📚 The CoCalc Library - books, templates and other resources

cocalc-examples / paulsen-abstract-algebra / group00.ipynb

¹³²⁹²² views
License: OTHER

Kernel: SageMath (stable)

Abstract Algebra: An Interactive Approach, 2e

Chapter 0
Preliminaries

Initialization: This cell MUST be evaluated first:

In [0]:

%display latex
try:
    load('absalgtext.sage')
except IOError:
    load('/media/sf_sage/absalgtext.sage')

The above command should automatically be evaluated as the worksheet is loaded. As long as a blue "Initialization Done" message appears at the bottom, we are ready to proceed.

The very first time this package is run, it may require additional databases to be downloaded from the internet. This only takes a few minutes, and only has to be done once. These databases will be available the next time Sage is run. This particular chapter does not use the databases, but make sure you close Sage and restart it before loading a different chapter.

Integer Factorization
Functions
Modular Arithmetic
Rational and Real Numbers
Sage Interactive Problems

Integer Factorization

In this section we will explore the basic properties of integers stemming from the prime factorizations. We will denote the set of all integers,

{ …, −3, −2, −1, 0, 1, 2, 3, … }

by the stylized letter ℤ, which stands for the German "Zahl" meaning "number." Rather than saying "n is an integer," we can succintly say "n is in ℤ." Many of the properties of factorizations refer only to positive integers, which are denoted ℤ⁺. Thus, we can write n ∈ ℤ⁺ to say that n is a positive integer.

We begin by defining a divisor of a number.

DEFINITION 0.1
We say that an integer a is a divisor of an integer b, denoted by a | b, if there is some integer c such that b = a c. Other ways of saying this is that a divides b, or a is a factor of b, or b is a multiple of a.

EXPERIMENT:
Find the divisors of 30. Don't forget that, according to the definition, we can have negative divisors.

We can extend the idea of integer divisors to that of finding the quotient q and remainder r of integer division.

THEOREM 0.1: The Division Algorithm
Given any x ∈ ℤ, and any y ∈ ℤ⁺, there are unique integers q and r such that

x = q y + r and 0 ≤ r < y.

Click here for the proof.

All of the proofs in these notebooks are in a separate subsection that can be accessed by clicking on the hyperlink. This allows one to hide the proof until after it has been attempted. There will be a hyperlink at the end of the proof to bring you back.

This is a constructive proof, since it gives an algorithm for finding q and r. This proof also demonstrates how to prove that a solution is unique. We assume there is another solution, and prove that the two solutions are in fact the same.

EXAMPLE:
Find integers q and r such that 849 = 31 q + r, with 0 ≤ r < 31.

We can use Mathematica as a calculator. To find the numerical approximation of 849/31, enter

In [0]:

N(849/31)

To evaluate this Sage expression, click on it, and press Shift + Enter. If you are not using CoCalc, you could also click on the expression, then click on the "Evaluate" button that appears.

Note that the function N( ) gives the numerical approximation. The largest integer less than this value is q = 27. Then we can compute r to be

In [0]:

849 - 27*31

The notation for finding the greatest integer function used in this algorithm is

⌊x⌋ = the greatest integer less than or equal to x.

EXPERIMENT:
Find integers q and r such that −925 = 28 q + r, with 0 ≤ r < 28. Note that for negative numbers, rounding down will cause the number to increase in magnitude.

We define a prime as an integer that has only two positive factors: 1 and itself. This definition actually allows negative numbers, such as −5, to be prime. Although this may seem to be a non-standard definition, it agrees with the generalized definition of primes defined in chapters 10 and 12. The numbers 1 and −1 are not considered to be prime. The goal of this section is to prove that any integer greater than 1 can be uniquely factored into a product of positive primes.

We will begin by proving that every large number has at least one prime factor. This requires an assumption about the set of positive numbers, known as the Well Ordering Axiom.

The Well Ordering Axiom:
Every non-empty subset of ℤ⁺ contains a smallest element.

The reason why this is considered to be an axiom is that it cannot be proven using only arithmetic operations. (Note that this statement is not true for rational numbers, which have the same arithmetic operations.) So this self-evident statement is assumed to be true, and is used to prove other properties of the integers.

LEMMA 0.1
Every number greater than 1 has a prime factor.

Click here for the proof.

Not only does the proof of Lemma 0.1 demonstrate how the well ordering axiom is used, it also introduces an important strategy in proofs. Notice that to prove that every number greater than 1 had a prime factor, we assumed just the opposite. It was as if we admitted defeat from the very beginning! Yet from this we were able to reach a conclusion that was absurd―a number without a prime factor that did have a prime factor. This strategy is known as reductio ad absurdum, which is Latin for "reduce to the absurd." We assume what we are trying to prove is actually false, and proceed logically until we reach a contradiction. The only explanation would be that the assumption was wrong, which proves the original statement.

The prime factorizations lead to an important question. Is there a largest prime number? The Greek mathmatican Euclid answered this question using reductio ad absurdum in the third century B.C.

THEOREM 0.2: Euclid's Prime Number Theorem

There are an infinite number of primes.

Click here for the proof.

In order to prove that every integer greater than 1 has a unique prime factorization, we must first prove that every such number can be expressed as a product of primes. This is easiest to do using the principle of mathematical induction. This principle stems from the Well Ordering Axiom, and is a powerful tool for proving statements about integers.

THEOREM 0.3: Principle of Mathematical Induction

Let S be a set of integers containing a starting value a. Suppose that S has the property that the integer n will be in S whenever all integers between a and n are in S. Then S contains all integers greater than or equal to a.

Click here for the proof.

To use the principle of induction, we first prove a statement is true for a starting point a. Then we assume that the statement is true for all integers a ≤ k < n. (Often we will be able to get by with just the previous case k = n − 1.) This gives us extra leverage to prove the statement is true for n. Here is an example of this principle in action.

LEMMA 0.2

Every integer n ≥ 2 can be written as a product of one or more positive primes.

Click here for the proof.

