Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Abstract
This paper studies several aspects of an important binary relation: congruence
modulo n. We first introduce congruence by clarifying the division operation, and then
show some basic properties of congruence relation and their applications in studying
properties of integers. After that, we shift the topic to abstract algebra, and present
some important interpretations of congruence classes in ring theory. Finally, we study
linear equations of congruence, carry out a proof for Chinese Remainder Theorem, and
conclude the paper by stating NP-hard problems that require future attention.
Theorem 1. Given two integers a and b 6= 0, there exist unique integers q, r such that:
In this theorem, we try to divide a (the dividend ) by b (the divisor ), and we get a
quotient of q and a remainder of r. The proof of Theorem 1 requires some extra algebraic
work, so for convenience purposes we take it as a fact.
The arithmetic modulo n, or the congruence modulo n relation, is a natural intuition
from the division operation. For example, if we divide 42 and 24 by 9:
42 = 9 × 4 + 6; 24 = 9 × 2 + 6. (2)
Observe that the remainder is the same (r = 6). Might there be any common properties
for these numbers? To count for this observation, define the binary relation ”≡ (mod n)”:
1
2 Basic Properties and Applications
2.1 Properties of Congruence
There are many basic properties associated with congruence modulo n relation, each of
which has a clean proof. Now we state these properties:
Proof. Since x ≡ y (mod n), let x−y = kn for some k ∈ Z. Then (x+a)−(y+a) = x−y = kn
since integer addition is associative, hence x + a ≡ y + a (mod n).
Using the same assumption, ax − ay = a(x − y) = akn because of distributive law for
integers, and akn = (ak)n because integer multiplication is associative. Since a, k ∈ Z, we
have a · k ∈ Z ⇒ ax − ay = pn for some p = ak ∈ Z. Hence ax ≡ ay (mod n).
Proof. Let x − y = pn, z − w = qn for some p, q ∈ Z. Then since all numbers are integers:
(x + z) − (y + w) = (x − y) + (z − w) = pn + qn = (p + q)n (3)
Definition 2. Two integers a, b are relatively prime or coprime if their greatest common
divisor, denoted gcd(a, b) or just (a, b) for convenience, is equal to 1.
Theorem 4. The Cancellation Law: If ax ≡ ay (mod n), n > 1 and a, n are relatively
prime, then we have x ≡ y (mod n).
Remark 1. The assumption a, n are relatively prime is very important for Theorem 4. If
a, n are not relatively prime, here’s a counterexample (note that gcd(2, 8) = 2 6= 1):
2
2.2 A Brief Application
With the properties above, congruence modulo n relation is very helpful when we study the
properties of integers. Many phenomena that are difficult to observe can be easily explained
by using congruence. Here’s a brief example:
Example 1. Show that 2015 cannot be written as the sum of two integers squared. (i.e.
There’s no integer solution x, y ∈ Z to the equation 2015 = x2 + y 2 .)
Proof. Let’s look at both sides with respect to congruence modulo 8. First we have 2015 ≡ 7
(mod 8). Now we study the congruence property of ∀ z ∈ Z with a modulus 8:
What’s even more interesting is that the proof of this theorem can also use only properties
of congruence modulo n relations. (See Ben’s Paper for a detailed reference.)
Figure 1: The leap second: a special moment when 23:59:60 is possible! [5][6]
3
If, suppose, we are asked questions like: what is the time 5 hours after 22 o’clock? We
can give an answer – again – by looking at properties of congruence mod 24:
The 12-hour timing system, involving AM and PM notations, corresponds to mod 12:
If we add more hours to 11 AM, we actually get: 0 PM, 1 PM, 2 PM, and so on, because
11 + 1 ≡ 0, 11 + 2 ≡ 1, · · · . The notation 12 PM at noon, or 12 AM at midnight, is indeed
a consequence of people’s habit. – They actually represents 0 PM and 0 AM in mod 12!
Proof. Need to show: (1) Reflexivity, (2) Symmetry, and (3) Transitivity of ≡ (mod n).
1. Reflexivity: ∀ x ∈ Z, x ≡ x (mod n) since x − x = 0 = 0 · n, where 0 ∈ Z.
2. Symmetry: ∀ x, y ∈ Z, x ≡ y (mod n) ⇒ x − y = kn for some k ∈ Z. So
y − x = (−k) · n where −k is also an integer ⇒ y ≡ x (mod n).
Definition 3. The set denoted as Z/nZ = {[0], [1], [2], · · · , [n − 1]} is the collection of
all congruence classes with modulus n.
