# W1. Modular Arithmetic


## 1.1 Divisibility

### Numbers

- We are used to number and use them constantly
- It all started with counting: 1, 2, 3 ...

Inverse operations are also possible:
- substraction is inverse to addition
- division is inverse to multiplication

#### Integer Numbers
Q: Substraction is not always possible, for example 2 - 3 = ?  
A: Solution: negative numbers and zero
- Now we have ints -3, -2, ... 2, 3 and substraction is possible
- multiplication can be also extended to negative numbers  

Q: Division is not always possible: 3/2 = ?  
A: Solution: rational numbers

#### Number Theory
- Number theory: studies integers and operations on them
- Basics of number theory have natural applications:
- Advanced number theory had not
- (Stated explicitly by top number theorists Godfrey Hardy, Leonard Dickson)


- **but**, virtually every theorem in elementary number theory arises in a natural, motivated way in connection with the problem of making computers do high-speed numerical calculations (C) Donald Knuth
- Hovewer even more number theory is vital for the modern cryptography
- Through cryptography it dramatically affects our life: email, messengers, online transactions, Internet as a whole, etc.

### Divisibility

- Division is not always possible over integers
- Its needed to identify the cases when it is possible

Q: What does it mean that number a is divisible by b?  
A (Naive): Consider a rational number $\frac {a}{b}$; if it is integer, then a is divisible by b.

However, Naive answer reduces the question to the more complex one

$\frac {a}{b} == int$ means that the denominator cancels out =>  
it can be represented as a product of two integers:  
b and other integer k: $ k: a = b \times k$  
then we have $\frac {a}{b} = \frac{b\times k}{b} = k$

`Divisibility`: a is divisible by b (or b divides a) denoted by $b | a$  
if there is an integer k such that $a = b \times k$
Intuitive sense of this definition is following:
1. Suppose we have a objects
2. We would like to split them into groups of size b
3. This is possible if a is divisible by b
4. k is the resulting number of groups

#### Example:
- a = 15 is divisible by b = 3, bcs we can pick k = 5:  
a = 15 = 3 x 5 = b x k
- Note: based on formal notion of divisibility in Number Theory we do not forbid divisibility by 0! And it turns out that 0 (unlike any other integer number) is divisible by 0.

#### Properties
- Why do we care about formal definitions if everything is trivial with specific numbers?
- Formal definitions allow to prove general properties:  
`Lemma`: if $c$ divides $a$ and $c$ divides $b$, then $c$ divides $a \pm b$

#### Problem
Suppose b | a. Is it true that b|3a? (| - "such that")
- Yes, this is true by definition (k is simply multiplied by 3)


### Quiz. Divisibility
1. Which of the following numbers divides 0? Use our formal notion of divisibility to answer this question?
A: 0, 2, 3, 1, -1;  
By definition a number a divides 0 if there is k such that $0=a\times k$. So each integer number aa divides 0: just pick \(\k=0).


2. Which of the following numbers are divisible by 0? Use our formal notion of divisibility to answer this question.
A: 0;  
By definition 00 is divisible by 00 if there is an integer kk such that 0=k\times 00=k×0. Clearly, any kk would satisfy the equation.

### External Tool. Take the Last Rock

http://dm.compsciclub.ru/app/quiz-take-the-last-rock

idea: avoid n divisible by 3 at any cost!  
If you number of rocks is divisible by 3 and it is your move -> you lose!  
Give opponent only stones divisible by 3.

### Remainders

- Division over integers is not always possible
- But we can generalize it
- Remainders should always be positive (-33 % 7 == 2); -33 = 7 x -5 + r; r = 2 

`Division with remainder`:  
Suppose b is a positive integer. The result of the division of a by b with a remainder is a pair of integers, q called quotient and r called a remainder such that:  
$ a = q \times b + r $  
and  
0<= r < b

#### Example

a = 15, b = 4, Then 15 = 3 x 4 + 3 and q=3, r=3

#### Division with Remainders

a = q x b + r and 0 <= r < b
- Why such g and r exist?
- This is simple: just form groups of a objects one by one until we are left with the amount that is not enough for the new group. The number of groups is q and the number of remaining objects is r
- More formally: substract b from a recursively until the result is less than b; the result is the remainder r and the number of substractions is q
- What if a is negative? Just add b instead of substraction

#### Connection to Divisibility
`Lemma` : integers $a_1$ and $a_2$ have the same remainder  
when divided by b if $a_1 - a_2$ is divisible by b
- indeed, suppose $a_1$ and $a_2$ have the same remainder r:  
$a_1 = q_1 \times b + r$  
$a_2 = q_2 \times b + r$

- then $a_1 - a_2 = q_1 \times b - q_2 \times b = (q_1 - q_2) \times b$ and $b | (a_1 - a_2) $

- In the other direction suppose $b | (a_1 - a_2)$
- Then $a_1 - a_2 = k \times b$
- $a_2$ has some remainder when divided by b::
$a_2 = q_1 \times b + r, for 0 <= r < b$
- Then $a_1 = a_2 + k \times b = (q_1 + k) \times b + r$ and $a_1$ has the same remainder

### Note. Python code for remainders

In [1]:
a=-33
print(a%7)
print(a//7)

### Practice quiz. Four Numbers
Q: Is it true that for any four integers a, b, c, d there are two of them whose difference is divisible by 3?  
A: Yes, there are only three possible remainders when dividing by 3. So, among four integers a, b, c, d there are two with the same remainder when divided by 3. The difference of these two numbers is always divisible by 3. See the next video for the discussio

### Practice quiz. Division by 101
Q:How many 3-digit non-negative numbers are there that have remainder 7 when divided by 101? Here we assume that 1-digit and 2-digit numbers are also 3-digit, they just start with 0.

A: 10, all numbers aa having the remainder 7 when divided by 101 have the form $a=7+q\times 101$ for integer q. The number a given by this expression is non-negative and 3-digit for q between 0 and 9, inclusive. (When q = 7: 007 % 101 = 7)

### Quiz. Properties of Divisibility
Q: Is it true that among any 4 consecutive integer numbers there is one that is divisible by 4?  
A: This is correct! Indeed, if we fix some remainder after division by 4 then (as we discussed in one of the videos) every fourth number will have this remainder. So among any four consecutive numbers there are all four possible remainders presented. So one of the numbers has remainder 0 and thus is divisible by 4.

Q: Is it true that among any 4 consecutive integer numbers there is one that is divisible by 5?  
A: This is correct! Indeed, we can just consider numbers 1, 2, 3 and 4. None of them is divisible by 5.

