Prime Numbers
Share Embed Flag
Download ePaper

Prime Numbers

Prime Numbers Prime Numbers

thales.doa.fmph.uniba.sk
from thales.doa.fmph.uniba.sk More from this publisher
10.12.2012 Views

194 Chapter 4 PRIMALITY PROVING The reason for assuming x > 16 is to ensure that the triple-logarithm is positive. It is not necessary in the results so far that I be squarefree, but because of an algorithm in the next section, this condition is included in the above result. Corollary 4.3.6. There is a positive number c ′ such that the expected running time for Algorithm 4.3.4 to declare a prime input n to be prime is less than (ln n) c′ ln ln ln n . Since the triple log function grows so slowly, this running-time bound is “almost” ln O(1) n, and so is “almost” polynomial time. 4.4 Gauss and Jacobi sums In 1983, Adleman, Pomerance, and Rumely [Adleman et al. 1983] published a primality test with the running-time bound of (ln n) c ln ln ln n for prime inputs n and some positive constant c. The proof rested on Theorem 4.3.5 and on arithmetic properties of Jacobi sums. Two versions of the test were presented, a somewhat simpler and more practical version that was probabilistic, and a deterministic test. Both versions had the same complexity estimate. As with some of the other algorithms in this chapter, a declaration of primality in the probabilistic APR test definitely implies that the number is prime. The only thing in doubt is a prediction of the running time. Shortly afterwards, there were two types of developments. In one direction, more practical versions of the test were found, and in the other, less practical, but simpler versions of the test were found. In the next section we shall discuss one of the second variety, the deterministic Gauss sums test of H. Lenstra [Lenstra 1981]. 4.4.1 Gauss sums test In Section 2.3.1 we introduced Gauss sums for quadratic characters. Here we consider Gauss sums for arbitrary Dirichlet characters. If q is a prime with primitive root g and if ζ is a complex number with ζ q−1 =1,thenwecan “construct” a character χ to the modulus q via χ(g k )=ζ k for every integer k (and of course, χ(m) =0ifm is a multiple of q). (See Section 1.4.3 for a discussion of characters.) We may also “construct” the Gauss sum τ(χ). With the notation ζn = e 2πi/n (which is a primitive n-th root of 1), we define τ(χ) = q−1 χ(m)ζ m=1 m q−1 q = χ(g k=1 k )ζ gk q−1 q = ζ k=1 k ζ gk q . As a character mod q, the order of χ is a divisor of q − 1. Suppose p is a prime factor of q − 1 and we wish the order of χ to be exactly p. Wemay concretely construct such a character χp,q as follows. Suppose g = gq is the least positive primitive root for q, andletχp,q(g k q )=ζ k p for every integer k. As in the above paragraph, we have thus defined a character mod q since

4.4 Gauss and Jacobi sums 195 ζq−1 p = 1. And, as χp,q(m) p = 1 for every nonzero residue m mod q, and χp,q(gq) = 1, it follows that χp,q has order p. Let G(p, q) =τ(χp,q) = q−1 m=1 χp,q(m)ζ m q−1 q = k=1 ζ k p ζ gk q−1 q q = ζ k mod p p q k=1 ζ gk q mod q (That this definition in the case p = 2 is equivalent to that in Definition 2.3.6 is the subject of Exercise 4.20.) We are interested in the Gauss sums G(p, q) for their arithmetic properties, though it may not be clear what a sum of lots of complex numbers has to do with arithmetic! The Gauss sum G(p, q) is an element of the ring Z[ζp,ζq]. Elements of the ring can be expressed uniquely as sums p−2 q−2 j=0 k=0 aj,kζ j pζ k q where each aj,k ∈ Z. We thus can say what it means for two elements of Z[ζp,ζq] to be congruent modulo n; namely, the corresponding integer coefficients are congruent modulo n. Also note that if α is in Z[ζp,ζq], then so is its complex conjugate α. It is very important in actual ring computations to treat ζp,ζq symbolically. As with Lucas sequences, where we work symbolically with the roots of quadratic polynomials, we treat ζp,ζq as symbols x, y, say, which obey the rules x p−1 + x p−2 + ···+1=0, y q−1 + y q−2 + ···+1=0. In particular, one may avoid complex-floating-point methods. We begin with a well-known result about Gauss sums. Lemma 4.4.1. If p, q are primes with p | q − 1, then G(p, q)G(p, q) =q. Proof. Let χ = χp,q. Wehave Let m −1 2 G(p, q)G(p, q) = q−1 q−1 χ(m1)χ(m2)ζ m1=1 m2=1 m1−m2 q . denote a multiplicative inverse of m2 modulo q, sothatχ(m2) = χ(m −1 −1 2 ). Note that if m1m2 ≡ a (mod q), then χ(m1)χ(m2) =χ(a) and m1 − m2 ≡ (a − 1)m2 (mod q). Thus, q−1 G(p, q)G(p, q) = χ(a) a=1 q−1 m=1 ζ (a−1)m q . The inner sum is q − 1 in the case a = 1 and is −1 in the cases a>1. Thus, q−1 q−1 G(p, q)G(p, q) =q − 1 − χ(a) =q − χ(a). Finally, by (1.28), this last sum is 0, which proves the lemma. ✷ a=2 a=1 .

