-1

I have been reading a proof for quite some time now, I think I understood it but I am stuck in the following description ($\lambda$ is the cycle length of the powers of $a$) , $e \in {0, 1, 2, ... \lambda - 1}$ and $l(a)$ the cycle length of the powers of $a$:

If $e$ is a positive integer then $(a^e)^f \equiv 1 \pmod p$ if and only if $e\cdot f$ is a multiple of $\lambda$. This occurs only if $f$ is a multiple of $$\frac{\lambda}{\gcd(e, \lambda)}$$

From this we find that: $$l(a^e) = \frac{l(a)}{\gcd(e,\lambda)}$$

I don't understand how we determined what is the form of $f$. The $\frac{\lambda}{\gcd(e, \lambda)}$ reminds me the $lcm$ since $e\cdot \lambda = \gcd(e,\lambda) \cdot lcm(e,\lambda) \implies lcm = \frac{e\lambda}{gcd(e, \lambda)}$
but I am not sure if that is indeed relevant and how we ignore $e$ and get the last formula for $l(a^e)$.

Could someone please help me understand this?

Bill Dubuque
  • 272,048
Jim
  • 1,589
  • Why is this question a duplicate? I don't understand – Jim Jul 23 '21 at 06:17
  • 1
    Well, the question being linked to is what your proof is proving. But your question is about a particular point of the proof. – fleablood Jul 24 '21 at 00:13
  • ... and Bill Dubuque's answer on the other post basically is this proof. – fleablood Jul 24 '21 at 00:16
  • @fleablood: there is no way for me to have been able to figure out that the post is similar/relevant and be able to link that other answer with my specific question. After your answer, I think I can re-read the other post and may be, be able to understand it. In any case, my question was about a specific statement of a proof. – Jim Jul 24 '21 at 15:41

1 Answers1

0

Your issue seems to be this basic number theory result:

For integer $m,n,b$ if $mn$ is a multiple of $b$ then $m$ is a multiple of $\frac b{\gcd(b,n)}$ and $n$ is a multiple of $\frac b{\gcd(b,m)}$.

This very easy to verify. If $mn$ is a multiple of $b$ then

$mn = kb$ for some integer $k$.

Now $\gcd(b,n)$ divides both $b$ and $n$ so we can divide both sides by $\gcd(b,n)$ to get

$m[\frac {n}{\gcd(b,n)}] = k[\frac b{\gcd(b,n)}]$

(Note: even though the values written in the square brackets are written as fractions, they are, of course, integers and the denominators do divide the numerators.)

Now as all are integers these means $[\frac{n}{\gcd(b,n)}]$ divides $k[\frac b{\gcd(b,n)}]$. But $[\frac{n}{\gcd(b,n)}]$ and $[\frac b{\gcd(b,n)}]$ are relatively prime integers, we must have that $[\frac{n}{\gcd(b,n)}]$ divides $k$[*].

So we can divide both sides by $[\frac{n}{\gcd(b,n)}]$ to get

$m = [\frac k{[\frac{n}{\gcd(b,n)}]}][\frac{n}{\gcd(b,n)}]$

.... and that's that. $[\frac k{[\frac{n}{\gcd(b,n)}]}]$ is an integer and so $m$ is a multiple of $[\frac{n}{\gcd(b,n)}]$.

.....

From that the proof follows straightforwardly:

$a^k\equiv 1$ if and only if $k$ is a multiple of $\lambda$.

So $(a^e)^f=a^{ef}\equiv 1$ if and only if $ef$ is a multiple of $\lambda$.

So as $ef$ is a multiple of $\lambda$, we just proved that that means $f$ must be a multiple of $\frac {\lambda}{\gcd(\lambda, e)}$.

That's it.

........

[*] I hope you are familiar with this more basic number theory result:

For integers $a,b,k$, if $b$ divides $ak$ but $\gcd(b,k)=1$ then $b$ divides $a$.

This result should be intuitively obvious as all the divisors of $b$ divide into $ak$ but none of the divisors have anything in common with $b$ (which is relatively prime to $a$) so all the divisors of $b$ must divide into $k$.

More formally: If $b = \prod p_i^{m_i}$ is the unique prime factorisation of $b$ and than as $\gcd(a,b) =1$ non of the $p_i^{m_i}$ divide $ak$. But as $b$ and $k$ are relatively prime no $p_i$ can divide $k$ so by Euclid's Lemma $p_i^{m_i}|a$. So $b = \prod p_i^{m_i}|a$.