### Divisibility Tests

#### Division by 10

##### Problem
What is the remainder and the quotient of 3756 when divided by 10?
- Decimal system is convenient here
- 3756 = 3750 + 6 = 375 x 10 + 6
- remainder is 6 quotient is 375

##### Lemma

Suppose we divide a by 10 with a remainder. Then the remainder is the last digit of a and the quotient is the number formed by all digits of a except the last one. In particular we have the following

##### Corollary

An integer a is divisible by 10 if its last digit is 0
- Indeed, 10 | a if the remainder is 0
- And the remainder is the last digit

#### Divisibility by 5

##### Problem
Is 7347 divisible by 5?
- Let's use the same trick
- 7347 = 7340 + 7 = 734 x 10 + 7 = (734 x 2) x 5 + 5 + 2

##### Lemma
An integer a is divisible by 5 if its last digit is 0 or 5
- Indeed, denote the last digit of a by b
- Then a - b has the last digit 0
- Thus a - b is divisible by 5
- As we have shown this means that a and b have the same reminder when divided by 5
- b has reminder 0 only if it is 0 or 5

#### Divisibility by 2

##### Lemma
An integer a is divisible by 2 if its last digit is 0,2,4,6 or 8
- The proof is completely the same 
- Denote the lasе digit of a by b
- Then a - b has the last digit 0 and is divisible by 2

#### Summary
- Number theory studies integer numbers
- Important for fast numerical computations
- Vital for cryptography
- We discussed basic notions: divisibility and remainders 
- We will use them to build more advanced theory

## 1.2 Division by 2

### Division by 2

- Consider division of integers by 2
- There are 2 possible remainders: 0 and 1
- If the remainder of a is 0, then a is divisible by 2
- These are even number
- If the remainder of a is 1, a is not divisible by 2
- These are odd numbers

### Sums of Even and Odd numbers 

`Splitting in pairs`. Suppose there are two classes with a and b students respectively. We unite the classes and would like to split all students into pairs to work on a project. Is it possible if a is even and b is odd? What if both a and b are even? What if both a and b are odd?

- If a is even and b is odd we can split in paris all students in the first class and all students except one in the second class (no)
- If both a and b are even, we can just split students in pairs in both classes separately (yes)
- If both a and b are odd, we can split into pairs all students except one in the first class and all student except one in the second class (yes)

- So there is one student left and the answer is no

`Remainder of a sum`. Suppose we know the remainders of a and b when divided by 2. Can we deduce the remainder of a + b? Yes
- If both a and b are even: $2 \times q_1$ and $2 \times q_2$, sum is $2 \times (q_1 + q_2)$ is even
- If a even and is odd: $2 \times q_1$ and $2 \times q_2 + 1$, sum is $2 \times (q_1 + q_2) + 1$ is odd
- If both a and b are odd: $2 \times q_1 + 1$ and $2 \times q_2 + 1$, sum $2 \times (q_1 + q_2 + 1)$ is even

`Remainder of an opposite`. Suppose we know the remainder of a when divided by 2. Can we deduce the remainder of -a? Yes, it is the same (just negative).

`Remainder of a subtraction`. The remainder of a-b is the same as the remainder of a+b when divided by 2? Yes

`Remainder of a product`. Suppose we know the remainders of a and b when divided by 2. Can we deduce the remainder of a x b? Yes

Problem. What is the remainder of $374 \times (419 + 267 \times 38) - 625$ when divided by 2?
- Substitute all numbers by remainders: $0 \times (1 + 1 \times 0) - 1$ -> $1$

### Binary System

#### Consider decimal system first:
- What is the decimal system?
- We represent numbers by sequences of digits
- Which number is represented by 3926
- The number writtern here is  
$3926 = 3000 + 900 + 20 + 6 = 3 \times 10^3 + 9 \times 10^2 + 2 \times 10^1 + 6 \times 10^0$
- In general digits are multiplied by powers of 10
- Note that each non-negative integer has a unique representation

#### Now, lets consider binary system:
- The similar operation to the operation shown above: lets make the same trick with powers of 2
- There are only 2 bits 0 and 1 now instead of ten digits
- An example of binary representation: 101101
- The number can be written as:  
$101101 = 1 \times 2^5 + 0 \times 2^4 + 1 \times 2^3 + 1 \times 2^2 + 0 \times 2^1 + 1 \times 2^0 = 2^5 + 2^3 + 2^2 + 2^0 = 32 + 8 + 4 + 1 = 45$
- Binary system is important since computer uses it

#### Binary system and remainders

`Lemma`
Suppose we divide a by 2 with a remainder. Then the remainder is the last bit of binary representation of a and the quotient is the number formaed by all bits of the binary representation of a except the last one.
- The proof is the sames as for the decimal system
- For simplicity consider some specific number, say, 11101 in binary
$11101 = 1 \times 2^4 + 1 \times 2^3 + 1 \times 2^2 + 0 \times 2^1 + 1 \times 2^0 = (2^3 + 2^2 + 2^1) \times 2 + 1$
- So, the remainder is 1 and quotient is 1110 in binary


In [2]:
'''Note, that there is binary shift operation in Python 
that removes the last bit from binary representation of a number:'''


'''By our Lemma for non-negative numbers this operation computes 
exactly the quotient of the number when divided by 2'''

print(29 >> 1)

- Why binary system works? 
- Why every integer is representable? 
- Why the representation is unique?

#### Binary System and Logarithm
- How many bits are needed to represent a given number a?
- Observe that to represent $2^n$ we need $n + 1$ bits: $2^4$ is $10000$
- And $2^n-1$ is the smallest number that requires $n$ bits: $2^4 - 1 = 2^3 + 2^2 + 2^1 + 1$ is $1111$
- The number of bits that is needed to represent a is determined the largest n such that $2^n <= a$: it is equal to n+1 
- Recall that for real number x > 0 by $log_{2}x$ is deonted the number y such that $2^y = x$
- Logarithm is the inverse function to exponentiation: $log_{2}2^{y} = y$
- In particular, $log_{2}2^{n} = n$
- Binary logarithm has a clear meaning in terms of binary representation
- Lets move to lemma

#### Lemma
The number of bits needed to represent an integer a in binary representation is equal to $\lfloor log_2 a \rfloor + 1$
- By $\lfloor x \rfloor$ we denote the largest integer that is less or equal to (possibly non-integer) $x$
- Lemma is True bcs:
    - Recall that the number of bits in binary representation of $a$ is $n + 1$, where $n$ is the largest number such that $2^n <= a$
    - Applying logarithm to both sides of inequality we obtain that $n$ is the largest number such that $n <= log_2 a$
    
###

## 1.3 Modular Arithmetic

#### Remainders
Problem: what is the remainder of $17 \times (12 \times 19 + 5) - 23$ when divided by 3? To answer that question Congruence relations are intoruced

#### Congruence Relations
`Definition`
We say that two numbers $a$ and $b$ are congruent modulo m if they have the same remainder when divided by $m$.  
We write $a \equiv b$ (mod  m)
- As we discussed, equivalently, $a \equiv b$ (mod m) $\iff$(if and only if) $a-b$ is divisible by $m$
- Every number $a$ is congruent modulo m to all numbers $a + k \times m$ for all integers $k$
- In particular, if $r$ is a remainder of $a$ when divided by $m$, then $a\equiv r$ (mod m)

