%! TEX root = NT.tex
% vim: tw=50
% 09/10/2023 10AM

\begin{corollary*}
  \refsteplabel[earlier Corollary]{fta_gcd_coro}
  Given $m, n \in \NN$ with
  \[ m = \prod_{i = 1}^k p_i^{a_i} \qquad n =
  \prod_{i = 1}^k p_i^{b_i} \qquad a_i, b_i \ge 0 \]
  for some distinct \glspl{prime} $p_i$, we have
  \[ \gcdbrack(m, n) = \gcd(m, n) = \prod_{i = 1}^k
  p_i^{\min(a_i, b_i)} .\]
  In particular,
  \[ m \divides n \iff \gcdbrack(m, n) = m \iff a_i \le b_i
  ~\forall i \]
  and
  \[ \gcdbrack(m, n) = 1 \iff \min(a_i, b_i) = 0 ~\forall i
  \iff \text{$\not\exists$ \gls{prime} $p$ such that $p
  \divides m$ and $p \divides n$} .\]
\end{corollary*}

\begin{definition*}[Coprime]
  \glsadjdefn{coprime}{coprime}{numbers}
  We say that $m$ and $n$ are \emph{coprime} if
  $\gcdbrack(m, n) =
  1$ (which is equivalent to saying that $m$ and
  $n$ have no common \gls{prime} factors, by
  \nameref{fta_gcd_coro}).
\end{definition*}
\vspace{-1em}

We can compute $\gcdbrack(m, n)$ this way, but it's much
less efficient than \gls{euclid_alg} if the
\gls{prime_factorisation} of $m, n$ is not already
known.

\begin{flashcard}[polynomial-time-algorithm-defn]
\begin{definition}
  \glsadjdefn{poly_time}{polynomial time}{algorithm}
  An algorithm with input integer $N > 1$ is
  \emph{polynomial time} if \cloze{constants $b, c > 0$
  such that it always completes after at most
  $b(\log N)^c$ ``elementary operations'' (for
  example adding and multiplying digits in a fixed
  base).

  If an algorithm has inputs $N_1, \ldots, N_k$,
  it's polynomial time if it completes after
  $b(\max_i N_i)^c$ operations.}
\end{definition}
\end{flashcard}

\begin{example*}
  \phantom{}
  \begin{itemize}
    \item Addition and multiplication in the usual way.
    \item \gls{euclid_alg} to compute $\gcdbrack(N_1,
      N_2)$ (this is on \es{1}).
    \item There exists a \gls{poly_time} primality
      test (Agrawal-Kayal-Saxena, 2002).
    \item What about
      \glsref[prime_factorisation]{factorisation}? The simplest
      procedure to factor $N \in \NN$ is trial
      division, i.e. testing each $b \in \NN$, $1
      < b \le \sqrt{N}$ to see if $b \mid N$. In
      the worst case, this requires $\sqrt{N}$
      divisions. As $N \to \infty$, $\sqrt{N}$
      grows much faster than any power of $\log
      N$.

      To put this in perspective, suppose $N = pq$
      where $p, q$ are 50 digit primes. Suppose we
      can do $10^{10}$ divisions per second. To
      factorise $N$ using trial division would
      take about $10^{50} / 10^{10}$ seconds,
      which is about $3 \times 10^{32}$ years.

      There is no known algorithm to
      \glsref[prime_factorisation]{factorise}
      integers in \gls{poly_time}. Using modern
      algorithms, it is practical to factor $200$
      digits. The record is the
      \glsref[prime_factorisation]{factorisation} of
      RSA-$250$ (250 digits). This required
      thousands of computers working for several
      months.
  \end{itemize}
\end{example*}

\begin{theorem}
  There are infinitely many \gls{prime} numbers.
\end{theorem}

\begin{proof}
  Suppose $p_1, \ldots, p_k$ are distinct
  \glspl{prime}.
  Let $N = p_1 \cdots p_k + 1$. Then $N > 1$, so
  it has a \gls{prime} factor $p$. We see $p
  \divides N
  \implies p \neq p_i ~\forall i$. Therefore there
  exists at least $k$ distinct \glspl{prime}.
\end{proof}

This is not an efficient way to find \glspl{prime} as it
involves
\glsref[prime_factorisation]{factorisation}.

One way to generate $50$ digit \gls{prime} numbers is to
randomly generate a $50$ digit integer and test to
see if it is \gls{prime}. Repeat this until you find a
\gls{prime} number. (\nameref{pnt} tells us how many
times we need to do this on average).

