Here’s the general case:
[Euclid’s algorithm] Suppose we must calculate the greatest common divisor of two positive integers. Call them and with . If they’re not in the right order, we can swap them over earlier.
By division with remainder, we can write for some integers and with .
But then we have and since and we’ve made our numbers smaller.
If we keep doing this repeatedly, we’ll end up making one of the numbers zero and can stop (since ).
One might reasonably wonder just how fast Euclid’s algorithm really is. One good answer (not very hard to prove) is that if you’re trying to work out and , then the number of steps you need is always less than five times the number of digits of .
So working out will take less than divisions (actually, this one takes a lot less than , if you try it). Compared with the other methods we discussed, this makes it seem really good.
Euclid’s algorithm is in fact even more useful than it looks: using Euclid’s algorithm, if we have , that enables us to write in the form for some integers and . (We say that we’re writing it as a linear combination of and ). This will be really useful later: I promise!
Let’s see how this works with an example. We saw earlier that , so we expect to be able to find integers and such that .
Along the way we found that: Working through that backwards, we get that
Similarly, when we calculated that , we found that: This means that
In general, if we have positive integers and , with , we can start defining a sequence as follows:
is the remainder upon dividing by :
This is a decreasing sequence, and eventually we will get for some ; we can’t divide by zero, so we end the sequence there.
We then have
Let’s write for this.
Now, we have , so , so we can write as a linear combination of and .
We have , so , so substituting in we can write as a linear combination of and .
Proceeding in this way, we end up with as a linear combination of and : in other words, of and .
We’ve proved the following:
[Bezout’s Lemma] Let and be two integers with . Then there are integers and such that .
In fact, slightly more is true:
Let and be two integers with . Then, for an integer , we can write in the form if and only if .
The “if” part: We must prove that, if , then we can write as a linear combination of and .
However, since , we can write for some . Also, by the above Proposition we can write for some and . But then as required.
The “only if” part: We must prove that if , then . But, since we have and , and hence also and , and therefore as required.