2.

Congruences

We first recall the notion of congruence, then study how to solve linear congruence equa-
tions. The Chinese remainder theorem is important in solving simultaneous equations.

2.1. Congruences and linear equations. We recall the following definition from Dis-
crete Mathematics and Programming:

Definition 2.1. If a, b, m P Z and m  0, we say that a is congruent to b modulo m if m

divides b
a. This relation is written as
ab pmod mq.
For any a P Z, the set a  tn P Z | n  a pmod mqu of integers congruent to a modulo
m is called a congruence class modulo m. The set of congruence classes modulo m is
denoted by Zm .

Remark 2.2. Although the notion of congruence is still well-defined for any non-zero
integer m, we are usually only interested in positive values of m, as congruences modulo
m and
m coincide.

We have seen the following structure on Zm :

Proposition 2.3. For any non-zero integer m, the set Zm has the structure of a commu-
tative ring with 1. In fact, it is the quotient ring Z{pmq where pmq is the principal ideal
of Z generated by m.

Proof. See Example (1) on Page 10 (2013) or Examples 1.20 and 1.35 (2014) in Algebra
2B. 

The cancellation law for congruences will be handy for solving congruence equations.

Proposition 2.4 (Cancellation Law). For any a, b, k, m P Z, k  0, m  0, assume

hcf pk, mq  d, then ka  kb pmod mq iff a  b pmod md q.

Proof. See Exercise 2.3. 

Now we turn to look at congruence equations. In general a congruence equation has the
form
f pxq  0 pmod mq,
where f pxq is a polynomial with integer coefficients and m is a non-zero integer. We are
only interested in solutions modulo m; i.e. solutions in Zm . The number of solutions is
the number of congruence classes in Zm which satisfy the given equation.
17
Proposition 2.5. For any a, b, m P Z, a  0, m  0, assume hcf pa, mq  d, then the
congruence equation ax  b pmod mq has solutions iff d  b. In this case there are exactly
d solutions in Zm . If x0 is a solution, then the complete set of solutions is given by the
congruence classes of x0 , x0 m1 , x0 2m1 ,    , x0 pd
1qm1 , where m1  md .

Proof. If x0 is a solution, then ax0
b  my0 for some integer y0 . Thus ax0
my0  b.
Since d divides ax0
my0 , we must have d  b.

Conversely, suppose that d  b then b  cd for some c P Z. Since hcf pa, mq  d, there
exist integers x10 and y01 such that ax10
my01  d. Multiply both sides of the equation by
c. Then apx10 cq
mpy01 cq  b. Let x0  x10 c. Then ax0  b pmod mq.

We have shown that ax  b pmod mq has a solution iff d  b.

Suppose that x0 and x1 are solutions. ax0  b pmod mq and ax1  b pmod mq imply that
ax1  ax0 pmod mq. By Proposotion 2.4, it is equivalent to x1  x0 pmod m1 q, hence
x1 is a solution iff x1  x0 km1 for some integer k. Moreover, for each k P Z there are
integers r and s such that k  rd s and 0 ¤ s d. Thus x1  x0 sm1 rm, or
equivalently, x1  x0 sm1 pmod mq. These solutions are in d distinct congruence classes
modulo m. This completes the proof. 

We immediately have the following corollary:

Corollary 2.6. If hcf pa, mq  1, then ax  b pmod mq has exactly one solution. In
particular, if p is a prime and p  a, then ax  b pmod pq has exactly one solution.

Proof. In this caes d  1 so clearly d  b, and there is exactly d  1 solution. 

In practice, we can solve such equations by cancellations and the Euclidean algorithm.

Example 2.7. As an example we consider the congruence 9x  6 pmod 15q. Since

d  hcf p9, 15q  3 divides 6, the equation has 3 solutions modulo 15. By Proposition 2.4
we can cancel 3 on both sides and reduce the equation to 3x  2 pmod 5q. Euclidean
algorithm shows that hcf p3, 5q  1 and 3  2 5  p
1q  1, thus 3  2  1 pmod 5q.
Then we multiply both sides by 2 and get x  4 pmod 5q. Therefore the solutions to the
original equation are x  4, 9, or 14 pmod 15q.

From 3x  2 pmod 5q we can also try to add multiples of 5 to 2 until we can cancel
the coefficient 3. In this case we have 3x  2 5  2 pmod 5q. By Proposition 2.4 we
still get x  4 pmod 5q. Hence the solutions to the original equation are x  4, 9, or 14
pmod 15q.
18
Proposition 2.5 can also be used to solve linear Diophantine equations of the form ax by 
c, where a, b, c P Z. We explain it by the following example.

Example 2.8. We want to find all integer solutions to the equation 9x 15y  6. We
solve it by considering the congruence equation 9x  6 pmod 15q. The computation above
has showed that the solution is given by x  4 pmod 5q, i.e. x  5k 4 for any k P Z.
By substitution we have 9p5k 4q 15y  6, so y 
3k
2. Therefore all solutions are
given by x  5k 4, y 
3k
2 where k is an arbitrary integer.

Now we apply Proposition 2.5 to study the group of units in the ring Zm .

Proposition 2.9. Let m be a positive integer. An element a P Zm is a unit iff hcf pa, mq 
1. There are exactly φpmq units in Zm . Zm is a field iff m is a prime.

Proof. a P Zm is a unit iff ax  1 pmod mq is solvable. By Proposition 2.5, this is

equivalent to hcf pa, mq  1, hence equivalent to a and m being coprime.

The number of units is precisely the number of such a’s with 1 ¤ a ¤ m and hcf pa, mq  1.
By Definition 1.27, there are precisely φpmq units in Zm .

If p is a prime and a  0 in Zp , then hcf pa, pq  1. Thus every non-zero element of Zp is

a unit, which shows that Zp is a field.

If m is not a prime, then we can write m  m1 m2 , where 1 m1 , m2 m. Thus m1 0

and m2  0, but m1  m2  m  0. Therefore Zm is not a field. 

We immediately obtain the following corollaries, both of which have their own names:

Corollary 2.10 (Euler’s Theorem). If hcf pa, mq  1, then we have aφpmq  1 pmod mq.
Proof. The units in Zm form a group of order φpmq. If a and m are coprime, a is a unit.
Thus aφpmq  1, or equivalently, aφpmq  1 pmod mq. 

Corollary 2.11 (Fermat’s Little Theorem). If p is a prime and p  a, then we have

ap
1  1 pmod pq.

Proof. If p  a, then a are p are relatively prime. Thus aφppq  1 pmod pq. The result
follows, since for a prime p, we have φppq  p
1. 

19