###### Theorem2.2.1Division Algorithm

Let \(a\) and \(b\) be integers, with \(b \gt 0\text{.}\) Then there exist unique integers \(q\) and \(r\) such that

\begin{equation*} a = bq + r \end{equation*}where \(0 \leq r \lt b\text{.}\)

\(\newcommand{\identity}{\mathrm{id}}
\newcommand{\notdivide}{{\not{\mid}}}
\newcommand{\notsubset}{\not\subset}
\newcommand{\lcm}{\operatorname{lcm}}
\newcommand{\gf}{\operatorname{GF}}
\newcommand{\inn}{\operatorname{Inn}}
\newcommand{\aut}{\operatorname{Aut}}
\newcommand{\Hom}{\operatorname{Hom}}
\newcommand{\cis}{\operatorname{cis}}
\newcommand{\chr}{\operatorname{char}}
\newcommand{\Null}{\operatorname{Null}}
\newcommand{\lt}{<}
\newcommand{\gt}{>}
\newcommand{\amp}{&}
\)

An application of the Principle of Well-Ordering that we will use often is the division algorithm.

Let \(a\) and \(b\) be integers, with \(b \gt 0\text{.}\) Then there exist unique integers \(q\) and \(r\) such that

\begin{equation*} a = bq + r \end{equation*}where \(0 \leq r \lt b\text{.}\)

This is a perfect example of the existence-and-uniqueness type of proof. We must first prove that the numbers \(q\) and \(r\) actually exist. Then we must show that if \(q'\) and \(r'\) are two other such numbers, then \(q = q'\) and \(r = r'\text{.}\)

*Existence of \(q\) and \(r\text{.}\)* Let

If \(0 \in S\text{,}\) then \(b\) divides \(a\text{,}\) and we can let \(q = a/b\) and \(r = 0\text{.}\) If \(0 \notin S\text{,}\) we can use the Well-Ordering Principle. We must first show that \(S\) is nonempty. If \(a \gt 0\text{,}\) then \(a - b \cdot 0 \in S\text{.}\) If \(a \lt 0\text{,}\) then \(a - b(2a) = a(1 - 2b) \in S\text{.}\) In either case \(S \neq \emptyset\text{.}\) By the Well-Ordering Principle, \(S\) must have a smallest member, say \(r = a - bq\text{.}\) Therefore, \(a = bq + r\text{,}\) \(r \geq 0\text{.}\) We now show that \(r \lt b\text{.}\) Suppose that \(r \gt b\text{.}\) Then

\begin{equation*} a - b(q + 1)= a - bq - b = r - b \gt 0. \end{equation*}In this case we would have \(a - b(q + 1)\) in the set \(S\text{.}\) But then \(a - b(q + 1) \lt a - bq\text{,}\) which would contradict the fact that \(r = a - bq\) is the smallest member of \(S\text{.}\) So \(r \leq b\text{.}\) Since \(0 \notin S\text{,}\) \(r \neq b\) and so \(r \lt b\text{.}\)

*Uniqueness of \(q\) and \(r\text{.}\)* Suppose there exist integers \(r\text{,}\) \(r'\text{,}\) \(q\text{,}\) and \(q'\) such that

Then \(bq + r = bq' + r'\text{.}\) Assume that \(r' \geq r\text{.}\) From the last equation we have \(b(q - q') = r' - r\text{;}\) therefore, \(b\) must divide \(r' - r\) and \(0 \leq r'- r \leq r' \lt b\text{.}\) This is possible only if \(r' - r = 0\text{.}\) Hence, \(r = r'\) and \(q = q'\text{.}\)

Let \(a\) and \(b\) be integers. If \(b = ak\) for some integer \(k\text{,}\) we write \(a \mid b\text{.}\) An integer \(d\) is called a **common divisor** of \(a\) and \(b\) if \(d \mid a\) and \(d \mid b\text{.}\) The **greatest common divisor** of integers \(a\) and \(b\) is a positive integer \(d\) such that \(d\) is a common divisor of \(a\) and \(b\) and if \(d'\) is any other common divisor of \(a\) and \(b\text{,}\) then \(d' \mid d\text{.}\) We write \(d = \gcd(a, b)\text{;}\) for example, \(\gcd( 24, 36) = 12\) and \(\gcd(120, 102) = 6\text{.}\) We say that two integers \(a\) and \(b\) are **relatively prime** if \(\gcd( a, b ) = 1\text{.}\)

Let \(a\) and \(b\) be nonzero integers. Then there exist integers \(r\) and \(s\) such that

\begin{equation*} \gcd( a, b) = ar + bs. \end{equation*}Furthermore, the greatest common divisor of \(a\) and \(b\) is unique.

