Euclid's Algorithm for Finding the Greatest Common Divisor (GCD), Study notes of Discrete Mathematics

Euclid's algorithm for finding the greatest common divisor (gcd) of two positive integers. The algorithm uses long division to repeatedly find the quotient and remainder until the remainder is zero. The gcd is then the last non-zero remainder. The document also discusses how the quotients found during the algorithm can be used to express the gcd as a linear combination of the original integers.

Typology: Study notes

Pre 2010

Uploaded on 10/01/2009

koofers-user-j3v
koofers-user-j3v 🇺🇸

8 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Math. 55
Euclid’s GCD Algorithm
May 10, 1999 6:15 pm
Prof. W. Kahan Page 1
Given two positive integers a
b > 0 we seek their
Greatest Common Divisor
( GCD ), which
is the biggest integer d that divides both a and b leaving no remainder. Ordinary long division
computes a positive integer quotient q :=
a/b
and leaves a remainder r := a – q·b that satisfies
0
r < b . Clearly every divisor of both a and b divides r too, and conversely every divisor of
both b and r divides a = q·b + r too; therefore GCD(a, b) = GCD(b, r) . But the pair (b, r) is
smaller
than the pair (a, b) in the sense that b
a and r < b . This leads to an algorithm …
Euclid’s GCD Algorithm
Given integers a
b > 0 , set r
0
:= a and r
1
:= b and perform successive long divisions getting,
for j = 1, 2, 3, …, n in turn until r
n+1
= 0 , quotients q
j
and remainders r
j
that satisfy
r
j–1
= q
j
·r
j
+ r
j+1
with 0
r
j+1
< r
j
.
( Here at step j we divide r
j–1
by r
j
to get quotient q
j
and remainder r
j+1
, stopping when a
remainder r
n+1
= 0 . At that point q
n
> 1 ; can you see why?) The algorithm stops because this
decreasing sequence of n+1 positive integers, r
0
= a
r
1
= b > r
2
> … > r
n–1
> r
n
> r
n+1
= 0 ,
cannot have n > b . Then GCD(a, b) = r
n
because, as explained in the first paragraph,
GCD(a, b) =: GCD(r
0
, r
1
) = GCD(r
1
, r
2
) = … = GCD(r
n–1
, r
n
) = GCD(r
n
, r
n+1
) = r
n
.
The quotients q
j
appear to play no important role in the foregoing algorithm, but appearances
can mislead. By translating the algorithm’s recurrence into matrix language we find uses for q
j
:
Set := first; then for j = 1, 2, 3, …, n in turn confirm that = , with
0
r
j+1
< r
j
and r
n+1
= 0 , so = .
Now set row := to obtain two
integers A and B (not both positive) satisfying GCD(a, b) = r
n
= = = B·a + A·b .
We have just found that GCD(a, b) is a linear combination of a and b with integer coefficients,
thus proving the following … ( Cf. text p. 137, and p. 201 ex. 58.)
Theorem 1:
As A and B run independently through all integers the expression B·a + A·b runs
through a set of integers among which the smallest positive integer is GCD(a, b) = B·a + A·b .
Hard Exercise:
Running A and B through
all
integers is unnecessary: Theorem 1 remains true after restrictions
|A| < a and |B|
b
a are imposed; why? Can you prove |A| < a/GCD(a, b) and |B|
b/GCD(a, b) ? See below.
There are two ways to compute A and B . The easiest is to evaluate from-left-to-right the matrix
product defining
after
all the q
j
’s have been computed; this gives rise to a recurrence:
s
n
:= 1 ; s
n–1
:= –q
n–1
; for j = n–2, n–3, …, 2, 1 in turn s
j
:= s
j+2
– q
j
·s
j+1
.
Finally A := s
1
and B := s
2
. Another way to compute them is to evaluate from-right-to-left the
matrix product defining row
simultaneously
with the computation of the q
j
’s :
r0
r1
a
b
rj
rj1+
01
1q
j
rj1
rj
rn
0
01
1q
n
01
1q
n1
01
1q
n2
01
1q
2
01
1q
1
r0
r1
BA 10 01
1q
n
01
1q
n1
01
1q
n2
01
1q
2
01
1q
1
10 rn
0BA a
b
BA
BA
This document was created with FrameMaker404
pf3

Partial preview of the text

Download Euclid's Algorithm for Finding the Greatest Common Divisor (GCD) and more Study notes Discrete Mathematics in PDF only on Docsity!

