Prof. Tim Gowers’ on recognising countable sets

In a fragment of a letter in all probability to Father Marin Mersenne in 1643, Fermat described a technique of his for factoring large numbers. This represented the first real improvement over the classical method of attempting to find a factor of n by dividing by all primes not exceeding $\sqrt{n}$ . Fermat’s factorization scheme has at its heart the observation that the search for factors of an odd integer n (because powers of 2 are easily recognizable and may be removed at the outset, there is no loss in assuming that n is odd) is equivalent to obtaining integral solutions of x and y of the equation $n = x^{2} - y^{2}$ .

If n is the difference of two squares, then it is apparent that n can be factored as $n = x^{2}-y^{2} = (x+y)(x-y)$ .

Conversely, when n has the factorization $n=ab$ , with $a \geq b \geq 1$ , then we may write $n = (\frac{a+b}{2})^{2}-(\frac{a-b}{2})^{2}$

Moreover, because n is taken to be an odd integer, a and b are themselves odd, hence, $\frac{a+b}{2}$ and $\frac{a-b}{2}$ will be nonnegative integers.

One begins the search for possible x and y satisfying the equation $n=x^{2}-y^{2}$ or what is the same thing, the equation $x^{2}-n=y^{2}$ by first determining the smallest integer k for which $k^{2} \geq n$ . Now, look successively at the numbers $k^{2}-n$ , $(k+1)^{2}-n$ , $(k+2)^{2}-n$ , $(k+3)^{2}-n$ , $\ldots$ until a value of $m \geq n$ is found making $m^{2}-n$ a square. The process cannot go on indefinitely, because we eventually arrive at $(\frac{n+1}{2})^{2}-n=(\frac{n-1}{2})^{2}$ the representation of n corresponding to the trivial factorization $n=n.1$ . If this point is reached without a square difference having been discovered earlier, then n has no other factors other than n and 1, in which case it is a prime.

Fermat used the procedure just described to factor $2027651281=44021.46061$ in only 11 steps, as compared with making 4580 divisions by the odd primes up to 44021. This was probably a favourable case designed on purpose to show the chief virtue of this method: it does not require one to know all the primes less than $\sqrt{n}$ to find factors of n.

$\bf{Example}$

To illustrate the application of Fermat’s method, let us factor the integer $n=119143$ . From a table of squares, we find that $345^{2}<119143<346^{2}$ ; thus it suffices to consider values of $k^{2}-119143$ for those k that satisfy the inequality $346 \leq k < (119143+1)/2=59572$ . The calculations begin as follows:

$346^{2}-119143=119716-119143=573$

$347^{2}-119143=120409-119143=1266$

$348^{2}-119143=121104-119143=1961$

$349^{2}-119143=121801-119143=2658$

$350^{2}-119143=122500-119143=3357$

$351^{2}-119143=123201-119143=4058$

$352^{2}-119143=123904-119143=4761=69^{2}$

This last line exhibits the factorization $119143=352^{2}-69^{2}=(352+69)(352-69)=421.283$ , where both the factors are prime. In only seven steps, we have obtained the prime factorization of the number 119143. Of course, one does not always fare so luckily — it may take many steps before a difference turns out to be a square.

Fermat’s method is most effective when the two factors of n are of nearly the same magnitude, for in this case, a suitable square will appear quickly. To illustrate, let us suppose that $n=233449$ is to be factored. The smallest square exceeding n is $154^{2}$ so that the sequence $k^{2}-n$ starts with:

$154^{2}-23449=23716-23449=267$

$155^{2}-23449=24025-23449=576=24^{2}$ . Hence, the factors of 23449 are $23449=(155+24)(155-24)=131$

When examining the differences $k^{2}-n$ as possible squares, many values can be immediately excluded by inspection of the final digits. We know, for instance, that a square must end in one of the six digits 0,1,4,5,6,9. This allows us to exclude all the values in the above example, save for 1266, 1961, 4761. By calculating the squares of the integers from 0 to 99 modulo 100, we see further that, for a square, the last two digits are limited to the following 22 possibilities:

00; 01, 04; 09; 16; 21; 24; 25; 29; 36; 41; 44; 49; 56; 61; 64; 69; 76; 81; 84; 89; 96.

