let p be Prime; :: thesis: for b being Nat st p > 2 & b gcd p = 1 & not b is_quadratic_residue_mod p holds
(b |^ ((p -' 1) div 2)) mod p = p - 1
let b be Nat; :: thesis: ( p > 2 & b gcd p = 1 & not b is_quadratic_residue_mod p implies (b |^ ((p -' 1) div 2)) mod p = p - 1 )
assume A1: ( p > 2 & b gcd p = 1 & not b is_quadratic_residue_mod p ) ; :: thesis: (b |^ ((p -' 1) div 2)) mod p = p - 1
reconsider b = b as Element of NAT by ORDINAL1:def 13;
b,p are_relative_prime by A1, INT_2:def 4;
then A2: (b |^ (p -' 1)) mod p = 1 by PEPIN:38;
A3: p > 1 by INT_2:def 5;
then A4: 1 mod p = 1 by NAT_D:14;
then A5: ((b |^ (p -' 1)) - 1) mod p = 0 by A2, INT_4:22;
not p is even by A1, PEPIN:17;
then p - 1 is even by HILBERT3:2;
then p -' 1 is even by A3, XREAL_1:235;
then 2 divides p -' 1 by PEPIN:22;
then p -' 1 = 2 * ((p -' 1) div 2) by NAT_D:3;
then (b |^ (p -' 1)) - 1 = ((b |^ ((p -' 1) div 2)) |^ 2) - 1 by NEWTON:14
.= ((b |^ ((p -' 1) div 2)) ^2 ) - 1 by NEWTON:100
.= ((b |^ ((p -' 1) div 2)) + 1) * ((b |^ ((p -' 1) div 2)) - 1) ;
then A6: p divides ((b |^ ((p -' 1) div 2)) + 1) * ((b |^ ((p -' 1) div 2)) - 1) by A5, Lm1;
p - 1 > 2 - 1 by A1, XREAL_1:11;
then p - 1 >= 1 + 1 by INT_1:20;
then p -' 1 >= 2 by A3, XREAL_1:235;
then (p -' 1) div 2 >= 2 div 2 by NAT_2:26;
then A7: (p -' 1) div 2 >= 1 by PEPIN:48;
per cases ( (p -' 1) div 2 = 1 or (p -' 1) div 2 > 1 ) by A7, XXREAL_0:1;
suppose A8: (p -' 1) div 2 = 1 ; :: thesis: (b |^ ((p -' 1) div 2)) mod p = p - 1
then p divides (b + 1) * ((b |^ 1) - 1) by A6, NEWTON:10;
then A9: p divides (b + 1) * (b - 1) by NEWTON:10;
now
assume p divides b - 1 ; :: thesis: contradiction
then p divides - (b - 1) by INT_2:14;
then ((1 ^2 ) - b) mod p = 0 by Lm1;
hence contradiction by A1, Def2; :: thesis: verum
end;
then p divides b - (- 1) by A9, Th7;
then b, - 1 are_congruent_mod p by INT_2:19;
then A10: b mod p = (- 1) mod p by INT_3:12;
- p < - 2 by A1, XREAL_1:26;
then - p < (- 2) + 1 by XREAL_1:41;
then b mod p = p - 1 by A10, INT_3:10;
hence (b |^ ((p -' 1) div 2)) mod p = p - 1 by A8, NEWTON:10; :: thesis: verum
end;
suppose A11: (p -' 1) div 2 > 1 ; :: thesis: (b |^ ((p -' 1) div 2)) mod p = p - 1
set l = (p -' 1) div 2;
set fs = (<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*1*>;
A12: ( - 1 is Element of INT & 1 is Element of INT & 0 is Element of INT ) by INT_1:def 2;
then A13: ( <*(- 1)*> is FinSequence of INT & <*1*> is FinSequence of INT ) by FINSEQ_1:95;
(((p -' 1) div 2) -' 1) |-> 0 is FinSequence of INT by A12, FINSEQ_2:77;
then <*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 ) is FinSequence of INT by A13, FINSEQ_1:96;
then reconsider fs = (<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*1*> as FinSequence of INT by A13, FINSEQ_1:96;
A14: len fs = len (<*(- 1)*> ^ (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*1*>)) by FINSEQ_1:45
.= 1 + (len (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*1*>)) by FINSEQ_5:8
.= (1 + (len ((((p -' 1) div 2) -' 1) |-> 0 ))) + 1 by FINSEQ_2:19
.= 1 + ((((p -' 1) div 2) -' 1) + 1) by FINSEQ_1:def 18
.= 1 + ((p -' 1) div 2) by A11, XREAL_1:237 ;
A15: len ((((p -' 1) div 2) -' 1) |-> 0 ) = ((p -' 1) div 2) -' 1 by FINSEQ_1:def 18;
set K1 = <*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 );
A16: len (<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) = 1 + (((p -' 1) div 2) -' 1) by A15, FINSEQ_5:8
