1.76k likes | 1.78k Views
Learn the basic concepts of elementary number theory, including prime and composite numbers, common divisors, and the greatest common divisor (GCD). Discover important properties and applications in cryptography.
E N D
Chapter 00 Introducing Foundations
Elementary Number-Theoretic Notions An important application of number-theoretic algorithms is in cryptography - the discipline concerned with encrypting a message sent from one party to another, so that someone who intercepts the message will not be able to decode it. Let the set Z = { …., -2, -1, 0, 1, 2, 3, ….} of integers. Let the set N = {0, 1, 2, 3, ….} of natural numbers. The notation d | a (read “d divides a”) means that a = k*d for some integer k.
Let Z = { …, -2, -1, 0, 1, 2, …} is the set of integers. Let N = { 0, 1, 2, ….} be the set of natural numbers. Prime and Composite Numbers An integer a > 1, whose only divisors are the trivial divisors 1 and a, is said to be a prime number (or, more simply, a prime). A prime number has no factors. There are infinitely many primes (prove!). The first 20 primes, in order, are 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71. An integer a > 1 that is not prime is said to be a composite number (or more simply, a composite). For example, 39 is a composite because 3 | 39 and 13 | 39. That is, it is because 39 has the divisors 3 and 13. A composite number has at least one factor. The integer 1 is said to be a unit and is neither prime nor composite. The integer 0 and all negative integers are neither prime nor composite.
Common Divisors and Greatest Common Divisor (GCD) If n is a divisor of x (denoted n | x) and n is also divisor of y (denoted n | y), then n is the common divisor of x and y. Example: The common divisors of 24 and 30 are 1, 2, 3 and 6. An important property of common divisors is that n | x and n | y implies that n | (x + y) and n | (x – y). (a0.2) Proof: n | x implies that x = n * q; n | y implies that y = n * Q. Then (x + y) = (n * q + n * Q) = n * (q + Q) which is divisible by n to yield the product (q + Q). Thus n | (x + b). x but not vice versa
Theorem 0.2 If d | a and d | b, then for integers i and j, d | (ia + jb) …(a0.3) Proof: Since d | a and d | b, there exists integers m and n such that a = md and b = nd. Therefore, for any integer i and j, (ia + jb) = imd + jnd = (im + jn)d which means d | (ia + jb), because d |(im + jn)d. QED Consider 6|24 and 6|30. Since 24=4*6 and 30 = 5*6, (i*24+j*30) = i*4*6 + j*5*6 = (i*4 + j*5)6. That is, 6|(i*24+j*30) for 6| (i*4 + j*5)6.
If x | y, then either |x| ≤ |y| or y = 0, and x | y and y | x implies that x = y. (a0.4) Proof: If x | y then either |x| ≤ |y| or y = 0. If y | x then either |y| ≤ |x| or x = 0. This implies that {|x| ≤ |y| and |y| ≤ |x|} or {y = 0 and x = 0} which both implies x = + y.
If x and y are both nonzero, then the greatest common divisor of x and y, denoted gcd(x, y) is the largest integer that divides both of them. This integer is between 1 and min(|x|, |y|). Example 0.26: The positive divisors of 24 are 1, 2, 3, 4, 6, 8, 12 and 24. The positive divisors of 30 are 1, 2, 3, 5, 6, 10, 15 and 30. So the common positive divisors of 24 and 30 are 1, 2, 3 and 6. The greatest common divisor of 24 and 30 (denoted gcd(24, 30)) is 6. Based on Thm 0.2, since 6|24 and 6|30 then 6|(i*24 + j*30) for any integers i and j. The reason is that this can be written 6|i*24 and 6|j*30.
We define gcd(0, 0) = 0. This definition is necessary to make standard properties of the gcd function (such as gcd(x, 0) = |x| ) universally valid. The following are elementary properties of the gcd function: gcd(a, b) = gcd(b, a), gcd(a, b) = gcd(-a, b), gcd(a, b) = gcd(|a|, |b|), gcd(a, 0) = |a|, and gcd(a, ka) = |a|, for k ɛ Z = { …., -2, -1, 0, 1, 2, …} of integers.