In order to prove that the prime factorization is unique we will first have to develop the concept of the greatest common divisor.

DEFINITION 0.2
We define the greatest common divisor (GCD) of two numbers to be the largest integer that divides both of the numbers. If the greatest common divisor is 1, this means that there are no prime factors in common. We say the numbers are coprime in this case. We denote the greatest common divisor of x and y by gcd(x, y).

We can use Sage's gcd function to quickly test whether two numbers are coprime without having to factor them.

In [0]:

gcd(138153809229555633320990299469, 145730407810127891189961221324529)

So Sage can quickly see that these two numbers are coprime, even though the numbers are too large to find the prime factorization.

The greatest common divisor can be found in another way, as seen in the following theorem. The proof of this theorem is more difficult than the previous proofs, since it illustrates a new technique. Go ahead and read the proof of this theorem without trying to prove it on your own. It is still important that you understand the techniques involved.

THEOREM 0.4: The Greatest Common Divisor Theorem
Given two non-zero integers x and y, the greatest common divisor of x and y is the smallest positive integer which can be expressed in the form

u x + v y

with u and v being integers.

Click here for the proof.

Unfortunately, this is a non-constructive proof. Although this theorem proves the existence of the integers u and v, it does not explain how to compute them. Fortunately, there is an algorithm, known as the Euclidean Algorithm which does compute u and v.

We start by assuming that x > y > 0, since we can consider absolute values if x or y are negative. We then repeatedly use the division algorithm to find q_i and r_i such that

x = q₁ y + r₁, 0 ≤ r₁ < y,

y = q₂ r₁ + r₂, 0 ≤ r₂ < r₁,

r₁ = q₃ r₂ + r₃, 0 ≤ r₃ < r₂,

r₂ = q₄ r₃ + r₄, 0 ≤ r₄ < r₃, …

Because the integer sequence {r₁, r₂, r₃, …} is decreasing, this will reach 0 in a finite number of steps, say r_m = 0. Then r_m₋₁ will be gcd(x, y). We can find the values for u and v by solving the second to the last equation for r_m₋₁ in terms of the previous two remainders r_m₋₂ and r_m₋₃, and then using the previous equations recursively to express r_m₋₁ in terms of the previous remainders. This will eventually lead to r_m₋₁ expressed in terms of x and y, which is what we want. It helps to put the remainders r_i in parenthesis, as well as x and y, since these numbers are treated as variables.

EXAMPLE:
Find integers u and v such that 144 u + 100 v = gcd(144, 100).

Using the division algorithm repeatedly, we have

(144) = 1·(100) + (44)
(100) = 2·(44) + (12)
(44) = 3·(12) + (8)
(12) = 1·(8) + (4)
(8) = 2·(4) + (0).

Thus, we see that gcd(144, 100) = 4. Starting from the second to the last equation, we have

(4) = (12) − (8)
= (12) − [(44) − 3·(12)] = 4·(12) − (44)
= 4·[(100) − 2·(44)] − (44) = 4·(100) − 9·(44)
= 4·(100) − 9·[(144) − (100)] = 13·(100) − 9·(144).

Thus, we have u = −9 and v = 13.

We can use Sage to find the numbers u and v from the greatest common divisor theorom (0.4) as follows:

In [0]:

xgcd(144, 100)

This returns a ordered triple. The first number is gcd(x, y), and the other two numbers give one possible set of values for u and v for which u x + v y = gcd(x, y). (There are in fact other posible solutions.) Note that Sage produced the same solution as was obtained via the Euclidean algorithm. This command works for even larger numbers.

In [0]:

xgcd(138153809229555633320199029, 14573040781012789119612213)

We can now start to prove some familiar properties of prime numbers.

LEMMA 0.3: Euclid's Lemma

If a prime p divides a product a b, then either p | a or p | b.

Click here for the proof.

This lemma quickly generalizes using the principle of induction.

LEMMA 0.4

If a prime p divides a product a₁ a₂ a₃ ⋯ a_n, then p divides a_i for some i.

Click here for the proof.

With this lemma, we can finally prove that integer factorization is unique.

THEOREM 0.5: The Fundamental Theorem of Arithmetic

Every integer greater than 1 can be factored into a product of one or more positive primes. Furthermore, this factorization is unique up to the rearrangement of the factors.

Click here for the proof.

We can have Sage compute to prime factorization for us, using the command factor:

In [0]:

factor(420)

If we explore how this factorization is stored,

In [0]:

list(_)

the result is rather cryptic, so it takes a bit of interpretation to understand the answer. Sage returns a sequence of ordered pairs, like (2,2). The first number in the pair is the prime, and the second number represents the number of times that prime occurred.

Integer factorization is a fundamentally difficult problem even with modern technology. As a result, one can easily type in a number that neither Sage, nor any other computer program, will be able to factor in anything short of an astronomical length of time. The amount of time required is proportional to the square root of the second largest prime in the factorization. As long as the integers are less than about 40 digits long, Sage should not have any trouble factoring them. Ironically, the difficulty in factorization will later turn to our advantage!

On the other hand, determining whether or not a number is prime can be done quickly in Sage, even if the number has over 200 digits! The Sage command for testing a prime number is is_prime.

In [0]:

is_prime(10^200 + 357)

How can Sage know for certain that this number is prime when it cannot begin to test for all possible factors? The answer lies in abstract algebra. Using the properties we will discover in this book, it is possible to prove whether or not a number is prime without knowing the factorization. This in turn will have many applications in internet security and cryptology.

Even though you were not asked to try to prove the theorems in this section, you should open the subsection and study the proofs. Soon you will be writing proofs like these yourself!

Functions

The concept of a function is central to virtually every branch of mathematics. There are in fact various ways to define a function, but the concept remains the same. Standard functions in calculus map real numbers to real numbers, but we want to consider a more abstract definition for which the input and output can come from any set.

DEFINITION 0.3
Let A and B be two non-empty sets. A function, or mapping, from A to B is a rule that assigns to every element of A exactly one element of B. The set A is called the domain of the function, and the set B is called the target. If a function f assigns to a the element b, we write f(a) = b, and say that b is the image of a under f.

