This preview shows pages 1–7. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: Introduction to Number Theory 2 c circlecopyrt Eli Biham  August 18, 2010 346 Introduction to Number Theory 2 (12) Quadratic Residues Definition : The numbers 0 2 , 1 2 , 2 2 , . . . , ( n − 1) 2 mod n , are called quadratic residues modulo n . Numbers which are not quadratic residues modulo n are called quadratic nonresidues modulo n . Example : Modulo 11: i 0 1 2 3 4 5 6 7 8 9 10 i 2 mod 11 0 1 4 9 5 3 3 5 9 4 1 There are six quadratic residues modulo 11: 0, 1, 3, 4, 5, and 9. There are five quadratic nonresidues modulo 11: 2, 6, 7, 8, 10. c circlecopyrt Eli Biham  August 18, 2010 347 Introduction to Number Theory 2 (12) Quadratic Residues (cont.) Lemma : Let p be prime. Exactly half of the numbers in Z ∗ p are quadratic residues. With 0, exactly p +1 2 numbers in Z p are quadratic residues. Proof : There are at most p +1 2 quadratic residues, since 2 1 2 ≡ ( p − 1) 2 (mod p ) 2 2 ≡ ( p − 2) 2 (mod p ) . . . i 2 ≡ ( p − i ) 2 (mod p ) ∀ i . . . Thus, all the elements in Z p span at most p +1 2 quadratic residues. There are at least p +1 2 quadratic residues, otherwise, for some i negationslash = j ≤ p − 1 2 it holds that i 2 = ( p − i ) 2 = j 2 = ( p − j ) 2 , in contrast to Lagrange theorem that states that the equation x 2 − i 2 = 0 has at most two solutions (mod p ). c circlecopyrt Eli Biham  August 18, 2010 348 Introduction to Number Theory 2 (12) Quadratic Residues (cont.) Since Z ∗ p is cyclic, there is a generator. Let g be a generator of Z ∗ p . 1. g is a quadratic nonresidue modulo p , since otherwise there is some b such that b 2 ≡ g (mod p ). Clearly, b p − 1 ≡ 1 (mod p ), and thus g p − 1 2 ≡ b p − 1 ≡ 1 (mod p ). However, the order of g is p − 1. Contradiction. 2. g 2 , g 4 , . . . , g ( p − 1) mod p are quadratic residues, and are distinct, therefore, there are at least p − 1 2 quadratic residues. 3. g, g 3 , g 5 , . . . , g ( p − 2) mod p are quadratic nonresidues, since if any of them is a quadratic residue, g is also a quadratic residue. QED c circlecopyrt Eli Biham  August 18, 2010 349 Introduction to Number Theory 2 (12) Euler’s Criterion Theorem : Let p negationslash = 2 be a prime, and let a ∈ Z ∗ p . Then, a is a quadratic residue modulo p iff a p − 1 2 ≡ 1 (mod p ). Proof : ( ⇒ ) If a is a quadratic residue, there is some b such that a ≡ b 2 (mod p ). Thus, a p − 1 2 ≡ ( b 2 ) p − 1 2 ≡ b p − 1 ≡ 1 (mod p ) . c circlecopyrt Eli Biham  August 18, 2010 350 Introduction to Number Theory 2 (12) Euler’s Criterion (cont.) ( ⇐ ) If a is a quadratic nonresidue: For any r there is a unique s such that rs ≡ a (mod p ), i.e., s = ar − 1 , and there is no r ∗ negationslash = r such that s = ar ∗ − 1 ....
View
Full
Document
 Spring '11
 YanivCarmeli

Click to edit the document details