Lecture 19

Let’s see an example.

Suppose Bob has low opinions of Eve’s calculational skills, and chooses to use the (unrealistically small) primes p=101p=101 and q=103q=103. Then pq=10403pq = 10403. Suppose also that Bob chooses e=71e=71 for the exponent used for encryption.

Bob advertises that his public key is pq=10403pq = 10403, e=71e=71. He must work out his private key, by inverting 7171 modulo (p1)(q1)=10200(p-1)(q-1)=10200. A quick use of Euclid’s algorithm will do this for him, and he gets that 71143171^{-1}\equiv 431. Indeed, 71×431=30601=3×10200+1.71\times 431 = 30601 = 3\times 10200+1. Thus his private key is pq=10403pq = 10403, d=431d = 431.

Suppose Alice decides she needs to send Bob message 12451245, which they’ve agreed in advance should mean “please meet me after this lecture”.

Then Alice has to calculate 1245711245^{71} modulo 1040310403. This sounds scary, but she can do it fairly quickly if she’s careful: 12457112451245701245(12452)351245103813512451038110381343819(103812)173819484173819484484167065(4842)87065539087065(53902)47065692447065(69242)2706547522706569948763.\begin{aligned} 1245^{71} {}\equiv 1245\cdot 1245^{70} {}\equiv 1245\cdot (1245^2)^{35}\\ {}\equiv 1245\cdot 10381^{35} {}\equiv 1245\cdot 10381\cdot 10381^{34} {}\equiv 3819\cdot (10381^2)^{17}\\ {}\equiv 3819\cdot 484^{17} {}\equiv 3819\cdot 484\cdot 484^{16} {}\equiv 7065\cdot (484^2)^8\\ {}\equiv 7065\cdot 5390^8 {}\equiv 7065\cdot (5390^2)^4 {}\equiv 7065\cdot 6924^4\\ {}\equiv 7065\cdot (6924^2)^2 {}\equiv 7065\cdot 4752^2\\ {}\equiv 7065\cdot 6994 {}\equiv 8763.\end{aligned}

So she sends Bob 87638763.

Bob receives this, and his task then is to calculate 87634318763^{431} modulo 1040310403. A similar strategy makes this possible, too, and he finds that 87634311245(mod10403),8763^{431}\equiv 1245\pmod{10403}, so he has reconstructed Alice’s message.

The real numbers

Irrational numbers

We’ve spent nine lectures now talking about N\mathbb{N}, Z\mathbb{Z} and Q\mathbb{Q}, laying the foundations of number theory. The rest of this course will be about R\mathbb{R}. Perhaps sensibly enough, the study of R\mathbb{R} is called real analysis.

Let’s set ourselves back to a time before R\mathbb{R} was invented, and ask: why was it necessary to invent it? Why should we feel that Q\mathbb{Q} is not enough?

The result that set the ancient Greeks thinking was this:


There is no rational number xQx\in\mathbb{Q} such that x2=2x^2 = 2.


We’ll prove this by contradiction; suppose there is such a number xQx\in\mathbb{Q}. Because it’s in Q\mathbb{Q}, it takes the form x=p/qx = p/q for some integers pp and qq with q0q\neq 0.

We may as well take pp and qq to be coprime (“in lowest terms”).

Then we have p2/q2=x2=2p^2/q^2 = x^2 = 2, so p2=2q2p^2 = 2q^2 with pp and qq coprime.

Now, the right-hand side is even (it’s given as a multiple of 22, so the left-hand side, p2p^2 must be even too. That means that pp itself must be even: so we can write p=2rp = 2r.

Then we have (2r)2=2q2(2r)^2 = 2q^2, which simplifies to 4r2=2q24r^2 = 2q^2, or 2r2=q22r^2 = q^2. Here the left-hand side is even, so q2q^2 must be even. Hence qq itself must be even.

This is a contradiction: pp and qq can’t both be even. So our initial assumption is absurd, and there is no rational xx with x2=2x^2 = 2.

I felt obliged to word the statement of that theorem fairly carefully.

What I wanted to say, of course, was:

The number 2\sqrt{2} is not in Q\mathbb{Q}.

But I want to flag that up as being possibly inappropriate: our aim in this section is to define the reals. We shouldn’t even be confident that 2\sqrt{2} exists yet.

However, thanks to this theorem, we can be confident at least that there’s no number inside Q\mathbb{Q} which deserves to be called 2\sqrt{2}.

This, to the Greeks, was evidence that there was a world beyond Q\mathbb{Q}; a world of irrational numbers (numbers not in Q\mathbb{Q}). They needed a number called 2\sqrt{2}, so they could talk about the diagonal of a unit square:

Over the years, more and more examples were found of numbers which one might want to talk about, but which cannot be in Q\mathbb{Q}: various powers, logarithms, sines, cosines, and other constructions besides.

One high point includes the proof by Lambert in 1761 that π\pi and ee are irrational.

On the other hand, modern mathematics is still not particularly good, in general, at proving that numbers are irrational. For example, if you want to become famous, simply prove (please…) that any one of the following numbers are irrational: π+e,πe,πe,π/e,lnπ,ee,eee.\pi+e,{}\quad \pi-e,{}\quad \pi e,{}\quad \pi/e,{}\quad \ln\pi,{}\quad e^e,{}\quad e^{e^e}.

