Folioby Interconnected
Log InSign Up

The Greatest Common Divisor and the Euclidean Algorithm — Algebraic Foundations of an Algorithm

We give rigorous definitions and properties of gcd and lcm, then prove the correctness and O(log min(a,b)) complexity of the Euclidean algorithm. We establish Bezout's identity, develop the extended Euclidean algorithm, and systematically solve linear congruences ax = b (mod n).

FO
Folio Official
March 1, 2026

1 Greatest Common Divisor and Least Common Multiple

Definition 1 (Greatest common divisor).
For integers a,b, not both zero, the greatest common divisor of a and b is the largest positive integer d satisfying d∣a and d∣b. We write d=gcd(a,b). When gcd(a,b)=1, we say a and b are coprime.
Definition 2 (Least common multiple).
For positive integers a,b, the least common multiple is the smallest positive integer m satisfying a∣m and b∣m. We write m=lcm(a,b).
Theorem 3.
For positive integers a,b, we have gcd(a,b)⋅lcm(a,b)=ab.
Proof.
Set d=gcd(a,b) and write a=da′, b=db′ with gcd(a′,b′)=1. It suffices to show that lcm(a,b)=da′b′. Clearly a∣da′b′ and b∣da′b′. Now let m be any positive integer with a∣m and b∣m. Write m=da′k. Then db′∣da′k, so b′∣a′k. Since gcd(a′,b′)=1, we obtain b′∣k, and therefore da′b′∣m. Hence lcm(a,b)=da′b′=ab/d. □

2 The Euclidean Algorithm

Theorem 4 (Correctness of the Euclidean algorithm).
For positive integers a≥b, write a=bq+r with 0≤r<b by the division algorithm. Then gcd(a,b)=gcd(b,r).
Proof.
If d∣a and d∣b, then d∣(a−bq)=d∣r. Conversely, if d∣b and d∣r, then d∣(bq+r)=d∣a. Thus the sets of common divisors of {a,b} and {b,r} coincide, and in particular their maxima agree. □
Remark 5.
Applying this theorem repeatedly yields gcd(a,b)=gcd(b,r1​)=gcd(r1​,r2​)=⋯, with the remainders strictly decreasing until we reach gcd(rk−1​,0)=rk−1​. This is the Euclidean algorithm.
Theorem 6 (Complexity).
The Euclidean algorithm terminates in O(logmin(a,b)) iterations.
Proof.
In the step a=bq+r, we have r<b; in fact, one can show r≤a/2. If b≤a/2, then r<b≤a/2. If b>a/2, then q=1 and r=a−b<a/2. Therefore the remainder is at least halved every two iterations, giving O(logmin(a,b)) total steps. □

3 Bézout's Identity

Theorem 7 (B\'ezout's identity).
For integers a,b, not both zero, there exist integers x,y such that ax+by=gcd(a,b).
Proof.
Consider the set S={ax+by∣x,y∈Z,ax+by>0}. Since S=∅ (for instance, a2+b2>0 belongs to S for a suitable combination), the well-ordering principle furnishes a least element d=ax0​+by0​. We claim d∣a. By the division algorithm, a=dq+r with 0≤r<d. Then r=a−dq=a(1−qx0​)+b(−qy0​) lies in S∪{0}. Since r<d and d is the least element of S, we must have r=0, so d∣a. Similarly d∣b, so d is a common divisor. Conversely, if c∣a and c∣b, then c∣d, which forces d=gcd(a,b). □

4 The Extended Euclidean Algorithm

The extended Euclidean algorithm computes, alongside gcd(a,b), the Béx,y satisfying ax+by=gcd(a,b).

Example 8.
Compute gcd(252,198): 252=1⋅198+54, 198=3⋅54+36, 54=1⋅36+18, 36=2⋅18+0. Hence gcd(252,198)=18. Back-substituting: 18=54−1⋅36=54−1⋅(198−3⋅54)=4⋅54−198=4(252−198)−198=4⋅252−5⋅198.

5 Solving Linear Congruences

Theorem 9.
The congruence ax≡b(modn) has a solution if and only if gcd(a,n)∣b. When solutions exist, there are exactly d=gcd(a,n) solutions modulo n.
Proof.
The congruence ax≡b(modn) is equivalent to the existence of integers x,y with ax+ny=b. By Bé{ax+ny∣x,y∈Z}=gcd(a,n)Z, so b lies in this set precisely when gcd(a,n)∣b. When d=gcd(a,n)∣b, the reduced congruence (a/d)x≡b/d(modn/d) has gcd(a/d,n/d)=1 and therefore a unique solution x0​. The solutions of the original congruence are x≡x0​+kn/d(modn) for k=0,1,…,d−1, giving d solutions in all. □
Number TheoryAlgebraTextbookEuclidean AlgorithmGCD
FO
Folio Official

Mathematics "between the lines" — exploring the intuition textbooks leave out, written in LaTeX on Folio.

1 followers·107 articles
Number Theory TextbookPart 3 of 13
Previous
Divisibility and Congruences — Laying the Foundations of Number Theory
Next
Primes and the Fundamental Theorem of Arithmetic — The Atomic Decomposition of Integers

Share your expertise with the world

Write articles with LaTeX support, build your audience, and earn from your knowledge.

Start Writing — It's Free

More from Folio Official

Folio Official·March 1, 2026

Introduction to Algebraic Integers — Extending the Notion of Integer

Using the Gaussian integers Z[i] and the Eisenstein integers Z[omega] as concrete examples, we introduce rings of algebraic integers. We demonstrate the failure of unique factorization in Z[sqrt(-5)] and show how ideals and prime ideal factorization restore uniqueness. We define the class number and discuss its significance.

Number TheoryAlgebraTextbook
2
Folio Official·March 1, 2026

Arithmetic Functions and Multiplicative Functions — Functions on the Integers

We systematically define the principal multiplicative functions (phi, sigma, mu, d), develop the ring structure of Dirichlet convolution, and give a rigorous proof of the Moebius inversion formula. We also clarify the connection to the inclusion-exclusion principle.

Number TheoryAlgebraTextbook
Folio Official·March 1, 2026

Primes and the Fundamental Theorem of Arithmetic — The Atomic Decomposition of Integers

We define prime numbers and establish their basic properties, including Euclid's proof of the infinitude of primes. We then give a rigorous proof of the fundamental theorem of arithmetic (existence and uniqueness of prime factorization), and discuss the sieve of Eratosthenes and the Miller--Rabin primality test.

Number TheoryAlgebraTextbook
Folio Official·March 1, 2026

Chebyshev's Estimates: 0.92 x/ln x < π(x) < 1.11 x/ln x and the Prime Number Theorem

Chebyshev proved that 0.92 x/ln x < π(x) < 1.11 x/ln x for sufficiently large x. This article gives a complete proof via binomial coefficients and the Chebyshev functions θ(x) and ψ(x), then traces the path to the prime number theorem π(x) ~ x/ln x.

Number TheoryAlgebraTextbook