Prime Numbers
Share Embed Flag
Download ePaper

Prime Numbers

Prime Numbers Prime Numbers

thales.doa.fmph.uniba.sk
from thales.doa.fmph.uniba.sk More from this publisher
10.12.2012 Views

3.6 Lucas pseudoprimes 151 Theorem 3.6.10. Suppose n is a composite number that is not a square and not divisible by any prime up to 50000. Then n is a strong Frobenius pseudoprime with respect to at most 1/7710 of all polynomials x2 − ax + b, where a, b run over the integers in [1,n] with a 2 −4b b n = −1 and n =1. This result should be contrasted with the Monier–Rabin theorem (Theorem 3.5.4). If one does three random strong pseudoprime tests, that result implies that a composite number will fail to be recognized as such at most 1/64 of the time. Using Theorem 3.6.10, in about the same time, one has a test that recognizes composites with failure at most 1/7710 of the time. A recent test in [Zhang 2002] should be mentioned in this context. It combines a strong probable prime test and a Lucas test, giving a result that is superior to the quadratic Frobenius test in all but a thin set of cases. 3.6.5 The general Frobenius test In the last few sections we have discussed Grantham’s Frobenius test for quadratic polynomials. Here we briefly describe how the idea generalizes to arbitrary monic polynomials in Z[x]. Let f(x) be a monic polynomial in Z[x] withdegreed ≥ 1. We do not necessarily assume that f(x) is irreducible. Suppose p is an odd prime that does not divide the discriminant, disc(f), of f(x). (The discriminant of a monic polynomial f(x) ofdegreed may be computed as (−1) d(d−1)/2 times the resultant of f(x) and its derivative. This resultant is the determinant of the (2d−1)×(2d−1) matrix whose i, j entry is the coefficient of x j−i in f(x)for i =1,...,d−1 and is the coefficient of x j−(i−d+1) in f ′ (x) fori = d,...,2d−1, where if the power of x does not actually appear, the matrix entry is 0.) Since disc(f) = 0 if and only if f(x) has no repeated irreducible factors of positive degree, the hypothesis that p does not divide disc(f) automatically implies that f has no repeated factors. By reducing its coefficients modulo p, we may consider f(x) inFp[x]. To avoid confusion, we shall denote this polynomial by f(x). Consider the polynomials F1(x),F2(x),...,Fd(x) inFp[x] defined by F1(x) =gcd(x p − x, f(x)), F2(x) =gcd(x p2 − x, f(x)/F1(x)), . Fd(x) =gcd(x pd − x, f(x)/(F1(x) ···Fd−1(x))). Then the following assertions hold: (1) i divides deg(Fi(x)) for i =1,...,d, (2) Fi(x) divides Fi(x p )fori =1,...,d, (3) for S = i even 1 i deg(Fi(x)),

152 Chapter 3 RECOGNIZING PRIMES AND COMPOSITES we have (−1) S disc(f) = . p Assertion (1) follows, since Fi(x) is precisely the product of the degree-i irreducible factors of f(x), so its degree is a multiple of i. Assertion (2) holds for all polynomials in Fp[x]. Assertion (3) is a little trickier to see. The idea is to consider the Galois group for the polynomial f(x) overFp. The Frobenius automorphism (which sends elements of the splitting field of f(x) totheir p-th powers) of course permutes the roots of f(x) in the splitting field. It acts as a cyclic permutation of the roots of each irreducible factor, and hence the sign of the whole permutation is given by −1 to the number of even-degree irreducible factors. That is, the sign of the Frobenius automorphism is exactly (−1) S . However, it follows from basic Galois theory that the Galois group of a polynomial with distinct roots consists solely of even permutations of the roots if and only if the discriminant of the polynomial is a square. Hence the sign of the Frobenius automorphism is identical to the Legendre symbol , which then establishes the third assertion. disc(f) p The idea of Grantham is that the above assertions can actually be numerically checked and done so easily, even if we are not sure that p is prime. If one of the three assertions does not hold, then p is revealed as composite. This, then, is the core of the Frobenius test. One says that n is a Frobenius pseudoprime with respect to the polynomial f(x) ifnis composite, yet the test does not reveal this. For many more details, the reader is referred to [Grantham 1998, 2001]. 3.7 Counting primes The prime number theorem (Theorem 1.1.4) predicts approximately the value of π(x), the number of primes p with p ≤ x. It is interesting to compare these predictions with actual values, as we did in Section 1.1.5. The computation of π 10 21 = 21127269486018731928 was certainly not performed by having a computer actually count each and every prime up to 10 21 . There are far too many of them. So how then was the task actually accomplished? We give in the next sections two different ways to approach the interesting problem of prime counting, a combinatorial method and an analytic method. 3.7.1 Combinatorial method We shall study here an elegant combinatorial method due to Lagarias, Miller, and Odlyzko, with roots in the work of Meissel and Lehmer; see [Lagarias et al. 1985], [Deléglise and Rivat 1996]. The method allows the calculation of π(x) in bit complexity O x 2/3+ɛ ,usingO x 1/3+ɛ bits of space (memory).

