Order Modulo n

lean4-proofnumber-theoryvisualization
ordn(a)φ(n)\text{ord}_n(a) \mid \varphi(n)

Statement

For gcd(a,n)=1\gcd(a, n) = 1, the multiplicative order of aa modulo nn is

ordn(a)=min{k1:ak1(modn)}\text{ord}_n(a) = \min\{k \ge 1 : a^k \equiv 1 \pmod{n}\}

In Lean this is orderOf a for a : (ZMod n)ˣ.

Theorem (Lagrange). ordn(a)ϕ(n)\text{ord}_n(a) \mid \phi(n).

In Mathlib: ZMod.pow_totient states aϕ(n)=1a^{\phi(n)} = 1 for units, and orderOf_dvd_card (from group theory) gives ord(a)G\text{ord}(a) \mid |G|. Since (ZMod  n)×=ϕ(n)|(ZMod\; n)^\times| = \phi(n) by ZMod.card_units_eq_totient, we get the divisibility.

Visualization

Orders of elements in (Z/12Z)×(\mathbb{Z}/12\mathbb{Z})^\times:

The units mod 12 are {1,5,7,11}\{1, 5, 7, 11\} (those coprime to 12), so ϕ(12)=4\phi(12) = 4.

aaPowers a1,a2,a3,a4mod12a^1, a^2, a^3, a^4 \bmod 12ord12(a)\text{ord}_{12}(a)
11, 1, 1, 11
55, 1, 5, 12
77, 1, 7, 12
1111, 1, 11, 12

All orders (1, 2, 2, 2) divide ϕ(12)=4\phi(12) = 4. Note: no element has order 4, so (Z/12Z)×(\mathbb{Z}/12\mathbb{Z})^\times is not cyclic (it is Z/2Z×Z/2Z\mathbb{Z}/2\mathbb{Z} \times \mathbb{Z}/2\mathbb{Z}).

Contrast with (Z/7Z)×(\mathbb{Z}/7\mathbb{Z})^\times (prime modulus): 2 has order 3, while 3 has order 6 = ϕ(7)\phi(7), so 3 is a primitive root.

Proof Sketch

  1. The set {a,a2,a3,}\{a, a^2, a^3, \ldots\} in the finite group ((Z/nZ)×,×)((\mathbb{Z}/n\mathbb{Z})^\times, \times) must eventually repeat; the first repetition gives a period d=ord(a)d = \text{ord}(a).
  2. The cyclic subgroup a={1,a,,ad1}\langle a \rangle = \{1, a, \ldots, a^{d-1}\} has order dd.
  3. By Lagrange's theorem, d(Z/nZ)×=ϕ(n)d \mid |(\mathbb{Z}/n\mathbb{Z})^\times| = \phi(n).
  4. In particular aϕ(n)=(ad)ϕ(n)/d=1a^{\phi(n)} = (a^d)^{\phi(n)/d} = 1, recovering the Euler–Euler's Totient FunctionEuler's Totient Functionaφ(n)1(modn)a^{\varphi(n)} \equiv 1 \pmod{n}φ(n) counts integers up to n coprime to n, and governs modular exponentiationRead more → theorem.

Connections

The order always divides Euler's Totient FunctionEuler's Totient Functionaφ(n)1(modn)a^{\varphi(n)} \equiv 1 \pmod{n}φ(n) counts integers up to n coprime to n, and governs modular exponentiationRead more → ϕ(n)\phi(n), with equality iff aa is a primitive root (see Primitive RootsPrimitive Rootsg is a primitive root mod p    {g0,g1,,gp2}=(Z/pZ)×g \text{ is a primitive root mod } p \iff \{g^0, g^1, \ldots, g^{p-2}\} = (\mathbb{Z}/p\mathbb{Z})^\timesA primitive root mod p is a generator of the cyclic group (Z/pZ)*, existing for every prime pRead more →). For prime n=pn = p the divisibility ordp(a)p1\text{ord}_p(a) \mid p-1 is a corollary of Fermat's Little TheoremFermat's Little Theoremapa(modp)a^p \equiv a \pmod{p}For prime p, a^p is congruent to a mod pRead more →.

Lean4 Proof

/-- The order of any unit in (ZMod n)ˣ divides the card of the group,
    which equals Euler's totient φ(n). -/
theorem order_dvd_totient (n : ) [NeZero n] (a : (ZMod n)ˣ) :
    orderOf a  n.totient := by
  have h1 : orderOf a  Fintype.card (ZMod n)ˣ := orderOf_dvd_card
  rwa [ZMod.card_units_eq_totient] at h1