0 Notes2 MemoryCPU

An Introductory Course in Elementary
Number Theory
Wissam Raji
2
Preface
These notes serve as course notes for an undergraduate course in number the-
ory. Most if not all universities worldwide offer introductory courses in number
theory for math majors and in many cases as an elective course.
The notes contain a useful introduction to important topics that need to be ad-
dressed in a course in number theory. Proofs of basic theorems are presented in
an interesting and comprehensive way that can be read and understood even by
non-majors with the exception in the last three chapters where a background in
analysis, measure theory and abstract algebra is required. The exercises are care-
fully chosen to broaden the understanding of the concepts. Moreover, these notes
shed light on analytic number theory, a subject that is rarely seen or approached
by undergraduate students. One of the unique characteristics of these notes is the
careful choice of topics and its importance in the theory of numbers. The
freedom is given in the last two chapters because of the advanced nature of the
topics that are presented.
Thanks to professor Pavel Guerzhoy from University of Hawaii for his
contribution in chapter 6 on continued fraction and to Professor Ramez
Maalouf from Notre Dame University, Lebanon for his contribution to chapter 8.
Contents
1 Introduction 7
1.1 Algebraic Operations With Integers . . . . . . . . . . . . . . . . 8
1.2 The Well Ordering Principle and Mathematical Induction . . . . . 9
1.2.1 The Well Ordering Principle . . . . . . . . . . . . . . . 10
1.2.2 The Pigeonhole Principle . . . . . . . . . . . . . . . . . 10
1.2.3 The Principle of Mathematical Induction . . . . . . . . 10
1.3 Divisibility and the Division Algorithm . . . . . . . . . . . . . . 13
1.3.1 Integer Divisibility . . . . . . . . . . . . . . . . . . . . . 13
1.3.2 The Division Algorithm . . . . . . . . . . . . . . . . . . 15
1.4 Representations of Integers in Different Bases . . . . . . . . . . . 16
1.5 The Greatest Common Divisor . . . . . . . . . . . . . . . . . . . 20
1.6 The Euclidean Algorithm . . . . . . . . . . . . . . . . . . . . . . 24
1.7 Lame’s Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2 Prime Numbers 31
2.1 The Sieve of Eratosthenes . . . . . . . . . . . . . . . . . . . . . . 31
2.2 The infinitude of Primes . . . . . . . . . . . . . . . . . . . . . . 34
2.3 The Fundamental Theorem of Arithmetic . . . . . . . . . . . . . 35
2.3.1 The Fundamental Theorem of Arithmetic . . . . . . . . . 36
2.3.2 More on the Infinitude of Primes . . . . . . . . . . . . . . 39
2.4 Least Common Multiple . . . . . . . . . . . . . . . . . . . . . . 41
3
4 CONTENTS
2.5 Linear Diophantine Equations . . . . . . . . . . . . . . . . . . . 43

2.6 The function [x] , the symbols ”O”, ”o” and ”∼” . . . . . . . . . . 46
2.6.1 The Function [x] . . . . . . . . . . . . . . . . . . . . . . 46
2.6.2 The ”O” and ”o” Symbols . . . . . . . . . . . . . . . . . 47
2.7 Theorems and Conjectures involving prime numbers . . . . . . . 49
3 Congruences 51
3.1 Introduction to congruences . . . . . . . . . . . . . . . . . . . . 51
3.2 Residue Systems and Euler’s φ-Function . . . . . . . . . . . . . . 57
3.2.1 Residue Systems . . . . . . . . . . . . . . . . . . . . . . 57
3.2.2 Euler’s φ-Function . . . . . . . . . . . . . . . . . . . . . 59
3.3 Linear Congruences . . . . . . . . . . . . . . . . . . . . . . . . . 59
3.4 The Chinese Remainder Theorem . . . . . . . . . . . . . . . . . 62
3.5 Theorems of Fermat, Euler, and Wilson . . . . . . . . . . . . . . 64
4 Multiplicative Number Theoretic Functions 69

4.1 Definitions and Properties . . . . . . . . . . . . . . . . . . . . . . 70
4.2 Multiplicative Number Theoretic Functions . . . . . . . . . . . . 73
4.2.1 The Euler φ-Function . . . . . . . . . . . . . . . . . . . 73
4.2.2 The Sum-of-Divisors Function . . . . . . . . . . . . . . 76
4.2.3 The Number-of-Divisors Function . . . . . . . . . . . . 77
4.3 The Mobius Function and the Mobius Inversion Formula . . . . . 79
4.4 Perfect, Mersenne, and Fermat Numbers . . . . . . . . . . . . . . 82
5 Primitive Roots and Quadratic Residues 89

5.1 The order of Integers and Primitive Roots . . . . . . . . . . . . . 89
5.2 Primitive Roots for Primes . . . . . . . . . . . . . . . . . . . . . 94
5.3 The Existence of Primitive Roots . . . . . . . . . . . . . . . . . . 98
5.4 Introduction to Quadratic Residues and Nonresidues . . . . . . . 105
5.5 Legendre Symbol . . . . . . . . . . . . . . . . . . . . . . . . . . 106
CONTENTS 5
5.6 The Law of Quadratic Reciprocity . . . . . . . . . . . . . . . . . 112

5.7 Jacobi Symbol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
6 Introduction to Continued Fractions 121

6.1 Basic Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
6.2 Main Technical Tool . . . . . . . . . . . . . . . . . . . . . . . . 126
6.3 Very Good Approximation . . . . . . . . . . . . . . . . . . . . . 130
6.4 An Application . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
6.5 A Formula of Gauss, a Theorem of Kuzmin and Le´vi and a Prob-
lem of Arnold . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
7 Introduction to Analytic Number Theory 137

7.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
7.2 Chebyshev’s Functions . . . . . . . . . . . . . . . . . . . . . . . 141
7.3 Getting Closer to the Proof of the Prime Number Theorem . . . . 143
8 Other Topics in Number Theory 151

8.1 Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
8.2 Elliptic Curves . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
8.3 The Riemann Zeta Function . . . . . . . . . . . . . . . . . . . . 161
6 CONTENTS
Chapter 1
Introduction
Integers are the building blocks of the theory of numbers. This chapter contains
somewhat very simple and obvious observations starting with properties of inte-
gers and yet the proofs behind those observations are not as simple. In this
chapter we introduce basic operations on integers and some algebraic definitions
that will be necessary to understand basic concepts in this book. We then
introduce the Well ordering principle which states basically that every set of
positive integers has a smallest element. Proof by induction is also presented as
an efficient method for proving several theorems throughout the book. We
proceed to define the concept of divisibility and the division algorithm. We
then introduce the elementary but fundamental concept of a greatest common
divisor (gcd) of two integers, and the Euclidean algorithm for finding the gcd of
two integers. We end this chapter with Lame’s Lemma on an estimate of the
number of steps in the Euclidean algorithm needed to find the gcd of two
integers.
7
8 CHAPTER 1. INTRODUCTION
1.1 Algebraic Operations With Integers

The set Z of all integers, which this book is all about, consists of all positive and
negative integers as well as 0. Thus Z is the set given by
Z = {..., −4, −3, −2, −1, 0, 1, 2, 3, 4, ...}. (1.1)
While the set of all positive integers, denoted by N, is defined by
N = {1, 2, 3, 4, ...}. (1.2)
On Z, there are two basic binary operations, namely addition (denoted by +)

and multiplication (denoted by ·), that satisfy some basic properties from which
every other property for Z emerges.
1. The Commutativity property for addition and multiplication
a+ b= b+ a
a· b= b· a
2. Associativity property for addition and multiplication
(a + b) + c = a + (b +
c) (a · b) · c = a · (b · c)
3. The distributivity property of multiplication over addition
a · (b + c) = a · b + a ·
c.
1.2. THE WELL ORDERING PRINCIPLE AND MATHEMATICAL INDUCTION9
In the set Z there are ”identity elements” for the two operations + and ·, and
these are the elements 0 and 1 respectively, that satisfy the basic properties
a+ 0= 0+ a =
aa· 1= 1· a =
a
for every a ∈ Z.
The set Z allows additive inverses for its elements, in the sense that for every
a ∈ Z there exists another integer in Z, denoted by −a, such that
a + (−a) = 0. (1.3)
While for multiplication, only the integer 1 has a multiplicative inverse in the
sense that 1 is the only integer a such that there exists another integer, denoted
by
a−1 or by 1/a, (namely 1 itself in this case) such that
a · a−1 = 1. (1.4)
From the operations of addition and multiplication one can define two other
operations on Z, namely subtraction (denoted by −) and division (denoted by
/). Subtraction is a binary operation on Z, i.e. defined for any two integers in Z,
while division is not a binary operation and thus is defined only for some
specific couple of integers in Z. Subtraction and division are defined as follows:
1. a − b is defined by a + (−b), i.e. a − b = a + (−b) for every a, b ∈ Z
2. a/b is defined by the integer c if and only if a = b · c.
1.2 The Well Ordering Principle and Mathematical

Induction
In this section, we present three basic tools that will often be used in proving
properties of the integers. We start with a very important property of integers
called
the well ordering principle. We then state what is known as the pigeonhole prin-
ciple, and then we proceed to present an important method called mathematical
induction.
1.2.1 The Well Ordering Principle

The Well Ordering Principle: A least element exist in any non empty set of
positive integers.
This principle can be taken as an axiom on integers and it will be the key to
proving many theorems. As a result, we see that any set of positive integers is
well ordered while the set of all integers is not well ordered.
1.2.2 The Pigeonhole Principle

The Pigeonhole Principle: If s objects are placed in k boxes for s > k, then at
least one box contains more than one object.
Proof. Suppose that none of the boxes contains more than one object. Then there
are at most k objects. This leads to a contradiction with the fact that there are s
objects for s > k.
1.2.3 The Principle of Mathematical Induction

We now present a valuable tool for proving results about integers. This tool is
the principle of mathematical induction .
Theorem 1. The First Principle of Mathematical Induction: If a set of positive

integers has the property that, if it contains the integer k, then it also contains
1.2. THE WELL ORDERING PRINCIPLE AND MATHEMATICAL
INDUCTION11
k + 1, and if this set contains 1 then it must be the set of all positive integers.
More generally, a property concerning the positive integers that is true for n = 1,
and that is true for the integer n + 1 whenever it is true for the integer n, must
be true for all positive integers.
We use the well ordering principle to prove the first principle of

mathematical induction
Proof. Let S be the set of positive integers containing the integer 1, and the
integer k + 1 whenever it contains k. Assume also that S is not the set of all
positive integers. As a result, there are some integers that are not contained in S
and thus those integers must have a least element α by the well ordering
principle. Notice that α = 1 since 1 ∈ S. But α − 1 ∈ S and thus using the
property of S, α ∈ S. Thus S must contain all positive integers.
We now present some examples in which we use the principle of induction.

Example 1. Use mathematical induction to show that ∀n ∈ N
Xn
n(n + 1)
j= . (1.5)
2
j=1
First note that

X
1
1· 2
j =1=
j=1
2
and thus the the statement is true for n = 1. For the remaining inductive step,
Pn
suppose that the formula holds for n, that is j=1 j = n(n+1)
2 . We show that
X
n+1
(n + 1)(n + 2)
j= .
j=1
2
to complete the proof by induction. Indeed

X
n+1 X
n
n(n + 1) (n + 1)(n + 2)
j= j + (n + 1) = + (n + 1) = ,
j=1 j=1
2 2
and the result follows.

Example 2. Use mathematical induction to prove that n! ≤ nn for all positive

integers n.
Note that 1! = 1 ≤ 11 = 1. We now present the inductive step. Suppose that
n! ≤ nn
for some n, we prove that (n + 1)! ≤ (n + 1)n+1 . Note

that
(n + 1)! = (n + 1)n! ≤ (n + 1).nn < (n + 1)(n + 1)n = (n + 1)n+1

.
This completes the proof.
Theorem 2. The Second Principle of Mathematical Induction: A set of positive

integers that has the property that for every integer k, if it contains all the
integers
1 through k then it contains k + 1 and if it contains 1 then it must be the set of
all positive integers. More generally, a property concerning the positive integers
that is true for n = 1, and that is true for all integers up to n + 1 whenever it is
true for all integers up to n, must be true for all positive integers.
The second principle of induction is also known as the principle of strong

induction. Also, the first principle of induction is known as the principle of
weak induction.
To prove the second principle of induction, we use the first principle of
induction.
Proof. Let T be a set of integers containing 1 and such that for every positive
integer k, if it contains 1, 2, ..., k, then it contains k + 1. Let S be the set of all
positive integers k such that all the positive integers less than or equal to k are in
T . Then 1 is in S, and we also see that k + 1 is in S. Thus S must be the set of
all positive integers. Thus T must be the set of all positive integers since S is a
subset of T .
1.3. DIVISIBILITY AND THE DIVISION ALGORITHM 13
Exercises
1. Prove using mathematical induction that n < 3n for all positive integers n.
Pn
2. Show that 2 n(n+1)(2n+1) .
j=1 j = 6
Pn j−1 2
3. Use mathematical induction to prove that j=1 (−1) j = (−1)n−1 n(n+
1)/2.
Pn
4. Use mathematical induction to prove that j=1 j 3 = [n(n+1)/2]2 for every
positive integer n.
Pn
5. Use mathematical induction to prove that j=1 (2j − 1) = n2
6. Use mathematical induction to prove that 2n < n! for n ≥ 4.
7. Use mathematical induction to prove that n2 < n! for n ≥ 4.
1.3 Divisibility and the Division Algorithm

We now discuss the concept of divisibility and its
properties.
1.3.1 Integer Divisibility

Definition 1. If a and b are integers such that a = 0, then we say ”a divides b” if
there exists an integer k such that b = ka.
If a divides b, we also say ”a is a factor of b” or ”b is a multiple of a” and we

write a | b. If a doesn’t divide b, we write a - b. For example 2 | 4 and 7 | 63,
while 5 - 26.
Example 3. a) Note that any even integer has the form 2k for some integer k,
while any odd integer has the form 2k + 1 for some integer k. Thus 2|n if n is
even, while 2 - n if n is odd.
b) ∀a ∈ Z one has that a | 0.

c) If b ∈ Z is such that |b| < a, and b = 0, then a - b.
Theorem 3. If a, b and c are integers such that a | b and b | c, then a | c.
Proof. Since a | b and b | c, then there exist integers k1 and k2 such that b = k1 a
and c = k2 b. As a result, we have c = k1 k2 a and hence a | c.
Example 4. Since 6 | 18 and 18 | 36, then 6 | 36.
The following theorem states that if an integer divides two other integers
then it divides any linear combination of these integers.
Theorem 4. If a, b, c, m and n are integers, and if c | a and c | b, then c |

(ma + nb).
Proof. Since c | a and c | b, then by definition there exists k1 and k2 such that
a = k1 c and b = k2 c. Thus
ma + nb = mk1 c + nk2 c = c(mk1 + nk2 ),
and hence c | (ma + nb).
Theorem 4 can be generalized to any finite linear combination as follows. If
a | b1 , a | b2 , ..., a | bn
then
X
n
a| kj bj (1.6)
j=1
for any set of integers k1 , · · · , kn ∈ Z. It would be a nice exercise to prove the

generalization by induction.
1.3. DIVISIBILITY AND THE DIVISION ALGORITHM 15
1.3.2 The Division Algorithm

The following theorem states somewhat an elementary but very useful
result.
Theorem 5. The Division Algorithm If a and b are integers such that b > 0, then
there exist unique integers q and r such that a = bq + r where 0 ≤ r < b.
Proof. Consider the set A = {a − bk ≥ 0 | k ∈ Z}. Note that A is nonempty

since for k < a/b, a − bk > 0. By the well ordering principle, A has a least
element r = a − bq for some q. Notice that r ≥ 0 by construction. Now if r ≥
b then (since b > 0)
r > r − b = a − bq − b = a − b(q + 1) =≥
0.
This leads to a contradiction since r is assumed to be the least positive integer of

the form r = a − bq. As a result we have 0 ≤ r < b.
We will show that q and r are unique. Suppose that a = bq1 + r1 and a =
bq2 + r2 with 0 ≤ r1 < b and 0 ≤ r2 < b. Then we
have
b(q1 − q2 ) + (r1 − r2 ) =
0.
As a result we have
b(q1 − q2 ) = r2 − r1 .
Thus we get that

b | (r2 − r1 ).
And since − max(r1 , r2 ) ≤ |r2 − r1 | ≤ max(r1 , r2 ), and b > max(r1 , r2 ), then

r2 − r1 must be 0, i.e. r2 = r1 . And since bq1 + r1 = bq2 + r2 , we also get that
q1 = q2 . This proves uniqueness.
Example 5. If a = 71 and b = 6, then 71 = 6 · 11 + 5. Here q = 11 and r = 5.
Exercises
1. Show that 5 | 25, 19 | 38 and 2 | 98.
2. Use the division algorithm to find the quotient and the remainder when 76
is divided by 13.
3. Use the division algorithm to find the quotient and the remainder when
-100 is divided by 13.
4. Show that if a, b, c and d are integers with a and c nonzero, such that a | b
and c | d, then ac | bd.
5. Show that if a and b are positive integers and a | b, then a ≤ b.
6. Prove that the sum of two even integers is even, the sum of two odd
integers is even and the sum of an even integer and an odd integer is odd.
7. Show that the product of two even integers is even, the product of two odd
integers is odd and the product of an even integer and an odd integer is
even.
8. Show that if m is an integer then 3 divides m3 − m.
9. Show that the square of every odd integer is of the form 8m + 1.
10. Show that the square of any integer is of the form 3m or 3m + 1 but not of
the form 3m + 2.
11. Show that if ac | bc, then a | b.
12. Show that if a | b and b | a then a = ±b.
1.4 Representations of Integers in Different Bases

In this section, we show how any positive integer can be written in terms of any
positive base integer expansion in a unique way. Normally we use decimal nota-
tion to represent integers, we will show how to convert an integer from decimal
notation into any other positive base integer notation and vise versa. Using the
1.4. REPRESENTATIONS OF INTEGERS IN DIFFERENT BASES 17
decimal notation in daily life is simply better because we have ten fingers which
facilitates all the mathematical operations.
Notation An integer a written in base b expansion is denoted by (a)b .
Theorem 6. Let b be a positive integer with b > 1. Then any positive integer m
can be written uniquely as
m = al bl + al−1 bl−1 + ... + a1 b + a0 ,
where l is a positive integer, 0 ≤ aj < b for j = 0, 1, ..., l and al = 0.
Proof. We start by dividing m by b and we get
m = bq0 + a0 , 0 ≤ a0 < b.
If q0 = 0 then we continue to divide q0 by b and we
get q0 = bq1 + a1 , 0 ≤ a1 < b.
We continue this process and hence we get
q1 = bq2 + a2 , 0 ≤ a2 < b,
.
.
.
ql−2 = bql−1 + al−1 , 0 ≤ al−1 < b,
ql−1 = b · 0 + al , 0 ≤ al < b.
Note that the sequence q0 , q1 , ... is a decreasing sequence of positive integers

with a last term ql that must be 0.
Now substituting the equation q0 = bq1 + a1 in m = bq0 + a0 , we get
m = b(bq1 + a1 ) + a0 = b2 q1 + a1 b + a0 ,
Successively substituting the equations in m, we get
m = b3 q2 + a2 b2 + a1 b + a0 ,
.
.
.
= bl ql− 1 + al−1 bl−1 + ... + a1 b + a0 ,
= al bl + al−1 bl−1 + ... + a1 b + a0 .
What remains to prove is that the representation is unique. Suppose now that
m = al bl + al−1 bl−1 + ... + a1 b + = c l bl + l−1 b

l−1
+ ... + c1 b + c0
a0 c
where if the number of terms is different in one expansion, we add zero coeffi-
cients to make the number of terms agree. Subtracting the two expansions, we
get
(al − cl )bl + −1 − cl−1 )bl−1 + ... + (a1− c1 )b + (a0 − c0 ) = 0.

(al
If the two expansions are different, then there exists 0 ≤ j ≤ l such that cj = aj .
As a result, we get
bj ((al − cl )bl−j + ... + (aj+1 − cj+1 )b + (aj − cj )) =

0
and since b = 0, we get
(al − cl )bl−j + ... + (aj+1 − cj+1 )b + (aj − cj ) =

0.
We now get
aj − cj = (al − cl )bl−j + ... + (aj+1 − cj+1 )b,
and as a result, b | (aj − cj ). Since 0 ≤ aj < b and 0 ≤ cj < b, we get that

aj = cj . This is a contradiction and hence the expansion is unique.
1.4. REPRESENTATIONS OF INTEGERS IN DIFFERENT BASES 19
Note that base 2 representation of integers is called binary representation. Bi-

nary representation plays a crucial role in computers. Arithmetic operations can
be carried out on integers with any positive integer base but it will not be
addressed in this book. We now present examples of how to convert from
decimal integer representation to any other base representation and vise versa.
Example 6. To find the expansion of 214 base 3:
we do the following
214 = 3 · 71 +
71 = 13 · 23 +
2
23 = 3 · 7 + 2
7 = 3· 2+ 1
2 = 3· 0+ 2
As a result, to obtain a base 3 expansion of 214, we take the remainders of divi-

sions and we get that (214)10 = (21221)3 .
Example 7. To find the base 10 expansion, i.e. the decimal expansion, of (364)7 :
We do the following: 4 · 70 + 6 · 71 + 3 · 72 = 4 + 42 + 147 = 193.
In some cases where base b > 10 expansion is needed, we add some
characters to represent numbers greater than 9. It is known to use the
alphabetic letters to denote integers greater than 9 in base b expansion for b
> 10. For example (46BC 29)13 where A = 10, B = 11, C = 12.
To convert from one base to the other, the simplest way is to go through base
10 and then convert to the other base. There are methods that simplify
conversion from one base to the other but it will not be addressed in this book.
Exercises
1. Convert (7482)10 to base 6 notation.
2. Convert (98156)10 to base 8 notation.
3. Convert (101011101)2 to decimal notation.
4. Convert (AB6C 7D)16 to decimal notation.
5. Convert (9A0B)16 to binary notation.
1.5 The Greatest Common Divisor

In this section we define the greatest common divisor (gcd) of two integers and
discuss its properties. We also prove that the greatest common divisor of two
integers is a linear combination of these integers.
Two integers a and b, not both 0, can have only finitely many divisors, and
thus can have only finitely many common divisors. In this section, we are
interested in the greatest common divisor of a and b. Note that the divisors of a
and that of
| a | are the same.
Definition 2. The greatest common divisor of two integers a and b is the greatest
integer that divides both a and b.
We denote the greatest common divisor of two integers a and b by (a, b). We
also define (0, 0) = 0.
Example 8. Note that the greatest common divisor of 24 and 18 is 6. In other

words (24, 18) = 6.
There are couples of integers (e.g. 3 and 4, etc...) whose greatest common
divisor is 1 so we call such integers relatively prime integers.
Definition 3. Two integers a and b are relatively prime if (a, b) = 1.

1.5. THE GREATEST COMMON DIVISOR 21
Example 9. The greatest common divisor of 9 and 16 is 1, thus they are

relatively prime.
Note that every integer has positive and negative divisors. If a is a positive
divisor of m, then −a is also a divisor of m. Therefore by our definition of the
greatest common divisor, we can see that (a, b) = (| a |, | b |).
We now present a theorem about the greatest common divisor of two
integers. The theorem states that if we divide two integers by their greatest
common divisor, then the outcome is a couple of integers that are relatively
prime.
Theorem 7. If (a, b) = d then (a/d, b/d) =

1.
Proof. We will show that a/d and b/d have no common positive divisors other
than 1. Assume that k is a positive common divisor such that k | a/d and k | b/d.
As a result, there are two positive integers m and n such that
a/d = km and b/d = kn
Thus we get that

a = kmd and b = knd.
Hence kd is a common divisor of both a and b. Also, kd ≥ d. However, d is the

greatest common divisor of a and b. As a result, we get that k = 1.
The next theorem shows that the greatest common divisor of two integers
does not change when we add a multiple of one of the two integers to the other.
Theorem 8. Let a, b and c be integers. Then (a, b) = (a + cb,

b).
Proof. We will show that every divisor of a and b is also a divisor of a + cb

and b and vise versa. Hence they have exactly the same divisors. So we get that
the greatest common divisor of a and b will also be the greatest common
divisor of a + cb and b. Let k be a common divisor of a and b. By Theorem 4, k
| (a + cb)
and hence k is a divisor of a + cb. Now assume that l is a common divisor of a

+ cb
and b. Also by Theorem 4 we have ,
l | ((a + cb) − cb) = a.
As a result, l is a common divisor of a and b and the result follows.

Example 10. Notice that (4, 14) = (4, 14 − 3 · 4) = (4, 2) =
2.
We now present a theorem which proves that the greatest common divisor of
two integers can be written as a linear combination of the two integers.
Theorem 9. The greatest common divisor of two integers a and b, not both 0 is
the least positive integer such that ma + nb = d for some integers m and n.
Proof. Assume without loss of generality that a and b are positive integers. Con-
sider the set of all positive integer linear combinations of a and b. This set is non
empty since a = 1 · a + 0 · b and b = 0 · a + 1 · b are both in this set. Thus this
set has a least element d by the well-ordering principle. Thus d = ma + nb for
some integers m and n. We have to prove that d divides both a and b and that it
is the greatest divisor of a and b.
By the division algorithm, we have
a = dq + r, 0 ≤ r < d.
Thus we have
r = a − dq = a − q(ma + nb) = (1 − qm)a −
qnb.
We then have that r is a linear combination of a and b. Since 0 ≤ r < d and d

is the least positive integer which is a linear combination of a and b, then r = 0
and a = dq. Hence d | a. Similarly d | b. Now notice that if there is a divisor
c that divides both a and b. Then c divides any linear combination of a and b by
Theorem 4. Hence c | d. This proves that any common divisor of a and b divides
d. Hence c ≤ d, and d is the greatest divisor.
1.5. THE GREATEST COMMON DIVISOR 23
As a result, we conclude that if (a, b) = 1 then there exist integers m and n

such that ma + nb = 1.
Definition 4. Let a1 , a2 , ..., an be integers, not all 0. The greatest common

divisor of these integers is the largest integer that divides all of the integers in the
set. The greatest common divisor of a1 , a2 , ..., an is denoted by (a1 , a2 , ..., an ).
Definition 5. The integers a1 , a2 , ..., an are said to be mutually relatively prime

if
(a1 , a2 , ..., an ) = 1.
Example 11. The integers 3, 6, 7 are mutually relatively prime since (3, 6, 7) =
1
although (3, 6) = 3.
Definition 6. The integers a1 , a2 , ..., an are called pairwise prime if for each i =
j, we have (ai , aj ) = 1.
Example 12. The integers 3, 14, 25 are pairwise relatively prime. Notice also
that these integers are mutually relatively prime.
Notice that if a1 , a2 , ..., an are pairwise relatively prime then they are
mutually relatively prime.
Exercises
1. Find the greatest common divisor of 15 and 35.
2. Find the greatest common divisor of 100 and 104.
3. Find the greatest common divisor of -30 and 95.
4. Let m be a positive integer. Find the greatest common divisor of m and

m + 1.
5. Let m be a positive integer, find the greatest common divisor of m and

m + 2.
6. Show that if m and n are integers such that (m, n) = 1, then (m+n,m-n)=1
or 2.
7. Show that if m is a positive integer, then 3m + 2 and 5m + 3 are

relatively prime.
8. Show that if a and b are relatively prime integers, then (a + 2b, 2a + b) =

1or
3.
9. Show that if a1 , a2 , ..., an are integers that are not all 0 and c is a positive
integer, then (ca1 , ca2 , ..., can ) = c(a1 , a2 , ...an ).
1.6 The Euclidean Algorithm

In this section we describe a systematic method that determines the greatest com-
mon divisor of two integers. This method is called the Euclidean algorithm.
Lemma 1. If a and b are two integers and a = bq + r where also q and r are
integers, then (a, b) = (r, b).
Proof. Note that by theorem 8, we have (bq + r, b) = (b, r).
The above lemma will lead to a more general version of it. We now present
the Euclidean algorithm in its general form. It states that the greatest common
divisor of two integers is the last non zero remainder of the successive division.
Theorem 10. Let a = r0 and b = r1 be two positive integers where a ≥ b. If

we apply the division algorithm successively to obtain that
rj = rj+1 qj+1 + rj+2 where 0 ≤ rj+2 < rj+1

1.6. THE EUCLIDEAN ALGORITHM 25
for all j = 0, 1, ..., n − 2 and
rn+1 = 0.
Then (a, b) = rn .
Proof. By applying the division algorithm, we see that
r0 = r1 q1 + r2 0 ≤ r2 < r 1 ,
r1 = r2 q2 + r3 0 ≤ r3 < r 2 ,
.
.
.
rn−2 = rn−1 qn−1 + rn 0 ≤ rn < rn−1 ,
rn−1 = rn qn .
Notice that, we will have a remainder of 0 eventually since all the remainders
are integers and every remainder in the next step is less than the remainder in the
previous one. By Lemma 1, we see that
(a, b) = (b, r2 ) = (r2 , r3 ) = ... = (rn , 0) = rn .
Example 13. We will find the greatest common divisor of 4147 and 10672:
Note that
10672 = 4147 · 2 +
4147 = 2378,
2378 · 1 +
1769,
2378 = 1769 · 1 + 609,
1769 = 609 · 2 + 551,
609 = 551 · 1 + 58,
551 = 58 · 9 + 29,
58 = 29 · 2,
Hence (4147, 10672) = 29.
We now use the steps in the Euclidean algorithm to write the greatest
common divisor of two integers as a linear combination of the two integers. The
following example will actually determine the variables m and n described in
Theorem 9. The following algorithm can be described by a general form but for
the sake of simplicity of expressions we will present an example that shows
the steps for obtaining the greatest common divisor of two integers as a linear
combination of the two integers.
Example 14. Express 29 as a linear combination of 4147 and 10672:

1.6. THE EUCLIDEAN ALGORITHM 27
29 = 551 − 9 · 58,
= 551 − 9(609 − 551 · 1),
= 10.551 − 9.609,
= 10 · (1769 − 609 · 2) − 9 · 609,
= 10 · 1769 − 29 · 609,
= 10 · 1769 − 29(2378 − 1769 · 1),
= 39 · 1769 − 29 · 2378,
= 39(4147 − 2378 · 1) − 29 · 2378,
= 39 · 4147 − 68 · 2378,
= 39 · 4147 − 68(10672 − 4147 · 2),
= 175 · 4147 − 68 · 10672,
As a result, we see that 29 = 175 · 4147 − 68 · 10672.

Exercises
1. Use the Euclidean algorithm to find the greatest common divisor of 412
and
32 and express it in terms of the two integers.
2. Use the Euclidean algorithm to find the greatest common divisor of 780
and
150 and express it in terms of the two integers.
3. Find the greatest common divisor of 70, 98, 108.
4. Let a and b be two positive even integers. Prove that (a, b) = 2(a/2, b/2).
5. Show that if a and b are positive integers where a is even and b is odd, then
(a, b) = (a/2, b).
1.7 Lame’s Theorem

In this section, we give an estimate to the number of steps needed to find the
greatest common divisor of two integers using the Euclidean algorithm. To do
this, we have to introduce the Fibonacci numbers for the sake of proving a
lemma that gives an estimate on the growth of Fibonacci numbers in the
Fibonacci sequence. The lemma that we prove will be used in the proof of
Lame’s theorem.
Definition 7. The Fibonacci sequence is defined recursively by f1 = 1, f2 = 1,

and
fn = fn−1 + fn−2 for n ≥
3.
The terms in the sequence are called Fibonacci numbers.
In the following lemma, we give a lower bound on the growth of Fibonacci

numbers. We will show that Fibonacci numbers grow faster than a geometric
√
series with common ratio α = (1 + 5)/2.
Lemma 2. For n ≥ 3, we have fn > αn−2 where α = (1 +

√
5)/2.
Proof. We use the second principle of mathematical induction to prove our

result. It is easy to see that this is true for n = 3 and n = 4. Assume that αk−2
< fk for all integers k where k ≤ n. Now since α is a solution of the
polynomial x2 − x − 1 = 0, we have α2 = α + 1. Hence
αn−1 = α2 .αn−3 = (α + 1).αn−3 = αn−2 + αn−3 .
By the inductive hypothesis, we have
αn−2 < fn , αn−3 < fn−1 .
After adding the two inequalities, we get
αn−1 < fn + fn−1 = fn+1 .

1.7. LAME’S THEOREM 29
We now present Lame’s theorem.
Theorem 11. using the Euclidean algorithm to find the greatest common divisor
of two positive integers has number of divisions less than or equal five times the
number of decimal digits in the minimum of the two integers.
Proof. Let a and b be two positive integers where a > b. Applying the Euclidean
algorithm to find the greatest common divisor of two integers with a = r0 and
b = r1 , we get
r0 = r1 q1 + r2 0 ≤ r2 < r 1 ,
r1 = r2 q2 + r3 0 ≤ r3 < r 2 ,
.
.
.
rn−2 = rn−1 qn−1 + rn 0 ≤ rn < rn−1 ,
rn−1 = rn qn .
Notice that each of the quotients q1 , q2 , ..., qn−1 are all greater than 1 and qn ≥ 2
and this is because rn < rn−1 . Thus we have
rn ≥ 1 = f2 ,
rn−1 ≥ 2rn ≥ 2f2 = f3 ,
≥ rn−1 + rn ≥ f3 + f2 = f4 ,
rn−2
≥ rn−2 + rn−1 ≥ f4 + f3 =
rn−3 f5 ,
.
.
.
r2 ≥ r3 + r4 ≥ fn−1 + fn−2 = fn ,
b = r1 ≥ r2 + r3 ≥ fn + fn−1 = fn+1
.
Thus notice that b ≥ fn+1 . By Lemma 2, we have fn+1 > αn−1 for n > 2. As a
result, we have b > αn−1 . Now notice since
log10 α > 1 ,
5
we see that
log10 b > (n − 1)/5.
Thus we have
n − 1 < 5log10 b.
Now let b has k decimal digits. As a result, we have b < 10k and thus log10 b <
k. Hence we conclude that n − 1 < 5k. Since k is an integer, we conclude
that n ≤ 5k.
Exercises
1. Find an upper bound for the number of steps in the Euclidean algorithm
that is used to find the greatest common divisor of 38472 and 957748838.
2. Find an upper bound for the number of steps in the Euclidean algorithm
that is used to find the greatest common divisor of 15 and 75. Verify your
result by using the Euclidean algorithm to find the greatest common
divisor of the two integers.
Chapter 2
Prime Numbers
Prime numbers, the building blocks of integers, have been studied extensively
over the centuries. Being able to present an integer uniquely as product of primes
is the main reason behind the whole theory of numbers and behind the interesting
results in this theory. Many interesting theorems, applications and conjectures
have been formulated based on the properties of prime numbers.
In this chapter, we present methods to determine whether a number is prime
or composite using an ancient Greek method invented by Eratosthenes. We also
show that there are infinitely many prime numbers. We then proceed to show
that every integer can be written uniquely as a product of primes.
We introduce as well the concept of diophantine equations where integer so-
lutions from given equations are determined using the greatest common divisor.
We then mention the Prime Number theorem without giving a proof of course in
addition to other conjectures and major results related to prime numbers.
2.1 The Sieve of Eratosthenes

Definition 8. A prime is an integer greater than 1 that is only divisible by 1 and
itself.
31
32 CHAPTER 2. PRIME NUMBERS
Example 15. The integers 2, 3, 5, 7, 11 are prime integers.
Note that any integer greater than 1 that is not prime is said to be a composite
number.
We now present the sieve of Eratosthenes. The Sieve of Eratosthenes is an

ancient method of finding prime numbers up to a specified integer. This method
was invented by the ancient Greek mathematician Eratosthenes. There are
several other methods used to determine whether a number is prime or
composite. We first present a lemma that will be needed in the proof of several
theorems.
Lemma 3. Every integer greater than one has a prime divisor.
Proof. We present the proof of this Lemma by contradiction. Suppose that there
is an integer greater than one that has no prime divisors. Since the set of integers
with elements greater than one with no prime divisors is nonempty, then by the
well ordering principle there is a least positive integer n greater than one that has
no prime divisors. Thus n is composite since n divides n. Hence
n = abwith 1 < a < nand 1 < b < n.
Notice that a < n and as a result since n is minimal, a must have a prime divisor
which will also be a divisor of n.
Theorem 12. If n is a composite integer, then n has a prime factor not exceeding
√
n.
Proof. Since n is composite, then n = ab, where a and b are integers with 1 <
√
a ≤ b < n. Suppose now that a > n, then
√
n<a≤b
and as a result
√ √
ab > n n = n.
2.1. THE SIEVE OF ERATOSTHENES 33
√
Therefore a ≤ n. Also, by Lemma 3, a must have a prime divisor a1 which is
√
also a prime divisor of n and thus this divisor is less than a1 ≤ a ≤ n.
We now present the algorithm of the Sieve of Eratosthenes that is used to de-
termine prime numbers up to a given integer.
The Algorithm of the Sieve of Eratosthenes
1. Write a list of numbers from 2 to the largest number n you want to test.
Note √that every composite integer less than n must have a prime factor less
than n. Hence you need to strike off the multiples of the primes that are
√
less than n
2. Strike off all multiples of 2 greater than 2 from the list . The first
remaining number in the list is a prime number.
3. Strike off all multiples of this number from the list.
4. Repeat the above steps√until no more multiples are found of the prime inte-
gers that are less than n
Exercises
1. Use the Sieve of Eratosthenes to find all primes less than 100.
2. Use the Sieve of Eratosthenes to find all primes less than 200.
3. Show that no integer of the form a3 + 1 is a prime except for 2 = 13 + 1.
4. Show that if 2n − 1 is prime, then n is prime.

Hint: Use the identity (akl − 1) = (ak − 1)(ak(l−1) + ak(l−2) + ... + ak + 1).
2.2 The infinitude of Primes

We now show that there are infinitely many primes. There are several ways to
prove this result. An alternative proof to the one presented here is given as an
exercise. The proof we will provide was presented by Euclid in his book the
Elements.
Theorem 13. There are infinitely many primes.
Proof. We present the proof by contradiction. Suppose there are finitely many
primes p1 , p2 , ..., pn , where n is a positive integer. Consider the integer Q
such that
Q = p1 p2 ...pn + 1.
By Lemma 3, Q has at least a prime divisor, say q. If we prove that q is not one
of the primes listed then we obtain a contradiction. Suppose now that q = pi for
1 ≤ i ≤ n. Thus q divides p1 p2 ...pn and as a result q divides Q − p1 p2 ...pn .
Therefore q divides 1. But this is impossible since there is no prime that divides
1 and as a result q is not one of the primes listed.
The following theorem discusses the large gaps between primes. It simply
states that there are arbitrary large gaps in the series of primes and that the
primes are spaced irregularly.
Theorem 14. Given any positive integer n, there exists n consecutive

composite integers.
Proof. Consider the sequence of integers
(n + 1)! + 2, (n + 1)! + 3, ..., (n + 1)! + n, (n + 1)! + n

+1
Notice that every integer in the above sequence is composite because k divides
(n + 1)! + k if 2 ≤ k ≤ n + 1 by 4.
2.3. THE FUNDAMENTAL THEOREM OF ARITHMETIC 35
Exercises
1. Show that the integer Qn = n! + 1, where n is a positive integer, has a

prime divisor greater than n. Conclude that there are infinitely many
primes. Notice that this exercise is another proof of the infinitude of
primes.
2. Find the smallest five consecutive composite integers.
3. Find one million consecutive composite integers.
4. Show that there are no prime triplets other than 3,5,7.
2.3 The Fundamental Theorem of Arithmetic

The Fundamental Theorem of Arithmetic is one of the most important results in
this chapter. It simply says that every positive integer can be written uniquely as
a product of primes. The unique factorization is needed to establish much of
what comes later. There are systems where unique factorization fails to hold.
Many of these examples come from algebraic number theory. We can actually
list an easy example where unique factorization fails.
Consider the class C of positive even integers. Note that C is closed under
multiplication, which means that the product of any two elements in C is again
in C . Suppose now that the only number we know are the members of C . Then
we have 12 = 2.6 is composite where as 14 is prime since it is not the product of
two numbers in C . Now notice that 60 = 2.30 = 6.10 and thus the factorization
is not unique.
We now give examples of the unique factorization of integers.
Example 16. 99 = 3 · 3 · 11 = 32 · 11, 32 = 2 · 2 · 2 · 2 · 2 =

25
2.3.1 The Fundamental Theorem of Arithmetic
To prove the fundamental theorem of arithmetic, we need to prove some lemmas

about divisibility.
Lemma 4. If a,b,c are positive integers such that (a, b) = 1 and a | bc, then a | c.
Proof. Since (a, b) = 1, then there exists integers x, y such that ax + by = 1. As

a result, cax + cby = c. Notice that since a | bc, then by Theorem 4, a divides
cax + cby and hence a divides c.
We can generalize the above lemma as such: If (a, ni ) = 1 for every i =

1, 2, · · · , n and a | n1 n2 · · · nk+1 , then a | nk+1 . We next prove a case of
this generalization and use this to prove the fundamental theorem of arithmetic.
Lemma 5. If p divides n1 n2 n3 ...nk , where p is a prime and ni > 0 for all 1 ≤

i ≤ k, then there is an integer j with 1 ≤ j ≤ k such that p | nj
.
Proof. We present the proof of this result by induction. For k = 1, the result
is trivial. Assume now that the result is true for k. Consider n1 n2 ...nk+1 that is
divisible by p. Notice that either
(p, n1 n2 ...nk ) = 1 or (p, n1 n2 ...nk ) = p.
Now if (p, n1 n2 ...nk ) = 1 then by Lemma 4, p | nk+1 . Now if p | n1 n2 ...nk , then

by the induction hypothesis, there exists an integer i such that p | ni .
We now state the fundamental theorem of arithmetic and present the proof
using Lemma 5.
Theorem 15. The Fundamental Theorem of Arithmetic Every positive integer

different from 1 can be written uniquely as a product of primes.
Proof. If n is a prime integer, then n itself stands as a product of primes with a

single factor. If n is composite, we use proof by contradiction. Suppose now that
there is some positive integer that cannot be written as the product of primes. Let
n be the smallest such integer. Let n = ab, with 1 < a < n and 1 < b < n.
As a result a and b are products of primes since both integers are less than n. As
a result, n = ab is a product of primes, contradicting that it is not. This shows
that every integer can be written as product of primes. We now prove that the
representation of a positive integer as a product of primes is unique. Suppose
now that there is an integer n with two different factorizations say
n = p1 p2 ...ps = q1 q2 ...qr
where p1 , p2 , ...ps , q1 , q2 , ...qr are

primes,
p1 ≤ p2 ≤ p3 ≤ ... ≤ ps and q1 ≤ q2 ≤ q3 ≤ ... ≤
qr .
Cancel out all common primes from the factorizations above to get
pj1 pj2 ...pju = qi1 qi2 ...qiv
Thus all the primes on the left side are different from the primes on the right side.
Since any pjl (l = 1, · · · , n) divides pj1 pj2 ...pju , then pjl must divide qi1 qi2
...qiv , and hence by Lemma 5, pj1 must divide qjk for some 1 ≤ k ≤ v which is
impossible. Hence the representation is unique.
Remark 1. The unique representation of a positive integer n as a product of

primes can be written in several ways. We will present the most common rep-
resentations. For example, n = p1 p2 p3 ...pk where pi for 1 ≤ i ≤ k are not
necessarily distinct. Another example would be
aj
n = pa11 p2a2 p3a3 ...pj (2.1)
where all the pi are distinct for 1 ≤ i ≤ j. One can also write a formal product
Y
α
n= pi i , (2.2)
all primes pi
where all but finitely many of the αi0 s are 0.
Example 17. The prime factorization of 120 is given by 120 = 2·2·2·3·5 = 23

·3·5. Notice that 120 is written in the two ways described in 1.
We know describe in general how prime factorization can be used to

determine the greatest common divisor of two integers. Let
a a
a = p 11 p2 2 ...pnan and b = pb11 pb22 ...pnbn ,
where we exclude in these expansions any prime p with power 0 in both a and b
(and thus some of the powers above may be 0 in one expansion but not the
other). Of course, if one prime pi appears in a but not in b, then ai = 0 while bi
= 0, and
vise versa. Then the greatest common divisor is given
by
min(a1 ,b2 ) min(a2 ,b2 )

(a, b) = p1 p2 ...pmin(a
n
n ,bn )
where min(n, m) is the minimum of m and n.

The following lemma is a consequence of the Fundamental Theorem of
Arith- metic.
Lemma 6. Let a and b be relatively prime positive integers. Then if d divides

ab, there exists d1 and d2 such that d = d1 d2 where d1 is a divisor of a and d2
is a divisor of b. Conversely, if d1 and d2 are positive divisors of a and b,
respectively, then d = d1 d2 is a positive divisor of ab.
Proof. Let d1 = (a, d) and d2 = (b, d). Since (a, b) = 1 and writing a and b in
terms of their prime decomposition, it is clear that d = d1 d2 and (d1 , d2 ) = 1.
Note that every prime power in the factorization of d must appear in either d1 or
d2 . Also the prime powers in the factorization of d that are prime powers
dividing a must appear in d1 and that prime powers in the factorization of d that
are prime powers dividing b must appear in d2 .
Now conversely, let d1 and d2 be positive divisors of a and b,

respectively. Then
d = d1 d2
is a divisor of ab.
2.3.2 More on the Infinitude of Primes

There are also other theorems that discuss the infinitude of primes in a given
arithmetic progression. The most famous theorem about primes in arithmetic
progression is Dirichlet’s theorem
Theorem 16. Dirichlet’s Theorem Given an arithmetic progression of terms an +

b , for n = 1, 2, ... ,the series contains an infinite number of primes if a and b are
relatively prime,
This result had been conjectured by Gauss but was first proved by Dirichlet.
Dirichlet proved this theorem using complex analysis, but the proof is so chal-
lenging. As a result, we will present a special case of this theorem and prove that
there are infinitely many primes in a given arithmetic progression. Before stating
the theorem about the special case of Dirichlet’s theorem, we prove a lemma that
will be used in the proof of the mentioned theorem.
Lemma 7. If a and b are integers both of the form 4n + 1, then their product ab
is of the form 4n +
1
Proof. Let a = 4n1 + 1 and b = 4n2 + 1,

then
ab = 16n1 n2 + 4n1 + 4n2 + 1 = 4(4n1 n2 + n1 + n2 ) + 1 = 4n3 +

1,
where n3 = 4n1 n2 + n1 +
n2 .
Theorem 17. There are infinitely many primes of the form 4n + 3, where n is a
positive integer.
Proof. Suppose that there are finitely many primes of the form 4n + 3, say p0 =
3, p1 , p2 , ..., pn . Let
N = 4p1 p2 ...pn + 3.
Notice that any odd prime is of the form 4n + 1 or 4n + 3. Then there is at least
one prime in the prime factorization of N of the form 4n + 3, as otherwise, by
Lemma 7, N will be in the form 4n + 1. We wish to prove that this prime in the
factorization of N is none of p0 = 3, p1 , p2 , ..., pn . Notice that if
3 | N,
then 3 | (N − 3) and hence

3 | 4p1 p2 ...pn
which is impossible since pi = 3 for every i. Hence 3 doesn’t divide N . Also,

the other primes p1 , p2 , ..., pn don’t divide N because if pi | N , then
pi | (N − 4p1 p2 ...pn ) = 3.
Hence none of the primes p0 , p1 , p2 , ..., pn divides N. Thus there are infinitely
many primes of the form 4n + 3.
Exercises
1. Find the prime factorization of 32, of 800 and of 289.
2. Find the prime factorization of 221122 and of 9!.
3. Show that all the powers of in the prime factorization of an integer a are
even if and only if a is a perfect square.
4. Show that there are infinitely many primes of the form 6n + 5.

2.4. LEAST COMMON MULTIPLE 41
2.4 Least Common Multiple

We can use prime factorization to find the smallest common multiple of two pos-
itive integers.
Definition 9. The least common multiple (l.c.m.) of two positive integers is the
smallest positive integer that is a multiple of both.
We denote the least common multiple of two positive integers a an b by ha, bi.
Example 18. h2, 8i = 8, h5, 8i = 40
We can figure out ha, bi once we have the prime factorization of a and b.
To do that, let
a a
a = p 1 p 2 ...pan and b = pb1 pb2 ...pbn ,
1 2 m 1 2 m
where (as above) we exclude any prime with 0 power in both a and b. Then
max(a1 ,b1 ) max(a2 ,b2 )
ha, bi = p1 p2 ...pmmax(an ,bn ), where max(a, b) is the maximum of
the two integers a and b. We now prove a theorem that relates the least common
multiple of two positive integers to their greatest common divisor. In some
books, this theorem is adopted as the definition of the least common multiple.
To prove the theorem we present a lemma
Lemma 8. If a and b are two real numbers, then
min(a, b) + max(a, b) = a + b
Proof. Assume without loss of generality that a ≥ b. Then
max(a, b) = a and min(a, b) = b,
and the result follows.
Theorem 18. Let a and b be two positive integers. Then

1. ha, bi ≥ 0;
2. ha, bi = ab/(a, b);
3. If a | m and b | m, then ha, bi | m
Proof. The proof of part 1 follows from the

definition. As for part 2, let
a a b b
a = p1 1 p2 2 ...pman and b = p1 1 p2 2 ...pmbn .
Notice that since
min(a1 ,b2 ) min(a2 ,b2 )
(a, b) = p1 p2 ...pmin(a
n
n ,bn )
and
ha, bi = pmax(a
1 p2 ...pmax(a
1 ,b1 ) max(a2 ,b2 )
m
n ,bn )
,
then
max(a1 ,b1 ) max(a2 ,b2 )
ha, bi(a, b) = p1 p2 ...pmax(a
m
n ,bn ) min(a1 ,b2 ) min(a2 ,b2 )
p1 p2 ...pmin(a
n
n ,bn )
max(a1 ,b1 )+min(a1 ,b1 ) max(a ,b )+min(a ,b ) max(a ,b )+min(a ,b )

= p1 p2 2 2 2 2
...p m n n n n
= pa1 +b1 pa2 +b2...p (an +bn )

1 2 n
a a b b
= p 11 p2 2 ...pman p1 1 p2 2 ...pmbn = ab
Note also that we used Lemma 8 in the above equations. For part 3, it would be a
nice exercise to show that ab/(a, b) | m (Exercise 6). Thus ha, bi | m.
Exercises
1. Find the least common multiple of 14 and 15.
2. Find the least common multiple of 240 and 610.
3. Find the least common multiple and the greatest common divisor of 25 56
72 11
and 23 58 72 13.
4. Show that every common multiple of two positive integers a and b is divis-
ible by the least common multiple of a and b.
2.5. LINEAR DIOPHANTINE EQUATIONS 43
5. Show that if a and b are positive integers then the greatest common divisor
of a and b divides their least common multiple. When are the least
common multiple and the greatest common divisor equal to each other.
6. Show that ab/(a, b) | m where m =< a, b >.
2.5 Linear Diophantine Equations

In this section, we discuss equations in two variables called diophantine
equations. These kinds of equations require integer solutions. The goal of this
section is to present the set of points that determine the solution to this kind of
equations. Geo- metrically speaking, the diophantine equation represent the
equation of a straight line. We need to find the points whose coordinates are
integers and through which the straight line passes.
Definition 10. A linear equation of the form ax + by = c where a, b and c are

integers is known as a linear diophantine equation.
Note that a solution to the linear diophantine equation (x0 , y0 ) requires x0

and y0 to be integers. The following theorem describes the case in which the
diophantine equation has a solution and what are the solutions of such equations.
Theorem 19. The equation ax + by = c has integer solutions if and only if d |
c where d = (a, b). If the equation has one solution x = x0 , y = y0 , then there
are infinitely many solutions and the solutions are given by
x = x0 + (b/d)t y = y0 − (a/d)t
where t is an arbitrary
integer.
Proof. Suppose that the equation ax + by = c has integer solution x and y.

