

























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Material Type: Notes; Professor: Conrad; Class: Introduction to Number Theory; Subject: Mathematics; University: University of Connecticut; Term: Fall 2009;
Typology: Study notes
1 / 33
This page cannot be seen from the preview
Don't miss anything!


























KEITH CONRAD
Since the work of Gauss, number theorists have been interested in analogues of Z where concepts from arithmetic can also be developed. The example we will look at in this handout is the Gaussian integers:
Z[i] = {a + bi : a, b ∈ Z}.
Excluding the last two sections of the handout, the topics we will study are extensions of common properties of the integers. Here is what we will cover in each section:
(1) the norm on Z[i] (2) divisibility in Z[i] (3) the division theorem in Z[i] (4) the Euclidean algorithm Z[i] (5) Bezout’s theorem in Z[i] (6) unique factorization in Z[i] (7) modular arithmetic in Z[i] (8) applications of Z[i] to the arithmetic of Z (9) primes in Z[i]
Definition 1.1. For α = a + bi ∈ Z[i], its norm is the product
N(α) = αα = (a + bi)(a − bi) = a^2 + b^2.
For example, N(2 + 7i) = 2^2 + 7^2 = 53. For m ∈ Z, N(m) = m^2. In particular, N(1) = 1. Thinking about a + bi as a complex number, its norm is the square of its usual absolute value:
|a + bi| =
a^2 + b^2 , N(a + bi) = a^2 + b^2 = |a + bi|^2.
The reason we prefer to deal with norms on Z[i] instead of absolute values on Z[i] is that norms are integers (rather than square roots), and the divisibility properties of norms in Z will provide important information about divisibility properties in Z[i]. This is based on the following algebraic property of the norm.
Theorem 1.2. The norm is multiplicative: for α and β in Z[i], N(αβ) = N(α) N(β).
Proof. Write α = a + bi and β = c + di. Then αβ = (ac − bd) + (ad + bc)i. We now compute N(α) N(β) and N(αβ):
N(α) N(β) = (a^2 + b^2 )(c^2 + d^2 ) = (ac)^2 + (ad)^2 + (bc)^2 + (bd)^2 1
2 KEITH CONRAD
and
N(αβ) = (ac − bd)^2 + (ad + bc)^2 = (ac)^2 − 2 abcd + (bd)^2 + (ad)^2 + 2abcd + (bc)^2 = (ac)^2 + (bd)^2 + (ad)^2 + (bc)^2.
The two results agree, so N(αβ) = N(α) N(β).
As a first application of Theorem 1.2, we determine the Gaussian integers which have mul- tiplicative inverses in Z[i]. The idea is to apply norms to reduce the question to invertibility in Z.
Corollary 1.3. The only Gaussian integers which are invertible in Z[i] are ± 1 and ±i.
Proof. It is easy to see ±1 and ±i have inverses in Z[i]: 1 and −1 are their own inverse and i and −i are inverses of each other. For the converse direction, suppose α ∈ Z[i] is invertible, say αβ = 1 for some β ∈ Z[i]. We want to show α ∈ {± 1 , ±i}. Taking the norm of both sides of the equation αβ = 1, we find N(α) N(β) = 1. This is an equation in Z, so we know N(α) = ±1. Since the norm doesn’t take negative values, N(α) = 1. Writing α = a + bi, we have a^2 + b^2 = 1, and the integral solutions to this give us the four values α = ± 1 , ±i.
Invertible elements are called units. The units of Z are ±1. The units of Z[i] are ±1 and ±i. Knowing a Gaussian integer up to multiplication by a unit is analogous to knowing an integer up to its sign. While there is no such thing as inequalities on Gaussian integers, we can talk about inequalities on their norms. In particular, induction on the norm (not on the Gaussian integer itself) is a technique to bear in mind if you want to prove something by induction in Z[i]. We will use induction on the norm to prove unique factorization (Theorems 6.4 and 6.6). The norm of every Gaussian integer is a non-negative integer, but it is not true that every non-negative integer is a norm. Indeed, the norms are the integers of the form a^2 + b^2 , and not every positive integer is a sum of two squares. Examples include 3, 7, 11, 15, 19, and
Divisibility in Z[i] is defined in the natural way: we say β divides α (and write β|α) if α = βγ for some γ ∈ Z[i]. In this case, we call β a divisor or a factor of α.
