# 6.2: Introduction to Number Theory

- Last updated

- Save as PDF

- Page ID
- 15348

\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)

\( \newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\)

( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\)

\( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\)

\( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\)

\( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\)

\( \newcommand{\Span}{\mathrm{span}}\)

\( \newcommand{\id}{\mathrm{id}}\)

\( \newcommand{\Span}{\mathrm{span}}\)

\( \newcommand{\kernel}{\mathrm{null}\,}\)

\( \newcommand{\range}{\mathrm{range}\,}\)

\( \newcommand{\RealPart}{\mathrm{Re}}\)

\( \newcommand{\ImaginaryPart}{\mathrm{Im}}\)

\( \newcommand{\Argument}{\mathrm{Arg}}\)

\( \newcommand{\norm}[1]{\| #1 \|}\)

\( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\)

\( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\AA}{\unicode[.8,0]{x212B}}\)

\( \newcommand{\vectorA}[1]{\vec{#1}} % arrow\)

\( \newcommand{\vectorAt}[1]{\vec{\text{#1}}} % arrow\)

\( \newcommand{\vectorB}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vectorC}[1]{\textbf{#1}} \)

\( \newcommand{\vectorD}[1]{\overrightarrow{#1}} \)

\( \newcommand{\vectorDt}[1]{\overrightarrow{\text{#1}}} \)

\( \newcommand{\vectE}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash{\mathbf {#1}}}} \)

\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)

\(\newcommand{\avec}{\mathbf a}\) \(\newcommand{\bvec}{\mathbf b}\) \(\newcommand{\cvec}{\mathbf c}\) \(\newcommand{\dvec}{\mathbf d}\) \(\newcommand{\dtil}{\widetilde{\mathbf d}}\) \(\newcommand{\evec}{\mathbf e}\) \(\newcommand{\fvec}{\mathbf f}\) \(\newcommand{\nvec}{\mathbf n}\) \(\newcommand{\pvec}{\mathbf p}\) \(\newcommand{\qvec}{\mathbf q}\) \(\newcommand{\svec}{\mathbf s}\) \(\newcommand{\tvec}{\mathbf t}\) \(\newcommand{\uvec}{\mathbf u}\) \(\newcommand{\vvec}{\mathbf v}\) \(\newcommand{\wvec}{\mathbf w}\) \(\newcommand{\xvec}{\mathbf x}\) \(\newcommand{\yvec}{\mathbf y}\) \(\newcommand{\zvec}{\mathbf z}\) \(\newcommand{\rvec}{\mathbf r}\) \(\newcommand{\mvec}{\mathbf m}\) \(\newcommand{\zerovec}{\mathbf 0}\) \(\newcommand{\onevec}{\mathbf 1}\) \(\newcommand{\real}{\mathbb R}\) \(\newcommand{\twovec}[2]{\left[\begin{array}{r}#1 \\ #2 \end{array}\right]}\) \(\newcommand{\ctwovec}[2]{\left[\begin{array}{c}#1 \\ #2 \end{array}\right]}\) \(\newcommand{\threevec}[3]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \end{array}\right]}\) \(\newcommand{\cthreevec}[3]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \end{array}\right]}\) \(\newcommand{\fourvec}[4]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \\ #4 \end{array}\right]}\) \(\newcommand{\cfourvec}[4]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \\ #4 \end{array}\right]}\) \(\newcommand{\fivevec}[5]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \\ #4 \\ #5 \\ \end{array}\right]}\) \(\newcommand{\cfivevec}[5]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \\ #4 \\ #5 \\ \end{array}\right]}\) \(\newcommand{\mattwo}[4]{\left[\begin{array}{rr}#1 \amp #2 \\ #3 \amp #4 \\ \end{array}\right]}\) \(\newcommand{\laspan}[1]{\text{Span}\{#1\}}\) \(\newcommand{\bcal}{\cal B}\) \(\newcommand{\ccal}{\cal C}\) \(\newcommand{\scal}{\cal S}\) \(\newcommand{\wcal}{\cal W}\) \(\newcommand{\ecal}{\cal E}\) \(\newcommand{\coords}[2]{\left\{#1\right\}_{#2}}\) \(\newcommand{\gray}[1]{\color{gray}{#1}}\) \(\newcommand{\lgray}[1]{\color{lightgray}{#1}}\) \(\newcommand{\rank}{\operatorname{rank}}\) \(\newcommand{\row}{\text{Row}}\) \(\newcommand{\col}{\text{Col}}\) \(\renewcommand{\row}{\text{Row}}\) \(\newcommand{\nul}{\text{Nul}}\) \(\newcommand{\var}{\text{Var}}\) \(\newcommand{\corr}{\text{corr}}\) \(\newcommand{\len}[1]{\left|#1\right|}\) \(\newcommand{\bbar}{\overline{\bvec}}\) \(\newcommand{\bhat}{\widehat{\bvec}}\) \(\newcommand{\bperp}{\bvec^\perp}\) \(\newcommand{\xhat}{\widehat{\xvec}}\) \(\newcommand{\vhat}{\widehat{\vvec}}\) \(\newcommand{\uhat}{\widehat{\uvec}}\) \(\newcommand{\what}{\widehat{\wvec}}\) \(\newcommand{\Sighat}{\widehat{\Sigma}}\) \(\newcommand{\lt}{<}\) \(\newcommand{\gt}{>}\) \(\newcommand{\amp}{&}\) \(\definecolor{fillinmathshade}{gray}{0.9}\)

\( \def\d{\displaystyle}\)

\( \newcommand{\f}[1]{\mathfrak #1}\)

\( \newcommand{\s}[1]{\mathscr #1}\)

\( \def\N{\mathbb N}\)

\( \def\B{\mathbf{B}}\)

\( \def\circleA{(-.5,0) circle (1)}\)

\( \def\Z{\mathbb Z}\)

\( \def\circleAlabel{(-1.5,.6) node[above]{$A$}}\)