Thus since d | a and d | b, then
d | (ax + by) = c.
Now we have to prove that if d | c, then the equation has integral solution.
Assume that d | c. By theorem 9, there exist integers m and n such that
d = am + bn.
And also there exists integer k such that
c = dk
Now since c = ax + by, we have
c = dk = (ma + nb)k = a(km) + b(nk).
Hence a solution for the equation ax + by = c is
x0 = km and y0 = kn.
What is left to prove is that we have infinitely many solutions. Let
x = x0 + (b/d)t and y = y0 − (a/d)t.
We have to prove now that x and y are solutions for all integers t. Notice that
ax + by = a(x0 + (b/d)t) + b(y0 − (a/d)t) = ax0 + by0 =

c.
We now show that every solution for the equation ax + by = c is of the form
x = x0 + (b/d)tand y = y0 − (a/d)t.
Notice that since ax0 + by0 = c, we have
a(x − x0 ) + b(y − y0 ) = 0.
Hence
a(x − x0 ) = b(y − y0 ).
2.5. LINEAR DIOPHANTINE EQUATIONS 45
Dividing both sides by d, we get
a/d(x − x0 ) = b/d(y − y0 ).
Notice that (a/d, b/d) = 1 and thus we get by Lemma 4 that a/d | y − y0 . As a
result, there exists an integer t such that y = y0 − (a/d)t. Now substituting y −
y0 in the equation
a(x − x0 ) = b(y − y0 ).
We get
x = x0 + (b/d)t.
Example 19. The equation 3x+6y = 7 has no integer solution because (3, 6) =
3
does not divide 7.
Example 20. There are infinitely many integer solutions for the equation 4x +
6y = 8 because (4, 6) = 2 | 8. We use the Euclidean algorithm to determine m
and n where 4m + 6n = 2. It turns out that 4(−1) + 6(1) = 2. And also 8 =
2.4. Thus x0 = 4.(−1) = −4 and y0 = 4.1 = 4 is a particular solution. The
solutions are given by
x = −4 + 3t y = 4 − 2t
for all integers t.
Exercises
1. Either find all solutions or prove that there are no solutions for the
diophantine equation 21x + 7y = 147.
4. A grocer orders apples and bananas at a total cost of $8.4. If the apples cost
25 cents each and the bananas 5 cents each, how many of each type of fruit
did he order.
2.6 The function [x] , the symbols ”O”, ”o” and ”∼”
We start this section by introducing an important number theoretic function. We
proceed in defining some convenient symbols that will be used in connection
with the growth and behavior of some functions that will be defined in later
chapters.
2.6.1 The Function [x]

.
Definition 11. The function [x] represents the largest integer not exceeding x. In
other words, for real x, [x] is the unique integer such that
x − 1 < [x] ≤ x < [x] +

1.
We also define ((x)) to be the fractional part of x. In other words ((x)) =

x − [x].
We now list some properties of [x] that will be used in later or in more advanced
courses in number theory.
1. [x + n] = [x] + n, if n is an integer.
2. [x] + [y] ≤ [x + y].
3. [x] + [−x] is 0 if x is an integer and -1 otherwise.
4. The number of integers m for which x < m ≤ y is [y] − [x].

2.6. THE FUNCTION [X ] , THE SYMBOLS ”O”, ”O” AND ”∼” 47
5. The number of multiples of m which do not exceed x is [x/m].
Using the definition of [x], it will be easy to see that the above properties are
direct consequences of the definition.
We now define some symbols that will be used to estimate the growth of number
theoretic functions. These symbols will be not be really appreciated in the
context of this book but these are often used in many analytic proofs.
2.6.2 The ”O” and ”o” Symbols

Let f (x) be a positive function and let g(x) be any function. Then O(f (x))
(pronounced ”big-oh” of f (x))denotes the collection of functions g(x) that
exhibit a growth that is limited to that of f (x) in some respect. The traditional
notation for stating that g(x) belongs to this collection is:
g(x) = O(f (x)).
This means that for sufficiently large x,

| g(x) |
< M, (2.3)
|f (x)|
where M is some positive number.
Example 21. sin(x) = O(x), and also sin(x) = O(1).
Now, the relation g(x) = o(f (x)), pronounced ”small-oh” of f (x), is used
to indicate that f (x) grows much faster than g(x). It formally says that
g(x)
lim = 0. (2.4)
x→∞ f (x)
More generally, g(x) = o(f (x)) at a point b if
g(x)
lim = 0. (2.5)
x→b f (x)
Example 22. sin(x) = o(x) at ∞, and xk = o(ex ) also at ∞ for every constant
k.
The notation that f (x) is asymptotically equal to g(x) is denoted by ∼. For-

mally speaking, we say that f (x) ∼ g(x) if
f (x)
lim = 1. (2.6)
x→∞ g(x)
Example 23. [x] ∼ x.
The purpose of introducing these symbols is to make complicated mathemat-

ical expressions simpler. Some expressions can be represented as the principal
part that you need plus a remainder term. The remainder term can be expressed
using the above notations. So when you need to combine several expressions, the
remainder parts involving these symbols can be easily combined. We will state
now some properties of the above symbols without proof. These properties are
easy to prove using the definitions of the symbols.
1. O(O(f (x))) = O(f (x)),
2. o(o(f (x))) = o(f (x)).
3. O(f (x)) ± O(f (x)) = O(f (x)),
4. o(f (x) ± o(f (x)) = o(f (x)),
5. O(f (x)) ± O(g(x)) = O(max(f (x), g(x))),
There are some other properties that we did not mention here, properties that are
rarely used in number theoretic proofs.
Exercises
1. Prove the five properties of the [x]
2. Prove the five properties of the O and o notations in Example 24.

2.7. THEOREMS AND CONJECTURES INVOLVING PRIME NUMBERS 49
2.7 Theorems and Conjectures involving prime num-

bers
We have proved that there are infinitely many primes. We have also proved
that there are arbitrary large gaps between primes. The question that arises
naturally here is the following: Can we estimate how many primes are there less
than a given number? The theorem that answers this question is the prime
number theorem. We denote by π(x) the number of primes less than a given
positive number x. Many mathematicians worked on this theorem and
conjectured many estimates before Chebyshev finally stated that the estimate is
x/logx. The prime number theorem was finally proved in 1896 when
Hadamard and Poussin produced independent proofs. Before stating the prime
number theorem, we state and prove a lemma involving primes that will be
used in the coming chapters.
Lemma 9. Let p be a prime and let m ∈ Z+ . Then the highest power of p

dividing
m! is
∞
X
m
i=1
pi
h i
Proof. Among all the integers from 1 till m, there are exactly pm integers that
h i h
are divisible by p. These are p, 2p, ..., m p. Similarly we see that there are m
i
p pi
i
integers that are divisible by p . As a result, the highest power of p dividing m! is
X m m X m
i − i+1 =
i≥1
p i p i≥1
pi
Theorem 20. The Prime Number Theorem Let x > 0 then
π(x) ∼ x/logx
So this theorem says that you do not need to find all the primes less than x to
find out their number, it will be enough to evaluate x/logx for large x to find an
estimate for the number of primes. Notice that I mentioned that x has to be large
enough to be able to use this estimate.
Several other theorems were proved concerning prime numbers. many great
mathematicians approached problems that are related to primes. There are still
many open problems of which we will mention some.
Conjecture 1. Twin Prime Conjecture There are infinitely many pairs primes p
and p + 2.
Conjecture 2. Goldbach’s Conjecture Every even positive integer greater than 2

can be written as the sum of two primes.
Conjecture 3. The n2 + 1 Conjecture There are infinitely many primes of the

form n2 + 1, where n is a positive integer.
Conjecture 4. Polignac Conjecture For every even number 2n are there infinitely
many pairs of consecutive primes which differ by 2n.
Conjecture 5. Opperman Conjecture Is there always a prime between n2 and

(n + 1)2 ?
Chapter 3
Congruences
A congruence is nothing more than a statement about divisibility. The theory of

congruences was introduced by Carl Friedreich Gauss. Gauss contributed to the
basic ideas of congruences and proved several theorems related to this theory.
We start by introducing congruences and their properties. We proceed to prove
theorems about the residue system in connection with the Euler φ-function.
We then present solutions to linear congruences which will serve as an
introduction to the Chinese remainder theorem. We present finally important
congruence theorems derived by Wilson, Fermat and Euler.
3.1 Introduction to congruences

As we mentioned in the introduction, the theory of congruences was developed
by
Gauss at the beginning of the nineteenth
century.
Definition 12. Let m be a positive integer. We say that a is congruent to b

modulo m if m | (a − b) where a and b are integers, i.e. if a = b + km where k
∈ Z.
If a is congruent to b modulo m, we write a ≡ b(mod m).
51
52 CHAPTER 3. CONGRUENCES
Example 24. 19 ≡ 5(mod 7). Similarly 2k + 1 ≡ 1(mod 2) which means every

odd number is congruent to 1 modulo 2.
There are many common properties between equations and congruences.

Some properties are listed in the following theorem.
Theorem 21. Let a, b, c and d denote integers. Let m be a positive integers. Then:
1. If a ≡ b(mod m), then b ≡ a(mod m).
2. If a ≡ b(mod m) and b ≡ c(mod m), then a ≡ c(mod m).
3. If a ≡ b(mod m), then a + c ≡ b + c(mod m).
4. If a ≡ b(mod m), then a − c ≡ b − c(mod m).
5. If a ≡ b(mod m), then ac ≡ bc(mod m).
6. If a ≡ b(mod m), then ac ≡ bc(mod mc), for c > 0.
7. If a ≡ b(mod m) and c ≡ d(mod m) then a + c ≡ (b + d)(mod m).
8. If a ≡ b(mod m) and c ≡ d(mod m) then a − c ≡ (b − d)(mod m).
9. If a ≡ b(mod m) and c ≡ d(mod m) then ac ≡ bd(mod m).
Proof. 1. If a ≡ b(mod m), then m | (a − b). Thus there exists integer

k such that a − b = mk, this implies b − a = m(−k) and thus m | (b −
a). Consequently b ≡ a(mod m).
2. Since a ≡ b(mod m), then m | (a − b). Also, b ≡ c(mod m), then

m | (b − c). As a result, there exit two integers k and l such that a = b +
mk and b = c+ml, which imply that a = c+m(k+l) giving that a =
c(mod m).
3.1. INTRODUCTION TO CONGRUENCES 53
3. Since a ≡ b(mod m), then m | (a − b). So if we add and subtract c we get
m | ((a + c) − (b + c))
and as a result
a + c ≡ b + c(mod m).
4. Since a ≡ b(mod m), then m | (a − b) so we can subtract and add c and we

get
m | ((a − c) − (b − c))
and as a result
a − c ≡ b − c(mod m).
5. If a ≡ b(mod m), then m | (a − b). Thus there exists integer k such that
a − b = mk and as a result ac − bc = m(kc). Thus
m | (ac − bc)
and hence
ac ≡ bc(mod m).
6. If a ≡ b(mod m), then m | (a − b). Thus there exists integer k such that
a − b = mk and as a result
ac − bc = mc(k).
Thus
mc | (ac − bc)
and hence
ac ≡ bc(mod mc).
7. Since a ≡ b(mod m), then m | (a − b). Also, c ≡ d(mod m), then

m | (c −d). As a result, there exits two integers k and l such that a −b =
mk and c − d = ml. Note that
(a − b) + (c − d) = (a + c) − (b + d) = m(k + l).
As a result,
m | ((a + c) − (b + d)),
hence
a + c ≡ b + d(mod m).
8. If a = b + mk and c = d + ml where k and l are integers, then
(a − b) − (c − d) = (a − c) − (b − d) = m(k −
l).
As a result,
m | ((a − c) − (b − d)),
hence
a − c ≡ b − d(mod m).
9. There exit two integers k and l such that a − b = mk and c − d = ml and

thus ca − cb = m(ck) and bc − bd = m(bl). Note that
(ca − cb) + (bc − bd) = ac − bd = m(kc − lb).
As a result,
m | (ac − bd),
hence
ac ≡ bd(mod m).
3.1. INTRODUCTION TO CONGRUENCES 55
Examples 1. 1. Because 14 ≡ 8(mod 6) then 8 ≡ 14(mod 6).
2. Because 22 ≡ 10(mod 6) and 10 ≡ 4(mod 6). Notice that 22 ≡ 4(mod 6).
3. Because 50 ≡ 20(mod 15), then 50 + 5 = 55 ≡ 20 + 5 = 25(mod 15).
4. Because 50 ≡ 20(mod 15), then 50 − 5 = 45 ≡ 20 − 5 = 15(mod 15).
5. Because 19 ≡ 16(mod3), then 2(19) = 38 ≡ 2(16) = 32(mod 3).
6. Because 19 ≡ 16(mod3), then 2(19) = 38 ≡ 2(16) = 32(mod 2(3) = 6).
7. Because 19 ≡ 3(mod 8) and 17 ≡ 9(mod 8), then 19 + 17 = 36 ≡ 3 + 9 =

12(mod 8).
8. Because 19 ≡ 3(mod 8) and 17 ≡ 9(mod 8), then 19 − 17 = 2 ≡ 3 − 9 =

−6(mod 8).
9. Because 19 ≡ 3(mod 8) and 17 ≡ 9(mod 8), then 19(17) = 323 ≡ 3(9) =

27(mod 8).
We now present a theorem that will show one difference between equations
and congruences. In equations, if we divide both sides of the equation by a non-
zero number, equality holds. While in congruences, it is not necessarily true. In
other words, dividing both sides of the congruence by the same integer doesn’t
preserve the congruence.
Theorem 22. 1. If a, b, c and m are integers such that m > 0, d = (m, c) and
ac ≡ bc(mod m), then a ≡ b(mod m/d).
2. If (m, c) = 1 then a = b(mod m) if ac ≡ bc(mod m).
Proof. Part 2 follows immediately from Part 1. For Part 1, if ac ≡ bc(mod m),
then
m | (ac − bc) = c(a − b).
Hence there exists k such that c(a − b) = mk. Dividing both sides by d, we get
(c/d)(a − b) = k(m/d). Since (m/d, c/d) = 1, it follows that m/d | (a − b).
Hence a ≡ b(mod m/d).
Example 25. 38 ≡ 10(mod 7). Since (2, 7) = 1 then 19 ≡ 5(mod 7).
The following theorem combines several congruences of two numbers with

different moduli.
Theorem 23. If
a ≡ b(mod m1 ), a ≡ b(mod m2 ), ..., a ≡ b(mod mt )
where a, b, m1 , m2 , ..., mt are integers and m1 , m2 , ..., mt are positive,

then
a ≡ b(mod hm1 , m2 , ...mt i)
Proof. Since a ≡ b(mod mi ) for all 1 ≤ i ≤ t. Thus mi | (a − b). As a
result,
hm1 , m2 , ..., mt i | (a −
b)
(prove this as an exercise). Thus

a ≡ b(mod hm1 , m2 , ...mt i).
Exercises
1. Determine whether 3 and 99 are congruent modulo 7 or not.

2. Show that if x is an odd integer, then x2 ≡ 1(mod 8)
3. Show that if a, b, m and n are integers such that m and n are positive, n | m
and a ≡ b(mod m), then a ≡ b(mod n).
4. Show that if ai ≡ bi (mod m) for i = 1, 2, ..., n, where m is a positive
integer
Pn Pn
and ai , bi are integers for j = 1, 2, ..., n, then i=1 ai i=1 bi (mod m)
≡
5. For which n does the expression 1 + 2 + ... + (n − 1) ≡ 0(mod n) holds.
3.2. RESIDUE SYSTEMS AND EULER’S φ-FUNCTION 57
3.2 Residue Systems and Euler’s φ-Function
3.2.1 Residue Systems

Suppose m is a positive integer. Given two integers a and b, we see that by the
division algorithm that a = bm + r where 0 ≤ r < m. We call r the least non-
negative residue of a modulo m. As a result, we see that any integer is congruent
to one of the integers 0, 1, 2, ..., m − 1 modulo m.
Definition 13. A complete residue system modulo m is a set of integers such that
every integer is congruent modulo m to exactly one integer of the set.
The easiest complete residue system modulo m is the set of integers 0, 1, 2, ..., m−
1. Every integer is congruent to one of these integers modulo m.
Example 26. The set of integers {0, 1, 2, 3, 4} form a complete residue

system modulo 5. Another complete residue system modulo 5 could be 6, 7, 8, 9,
10.
Definition 14. A reduced residue system modulo m is a set of integers ri such

that
(ri , m) = 1 for all i and ri = rj (mod m) if i =
j.
Notice that, a reduced residue system modulo m can be obtained by deleting

all the elements of the complete residue system set that are not relatively prime
to m.
Example 27. The set of integers {1, 5} is a reduced residue system modulo
6.
The following lemma will help determine a complete residue system modulo
any positive integer m.
Lemma 10. A set of m incongruent integers modulo m forms a complete residue

system modulo m.
Proof. We will prove this lemma by contradiction. Suppose that the set of m
integers does not form a complete residue system modulo m. Then we can find at
least one integer a that is not congruent to any element in this set. Hence non of
the elements of this set is actually congruent to the remainder when a is divided
by m. Thus dividing by m yields to at most m − 1 remainders. Therefore by the
pigeonhole principle, at least two integers in the set that have the same remainder
modulo m. This is a contradiction since the set of integers is formed of m
integers that are incongruent modulo m.
Theorem 24. If a1 , a2 , ..., am is a complete residue system modulo m, and if k

is a positive integer with (k, m) = 1, then
ka1 + b, ka2 + b, ..., kam +

b
is another complete residue system modulo m for any integer b.
Proof. Let us prove first that no two elements of the set {ka1 +b, ka2 +b, ..., kam
+
b} are congruent modulo m. Suppose there exists i and j such that
kai + b ≡ kaj + b(mod m).
Thus we get that

kai ≡ kaj (mod m).
Now since (k, m) = 1, we get
ai ≡ aj (mod m)
But for i = j, ai is inequivalent to aj modulo m. Thus i = j. Now notice that

there are m inequivalent integers modulo m and thus by Lemma 10, the set form
a complete residue system modulo m.
3.3. LINEAR CONGRUENCES 59
3.2.2 Euler’s φ-Function

We now present a function that counts the number of positive integers less than a
given integer that are relatively prime to that given integer. This function is
called Euler φ-function. We will discuss the properties of Euler φ-function in
details in chapter 5. It will be sufficient for our purposes in this chapter to the
notation.
Definition 15. The Euler φ-function of a positive integer n, denoted by φ(n)
counts the number of positive integers less than n that are relatively prime to
n.
Example 28. Since 1 and 3 are the only two integers that are relatively prime to
4 and less than 4, then φ(4) = 2. Also, 1,2,...,6 are the integers that are relatively
prime to 7 that are less than 7, thus φ(7) = 6.
Now we can say that the number of elements in a reduced residue system
modulo n is φ(n).
Theorem 25. If a1 , a2 , ..., aφ(n) is a reduced residue system modulo n and (k, n)
=
1, then ka1 , ka2 , ..., kaφ(n) is a reduced residue system modulo n.
Proof. The proof proceeds exactly in the same way as that of Theorem
24.
Exercises
1. Give a reduced residue system modulo 12.
2. Give a complete residue system modulo 13 consisting only of odd integers.
3. Find φ(8) and φ(101).
3.3 Linear Congruences

Because congruences are analogous to equations, it is natural to ask about solu-
tions of linear equations. In this section, we will be discussing linear
congruences of one variable and their solutions. We start by defining linear
congruences.
Definition 16. A congruence of the form ax ≡ b(mod m) where x is an unknown

integer is called a linear congruence in one variable.
It is important to know that if x0 is a solution for a linear congruence, then

all integers xi such that xi ≡ x0 (mod m) are solutions of the linear congruence.
Notice also that ax ≡ b(mod m) is equivalent to a linear Diophantine equation
i.e. there exists y such that ax − my = b. We now prove theorems about the
solutions of linear congruences.
Theorem 26. Let a, b and m be integers such that m > 0 and let c = (a, m). If c
does not divide b, then the congruence ax ≡ b(mod m) has no solutions. If c | b,
then
ax ≡ b(mod m)
has exactly c incongruent solutions modulo m.
Proof. As we mentioned earlier, ax ≡ b(mod m) is equivalent to ax − my = b.

By Theorem 19 on Diophantine equations, we know that if c does not divide b,
then the equation, ax − my = b has no solutions. Notice also that if c | b, then
there are infinitely many solutions whose variable x is given by
x = x0 + (m/c)t
Thus the above values of x are solutions of the congruence ax ≡ b(mod m).
Now we have to determine the number of incongruent solutions that we have.
Suppose that two solutions are congruent, i.e.
x0 + (m/c)t1 ≡ x0 + (m/c)t2 (mod

m).
Thus we get
(m/c)t1 ≡ (m/c)t2 (mod m).
Now notice that (m, m/c) = m/c and thus
t1 ≡ t2 (mod c).
3.3. LINEAR CONGRUENCES 61
Thus we get a set of incongruent solutions given by x = x0 + (m/c)t, where t

is taken modulo c.
Remark 2. Notice that if c = (a, m) = 1, then there is a unique solution modulo

m for the equation ax ≡ b(mod m).
Example 29. Let us find all the solutions of the congruence 3x ≡ 12(mod 6).
Notice that (3, 6) = 3 and 3 | 12. Thus there are three incongruent solutions
modulo 6. We use the Euclidean algorithm to find the solution of the equation
3x − 6y = 12 as described in chapter 2. As a result, we get x0 = 6. Thus the
three incongruent solutions are given by x1 = 6(mod 6), x1 = 6 + 2 = 2(mod
6) and x2 = 6 + 4 = 4(mod 6).
As we mentioned earlier in Remark 2, the congruence ax ≡ b(mod m) has a

unique solution if (a, m) = 1. This will allow us to talk about modular inverses.
Definition 17. A solution for the congruence ax ≡ 1(mod m) for (a, m) = 1 is

called the modular inverse of a modulo m. We denote such a solution by a¯.
Example 30. The modular inverse of 7 modulo 48 is 7. Notice that a solution

for
7x ≡ 1(mod 48) is x ≡ 7(mod 48).
Exercises
1. Find all solutions of 3x ≡ 6(mod 9).
2. Find all solutions of 3x ≡ 2(mod 7).
3. Find an inverse modulo 13 of 2 and of 11.
4. Show that if a¯ is the inverse of a modulo m and ¯b is the inverse of b modulo

m, then a¯¯b is the inverse of ab modulo m.
3.4 The Chinese Remainder Theorem

In this section, we discuss the solution of a system of congruences having
different moduli. An example of this kind of systems is the following; find a
number that leaves a remainder of 1 when divided by 2, a remainder of 2
when divided by three and a remainder of 3 when divided by 5. This kind of
question can be translated into the language of congruences. As a result, in this
chapter, we present a systematic way of solving this system of congruences.
Theorem 27. The system of congruences
x ≡ b1 (mod n1 ),
x ≡ b2 (mod n2 ),
.
.
.
x ≡ bt (mod nt ),
has a unique solution modulo N = n1 n2 ...nt if n1 , n2 , ..., nt are pairwise rela-

tively prime positive integers.
Proof. Let Nk = N/nk . Since (ni , nj ) = 1 for all i = j, then (Nk , nk ) = 1.

Hence by Theorem 26 , we can find an inverse yk of Nk modulo nk such that
Nk yk ≡ 1(mod nk ). Consider now
X
t
x= bi N i
yi
Since i=1
Nj ≡ 0(mod nk ) for all j = k,

thus we see that
x ≡ bk Nk yk (mod nk ).
3.4. THE CHINESE REMAINDER THEOREM 63
Also notice that Nk yk ≡ 1(mod nk ). Hence x is a solution to the system of t

congruences. We have to show now that any two solutions are congruent modulo
N . Suppose now that you have two solutions x0 , x1 to the system of
congruences. Then
x0 ≡ x1 (mod nk )
for all 1 ≤ k ≤ t. Thus by Theorem 23, we see that
x0 ≡ x1 (mod N ).
Thus the solution of the system is unique modulo N .
We now present an example that will show how the Chinese remainder theo-
rem is used to determine the solution of a given system of congruences.
Example 31. Solve the system
x ≡ 1(mod 2)
x ≡ 2(mod 3)
x ≡ 3(mod 5).
We have N = 2.3.5 = 30. Also
N1 = 30/2 = 15, N2 = 30/3 = 10and N3 = 30/5 =

6.
So we have to solve now 15y1 ≡ 1(mod 2). Thus
y1 ≡ 1(mod 2).
In the same way, we find that
y2 ≡ 1(mod 3)and y3 ≡ 1(mod 5).
As a result, we get
x ≡ 1.15.1 + 2.10.1 + 3.6.1 ≡ 53 ≡ 23(mod

30).
Exercises
1. Find an integer that leaves a remainder of 2 when divided by either 3 or 5,

but that is divisible by 4.
2. Find all integers that leave a remainder of 4 when divided by 11 and leaves
a remainder of 3 when divided by 17.
3. Find all integers that leave a remainder of 1 when divided by 2, a

remainder of 2 when divided by 3 and a remainder of 3 when divided by 5.
3.5 Theorems of Fermat, Euler, and Wilson

In this section we present three applications of congruences. The first theorem
is Wilson’s theorem which states that (p − 1)! + 1 is divisible by p, for p
prime. Next, we present Fermat’s theorem, also known as Fermat’s little
theorem which states that ap and a have the same remainders when divided by
p where p - a. Finally we present Euler’s theorem which is a generalization of
Fermat’s theorem and it states that for any positive integer m that is relatively
prime to an integer a, aφ(m) ≡ 1(mod m) where φ is Euler’s φ-function. We start
by proving a theorem about the inverse of integers modulo primes.
Theorem 28. Let p be a prime. A positive integer m is its own inverse modulo
p
if and only if p divides m + 1 or p divides m −
1.
Proof. Suppose that m is its own inverse. Thus
m.m ≡ 1(mod p).
Hence p | m2 − 1. As a result,
p | (m − 1)or p | (m + 1).
3.5. THEOREMS OF FERMAT, EULER, AND WILSON 65
We get that m ≡ 1(mod p) or m ≡ −1(mod p).

Conversely, suppose that
m ≡ 1(mod p)or m ≡ −1(mod p).
Thus
m2 ≡ 1(mod p).
Theorem 29. Wilson’s Theorem If p is a prime number, then p divides (p−1)!+1.
Proof. When p = 2, the congruence holds. Now let p > 2. Using Theorem
26, we see that for each 1 ≤ m ≤ p, there is an inverse 1 ≤ ≤ p such that
m¯
mm ≡ 1(mod p). Thus by Theorem 28, we see that the only two integers that
¯
have their own inverses are 1 and p − 1. Hence after coupling the integers from
2 to p − 2 each with its inverse, we get
2.3.....(p − 2) ≡ 1(mod p).
Thus we get
1.2.3.....(p − 2)(p − 1) ≡ (p − 1)(mod p)
As a result, we have (p − 1)! ≡ −1(mod p).
Note also that the converse of Wilson’s theorem also holds. The converse
tells us whether an integer is prime or not.
Theorem 30. If m is a positive integer with m ≥ 2 such that
(m − 1)! + 1 ≡ 0 (mod m)
then m is prime.
Proof. Suppose that m has a proper divisor c1 and that
(m − 1)! + 1 ≡ 0(mod m).
That is m = c1 c2 where 1 < c1 < m and 1 < c2 < m. Thus c1 is a divisor of

(m − 1)!. Also, since
m | ((m − 1)! + 1),
we get
c1 | ((m − 1)! + 1).
As a result, by Theorem 4, we get that
c1 | ((m − 1)! + 1 − (m − 1)!),
which gives that c1 | 1. This is a contradiction and hence m is prime.
We now present Fermat’s Theorem or what is also known as Fermat’s Little

Theorem. It states that the remainder of ap−1 when divided by a prime p that
doesn’t divide a is 1. We then state Euler’s theorem which states that the
remainder of aφ(m) when divided by a positive integer m that is relatively
prime to a is
1. We prove Euler’s Theorem only because Fermat’s Theorem is nothing but a
special case of Euler’s Theorem. This is due to the fact that for a prime number
p,
φ(p) = p − 1.
Theorem 31. Euler’s Theorem If m is a positive integer and a is an integer such

that (a, m) = 1, then
aφ(m) ≡ 1(mod m)
Example 32. Note that 34 = 81 ≡ 1(mod 5). Also, 2φ(9) = 26 = 64 ≡ 1(mod

9).
We now present the proof of Euler’s theorem.