Congruence relations has the following properties:  

`Addition of constant`  
If $a \equiv b$ (mod m) then $a + c \equiv b + c$ (mod m) for any $c$:
- If we add the same number to 2 congruent numbers the results will also be congruent
- Indeed, congruence of $a$ and $b$ modulo m means that $m | (a-b)$
- Note that $ (a+c) - (b+c) = a - b$, so it is also divisible by $m$

`Addition`  
if $a \equiv b$ (mod m) and $c \equiv d$ (mod m), then  
$a+c \equiv b+d$ (mod m)
- That is, congruence is preserved under addition
- The proof is following:  
$a + c \equiv a + d \equiv b + d$ (mod m)

Problem example:
What is the remainder of 
14 + 41 + 20 + 13 + 29
when divided by 4? 
- We can apply our results
- We can find a remainder that is congruent to this sum:
$14 + 41 + 20 + 13 + 29 \equiv 2 + 1 + 0 + 1 + 1 \equiv 5 \equiv 1$ (mod 4)

`Multiplication by a constant`  
If $a \equiv b$ (mod m) then $a \times c \equiv b \times c$ (mod m) for any c
- That is, if we multiply 2 congruent nums by the same num, the results will also be congruent
- Indeed, congruence of $a$ and $b$ modulo $m$ means that $m|(a-b)$
- But them $m | c \times (a-b)$

`Multiplication`  
If $a \equiv b $ (mod m) and $c \equiv d$ (mod m), then $a \times c \equiv b \times d$ (mod m)
- That is, congruence is preserved under multiplication
- The proof is just like for addition:  
$a \times c \equiv a \times d \equiv b \times d$ (mod m)
- Note that we just use the previous property twice:  
$a \times c \equiv a \times d$ (mod m)  
$a \times d \equiv b \times d$ (mod m)  
are just multiplication of congruent numbers by constants

Lets check the problem again:
Remainder of $17 \times (12 \times 19 + 5) - 23$ (mod 3)?  
Is equivalent to:
$2 \times (0 \times 1 + 2) - 2 = 2 \times 2 - 2 = 2$

### Quiz. Modular Arithmetic
1. What is the remainder of $(77 + 95 \times 79) \times 82$ (mod 3)?   
$(77 + 95 \times 79) \times 82$ (mod 3) = $(2 + 2 \times 1) \times 1 = 4$ (mod 3) = 1

Correct
This is correct!  
Indeed, we can substitute each number by a congruent modulo 3 and the remainder will remain the same.   
Substituting each number by 0, 1 or −1 we get  
(−1+(−1)×1)×1≡(−2)×1≡1(mod3).  
2. What is the remainder of $(34 - 14 \times 25) \times (23 \times 18 + 87)$ mod 5?  
$(34 - 14 \times 25) \times (23 \times 18 + 87)$ (mod 5) =  
$(4 - 4 \times 0) \times (3 \times 3 + 2)$ (mod 5) = $4 \times 11$ (mod 5) = 4

Correct
This is correct!  
Indeed, we can substitute each number by a congruent modulo 5 and the remainder will remain the same.  
Substituting each number by 0, 1, 2, −1 or -2 we get  
(−1−(−1)×0)×((−2)×(−2)+2)≡(−1)×(6)≡−6≡4(mod5).

### Applications
`Problem`  
What are the last 2 digits of the number $99^{99}$?
- The number itself is huge; it would be nice not to compute i
- We can use remainders
- The number consisting of last 2 digits from a remainder after the division by 100
- So we are interested in the remainder after the division by 100
- Consider $99^{99}$ modulo 100
- Note that $99 \equiv -1$ (mod 100)
- So $ 99^{99} \equiv (-1)^{99} \equiv -1 \equiv 99 $ (mod 100)
- Remainder is 99

`Problem`  
Is the 3475 divisible by 3?
- We can compute the remainder after the division by 3: the number is divisible iff the remainder is 0
- But how to compute the remainder?
- 3475 = 3000 + 400 + 70 + 5 = $ 3 \times 10^3 + 4 \times 10^2 + 7 \times 10 + 5$
- Note that $10 \equiv 1$ (mod 3)
- Thus $10^k \equiv 1^k \equiv 1$ (mod 3) 
- So we have $3 + 4 + 7 +5 \equiv 19 \equiv 1$ (mod 3)
- So 3475 is not divisible by 3
- Observe the following intermediate step in our solution:
$3475 \equiv 3 \times 10^3 + 4 \times 10^2 + 7 \times 10 + 5 \equiv 3 + 4 + 7 + 5$ 
- We have that $10^k \equiv 1$ (mod 3) for all k -> this step works for all numbers!

`Divisibility by 3`  
An integer a is congruent modulo 3 to the sum of its digits in particular, s is divisible by 3 iff the sum of its digits is divisible by 3

### Remainders of Large Numbers
1. What is the remainder of the number 762341 when divided by 3?  
$762341$ (mod 3) $\equiv 7 + 6 + 2 + 3 + 4 + 1$ (mod 3) $\equiv 23$ (mod 3) = 2


2. What is the remainder of the number $12^{100}$ when divided by 11?  
$12^{100}$ (mod 11) $\equiv 1^{100}$ (mod 11) = 1

3.What is the remainder of the number $4632^{10}$ when divided by 10?
$4632^{10}$ (mod 10) $\equiv 2^{10}$ (mod 10) $\equiv 32^2$ (mod 10) $\equiv 2^2$ (mod 10) = 4

### Modular Subtraction and Division
- Recall that any number is congruent to its remainder modulo $m$
- We can represent all numbers by their remainders
- Arithmetic operations preserve congruence
- We can create arithmetic operation tables for remainders
- Consider addition modulo 7
- *Modular addition/multiplication tables
- Using these tables we can perform modular computations:
    - Substitute all numbers in an arithmetic expression by their remainders and apply operations according to the tables
    - Tables are also convenient to observe properties of operations
    
Suppose we have two numbers $a$ and $b$. Is there $x$ such that $a + x \equiv b$ (mod 7)?
- Yes, each row contains all possible remainders
- $a$ is the row and $b$ is the target value; $x$ is a column
- Given $a$ and $b$ consider $x$ such that $a + x \equiv b$ (mod 7)
- $x$ exists for any module m
- $x$ plays the role of modular b - a
- Existence of x is natural: we can just pick b - a as an integer and consider the corresponding remainder


Suppose we have two nonzero numbers $a$ and $b$. Is there $x$ such that $a \times x \equiv b$ (mod 7)?  
- Each nonzero row contains all possible remainders!
- $a$ is the row and $b$ is the target value; x is a column
- Given $a != 0$ and $b$ consider $x$ such that $a \times x \equiv b$ (mod 7)
- Lets consider multiplication modulo 6:
    - There is no x such that $3 \times x \equiv 1$ (mod 6)
    
