9

In my book (Elementary Number Theory, Stillwell), exercise 3.9.1 asks to give an alternative proof of the existence of a primitive root for any prime.

Let $p$ be prime, and consider the group $\mathbb{Z}/p\mathbb{Z}$.

Suppose that the non-zero elements $\text{mod}\ p$ have maximum order $n < p - 1$. Show that this implies $x^n \equiv 1 \ (\text{mod}\ p)$ for all the $p - 1$ non-zero values of $x$, $\text{mod}\ p$, contrary to Lagrange's polynomial congruence theorem.

What I've considered so far is that all non-zero elements of the group $\mathbb{Z}/p\mathbb{Z}$ generate subgroups of order $k \leq n < p - 1$, such that $k \mid p - 1$ (by Lagrange's theorem for groups). Showing that $k \mid n$ eludes me however. Any further ideas?

Noldorin
  • 6,788

1 Answers1

11

Let $n$ be the maximum order. To prove that $x^n\equiv 1\pmod{p}$, it is enough to show that the order of $x$ divides $n$.

Let $a$ be an element of maximum order, and suppose that the order $m$ of $x$ does not divide $n$. Then the lcm $\ell$ of $m$ and $n$ is greater than $n$. We show that there is an element of order $\ell$, contradicting the maximality of $n$.

By considering the prime power factorization of $m$ and $n$, we can find $m'$, $n'$ such that $m'$ divides $m$, and $n'$ divides $n$, and $\gcd(m',n')=1$, and $m'n'=\ell$.

Using $x$, we can construct an element of order $m'$, and using $a$ we can construct an element of order $n'$. But since $\gcd(m',n')=1$, we can construct an element of order $m'n'$, and we are finished.

Added: The following standard result was used in the construction:

Lemma: If $a$ has order $h$ modulo $p$, and $b$ has order $k$, where $\gcd(h,k)=1$, then $ab$ has order $hk$.

Proof: Let $r$ be the order of $ab$. Since $(ab)^{hk}\equiv 1\pmod{p}$, it follows that $r$ divides $hk$. We will show that $hk$ divides $r$.

Note that since $b^k\equiv 1$, we have $$a^{rk}\equiv a^{rk}b^{rk}\equiv 1\pmod{p}.$$ It follows that $h$ divides $rk$. Since $\gcd(h,k)=1$, it follows that $h$ divides $r$. Similarly, $k$ divides $r$. But since $\gcd(h,k)=1$, it follows that $hk$ divides $r$. This completes the proof.

André Nicolas
  • 514,336
  • Interesting. I never thought of an approach this way. Thank you. I wonder if a proof other than by contradiction exists? Probably not, but oh well. – Noldorin May 24 '14 at 13:40
  • You are welcome. I had thought that of a proof along these lines as the standard one. I expect that in this case proof by contradiction can be avoided. – André Nicolas May 24 '14 at 14:16
  • Ah fair enough. :) I'm not sure myself how you could avoid a contradiction argument here, but I'll take your word for it! – Noldorin May 24 '14 at 17:41
  • All the constructions I referred to, such as making an element of order the $\text{lcm}$ of two elements of given order, are algorithmic, and one can prove the algorithm terminates. All "positive." – André Nicolas May 24 '14 at 17:46
  • That's true. I see what you mean... still not convinced there's a constructive proof, but let's see... – Noldorin May 24 '14 at 22:42
  • I'm afraid that on rereading your proof, I don't quite see how the last sentence follows. I can see how one constructs an element of order that divides $m'n'$, but not of that exact order. – Noldorin May 25 '14 at 01:42
  • There are two items, and I am not sure which one you have trouble with. If $u$ has order $d$, and we want to produce something of order $e$, where $e$ divides $d$, we use $u^{d/e}$. Or is it constructing an element of order $hk$, where $a$ and $b$ have orders $h$ and $k$ respectively, where $\gcd(h,k)=1$, that gives you trouble? If it is, it will take a while for me to do the details, I thought it would be familiar. (Saturday night!) – André Nicolas May 25 '14 at 01:52
  • It's the latter. But no worries, take your time, and enjoy your Saturday night. ;) – Noldorin May 25 '14 at 01:57
  • 2
    OK, tomorrow. Wine, song, and mathematics make an uneasy mixture. I am very far from being a Banach. – André Nicolas May 25 '14 at 02:30
  • 1
    Hah. I know nothing of the life of Banach I'm afraid, but that sounds wise to me! And thank you. – Noldorin May 25 '14 at 02:38
  • 1
    The website is suggesting we move this discussion to chat, but I'm happy to continue it wherever, FYI. :) – Noldorin May 25 '14 at 14:26
  • 2
    I added to the answer. I think it is what you were wondering about. Please correct me if it is something else. – André Nicolas May 25 '14 at 15:13
  • 1
    Thank you, all looks good now! – Noldorin May 25 '14 at 18:11
  • You are welcome. – André Nicolas May 25 '14 at 18:14
  • As it happens, your proof/explanation gave me ideas, and I think I've come up with a really simple proof now. Perhaps you could kindly confirm? Using notation in my original question, suppose $k \nmid n$. Then $n = m k + r$, where $0 < r < k$. Now $1 \equiv a^n \equiv a^{mk} a^r \equiv (a^k)^m a^r \equiv a^r $, which contradicts that the order of $a$ is $k$. – Noldorin May 25 '14 at 18:22
  • There is no $a$ in your original question, so I assume your $a$ in the comment above is some element, other than the one of maximal order. How do you conclude that $a^n\equiv 1$? – André Nicolas May 25 '14 at 18:41
  • Oh yes. $a$ is just an arbitrary element of the group, the one with order denoted $k$. – Noldorin May 25 '14 at 19:12
  • Not sure what I was thinking any more, in fact. I believe it fails. :) – Noldorin May 25 '14 at 19:43
  • The point of the calculation I made in the answer was precisely to show that (in your notation) $a^n\equiv 1$. There may be a faster way to do it, but the way of your comment, which was to assert it at the start ("$1\equiv a^n \dots$" is a little too fast. – André Nicolas May 25 '14 at 19:47
  • 1
    Haha, yes. I completely messed up there... I could have started with $1 \equiv a^{p-1} \equiv a^{nd}$, but I don't think that gets us anywhere... eh. – Noldorin May 25 '14 at 19:59
  • 2
    Can someone explain how this is a proof of the existence of primitive roots? – farleyknight Nov 07 '18 at 05:17