We will use the notation f : A → B to indicate that f is a function from the set A to the set B. The range of f, or the image of f, is the set

{y | y = f(x) for some x ∈ A}.

This set denoted by either f(A) or Im(f), and is a subset of B.

EXAMPLE:
Let A be the set of integers from 0 to 99, and let B be the set of English letters from a to z. Let ϕ map each integer to the first letter of the English word for that number. For example, ϕ(4) = f. Then the range of ϕ is the set

{e, f, n, o, s, t, z}.

There is often different ways to denote the same element of the set A, so we must be careful that the rule for the function does not depend on the way the element is expressed. Had we extended the last example to include 100, this could be called either "a hundred" or "one hundred." Another example of an ambiguous definition is if we assign to each rational number a/b the value 1/b. But by this rule, f(1/2) ≠ f(2/4), even though 1/2 = 2/4. In order to show that a function is well defined, we must show that if x₁ = x₂, then f(x₁) = f(x₂).

EXPERIMENT:
Consider the function from the set of rational functions (denoted by &#8474) to itself, given by

f(a/b) = gcd(a, b)/b.

Show that this function is well defined.

Many functions possess special properties that we want to explore.

DEFINITION 0.4
We say that a function f : A → B is injective, or one-to-one, if the only way in which f(x) = f(y) is if x = y.

For example, the function in the experiment is not one-to-one, since f(1/3) = f(2/3). In order to prove that a function is one-to-one, we assume that f(x) = f(y), and try to prove that x = y.

EXAMPLE: Consider the function f : defined by ℤ → ℤ defined by

f(x) =	⎧	x + 3	if x is even,
	⎨
	⎩	2 x	if x is odd.

Show that f(x) is one-to-one.

We assume that f(x) = f(y), and work to show that x = y. Because of the way that f(x) is defined, there are several cases to consider.

Case 1) Both x and y are even. Then since f(x) = f(y), x + 3 = y + 3, which implies that x = y.

Case 2) Both x and y are odd. Then since f(x) = f(y), 2 x = 2 y, so again x = y.

Case 3) x is even, and y is odd. Then f(x) = f(y) implies that x + 3 = 2 y, or x = 2 y − 3. But this implies that x is odd, and we started out assuming that x is even. Thus, this case can never happen.

Case 4) x is odd, and y is even. This is a mirror image of case 3, so we find that this case also can never happen.

Thus, we have shown in all cases for which f(x) could equal f(y), then x = y. Hence f is one-to-one.

We can also ask whether the range and the target of a given function are the same set.

DEFINITION 0.5
We say that a function f : A → B is surjective, or onto, if for every b ∈ B there is at least one a ∈ A such that f(a) = b. If a function is both one-to-one and onto, it is called a bijection.

EXAMPLE:
Determine whether the function in the last example is onto.

Since f(0) = 3, f(1) = 2, f(2) = 5, f(3)=6, f(4) = 7, f(5) = 10, …, it seems that f(x) is never 4. Let us suppose that f(x) = 4 and reach a contradiction.

Case 1) x is even. Then x + 3 = 4, so x = 1. But this contradicts that x is even.
Case 2) x is odd. Then 2 x = 4, so x = 2. But this contradicts that x is odd.

Since all cases reach a contradiction, we see that f(x) ≠ 4, and so the function is not onto.

Often our functions will be defined on finite sets. In these cases, it is easy to determine whether or not a function is onto if we have already proven that it is one-to-one.

DEFINIITION 0.6
For a finite set A, we denote the number of elements in the set by |A|. If A is infinite, we write |A| = ∞.

LEMMA 0.5

Let f : A → B be a function that is both one-to-one and onto, and suppose that A is a finite set. Then |A| = |B|.

Click here for the proof.

We can now prove an important principle that will help us to show whether a function is onto.

THEOREM 0.6: The Pigeonhole Principle

Let f : A → B be a function from a finite set A to a finite set B. If |A| = |B| and f is one-to-one, then it is also onto.

Click here for the proof.

We will often need to apply two functions in succession, creating a new function.

DEFINITION 0.7
Let f : B → C and g : A → B be two functions. Then the mapping (f ∘ g): A → C is defined by

(f ∘ g)(x) = f(g(x)) for all x ∈ A.

Note that in f ∘ g, we apply the g function first, and then f. Some textbooks have f ∘ g = g(f(x)), so care must be taken when referring to other texts.

EXAMPLE:
Let

f(x) =	⎧	x + 3	if x is even,	and g(x) =	⎧	3 x	if x is even,
	⎨				⎨
	⎩	2 x	if x is odd,		⎩	x − 1	if x is odd.

Compute f ∘ g and g ∘ f.

For each computation, we need to consider the case x even and x odd separately. To find (f ∘ g)(x) = f(g(x)):

Case 1) x is even. Then g(x) = 3x, which will also be even. Thus, f(g(x)) = 3x + 3.
Case 2) x is odd. Then g(x) = x − 1, which will be even, so f(g(x)) = x + 2. Thus,

f ∘ g =	⎧	3x + 3	if x is even,
	⎨
	⎩	x + 2	if x is odd.

To find (g ∘ f)(x), we also have to consider two cases.

Case 1) x is even. Then f(x) = x + 3, which will be odd. So g(f(x)) = x + 2.
Case 2) x is odd. Then f(x) = 2x, which will be even. So g(f(x)) = 6x. Thus,

g ∘ f =	⎧	x + 2	if x is even,
	⎨
	⎩	6 x	if x is odd.

Note that in this case, f ∘ g ≠ g ∘ f. However, if we have three functions, with f : C → D, g : B → C, and h : A → B, then (f ∘ g) ∘ h = f ∘ (g ∘ h), since both of these expressions represent f(g(h(x))).

If f(x) is both one-to-one and onto, then we will be able to define the inverse function of f.