### Modular Division Quiz.

- Multiplication table for remainders modulo 7 question 1
- Multiplication table for remainders modulo 7 question 2  
Nothing special

# W2. Euclids Algorithm

## Euclids Algoritm

### Greatest Common Divisor
`Definition`  
The greatest common divisor, gcd (a,b) of integers a and b (not both equal to zero) is the largest integer that divides both a and b

`Examples`  
gcd(24, 16) = 8,  
gcd(9, 17) = 1,  
gcd(239, 0) = 239

`Conclusion`  
We assume that a and b are non-negative

#### First application: Computing Inverses
Given integers $a$ and $n$ how to find an integer k such that  
$ak \equiv 1$ mod n?  
Basic primitive in modern crypto protocols, used billions times per day

#### Second application: computing fractions:
$$\frac{31}{177} + \frac{29}{59} = \frac{31 \times 59 + 177 \times 29}{177 \times 59} = \frac{6952}{10443} = \frac{2}{3}$$

In [3]:
from fractions import Fraction
print(Fraction(31,177) + Fraction(29, 59))

2/3


#### Naive Algorithm
To find the gcd, simply try all numbers and select the largest one

In [4]:
def gcd(a,b):
    assert a >= 0 and b >= 0 and a + b > 0
    
    if a == 0 or b == 0:
        return max(a, b)
    
    for d in range(min(a, b), 0, -1):
        if a % d == 0 and b % d == 0:
            return d
        
    return 1

%timeit gcd(75,130)

3.44 µs ± 77.3 ns per loop (mean ± std. dev. of 7 runs, 100000 loops each)


In [5]:
from time import time
t1 = time()
print(gcd(79093379, 184963952))
print(time()-t1)

1
4.768291234970093


### Greatest Common Divisor. Quiz
(nothing special)

### Euclids Algorithm

#### Euclid's Lemma
`Euclids Lemma`  
$d$ divides $a$ and $b$, if and only if $d$ divides $a$ - $b$ and $b$.

`Proof`  
$\implies$ if $a = dp$ and $b = dq$, then $a - b = d(p-q)$

#### Little bit faster algorithm

In [6]:
def gcd(a, b):
    assert a >= 0 and b >= 0 and a + b >0
    
    while a > 0 and b > 0:
        if a >= b:
            a = a - b
        else:
            b = b - a
    return max(a, b)

In [7]:
t1 = time()
print(gcd(790933793, 1849639572))
print(time()-t1)

1
0.0


- On some inputs, works much faster than the Naive algorithm
- Still, there are inputs where this code is too slow: (example - gcd(790933790548, 7)
- Reason: the code will substract 8 billions of times
- Idea: what is left is the reminder modulo 7

#### Euclid's algorithm

In [8]:
def gcd(a,b):
    assert a >= 0 and b >= 0 and a + b > 0
    
    while a > 0 and b > 0:
        if a >= b:
            a = a % b
        else:
            b = b % a
        print('gcd', (a, b))
    return max(a,b)

In [9]:
t1 = time()
#print(gcd(7909337931241249293, 1849613951121))
print(gcd(10, 6))
print(time()-t1)

gcd (4, 6)
gcd (4, 2)
gcd (0, 2)
2
0.0


#### Analysis
- The numbers are getting shorter and shorter
- A more quantitive statement: at each iteration of the while loop the larger number drops by at least a factor of 2  

`Lemma`  
Let a >= b > 0. Then (a mod b) < a/2  
proof:  
- if b <= a/2, then (a mod b) < b <= a/2
- if b > a/2, then (a mod b) = a - b < a/2
- Hence, at each iteration, either a or b is dropped by at least a factor of 2
- Thus, the total number of iterations is at most  
$\log_2a + \log_2 b$
- If a constists of less than 5 000 decimal digits (i.e., $a < 10^{5000}$), then $\log_2 a < 16610$

#### Compact code

In [10]:
def gcd(a,b):
    assert a >= b and b >= 0 and a + b > 0
    return gcd(b, a % b) if b > 0 else a
print(gcd(7909337931241249293, 1849613951121))

3


### Extended Euclid's Algorithm
- Somebody computed the greatest common divisor of a and b and wants to convince you that it is equal to d
- You can check that d divides both a and b, but this only shows that d is a common divisor of a and b, but does not guarantees that is the greatest one
- It turns out that it is enough to represent d as ax + by (for integers x and y)!

`Lemma`  
If $d$ divides $a$ and $b$ and $d = ax + by$ for integers $x$ and $y$, then $d = gcd(a,b)$  

`Proof`
- $d$ is a common divisor of $a$ and $b$, hence $d<=gcd(a, b)$
- $gcd(a,b)$ divides both $a$ abd $b$, hence it also divides $d = ax + by$, and hence $gcd(a,b) <= d$

#### Examples
- $gcd(10, 6) = 2 = 10 \times (-1) + 6 \times 2$
- $gcd(7, 5) = 1 = 7 \times (-2) + 5 \times 3$
- $gcd(391, 299) = 23 = 391 \times (-3) + 299 \times 4$
- $gcd(239, 201) = 1 = 239 \times (-37) + 201 \times 44$

#### Extending Euclid's Algorithm
- Recall that Euclid's algorithm uses the fact that, for $a>=b, gcd(a,b) = gcd (b, {a}\bmod{b})$
- Assume that $d = gcd(b, a \bmod b)$ and that $d = bp + (a \bmod b)q$
- Then  
$$ d = bp (a \bmod b)q$$  
$$= bp + (a - \lfloor \frac{a}{b} \rfloor b)q$$
$$= aq + b(p - \lfloor \frac{a}{b} \rfloor q)$$

In [11]:
# returns gcd(a,b), x, y: gcd(a,b)=ax+by
def extended_gcd(a, b):
    assert a >= b and b >= 0 and a + b > 0
    print(a,b)
    if b == 0:
        #print('whoops, b == 0')
        d, x, y = a, 1, 0
        
    else:
        (d, p, q) = extended_gcd(b, a % b)
        #print('b={}, a={}, d={}, p={}, q={}'.format(b, a, d, p, q))
        x = q
        y = p - q * (a // b)
    
    assert a % d == 0 and b % d == 0
    assert d == a * x + b * y
    return (d, x, y)
#print(extended_gcd(7909337931241249293, 1849613951121))
print(extended_gcd(10,6))

10 6
6 4
4 2
2 0
(2, -1, 2)


#### [Version from wiki](https://en.wikipedia.org/wiki/Extended_Euclidean_algorithm)

If a and b are two nonzero polynomials,  
then the extended Euclidean algorithm produces  
the unique pair of polynomials $(s, t)$ such that

$${\displaystyle as+bt=\gcd(a,b)}as+bt=\gcd(a,b)$$

In [12]:
def wiki_gcd_extended(a, b):
    s, old_s = 0,1
    t, old_t = 1,0
    r, old_r = b,a
    
    while r != 0:
        quotient = old_r // r
        old_r, r = r, (old_r - quotient * r)
        old_s, s = s, (old_s - quotient * s)
        old_t, t = t, (old_t - quotient * t)
        print(quotient, old_s, old_t)
    print("Bézout coefficients: {},{}".format(old_s, old_t))
    print("greatest common divisor: {}".format(old_r))
    print("quotients by the gcd: {},{}".format(t, s))
    return True

wiki_gcd_extended(-391, -299)