3.5. THEOREMS OF FERMAT, EULER, AND WILSON 67
Proof. Let k1 , k2 , ..., kφ(m) be a reduced residue system modulo m. By Theorem

25, the set
{ak1 , ak2 , ..., akφ(m) }
also forms a reduced residue system modulo m. Thus
ak1 ak2 ...akφ(m) = aφ(m) k1 k2 ...kφ(m) ≡ k1 k2 ...kφ(m) (mod m).
Now since (ki , m) = 1 for all 1 ≤ i ≤ φ(m), we have (k1 k2 ...kφ(m) , m) = 1.

Hence by Theorem 22 we can cancel the product of k’s on both sides and we get
aφ(m) ≡ 1(mod m).
An immediate consequence of Euler’s Theorem is:
Corollary 1. Fermat’s Theorem If p is a prime and a is a positive integer with

p - a, then
ap−1 ≡ 1(mod p).
We now present a couple of theorems that are direct consequences of

Fermat’s theorem. The first states Fermat’s theorem in a different way. It
says that the remainder of ap when divided by p is the same as the remainder of
a when divided by p. The other theorem determines the inverse of an integer a
modulo p where p - a.
Theorem 32. If p is a prime number and a is a positive integer, then ap ≡
a(mod p).
Proof. If p - a, by Fermat’s theorem we know that
ap−1 ≡ 1(mod p).
Thus, we get
ap ≡ a(mod p).
Now if p | a, we have
ap ≡ a ≡ 0(mod p).
Theorem 33. If p is a prime number and a is an integer such that p - a, then ap−2
is the inverse of a modulo p.
Proof. If p - a, then Fermat’s theorem says that
ap−1 ≡ 1(mod p).
Hence
ap−2 a ≡ 1(mod p).
As a result, ap−2 is the inverse of a modulo p.
Exercises
1. Show that 10!+1 is divisible by 11.
2. What is the remainder when 5!25! is divided by 31?
3. What is the remainder when 5100 is divided by 7?
4. Show that if p is an odd prime, then 2(p − 3)! ≡ −1(mod p).
5. Find a reduced residue system modulo 2m , where m is a positive integer.
6. Show that if a1 , a2 , ..., aφ(m) is a reduced residue system modulo m, where

m is a positive integer with m = 2, then a1 + a2 + ... + aφ(m) ≡ 0(mod
m).
7. Show that if a is an integer such that a is not divisible by 3 or such that a is

divisible by 9, then a7 ≡ a(mod 63).
Chapter 4
Multiplicative Number Theoretic

Functions
In this chapter, we study functions, called multiplicative functions, that are

defined on integers. These functions have the property that their value at the
product of two relatively prime integers is equal to the product of the value of
the functions at these integers. We start by proving several theorems about
multiplicative functions that we will use later. We then study special functions
and prove that the Euler φ-function that was seen before is actually
multiplicative. We also define the sum of divisors and the number of divisors
functions.
Later define the Mobius function which investigate integers in terms of their
prime decomposition. The summatory function of a given function takes the sum
of the values of f at the divisors of a given integer n. We then determine the
Mobius inversion of this function which writes the values of f in terms of the
values of its summatory function. We end this chapter by presenting integers
with interesting properties and prove some of their properties.
69
70 CHAPTER 4. MULTIPLICATIVE NUMBER THEORETIC FUNCTIONS
4.1 Definitions and Properties

Definition 18. An arithmetic function is a function whose domain of definition is
the set N of positive integers.
Definition 19. An arithmetic function f is called multiplicative if f (ab) = f (a)f

(b)
for all a, b ∈ N such that (a, b) = 1.
Definition 20. An arithmetic function f is called completely multiplicative if
f (ab) = f (a)f (b) (4.1)
for all positive integers a, b.
Example 33. The function f (a) = 1 where k is a completely multiplicative

function since
f (ab) = 1 = f (a)f
(b).
Notice also that a completely multiplicative function is a multiplicative function

but not otherwise.
We now prove a theorem about multiplicative functions. We will be

interested in studying the properties of multiplicative functions rather than the
completely multiplicative ones.
Qs ak
Theorem 34. Given a multiplicative function f . Let n = k=1 pk be the prime
factorization of n. Then
Y
s
ak
f (n) = f (p
k
).
k=1
Proof. We prove this theorem by induction on the number of primes in the

factorization of n. Suppose 1that n = pa1 . Thus the result follow easily.
Suppose now
that for
Y
s
a
n= pk k ,
k=1
4.1. DEFINITIONS AND PROPERTIES 71
we have
Y
s
ak
f (n) = f (p
k
).
k=1
So we have to prove that if
Y
s+1
a
n= pk k ,
k=1
then
Y
s+1
ak
f (n) = f (p
k
).
k=1
Notice that for
Y
s+1
a
n= pk k ,
k=1
Qs a as+1
we have ( k=1 pk k , ps+1 ) = 1. Thus we have get
Y
s+1 sY
a
ak ak
f (n) = f ( pk ) = f ( kp )f s+1
(p s+1 )
k=1 k=1
which by the inductive step gives

Y
s+1 Y
s+1
a a
f( pk k ) = f (n) = f (p
k
k
).
k=1 k=1
From the above theorem, we can see that to evaluate a multiplicative function
at an integer, it will be enough to know the value of the function at the primes
that are in the prime factorization of the number.
We now define summatory functions which represents the sum of the values
of a given function at the divisors of a given number.
Definition 21. Let f be an arithmetic function. Define

X
F (n) = f
(d)
d|n
Then F is called the summatory function of f .

This function determines the sum of the values of the arithmetic function at
the divisors of a given integer.
Example 34. If f (n) is an arithmetic function, then

X
F (18) = f (d) = f (1) + f (2) + f (3) + f (6) + f (9) + f
(18).
d|18
Theorem 35. If f is a multiplicative function, then the summatory function of f

P
denoted by F (n) = d| n f (d) is also multiplicative.
Proof. We have to prove that F (mn) = F (m)F (n) whenever (m, n) = 1. We

have
X
F (mn) = f (d).
d|mn
Notice that by Lemma 6, each divisor of mn can be written uniquely as a

product of relatively prime divisors d1 of m and d2 of n, moreover the product of
any two divisors of m and n is a divisor of mn. Thus we get
X
F (mn) = f (d1 d2 )
d1 |m,d2 |n
Notice that since f is multiplicative, we have

X
F (mn) = f (d1 d2 )
d1 |m,d2 |n
X
= f (d1 )f (d2 )
d1 |m,d2 |n
X X
= f (d1 ) f (d2 ) = F (m)F (n)
d1 |m d2 |n
Exercises
1. Determine whether the arithmetic functions f (n) = n! and g(n) = n/2 are
completely multiplicative or not.
4.2. MULTIPLICATIVE NUMBER THEORETIC FUNCTIONS 73
2. Define the arithmetic function g(n) by the following. g(n)=1 if n = 1 and

0 for n > 1. Prove that g(n) is multiplicative.
4.2 Multiplicative Number Theoretic Functions

We now present several multiplicative number theoretic functions which will
play a crucial role in many number theoretic results. We start by discussing the
Euler phi-function which was defined in an earlier chapter. We then define the
sum-of- divisors function and the number-of-divisors function along with their
properties.
4.2.1 The Euler φ-Function

As defined earlier, the Euler φ-function counts the number of integers smaller
than and relatively prime to a given integer. We first calculate the value of
the phi-function at primes and prime powers.
Theorem 36. If p is prime, then φ(p) = p − 1. Conversely, if p is an integer
such that φ(p) = p − 1, then p is prime.
Proof. The first part is obvious since every positive integer less than p is
relatively prime to p. Conversely, suppose that p is not prime. Then p = 1 or p is
a composite number. If p = 1, then φ(p) = p − 1. Now if p is composite, then p
has a positive divisor. Thus φ(p) = p − 1. We have a contradiction and thus p is
prime.
We now find the value of φ at prime powers.

Theorem 37. Let p be a prime and m a positive integer, then φ(pm ) = pm −
pm−1 . Proof. Note that all integers that are relatively prime to pm and that are
less than
m
pm−1 are those that are not multiple of p. Those integers are p, 2p, 3p, ...,
p p.
There are pm−1 of those integers that are not relatively prime to pm and that are
less than pm . Thus
φ(pm ) = pm − pm−1 .
Example 35. φ(73 ) = 73 − 72 = 343 − 49 = 294. Also φ(210 ) = 210 − 29 =

512.
We now prove that φ is a multiplicative function.
Theorem 38. Let m and n be two relatively prime positive integers. Then φ(mn) =
φ(m)φ(n).
Proof. Denote φ(m) by s and let k1 , k2 , ..., ks be a reduced residue system modulo
m. Similarly, denote φ(n) by t and let k 01, k20 , ..., kt0 be a reduced residue system
modulo n. Notice that if x belongs to a reduced residue system modulo mn, then
(x, m) = (x, n) = 1.
Thus
x ≡ ki (mod m)and x ≡ k0 (mod n)
j
for some i, j. Conversely, if
x ≡ ki (mod m)and x ≡ k 0 (mod n)

j
some i, j then (x, mn) = 1 and thus x belongs to a reduced residue system modulo
mn. Thus a reduced residue system modulo mn can be obtained by by determin-
ing all x that are congruent to ki and k0 modulo m and n respectively. By the
j
Chinese remainder theorem, the system of equations
x ≡ ki (mod m)and x ≡ kj0 (mod n)
has a unique solution. Thus different i and j will yield different answers. Thus
φ(mn) = st.
We now derive a formula for φ(n).

a a
Theorem 39. Let n = p11 p2 2 ...psas be the prime factorization of n. Then
1 1 1
φ(n) = n 1 − 1− ... 1 − .
p1 p2 ps
Proof. By Theorem 37, we can see that for all 1 ≤ i ≤ k
1
φ(pai i ) = piai − piai −1 = piai 1 − .
pi
Thus by Theorem 38,
a a
φ(n) = φ(p1 1 p2 2 ...psas )
a a
= φ(p11 )φ(p2 2 )...φ(psas )
1 1 1
= pa11 1 − p2a2 1 − ...pass 1 −
p1 p2 ps
a 1 1 1
= pa11 p2a2 ...pk k 1 − 1− ... 1 −
p1 p2 ps
1 1 1
= n 1− 1− ... 1 − .
p1 p2 ps
Example 36. Note that
1 1
φ(200) = φ(23 52 ) = 200 1 − 1− = 80.
2 5
Theorem 40. Let n be a positive integer greater than 2. Then φ(n) is even.
a
Proof. Let n = p1a1 p2a2 ...pk k . Since φ is multiplicative, then
Y
k
a
φ(n) = φ(pj j ).
j=1
Thus by Theorem 39, we have
aj aj −1−1
φ(pj ) = pj (pj − 1).
aj
We see then φ(pj )is even if pj is an odd prime. Notice also that if pj = 2, then it
aj
follows that φ(pj ) is even. Hence φ(n) is even.
76 CHAPTER 4. MULTIPLICATIVE NUMBER THEORETIC
FUNCTIONS
Theorem 41. Let n be a positive integer. Then

X
φ(d) = n.
d|n
Proof. Split the integers from 1 to n into classes. Put an integer m in the class Cd
if the greatest common divisor of m and n is d. Thus the number of integers in
the Cd class is the number of positive integers not exceeding n/d that are
relatively prime to n/d. Thus we have φ(n/d) integers in Cd . Thus we see that
X
n= φ(n/d).
d|n
As d runs over all divisors of n, so does n/d. Hence

X X
n= φ(n/d) = φ(d).
d|n
d|n
4.2.2 The Sum-of-Divisors Function

The sum of divisors function, denoted by σ(n), is the sum of all positive divisors
of n.
Example 37. σ(12) = 1 + 2 + 3 + 4 + 6 + 12 =

28.
P
Note that we can express σ(n) as σ(n) = d| n d.
We now prove that σ(n) is a multiplicative function.
Theorem 42. The sum of divisors function σ(n) is

multiplicative.
Proof. We have proved in Theorem 35 that the summatory function is

multiplicative once f is multiplicative. Thus let f (n) = n and notice that f (n)
is multiplicative. As a result, σ(n) is multiplicative.
Once we found out that σ(n) is multiplicative, it remains to evaluate σ(n) at

powers of primes and hence we can derive a formula for its values at any
positive integer.
Theorem 43. Let p be a prime and let n = p1a1 p2a2 ...pt at be a positive integer. Then
pa+1 − 1
σ(pa ) = ,
p− 1
and as a result,
Y
t paj +1 − 1
j
σ(n) =
j=1
pj − 1
Proof. Notice that the divisors of pa are 1, p, p2 , ..., pa . Thus

a+1
−1
σ(pa ) = 1 + p + p2 + ... + pa = .
p
p− 1
where the above sum is the sum of the terms of a geometric progression.
Now since σ(n) is multiplicative, we have
σ(n) = σ(pa1 )σ(pa2 )...σ(pat )

pa11 +1 − 1 pa22 +1 − 1 patt +1 − 1
= . ...
p1 − 1 p2 − 1 pt − 1
Yt pj j − 1
a +1
=
j=1
pj − 1
24 − 1 53 − 1
Example 38. σ(200) = σ(23 52 ) = 2−1 5−1 = 15.31 = 465.
4.2.3 The Number-of-Divisors Function

The number of divisors function, denoted by τ (n), is the sum of all positive
divisors of n.
Example 39. τ (8) = 4.

P
We can also express τ (n) as τ (n) = |d n 1.
We can also prove that τ (n) is a multiplicative function.
Theorem 44. The number of divisors function τ (n) is
multiplicative. Proof. By Theorem 36, with f (n) = 1, τ (n) is
multiplicative.
We also find a formula that evaluates τ (n) for any integer n.
Theorem 45. Let p be a prime and let n = pa1 pa2 ...pat be a positive integer.
Then 1 2 t
τ (pa ) = a + 1,
and as a result,
Y
t
τ (n) = (aj + 1).
j=1
Proof. The divisors of pa as mentioned before are 1, p, p2 , ..., pa . Thus
τ (pa ) = a +
1
Now since τ (n) is multiplicative, we have
τ (n) = τ (pa1 )τ (pa2 )...τ (pat )

= (a1 + 1)(a2 + 1)...(at + 1)
Y t
= (aj + 1).
j=1
Example 40. τ (200) = τ (23 52 ) = (3 + 1)(2 + 1) = 12.
Exercises
1. Find φ(256) and φ(2.3.5.7.11).
2. Show that φ(5186) = φ(5187).

4.3. THE MOBIUS FUNCTION AND THE MOBIUS INVERSION
FORMULA79
3. Find all positive integers n such that φ(n) = 6.
4. Show that if n is a positive integer, then φ(2n) = φ(n) if n is odd.
5. Show that if n is a positive integer, then φ(2n) = 2φ(n) if n is even.
6. Show that if n is an odd integer, then φ(4n) = 2φ(n).
7. Find the sum of positive integer divisors and the number of positive integer
divisors of 35
8. Find the sum of positive integer divisors and the number of positive integer
divisors of 25 34 53 73 13.
9. Which positive integers have an odd number of positive divisors.
10. Which positive integers have exactly two positive divisors.
4.3 The Mobius Function and the Mobius Inversion

Formula
We start by defining the Mobius function which investigates integers in terms
of their prime decomposition. We then determine the Mobius inversion formula
which determines the values of the a function f at a given integer in terms of its
summatory function.

 1 if n = 1;
Definition 22. µ(n) = (−1)t if n = p 1p 2...p t where the pi are distinct primes;
 0 otherwise.
Note that if n is divisible by a power of a prime higher than one then µ(n) =
0. In connection with the above definition, we have the following
80 CHAPTER 4. MULTIPLICATIVE NUMBER THEORETIC
FUNCTIONS
Definition 23. An integer n is said to be square-free, if no square divides it, i.e.

if there does not exist an integer k such that k 2 | n.
It is immediate (prove as exercise) that the prime-number factorization of a

square-free integer contains only distinct primes.
Example 41. Notice that µ(1) = 1, µ(2) = −1, µ(3) = −1 and µ(4) = 0.
We now prove that µ(n) is a multiplicative function.
Theorem 46. The Mobius function µ(n) is

multiplicative.
Proof. Let m and n be two relatively prime integers. We have to prove

that
µ(mn) = µ(m)µ(n).
If m = n = 1, then the equality holds. Also, without loss of generality, if m =

1, then the equality is also obvious. Now suppose that m or n is divisible by a
power of prime higher than 1, then
µ(mn) = 0 = µ(m)µ(n).
What remains to prove that if m and n are square-free integers say m = p1 p2 ...ps
where p1 , p2 , ..., ps are distinct primes and n = q1 q2 ...qt where q1 , q2 , ..., qt .
Since (m, n) = 1, then there are no common primes in the prime
decomposition between m and n. Thus
µ(m) = (−1)s , µ(n) = (−1)t and µ(mn) = (−1)s+t .
In the following theorem, we prove that the summatory function of the

Mobius function takes only the values 0 or 1.
4.3. THE MOBIUS FUNCTION AND THE MOBIUS INVERSION FORMULA81
P
Theorem 47. Let F (n) = d| n µ(d), then F (n) satisfies
(
1 if n = 1;
F (n) =
0 if n > 1.
Proof. For n = 1, we have F (1) = µ(1) = 1. Let us now find µ(pk ) for any
integer k > 0. Notice that
F (pk ) = µ(1) + µ(p) + ... + µ(pk ) = 1 + (−1) + 0 + ... + 0 = 0
Thus by Theorem 36, for any integer n = p1a1 p2a2 ...pt at > 1 we have,
a a
F (n) = F (p1 1 )F (p2 2 )...F (ptat ) = 0
We now define the Mobius inversion formula. The Mobius inversion

formula expresses the values of f in terms of its summatory function of f .
Theorem 48. Suppose that f is an arithmetic function and suppose that F is its
summatory function, then for all positive integers n we have
X
f (n) = µ(d)F (n/d).
d|n
Proof. We have
X X X
µ(d)F (n/d) = µ(d) f (e)
d|n
d|n e|(n/d)
X X
= µ(d)f (e)
d|n e|(n/d)
X X
= µ(d)f (e)
e|n d|(n/e)
X X
= f (e) µ(d)
e|n
d|(n/d)
P
Notice that d |(n/e) µ(d) = 0 unless n/e = 1 and thus e = n. Consequently we
get
X X
f (e) µ(d) = f (n).1 = f (n).
e|n
d|(n/d)
Example 42. A good example of a Mobius inversion formula would be the in-
version of σ(n) and τ (n). These two functions are the summatory functions
of f (n) = n and f (n) = 1 respectively. Thus we get
X
n= µ(n/d)σ(d)
d|n
and
X
1= µ(n/d)τ (d).
d|n
Exercises
1. Find µ(12), µ(10!) and µ(105).
2. Find the value of µ(n) for each integer n with 100 ≤ n ≤ 110.
P
3. Use the Mobius inversion formula and the identity n = d |n φ(n/d) to
t t t−1
show that φ(p ) = p − p where p is a prime and t is a positive integer.
4.4 Perfect, Mersenne, and Fermat Numbers

Integers with certain properties were studied extensively over the centuries. We
present some examples of such integers and prove theorems related to these inte-
gers and their properties.
We start by defining perfect numbers.
Definition 24. A positive integer n is called a perfect number if σ(n) = 2n.

4.4. PERFECT, MERSENNE, AND FERMAT NUMBERS 83
In other words, a perfect number is a positive integer which is the sum of its
proper divisors.
Example 43. The first perfect number is 6, since σ(6) = 12. You can also view
this as 6 = 1 + 2 + 3. The second perfect number is 28, since σ(28) = 56 or
28 = 1 + 2 + 4 + 7 +
14.
The following theorem tells us which even positive integers are perfect.
Theorem 49. The positive integer n is an even perfect number if and only
if
n = 2l−1 (2l − 1),

where l is an integer such that l ≥ 2 and 2l − 1 is
prime.
Proof. We show first that if n = 2l−1 (2l − 1) where l is an integer such that l
≥ 2 and 2l − 1 is prime then n is perfect. Notice that 2l − 1 is odd and thus
(2l−1 , 2l − 1) = 1. Also, notice that σ is a multiplicative function and thus
σ(n) = σ(2l−1 )σ(2l − 1).

Notice that σ(2l−1 ) = 2l − 1 and since 2l − 1 is prime we get σ(2l − 1) = 2l .
Thus
σ(n) = 2n.
We now prove the converse. Suppose that n is a perfect number. Let n = 2r s,

where r and s are positive integers and s is odd. Since (2r , s) = 1, we get
σ(n) = σ(2r )σ(s) = (2r+1 − 1)σ(s).
Since n is perfect, we get
(2r+1 − 1)σ(s) = 2r+1 s.
Notice now that (2r+1 − 1, 2r+1 ) = 1 and thus 2r+1 | σ(s). Therefore there
exists an integer q such that σ(s) = 2r+1 q. As a result, we have
(2r+1 − 1)2r+1 q = 2r+1 s

and thus we get

(2r+1 − 1)q = s
So we get that q | s. We add q to both sides of the above equation and we get
s + q = (2r+1 − 1)q + q = 2r+1 q = σ(s).
We have to show now that q = 1. Notice that if q = 1, then s will have three
divisors and thus σ(s) ≥ 1 + s + q. Hence q = 1 and as a result s = 2r+1 − 1.
Also notice that σ(s) = s + 1. This shows that s is prime since the only divisors
of s are 1 and s. As a result,
n = 2r (2r+1 − 1),
where (2r+1 − 1) is prime.
In theorem 50, we see that to determine even perfect numbers, we need to

find primes of the form 2l − 1. It is still unknown whether there are odd perfect
numbers or not.
Theorem 50. If 2l − 1 is prime where l is a positive integer, then l must be
prime. Proof. Suppose that l is composite, that is l = rs where 1 < r < m and 1
<s<
m. Thus after factoring, we get that
2m − 1 = (2r − 1)(2r(s−1) + 2r(s−2) + ... + 2r +

1)
Notice that the two factors above are both greater than 1. Thus 2m −1 is not
prime. This is a contradiction.
The above theorem motivates the definition of interesting numbers called

Mersenne numbers.
Definition 25. Let l be a positive integer. An integer of the form Ml = 2l − 1

is called the lth Mersenne number; if l is prime then Ml = 2l − 1 is called the
lth Mersenne prime.
Example 44. M3 = 23 − 1 = 7 is the third Mersenne

prime.
We prove a theorem that help decide whether Mersenne numbers are prime.
Theorem 51. Divisors of Mp = 2p − 1 for prime p is of the form 2mp + 1,

where
m is a positive
integer.
Proof. Let p1 be a prime dividing Mp = 2p − 1. By Fermat’s theorem, we

know that p1 | (2p1 −1 − 1). Also, it is easy to see that
(2p − 1, 2p1 −1 − 1) = 2(p,p1 −1) −

1.
Since p1 is a common divisor of 2p − 1 and 2p1 −1 − 1 and thus not relatively

prime. Hence (p, p1 − 1) = p. Hence p | (p1 − 1) and thus there exists a
positive integer k such that p1 − 1 = kp. Since p1 is odd, then k is even and thus
k = 2m. Hence
p1 = kp + 1 = 2mp +
1.
Because any divisor of Mp is a product of prime divisors of Mp , each prime

divisor of Mp is of the form 2mp + 1 and the result follows.
Example 45. M23 = 223 − 1 is divisible by 47 = 46k + 1. We know this by

trial and error and thus looking at all primes of the form 46k + 1 that are less
than
√
M23 .
We now define Fermat numbers and prove some theorems about the
properties of these numbers.
Definition 26. Integers of the form Fn = 22n + 1 are called Fermat numbers.
Fermat conjectured that these integers are primes but it turned out that this is
not true. Notice that F0 = 3, F1 = 5, F2 = 17, F3 = 257 and F4 = 65, 537
while F5 is composite. It turned out the F5 is divisible by 641. We now present a
couple of theorems about the properties of these numbers.
Theorem 52. For all positive integers n, we have
F0 F1 F2 ...Fn−1 = Fn − 2
Proof. We will prove this theorem by induction. For n = 1, the above identity is
true. Suppose now that
F0 F1 F2 ...Fn−1 = Fn − 2
holds. We claim that

F0 F1 F2 ...Fn = Fn+1 − 2.
Notice that
n n n+1
F0 F1 F2 ...Fn = (Fn − 2)Fn = (22 − 1)(22 + 1) = 22 − 1 = Fn+1 − 2.
Using Theorem 53, we prove that Fermat numbers are relatively prime.
Theorem 53. Let s = t be nonnegative integers. Then (Fs , Ft ) = 1.
Proof. Assume without loss of generality that s < t. Thus by Theorem 52, we
have
F0 F1 F2 ...Fs ...Ft−1 = Ft − 2
Assume now that there is a common divisor d of Fs and Ft . thus we see that d
divides
Ft − F0 F1 F2 ...Fs ...Ft−1 = 2.
Thus d = 1 or d = 2. But since Ft is odd for all t. We have d = 1. Thus Fs and

Ft are relatively prime.
Exercises
1. Find the six smallest even perfect numbers.
2. Find the eighth perfect number.

3. Find a factor of 21001 − 1.
4. We say n is abundant if σ(n) > 2n. Prove that if n = 2m−1 (2m − 1) where
m is a positive integer such that 2m − 1 is composite, then n is abundant.
5. Show that there are infinitely many even abundant numbers.
6. Show that there are infinitely many odd abundant numbers.
7. Determine whether M11 is prime.
8. Determine whether M29 is prime.

n
9. Find all primes of the form 22 + 5 where n is a nonnegative integer.
Chapter 5
Primitive Roots and Quadratic

Residues
In this chapter, we discuss the multiplicative structure of the integers modulo n.

