On a practice final exam (for a Computer Security course), I am given the following equation to solve, but I have no idea how to to compute this modular inverse. $$324x \bmod 121 = 1.$$
Any direction?
Asked
Active
Viewed 444 times
2 Answers
7
Inverses mod power moduli $\:\!n^k$ can be very efficiently calculated by Hensel lifting an inverse $\!\bmod n\,$ up to $\!\bmod n^k\,$ (i.e. by iterating Newton's method, as in calculus), e.g. here
$\!\bmod \color{#c00}{11^{\large 2}}\!:\, {\large \frac{1}{324}}\!\overset{\times\ {\bf {-}}2_{\phantom{|}}\!\!}\equiv {\large \frac{-2}{\color{#0a0}{1-59\:\!\cdot\:\! 11}}}\!\equiv-2(\overbrace{1\!+\!\color{#0af}{59}\cdot 11}^{\textstyle 1\:\!+\:\!\color{#0af}4\cdot 11})\equiv\overbrace{ -90}^{\textstyle 31}.\, $ Generally if $\,\overbrace{1/a\equiv a'\pmod{\!n}}^{\textstyle \color{#0a0}{aa' = 1+j\,n}}\,$
$\!\bmod \color{#c00}{n^2}\!:\ \dfrac{1}{a}\!\equiv\!\dfrac{a'}{\color{#0a0}{aa'}}\!\equiv\!\dfrac{a'}{\color{#0a0}{1+jn}}\!\equiv\, a'\:\!(1-jn),\,$ by $\ \color{#c00}{n^2\equiv 0},\,$ lifts inverse $\!\bmod n\,$ to $\!\bmod{n^2}$
where above we used: $\, \dfrac{1^{\phantom{|}}}{\color{#0a0}{1+jn}}\,\equiv 1-jn,\,$ by $\, (1\!+\!jn)(1\!-\!jn) = 1\!-\!j^2\color{#c00}{n^2}\equiv 1\pmod{\!\color{#c00}{n^2}}$
This can be viewed as using Hensel lifting (Newton's method) to compute inverses. In general, as above, it is trivial to invert a unit + nilpotent by using a (terminating) geometric series, which is a special case of the general method of simpler multiples.
Of course we can also use general inversion methods $\!\bmod n^2,\,$ but usually they will be less efficient than the the quadratic convergence of Newton's method. There are a few worked examples using a handful of such general methods (including all those in the other answers) here and here and here. This includes most all the common known methods (and their optimizations).
Note $ $ Above we used $\,\color{#0af}{59}\cdot 11 \bmod 11^2 = (\color{#0af}{59\bmod 11})\,11 = \color{#0af}4\cdot 11\ $ by $\!\bmod\!$ Distributive Law. Notice the great simplification obtained by lifting the inverse up from $\!\bmod n,\,$ which made all the arithmetic so trivial it could be done in a minute of purely mental arithmetic.
Bill Dubuque
- 272,048
-
See here for another worked example. – Bill Dubuque Feb 09 '20 at 20:58
-
See here for an example from Hardy & Wright. – Bill Dubuque Sep 11 '23 at 19:50
4
You need the Extended Euclidean Algorithm which solves the problem of finding modular inverses. Bezout's identity guarantees that there is a solution.
Ross Millikan
- 374,822
-
This general method will be (much) less efficient than using Newton's method (Hensel lifting), which has quadratic convergence, e.g. see my answer. But, generally, if you do use it then be sure to apply it in the forward form, since the common backward substitution form is notoriously error-prone. – Bill Dubuque Jan 31 '24 at 00:36