PROPOSITION 0.1

Let f : A → B be both one-to-one and onto. Then there exists a unique function g : B → A such that g(f(x)) = x for all x in A, and f(g(y)) = y for all y ∈ B.

Click here for the proof.

DEFINITION 0.8
The unique function in Proposition 0.1 is called the inverse function of f(x), and is denoted by f^-1(y).

EXAMPLE:
Consider the function f : ℤ → ℤ given by

f(x) =	⎧	x + 3	if x is even,
	⎨
	⎩	x − 1	if x is odd.

Show that this is both one-to-one and onto, and find f^-1(y).

If f(x) = f(y), the only interesting case is if x is even, and y is odd. Then x + 3 = y − 1, or y = x + 4, which would be even, not odd. Likewise, case where x is odd and y is even leads to a contradiction. Thus, x = y, and f is one-to-one.

To show that f is onto, we must show that for every y, there is an x so that f(x) = y. We break this into two cases.

Case 1) y is even. Then y + 1 will be odd, so f(y + 1) = (y + 1) − 1 = y.
Case 2) y is odd. Then y − 3 is even, so f(y − 3) = (y − 3) + 3 = y.

In both cases, we found an x so that f(x) = y. In the process of determining that f is onto, we computed the inverse.

f^-1(y) =	⎧	y + 1	if y is even,
	⎨
	⎩	y − 3	if y is odd.

So far we have only considered functions with one input variable. But we could also consider functions with two input variables, f(x, y). For simplicity we will only consider the cases where x and y come from the same set, which is also the target set.

DEFINITION 0.9
Let A be a non-empty set. A binary operation is a function that assigns to every x and y in A an element z in A.

Although we could denote a binary operation as z = f(x, y), we will typically denote the operation by the infix notation z = x ∗ y. The symbol ∗ does not always mean multiplication, but its definition depends on the binary operation. Often we will use a dot (·) instead of the asterisk, depending on the context.

EXAMPLE:
Define the binary operation x ∗ y defined on the set ℤ by

x ∗ y = x + y + x y.

Show that (x ∗ y) ∗ z = x ∗ (y ∗ z).

Note that

(x ∗ y) ∗ z = (x + y + x y) ∗ z = x + y + x y + z + (x + y + x y)z
= x + y + z + x y + x z + y z + x y z.

x ∗ (y ∗ z) = x * (y + z + y z) = x + y + z + y z + x(y + z + y z)
= x + y + z + x y + x z + y z + x y z.

Thus, we see that (x ∗ y) ∗ z = x ∗ (y ∗ z).

DEFINITION 0.10
Let ∗ be a binary operation defined on a set A. We say that a subset B of A is closed with respect to ∗ if whenever both x and y are in B, then x ∗ y is in B.

EXPERIMENT:
Let ∗ be the binary operation of the last example. Show that the subset of odd integers is closed with respect to ∗.

Modular Arithmetic

There is an important operation on the set of integers ℤ that we will use throughout the book, based on the division algorithm. It is an abstraction of a counting method often used in every day life. For example, using standard 12 hour time, if it is 7:00 now, what time will it be 8 hours from now? The answer is not 15:00, since clock time "wraps around" every 12 hours, so the correct answer is 3:00. This type of arithmetic that "wraps around" is called modular arithmetic. We formally define modular arithmetic as follows.

DEFINITION 0.11
Let x, y ∈ ℤ, with y > 0. We define the operator

x mod y,

pronounced "x modulo y", to be the unique value r from the division algorithm, which selects q and 0 ≤ r < y such that x = q y + r. The number y is called the modulus.

The mod operation is almost, but not quite, a binary operation on ℤ, since it is not defined if y = 0. Since there is a difference of opinion as to how the operator should be defined for y < 0, we will only use the operator for y > 0.

EXAMPLE:
Compute 8342 mod 43.

Since 8342 = 194·43 + 6, we see that 8342 mod 43 = 6.

For numbers this large, we will use Sage to help. We use the % symbol for the mod operator.

In [0]:

743532645703453453463 % 257275073624623

Sometimes the modulo operation is very easy to compute. For any positive x, x mod 10 will be the last digit in the decimal representation of the number. There are other tricks for small values of y.

A familiar property of standard arithmetic is that the last digit of the sum and product of two positive numbers x and y can be computed using only the last digits of x and y. This can be generalized in the following proposition.

PROPOSITION 0.2
If x, y, and n are integers with n > 0, then

(x + y) mod n = ((x mod n) + (y mod n)) mod n,

and

(x y) mod n = ((x mod n)·(y mod n)) mod n.

Click here for the proof.

We can use Proposition 0.2 to compute powers modulo n. Since raising a number to an integer power is equivalent to repeated multiplication, we see that

(x^y) mod n = (x mod n)^y mod n.

EXAMPLE:
Compute 234⁵ mod 29.

Since 234 mod 29 = 2, the answer is the same as 2⁵ mod 29, and 32 mod 29 = 3.

WARNING: It is not true that

(x^y) mod n = (x mod n)^{(y mod n)} mod n.

That is, we cannot apply the modulus to an exponent. However, there is a trick for simplifying a power in the case that the exponent is large—using the binary representation of the exponent y. The procedure is best explained by an example.

EXAMPLE:
Compute 25³⁵ mod 29.

The number 25³⁵ is 49 digits long, and the base is already smaller than the modulus, so there is no obvious way of simplifying the expression. By looking at the binary representation of 35, we find that 35 = 32 + 2 + 1. Thus,

25³⁵ = 25³²·25²·25¹.

In order to compute 25³² mod 29, we can square the number 5 times.

25² mod 29 = 625 mod 29 = 16,
25⁴ mod 29 = 16² mod 29 = 256 mod 29 = 24,
25⁸ mod 29 = 24² mod 29 = 576 mod 29 = 25,
25¹⁶ mod 29 = 25² mod 29 = 625 mod 29 = 16,
25³² mod 29 = 16² mod 29 = 256 mod 29 = 24.

Finally, we see that

25³⁵ mod 29 = 25³²·25²·25¹ mod 29 = 24·16·25 mod 29 = 9600 mod 29 = 1.