We introduce the concept of the order of integer modulo n and then we study its
properties. We then define primitive roots modulo n and show how to determine
whether an integer is primitive modulo n or not. We later find all positive
integers having primitive roots and prove related results.
We define the concept of a quadratic residue and establish its basic
properties. We then introduce Legendre symbol and also develop its basic
properties. We also introduce the law of quadratic reciprocity. Afterwards, we
generalize the notion of Legendre symbol to the Jacobi symbol and discuss the
law of reciprocity related to Jacobi symbol.
5.1 The order of Integers and Primitive Roots

In this section, we study the order of an integer modulo n, where n is positive.
We also define primitive roots and related results. Euler’s theorem in Chapter 4
states that if a positive integer a is relatively prime to n, then aφ(n) ≡ 1(mod n).
Thus
89
90 CHAPTER 5. PRIMITIVE ROOTS AND QUADRATIC RESIDUES
by the well ordering principle, there is a least positive integer x that satisfies this
congruence ax ≡ 1(mod n).
Definition 1. Let (a, b) = 1. The smallest positive integer x such that ax ≡

1(mod b) is called the order of a modulo b. We denote the order of a modulo b by
ordb a.
Example 46. ord7 2 = 3 since 23 ≡ 1(mod 7) while 21 ≡ 2(mod 7) and 22 ≡

4(mod 7).
To find all integers x such that ax ≡ 1(mod b), we need the following
theorem.
Theorem 54. If (a, b) = 1 with b > 0, then the positive integer x is a solution of
the congruence ax ≡ 1(mod b) if and only if ordb a | x.
Proof. Having ordb a | x, then we have that x = k.ordb a for some positive
integer
k. Thus
ax = akordb a = (aordb a )k ≡ 1(mod b).
Now if ax ≡ 1(mod b), we use the division algorithm to write
x = qordb a + r, 0 ≤ r < ordb a.
Thus we see that
ax ≡ aqordb a+r ≡ (aordb a )q ar ≡ ar (mod b).
Now since ax ≡ 1(mod b),we have ar ≡ 1(mod b). Since ordb a, we get r = 0.
Thus x = q.ordb a and hence ordb a | x.
Example 47. Since ord7 2 = 3, then 215 ≡ 1(mod 7) while 10 is not a solution
for 2x ≡ 1(mod 7).
Theorem 55. If (a, b) = 1 with b > 0, then
ai ≡ aj (mod b)
5.1. THE ORDER OF INTEGERS AND PRIMITIVE ROOTS 91
where i and j are nonnegative integers, if and only if
i ≡ j(mod ordb a)
Proof. Suppose that
i ≡ j(mod ordb a) and 0 ≤ j ≤ i.
Then we have i − j = k.ordb a, where k is a positive integer. Hence
ai = aj+k.ordb a = aj (aordb a )k ≡ aj (mod

b).
Assume now that ai ≡ aj (mod b) with i ≥ j. Thus we have
ai ≡ aj ai−j ≡ aj (mod
b)
Since (a, b) = 1, we have (aj , b) = 1 and thus by Theorem 22, we get
ai−j ≡ 1(mod b).
By theorem 54, we get that ordb a | (i − j) and hence i ≡ j(mod b).
We introduce now primitive roots and discuss their properties. We are inter-
ested in integers whose order modulo another integer is φ(b). In one of the exer-
cises, one is asked to prove that if aand b are relatively prime then ordb a | φ(b).
Definition 2. If (r, m) = 1 with m > 0 and if ordm r = φ(m) then r is called a

primitive root modulo m.
Example 48. Notice that φ(7) = 6 hence 2 is not a primitive root modulo 7. While
ord7 3 = 6 and thus 3 is a primitive root modulo 7.
Theorem 56. If (r, m) = 1 with m > 0 and if r is a primitive root modulo n,

then the integers {r 1 , r 2 , ...r φ(m) } form a reduced residue set modulo m.
92 CHAPTER 5. PRIMITIVE ROOTS AND QUADRATIC
RESIDUES
Proof. To prove that the set {r 1 , r2 , ...r φ(m) } form a reduced residue set
modulo m we need to show that every two of them are relatively prime and
that no two of them are congruent modulo m. Since (r, m) = 1, it follows that
(r n , m) = 1 for all positive integers n. Hence all the powers of r are relatively
prime to m. To show that no two powers in the above set are equivalent modulo
m, assume that
r i ≡ r j (mod m).
By Theorem 55, we see that
i ≡ j(mod ordm φ(m)).
Notice that 1 ≤ i, j ≤ φ(m) and hence i =

j.
Theorem 57. If ordm a = t and if u is a positive integer,

then
ordm (au ) = t/(t, u).
Proof. Let
v = ordm (au ), w = (t, u), t = t1 wand u = u1 w.
Notice that (t1 , u1 ) = 1.

Because t1 = t/(t, u), we want to show that ordm (au ) = t1 . To do this, we
will show that (au )t1 ≡ 1(mod m) and that if (au )v ≡ 1(mod m), then t1 |
v. First note that
(au )t1 = (au1 w )(t/w) = (at )u1 ≡ 1(mod

m).
Hence by Theorem 54, we have v | t1 . Now on the other hand, since
(au )v = auv ≡ 1(mod m),
we know that t | uv. Hence t1 w | u1 wv and hence t1 | u1 v. Because (t1 , u1 ) = 1,

we see that t1 | v. Since v | t1 and t1 | v, we conclude that v = t1 = t/w =
t/(t, u).
5.1. THE ORDER OF INTEGERS AND PRIMITIVE ROOTS 93
Example 49. We see that ord7 34 = 6/(6, 4) since ord7 3 = 6.

Corollary 2. Let r be a primitive root modulo m, where m is a positive integer,
m > 1. Then r u is a primitive root modulo m if and only if (u, φ(m)) =
1. Proof. By Theorem 57, we see that
ordm r u = ordm r/(u, ordm r) = φ(m)/(u, φ(m)).
Thus ordm r u = φ(m) and r u is a primitive root if and only if (u, φ(m)) = 1.
The above corollary leads to the following theorem

Theorem 58. If the positive integer m has a primitive root, then it has a total of
φ(φ(m)) incongruent primitive roots.
Proof. Let r be a primitive root modulo m. By Theorem 56, we see that {r 1 , r2 , ...,
r φ(m) }
form a reduced residue system modulo n. By Corollary 1, it is known that r u is
a primitive root modulo m if and only if (u, φ(m)) = 1. Thus we have exactly
φ(φ(m)) such integers u that are relatively prime to φ(m) and hence there are
exactly φ(φ(m)) primitive roots modulo m.
Exercises
1. Determine ord13 10.
2. Determine ord11 3.
3. Show that 5 is a primitive root of 6.
4. Show that if a¯ is an inverse of a modulo n, then ordn a = ordn a¯.
5. Show that if n is a positive integer, and a and b are integers relatively

prime to n such that (ordn a, ordn b) = 1, then ordn (ab) = ordn a.ordn b.
6. Show that if a is an integer relatively prime to the positive integer m and

ordm a = st, then ordm at = s.
7. Show that if a and n are relatively prime with n > 0, then ordn a | φ(n).
5.2 Primitive Roots for Primes

In this section, we show that every integer has a primitive root. To do this we
need to introduce polynomial congruence.
Let f (x) be a polynomial with integer coefficients. We say that an integer a
is a root of f (x) modulo m if f (a) ≡ 0(mod m).
Example 50. Notice that x ≡ 3(mod 11) is a root for f (x) = 2x2 + x + 1 since
f (3) = 22 ≡ 0(mod 11).
We now introduce Lagrange’s theorem for primes. This is modulo p, the fun-
damental theorem of algebra. This theorem will be an important tool to prove
that every prime has a primitive root.
Theorem 59. Lagrange’s Theorem Let
m(x) = bn xn + −1 x
n−1
+ ... + b1 x + b0
bn
be a polynomial of degree n, n ≥ 1 with integer coefficients and with leading

coef-
ficient bn not divisible by a prime p. Then m(x) has at most n distinct
incongruent roots modulo p.
Proof. Using induction, notice that if n = 1, then we

have
m(x) = b1 x + b0 and p - b1 .
A root of m(x) is a solution for b1 x+b0 (mod p). Since p - b1 , then this
congruence has exactly one solution by Theorem 26.
Suppose that the theorem is true for polynomials of degree n − 1, and let
m(x) be a polynomial of degree n with integer coefficients and where the leading
coefficient is not divisible by p. Assume now that m(x) has n + 1 incongruent
roots modulo p, say x0 , x1 , ..., xn . Thus
m(xk ) ≡ 0(mod p)
5.2. PRIMITIVE ROOTS FOR PRIMES 95
for 0 ≤ k ≤ n. Thus we have
m(x) − m(x0 ) = bn (xn − x0n ) + −1

(xn−1 − x0n−1 ) + ... + b1 (x − x0 )
bn
= bn (x − x0 )(xn−1 + xn−2 x0 + ... + xx
0
n−2
+ 0xn−1 )
+ bn−1 (x − x0 )(xn−2 + xn−3x0 + ... + xxn−3
0 + xn−2
0 ) + ... + b1 (x − c0 )
= (x − x0 )f (x)
where f (x) is a polynomial of degree n − 1 with leading coefficient bn . Notice

that since m(xk ) ≡ m(x0 )(mod p), we have
m(xk ) − m(x0 ) = (xk − x0 )f (xk ) ≡ 0(mod p).
Thus f (xk ) ≡ 0(mod p) for all 1 ≤ k ≤ n and thus x1 , x2 , ..., xn are roots of
f (x). This is a contradiction since we a have a polynomial of degree n − 1 that
has n distinct roots.
We now use Lagrange’s Theorem to prove the following result.
Theorem 60. Consider the prime p and let p − 1 = kn for some integer k. Then
xn − 1 has exactly n incongruent roots modulo
p. Proof. Since p − 1 = kn, we have
xp−1 − 1 = (xn − 1)(xn(k−1) + xn(k−2) + ... + xn +

1)
= (xn − 1)f (x)
By Fermat’s little theorem, we know that xp−1 − 1 has p − 1 incongruent roots

modulo p. Also, roots of xp−1 − 1 are roots of f (x) or a root of xn − 1. Notice
that by Lagrange’s Theorem, we have that f (x) has at most p − n − 1 roots
modulo p. Thus xn − 1 has at least n roots modulo p. But again by Lagrange’s
Theorem, since we have that xn − 1 has at most n roots, thus we get that xn − 1
has exactly n incongruent roots modulo p.
RESIDUES
We now prove a lemma that gives us how many incongruent integers can
have a given order modulo p.
Lemma 11. Let p be a prime and let m be a positive integer such that p − 1 =
mk
for some integer k.
Then
S(m) = |{m : 0 < m < p, m ∈ Z}| ≤ φ(m).
Proof. For each positive integer m dividing p −

1,
Notice that if S(m) = 0, then S(m) ≤ φ(m). If S(m) > 0, then there is an
integer a of order m modulo p. Since ordp a = m, then a, a2 , ...am are
m
incongruent modulo p. Also each power of a is a root of x − 1 modulo p
because
(ak )m = (am )k ≡ 1(mod p)
for all positive integers k. By Theorem 60, we know that xm − 1 has exactly m
incongruent roots modulo p, so that every root is congruent to one of these
powers of a. We also know by Theorem 57 that the powers of ak with (k, m)
= 1 have order m. There are exactly φ(m) such integers with 1 ≤ k ≤ m and
thus if there is one element of order m modulo p, there must be exactly φ(m)
such positive integers less than p. Hence S(m) ≤ φ(m).
In the following theorem, we determine how many incongruent integers can

have a given order modulo p. We actually show the existence of primitive roots
for prime numbers.
Theorem 61. Every prime number has a primitive root.
Proof. Let p be a prime and let m be a positive integer such that p − 1 = mk for
some integer k. Let F (m) be the number of positive integers of order m modulo
p that are less than p. The order modulo p of an integer not divisible by p divides
p − 1, it follows that X
p− 1= F (m).
m|p−1
5.2. PRIMITIVE ROOTS FOR PRIMES 97
By Theorem 42, we see that

X
p− 1= φ(m).
m|p−1
By Lemma 1, F (m) ≤ φ(m) when m | (p − 1). Together with

X X
F (m) = φ(m)
m|p−1 m|p−1
we see that F (m) = φ(m) for each positive divisor m of p − 1. Thus we conclude
that F (m) = φ(m). As a result, we see that there are p − 1 incongruent integers
of order p − 1 modulo p. Thus p has φ(p − 1) primitive roots.
Exercises
1. Find the incongruent roots modulo 11 of x2 + 2.
2. Find the incongruent roots modulo 11 of x4 + x2 + 1.
3. Find the incongruent roots modulo 13 of x3 + 12.
4. Find the number of primitive roots of 13 and of 47.
5. Find a complete set of incongruent primitive roots of 13.
8. Let r be a primitive root of p with p ≡ 1(mod 4). Show that −r is also a

primitive root.
9. Show that if p is a prime and p ≡ 1(mod 4), then there is an integer x such
that x2 ≡ −1(mod p).
RESIDUES
5.3 The Existence of Primitive Roots

In this section, we demonstrate which integers have primitive roots. We start by
showing that every power of an odd prime has a primitive root and to do this we
start by showing that every square of an odd prime has a primitive root.
Theorem 62. If p is an odd prime with primitive root r, then one can have either
r or r + p as a primitive root modulo p2
.
Proof. Notice that since r is a primitive root modulo p, then
ordp r = φ(p) = p − 1.
Let m = ordp2 r, then

r m ≡ 1(mod p2 ).
Thus r m ≡ 1(mod p).
p − 1 | m.
By Theorem 54, we have
By Exercise 7 of section 6.1, we also have that
m | φ(p2 ).
Also, φ(p2 ) = p(p − 1) and thus m either divides p or p − 1. And since p − 1 |

m
then we have
m = p − 1 or m = p(p − 1).
If m = p(p − 1) and ordp2 r = φ(p2 ) then r is a primitive root modulo p2 . Other-

wise, we have m = p − 1 and thus
r p−1 ≡ 1(mod p2 ).
5.3. THE EXISTENCE OF PRIMITIVE ROOTS 99
Let s = r + p. Then s is also a primitive root modulo p. Hence, ordp2 s equals

either p−1 or p(p−1). We will show that ordp2 s = p−1 so that ordp2 s =
p(p−1). Note that
sp−1 = (r + p)p−1 = r p−1 + (p − 1)r p−2 p + ... + pp−1

= r p−1 + (p − 1)p.rp−2 (mod p2 ).
Hence
p2 | sp−1 − (1 −
Note also that if pr p−2 . p2 | (sp−1 − 1),
then
p2 | pr p−2 .
Thus we have
p | r p−2
which is impossible because p - r. Because ordp2 s = p − 1, we can conclude that
ordp2 s = p(p − 1) = φ(p2 ).
Thus, s = r + p is a primitive root of p2 .
Example 51. Notice that 7 has 3 as a primitive root. Either ord49 3 = 6 or

ord49 3 = 42. But since 36 6≡ 1(mod 49). Hence ord49 3 = 42. Hence 3 is
a primitive root of 49.
We now show that any power of an odd prime has a primitive root.
Theorem 63. Let p be an odd prime. Then any power of p is a primitive root.
Moreover, if r is a primitive root modulo p2 , then r is a primitive root modulo
pm for all positive integers m.
Proof. By Theorem 62, we know that any prime p has a primitive root r which
is also a primitive root modulo p2 , thus
p2 - (r p−1 − 1). (5.1)
We will prove by induction that
pm - (r pm−2 (p−1) − 1) (5.2)
for all integers m ≥ 2. Once we prove the above congruence, we show that r is
also a primitive root modulo pm . Let n = ordpm r. By Theorem 54, we know that
n | φ(pm ). Also, we know that φ(pm ) = pm (p − 1). Hence n | pm (p − 1). On
the other hand, because
pm | (r n − 1),
we also know that

p | (r n − 1).
Since φ(p) = p − 1, we see that by Theorem 54, we have n = l(p − 1). also
n | pm−1 (p − 1), we have that n = ps (p − 1), where 0 ≤ s ≤ m − 1. If
n = ps (p − 1) with s ≤ m − 2, then
m−2 (p−1)
pk | r p − 1,
which is a contradiction. Hence
ordpm r = φ(pm ).
We prove now (7.5) by induction. Assume that our assertion is true for all
m ≥ 2. Then
pm - (r pm−2 (p−1) − 1).
Because (r, p) = 1, we see that (r, pm−1 ) = 1. We also know from Euler’s
theorem that
m−2
pm−1 | (r p (p−1)
− 1).
Thus there exists an integer k such that
m−2
rp (p−1)
= 1 + kpm−1 .
where p - k because r pm−2 (p−1) 6≡ 1(mod pm ). Thus we have now
m−1
rp (p−1)
= (1 + kpm−1 )p
≡ 1 + kpm (mod pm+1 )
Because p - k, we have
m−1
(p−1)
pm+1 - (r p − 1).
Example 52. Since 3 is a primitive root of 7, then 3 is a primitive root for 7k for
all positive integers k.
In the following theorem, we prove that no power of 2, other than 2 or 4, has

k k
a primitive root and that is because when m is an odd integer, ord
2 m = φ(2 )
and
this is because 2k | (aφ(2 k )/2 − 1).
Theorem 64. If m is an odd integer, and if k ≥ 3 is an integer,

then
≡ 1(mod 2k ).
k−2
m2
Proof. We prove the result by induction. If m is an odd integer, then m = 2n + 1

for some integer n. Hence,
m2 = 4n2 + 4n + 1 = 4n(n + 1) +
1.
It follows that 8 | (m2 − 1).
Assume now that

2k | (m2k−2 − 1).
Then there is an integer q such that
m2 = 1 + q.2k .
k−2
Thus squaring both sides, we get
m2 = 1 + q.2k+1 + q 2 22k
k−1
Thus
2k+1 | (m2
k−1
− 1).
Note now that 2 and 4 have primitive roots 1 and 3

respectively. We now list the set of integers that do not have
primitive roots.
Theorem 65. If m is not pa or 2pa , then m does not have a primitive root.
s
Proof. Let m = ps1 ps2 ...p i . If m has a primitive root r then r and m are
relatively 1 2 i
prime and ordm r = φ(m). We also have, we have (r, ps ) = 1 where ps is of

the primes in the factorization of m. By Euler’s theorem, we have
ps | (rφ(p s) − 1).
Now let
s
L = [φ(ps11 ), φ(p2s2 ), ..., φ(pi i )].
We know that
s
r L ≡ 1(mod pkk )
for all 1 ≤ k ≤ m. Thus using the Chinese Remainder Theorem, we get
m | (r L − 1),
which leads to ordm r = φ(m) ≤ L. Now because
φ(m) = φ(ps11 )φ(ps22 )...φ(psnn ) ≤ [φ(p1s1 ), φ(p2s2 ), ..., φ(pnsn )].

Now the inequality above holds only if

s s
φ(p 11 ), φ(p22 ), ..., φ(pnsn )
are relatively prime. Notice now that by Theorem 41,

s s
φ(p 11 ), φ(p22 ), ..., φ(pnsn )
are not relatively prime unless m = ps or m = 2ps where p is an odd prime and t
is any positive integer.
We now show that all integers of the form m = 2ps have primitive
roots.
Theorem 66. Consider a prime p = 2 and let s is a positive integer, then 2ps
has a primitive root. In fact, if r is an odd primitive root modulo ps , then it is
also a primitive root modulo 2ps but if r is even, r + ps is a primitive root
modulo 2ps .
Proof. If r is a primitive root modulo ps ,

then
ps | (r φ(p s) − 1)
and no positive exponent smaller than φ(ps ) has this property. Note also that
φ(2ps ) = φ(ps ),
so that
ps | (rφ(2p s ) − 1).
If r is odd, then
2 | (rφ(2p s) − 1).
Thus by Theorem 56, we get

s
2ps | (r φ(2p ) − 1).
It is important to note that no smaller power of r is congruent to 1 modulo 2ps .

This power as well would also be congruent to 1 modulo ps contradicting that r
is a primitive root of ps . It follows that r is a primitive root modulo 2ps .
While, if r is even, then r + ps is odd. Hence
2 | ((r + ps )φ(2p s ) − 1).
Because ps | (r + ps − r), we see that
ps | ((r + ps )φ(2p
s )
−
1).
As a result, we see that 2ps | ((r + ps )φ(2ps ) − 1) and since for no smaller power
of
r + ps is congruent to 1 modulo 2ps , we see that r + ps is a primitive root
modulo
2ps .
As a result, by Theorem 63, Theorem 65 and Theorem 66, we see that
Theorem 67. The positive integer m has a primitive root if and only if n = 2, 4, ps
or 2ps
for prime p = 2 and s is a positive integer.
Exercises
1. Which of the following integers 4, 12, 28, 36, 125 have a primitive root.
2. Find a primitive root of 4, 25, 18.
3. Find all primitive roots modulo 22.
4. Show that there are the same number of primitive roots modulo 2ps as
there are modulo ps , where p is an odd prime and s is a positive integer.
5. Find all primitive roots modulo 25.
6. Show that the integer n has a primitive root if and only if the only solutions
of the congruence x2 ≡ 1(modn) are x ≡ ±1(mod n).
5.4. INTRODUCTION TO QUADRATIC RESIDUES AND
NONRESIDUES105
5.4 Introduction to Quadratic Residues and Non-

residues
The question that we need to answer in this section is the following. If p is an
odd prime and a is an integer relatively prime to p. Is a a perfect square modulo
p.
Definition 3. Let m be a positive integer. An integer a is a quadratic residue of m

if (a, m) = 1 and the congruence x2 ≡ a(mod m) is solvable. If the congruence
x2 ≡ a(mod m) has no solution, then a is a quadratic nonresidue of m.
Example 53. Notice that 12 = 62 ≡ 1(mod 7), 32 = 42 ≡ 2(mod 7) and

22 = 52 ≡ 4(mod 7). Thus 1, 2, 4 are quadratic residues modulo 7 while 3, 5,
6
are quadratic nonresidues modulo 7.
Lemma 12. Let p = 2 be a prime number and a is an integer such that p - a.

Then either a is quadratic nonresidue modulo p or
x2 ≡ a(mod p)
has exactly two incongruent solutions modulo p.
Proof. If x2 ≡ a(mod p) has a solution, say x = x0 , then −x0 is a solution as

well. Notice that −x0 6≡ x0 (mod p) because then p | 2x0 and hence p - x0 .
We now show that there are no more than two incongruent solutions. Assume
that x = x0 and x = x00 are both solutions of x2 ≡ a(mod p). Then we have
(x0 )2 − (x00 )2 = (x0 + x00 )(x0 − x00 ) ≡ 0(mod

p).
Hence
x0 ≡ x00 (mod p) or x0 ≡ −x00 (mod p).
RESIDUES
The following theorem determines the number of integers that are quadratic
residues modulo an odd prime.
Theorem 68. If p = 2 is a prime, then there are exactly (p − 1)/2 quadratic

residues modulo p and (p − 1)/2 quadratic nonresidues modulo p in the set of
integers 1, 2..., p − 1.
Proof. To find all the quadratic residues of p among all the integers 1, 2, ..., p −
1, we determine the least positive residue modulo p of 12 , 22 , ..., (p − 1)2 .
Consider- ing the p − 1 congruences and because each congruence has either no
solution or two incongruent solutions, there must be exactly (p − 1)/2 quadratic
residues of p among 1, 2, ..., p − 1. Thus the remaining are (p − 1)/2 quadratic
nonresidues of p.
Exercises
1. Find all the quadratic residues of 3.
2. Find all the quadratic residues of 13.
3. find all the quadratic residues of 18.
4. Show that if p is prime and p ≥ 7, then there are always two consecutive
quadratic residues of p. Hint: Show that at least one of 2, 5 or 10 is a
quadratic residue of p.
5. Show that if p is prime and p ≥ 7, then there are always two quadratic
residues of p that differ by 3.
5.5 Legendre Symbol

In this section, we define Legendre symbol which is a notation associated to
quadratic residues and prove related theorems.
5.5. LEGENDRE SYMBOL 107
Definition 4. Let p = 2 be a prime and a be an integer such that p - a. The

pa
Legendre symbol is defined by
(
a 1 if a is a quadratic residue of p
=
p −1 if a is a quadratic nonresidue of p.
Example 54. Notice that using the previous example, we see that
1 2
= = 4 =1
7 7
3 7
= 5 = −1
7 =
7 6
7
In the following theorem, we present a way to determine wether an integer is

a quadratic residue of a prime.
Theorem 69. Euler’s Criterion Let p = 2 be a prime and let a be a positive

integer such that p - a. Then
a ≡ aφ(p)/2 (mod p).

p
a
Proof. Assume that p
= 1. Then the congruence x2 ≡ a(mod p) has a
solution say x = x0 . According to Fermat’s theorem, we see that
aφ(p)/2 = ((x0 )2 )φ(p)/2 ≡ 1(mod p).
a
Now if p
= −1, then x2 ≡ a(mod p) is not solvable. Thus by Theorem 26,
we have that for each integer k with (k, p) = 1 there is an integer l such that
kl ≡ a(mod p). Notice that i = j since x2 ≡ a(mod p) has no solutions. Thus
we can couple the integers 1, 2, ..., p − 1 into (p − 1)/2 pairs, each has product
a. Multiplying these pairs together, we find out that
(p − 1)! ≡ aφ(p)/2 (mod p).

