We now consider the important problem of solving simultaneous congru- ences. The simplest case of this is to find those x (if there are any) that satisfy the simultaneous congruences
(2.1)
This is the subject of the next result, called the Chinese Remainder Theorem because the method was known in China in the first century A.D.
Theorem 2.18 The Chinese Remainder Theorem. Let m1, m2 ,. • ã, m, de- note r positive integers that are relatively prime in pairs, and let a1, a1, ã ã ã,a, denote any r integers. Then the congruences (2.1) have common solutions.
If x0 is one such solution, then an integer x satisfies the congruences (2.1) if and only if x is of the form x = x0 + km for some integer k. Here m = m1m2 • • • m,.
Using the terminology introduced in the previous section, the last assertion of the Theorem would be expressed by saying that the solution x is unique modulo m1m2 • • • m,.
Proof Writing m = m1m2 • • • m,, we see that m/mj is an integer and that (mjmj, m) = 1. Hence by Theorem 2.9 for each j there is an integer
bj such that (mjm)bj = l(mod m). Clearly (m/m)bj = O(mod m) if
i if' j. Put
We consider this number modulo m;, and find that x0 = -b;a; m = a; (mod m;).
m;
Thus x0 is a solution of the system (2.1).
(2.2)
If x0 and x1 are two solutions of the system (2.1), then x0 =
x1 (mod m) for i = 1, 2,- ã ã, r, and hence x0 = x1 (mod m) by part 3 of Theorem 2.3. This completes the proof.
Example 1 Find the least positive integer x such that x = 5 (mod 7), x = 7 (mod 11), and x = 3 (mod 13).
Solution We follow the proof of the theorem, taking a1 = 5, a2 = 7, a3 = 3, m1 = 7, m2 = 11, m3 = 13, and m = 7 ã 11 ã 13 = 1001. Now (m2m3 , m1) = 1, and indeed by the Euclidean algorithm we find that ( -2) ã m2m3 +lf1 ã m1 = 1, so we may take b1 = -2. Similarly, we find that 4 ã m1m3 + (-33) ã m2 = 1, so we take b2 = 4. By the Euclidean algorithm a third time we find that ( -1) ã m1m2 + 6 ã m3 = 1, so we may take b3 = -1. Then by (2.2) we see that 11 ã 13 ã (- 2) ã 5 +
7 ã 13 ã 4 ã 7 + 7 ã 11 ã ( -1) ã 3 = 887 is a solution. Since this solution is unique modulo m, this is the only solution among the numbers 1, 2, ã ã ã, 1001. Thus 887 is the least positive solution.
In the Chinese Remainder Theorem, the hypothesis that the moduli m j should be pairwise relatively prime is absolutely essential. When this hypothesis fails, the existence of a solution x of the simultaneous system (2.1) is no longer guaranteed, and when such an x does exist, we see from Part 3 of Theorem 2.3 that it is unique modulo [m1, m2 ,- • ã, m,], not modulo m. In case there is no solution of (2.1), we call the system inconsistent. In the following two examples we explore some of the possibil- ities that arise when the m j are allowed to have common factors. An extension of the Chinese Remainder Theorem to the case of unrestricted mj is laid out in Problems 19-23.
Example 2 Show that there is no x for which both x = 29 (mod 52) and x = 19 (mod 72).
Solution Since 52 = 4 ã 13, we see by Part 3 of Theorem 2.3 that the first congruence is equivalent to the simultaneous congruences x = 29 (mod 4) and x = 29 (mod 13), which reduces to x = 1 (mod 4) and x = 3 (mod 13).
Similarly, 72 = 8 ã 9, and the second congruence given is equivalent to the simultaneous congruences x = 19 (mod 8) and x = 19 (mod 9). These re- duce to x = 3 (mod 8) and x = 1 (mod 9). By the Chinese Remainder Theorem we know that the constraints (mod 13) and (mod 9) are indepen- dent of those (mod 8). The given congruences are inconsistent because there is no x for which both x = 1 (mod 4) and x = 3 (mod 8).