.= (p -' 1) div 2 by A11, XREAL_1:237 ;
then A17: fs . (((p -' 1) div 2) + 1) = 1 by FINSEQ_1:59;
A18: fs . 1 = (<*(- 1)*> ^ (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*1*>)) . 1 by FINSEQ_1:45
.= - 1 by FINSEQ_1:58 ;
A19: for x being Element of INT holds (Poly-INT fs) . x = (x |^ ((p -' 1) div 2)) - 1
proof
let x be Element of INT ; :: thesis: (Poly-INT fs) . x = (x |^ ((p -' 1) div 2)) - 1
consider fr being FinSequence of INT such that
A20: ( len fr = len fs & ( for d being Nat st d in dom fr holds
fr . d = (fs . d) * (x |^ (d -' 1)) ) & (Poly-INT fs) . x = Sum fr ) by Def1;
fr = (<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>
proof
set K = (<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>;
len ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) = len (<*(- 1)*> ^ (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*(x |^ ((p -' 1) div 2))*>)) by FINSEQ_1:45
.= 1 + (len (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*(x |^ ((p -' 1) div 2))*>)) by FINSEQ_5:8
.= (1 + (len ((((p -' 1) div 2) -' 1) |-> 0 ))) + 1 by FINSEQ_2:19
.= 1 + ((((p -' 1) div 2) -' 1) + 1) by FINSEQ_1:def 18
.= len fr by A11, A14, A20, XREAL_1:237 ;
then A21: dom fr = dom ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) by FINSEQ_3:31;
for d being Nat st d in dom fr holds
fr . d = ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d
proof
let d be Nat; :: thesis: ( d in dom fr implies fr . d = ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d )
assume A22: d in dom fr ; :: thesis: fr . d = ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d
then d in Seg (((p -' 1) div 2) + 1) by A14, A20, FINSEQ_1:def 3;
then A23: ( d >= 1 & d <= ((p -' 1) div 2) + 1 ) by FINSEQ_1:3;
per cases ( d = 1 or ( d > 1 & d < ((p -' 1) div 2) + 1 ) or d = ((p -' 1) div 2) + 1 ) by A23, XXREAL_0:1;
suppose A24: d = 1 ; :: thesis: fr . d = ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d
then A25: fr . 1 = (fs . 1) * (x |^ (1 -' 1)) by A20, A22
.= (fs . 1) * (x |^ 0 ) by XREAL_1:234
.= (fs . 1) * 1 by NEWTON:9
.= - 1 by A18 ;
((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . 1 = (<*(- 1)*> ^ (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*(x |^ ((p -' 1) div 2))*>)) . 1 by FINSEQ_1:45
.= fr . 1 by A25, FINSEQ_1:58 ;
hence fr . d = ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d by A24; :: thesis: verum
end;
suppose ( d > 1 & d < ((p -' 1) div 2) + 1 ) ; :: thesis: fr . d = ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d
then A26: ( d - 1 > 0 & d - 1 < (((p -' 1) div 2) + 1) - 1 ) by XREAL_1:11, XREAL_1:52;
then reconsider w = d - 1 as Element of NAT by INT_1:16;
A27: ( w <= ((p -' 1) div 2) -' 1 & w >= 0 + 1 & w < (p -' 1) div 2 ) by A26, INT_1:20, NAT_D:49;
then A28: ((((p -' 1) div 2) -' 1) |-> 0 ) . w = 0 by GOBRD10:def 3;
w in Seg (((p -' 1) div 2) -' 1) by A27, FINSEQ_1:3;
then A29: w in dom ((((p -' 1) div 2) -' 1) |-> 0 ) by A15, FINSEQ_1:def 3;
then A30: ( w in dom (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*1*>) & w in dom (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*(x |^ ((p -' 1) div 2))*>) ) by FINSEQ_2:18;
A31: fs . d = (<*(- 1)*> ^ (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*1*>)) . (w + 1) by FINSEQ_1:45
