Download Note One

Computational number theory and algebra
Fundamental theorems
1. Bezout’s lemma: If a, b are two positive integers, then there exist x, y ∈
Z such that ax + by = gcd(a, b).
2. Bezout’s lemma for polynomials: If f (x), g(x) are two univariate polynomials in F[x], where F is one of R[x], Q[x], Zp [x], then there exist polynomials u(x), v(x) in F[x] such that f (x)u(x)+g(x)v(x) = gcd(f (x), g(x)).
In the rest of these notes, we retain the assumption that F denotes one of
R, Q, Zp , where p denotes a prime number.
3. Euclid’s lemma: If p, a, b are integers with p prime and p|ab, then p|a
or p|b.
4. Euclid’s lemma for polynomials: If f (x), g(x), h(x) are polynomials in
F[x] with f (x) irreducible and f (x)|g(x)h(x), then f (x)|g(x) or f (x)|h(x).
5. Unique factorization: Every positive integer can be uniquely factorized
into a product of primes.
6. Unique factorization for polynomials: Every polynomial in F[x] can
be uniquely factorized into a product of irreducible polynomials.
Note: Unique factorization holds even in Z[x] and we’ll see a proof of this
later.
1
Basic definitions and facts: Integers
1. The symbols Z, Q, R, C denote respectively, the ring of integers, the field of
rational numbers, the field of real numbers, the field of complex numbers.
2. Given two integers a, b we write a|b (read as a divides b) if ∃c ∈ Z : ac = b.
3. The greatest common divisor of two integers a, b is the largest integer g
such that g|a and g|b. We denote this by gcd(a, b) and sometimes by (a, b).
Similarly, (a, b, c) denote the largest integer which divides each of a, b, c.
Ex: gcd(a, b, c) = gcd(gcd(a, b), c).
4. The least common multiple of two integers a, b is the smallest positive integer L such that a|L and b|L. We denote this by lcm(a, b) and sometimes
by [a, b]. Similarly, [a, b, c] denotes the smallest positive integer L which
is divisible by each of a, b, c.
Ex: gcd(a, b)lmc(a, b) = ab.
5. We write a ≡ b (mod n) to mean that (a − b) is divisible by n. If a ≡ b
(mod n), then a + c ≡ b + c (mod n) and ac ≡ bc (mod n). If gcd(c, n) = 1
and ac ≡ bc (mod n), then a ≡ b (mod n).
6. For n > 1, we denote by Zn the ring of integers modulo n, i.e. the set
{0, 1, . . . , n − 1} together with addition and multiplication modulo n. We
take Z1 = {1}.
We write equations in Zn as L = R and use the congruence notation when
working in Z.
7. Z∗n = {a ∈ Zn : ∃b : ab = 1}, i.e. the set of elements with a multiplicative
inverse. From Bezout’s lemma, this can be identified with the set of nonnegative integers less than or equal to n and relatively prime to n. We
denote Z∗n by φ(n).
8. Chinese Remainder Theorem: If n1 , n2 , . . . , nk are pairwise prime,
then the set of congruences x ≡ r1 (mod n1 ), x ≡ r2 (mod n2 ), . . ., x ≡ rk
(mod nk ) has a unique solution modulo n1 n2 . . . nk .
In general, if the congruences are consistent, then the solution is unique
modulo [n1 , n2 , . . . , nk ].
Basic definitions and facts: Polynomials
1. Given a field F, we denote by F[x] the ring of polynomials with coefficients
from F, with arithmetic operations defined in the usual way.
2. Given two polynomials f (x), g(x) ∈ F[x], we write f (x)|g(x) if there exists
h(x) ∈ F[x] : f (x)h(x) = g(x).
2
3. If f (x), g(x) ∈ F[x], then there are unique polynomials q(x), r(x) such that
g(x) = f (x)q(x) + r(x) and deg(r) < deg(f ).
Note that this is not true in Z[x].
4. Given two polynomials f (x), g(x) ∈ F[x], the greatest common divisor of
f, g is defined to be the monic polynomial of largest degree which divides
both f and g.
Ex: Prove the uniqueness of the gcd.
5. The LCM of two polynomials f (x), g(x) is defined to be the monic polynomial of smallest degree which is divisible by both f and g.
6. Number of roots and degree: A polynomial in F[x] of degree d has at
most d roots.
Note that this holds even in Z[x] because Z ⊆ R.
7. If n is composite, then a polynomial in Zn [x] can have more roots than
its degree.
8. The equation ax = b has gcd(a, n) solutions in Zn if gcd(a, n) divides b,
and zero solutions otherwise.
Prime Numbers
1. There are infinitely many prime numbers.
In what follows, we let p denote an arbitrary prime number.
p
2.
is divisible by p for every r < p.
r
3. Every element in {1, 2, . . . , p − 1} has a multiplicative inverse modulo p.
That is, Zp is a field.
4. A linear polynomial in Zp [x] has exactly one root.
5. Let a be a non-zero element of Zp . Then the set {a, 2a, . . . , (p − 1)a} is
equal to {1, 2, . . . , p − 1}.
6. Fermat’s little theorem: If a is not divisible by p, then ap−1 ≡ 1 (mod p).
Ex: Prove Fermat’s litlte theorem by using the identity rp = (r − 1)p + 1
in Zp .
7. The polynomial xp−1 − 1 has exactly p − 1 roots in Zp and is hence equal
to (x − 1)(x − 2) . . . (x − p + 1) in Zp [x].
3
Time Complexity
1. Two n-bit integers can be added (or subtracted) in time O(n),
2. Two n-bit integers can be multiplied (or divided) in time O(n2 ) easily and
in time O(n log n log log n) using Discrete Fourier Transform methods. The
∗
state of the art is Furer’s algorithm running in time O(n log n2O(log n) ).
3. The gcd of two n-bit integers (say a, b) can be found in time O(n2 ). Further, we can find, with the same complexity, two integers x, y such that
ax + by = gcd(a, b).
4. If the equation ax ≡ b (mod n) is solvable, then a solution can be found in
time O(log2 n): first divide by gcd(a, n) and then use Euclid’s algorithm.
5. All the basic arithmetic operations in Zn can be done in time O(log2 n).
6. The gcd of two degree d polynomials (say f (x), g(x)) in Zp [x] can be found
in time O(d2 log2 p). Further, we can find, with the same complexity, two
polynomials u(x), v(x) such that f (x)u(x) + g(x)v(x) = gcd(f (x), g(x)).
4