Square root modulo prime: does any number always have 0 or 2 square roots?

Question

When looking for the square root of a natural number x modulo p, where p is prime, we look for natural numbers y so that $ y^2 \equiv_p x$.

With the exception of zero (obviously the only square root of zero is zero, modulo any p) it seems that there are always either 2 or 0 solutions.

For example when p=41:
$\sqrt{8} \equiv_{41} \{7,34\}$
$\sqrt{9} \equiv_{41} \{3,38\}$
$\sqrt{10} \equiv_{41} \{16,25\}$
$\sqrt{11} \equiv_{41} (none)$
$\sqrt{12} \equiv_{41} (none)$
$\sqrt{13} \equiv_{41} (none)$

Is this always true? Surely there is a known proof for this?

(edit) With the exception of p=2 because in that case 1 has only one square root. In general the square roots of 1 are always 1 and p-1 (or can there be more?) and if p=2 then these are the same. So I'm only interesting in p>2.

score 3 · Answer 1 · answered Oct 19 '22 at 07:01

Assume $p>2$ and let $a \not \equiv 0 \mod p$.

If $y$ satisfies $y^2 \equiv a \mod p$, then $$(p-y)^2 \equiv p^2-2py+y^2 \equiv y^2 \equiv a \mod p,$$ whence $p-y$ is another root of $y^2-a$, as $y \not \equiv p-y \mod p$.

Now, $\mathbb Z/ p \mathbb Z$ is a field, hence any polynomial of degree 2 has at most 2 roots. Therefore, the equation $x^2 -a\equiv 0\mod p$ has either 0 or 2 solutions.

score 2 · Accepted Answer · answered Oct 19 '22 at 07:08

Yes, only ever 0 or 2 square roots. The “exceptions” are that modulo 2 the square roots of 1 are 1 and 1, and that modulo any prime the square roots of 0 are 0 and 0.

Here is a simple proof.

If $x$ and $y$ have the same square, this is equivalent to $$x^2-y^2=0$$

which is to say $$(x+y)(x-y)=0$$

which if the modulus is prime can only happen if either $x+y=0$ or $x-y=0$.

So if you find a square root, call it $x$, then every square root must either be equal to $-x$ ($x+y=0$) or equal to $x$ ($x-y=0$).

Modulo 2, $1=-1$, which is why the roots are the same. Modulo any number, $0=-0$, which is why the roots are the same.

score 2 · Answer 3 · 2022-10-19T07:41:57.947

This is true.

In algebra, we have an abstract structure $\mathbb Z/p\mathbb Z$ which embodies calculation modulo $p$. When $p$ is prime, that structure is a field. Now, you are solving a quadratic equation $y^2-x=0$ in this field, and there is a general theorem that a polynomial equation over a field can have at most $d$ roots, where $d$ is the degree of the polynomial. From there it follows that there cannot be more than two solutions.

So:

Either there are no solutions,
Or there is at least one solution $y$,

... and, if $y$ is a solution, then $-y$ is a solution too, so it all hangs on whether $y=-y$ i.e. whether $2y=0$:

If $p=2$, then $2=0$, and $y$ and $-y$ always coincide, and this is the reason why both $0$ and $1$ are single solutions (for $x=0$ and $x=1$, respectively).
If $p\ne 2$, then $2y=0$ implies $y=0$ and so only $y=0$ is a single solution (for $x=0$), and all the other solutions, if they exist for a given $x$, come in pairs.

Square root modulo prime: does any number always have 0 or 2 square roots?

3 Answers3

Linked