1 0 1
3 1 -1
4 -3 4
Bézout coefficients: -3,4
greatest common divisor: -23
quotients by the gcd: -17,13


True

### Tile a Rectangle with Squares. Quiz. 

Given an $n \times m$ grid (where n,m are integers), you would like to tile it with the minimal number of same size squares. Clearly, it can always be tiled with $nm$ squares of size $1 \times 1$, but it is not always optimal. For example, a $6 \times 10$ grid can be tiled by 15 squares of size $2 \times 2$:
![Rectangle](https://raw.githubusercontent.com/sersavn/Coursera-Introduction-to-Discrete-Mathematics-for-Computer-Science-Specialization/master/C4_Number_Theory_and_Cryptohraphy/Tile_a_Rectangle_with_Squares_grid.png)

Your goal in this problem is to implement a function squares(n, m) that returns the minimum number of same size squares required to tile a grid of size $n \times m$. Your code should work fast (in less than a second) even for $n, m$ up to 1 000 000 000.

In [13]:
def squares(n, m):
    ini_n = n
    ini_m = m
    while n > 0 and m > 0:
        if n >= m :
            n = n % m
        else:
            m = m % n
    gcd = max(n, m)
    min_num_of_squares = ini_n/gcd * ini_m/gcd
    return int(min_num_of_squares)

## Applications

### Leas Common Multiple

`Definition`  
Least common multiple, $lcm(a, b)$ of integers $a$ and $b$ (both different from zero) is the smallest positive integer that is divisible by both $a$ and $b$  

`Examples`    
$lcm(24, 16) = 48,$   
$lcm(9,17) = 15$,  
$lcm(239, 0) - undefined$

`Convention`  
We assume that $a$ and $b$ are positive

#### Working with Fractions

When adding or comparing simple fractions, we usually compute the lowest common denominator which is the least common multiple of the denominators:  
$$\frac{31}{177} + \frac{29}{118}$$
$$lcm(177, 118) = 354 = 2 \times 177 = 3 \times 118$$
$$\frac{31}{177} + \frac{29}{118} = \frac{31\cdot2}{177\cdot2} + \frac{29\cdot3}{118\cdot3}$$

#### Naive Algorithm
Clearly, $a \cdot b$ is divisible by $a$ and $b$. To find the least common multiple, simply try all numbers up to $a \cdot b$ and select the smallest one

In [14]:
def lcm(a, b):
    assert a > 0 and b > 0
    
    for d in range(1, a * b + 1):
        if d % a == 0 and d % b == 0:
            return d
print(lcm(20432, 2533))

51754256


#### Euclid's algorithm
$$lcm(a, b) \times gcd(a,b) = a \times b$$

#### lcm and gcd
`Lemma`  
If $a,b > 0$, then $lcm(a, b) = ab/gcd(a,b)$  

`Proof`
- Let $d = gcd(a, b), a = df, b = dq$
- Then $m = ab/d = pb = qa$ is a multiple of $a$ and $b$
- If there was a smaller multiple $\bar{m}$ < $m$,
then $\bar{d} = ab/\bar{m} > d$ would be a common divisor: $a/\bar{d} = \bar{m}/b, b/\bar{d} = \bar{m}/a$

### Least Common Multiple. Quiz
1. What is the least common multiple of 2 and 3?  
A: $2 \cdot 3/1$
2. What is the least common multiple of 10 and 15?  
A: $10 \cdot 15/5$
3. What is the least common multiple of 35 and 70?  
A: $35 \cdot 70/35$

### Least Common Multiple. Code

In [15]:
def lcm(a, b):
    assert a > 0 and b > 0
  
    multiplication = a * b
    while a > 0 and b > 0:
        if a >= b:
            a = a % b
        else:
            b = b % a
    return multiplication/max(a,b)

lcm(35, 70)

70.0

In [16]:
print(extended_gcd(1980,1848))

1980 1848
1848 132
132 0
(132, 1, -1)


### Diophantine Equations: Examples
A diophantine equation is an equation where only integer solutions are allowed
- 1 apple costs 22 pesos
- you only have 3-peso bills
- the cashier only has 5-peso bills
- 3x = 22 + 5y, x, y are non-negative integers
- Solutions:
    - x = 9, y = 1
    - x = 14, y = 4
    
Another example:
- x lamps, each 4936₽
- 100 <= y < 1000
- Total: 1000y + 728₽
- x, y are non-negative integers

Another example:
- 187x + 55y = 121, 
- x and y are integers
- solutions:
    - $187 \times 3 + 55 \times (-8) = 121$
    - $187 \times (-2) + 55 \times 9 = 121$
    - infenitely many solutions!
    
Another example:
- 187x + 55y = 45
- x and y are integers
- no solutions at all!

### Practice Quiz. Diophantine Equations

### Diophantine Equations. Theorem

`Theorem`  
Given integers a, b, c (at least one of a and b != 0),  
the Diophantine equation
$$ax + by = c$$
Has a solution (where x and y are integers) if and only if:
$$gcd(a,b)|c$$

`Proof`
Let $d = gcd(a, b)$  
$\implies a = dp$ and $b = dq, \text{thus},$  
$c = ax + by = d(px + qy)$  
$\Longleftarrow$ Extended Euclid's algorithm:  
$a\bar{x} + b\bar{y} = d$  
$if c = td, \text{then } x = t \cdot \bar{x},y = t \cdot \bar{y}$:  
$ax + by = t(a\bar{x} + b\bar{y}) = td = c$

#### Finding a solution
- 10x + 6y = 14:
    - Extended Euclid's algorithm:
    $gcd(10, 6) = 2 = 10 \cdot (-1) + 6 \cdot 2 $
    - $14 = 10 \cdot (-1) \cdot 7 + 6 \cdot 2 \cdot 7$
    - x = -7, y = 14
- 391x + 299x = -69
    - Extended Euclid's Algorithm:
    $gcd(391, 299) = 23 = 391 \cdot (-3) + 299 \cdot 4$
    - $69 = 391 \cdot (-3) \cdot (-3) + 299 \cdot 4 \cdot (-3)$
    - x = 9, y = 12
    - But x = -4, y = 5 is also a solution. How do we find **all** solutions?
    
