Download Greatest common divisors

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
Document related concepts

Line (geometry) wikipedia , lookup

Large numbers wikipedia , lookup

Georg Cantor's first set theory article wikipedia , lookup

List of prime numbers wikipedia , lookup

Abuse of notation wikipedia , lookup

Vincent's theorem wikipedia , lookup

Mathematics of radio engineering wikipedia , lookup

Fermat's Last Theorem wikipedia , lookup

Arithmetic wikipedia , lookup

Algebra wikipedia , lookup

Collatz conjecture wikipedia , lookup

System of polynomial equations wikipedia , lookup

Fundamental theorem of algebra wikipedia , lookup

Addition wikipedia , lookup

Elementary mathematics wikipedia , lookup

Factorization of polynomials over finite fields wikipedia , lookup

Proofs of Fermat's little theorem wikipedia , lookup

Transcript 
Greatest common divisors
Robert Friedman
Long division
Does 5 divide 34? It is easy to see that the answer is no, for many different
reasons:
1. 34 does not end in a 0 or 5.
2. Checking directly by hand, 34 is not equal to a multiple 5n for n ≤ 6,
and for n ≥ 7, 7n > 34.
3. The prime factorization of 34 = 2 · 17 does not involve a 5.
On the other hand, we can also write 34 = 5 · 34
5 , so in another sense
5 does divide 34. It depends on what we mean by divides. Given integers
a, n, we say that a divides n, written a|n, if there exists an integer q such
that n = aq. In this case, we say that a is a factor of n. For example,
every integer divides 0, and the only integers which divide 1 are ±1. We can
make the same definition for rational numbers, but it is not very interesting:
every rational number divides every other rational number (except that 0
does not divide a nonzero rational number). For the record, let us give some
notation for the various kinds of numbers:
1. N is the set of natural numbers {1, 2, 3, . . . }. With this definition,
0∈
/ N, and the set {0, 1, 2, 3, . . . } is the set of nonnegative integers.
2. Z is the set of integers {. . . , −2, −1, 0, 1, 2 . . . }.
3. Q is the set of rational numbers {a/b, a, b ∈ Z, b 6= 0}.
4. R is the set of real numbers, which we will not attempt to define here,
and C is the set of complex numbers.
In Q, R, and C we can divide by every nonzero number, so the property
that one number divides another is not very interesting. We will look at
1
divisibility in Z here; divisibility in N is much the same, but it will be a lot
easier for us if we are able to subtract as well as add. When we consider
numbers and divisibility we will need the following: we have operations of
addition and multiplication, which satisfy the usual properties: addition and
multiplication are associative and commutative, there is an additive identity
0 and additive inverses, multiplication distributes over addition, and there
is a multiplicative identity 1. As mentioned above, the cases where there
are multiplicative inverses for every nonzero number (Q, R, and C) are not
interesting. In fact, in Z, the only numbers with multiplicative inverses are
±1. As a substitute for division, however, we do have the cancellation law:
if ab = ac and a 6= 0, then b = c. Of course this would follow if we could
multiply both sides by a−1 .
There is at least one other familiar case where it is interesting to look
at divisibility and factorization: polynomials. For example, x − 1 does not
divide f (x) = x3 − 2x2 + 3x + 4, which we can see as follows: the linear
polynomial x − 1 divides f (x) if and only if f (1) = 0, but f (1) = 6 6= 0.
On the other hand, for g(x) = x3 − 2x2 + 3x − 2, g(1) = 0, and indeed
g(x) = (x − 1)(x2 − x + 2). We will also write a(x)|f (x) to mean that the
polynomial a(x) divides f (x), i.e. that there exists a polynomial q(x) with
