A Mathematical Foundation for Computer Science, Preliminary Edition 9781792405648

Table of contents :
Chapter 1: Sets, Propositions, and Predicates
Chapter 2: Quantifiers and Predicate Calculus
Chapter 3: Number Theory
Chapter 4: Recursion and Proof Ьу Induction

Citation preview

А Mathematical Foundation for Computer Science PRELIMINARY EDITION

David Mix Baпington

Kendall Hunt puЫishing

company

All chapter heading quotes are taken from Monty Python's Flying Circus: All the Words (Volumes 1and2) (New York: Pantheon Books, 1 989) and Monty Python and The Ноlу Grail (Book) [Menti Pythen ik den Helie Grailen (Bek)] (New У ork, Methuen Inc., 1979). Excursion 1 .11 uses text from Through the Looking Glass, and What Alice F ound Тhere Ьу Lewis Caпoll (London, McMillan, 1871) and Fox in Socks Ьу Dr. Seuss (New York, Random House, 1965). ProЫems 2.6.2 and 2.6.3 use text from The Number ofthe Beast Ьу Robert А. Heinlein (New York: Fawcett, 1980). There are many references in the text to Godel, Escher, Bach: Ап Eternal Golden Braid Ьу Douglas R. Hofstadter (New York: Basic Books, 1979).

Cover image of Stalker Castle, Scotland, Ьу Frank Parolek

© Shutterstock,

Kendall Hunt р

u

Ы 1sh1 n g

с о m

р

а n

у

www.kendallhunt.com Send а// inquiries to: 4050 Westmark Drive Dubuque, !А 52004-1840 Copyright ISBN

© 2019 Ьу Kendall Hunt PuЬ\ishing Company

978-1-7924-0564-8

All rights reserved. No part ofthis puЬ\ication may Ье reproduced, stored in а retrieval system, or transmitted, in any form or Ьу any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written peпnission ofthe copyright owner. PuЫished in the United States ofAmerica

Inc.

PRELIMINARV EDITION CONTENTS

Chapter 1: Sets, Propositions, and Predicates 1 .1: Sets

1-1 1-2

1 .2: Strings and String Operations

1-11

1 .3: Excursion: What is

1-20

а

Proof?

1 .4: Propositions and Boolean Operations

1-24

1 .5: Set Operations and Propositions About Sets

1-34

1 .6: Truth-TaЫe Proofs

1-45

1 .7: Rules for Propositional Proofs

1-52

1 .8: Propositional Proof Strategies

1-59

1 .9: Excursion: А Murder Mystery

1-65

1 .1О: Predicates

1-68

1 .11: Excursion: Translating Predicates

1-75

Glossary for Chapter 1

1-78

Chapter 2: Quantifiers and Predicate Calculus

2-1

2.1: Relations

2-2

2.2: Excursion: Relational Databases

2-8

2.3: Quantifiers

2-10

2.4: Excursion: Translating Quantifiers

2-17

2.5: Operations on Languages

2-19

2.6: Proofs With Quantifiers

2-25

2.7: Excursion: Practicing Proofs

2-32

2.8: Properties of Binary Relations

2-34

2.9: Functions

2-41

2.1О: Partial Orders

2-48

2.11: Equivalence Relations

2-55

Glossary for Chapter 2

2-62

Chapter 3: Number Theory

3-1

3.1: Divisibllity and Primes

3-2

3.2: Excursion: Playing With Numbers

3-11

3.3: Modular Arithmetic

3-14

3.4: There are Infinitely Many Primes

3-23

3.5: Тhе Chinese Remainder Theorem

3-28

3.6: Тhе Fundamental Theorem of Arithmetic

3-3 5

3.7: Excursion: Expressing Predicates i n Number Theory

3-43

3.8: Тhе Ring of Congruence Classes

3-46

3.9: Finite Fields and Modular Exponentiation

3-52

3.10: Excursion: Certificates of Primality

3-58

3.11: Тhе RSA Cryptosystem

3-61

Glossary for Chapter 3

3-71

Chapter 4: Recursion and Proof Ьу Induction

4-1

4.1: Recursive Definition

4-2

4.2: Excursion: Recursive Algorithms

4-10

4.3: Proof Ву Induction for Naturals

4-13

4.4: Variations on Induction for Naturals

4-20

4.5: Excursion: Fibonacci Numbers

4-27

4.6: Proving the Basic Facts of Arithrnetic

4-30

4.7: Recursive Definition for Strings

4-37

4.8: Excursion: Naturals and Strings

4-45

4.9: Graphs and Paths

4-47

4.10: Trees and Lisp Lists

4-56

4.11: lnduction for ProЫem Solving

4-66

Glossary for Chapter 4

4-7 5

S.1: Solutions to Exercises from Chapter 1

S-1

S.2: Solutions to Exercises from Chapter 2

S-16

S.3: Solutions to Exercises from Chapter 3

S-32

S.4: Solutions to Exercises from Chapter 4

S-48

FULL VERSION CONTENTS

Chapter 1: Sets, Propositions and Predicates Chapter 2: Quantifiers and Predicate Calculus Chapter 3: Number Theory Chapter 4: Recursion and Proof Ву Induction Chapter 5: Regular Expressions and Other Recursive Systems Chapter 6: Fundamental Counting ProЫems Chapter 7: Further Topics in ComЬinatorics Chapter 8: Graphs Chapter 9: Trees and Searching Chapter 10: Discrete ProbaЬility Chapter 11 : Reasoning About Uncertainty Chapter 12: Markov Processes and Classical Games Chapter 13: Information Theory Chapter 14: Finite-State Machines Chapter 15: А Brief Tour of Formal Language Theory

AUTHOR1S NOTE ·

This Preliтinary Edition contains the first four of the entire book's fifteen chapters, which forт the first half of the text for COMPSCI 250 at UMass Aтherst in Fall 2019. The final version will include all eight chapters used in 250 and seven others which could Ье used in COMPSCI 240.

•

Each chapter has eight ordinary sections and three Excursions. In COMPSCI 250 the 50-тinute lectures cover one or soтetiтes two ordinary sections, and Excursions are used for tеат proЫeт-solving sessions in the weekly discussion sections. Each ordinary section contains ten Exercises (with solutions in the back) and ten РrоЫетs (suitaЫe for hoтework assignтents).

Grateful Thanks to: •

First and foreтost, ту wife Jessica and daughter Julia.

•

The тапу teachers who helped forт те as а тatheтatician, including David Сох, the late Jiт Mauldon, and especially Mark Кidwell at Amherst College, Adrian Mathias at Caтbridge University, and Mike Sipser at М.1.Т.

•

Colleagues at UMass who helped fоrт те as а teacher and COMPSCI 250 as а course, including Amy Rosenberg, Neil Iттerman, Hava Siegelтann, Marius Minea, and dozens of graduate and undergraduate teaching assistants.

•

Му students in this and other courses.

•

Emma Strubell, who таdе тost of the diagraтs in Chapters 1 and 2.

•

Bev Кraus and Lenell Wyтan at Kendall Hunt.

Chapter 1: Sets, Propositions, and Predicates

"! сате here for а good argument. " "No уои didn't, уои сате here for ап argument . " "Well, а п argument's n o t the same a s contradiction. " "It сап Ье." "No it can't. Ап argument is а connected series of statements intended to estaЫish а definite proposition. "

"No it isn't. " " Yes it is. It isn't just contradiction. " "Look, if I argue with уои I must take ир а contrary position. " "But it isn't just saying 'No, it isn't'. " " Yes it is. " "No it isn't, argument is ап intellectual process . . . contradiction is just the automatic gainsaying of anything the other person says. " "N о it isn't. "

Our overall goal is to become familiar with а variety of mathematical objects, and learn to both make and ргоvе precise statements about them. In this opening chapter, we will define some of the objects, develop the necessary language and vocabulaгy to make these statements, and begin to see how to prove them. More specifically, we will:

•

Give definitions and examples of the most basic objects of discrete mathematics: sets, strings, and formal languages.

•

Define propositions (boolean variaЫes) and consider the propositional calculus, а method of making, manipulating, and pгoving comЬinations of pгopositions.

•

Define predicates, functions that take arguments of some type апd return pшpositions. Pred­ icates сап Ье used to model more complicated English statements within the propositional calculus.

1-1

1.1

1.1.1

Sets

The Mathematical Method

The practice of mathematics has two basic parts - the design of mathematical objects and the application of these objects to model some aspect of reality. We design an object Ьу giving а formal definition - an exact statement of what can Ье said about the object, what opeгations can Ье pel"formed on it, and what basic facts about it can Ье considered true. Once we have а definition, we can ask whether various statements about the object are true, and use the techniques of logic to prove the answers. If we show that а statement follows logically from the definition, then it must Ье tгue of that object. But is the object we've defined гeally the one we wanted? How can we tell? In pure mathematics, our cгiterion is noгmally one of "mathematical beauty" . А definition is good to wшk with if it leads to inteгesting pгoofs and inteгesting гelationships with the body of mathematics that has alгeady been created, especially if it allows new attacks on previously unsolved ргоЫеms. In applied mathematics the cгiterion is one of "scientific truth" . А good definition is one that accurately and usefully models some aspect of reality, and the tools of science can Ье used to test the accuracy. The world of computing is an aspect of reality, of course, but it is one wheгe our freedom to сгеаtе new things seems almost unbounded. The mathematics of computing, therefore, often differs from the mathematics of physical science or engineeгing - we aie more likely to have to create new mathematics to model something new. То Ье аЫе to do this, we need pгactice in the method of pure mathematics, and we have to know mоге about the specific mathematical objects that аге most likely to Ье used to design new objects ш model existing ones. The pIOcess of designing mathematical objects is very similar to the pIOcess of object-oriented programming in computer science. In object-шiented pгogramming an object is а collection of data and code belonging to а particular class OI" abstract data type. The class consists of а definition of the instances of the class and the methods or operations that can Ье performed on those instances. An implementation of the class or data type is а representation of the instances as actual data items in а computeI (such as Ьits, bytes, or wшds) and pieces of code to сапу out the opeгations. There may Ье many possiЬle implementations of а given class definition, but if two different implementations aie each consistent with the definitions, we can tell that they will behave identically. Because we are looking at areas of mathematics that are designed to talk about computing, we will need thioughout the book to use examples of code, which will Ье in Java1 or а vшiant we will call pseudo-Java. But in addition, we will Ье using computer science concepts from the beginning in our discussions of mathematical objects. For example, all of our variaЬles will have types: А type is the Iange of possiЫe values fог а variaЫe. The following "mathematical" types will Ье used throughout this book: Definition:

1 For the most part we will Ье writing free-standing methods that would look ve1·y similar in С ш С++, and not all that different in Pascal. The most distinctive featшes of Java will lai·gely Ье irrelevant to us, but we \Vill benefit from using а particular fixed syntax and Java is becoming the one most likely to Ье familiaI to the Ieadeis of this book.

1-2

•

boolean: Value is true or false.

•

integer: Value is any whole number, positive, negative, or zero.

•

natural: Value is zero or any positive integer.

•

real: Value is any real пumber.

Example: We can define other types as we like. In our examples in this section, we will use the type novelist , consisting of all people on Earth who have ever puЬlished а novel. This is а sublype of the type person, consisting of all people who have ever lived on Earth.

In object-orieпted languages like Java, it is useful to have а data type to which everything ( every possiЫe object) belongs. Among other advantages, this allows you to write code that operates on generic "objects" without necessarily knowing what kind of objects they are. We'll adopt this convention in our mathematical language as well: Definition: The mathematical type t hing includes any mathematical objects we may want to define in this book. А variaЬle of type t hing may take on а value of any type. Example: The values true (а boolean ) , 17 (both а natural and an integer ) , 7Г (а real ) , and Patrick O'Brian (а novelist ) are all thiпgs. If х were а variaЫe of type t hing, it could take on any of these values.

It's important to гemember, though, that our mathematical data types are not the same as the data types in а real programming language, because we will Ье ignoring most of the issues created Ьу representing these objects in а computer. In Java, all objects are eventually made up from eight primitive types that can Ье stored in actual 'voгds in the computei"s memory: boolean, four kinds of integers ( byte, s hort , int , and long ) , two kinds of floating-point numbers for reals ( float and douЫe ) , and characteгs (the type c har, fог letteгs in the 32,768-letter Unicode alphabet) . But, fог example, our data type integer is the mathematical set of integeгs (а sequence that goes on forever in eitheг direction) , while the int type in Java is i-estгicted to the integeгs that can Ье stoгed in 32 Ьits - those in the range from -2,147,438,648 to 2 , 1 47,438,647.

1 .1.2

Set Definitions

So let us now begin the process of defining mathematical objects. Our most basic objects аге sets, because many othei- objects we will see later аге defined in terms of sets. Definition: А set is any collection of t hings. Ву convention, we will limit the extent to which sets of t hings may themselves Ье consideгed as t hings . We will allow sets of sets only when the sets in the set contain objects that are all fiom the same suЬtype. Thus sets of sets of naturals are legal while sets of sets of t hings аге not 2 .

2 This definition gets us out of а potential proЫem called the Russell paradox, which would соте about if we were allowed to define "the set of all sets that are not members of themselves" (see ProЫem 1 . 1.2). Later· in the book

1-3

If А is а set, the things in А are called elements of А. The notation "х Е А" means "х is an element of А" . We can denote а set Ьу listing its members, separated Ьу commas, between braces. It is common fш all the elements of А to соте from the same type Т - note that Т is а collection of t hings and is thus а set. In this case we say that А is "а set of elements of type Т" or "а set of type Т" . The set А = {2, 3, 5} is а set of naturals. The number 3 is an element of А, so the statement "3 Е А" is tгue, while the statement "4 Е А" is false. The set В = {Jane Austen, Chinua Achebe, Patrick O'Brian} is а set of novelists, that is, а set of type novelist. But we can also say that В is а set of type person. The set С = {Lady Murasaki, 3.26, George Eliot, 7Г} contains some Ieal numbeis and some novelists. This is а perfectly legal set, because it is а collection of things, but again we will normally restrict ourselves to sets that have elements of ап easily understandaЫe type. Example:

Iп deпoting а set Ьу а list, we doп't пееd to write dowп all the elements if we сап make them clear in some other way. For example {А, . . . ,Z} is the set of all capital letteщ {-128, . . . , 1 27} is the set of all integeis from - 128 thiough 127, and { 1 ,3,5, . . . } is the set of all odd naturals. Definition: If w is а vагiаЫе of type Т, and S is а statemeпt about а thiпg of type Т, then { w : S} is the set of all things of type Т that make S tгue. This is called set builder notation. Example: Let х Ье а variaЫe of type integer. Then { х : х < 3} is the set of all iпtegeгs that аге less than 3; -2 is an element of this set but 3 апd 5 are not. Let п Ье а variaЫe of type novelist . Тhеп { п : п wrote iп Eпglish} is the set of all пovelists who wгote iп Eпglish. George Eliot (who wiote in English) is а membeI of this set and Lady Murasaki (who wrote in Japanese) is not.

We can use set builder notation to define sets even when we don't have а way to test whether the statement is true. The set { п : п will write пехt year's best-selling novel} is а set of пovelists, but we can't tell now which novelist is in it. We may have а good reason to have to work with such sets - consider the set { х : iпput х will cause my progгam to Ciash} . Let А апd В Ь е sets. We say that А i s а subset o f В (writteп "А i, every string in А] is longer than k. Explain how this fact can Ье used to decide whether w is in А*. Р2.5.7 А finite language С is called а prefix code if there do not exist two strings in С, one of which is а proper prefix of the other. (а) If I: = {а}, explain exactly which languages over I: are prefix codes. (Ь) If I: {О, 1 } , describe all prefix codes over I: that contain only strings of length at most 2. (Hint: There are exactly 26.) =

( с ) If С is а prefix code with п strings in it, and k is а natuгal, how many strings are in the language Ck ? Justify уоuг answeг.

(d) Explain why рагt ( с ) also pгovides an answer to Exercise 2.5.8. Р2.5.8 (uses Java) In the Spelling Вее game of Exercise 2 .5.9, suppose that we аге given а pseudo­ Java method boolean inWL ( string w) that tells whether а given string is in the set WL. (а) Write а pseudo-Java method void spellingBee ( char [ ] letters) that will take an array of seven letters and list all the stгings in W L that meet the conditions, with letters [О] being the special character that must Ье included) . You may assume that no string in W L has more than 14 letters. (Ь)

ow assume instead that W L is given to you in а file, so that you have methods string getNext ( ) for the next string in W L and boolean eof ( ) for tell whetheг theгe are any strings left in W L. Write а pseudo-Java method as in рагt (а) to list the stгings in W L that meet the Spelling Вее conditions fог а given set of letters.

( с ) vVhich of the methods in parts (а) and (Ь) will run faste1-, assuming а realistic word list? (Hint: The Oxford English Dictionary contains feweг than one million woгds. )

Р 2 . 5 . 9 (uses Java) Write methods a s in ProЫem 2 . 5 . 8 that produce lists o f pangrams in the Spelling Вее game fог а given set of letters. А pangram (see Exercise 2.5. 10) is а wo1·d that meets the conditions and also uses each of the seven letters at least once. 2-23

Р2.5. 10 It is possiЫe for two different finite languages Х and У to have the same Кleene star, that is, for Х* = У* to Ье true. (а) Ршvе that Х* = У* if and only if both Х � У* and У � Х * . ( Ь ) Use part (а) t o show that Х* = У* i f Х = {а, аЬЬ, ЬЬ} and У = {а, ЬЬ, ЬЬа} . (с) Piove that i f Х * = У* and Л rf_ Х stiing in У have the same length.

U

У, then the shшtest stiing i n Х and the shшtest

2-24

2.6

2.6.1

Proofs With Quantifiers

The Four Proof Rules

Now that we have our two quantifiers and know what they mean, we can formulate rules for proving statements in the predicate calculus. We begin, of course, with all the rules for the propositional calculus, as the data type of quantified statements is still boolean and the propositional calculus applies to all objects of that type. So, fог example, we know that [(3х : А(х)) /\ ( ( 3х : А(х)) ---+ (\:/х : В (х ) ) )] ---+ \:/х : В (х) is а theorem of the predicate calculus - а statement that is true for any possiЬle predicates А and В. Why? If we substitute р for "3х : А(х)" and q for "\:/х : В (х)" , it becomes " [р /\ (р ---+ q)] ---+ q" , which we can recognize as а tautology (the rule of Modus Ponens ) . The more interesting proof rules, howeveг, will deal with the meaning of the quantifieгs. We've seen one already, in the rule of interchanging -,У-, with 3, or ,3, with \:/. But in а general forward­ backward pIOof setting there are four basic situations that might come up, and each of them has its own special ргооf rule:

•

А 3 quantifier in the pгemise, whicl1 would allow us to use the Rule of Instantiation,

•

А 3 quantifier in the conclusion, which allows fог the Rule of Existence,

•

А \:/ quantifier in the pгemise, which allows fог the Rule of Specification, and finally

•

А \:/ quantifier in the conclusion, which allows for the Rule of Generalization.

Each of these situations also suggests а proof strategy, which tells you how you might Ьгеаk down your cuпent forward-backward proof into а smaller subgoal, either Ьу moving forward fгom the pгemise or backwaгd fIOm the conclusion. The strategies are useful whenever the premise 01· conclusion are stated in terms of quantifiers, which is quite often in mathematics. We'll now take а more detailed look at each of the four situations, with an example of а simple proof using each 7 .

2.6.2

Examples For Each Rule

То begin, then, consideг the situation where we are given а pгemise of the form 3х : А(х). The premise tells us that some object а of the correct type exists, for which А(а) is tгue. We don't know anything about this object other than its type and the single proposition А(а) . What this rule will let us do is to give а пате to this object so we can refer to it later. In English, we say "Let а Ье а thing such that А( а) is true," and then use а in the гest of the proof. In symbols, we get the 7 Each of the four situations is the subject of consideiaЬ!y gieatel' detail.

а

chapter in Solow, where he goes through each p1·oof strategy in

2-25

Rule of Instantiation: From the statement :Эх : А(х) you may derive the statement А(а) , wheie а is а пеw vагiаЫе of the сопесt type. FOI example, let's take the piemise "There exists а pig with wiпgs" , OI :Эх : (Р(х) /\ W (x) ) . Heie the vагiаЫе х is of type animal, Р(х) meaпs "х is а pig" , апd W(x) meaпs "х has wiпgs" . The Rule of Iпstaпtiatioп allows us to coпclude Р(а) /\ W(a), where а is ап animal аЬонt which we kпow опlу this single fact. Whether usiпg this rule iп this coпtext is а good idea depeпds оп what we're tryiпg to prove, which briпgs us to the secoпd sitнatioп. If we are tryiпg to prove а conclusion of the foi-m :Эх : А(х) , we will waпt to make use of the followiпg Rule of Existence: From the statemeпt А(а) , where а is апу object of the correct type, you may derive the statemeпt :Эх : А(х). This gives нs а proof strategy of sorts to prove our coпclusioп. We thiпk of some а sнch that А (а) is true8 , prove А(а), апd нsе the Rule of Existeпce to coпclude :Эх : А(х) . Iп our example, sнppose we had "There exists а pig with wiпgs" as our premise апd waпted to prove "There exists ап aпimal with wiпgs" , or :Эх : W(x). Our пеw strategy says that we сап get ош coпclusioп if we сап prove W(Ь) , for апу Ь just as loпg as Ь is ап animal 9 . Fortнпately, we've already derived the statemeпt Р(а) /\ W (a) from the premise, for some aпimal а. The propositioпal calculus Iule of Right Separatioп gives us W(a), апd this is just what we пееd to get :Эх : W(x) Ьу the Rule of Existeпce. Now to universal quaпtifiers. The meaпiпg of а premise of the form Vx : А(х) is that А(а) is true fOI апу object а of the correct type. The useful form of this fact for proofs is the followiпg Rule of Specification: If а is апу object of the correct type, theп from the statemeпt 1;/х : А(х) you may derive the statemeпt А(а) . FOI example, sнppose that to our premise "Theie exists а wiпged pig" (:Эх : (Р(х) /\ W(x) ) ) we add the premise "All winged aпimals are Ьirds" (Vx : (W(x) --+ В ( х ))) . How would we go about pioving "Theie exists а pig that is а Ьird" ( :Эх : Р(х) /\ В(х))? Siпce we have an existential quaпtifier iп the coпclusioп, our earlieI strategy sнggests that we fiпd some aпimal Ь such that Р(Ь) /\ В (Ь) is trнe. We already have ап aпimal а sнch that Р(а) /\ W(a) is trнe. From this we сап get Р(а) Ьу sepaгatioп, апd if we could somehow piove В (а) we could get Р(а) /\ В (а) Ьу joiniпg апd use а iп the role of Ь. How сап our secoпd premise help us get В (а)? We apply the Rнle of Specificatioп to it with our own choice of vaiiaЫe, а, gettiпg W(a) --+ В (а) . Now it's easy to finish the proof Ьу usiпg separatioп to get W (a) апd Modus Ропепs to get В (а) . 8 0f сошsе, this first step may remind you uncomfortaЬ!y of the first step of comedian Steve Martin's method to become а millionaire and never рау income taxes ( "First, get а million dollars"." ) , but at least the strategy gives us an idea of what \Ve need. 9 Why switch letters in tl1e middle of the explanation? The basic шlе is that we may нsе whicheveг letteгs we \vant as loпg as we doп't use the same опе twice iп а coпtext wheгe it coнld lead to some false statement beiпg iпtгoduced. It's usually best to Ье slightly рагапоid апd pick а diffeгent letteг wheneveг апу сопfнsiоп might aгise. Неге, а is being used as the name of the winged pig provided Ьу the premise, so we'll use another name for the winged animal we're about to pr·ove to exist, even though they'll eventually pr·ove to Ье the same animal.

2-26

The last situation, and the most complicated, is "\vhen the desiгed conclusion has а univeгsal quan­ tifiш. What do we need to know in огdег to conclude Vx : А(х)? А(а) must Ье tПie fог апу choice of а at all. We can ргоvе this Ьу the following Rule of Generalization: If, using only the assumption that а is of the сопесt type, you can pIOve А(а) , you may deгive Vx : А(х) . In English, this tends to Ье expгessed "Let а Ье агЬitгшу" , followed Ьу а ргооf of А(а), and the conclusion "Since а was агЬitшгу, we have proved Vx : А(х) ." Fог example, using the pгemise "All winged animals are Ьirds" as before, we can ргоvе "All winged pigs ше Ьirds" , or Vx : [(Р(х) /\ W(x)) -t В(х)] . Let а Ье an arЬitrary animal. We need to ргоvе ( Р( а) /\ W (а) ) -t В (а) . Since this is an implication, we can use а diiect pioof, assuming Р( а) /\ W (а) and tiying to pIOve В (а). As Ьеfоге, we use the Rule of Specification on the piemise to get W(a) -t В (а) fог this particulaI arЬitiaiy а, wheieupon we can conclude В (а) Ьу pIOpositional calculus щles. Since а was arЪitiшy, and we pioved (Р(а) /\ W(a)) -t В (а) without any assumptions, the Rule of Geneialization allows us to conclude Vx : [(Р(х) /\ W(x)) -t В(х)] . You may have noticed that like the propositional calculus, the predicate calculнs seems to Ье аЫе to piove only obvious statements. If the tiнth of а statement has nothing to do with the meaning of the predicates, of сошsе, we can't expect to get any insight about the meaning. It's somewhat тоге difficнlt (and beyond the scope of this book) to prove that the pгedicate calcнlus is complete ( that is, that all true statements аге provaЫe) , but this can Ье done. The real importance of these proof strategies, though, is that they remain valid and useful even when other proof rules are added that do depend on the meaning of the predicates. We'll see examples of this starting with the case of numbeг theory in Chapter 3.

2.6.3

Exercises

Е2.6 . 1 Indicate which quantifieг proof rнle to use in each sitнation, and oнtline how to use it: (а) The desired conclusion is "All tгout live in tгees" . (Ь) Уон have the pгemise "Tommy lives in tгees" , and Tommy is а tгout. (с) Уон have the pгemise "All tгout live in tгees" , and Tornmy is а tгонt. (d) You have the pгemise "Some trout lives in tгees" . Е2.6.2 Ргоvе that the statements Vx : Vy : Р(х, у) and Vy : Vx : Р(х, у) аге logically equivalent, Ьу нsing the proof гules fгom this section to pIOve that each implies the otheг. Е2.6.3 Repeat Exeгcise 2.6.2 fог the statements :3х : :3у : Р(х, у) and :3у : :3х : Р (х, у). Е2.6.4 Use the proof гнlеs to ргоvе the statement Vy : :3х : Р(х, у) fгom the pгemise :3и : Vv : Р(и, v) . Is the conveгse of this implication always tгue? Е2.6.5 The law of vacuous ргооf can easily Ье comЬined with the Rule of Geneгalization to prove that апу proposition at all holds fог all membeгs of an empty class. Demonstгate this Ьу 2-27

proving both "All Кings of France are bald" (Vx : К(х) ---* В(х)) and "All Кings of France are not bald" (Vx : К (х) ---* ·В(х)) from the premise "There does not exist а King of France" (•3х : К(х) , or Vx : •К(х ) ) , using these two rules. Е2.6.6 If we know that the type Х over which we are quantifying is finite and have а list of its elements, we can use this fact in proofs. (а) Write а quantified statement, with variaЫes гanging over the type Х, that says Х {с, d} .

=

(Ь) Ршvе Vx : Р(х) fгom thгee pгemises: tl1e statement of рагt (а) , Р(с), and P(d) . (Hint: Use Proof Ву Cases as part of your Generalization. ) Е 2 . 6 . 7 Let D = { с , d, s } Ье the set o f dogs consisting entirely of Cardie, Duncan and Scout, and let А = {Ь, r, s } Ье the set of activities consisting entirely of barking, retrieving, and swim­ ming. The predicate L(x, у) means "dog х likes activity у" . We will take as our premise the statement "Every dog likes at least two different activities." (а) Write the premise as а quantified statement. Don't forget to make the activities distinct. (Ь) Ршvе L( с, r ) V L( с, s ) from the premise. (с) Prove Vx : 3у : L (x, у) /\ (у -=/= Ь) from the premise. Е2.6.8 Define the folllowing predicates over the type of "people" : WSD(x) means "х weighs the same as а duck" , MW(x) means "х is made of wood" , and IW(x) means "х is а witch" . (а) Тranslate the pгemises "all people who weigh the same as ducks аге made of wood" and "all people who are made of wood are witches" into quantified statements. (Ь) Assume that person с weighs the same as а duck. Using the premises of (а) , prove that person с is а witch. (с) Тranslate the conclusion"all people who weigh the same as ducks are witches" into а quantified statement, and ргоvе it from the pгemises нsing Generalization and Specifi­ cation. Note that the Hypothetical Syllogism rнle cannot Ье нsed inside а quantifier. Е2.6.9 Let D Ье а set of dogs, А Ье а set of activities, and L ( x, у) the predicate meaning "dog х likes activity у" . Consider the premises "Every two dogs like some common activity" and "if any two dogs like the same activity, then they are the same dog" . (а) Тranslate the pгemises into qнantified statements. (Ь) Prove а contradiction from these two premises and the thiгd statement 3х : 3х' : х -=/= х' , wheгe the variaЬles in the last statements аге of type dog. (с) Is it possiЫe for both the pгemises to Ье tгне? If so, how? Е2.6 . 1 0 As in Excursion 1 .2, define the predicates Е(п) and О (п) on naturals to mean 'Зk : п = 2 k " and 'Зk : п = 2 k + 1" гespectively. Ргоvе the statements Vn : Е(п) ---* О(п + 1) and Vn : О (п) ---* Е(п + 1 ) respectively, нsing qнantifieг proof rules. Уон do not need to jнstify standard facts about addition and mнltiplication.

2-28

2.6.4

ProЫems

Р2.6 . 1 Followiпg Lewis Carroll, take the preтises "All aпgry dogs growl" (Vx : (А(х) Л D(x)) ---+ G(x) ) , "All happy dogs wave their tails" , "All aпgry cats wave their tails" , "All happy cats growl" , "All aпiтals are either aпgry or happy" , апd "No апiтаl both growls апd waves its tail" , апd prove the coпclusioп that по aniтal is both а dog апd а cat. Use p1·edicate calculus апd iпdicate which proof mle justifies each step. Proof Ьу coпtradictioп is рrоЬаЫу siтplest. Р2.6.2 Iп Robert Heiпleiп's пovel The Number of the Beast, the followiпg two logic puzzles occur, iп which опе is to derive а coпclusioп fтт six preтises. ( Heiпleiп desigпed these iп the spirit of Lewis Carroll. ) Your task is to give formal proofs that the coпclusions are valid. Iп the fiгst, the type of the variaЬles is "my ideas" , and the preтises аге: •

• •

Every idea of тiпе, that саппоt Ье expressed as а syllogisт, is really ridicнlous; (Vx :

·ES(x) ---+ RR(x)) one of ту ideas about Bath-buns аге woгth writing down; (Vx : В (х) ---+ • VVW D (x)) о idea of тine, that fails to соте true, сап Ье expressed as а syllogism; (Vx : •Т(х) ---+ ·ES(x) )

•

I never have апу really ridiculous idea, that I do not at once refer to ту solicitor;

•

Му dгеатs are all about Bath-buпs; (Vx : D(x) ---+ В(х))

•

I пever refer апу idea of miпe to ту solicitor, uпless it is worth writiпg dowп. (Vx

(Vx : RR(x) ---+ RS(x))

RS(x) ---+ WWD(x))

The conclusioп is "all my dreams соте true" , or Vx : D(x) ---+ Т(х) . Prove this froт the premises using the гules of propositional and pгedicate calculus. Р2.6.3 Heinlein's second puzzle has the sате form. Неге you get to figure out what the intended coпclusioп is to Ье 1 0 , апd prove it as above: • • • • • •

Everythiпg, поt absolutely ugly, тау Ье kept iп а dгawing тот; othiпg, that is eпcrusted with salt, is еvег quite dгу; othiпg should Ье kept iп а drawiпg rоот, uпless it is free from dатр; Tiтe-tгaveling тachiпes are always kept пеаr the sea; othing, that is what you expect it to Ье, сап Ье absolutely ugly; vVhatever is kept near the sea gets encrusted vvith salt.

Р2.6.4 We can now adjust our гules froт Section 1 .5 for tгanslating set identities into the pгopo­ sitioпal calculus, Ьу addiпg а quantifier to the tгanslations of А I B I .

а

а

Ьijection from А to В if and only if I A I = I B I .

surjection from А t o В that i s not

Note that we are stating this theorem only for finite sets, because i n Section 1 . 1 we defined the size of а set only if it is finite. We'll see later (in Chapter 7) that the existence of а Ьijection will serve as the definition of "same number of elements" for infinite sets. The analogs of parts (2) and (3) of this Theorem, however, will not Ье true! For example, with А and В both equal to N, we have both injections ( such as f(n) = п + 1 and surjections ( such as f (n) = п 1 , with f(O) = О) fI"om А to В that are not Ьijections. -

2.9.3

Composition and Inverses

If f is а function from А to В and g а function from В to С, it's possiЫe to take an elemeвt from а, apply f to it, and then apply g to the result. We can define а single function h fI"Om А to С Ьу the rule h(x) = g(f(x) ) , and we define the composition of the two functioвs to Ье this function h. We also write tllis I"elationship 12 as h = g о f. Figшe 2-7 illнstrates the composition of two functions on finite sets. If there is

а

functioв k from В to А such that k о f and f

о

k are each identity functions (whose

1 2 You may liave expected this composition, wheie f was peifшmed fiist and then g, to Ье wiitten f о g instead. But this notation is necessaiy because we ai·e wiiting the function to the left of its aigument, as we've done all along. The best way to IemembeI this may Ье to note that the g and f stay in the same Ielative position as we go fiom g(f(x)) to (g о f ) (x), and that once we know the domain and Iange types of f and g theie is usually only one way the composition сап Ье formed.

2-43

А

в

А

А

(а) Functions f and k.

(Ь)

А

k

о

f

=

identity Source:

David Mix Barriпgton

Figure 2-8: f and k are inverse functions. output is always the same as their input) we say that k is the inverse 1 3 of f. This means that k has the effect of "undoing" f and vice versa, as doing first one and then the other has the same effect as doing nothing at all. For example, у = х 3 and у = х 1 13 are inverses of one another, as functions from the real numbers to themselves. Figure 2-8 shows another example with finite sets. If а function has an inverse, we can show that both the functions are Ьijections. ConsideI f from А to В and k from В to А, as above. First we'll prove that f is one-to-one. If х and у are two distinct arЬitrary elements of А, for example, it can't Ье true that f (x) = f(y) , because then k(f(x)) and k (f(y) ) would Ье the same element, and because k о f is the identity function this element would have to Ье equal to both х and у. f must Ье onto as well, as any element z of В is hit Ьу the element k(z) of А - since f о k is the identity function we know that f(k(z)) = z. Proving that k is а Ьijection requires only the same argument with the f's and k's reversed. The connection between Ьijections and inverse functions is even closer than that, because every Ьijection must have an inverse. If f from А to В is а Ьijection, and у is an element of В, the onto апd опе-tо-опе properties together tell us that there is exactly опе elemeпt х of А such that f ( x ) = у. We just define k(y) to Ье this element, and we have both that f (k(y)) = у and that k(f(x)) = х. As another example, let's prove that the composition of two injections is also an injection. Let the two original functions Ье f : А ---+ В and g : В ---+ С. We are given the assumptions Vx : Vy : (f(x) = f (y)) ---+ (х = у ) апd Vx : Vy : (g(x) = g(y)) ---+ (х = у). We >vaпt to prove Vx : Vy : (g( f (x)) = g(f(y) ) ) ---+ (х = у). (Note that we've used the same variaЫe names, х and у, in each of these three quaпtified expressions, even though the vaгiaЫes аге of diffeгent types. In general it's not hard to look at the unquantified рагt of each statement and determine what the type of each vагiаЫе has to Ье for the statement to make sense. For example, in the first assumption апd the conclusion the function f is applied to х and у, so the type of these variaЬles must Ье А.) This gives us а good chance to practice our general techniques to prove quantified statements. The statement we are trying to prove is а universal qнantification, so we pick an arЬitrary х and у from А (the corтect data type) , assume that g(f(x)) = g (f (y) ) , and tiy to prove х = у. We know fгom 13We сап also define coшposition and inverses for гelations otheг than functions, as fог ехашрlе Ьу saying that о R) (x, z ) is tгue if and only if 3у : R(x, у) /\ S(y, z ) , and defining inveгse in tегшs of coшposition as before.

(S

2-44

the second assumption above that if g(w) z. So letting g(z) fог any w and z in В, then w w = f(x) and z = f(y), we can conclude f(x) = f(y). We can then get х = у Ьу applying the fiгst assumption, without even гenaming any vaiiaЫes. =

=

In РгоЫеm 2.9.2 we'll ргоvе that the compositioн of two surjections is the composition of two Ьijections is а Ьijection.

2.9.4

а

surjection, and thus that

Exercises

Е2.9.1 Let f(x) х + 2 and g(x) 2х + 3 Ье two functions fгom naturals to naturals. What аге the functions f о g and g о f? Аге eitheг of these functions injections, surjections, ог Ьijections? Does eitheг have an inveise? =

=

Е2.9.2 Deteгmine wl1ich of the following functions from naturals to naturals аге injections, surjec­ tioпs, and Ьijections. If а function is а Ьijection, give its iпveгse.

( а ) f ( х) = х2 + 2х + 1 .

(Ь) g(O)

( с ) h (x) (d) i (x)

=

=

=

g(l)

g(2)

О and fог any х > 2 , g(x) х х + 1 if х is еvен, h(x) х 1 if х is odd. =

=

=

,

=

-

3.

-

х.

(е) j (x)

=

7.

(f) k(x)

=

у wheгe у is the laigest natural such that у2 :::; х. ,

Е2.9.3 In each of the following examples, descгibe the domain (input type) and гange (output type) of the two functioпs f and g. Deteгmine whetheг eitheг the composition f о g ог g о f makes sense, and if so desciibe it as а function.

( а ) f (x) is the salar·y of employee х, and g(y) is the job title of employee у. (Ь) f(x) is the job title of employee х, and g(y) is the salaiy that goes >vith job title у.

( с ) f(x) is the employee who is the supeivisOI of employee х, and g(y) is the salaiy of employee у.

(d) f(x) is the tax paid on

а

salaгy of х, and g(y) is the salaгy of employee у.

Е2.9.4 Define the following functions fгom the set of stгings оvег {а, Ь} to itself. If w is any stгing, let f(w) = wR, let g(w) = wa, and let h(w) = v if w = va fог some v, ог h(w) = w if w does not end in а.

( а ) Descгibe the functions f о g, f о h, g о f, g о h, h о f, h о g, and f о g о h. (Ь) Аге any of these thгee function surjections, injections, ог Ьijections? Do any of them have inveгses? If so, descгibe the inveгses.

( с ) Descгibe the functions f о f, g о g, and h о h. Е2.9.5 Ргоvе that composition of functions is associative wheгe it is defined. That is, if f is а function from А to В, g fIOm В to С, and h fгom С to D, ргоvе that (h о g) о f and h о (g о ! ) аге the same functioн fгom А to D. (Two functions with the same domain and гange аге defined to Ье equal if they have the same output fOI еvегу input.) 2-45

Е2.9.6 Неге we relate our new properties of relations to the definition of а function. (а) Prove that а Ьinar·y relation R is onto if and only if its inveгse relation н- 1 is total. (Ь) Ргоvе that а Ьinary relation R is one-to-one if and only if its inveгse relation н- 1 is well-defined.

(с ) Explain why R is both onto and one-to-one if and only if н- 1 is а function. (d) Give an example where R is both onto and one-to-one but is not а function itself. Е2.9.7 Let f and g Ье two Ьijections on а set А. vVhat is the inverse of the function f о g, in teгms of the inverse functions 1- 1 and g- 1 7 Prove your answer. Е2.9.8 Let А Ье а set of r elements and В Ье а set of n elements. How many possiЫe different functions are there from А to В? Explain your answeг in the special cases of r = О, r = 1 , n = О, and n = 1 . Е2.9.9 For what sets А , i f any, can we Ь е sure that any function from А t o В is an injection? For what В, if any, can we Ье sure that any function from А to В is а surjection? Е2.9. 10 Fix а natural n. Let А Ье the power set of {О, 1, . . . , n - 1 } and let В Ье set of all Ьinary strings of length n. Define а Ьijection from А to В, and its inverse from В to А.

2.9.5

ProЫems

Р2.9 . 1 Let f from А to В Ье any injection. Define С to Ье the set of гange values hit Ьу f, the set { f (x) : х Е А} ог equivalently {у : :Эх : у = f(x) } . (This set is also often called "!(А)" . ) Let g Ь е the function from А t o С defined so that f(x) = g(x) . (Note that g i s not the same function as f because it has а different range, though as а гelation it consists of the same ordeгed pairs. ) Prove that g is а Ьijection. Р2.9.2 Prove that if f : А -+ В and g : В -+ С are both sшjections, then so is their composition (g о !) : А -+ С. Explain carefully why this, together with а result proved in the text of this section, implies that the composition of two Ьijections is а Ьijection. Р2.9.3 Let f : А -+ В and g : В -+ С Ье functions such that g о f is а Ьijection. Prove that f mнst Ье one-to-one апd that g must Ье onto. Give an example showing that it is possiЬle fщ neither f nог g to Ье а Ьijection. Р2.9.4 If f is а function from а set А to itself, we can compose f with itself. We call the composition of f with itself k times the k'th iterate of f, апd write it j( k ) . (а) I f f(x) = х + 2 , what is the functioп j(3 ) ? ( Ь ) I f g(x) = х 2 + х + 1 , what i s the function g с, f(x) ;::: g(x). We define а relation D on functions so that D(f, g) means "! dominates g" .

( а ) PIOve that D is

а

linear order on polynomials.

(Ь) Prove that D is

а

partial order on functions.

( с ) Ргоvе that D is not а linear order on functions. (Hint: Give an example of two functions, neither of which dominates the other.)

Р2. 10 . 1 0 Let Р Ье а partial order on а finite set Х. Prove that there exists а linear order L on Х such that Р Ь" , "а + Ь = с" , and "а · Ь = с" . With quantifiers, we can say faiгly complicated things, sнch as 'За : :3Ь : \:/с : (а · с = а) А (Ь · с = с)" , а statement that two naturals exist with ceгtain properties. (Is this statement true? If so, what are the two naturals?) Just as in Chapter 2, we can нsе the predicate calculus to define properties in terms of other pгoperties. Perhaps our most important property is the "divides" relation from Section 2. 10, which is defined so that " а divides Ь" if and only if :3с : а · с = Ь. Once this property is defined, it can Ье used in more number theory statements. Fог example, we will shortly define а prime number in terms of this relation. In this book we will Ье а Ьit informal about the exact rнles of ош language for formulas, though it's possiЬle to fix sнch rules exactly and write some of the atomic formulas in terms of others2 . Why study number theory? There ai·e practical uses for it in computer science, of сошsе, in any situation that involves counting. You may Ье familiar with а hash tаЫе, which is а sequence of п data locations in which items are to Ье inserted as they aпive. You compute (нsing number theory, as it happens) an address for the item and see whetheг that address is vacant. Under one scheme called ореп addressing, if it isn't you try again at the address k locations late1-, where k is some fixed natшal. If this brings you past the last location, you "wrap around" to the beginning. If you still get а filled location, you jump k locations again, and keep doing нntil there's а vacant one. One featшe of this scheme is that if k and п are chosen correctly, if there is any open location at 1 For а beautiful exposition of what matl1ematics is and what it is for, i·ead Mathematics: Form and Function Ьу Saunders Мае Lane. 2 Hofstadter defines his "Тypographical Number TheOiy" carefully so that everything is defined in terms of а symbol fOI zero, the equals sign, and functions for sнccessor, addition, and multiplication. Не goes to some trouЬ!e to get а pai·ticular exact numbeг of symbols iп his alphabet, for non-mathematical гeasons.

3-2

@Kendall Hunt Pt1Ьlishing Company

Figure 3- 1 : А hash tаЫе. Arтows show the jumps in looking for an empty space. all you'll eventually find it. ( Figure 3- 1 shows an example with k = 3 and п = 8.) Determining which values of k and п have this pIOperty is а good example of а number-theor-etic question. More philosophically, studying the most fundamental mathematical system is valuaЫe for what it tells us about how mathematics works and how the woгld woгks. There are questions in number theory that аге vегу easy to state but that no one cuпently can answer3 . But if you believe that the naturals exist in а philosophical sense, any statement of number theory must Ье true or false. Either а natural \vith some property exists, or it doesn't. Either all naturals have а certain property, or they don't. Just as with the propositional calculus, you'd like to find а proof system that is complete ( can ргоvе all the true statements of number theory) and consistent ( doesn 't prove any false statements ) . Although the best matl1ematicians in the woгld were seriously looking for such а thing early in this century, we now know it doesn't exist. Godel proved in 1 931 that if you set down the гules for any mechanical ргооf system S that can talk about number theory, then there must Ье а statement of number theory that says, in effect, "I am not ргоvаЫе in system S" . If this statement wеге false, it would Ье ргоvаЫе, and S would thus Ье аЫе to prove а false statement and Ье inconsistant. On the other hand, if it is tп1е, then it must not Ье provaЫe as it says, and S is incomplete. Showing tliat such а statement exists is well beyond the scope of this book - to begin with you have to define а particular ргооf system fог numbei- theoгy in far mоге detail than we will use hei-e - but Hofstadter does this in Godel,

Escher, Bach4 .

3 The usual example of such а question used to Ье Fermat 's Last Theorem, which is still easy to state (see the discussion iп Hofstadteг ) but is no longer unsolved tlшnks to Andгew Wiles. The Goldbach Conjecture ( "Еvегу even numbeг greateг thaп two is the sum of two prime numbers" ) is peгhaps еvеп easieг to state and remains uшesolved. 4 The philosophical implications of Godel's theшem are one of Hofstadter's main topics. For example, does the fact that some mathematical questions аге provaЬ!y uпsolvaЬ!e say anything about whether tгue a1·tificial intelligence can Ье achieved?

3-3

3.1.2

Primes and Primality Testing

Our goal in this chapteг will Ье to lеаш some of the mOie interesting things that can Ье said within number theOiy, and to lеаш some techniques ( mostly infOimal ) to ргоvе some of them5 . We begin Ьу giving а few of the most basic definitions. We've already seen the division relation D (a, Ь) on naturals, which in Java terms is true if and only if Ь%а == О. Some naturals, like 60, have lots of other numbeгs that divide them, and some, like 59, have very few. In fact the only two naturals that divide 59 аге 1 (which divides еvегу natural) and 59 ( as any natшal divides itself) . Naturals that have this propeгty are called prime numbers6 . Definition: The predicate "Р(а)" , read in English as "а is prime" , is defined Ьу the rule:

Р(а) {::} (а > 1) /\ (D(b, а) ---+ [(Ь = 1) V (Ь = а)] ) , o r equivalently, Ьу expanding the definition o f "divides" ,

Р(а) {::} (а > 1) /\ ::Jb : ::Jc : [(Ь > 1) /\ (с > 1) /\ (Ь · с = а)] . --,

Definition: А natural х ( with х > 1) is said to Ье а composite number if it is not prime. ( Note that we have thus defined 1 to Ье neitheг prime nor composite) . А composite number can Ье factored, or written as the pгoduct of two smaller naturals ( each greater than one ) . Given а natural а, how do we determine whether it is prime? Pгoving it to Ье pгime would mean proving the non-existence of factOis, which would mean ruling out all the possiЫe naturals d between 1 and а as possiЫe divisors of а. This trial division algorithm is the simplest test for primality. We can take а shortcut that will improve the running time of trial division. If а = dc for some d and с, at least one of d от с must Ье at most the square гооt of а ( Why? See Exercise 3 . 1 .8) . So if we check that all Ь between 1 and уГа, fail to divide а, а must Ье prime. Let's look at this test in pseudo-Java code: puЫ i c boolean isPrime (natural а) { if (а 1 and d2 :::; п . Е3. 1 .9 Suppose we waпt t o find all primes less than п using а Sieve o f EI"atosthenes. В у writing the numbeгs in гows of six, we can eliminate four of the six columns and thus avoid having to coпsideI two thiгds of the possiЫe пumbers (after dealing with the first row or two) . What fraction could we avoid Ьу using eight columns? Ten columns? Twelve? Can you find а row size that would let us avoid more than two thiгds of the numbers? Е3. 1 . 10 (uses Java) Aigue carefully that the isPrime method of the text is сопесt. If it returns f alse, how do we know that there is а рiорег factor of а? If it returns true, how do we know that theie isn't?

3 . 1 .6

ProЫems

Р3. 1 . 1 The naturals from 1 14 tillough 126 are all composite. Find 100 consecutive naturals that are all composite. (Hint: The factorial of а natural k, wiitten k!, is the product 1 · 2 · . . . · k. Уон can tell а lot about which numbers divide k!.) Р3. 1 .2 Find the smallest sequence of more than thirteen consecнtive composite numbers. (It may Ье а Ьit tiresome to find this Ьу hand - can you write а computer progгam that will find it?) Р3. 1 .3 The greatest common divisor of two naturals х and у is the largest number that divides both х and у. For example, gcd (8, 12) = 4 because 4 divides both 8 and 12 and no larger natural divides both. (а) What is the gгeatest common divisoг of 60 and 339? How do you kno,v? (Ь) What are the possiЫe greatest common divisors of р and х, if р is а prime number? How can you tell which is the сопесt one, given any х? 3-8

(с) What is the gieatest common divisOI of 2 3 32 54 and 2 2 · 34 5 3 ? Can you desciibe а method to find the gieatest common divisOI of any two numbeis, given theiI factOiization into primes? (You might not Ье аЫе to prove that уош method is сопесt, of сошsе, without Iesults fiom lateI in this chapteI) . ·

·

·

Р3. 1 .4 The least common multiple o f two natшals х and у is the smallest natшal that both х and у divide. FOI example, lcm(8 , 12) = 24 because 8 and 12 each divide 24, and theie is no smalleI natшal that both 8 and 12 divide. (а) Find the least common multiple of 60 and 339. (Ь) Find the least common multiple of 23 32 5 4 and 2 2 34 . 53 . (с) Describe а general method to find the least common multiple of two natшals, given their factщization into piimes ( and assuming that the factorization exists and is unique) . ·

·

·

Р3. 1 .5 Let х and у Ье any two positive naturals. Using the definitions in ProЫems 3 . 1 .3.and 3 . 1 .4, show that gcd(x , у) = 1�1/r,y) (а) Ьу using the characterizations of gcd and lcm in terms of the prime factoiization, and (Ь) directly Ьу proving that for any natural z, z is а common factor of х and у if and only if z divides ху and xy/z is а common multiple of х and у. Р3. 1 .6 Two naturals are defined to Ье relatively prime if their greatest common divisOI is 1. Note that this can happen even if either or both of the two naturals are composite. (а) Show that if х is prime, and у is not а multiple of х, then х and у are Ielatively prime. (Ь) Give an example of two composite numbers that are relatively prime. (с) Recall the example of а hash tаЫе, wheie we have п locations and Iespond to а collision Ьу moving up k locations. Show that if п and k аге not гelatively prime, then Iepeatedly skipping k locations will not reach all possiЫe locations. (d) If п and k are гelatively prime, will гepeatedly skipping k locations reach all the possiЫe locations? (Тrу to explain why or why not, although we won't have the tools to prove the answer until later in this chapter.) Р3. 1 . 7 А perfect number is а natural that is the sum of all its ргорег divisois. For example, 6 = 1 + 2 + 3 and 28 = 1 + 2 + 4 + 7 + 14. Prove that if 2n - 1 is prime, then (2 п - 1 ) 2n - l is а peгfect number. (А pгime of the form 2 п - 1 is called а Mersenne prime. Every perfect numbeг known is of the fOim given here, but it is unknown whetheг there are any otheгs. ) Р3. 1 .8 (uses Java) Using the Least Number Axiom o f Excursion 1 .2, prove carefully that the f actor method given in the text coпectly factors any natural. (Hint: Assume that п is the small­ est numbeI that it doesn't factor correctly, tгасе the method with input п, and derive а contгadiction.) Р3. 1 .9 (uses Java) Rewгite the f actor method so that on any input, it gives the same output as before, but there is no use of recursion. Р3. 1 . 1 0 (uses Java) The designers of Java, following those of С and С++, made the % symbol а remainder operator rather than а modular division operator. The definition of division comes first: а/Ь is the integer oЬtained from the rational number а/Ь Ьу гounding towards zero. Fог example, 7 / 5 is - 1 . Then the гemainder а % bis defined in огdег to satisfy the identity (а/Ь) *Ь + (а % Ь) = а. This behavior might not necessarily Ье what you expect. -

3-9

(а) Using this Java definition, determine the values of 7 % 5, -7 % 5, 7 % -5. (Ъ) Show that two integers а and Ь equal to Ь % r.

тау

-5,

and -7 %

Ъе congruent modulo r even though а % r is not

( с ) Argue that if а % r

== Ь % r, then а and Ь are congruent modulo r, even if some of all of the numbers are negative.

( d ) Write а real-Java static method int modClass ( int а, int r) that, if r is positive, returns а number Ь such that а and Ь are congruent modulo

( е) Argue that modClass ( а , r) modulo r .

==

r

and О ::::; Ь < r.

modClass (Ь , r) if and only if а and Ь are congruent

3-10

3.2

Excursion: Playing With Numbers

Working with prime numbers and divisiЬility gives rise to а number of computational proЫems: Does this natural divide that one? Is this natural prime? If not, what are its factors? Before the days of hand calculators, various computational tricks were developed to solve some of these Ьу hand or even mentally. In this Excursion we'll learn some of these tricks, and use them to solve some proЫems about primality. In ordinary base ten arithmetic, the easiest questions to answer аЬонt а natural are whether it is divisiЬle Ьу two or Ьу five. You ргоЬаЫу know that both these questions can Ье solved Ьу looking at the last digit of the natural. If that digit is О or 5, the number is divisiЫe Ьу five, and not otherwise. If that digit is even ( divisiЬle Ьу two ) then so is the natural itself, and not otherwise. The reason that this works is that any natural is congгuent, modulo ten, to its last base ten digit. For example, 1 7256 is equal to 10( 1725) + 6, so ten divides the difference of 17256 and 6, and thus 1 7256 = 6 ( mod 10). Two naturals congгuent modulo ten аге also congгuent modulo five and modulo two, since both two and five divide ten. This is all you can tell fгom the last digit, but the last two digits tell you тоге. А natural is congгuent to its last two digits modulo 100 ( fог example, 1 7256 is congгuent to 56) , and this means that уон can use the last two digits to test divisiЬility Ьу any natural that divides 100, in paгticular divisiЬility Ьу 4. Similaгly you can test divisiЬility Ьу 8 Ьу looking at the last thгee digits, divisiЬility Ьу 16 Ьу looking at the last four digits, and so forth. Our example of 17256, in paгticulaг, is divisiЫe Ьу 4 (4 divides 56) , 8 (8 divides 256) but not 16 ( in fact 1 7256 = 16(1078) + 8 , and 17256 = 8 · 2157) . The next trick involves the sum of the digits of а natural. In base ten, the numbeг 9 has the convenient pгoperty that every power of 10 is congшent to 1 modulo 9 ( that is, \:/k : lOk = l ( mod 9)) . We can see that this is tгue Ьу looking at lO k 1 , which i n base 1 0 is гepгesented Ьу а stгing o f k nines and thus cleaгly equals 9 times а stгing of k ones. ( Fог example, with k = 5, 99999 = 9 · 1 1 1 1 1 . ) This makes any natural congгнent modulo 9 t o the sum o f its digits - fог example: -

1 7256 = 1 ( 10) 4 + 7( 10) 3 + 2(10) 2 + 5( 10) 1 + 6(10) 0 = 1 + 7 + 2 + 5 + 6 = 2 1 , because we can i-eplace each o f the poweгs o f 10 Ь у one and still have а valid congгuence, using the fact that the sum of congгuences is anotheг congгuence. 21 is not divisiЫe Ьу 9, so we know that 1 7256 isn't, but it is divisiЫe 1 2 Ьу 3. Because 3 divides 9, and 21 = 1 7256 ( mod 9 ) , we know 21 = 1 7256 ( mod 3) and thus that 3 divides 17256. So we can test divisiЬility Ьу 3 fог any natural with ease. We have made some pгogгess towaгd а pгime factoгization of 1 7256, as we now know that 17256 = 8 · 3 · 719. Внt is 719 pгime? It isn't divisiЫe Ьу 2, 3, ог 5, but to Ье sure it is pгime we'd have to check it fог divisiЬility Ьу all the pгimes р such that р2 :::; 719, namely 7, 1 1 , 13, 17, 19, and 23. Тhеге is а way to speed up mental calculation fог these tests, which we'll see, but fiгst let's see а couple of tгicks fог specific numbeгs. 12 If we're гeally lazy we

сап

use the trick again to get that 21 is congшent modulo 9 to 2 + 1

3-1 1

=

3.

Тhеге аге two tгicks fог testing divisiЬility Ьу 1 1 , one а simple extension of the tгick fог 9. If we divide а natural into pairs of digits staгting fгom the гight, and add the гesulting two-digit numbeгs, we get а natural which is congгuent to the Oiiginal numbeг modulo 99, and hence modulo 1 1 . Why? lt's the same pгinciple, that since 100 = l (mod 99 ) еvегу роwег of 100 is also congment to 1. This tells us that 719 is not divisiЫe Ьу 11 since it's congгuent to 7 + 19 = 26. eitheг is 17256, fог that matteг 13 , since it's congгuent to 1 + 72 + 56 = 129 and thus to 1 + 29 = 30. The otheг tгick fог 11 involves the fact that while even poweгs of 10 аге congгuent to 1 modulo 1 1 , odd povveгs o f 1 0 аге congгuent t o 1 0 itself, and thus t o - 1 . S o any numbeг is congгuent modulo 1 1 t o the alternating sнm o f its digits, arranged s o tЬat the last digit gets а plus sign. 7 1 9 i s congгuent to 7 - 1 + 9 = 15, and 17256 is congгuent to 1 - 7 + 2 - 5 + 6 = -3. Note that these гesults аге consistent with what we found above. Bгeaking а natural into thгee-digit segments and adding them is а valid test fог divisiЬility Ьу 999, but since 999 = 27 · 37 and we can alгeady test fог divisiЬility Ьу three, this is really only usefнl fOI testing fог divisiЬility Ьу 37, which doesn't соте up all that often. But we can also have lагgег veгsions of the alternating test. Alternating sнms of two-digit segments tests fог divisiЬility Ьу 101, а гelatively гаге pгime, but thгee digit segments wOik fог 1001, а mOie useful numbeг because it factors as 1001 = 7 · 1 1 · 13. This doesn't help fог 719, of course, Ьнt it means that fог any natural of тоге than thгee digits, we can get а natural of thгee digits that is congгuent to it modulo 7, 1 1 , and 13. For example, fгom 1 7256 we'd get - 1 7 + 2 5 6 = 239, which happens t o not Ье divisiЫe Ьу any of these three numbeгs (we knew about 11 alгeady) . Неге is one more geneгal trick fог testing divisiЬility Ьу one of the small pгimes for which the above tгicks don't woгk (OI still leave уон with а thгee-digit numbeг to test ) . Remember that in carrying out the division, you don't саге about the quotient, only whetheг the гemaindeг is zего. So you make pгogress if уон can conveгt the given natural to а smalleг natural sнch that the two numbeгs аге eitheг both divisiЬle Ьу the pгime OI both not divisiЫe Ьу it . А quick way to do this mentally is to fiгst add or suЬtгact а multiple of the pгime to get а numbeг ending in О, then гemove the О. Cleaгly adding ог sнbtгacting the multiple gives you something congгнent modulo the pгime. Dividing Ьу 10 won't give you something congгuent, but as long as the pгime in question isn't 2 OI 5, it will not change the divisiЬility of the number Ьу the pгime (the reason fог this will Ье cleaieI lateг in the chapteг) . S o t o test 719 for divisiЬility Ьу 7 , fог example, we add 2 1 to get 740 and divide Ьу 1 0 t o get 74, wheгeupon if we know our multiplication taЫes we аге done because 7 does not divide 74. In this way vve can soon veгify that 719 is in fact prime. We checked 1 1 , and to do 13 we can suЬtгact 3 · 13 = 39 fгom 719 to get 5 = 680, and note that 13 does not divide 68. Fог 17, we may add 3 · 17 = 51 to 719 getting 770, and 17 does not divide 77 (since it does divide 68 and 85 ) . Checking 19 is even easieг, as subtгacting 19 leaves 700, and 19 ceгtainly doesn't divide 7. Finally fог 23 we subtгact 3 · 23 = 69 fгom 719 leaving 650, and 23 does not divide 65. Since the next pгime, 29, has а squai·e Ьiggeг than 719, we аге done and have shown that 719 is prime. 13 Bу the Fundamental Theorem of Arithmetic, which we've not yet pгoved, it wouldn't Ье possiЬ!e to multiply some natшals that are each not divisiЫe Ьу 11 ( hеге 8, 3, and 719) and get а natшal that is divisiЬ!e Ьу 1 1 , because this would mean that the largeг number had two different prime factorizations.