Example 2.1. Since 14 − 3 i = (4 + 5i)(1 − 2 i), 4 + 5i divides 14 − 3 i.
Example 2.2. Does (4 + 5i)|(14 + 3i)? We can do the division by taking a ratio and rationalizing the denominator:
14 + 3i 4 + 5i
(14 + 3i)(4 − 5 i) (4 + 5i)(4 − 5 i)
71 − 58 i 41
i.
This is not in Z[i]: the real and imaginary parts are 71/41 and − 58 /41, which are not integers. Therefore 4 + 5i does not divide 14 + 3i in Z[i].
Theorem 2.3. A Gaussian integer α = a + bi is divisible by an ordinary integer c if and only if c|a and c|b in Z.
4 KEITH CONRAD
One reason we will be able to transfer a lot of results from Z to Z[i] is the following analogue of division-with-remainder in Z.
Theorem 3.1 (Division Theorem). For α, β ∈ Z[i] with β 6 = 0, there are γ, ρ ∈ Z[i] such that α = βγ + ρ and N(ρ) < N(β). In fact, we can choose ρ so N(ρ) ≤ (1/2) N(β).
The numbers γ and ρ are the quotient and remainder, and the remainder is bounded in size (according to its norm) by the size of the divisor β. Before we prove Theorem 3.1 we note there is a subtlety in trying to calculate γ and ρ. This is best understood by working through an example.
Example 3.2. Let α = 27 − 23 i and β = 8 + i. The norm of β is 65. We want to write α = βγ + ρ where N(ρ) < 65. The idea is to consider the ratio α/β and rationalize the denominator:
(3.1)
α β
αβ ββ
(27 − 23 i)(8 − i) 65
193 − 211 i 65
Since 193/65 = 2. 969... and − 211 /65 = − 3. 246... , we replace each fraction with its greatest integer and try γ = 2 − 4 i. However,
α − β(2 − 4 i) = 7 + 7i,
and using ρ = 7 + 7i is a bad idea: N(7 + 7i) = 98 is larger than N(β) = 65. The usefulness of a division theorem is the smaller remainder. Therefore our choice of γ and ρ is not desirable. This is the subtlety referred to before we started our example. To correct our approach, we have to think more carefully about the way we replace 193 /65 = 2. 969... and − 211 /65 = − 3. 246... with nearby integers. Notice that 193/ 65 and − 211 /65 are each closer to the integer to their right rather than to their left. That is, 193/65 is closer to 3 than to 2, and − 211 /65 is closer to −3 than to −4. Let’s use the closest integer rather than the greatest integer: try γ = 3 − 3 i. Then
α − β(3 − 3 i) = − 2 i,
and − 2 i has norm less than N(β) = 65. So we use γ = 3 − 3 i and ρ = − 2 i.
Choosing the nearest integer rather than the greatest integer could also be done in Z. For instance, 34/9 = 3. 77... is closer to 4 than to 3. In terms of a division-with-remainder equation, this corresponds to preferring
34 = 9 · 4 − 2
over 34 = 9 · 3 + 7.
The remainder in the first equation is negative, but it is smaller in absolute value. What we have found here is a modified division theorem in Z. Usually, for integers a and b with b 6 = 0, the division theorem in Z says: take bq to be the multiple of b which is nearest to a from the left: bq ≤ a < b(q + 1). Then set r = a − bq, so r ≥ 0 (since bq ≤ a) and r < |b| (since bq and b(q + 1) are |b| integers apart and a will be closer to bq than b(q + 1) is). In the modified division theorem, take for bq the multiple of b which is closest to a, rather than just closest to a from the left. (Computationally, the q in the modified division theorem is the closest integer to a/b, which may lie to the right of a/b rather than to its left.) An integer is no more than (1/2)|b| away from a multiple of b in either direction, so
THE GAUSSIAN INTEGERS 5
|a − bq| ≤ (1/2)|b|. Write r = a − bq, so a = bq + r with |r| ≤ (1/2)|b|. In the usual division theorem, the remainder is nonnegative and bounded above by |b|. We have shrunken the upper bound at the cost of possibly making the remainder negative. Sometimes a might land right in the middle between two multiples of b, in which case the quotient and remainder are not unique, e.g., if a = 27 and b = 6 then a is right in the middle between 4b and 5b:
27 = 6 · 4 + 3, 27 = 6 · 5 − 3.