Using Wilson’s Theorem, we get

a
= −1 ≡ a(p−1)/2 (mod p).
p
3
Example 55. Let p = 13 and a = 3. Then 13
= −1 ≡ 36 (mod 13).
We now prove some properties of Legendre symbol.
Theorem 70. Let p = 2 be a prime. Let a and b be integers such that p - a, p - b

and p | (a − b) then
a b
= .
p p
Proof. Since p | (a − b), then x2 ≡ a(mod p) has a solution if and only if
x2 ≡ b(mod p) has a solution. Hence
a
= b
p
p
Theorem 71. Let p = 2 be a prime. Let a and b be integers such that p - a, p - b

then
a b ab
=
p p p
By Euler’s criterion, we have
a ≡ aφ(p)/2 (mod p)
p
and
φ(p)/2
b
≡b (mod p).
p
Thus we get
a b ab
≡ (ab)φ(p)/2 ≡ (mod p).
p p p
We now show when is −1 a quadratic residue of a prime p .
Corollary 3. If p = 2 is a, then
(
−1 1 if p ≡ 1(mod 4)
= −1 if p ≡ −1(mod 4).
p
Proof. By Euler’s criterion, we know that
a
= (−1)φ(p)/2 (mod p)
p
If 4 | (p − 1), then p = 4m + 1 for some integer m and thus we get
(−1)φ(p)/2 = (−1)2m = 1.
and if 4 | (p − 3), then p = 4m + 3 for some integer m and we also get
(−1)φ(p)/2 = (−1)2m+1 = −1.
We now determine when 2 is a quadratic residue of a prime p.
Theorem 72. For every odd prime p we have

(
2 1 if p ≡ ±1(mod 8)
=
p −1 if p ≡ ±3(mod 8).
Proof. Consider the following (p − 1)/2 congruences

p − 1 ≡ 1(−1)1 (mod p)
2 ≡ 2(−1)2 (mod p)
3
p − 3 ≡ 3(−1) (mod p)
4
4 ≡ 4(−1) (mod p)
.
.
.
p− 1
r ≡ (− 1)(p−1)/2 (mod p),
2
where r is either p − (p − 1)/2 or (p − 1)/2. Multiplying all these equations we

get,
2.4.6...(p − 1) ≡ p − 1 !(−1)1+2+...+(p−1)/2
(mod p).
2
This gives us
p− 1 ≡ p− 1
(p−1)/2 ! !(−1)(p 2−1)/8 (mod p).
2 2 2
p− 1
Now notice that 2 ! 6≡ 0(mod p) and thus we get
2
2(p−1)/2 ≡ (−1)(p −1)/8
(mod p).
Note also that by Euler’s criterion, we get

2
2φ(p)/2 ≡ (mod p),
p
and since each member is 1 or -1 the two members are equal.
We now present an important lemma that determines whether an integer is a

quadratic residue of a prime or not.
Lemma 13. Gauss’s Lemma Let p = 2 be a prime and a a relatively prime

integer to p. If k counts the number of least positive residues of the integers
a, 2a, ..., ((p − 1)/2)a that are greater than p/2, then
a
= (−1)k .
p
Proof. Let m1 , m2 , ..., ms be those integers greater than p/2 in the set of the
least positive residues of the integers a, 2a, ..., ((p − 1)/2)a and let n1 , n2 , ...,
nt be
those less than p/2. We now show that
p − m1 , p − m2 , ..., p − mk , p − n1 , p − n2 , ..., p −
nt
are precisely the integers

1, 2, ..., (p − 1)/2,
in the same order.

So we shall show that no two integers of these are congruent modulo p, be-
cause there are exactly (p − 1)/2 numbers in the set, and all are positive integers
less than or equal to (p − 1)/2. Notice that mi 6≡ mj ( mod p) for all i = j
and ni 6≡ nj ( mod p) for all i = j. If any of these congruences fail, then
we will have that r ≡ s(mod p) assuming that ra ≡ sa(mod p). Also any of the
integers p − mi can be congruent to any of the ni ’s. Because if such
congruence holds, then we have ra ≡ p − sa(mod p), so that ra ≡ −sa(mod p).
Because p - a, this implies that r ≡ −s(mod p), which is impossible. We
conclude that
Y
k Y
t
p− 1
(p − mi ) ni !(mod p),
2
≡
i=1 i=1
which implies
p− 1
(−1)s m1 m2 ...(p − mk )n1 n2 ...nt ≡ !(mod p),
2
Simplifying, we get
m1 m2 ...(p − mk )n1 n2 ...nt ≡ a.2a...((p − 1)/2) = a(p−1)/2 ((p − 1)/2)!(mod p).
As a result, we have that
a(p−1)/2 ((p − 1)/2)! ≡ ((p − 1)/2)!(mod p)
Note that since (p, ((p − 1)/2)!) = 1, we get
(−1)k a(p−1)/2 ≡ 1(mod p).
Thus we get
a(p−1)/2 ≡ (−1)k (mod p).
Using Euler’s criterion, the result follows.

135
Example 56. To find using Gauss’s lemma, we calculate
X
6
[5i/13] = [5/13] + [10/13] + [15/13] + [20/13] + [25/13] + [30/13] = 5
i=1
5
Thus we get 13 = (−1)5 = −1.
Exercises
1. Find all quadratic residues of 3
2. Find all quadratic residues of 19.
7j
3. Find the value of Legendre symbol for j = 1, 2, 3, 4, 5, 6.
11
7
4. Evaluate the Legendre symbol by using Euler’s criterion.
5. Let a and b be integers not divisible by p. Show that either one or all three
of the integers a, b and ab are quadratic residues of p.
6. Let p be a prime and a be a quadratic residue of p. Show that if p ≡
1(mod 4), then −a is also a quadratic residue of p, whereas if p ≡ 3(mod
4), then −a is a quadratic nonresidue of p.
7. Show that if p is an odd prime and a is an integer not divisible by p then
ap2
= 1.
5.6 The Law of Quadratic Reciprocity

Given that p and q are odd primes. Suppose we know whether q is a quadratic
residue of p or not. The question that this section will answer is whether p will
be a quadratic residue of q or not. Before we state the law of quadratic
reciprocity, we will present a Lemma of Eisenstein which will be used in the
proof of the law of reciprocity. The following lemma will relate Legendre
symbol to the counting lattice points in the triangle.
5.6. THE LAW OF QUADRATIC RECIPROCITY 113
Lemma 14. If p = 2 is a prime and a is an odd integer such that p - a, then
P (p−1)/2
a = (−1) i=1 [ia/p]
.
p
Proof. Consider the least positive residues of the integers a, 2a, ..., ((p − 1)/2)a;
let m1 , m2 , ..., ms be integers of this set such that mi > p/2 for all i and let
n1 , n2 , ..., nt be those integers where ni < p/2. Using the division algorithm, we
see that
ia = p[ia/p] + r
where r is one of the mi or ni . By adding the (p − 1)/2 equations, we obtain
(p−1)/2
X X
(p−1)/2 X
s X
t
ia = p[ia/p] + mi + ni . (5.3)
i=1 i=1 i=1 i=1
As in the proof of Gauss’s Lemma, we see that
p − m1 , p − m2 , ..., p − ms , p − n1 , p − n2 , ..., p − nt
are precisely the integers 1, 2, ..., (p − 1)/2, in the same order. Now we obtain
(p−1)/2
X X
s X
t sX t X
i= (p − mi ) + ni = ps − mi + ni . (5.4)
i=1 i=1 i=1 i=1 i=1
We subtract (5.4) from (5.3) to get
(p−1)/2
X X
(p−1)/2 (p−1)/2
X X
s
ia − i= p[ia/p] − ps + 2 mi .
i=1 i=1 i=1 i=1
Now since we are taking the following as exponents for −1, it suffice to look at
them modulo 2. Thus
X
(p−1)/2
0≡ [ia/p] − s(mod 2).

i=1
(p−1)/2
X
[ia/p] ≡ s(mod 2)
i=1
Using Gauss’s lemma, we get
a P(p−1)/2
p = (−1)s = (−1) i=1 [ia/p]
.
Theorem 73. The Law of Quadratic Reciprocity Let p and q be distinct odd
primes. Then
p q p− 1
. q−21
= (−1) 2
q p
Proof. We consider now the pairs of integers also known as lattice points (x, y)
with
1 ≤ x ≤ (p − 1)/2and 1 ≤ y ≤ (q −
1)/2.
p− 1
The number of such pairs is . q− 1 . We divide these pairs into two groups
2 2 de-
pending on the sizes of qx and py. Note that qx = py for all pairs because p and
q are distinct primes.
We now count the pairs of integers (x, y) with
1 ≤ x ≤ (p − 1)/2, 1 ≤ y ≤ (q − 1)/2and qx >
py.
Note that these pairs are precisely those where

1 ≤ x ≤ (p − 1)/2and 1 ≤ y ≤
qx/p.
For each fixed value of x with 1 ≤ x ≤ (p − 1)/2, there are [qx/p] integers
satisfying 1 ≤ y ≤ qx/p. Consequently, the total number of pairs with are
1 ≤ x ≤ (p − 1)/2, 1 ≤ y ≤ qx/p, and qx >
py
is
(p−1)/2
X
[qi/p].
i=1
5.6. THE LAW OF QUADRATIC RECIPROCITY 115
Consider now the pair of integers (x, y) with
1 ≤ x ≤ (p − 1)/2, 1 ≤ y ≤ (q − 1)/2, and qx <

py.
Similarly, we find that the total number of such pairs of integers is

(q−1)/2
X
[pi/q].
i=1
Adding the numbers of pairs in these classes, we see that

(p−1)/2
X (q−1)/2
X p −1 q− 1
[qi/p] + [pi/q] = . ,
i=1
i=1
2 2
and hence using Lemma 14, we get that
p p p− 1 . q−21
= (−1) 2
q q
Exercises
53
3
1. Evaluate .
641
31
2. Evaluate .
3. Using the law of quadratic reciprocity, show that if p is an odd prime, then
(
3 1 if p ≡ ±1(mod 12)
=
p −1 if p ≡ ±5(mod 12).
4. Show that if p is an odd prime, then

(
−3 1 if p ≡ 1(mod 6)
= −1 if p ≡ −1(mod 6).
p
5. Find a congruence describing all primes for which 5 is a quadratic residue.

RESIDUES
5.7 Jacobi Symbol

In this section, we define the Jacobi symbol which is a generalization of the Leg-
endre symbol. The Legendre symbol was defined in terms of primes, while
Jacobi symbol will be generalized for any odd integers and it will be given in
terms of Legendre symbol.
Definition 27. Let n be an odd positive integer with prime factorization n =

a a
p1 1 p2 2...pamm and let a be an integer relatively prime to n, then
a Ym
a ci
= .
n i=1
pi
Example 57. Notice that from the prime factorization of 45, we get that
2
= 2 2 = (−1)(−1) = 1
55 5 11
We now prove some properties for Jacobi symbol that are similar to the prop-
erties of Legendre symbol.
Theorem 74. Let n be an odd positive integer and let a and b be integers such
that(a, n) = 1 and (b, n) = 1. Then
1. if n | (a − b), then
a b
= .
n n
2.
ab a
= .
n n nb
Proof. Proof of 1: Note that if p is in the prime factorization of n, then we have

that p | (a − b). Hence by Theorem 70, we get that
a b
= .
p p
5.7. JACOBI SYMBOL 117
As a result, we have
a Y
m
a ci Y
m
b ci
= =
n i=1
pi i=1
pi
ab a b
Proof of 2: Note that by Theorem 71, we have p = p p for any prime p
appearing in the prime factorization of n. As a result, we have
ab Y
m
= ab
ci
n
i=1 pi
m
Y a ci Y
m
b ci
=
i=1
pi i=1
pi
a b
= .
n n
−1 2
In the following theorem, we determine n and n .
Theorem 75. Let n be an odd positive integer. Then
1.
−1
= (−1)(n−1)/2 .
n
2.
2 2
n = (−1)(n −1)/8 .
Proof. Proof of 1: If p is in the prime factorization of n, then by Corollary 3, we

−
p1
see that = (−1)(p−1)/2 . Thus
−1 Y
m
−1
ci
=
n i=1
pi
P
= (−1)m i=1 ci (pi −1)/2 .
Notice that since pi − 1 is even, we have
a
pi i = (1 + (pi − 1))ci ≡ 1 + ci (pi − 1)(mod 4)
and hence we get

Y
m X
m
ci
n= pi ≡ 1 + ci (pi − 1)(mod 4).
i=1 i=1
X
m
(n − 1)/2 ≡ ci (pi − 1)/2 (mod 2).
i=1
Proof of 2: If p is a prime, then by Theorem 72 we have
2
2 = (−1)(p −1)/8
.
p
Hence
2 Pm
= (−1) i=1 ci (pi −1)/8 .
2
n
2
Because 8 | p − 1, we see similarly that
i
(1 + (pi2 − 1))ci ≡ 1 + ci (p
i
2
− 1)(mod 64)
and thus
X
m
n2 ≡ 1 + ci (p
i
2
− 1)(mod 64),
i=1
which implies that

X
m
2 2
(n − 1)/8 ≡ ci (p
i − 1)/8(mod 8).
i=1
We now show that the reciprocity law holds for Jacobi symbol.
5.7. JACOBI SYMBOL 119
Theorem 76. Let (a, b) = 1 be odd positive integers. Then

b a a− 1 b− 1
= (−1) 2 . 2 .
a b
Qm c i Qn d
Proof. Notice that since a = j=1 pi and b = i=1 qi i we get
b a Y
n Y
m
pj
cj di
qi
=
a b i=1 j=1
qi pj
By the law of quadratic reciprocity, we get

Pn Pm
b a j=1 cj
pj − 1
di (
qi −1
)
= (−1) i=1 2 2
a b
As in the proof of part 1 of Theorem 75, we see that
Xm −1 a− 1
c j pj 2 ≡
2 (mod 2)
j=1
and
n
−1 b− 1
X qi
di ≡ (mod 2).
i=1
2 2
Thus we conclude that
X m i −1 b− 1
c j pj − 1 X
n
≡a− 1.
qi 2 2 2 (mod 2).
j=1 2
di=1
Exercises
4520
258
1. Evaluate .
2307
1008
2. Evaluate .
3. For which positive integers n that are relatively prime to 15 does the Jacobi
n
15
symbol equal 1?
4. Let n be an odd square free positive integer. Show that there is an integer a
such that (a, n) = 1 and na = −1.

Chapter 6
Introduction to Continued Fractions
In this chapter, we introduce continued fractions, prove their basic properties and
apply these properties to solve some problems. Being a very natural object, con-
tinued fractions appear in many areas of Mathematics, sometimes in an unex-
pected way. The Dutch mathematician and astronomer, Christian Huygens
(1629-
1695), made the first practical application of the theory of ”anthyphaeiretic
ratios” (the old name of continued fractions) in 1687. He wrote a paper
explaining how to use convergents to find the best rational approximations for
gear ratios. These approximations enabled him to pick the gears with the best
numbers of teeth. His work was motivated by his desire to build a mechanical
planetarium. Further continued fractions attracted attention of most prominent
mathematicians. Euler, Jacobi, Cauchy, Gauss and many others worked with the
subject. Continued fractions find their applications in some areas of
contemporary Mathematics. There are mathematicians who continue to
develop the theory of continued fractions nowadays, The Australian
mathematician A.J. van der Poorten is, probably, the most prominent among
them.
121
122 CHAPTER 6. INTRODUCTION TO CONTINUED FRACTIONS
6.1 Basic Notations

In general, a (simple) continued fraction is an expression of the form
1
a0 + ,
a1 + a +1
2 ...
where the letters a0 , a1 , a2 , . . . denote independent variables, and may be inter-
preted as one wants (e.g. real or complex numbers, functions, etc.). This expres-
sion has precise sense if the number of terms is finite, and may have no meaning
for an infinite number of terms. In this section we only discuss the simplest clas-
sical setting.
The letters a1 , a2 , . . . denote positive integers. The letter a0 denotes an

integer.
The following standard notation is very convenient.
Notation 1. We write
1
[a0 ; a1 , a2 , . . . , an ] = a0
+ a1 + + . 1. .
a2
+ an
1
if the number of terms is finite, and

1
[a0 ; a1 , a2 , . . .] = a0
+ a1 + a 1
2 +. . .
for an infinite number of terms.
Still, in the case of infinite number of terms a certain amount of work must
be carried out in order to make the above formula meaningful. At the same time,
for the finite number of terms the formula makes sense.
Example 58.
[−2; 1, 3, 5] = −2+1/(1+1/(3+1/5)) = −2+1/(1+5/16) = −2+1/(21/16) = −2+16/21 =

−26
6.1. BASIC NOTATIONS 123
Notation 2. For a finite continued fraction [a0 ; a1 , a2 , . . . , an ] and a positive

integer k ≤ n, the k-th remainder is defined as the continued fraction
rk = [ak ; ak+1 , ak+2 , . . . ,

an ].
Similarly, for an infinite continued fraction [a0 ; a1 , a2 , . . .] and a positive

integer k, the k-th remainder is defined as the continued fraction
rk = [ak ; ak+1 , ak+2 , . .

.].
Thus, at least in the case of a finite continued fraction,
α = [a0 ; a1 , a2 , . . . , an ] = a0 + 1/(a1 + 1/(a2 + . . . +

1/an ))
we have
α = a0 + 1/(a1 + 1/(a2 + . . . + 1/(ak−1 + 1/rk ))) = ”[a0 ; a1 , a2 , . . . , ak−1 ,

rk ]”
(6.1)
for any positive k ≤ n. Quotation signs appear because we consider the expres-
sions of this kind only with integer entries but the quantity rk may be a non-
integer.
It is not difficult to expand any rational number α into a continued fraction.
Indeed, let a0 = [α] be the greatest integer not exceeding α. Thus the difference
δ = α − a0 < 1 and, of course, δ ≥ 0. If δ = 0 then we are done. Otherwise
put r1 = 1/δ, find a1 = [r1 ] and non-negative δ = α1 − a1 < 1. Continue the
procedure until you obtain δ = 0.
Example 59. Consider the continued fraction expansion for 42/31. We obtain
a0 = [42/31] = 1, δ = 42/31 − 1 = 11/31. Now r1 = 1/δ = 31/11 and
a1 = [α1 ] = [31/11] = 2. The new δ = 31/11 − 2 = 9/11. Now r2 = 1/δ =
11/9 and a2 = [α2 ] = [11/9] = 1. It follows that δ = 11/9 − 1 = 2/9.
Now r3 = 1/δ = 9/2 and a3 = [α3 ] = [9/2] = 4. It follows that δ = 9/2 − 4
= 1/2. Now r4 = 1/δ = 2 and a4 = [α4 ] = [2] = 2. It follows that δ = 2 − 2 =
0 and we are done.
Thus we have calculated
42/31 = [a0 ; a1 , a2 , a3 , a4 ] = [1; 2, 1, 4,

2].
The above example shows that the algorithm stops after finitely many steps.
This is in fact quite a general phenomenon. In order to practice with the
introduced notations let us prove a simple but important proposition.
Proposition 1. Any rational number can be represented as a finite continued frac-

tion.
Proof. By construction, all remainders are positive rationals. For a positive

integer k put rk = A/B and let ak = [rk ]. Then
A − Bak C
rk − ak = := . (6.2)
B B
with C < B because rk − ak < 1 by construction. If C = 0, then the algorithm
stops at this point and we are done. Assume now that C = 0. It follows from
(6.1) that
rk = ak + 1 . (6.3)
rk+1
Compare now (6.2) with (6.3) to find that
B
rk+1 = .
C
Since C < B, the rational number rk+1 has a denominator which is smaller than
the the denominator of the previous remainder rk . It follows that after a finite
number of steps we obtain an integer (a rational with 1 in the denominator) rn =
an and the procedure stops at this point.
There appear several natural questions in the connection with Proposition 1.
Is such a continued fraction representation unique? The immediate answer is
”no”. Here are two ”different” continued fraction representations for 1/2:
1
= [0; 2] = [0; 1,
1].
2
6.1. BASIC NOTATIONS 125
However, we require that an > 1, where an is the last element of a finite

continued fraction. Then the answer is ”yes”.
Hint. Make use of the formulas (6.5) below.
From now on we assume that an > 1.
Another natural question is about infinite continued fractions and (as one can
easily guess) real numbers. The proof of the corresponding result is slightly
more involved, and we do not give it here. In this brief introduction we just
formulate the result and refer to the literature ([12, Theorem 14]) for a complete
proof. We, however, provide some remarks concerning this result below. In
particular, we will explain at some point, what the convergence means.
Theorem 77. An infinite continued fraction converges and defines a real number.
There is a one-to-one correspondence between
• all (finite and infinite) continued fractions [a0 ; a1 , a2 , . . .] with an integer a0
and positive integers ak for k > 0 (and the last term an > 1 in the case of finite
continued fractions)
and
• real numbers.
Note that the algorithm we developed above can be applied to any real
number and provides the corresponding continued fraction.
Theorem 77 has certain theoretical significance. L.Kronecker (1823-1891)
said, ”God created the integers; the rest is work of man”. Several ways to
represent real numbers out of integers are well-known. Theorem 77 provides
yet another way to fulfill this task. This way is constructive and at the same time
is not tied to any particular base (say to decimal or binary decomposition).
We will discuss some examples later.
Exercises
1. Prove that under the assumption an > 1 the continued fraction representa-
tion given in Proposition 1 is unique. In other words, the correspondence
126 CHAPTER 6. INTRODUCTION TO CONTINUED
FRACTIONS
between
• finite continued fractions [a0 ; a1 , a2 , . . . an ] with an integer a0 ,
positive integers ak for k > 0 and an > 1
and
• rational numbers
is one-to-one.
6.2 Main Technical Tool

Truncate finite (or infinite) continued fraction α = [a0 ; a1 , a2 , . . . , an ] at the k-
th place (with k < n in the finite case). The rational number sk = [a0 ; a1 , a2 , . . .
, ak ] is called the k-th convergent of α. Define the integers pk and qk by
pk
sk = (6.4)
qk
written in the reduced form with qk > 0.

The following recursive transformation law takes place.
Theorem 78. For k ≥ 2
pk = ak pk−1 + pk−2
(6.5)
qk = ak qk−1 + qk−2 .
Remark. It does not matter here whether we deal with finite or infinite con-
tinued fractions: the convergents are finite anyway. Proof. We use the induction
argument on k. For k = 2 the statement is true.
Now, assume (6.5) for 2 ≤ k < l. Let
pl
α = [a0 ; a1 , a2 , . . . al ] =
ql
6.2. MAIN TECHNICAL TOOL 127
be an arbitrary continued fraction of length l + 1. We denote by pr /qr the r-th

convergent α. Consider also the continued fraction
β = [a1 ; a2 , . . . , al
]
and denote by p0r /qr0 its r-th convergent. We have α = a0 + 1/β which translates
as
0 0
pl = a0 pl−1 + l−1
0 q (6.6)
ql = pl−1 .
Also, by the induction assumption,
0 = al p0l−2 + p0l−3
pl−1
(6.7)
0 0
ql−1 = al ql−2 + q0l−3
Combining (6.6) and (6.7) we obtain the formulas

0 0 0 0
pl = a0 (al pl−2 +p0l−3 )+al ql−2 0
+ql−3 = al (a0 pl−2 0
+ql−2 )+(a0 pl−3 0
+ql−3 ) = al pl−1 +pl−2
and
0
ql = al pl−2 + 0l−3 = al ql−1 + ql−2 ,
p
which complete the induction step. We have thus proved that
pk
sk = ,
qk
where pk and qk are defined by the recursive formulas (6.5). We still have to
check that these are the quantities defined by (6.4), namely that qk > 0 and that
qk and pk are relatively prime. The former assertion follows from (6.5) since ak
> 0 for k > 0. To prove the latter assertion, multiply the equations (6.5) by qk−1
and pk−1 respectively and subtract them. We obtain
pk qk−1 − qk pk−1 = −(pk−1 qk−2 − qk−1 pk−2 ). (6.8)
This concludes the proof of Theorem 6.5. As an immediate consequence of

(6.5) we find that
pk−1 pk ( −1)k
− = (6.9)
qk−1 qk qk qk−1
and
pk−2 pk ( −1) k ak
− = .
qk−2 qk qk qk−2
Since all the numbers qk and ak are positive, the above formulas imply the
following.
Proposition 2. The subsequence of convergents pk /qk for even indices k is in-

creasing.
The subsequence of convergents pk /qk for odd indices k is decreasing.
Every convergent with an odd index is bigger than every convergent with an
even index.
Remark. Proposition 2 implies that both subsequences of convergents (those

with odd indices and those with even indices) have limits. This is a step towards
making sense out of an infinite continued fraction: this should be common limit
of these two subsequences. It is somehow more technically involved (although
still fairly elementary!) to prove that these two limits coincide.
Theorem 79. Let α = [a0 ; a1 , a2 , . . . , an ]. For k < n we have

1 pk 1
≤α − ≤
qk (qk+1 + qk ) qk qk+1
qk
Proof.
Another inequality, which provides the lower bound for the distance between
the number α and k-th convergent is slightly more involved. To prove it we
first consider the following way to add fractions which students sometimes
prefer.
Definition 1. The number

a+ c
b+d
is called the mediant of the two fractions a/b and c/d. (The quantities a, b, c and
d are integers.)
6.2. MAIN TECHNICAL TOOL 129
Lemma 15. If
a c
≤
b d
then
a a+c c
≤ ≤ .
b b+ d d
Consider now the sequence of fractions
pk pk + pk+1 pk + 2pk+1 pk + ak pk+2
, , ,..., = , (6.10)
pk+1
qk qk + qk+1 qk + 2qk+1 qk + ak qk+1 qk+2
where the last equality follows from (6.5).
It follows that the sequence (6.10) is increasing if k is even and is decreasing
if k is odd. Thus, in particular, the fraction
pk + pk+1
qk + qk+1 (6.11)
is between the quantities pk /qk and α. Therefore the distance between pk /qk
and the fraction (6.11) is smaller than the distance between pk /qk and α:
pk p + pk+1 1
α− ≥ k = .
qk qk + qk+1 q k k + qk+1 )
(q
The second (right) inequality in Theorem 79 is now proved. This finishes the
proof of Theorem 79.
Exercises
1. Check the assertion of Theorem 78 for k = 2.
2. Check that for k = 2

p2 q1 − q2 p1 = −1.
Hint. Introduce formally p−1 = 1 and q−1 = 0, check that then formulas
6.5 are true also for k = 1.
3. Combine the previous exercises with (6.8) to obtain

k
qk pk−1 − pk qk−1 =
(−1)
for k ≥ 1. Derive from this that qk and pk are relatively prime.

4. Prove Proposition 2
5. Combine (6.9) with Proposition 2 to prove the inequality
pk 1
α− ≤ .
qk qk qk+1
6. Prove Lemma 15
7. Use (6.5) to show that the sign of the difference between two consecutive
fractions in (6.10) depends only on the parity of k.
6.3 Very Good Approximation

Continued fractions provide a representation of numbers which is, in a sense,
generic and canonical. It does not depend on an arbitrary choice of a base. Such
a representation should be the best in a sense. In this section we quantify this
naive idea.
Definition 2. A rational number a/b is referred to as a ”good” approximation to

a number α if
c a
= and 0<d≤b
d b
imply
|dα − c| > |bα − a|.
Remarks. 1. Our ”good approximation” is ”the best approximation of the sec-

ond kind” in a more usual terminology.
2. Although we use this definition only for rational α, it may be used for any real
α as well. Neither the results of this section nor the proofs alter.
3. Naively, this definition means that a/b approximates α better then any other
rational number whose denominator does not exceed b. There is another, more
6.3. VERY GOOD APPROXIMATION 131
common, definition of ”the best approximation”. A rational number x/y is re-

ferred to as ”the best approximation of the first kind” if c/d = x/y and 0 < d ≤
y imply |α − c/d| > |α − x/y|. In other words, x/y is closer to α than any
rational number whose denominator does not exceed y. In our definition we
consider a slightly different measure of approximation, which takes into the
account the denominator, namely b|α − a/b| = |bα − a| instead of taking just
the distance
|α − a/b|.
Theorem 80. Any ”good” approximation is a convergent.
Proof. Let a/b be a ”good” approximation to α = [a0 ; a1 , a2 , . . . , an ].

