Proofs of Fermat's little theorem


Proofs of Fermat's little theorem

This article collects together a variety of proofs of Fermat's little theorem, which states that:a^p equiv a pmod p ,!for every prime number "p" and every integer "a" (see modular arithmetic).

Simplifications

Some of the proofs of Fermat's little theorem given below depend on two simplifications.

The first is that we may assume that "a" is in the range 0 ≤ "a" ≤ "p" − 1. This is a simple consequence of the laws of modular arithmetic; we are simply saying that we may first reduce "a" modulo "p".

Secondly, it suffices to prove that:a^{p-1} equiv 1 pmod p quad quad (X)for "a" in the range 1 ≤ "a" ≤ "p" − 1. Indeed, if (X) holds for such "a", then we can simply multiply both sides by "a" to obtain the original form of the theorem,:a^p equiv a pmod p, ,!and if "a" happens to be zero, the original equation in its original form is obviously true anyway.

Proof by counting bracelets

This is perhaps the simplest known proof, requiring the least mathematical background. It is an attractive example of a combinatorial proof (a proof that involves counting a collection of objects in two different ways).

The proof given here is an adaptation of Dijkstra's manuscript [http://www.cs.utexas.edu/users/EWD/transcriptions/EWD07xx/EWD740.html "A short proof of one of Fermat's theorems"] (EWD740).

To keep things simple, let us assume that "a" is a positive integer. Consider all the possible strings of "p" symbols, using an alphabet with "a" different symbols. The total number of such strings is "a""p", since there are "a" possibilities for each of "p" positions (see rule of product).

For example, if "p" = 5 and "a" = 2, then we can use an alphabet with two symbols (say "A" and "B"), and there are 25 = 32 strings of length five:: AAAAA, AAAAB, AAABA, AAABB, AABAA, AABAB, AABBA, AABBB,: ABAAA, ABAAB, ABABA, ABABB, ABBAA, ABBAB, ABBBA, ABBBB,: BAAAA, BAAAB, BAABA, BAABB, BABAA, BABAB, BABBA, BABBB,: BBAAA, BBAAB, BBABA, BBABB, BBBAA, BBBAB, BBBBA, BBBBB.

We will argue below that if we remove the strings consisting of a single symbol from the list (in our example, AAAAA and BBBBB), the remaining "a" "p" − "a" strings can be arranged into groups, each group containing exactly "p" strings. It follows that "a" "p" − "a" is divisible by "p".

Bracelets

Let us think of each such string as representing a bracelet. That is, we connect the two ends of the string together, and regard two strings as the same bracelet if we can "rotate" one string to obtain the second string; in this case we will say that the two strings are friends. In our example, the following strings are all friends:: AAAAB, AAABA, AABAA, ABAAA, BAAAA.Similarly, each line of the following list corresponds to a single bracelet.: AAABB, AABBA, ABBAA, BBAAA, BAAAB,: AABAB, ABABA, BABAA, ABAAB, BAABA,: AABBB, ABBBA, BBBAA, BBAAB, BAABB,: ABABB, BABBA, ABBAB, BBABA, BABAB,: ABBBB, BBBBA, BBBAB, BBABB, BABBB,: AAAAA,: BBBBB.Notice that in the above list, some bracelets are represented by five different strings, and some only by a single string, so the list shows very clearly why 32 − 2 is divisible by 5.

One can use the following rule to work out how many friends a given string "S" has:: "If S is built up of several copies of the string T, and T cannot itself be broken down further into repeating strings, then the number of friends of S (including S itself) is equal to the "length" of T."

For example, suppose we start with the string "S" = "ABBABBABBABB", which is built up of several copies of the shorter string "T" = "ABB". If we rotate it one symbol at time, we obtain the following three strings:: ABBABBABBABB,: BBABBABBABBA,: BABBABBABBAB.There aren't any others, because ABB is exactly three symbols long, and cannot be broken down into further repeating strings.

Completing the proof

Using the above rule, we can complete the proof of Fermat's little theorem quite easily, as follows. Our starting pool of "a""p" strings may be split into two categories:
* Some strings contain "p" identical symbols. There are exactly "a" of these, one for each symbol in the alphabet. (In our running example, these are the strings AAAAA and BBBBB.)
* The rest of the strings use at least two distinct symbols from the alphabet. If we try to break up such a string "S" into repeating copies of a string "T", we find that because "p" is prime, the only possibility is that "T" is already the whole string "S". Therefore, the above rule tells us that "S" has exactly "p" friends (including "S" itself).

The second category contains "a" "p" − "a" strings, and they may be arranged into groups of "p" strings, one group for each bracelet. Therefore "a" "p" − "a" must be divisible by "p", as promised.

Proof using modular arithmetic

This proof requires some background in modular arithmetic.