Thus we get two choices of r, either 3 or −3. The usual division theorem in Z has a unique quotient and remainder, but the modified version gives up on uniqueness. This might seem like a calamity, but it’s exactly what we need to prove the division theorem in Z[i] (Theorem 3.1), which is what we turn to next. The proof is mostly a translation of the correct part of Example 3.2 into general algebraic terms. After the proof we will give further examples.
Proof. We have α, β ∈ Z[i] with β 6 = 0 and we want to construct γ, ρ ∈ Z[i] such that α = βγ + ρ where N(ρ) ≤ (1/2) N(β). Write α β
αβ ββ
αβ N(β)
m + ni N(β)
where we set αβ = m + ni. Divide m and n by N(β) using the modified division theorem in Z:
m = N(β)q 1 + r 1 , n = N(β)q 2 + r 2 ,
where q 1 and q 2 are in Z and 0 ≤ |r 1 |, |r 2 | ≤ (1/2) N(β). Then
α β
N(β)q 1 + r 1 + (N(β)q 2 + r 2 )i N(β)
= q 1 + q 2 i +
r 1 + r 2 i N(β)
Set γ = q 1 + q 2 i (this will be our desired quotient), so after a little algebra the above equation becomes
(3.2) α − βγ =
r 1 + r 2 i β
We will show N(α−βγ) ≤ (1/2) N(β), so using ρ = α−βγ will settle the division theorem. Take norms of both sides of (3.2) and use N(β) = N(β) to get
N(α − βγ) =
r^21 + r 22 N(β)
Feeding the estimates 0 ≤ |r 1 |, |r 2 | ≤ (1/2) N(β) into the right side,
N(α − βγ) ≤
(1/4) N(β)^2 + (1/4) N(β)^2 N(β)
N(β).
Example 3.3. Let α = 11 + 10i and β = 4 + i. Then N(β) = 17. We compute
α β
αβ N(β)
54 + 29i 17
THE GAUSSIAN INTEGERS 7
technicality would occur in Z if we defined the greatest common divisor as a common divisor with largest absolute value, rather than the largest positive common divisor. There is no analogue of positivity in Z[i] (at least not in this course), so we are stuck with the concept of greatest common divisor always ambiguous at least by a unit multiple.
Definition 4.2. When α and β only have unit factors in common, we call them relatively prime.
Theorem 4.3 (Euclid’s algorithm). Let α, β ∈ Z[i] be non-zero. Recursively apply the division theorem, starting with this pair, and make the divisor and remainder in one equation the new dividend and divisor in the next, provided the remainder is not zero:
α = βγ 1 + ρ 1 , N(ρ 1 ) < N(β) β = ρ 1 γ 2 + ρ 2 , N(ρ 2 ) < N(ρ 1 ) ρ 1 = ρ 2 γ 3 + ρ 3 , N(ρ 3 ) < N(ρ 2 ) .. .
The last non-zero remainder is divisible by all common divisors of α and β, and is itself a common divisor, so it is a greatest common divisor of α and β.
Proof. The proof is identical to the usual proof that Euclid’s algorithm works in Z. We briefly summarize the argument. Reasoning from the first equation down shows every common divisor of α and β divides the last non-zero remainder. Conversely, reasoning from the final equation up shows the last non-zero remainder (which is in the second-to- last equation) is a common divisor of α and β. Therefore this last non-zero remainder is a common divisor which is divisible by all the others. Thus it must have maximal norm among the common divisors, so it is a greatest common divisor.
Example 4.4. We compute a greatest common divisor of α = 32 + 9i and β = 4 + 11i. Details involved in carrying out the division theorem in each step of Euclid’s algorithm are omitted. The reader could work them out as more practice with the division theorem. We find
32 + 9i = (4 + 11i)(2 − 2 i) + 2 − 5 i, 4 + 11i = (2 − 5 i)(−2 + i) + 3 − i, 2 − 5 i = (3 − i)(1 − i) − i, 3 − i = (−i)(1 + 3i) + 0.