\( \def\Q{\mathbb Q}\)

\( \def\circleB{(.5,0) circle (1)}\)

\( \def\R{\mathbb R}\)

\( \def\circleBlabel{(1.5,.6) node[above]{$B$}}\)

\( \def\C{\mathbb C}\)

\( \def\circleC{(0,-1) circle (1)}\)

\( \def\F{\mathbb F}\)

\( \def\circleClabel{(.5,-2) node[right]{$C$}}\)

\( \def\A{\mathbb A}\)

\( \def\twosetbox{(-2,-1.5) rectangle (2,1.5)}\)

\( \def\X{\mathbb X}\)

\( \def\threesetbox{(-2,-2.5) rectangle (2,1.5)}\)

\( \def\E{\mathbb E}\)

\( \def\O{\mathbb O}\)

\( \def\U{\mathcal U}\)

\( \def\pow{\mathcal P}\)

\( \def\inv{^{-1}}\)

\( \def\nrml{\triangleleft}\)

\( \def\st{:}\)

\( \def\~{\widetilde}\)

\( \def\rem{\mathcal R}\)

\( \def\sigalg{$\sigma$-algebra }\)

\( \def\Gal{\mbox{Gal}}\)

\( \def\iff{\leftrightarrow}\)

\( \def\Iff{\Leftrightarrow}\)

\( \def\land{\wedge}\)

\( \def\And{\bigwedge}\)

\( \def\entry{\entry}\)

\( \def\AAnd{\d\bigwedge\mkern-18mu\bigwedge}\)

\( \def\Vee{\bigvee}\)

\( \def\VVee{\d\Vee\mkern-18mu\Vee}\)

\( \def\imp{\rightarrow}\)

\( \def\Imp{\Rightarrow}\)

\( \def\Fi{\Leftarrow}\)

\( \def\var{\mbox{var}}\)

\( \def\Th{\mbox{Th}}\)

\( \def\entry{\entry}\)

\( \def\sat{\mbox{Sat}}\)

\( \def\con{\mbox{Con}}\)

\( \def\iffmodels{\bmodels\models}\)

\( \def\dbland{\bigwedge \!\!\bigwedge}\)

\( \def\dom{\mbox{dom}}\)

\( \def\rng{\mbox{range}}\)

\( \def\isom{\cong}\)

\(\DeclareMathOperator{\wgt}{wgt}\)

\( \newcommand{\vtx}[2]{node[fill,circle,inner sep=0pt, minimum size=4pt,label=#1:#2]{}}\)

\( \newcommand{\va}[1]{\vtx{above}{#1}}\)

\( \newcommand{\vb}[1]{\vtx{below}{#1}}\)

\( \newcommand{\vr}[1]{\vtx{right}{#1}}\)

\( \newcommand{\vl}[1]{\vtx{left}{#1}}\)

\( \renewcommand{\v}{\vtx{above}{}}\)

\( \def\circleA{(-.5,0) circle (1)}\)

\( \def\circleAlabel{(-1.5,.6) node[above]{$A$}}\)

\( \def\circleB{(.5,0) circle (1)}\)

\( \def\circleBlabel{(1.5,.6) node[above]{$B$}}\)

\( \def\circleC{(0,-1) circle (1)}\)

\( \def\circleClabel{(.5,-2) node[right]{$C$}}\)

\( \def\twosetbox{(-2,-1.4) rectangle (2,1.4)}\)

\( \def\threesetbox{(-2.5,-2.4) rectangle (2.5,1.4)}\)

\( \def\ansfilename{practice-answers}\)

\( \def\shadowprops{ {fill=black!50,shadow xshift=0.5ex,shadow yshift=0.5ex,path fading={circle with fuzzy edge 10 percent}} }\)

\( \renewcommand{\bar}{\overline}\)

\( \newcommand{\card}[1]{\left| #1 \right|}\)

\( \newcommand{\twoline}[2]{\begin{pmatrix}#1 \\ #2 \end{pmatrix}}\)

\( \newcommand{\lt}{<}\)

\( \newcommand{\gt}{>}\)

\( \newcommand{\amp}{&}\)

\( \newcommand{\hexbox}[3]{

\def\x{-cos{30}*\r*#1+cos{30}*#2*\r*2}

\def\y{-\r*#1-sin{30}*\r*#1}

\draw (\x,\y) +(90:\r) -- +(30:\r) -- +(-30:\r) -- +(-90:\r) -- +(-150:\r) -- +(150:\r) -- cycle;

\draw (\x,\y) node{#3};

}\)

\(\renewcommand{\bar}{\overline}\)

\(\newcommand{\card}[1]{\left| #1 \right|}\)

\(\newcommand{\twoline}[2]{\begin{pmatrix}#1 \\ #2 \end{pmatrix}}\)

\(\newcommand{\lt}{<}\)

\(\newcommand{\gt}{>}\)

\(\newcommand{\amp}{&}\)

We have used the natural numbers to solve problems. This was the right set of numbers to work with in discrete mathematics because we always dealt with a whole number of things. The natural numbers have been a tool. Let's take a moment now to inspect that tool. What mathematical discoveries can we make *about* the natural numbers themselves?

This is the main question of number theory: a huge, ancient, complex, and above all, beautiful branch of mathematics. Historically, number theory was known as the Queen of Mathematics and was very much a branch of *pure* mathematics, studied for its own sake instead of as a means to understanding real world applications. This has changed in recent years however, as applications of number theory have been unearthed. Probably the most well known example of this is RSA cryptography, one of the methods used in encrypt data on the internet. It is number theory that makes this possible.

What sorts of questions belong to the realm of number theory? Here is a motivating example. Recall in our study of induction, we asked:

Which amounts of postage can be made exactly using just 5-cent and 8-cent stamps?

