PT. Primarity Tests Given an natural number n, we want to determine if n is a prime number.

Similar documents
Solutions for the Practice Questions

Number Theory/Cryptography (part 1 of CSC 282)

SOLUTIONS TO PROBLEM SET 5. Section 9.1

NUMBER THEORY AMIN WITNO

6. Find an inverse of a modulo m for each of these pairs of relatively prime integers using the method

Foundations of Cryptography

An interesting class of problems of a computational nature ask for the standard residue of a power of a number, e.g.,

The congruence relation has many similarities to equality. The following theorem says that congruence, like equality, is an equivalence relation.

Math 255 Spring 2017 Solving x 2 a (mod n)

To be able to determine the quadratic character of an arbitrary number mod p (p an odd prime), we. The first (and most delicate) case concerns 2

Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.

Collection of rules, techniques and theorems for solving polynomial congruences 11 April 2012 at 22:02

Discrete Math Class 4 ( )

L29&30 - RSA Cryptography

Number Theory - Divisibility Number Theory - Congruences. Number Theory. June 23, Number Theory

Primitive Roots. Chapter Orders and Primitive Roots

b) Find all positive integers smaller than 200 which leave remainder 1, 3, 4 upon division by 3, 5, 7 respectively.

Modular Arithmetic. Kieran Cooney - February 18, 2016

CHAPTER 2. Modular Arithmetic

Discrete Square Root. Çetin Kaya Koç Winter / 11

Solutions for the 2nd Practice Midterm

Q(173)Q(177)Q(188)Q(193)Q(203)

The Chinese Remainder Theorem

MA/CSSE 473 Day 9. The algorithm (modified) N 1

The Chinese Remainder Theorem

Wilson s Theorem and Fermat s Theorem

Solutions for the Practice Final

Assignment 2. Due: Monday Oct. 15, :59pm

Applications of Fermat s Little Theorem and Congruences

Carmen s Core Concepts (Math 135)

Distribution of Primes

Congruence. Solving linear congruences. A linear congruence is an expression in the form. ax b (modm)

Solutions to Exam 1. Problem 1. a) State Fermat s Little Theorem and Euler s Theorem. b) Let m, n be relatively prime positive integers.

Number Theory. Konkreetne Matemaatika

MATH 13150: Freshman Seminar Unit 15

1.6 Congruence Modulo m

ALGEBRA: Chapter I: QUESTION BANK

Cryptography, Number Theory, and RSA

SOLUTIONS FOR PROBLEM SET 4

LECTURE 7: POLYNOMIAL CONGRUENCES TO PRIME POWER MODULI

University of British Columbia. Math 312, Midterm, 6th of June 2017

Formulas for Primes. Eric Rowland Hofstra University. Eric Rowland Formulas for Primes / 27

Lecture 32. Handout or Document Camera or Class Exercise. Which of the following is equal to [53] [5] 1 in Z 7? (Do not use a calculator.

Math 319 Problem Set #7 Solution 18 April 2002

Exam 1 7 = = 49 2 ( ) = = 7 ( ) =

Cryptography. 2. decoding is extremely difficult (for protection against eavesdroppers);

Data security (Cryptography) exercise book

Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014

The Chinese Remainder Theorem

Is 1 a Square Modulo p? Is 2?

LECTURE 3: CONGRUENCES. 1. Basic properties of congruences We begin by introducing some definitions and elementary properties.

Discrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography

Solutions to Problem Set 6 - Fall 2008 Due Tuesday, Oct. 21 at 1:00

A4M33PAL, ZS , FEL ČVUT

Introduction to Modular Arithmetic

A REMARK ON A PAPER OF LUCA AND WALSH 1. Zhao-Jun Li Department of Mathematics, Anhui Normal University, Wuhu, China. Min Tang 2.

Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.

ON SPLITTING UP PILES OF STONES

An elementary study of Goldbach Conjecture

Zhanjiang , People s Republic of China

Cryptography Math 1580 Silverman First Hour Exam Mon Oct 2, 2017

DUBLIN CITY UNIVERSITY

PRIMES IN SHIFTED SUMS OF LUCAS SEQUENCES. Lenny Jones Department of Mathematics, Shippensburg University, Shippensburg, Pennsylvania

Power = 36² mod 99 Power = 9 5 a 5 = 0 x = 81 Power = 9² mod 99 Power = 81 6 a 6 = 1 x = 81 x 81 mod 99 x = 27 7 a 7 = 1 x = 27 x 27 mod 99 x = 36

Number Theory and Security in the Digital Age

Practice Midterm 2 Solutions

Public Key Encryption

p 1 MAX(a,b) + MIN(a,b) = a+b n m means that m is a an integer multiple of n. Greatest Common Divisor: We say that n divides m.