The following theorem states that if x and y are any integers, not both zero, then gcd(x, y) is the smallest positive element of the set {ix + jy | i, j Z} of linear combination of x and y. Theorem 0.3 Let x and y be integers, not both 0. Let d = min{ix + jy | i, j Z and ix + jy > 0}. That is, d is the smallest positive linear combination of x and y. Then d = gcd(x, y). Let d = gcd(x, y). d|x and d|y. d|(x+y). d |(md + nd). d | (im + jn)d and imd + ind >0. i*24 + j *30 > 0 implies that (i*4 + j*5)6 > 0 i * 4 + j * 5 = 1 for yielding the min value. This implies i is -1 and j = 1. gcd(24, 30) = d = 6 = min{-1*24+1*30, -2*24 + 2*30, 1*24+0*30, 0*24+1*30, ….}.
Proof: Let i and j be the integers that yield the minimal value d. That is, d = ix + jy(> 0, by Thm 0.3). Let q and r be the quotient and remainder, respectively, of dividing x by d. Then owing to Equality 0.1 and the fact that d is positive, x = q*d + r and 0 ≤ r < d. Therefore, we have r = x – q*d= x – q(ix + jy) = x(1 – qi) + y(-qj), which means that r is a linear combination of x and y. Since d is the smallest positive linear combination of x and y, and also r < d, we conclude r = 0, which means d | x. Similarly, d | y. Therefore d is a common division of y and x, which means d ≤ gcd(x, y). On the other hand, since the gcd(x, y) divides both x and y, theorem 0.2, gcd(x, y) | ix + jy. Since d = ix + jy, these imply that gcd(x, y) | d. We conclude d ≥ gcd(x, y). Combining these last two inequalities, we have d = gcd(x, y). QED
1/17 Example 0.27: We have that gcd(12, 8) = 4, and 4 = min { 4(i*3 + j*2) | i*3 + j*2 > 0 }. This implies that (i*3 + j*2) = 1, when (i, j) { (1, -1), (-1, 2), (3, -4), (-3, 5), (5, -7), (-5, 8), … | 1 = i*3 + j*2 > 0 }. Note that if gcd(x, y) = d, then {ix + jy} = {d ( + )}. 4 = 1(12) + (-1)8 > 0 or -1(12)+2*8 > 0, 3(12) + (-4)8, … No matter what i and j are any of the pairs as above, 4 is the smallest value.
gcd(60, 24) d=12= min{1*60 + (-2)*24, 3*60 + (-7)*24, …. } Note that if gcd(x, y) = d, then {ix + jy} = {d ( + )}. Example 0.28: Let x = 60, y = 24. find gcd(60, 24). By Theorem 0.3, gcd(x, y) = d = min{ix + jy | i, j Z and ix + jy > 0}. For i, j Z and 0 < ix + jy = i * 60 + j * 24 = 12(i * 5 + j * 2). This implies that (i * 5 + j * 2) > 0. By observation, 12(i * 5 + j * 2) > 0 has a minimum value if 0 < (i * 5 + j * 2) = 1. That is, (i, j) {(1, -2), (-1, 3), (3, -7), (-3, 8), (5, -12), (-5, 13), (7, -17), (-7, 18), etc. |(i * 5 + j * 2) = 1, and therefore (i*60 + j *24) > 0}.
Theorem 0.2 If d | a and d | b, then for integers i and j, d | (ia + jb) …(a0.3) Corollary 0.3.1 For any integers x and y, if d | x and d | y, then d | gcd(x, y). Proof: This corollary follows from equation (a0.3) (that is, Theorem 0.2), because gcd(x, y) is a linear combination of x and y by Theorem 0.3. QED This Corollary 0.3.1 states: Suppose x and y are integers, not both 0. Then every common divisor of x and y is a divisor of gcd(x, y).