The last non-zero remainder is −i, so α and β only have unit factors in common. They are relatively prime. Notice that, unlike in Z+, when two Gaussian integers are relatively prime we do not necessarily obtain 1 as the last non-zero remainder. Rather, we just obtain some unit as the last non-zero remainder.
Example 4.5. We show 4 + 5i and 4 − 5 i, which are conjugates, are relatively prime in Z[i]:
4 + 5i = (4 − 5 i)i − (1 − i) 4 − 5 i = −(1 − i)(−4) − i −(1 − i) = −i(1 + i) + 0.
The last non-zero remainder is a unit, so we are done.
8 KEITH CONRAD
Example 4.6. Here’s an example where the greatest common divisor is not a unit. Let α = 11 + 3i and β = 1 + 8i. Then
11 + 3i = (1 + 8i)(1 − i) + 2 − 4 i 1 + 8i = (2 − 4 i)(−1 + i) − 1 + 2i 2 − 4 i = (−1 + 2i)(−2) + 0,
so a greatest common divisor of α and β is −1 + 2i. We could proceed in a different way in the second equation (which we already met in Example 3.6), and get a different last non-zero remainder:
11 + 3i = (1 + 8i)(1 − i) + 2 − 4 i 1 + 8i = (2 − 4 i)(−2 + i) + 1 − 2 i 2 − 4 i = (1 − 2 i)(2) + 0.
Therefore 1 − 2 i is also a greatest common divisor. Our two different answers are not inconsistent: a greatest common divisor is defined at best only up to a unit multiple anyway, and −1 + 2i and 1 − 2 i are unit multiples of each other: −1 + 2i = (−1)(1 − 2 i).
In Example 4.6, note N(α) = 130 and N(β) = 65, which have greatest common divisor
Corollary 4.7. For non-zero α and β in Z[i], let δ be a greatest common divisor produced by Euclid’s algorithm. Any greatest common divisor of α and β is a unit multiple of δ.
Proof. Let δ′^ be a greatest common divisor of α and β. From the proof of Euclid’s algorithm, δ′|δ (because δ′^ is a common divisor). Write δ = δ′γ, so
N(δ) = N(δ′) N(γ) ≥ N(δ′).
Since δ′^ is a greatest common divisor, its norm is maximal among the norms of common divisors, so the inequality N(δ) ≥ N(δ′) has to be an equality. That implies N(γ) = 1, so γ = ±1 or ±i. Thus δ and δ′^ are unit multiples of each other.
10 KEITH CONRAD
Example 5.5. In Example 4.6, we saw −1 + 2i is a greatest common divisor of α = 11 + 3i and β = 1 + 8i. Reversing the steps of Euclid’s algorithm,
−1 + 2i = 1 + 8i − (2 − 4 i)(−1 + i) = 1 + 8i − (11 + 3i − (1 + 8i)(1 − i))(−1 + i) = (11 + 3i)(1 − i) + (1 + 8i)(1 + (1 − i)(−1 + i)) = (11 + 3i)(1 − i) + (1 + 8i)(1 + 2i) = α(1 − i) + β(1 + 2i).
Example 5.6. Let α = 10 + 91i and β = 7 + 3i. By Euclid’s algorithm,
α = β(6 + 11i) + 1 − 4 i, β = (1 − 4 i)(2i) + −1 + i, 1 − 4 i = (−1 + i)(−3 + i) − 1 , −1 + i = −1(1 − i) + 0,
so the last non-zero remainder is −1. That tells us α and β are relatively prime. Using back-substitution,
− 1 = 1 − 4 i − (−1 + i)(−3 + i) = 1 − 4 i − (β − (1 − 4 i)(2i))(−3 + i) = (1 − 4 i)(1 + (2i)(−3 + i)) − β(−3 + i) = (1 − 4 i)(− 1 − 6 i) + β(3 − i) = (α − β(6 + 11i))(− 1 − 6 i) + β(3 − i) = α(− 1 − 6 i) + β(−(6 + 11i)(− 1 − 6 i) + 3 − i) = α(− 1 − 6 i) + β(−57 + 46i).
We can negate to write 1 as a Z[i]-combination of α and β:
(5.2) 1 = α(1 + 6i) + β(57 − 46 i).
