We are going to work module \(m\) where \(m\) is an integer. Now, recall that the order of \(a \pmod{m}\) is the smallest positive integer \(n\) such that

$$ \begin{align*} a^n \equiv 1 \pmod{m} \end{align*} $$

Also recall Euler’s theorem which says that if \((a,m) = 1\), then

$$ \begin{align*} a^{\varphi(m)} \equiv 1 \pmod{m} \end{align*} $$

where \(\varphi(m)\) is Euler’s Totient function. From this we learned that the order of \(a\) must divide \(\varphi(m)\).

Why? write \(\varphi(m) = nq + r\) where \(n\) is the order. By the division algorithm, \(0 \leq r < n\). Then, $$ \begin{align*} a^{\varphi(m)} \equiv a^{nq + r} \equiv a^{nq} \cdot a^r \equiv (a^n)^q \cdot a^r \equiv a^r \pmod{m} \end{align*} $$ But then we know that \(a^{\varphi(m)} \equiv 1 \pmod{m}\). So \(a^{r} \equiv 1 \pmod{m}\). But \(n\) is the smallest integer such that \(a^n \equiv 1 \pmod{m}\). Therefore, \(r = 0\). But this implies that \(\varphi(m)\) must be a multiple of \(n\). \(\blacksquare\)

So the maximum possible order of \(a\) is \(\varphi(m)\) (why? because the group of units modulo \(m\) has size \(\phi(m)\)). Based on this, we have the following definition

\(a\) is called a primitive root if the order of \(a\) is equal to \(\varphi(m)\)

This condition is equivalent to the following statement

The powers of \(a\): \(a^0,a^1,\cdots,a^{\varphi(m)-1}\) are exactly the residue classes coprime to \(m\).

This happens because \(\varphi(m)\) itself is the number of integers less than \(m\) that are coprime to \(m\). So if \(a\)’s order is exactly \(\varphi(m)\), then all the powers of \(a\) will be residue classes coprime to \(m\).

Today’s lecture will be about which numbers have primitive roots? how many primitive roots do they have if any? and how do we find them? Instead of starting with theorems, we will do this through computing the primitive roots for many integers

Primitive Roots of \(1\) to \(8\)

We’ll start by computing the primitive roots for the integers (1) through (8) by hand as follows

\(m\)coprime to \(m\)\(\varphi(m)\)Primitive Roots
\(1\)\(0\)\(1\)\(0\)
\(2\)\(1\)\(1\)\(1\)
\(3\) \((o(1)=1),(o(2)=2)\)\(2\) \(2\)
\(4\) \((o(1)=1), (o(3)=2)\) \(2\) \(3\)
\(5\) \((o(1)=1), (o(2)=4), (o(3)=4), (o(4)=2))\) \(4\) \(2,3\)
\(6\) \((o(1)=1), (o(5)=2)\) \(2\) \(5\)
\(7\) \((o(1)=1), (o(2)=3), (o(3)=6)\),\((o(4)=3), (o(5)=6), (o(6)=2)\) \(6\) \(3,5\)
\(8\) \((o(1)=1), (o(3)=2)\),\((o(5)=2), (o(7)=2)\) \(4\) \(-\)

We notice that \(8\) is the first number with no primitive roots and we notice that one of the obstructions to \(8\) not having primitive roots is that \(8\) has \(4\) solutions to

$$ \begin{align*} x^2 \equiv 1 \pmod{m} \end{align*} $$

Why is this an issue here? Observe that if \(g\) was a primitive root, then it generates the group of units modulo \(m\) root. Then, if we want to find the solutions to \(x^2 \equiv 1 \pmod{m}\), then any solution can be written as some power of \(g\). So write \(x\) as \(g^k\) for some integer \(k\). Then

$$ \begin{align*} x^2 \equiv g^{2k} \equiv 1 \pmod{m} \end{align*} $$

But \(g\) has order \(\varphi(m)\) so we must have that \(\varphi(m) \mid 2k\). But since \(0 \leq k \leq \varphi(m)\) (why? because we have \(\phi(m)\) elements in the group), then \(k\) must either be \(0\) or \(\varphi(m)/2\). So the solutions are

$$ \begin{align*} g^0 \equiv g^{\varphi(m)} \quad \text{and} \quad g^{\varphi(m)/2} \end{align*} $$

