6/21/01
Last time we summarized RSA encryption. One of the main reasons that RSA works is
Euler’s Theorem, which was simply stated in the last lecture. This time, we’ll prove it:
Euler’s Theorem:
If gcd(a,n) = 1, then a
φ
(n)
≡
1 (mod n).
Definition of a reduced residue system modulo n:
A set of
φ
(n) numbers r
1
, r
2
, r
3
, .
.. r
φ
(n)
such that r
i
≠
r
j
, for all 1
≤
i < j
≤
φ
(n) with gcd(r
i
, n) = 1 for all 1
≤
i
≤
φ
(n).
Theorem about reduced residue systems:
If r
1
, r
2
, r
3
, .
.. r
φ
(n)
is a reduced residue system
modulo n, and gcd(a,n) = 1, then ar
1
, ar
2
, ar
3
, .
.. ar
φ
(n)
is ALSO a reduced residue system
modulo n.
Proof:
We need to prove two things in order to verify the theorem above:
1) ar
i
≠
ar
j
, for all 1
≤
i < j
≤
φ
(n)
2) gcd(ar
i
, n) = 1 for all 1
≤
i
≤
φ
(n)
Proof of 1:
Assume to the contrary that there exist distinct integers i and j such that ar
i
≡
ar
j
(mod n).
We can deduce the following:
ar
i
≡
ar
j
(mod n)
(ar
i
- ar
j
)
≡
0(mod n).
n | (a(r
i
– r
j
))
We know that gcd(a,n) = 1. Thus, based on a theorem proved earlier, it follows that
n | (r
i
– r
j
). But, this infers that r
i
≡
r
j
(mod n). This contradicts our premise that r
1
, r
2
,
r
3
, .
.. r
φ
(n)
is a reduced residue system modulo n. Thus, we can conclude that ar
i
≠
ar
j
, for
all 1
≤
i < j
≤
φ
(n).
Proof of 2:
Since gcd(a,n)=1 and gcd(r
i
,n)=1, it follows that n shares no common factors with a or r
i
.
Thus, it shares no common factors with their product and we can conclude that gcd(ar