The integer 1266 can be eliminated from consideration in this way. Because 61 is among the last two digits allowable in a square, it is only necessary to look at the numbers 1961 and 4761; the former is not a square, but $4761=69^{2}$ .

There is a generalization of Fermat’s factorization method that has been used with some success. Here, we look for distinct integers x and y such that $x^{2}-y^{2}$ is a multiple of n rather than n itself, that is, $x^{2} \equiv y^{2} \pmod {n}$
.
Having obtained such integers $d=gcd(x-y,n)$ (or, $d=gcd(x+y,n)$ ) can be calculated by means of the Euclidean Algorithm. Clearly, d is a divisor of n, but is it a non-trivial divisor? In other words, do we have $1<d<n$ ?

In practice, n is usually the product of two primes p and q, with $p<q$ so that d is equal to 1, p, q, or pq. Now, the congruence $x^{2} \equiv y^{2} \pmod{n}$ translates into $pq|(x-y)(x+y)$ . Euclid's lemma tells us that p and q must divide one of the factors. If it happened that $p|x-y$ and $q|x-y$ , or expressed as a congruence $x \equiv y \pmod{n}$ . Also, $p|x+y$ and $q|x+y$ yield $x \equiv -y \pmod{n}$ . By seeking integers x and y satisfying $x^{2} \equiv y^{2} \pmod{n}$ , where $x \not\equiv \pm \pmod{n}$ , these two situations are ruled out. The result of all this is that d is either p or q, giving us a non-trivial divisor of n.

$\bf{Example}$

Suppose we wish to factor the positive integer $n=2189$ and happen to notice that $579^{2} \equiv 18^{2} \pmod{2189}$ . Then, we compute $gcd(579-18,2189)=gcd(561,2189)=11$ using the Euclidean Algorithm:

$2189=3.561+506$
$561=1.506+55$
$506=9.55+11$
$55=5.11$

This leads to the prime divisor 11 of 2189. The other factor, namely 199, can be obtained by observing that $gcd(579+18,2189)=gcd(597,2189)=199$

The reader might wonder how we ever arrived at a number, such as 579, whose square modulo 2189 also turns out to be a perfect square. In looking for squares close to multiples of 2189, it was observed that $81^{2} -3.2189 = -6$ and $155^{2}-11.2189=-54$ which translates into $81^{2} \equiv -2.3 \pmod{2189}$ and $155^{2} \equiv -2.3^{3} \pmod{2189}$ .

When these congruences are multiplied, they produce $(81.155)^{2} \equiv (2.3^{2})^{2} \pmod{2189}$ . Because the product $81.155 = 12555 \equiv -579 \pmod{2189}$ , we ended up with the congruence $579^{2} \equiv 18^{2} \pmod{2189}$ .

The basis of our approach is to find several $x_{i}$ having the property that each $x_{i}^{2}$ is, modulo n, the product of small prime powers, and such that their product’s square is congruent to a perfect square.

When n has more than two prime factors, our factorization algorithm may still be applied; however, there is no guarantee that a particular solution of the congruence $x^{2} \equiv y^{2} \pmod{n}$ , with $x \not\equiv \pm \pmod{n}$ will result in a nontrivial divisor of n. Of course, the more solutions of this congruence that are available, the better the chance of finding the desired factors of n.

Our next example provides a considerably more efficient variant of this last factorization method. It was introduced by *Maurice Kraitchik* in the 1920’s and became the basis of such modern methods as the *quadratic sieve algorithm*.

$\bf{Example}$

Let $n=12499$ be the integer to be factored. The first square just larger than n is $112^{2} = 12544$ . So. we begin by considering the sequence of numbers $x^{2}-n$ for $x=112, 113, \ldots$ . As before, our interest is in obtaining a set of values $x_{1}, x_{2}, x_{3}, \ldots x_{k}$ for which the product $(x_{1}-n)(x_{2}-n)\ldots (x_{k}-n)$ is a square, say $y^{2}$ . Then, $(x_{1}x_{2}\ldots x_{k})^{2} \equiv y^{2} \pmod{n}$ , which might lead to a non-factor of n.