#### Euclid's Lemma
`Euclid's Lemma`  
$\text{ If } n|ab \text{ and } gcd(a, n) = 1, \text{ then } n|b.$  

`Proof`  
- From Extended Euclid's algorithm (a, n):
- ax + ny = 1
- axb + nyb = b
- From ab = kn,  
b = axb + nyb = n(xk + yb)

#### Finding all solutions  
`Theorem`  
Let gcd(a,b) = d, a = dp, b = dq.  
If $(x_0, y_0)$ is a solution of the Diophantine equation $ax + by = c$  
$$ax_0 + by_0 = c$$
then all the solutions have the form
$$a(x_0 + tq) + b(y_0 - tp) = c, $$
where $t$ is an arbitrary integer.  

`Proof`
- $a = dp, b = dq, ax_0 + by_0 = c$
- For any integer $t$,
$$a(x_0 + tq) + b(y_0 - tp)$$
$$= ax_0 + by_0 + t(aq - bp)$$
$$= c + t(dfq - dpq) = c$$
- Consider 2 solutions: $(x_1, y_1)\text{ and }(x_2, y_2)$
- $a(x_1 - x_2) + b(y_1 - y_2) = c - c = 0$
- $p(x_1 - x_2) + q(y_1 - y_2) = 0$  
- $ gcd(p, q) = 1$
- By Euclid's lemma: $x_1 - x_2 = tq$
- Then $y_1 - y_2 = -tp$

#### Example
- 3x + 5y = 22
- $x_0 = 9, y_0 = -1$
- $a = 3, b = 5, d = 1$
- $a = dp, b = dq, p = 3, q = 5$


- All solutions:
$$x = x_0 + tq = 9 + 5t$$
$$y = y_0 - tp = -1 - 3t$$


- If we want x >= 0 and y <= 0, then take:
$$ x =  9 + 5t >= 0$$
$$ y = -1 -3t <= 0$$

- That is, t >= 1/3 or t >= 0

### Diophantine Equations: Code

Try to use extended Euclid's algorithm to solve Diophantine equations efficiently.

Given three numbers $a>0, b>0, \text{ and } c$, the algorithm should return some $x$ and $y$ such that

$ax+by=c$

In [17]:
def wiki_gcd_extended(a, b):
    s, old_s = 0,1
    t, old_t = 1,0
    r, old_r = b,a
    
    while r != 0:
        quotient = old_r // r
        old_r, r = r, (old_r - quotient * r)
        old_s, s = s, (old_s - quotient * s)
        old_t, t = t, (old_t - quotient * t)
        
    return(old_r, old_s, old_t)

def diophantine(a, b, c):
    gcd_extended = wiki_gcd_extended(a, b)
    gcd = gcd_extended[0]
    b1 = gcd_extended[1]
    b2 = gcd_extended[2]
    
    # return (x, y) such that a * x + b * y = c
    return (b1*c//gcd, b2*c//gcd)

diophantine(10, 6, 14)


(-7, 14)

In [18]:
2 % 9

2

In [19]:
diophantine(9, 2, 1)

(1, -4)

In [20]:
wiki_gcd_extended(2, 9)

(1, -4, 1)

### Modular Division

While looking at division mod 7 table:
- Given $a,b; a\neq$ $b$, there exists $x$ such that $a \cdot x \equiv b$ (mod 7)
- $x$ plays the role of modular division $x = b/a$ (mod 7)

Consider division mod 6 table:
- $ 2/5 \equiv 4$ (mod 6);  
indeed, $4 \cdot 5 \equiv 2$ (mod 6)
- But there is no x such that $3 \cdot x \equiv 1$ (mod 6)
- We can't divide 1 by 3 modulo 6!

#### Multiplicative Inverse
- A multiplicative inverse of $a \pmod{n} \text{ is } \bar{a}$ s.t.
$$ a \times \bar{a} \equiv 1 \pmod{n}$$
- If $a$ has a multiplicative inverse $\bar{a}$, then one can divide by a:
$$b/a \equiv b \times \bar{a}\pmod{n}$$
- Indeed, for every b,
$$b/a \times a \equiv b \times \bar{a} \times a \equiv b \pmod{n}$$
$$(a \times \bar{a} == 1)$$

#### Uniqueness of Inverses  
`Lemma`  
If $a$ has a multiplicative inverse, then it is unique  

`Proof`  
If x and y are multiplicative inverses of a, then  
$$ x = x \times (a \times y) = (x \times a) \times y = y$$

#### Existence of Inverses
`Theorem`  
$a$ has a multiplicative inverse modulo $n$ if and only if $gcd(a,n) = 1$ 

`Proof`
- $ax \equiv 1 \pmod{n} \iff ax + kn = 1$ ($\iff \text{symbol means iff}$)
- For fixed $a$ and $n$, this Diophantine equation has a solution $(x) \iff \text{gcd }(a,n) | 1 $
- If $\text{gcd(a,n)} = 1$ then one can divide by $a$ modulo $n$
- Given $a,b,n$ we want to find $x \equiv b/a \pmod{n}$:
    - First, we use Extended Euclid's algorithm to find $s$ and $t: nt + as = 1$
    - s is the multiplicative inverse of a modulo n
    - Now $x\equiv b/a \equiv b \times s \pmod{n}$
    
#### Example 
- Let's assume that we would like to divide 7 by 2 (mod 9):
$$7/2\pmod{9}$$
- We can do this just bcs $gcd(9,2) = 1$
- (can also be rewritten as $gcd(2,9) = 1$)

- Extended Euclid's algorithm gives us:
$$9 \times 1 + 2 \times (-4) = 1$$
- $-4 \equiv 5 \pmod{9} \text{ is the multiplicative inverse of 2 mod 9}$
- $7/2 \equiv 7 \times 5 \equiv 8 \pmod{9}$
- (same as $7/2\pmod{9}\equiv 7 \times 5 \pmod{9} \equiv 8 \pmod{9}$)
- Indeed, $8 \times 2 \equiv 7 \pmod{9}$

In [21]:
1 % 9

1

In [22]:
wiki_gcd_extended(2, 9)

(1, -4, 1)

### Modular Division: Code

Now that you know how to use extended Euclid's algorithm for finding modular inverses, implement an efficient algorithm for dividing $b$ by $a$ modulo n.

