Manifesto | Index | What's new | rss feed

| Bookmark |

| Follow us

| Recommend | Contact |

Chinese Remainder Theorem

According to D. Wells, the following problem was posed by Sun Tsu Suan-Ching (4th century AD):

There are certain things whose number is unknown. Repeatedly divided by 3, the remainder is 2; by 5 the remainder is 3; and by 7 the remainder is 2. What will be the number?

Oystein Ore mentions another puzzle with a dramatic element from Brahma-Sphuta-Siddhanta (Brahma's Correct System) by Brahmagupta (born 598 AD):

An old woman goes to market and a horse steps on her basket and crashes the eggs. The rider offers to pay for the damages and asks her how many eggs she had brought. She does not remember the exact number, but when she had taken them out two at a time, there was one egg left. The same happened when she picked them out three, four, five, and six at a time, but when she took them seven at a time they came out even. What is the smallest number of eggs she could have had?

Problems of this kind are all examples of what universally became known as the Chinese Remainder Theorem. In mathematical parlance the problems can be stated as finding n, given its remainders of division by several numbers m₁, m₂, ..., m_k:

(1)	n = n₁ (mod m₁) n = n₂ (mod m₂) ... n = n_k (mod m_k)

The modern day theorem is best stated with a couple of useful notations. For non-negative integers m₁, m₂, ..., m_k, their greatest common divisor is defined as

gcd(m₁, m₂, ..., m_k) = max{s: s|m_i, for i = 1, ..., k},

where, as always, "s|m" means that s divides m exactly. The least common multiple of k numbers is defined as

lcm(m₁, m₂, ..., m_k) = min{s: s > 0 and m_i|s, for i = 1, ..., k},

Both gcd() and lcm() are symmetric functions of their arguments. They are complementary in the sense that, for k = 2,

gcd(m₁, m₂)·lcm(m₁, m₂) = m₁· m₂.

(A proof and an interactive illustration for this identity appears elsewhere.)

However, for k > 2 a similar identity does not in general hold. For an example, consider two triplets: {2, 4, 16} and {2, 8, 16}. Both have exactly the same gcd and lcm but obviously different products. On the other hand, both gcd and lcm are associative:

gcd(m₁, (gcd(m₂, m₃)) = gcd(gcd(m₁, m₂), m₃)

and, both equal gcd(m₁, m₂, m₃). Similarly,

lcm(m₁, (lcm(m₂, m₃)) = lcm(lcm(m₁, m₂), m₃)

Note

If, for a prime p, p^α_i|m_i, with α_i being the largest exponent with that property, then p^α|lcm(m₁, m₂, ..., m_k), where α = max{α_i} and α is the largest exponent with that property. Similarly, the greatest common divisor of several numbers is the product of the largest powers of the primes that divide all the given numbers.

Associativity allows one to proceed a step at a time with an inductive argument without putting all eggs into a basket at once. Jumping at the opportunity I'll prove the most basic case of k = 2.

Theorem 1

Two simultaneous congruences

n = n₁ (mod m₁) and
n = n₂ (mod m₂)

are only solvable when n₁ = n₂ (mod gcd(m₁, m₂)). The solution is unique modulo lcm(m₁, m₂).

(When m₁ and m₂ are coprime their gcd is 1. By convention, a = b (mod 1) holds for any a and b.)

Proof

By a generalization of the Euclid's algorithm, there are integers s and t such that

tm₁ + sm₂ = gcd(m₁, m₂).

Since n₂ - n₁ = 0 (mod gcd(m₁, m₂)), for some, possibly different t and s,

(2)

tm₁ + sm₂ = n₂ - n₁.

Then n = tm₁ + n₁ = -sm₂ + n₂ satisfies both congruences in the theorem. This proves the existence of a solution.

To prove the uniqueness part, assume n and N satisfy the two congruences. Taking the differences we see that

N - n = 0 (mod m₁) and N - n = 0 (mod m₂)

which implies N - n = 0 (mod lcm(m₁, m₂)).

As was previously stated, a more general theorem can now be proved by induction.

Theorem 2

The simultaneous congruences (1)

n = n₁ (mod m₁)
n = n₂ (mod m₂)
...
n = n_k (mod m_k)
are only solvable when n_i = n_j (mod gcd(m_i, m_j)), for all i and j, i ≠ j. The solution is unique modulo lcm(m₁, m₂, ..., m_k).