Therefore, when \(g\) is a primitive root modulo \(m\), then there are only two solutions to \(x^2 \equiv 1 \pmod{m}\). In fact, this turns out to be a necessary condition for knowing whether an element has primitive roots or not. Since \(8\) here has \(4\) elements of order \(2\), then we know it can’t have a primitive root.

Primitive Roots of \(9\) to \(13\)

Let’s now look at more integers and their primitive roots

\(m\)coprime to \(m\)\(\varphi(m)\)Primitive Roots
\(9\) \((o(1)=1), (o(2)=6)\),\((o(4)=3), (o(5)=6), (o(7)=3), (o(8)=2)\) \(6\) \(2,5\)
\(10\) \((o(1)=1), (o(3)=4)\),\((o(7)=4), (o(9)=2)\) \(4\) \(3,7\)
\(11\) \(\) \(10\) \(\geq 2\)
\(12\) \(o(1)=5, o(5)=2, o(7)=2, o(11)=2\) \(4\) \(-\)
\(13\) \(\) \(12\) \(\)

For \(9\), well \(9\) is \(3^2\). We know \(3\) has one primitive root which is \(2\) so we should only look at \(2, 5\) and \(8\). From this list, we can find out that only \(2\) and \(5\) have order \(6\). Therefore, \(9\) has those two primitive roots only.

For \(10\), we know there are \(4\) candidates: \(1, 3, 7, 9\). We could compute their orders manually but we could also observe that \(10 = 5 \cdot 2\). By CRT, the numbers modulo \(10\) can be identified with numbers modulo \(5\) and numbers modulo \(2\). We know that the primitive roots of \(5\) are \(2\) and \(3\). So we can check these. Also, if \(g\) is a primitive root modulo \(n\), then either \(g\) or \(g+n\) (whichever is odd) is a primitive root modulo \(2n\).

For \(11\), first notice that the order of \(a\) must divide \(\varphi(11) = 10\). So the order of \(a\) must be in \(\{1,2,5,10\}\). But \(11\) is prime so the number solutions to

$$ \begin{align*} g^d \equiv 1 \pmod{11} \end{align*} $$

is at most \(d\) (We showed this last lecture). Therefore, we can workout the number of elements of each order. For example, there are at most \(1\) element of order \(1\) since \(g^1 \equiv 1 \pmod{11}\) can have at most \(1\) solution. Similarly, \(g^2 \equiv 1 \pmod{11}\) can have at most \(2\) solutions and \(g^5 \equiv 1 \pmod{11}\) can have at most \(5\) solutions. Therefore, we have at most \(1+2+5 = 8\) elements of order \(1\), \(2\) or \(5\). This implies that we must at least have \(2\) elements of order \(10\). Thus, there are at least \(2\) primitive roots modulo \(11\). So by carefully counting, we can sometimes figure out if an integer has primitive roots without calculating the order of each element.

For \(12\), we have \(4\) numbers that are coprime to \(12\) and we notice that all of them have order \(2\) except for \(1\) so there are no primitive roots. Why were there no primitive roots? Notice that \(12 = 4 \cdot 3\). So now we can count the number of solutions to

$$ \begin{align*} x^2 \equiv 1 \pmod{m} \end{align*} $$

When \(m = 4\), there are exactly \(2\) solutions and when \(m = 3\), there are at least 2 solutions. So there are at least \(4\) solutions. So this leads us to having no solutions. In fact, if \(m = 4 \cdot \text{ odd number}\), then we don’t get any primitive roots.

Primitive Roots of \(13\)

What about \(13\)? \(13\) is prime. \(\varphi(13) = 12\). Then, the order of any element \(g\) must divide \(12\) and so it must be in \(\{1,2,3,4,6,12\}\). The number of elements of each order is at most

\(d\) \(1\)\(2\)\(3\) \(4\)\(6\)
elements of this order (at most) \(1\)\(2\) \(3\)\(4\)\(6\)

Therefore, there are at most \(1 + 2 + 3 + 4 + 6 = 16 > 12\) elements. But this doesn’t give us information to conclude whether we have elements of order \(12\) or not so this method fails for us. However, we can count more accurately. How? Let’s look at the elements of order \(6\). Suppose we have an element \(g\) of order \(6\). Then are the elements

$$ \begin{align*} 1, g, g^2, g^3, g^4, g^5 \end{align*} $$

are all roots of \(x^6 \equiv 1 \pmod{13}\) (we proved this last lecture and also if you take any of these elements, then \((g^k)^n \equiv 1 \pmod{13}\). Now, out of these \(6\) roots, only two of them have order \(6\). This is because the order of \(g^k\) is

$$ \begin{align*} o(g^k) = \frac{h}{\gcd(h, k)} \quad \text{ where } h \text{ is the order of $g$ modulo $13$} \end{align*} $$
Proof: Given an element \(g\) of order \(h\) modulo \(n\). Consider \(g^k\). The order of \(g^k\) is the smallest integer \(m\) such that $$ \begin{align*} (g^k)^m = g^{km} \equiv 1 \pmod{n} \end{align*} $$ But since \(g\) has order \(h\). Then we know that we must have \(h \mid km\). Now, $$ \begin{align*} h &\mid km \\ \frac{h}{\gcd(h,k)} &\mid \frac{k}{\gcd(h,k)}m \end{align*} $$ Clearly \(\gcd(\frac{h}{\gcd(h,k)},\frac{k}{\gcd(h,k)}) = 1\). Therefore, we must have that $$ \begin{align*} \frac{h}{\gcd(h,k)} \mid m \end{align*} $$ Furthermore, observe that $$ \begin{align*} (g^k)^{\frac{h}{\gcd(h,k)}} \equiv (g^h)^{\frac{k}{\gcd(h,k)}} \equiv 1^{\frac{k}{\gcd(h,k)}} \equiv 1 \pmod{n} \end{align*} $$ But \(m\) is the smallest integer such that \((g^k)^m \equiv 1 \pmod{n}\). Then we must also have that $$ \begin{align*} m \mid \frac{h}{\gcd(h,k)} \end{align*} $$ Therefore $$ \begin{align*} m = \frac{h}{\gcd(h,k)} \end{align*} $$

So we can only have at most two elements of order \(6\). In fact, the limit on the number of roots is not just \(d\), it is in fact \(\varphi(d)\). So if we go back

\(d\) \(1\)\(2\) \(3\)\(4\)\(6\)
elements of this order (at most) \(\varphi(1)=1\)\(\varphi(2)=1\) \(\varphi(3)=2\)\(\varphi(4)=2\)\(\varphi(6)=2\)

Therefore, we have at most \(1+1+2+2+2=8\) elements of order less than \(12\). Thus, we have at least \(4\) elements of order \(12\).

Primitive Roots when \(p\) is Prime

The previous argument works for all primes. Based on this, we can then prove the following theorem.

If \(p\) is prime, then \(p\) has a primitive root.

But first a side note:

This means that there exists an element \(a\) such that the order of \(a\) is exactly \(p-1\). We do know that by Fermat's little theorem if \(\gcd(a,p)=1\), then we get $$ \begin{align*} a^{\varphi(p)} \equiv a^{p-1} \equiv 1 \pmod{p} \end{align*} $$ But this only says that the order divides \(p-1\).