We have to prove that a/b = pk /qk for some k.
Thus we have a/b > p1 /q1 or a/b lies between two consecutive convergents
pk−1 /qk−1 and pk+1 /qk+1 for some k. Assume the latter.
Then
a pk−1 1
− ≥
b qk−1 bqk−1
and
a pk−1 pk pk−1 1
− < − = .
b qk−1 qk qk−1 qk qk−1
It follows that
b > qk . (6.12)
Also
a pk+1 a 1
α− ≥ − ≥ ,
b qk+1 b bqk+1
which implies
1
|bα − a| ≥ .
qk+1
At the same time Theorem 79 (it right inequality multiplied by qk ) reads
1
|qk α − pk | ≤ .
qk+1
It follows that
|qk α − pk | ≤ |bα − a| ,
FRACTIONS
and the latter inequality together with (6.12) show that a/b is not a ”good” ap-
proximation of α in this case.
This finishes the proof of Theorem 80.
Exercises
1. Prove that if a/b is a ”good” approximation then a/b ≥ a0 .
2. Show that if a/b > p1 /q1 then a/b is not a ”good” approximation to α.
6.4 An Application
Consider the following problem which may be of certain practical interest. As-
sume that we calculate certain quantity using a computer. Also assume that we
know in advance that the quantity in question is a rational number. The com-
puter returns a decimal which has high accuracy and is pretty close to our
desired answer. How to guess the exact answer?
To be more specific consider an example.
Example 60. Assume that the desired answer is
123456
121169
and the result of computer calculation with a modest error of 10−15

is
α = 123456/121169 + 10−15 =
1.018874464590779169333740478175110795665558022266421279370135
92
58556231379313190667579991582005298384900428327377464533007617
45
99113634675535821868629765038912593155014896549447465936006734395761292
07
with some two hundred digits of accuracy which, of course come short to help
in guessing the period and the exact denominator of 121169.
6.5. A FORMULA OF GAUSS, A THEOREM OF KUZMIN AND LE´ VI AND A PROBLEM OF
ARNOLD1
Solution. Since 123456/121169 is a good (just in a naive sense)

approximation to α, it should be among its convergents. This is not an exact
statement, but it offers a hope! We have
α = [1; 52, 1, 53, 2, 4, 1, 2, 1, 68110, 4, 1, 2, 106, 22, 3, 1, 1, 10, 2, 1, 3, 1, 3, 4, 2, 11].
We are not going to check all convergents, because we notice the irregularity:
one element, 68110 is far more than the others. In order to explain this we use
the left inequality from Theorem 79 together with the formula (6.5). Indeed, we
have an approximation of α which is unexpectedly good: |α − pk /qk | is very
small (it is around 10−15 ) and with a modest qk too. We have
qk (qk+1 + qk ) = qk (ak+1 qk + q−k 1) =k q 2k+1

(a + qk−1 /q )
k
and
pk 1
α− .
qk ≥ q 2
k (ak+1 + qk−1 /qk )
It follows that 1/qk2 (ak+1 + qk −1 /qk ) is small (smaller than 10−15 ) and therefore,
ak+1 should be big. This is exactly what we see. Of course, our guess is correct:
123456
= [1, 52, 1, 53, 2, 4, 1, 2, 1].
121169
In this way we conclude that in general an unexpectedly big element allows
to cut the continued fraction (right before this element) and to guess the exact
rational quantity. There is probably no need (although this is, of course,
possible) to quantify this procedure. I prefer to use it just for guessing the correct
quantities on the spot from the first glance.
6.5 A Formula of Gauss, a Theorem of Kuzmin and

Le´vi and a Problem of Arnold
In this connection Gauss asked about a probability ck for a number k to appear
as an element of a continued fraction. Such a probability is defined in a natural
way:
FRACTIONS
as a limit when N → ∞ of the number of occurrences of k among the first N

elements of the continued fraction enpension. Moreover, Gauss provided an
answer, but never published the proof. Two different proofs were found
independently by R.O.Kuzmin (1928) and P. Le´vy (1929) (see [12] for a
detailed exposition of the R.O.Kuzmin’s proof).
Theorem 81. For almost every real α the probability for a number k to appear as
an element in the continued fraction expansion of α is
1 1
ck = ln 1 + . (6.13)
ln 2 k(k + 2)
Remarks. 1. The words ”for almost every α” mean that the measure of the set
of exceptions is zero.
2. Even the existence of pk (defined as a limit) is highly non-trivial.
Theorem 81 may (and probably should) be considered as a result from
ergodic theory rather than number theory. This constructs a bridge between
these two areas of Mathematics and explains the recent attention to continued
fractions of the mathematicians who study dynamical systems. In particular,
V.I.Arnold formulated the following open problem. Consider the set of pairs of
integers (a, b) such that the corresponding points on the plane are contained in a
quarter of a circle of radii N :
a 2 + b2 ≤ N
2
.
Expand the numbers p/q into continued fractions and compute the frequencies
sk for the appearance of k in these fractions. Do these frequencies have limits
as N → ∞? If so, do these limits have anything to do with the probabilities,
given by (6.13)? These questions demand nothing but experimental computer
investigation, and such an experiment may be undertaken by a student. Of
course, it would be extremely challenging to find a phenomena experimentally in
this way and to prove it after that theoretically.
Of course, one can consider more general kinds of continued fractions. In
particular, one may ease the assumption that the elements are positive integers
6.5. A FORMULA OF GAUSS, A THEOREM OF KUZMIN AND LE´ VI AND A PROBLEM OF
ARNOLD1
and consider, allowing arbitrary reals as the elements (the question of conver-
gence may usually be solved). The following identities were discovered inde-
pendently by three prominent mathematicians. The English mathematician R.J.
Rogers found and proved these identities in 1894, Ramanujan found the iden-
tities (without proof) and formulated them in his letter to Hardy from India in
1913. Independently, being separated from England by the war, I. J. Schur found
the identities and published two different proofs in 1917. We refer an interested
reader to [2] for a detailed discussion and just state the amazing identities here.
s 
√ √
5+ 5 5 + 1 2π/5
[0; e−2π , e−4π , e−6π , e−8π , . . .] =  − e
2 2
s √ √ 
5− 5 5− 1
[1; e−π , e−2π , e−3π , e−4π , . . .] =  −  eπ/5
2 2
Exercises
1. Prove that ck really define a probability distribution, namely that

X
∞
ck = 1.
k=1
Chapter 7
Introduction to Analytic Number

Theory
The distribution of prime numbers has been the object of intense study by many
modern mathematicians. Gauss and Legendre conjectured the prime number the-
orem which states that the number of primes less than a positive number x is
asymptotic to x/logx as x approaches infinity. This conjecture was later proved
by Hadamard and Poisson. Their proof and many other proofs lead to the what is
known as Analytic Number theory.
In this chapter we demonstrate elementary theorems on primes and prove el-
ementary properties and results that will lead to the proof of the prime number
theorem.
7.1 Introduction
P∞
It is well known that the harmonic series n=1 n1 diverges. We therefore deter-
P
mine some asymptotic formulas that determines the growth of the n ≤x n1 . We
start by introducing Euler’s summation formula that will help us determine the
asymptotic formula.
137
138 CHAPTER 7. INTRODUCTION TO ANALYTIC NUMBER THEORY
We might ask the following question. What if the sum is taken over all the
primes. In this section, we show that the sum over the primes diverges as well.
We also show that an interesting product will also diverge. From the following
theorem, we can actually deduce that there are infinitely many primes.
Euler’s Summation Formula If f has a continuous derivative on an interval

[a, b] where a > 0, then
X Zb Z b
f (n) = f (t)dt + ({t})f 0 (t)dt + f (b){b}) − f (a)({a}).
a<n≤b a a (
where {t} denotes the fractional part of t.
For the proof of Euler’s summation formula see [3, Chapter 3].
Proposition 3. If x ≥ 1, we have that:

X1 1
= log x + γ + O
n≤x
n x
Proof. We use Euler’s summation formula by taking f (t) = 1/t. We then get
X1 Zx Z x
1 {t} 1
= dt − dt + 1 + O
n≤x
n 1 t 1 t 2 x
Z∞ Z∞
{t} {t}
= log x + 1 − 2 dt + dt + O 1
1 t x t2
x
Notice now that {t} ≤ t and hence the two improper integrals exist since they
are
dominated by integrals that converge. We therefore have
Z∞
{t} 1
0≤ 2 dt ≤ ,
x t x
we also let Z∞
{t}
γ = 1− dt
1 t2
7.1. INTRODUCTION 139
and we get the asymptotic formula. Notice that γ is called Euler’s constant.
Notice also that similar steps can be followed to find an asymptotic formulas
for other sums involving powers of n.
We now proceed to show that if we sum over the primes instead, we still get
a divergent series.
Pp p
Qp p
Theorem 82. Both 1 and 1 (1 − )
diverge.
Proof. Let x ≥ 2 and put

Y −1
X 1
P (x) = 1− 1 , S(x) =
p
p≤x p p≤x
Let 0 < u < 1 and m ∈ Z, we have

1 1 − um+1
> = 1 + u + ... + um .
1− u 1− u
Now taking u = 1p , we get
m
1 1 1
1 > 1+ + ... +
1−p p p
As a result, we have that

Y 1 1
P (x) > 1+ + ... + m
p p
p≤x
Choose m > 0 ∈ Z such that 2m−1 ≤ x ≤ 2m . Observe also that

Y 1 1 X 1
1 + + ... + m = 1+
p p pm1 p2m2 ...
p≤x pi ≤x 1
where 1 ≤ mi ≤ m . As a result, we get everyn 1 , n ∈ Z+ where each prime factor

of n is less than or equal to x(Exercise). Thus we have
Y 2X
1 X 1
m−1 [x/2]
1 1
1+ + ... + > >
p≤x
p pm n=1
n n=1
n
Taking the limit as x approaches infinity, we conclude that P (x) diverges.

We proceed now to prove that S(x) diverges. Notice that if u > 0, then
1
log(1/u 1) < u + + u3 + ...).
(u2 −
Thus we have 2
u2
log(1/u − 1) < u + (1/1 − u), 0 < u < 1.
2
We now let u = 1/p for each p ≤ x, then
1 1
log 1 − <
p 2p(p − 1)
1 − 1/p
Thus
X
log P (x) = log(1/1 − p).
p≤x
Thus we have
∞
1X 1 1X 1
log P (x) − S(x) < < n(n − 1)
2 p≤x p(p − 1) 2 n=1
This implies that

1
S(x) > log P (x) −
2
And thus S(x) diverges as x approaches infinity.
Theorem 83 (Abel’s Summation Formula). For any arithmetic function f (n), we

let
X
A(x) = f
(n)
n≤x
where A(x) = 0 for x < 1. Assume also that g has a continuous derivative on the
interval [y, x], where 0 < y < x. Then we have
X Zx
f (n)g(n) = A(x)g(x) − A(y)g(y) − A(t)g 0 (t)dt.
y<n≤x y
7.2. CHEBYSHEV’S FUNCTIONS 141
The proof of this theorem can be found in [3, Chapter 4].

Exercises
1. Show that one gets every 1 , n ∈ Z+ where each prime factor of n is less
n
than or equal to x in the proof of Theorem 1.
2. Write down the proof of Abel’s summation formula in details.
7.2 Chebyshev’s Functions

We introduce some number theoretic functions which play important role in the
distribution of primes. We also prove analytic results related to those functions.
We start by defining the Van-Mangolt function
Definition 5. Ω(n) = logp if n = pm and vanishes

otherwise.
We define also the following functions, the last two functions are called
Cheby- shev’s functions.
P
1. π(x) = p ≤x 1.
P
2. θ(x) = p≤x logp
P
3. ψ(x) = n ≤x Ω(n)
Notice that
X X
∞ X X
∞ X
ψ(x) = Ω(n) Ω(pm ) = logp.
=
n≤x
m=1, pm ≤x p m=1 p≤x1/m
Example 61. 1. π(10) = 4.
2. θ(10) = log2 + log3 + log5 + log7.
3. ψ(10) = log2 + log2 + log2 + log3 + log3 + log5 + log7

Remark 3. It is easy to see that
ψ(x) = θ(x) + θ(x1/2 ) + θ(x1/3 ) + ...θ(x1/m

)
where m ≤ log2 x. This remark is left as an exercise.
Notice that the above sum will be a finite sum since for some m, we have that
x1/m < 2 and thus θ(x1/m ) = 0.
We use Abel’s summation formula now to express the two functions π(x) and
θ(x) in terms of integrals.
Theorem 84. For x ≥ 2, we have
Zx
θ(x) = π(x) log x − π(t)
dt
2 t
and Zx
θ(x) θ(t)
π(x) = + dt.
log x 2 t log2 t
Proof. We define the characteristic function χ(n) to be 1 if n is prime and 0 oth-
erwise. As a result, we can see from the definition of π(x) and θ(x) that they can
be represented in terms of the characteristic function χ(n). This representation
will enable use to apply Abel’s summation formula where f (n) = χ(n) for θ(x)
and where f (n) = χ(n) log n for π(x). So we have,
X X
π(x) = χ(n) and θ(x) = χ(n) log n
1≤n/leqx 1≤n≤x
Now let g(x) = log x in Theorem 84 with y = 1 and we get the desired result for
the integral representation of θ(x). Similarly we let g(x) = 1/ log x with y =
3/2
and we obtain the desired result for π(x) since θ(t) = 0 for t < 2.
We now prove a theorem that relates the two Chebyshev’s functions θ(x) and
ψ(x). The following theorem states that if the limit of one of the two functions
θ(x)/x or ψ(x)/x exists then the limit of the other exists as well and the two
limits are equal.
7.3. GETTING CLOSER TO THE PROOF OF THE PRIME NUMBER THEOREM143
Theorem 85. For x > 0, we have

ψ(x) θ(x) (log x)2
0≤ − ≤ √ .
x x 2 x log 2
Proof. From Remark 4, it is easy to see that
0 ≤ ψ(x) − θ(x) = θ(x1/2 ) + θ(x1/3 ) + ...θ(x1/m )
where m ≤ log2 x. Moreover, we have that θ(x) ≤ x log x. The result will
follow after proving the inequality in Exercise 2.
Exercises
1. Show that
ψ(x) = θ(x) + θ(x1/2 ) + θ(x1/3 ) + ...θ(x1/m )
where m ≤ log2 x.
√ √
2. Show that 0 ≤ ψ(x) − θ(x) ≤ (log2 (x)) x log x and thus the result of
Theorem 86 follows.
3. Show that the following two relations are equivalent

x x
π(x) = +O
log x log2 x
θ(x) = x + O x
log x
7.3 Getting Closer to the Proof of the Prime Num-

ber Theorem
We know prove a theorem that is related to the defined functions above. Keep in
mind that the prime number theorem is given as follows:
π(x)logx
lim = 1.
x→∞ x
We now state equivalent forms of the prime number theorem.
Theorem 86. The following relations are equivalent
π(x) log x
lim =1 (7.1)
x→∞ x
θ(x)
lim =1 (7.2)
x→∞ x
ψ(x)
lim = 1. (7.3)
x→∞ x
Proof. We have proved in Theorem 86 that (7.2) and (7.3) are equivalent, so if
we show that (7.1) and (7.2) are equivalent, the proof will follow. Notice that
using the integral representations of the functions in Theorem 85, we obtain
Z
θ(x) π(x) log x 1 x π(t)
= − dt
x x x 2 t
and Z x
π(x) log x θ(x) log x θ(t)
= + dt.
x x x 2 t log2 t
Now to prove that (7.1) implies (7.2), we need to prove that
Z
1 x π(t)
lim dt = 0.
x→∞ x 2 t
π(t) 1
Notice also that (7.1) implies that t
=O log t
for t ≥ 2 and thus we have
Z x Z x
1 π(t) 1 dt
dt = O
x 2 t x 2 log t
Now once you show that (Exercise 1)
Zx √ √
dt x x− x
≤ + √ ,
2 log t log 2 log x
then (7.1) implies (7.2) will follow. We still need to show that (7.2) implies (7.1)
and thus we have to show that
Z x
log x θ(t)dt
lim = 0.
x→∞ x 2 t log2 t
Notice that θ(x) = O(x) and hence

Zx Z x
log x θ(t)dt log x dt
=O .
x 2 t log2 x 2 log2 t
t
Now once again we show that (Exercise 2)

Zx √ √
dt x x− x
2
≤ 2 + √
2 log t log 2 log2 x
then (7.2) implies (7.1) will follow.
Theorem 87. Define
π(x) π(x)
l1 = lim inf , L1 = lim sup ,
x→∞ x/logx x→∞ x/logx
θ(x) θ(x)
l2 = lim inf x , L2 = lim sup x ,
x→∞ x→∞
and
ψ(x) ψ(x)
l3 = lim inf , L3 = lim sup ,
x→∞ x x→∞ x
then l1 = l2 = l3 and L1 = L2 = L3
. Proof. Notice that
ψ(x) = θ(x) + θ(x1/2 ) + θ(x1/3 ) + ...θ(x1/m ) ≥ θ(x)
where m ≤ log2 x
Also,
X log x X log x
ψ(x) = log p≤ log p = log xπ(x).
p≤x
log p p≤x
log p
Thus we have
θ(x) ≤ ψ(x) ≤ π(x) log x
θ(x) ψ(x) π(x)
≤ ≤
x x x/ log x
and we get that L2 ≤ L3 ≤ L1 . We still need to prove that L1 ≤ L2 .
Let α be a real number where 0 < α < 1, we have
X X
θ(x) = log p ≥ log p
p≤x
X xα ≤p≤x
> α log x (log p > α log x)
xα ≤p≤x
= αlogx{π(x) − π(xα )}
However, π(xα ) ≤ xα . Hence
θ(x) > α log x{π(x) − xα }
As a result,
θ(x) απ(x) − αxα−1 log x
>
x x/ log x
Since limx→∞ α log x/x1−α = 0, then
π(x)
L2 ≥ α lim sup
x→∞ x/ log x
As a result, we get that

L2 ≥ αL1
As α → 1, we get L2 ≥ L1 .
Proving that l1 = l2 = l3 is left as an exercise.
We now present an inequality due to Chebyshev about π(x).
Theorem 88. There exist constants a < A such that

x x
a < π(x) < A
log x log x
for sufficiently large x.
Proof. Put
π(x) π(x)
l = lim inf , L = lim sup ,
x→∞ x/ log x x→∞ x/ log x
It will be sufficient to prove that L ≤ 4 log 2 and l ≥ log 2. Thus by Theorem
2, we have to prove that
θ(x) ≤ 4 log 2 (7.4)
lim sup
x→∞ x
and
ψ(x) ≥ log 2 (7.5)
lim inf
x→∞ x
To prove (7.4), notice that
(n + 1)(n + 2)...(n + n)
N = C (2n, n) = < 22n < (2n + 1)N
n!
Suppose now that p is a prime such that n < p < 2n and hence p | N . As a
result,
Q
we have N ≥ n<p<2n p. We get
N ≥ θ(2n) − θ(n).
Since N < 22n , we get that θ(2n) − θ(n) < 2n log 2. Put n = 1, 2, 22 , ..., 2m−1
where m is a positive integer. We get that
θ(2m ) < 2m−1 log 2.
Let x > 1 and choose m such that 2m−1 ≤ x ≤ 2m , we get that
θ(x) ≤ θ(2m ) ≤ 2m+1 log 2 ≤ 4x log 2
and we get (7.4) for all x.

We now prove (7.5). Notice that by Lemma 9, we have that the highest
(2n)!
power of a prime p dividing(n!)
N2 = is given by
X
µp
2n n
sp = i
−2 i .
i=11
p p
h i
log 2n
where µp = log . Thus we have N = p≤2n psp . If x is a positive integer then
Q p
[2x] − 2[x] < 2,

It means that [2x] − 2[x] is 0 or 1. Thus sp ≤ µp and we get
Y
N≤ pµp .
p≤e2n
Notice as well that

X log 2n X
ψ(2n) = log p = µp log p.
p≤2n
log p p≤2n
Hence we get
log N ≤ ψ(2n).
Using the fact that 22n < (2n + 1)N , we can see that
ψ(2n) > 2n log 2 − log(2n + 1).
x
Let x > 2 and put n = 2
≥ 1. Thus 2x − 1 < n < 2 x and we get 2n ≤ x. So we
get
ψ(x) ≥ ψ(2n) > 2n log 2 − log(2n + 1)

> (x − 2) log 2 − log(x +
1).
As a result, we get
ψ(x) ≥ log 2.
lim inf
x→∞ x
Exercises
1. Show that l1 = l2 = l3 in Theorem 88.
2. Show that Zx √ √
dt x x− x
≤ + √ ,
2 log t log 2 log x
3. Show that Zx √ √
dt x x− x
2
≤ 2 + √
2 log t log 2 log2 x
4. Show that
(n + 1)(n + 2)...(n + n)
N = C (2n, n) = < 22n < (2n + 1)N
n!
2n 2n
2√
5. Show that 2 n < N = C (2n, n) < √22n .
Hint: For one side of the inequality, write
N (2n)! 1.3.5....(2n − 1) 2.4.6.....(2n)

n
= 2n 2
= . ,
2 2 (n!) 2.4.6....(2n) 2.4.6...(2n)
then show that

N2 N2
1 > (2n + 1). > 2n. .
24n 24n
The other side of the inequality will follow with similar arithmetic tech-
niques as the first inequality.
Chapter 8
Other Topics in Number Theory
This chapter discusses various topics that are of profound interest in number the-
ory. Section 1 on cryptography is on an application of number theory in the field
of message decoding, while the other sections on elliptic curves and the Riemann
zeta function are deeply connected with number theory. The section on Fermat’s
last theorem is related, through Wile’s proof of Fermat’s conjecture on the non-
existence of integer solutions to xn + y n = z n for n > 2, to the field of elliptic
curves (and thus to section 2).
8.1 Cryptography
In this section we discuss some elementary aspects of cryptography, which con-
cerns the coding and decoding of messages. In cryptography, a (word) message
is transformed into a sequence a of integers, by replacing each letter in the
message by a specific and known set of integers that represent this letter, and
thus forming a large integer a by concatenation. Then this integer a is
transformed (i.e. coded) into another integer b by using a congruence of the
form b = ak (mod m) for some chosen k and m, as described below, with k
unknown except to the sender and receiver. b is then sent to the receiver who
decodes it into a again by using
151
152 CHAPTER 8. OTHER TOPICS IN NUMBER
THEORY
¯
a congruence of the form a = bk (mod m), where k¯ is related to k and is
itself only known to the sender and receiver, and then simply transforms the
integers in a back to letters and reveals the message again. In this procedure,
if a third party intercepts the integer b, the chance of transforming this into a,
even if m and the integers that represent the letters of the alphabet are exactly
known, is almost impossible to do (i.e. has a fantastically small probability of
being achieved) if k is not known, that practically the transformed message will
not be revealed except to the intended receiver.
The basic results on congruences to allow for the above procedure are in the
following two lemmata, where φ in the statements is Euler’s φ-function.
Lemma 16. Let a and m be two integers, with m positive and (a, m) = 1. If k
¯
and k¯ are positive integers with kk¯ = 1(mod φ(m)), then akk = a(mod
m).
Proof. = 1(mod φ(m)) thus kk¯ = qφ(m) + 1 (q ≥ 0). Hence akk

¯
=
kk¯
aqφ(m)+1 = aqφ(m) a. But by Euler’s Theorem, if (a, m) = 1 then aφ(m) =
1(mod m). This gives that
(aφ(m) )q a = 1(mod m)a = a(mod m), (8.1)

¯
and hence that akk = a(mod m), and the result follows.
We also need the following.
Lemma 17. Let m be a positive integer, and let r1 , r2 , · · · , rn be a reduced

residue system modulo m (i.e. with n = φ(m) and (ri , m) = 1 for i = 1, · · · ,
n). If k is an integer such that (k, φ(m)) = 1, then r k , rk , · · · , rk forms a
reduced residue
1 2 n
system modulo m.
Before giving the proof, one has to note that the above lemma is in fact an
if-and-only-if statement, i.e. (k, φ(m)) = 1 if and only if r k , r k , · · · , r k forms
a 1 2 n
reduced residue system modulo m. However we only need the if part, as in the
lemma.
8.1. CRYPTOGRAPHY 153
Proof. Assume first that (k, φ(m)) = 1. We show that r1k , 2r k , · · · n, r k is a reduced
residue system modulo m. Assume otherwise, i.e. assume that ∃i, j such that
rki = rkj (mod m), in which case rki and krj would belong to the same class and thus
rk1 , rk2 , · · · ,krn would not form a reduced residue system. Then, since (k, φ(m)) =
1, ∃k¯ with kk¯ = 1(mod φ(m)), and so
¯ ¯
r kki = ri (mod m) and rjkk = rj (mod m) (8.2)
¯ ¯
by the previous lemma. But if rik = rjk (mod m) then (rik )k = (r k k
j ) (mod m), and
¯ ¯
since r kk = r (mod m) and r kk = r (mod m), then = r (mod m) giving that r
r i i j j i j i
and rj belong to the same class modulo m, contradicting that r1 , r2 , · · · , rn form a

reduced residue system. Thus ri = rj implies that rik = rj k if (k, φ(m)) = 1.
Now to do cryptography, one proceeds as follows. Let S be a sentence given

in terms of letters and spaces between the words that is intended to be
transformed to a destination with the possibility of being intercepted and
revealed by a third party.
1. Transform S into a (large) integer a by replacing each letter and each space
between words by a certain representative integer (e.g. three or four digit
integers for each letter). a is formed by concatenating the representative
integers that are produced.
2. Choose a couple p1 and p2 of very large prime numbers, each (for

example) of the order of a hundred digit integer, and these should be
strictly kept known only to the sender and receiver. Then form the
product m = p1 p2 , which is itself a very large number to the point that the
chances of someone revealing the prime number factorization p1 p2 of m is
incredibly small, even if they know this integer m. Now one has, by
standard results concerning the φ-function, that φ(p1 ) = p1 − 1 and
φ(p2 ) = p2 − 1, and that, since p1 and p2 are relatively prime, φ(m) =
φ(p1 )φ(p2 ) = (p1 − 1)(p2 − 1). Thus φ(m) is a very large number, of
the order of m itself, and hence m
THEORY
has a reduced residue system that contains a very large number of integers
of the order of m itself. Hence almost every integer smaller than m, with
a probability of the order 1 − 1/10100 (almost 1), is in a reduced residue
system r1 , r2 , · · · , rφ(m) of m. Thus almost every positive integer
smaller than m is relatively prime with m, with probability of the order 1 −
1/10100 .
3. Now given that almost every positive integer smaller than m is relatively
prime with m, the integer a itself is almost certainly relatively prime with
m, and hence is in a reduced residue system for m. Hence, by lemma 17
above, if k is a (large) integer such that (k, φ(m)) = 1, then ak belongs to
a reduced residue system for m, and there exists a unique positive b
smaller than m with b = ak (mod m).
4. Send b to the destination where φ(m) and k are known. The destination can
determine a k¯ such that kk¯ = 1(mod φ(m)), and then finds the unique c
¯
such that c = bk (mod m). Now since, almost certainly, (a, m) = 1, then
¯ ¯ ¯
almost certainly c = a since c = bk (mod m) = (ak )k (mod m) = akk
(mod m), and which by lemma 16, is given by a(mod m) almost
certainly since (a, m) = 1 almost certainly. Now the destination
translates a back to letters and spaces to reveal the sentence S. Note
that if any third party intercepts b, they almost certainly cannot reveal
the integer a since the chance of them knowing φ(m) = p1 p2 is almost
zero, even if they know m and k. In this case they practically won’t be
able to determine a k¯ with kk¯ = 1(mod φ(m)), to retrieve a and
transform it to S.
8.2 Elliptic Curves