Example 0.29: The positive divisors of 24 are 1, 2, 3, 4, 6, 8, 12 and 24. The positive divisors of 30 are 1, 2, 3, 5, 6, 10, 15 and 30. So the common positive divisors of 24 and 30 are 1, 2, 3 and 6. The value of gcd(24, 30) is 6. As Corollary 0.3.1 implies that 1, 2, 3, and 6 all divide 6.
Corollary 0.3.2 For all integer x and y and any non-negative integer n, gcd(nx, ny) = n*gcd(x, y). Proof: if n = 0, the corollary is trivial. If n > 0, then gcd(nx, ny) is the smallest positive element of the set {anx + bny | a, b Z}, which is n times the smallest positive element of the set {ax + by | a, b Z }. QED gcd(24, 60) = 12. Gcd(n*24, n*60) = n*12
Corollary 0.3.3 For all positive integers n, x and y if n | xy and gcd(x, n) = 1 then n | y. Proof: Since gcd(a, n) = 1, a and n are relatively prime. That is, a is indivisible by n. But n | ab implies that n | b for a is indivisible by n. QED
Relatively prime integers Two integers a and b are relatively prime if their only common divisor is 1, that is, if gcd(a, b) = 1. For example, 8 and 15 are relatively prime, since the divisors of 8 are 1, 2, 4, and 8, and the divisors of 15 are 1, 3, 5, and 15.
Greatest Common Divisor (GCD) Describe Euclid’s algorithm for efficiently computing the greatest common divisor of two given integers, not both zero. When analyze the running time, there is a connection with the Fibonacci numbers, which yield a worst-case input for Euclid’s algorithm. Let restrict both a and b are nonnegative integers, since gcd(a, b) = gcd(|a|, |b|),
Theorem 0.4 (GCD Recursion Theorem) For any nonnegative integer a and any positive integer b, gcd(a, b) = gcd(b, a mod b). Proof: We need to show that gcd(a, b) and gcd(b, a mod b) divide each other, so that by equation (a0.4) they must be equal (since they are both non-negative). We first show that gcd(a, b) | gcd(b, a mod b). Let d = gcd(a, b), then d | a and d | b. (a mod b) = a – q*b, where q = └ a / b ┘. Since (a mod b) is thus a linear combination of a and b, equation (a0.3) (that is, Theorem 0.2) implies that d | (a mod b). Therefore, since d | b and d | (a mod b), Corollary 0.3.1 implies that d | gcd(b, a mod b) or equivalently, that gcd(a, b) = gcd(b, a mod b). (T0.4A)
Similarly we show that gcd(b, a mod b) | gcd(a, b). Let d = gcd(b, a mod b), then d | b and d | (a mod b). Since a = q*b + (a mod b), where q = └ a / b ┘, we have that a is a linear combination of b and (a mod b). By equation (a0.3), we concluded that d | a. since d | b and d | a, we have d | gcd(a, b) by Corollary 0.3.1 or, equivalently, that gcd(b, a mod b) | gcd(a, b). (T0.4.B) Using equation (a0.4) to combine equations (T0.4A) and (T0.4B) completes the proof. QED
a = q*b + (a mod b), 64 = 2 * 24 + 16 24 = 1*16 + 8 16 = 2 * 8 + 0 8 = 0 * 0 + 8 Example 0.30: According to the previous theorem, gcd(64, 24) = gcd(24, 16) because 16 = 64 mod 24. We can continue in this manner to determine gcd(64, 24). That is, gcd(64, 24) = gcd(24, 16) note that gcd(24, 64) = gcd(64, 24) = gcd(16, 8) = gcd(8, 0) = 8.
