Simple group theory, and the groups Z_n and Z_n^* ------------------------------------------------- Def: A group G is a set (sometimes also denoted G, for simplicity) together with an operation + : G x G -> G such that: 1. for all a,b,c in G, (a+b)+c = a+(b+c) // associativity 2. there exists in G an element, denoted 0, such that, for all a in G, a+0=0+a = a // existence of an identity 3. for every element a in G there exists an element a' in G such that a + a' = a' + a = 0 // existence of inverses Here we have denoted our group operation by +. Normally we only use that symbol if the group is "commutative": 4. for all a,b in G, a+b = b+a. Central Example: Z_n: Let n>=1 be a number. Then Z_n is the group whose elements are {0,1,...,n-1} and where a + b is defined as (a + b) mod n. /|\ /|\ | | the group operation ordinary integer addition Check: Z_n is a group. Sometimes we represent the group operation multiplicatively (a * sign, a dot, or no symbol at all). This makes no difference; it is just a symbol. In multiplicative notation, the group axioms become: 1. for all a,b,c in G, (ab)c = a(bc) // associativity 2. there exists in G an element, denoted 1, such that, for all a in G, a1=1a = a // existence of an identity 3. for every element a in G there exists an element a' in G such that aa' = a'a = 1 // existence of inverses Another group: Fix n>=2. Then Z_n^* is a group, called "the multiplicative subgroup of integers modulo n". As a set, this is all the numbers a between 1 and n which are relatively prime to n: that is, gcd(a,n)=1. Eg: Z_12^* = {1,5,7,11} The operation is multiplication modulo n: a * b is defined as (a * b) mod n /|\ /|\ | | the group operation ordinary integer multiplication We checked that this really is a group: 0. multiplication really takes you back to a group element: if gcd(a,n)=gcd(b,n)=1 then gcd(ab,n)=1. (Here we are checking that the function * really has the claimed domain and range. I've warned you to always check that your functions are well-defined. This is an example!) 1. associativity: easy 2. existence of an identity: easy 3. existence of an inverse: this is the most interesting. Using Euclid's algorithm we know that for any a such that gcd(a,n)=1, we can find x, y such that ax + bn = 1 (in the integers). Take "mod n" of both sides. Now we are living inside the group Z_n, and so so ax + bn = 1 (mod n). Understand (mod n) to be a reminder of the group we are living in. But bn = 0 (mod n), so ax = 1 (mod n). In other words, the "x" which is found by Euclid's algorithm is the inverse to a in Z_n^*. Wednesday's lecture ................... More examples of groups: , Not groups: , G is finite if G as a set is finite, infinite otherwise. a^i denotes a multiplied by itself i-1 times (a^0=1, and a^{-i} = (a^i)^{-1}). All this in multiplicative notation. Theorem [Lagrange's Theorem (or a corollary of Lagrange's theorem!)] Let G be a finite group, and let a \in G. Then a^{|G|} = 1. Corollary [Fermat's Little Theorem] Let p be a prime and let $1\le a < p$. Then a^{p-1} = 1 (mod p). You get this by just looking at the group Z_p^*, which has p-1 elements when p is prime. As a consequence, we have a simple "heuristic" test for primality: Given a number n, test if 2^{n-1}=1 (mod n). If it is, answer "Prime (I think)"; if it isn't answer "Composite". We know that if n is prime, the algorithm answers "Prime". Therefore when the algorithm answers "Composite" it is always right. Experiments, and supporting number theory, suggest that there are very few numbers for which the algorithm is wrong. For homework you were asked to find all the numbers < 10000 for which the above test makes a mistake.