Gary Fredericks on Probabilistic algorithm for testing primality

Transcript

1. Miller-Rabin Primality Test Gary Fredericks September 22, 2014

2. About Me Software engineer at Groupon Fan of pure math,

   theoretical CS @gfredericks_

3. Why Number Theory?

4. About This Paper "Probabilistic Algorithm for Testing Primality" Michael O.

   Rabin, 1977 Modies a deterministic but presumptive algorithm published by Gary L. Miller in 1976 The algorithm has become known as the "Miller-Rabin Primality Test" The paper itself is not very accessible (whoopsie-doodle)

5. About This Talk Motivate the problem I.e., why I like

   numbers Describe the algorithm Try to give an intuition for why it works

6. Numbers

7. Numbers 0, 1, 2, 3, 4, 5, 6, . .

   . 3 + 8 = 11 6 · 7 = 42

8. Addition Addition shifts the number line. 1 0, 1, 2,

   3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,16,... 2 + 7: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,...

9. ? + ? = 53671 0 + 53671 1 +

   53670 2 + 53669 3 + 53668 ... 53671 + 0

10. Multiplication Multiplication scales the number line. 1 0, 1, 2,

    3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15, 2 * 3: 0, 1, 2, 3, 4, 5,

11. ?·? = 53671 1 · 53671 53671 · 1 Um...

12. Divisibility Graph 2 3 4 5 6 7 8 9

    10 11 12 13 14 15 16 17 18 19 20 21 22 23

13. Factoring 24 24 6⋅4 2⋅3⋅4 2⋅3⋅2⋅2

14. Unique Factorizations 24 8⋅3 6⋅4 12⋅2 4⋅3⋅2 6⋅2⋅2 3⋅2⋅2⋅2

15. Unique Factorizations A positive integer can be viewed as a

    multiset of primes. 24 2 2 2 3

16. Unique Factorizations 1 = 2 = 2 3 = 3

    4 = 2 · 2 5 = 5 6 = 2 · 3 7 = 7 8 = 2 · 2 · 2 9 = 3 · 3 10 = 2 · 5 11 = 11 12 = 2 · 2 · 3 13 = 13 14 = 2 · 7 15 = 3 · 5 16 = 2 · 2 · 2 · 2 17 = 17 18 = 2 · 3 · 3 19 = 19 20 = 2 · 2 · 5 21 = 3 · 7 22 = 2 · 11 23 = 23 24 = 2 · 2 · 2 · 3 25 = 5 · 5 26 = 2 · 13 27 = 3 · 3 · 3 28 = 2 · 2 · 7 29 = 29 30 = 2 · 3 · 5 31 = 31 32 = 2· 2· 2· 2· 2 33 = 3 · 11 34 = 2 · 17 35 = 5 · 7 36 = 2 · 2 · 3 · 3

17. Concepts explained using unique factorization Multiplication Division Divisibility Prime /

    Composite GCD Coprimality Reduc{ing,ed} fractions Which fractions have nite decimal representations Which numbers have "obvious" divisors?

18. Multiplication Multiplication is just a multiset sum. 6 2 3

    · 7 7 = 42 2 3 7

19. Division Division is just a multiset dierence. 42 2 3

    7 ö 6 2 3 = 7 7

20. Divisibility a is divisible by b if b's factorization is

    a subset of a's. 20 2 2 5 100 2 2 5 5

21. Prime / Composite A prime number is a number whose

    prime factorization is itself. 41 41 42 2 3 7

22. GCD: 90 and 525 The greatest common divisor (GCD) of

    two numbers is the intersection of their factorizations. gcd( 90 2 3 3 5 , 525 3 5 5 7 ) = 15 3 5

23. GCD: 90 and 527 gcd( 90 2 3 3 5

    , 527 17 31 ) = 1

24. Coprimality Two integers are coprime if they have no factors

    in common. 90 2 3 3 5 527 17 31

25. Reduc{ing,ed} fractions Reducing a fraction just means removing the common

    parts of the numerator and denominator's factorizations. 90 525 = 2 · 3 · ¡ 3 · ¡ 5 ¡ 3 · ¡ 5 · 5 · 7 = 2 · 3 5 · 7 = 6 35 A reduced fraction has a numerator and denominator that are coprime.

