Definition. Let G be a group and a be any element in G (a ∈ G). Then, the set ⟨a⟩={aⁿ | n ∈ Z} is a subgroup of G. We call it the cyclic subgroup generated by a.

The order of a is the number of elements in ⟨a⟩, that is, the order of the cyclic subgroup that it generates. For a finite cyclic group G of order n we have ⟨a⟩ = {e, a, a²,…, a^n-1}, where e is the identity element, aⁱ=a^j whenever i≡j (mod n); in particular aⁿ = a⁰ = e, and a^-1 = a^n-1. In other words, the order of a is the smallest positive integer n such that aⁿ = e. If no such positive integer exists, we say that g has infinite order.

Example. In ℤ₆, |0| = 1, |1| = |5| = 6, |2| = 3, |3| = 2, |4| = 3.

Besides, it is the smallest subgroup of G that contains a.

Proof.

a⁰ = e, so the identity is in ⟨a⟩.
If g and h ∈ ⟨a⟩ ⇒ g = a^m, h = aⁿ for some m, n ∈ Z ⇒ gh = a^m+n, g^-1 = a^-n where m+n and -n are obviously integers, so gh and g^-1∈ ⟨a⟩.

Futhermore, any subgroup H of G containing a, must also contain all the power of a by group closure, and therefore ⟨a⟩ is the smallest subgroup of G that contains a.

We can go more into details. Let H ≤ G, Case base: 1 = g⁰ ∈ H. Suppose aⁿ ∈ H (H subgroup is closed) ⇒ a^-1, a^-n = (aⁿ)^-1 ∈ H ⇒ [H is closed under multiplication] aⁿ⁺¹ = aaⁿ, a^-(n+1)=a^-n-1=a^-1a^-n∈ H

In particular if g₁, g₂ ….g_r ∈ G, ⟨g₁, g₂,…, g_r⟩ = ⟨{g₁, g₂,…, g_r}⟩ is the subgroup generated by g₁, g₂,…, and g_r.

Examples.

2Z and 3Z are both infinite cyclic groups generated by 2 and 3 respectively. Futhermore, ⟨4, 2⟩ = ⟨2⟩ = 2ℤ = {2n | n ∈ ℤ} = {…, -2, 0, 2, 4, 6, ···} ≤ ℚ.
Let (ℤ, +), n ∈ ℤ, nℤ = {r·n | r ∈ ℤ} = ⟨n⟩ = ⟨-n⟩ is a cyclic subgroup of ℤ for all integers n.
Notation: a+b is used instead of a·b, 0 instead of e, -a instead of a^-1, na instead of aⁿ.
Consider (ℚ^*, ·), let H be the set of all powers of 2, H = {2ⁿ | n ∈ ℤ} = {···, 1/2, 1, 2, 4, 8,···}. H = ⟨2⟩ ≤ ℚ^*

Definition. Let G be a group. A cyclic group G is a group that can be generated by a single element a. More formally, G is cyclic if there exists at least an element a ∈ G: G = ⟨a⟩ = {aⁿ | n ∈ ℤ} We call such an element a generator of G.

Examples.

(ℤ, +) is cyclic. It is generated by 1 and -1, ⟨1⟩ =⟨-1⟩ = ℤ. Therefore, ℤ is an infinite cyclic group with two generators, 1 and -1.
ℤ_n = {[0], [1], …, [n-1]} is also cyclic. It is generated by [1]. Consider ℤ_n under addition. Then, mℤ_n = ⟨m⟩ = {km | k ∈ ℤ_n} is a cyclic subgroup of ℤ_n for all congruence classes m. 1 and n-1 are always generators, but there can be more. ℤ_n = 1ℤ_n = ⟨1⟩ = ⟨n-1⟩.
Abusing notation, we refer m instead of [m], that is, just using the representatives of their equivalent classes.
In ℤ₆=$\frac{ℤ}{6ℤ}$, ⟨0⟩ = {0}, ⟨1⟩ = ⟨5⟩ = $\frac{ℤ}{6ℤ}$. ⟨2⟩ = ⟨4⟩ = {0, 2, 4} and ⟨3⟩ = {0, 3} are nontrivial proper subgroups of $\frac{ℤ}{6ℤ}$. To sum up, 2ℤ₆ = {0, 2, 4} = ⟨2⟩ = ⟨4⟩ ≤ ℤ₆.
ℤ₅ = ⟨1⟩ = ⟨2⟩ = ⟨3⟩ = ⟨4⟩. Every number is a generator except the identity. The generators are all the elements of ℤ_n which are coprime p to n.

