CS 70
Discrete Mathematics for CS
Spring 2005
Clancy/Wagner
Notes 12
RSA and the Chinese remainder theorem
The Chinese remainder theorem
Suppose we have a system of simultaneous equations, like maybe this one:
x
≡
2
(
mod 5
)
x
≡
5
(
mod 7
)
What can we say about
x
? Well, notice that one solution is
x
=
12;
x
=
12 satisfies both equations. This
is not the only solution: for instance,
x
=
12
+
35 also works, as does
x
=
12
+
70,
x
=
12
+
105, and
so on. Evidently adding any multiple of 35 to any solution gives another valid solution, so we might as
well summarize this state of affairs by saying that
x
≡
12
(
mod 35
)
is one solution of the above system of
equations.
What about other solutions? For this example, there are no other solutions; every solution is of the form
x
≡
12
(
mod 35
)
. Why not? Well, suppose
x
and
x
0
are two valid solutions. From the first equation, we
know that
x
≡
2
(
mod 5
)
and
x
0
≡
2
(
mod 5
)
, so we must have
x
≡
x
0
(
mod 5
)
. Similarly
x
≡
x
0
(
mod 7
)
.
But the former means that 5 is a divisor of
x

x
0
, and the latter means that 7 is a divisor of
x

x
0
, so
x

x
0
must be a multiple of 35 (here we have used that gcd
(
5
,
7
) =
1), which in turn means that
x
≡
x
0
(
mod 35
)
.
In other words, all solutions are the same modulo 35: or, equivalently, if all we care about is
x
mod 35, the
solution is unique.
You can check that the same would be true if we replaced the numbers 5
,
7
,
2
,
5 above by any others. The
only thing we used is that gcd
(
5
,
7
) =
1.
Here is the generalization: