Prime Numbers

208 Chapter 4 PRIMALITY PROVING
Theorem 4.5.4. Suppose n is an integer with n ≥ 2, f(x) is a monic
polynomial in Zn[x] of degree d, where d>lg 2 n,
and
f(x n ) ≡ 0(modf(x)), x nd
≡ x (mod f(x)), (4.27)
x nd/q
− x and f(x) are coprime for all primes q dividing d. (4.28)
Suppose too that
(x + a) n ≡ x n + a (mod f(x)) (4.29)
for each integer a with 0 ≤ a ≤ √ d lg n. Then if n is divisible by a prime
p> √ d lg n, then n = p m for some positive integer m.
The notion of two polynomials being coprime in Zn[x] was discussed in
Definition 4.3.1. Note that reduction modulo n for polynomial coefficients is
assumed, since the polynomials in Theorem 4.5.4 are assumed to be in Zn[x].
Proof. We largely follow the proof of Theorem 4.5.2. Let p be a prime factor
of n that exceeds √ d lg n. As before, but with f(x) inplaceofx r −1, we define
G = {g(x) ∈ Zp[x] : g(x) n ≡ g(x n )(modf(x))}.
And as before, but this time by assumption (4.27), we have f(x)|f(x n )in
Zp[x]. Thus, G is closed under multiplication and is a union of residue classes
modulo f(x). Thus, our proof that
J = {j ∈ Z : j>0, g(x) j ≡ g(x j )(modf(x)) for all g(x) ∈ G}
is closed under multiplication is also as before. Let h(x) be an irreducible
factor of f(x) when considered modulo p, and denote by ζ arootofh(x) in
the splitting field K of h(x) overFp. Then the finite field K = Fp(ζ) isthe
homomorphic image of the ring Zp[x]/(f(x)), where the coset representing x
is sent to ζ. By (4.28), x is coprime to f(x) inZp[x], so that ζ = 0inK. Let
r be the multiplicative order of ζ. By (4.28) we must have ζnd/q = ζ for each
prime q|d, sothatζ nd/q −1 = 1 for these q’s. Also, by (4.27) and the fact that
ζ is nonzero in K, wehaveζ nd −1 = 1. Thus, the order of n in Z ∗ r is exactly d.
In the argument for Theorem 4.5.2 we had d equal to the order of the
subgroup generated by n and p in Z ∗ r, while now it is just the order of
the subgroup generated by n. However, in our present context, the two
subgroups are the same; that is, p ≡ n i (mod r) for some nonnegative integer
i. We see this as follows. First note that clearly we have f(x) ∈ G, since
f(x n ) ≡ 0 ≡ f(x) n (mod f(x)). Thus, f(ζ) j = f(ζ j ) for all j ∈ J. But
f(ζ) = 0, so that each ζ j is a root of f in K. Nowζ has order r and f has
degree d, so that the number of residue classes occupied by j mod r for j ∈ J
is at most d; indeed, f cannot have more roots in the finite field K than its
degree. However, the powers of n already occupy d residue classes modulo r,