Develop Reference

Can I ignore the last k while expanding (a + b) % k?

Today I was trying to solve a problem that involved modular arithmetic. I was not able to solve it. So I looked it up on Geeks for Geeks
The above image shows what the author did. I know modular addition for two numbers
(a + b) % m = (a % m + b % m) % m
This works for any positive values of a and b
When I consider the equation the author used in the image.
a % k + b % k = 0
I substituted some random values for a , b and k to see if it really works. It turns out it fails for the input values a = 2, b = 5 and k = 7.
2 % 7 + 5 % 7 = 7 ≠ 0
When I considered the last equation. It worked.
b % k = (k - a % k) % k
(5 % 7) = (7 - 2 % 7) % 7
5 % 7 = 5 % 7
(a + b) % k = c
When I solved the above equation with the same idea as the author, I got
(a + b) % k = c
a % k + b % k = c
b % k = (c - a % k + k) % k
It works for any positive values of a, b, c and k
In the equation,
(a + b) % k = (a % k + b % k) % k
Can I just ignore the last k and proceed while expanding (a + b) % k ?. I wonder how the absence of the last k doesn't affect the final result

No, a = b = 0 is a counterexample.
Indeed, the final formula is incorrect, assuming that % denotes the remainder of truncating division. Let a = 1 and b = -1. (In Python, or for nonnegative integers, it's OK.)
This is why mathematicians prefer to deal in equivalence mod K, which avoids the issue of where to put the mod operator.

Modular arithmetic. How to solve the following equation?

How to solve the following equation?
I am interested in the methods of solutions.
n^3 mod P = (n+1)^3 mod P
P- Prime number
Short example with the answer.
Could you gives step-by-step solutions for my example.
n^3 mod 61 = (n + 1)^3 mod 61
Integer solutions:
n = 61 m + 4,
n = 61 m + 56,
m element Z
Z - is set of integers.

An other way to state n^3 ≡ (n+1)^3 is n^3 ≡ n^3 + 3 n^2 + 3 n + 1 (just work out the cube of n+1) then the cubic terms cancel out to give a nicer quadratic 3 n^2 + 3 n + 1 ≡ 0
Then the usual quadratic formula applies, though all of its operations are now modulo P, and the determinant is not always a quadratic residue in which case there are no solutions to the original equation (this happens about half the time). This involves finding a square root modulo a prime, which is not hard for a computer to do for example with the Tonelli–Shanks algorithm, though not trivial to implement.
By the way 3 n^2 + 3 n + 1 = 0 has the property that if n is a solution, then -n - 1 is too.
For example, with some Python, once all the support functions exist it is pretty simple:
def solve(p):
# solve 3 n^2 + 3 n + 1 ≡ 0
D = -3 % p
sqrtD = modular_sqrt(D, p)
if sqrtD == 0:
return None
else:
n = (sqrtD - 3) * inverse(6, p) % p
return (n, -(n+1) % p)
Inverse modulo a prime is really easy,
def inverse(x, p):
return pow(x, p - 2, p)
I adapted this implementation of Tonelli-Shanks to Python3 (// instead of / for integer division)
def modular_sqrt(a, p):
""" Find a quadratic residue (mod p) of 'a'. p
must be an odd prime.
Solve the congruence of the form:
x^2 = a (mod p)
And returns x. Note that p - x is also a root.
0 is returned is no square root exists for
these a and p.
The Tonelli-Shanks algorithm is used (except
for some simple cases in which the solution
is known from an identity). This algorithm
runs in polynomial time (unless the
generalized Riemann hypothesis is false).
"""
# Simple cases
#
if legendre_symbol(a, p) != 1:
return 0
elif a == 0:
return 0
elif p == 2:
return 0
elif p % 4 == 3:
return pow(a, (p + 1) // 4, p)
# Partition p-1 to s * 2^e for an odd s (i.e.
# reduce all the powers of 2 from p-1)
#
s = p - 1
e = 0
while s % 2 == 0:
s //= 2
e += 1
# Find some 'n' with a legendre symbol n|p = -1.
# Shouldn't take long.
#
n = 2
while legendre_symbol(n, p) != -1:
n += 1
# Here be dragons!
# Read the paper "Square roots from 1; 24, 51,
# 10 to Dan Shanks" by Ezra Brown for more
# information
#
# x is a guess of the square root that gets better
# with each iteration.
# b is the "fudge factor" - by how much we're off
# with the guess. The invariant x^2 = ab (mod p)
# is maintained throughout the loop.
# g is used for successive powers of n to update
# both a and b
# r is the exponent - decreases with each update
#
x = pow(a, (s + 1) // 2, p)
b = pow(a, s, p)
g = pow(n, s, p)
r = e
while True:
t = b
m = 0
for m in range(r):
if t == 1:
break
t = pow(t, 2, p)
if m == 0:
return x
gs = pow(g, 2 ** (r - m - 1), p)
g = (gs * gs) % p
x = (x * gs) % p
b = (b * g) % p
r = m
def legendre_symbol(a, p):
""" Compute the Legendre symbol a|p using
Euler's criterion. p is a prime, a is
relatively prime to p (if p divides
a, then a|p = 0)
Returns 1 if a has a square root modulo
p, -1 otherwise.
"""
ls = pow(a, (p - 1) // 2, p)
return -1 if ls == p - 1 else ls
You can see some results on ideone

calculate x ^ (1 / y) mod m fast (modular root)

How can I solve x ^ ( 1 / y ) mod m fast, where x, y, m are all positive integers?
This is to reverse the calculation for x ^ y mod m. For example
party A hands party B agree on positive integer y and m ahead of time
party A generates a number x1 (0 < x1 < m), and hands party B the result of x1 ^ y mod m, call it x2
party B calculates x2 ^ ( 1 / y ) mod m, so that it gets back x1
I know how to calculate x1 ^ y mod m fast, but I don't know how to calculate x2 ^ (1 / y) mod m fast. Any suggestions?
I don't know how to call this question. Given x ^ y mod m is called modular exponentiation, is this called modular root?