A short search reveals that $112^{2}-12499=45$ ; $117^{2}-12499=1190$ ; $121^{2}-12499=2142$ ; or, written as congruences, $112^{2} \equiv 3^{2}.5 \pmod{12499}$ ; $117^{2} \equiv 2.5.7.17 \pmod{12499}$ ; $121^{2} \equiv 2.3^{2}.7.17 \pmod{12499}$ . Multiplying these together results in the congruence: $(112.117.121)^{2} \equiv (2.3^{2}.5.7.17)^{2} \pmod{12499}$ , that is, $1585584^{2} \equiv 10710^{2}\pmod{12499}$ . But, we are unlucky with this square combination. Because $1585584 \equiv 10710 \pmod{12499}$ only a trivial divisor of 12499 will be found. To be specific,

$gcd(1585584+10710,21499)=1$

$gcd(1585584-10710,12499)=12499$

After further calculation, we notice that

$113^{2} \equiv 2.5.3^{3} \pmod{12499}$

$127^{2} \equiv 2.3.5.11^{2} \pmod{12499}$

which gives rise to the congruence $(113.127)^{2} \equiv (2.3^{2}.5.11)^{2} \pmod{12499}$ .

This reduce modulo 12499 to $1852^{2} \equiv 990^{2} \pmod{12499}$ and fortunately, $1852 \not\equiv \pm {990}\pm\pmod{12499}$ . Calculating

$gcd(1852-990,12499)=gcd(862,12499)=431$ produces the factorization $12499 =29.431$

Problem to Practise:

Use Kraitchik’s method to factor the number 20437.

Cheers,
Nalin Pithwa

Wilson’s theorem and related problems in Elementary Number Theory for RMO

Posted by Nalin Pithwa

I) Prove Wilson’s Theorem:

If p is a prime, then $(p-1)! \equiv -1 {\pmod p}$ .

Proof:

The cases for primes 2 and 3 are clearly true.

Assume $p>3$

Suppose that a is any one of the p-1 positive integers $1,2,3, \ldots {p-1}$ and consider the linear congruence
$ax \equiv 1 {\pmod p}$ . Then, $gcd(a,p)=1$ .

Now, apply the following theorem: the linear congruence $ax \equiv b {\pmod n}$ has a solution if and only if $d|b$ , where $d = gcd(a,b)$ . If $d|b$ , then it has d mutually incongruent solutions modulo n.

So, by the above theorem, the congruence here admits a unique solution modulo p; hence, there is a unique integer $a^{'}$ , with $1 \leq a^{'} \leq p-1$ , satisfying $aa^{'} \equiv 1 {\pmod p}$ .

Because p is prime, $a = a^{'}$ if and only if $a=1$ or $a=p-1$ . Indeed, the congruence $a^{2} \equiv 1 {\pmod p}$ is equivalent to $(a-1)(a+1) \equiv 0 {\pmod p}$ . Therefore, either $a-1 \equiv 0 {\pmod p}$ , in which case $a=1$ , or $a+1 \equiv 0 {\pmod p}$ , in which case $a=p-1$ .

If we omit the numbers 1 and p-1, the effect is to group the remaining integers $2,3, \ldots (p-2)$ into pairs $a$ and $a^{'}$ , where $a \neq a^{'}$ , such that the product $aa^{'} \equiv 1 {\pmod p}$ . When these $(p-3)/2$ congruences are multiplied together and the factors rearranged, we get

$2.3. \ldots (p-2) \equiv 1 {\pmod p}$

or rather

$(p-2)! \equiv 1 {\pmod p}$

Now multiply by p-1 to obtain the congruence

$(p-1)! \equiv p-1 \equiv -1 {\pmod p}$ , which was desired to be proved.

An example to clarify the proof of Wilson’s theorem:

Specifically, let us take prime $p=13$ . It is possible to divide the integers $2,3,4, \ldots, 11$ into $(p-3)/2=5$ pairs, each product of which is congruent to 1 modulo 13. Let us write out these congruences explicitly as shown below:

$2.7 \equiv 1 {\pmod {13}}$
$3.9 \equiv 1 {\pmod {13}}$
$4.10 \equiv 1 {\pmod {13}}$
$5.8 \equiv 1 {\pmod {13}}$
$6.11 \equiv 1 {\pmod {13}}$

Multpilying these congruences gives the result $11! = (2.7)(3.9)(4.10)(5.8)(6.11) \equiv 1 {\pmod {13}}$

and as $12! \equiv 12 \equiv -1 {\pmod {13}}$

Thus, $(p-1)! \equiv -1 {\pmod p}$ with prime $p=13$ .