Proof.

Let p ∈ ℤ_n p coprime to n ⇒ [By the Euclidean Algorithm] 1 = ap + bn ⇒ ap ≡ 1 (mod n) ⇒ [ap ∈ ⟨p⟩] 1 ∈ ⟨p⟩ ⇒ ℤ_n = ⟨p⟩∎

The multiplicative group of integers modulo n U₁₀ = {1, 3, 7, 9} (Figure 1.a.) is a cyclic group, 3 and 7 are generators. U₁₀ = {3⁰, 3¹, 3³, 3²} = ⟨3⟩ = ⟨7⟩. U₉ = {1, 2, 4, 5, 7, 8} is cyclic of order 6 generated by the element 2. U₉ = ⟨2⟩ = {2⁰ = 1, 2¹ = 2, 2² = 4, 2³ = 8, 2⁴ = 16 ≡₉ 7, 2⁵ = 32 ≡₉ 5} and 2⁶ = 64 ≡₉ 1. U₁₄ = {1, 3, 5, 9, 11, 13} = ⟨3⟩ = ⟨5⟩. U₁₇ = {1, 2, 3, 4, 5, . . . , 16} is cyclic of order 16 generated by the element 3.

U₈ = {1, 3, 5, 7}. Observe that 3² ≡₈ 1, 5² ≡₈ 1, 7² ≡₈ 1, and therefore ⟨1⟩ = {1}, ⟨3⟩ = {1, 3}, ⟨5⟩ = {1, 5}, ⟨7⟩ = {1, 7}, U₈ is not a cyclic group, U₈ ≠ ⟨a⟩ for any a ∈ U₈. There is no element of order 4.

Properties of Cyclic Groups

Theorem. Let G be a group, a ∈ G. If a has infinite order, then aⁱ=a^j iff (if and only if) i=j. If a has finite order n, then ⟨a⟩ = {e, a, a²,..., a^n-1} and aⁱ=a^j iff (if and only if) n|(i-j), n divides i-j.

Proof.

If a has infinite order ⇒ there is no such a number, n ∈ ℕ, n > 0: aⁿ = e. Therefore, aⁱ = a^j ⇒ i = j.

Let’s assume that |a| = n, we are going to prove that ⟨a⟩ = {e, a, a²,…, a^n-1}. Certainly, e, a, a²,…, a^n-1 are in ⟨a⟩. Suppose that a^k ∈ ⟨a⟩ ⇒ ∃q, r ∈ ℤ: k = qn + r, 0 ≤ r < n ⇒ a^k=a^qna^r = (aⁿ)^qa^r = e^qa^r = ea^r = a^r ∈ {e, a, a²,…, a^n-1}, 0 ≤ r < n.

Next, let’s assume aⁱ = a^j ⇒ a^i-j = e ⇒ i - j = qn + r, 0 ≤ r < n ⇒ a^i-j = (aⁿ)^qa^r = ea^r = a^r = e, 0 ≤ r < n ⇒ Since, by definition, n is the least positive integer such that aⁿ is the identity, r = 0 ⇒ i - j = qn ⇒ n divides i-j.

Conversely, if i - j = nq ⇒ a^i-j = a^nq = (aⁿ)^q = e^q = e ⇒ aⁱ = a^j.

Example: ℤ₂₀ = {1, 2, 3,…, 19}. ⟨5⟩ = {5, 10, 15, 0}, |⟨5⟩|=4, so by this theorem 5ⁱ = 5^j iff 4|(i-j).

0 = 5⁰ = 5⁴ = 5⁸…
5 = 5¹ = 5⁵ = 5⁹…
10 = 5² = 5⁶ = 5¹⁰…
15 = 5³ = 5⁷ = 5¹¹…

Corollary. For any group element a, the order of a is equal to the order of the cyclic subgroup generated by a, i.e., |a| = |⟨a⟩|.

Theorem. Let G = ⟨a⟩ be a cyclic group. If a has finite order n, then so does G and |G| = n. Futhermore, if b ∈ G and |b| = n, then h is a generator for G.

Proof. Since a has cyclic order, ⟨a⟩ = {e, a, a²,···, a^n-1} = G and all these elements are distinct because if a^k = a^l, let’s assume k > l ⇒ [G is a group, there are inverses] a^ka^-l = e ⇒ a^k-l = e ⇒ k-l>0 ⊥ (it contradicts |a| = n). Therefore, |G| = n.