3-12

3.2.1

Writing Exercise

It's easy to соте up with proЫems that can Ье solved using the tricks described above - hel'e al'e some samples. Slюw уош WOI'k cleal'ly. If you use а calculatOI', write down the facts supporting уош conclusion that your calculator gave you.

1. The smallest pгime greater than 1000. ( Cleal'ly 1001 doesn't wOI'k, so tl'y 1003 and succeeding odd numbers if that's not it. ) 2. The laigest piime number less than 1000 ( it's not 999) . 3. The smallest prime gгеаtег than 10000. 4 . The lal'gest prime less than 10000. 5. The pl'ime factOI'ization of 3153235554.

3-13

3.3

3.3.1

Modular Arithmetic

Arithmetic on Congruence Classes

We asse1·ted in Section 3. 1 that if we have two congгuence classes with the same base, such as { х : х ends in 7} and { х : х ends in 4}, we can "add" and "multiply" them to get а new congгuence class with the same base. In the example, 27 · 4294 and 3567 · 204 are each going to end in 8, and 27 + 4924 and 3567 + 204 аге each going to end in 1 . Is it obvious that we can take the sum or product of two classes like this? Peгhaps, but we are making а particular claim in each case, that it doesn't matter which representative fIOm each class we choose, as long as we only саге about the congruence class of the result. For addition, we can state this claim ( "that addition on congruence classes is well-defined" ) in the pгedicate calculus as follows:

\:/r : \:/а : \:/Ь : \:/с : \:/d : [(а ::::::: Ь ( mod r) ) /\ (с ::::::: d ( mod r))]

-t

(а + с ::::::: Ь + d ( mod r))

Let' s use our гules fог the pгedicate calculus, and our knowledge of arithmetic, to prove this claim. We let r, а, Ь, с, and d Ье aгЬitrary and assume both а ::::::: Ь ( mod r ) and с ::::::: d ( mod r ) . Actually а more useful fшm for а ::::::: Ь ( mod r) in this case is D (r, а - Ь) ог 14 Эi : а = ir + Ь. Similaгly the other assumption can Ье written Эj : с = jr + d. Although wе'ге trying to shovv that it's all right to add congruences, we know we can add equations over the integers, so adding these two equations togetheг we get а + с = ir + Ь + jr + d = (i + j)r + (Ь + d). Now we've just calculated the difference between а + с and Ь + d as (i + j )r, and r clearly divides this diffeгence, so we have that а + с ::::::: Ь + d ( mod r ) . The argument for mнltiplying two congгuences involves а Ьit mще arithmetic but i s very similar. We first let r, а, Ь, с and d Ье arЬitrary as above vvith the same assнmptions - our goal is to show that ас ::::::: Ьd ( mod r). Again the assнmptions give нs Эi : а = ir + Ь and Эj : с = jr + d, so ас = (ir + Ь)(jr + d) = ijr 2 + ird + Ьjr + Ьd = r(ijr + id + Ьj) + Ьd. As before, r clearly divides the difference between the two nнmbers in question, so they ar-e congгuent modнlo r. lt's not haгd to show ( see Exercise 3.3.2) that we can subtract two congruences with the same base. What about dividing? Let's first review exactly what dividing one natural Ьу anotheг really means. In the геа! numbers, every real number- х ( except zero ) has а multiplicative inverse х -1 , another геаl numbeг that gives 1 when multiplied 15 Ьу х. This is not true over the integeгs, as 1 and - 1 have inverses Ьнt no otheг numbeгs do ( within the data type o f the integeгs) . "Dividing Ьу х " is the same thing as "multiplying Ьу х -1 " , so the existence of inveгses controls whether we are аЫе to divide while staying within the data type 1 6 . What about оuг new "numbers" , the congгuence classes? If we look at the congruence classes modulo some base r, do they have inveгses? An inverse of х now means а numbeг у such that 14 We сап either allow i to Ье а possiЬ!y negative integer, ш switch the roles of а and Ь if necessary so that а is large1·. 15 Why 1 ? Because 1 is the multiplicative identity, in tl1at х · 1 = 1 · х = х for any real number х . Remember f1·om Section 2.9 that the inverse of а function f is the ftшction that gives the identity function \Vhen composed with

f.

16 Yes, \Ve have the Java / and % operators over the integers, but they аге not the same thing as division - here Ьу "division" we mean the inverse ope1·ation of multiplication.

3-14

ху = 1 ( mod r). ( Or, equivalently, that ху + kr = 1 for some integer k. We can express the predicate "х has an inveгse modulo r" Ьу the quantified statement 3k : ху + kr = 1 . ) As it happens, sometimes they exist and sometimes they don't. Fог example, 5 is an inveгse of 1 1 modulo 6, because 5 · 1 1 = 1 ( mod 6) . But 4 has n o inveгse modulo 6. Can you see why? То explain exactly when inveгses exist, we need to Ieview some definitions fmm PmЫems 3 . 1 .3, 3 . 1.4, and 3 . 1 .6. Definition: Let а and Ь Ье any two naturals. We say that а and Ь аге relatively prime if they have no common factoг. That is, theгe is no number с > 1 such that both D(c, а ) and D(c, Ь) . Definition: The greatest common divisor of two naturals 1 7 а and Ь, >vгitten gcd( а, Ь) , is the lмgest natural that divides both а and Ь. So Ьу definition, а and Ь aie гelatively piime if and only if theiг gгeatest common divisor is 1 . The least common multiple of а and Ь, wгitten lcm(a, Ь) , is the smallest numbeг с such that а and Ь both divide с. We proved in ProЫem 3 . 1 . 5 that lcm(a, Ь ) = аЬ/gcd(a, Ь) . These definitions allow us to state а useful result that we'll prove slюrtly: Inverse Theorem: А natural а has an inveгse mod т if and only if а and т are гelatively prime.

3.3.2

The Euclidean Algorithm

First, though, if we аге given two naturals, how could we deteгmine >vhetheг they аге гelatively pгime? This ргоЫеm, like many otheгs in this area, was solved Ьу the ancient Greeks. The Euclidean Algorithm inputs two numbeгs and outputs theiг gгeatest common divisoг. Call the input numbeгs ао and а 1 . Compute the quotient (а0/а1 in Java) and the гemaindeг (аО % а1 in Java) . Now set а2 to Ье the remaindeI аО % а 1 . Then set а 3 to Ье а1 % а2, and so on. Eventually you will get an ak that is equal to zeio. ( Can you explain why? ) . Once this happens, ak - 1 is our desired gгeatest common divisoг. Here's an example with ао = 72 and а 1 = 46:

72 % 46 46 % 26 26 % 20 20 % 6 6%2

26 20 6 2 о

So the sequence of a's is ( 72, 46, 26, 20, 6, 2, О ) and а 5 = 2 is the gгeatest common divisoг. То see why we get the gгeatest common divisoг, let's гewгite the sequence also showing the successive 1 7 The t\vo naturals common factш.

О

and

О аге

not relatively prime, and they (unlike any other pair of naturals) have

3-15

по

gieatest

quotients - the / numbers:

72 46 26 20 6

1 . 46 + 26 1 . 26 + 20 1 . 20 + 6 3.6+2 3·2+0

Because the last remainder is О, we know that 2 divides 6. Because 2 divides both 2 and 3 · 6 (the latter because it divides 6 ) , it divides 20. Each of the numbeгs 26, 46, 72 must also Ье multiples of 2, because they аге each а sum of multiples (а linear comblnation) of nнmbeгs alгeady known to Ье multiples of 2. Thus 2 (ог in geneгal the output of the algoгithm) divides both 46 and 72 (ог in geneгal, the inputs) . In paгticulaг, if the oнtput is not 1, the inputs are not гelatively pгime. Conveгsely, suppose some natuгal х divided both 72 and 46. Because 26 is the difference of two mнltiples of х, it mнst itself Ье а multiple of х. Similaгly, so must Ье 20, 6, and 2. Внt now we know that any common divisoг divides 2, and 2 is а common divisoг, so it must Ье the gгeatest common divisoг (similaгly, the output will always Ье the greatest common divisor of the inputs) . In paгticular, if the output is 1, any common divisoг divides 1 and the inputs are relatively prime. We have shown: Proposition: On input а and Ь.

а

and Ь, the Euclidean Algorithm outputs the gгeatest common divisoi· of •

The same calcнlations tell нs all we need to know about the existance of an inverse for а1 modulo If ао and а1 have а common factor greater than 1 , as in оuг example of 4 and 6 above, any lineaг comЬination of the inputs will also have that same common factor, and it is impossiЫe fш that linear comЬination to equal 1. On the other hand, sнppose the oнtput of the Eнclidean algoгithm is 1. We can use tl1e aritl1metic from the algorithm to show that 1 is а linear· comЬination of the inpнts, and hence that an inverse exists. Fiгst, here's the calculation fог the example above, showing that the output 2 is а linear comЬination of the inputs. We begin Ьу expressing the numbers 72 and 46 themselves as linear comЬinations of 72 and 46: ао .

72 46

1 . 72 + о . 46 о . 72 + 1 . 46

3-16

Now since we know that 26

= 72 - 46, we can suЬtract the second equation from the first to get:

26

And again, since 20 gives:

1 . 72 - 1 . 46

= 46 - 26 and 6 = 26 - 20, subtracting each equation from the one Ьеfше it

- 1 . 72 + 2 . 46 2 . 72 - 3 . 46

20 6

Now, because 2 = 20 - 3 · 6, we can oЬtain а linear comЬination for 2 Ьу suЬtracting three times the last equation from the equation Ьеfше it:

- 7 . 72 + 11 . 46

2

Thus 2 is shown to Ье

а

linear comЬination of 72 and 46.

Now let's try the same thing for two naturals that are relatively prime, 72 and 47. First we run the algшithm to show that they really are relatively prime, saving the quotient of each division for later use:

72 47 25 22 3

1 · 47 + 25 1 . 25 + 22 1 · 22 + 3 7.3+1 3·1 +о

Now we can calculate 1 as а linear comЬination of 72 and 47. Each line of the derivation above tells us how to get the next lineaг comЬination - for example, since 22 = 7 · 3 + 1 and thus 1 = 22 - 7 · 3, we will subtract seven copies of the linear comЬination for 3 from the linear comЬination for 22 to get а linear comЬination fог 1.

3-17

72 47 25 22 3

1 . 72 + о . 47 о . 72 + 1 · 47 1 . 72 - 1 . 47 - 1 . 72 + 2 . 47 2 . 72 - 3 . 47 - 15 · 72 + 23 · 47

Now we can just геаd off the inveгse of 47 modulo 72 - it is 23, because we can see that 23 · 47 diffeгs from 1 Ьу а multiple of 72 and is thus congгuent to 1 modulo 72 . (In fact 15 · 72 = 1080 and 23 · 47 = 1081 - if you want to see the роwег of this method imagine seaгching Ьу t1·ial and епш fог а multiple of 72 and а multiple of 47 that diffeг Ьу one. ) (How would you get the inveгse of 72 modulo 47 - do уон need any тоге calculations?) It's woгth noting that нnlike the tests fог pгimality we discнssed еагliег in Section 3. 1 , this algoгithm is actually pгactical fог laгge inputs. То see this, consideг numbers of, say, 1 00 digits. It can Ье proven 18 that the Euclidean algшithm on such numbeгs will teгminate in а few hundгed steps (it takes linear time in the size of the input) - bad for hand calculation Ьнt fast fш а computeг 19 . On the otheг hand, to test the piimality of а 1 00-digit number Ьу the methods we've descгibed would Ье inconceivaЬle. Уон would have to tгу individнally еvегу nнmЬег нр to the 50-digit sqнаге гооt, ог 1050 numbeгs. Making an Eгatosthenes sieve would mean constгucting а data stгuctuгe of 10 1 00 Ьits. Тhеге are betteг pгimality testing methods, Ьнt they аге beyond the scope of this book 20 . The ргоЫеm of factoring а composite numbeг (гаthег than just showing that it is composite) seems to Ье much hагdег - at the moment no pгactical method to factoг an агЬitгагу 250-digit numbeI is known. We'll see in Section 3. 1 1 that the pгesumed difficulty of this ргоЫеm is the basis of the RSA puЫic-key cryptosystem.

3.3.3

Exercises

Е3. 3 . 1 Calculate the following quantities: (а) 3 · 4 + 5 (mod 7) (Ь) 2 · 10 + 3 4 · (4 + 9) (mod 1 1) ·

( с ) ( ( 13 - (4 · 6)) · 2) + 3 (mod 23) Е3.3.2 If r, а, Ь, с, and d аге any five numbers such that а = Ь (mod r) and с = d (mod r), ргоvе that а - с = Ь - d (mod r ) . 18 We do this in Section 4 . 1 1 . 19 Though o f course you couldn't code 100-digit numbers a s int o r even long variaЬ!es in Java, s o what might you do instead? 20 In 2002 AgrawaJ, Kayal, and Saxena gave the first algorithm that always gets the right answer and tests an n-digit number in а time bounded Ьу а polynomial in п (proportional to about п 1 2 ) . Thus the proЬ!em of pгimality testing in in the class Р discussed in Section 10. 1 1 . ln pгactice, the method generally used is much fasteг than this, but poses а tiny гisk of falsely identifying а composite numbeг as pгime. We'll say more about this in Excursion 3.10.

3-18

Е3.3.3 Showing all the steps, use the Euclidean Algorithm to find the greatest common divisors of the following pairs of naturals: (а) 315 and 453.

( Ь ) 317 and 453. (с) 4096 and 1 729.

( d ) 377 and 610. ( е ) 1367439 and 1025677. Е3.3.4 If а has an inverse modulo r, can you necessarily conclude that r has an inverse modulo а? Why or why not? Е3.3.5 Find the inverse of: (а) 144, modulo 377. (Ь) 5 1 1 , modulo 512. (с) 37, modulo 512.

( d ) 512, modulo 37. Е3.3.6 Let а , Ь, and с Ье any three positive naturals, with Ь :::; с. What happens vvhen we run the Euclidean Algorithm with inputs аь and ас? What is the greatest common divisor of these two numbeгs? Е3.3.7 ( uses Java) Неге we want а real-Java static method int еА ( int а , int Ь) that гeturns the gгeatest common divisoг of а and Ь, calculated Ьу the Euclidean Algoгithm. (а) vVгite such а method that uses а loop.

( Ь ) Wгite such а method that calls itself гecuгsively. Е3.3.8 ( uses Java) Consideг the following alteгnate veгsion of the Euclidean Algoгithm: puЫic stat i c natural simpleEA (natural а, natural Ь) { if (Ь О) return а ; i f ( Ь > а) return simpleEA (Ь , а) ; return simpleEA ( a Ь , Ь) ; } ==

-

(а) Тl·асе the execution of simpleEA on inputs 4 and 10.

( Ь ) In the last line, how can we Ье sure that the subtгaction а

-

Ь does not have а negative

гesult?

(с) Explain why simpleEA outputs the greatest common divisor of а and Ь. ( Hint: Aгgue that its output is the same as the last nonzero number in the sequence from the original Euclidean Algoгithm on input а and Ь.)

Е3.3.9 Let f and g Ье polynomials, in one variaЬle х, with геаl number coefficients. Define the relation D(f, g) to mean 3h : f h = g, that is, "! divides g" . (а) Piove that D is refiexive and tгansitive, but is not а pal'tial oгder on polynomials because it is not antisymmetгic.

3-19

( Ь ) А monic polynomial is one whose highest-degree coefficient is 1. Show that D is а partial order on monic polynomials.

( с ) Prove that for any nonzero polynomial р, there exists а monic polynomial m such that D (m , p) and D (p, m) are both tгue.

Е3.3 . 1 0 Prove carefully that if а = qb + r, where all fош numbers аге naturals, and а and Ь are each integer linear comЬinations of two other naturals m and п, that r is also an integer linear comЬination of m and п.

3.3.4

ProЬlems

Р3.3.1 Show that if х and у are relatively prime, апу integer z can Ье written as а lineaI comЬination ах + Ьу = z, wheie а and Ь are integeis. Illustiate this Ьу writing 343 as а lineaI comЬination of 1 729 and 4096. If х and у aie not Ielatively piime, "vhich integeis can Ье wгitten as lineaг comЬinations of х and у? Р3.3.2 Let п Ье any natural. Define ln to Ье the set of all naturals а such that а < п and а and п are гelatively pгime. The Euler totient function ф(п) is the size of ln . (а) (Ь ) (с ) (d) (е ) (f)

Descгibe the sets 11 1 and 112 Explain why ф(п) = п - 1 if and only if п is piime. Explain why if п is а poweI of 2, otheг than 2° = 1 , then ф(п) = п/2. Explain why а пatural а < п has an inveгse modulo п if and only if it is in ln. Show that if а and Ь aie in ln, then а · Ь is congгuent modulo п to а member of ln. Give an example wheie а and Ь are in ln but а + Ь is not congгuent modнlo п to any membeг of ln.

Р3.3.3 Poweгs аге defined in modulaг arithmetic just as in oгdinary aгithmetic: x i ( mod m) is simply х · х · . . . х ( mod m) wheгe there are i copies of х in the sнm. For each of the values 8, 9,10, 1 1 , 12, and 13 fог m, calculate 2i ( mod m) for i fшm О to 20. In each case, find а geneial rule that will tell you 2i ( mod m) for largeг i. Justify your geneial rule as convincingly as you can. ·

Р3.3.4 We have defined the factorial п! of а natural п to Ье the product of all the naturals from 1 throнgl1 n, with О! being defined as 1. Let р Ье an odd prime numbeI. Proye that (р - 1 ) ! is congruent to - 1 modulo р. ( Hint: PaiI as many numbeis as you can with their multiplicative inveises. ) Р3.3.5 We have shown that two positive naturals а and Ь are Ielatively pгime if and only if some integer linear comЬination of them equals 1, that is, if and only if ::3х : ::3у : ах + Ьу = 1 wheie х and у range oveI the integeгs. An equiYalent definition, with и and v ranging over the naturals, is ::3и : ::3v : аи = bv + 1 . Prove each of these two statements fтom the otheг. Р3.3.6 ( uses Java) Write а Ieal-Java method that inputs two int values а and Ь ( which you may assume to Ье positive ) and returns the inveгse of а modulo Ь.

3-20

Р3.3.7 In Exercise 3.3.9 we defined а division relation D on polynomials in one variaЫe х, Ьу saying that D (f (x ) , g(x) ) is true if and only if the exists а polynomial h(x) such that f (x ) h (x ) = g(x) . Given this definition, we can try to find the "gгeatest" common divisoг of two polynomials with an analogue of the Euclidean Algorithm. Неге "greatest" means "with the largest possiЫe degгee" . (а) If р ( х ) and s(x ) аге any polynomials in х, with real coefficients, argнe that theгe must exist polynomials q (x ) and r (x ) such that s(x ) = p(x)q(x) + r ( x ) , and either r = О or the degree of r is strictly less than the degгee of р. (Hint: The process of finding q and r is much like long division in decimal arithmetic.) (Ь) Prove that if s = pq + r as in part (а) , and any polynomial t divides both р and s, it also divides both р and r. (с) Prove that if s = pq + r as in part (а), any common divisor of р and s is also а divisor of r.

( d) Ву гepeated division as in the Euclidean AlgOiithm, find а monic greatest common divisoI of х3 + 6х 2 - х - 30 and х 2 - 2х - 35. ( е) Find two polynomials that have two diffeгent "gгeatest" common divisOis of the same degree. That is, each common divisOI has degree d, and no common divisOI has degree greater than d.

Р3.3.8 А chess knight, on one tнrn, moves eitheг two sqнaгes veгtically and one hOiizontally, 01' two horizontally and one vertically. If we consider а knight starting at the point ( х, у ) in Z х Z , i t has eight possiЬle moves, t o ( х + 1 , у + 2 ) ( х + 1 , у - 2 ) , ( х - 1 , у + 2) , ( х - 1 , у - 2 ) , ( x + 2, y + l ) , ( х + 2, у - 1 ) , ( x - 2, y + l ) , or ( х - 2, у - 1 ) . (а) Ргоvе that given any two points ( х, у ) and ( х', у' ) in Z х Z, tl1ere is а sequence of knight moves fгom the fiгst point to the second. (Ь) Let а and Ь Ье different positive natнrals. An (а, Ь)-knight also has eight possiЬle moves, fгom (х, у ) to (х ± а, у ± Ь) 01' ( х ± Ь, у ± а ) . What conditions on а and Ь allow the (а, Ь)-knight to go from any point in Z х Z to any other? Prove your answeI. (с) If а and Ь do not meet the conditions of рагt (Ь), exactly which points can the (а, Ь ) knight Ieach fгom ( х, у ) ?

­

Р3.3.9 Неге is а "multiplication" opeгation on stгings оvег the alphabet {а, Ь, с, d} . We concatenate the strings, but wheneveI we cieate а paiI аЬ, Ьа, cd, ог dc Ьу concatenation, we delete it. If the deletion cгeates another such paiI, we delete that as well, until we Ieach а stiing that has no sнch paiI. FoI example, (acb) (adc) = ас(Ьа)dс = acdc = a(cd)c = ас. Two stiings aie called "multiplicative inveгses" if they "multiply" to Л. (а) Show that eveiy stiing has а multiplicative inveise, and indicate how to find it. (Ь) We say that а stгing is in "nOimal fOim" if it has none of the four foIЬidden paiis. Show that if а string is in noгmal foгm, it has exactly one inveгse that is in noгmal fOim.

Р3.3.10 Let f Ье а Ьijection on the set { 1 , . . . , п }. We know that f has an inveгse function. А transposition on а set is а Ьijection that switches two elements i and j and fixes all other elements. That is, t(i) = j, t(j) = i, and t (x) = х if х (j_ { i, j} . Неге we will show that еvегу Ьijection has an inveгse that is made up Ьу composing tianspositions. 3-21

(а) Show that for апу f, either f ( n) = n or there exists а traпspositioп t such that (! ot) ( n) =

n.

(Ъ) Suppose we kпow that апу Ъijectioп g оп { 1 , . . . . n } that has g(n) = n has ап iпverse that is made up Ьу composiпg traпspositioпs. Show that with this assumptioп, апу Ъijectioп f оп the set has this property. (с) Indicate how, using the fact iп part (Ъ) , we сап write а recursive algorithm that will take апу f апd fiпd а sequeпce of traпspositioпs that compose to the iпverse of f .

3-22

3.4

3.4.1

There are Infinitely Many Primes

Specifying the ProЫem

One of the earliest-discoveгed and most important facts about the pгime numbers is that they go оп forever - however far you go in the sequence of naturals, you keep finding nevv primes. This was pгoved Ьу the ancient Greeks 21 and is still thought of as one of the simplest and most beautiful pгoofs in mathematics. If we want to use pIOof techniques fог the predicate calculus, we have the immediate ргоЫеm of stating this theOI'em in that language. We can state it in English as "There are infinitely many piimes" , but as we don't have а symbol fог "infinitely many" we still have some woгk to do. FOI"tunately, another way to say the same thing is "Given any natural а, there is а prime Ьigger than а,'' which tгanslates easily into

Va : 3Ь : (Ь > а) /\ Р(Ь) , where Р(Ь) means "Ь is prime" . We could, if we wanted, break down Р(Ь) further using the definition of pгime number'. This language fог "infinitely often" occurs faiгly fгequently in mathematics, as does its negation: we can say "there аге only finitely many х such that А(х) is tгue" Ьу negating the otheг statement and using the negation-of-quantifieI Iules to get 'За : Vb : (Ь > а) ---+ ·А(Ь)" . Following our geneial proof rules fог quantified statements, we need to let а Ье an aIЬitiary natural and prove that theie exists а prime numbel' Ь such that Ь > а. The obvious thing to do would Ье to figure out ourselves а paiticulaI piime numbeг gieateI than а, and then piove that it is piime. Curiously, we're not going to do that. Because the sequence of primes is so iпegular, finding the next pгime afteI а, fог example, turns out to Ье fаг тоге difficult than pIOving the existence of some prime greateI than22 а. Our proof won't even tell us diiectly what the prime numbeг greateI than а is ( thougl1 we could find it with а little more woгk ) .

3.4.2

The Proof

So let а Ье an arЬitrary natural. What we'll do is construct а natural z that isn't divisiЫe Ьу any of the numbeis from 2 through а. This numbel' z might or might not Ье piime itself, but as long as it has а prime divisor, that piime divisor must Ье greater than а because none of the naturals less than а ( except 1) is а divisOI' of z. So some piime gieater than а exists23 . We define

z

to Ье the factoiial of а, plus 1 , or а! + 1. ( Recall that the factorial of а nнmber

21 The proof appears iп Euclid's Elements, w'1ich isп't only about geometry. In fact aпother Greek named Eudoxus appears to have proved the result first. 22 After this theorem has Ьееп proved, of сошsе, you kпow that а simple algorithm \Vill find the next prime keep taking пumbers a + 1, a + 2, and so оп and test each for p1·imality until уон fiпd one that is prime. But before proviпg this theorem ущ1 сап't rule out the possibШty that this search coнld go оп fшever. 23 We could find it Ьу successively trying пatшals starting \vith а + 1 and seeing \vhethei- they are prime. Actually, it might Ье slightly faster to successively try these numbers to see whether they divide z , since the first number that divides z must Ье prime.

3-23

is the product of all the numbers up to and including it 24 , so that 1! = 1, 2! = 1 · 2 = 2, and 7! = 1 · 2 · 3 · 4 · 5 · 6 · 7 = 504 0. ) Now it's obvioнs that а! is divisiЬle Ьу any number up to and including а, as that number appeared in the product used to make the factorial. ( For example, 5 divides 6! Ьесанsе 6! can Ье written 5 · ( 1 · 2 · 3 · 4 · 6).) Now consider z = а! + 1. Since а! = О ( mod Ь) for any number Ь � а, we know that z = 1 ( mod Ь) ( Ьесанsе we can add congruences, as we proved in Section 3.3) . As long as Ь isn't equal to 1, this implies that Ь does not divide z. So if we believe that z can Ье factoгed into primes ( or even that it has one pгime divisor ) there must Ье some prime greater than а which divides z, and hence some prime greater than а exists.

3.4.3

Variations on

а

Theme

There are many possiЫe alternate versions of this argнment. vVe don't really саге that no natural from 2 through а divides z, as long as we're sure that no prime in that range divides z ( see the Exercises ) . So if we mнltiply together all the primes нр throнgh а and add 1 , we get а nнmber whose prime factors are also all greater than а. Моге generally, given апу set of numbeгs, we can generate а new numbeг not divisiЫe Ьу any of them, Ьу mнltiplying them all togetheг and adding 1. This ргооf is ofteп pгesented as а proof Ьу contradiction2 5 . We saw i n Chapteг 1 that vve сап ргоvе а pгoposition р Ьу assнming 'Р and deriving something absolнtely false ( а "contгadiction" ) . Let р Ье the proposition "There аге iпfinitely many primes." If we assнme 'Р, then there must Ье а finite list containing all the primes. But then if we mнltiply together all the p1·imes on this list and add 1, we get а numbeг which is not divisiЫe Ьу any pгime on the list. Since every number gгеаtег than 1 has at least one prime divisor, we have contгadicted the hypothesis that the list contained all possiЫe prime numbers. It's woгth looking at what assumptions аЬонt the natшals we took for granted in this ргооf. We assнmed that we coнld add and multiply numbers and always get new numbers 26 and that we could add congruences ( as we proved in Section 3.3, using the laws of arithmetic опlу) . The Ьiggest assнmption was that every number greater than 1 has at least one pr·ime divisoг, which we argued was true on the basis of the behavior of an algoгithm ( "try all possiЫe proper divisoгs, if you find one the first one mнst Ье prime, if уон don't the nнmber is p1·ime itself" ) . We'll see in Chapter 4 that this assumption can also Ье proved formally, from а suitaЫe definition of the naturals. Note also that this abstract proof has told us something about nнmbers that аге too laгge for нs to ever· нsе in а real compнtation. We know now, fOI' example, that there is а prime number that is too Ьig to Ье written on а 20-megabyte hard disk, because our theorem tells us that theгe is а 24 0! is 1, because an empty product (а product of no terms) is defined to Ье 1 . 25 Some mathematicians, including а school called the intuitionists, are botheI"ed Ь у proofs Ьу contradiction and prefer to turп them into di1·ect proofs whel"ever possiЫe. For ош pшposes, we may Ье satisfied that it is а valid proof technique in any situation, but direct arguments are often clearer ( this is а matter of individual taste) . Avoicling ai·gument Ьу contradiction ( called in Latin тeductio ad absuтdum) does have the advantage that you don't accidently use the invalid proof technique of тeductio ad еттаtит. This consists of assuming the negation of the desi1·ed propo­ sition and del"iving as many consequences as possiЫe, until а typographical or logical епоr results in уош deriving two consequeпces that contradict each other. 26 This isn't true of the int or long data types in Java - why?

3-24

prime number Ьigger than 2 1 6о,ооо ,ооо . Does it even make sense to talk about such absurdly Ьig 27 numbers?

3.4.4

Exercises

Е3.4.1 Let а and z Ье naturals and suppose that no prime number Ь, with 2 :::; Ь :::; а , divides z . Prove that n o composite number i n this range divides z either. Е3.4.2 Calculate the number z = а! + 1 for each value of а fl'om 1 thiough 10, and find а prime number gieater than а that divides z. (Hint: It may Ье useful to calcнlate vz fiist, to see how many piimes you will have to check as possiЫe divisol's.) Е3.4.3 Let ! (а) Ье defined to Ье the pioduct of all the primes less than or equal to а, plus 1 . (So f(6) = 2 · 3 · 5 + 1 = 3 1, for example.) (The prodнct of primes itself is sometimes called the primorial of а.) Find the smallest value of а sнch that f(a) is composite. Е3.4.4 Piove carefully that given any set S of naturals, each gieatel' than 1, there exists а single nнmbel' п sнch that fOI any number· х in S, n % х == 1. (That is, prove 'VS : ('Vx :

(х Е S) --+ (х >

1) ) --+ 3п : 'Vx :

(х Е S) --+ п%х = 1 . )

Е3.4.5 Suppose that the arithmetic progгession ( а, а + Ь, а + 2 Ь , . . . ) contains infinitely many primes. Pl'Ove that а and Ь аге Ielatively piime. (Hint: Aigue Ьу contгadiction. ) Е3.4.6 Let п Ье any positive natural. We say that а natural а with О < а < п i s а perfect square28 modulo п if а is congrнent to Ь2 modнlo п for some natural Ь. (We don't count О among the perfect sqнares, though it is the sqнare of О.) ( а ) FOI each п fгom 3 thгough 15, deteгmine which nнmbeis i n { О , 1 , . . . , п} аге perfect squares. (Ь) Pl'Ove that if а and Ь are perfect squares, so is аЬ.

Е3.4.7 Explain why, if п is odd, theгe can Ье no more than

(п - 1 ) /2 perfect sqнaгes modнlo п.

Е3.4.8 In ProЫem 3.9.5 we will prove that р - 1 is а peгfect square modнlo а prime р if and only if р = 2 or р is of the form 4k + 1. Verify this fact for the pгimes less than 20. Е3.4.9 It is also trнe that if р is а prime with р > 3, then -3 is а perfect square modнlo only if р is of the form 6п + 1. Verify this fact for all sнch р less than 20.

р

if and

Е3.4. 10 Fix а natural п and let r Ье the nнmber of primes that are less than 2 п . We know that every p;r . Thнs positive natural х with х :::; п has а factorization into primes, so that х = р�1 р�2 we have а function from the set { 1 , 2, . . . , 2п} into the set of tнples (е 1 , е2 , . . . , er ) · • • •

(а) Explain why foI any such х, each number (Ь) Why must this function Ье one-to-one?

ei

must Ье in the range from О to

п.

27 It's possiЬ!e for us to пате certain naturals that are too big to fit оп а disk, such as 1010 1 0 1 0 . But the1·e can only Ье so many naturals named Ьу reasonaЬ!y shol't stiiнgs, whateve1· 11ami11g system we adopt, because theгe ai·e он!у so тапу rеаsонаЬ!у slюrt striнgs. What if we allow нames like "the smallest наtша! that canнot Ье desciibed 011 а 20-megabyte disk" ? If this is ан allowaЬ!e наше, it fits 011 the disk, анd we have а logical proЫem k110\vn as the Richard paradox. Hofstadter describes how similar paradoxes form the basis of Godel's Theшem. 28 This is also called а quadгatic гesidue modulo n .

3-25

3.4.5

ProЫems

Р3.4. 1

Show that there are infinitely many primes that are congruent to 3 modнlo 4. ( Hint: Suppose theгe were а finite list of sнch pгimes. Construct а natural that is not divisiЫe Ьу any of them, but is congruent to 3 modulo 4. Could this пatural Ье а product only of the otheг pгimes, those congгueпt to 1 modulo 4? )

Р3.4.2 Р3.4.3

Show that tl1eгe аге iпfiпitely many pгimes that are coпgrueпt to

5 modulo 6.

ProЫems 3.4.1 and 3.4.2 should make u s wonder about the rest o f the primes, those congrнent to 1 modulo 4 ш congгuent to 1 modulo 6. Actually а 1 9th-century theorem of Diгichlet says that апу arithmetic progression а, а + Ь, а + 2Ь, а + 3Ь, . . . , with а and Ь гelatively prime, contaiпs iпfiпitely many primes. The proof of this is well Ьеуопd the scope of this book, Ьнt hеге, with some help fгom later in the chapter, we can show that there аге infinitely many pгimes coпgruent to 1 modulo 4:

( а ) If S = {р 1 , . . . , р1} is апу set of 4 k + 1 pгimes, let k = 4 · (PI . . . р]) + 1 . Aгgue that k ·

·

р that is not among the Pi 's. ( Ь ) PIOve that k - 1 is congruent to -1 modulo р, and is а perfect squaгe modulo р. must have а prime factor

( с ) Using the result referred to in ExeI"cise not in S.

3.4,8, pI'ove that there is а 4 k + 1

pI'ime that is

Р3.4.4

Assuming the fact claimed in Exercise 3.4.9, ргоvе that there are infinitely many pr·imes of the foгm 6п + 1. ( Hint: Given а finite set of such pгimes, constгuct а number k not divisiЫe Ьу any of them such that -3 is а peгfect square modulo any prime dividing k . )

Р3.4.5

Of the naturals less than 2, exactly half are relatively pгime to 2 (О is not, 1 is ) . Of the naturals less than 2 · 3 = 6, two аге relatively pгime to 6 (1 and 5) and the others аге not, so the fraction that are is 1/3. Of the naturals less than 2 · 3 · 5 = 30, exactly eight ( 1 , 7, 1 1 , 1 3 , 17, 1 9 , 23, and 29) аге гelatively prime to 30, а 4/15 fгaction. These fгactions follow а patteш: 1/2 is 2° /(1 · 2), 1/3 is 21 /(2 · 3), and 4/15 is 22/(3 · 5). This naturally leads to а conjecture: If п is the product of the first k primes, the fraction of the naturals less than п that are relatively prime to п is 2k - l /(Pk -l Pk) , wheгe Pk -l and Pk aI"e the ( k - l ) 'st and k'th pгimes гespectively. Investigate this conjecture for lагgег k. Can you ргоvе ш dispIOve it? ·

Р3.4.6

А Fermat number is а natural of the form Fi = 22; + 1, where i is any natural. Iп 1730 Goldbach used Feгmat numbers to give an alteшate pl'Oof that there are infinitely many pгimes.

( а ) List the Fermat nнmbers Fo , F1 , F2 , Fз , and F4 . ( Ь ) Ргоvе that fог any п, the product F0 · F1 Fn is equal to Fп н 2. ( с ) Argue that no two diffeгent Fermat numbeгs can shaгe а prime factoг. Since tl1ere аге · . . . ·

-

infinitely many Fermat numbers, theгe must thus Ье infinitely many primes.

Р3.4.7

Неге is yet another pI"oof that there аге infinitely many pгimes, due to Filip Saidak iп

( а ) Let п Ье any natural with п > diffeгent pгime factors.

1.

2006.

Argue that N2 = n ( n + 1 ) must have at least two

3-26

( Ь ) Define Nз = N2 (N2 + 1 ) . Argue that Nз must have at least three different piime factois ( N2 's two, plus at least one mще ) . ( с ) Continue the argument to show that foI any numbeI k, theie must Ье а natшal with at least k diffeient piime factщs, and hence that theie must Ье infinitely many piimes.

Р3.4.8 Using the Iesult of Exeicise 3.4. 10, we can get one mоге proof that theie аге infinitely many piimes. Suppose that fщ any п, the number r of primes that are � 2п was bounded Ьу some fixed number с. Show that the function given Ьу prime factorization cannot Ье one-to-one if п is sufficiently laige. Р3.4.9 Let r(n) Ье the number of primes that aie less than or equal to 2 п , А natшal question, once we know that r( п) is unbounded, is to estimate how fast it gl'Ows with п. The Prime Number Theorem says that is proportional to 2 п /п, but proving that is beyond us here. What can we show given the result of Exercise 3.4. 10? That is, how large must r(n) Ье to allow the function from { 1 , . . . , 2п } to {О, 1, . . . , п У to Ье one-to-one? Р3.4 . 10 Неге is an aigument that gets а betteI lower bound on the function r (n) from PioЬlem 3.4.9, though it uses an assumption that we are not yet аЫе to prove. Consider finding all the primes less tlian 2 п with а Sieve of Eratosthenes. We begin with 2 п numbers. Removing multiples of 2 eliminates 1/2 of them. Removing multiples of 3 removes 1/3 of them. Ош assumption will Ье that it removes 1 /3 of the numbers remaining after tl1e multiples of 2 have been removed. Then we will assume that removing multiples of 5 eliminates 1 /5 it of those remaining, and so forth. We know that once we have eliminated all multiples of pгimes that are at most ,j2rt = 2п/2 , the numbeis remaining aie prime. (а) Given оuг assumptions, explain why the eventual fiaction of numbeis remaining is more than ( 1/2) (2/3) (3/4) . . . ((2п2 - l )/2n /2 ).

( Ь ) Explain why the result of part ( а ) implies that r(n) � 2п/2 .

3-27

J U LY 201 9

s

м

т

w

1

2

3

8

15

G)

21

22

23

7

8

2в

@

s

м

16

30

10 17

@

т

F

s

0 12

13

5

11

18 25

@ 26

6

20 27

31

AUGUST 201 9

4

5

11

12

@

19

@

26

27

25

w

т

F

1

2

14

0

21

22

7

6

20

т

@

9

15

29

16

@ 30

s

Ci 10

17 24 31

@Kendall Hunt PuЫishing Соmрапу

Figure 3-4: Pill days are circled - pill-Wednesdays come every five weeks. 3.5

3.5.1

The Chinese Remainder Theorem

Two Congruences With Different Moduli

Suppose that you have to take а pill every five days. How often will you take your pill on а Wednesday? This is an example of two interacting periodic systems that can Ье analyzed using numbeг theory. Assign а natural to each day, peгhaps Ьу taking the days since some arЬitrary starting point 29 , and notice that our two conditions can Ье descгibed Ьу modular arithmetic. Day number х is а Wednesday if and only if х = с (mod 7) , wheгe с depends on the day of the week of our starting point. Similaгly, day number х is а pill day if and only if х = d (mod 5) , wheгe again d depends on the staгting point. The nнmbeгs of the days that аге both Wednesdays and pill days will Ье those naturals х that satisfy both of these congruences. We've seen how to work with mоге than one congruence with the same base, Ьнt hеге we have two congгuences with different bases. How do we solve such а system of congruences? А Ьit of playing aroнnd with the above example (see Figure 3-4) will show that the special days арреаг to occur exactly еvегу 35 days, and this is an instance of а general phenomenon first noted in ancient China30 : The Chinese Remainder Theorem ( Simple Form ) : If т and п are гelatively pгime, then the two congmences х = а (mod m ) and х = Ь (mod п ) аге satisfied if and only if х = с (mod mn) , where с is а natural depending on а, Ь, т, and п. 29 Astronomers, fог example, start counting with 1 January 4713 В.С., the start of the "Jнlian Period" . 30 The proЫem is solved in Master Sun's Mathematical Manual fтom the 3rd centшy С.Е. (for an example with the

three modнli 3, 5, and 7), and Ьу the fifth-centшy Indian mathematician-astronomer Aryabhata. The earliest known detailed general solнtion is Ьу the Chinese mathematician Qin Jiushao in 1247.

3-28

We'll soon piove this simple foim of the theoiem and then move to the full statement of it, involving mше than two congIUences. But fixst, why do we need the pait about т and п being Ielatively piime? If we don't have it, the conclusion might Ье false, as in the example of the two congiuences х = 1 (mod 4) and х = 4 (mod 6) which have по solution (Why not?). In РщЫеm 3.5.3 we'll look at how to solve an aIЬitшiy system of congruences (or determine that it has no solution) Ьу converting it iвto а system wheie the bases are relatively prime. Proof of the Simple Form of the CRT: We need to show that х = а (mod m) and х = Ь (mod п ) if and only if х = с (mod тп) , which means that we need to first define с and then show both halves of а logical equivaleвce. Our main teclшical tool will Ье the Inverse Theorem, which tells us (since т and п are relatively prime) that there are two integeis у and z such that ут + zn = 1 . This implies both у т = 1 (mod п ) ( у i s the inverse o f т modulo п ) and zn = 1 (mod m ) ( z i s the inverse o f п modulo m). То construct с , we'll use these congruences and our facts about multiplyiвg авd addiвg congruences oveI а single base. То get something congruent to а modulo m, we can multiply both sides of the congruence zn = 1 (mod m ) Ьу а to get azn = а (mod m). (If we like, we can think of this as multiplying Ьу the congruence а = а (mod m) . ) Similarly, multiplying the other congruence Ьу Ь gives us Ьут = Ь (mod п). Now we can notice that the left-hand sides of each of these congruences are congruent to О modulo the other base. So if we add the congruence Ьут = О (mod m) to azn = а (mod m) , we get azn + bym = а (mod m ) , and similarly we can get azn + bym = Ь (mod п). Setting с to Ье azn + Ьут, then, we have а solution to both congiuences. Fщthermшe, as long as х = с (mod тп) , х is equal to c + kmn fш some integeI k, and since both т and п divide kmn we know that х will satisfy both congiuences as well. It Iemaiвs to show that if х satisfies both х = a (mod m) and х = Ь (mod п ) , then it satisfies х = с (mod тп) as well. Let d = х - с. It's easy to see that d = х - azn - Ьут is divisiЫe Ьу both т and п, using the arithmetic above. We need to show that d is divisiЬle Ьу тп, using the fact that т and п aie Ielatively piime. If d = О this is trivially true - if not we may run the Euclidean Algoiithm3 1 to fiпd the gieatest common divisoI of d and тп, which we'll name q. This

q must Ье а common multiple of т and п because both these numbeis divide both d and тп, and the Euclidean Algoiithm will pieseive this piopeity. But Ьу PioЬlem 3.1 .5, because т and п aie Ielatively piime, we know that тп is theiI least common multiple, making тп = q the only choice. Since q divides d, we aie done - х and с are congшent modulo тп. •

Example: Suppose that we need to solve the two congIUences х = 4 (mod 15) and х = 8 (mod 16) . Since т = 15 and п = 16 aie гelatively piime, the Chinese Remaindeг Theшem tells us that the solution will Ье of tl1e foim х = с (mod 240) . In small cases, it's often easiest to find с Ьу tiial and епш - in this example checking 8, 24, 40, and so on until we IUn into а numbeг that is congгuent to 4 modulo 15. But let's go thiough the geneial solution method. We have а foimula fш с, but it Iequiies the inveises of 15 авd 16 modulo each otheI (у and z in the expiession azn + Ьут). Since 16 = 1 (mod 15), we can take z = 1, and since 15 = - 1 (mod 16) we can take у = 1 OI у = 15 (If we weieп't so lucky we'd have to use the Euclideaп Algorithm to get the inverses, as in Section 3.3.) This gives us с = 4 · 1 · 16 + 8 · ( - 1 ) · 15 = 64 - 120 = -56 = 184 (mod 240). -

31 Actually d

тау

Ь е negative, but if s o w e may run the Euclidean Algorithm o n - d and

3-29

mn.

.

3.5.2

The Full Version of the Theorem

If we have mше than two congruences, the condition on the bases becomes а little more complicated. If any two of the bases have а common factш greater than one, it might Ье impossiЬle to satisfy those two congruences together-, and thus definitely impossiЫe to satisfy the entire system. So to have а solution, we need to have the bases Ье pairwise relatively prime, which means that any two of them are гelatively prime to each other. The Chinese Remainder Theorem ( Full Version ) : Let m 1 , m 2 , . . . , m k Ье а sequence of positive naturals that are pairwise relatively prime. Any system of congгuences х = а 1 (mod m 1 ) , х = а2 (mod m2 ) , . . . , х = ak (mod m k ) i s equivalent t o а single congгuence х = с (mod М ) , where N I = m 1 · m2 · . . mk and с i s а natural that depends o n the ai 's and o n the m/s. .

Proof: If m 1 , m2 , . . . , m k are paiгwise relatively prime, then the numbeг m 1 m 2 must Ье relatively pгime to each of the numbers m3 , m4 , . . . , m k . (We'll prove this as Exeгcise 3.5. 1 . ) So if vve apply the simple fшm of the Chinese Remaindeг Theшem to tl1e fiгst two congгuences, getting а single congruence х = Ь (mod m 1 m2 ) , we аге left with а system of k - 1 congruences whose bases are pairwise гelatively pгime. Similarly, we сап comЬine this пеw first congrueпce with the third using the simple form of the theorem, and continue in this way until there is only one congruence left 32 . Because we аге multiplying bases each time that we comЬine congruences, this last congmence has the desiгed form. And siпce at each step we replaced а system of congruences Ьу an equivalent system (one which was satisfied Ьу exactly the same values of х ) , the last сопgгuепсе is equivalent to the original system. Alternatively, we can calculate с diгectly and vel'ify that it wol'ks, just as we did fш the simple theorem. For each base mi , we can calculate an invel'se ni fш the natural M/mi modulo mi , because this number is гelatively pгime to mi · Then aini (M/mi) is congment to ai modulo mi , and congruent to О modulo any of the other bases. If we set с to Ье a 1 n 1 (M/m 1 ) + a 2 n 2 (M/m2 ) + . . . + a k (M/mk ) , then с satisfies all k of the congгuences in the system. If х = с (mod NI) , then х - с is divisiЫe Ьу each of the bases mi , and aгguing as in the simple form of the theoгem we can show that х - с must Ье divisiЬle Ьу М . • То illustгate the full version of the theшem, let's I'eturn to our initial example. Suppose that along with pill days whenevel' х = 3 (mod 5) and Wednesdays whenever х = 4 (mod 7 ) , we now introduce massages еvегу six days, wheneveг х = О (mod 6). The full veision of the theшem says that all three events will happen exactly when х = с (mod 210) , for some value of с. То calculate с, we need the numbers mi ( 5 , 6, and 7 ) , the numbeis ai ( 3, О, and 4), the numbeгs M/mi ( 42, 35, and 30 ) and the numbeгs ni (the invel'se of 42 modulo 5 which is 3, the inverse of 35 modulo 6 which is 5, and the inverse of 30 modulo 7 which is 4) . Then с

a 1 n 1 (M/m 1 ) + a2 n2 (M/m2 ) + азnз( М/mз) 3 . 3 . 42 + о . 5 . 35 + 4 . 4 . 30

378 + 480 = 858 = 18 (mod 210 ) .

32This argument is а bit informal because we don't yet have fшmal techniques to deal with the " . . ." in the statement of the proЬ!em - this will Ье remedied in Chapter 4.

3-30

We can easily check that 18 satisfies the given three congruences. One use of the Chinese Remainder Theorem is а method to store very large naturals on а parallel computer. If you know what х is congruent to modulo several different laгge prime numbeгs ( pгime numbeгs аге necessarily pairwise relatively pгime ) , the theorem says that this specifies х modulo the pгoduct of those primes. Suppose that х does not fit on а single machine word, but that each of the remainders ( modulo the different primes ) does. You can put each of the remainders on а different processor and you have in а sense stored х in а distributed way. If you want to add ог multiply two numbers stoгed in this way, it can Ье done in parallel, as each processor can сапу out the operation modulo its pгime. The only proЬlem is that you have to comЬine all the remainders in order to find out what the result really is in ordinary notation. But if you have to do lots of parallelizaЫe operations before computing the answer, it might Ье worthwhile to do all of them in parallel, and convert the answer to ordinary notation at the end.

3.5.3

Exercises

Е3.5.1 Prove that if m 1 , m2 , . . . , m k are pairwise relatively prime, then each of the numbers mз, m4 , . . . , m k ·

m 1 m2

is relatively prime to

Е3.5.2 Find а single congruence that is satisfied if and only if х = 9 ( mod 1 1 ) , х = 6 ( mod 12), and х = 3 ( mod 13) . Е3.5.3 Неге аге three systems of congruences where the bases are not paiгwise relatively prime. You are to find all solutions to each system, or show that no solution exists. ( Hint: What do the conditions say about whether х is even or odd? )

( а ) х = 5 ( mod 6) , х = 7 ( mod 8), х = 3 ( mod 10). ( Ь ) х = 11 ( mod 12), х = 9 ( mod 14) , х = 5 ( mod 16) . (с) х = 7 ( mod 9 ) , х = 4 ( mod 10), х = 10 ( mod 12). Е3.5.4 Suppose two integers х and у satisfy the congruences х = 4 ( mod 7) , у = 2 ( mod 7) , х = 3 ( mod 8), у = 1 ( mod 8) , х = 7 ( mod 9 ) , and у = 5 ( mod 9 ) . What are the residues of ху modulo 7, 8 , and 9? Find а number z less than 504 such that xyz = 1 ( mod 504) . ( Hiпt: Find the residues of z modulo 7, 8, апd 9 first, апd you пееd сапу out the Chinese Remaindщ Theoгem pшcess only once. ) Е3.5.5 We say that three natшals а, Ь, and с are relatively prime if there does not exist а single number d > 1 that divides all three. Give ап example of three natшals that are relatively prime, but not pairwise relatively prime. Е3.5.6 About а thousand soldiers are marching down а road, and theiI commandeI would like to kпow exactly how many there аге. She ordeis them to liпe up in rows of seven, and learns that there are six left oveI. She then Oiders them to line up in rows of eight, and there aie seveп left over. Finally, she orders them into Iows of nine, and there are three left oveI. How many soldiers are in the gioup? Е3.5.7 Someoпe on the iпternet, calliпg themself MI. RabЬit , has agieed to sell me а file of gov­ ernment secrets fOI $100. However, RabЬit will accept payment only in one of two оЬsсше 3-31

cryptocurrencies, Batcoins (currently worth $51 each) and Twitcoins (currently worth $32 each) . For technical reasons, Batcoins and Twitcoins cannot Ье broken into fгactions like Bitcoins - they must Ье transferred entirely or not at all. Both RabЬit and I have plenty of each kiпd of coin availaЫe. How сап I рау RabЬit exactly $ 100 Ьу transferring integer numbers of Batcoins and/or Twitcoins fl'Oт те to RabЬit and/or from RabЬit to те? Е3.5.8 Мг. Lear, an elderly тап with thгee daughters, is тaking arrangeтents fи his l'etiгement. His bank accounts are accessed Ьу а foш-digit code, which we may think of as а natural less than 10000. Не gives each of his daughters pal'tial infoгmation about х, so that none of theт сап determine х оп her оwп. Не tells Cordelia the remaiпder х%97 froт dividing х Ьу 97. Не tells Goneril х%1 15, and tells Regan х%1 19. Explain why any two of the daughteгs, Ьу coтЬining theiг infoгтation, сап deterтine х. Е3.5.9 Let р, and q, Ье two pairwise l'elatively piime naturals, each greatel' than 1 . Let f Ье the function fгom {0, 1 , " . , pq - 1 } to the set {0, 1 , " . , р - 1 } х {0, 1 , " . , q - 1 } defined Ьу J(x) = (х%р, x%q) . Ргоvе that f is а Ьijection. Е3.5.10 Let n and а Ье positive naturals. Pl'ove that а has а тultiplicative inveгse modulo n if and only if fш every priтe р dividing n, а has an inveгse тоdнlо р.

3.5.4

ProЬlems

Р3.5 . 1 The Julian calendar33 has уеагs of 365 days нnless the yeal' nнmЬег satisfies х = О (mod 4) , in which case the year has 366 days (а "leap year" ) . (а) George Washington was born o n 1 1 Febiuary 1 732, а Friday, according to the Julian calendar. Explain why 1 1 Febrнary in year х of the Julian calendar is а Friday, if х = 1732 (тоd 28) . (Note that this is not just а stгaightfol'ward application of the Chinese Reтainder Theoreт) . (Ь) What day of the week was 1 1 February 1492, according to the Jнlian calendar? Explain your reasoning. (с) А "perpetнal calendar" is а single chart including all possiЬle calendars fш а given year. How тапу calendars are needed? Explain how to deterтine which calendar is needed fш уеаг х, if уон know а congruence for х тodulo 28. Р3.5.2 The Gregorian calendar (the one in most general use today) 34 is the sаше as the Jнlian calendal' except that theie are 365 days in year х if х is congruent to 100, 200, Ol' 300 modulo 400. (а) In the Gгegorian caleпdar, as students of World War П тау recall, 7 Deceшber 1941 was а Sunday. We cannot, as in the case of the Jнlian calendaг, guaшntee that 7 Deceшbel' of 33 Actually по Ielation to the Julian Peiiod mentioned above - the calendaI wa.s devisecl Ьу Julius CaesaI and the Period wa.s named Ьу its inventш, Joseph Justus Scaliger, afteI his fatheI, wlю happened to Ье named Julius as well. The starting date fш the Peiiod, l Januaiy 4713 В.С., was chosen so that three cycles, of 28, 19, and 15 yeais гespectively, were all in their desired starting positions. How often does this happen? 34 Gieat Biitain and its colonies switched ft·om the Julian to Gregшian calenda1· in 1752, when they wеге consideгaЬ!y out of step with each other - to see how this wa.s implemented enteI cal 1752 оп any Unix machine. Geшge Wa.shington, who was alive at the tirne of this change, гetroactively changed his Ыгthday to 22 Febгuary.

3-32

year х was а Sunday if х = 1941 ( mod 28 ) , but we can guarantee it if х = 1941 ( mod с) for some value of с. Find the smallest value of с for which this is true.

( Ь ) Determine the day of the week on which you were born, using only the fact that 7 December 1941 was а Sunday. Show all of your reasoning.

( с ) What additional complications arise when designing а perpetual Gregorian calendar? ( d ) In what years, during the period from 1 to 1941 A.D. ( or 1 to 1941 С.Е. ) , have the Gregorian and Julian calendars agreed for the entire year?

Р3.5.3 Suppose we are given а system of congruences:

а 1 ( mod m 1 ) а2 ( mod m2 )

х х

without any guarantee that the mi 's are pairwise relatively prime.

( а ) А prime power is а number that can Ье wгitten ре for some pгime numbeг р and some positive numbeг е. А consequence of the Fundamental Theorem of Aгithmetic ( which we'll ргоvе soon ) is tl1at any numbeг has а unique factoгization into prime poweгs. Show that we can convert any congгuence into an equivalent system of congгuences wheгe each base is а prime роwег and the bases are paiгwise гelatively pгime.

( Ь ) Let р Ье а pгime numbeг, and suppose that we have а system of congгuences wheгe each base is а power of р. Explain how to tell whetheг the system has а solution, and how to find it.

( с ) Using parts ( а ) and ( Ь ) , explain how to determine whetheг an arЬitгary system of con­ gruences has а solution, and if so how to find all solutions.

Р3.5.4 Suppose that the naturals m 1 , . . . , m k аге paiгwise гelatively pгime and that fог each i fгom 1 thгough k, the natural х satisfies х = Xi ( mod mi ) and the natшal у satisfies у = Yi ( mod mi ) · Explain why for each i, ху satisfies ху = XiYi ( mod mi ) and х + у satisfies (х + у) = (xi + Yi ) ( mod mi ) · Now suppose that z1 , . . . , Zj аге some natuгals and that we have an arithmetic expression in the z/s ( а comЬination of them using sums and pгoducts ) whose гesult is guaгanteed to Ье less than М, tl1e ргоdнсt of the mi's. Explain how we can compute the exact гesнlt of this aгithmetic expгession нsing the Chinese Remaindeг Theorem only once, no matteг how laгge j is. Р3.5.5 ( нses Java) Wгite а гeal-Java static method that takes thгee modнli m 1 , m2 , mз and thгee гesidнes х 1 , х 2 , хз as input. It should check that the modнli аге pairwise гelatively pгime, and if they аге, it shoнld outpнt а numbeг х that satisfies all thгee congгнences х = Xi ( mod mi ) · Р3.5.6 In РгоЫеm 3.3.2 we defined the Euler totient function ф(п), wheгe п is а natuгal, to Ье the numbeI of natuгals in the set {О, 1, . . . , п} that aie Ielatively piime to п. The Chinese Remaindeг Theorem allows us to calculate ф(п) fог any п with а little work:

( а ) Ршvе that if р is any prime and pe-l (p 1 ) .

е

is any positive natшal, then

_

3-33

ф(ре )

=

ре pe-I -

(Ь) Prove that if r and s are any relatively prime naturals each greater than 1, then ф(rs) = ф(r)ф(s ) . (Hint: Use the Ьijection of Exercise 3.5.9.)

( с ) ComЬine (а) and (Ь) to get а rule to compute ф(п) for any natural

п.

Illustrate your

method Ьу finding ф(52500 ) .

Р 3 . 5 . 7 Following Exercise 3.5.9, let р1 , . . . , Pk Ье а pairwise r elatively prime set of naturals, each greater than 1. Let Х Ье the set {О, 1, . . . , р1 - 1} х . . . х {О, 1, . . . , Pk - 1 } . Define а function f from {О, 1 , . , Р1 Р2 . . . Pk 1 } to Х Ьу the rule f (х) = ( х%р1 , , x%pk) · Рюvе that f is а Ьijection. .

.

. . .

-

Р3.5.8 Let Х Ье а finite set and let f Ье а Ьijection on Х . Recall that the n th iterate of f, written J(n) , is the function defined so that j(n) (x) is the result of applying f to х exactly п times. We define the period of f to Ье the smallest positive natural п such that j(n) is the identity function. '

(а) vVhy must every f have а period? (Ь) Show that if Х has exactly three elements, every Ьijection on Х has pe1·iod 1, 2, or 3.

( с ) How laгge must Х Ье before you can have а Ьijection with period 6? Р3.5.9 (haгder) Following ProЬlem 3.5.8, let m(n) Ье the largest peгiod of any Ьijection on Х if Х has exactly п elements. (а) Let Р1 , Р2 , . , Pk Ье pairwise relatively prime naturals with Р1 + . . there is а Ьijection of period Р 1Р2 . . . Pk on Х . . .

· Pk ::; п.

Show that

(Ь) Let f Ь е any Ьijection o n Х . Show that there is а set o f numbeis as in part ( а) so that the period of f is Р1 . . Pk · .

( с ) Using this analysis, find m(n) for all п with п ::; 20.

Р3.5.10 Let m and п Ье two relatively prime positive naturals, and consider what naturals can Ье expiessed as linear comЬinations ат + Ьп wheie а and Ь aie naturals, not just integeis. (а) Show that if m = 2 and п = 3, any natural except О and 1 can Ье so expгessed. (Ь) Deteгmine which naturals can Ье expгessed if m = 3 and п = 5 .

( с ) Argue that for any m and п, theгe а1·е only а finite number o f naturals that cannot Ь е expressed i n this way.