4
3.2 Interpretations in Ring Theory
To continue with our study of Z/nZ, we need to define some binary operations on elements
in this set. Define addition operation ”+” in Z/nZ as:
To see that this addition is ”well-defined”, we observe that: (1) ∀ x0 ∈ [x], y0 ∈ [y]: we
have x0 ≡ x (mod n) and y0 ≡ y (mod n), then by Theorem 3, x0 + y0 ≡ x + y ≡ x + y − kn
(mod n), and x0 + y0 ∈ [x + y]. (2) It’s easy to show that 0 ≤ x + y − kn < n. This means
that when we add two congruence classes, we randomly pick up an element in each of the
classes, add them, and we must get an element in the resulting class, which is constructed to
be a legitimate element in the set Z/nZ itself. Now we define the multiplication operation
”·” (it’s similar to show that ”·” is also well-defined):
[x] · [y] = [xy] = [xy − kn], k is the largest integer such that xy − kn ≥ 0. (9)
Theorem 7. For any n > 1, Z/nZ is an ring (see Charlie’s paper for definition of a ring)
under the operations ”+” and ”·” as discussed above.
Proof. We actually need to verify the following eight properties associated with a ring:
1. Closed under addition: since [x] + [y] = [x + y − kn] ∈ Z/nZ, ”+” is closed.
2. Addition is associative: [x] + ([y] + [z]) = [x] + [y + z] = [x + (y + z)] = [(x + y) + z] =
[x + y] + [z] = ([x] + [y]) + [z]. So ”+” is associative.
3. The addition identity: e = [0], such that [x] + [0] = [x + 0] = [x].
4. The additive inverse: [x] + (−[x]) = [0] = [n] ⇒ (−[x]) = [n − x] is the additive
inverse of element [x].
5. Addition is commutative: [x] + [y] = [x + y] = [y + x] = [y] + [x]. So the addition
operation ”+” is commutative.
6. Closed under multiplication: [x] · [y] = [xy − kn] ∈ Z/nZ, so ”·” is closed.
7. Multiplication is associative: [x] · ([y] · [z]) = [xyz] = ([x] · [y]) · [z]. So multiplication
”·” is associative.
8. Two distributive law: (a) ([x] + [y]) · [z] = [x + y] · [z] = [(x + y)z] = [xz + yz] =
[xz] + [yz] = [x] · [z] + [y] · [z]. (b) [x] · ([y] + [z]) = [xy + xz] = [x] · [y] + [x] · [z].
By showing the previous 8 axioms, we have actually proved that Z/nZ is a ring.
We may elaborate on the properties of this ring Z/nZ a little bit. We may ask: for a
given ring Z/nZ with n fixed, does it have any associated ”subring” (as Definition 4 goes)?
In Example 2, we would study the case where n = 24. The result, not too surprisingly, has
many aspects that correspond with our intuitions.
5
Example 2. Find all subrings of the ring of set of congruence classes Z/24Z.
First we observe that there are two trivial subrings: the set {[0]} and the set Z/24Z itself;
all three conditions automatically hold. Next, by the intuition of odd and even numbers,
we consider the following:
By almost the same argument, we can show that this S3 is also a subring. By this
intuition, we observe that all subrings of Z/24Z should have the form:
Sk = { [nk] | 24 ≡ 0 (mod k). For a fixed k, n is all integers such that 0 ≤ nk < 24.} (12)
In this sense, we can also write {[0]} = S24 , and Z/24Z = S1 . For each k, we can provide
a similar argument as we did for S2 . So all we need to find is the integers that divide 24;
these integers are {1, 2, 3, 4, 6, 8, 12, 24}, and we are done. All subrings are S1 , S2 , S3 , S4 ,
S6 , S8 , S12 , S24 , and can be listed as the following:
S1 = Z/24Z
S2 = {[0], [2], [4], [6], · · · , [20], [22]}
S3 = {[0], [3], [6], [9], · · · , [18], [21]}
S4 = {[0], [4], [8], [12], [16], [20]}
(13)
S6 = {[0], [6], [12], [18]}
S8 = {[0], [8], [16]}
S12 = {[0], [12]}
S24 = {[0]}
2
Definition 5. An element [b] ∈ Z/nZ is called the multiplication inverse of [a] if [b]·[a] = [1].
Denote this multiplication inverse as [b] = [a]−1 .