3.6 Lucas pseudoprimes 151<br />

Theorem 3.6.10. Suppose n is a composite number that is not a square<br />

and not divisible by any prime up to 50000. Then n is a strong Frobenius<br />

pseudoprime with respect to at most 1/7710 of all polynomials x2 − ax + b,<br />

where a, b run over the integers in [1,n] with a 2 <br />

−4b<br />

b<br />

n = −1 and n =1.<br />

This result should be contrasted with the Monier–Rabin theorem<br />

(Theorem 3.5.4). If one does three random strong pseudoprime tests, that<br />

result implies that a composite number will fail to be recognized as such at<br />

most 1/64 of the time. Using Theorem 3.6.10, in about the same time, one has<br />

a test that recognizes composites with failure at most 1/7710 of the time. A<br />

recent test in [Zhang 2002] should be mentioned in this context. It combines<br />

a strong probable prime test and a Lucas test, giving a result that is superior<br />

to the quadratic Frobenius test in all but a thin set of cases.<br />

3.6.5 The general Frobenius test<br />

In the last few sections we have discussed Grantham’s Frobenius test for<br />

quadratic polynomials. Here we briefly describe how the idea generalizes to<br />

arbitrary monic polynomials in Z[x].<br />

Let f(x) be a monic polynomial in Z[x] withdegreed ≥ 1. We do not<br />

necessarily assume that f(x) is irreducible. Suppose p is an odd prime that<br />

does not divide the discriminant, disc(f), of f(x). (The discriminant of a<br />

monic polynomial f(x) ofdegreed may be computed as (−1) d(d−1)/2 times<br />

the resultant of f(x) and its derivative. This resultant is the determinant of<br />

the (2d−1)×(2d−1) matrix whose i, j entry is the coefficient of x j−i in f(x)for<br />

i =1,...,d−1 and is the coefficient of x j−(i−d+1) in f ′ (x) fori = d,...,2d−1,<br />

where if the power of x does not actually appear, the matrix entry is 0.) Since<br />

disc(f) = 0 if and only if f(x) has no repeated irreducible factors of positive<br />

degree, the hypothesis that p does not divide disc(f) automatically implies<br />

that f has no repeated factors.<br />

By reducing its coefficients modulo p, we may consider f(x) inFp[x].<br />

To avoid confusion, we shall denote this polynomial by f(x). Consider the<br />

polynomials F1(x),F2(x),...,Fd(x) inFp[x] defined by<br />

F1(x) =gcd(x p − x, f(x)),<br />

F2(x) =gcd(x p2<br />

− x, f(x)/F1(x)),<br />

.<br />

Fd(x) =gcd(x pd<br />

− x, f(x)/(F1(x) ···Fd−1(x))).<br />

Then the following assertions hold:<br />

(1) i divides deg(Fi(x)) for i =1,...,d,<br />

(2) Fi(x) divides Fi(x p )fori =1,...,d,<br />

(3) for<br />

S = <br />

i even<br />

1<br />

i deg(Fi(x)),

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!