Prof. W. Kahan Page 1

Given two positive integers a ≥ b > 0 we seek their Greatest Common Divisor ( GCD ), which is the biggest integer d that divides both a and b leaving no remainder. Ordinary long division computes a positive integer quotient q := a/b and leaves a remainder r := a – q·b that satisfies 0 ≤ r < b. Clearly every divisor of both a and b divides r too, and conversely every divisor of both b and r divides a = q·b + r too; therefore GCD(a, b) = GCD(b, r). But the pair (b, r) is smaller than the pair (a, b) in the sense that b ≤ a and r < b. This leads to an algorithm …

Euclid’s GCD Algorithm

Given integers a ≥ b > 0 , set r 0 := a and r 1 := b and perform successive long divisions getting,

for j = 1, 2, 3, …, n in turn until rn+1 = 0 , quotients qj and remainders rj that satisfy

rj–1 = q (^) j ·rj + rj+1 with 0 ≤ rj+1 < rj.

( Here at step j we divide rj–1 by rj to get quotient qj and remainder rj+1 , stopping when a

remainder rn+1 = 0. At that point qn > 1 ; can you see why?) The algorithm stops because this

decreasing sequence of n+1 positive integers, r 0 = a ≥ r 1 = b > r 2 > … > rn–1 > rn > rn+1 = 0 ,

cannot have n > b. Then GCD(a, b) = rn because, as explained in the first paragraph,

GCD(a, b) =: GCD(r 0 , r 1 ) = GCD(r 1 , r 2 ) = … = GCD(rn–1 , rn ) = GCD(rn , rn+1 ) = rn.

The quotients qj appear to play no important role in the foregoing algorithm, but appearances

can mislead. By translating the algorithm’s recurrence into matrix language we find uses for qj :

Set := first; then for j = 1, 2, 3, …, n in turn confirm that = , with

0 ≤ rj+1 < rj and rn+1 = 0 , so = ….

Now set row := … to obtain two

integers A and B (not both positive) satisfying GCD(a, b) = rn = = = B·a + A·b.

We have just found that GCD(a, b) is a linear combination of a and b with integer coefficients, thus proving the following … ( Cf. text p. 137, and p. 201 ex. 58.)

Theorem 1: As A and B run independently through all integers the expression B·a + A·b runs through a set of integers among which the smallest positive integer is GCD(a, b) = B·a + A·b.

Hard Exercise: Running A and B through all integers is unnecessary: Theorem 1 remains true after restrictions |A| < a and |B| ≤ b ≤ a are imposed; why? Can you prove |A| < a/GCD(a, b) and |B| ≤ b/GCD(a, b)? See below.

There are two ways to compute A and B. The easiest is to evaluate from-left-to-right the matrix

product defining after all the qj ’s have been computed; this gives rise to a recurrence:

sn := 1 ; sn–1 := –qn–1 ; for j = n–2, n–3, …, 2, 1 in turn sj := sj+2 – qj ·sj+.

Finally A := s 1 and B := s 2. Another way to compute them is to evaluate from-right-to-left the

matrix product defining row simultaneously with the computation of the qj ’s :

r (^0) r (^1)

a b

r (^) j r (^) j + 1

0 1 1 – q (^) j

r (^) j – 1 r (^) j

r (^) n 0

0 1 1 – q (^) n

0 1 1 – q (^) n – 1

0 1 1 – q (^) n – 2

0 1 1 – q (^2)

0 1 1 – q (^1)

r (^0) r (^1)

B A 1 0

0 1 1 – q (^) n

0 1 1 – q (^) n – 1

0 1 1 – q (^) n – 2

0 1 1 – q (^2)

0 1 1 – q (^1)

1 0 r (^) n 0

B A a b

B A

B A

This document was created with FrameMaker 4 0 4

Prof. W. Kahan Page 2

:= ; := ; for j = 2, 3, …, n–1 in turn :=.