If b ∈ G, |b| = n, by similar reasoning ⟨b⟩ = {e, b, b², …, b^n-1} and all distinct elements and therefore G = ⟨b⟩, b is a generator.

Theorem. Let G be a group with a ∈ G. Then, a^m = e iff |a| | m. In particular, if b = a^m,, then the order of b divides the order of a.

Proof.

Let |a| = n. By the division algorithm, ∃q, r ∈ ℤ: m = qn + r and 0 ≤ r < n. a^r = a^m-qn = a^m(aⁿ)^-q = a^m. Then, a^m = e ↭ a^r = e ↭ [0 ≤ r < n, |a|=n, so by the minimality of n] r = 0 ↭ m = qn

In particular, bⁿ = [b = a^m] (a^m)ⁿ = (aⁿ)^m = e^m = e ⇒ [By the previous statement] |b| | n = |a|∎

The idea behind these results is that multiplication in ⟨a⟩ is essentially done by addition modulo n that is, if (i+j) mod n = k, then aⁱa^j = a^k. In other words, in the finite case, it works as addition in ℤ_n. Otherwise, if a has infinite order, multiplication in ⟨a⟩ is essentially done by addition. It works as addition in ℤ, that is, no modular arithmetic is needed.

Theorem: Every cyclic group is Abelian.

Proof: If g and h ∈ ⟨a⟩ ⇒ g = a^m, h = aⁿ for some m, n ∈ Z ⇒ gh = a^m+n = a^n+m = aⁿa^m = hg.

Theorem. Every subgroup of a cyclic group is cyclic.

Proof. Let G be cyclic, there exists at least an element a ∈ G: ⟨a⟩ = G. Suppose that H is a subgroup of G.

If H = {e} ⇒ H = ⟨e⟩, and H is cyclic.

If H ≠ {e} ⇒ ∃g ∈ H: g ≠ e, g = aⁿ. Let m be the smallest natural number such that h = a^m ∈ H [Well-ordering principle. It states that every non-empty set of positive integers contains a least element.]

Let’s prove that H = ⟨h⟩ = ⟨a^m⟩. Let be h’ an element of H, h ∈ H ⇒ h’ = a^k.

By the division algorithm, ∃q, r: k = mq + r where 0 ≤ r < m ⇒ a^k = a^mq+r = a^mqa^r = (a^m)^qa^r = h^qa^r ⇒ a^r = a^kh^-q ∈ H [a^k and h^-q∈ H], but r < m, and h = a^m is the smallest element in H ⇒ r = 0 ⇒ k = mq, h’ = a^k = a^mq = h^q, and therefore it is generated by h.

Theorem. Let G be a cyclic group of finite order, G = ⟨g⟩. Then, G has exactly one subgroup of order d for each d | |G|

Proof

Let |G| = n. By assumption d | n, let h = g^n/d. It is obvious that h^d = (g^n/d)^d = gⁿ = e.

If a ∈ ℤ, 1 ≤ a < d ⇒ [a < d ⇒ an/d < dn/d] 1 ≤ an/d < n. Thus, h^a = g^na/d ≠ e because an/d < n and no power less than n can get g to the identity. Then, d is the smaller power that can get h to the identity |h| = d ⇒ |⟨h⟩| = d. So there is at least one such subgroup.

Let’s prove uniqueness. Let k ∈ G: |k| = d. G is cyclic so ∃m: k = g^m. g^dm = (g^m)^d = k^d = e ⇒ [g^a =e ↭ |g| | a] n | dm ⇒ ∃l ∈ ℤ: nl = dm ⇒ (n/d)l = m ⇒ k = g^m = (g^n/d)^l = h^l ∈ ⟨h⟩ ⇒ ⟨k⟩ ⊆ ⟨h⟩, but these are two finite sets with the same order, so they are the same set.

Corollary. The subgroups of ℤ are exactly nℤ and the subgroups of ℤ_n are exactly mℤ_n.

Proof.

(ℤ, +) is an infinite cyclic group. nℤ = {nk | k ∈ ℤ} are all cyclic subgroups of ℤ by definition, but we have demonstrated that being ℤ cyclic, then all its subgroups are necessarily cyclic ⇒ These are exactly all the subgroups of ℤ, there are no other subgroups left.