Once an inconsistency has been identified, a brief proof can be constructed: The first congruence implies that x = 1 (mod 4) while the second congruence implies that x = 3 (mod 4).
Example 3 Determine whether the system x = 3 (mod 10), x =
8 (mod 15), x = 5 (mod 84) has a solution, and find them all, if any exist.
First Solution We factor each modulus into prime powers. By Part 3 of Theorem 2.3, we see that the first congruence of the system is equivalent to the two simultaneous congruences x = 3 (mod 2), x = 3 (mod 5). Simi- larly, the second congruence of the system is equivalent to the two conditions x = 8 (mod 3), x = 8 (mod 5), while the third congruence is equivalent to the three congruences x = 5 (mod 4), x = 5 (mod 3), x =
5 (mod 7). The new system of seven simultaneous congruences is equiva- lent to the ones given, but now all moduli are prime powers. We consider the powers of 2 first. The two conditions are x = 3 (mod 2) and x =
1 (mod 4). These two are consistent, but the second one implies the first, so that the first one may be dropped. The conditions modulo 3 are x = 8 (mod 3) and x = 5 (mod 3). These are equivalent, and may be ex-
pressed as x = 2 (mod 3). Third, the conditions modulo 5 are x =
3 (mod 5), x = 8 (mod 5). These are equivalent, so we drop the second of them. Finally, we have the condition x = 5 (mod 7). Hence our system of seven congruences is equivalent to the four conditions x = 1 (mod 4), x = 2 (mod 3), x = 3 (mod 5), and x = 5 (mod 7). Here the moduli are relatively prime in pairs, so we may apply the formula (2.2) used in the proof of the Chinese Remainder Theorem. Proceeding as in the solution of Example 1, we find that x satisfies the given congruences if and only if x = 173 (mod 420).
The procedure we employed here provides useful insights concerning the way that conditions modulo powers of the same prime must mesh, but when the numbers involved are large, it requires a large amount of computation (because the moduli must be factored). A superior method is provided by the iterative use of Theorem 2.17. This avoids the need to
factor the moduli, and requires only r - 1 applications of the Euclidean algorithm.
Second Solution The x that satisfy the third of the given congruences are precisely those x of the form 5 + 84u where u is an integer. On substitut- ing this into the second congruence, we see that the requirement is that 5 + 84u = 8 (mod 15). That is, 84u = 3 (mod 15). By the Euclidean algorithm we find that (84, 15) = 3, and indeed we find that 2 ã 84 +
( -11) ã 15 = 3. By Theorem 2.17 we deduce that u is a solution of the congruence if and only if u = 2 (mod 5). That is, u is of the form u = 2 +
5v, and hence x satisfies both the second and the third of the given congruences if and only if x is of the form 5 + 84(2 + 5v) = 173 + 420v.
The first congruence now requires that 173 + 420 v = 3 (mod 10). That is, 420v = -170 (mod 10). By the Euclidean algorithm we find that (420, 10)
= 10. Since 101170, we deduce that this congruence holds for all v. That is, in this example, any x that satisfies the second and third of the given congruences also satisfies the first. The set of solutions consists of those x of the form 173 + 420v. That is, x = 173(mod420).
This procedure can be applied to general systems of the sort (2.1). In case the system is inconsistent, the inconsistency is revealed by a failure of the condition glb in Theorem 2.17. Alternatively, if it happens that the moduli are pairwise relatively prime, then g = 1 in each application of Theorem 2.17, and we obtain a second (less symmetric) proof of the Chinese Remainder Theorem.
