Prime Numbers
Prime Numbers Prime Numbers
110 Chapter 2 NUMBER-THEORETICAL TOOLS 2.20. Using appropriate results of Theorem 2.3.4, prove that for prime p>3, −3 (p−1) mod 6 =(−1) 4 . p Find a similar closed form for 5 p when p = 2, 5. 2.21. Show that for prime p ≡ 1 (mod 4), the sum of the quadratic residues in [1,p− 1] is p(p − 1)/4. 2.22. Show that if a is a nonsquare integer, then a p = −1 for infinitely many primes p. (Hint: First assume that a is positive and odd. Show that there is an integer b such that b a = −1 andb≡1 (mod 4). Then any positive integer n ≡ b (mod 4a) satisfies a n = −1, and so is divisible by a prime p with = −1. Show that infinitely many primes p ariseinthisway.Thendeal a p with the cases when a is even or negative.) 2.23. Use Exercise 2.22 to show that if f(x) is an irreducible quadratic polynomial in Z[x], then there are infinitely many primes p such that f(x) modpis irreducible in Zp[x]. Show that x4 + 1 is irreducible in Z[x], but is reducible in each Zp[x]. What about cubic polynomials? 2.24. Develop an algorithm for computing the Jacobi symbol a m along the lines of the binary gcd method of Algorithm 9.4.2. 2.25. Prove: For prime p with p ≡ 3 (mod 4), given any pair of square roots of a given x ≡ 0(modp), one root is itself a quadratic residue and the other is not. (The root that is the quadratic residue is known as the principal square root.) See Exercises 2.26 and 2.42 for applications of the principal root. 2.26. We denote by Z ∗ n the multiplicative group of the elements in Zn that are coprime to n. (1) Suppose n is odd and has exactly k distinct prime factors. Let J denote the set of elements x ∈ Z∗ n with the Jacobi symbol x =1andletS n denote the set of squares in Z∗ n. Show that J is a subgroup of Z∗ n of ϕ(n)/2 elements, and that S is a subgroup of J. (2) Show that squares in Z ∗ n have exactly 2 k square roots in Z ∗ n and conclude that #S = ϕ(n)/2 k . (3) Now suppose n is a Blum integer; that is, n = pq is a product of two different primes p, q ≡ 3 (mod 4). (Blum integers have importance in cryptography (see [Menezes et al. 1997] and our Section 8.2).) From parts (1) and (2), #S = 1 2 #J, so that half of J’s elements are squares, and half are not. From part (2), an element of S has exactly 4 square roots. Show that exactly one of these square roots is itself in S. (4) For a Blum integer n = pq, show that the squaring function s(x) = x 2 mod n is a permutation on the set S, and that its inverse function is s −1 (y) =y ((p−1)(q−1)+4)/8 mod n.
2.4 Exercises 111 2.27. Using Theorem 2.3.7 prove the two equalities in relations (2.12). 2.28. Here we prove the celebrated quadratic reciprocity relation (2.11) for two distinct odd primes p, q. Starting with Definition 2.3.6, show that G is multiplicative; that is, if gcd(m, n) = 1, then G(m; n)G(n; m) =G(1; mn). (Hint: mj 2 /n + nk 2 /m is similar—in a specific sense—to (mj + nk) 2 /(mn).) Infer from this and Theorem 2.3.7 the relation (now for primes p, q) p q =(−1) q p (p−1)(q−1)/4 . These are examples par excellence of the potential power of exponential sums; in fact, this approach is one of the more efficient ways to arrive at reciprocity. Extend the result to obtain the formula of Theorem 2.3.4 for 2 p . Can this approach be extended to the more general reciprocity statement (i.e., for coprime m, n) in Theorem 2.3.4? Incidentally, Gauss sums for nonprime arguments m, n can be evaluated in closed form, using the techniques of Exercise 1.66 or the methods summarized in references such as [Graham and Kolesnik 1991]. 