wilson's Theorem is a neat little congruence identity to have around, but there's one which is actually much handier. This is one of the many number theoretic problems which Fermat worked on, and so it bears the name Fermat's Little Theorem (flt).

Fermat's Little Theorem: If $p \nmid a$ , then $a^{p-1}\equiv 1 \mod{p}$ .

Example: The case $a = 5, p = 23$

Before proving flt, let's show that it holds in the case $a = 5, p = 23$ . In other words, we'll show that $5^{22} \equiv 1 \mod{23}$ .

To do this, we need to compute a large power of 5. This can be done using "successive squaring":

(7)

$\begin{equation*}\begin{split} 5^2 &\equiv 25 \equiv 2 \mod{23}\ 5^4 &\equiv 2^2 \equiv 4 \mod{23}\ 5^8 &\equiv 4^2 \equiv 16 \mod{23}\ 5^{16} &\equiv 16^2 \equiv 256 \equiv 26 \equiv 3 \mod{23}. \end{split}\end{equation*}$

Hence we have

(8)

$5^{22} \equiv 5^{16+4+2} \equiv 5^{16}5^45^2 \equiv 3\cdot 4\cdot 2 \equiv 24 \equiv 1 \mod{23}.$

$\square$

The Proof of flt

With an example under our belt, we're now prepared to prove flt. So let a be given with $p \nmid a$ .

We start by explaining why the sets

(9)

$\begin{equation*}\begin{split} \{1,2,\cdots,p-1\}\ \{a,2a,\cdots,(p-1)a\} \end{split}\end{equation*}$

are the same modulo p. For one, we notice that all the elements of the latter set are distinct: using the fact that $(a,p) = 1$ (which itself comes from the condition $p \nmid a$ ) we get $ia \equiv ja \mod{p}$ if and only if $i \equiv j \mod{p}$ , and clearly two distinct elements $i,j \in \{1,2,\cdots,p-1\}$ don't satisfy this condition. Moreover we know that every element of the second set is relatively prime to p: we could only have $p \mid ij$ if $p \mid i$ or $p \mid a$ , neither of which are possible. Hence the second set is a collection of $p-1$ distinct, nonzero elements modulo p, and hence must be the same (modulo p) as the first set.

With this equality of sets (modulo p) established, we now notice that the products of all elements in both sets must be the same

(10)

$1\cdot 2 \cdot \cdots \cdot (p-1) \equiv a \cdot 2a \cdot \cdots \cdot (p-1)a \mod{p}.$

Now the left-hand side is just $(p-1)! \equiv -1 \mod{p}$ (using Wilson's Theorem), whereas the right hand side is just [{$a^{p-1}(p-1)! \equiv -a^{p-1} \mod{p}$]]. Hence we get

(11)

$-1 \equiv -a^{p-1} \mod{p}$

or, equivalently, $a^{p-1} \equiv 1 \mod{p}$ . $\square$

Some Useful Corollaries

There are several nice things that can be taken away from flt. The first application let's us compute large exponentials very easily

Corollary: If p is prime and $p \nmid a$ , and if $b \equiv c \mod{p-1}$ , then $a^b \equiv a^c \mod{p}$ .

Proof: To see that this is true, notice that $b \equiv c \mod{p-1}$ means there is some $k \in \mathbb{Z}$ so that $b = c + (p-1)k$ . Hence we have

(12)

$a^b \equiv a^{c+(p-1)k} \equiv a^c \left(a^{p-1})^{k} \equiv a^c \cdot 1^k \equiv a^c \mod{p}.$

$\square$

Example: Reducing Exponents

Suppose someone asked you to computer $7^{147} \mod{11}$ . Now 11 is prime and $11 \nmid 7$ , so we know that $7^{10} \equiv 1 \mod{11}$ . hence we have

(13)

$7^{147} \equiv 7^{14\cdot 10 + 7} \equiv \left(7^{10}\right)^{14}7^7 \equiv 7^7 \mod{11}.$

This is far easier to compute than the original problem (and I'll leave it to you to actually do the computation). $\square$

Another useful corollary is

Corollary: If p is prime and $p \nmid a$ , then $a^{p-2}$ is the multiplicative inverse of a modulo p.

Proof: Fermat's Little Theorem tells us that $a^{p-2}a \equiv 1 \mod{p}$ . Hence $a^{p-2}$ is a solution to the equation $ax \equiv 1 \mod{p}$ , and so is the multiplicative inverse of a modulo p. $\square$

Example: Computing an inverse using flt

Suppose you want to computer the inverse of 5 modulo 23. Then our previous corollary says this should be $5^{21}\mod{23}$ . We've already computed the successive squares of 5 modulo 23, and so we see that

(14)

$5^{21} \equiv 5^{16+4+1} \equiv 3 \cdot 4 \cdot 5 \equiv 30 \equiv 14 \mod{23}.$

So 14 is the inverse of 5 mod 23.

This will come in handy if we wanted to solve some kind of congruence like $5x \equiv 13 \mod{23}$ — instead of using the Euclidean Algorithm to solve this problem, we could instead just multiply both sides by 13 $x \equiv 14 \cdot 5 x \equiv 13 \cdot 14 \mod{23}$ . Hence our solution is just $13 \cdot 14 \mod{23}$ (you can simplify this expression modulo 23 if you like). $\square$

A Final Computation

We've covered a lot of stuff so far in class, so let's just do another computation to double-check our computational skills. We'll compute $2^{90} \mod{91}$ . To do this, we'll use successive squaring:

(15)

$\begin{equation*}\begin{split} 2^2 &\equiv 4 \mod{91}\ 2^4 &\equiv 4^2 \equiv 16 \mod{91}\ 2^8 &\equiv 16^2 \equiv 256 \mod{91} \equiv 74 \mod{91}\ 2^{16} &\equiv 74^2 \equiv (-17)^2 \equiv 289 \equiv 16 \mod{91}\ 2^{32} &\equiv 16^2 \equiv 74 \mod{91}\ 2^{64} &\equiv 74^2 \equiv 16 \mod{91}. \end{split}\end{equation*}$

Hence we have

(16)

$2^{90} \equiv 2^{64+16+8+2} \equiv 16 \cdot 16 \cdot 74 \cdot 4 \equiv 74 \cdot 74 \cdot 4 \equiv 16 \cdot 4 \equiv 64 \mod{91}.$

This might seem surprising, since if 91 is prime we should be getting $2^{90} \equiv 1 \mod{91}$ . So what went wrong? We'll talk about this in class on Friday.

Add a new comment

page_revision: 6, last_edited: 1221674524|%e %b %Y, %H:%M %Z (%O ago)

Edit Tags History Files Print Site tools + Options

Math 453

Math 453, Section D13, Fall 2008

Add a new page