Let us assume that "a" is positive and not divisible by "p". The idea is that if we write down the sequence of numbers:a, 2a, 3a, ldots, (p-1)a quadquad (A) and reduce each one modulo "p", the resulting sequence turns out to be a rearrangement of:1, 2, 3, ldots, p-1. quadquadquad (B) Therefore, if we multiply together the numbers in each sequence, the results must be identical modulo "p"::a imes 2a imes 3a imes cdots imes (p-1)a equiv 1 imes 2 imes 3 imes cdots (p-1) pmod p.Collecting together the "a" terms yields:a^{p-1} (1 imes 2 imes 3 imes cdots imes (p-1)) equiv 1 imes 2 imes 3 imes cdots (p-1) pmod p.Finally, we may "cancel out" the numbers 1, 2, ..., "p" − 1 from both sides of this equation, obtaining:a^{p-1} equiv 1 pmod p.,!

There are two steps in the above proof that we need to justify:
* Why (A) is a rearrangement of (B), and
* Why it is valid to "cancel" in the setting of modular arithmetic.We will prove these things below; let us first see an example of this proof in action.

An example

If "a" = 3 and "p" = 7, then the sequence in question is:3, 6, 9, 12, 15, 18;,!reducing modulo 7 gives:3, 6, 2, 5, 1, 4,,!which is just a rearrangement of:1, 2, 3, 4, 5, 6.,!Multiplying them together gives:3 imes 6 imes 9 imes 12 imes 15 imes 18 equiv 3 imes 6 imes 2 imes 5 imes 1 imes 4 equiv 1 imes 2 imes 3 imes 4 imes 5 imes 6 pmod 7;,!that is,:3^6 (1 imes 2 imes 3 imes 4 imes 5 imes 6) equiv (1 imes 2 imes 3 imes 4 imes 5 imes 6) pmod 7.,!Cancelling out by 1, 2, ... up to 6 yields:3^6 equiv 1 pmod 7, ,!which is Fermat's little theorem for the case "a" = 3 and "p" = 7.

The rearrangement property

Finally, we must explain why the sequence:a, 2a, 3a, ldots, (p-1)a, ,!when reduced modulo "p", becomes a rearrangement of the sequence:1, 2, 3, ldots, p-1.,!To start with, none of the terms "a", 2"a", ..., ("p" − 1)"a" can be equal to zero modulo "p", since if "k" is one of the numbers 1, 2, ..., "p" − 1, then "k" is not divisible by "p", and neither is "a", so Euclid's lemma tells us that "ka" cannot be divisible by "p". Therefore, at least we know that the numbers "a", 2"a", ..., ("p" − 1)"a", when reduced modulo "p", must be found among the numbers 1, 2, 3, ..., "p" − 1.

Furthermore, the numbers "a", 2"a", ..., ("p" − 1)"a" must all be "distinct" after reducing them modulo "p", because if:ka equiv ma pmod p, ,!where "k" and "m" are one of 1, 2, ..., "p" − 1, then the cancellation law tells us that:k equiv m pmod p. ,!

To summarise: when we reduce the "p" − 1 numbers "a", 2"a", ..., ("p" − 1)"a" modulo "p", we obtain distinct members of the sequence 1, 2, ..., "p" − 1. Since there are exactly "p" − 1 of these, the only possibility is that the former are a rearrangement of the latter.

The cancellation law

Let us first explain why it is valid, in certain situations, to "cancel". The exact statement is as follows. If "u", "x" and "y" are integers, and "u" is not divisible by "p", and if:ux equiv uy pmod p, ,!then we may "cancel" "u" to obtain:x equiv y pmod p. ,!Our use of this cancellation law in the above proof of Fermat's little theorem was valid, because the numbers 1, 2, ..., "p" − 1 are certainly not divisible by "p" (indeed they are "smaller" than "p").

We can prove the cancellation law easily using Euclid's lemma, which states that if a prime "p" divides a product "rs" (where "r" and "s" are integers), then either "p" divides "r" or "p" divides "s". Indeed, the equation:ux equiv uy pmod p, ,!simply means that "p" divides "ux" − "uy" = "u"("x" − "y"). Since "p" cannot divide "u", since each factor of "u" is less than "p" and "p" is prime, therefore it cannot be the product of any factors of "u", Euclid's lemma tells us that it must divide "x" − "y" instead; that is,:x equiv y pmod p. ,!

(Note that the conditions under which the cancellation law holds are quite strict, and this explains why Fermat's little theorem demands that "p" be a prime. For example, 2 × 2 ≡ 2 × 5 (mod 6), but we cannot conclude that 2 ≡ 5 (mod 6), since 6 is not prime.)

Proof using group theory

This proof requires the most basic elements of group theory.