2.29. This exercise is designed for honing one’s skills in manipulating Gauss sums. The task is to count, among quadratic residues modulo a prime p, the exact number of arithmetic progressions of given length. The formal count of length-3 progressions is taken to be A(p) =# (r, s, t) : r s t p = p = p =1;r = s; s − r ≡ t − s (mod p) . Note we are taking 0 ≤ r, s, t ≤ p − 1, we are ignoring trivial progressions (r, r, r), and that 0 is not a quadratic residue. So the prime p = 11, for which the quadratic residues are {1, 3, 4, 5, 9}, enjoys a total of A(11) = 10 arithmetic progressions of length three. (One of these is 4, 9, 3; i.e., we allow wraparound (mod 11); and also, descenders such as 5, 4, 3 are allowed.) First, prove that p − 1 1 A(p) =− + 2 p p−1 e 2πik(r−2s+t)/p , k=0 r,s,t where each of r, s, t runs through the quadratic residues. Then, use relations (2.12) to prove that p − 1 2 −1 A(p) = p − 6 − 2 − . 8 p p Finally, derive for the exact progression count the attractive expression p − 2 A(p) =(p− 1) . 8
- Page 74 and 75: 60 Chapter 1 PRIMES! this recreatio
- Page 76 and 77: 62 Chapter 1 PRIMES! so that A3(x)
- Page 78 and 79: 64 Chapter 1 PRIMES! Conclude that
- Page 80 and 81: 66 Chapter 1 PRIMES! implies that
- Page 82 and 83: 68 Chapter 1 PRIMES! the Riemann-Si
- Page 84 and 85: 70 Chapter 1 PRIMES! such sums can
- Page 86 and 87: 72 Chapter 1 PRIMES! Cast this sing
- Page 88 and 89: 74 Chapter 1 PRIMES! 10 10 . The me
- Page 90 and 91: 76 Chapter 1 PRIMES! These numbers
- Page 92 and 93: 78 Chapter 1 PRIMES! Next, as for q
- Page 94 and 95: 80 Chapter 1 PRIMES! (see [Bach 199
- Page 96 and 97: 82 Chapter 1 PRIMES! If one invokes
- Page 98 and 99: 84 Chapter 2 NUMBER-THEORETICAL TOO
- Page 100 and 101: 86 Chapter 2 NUMBER-THEORETICAL TOO
- Page 102 and 103: 88 Chapter 2 NUMBER-THEORETICAL TOO
- Page 104 and 105: 90 Chapter 2 NUMBER-THEORETICAL TOO
- Page 106 and 107: 92 Chapter 2 NUMBER-THEORETICAL TOO
- Page 108 and 109: 94 Chapter 2 NUMBER-THEORETICAL TOO
- Page 110 and 111: 96 Chapter 2 NUMBER-THEORETICAL TOO
- Page 112 and 113: 98 Chapter 2 NUMBER-THEORETICAL TOO
- Page 114 and 115: 100 Chapter 2 NUMBER-THEORETICAL TO
- Page 116 and 117: 102 Chapter 2 NUMBER-THEORETICAL TO
- Page 118 and 119: 104 Chapter 2 NUMBER-THEORETICAL TO
- Page 120 and 121: 106 Chapter 2 NUMBER-THEORETICAL TO
- Page 122 and 123: 108 Chapter 2 NUMBER-THEORETICAL TO
- Page 126 and 127: 112 Chapter 2 NUMBER-THEORETICAL TO
- Page 128 and 129: 114 Chapter 2 NUMBER-THEORETICAL TO
- Page 130 and 131: Chapter 3 RECOGNIZING PRIMES AND CO
- Page 132 and 133: 3.1 Trial division 119 d =3; while(
- Page 134 and 135: 3.2 Sieving 121 3.2 Sieving Sieving
- Page 136 and 137: 3.2 Sieving 123 this number’s ent
- Page 138 and 139: 3.2 Sieving 125 noticed that it was
- Page 140 and 141: 3.2 Sieving 127 } S = S \ (pS ∩ [
- Page 142 and 143: 3.3 Recognizing smooth numbers 129
- Page 144 and 145: 3.4 Pseudoprimes 131 } g =gcd(s, x)
- Page 146 and 147: 3.4 Pseudoprimes 133 Theorem 3.4.4.