3-34

3.6

3.6.1

The Fundamental Theorem of Arithmetic

Unique Factorization lnto Primes

In this section we will prove one of the most important results of number theoгy. Fundamental Theorem of Arithmetic: Еvегу positive natural has а unique factOiization into а product of pгime numbers. Recall that а factorization of п is simply а list of prime numbers whose pгoduct is п. Неге the wOid "нnique" means that if we have two prime factorizations of the same natural, such as 2 · 5 · 2 · 3 = 3 2 · 2 5 = 60, then they contain the same primes, and each prime occurs the same number of times in each factorization. ·

·

You've рrоЬаЫу been told at some time Ьу your teacheгs that this fact is true, and perhaps you've taken it on faith. ow, however, we have developed enough mathematical machinery to prove it, using only the definitions and simple facts about arithmetic35 . FOI that matteг, what we do here will Ье faiily simple, since most of the work occнrred when we pгoved the Inveгse Theorem in Section 3.3.

3.6.2

Existence of а Factorization

The first thing to ргоvе is that at least опе factorization exists. We've already aгgued that this is true, but let's review the reasoning. If а natural х is pгime, then it has а prime factOiization containing one prime, х itself. (And 1 has а prime factorization as the product of по pгimes. We don't wопу about factoring О.) Otherwise, х is composite and can Ье written х = а · Ь wheгe both а and Ь аге greater than 1 and less than х. If а and Ь are both prime, we аге done. Otherwise we write each of them as the prodнct of smalleI numbeгs, and so on until we have expressed х as а product consisting only of pгimes. (Figure 3-5 shows one way this process can гesult in а factOiization of 60 into pгimes. ) We have i n effect just described а recursive algorithm for producing а pгime factorization (ProЬlem 3.6 . 1 is to code this algorithm in Java) . If we believe that this algOiithm will always give us an answer, then а prime factOiizatioп must exist. The fuпdamental reason why the algorithm can't go iпto an infinite loop is that it is actiпg on naturals that аге always getting smaller (if it factors х as а · Ь, both а апd Ь must Ье smaller than х) апd а sequence of naturals can't go on foreveг with its elements always getting smaller. But to make this reasoning completely rigoгous, we'll need the more formal tools to Ье developed in Chapter 4. 35 Actually, а fully formal proof will require mathematical induction from Chaptel' 4. But this proof should Ье IeasonaЫy conviпcing and satisfying - the ршоf will tell us both that it is true and why it is tiue.

3-35

/�� *

10

6

;=\ ;=\

2

*

5

х

2

*

3

@Kendall Hunt Pt1Ьlisblng Compa11y

Figшe 3-5: А factшization of 60. 3.6.3

The Uniqueness of the Factorization

The other half of the Fundamental Theorem is to show that the prime factorization is unique, which will require us to use the Inverse Theorem. How do we know, for example, that 17 · 19 · 23 · 29 and 3 · 53 7 · 83, both odd numbers around 200000, are not equal? In this case we can mнltiply онt the products and find that 215441 doesn't equal 2 1 7875, Ьнt in general how do we know that two different prodнcts of primes (not just гeorde1·ings of the same prodнct) can't Ье eqнal to each other? ·

There are several ways to phгase this argнment, and we're going to do this one as an argument Ьу contradiction. We'll assume the negation of what we want to ргоvе, that theгe аге two diffeгent products of primes, Ь1 · . . . · bi and с 1 · . . . · Cj , that multiply to the same number а. For the two pr-oducts to Ье "diffeгent" , we need to assume that some pr-ime р оссшs among the b's тоге times that it оссшs among the c's36 . Now we have assumed а sitнation which is impossiЫe, and ош job is to ргоvе that it is impossiЫe. The way to do this is to manipulate it until we der-ive anotheг situation that we can pr-ove to Ье impossiЫe. (This can Ье tricky, as we have to separ-ate what we know to Ье false fr-om what we can ргоvе to Ье false, to avoid constr-ucting an invalid cir-cular- pr-oof.) If we can show •Р --+ О, wher-e р is the pmposition we want to prove, we will have completed а proof of р Ьу contr-adiction. How could we have told above that the products 17 · 19 · 23 · 29 and 3 5 3 7 · 83 ar-e not equal, without multiplying them out? One natшal answer- is that 3 , fш example, divides the second product but not the fir-st, so that (as in Excшsion 3.2 ) we know that the sнm of the decimal digits of the fiгst pr-oduct is поt divisiЫe Ьу 3 and that of the second pr-oduct is. This souпds convincing, Ьнt theгe's а proЫem. It's clear that 3 divides the second prodнct, Ьнt the fact that it doesn't divide the first product is something we have to prove (the reason it seems obvious is that we believe that нniqнe factшization is t1·не). ·

·

36 0f сошsе, i t could оссш fewer tiтes aтong the b's. B u t in that case we'll геnате the b ' s as the c's, and геnате the c's as the b's, so that the b's have тоге оссшгеnсеs of р. There's no гeason we can't do this as we staгted with the sате assuтptions about each pгoduct - that it тultiplied to а and that all the terтs in it ' 1) А --,::Jy : D (y, х) А (1 < у) А (у < х)

Note two things in the case of primality - fiгst, there is usually mоге than one way to express the same concept, and second, it's possiЫe to shorten the foгmнla Ьу various "tricks" . FOI' example, in the first expression fог Р(х) above we implicitly use the fact that there exists а natural у with у ;::: 2 and Q(y) (here Q represents any predicate) if and only if there exists а natural z such that

Q(z + 2) .

I n this Excursion we'll practice expгessing concepts as quantified statements in number theory, concluding ( in the Writing Exercise ) with the solнtion to а "hard proЫem" in Hofstadter's book. Не says, "Strangely, this one takes gгeat cleverness to render in our notation. I would caution you to try it only if you are willing to spend hours and hours on it - and if you know quite а Ьit of number theOI'y!" We'll see whether we can do betteг, with copious hints. А key advantage we have in expressing properties is that we do know some nнmber theory, and we can use tricks that work for reasons that don't show up in the formula. For example, it's easy to express "у is the smallest prime number that divides х" as:

D (y, х) А Р(у) А \:/z : (D ( z, х) А P ( z)) --+ (у :::; z ) . This formula expresses the given predicate whether o r n o t there actually i s always sнch а smallest pгime number that divides х. We happen to know that such а prime number always exists, but that wasn't necessary for us to expгess the predicate. The statement that the smallest prime divisoг always exists is just another statement of number theory, one that happens to Ье true. 39We could replace his "Sx" with "х + 1 " , but he wants to formally define addition and multiplication in terms of successor, as we will do in Section 4.6. Hofstadter also uses the successor function to get all his numbeг names f1·om zero, so that 7, for example, is written "SSSSSSSO" .

3-43

Another trick allows you to express the predicate " х is а power of 2" , meaning that 2 is the only prime occurring in the factorization of х. Because we now know the Fundamental Theorem of Arithmetic, we know that х is а power of 2 if and only if there isn't any other prime dividing х. ( Equivalently, we could say that theгe is no odd numbeг dividing х . ) This is easy to express as

03у : Р(у) /\ D(y, х ) /\ • (у = 2 ) . Hofstadteг's "hard proЫem" is to express the predicate " х is а power of 10" . We can take the "power of 2" formula above and adapt it to say "х is а power of р" for any prime number р, but poweгs of 10 pгesent us with а proЫem. А power of 10 has only 2 's and 5's in its prime factorization, which we can express easily as

\:/у : [D(y, х ) /\ Р(у)] ---+ [(у = 2 ) V (у = 5 )] , but this formula holds fог many naturals that are not powers of 10, such as 64, 400, ог 125. То Ье а роwег of 10, а natural must have the same number of 2's as 5's in its factorization, which can't Ье expгessed in any obvious way. In the Writing Exercise we'll work through а way of solving this proЬlem Ьу coding sequences of naturals as single naturals, allowing us to say things like "theгe exists а sequence of naturals such that the first one is 1, each one is 10 times the one before, and the last one is х" . It turns out that given this trick, virtually апу discrete computational process can Ье foгmalized, in pгinciple, as а foгmula of number theoгy. We'll return to this topic in Chapteг 15.

3.7.1

Writing Exercise

We want to code а sequence of k naturals, each boнnded Ьу а single natural Ь, in such а way that we can expгess the pгedicate Codes(z, k, Ь, i, а ) which means "z codes а sequence of k naturals, each less than Ь, and the i'th natural in the sequence is а" . 1. Show that given this Codes pгedicate, we can expгess "х is а p01..ver of 10" in our ve1·sion of the predicate calculus. 2. We saw in Section 3.5 that the Chinese Remaindeг Theorem gives us а way to go between seveгal congruences involving small naturals, on the one hand, and one congruence involving large naturals on the other. If we have k naturals, each less than Ь, we can repгesent each natural Ьу а congгuence modulo Ь, or modulo any natural lагgег than Ь. The ргоЫеm is that we need k different bases that аге pairwise relatively prime, all larger than Ь, and defined Ьу а single formula. А possiЬility is to take the naturals r + 1, 2r + 1, . . , kr + 1 fог some numbeг r. Write а formula, with free variaЬles r and k, which says that these k naturals are paiгwise гelatively pгime ( call it Bases(r, k)). .

3. Prove \:/k : Vb : 3r : (r > Ь) /\ Bases(r, k). ( Hint: We actually want r t o l1ave lots o f divisors, so look at factorials. ) 4. Write а foгmula expressing "r is the least natural that is greater than Ь and satisfies Bases(r, k). Call this "BestBase(r, Ь, k)" . 3-44

5. Write the formula Codes(z, k, Ь, i, а) as specified above. You may use congruence notation.

3-45

+

о

4

х

5

о

4 2

4

о

3

4

4

4 4

4

3 2

4

3

4

2

@Kendall Hunt PuЫisl1ing Соmрану

Figure 3-6: Additioп апd multiplicatioп taЫes modulo 6. 3.8

3.8.1

The Ring of Congruence Classes

New Objects From Old

А priпcipal tool of mathematics is the creatioп of пеw mathematical objects from old опеs 40 . Equivaleпce гelatioпs give us а very gепегаl method to do this. We've sееп that for every equivaleпce гelatioп, theгe is а partitioп of the base set iпto equivaleпce classes. If we choose, 've сап view these classes as objects iп their оwп right, апd see what сап Ье dопе with them. The equivaleпce relatioп of congruence modulo r is defiпed so that С(х, у) is true if апd only if х = у (mod r ) . It is easy to check that coпgrueпce modulo r is ап equivaleпce relatioп. (That is, as loпg as we keep r fixed - kпowiпg а coпgrueпce modulo r doesп't пecessarily tell us aпythiпg about coпgrueпces with other bases. ) The equivaleпce classes o f the сопgгuепсе relatioп modulo r are called congruence classes, апd there are exactly r of them. For each of the r пaturals that are less thaп а, we have а class: the set {i : i = а (mod r ) } . If r = 2, fOl' example, the two classes are the еvеп пumbers {0, 2, 4, . . . } апd the odd пumbeгs { 1 , 3, 5, . . } . Fог r = 9, the пiпе classes аге {0, 9, 18, . . }, { 1 , 10, 19, . . } , { 2 , 1 1 , 20, . . . } , апd s o forth. .

.

.

We saw back iп Sectioп 3.3 that the coпgrueпce class of а sum or product of iпtegeгs depeпds опlу оп the coпgrueпce class of the addeпds 01' factors. This meaпs, iп effect, that coпgrueпce classes оп the iпtegers сап Ье added, suЬtгacted, multiplied, апd sometimes divided. Fог апу positive паtшаl r, the сопgгuепсе classes modulo r form а пumber system, which we call Z r , "the iпtegers modulo r " . For сопvепiепсе, we usually пате each elemeпt of Zr after its smallest repгeseпtative - fог example, the elemeпt {2, 1 1 , 20, . . . } of Zg is usually called "2" . We сап гepreseпt the additioп апd multiplicatioп operatioпs of Zr Ьу taЫes, as Figure 3-6 does for the case of Z 6 . Iп gепегаl this рhепоmепоп of passiпg from objects to equivaleпce classes is called "moddiпg out" or "takiпg а quotieпt" . We'll see aпother impOitaпt example iп Chapter 14 wheп we deal with 40 Why might one want to create new objects? As we said in Section 1 . 1 , а рше mathematician would Ье inte!'ested in their beauty, ш their usefulness in solving interesting ршЬ!еms. An applied mathematician would Ье interested in the possibility that they might model some aspect of reality.

3-46

finite-state machines. Тhеге the equivalence гelation on stгings will Ье "input stгings х and у cause the machine to do the same thing" . Otheг examples abound in lineaг algebгa (such as qнotient spaces) and abstгact algebгa (sнch as quotient gгонрs) .

3.8.2

The Axioms For

а

Ring

If r is any positive natшal, the set Zr of integers modнlo r forms ап algebraic system called а ring41 . We сап add ог multiply апу two пumbers in Zr , апd these opeгations satisfy specific properties that аге familiaг from various пumber systems:

• •

Additioп is commutative ( х + у = у + х ) апd associative ( х + (у + z ) = ( х + у) + z ) . Ther-e is ап additive identity element О , such that х + О = О + х = х апd Ох = х О = О for апу х.

•

Every elemeпt х has ап additive inverse " -х" , such that х + ( -х ) = О .

•

Multiplicatioп is commutative апd associative.

•

The distributive law, х ( у + z ) = ху + xz, holds.

•

Ther-e is а multiplicative identity element 1 such that О =/=- 1 and lx = x l = х for апу х.

Note that the пatшals themselves do поt for-m а гing, because they don't have additive iпver-ses. (They form а simpleг system called а semiring, which we'll look at iп Chapter 4.) But iп Zr you can always get fr-om а to О Ьу addiпg the equivalence class of r а ( for example, 3 + 2 = О ( mod 5)), so every elemeпt does have ап additive iпverse. -

Iп the case where the modulнs is а prime пumber р, the iпtegers modнlo р form а пнmЬеr system called а finite field which we'll stнdy iп the пехt section. Because the гiпgs Z1. апd fiпite fields are discrete like digital logic systems ( as opposed to continuous like the real OI complex пнmЬегs) , they tend to come up often in modeliпg computeг systems.

3.8.3

Rings and the Chinese Remainder Theorem

If r is composite, we сап use the Chiпese Remaiпder Theoгem to discover more аЬонt the structшe of Zr . Remembeг that any паtшаl сап Ье factored uпiquely as а prodнct of prime powers, апd that these prime power-s аге paiгwise relatively prime (for example, 60 = 4 х 3 х 5) . А сопgrнепсе modulo r, theп, is equivaleпt via the Chinese Remaiпder Theoгem to а system of сопgгuепсеs, one fог each of the prime powers iп this factorizatioп. Fог example, suppose we kпow that х = 23 (mod 60) апd у = 44 (mod 60) . The first сопgrнепсе is equivaleпt to х = 3 (mod 4), х = 2 (mod 3 ) , апd х = 3 (mod 5). (We fiпd the nнmbers 3 , 2 , апd 41 Formally, we ai·e giving the axioms for а commutative 3- 47

ring with identity

rather than

а general ring.

3 Ьу taking 23 modulo 4, 3, and 5 respectively. ) Similarly, the second congruence can Ье converted to у = О (mod 4), у = 2 (mod 3), and у = 4 (mod 5). We've seen that we can use these systems of congтuences to calculate х +у and ху modнlo 60. For example, Ьу adding tlie pairs of congrнences with the same base we find that х + у = 3 (mod 4) , х + у = 1 (mod 3) , and х + у = 2 (mod 5). Using the proof of the Chinese Remainder Theorem, we can conveгt this system to the single congrнence х + у = 7 (mod 60) . Similaгly, we can compute ху = 3 · О = О (mod 4), ху = 2 · 2 = 1 (mod 3) , and ху = 3 · 4 = 2 (mod 5), and conveгt the гesulting system to ху = 52 (mod 60) . With гespect t o addition and mнltiplication, Z 60 behaves just like the direct product Z 4 х Z 3 х Z 5 , wheгe we регfогm an opeгation in the diгect pгoduct Ьу peгfoгming the thгee opeгations in the individнal гings in paгallel. Fог any r, the гing Zr is equivalent42 to sнch а diгect ргоdнсt of гings Zpe , fог the pгime poweгs ре in the pгime-power· factoгization of r. This fact will Ье usefнl to us in the гemaindeг of the chapteг.

3.8.4

Classifying Abelian Groups

Веfоге leaving this topic we should look at one mоге type of algebiaic stгнсtше. А group is а set with an opeгation that is associative, has an identity element, and has inveгses fог еvегу element. An abelian gгонр, named afteг the 1 9th-centшy oгwegian mathematician Niels Heшik Abel, is а gгoup in which the opeгation is also commнtative43 . Thнs а Iing, as we have defined it, is also an abelian gгoup if we consideг only the addition opeгation. А natшal matl1ematical qнestion is to classify the stгuctшes that оЬеу а paгticнlaI set of axioms. Two stгнctшes are thoнght of as "the same" if they аге isomorphic. An isomorphism fгom one structшe to anotheI is а Ьijection that also respects the relevant algebгaic opeiations. Fог example, а Ьijection f fгom one gгонр G to anotheI groнp Н is an isomorphism if and only if it гespects the Iнle f(xy) = f(x)f(y) fог all elements х and у of G. Note that the left-hand side of this equation inclнdes а multiplication in G, while the right-hand side inclнdes а multiplication in Н . The Chinese RemaindeI Theoгem essentially tells н s how t o classify finite abelian gгoups. Since ош examples of abelian gгoups so far are additive strнctшes of rings, we'll wгite the opeгation of an агЬitгагу finite abelian gгoup as addition and call the additive identity "О" . Consideг any nonzeгo element а. If we look at the sequence of elements О, а, а + а, а + а + а" . . , some element must eventually Ье гepeated because theгe аге only finitely mапу elements. If i copies of а have а sнm equal to j copies of а, with i < j, then j i copies of а must add to О. Thнs ever·y nonzeгo element а ( of а finite abeliaп gгoup) has ап additive order o( а) , the least natшal q such that q copies of а add to О. -

How laгge could the огdег Ье? Еvегу elemeпt in the sequence is distinct until О арреагs fог the second time, so we mнst have at least o( а ) distiпct elemeпts in the gгонр. Thнs o( а ) сап Ье по lагgег thaп the size of the gгoup. Could it Ье equal? Yes, it is eqнal if the group is Zm, and we 42The proper algebiaic WOl'd is isomorphic, as we will see below. See Section 8.7 for anotl1e1· example. 43 Q: What's purple and commutes? А: An abelian giape!

3-48

take а = 1 . This group is called cyclic, and any two cyclic groups of the same Oider aie isomorphic (see Exercise 3.8.6) . Theorem: In any finite abelian44 group G, the OideI of any element divides the numbeI of elements in G. Proof: Since the oider of О is 1 , and 1 divides any natшal, our conclusion is true foI О. Let а Ье any nonzero element and consider the set Н = { О а, аа, . . . , (о(а) - 1)а} . Define an equivalence relation on the elements of G, so that R(x, у) means that there is some natural k such that х + ka у. Like any equivalence relation, R divides its set into classes, one of which is Н . In fact each of the otl1er classes also lшs exactly о( а) elements, since the class of х is exactly { х, х + а , х + 2а , . . . , х + (о(а) - l)a} . Since each element of G is in exactly one class, the number of elements in G must Ье the number of classes times о( а), and thus is а multiple of о( а) . • ,

=

So, for example, every abelian gIOup with а prime number of elements must Ье cyclic. What about а group of order р2 , where р is а prime? The only possiЫe Oiders of an element are О, р, and р2 , since these are the only natшals that divide р2 . If there is any element of ordeI р2 , the group is cyclic and is isomoгphic to ZP2 . If not, you'll show below in ProЫem 3.8. 7 that the group must Ье isomorphic to Zp х Zp· We can foim а gгeat vaiiety of abelian gгoups Ьу taking diiect products of cyclic gioups. What the Chinese Remainder Theorem tells is is that some of these prodнcts are isomorphic to others. We know that the rings Zm х Z n and Zmn are isomorphic if m and п are Ielatively prime, and this means that the additive structures of these гings mнst also Ье isomorphic. In fact, although we won't Ье аЫе to prove it here, such direct pIOducts are the only finite abelian groups: Theorem: Any finite abelian group is isomorphic to а direct prodнct of cyclic groнps. •

3.8.5

Exercises

Е3.8.1 Verify that for any positive nнmЬег r, the Ielation of congrнence modнlo r is an eqнivalence relation. Е3.8.2 Prove that there are exactly r congruence classes modulo r, Ьу showing that every natural is congruent to some а < r, and that if а and Ь are both less than r they are not congruent unless they aie equal. Е3.8.3 Determine whether each of the following is an equivalence relation. If it is, descгibe its eqнivalence classes. If it is not, indicate which of the propei·ties do not hold for it. In each case the base set is the set of positive integeis. (а) R1 (x, y) if and only if х and у aie relatively piime. (Ь) R2 (x, у) if and only if theie is а nнmbeI z sнch that both х and у divide z . 44 This result i s true for any finite group, though we won't worry about that here.

3-49

( с ) Rз (х, у) if and only if there is а number z such that both х and у are powers of z . ( d) R4 ( х, у) if and only if theгe is а number z such that z > 1 and z divides both х and у. (е) R5 (x, у) if and only if there is а positive number z such that both xz = у and yz = х. Е3.8.4 Let SPD (for "same prime divisoгs" ) Ье the relation on the set of positive naturals defined so that SPD (x, у) if and only if for all prime numbers р, р divides х if and only if р divides у. (а) Piove that SP D is an equivalence relation. (Ь) List all numbers х such that х < 100 and SPD (x, 12).

( с ) Descгibe the equivalence classes of SРD. Е3.8.5 Define Zr [x] to Ье the set of polynomials in х whose coefficients are in Zr . Verify that Zr [x] satisfies all the axioms for а гing, using the usual definitions of addition and multiplication of polynomials. Е3.8.6 Two ргоЫеms about isomorphisms of abelian gгoups: (а) Prove that any two cyclic abelian groups with the same (finite) number of elements aie isomorphic. (Ь) Prove that there are two abelian groups with nine elements that are not isomorphic to one anotheг.

Е3.8.7 А гing is said to have zero divisors if there are two nonzeгo elements (поt necessarily distinct) that multiply to О. Fог which naturals m does Z m have zего divisors? Е3.8.8 Why couldn't а ring have two diffeient additive identities, ог two different multiplicative identities? Е3.8.9 Let А Ье ав abelian gгoup, with the opeгation wгitten as addition and the identity called О. Pick апу element other than О and call it 1. Define а multiplication opщation on А so that fог any element х, Ох = хО = О and lx = х1 = х, and so that ху = О if neitheг х and у аге equal to О nor 1. Ргоvе that the resultiпg structure may fail Ье to distributive, but satisfies all the other ring axioms. Е3.8.10 Consideг the set of polynomials оvег Z 2 where we consider х 2 to Ье equal to х. Тhеге are four elements in this set: О, 1, х, and х + 1. Make addition and multiplication taЫes fог this structure апd verify that it is а ring. Is it isomorphic to either of the гings Z4 ог Z 2 х Z 2 ? 3.8.6

ProЬlems

Р3.8.1 Let r Ье а natшal. Define the Ьinагу relation Tr on the naturals so that Tr (x, у) is true if х = у or both х :::=: r and у :::=: r. Tr (x, у) is геаd "х is equivalent to у thгeshold r. " Describe all the equivalence classes of Т5 . Explain why we can add and multiply the classes of Tr for any r, and constгuct addition and multiplication taЫes for the classes of Т5 . Р3.8.2 Let f Ье а polynomial with coefficients in Zr, that is, а member of the ring Zr [x] defined in Exercise 3.8.5 above. Recall that if g is any polynomial, we can divide g Ьу f to get polynomials q and т such that g = qf + r and the degгee of r is less than the degree of 3-50

f. Define two polynoтials to Ье congruent тodulo f if they differ Ьу а тultiple of f, and consider the congruence classes of this relation. Show that each class has exactly one eleтent whose degree is less than that of f. Show that these classes тау Ье added and тultiplied, just as fог the classes in Zr (Hint: You тust show that the classes of х + у and ху depend only on the class of х and у this will Ье siтilar to the proof for ordinary congruence in Section 3.3) . -

Р3.8.3 Following РrоЫет 3.8.2, let r = 2 and let f = х3 + х + 1 . List the congruence classes of Z 2 [x] тodulo f. Constгuct addition and тultiplication taЫes for the ring of these congruence classes. Is this гing isoтorphic to Zm , where т is its size? Р3.8.4 Let В = {О, 1} and define addition and тultiplication on В as fог boolean algebгa, so that 1 + 1 = 1 and all other suтs and products are as given Ьу the ring axioтs. Constгuct addition and тultiplication taЫes fог this set. Is this а ring? Why ог why not? Р3.8.5 Let S Ье а non-eтpty set and let P(S) Ье the power set of S (the set of all subsets of S) . Define the "suт" of two sets Х and У to Ье Х 6. У, the sуттеtгiс difference, and define the "product" of Х and У to Ье X n Y. Prove that P(S) forтs а ring undeг these two oper-ations (you тust decide what the identity eleтents are). Р3.8.6 Just as >ve did fог abelian groups, we can classify all possiЬle rings with ceгtain finite nuтbers of eleтents. (а) Let р Ье any ргiте. Ргоvе that еvегу гing with exactly р eleтents is isoтoгphic to Zp. (Ь) Find all possiЫe rings with exactly four eleтents. (Hint: We know that there аге two possiЫe additive stгuctures for а four-eleтent set, those of Z4 and Z 2 х Z 2 . In the latter case, the result of тultiplication Ьу О or 1 is forced Ьу the axioтs. If we call the otheг two eleтents х and х + 1, what аге the possiЫe values of х х х?) Р3.8.7 Let р Ье а ргiте and let G Ье any gгoup with р2 eleтents that is not cyclic. Prove that G is isoтoгphic to Zp х Zp· Р3.8.8 А natural п is called squarefree if there is no natural k such that k > 1 and k2 divides п. Ргоvе that any finite abelian gгoup with а squarefree nuтber of eleтents is cyclic. Р3.8.9 Given tl1e classification thеогет for finite abelian gгoups, we can Ье тоге specific about the coтponent cyclic gгoups of the factoгization. (а) Prove that any finite abelian group is а direct product of cyclic groups, each of which has ргiте роwег size (but possiЬly with the sате priтe occuпing тоге than once ) . ( Ь ) Ргоvе tliat any finite abelian gгoup i s isoтorphic t o а diгect pгoduct Z d1 х Z d2 х . . Z dk , where each numbeг di divides the nнmЬег di+ l · .

Р3. 8 . 1 0 Let т and п Ье two relatively ргiте naturals. Let G Ье а finite abelian gгонр >vith тп eleтents tliat has an eleтent а of order т and an eleтent Ь of order п. Prove that G is isoтoгphic to Zm х Zn.

3-51

3.9

3.9.1

Finite Fields a n d Modular Exponentiation

The Definition of а Field

In the last section we defined а ring to Ье а set of numbers with addition and multiplication operations that оЬеу а particular set of properties. А field is а ring that has one additional pгoperty as well:

•

Every element х , except fог О, has

а

multiplicative inverse "1/х" , such that х · ( 1 /х)

=

1.

I n а field, then, you can divide х Ьу у (as long as у isn't О ) Ьу multiplying х Ьу 1/у. You can't do this over the integers, as usually 1/х isn't an integer, but the rational numbeis ( fractions of integeis) and real numbers aie both fields. Our conceгn in this section is finite fields and some of their properties. Is Zr , the ring of integeis modulo r, а field? It depends 011 whetheI we can divide Ьу any nonzeio element, and we know from the Inverse Theoгem exactly when we can divide. А natural has an inveise modulo r if and only if it is relatively pгime to r. Let's focus in, then, on the set of numbers in Zr that have inverses, which we'll call45 z; . If r is prime, then every nonzero element of Zr is Ielatively piime to r, z; consists of all r - 1 nonzero elements, and Z1• is а field46 . If r is composite, on the other hand, some of the nonzeгo elements of Zr are not in z; , and thus Zr is not а field. The size of z; is called ф(r), the Euler totient function we've just shown that ф(r) = r - 1 if r is pгime. -

3.9.2

Modular Exponentiation

We're now going to look at the last basic aiithmetic operation, that of exponentiation, in а ring Zr. Given any naturals а and Ь, it makes sense to talk about аь modulo r, the pгoduct of Ь copies of а, taken47 in Zr . This operation will turn out to Ье useful in testing ог ceitifying piimality in Excursion 3.10, and in implementing the RSA cryptosystem in Section 3. 1 1 . A s а Ьit o f an aside, how can w e best calculate а ь modulo r ? There aie two decidedly wrong ways to do it. One is to fiгst calculate the natural а ь , and then divide it Ьу r. This could Ье bad if Ь is Ьig, as а Ь might Ье too Ьig а numbeI to fit in а word of memory. (If а and Ь each fit into 64 Ьits, for example, how Ьig might аь Ье?) We can avoid this ргоЫеm Ьу dividing Ьу r after every operation, so that the numbeгs we multiply are a.lways no Ьiggeг than r. The other bad idea is to calculate аь Ьу multiplying Ьу а Ь times, which would Ье horriЬly time-consuming if Ь were really 45 Also called the multiplicative group of numbers modulo r . As we've said, а group is а set with an opeiation that is associative, has an identity, and has inverses. ln Exercise 3.9 . 1 you'll check that z; is а g1·oup. 46 This isn't the only possiЫe way to get а finite field - see the PioЬ!ems. 47 Note Iight away that we can't think of Ь as а numbeI in Zr as we do this, as it will tuш out that in geneial Ь = с {mod r) is по guarantee that аь = ас (mod r). This is in shaip constrast to the situation fог the otheI opeiations. We сап still think of а as being in Zr, however.

3-52

Ьig. (If Ь = 2 64 , just for example, you'd Ье doiпg over 1 0 19 multiplicatioпs) . Неге the trick that saves нs is repeated squaring, where we calcнlate а 64 , for example, Ьу takiпg а, squariпg it to get а2 , sqнariпg that to get а4 with опlу опе more multiplicatioп, theп successively48 gettiпg а8 , а 16 , аз2 , апd а64 _ As we look at the powers of а iп Zr, where а Е z; , the sеqнепсе ( а0 , а 1 , а2 , а3 , . . . ) mнst eveпtнally repeat itself, because there are опlу so тапу possiЫe elemeпts of Zr that could ever оссш iп it. Опсе уон kпow that а8 = at , you сап mнltiply both sides of this eqнatioп Ьу ( l /a)5 апd get that 1 = as-t. The sequeпce of powers therefore must reach 1, апd we defiпe the order of а to Ье the smallest positive пumber и such that аи = 1 (more formally, аи = 1 (mod r) ) . The sеqнепсе of powers is thus periodic with а period equal to the order of а - for example with а = 2 апd r = 9 we get ( 1 , 2, 4, 8, 7, 5, 1, 2, 4, 8, 7, 5, 1, . . . ) . This briпgs us to ап importaпt fact: Theorem: 49 Fог апу пumber r апd апу а Е z; , the order of а iп z: divides ф(r) . Iп paгticular, а Ф( r} = 1 (mod r). Proof: Let и Ье the order of а апd let Ь Ье ап aгЬitrary elemeпt of z;. Coпsider the set of elemeпts oЬtaiпed Ьу startiпg with Ь апd repeatedly multiplyiпg Ьу а, that is, the set { Ь, Ьа, Ьа2 , Ьа3 , . . . } . We actнally kпO\v that this set coпtaiпs exactly и elemeпts, because i f t � и the elemeпt Ьаt has already occuпed iп the set as Ьаt-и (because аи = 1 (mod r)) апd the elemeпts Ь, Ьа, . . . , Ьаи- 1 are distiпct (otherwise if Ьа5 = ьаt, multiply both sides Ьу l (ba5 ) to get at-s = 1 with t - s < и) . Now coпsider these sets for all possiЫe Ь. They foгm а partitioп of z; , Ьесанsе (as we сап easily check) the relatioп R(Ь, с) defiпed Ьу the pгedicate ::Js : с = Ьа8 is ап eqнivaleпce relatioп. Fог z;, with exactly ф(r) elemeпts, to Ье paгtitioпed iпto sets with и elemeпts each, it is сlеаг that и must divide ф(r). • А special case of this theorem is опе of the more famoнs resнlts iп пнmЬеr theoгy: Fermat's Little Theorem: If р is prime апd а is гelatively pгime to р, theп aP-l = l (mod р) . •

3.9.3

The Multiplicative Group of Zp is Cyclic

We are поw геаdу to determiпe the stгнсtше of z; uпdег multiplicatioп. We've jнst showп that the ordeг of еvегу elemeпt divides р - 1, Ьнt it takes а Ьit тоге work to show that theгe аге some elemeпts of огdег exactly р - 1 . То do this, we пееd to look at polynomials whose coefficieпts аге i п Zp. Мапу o f the familiaг facts of algebгa over the real пumbeгs геmаiп true over апу field. Fог example, if f(x) is а polyпomial, апd evalнatiпg f(a) fог some рагtiснlаг field elemeпt а gives О, theп the polyпomial х - а divides the polyпomial f(x) . Опе way to see this is simply to divide the polyпomial J(x) Ьу х - а. The гemaiпdeI mнst have degгee less thaп that of х - а апd so mнst itself Ье ап elemeпt of Zp. Внt if 48lt's а Ьit different if Ь isn't а power of two, but the same trick сап Ье used to get аь in about 2k multiplications at worst, where k is the number of Ьits in the Ьinary expansion of Ь. ProЬ!em 3.9.3 asks you to devise this algorithm and later in Section 8.3 we will look at how many multiplications it uses. 49Students of abstract algebra may recognize this theorem as а special case of "in any finite gюар, the ordeI of any elemeпt divides tl1e order of the gioup" . The pioof we give here essentially works in the more geneшl setting.

3-53

f(x) = g(x) (x - а) + Ь, then substituting а for х we get ! (а) = g(a) (a - а) + Ь, and Ь must Ье О Ьесанsе f(a) = О. Because the polynomials have unique factorization, we also get the familiar fact that а polynomial of degree d can have at most d different roots (field elements а such that f(a) = О) . This is Ьесанsе the polynomials х - а for· diffeгent values of а are irreduciЫe ( "prime" , given the definition of "division" for polynomials) and so theiг product divides f(a). If theгe wеге more than d roots, these polynomials would multiply together· to get something with degree gгеаtег than d, which couldn't divide а polynomial of degree d. Lemma: If р is prime, and k divides р - 1, there are at most ф(k) elements of z; whose order is exactly k. Proof: One possiЬility is that there are no such elements, in which case the Lemma is certainly true50 . Otherwise, if theгe exist any elements of order exactly k, pick one and call it а. Now we can find k distinct elements satisfying the polynomial x k - 1 = О, namely 1, а, а2 " . . ,ak - l . Since this polynomial has at most k roots, theгe ar·en't any otheг elements satisfying x k - 1 , so we have only these k possiЬilities to seыch fог elements of OI"der exactly k. When does ai have OI"der exactly k? If and only if i is гelatively prime to k, as (ai ) j = aij is equal to 1 if and only if k divides ij , and thus a i has order k if and only if i and k have no common multiple less than ik. Тhеге are exactly ф( k) nнmbeгs less than k that ые гelatively pгime to k, Ьу the definition of the function ф. • Theorem: If р is prime, theгe is an element g of z; that generates51 z;, meaning that every element of z; is equal to gi fOI' some i . Proof: We just saw that for every k dividing р - 1 , there are a t most ф(k) elements o f огdег exactly k. In fact there have to Ье exactly this many elements of each ordeг, because otherwise theгe aгen't enoнgh elements to go around! Consideг the р - 1 nнmbers in Zp- l · Each nнmber i has an (additive ) 52 ordeг, the least positive number j such that i j = О. For each number i, define ni to Ье the numbeг of elements of р - 1 whose additive order is exactly i. The only nonzero values of ni are when i divides р - 1 , Ьесанsе every element of Zp-l satisfies i · (р - 1) = О. If i does divide р - 1, we can find exactly which elements have additive order exactly i. Letting j = (р - 1 ) /i , we can see that j is sнch an element, as is mj where m is any number relatively pгime to i. These are all the possiЬilities, as if m is not гelatively pгime to i then mj l1as а smaller ordeг, and if j does not divide а numbeг х then ij cannot divide ix. ·

So the number ni , if i divides р - 1 , is equal to ф(i ) . This means that if we add up the nнmbers ф(i) over all i dividing р - 1 (including tl1e case i = р - 1 ) , we get exactly р - 1. The orders of the р - 1 nнmbel's in z; must then split up exactly the same way, Ьесанsе once we take away the at most ф(i) numbers for each i dividing р - 1 and less than р - 1, this analysis shows that there ые at least ф(р - 1) nнmbeгs left, and р - 1 is the only possiЫe order left fог each of them. In particнlar, since ф(р - 1) is positive, we know that ther·e is at least one such element of order р - 1 , and it is the desired generator. (Note that if g has order р - 1, the р - 1 nнmbers 1 , g, g 2 , 50 Though \ve'll prove in а moment that this case never actually happens. 5 1 Another way to say this is to say tlшt z; is а cyclic groнp. 52We are switching gea.гs slightly, talking now аЬонt шder as the period of the system we get Ьу sнccessively adding i, as opposed to mнltiplying as we did above. The reasoп for this is that the multiplicative behaviш of z; tшns онt to Ье identical ( "isomorphic" ) to tl1e additive behavior of Zp- 1 .

3-54

gP-2 are all distinct, so these must Ье all the numbers in z;.)

•

Exarnple: Consider the set Ziз · We can find the order of each element Ьу finding all of its powei·s in order until we get 1. The element 1 has oгder 1, and with 2 we get the sequence 1, 2, 4, 8, 3, 6, 12, 11, 9, 5, 10, 7, 1 , showing that 2 is а geneгator. Now we can stop, actually, and read off the remaining answers from the powers of 2. The otl1er generators are the numbeгs 2 m fог m гelatively prime to 12, namely 2 5 = 6, 2 7 = 1 1 , and 2 11 = 7. Theie are ф(6) = 2 elements of order 6 (2 2 = 4 and 2 10 = 10) , ф(4) = 2 elements of oideI 4 (2 3 = 8 and 29 = 5) , ф(3) = 2 elements of order 3

(24 = 3 and 28 = 9) , and ф(2) = 1 element of order 2 (2 6 = 12).

Wl1at does z; look like if r i s composite? The Chinese RemaindeI Theorem tells u s that the ring Z r can Ье thought of as а direct product of rings Zpe where the numbers ре ar·e the piime-power factois of r. It's not hard to see that z; is also а direct pгoduct, the direct ргоdнсt of the mнltiplicative gгoups z;e for the nнmbeгs ре . Why? An element w of Zr is in z; if and only if it has no factoг in common with r other than 1. If we think of w as а sequence of natшals, one for each prime power in the base (as we thought of 23 in Zво as the triple ( 3, 2, 3) ), we can see that w Е z; if and only if each of these individual numbers is relatively pгime to its base. How do we justify this claim? One way is to use the Inveise Theorem in reverse. If the nнmber is relatively prime to its base, it has an inverse modulo that base, and the sequence of inverses is an inverse for the original numbeI. For example, since 3 · 3 = 1 (mod 4), 2 · 2 = 1 (mod 3) , and 3 · 2 = 1 (mod 5) , ( 3, 2, 3 ) has an inverse ( 3, 2, 2 ) in Z4 х Zз х Z 5 , because these two tiiples mнltiply to give ( 1 , 1, 1 ) . А nнmЬег with an inverse is relatively pгime to its base. Which numbers w Е Z60 are prime to 60? If we view w as а tI'iple (х, у, z ) , we need fог х to Ье pI'ime to 4 (thнs 1 or 3) , у to Ье prime to 3 (1 ог 2), and z to Ье prime to 5 ( 1 , 2, 3, ог 4) . Тhеге are 16 ways to choose such а triple53 , yielding the fact that Z(;0 is the 16-element set { 1, 7, 1 1 , 13, 1 7, 19, 23, 29, 3 1, 37, 4 1 , 43, 47, 49, 53, 59}. (In the РгоЫеms, yoн'll нsе this analysis to calcнlate ф( r ) fог arЬitrary numbers r . )

3.9.4

Exercises

Е3.9.1 Let r Ье any number and let х and у Ье any two elements of z; . Prove that ху Е z; . Complete the argument that z; is а gгoup Ьу checking that the mнltiplication opeгation is associative, has an identity, and has inverses. Е3.9.2 Let r Ье а natшal and а Ье а membeI of z; . Define the relation R(Ь , с ) , for Ь and с members of z; , Ьу the piedicate 3s : Ь = са8 • Prove that R is an eqнivalence relation on z; . Е3.9.3 Consider the congгuence relation on Zз [х] modнlo the polynomial х2 + 1, and define С to Ье the set of congruence classes. (You shoнld get nine of them.) Constiuct addition and mнltiplication taЫes for С нndег polynomial addition and mнltiplication modнlo х2 + 1 . Verify that С i s а field. I s i t isomorphic t o Z g a s а Iing? Е3.9.4 Find all the elements of Z(;3 and descгibe its structшe as Е3.9.5 Find all the generators of Zi 7 and Zj'9. Е3.9.6 Show that

а

ring with zeI'o divisors cannot Ье

а

field.

53 Counting them Ьу а technique to Ье formally presentecl in Section 6.1.

3-55

а

direct prodнct.

Е3.9.7 The characteristic of а finite ring is the least positive natшal t such that the sum of t copies of the additive identity 1 is equal to the multiplicative identity О. (а) PIOve that if the characteristic of а ring is composite, the ring is not а field. (Ь) Piove that the additive order of any element of а ring divides the characteristic. (с) Argue that in any finite field, every nonzeio element except 1 has the same piime additive OI'deI.

Е3.9.8 Let F Ье а finite field with п nonzeIO elements. PIOve that theie ше exactly ф(п) elements of F that geneiate F* undeI multiplication. Е3.9.9 (Iequiies exposure to complex numbeis) Is it possiЫe to have а subset of the complex numbeis that fOI'ms а finite field undel' the staпdшd addition and multiplication opeшtions? Е3.9.10 We showed in Exeicise 3.9.7 that any nonzel'O element of а given finite field has the same piime additive oideI. Cauchy's Theorem in algebia (which we won't piove heie) says that if any piime q divides the the numbel' of elements, theie must exist an element of OI'deI р. Usiпg these two facts, piove that if а finite field has chaiacteiistic р, it must have exactly ре elements wheie е is some positive natural.

3.9.5

ProЫems

Р3.9 . 1 (uses Java) In PI'OЬlem 3.5.6 we showed that if ре is а piime powel' (that is, р is а piime пumbeI and е is а positive паtшаl), theп ф(ре) (р l )pe - 1 . =

-

(а) Using the analysis iп this section, explain how to calculate ф(r) fOI' any r, given its piime factOI'ization. (Ь) Use your method to calculate ф(300) , ф(320) , ф(323) , ф(329) , ф(343) , ф(350), ф(353) , and ф(360) . (с) Wiite а Ieal-J ava static method int phi С int n ) that Ieturns ф (п ) given any positive пatural п as input.

Р3.9.2 Let р Ье а piime numbeI, and define Zp[x] to Ье the set of all polynomials in опе vaiiaЫe х with coefficients in Zp. (Such а polynomial is а sum of zeio OI' mOI'e monomials, each of i the fOI'm "ax " fOI' some element а of Zp and some numbel' i.) We saw in Section 3.6 that we could peifOI'm the Euclidean AlgOI'ithm on polynomials and piove а fOI'm of the Inveise TheOI'em. We defined а polynomial to Ье monic if its highest degiee coefficient is 1, and а monic polynomial to Ье irreduciЫe if it is not the pioduct of two monic polynomials, neitheI of them equal to 1. If f(x) is any polynomial, we сап define а congIUence Ielation modulo f(x) , апd the equivaleпce classes of this Ielatioп foim ап algebiaic system. Piove that if f(x) is iпеdнсiЫе, then this system is а field. (The system is finite (Why?) and so it is а finite field. In fact, апу finite field is isomOI'phic to а field of this foim, though to pl'Ove this woнld Ье beyond the scope of this book.) Р3.9.3 (uses Java) Wiite а Java piogiam that inputs positive nнmbeis а, Ь, and с and computes аь modulo с. Use Iepeated sqнaring, so that you loop once for each Ьit in the Ьinary expansion of Ь, ratheI than, say, looping Ь times. Also make sure that your program has integer overflow only when necessary 3-56

Р3.9.4 Compute а560 modulo 561 fог several values of а. Is 561 prime? Can you prove anything about а560 modulo 561 for all values of а? Р3.9.5 Let р Ье an odd prime number. We asseгted in РгоЫеm 3.4.3 that - 1 is а perfect square modulo р (the square of some number, calculated in Zp, also called а quadгatic гesidue) if and only if р = 1 (mod 4 ) . Prove this claim, using the Theorem fгom this section about geneгatoгs fог the multiplicative subgгoup. Can you devise а test that inputs any numbeг in Zp and decides whetheг it is а peгfect square? Р3.9.6 Consideг the congruence гelation on Zз [х] modulo the polynomial х 2 + х + 1 and construct addition and multiplication taЫes fог the set D of nine congгuence classes as in Exercise 3.9.3 above. Prove that D is а гing but not а field. Look at the otheг seven monic polynomials of degree 2 over Z 3 and determine which of them produce sets of congruence classes that аге fields. Can you foгmulate а гule fог deteгmining which do and which do not? Can you prove this гule correct? Р3.9.7 Show that а finite ring R (а commutative ring with identity) that is not а field must have zero divisors. (Hint: Let а Ье any nonzeгo element tl1at has no inveгse. What can you say about the set { аЬ : Ь Е R} ? ) Р 3 . 9 . 8 We defined monic and irreduciЫe polynomials ( i n one vагiаЫе х) above i n РгоЫеm 3 . 9 . 2 . Неге w e consideг such polynomials оvег Z 2 . (а) Show that theгe аге exactly 2 d diffeгent monic polynomials of degгee d оvег Z 2 . (Ь) Show that exactly one of the quadratic monic polynomials is iпeduciЫe. (с) If f is any polynomial of degree at least 2, consideг the set of four polynomials {f +ax+b : а, Ь Е Z 2 } . Show that at most one of these four polynomials is irredнciЫe. (Hint : Consideг the value of the polynomial with х = О and х = 1 . If eitheг valнe is zero, the polynomial has а гооt. ) ( d ) Рагt (с) shows that theгe аге at most four iпеdнсiЫе monic polynomials o f degгee 4 оvег Z2 . Аге theгe exactly four? Р3.9.9 Following the reasoning in ProЬlem 3.9.8, find the exact number of monic irreduciЫe poly­ nomials of degгee d оvег Z 3 , fог d = 2, d = 3, and d = 4. Р3.9 . 1 0 Let а Ье а geneгatoг of а finite field F with characteristic р and ре elements (following Exeгcise 3.9.7) . (а) Prove that an element Ь is а geneгator i f and only i f ьРе = Ь and ьJ -=1- Ь for all j with 1 < j < ре . ( Ь ) Ргоvе that Ь = аР satisfies ЬР е

=

Ь.

(с) Finish the ргооf that Ь is а geneгator. (Hint : Since р and ре - 1 are relatively pгime, we know that р has an inveгse modнlo ре - 1. And since cPe - i = 1 fог all с in F , the value of l) depends only on j 's гemaindeг modulo ре - 1 . )

3-57

3.10

Excursion: Certificates of Primality

1 claim that the number 1756205519 is composite. Why should you believe me? In Section 3 . 1 we

discussed at а method to test whether an arЬitrary natural is prime - dividing it Ьу all numbers ( ог just all primes) up to its square root. With а computer, you could do this for 1 7562055 19, Ьнt it would take far too long Ьу hand. With а number of 100 rather than 10 digits, even а compнter wouldn't help you very much. If 1 tell уон, though, that 1 75620551 9 is the pгoduct of 501 73 and 35003, уон don't have to take this on faith, because you can multiply these two numbers Ьу hand and check the answeг against 1 756205519. If they match (and they should) , you would now have proof that 175620551 9 is composite. lt's not easy to take а large composite numbeг and find two factoгs for it (in fact, in the next section we'll see how the security of the RSA cryptosystem depends on this being difficult) . Внt if you're given the factors, they provide convincing evidence of compositeness that is easy to check. We call such evidence а certificate. It may Ье very hard to find а certificate, and so the existence of ceгtificates for а property doesn't automatically make the property easy to test. What sort of а certificate could convince you quickly that some 10-digit number is prime? We have an algoгithm to test the primality of the nнmber, but if the number is large enough we won't have enough time for this algorithm to finish54 . In this Excursion, we'll see а trick for giving certificates (dне to Pгatt) that uses the numbeг theoгy we developed in Section 3.9. We've just shown that if а numbeг п is prime, then an - l = 1 (mod п ) fог any number а relatively prime to п (for example, fог any nнmЬег in Z�). This is something we can check (with а соmрнtег, anyway) because we can use repeated squaгing to limit the number of multiplications to the numbeг of Ьits in the Ьinary expansion of п, and we don't have to keep around any numbers laгger· than п. Fог small п, we can even woгk Ьу hand. As an example, let's calculate 2 1 00 modulo 1 0 1 . 2 1 = 2, 22 = 4, 24 = 16, 2 5 = 32, 2 10 = 32 · 32 = 1024 = 14 (mod 1 0 1 ) , 2 20 = 14 · 14 = 196 = 95 (mod 101) , 2 25 = 95 · 32 = 3040 = 10 (mod 101) , 2 50 = 10 · 10 = 100 (mod 1 0 1 ) , and 2 1 00 = ( - 1 ) ( - 1 ) = 1 (mod 101 ) . ·

I f an - l modнlo п ever fails t o equal 1 fог any а , we have convincing evidence that п i s composite. But what do we r-eally know if we try а bunch of a's and keep getting 1? Fог most 55 composite numbers, for most choices of а, you're not going to get 1. But some choices of а (like а = 1, fог example) will always get you 1 , and there аге some unusual composite numbeгs 56 sнch as 561 for which you always get 1 for any а in Z�. This means that just getting 1 а lot is no proof that the number is prime. There is а way aгound this proЫem - it turns out (fог reasons we won't ршvе here) that fог any 54 The new primality test of Agrawal et al. takes time pгopшtional to about п1 2 to test an n-digit numbeг. 55 It's ratheг tricky to соте up \Vith а foгmal meaning for "most" in this context, but it does make sense. 56 561 = 3 · 1 1 · 17, so Ьу the Chinese Remainder Theorem, z;61 is isomorphic to а diгect product Z3 х zr 1 х zr1. The numbers ф(З), ф(l l ) , and ф(l 7) all just happen to divide 560, so raising any a Е z;61 to the 560'th power will get you l in all three components, which is 1. umbeгs with this property are called Carmichael numbers.

3-58

composite number п, at least haljthe possiЫe a's have а property that gives away the compositeness of п. А few, of course, aren't even in Z� and can't have an - l = 1 (mod п ) . But for the rest, consider calculating a n - l modulo п Ьу repeated squaring, Ьу writing п - 1 = 2Ji for some odd number i , getting a i modulo п, and squaring it j times to get ап - 1 . If you don't end нр with 1, you've pIOved compositeness. The fact we won't prove is that for at least half of those а sнch that a n - l = 1 (mod п ) , you first get to 1 during the repeated squaring Ьу squaring а number other than - 1 . And of сошsе if this happens, п mнst Ье composite, because уон have foнnd а third root for the equation х 2 - 1 = О in Zn , and thus Zn isn't а field. This doesn't help us to prove that п is prime, but it allows нs to pile up very good practical evidence. If for 100 different values of а, this compositeness test fails to show that п is composite, there are two possiЬilities. Either п is really prime, or all 100 valнes happened to Ье among the set for which the test fails. If the valнes were chosen randomly, and we know that the test works at least half the time, the latter is vегу unlikely57 and you have а lot of confidence that п is prime. This is how lшge nнmbeгs are tested fог primality in pгactice. Тhеге аге pгimality tests that don't have this small residue of douЬt in theiг conclusions, but so faI the best ones known still take а time that is а laige polynomial in п to test n-digit nнmbers. We can, however, construct certificates for primality using the number theory fiom this chapter. Remember that if п is prime, there is а generator of Z�, а number g sнch that every element of Z� can Ье written g i for some i ( eqнivalently, an element of order п - 1 ) . No composite nнmber п could possiЬly have an element with order п - 1, Ьесанsе if п is composite tl1eie aren't п - 1 diffeгent elements in Z�. So if уон believe that g has ordel' п - 1 , уон should Ье convinced that п is pгime. How can уон Ье sure that g has the claimed order? Let 's look at the example above, because it happens that 2 is а generatoг for Z i 1 . Tl1e fiгst гequirement is that 2 1 00 = 1 (mod 1 0 1 ) , which we 0 checked. This tells us that the ordeг of 2 divides 1 00. If it wel'e less than 100, it would have to Ье missing at least one of the pгime divisoгs of 100, and hence would have to divide eitheг 20 ог 50. But along the way to compнting 2 1 00 modнlo 101, we found that neither 2 20 nог 250 is eqнal to 1 modнlo 1 0 1 . So 2 has ordeг 100, and thнs we know that 101 is pI'ime. То certify п as pгime, then, we need the following:

•

А nнmЬег g such that gn - l = 1 ( mod п).

•

А factorization of п - 1 into primes Р1 , . . . , Pk·

•

А check that none of g( n -l) /P1 , g( n - l ) /P2 , . . . ,g ( n - l ) /Pk is congruent to 1

•

Proof that the numbers Р 1 , . . . , Pk are really all prime.

modulo п.

The last evidence is necessшy to keep us from being fooled Ьу а fraudulent certificate which tгied to slip an incorгect factoгization of п - 1 past нs. We can check that the alleged factors mнltiply to 57 At least as unlikely as 100 consecutive flips of а fair coin all being heads.

3-59

п - l, but we need them to Ье prime if the certificate is to Ье valid. Of course, this only reduces the original proЬlem into another instance of the same proЬlem, raising the possiЬility that proving the original п will require proving more numbers prime, which themselves could Iequire mOie numbers, and so on. We have showв that ceitificates exist, but we have а Ьit more work to do to show that they are short. The laigest piime factor of n - l is at wOist (п - 1)/2, which limits the depth of оuг recuгsion to the numbeI of Ьits in the Ьinaiy expansion of п, which we'll call t (уон can only halve а nнmber аЬонt that many times and still have anything left) . The numbeI of new primes that can show up on each level of the recuгsion is also limited to t, meaniвg that we can certify а t-Ьit prime Ьу recursively ceitifying at most t 2 otheI primes. This keeps the length of the ceitificate, and hence the nнmber of steps to check а certificate, at а reasonaЫe nнmber even for 1 00-digit or 1000-digit primes. Finding the certificate fот а really large nнmbeI might Ье far more time-consнming. Generators are fairly common, as it happens, so you might hope to get one Ьу repeated gнessing, but уон also need to factor some composite numbeгs of almost the same length, and theie is no efficient way known to do this.

3.10.1

Writing Exercise

Heie is an example of а pioЬlem that can Ье solved IeasonaЫy qнickly Ьу hand, illustrating the method cleaily. If the stнdents have access to more compнting power duгing the exeicise, it is easy to construct examples with laigeг nнmbers. Give а complete certificate proving that 103 is а prime number. You mнst find а geneшtor of Z i , 03 factOI 102, pIOve that your geneiatoг Ieally is а geneшtor, and recursively certify the prime factors of 102. (Don't wопу about ceгtifying that 2 is pгime. )

3-60

plaintext

G

А

number

А 10

10

О

add three 9

З

1З

1З 1 1

ciphertext

D

О

О

К

М

D

@Kendall Hunt PuЫisl1ing Соmрану

Figure 3- 7: Encrypting with the Caesar cipher. 3.11

The RSA Cryptosystem

3.11.1

A n Introduction to Cryptography

We'll conclude this chapter Ьу presenting an application of number theory to cryptography, the transmission of secret messages. First, а Ьit of background. Ош goal in setting up а cryptosystem is to take а message, called а plaintext, and convert (encrypt ) it into another fшm, called а ciphertext, such that

•

The intended recipient will Ье аЫе to convert (decrypt) it back to the plaintext, and

•

Anyone else inteгcepting the cipheгtext will find it difficult or impossiЫe to decrypt.

There are any number of ways to do this (invisiЫe ink, hiding the message inside something, and so foгth) but we are interested in the mathematical methods known as ciphers where we can describe the encryption and decryption as functions from stгings to stгings. One of the earliest cipheгs is the Caesar cipher (used Ьу Julius Саеsаг in the fiгst century В . С . ) , and is easy to describe using numbeг theory. Consideг the 23 letters of the Latin alphabet 58 and map them in the obvious way to the numbers in Z 2 з . So А is repгesented Ьу О, В Ьу 1, and so on until Z is гepresented Ьу 22. This is а sort of cipher in itself, but it's not likely to fool anybody. Caesar then, in our terminology, encrypted his message (а sequence of numbeгs in Z 23 ) Ьу adding 3 to each щ1mЬег modulo 23, and conveгting the number back to а letter. So the plaintext GALLIA EST ОМ IS DIUISA IN PARTES TRES becomes the cipheгtext KDOOMD НХУ RPQMX GMZMXD MQ SDUYHX YUHX (see Figure 3-7) . The intended гecipient could decгypt Ьу converting to numbers, subtracting 3 fгom each, and converting back to letters 59 . This is called а single-letter substitution cipher, of а paгticularly simple form called а rotation. Anotl1eг example with English text is the rot 13 cipher60 , which adds 13 to each letter, viewed as 58 Latin had по W, and didn't distinguish between the letters I and J, or bet\veen U and V. К , У, and Z wet"e very I"are, beiпg пeeded опlу for loaп-wor·ds from othel" laпguages such as Greek. 59 0f сошsе, it's simpleI to just count back tlнee letteis, which is how they would have thought of it, but it will Ье useful fог us to keep Z 23 iп mind. 60 The Usenet пe\vsgioup rec . humor . funny (still in existence at www . netfunny . com) has а policy of displaying particulaily offensive jokes enciypted usiпg rot 13, so that the гeader has to do something (typically entet" а single keystr·oke) to decгypt it. That way the геаdег can't complain about being forced to r·ead an offensive joke.

3-61

а number in Z2в . Conveniently, the encryption and decryption algorithms for rot 13 are the same ( Why? ) . Single-letter substitution ciphers are convenient to use but not teпiЬly secure, in that they can Ье easy for an enemy to break ( decrypt without prior knowledge of the key) . If уон intercept а message that you know to Ье the ciphertext from а rotation, уон coнld even tгу all the possiЫe гotations, and trнst to the fact that only one of them woнld look like а ргореr plaintext (fш example, you don't need to know much аЬонt Latin to see that the cipheгtext above isn't in Latin ) . А geneгal single-letter substitution cipheг can Ье more difficult, but is subject to ceгtain kinds of analysis. If you inteгcepted one of Caesaг's letters, and you believed it to Ье written in а single-letter substitнtion cipheг, а good first step might Ье to coнnt the nнmЬег of occшrences of each letteг in the ciphertext - the single-letter frequencies. Уон would likely find that Н was the most common letter, because Е is the most common letter in Latin plaintext, as it is in English 61 . Ву matching varioнs comЬinations of common cipheгtext letters and common plaintext letteгs, уон would likely Ье аЫе to get paгtial words, which >voнld give clues as to otheг letters, and so foгth. Sнch "cryptograms" are а common recreational puzzle in English, though there are two significant differences between the pнzzle situation and real-,vorld cгyptogгaphy. In the formeг, the designer of the pнzzle will freqнently choose а short message with very diffeгent letter frequencies ( e.g" по E's at all ) to confoнnd potential fгeqнency analysis. Внt the pнzzles нsнally retain spaces between woгds and even punctuation, important clues that in а геаl secгet message woнld usually Ье omitted. ( It's not hard for an English speaker to read "WHENI NTHEC OURSE OFHUM А EVE NTSIT . . . " , for example, Ьнt it makes it very easy fог the cгyptanalyst if they see а one-letter word and know it has to Ье А or I. ) А natшal idea to шаkе frequency analysis тоге difficult is to change keys accшding to some fixed pattern. А simple version of this is the keyword polyalphabetic cipher. Let's геtшn to Caesar's message. Не and the intended гecipient need to аgгее on а short keywoгd, say, "SPQR" 62 . Саеsаг wгites this keyword repeatedly under his plaintext, like this:

GALLIA EST OMNIS DIUISA IN PARTES TRES SPQRSP QRS PQRSP QRSPQR SP QRSPQR SPQR

and then "adds" the two letters in each column, using the addition in Z 23 and the representation of letteгs as numbeгs ( fог example, in the fiгst colнmn G (6) plнs S ( 17) is А (О) шоdнlо 23) . The ciphertext is the string of sнms:

APCDCP ULN EDFCI TBOZKR CD GRLKUL NHUL 6 1 Book I of Caesar's memoir De Bello Gallico, fш example, contains 5912 E's (12.2% ) , 5429 I/J's ( 1 1 . 2% ) , and 4581 U/V's (9.5 % ). It has one К, опе У, апd по Z's. 62 А п abbreviatioп for the Latiп meaпiпg "the Seпate апd people of Rome" , the fшmal пате of the Roman state.