The idea is to recognise that the set "G" = {1, 2, …, "p" − 1}, with the operation of multiplication (taken modulo "p"), forms a group. The only group axiom that requires some effort to verify is that each element of "G" is invertible. Taking this on trust for the moment, let us assume that "a" is in the range 1 ≤ "a" ≤ "p" − 1, that is, "a" is an element of "G". Let "k" be the order of "a", so that:a^k equiv 1 pmod p. ,!By Lagrange's theorem, "k" divides the order of "G", which is "p" − 1, so "p" − 1 = "km" for some positive integer "m". Then:a^{p-1} equiv a^{km} equiv (a^k)^m equiv 1^m equiv 1 pmod p. ,!

The invertibility property

To prove that every element "b" of "G" is invertible, we may proceed as follows. First, "b" is relatively prime to "p". Then Bézout's identity assures us that there are integers "x" and "y" such that:bx + py = 1. ,!Reading this equation modulo "p", we see that "x" is an inverse for "b", since:bx equiv 1 pmod p. ,!Therefore every element of "G" is invertible, so as remarked earlier, "G" is a group.

For example, when "p" = 11, the inverses of each element are given as follows::

Proof using the binomial theorem

This proof uses induction to prove the theorem for all integers "a" ≥ 0.

The base step, that 0 "p" ≡ 0 (mod "p"), is true for modular arithmetic because it is true for integers. Next, we must show that if the theorem is true for "a" = "k", then it is also true for "a" = "k"+1. For this inductive step, we need the following lemma.

Lemma. For any prime "p",

:(x+y)^p equiv x^p+y^p pmod{p}.,

An alternative way of viewing this lemma is that it states that:(x+y)^p = x^p + y^p,!for any "x" and "y" in the finite field GF("p").

Postponing the proof of the lemma for now, we proceed with the induction.

Proof. Assume "k""p" ≡ "k" (mod "p"), and consider ("k"+1)"p". By the lemma we have

:(k+1)^p equiv k^p + 1^p pmod{p}.,

Using the induction hypothesis, we have that "k""p" ≡ "k" (mod "p"); and, trivially, 1"p" = 1. Thus

:(k+1)^p equiv k + 1 pmod{p},,

which is the statement of the theorem for "a" = "k"+1. ∎

In order to prove the lemma, we must introduce the binomial theorem, which states that for any positive integer "n",

:(x+y)^n=sum_{i=0}^n{n choose i}x^{n-i}y^n,

where the coefficients are the binomial coefficients,

:{n choose i}=frac{n!}{i!(n-i)!},

described in terms of the factorial function, "n" ! = 1×2×3×⋯×"n".

Proof of lemma. The binomial coefficients are all integers and when 0 < "i" < "p", neither of the terms in the denominator includes a factor of "p", leaving the coefficient itself to possess a prime factor of "p" which must exist in the numerator, implying that

:{p choose i} equiv 0 pmod{p},qquad 0 < i < p.

Modulo "p", this eliminates all but the first and last terms of the sum on the left-hand side of the binomial theorem for prime "p". ∎

The primality of "p" is essential to the lemma; otherwise, we have examples like

:{4 choose 2} = 6,

which is not divisible by 4.

Proof using dynamical systems

This proof uses some basic concepts from dynamical systems.

We start by considering a family of functions, "T""n"("x"), where "n" &ge; 2 is an integer, mapping the interval [0, 1] to itself by the formula:T_n(x) = egin{cases} { nx } & 0 leq x < 1, \ 1 & x = 1,end{cases}where {"y"} denotes the fractional part of "y". For example, the function "T"3("x") is illustrated below:

A number "x"0 is said to be a fixed point of a function "f"("x") if "f"("x"0) = "x"0; in other words, if "f" leaves "x"0 fixed. The fixed points of a function can be easily found graphically: they are simply the "x"-coordinates of the points where the graph of "f"("x") intersects the graph of the line "y" = "x". For example, the fixed points of the function "T"3("x") are 0, 1/2, and 1; they are marked by black circles on the following diagram.

We will require the following two lemmas.

Lemma 1. For any "n" &ge; 2, the function "T""n"("x") has exactly "n" fixed points.

Proof. There are three fixed points in the illustration above, and the same sort geometrical argument applies for any "n" &ge; 2.

Lemma 2. For any positive integers "n" and "m", and any 0 &le; x &le; 1,:T_m(T_n(x)) = T_{mn}(x).,In other words, "T""mn"("x") is the composition of "T""n"("x") and "T""m"("x").

Proof. The proof of this lemma is not difficult, but we need to be slightly careful with the endpoint "x" = 1. For this point the lemma is clearly true since:T_m(T_n(1)) = T_m(1) = 1 = T_{mn}(1).,!So let us assume that 0 &le; "x" < 1. In this case,:T_n(x) = {nx} < 1, ,!so "T""m"("T""n"("x")) is given by:T_m(T_n(x)) = {m{nx}}.,!Therefore, what we really need to show is that:{m{nx}} = {mnx}.,!To do this we observe that {"nx"} = "nx" − "k", where "k" is the integer part of "nx"; then:{m{nx}} = {mnx - mk} = {mnx} ,!since "mk" is an integer.