By similar reasoning, ℤ_n is a cyclic finite group, all their cyclic groups are mℤ_n = {mk | k ∈ ℤ_n} by definition, and as was reasoned before, their only subgroups are cyclic subgroups, so the subgroups of ℤ_n are exactly mℤ_n.

Theorem. Let G be a cyclic group of order n, G = ⟨a⟩. Then a^k = e iff (if and only if) n divides k.

Proof.

Let’s suppose that a^k = e. By the division algorithm, k = nq +r, where 0 ≤ r < n ⇒ a^k = a^nq+r = a^nqa^r ⇒ [a^k = e, a^nq=a⁰=e because nq≡0 (mod n)] e = a^r ⇒ r = 0 because r < n and n is the smallest integer m such that a^m = e.

Conversely, let’s suppose n divides k ⇒ k = ns for some integer s ⇒ a^k = a^ns = a⁰ = e because ns≡0 (mod n).

Exercise: Suppose G is cyclic, a ∈ G, a is an element of order n, and a²⁴=e. What are the possibilities of n?

a²⁴=e ⇒ k = 24 ⇒ n|24 ⇒ n needs to be 1, 2, 3, 4, 6, 8, 12 or 24.

Theorem. Let G be a cyclic group of order n and generated by a, G = ⟨a⟩. ⟨a^k⟩=⟨a^gcd(n,k)⟩ and |⟨a^k⟩| = $\frac{n}{gcd(n,k)}.$

Proof. We need to know the smallest integer m such that e = b^m = a^km. By the previous theorem, this is the smallest integer m such that n divides km or n/d divides m(k/d). d = gcd(k, n), and therefore n/d and k/d are coprimes, so m needs to be n/d.

Example. Suppose |a|=24 and k=10. ⟨a^k⟩=⟨a^gcd(n,k)⟩ = ⟨a¹⁰⟩=⟨a^{gcd(24, 10)}⟩ = ⟨a²⟩ = {a², a⁴, a⁶, … a²², a⁰} and |⟨a¹⁰⟩| = $\frac{24}{gcd(24,10)}=\frac{24}{2}=12.$

Corollaries:

In a finite cyclic group, the order of an element divides the order of the group. Example: U₁₄ = {1, 3, 5, 9, 11, 13}, |U₁₄| = 6, so the order of their elements are 1, 2, 3, and 6. |⟨1⟩|=1, |⟨3⟩|=6, |⟨5⟩|=6, |⟨9⟩|=3, |⟨11⟩|=3, |⟨13⟩|=2
Let |a| = n. Then ⟨aⁱ⟩=⟨a^j⟩ iff gcd(n, i) = gcd(n, j) and |aⁱ| = |a^j| iff gcd(n, i) = gcd(n, j). Example: Let a ∈ G, |a|=15. Compute the orders of a⁶ and a⁸. |a⁶|= $\frac{15}{gcd(15, 6)}=\frac{15}{3}=5$. |a⁸|= $\frac{15}{gcd(15, 8)}=\frac{15}{1}=15$.
Let |a|=n. Then ⟨a⟩=⟨a^j⟩ iff gcd(n, j) = 1 and |a| = |a^j| iff gcd(n, j) = 1. Example: Let ⟨5⟩ = U₁₄ = {1, 3, 5, 9, 11, 13}, |U₁₄| = 6. Which other element generates U₁₄? gcd(6, j) = 1 ⇒ j = 1 (⟨5¹⟩ = ⟨5⟩ = U₁₄) and j = 5 (⟨5⁵⟩= ⟨3⟩ = U₁₄).
An integer k ∈ ℤ_n is a generator of ℤ_n iff gcd(n, k) = 1.

As a result, the generators of ℤ_n are the integers r such that n/d = n, d = gcd(r, n) = 1. In other words, the generators of ℤ_n are the integers r that are relatively prime to n. Example: 1 and 3 are generators of ℤ₄, 1 and 5 are generators of Z₆, and 1, 5, 7, and 11 are the generators of ℤ₁₂. In ℤ₁₂, |⟨2⟩|= 12/gcd(12, 2)= 6, ⟨2⟩ = {0, 2, 4, 6, 8, 10}; |⟨3⟩|= 12/gcd(12, 3)= 4, ⟨3⟩ = {0, 3, 6, 9}; |⟨4⟩|= 12/gcd(12, 4)= 3, ⟨4⟩ = {0, 4, 8}; |⟨6⟩|= 12/gcd(12, 6)= 2, ⟨6⟩ = {0, 6}; |⟨9⟩|= 12/gcd(12, 9)= 12/3 = 4, ⟨3⟩ = ⟨9⟩ = {0, 3, 6, 9}.