Returning to Theorem 2.18, we take a fixed set of positive integers m1, m2 , • • ã, m,, relatively prime in pairs, with product m. But instead of considering just one set of equations (2.1), we consider all possible systems of this type. Thus a1 may be any integer in a complete residue system modulo m1, a2 any integer in a complete residue system modulo m2 , and so on. To be specific, let us consider a1 to be any integer among 1, 2, .. ã, m1, and a2 any integer among 1, 2, .. ã, m2 , .. ã, and a, any integer among 1, 2, ã ã ã, m,. The number of such r-tuples (ai' a2 , ã • ã,a,) is
m1m2 • • ã m, = m. By the Chinese Remainder Theorem, each r-tuple
determines precisely one residue class x modulo m. Moreover, distinct r-tuples determine different residue classes. To see this, suppose that (a1, a2 , ããã,a,) '* (a;, a2, ã ã ã,a;). Then a; '* a; for some i, and we see that no integer x satisfies both the congruences x = a; (mod m;) and x =a; (mod m).
Thus we have a one-to-one correspondence between the r-tuples
(a1, a2 , • ã ã,a,) and a complete residue system modulo m, such as the
integers 1, 2, ã ã ã, m. It is perhaps not surprising that two sets, each having
m elements, can be put into one-to-one correspondence. However, this correspondence is particularly natural, and we shall draw some important consequences from it.
For any positive integer n let -G'(n) denote the complete residue system -G'(n) = {1, 2, ã ã ã, n}. The r-tuples we have considered are precisely the members of the Cartesian product (or direct product) of the sets -G'(m1), -G'(m2 ),- ã ã, -G'(m,). In symbols, this Cartesian product is denoted -G'(m1) X -G'(m2 ) X ã ã ã X -G'(m,). For example, if IR denotes the set of real numbers, then IR X IR, abbreviated IR2, describes the ordinary Eu- clidean plane with the usual rectangular coordinates belonging to any point (x, y ). In this notation, we may express the one-to-one correspon- dence in question by writing
Example 4 Exhibit the foregoing one-to-one correspondence explicitly, when m1 = 7, m2 = 9, m = 63.
Solution Consider the following matrix with 7 rows and 9 columns. At the intersection of the ith row and jth column we place the element cij•
where c;j = i (mod 7) and c;j = j (mod 9). According to Theorem 2.18 we can select the element c;j from the complete residue system -G'(63) =
{1, 2, ã ã ã, 63}. Thus the element 40, for example, is at the intersection of the fifth row and the fourth column, because 40 = 5 (mod 7) and 40 =
4 (mod 9). Note that the element 41 is at the intersection of the sixth row and fifth column, since 41 = 6 (mod 7) and 41 = 5 (mod 9). Thus the element c + 1 in the matrix is just southeast from the element c, allowing for periodicity when c is in the last row or column. For example, 42 is in the last row, so 43 turns up in the first row, one column later. Similarly, 45 is in the last column, so 46 turns up in the first column, one row lower.
This gives us an easy way to construct the matrix: just write 1 in the c 11 position and proceed downward and to the right with 2, 3, and so on.
1 29 57 22 50 15 43 8 36 37 2 30 58 23 51 16 44 9 10 38 3 31 59 24 52 17 45 46 11 39 4 32 60 25 53 18 19 47 12 40 5 33 61 26 54 55 20 48 13 41 6 34 62 27 28 56 21 49 14 42 7 35 63
Here the correspondence between the pair (i, j) and the entry c;j provides a solution to the problem.
In the matrix, the entry cij is entered in boldface if (cij• 63) = 1. We note that these entries are precisely those for which i is one of the numbers {1, 2, ã ã ã, 6}, and j is one of the numbers {1, 2, 4, 5, 7, 8}. That is, (cij• 63) = 1 if and only if (i, 7) = 1 and (j, 9) = 1. Since there are exactly 6 such i, and for each such i there are precisely 6 such j, we deduce that
<f>(63) = 36 = </>(7)</>(9). We now show that this holds in general, and we derive a formula for <f>(m) in terms of the prime factorization of m.
Theorem 2.19 If m1 and m2 denote two positive, relatively prime integers, then <f>(m1m2 ) = <f>(m1)<f>(m2 ). Moreover, if m has the canonical factoriza- tion m = npa, then <f>(m) = n (pa-pa-l)= m n (1 - 1/p).
plm plm
If m = 1, then the products are empty, and by convention an empty product has value 1. Thus the formula gives <f>(l) = 1 in this case, which is correct.
