Team
math

Fermat's Little Theorem Calculator

Fermat's little theorem is a cornerstone of modular arithmetic and number theory, stating that if p is prime and a is any integer not divisible by p, then a^(p−1) ≡ 1 (mod p). Cryptographers, computer scientists, and mathematicians use this theorem for primality testing and computing multiplicative inverses efficiently. Enter your integers a and p to explore how this elegant result connects to real-world applications in encryption and computational number theory.

Last updated:

Creators Anna Szczepanek, PhD Mathematics
1,267 people find this calculator helpful

Understanding Fermat's Little Theorem

Fermat's little theorem describes a remarkable relationship in modular arithmetic. For any prime number p and integer a not divisible by p, raising a to the power of (p−1) always produces a remainder of 1 when divided by p.

The theorem exists in two equivalent forms:

  • General form: a^p ≡ a (mod p) for any integer a and prime p
  • Simplified form: a^(p−1) ≡ 1 (mod p) when gcd(a, p) = 1

Pierre de Fermat discovered this principle in 1640 but never published a proof, claiming it would be too lengthy. Leonhard Euler later provided the first rigorous proof in 1736, though Leibniz had independently derived it decades earlier. Despite being named the "little" theorem (to distinguish it from Fermat's Last Conjecture), it remains one of number theory's most powerful and frequently applied results.

The Mathematical Statement

When p is prime and a shares no common factors with p, Fermat's little theorem gives us:

a^(p−1) ≡ 1 (mod p)

Alternatively: a^p ≡ a (mod p)

  • a — An integer coprime to p (gcd(a, p) = 1)
  • p — A prime number greater than 1

Finding Multiplicative Inverses

One of the most practical applications of Fermat's little theorem is computing multiplicative inverses in modular arithmetic—essential for encryption algorithms and solving congruences.

If you need to find the multiplicative inverse of a modulo p (the number that satisfies a × x ≡ 1 (mod p)), Fermat's theorem provides an elegant shortcut. Since a^(p−1) ≡ 1 (mod p), we can rearrange this as:

a × a^(p−2) ≡ 1 (mod p)

This means a^(p−2) is the multiplicative inverse of a modulo p. You compute one modular exponentiation instead of running the extended Euclidean algorithm, making cryptographic operations significantly faster.

Primality Testing with Fermat's Test

Fermat's theorem naturally suggests a probabilistic primality test. The logic is simple: if a^(p−1) ≢ 1 (mod p) for some a coprime to p, then p is definitely composite.

The Fermat primality test works as follows:

  1. Choose a random integer a between 2 and p−2
  2. Compute a^(p−1) mod p
  3. If the result is not 1, p is composite (proven)
  4. If the result is 1, p might be prime; repeat with different values of a

After testing multiple random bases without finding a counterexample, you gain confidence that p is prime. However, Carmichael numbers (rare composites that fool Fermat's test for all coprime bases) mean this test is probabilistic rather than definitive. Modern cryptography uses more sophisticated tests like Miller–Rabin for certainty.

Critical Assumptions and Common Pitfalls

Fermat's little theorem only works under specific conditions; violating these assumptions leads to incorrect results.

  1. p must be prime — The theorem fails spectacularly for composite numbers. If you test p = 9 with a = 2, you get 2^8 ≡ 4 (mod 9), not 1. Always verify primality before applying the theorem, especially in cryptographic contexts where mistakes compromise security.
  2. a must be coprime to p — If a shares a factor with p (i.e., p divides a), the simplified form a^(p−1) ≡ 1 (mod p) breaks down. Use the general form a^p ≡ a (mod p) instead, or choose a different base. In primality testing, select a carefully to avoid accidentally picking a multiple of p.
  3. Carmichael numbers fool the test — Certain composite numbers like 561 = 3 × 11 × 17 satisfy a^(p−1) ≡ 1 (mod p) for all a coprime to p. Fermat's test alone cannot definitively prove primality; always combine it with additional tests or use deterministic algorithms for production systems.
  4. Modular exponentiation requires care — Computing a^(p−1) directly produces enormous intermediate values. Use fast modular exponentiation (repeated squaring) to keep numbers manageable and avoid overflow. Naive exponentiation makes even moderate inputs infeasible.

Frequently Asked Questions

Why is Fermat's little theorem called 'little'?

Fermat formulated two famous theorems. His 'Last Conjecture'—that x^n + y^n = z^n has no integer solutions for n > 2—became far more famous after Andrew Wiles's 1995 proof. To distinguish the modular arithmetic result from this celebrated conjecture, mathematicians named it the 'little' theorem, despite its profound importance in number theory and cryptography.

Can Fermat's theorem prove a number is definitely prime?

No; it can only prove a number is composite. If a^(p−1) ≢ 1 (mod p) for some base a, then p is definitely not prime. But if a^(p−1) ≡ 1 (mod p) for many bases, p is probably prime—not certainly prime. Carmichael numbers exploit this weakness by fooling the test for all valid bases. For definitive primality proof, use deterministic algorithms or the Miller–Rabin test, which detects Carmichael numbers.

How do you compute a^(p−1) mod p efficiently for large numbers?

Direct exponentiation produces numbers too large to handle. Instead, use repeated squaring (binary exponentiation), which breaks the exponent into powers of 2 and computes each power by squaring the previous result, reducing modulo p at each step. This reduces 2^1000 mod p from 1000 multiplications to roughly 10 operations. Modern cryptography depends entirely on this technique; without it, RSA encryption would be computationally infeasible.

What is the multiplicative inverse modulo p used for?

Multiplicative inverses enable division in modular arithmetic. In RSA encryption, the private key is the multiplicative inverse of the public exponent modulo φ(n). In solving linear congruences and implementing cryptographic protocols, finding a^(−1) mod p allows you to 'undo' multiplication. Fermat's theorem provides a direct formula (a^(p−2) mod p) that is often faster than the extended Euclidean algorithm.

Did Fermat actually prove his own theorem?

No. Fermat stated the theorem in an October 1640 letter to Frénicle de Bessy but did not provide proof, claiming it was too long to include. Leonhard Euler published the first rigorous proof in 1736. It later emerged that Gottfried Leibniz had independently discovered and proved the result sometime before 1683 but never published his work, keeping it in private manuscripts.

What's the difference between Fermat's little theorem and Euler's theorem?

Fermat's theorem applies specifically when p is prime: a^(p−1) ≡ 1 (mod p). Euler's theorem generalizes this to any modulus n by using Euler's totient function φ(n), which counts integers coprime to n. When n = p (prime), φ(p) = p−1, so Fermat's theorem becomes a special case of Euler's theorem. Euler's generalization is essential for RSA cryptography, where moduli are products of two large primes.

math
Least Common Multiple Calculator
math
Absolute Value Calculator

More math calculators (see all)

Standard Equation of a Circle Calculator Square Pyramid Volume Calculator Double Angle Formula Calculator Inverse Sine Calculator Square of a Binomial Calculator Isosceles Trapezoid Area Calculator Condition Number Calculator Triangle Congruence Calculator