Notes for Monday, July 13 1

4.4 Linear Congruences and Systems of Congruences

Example. Solve the linear congruence 5x + 6 ≡ 0 (mod 7). By adding 1 to both

sides of the congruence relation, we get 5x ≡ 1 (mod 7). This says that 7 | (5x−1)
or that 5x − 1 = 7y for some integer y. This is the linear Diophantine equation
5x − 7x = 1, which we can solve as usual by using the Euclidean algorithm:
7 = 1(5) + 2
5 = 2(2) + 1

so
1 = 5 − 2(2)
= 5 − 2[7 − 5]
= 3(5) − 2(7)

This gives x0 = 3 and y0 = 2 (but you might have already guessed those solutions
by trial and error). So the complete solution is
x = 3 + 7t
y = 2 + 5t

But all we really need is x = 3 + 7t, which can be written as x ≡ 3 (mod 7).

Example. Try 6x ≡ 7 (mod 24). This is 6x − 7 = 24y or 6x − 24y = 7. Now

gcd(6, 24) = 6 does not divide 7, so this congruence has no solutions.

Example. The congruence 15x ≡ 9 (mod 24) is more interesting. This becomes
15x − 24y = 9, which becomes 5x − 8y = 3 if we divide by gcd(15, 24) = 3. Since
gcd(5, 8) = 1, this has solutions. The equation 5x − 8y = 3 is simple enough that
we can just guess solutions: x0 = −1 and y0 = −1. This leads to x = −1 + 8t
or x ≡ −1 (mod 8). By adding 8 to both sides, we may write x ≡ 7 (mod 8).
What is interesting here is that the modulus has changed. Now the set of all x
that satisfy x ≡ 7 (mod 8) is the following:
{. . . , −17, −9, −1, 7, 15, 23, 31, 39, 47, 55, 63, 71, . . .},
but this can be written as
{. . . , −17, 7, 31, 55, . . .} ∪ {. . . , −9, 15, 39, 63, . . .} ∪ {. . . , −1, 23, 47, 71, . . .}.
 Notes for Monday, July 13 2

(Here, I’ve taken every third number to write these three sets.) In the original
set, the numbers differ by 8 but in these three sets, the numbers differ by 24. We
realize that x is in the first of these sets if x ≡ 7 (mod 24), x is in the second set
if x ≡ 15 (mod 24), and x is in the third set if x ≡ 23 (mod 24). That is, we can
express the solution of the original congruence 15x ≡ 9 (mod 24) by saying that
x ≡ 7 or 15 or 23 (mod 24). So the congruence has three solutions modulo 24.

Theorem: The congruence ax ≡ b (mod n) has solutions exactly when d =

gcd(a, n) divides b. In that case, the solutions are x ≡ x0 + ck (mod n) where
c = n/d and 0 ≤ k < d. That is, there are d many solutions.

In the last example above, we can write the solution as x ≡ 7 + 8k (mod 24),
where 0 ≤ k < 3.

The gist of the proof is to follow the solution method of the last example above.
The congruence ax ≡
b (mod
n) leads to the Diophantine equation ax − ny = b,
which simplifies to da x − nd y = db (where each
of the fractions is an integer).
Find a particular solution x0, so that x = x0 + nd t or x = x0 + ct where c = nd .
This is x ≡ x0 (mod c), but if we revert to the original modulus, we get d many
solutions x ≡ x0 + ck (mod n) (0 ≤ k < d). To complete the proof, one must
verify that for 0 ≤ k < d that the numbers x0 + ck are incongruent modulo n,
and that all numbers of the form x0 + cj are congruent modulo n to one of the
numbers x0 + ck (0 ≤ k < d). (See Burton for details.)

One particular case of this theorem is worth singling out: If gcd(a, n) = 1 then
ax ≡ b (mod n) has a single solution modulo n.

Now we consider a system of congruences of the form

x ≡ c1 (mod n1 )
x ≡ c2 (mod n2 )
..
.
x ≡ cr (mod nr )

Our problem is to find x that satisfies all of these congruences. It turns out
that that solution is unique modulo n1 n2 · · · nr provided the modulii are pairwise
relatively prime. (That is, if i 6= j then gcd(ni , nj ) = 1.)
 Notes for Monday, July 13 3

Example.
x ≡ 4 (mod 7)
x ≡ 3 (mod 9)
x ≡ 5 (mod 11)

We can solve this directly in stages.

The first congruence can be written as x = 4 + 7t.

Put this into the second congruence to get 4 + 7t ≡ 3 (mod 9) which we can solve
for t as usual to obtain t ≡ 5 (mod 9).

This says t = 5 + 9u. So now x = 4 + 7t = 4 + 7(5 + 9u) = 39 + 63u.

Put that into the last congruence. We get 39 + 63u ≡ 5 (mod 11). We solve
this by simplifying, 63u ≡ 10 (mod 11) or 8u ≡ 10 (mod 11), which leads to
u ≡ 4 (mod 11). So u = 4 + 11w.

Finally, x = 39+63u = 39+63(4+11w) = 291+693w. That is, x ≡ 291 (mod 693).

Note that 693 = 7 · 9 · 11.

Chinese Remainder Theorem. We’ve already stated the theorem:

x ≡ a1 (mod n1 )
x ≡ a2 (mod n2 )
..
.
x ≡ ar (mod nr )

has a unique solution x modulo n1 n2 · · · nr provided the modulii are pairwise

relatively prime.

The proof given in Burton is interesting, because it indicates another way of solving
the system. Let N = n1 n2 · · · nr . The trick is to solve the congruence Ni x ≡
1 (mod ni ) for each 1 ≤ i ≤ r, where Ni = N/ni . Call the solution xi . (So we
find the “multiplicative inverse” xi of Ni modulo ni .) Then the solution can be
written
x ≡ a1x1 N1 + a2 x2N2 + · · · ar xr Nr (mod N).
 Notes for Monday, July 13 4

It’s easy to verify that x ≡ ai (mod ni ) for 1 ≤ i ≤ r.

Example. We will solve the system using the technique of the proof.
x ≡ 4 (mod 7)
x ≡ 3 (mod 9)
x ≡ 5 (mod 11)

Here, N = 7 · 9 · 11 = 693. Also N1 = N/n1 = 693/7 = 99, N2 = N/n2 = 693/9 =

77 and N3 = N/n3 = 693/11 = 63.

So we solve:

N1 x1 ≡ 1 (mod n1 ) or 99x1 ≡ 1 (mod 7), which reduces to x1 ≡ 1 (mod 7).

N2 x2 ≡ 1 (mod n2 ) or 77x2 ≡ 1 (mod 9), which reduces to 5x2 ≡ 1 (mod 9) so

x2 ≡ 2 (mod 9).

N1 x3 ≡ 1 (mod n3 ) or 63x3 ≡ 1 (mod 11), which reduces to 8x3 ≡ 1 (mod 11), so

x3 ≡ 7 (mod 11).

So we can assemble the solution:

x ≡ a1 x1N1 + a2x2 N2 + a3 x3N3 (mod N)
≡ 4 · 1 · 99 + 3 · 2 · 77 + 5 · 7 · 63 (mod 693)
≡ 3063 (mod 693)
≡ 291 (mod 693)

Example. The “Egg Problem” says: One egg remains from a basket if eggs are
removed from the basket 2, 3, 4, 5 or 6 at a time, but no eggs remain if they are
removed 7 at a time. What is the smallest possible number of eggs? This is the
 Notes for Monday, July 13 5

problem
x≡1 (mod 2)
x≡1 (mod 3)
x≡1 (mod 4)
x≡1 (mod 5)
x≡1 (mod 6)
x≡0 (mod 7)

This problem is interesting in that the modulii are not pairwise relatively prime.
But if x ≡ 1 (mod 4) then x ≡ 1 (mod 2), so we can drop the first congruence.
Also, the congruence x ≡ 1 (mod 6) is equivalent to the two congruences x ≡
1 (mod 2) and x ≡ 1 (mod 3). [In general: if gcd(m, n) = 1 then a ≡ b (mod m)
and a ≡ b (mod n) if and only if a ≡ b (mod mn).] So our system is equivalent to

x≡1 (mod 3)
x≡1 (mod 4)
x≡1 (mod 5)
x≡0 (mod 7)

Now we solve using the technique of the proof of the Chinese Remainder Theorem.
We have
N = 3 · 4 · 5 · 7 = 420
N1 = 4 · 5 · 7 = 140
N2 = 3 · 5 · 7 = 105
N3 = 3 · 4 · 7 = 84
N4 = 3 · 4 · 5 = 60

and then we have

N1 x1 ≡1 (mod n1 ) 140x1 ≡ 1 (mod 3) 2x1 ≡ 1 (mod 3) x1 ≡ 2 (mod 3)
N2 x2 ≡1 (mod n2 ) 105x1 ≡ 1 (mod 4) x2 ≡ 1 (mod 4)
N3 x3 ≡1 (mod n3 ) 84x1 ≡ 1 (mod 5) 4x3 ≡ 1 (mod 5) x1 ≡ 2 (mod 5)
N4 x4 ≡1 (mod n4 ) 60x1 ≡ 1 (mod 7) 4x4 ≡ 1 (mod 7) x1 ≡ 2 (mod 7)
 Notes for Monday, July 13 6

So
x ≡ a1x1 N1 + a2x2N2 + a3 x3N3 + a4x4 N4 (mod N)
≡ 1 · 2 · 140 + 1 · 1 · 105 + 1 · 4 · 84 + 0 · 2 · 60 (mod 420)
≡ 301 (mod 420).

5.2. Fermat’s Little Theorem.

This theorem says that if p is prime, a > 1 and p does not divide a, then
ap−1 ≡ 1 (mod p).

For example, 210 ≡ 1 (mod 11). (In fact, 210 = 1024 and 1024 = 93 · 11 + 1.)

We can use this theorem to do modular exponentiation. For example, we can

simplify 31234 modulo 7 by noting that the theorem says 36 ≡ 1 (mod 7). Since
1234 = 205 · 6 + 4, we have 31234 = (36 )20534 ≡ 1205 34 ≡ 81 ≡ 4 (mod 7). Put
differently, when 31234 is divided by 7, the remainder is 4.

Here is the proof of the theorem: Since p does not divide a, it follows that the
numbers
1, 2, 3, 4, . . . , p − 1
are congruent to the numbers
a, 2a, 3a, 4a, . . . , (p − 1)a
in some order.

Here’s an example: Let a = 5 and p = 7. The assertion is that 5, 10, 15, 20, 25, 30
are congruent to 1, 2, 3, 4, 5, 6 in some order modulo 7. In fact, 5 ≡ 5, 10 ≡ 3,
15 ≡ 1, 20 ≡ 6, 25 ≡ 4 and 30 ≡ 2 modulo 7.

To show that this works in general, first note that none of the numbers
a, 2a, 3a, 4a, . . . , (p − 1)a
are congruent to 0 modulo p. (Otherwise, aj is divisible by p, but p does not
divide j nor a.) Then if we can show that none of these numbers is congruent
to any other of these numbers, we will have p − 1 many numbers that are not
congruent to each other or to zero modulo p. The only way this can happen is if
they are congruent modulo p in some order to the numbers 1, 2, 3, . . . , p − 1. So to
show that these are not congruent to each other, consider 0 ≤ i < j < p − 1 and
 Notes for Monday, July 13 7

suppose ja ≡ ka (mod p). Then ja − ka = (j − k)a is divisible by p, but since p

does not divide a then p must divide j − k. But since 0 ≤ i < j < p − 1, this is
impossible.

Therefore, the product of the numbers a, 2a, 3a, 4a, . . . , (p − 1)a will be congruent
to the product of the numbers 1, 2, 3, . . . , p − 1

1 · 2 · 3 · 4 · · · (p − 1) ≡ a · 2a · 3a · 4a · · · (p − 1)a (mod p)
or
(p − 1)! ≡ ap−1(p − 1)! (mod p)
and since p does not divide (p − 1)!, we can cancel to get

1 ≡ ap−1 (mod p)

as claimed.

Example. If 7 does not divide a then 7 divides a3 + 1 or a3 − 1. This is because

by FLT, 7 | a6 − 1 and a6 − 1 = (a3 − 1)(a3 + 1).

Example. Show a30 ≡ 1 (mod 77) if gcd(a, 77) = 1. The catch here is that
77 is not prime. But 77 = 7 · 11, and by FLT we have a6 ≡ 1 (mod 7) and
a10 ≡ 1 (mod 11). Then we have (a6)5 ≡ 15 (mod 7) or a30 ≡ 1 (mod 7); and we
have (a10)3 ≡ 13 (mod 11) or a30 ≡ 1 (mod 11). Together these are equivalent to
a30 ≡ 1 (mod 77).