Mathematics Explorers Club Fall 2012 Number Theory and Cryptography

Sheet 1: Introduction to prime numbers.

UNIVERSITY OF MANITOBA DATE: December 7, FINAL EXAMINATION TITLE PAGE TIME: 3 hours EXAMINER: M. Davidson

The Sign of a Permutation Matt Baker

MATH 135 Algebra, Solutions to Assignment 7

Math 127: Equivalence Relations

Discrete Mathematics and Probability Theory Spring 2018 Ayazifar and Rao Midterm 2 Solutions

Final exam. Question Points Score. Total: 150

The Strong Finiteness of Double Mersenne Primes and the Infinity of Root Mersenne Primes and Near-square Primes of Mersenne Primes

MATH 324 Elementary Number Theory Solutions to Practice Problems for Final Examination Monday August 8, 2005

Modular Arithmetic. claserken. July 2016

Implementation / Programming: Random Number Generation

MAT 302: ALGEBRAIC CRYPTOGRAPHY. Department of Mathematical and Computational Sciences University of Toronto, Mississauga.

by Michael Filaseta University of South Carolina

Cryptography CS 555. Topic 20: Other Public Key Encryption Schemes. CS555 Topic 20 1

Modular arithmetic Math 2320

17. Symmetries. Thus, the example above corresponds to the matrix: We shall now look at how permutations relate to trees.

Example Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext

ON THE EQUATION a x x (mod b) Jam Germain

Constructions of Coverings of the Integers: Exploring an Erdős Problem

LUCAS-SIERPIŃSKI AND LUCAS-RIESEL NUMBERS

Fermat s little theorem. RSA.

MTH 3527 Number Theory Quiz 10 (Some problems that might be on the quiz and some solutions.) 1. Euler φ-function. Desribe all integers n such that:

Final Math Paper. James Marden. December 3, Introduction. Mersenne primes are a set of primes which are of the form: (2 p ) 1 = M

Chapter 4 Cyclotomic Cosets, the Mattson Solomon Polynomial, Idempotents and Cyclic Codes

Permutation Groups. Every permutation can be written as a product of disjoint cycles. This factorization is unique up to the order of the factors.

Introduction. and Z r1 Z rn. This lecture aims to provide techniques. CRT during the decription process in RSA is explained.

ELEMENTS OF NUMBER THEORY & CONGRUENCES. Lagrange, Legendre and Gauss. Mth Mathematicst

Square & Square Roots

Problem Set 6 Solutions Math 158, Fall 2016

CMPSCI 250: Introduction to Computation. Lecture #14: The Chinese Remainder Theorem David Mix Barrington 24 February 2012

Variations on a Theme of Sierpiński

Transcription:

PT. Primarity Tests Given an natural number n, we want to determine if n is a prime number. (PT.1) If a number m of the form m = 2 n 1, where n N, is a Mersenne number. If a Mersenne number m is also a prime, then m is called a Mersenne prime. Open Problem: Are there infinitely many Mersenne primes? Lucas-Lehmer Test is one to test if a Mersenne number is a Mersenne prime. (i) Input: M n = 2 n 1, with n 3. (ii) Computing: Set s 1 = 4, and for j = 2,, n 1, compute s j s 2 j 1 1 (mod M n ), (iii) Conclusion: M n is not a prime. (PT. 2) Example: If s n 1 0 (mod M n ), then M n is a Mersenne prime; otherwise Determine if m = M 13 = 2 13 1 = 8191 is a Mersenne prime. We conclude that m is a Mersenne prime. j s j (mod m) j s j (mod m) 1 4 7 1857 2 14 8 36 3 194 9 1294 4 4870 10 3470 5 3953 11 128 6 5970 12 0 (PT. 3) Exercise: a prime. Use Lucas-Lehmer Test to verify that M 7 = 2 7 1 = 127 is (PT. 4) Exercise: Use Lucas-Lehmer Test to test which of the following number is a prime and which is not: M 9 = 511, M 10 = 1023, M 11 = 2047, M j, 3 20. (PT. 5) The following formula is often useful to determine if a number b n 1 is a prime or not: When d n, writing N = n/d, we have b n 1 = (b d ) N 1 = (b d 1)((b d ) N 1 + (b d ) N 2 + + (b d ) 2 + b d + 1). 1