26. Which fractions have nite decimal representations? 1 2 = 0.5

    2 3 = 0.3. . . 3 4 = 0.75 4 5 = 0.8 5 6 = 0.83. . . 6 7 = 0.857142. . . 7 8 = 0.875 8 9 = 0.8. . . 9 10 = 0.9 10 11 = 0.90. . . 11 12 = 0.916. . .

27. Which fractions have nite decimal representations? 1 2 = 1

    2 = 0.5 2 3 = 2 3 = 0.3. . . 3 4 = 3 2·2 = 0.75 4 5 = 2·2 5 = 0.8 5 6 = 5 2·3 = 0.83. . . 6 7 = 2·3 7 = 0.857142. . . 7 8 = 7 2·2·2 = 0.875 8 9 = 2·2·2 3·3·3 = 0.8. . . 9 10 = 3·3·3 2·5 = 0.9 10 11 = 2·5 11 = 0.90. . . 11 12 = 11 2·2·3 = 0.916. . .

28. Which numbers have "obvious" divisors? 1225285014 1222105395 6431163840 2202551775 7118220000

    2729925887

29. Computational Problems

30. Factorization Problem 3289540009901 ?

31. Primality testing Factorization seems to be dicult. 1 Could it

    be an easier problem to simply identify whether a number is prime or composite without necessarily determining its factorization? 2 1 Without a quantum computer 2 Yes. Yes of course it could that's what this talk is about.

32. The Miller-Rabin Primality Test

33. The Miller-Rabin Primality Test 1 (defn probably-prime? 2 "Returns true

    if n is probably prime, 3 false if it is certainly not. A 4 higher test-count gives exponentially 5 higher certainty when it returns true, 6 but increases the runtime." 7 [n test-count] 8 (let [potential-witness #(+ 2 (rand-int (- n 3)))] 9 (->> (repeatedly test-count potential-witness) 10 (not-any? (fn [b] (witness? n b))))))

34. Probably The central theorem in the paper is that for

    any composite number n, at least 3 4 of the potential witnesses are actually witnesses. Reality Asserts prime Asserts composite prime 100% 0% composite 25% 75%

35. Is it really a prime? Probability of failure is: 1

    4 x 1 run: 1 4 2 runs: 1 16 10 runs: 1 1048576 100 runs: 1 1606938044258990275541962092341162602522202993782792835301376

36. What is a witness? 1 (defn witness? 2 "Returns true

    if b is a witness 3 to the compositeness of n." 4 [n b] 5 (or (witness-a? n b) 6 (witness-b? n b)))

37. Where are we headed? For each of witness-a? and witness-b?:

    What is the code/logic? Why does this correctly detect compositeness? How common are the witnesses?

38. witness-a?

39. witness-a? 1 (defn witness-a? 2 "Returns true if b^(n-1) is

    not 3 congruent to 1 mod n." 4 [n b] 5 (not= 1 (pow-mod b (dec n) n)))

40. For primes 1 (defn witness-a-density 2 "Returns the fraction of

    candidate 3 witnesses that meet criteria (a)." 4 [n] 5 (let [c (->> (range 2 n) 6 (filter (fn [b] (witness-a? n b))) 7 (count))] 8 (/ c (- n 2)))) 9 10 (->> (range 3 10000) 11 (filter prime?) 12 (map witness-a-density) 13 (frequencies)) ;;=> {0 1228}

41. For composites 1 (->> (range 10000) 2 (filter composite?) 3

    (map witness-a-density) 4 (stats)) ;; Of 8769 numbers... ;; min: 0.20 ;; max: 1.00 ;; median: 1.00 ;; avg: 0.99 ;;=> nil

42. witness-a? 1 (defn witness-a? 2 "Returns true if b^(n-1) is

    not 3 congruent to 1 mod n." 4 [n b] 5 (not= 1 (pow-mod b (dec n) n))) Fermat's Little Theorem For a prime p and 0 < b < p: bp −1 ≡ 1 mod p

43. Modular Arithmetic Arithmetic using the integers 0. . . n

    − 1, doing all addition and multiplication mod n.