For some classes of numbers, there are special
(fast) primality tests.

\begin{example*}
  \glsnoundefn{mersenne_number}{Mersenne
  number}{Mersenne numbers}
  For Mersenne numbers $N = 2^p - 1$ where $p$ is
  a \gls{prime} number, there exists Lucas-Lehmer
  primality test (which is extremely fast). The
  largest known \gls{prime} number is the Mersenne
  number $2^p - 1$ where $p = 82,589,933$ (this
  has $24,862,048$ decimal digits).
\end{example*}

\begin{flashcard}[modulo-notation]
\begin{notation*}
  \glssymboldefn{mod}{modulo}{modulo}
  \glsnoundefn{modulo}{modulo}{modulo}
  Fix a \emph{modulus} $N \in \NN$. We say
  \cloze{$a, b \in \ZZ$ are congruent modulo $N$
  if $N \divides (a - b)$ and write $a \equiv b
  \pmod{N}$.}
\end{notation*}
\end{flashcard}

Congruence \gls{modulo} $N$ is an equivalence
relation on $\ZZ$ with classes $a + N\ZZ$. The
operation $(a + n\ZZ) + (b + N\ZZ) = (a + b) +
n\ZZ$ and $(a + N\ZZ)(b + N\ZZ) = ab + N\ZZ$
are well-defined. (Alternatively, $N\ZZ
\normalsub \ZZ$ is an ideal, $\ZZ / N\ZZ$ is
the quotient ring).

\begin{flashcard}[multiplicative-inverses-tfae-lemma]
\begin{lemma}
  \label{mult_inverse_lemma}
  Let $a \in \ZZ$. The following are equivalent:
  \begin{enumerate}[(1)]
    \item $\gcdbrack(a, N) = 1$
    \item $\exists b \in \ZZ$ such that $ab \equiv
      1 \pmod{N}$
    \item $a + N\ZZ$ generates $(\ZZ / N\ZZ, +)$
      (the additive group of congruence classes
      \gls{modulo} $N$)
  \end{enumerate}
\end{lemma}

\begin{proof}
  \phantom{}
  \cloze{
  \begin{enumerate}[(1) $\iff$ (2)]
    \item[(1) $\implies$ (2)] If $\gcdbrack(a, N) = 1$, there
      exists $x, y \in \ZZ$ such that $xa + yN =
      1$, i.e. $xa \equiv 1 \pmod{N}$.
    \item[(2) $\implies$ (1)] If there exists $b
      \in \ZZ$ such that $ab \equiv 1 \pmod{N}$,
      then there exists $k \in \ZZ$ such that $ab
      - 1 = kN$, i.e. $ab - kN = 1$, hence
      $\gcdbrack(a, N)
      = 1$.
    \item[(2) $\iff$ (3)] $1 + N\ZZ$ generates
      $(\ZZ / N\ZZ, +)$ as $\ub{(1 +
      N\ZZ) + \cdots + (1 + N\ZZ)}_{\text{$b$
      times}}$ equals $b + N\ZZ$.

      So $a + N\ZZ$ is a generator if and only if
      it generates $1 + N\ZZ$, which happens if
      and only if there exists $b \in \NN$ such
      that $\ub{(a + N\ZZ) + \cdots + (a +
      N\ZZ)}_{\text{$b$ times}} = 1 +
      N\ZZ$. This happens if and only if there
      exists $b$ with $ab \equiv 1 \pmod{N}$.
      \qedhere
  \end{enumerate}
  }
\end{proof}
\end{flashcard}

\begin{flashcard}[]
\begin{notation*}
  \glssymboldefn{mult}{multiplicative
  group}{multiplicative group}
  If $N > 1$, we write $(\ZZ / N\ZZ)^\times$ for
  \cloze{the group of congruence classes of $a$
  \gls{modulo}
  $N$ such that $\gcdbrack(a, N) = 1$, under
  multiplication. We sometimes call $(\ZZ /
  N\ZZ)^\times$ the group of units \gls{modulo} $N$.

  \glsnoundefn{totient_func}{Euler's totient
  function}{N/A}
  \glssymboldefn{totient_func}{Euler's totient
  function}{Euler's totient function}
  We also write $\phi(N) \defeq \#(\ZZ / N\ZZ)^\times$
  (we call this \emph{Euler's totient function}).}
\end{notation*}
\end{flashcard}
\vspace{-1em}

Note that $\totient(N) \le N - 1$, with equality if
and only if for all $b \in \NN$ with $1 \le b \le N -
1$, we have $\gcdbrack(b, N) = 1$. This happens if and only
if $N$ is \gls{prime}.

\begin{flashcard}[generators-of-C-n-coro]
\begin{corollary}
  \label{generators_of_C_n_coro}
  Let $G$ be a cyclic group of order $N > 1$. Then
  \cloze{$G$ contains $\totient(N)$ elements of order
  $N$.}
\end{corollary}

\begin{proof}
  \cloze{
  $G$ is isomorphic as a group to $(\ZZ / N\ZZ,
  +)$. The elements of order $N$ are exactly the
  generators of the group. By
  \cref{mult_inverse_lemma}, these are
  exactly the congruence classes $a + N\ZZ$ with
  $\gcdbrack(a, N) = 1$. There are $\totient(N)$ of these, by
  definition.
  }
\end{proof}
\end{flashcard}