Proof Put m = m1m2 , and suppose that (x, m) = 1. By reducing x modulo m 1 we see that there is a unique a 1 E ~(m 1) for which x =
a1 (mod m1). Here, as before, ~(m1) is the complete system of residues
~(m1) = {1, 2, ã ã ã, m1}. Similarly, there is a unique a2 E ~(m2) for which x = a2 (mod m2 ). Since (x, m1) = 1, it follows by Theorem 2.4 that (a1, m1) = 1. Similarly (a2 , m2 ) = 1. For any positive integer n, let !JR(n) be the system of reduced residues formed of those numbers a E ~(n) for which (a, n) = 1. That is, !JR(n) = {a E ~(n): (a, n) = 1}. Thus we see that any x E !JR(m) gives rise to a pair (a1, a2) with ai E !JR(m) for i = 1, 2. Suppose, conversely, that we start with such a pair. By the Chinese Remainder Theorem (Theorem 2.18) there exists a unique x E
~(m) such that x = ai (mod m) for i = 1, 2. Since (a1, m1) = 1 and x = a1 (mod m1), it follows by Theorem 2.4 that (x, m1) = 1. Similarly we find that (x, m2 ) = 1, and hence (x, m) = 1. That is, x E !JR(m). In this way we see that the Chinese Remainder Theorem enables us to establish a one-to-one correspondence between the reduced residue classes modulo m and pairs of reduced residue classes modulo m1 and m2 , provided that (m1, m2 ) = 1. Since a1 E !JR(m1) can take any one of <f>(m1) values, and a2 E !JR(m2 ) can take any one of <f>(m2 ) values, there are <f>(m1)<f>(m2 ) pairs, so that <f>(m) = <f>(m1)<f>(m2 ).
We have now established the first identity of the theorem. If m = Opa is the canonical factorization of m, then by repeated use of this identity we see that <f>(m) = 0</>(pa). To complete the proof it remains to deter- mine the value of <f>(pa). If a is one of the pa numbers 1, 2, ã ã ã, pa, then (a,pa) = 1 unless a is one of the pa-I numbers p,2p,- ã ã,pa-I ã p. On subtracting, we deduce that the number of reduced residue classes modulo pa is pa- pa-I = pa(l - 1/p). This gives the stated formulae.
We shall derive further properties of Euler's </>-function in Sections 4.2, 4.3, and an additional proof of the formula for <f>(n) will be given in Section 4.5, by means of the inclusion-exclusion principle of combinatorial mathematics.
Let f(x) denote a polynomial with integral coefficients, and let N(m) denote the number of solutions of the congruence f(x) = 0 (mod m) as counted in Definition 2.4. We suppose that m = m1m2 , where (m1, m2 ) =
1. By employing the same line of reasoning as in the foregoing proof, we show that the roots of the congruence f(x) = O(mod m) are in one-to-one correspondence with pairs (a1, a2 ) in which a1 runs over all roots of the congruence f(x) = 0 (mod m1) and a2 runs over all roots of the congru- ence f(x) = 0 (mod m2 ). In this way we are able to relate N(m) to N(m1) and N(m2 ).
Theorem 2.20 Let f( x) be a fixed polynomial with integral coefficients, and for any positive integer m let N(m) denote the number of solutions of the congruence f(x) = O(mod m). If m = m1m2 where (m1, m2 ) = 1, then N(m) = N(m1)N(m2 ). If m = Opa is the canonical factorization of m, then N(m) = ON(pa).
The possibility that one or more of the N(pa) may be 0 is not excluded in this formula. Indeed, from Theorem 2.16 we see that if dim and N(d) = 0, then N(m) = 0. One immediate consequence of this is that the congruence f(x) = O(mod m) has solutions if and only if it has solutions (mod pa) for each prime-power pa exactly dividing m.