44. Multiplication mod 10 0 1 2 3 4 5 6

    7 8 9 0 0 0 0 0 0 0 0 0 0 0 1 0 1 2 3 4 5 6 7 8 9 2 0 2 4 6 8 0 2 4 6 8 3 0 3 6 9 2 5 8 1 4 7 4 0 4 8 2 6 0 4 8 2 6 5 0 5 0 5 0 5 0 5 0 5 6 0 6 2 8 4 0 6 2 8 4 7 0 7 4 1 8 5 2 9 6 3 8 0 8 6 4 2 0 8 6 4 2 9 0 9 8 7 6 5 4 3 2 1

45. Multiplication, n = 28

46. Multiplication, n = 28,b = 2 0 1 2 4

    8 3 6 12 16 5 10 20 24 7 14 9 18 11 22 13 26 15 17 19 21 23 25 27

47. Multiplication, n = 28,b = 3 0 1 3 9

    2 6 18 27 4 12 8 5 15 17 26 7 21 24 16 25 10 11 13 14 23 20 22 19

48. Multiplication, n = 28,b = 4 0 1 4 16

    2 8 3 12 20 5 24 6 7 9 10 11 13 14 15 17 18 19 21 22 23 25 26 27

49. Multiplication, n = 28,b = 5 0 1 5 25

    2 10 22 3 15 19 4 20 16 13 6 7 8 12 9 17 26 11 27 23 14 24 18 21

50. Multiplication, n = 28,b = 6 0 1 6 8

    2 12 16 3 18 24 4 5 20 7 14 9 26 10 11 13 22 15 17 19 21 23 25 27

51. Multiplication, n = 28,b = 7 0 1 7 21

    2 14 3 4 5 6 8 9 10 11 12 13 15 16 17 18 19 20 22 23 24 25 26 27

52. Multiplication, n = 28,b = 8 0 1 8 2

    16 3 24 4 5 12 6 20 7 9 10 11 13 14 15 17 18 19 21 22 23 25 26 27

53. Multiplication, n = 28,b = 9 0 1 9 25

    2 18 22 3 27 19 4 8 16 5 17 13 6 26 10 7 11 15 23 12 24 20 14 21

54. Multiplication, n = 28,b = 10 0 1 10 16

    2 20 4 3 12 8 5 22 24 6 7 14 9 11 26 13 18 15 17 19 21 23 25 27

55. Multiplication, n = 28,b = 11 0 1 11 9

    2 22 18 3 5 27 4 16 8 17 6 10 26 7 21 15 25 12 20 24 13 14 23 19

56. Multiplication, n = 28,b = 12 0 1 12 4

    2 24 8 3 20 16 5 6 7 9 10 11 13 14 15 17 18 19 21 22 23 25 26 27

57. Multiplication, n = 28,b = 13 0 1 13 2

    26 3 11 4 24 5 9 6 22 7 8 20 10 18 12 16 14 15 27 17 25 19 23 21

58. Multiplication, n = 28,b = 14 0 1 14 2

    3 4 5 6 7 8 9 10 11 12 13 15 16 17 18 19 20 21 22 23 24 25 26 27

59. Multiplication, n = 28,b = 15 0 1 15 2

    3 17 4 5 19 6 7 21 8 9 23 10 11 25 12 13 27 14 16 18 20 22 24 26

60. Multiplication, n = 28,b = 16 0 1 16 4

    2 8 3 20 12 5 24 6 7 9 10 11 13 14 15 17 18 19 21 22 23 25 26 27

61. Multiplication, n = 28,b = 17 0 1 17 9

    2 6 18 3 23 27 4 12 8 5 26 7 24 16 13 25 10 11 19 15 14 20 22 21

62. Multiplication, n = 28,b = 18 0 1 18 16

    2 8 4 3 26 20 5 6 24 12 7 14 9 22 10 11 13 15 17 19 21 23 25 27

63. Multiplication, n = 28,b = 19 0 1 19 25

    2 10 22 3 4 20 16 5 11 13 6 7 21 8 12 9 26 23 17 14 15 24 18 27