We were able to prove that *any* amount greater than 27 cents could be made. You might wonder what would happen if we changed the denomination of the stamps. What if we instead had 4- and 9-cent stamps? Would there be some amount after which all amounts would be possible? Well, again, we could replace two 4-cent stamps with a 9-cent stamp, or three 9-cent stamps with seven 4-cent stamps. In each case we can create one more cent of postage. Using this as the inductive case would allow us to prove that any amount of postage greater than 23 cents can be made.

What if we had 2-cent and 4-cent stamps. Here it looks less promising. If we take some number of 2-cent stamps and some number of 4-cent stamps, what can we say about the total? Could it ever be odd? Doesn't look like it.

*Why* does 5 and 8 work, 4 and 9 work, but 2 and 4 not work? What is it about these numbers? If I gave you a pair of numbers, could you tell me right away if they would work or not? We will answer these questions, and more, after first investigating some simpler properties of numbers themselves.

## Divisibility

It is easy to add and multiply natural numbers. If we extend our focus to all integers, then subtraction is also easy (we need the negative numbers so we can subtract any number from any other number, even larger from smaller). Division is the first operation that presents a challenge. If we wanted to extend our set of numbers so any division would be possible (maybe excluding division by 0) we would need to look at the rational numbers (the set of all numbers which can be written as fractions). This would be going too far, so we will refuse this option.

In fact, it is a good thing that not every number can be divided by other numbers. This helps us understand the structure of the natural numbers and opens the door to many interesting questions and applications.

If given numbers \(a\) and \(b\text{,}\) it is possible that \(a \div b\) gives a whole number. In this case, we say that \(b\) *divides* \(a\text{,}\) in symbols, we write \(b \mid a\text{.}\) If this holds, then \(b\) is a divisor or factor of \(a\text{,}\) and \(a\) is a multiple of \(b\text{.}\) In other words, if \(b \mid a\text{,}\) then \(a = bk\) for some integer \(k\) (this is saying \(a\) is some multiple of \(b\)).

The Divisibility Relation

Given integers \(m\) and \(n\text{,}\) we say “\(m\) divides \(n\)” and write

\begin{equation*} m \mid n \end{equation*}provided \(n \div m\) is an integer. Thus the following assertions mean the same thing:

- \(m \mid n\)
- \(n = mk\) for some integer \(k\)
- \(m\) is a factor (or divisor) of \(n\)
- \(n\) is a multiple of \(m\text{.}\)

Notice that \(m \mid n\) is a statement. It is either true or false. On the other hand, \(n \div m\) or \(n/m\) is some number. If we want to claim that \(n/m\) is not an integer, so \(m\) does not divide \(n\text{,}\) then we can write \(m \nmid n\text{.}\)

Example \(\PageIndex{1}\)

Decide whether each of the statements below are true or false.

- \(4 \mid 20\)
- \(20 \mid 4\)
- \(0 \mid 5\)
- \(5 \mid 0\)
- \(7 \mid 7\)
- \(1 \mid 37\)
- \(-3 \mid 12\)
- \(8 \mid 12\)
- \(1642 \mid 136299\)

**Solution**-
- True. 4 “goes into” 20 five times without remainder. In other words, \(20 \div 4 = 5\text{,}\) an integer. We could also justify this by saying that \(20\) is a multiple of 4: \(20 = 4\cdot 5\text{.}\)
- False. While 20 is a multiple of 4, it is false that \(4\) is a multiple of 20.
- False. \(5 \div 0\) is not even defined, let alone an integer.
- True. In fact, \(x \mid 0\) is true for all \(x\text{.}\) This is because 0 is a multiple of every number: \(0 = x\cdot 0\text{.}\)
- True. In fact, \(x \mid x\) is true for all \(x\text{.}\)
- True. 1 divides every number (other than 0).
- True. Negative numbers work just fine for the divisibility relation. Here \(12 = -3 \cdot 4\text{.}\) It is also true that \(3 \mid -12\) and that \(-3 \mid -12\text{.}\)
- False. Both 8 and 12 are divisible by 4, but this does not mean that \(12\) is divisible by \(8\text{.}\)
- False. See below.

This last example raises a question: how might one decide whether \(m \mid n\text{?}\) Of course, if you had a trusted calculator, you could ask it for the value of \(n \div m\text{.}\) If it spits out anything other than an integer, you know \(m \nmid n\text{.}\) This seems a little like cheating though: we don't have division, so should we really use division to check divisibility?

While we don't really know how to divide, we do know how to multiply. We might try multiplying \(m\) by larger and larger numbers until we get close to \(n\text{.}\) How close? Well, we want to be sure that if we multiply \(m\) by the next larger integer, we go over \(n\text{.}\)

For example, let's try this to decide whether \(1642 \mid 136299\text{.}\) Start finding multiples of 1642:

\begin{equation*} 1642 \cdot 2 = 3284 \qquad 1642 \cdot 3 = 4926 \qquad 1642\cdot 4 = 6568 \qquad \cdots \end{equation*}All of these are well less than 136299. I suppose we can jump ahead a bit:

\begin{equation*} 1642 \cdot 50 = 82100 \qquad 1642 \cdot 80 = 131360 \qquad 1642 \cdot 85 = 139570 \end{equation*}Ah, so we need to look somewhere between 80 and 85. Try 83:

\begin{equation*} 1642 \cdot 83 = 136286 \end{equation*}Is this the best we can do? How far are we from our desired 136299? If we subtract, we get \(136299 - 136286 = 13\text{.}\) So we know we cannot go up to 84, that will be too much. In other words, we have found that

\begin{equation*} 136299 = 83 \cdot 1642 + 13 \end{equation*}Since \(13 < 1642\text{,}\) we can now safely say that \(1642 \nmid 136299\text{.}\)

It turns out that the process we went through above can be repeated for any pair of numbers. We can always write the number \(a\) as some multiple of the number \(b\) plus some remainder. We know this because we know about *division with remainder* from elementary school. This is just a way of saying it using multiplication. Due to the procedural nature that can be used to find the remainder, this fact is usually called the *division algorithm*:

The Division Algorithm

Given any two integers \(a\) and \(b\text{,}\) we can always find an integer \(q\) such that

\begin{equation*} a = qb + r \end{equation*}where \(r\) is an integer satisfying \(0 \le r < |b|\)

The idea is that we can always take a large enough multiple of \(b\) so that the remainder \(r\) is as small as possible. We do allow the possibility of \(r = 0\text{,}\) in which case we have \(b \mid a\text{.}\)

## Remainder Classes

The division algorithm tells us that there are only \(b\) possible remainders when dividing by \(b\text{.}\) If we fix this divisor, we can group integers by the remainder. Each group is called a *remainder class modulo \(b\)* (or sometimes *residue class*).

