Tricki
a repository of mathematical know-how

Use the fact that the multiplicative group mod p is cyclic

Quick description

Many results about arithmetic modulo a prime p that might seem hard follow naturally and easily from the (non-obvious) fact that the group of non-zero integers mod p under multiplication is cyclic.

Prerequisites

This article is aimed at somebody who is meeting modular arithmetic and elementary number theory for the first time. The basic definitions and results are assumed, as is the definition of a cyclic group.

General discussion

Let n be a prime number. Then integers mod n can be added and multiplied. Under addition, the integers mod n form a cyclic group, since they are all generated by the number 1. If n is a prime, in which case it is more usual to call it p, then the non-zero integers mod p form a group under multiplication as well: this is a much less obvious fact. The group axioms are easy to check, with the exception of the axiom that every element has an inverse. To see why this is the case, note that if p is prime and a is not a multiple of p, then (a,p)=1, so there exist integers h and k such that ah+kp=1, which tells us that ah\equiv 1 \pmod p. Thus, h is a multiplicative inverse for a.

The theme of this article is that the non-zero integers mod p do not just form a group: they form a cyclic group. Moreover, the fact that they form a cyclic group is a fact that can be used. It is the latter that makes this topic appropriate for a Tricki article: however, the proof that the group is cyclic itself uses several beautiful and generalizable techniques, so we include it in an appendix.

One final remark: the results we prove here can also be proved without using the fact that the multiplicative group mod p is cyclic. Since it takes a little work to prove that it is cyclic, there is a case for preferring the more elementary arguments. The merit of using the fact that the multiplicative group is cyclic is not that it gives the best proof of any individual result. But once you know that it is cyclic, a number of results follow very easily, so this approach has the effect of unifying a number of disparate facts and making their proofs seem less ad hoc.

Example 1: The multiplicativity of the Legendre symbol and Euler's criterion

A non-zero integer a mod p is called a quadratic residue if there is some b such that b^2\equiv a \pmod p. The Legendre symbol \left(\frac ap\right) is defined to be 1 if a is a quadratic residue and -1 if a is a quadratic non-residue.

An important fact about the Legendre symbol is that it is multiplicative: that is, \left(\frac ap\right)\left(\frac bp\right)=\left(\frac {ab}p\right). Another well-known result is Euler's criterion, which states that \left(\frac ap\right)\equiv a^{(p-1)/2}. Let us see why both these results are obvious if the multiplicative group mod p is cyclic (which it is).

To say that the multiplicative group is cyclic is to say that there is a generator. In other words, there exists a non-zero integer x such that every integer mod p is congruent to some power of x. This implies that the non-zero integers mod p are 1,x,x^2,x^3,\dots,x^{p-2}, since if any two of these were the same then there would be fewer than p-1 distinct powers of x and x would not be a generator. Furthermore, x^{p-1}\equiv 1, either by Fermat's little theorem, or by the observation that x^{p-1} cannot be congruent to x^t for some t between 1 and p-2 without x^{t-1} being congruent to x^{p-2}, which we have argued is not the case.

Looked at from this perspective, the quadratic residues mod p are just the even powers of x. Why? Well, let a be a quadratic residue. We know that we can write a as x^t for some t between 0 and p-2. If a is a quadratic residue, then there exists b such that b^2=a, and b can be written as x^s with s between 0 and p-2. Therefore, x^t=x^{2s}. If s<(p-1)/2, then this proves that t=2s, so t is even. If s>(p-1)/2, then x^{2s}\equiv x^{2s-p+1}, so t=2s-p+1, which is again even. (To put this more neatly, one might say that the quadratic residues are the numbers of the form x^t where t is a multiple of 2 in the additive group mod p-1. But since p-1 is even, the least residue of such a t must be even.) Conversely, if t is even, then x^t is obviously a quadratic residue, since it is the square of x^{t/2}. This proves that there are precisely (p-1)/2 quadratic residues.

Why is the Legendre symbol multiplicative? Because the above reasoning shows that \left(\frac {x^t}p\right)=(-1)^t.

Why does Euler's criterion hold? Well, x^{(p-1)/2}\not\equiv 1 but (x^{(p-1)/2})^2\equiv 1, and the roots of u^2\equiv 1 are u\equiv\pm 1, so x^{(p-1)/2}\equiv -1. And then we see that (x^t)^{(p-1)/2}=(x^{(p-1)/2})^t\equiv(-1)^t=\left(\frac {x^t}p\right).

General discussion

What we are doing is looking at the integers mod p on a "logarithmic scale". We take what is known as the discrete logarithm (base x), and difficult-looking multiplicative facts turn into easy-looking additive facts.

Example 2: The number of cubes mod p

How many cubic residues are there mod p? The answer turns out to be that if p-1 is a multiple of 3 then there are (p-1)/3 of them, and otherwise there are p-1.

To see this, let x be a generator of the multiplicative group. The cubic residues are all numbers of the form x^{3t} for some integer t. So how many of these are there that are distinct mod p? To answer that, let us answer the following question: for which values of s is it possible to find t such that x^{3t}\equiv x^s?

To answer this question, we note that x^{3t}\equiv x^s if and only if 3t\equiv s mod p-1. If 3 is not a factor of p-1 then 3 is invertible mod p-1 so the congruence 3t\equiv s mod p-1 is soluble for every s. Therefore, there are p-1 cubic residues. If 3 is a factor of p-1, then the distinct multiples of 3 mod p-1 are 0,3,6,\dots,p-4, of which there are (p-1)/3. And the result is proved.

Appendix

Not yet written.