Extended Euclidean Algorithm and modular inverses

Linear Diophantine Equations and
Modular Inverses
Solve the linear Diophantine equation
ax + by = 1 (1)
given a, b ∈ Z, b > 0, and gcd(a, b) = 1. If gcd(a, b) ≠ 1,
(1) is insoluble. If b < 0, use −b and solve for (x, −y).
Diophantine equations are named after Diophantus, a
Greek mathematician who lived around 300-200 BCE.
Euclidean Algorithm
a = bq 0 + r 0
q 0 = ⌊a/b⌋, 0 < r 0 < b
b = r 0 q 1 + r 1 q 1 = ⌊b/r 0 ⌋, 0 < r 1 < r 0
r 0 = r 1 q 2 + r 2
.
q 2 = ⌊r 0 /r 1 ⌋, 0 < r 2 < r 1
r n−3 = r n−2 q n−1 + r n−1 r n−1 = gcd(a, b)
r n−2 = r n−1 q n + r n r n = 0
Repeated division with remainder. Notice that the sequence
of remainders (the r i ) is strictly decreasing, and
thus the sequence is finite (algorithm terminates).
Theorem 1 (Lamé, 1844). n < 5 log 10 min(a, b).
More exactly, Lamé’s Theorem states n ≤ log τ (min(a, b)+
1) where τ = (1 + √ 5)/2 is the golden ratio.

Extended Euclidean Algorithm
Let A −2 = 0, A −1 = 1, B −2 = 1, B −1 = 0 and
A k = q k A k−1 + A k−2
B k = q k B k−1 + B k−2
for k = 0, 1, . . . . We have A n = a and B n = b (n from
above), and
Putting k = n yields
A k B k−1 − B k A k−1 = (−1) k−1 .
A n B n−1 − B n A n−1 = (−1) n−1
a(−1) n−1 B n−1 + b(−1) n A n−1 = 1 .
Thus, a solution of (1) is given by
x = (−1) n−1 B n−1 , y = (−1) n A n−1 .
Computing x, y in this manner is known as the Extended
Euclidean Algorithm.
Modular Inverses
Consider the linear congruence ax ≡ 1 (mod m) given
a, m ∈ Z, gcd(a, m) = 1 (i.e., finding a −1 (mod m)).
We want x such that
m | ax − 1 =⇒ ax − 1 = ym =⇒ ax − my = 1
(can be solved using Euclidean Algorithm).

Example 1. For 95x ≡ 1 (mod 317), we obtain x =
−10, so x ≡ 307 (mod 317) is a solution.
Linear Congruences
Consider the linear congruence ax ≡ b (mod m) given
a, b, m ∈ Z,. This has a solution if and only if gcd(a, m) |
b. We want x such that
m | ax − d =⇒ ax − d = ym =⇒ ax − my = d
Example 2. For 95x ≡ 21 (mod 317), we obtain x =
−10 · 21 ≡ −210 ≡ 107 (mod 317) as a solution.