While the previous example shows 10 + 91i and 7 + 3i do not have a common factor in Z[i], notice that their norms are
N(10 + 91i) = 8381 = 17^2 · 29 , N(7 + 3i) = 58 = 2 · 29 ,
so the norms of 10+91i and 7+3i have a common factor in Z. We can understand how such phenomena (relatively prime Gaussian integers have non-relatively prime norms) happen by exhibiting the “prime factorizations” of 10 + 91i and 7 + 3i (without explaining how they are found, however):
(5.3) 10 + 91i = (1 − 4 i)(4 + i)(5 + 2i), 7 + 3i = (1 + i)(5 − 2 i).
Now we see why such examples are possible: the factors 5 + 2i and 5 − 2 i have the same norm (namely 29) but they are relatively prime to each other. All the usual consequences of Bezout’s theorem over Z have analogues over Z[i]. Here are some of them.
Corollary 5.7. Let α|βγ in Z[i] with α and β relatively prime. Then α|γ.
THE GAUSSIAN INTEGERS 11
Proof. It’s just like the integer proof, but we write up the details anyway. Set βγ = ακ for some κ in Z[i]. Since α and β are relatively prime, we can solve the equation
1 = αx + βy
for some x, y ∈ Z[i]. Multiply both sides of the equation by γ:
γ = γαx + γβy = αγx + ακy = α(γx + κy).
Thus α|γ.
Corollary 5.8. If α|γ and β|γ in Z[i], with α and β relatively prime, then αβ|γ.
Proof. Left to the reader. It’s just like the integer case.
Corollary 5.9. For non-zero α, β, γ in Z[i], α and β are each relatively prime to γ if and only if αβ is relatively prime to γ.
Proof. Left to the reader. It’s just like the integer case.
We close out this section with an extension to Z[i] of several different characterizations of the greatest common divisor in Z. The greatest common divisor of non-zero integers a and b can be described in several ways:
Lemma 6.1. For α 6 = 0, any divisor of α whose norm is 1 or N(α) is a unit or is a unit multiple of α.
THE GAUSSIAN INTEGERS 13
The converse of Theorem 6.3 is false: a Gaussian prime does not have to have prime norm. For instance, 3 has norm 9, but we saw 3 is prime in Z[i]. We have said enough about concrete Gaussian primes for now, and turn our attention to unique factorization. The existence of a prime factorization will be proved by a similar argument to the proof of prime factorization in Z. First we will establish the existence of a prime factorization, then we treat its uniqueness.
Theorem 6.4. Every α ∈ Z[i] with N(α) > 1 is a product of primes in Z[i].
Proof. We argue by induction on N(α) (not by induction on α). Suppose that N(α) = 2. (In other words, α = 1 ± i or − 1 ± i.) Then α is prime by Theorem 6.3. Now assume n ≥ 3 and every Gaussian integer with norm greater than 1 and less than n is a product of primes. We want to show every Gaussian integer with norm n is a product of primes. If there are no Gaussian integers with norm n (recall the end of Section 1), then there is nothing to prove. So we may assume there are Gaussian integers with norm n. Those which are prime are a product of primes (in Z[i]). If we have a Gaussian integer α with norm n which is composite, write a non-trivial factorization of α as βγ, where N(β), N(γ) < N(α) = n. By the inductive hypothesis, β and γ are products of primes in Z[i]. Therefore their product, which is α, is also a product of primes in Z[i]. We are done.
Having settled the existence of prime factorizations in Z[i], we aim for the uniqueness. We start with a lemma, which generalizes a familiar result about prime numbers in Z.
Lemma 6.5. Let π be prime in Z[i]. For Gaussian integers α 1 ,... , αr, if π|α 1 α 2 · · · αr then π divides some αj.
Proof. We check the case r = 2. The proof for larger r is a straightforward induction. Let π|α 1 α 2. Suppose π does not divide α 1. This implies π and α 1 are relatively prime. Indeed, otherwise π and α 1 would have a non-unit greatest common divisor, which would have to be a unit multiple of π (since π only has trivial factors, as it is prime). This would imply π divides α 1 , which is not the case. Now that we know π and α 1 are relatively prime, π|α 2 by Corollary 5.7. We’re now ready to prove unique factorization in Z[i]. However, it is not quite what you may expect. That is, the following is false: when
π 1 π 2 · · · πr = π′ 1 π′ 2 · · · π′ s
where the πi’s and πj ’s are all prime in Z[i], r = s and πi = π′ i after a suitable relabelling. Well, the r = s part is true. But there is no reason to expect we can match up the primes term-by-term. Consider
5 = (1 + 2i)(1 − 2 i) = (2 − i)(2 + i).