Proof Suppose that x E ~(m), where ~(m) is the complete residue system ~(m) = {1,2,- ã ã,m}. If f(x) = O(modm) and m = m1m2 , then by Theorem 2.16 it follows that f(x) = O(mod m1). Let a1 be the unique member of ~(m1) = {1, 2, ... , m1} for which x = a1 (mod m1). By Theo- rem 2.2 it follows that f(a1) = 0 (mod m1). Similarly, there is a unique a2 E ~(m2) such that x = a2 (mod m2 ), and f(a2 ) = 0 (mod m2 ). Thus for each solution of the congruence modulo m we construct a pair (a., a2 ) in which a; is a solution of the congruence modulo m;, for i = 1, 2. Thus far we have not used the hypothesis that m1 and m2 are relatively prime.
It is in the converse direction that this latter hypothesis becomes vital.
Suppose now that m = m1m2 , where (m1, m2 ) = 1, and that for i = 1 and 2, numbers a; E ~(m;) are chosen so that f(a) = O(mod m). By the Chinese Remainder Theorem (Theorem 2.18), there is a unique x E ~(m)
such that x =a; (mod m) for i = 1, 2. By Theorem 2.2 we see that this x is a solution of the congruence f(x) = 0 (mod m ), for i = 1, 2. Then by Part 3 of Theorem 2.3 we conclude that f(x) = 0 (mod m). We have now
established a one-to-one correspondence between the solutions x of the congruence modulo m and pairs (ai> a2 ) of solutions modulo m1 and m2 ,
resp~ctively. Since a1 runs over N(m1) values, and a2 runs over N(m2 ) values, there are N(m1)N(m2 ) such pairs, and we have the first assertion of the theorem. The second assertion follows by repeated application of the first part.
Example 5 Let f(x) = x2 + x + 7. Find all roots of the congruence f(x) = 0 (mod 15).
Solution Trying the values x = 0, ± 1, ± 2, we find that f(x) = 0 (mod 5) has no solution. Since 5115, it follows that there is no solution (mod 15).
Example 6 Let f(x) be as in Example 5. Find all roots of f(x) =
O(mod 189), given that 189 = 33 • 7, that the roots (mod 27) are 4, 13, and 22, and that the roots (mod 7) are 0 and 6.
Solution In a situation of this kind it is more efficient to proceed as we did in the solution of Example 1, rather than employ the method adopted in the second solution of Example 3. By the Euclidean algorithm and (2.2), we find that x = a1 (mod 27) and x = a2 (mod 7) if and only if x = 28a1 - 27a2 (mod 189). We let a1 take on the three values 4, 13, and 22, while a2 takes on the values 0 and 6. Thus we obtain the six solutions x =
13, 49, 76, 112, 139, 175 (mod 189).
We have now reduced the problem of locating the roots of a polyno- mial congruence modulo m to the case in which the modulus is a prime power. In Section 2.6 we reduce this further, to the case of a prime modulus, and finally in Section 2. 7 we consider some of the special properties of congruences modulo a prime number p.
PROBLEMS
1. Find the smallest positive integer (except x = 1) that satisfies the following congruences simultaneously: x = 1 (mod 3), x = 1 (mod 5), x = 1 (mod 7).
2. Find all integers that satisfy simultaneously: x = 2 (mod 3), x =
3 (mod 5), x = 5 (mod 2).
3. Solve the set of congruences: x = 1 (mod 4), x = 0 (mod 3), x =
5(mod 7).
4. Find all integers that give the remainders 1, 2, 3 when divided by 3, 4, 5, respectively.
5. Solve Example 2 using the technique that was applied to Example 4.
6. Solve Example 1 by the method used in the second solution of Example 3.
7. Determine whether the congruences 5x = 1 (mod 6), 4x =
13 (mod 15) have a common solution, and find them if they exist.
8. Find the smallest positive integer giving remainders 1, 2, 3, 4, and 5 when divided by 3, 5, 7, 9, and 11, respectively.
9. For what values of n is <f>(n) odd?
10. Find the number of positive integers "' 3600 that are prime to 3600.
11. Find the number of positive integers "' 3600 that have a factor greater than 1 in common with 3600.
12. Find the number of positive integers "' 7200 that are prime to 3600.
13. Find the number of positive integers "' 25200 that are prime to 3600.
(Observe that 25200 = 7 X 3600.) 14. Solve the congruences:
x3 + 2x- 3 = O(mod9);
x3 + 2x- 3 = O(mod5);
x3 + 2x - 3 = 0 (mod 45).