3-62

The recipient write8 the keyword repeatedly under the ciphertext, and sublracts the 8econd letter in each column fтom the fir8t to get the plaintext ( fш example А (О) minu8 S ( 1 7) i8 G (6) ) : APCDCP ULN EDFCI TBDZKR C D GRLKUL NНUL SPQRSP QRS PQRSP QRSPQR SP QRSPQR SPQR GALLIA EST OMNIS DIUISA IN PARTES TRES

Note that in genщal, different copie8 of the 8ame letter in the plaintext will Ье encrypted into different letter8 in the ciphertext ( for example, the four !'8 tuшed into two С'8, а В, and а Z). Tl1i8 will tend to make the ciphertext letter8 more evenly di8tributed, which make8 analy8i8 harder, but there i8 8till hope, e8pecially if the cryptanaly8t can gue88 the length of the key>vord. The longer the keyword, the harder the analy8i8. How about u8ing an entire long text as the keyword, 80 it need neveт repeat?

GALLIA EST OMNIS DIUISA IN PARTES TRES ARMAUI RUМ QUECA NOTRDI АЕ QUIPRI MUSA GRYLEI XOG FHRLS QYPBHI IR GUBKXC GNYS

Thi8 i8 а lot better, but а determined analy8i8 on e11ough cipheгtext might 8till Ье аЫе to Ьгеаk it, e8pecially knowing that both the plaintext and the key were Latin text ( for example, you would expect а lot of letter8 in each to Ье Е'8, I'8, and U'8, 80 the 8UШ8 of tho8e letter8 8hould соте up а lot ) . The ideal thing would Ье to have а key that wa8 completely random. Simply generate а 8equence of гавdоm letter8 ( perhap8 Ьу throwing а 23-8ided die) as long а8 the de8ired me88age, and u8e that а8 the key. The re8ulting crypto8y8tem i8 unbreakaЫe in principle. Becau8e any p088iЬle 8tгing of the гight length could Ье geneгated Ьу the гandom ргосе88, and no key 8tring i8 any more likely than any other, no ciphertext i8 any more likely than any other. Any plaintext could pгoduce any po88iЬle ciphertext, 80 that knowi11g the cipheгtext give8 you no help in determini11g the plaintext 63 . Of cour8e, if you U8e the 8ame random key for two diffeгent plaintext8, thi8 i8 no longer the case. ( For example, what happen8 if you 8ubtract one cipheгtext fтom the other? ) For thi8 rea8on, thi8 cгypto8y8tem i8 called а one-time pad. You may have 11oticed а 8ig11ificant logi8tical proЬlem with the one-time pad. If Cae8ar want8 to U8e it to 8end а me88age from Rome to Queen Cleopatгa in Egypt, 8ау, he ha8 to 8omehow 8ее that he and Cleopatra have the 8ame гandom key. But 8ending Cleopatra the key i8 exactly а8 difficult as 8ending her а me88age in the fir8t place. Fш thi8 rea8011, the one-time pad i8 only practical when you know in advance that you want 80meone to send you а mes8age later, and you can give them the key Ьеfоге they go. 63 This is an example of an argument in inforrnation theory, а field that is the subject of Chapter 13 of this book. You сап get an excelleпt iпt1·oductio11 to information theory Ьу reading The Mathematical Theory of Communication Ьу Shannon and vVeaver, the 1948 book that first set онt the theOl'y.

3-63

You can give up some security and use а key that isn't quite random. For example, in the example above the "key" was in effect "use the Aeneid, starting at line 1 of book 1" which tгansmits а long key as long as the recipient can find а сору of the Aeneid64 . А better approach, at а higher level of technology of course, was used Ьу the Germans in Woгld War П 65 . The Enigma machine was а device wheгe typewriter keys wеге connected to electric lights through wires that ran through а collection of wheels. Push а key for а plaintext letter, and the light for the ciphertext letteг lights up. After each keystroke, the wheels move so а different alphabet substitution is used for the next letter. The sender and гeceiver have to аgгее on the initial setup of the wheels for each day's tгansmissions. In effect, the interaction of the wheels made for а sort of keyword cipheг66 witl1 а very long key. What the Geгmans didn't know, however, was that the British had obtained67 а сору of the machine and were аЫе to read the messages if they could guess ог deduce the initial setup. А team of experts68 used а comЬination of Ьп1tе-fогсе search ( inventing machines which were among the precursors of electronic computers ) and exploitation of Geгman pгocedural епогs to get many of these daily initial setups, гevealing а gгeat deal of militarily impoгtant information to the Allies.

3.11.2

PuЫic-Key Cryptography

With the advent of computeгs, mоге complicated cipheгs became pгactical, as did mоге complicated techniques of analysis. Typically, they still work Ьу having а relatively short secJet piece of infor­ mation, the key, known to the sender and receiver but kept secгet from potential eavesdгoppers. Ideally, the cipher will Ье:

• •

sufficiently haJd to break in the absence of the key, and have so many different possiЫe keys that trying all possiЫe keys is impJactical ( remembeг that in general only the correct key will yield intelligiЬle output ) .

Getting the key to the гесеivег, of course, is still а majoг ргоЫеm. А novel solution was developed in the 1980's, ho\vever, called puЬlic-key cryptography69 . Here's how it woгks. Suppose Саеsаг wants to send а secгet message w to Cleopatra, and has а reasonaЬly poweгful computeг availaЫe. Не looks up Cleopatгa's puЬlic key k in some kind of puЫic directory, and computes his ciphertext с as some function of w and k, called e(w , k). Cleopatra has her own private key s that she has kept secгet, and applies а decoding function d to с and s, getting back d(c, s ) = w. The impoгtant pгoperties of the system are: 64 Which might have Ьее11 difficult fш Julius Caesar, as the Aeneid was wiitte11 well after his death . . . 65 А11 excelle11t book 011 the histшy of cryptography, especially i11 World WaI П , is The Codebreakers Ьу David Kah11. 66 Although the i11dividual ciphers for each letter were 110t rotatio11s, as they were i11 our example. 67 From some Polish Iesearchers who had, amazi11gly, reveise-e11gi11eered it based 011 docнme11ts stole11 from the Germa11s Ьу the Fre11ch. 68 I11cludi11g Ala11 Turi11g, about \vhom we'll hear more i11 Chapter 15. 6 9 The co11cept of puЬ!ic-key ciyptography was first i11ve11ted Ьу Diffie a11d Hellma11. We'll desciibe the particнlar system i11 widest use today, called "RSA" after its inventors: Rivest, Shamir, and Adleman.

3-64

• • •

The functions е and

d are easy to compнte.

w, d(e(w, k), s ) = w. I t i s difficнlt for someone who knows e(w, k ) and k, Ьнt not s, t o determine w. It is easy to geneгate pairs of keys k and s sнch that for any message

The R S A cryptosystem i s a n implementation o f рнЬ!iс-kеу cryptography using number theory. Неге is how Cleopatra woнld get her рнЬ!iс and private keys. She fiгst generates two large, random pгime numbers р and q, Ьу generating random numbeгs of the desired size and testing them fог pгimality70 using the methods discнssed in Excшsion 3.10. What's the right size? She is going to keep р and q secret and puЬ!ish п = pq, so the two primes must Ье so large that an enemy doesn't have time to run any factoring algorithm7 1 on п - 200 digits each fOI р and q is cuпently considered secure72 . Remember that Ьу the Chinese Remainder Theorem, the multiplicative group Z� is а direct product of z; and Z� , with ф( п) = (р - 1) ( q - 1) elements. We're going to use the fact that any element а in Z� satisfies the congruence аФ ( n ) = 1 (mod п ) . This means that the value of аь modulo п depends only on the valнe of Ь modulo ф(п ) . Cleopatra knows the values of р and q and can compute ф(п) easily, while an enemy has no obvious way to do this. Cleopatгa's encoding key consists of п and е , where е is any73 nнmЬег that is гelatively prime to ф(п). Using the Euclidean Algoгithm as in the ргооf of the Inverse Theorem, she finds an inverse fOI е modulo ф(п), and stoгes it secretly as d. Caesar's instructions are to convert his message into nнmbeгs in Z n Ьу any method known to both (for example, "GALLIAESTOMNIS . . . " coнld just become the decimal "06001010080004 . . . " , нsing the representation of letters Ьу numbers above and just concatenating the decimal repгesen­ tations) . Each message w, then, is а single element of Z n . The encrypting algorithm is to convert w to с = we, with the computation being done in Z n Ьу гepeated sqнaгing. The decгypting algoгithm, which requiгes Cleopatra's secret information, is to conveгt с to cd , also in Z n . Ву the choice of d and е , С!еораtга winds up with wed , which is equal to w in Z n because ed = 1 (mod ф(п) ) . A n enemy could break the cipheг Ьу factoгing п and thus computing ф (п) . I t i s conceivaЬ!e that there is anotheг way to break the cipheг without factOiing п, which coнld Ье implemented quickly. (At least one otheг proposed puЬ!ic-key cгyptosystem, based on а diffeгent haгd pl'OЬ!em, has failed in this way.) No one knows how such an alteгnate attack on RSA might work, and there is some hope that if one exists it might fiгst Ье discoveгed Ьу а mathematician who would puЬ!ish it, гаthег than а cryptanalyst who would keep it secгet and exploit it. The same holds for factoring - an 70 Thel'e is а vel'y tiny chance that these piimality tests will ceitify а composite number as prime, but this can Ье made as smaJI as the chance of an enemy just guessing the сопесt secret key and so needn't Ье \Vorried about. 71 This means that she has to know how mucl1 computing power and what factoiing algorithms her enemy might have. She might want to cl1eck the latest results of the puЬ!ic factoring contests, to see what the state of the art is. But an enemy who !1ad а secret, dramatically better factoring algorithm might Ье аЬ!е to Iead her messages. 72 About one in every 500 200-digit natшals is prime, so it shouldn't take too long to find two of them Ьу guessing and testing Iandom naturals of that length. 73 The numbe!' of such е less than ф(п) is ф(ф(п)) , of сошsе, ancl depends on the pгime factorization of ф(п), аЬонt whicl1 we kпow veiy little. We'll look at this пumber in the Exercises, Ьнt note that should Cleopatra have any great tiouЬ!e finding such ап е Ьу trying raпdom пнmbers, she could always go find а differeпt р апd q. Of course testiпg that е and ф(п) are relatively piime is easy for her Ьу the Euclideaп Algorithm siпce she kпo,vs ф(п).

3-65

advantage of RSA is that its security depends on mathematical facts and conjectures that are open to puЬlic discussion. RSA serves as а component of а cryptosystem called "PGP" (for "Pietty Good Privacy" ) , that has become widely used on the Internet. Because tlie computations of RSA take unacceptaЬly long fщ routine communications, the PGP system uses RSA to send а short key wl1ich is then used in an ordinary cipher. The cipher is only "pretty good" because the numbers involved are small enough that а deteгmined computeг attack could break the cipher Ьу known methods. But computer privacy activists argue that if а significant fraction of routine email is encrypted with even а pretty good cipher, anyone wanting to monitoг communications on the Internet would Ье stymied Ьу the need to determine which of millions of encгypted messages were woгth decrypting. Thus they put а "PGP puЬlic key" (represented as а few lines of random-appeaгing text characters) at the end of all theiг messages74 .

3.11.3

Exercises

Е3. 1 1 . 1 Decгypt the following Latin messages fгom the oгiginal Саеsаг cipher,

as

described above:

(а) FRKMYR, HUKR XZP. (Ь) Н SOZUMEZX XQXP. ( с ) НУ YZ, EUZYH? (d) ZHQM, ZMGM, ZMFM. (е) URPDQM МУН GRPZP.

Е3. 1 1 .2 Show that the function that takes each element х of Z m to the element ах + Ь is а Ьijection if а is relatively prime to m and Ь is any numbeI. What is the inveгse of this function? What happens if а and m have а common factor? Е3. 1 1 .3 (uses Java) Wiite а method rotate ( String w , int k) that outputs an enciypted version of w using а single-letter substitution cipheг as follows. Small letteis in w should Ье conveгted to otheI small letters obtained Ьу adding k to their numeiical value (а = 0, z = 25) modulo 26. Capital letteis should Ье converted to capital letters using the same system. Other chaгacters should Ье unchanged. Then write а method unrotate (String w , int n) so that the rotate and unrotate functions for а fixed n aie inverses. (Hint: The easiest way to wгite unrotate is to have it make а single call to rotate.) Е3. 1 1 .4 The ASCII encodings for the capital letters А through Z аге the numbers 65 through 90 (in decimal notation) . Encode the message "ALOHA" as а sequence of five numbers using ASCII, and then encode this sequence in RSA using п = 143 and е = 1 13. Е3. 1 1 .5 Using п = 143 and е = 1 13 as in Exercise 3 . 1 1 .4, deciypt the sequence ( 65, 98, 65 , 66, 65, 77, 65) into а string of ASCII letters. (You should use your aЬility to factor п to find the "private" deciyption key.) Repeat foI the sequence ( 66, 1 18, 1 5, 50, 18, 45, 1 12, 71, 128, 49, 1 14) . Would а long message in this cipheI Ье difficult to decrypt without knowledge of п and е? 74 For more оп the cryptography policy debate in the USA at the tuш of the millenium, see Privacy Ьу Diffie and Landau.

3-66

оп

the Line

R с

н

N

о

Е

S

А

в

D

F

G

К

м

Р

а

т

u

v

w

х

у

z

@Kendall Hunt PuЫishing Соmрапу

Figure 3-8: А PolyЬius square with keyword RHINOCEROS.

Е3. 1 1 .6 Suppose that I and my friend have estaЫished RSA puЫic keys and I would like to send а message to them. I don't mind if eavesdroppers read the message, but I want to Ье sure that ту friend knows that I, and no one else, sent the message. (This is referгed to as my message being digitally signed ) . Assuming that RSA is secure, how can I do this? Е3. 1 1 . 7 А Polyblus square is an arrangement of 25 letters 75 into а 5 х 5 grid, which matches each letter to а pair ( i , j ) with 1 ::::; i , j ::::; 5. А common arrangement of the letters is to choose а keyword, list the letters of the keyword first (omitting repeated letters) , then follow with the rest of the letters in alphabetical order. Figure 3.8 shows а PolyЬius square with keyword "RНI OCEROS" . (а) One simple way to use а PolyЬius square in а cipher is to replace each plaintext letter with the pair of numbers giving its gгid position, so that POLYВIUS would Ье encoded as 42 15355425 134523. What is the plaintext that gives the ciphertext 222342 1 3 1 5 14243322? (Ь) Can you think of а setting in which transmitting numbers in { 1 , 2, 3, 4, 5} would Ье easier than transmitting letters fгom the whole alphabet?

( с ) We can also use the square to form

а keyword polyalphabetic cipher, for example Ьу tianslating both the plaintext and keytext into st1·ings from {О, 1 , 2, 3, 4 } , then adding each pair of matching symbols modulo 5, with no caпies. With the squaie fгom Figure 2.8 (now with rows and columns indexed О to 4) and the keyword GRID, what is the plaintext pioducing the ciphertext 0204000310314003230400?

Е3. 1 1 .8 The rail fence cipheг is а simple example of а transposition cipher, where the letters of the ciphertext aie just the letters of the plain text in anotheI OideI. If r is а natural, the Iail fence cipheг with r rails assigns the first letteг of the plaintext to rail 1, the second to rail 2, and so on, until letter r is assigned to Iail r. Then letteI r + 1 goes to Iail r - 1 , letteI r + 2 to rail r - 2, and so on until letteг 2r - 1 goes to rail 1. The pгocess then гepeats, with letter 2r going to rail 2, and eventually letter 3r - 2 goes to rail r, letter 4r - 3 to rail 1, and so fOith. The letteI assigned to each rail fOim а stiing in the Oider they occur in the plaintext, and the ciphertext is the concatenation of tl1e r rail stгings. (а) The stгing NESAN ТОУХТ TPNI Q I IBDP CHSIH USOOE ESIN is English text encoded with the гail fence cipheг. How many гails were нsed, and what is the plaintext? (Ignore the spaces in the cipheгtext, which aie theie for IeadaЬility only. As usнal, you have to figure out wheгe the spaces go in the plaintext. ) 75 PolyЬius himself had only t o fi t the 2 4 Greek letters into his 5 treat I and J as the same letter.

3-67

х

5 array, but with our alphabet we will again

(Ь) ln the same way, decode the ciphertext IADEN HGONT EEIEA DBTNH LIТER UDHRL VDHВ I . Е3. 1 1 .9 Let р Ье а prime number and let g Ье а generator of z;. If А is а nonzeгo element of z;, theгe is exactly one number а with О :::; а < р - 1 such that А = ga (mod р) . We call а the discrete logarithm of А with respect to р and g. If а and Ь are the discrete logarithms of А and В respectively, prove that ль = ва. Е3. 1 1 . 10 (uses Java) Write а static real-Java method long discreteLog ( l ong р, long g, long а) that гeturns the discгete logarithm of а with respect to g (as defined in Exercise 3. 1 1 .9), assuming that р is prime and that g is а generatOI. Fщ how large а р does your method return an answer within ten seconds?

3 . 1 1 .4

ProЬlems

Р3. 1 1 . 1 То pick а key fщ RSA, one needs to find а numbeг relatively pгime to ф(п). Is it possiЬle for ф(ф(п)) to Ье so small that it would Ье time-consuming to find such а numbeг? (а) Explain how to compute the ratio ф(х) /х for an arЬitгary number х , given its prime factorization. (Ь) Deteгmine this гatio for х = 6469693230. Explain why this number has the lowest such ratio for any ten-digit number.

( с ) It is а fact, the proof of which is beyond the scope of this book, that the sum of all pгime

numbers less than х is fairly close to ех (wheгe "е " is the number 2.71828 . . " familiar fгom calculus) . Assuming this fact, estimate the smallest possiЫe value fог ф(х)/х for any number х with at most 400 decimal digits.

(d) Ву the same fact (called "The Prime Number Theoгem" ) , the fгaction of 400-digit numbers that are prime is about the natural logarithm (logarithm to the base е of х, wгitten ln(x)) of 10400 . Assuming this, how does the difficulty of finding а 400-digit prime compare with finding а number гelatively pгime to а given 400-digit number? Р3. 1 1 .2 Why is having а plaintext of О or 1 in RSA is а bad idea? Аге there other plaintext numbers to avoid? Is this likely to Ье а proЬlem with а 400-digit п? Р3. 1 1 .3 (uses Java) Write а class KeywordCipher with encгyption and decгyption methods fог а keyword cipher. The keywщd should Ье а class variaЬle and should Ье а stгing of small letteгs. The encгyption method should use the keywщd to pick the second aгgнment of the rotate method from Exercise 3 . 1 1 .3, and apply this method to the given plaintext letteг. Р3. 1 1 .4 (uses Java) Wгite а real-Java method that inpнts а file of text and determines the frequency tаЫе of the letters in it, tгeating capital and small letters the same. Test your method on some English text of mOie than а page and report the answers. Р3. 1 1 .5 (uses Java) А digram is а string of two letteis. Write а method that counts the number of occurrences of each digгam in its input text. Test your method on а text of more than а page and гeport the ten most common digгams. Р3. 1 1.6 Suppose уон know that п = pq and r = ф(п) = (p - l ) (q - 1 ) where р and q al'e piimes. Show how to find р and q. ( Hint: It is sufficient to find both р + q and р - q. The first is easy. То get the second once you have the first, look at the difference between (р + q) 2 and (р - q) 2 . ) 3-68

Р3. 1 1 . 7 The Playfair cipher is а substitution cipher that acts on two-letter pairs rather than on single letters, which protects against attacks based on letter frequency. It is based in part on the PolyЬius squaie of Exercise 3 . 1 1 .7. Consider the positions of the squaie to Ье pairs ( i, j ) , wheie О ::; i , j ::; 4. We begin Ьу taking the text (with no spaces or punctuation, and I and J identified) and adding an Х betweeн eveiy pair of douЫe letters (if ХХ occurs in the plaintext 76 , insert а Q to make XQX) . We then divide the text into pairs (adding an Х at the end if needed) and encrypt each pair of letters as another pair of letters as follows: •

•

•

If the two letters aie in the same гоw, such as ( i, j ) and ( i, k ) , the cipheгtext letters are ( i , j + 1) and ( i , k + 1 ) , where the addition is taken modulo 5. If the two letteгs are in the same column, sucl1 as ( i , j ) and ( k, j ) , the ciphertext letters аге ( i + 1 , j ) and ( k + 1 , j ) , again adding modulo 5. Otherwise, if the letters are ( i , j ) and (k, l ) , the ciphe1·text letters are (i, l ) and (k, j ) (so that the fiist letter is moved to а letteг iн the same row) .

With the PolyЬius square from Figure 3.8, the pair ЕА becomes SB, WH becomes НЕ, and CL becomes BD. (а) Using the given square, decrypt the text NPSCIZ ZIGYAF SWWFHN AERНIV MQQY. (Ь) Which steps of the transformation from original plaintext to cipheitext are Ьijectioнs? (с) How does the existeнce of the English word DDXDLDGY complicate the decryption? Р3. 1 1 .8 (uses Java) Write а гeal-Java class to implement the Playfair cipher of ProЬlem 3 . 1 1 .7. You should have а method String encrypt (String plaintext , String key) and method String decrypt ( String ciphertext , String key) . Р3. 1 1 .9 Another form of puЬlic-key cryptography, originally proposed Ьу Diffie, Hellman, and Merkle, is called key exchange. Неге the two paгties ( traditionally named Alice and ВоЬ) exchange messages that allow them to jointly choose а common key in such а way that an eavesdropper seeing all their messages caнnot easily leaгn the key. (а) Alice and ВоЬ begin Ьу choosing а prime number р and а generator g of z;. How сан they Ье sure that р is prime and that g is а generator? (Ь) Alice chooses а random number а, in the гange from О to р - 2, and sends А = ga ( taken modulo р) to ВоЬ. ВоЬ chooses а random number Ь in that range and sends В = gь to Alice. The secret key is k = gab, with the exponentiation again being taken modulo р. Show that each party can now calculate k with no additional messages being sent. (с) Suppose that an eavesdropper had an algorithm that would produce k given only the puЬlic information р, g, А, and В. Show that this algorithm would solve the general discrete logarithm ргоЫеm of Exercise 3. 1 1 .9 . (Тhеге is no known algorithm for this proЬlem that scales well to numbeгs with hundгeds of digits. ) Р3. 1 1 . 10 The colurnnar transposition cipher i s somewhat similaг t o the rail-feнce cipher of Exercise 3. 1 1 .8, but is haгder to Ьгеаk because it uses а keyword. We choose а keyword of length r with no repeated letters, then break the plaintext into Iows of length r , thus forming r columns. 76 Impшtant if the plaintext concerns the Exxon/MoЬil cшpшation and/ш baseball legend Jimmy Foxx.

3-69

Е

Keyword: Letter order:

о

р

А

R

D

7

4

3

Е

м

м

А

w

о

о

D

н

о

u

s

Е

н

А

N

D

s

о

м

Е

Е

v

Е

R

А

с

н

х

с N

D

R

@Kendall Hunt PuЫislliнg Соmраву

Figure 3-9: Encrypting with columnaг tгansposition. The cipheгtext is just the concatenation of the colнmns (геаd top to bottom) , in the огdег given Ьу the alphabetical огdег of the keywoгd letteгs. Fог example, with keywoгd LEOPARD the plaintext EMMAW OODHO USEHA NDSOM ECLEV ERAND RICHX becomes the ciphertext WSOEC ОНЕАХ MHNLD EDACN MODER AVSVI OEMRH, as shown in Figure 3-9. (а) When this cipheг was used, as late as Woгld Wаг I, the usual method was to encrypt the message twice with diffeгent keywords. Неге is а ciphertext made Ьу fiгst using columnaг tгansposition with keywoгd LEOPARD, then а second columnar tгansposition with keyword PANTHER. Decгypt this text: TEYEI WIHBP TUSOE ETDXD RHPFO ENFFN I OHSE SMEIC EMOHG NCNAO ASIIM DTASE UВEDN TTEOL SNPOE ITLSS STAB

(Ь) Ргоvе that such а douЫe transposition cipher, where each key has length r, has the same effect as а single columnaг transposition with а diffeгent key of length r2 .

3-70

Index abelian group 3-8 additive identity element 3-47 additive inverse 3-38 additive order 3-48 arithmetic progression 3-26 associative operation 3-4 7 atomic 3-37 Atomicity Lemma 3-37 axioms fог а гing 3-4 7 breaking а cipher 3-61 Caesar cipheI 3-61 Carmichael numbeг 3-58 Cauchy's Theoiem 3-56 certificate 3-58 certificate of pгimality 3-59 chaгacteristic of а ring 3-56 Chinese Remainder Theoгem (Full Version) 3-30 (Simple Version) 3-28 cipheг 3-61 ciphertext 3-6 1 classifying stшctuгes 3-48 columnaг transposition cipheг 3-70 commutative operation 3-47 commutative гing with identity 3-47 composite number 3-4 congгuence class 3-7, 3-46 congruence modulo а natural 3-7, 3-46 congruence гelation 3-7 cгyptography 3-61 cгyptosystem 3-61 cyclic group 3-49, 3-54 decrypt 3-61 digital signature 3-67 discгete logaгithm 3-68 digram 3-69 direct pгoduct of rings 3-48 distгibutive law 3-47 division of polynomials 3-39 divison Ielation 3-4 douЫe tгansposition cipher 3-70 Eisenstein integers 3-40

enc1ypt 3-61 Euclidean Algorithm 3-1 5 Euler totient function 3-20, 3-33, 3-52 exponentiation 3-52 factorial of а natural 3-8, 3-20, 3-23 Fermat's Little Theorem 3-53 Feimat Number 3-26 field 3-52 finite field 3-52 freqнency tаЫе 3-69 Fundamental Theorem of Algebra 3-41 Fundamental Theorem of Aiithmetic 3-4, 3-29 Gaussian integeis 3-40 generating а group 3-54 geneгatoг of а group 3-59 greatest common divisor 3-8, 3- 15 Gregorian calendaг 3-32 groнp 3-48, 3-52 information theory 3-63 integers modнlo а natural 3-37 intersection of multisets 3-41 inverse of one natural modulo anotheг 3- 14 Inverse Theorem 3- 15 irreduciЫe polynomial 3-39, 3-56 isomoгphic strнctures 3-48 isomorphism 3-48 iteгate of а function 3-34 Julian calendar 3-32 Kenken number 3-39 key exchange 3-69 key fог а cipheг 3-64 keywoгd polyalphabetic cipheI 3-62 least common multiple 3-8, 3-15 length of а Gaussian integer 3-40 linear comЬination 3-16 Meгsenne pгime 3-9 modular aгithmetic 3-6 modulaг division орегаtог 3-9 monic polynomial 3-20, 3-39, 3-56 monomial 3-56 3-71

multiple of а natural 3-5 multiplicative group 3-52 multiplicative identity element 3-14, 3-47 multiplicative inverse 3- 14, 3-47, 3-52 multiset 3-41

single-letter fгequencies 3-62 single-letter substitution cipher 3-61 squaгefгee natural 3-51 submнltiset 3-41 system of congruences 3-28

natural numbers 3-2 norm in Z[vГr) 3-38 numbeг theory 3-2

threshold-t numbeгs 3-39 tгansposition 3-21 transposition cipheг 3-63 tгial division algorithm 3-4

one-time pad 3-63 order of an element 3-53 pairwise relatively pгime naturals 3-30 peгfect numbeг 3-9 peI"fect square modulo а natural 3-25 peгiod of а function 3-34 peгiodic system 3-6 plaintext 3-6 1 Playfair cipher 3-69 PolyЬius sqнare 3-67 polynomial 3-19 pгime divisoг 3-23 prime factorization 3-5 pгime Gaussian integer 3-40 pгime number 3-4 Pгime нmЬег Theorem 3-27 prime power 3-33 pгimorial of а natural 3-25 private key 3-65 рнЫiс key 3-65 рнЫiс-key cгyptography 3-65

union of mнltisets 3-41 unit (in the Gaнssian integeгs ) 3-40 withoнt loss of generality 3-36 zего divisшs 3-50

qнadratic residнe 3-25 гail fence cipher 3-67 гational number 3-38 remaindeг operator 3-9 гepeated sqнaring 3-53 гelatively prime naturals 3-9, 3- 15, 3-3 1 RichaI"d рагаdох 3-25 гing 3-47 ring axioms 3-4 7 гoots of а polynomial 3-54 rotation 3-61 RSA cгyptosystem 3-65 secure cipher 3-61 Sieve of Eшtosthenes 3-5 3-72

Chapter 4: Recursion and Proof Ьу Induction

"First shalt thou take out the holy рiп. Тhеп shalt thou соипt to three: по more, по less. Three shall Ье the питЬеr thou shalt соипt, апd the питЬеr of the couпtiпg shall Ье three. Four shalt thou поt соипt, пeither shalt thou соипt two, except that thou theп proceedst to three. Five is right out ! Wheп the питЬеr three, beiпg the third питЬеr, Ье reached, lobbest thou thy Holy Напd Greпade of Aпtioch iпto the midst of thy foe, who, beiпg пaughty iп ту sight, shall sпuff it. " In the last chapter we wшked informally with the naturals (non-negative integers) in three ways - we defiпed properties of and operations on the naturals, we computed on them with various algorithms, and we proved interesting statements (like the Fundamental Theщem of Arithmetic) from simpleг, more obviously true statements (like the results of arithmetic calcнlations) . In this chaptei· we get more formal, introducing а powerful general technique for each of these thгee activities and looking at the relationships among them:

•

•

•

Recursive Defiпitioп is the pгocess of defining а set of objects in terms of itself. We'll see recursive definitions of the naturals themselves, of several operations on the naturals, and then of seveгal additional data types. Recursive Algorithms аге those that make calls to themselves. Doing this always bгings the risk of an endless chain of calls to the same procedure, Ьнt we will see how we can define recursive algorithms, dealing with recursively defined data types, in such а way as to Ье sure this won't happen. Mathematical Iпductioп is а powerful technique fог constructing foгmal proofs about recuг­ sively defined data types or recursive algorithms. We'll spend most of the chapteг fщmulating inductive proofs in а vaгiety of settings, staгting with the naturals and moving on to otheг data types.

4-1

4.1

Recursive Definition

4.1.1

The Peano Axioms

What is the point in giving а formal definition of "the naturals" , when we already know what "the non-negative integers" are 1 and know quite а Ьit else about them? One гeason fог such а definition comes fшm ош process of proot2 - we prove interesting statements Ьу using simpleг statements, and those fJ:om simpler statements still, but we have to stop someplace. At some point we have to have а set of statements, called axioms, that we accept as being obviously true. Why should you accept the axioms? Because we define the naturals, fог example, to Ье the set of objects for wl1ich those axioms аге true. One person's conception of the naturals may differ from another's, but if both conceptions satisfy the axioms then both people can accept proofs based on those axioms. If they don't, at least we've discoveгed that these two people аге talking about two diffeгent concepts, and they can аgгее to disagгee. Our method of defining the naturals will Ье to state а few simple axioms that give the гelationship among а small number of undefined terms. The fewer and simpler the axioms, the more confident we can Ье that we've gotten at the essence of the concept 3 . The recursive aspect of the definition is that the undefined teгms аге defined in terms of one anotheг, raising the possiЬility of а circular definition. If something is defined in terms of itself, of course, it isn't really defined at all, but we'll see that the interrelationship of these terms gives us а meaningful definition. The situation is quite similar to that in pгogramming, where we might have an abstract data such as а stack, and two different ways to implement it, such as contiguous lists and linked lists. We'd like to wгite programs using stacks that will work whichever implementation we use, so we wгite down the essential features of stacks Ьу specifying exactly which operations must Ье possiЫe. (Typical opeгations for stacks are pushing, popping, and testing for emptiness. ) Just as the mathematician wants there to Ье as few and as simple axioms as possiЫe to Ье as close as possiЫe to the essential featшes of а mathematical system, the programmer wants there to Ье as few and as simple operations as possiЬle to Ье as close as possiЬle to the essential features of the data type. type,

The following set of five axioms was formulated Ьу Giuseppe Peano about 1 900, in oгder to define the naturals. Note that only three undefined teгms are used, which are in italics: natural, zero, and successor. All the rest of our vocabulary for speaking about naturals will Ье defined later, Ьу нsing these thгee teгms. То consideг natural as an abstгact data type, we can view the other two teгms as operations that аге defined on the type, with the following J ava-syntax method declarations:

stat i c boolean zero (natural х) {// Returns true if and only if х is zero . 1 Do we i-eally? Our dii-ect experience is limited to naturals small enough to Ье 1·epresented somehow in our minds or in а computer. V\That about naturals that are ver·y very lar·ge? 2 0f course, provability and truth ai-e not the same thing - Godel's Theшem says that any pi-oof system fш the naturals will fail to pi-ove some ti-ue statement about the naturals. 3 As long as we accept the axioms as ti-ue, at least.

4-2

stat i c natural successor (natural х) {// Returns the successor of х

Peano's Axioms for the Naturals

1 . Zero is

а

natural.

2. Every natural has exactly one successor, which is

а

different natural.

3. Zero is воt the successor of any natural. 4. No two naturals have the same successor. 5. If you start with zero, and keep takiвg successors, you eveвtнally reach all the naturals. Before going on, notice an important consequence of the fourth and fifth axioms. Since every natural is reachaЫe Ьу successOI operations from zero, every natural except zero must itself Ье the sнccessor of at least one other вatural. Ву the fourth axiom, it can only Ье the sнccessOI of one other natural, which we'll call its predecessor. We're going to augment our natural abstract data type right away to add а third operation: stat i c natural pred (natural х) {// Returns the predecessor of а nonzero natural . // Throws an except ion if called with х equal to zero .

Along with this opeшtion соте two more axioms:

•

pred ( successor (x) )

•

If zero (x)

==

==

х, and

f alse, then successor (pred (x) )

х.

The fifth axiom is clearly more complicated than the first four, and is more difficult to рнt into mathematical language. Here are some alternate fOimulations - can you see why each is equivalent to the original?

•

Version 1: There aren't any naturals other than those forced to exist Ьу the first four axioms.

•

Version 2: If you keep taking predecessors of а natural, you will eventually reach zero.

•

Version 3: If S is а set of naturals, О Е S, and successor(x) Е S whenever х Е S, then S is the set of all naturals.

•

Version 4: ( The Principle of Mathematical lnduction) If Р is а unary predicate on naturals, Р(О) is true, and ' О, then define

х

+ у to Ье the sнccessor of х + pred(y) .

Both claнses of these definitions match what we know аЬонt how addition woгks, which is good, Ьнt on the other hand we've defined addition in terms of addition, which looks а Ьit fishy. We can гewrite the definition as the following гecursive algoгithm: stat i c natural plus (natural х , natural у) {// Returns х+у . if (zero (y) ) return х ; else return successor (plus (х , pred (y) ) ) ; }

The recursive-algorithm form of the fifth Peano axiom tells нs that this procedшe will terminate. Intнitively, this is Ьесанsе the second ai·gнment keeps getting smaller with each call нntil it reaches zero, in which case theгe's no mоге recursion. Note that it's not obvioнs from the definition how to prove even obvious facts like Vx : О + х = х . None of our techniques from the pгedicate calculus will help нs hеге, until we have some knowledge about the naturals and about addition that imply this fact ( and commutativity of addition in general, and all the other familiar properties of addition and multiplication ) . We'll need the method of mathematical induction to prove these 6 . The definition of multiplication is quite similar to that of addition:

· О = О, апd

•

For any

•

If y > O, x · y = (x · pred(y) ) + x.

х, х

Now mнltiplication is defined in terms of both itself and addition, but we know from above that the addition algorithm always terminates. This results in the following recursive Java-syntax method: stat i c natural times (natural х , natural у) {// Returns х times у . i f (zero (y) ) return О ; else return plus (times (х , pred (y) ) , х) ; }

Again the recursion will continue until the second argument becomes zeI"o. As long as we know that plus is defined for all inputs that are naturals, so is times. We know that, but to prove it 6 Can you star-t Ьу proving Vx

: О+х

=

х? We'll prove the rest of the standar-d pr·opeгties in Section 4.6.

4-5

formally we need some form of the fifth Peano axiom - that Ьу repeatedly taking pгedecessors of а natural we will eventually get to zero. There are number systems that satisfy the first fош Peano axioms but not the fifth 7. Such systems aren't just curiosities - their existence tells us something about the axioms. If it were possiЬle to prove the fifth axiom starting from the first four, апу system satisfying the first four would have to satisfy the fifth as well, unless it was an iпconsistent system in which уон could prove anything. So we can conclude that no such ргооf of the fifth axiom exists 8 . Once you have these definitions, all sorts of properties like the commutativity and associativity of addition and multiplication can Ье proved from the defiпitioпs, Ьу mathematical induction9 . This raises the question, of course, of whetheг you're now allowed to use а fact like "2 + 2 = 4" without proving it! It's worthwhile to ршvе something like that once, to see how it works, but after this section you should assume the well-known facts of arithmetic to Ье true ( unless proving them is somehow the poiпt of ап Exercise or ProЫem ) .

4.1.3

Other Recursive Systems

Recшsive definition is not restricted to the naturals. We can and will define а vaгiety of mathemat­ ical systems in this way. We give some base objects, а method for constructiпg пеw objects fi:om old ones, and an assertion that the only objects of the type ar·e the ones oЬtained from the bases Ьу using the rнles. Once we have such а definition, we сап define operatшs оп the new type as we did fш the naturals above, and prove statements about all the objects of the type Ьу а general form of mathematical indнction. For example, just as all naturals аге derived from zero Ьу taking successors, all strings are deгived fгom the empty stгing Ьу appending letteгs. We have "Peano axioms" fог the set of stгings on а given alphabet, which coпespond to the axioms for naturals:

•

Л is а string.

•

If w is а sti-ing, апd а is а letter, theгe is а unique sti-ing wa.

•

If va = wb for some stгings v and w and some lettei-s а and Ь, then v = w and а = Ь.

•

Any stгing except Л сап Ье wгitteп as wa fог а нnique striпg w and letteг а.

•

Еvегу string is deгived fгom Л Ьу appeпding lettei-s as above.

7 For example, in ProЬ!em 4. 1 . 1 we'll consider the ordiпar·y naturals together with а пеw number w and number·s w + i for every positive or пegative integeг i. You'll still have to define addition and multiplication on these "numbeгs" , but once you've dопе so you can go al1ead апd staгt doing numbeг theo1-y. 8 Along the same lines, logicians also woгk with number systems called non-standard models of arithmetic that only satisfy \veaker forms of the fifth axiom. The fifth axiom is somewhat vague - when you use it in proofs it really says only tlшt the induction гule works for predicates Р(х) that уои сап write down, so that there could Ье ехtга numbers out there such that for some reason, you can't express the fact that they're extra. Of course, such systems are гatl1er beyond tl1e scope of this book. 9 Again, we'll do this in Section 4.6. Hofstadter· does it in his Chapter VIII, more formally than we will.

4-6

Later in this chapter we'll define some operations on strings Ьу defining them first on Л and then on wa ( for arЬitrary strings w and letters а ) in terms of their valнe on w. First, thoнgh, we want to stнdy the proof method of mathematical indнction in more detail, in the special case of proving statements for all naturals.

4.1.4

Exercises

Е4. 1 . 1 Prove fгom the Peano axioms that successor (successor ( successor (O) ) ) , нsнally called "3" , is а natнral. Е4. 1 . 2 Prove from the definition of addition that 2 + 2 = 4, where "2" denotes the oнtput of "successor ( successor (O) ) " and "4" denotes that of successor ( successor ( successor ( successor (O) ) ) ) .

Е4. 1 .3 ( uses Java) Write а pseudo-Java method boolean isThree (natural х) that returns true if and only if х is equal to 3. You should use the given operations for the natural data type. Make sure that your method cannot ever call pred on а zero argument. Е4. 1 .4 Write the expression (2 + (2 · (3 + 1 ) ) ) · (4 + О) in terms of the methods plus and times in this section. You may use the ordinary names for the numbers. Е4. 1 .5 Explain informally why the statement "i/x : [х -!=- О ---+ :3у : х = successor(y)] follows from the fourth and fifth Peano axioms. Е4. 1 .6 We've seen two othel' number systems that are in some ways like the naturals, but have only finitely many "numbers" . Which of the Peano axioms ar·e tiue for each of these systems?

( а ) The numbeгs modulo m ( for any m with m > 1 ) , whel'e the numbers аге {О, 1 , . . . , m - 1} and the successor operation adds 1 modulo m.

( Ь ) The "threshold-t" numbers, defined in Exercise 3.6.9, have numbel's {О, 1 , . . . , t} and а successOI' opeiation that is the same as the usual one, except that the successOI' of t is t.

Е4. 1 . 7 Suppose we make Peano axioms fог the set Z of all integeщ Ьу saying that О is an integer and that every integer х has both а unique successOI' and а unique piedecessor, each diffel'ent from х. Our "fifth axiom" could then say that еvегу numbeг is reachaЫe fl'Om О Ьу taking pгedecessoгs ог successOI's. Clear·ly Z obeys these axioms. Is it the only number system that does? Е4. 1 . 8 ( uses Java) Write а static pseudo-Java method boolean equals (natural х , natural у) that returns true if and only if х and у are the same natural. Of course your method should not use the opeгatOI', and should retшn the сопесt answer given any two natural inputs. ==

Е4. 1 .9 ( uses Java) Give а recursive definition of the exponentiation operation, so that power (х , у) гeturns хУ fог any naturals х and у. W1·ite а recursive static pseudo-Java method imple­ menting this definition. You may use the methods defined in the section. Е4. 1 . 10 ( uses Java) Give а гecшsive definition fог the evenness property of natшals, without нsing addition ( except successor ) 01' multiplication. Wгite а static recшsive pseudo-Java method boolean even (natural х) that гeturns true if and only if х is even, and uses only the zero and pred methods defined in this section. 4-7

о .

w-4 ... •

u>-3

w-2

1

2

3

4

5

_____. . _____. . _____. . _____. . _____. . _____. . .

w-1

w+1

w+2

w+З

w+4

w+5

_____. . _____. . _____. . _____. . _____. . _____. . _____. . _____. . _____. . _____. . _____. . . . @Keвdall Hнnt PuЫishiпg Сошраnу

Figure 4- 1 : А strange number system. Aпows point to successors. 4.1.5

ProЫems

Р4. 1 . 1 Consider а number system that contains all the ordinaгy non-negative integeгs, а new element w, and an element w + i fог every integer i (positive, negative, ог zею ) , as illustгated in Figure 4- 1 . Show that this system satisfies the fiгst four Peano axioms. Why doesn't it satisfy the fifth? Р4. 1 . 2 Can you define addition and multiplication fог the number system of РгоЫеm 4. 1 . 1 in а way that makes sense? Р4. 1 . 3 Ргоvе that Veгsions 2 and 3 of the fifth Peano axiom аге logically equivalent . Р4. 1 . 4 Рюvе that the Well-Ordering Pгinciple (Version 5 of the fifth Peano axiom) is equivalent to one of the otheг veгsions of the fifth Peano axiom (you may choose which) . Р4. 1 . 5 (uses Java) Give а гecursive definition of the "less than" орегаtог on numbeгs. (You may refeг to equality of numbeгs in your definition.) Wгite а static pseudo-Java method "boolean isLessThan (natural х, natural у ) " that гeturns true if and only if х < у and uses only our given methods. (Hint : Follow the example of the functions plus and times in the text. ) Р4. 1.6 (uses Java) Give а гecursive definition o f and а гecursive static method fог the suЬtraction function, with pseudo-Java header

natural

natural minus (natural х , natural у) .

On input х and у this function гeturns х - у if this is а natural (i.e" if х � у) and О otheгwise. Р4. 1 . 7 Following Exeгcise 4. 1 . 7, сгеаtе а set of axioms that exactly define the set Z of all integers. Р4. 1.8 (uses Java) As in РгоЫеms 4 . 1 .5 and 4 . 1 .6, wгite static pseudo-Java methods natural quot ient (natural х , natural у) and natural remainder (natural х, natural у) that retuш х/у and х%у respectively, as long as х is а natural and у is а positive natural. You may use the otheг methods defined in this section and its РгоЫеms. Р4. 1 .9 (uses Java) Let 's define а stack as follows 1 0 : •

The empty stack is а stack.

•

If S is а stack and х is а thing, S . push (х) is а stack.

•

The stacks S . push (х) and Т . push (у) аге equal if and only if S and Т аге equal and х and у are equal.

10 In геаl Java the Stack class is paгametrized, using generics, but hеге we will define а pseudo-Java stack whose elements аге n·om the class thing.

4-8

•

Every stack is deгived from the empty stack Ьу pushing things as above.

Неге are two proЬlems using this definition: (а) Explain why we can define а рор operation that returns а thing when called from any nonempty stack. (Ь) Assume now that we have а pseudo-Java Stack class with instance methods boolean empty ( ) , void рор ( thing х) , and thing рор ( ) . Wгite an instance method boolean equals (St ack Т) that returns true if and only if the stack Т is equal to the calling stack. Make suгe that уоuг method has no side effect , that is, make sure that you leave both Т and the calling stack just as you found them. Р4. 1 . 1 0 (uses Java) А queue is а data stгucture where we may enqueue elements on one end and dequeue them from the other. (а) Give а recursive definition of а of а stack in ProЬlem 4. 1 .9.

queue

of thing elements on the model of the definition

(Ь) Give а recursive definition of the dequeuing operation. That is, define the result of the method call Q . dequeue ( ) in terms of your recursive definition of queues in рагt (а) . (с) Wгite а recursive instance method boolean equals (Queue Q) for а pseudo-Java Queue class that гeturns true if and only if the calling queue and Q аге equal Ьу уоuг definition in рагt (а) . You may use the instance methods boolean empty ( ) , void enqueue ( thing х) , and thing dequeue ( ) . You method should have no side effects, meaning that both queues should Ье the same Ьеfоге and afteI your method is Iun.

4-9

4.2

Excursion: Recursive Algorithms

In this Excursion we have some examples to familiarize О!' гefamiliaгize you with the notion of recursive algorithms, followed Ьу an Exeгcise where you will al'gue that а pal'ticular recursive algorithm does the I'ight thing. То begin, hel'e is an example of а I'eal Java method to go in а class called Stack 11 . This method pops all the elements from the calling Stack object. It uses two othel' Stack methods - рор removes the top element fl'om the stack and isEmpty tests the stack fol' emptiness:

void clear ( ) {// Pops and discards all elements from calling Stack if ( ! i sEmpty O ) {рор ( ) ; clear ( ) ; }}

So as long as the calling Stack isn't empty, this procedure will рор off the top element, call another version of itself to cleal' what's left, and stop with the stack empty. Once а veision is called with an empty stack, it does nothing and finishes ( it's а "no-op" ) . The version that called it is then done, so it finishes, and contl'Ol passes thl'Ough all the Iemaining stacked veisions until the OI"iginal one is reached and finishes, with the stack now successfully cleared. There is of course а normal itel'ative version of this same procedure that performs the same pops in the same OI"deг - its key statement is while ( ! i sEmpty O ) рор ( ) ; .

In fact, any recursive algorithm that only calls itself once and does so at the end, called can easily Ье converted to an iteiative program with а loop.

а tail

recursion,

Recursion doesn't allow us to do anything we couldn't do all'eady without it, but it often gives а simpler way of wl'iting down an algorithm. ( You'll see many more examples in an algorithms course. ) In many programming languages, I'ecursive programs are less efficient than the equivalent iterative progiams because the compiler doesn't conveit the recursive code to machine code in the most efficient possiЬle way. Otl1el' languages, like the Lisp family, support recursion vel'y well. In general, the smaiter your compileI, the greatel' the incentive to use simple, IeadaЫe, veiifiaЫe гecursive algorithms in place of iterative ones that might Ье slightly faster. In Section 4. 1 we saw some pseudo-Java examples of recursive code, implementing the Iecursive definitions of the plus and t imes methods on natural pI'imitives. The result of plus (x , у) , fог example, was defined to Ье х if y was zero, and to Ье successor (plus (х , pred (y) ) ) othel'wise. This is а tail Iecursion much like the clear method above. If we call the method to add 3 to х, this 11

As usual, we will assume that the Iest of this

Stack

class has al1·eady been wiitten elsewhere.

4-10

method makes а call to another version of plus that adds 2 to х. That in turn calls anotheг version that adds 1 , which calls another version that adds О. The last version returns х, the next-to-last then returns х + 1, the second version гeturns х + 2, and finally the oгiginal veгsion гeturns х + 3 . How d o w e know that а гecursive algoгithm does what i t should? I t must оЬеу the following thгee гнlеs:

1. Ther·e must Ье а base case in which the algoгithm does not make а гecursive call. It must have the сопесt behavioг in this base case. 2. I1 еvегу гecursive call has the сопесt behavioг ( е . g. , it гeturns the сопесt value ) , then the oгiginal call has the сопесt behavioг. 3. The гecursion must Ье grounded, which means that theгe cannot Ье any infiпite sequence of гecursive calls. That is, any sequence of гecursive calls must eventнally end in а base case.

These шles allow нs to sepaгate the gгoнndedness of the гecursion fгom its coпectness. If we can shovv that the algoгithm follows Rules 1 апd 2, then it will have the сопесt behavioг wheneveг it finishes, since the base case геtнгns сопесt answeгs and each sнcceeding case геtнгns сопесt answeгs because its гecursive calls give it сопесt answeгs. Rule 3 takes саге of the only otheг way it coнld go wгong, Ьу enteгing an infinite sequence of гecursive calls and neveг гeturning an answeг at all. Let's apply these гules to the clear method above. The base case is when the stack is alгeady empty. The method obeys Rнle 1 Ьесанsе if the stack is empty, it гeturns and does nothing, and this behavioг is сопесt because the method teгminates with an empty stack. It also cleaгly obeys Rule 2, Ьесанsе if the stack is not empty, the рор call will sнccess and it will make а гecursive call to clear, which Ьу the assumption of Rule 2 empties the stack. Why does it оЬеу Rнle 3? Неге we need an assнmption about stacks, in рагtiснlаг that any stack contains some finite numbeг of elements. Because of the рор call, the гecursive call to clear opeгates on а stack with fewer elements than the stack that was the sнbject of the oгiginal call. Fнгthег calls will Ье on stacks with feweг and fe,veг elements, нntil we eventнally геасh an empty stack and we аге in the base case. This use of the woгd "eventнally" is of course impгecise, dгawing on our intuition аЬонt what the woгd "finite" means. In Sectioп 4. 1 we saw the Peano Axioms, which foгmalize this intuition - one foгm of the fifth Peano Axiom says exactly that а гecursive algoгithm of this kind will eventнally teгminate. In the гemaindeг of this chapter we will consideг а wide vaгiety of examples of ргооf Ьу iпduction. Many of these can Ье viewed as aгguments fог the coпectness of а гecursive algoгithm, like those in this excursion. Finally, we turn to the example algoгithm to Ье analyzed. It is claimed that: "Given а positive nнmЬег as inpнt, this algoгithm will онtрнt а seqнence of pгimes that mнltiply togetheг to eqнal the input." If you believe that statement ( which essentially just says that this algoгithm is сопесt )

4-1 1

then you must believe tl1e "existence half" of the Fundamental Theorem of Arithmetic 1 2 .

void factor (natural х) {// Prints sequence of prime f actors of х t o System . out , one per line // Special cases : outputs empty sequence if х is О or 1 if (х 1 and е < d. What is х % е?)

==

О and that d

•

Why do the numbers output Ьу f actor (x) multiply together to give х?

•

Why does the method оЬеу Rule 3, that is, why must it terminate given any natural as its input? ( Hint: vVhy could we guarantee that the Euclidean Algorithm always terminates? )

12 This is similar to the way we proved the Inverse Theшem in Section 3.3, Ьу giving an algorithm that piovided an inveise whenever the theorem said that one exists.

4-12

4.3

4.3.1

Proof Ву Induction for Naturals

What l t I s a n d How lt Works

We now соте to our fixst detailed look at mathematical induction. Mathematical induction is а general technique for proving statements about all elements of а data type, and can Ье used whenever that data type has а recursive definition. We're going to begin with ordinary induction, the simplest kind, whicl1 allows us to prove statements about all naturals. Later in this chapter and the next we'll learn methods for several other data types with the same kind of definition. Formally, mathematical induction is just another proof rule like all our propositional and predicate calculus rules, because it says that if you have proved certain statements уон are allowed to conclude а certain other statement. Our two goals in this section are to learn when and how to use this rule, and to convince ourselves that it is valid (that things proved with it are actually trнe ) . First off, let's state the proof rule:

•

Let Р(х) Ье any predicate with one free variaЫe of type natural.

•

If you prove both Р(О) and 'Vx : Р(х) ---+ Р(х + 1 ) ,

•

Then you may conclude 'Vx : Р(х ) .

Let's try а simple example. Define Р (х) t o Ье the statement "the sum o f the first х odd numbers is х 2 ." (А bit of experimentation, like 1 = 1 2 , 1 + 3 = 2 2 , 1 + 3 + 5 = 32 , suggests that this might Ье а general rule.) If we remember varioнs high-school Iнles аЬонt sнmming arithшetic progiessions, we know how to veiify this fact, but let's use our new technique to give а fшmal proof. Fiist, we aie told to prove Р(О) , which says "the sum of the fiist zeIO odd numbeis is zero" . Т1:11е enough, once we IeшembeI that all vacuous sums are zero jнst as all vacнous products are one. Next we are given а 'r/ statement to piove, so we let х Ье an aгbitiaiy natural and set out to prove Р (х) ---+ Р(х + 1). То do this Ьу а direct proof we must assume Р(х), that "the sum of the first х odd numbeis is х2 " , and piove Р (х + 1) , that "the sum of the first х + 1 odd numbers is (х + 1) 2 " . How can we do this? The key point is to notice that the second sum is equal to the fiist sum plus one mше teim, the (х + l ) 'st 13 odd number, 2х + 1 . So the sum w e aie inteiested i n i s equal t o the fiist sнm plus 2х + 1 . We apply the inductive Ьу using Р( х) to say that the first sum is equal to х2 . Then it follows that the second sum is х2 + 2х + 1 = (х + 1) 2 , which is just what we wanted to ргоvе it to Ье.

hypothesis

This example illustшtes several coшmon features of inductive proofs: 13 How do we kno'v that the (х + l ) 'st odd number is 2х + 1? The first odd numbeг is 1, the second is 3, and the thiгd is 5. lt арреагs fгom these thгee examples that the i'th odd nнmЬег is 2i - 1, from which \Ve coнld conclнde that tЬе (х + l ) 'st odd nнmЬег is in fact 2(х + 1) - 1 = 2х + 1. То Ье sше tЬat this rule always holds, of сошsе, we woнld need to do yet another matl1ematical indнction. Unfortunately, we have а technical proЬ!em in that the method described above woнld require us to talk about "the 0'th odd number" to prove the base case. We'll deal with this technicality in the next section.

4-13

•

We first have to prove а base case Р(О) , which is often something totally obvious, as it was hеге. It's impoгtant that we substitute х = О into Р(х) caгefully to get the correct statement

Р(О) .

•

•

•

Then we do the inductive step, Ьу proving the quantified statement Vx : [Р(х) ---+ P(x + l )] . Following the geneгal rule fог V's, we let х Ь е an агЬitгагу natural, assume that Р(х) is tгue, and try to derive Р(х + 1 ) . Р(х) is called the inductive hypothesis, and Р(х + 1) is called the inductive goal. The best thing we usually have going for us is that Р( х) and Р( х + 1) are similar statements. In this example, the two sums differed only in that the sum in Р(х + 1) had one ехtга term. Once we knew what that term was, the inductive hypothesis told us the rest of the sum and we could evaluate the whole thing. Once we have proved both the base case and the inductive case, we may carefully state our conclusion, which is "Vx : Р(х)" .

One mental Ьапiег that comes up in leaгning induction is that Р(х) is а statement, not а term. Many students have а hard time avoiding а phrasing like the following for the third bullet above: "Р(х + 1) is equal to Р(х) plus the extra term . . . " This is clearly а type erroг, and is bound to get уои into tгоuЫе when you have to think of Р(х) as а predicate later. It may help to give а name to one of the terms in Р (х) to avoid this proЫem and make the statements easie1· to talk about. ( In the example above, define S (x) to Ье "the sum of the fiгst х odd numbers" and rewгite Р(х) as

"S(x) = х 2 " .)

4.3.2

Examples of Proof Ву Induction

Let's try some more examples. How many Ьinагу strings are there of length п? We've seen that the answer is 2п , so let's let Р(п) Ье the statement "There are exactly 2п Ьinary strings of length п." As usual, Р(О) is pretty easy to prove: "Тhеге аге exactly 2 ° Ьinary strings of length О." We should know Ьу now that 2° = 1, and that theгe is exactly one string of length zero, the empty string. Now we assume "There аге exactly 2п strings of length п" and try to prove "There аге exactly 2п+ l strings of length п + 1" . This means that we need some method to count the stгings of length п + 1, ргеfегаЫу Ьу relating them somehow to the stгings of length п, the subject of the inductive hypothesis. Well, each stгing of length п + 1 is oЬtained Ьу appending а letteг (О or 1) to а string of length п. If theгe is по douЫe countiпg involved ( and why isп't theгe? ) this tells us that ther-e are exactly two stгings of length п + 1 for each stгing of length п. We ar-e assuming that theгe аге exactly 2п strings of leпgth п, so this tells us that the number of strings of length п + 1 is exactly twice as many, or 2 · 2п = 2п + 1 . We have completed the inductive step and thus completed the proof. An almost identical ргооf tells us that ап n-element set has exactly 2п subsets 14 . If we take Р(п) 14 In fact, it's easy to see that you can match up the subsets with Ьinагу strings one for one, so theгe have to Ье the same number of each, but let's go throug\1 the whole inductive ргооf again for practice.

4-14

_. Push

here

@Kendall Hunt PuЫisblng Company

Figure 4-2: An infinite 8equence of dominoe8. to Ье "an n-element 8et ha8 exactly 2п 8Ub8et8" , then Р(О) i8 again pretty obviou8 ( the empty 8et has exactly one 8Ub8et, it8elf ) . Again we let п Ье an arЬitrary natural, as8ume Р(п) , and try to prove Р(п + 1 ) . Р(п + 1 ) talk8 about all po88iЬle 8Ub8et8 of an (п + 1 ) -element 8et S, which we have to relate 8omehow to all the 8Ub8et8 of 8ome n-element 8et. Give а name, х, to one element of the 8et S and let Т Ье the remainder of S, 80 that S = Т U { х } . The inductive hypothe8i8 applie8 t o any 8et with п element8, 8 0 we may a88ume that Т ha8 exactly 2п 8ub8et8. ow given any 8ub8et И of Т, we can form two 8ub8et8 of S, И it8elf and И U {х} . Again there i8 no douЫe counting ( why? ) , and we obtain every 8Ub8et of S in thi8 way. So there are exactly 2п+l 8Ub8et8 of S, becau8e we have exactly two for each of the 2п 8ub8et8 of Т. We have completed the inductive 8tep and thu8 completed the proof.