Example \(\PageIndex{2}\)

Describe the remainder classes modulo \(5\text{.}\)

**Solution**-
We want to classify numbers by what their remainder would be when divided by \(5\text{.}\) From the division algorithm, we know there will be exactly 5 remainder classes, because there are only 5 choices for what \(r\) could be (\(0 \le r < 5\)).

First consider \(r = 0\text{.}\) Here we are looking for all the numbers divisible by \(5\) since \(a = 5q+0\text{.}\) In other words, the multiples of 5. We get the infinite set

\begin{equation*} \{\ldots, -15, -10, -5, 0, 5, 10, 15, 20, \ldots\} \end{equation*}Notice we also include negative integers.

Next consider \(r = 1\text{.}\) Which integers, when divided by 5, have remainder 1? Well, certainly 1, does, as does 6, and 11. Negatives? Here we must be careful: \(-6\) does NOT have remainder 1. We can write \(-6 = -2\cdot 5 + 4\) or \(-6 = -1 \cdot 5 - 1\text{,}\) but only one of these is a “correct” instance of the division algorithm: \(r = 4\) since we need \(r\) to be non-negative. So in fact, to get \(r = 1\text{,}\) we would have \(-4\text{,}\) or \(-9\text{,}\) etc. Thus we get the remainder class

\begin{equation*} \{\ldots, -14, -9, -4, 1, 6, 11, 16, 21, \ldots\} \end{equation*}There are three more to go. The remainder classes for \(2\text{,}\) \(3\text{,}\) and \(4\) are, respectively

\begin{equation*} \{\ldots, -13, -8, -3, 2, 7, 12, 17, 22,\ldots\} \end{equation*} \begin{equation*} \{\ldots, -12, -7, -2, 3, 8, 13, 18, 23, \ldots\} \end{equation*} \begin{equation*} \{\ldots, -11, -6, -1, 4, 9, 14, 19, 24, \ldots\}. \end{equation*}

Note that in the example above, *every* integer is in exactly one remainder class. The technical way to say this is that the remainder classes modulo \(b\) form a *partition* of the integers.^{ 1 }It is possible to develop a mathematical theory of partitions, prove statements about all partitions in general and then apply those observations to our case here. The most important fact about partitions, is that it is possible to define an *equivalence relation* from a partition: this is a relationship between pairs of numbers which acts in all the important ways like the “equals” relationship.^{ 2 }Again, there is a mathematical theory of equivalence relations which applies in many more instances than the one we look at here.

All fun technical language aside, the idea is really simple. If two numbers belong to the same remainder class, then in some way, they are the same. That is, they are the same *up to division by \(b\)*. In the case where \(b = 5\) above, the numbers \(8\) and \(23\text{,}\) while not the same number, are the same when it comes to dividing by 5, because both have remainder \(3\text{.}\)

It matters what the divisor is: \(8\) and \(23\) are the same up to division by \(5\text{,}\) but not up to division by \(7\text{,}\) since \(8\) has remainder of 1 when divided by 7 while 23 has a remainder of 2.

With all this in mind, let's introduce some notation. We want to say that \(8\) and 23 are basically the same, even though they are not equal. It would be wrong to say \(8 = 23\text{.}\) Instead, we write \(8 \equiv 23\text{.}\) But this is not always true. It works if we are thinking division by 5, so we need to denote that somehow. What we will actually write is this:

\begin{equation*} 8 \equiv 23 \pmod{5} \end{equation*}which is read, “8 is congruent to 23 modulo 5” (or just “mod 5”). Of course then we could observe that

\begin{equation*} 8 \not\equiv 23 \pmod{7} \end{equation*}Congruence Modulo \(n\)

We say \(a\) is congruent to \(b\) modulo \(n\), and write,

\begin{equation*} a \equiv b \pmod{n} \end{equation*}provided \(a\) and \(b\) have the same remainder when divided by \(n\text{.}\) In other words, provided \(a\) and \(b\) belong to the same remainder class modulo \(n\text{.}\)

Many books define congruence modulo \(n\) slightly differently. They say that \(a \equiv b \pmod{n}\) if and only if \(n \mid a-b\text{.}\) In other words, two numbers are congruent modulo \(n\text{,}\) if their difference is a multiple of \(n\text{.}\) So which definition is correct? Turns out, it doesn't matter: they are equivalent.

To see why, consider two numbers \(a\) and \(b\) which are congruent modulo \(n\text{.}\) Then \(a\) and \(b\) have the same remainder when divided by \(n\text{.}\) We have

\begin{equation*} a = q_1 n + r \qquad\qquad b = q_2 n + r \end{equation*}Here the two \(r\)'s really are the same. Consider what we get when we take the difference of \(a\) and \(b\text{:}\)

\begin{equation*} a-b = q_1n + r - (q_2n + r) = q_1n - q_2 n = (q_1-q_2)n \end{equation*}So \(a-b\) is a multiple of \(n\text{,}\) or equivalently, \(n \mid a-b\text{.}\)

On the other hand, if we assume first that \(n \mid a-b\text{,}\) so \(a-b = kn\text{,}\) then consider what happens if we divide each term by \(n\text{.}\) Dividing \(a\) by \(n\) will leave some remainder, as will dividing \(b\) by \(n\text{.}\) However, dividing \(kn\) by \(n\) will leave 0 remainder. So the remainders on the left-hand side must cancel out. That is, the remainders must be the same.