15. Solve the congruence x3 + 4x + 8 = 0 (mod 15).
16. Solve the congruence x3 - 9x2 + 23x - 15 = 0 (mod 503) by observ- ing that 503 is a prime and that the polynomial factors into (x - 1) (x- 3Xx- 5).
17. Solve the congruence x3 - 9x2 + 23x- 15 = O(mod 143).
18. Given any positive integer k, prove that there are k consecutive integers each divisible by a square > 1.
19. Let m1, m2 ,. • ã, m, be relatively prime in pairs. Assuming that each of the congruences bix = ai (mod m), i = 1, 2,. ã ã, r, is solvable, prove that the congruences have a simultaneous solution.
20. Let m1 and m2 be arbitrary positive integers, and let a1 and a2 be arbitrary integers. Show that there is a simultaneous solution of the congruences x = a1 (mod m1), x = a2 (mod m2 ), if and only if a1 '=
a2 (mod g), where g = (mi> m2 ). Show that if this condition is met, then the solution is unique modulo [m1, m2 ].
*21. Let p be a prime number, and suppose that mj = paj in (2.1), where 1 "' a1 "' a2 "' • • • "' a,. Show that the system has a simultaneous solution if and only if ai = a,(mod pa,) fori= 1,2,. ã ã, r.
*22. Let the m j be as in the preceding problem. Show that the system (2.1) has a simultaneous solution if and only if a; = aj (mod pa;) for all pairs of indices i, j for which 1 "' i < j "' r.
*23. Let the mj be arbitrary positive integers in (2.1). Show that there is a simultaneous solution of this system if and only if a; =
aj (mod (m;, m)) for all pairs of the indices i, j for which 1 "' i < j
"'r.
*24. Suppose that m1, m2 , • • ã, m, are pairwise relatively prime positive integers. For each j, let -t'(mj) denote a complete system of residues modulo mj. Show that the numbers c1 + c2m1 + c3m1m2 +
ã ã ã +c,m1m2 ã ã ã m,_1, cj E -t'(m), form a complete system of residues modulo m = m1m2 • • • m,.
25. If m and k are positive integers, prove that the number of positive integers "' mk that are prime to m is k<f>(m).
26. Show that <f>(nm) = n<f>(m) if every prime that divides n also divides m.
27. If P denotes the product of the primes common to m and n, prove that <f>(mn) = P<f>(m)<f>(n)j<f>(P). Hence if (m, n) > 1, prove
<f>(mn) > <f>(m)<f>(n).
28. If <f>(m) = <f>(mn) and n > 1, prove that n = 2 and m is odd.
29. Characterize the set of positive integers n satisfying <f>(2n) = <f>(n).
30. Characterize the set of positive integers satisfying <f>(2n) > <f>(n).
31. Prove that there are infinitely many integers n so that 3% <f>(n).
32. Find all solutions x of <f>(x) = 24.
33. Find the smallest positive integer n so that <f>(x) = n has no solution;
exactly two solutions; exactly three solutions; exactly four solutions.
(It has been conjectured that there is no integer n such that <f>(x) = n has exactly one solution, but this is an unsolved problem.)
34. Prove that there is no solution of the equation <f>(x) = 14 and that 14 is the least positive even integer with this property. Apart from 14, what is the next smallest positive even integer n such that <f>(x) = n has no solution?
35. If n has k distinct odd prime factors, prove that 2kl</>(n).
36. What are the last two digits, that is, the tens and units digits, of 21000? of 31000? (H)
*37. Let a1 = 3, ai+I = 3a;. Describe this sequence (mod 100).
*38. Let (a, b) = 1 and c > 0. Prove that there is an integer x such that (a+ bx,c) = 1.
39. Prove that for a fixed integer n the equation <f>(x) = n has only a finite number of solutions.