For centuries, the real numbers were considered in an informal way: nobody knew exactly how to define R\mathbb{R}, but they knew what it ought to look like.

For the time being, and for the time being only we’ll investigate the reals in a similar, informal way. For now, you can regard the real numbers R\mathbb{R} as being built out of decimals (as you did at school). In the last lecture of the course, we’ll sort this out, and consider a modern construction of the reals.

Our mental picture of the reals should be a picture of a numberline. Here’s a numberline with some interesting points marked on:

I’ve marked on the integers 1-1, 00, 11, 22 and 33, which are all in Z\mathbb{Z} and hence in Q\mathbb{Q}.

I’ve also marked on 2\sqrt{2}, which we now know to be irrational, and π\pi, which I’ve claimed to you is irrational: these things are in the set R\Q\mathbb{R}\backslash\mathbb{Q} of irrational numbers.

In my mind, I think of the real numbers R\mathbb{R} as a solid line, and the rational numbers Q\mathbb{Q} as a very fine gauze net stretched out within it.

Bear in mind that that the rationals Q\mathbb{Q} are a lovely system of numbers: we can add and subtract and multiply and divide rationals and remain inside the rationals. Formally: if xQx\in\mathbb{Q} and yQy\in\mathbb{Q}, then x+yx+y, xyx-y, xyxy and x/yx/y (if yy is nonzero) are all elements of Q\mathbb{Q}. We say that Q\mathbb{Q} is closed under addition, subtraction, multiplication and division.

The reals R\mathbb{R} are also a lovely system of numbers, closed not just those four operations but many others: square roots (of positive numbers), sines, cosines, and so on.

The irrational numbers R\Q\mathbb{R}\backslash\mathbb{Q} are not a lovely system of numbers: they are not closed under any of these things.

For example, can we think of two irrational numbers whose sum is rational?

2+(12)=1\sqrt{2} + (1-\sqrt{2}) = 1.

Can we think of two irrational numbers whose product is rational?

(2)(2)=2\left(\sqrt{2}\right)\left(\sqrt{2}\right) = 2.

So, the irrational numbers R\Q\mathbb{R}\backslash\mathbb{Q} really are just the big messy clump left over in R\mathbb{R} when you remove Q\mathbb{Q}.

However, at least the following is true:


Let xx be irrational, and yy be rational. Then x+yx+y is irrational.

Also, if yy is nonzero, then xyxy is irrational.


We prove the first one by contradiction. Suppose that x+yx+y is rational. Then (x+y)y(x+y)-y is also rational, being obtained by subtracting two rational numbers, but it’s equal to xx which we know to be irrational. That’s the contradiction we wanted.

We prove the second one by contradiction too. Suppose that xyxy is rational. Then (xy)/y(xy)/y is also rational, as it’s obtained by dividing two rational numbers (with the latter nonzero), but it’s equal to xx which we know to be irrational. That’s the contradiction we wanted.

Convergent sequences

Now our mission is to study the real numbers. When we were studying the integers, the main theme running through it all was to do with divisibility. Divisibility is, of course, not a very sensible thing to ask about over the reals.

As a result, real analysis (the study of R\mathbb{R}), and the questions which are interesting and helpful to ask, is very different to number theory.

It turns out that the most interesting things you can ask about are to do with approximation. Why is the notion of approximation so important?

When we write that π=3.1415926535897932384626433,\pi = 3.1415926535897932384626433\cdots, the point is that the digits give a kind of address telling you how to find π\pi on the numberline. The number π\pi is close to 33, closer to 3.13.1, closer still to 3.143.14, even closer still to 3.1413.141, and so on.

The notion of convergence, which I’ll define shortly, is a way of encoding this concept of increasingly good approximation. We will say that the sequence of rational numbers 3,3.1,3.14,3.141,3.1415,3,\quad 3.1,\quad 3.14,\quad 3.141,\quad 3.1415,\quad \ldots “converges to π\pi”. That’s supposed to mean that if you follow the address, you’ll end up homing in on π\pi.

The definition will seem complicated, and probably harder to get your head around than other definitions in the course. However, that’s because it really is a subtle concept: all the simpler approaches you might think of are wrong.

The most obvious wrong definition is this:

Why is this completely wrong? Well, for example, the sequence 3,3.1,3.14,3.141,3.1415,3,\quad 3.1,\quad 3.14,\quad 3.141,\quad 3.1415,\quad \ldots also gets closer and closer to 10001000: 10003=99710003.1=996.910003.14=996.8610003.141=996.85910003.1415=996.8585\begin{aligned} {}1000 - 3 &= 997\\ {}1000 - 3.1 &= 996.9\\ {}1000 - 3.14 &= 996.86\\ {}1000 - 3.141 &= 996.859\\ {}1000 - 3.1415 &= 996.8585\end{aligned} Of course, this sequence never gets particularly close to 10001000 (the sequence never goes above 44, so it never gets within 996996 of 10001000), but it’s always getting closer!

But this means that if our definition of “converging to xx” were the completely wrong definition “gets closer and closer to xx”, then the sequence 3,3.1,3.14,3.141,3.1415,3,\quad 3.1,\quad 3.14,\quad 3.141,\quad 3.1415,\quad \ldots would “converge to π\pi”, but it would also “converge to 10001000”.

But that’s not what we want: this sequence is a terrible way of getting to 10001000, but a good way of getting to π\pi.