Proof

Theorem 1 serves the initial step verification. Assume the theorem holds for k congruences and consider k + 1 of them.

n = n₁ (mod m₁)
n = n₂ (mod m₂)
...
n = n_k (mod m_k)
n = n_k+1 (mod m_k+1)

Let s be a solution to the first k equations. Then the congrurence n = s (mod lcm(m₁, m₂, ..., m_k)) has a solution. (Observe that every solution of the latter also satisfies the first k congruences.) To be able to apply the already proven Theorem 1, we need to show that

(3)

s = n_k+1 (mod gcd(lcm(m₁, ..., m_k), m_k+1)).

Let's write g_u = gcd(m_u, m_k+1), u = 1, ..., k. Then we know that n_u = n_k+1 (mod g_u) for these values of u. But n_u = s + t_um_u, for some t_u, implying n_k+1 = s + t_um_u (mod g_u) so that

s = n_k+1 (mod g_u), u = 1, 2, ..., k.

If so,

	s	= n_k+1 (mod lcm(g₁, ..., g_k))
		= n_k+1 (mod lcm(gcd(m₁, m_k+1), ..., gcd(m_k, m_k+1))).
		= n_k+1 (mod gcd(lcm(m₁, ..., m_k), m_k+1))

because lcm(gcd(m₁, m_k+1), ..., gcd(m_k, m_k+1)) = gcd(lcm(m₁, ..., m_k), m_k+1).

Thus the system

n = s (mod lcm(m₁, m₂, ..., m_k))
n = n_k+1 (mod m_k+1)

has a solution which is unique modulo lcm(lcm(m₁, m₂, ..., m_k), m_k+1) = lcm(m₁, m₂, ..., m_k, m_k+1). It also satisfies the whole set of k + 1 congruences.

Corollary

The simultaneous congruences (1)

n = n₁ (mod m₁)
n = n₂ (mod m₂)
...
n = n_k (mod m_k)

where all m_i's are pairwise coprime has a unique solution modulo m₁·m₂· ... ·m_k.

If some m_i's are not mutually prime, a solution may not exist unless the corresponding congruence agree. For example, the system n = 1 (mod 2) and n = 2 (mod 4) has not solution, while the system n = 1 (mod 2) and n = ±1 (mod 4) does.

Let's now solve the two problems we started the page with.

Problem #1

Solve

p1:	x = 2 (mod 3)
p2:	x = 3 (mod 5)
p3:	x = 2 (mod 7)

From p1, x = 3t + 2, for some integer t. Substituting this into p2 gives 3t = 1 (mod 5). Looking up 1/3 in the division table modulo 5, this reduces to a simpler equation

p4:

t = 2 (mod 5)

which, in turn, is equivalent to t = 5s + 2 for an integer s. Substitution into x = 3t + 2 yields x = 15s + 8. This now goes into p3: 15s + 8 = 2 (mod 7). Casting out 7 gives s = 1 (mod 7). From here, s = 7u + 1 and, finally, x = 105 u + 23.

Note that 105 = lcm(3, 5, 7). Thus we have solutions 23, 128, 233, ...

Problem #2

Solve

q1:	x = 1 (mod 2)
q2:	x = 1 (mod 3)
q3:	x = 1 (mod 4)
q4:	x = 1 (mod 5)
q5:	x = 1 (mod 6)
q6:	x = 0 (mod 7)

With the experience we acquired so far, the combination of q1-q5 is equivalent to

q7:

x = 1 (mod 60),

x = 60t + 1. Plugging this into q6 gives 60t = -1 (mod 7). Casting out 7 simplifies this to 4t = 6 (mod 7) and then 2t = 3 (mod 7). From the division tables modulo 7, 3/2 = 5 (mod 7). Therefore, t = 7u + 5. Finally, x = 420u + 301. Allowing for an average size farmer, the most likely number of eggs she might expect to be compensated for is 301.

Note: Chinese Remainder Theorem finds an important application in the clendrical calculations.

References

H. Davenport, The Higher Arithmetic, Cambridge University Press; 7 edition (December 9, 1999)
P. J. Davis and R. Hersh, The Mathematical Experience, Houghton Mifflin Company, Boston, 1981
U. Dudley, Elementary Number Theory, Dover, 2008
R. Graham, D. Knuth, O. Patashnik, Concrete Mathematics, 2nd edition, Addison-Wesley, 1994.
Oystein Ore, Number Theory and Its History, Dover Publications, 1976
D. Wells, The Penguin Book of Curious and Interesting Puzzles, Penguin Books, 1992

41162659