f (x) = a(x)q(x). As we shall see in just a moment, this definition depends
on the context.
As a matter of notation, we will denote by Z[x] the set of all polynomials
with coefficients in Z (integer coefficients) and by Q[x] the set of all polynomials with coefficients in Q (rational coefficients). The sets R[x], C[x], etc.
are defined in a similar way. Addition and multiplication are defined in the
usual way. There is also Q[x, y], the set of polynomials in two variables x
and y, with all of the possible variations by allowing different coefficients.
We now ask if 2x − 2 = 2(x − 1) divides x3 − 2x2 + 3x − 2. Answer: it
depends. Clearly, since 2x − 2 = 2(x − 1),
x3 − 2x2 + 3x − 2 = (x − 1)(x2 − x + 2) = (2x − 2)( 21 x2 − 21 x + 1).
So if we work in Q[x], 2x − 2 divides x3 − 2x2 + 3x − 2, but 2x − 2 does not
divide x3 − 2x2 + 3x − 2 in Z[x].
We return to divisibility for ordinary integers. The basic fact is the
following:
Theorem 1 (Long division with remainder). Suppose that a, n ∈ Z
with a > 0. Then there exist unique integers q, r with 0 ≤ r < a such that
n = aq + r.
2
Here, q is the quotient and r is the remainder.
Why is this statement true? We must use some basic fact about the integers, or in this case the natural numbers. The fact in question is important
enough to have a special name:
Theorem 2 (Well ordering principle). A nonempty subset of N has a
smallest element.
We will not attempt to give a proof of the well-ordering principle here;
it is closely related to an axiomatic characterization of the natural numbers.
It can be paraphrased by saying that there are only finitely many natural
numbers less than or equal to a given natural number N . It is also closely
connected to the principle of mathematical induction.
It is easy to see that the well-ordering principle also holds for the set of
nonnegative integers: if X is a nonempty subset of the set of nonnegative
integers, then either 0 ∈ X, in which case 0 is the smallest element of X, of
0∈
/ X, in which case X ⊆ N and X is nonempty, so that X has a smallest
element by the well-ordering principle.
On the other hand, the well-ordering principle fails for the set of all
integers Z, since for example Z itself does not have a smallest element. It
also fails for the set of all nonnegative rational numbers, since for example
the set Q+ of all positive rational numbers does not have a smallest element
(there is no smallest strictly positive rational number).
Assuming the well-ordering principle (Theorem 2), let us deduce the
statement about long division. Consider the set X of all nonnegative integers
of the form n − aq for some q ∈ Z. In other words, we look at all integers
q such that n − aq > 0. Note that X is not empty. For example, if n is
positive, then n = n − a(0) ∈ X. If n ≤ 0, we could take q = (n − 1), so that
n − aq = (1 − a)n + a. Since n ≤ 0 and a ≥ 1, so that 1 − a ≤ 0, (1 − a)n ≥ 0
and so n − aq = (1 − a)n + a ≥ a > 0. By the well-ordering principle, X
has a smallest element, necessarily of the form r = n − aq. Moreover, we
claim that 0 ≤ r < a. Clearly, r ≥ 0 since by assumption r is a nonnegative
integer. If r ≥ a, then r − a ≥ 0. But then r − a = n − (a + 1)q is a
nonnegative integer in X, and it is clearly smaller than r. This contradicts
the fact that r is the smallest element of X. Thus we take r = n − aq, with
0 ≤ r < a and n = aq + r as desired.
We still need to check that q and r are unique. If also n = aq1 + r1 with
0 ≤ r1 < a, then since n = aq + r = aq1 + r1 ,
a(q − q1 ) = r1 − r.
3
In particular a divides r1 − r. But r1 < a, r ≥ 0 so that r1 − r < a. Likewise
r1 ≥ 0, r < a implies that r1 − r > −a. Thus a|r1 − r, −a < r1 − r < a,
and the only multiple of a strictly between a and a is 0. So r1 − r = 0 and