Further:

The converse to Wilson’s theorem is also true. If $(n-1)! \equiv -1 {\pmod n}$ , then n must be prime. For, if n is not a prime, then n has a divisor d with $1 1$ is prime if and only if $(n-1)! \equiv -1 {\pmod n}$ . Unfortunately, this test is of more theoretical than practical interest because as n increases, $(n-1)!$ rapidly becomes unmanageable in size.

Let us illustrate an application of Wilson’s theorem to the study of quadratic congruences{ What we mean by quadratic congruence is a congruence of the form $ax^{2}+bx+c \equiv 0 {\pmod n}$ , with $a \not\equiv 0 {\pmod n}$ }

Theorem: The quadratic congruence $x^{2}+1 \equiv 0 {\pmod p}$ , where p is an odd prime, has a solution if and only if $p \equiv 1 {\mod 4}$ .

Proof:

Let a be any solution of $x^{2}+1 \equiv 0 {\pmod p}$ so that $a^{2} \equiv -1 {\pmod p}$ . Because $p \not |a$ , the outcome of applying Fermat’s Little Theorem is

$1 \equiv a^{p-1} \equiv (a^{2})^{(p-1)/2} \equiv (-1)^{(p-1)/2} {\pmod p}$

The possibility that $p=4k+3$ for some k does not arise. If it did, we would have

$(-1)^{(p-1)/2} = (-1)^{2k+1} = -1$

Hence, $1 \equiv -1 {\pmod p}$ . The net result of this is that $p|2$ , which is clearly false. Therefore, p must be of the form $4k+1$ .

Now, for the opposite direction. In the product

$(p-1)! = 1.2 \ldots \frac{p-1}{2} \frac{p+1}{2} \ldots (p-2)(p-1)$

we have the congruences

$p-1 \equiv -1 {\pmod p}$
$p-2 \equiv -2 {\pmod p}$
$p-3 \equiv -3 {\pmod p}$
$\vdots$
$\frac{p+1}{2} \equiv - \frac{p-1}{2} {\pmod p}$

Rearranging the factors produces
$(p-1)! \equiv 1.(-1).2.(-2) \ldots \frac{p-1}{2}. (-\frac{p-1}{2}) {\pmod p} \equiv (-1)^{(p-1)/2}(.2. \ldots \frac{p-1}{2})^{2}{\pmod p}$

because there are $(p-1)/2$ minus signs involved. It is at this point that Wilson’s theorem can be brought to bear; for, $(p-1)! \equiv -1 {\pmod p}$ , hence,

$-1 \equiv (-1)^{(p-1)/2}((\frac{p-1}{2})!)^{2} {\pmod p}$

If we assume that p is of the form $4k+1$ , then $(-1)^{(p-1)/2} =1$ , leaving us with the congruence

$-1 \equiv (-\frac{p-1}{2})^{2}{\pmod p}$ .

The conclusion is that the integer $(\frac{p-1}{2})!$ satisfies the quadratic congruence $x^{2}+1 \equiv 0 {\pmod p}$ .

Let us take a look at an actual example, say, the case $p=13$ , which is a prime of the form $4k+1$ . Here, we have $\frac{p-1}{2}=6$ , and it is easy to see that $6! = 720 \equiv 5 {\pmod {13}}$ and $5^{2}+1 = 26 \equiv 0 {\pmod {13}}$ .

Thus, the assertion that $((p-1)!)^{2}+1 \equiv 0 {\pmod p}$ is correct for $p=13$ .

Wilson’s theorem implies that there exists an infinitude of composite numbers of the form $n!+1$ . On the other hand, it is an open question whether $n!+1$ is prime for infinitely many values of n. Refer, for example:

https://math.stackexchange.com/questions/949520/are-there-infinitely-many-primes-of-the-form-n1

More later! Happy churnings of number theory!
Regards,
Nalin Pithwa

A good way to start mathematical studies …

Posted by Nalin Pithwa

I would strongly suggest to read the book “Men of Mathematics” by E. T. Bell.

