Prime Numbers

148 Chapter 3 RECOGNIZING PRIMES AND COMPOSITES
and the “b” number for the second sequence is a square! Thus, if gcd(n, b) =1
and we let A be an integer with A ≡ b −1 V2(a, b) ≡ a 2 b −1 − 2(modn), then
we have
V2m(a, b) ≡ b m Vm(A, 1) (mod n). (3.16)
Similarly, we have
U2m(a, b) ≡ ab m−1 Um(A, 1) (mod n),
so that using (3.13) (with A, 1fora, b, so that “∆” in (3.13) is A 2 − 4), we
have
U2m(a, b) ≡ (a∆) −1 b m+1 2Vm+1(A, 1) − AVm(A, 1) (mod n). (3.17)
We may use the above method of binary Lucas chains to efficiently
compute the pair Vm(A, 1) (mod n), Vm+1(A, 1) (mod n), where n is a number
coprime to b and we view A as an integer modulo n. Thus, via (3.16), (3.17),
we may find V2m(a, b),U2m(a, b) (modn). And from these, with 2m = n−
∆
n ,
we may see whether n is a Lucas pseudoprime or Frobenius pseudoprime with
respect to x2 − ax + b.
We summarize these notions in the following theorem.
Theorem 3.6.8. Suppose that a, b, ∆,A are as above and that n is a
composite number coprime to 2ab∆. Then n is a Lucas pseudoprime with
respect to x 2 − ax + b if and only if
AV 1
2(n−( ∆ (A, 1) ≡ 2V 1
n)) 2(n−( ∆ (A, 1) (mod n). (3.18)
n))+1
Moreover, n is a Frobenius pseudoprime with respect to x 2 −ax+b if and only
if the above holds and also
b (n−1)/2 V 1
2(n−( ∆ (A, 1) ≡ 2(modn). (3.19)
n))
∆ n −
As we have seen above, for m = 1
2
n
, the pair Vm(A, 1), Vm+1(A, 1)
may be computed modulo n using fewer than 2 lg n multiplications mod n and
lg n additions mod n. Half of the multiplications mod n are squarings mod n.
A Fermat test also involves lg n squarings mod n, and up to lg n additional
multiplications mod n, if we use Algorithm 2.1.5 for the binary ladder. We
conclude from (3.18) that the time to do a Lucas test is at most twice the
time to do a Fermat test. To apply (3.19) we must also compute b (n−1)/2
(mod n), so we conclude that the time to do a Frobenius test (for a quadratic
polynomial) is at most three times the time to do a Fermat test.
As with the Fermat test and the strong Fermat test, we apply the Lucas
test and the Frobenius test to numbers n that are not known to be prime
or composite. Following is pseudocode for these tests along the lines of this
section.
Algorithm 3.6.9 (Lucas probable prime test).
We are given integers n, a, b, ∆, with ∆=a 2 − 4b, ∆ not a square, n>1,