r = r1 . Hence a(q − q1 ) = 0 and a > 0, so q − q1 = 0 and thus q = q1 . This
shows that q and r are unique. This finishes the proof.
In the exercises, you are asked to make the very minor changes in the
statement and proof of Theorem 1 in case a < 0.
Long division holds in other circumstances as well. For example, long
division of polynomials should be familiar. Here we use the degree of a
polynomial as a rough measure of its size. Given f (x) and a(x) in Q[x] with
a(x) 6= 0, there exist unique polynomials q(x) and r(x) in Q[x] with either
r(x) = 0 (in which case deg r(x) is undefined), or 0 ≤ deg r(x) < deg a(x),
such that f (x) = a(x)q(x) + r(x). However, long division definitely fails in
Z[x] or in Q[x, y]. For example, you cannot divide 2x−2 into x3 −2x2 +3x−2
in the above sense and keep all of the coefficients integers. (Long division by
a(x) does work in Z[x] as long as the leading coefficient of a(x) is 1, though.)
Greatest common divisors
Definition 3. Let a, b ∈ Z, where not both of a, b are zero. A greatest
common divisor d of aand b (written d = gcd(a, b)) is a positive integer d
such that d|a, d|b, (i.e. d is a common divisor of a and b), and moreover, if
e is an integer such that e|a and e|b, then e|d. In other words, d is divisible
by every common divisor of a and b.
Two integers a and b are relatively prime if gcd(a, b) = 1, i.e. if e|a and
e|b then e = 1, or equivalently the only factors a and b have in common are
±1.
If d and d1 are two greatest common divisors of a and b, then d|d1
and d1 |d, and then it is easy to see that d = d1 . Thus greatest common
divisors are unique, if they exist. But nothing we have said up to this point
indicates that greatest common divisors do exist. That is the point of the
next theorem.
Theorem 4 (Existence of gcds). Let a, b ∈ Z, where not both of a and b
are zero. Then there exists a unique gcd d of a and b. Moreover, there exist
integers x0 , y0 such that d = ax0 + by0 .
To see this, let Y = {ax + by : x, y ∈ Z}. In other words, Y is the set
of all integers which are a multiple of a plus a multiple of b; we call such an
expression a linear combination of a and b. For example, a = a(1)+b(0) ∈ Y ,
4
as is −a = a(−1) + b(0); likewise b and −b are in Y . Other elements of Y
are a + b, 5a − 28b, and so on. The key properties of Y are:
(i) Y is closed under addition and subtraction: if ax1 + by1 and ax2 + by2
are two elements of Y , then
(ax1 + by1 ) ± (ax2 + by2 ) = a(x1 ± x2 ) + b(y1 ± y2 ),
and this is of the form a times an integer plus b times an integer and hence
is in Y .
(ii) Y is closed under multiplication by an arbitrary integer: if ax + by ∈ Y
and n ∈ Z, then
n(ax + by) = a(nx) + b(ny),
and, again, this is of the form a times an integer plus b times an integer and
hence is in Y .
Now Y contains at least one positive integer, since at least one of a, b
is nonzero and hence at least one of a, −a, b, −b is positive. Thus, by the
well-ordering principle, Y contains a smallest positive element, say d. So
d > 0, and since d ∈ Y , d is of the form ax0 + by0 for some integers x0 , y0 .
We claim that every element of Y is a multiple of d. To see this, let
n ∈ Y . Applying long division by d, n = dq + r, where r is an integer and
0 ≤ r < d. By assumption, n ∈ Y . Since d ∈ Y , dq ∈ Y as well (by (ii)
above) and thus n − dq = r ∈ Y since Y is closed under subtraction (by (i)).
But 0 ≤ r < d and d was chosen to be the smallest positive element of Y .
This is only possible if r = 0. But then n = dq is a multiple of d. We have
thus showed that every element n of Y is a multiple of d.
We now show that d is a gcd of a and b. Since a and b are in Y , they
are multiples of d, hence d|a and d|b. On the other hand, d = ax0 + by0 . If
e|a and e|b, then it is easy to see (exercise) that e|ax0 + by0 = d. So d is a
