Multiplicative group of integers modulo n

In modular arithmetic the set of congruence classes relatively prime to the modulus n form a group under multiplication called the multiplicative group of integers modulo n. It is also called the group of primitive residue classes modulo n. In the theory of rings, a branch of abstract algebra, it is described as the group of units of the ring of integers modulo n. (Units refers to elements with a multiplicative inverse.)

This group is fundamental in number theory. It has found applications in cryptography, integer factorization, and primality testing. For example, by finding the order (ie. the size) of the group, one can determine if n is prime: n is prime if and only if the order is n − 1.

Group axioms

It is a straightforward exercise to show that under multiplication the congruence classes (mod n) which are relatively prime to n satisfy the axioms for an abelian group.

Because a ≡ b (mod n) implies that gcd(a, n) = gcd(b, n), the notion of congruence classes (mod n) which are relatively prime to n is well-defined.

Since gcd(a, n) = 1 and gcd(b, n) = 1 implies gcd(ab, n) = 1 the set of classes relatively prime to n is closed under multiplication.

The natural mapping from the integers to the congruence classes (mod n) that takes an integer to its congruence class (mod n) respects products. This implies that the class containing 1 is the unique multiplicative identity, and also the associative and commutative laws. In fact it is a ring homomorphism.

Given a, gcd(a, n) = 1, finding x satisfying ax ≡ 1 (mod n) is the same as solving ax + ny = 1, which can be done by Bézout's lemma. The x found will have the property that gcd(x,n)=1.

Notation

The ring of integers (mod n) is denoted $\mathbb{Z}/n\mathbb{Z}$   or   $\mathbb{Z}/(n)$   (i.e., the ring of integers modulo the ideal nZ = (n) consisting of the multiples of n) or by $\mathbb{Z}_n$ (though the latter can be confused with the p-adic integers in the case n = p). Depending on the author its group of units may be written $(\mathbb{Z}/n\mathbb{Z})^*,$   $(\mathbb{Z}/n\mathbb{Z})^\times,$   $U(\mathbb{Z}/n\mathbb{Z}),$   $E(\mathbb{Z}/n\mathbb{Z})$   (for German Einheit = unit) or similar notations. This article uses $(\mathbb{Z}/n\mathbb{Z})^\times.$

Structure

Powers of 2

Modulo 2 there is only one relatively prime congruence class, 1, so $(\mathbb{Z}/2\mathbb{Z})^\times \cong \{1\}$ is trivial.

Modulo 4 there are two relatively prime congruence classes, 1 and 3, so $(\mathbb{Z}/4\mathbb{Z})^\times \cong C_2,$ the cyclic group with two elements.

Modulo 8 there are four relatively prime classes, 1, 3, 5 and 7. The square of each of these is 1, so $(\mathbb{Z}/8\mathbb{Z})^\times \cong C_2 \times C_2,$ the Klein four-group.

Modulo 16 there are eight relatively prime classes 1, 3, 5, 7, 9, 11, 13 and 15. $\{\pm 1, \pm 7\}\cong C_2 \times C_2,$ is the 2-torsion subgroup (ie. the square of each element is 1), so $(\mathbb{Z}/16\mathbb{Z})^\times$ is not cyclic. The powers of 3, {1,3,9,11} are a subgroup of order 4, as are the powers of 5, {1,5,9,13}.   Thus $(\mathbb{Z}/16\mathbb{Z})^\times \cong C_2 \times C_4.$

The pattern shown by 8 and 16 holds^[1] for higher powers 2^k, k > 2: $\{\pm 1, 2^{ k-1} \pm 1\}\cong C_2 \times C_2,$ is the 2-torsion subgroup (so $(\mathbb{Z}/2^k\mathbb{Z})^\times$ is not cyclic) and the powers of 3 are a subgroup of order 2^{k − 2}, so $(\mathbb{Z}/2^k\mathbb{Z})^\times \cong C_2 \times C_{2^{k-2}}.$

Powers of odd primes

For powers of odd primes p^k the group is cyclic:^[2]

$\;\;(\mathbb{Z}/p^k\mathbb{Z})^\times \cong C_{p^{k-1}(p-1)} \cong C_{\varphi(p^k)}.$

General composite numbers

The Chinese remainder theorem^[3] says that if $\;\;n=p_1^{k_1}p_2^{k_2}p_3^{k_3}\dots, \;$ then the ring $\mathbb{Z}/n\mathbb{Z}$ is the direct product of the rings corresponding to each of its prime power factors:

$\mathbb{Z}/n\mathbb{Z} \cong \mathbb{Z}/{p_1^{k_1}}\mathbb{Z}\; \times \;\mathbb{Z}/{p_2^{k_2}}\mathbb{Z} \;\times\; \mathbb{Z}/{p_3^{k_3}}\mathbb{Z}\dots\;\;$

Similarly, the group of units $(\mathbb{Z}/n\mathbb{Z})^\times$ is the direct product of the groups corresponding to each of the prime power factors:

$(\mathbb{Z}/n\mathbb{Z})^\times\cong (\mathbb{Z}/{p_1^{k_1}}\mathbb{Z})^\times \times (\mathbb{Z}/{p_2^{k_2}}\mathbb{Z})^\times \times (\mathbb{Z}/{p_3^{k_3}}\mathbb{Z})^\times \dots\;.$

Order

The order of the group is given by Euler's totient function: $| (\mathbb{Z}/n\mathbb{Z})^\times|=\varphi(n).$ This is the product of the orders of the cyclic groups in the direct product.

Exponent

The exponent is given by the Carmichael function λ(n), the least common multiple of the orders of the cyclic groups. This means that given n, $a^{\lambda(n)} \equiv 1 \pmod n,$ for any a relatively prime to n, and λ(n) is the smallest such number.