Note that we never had to deal with numbers more than 4 digits long.

The Sage command PowerMod(x, y, n) uses this algorithm to compute x^y mod n.

EXAMPLE:
Use Sage to find 743532645703453453463^{42364872163462467234} mod 2572750736246233264872.

In [0]:

PowerMod(743532645703453453463, 42364872163462467234, 2572750736246233264872)

Note that Sage was able to do this computation fast. We will see that the ability for computers to quickly compute large powers modulo n has applications in internet security.

There is another property of modular arithmetic involving coprime numbers that will be used often throughout the book, known to the ancient Chinese since before 240 C.E.

THEOREM 0.7: The Chinese Remainder Theorem
If x and y in ℤ⁺ are coprime, then given any a and b in ℤ, there is a unique k in ℤ such that

0 ≤ k < x y,

k mod x = a mod x, and

k mod y = b mod y.

Click here for the proof.

This is a constructive proof, since it gives us a formula for finding the value of k.

EXAMPLE:
Find a non-negative number k less than 210 such that

k mod 14 = 3, and
k mod 15 = 7.

Since 14 and 15 are coprime, we begin by finding u and v such that 14 u + 15 v = 1. But there is the obvious solution

14 (−1) + 15 (1) = 1.

Then we compute k to be a v y + b u x = 3·15 + 7·(−14) = −53. But since this is negative, we can add 14·15 to get another solution, 157.

There is a Sage command crt(a, b, x, y) that finds k given the 2 sets {a, b} and {x, y}.

EXAMPLE:
Use Sage to find a number k such that

k mod 771234712398742343 = 573457203572345239 and
k mod 642374682348623642 = 568134658235924534.

In [0]:

crt(573457203572345239, 568134658235924534, 771234712398742343, 642374682348623642)

We can verify that this solution is correct.

In [0]:

155720011750587503187230769057470234 % 771234712398742343

In [0]:

155720011750587503187230769057470234 % 642374682348623642

The Chinese remainder theorem has many applications. One of these is in the distribution of classified information among two or more people in such a way so that no one person can see the information. Each would receive one of the two (or more) modulus conditions, which is not enough information to determine the number k. Only when all of the pieces of the problem are assembled can k be determined, which can be decoded.

Another application is in solving linear congruence equations of the form

(a x) mod n = b.

This can be solved by letting k = a x. Then

k mod a = 0, and
k mod n = b.

Since k is known, we can find x.

EXAMPLE:
Solve the linear congruence equation

12 x mod 19 = 3.

We need to solve k mod 12 = 0 and k mod 19 = 3. Thus, we must first find a u and v such that 12 u + 19 v = 1. Using the Euclidean algorithm, we find that

8·12 + (−5)·19 = 1.

Using these values of u and v, we have that

k = a v y + b u x = 0·(−5)·19 + 3·8·12 = 192.

Finally, x = 12 k, so x = 24. Note that we can add or subtract multiples of 19 to get other solutions, so x = 5 also works.

Rational and Real Numbers

Having studied the properties of integers, let us turn our attention to rational numbers and real numbers. The set of rational numbers ℚ can be described as the numbers of the form p/q, where p is an integer and q is a positive integer.

Although the group ℚ is easy to define, it is often hard to visualize. One way to illustrate the rationals graphically can be seen by executing the following Sage command:

In [0]:

ShowRationals(-5, 5)

This plot helps to visualize the rational numbers from −5 to 5 using a sequence of rows. The n^th row represents the rational numbers in simpliest form whose denominator is equal to n. Thus, the first row represents the integers, the second row the half integers, and so on. Each row is drawn three-fourths closer to the x-axis than the previous row. In principle there would be an infinite number of rows, getting closer and closer to each other as they get close to the x-axis.

Even though this plot does not show all of the rational numbers (since there are an infinite number of them), we can zoom in on this graph to see more detail. Simply use different upper and lower bounds. For example, we can zoom in on the apparent "gap" close to the origin:

In [0]:

ShowRationals(0, 0.1)

This picture seems to indicate that there are not any rationals between 0 and about 0.04. Is this true?

EXPERIMENT:
Change the 0 and 0.1 in the above command to zoom in even closer on this gap. Try to find an interval in which there are no points plotted in the graph. Can you find an interval without any rational numbers?

In doing this experiment you not only might make a discovery about rational numbers, but you might even be able to see why this property is true.

PROPOSITION 0.3
If a and b are any two different real numbers, then there is a rational number between a and b.

Click here for the proof.

It is not hard to extend this proposition to show that between any two numbers, there are in fact an infinite number of rational numbers.

There are some other properties of the rational numbers that are suggested by the Sage plot. Here is the plot again, from −5 to 5:

In [0]:

ShowRationals(-5,5)

Having all of these dots on a page may tempt one to play "dot to dot" to see if a picture forms. In this case there may not be a picture, but perhaps some pattern can be formed by connecting these dots. Go ahead and try it!

EXPERIMENT:
Make a printout of the above plot and try to find a way to start at one point, then connect all of the dots using a sequence of straight lines. Try to keep the path from crossing itself. The aim is not just to connect the dots which are printed, but to created a pattern which, when continued indefinitely, will eventually hit every rational number no matter how close to the x-axis it appears, or how far to the left or right of the origin it is. There are, in fact, many ways this can be done.

What does this experiment show? When we are connecting the dots together, we are, in fact, forming a sequence of rational numbers. By finding a way to connect the dots so that every rational number is eventually hit, we have found an infinite sequence that includes every rational number once and only once. In other words, there are just as many rational numbers as there are integers! This is at first surprising since we just saw that there are many more rationals, in fact an infinite number of them between any two.

DEFINITION 0.12
A set S is called countable if there is an infinite sequence of elements from the set that includes every member of the set.

What do sequences have to do with comparing the sizes of two sets? A sequence can be considered as a function between the set of positive integers and the set S. If a sequence manages to include every member of the set S, then it stands to reason that there are at least as "many" positive integers as there are elements of S. The shocking fact is that even though it would first appear that there must be infinitely many more rational numbers than integers, in fact the two sets have the same size.