gcd (necessarily unique) of a and b. This finishes the proof of the theorem.
Remark 5. 1) The last part of the proof actually shows that, if d = ax0 +by0
is a linear combination of a and b with d > 0, and d|a and d|b, then d =
gcd(a, b).
2) A slightly more careful argument shows the following: let I be a nonempty
subset of Z which is closed under addition and subtraction, i.e. Property (i)
for Y above holds. Then one can check directly that (ii) also holds, and that
there exists some integer d ≥ 0 such that I is the set of all integer multiples
of d.
5
Now that we know that gcds exist, we would like to be able to compute
them. One standard method is to factor both a and b into primes, and
then prime factors of d = gcd(a, b) are the primes appearing in both the
prime factorization of a and of b, raised to the smaller power. For example,
gcd(40, 100) = 20, from 40 = 23 5, 100 = 22 52 , and so the gcd is 22 5. In
practice, this procedure is very inefficient, because it is a hard problem for a
human or computer to factor a large number into a product of primes. We
shall describe a much more efficient method at the end.
Let us give some consequences of the existence of gcds:
Corollary 6. Suppose that a and b are integers, not both zero, and n is an
integer. Then the linear equation ax + by = n has a solution in integers x
and y if and only if d = gcd(a, b) divides n.
To see this, suppose first that d = gcd(a, b) divides n, and let n = dk for
some integer k. Then by the theorem we can write d = ax0 + by0 for some
integers x0 , y0 . Thus
n = dk = akx0 + bky0 = ax + by,
with x = kx0 and y = ky0 .
Conversely, if d is any divisor of a and b, then d|ax+by, so if n = ax+by,
then n is divisible by the gcd of a and b.
Corollary 7. Suppose that a and b are relatively prime integers, or equivalently that gcd(a, b) = 1. If a|bc, then a|c.
To see this, since gcd(a, b) = 1, there exist integers x and y such that
1 = ax + by. Then c = acx + bcy. By assumption, a|bc and hence a|bcy;
also, clearly a|acx. Thus a divides the sum acx + bcy = c.
Recall that a prime number p is a positive integer p > 1 such that, if d|p,
d > 0, then either d = 1 or d = p. (The number 1 is not a prime number.)
Equivalently, a positive integer p > 1 is a prime number if and only if, for
all a ∈ Z, either gcd(a, p) = 1, in which case a and p are relatively prime, or
gcd(a, p) = p, in which case p divides a.
Corollary 8. Let b and c be integers and let p be a prime number. If p|bc,
then either p|b or p|c. In other words, if a prime divides a product, it divides
one of the factors.
In fact, suppose that p|bc. If p|b we are done. So we can assume that p
does not divide b. Thus, by the above remarks, p and b are relatively prime.
Since p|bc, Corollary 7 implies that p|c.
6
Remark 9. We can ask if any of the above carries over to factorization in
Z[x] or Q[x] or to similar situations. Given two polynomials a(x), b(x), not
both 0, we can define a gcd of a(x) and b(x) to be a polynomial d(x) such
that d(x)|a(x), d(x)|b(x), and for every polynomial e(x) dividing both a(x)
and b(x), e(x)|d(x). Of course, we would expect the existence or the form of
d(x) to depend on the type of coefficients (integers, rational numbers, etc.)
that we consider. It turns out that in all of the situations we have been
considering (Z[x], Q[x], R[x], C[x], Q[x, y]), gcds do exist, In Q[x], R[x],
C[x], the gcd of a(x) and b(x) can be written as a(x)f (x) + b(x)g(x) for
some polynomials f (x), g(x), in other words the gcd of a(x) and b(x) is a
linear combination of a(x) and b(x). It is not unique, since if d(x)|e(x) and
e(x)|d(x), the most we can say is that d(x) and e(x) differ by multiplication
by a nonzero constant polynomial. The gcd d(x) can be normalized, however,