Theorem. Let G be a cyclic group with generator a. If the order of G is infinite, then G is isomorphic to (ℤ, +). Otherwise, G is isomorphic to (ℤ_n, +_n)

Proof.

If the order of G is infinite, ∀m ∈ ℤ, m > 0, a^m ≠ e. We claim that ∀h, k ∈ ℤ, a^h ≠ a^k. Suppose a^h = a^k and h > k ⇒ a^ha^-k = a^h-k = e contrary to our assumption. Therefore, ∀g ∈ G, g = a^m for a unique m ∈ ℤ.

The map Φ: G → ℤ, Φ(a^m)=m is well defined, one to one, and obviously onto ℤ.

Let’s suppose the order of G is finite. a^m= e m ∈ ℤ, m > 0. Let n be the smallest positive integer such that aⁿ = e. The map Φ: G → ℤⁿ, given by Φ(aⁱ)=i, for i=0, 1, 2,…n-1 is well-defined, one to one, and onto ℤ_n.

We claim that a⁰ (e), a, a², a³,… a^n-1 are all distinct and comprise all elements of G.

s = nq + r, 0 ≤ r < n, a^s = a^nqa^r = (aⁿ)^qa^r =e^qa^r = a^r, a^r-s = e. If 0 < s < r < n, a^r-s = e and 0 < r-s < n so it contradicts our choice of n, and therefore a⁰ (e), a, a², a³,… a^n-1 are all distinct.

aⁿ = e ⇒ aⁱa^j = a^k where k = i +_n j ⇒ Φ(aⁱa^j) = i +_n j = Φ(aⁱ) + Φ(a^j).

Classification of subgroups of cyclic groups

Fundamental Theorem of Cyclic Groups. Every subgroup of a cyclic group is cyclic. If ⟨a⟩=n, then the order of any subgroup of ⟨a⟩ is a divisor of n. For each positive divisor k of n, the group ⟨a⟩ has exactly one subgroup of order k, namely, ⟨a^n/k⟩

Example. Suppose G = ⟨a⟩ and |G|=20. List the subgroups G and their orders.

Orders of subgroups of G: 1, 2, 4, 5, 10, and 20.

Order 1: ⟨a^n/k⟩ = ⟨a^20/1⟩ = ⟨a²⁰⟩ = {e}.
Order 2: ⟨a^n/k⟩ = ⟨a^20/2⟩ = ⟨a¹⁰⟩ = {a¹⁰, e}.
Order 4: ⟨a^n/k⟩ = ⟨a^20/4⟩ = ⟨a⁵⟩ = {a⁵, a¹⁰, a¹⁵, e}.
Order 5: ⟨a^n/k⟩ = ⟨a^20/5⟩ = ⟨a⁴⟩ = {a⁴, a⁸, a¹², a¹⁶, e}.
Order 10: ⟨a^n/k⟩ = ⟨a^20/10⟩ = ⟨a²⟩ = {a², a⁴, a⁶, a⁸,… e}.
Order 20: ⟨a^n/k⟩ = ⟨a^20/20⟩ = ⟨a⟩ = G.

Corollary. For each positive divisor k of n, the set ⟨n/k⟩ is the unique subgroup of ℤ_n of order k.

Example: ℤ₂₄. Order of subgroups are: 1, 2, 3, 4, 6, 8, 12, and 24. Let’s list all generators for the subgroup of order 8.

⟨n/k⟩ is the unique subgroup of ℤ_n of order k. ⟨24/8⟩=⟨3⟩ is the unique subgroup of ℤ₂₄ of order 8. 3 is obviously a generator, but it does not need to be the only one. ⟨3⟩=⟨3j⟩, 3j is a generator of a group of order 8 of ℤ₂₄ where 24/gcd(8, j) = 24, that is, gcd(8, j) = 1, so 3 (j=1), 9(j=3), 15(j=5), 21(j=7). ⟨3⟩=⟨9⟩=⟨15⟩=⟨21⟩ = {3, 6, 9, 12, 15, 18, 21, e}. There are four generators for the unique subgroup of ℤ₂₄ of order 8.

Let Φ(1) = 1 and for any n ∈ ℤ, n > 1, let Φ(n) denote the number of positive integers less than n and relative prime to n, Φ is the Euler phi function, that is, U_n = Φ(n). If d is a positive divisor of n, the number of elements of order d in a cyclic group of order n is Φ(d).

