0

My textbook says that in order to solve $x^2 \equiv a\bmod m$, it’s enough that we know how to solve it when $a$ and $m$ are coprime. Because in case that they are not, write $d = \gcd(a,m)$ and $a =da’$, $m=dm’$, solving $y^2 \equiv a’ \bmod m’$ we get that $x=yd$ is a solution to the original question.

But this is wrong no? With the simple example $x^2 \equiv 2 \bmod 14$, solving $y^2 \equiv 1 \bmod 7$ we get that $(\pm 1)\cdot 2$ is a solution to the original question, but that is not the case.

I think there is a mistake somewhere, maybe some $'$ that should be removed, but I can’t figure it out.

Rócherz
  • 4,241
Keis 715
  • 175

2 Answers2

1

For a square root of $2\bmod14$ you should start with $2\bmod7$, that is do not divide the residue by $2$. That gives square roots $\in\{3,4\}\bmod 7$. So any square root of $2\bmod14$ had better reduce to one of these residues $\bmod7$. In fact

$4^2\equiv10^2\equiv2\bmod14,$

and $4$ and $10$ do indeed have the proper residues $\bmod7$.

Oscar Lanzi
  • 48,208
1

Yes, it's false, but it's true for a $\rm\color{#c00}{square}$ common factor $\,\color{#c00}{d^2},\,$ i.e.

$\begin{align}{\bf Lemma}\qquad\quad\ \ x^2\ &\equiv\, a\:\!\color{#c00}{d^2}\!\!\!\!\pmod{\!m\:\!\color{#c00}{d^2}}\\[.2em] \iff {\left[\frac{x}d\right]^2}\!&\equiv\, a\:\!\ \pmod{\!m},\,\ \ x/d\in\Bbb Z\end{align}$

Proof $\ \ (\Leftarrow)\ \ $ Scale by $\,d^2.\ $ $(\Rightarrow)\ \ d^2\mid x^2-ad^2\Rightarrow d^2\mid x^2\,$ thus $\,d\mid x,\,$ so we can cancel $\,d^2$.

Example we cancel $\,\color{#c00}{5^2}$ to reduce down from $\!\bmod 175\,$ to $\!\bmod 7,\,$ solve that, then scale that solution $\!\bmod 7\,$ by $\,\color{#c00}{5^2}\,$ to lift it back up to $\!\bmod 175$

$$\require{AMScd} \require{rotating} \begin{CD} \bmod 175\!:\,\ x^2\equiv 50 \ \ \cdot\cdot \cdots\rightarrow\!\!\!\!\!\!\!\!\!\!\!\!\!\!\!\!\!\!\!\!\!\!\! && x\equiv \pm15\\ @VV \large \div\,\color{#c00}{5^2}\ V\lower.5ex\smash{\Huge\circlearrowleft} @AA \large \times\,\color{#c00}{5^2} A\\ \bmod 7\!:\,\ (x/5)^2\equiv 2 @>> > x/5\equiv \pm3 \end{CD}\qquad\qquad\qquad$$

Bill Dubuque
  • 282,220
  • @Oscar Yes, if we already know some square root (case $,a=1,$ above) then we reduce to solving $,y^2\equiv 1\pmod{m}.,$ But this generally has more roots than $\pm1$ when $m$ has more than one prime factor, so it may still require nontrivial effort, e.g. here and here. $\ \ $ – Bill Dubuque Apr 08 '25 at 16:07
  • @Oscar By "generally" I mean that generally it is not true that $\pm1$ are the only square roots of $,1.,$ The modulus need not have more than one odd prime factor to have a nontrivial square root of $,1,,$ e.g. $,5^2\equiv 1\pmod{!12},,$ $,3^2\equiv 1\pmod{!8}.\ \ $ – Bill Dubuque Apr 08 '25 at 16:53
  • @Oscar Of course the Lemma still applies if we replace $,d^2,$ in $,ad^2,$ by any integer congruent to $,d^2,,$ i.e. we can cancel any factor congruent to a square factor of the modulus. I don't think that deserves explicit mention. $\ \ $ – Bill Dubuque Apr 08 '25 at 18:34
  • Can you accept "square common factor $\equiv d^2\bmod m" in the hypothesis of the lemma? – Oscar Lanzi Apr 08 '25 at 18:41
  • @Oscar Please give a concrete example where you think that your suggested edit is useful. – Bill Dubuque Apr 08 '25 at 19:17
  • Forget it, I am getting too much resistance. We now have to assume that the OP will know that "square" would mean any quadratic residue, in which I am not really confident. – Oscar Lanzi Apr 08 '25 at 19:43
  • @Oscar No, we don't. That's why I nudged you to try to find a useful example of your edit. There are none. – Bill Dubuque Apr 08 '25 at 20:44