(i) If n is a composite number, say n = ds, then by the formula in (PT. 4), 2 n 1 = (2 d 1)((2 d ) s 1 + + 2 d + 1). For example, 511 = 2 9 1 = (2 3 1)(2 6 + 2 3 + 1) is not a prime. (PT. 6) Primerity Test of b n 1: (PT.6A) Let b > 1. Then for any two positive integers m, n, gcd(b m 1, b n 1) = b gcd(m,n) 1. Proof: We argue by induction on max{m, n}. If m = n or if max{m, n} = 1, the assertion holds trivially. Assume that m n 1 and that the statement holds for smaller values of max{m, n}. Without loss of generality, we assume that m > n. Note that when m > n, (b m 1) b m n (b n 1) = b m n 1. Thus if an integer d divides two of the three integers b m 1, b n 1 and b m n 1, then d divides the third. It follows that gcd(b m 1, b n 1) = gcd(b n 1, b m n 1). Since m > n, max{m n, n} < max{m, n}. By induction, gcd(b m 1, b n 1) = gcd(b n 1, b m n 1) = b gcd(m,m n) 1. What is left is to show that gcd(m, m n) = gcd(m, n). (PT.6B) Fix a positive integer b. Let n be a positive integer. If a prime p divides b n 1, then either p b d 1 for some proper factor d > 1 of n, or p 1 (mod n). Proof: By Fermat, b p 1 1 (mod p), and so p (b p 1). Since p (b n 1), by (PT. 6A), p b gcd(n,p 1) 1. Let d = gcd(n, p 1). If d < n, then d is a proper factor of n. If d = n, then n p 1 and so p 1 (mod n). (PT.6C) When p is odd and n is odd, we have 2 p 1. n p 1, we also have (2n) (p 1), and so p 1 (mod 2n). Since gcd(2, n) = 1, if (PT.6D) The following formula is often useful to determine if a number 2 n 1 is a Mersenne prime or not: When d n, writing N = n/d, we have b n 1 = (b d ) N 1 = (b d 1)((b d ) N 1 + (b d ) N 2 + + (b d ) 2 + b d + 1). 2

(ii) Is m = 127 = 2 7 1 a prime? Let p be a smallest prime dividing m. Then p 127 < 144 = 12. Since 7 is a prime, by (PT.6C) with b = 2 and n = 7, if p is a prime factor of 127, then it must be p 1 (mod 7) or p 1 (mod 14). No such prime exists and so 127 is a prime. (iii) Is m = 2047 = 2 11 1 a prime? Let p be a smallest prime dividing m. Then p 2 12 < 2 6 = 64 (a bit too big, isn t it?). By (PT.6B) with n = 11 and b = 2, either p 11 or both p 1 (mod 11) and p 1 (mod 22). One such possible p is p = 23. Division yields 2047/23 = 89, and so 2047 = (23)(89). (iv) Is m = 131071 = 2 17 1 a prime? Let p be a smallest prime dividing m. Then p m < 131769 = 363 (a bit too big, isn t it?). By (PT.6B) with n = 17 and b = 2, either p 17 or both p 1 (mod 17) and p 1 (mod 34). Considering such possible numbers of the form 34k + 1 that are less than 363: 35, 69, 103, 137, 171, 205, 239, 273, 307, 341. Among these numbers, taking away those that are composite numbers: 5 35, 3 69, 3 171, 5 205, 3 273, 11 341, we have 103, 137, 239, 307 left. Check each of the survivors to see if any of them is a factor of m: 131071 55 (mod 103), 131071 99 (mod 137), 131071 99 (mod 239), and 131071 289 (mod 307). Hence none is a factor of m, which implies that m is a Mersenne prime. (v) If n = 2k > 0 is an even number, then b n 1 = (b k ) 2 1 = (b k 1)(b k + 1). As an example, 3 4 1 = (3 2 1)(3 2 + 1) = (3 1)(3 + 1)(2)(5) = (2) 4 (5). (vi) If b is an odd number, then 2 (b n 1). Thus 3 7 1 = 2186 = (2)(1093). Apply (PT.6B) to this case with b = 3 and n = 7, if p is a smallest prime dividing 3 7 1, then p 1 (mod 7). As 2 3 7 1, and as gcd(2, p) = 1, we also have p 1 (mod 14). Also, p 1093 < 1156 = 34. Need to test 15, 29. As 15 is not a prime, we only consider 29. Since 1093 20 (mod 29), 1093 is a prime and so we have the complete factorization of 3 7 1 into primes: 3 7 1 = (2)(1093). (PT. 7) Pocklington s Theorem Let n = ab + 1 with a, b N and b > 1. If for any prime factor q with q b, m Z such that both m n 1 1 (mod n) and gcd(m (n 1)/q 1, n) = 1, then each of the following holds. (i) For any prime p with p b, p 1 (mod b). (ii) If b > n 1, then n is a prime. Proof: (Omitted). 3