The factors here are all prime in Z[i] (since their norms all equal the prime number 5), but the two primes in one factorization do not appear in the other. Does this violate the idea of unique factorization? No. By allowing unit multiples, we can make a match between the two factorizations: 1 + 2i = (2 − i)i, (1 − 2 i) = (2 + i)(−i).
In fact, the same phenomenon can happen in Z:
6 = 2 · 3 = (−2) · (−3).
14 KEITH CONRAD
This is not an example of non-unique factorization in Z, since we can match the factors up to sign. Sign issues are avoided in Z by focusing attention on positive integers and positive primes only. As there is no positivity in Z[i] (at least in this course), we are forced to allow ambiguity up to unit multiples in our prime factorizations. This explains the role of units in unique factorization for Z[i].
Theorem 6.6 (Unique Factorization). Any α ∈ Z[i] with N(α) > 1 has a unique factoriza- tion into primes in the following sense: If
α = π 1 π 2 · · · πr = π′ 1 π′ 2 · · · π′ s,
where the πi’s and π′ j ’s are prime in Z[i], then r = s and after a suitable renumbering each πi is a unit multiple of π i′.
Proof. Theorem 6.4 shows each α ∈ Z[i] with N(α) > 1 has a prime factorization. When α is prime, its prime factorization is obviously unique. Now we show uniqueness in general by induction on N(α). The base case, N(α) = 2, has already been settled since such α’s are prime. Assume now that n ≥ 3 and every Gaussian integer with norm greater than 1 and less than n has a unique prime factorization. We may assume there are Gaussian integers with norm n (otherwise there is nothing to check), and we only have to focus attention on composite α with norm n. Consider two prime factorizations of α as in the statement of the theorem. Since π 1 |α, we can write
π 1 |π 1 ′π 2 ′ · · · π′ s.
By Lemma 6.5, π 1 |π′ j for some j. Relabelling, we may suppose j = 1, i.e., π 1 |π′ 1. The only non-unit factors of π′ 1 are unit multiples of π′ 1 , so π 1 = uπ′ 1 for some unit u ∈ {± 1 , ±i}. The two factorizations of α now look like this:
α = uπ 1 ′π 2 · · · πr = π′ 1 π′ 2 · · · π s′,
We cancel π′ 1 on both sides and get
(6.1) uπ 2 · · · πr = π 2 ′ · · · π s′,
Call this common value β, so N(β) = N(α)/ N(π 1 ′) < N(α). Although u is a unit, the product uπ 2 on the left side of (6.1) is itself a prime, so (6.1) gives two prime factorizations of β, with r − 1 primes on the left side and s − 1 primes on the right side. Since N(β) < n, the inductive hypothesis tells us β has unique factorization, so r − 1 = s − 1 (thus r = s) and, after suitable relabelling, we have uπ 2 and π 2 ′ are unit multiples and πi, π′ i are unit multiples for i > 2. Since uπ 2 and π′ 2 are unit multiples, π 2 and π 2 ′ are unit multiples, so we see every πi is a unit multiple of π i′ and the proof is complete.
Knowing there is a prime factorization in the abstract is different from being able to exhibit one in practice. For instance, what is the prime factorization of 3+4i or 2319+1694i? You have no experience factoring in Z[i], but you have factored in Z. Let’s use the norm function to let your experience in Z be the first step in helping you factor in Z[i]. Our goal is not to prove a theorem about practical factoring in Z[i], but to illustrate the method through some examples. Then you can try it out your own. The key idea is this: any factorization in Z[i] implies a factorization in norms. Indeed, α = βγ =⇒ N(α) = N(β) N(γ).
16 KEITH CONRAD
Congruences in Z[i] behave well under both addition and multiplication: α ≡ α′^ mod γ, β ≡ β′^ mod γ =⇒ α + β ≡ α′^ + β′^ mod γ, αβ ≡ α′β′^ mod γ.
