 This lecture is part of an online course on the theory of numbers and will be about Wilson's theorem. So, I'll start off by stating Wilson's theorem. It just says that p minus 1 factorial is congruent to minus 1 modulo p whenever p is prime. For example, we have 5 minus 1 factorial is 24, which is congruent to minus 1 modulo 5. It's a simple example. And its proof is quite easy. What I'm going to do is just prove it for the case p equals 11 in a way that will hopefully make it obvious that this works for all primes. So, we want to show that 10 factorial is congruent to minus 1 modulo 11. And for this, we write down 1, 2, 3, 4, 5, 6, 7, 8, 9 and 10. So, 10 factorial is the product of these numbers here. And now what I can do is I can pair them off in the following way. I'm going to pair off 2 with 6 because 2 times 6 is congruent to 1. In other words, these two numbers are inverses of each other. And similarly, 3 and 4 are inverses and 5 and 9 are inverses and 7 and 8 are inverses. So, when we multiply these together, each product of a number is inverse. Just cancel out and give you 1. So, 10 factorial is congruent to the product of the numbers left over, which is congruent to minus 1. And let's think about what numbers are left over. Well, these numbers are only left over if they're own inverses. So, we want a is congruent to a to the minus 1 modulo 11 or p or whatever. And this just says that a squared is congruent to 1. And this only has two roots because p is prime and the two roots are plus or minus 1. So, in general, the same argument shows that p minus 1 factorial is congruent to 1 times p minus 1, which is congruent to minus 1 modulo p. So, Wilson's theorem turns out to be quite closely connected to primitive roots. And we'll see several examples of it this lecture. So, the first example is we can give another proof using a primitive root g. And in this case, the numbers 1, 2, up to p minus 1 are just g to the 1, g to the 2, up to g to the p minus 1 in some order. So, the product is congruent to g to the 1 plus 2 plus p minus 1, which is g to the p times p minus 1 over 2. And we'll take p to be odd because the case p equals 2 is trivial. And then we recall that g to the p is congruent to p. So, this is just congruent to g to the p minus 1 over 2. And now we know that g to the p minus 1 is equal to 1. So, g to the p minus 1 over 2 squared equals 1. So, g to the p minus 1 over 2 must in fact be minus 1. So, this is congruent to minus 1 modulo p. So, you can ask what happens, what about m minus 1 factorial for m not prime? So, what is this mod p? Well, if m is not prime and m is not equal to 4, then m minus 1 factorial is congruent to 0 mod m. And this is easy to check. If m is equal to ab with ab co-prime, then we can see that m minus 1 factorial is divisible by a and by b because these are different, sorry, these are co-prime. So, m minus 1 factorial is congruent to 0. If m is not of the form ab, then m must be of the form p to the k. And then it's an easy exercise that m minus 1 factorial is congruent to 0 mod m unless k equals 1 or m equals 4. So, this gives one generalization of Wilson's theorem. As an application of it, well, it's a big problem to find a really fast algorithm to check whether or not a big number is prime or not. Some people put lots of effort into finding the best possible algorithm. What I'm going to talk about now is not the best possible algorithm, but what is possibly the worst possible algorithm, or at least the worst possible algorithm that anyone has ever suggested. So, we have this algorithm. All we do is we calculate m minus 1 factorial mod m. And if the result is minus 1, it means the answer is prime or 4 and if the answer is not, it's composite. Well, the problem here is that it's very difficult to calculate factorials mod some other numbers. So, we can have the problem. What is n factorial modulo m for some numbers m and n? And of course, if n is reasonably small, you can just calculate it by multiplying them up. But suppose n and m are large. Say they both have 50 digits or something like that. There seems to be no particularly easy way to calculate this in general. I mean, if you could find such a method, it would give you a fast prime test. I mean, we can do seemingly similar calculations. As we saw earlier, there's a fast algorithm for a to the n modulo m. So, if we multiply n numbers that are all the same, there's a quick way to do it. But no one's ever found a quick way to do that one. So, let's give an application of Wilson's theorem. Let's take p to be a prime. Let me look at the numbers 1 times 2 times 3 times, all the way up to p minus 1 over 2 times p plus 1 over 2 times p minus 1. So, we're going to multiply all the numbers from 1 up to p minus 1. And then we're going to divide them into two equal groups. So, we take these ones, which give us p minus 1 over 2 factorial. And these ones, well, you see, this is congruent to minus 1 minus 2 up to minus p minus 1 over 2. So, the product is p minus 1 over 2 factorial times minus 1 to the p minus 1 over 2. And this product is equal to minus 1. So, if we look at this, we see that p minus 1 over 2 factorial squared equal to minus 1 to the p plus 1 over 2. And this is equal to minus 1 if p is congruent to 1 mod 4 and plus 1 if p is congruent to 3 mod 4. So, we now have this slightly funny result. If p is congruent to minus 1 mod 4, then minus 1 is a square mod p. In fact, it's a square of p minus 1 over 2 factorial. We can actually write down an explicit formula for this square root. Although, as I said, this explicit formula is totally and utterly useless because we can't calculate p minus 1 over 2 factorial very easily. And there are actually fast ways of calculating the square root of this that we'll mention later. Incidentally, as I said, Wilson's theorem is closely related to primitive roots and you can also prove this the fact that minus 1 is a square mod p using primitive roots. What we do is we take a primitive root and we notice that g to the p minus 1 is equal to 1. So, if p minus 1 is divisible by 4, we have g to the p minus 1 over 4 squared is equal to g to the p minus 1 over 2, which is minus 1. So, another way of calculating the square root is just to find a primitive root and raise it to the power of p minus 1 over 4. So, that's one generalization of Wilson's theorem to things that are not primes, but it's not really a very satisfactory generalization. There's a better generalization due to Gauss. Gauss pointed out that p minus 1 factorial mod p is equal to the product of all elements of z modulo pz that are co-prime to p. In other words, all elements of z modulo pz star. So, you remember this is all non-zero elements with in, sorry, all elements modulo p that are inverses. And we can ask the same question for any number n. What is the product over all numbers a such that a is co-prime to m of a? And we want to know what is this modulo n? So, if we take m to be a prime, then this is just the product of all the numbers from 1 to p and the answer is p minus 1 factorial. And Gauss showed that this number here is equal to minus 1 if m has a primitive root and it's equal to plus 1 otherwise. In fact, this is a special case of several equivalences for a number. So, the following are equivalent. So, there are several conditions are equivalent. First of all, m has a primitive root. So, that means a number g whose powers are all the residue classes modulo m with inverses. And you can rephrase this in terms of abstract algebra by saying the group z over mz times is cyclic and it has g as a generator. That's really just an alternative way of saying that this group has a primitive root. Then the next condition that's equivalent to that is that there are most n solutions to x to the n is congruent to 1 modulo m for any n. And third condition is that there are at most two solutions to a squared equals 1 modulo m. Or in other words, there's at most one element of order 2. And the fourth condition is that Gauss's theorem that the product over or a coprime to m of a is congruent to minus 1 modulo m. And the fifth condition is that m is equal to 1, 2 or 4 or p to the k or 2p to the k for p and odd prime and k greater than or equal to 1. So, here we have five different ways of characterizing the same slightly funny looking collection of integers. Well, I'm not going to prove all bits of this in detail because it's not particularly difficult but there are a lot of rather slightly fussy little details that I don't want to cover every single little detail because this would be a bit uninteresting but I'm going to sort of sketch the main idea of the proof and you should be able to fill in any other details you want yourself. First of all, one implies two is easy because if we've got a primitive root then saying actually n equals nought is just the same as trying to solve, it's the same as trying to solve ny is equivalent to nought in z modulo 5mz. Here where you write x is equal to g to the n for some primitive root n. So, if m has a primitive root you can reduce this multiplicative problem to an additive problem modulo in some cyclic group which is easy to check. So, this implication is an easy exercise. This implication here is completely trivial. This implication we sort of did earlier. You remember when we proved that 10 factorial is equivalent to 1 modulo 11 all we used is the fact that it's only one element of order 2 so this implication we saw already done. This implication I'm going to sort of sketch later but maybe not give complete details of it. This implication that if there are most two solutions to a squared equals one then m is one of these numbers we did it earlier. This implication here we did for primes but not for prime powers or things of the form two times a prime power and I'll say a little bit about how you prove it for prime powers. So, if we've got a prime power you can ask how can you find a primitive root? So, let's have the following problem. Find a primitive root of p to the n where p is odd. As we saw earlier if p is equal to 2 then p to the n doesn't usually have a primitive root. So, we've got to sort of explain first of all how you find a primitive root in this case and secondly we've got to sort of explain why this doesn't work for p equals 2 and the key point is that the number 1 plus p has order p to the n minus 1 in z over p to the nz star and we can see this sort of by induction. So, if I look at 1 plus p to the power of p this is equal to 1 plus now I'm going to expand it by the binomial theme so we get p times p plus p choose 2 p squared plus various higher powers. And now we notice that everything here is divisible by p squared sorry by p cubed as p is odd. So, this is the point where we use the fact that p is odd and why are we using that? Well, here we've got a p squared and if p is odd then this is divisible by p because it's got a p in the numerator but no p's in the denominator. However, if p is equal to 2 then there is a factor of p in the denominator and this is no longer divisible by p. So, we find that 1 plus p to the p is congruent to 1 plus p squared modulo p cubed and similarly we find 1 plus p to the p squared is congruent to 1 plus p cubed modulo p to the 4 and so on and using these expressions here it's quite easy to show that 1 plus p has exactly this order modulo p to the n and now we can use that to show there's a primitive root modulo p to the n and I'll just sketch this so here we're going to find a primitive root modulo p to the n so first of all 1 plus p has order p to the n minus 1 in z modulo p to the nz star secondly we can find some g of order p minus 1 and what we do is we take a primitive root mod p and this is order will be p minus 1 times some constant modulo p to the n because its order must be divisible by p minus 1 because there's order p minus 1 mod p and now if we just raise it to the power of the constant so raise it to this power we get something of order p minus 1 so we've got g of order p minus 1 and 1 plus p of order p to the n minus 1 then 1 plus p times g has order p minus 1 times p to the n minus 1 and the key point here is that these two numbers here are coprime so if we take two elements of coprime orders and multiply them together then we're going to get something whose order is their product and this means that 1 plus p times g is a primitive root you notice that the hard part is in some sense finding a primitive root modulo p so there's no easy way to write down a formula for primitive root modulo p that I know of but it's easy to write down an explicit element of order p to the n minus 1 it's just 1 plus p and of course there are lots of others and from this we can lift our primitive root modulo p to a primitive root modulo p to the n so that's the sort of sketch of why there's a primitive root modulo p to the n we should say what about 2? well in that case if we take n equals 3 1 plus 2 does not have order 2 squared modulo 2 cubed this is order 2 so this definitely breaks down instead we get a slightly different result so we find 1 plus 2 squared has order 2 to the n minus 2 modulo 2 to the n you see if it were a primitive root it would have order 2 to the n minus 1 but we can't achieve order 2 to the n minus 1 and this is the best we can do and this number is of course 5 so this is pretty close to being a primitive root it sort of misses by a factor of 2 and what we find in fact is that every element mod 2 to the n that is 1 mod 4 is a power of 5 and every element is of the form that's coprime to 2 is of the form plus or minus 5 to the n for some n so 5 just misses being a primitive root because you also have to throw in a sign so what this does is it gives us a complete description of what the group z modulo mz star is for any m and we can describe this group as follows first of all we write m as a product of prime so p1 to the k1 times p2 to the k2 and then as we saw earlier z over mz star kind of splits as a product z over p1 to the k1 star times z over p2 to the k2 star and so on so we can reduce the case of prime power order and then we saw that for prime power order z over p to the k z times is isomorphic to z modulo p to the k-1 times p-1 z if p is odd because a primitive root just gives an isomorphism between these and this is a cyclic group with one generator so it's easy to work with and finally z over 2 to the kz star is isomorphic to z modulo 2z where this is given by the sin plus or minus 1 times z over 2 to the k-2z where this is given by powers of 5 that's provided k is greater than or equal to 2 or so k is equal to 1 then this doesn't make a whole lot of sense so we have a complete description of what this multiplicative group is I've just finished by saying a little bit about another leftover problem we had which says that if there are greater than or solutions to x squared equals 1 mod m then the product over a m a being co-prime to m of a is just 1 modulo m in fact this is actually a special case of what happens if you take the product of all elements of any finite abelian group the product is 1 unless there's a unique element of order 2 in which case the product is the unique element of order 2 anyway we're just really doing this case here and as before we see the product is equal to the product of all elements of order 2 so what we've got to do is let's form a group H which is all elements of order 1 or 2 so this is a finite abelian group and if we've got a finite abelian group all of whose elements have order 1 or 2 then the product of all elements is always 1 unless there are only 2 elements in the group so we can say if H has more than 2 elements the product over all elements of H of a is equal to 1 and I'm going to cheat a little bit improving this by quoting some results about vector spaces which I'm not quite sure if they really counter as a prerequisite of this course but since this is just a sort of minor comment I don't think this really matters what we can do is we can say H is isomorphic to a vector space over a field with 2 elements so this is the field with 2 elements 0 and 1 it's just sort of binary arithmetic sort of as used on a computer and if we've got a vector space over the field with 2 elements we can easily figure out what the sum of all the elements is as follows notice we're using sums rather than products because we've changed the group operation to addition so if it's the dimension is 0 then there's only 1 element which is 0 if the dimension is 1 then we can write the 2 elements as 0 and 1 and the sum is none 0 if the dimension is 2 then we choose a basis and we get 4 elements of the vector space and you can see the sum of these is just 0 and if there are 8 elements in dimension 3 then we get 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1 and again you can check the sum is 0 and now I'm going to leave it as an easy exercise if you've got a vector space over a field with 2 elements of dimension at least 2 then the sum of all elements in it is 0 and that proves the theorem that the product of all elements modulo m is 1 mod m as long as m has at least 4 square roots of 1 okay I think that's enough variations of Wilson's theorem