(PT. 8) Example: Use Pocklington s Theorem to test n = 104759 for primarity, knowing that the prime q = 52379 is a factor of n 1. (Step 1) Checking applicability: Compute to get n 1 = 2q and so n = 2q + 1. (Thus n has the form n = ab + 1. If n does not have such a form, the theorem cannot be used for this purpose). Note that b = q > 1 and q is the only prime with q b. (Step 2) Choosing m: Choose m = 2 (This is done by trial and error. We usually start the trial with smaller numbers). Compute m n 1 2 104758 1 (mod n), and gcd(m (n 1)/q 1, n) = gcd(2 4 1, n) = 1. (So m = 2 works). (Step 3) Verifying condition: Compute to see that b = q > n, and conclude that n is a prime. (PT. 9) Powers and roots modulo m Let m, n N and c Z with gcd(c, n) = 1. If for some x Z, x m c (mod n, then c is the mth power of x (mod n, and x is the mth root (mod n). A square (2nd power) mod n is also called a quadratic residue (mod n). (PT. 10) Example: Since 1 2 6 2 1, 2 2 5 2 4, 3 2 4 2 2 (mod 7), 1, 2 and 4 are quadratic residue mod 7; and 3, 5 are quadratic non-residues mod 7. (PT. 11) Proth s Theorem Let k, t N with t odd and 2 k > t. Then n = 2 k t + 1 is a prime if and only if for some quadratic non-residues c (mod n), c (n 1)/2 1 (mod n). Proof: (Omitted). (PT. 12) Example: Use Proth s Theorem to test n = 13313 for primarity. (Assume that we know c = 3 is a quadratic non-residues mod n). (Step 1) Checking applicability: n 1 = 2 10 13, and so n = 2 10 13 + 1 has the form n = 2 k t + 1, where k = 10 and t = 13. (Step 2) Verifying condition: c = 3, and compute to see 3 (n 1)/2 = 3 6656 1 (mod n). Therefore, by Proth s Theorem, n is a prime. (PT. 13) Converse of Fermat s Little Theorem n is prime if and only if for some m N, If n N with n > 2, then m n 1 1 (mod n), but prime p (n 1), m n 1 /p 1 (mod n). Proof: (Omitted). (PT. 14) Example: Use (PT. 11) to test n = 16487 for primarity. 4