64. Multiplication, n = 28,b = 20 0 1 20 8

    2 12 16 3 4 24 5 6 7 9 10 11 13 14 15 17 18 19 21 22 23 25 26 27

65. Multiplication, n = 28,b = 21 0 1 21 2

    14 3 7 4 5 6 8 9 10 11 12 13 15 16 17 18 19 20 22 23 24 25 26 27

66. Multiplication, n = 28,b = 22 0 1 22 8

    2 16 3 10 24 4 5 26 12 6 20 7 14 9 11 18 13 15 17 19 21 23 25 27

67. Multiplication, n = 28,b = 23 0 1 23 25

    2 18 22 3 13 19 4 8 16 5 6 26 10 7 21 9 11 12 24 20 17 14 15 27

68. Multiplication, n = 28,b = 24 0 1 24 16

    2 20 4 3 12 8 5 6 7 9 10 11 13 14 15 17 18 19 21 22 23 25 26 27

69. Multiplication, n = 28,b = 25 0 1 25 9

    2 22 18 3 19 27 4 16 8 5 13 17 6 10 26 7 11 23 15 12 20 24 14 21

70. Multiplication, n = 28,b = 26 0 1 26 4

    2 24 8 3 22 12 20 16 5 18 6 7 14 9 10 11 13 15 17 19 21 23 25 27

71. Multiplication, n = 28,b = 27 0 1 27 2

    26 3 25 4 24 5 23 6 22 7 21 8 20 9 19 10 18 11 17 12 16 13 15 14

72. Multiplication, n = 29

73. Multiplication, n = 29,b = 2 0 1 2 4

    8 3 6 12 16 5 10 20 24 7 14 28 9 18 11 22 15 19 13 26 23 27 17 21 25

74. Multiplication, n = 29,b = 3 0 1 3 9

    2 6 18 27 4 12 7 5 15 16 25 21 8 24 14 23 10 11 13 19 28 17 22 26 20

75. Multiplication, n = 29,b = 4 0 1 4 16

    2 8 3 12 19 6 5 20 22 24 9 7 28 25 10 11 15 18 13 23 14 27 21 17 26

76. Multiplication, n = 29,b = 5 0 1 5 25

    2 10 21 3 15 17 4 20 13 9 6 7 8 11 26 16 22 18 14 12 27 23 19 28 24

77. Multiplication, n = 29,b = 6 0 1 6 7

    2 12 14 3 18 21 4 24 28 5 13 20 8 19 27 9 25 10 11 26 15 16 17 22 23

78. Multiplication, n = 29,b = 7 0 1 7 20

    2 14 11 3 21 4 28 22 5 6 13 24 8 27 15 9 10 12 26 19 17 18 16 25 23

79. Multiplication, n = 29,b = 8 0 1 8 6

    2 16 12 3 24 18 4 5 11 19 7 27 13 9 14 25 10 22 17 20 26 15 28 21 23

80. Multiplication, n = 29,b = 9 0 1 9 23

    2 18 17 3 27 11 4 7 5 16 28 6 25 22 8 14 10 12 21 15 13 19 26 20 24

81. Multiplication, n = 29,b = 10 0 1 10 13

    2 20 26 3 5 21 6 8 22 17 9 14 24 15 16 25 18 19 28

82. Multiplication, n = 29,b = 11 0 1 11 5

    2 22 10 3 4 15 20 26 25 6 8 7 19 9 12 16 23 21 13 27 14 17 18 24 28

83. Multiplication, n = 29,b = 12 0 1 12 28

    2 24 27 3 7 26 4 19 25 5 6 14 23 22 8 9 21 20 10 11 16 18 17 13 15

84. Multiplication, n = 29,b = 13 0 1 13 24

    2 26 19 3 10 14 4 23 9 5 7 6 20 28 8 17 18 11 27 12 22 15 21 16 25