Let

\begin{equation*} S = \{ am + bn : m, n \in {\mathbb Z} \text{ and } am + bn \gt 0 \}. \end{equation*}Clearly, the set \(S\) is nonempty; hence, by the Well-Ordering Principle \(S\) must have a smallest member, say \(d = ar + bs\text{.}\) We claim that \(d = \gcd( a, b)\text{.}\) Write \(a = dq + r'\) where \(0 \leq r' \lt d\text{.}\) If \(r' \gt 0\text{,}\) then

\begin{align*} r'& = a - dq\\ & = a - (ar + bs)q\\ & = a - arq - bsq\\ & = a( 1 - rq ) + b( -sq ), \end{align*}which is in \(S\text{.}\) But this would contradict the fact that \(d\) is the smallest member of \(S\text{.}\) Hence, \(r' = 0\) and \(d\) divides \(a\text{.}\) A similar argument shows that \(d\) divides \(b\text{.}\) Therefore, \(d\) is a common divisor of \(a\) and \(b\text{.}\)

Suppose that \(d'\) is another common divisor of \(a\) and \(b\text{,}\) and we want to show that \(d' \mid d\text{.}\) If we let \(a = d'h\) and \(b = d'k\text{,}\) then

\begin{equation*} d = ar + bs = d'hr + d'ks = d'(hr + ks). \end{equation*}So \(d'\) must divide \(d\text{.}\) Hence, \(d\) must be the unique greatest common divisor of \(a\) and \(b\text{.}\)

Let \(a\) and \(b\) be two integers that are relatively prime. Then there exist integers \(r\) and \(s\) such that \(ar + bs = 1\text{.}\)

Among other things, Theorem Theorem 2.2.2 allows us to compute the greatest common divisor of two integers.

Let us compute the greatest common divisor of \(945\) and \(2415\text{.}\) First observe that

\begin{align*} 2415 & = 945 \cdot 2 + 525\\ 945 & = 525 \cdot 1 + 420\\ 525 & = 420 \cdot 1 + 105\\ 420 & = 105 \cdot 4 + 0. \end{align*}Reversing our steps, 105 divides 420, 105 divides 525, 105 divides 945, and 105 divides 2415. Hence, 105 divides both 945 and 2415. If \(d\) were another common divisor of 945 and 2415, then \(d\) would also have to divide 105. Therefore, \(\gcd( 945, 2415 ) = 105\text{.}\)

If we work backward through the above sequence of equations, we can also obtain numbers \(r\) and \(s\) such that \(945 r + 2415 s = 105\text{.}\) Observe that

\begin{align*} 105 & = 525 + (-1) \cdot 420\\ & = 525 + (-1) \cdot [945 + (-1) \cdot 525]\\ & = 2 \cdot 525 + (-1) \cdot 945\\ & = 2 \cdot [2415 + (-2) \cdot 945] + (-1) \cdot 945\\ & = 2 \cdot 2415 + (-5) \cdot 945. \end{align*}So \(r = -5\) and \(s= 2\text{.}\) Notice that \(r\) and \(s\) are not unique, since \(r = 41\) and \(s = -16\) would also work.

To compute \(\gcd(a,b) = d\text{,}\) we are using repeated divisions to obtain a decreasing sequence of positive integers \(r_1 \gt r_2 \gt \cdots \gt r_n = d\text{;}\) that is,

\begin{align*} b & = a q_1 + r_1\\ a & = r_1 q_2 + r_2\\ r_1 & = r_2 q_3 + r_3\\ & \vdots \\ r_{n - 2} & = r_{n - 1} q_{n} + r_{n}\\ r_{n - 1} & = r_n q_{n + 1}. \end{align*}To find \(r\) and \(s\) such that \(ar + bs = d\text{,}\) we begin with this last equation and substitute results obtained from the previous equations:

\begin{align*} d & = r_n\\ & = r_{n - 2} - r_{n - 1} q_n\\ & = r_{n - 2} - q_n( r_{n - 3} - q_{n - 1} r_{n - 2} )\\ & = -q_n r_{n - 3} + ( 1+ q_n q_{n-1} ) r_{n - 2} \\ & \vdots \\ & = ra + sb. \end{align*}The algorithm that we have just used to find the greatest common divisor \(d\) of two integers \(a\) and \(b\) and to write \(d\) as the linear combination of \(a\) and \(b\) is known as the **Euclidean algorithm**.

Let \(p\) be an integer such that \(p \gt 1\text{.}\) We say that \(p\) is a **prime number**, or simply \(p\) is **prime**, if the only positive numbers that divide \(p\) are 1 and \(p\) itself. An integer \(n \gt 1\) that is not prime is said to be **composite**.

