Skip to main content

Modular Inverse & Extended Euclidean Algorithm

For integers aa and mm:

  • The modular inverse of aa modulo mm is an integer xx such that:
ax1(modm)a \cdot x \equiv 1 \pmod{m}

  • This means when you multiply aa by xx, divide by mm, the remainder is 1.

  • Not all numbers have inverses. aa has an inverse modulo mm only if gcd(a,m)=1\gcd(a, m) = 1 (they are coprime).

Example

Find the inverse of 3(mod7)3 \pmod{7}:

We need 3x1(mod7)3 \cdot x \equiv 1 \pmod{7}.

Try values of xx:

  • 3×5=151(mod7)3 \times 5 = 15 \equiv 1 \pmod{7}

So the inverse is:

315(mod7)3^{-1} \equiv 5 \pmod{7}

Extended Euclidean algorithm

The Euclidean Algorithm finds the greatest common divisor (gcd) of two integers aa and bb:

gcd(a,b)\gcd(a, b)

It repeatedly divides and takes remainders until the remainder is 0.

The Extended Euclidean Algorithm goes further: it finds integers x,yx, y such that:

ax+by=gcd(a,b)a \cdot x + b \cdot y = \gcd(a, b)

These integers xx and yy are called Bezout coefficients.

👉 When gcd(a,m)=1\gcd(a, m) = 1, the coefficient xx is the modular inverse of a(modm)a \pmod{m}.

2. Algorithm (Step-by-Step)

Given aa and bb:

  1. Perform Euclidean Algorithm (repeated division):

    a=qb+ra = q \cdot b + r

    Keep track of quotients and remainders.

  2. Work backwards (substitution) to express gcd as a combination of aa and bb.

  3. The coefficient in front of aa is its modular inverse (mod bb), if gcd = 1.

3. Example: Find inverse of 3(mod7)3 \pmod{7}

We want xx such that:

3x1(mod7)3x \equiv 1 \pmod{7}

That means solve:

3x+7y=13x + 7y = 1

Step 1: Euclidean Algorithm

7=23+17 = 2 \cdot 3 + 1 3=31+03 = 3 \cdot 1 + 0

So gcd(3,7)=1\gcd(3, 7) = 1.

Step 2: Work backwards

From first step:

1=7231 = 7 - 2 \cdot 3

So:

1=(2)3+171 = (-2) \cdot 3 + 1 \cdot 7

Here:

  • x=2x = -2
  • y=1y = 1

Step 3: Modular inverse

So:

3(2)+7(1)=13 \cdot (-2) + 7 \cdot (1) = 1

2-2 is the coefficient of 33. Modulo 7:

25(mod7)-2 \equiv 5 \pmod{7}

✅ Therefore, the inverse is:

315(mod7)3^{-1} \equiv 5 \pmod{7}

4. General Algorithm (Compact Form)

function extended_gcd(a, b):
    if b == 0:
        return (a, 1, 0)   # gcd, x, y
    gcd, x1, y1 = extended_gcd(b, a mod b)
    x = y1
    y = x1 - (a // b) * y1
    return (gcd, x, y)

If gcd = 1, then x is the modular inverse of a mod b.

Do you want me to also draw a tree-style diagram that shows how the substitutions work step by step (kind of like a flowchart), so it’s easier to see the backward substitution?