.= (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*1*>) . w by A30, FINSEQ_3:112
.= 0 by A28, A29, FINSEQ_1:def 7 ;
thus ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d = (<*(- 1)*> ^ (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*(x |^ ((p -' 1) div 2))*>)) . (w + 1) by FINSEQ_1:45
.= (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*(x |^ ((p -' 1) div 2))*>) . w by A30, FINSEQ_3:112
.= (fs . d) * (x |^ (d -' 1)) by A28, A29, A31, FINSEQ_1:def 7
.= fr . d by A20, A22 ; :: thesis: verum
end;
suppose A32: d = ((p -' 1) div 2) + 1 ; :: thesis: fr . d = ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d
then A33: fs . d = 1 by A16, FINSEQ_1:59;
d in dom fs by A14, A32, FINSEQ_5:6;
then d in dom fr by A20, FINSEQ_3:31;
hence fr . d = 1 * (x |^ ((((p -' 1) div 2) + 1) -' 1)) by A20, A32, A33
.= x |^ ((p -' 1) div 2) by NAT_D:34
.= ((<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*>) . d by A16, A32, FINSEQ_1:59 ;
:: thesis: verum
end;
end;
end;
hence fr = (<*(- 1)*> ^ ((((p -' 1) div 2) -' 1) |-> 0 )) ^ <*(x |^ ((p -' 1) div 2))*> by A21, FINSEQ_1:17; :: thesis: verum
end;
then Sum fr = Sum (<*(- 1)*> ^ (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*(x |^ ((p -' 1) div 2))*>)) by FINSEQ_1:45
.= (- 1) + (Sum (((((p -' 1) div 2) -' 1) |-> 0 ) ^ <*(x |^ ((p -' 1) div 2))*>)) by RVSUM_1:106
.= (- 1) + ((Sum ((((p -' 1) div 2) -' 1) |-> 0 )) + (x |^ ((p -' 1) div 2))) by RVSUM_1:104
.= (- 1) + (((((p -' 1) div 2) -' 1) * 0 ) + (x |^ ((p -' 1) div 2))) by RVSUM_1:110 ;
hence (Poly-INT fs) . x = (x |^ ((p -' 1) div 2)) - 1 by A20; :: thesis: verum
end;
consider fp being FinSequence of NAT such that
A34: ( len fp = (p -' 1) div 2 & ( for d being Nat st d in dom fp holds
(fp . d) gcd p = 1 ) & ( for d being Nat st d in dom fp holds
fp . d is_quadratic_residue_mod p ) & ( for d, e being Nat st d in dom fp & e in dom fp & d <> e holds
not fp . d,fp . e are_congruent_mod p ) ) by A1, Th16;
now
assume p divides (b |^ ((p -' 1) div 2)) - 1 ; :: thesis: contradiction
then A35: ((b |^ ((p -' 1) div 2)) - 1) mod p = 0 by Lm1;
reconsider b = b as Element of INT by INT_1:def 2;
A36: ((Poly-INT fs) . b) mod p = 0 by A19, A35;
set f = fp ^ <*b*>;
<*b*> is FinSequence of NAT by FINSEQ_1:95;
then reconsider f = fp ^ <*b*> as FinSequence of NAT by FINSEQ_1:96;
A37: len f = ((p -' 1) div 2) + 1 by A34, FINSEQ_2:19;
A38: for d being Nat st d in dom f holds
((Poly-INT fs) . (f . d)) mod p = 0
proof
let d be Nat; :: thesis: ( d in dom f implies ((Poly-INT fs) . (f . d)) mod p = 0 )
assume d in dom f ; :: thesis: ((Poly-INT fs) . (f . d)) mod p = 0
then d in Seg (((p -' 1) div 2) + 1) by A37, FINSEQ_1:def 3;
then A39: ( d >= 1 & d <= ((p -' 1) div 2) + 1 ) by FINSEQ_1:3;
per cases ( ( d >= 1 & d < ((p -' 1) div 2) + 1 ) or d = ((p -' 1) div 2) + 1 ) by A39, XXREAL_0:1;
suppose ( d >= 1 & d < ((p -' 1) div 2) + 1 ) ; :: thesis: ((Poly-INT fs) . (f . d)) mod p = 0
then ( d >= 1 & d <= (p -' 1) div 2 ) by NAT_1:13;
then A40: d in dom fp by A34, FINSEQ_3:27;
then ( (fp . d) gcd p = 1 & fp . d is_quadratic_residue_mod p ) by A34;
then A41: ((fp . d) |^ ((p -' 1) div 2)) mod p = 1 mod p by A1, A4, Th17;
reconsider k = fp . d as Element of INT by INT_1:def 2;
((k |^ ((p -' 1) div 2)) - 1) mod p = 0 by A41, INT_4:22;
then ((Poly-INT fs) . k) mod p = 0 by A19;