PROPOSITION 0.4
The set of rationals forms a countable set.

Click here for the proof.

Even though we have shown that there are an infinite number of rational numbers between any two numbers, the natural question to ask is whether there are numbers that are not rational. The first discovery of a number that was not rational was the square root of two, proven by the Greeks.

PROPOSITION 0.5
There is no rational number p/q such that (p/q)² = 2.

Click here for the proof.

This proof is another example of a reductio ad absurdum proof. That is, we assume that the statement we were trying to prove was false, and proceeded until we reach a contradiction.

If real numbers which are not rational are called irrational numbers. Irrational numbers are characterized by the fact that their decimal representation never repeats. With Sage, we can look at as many digits of √2 as we want, and see that there is no pattern. Here are the first 1000 digits.

In [0]:

N(sqrt(2), digits = 1000)

We will denote the set of real numbers, both rational and irrational, by ℝ.

We have already proven that there is, in essence, the same number of rational numbers as integers. This may not come as too much of a shock, since both sets are infinite, so logically two infinite sets ought to be the same size. But the set of real numbers is also infinite, so one might be tempted to think that there is the same number of real numbers as integers. However, the number of reals is "more infinite" than the number of integers. In other words, we cannot construct a sequence of real numbers that contains every real number, as we did for rational numbers. This surprising fact was proved by Georg Cantor using a classic argument.

THEOREM 0.8: Cantor's Diagonalization Theorem
The set of all real numbers between 0 and 1 is uncountable. That is, there cannot be a sequence of numbers that contains every real number between 0 and 1.

Click here for the proof.

We will use the sets ℚ and ℝ throughout this book, so knowing the properties of these two sets will be important in many of the examples.

Proofs:

Proof of Theorem 0.1:

Since y > 0, we can consider the rational number x/y. Let q be the largest integer that is less than or equal to x/y. That is, we will pick the integer q so that

q ≤ x/y < q + 1.

Multiplying by y, we have

y q ≤ x < y q + y.

If we let r = x − y q, we have 0 ≤ r < y, and also x = y q + r, so we have found integers q and r that satisfy the required properties.

In order to show that q and r are unique, let us suppose that q and r are two other integers that satisfy the required conditions. Then q y + r = q y + r, so

(q − q)y = r − r.

Since both r and r are between 0 and y − 1, the right hand side is less than y in absolute value. But the left hand side is at least y in absolute value unless q = q. This in turn will force r = r, so we see that the solution is unique.

Return to text

Proof of Lemma 0.1:

Suppose that some number greater than 1 does not have a prime factor. Then we consider the set of all integers greater than 1 which do not have a prime factor, and using the well ordering axiom, we find the smallest such number, called n. Then n is not prime, otherwise n would have a prime factor. Then by definition, n must have a positive divisor besides 1 and n, say m. Since [removed]1 < m < n, and n was the smallest number greater than 1 without a prime factor, m must have a prime factor, say p. Then p is also a prime factor of n, so we have a contradiction. Therefore, every number greater than 1 has a prime factor.

Return to text

Proof of Theorem 0.2:

Suppose that there are only a finite number of prime numbers. Label these prime numbers

p₁ = 2, p₂ = 3, p₃ = 5, p₄ = 7, …, p_n.

Now consider the number

m = (2·3·5·7·11·13···p_n) + 1.

This number is odd, so it cannot be divisible by 2. Likewise, m is one more than a multiple of 3, so it is not divisible by 3. In this way we see that m is not divisible by any of the prime numbers. But this is ridiculous, since m must have a prime factor by Lemma 0.2. Thus, the original assumption that there is a largest prime number is false, so there are an infinite number of prime numbers.

Return to text

Proof of Theorem 0.3:

Suppose there is some integer greater than a which is not in S. Let T be the set of integers greater than a but are not in S. Since T is non-empty, by the well ordering axiom we can let n be the smallest member of T. Note that n ≠ a, since a is in S. Also, all integers between a and n would have to be in S, lest there be a smaller value in T. But by the property of S, n would have to be in S, hence not in T. This contradiction shows that there is no integer greater than a that is not in S, which is equivalent to saying all integers greater than or equal to a are in S.

Return to text

Proof of Lemma 0.2:

In this case, our starting point is 2, so let us prove that statement is true for n = 2. Since 2 is prime, we can consider 2 to be the product of one prime, so we are done.

Let us now assume the statement is true for all integers 2 ≤ k < n, and work to prove the statement is true for the case n. If n is prime, we have n as the product of one prime. If n is not prime, then we can express n = a b, where both a and b are between 1 and n. By our assumption, a and b can both be expressed as a product of positive primes, and so n can also be expressed as a product of primes. Thus, by mathematical induction, the statement is true for all n ≥ 2.

Return to text

Proof of Theorem 0.4:

Let A denote the set of all positive numbers that can be expressed in the form u·x + v·y. Note that both |x| and |y| can be written in the form u·x + v·y, so we can consider the smallest positive number n that can be written in the form u·x + v·y. Note that gcd(x, y) is a factor of both x and y, so gcd(x, y) must be a factor of n.

By the division algorithm (Theorem 0.1), we can find q and r, with 0 ≤ r < n, such that x = q n + r. Then

r = x − q n = x − q (u x + v y) = (1 − q u)x + (−v)y,

which is in the set A. If r ≠ 0, then r would be a smaller positive number in A than n, which contradicts the way we chose n. Thus, r = 0, and n | x. By a similar reasoning, n is also a divisor of y. Thus, n is a common divisor of x and y, and since the gcd(x, y) is in turn a divisor of n, n must be equal to gcd(x, y).

Return to text

Proof of Lemma 0.3:

Suppose that p ∤ a, so that p and a are coprime. By the greatest common divisor theorem (0.4), there exist integers u and v such that u a + v p = 1. Then

u a b + v p b = b.