Euclid’s Algorithm for Computing Common Divisor Theorem 0.4 gives us a straightforward method for determining the greatest common divisor of two integers. The example above illustrates the method. To find the gcd(m, n) we recursively apply the equality in the Theorem 0.4 until n = 0, and then return m. This method is called Euclid’s Algorithm for it was developed by Euclid around 300 B.C. Theorem 0.4 (GCD Recursion Theorem) For any nonnegative integer a and any positive integer b, gcd(a, b) = gcd(b, a mod b).
Euclid’s algorithmfor computing gcd(m, n), which is based on repeatedly applying the equality gcd(m, n) = gcd(n, m mod n), where m mod n is the remainder of , until (m mod n) = 0. Since gcd(m, 0) = m, the last value of m is also the greatest common divisor of the initial m and n.
Example 0.31: gcd(60, 24) = gcd(24, 12) = gcd(12, 0) = 12. gcd(17, 15) = gcd(15, 2) = gcd(2, 1) = gcd(1, 0) = 1 gcd(37, 8) = gcd(8,5) = gcd(5,3)= gcd(3, 2) = gcd(2, 1) = gcd(1,0) = 1 gcd(37,10) = gcd(10, 7) = gcd(7,3 )= gcd(3, 1) = gcd(1,0)=1
Algorithm Euclid (m, n) //Compute gcd(m, n) by Euclid’s algorithm Input: two non-negative m and n, not both zero integers Output: the greatest common divisor of m and n while n ≠ 0 do { if (n = = 0) r ← m mod n; then return m m ← n; else Euclid(n, m mod n) n ← r;} return m.
Recall: • Several characteristics of Algorithms: • … • The same algorithm can be represented in several different ways. [Different ways for specifying an algorithm]Euclid’s algorithm can be defined recursively or non-recursively. • Algorithms for the same problem can be based on very different ideas and can solve the problem with dramatically different speeds. [Various Speeds of different Algorithms for solving the same problem.] For m > n > 0, the number of recursive calls for Euclid algorithm is O(log n).
Example 0.32: Find the greatest common divisor of two integers, 7,276,500 and 3,185,325. gcd(7,276,500, 3,185,325) = gcd(3,185,325, 905,850) = gcd(905,850, 467,775) = gcd(467,775, 438,075) = gcd(438,075, 29,700) = gcd(29,700, 22,275) = gcd(22,275, 7,425) = gcd(7,425, 0) = 7,425 It requires 7 recursive calls to get the solution 7,425. Let n = 3,185,325 log n = 21 For the worse case, the number of recursive calls is about 21 times.
gcd(222…, 7425) gcd(72.., 318…) gcd(318…, 905) gcd(7425, 0) Euclid’s Algorithm 7425 gcd(318.., 905…) gcd(7425, 0) gcd(222…, 7425) gcd(905…, 467…)
Definition: An algorithm is said to be correct if, for every input instance, it halts with the correct output. • The algorithm will eventuallyhalt: • The new value of n on the next iteration is m mod n, which is always smaller than n (since 0 ≤ r < n, for r = m mod n). The value of the second number of the pair (m, n), (which is gcd(m ← n, n ← r), r = m mod n) eventually becomes 0 and it cannot become negative. The algorithm stops.
Algorithm Euclid (m, n) //Compute gcd(m, n) by Euclid’s algorithm Input: two non-negative m and n, not both zero integers Output: the greatest common divisor of m and n {m > n 0} while n ≠ 0 do { if (n = = 0) r ← m mod n; then return m m ← n; else Euclid(n, m mod n) n ← r;} return m. {d = min{i*m + j*n | i, j Z and i*m + j*n > 0}} { gcd(m, n) = gcd(n, m mod n) is the invariant condition}
Lemma 0.0: If a ≥ b, then a mod b < a/2. • Proof: Consider a ≥ b. Then • b a/2 a • a mod b • or • a/2 b a • a mod b • By observation, either b ≤ a/2 or b > a/2. These two cases are shown in the figure above. • Case 1: If b ≤ a/2, then we have a mod b < b ≤ a/2, since 0 ≤ a mod b < b. • Case 2: If b > a/2, then a mod b = a – b < a/2. [Since a mod b = a – q*b, then q = 1 for b > a/2. Therefore a – b < a/2.] QED.
