Prime Numbers
Share Embed Flag
Download ePaper

Prime Numbers

Prime Numbers Prime Numbers

thales.doa.fmph.uniba.sk
from thales.doa.fmph.uniba.sk More from this publisher
10.12.2012 Views

3.6 Lucas pseudoprimes 145 Because of Exercise 3.26, it is convenient to rule out the polynomial x 2 − x + 1 when dealing with Lucas pseudoprimes. A similar problem occurs with x 2 + x + 1, and we rule out this polynomial, too. No other polynomials with nonsquare discriminants are ruled out, though. (Only x 2 ± x + 1 are monic, irreducible over the rationals, and have their roots also being roots of 1.) 3.6.2 Grantham’s Frobenius test The key role of the Frobenius automorphism (raising to the p-th power) in the Lucas test has been put in center stage in a new test of J. Grantham. It allows for an arbitrary polynomial in the place of x 2 − ax + b, but even in the case of quadratic polynomials, it is stronger than the Lucas test. One of the advantages of Grantham’s approach is that it cuts the tie to recurrent sequences. We describe below his test for quadratic polynomials. A little is said about the general test in Section 3.6.5. For more on Frobenius pseudoprimes see [Grantham 2001]. The argument that establishes Theorem 3.6.3 also establishes on the way (3.10) and (3.11). But Theorem 3.6.3 only extracts part of the information from these congruences. The Frobenius test maintains their full strength. Definition 3.6.5. Let a, b be integers with ∆ = a 2 −4b not a square. We say that a composite number n with gcd(n, 2b∆) = 1 is a Frobenius pseudoprime with respect to f(x) =x 2 − ax + b if x n ∆ a − x (mod (f(x),n)), if n = −1, ≡ x (mod (f(x),n)), if ∆ n =1. (3.12) At first glance it may seem that we are still throwing away half of (3.10) and (3.11), but we are not; see Exercise 3.27. It is easy to give a criterion for a Frobenius pseudoprime with respect to a quadratic polynomial, in terms of the Lucas sequences (Um), (Vm). Theorem 3.6.6. Let a, b be integers with ∆=a2 − 4b not a square and let n be a composite number with gcd(n, 2b∆) = 1. Then n is a Frobenius pseudoprime with respect to x2 − ax + b if and only if ∆ 2b, when U ∆ n−( n) ≡ 0(modn) and Vn−( ∆ n) ≡ Proof. Let f(x) =x 2 − ax + b. Weusetheidentity n = −1 2, when ∆ n =1. 2x m ≡ (2x − a)Um + Vm (mod (f(x),n)), which is self-evident from (3.8). Then the congruences in the theorem lead to xn+1 ≡ b (mod (f(x),n)) in the case ∆ n−1 n = −1 andx ≡ 1(mod(f(x),n)) in the case ∆ n n = 1. The latter case immediately gives x ≡ x (mod (f(x),n)),

146 Chapter 3 RECOGNIZING PRIMES AND COMPOSITES and the former, via x(a − x) ≡ b (mod (f(x),n)), leads to xn ≡ a − x (mod (f(x),n)). Thus, n is a Frobenius pseudoprime with respect to f(x). Now suppose n is a Frobenius pseudoprime with respect to f(x). Exercise 3.27 shows that n is a Lucas pseudoprime with respect to f(x), namely that U ∆ n−( ≡ 0(modn). Thus, from the identity above, 2xn−(∆n) ≡ n) V ∆ n−( n) (mod (f(x),n)). Suppose ∆ n+1 n = −1. Then x ≡ (a − x)x ≡ b (mod (f(x),n)), so that Vn+1 ≡ 2b (mod n). Finally, suppose ∆ n =1.Then since x is invertible modulo (f(x),n), we have xn−1 ≡ 1(mod(f(x),n)), which gives Vn−1 ≡ 2(modn). ✷ The first Frobenius pseudoprime n with respect to x2 − x − 1 is 4181 (the nineteenth Fibonacci number), and the first with 5 n = −1 is 5777. We thus see that not every Lucas pseudoprime is a Frobenius pseudoprime, that is, the Frobenius test is more stringent. In fact, the Frobenius pseudoprime test can be very effective. For example, for x2 +5x + 5 we don’t know any examples at all of a Frobenius pseudoprime n with 5 n = −1, though such numbers are conjectured to exist; see Exercise 3.42. 3.6.3 Implementing the Lucas and quadratic Frobenius tests It turns out that we can implement the Lucas test in about twice the time of an ordinary pseudoprime test, and we can implement the Frobenius test in about three times the time of an ordinary pseudoprime test. However, if we approach these tests naively, the running time is somewhat more than just claimed. To achieve the factors two and three mentioned, a little cleverness is required. As before, we let a, b be integers with ∆ = a 2 − 4b not a square, and we define the sequences (Uj), (Vj) as in (3.8). We first remark that it is easy to deal solely with the sequence (Vj). If we have Vm and Vm+1, wemay immediately recover Um via the identity Um =∆ −1 (2Vm+1 − aVm). (3.13) We next remark that it is easy to compute Vm for large m from earlier values using the following simple rule: If 0 ≤ j ≤ k, then Vj+k = VjVk − b j Vk−j. (3.14) Suppose now that b = 1. We record the formula (3.14) in the special cases k = j and k = j +1: V2j = V 2 j − 2, V2j+1 = VjVj+1 − a (in the case b =1). (3.15) Thus, if we have the residues Vj (mod n), Vj+1 (mod n), then we may compute, via (3.15), either the pair V2j (mod n), V2j+1 (mod n) or the pair V2j+1 (mod n), V2j+2 (mod n), with each choice taking 2 multiplications modulo n and an addition modulo n. Starting from V0,V1 we can recursively