by requiring that its leading coefficient is 1.
In Z[x] and Q[x, y], the gcd of two polynomials a(x) and b(x) cannot
usually be written as a linear combination of a(x) and b(x), using polynomials of the same type. For example, it is easy to see that the gcd of 2 and
x in Z[x] is 1, but we cannot write 1 = a(x)f (x) + b(x)g(x) where both f (x)
and g(x) are polynomials with integer coefficients.
Finally, there are situations where unique factorization fails, and which
we hope to be able to describe by the end of the seminar.
The Euclidean algorithm
As promised, we describe a computationally efficient method for finding the
gcd of two integers a and b, which at the same time shows how to write the
gcd as a linear combination of a and b.
Begin with a, b. Write a = bq1 + r1 , with integers q1 and r1 , 0 ≤ r1 < b.
Note that r1 = a + b(−q1 ) is a linear combination of a and b. If r1 = 0,
stop, otherwise repeat this process with b and r1 instead of a and b, so that
b = r1 q2 +r2 , with 0 ≤ r2 < r1 , and note that r2 = b−r1 q2 = b−aq2 +bq1 q2 is
still a linear combination of a and b. If r2 = 0, stop, otherwise repeat again
with r1 and r2 instead of b and r1 , so that r1 = r2 q3 + r3 , with 0 ≤ r3 < r2 .
We can continue in this way to find r1 > r2 > r3 > · · · > rk ≥ 0, with
rk−1 = rk qk+1 + rk+1 . Since the sequence of the ri decreases, and they
are all nonnegative integers, eventually this procedure must stop with an
rn such that rn+1 = 0, and hence rn−1 = rn qn+1 . The procedure looks as
7
follows:
a = bq1 + r1
b = r1 q 2 + r 2
r 1 = r2 q 3 + r 3
..
.
rn−2 = rn−1 qn + rn
rn−1 = rn qn+1 .
We claim that rn is the gcd of a and b. In fact, we shall show
(i) rn divides both a and b;
(i) rn a linear combination of a and b.
(i) Since rn |rn−1 , the equation rn−2 = rn−1 qn + rn implies that rn |rn−2 ,
and then working backwards from the equation rk−1 = rk qk+1 + rk+1 , we see
(with reverse induction) that rn |rk−1 for all k < n. The fact that b = r1 q2 +r2
and that rn divides r1 and r2 implies that rn divides b, and then the equation
a = bq1 + r1 implies that rn divides a, too.
(ii) Working the other way, we have seen that r1 and r2 are linear
combinations of a and b. By induction, if rk−1 and rk are linear combinations of a and b, then the equation rk−1 = rk qk+1 + rk+1 implies that
rk+1 = rk−1 − rk qk+1 is also a linear combination of a and b (because as we
saw in the proof of Theorem 4 the set of all linear combinations of a and
b is closed under addition, subtraction, and multiplication by an integer).
Thus rn is a linear combination of a and b as well. But we have seen that
if a linear combination of a and b divides a and b and is positive, then it is
equal to the gcd of a and b. So rn is the gcd of a and b.
The algorithm is easier to carry out than it is to explain! For example,
to find the gcd of 34 and 38, we have
38 = 34(1) + 4
34 = 4(8) + 2
4 = 2(2).
This says that 2 = gcd(34, 38) and that 2 = 34 − 4(8) = 34 − (38 − 34)(8) =
9(34) + (−8)(38).
It is often more efficient to choose qk+1 and rk+1 so that rk−1 = rk qk+1 ±
rk+1 , with rk+1 < rk the sign chosen so that rk+1 is as small as possible.
8
For example, to find the gcd of 7 and 34, we could write
34 = 7(4) + 6
7 = 6(1) + 1,
to see that the gcd is 1 and that 1 = 7 − 6 = 7 − (34 − 4(7)) = −34 + 5(7),
or we could see directly that
34 = 7(5) − 1.
A more complicated example is the following, to find the gcd of 1367 and
298:
1367 = (298)(5) − 123
298 = 123(2) + 52
123 = 52(2) + 19
52 = 19(3) − 5
19 = 5(4) − 1.
Thus the gcd is 1, and a little patience shows that
1 = 5(4) − 19 = 11(19) − 4(52) = 11(123) − 26(52) =
= (63)(123) − (26)(298) = (−63)(1367) + (289)(298).
Exercises
Exercise 1. Let d be an integer. Show that, if d is an integer dividing a
and b, then d divides a + b, d divides ka for every integer k, and in fact d
divides every linear combination ax + by, where a and b are integers.
Exercise 2. Use the Euclidean algorithm to find the gcd d of a and b and
to write d as a linear combination of a and b, where (i) a = 40, b = 100;
(ii) a = 105, b = 101;
(iii) a = 238, b = 709;
(iv) a = 391, b = 1649.
Exercise 3. Do there exist integers x and y such that 57x + 93y = 2? Why
or why not? If such do exist, find at least one pair. Do the same with the
equation 57x + 93y = −6.
Exercise 4. Explain how you could use the Euclidean algorithm in the
case of Q[x], i.e. of polynomials with rational coefficients. Use this to find
the gcd of a(x) and b(x) and to write the gcd as a linear combination of
a(x) and b(x), for (i) a(x) = x3 − 4x2 + 5x − 2, b(x) = x2 + x − 2; (ii)
a(x) = x2 + 4x + 8, b(x) = x2 + 3x + 6. (For (ii), you should find that
1 = − 14 (x + 1)a(x) + 14 (x + 2)b(x).)
9
Exercise 5. Given integers a, b, n such that the equation ax + by = n has
a solution in integers x and y, we can ask whether or not the solutions x
and y are unique. If ax1 + by1 = ax2 + by2 = n, show that u = x2 − x1
and v = y2 − y1 are solutions to the equation au + bv = 0. Conversely,
given solutions u and v to the equation au + bv = 0 and x1 , y1 such that
ax1 + by1 = n, show that, if we set x2 = x1 + u, y2 = y1 + v, then x2 , y2 are
also such that ax2 + by2 = n.
Show that u = −b, v = a is a solution to the equation au + bv = 0.
More generally, for every integer t, u = −tb, v = ta is also a solution to
the equation au + bv = 0. If a and b are relatively prime, show that every
solution to the equation au + bv = 0 is of this form (first show that b divides
u). What happens if a and b are not relatively prime?
Exercise 6. Suppose that a and b are both positive integers. In real life,
for a positive integer n, we might want to solve the equation ax + by = n
for integers x and y which are required to be nonnegative. Clearly this is
not always possible, even if a and b are relatively prime. For example, n
must be at least the smaller of a and b, and in general there will be a certain
number of gaps. However, under the assumption that a and b are relatively
prime, show:
(i) The integer n = ab − a − b = a(b − 1) + b(−1) = a(−1) + b(a − 1) cannot
be written as ax + by where both x and y are nonnegative integers.
(ii) Every integer n which is strictly bigger than ab − a − b can be written
as ax + by where both x and y are nonnegative integers.
(Hint: the idea is to use the preceding exercise to see how it is possible,
given one solution to n = ax + by, to change x and y and still get a solution
to the equation.)
10
Related documents
A1EN0402 - MathChamber
A1EN0402 - MathChamber
Linear Functions Review
Linear Functions Review
ECS20 Homework 7: Number theory Exercise 1: What are the
ECS20 Homework 7: Number theory Exercise 1: What are the
1.01 and 1.02 Getting Started and Negative Numbers
1.01 and 1.02 Getting Started and Negative Numbers
Adding, Subtracting, Multiplying, and Dividing Integers
Adding, Subtracting, Multiplying, and Dividing Integers
DiscreteTom2014
DiscreteTom2014
35th IMO 1994 A1. Let m and n be positive integers. Let a 1,a2,...,am
35th IMO 1994 A1. Let m and n be positive integers. Let a 1,a2,...,am
Absolute Value and Signed Integers
Absolute Value and Signed Integers
Integers and the Number Line
Integers and the Number Line
Equivalent form of implication
Equivalent form of implication
Irish Intervarsity Mathematics Competition 2002 University College Dublin Time allowed: Three hours
Irish Intervarsity Mathematics Competition 2002 University College Dublin Time allowed: Three hours
Combining Like Terms with Integers
Combining Like Terms with Integers