Proving this theorem depends on two facts:

  1. \(x^d \equiv 1 \pmod{p}\) has at most \(d\) roots when \(p\) is prime.
  2. For any \(n\), \(\sum_{d \mid n} \varphi(d) = n \)

Proof

Since \(p\) is prime, then \(\varphi(p) = p-1\). We want to show that there exists an element \(g\) such that the order of \(g\) is exactly \(p-1\).

Let \(n = p-1\). We know that the order of any element modulo \(p\) must divide \(n\). Define \(N_d\) to be the number of elements of order exactly \(d\). Since we exactly have \(p-1=n\) elements less than \(p\), then

$$ \begin{align*} \sum_{d \mid n} N_d = n \end{align*} $$

Now, using fact (1), we know that for any order \(d\), the number of the elements of that order \(N_d\) must be at most \(\varphi(d)\). That is

$$ \begin{align*} N_d \leq \varphi(d) \end{align*} $$

If we sum over all divisors \(d\), then

$$ \begin{align*} \sum_{d \mid n }N_d \leq \sum_{d \mid n } \varphi(d) \end{align*} $$

But using fact \(2\), we know that the right hand side is exactly \(n\)

$$ \begin{align*} \sum_{d \mid n }N_d \leq \sum_{d \mid n } \varphi(d) = n \end{align*} $$

Using the first equation we know that the left hand side is also \(n\). Therefore, all inequalities are equalities. so

$$ \begin{align*} N_d = \varphi(d) \quad \text{ for any } d \mid n \end{align*} $$

In particular, if we take \(d = p-1\) combined with the fact that \(\phi(n) \geq 1\) for any \(n\), then

$$ \begin{align*} N_{p-1} = \varphi(p-1) \geq 1 \end{align*} $$

Therefore, we must have a primitive root when \(p\) is prime. \(\blacksquare\)

We still need to prove fact \(2\)

For any \(n\), \(\sum_{d \mid n} \varphi(d) = n\)

Proof

Let \(S = \{1,2,\cdots,n\}\). Partition \(S\) by \(d = gcd(k,n)\). For each divisor of \(d \mid n\)

$$ \begin{align*} N_{p-1} = \varphi(p-1) \geq 1 \end{align*} $$

TODO ….

Primitive Roots of \(14\) to \(15\)

When \(n = 14\), then \(14 = 7 \cdot 2\). \(7\) is an odd prime so it has a primitive root. Therefore, \(14\) has a primitive root.
When \(n = 15\), we have no primitive roots. One way to see this is to notice that \(15 = 3 \cdot 5\). Let’s count the solutions to

$$ \begin{align*} x^2 \equiv 1 \pmod{3} \quad \text { and } \quad x^2 \equiv 1 \pmod{5} \end{align*} $$

There are two solutions modulo \(3\) and two solutions modulo \(5\) so there are \(2 \cdot 2 = 4\) solutions modulo \(15\). So there are no primitive roots modulo \(15\). In general, if

$$ \begin{align*} m = p \cdot q \text { where } p,q \text{ are odd primes and } p\neq q \end{align*} $$

Then we don’t have primitive roots.

For \(n = 16\). We know \(16 = 8 \cdot 2\). Recall that if \(ab\) has a primitive root, then so does \(a\). Then because \(8\) has no primitive roots, then \(16\) can’t have primitive roots.

How to Find Primitive Roots?

So to summarize again, we saw that \(m\) doesn’t have primitive roots when (m) is divisible by \(8\), \(4p\), \(pq\) where \(p\) and \(q\) are odd primes and \(p \neq q\). So what numbers are left?

$$ \begin{align*} 1, 2, 4, p^n \text{ ( $p$ odd) }, 2p^n \text{ ($p$ odd)} \end{align*} $$

We showed above that \(1, 2\) and \(4\) have primitive roots. We also showed that \(p\) when \(p\) is prime has primitive roots. \(p^n\) also has a primitive root (why? next lecture covers this). \(2p^n\) also has a primitive root. This is because if \(p\) has a primitive root and \(p\) is odd, then \(2p\) has a primitive root (Proof?)

References