Algorithm Euclid(m, n) { if (n = = 0) then return m else Euclid(n, m mod n) } Rationalize: Euclid(n, m mod n), wherem mod n < m/2. Let say, m mod n = m/2. Euclid(n, m mod n) reduces m by one bit through right shift. Euclid(m mod n, n mod (m mod n) ) where n mod (m mod n) < n/2. This reduces n by one bit through right shift. This means,after two consecutive rounds, both arguments, m and n, are at the very least halved in value. This means: Assume that both m and n are of n-bit integers. Then the base case will be reached with 2n recursive calls. i.e., gcd(a, b) = gcd(b, a mod b) = gcd(a mod b, b mod (a mod b)). Then 2n recursive calls are needed. Each requires O(n2 ). That is, the total running time is 2n * O(n2 ) = O(n3 ) .
The overall running time of Euclid is proportional to the number of recursive calls it makes. • Our analysis makes use of the Fibonacci numbers Fk, defined by the following recurrence: • Fi = Fi-1 + Fi-2 for i ≥ 2, • F0 = 0, F1 = 1. • Note that, in the following sequel, • F(k) = F(k-1) + F(k-2), k ≥ 2; F(0) = 0 and F(1) = 1 • is equivalent to write • Fk = Fk-1+ Fk-2 k ≥ 2 and F0 = 0 and F1 = 1.
Lemma 0.1: If m > n ≥ 1 and the invocation Euclid(m, n) performs k ≥ 1 recursive calls, then m ≥ Fk+2 and n ≥ Fk+1, where Fkis the kth number in the Fibonacci sequence. Algorithm Euclid(m, n) { if (n = = 0) then return m else Euclid(n, m mod n) } Example: Fibonacci sequence is: 0 1 1 2 3 5 8 13 21 34 55 89 … where k is: 0 1 2 3 4 5 6 7 8 9 10 11 … Euclid(13, 89) = Euclid(89, 13%89) = Euclid(13, 89%13) = Euclid(11, 13%11) = Euclid(2, 11%2) = Euclid(1, 0) = 1. It requires 5 recursive calls. n = 13 = ≥ F6+1 where k = 6
Proof: The proof is by induction. Induction base: Suppose the call gcd(m, n) results in 1 recursive call. That means, n ≠ 0 and k = 1. Let k = 1. Since n ≥ 1 n ≥ F1+1 = F2 = 1, because F2 = F1 + F0 = 1 + 0 = 1. Since m > n, we have m ≥ 2, which means m ≥ F1+2 = F3 = 2, because F3 = F2 + F1 = 1 + 1 = 2. Since n > (m mod n), in each recursive call the first argument is strictly larger than the second; the assumption that m > n therefore holds for each recursive call.