(Step 1) Choosing m: Compute n 1 = 2 8243 = 2q where q = 8243 is a prime. We choose m = 2 (by trial and error, starting with smaller numbers. Note that 2 and q are the only proper factors of n 1). (Step 2) Verifying conditions: Compute m n 1 2 16486 1 (mod n); 2 2 1 and 2 8243 1 (mod n). Therefore, n is a prime. (PT. 15) When an integer is a composite? Let n be an integer. Suppose that there exist integers x, y such that x 2 y 2 (mod n) but x ±y (mod n). Then each of the following holds. (i) n is a composite. (ii) Let d = gcd(x y, n). Then 1 < d < n. Proof: Use the property that if n is a prime and if n ab, then n a or n b (with a = x y and b = x + y) to see that n must be a composite. d = n = n x y = x y (mod n). Thus assume d = 1. (Use the property that if gcd(a, b) = 1 and if a bc, then a c). From n (x 2 y 2 ) = (x y)(x + y) and d = 1, we have n (x + y) = x y (mod n). (PT. 16) Example: For n = 3837523, we have been told the following 9398 2 5 5 19 (mod n) 19095 2 2 2 5 11 13 19 (mod n) 1964 2 3 2 13 3 (mod n) 17078 2 2 6 3 2 11 (mod n) Multiply these relations side by side to get (9398 19095 1964 17078) 2 (2 4 3 2 5 3 11 13 2 19) 2 (mod n) 2230387 2 2586705 2 (mod n). Let x = 2230387 and y = 2586705. We verify that x ±y (mod n). Then we can factor n by computing (x y, n) = (2586705 2586705, 3837523) = 1093, and 3837523 1093 = 3511. Hence n = 3837523 = (1093)(3511). (PT. 17) Example: As 7 2 2 2 (mod 15) and 7 ±2 (mod 15), we conclude that 15 is a composite, and 5 = gcd(7 2, 15) is a nontrivial factor of 15. 5

(PT. 18) When an integer is a composite? We apply Fermat s Little Theorem (2.12), which states that if p > 2 is a prime, then 2 p 1 1 (mod p). Suppose that 12 is a prime, then we should have 2 11 1 (mod 12). If this is not true, then 12 is a composite. Perform these computation: 2 4 = 16 4 2 2 (mod 12) 2 8 = (2 4 ) 2 (2 2 ) 2 2 2 (mod 12) 2 12 = (2 8 )(2 4 ) (2 2 )(2 2 ) 2 2 12 1 (mod 12) Thus 12 must be a composite. (This example is extended to the next test). (PT. 19) Miller-Selfridge-Robin (MSR) Primarity Test. Input: An odd integer n > 1 such that for some integer k 0 and odd integer m, n 1 = 2 k m. Initialization: Choose a random integer a with 1 < a < n 1. Compute b 0 a m (mod n). If b 0 ±1, (mod n), then STOP and output the message that n is probably a prime. Otherwise continue. Iteration: FOR i = 1, 2,..., k, DO Set b i b 2 i 1 (mod n). IF b i 1 (mod n), THEN STOP and output the message that n is a composite, and that gcd(b i 1 1, n) is a nontrivial factor of n. IF b i 1 (mod n), THEN STOP and output the message that n is probably a prime. OTHERWISE continue. Reason: If b i 1 (mod n) but b i 1 ±1 (mod n), then (b i 1 1)(b i 1 + 1) (b 2 i 1 1) b i 1 (mod n) and so view x = b i 1 and y = 1 to see that if n were a prime, then at Step i 1, either b i 1 1 or b i 1 1 (mod n), and so the Algorithm must have stopped. Since the algorithm did not stopped, we must have x n ±y, and so by (PT. 13), d = gcd(x y, n) = gcd(d i 1 1, n) must be a proper factor of n. (PT. 20) Example: Test if n = 561 is a composite. Then n 1 = 560 = 16 35, and so 2 k = 2 4, k = 4 and m = 35. Pick a = 2. Then b 0 2 35 263 (mod 561) b 1 b 2 0 166 (mod 561) b 2 b 2 1 67 (mod 561) b 3 b 2 2 1 (mod 561) 6

Thus 561 is a composite and (b 2 1, n) = (66, 561) = 33 is a factor of 561. (PT. 21) If n is a composite and for some a with 1 < a < n 1, a n 1 1 (mod n), then n is called a pseudo prime for the base a (or a pseudo prime to the base a). If, in addition, that n passes the Miller-Robin test, then n is called a strong pseudo prime for the base a. (In other words, pseudo primes are numbers that pretend to be primes). (PT. 22) Example: n = 561 is a pseudo prime for the base 2, but it is not a strong pseudo prime for the base 2. (PT. 22) Example: n = 91 is a pseudo prime for the base 3, as 3 90 1 (mod 91). But 91 is not a strong pseudo prime for the base 2, because 2 90 64 (mod 91). (In fact, from 2 90 64 (mod 91) we know that 91 is not a prime.) (PT. 23) Exercise: Find all bases b for which 15 is a pseudo prime. 7

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback