Siksha Sarovar

Siksha Sarovar (sikshasarovar.com) is a free educational web application that helps students in India learn programming and prepare for academic and competitive exams. The platform offers structured coding courses (C, C++, Python, Java, HTML, CSS, PHP, Power BI, AI, Machine Learning, Data Science), complete university curriculum notes for BCA/MCA students with previous year question papers, Class 10 and Class 12 CBSE/HBSE school notes, and dedicated preparation material for SSC, UPSC, Banking, Railway and other government exams. Browsing the site is completely free and requires no account. Users may optionally sign in with Google solely to save their learning progress, quiz scores and personal preferences across devices.

Privacy Policy | Terms of Service | Contact Siksha Sarovar | About Siksha Sarovar

v4.0.9 · PWA
Siksha Sarovar logo
Siksha Sarovar
Your Learning Universe

Siksha Sarovar is a free e-learning platform for coding courses, BCA university notes and competitive exam preparation. Optional Google sign-in saves your learning progress across devices.

Initializing knowledge base…
Compiling modules 0%

Unit 5: Modular Arithmetic, Congruences & Cryptography

Lesson 15 of 17 in the free Mathematical Foundation of CS notes on Siksha Sarovar, written by Rohit Jangra.

14.1 Congruences

a ≡ b (mod m) iff m | (a − b), equivalently a and b leave the same remainder on division by m. Congruence mod m is an equivalence relation on Z (Unit 1) whose classes are the residues {0, 1, ..., m − 1} = Z_m.

Arithmetic rules. If a ≡ b and c ≡ d (mod m), then:

OperationResult
Additiona + c ≡ b + d (mod m)
Subtractiona − c ≡ b − d (mod m)
Multiplicationa·c ≡ b·d (mod m)
Powera^k ≡ b^k (mod m) for k ≥ 1
DivisionNOT allowed in general — see 14.3

The reduce-early trick: (38 × 41) mod 7 = (3 × 6) mod 7 = 18 mod 7 = 4 — never carry big numbers when their residues suffice.

14.2 Worked Example 1 — Fast Modular Exponentiation

Compute 3^13 mod 7 by repeated squaring (13 = 8 + 4 + 1 = 1101 in binary):

3^1 ≡ 3          (mod 7)
3^2 ≡ 9  ≡ 2     (mod 7)
3^4 ≡ 2^2 ≡ 4    (mod 7)
3^8 ≡ 4^2 ≡ 16 ≡ 2 (mod 7)
3^13 = 3^8 · 3^4 · 3^1 ≡ 2 · 4 · 3 = 24 ≡ 3 (mod 7)

Only 5 multiplications instead of 12, and intermediate values never exceed m^2. This O(log k) algorithm is the computational heart of RSA and Diffie–Hellman, where exponents have hundreds of digits.

14.3 Linear Congruences and Modular Inverses

a·x ≡ b (mod m) has a solution iff gcd(a, m) | b; if g = gcd(a, m) divides b there are exactly g solutions mod m. When gcd(a, m) = 1, the number a has a unique inverse a⁻¹ with a·a⁻¹ ≡ 1 (mod m), found by extended Euclid (Lesson 13).

Worked Example 2 — solve 7x ≡ 3 (mod 26).

  1. gcd(7, 26) = 1, so a unique solution exists. Find 7⁻¹ mod 26 by extended Euclid:
  2. 26 = 3·7 + 5; 7 = 1·5 + 2; 5 = 2·2 + 1.

  3. Back-substitute: 1 = 5 − 2·2 = 5 − 2(7 − 5) = 3·5 − 2·7 = 3(26 − 3·7) − 2·7 = 3·26 − 11·7.
  4. So −11·7 ≡ 1 (mod 26), i.e., 7⁻¹ ≡ −11 ≡ 15 (mod 26). Check: 7·15 = 105 = 4·26 + 1 ✔.
  5. x ≡ 15·3 = 45 ≡ 19 (mod 26). Check: 7·19 = 133 = 5·26 + 3 ✔.

(Mod 26 is no accident — this is exactly how the decryption key of an affine cipher c = (7p + k) mod 26 is derived.)

Why division is dangerous: 6 ≡ 36 (mod 10), but dividing by 2 gives 3 ≡ 18 (mod 10), which is false. Cancelling a factor c is legal only when gcd(c, m) = 1 — otherwise the modulus must be divided too: 3 ≡ 18 (mod 5) is true.

14.4 Fermat's Little Theorem

If p is prime and p ∤ a, then a^(p−1) ≡ 1 (mod p). (Equivalently a^p ≡ a (mod p) for all a.)

Worked use — collapse a huge exponent: compute 7^222 mod 11. Since 11 is prime and 11 ∤ 7, we know 7^10 ≡ 1 (mod 11). Write 222 = 22·10 + 2:

7^222 = (7^10)^22 · 7^2 ≡ 1^22 · 49 ≡ 49 ≡ 5 (mod 11).

FLT also gives inverses instantly: a⁻¹ ≡ a^(p−2) (mod p). It underlies the Fermat primality test (pick random a, check a^(n−1) ≡ 1 mod n) and its industrial-strength refinement Miller–Rabin, which is how OpenSSL finds the large primes for your TLS connections.

14.5 Applications: Hashing, Check Digits, and RSA

  1. Hashing: h(k) = k mod m; choosing m prime and far from powers of 2 spreads structured keys (Lesson 13). Congruence classes are the buckets.
  2. Check digits: ISBN-10 requires Σ (i · x_i) ≡ 0 (mod 11) over positions i = 1..10 — it catches every single-digit error and every transposition, because 11 is prime.
  3. Linear congruential generators: x(n+1) = (a·x(n) + c) mod m produce pseudo-random streams; period analysis is pure congruence theory.
  4. RSA sketch: choose primes p, q; n = p·q; pick e coprime to (p−1)(q−1); compute d = e⁻¹ mod (p−1)(q−1) by extended Euclid. Encryption c = m^e mod n, decryption m = c^d mod n — correctness is Fermat/Euler, feasibility is fast exponentiation, and security is the difficulty of factoring n.

14.6 Common Mistakes

  • Cancelling a common factor without checking gcd with the modulus (14.3).
  • Applying Fermat with a composite modulus, or to a when p | a.
  • Reporting negative residues: −11 mod 26 should be normalized to 15.

🎯 Exam Focus

  1. Define congruence modulo m and prove it is an equivalence relation on Z.
  2. Compute 5^117 mod 19 using Fermat's little theorem, showing each reduction.
  3. Solve 9x ≡ 6 (mod 21). How many incongruent solutions exist mod 21? (Hint: gcd = 3.)
  4. Find 11⁻¹ (mod 26) by the extended Euclidean algorithm and verify it.
  5. Compute 2^90 mod 13 by repeated squaring, listing every intermediate square.
  6. Explain why hash tables prefer prime moduli, using congruence classes of keys of the form k = 4j.