85. Multiplication, n = 29,b = 14 0 1 14 22

    2 28 15 3 13 8 4 27 5 12 23 6 26 16 7 11 9 25 10 24 17 18 21 20 19

86. Multiplication, n = 29,b = 15 0 1 15 22

    2 3 16 8 4 5 17 23 6 7 18 9 19 24 10 11 20 12 13 21 25 14 26 27 28

87. Multiplication, n = 29,b = 16 0 1 16 24

    2 3 19 14 4 6 9 5 22 28 7 25 23 8 12 18 13 10 15 11 27 21 17 26 20

88. Multiplication, n = 29,b = 17 0 1 17 28

    2 5 27 3 22 26 4 10 25 24 6 15 23 7 8 20 21 9 19 11 13 18 12 16 14

89. Multiplication, n = 29,b = 18 0 1 18 5

    2 7 10 3 25 15 4 14 20 6 21 8 28 11 9 17 16 24 26 12 13 27 22 19 23

90. Multiplication, n = 29,b = 19 0 1 19 13

    2 9 26 3 28 10 4 18 23 5 8 7 6 27 20 17 16 14 11 12 25 15 24 21 22

91. Multiplication, n = 29,b = 20 0 1 20 23

    2 11 17 3 4 22 5 13 28 6 7 24 16 8 15 10 9 26 27 21 12 14 19 18 25

92. Multiplication, n = 29,b = 21 0 1 21 6

    2 13 12 3 5 18 4 26 24 10 7 8 23 19 9 15 25 11 28 20 14 16 17 22 27

93. Multiplication, n = 29,b = 22 0 1 22 20

    2 15 11 3 8 4 5 23 13 6 16 7 9 24 10 17 26 12 25 28 14 18 19 21 27

94. Multiplication, n = 29,b = 23 0 1 23 7

    2 17 14 3 11 21 4 5 28 6 22 13 16 20 8 10 27 9 12 19 15 26 18 25 24

95. Multiplication, n = 29,b = 24 0 1 24 25

    2 19 21 3 14 17 4 9 13 5 6 28 7 23 8 18 26 22 10 11 12 27 15 16 20

96. Multiplication, n = 29,b = 25 0 1 25 16

    2 21 3 17 19 4 13 6 5 9 22 7 8 26 12 28 10 18 15 11 14 27 23 24 20

97. Multiplication, n = 29,b = 26 0 1 26 9

    2 23 18 3 20 27 4 17 7 5 14 16 6 11 25 8 10 28 12 22 21 13 19 15 24

98. Multiplication, n = 29,b = 27 0 1 27 4

    2 25 8 3 23 12 21 16 5 19 20 6 17 24 7 15 28 13 9 11 10 14 26 18 22

99. Multiplication, n = 29,b = 28 0 1 28 2

    27 3 26 4 25 5 24 6 23 7 22 8 21 9 20 10 19 11 18 12 17 13 16 14 15

100. Multiplication, b = 6

101. Multiplication, n = 7,b = 6 0 1 6 2

     5 3 4

102. Multiplication, n = 8,b = 6 0 1 6 4

     2 3 5 7

103. Multiplication, n = 9,b = 6 0 1 6 2

     3 4 5 7 8

104. Multiplication, n = 10,b = 6 0 1 6 2

     3 8 4 5 7 9

105. Multiplication, n = 11,b = 6 0 1 6 3

     2 7 9 4 5 8 10

106. Multiplication, n = 12,b = 6 0 1 6 2

     3 4 5 7 8 9 10 11

107. Multiplication, n = 13,b = 6 0 1 6 10

     2 12 7 3 5 4 11 8 9

108. Multiplication, n = 14,b = 6 0 1 6 8

     2 12 3 4 10 5 7 9 11 13