fleablood
  • 124,253
  • Ok I see now. So by dividing with the $\gcd(\lambda, e)$ on both sides we form the components of the $lcm(\lambda, e)$ and those parts are coprime. 1) Can it also be $f \mid m$? If we have $f \cdot a = m \cdot b$ and $gcd(a,b) = 1$ does that mean either $f \mid m$ or $a \mid m$?
    1. I didn't understand how we get the formula for $l(a^e)$ mentioned in the last line of the quote.
     – Jim Jul 22 '21 at 22:29
  • What is the property when $a\cdot b \mid c \cdot e$ and $gcd(b, e) = 1$? – Jim Jul 22 '21 at 22:45
  • "Can it also be f∣m? If we have f⋅a=m⋅b and gcd(a,b)=1 does that mean either f∣m or a∣m?" It ALWAYS means $a|m$. And unless $b=1$ we will never have $f|m$. See, $a$ and $b$ have no factors in common at all. But we have $a|mb$ but as $a$ and $b$ have no factors in common $a$ must have all factors in common with $m$ and none in common with $b$. So $a|m$. Always. And $b|f$. Always. – fleablood Jul 22 '21 at 23:30
  • we will never have | I am not clear why though. – Jim Jul 22 '21 at 23:34
  • Also what about the last line of the quoted formula? How is that derived from the previous? I think I am losing a step in the logic – Jim Jul 22 '21 at 23:35
  • $fa = mb$ So $a = \frac fm\cdot b$. But $\gcd(a,b) = 1$ so $b\not \mid a$ (*UNLESS $b = 1$) so $\frac fm$ can not be an integer. – fleablood Jul 22 '21 at 23:56
  • Please strive not to add more dupe answers to dupes of FAQs, cf. recent site policy announcement here. – Bill Dubuque Jul 23 '21 at 00:42
  • @BillDubuque: How is my post which is about asking something specific from a proof a duplicate? – Jim Jul 23 '21 at 06:16
  • @fleablood: Sorry for the basic question, a variable with the notation $b'$ does it have some specific meaning? I.e. what is the difference, if any, with declaring e.g. $x$ instead of $b'$? – Jim Jul 23 '21 at 07:51
  • @fleablood: nevermind, I worked through the proof, and I noticed that using $x$ and $y$ is not helpful at all. Notation matters.... – Jim Jul 23 '21 at 14:55
  • @fleablood: "So $n$ is a multiple of $b' = \frac b{\gcd(b,m)}$" isn't $m$ a multiple of $b'$ as well by the same reasoning and proof? So what is the conclusion? Both $m$ and $n$ are multiple of $b'$? – Jim Jul 23 '21 at 15:00
  • Your answer helped me a lot! The only thing, that I am not clear is my previous comment. Looks like both $m$ and $n$ are multiples of $b'$? So we can also say that: "Or in other words $e=\frac{m\cdot \lambda}{f}$" as well instead of "Or in other words $f=\frac{m\cdot \lambda}{e}$"? So both $e$ and $f$ are multiple of $\lambda$? But we chose to work with $f$ for convenience? – Jim Jul 23 '21 at 15:07
  • @fleablood: Lemma 2 is Euclid's lemma. What are the names of Lemma 1 and 3? Is the property: $a \mid b \implies k\cdot a \mid k \cdot b$ mentioned somewhere with a specific name? Or it is just regular arithmetic rules? – Jim Jul 23 '21 at 16:43
  • Okay examples. $b = 475=3\times 5^3$ and $n=525=3\times 5^2\times 7$ and $m=1375=5^3\times 11$. Now $mn$ is a multiple of $b$. Now $d_1 = \gcd(n,b)=75$. And $d_2 = \gcd(m,b) = 125$. Now $b_1' = \frac {b}{\gcd(n,b)} = \frac b{75} =5$ but $b_2' = \frac b{\gcd(m,b)} = \frac b{125} =3$. As $nm = kb\implies n(m'd_2) = k(b_2'd_2)\implies $n=\frac k{m'}b_2'$ is a multiple of $b_2=\frac b{\gcd(m,b)}=3$ and also $nm = kb\implies (n'd_1)m= k(b_1'd_1)\implies $m=\frac k{n'}b_1'$ is a multiple of $b_1=\frac b{\gcd(n,b)}=5$. – fleablood Jul 23 '21 at 17:05
  • I don't know the names. They are basic. $a|b \implies ka|kb$ is so basic it barely requires noting. – fleablood Jul 23 '21 at 17:06
  • @fleablood: Thank you very much for the clear and very helpful answer! I got it! I have a last question for you. I have noted the $3$ lemma's you had written and was wondering how are they commonly known? E.g. what you had noted as Lemma 1, I found it in my book as a corollary statement, not a lemma and I didn't make the proper connection with the specific proof in the form that it was presented. So is the naming of these properties standard or not? E.g. is Lemma 2 universally considered Euclid's lemma? Is lemma 1 universally considered as what you explained? – Jim Jul 24 '21 at 15:36
  • @fleablood: by the way I am still not sure how we get the last part of the formula: $$l(a^e) = \frac{l(a)}{\gcd(e,\lambda)}$$. I mean $l(a)$ is $\lambda$ so where is the multiple? – Jim Jul 24 '21 at 20:57