- Page 148 and 149: 3.5 Probable primes and witnesses 1
- Page 150 and 151: 3.5 Probable primes and witnesses 1
- Page 152 and 153: 3.5 Probable primes and witnesses 1
- Page 154 and 155: 3.5 Probable primes and witnesses 1
- Page 156 and 157: 3.6 Lucas pseudoprimes 143 The Fibo
- Page 158 and 159: 3.6 Lucas pseudoprimes 145 Because
- Page 160 and 161: 3.6 Lucas pseudoprimes 147 use (3.1
- Page 162 and 163: 3.6 Lucas pseudoprimes 149 gcd(n, 2
- Page 164 and 165: 3.6 Lucas pseudoprimes 151 Theorem
- Page 166 and 167: 3.7 Counting primes 153 Label the c
- Page 168 and 169: 3.7 Counting primes 155 for b ≥ 2
- Page 170 and 171: 3.7 Counting primes 157 The heart o
- Page 172 and 173: 3.7 Counting primes 159 t =Im(s) ra
110 Chapter 2 NUMBER-THEORETICAL TOOLS<br />
2.20. Using appropriate results of Theorem 2.3.4, prove that for prime p>3,<br />
<br />
−3<br />
(p−1) mod 6<br />
=(−1) 4 .<br />
p<br />
Find a similar closed form for <br />
5<br />
p when p = 2, 5.<br />
2.21. Show that for prime p ≡ 1 (mod 4), the sum of the quadratic residues<br />
in [1,p− 1] is p(p − 1)/4.<br />
2.22. Show that if a is a nonsquare integer, then <br />
a<br />
p = −1 for infinitely many<br />
primes p. (Hint: First assume that a is positive and odd. Show that there is<br />
an integer b such that <br />
b<br />
a = −1 andb≡1 (mod 4). Then any positive integer<br />
n ≡ b (mod 4a) satisfies <br />
a<br />
n = −1, and so is divisible by a prime p with<br />
= −1. Show that infinitely many primes p ariseinthisway.Thendeal<br />
a<br />
p<br />
with the cases when a is even or negative.)<br />
2.23. Use Exercise 2.22 to show that if f(x) is an irreducible quadratic<br />
polynomial in Z[x], then there are infinitely many primes p such that<br />
f(x) modpis irreducible in Zp[x]. Show that x4 + 1 is irreducible in Z[x],<br />
but is reducible in each Zp[x]. What about cubic polynomials?<br />
2.24. Develop an algorithm for computing the Jacobi symbol <br />
a<br />
m along the<br />
lines of the binary gcd method of Algorithm 9.4.2.<br />
2.25. Prove: For prime p with p ≡ 3 (mod 4), given any pair of square roots<br />
of a given x ≡ 0(modp), one root is itself a quadratic residue and the other<br />
is not. (The root that is the quadratic residue is known as the principal square<br />
root.) See Exercises 2.26 and 2.42 for applications of the principal root.<br />
2.26. We denote by Z ∗ n the multiplicative group of the elements in Zn that<br />
are coprime to n.<br />
(1) Suppose n is odd and has exactly k distinct prime factors. Let J denote<br />
the set of elements x ∈ Z∗ n with the Jacobi symbol <br />
x =1andletS<br />
n<br />
denote the set of squares in Z∗ n. Show that J is a subgroup of Z∗ n of<br />
ϕ(n)/2 elements, and that S is a subgroup of J.<br />
(2) Show that squares in Z ∗ n have exactly 2 k square roots in Z ∗ n and conclude<br />
that #S = ϕ(n)/2 k .<br />
(3) Now suppose n is a Blum integer; that is, n = pq is a product of two<br />
different primes p, q ≡ 3 (mod 4). (Blum integers have importance in<br />
cryptography (see [Menezes et al. 1997] and our Section 8.2).) From parts<br />
(1) and (2), #S = 1<br />
2 #J, so that half of J’s elements are squares, and half<br />
are not. From part (2), an element of S has exactly 4 square roots. Show<br />
that exactly one of these square roots is itself in S.<br />
(4) For a Blum integer n = pq, show that the squaring function s(x) =<br />
x 2 mod n is a permutation on the set S, and that its inverse function is<br />
s −1 (y) =y ((p−1)(q−1)+4)/8 mod n.
Change language