Thus we have:

Congruence and Divisibility

For any integers \(a\text{,}\) \(b\text{,}\) and \(n\text{,}\) we have

\begin{equation*} a \equiv b \pmod{n} \qquad \mbox{ if and only if } \qquad n \mid a-b. \end{equation*}

It will also be useful to switch back and forth between congruences and regular equations. The above fact helps with this. We know that \(a \equiv b \pmod{n}\) if and only if \(n \mid a-b\text{,}\) if and only if \(a-b = kn\) for some integer \(k\text{.}\) Rearranging that equation, we get \(a = b + kn\text{.}\) In other words, if \(a\) and \(b\) are congruent modulo \(n\text{,}\) then \(a\) is \(b\) more than some multiple of \(n\text{.}\) This conforms with our earlier observation that all the numbers in a particular remainder class are the same amount larger than the multiples of \(n\text{.}\)

Congruence and Equality

For any integers \(a\text{,}\) \(b\text{,}\) and \(n\text{,}\) we have

\begin{equation*} a \equiv b \pmod{n} \qquad \mbox{ if and only if } \qquad a = b + kn \mbox{ for some integer } k . \end{equation*}

## Properties of Congruence

We said earlier that congruence modulo \(n\) behaves, in many important ways, the same way equality does. Specifically, we could prove that congruence modulo \(n\) is an *equivalence relation*, which would require checking the following three facts:

Congruence Modulo \(n\) is an Equivalence Relation

Given any integers \(a\text{,}\) \(b\text{,}\) and \(c\text{,}\) and any positive integer \(n\text{,}\) the following hold:

- \(a \equiv a \pmod{n}\text{.}\)
- If \(a \equiv b \pmod{n}\) then \(b \equiv a \pmod{n}\text{.}\)
- If \(a \equiv b \pmod{n}\) and \(b \equiv c \pmod{n}\text{,}\) then \(a \equiv c \pmod{n}\text{.}\)

In other words, congruence modulo \(n\) is reflexive, symmetric, and transitive, so is an equivalence relation.

You should take a minute to convince yourself that each of the properties above actually hold of congruence. Try explaining each using both the remainder and divisibility definitions.

Next, consider how congruence behaves when doing basic arithmetic. We already know that if you subtract two congruent numbers, the result will be congruent to 0 (be a multiple of \(n\)). What if we add something congruent to 1 to something congruent to 2? Will we get something congruent to 3?

Congruence and Arithmetic

Suppose \(a \equiv b \pmod{n}\) and \(c \equiv d \pmod{n}\text{.}\) Then the following hold:

- \(a+c \equiv b+d \pmod{n}\text{.}\)
- \(a-c \equiv b-d \pmod{n}\text{.}\)
- \(ac \equiv bd \pmod{n}\text{.}\)

The above facts might be written a little strangely, but the idea is simple. If we have a true congruence, and we add the same thing to both sides, the result is still a true congruence. This sounds like we are saying:

If \(a \equiv b \pmod{n}\) then \(a+c \equiv b+c \pmod{n}\text{.}\)

Of course this is true as well, it is the special case where \(c = d\text{.}\) But what we have works in more generality. Think of congruence as being “basically equal.” If we have two numbers which are basically equal, and we add basically the same thing to both sides, the result will be basically equal.

This seems reasonable. Is it really true? Let's prove the first fact:

**Proof**

Suppose \(a \equiv b \pmod{n}\) and \(c \equiv d \pmod{n}\text{.}\) That means \(a = b + kn\) and \(c = d + jn\) for integers \(k\) and \(j\text{.}\) Add these equations:

\begin{equation*} a+c = b+d + kn + jn. \end{equation*}

But \(kn + jn = (k+j)n\text{,}\) which is just a multiple of \(n\text{.}\) So \(a+c = b+d + (j+k)n\text{,}\) or in other words, \(a+c \equiv b+d \pmod{n}\)

\(\square\)

The other two facts can be proved in a similar way.

One of the important consequences of these facts about congruences, is that we can basically replace any number in a congruence with any other number it is congruent to. Here are some examples to see how (and why) that works:

Example \(\PageIndex{3}\)

Find the remainder of \(3491\) divided by \(9\text{.}\)

**Solution**-
We could do long division, but there is another way. We want to find \(x\) such that \(x \equiv 3491 \pmod{9}\text{.}\) Now \(3491 = 3000 + 400 + 90 + 1\text{.}\) Of course \(90 \equiv 0 \pmod 9\text{,}\) so we can replace the 90 in the sum with 0. Why is this okay? We are actually subtracting the “same” thing from both sides:

\begin{equation*} \begin{aligned}x \amp \equiv 3000 + 400 + 90 + 1 \pmod 9 \\ - ~~ 0 \amp \equiv 90 \pmod 9 \\ x \amp \equiv 3000 + 400 + 0 + 1\pmod 9. \end{aligned} \end{equation*}Next, note that \(400 = 4 \cdot 100\text{,}\) and \(100 \equiv 1 \pmod 9\) (since \(9 \mid 99\)). So we can in fact replace the 400 with simply a 4. Again, we are appealing to our claim that we can replace congruent elements, but we are really appealing to property 3 about the arithmetic of congruence: we know \(100 \equiv 1 \pmod{9}\text{,}\) so if we multiply both sides by \(4\text{,}\) we get \(400 \equiv 4 \pmod 9\text{.}\)

Similarly, we can replace 3000 with 3, since \(1000 = 1 + 999 \equiv 1 \pmod 9\text{.}\) So our original congruence becomes

\begin{equation*} x \equiv 3 + 4 + 0 + 1 \pmod 9 \end{equation*} \begin{equation*} x \equiv 8 \pmod 9. \end{equation*}Therefore \(3491\) divided by 9 has remainder 8.