109. Multiplication, n = 15,b = 6 0 1 6 2

     12 3 4 9 5 7 8 10 11 13 14

110. Multiplication, n = 16,b = 6 0 1 6 4

     2 12 8 3 5 14 7 10 9 11 13 15

111. Multiplication, n = 17,b = 6 0 1 6 2

     12 4 3 7 8 5 13 10 14 16 9 11 15

112. Multiplication, n = 18,b = 6 0 1 6 2

     12 3 4 5 7 8 9 10 11 13 14 15 16 17

113. Multiplication, n = 19,b = 6 0 1 6 17

     2 12 15 3 18 13 4 5 11 9 7 8 10 16 14

114. Multiplication, n = 20,b = 6 0 1 6 16

     2 12 3 18 8 4 5 10 7 9 14 11 13 15 17 19

115. Multiplication mod 10 Subscript indicates gcd(x, 10). 010 11 22

     31 42 55 62 71 82 91 010 010 010 010 010 010 010 010 010 010 010 11 010 11 22 31 42 55 62 71 82 91 22 010 22 42 62 82 010 22 42 62 82 31 010 31 62 91 22 55 82 11 42 71 42 010 42 82 22 62 010 42 82 22 62 55 010 55 010 55 010 55 010 55 010 55 62 010 62 22 82 42 010 62 22 82 42 71 010 71 42 11 82 55 22 91 62 31 82 010 82 62 42 22 010 82 62 42 22 91 010 91 82 71 62 55 42 31 22 11

116. Multiplication mod 10, coprime only 11 31 71 91 11

     11 31 71 91 31 31 91 11 71 71 71 11 91 31 91 91 71 31 11

117. Multiplication mod 11 1 2 3 4 5 6 7

     8 9 10 1 1 2 3 4 5 6 7 8 9 10 2 2 4 6 8 10 1 3 5 7 9 3 3 6 9 1 4 7 10 2 5 8 4 4 8 1 5 9 2 6 10 3 7 5 5 10 4 9 3 8 2 7 1 6 6 6 1 7 2 8 3 9 4 10 5 7 7 3 10 6 2 9 5 1 8 4 8 8 5 2 10 7 4 1 9 6 3 9 9 7 5 3 1 10 8 6 4 2 10 10 9 8 7 6 5 4 3 2 1

118. Key Theorem The set of integers 0 < b <

     n where b and n are coprime form a group under multiplication mod n. n E n φ(n) 2 1 1 3 1,2 2 4 1,3 2 5 1,2,3,4 4 6 1,5 2 7 1,2,3,4,5,6 6 8 1,3,5,7 4 9 1,2,4,5,7,8 6 10 1,3,7,9 4 11 1,2,3,4,5,6,7,8,9,10 10 12 1,5,7,11 4

119. Possibilities primality of n bn −1 ≡ 1 Comment Example

     prime true one cycle 11,2 prime true multiple cycles 11,3 composite true non-witness 9,8 composite false witness with 1-cycle 10,3 composite false witness with 1-free-cycle 10,2 composite false witness without cycle 12,2

120. Multiplication, n = 11,b = 2 0 1 2 4

     8 3 6 5 10 9 7

121. Multiplication, n = 11,b = 3 0 1 3 9

     2 6 7 5 4 10 8

122. Multiplication, n = 9,b = 8 0 1 8 2

     7 3 6 4 5

123. Multiplication, n = 10,b = 3 0 1 3 9

     2 6 8 7 4 5

124. Multiplication, n = 10,b = 2 0 1 2 4

     8 3 6 5 7 9

125. Multiplication, n = 12,b = 2 0 1 2 4

     8 3 6 5 10 7 9 11

126. witness-b?