Now let us properly begin the proof of Fermat's little theorem, by studying the function "T""a" "p"("x"). We will assume that "a" is positive. From Lemma 1, we know that it has "a" "p" fixed points. By Lemma 2 we know that:egin{matrix}T_{a^p}(x) = & underbrace{T_a(T_a( cdots T_a(x) cdots ))}, \& p , extrm{ times} \end{matrix}so any fixed point of "T""a"("x") is automatically a fixed point of "T""a" "p"("x").

We are interested in the fixed points of "T""a" "p"("x") that are "not" fixed points of "T""a"("x"). Let us call the set of such points "S". There are "a" "p" − "a" points in "S", because by Lemma 1 again, "T""a"("x") has exactly "a" fixed points. The following diagram illustrates the situation for "a" = 3 and "p" = 2. The black circles are the points of "S", of which there are 32 − 3 = 6.

The main idea of the proof is now to split the set "S" up into its orbits under "T""a". What this means is that we pick a point "x"0 in "S", and repeatedly apply "T""a"(x) to it, to obtain the sequence of points: x_0, T_a(x_0), T_a(T_a(x_0)), T_a(T_a(T_a(x_0))), ldots. ,!This sequence is called the orbit of "x"0 under "T""a". By Lemma 2, this sequence can be rewritten as: x_0, T_a(x_0), T_{a^2}(x_0), T_{a^3}(x_0), ldots. Since we are assuming that "x"0 is a fixed point of "T""a" "p"("x"), after "p" steps we hit "T""a" "p"("x"0) = "x"0, and from that point onwards the sequence repeats itself.

However, the sequence "cannot" begin repeating itself any earlier than that. If it did, the length of the repeating section would have to be a divisor of "p", so it would have to be 1 (since "p" is prime). But this contradicts our assumption that "x"0 is not a fixed point of "T""a".

In other words, the orbit contains exactly "p" distinct points. This holds for every orbit of "S". Therefore, the set "S", which contains "a" "p" − "a" points, can be broken up into orbits, each containing "p" points, so "a" "p" − "a" is divisible by "p".


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Fermat's little theorem — (not to be confused with Fermat s last theorem) states that if p is a prime number, then for any integer a , a^p a will be evenly divisible by p . This can be expressed in the notation of modular arithmetic as follows::a^p equiv a pmod{p},!A… …   Wikipedia

  • Fermat's Last Theorem — is the name of the statement in number theory that:: It is impossible to separate any power higher than the second into two like powers,or, more precisely:: If an integer n is greater than 2, then the equation a^n + b^n = c^n has no solutions in… …   Wikipedia

  • Proofs of Fermat's theorem on sums of two squares — Fermat s theorem on sums of two squares asserts that an odd prime number p can be expressed as: p = x^2 + y^2with integer x and y if and only if p is congruent to 1 (mod 4). The statement was announced by Fermat in 1640, but he supplied no proof …   Wikipedia

  • Theorem — The Pythagorean theorem has at least 370 known proofs[1] In mathematics, a theorem is a statement that has been proven on the basis of previously established statements, such as other theorems, and previously accepted statements …   Wikipedia

  • Fermat, Pierre de — born Aug. 17, 1601, Beaumont de Lomagne, France died Jan. 12, 1665, Castres French mathematician. Of Basque origin, Fermat studied law at Toulouse and developed interests in foreign languages, Classical literature, ancient science, and… …   Universalium

  • List of mathematical proofs — A list of articles with mathematical proofs:Theorems of which articles are primarily devoted to proving them: See also: *Bertrand s postulate and a proof *Estimation of covariance matrices *Fermat s little theorem and some proofs *Gödel s… …   Wikipedia

  • Wilson's theorem — In mathematics, Wilson s theorem states that a natural number n > 1 is a prime number if and only if (see factorial and modular arithmetic for the notation). Contents 1 History 2 Proofs …   Wikipedia

  • Euler's theorem — In number theory, Euler s theorem (also known as the Fermat Euler theorem or Euler s totient theorem) states that if n is a positive integer and a is coprime to n , then:a^{varphi (n)} equiv 1 pmod{n}where φ( n ) is Euler s totient function and …   Wikipedia

  • Pierre de Fermat — Born August 17, 1601( …   Wikipedia

  • Pythagorean theorem — See also: Pythagorean trigonometric identity The Pythagorean theorem: The sum of the areas of the two squares on the legs (a and b) equals the area of the square on the hypotenuse (c) …   Wikipedia