The above example should convince you that the well known divisibility test for 9 is true: the sum of the digits of a number is divisible by 9 if and only if the original number is divisible by 9. In fact, we now know something more: any number is congruent to the sum of its digits, modulo 9.^{ 3 }This works for 3 as well, but definitely not for any modulus in general.

Let's try another:

Example \(\PageIndex{4}\)

Find the remainder when \(3^{123}\) is divided by 7.

**Solution**-
Of course, we are working with congruence because we want to find the smallest positive \(x\) such that \(x \equiv 3^{123} \pmod 7\text{.}\) Now first write \(3^{123} = (3^3)^{41}\text{.}\) We have:

\begin{equation*} 3^{123} = 27^{41} \equiv 6^{41} \pmod 7, \end{equation*}since \(27 \equiv 6 \pmod 7\text{.}\) Notice further that \(6^2 = 36\) is congruent to 1 modulo 7. Thus we can simplify further:

\begin{equation*} 6^{41} = 6\cdot (6^2)^{20} \equiv 6 \cdot 1^{20} \pmod 7. \end{equation*}

But \(1^{20} = 1\text{,}\) so we are done:

\begin{equation*} 3^{123} \equiv 6 \pmod 7. \end{equation*}

In the above example, we are using the fact that if \(a \equiv b \pmod n\text{,}\) then \(a^p \equiv b^p \pmod n\text{.}\) This is just applying property 3 a bunch of times.

So far we have seen how to add, subtract and multiply with congruences. What about division? There is a reason we have waited to discuss it. It turns out that we cannot simply divide. In other words, even if \(ad \equiv bd \pmod n\text{,}\) we do not know that \(a \equiv b \pmod n\text{.}\) Consider, for example:

\begin{equation*} 18 \equiv 42 \pmod 8. \end{equation*}This is true. Now \(18\) and \(42\) are both divisible by 6. However,

\begin{equation*} 3 \not\equiv 7 \pmod 8. \end{equation*}While this doesn't work, note that \(3 \equiv 7 \pmod 4\text{.}\) We cannot divide \(8\) by 6, but we can divide 8 by the greatest common factor of \(8\) and \(6\text{.}\) Will this always happen?

Suppose \(ad \equiv bd \pmod n\text{.}\) In other words, we have \(ad = bd + kn\) for some integer \(k\text{.}\) Of course \(ad\) is divisible by \(d\text{,}\) as is \(bd\text{.}\) So \(kn\) must also be divisible by \(d\text{.}\) Now if \(n\) and \(d\) have no common factors (other than 1), then we must have \(d \mid k\text{.}\) But in general, if we try to divide \(kn\) by \(d\text{,}\) we don't know that we will get an integer multiple of \(n\text{.}\) Some of the \(n\) might get divided as well. To be safe, let's divide as much of \(n\) as we can. Take the largest factor of both \(d\) and \(n\text{,}\) and cancel that out from \(n\text{.}\) The rest of the factors of \(d\) will come from \(k\text{,}\) no problem.

We will call the largest factor of both \(d\) and \(n\) the \(\gcd(d,n)\text{,}\) for *greatest common divisor*. In our example above, \(\gcd(6,8) = 2\) since the greatest divisor common to 6 and 8 is 2.

Congruence and Division

Suppose \(ad \equiv bd \pmod n\text{.}\) Then \(a \equiv b \pmod{\frac{n}{\gcd(d,n)}}\text{.}\)

If \(d\) and \(n\) have no common factors then \(\gcd(d,n) = 1\text{,}\) so \(a \equiv b \pmod n\text{.}\)

Example \(\PageIndex{5}\)

Simplify the following congruences using division: (a) \(24 \equiv 39 \pmod 5\) and (b) \(24 \equiv 39 \pmod{15}\text{.}\)

**Solution**-
(a) Both \(24\) and \(39\) are divisible by \(3\text{,}\) and \(3\) and \(5\) have no common factors, so we get

\begin{equation*} 8 \equiv 13 \pmod 5. \end{equation*}(b) Again, we can divide by 3. However, doing so blindly gives us \(8 \equiv 13 \pmod{15}\) which is no longer true. Instead, we must also divide the modulus 15 by the greatest common factor of \(3\) and \(15\text{,}\) which is \(3\text{.}\) Again we get

\begin{equation*} 8 \equiv 13 \pmod 5. \end{equation*}

## Solving Congruences

Now that we have some algebraic rules to govern congruence relations, we can attempt to solve for an unknown in a congruence. For example, is there a value of \(x\) that satisfies,

\begin{equation*} 3x + 2 \equiv 4 \pmod{5}, \end{equation*}and if so, what is it?

In this example, since the modulus is small, we could simply try every possible value for \(x\text{.}\) There are really only 5 to consider, since any integer that satisfied the congruence could be replaced with any other integer it was congruent to modulo 5. Here, when \(x = 4\) we get \(3x + 2 = 14\) which is indeed congruent to 4 modulo 5. This means that \(x = 9\) and \(x = 14\) and \(x = 19\) and so on will each also be a solution because as we saw above, replacing any number in a congruence with a congruent number does not change the truth of the congruence.

So in this example, simply compute \(3x + 2\) for values of \(x \in \{0,1,2,3,4\}\text{.}\) This gives 2, 5, 8, 11, and 14 respectively, for which only 14 is congruent to 4.