Induction hypothesis: Assume the lemma is true if k – 1 recursive calls are made. Induction step: We need to show the lemma is true if k ≥ 2 recursive calls are made. That means we need to show m ≥ Fk+2 and n ≥ Fk+1. The first recursive call is gcd(n, m mod n). Since there are k recursive calls in all, this call must require k – 1 recursive calls. Since k ≥ 2, there is at least one more recursive call, which means m mod n ≥ 1. Therefore, since n > m mod n, the conditions of the induction hypothesis are satisfied, which means n ≥ Fk+1 and m mod n ≥ Fk. (e0.1)
So we have arrived at least one of the inequalities we need to show. Towards showing the other, we have m = q*n + m mod n, (e0.2) where q is the quotient of dividing m by n. since m > n, q ≥ 1. Inequality (e0.1) and Equality (e0.2) therefore imply m ≥ n + m mod n ≥ Fk+1+ Fk = Fk+2 . This completes the proof. QED
Note that the induction step also can be written as follows: Assume that the lemma is true if k – 1 recursive calls are made. We shall then prove that it is true for k recursive calls. Since k > 0, we have n > 0, and Euclid(m, n) calls Euclid(n, m mod n) recursively, which in turn makes k -1 recursive calls. The inductive hypothesis then implies that n ≥ Fk+1 (thus proving part of the lemma), and (m mod n) ≥Fk. We have n + (m mod n) = n + (m – └ m / n ┘ * n) ≤ m. Since m > n > 0 implies └ m / n ┘ ≥ 1. Thus, m ≥ n + (m mod n) ≥ Fk+1+ Fk = Fk+2
The following theorem is an immediate corollary of Lemma 0.1. Theorem 0.5 (Lame’s Theorem): For any integer k ≥ 1, if m > n ≥ 1 and n < Fk+1 then the call Euclid(m, n) makes fewer than k recursive calls. Example: Fibonacci sequence is: 0 1 1 2 3 5 8 13 21 34 55 89 … where k is: 0 1 2 3 4 5 6 7 8 9 10 11 … n = 13 = ≥ F6+1 where k = 6 E(21, 13) = E(13, 21mod13 = 8) = E(8, 13mod8 = 5) = E(5, 8mod5 = 3) = E(3, 5mod3 = 2) = E(2, 3mod2 = 1) = E(1, 2mod1 = 0) = 0. It needs 6 recursive calls, one less than F6+1 = F7 = 13
Theorem 0.5 (Lame’s Theorem): For any integer k ≥ 1, if m > n ≥ 1 and n < Fk+1 then the call Euclid(m, n) makes fewer than k recursive calls. Reason: when k = 1, we do not have F2 > F1 for F(2) = F(1) = 1. Therefore we begin k = 2. For the base, k = 2, the call Euclid(F3, F2) = Euclid(2, 1) = Euclid(1, 2 mod 1) makes exactly one recursive call to Euclid(1, 0). By induction, we can show, for k > 2, we have Fk > Fk-1 > 0 and Fk+1 = Fk + Fk-1 and therefore we have Fk+1 mod Fk = Fk-1 . Thus we have Euclid(Fk+1, Fk) = Euclid(Fk, Fk+1 mod Fk) = Euclid(Fk, Fk-1) Therefore the call Euclid(Fk+1, Fk) recurses one time more than the call Euclid(Fk, Fk-1), or exactly k – 1 times, assuming that Euclid(Fk, Fk-1) makes exactly k - 2 recursive calls. QED
Since Fk, where is the golden ratio , the number of recursive calls in Euclid is O(log b). Therefore if we call Euclid on two b-bit numbers, then it performs O(b) arithmetic operations and O(b3) bit operations (assuming that multiplication and division of b-bit numbers take O(b2) bit operations). • Complexity of Euclid’s algorithm: By Lame’s theorem you find a first Fibonacci number larger than n. If it is Fk+1 there are fewer than k recursive calls. Thus the number of the recursive calls in Euclid is O(log n), assuming n = 2k. • Anyway the worst-case number of recursive calls for input size m, n • isO((log m)(log n)) bit operations.
Consecutive integer checking algorithm for computing gcd(m,n) Principle: Let t = min{m, n} to be the possible common divisor for the given numbers m and n. Test whether t | m. If not reduce t by one, then test the new t = t – 1 | m. Repeat this process until the new t | m. (The new t = t – 1). Then we test whether the new t | n. If yes, then t is the common divisor of m and n. Otherwise, repeat the same process for the smaller t (at least one less than the current t) as the possible common divisor for the given number m and n.
Consecutive integer checking algorithm for computing gcd(m,n) t = min{5, 0}; r = 5 mod 0 implies that r = 5 – 0 – 0 - … - 0 operates infinitely. Step 1: t ← min{m, n}. Step 2: remainder = m mod t. If the remainder is 0, go to Step 3; Otherwise, go to Step 4. Step 3: remainder = n mod t. If the remainder of n mod t is 0, return t as the answer and stop; otherwise, proceed to Step 4. Step 4: Decrease the value of t by 1. Go to Step 2.
