 So this lecture is part of an online course on the theory of numbers and will be about Euler's theorem. So I'm going to start by giving you a bit of background. Euler's theorem is a generalization of Fermat's theorem and we remember from last lecture that Fermat's theorem has two forms. You can either say a to the p is congruent to a mod p where p is prime or we can say a to the p minus 1 is congruent to 1 modulo p whenever p is prime and a is not divisible by p and sometimes the first form is a little bit more convenient and sometimes the second form is a little bit more convenient. So Euler and probably Fermat proved the first form by using the binomial theorem as we saw earlier and what Euler did was he found a second proof that's more convenient for the second form of this. And when Euler also noticed that his proof then gave a generalization to when you can replace p by something that isn't prime and his generalization is the following. It says a to the phi of m is congruent to 1 modulo m. This is for any m and we again need a should be co-prime to m. Here this is Euler's totient function and you remember it's the number of integers b with 1 less than or equal to b less than or equal to m that are co-prime to m. And of course if p is prime then phi of p is equal to p minus 1. So in the special case when m is prime this just gives us the second form of Fermat's theorem. So Euler proved this theorem using group theory. Well sort of. He didn't actually use group theory because group theory hadn't been invented at the time and Euler sort of invented a fair amount of group theory in order to prove this theorem. Again we're going to use the language of group theory although Euler himself would have phrased it differently. So the key point is the non-zero element elements mod p which are 1 to p minus 1 form a group under multiplication. Well I'd better just remind you what a group is. So saying they form a group just means it has these four conditions. First of all they're closed under multiplication and by multiplication we mean of course multiplication modulo p. Secondly there's an identity. This means an element 1 such that 1 times a equals a times 1 equals a. That's obvious because 1 is an identity. Thirdly it has to be associative. It says that a times b times c equals a times b times c which is again is completely obvious. So these three conditions are more or less obvious. The fourth condition is slightly more subtle. It says that all elements have inverses. What this means is there's an element a to the minus 1 such that a times a to the minus 1 equals a to the minus 1 a equals 1. And the element a to the minus 1, you know, if I take 2 to the minus 1, I don't mean the element a half. I mean there has to be an element in this group which when you multiply it by a gives you 1. So why are there inverses? Well that follows Well, there are several ways of doing it. I'm going to do a rather computational method using Euler's algorithm. What you do is you look at the equation ax plus bm equals 1. Here we're taking a and b and m and x to be integers and a m is 1 by assumption. So it has a solution, sorry, that should be a y. So it has a solution. And this just means that ax is congruent to 1 modulo m. So in other words, the element x satisfying this is an inverse of the element a. So Euler's algorithm shows that all elements of inverses and and this is why we need to assume that that the element a is co-prime to m, because if you look at elements that aren't co-prime to m, you can obviously see that they don't actually have inverses. Now in order to see why this can be used to prove Euler's theorem, let's look at an example. Let's just take p equals 13. And I'm going to take the element a to be 3. And I want to show that a to the 12 is equal to 1. And I want to do it in such a way that this generalizes to all primes and to all numbers co-prime to it. So let's write out the elements mod 13, except for 0. So we have 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 and 12. So now what I'm going to do is I'm going to pick out the powers of a. So we have a to the 0, a to the 1, a to the 2 is 9 and a to the 3 is 27, which gets us back to 1. So green circle are just powers of a. So that's 1a a squared a cubed equals 1 and so on. So they just go around in a cycle. And you notice the powers of a form a group. They're closed under multiplication and they also are inverses because the inverse of a to the n is a to the minus n and so on. I guess we could also include a to the minus 1 if you wanted. So next we're going to multiply all these by 2. So if I multiply all these elements by 2, I get 2 and I get 3 times 2 which is 6 and then I get 9 times 2, which is 18, which is 5. So blue is 2 times things of the form 2 times a to the n. And then I can do the same with 4. So I'm going to take 4 times a to the n. So I get 4 times 1, 4 times 3 is 12 and 4 times 9 is 36, which is 10. And then it's pretty obvious what I'm going to do now. So this is going to be 4 times a to the n. And now the leftover ones are going to be say 7 times a to the n. And these four colours correspond to what are called cosets of this group. Let's call this group H. And then the cosets of H are going to be where you take the group H and multiply all its elements by some number. And now we notice some properties of cosets. First of all, every element is in some coset. Secondly, any two cosets are disjoint. And that's because any coset, so if a coset contains