Example. In ℤ₂₄, the number of elements of order 8, Φ(8) = 4. They are ⟨3⟩=⟨9⟩=⟨15⟩=⟨21⟩ = {3, 6, 9, 12, 15, 18, 21, e}.

Theorem. Let G be cyclic, G = ⟨a⟩, |⟨a⟩|=n, then the order of any subgroup H is a divisor of n. Futhermore, for each positive divisor k of n, G has exactly one subgroup of order k, that is, ⟨a^ⁿ⁄k⟩.

Proof. G = ⟨a⟩, |⟨a⟩|=n, H subgroup. Previously, we have already demonstrated that H = ⟨h⟩ = ⟨a^m⟩ and m is the smallest natural number such that h = a^m ∈ H.

Let h’ = e = aⁿ (|⟨a⟩|=n). By the division algorithm, ∃q, r: n = mq + r where 0 ≤ r < m ⇒ aⁿ = a^mq+r = a^mqa^r = (a^m)^qa^r = h^qa^r ⇒ a^r = aⁿh^-q ∈ H [a^k and h^-q∈ H], but r < m, and h = a^m is the smallest element in H ⇒ r = 0 ⇒ n = mq, m is a divisor of n.

Let k be any divisor of n. Let’s prove that ⟨a^ⁿ⁄k⟩ is the only subgroup of order k. First, we know that ⟨a^ⁿ⁄k⟩ has order $\frac{n}{d}$ where d = gcd(n/k, n) = k [k is a divisor of n, n = qk, gcd(q, qk) = q = n/k], so ⟨a^ⁿ⁄k⟩ has order $\frac{n}{\frac{n}{k}}=k.$

Let H be any subgroup of order k. We have already demonstrated that H = ⟨a^m⟩ and m is a divisor of n ⇒ m = gcd(n, m) ⇒ k = |a^m|= |a^gcd(n,m)|=$\frac{n}{gcd(n, m)}= \frac{n}{m}$. Therefore, m=n/k and H = ⟨a^n/k⟩

The Method of Repeated Squares

What is 5⁷ mod 21 or 271³²¹ (mod 481)?

The first step is to write the exponent in binary. Of course, every number a can be written as the sum of distinct power of 2, a = 2^k₁ + 2^k₂ + … + 2^k_n, e.g., 7₁₀ = 111₂ and 321₁₀= 101000001₂.

The laws of exponents still work in ℤ_n [b≡a^x (mod n), c≡a^y (mod n) ⇒ bc≡a^x+y (mod n),] so we can calculate a^{2^k} (mod n) in k multiplications by computing a^2⁰ (mod n), a^2¹ (mod n), …, a^{2^k} (mod n)

5⁷ mod 21 ≡ 5⁴⁺²⁺¹ mod 21

5¹ = 5 mod 21 = 5
5² = 25 ≡ 4 mod 21
5⁴ = (5²)² ≡ [It’s time to use the previous one] 4² ≡ 16 mod 21.

Finally, let’s combine our partial results, 5⁷ mod 21 ≡ 5⁴⁺²⁺¹ mod 21 ≡ 16·4·5 mod 21 ≡ 320 mod 21 ≡ 5 mod 21.

Analogously, but we will need a little more extra effort, 271^{2⁰+2⁶+2⁸} ≡ 271^2⁰· 271^2⁶· 271^2⁸ (mod 481)

271^2⁰ ≡ 271 (mod 481)
271^2¹ ≡ 73441 (mod 481) ≡ 329 (mod 481)
271^2² ≡ [Using the previous result] 329² ≡ 108241 ≡ 16 (mod 481).
271^2³ ≡ 16² ≡ 256 (mod 481).
271^2⁴ ≡ 256² ≡ 120 (mod 481).
271^2⁵ ≡ 120² ≡ 451 (mod 481).
271^2⁶ ≡ 451² ≡ 419 (mod 481).
271^2⁷ ≡ 419² ≡ 477 (mod 481).
271^2⁸ ≡ 477² ≡ 16 (mod 481).

Finally, let’s combine our partial results, 271^{2⁰+2⁶+2⁸} ≡ 271^2⁰· 271^2⁶· 271^2⁸ (mod 481) ≡ 271·419·16 ≡ 47 (mod 481).

Cyclic Groups

Properties of Cyclic Groups

Classification of subgroups of cyclic groups

The Method of Repeated Squares

Related Posts