Given three integers $a, b$, and $n$, such that $gcd(a,n)=1$ and $n > 1$, the algorithm should return an integer x such that

$0 \leq x \leq n-1$, and

$b/a=x\pmod{n}$ (that is, $b=ax\pmod{n}).$

In [23]:
def wiki_gcd_extended(a, b):
    s, old_s = 0,1
    t, old_t = 1,0
    r, old_r = b,a
    
    while r != 0:
        quotient = old_r // r
        old_r, r = r, (old_r - quotient * r)
        old_s, s = s, (old_s - quotient * s)
        old_t, t = t, (old_t - quotient * t)
        
    return(old_r, old_s, old_t)

def divide(a, b, n):
    assert n > 1 and a > 0 and wiki_gcd_extended(a, n)[0] == 1
    
    gcd_extended = wiki_gcd_extended(a, n)
    gcd = gcd_extended[0]
    a_bezout = gcd_extended[1]
    n_bezout = gcd_extended[2]
    
    print('{} * {} + {} * {} = {}'.format(a, a_bezout, n, n_bezout, gcd))

    # return the number x s.t. x = b / a (mod n) and 0 <= x <= n-1.
    return a_bezout * b % n

In [24]:
divide(2, 7, 9)

2 * -4 + 9 * 1 = 1


8

# W3. Euclids Algorithm

## 3.1 Integer Factorization

### Introduction

- Private comminications via phone, email, messengers
- Secure money transfer, online shopping
- Secure authorization for online services
- Secure software installation
- Digital signature

#### Eavesdropping

- Solution - encryption with secret key which is known for both parties

#### Changing the code
- Example is imitation game movie, where nazis changed their code once a day during the war
- At the end Alan Turing managed to improve computer to get the code

#### Sharing the Secret Code
- How to share the secret code itself?
- Eavesdropper can get it
- What if you are communicating from different continents?
- And you need a new code for each communication

#### Public key cryptography as a solution
Idea:
- Every party generates 2 keys: public key and private key

#### Cryptography
- Sharing secrets in such a way that noone can eavesdrop or change your messages
- Authorization and making sure a person cannot deny having sent the message
- Billions of money transaction use encryption everyday
- RSA encryption - arguably the most used program in the world
- This module - tools for cryptography
- Next module - keys and secure ciphers, how to break them if used incorrectly

### Prime Numbers

#### Arranging apples

It is possible to arrange 12 apples in a rectangle with several rows and columns, is it possible for 13 apples?
- No, cause if it would be then $a$ rows and $b$ cols would form $ab$ rectangle, where $a,b > 1$ 

#### Problem
For which integers n > 1 is it possible to arrange n apples into several rows, such that there are several apples in each row, and the number of apples in each row is the same?

#### Special cases
- 0 any number divides zero, bcs $0 \cdot a = 0$, infinite number of devisors. However, neither prime nor composite
- 1 it has no divisors other than 1 and itself

### Integers as Product of Primes

#### Composite numbers
`Definition`  
A composite number can be represented as a product of two smaller integers.
$$1001 = 7 \cdot 143$$

#### Continuing Factorization
If one of the factors is not prime, we can represent it as a product of two even sameller integers:
$1001 = 7 \cdot 143 = 7 \cdot 11 \cdot 13$

The process of representing an integer as product of smaller and smaller integers is called `integer factorization`

#### Another factorization

We could start with another representation of 1001 as a product of 2 smaller integers: $1001 = 11 \cdot 91 = 11 \cdot 7 \cdot 13$

Each way of factorization can be represented as a tree

Integers in the leaves give a representation of 1001 as a product of primes. Notics that the two final representations differ only by the order of these primes.

### Existence of Representation
`Theorem`  
Every integer n > 1 can be represented as a product of one or more prime numbers.  
Proof:
- If $n$ is prime we are good
- Otherwise, $n = ab, 1 < a,b < n$
- If $a$ and $b$ are prime, we are good
- If $a$ is composite, factor it:  
$a = a_{1}a_{2}, 1 < a_1, a_2 < n$
- Continue factorization of factors while possible
- It must stop, as factor get smaller
- Stops when all factors are prime

### Euclid's Lemma

#### Is the Representation unique?

Consider this example:  
$78227 \cdot 244999 = 19165536773 = 99599 \cdot 192427$

Does it prove that there can be two different representations of the same integer as a product of primes? No, because:
$137 \cdot 571 \cdot 337 \cdot 727 = 19165536773 = 137 \cdot 727 \cdot 337 \cdot 571$

Recall the following:  
`Lemma`  
If $p$ is a prime number, and $p$ divides $ab$, then $p$ divides either $a$ or $b$.  

`Proof`
- Suppose $p \nmid a$ (does not divide)
- GCD(a, p) | p, so either GCD(a, p) = 1 or GCD(a, p) = p
- As far as $p \nmid a$ GCD(a, p) = 1
- Then multiplication by $a$ is invertible: $xa \equiv 1\mod p$ for some $x$
- $p | ab \Rightarrow ab \equiv 0 \Rightarrow xab \equiv 0 \Rightarrow b \equiv 0 $ mod $p$
- xa = 1
- $b \equiv 0$ mod $p$, so $p | b$

`Corollary`
If a prime $p$ divides product of several integers, then $p$ divides at least one of these integers.
Indeed, $p$ divides $a_1 \cdot a_2 ... \cdot a_k = a_1 \cdot (a_2 ... \cdot a_k)$, so either $p$ divides $a_1$ or $p$ divides $a_2 \cdot a_3 ... \cdot a_k = a_2 \cdot (a_3 ... \cdot a_k)$, in the latter case $p$ divides either $a_2$ or $a_3 ... \cdot a_k = a_3 \cdot (a_4 ... \cdot a_k)$, and so on.

Example:
Sum of the digits of the number 5816907 is 5 + 8 + 1 + 6 + 9 + 0 + 7 = 36, and 3 divides 36, so by the criterion of divisibility by 3 we know that 3 divides $5816907 = 17 \cdot 19 \cdot 23 \cdot 27 \cdot 29$ Which of the numbers 17, 19, 23, 27, 29 is divisible by 3 then?


### Unique factorization
`Theorem`  
Every integer $n > 1$ can be represented as a product of one or more prime numbers. Any two such representations of the same integer n can differ only by the order of factors:
- First part - the existence of representation is already proved
- Now, lets prove the uniqueness of the representation

#### Reduce Both parts
$$ n = p_1 p_2 ... p_{k-1} p_k = q_1 q_2 ... q_{l-1}q_l$$
If there are common factors, cancel them until there are no common factors.

#### Nothing to Reduce
- Imagine two different representations without common factors
- $p_1 p_2 ... p_{k-1} p_k = q_1 q_2...q_{l-1}q_l$
- $p_1$ divides $q_1 ... q_l$, so $p_1$ divides one of $q_1, q_2, ..., q_l$
- $p_1$ divides $q_i, q_i$ is prime, so $p_1 = q_i$ - contradiction

#### Canonical Factorization
For any representation of $n$ as a product of primes, we can sort the factors in ascending order and group all the equal primes together. Then we will get the canonical representation:
$$ n = p_{1}^{a_1} \cdot p_{2}^{a_2} ... \cdot p_{k}^{a_k}$$,
where $p_1 < p_2 < ... < p_k$ are primes, and $a_1, a_2, ..., a_k$ are positive integers. It follows from the unique factorization theorem that the canonical representation of any $n > 1$ is unique.