Finally :=. Note that qn never figures in the computation of A and B.

Whichever way be chosen to compute A, B and GCD(a, b) = B·a + A·b , the algorithm is called “the Extended Euclidean Algorithm” and has important applications. Here is one of them:

Exercise: Given integers a, c and b > 0 , when does “ a·x ≡ c mod b ” have integer solutions x? Here “ p ≡ q mod b ” is pronounced “ p is congruent to q mod b ” and means that p–q is divisible by b. Let d := GCD(a, b). Exhibit all d noncongruent solutions x if and only if d divides c ; otherwise prove no solution x exists.

Continued Fractions

If d = GCD(a, b) then (a/d)/(b/d) exhibits a/b “in lowest terms” but is not the only unique encoding of rational numbers. By substituting rj–1 /rj = qj + 1/(rj /rj+1 ) repeatedly for j = 1, 2, …,

n in turn we obtain a Terminating Continued Fraction

.

This is the continued fraction for the rational number a/b. Here q 1 ≥ 1 because a ≥ b > 0 ; in

fact every qj ≥ 1 and the last qn ≥ 2 to ensure that the encoding of each rational a/b > 1 by a

finite sequence (q 1 , q2 , q3 , …, qn–1 , qn –1) of positive integers be unique. Euclid’s algorithm

converts a rational number given as a ratio of integers into its continued fraction; how do we get back? The obvious way evaluates the continued fraction “bottom-up” : Rn+1 := 0 ; Rn := 1 ; for

j = n, n–1, n–2, …, 2, 1 in turn Rj–1 := qj ·Rj + Rj+1 ; finally a/b = R 0 /R 1 in lowest terms. Exercise: Confirm that every integer Rj = rj/GCD(a, b).

Translating the bottom-up evaluation of the continued fraction into matrix terms yields first

= , then = …. This last expression offers

two interesting opportunities. One is a way to evaluate the continued fraction “top-down” :

:= ; := ; for j = 2, 3, …, n in turn := ; finally :=.

This top-down evaluation turns out to be a good way to evaluate endless continued fractions that encode non-rational numbers; successive ratios hj /gj can be shown to converge alternatingly. Exercise: The endless continued fraction in which every qj = 1 represents μ := (1 + √5)/2 ; can you see why? Another opportunity offered by that long matrix product is a clear proof of Lamé’s Theorem : To

compute d = GCD(a, b) for a ≥ b > 0 Euclid’s algorithm needs n ≤ 1+ln(b/d)/ln(μ) divisions.

Exercise: Prove it by showing every Rj is at least as big as if every qj = 1 except qn = 2 , so R 1 ≥ ƒ (^) n+1 , a

Fibonacci number, and ƒn+1 = (μn+1^ – (–1/μ)n+1)/(μ + 1/μ) ≥ μn–1^. ( Cf. text p. 206.)

B 0 A (^0) 0 1 B 1 A 1 1 – q 1 B (^) j A (^) j 1 – qj

B (^) j – 2 A (^) j – 2 B (^) j – 1 A (^) j – 1 B A B^ n – 1 A^ n – 1

a b

--- q 1 1 q (^2)

q (^3)

q (^) n – 1 1 q (^) n

R (^) j – 1 R (^) j

q (^) j 1 1 0

R (^) j R (^) j + 1

R (^0) R (^1)

q 1 1 1 0

q 2 1 1 0

q (^) n – 1 1 1 0

q (^) n 1 1 0

1 0

h (^0) g (^0)

1 0

h (^1) g (^1)

q (^1) 1

h (^) j g (^) j

h (^) j – 1 h (^) j – 2 g (^) j – 1 g (^) j – 2

q (^) j 1

R (^0) R (^1)

h (^) n g (^) n