4.3.3

T h e Validity of Induction Proof8

Now that we've had а Ьit of practice carrying out inductive proof8, let'8 take а clo8er look at why we 8hould believe tlшt they are valid. Formally, the an8wer to thi8 i8 8imple - the fifth Peano axiom 8ау8 that anything that you correctly prove Ьу induction i8 true, and the fifth Peano axiom i8 part of the definition of the 8Y8tem of natural8. If you don't believe in the axiom, your conception of the natural8 mu8t differ from our8 ( and Реа110'8 ) 8omehow, 80 that we're talking about two different number 8Y8tem8. Informally, people U8ually need 8ome kind of image or metaphoг to convince them8elve8 that thi8 work8. One popular one i8 to think of the integer8 а8 an endle88 8equence of dominoe8 ( Figure 4-2 ) , the fir8t one labeled О, the 8econd 1, and 80 forth. If you pu8h over domino О, and you believe that every domino i i8 going to knock over domino i + 1 when it fall8, then you 8hould believe that they're all going to fall eventually. Another way to think of an induction proof i8 а8 instructions to con8truct an ordinary proof. Suppo8e we have proof8 of Р(О) and Vx : [Р(х) -t Р(х + 1 )] , and we want to prove P ( l 7) . Ву 8Ub8tituting 8pecific number8 into the 8econd proof, we can generate proof8 of the implication8 Р(О) -t P ( l ) , Р ( 1 ) -t Р(2) , and 80 forth all the way up to Р(16) -t P(l 7) . Then we can derive

4-15

P(l 7 ) from Р(О) using seventeen applications of the modus ponens rule 15 . Many people have а lot of trouЫe accepting the validity of mathematical induction because it appears to use circular reasoning. You want to prove some statement Р(х), but then in the middle of the proof you suddenly assume tlшt Р(х) is true! Actually this is not circular. The original goal is to prove, for arЬitrary х, that Р(х) is true without апу assumptions. In the inductive step, however, you're trying to prove the implication Р(х) � Р(х + 1 ) for arЬitrary х. AnotheI counteiintuitive aspect of induction is that you staгt out trying to pIOve Vx : Р(х) and you're told instead to prove Vx : [Р(х) � Р(х + 1)], which is а more complicated statement of the same type. The point is, of course, that because Р(х) is likely to have something to do with Р(х + 1 ) , pioving the implication could Ье а lot easieг than just pioving Р(х) diгectly. Actually, theie aie situations when the best way to make the proof mше feasiЫe is to add conditions to Р(х) , that is, to change "Р(х)" to "Р(х) А Q(x)" fог some statement Q (x ) . You would think that this would make the proof haideI 16 , but remember that Q(x) now appears on both sides of the implication. As you try to prove [Р(х) А Q (x)] � [Р(х + 1) А Q(x + 1)] , you can use Q(x) as а piemise, which may help in proving Р(х + 1 ) . You also have to ргоvе Q(x + 1 ) now, but this may not Ье too much of а pIOЬlem. In the next section we'll look at the technique of strong induction, which is an example of this piinciple.

Exercises

4.3.4

Е4.3.1 Piove Ьу induction that fш all naturals п, the sum of the fiist п positive naturals is п (п + l )/2. Е4.3.2 Piove Ьу induction that fш all naturals п, the sum of tl1e fiist п positive perfect sqнaies is

п(п + 1 ) (2п + 1 )/6.

Е4.3.3 Prove that if А is an alphabet of k letteгs, and п is any natural, there aie exactly kn stiings of п letteis over А. ( Hint: Let k Ье an arЬitiaiy natural and then pIOve the statement Ьу induction on п.) Е4.3.4 PIOve Ьу induction that 3 divides п3 - п. (This is also easy to pIOve directly Ьу aiithmetic modulo 3, but do it Ьу induction. ) Е4.3.5 Prove Ьу induction foI all naturals п that the size of the set of naturals { k : k < п} is exactly

п.

Е4.3.6 Following the Ieasoning in Excursion 1 .2, and using the definitioпs theie, ргоvе Ьу induction that еvегу natural is eitheг even OI odd, but not both. Е4.3.7 Let m Ье а fixed positive natural. Ргоvе, Ьу induction on all naturals п, that fш еvегу п theie exist naturals q and r such that п = qm + r and r < m . 15 0ne student \Vas "enlightened" about the truth of this when а professor told him to construct а computer pюgram that would take the induction proof and а number as input, and construct this chain of implications for the desired number. Не suddeпly "saw" that since these "straight-line proofs" existed for every natural i, eve1·y P(i) must actually Ье true. Of course, this is only an intuition, because to formally prove that the straight-line proofs exist fш апу natural, we would need some form of mathematical induction! 16 This process has been likened to trying to pull yourself up Ьу your own bootst1·aps.

4-16

Е4.3.8 Prove Ьу induction on all naturals п that any set of п elements has exactly п(п - 1 )/2 subsets of size exactly 2. (Hint : You will need to use different arguments for the inductive case based on the value of п. То prove P ( l ) and Р(2) уон can argue diiectly, without using the inductive hypothesis. For larger п, imitate the reasoning in our pIOof above that the set has 2п subsets in all. ) Е4.3.9 For any natural п, define Sn to Ье the sum, for i from 1 to п, of ( l) i So So = О because the sum of an empty set of numbeгs is О, S1 = ( - 1 ) 1 , S2 = ( - 1 ) 1 + ( - 1 ) 2 = - 1 + 1 = О, and so forth. Find а rule giving Sn in terms of п, and prove your rule correct Ьу induction. -

.

Е4.3.10 Sнppose 1 begin at time О with g grams of radioactive material. This material has half-life Т, meaning that the amount of material remaining at time t + Т is exactly half the amount гemaining at time t, for any t. Prove that fог any natural п, the amount remaining at time пТ is exactly g2- n grams.

4.3.5

ProЫems

Р4.3. 1 Determine а formula for the sum of the first п positive perfect cubes and ргоvе it correct Ьу induction on all naturals п. Р4.3.2 Let tl1e finite sequence ао , а 1 , . . . , ап Ье defined Ьу the rule аi = Ь + i · с. Prove Ьу induction on п that the sum of the terms in the seqнence is (п + l ) (ao + ап ) /2 . (Hint: In tl1e base case, п = О and so а0 is equal to ап . For the induction case, note that the sum for п + 1 is equal to the sum for п plus the one new tel'm an+ I · ) Р4.3.3 Let the finite sequence ао , а 1 " . " ап Ье defined Ьу the гule ai = ао · ri , whel'e r is some numbeг not equal to 1. Pl'ove Ьу indнction that the sum of the tel'ms in the seqнence is ao���+ i ( whel'e а н is defined Ьу the same rule even though it is not part of the sequence) . п

Р4.3.4 Ргоvе Ьу induction on all naturals п that the polynomial х - у divides the polynomial xn - уп . That is, prove that there exists а polynomial fп (х, у) such that хп - yn = (х - у)fп (х, у) . Give а geneгal foгmula fог fп (х, у) and prove Ьу indнction that it is correct. ( Hint: Prove ( assuming that п � 1) that if fп satisfies its equation, and fп+l = хfп + yn , then fп+l satisfies its equation. )

Р4.3.5 Let 1:: = {а, Ь, с } and let Ln fог each пatural п Ье the laпguage consisting of exactly those strings with two a's, two Ь 's , and п c's. Discover а formнla fог the size of Ln in teгms of п, and prove your foгmula сопесt Ьу induction. (Hint : Уон may find it useful to first solve this ргоЫеm fOl' vaгious similar languages: stгings with п c's and respectively no a's ог Ь 's, one а and no Ь 's, one of each, and two a's and one Ь.) Р4.3.6 Define S(n) to Ье the sum, fог all i fгom 1 thгough п, of naturals п ( inclнding О) that S(n) = 1 - n� .

i{i�l ) .

Ргоvе Ьу induction on all

l

Р4.3.7 Deteгmine а foгmula for the numbel' of size-3 subsets of an n-element set, fOI any п. Prove your formula сопесt Ьу induction, using the гesнlt of Exer'Cise 4.3.8 in your inductive case when п � 3. Р4.3.8 This proЫem deals with two diffeгent methods of stacking canпonballs. То make а tetrahe­ dron of height п, we aпange п(п + 1 )/ 2 caпnonballs on the gl'Ound in а tгiangle of side п ( we

4-17

Тор

Тор

Middle

Middle

Bottom

Bottom

Tetrahedron

Egyptian pyramid

@Kendall Hunt Pt1Ьlishing Company

Figure 4-3: Two stacks of cannonballs, each of height 3 know the number of balls in the triangle froш Exercise 4.3. 1 ) , and then place а tetrahedron of height п 1 centered on top of this t1·iangle. То шаkе an Egyptian pyramid of height п, we place п 2 cannonballs on the ground in а squaie, then place an Egyptian pyiaшid of height п 1 centered on top of the square. The two stacks of height 3 are pictured in Figure 4-3. -

-

(а) Let Т(п) Ье the nuшber of cannonballs in а tetrahedron of height п, so that Т(О) = О and, fог any п with п > О, Т(п) = Т(п 1) + п(п + 1 )/2. PIOve Ьу induction on all naturals п that Т(п) = п(п + l ) (n + 2)/6. -

(Ь) Let ЕР(п) Ье the nuшber of cannonballs in an Egyptian pyгamid of height п, so that ЕР(О) = О and, for any п with п > О, ЕР(п) = ЕР(п 1) + п 2 . Find а polynoшial foгшula fог ЕР(п) and pIOve it сопесt Ьу induction foI all naturals п. -

Р4.3.9 Suppose 1 have а bank balance that holds an integeI nuшbeI of dollars. Eveiy day the bank first douЫes шу balance (whetheг it is positive or negative) and then subtracts $3 from it. (а) PIOve Ьу induction on all naturals п that if my balance is О on Day О, it is -3(2п - 1 ) o n day п . ( Ь ) PIOve that i f the balance i s stгictly less than $3 o n Day О, i t vvill гemain less than $ 3 foгever. (с) Ргоvе that if the balance is stгictly greateг than $3 on Day О, it will remain gгеаtег than $3 fогеvег. ( d) State а foгmula fог the balance on Day п, given that it is Х on Day О. Ргоvе your foгmula сопесt fог all naturals п Ьу induction. Р4.3. 10 Неге аге thгee mоге geometiic proЫems, suitaЫe fог an Excursion: (а) Let L Ье а line segment. Ргоvе that fог any natural п, placing п distinct points on L divides it into exactly п + 1 pieces. (Ь) Let R Ье а гectangulaг гegion in the plane. Show that fог any natural п, if we dгaw п distinct stгaight lines on R, dividing it into subгegions, we can two-color the гegions. 4-18

@Kendall Hunt PuЫishing Соmрапу

Figure 4-4: А rectangular region divided Ьу lines and circles, then two-colored. This шeans that we can color each region eitheг red OI' Ыuе, so that if two гegions shaгe а border of ШОI'е than а point, they are different colors. ( ote that each straight line must continue from one boundaгy of the region to anotheг.) (с) Suppose that in рагt (Ь) , we are also allowed to divide R with circles. or parts of circles inteпupted only Ьу the boundaгies of R, as in Figure 4-4 . Prove that fог any natural п , the division of R Ьу any number of lines and circles totaling to п can Ье two-colOied.

4-19

4.4

4.4.1

Variations on lnduction for Naturals

Not Starting at Zero

In one sense there is only one Principle of Mathematical Induction for the naturals, and only one way to use it to prove statements about them. But as we'll see in this section, there aie ways to apply the oгiginal Principle in common sitнations when applying it diiectly doesn't seem to work. One coнld call these "new pioof methods" or just variations on the origi11al method, depe11ding 011 one's personal taste. In а footnote in Section 4.3, for example, we weie interested in proving the statement "the i'th odd number is 2i - 1" fiom the Реа110 axioms defini11g the naturals. Induction seems like а natural way to proceed. We define P(i) to Ье the predicate in question, and can merrily go ahead and pIOve P ( l ) (the fiist odd llllmbeI is 1 ) . The i11dнctio11 step is also simple - si11ce each odd 11нmЬег is two gieater than the one Ьеfоге it, and the inductive hypothesis says that the i'th odd nнmbeI is 2 i - 1 , the (i + l) 'st odd nнmber is two greater, OI 2i + 1, which is 2( i + 1) - 1 as desiied. The proЬlem is that this indнctive proof doesn't follow the framework set онt Ьу the fifth Peano axiom. Why? Весанsе the natшals stait with О, not 1, and we did11't prove Р(О) . Р(О) doesn't eve11 make sense, because there is11't а O'th odd 11нmber. The proof, 011 the otheI ha11d, seems jнst as co11vincing as an ordinaгy i11duction proof, and the fact pгoven is certainly true. What we're going to have to do is expa11d ош view of mathematical indнction to encompass this ргооf and some otheis. Here's another example. Let Р(п) Ье the stateme11t "п! > 2п" - that taking а factoгial 1 7 of а number gives уон а ЬiggeI numbeг than Iaising two to that number. This is а good geneial IUle, but it happens not to Ье tгue fог п ::; 3. Howeve1·, we can check Р(4) Ьу arithmetic (24 > 16) and it is easy to show that for п ;:::: 4, Р(п) ---+ Р(п + 1 ) . (We must show (п + 1 ) ! > 2п+1 , vvhich is tгue because (п + 1 ) ! = (п + l )n! > (п + 1 ) 2n ;:::: 2 · 2n = 2n+ 1 .) (Actually, the only fact about п we used i11 this aгgнme11t was that п + 1 ;:::: 2, in the third step. So the implication "Р(п) ---+ Р(п + 1)" is also tIUe fщ п = 1, п = 2, and п = 3, even though the individual statements P ( l ) , Р(2) , and Р(3) are false. ) We аге геаsоnаЫу convi11ced that the stateme11t Р(п) is true for all numbers gieater than OI equal to 4, but again we need to alteI our fщmal statement of the induction law to do that. We seem to have а гevised indнctio11 law that says: "If P(k) is true, and P(i) ---+ P (i + 1) is tше fог all i ;:::: k, then P(i) is tiue foI all i ;:::: k." Heie aie thiee sepaiate pioofs that this law is valid: •

•

Define а new pгedicate Q(i) that says just "P(i + k)" . Then Q (O) is the same statement as P(k), which is given as tiue. Q ( i ) ---+ Q ( i + 1 ) tianslates as P(i + k) ---+ P (i + k + 1 ) , which we know is tIUe Ьу plugging in i + k ( which is at least as Ьig as k) into the indнction шlе P(i) ---+ P(i + 1 ) . So Q(i) is pIOven tiнe fог all i Ьу щdinaгy mathematical induction! If j is any natшal with j ;:::: k, then j - k is а natшal and P(j) is the same statement as Q (j - k), which must Ье tше. So P(j) holds foI all such j , as desiгed. Define R(i) to Ье the piedicate "(i ;:::: k) ---+ P (i ) " . Then \/i : R(i) is just what we want

17 We defined the factorial function in Section 3.4 - if п is

4-20

а

natural then п! is the pr·oduct 1 · 2

·

·

п.

to prove. То prove this Ьу ordinary induction, we first check R(O) , which is true (assuming k > О) because the implication is vacuously satisfied. Then we have to prove R( i) ---'* R( i + 1 ) , which w e can break into cases. I f i + 1 < k, then R ( i + 1) i s tl'ue because i t translates to [(i + 1 ) ;:::: k] ---'* P(i + 1) and this implication is also vacuously satisfied. If i + 1 = k, then the implication is true because P(k) is tше. And if i ;:::: k, the implication R(i) ---'* R(i + 1) reduces to P(i) ---'* P(i + 1) because the antecedents i ;:::: k and (i + 1 ) ;:::: k are both true, and this latteI implication is given to us. So the inductive step is pIOven, and we have proven \:/i : R( i) Ьу oidinaiy induction. •

4.4.2

We сап think of the data type naturalAtLeastK as being given Ьу an Iecшsive definition similaI to the Peano axioms, with k Ieplacing О in the base case. Something that is true fш k, and tiue foI i + 1 wheneveг it is tгue fог any naturalAtLeastK i, must Ье tiue foI all naturalAtLeastK's. We will see that апу Iecшsive definition, with а final clause of the fшm "the only elements of the type аге those given Ьу these Iules" , leads to an inductive ргооf method like this.

Induction

оп

the Odds or the Evens

Heie's anotheI example tl1at deals with а diffeient subset of the integeis. Let Р( п) Ье the statement "4 divides п 2 - 1" , which is tiue fш all odd numbeis п (but which, as it happens, is false fщ all even numbeis). А natшal way to tiy to pIOve this is mathematical induction, with two modifications: staгt with P ( l ) , and in the inductive step show that Р(п) implies Р(п + 2) Iather than Р(п + 1 ) . P ( l ) i s cleaily tiue because 4 divides 1 2 - 1 = О. I f we assume Р(п), that 4 divides п2 - 1 , we can do this new kind of inductive step Ьу pioving Р(п + 2), that 4 divides (п + 2) 2 - 1 . Natшally we do this Ьу finding the Ielationship between п2 - 1 and (п + 2) 2 - 1 : (п + 2) 2 - 1 = (п2 + 4п + 4) - 1 = (п2 - 1) + 4(п + 1 ) , so given that 4 divides one numbeI it divides the otheI. Just as in the example above of induction with а diffeient staiting point, we can jнstify this пеw iпductioп method in seveial ways:

•

If foI eveiy natшal k we define the statement Q (k) to Ье P(2k + 1 ) , and Q(k) holds foI all natшals k, then Р(п) holds for all odd п. But to piove \:/k : Q(k) Ьу oidinaiy induction, we just pIOve Q(O) = P ( l ) and then \:/k : Q(k) ---'* Q(k + 1 ) , which follows fiom \:/п : Р(п) ---'* Р(п + 2).

•

If we let R(n) Ье "if п is odd, then Р(п) is tiue" , can we then piove \:/п : R(n) Ьу шdinary induction? R(O) is vacuously tше, and we can pIOve R ( l ) Ьу veiifying P ( l ) , but in geneial we have а ргоЫеm with R(n) ---'* R(n + 1 ) . If п is even, R(n) is vacнoнsly tше, and the indнctive hypothesis says nothing аЬонt Р(п) OI Р(п - 1 ) that we could use to prove Р(п + 1 ) . We'll get aIOнnd this below Ьу the technique of strong induction.

•

We may indнctively define tl1e odd numbeis Ьу the Peano-like axioms "1 is an odd nнmbeI" , "if п is an odd number, so is п + 2" , and so fшth. Then this "odd-numbeI induction" is jнstified fiom the new fifth axiom in the same way that шdinшy indнction is jнstified Ьу the шiginal Peano axioms.

4-21

4.4.3

Strong lnduction

Our final extended version of mathematical induction is called strong induction. We saw above that in proving а statement for all odd numbers, ordinary induction gave us the wrong inductive hypothesis. Р(п) was of no use in proving Р(п + 1) - we needed Р(п - 1) instead. Here's the trick. Let Р(п) , as usual, Ье а statement about naturals that we want to piove fOI" all п. Define Q(n) to Ье the statement "P(i) is true fOI" all i such that i � п" . If we can pmve Q(n) foI all п, that certainly suffices ( though it looks а Ьit strange to set ourselves the task of pioving а stronger statement) . So we set about pгoving \:/п : Q(n) Ьу ordinaгy induction. The base case Q (O) is the same as Р(О). For the inductive step, we assume Q (n) and try to prove Q(n + 1 ) . But if we can pmve Р(п + 1 ) , that and Q(n) together give us Q(n + 1) and we аге done. So we have the rule: •

If you pmve Р(О), and

•

If you ргоvе Q(n)

•

You may conclude \:/п : Р(п) .

--+

Р(п + 1 ) , where Q (n) is the statement Vi : (i � п)

--+

P(i) , then

Note the something-for-nothing сhагасtег of this rule! We have to do the same base step, but in the inductive step we have the same goal but the stronger inductive hypothesis Q(n) to wOI"k with. This is an example of the 'Ъoot-strapping" phenomenon mentioned in the last section - making your inductive hypothesis stгongeг may make the pioof easieг. The way stгong induction comes up in pгactice is that in the middle of а ргооf, you discoveг that to piove Р(п + 1 ) , wlшt you really need instead of Р(п) is some otheг P(i) . As long as i � п, you can just say that уоu'ге now using strong гаthег than ordinaгy induction and bгing in P(i) as an assumptio11! The гeason this is mathematically valid is that you could go and гecreate this argument, using ordinaгy induction on this changed inductive hypothesis. As one example, we can finish our second justification of our proof of Р(п) for all odd п above. We can now ргоvе \:/п : R(n) Ьу stгong induction on п, using our hypothesis \:/п : Р(п) --+ Р(п + 2 ) . Assume R(i) fог all i � п and try to prove R(n + 1 ) . То Ье exact, we have to work Ьу cases. If п = О, we have to ргоvе R ( l ) directly Ь у veгifying P( l ) . I f п i s odd, n + 1 i s even and thus R(n + 1) i s vacuously true. If п i s even and п > О, though, we need to prove Р(п + 1 ) . But our inductive hypothesis includes R(n - 1 ) , which implies Р(п - 1) because п - 1 is also odd, and we can use our hypothesis substituting in п - 1 to get Р(п - 1 ) --+ Р(п + 1) and thus Р(п + 1 ) . Неге's another example. Define the size o f а natшal to Ь е the numbeI" o f Ьits needed t o I"epI"esent it in Ьinагу. vVe can find this гecursively, as 0 or 1 require one Ьit and in general, п requires one more Ьit than n/2: natural size (natural n) {// Returns number of bits in binary representat ion of n if (n О and 2 siz e (l) = 2 > 1. But for the inductive case, knowing the size of п doesn't tell us anything about the size of п + 1, unless (n+ 1 ) /2 happens to equal п. We'd like to Ье аЫе to assume that size С (n+ 1 ) /2) gives the right value. That's just what strong induction lets us do. The inductive hypothesis becomes "2si ze (i) > i fOI' all i :::; п" , and since (n+ 1 ) /2 is at most п for п > 1, we can compute (letting k equal (n+ 1 ) /2 ) : 2 siz e ( n+l) = 2 I+si ze( k ) = 2 . 2si ze ( k ) 2:: 2 . ( k + 1 ) > n + 1.

There's а suЬtlety in the above sequence of inequalities. The natural thing to do with 2 si z e( k) would Ье to observe that (Ьу the inductive hypothesis) it is gгeater than k. But it's not necessarily true that 2k 2:: п + 1, and in fact this is false whenever п + 1 is even. However, if an integer is greater than k, it is also greater than ог equal to k + 1 , and 2 ( k + 1) is definitely greater than п + 1 .

4.4.4

Exercises

Е4.4.1 In an algorithms course you will Ье expected to believe that "fOI' sufficiently large" naturals п, п2 /10 is greateг than 47п. Find some paгticulaг number k such that this statement is true for all п 2:: k, and prove that it is. (The best choice of k would Ье the smallest possiЫe, of course. ) Е4.4.2 Repeat Exercise 4.4 . 1 for the statement "2п > 137п3 " . Е4.4.3 Prove that if п 2:: 4 , it is possiЫe to make up exactly п dollars with а comЬination of $2 and $5 Ьills. (Hint: Almost any of the ideas in this section can Ье used sнccessfully. Strong induction is the easiest, but you could also prove it separately for odd and even п. Уон can also use ordinaгy induction with the starting point п = 4.) Е4.4.4 Prove that if п is an odd number, then 8 divides п 2 + 7. Е4.4.5 Prove Ьу induction that the i'th odd number is 2i - 1, for all i > О. Е4.4.6 In the game of 1-2-3 Nim, two playeгs alternate moves in which they may take one, two, ог three stones from а pile of п stones. The object of the game is to take the last stone. Ргоvе, Ьу strong induction on п, that the second player has а winning stшtegy 18 in the n-stone game if and only if п is divisiЫe Ьу 4. (We assume that if there are no stones, the second player wins Ьесанsе the first player cannot move. Of course if there are one, two, or three stones, the first player wins on the fiгst move. ) Е4.4.7 Recall from Chapter 1 that i n а deductive sequence proof, еvегу statement is either an axiom (gнaшnteed to Ье tгне) or follows fгom one 01' more earlier statements. Prove, Ьу strong induction on all positive naturals п , that the n'th statement of а deductive sequence proof mнst Ье true. Е4.4.8 Prove, Ьу indнction on all naturals п, that if an n-letter stгing over the alphabet {а, Ь} contains both an а and а Ь, then it contains eitheг аЬ ог Ьа (ог both) as а substring. (Hint : 18 In Section 9.10 we will sho\v that in any of а large category of games, including this one, one playe1· or the other а st1·ategy that leads to а win given any possiЫe sequence of moves Ьу thei1· opponent.

has

4-23

The base cases fог п ::; 2 are easy. Assuming the statement Р( п) for an arЬitrar-y п, prove Р(п + 1) Ьу cases, based on the last letter of the stгing.)

Е4.4.9 Let * Ье а Ьinary opeгation on а set Х, so that fог any elements а and Ь of Х, there is а unique element of Х defined as а * Ь. Let п Ье any positive natuгal and let а1, . . . , ап Ье any sequence of п elements of Х . Without any other assumptions on *, prove that if we apply parentheses in any way to the pгoduct а 1 * а2 . . . * ап to make it онt of Ьinагу * operations, the гesнlt is in Х . Е4.4. 1 0 I n Section 3.5 we pгoved the fнll foгm o f the Chinese Remaindeг Theorem from the Simple form, нsing what we can now гecognize as а proof Ьу induction. Write the fнll form as а statement P(k) , vvheгe k is the numbeг of pairwise relatively prime modнli. Prove Ьу induction on all positive natшals k that P(k) is trнe, assuming the simple form Р(2) .

4.4.5

ProЫems

Р4.4.1 Consideг а variant of Exercise 4.4.3, for $4 and $ 1 1 Ьills (made, we might sнppose, Ьу а particulaгly inept counterfeiteг) . What is the minimum number k sнch that you can make up $п for all п ::::: k? Prove that you can do so. Р4.4.2 Give а гigorous ргооf, нsing strong indнction, that every positive natuгal has at least one factorization into prime nнmbers. Р4.4.3 Consideг the following variant of the "recursive algoгithm" form of the fifth Peano axiom: •

If an algorithm has one argument of type natural, it terminates \Vhen called with argument О, and when called with argнment х > О it teгminates except possiЬly for а call to itself with ar-gument у, with у < х, then it eventually teгminates for all inpнt.

Prove that this гнlе is valid, using stгong induction.

Р4.4.4 Prove the statement ' О --+ :Эу : х = successor(y) ] , which we used in the last section as рагt of our definition of the natural data type. Use indнction on х staгting with х = 1 . Р4.4.5 Find the flaw i n the following alleged proof that уон are the late Elvis Presley 19 . Ву mathematical induction, we will prove the following statement Р(п) for all naturals п: "In апу set S of п people, опе of whom is ап Elvis, all are Elvises. " {The conclusion that уои are Elvis will then follow Ьу taking S to Ье апу set containing both уои and the original Elvis.) The base case Р(О) is vacuously true because there is по such set of О people. The second base case Р(1) is obviously true, because а set of опе person containing ап Elvis contains only Elvises. For the inductive step we need to show that for апу п > О, Р(п) implies Р(п + 1 ) . So assume that апу set of п people containing ап Elvis consists entirely of Elvises. Let S Ье ап arbitrary set of п + 1 people, including ап Elvis whom we 'll call Е . Let х Ье ап element of S other than Е . Now look at 19 This is а standard example of а flawed indнction ргооf (often ph1·ased as а ргооf that all horses have the same coloi- ) . lt is really helpfнl foi- some people and totally нseless for others. Уон need to fi1·st see why it appears to Ье а valid indнction proof of an obvioнsly false statement, and then find the specific flaw in the гeasoпing.

4-24

@Kendall Hunt Pt1Ыishing Соmрапу

Figure 4-5: А Venn diagram for part of the Elvis proof. Т = S \ { х} . It's а set of п people containing ап Elvis (Ьесаиsе it contains Е) , so Ьу the inductive hypothesis it consists entirely of Elvises. Now let И = S \ { Е} . И has п elements, and it contains ап Elvis Ьесаиsе everyone in Т (everyone in S except for х) is ап Elvis (see Figure 4-5). So using the inductive hypothesis again, И is all Elvises, so in particular х is ап Elvis, and S is all Elvises as desired. The

inductive step is done, so Р(п) holds for all naturals п, and уои are Elvis.

Р4.4.6 I am staгti11g а new plan for the le11gth of my daily dog walks. On Day О we walk 3 miles, on Day 1 we walk 2 miles, and for all п > О the length of our walk on Day п + 1 is the average of the lengths of the walks on Days п - 1 and п. (а) PIOve Ьу stгong induction for all naturals п that on Day п, we walk (7 + 2 ( - 1/2) п )/3 miles. (Hint : Use base cases for п = О and п = 1 . ) ( Ь ) Give а foгmula for the total distance that w e walk o n days О through п, and piove your foгmula сопесt Ьу stIOng induction. Р4.4.7 А polygon is called convex if every line segment from one ver·tex to another lies entirely within the polygon. То triangulate а polygon, we take some of these line segments, which don't cгoss one another, and use them to divide the polygon into tI"iangles. Prove, Ьу strong induction for all naturals п with п ;:::: 3, that every convex polygon with п sides has а trian­ gulation, a11d that eveI"y tI"iangulation contains exactly п - 2 triangles. (Hint: When you divide an n-gon with а single line segment, you сгеаtе an i-gon and а j-gon for some naturals i and j. What does your strong inductive hypothesis tell you about triangulations of these polygons?) Р4.4.8 Pig Floyd is weighed at the beginning of еvегу month. In Month О he weigl1s 400 kilograms, in Month 1 he weighs 350 kilograms, and i11 lateг months his weight W(n + 1) is equal to J2W(n) - W(n - 1) + 700 - 350 J2. (а) Calculate W(n) fог all natuгals п with п :::; 1 0 . Write your answers in the form а + ЬJ2 where а and Ь аге integers. (Ь) Ргоvе Ьу stгong induction on all naturals п that W(n) can Ье written in the foгm а+ЬJ2, wheгe а and Ь аге integers. 4-25

(с ) Determine W (84) , Floyd's weight afteI seven yeais. You will find it easiest to discover а pattern in the numbers W ( п ) , and ршvе that this pattern holds for all п Ьу stiong induction.

Р4.4.9 Let * Ье а Ьinaiy opeшtion on а set Х that is associative, meaning that for any thiee elements а, Ь, and с, we liave а * (Ь * с) = (а * Ь) * с. (We do not assume that * is commutative. ) Let п Ье any positive natural and let а 1 , а 2 , . . . , ап any sequence of п elements of Х, not necessaiily distinct. Ршvе that howeveI we parenthesize the sequence "а 1 * а2 * . . . ап " , we get the same result. (Hint: Use strong induction on п. The cases of п = 1 and п = 2 ше tiivial, and п = 3 is given Ьу ош assumption. Show that any parenthesization of а 1 * . . . * ап + l is equal to some paienthesization of а 1 * . . . * ап starred with an+ l , then apply the inductive hypothesis. ) Р4.4. 1 0 Let * Ь е а Ьinary operation o n а set Х that i s commutative, meaning that а * Ь Ь * а for any elements а and Ь of Х , and associative, meaning that а * (Ь * с) = (а * Ь) * С fOI any elements а, Ь, and с of Х . (So we know from ProЬlem 4.4.9 that we can write the product of any sequence of elements without parentheses. ) Let п Ье any natural with п 2:: 2, and let а 1 , а2 , . . . , ап Ье any sequence of п elements of Х, not necessarily distinct. Let Ь 1 , Ь2 , . . . , Ьп Ье а sequence consisting of the same elements in another Oider. Ргоvе that а1 * а 2 * . . . ап = Ь 1 * Ь2 * . . . Ьп . (Hint : Use strong induction on п .) =

4-26

1=0

!fD !fD fu fu

1=4

1=5

fu fu fu fu

.

@Kendall Hunt PuЫisblng Соmрапу

Figure 4-6: Fibonacci's rabЬits. Shaded rabЬits are breeding pairs. 4.5

Excursion: Fibonacci Numbers

In this Excursion we study the Fibonacci numbers, first described Ьу Leonardo of Pisa in the 1 200's. His oгiginal motivating proЫem involved population growth in i-abЬits. At time step one you begin with one pair of newborn rabЬits. At every future time step, you have all the rabЬits from the previous step (apparently they're immoгtal) plus possiЬly some newly born ones. The гule for Ьirths is that each pair of гabЬits except those born оп the last step produces а new pair. Conveniently, these are always one male and one female and the rabЬits have no objections to mating with their close relatives. Figure 4-6 illustrates the first few stages of the pгocess. The number of pairs of rabЬits at each time step п is called F (n) or "the n'th Fibonacci number" , and is foгmally defined Ьу the following recursive rules:

О.

•

F(O)

•

F(l) = 1.

•

For any п :2': 2 , F(n)

=

F ( n - 1 ) + F ( n - 2) .

=

It's immediate Ьу strong induction on п that "F(n) is defined for any п" (Proof: The base cases п = О and п = 1 are given to us Ьу the definition, and if we know that F (n - 2) and F(n - 1) are defined then the third rule defines F (n) for us. ) We can calculate F (2) = 1 (this value is sometimes given as part of the definition) , F(3) = 2, F (4) = 3, F (5) = 5, F (6) = 8, and so foгth. The Fibonacci numbers are lots of fun to play with because it seems that if you do almost anything to the sequence, you get the same nнmbers back in some form. For example, the difference between F(n) and F(n + 1) is just F(n - 1 ) , from the third rule. If we let S(n) Ье the sнm of F(i) as i goes 1, 8(2) 2, 5(3) 4, 5 (4) 7, 8(5) 1 2 , 5 (6) 20, and so from 1 to п, we get S(O) О 8 ( 1 ) foгth. Looking at the sequence, you might notice that S(n) = F(n + 2) - 1 , so that the summation =

,

=

=

=

4-27

=

=

=

of the Fibonacci numbeгs gives тоге

OI

less the Fibonacci numbeгs 20 .

As anotheг curiosity, look at the squaгes of the Fibonaccis: О, 1 , 1 , 4, 9, 25, 64, . . .. Nothing too obvious, but if we look at F(n) 2 - F(n - 2) 2 , staгting fгom п = 2, we get 1 , 3, 8 , 21, 55, . . . We can гecognize all these as individual Fibonacci numbeгs, and in fact this sequence seems to contain еvегу second Fibonacci number. We've spotted the identity .

F(n) 2 - F(n - 2) 2 = F(2n - 2). Is this always true, ог just coincidence? With any such identity, the sensiЫe way to ргосееd is to use inductioп. We verify the base cases апd contiпue Ьу assuming that the identity is tп1е for п - 1 апd pгoviпg it for п, usually using the key definition F(n) = F(n - 1) + F(n - 2). The inductive step in this particular case is а Ьit tough, though. The natural way to begin is to expand out F(n) 2 = F(n - 1 ) 2 + F(n - 2) 2 + 2F(n - l )F(n - 2 ) . The first two teгms relate to our inductive hypothesis, but the thiгd gives us trouЬle. If we look at F(n)F(n - 1), we get а nice sequence (fгom п = 1) О, 1, 2, 6, 1 5 , 40, 104, . . . . (Look at the differences of this sequence.) In fact this new sequence арреагs to also satisfy an identity just like the one fог the squaгes: F(2n - 1) = F(n + l )F(n) - F(n - l )F(n - 2)

The easiest way to prove this identity and the one above is to do them simultaneously. We assume both of them fш the п - 1 and п - 2 cases, and prove them both for the п case. This is one of the two choices fог а Writing Exercise below. One more observation about the Fibonacci numbers is their relationship to the Golden Ratio. You may have heard of this ratio from its гоlе iп агt 21 - theгe is а uпique number ф such that the гatio of one to ф is the same as that of 1 + ф to one ( see Figure 4-7) . Ву algebra, this ф = ( VS- 1) /2 ог about 0.61, so the гatio is about 1 .61 to one. Once you get staгted witl1 the Fiboпacci numbers, the гatio of one to the next seems to approach this golden гatio fairly quickly. Iп Chapter 7 we'll see а general mathematical theory of how to solve recuпences and deгive the equation

As ф < 1 , as п incгeases the ( - ф) п teгms gets smaller and smaller and the approximation F(n) = ( 1 + ф) п / ,/5 gets incгeasingly close. Though we don't yet know how to derive this equation, we can prove it сопесt Ьу induction on п, using the definitioпs of F(n) and ф togetheг with а fair Ьit of arithmetic. 20 In Excursioп 7.6 we'll look at analogies betweeп sequences like the Fibonacci numbers and the functions occuпing iп calculus. Wheп 've defiпe the operatioпs appropriately, the Fiboпacci numbers will turп out to Ье mOI"e 01" less their оwп "derivative" апd "integral" . Do other sequences besides the Fibonaccis relate to theii- О\VП diffei-eпces апd sums in the same way? 21 It is often claimed, for example, that the length and ...,·idth of the Parthenon are in this ratio. This is appai-ently not true but many other things about this ratio are - see Mario Livio's book The Golden Ratio: Tlie Story of Phi, the World's Most Astonishing Number.

4-28

� @Kendall Hunt PuЬlisl1iпg Сошраnу

Figure 4-7: The Golden Ratio. Writing Exercises: Fог each statement, write а caгeful inductive ргооf that it is tгue fог all naturals п, afteг an арргоргiаtе staгting point.

•

Both the formula

F(2n - 2) = F (n) 2 - F(n - 2) 2

and the formula F(2n - 1) = F(n + l)F(n) - F(n - l )F(n - 2) hold fог n. •

Defining the number ф to Ье

�- l ,

4-29

4.6

4.6.1

Proving t h e Basic Facts of Arithmetic

The Semiring of the Naturals

There are а number of properties of arithmetic on the naturals that we tend to take fог granted as we compute. Some of tl1em, such as that х + О = х or х · О = О, were included in our formal definitions of the opeгations, but others such as х · у = у · х were not. The reason for this, as it turns out, is that we made the axioms and definitions as short as possiЬle, leaving out any statements that could Ье derived from those already theгe. Now that we have the technique of mathematical induction, we can carry out these deгivations. Why botheг to prove things that we already accept as tгue? For one thing, the existence of these proofs justifies the paгticular form of our definitions and gives us а small set of fundamental pгopeгties of the numbeгs fгom which all these other facts follow. Fol' anotheг, this task gives us some good practice in carrying out induction proofs, using а vaгiety of pl'Oof strategies22 . In abstract algebra, the following pioperties of а system аге called the semiring axioms and any system satisfying them is called а semiring23 :

1. Theie аге two Ьinary operations + and " defined fог all pairs of elements. 2. These opeiations аге each commutative, so that 'Vx : 'Vy : (х + у) = (у + х) and 'Vx : 'Vy : (х · у) = (у · х ) . 3. They are both associative, s o that 'V.т : 'Vy : 'Vz : (х + у) + z = х + (у + z) and 'Vx : 'Vy : 'Vz : (х · у) · z = х · (у · z ) . 4. Theie i s a n additive identity О sнch that х + О = О + х = х, and а multiplicative identity 1 such that 1 · х = х · 1 = х. Also О · х = х · О = О. 5. Multiplication distributes over addition, so that 'Vx : 'Vy : 'Vz : х · (у + z)

=

х · у + х · z.

One o f the Ьiggest technical proЬlems i n constl'Ucting proofs o f these properties i s о ш tendency to assume that they are true and obvious while we 're trying to prove them, which would Ье invalid circwar reasoning. In particнlar, our stanclard notation for arithmetic sometimes assumes that addition and multiplication are associative, as we wl'ite x + y + z without specifying which opeiation is to Ье caгried out first. For this section, you should think of aiithmetic statements as being abbгeviations fог calls upon our foгmally defined functions, so that instead of x+y+z we need to say x + (y + z ) , repгesenting plus (x , plus ( y , z) ) , or (x + y) + z , гepгesenting plus (plus ( x , у) , z) . 22 The value of such а task is something for an individual instшctor to assess, of course. Note that Hofstadter· does much of the same work in his Chapter VIII, but our derivations here ar·e consideraЬly shorter because of the more informal proof style we have developed. 23 It's called а "semiгiпg" because these аге only some of the pгopeгties of а full-fledgecl гing sнch as the integeгs. We gave the axioms for а ring in Section 3.8 - along with the semiring axioms а ring mнst have an additive inveгse for every element, so that it satisfies the property Vx : :Jy : х + у = О. Actually, if you're keeping score, this is the definition of а commutative semiгing, as most authors do not requir·e the multiplication operation in а гing or semiring to Ье commutative. We'll encounter а nнmЬег of other semirings later in the book.

4-30

We can't use the fact that these two calls return the same answer until we've proved it from the definitions. We can go at these proofs in either of two ways. Just as а large programming proЫem is going to involve various subproЬlems, а large proof is going to involve various sнbproofs. We can get at this Ьу either а top-down method, where we start out to do the whole thing and identify а good subproЬlem as something we need to finish, or а bottom-up method, where we decide in advance what а good subproЫem might Ье. We'll use а mixture of the two to get experience of both 24 .

4.6.2

Properties of Addition

Remember that addition is defined Ьу the rнles х + О = х and х + S (y) = S(x + у) , using S (x) to represent the successOI of х. (We don't want to нsе the notation "х + 1" in this context because we want to distinguish between addition and the successOI opeгation. ) We want to show that the Iing propeities for addition follow fIOm this definition of addition. Let's begin bottom-up, Ьу looking for one of our desired propeities that ought to Ье easy to prove. Vx : х + О = х is actually given to us, but what about Vx : О + х = х? It's а statement about all naturals х, so let's tiy induction on х. FOI the base case, we must show О + О = О, which follows fiom the Vx : О + х = х rule Ьу specifying х = О. Fш the inductive step, we let х Ье arЬitr-ary, assume О + х = х, and tiy to piove О + S(x) = S(x) . Expanding О + S(x) Ьу the definition of addition, we get S(O + х), and applying our inductive hypothesis inside the paгeпtheses, we get S(x) as desired. So we've completed the inductive step and pгoved Vx : О + х = х. Now for а haider one, the commнtativity of addition. Let's tгу to work top-down, and see where we get stuck. Write the desired property as Vx : Vy : (х + у) = (у + х ) . We have а choice of induction ог the Rule of Generalizatioп, and wе'ге going to take а paгticulaг choice: let х Ье агЬitгагу and use inductioп on у. (This is the easiest way it might work out, given that we don't have any immediate way to ргоvе the inneг statement Vy : (х + у) = (у + х) without induction. Using induction only once for the inneгmost statement tuгns out to Ье the Iight idea in all of the examples in this section - the other variaЫes will Ье аЫе to "go along for the ride" as we vary the inneпnost one. If they couldn't, we would have to consideг inducting on mOie than опе vагiаЫе. ) So we're trying t o prove V y : (х + у) = (у + х), with х aгЬitraiy, Ь у induction o n у. The base case with у = О tuшs out to Ье just the warmup exeгcise above! (We kпew х + О = х, and we showed О + х = х, so х + О = О + х. ) How about the inductive step? We assнme that х + у = у + х and tгу to ргоvе that х + S(y) = S(y) + х. Well, х + S(y) is equal to S(x + у) Ьу the definition of addition, and then equal to S(y + х) Ьу the inductive hypothesis. The definition of addition again gets нs to у + S(x) , ratheг than the S(y) + х we'Ie looking for. Неге is а subproЫem that we can isolate and attack with anotheг induction: Lemma: Vx : Vy : S(y) + х = у + S(x). 24 Hofstadter is again woith Ieacting о п this point - he makes retшning to а theme in а piece of music.

4-31

а

nice analogy between finishing

а

subprogiam and

Proof: Actually we'd rather induct on х than у, because our definition tells us what to do with successor terms on the right of the addition, not the left. So, using the commutativity of universal quantifiers fгom Chapter 2, rewrite the whole thing as 'vhich properties were used in this section to pl'Ove which other properties, to make sure there's no circular reasoning involved.

4-34

Р4.6.3 Define the following predicate С(а, Ь, т ) for naturals а and Ь and positive naturals m. If а < т, С(а, Ь, т ) is tme if and only if а = Ь. If Ь ::::: m, then С(а, Ь, т ) is false. If Ь < т and а ::::: m, then С(а, Ь, т ) is true if and only if С(а - т, Ь, т ) is true. Prove that if Ь < т, then fог any natural а, С(а, Ь, т ) is true if and only if 3r : а = rm + Ь where r is а natural. Р4.6.4 Define tl1e predicate RP(a, Ь) fог positive naturals а and Ь as follows. RP(a, Ь) is defined to Ье true if and only if one of the following is true: а 1, Ь 1, а > Ь and RP(a - Ь, Ь) or а < Ь and RP(a, b - а ) . =

=

(а) Ршvе that RP(a, Ь) i s true if and only i f the Euclidean Algorithm from Section 3.3 returns 1 on inputs а and Ь. ( Note that the definition implies that if а = Ь and а > 1, then RP(a, Ь) is false because none of the given conditions are true. )

(Ь) Prove that RP(a, Ь ) i s true i f and only i f --,::Jc : D (c, а) /\ D(c, Ь ) /\ (с > 1) where D i s the division predicate.

Р4.6.5 Define the exponentiation opeгator on naturals recursively so that х 0 = 1 and xS(y) = хУ · х. Prove Ьу induction, using this definition, that for any naturals х, у, and z, xY+z хУ · xz and =

xy·z = ( хУ у .

Р4.6.6 Consideг а set of boolean variaЫes { х 1 , . . . , Хп } and the 2 п possiЫe assignments of truth values to these variaЫes. If f and g аге two such assignments, define f + g to Ье the assignment h wheгe h (xi ) f(xi) V g(xi) , and define fg similarly in terms of /\. Prove that these two operatoгs оЬеу the semiгing axioms. =

Р4.6.7 ( uses Java) In this proЫem we гecursively define two more Ьinшу operators on naturals. Each operation is defined only if the second argument is nonzero. We define R(O, у) to Ье О, and define R(S(x) , у) to Ье S(R(x, у) unless S(R(x, у)) = у, in which case R(Sx, у) = О. We defi11e Q (O, x) to Ье О, and define Q (Sx, y) to Ье Q(x, y) unless R(Sx, y) О i11 which case =

,

Q(Sx, у) = S(Q(x, у).

( а) Write recursive static pseudo-Java methods natural r (natural natural q (natural

х,

х , natural у) and natural у) to compute these two opeшtions.

(Ь ) Compute the values Q(5, 2) and R(5, 2), eitheг using your method ог working diгectly with the definitions.

Р4.6.8 Using the definition of the operatoгs R and Q in РшЫеm 4.6.7, ршvе the following facts Ьу induction for any fixed positive natural у. (а) For any natural х, y(Q(x, у)) + R(x, у) = х. (Ь ) For any 11atural z, Q(zy, у) = z and R(z, у) = О. (с ) If х is any fixed positive natural, the11 for natural z , Q(Q(zxy, х ) , у) = Q(zxy, у ) , х ) . Р4.6.9 Consider а semiгi11g with exactly two elements. The axioms require one element to Ье О and the other to Ье 1 , and define the values х + у and ху for most pairs of elements х and у. What are the choices availaЫe to us to Iemain consistent with the axioms? How many diffeгent semirings are there with two elements? Р4.6 . 1 0 Following ProЬlem 4.6.8, can you characteгize the possiЫe semirings with exactly thгee el­ ements? (Hints: We can call the thгee elements О, 1, and х. The multiplication is mostly 4-35

defined Ьу the identity property of 1 and the absorЬing pгoperty of О, so that the only choice is the valнe of хх. There are exactly nine ways to define а commнtative, associative addition operation on {О, 1, х} such that О is an identity. The гemaining proЫem is to deteгmine which comЬinations of sнitaЫe addition and multiplication opeгations satisfy the distribнtive law. )

4-36

4. 7

Recursive Definition for Strings

4. 7 . 1

Axioms for the Strings

We've now seen seveгal examples of mathematical indнction to ршvе statements аЬонt the natuгals, which aie defined гecuгsively Ьу the Peano axioms. In Section 4.4 we also saw that paгticulaг subsets of the natuгals (such as the numbeгs gгеаtег than 3, щ the odd numbeгs) , subsets that have theiг own гecuгsive definitions, admit theiг own induction schemes. In fact апу гecuгsive definition of а data type gives us а way to fщm inductive pгoofs of statements аЬонt all elements of that type. Recall оuг otheг example of а гecuгsively defined data type, the stгings оvег а particнlaг alphabet :Е :

•

Л i s а stгing.

•

If w is а stгing, and

•

а

Е :Е, then wa is а stгing.

No stгing is fщmed Ьу the above гule in two diffeгent ways: i.e, if wa = vb, then w = v and Ь.

а = •

If и is any stгing, then if and only if и =f. Л, и is equal to wa fог а unique stгing w and letteг а.

•

The only stгings аге those oЬtained fгom Л using the second Iule.

This is eqнivalent to the definition of stiings we gave back in ChapteI 1, but the eailieI definition assнmed that you knew what а sequence was and this doesn't. Now, jнst as fог the natuгals, let's foгmally define some opeгations on this new data type25 . То staгt with, the axioms tell us that ceгtain opeгations exist, and we will need to use these in coding оuг new ones (jнst as we нsed successor and pred in defining the opeгations on the natuгals) . We'll have а boolean method i sEmpty that will геtuш tгне if and only its string aгgнment is Л. Given а stгing w and а letteг а, we know that wa is нniquely defined, Ьу а function we'll call append (w , а) . The thiid and fouгth Iнles tell нs that given а stiing х =f. Л, х is equal to wa fог а нnique w and а, which we'll call 26 allButLast (х) and last (х) . The fнnctions allButLast and last thiow exceptions if they аге called with inpнt Л. 25 Agaiп, this will iпvolve foгmal proofs of some facts that are pгetty obviously true. But we will see how all we kпow about stгiпgs follows fi·om the simple defiпitioпs, апd get some practice with iпductioп pr·oofs outside the usual setting of numbers. There will Ье several proofs in this format in Chapter 14. 26 This notation is borrowed from the programming language language РОР- 1 1 and will Ье convenient when we deal with finite-state maclliпes in Chapteг 14. А note fог the Lisp-literate: If we chose to represent strings in Lisp as lists of atoms that \Vеге unbalanced to the left ( Lisp usually does it the otheг way ) , the basic Lisp opeгations car, cdr, and cons would coпespond exactly to allButLast, last, and append.

4-37

4 . 7.2

Defining the String Operations

We're now ready to define opeгations on strings. First, though, note that we are not working with the String class of Java, but with the mathematical string class we defined in Chapter 1 27 , fOI our pseudo-Java language. Our mathematical string objects will behave like Java pгimitives rather than objects, and we will define the opeiators to Ье static methods Iather than instance methods 28 . The operations we define will Ье similaI to the Java ones, but not identical. (For example, we can imagine ыЬitrarily long strings while the length of а String must Ье an int. ) That said, we define the length of а stiing w, 'vгitten " l w l " or "length (w) " , to Ье the nнmber of letteгs in it. Formally, we can say that I Л I = О and that for any w and а, j wal = l w l + 1. This definition immediately gives us а Iecursive algorithm: natural length ( string w) {// Returns number of letters in w if ( isEmpty (w) ) return О ; else return ( 1 + length (allButLast (w) ) ; }

In the same way, we can define the concatenation operator, which corresponds to the + operation on Java String objects. Неге we define wx Ьу recursion on the definition of х. We let wЛ = w, and fOI х = уа, we let wx = (wy)a. In code: string cat ( string w, string х) {// Returns string made from w followed Ьу х if ( isEmpty (x) ) return w ; else return append ( cat (w , allButLast (х) ) , last (х) ) ; }

Note that when we write this pseudo-Java code, we have to resolve some amЬiguities in the math­ ematical notation. When we write "wx = ( wy )а" , for example, we'Ie using the same notation to denote appending and concatenation, and if we left off the paгentheses we'd Ье assuming that concatenation is associative, something we liaven't yet proved. (It is true that concatenation is associative, of course, but when we wiite the code we have to decide exactly which OideI of the opeгations is meant.) Reversing а string is anotheI example. InfOimally, wR is w written backward. Foimally, л R = Л and if w = ха, wR = axR. (Note that we need to нsе the concatenation operatOI in OideI to define reversal, because axR is а concatenation ratheI than an appending.) In pseudo-Java29 code: 27 Though note that the actual Java methods iп Excursion 4.2 used the Java String class. 28 In par·ticular, we will test strings for equality with = = , whe1·eas with Java Strings it is possiЫe for u = = v to Ье false \Vhile u . equals (v) is true. Exercise 4.7.2 has you define the = = operator from the other basic methods. 29 We are assuming an implicit type cast from chaшcters to strings when we give the character last (w) as an argument to cat.

4-38

string rev ( string w) {// Returns w written backward if ( isEmpty (w) ) return emptystring ; else return cat (last (w) , rev ( allButLast (w) ) )

4 . 7.3

Proof Ву Induction for Strings

In each case the operation is defined for all strings because the recursion is guaranteed to teгminate, which in turn is because each recursive call is on а smaller stгing until eventually the relevant argument is the empty string. Mathematical induction30 will then allow us to prove properties of these operatoгs. Specifically, if а set of strings contains Л and is closed under the operations of appending letteгs, it must consist of all the stгings. So if Р( w) is any statement with one free variaЬle ranging over stгings, we can use the following lnduction Rule For Strings:

• •

•

Prove Р(Л) Ргоvе l:/w : P(w) -t [1:/а : P(wa)] . Неге the vагiаЫе а шnges oveI letteгs. Fш binary stгings, with alphabet {О, 1 } , this has the special equivalent fшm l:/w : P(w) -t (P(wO) /\ P(wl ) ) . Conclude l:/w : Р(w ) .

Our definitions o f the length, concatenation, and reversal functions have the ргорегtу that for each letteг а, f (wa) is defined in terms of f(w) and а. This means that an inductive hypothesis telling us about f(w) will often Ье useful in proving things about f(wa ) . vVe'll now see а numbeг of examples of such proofs. Proposition: For any stгings и and v, lиvl = lиl + l v l . ( Fог example, in Figure 4-6 l и l and l v l аге each equal to 3 and lиvl is equal to 6. The figure shows an example of this rнle in action. ) Proof: Let и Ье an arЬitrary string and use induction on v. In the base case, v = Л, lиvl = lиЛ I = lиl ( Ьу definition of concatenation ) and lиl + lvl = l и l + О = lиl Ьу definition of length. For the inductive case, we may assume v = wa and, Ьу the inductive hypothesis, lиwl = l и l + l w l . We must show lи(wa) I = lиl + lwal ( being caгeful not to assume resнlts that might Ье implicit in our notation) . Ву definition of concatenation, u (wa) = (uw)a, so lи(wa) I = l (uw)al = lиw l + 1 Ьу definition of length, and = lиl + l w l + 1 Ьу the inductive hypothesis. Meanwhile, lиl + l wal is also lиl + l w l + 1 Ьу the definition of length. • Proposition: For any string w, lwR J = J w J . 30 Induction o n а recшsive definition, when done o n something other than naturals, i s often callecl structural All these techniques can still Ье justified fюm the single Principle of Mathematical Induction, of course, so whether· to call this а "new proof technique" is а matter of taste. induction.

4-39

u

=

"ааЬ"

uR

=

"Ьаа"

v

=

"ЬЬа"

vR

=

"аЬЬ"

uv

=

"ааЬЬЬа"

(uv)A

=

"аЬЬЬаа"

=

vRuR

@Kendall Hunt PuЫishing Соmрапу

Figure 4-8: The reversal of the concatenation of two strings. Proof: For the base case, I ЛR I = I Л I = О. For the inductive step, we let w = va and assume lvR I = l v l . Ву the definition of reveгsal, l wR I = l (va)R I = l a(vR) I . This is lal + lvR I Ьу the previous resнlt, and this is eqнal to l a l + lvl Ьу the inductive hypothesis. On the other hand, l w l = lval = l v l + 1 Ьу the definition of le11gth, and addition of naturals is commutative, so we have proved that lwR I = l w l . Since we have completed the i11ductive step, we have completed the ршоf. • Proposition: For any three strings х, у, and z, (xy)z = x(yz ) . Proof: We let х a11d у Ь е аrЬitгагу and use induction o n z . If z = Л, both (ху)Л and х (уЛ) аге equal to ху Ьу the definition of concatenation. For the indнctive step, let z = wa and assнme (xy)w = x(yw ) . Ву successive applicatio11 of the defi11itio11 of co11catenatio11, a11d one use of the i11ductive hypotl1esis, we get

(xy)z = (xy) (wa) = [(xy)w] a = [x(yw)] a = x [(yw)a] = x [y(wa)] = x(yz) . • Proposition: For any stгi11gs и and v, (uv)R = vRuR. (See Figшe 4-8 fог an example.) Proof: Again we let и Ье аrЬitгагу and нsе indнction on all strings v . Fог the base case, (u>.)R and л RиR are both equal to uR . For the inductive case, we let v = wa and assume (uw)R = wRuR. We have to deteгmine what (uv)R is, Ьу determining how it relates to (uw)R. Well, (uv)R is (u(wa))R (since v = wa), which i s equal t o ( (uw)a)R Ь у the definition of concatenatio11. This i11 t ш n i s equal to a(uw)R Ьу the definition of reversal, and is then a (wRuR) Ьу the inductive hypothesis. If we can rewrite this as (awR)uR, we are done Ьесанsе vR = awR Ьу the definition of concatenation. But we just proved the associativity of concatenation above. • Another interpretation of the law of induction for strings is that а recursive program, that гесшsеs on а single aгgument of type string, is guaгanteed to teгminate if ( а) it doesn't call itself on inpнt Л, and (Ь) it calls itself on input х only with aгgument allButLast (х) . Тhеге is а гelated form of "stгong induction for stгings" , that would allow the program to call itself with any aгgнment that is а prefix of х. Note that we can also recursively define а language, like the balanced paгenthesis language of ProЬlems 4.7.6 and 4.7.7 below. As long as we have а гule that strings are in the language only if they can Ье produced Ьу paгticular other rules, we have а similar inductive technique to ргоvе that 4-40

all strings in the language have а particular pгoperty. We will see much mше of this in Chapteг 5 when we look at languages defined Ьу regulaг expressions.

4. 7.4

Exercises

Е4.7.1 Prove from the string axioms that аЬа is

а

string.

Е4.7.2 ( uses Java) Write а recursive ( static ) pseudo-Java method boolean isEqual ( string х , string у ) that returns true if and only if the stгings ( not Java Strings ) х and у are the same stI"ing. Use only equality of letteгs and the pгedefined static methods fI"om this section. Recall that these include а static boolean method isEmpty (string w) that determines whether w is the empty string - use this шther than using == on string values. Е4.7.3 If w is а stгing in {О, 1 } * , the one's complement of w, oc(w) , is the unique stI"ing, of the same length as w, that has а zero wherever w has а one and vice versa. So, fог example, ос(101) = 010. Give а recursive definition of oc(w) , like the definitions in this section. Е4.7.4 ( uses Java) Wгite а recursive static pseudo-Java method string ос ( string w) that returns the one's complement of а Ьinary stгing, as defined in Exeгcise 4 . 7.3. Е4.7.5 ( uses Java) Write а static гeal-Java method to гeverse а String. Do this fiI"st using а loop and the charAt method in the String class. Then wгite anotheI", recшsive veгsion that uses only the concatenation operator + and the substring method. Е4.7.6 If и and v are stгings, we have defined и to Ье а suffix of v if ther-e exists а string w such that wu = v. Write а I"ecursive definition of this property like the ones in this section. ( Hint: When is и а suffix of the empty string? If you know about suffixes of v, how do you decide about suffixes of va?) Е4.7.7 ( uses Java) Using the isEmpty and allButLast methods, wI"ite а recшsive pseudo-Java static method boolean isSuffix ( string u , string v) that returns true if and only if и is а suffix of v as defined in Exer-cise 4 . 7.6. Е4.7.8 ( uses Java) Often when you enter а password, what is displayed is not the password itself but а stI"ing of staI"s of the same length as the string you have entered. Given any string w , let stars(w) Ье this string o f staI"s. Give а r-ecursive definition o f this stars function, and а recursive pseudo-Java static method computing it using the basic methods defined in this section. Е4.7.9 ( uses Java) If и is а string and а is а letter, give а recursive definition fш the relation contains(u, а), which is true if and only if а occurs at least once in и. Wr-ite а recшsive pseudo­ Java static method boolean contains ( string u, char а) that decides this relation. Е4.7.10 ( uses Java) А string is defined to have а douЫe letter if is contains а substring of the form аа where а is any letter in the alphabet. Wгite а recursive static pseudo-Java method boolean hasDouЬle ( string w) that гetшns true if and only if w has а douЫe letteI". Use the basic methods given in the section.

4-41

4. 7.5

ProЫems

Р4.7 . 1 Prove Ьу induction on strings that for any string w, (wR)R

=

w.

Р4.7.2 Prove Ьу induction o n strings that for any Ьinary string w, (oc(w))R 4.7.3 for the definition of one's complement. )

=

oc(wR ) . ( See Exercise

Р4.7.3 The function f irst is defined to take one string argument and return the first letter of the string if there is one. ( So f irst (w) has the same output as w . charAt (О) . ) The pseudo­ Java functio11 allButFirst takes one string aгgument and returns the substring consisting of everything but the fiгst letter. Both f irst and allButFirst should throw exceptions if called with Л as their argument.

( а) vVrite recursive definitions for these two functions in terms of the append function. ( Ь ) ( uses Java) Write pseudo-Java гecursive static methods to calculate these two functions,

using any or all of the primitives isEmpty, append, last , and allbutLast . Your method should Ье closely based on the recursive definition.

Р4.7.4 ( uses Java) Recall that in the String class in real Java, there are two functions both named substring. If i and j are naturals, w . substring ( i ) returns the substгing of w oЬtained Ьу deleting the first i characters. The two-argument function w . substring (i , j ) гeturns the substгing consisting of the characteгs with position numbeгs k such that i ::;: k and k < j .

