112 a fast probabilistic test we describe in this

• Notes
• 74

This preview shows pages 70–72. Sign up to view the full content.

11.2 A Fast Probabilistic Test We describe in this section a fast (polynomial time) test for primality, known as the Miller-Rabin algorithm . The algorithm, however, is probabilistic, and may (with small probability) make a mistake. We assume for the remainder of this section that the number n we are testing for primality is odd. Several probabilistic primality tests, including the the Miller-Rabin algorithm, have the follow- ing general structure. Define Z + n to be the set of non-zero elements of Z n ; thus, | Z + n | = n - 1 and if n is prime, Z + n = Z * n . Suppose also that we define a set L n Z + n such that there is an efficient algorithm that on input n and α Z + n , determines if α L n ; if n is prime, then L n = Z * n ; 65

This preview has intentionally blurred sections. Sign up to view the full version.

if n is composite, | L n | ≤ ( n - 1) / 2. To test n for primality, we set an “error parameter” t , and choose random elements α 1 , . . . , α t Z + n . If α i L n for all 1 i t , then we output “prime”; otherwise, we output “composite.” It is easy to see that if n is prime, this algorithm always outputs “prime,” and if n is composite this algorithm outputs “composite” with probability at least 1 - 2 t . If t is chosen large enough, say t = 100, then the probability that the output is wrong is so small that for all practical purposes, it is “just as good as zero.” We now make a first attempt at defining a suitable set L n . Let us define L n = { α Z + n : α n - 1 = 1 } . Note that L n Z * n , since if α n - 1 = 1, then α has a multiplicative inverse, namely, α n - 2 . Using a repeated-squaring algorithm, we can test if α L n in time O (lg( n ) 3 ). Theorem 11.1 If n is prime, then L n = Z * n . If n is composite and L n ( Z * n , | L n | ≤ ( n - 1) / 2 . Proof. Note that L n is the kernel of the ( n - 1)-power map on Z * n , and hence is a subgroup of Z * n . If n is prime, then we know that Z * n is a group of order n - 1. Hence, α n - 1 = 1 for all α Z * n . That is, L n = Z * n . Suppose that n is composite and L n ( Z * n . Since the order of a subgroup divides the order of the group, we have | Z * n | = m | L n | for some integer m > 1. From this, we conclude that | L n | = 1 m | Z * n | ≤ 1 2 | Z * n | ≤ n - 1 2 . 2 Unfortunately, there are odd composite numbers n such that L n = Z * n . The smallest such number is 561 = 3 · 11 · 17 . Such numbers are called Carmichael numbers . They are extremely rare, but it is known that there are infinitely many of them, so we can not ignore them. The following theorem characterizes Carmichael numbers. Theorem 11.2 A positive odd integer n is a Carmichael number if and only if it is square-free of the form n = p 1 · · · p r , where ( p i - 1) | ( n - 1) for 1 i r . Proof. Suppose n = p e 1 1 · · · p e r r . By the Chinese Remainder Theorem, we have an isomorphism of Z * n with the group Z * p e 1 1 × · · · × Z * p e k k , and we know that each group Z * p e i i is cyclic of order p e i - 1 i ( p i - 1). Thus, the ( n - 1)-power map annihilates the group Z * n if and only if it annihilates each of the groups Z * p e i i , which occurs if and only if p e i - 1 i ( p i - 1) | ( n - 1). Now, on the one hand, n 0 (mod p i ). On the other hand, if e i > 1, we would have n 1 (mod p i ), which is clearly impossible. Thus, we must have e i = 1. 2
This is the end of the preview. Sign up to access the rest of the document.
• Spring '13
• MRR

{[ snackBarMessage ]}

What students are saying

• As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

Kiran Temple University Fox School of Business ‘17, Course Hero Intern

• I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

Dana University of Pennsylvania ‘17, Course Hero Intern

• The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

Jill Tulane University ‘16, Course Hero Intern