an element b, the coset is just consists of all elements of the form b times a to the n for various values of n. So a coset is determined by any element in it. So any two cosets are either the same or they must be disjoint. And the third key point is any two cosets have the same number of elements. And you can see this very easily because if you've got a coset consisting of the powers of a, say, and you've got a coset consisting of b times the powers of a, then we can easily define a map between these. So this is just multiplication by b, and then we can define a map in the other way, which is multiplication by b to the minus one. So we've got two maps between these two cosets that are inverses of each other. So we've got a bijection between them and they have the same number of elements. You notice that this depends on the fact that elements of the group of inverses. And in fact, part two, we were also implicitly using the existence of inverses. So now we can say the following. Since all cosets have the same size, we see that the order of the group from one to up to 12 is equal to the order of h times the number of cosets. So this here is the order of the group we started with, and h is actually a subgroup of the group, which means a group contained in another group with the same multiplication rather obviously. So now if we want the order of a, we can see that this is just the order of h. So the order of h is the number of elements, and the order of a is the smallest e with a to the e equals one. And you can see this is obvious because h is just the elements 1a a squared up to a to the e minus one. So what this shows is that the order of a is the order of h, and this shows that the order of h divides the order of the original group g. Let's call the original group g. I think I forgot to name it, but in this case it's going to be the numbers from 1 to 12. And since the order of h is the order of a, this implies that the order of a divides the order of g, so a to the order of g is equal to one. And now we notice that the order of g is just phi of 13. In this case, that's pretty much the definition of phi of 13. It's the number of numbers from 1 to 12 at a co-prime to 13. And now you see the same thing works for any integer n. And what we do is we take a group g to be the integers b with one less than or equal to b less than or equal to m such that bm equals one. And the key point is that g forms a group of order phi of m. And again, it's obviously closed under multiplication and it's obviously associative. And the key point is to prove the existence of inverses and the existence of inverses follows in much the same way as before. If a is in the group g, then we solve ax plus my equals one and then x is an inverse of a. And to do this, we need to assume that a and m are co-prime. So just as before, if a m equals one, we put h equal the powers of a. And as before, we find the order of h divides the order of g, which is equal to phi of m. And just as before, this shows that a to the order of g is equal to one. So a to the phi of m equals one. Incidentally, this works for any group whatsoever. And what we've shown is the order of subgroup h of a group always divides the order of g as long as both are finite. This is Lagrange's theorem. And a special case of Lagrange's theorem is the order of any element of a group divides the order of a group because you can take h to be the powers of that element. So Euler's theorem looks like a very nice generalization of Fermat's last theorem, but I have to sort of confess here that Euler's theorem is actually not very good. It's kind of weak. And let me give an example. Suppose we take m equal eight. Then we know phi of eight is equal to four. So Euler's theorem tells us that a to the power of four is congruent to one mod eight if a is co-prime to eight. However, this is a rather bad theorem because a can be one, three, five or seven. And if you look at a squared, it's congruent to one, one, one or one mod eight. So in fact, a squared is congruent to one modulo eight, which is a slightly stronger than Euler's theorem. In fact, we will see later on how to find the smallest possible exponent you can put up then. It's certainly a divisor of phi of m, but it's quite often strictly smaller than phi of m. As another example, to show that eight just wasn't a, show that this is actually quite common, let's just take m to be 35. And then we know that eight to the six is congruent to one modulo seven by Fermat. And we know that eight to the four is congruent to one modulo five, again by Fermat. And this means that eight to the twelve is congruent to one modulo five and also congruent to one modulo seven. So eight to the twelve is congruent to one modulo 35. And Euler's theorem says that eight to the 24 is congruent to one modulo 35 because phi of 35 is just 24. And you see there's nothing special about seven and five. The same argument works for any two different odd primes. So there are very many cases when Euler's theorem isn't the best possible. So as an application of Euler's theorem, let's solve the famous recreational mathematics problem. Let's find the last digit of seven to the seven to the seven to the seven. In other words, we want to work out what is this modulo ten? Well, obviously it's quite hopeless to expand this out explicitly, it would be ludicrously large. But working out mod ten, it's much easier. So seven to the n mod ten depends on n modulo five of ten, which is four by