The Structure of $(\mathbb{Z}/p\mathbb{Z})^* = \{1,2,\ldots, p-1\}$

In this section, we prove that the group $(\mathbb{Z}/p\mathbb{Z})^*$ is cylic.

Definition 2.1   A primitive root modulo $p$ is an element of $(\mathbb{Z}/p\mathbb{Z})^*$ of order $p-1$.

Question: For which primes $p$ is there a primitive root? (Ans. Every prime.)

Lemma 2.2   Suppose $a,b\in(\mathbb{Z}/n\mathbb{Z})^*$ have orders $r$ and $s$, respectively, and that $\gcd(r,s)=1$. Then $ab$ has order $rs$.

This is a general fact about commuting elements of a group.

Proof. Since $(ab)^{rs} = a^{rs}b^{rs}=1,$ the order of $ab$ is a divisor $r_1 s_1$ of $rs$, where $r_1\mid r$ and $s_1\mid s$. Thus

$$a^{r_1 s_1}b^{r_1 s_1} = (ab)^{r_1 s_1} = 1.$$

Raise both sides to the power $r_2$, where $r_1 r_2 = r$. Then

$$a^{r_1 r_2 s_1} b^{r_1 r_2 s_1} = 1,$$

so, since $a^{r_1 r_2 s_1} = (a^{r_1 r_2})^{s_1} = 1$,

$$b^{r_1 r_2 s_1} = 1.$$

This implies that $s\mid r_1 r_2 s_1$, and, since $\gcd(s,r_1 r_2)=1$, it follows that $s=s_1$. A similar argument shows that $r=r_1$, so the order of $ab$ is $rs$. $\qedsymbol$

Theorem 2.3   For every prime $p$ there is a primitive root mod $p$. In other words, the group $(\mathbb{Z}/p\mathbb{Z})^*$ is a cyclic group of order $p-1$.

Proof. Write

$$p-1 = q_1^{n_1}q_2^{n_2}\cdots q_r^{n_r}$$

as a product of distinct primes $q_i$.

By Proposition 1.2, the polynomial $x^{q_i^{n_i}}-1$ has exactly $q_i^{n_i}$ roots, and the polynomial $x^{q_i^{n_i-1}}-1$ has exactly $q_i^{n_i-1}$ roots. Thus there is an $a_i\in\mathbb{Z}/p\mathbb{Z}$ such that $a_i^{q_i^{n_i}}=1$ but $a_i^{q_i^{n_i-1}}\neq 1$. This $a_i$ has order $q_i^{n_i}$. For each $i=1,\ldots, r$, choose such an $a_i$. By repeated application of Lemma 2.2, we see that

$$a = a_1 a_2 \cdots a_r$$

has order $q_1^{n_1}\cdots q_r^{n_r} = p-1$, so $a$ is a primitive root. $\qedsymbol$

Remark 2.4   There are $\varphi (p-1)$ primitive roots modulo $p$, since there are $q_i^{n_i} - q_i^{n_i-1}$ ways to choose $a_i$. To see this, we check that two distinct choices of sequence $a_1,\ldots, a_r$ define two different primitive roots. Suppose that

$$a_1 a_2 \cdots a_r = a'_1 a'_2 \cdots a'_r,$$

with $a_i$, $a'_i$ of order $q_i^{n_i}$, for $i=1,\ldots, r$. Upon raising both sides of this equality to the power $s = q_2^{n_2}\cdots q_r^{n_r}$, we see that $a_1^s = a_1'^s$. Since $\gcd(s,q_1^{n_1})=1$, there exists $t$ such that $st\equiv 1\pmod{q_1^{n_1}}$. It follows that

$$a_1 = (a_1^s)^t = (a_1'^s)^t = a'_1.$$

Upon canceling $a_1$ from both sides, we see that $a_2 \cdots a_r = a'_2 \cdots a'_r$; by repeating the above argument, we see that $a_i = a'_i$ for all $i$. Thus, different choices of the $a_i$ must lead to different primitive roots; in other words, if the primitive roots are the same, then the $a_i$ were the same.

For example, there are $\varphi (16)=2^4-2^4=8$ primitive roots mod $17$:

? for(n=1,16,if(znorder(Mod(n,17))==16,print1(n," ")))
3 5 6 7 10 11 12 14

Example 2.5   In this example, we illustrate the proof of Theorem 2.3 when $p=13$. We have

$$p-1 = 12 = 2^2\cdot 3.$$

The polynomial $x^4 - 1$ has roots $\{1,5,8,12\}$ and $x^2-1$ has roots $\{1,12\}$, so we take $a_1=5$. The polynomial $x^3-1$ has roots $\{1,3,9\}$, so set $a_2=3$. Finally, $a=5\cdot 3=15=2$. Note that the successive powers of $2$ are

$$2,\, 4,\, 8,\, 3,\, 6,\, 12,\, 11,\, 9,\, 5,\, 10,\, 7,\, 1,$$

so $2$ really does have order $12$.

Example 2.6   The result is false if, e.g., $p$ is replaced by a big power of $2$. The elements of $(\mathbb{Z}/8\mathbb{Z})^*$ all have order dividing $2$, but $\varphi (8)=4$.

Theorem 2.7   Let $p^n$ be a power of an odd prime. Then there is an element of $(\mathbb{Z}/p^n\mathbb{Z})^*$ of order $\varphi (p^n)$. Thus $(\mathbb{Z}/p^n\mathbb{Z})^*$ is cyclic.

I will not prove Theorem 2.7 in class. I will probably put a problem on your next homework set that will guide you to a proof.