The details behind this are just like in Z and are left to the reader to check. Since congruence modulo 0 means equality, we usually assume the modulus is non-zero. A Gaussian integer can be reduced modulo α, if α 6 = 0, to get a congruent Gaussian integer with small norm by dividing by α and using the remainder.
Example 7.3. Let’s compute (3 + 2i)^2 mod 4 + i. Since (3 + 2i)^2 = 5 + 12i and 5 + 12i = (4 + i)(2 + 3i) − 2 i, we have (3 + 2i)^2 ≡ − 2 i mod 4 + i.
Example 7.4. To reduce 1 + 8i mod 2 − 4 i, we divide. This was already done in Example 3.6, where we found more than one possibility:
1 + 8i = (2 − 4 i)(−1 + i) − 1 + 2i, 1 + 8i = (2 − 4 i)(−1 + i) + 1 − 2 i.
Therefore 1 + 8i ≡ −1 + 2i mod 2 − 4 i and 1 + 8i ≡ 1 − 2 i mod 2 − 4 i. There is no reason to think −1 + 2i or 1 − 2 i is the more correct reduction. Both work.
There is a way to picture what modular arithmetic in Z[i] means, by plotting the mul- tiples of a Gaussian integer in Z[i]. For example, let’s look at the Z[i]-multiples of 1 + 2i. Algebraically, a general Z[i]-multiple of 1 + 2i is
(1 + 2i)(m + ni) = (1 + 2i)m + (1 + 2i)ni = m(1 + 2i) + n(−2 + i),
where m and n are in Z. This is an integral combination of 1 + 2i and −2 + i = (1 + 2i)i. In Figure 1 we plot 1 + 2i and −2 + i as the vectors (1, 2) and (− 2 , 1) in R^2.
Figure 1. 1 + 2i and −2 + i
The Z[i]-multiples of 1 + 2i are the integral combinations of the two vectors in Figure 1. Forming all these combinations produces the picture in Figure 2, where the plane is tiled by squares having the Gaussian multiples of 1 + 2i as the vertices. The significance of Figure 2 for modular arithmetic is that Gaussian integers are congruent modulo 1 + 2i precisely when they are located in the same relative positions within different squares of Figure 2. For example, 2 + 3i and 4 − 3 i are in the same relative position within their squares, and their difference is a Gaussian multiple of 1 + 2i:
(2 + 3i) − (4 − 3 i) 1 + 2i
−2 + 6i 1 + 2i
(−2 + 6i)(1 − 2 i) (1 + 2i)(1 − 2 i)
10 + 10i 5
= 2 + 2i ∈ Z[i].
THE GAUSSIAN INTEGERS 17
Why are congruent Gaussian integers mod 1+2i in the same position within their respective squares? Because each square shares its sides with four other squares, and moving to these squares corresponds to adding 1 + 2i, −(1 + 2i), −2 + i, or −(−2 + i). Moving from a position in any square to the same relative position in any other square is translation by a Gaussian multiple of 1 + 2i.
Figure 2. Z[i]-multiples of 1 + 2i
We can use Figure 2 to make a list of representatives for Z[i]/(1 + 2i): use the Gaussian integers inside a square and one of its vertices. (All the vertices are Z[i]-multiples of 1 + 2i, so we should use only one of them.) Choosing the square with edges 1 + 2i and −2 + i, we get a list of 5 Gaussian integers:
0 , i, 2 i, −1 + i, −1 + 2i.
Every Gaussian integer is congruent modulo 1 + 2i to exactly one of these. For instance, 2 + 3i ≡ −1 + 2i mod 1 + 2i since 2 + 3i and −1 + 2i are in the same relative position in their respective squares. Using instead the square with edges 1 + 2i and 2 − i, we get the list 0 , 1 , 2 , 1 + i, 2 + i,
and with this list we have 2 + 3i ≡ 1 + i mod 1 + 2i. There is nothing special about using the vertex 0 in our lists: we could use any of the other vertices of the square in place of 0 for our list of representatives modulo 1 + 2i. In fact, there is nothing special about using points inside or on a single square. We just need to use a set of points which fills out each relative position within all these squares. For instance, the numbers
0 , 1 , 2 , 3 , 4
could be used, and with this list we have 2 + 3i ≡ 3 mod 1 + 2i. Let’s look at the picture for modulus 2 + 2i. In Figure 3 we plot the Z[i]-multiples of 2 + 2i as vertices of squares. Since
(2 + 2i)(m + ni) = (2 + 2i)m + (2 + 2i)ni = m(2 + 2i) + n(−2 + 2i),
THE GAUSSIAN INTEGERS 19
Figure 4. Z[i]-multiples of 3
Figure 5. Representatives for Z[i]/(3 + i)
Theorem 7.5. If π is prime in Z[i], then αβ ≡ 0 mod π if and only if α ≡ 0 mod π or β ≡ 0 mod π.