127. witness-b? 1 (defn oddify 2 "Returns [odd-num two-pow] such that

     3 n = odd-num * 2^two-pow" 4 [n]) ;; impl omitted for brevity 5 6 (defn witness-b? 7 "Returns true if b produces a 8 non-trivial square root of 1." 9 [n b] 10 (let [[odd-num two-pow] (oddify (dec n))] 11 (->> (iterate #(mod (* % %) n) 12 (pow-mod b odd-num n)) 13 (take (inc two-pow)) 14 (partition 2 1) 15 (some (fn [[x x-squared]] 16 (and (= 1 x-squared) 17 (< 1 x (dec n))))))))

128. √ 1 When p is prime, ±1 are the only

     two square roots of 1 mod p.

129. Multiplication mod 11 1 2 3 4 5 6 7

     8 9 10 1 1 2 3 4 5 6 7 8 9 10 2 2 4 6 8 10 1 3 5 7 9 3 3 6 9 1 4 7 10 2 5 8 4 4 8 1 5 9 2 6 10 3 7 5 5 10 4 9 3 8 2 7 1 6 6 6 1 7 2 8 3 9 4 10 5 7 7 3 10 6 2 9 5 1 8 4 8 8 5 2 10 7 4 1 9 6 3 9 9 7 5 3 1 10 8 6 4 2 10 10 9 8 7 6 5 4 3 2 1

130. Multiplication mod 8 1 2 3 4 5 6 7

     1 1 2 3 4 5 6 7 2 2 4 6 0 2 4 6 3 3 6 1 4 7 2 5 4 4 0 4 0 4 0 4 5 5 2 7 4 1 6 3 6 6 4 2 0 6 4 2 7 7 6 5 4 3 2 1

131. Squaring, n = 28 0 1 2 4 16 3

     9 25 5 6 8 7 21 10 11 12 13 14 15 17 18 19 20 22 23 24 26 27

132. Squaring, n = 29 0 1 2 4 16 3

     9 23 24 5 25 6 7 20 8 10 13 11 12 28 14 22 15 17 18 19 21 26 27

133. √ 1 Count 3: 2 4: 2 5: 2 6:

     2 7: 2 8: 4 9: 2 10: 2 11: 2 12: 4 13: 2 14: 2 15: 4 16: 4 17: 2 18: 2 19: 2 20: 4 21: 4 22: 2 23: 2 24: 8 25: 2 26: 2 27: 2 28: 4 29: 2 30: 4 31: 2 32: 4 33: 4 34: 2 35: 4 36: 4 37: 2 38: 2 39: 4 40: 8 41: 2 42: 4 43: 2 44: 4 45: 4 46: 2 47: 2 48: 8 49: 2 50: 2

134. Why does p have only 2 square roots of 1?

     When p is prime, ±1 are the only two square roots of 1 mod p. Suppose 0 < x < p and x2 ≡ 1 mod p. Then x2 − 1 ≡ 0 mod p and (x − 1)(x + 1) ≡ 0 mod p So (x − 1)(x + 1) is divisible by p, which means at least one of x − 1 or x + 1 is divisible by p. Since 0 < x < p it can only be that x = 1 or x = p − 1.

135. How does b help us nd √ 1? Square roots

     mod n are not easy to compute in general, but... We know that bn −1 ≡ 1 mod n (because witness-a? failed) Since n − 1 is even, we can nd √ bn −1 by computing bn−1 2 If bn−1 2 ≡ 1 and n −1 2 is even, we can nd bn−1 2 by computing bn−1 4 ... and so on

136. Searching for √ 1 with n = 481 = 1

     + 2 · 2 · 2 · 2 · 2 · 3 · 5 b = 8 b^15 = 31 ^15 b^30 = 480 ^2 b^60 = 1 ^2 b^120 = 1 ^2 b^240 = 1 ^2 b^480 = 1 ^2 b = 224 b^15 = 430 ^15 b^30 = 196 ^2 b^60 = 417 ^2 b^120 = 248 ^2 b^240 = 417 ^2 b^480 = 248 ^2 b = 378 b^15 = 105 ^15 b^30 = 443 ^2 b^60 = 1 ^2 b^120 = 1 ^2 b^240 = 1 ^2 b^480 = 1 ^2 b = 380 b^15 = 1 ^15 b^30 = 1 ^2 b^60 = 1 ^2 b^120 = 1 ^2 b^240 = 1 ^2 b^480 = 1 ^2