Generators

$(\mathbb{Z}/n\mathbb{Z})^\times$ is cyclic if and only if φ(n) = λ(n). This is the case precisely when n is 2, 4, a power of an odd prime, or twice a power of an odd prime. In this case a generator is called a primitive root modulo n.

Since all the $(\mathbb{Z}/n\mathbb{Z})^\times,$ n = 1, 2, ..., 7 are cyclic, another way to state this is: If n < 8 then $\;(\mathbb{Z}/n\mathbb{Z})^\times$ has a primitive root. If n ≥ 8 $\;(\mathbb{Z}/n\mathbb{Z})^\times$ has a primitive root unless n is divisible by 4 or by two distinct odd primes.

In the general case there is one generator for each cyclic direct factor.

Table

This table shows the cyclic decomposition of $(\mathbb{Z}/n\mathbb{Z})^\times$ and a generating set for small values of n. The generating sets are not unique; e.g. (mod 16) both {−1, 3} and {−1, 5} will work. The generators are listed in the same order as the direct factors.

For example take n = 20. φ(20) = 8 means that the order of $(\mathbb{Z}/20\mathbb{Z})^\times$ is 8 (i.e. there are 8 numbers less than 20 and coprime to it); λ(20) = 4 that the fourth power of any number relatively prime to 20 is ≡ 1 (mod 20); and as for the generators, 19 has order 2, 3 has order 4, and every member of $(\mathbb{Z}/20\mathbb{Z})^\times$ is of the form 19^a × 3^b, where a is 0 or 1 and b is 0, 1, 2, or 3.

The powers of 19 are {±1} and the powers of 3 are {3, 9, 7, 1}. The latter and their negatives (mod 20), {17, 11, 13, 19} are all the numbers less than 20 and prime to it. The fact that the order of 19 is 2 and the order of 3 is 4 implies that the fourth power of every member of $\mathbb{Z}_{20}^\times$ is ≡ 1 (mod 20).

Group Structure of (Z/nZ)^×

$n\;$	$(\mathbb{Z}/n\mathbb{Z})^\times$	$\varphi(n)\;$	$\lambda(n)\;$	generating set		$n\;$	$(\mathbb{Z}/n\mathbb{Z})^\times$	$\varphi(n)\;$	$\lambda(n)\;$	generating set
2	{1}	1	1	1		33	C2×C10	20	10	10, 2
3	C2	2	2	2		34	C16	16	16	3
4	C2	2	2	3		35	C2×C12	24	12	6, 2
5	C4	4	4	2		36	C2×C6	12	6	19, 5
6	C2	2	2	5		37	C36	36	36	2
7	C6	6	6	3		38	C18	18	18	3
8	C2×C2	4	2	7, 3		39	C2×C12	24	12	38, 2
9	C6	6	6	2		40	C2×C2×C4	16	4	39, 11, 3
10	C4	4	4	3		41	C40	40	40	6
11	C10	10	10	2		42	C2×C6	12	6	13, 5
12	C2×C2	4	2	5, 7		43	C42	42	42	3
13	C12	12	12	2		44	C2×C10	20	10	43, 3
14	C6	6	6	3		45	C2×C12	24	12	44, 2
15	C2×C4	8	4	14, 2		46	C22	22	22	5
16	C2×C4	8	4	15, 3		47	C46	46	46	5
17	C16	16	16	3		48	C2×C2×C4	16	4	47, 7, 5
18	C6	6	6	5		49	C42	42	42	3
19	C18	18	18	2		50	C20	20	20	3
20	C2×C4	8	4	19, 3		51	C2×C16	32	16	50, 5
21	C2×C6	12	6	20, 2		52	C2×C12	24	12	51, 7
22	C10	10	10	7		53	C52	52	52	2
23	C22	22	22	5		54	C18	18	18	5
24	C2×C2×C2	8	2	5, 7, 13		55	C2×C20	40	20	21, 2
25	C20	20	20	2		56	C2×C2×C6	24	6	13, 29, 3
26	C12	12	12	7		57	C2×C18	36	18	20, 2
27	C18	18	18	2		58	C28	28	28	3
28	C2×C6	12	6	13, 3		59	C58	58	58	2
29	C28	28	28	2		60	C2×C2×C4	16	4	11, 19, 7
30	C2×C4	8	4	11, 7		61	C60	60	60	2
31	C30	30	30	3		62	C30	30	30	3
32	C2×C8	16	8	31, 3		63	C6×C6	36	6	2, 5

See also

Lenstra elliptic curve factorization

Notes

1. ^ Gauss, DA, arts. 90–91
2. ^ Gauss, DA, arts.52–56, 82–89
3. ^ Riesel covers all of this. pp. 267–275

References

The Disquisitiones Arithmeticae has been translated from Gauss's Ciceronian Latin into English and German. The German edition includes all of his papers on number theory: all the proofs of quadratic reciprocity, the determination of the sign of the Gauss sum, the investigations into biquadratic reciprocity, and unpublished notes.

• Gauss, Carl Friedrich; Clarke, Arthur A. (translator into English) (1986), Disquisitiones Arithemeticae (Second, corrected edition), New York: Springer, ISBN 0387962549 

• Gauss, Carl Friedrich; Maser, H. (translator into German) (1965), Untersuchungen uber hohere Arithmetik (Disquisitiones Arithemeticae & other papers on number theory) (Second edition), New York: Chelsea, ISBN 0-8284-0191-8 

• Riesel, Hans (1994), Prime Numbers and Computer Methods for Factorization (second edition), Boston: Birkhäuser, ISBN 0-8176-3743-5 

External links

• Calculator by Shing Hing Man
• Weisstein, Eric W., "Modulo Multiplication Group" from MathWorld.