Lecture 14

Many people, particularly those who like numerical calculations with integers (like computer programmers), use all this as an excuse to define a function, which in some languages is written “%\%”, which gives the remainder upon division (so that a%ba\% b is an integer between 00 and b1b-1). So they say, for example, that 137%100=37137\% 100 = 37, and 7%2=17\% 2 = 1.

This works fairly well for the computer programmers, but for us it’s a little unsatisfying. While it’s true that every number is congruent (modulo 77) to a unique number from {0,1,2,3,4,5,6}\{0,1,2,3,4,5,6\}, there’s nothing much special about that set. It’s also true that every number is congruent (modulo 77) to a unique number in the set {1,2,3,4,5,6,7}\{1,2,3,4,5,6,7\}. And it’s also true that every number is congruent (modulo 77) to a unique number in the set {3,2,1,0,1,2,3}\{-3,-2,-1,0,1,2,3\}. And, in fact, I can think of situations where all those facts are useful.

So it’s important we just think of the unique number in {0,,b1}\{0,\ldots,b-1\} as just one out of many equally good ways of describing our number, up to congruence modulo bb.

Next semester, you’ll come to regard the integers, considered up to congruence modulo mm, as a system of numbers in its own right (and why not? We can add them and subtract them and multiply them, all considered only up to congruence modulo mm). This system of numbers is commonly called Z/mZ\mathbb{Z}/m\mathbb{Z} (for reasons which will remain obscure at least for a year or two more).

So, for example, the system Z/2Z\mathbb{Z}/2\mathbb{Z} consists of two “numbers” which could be called “even” and “odd” (or 0 and 1; or 1 and 2), subject to the arithmetic laws you’d expect (like even+odd=odd\text{even} + \text{odd} = \text{odd}).

This is novel in one important sense. In the past, every time we’ve introduced a new system of numbers, it’s contained the system we were thinking about before. We’ve built NZQRC.\mathbb{N}\subset \mathbb{Z}\subset \mathbb{Q}\subset \mathbb{R}\subset \mathbb{C}. But Z/mZ\mathbb{Z}/m\mathbb{Z} doesn’t seem to work like this in this framework. It’s related to Z\mathbb{Z}, but doesn’t really live inside it. Similarly, the set of “times of day” isn’t a subset of the set of times: for example, there’s no one special point of time in history called “2pm”, just many examples of 2pm on many different days (and the same goes for “days of the week”, and “months of the year”).

In the case where m=2m=2, you’re probably comfortable with the fact that “odd” and “even” form something like a system of numbers (because you can add them and subtract them and multiply them), but while they’ve obviously got something to do with Z\mathbb{Z}, there’s no one integer called “odd” and no one integer called “even”.

Modular arithmetic, to other moduli, is similar (we just don’t have clever names like “even” and “odd”).

Congruence equations

We’ve now laid the foundations of modular arithmetic, the study of congruences. After all that philosophy, we should do some sums.

The set of all solutions to x3(mod7)x\equiv 3\pmod{7} seems like a perfectly explicit description of a class of numbers: it’s a congruence class modulo 77, the class of numbers of the form 7n+37n+3. So we can start listing them easily: ,11,4,3,10,17,.\ldots, -11, -4, 3, 10, 17, \ldots.

But what is the set of solutions to 5x3(mod7)5x\equiv 3\pmod{7}?

That’s not a particularly satisfactory description of a set of numbers: it’s a pain to list them, so we should ask for better.

However, we can get a more satisfactory list just using techniques we already know. The condition 5x3(mod7)5x\equiv3\pmod{7} says that 75x37\mid 5x-3, which in turn says that 7k=5x37k=5x-3 for some kk. Rearranging, that says that 5x7k=35x-7k=3. But we know how to get a general solution for those!

Indeed, we find that gcd(5,7)=1\gcd(5,7)=1, and as 131\mid 3 there are solutions. First we try to find a single one.

We can get a solution to 5x7k=15x-7k=1 (by guessing, or by using Euclid’s algorithm backwards) such as x=3,k=2x=3,k=2. This means (by tripling both sides) that a solution to 5x7k=35x-7k=3 is given by x=9,k=6x=9, k=6.

To find other solutions, we subtract 5×97×6=35\times9-7\times6=3 from 5x7k=35x-7k=3 to get 5(x9)7(k6)=05(x-9)-7(k-6)=0.

Hence 5(x9)=7(k6)5(x-9) = 7(k-6), so 75(x9)7\mid 5(x-9). As 77 and 55 are coprime, this means that 7(x9)7\mid(x-9). So it’s equivalent to x2(mod7)x\equiv 2\pmod{7}, which is a nice description!

We can regard linear equations in modular arithmetic as asking about division. After all, asking about solutions to the linear equation 5x=35x=3 is asking “can we divide 33 by 55”? So the fact that 2×53(mod7)2\times 5\equiv 3\pmod{7} might be regarded as saying that we can divide 33 by 55 (modulo 77), and we get 22 when we do so.

But division in modular arithmetic is more complicated than in the integers. Of course, integer division is unique where it exists. In other words, if I choose integers aa and bb (with bb nonzero) and ask about integer solutions to ax=b,ax=b, then two things can happen: either there is a unique solution (as with 3x=63x=6), or there’s no solution at all (as with 4x=74x=7).

That’s not true in modular arithmetic, as the following examples show:

Even if you don’t want to do division in modular arithmetic, you still have to be careful about cancellation.

In ordinary arithmetic over the integers, we know that ax=ayax=ay implies x=yx=y (provided that aa isn’t zero, of course). This is true even though we don’t know how to divide integers in general.

But we can’t always cancel in modular arithmetic: the third example above tells (for example) that 2327(mod8)2\cdot 3\equiv 2\cdot 7\pmod{8}, but that 3≢7(mod8)3\not\equiv 7\pmod{8}.

Here’s a fact, mostly a repackaging of some observations we made in a previous lecture, about diophantine equations, saying when we can divide 11 by things in modular arithmetic.


Let aa and mm be integers. There is an integer bb such that ab1(modm)ab\equiv 1\pmod{m} if and only if gcd(a,m)=1\gcd(a,m)=1.

When such a number bb does exist, it’s unique (modulo mm).


We deal with existence first.

Using Bezout’s lemma, we know we can find integers bb and cc such that ab+mc=1ab+mc=1 if and only if gcd(a,m)1\gcd(a,m)\mid 1.

But gcd(a,m)1\gcd(a,m)\mid 1 if and only if gcd(a,m)=1\gcd(a,m)=1, and the equation ab+mc=1ab+mc=1 says exactly that ab1(modm)ab\equiv 1\pmod{m}.

Now we deal with uniqueness.

Suppose that we have two numbers bb and bb' such that ab1(modm)ab\equiv 1\pmod{m} and ab1(modm)ab'\equiv1\pmod{m}. Then bb1b(ab)(ba)b1bb(modm),b \equiv b1 \equiv b(ab') \equiv (ba)b' \equiv 1b' \equiv b'\pmod{m}, which shows uniqueness modulo mm.