Proof. This is Lemma 6.5 with r = 2.
20 KEITH CONRAD
Theorem 7.6. For α and β in Z[i] with β 6 = 0, αx ≡ 1 mod β is solvable if and only if α and β are relatively prime in Z[i]. If α and β are relatively prime then any linear congruence αx ≡ γ mod β has a unique solution.
Proof. To solve αx ≡ 1 mod β with x ∈ Z[i] amounts to solving αx + βy = 1 with x and y in Z[i], which is equivalent to relative primality of α and β by Corollary 5.2. Once we can invert α mod β, we can solve αx ≡ γ mod β by multiplying both sides by the inverse of α mod β. If there is going to be a solution this must be it, and it does work.
Example 7.7. Can we solve (1 + 8i)x ≡ 1 mod 11 + 3i? No, since 1 + 8i and 11 + 3i have a common factor of −1 + 2i by Example 4.6.
Example 7.8. Can we solve (7 + 3i)x ≡ 1 mod 10 + 91i? According to Example 5.6, 7 + 3i and 10 + 91i are relatively prime (although their norms are not), so there is a solution. Moreover, by using Euclid’s algorithm and back-substitution we found in (5.2) that
(7 + 3i)(57 − 46 i) + (10 + 91i)(1 + 6i) = 1,
so a solution is x = 57 − 46 i. (The norm of 57 − 46 i is less than the norm of the modulus 10 + 91i, so there is no great incentive to reduce our solution further mod10 + 91i.)
Corollary 7.9. Let π be a Gaussian prime. Every α 6 ≡ 0 mod π has a multiplicative inverse modulo π and any polynomial congruence
cnxn^ + cn− 1 xn−^1 + · · · + c 1 x + c 0 ≡ 0 mod π,
where ci ∈ Z[i] and cn 6 ≡ 0 mod π, has at most n solutions modulo π.
Proof. Since π is prime, any α 6 ≡ 0 mod π is relatively prime to π and therefore α mod π has a multiplicative inverse by Theorem 7.6. Thus Z[i]/(π) is a field, so this corollary is a special case of the fact that polynomials have no more roots in a field than their degree.
When we allow Gaussian integers into our congruences, does it change the meaning of congruences among ordinary integers? That is, if a, b, and c are in Z, does the meaning of a ≡ b mod c change when we think in Z[i]? That is, could integers which are incongruent modulo c in Z become congruent modulo c in Z[i]? No.
Theorem 7.10. For a, b, and c in Z, a ≡ b mod c in Z if and only if a ≡ b mod c in Z[i].
Proof. In terms of divisibility, this is saying
c|(a − b) in Z ⇐⇒ c|(a − b) in Z[i],
which is something we already checked in the paragraph after the proof of Theorem 2.3: divisibility between ordinary integers holds in Z if and only if it holds in Z[i].
So far modular arithmetic in Z[i] behaves just like in Z. But things now will get tricky, so pay attention! One of the useful properties of modular arithmetic in Z is Fermat’s little theorem. For a prime p in Z+, if a 6 ≡ 0 mod p then ap−^1 ≡ 1 mod p. Naively translating this result into the Gaussian integers, using a Gaussian prime π, we get something like this: if α 6 ≡ 0 mod π then απ−^1 ≡ 1 mod π. ???? If π is not a positive integer, then raising to the power π − 1 doesn’t mean anything in a congruence. (Well, if you have had complex analysis you may know a way to do this, but then you would also know the result is almost certainly not going to be in Z[i], so it’s the wrong idea for us.) Moreover, even when π is a positive integer that is prime in Z[i] the congruence απ−^1 ≡ 1 mod π is usually wrong.