194 Chapter 4 PRIMALITY PROVING<br />

The reason for assuming x > 16 is to ensure that the triple-logarithm is<br />

positive. It is not necessary in the results so far that I be squarefree, but<br />

because of an algorithm in the next section, this condition is included in the<br />

above result.<br />

Corollary 4.3.6. There is a positive number c ′ such that the expected<br />

running time for Algorithm 4.3.4 to declare a prime input n to be prime is<br />

less than (ln n) c′ ln ln ln n .<br />

Since the triple log function grows so slowly, this running-time bound is<br />

“almost” ln O(1) n, and so is “almost” polynomial time.<br />

4.4 Gauss and Jacobi sums<br />

In 1983, Adleman, Pomerance, and Rumely [Adleman et al. 1983] published a<br />

primality test with the running-time bound of (ln n) c ln ln ln n for prime inputs<br />

n and some positive constant c. The proof rested on Theorem 4.3.5 and on<br />

arithmetic properties of Jacobi sums. Two versions of the test were presented,<br />

a somewhat simpler and more practical version that was probabilistic, and a<br />

deterministic test. Both versions had the same complexity estimate. As with<br />

some of the other algorithms in this chapter, a declaration of primality in the<br />

probabilistic APR test definitely implies that the number is prime. The only<br />

thing in doubt is a prediction of the running time.<br />

Shortly afterwards, there were two types of developments. In one direction,<br />

more practical versions of the test were found, and in the other, less practical,<br />

but simpler versions of the test were found. In the next section we shall discuss<br />

one of the second variety, the deterministic Gauss sums test of H. Lenstra<br />

[Lenstra 1981].<br />

4.4.1 Gauss sums test<br />

In Section 2.3.1 we introduced Gauss sums for quadratic characters. Here we<br />

consider Gauss sums for arbitrary Dirichlet characters. If q is a prime with<br />

primitive root g and if ζ is a complex number with ζ q−1 =1,thenwecan<br />

“construct” a character χ to the modulus q via χ(g k )=ζ k for every integer<br />

k (and of course, χ(m) =0ifm is a multiple of q). (See Section 1.4.3 for a<br />

discussion of characters.) We may also “construct” the Gauss sum τ(χ). With<br />

the notation ζn = e 2πi/n (which is a primitive n-th root of 1), we define<br />

τ(χ) =<br />

q−1<br />

χ(m)ζ<br />

m=1<br />

m q−1<br />

q = χ(g<br />

k=1<br />

k )ζ gk<br />

q−1<br />

q = ζ<br />

k=1<br />

k ζ gk<br />

q .<br />

As a character mod q, the order of χ is a divisor of q − 1. Suppose p is<br />

a prime factor of q − 1 and we wish the order of χ to be exactly p. Wemay<br />

concretely construct such a character χp,q as follows. Suppose g = gq is the<br />

least positive primitive root for q, andletχp,q(g k q )=ζ k p for every integer k.<br />

As in the above paragraph, we have thus defined a character mod q since

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!