Since p divides both terms on the left hand side, we see that p | b. Thus, p must divide either a or b.

Return to text

Proof of Lemma 0.4:

We will use induction on n. The starting case n = 2 is covered by Euclid's Lemma (0.3). Let us suppose the theorem is true for the case n − 1. That is, if p divides a₁ a₂ a₃ ⋯ a_n₋₁, then p divides a_i for some i. If we let b = a₁ a₂ a₃ ⋯ a_n₋₁, then a₁ a₂ a₃ ⋯ a_n = b a_n. By Euclid's Lemma (0.3), if p divides b a_n, then p divides either b or a_n. But if p divides b, then by induction p divides a_i for some 1 ≤ i ≤ n − 1. So it either case, p divides a_i for some 1 ≤ i ≤ n.

Return to text

Proof of Theorem 0.5:

Lemma 0.2 shows that all integers greater than 1 can be expressed as a product of positive primes. So we only have to show uniqueness. That is, we must show that if

p₁ p₂ p₃ ⋯ p_n = q₁ q₂ q₃ ⋯ q_m,

where p₁, p₂, … p_n, q₁, q₂, … q_m are all positive primes, then n = m, and the q_i are a rearrangement of the p_i. We will use induction on n, the number of prime factors in the first factorization.

If n = 1, then p₁ = q₁ q₂ q₃ ⋯ q_m, and since p₁ is prime and cannot have more than one factor, we must have m = 1, and so p₁ = q₁.

By Lemma 0.4, since p_n | q₁ q₂ q₃ ⋯ q_m, p_n must divide one of the q_i's. Since p_n and q_i are both positive primes, we find that p_n = q_i. By rearranging the remaining q's, we can write

p₁ p₂ p₃ ⋯ p_n = q₁ q₂ q₃ ⋯ q_m−1 p_n.

Thus,

p₁ p₂ p₃ ⋯ p_n−1 = q₁ q₂ q₃ ⋯ q_m−1.

By induction we can assume that the statement is true for the case n − 1, and so n − 1 = m − 1, hence n = m, and the q_i are a rearrangement of the p_i.

Return to text

Proof of Lemma 0.5:

We will use induction on the size n = |A|. If A has only one element, a₁, then f(a₁) = b₁, and B = {b₁}. Let us suppose that the statement is true for n − 1.

If A = {a₁, a₂, a₁, … a_n}, then f(a_n) = b for some b ∈ B. If we let A = A − {a_n}, that is, we remove the element a_n from the set A, and B = B − {b}, then we can define the function f : A → B by f(x) = f(x) for x ∈ A. Since f is a bijection, so is f, since no other element of A could map to b. By induction, we see that |A| = |B|, and so |A| = |B|.

Return to text

Proof of Theorem 0.6:

Let B be the range of f. Then the function f : A → B would be both one-to-one and onto, so by Lemma 0.5 we have |A| = |B|. Since we also have that |A| = |B|, then B = B, so the function is onto.

Return to text

Proof of Proposition 0.1:

Because f is both one-to-one and onto, for every y ∈ B there is a unique x ∈ A such that f(x) = y. Thus, we can define g(y) to be that value x such that f(x) = y. By the way g(y) is defined, we see that f(g(y)) = y for all y ∈ B. If we apply the function g to both sides of this equation, we have g(f(g(y))) = g(y). Since every element x ∈ A can be written as g(y) for some y ∈ B, we can replace g(y) with x to get g(f(x)) = x for all x ∈ A.

To show that the function is unique, suppose there is another function h(x) : B → A. Then

h(y) = h(f(g(y))) = (h ∘ f)(g(y)) = g(y) for all y ∈ B.

Thus, h = g, showing that the function is unique.

Return to text

Proof of Proposition 0.2:

In both equations, the two sides are between 0 and n − 1, so it is sufficient to show that the difference of the two sides is a multiple of n. Let a = x mod n, b = y mod n, c = (x + y) mod n, and d = (x y) mod n. Then there are integers q₁, q₂, q₃, and q₄ such that

x = q₁ n + a, y = q₂ n + b, x + y = q₃ n + c, x y = q₄ n + d.

For the first equation, we note that

c − (a + b) = (x + y − q₃ n) − ((x − q₁ n) + (y − q₂ n))
= q₁ n + q₂ n − q₃ n = (q₁ + q₂ − q₃) n.

Thus, the two sides of the first equation differ by a multiple of n. Likewise, for the second equation, we see

d − a b = (x y − q₄ n) − (x − q₁ n)·(y − q₂ n)
= q₁ q₂ n² − y q₁ n − x q₂ n − q₄ n = (q₁ q₂ n − y q₁ − x q₂ − q₄) n.

So again, the two sides of the second equation differ by a multiple of n.

Return to text

Proof of Theorem 0.7:

We will begin by showing that there cannot be more than one such number.

Suppose we have two different numbers, k and m, which satisfy the above conditions. Then

(k − m) mod x = 0 and (k − m) mod y = 0.

Thus, k − m must be a multiple of both x and y. But since x and y are coprime, the least common multiple of x and y is x y. Thus, k − m is a multiple of x y.

However, both k and m are less then x y. So the only way this is possible is for k − m = 0, which contradicts our assumption that k and m were distinct solutions.

To show that there is a solution, we first note that since x and y are coprime, by the greatest common divisor theorem (0.4), there are integers u and v such that u x + v y = 1. Then we can consider the number

k = (a v y + b u x) mod (x y).

Clearly 0 ≤ k < x y, so we only have to show that k mod x = a mod x and k mod y = b mod y. Since v y = 1 − u x,

k mod x = (a v y + b u x) mod x
= (a(1 − u x) + b u x) mod x
= (a + u x(b − a)) mod x = a mod x.

Likewise, since u x = 1 − v y,

k mod y = (a v y + b u x) mod y
= (a v y + b(1 − v y)) mod y
= ((b + v y(a − b)) mod y = b mod y.