Let's also see how you could solve this using our rules for the algebra of congruences. Such an approach would be much simpler than the trial and error tactic if the modulus was larger. First, we know we can subtract 2 from both sides:

\begin{equation*} 3x \equiv 2 \pmod{5}. \end{equation*}Then to divide both sides by 3, we first add 0 to both sides. Of course, on the right-hand side, we want that 0 to be a 10 (yes, \(10\) really is 0 since they are congruent modulo 5). This gives,

\begin{equation*} 3x \equiv 12 \pmod{5}. \end{equation*}Now divide both sides by 3. Since \(\gcd(3,5) = 1\text{,}\) we do not need to change the modulus:

\begin{equation*} x \equiv 4 \pmod{5}. \end{equation*}Notice that this in fact gives the *general solution*: not only can \(x = 4\text{,}\) but \(x\) can be any number which is congruent to 4. We can leave it like this, or write “\(x = 4 + 5k\) for any integer \(k\text{.}\)”

Example \(\PageIndex{6}\)

Solve the following congruences for \(x\text{.}\)

- \(7x \equiv 12 \pmod{13}\text{.}\)
- \(84x - 38 \equiv 79 \pmod{15}\text{.}\)
- \(20x \equiv 23 \pmod{14}\text{.}\)

**Solution**-
- All we need to do here is divide both sides by 7. We add 13 to the right-hand side repeatedly until we get a multiple of 7 (adding 13 is the same as adding 0, so this is legal). We get \(25\text{,}\) \(38\text{,}\) \(51\text{,}\) \(64\text{,}\) \(77\) – got it. So we have: \begin{equation*} \begin{aligned}7x \amp \equiv 12 \pmod{13} \\ 7x \amp \equiv 77 \pmod{13} \\ x \amp \equiv 11 \pmod{13}. \end{aligned} \end{equation*}
- Here, since we have numbers larger than the modulus, we can reduce them prior to applying any algebra. We have \(84 \equiv 9\text{,}\) \(38 \equiv 8\) and \(79 \equiv 4\text{.}\) Thus, \begin{equation*} \begin{aligned}84x - 38 \amp \equiv 79 \pmod{15} \\ 9x - 8 \amp \equiv 4 \pmod{15} \\ 9x \amp \equiv 12 \pmod{15} \\ 9x \amp \equiv 72 \pmod{15}. \end{aligned} \end{equation*} We got the 72 by adding \(0 \equiv 60 \pmod{15}\) to both sides of the congruence. Now divide both sides by 9. However, since \(\gcd(9, 15) = 3\text{,}\) we must divide the modulus by 3 as well: \begin{equation*} x \equiv 8 \pmod 5. \end{equation*} So the solutions are those values which are congruent to 8, or equivalently 3, modulo 5. This means that in some sense there are 3 solutions modulo 15: 3, 8, and 13. We can write the solution: \begin{equation*} x \equiv 3 \pmod{15}; ~~ x \equiv 8 \pmod{15}; ~~x \equiv 13 \pmod{15}. \end{equation*}
- First, reduce modulo 14: \begin{equation*} 20x \equiv 23 \pmod{14} \end{equation*} \begin{equation*} 6x \equiv 9 \pmod{14}. \end{equation*} We could now divide both sides by 3, or try to increase 9 by a multiple of 14 to get a multiple of 6. If we divide by 3, we get, \begin{equation*} 2x \equiv 3 \pmod{14}. \end{equation*} Now try adding multiples of 14 to 3, in hopes of getting a number we can divide by 2. This will not work! Every time we add 14 to the right side, the result will still be odd. We will never get an even number, so we will never be able to divide by 2. Thus there are no solutions to the congruence.

The last congruence above illustrates the way in which congruences might not have solutions. We could have seen this immediately in fact. Look at the original congruence:

\begin{equation*} 20x \equiv 23 \pmod{14}. \end{equation*}If we write this as an equation, we get

\begin{equation*} 20x = 23 + 14k, \end{equation*}or equivalently \(20x - 14k = 23\text{.}\) We can easily see there will be no solution to this equation in integers. The left-hand side will always be even, but the right-hand side is odd. A similar problem would occur if the right-hand side was divisible by *any* number the left-hand side was not.

So in general, given the congruence

\begin{equation*} ax \equiv b \pmod{n}, \end{equation*}if \(a\) and \(n\) are divisible by a number which \(b\) is not divisible by, then there will be no solutions. In fact, we really only need to check one divisor of \(a\) and \(n\text{:}\) the greatest common divisor. Thus, a more compact way to say this is:

Congruences with no solutions

If \(\gcd(a,n) \nmid b\text{,}\) then \(ax \equiv b \pmod{n}\) has no solutions.

## Solving Linear Diophantine Equations

Discrete math deals with whole numbers of things. So when we want to solve equations, we usually are looking for *integer* solutions. Equations which are intended to only have integer solutions were first studied by in the third century by the Greek mathematician Diophantus of Alexandria, and as such are called *Diophantine equations*. Probably the most famous example of a Diophantine equation is \(a^2 + b^2 = c^2\text{.}\) The integer solutions to this equation are called *Pythagorean triples*. In general, solving Diophantine equations is hard (in fact, there is provably no general algorithm for deciding whether a Diophantine equation has a solution, a result known as Matiyasevich's Theorem). We will restrict our focus to *linear* Diophantine equations, which are considerably easier to work with.

Diophantine Equations

An equation in two or more variables is called a Diophantine equation if only integers solutions are of interest. A linear Diophantine equation takes the form \(a_1x_1 + a_2x_x + \cdots + a_nx_n = b\) for constants \(a_1,\ldots, a_n, b\text{.}\)

A solution to a Diophantine equation is a solution to the equation consisting only of integers.

We have the tools we need to solve linear Diophantine equations. We will consider, as a main example, the equation

\begin{equation*} 51x + 87y = 123. \end{equation*}The general strategy will be to convert the equation to a congruence, then solve that congruence.^{ 4 }This is certainly not the only way to proceed. A more common technique would be to apply the *Euclidean algorithm*. Our way can be a little faster, and is presented here primarily for variety. Let's work this particular example to see how this might go.