#### Other Representations
For any set of primes $p_1, p_2, ..., p_m$ such that all prime divisors of $n$ are in this set, we can represent 
$$ n = p_{1}^{a_1} \cdot p_2^{a_2} ... p_{m}^{a_m}$$

However, in this case some $\alpha_i$ can be 0.
Example: $20 = 2^2 \cdot 3^0 \cdot 5^1 \cdot 7^0$ 

In particular, we can take the set of all prime numbers, enumerate in starting from $p_1 = 2, p_2 = 3$ and represent $n$ as sequence ($\alpha_1, \alpha_2, \alpha_3, ...)$, where $\alpha_i = 0$ if $p_i \nmid n$, otherwise $\alpha_i$ is the degree from the canonical factorization of n corresponding to $p_i$. In this representation, all integers have the same set of prime factors, although some of them in degree 0.

$$m \iff (\alpha_1, \alpha_2, ...)$$
$$n \iff (\beta_1, \beta_2, ...)$$
$$mn \iff (\beta_1, \beta_2, ...)$$

However, there is no simple way to sum two numbers in this representation.

#### Conclusion
- Any integer can be represented as a product of primes
- Any two representations differ only by the order of factors
- Canonical representation $n = p_1^{\alpha_1} p_2^{\alpha_2} ... p_k^{\alpha_k}$  is unique
- Also can represent $n$ as sequence of degrees for all prime numbers ($\alpha_1, \alpha_2, ...$), where all $a_i > 0$ and $a_i = 0$ if $p_i \nmid n$

### Implications of unique factorization
#### Divisibility Criterion
When does $m$ divide $n$?  
Consider canonical representations:
$$m = p_1^{\alpha_1} p_2^{\alpha_2} ... p_k^{\alpha_k}$$
$$n = q_1^{\beta_1} q_2^{\beta_2} ... q_k^{\beta_k}$$
$m | n$ when:
- All $p_i$ are among $q_1, q_2, ... , q_l$
- If $p_i = q_j, \alpha_i \leq \beta_j$

#### When Numbers are Coprime?
Integers $m$ and $n$ are called coprime if $GCD(m,n) = 1.$  
Consider canonical representations:
$$m = p_1^{\alpha_1} p_2^{\alpha_2} ... p_k^{\alpha_k}$$
$$n = q_1^{\beta_1} q_2^{\beta_2} ... q_l^{\alpha_l}$$
$GCD(m,n) = 1$ when there are no common prime factors between $p_1, p_2, ... p_k$ and $q_1, q_2, ..., q_l$

#### Computing GCD
Let $p_1, p_2, ... , p_k$ be all prime divisors of $m$ and $n$  
Then
$$m = p_1^{\alpha_1} p_2^{\alpha_2} ... p_k^{\alpha_k}$$
$$n = p_1^{\beta_1} p_2^{\beta_2} ... p_l^{\alpha_k}$$
$$GCD(m, n) = p_1^{min(\alpha_1, \beta_1)} p_2^{min(\alpha_2, \beta_2)} ... p_k^{min(\alpha_k, \beta_k)}$$
Note that some $\alpha_i$ and $\beta_j$ can be zero in this case.

Note that computing GCD is much easier than prime factorization. The former can be done with Euclid's algorithm, and no efficient algorithm is known for the latter.

#### Least Common Multiple
`LCM`  
The least common multiple LCM(a,b) of two integers $a$ and $b$ is the smallest positive integer $x$ such that both $a | x$ and $b | x$.

LCM(4,6) = 12

#### Computing LCM
Let $p_1, p_2, ... , p_k$ be all prime divisors of $m$ and $n$  
Then 
$$m = p_1^{\alpha_1} p_2^{\alpha_2} ... p_k^{\alpha_k}$$
$$n = p_1^{\beta_1} p_2^{\beta_2} ... p_l^{\beta_k}$$
$$LCM(m, n) = p_1^{max(\alpha_1, \beta_1)} p_2^{max(\alpha_2, \beta_2)} ... p_k^{max(\alpha_k, \beta_k)}$$

#### Min and Max

Note that for any $\alpha$ and $\beta$:
$$min(\alpha, \beta) + max(\alpha, \beta) = \alpha + \beta$$
$$p_1^{min(\alpha_1, \beta_1)} p_1^{max(\alpha_1, \beta_1)} = p_1^{min(\alpha_1, \beta_1) + max(\alpha_1, \beta_1)} = p_1^{\alpha_1 + \beta_1}$$

Now, m and n will look as following:
$$m = p_1^{\alpha_1} p_2^{\alpha_2} ... p_k^{\alpha_k}$$
$$n = p_1^{\beta_1} p_2^{\beta_2} ... p_k^{\beta_k}$$
$$GCD(m, n) = p_1^{min(\alpha_1, \beta_1)} p_2^{min(\alpha_2, \beta_2)} ... p_k^{min(\alpha_k, \beta_k)}$$
$$LCM(m, n) = p_1^{max(\alpha_1, \beta_1)} p_2^{max(\alpha_2, \beta_2)} ... p_k^{max(\alpha_k, \beta_k)}$$

$$mn = p_1^{\alpha_1 + \beta_1} p_2^{\alpha_2 + \beta_2} ... p_k^{\alpha_k + \beta_k}$$
$$GCD(m,n)LCM(m,n) = mn$$

#### Computing LCM
We can compute GCD(m,n) using Euclid's algorithm, and $LCM(m,n) = \frac{mn}{GCD(m,n)}$, so LCM can also be computed quickly.

`Lemma`
if $a | n, b|n,$ and $GCD(a,b) = 1$, then $ab | n$  
`Proof`
- All prime factors of a are among prime factors of n
- Degrees of these factors in n are bigger or the same
- Same goes for b
- $GCD(a, b) = 1$, so $a$ and $b$ don't share prime factors
- Thus all prime factors of $ab$ are in $n$ with bigger or same degrees

#### Conclusion
- Easy criterion for divisibility given prime factorization
- Coprime numbers don't share prime factors
- GCD and LCM can be computed using prime factorizations
- However, prime factorization is hard, and Euclid's algorithm is facst
- GCD(m,n) LCM(m,m) = mn, so LCM can also be computed using Euclid's algorithm
- If two coprime numbers divide $n$, their product also divides $n$

In [25]:
def ifprime(num):
    for i in range(2, int(101**0.5)+2):
        if num%i == 0:
            print(i)
            return True
            
    return False

ifprime(737)

### Integer Factorization Quiz
1. Is number 101 prime? yes
2. Is number 737 prime? no
3. Does $105 = 3 \cdot 5 \cdot 7$ divide 1260 = $2^2 \cdot 3^2 \cdot 5 \cdot 7$ yes
4. Which of the numbers $6 = 2 \cdot 3, 10 = 2 \cdot 5, 15 = 3 \cdot 5$ and $35 = 5 \cdot 7$ are coprime?  
A: 6 and 35
5. Compute $GCD(1980, 1848)$ given that $1980 = 2^2 \cdot 3^2 \cdot 5 \cdot 11$ and $1848 = 2^3 \cdot 3 \cdot 7 \cdot 11$
A: $2^2 \cdot 3 \cdot 11 = 132$
6. Compute LCM(1980, 1848)  
A: $LCM(1980, 1848) = mn/GCD(1980, 1848) = 3659040/132 = 27720$

## 3.2 Chinese Remainder Theorem