137. witness-b? 1 (defn oddify 2 "Returns [odd-num two-pow] such that

     3 n = odd-num * 2^two-pow" 4 [n]) ;; impl omitted for brevity 5 6 (defn witness-b? 7 "Returns true if b produces a 8 non-trivial square root of 1." 9 [n b] 10 (let [[odd-num two-pow] (oddify (dec n))] 11 (->> (iterate #(mod (* % %) n) 12 (pow-mod b odd-num n)) 13 (take (inc two-pow)) 14 (partition 2 1) 15 (some (fn [[x x-squared]] 16 (and (= 1 x-squared) 17 (< 1 x (dec n))))))))

138. √ 1-hunting, n = 91 0 1 2 57 64

     3 27 4 5 83 6 7 21 77 8 9 10 90 11 12 13 78 14 15 16 17 18 19 20 34 22 23 24 25 26 28 70 29 30 31 32 33 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 58 59 60 61 62 63 65 66 67 68 69 71 72 73 74 75 76 79 80 81 82 84 85 86 87 88 89

139. √ 1 Count 1 (->> (range 3 10000) 2 (filter

     composite?) 3 (map (juxt obstinate? count-sqrts-of-1)) 4 (frequencies)) ;;=> {[false 2] 739, ;; [false 4] 4167, ;; [false 8] 2791, ;; [false 16] 938, ;; [false 32] 114, ;; [false 64] 1, ;; [true 4] 12, ;; [true 8] 7}

140. Misc

141. Performance Running with test-count = 100: Prime Size (in bits)

     Runtime 500 0.19s 1000 1.29s 1500 4.01s 2000 9.11s 2500 17.13s 3000 28.42s 3500 44.60s

142. EuclidMullin sequence 2, 3, 7, 43, 13, 53, 5, 6221671,

     38709183810571, 139, 2801, 11, 17, 5471, 52662739, 23003, 30693651606209, 37, 1741, 1313797957, 887, 71, 7127, 109, 23, 97, 159227, 643679794963466223081509857, 103, 1079990819, 9539, 3143065813, 29, 3847, 89, 19, 577, 223, 139703, 457, 9649, 61, 4357, 87991098722552272708281251793312351581099392851768893748012603709343, 107, 127, 3313, 227432689108589532754984915075774848386671439568260420754414940780761245893, 59, 31, 211, ? ... a n is the least prime factor of ( i <n a n ) + 1: () + 1 = 2 (2) + 1 = 3 (2 · 3) + 1 = 7 (2 · 3 · 7) + 1 = 43 (2 · 3 · 7 · 43) + 1 = 1807 = (13 · 139) (2 · 3 · 7 · 43 · 13) + 1 = 23479 = (53 · 443) (2 · 3 · 7 · 43 · 13 · 53) + 1 = 248867 = (5 · 248867)

143. Sample Prime 26747495354606594373058686120888379948444535528677746322 31107428804771119544142914422232943456136048254684731181 51517168539699313778725857333455585956068664254462929903 38009675344063791477348709259671970097483531686332536374 29616795670766844878097967011730890641795107975961552199 80886291540192161223748907006706726668102280303433913748 31848395717155246185081765438173741584830494317242546280 16970492137956622015419857030166543496434502264995825029

     06233913179327473596071615365440912494896433144478886446 18891521158056755765815644481173259732120048195416120869 23284061862875939241229882045110027039025920062726683314 18762821985271884237138076428694633726844576399318984646 50098846148184945871444951162835884606980197093387264035 23636237361412916503813999313102203372852677236225504973

144. Thanks! This is the last slide.