Prime Numbers
Prime Numbers Prime Numbers
100 Chapter 2 NUMBER-THEORETICAL TOOLS such square roots, both computationally efficient but raising different issues of implementation. The first algorithm starts from Euler’s test (2.6). If the prime p is 3 (mod 4) and a t p = 1, then Euler’s test says that a ≡ 1(modp), where t =(p− 1)/2. Then at+1 ≡ a (mod p), and as t + 1 is even in this case, we may take for our square root x ≡ a (t+1)/2 (mod p). Surely, this delightfully simple solution to the square root problem can be generalized! Yes, but it is not so easy. In general, we may write p − 1=2st,withtodd. Euler’s test (2.6) guarantees us that a2s−1t ≡ 1(modp), but it does not appear to say anything about A = at (mod p). Well, it does say something; it says that the multiplicative order of A modulo p is a divisor of 2s−1 . Suppose that d is a quadratic nonresidue modulo p, andletD = dt mod p. Then Euler’s test (2.6) says that the multiplicative order of D modulo p is exactly 2s ,sinceD2s−1 ≡ −1(modp). The same is true about D −1 (mod p), namely, its multiplicative order is 2 s . Since the multiplicative group Z ∗ p is cyclic, it follows that A is in the cyclic subgroup generated by D −1 , and in fact, A is an even power of D −1 ,thatis,A ≡ D −2µ (mod p) for some integer µ with 0 ≤ µ
2.3 Squares and roots 101 } x = a (p+3)/8 mod p; c = x 2 mod p; // Then c ≡±a (mod p). if(c = a mod p) x = x2 (p−1)/4 mod p; return x; 2. [Case p ≡ 1(mod8)] Find a random integer d ∈ [2,p− 1] with d p = −1; // Compute Jacobi symbols via Algorithm 2.3.5. Represent p − 1=2st, with t odd; A = at mod p; D = dt mod p; m =0; // m will be 2µ of text discussion. for(0 ≤ i
- Page 64 and 65: 50 Chapter 1 PRIMES! prime? What is
- Page 66 and 67: 52 Chapter 1 PRIMES! This kind of c
- Page 68 and 69: 54 Chapter 1 PRIMES! where p runs o
- Page 70 and 71: 56 Chapter 1 PRIMES! While the prim
- Page 72 and 73: 58 Chapter 1 PRIMES! Exercise 1.35.
- Page 74 and 75: 60 Chapter 1 PRIMES! this recreatio
- Page 76 and 77: 62 Chapter 1 PRIMES! so that A3(x)
- Page 78 and 79: 64 Chapter 1 PRIMES! Conclude that
- Page 80 and 81: 66 Chapter 1 PRIMES! implies that
- Page 82 and 83: 68 Chapter 1 PRIMES! the Riemann-Si
- Page 84 and 85: 70 Chapter 1 PRIMES! such sums can
- Page 86 and 87: 72 Chapter 1 PRIMES! Cast this sing
- Page 88 and 89: 74 Chapter 1 PRIMES! 10 10 . The me
- Page 90 and 91: 76 Chapter 1 PRIMES! These numbers
- Page 92 and 93: 78 Chapter 1 PRIMES! Next, as for q
- Page 94 and 95: 80 Chapter 1 PRIMES! (see [Bach 199
- Page 96 and 97: 82 Chapter 1 PRIMES! If one invokes
- Page 98 and 99: 84 Chapter 2 NUMBER-THEORETICAL TOO
- Page 100 and 101: 86 Chapter 2 NUMBER-THEORETICAL TOO
- Page 102 and 103: 88 Chapter 2 NUMBER-THEORETICAL TOO
- Page 104 and 105: 90 Chapter 2 NUMBER-THEORETICAL TOO
- Page 106 and 107: 92 Chapter 2 NUMBER-THEORETICAL TOO
- Page 108 and 109: 94 Chapter 2 NUMBER-THEORETICAL TOO
- Page 110 and 111: 96 Chapter 2 NUMBER-THEORETICAL TOO
- Page 112 and 113: 98 Chapter 2 NUMBER-THEORETICAL TOO
- Page 116 and 117: 102 Chapter 2 NUMBER-THEORETICAL TO
- Page 118 and 119: 104 Chapter 2 NUMBER-THEORETICAL TO
- Page 120 and 121: 106 Chapter 2 NUMBER-THEORETICAL TO
- Page 122 and 123: 108 Chapter 2 NUMBER-THEORETICAL TO
- Page 124 and 125: 110 Chapter 2 NUMBER-THEORETICAL TO
- Page 126 and 127: 112 Chapter 2 NUMBER-THEORETICAL TO
- Page 128 and 129: 114 Chapter 2 NUMBER-THEORETICAL TO
- Page 130 and 131: Chapter 3 RECOGNIZING PRIMES AND CO
- Page 132 and 133: 3.1 Trial division 119 d =3; while(
- Page 134 and 135: 3.2 Sieving 121 3.2 Sieving Sieving
- Page 136 and 137: 3.2 Sieving 123 this number’s ent
- Page 138 and 139: 3.2 Sieving 125 noticed that it was
- Page 140 and 141: 3.2 Sieving 127 } S = S \ (pS ∩ [
- Page 142 and 143: 3.3 Recognizing smooth numbers 129
- Page 144 and 145: 3.4 Pseudoprimes 131 } g =gcd(s, x)
- Page 146 and 147: 3.4 Pseudoprimes 133 Theorem 3.4.4.
- Page 148 and 149: 3.5 Probable primes and witnesses 1
- Page 150 and 151: 3.5 Probable primes and witnesses 1
- Page 152 and 153: 3.5 Probable primes and witnesses 1
- Page 154 and 155: 3.5 Probable primes and witnesses 1
- Page 156 and 157: 3.6 Lucas pseudoprimes 143 The Fibo
- Page 158 and 159: 3.6 Lucas pseudoprimes 145 Because
- Page 160 and 161: 3.6 Lucas pseudoprimes 147 use (3.1
- Page 162 and 163: 3.6 Lucas pseudoprimes 149 gcd(n, 2
100 Chapter 2 NUMBER-THEORETICAL TOOLS<br />
such square roots, both computationally efficient but raising different issues<br />
of implementation.<br />
The first algorithm starts from Euler’s test (2.6). If the prime p is 3 (mod 4)<br />
and <br />
a<br />
t<br />
p = 1, then Euler’s test says that a ≡ 1(modp), where t =(p− 1)/2.<br />
Then at+1 ≡ a (mod p), and as t + 1 is even in this case, we may take for<br />
our square root x ≡ a (t+1)/2 (mod p). Surely, this delightfully simple solution<br />
to the square root problem can be generalized! Yes, but it is not so easy. In<br />
general, we may write p − 1=2st,withtodd. Euler’s test (2.6) guarantees<br />
us that a2s−1t ≡ 1(modp), but it does not appear to say anything about<br />
A = at (mod p).<br />
Well, it does say something; it says that the multiplicative order of A<br />
modulo p is a divisor of 2s−1 . Suppose that d is a quadratic nonresidue modulo<br />
p, andletD = dt mod p. Then Euler’s test (2.6) says that the multiplicative<br />
order of D modulo p is exactly 2s ,sinceD2s−1 ≡ −1(modp). The same<br />
is true about D −1 (mod p), namely, its multiplicative order is 2 s . Since the<br />
multiplicative group Z ∗ p is cyclic, it follows that A is in the cyclic subgroup<br />
generated by D −1 , and in fact, A is an even power of D −1 ,thatis,A ≡ D −2µ<br />
(mod p) for some integer µ with 0 ≤ µ
Change language