( а ) Define two pseudo-Java static methods named substring t o operate o n our string

primitive data type. The first method should take а stгing w and а natural i and гeturn w . substring ( i ) as defined above. It should throw an exception if i is negative or if i is greater than the length of w. The second should take а string w and two naturals i and j and return w . substring ( i , j ) . It should throw an exception if i is negative, if i > j , о г i f either i о г j is laгger than the length o f w . Give recursive definitions o f these two functions in terms of the basic opeгations on strings and naturals. Each method should throw an exception if one or both of the natural arguments is equal to ог greater than the length of the stгing.

( Ь ) Prove Ьу induction, using your definitions, that cat ( substring (w , О , i) , substring (w , i ) ) ==

w.

w for all strings w and all naturals i such that i is less than ог equal t o the length of

( с ) Prove Ь у iпduction similaгly that cat ( substring ( w , i , j ) , substring ( w , j , k) ) substring ( w , i , k) fог all striпgs w апd all naturals i, j, k such that i ::;: j ::;: k and k is

==

less than ог equal to the leпgth of w.

Р4.7.5 ( uses Java) Give а гecursive definition, in terms of our given basic operations for pseudo-Java strings and naturals, of the following charAt function. Since strings are а primitive type in pseudo-Java, we must гedefine charAt to take two arguments - if w is а string and i а natural, we define charAt (w , i) to Ье the сhагасtег of w in position i, if any, where the first position is numbered О. The function is undefined if there is no such characteг. ( Hint: Your defiпition should have two cases, one for w = Л and one for w = va. ) Write а pseudo-Java recursive static method to calculate this charAt function, using your definition. Thгow an exception if the function value is undefined.

4-42

Р4.7.6 (uses Java) We can define the balanced parenthesis language using recшsion. This is the set of sequences of left and right parentheses that are balanced, in that еvегу left paren has а matching гight paren and the paiгs аге nested properly. We'll use "L" and "R" instead of "(" and ")" for readaЬility. We define the language Paren Ьу the following four rules 31 : (а) Л is in Рагеn. (Ь) If и is in Рагеn, then so is LuR. (с) If и and v are in Paren, then so is uv. (d) о other strings are in Paren. Write а real-Java static method isBalanced that takes а String argument and returns а boolean telling whetheI the input string is in Paren. А non-recursive method is simpler. Р4.7.7 (haгd) Another way to characterize the Paren language (defined in ProЬlem 4.7.6 above) is Ьу the following two pгoperties: ( 1 ) the number of L's and R's in the stiing is equal, and (2) in any prefix of the string, the number of L's is at least as great as the number of R's. Prove, Ьу induction on the definition of Рагеn, that eveiy stiing in Paren has these two pгoperties. Р4.7.8 (uses Java) Suppose we have а set of "good" strings, defined Ьу а pseudo-Java method boolean isGood ( string w) that decides whether а given string is good. We would like to know whetheI а given input string has any substring that is good. (We'll assume that the empty string is not good.) (а) Prove that а string w has а good substring if and only if either (1) it is itself good or (2) it can Ье bioken into two substrings substring (w , О, i ) and substring (w , i ) (using the syntax from ProЬlem 4.7.4 above) such that one of these has а good substгing. (Ь) Use this definition to wгite а recursive pseudo-Java method boolean hasGoodSubstring ( string w) that returns true if and only if the input stiing has а good substгing. Of course your method will call i sGood. (с) vVrite anotheг method that has the same output as that of рагt (Ь), but uses а loop instead of гecursion. (d) Of the methods in parts (Ь) and (с) , which do you think will run faster in general? Р4.7.9 (uses Java) Неге is а гecursive pseudo-Java method which pшports to count the good sub­ stiings in а given input stгing, in the context of РгоЫеm 4 . 7.8. Is it сопесt? If so, aгgue why, and if not, write а psuedo-Java method (not necessarily Iecursive) that is correct. puЫic stat i c int countGood ( string w) { int с = О ; for ( i О ; i < length (w) , i++) if ( isGood (w) ) с++ ; с += (countGood ( substring ( w , О , i) + countGood ( substring ( w , i ) ; } =

31 Real pюgiamming languages have foimal definitions like this, ca!Jed gгammars ( "Backнs- аuг form" is а common format for language definition that is more OI less the same thing. ) \Ne'IJ revisit grammaгs in ChapteI 15. There аге general techniqнes to take such а language definition and create а Iecшsive algorithm to parse а string. The1·e are even "compiler-compilers" that will take а language definition and gene1·ate а whole compileг!

4-43

Р4.7. 1 0 ( uses Java) Неге is а recursive pseudo-Java method: puЬlic stat i c boolean e i s ( string u, string v) { if (isEmpty (u) ) { if ( isEmpty (v) ) return true ; if ( last (v) == ' ' ) return e i s (u , allButLast (v) ) ; return f alse ; } if (isEmpty (v) ) { if ( last (u) == ' ' ) return e i s ( allButLast (u) , v) ; return f alse ; } i f (last (u) == ' ' ) return eis (allButLast (u) , v) ; if (last (v) == ' ' ) return els ( u , allButLast (v) ) ; if (last (u) == last (v) ) return e i s ( allButLast (u) , allButLast (v) ) ; return false ; }

(а) Explain what property of the strings answer.

и

and v is decided Ьу this method. Justify your

(Ь) For each of the calls to last and allButLast in the code, explaiп why the ai·gument of the call is а nonempty string.

(с ) Ршvе carefully, Ьу induction on strings, that the method returns the result you claimed in part (а) .

4-44

4.8

Excursion: Naturals and Strings

Induction is closely related to recursion in several ways. In proving а recursive algorithm сопесt, it's natural to use induction on tlи argument as in our examples earlier. Неге our piedicate Р(п), in the case where the argument to the algoгithm is а natural, might Ье "the algorithm terminates with the correct output on input п" . If the algoiithm calls itself only with an argument that is the pгedecessor of the original argument, you can complete the inductive step Ьу assuming the correctness of the algoiithm foI input п and veiifying it for input п + 1. The base step is geneгally explicit in the algoгithm. This method is particulaily useful for proving that а recursive algoгithm explicitly follows а гecursive definition. If the гecursive algoгithm calls itself with arguments smaller than the oгiginal one, though not necessarily just the predecessoг of the original aгgument, we can use strong induction ( as in Section 4.4). For the inductive step, we would assume the correctness of the algoгithm for all inputs i :::; п, and then ргоvе correctness fог input п + 1 . I n this Excursion we are going t o look at two fundamental functions, one that conveits Ьinaiy strings to naturals, and the otheI that conveits natuгals to Ьinary stiiпgs. (Aie these two fнnctions actually inveгses of one anotheг?) We'll begiп with the Jecursive definitions of how а stгing represents а number and vice versa.

•

The string Л гepresents the natural О.

•

If w repiesents п, then wO Iepiesents 2n and w l Iepiesents 2n + 1 .

•

The natural О i s гepгesented Ь у the stгing О .

•

The natural 1 i s гepiesented Ь у the stiing 1.

•

If п > 1 , we divide п Ьу two, let w represent the qнotient (Java n/2 ) , let Iemainder (Java n%2 ) , and Iepieseпt п Ьу wa.

а

repiesent the

А few examples (see Figшe 4-9) should convince you that these definitions correspond to the usual гepresentation of naturals as Ьinагу strings. Fог one example, the Iepгesentation of 7 is that of 3 followed Ьу а one, that of 3 is that of 1 followed Ьу а one, that of 1 is а one Ьу the base case, giving us 1 1 1 , the correct Ьinагу fш 7. So now we tiy to code these нр as pseudo-Java methods, given ош standaid piocedшes for both naturals and stiings (Again, recall that we aie using our mathematical string piimitive type ratheI than the Java String class) :

4-45

value ("1 1 1 ")

гер(7)

value ("1 1 ")

= гер(З) · "1 "

=2х

= гер( 1 )

= 2 х (2 х

·

" 1 " · "1 "

= "1 " · "1 " . "1 "

= 2 х (2х1

= "1 1 1 "

=7

+

1

value ("1 ") +

1)

+ 1)+ 1

+1

@Kendall Hunt Pt1Ьlisblng Company

Figшe 4-9: The functions from natшals to strings and vice versa. stat i c natural value ( string w) {// Returns natural number value of the given binary string . if ( isEmpty (w) ) return О ; string аЫ = allButLast (w) ; if ( last (w) '0') return 2 * value (аЫ ) ; else return (2 * value (аЫ) ) + 1 ; } ==

stat i c string rep (natural n) {// Returns canonical binary string representing the given natural . if (n == О) return " О " ; if (n 1) return " 1 " ; string w = rep (n/2) ; if (n%2 О) return append (w , ' 0 ' ) ; else return append ( w , ' 1 ' ) ; ==

==

Writing Exercise: Give are correct. Specifically:

а

clear and convincing argument ( using induction ) that these algorithms

1. Show Ьу induction for all Ьinary strings w that value (w) teгminates and oнtputs the correct natшal according to tl1e definitions. 2. Show Ьу ( strong) induction for all naturals п that rep (n) terminates and outputs the correct string according to the definitions. You will need two sepaгate base cases for п = О and п = 1 .

4-46

/��;·

С о -- о

@Kendall Hunt Pt1Ьlishing Соmралу

Figure 4-10: An undirected graph, drawn in two different ways. 4.9

4.9.1

Graphs and Paths

Туреs of Graphs

Our next examples of recшsive definitions will take us into the I"ealm of graph theory. We met diagrams of dots, connected Ьу lines щ arтows, in ChapteI" 2 as а pictщial representation of Ьiпаrу relations. You've ршЬаЫу rнn into several other similar diagrams to model other sitнations in compнteI" science. What we'I"e goiпg to do now is to formally define some mathematical objects that can Ье гepresented Ьу sнch diagшms, in such а way that we'll Ье аЫе to ршvе facts аЬонt them. This will Ье only а bгief intгoduction - we'll геtшn to gгaph theoгy in Chapteгs 8 and 9.

•

•

An undirected graph (Figure 4-10) is а set of points, called nodes ог veгtices32 , and а set of lines, called edges. Each edge has t'vo endpoints, which аге two distinct nodes. No two edges have the same раiг of endpoints. Furtheгmщe, the only aspect we саге about in an нпdiгected gгaph is which paiгs of nodes have endpoints - the Ьinai·y edge predicate Е (х, у) on пodes, meaning "theгe is an edge between node х and поdе у" . If two gгaphs have the same edge pгedicate, we coпsideг them to Ье equal although they might Ье dгаwп to look vегу diffeгent. А directed graph (see Figшe 4- 1 1 ) is а set of nodes togetheг with а set of directed edges ог arcs. Each агс is an arтow from one node to anotheI33 . No two arcs may have both the same stait node and the same end node. The directed graph may also Ье represented Ьу its edge predicate Е (х, у) meaniпg "there is an aic from node х to node у" , and two diiected giaphs with the same edge predicate аге considered to Ье equal. We can think of an нndiгected gгaph as а diгected graph if we like, where each edge between х and у is viewed as two агсs, опе fгom х to у and one fгom у to х . -

•

We'll also eventнally see both diгected and нпdiгected multigraphs, which аге like gгaphs except that more than one edge ог агс might have the same eпdpoints (see Figure 4-12).

32 The singular o f "vertices" i s "vertex" . 33 Actually we also allow an aic from а node to itself, in which case it is also called

4-47

а

loop.

@Kendall Huлt PuЫisl}ing Соmрану

Figure 4-1 1 : А directed gгaph.

Undirected

Directed

@Keлdall Huлt PuЫisl1ing Соп}рапу

Figure 4-1 2 : Undiгected and directed mнltigraphs. •

4.9.2

Also later, we'll see graphs wheгe the nodes and/or the edges аге labeled associated with some other data item. Labeled graphs are а нsefнl data stгнcture to model all soгts of sitнations. For example, а labeled diгected gгaph might have nodes гepгesenting aiгpoгts, arcs for possiЫe flights from one airport to another, and labels on the агсs for the departure time, price, or length of the flight (see Figшe 4-13) . -

When are Two Graphs the Same?

Figure 4- 14 shows two different diгected graphs, one with veгtex set {а, Ь, с} and the otheг with vertex set {x, y, z} . Cleaгly these graphs are not equal or identical, Ьесанsе to Ье identical two gгaphs mнst have the same vertex set and the same edge pгedicate. However, there is а sense in which these two gгaphs are "the same gгaph" , and we will now make this notion pгecise. In Chapter 3 we spoke of algebraic stгнctures, sнch as гings, being isomorphic. The definition of "isomoгphic" is specific to а paгticulaг class of structures 34 , such as гings ог undirected gгaphs. In general an isomorphism fгom one stгucture to another is а Ьijection of the base elements of the stгuctures, which satisfies additional Iules that preseгve the essential pгopeгties of the strнcture. А set is а collection of elements with no otheг stгнcture, and so an isomoгphism of sets is jнst а Ьijection. We say that two sets are isomorphic if there exists а Ьijection between them, >vhich as 34 А branch of mathematics called category theory starts with and stнdies the propeгties that are common to all of them.

4-48

а

fшmal definition of these "classes of stгuctшes" ,

'"'•\� /" JFK 10:25 f'M.

@Kendall Hunt PuЫisl1ing Соmрапу

Figure 4-13: А directed graph, labeled with departure times.

/

ь·--- ·

/\

f(a)=y f(b)=X f(C)=Z

@Kendall Hunt PuЫisl1ing Соmрапу

Figure 4-14: Two isomorphic directed graphs.

4-49

we have 8een оссш8 exactly when the two 8et8 have the 8ате 8ize if they are finite35 . We defined а ring to Ье а 8et with addition and тultiplication operation8 that obeyed variou8 law8. An i8oтorphi8т f froт а Iing R to another ring S i8 а Ьijection of the eleтent8 that preserves the two operations, 80 that we alway8 have f(x + у ) = f(x) + f(y) and f (xy) = J(x)f(y) . The definition8 of i8oтorphi8т for othel' algebшic 8tructure8 аге 8iтilш. With each type of graph we have defined, an i8отшрhi8т fгот one gгaph G to anotheг Н i8 а Ьijection f froт the vertice8 of G to the vertice8 of Н that pre8eгve8 the edge predicate. That i8, fш any two vertice8 х and у we тu8t have Ес (х, у) +--+ Ен (f(х) , ! (у) ) . In our ехатрlе in Figure 4-14, we can find an i8отшрhi8т f with f(a) = у, J(Ь) = х, and f (c) = z. We can check that for every choice of two vertice8, the i8oтorphi8т condition hold8. What doe8 it теаn fог two graph8 to Ье i8oтorphic? Suppo8e we гedraw Н with new veгtex label8, 80 that every vertex х i8 now labeled with 1- 1 (х) . ( The function f тu8t have an inver8e becau8e it i8 а Ьijection. ) We now have а graph with the 8ате vertex 8et as G, and the 8ате edge predicate as G, 80 thi8 graph i8 identical to G! Thu8 another way to 8ау "G and Н are i8oтorphic" i8 to 8ау "the veгtice8 of Н can Ье relabeled to таkе а gгaph identical to G" . In Ехегсi8е 4.9.6 you'll ргоvе that i8отогрhi8т i8 an equivalence relation, and it follow8 that graph8 are divided into equivalence clas8e8. Thi8 rai8e8 the natural ргоЫет of classifying the graph8 with certain propeгtie8. Cleaгly all the gгaph8 in а cla88 have the 8ате nuтЬег of veгtice8, becau8e otheгwi8e we could not have а Ьijection of vertice8, тuch le88 an i8oтorphi8т. In Exerci8e 4.9. 7 you'll 8how that the nuтber of edge8 in an undirected graph i8 а pгoperty of an equivalence сlав8. Fог undiгected graph8 with three node8 thi8 property i8 enough to deterтine the clas8 of а graph, but for four or тоге node8 it i8 not. If two graph8 are i8oтorphic, there i8 а 8iтple proof of thi8 fact, Ьу giving an ехатрlе of an i8o­ тorphi8т. But if they are not i8oтorphic, thi8 тау Ье harder to 8how. Of course in pгinciple we could check each of the po88iЬle Ьijection8 of the veгtice8 and 8ее that none of theт are i8oтor­ phi8т8, but thi8 get8 iтpractical very quickly as the nuтbe1· of vertice8 increa8e8. РгоЫет 4.9.7 define8 а property of undirected graph8 that i8 pre8erved Ьу i8oтorphi8т, 80 that if two graph8 differ with ге8ресt to thi8 property they аге not isoтorphic. In general, we prove non-i8oтoгphi8т Ьу as8uтing that an i8oтorphi8т exi8t8 and then deriving con8equence8 of that as8uтption, until we eventually reach а contradiction.

4.9.3

The Path Predicate

The8e definition8 аге in general not гecur8ive, though we could соте up with vaiiou8 diffeгent гecur8ive definition8 of the8e concept8 if we wanted36 . However, once we have а diгected graph, there i8 an iтportant гelation that is clearly built up in one particulш way and thu8 has а clear 35 We'll look briefly at Ьijections among infinite sets in Chapter 7. 36 Each such definition would coпespond to а way of' building up

а giaph, such as one veгtex at а time with all its edges, ш one edge at а time staгting with just veitices. But since theie isn't а single obvious way to build up а graph, there isn't а single obvious recшsive definition. We won't go further into this now, because we're saving most of the graph tl1eory in the book foI Chapter 8.

4-50

i_:l>< v

w

z

@Kendall Hunt Pt1Ьlishing Соmрану

Figure 4-15: А path from х to у in an undirected graph. recursive definition. If we view an arc from х to у as saying "we can go from х to у" , then it's natural to wonder what trips we might take Ьу using sequences of edges. Thus we define а path to Ье а sequence of zero or more aI"cs in which the destination node of each агс is the source node of the following arc (see Figure 4- 1 5 ) . This is an informal definition similaI to our first definition of stiings as sequences of letters, but we can easily turn it into а fOimal recursive definition. Actually we need to define two thiпgs, the path relation Р(х, у), which coпespoпds to the path predicate "there is а path from х to у" , and the paths themselves, which we'll denote Ьу Greek letters. Also, we'll give the name "(х, у)" to the aic from node х to node у, if it exists.

•

•

•

FOI any х, Р(х, х) and >. is а path fiom х to х. (Theie is always а path, of length zero, fiom any vertex to itself, whether or not theie is а loop on that veI"tex. ) Р(х, у) f\ Е(у, z ) ---+ Р(х, z ) . Specifically, if о: is а path from х to у and (у, z ) is an edge, theie is а path (3 fIOm х to z consisting of о: followed Ьу (у , z ) . (We can make а path Ьу taking an existing path and adding апу edge that starts wheie the path ends.) All paths can Ье coпstructed in this way.

This allows us to piove statemeпts about paths in а graph. Let's begin witl1 an important and obvious fact, that the path Ielation is transitive - you can make а path Ьу following first one path, theп another that finished where the fiist one starts. Тransitivity Theorem: If there is а path from х to у, and а path fiom у to z, then theie is а path fIOm х to z . Proof: We'll use induction o n the second path, using the Iecursive definition37 . Let х and у Ь е arЬitrary vertices such that there i s а path о: from х t o у. For the base case, suppose that the path from у to z has no edges. Then у = z and о: is also tl1e desiied path from х to z. For the iпduction, suppose that there is а path (3 fiom у to some w, an edge ( w, z ) , and that the inductive hypothesis applies to (3 (see Figure 4-16). Тhеп that inductive hypothesis tells us that theie is а path ' УfIOm х to w , and the inductive part of the definition tells us that "(, followed Ьу (w , z ) , is а path from х to z. Because of the last clause 37We've had enough practice with i·ecшsive definitions Ьу now to figшe out the proof method st1·aight from the definition.

4-51

Path · �

Path · �

Аге · ----.. · w

@Kendall Hunt PuЫishing Соmрапу

Figure 4- 16: А diagram f'or the inductive case of the proof. of the definition, the base step and induction step of this proof coveгs all possiЫe paths from у to z. • The definition of paths is 'Ъottom-up" гаthег than "top-down" . It allows us to show that а path exists if it does, but it doesn't give us any immediate way to decide the path гelation for some particulaг veгtices х and у. This would mean determining whether Р(х, у) is true or false for given input nodes х and у. This impoгtant computational proЫem is also called finding а transitive closure, because Р is the smallest relation that includes Е and is tгansitive38 . We can use the notion of paths to define vaгious pгopeгties of both undirected and directed graphs. ( We define paths in an undirected graph Ьу vie,ving it as а directed graph, as described above. ) Fш example, an undiгected graph is said to Ье connected if Vx : Vy : Р(х, у ) ; that is, if there is а path between any two nodes. А directed graph, on the other hand, is said to Ье strongly connected if it has this ргорегtу. А cycle is а "non-trivial" path from а node to itself. Неге "non-trivial" гefers to paths that are not always guaranteed to exist, and the meaning of this depends on the context. Of course we don't want to count the zero-length path fгom any node to itself. In а directed graph, that's tl1e only гestriction, so that any path of one or more edges from а node to itself is called а directed cycle. In an undiгected graph, any edge foгms а diгected cycle, because you can go fгom one endpoint оvег the edge to the otheг, and tl1en back again. So there we define an undirected cycle to Ье а path of three ог mше edges from а node to itself that never гeuses an edge. An undiгected graph with no undi1·ected cycles is called а forest. The гeason fш this ( which we'll have to take on faith for the moment ) is that such а graph can Ье divided into trees, which are connected foгests. This is only one of а numbeг of гelated concepts called trees we will see another kind of tree in the next section and explore trees in much more detail in Chapter 9. -

4.9.4

Exercises

Е4. 9 . 1 Dгaw directed graphs гepresenting the equality, ordeг and universal i·elations on the set { 1 , 2, 3, 4, 5}. Е4.9.2 Any Ьinагу гelation on а single set can Ье thought of as the edge гelation fш а diгected gгaph. But only some гelations could Ье the edge relation of а undiгected graph - which ones? ( See the following Exercise 4.9.3 for гemindeгs аЬонt нseful terminology. ) 38 In Chapter 8 we'll present two different algшithms to compute transitive closures.

4-52

Е4.9.3 We defined 8everal propertie8 of Ьinary relation8 in Section 2.8: reflexive, anti-reflexive, 8ym­ metric, anti-8ymmetric, and tran8itive. De8cribe the directed graph8 of relation8 that have each of the8e propertie8. What doe8 the graph of an equivalence relation look like? А paгtial orde1·? How doe8 the latter соmраге to the На88е diagгam from Section 2. 10? Е4.9.4 Prove that апу non-empty path ha8 а fir8t edge. That i8, if а i8 а path from х to у and а -/= Л, then there exi8t8 an edge ( х, w) and а path /3 from w to у 8uch that а i8 ( х, w) followed Ьу fЗ. ( Hint: U8e induction on а . ) Е4.9.5 Explain why the path predicate Р(х, у) on vertice8 i8 an equivalence Ielation on undiiected giaph8, but not in geneial on directed giaph8. PIOve that the Ielation Р(х, у) /\ Р(у, х) is alway8 an equivalence Ielation on any directed graph. 18 the 8ame trнe of Р(х, у) V Р(у, х)? Prove youI an8wer. Е4.9.6 Show that i8omorphi8m of diiected graph8 i8 an equivalence Ielation. 18 it an equivalence Ielation fOI undiiected giaph8? Е4.9.7 One important property of an undirected graph i8 it8 numbeг of edge8.

( а ) Prove that if two undirected graph8 are i8omorphic, then they have the 8ame numbeг of edge8.

( Ь ) PIOve that if two undiгected graph8 each lшve thгee veгtice8 and each have the 8ame number of edge8, then they are i8omorphic.

( с ) Find two нndii-ected gi-apl18, each with four vertice8 and with the 8ame nнmber of edge8, that are not i8omorphic. Prove that there i8 по i8omorphi8m between your graph8.

Е4.9.8 Let G and Н Ье two i8omorphic undirected graph8.

( а ) Ргоvе that if G i8 coпnected, then 80 i8 Н . ( Ь ) Prove that i f G i 8 а fore8t, then 8 0 i 8 Н . ( с ) Piove that i f G i 8 а tree, then 8 0 i 8 Н . Е4.9.9 Con8ideг all po88iЬle dii-ected graph8 with two vertice8. If we call the vertice8 а and Ь , theгe are exactly 24 = 16 8Hch graph8, becau8e theгe are four po8siЬle агсs and we choo8e whether each one i8 pгe8ent. How many equivalence clas8e8 do the8e 16 graph8 form under i8omorphi8m? Е4.9. 1 0 Let G Ье а directed gгaph with n veгtice8, where edge8, then it must contain а directed cycle.

4.9.5

n >

1. Ргоvе that if G ha8 а path with

n

ProЬlems

Р4. 9 . 1 Prove formally that if а is а path fгom х to у in an undirected gгaph, then there i8 а path fгom у to х. (Hint : U8e induction on path8, of cour8e, and u8e the Тгan8itivity Theorem from this section. ) Р4.9.2 Prove that any directed cycle in the graph of а partial ordeг mн8t only involve one node. (Hint : If the cycle were to contain two di8tinct node8 х and у, what does tran8itivity tell you аЬонt arcs between х and у?)

4-53

..Jtь d

ё

@Kendall f-lunt Pt1Ьlishing Company

Figure 4- 1 7: Two five-vertex graphs with the same degree seqнence. Р4.9.3 Give three different-looking ( i. e" not isomorphic) examples of а forest with five nodes and thгee edges. What do they have in common? Р4.9.4 In Section 2 . 1 0 we pгoved that еvегу partial order is the "path-below" relation of а gгaph called а Hasse diagгam. How does the Hasse diagгam гelate to the graph of the partial огdег itself? Present the proof of the Hasse Diag1·am Theorem using mathematical induction. Р4.9.5 In Exeгcise 4.9.5 уон were asked to prove that if Р(х, у) is the path pгedicate of any directed gгaph, then the pгedicate Р( х, у) А Р(у, х ) is an equivalence relation. The equivalence classes of this гelation are called strongly connected components. Ргоvе that а graph has no stгongly conпected components with mоге than one element if and only if it has no diгected cycle with mоге than one node. Ргоvе that if the graph has no such stгongly connected component or cycle with more than one element, then its path relation is а partial oгder. Р4.9.6 (uses Java) Implement а (real) Java Path class for directed giaphs as follows. Assume that Arc and Vertex classes have alгeady been defined, such that these objects Iepiesent directed edges and vertices in some directed graph. The Arc class has source and dest ination methods, each of which return а Vertex. Your Path class should suppoгt the following instance methods: Vertex source ( ) // f irst vertex in path Vertex dest inat ion ( ) // last vertex in path boolean isTrivial ( ) // true whenever path has no edges int length ( ) // number of edges in the path Edge last ( ) // last edge in path, throws except ion if path is trivial Path append (Arc а) // returns new path with а appended to calling path 11 throws exception if а cannot Ье appended

Р4.9.7 In an нndil'ected gгaph, the degree of а node is the number of edges that involve it. The degree sequence of ап undiгected gгaph with п veгtices is а sequence of п naturals that gives the degrees of each veгtex, soгted in descending ordel'. Figure 4-1 7 shows two нndirected gгaphs, each of which has degree sequence (3, 2, 2, 2, 1) Ьесанsе each has one vertex of degree 3, three of degree 2, and one of degгee 1 . (а) Аге tЬese two gгaphs isomorphic? Ргоvе your answer. (Ь) Prove that if two graphs are isomorphic, tЬen they have tЬе same deg1·ee sequence. (с) Is it tJue that if two giapЬs have the same degiee sequence, tЬen they аге isomoгphic? Ргоvе уонr answeг. 4-54

Р4.9.8 The length of а path in а directed graph is the numbel' of edges in it. (а) Give а recшsive definition of length, based on the recшsive definition of paths in this section. (Ь) Let а Ье а path from х to у, f3 Ье а path from у to z, and / Ье the path from х to z guaranteed Ьу the Тransitivity TheOI'em of this section. Piove that the length of / is the length of а plus the length of (3. (Let а Ье an arЬitrшy path and use induction on all paths /3, as in the pioof of the Тl'ansitivity Theorem. ) Р4.9.9 Consideг а diгected gгaph wheгe each edge i s labeled Ьу а natural. We define the length o f а path i n such а graph to Ь е t h e sum of the edge weights over all edges in the path. (а) Give а recursive definition of this notion of the length of а path, using the recursive definition of paths fгom this section. (Ь) If а , /3, and / аге three paths as in ProЬlem 4.9.8 (Ь) but in such а directed gгaph, prove that the length of / in this new sense is the sum of the lengths of а and f3. Р4.9. 10 Repeat Exeicise 4.9.9 fol' directed gгaphs with three vertices а, Ь, and с but without loops. Тhеге are 26 = 64 possiЬle graphs, but the number of isomorphism classes is much smaller.

4-55

4.10

Тrees and Lisp Lists

4.10.1

Rooted Directed Тrees

Tree structures of various kinds abound in computer science. They are the main topic of our Chapteг 9 hеге we will look at one recursive definition of а kind of tree, the rooted directed tree, as an example of recursive definition and inductive гeasoning. We'll also see two key applications of rooted directed trees: -

•

•

Ву restricting the definition slightly we will get rooted directed binary trees, which form the fundamental data structure in the Lisp family of programming langнages, and Ву adding labels to the nodes of the trees we will Ье аЫе to model arithmetic expressions we will study these along with three ways to repгesent them as strings.

You may recall that at the end of the pгevious section we mentioned "tгees" as а kind of undirected graph - specifically, нndiгected graphs with no cycles. We'll see in Section 9 . 1 how these "trees" are related to гooted directed trees as defined here ( РгоЬ!еm 4 . 10.4 gives а hint toward this ) . We begin, then, with а recursive definition of а rooted directed tree. It is а kind of directed graph as defined in Section 4.9, consisting of nodes and arcs. Every rooted directed tree has а root , which is one of its vertices.

• •

•

Any one-node directed graph ( with no arcs ) is а rooted directed tree. Its гооt is its only node. If 81 , 82 , . . . , 8k are k different trees with roots r 1 , r2 , . . . , rk respectively ( node ri is the root of tree 8i ) , then the following directed graph Т is а rooted directed tree: T's nodes are the nodes of the 8; 's, plus one new node х vvhich is T's root, and T's arcs are all the arcs of all the 8/s, plнs k new arcs - one f:гom х to each of: the nodes r 1 , . . . , rk · The only гooted directed trees are those that can Ь е made Ьу these two operations.

Figure 4- 1 8 shows an example of а rooted directed tree and also illustгates some additional vocab­ нlary. If х is any node of any directed tree, we say that the in-degree of х is the nнmber of arcs coming into х and its out-degree is the number of arcs coming out of it. We divide the nodes of а rooted diгected tree into internal nodes, which each have an out-degree of one or more, and leaves, which each have an out-degree of zero. In the tree in this figure, еvегу inteшal node has an out-degгee of: exactly two - we call such а tгее а rooted directed Ьinary tree. We use the language of genealogy to expгess гelationships among the nodes of а given rooted diгected tree. If theгe is an arc from node х to node у, we say that х is y s parent and that у is х ' s child. Two different childгen of the same paгent аге called siЫings. If there is а path from node х to node у, we say that х is y s ancestor and that у is x's descendent. Моdеш practice '

'

4-56

@Kendall Hunt PuЫisl1ing Company

Figure 4-18: А гooted directed Ьiпаrу tree. is to avoid geпdered expressioпs as mнch as possiЫe, Ьнt the termiпology сап Ье exteпded almost arЬitraгily - fог example, we could call а siЬliпg of x's pareпt either x's "uпcle" or its "auпt" . It is easy to поtе properties that hold fог all rooted directed trees, for example:

•

The root is ап aпcestor of апу поdе iп the tгее.

•

If х is апу поdе, theгe is exactly опе path from tl1e root to х.

•

The root has iп-degree zero, апd all otheг пodes have iп-degree опе.

As usual, it is the last clause of the iпductive defiпitioп that gives us а way to ргоvе state­ meпts about all trees Ьу iпductioп. If Р(Т) is а statemeпt that has опе free variaЫe Т of type RootedDirectedTree, we сап prove '\:/Т : Р(Т) Ьу fiгst pгoviпg P(N) , wheгe N is ап arЬitгar-y опе-поdе tгее as iп the fiгst clause, апd theп proviпg [P(S1 ) /\ P(S2 ) /\ . . . /\ P(Sk )] ---+ Р(И), where И is the tгее made fгom the Si 's usiпg the secoпd clause. Let 's ргоvе the three statemeпts above, пotiпg that the first statemeпt follows immediately from the secoпd. Lemma: If Т is апу гooted diгected tree with root поdе r, апd х is апу поdе of Т, theп there is exactly опе path from r to х. Proof: If Т has опlу опе поdе, theп the поdе х must Ье the root апd theгe is exactly опе tгivial path from the гооt to х. So assume that Т is made from а пеw гооt r апd k гooted diгected trees S1 , . . . , Sk usiпg the secoпd clause, апd that each tree Si has а root ri . Let х Ье апу поdе of Т. If х is T's root, theгe is exactly опе trivial path fгom х to itself. Otherwise assume that х is а поdе of tгее Si . Ву the iпductive hypothesis, there is exactly опе path from ri to х. There is an arc fгom r to ri , which comЬiпes with the path fгom ri to х to produce exactly one path from r to х. No otheг path сап go from r to х, because апу path fгom r must either Ье trivial ог take ап edge to some rj if it goes to rj with i =1- j, it сап пever геасh х because it сап пever leave Sj . ( опе of Sj s оwп агсs leaves Sj , and попе of the пеw arcs do either.) • -

4-57

Lemma: If Т is any rooted directed tree, then T's root has in-degree zero and each otheг node of Т has in-degree one. Proof: If Т is а single-node tгее with no агсs, then cleaгly the root has an in-degiee of zeio and there аге no otheг nodes. So assume that Т is made from а root r and k tгees S1 , . . . , Sk according to the second clause, and that the inductive hypothesis applies to each of the S/s. Let х Ье any node in Т. If х is the root, it has in-degгee zего because neitheг the arcs of any of the S;'s nог any of the new агсs go into х. If х is one of the ri s, а гооt of one of the si 's, then it has in-degгee one because exactly one of the new агсs, but none of the агсs of any of the S; 's, go into it . And if х is а non-root node of one of the Si 's, it had in-degree one in Si and keeps in-degree one in Т because none of the new arcs go into it. We have shown that fог агЬitгаrу х, х has in-degгee zero if it is the root and in-degree one otherwise. • '

Ву slightly tweaking this definition, we can get various related veгsions of гooted diгected tгees. Fог example, in Exercise 4 . 1 0 . 1 you'll give а definition for гooted diiected trees whose internal nodes have out-degгee of one or two - these will Ье the basis of our aгithmetic expгessions lateг in the section. Тhеге and otherwise, it's often impoгtant to have an oгder on the childгen of а particulaг node, as we normally would in any data structure application. In Section 6. 10, we'll meet "Catalan tгees" : гooted diгected tгees wheгe internal nodes have out-degгee one ог two, but wheгe an "only child" of а paгent is distinguished as being eitheг the "left child" ог "гight child" .

4.10.2

Lisp Lists

Our paгticulaг definition of rooted directed binary happens to coпespond to the definition of а list structure in the Lisp family of pгogгamming languages:

•

An atom is а list strнcture.

•

If х and у аге list stшctures, so is cons (х у) .

•

The only list stгuctures аге those defined Ьу the fiгst two claнses.

There аге two "inverse operations" to cons, called car and cdr. If z is constructed as cons (x у) , then car (z) is defined to Ье х and cdr (z) is defined to Ье у. The car or cdr of an atom is not defined. Since this book doesn't assume familiarity with any language except Java, in ordeг to look at algorithms on list stгuctures >ve'll have to imagine а class LispLS defined as follows using pointers ( see Figures 4-1 9 and 4-20) : puЫic class LispLS { boolean isAtom ; thing contents ; Li spLS left , right ; }

1 1 true if this l i st structure i s а s ingle atom 11 value of the atom if isAtom is true 11 substructures f rom car and cdr respect ively

4-58

ls Atom contents

� �

�

Atom

@Kendall Hunt Pt1Ьlishing Соmраву

Figure 4-19: The two types of nodes in the LispLS data type.

@Kendall Hunt PuЫishing Company

Figure 4-20: А LispLS data structure.

4-59

In ProЫem 4 . 1 0 . 1 you'll write pseudo-Java methods for the basic Lisp functions on tl1is class. Except for those basic procedшes, just about anything you'd want to do to а list will involve recursion. Неге's а simple example of а method to output the atoms of а list in oгder, assuming the basic functions are availaЬle: void printAtoms ( ) { / / Write list of atoms i n calling list to System . out if ( isAtom) System . out . println ( contents ) ; else { left . printAtoms ( ) ; right . printAtoms ( ) ; }}

4.10.3

Arithmetic Expressions

Our second example of а tгee-shaped structure is the arithmetic expression. Since most of the standard arithmetic operatoгs take exactly two argнments, we can represent an expression Ьу а labeled directed gгaph, where each operatoг is the label of а node and theгe аге arcs fгom that node to the nodes repгesenting the two arguments. Because there are also unary operatoгs (such as the minus sign), however, we can't just нsе rooted directed Ьinагу trees - we have to allow inteшal nodes with one child as well. We'll call the гesнlting notion expression trees. Неге is а гecшsive definition of an arithmetic expression:

•

А constant is an aгithmetic expression. We can view а constant as а labeled node.

•

А unaгy operator, acting on one arithmetic expression, is an arithmetic expression. We can view this as а root node, labeled Ьу the нпагу орешtог, with а single агс out of it to the гооt of the expression being acted on.

•

А Ьinary operator, acting on two aгithmetic expressions, forms an arithmetic expression. 'vVe view this as а root node, labeled Ьу the Ьinагу орегаtог, with two агсs out of it, one to each of the otheI шots.

•

Nothing else is an aгithmetic expгession.

Figure 4-21 shows the expression tгее corresponding to the arithmetic expгession "Ь 2

-

4ас" .

The value of an arithmetic expressioп is also defined recursively. The value of а single-node expгession is the constant value of its node. The value of any other expression, with an operatoг at its root, is the resнlt of applying the operatщ to the valнes of the subexpressions for the root's childгen. When we гecord an arithmetic expression as а string, we have three choices of where to put the operators: 4-60

@Kendall Hunt PuЫishiнg Company

Figure 4-2 1 : The expression tree for Ь2

-

4ас.

@Ken(lall H н n t Pt1Ьlishing Company

Figure 4-22: The three traversal гoutes in an expresssion tree. •

Before the arguments (prefix OI' "Polish" notation39 ) , as in "-*ЬЬ*4*ас" . Lisp uses this notation, in the form " ( (* Ь Ь) (* 4 (* а с ) ) ) " . -

•

Between the arguments ( the usual or infix notation) , as in " (Ь*Ь ) - (4 * а* с) " . N ote that we need to supply parentheses to indicate the actual tree stIUcture of the operations, where in the other two cases this can Ье determined from the string alone. This is the syntax used Ьу Texas Instruments calculators.

•

AfteI' the arguments (postfix OI' "reverse Polish" ) , as in "ЬЬ*4ас* * -" . This is the syntax used Ьу Hewlett-Packard calculators, with the "enter" key used to sepaiate two adjacent arguments.

These thiee notations correspond to three ways to traverse an expiession tree - to visit the nodes in а prescribed order and perform some operation (such as printing the node's label) at each. (Figure 4-22 illustrates the paths of the three traversals in the tree.) 39 The name of this notation i s а tгibute to its invento1-, t h e Polish logician J a n Lukasie\vicz (1878-1956).

4-61

We can easily come up with generic recursive procedures to сапу out each of these traversals40 . When given an input expression, each one must process the гооt node ancl, if there are any children of the root node, process the suЬtгees for each child. The only difference between the three methods in the order in which they do this: void preOrderTraversal {// Apply doRoot to each node in preorder doRoot ( ) ; if ( ! isAtom) { car ( ) . preOrderTraversal ( ) ; cdr ( ) . preOrderTraversal ( ) ; }} void inOrderTraversal ( ) { / / Apply doRoot to each node i n inorder if ( isAtom) doRoot ( ) ; else { car ( ) . inOrderTraversal ( ) ; doRoot O ; cdr ( ) . inOrderTraversal ( ) ; }} void postOrderTraversal {// Apply doRoot to each node in postorder if С ! isAtom) { car ( ) . postOrderTraversal ( ) ; cdr ( ) . postOrderTraversal ( ) ; }} doRoot ( ) ;

So, fol' example, а pI'ocedure to convert infix to гeverse Polish notation, or vice versa, might proceed Ьу I"eading the infix stгing into а tгее structure and then outputting it Ьу а postoгder traveгsal. The code is simple, and statements about what it does are easy to prove Ьу induction.

4.10.4

Exercises

Е4. 10.1 Give an inductive definition for the set of гooted directed tгees that have по more than two children for every internal node. Е4. 10.2 (uses Java) Write а method numAtoms О for the LispList class so that if х is any LispList, х. numAtoms ( ) returns the total number of atoms in х . Е4. 10.3 Convert the following arithmetic expгessions to the specified notation (all constants are de­ noted Ьу single letters or digits) :

(а) Fгom postfix to infix: 4р*р*r*хх*уун- . 40 We can use the class definition from above, except that every node now has contents and we'll have а geneгic method doRoot О that will input а LispList and сапу out the аррюргiаtе opeгation on its root node.

4-62

(Ь) From postfix to prefix: ss*cc*+. (с) From infix to postfix: ( а+Ь) * ( (а*а) - (а*Ь) + (Ь*Ь) ) . ( d) From infix to pгefix: ( а*а*а) + (З*а*а*Ь) + (З*а*Ь*Ь) + (Ь*Ь*Ь) . ( е) From p1·efix to postfix: *+аЬ*+аЬ+аЬ. (f) Fгom pгefix to infix: +- lx-*xx+*x*XX*X*X*XX. Е4.10.4 Dгaw а tгее to repгesent each of the aгithmetic expressions in Exercise 4. 10.3. Е4. 10.5 Explain why the numbeг of ar-cs in а directed gгaph is exactly equal to the sum of the in­ degгees of the nodes. How many агсs are theгe in а directed tree with п nodes? Е4.10.6 The depth of а IOoted directed tгее is the gгeatest length of any path within it. (а) Ргоvе that every path in any rooted directed tree is finite (that is, has а length that is а natural) . (Hint : Such а path either does or doesn't involve the root node, giving you two cases. ) ( Ь ) Give а гecursive definition o f the depth of а гooted Ьinary tгее. Е4. 10.7 (uses Java) Write а pseudo-Java instance method boolean contains (thing taгget) fOI the LispLS class that returns true if and only if the calling LispLS object contains an atom whose value is equal to taгget . Use а method boolean equals (thing х , thing у) to test equality of value. Е4. 10.8 Assuming that each variaЫe has а value of 2, find the value of each of the six aгithmetic expressions in Exercise 4. 10.3. Е4. 10.9 For each possiЫe depth d fI"Om О thIOugh 5, find the aгithmetic expгession with the laгgest possiЫe value that has depth d and all constant values equal to 1 . Е4. 10.10 I n each o f the following four cases, determine whetheг the value o f such an aгithmetic expгes­ sion must Ье even, must Ье odd, or could Ье either. Prove your answer in each case, either with an induction OI" with а раiг of examples. (а) Constants аге odd naturals, all opeгators аге + (Ь) Constants are even naturals, all opeгators are + (с) Constants аге odd naturals, all operators аге ( d) Constants аге even naturals, all opeгators are

4.10.5

* *

ProЬlems

Р4. 1 0 . 1 (uses Java) Wгite pseudo-Java code fOI the three functions cons, саг, and сdг defined above, to Ье included in the LispLS class. The method cons should Ье static, taking two LispLS arguments. The otheг two methods should Ье instance methods taking no aгguments. If called fгom an atom, саг and сdг should thгow а NullPointeгExcept ion. Р4. 10.2 (uses Java) Lisp commonly uses а list stгucture to encode а list, which is а sequence of items. Тhеге is а special value called nil, which гepresents an empty list, and Ьу convention the саг and the сdг of nil аге both nil. А list with а single element а is гepгesented Ьу the 4-63

list structure cons (а nil ) , and in general а list with first element а and remainder х is represented Ьу cons (а х) . Write pseudo-Java methods, using the LispLS class declaгation above and the саг, cdr, and cons methods from ProЫem 4. 10. 1 , to сапу out the following operations on strings ( which are here thought of as lists of letters ) : (а ) (Ь ) (с ) (d)

Return the last letter ( return nil if the input is nil) . Return the list representing the string allButLast (х) . Concatenate two strings. Reverse а string.

Р4. 10.3 Prove the following facts Ьу ( structural) induction for all arithmetic expгessions, using the definition in this section: ( а ) The fii-st chaгactei- of the infix i-epгesentation of an expгession is nevei- а Ьinary орегаtог. ( Ь ) The first character of the prefix representation of an expression is an operator, unless the expression consists of а single constant. ( с ) The first character of the postfix repгesentation of an expгession is а constant.

Р4. 10.4 Let Т Ье any undiгected tгее ( any connected undirected node with no cycles, as defined in Sectio11 4.9 ) , and let v Ье any node in Т. Define N to Ье the set of neighbors of v ( the set {и : Е ( и, v ) } ) . Let G Ье the undirected gгaph obtained fгom Т Ьу deleting all the edges involving v. Prove that if w is any node in G other than v, w has а path to exactly one vertex in N. (Hint: First show that one such path exists, then show that the existence of paths to two or тоге nodes in N would contгadict the assumptions on Т.) Р4.10.5 Prove that if Т is any rooted directed Ьina1·y tree ( where every internal node has out-degree exactly two) , the11 the number of leaves in Т is one greater than the number of internal nodes. (Hint: Use induction on the definition of such trees. ) Р4. 10.6 А full Ьinary tree is а rooted Ьinary ti-ee where every internal node has exactly two children and every path from the root to а leaf has the same length. ( а ) Give а гecursive definition of full Ьina1-y tгees. ( Ь ) Determine both the number of leaves and the total number of nodes in а full Ьinагу tree of depth п. Prove your answers using your inductive definition of full Ьinary tгees.

Р4. 10.7 ( uses Java) Suppose we are given а LispLS object that represents а list of numbers as in РгоЫеm 4.10.2, Write а pseudo-Java static method that will take such а list as input and retur11 а numbeг that is the sum of all the numbers in the list. ( If given nil, it should return о.) Р4.10.8 Let G Ье а directed graph. А spanning tree of G is а rooted directed tгее whose nodes are exactly the nodes of G and all of whose arcs are also arcs of G. Ргоvе that if G is any strongly connected directed graph, and х is any node of G, then theгe exists а spanning tree of G whose root is х. ( Hint: Prove this for all strongly connected directed graphs G Ьу induction on the number of nodes in G.) Р4.10.9 Prove that in any arithmetic expression, where the constants are represented Ьу single letteгs, the prefix and postfix representations of the expression are anagrams of one anotheг. ( That is, they аге stгings of the same length that have the same number of each possiЫe character. ) (Hint: Use induction on arithmetic expгessions. ) 4-64

Р4. 10. 10 Consider an arithmetic expression Е, as on ProЫem 4. 10.9, where the constants are repre­ sented Ьу single letters. Let Pre and Post Ье tl1e prefix and postfix strings, respectively, for Е. Show that PreR is the valid postfix representation of some arithmetic expression F, and that Post R is the valid pгefix representation of that same expression F.

4-65

@Kendall Hunt PuЫishing Company

Figure 4-23: An L-shaped tile. 4. 1 1

4.11.1

Induction For ProЫem Solving

L-Shaped Tiles

We conclude this chapter Ьу looking at some additional mathematical uses of induction. Mathe­ matical induction is often presented as а technique for proving integer ideпtities and nothing else. We've tried to show in the past few sections how it applies to fundamental facts about other re­ cursively defined structures. Неге we'll see how you can piove nontrivial things in а variety of settings. Consider the proЫem (due originally to Golomb) of tiling an 8 х 8 chessboard with 3-square L­ shaped pieces (see Figure 4-23). Coveiing the board completely is impossiЫe, because 3 doesn't divide 64, but suppose we leave off one of the сошеI squaies. Heie is а proof that you can do it, that works Ьу pioving а stiongeI result: Theorem: Given any numbeI п, it is possiЫe to place L-shaped tiles to coveI а 2п х 2п chessboaid with any one square missing. Proof: The base case of п = О is easy because 2 ° = 1 and we can tile а 1 х 1 board, with one square missing, using no tiles. FOI the inductive case, assume that we can do it fOI any 2п х 2п board with any one square missing, and consideI а 2п+ 1 х 2п+l board, also with any one squaie missing. Divide the board into four 2п х 2п boaids in the obvious way. One of these four subboards has а missing square. Place а single L-shaped piece in the middle of the Ьig board, so as to cover one squaie of each of the otheI thiee subboards. No•v each of the four subboaids is missing а squaie. But the remaindeI of each board can Ье tiled with L-shaped pieces, accOiding to the inductive .

����.

Notice how this iпductive ргооf of the statemeпt Р(п) also provides а Iecursive algorithm fOI actually consti-ucting such а tiling, and for that matteI recursively defines а particular tiling (see Figure 4-24) .

4-66

• 1 х1 О tiles

� 2Х2 1 tile

~ 4Х4 5 tiles

аха 21 tiles

@Kendall Hunt PuЫishing Company

Figuгe 4-24: Tilings of 2 п

1(0) = 1

х

2п chessboaI"ds with one squaI"e missing.

1(2) = 4

1(1 ) = 2

1(3) = 7

@Kendall Hunt Pt1Ьlishi11g Company

Figuгe 4-25: Cutting pizzas. 4. 1 1 . 2

Cutting Pizzas

For the next proЫem ( oI"iginally solved Ьу Steiner in 1826) , consider- dividing а round pizza into as many pieces as possiЫe Ьу making п cuts with а straight pizza cutter. Let f(n) Ье the maximum possiЫe number- of pieces. Obviously f(O) = 1 , f(l) = 2, and f(2) = 4, so you might think that f(n) = 2n , but а Ьit of playing around should informally convince you that f(З) = 7 ( see Figure 4-25). What about !(4)? If we think of this as an induction pI"oЬlem, it's natural to take а configuration with п lines and think of putting in tl1e ( п + 1) 'st line4 1 . This line will incI"ease the numbeI" of pieces Ьу dividing 41 Note, Ьу the way, that we should not necessarily assume that the first п lines give an optimal numbei- of pieces, because it's not clear that the best way to maximize the pieces for п + 1 is to first maximize them for п. An algorithm that always makes the choice that gives the best imrnediate resнlt is called а greedy algOiithm. Sometimes the best

4-67

@Kendall Hunt PuЫishing Company

Figuгe 4-26: А пеw liпe through the п

=

3 pizza.

certaiп old pieces iпto two пеw опеs each4 2 . So how mапу old pieces сап the пеw liпe hit? The пеw liпe moves from опе old piece to aпother exactly wheп it cгosses ап old liпe. Siпce it сап опlу cross each of the п old liпes опсе, the best case is wheп it crosses all п old liпes апd thus visits п old pieces ( see Figure 4-26 ) . This tells u s that f ( п + 1 ) i s a t most f ( п) + п + 1 , апd iп fact i t gives u s а п algшithm fш achieviпg that bouпd ( take ап optimal n-liпe coпfiguratioп апd draw а пеw liпe cгossiпg all the old liпes ) so we kпow f (n + 1) = f(n) + п + 1. The sequeпce coпtiпues f(4) = 1 1 , !(5) = 16, апd iп geпeral J(n) = (п2 + п + 2)/2 ( Exeгcise 4 . 1 1 . 2 is to prove this. ) А tougheг ргоЫеm ( giveп as РгоЫеm 4 . 1 1 . 2 below, ап optioпal Excursioп) is to geпeralize this example to three dimeпsioпs, so that we аге cuttiпg а Ыосk of cheese гаthег thaп а pizza. The sequeпce here starts out " 1 , 2, 4, 8, 15, . . . " апd turns out to Ье closely related to the two-dimeпsioпal veгsioп.

4.11.3

The Speed of the Euclidean Algorithm

Неге is а fiпal proЬlem from пumber theory. You may recall that we asserted that the Euclideaп Algoгithm of Sectioп 3.3 гuпs iп time ргоршtiопаl to the пumЬег of digits iп the iпput пumbeгs43 . Let's prove а veгsioп of this statemeпt that doesn't involve logaгithms: Theorem: If both input пumbeгs are at most 2п, the Euclideaп Algorithm teгminates iп at most 2п + 1 divisioпs. Proof: Fш the base case, let п = О апd поtе that the first divisioп, if both пumbers are опе or zего, will give геmаiпdег zего. Fог the iпduction, suppose we staгt with а and Ь and calculate с + = а % Ь and d = Ь % с. I claim that if а апd Ь are each at most 2п 1 , theп с апd d are each at most 2п . This claim suffices because оп а апd Ь the algшithm will do two divisioпs, plus at most algшithm is а gi-eedy one апd sometimes it isn't. 42 Evei-y piece of pizza we ci-eate is convex, meaning that the line between any two poiпts оп the piece stays оп the piece. Сап you pi-ove this fact Ьу induction? 43 This is called а logarithmic 01" O (log n ) i-uпning time, as we will see in Chapter 7 and will Ье discussed more thшoughly in an algorithms сошsе.

4-68

2п + 1 mше once we have с and d, for а total of at most 2п + 3 = 2(п + 1) + 1 . То pIOve the claim we will use the contrapositive method. Assume that с > 2 п . We know that Ь > 2п because с, which is а % Ь, must Ье less than Ь. But then since а > Ь, а/Ь is at least 1, and а is at least Ь + с and thus greater than 2п+ 1 . •

The wшst case for the Euclidean algorithm actually occurs when а and Ь are consecutive Fibonacci numbers, for example 21 and 13. ( Тгу this example, if you haven't alгeady! ) . Fгom the behavior of Fibonacci numbers, one can show that the number of divisions is at most log 1.61 " а, an impIOvement over the log 1 . 4 1". а shown here.

4.11.4

Exercises

Е4. 1 1 . 1 Show that а 2 х п rectangle can Ье covered exactly with L-shaped tiles if and only if 3 divides п. Е4. 1 1 .2 Complete the argument i n t h e section Ьу using induction t o prove that f(n) , the maximum number of pieces that can Ье made from а convex pizza with п cuts, is exactly ( п 2 + п + 2) /2. Е4. 1 1 .3 The upper bound of Exercise 4 . 1 1 .2 was for convex pizzas. Give an example showing that this bound can Ье exceeded if the original pizza is not convex. Can you prove апу upper bound in the non-convex case?

Е4. 1 1 .4 А set of п lines on the plane is said to Ье in general position if no two lines are parallel and no three lines intersect in а single point. Prove that п lines in general position divide the plane into exactly f(п) regions, where f(n) = (п2 + п + 2)/2 is the solution to tl1e pizza pIOЬlem. Е4. 1 1 .5 Prove Ьу induction on the Fibonacci numbers that for any natural п except п = 1, F(n + 2)%F(n + 1) = F(n) . Determine exactly how many divisions the Euclidean algorithm takes if the original numbers are F(n + 1) and F(n), and prove your answer Ьу iвduction. Е4. 1 1 .6 In how many different ways can we tile а 2 х п rectangle with 1

х

2 rectangles?

Е4. 1 1 . 7 Consider а 2 х п grid graph, an undirected graph where the nodes are aпanged in а 2 х п rectaпgular апау and there is an edge between any pair of node that are а unit distance apart. А perfect matching in an undirected gI"aph is а subset of the edges such that each node in the graph is an endpoint of exactly one of the edges. PIOve that the number of perfect matchings in а 2 х п gгid gгaph is exactly equal to the answeг to Exeгcise 4. 1 1 .6. Е4. 1 1 .8 А Т tetromino is а set of four squares consisting of а single squю·e with exactly three of its four neighboгs.

( а ) PIOve that if п is divisiЫe Ьу 4, then а 4 х п rectangle can Ье tiled with Т tetrominos. ( Ь ) Piove that if п is odd, tl1en а 4 х п Iectangle cannot Ье tiled with thгee tetiominos. ( Hint: Think of the squares of the rectangle being colored Ыасk апd white as in а checkerboaid. )

Е4. 1 1 .9 Prove that i f i and k are any naturals, the Fibonacci numbers F ( i ) and F(6 k+ i) are congruent modulo 4. 4-69

Е4. 1 1 . 10 For what pairs of naturals i and j does the natural 2i + 1 divide 21 + 1? Prove your answer.

4.11.5

ProЫems

Р4. 1 1 . 1 Show that а 3 х п rectangle can Ье coveгed exactly with L-shaped tiles if and only if п is eve11. (Hint: For the negative гesult, use induction on all odd 11umbeгs and an indirect proof i11 the i11ductive step. ) Р4. 1 1 .2 ( suitaЫe for а11 Excursion ) The "cheese proЫem" is а generalization of the "pizza proЬlem" . Instead of а two-dimensional pizza, we have а three-dime11sional convex Ыосk of cheese that is to Ье cut into the maximum possiЫe number of pieces Ьу п straight pla11ar cuts. Find the maximum possiЫe numbeг of pieces, g(n) . (Hint: Cleai·ly g(O) = 1, g(l) = 2, g(2) 4, and g(З) = 8. But in making а fourth cut, we can't cut all eight pieces, but 011ly seven. Why? Because the fiгst three cuts can only divide the plane of the fourth cut into seven pieces Ьу our solution to the pizza ргоЫеm. Generalizing this obseгvation, you'll get а гecursive definition of g(n) in terms of the answer to the pizza proЬlem, f(n). Then it's а matter of finding the solutio11 to this equation, which we haven't studied how to do systematically but which you might Ье аЫе to manage. The answer is of the foгm ап3 + Ьп2 + сп + d, but you'll have to find the correct real nнmbeгs а,Ь,с, and d a11d show that they're correct. ) =

Р4. 1 1 .З Prove the claim at the e11d of the section about the Euclidean Algorithm and Fibonacci nнmbeгs. Specifically, ргоvе that if positive 11aturals а and Ь are each at most F(n), then the Euclidean Algorithm peгforms at most п - 2 divisions. ( You may assume that п > 2. ) Р4. 1 1 .4 Suppose we want to lay out а full undirected Ьinary tree o11 an integrated circuit chip, vvith the nodes at the inteгsections of а гectangulaг gгid and the edges along lines of the gгid. The H-tree is а recursive method of doing this. Define the H-tree Hi Ьу induction as follows: • •

•

The tгее Н0 has а si11gle node and no edges. For any nнmЬег k, H2 k+ l is made Ьу taking а new Ioot node and connecting it to the гoots of two copies of H2 k , each with гoots а distance 2 k away fгom the new root, one сору directly above and the other directly below. For any positive nнmber k, H2k is made Ьу taking а new root node and connecting it to the roots of two copies of H2 k _ 1 , each with roots а distance 2 k - l away from the new root, one сору diгectly to the left and the otheг diгectly to the гight.

Figure 4-27 shows the first few H-trees, through Н4 .

( а ) Dгaw Н5 and Нв. ( Ь ) How many nodes аге in Hi ? How large а grid is needed to hold the layout? ( Fог example, Н4 fits on а 7 х 7 grid. ) As п increases, approximately what per-centage of the nodes on the gгid become nodes of the Н-tгее Нп ?

( с ) How much total wiгe is used in Нп ? How far аге the leaves from the root node? Р4. 1 1 .5 Co11sideг the following гecursively defi11ed sequence of paths in the unit square ( Figшe 4- 2 8 ) .

Path Р0 goes fгom the middle of the top edge to the ceпter of the square. Each succeeding path will Ье laid exactly through the ceпter of the regions not toнched Ьу tl1e previous path. 4-70

i

i

ггr i i i -r г·

@Kendall Huвt PuЫishing Compally

Figure 4-27: Some H-trees.

@Kenda11 Huпt PuЫisЬing Company

Figure 4-28: А recursively defined sequence of paths.

4-71

@Kendall Hunt Pt1Ьlisblng Company

Figure 4-29: The first four Koch Snowflake polygons. For example, path Р1 will start in the center of the top left quarter of the square, move down to the middle of the lower· left quarter, move гight to the middle of the lower right quarter, and finally move up to stop at the center of the uррег right quarter. Р2 staгts near the upper left corner, а distance 1/8 from each edge, and travels along seven line segments as shown until it stops а distance 1/4 to the гight of where it started. (а) How long is the path Pi for general i? (Ь) What is the maximum distance fгom any point in the square to its neaгest neighbш on Pk? Prove Ьу induction that Pk passes through the centeг of every subsquaгe in а division of the squaгe into 2- k Ьу 2- k subsquares. Р4. 1 1 .6 The Koch snowflake is obtaiпed Ьу гecursively defining the following family of polygoпs: • •

So is ап equilateral triaпgle. Sn+l is defined from Sn Ьу dividing each side of the polygon into thгee equal parts and Ieplaciпg the middle one Ьу the otheг two sides of ап equilateral triaпgle, pointing away fIOm the center of the figure.

Figure 4-29 shows the polygons So, S1 , S2 , and Sз. (а) Let Еп Ье the пumber of sides of the polygon Sn · Deiive а recursive defiпition for Еп and а formula fог Еп in teгms of п. Prove your foгmula сопесt Ьу indнction. (Ь) Let Qп Ье the number of 60° angles iп Sn , and let Rn Ье the nнmbeI of 240° angles. PIOve Ьу induction that Qп = 4n + 2 and Rn = 2(4п ) - 2. You may use without pioof the fact that the total number of angles in а polygon equals its пumber of sides. (с) Let Ап Ье the агеа of Sn . Prove Ьу iпduction that Ап = Ао (1 + (3/5 ) ( 1 - (4/9) п ) ) . (d ) Let Рп Ь е the path length ( or perimeter) o f the figure Sn . Prove the following statement: "im : :Эп : Рп > т, where the variaЫes т апd п гапgе over the пaturals. Note that the only thing you know about Р0 is that it is а positive real numbeI. Р4. 1 1 . 7 In four-dimensional Euclidean space, а hyperplane is the three-dimensional space that is the solнtioп set of а liпear equatioп, sнch as a i x 1 + а2 х 2 + азхз + а4 Х4 = Ь. Any hyperplane divides four-space into two pieces. А set of k hyperplanes is said to Ье in general position (as in Exer-cise 4. 1 1 .4) if every pair of theп intersect in а two-dimeпsional space, every set of three intersect in а line, and every set of four inteгsect in а point. Find and pIOve а formula fш the number Rk of regions into which 4-space is divided Ьу а set of k hyperplanes in geneгal positioп. (Hint: Hard as this may Ье to visualize, the regioпs сап Ье counted Ьу the same reasoпing used for the pizza апd cheese numbeгs in this section. ) 4-72

@Kendall Hu11t PuЫisl1ing Соmрапу

Figure 4-30: The first four approximatioпs to the Sierpiпski gadget.

Р4. 1 1 .8 The Sierpinski gadget is defiпed Ьу а sequeпce of two-dimeпsioпal figures as follows: •

So is ап equilateral triaпgle.

•

Each subsequeпt Si is а uпiоп of 3i i equilateral triaпgles.

•

We make Siн from Si Ьу takiпg each triaпgle iп Si, соппесtiпg the midpoiпts of its three sides to make а smaller triaпgle, апd deletiпg this smaller triaпgle from the figure.

Figure 4-30 shows the first four figures So , S1 , 52 , апd Sз. ( а ) Ршvе Ьу iпductioп that there are exactly 3 i tгiaпgles iп Si · ( Ь ) Give а formula for the total агеа of Si апd ргоvе this formula сопесt Ьу iпductioп.

( с ) The Sieгpiпski gadget S itself is the set of poiпts that аге coпtaiпed iп the figure Si fог every natural i. Ргоvе that the area of S is О. Сап you prove that S is поп-еmрtу? Сап you prove that S coпtaiпs ап iпfiпite пumber of poiпts44 ?

Р4. 1 1 .9 Followiпg Exeгcise 4. 1 1 .7, we сап coпsider the пumber f(n) of perfect matchiпgs iп а 3 х 2п grid graph, which is the same as the пumber of ways to tile а 3 х 2п rectaпgle with 1 х 2 domiпoes.

( а ) Ршvе that f(O) . . . + 2f(O) .

=

1, f ( l )

=

3, апd that for positive п, f(n)

=

3f(n - 1) + 2f(n - 2) +

( Ь ) Ршvе ( probaЬly usiпg the formula iп ( а )) that for п > 1, f(n) = 4f(n - 1) - f(n - 2 ) . ( с ) Ршvе Ь у iпductioп ( рrоЬаЫу usiпg the formula i п ( Ь ) ) that for all пaturals п, f ( n ) = ( ( 1 + 1/ у'з ) (2 + у'з) n ) + (1 - 1/ у'з ) (2 - у'з ) n ) )/2.

( d ) Usiпg апу of these formulas, fiпd f(n) for all п with п ::::; 5. P4. l l . 10 А hex grid is а пatural tiliпg of two-dimeпsioпal Euclideaп space Ьу regular hexagoпs, all the same size. It is familiar to users of various board games, апd ofteп used to tile bathroom fioors. Define the figure Нп , for апу пatural п, to Ье а regular hexagoп with side п, placed оп а hex grid of hexagoпs of side 1. We'll put the ceпter of Нп iп the center of опе of the uпit hexagoпs iп the grid. The area of Нп is exactly п 2 times the area of а uпit hexagoп. Defiпe the number In, fOI апу пatural п, to Ье the пumber of нпit hexagoпs entirely coпtaiпed with Нп wheп it is placed this way, апd defiпe Сп to Ье the пumber of unit hexagoпs that are entirely or partially coпtaiпed withiп Нп . Of course 11 = С1 = 1 Ьесанsе Н1 is exactly 44 In fact, in Chapter 7 we will show that it ha.s an "uncountaЬ!y infinite" number of points.

4-73

@Kendall Hunt Pt1Ьlishing Company

Figure 4-31 : Inscribed and circumscribed hexagons. а unit hexagon. Since Н2 includes one entire hexagon and half each of six others, we have 12 = 1 and С2 = 7. Нз contains seven entiгe hexagons апd 1 /3 each of six others, so Iз = 7 and Сз = 13. In general we can see that Iп < п2 < Сп . Find formulas for the fнnctions Iп and Сп in terms of п, and prove these fшmulas correct Ьу induction. ( Hint: Your foгmulas should have separate clauses depending on the class of п modulo 3, and your ргооf may use an inductive step of the form Р (п) -+ Р(п + 3).)

4-74

lndex 1-2-3 Nim 4-23 abstract data type 4-2 additive identity 4-30 additive inverse 4-30 allButLast operation 4-37 ancestor node 4-56 append operation 4-37 applying the inductive hypothesis 4- 13 агс 4-47 arithmetic expression 4-60 associative opel'ation 4-30 atom (in Lisp) 4-58 axiom 4-2 axioms fOI' а semil'ing 4-30 axioms fOI stl'ings 4-37 balanced parenthesis language 4-43 base case of а recuгsive algorithm 4-1 1 base case o f an induction 4- 14 bottom-up method 4-31 car opel'ation 4-58 category theOiy 4-48 cdr opel'ation 4-58 classifying graphs 4-50 cheese proЫem 4-70 childгen of а node 4-56 commutative opeшtion 4-30 commutative semiring 4-30 concatenation of stl'ings 4-38 connected (undirected) graph 4-52 cons opeгation 4-58 convex polygon 4-25, 4-68 cycle in а graph 4-52

degree of а node 4-54 degree sequence 4-54 depth of а tree 4-63 dequeue operation 4-9 descendent node 4-56 diгected cycle 4-57 directed edge 4-47 directed graph 4-4 7 distl'ibutive law for semirings 4-30 douЫe letter 4-41

edge 4-47 edge predicate 4-4 7 Egyptian pyl'amid 4- 18 Elvis proof 4-24 endpoints of an edge 4-47 enqueue operation 4-9 equal graphs 4-48 expiession tree 4-60 Fibonacci nнmbers 4-27 finding а transitive closure 4-52 fOiest 4-52 full Ьinal'y tl'ee 4-64 general position of lines 4-69 Golden Ratio 4-28 gl'aph theory 4-4 7 grammars fOI' languages 4-43 greedy algoгithm 4-67 grid graph 4-69 grounded recursion 4- 1 1 H-tree 4-70 half-life 4- 1 7 hex grid 4 -73 hyperplane 4-72 identical graphs 4-48 in-degree of а node 4-56 induction on the odds ог evens 4-2 1 Induction Rule fOI Stгings 4-39 induction stal'ting from а positive numbeг 4-20 inductive goal 4- 14 indнctive hypothesis 4-14 inductive step of an induction 4-14 infix notation 4-61 internal node 4-56 isomoгphic graphs 4-48 isomorphism of giaphs 4-48 Koch snowflake 4-72 L-shaped tiles 4-66 labeled gl'aph 4-48 last opeгation 4-37 leaf in а tl'ee 4-56 length of а path 4-55 4-75

length of а string 4-38 list ( in Lisp ) 4-63 list structure ( in Lisp ) 4-58 logarithmic function 4-68 loop 4-47 mathematical induction 4-13 min-plus semiring 4-34 multigraph 4-4 7 multiplicative identity 4-30 natural suЬtraction operator 4-8, 4-33 node 4-47 non-standard model of arithmetic 4-6 one's complement of а string 4-4 1 operations o f а data type 4-2 ordinaiy induction 4-13 out-degiee of а node 4-56 parent node 4-56 path in а graph 4-50 path predicate 4-5 1 path relation 4-51 Peano Axioms 4-3 perfect matching 4-69 pizza proЫem 4-67 Polish notation 4-61 р о р opeгation 4-9 postfix notation 4-61 piedecessш of а natural 4-3 prefix notation 4-61 pieserving an operation 4-50 Piinciple of Mathematical Induction 4-3 push operation 4-8

Sierpinski gadget 4-73 size of а natural 4-22 spanning tree 4-64 stack 4-8 string axioms 4-37 string induction 4-37 strong induction 4- 16, 4-22 strongly connected component 4-54 strongly connected diiected graph 4-52 structural induction 4-39 substiing operator 4-42 suЬtiaction for naturals 4-8, 4-33 successor of а natural 4-2 suffix of а string 4-4 1 Т tetromino 4-69 tail recursion 4- 10 tetrahedron 4- 1 7 top-down method 4-31 transitive closure 4-52 Тransitivity Theorem 4-51 traversing а rooted diгected tгее 4-61 tree ( as an undirected graph ) 4-53 tгiangulating а polygon 4-25 two-coloring а map 4-18

undefined teгm 4-2 undirected cycle 4-52 undiгected graph 4-4 7 value of an arithmetic expression 4-60 vertex 4-47 Well-Ordering Principle 4-4 zero 4-2

queue 4-9 recursive algorithm 4-4 Ieversal of а string 4-38 reverse Polish notation 4-61 Iing 4-30 Ioot of а tгее 4-56 гooted directed Ьinary tree 4-56 Iooted diгected tree 4-56 semiring 4-30 semiiing axioms 4-30 siЫing node 4-56 side effect 4-9 4-76

Solutions to Exercises in Chapters 1-4 S.1

Exercise 1 . 1 . 1

Exercises From Chapter 1

( а) (Ь) (с) (d) ( е) ( f) (g ) (h) (i)

true, it's listed false, 7 is not even true, every С element is in А false, О is not in D false, 5 is not even so 5 is not in Е false, D has three elements true, С has one element false, О and 8 are common to D and Е false, there are infinitely many even naturals

Exercise 1 . 1 . 2 The elements 1 and 3 are each in В and in none of the others. The element 6 and all even naturals greater than 8 are each in Е and in none of the others. Exercise 1 . 1 .3 ( а) thing

(Ь) (с) (d) ( е)

natural boolean integer (might Ье positive or negative ) real

Exercise 1 . 1.4 ( а) Every element of the empty set is in А , whatever А is, because there are no such elements.

( Ь ) Еvегу element of А is in А . ( с ) If еvегу element of А i s i n В and еvегу element of В i s i n А, the two sets are the same because no element is in one Ьнt not the other.

( d ) If every element of А is in В, and еvегу element of В is in С, then any element of А is in С Ьесанsе we are told that it is in В and еvегу element of В is in С.

(е ) If each set is а sнbset of the otheг, they аге eqнal. So it they a.re not eqнa.l, one

of the two subset statements mнst Ье false and if it isn't А � В then it must Ье the other.

Exeгcise 1 . 1 . 5 ( а) infinite

(Ь) (с) (d) ( е)

finite, each is specified Ьу а machine word infinite finite finite, assuming that there was some time before which theгe wеге ( both Genesis and science say that thщe was)

Exeгcise 1 . 1.6 ( а) The naturals that аге 4 or gгeater S- 1

по

humans

(Ь) The set of all naturals

(с) The empty set (d) The set containing 4 and nothing else Exercise 1 . 1 . 7

(а) {п : п = п} (Ь) {п : п =f. п}

(с) { п : п = 3 or п = 1 7 }

(d) {п : п = п 2 } = {О, 1 } Exercise 1 . 1.8

(а) А and В: 7 is either, none in both (Ь) А and С: 3 in either, 1 in both ( с ) А and D: 5 in either, 1 in both (d) А and Е : infinitely many in either, 3 in both (е) В and С: 5 in either, none in both (f) В and D: 5 in either, 2 in both (g) В and Е: infinitely many in either, 1 in both (h) С and D: 4 in either, none in both (i) С and Е: infinitely many in either, 1 in both (j ) D and Е: infinitely many in eitheг, 2 in both

Exercise 1 . 1 .9 It is possiЫe if both sets are empty, because then every novelist in the empty set is in the empty set of naturals, ог vice veгsa. But if there is any novelist in the first set ог any natural in the second, that element is not in the otheг set and the sets аге not equal. Exeгcise 1 . 1 .10 It is not possiЫe. If А is а рrорег subset of В, there must Ье some element х that is in В but not in А. This means that В cannot Ье а subset of А at all, much less а ргореr subset . Exer-cise 1 . 2 . 1

(а) tгue, с followed Ьу Ьа is сЬа (Ь) false, ( vw )R = Ьас

(с) tгue

( d) true, 3 = 1 + 2 (е) false, v = cR ( f) false, аЬ is not а suffix of сЬа (g) true, аЬ is а prefix of аЬс (h) tгue (i) false, letters of w occur in

и

but in the wrong огdег

Exercise 1 .2.2 The lengths аге 6, О, 15, and 7. Exercise 1.2.3 The strings are garage, agedam, damage, ragdam, madrag, and gargarmadage.

S-2

Exercise 1 .2.4 Prefixes of tеат: .Л, t, te, tea, and tеат. Suffixes of tеат: .Л, т, ат, еат, and tеат. Other substrings of tеат: е, еа, and а. Prefixes of тата: .Л, т, та, тат, and тата. Suffixes of тата: .Л, а, та, ата, and тата. Other substrings of тата: ат, which is neither а prefix nor а suffix. Exercise 1.2.5 Prefix rhi, suffix ros, others hin, ino, пос, осе, сет, and ero. Exercise 1 .2.6 The simplest example is и = а, v = аа. Exercise 1 .2 . 7 (а) It is in Е if and only if it is in N Z and it ends with О, 2, 4, 6 , or 8. It is in Н if and only if it is in N Z and it ends with 00. (Ь) ER is the set of strings in D* that do not end in О and that start with О, 2, 4 , 6, or 8. The strings in E R that are also in N Z are exactly those that do not start with О. нR is the set of strings that start with 00 and do not end in О. None of these strings are in N Z. Exercise 1 .2.8 (а) 0 1 1 1 1 , 101 1 1 , 1 10 1 1 , 1 1 10 1 , 1 1 1 10, and 1 1 1 1 1 (Ь) 00000, 00001 , 00010, 00100, 0010 1 , 01000, 0100 1 , 01010, 10000, 10001 , 10010, 10100, and 1010 1 . ( с ) 01010, 0101 1 , 01 10 1 , 0 1 1 10, 01 1 1 1 , 10101, 101 10, 1 0 1 1 1 , 1 1010, 1 101 1 , 101 1 1 , 1 1 1 10, and 1 1 1 1 1 . ( d ) none ( е) same

as

Х

( f ) 0001 1 , 001 10, 001 1 1 , 01100, 100 1 1 , 1 1000, 1 1001 , and 1 1 100.

Exercise 1.2.9 (а)

boolean equals (String u, String v) { if (u . length ( ) ! = v . length ( ) ) return false ; for ( int i = О ; i < u . length ( ) ; i++) if (u . charAt ( i ) ! = v . charAt ( i ) ) return false ; return true ; }

(Ь)

boolean pre f i x ( String u, String v) { if (u . length ( ) > v . length ( ) ) return false ; for ( int i = О ; i < u . length ( ) ; i++) if (u . charAt ( i ) ! = v . charAt ( i ) ) return false ; return true ; }

(с)

boolean suf f ix (String u, String v) { int off set v . length ( ) - u . length ( ) ; if (off set < О) return f alse ; for ( int i = О ; i < u . length ( ) ; i++) if (u . charAt ( i ) ! = v . charAt (offset + i ) ) return f alse ; return true ; }

Exercise 1 . 2 . 10 This is not necessarily true. The simplest counterexample is to have А and В empty, so that all possiЫe concatenations are in С because there are no possiЫe concatenations, and let С = { аЬ} so that С has а string whose reversal is not in С. S-3

Exercise 1 .4 . 1

(а) false, would fail if q is false (Ь) false, it fails if р and

q

are both false

(с) true, inclusive OR is true if both components аге tгue (d) true, it is propeгly formed from atomic propositions Ьу boolean operations (е) false, for example а tautology is true whatever the values of its components Exeгcise 1.4.2

(а) yes, а false pгoposition (Ь) not а proposition, can't Ье tгue

щ

false

(с) yes, а proposition that depends on а future event (d) yes, а pгoposition depending on the speaker's state of mind Exeгcise 1.4.3 If "This statement is false" wеге а tгue pгoposition, it would have to Ье false. If it were а false proposition, then "That statement is not false" would Ье а true pгoposition, and since а proposition must Ье true ог false this woнld fогсе "That statement is tгue" to Ье tгue. Either assumption makes the oгiginal statement both trнe and false, which is impossiЬle. So the oгiginal statement is not а proposition at all. Exercise 1 .4.4

(а) true && true, which is true (Ь) ! (false 1 1 true) , which is ! true, which is f alse (с) (true - false) - false, which is true - f alse, which is true (d) (true 1 1 ! f alse) && С ! true && f alse) , which is true && f alse, which is f alse

Exeгcise 1.4.5 (а) false, 1 ---+ О = О (Ь) true, 1

�

1=1

(с) tгue, -, 1 Е1Э -,Q = О Е1Э 1 = 1 (d) trнe, 1 V (О !\ -,Q) = 1 V О = 1 (е) true, (1 V О) !\ -,Q = 1 !\ 1 = 1 (f) true, since first рагt of ---+ is -,1 V О = О V О = О Exeгcise 1 .4.6 (а) If fish live in wateг, then tгонt live in trees. (Ь) Тrout do not live in tгees if and only if fish live in water. (с) Eitheг fish do not live in water, or troнt do not live in tiees, but not both. (d) Eitheг fish live in wateI, or both.

щ

both tiout live in trees and tiout do not live in tгees,

( е) Eitheг fish live in water ог tгout live in trees, ог both, and tгонt do not live in trees. (f) If eitheг fish do not live in water or trout live in trees, ог both, then fish do not live in wateг and if troнt do not live in tгees, then fish live in water. Exercise 1.4.7 (а) exclнsive, they won't Ье both (Ь) inclusive, they'd Ье happy with both (с) inclusive, they'd Ье happy with both (d) exclusive, they can't Ье both S-4

Exercise 1 .4.8 ( а) р ---+ q (Ь) q ---+ р

( с) р л ( q ---+ -iq) ( d) (р ЕВ q)

Exercise 1 .4.9 ( а)

'Р

---+

( -iq Л

Р)

'

V q, Either mackerel are not fish or trout live in trees, or both.

(Ь) -iq V р, Either tшut do not live in trees or mackeгel аге fish, or both. (с) р Л (-i q V -iq) , Mackeгel are fish and either trout d o not live in trees o r trout do not live in trees, ог both.

( d) -i (p ЕВ q) V (-iq Л -ip) , Eithel' it is not the case that either mackerel are fish or trout live in tгees, but not both, or both trout do not live in tгees and mackeгel аге not fish, ш both.

Exeгcise 1 .4 . 10 ( а) Mackeгel al'e fish if and only if trout live in trees. (Ь) 'Thout live in tl'ees if and only if mackel'el are fish. ( с ) Mackerel are fish, and trout live in trees if and only if trout do not live in trees. ( d) Mackerel are fish or· trout live in trees, or both, if and only if trout do not live in tгees.

Exer'Cise 1 . 5 . 1 ( а) The set of Ыасk horses (Ь) The set of animals that are either female or are Ыасk sheep, or both

( с) The set of Ыасk animals that are eithel' female or sheep, ш both ( d) The set of animals that ше not female horses (е) The set of female animals that are neither sheep nor horses (f) The set of animals that are either (а) horses or (Ь) female ш sheep, but not both Ыасk and not female, but not both (а) and (Ь) . Exercise 1.5.2

(а) F \ Н (Ь) (F n S) U (B n H) (с) B U S (d) (F n B n S) L. (B n H)

Exel'cise 1.5.3

(а) {х : х either has five or more letters or has two a's in а row, or both} (Ь) { х : х both has five or more letters and has two a's in а row} (с) { х : х has five or more letters but does not have two a's in а row} (d) {х : х either has five or mше letters or does not both have five or more letters and have two a's in а row}

Exercise l .5.4 (а) {0, 1 , 2, 3, 4, 5, 8} (Ь) 0 (с) {0, 1 , 3, 5, 8} (d) {5, 8} (е) {х : х is even } , same as Е S-5

Е А

� evens

·--

10

12 1 4

• ·-7 9 11 13

�

odds

@Kendall Hunt PuЬljsl1ing Company

Figure S-1 : The Venn Diagram for Exercise 1 .5.5 (f) {О, 1, 2, 3, 4, 5, 7, 9, 1 1 , . _ . } or { х : х ::::; 4 V х is odd} (g) { 1 , 3, 5} (h) {2, 4, 6 , 10, 12, 14, . . . } or { х : х is even but not О ог 8} (i) {О, 4 , 6, 7, 9, 10, 1 1 , . . . } ог { х : (х = О) V (х = 4) V (х = 6) V (х = 7) V (х � 9)} (j ) {О, 1 , 3, 4, 5, . . _ } ог { х : х i- 2 } , same as С (k) {О, 1 , 3}

(1) {6, 8, 10, . . . } or {х : х � 6 and х is even} Exercise 1.5.5 See Figure S-1 for the diagram. Exercise 1.5.6 ( а) {х : О ::::; х ::::; 13} (Ь) { х : 23 ::::; х ::::; 134} (с) {х : х = lOy + 1 for some natural у} (d) {х : х = у 2 for some natural у} Exercise 1 .5.7 No element can Ье in both А \ В and В \ А, so the only way that А \ В can equal В \ А is if these two sets are both empty. This is the case if and only if А and В are the same set, tlшt is, if А = В. Exercise 1 .5.8 ( а ) If an element is in both А and В, it must Ье in В. (Ь) If an element is in both А and В, cleaгly it is in eitheг А ог В, ог both. (с) If an element is in both А and А, then it is in А , and vice veгsa. (d) If an element is in either А ог А, then it is in А, and vice veгsa. ( е ) Since an element cannot Ье in А but not in А, the set of such elements is empty. (f) Since no element can Ье in А ог in А but not in both, the set of such elements is empty. (g) То Ье in the left-hand set, an element must eitheг Ье in А ог В but not both, ог Ье in both А and В. Clearly this is the same as being in either А ог В, ог both, which is what it means to Ье in the гight-hand set. S-6

Exercise 1 .5.9 ( а) (Ь)

(с) (d) ( е) (f) (g)

Exercise 1 .5 . 1 0 ( а) (Ь)

((х Е А) /\ (х Е В)) ---+ (х Е В) ((х Е А) /\ (х Е В)) ---+ ((х Е А) V (х Е В)) ((х Е А) /\ (х Е А)) н (х Е А) ((х Е А) V (х Е А)) н (х Е А) ((х Е А) /\ •(х Е А)) н О ( ( х Е А) Е9 ( х Е А)) н О (((х Е А) Е9 (х Е В)) V ((х Е А) /\ (х Е В))) н ((х Е А) V (х Е В) ) The /\ o n the left forces both parts t o Ь е true. Since the /\ o n the left forces both parts to Ь е true, a t least one i s true, and thus the V on the right is true.

(с) Taking the /\ of а statement with itself yields an equivalent statement. ( d ) Taking the V of а statement with itself yields an equivalent statement. ( е ) The left-hand side can only Ье tгue if the statement х Е А is tгue but not true,

which is impossiЫe. Е9 of а statement with itself yields а false statement, since one рагt cannot Ье true without the other being true. ( g ) If the Е9 is true, exactly one of the two parts is true, and if the /\ is tiue, both parts аге true. Eithel' way, at least one is true and so the V is true.

( f ) Taking the

Exel'cise 1 . 6 . 1

р q (р Е9 q) н н р о о о о о 1 о о о 1 о 1 1 1 о о 1 1 о 1 о 1 о о

---+ 1 о

q )v о о 1 1 о о

q ---+ р)) ) о о 1 1 о о о

( •( о 1 о о

Exeicise 1.6.2 It is not а tautology, because the second columп of this tшth tаЫе ( Iepiesenting the н) is not all ones.

р q р н [(р о о о о о о 1 о о о о о

---+ 1 о

q) v (q /\ р)] о 1 о о о 1 1 1 о о о о о о

1

Exercise 1 .6.3 The Venn diagгam is in Figшe S-2.

р о о о о

q о о 1 1 о о

r

о 1 о 1 о 1 о

(р о о о о

/\ о о о о о

(q v о о о 1 1 1 1 о о о

r

) ) Е9 ( r

о 1 о 1 о 1 о

о 1

о 1 1 1 1

о

S-7

о 1 о 1 о 1 о

Е9

о 1 о 1 о о

(р о о о о

/\

--,

о о о о 1 1 о о

1 1 о о 1 1 о о

q)) о о 1 о о

@Kendall Hunt PuЫishiнg Соmрапу

Figure S-2: The Venn Diagram fщ Exeгcise 1 .6.3 Exe1-cise 1 .6.4 The truth taЫes show that the two compound propositions have different tшth values in two of the eight possiЬle situations, those corresponding to р /\ •q /\ •r and to р /\ q /\ •Т. р q r р v (q /\ r ) (р v q) /\ r о о о о о о о о о о о о о о о 1 о о о о 1 о о о о 1 о о о о о о о о о 1 1 1 о 1 1 о 1 1 1 1 о 1 о о о о о о о о 1 о о 1 о 1 о 1 1 1 о о о о о 1 1 Exei-cise 1.6.5 The tаЫе below has the sixteen possiЫe columns labeled О thi-ough 15, with the explicit compound proposition at the bottom of each column.

р q о о о 1 о

р q о о о 1 о

о о о о о о

1 о о о

р /\ q

9 8 1 1 о о о о о •Р /\ •q р +--+ q

2 о о 1 о р /\ •q 10 1 о 1 о •q

3 о о

р 11 1 о

р v •q

S-8

6 о

7 о

q

1 о p (f) q

pVq

12

13

14

15

1 о о •Р

1 о

4 о 1 о о •Р /\ q

5 о 1 о

1 о •Р V q •Р V •q

Exercise 1 . 6. 6

х

у z Value IТE(x, y, z) z о о о о 1 z о о 1 z о о о 1 о 1 1 z у о о о у о 1 о у о у

Exercise 1 . 6.7 The columns for the atomic variaЫes are not consistent. The column for the first р agrees with that for the second q, апd vice veгsa. Every column with the same atomic vагiаЫе at the top should Ье the same. Exercise 1 .6.8 The compound proposition is а contradiction if and only if the column for the final operation is all zeros. It is satisfiaЫe if and only if there is аге one or more ones in that column. (That is, it is satisfiaЫe if and only if it is not а contradiction.) Exercise 1 .6.9 If you know that х1 is true, for example, you may ignore the 2 k - l lines that have х 1 half, leaving only 2 k - l lines to consider, half the original number. If you know that р -+ q is false, then you know both that р is true and that q is false. Only а quarter of the lines of the tаЫе, 2 k - 2 of them, have these two pгopeгties. Exeгcise 1 .6 . 10 If the fiгst old column (for Р, say) has а 1, you may fill in а 1 fш Р V Q without looking at Q. If Р is О, you may fill in 1 for Р -+ Q without looking at Q. But in the otheг two cases, you cannot Ье sure of the гesult of Р н Q 01' Р Е1Э Q without looking at both Р and Q . Exercise 1 . 7 . 1

(а)

р q (р Е1Э q) о о о о о о 1 о 1 1 1 о о о (Ь)

н

1 1 1 1

q) v ( ( (р /\ о о 1 о о 1 о о о 1 1 1 1 1 о 1 о о о о о -,

-,

р /\ q)) о о о о 1 1 о о о

р q (р /\ q) -+ р о о о о о 1 о о 1 о о 1 1 о о о о 1 1

(с)

р q о о о 1 о

-,

1 о

(р /\ q) н ( о о о 1 1 о о 1 1 о о 1 о 1 о

-,

S-9

q) р v о 1 1 о о о 1 1 1 о о о -,

(d)

р о о о о

q r ( ( (р о о о о о 1 о о 1 1 о о о о 1 о

(\

r)

о о о о о 1 о

о 1 о 1 о 1 о

(е)

---+ q) 1 о 1 о

1

1 о о

1 о

1 о о

т о 1

( f)

р о о о о

1 о

q r ( (р ---+ q) 1 о о о о о о 1 о о о 1 1 о 1 1 о о о о о 1 о о о

Exercise 1 .7.2 ( а)

( (р о о о о

(\

(\

--,

о о о о 1 о 1 о

1 о

r

) ) ---+ q) ---+ (р ---+ q) 1 1 1 1 о

о 1 о 1 о 1 о

1

о 1 о 1 о

1

(\

1 1 о 1 о о о

(q ---+ о 1 о 1 1 о 1 о о 1 о

f-+

1 1 1 1

r

) ) ---+ (р ---+

о 1 о 1 о 1 о

1 1 1 1

1

1 1 1

(q (\ р) о о о 1 о о о о

Premise DouЫe Negation Definition of Implication Contrapositive DouЫe Negation Definition of Implication

p (f) q ( (р (\ •q) v (•р (\ q)) ( ( •q /\ р) V ( q /\ •Р)) ( ( q /\ •Р) V ( •q /\ Р)) q (f) p

1 1

(Ь)

( с)

1 о о

о о о о

р ---+ О) ---+ р о о о 1 о о 1

р q (р (\ q) о о о о о о 1 о о 1 о о о

pVq ••p V q •р ---+ q •q ---+ ''Р •q ---+ р qVp

1 1 1 1 1

о о

Premise Definition of Exclusive Or Commutativity of А D ( twice ) Commutativity of OR Definition of Exclusive Or

S- 10

о о о о

1 о 1 о

r

)

о 1 о 1 о 1 о

1 о о

о о 1 1 о о

(d)

р q r ( (р /\ q) /\ r) +--+ (р /\ (q /\ r ) ) о

о

о

о

о

о

о

о

1

о

о

о

о

о

о

1

о

о

о

о

1

1

о

о

о

о

1

о

о

о

о

о

1

о

о

о

о

1

1

о

о

1

о

1

1

о

о

1 1

1

1

о

о

о

о

о

о

1

о

о

о

о

1

о

о

о

1

1

о

о

о

о

1

о

о о

о

о

о

о

1

о

о

1

( е)

(р V q) V r • [• (р V q) /\ •r] • [(•р /\ •q) /\ •r] -, [•р /\ ( •q /\ •Т)] • [•р /\ •(q V r)] p V (q V r)

Premise Demorgan OI-To-And DeMorgan Or-To-And Associativity of AND DeMorgan And-to-Or DeMorgan And-To-Or

Exercise 1.7.3 ( а) • ( (а /\ •Ь) V (а EfJ Ь) ) +--+ (•(а /\ •Ь) /\ •(а EfJ Ь) ) (Ь) ( ( (а ---+ Ь) ---+ (Ь ---+ а)) /\ ((Ь ---+ а) ---+ (а +--+ Ь) ) ) ---+ ( (а ---+ Ь) ---+ (а +--+ Ь)) (с ) ((а /\ Ь) +--+ (а V Ь) ) +--+ ( ( (а /\ Ь) ---+ (а V Ь) ) /\ ( (а V Ь) ---+ (а /\ Ь))) Exercise 1 . 7.4 ( а) Left Separation, а V •Ь for р, с ---+ d for q (Ь) Excluded Middle, r ---+ •р for р

(с ) Contrapositive, а /\ Ь for р, Ь for q Exercise 1 . 7. 5

р +--+ q (р -+ q) /\ (q -+ р) ( •р v q) /\ ( •q v р) • [ ( •( •р v q) v •( •q v р)] • [(р /\ •q) v (q /\ •р)] • (р EfJ q)

Pгemise Equivalence and Implication Definition of Implication DeMorgan And-To-Or DeMorgan Or-To-And Definition of Exclusive OR

Exeгcise 1 . 7.6 Simplest is Р = О and Q = 1. The compound pгoposition ( r EfJ О) ---+ (r EfJ 1) simplifies to r ---+ •Т, which is not а tautology because it is false when r is tгue. Exercise 1 . 7. 7

р -+ q •p V q q v •р • (•q) V •Р •q ---+ •р

Pгemise Definition of Implication Commutativity of OR DouЫe Negation Definition of Implication

Exeгcise 1 . 7. 8

8- 1 1

Exercise 1 . 7. 9

Exercise 1 .7.10

Exercise 1.8.1

1. 2. 3. 4. 5. 6. 7. 8.

-,(q --+ r) -,(-,q V r) q f\ -,r q р v -,q -,q v р q --+ р р

1. 2. 3. 4.

'Р pVq 'Р --+ q q

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 1 7. 18. 19. 20. 21. 22. 23. 24.

Second Premise Definition of Implication DeMorgan Left Separation First Premise Commutativity of OR Definition of Implication Modus Ponens, lines 4 and 7 Second Premise First Premise Definition of Implication Modus Ponens, lines 1 and 3

p f\ (q V r) р q р (\ q (р f\ q) V (р f\ r) -,q qVr r р f\ r (р f\ q) V (р f\ r) (p f\ (q V r) ) --+ ( (p f\ q) v (p f\ r)) (р f\ q) V (р f\ r) р (\ q р q qVr p f\ (q V r) -,(р (\ q) р f\ r r qVr p f\ (q v r) ( (р f\ q) V (р f\ r)) --+ (р f\ (q V r)) ( (р f\ q) V (р f\ r)) +-+ (р f\ (q V r))

о f\ p о (O f\ p) --+ 0 -,о 0 --+ (O f\ p) (O f\ p) +-+ 0

Premise fщ first proof Left Sepaгation, line 1 Assumption for Case 1 of first proof Conjunction, lines 2 and 3 Left Joining, conclusion of Case 1 Assumption fщ Case 2 of first proof Right Separation, line 1 Tertium on Datur (see Exercise 1 . 7.8 ) , lines 6 and 7 Conjunction, lines 2 and 8 Right Joining, conclusion of Case 2 Pr·oof Ьу Cases, end of fiгst ргооf Pгemise fог second proof Assumptioп fог Case 1 of second proof Left Sepaгation Right Separation, line 13 Left J oining Conjunction, lines 14 and 16, conclusioп of Case 1 Assumption fог Case 2 of second proof Tertium оп Datur, lines 12 and 18 Right Sepaгation Right Joining] Conjunction, lines 14 and 2 1 , conclusion of Case 2 Proof Ьу Cases, end of second proof Equivalence and Implication

Premise Left Separation Direct Proof Definition of О Vacuous Proof Equivalence and Implication

Exercise 1.8.2 Define propositioпal variaЫes w ( "witches float" ) , r ( "very small rocks float" ) , с S- 12

( "churches float" ) , and d ( "ducks float" ) . 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15.

Exercise 1 .8.3

wVrVc --,r /\ (w -t d) с cVd -,с --,r (r V с) V w --i(r v c) -t w -,с /\ --,r --i(r V с) w w -t d d cVd ( pгemises ) -t (с V d)

First Premise Second Premise Assumption for Proof Ву Cases Right J oining Assumption for other half of Proof Ву Cases Left Separation ( from second premise) Commutativity and Associativity of OR, from first premise Definition of Implication Conjunction from lines 5 and 6 DeMorgan Or-To-And Modus Ponens ( lines 10, 8 ) Right Separation, second premise Modus Ponens ( lines 1 1 , 1 2 ) Left Joining Proof Ву Cases

(а) Subgoals are (р /\ q /\ q) -t (р V q) and (р /\ q /\ --iq) -t (р V q) . For the first ргооf, dei·ive q Ьу Right Sepaгation and then р V q Ьу Left Joining. For the second, use associativity of AND and Excluded Middle to get р /\ О, which is О Ьу Right Zero, and derive р V q from О Ьу Vacuous Proof.

( Ь ) Subgoals are (р /\ q)

-t р and р -t (р V q) . But each of these subgoals can Ье pгoved Ьу а single rule, Left Sepaгation and Right Joining гespectively.

Exeгcise 1.8.4 Contгapositive gives а premise of --i(p V q) and а conclusion of --i (p /\ q) . The proof goes through --ip /\ --iq ( DeMoгgan ) , 'Р ( Left Separation ) , and --ip V --iq ( Right Joining) , with the last step DeMorgan again. Contradiction gives а premise of (р /\ q) /\ --i(p V q) and а conclusion of О. The premise can Ье used to derive р /\ q /\ (--ip /\ --,q) ( Ьу DeMorgan ) , and then commutativity and associativity of AND can Ье used to get р /\ 'Р А Ded with otheг things, which is О Ьу Excluded Middle and the Zего rules. Exercise 1 .8.5

(а) Get р Ьу Left Separation.

( Ь ) Get 'Р /\ --i(q V r) Ьу DeMorgan Or-to-And. (с) Change the second ANDed component to q -t r Ьу Contrapositive. Exercise 1 .8.6

(а) Use the Vacuous Ргооf rнle to get the desired implication fгom р.

( Ь ) Conveгt r -t ( 'Р /\ q) to the desired О R statement. (с) Use Modus Ponens on r -t р and r to get р. Exeгcise 1 .8.7 Letting s mean "you say а word" and с mean "I will cut off your heads" , оuг premise is ( s -t с) /\ ( --,s -t с) . We can easily derive с fгom this pгemise:

S- 13

1. 2. 3. 4. 5 6. 7. 8.

(8 ---+ с) /\ (--,3 ---+ с) 8

8 ---+ с с

--,3 --,3 ---+ с

с

((8 ---+ с ) /\ (--,3 ---+ с)) ---+ с

Premise Assumption for Case 1 Left Separation, line 1 Modus Ponens, lines 2 and 3, conclusion of Case 1 Assumption for Case 2 Right Separation, line 1 Modus Ponens, lines 5 and 6, conclusion of Case 2 Proof Ву Cases, end of proof

Exeгcise 1 . 8.8 (а) Since we have р V r as the front of an implication in the premise, we would like to form it so we can use Modus Ponens with that implication. (Ь) We have only done one of the two cases - our proof of 8 used an assumption but we eventually need to prove that 8 holds with or without that assumption. (с) We need to put the statement of line 7 into а form where we can use Modus Ponens with line 6. If we instead used Tertium on Datur from Exercise 1 .7.8, we could use line 7 directly without this transformation. (d) In line 3, we were operating under the assumption of the fu·st case, and now we аге not. We cannot guaгantee that something tгue in one case can Ье taken to use in а different case. Exercise 1 .8.9

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13.

p V (q l\ r) р pVr 'Р q /\ r r pVr (p V (q l\ r)) ---+ (p V r) pVr (p v r) ---+ 8 8 (p V r) ---+ 8 ( (р V (q 1\ r)) 1\ ( (р V r) ---+ 8)) ---+ 8

Assumption for fiгst half Assumption for Case 1 of fiгst half Left Joining, conclusion of Case 1 Assumption fог Case 2 of first half Tertium Non Datur (Exercise 1 .7.8) , lines 1 and 4 Right Sepaгation Right Joining, conclusion of Case 2 Ргооf Ву Cases, end of fiгst half Assumption fог second half Second premise Modus Ponens, lines 9 and 10 Conclusion of second half Hypothetical Syllogism, lines 8 and 12, end of ргооf

Exeгcise 1 . 8 . 10 We need to show that Р still implies С in the otheг case, wheгe q н is false. So we need а new ргооf starting fl'om Р 1\ --,( q н r) or Р 1\ ( q Е1Э r). Exeгcise 1 . 1 0. 1

(а ) Signature "real х, real у, real z" , template " ( у < х < z ) V ( z < х < у) " . (Ь) Signature "real х, real у" , template "х 2 + у2 = 1" . (с) Signature "team Х" , template "the first three runners wеге from Х" . (d) Sigнature "player р, team t" , template "the batting average and ОВР of р аге both higheг than those of the centeг fielder of t" .

Exeгcise 1 . 1 0.2

(а) "The stгings а and аЬ staгt with the same letteг, and eitheг ba has exactly two letteгs, or ааЬ starts and ends with the same letter, but not both." This is TRUE (1 1\ (1 Е1Э О) = 1 ) . S- 14

(Ь ) "If а and а start with the same letter, then either ааа starts and ends with the same letter or Ь has exactly two letters if and only if Ь and аЬа start with the same letter." This is TRUE (1 ---+ ( 1 V ( 1 н 1 ) ) = 1 ) .

( с ) "If а has exactly two letters, then а а starts and ends with the same letter and either Ь and ЬЬЬ start with the same letter, ог ,\ has exactly two letters, but not both." This is also TRUE (О ---+ (1 /\ ( 1 Е9 О) ) = 1 ) .

Exercise 1 . 1 0.3

( а) (Р(аЬ) /\ R(w, аЬ) ) ---+ Q (w), w i s the only fгее vагiаЫе. ( Ь ) [Q(aba) Е9 R(aba, ЬаЬ)] ---+ [R(aa, ЬЬ) /\ Р (аа)] , there are no free variaЫes.

( с ) -. R(u, v) ---+ [(Р(и) /\ Q(u)) Е9 (P(v) /\ Q (v))] , и and v are the fгее vaгiaЫes.

Exercise 1 . 1 0.4 Such а predicate is called а "proposition" , since it is true or false already without any variaЫe values needing to Ье supplied. There is no reason why а predicate shouldn't have an empty argument list, though it would normally Ье treated as а pIOposition ( а boolean constant ) . Exercise 1 . 10.5

Exercise 1 . 1 0.6

puЫi c boolean between (real х, real у, real z) {// Returns true if х is between у and z . if (у < z ) return (у < х) && (х < z ) ; if (z < у) return (z < х) && (х < у) ; return f alse ; }

( а) S(b, х ) н -.S(x, х ) ( Ь ) If we substitute Ь fог х in the statement of рагt ( а ) , we get S(Ь, Ь) н -.S(b, Ь) , which is а contгadiction.

Exercise 1 . 10.7 ( а) -. (R(c) ---+ (F(d) V R(d))

( Ь ) F(c) Е9 F(d) ( с ) В(с) н (В(с) V B (d) Exercise 1 . 1 0.8 Statement ( а) tells us that R(c) is true and F(d) V R(d) is false, so -.F(d) and -.R(d) are both tгue. Statement ( Ь ) that tells us that F(c) is true, since F(d) is false. Finally, we can examine statement ( с ) Ьу cases. If Cardie is not Ыасk, then at least one of them is Ыасk and Duncan must Ье Ыасk. If Cardie is Ыасk, then neither is Ыасk, which is а contradiction. So В (с) is false and B(d) is true. Exercise 1 . 1 0.9

( а ) The three statements are Т(а) н ( (Т(а) V Т(Ь)) ---+ Т(с) ) , Т(Ь) н (Т(с) ---+ -.Т(а) ) , and Т (с) н -.(Т(а) /\ Т(Ь) /\ Т(с) ) . ( Ь ) All we have done i s t o rename the three boolean variaЬles, s o nothing changes.

Exercise 1 . 10. 10 ( а) CharAt(w, О, а)

( Ь ) CharAt(w, lwl

-

1, а)

( с ) CharAt(wR , i , a) н CharAt(w, l w l - i - 1 , а)

S- 15

S.2

Exercise 2 . 1 . 1

Exercises From Chapter 2

(а) { ( 1 , х ) , ( 1 , у ) , ( 1 , z) , ( 2 , х ) , ( 2 , у ) , ( 2 , z ) } (Ь) { ( х , 1 ) , ( х, 2 ) , ( у , 1 ) , ( у, 2 ) , ( z, 1 ) , ( z , 2 ) } ( с ) { (cat, 1 ) , (cat, 2 ) , (dog, 1 ) , (dog, 2 ) }

( d ) { ( 1 , х, cat ) , ( 1 , х , dog) , ( 1 , у , cat ) , ( 1 , у , dog) , ( 1 , z, cat ) , ( 1 , z, dog) , ( 2, х , cat ) , (2, х , dog) , ( 2, у , cat ) , ( 2 , у , dog) , ( 2 , z, cat ) , (2, z, dog) }

( е ) { ( х, 1 , х ) , ( х, 1 , у ) , ( х, 1 , z) , ( х , 2, х ) , ( х , 2, у ) , ( х , 2, z) , ( у , 1, х ) , ( у, 1 , у ) , ( у , 1 , z) , ( у , 2 , х ) , ( у , 2 , у ) , ( у , 2 , z) , (z, 1 , х) , (z, 1 , у ) , ( z, 1 , z ) , (z, 2 , х ) , ( z, 2, у) , ( z , 2, z) }

Exercise 2 . 1 . 2

(а) Z(ch) meaning "ch comes before

е

in the alphabet"

(Ь) { Ь , f, j, р, v } , with z added if you consider у а vowel

( с ) Y (ch) meaning "ch is the n'th letter in the alphabet and п is divisiЫe Ьу 3" ( d ) {a, h , i , m , o, t, u , v , w, x, y } Exercise 2 . 1 .3 ( а ) C(ch1 , ch 2 ) meaning "ch1 = Ь and ch2 Е V" (Ь) { ( Ь, е ) , ( d, о) }

( с ) D (ch 1 , ch2 ) meaning "ch 1 = с or ch 1 = d , and ch2 = е ( d ) { ( Ь, а ) , ( Ь, е ) , ( Ь, i ) , (Ь, и ) , ( с, о) , ( d , о) }

Exercise 2 . 1 .4

OI

ch 2 = и"

(а) [ [true , false , true , false] , [f alse , false , f alse , true] , [false , f alse , f alse , f alse] , [false , f alse , f alse , false] ] (Ь) [ [true , false , true , f alse] , [f alse , true , f alse , true] , [true , false , true , f alse] , [false , true , false , true] ]

( с ) [ [f alse , false , f alse , f alse] , [false , f alse , false , f alse] , [false , f alse , f alse , f alse] , [false , f alse , f alse , f alse] ]

Exercise 2 . 1 . 5

( а ) { ( х , у ) : (у = х) V (у = х + 1 ) } (Ь) 0

(с) А ( d) { ( x , y ) : (y = x) V (x = y + l) }

Exercise 2 . 1 .6 { ( О, О, О) , (О, 1 , 1 ) , ( О, 2, 2) , ( О, 3, 3) , ( 1, О, 1 ) , ( 1 , 1 , 2) , ( 1 , 2 , 3 ) , ( 2, О, 2 ) , (2 , 1 , 3) , ( 3, О, 3 ) } Exeicise 2 . 1 . 7

(а) А 1 00 Ьу 100 boolean апау will do the job, and no other repiesentation is likely to Ье betteI unless tl1e picture has а simple descгiption.

( Ь ) А list wil have one entгy for each of the 14,654 wшds that occur in the ВiЫе.

This will require much less storage than а boolean апау, which woнld have an entry for each of the 2620 or about 2(10 28) elements of S. And theгe is no clear way to deter-mine membeгship in R that would Ье easieг or faster than looking for the word in а list.

( с ) Неге а method can easily calculate whether ( х, у ) satisfies the rнle. Exercise 2. 1.8 ( 1 , 2 , 3) , ( 1 , 2, 4) , ( 1 , 2 , 5 ) , ( 1 , 3, 4 ) , ( 1 , 3 , 5 ) , ( 1 , 4.5 ) , ( 2, 3, 4 ) , ( 2, 3, 5 ) , ( 2, 4 , 5 ) , ( 3 , 4, 5 ) .

S- 16

Exercise 2 . 1 . 9 То specify а k-ary relation on an n-element set, we need to say for each of the п k possiЬle k-tuples whether it is in the relation or not. These n k Ьinary choices may Ье made in 2п k possiЫe ways. For 2п k to Ье less than 1000, n k itself must Ье less than 10. So we could have k = 1 and п :::; 9, k = 2 and п :::; 3, or k = 3 and п = 2. Exercise 2 . 1 . 10 There аге seven pairs in the graph: ( О, 3) , ( 1 , 4 ) , ( 2, 5 ) , ( 3, 6) , ( 4, О ) , ( 5, 1 ) , and ( 6 , 2 ) . The 7 х у boolean array would Ье mostly zeros, with 1 entries only in the seven locations corresponding to the pairs in the гelation. Exercise 2.3.1

( а) For every two naturals х and TRUE

у,

the sum of х and у equals the sum of у and х.

(Ь) Еvегу natural is the square of some natural. FALSE (с) Еvегу natural has

а

natural that is its square. TRUE

(d) Тhеге is а natural х such that for any natuгal у, х2 + 4 is less than ог equal to 4х + у. TRUE (If we take х = 2, then fог any natuгal у it is true that х 2 + 4 = 8 is less that or equal to 4х + у = 8 + у. This is the only value of х that woгks.) Exercise 2.3.2

( а) 3w : Р( w) /\ Q( w) (Ь) Vw : P(w) ---+ Q(w) (с) [Vw : 3х : (w =/:- х) /\ R(w, х)] ---+ [Vy : Р(у)] (d) Q(w) /\ [Vx : Q(x) ---+ R(w, х)] (е) [P(w) /\ Q(w) /\ R(w, аЬ)] ---+ (w = аа)

Exercise 2.3.3

( а) а tгue sentence

(Ь) а false sentence, аЬ is а counterexample

( с ) а false sentence, the first square-bracketed statement is true and the second is false

(d) w is the only fгее variaЫe, but the statement is false for all w

( е) w is the only free variaЫe, but the statement is tгue fог all w Exercise 2.3.4 ( а) Vw : -,р( w) V -iQ( w) Given any string, either it does not have exactly two letters or it does not start and end with the same letter, or both. (Ь) 3w : P(w) /\ -iQ(w) There exists а string of two letters that does not staгt and end with the same letter. ( с ) [Vw : 3х : (w =/:- х) /\ R(w, x)] /\ [3у : -,Р ( у )] For еvегу string, there is another string that starts with the same letter, and there exists а string that does not have exactly two letters. (d) -,Q(w) V [3х : Q (x) /\ -iR(w, x)] Either the string w does not staгt and end with the same letteг, or there exists а string that starts and ends with the same lette1· that does not start with the same letter as w . ( е ) P(w) /\ Q ( w ) /\ R ( w , аЬ) /\ (w =/= аа) The string w has exactly two letters, starts and ends with the same letter, and staгts with the same lette1· as does аЬ, but w is not аа. Exercise 2.3.5

( а) у is free, х and z are bound S- 17

(Ь) w is fiee, х, у, and z aie bound

(с) у is fiee in the fiist expiession and bound in the second, х is bound in the fiist expiession and fiee in the second, and z is fiee

Exeicise 2.3.6

(а) п1 (Р) (х) is tIUe if and only if 3 у : Р(х, у). п2 (Р) (у) is tпie if and only if 3х : Р(х, у).

(Ь) If Т is the join of R and S, then Т(а, с) is tiue if and only if 3Ь : R(a, Ь) /\ S ( b, с) . Exeicise 2.3.7 ( 3х : Р(п)) Exeicise 2.3.8

�

(3х : Vy : Р(х) /\ (Р(у)

�

(х :::; у) ) )

•

PiedecessOI: (х < у) /\ --,::Jz : (х < z) /\ ( z < у) SuccessOI: (у < х) /\ --,::Jz : (у < z ) /\ ( z < х)

•

Even numbeI: 3у : х = 2 у

•

Odd numbeI: 3у : х = 2 у + 1

•

Exeicise 2.3.9 This statement is equivalent to 3х : Р(х). If one element exists satisfying Р, then two exist because they are allowed to Ье the same. And ceitainly if two exist, then one exists. Exeicise 2.3. 10 Vc : 3j : Q(c, j) /\ A(c, j ) /\ Vj' : A(c, j')

�

(j = j')

Exeicise 2 . 5 . 1 The language {а} Е* is the set of all stiings that begin with а, and { Ь} Е* is the set of all strings that begin with Ь. Similaily Е* {а} is the set of all stiings that end in а and Е* { Ь} is the set of all strings that end in Ь. Exercise 2.5.2

(а) The set of stiings that begin with а or end with Ь (Ь) The set of strings that both begin with а and end with Ь

(с) The set of stiings that begin with а or begin with Ь, that is, all strings except Л

(d ) The set of stiings that both end in а and end in Ь, that is, the empty set Exercise 2.5.3

(а) { аааа, аааЬ, аааЬЬ, аЬа, аЬЬ, аЬЬЬ} (Ь) { аа, аЬ, аЬЬ, ааа, ааЬ, ааЬЬ, аЬа, аЬЬЬ}

(с) { ааааааа, аааааЬ, аааЬааа, аааЬаЬ, аааЬЬааа,аааЬЬаЬ, аЬаааа, аЬааЬ, аЬЬааа, аЬЬаЬ, аЬЬЬааа, аЬЬЬаЬ}

(d) {ааааа, аааааа, аааааЬ, аааЬа,аааЬаа, аааЬаЬ, аааЬЬа, аааЬЬаа, аааЬЬаЬ, аЬаа,

аЬааа, аЬааЬ, аЬЬа, аЬЬаа, аЬЬаЬ, аЬЬЬа, аЬЬЬаа, аЬЬЬаЬ, ааааЬ, ааааЬЬ, ааЬа, ааЬЬ, ааЬЬЬ, аааааЬЬ, аааЬЬ, аааЬЬЬ, аЬаааа, аЬаааЬ, аЬаааЬЬ, аЬаЬа, аЬаЬЬ, аЬаЬЬЬ}

Exeicise 2.5.4 FOI i = j = 2 we may let both А and В Ье the language { Л, а}, so that АВ = { Л, а, аа} which has size 2 + 2 - 1 = 3. In general if we let А Ье {Л, а, . . . , ai - l } and В Ье { Л, а, . . . , a1- I } then АВ = { Л, а, . . . , ai +1- 2 } and thus I AB I = i + j - 1 . Exercise 2.5.5 The language Е 3 i s the set o f all strings with exactly thiee letters. The language E k is the set of all strings with exactly k letteis, and theI"e aie exactly 2k such strings. Exeicise 2.5.6

(а) 'Vw : [3и : 3v : А(и) /\ B (v) /\ (w = uv)] +--+ [3и : 3v : A(v) /\ В (и) /\ (w = uv)] (Ь) 3w : [3и : 3v : А(и) /\ B (v) /\ (w = uv)] Е11 [3и : 3v : A(v) /\ В(и) /\ (w = uv)] S- 18

Exercise 2.5.7 (а) There are several families of examples. If А = В and lambda Е А, then any string in АВ is also in both А and В. So we can make any stI"ing in (АВ ) * Ьу making it in А* and then appending Л which is in В* . Any string in А*В* is also in (АВ ) * (АВ)* which is contained in (АВ ) * . (Ь) If А = В = {О}, then (АВ)* is all stiings consisting of an even numbeI" of O's, while А* В* is all strings consisting only of O's. ExeI"cise 2 . 5.8 There must Ье exactly nt stiings in xt. Theie aI"e nt ways to fшm а stiing Ьу concatenating t strings fi:om Х , and each leads to а different string because there is only one way to divide а stiing of length tk into t stiings of length k. Exercise 2.5.9

(а) We can wгite Х as {а}

U {Ь} U { ! } U {i} U {r} U {t} U {и} and then wiite the given language as ХХХХХ* oI Х 4 Х * . ( Ь ) Х 4 Х* n X * { f}X*

Exercise 2 . 5 . 10 Requiring each letter is just an extension of requiring f in Exercise 2.5.9 (Ь) . We can write the language as X 4 X*nX* {a}X* nX* {b}X* nX* {f}X*nX * {i}X*nX * {r}X*n Х * { t } Х * nX* {и} Х * . An English word in this set of pangrams is "fl'uitbat" . We could actually leave out the "four or more letters" condition because we can't contain each of the seven letters without following it. Exercise 2.6.1

(а) Let Tommy Ье an arЬitrary trout, prove that "Tommy lives in trees" , and use the Rule of Generalization to get the desired conclusion.

(Ь) Use the Rule of Existence to conclude "Theie exists а tI"out who lives in trees" .

(с) Use the Rule of Specification to conclude "Tommy lives in trees" .

(d) Use the Rule of Instantiation to say "Let Tommy Ье а trout who lives in tiees" . Exercise 2.6.2 We first assume that 'llx : \/у : Р(х, у) is trнe and set out to prove \/у : 'llx : Р(х, у) . Let Ь Ье an arЬitrary object of y's type. Let а Ье an aI"Ьitrary object of x's type. Ву Specification fiom the premise to а , we have that \/у : Р(а, у ) . Ву Specification from this to Ь, we have that Р( а, Ь) is true. Since а was arЬiti-ary, Ьу Generalization we conclude 'llx : Р(х, Ь) . Since Ь was arЬitrary, Ьу Generalization we conclude \/у : 'llx : Р(х, у), as desired. The pioof in the other direction is identical, simply exchanging х with у and а with Ь. Exercise 2.6.3 We first assume that 3х : 3у : Р(х, у) and set out to prove 3у : 3х : Р(х, у). (As in Exercise 2.6.2, the other direction of the proof will Ье identical, switching the two variaЬles.) Ву Instantiation, let а Ье an object of x's type such that 3у : Р(а, у ) . В у Instantiation, let Ь Ь е a n object of y ' s type such that Р ( а , Ь) . В у Existence, we may conclude that 3х : Р(х, Ь) . Ву Existence again, we conclнde 3у : 3х : Р(х, у), as desired. Exeicise 2.6.4 Assume that 3и : 'llv : Р(и, v ) . Let Ь Ье an arЬitiary object of the type of у. Ву Instantiation from the premise, let а Ье an object of the type of и such that 'llv : P(a, v). Ву Specification from tl1is to our Ь, we have that Р(а, Ь) . Ву Existence, we have that 3х : Р(х, Ь) . Since Ь was arЪitrary, Ьу Generalization we conclude \/у : 3х : Р(х, у) , as desired. The converse is not tIUe, as shown Ьу the examples in Subsection 2.3.2 (see also ProЫem 2.6.5 ) .

S- 19

Exercise 2.6.5 We first prove Vx : К ( х ) ---+ В ( х ) . Let а Ье an arЬitrary person. F1:om Specification on the premise Vx : -.К ( х ) , we have that -.К ( а ) . Ву Vacuous Proof, then, we have that К ( а ) ---+ В ( а ) . Since а was arЬitrary, Ьу Generalization we conclude Vx : К ( х ) ---+ В ( х ) , as desired. We now prove Vx : К ( х ) ---+ -.В ( х ) . We let а Ье arЬitrary and derive -.К ( а ) as above. Now Vacuous Proof gives us К ( а ) ---+ -.В ( а ) , and since а >vas arЬitгary >ve have Vx : К ( х ) ---+ -.В ( х ) as desired. Exeгcise 2.6.6 ( а) [Vx : ( х = с) V ( х = d)] /\ [::Jy : у = с] /\ [::Jz : z = d] . We need all three conditions, to say both that с and d аге in the type and that no otheг elements аге in it .

(Ь)

• • • •

• •

Let х Ье an агЬitшrу element of Х . В у Specification from part ( а) , and Left Sepaгation, ( х = с) V ( х = d). Case 1 : х = с, and from the hypothesis Р ( с) we have Р ( х ) . Case 2 : : х =/=- с, so х = d Ьу Tertium Non Datur, and Ьу the hypothesis P (d) we have Р ( х ) . Ву Ргооf Ву Cases, we have Р ( х ) . Since х was arЬitrary, we have Vx : Р ( х ) Ьу Generalizatio11.

Exeгcise 2.6.7 ( а) Vx : ::Jy : ::Jz : L(x, у) /\ L(x, z) /\ (у =/=- z ) . ( Ь ) • Ву Specification from the premise, we have ::Jy : ::Jz : L(c, y)/\L(c, z) /\ (y =/=- z ) . • Ву I11stantiation, choose activities у and z such that L(c, y) /\L(c, z) /\ (y =/=- z ) . • Case 1 : у = Ь. Then z =/=- Ь, and Ь у a n aгgument similaг t o Exeгcise 2.6.6, (z = r ) V (z = s ) . • In this case, L( с, z) implies L( с, r ) V L( с, s ) and we have our conclusion for case 1 . • Case 2 : у =/=- Ь . В у the same гeasoning, ( у = r ) V ( у = s ) , and since L(с , у) we have L(c, r ) V L(c, s ) . • Ву Proof Ву Cases, we have our conclusion.