I think you're asking this question: Given y, m, and the result of x^y (mod m) find x (assuming 0 <= x < m).
In general, this doesn't have a solution -- for example, for y=2, m=4, 0^2, 1^2, 2^2, 3^2 = 0, 1, 0, 1 (mod 4), so if you're given the square of a number mod 4, you can't get back the original number.
However, in some cases you can do it. For example, when m is prime and y is coprime to m-1. Then one can find y' such that for all 0 <= x < m, (x^y)^y' = x (mod m).
Note that (x^y)^y' = x^(yy'). Ignoring the trivial case when x=0, if m is prime Fermat's Little Theorem tells us that x^(m-1) = 1 (mod m). Thus we can solve yy' = 1 (mod m-1). This has a solution (which can be found using the extended Euclidean algorithm) assuming y and m-1 are coprime.
Here's working code, with an example with y=5, m=17. It uses the modular inverse code from https://en.wikibooks.org/wiki/Algorithm_Implementation/Mathematics/Extended_Euclidean_algorithm
def egcd(a, b):
if a == 0: return b, 0, 1
g, x, y = egcd(b%a, a)
return g, y - (b//a) * x, x
def modinv(a, m):
g, x, y = egcd(a, m)
if g != 1:
raise AssertionError('no inverse')
return x % m
def encrypt(xs, y, m):
return [pow(x, y, m) for x in xs]
def decrypt(xs, y, m):
y2 = modinv(y, m-1)
return encrypt(xs, y2, m)
y = 5
m = 17
e = encrypt(range(m), y, m)
print decrypt(e, y, m)
RSA is based on the case when m is the product of two distinct primes p, q. The same ideas as above apply, but one needs to find y' such that yy' = 1 (mod lcm((p-1)(q-1))). Unlike above, one can't do this easily only given y and m, because there are no known efficient methods for finding p and q.

division algorithm provided in Sanjoy Dasgupta

I am reading division algorithm in book Algorithms by Sanjoy Dasgupta. Here division algorithm is mentioned as below.
function divide(x,y)
Input: Two n-bit integers x and y, where y ≥ 1
Output: The quotient and remainder of x divided by y
if x = 0: return (q,r) = (0,0)
(q,r) = divide(x/2,y)
q = 2·q, r = 2·r
if x is odd: r = r + 1
if r ≥ y: r = r−y, q = q + 1
return (q,r)
My questions on above algorithm are
How do we write recurrent formulation in simple terms for above algorithm which is missing from book and I am not able to write one.
Why are we performing r = r + 1 if x is odd?
Why are dong q = 2.q and r = 2.r?
Thanks

Recursive division algorithm for two n bit numbers

In the below division algorithm, I am not able to understand why multiplying q and r by two works and also why r is incremented if x is odd.
Please give a theoretical justification of this recursive division algorithm.
Thanks in advance.
function divide(x, y)
if x = 0:
return (q, r) = (0, 0)
(q, r) = divide(floor(x/2), y)
q = 2q, r = 2r
if x is odd:
r = r + 1
if r ≥ y:
r = r − y, q = q + 1
return (q, r)

Let's assume you want to divide x by y, i.e. represent x = Q * y + R
Let's assume that x is even. You recursively divide x / 2 by y and get your desired representation for a smaller case: x / 2 = q * y + r.
By multiplying it by two, you would get: x = 2q * y + 2r. Looking at the representation you wanted to get for x in the first place, you see that you have found it! Let Q = 2q and R = 2r and you found the desired Q and R.
If x is odd, you again first get the desired representation for a smaller case: (x - 1) / 2 = q * y + r, multiply it by two: x - 1 = 2q * y + 2r, and send 1 to the right: x = 2q * y + 2r + 1. Again, you have found Q and R you wanted: Q = 2q, R = 2r + 1.
The final part of the algorithm is just normalization so that r < y. r can become bigger than y when you perform multiplication by two.

Algorithm PuzzleSolve(k,S,U) :
Input: An integer k, sequence S, and set U
Output: An enumeration of all k-length extensions to S using elements in U without repetitions
for each e in U do
Add e to the end of S
Remove e from U /e is now being used/
if k == 1 then
Test whether S is a configuration that solves the puzzle
if S solves the puzzle then
return "Solution found: " S
else
PuzzleSolve(k-1,S,U) /a recursive call/
Remove e from the end of S
Add e back to U e is now considered as unused
This algorithm enumerates every possible size-k ordered subset of U, and tests each subset for being
a possible solution to our puzzle. For summation puzzles, U = 0,1,2,3,4,5,6,7,8,9 and each position
in the sequence corresponds to a given letter. For example, the first position could stand for b, the
second for o, the third for y, and so on.