146 Chapter 3 RECOGNIZING PRIMES AND COMPOSITES<br />

and the former, via x(a − x) ≡ b (mod (f(x),n)), leads to xn ≡ a − x<br />

(mod (f(x),n)). Thus, n is a Frobenius pseudoprime with respect to f(x).<br />

Now suppose n is a Frobenius pseudoprime with respect to f(x). Exercise<br />

3.27 shows that n is a Lucas pseudoprime with respect to f(x), namely<br />

that U ∆ n−( ≡ 0(modn). Thus, from the identity above, 2xn−(∆n)<br />

≡<br />

n)<br />

V ∆ n−( n) (mod (f(x),n)). Suppose <br />

∆<br />

n+1<br />

n = −1. Then x ≡ (a − x)x ≡ b<br />

(mod (f(x),n)), so that Vn+1 ≡ 2b (mod n). Finally, suppose <br />

∆<br />

n =1.Then<br />

since x is invertible modulo (f(x),n), we have xn−1 ≡ 1(mod(f(x),n)),<br />

which gives Vn−1 ≡ 2(modn). ✷<br />

The first Frobenius pseudoprime n with respect to x2 − x − 1 is 4181 (the<br />

nineteenth Fibonacci number), and the first with <br />

5<br />

n = −1 is 5777. We thus<br />

see that not every Lucas pseudoprime is a Frobenius pseudoprime, that is, the<br />

Frobenius test is more stringent. In fact, the Frobenius pseudoprime test can<br />

be very effective. For example, for x2 +5x + 5 we don’t know any examples<br />

at all of a Frobenius pseudoprime n with <br />

5<br />

n = −1, though such numbers are<br />

conjectured to exist; see Exercise 3.42.<br />

3.6.3 Implementing the Lucas and quadratic Frobenius tests<br />

It turns out that we can implement the Lucas test in about twice the time<br />

of an ordinary pseudoprime test, and we can implement the Frobenius test in<br />

about three times the time of an ordinary pseudoprime test. However, if we<br />

approach these tests naively, the running time is somewhat more than just<br />

claimed. To achieve the factors two and three mentioned, a little cleverness is<br />

required.<br />

As before, we let a, b be integers with ∆ = a 2 − 4b not a square, and<br />

we define the sequences (Uj), (Vj) as in (3.8). We first remark that it is<br />

easy to deal solely with the sequence (Vj). If we have Vm and Vm+1, wemay<br />

immediately recover Um via the identity<br />

Um =∆ −1 (2Vm+1 − aVm). (3.13)<br />

We next remark that it is easy to compute Vm for large m from earlier values<br />

using the following simple rule: If 0 ≤ j ≤ k, then<br />

Vj+k = VjVk − b j Vk−j. (3.14)<br />

Suppose now that b = 1. We record the formula (3.14) in the special cases<br />

k = j and k = j +1:<br />

V2j = V 2<br />

j − 2, V2j+1 = VjVj+1 − a (in the case b =1). (3.15)<br />

Thus, if we have the residues Vj (mod n), Vj+1 (mod n), then we may<br />

compute, via (3.15), either the pair V2j (mod n), V2j+1 (mod n) or the pair<br />

V2j+1 (mod n), V2j+2 (mod n), with each choice taking 2 multiplications<br />

modulo n and an addition modulo n. Starting from V0,V1 we can recursively

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!