6
For example, in Z/15Z, [2] is a multiplication inverse of [8], since [2] · [8] = [16] = [1],
and [1] is the multiplication identity. Knowing this, we would be convenient to solve some
kinds of linear congruence equation. Suppose we have an equation like 8x ≡ 2 (mod 15) ⇔
[8] · [x] = [2] in Z/15Z, an easy way to solve this equation is to rewrite it as [x] = [8]−1 · [2] =
[2] · [2] = [4] and conclude that ∀ x ∈ [4] ∈ Z/15Z is a solution to our equation.
The above process shows: if we can find a multiplication inverse, we can always solve a
linear congruence equation. But the process of finding the multiplication inverse for [a] in
Z/nZ is neither safe nor easy. A multiplication inverse may not exist; specifically:
Theorem 8. An element [a] in Z/nZ has a multiplication inverse if and only if (a, n) = 1.
Proof. If ∃ [b] = [a]−1 , we argue by contradiction; suppose (a, n) 6= 1, and let (a, n) = k for
some k ∈ Z, k > 1. Since [b] = [a]−1 , we can write [a] · [b] = [1], and so ∀ a0 ∈ [a], b0 ∈ [b],
a0 b0 ≡ 1 (mod n). Since k divides n by (a, n) = k, we have a0 b0 ≡ 1 (mod k).
But now a0 ≡ 0 (mod k). Then by Theorem 2, a0 b0 ≡ 0 · b0 = 0 6= 1 (mod k). We have
a contradiction! Therefore k does not exist; we must have (a, n) = 1.
Conversely, if (a, n) = 1, by Fermat’s Little Theorem, we have an−1 ≡ 1 (mod n). So
a · an−2 ≡ 1 (mod n). The class [b] = [an−2 − kn], where k is the largest integer such that
an−2 − kn > 0, is a multiplication inverse for our class [a]; ∃ [b] = [a]−1 .
A quick example to our Theorem 8: [3] does not have a multiplication inverse in Z/15Z
since (3, 15) = 3 6= 1. With Theorem 8, we can check if a congruence equation ax ≡ b has a
solution; if it does, we can find that solution by computing the multiplication inverse.
An important consequence of linear equations of congruence is the Chinese Remainder
Theorem [7], which involves a system of particular congruence equations:
x ≡ a1 (mod m1 )
x ≡ a2 (mod m2 )
.. .. (14)
. .
x ≡ an (mod mn )
where any (mi , mj ) = 1, then there exists a unique [x] in Z/M Z (M = m1 m2 · · · mn ), such
that ∀ x ∈ [x], x satisfies the system (14) above.
Proof. Use induction. Start from case n = 2, i.e. x ≡ a1 (mod m1 ) and x ≡ a2 (mod m2 ).
We can write [x] = [a1 ] in Z/m1 Z and [x] = [a2 ] in Z/m2 Z. Now consider the element
[m1 ] in Z/m2 Z; since (m1 , m2 ) = 1 by our assumption, we can find a multiplication inverse
[m1 ]−1 . Denote a random element m−1 1 ∈ [m1 ]
−1
, we always have m1 m−1
1 ≡ 1 (mod m2 )
by definition of multiplication inverse. Similarly we can find an element m−1 2 such that
m2 m−12 ≡ 1 (mod m1 ). Now consider the following set [x 0 ]:
7
Now we prove the uniqueness of such [x0 ]. Suppose [x1 ] is also a solution to the equations
above. ∀ x0 ∈ [x0 ], x1 ∈ [x1 ], we have x0 ≡ a1 (mod m1 ), x0 ≡ a2 (mod m2 ), and x1 ≡ a1
(mod m1 ), x1 ≡ a2 (mod m2 ). Now we observe that:
where the ⊕ sign denotes the ”direct sum”. To get a sense of equation (17), given a class
[x] in Z/M Z, we can pick a class [xi ] in each Z/(mki i )Z to be its coordinates. The function
that maps each set of coordinates {[x1 ], . . . , [xn ]} to [x] ∈ Z/M Z is a bijection.
While linear equations of congruence have a quite straightforward method to solve, non-
linear congruence equations – especially systems of them – can get very complicated. In fact,
solving a random system of non-linear congruence equations is an NP-hard problem; the
fastest algorithm still requires exponential time.[4] These types of problems pose a future
challenge for human beings in the further studies of congruence.
8
References
[1] Jimmie Gilbert, Linda Gilbert. Elements of Modern Algebra, 6th Edition, Thomson
Brooks / Cole (2005). ISBN 053440264X.
[2] David M. Borton. Elementary Number Theory, 6th Edition, McGraw-Hill Education Inc
(2007).
[3] Don Redmond. Number Theory: An Introduction, Marcel Dekker Inc. (1996).