Linear congruences

As for algebraic equations, for congruences too the problem can be posed of solving a congruence with respect to one or more variables. The simplest equation is

Definition 4.5.1. A linear congruence or linear congruence equation in the unknown x is an equation of the form

with a, b in ℤ and n a positive integer greater than 1.

We are interested in understanding in which cases such a congruence admits solutions, intending for solution an integer x₀ such that ax₀ ≡_n b. If a solution exists, we say that the equation is soluble.

Example 4.5.2. The equation 3x ≡ 2 (mod 9) does not admit solutions: if it did, we would find solutions in ℤ for the equation 3x + 9y = 2, but Proposition 2.19 tells us that this equation does not admit integer solutions, as gcd(3, 9) = 3, which does not divide 2.

Example 4.5.3. The equation 4x ≡ 6 (mod 10) admits the solution x = 4, which is not unique, as x = 9 is a solution too.

We now give the general conditions for a linear congruence to be solvable and, for solvable congruences, its solutions.

Proposition 4.5.4. Consider the congruence

It admits solutions if and only if d = gcd(a, n) divides b.

Proof. To solve a linear congruence of the form ax ≡ b (mod n) we have essentially to solve a linear Diophantine equation of the form ax + ny = b. We know by Proposition 2.19 that these exist if and only if gcd(a, n) | b.□

The following proposition tells us how many solutions there are.

Proposition 4.5.5. Consider the congruence ax ≡ b (mod n) such that gcd(a, n)|b. Indicating with x₀ a solution, then all numbers of the form x₀ + h ⋅ n/gcd(a,n), with h ∈ ℤ, are solutions, and there are no other solutions. Among these, the solutions

are pairwise non-congruent and all other solutions (those with h ≥ d) are congruent to one of them. Thus the congruence admits exactly d non-congruent solutions modulo n.

Proof. Let us prove first that x₀ + h ⋅ n/gcd(a,n) is a solution, for all h ∈ ℤ. We have,

We prove next that each solution is of this form. Let x₀ and x₀' be two solutions. Then

for suitable integers h and k, so

By dividing both sides by d we get

since a/d and n/d are coprime (see Proposition 2.22) we see that n/d divides x₀ − x₀', that is x₀ − x₀' = zn for some integer z.

We prove now that, among the solutions x₀ + h ⋅ n/d, when h varies in ℤ, exactly d of them are non-congruent modulo n. To this end, we shall show that the solutions (4.4) are non-congruent modulo n and that every solution is congruent to one of them. Assume by contradiction that two of the solutions (4.4) are congruent modulo n, that is to say,

h₁, h₂ ∈ ℤ  and  0 ≤ h₁ ≤ h₂ ≤ d − 1. Then we would get

hence, by dividing by n/d wchih is gcd(n/d, n), it would follow that

yielding to a contradiction of the initial assumption 0 ≤ h₁ ≤ h₂ ≤ d − 1.

To prove that each solution of the form x₀ + h ⋅ (n/d), when h varies in ℤ, is congruent to one of the solutions (4.4), it suffices to divide h by d, that is to say, defining h = dq + r, with 0 ≤ r ≤ d − 1, we have

which is exactly one of the solutions (4.4).  □

Example 4.5.6. Consider the conguence 3x ≡ 12 (mod 15). So we have gcd(3, 15) = 3 which divides 12. One easy solution is x₀ = 4. We have n/d = 5, so the solutions listed in (4.4) in this example are: x₀ = 4; x₀ + 1 ⋅ 5 = 9, x₀ + 2 ⋅ 5 = 14. Now let's take some other value for h ≥ 3, for example h = 4: So x₀ + 4 ⋅ 5 = 24. But 24 mod 15 = 9, that means x₀ + 4 ⋅ 5 is congruent to x₀ + 1 ⋅ 5. Any solution is congruent to ONE of those solutions: The solution with h = 3 is congruent to the one with h = 0; 19 − 5 = 15.

Corollary 4.5.7. If a and n are relatively prime gcd(a,n) = 1, then the congruence ax ≡ b (mod n) admits exactly one solution modulo n (that is any two solutions in ℤ are congruent modulo n).