hence ((Poly-INT fs) . (f . d)) mod p = 0 by A40, FINSEQ_1:def 7; :: thesis: verum
end;
suppose d = ((p -' 1) div 2) + 1 ; :: thesis: ((Poly-INT fs) . (f . d)) mod p = 0
hence ((Poly-INT fs) . (f . d)) mod p = 0 by A34, A36, FINSEQ_1:59; :: thesis: verum
end;
end;
end;
A42: for d, e being Nat st d in dom f & e in dom f & d <> e holds
not f . d,f . e are_congruent_mod p
proof
let d, e be Nat; :: thesis: ( d in dom f & e in dom f & d <> e implies not f . d,f . e are_congruent_mod p )
assume A43: ( d in dom f & e in dom f & d <> e ) ; :: thesis: not f . d,f . e are_congruent_mod p
then A44: ( d >= 1 & d <= ((p -' 1) div 2) + 1 & e >= 1 & e <= ((p -' 1) div 2) + 1 ) by A37, FINSEQ_3:27;
per cases ( ( d >= 1 & d < ((p -' 1) div 2) + 1 ) or d = ((p -' 1) div 2) + 1 ) by A44, XXREAL_0:1;
suppose ( d >= 1 & d < ((p -' 1) div 2) + 1 ) ; :: thesis: not f . d,f . e are_congruent_mod p
then ( d >= 1 & d <= (p -' 1) div 2 ) by NAT_1:13;
then A45: d in dom fp by A34, FINSEQ_3:27;
then A46: f . d = fp . d by FINSEQ_1:def 7;
per cases ( ( e >= 1 & e < ((p -' 1) div 2) + 1 ) or e = ((p -' 1) div 2) + 1 ) by A44, XXREAL_0:1;
suppose A48: e = ((p -' 1) div 2) + 1 ; :: thesis: not f . d,f . e are_congruent_mod p
not f . d,b are_congruent_mod p
proof
assume f . d,b are_congruent_mod p ; :: thesis: contradiction
then A49: p divides (f . d) - b by INT_2:19;
( f . d is_quadratic_residue_mod p & (f . d) gcd p = 1 ) by A34, A45, A46;
then consider j being Integer such that
A50: ((j ^2 ) - (f . d)) mod p = 0 by Def2;
p divides (j ^2 ) - (f . d) by A50, INT_1:89;
then p divides ((j ^2 ) - (f . d)) + ((f . d) - b) by A49, WSIERP_1:9;
then ((j ^2 ) - b) mod p = 0 by INT_1:89;
hence contradiction by A1, Def2; :: thesis: verum
end;
hence not f . d,f . e are_congruent_mod p by A34, A48, FINSEQ_1:59; :: thesis: verum
end;
end;
end;
suppose A51: d = ((p -' 1) div 2) + 1 ; :: thesis: not f . d,f . e are_congruent_mod p
then ( e >= 1 & e <= (p -' 1) div 2 ) by A43, A44, NAT_1:8;
then A52: e in dom fp by A34, FINSEQ_3:27;
then f . e = fp . e by FINSEQ_1:def 7;
then ( f . e is_quadratic_residue_mod p & (f . e) gcd p = 1 ) by A34, A52;
then consider j being Integer such that
A53: ((j ^2 ) - (f . e)) mod p = 0 by Def2;
A54: p divides (j ^2 ) - (f . e) by A53, INT_1:89;
not b,f . e are_congruent_mod p
proof
assume b,f . e are_congruent_mod p ; :: thesis: contradiction
then p divides b - (f . e) by INT_2:19;
then p divides ((j ^2 ) - (f . e)) - (b - (f . e)) by A54, Th1;
then ((j ^2 ) - b) mod p = 0 by INT_1:89;
hence contradiction by A1, Def2; :: thesis: verum
end;
hence not f . d,f . e are_congruent_mod p by A34, A51, FINSEQ_1:59; :: thesis: verum
end;
end;
end;
A55: ( len fs = ((p -' 1) div 2) + 1 & not p divides fs . (((p -' 1) div 2) + 1) & p > 2 ) by A1, A3, A14, A17, NAT_D:7;
reconsider f = f as FinSequence of INT by FINSEQ_2:27, NUMBERS:17;
len f <= (p -' 1) div 2 by A38, A42, A55, Th8;
hence contradiction by A37, XREAL_1:31; :: thesis: verum
end;
then p divides (b |^ ((p -' 1) div 2)) + 1 by A6, Th7;
then consider k being Nat such that
A56: (b |^ ((p -' 1) div 2)) + 1 = p * k by NAT_D:def 3;
- p < - 1 by A3, XREAL_1:26;
then A57: (- 1) mod p = (- 1) + p by INT_3:10;
(b |^ ((p -' 1) div 2)) mod p = ((p * k) + (- 1)) mod p by A56
.= p - 1 by A57, INT_3:8 ;
hence (b |^ ((p -' 1) div 2)) mod p = p - 1 ; :: thesis: verum
end;
end;