Elliptic curves in the xy-plane are the set of points (x, y) ∈ R × R that are the
zeros of special types of third order polynomials f (x, y), with real coefficients,
in the two variables x and y. These curves turn out to be of fundamental interest
8.2. ELLIPTIC CURVES 155
in analytic number theory. More generally, one can define similar curves over
arbitrary algebraic fields as follows. Let f (x, y) be a polynomial of any degree
in two variables x and y, with coefficients in an algebraic field F . We define
the algebraic curve Cf (F ) over the field F by
Cf (F ) = {(x, y) ∈ F × F : f (x, y) = 0 ∈ F }. (8.3)
Of course one can also similarly define the algebraic curve Cf (Q) over a field Q,
where Q is either a subfield of the field F where the coefficients of f exist, or is
an extension field of F . Thus if f ∈ F [x, y], and if Q is either an extension or
a subfield of F , then one can define Cf (Q) = {(x, y) ∈ Q × Q : f (x, y) = 0}.
Our main interest in this section will be in third order polynomials (cubic curves)
f (x, y) = ax3 + bx2 y + cxy 2 + dy 3 + ex2 + f xy + gy 2 + hx + iy + j, (8.4)
with coefficients in R, with the associated curves Cf (Q) over the field of rational
numbers Q ⊂ R. Thus, basically, we will be interested in points (x, y) ∈ R2
that have rational coordinates x and y, and called rational points, that satisfy
f (x, y) = 0. Of course one can first imagine the curve f (x, y) = 0 in R2 , i.e.
the curve Cf (R) over R, and then choosing the points on this curve that have ra-
tional coordinates. This can simply be expressed by writing that Cf (Q) ⊂ Cf (R).
It has to be mentioned that ”rational curves” Cf (Q) are related to diophantine
equations. This is in the sense that rational solutions to equations f (x, y) = 0
produce integer solutions to equations f 0 (x, y) = 0, where the polynomial f 0
is very closely related to the polynomial f , if not the same one in many cases.
For example every point in Cf (Q), where f (x, y) = xn + y n , i.e. every rational
solution to f (x, y) = xn + y n = 0, produces an integer solution to xn + y n =
0. Thus algebraic curves Cf (Q) can be of genuine interest in this sense.
In a possible procedure to construct the curve Cf (Q) for a polynomial f (x, y)
∈ R[x, y] with real coefficients, one considers the possibility that, given one
rational point (x, y) ∈ Cf (Q) ⊂ Cf (R), a straight line with a rational slope m
might
THEORY
intersect the curve Cf (R) in a point (x0 , y 0 ) that is also in Cf (Q). This possibility
comes from the simple fact that if (x, y), (x0 , y 0 ) ∈ Cf (Q), then the slope of the
straight line that joins (x, y) and (x0 , y 0 ) is a rational number. This technique, of
determining one point in Cf (Q) from another by using straight lines as
mentioned, works very well in some cases of polynomials, especially those of
second degree, and works reasonably well for third order polynomials.
Two aspects of this technique of using straight lines to determine points in
Cf (Q), and which will be needed for defining elliptic curves, are the following.
The first is illustrated by the following example.
Consider the polynomial f (x, y) = y 2 − x2 + y = (y − x + 1)(y + x).
The curve Cf (R) contains the two straight lines y = x − 1 and y = −x. The
point (2, 1) ∈ Cf (Q), and if one tries to find the intersection of the particular line
y = x − 1 that passes through (2, 1) with Cf (R), one finds that this includes the
whole line y = x − 1 itself, and not just one or two other points (for example).
This result is due to the fact that f is a reducible polynomial, i.e. that can be
factored in the form f = f 0 f 00 with f and f 00 not just real numbers.
In this direction one has the following general theorem concerning the
number of intersection points between a straight line L and an algebraic curve Cf
(R):
Theorem 89. If f ∈ R[x, y] is a polynomial of degree d, and the line L, which

is defined by the zeros of g(x, y) = y − mx − b ∈ R[x, y], are such that L ∩
Cf (R) contains more than d points (counting the multiplicities of intersections)
then in fact L = Cg (R) ⊂ Cf (R), and f can be written in the form f (x, y) =
g(x, y)p(x, y), where p(x, y) is some polynomial of degree d − 1.
In connection with the above theorem, and in defining an elliptic curve Cf

(R), where f is a polynomial of degree three, we shall require that this curve be
such that any straight line that passes through two points (x1 , y1 ), (x2 , y2 ) ∈ Cf
(R), where the two points could be the same point if the curve at one of them is
differ- entiable with the tangent at that point to the curve having same slope as
that of the
line, will also pass through a unique third point (x3 , y3 ). By the above theorem,
if a line intersects the curve Cf (R) associated with the third order polynomial f
in more than three points, then the line itself is a subset of Cf (R). This will be
excluded for the kind of third degree polynomials f whose associated algebraic
curves shall be called elliptic curves.
One other thing to be excluded, to have third order curves characterized as
elliptic curves, is the existence of singular points on the curve, where a singular
point is one where the curve does not admit a unique tangent.
It has to be mentioned that in the previous discussion, the points on the curve
Cf (R) may lie at infinity. To deal with this situation we assume that the curve is
in fact a curve in the real projective plane P2 (R). We now can define an elliptic
curve Cf (R) as being such that f (x, y) is an irreducible third order polynomial
with Cf (R) having no singular points in P2 (R).
The main idea behind the above definition for elliptic curves is to have a
curve whereby any two points A and B on the curve can determine a unique
third point, to be denoted by AB, using a straight line joining A and B. The
possibilities are as follows: If the line joining A and B is not tangent to the
curve Cf (R) at any point, then the line intersects the curve in exactly three
different points two of which are A and B while the third is AB. If the line
joining A and B is tangent to the curve at some point p then either this line
intersects Cf (R) in exactly two
points, p and some other point p0 , or intersects the curve in only one point p. If
the
line intersects Cf (R) in two points p and p0 , then either p = A = B in which
case AB = p0 , or A = B in which case (irrespective of whether p = A and p0 =
B or vice-versa) one would have p = AB. While if the line intersects Cf (R) in
only one point p then p = A = B = AB.
The above discussion establishes a binary operation on elliptic curves that
produces, for any two points A and B a uniquely defined third point AB. This
binary operation in turn produces, as will be described next, another binary
operation, denoted by +, that defines a group structure on Cf (R) that is
associated with the
THEORY
straight-line construction discussed so far.

A group structure on an elliptic curve Cf (R) is defined as follows: Consider
an arbitrary point, denoted by 0, on Cf (R). We define, for any two points A and
B on Cf (R), the point A + B by
A + B = 0(AB), (8.5)
meaning that we first determine the point AB as above, then we determine the
point 0(AB) corresponding to 0 and AB. Irrespective of the choice of the point
0, one has the following theorem on a group structure determined by + on Cf
(R).
Theorem 90. Let Cf (R) be an elliptic curve, and let 0 be any point on Cf (R).
Then the above binary operation + defines an Abelian group structure on Cf (R),
with 0 being the identity element and −A = A(00) for every point A.
The proof is very lengthy and can be found in [18]. We first note that if 0 and
0
0 are two different points on an elliptic curve with associated binary operations
+ and +0 , then one can easily show that for any two points A and
B
A +0 B = A + B − 00 . (8.6)
This shows that the various group structures that can be defined on an elliptic
curve
by considering all possible points 0 and associated operations +, are essentially
the same, up to a ”translation”.
Lemma 18. Consider the group structure on an elliptic curve Cf (R), correspond-
ing to an operation + with identity element 0. If the cubic polynomial f has
rational coefficients, then the subset Cf (Q) ⊂ Cf (R) of rational solutions to
f (x, y) = 0 forms a subgroup of Cf (R) if and only if 0 is itself a rational point
(i.e. a rational solution).
Proof. If Cf (Q) is a subgroup of Cf (R), then it must contain the identity 0, and
thus 0 would be a rational point. Conversely, assume that 0 is a rational point.
First, since f has rational coefficients, then for any two rational points A and B
in Cf (Q) one must have that AB is also rational, and thus (since 0 is assumed
rational) that 0(AB) is rational, making A + B = 0(AB) rational. Thus Cf (Q)
would be closed under +. Moreover, since for every A ∈ Cf (Q) one has that
−A = A(00), then −A is also rational, which makes Cf (Q) closed under inver-
sion. Hence Cf (Q) is a subgroup.
Thus by lemma 18, the set of all rational points on an elliptic curve form a
subgroup of the group determined by the curve and a point 0, if and only if
the identity element 0 is itself a rational point. In other words, one finds that if
the elliptic curve Cf (R) contains one rational point p, then there exists a group
structure on Cf (R), with 0 = p and the corresponding binary operation +, such
that the set Cf (Q) of all rational points on Cf (R) is a group.
One thing to note about rational solutions to general polynomial functions
f (x, y), is that they correspond to integer solution to a corresponding homoge-
neous polynomial h(X, Y, Z ) in three variables, and vice-verse, where homoge-
neous practically means that this function is a linear sum of terms each of which
has the same power when adding the powers of the variables involved in this
term. For example X Y 2 − 2X 3 + X Y Z + Z 3 is homogeneous.
In fact a rational solution x = a/b and y = c/d for f (x, y) = 0, where
a, b, c, d are integers, can first be written as x = ad/bd and y = cb/bd, and thus
one can always have this solution in the form x = X/Z and y = Y /Z ,
where X = ad, Y = cb and Z = bd. If x = X/Z and y = Y /Z are
replaced in f (x, y) = 0, one obtains a new version h(X, Y, Z ) = 0 of this
equation written in terms of the new variables X, Y, Z . One can immediately
see that this new polynomial function h(X, Y, Z ) is homogeneous in X, Y, Z .
The homogeneous function h(X, Y, Z ) in X, Y, Z is the form that f (x, y) takes
in projective space, where in this case the transformations x = X/Z and y = Y
/Z define the projective transformation that take f (x, y) to h(X, Y, Z ).
If we now go back to cubic equation f (x, y) = 0, one can transform this
160 CHAPTER 8. OTHER TOPICS IN NUMBER THEORY
function into its cubic homogeneous form h(X, Y, Z ) = 0,

where
h(X, Y, Z ) = aX 3 + bX 2 Y + cX Y 2 + dY 3 + eX 2 Z
+ f X Y Z + gY 2 Z + hX Z 2 + iY Z 2 + jZ 3 ,
(8.7)
by using the projective transformation x = X/Z and y = Y /Z . Then, by

impos- ing some conditions, such as requiring that the point (1, 0, 0) (in
projective space) satisfy this equation, and that the line tangent to the curve at
the point (1, 0, 0) be the Z -axis that intersects the curve in the point (0, 1, 0),
and that the X -axis is the line tangent to the curve at (0, 1, 0), then one can
immediately show that the homogeneous cubic equation above becomes of the
form
h(X, Y, Z ) = cX Y 2 + eX 2 Z + f X Y Z + hX Z 2 + iY Z 2 + jZ 3 .
(8.8)
Which, by using the projective transformation again, and using new coefficients,
gives that points on the curve Cf (R) are precisely those on the curve Ch (R),
where
h(x, y) = axy 2 + bx2 + cxy + dx + ey + f. (8.9)
And with further simple change of variables (consisting of polynomial functions

in x and y with rational coefficients) one obtains that the points on the curve Cf
(R) are precisely those on Cg (R) where
g(x, y) = y 2 − 4x3 + g2 x − g3 , (8.10)
i.e. that Cf (R) = Cg (R). The equation g(x, y) = 0, where g is given in (8.10),
is said to be the Weierstrass normal form of the equation f (x, y) = 0. Thus, in
particular, any elliptic curve defined by a cubic f , is birationally equivalent to
an elliptic curve defined by a polynomial g(x, y) as above. Birational
equivalence between curves is defined here as being a rational transformation,
together with its inverse transformation, that takes the points on one curve to
another, and vice- versa.
8.3. THE RIEMANN ZETA FUNCTION 161
8.3 The Riemann Zeta Function
The Riemann zeta function ζ (z) is an analytic function that is a very important
function in analytic number theory. It is (initially) defined in some domain in the
complex plane by the special type of Dirichlet series given by
X∞
1
ζ (z) = z
, (8.11)
n=1
n
where Re(z) > 1. It can be readily verified that the given series converges
locally uniformly, and thus that ζ (z) is indeed analytic in the domain in the
complex plane C defined by Re(z) > 1, and that this function does not have a
zero in this domain.
We first prove the following result which is called the Euler Product Formula.
Theorem 91. ζ (z), as defined by the series above, can be written in the
form
Y
∞
1
ζ (z) = , (8.12)
n=1 1 1
− pzn
where {pn } is the sequence of all prime numbers.
Proof. knowing that if |x| < 1 then
1 X
∞
xk ,
1− x = (8.13)
k=0
one finds that each term 1− 11z in ζ (z) is given by

pn
1 X
∞
1
= , (8.14)
1 1pnz pnkz
k=0
−
since every |1/pz | < 1 if Re(z) > 1. This gives that for any integer N
n
Y
N
1
N
Y 1
1
= 1+ + 2z + · · ·
n=1 1 1
pn pn
z
n=1
− pzn
X 1
= k z
(8.15)
pkn11z · · · pni
j
X 1
=
nz
where i ranges over 1, · · · , N , and j ranges from 0 to ∞, and thus the integers
n in the third line above range over all integers whose prime number
factorization consist of a product of powers of the primes p1 = 2, · · · , pN . Also
note that each such integer n appears only once in the sum above.
Now since the series in the definition of ζ (z) converges absolutely and the
order of the terms in the sum does not matter for the limit, and since, eventu-
ally, every integer n appears on the right hand side of 8.15 as N −→ ∞, then
P
limN →∞ z N = ζ (z). Moreover, limN →∞ n=1 exists, and the re-
1
Q N 1
n 1− p1z
sult follows. n
The Riemann zeta function ζ (z) as defined through the special Dirichlet
series above, can be continued analytically to an analytic function through out
the complex plane C except to the point z = 1, where the continued function
has a pole of order 1. Thus the continuation of ζ (z) produces a meromorphic
function in C with a simple pole at 1. The following theorem gives this result.
Theorem 92. ζ (z), as defined above, can be continued meromorphically in C,

and can be written in the form ζ (z) = z−11 + f (z), where f (z) is entire.
Given this continuation of ζ (z), and also given the functional equation that
is satisfied by this continued function, and which is
πz
ζ (z) = 2z π z−1 sin 2 Γ(1 − z)ζ (1 − z), (8.16)
8.3. THE RIEMANN ZETA FUNCTION 163
(see a proof in [3]), where Γ is the complex gamma function, one can deduce that
the continued ζ (z) has zeros at the points z = −2, −4, −6, · · · on the
negative real axis. This follows as such: The complex gamma function Γ(z)
has poles at the points z = −1, −2, −3, · · · on the negative real line, and thus
Γ(1 − z) must have poles at z = 2, 3, · · · on the positive real axis. And since ζ
πz
(z) is analytic at these points, then it must be2 that either sin or ζ (1 − z)
must have zeros at the points z = 2, 3, · · · to cancel out the poles of Γ(1 − z),
πz
and thus make ζ (z) analytic at these points.
2
And since sin has zeros at z
= 2, 4, · · · , but not at z = 3, 5, · · · , then it must be that ζ (1 − z) has zeros at
z = 3, 5, · · · . This gives that ζ (z) has zeros at z = −2, −4, −6 · · · .
It also follows from the above functional equation, and from the above men-
tioned fact that ζ (z) has no zeros in the domain where Re(z) > 1, that these
zeros at z = −2, −4, −6 · · · of ζ (z) are the only zeros that have real parts
either less that 0, or greater than 1. It was conjectured by Riemann, The
Riemann Hypothe- sis, that every other zero of ζ (z) in the remaining strip 0 ≤
Re(z) ≤ 1, all exist on the vertical line Re(z) = 1/2. This hypothesis was
checked for zeros in this strip with very large modulus, but remains without a
general proof. It is thought that the consequence of the Riemann hypothesis on
number theory, provided it turns out to be true, is immense.
Bibliography
[1] George E. Andrews, Number Theory, Dover, New York, 1994.
[2] George E. Andrews, The Theory of Partitions. Reprint of the 1976

original., Cambridge Mathematical Library. Cambridge University Press,
Cambridge,
1998
[3] Tom M. Apostol, Introduction to Analytic Number Theory. Springer, New

York, 1976.
[4] A. Baker, Transcendantal Number Theory, Cambridge University Press

(London), 1975.
[5] J.W.S. Cassels, An introduction to the Geometry of Numbers, Springer-

Verlag (Berlin), 1971.
[6] H. Davenport, Multiplicative Number Theory, 2nd edition, Springer-Verlag

(New York), 1980.
165
166 BIBLIOGRAPHY
[7] H. Davenport, The higher Arithmetic: an introduction to the Theory of

Numbers, 7th edition, Cambridge University Press 1999.
[8] H.M. Edwards, Riemann’s Zeta Function, Dover, New York, 2001.
[9] E. Grosswald, Topics from the Theory of Numbers. New York: The
Macmil- lan Co. (1966).
[10] G.H. Hardy and E.M. Wright, An Introduction to the Theory of Numbers,
5th ed. Oxford University Press, Oxford, 1979.
[11] K.F. Ireland and M. Rosen, A Classical Introduction to Modern Number

Theory, Springer-Verlag (New York), 1982.
[12] A. Ya. Khinchin, Continued fractions. With a preface by B. V. Gnedenko.

Translated from the third (1961) Russian edition. Reprint of the 1964
translation. Dover Publications, Inc., Mineola, NY, 1997.
[13] M.I. Knopp, Modular Functions in Analytic Number Theory, Markham,

Chicago 1970.
[14] E. Landau, Elementary Number Theory, Chelsea (New York), 1958.
[15] W.J. Leveque, Elementary Theory of Numbers, Dover, New York, 1990.
BIBLIOGRAPHY 167
[16] W.J. Leveque, Fundamentals of Number Theory, Dover, New York, 1996.
[17] T. Nagell, Introduction to Number Theory, Chelsea (New York), 1981.
[18] I. Niven, H.L. Montgomery and H.S. Zuckerman, An Introduction to the

Theory of Numbers, 5th edition, John Wiley and Sons 1991.
[19] A. J. Van der Poorten, Continued fraction expansions of values of the

exponential function and related fun with continued fractions, Nieuw Arch.
Wisk. (4) 14 (1996), no. 2, 221–230.
[20] H. Rademacher, Lectures on Elementary Number Theory. Krieger, 1977.
[21] Kenneth H. Rosen, Elementary Number Theory and its Applications. Fifth
Edition. Pearson, Addison Wesley, USA, 2005.
168 BIBLIOGRAPHY
Index
Abel Summation Formula, 140 Diophantine Equations, 43

Analytic Number Theory, 137 Dirichlet’s Theorem, 39
Arithmetic Function, 70 Distributivity, 8
Arnold, 134 Divisibility, 13
Associativity, 8 Division Algorithm, 15, 24
asymptotic, 48
Elliptic Curve, 157
Base Expansion, 17 Euclidean Algorithm, 24
best approximation, 130 Euler φ Function, 59
Binary Representation, 19 Euler Constant, 138
Euler Criterion, 107
Chebyshev’s Functions, 141
Euler Product Formula, 161
Chinese Remainder Theorem, 62
Euler Summation Formula, 138
Commutativity, 8
Euler’s Constant, 139
Complete Residue System, 57
Euler’s Criterion, 107
Completely Multiplicative, 70
Euler’s Theorem, 66
Composite Integers, 32
Congruence, 51 factor, 13
Continued Fractions, 123 Factorization, 35
Convergents, 126 Fermat Numbers, 85
Cryptography, 151 Fermat’s Theorem, 67
Cubic Curves, 155 Fibonacci Sequence, 28
Fundamental Theorem of Arithmetic, 36
Decimal Notation, 17
Decomposition, 69 Gauss, 133
169
170 INDEX
Gauss’s Lemma, 110 Opperman Conjecture, 50

Goldbach’s Conjecture, 50 Order of Integers, 90
Good Approximation, 130
Pairwise Prime, 23
Greatest Common Divisor, 20
Perfect Numbers, 82
Identity Elements, 9 Pigeonhole Principle, 10
Incongruent Integers, 57 Polignac Conjecture, 50
Inverse, 61 Polynomials, 28
Prime Number Theorem, 49
Jacobi Symbol, 116
Prime Numbers, 31
Kuzmin, 133 Primitive Roots, 91
Probability, 134
Lagrange’s Theorem, 94
Proof by Contradiction, 10
Lame’s Theorem, 28
Proof by Induction, 11
Least Common Multiple, 40
Legendre Symbol, 106 Quadratic Reciprocity, 114
Linear Congruence, 59 Quadratic Residue, 105
Linear Equation, 43
Rational Curves, 155
Mathematical Induction, 10 Rational Number, 124
Mersenne Numbers, 84 Reduced Residue System, 57
Mersenne Primes, 84 Relatively Prime, 20
Mobius Function, 80 Residue Systems, 57
Mobius Inversion Formula, 81 Riemann Hypothesis, 163
Modular Inverse, 61 Riemann Zeta Function, 161
Modulo, 51
Simple Continued Fraction, 122
Multiple, 13
small-oh, 47
Multiplicative Function, 70
Square-Free, 79
Mutually Relatively Prime, 23
Strong Induction, 12
Nonresidue, 105 Summatory Function, 71
INDEX 171
The Function [x], 46

The Number of Divisor Function, 77
The Sieve of Eratosthenes, 32
The Sum of Divisors Function, 76
Twin Prime Conjecture, 50
Van-Mangolt Function, 141
Well Ordering Principle, 10

Wilson’s Theorem, 65

0 Notes2 MemoryCPU

Uploaded by

Copyright:

Available Formats

0 Notes2 MemoryCPU

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

0 Notes2 MemoryCPU

Uploaded by

Copyright:

Available Formats

An Introductory Course in Elementary

2.5 Linear Diophantine Equations . . . . . . . . . . . . . . . . . . . 43

4 Multiplicative Number Theoretic Functions 69

5 Primitive Roots and Quadratic Residues 89

5.6 The Law of Quadratic Reciprocity . . . . . . . . . . . . . . . . . 112

6 Introduction to Continued Fractions 121

7 Introduction to Analytic Number Theory 137

8 Other Topics in Number Theory 151

1.1 Algebraic Operations With Integers

Z = {..., −4, −3, −2, −1, 0, 1, 2, 3, 4, ...}. (1.1)

While the set of all positive integers, denoted by N, is defined by

N = {1, 2, 3, 4, ...}. (1.2)

On Z, there are two basic binary operations, namely addition (denoted by +)

1. The Commutativity property for addition and multiplication

2. Associativity property for addition and multiplication

3. The distributivity property of multiplication over addition

1.2 The Well Ordering Principle and Mathematical

1.2.1 The Well Ordering Principle

1.2.2 The Pigeonhole Principle

1.2.3 The Principle of Mathematical Induction

Theorem 1. The First Principle of Mathematical Induction: If a set of positive

We use the well ordering principle to prove the first principle of

We now present some examples in which we use the principle of induction.

First note that

to complete the proof by induction. Indeed

and the result follows.

Example 2. Use mathematical induction to prove that n! ≤ nn for all positive

Note that 1! = 1 ≤ 11 = 1. We now present the inductive step. Suppose that

for some n, we prove that (n + 1)! ≤ (n + 1)n+1 . Note

(n + 1)! = (n + 1)n! ≤ (n + 1).nn < (n + 1)(n + 1)n = (n + 1)n+1

This completes the proof.

Theorem 2. The Second Principle of Mathematical Induction: A set of positive

The second principle of induction is also known as the principle of strong

6. Use mathematical induction to prove that 2n < n! for n ≥ 4.

7. Use mathematical induction to prove that n2 < n! for n ≥ 4.

1.3 Divisibility and the Division Algorithm

1.3.1 Integer Divisibility

If a divides b, we also say ”a is a factor of b” or ”b is a multiple of a” and we

b) ∀a ∈ Z one has that a | 0.

Theorem 3. If a, b and c are integers such that a | b and b | c, then a | c.

Example 4. Since 6 | 18 and 18 | 36, then 6 | 36.

Theorem 4. If a, b, c, m and n are integers, and if c | a and c | b, then c |

ma + nb = mk1 c + nk2 c = c(mk1 + nk2 ),

and hence c | (ma + nb).

Theorem 4 can be generalized to any finite linear combination as follows. If

for any set of integers k1 , · · · , kn ∈ Z. It would be a nice exercise to prove the

1.3.2 The Division Algorithm

Proof. Consider the set A = {a − bk ≥ 0 | k ∈ Z}. Note that A is nonempty

This leads to a contradiction since r is assumed to be the least positive integer of

Thus we get that

And since − max(r1 , r2 ) ≤ |r2 − r1 | ≤ max(r1 , r2 ), and b > max(r1 , r2 ), then

5. Show that if a and b are positive integers and a | b, then a ≤ b.

8. Show that if m is an integer then 3 divides m3 − m.

9. Show that the square of every odd integer is of the form 8m + 1.

11. Show that if ac | bc, then a | b.

12. Show that if a | b and b | a then a = ±b.

1.4 Representations of Integers in Different Bases

m = al bl + al−1 bl−1 + ... + a1 b + a0 ,