Let \(a\) and \(b\) be integers and \(p\) be a prime number. If \(p \mid ab\text{,}\) then either \(p \mid a\) or \(p \mid b\text{.}\)

Suppose that \(p\) does not divide \(a\text{.}\) We must show that \(p \mid b\text{.}\) Since \(\gcd( a, p ) = 1\text{,}\) there exist integers \(r\) and \(s\) such that \(ar + ps = 1\text{.}\) So

\begin{equation*} b = b(ar + ps) = (ab)r + p(bs). \end{equation*}Since \(p\) divides both \(ab\) and itself, \(p\) must divide \(b = (ab)r + p(bs)\text{.}\)

There exist an infinite number of primes.

We will prove this theorem by contradiction. Suppose that there are only a finite number of primes, say \(p_1, p_2, \ldots, p_n\text{.}\) Let \(P = p_1 p_2 \cdots p_n + 1\text{.}\) Then \(P\) must be divisible by some \(p_i\) for \(1 \leq i \leq n\text{.}\) In this case, \(p_i\) must divide \(P - p_1 p_2 \cdots p_n = 1\text{,}\) which is a contradiction. Hence, either \(P\) is prime or there exists an additional prime number \(p \neq p_i\) that divides \(P\text{.}\)

Let \(n\) be an integer such that \(n \gt 1\text{.}\) Then

\begin{equation*} n = p_1 p_2 \cdots p_k, \end{equation*}where \(p_1, \ldots, p_k\) are primes (not necessarily distinct). Furthermore, this factorization is unique; that is, if

\begin{equation*} n = q_1 q_2 \cdots q_l, \end{equation*}then \(k = l\) and the \(q_i\)'s are just the \(p_i\)'s rearranged.

*Uniqueness.* To show uniqueness we will use induction on \(n\text{.}\) The theorem is certainly true for \(n = 2\) since in this case \(n\) is prime. Now assume that the result holds for all integers \(m\) such that \(1 \leq m \lt n\text{,}\) and

where \(p_1 \leq p_2 \leq \cdots \leq p_k\) and \(q_1 \leq q_2 \leq \cdots \leq q_l\text{.}\) By Lemma Lemma 2.2.5, \(p_1 \mid q_i\) for some \(i = 1, \ldots, l\) and \(q_1 \mid p_j\) for some \(j = 1, \ldots, k\text{.}\) Since all of the \(p_i\)'s and \(q_i\)'s are prime, \(p_1 = q_i\) and \(q_1 = p_j\text{.}\) Hence, \(p_1 = q_1\) since \(p_1 \leq p_j = q_1 \leq q_i = p_1\text{.}\) By the induction hypothesis,

\begin{equation*} n' = p_2 \cdots p_k = q_2 \cdots q_l \end{equation*}has a unique factorization. Hence, \(k = l\) and \(q_i = p_i\) for \(i = 1, \ldots, k\text{.}\)

*Existence.* To show existence, suppose that there is some integer that cannot be written as the product of primes. Let \(S\) be the set of all such numbers. By the Principle of Well-Ordering, \(S\) has a smallest number, say \(a\text{.}\) If the only positive factors of \(a\) are \(a\) and 1, then \(a\) is prime, which is a contradiction. Hence, \(a = a_1 a_2\) where \(1 \lt a_1 \lt a\) and \(1 \lt a_2 \lt a\text{.}\) Neither \(a_1\in S\) nor \(a_2 \in S\text{,}\) since \(a\) is the smallest element in \(S\text{.}\) So

Therefore,

\begin{equation*} a = a_1 a_2 = p_1 \cdots p_r q_1 \cdots q_s. \end{equation*}So \(a \notin S\text{,}\) which is a contradiction.

Prime numbers were first studied by the ancient Greeks. Two important results from antiquity are Euclid's proof that an infinite number of primes exist and the Sieve of Eratosthenes, a method of computing all of the prime numbers less than a fixed positive integer \(n\text{.}\) One problem in number theory is to find a function \(f\) such that \(f(n)\) is prime for each integer \(n\text{.}\) Pierre Fermat (1601?–1665) conjectured that \(2^{2^n} + 1\) was prime for all \(n\text{,}\) but later it was shown by Leonhard Euler (1707–1783) that

\begin{equation*} 2^{2^5} + 1 = \text{4,294,967,297} \end{equation*}is a composite number. One of the many unproven conjectures about prime numbers is Goldbach's Conjecture. In a letter to Euler in 1742, Christian Goldbach stated the conjecture that every even integer with the exception of 2 seemed to be the sum of two primes: \(4 = 2 + 2\text{,}\) \(6 = 3 + 3\text{,}\) \(8 =3 + 5\text{,}\) \(\ldots\text{.}\) Although the conjecture has been verified for the numbers up through \(4 \times 10^{18}\text{,}\) it has yet to be proven in general. Since prime numbers play an important role in public key cryptography, there is currently a great deal of interest in determining whether or not a large number is prime.

Sage's original purpose was to support research in number theory, so it is perfect for the types of computations with the integers that we have in this chapter.