First, check if perhaps there are no solutions because a divisor of \(51\) and \(87\) is not a divisor of \(123\text{.}\) Really, we just need to check whether \(\gcd(51, 87) \mid 123\text{.}\) This greatest common divisor is 3, and yes \(3 \mid 123\text{.}\) At this point, we might as well factor out this greatest common divisor. So instead, we will solve:

\begin{equation*} 17x + 29y = 41. \end{equation*}Now observe that if there are going to be solutions, then for those values of \(x\) and \(y\text{,}\) the two sides of the equation must have the same remainder as each other, no matter what we divide by. In particular, if we divide both sides by 17, we must get the same remainder. Thus we can safely write

\begin{equation*} 17x + 29y \equiv 41 \pmod{17}. \end{equation*}We choose 17 because \(17x\) will have remainder 0. This will allow us to reduce the congruence to just one variable. We could have also moved to a congruence modulo 29, although there is usually a good reason to select the smaller choice, as this will allow us to reduce the other coefficient. In our case, we reduce the congruence as follows:

\begin{equation*} \begin{aligned}17x + 29y \amp \equiv 41 \pmod{17} \\ 0x + 12y \amp \equiv 7 \pmod{17} \\ 12 y \amp \equiv 24 \pmod{17} \\ y \amp \equiv 2 \pmod{17}. \end{aligned} \end{equation*}Now at this point we know \(y = 2 + 17k\) will work for any integer \(k\text{.}\) If we haven't made a mistake, we should be able to plug this back into our original Diophantine equation to find \(x\text{:}\)

\begin{equation*} \begin{aligned}17x + 29(2 + 17k) \amp = 41\\ 17x \amp = -17 - 29\cdot 17k\\ x \amp = -1-29k. \end{aligned} \end{equation*}We have now found all solutions to the Diophantine equation. For each \(k\text{,}\) \(x = -1-29k\) and \(y = 2 + 17k\) will satisfy the equation. We could check this for a few cases. If \(k = 0\text{,}\) the solution is \((-1,2)\text{,}\) and yes, \(-17 + 2\cdot 29 = 41\text{.}\) If \(k = 3\text{,}\) the solution is \((-88, 53)\text{.}\) If \(k = -2\text{,}\) we get \((57, -32)\text{.}\)

To summarize this process, to solve \(ax + by = c\text{,}\) we,

- Divide both sides of the equation by \(\gcd(a,b)\) (if this does not leave the right-hand side as an integer, there are no solutions). Let's assume that \(ax + by = c\) has already been reduced in this way.
- Pick the smaller of \(a\) and \(b\) (here, assume it is \(b\)), and convert to a congruence modulo \(b\text{:}\) \begin{equation*} ax + by \equiv c \pmod{b}. \end{equation*} This will reduce to a congruence with one variable, \(x\text{:}\) \begin{equation*} ax \equiv c \pmod{b}. \end{equation*}
- Solve the congruence as we did in the previous section. Write your solution as an equation, such as, \begin{equation*} x = n + kb \end{equation*}
- Plug this into the original Diophantine equation, and solve for \(y\text{.}\)
- If we want to know solutions in a particular range (for example, \(0 \le x, y \le 20\)), pick different values of \(k\) until you have all required solutions.

Here is another example:

Example \(\PageIndex{7}\)

How can you make $6.37 using just 5-cent and 8-cent stamps? What is the smallest and largest number of stamps you could use?

**Solution**-
First, we need a Diophantine equation. We will work in numbers of cents. Let \(x\) be the number of \(5\)-cent stamps, and \(y\) be the number of 8-cent stamps. We have:

\begin{equation*} 5x + 8y = 637. \end{equation*}Convert to a congruence and solve:

\begin{equation*} \begin{aligned}8y \amp \equiv 367 \pmod{5}\\ 3y \amp \equiv 2 \pmod 5\\ 3y \amp \equiv 12 \pmod 5\\ y \amp \equiv 4 \pmod 5.\\ \end{aligned} \end{equation*}Thus \(y = 4 + 5k\text{.}\) Then \(5x + 8(4+5k) = 637\text{,}\) so \(x = 121 - 8k\text{.}\)

This says that one way to make $6.37 is to take 121 of the 5-cent stamps and 4 of the 8-cent stamps. To find the smallest and largest number of stamps, try different values of \(k\text{.}\)

\(k\) \((x,y)\) Stamps -1 (129, -1) not possible 0 (121, 4) 125 1 (113, 9) 122 2 (105, 13) 119 \vdots \vdots \vdots This is no surprise. Having the most stamps means we have as many 5-cent stamps as possible, and to get the smallest number of stamps would require have the least number of 5-cent stamps. To minimize the number of 5-cent stamps, we want to pick \(k\) so that \(121-8k\) is as small as possible (but still positive). When \(k = 15\text{,}\) we have \(x = 1\) and \(y = 79\text{.}\)

Therefore, to make $6.37, you can us as few as 80 stamps (1 5-cent stamp and 79 8-cent stamps) or as many as 125 stamps (121 5-cent stamps and 4 8-cent stamps).

Using this method, as long as you can solve linear congruences in one variable, you can solve linear Diophantine equations of two variables. There are times though that solving the linear congruence is a lot of work. For example, suppose you need to solve,

\begin{equation*} 13x \equiv 6 \pmod{51}. \end{equation*}You *could* keep adding 51 to the right side until you get a multiple of 13: You would get 57, 108, 159, 210, 261, 312, and 312 is the first of these that is divisible by 13. This works, but is really too much work. Instead we could convert *back* to a Diophantine equation:

Now solve *this* like we have in this section. Write it as a congruence modulo 13:

so \(k = 6 + 13j\text{.}\) Now go back and figure out \(x\text{:}\)

\begin{equation*} \begin{aligned}13x \amp = 6 + 51(6+13j)\\ x \amp = 24 + 51j. \end{aligned} \end{equation*}Of course you could do this switching back and forth between congruences and Diophantine equations as many times as you like. If you *only* used this technique, you would essentially replicate the Euclidean algorithm, a more standard way to solve Diophantine equations.