This algorithm does not work correctly when one of the inputs numbers is zero (why? On Step 2: r = (3, 0) = 3, then go to Step 4. t = 0 – 1 = -1. This fails to work!). • This example illustrates why it is so important to specify the range of an algorithm’s input explicitly and carefully. • Definition: An algorithm is said to be correct if, for every input instance, it halts with the correct output.
Several characteristics of Algorithms: • … • The range of inputs for which an algorithm works has to be specified carefully. [Well-specified inputs’ range] Consecutive integer checking algorithm for computing gcd(m, n) does not work correctly when one of the input numbers is zero.
Example 0.33: Find gcd(11, 3). • Let m = 11 and n = 3. • Step 1: t = min{ 11, 3} = 3. • Step 2: r = 11 mod 3 = 2 ≠ 0. • Go to Step 4 • Step 4: t = t -1; that is, t = 3 – 1 = 2. • Go to Step 2. • Step 2: r = 11 mod 2 = 1 ≠ 0. • Go to Step 4. • Step 4: t = t -1; that is, t = 2 – 1 = 1. • Go to Step 2. • Step 2: r = 11 mod 1 = 0. • Then go to step 3 • Step 3: r = n mod t; that is r = 3 mod 1 = 0; • then return t = 1 as the answer and stop.
Example 0.35: Another example for finding gcd(16, 12) • Let m = 16 and n = 12 • Step 1: t = min{16, 12}. • Step 2: r = 16 mod 12 = 4 ≠ 0. Go to Step 4. • Step 4: t = t - 1; that is, t = 12 – 1 = 11. • Go to Step 2. • Step 2: r = 16 mod 11 = 5 ≠ 0. Go to Step 4 • Step 4: t = t - 1; that is, t = 11 – 1 = 10. • Go to Step 2. • Step 2: r = 16 mod 10 = 6 ≠ 0. Go to Step 4. • Step 4: t = t - 1; that is, t = 10 – 1 = 9. • Go to Step 2. • Step 2: r = 16 mod 9 = 7 ≠ 0. Go to Step 4 • Step 4: t = t - 1; that is, t = 9 - 1 = 8. • Go to Step 2.
Step 2: r = 16 mod 8 = 0. Then go to step 3 Step 3: r = n mod t; that is r = 12 mod 8 = 4 ≠ 0. Then, Go to Step 4 {So far, what we find 16 is divisible by 8, but 12 is not divisible by 8. Therefore 8 is not a common divisor. It must be a number which is smaller than 8. So what is the smaller number such that 16 is divisible by the smaller number.} Step 4: t = t - 1; that is, t = 8 - 1 = 7. Go to Step 2.
{Second iteration} Step 2: r = 16 mod 7 = 2 ≠ 0. Go to Step 4. Step 4: t = t - 1; that is, t = 7 – 1 = 6. Go to Step 2. Step 2: r = 16 mod 6 = 4 ≠ 0. Go to Step 4 Step 4: t = t - 1; that is, t = 6 – 1 = 5. Go to Step 2. Step 2: r = 16 mod 5 = 1 ≠ 0. Go to Step 4. Step 4: t = t - 1; that is, t = 5 – 1 = 4. Go to Step 2. Step 2: r = 16 mod 4 = 0. Go to Step 3 Step 3: r = n mod t; that is r = 12 mod 4 = 0; then return t = 4 as the answer and stop.
Middle-school procedure for computing gcd(m, n) Step 1 Find the prime factors of m (Use Sieve of Eratosthenes). Step 2 Find the prime factors of n (Use Sieve of Eratosthenes). Step 3 Identify all the common factors in the two prime expansion found in Step 1 and Step 2. (If p is a common factor occurring pm and pn times in m and n, respectively, it(the gcd) should be repeated min{pm, pn} times.) Step 4 Compute the product of all the common factors and return it as the greatest common divisor of the numbers given.