It helps if you start at a young age. It doesn’t matter if you start later because time is relative!! 🙂

Well, I would recommend you start tinkering with mathematics by playing with nuggets of number theory, and later delving into number theory. An accessible way for anyone is “A Friendly Introduction to Number Theory” by Joseph H. Silverman. It includes some programming exercises also, which is sheer fun.

One of the other ways I motivate myself is to find out biographical or autobiographical sketches of mathematicians, including number theorists, of course. In this, the internet is an extremely useful information tool for anyone willing to learn…

Below is a list of some famous number theorists, and then there is a list of perhaps, not so famous number theorists — go ahead, use the internet and find out more about number theory, history of number theory, the tools and techniques of number theory, the personalities of number theorists, etc. Become a self-learner, self-propeller…if you develop a sharp focus, you can perhaps even learn from MIT OpenCourseWare, Department of Mathematics.

Famous Number Theorists (just my opinion);

1) Pythagoras
2) Euclid
3) Diophantus
4) Eratosthenes
5) P. L. Tchebycheff (also written as Chebychev or Chebyshev).
6) Leonhard Euler
7) Christian Goldbach
8) Lejeune Dirichlet
9) Pierre de Fermat
10) Carl Friedrich Gauss
11) R. D. Carmichael
12) Edward Waring
13) John Wilson
14) Joseph Louis Lagrange
15) Legendre
16) J. J. Sylvester
11) Leonoardo of Pisa aka Fibonacci.
15) Srinivasa Ramanujan
16) Godfrey H. Hardy
17) Leonard E. Dickson
18) Paul Erdos
19) Sir Andrew Wiles
20) George Polya
21) Sophie Germain
24) Niels Henrik Abel
25) Richard Dedekind
26) David Hilbert
27) Carl Jacobi
28) Leopold Kronecker
29) Marin Mersenne
30) Hermann Minkowski
31) Bernhard Riemann

Perhaps, not-so-famous number theorists (just my opinion):
1) Joseph Bertrand
2) Regiomontanus
3) K. Bogart
4) Richard Brualdi
5) V. Chvatal
6) J. Conway
7) R. P. Dilworth
8) Martin Gardner
9) R. Graham
10) M. Hall
11) Krishnaswami Alladi
12) F. Harary
13) P. Hilton
14) A. J. Hoffman
15) V. Klee
16) D. Kleiman
17) Donald Knuth
18) E. Lawler
19) A. Ralston
20) F. Roberts
21) Gian Carlo-Rota
22) Bruce Berndt
23) Richard Stanley
24) Alan Tucker
25) Enrico Bombieri

Happy discoveries lie on this journey…
-Nalin Pithwa.

Any integer can be written as the sum of the cubes of 5 integers, not necessarily distinct

Posted by Nalin Pithwa

Question: Prove that any integer can be written as the sum of the cubes of five integers, not necessarily.

Solution:

We use the identity $6k = (k+1)^{3} + (k-1)^{3}- k^{3} - k^{3}$ for $k=\frac{n^{3}-n}{6}=\frac{n(n-1)(n+1)}{6}$ , which is an integer for all n. We obtain

$n^{3}-n = (\frac{n^{3}-n}{6}+1)^{3} + (\frac{n^{3}-n}{6}-1)^{3} - (\frac{n^{3}-n}{6})^{3} - (\frac{n^{3}-n}{6})$ .

Hence, n is equal to the sum

$(-n)^{3} + (\frac{n^{3}-n}{6})^{3} + (\frac{n^{3}-n}{6})^{3} + (\frac{n-n^{3}}{6}-1)^{3}+ (\frac{n-n^{3}}{6}+1)^{3}$ .

More later,
Nalin Pithwa.

For the love of Maths: the Queen of all Sciences

famous problems and famous mathematicians

Prof. Tim Gowers’ on recognising countable sets

Prof. Tim Gowers’ on functions, domains, etc.

William Lowell Putnam 2018 results

Fermat-Kraitchik Factorization Method for factoring large numbers: training for RMO

Wilson’s theorem and related problems in Elementary Number Theory for RMO

A good way to start mathematical studies …

Any integer can be written as the sum of the cubes of 5 integers, not necessarily distinct