Euler's theorem. So we want to know what is seven to the seven to the seven modulo four? Well, this depends on seven to the seven modulo five of four, which is equal to two. So here, just to be clear, when we're writing down seven to the power of seven, the seven to the power of seven of these two sevens, not these two, if you see what I mean. And similarly, this n here is going to be this pile of three sevens. Well, obviously seven to the seven is congruent to one modulo two. And from this, we can work out seven to the seven to the seven is congruent to seven to the one, which is congruent to three mod four. And then we work out seven to the seven to the seven to the seven is congruent to seven to the three, which is congruent to three modulo ten. So the last digit of this number is just a three. The final application I want to give of Euler's theorem is really only an application of Fermat's theorem, but I kind of forgot to put this in the electron Fermat's theorem, so I'm pretending it's a special case of Euler's theorem. What we're going to do is to show there are infinitely many primes with last digit equal to one. In other words, p is congruent to one modulo ten. And informally, it's sort of obvious that this is almost certainly going to be true because the last digit of a prime is one, three, seven or nine, and the primes are almost certainly going to be evenly distributed between these four last digits. And as the infinite number of primes you expect just by chance, they're going to be infinitely many with last digit one. So this theorem is not surprising. On the other hand, these informal probabilistic arguments, while easy, they're not worth all that much in number theory. They don't explain what's going on and they aren't proofs. And incidentally, it's not quite true to say that primes are evenly distributed between having last digit one, three, seven or nine, because there's actually a slight bias towards having last digit three or seven. So you've got to be very wary of saying that primes are evenly distributed because they sometimes aren't. Anyway, in order to understand why this is true, let's give an actual proof of it. Well, we may as well say that p is congruent to one modulo five, because if it's one modulo five, then it's going to be one modulo ten. And what we're going to do is suppose p divides x to the five minus one over x minus one. So there's this magic polynomial one plus x plus x squared plus x cubed plus x to the four. And I seem to pull this retro polynomial out of midair for no reason. And you may well ask where it comes from. Well, it's actually something called the cyclotomic polynomial. And the roots are the primitive fifth roots of one. So that's where this weird looking polynomial comes from, really. Well, anyway, suppose that p divides this for some integer x. Then this implies x to the five is congruent to one modulo p. So x has order one or five because these one and five are the divisors of five. If x is order one, this implies that x is equivalent to one mod five. So one plus x plus x squared plus x cubed plus x to the four is equivalent to five mod five. And, sorry, five mod, that should be a p there. So if x is, that should be a p there. Sorry, I just miswrote that. So if x, so if this is five mod p, this is also divisible by p. So p equals five. So that's one possibility. And now if x is order five, then as we saw earlier, five divides p minus one. So p is congruent to one mod five. So x equals five or p, sorry, so p equals five or p is congruent to one modulo five. So this gives us a way of finding primes that are one modulo five. All you do is you pick a factor of one plus x plus x squared plus x cubed plus x to the four. So suppose p one up to p k are primes. And suppose they're the primes that we found that are congruent to one mod five, although they don't have to be. And now we do what we do is we pick p which is a factor of one plus x plus x squared plus x cubed plus x to the four. And now we pick x to be five p one p two up to p k. And now we notice that this choice of x, it forces p not equal to five or p one up to p k. So p is a new prime with p congruent to one modulo five. So if we find any collection of primes that are one modulo five, we can find another prime not in that set. Notice this is just like Euler's proof that there are infinitely many primes except we're using this rather funny cyclotomic polynomial. So that shows there are infinitely many primes that are one modulo five. The same works for any prime, any prime p, there are infinitely many primes congruent to one modulo p. And you can do this in the same way except you use x to p minus one over x minus one which is one plus x plus once on all the way up to x to p minus one which is also a cyclotomic polynomial. It seems to be much more difficult to prove there are infinitely many primes congruent to say two modulo p. That was proved by Dirichlet but uses harder techniques. I'll just finish by giving an exercise, prove there are infinitely many primes congruent to one modulo eight. Eight is not a prime so this doesn't quite work. And it's a hint is we use the polynomial x to the four plus one which you may notice it's roots of the primitive eighth roots of unity over the complex numbers. Okay, so next lecture we'll be looking at the Chinese remainder theorem and studying why Euler's theorem doesn't really work. It isn't best possible in general for non-prime numbers and what the best possible version is.