Return to text

Proof of Proposition 0.3:

Let x = |a − b|. Since x is not zero, we let q be any integer that is greater than 1/x. Then |a·q − b·q| = q·x > 1, so there must be an integer between a·q and b·q, which we will call p. But then p/q will be between a and b, and the proposition is proved.

Return to text

Proof of Proposition 0.4:

In order to show that the rationals are countable, we need a sequence that will eventually contain every rational somewhere in the sequence. Equivalently, we can connect the dots of the figure formed from

In [0]:

ShowRationals(-5,5)

using a pattern that would, in principle, reach every dot of this figure extended to infinity.There are of course many ways to do this, but one way is given by the patten in

In [0]:

CountableQ(5)

Here is a picture which shows more of this pattern:

In [0]:

CountableQ(9)

This path starts at 0, and swings back and forth, each time hitting the rationals on the next row. Since there are an infinite number of rows, we can extend this pattern indefinitely, and every rational number will eventually be hit by this path.This path gives rise the the sequence

{0, 1, 1/2, -1/2, -1, -2, -3/2, -2/3, -1/3, 1/3, 2/3, 3/2, 2, 3, …}

which contains every rational number, so we have shown that the rationals form a countable set.

Return to text

Proof of Proposition 0.5:

Suppose that there was such a rational number, p/q. Let us further suppose that p/q is in simplest form, so that p and q are integers with no common factors. We could rewrite the equation (p/q)² = 2 as

p² = 2 q².

This would indicate that p² is an even number, which implies that p is even.

Next, we make the substitution p = 2r, where r is an integer. This produces the equation

(2 r)² = 2 q², or

2 r² = q².

This would indicate that q², and hence q, is even. But this contradicts the fact that p/q was written in simplest form. Thus, there is no rational number whose square is 2.

Return to text

Proof of Theorem 0.8:

We begin by assuming that we can form such a sequence

{a₁, a₂, a₃,…}

and work to find a contradiction. The plan is to find a number b that cannot be in this list. We can do this by forcing b to have a different first digit than a₁, a different second digit than a₂, a different third digit than a₃, and so on. The only technical problem with this is that some numbers have two decimal representations, such as

0.348600000000000000…= 0.3485999999999999999….

For these numbers, all we need to do is require that both representations are in the list. (That is, some rational numbers will appear twice on the list with different decimal representations.)

We now can find a number b using any number of procedures, such as letting the n^th digit of b be one more than the n^th digit of a_n, mod 10. For example, if the list of numbers is

a₁ = 0.94837490123798570…

a₂ = 0.83840000000000000…

a₃ = 0.83839999999999999…

a₄ = 0.34281655343424444…

then b = 0.0499… . Certainly b is missing from the list, since it differs from each member of the list by at least one digit. This contradiction proves the theorem.

Return to text

Sage Interactive Problems

§0.1 #41)
Use Sage to find integers u and v such that

876543212345678 u + 123456787654321 v = 1.

§0.1 #42)
Use Sage to find integers u and v such that

98765432123456789 u + 12345678987654321 v = 1.

§0.1 #43)
Use Sage to find the factorization of 987654321.

§0.1 #44)
Use Sage to find the factorization of 12345678987654321.

§0.1 #45)
Use Sage to find the factorization of 98765432123456789.

§0.2 #42)
Consider the function

f(x) = 2 ⌊x⌋ − x.

Sage uses the function floor to denote ⌊x⌋. Thus, we can have Sage plot this function with the commands

In [0]:

f(x) = 2*floor(x) - x

In [0]:

plot(f(x), [x, 0, 5])

Judging by the graph, is this function one-to-one? Is it onto? (Ignore the vertical lines in the graph.)

§0.2 #43)
Define a function g(x) in Sage such that f(g(x)) = x for all x, using the function from Problem 42. Note that the formula must work for both integers and non-integers. Is g(f(x)) always equal to x?

§0.3 #39)
Use Sage's PowerMod function to compute

235155792357923947529^{75289347972935390234} mod 4623452735792375925234.

§0.3 #40)
Use Sage's PowerMod function to compute

9384572893472723523452^{24523523452345216644} mod 8376258362352836587697.

§0.3 #41)
Use Sage's crt function to find the solution to the system

k mod 9243798374502516137 = 237521646243353626,

and

k mod 1978654573572351516 = 26325673245684223.

§0.3 #42)
Use Sage's crt function to find the solution to the system

k mod 8675612376265160933543 = 152352352346254753548,

and

k mod 6226345262345235236201 = 526352346234573523464.

§0.3 #43)
Use Sage to solve the linear congruence equation

7289475362034522153 x mod 915156238625161124 = 210982524590982446.

§0.3 #44)
Use Sage to solve the linear congruence equation

9357298518686215025 x mod 1965156273498612512 = 1871551633523628256.

§0.4 #25)
Notice that in the plot of rational numbers between 0.03 and 0.1,

In [0]:

S = ShowRationals(0.03,0.1); S

that most of the points shown seem to lie on a curve. Try to find the equation of this curve, using the fact that each dot is three fourths closer to the x-axis than the previous dot. Verify your answer by replacing the 100*x^2 with your curve, and execute the following command:

In [0]:

P = plot(100*x^2, [x, 0.03, 0.1]); P + S

(Hint: Scale the function so that f(0.1) = 1.)

§0.4 #26)
If we begin the sequence in Problem 1 of the textbook with an irrational number, all terms of the sequence will be irrational. Explore what happens if we consider the same formula, but start with a₀ = √2.

In [0]:

a = sqrt(2); a

In [0]:

a = Together(1/(1 + 2*floor(a) - a)); a

Here, floor(a) calculates ⌊a⌋, and Together rationalizes the denominator. By repeatedly evaluating the last statement, we can compute the sequence {a₀, a₁, a₂, a₃, …}. Note that a₆ is √2 plus an integer. When is the next time in the sequence that a_n is an integer plus √2?

In [0]:

Integer Factorization

Functions

Modular Arithmetic

Rational and Real Numbers

Proofs:

Sage Interactive Problems

Product

Resources

Company