(с)

• • •

•

• • •

Let х Ье an arЬitrary dog. Ву Specification from рагt ( а) , :3у : ::Jz : L(x, у) /\ L(x, z) /\ (у =/=- z ) . В у Instantiation, choose activities у and z such that L ( x , у) /\ L ( x , z) /\ (у =f. z). Case 1 : у = Ь. Then since у =/=- z , we have z =/=- Ь , and since L ( x , z) i s true Ьу Existence we have ::Jw : L(x, w) /\ (w =/=- Ь) which is our conclusion with а renamed bound vшiаЫе. Case 2: у =/=- Ь. Since L (x, у) , Ьу Existence we have ::Jy : L (x, у) /\ (у =/=- Ь. Ву Ргооf Ву Cases we have ::J y : L(x, у) /\ (у =/=- Ь). Since х was arЬitrary we have Vx : ::Jy : L(x, у) /\ (у =/=- Ь) Ьу Geneгalization.

Exeгcise 2.6.8 ( а) Vx : WSD(x) ---+ M W(x) and Vx : MW(x) ---+ W(x).

( Ь ) Ву Specification, we have WSD(c) ---+ M W(c) and MW(c) ---+ W(c). From the given piemise WSD(c) , we use Modнs Ponens on the fiгst statement to get MW(c, then Modus Ponens on the second statement to get W(c) .

S-20

(с) The statement is \:/х : WSD(x)

---t W(x) . То prove it, we let х Ье an arЬitrary peison and assume WSD (x). We then specify the two premises to х to get WSD(x) ---t MW(x) and MW(x) ---t W(x) . Using Modus Ponens twice as in part (Ь) , we get W(x) and we have proved WSD(x) ---t W(x). (We coнld also comЬine the two specified piemises Ьу Hypothetical Syllogism to get WSD(x) ---t W (x) . ) Since х was arЬitrary, Ьу Generalization we have proved the desiied statement.

Exeicise 2.6.9 ( а) \:/х : \:/у : 3а : L(x, а) /\ L(y, а) and \:/х : \:/у : [3а : L(x, а) /\ L(y, а)] ---t (х = у ) . (Ь)

• • •

•

Ву Instantiation, choose two dogs х and х' such that х # х'. Ву Specification on the first piemise, we have 3а : L(x, а) /\ L (x', а ) . В у Specification o n the second premise, we have [3а : L( х, а) /\ L ( х', а ) ] ---t (х = х') . В у Modus Ponens, we have х = х ' . This contradicts the eailier derived statement х # х'.

(с) The two statements are both true if the size of D is zero or one, as then the conclusion х = х' is guaranteed to Ье true whatever activities the dog, if it exists, likes.

Exercise 2 . 6 . 10 ( а) То prove \:/п : Е (п) • • • • • • • •

(Ь) То piove \:/п : О(п) • • • • • • • •

---t

О(п + 1 ) :

Let п Ьу an arЬitrary natural. Assuшe Е (п) , which Ьу the definition means 3k : п = 2k. Instantiate k so that п = 2k. Ву arithmetic, п + 1 = 2k + 1 . Ву Existence, with k in the role of k, we have 3k : п + 1 = 2k + 1 . В у the definition, we have О ( п + 1 ) . We have completed а Direct Proof o f Е (п) ---t О ( п + 1 ) . Since п w e arЬitrary, Ьу Generalization we have pioved the desired state­ ment. ---t

Е (п + 1 ) :

Let п Ь е an arЬitrary natural. Assume О(п) , which Ьу the definition means 3 k : п = 2k + 1 . Instantiate k s o that п = 2 k + 1 . В у aiithmetic, п + 1 = 2k + 2 = 2 ( k + 1 ) . В у Existence, with k + 1 in the role o f k, we have 3 k : п + 1 = 2k. Ву the definition, we have Е(п + 1 ) . We have completed а Direct Proof o f О(п) ---t Е (п + 1 ) . Since п was arЬitrary, Ьу Generalization we have pioved the desiI"ed state­ ment.

Exercise 2.8. l Let А = { 1 , 2} and В = {3, 4 } . Define R to Ье the relation { ( 1 , 3) , (1, 4) , (2, 3) } . This is total Ьнt not well-defined (since 1 is mapped t o two diffeient elements) . Let S Ье the relation { ( 1 , 3) } . This is •vell-defined Ьнt not total (since 2 is not mapped anywheie) . The diagшms are in Figure S-3.

S-21

R

1 е ----- • З

s 1 • ----- · з

@Kendall Hu11t PuЫisl1ing Company

Figure S-3: Diagrams of Two Relatioпs for Exercise 2.8.1

0 1. 2.

�

.w •х •у 4•-• z

3 .

1• 0 2•

3 .

•w

�•х

4.

•у •z

�

®1e-•W 2• •х •у •z 4. 3 .

1• 0 2.

•w •х •у •z

3 .

4•

W

· 0 2 • ....� ..--- • х 1 .

з .

4. 1 • 2.

�·У •z

•

3.

4.

. w� •х •у •z

@Kendall Hunt PuЫishing Company

Figure S-4: Diagrams of the Relatioпs iп Exercise 2.8.3 Exercise 2.8.2 The statemeпt was -,::Ja : ::JЬ : ::Jc : ( (а, Ь) Е R) /\ ( ( а, с) Е R /\ (Ь -=1- с) . If we omit the "Ь -=1- с" from this statemeпt, then по relation is well-defined unless it is the empty relation. If any а and Ь exist such that ( а, Ь) Е R, then if we take Ь = с the statement is falsified. Exercise 2.8.3 (а) total, but not well-defined siпce 1 maps to two different elements

( Ь) both total and well-defined, since each element of А is mapped to exactly one element of В

(с) well-defined but not total as 1 and 3 are not mapped

( d ) not total as 1 and 4 are not mapped, not well-defined as 3 is mapped to two different elements of В ( е ) well-defined but not total, no elements of А аге mapped

( f ) total but поt well-defined, all elements of А are mapped to more than one element of В

Diagrams are in Figure S-4. Exercise 2 .8.4 All Ьinary relations on an empty or one-element set are both symmetric and antisym­ metric. А Ьinary relatioп а two-element set {а, Ь} is either one or the other, depending on whether the truth values of R(a, Ь) and R(Ь, а) are the same or different. But on а thi-ee-element set {а, Ь, с} we can have R(a, Ь) and R(Ь, а) both ti-ue, making R not antisymmetric, and have R(a, с) true and R(c, а) false, making R поt symmetric. S-22

0

5

· � - � 4•

0

.2

®,���['

•З

�

� nt 1

nt 1 �

5 •

�

4

-�/')

•2

@,

п, .

3

tМг� ·

U

�з

@Kendall Hunt PuЫisblng Соmраву

Figure S-5: Diagrams of Relations for Exercise 2.8.6 Exercise 2.8.5 Since the symmetry condition cannot Ье violated Ьу а loop, а symmetric relation may have loops on any or all of its vertices, or on none. Thus it could Ье either reflexive (all loops) оI antireflexive (no loops), or neither. Since the matching апоw for an апоw from а to Ь goes from Ь to а, the matching arrow for an arrow from а to а also goes from а to а. Thus а loop is its own matching arrow, and always has а matching arrow if it exists itself. Exercise 2.8.6 Diagrams are in Figure S-5. (а) symmetric, no other properties (Ь) no properties (с) reflexive, symmetric, transitive, not antisymmetric (d) not reflexive (no loop at 5 ) , not symmetric (5 to 3, not 3 to 5), поt aпtisymmetric (1 to 2 апd 2 to 1 ) , поt traпsitive (5 to 3 апd 3 to 4 but поt 5 to 4) Exercise 2.8.7 As we observed iп Exercise 2.8.4, ff we have zero, one, or two elemeпts iп our set, every reflexive relatioп is also traпsitive апd we сап check that each опе is either symmetric, aпtisymmetric, or both. So we пееd at least three elemeпts, апd we сап complete the example from Exercise 2.8.4 to solve this proЬlem as well. We make R(a, Ь) , R(Ь, а ) , R(a, с ) , апd R(Ь , с) true апd make R(c , а ) апd R(c, Ь) false. This fails symmetry with а апd Ь or with а and с, and fails aпtisymmetry with а and Ь. But we can check that it is traпsitive: iп order to have R(x , у) апd R(y , z ) both true, we eithei· have z = с (which makes R(x, z ) true whatever х is) or have all three variaЫes come from а апd Ь (which also makes R(x, z ) true) . Exercise 2.8.8

(а) Each caпdidate is qualified for at least опе job. (Ь) No caпdidate is qualified for more than опе job. (с) Each candidate is qualified for exactly опе job. (But note that two differeпt caпdidates might Ье qualified fог the same job.)

S-23

(d) Q must have а subset that is а function and also has the pгoperty that no two candidates are mapped to the same j ob. (This will Ье called being "one-to-one" in the next section. ) Exeгcise 2.8.9 I f А i s empty, then the only possiЬly R i s also empty and i s both refiexive and an­ tirefiexive. If А has exactly one element а, then it is refiexive if R ( a , а) is tгue and antirefiexive if it is false. But if А has two distinct elements а and Ь, we can make it neither Ьу setting R(a , а) tгue and R(Ь, Ь) false. Exercise 2.8.10

(а) If k is odd, еvегу геаl number has а unique k'th root, so fог any given х, р(х) is defined and the unique possiЫe value of у is the k'th root of р(х) . (Ь) With k = 2 (or actually for any other positive even k as well) , there аге two possiЫe values of у if р(х) is positive, one if р(х) О and none if it is negative. So if р(х) = О, Rk ,p is а function (the zero function. If р(х) = 1 , then Rk ,p is total but not well-defined. If р(х) - 1 , Rk ,p is well-defined but not total. ( с ) With k О we have to have уа р(х) , which is only possiЫe if р(х) 1. So =

,

=

=

=

,

=

if for any х we have р(х) -:/= 1, then Ro,p is not total. But if р(х) is the constant function 1 , then апу у satisfies уа = р( х), so Ro,p is not well-defined.

Exeгcise 2.9.1 Since f(g(x)) = (2х + 3) + 2 2х + 5, f о g is the function taking х to 2х + 5. This is an injection but not а surjection O I Ьijection, and has no inverse. Since g(f(x)) = 2(х + 2) + 3 = 2х + 7, g о f is the function taking х to 2х + 7. This is also an injection but not а surjection or Ьijection, and has no inverse. =

Exercise 2.9.2

(а) injection, not surjection (Ь) surjection, not injection

( с ) Ьijection, inveгse is itself (d) Ьijection, inveгse is itself (е) neitheг injection nor surjection (f) surjection, not injection Exeгcise 2.9.3

(а) f is employees to reals, g is employees to titles, no composition (Ь) f is employees to titles, g is titles to reals, (g о !) ( х) is the salary of employee х

( с ) f is employees to employees, g is employees to reals, (g о f) (x) is the salary of employee x's supervisoг (d) f is гeals to гeals, g is employees to гeals, (! о g) (x) is the tax paid Ьу employee х Exeгcise 2.9.4

(а) (! о g) (w) awR; (! о h) (w) vR if w va , wR otherwise; (g о f) (w) wRa; (g о h) (w) = w if w = va, wa otheгwise; (h о g)(w) = w; (! о g о h) (w) = wR if w va, awR otherwise. =

=

=

=

=

(Ь) f is а Ьijection and is its own inveгse, g is an injection but not а surjection and has no inverse, h is а surjection but not an injection and has no inveгse.

( с ) (! о с) is the identity function; (g о g) (w) if w vba , Л if w а, w otheгwise. =

=

S-24

=

waa; (h о h) (w)

=

v if w

=

vaa , vb

Exercise 2.9.5 We must prove that for all elements а of А, ( (h о g) о ! ) (а) = (h o (g о ! ) ) (а) . Let а Ье an arЬitrary element of А. Let Ь = ! (а), с = g(Ь) , and d = h (c) - we will show that both function outputs are d. The first is defined to Ье (h og) (f(a) ) , which is ( h o g) (Ь) , which Ьу definition is h(g(Ь)) = h (c) = d. The other function output is defined to Ье h ( (g о ! ) (а ) ) , which is h(g(f(a) ) ) h(g(Ь)) h (c) d. Since а was aIЬitiary, the outpнts of the two functions aie the same for any а in А and the two functions are eqнal. =

=

=

Exercise 2.9.6 ( а) We take the definition of "R is onto" , 'VЬ : 3а : R(a, Ь) , and rewrite it in terms of н- 1 . This gives us 'VЬ : 3а : н- 1 (Ь, а) , which is exactly the definition of "R- 1 is total" . The two statements are clearly equivalent. ( Ь ) The definition of "R is one-to-one" is 'Va : 'VЬ : 'VЬ' : (R(a, Ь) А R(a, Ь') ) ---+ (Ь = Ь') . When we rewrite this in terms of н- 1 we get 'Va : 'VЬ : 'VЬ' : (R- 1 (Ь, а) А н- 1 (Ь1 , а) ) ---+ (Ь = Ь') , which is exactly the definition of "R- 1 is well-defined" . The two statements are clearly equivalent.

( с ) This follows immediately ттоm ( а) and ( Ь ) . R is both onto and one-to-one if and only if н- 1 is both total and well-defined, which is the definition of н- 1 being а function.

( d) Let А = {а}, В = {Ь, Ь'} , and R Ье the гelation from А to В given Ьу the pairs ( а, Ь) and ( а, Ь' ) . Then R is not а fнnction because it is not well-defined, Ьнt н- 1 is the fнnctioп taking both Ь and Ь' to а.

Exercise 2.9.7 The inveгse is the composition g- 1 о 1- 1 . То prove this we mнst show that both g- 1 о 1- 1 о 1 о g and 1 о g о g- 1 о 1- 1 аге the identity function on А. If we apply the first function to an element а, we get g- 1 (f- 1 (f(g(a ) ) ) ) . This is g- 1 (g(a) Ьесанsе 1 о 1- 1 is the identity fнnction, and this in turn is а Ьесанsе g- 1 о g is the identity functioп. А similar aгgument applies to the second function. Exeгcise 2.9.8 There аге nr possiЫe functions, because we must make r choices, опе to choose 1(а) for each element of А, and each choice is thus from п possiЬilities. If r = О then nr = 1, and there is indeed one function that has no paiis at all. If r = 1 then nr = п, and we have п fнnctions because we can map the single element of А to any of the п elements of В. If п = О then nr О нnless r is also О, and this is сoпесt Ьесанsе we canпot have а function from а non-empty set to an empty set - it would require нs to map some element of А to an element of В, and the latter does not exist. If п = 1 theп nr = 1, and there is exactly one function, the one that maps every element of А to the siпgle element of В. =

,

Exercise 2.9.9 If А has zero elements or one element, any function is an injection Ьесанsе we cannot violate the one-to-one condition withoнt two diffeгent elements of А. Similarly if В has zero elements or one element, and А is non-empty, any function is а surjection Ьесанsе it meets tl1e onto condition Ьу hitting the single element if it exists. If А is empty and В is not, the uniqнe function from А to В is not а surjection. But if both аге empty, the uniqнe fнnction is both an injection and а surjection. Exercise 2 . 9 . 10 Given а set S, we choose а stiing w such that w . charAt ( i ) is true if and only if i Е S. Given а stгing w, we let our set S Ье { i : w. charAt ( i ) } . If two sets are diffe!'ent, theгe is some element i in one and not the other, and the coпesponding strings diffel' in the i'th place. If two strings аге different, theгe is а place i in which they differ, and S-25

• d

а 8

/ � � / / �

8 е

• f

ь .

• с

@Kendall Hunt PuЬlisblпg Company

Figure S-6: The Hasse Diagram for Exercise 2. 10.3 element i is then in one set and not the other. So both functions are injections, and are inverses of one another, so they are Ьijections. Exercise 2 . 1 0 . 1 Let а and Ь Ье arЬitшry naturals, with а > О. First assume that :Jc : Ь = ас. The natural Ь%а is defined to Ье that natural r such that Ь = qa + r for some q and r < а. Since Ь = ас, we сап take q = с and then r = О, so Ь% а == О. Now assume that Ь%а О. Ву the definition of %, there exists some natural q such that Ь = aq + О. So Ь = aq, and Ьу Existence :Jc : Ь = ас. ==

Exercise 2. 10.2

(а) поt а partial order, поt reflexiYe (Ь) поt а partial oгder, not aпtisymmetric if two differeпt players have the same average (с) is а partial order, transitive because if 2х < у and 2у < z then 2х < z, and the cases involving equality are easy to check - not а total order because neither (2, 3) or (3, 2) are in it

( d) а total order, over {а} given any two different stгiпgs, the shorteг is а pгefix of the longer ( е) поt а paгtial oгder, поt гeflexiYe Exeгcise 2. 10.3 The diagram is shown in Figure S-6. The elements Ь and с аге minimal. The element f is minimal in the partial oгder that remains. After that, а and е are minimal, leaviпg only element d. Exercise 2. 10.4 The diagram is shown in Figure S-7. Exercise 2. 10.5 An infinite partial oгder may fail to have а minimal element. For example, the negative integers foгm а partial ordeг uпdег :::; Ьнt theгe is no minimal element because every element -п has а smaller element -п - 1. The process of taking smaller and smaller elemeпts пееd пеvег stop because theгe is no bound 011 the nнmЬег of elements. Exercise 2. 10.6 We must check the three propeгties: •

•

Reflexive: For any pair ( а, Ь) , Т( ( а, Ь) , ( а, Ь) ) is true because both R(a, a) and S(b, Ь) are trнe, Ьу reflexivity of R and S. Antisymmett"ic: Suppose that Т( ( а, Ь) , ( а', Ь' ) ) and Т ( ( а', Ь' ) , ( а, Ь) ) аге both t1·ue. Then R(a, а') , S(b, Ь') , R(a' , а) , апd S (b', Ь) are all true. Ву aпtisymmetry of R and S, we must have а = а' and Ь = Ь', which togetheг imply (а, Ь) = ( а', Ь; ) . S-26

@Kendall Hunt PuЫishing Сошраоу

Figшe S-7: The Hasse Diagram for Exercise 2. 10.4 •

Тransitive: If we have Т( ( а, Ь) , (а', Ь') ) and Т( ( а', Ь') , ( а", Ь") , we can infer R(a, а') , R(a', а") , S(b, Ь') , and S(b', Ь") . From these, Ьу transitivity o f R and S , we can infer R(a, a") and S(b, b") , which together imply Т ( ( а, Ь) , ( а", Ь" ) ) .

Exercise 2. 10.7 We'll check each pIOperty fог both Р and Q: •

•

•

Reflexive: Let х Ье an arЬitrary element of А U В. If х Е А, then R(x, х) is true, which implies both Р(х, х) and Q(x, x). If х Е В, then S(x, x) is true, which also implies both Р(х, х) and Q(x, х). Antisymmetric: First assume that both Р(х, у) and Р (у, х) are true. The el­ ements х and у must either both Ье in А, in which case R(x, у) and R(y, х) together imply х = у, or both Ье in В, in which case S(x, у) and S(y, х) also imply х = у. If Q(x, у) and Q(y, х) are both true, then х and у must again both Ье in А or both Ье in В, because if they are in different sets only one of the two pairs can Ье in А х В and neither can Ье in R 01' S. So the argument for Р applies and х = у. Тransitive: First assume that Р(х, у) and Р(х, z ) are both true. The elements х and у must either Ье both in А or both in В, and similarly for у and z. So either all three are in А, in which case R(x, у) and R(y, z ) imply R(x, z ) , or all three аге in В and the гesult follows from the transitivity of S. Now suppose that Q(x, у) and Q(y, z ) are both true. If all three аге in А or all three are in В, the argument for Р above goes through unchanged. If х Е А and у Е В, then we must have z Е В and Q(x, z ) is true. Similarly, if у Е А and z Е В, we mнst have х Е А and Q (x, z ) is again tiue.

Exeгcise 2. 10.8 ( а) Reflexive: А 1 . Siпce с divides а апd Ь , i t divides апу liпеаг comЬiпatioп o f а апd Ь iпcludiпg all elemeпts of the arithmetic pгogгessioп. The опlу pгime пumber that could Ье divisiЫe Ьу с is с itself, if it happeпs to Ье pгime. So the aгithmetic pгogгessioп coпtaiпs at most опе pгime, поt iпfiпitely тапу. Exercise 3.4.6 (а) For апу п, 1 is а peгfect squaгe. Fог 3 апd 4, there are по otheгs. For 5, there is also 4. For 6, theгe is also 4. For 7, theгe аге 2 апd 4. Fог 8, theгe is also 4. Fог 9, there аге 4 апd 7. For 10, there are 4, 6, апd 9. Fог 1 1 , theгe are 3, 4, 5, апd 9. Fог 12, theгe аге 4 апd 9. Fог 13, theгe аге 3, 4, 9, 10, апd 12. For 14 theгe are 2, 4, 7, 8, 9, апd 1 1 . For 15, theгe аге 4, 6, 9, апd 10. (Ь) If а = с2 апd Ь = d2 , with both equatioпs takeп modulo п , theп аЬ = (cd) 2 . Exercise 3.4.7 If п is odd, we сап pair each попzеrо пumbeI а with -а, апd поtе that а апd -а have the same square modulo п. Siпce each perfect square сап Ье made Ьу squariпg two differeпt пнmbers, апd there аге опlу п - 1 попzего пнmbers availaЫe, theгe сап Ье at most ( п - 1) /2 perfect sqнares. Exercise 3.4.8 Fог р = 2, р - 1 = 1 2 . The 4k + 1 primes are 5, where р - 1 = 2 2 , 13, wheгe р - 1 = 5 2 , апd 17, wheгe р - 1 = 42 . The other primes are 3, 7, 1 1 , апd 19. For the first thгee, we listed the perfect sqнares iп the solutioп to Exercise 3.4.6 апd р 1 was поt iпclнded. For р = 19, we сап check the squares of the пumbers fIOm 1 through 9 ше verify that попе аге 18. -

Exercise 3.4.9 The 6п + 1 primes greateг thaп 3 are 7 (wheгe -3 2 2 ) , 13 (where -3 = 6 2 ) , апd 19 (where -3 = 4 2 ) . The other primes аге 5 (where 2 is поt а perfect sqнare) , 1 1 (where 8 is поt а peгfect square) , апd 17, where 14 is поt а perfect squaгe. We сап verify this last claim Ьу sqнariпg all the nнmbers from 1 throнgh 8, modulo 1 7, апd пever gettiпg 14. =

S-37

Exercise 3.4 . 10 ( а) If we take а prime number, which must Ье at least 2, and raise it to а power greater than п, we will get а number larger than 2 п . If we then multiply Ьу another positive number, it can only get Ьigger still. (Ь) This is just the uniqueness statement of the Fundamental Theorem of Arithmetic, which we will prove in Section 3.6. Exercise 3.5.1 Let i Ье arЬitrary with 2 < i :::; k and suppose that some numbeI с divides both m1m2 and mi . Without loss of generality, let с Ье pгime (Ьу гeplacing the original с with one of its pгime factois if necessaгy) . Since the pгime factors of m 1 m2 аге those pгimes that divide either m 1 or m2 , с must divide either m1 or m 2 or both. (Formally, this step r·equiгes the Atomicity Lemma to Ье pIOved in Section 3.6.) If с divides m 1 , then m1 is not гelatively piime to mi , and similarly for m 2 . Exeгcise 3.5.2 This will Ье а congruence mod М = 11 · 12 · 13 = 1716. The three numbeгs !VI /m1 are 156, 143, and 132, and гeducing each of these modulo m1 we get 156 = 2 (mod 1 1 ) , 143 = - 1 (mod 1 2 ) , and 132 = 2 (mod 13) . Thus the thгee numbeгs ni аге the inverses of each M/mi modulo m1 , or 6, - 1 , and 7. This gives us а с of 9 · 6 · 156 + 6 ( - 1 ) · 143 + 3 · 7 132 = 10338. So оuг congruence is х = 10338 = 42 (mod 1716) . ·

·

Exercise 3.5.3 ( а) If theгe is а solution х, it must Ье odd, so let х = 2 у + 1 and notice that у must then satisfy у = 2 (mod 3) , у = 3 (mod 4), and у = 1 (mod 5). These three bases are paiгwise relatively prime, so there is а unique solution for у modulo 3 4 · 5 = 60. We can find the solution most easily Ьу tгying y's with у = 1 (mod 5) until we find а solution to the otheг two congruences: 1 and 6 fail but 1 1 woгks. So we know the thгee шiginal congгuences aie solved if and only if у = 1 1 (mod 60) , which is tгue if and only if х = 23 (mod 120). ·

(Ь) Again letting х = 2у + 1 , we get у = 5 (mod 6) from the fiгst congгuence and у = 2 (mod 8) fIOm the third. The first requires у to Ье odd and the second requiгes у to Ье even, so there can Ье no common solution. (с) The least common multiple of the three bases is 180, so if theгe is any solution it will Ье а congгuence modulo 180. The second and third congiuences fогсе х to Ье even, and the first and third force х = l (mod 3) , so we know that х = 4 (mod 6) fог any solution. Of the numbers with last digit 4 up to 180, only 4, 34, 64, 94, 124, and 1 54 satisfy this modulo 6 condition. Of these, only 34 and 124 satisfy the modulo 9 condition (as we can discoveг fгom the sum-of-digits test fгom Excuгsion 3.2) . Then 34 satisfies the modulo 12 condition and 124 does not, so we have found that the single congruence х = 34 (mod 180) exactly descгibes the solutions. Exeгcise 3.5.4 Repгesenting numbeгs Ьу theiг sequence of thгee гesidues, we have that х = (4, 3, 7) and у = (2, 1, 5), so that ху = (8, 3, 35) or ( 1 , 3, 8) . As it happens, this sequence of residues is its own inveгse, since it squмes to ( 1 , 1, 1) . It гemains then, to find the single congгuence modulo М = 7 · 8 · 9 = 504 that chмacterizes the residue sequence ( 1 , 3, 8) . The residues of М/щ аге 72%7 = 2, 63%6 = 7, and 56%9 = 2, so п1 = 4, n 2 = 7, and nз = 5. Thus с = 1 · 4 · 72 + 3 · 7 · 63 + 8 · 5 · 56 = 3851 . So the solution is х = 3851 = 323 (mod 504) . Exercise 3.5.5 The tгiples (2, 3, 4) and ( 1 , 2, 4) are both "relatively prime" Ьу this definition without being paiiwise Ielatively pгime. S-38

Exercise 3.5.6 If х is the unknown number of soldiers, we have found that х = 6 ( mod 7) , х = 7 (mod 8), and х = 3 (mod 9) . Ву the CRT, this implies that х = с ( mod 504) for some с that we can calculate, using some of the work fгom the solution to Exercise 3.5.4 above. We have that с is congl'Uent to 6 · 4 · 72 + 7 · 7 · 63 + 3 · 5 · 56 = 1 728 + 3087 + 840 = 5655, and 5655 = 1 1 1 (mod 504). So the actual number of soldiers must Ье 1 1 1 , 615, 1 1 19, 1624, OI laigeI, and the information that there are "about а thousand" tells us that 1 1 19 is the aпsweI. Exercise 3.5. 7 Using the Extended Euclidean Algorithm, we compute а series of linear comЬinations of 51 and 32 ending in 1 = -5 · 51 + 8 · 32. This means I could transfeI $100 Ьу giving RabЬit 800 Twitcoins and receiving 500 Batcoins in return. Theie aie otheI solutions transferring feweI coins: I could give RabЬit 800 - 51t Twitcoins and get back 500 - 32t Batcoins, for апу integeI t. Taking t to Ье 16, we get а solution where RabЬit gives me 16 Twitcoins worth $512 and I give him 12 Batcoins woith $612. Exeicise 3.5.8 Coidelia and Goneiil could apply the Simple Fшm of the CRT to their information and deteimine х% (97 1 15), which is good enough since 97 · 1 15 > 10000. Simila.Ily, Cordelia and Rega.n could determine х%(97 · 1 19), and Goneiil and Regan could determine х%( 1 1 5 · 1 19), and either of these remainders is good enough to determine the exa.ct value of х. For this to wшk, of course, the thiee moduli must Ье pairwise Ielatively prime, which they are: 97 is prime, 1 1 5 = 5 · 23, and 1 19 = 7 · 17. ·

Exercise 3.5.9 The function is one-to-one because the CRT tells is that there is only one number in that Ia.nge tha.t ha.s given Iemainders mod р and mod q. It is onto because we know that the pair of congruences does have one solution in that Iange, so for a.ny pair theie must Ье a.n х mapping to it. Exercise 3.5.10 If п = рх for some х, and Ь is the inverse of а modulo п, then аЬ = 1 ( mod п ) which means that аЬ = 1 ( mod р ) a.s well, and Ь is an inveise of а modulo р. For the other diiection, we assume that а has a.n inverse modulo ever-y piime dividing п . We can infer that а also has a.n inverse modulo every prime power dividing п, since Ьу the Inverse Theoiem а number has an inveгse modulo ре if and only if it is relatively prime to ре, which is true if and only if it is Ielatively prime to р, which is tr·ue if a.nd only if it has a.n inverse modulo р. We then wгite п a.s а product of piime powers that aie paiгwise гelatively pгime, and use the CRT to get а number Ь that is congruent, modulo each prime роwег ре, to the inveгse of а modulo ре . Then аЬ is congгent to 1 modulo ea.ch of the pгime powers, which Ьу the CRT means that it is congruent to 1 modulo п. Exeгcise 3.6.1 Assume that Р1 Р2 . . . Pr = q1 q2 . . . q8 , wheгe all the p's and q's аге pгime and the p's аге in oгder. We will ргоvе that r = s and that the q's can Ье rearranged to Ье identical to the sequence of p's. First consider р 1 . Ву atomicity, it must divide one of the q's, and since both it and tl1at q are prime, it must equal that q. Rearrange the q's so that q1 = Pl · Then consider р2 , which must divide q2 q3 . . . q8 since р2 . . · Pr = q2 . . . qs Ьу cancellation fгom the шiginal equation. Again using a.tomicity and pгimality, theгe must Ье а q that equals р2 , a.nd we та.у гearrange to ma.ke this q2 . We continue this pгocess to get qз , . . . , q,. equal to р3 , . . . , Pr· гespectively. Тhеге cannot Ье any mше q's because Ьу cancellation, the pгoduct of any гemaining q's is 1 .

S-39

Exercise 3.6.2 If we sort both lists of primes using any of the algorithms fiom а data strнctшes class, the two lists will become identical if and only if they oiiginally had the same number of each prime. Note that we must use а sorting algOiithm that allows fOI two or mOie elements in the list to Ье equal. Exercise 3.6.3 We are given that ad = Ьd and that d > О. Assume that а and Ь are diffeient withoнt loss of geneiality assume а = Ь + с with с > О. Then Ьу the distribнtive law, ad + cd = Ьd, and we know that cd > О because с and d ые both positive. This means that ad =/:- Ьd , contradicting the hypothesis. So if ad = Ьd , а =/:- Ь is impossiЬle. We have used only the distributive law and the fact that the product of two positive nнmbeis is positive. Exercise 3.6.4 Let а and Ь Ье arЬitrary. Assнme D (а, Ь) /\ Р(а) /\ Р(Ь) . Ву the definition of primality, we know that а > 1 , Vc : D(c, а) ---t ((с = 1) V (с = а ) ) , Ь > 1 , and Vc : D (c , Ь) ---t ( (с = 1) V (с = Ь) ) . Specifying the last statement to а , we get D(a , Ь) ---t ( (а = 1) V (а = Ь)) . Since D (a , Ь ) is tiнe, we have (а = 1 ) V (а = Ь ) Ьу modнs ponens. Since а = 1 is rнled онt, а = Ь must Ье true. Exercise 3.6.5 Sнppose х is а positive rational nнmbeI, so that х = а/Ь whel'e а and Ь are pos­ itive natшals. Ву the Fundamental Theorem of Arithmetic, we know that а = Р1 . . . Рт and Ь = qi . . . q5 wheie the p's and q's are prime. Thus х is equal to Р1Р2 . . . Рт ( 1 / qi ) ( 1 / q2 ) . . . ( 1 / q5 ) , and thнs has at least one factorization into pгimes and inverse pгimes. The factorization is not unique, as for example 2( 1/2) and 3( 1 /3) аге both factorizations of 1. However, any positive rational numbeг has а нnique representation in lowest teгms, as а/Ь where а and Ь are l'elatively pгime. In this case the нnique factorization of а and Ь into piimes gives а distinctive factOiization of х into pгimes and inveгse pгimes - it is the only sнch factoгization that does not contain both а prime and its inveгse. Exercise 3.6.6

(а) If х = а + ЬVТ and у = с + dvr, х + у = (а + с) + (Ь + d) vr and ху = (ас + rbd) + (ad + Ьc) vr Ьу simple calcнlation. Ву the closшe of the integeis undeг addition and пшltiplication (including multiplication Ьу r ) , both nнmbeis have the гequired fOim. (Ь) From рагt (а) above, п(ху) = (ас + rbd) 2 - r (ad + Ьс) 2 = а2 с2 + 2rabcd + r 2 Ь2 d2 - ra2 d2 - 2rabcd - rЬ2 с2 . Cancelling the two 2rabcd tel'ms, this equals п(х)п(у) = (а2 - rЬ2 ) (с2 - rd2 ) .

Exercise 3 . 6 . 7 (а) If У � Z, we can show D(Y, Z ) Ьу taking W = Z. I f У � Z i s false, there is an element that is in У but not in Z. No matter what W we union with У, the resнlt will still contain that element and cannot equal Z, so D ( Y, Z) is false. (Ь) А set is pl'ime if and only if it is а singleton set, with exactly one element. Cleaгly any sнbset of а singleton set У is eitheг У OI 0, so Х is prime. Empty sets are not prime Ьу the definition, and а set with moie than one element is not pl'ime because it has а nonempty proper subset У, which satisfies D ( Z, У ) , Z =/:- 0, and Z =/:- У . ( с ) If we make а sepaгate singleton set for each element o f У , then each o f these sets is prime and their union is У. If а нnion of singletoп sets is У, we must have а singleton set fOI each element of У, so the нnion mнst Ье the one that we gave.

S-40

( d ) "If У is prime and D ( Y, Z U Z') , then either D ( Y, Z) or D (Y, Z') ( or both)" .

Proof: Since У is prime it equals {а} for some element а . Since У 1 , t has multiple factorizations including "t" , "t х t" , "t х t х t" , and so fшth. So unique factorization holds only fог t = О and t = 1 , where theгe are no primes at all. =

Exeгcise 3.8.10

puЫi c boolean kenkenNumber while (n % 2 О) n /= О) n /= while (n % 3 while (n % 5 О) n /= while (n % 7 О) n /= return (n == 1 ) ; }

=

(long n) { 2; З; 5; 7;

Any natшal is а Kenken numbeг if and only if its pгime factшization includes only the one-digit primes. When we have removed all the one-digit primes from the factoriza­ tion, we are left with 1 if and only if the original п was а Kenken nнmber. This code will гun quickly on any long argument, since it can have at most 63 pгime factoгs and thus tlшге will Ье at most 63 divisions. Exeгcise 3.8.1 The pгedicate С(х, у) means that х ::::;::: у ( mod r ) . С is reflexive: С(х, х) is true because х ::::;::: х ( mod r ) ( r divides х - х = О) . С is symmetric: If С(х, у) is true, then у ::::;::: х ( mod r ) as well ( because r divides у - х if it divides х - у) and thнs С(у, х ) . С i s transitive: If С ( х , у) and С ( у , z ) , then r divides both х - у and х - z . So i t also divides (х - у) + (у - z ) = х - z , and thнs С(х, z ) is true. Exercise 3.8.2 Both these facts follow from the result that for any natшal х and any positive natural r, there exist natшals q and а such that х = qr + а and а < r. ( This is true because repeated subtraction of r from х will eventually reach а, after q sнbtractions. ) Clear·ly from this result, х is congruent to а which is less than r. If а and Ь are both less then r, and а # Ь, then the integer а - Ь is not equal to О and is too small in absolute value to equal r ш - r , so r cannot divide а - Ь and thus а and Ь are not congшent modulo r.

S-41

Exercise 3.8.3

(а) R 1 is not reflexive, is symmetric, is not transitive (R(2, 3) and R(3, 4) are true but not R( 2, 4) ) . ( Ъ ) R2 i s always true, and thus i s an equivalence relation. (We could let z = ху.) (с) Rз is clearly reflexive and symmetric, and with а little more work vve can see that it is transitive. Suppose that х = ai , у = aj , у = bk , and z = ье. Let m Ье the least common multiple of j and k. Let р Ье any prime number that divides у. Ву unique factorization, р must also divide both а and Ь. Thus the poweI of р that divides у must Ье divisiЫe Ьу both j and k, and thus Ьу m . Since this holds for all piime divisors of у, there exists а numbel' с sнch that cm = у . Внt then since а and Ь aie both powel's of с, so aie х and z and Rз(х, z ) is true.

(d) R4 is Iefiexive and symmetl'ic but not tiansitive. FOI example, R4 (2, 6) and R4 (6, 3)) aie both true but R4 (2, 3) is false. (е) R5 (x, у) is only true if х = у, so it is the identity Ielation which is an equivalence Ielation. Exeicise 3.8.4 (а) SPD is reflexive Ьесанsе fOI any piime, cleaily D (p, х) н D (p, x). It is symmet­ ric because if D (p, х) н D (p, у) for any piime, D(p, у) н D (p, х) foI any piime as well. For tiansitivity, assнme \:/р : D (p, х) н D(p, у) and \:fq : D(q, у) н D (q, z ) , wheie the vмiaЫes р and q Iange only over piimes. Let r Ье an мЬitiary prime. Tl1en D (r, х) н D (r, у) and D(r, у) н D(r, z ) Ьу specification, and D(r, х) н D (r, z ) follows. Since r was aIЬitiaiy, we have pioved \:fr : D (r, х) н D(r, z ) and thus SPD (x, z ) . (Ь) The numbeis that aie poweis of 2 ( otheI than 1) times powers of 3 ( other than 1 ) : 6, 12, 18, 24, 36, 48, 54, 72. (с) FOI any set of piimes {р1 , . . . , pk } , we have an eqнivalence class consisting of all numbeis of the fOim pl1pt2 . . . p�k , wheie each of the i's is а positive natшal. Exercise 3.8.5 We know that addition and multiplication in Zr ме both commutative and associative, and the IUles for addiпg and multiplying polynomials make this still trнe in Zr [x] , along with the distiibнtive law. The additive ideпtity is О and satisfies Ор = рО = О fOI any polynomial. The mнltiplicative identity is 1 . Finally, we have additive inveises Ьесанsе we have а nнmbeI - 1 that we can mнltiply Ьу any polynomial р to get а q such that р + q = О . Exercise 3.8.6

(а) Let G and Н Ье the groups, let g Ье а geneiator of G, and let h Ье а generatOI of Н. Ош isomOiphism f will take the identity of G to the identity of Н, and take g to h. Because it obeys the Iule f(xy) = f(x)f(y) , it must take gi to h i , for every natшal i. And this completely defines the fнnction, Ьесанsе every element of G is equal to gi for some i (including the identity, which is g0 ) . The fнnction is onto, because eveiy element of Н is equal to hi for some i. We shoнld also make sше that no function value is multiply defined - if some element is eqнal to both g i and gj , then gi -j must Ье the identity, and i - j is а multiple of the OideI п of the group. (Ъ) Let one gIOнp Ье Zg and the other Ье Zз х Z з . Both aie clearly abelian gioups with nine elements, but in the second gioup х + х + х is the identity foI eveiy element х, wheie this is not tiue in the fiist gIOнp.

S- 4 2

Exercise 3.8.7 The ring Z m has zero divisors if and only if т is composite, because two nonzero numbers can multiply to т if and only if that is the case. Exeгcise 3.8.8 If х and у wеге both additive identities, х + у would have to Ье equal both to х and to у. Similarly, if they wеге both multiplicative identities, ху would have to Ье equal both to х апd to у. Either is опlу possiЫe if х = у. Exeгcise 3.8.9 The ring rules for additioп аlопе are satisfied because А is an abelian group. The multiplicatioп is cleaгly commutative fгom the definition, and 1 is а multiplicative identity. The multiplication is associative because we can consider (xy)z and x(yz) depending on how many of the elements х, у, and z are 1 . If there aI'e none, both pгoducts are О. If theie is one, both products equal the product of the othel' two elements. If there are two, both pioducts are equal to the thiгd element, and if all three are 1 then so are both pгoducts. If we apply this constгuction to А = Zз , we get а multiplication that is equal to the шdinaгy multiplication in Zз except that now 2 х 2 is О Iatheг than 1. So 2 х ( 1 + 1 ) is О, while (2 х 1 ) + (2 х 1) is 1, апd the distiibutive law fails. Exeicise 3.8.10 +

о

о

о

х х+1

х х+1

О х+1 х

х

х+1

*

о

х х+ 1 О

х+1 х

о

о

х о

о

х х+1

О

о о

х х+ 1

х+1

о

о

х х

х+1

о

х+1

о

We can see fгom the taЫes that both opeгations are commutative, and that О and 1 аге the two ideпtities. The associative and distгibutive pioperties аге haider to veiify Ьу brнte fщсе, Ьнt both hold Ьесанsе they hold in Z 2 [x] , and the only change we have made is to map еvегу term xi to just х. The two sides of the laws in question will map to two polyпomials iп Z 2 [x] that aie eqнal, апd they will not become нneqнal when we sнbstitute х for each xi . The Iing we have constп1cted is not isomщphic to Z 4 because it obeys the rule у + у = О fщ each element у. То get an isomщphism with Z 2 х Z 2 , we must map О to О and 1 to (1, 1 ) , as the latteг is the multiplicative identity of Z 2 х Z 2 . If we map х to either (О, 1) ог ( 1 , О ) , then we must map х + 1 to the other to made the addition work. Then each of these two elements multiplies with 1 or itself to get itself, апd with О ог the other one to get О, апd thus the isomщphism wщks. Exercise 3.9. 1 We know that gcd(x, r ) = gcd(y, r ) = 1, and we must show that gcd(xy, r ) = 1. If any numbel' gгeater· than divided both ху and r, then some pгime р would do so, апd then р would divide either х ог у Ьу atomicity, contiadictiпg one of the two assumptions. Multiplication in ; is associative because multiplication in Zr is. The identity is 1 (which is clearly in Zr) · If а Е Zr, the inverse theoiem tells нs that а has ап inverse modulo r, а number Ь such that аЬ = 1 (mod r ) . Exeгcise 3.9.2 R is reflexive because Ь = Ьа0 . It is symmetiic because if Ь = cai , then с = ba r - l -i (siпce ar -l = 1 ) . It is tiaпsitive because if Ь = cai апd с = daj , then Ь = dai +j . Exeгcise 3.9.3 The addition and multiplication taЫes аге below. Any polyпomial of degree two or more is congl'Uent modulo х 2 + 1 to а polynomial of degiee one Ol' less, since we can S-43

find а multiple of х2 + 1 that agrees with оuг target on all terms of degгee two ог more. The commutative, associative, distributive, and identity pгoperties of the two operations follow from the similar properties of Zз. The additive inverse of the class of р is just the class of -р. From the multiplication tаЫе we can see explicitly that every nonzero element l1as а multiplicative inverse. Z 3 [x] has an Inverse Theoгem like that of the natuгals, so we get an inverse for every polynomial that is relatively prime to our modulus. When the modulus is irreduciЫe as it is here, every nonzeгo congruence class contains polynomials гelatively prime to the modulus. The set С is not isomorphic to Zg , even under addition alone. Every element р of С satisfies р + р + р = О, but in Z9 only О, 3, and 6 satisfy this property. + 2 х x+l х+2 2х + 1 2х + 2 2х о 2 2х + 1 2х + 2 2х х x+l х+2 1 о о 1 1 2 x+l х+2 2х + 1 2х + 2 2х х о х х+2 2х 2 2 x + l 2х + 2 2х + 1 о 2х + 1 2х + 2 2 2х х x+l х+2 1 х о х 2х 2х + 1 2х + 2 2 x+l x+l х+2 о 2 х+2 х+2 х x + l 2х + 2 2х + 1 2х о 2х + 1 2х + 2 1 2 x+l х+2 2х 2х х о 2х + 1 2х + 1 2х + 2 2 2х х x+l х+2 о 2х 2х + 2 2х + 2 2 x+l 2х + 1 х х+2 о

х

о 1 2 х x+l х+2 2х 2х + 1 2х + 2

х 2х 2 x+l х+2 2х + 1 2х + 2 1 о о о о о о о о о о 2 х 2х x+l х+2 2х + 1 2х + 2 о 2 2х + 2 2х + 1 х+2 x+l 2х х о 2 х + 2 2х + 2 х 2х x + l 2х + 1 о 2 2х 2х + 1 х 1 о x + l 2х + 2 х + 2 1 x=l 2 2х х о х + 2 2х + 1 2х + 2 2 2х х 2х + 1 x + l 2х + 2 х + 2 1 о х 2х 2 2х + 2 1 о 2х + 1 х + 2 x + l х 2х х=2 2 о 2х + 2 x + l 2х + 1

Exercise 3.9.4 The nшltiplicative group Z63 is а direct product of Zj and z9, so the elements each have mod-7 residues in { 1 , 2, 3, 4, 5, 6 } and mod-9 residues in { 1 , 2 , 4, 5, 7, 8 } . There are thus 36 elements, which are 1, 2, 4, 5, 8, 10, 1 1 , 13, 16, 1 7, 19, 20, 22, 23, 25, 26, 29, 31, 32, 34, 37, 38, 40, 4 1 , 43, 44, 46, 47, 50, 52, 53, 55, 58, 59, 6 1 , and 62. Exercise 3.9.5 The powers of 2 modulo 1 7 аге 2, 4, 8, 16, 15, 13, 9, 1 , so 2 8 = 1 and 2 is not а generator. But any square root of 2 will Ье а generator, and trial and error tells us that 6 2 = 2 and so 6 1 6 = 1 and 16 is the first i with 6 i = 1 . The powers o f 2 modulo 1 9 are 2, 4 , 8, 1 6 , 13, 7 , 14, 9, 18, 17, 1 5 , 1 1 , 3, 6 , 1 2 , 5, 10, 1 so we see explicitly that 2 is а geneгator. Exercise 3.9.6 If а апd Ь are nonzero elements with а Ь = О in а ring, then а and Ь cannot both have multiplicative inverses, since then we would have 1 = ( аа - 1 ) ( ьь-1 ) = ( а Ь) ( а - 1 ь - 1 ) = о. S-44

Exercise 3.9.7 ( а ) If the characteristic m is equal to аЬ where both а > 1 and Ь > 1, then the numbers х = al (а copies of 1 added together ) and у = Ы are both nonzero, but ху = ( аЬ) 1 = О. So the ring has zero divisors and cannot Ье а field Ьу Exercise 3.9.6.

( Ь ) Let х Ье any element and t Ье its additive ordeг, so that tx = О but t'x =/= О

for all t' < t. Let m Ье the chaгacteгistic of the гing. We know that ml = О, and thus Ьу distribнtivity mx = (ml)x = О. Cleaгly then t :::; m . If t did not divide m, we woнld have m = qt + r with О < r < t. Then mx woнld eqнal (qt + r)x = (qt)x + rx = О + rx = rx =/= О, but we know that mx = О.

( с ) Ву рагt ( а ) , the chaгacteгistic of the field mнst Ье some prime р, and Ьу рагt ( Ь ) еvегу nonzeгo element must then have additive Oider either 1 OI' р, and О is the only element with additive огdег 1 .

Exeгcise 3.9.8 We know that F * is а cyclic gгoup, meaning that there is at least one element g such that the elements of F* can Ье listed as 1 = g0 , g, g2 , . . . , gn - l . So we need to know the number of different values of i such that gi is also а gene1·atOI. This is tгне if and only if i is relatively prime to п. If i and п аге гelatively prime, then Ьу the Inveгse Theorem there is а natural j such that ij = 1 ( mod п ) and thнs gij = g. This means that any element g k of F* can also Ье wгitten gi(jk ) and is а power of gi , so we know that gii is а generatOI. On the otlier hand, if i and п have а common divisor d with d > 1, gi i does not geneгate because its oideг is less than п - in paгticulaг, (gi) n/d = 1 because it equals (gn )i/d . Exercise 3.9.9 It is not possiЫe. If S were any such set of complex numbeгs, it mнst contain both an additive identity а and а multiplicative identity m. We mнst have а = О in OI'deг to have а + m = m. Furthermore, we must have m = 1 in order to have m 2 = m and m �а. Внt then Ьу closure under addition, S mнst also contain the elements 1 + 1 , 1 + 1 + 1 , 1 + 1 + 1 + 1" . . , and cannot Ье finite. Exeгcise 3.9. 10 If the number of elements is not а роwег of р, then some other piime q divides it, and Cauchy's Theorem says that an element of OI'deг q exists, contгadicting Exeгcise 3.9.7. Exeгcise 3 . 1 1 . 1

( а) (Ь) (с) (d) ( е)

COGITO, ERGO SUM ( Descartes, "I think, theгefoгe I am" )

Е PLURIBUS UNUM ( Great Seal of the U.S.A, "Out of many, one" )

ЕТ TU, BRUTE? ( Shakespeaгe's Julius Caesar, "And уон, Bгutнs?" )

VENI, VIDI, VICI ( Jнliнs Caesar, "I came, I saw, I conqнeied" )

ROMA I IТЕ DOMUM ( Monty Python's Life of Brian, "Romans, go home" )

Exeгcise 3 . 1 1 .2 If а is relatively pгime to m, we know an integer с exists such that ас = 1 ( mod m) Ьу the Inveise Theorem. If we let f(x) = ах + Ь and g(x) = с(х - Ь) , then f(g(x)) = g (f(x)) = х. If а and m have а common factOI' r > 1 , then all values of f(x) аге congгнent to Ь modulo r and f cannot Ье onto as it misses the otheг elements. Exeгcise 3. 1 1.3

puЫi c String rotate (String w , int k) {// rotates each letter of w Ьу k, leaves non-letters alone string out ; f or ( int i=O ; i < w . length ( ) ; i++) { =

" "

S-45

char ch = w . charAt (i ) ; char outch ; if ( ( ' а ' =

8-52

у) н (х - у -/=- О). We prove this lemma Ьу induction on all х with х > у: The base case is х = S(y) wheгe х - у = 1 -/=- О. Then if х - у -/=- О, it follows that S(x) - у = S(x - у) -/=- О. Given the lemma, we let х Ье агЬitrагу and compute (х + S(y) ) - S(y) . Ву the definition of suЬtraction, it is the pгedecessor of (x+S(y) ) - y unless (x+S(y) ) - y = О, but the lemma гules out this latter case because х + S(y) � S(y) > у. Ву а fact we pl'Oved about addition, (х + S(y)) - у = ( S(x) + у) - у. Since we are assuming Р(у) , we know that this latteг expression equals S(x), as desiгed. We now tuш to Q(y) , the statement 1::/х : (х � у) ---+ (х - у) + у = х. For the base Q(O) , let х Ье аrЬitгагу апd note that ( х � О) ---+ ((х - 0) + О = х) follows from tгivial ргооf, giveп the definitioпs of suЬtraction апd additioп. So assume 1::/х : (х � у) ---+ (х - у) + у = х and we set out to prove 1::/х : (х � S(y)) ---+ (х - S(y)) + S(y) = х. Let х Ье aгЬitrary and assume that х � S(y) . Ву the Lemma, we know that х - S(y) = О if and only if х = S(y) . ln the case that х = S(y) , (x - S(y) ) + S(y) = O + S(y) = S(y) as desired. In the other case, we know that х - S(y) is not О, so it is the pгedecessoг of х - у. We thus пееd to compute pred(x - y ) + S(y) = S(pred(x - y ) ) +y = х - у+у = х, wheгe the next to last step uses the fact that х - у -/=- О. Exeгcise 4.6.4 Let х and у Ье агЬitrагу, and use ordinaгy induction on z . Fог the base case, х - (у+О) апd (х - у) - 0 аге both equal to х - у. For the inductive case, assume that x - (y+z) = (х - у) - z and set out to prove х - (у + S(z)) = (х - у) - S(z) . The left-hand side is х - S(y + z), which is the pгedecessoг of х - (у + z), ог О is х - (у + z) = О. The гight-hand side is the pгedecessoг of (х - у) - z, or О if ( х - у) - z = О. Ву the inductive hypothesis, tl1e11, the left-haпd side and гight-haпd side аге the same. Exeгcise 4.6.5 We fi1·st pl'Ove a lemma that times ( x , pred (w) ) =t ime s ( x , w) - x if w > O. We use induction on all positive w. For the base of w = 1, times (x , О) time s ( x , 1) х is true as both sides аге О. Fог the induction, t ime s ( x , pred ( S (w) ) ) = t imes (x , w) х + t ime s ( x , pred (w) ) . Ву the iпductive hypothesis this is х + (time s ( x , w ) - х) = (х + times (x , w) ) - х = time s ( x , S (w) ) - х . =

=

Now t o the main гesult. We let х апd у Ь е arЬitгary and use induction o n z . Fог the base case of z = О, times ( x , у - О) t ime s ( x , у) - time s ( x , О) as both sides equal t imes (х , у) . So assume that times (x , у - z) = time s ( x , у) - time s ( x , z) апd set out to ргоvе that t ime s ( x , у - S (z) ) time s ( x , у) times ( х , S (z) ) . The left-hand side is х times а numbeг that is eitheг the pгedeces­ soг of у - z, ог О if у - z = О. Ву the lemma, this is t imes (x , у - z) - х, ог О if y - z = O. The гight-hand side is t ime s ( x , у) - (time s ( x , z) + х) . If t imes (x , у) >= times (x , z) , this is ( times ( x , у) - times (x , z ) ) - х, which Ьу the inductive hypothesis equals the гight-hand side. The otheг case of time s ( x , у) < t imes ( z , у ) implies that у < z, and i n this case both sides o f the equation аге zel'O. ( We are implicitly usiпg а lemma that if х > О, t ime s ( x , у) < time s ( x , z) if and опlу if у < z - this is easy to prove Ьу induction on х. =

=

Exeгcise 4.6.6 ( а) We must show that each operation is commutative, associative, and has an iden­ tity, апd that the distгibнtive law holds. 111 the case of modular aгithmetic, we know that the class modнlo m of а sum ог а pгoduct does not depend on the represeпtative of the coпgrнence class we choose as an iпput. Thus to prove any identity over congгнence classes, such as а + Ь = Ь + а ог а(Ь + с) = аЬ + ас, it S-53

suffices to observe that the same identity holds over the integers. If, for example, we choose any three integers а, Ь, and с, we know that а(Ь + с) and аЬ + Ьс are the same integer. If we replace any of those three integers Ьу otheis that are congruent to them modulo m, the congruence class of each expression remains the same, so the two classes remain equal. The identity properties of О for + and 1 for х over the integers imply the same properties modulo m. (Ь) Неге once again we can think of an operation threshold t as being the same opeiation over the naturals, followed Ьу Ieplacing the Iesult Ьу its equivalence class fOI the Ielation where all naturals t oI gieateI are considered equivalent. FOI each of the propeities, the left-hand and Iight-hand sides yield the same natural result fOI any paiticular choice of inputs, so they yield equivalent results if we choose equivalent гepresentatives. The identities Iemain О for + and 1 for х.

Exercise 4.6.7 We know that tl1e minimum and addition operations аге commutative and associative for ordinary real numbers, and it is easy to check that the presence of оо does not change any of these properties. The minimum of х and у is the same as the minimum of у and х, and the minimum of х, у, and z does not depend on any parenthesization. The sum of any two numbers, or of any three numbers, including оо is just оо, no matter the oгder or the parentheses. For the distributive law, we must check that х plus the minimum of у and z is the minimum of х + у and х + z, which is clearly true Ьу cases. The identity for the new "addition" ( minimum) is оо , and the identity for the new "multiplication" (addition) is О. Exercise 4.6.8 We've observed in ChapteI 1 that the AND and OR operations are each commutative and associative, and that AND distributes over OR. (OR also distributes over А D, but that is not а semiring pioperty.) The identities are О for OR and 1 for AND. Exercise 4.6.9 А polynomial in S [x] is а finite sum of teгms of the form axi , where а is an element of S and i is а natural. If f and g are each such polynomials, we define f + g to Ье the sum of terms (а + Ь)хi for every i , where а and Ь are the xi coefficients in f and g respectively and the sum uses the addition operation of S. ( We can take any missing coefficients to Ье О.) This addition of polynomials is commutative and associative because for each value of i, the coefficients on each side are computed from the same inputs using the commutative and associative operations of S. The empty sum О is the additive identity. То find the product of two polynomials f and g, we take every pair of terms axi in f and ЬхJ in g and form а new term (aЬ)xi+j , with the multiplication being taken in S. We then collect all these terms, adding together (using the addition of S) any that have the same exponent of х. If we reverse f and g, we get the same terms because S's multiplication is commutative, and the same sum because S's addition is commutative and associative. The polynomial " 1" , with the single term lx 0 vvhere 1 is the identity of S, is the identity for polynomial multiplication. Why is this multiplicatioп associative? If we compute f(gh) or (f g ) h for three poly­ nomials f, g, and h, then eitheг way we will pгoduce exactly one term fOI each triple of teгms ( axi , ЬхJ , cxk ) coming fгom f, g, and h respectively, and the value of this term will Ье (abc)xi+J +k . Because multiplication iп S and addition iп N are each associa­ tive, we get equal terms, and because addition in S is commutative and associative, S-54

we will get the same гesult eitheг way fог the sum of teгms with each exponent. Similaгly, in computing J(g + h) and fg + fh, we will get the same teгms of the fшm abxi+j ог acxi + k eitheг way, and because addition in S is commutative and associative we will get the same гesult as the coefficient of eitheг fог each possiЫe exponent. Exeгcise 4 . 6 . 10 We ргоvе 'Vx : А(х, х) Ьу induction on all natuгals х. Fог the base case, we are given that А(О, О ) is true. Ош inductive hypothesis is А(х, х), and оuг inductive goal is A(Sx, Sx) . The fiгst geneгal гule tells us that A(Sx, у) is false, and the second (speciialized to Sx and у) tells us that A(Sx , Sx) is true, as desiгed. Exeгcise 4.7. 1 Ву the fiгst axiom Л is а string, Ьу using the second axiom thгee times we show that а = аррепd(Л, а), аЬ = append(a, Ь) , and аЬа = append(ab, а) аге all strings. Exercise 4.7.2

puЫic boolean isEqual ( string х, string у) {// returns true if х == у if ( isEmpty (х) ) return isEmpty (у) ; if ( isEmpty (у) ) return false ; if (last (x) == last (y) ) return isEqual (allButLast (x) , allbutLast (y) ) ; else return false ; }

Exeгcise 4.7.3 Define ос(Л) to Ье Л , oc(wO) to Ье oc(w ) l , and oc(wl) to Ье oc(w)O. Exeгcise 4.7.4

puЬlic string ос ( string w) {// returns one ' s complement of w if ( isEmpty (w) ) return emptyString ; string осаЫ = oc ( allButLast (w) ) ; if (last (w) ' 0 ' ) return append ( о саЫ , ' 1 ' ) ; if (last (w) == ' 1 ' ) return append ( о саЫ , ' О ' ) ; throw new Exception ( " ос called on non-Ьinary string" ) ; } ==

Exeгcise 4.7.5

puЫic String rev (String w) {// returns reversal of w , computed without recursion String out = " " ; for ( int i = w . length ( ) - 1 , i >= О , i--) out += w . charAt ( i ) ; return out ; } puЫic String revRec (String w) {// returns reversal of w , computed recursively int n = w . length ( ) ; if (n == О) return " " ; return revRe c (w . substring ( l , n) ) + w . substring ( l ) ; }

Exeгcise 4.7.6 А stгing и is а suffix of Л if and only if it is empty. . А stгing иа is а suffix of а stгing w if and only if ( 1 ) w va fог some stгing v and (2) и is а suffix of v . =

Exeгcise 4 . 7. 7

puЫic stat i c boolean i sSuffix ( string u , string v) { if ( isEmpty (u) ) return isEmpty (v) ; if ( isEmpty (v) ) return false ;

S-55

�1

п. 1 п.

п. .

•

5

2

п. 1

s (f!iI \f!it?

5

1