To obtain a good primality test we need to define a

Info icon This preview shows pages 71–73. Sign up to view the full content.

View Full Document Right Arrow Icon
To obtain a good primality test, we need to define a different set L 0 n , which we do as follows. Let n - 1 = 2 h m , where m is odd (and h 1 since n is assumed odd). Then α L 0 n if and only if α m = 1 or α m 2 i = [ - 1 mod n ] for some 0 i < h . The Miller-Rabin algorithm uses this set L 0 n , in place of the set L n defined above. Note that L 0 n is a subset of L n : if α m = 1, then certainly α n - 1 = ( α m ) 2 h = 1, and if α m 2 i = [ - 1 mod n ] for some 0 i < h , then α n - 1 = ( α m 2 i ) 2 h - i = 1. As a first step in analyzing the Miller-Rabin algorithm, we prove the following: 66
Image of page 71

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Theorem 11.3 Let n be a Carmichael number, and suppose n = p 1 · · · p r . Let n - 1 = 2 h m , where m is odd, and for 1 i r , let p i - 1 = 2 h i m i , where m i is odd. Let h 0 = max { h i } , and define P n := { u Z * n : u m 2 h 0 - 1 = [ ± 1 mod n ] } . Then we have: (i) h 0 h ; (ii) for all u Z * n , u m 2 h 0 = 1 ; (iii) P n is a subgroup of Z * n , and P n ( Z * n . Proof. As n is Carmichael, each p i - 1 divides n - 1. It follows that h 0 h . That proves (i). It also follows that m i | m for each i . Again, by the Chinese Remainder Theorem, we have an isomorphism of Z * n with the group Z * p 1 × · · · × Z * p r , where each Z * p i is cyclic of order p i - 1. Since each p i - 1 divides m 2 h 0 , it follows that each Z * p i is annihilated by the ( m 2 h 0 )-power map. It follows from the Chinese Remainder Theorem that Z * n is also annihilated by the ( m 2 h 0 )-power map. That proves (ii). To prove (iii), first note that P n is the pre-image of the subgroup { [ ± 1 mod n ] } under the ( m 2 h 0 - 1 )-power map, and hence is itself a subgroup of Z * n . Now, h 0 = h i for some i , and without loss of generality, assume i = 1. Let α = [ a mod p 1 ] Z * p 1 be a generator for Z * p 1 . Since α has order m 1 2 h 0 , it follows that α m 1 2 h 0 - 1 has order 2, which means that α m 1 2 h 0 - 1 = [ - 1 mod p 1 ]. Since m 1 | m and m is odd, it follows that α m 2 h 0 - 1 = [ - 1 mod p 1 ]. By the Chinese Remainder Theorem, there exists an integer b such that b a (mod p 1 ) and b 1 (mod p j ) for j 6 = 1. We claim that b m 2 h 0 - 1 6≡ ± 1 (mod n ). Indeed, if b m 2 h 0 - 1 1 (mod n ), then we would have b m 2 h 0 - 1 1 (mod p 1 ), which is not the case, and if b m 2 h 0 - 1 ≡ - 1 (mod n ), then we would have b m 2 h 0 - 1 ≡ - 1 (mod p 2 ), which is also not the case. That proves P n ( Z * n . 2 From the above theorem, we can easily derive the following result: Theorem 11.4 If n is prime, then L 0 n = Z * n . If n is composite, then | L 0 n | ≤ ( n - 1) / 2 . Proof. Let n - 1 = m 2 h , where m is odd. For α Z * n , let define the sequence of group elements s i ( α ) := α m 2 i for 0 i h . We can characterize the set L 0 n as follows: it consists of all α Z * n such that s h ( α ) = [1 mod n ], and for 1 i h , s i ( α ) = [1 mod n ] implies s i - 1 ( α ) = [ ± 1 mod n ]. First, suppose n is prime. By Fermat’s little theorem, for α Z * n , we know that s h ( α ) = [1 mod n ]. Moreover, if s i ( α ) = [1 mod n ] for 1 i h , then as s i - 1 ( α ) 2 = [1 mod n ], and the only square roots of [1 mod n ] are [ ± 1 mod n ], we have s i - 1 ( α ) = [ ± 1 mod n ].
Image of page 72
Image of page 73
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern