List of trigonometric identities: Difference between revisions

Template:Expert-subject

In mathematics, the Pocklington–Lehmer primality test is a primality test devised by Henry Cabourn Pocklington and Derrick Henry Lehmer to decide whether a given number ${\displaystyle N}$ is prime. The output of the test is a proof that the number is prime or that primality could not be established.

Pocklington criterion

The test relies on the Pocklington Theorem (Pocklington criterion) which is formulated as follows:

Let ${\displaystyle N>1}$ be an integer, and suppose there exist numbers a and q such that

(1) q is prime, ${\displaystyle q|N-1}$ and ${\displaystyle q>\sqrt{N}-1}$

(2) ${\displaystyle a^{N-1}\equiv 1(\mathrm{mod}N)}$

(3) ${\displaystyle \gcd (a^{(N-1)/q}-1,N)=1}$

Then ${\displaystyle N}$ is prime.^[1]

Proof of this theorem

Suppose N is not prime. This means there must be a prime p, where ${\displaystyle p\le \sqrt{N}}$ that divides N.

Therefore, ${\displaystyle q>p-1}$ which implies ${\displaystyle \gcd (q,p-1)=1}$.

Thus there must exist an integer u with the property that

(4) ${\displaystyle uq\equiv 1(\mathrm{mod}p-1)}$

This implies:

  ${\displaystyle 1\equiv a^{N-1}(\mathrm{mod}p)}$, by (2) since ${\displaystyle p|N}$
 
  ${\displaystyle \equiv (a^{N-1}{)}^u\equiv a^{u(N-1)}\equiv a^{uq((N-1)/q)}\equiv (a^{uq}{)}^{(N-1)/q}(\mathrm{mod}p)}$,
 
  ${\displaystyle \equiv a^{(N-1)/q}(\mathrm{mod}p)}$, by (4) and Fermat's little theorem

This shows the ${\displaystyle \gcd ()}$ of (3) is actually ${\displaystyle p}$, not ${\displaystyle 1}$; a contradiction.^[1]

The test is simple once the theorem above is established. Given N, seek to find suitable a and q. If they can be obtained, then N is prime. Moreover, a and q are the certificate of primality. They can be quickly verified to satisfy the conditions of the theorem, confirming N as prime.

A problem which arises is the ability to find a suitable q, that must satisfy (1)–(3) and be provably prime. It is even quite possible that such a q does not exist. This is a large probability, indeed only 57.8% of the odd primes, N, ${\displaystyle N\le 10,000}$ have such a q. To find a is not nearly so difficult. If N is prime, and a suitable q is found, each choice of a where ${\displaystyle 1\le a<N}$ will satisfy ${\displaystyle a^{N-1}\equiv 1(\mathrm{mod}N)}$, and so will satisfy (2) as long as ord(a) does not divide ${\displaystyle (N-1)/q}$. Thus a randomly chosen a is likely to work. If a is a generator mod N its order is N-1 and so the method is guaranteed to work for this choice.^[2]

Generalized Pocklington method

A generalized version of Pocklington's theorem covers more primes N.

Corollary:

Let N − 1 factor as N − 1 = AB, where A and B are relatively prime, ${\displaystyle A>\sqrt{N}}$ and the factorization of A is known.

If for every prime factor p of A there exists an integer ${\displaystyle a_p}$ so that

${\displaystyle a_p^{N-1}\equiv 1(\mathrm{mod}N)}$

and ${\displaystyle \gcd (a_p^{(N-1)/p}-1,N)=1}$ then N is prime. The reverse implication also holds: If N is prime then every prime factor of A can be written in the above manner.^[3]

Proof of Corollary: Let p be a prime dividing A and let ${\displaystyle p^e}$ be the maximum power of p dividing A. Let v be a prime factor of N. For the ${\displaystyle a_p}$ from the corollary set ${\displaystyle b\equiv a_p^{(N-1)/p^e}(\mathrm{mod}v)}$. This means ${\displaystyle b^{p^e}\equiv a_p^{N-1}\equiv 1(\mathrm{mod}v)}$ and because of ${\displaystyle \gcd (a_p^{(N-1)/p}-1,N)=1}$ also ${\displaystyle b^{p^{e-1}}\equiv a_p^{(N-1)/p}\equiv ̸1(\mathrm{mod}v)}$.

This means that the order of ${\displaystyle b(\mathrm{mod}v)}$ is ${\displaystyle p^e}$

Thus, ${\displaystyle p^e|(v-1)}$. The same observation holds for each prime power factor ${\displaystyle p^e}$ of A, which implies ${\displaystyle A|(v-1)}$.

Specifically, this means ${\displaystyle v>A\ge \sqrt{n}.}$

If N were composite, it would necessarily have a prime factor which is less than or equal to ${\displaystyle \sqrt{N}}$. It has been shown that there is no such factor, which implies that N is prime.

To see the converse choose ${\displaystyle a_p}$ a generator of the integers modulo p.^[4]

The test

The Pocklington–Lehmer primality test follows directly from this corollary. We must first partially factor N − 1 into A and B. Then we must find an ${\displaystyle a_p}$ for every prime factor p of A, which fulfills the conditions of the corollary. If such ${\displaystyle a_p}$'s can be found, the Corollary implies that N is prime.

According to Koblitz, ${\displaystyle a_p}$ = 2 often works.^[1]

Example

${\displaystyle N=11351}$

${\displaystyle N-1=2\cdot 5^2\cdot 227}$

Choose ${\displaystyle A=227\cdot 5^2}$, which means ${\displaystyle B=2}$

Now it is clear that ${\displaystyle \gcd (A,B)=1}$ and ${\displaystyle A>\sqrt{N}}$.

Next find an ${\displaystyle a_p}$ for each prime factor p of A. E.g. choose ${\displaystyle a_5=2}$.

${\displaystyle a_p^{N-1}\equiv 2^{11350}\equiv 1(\mathrm{mod}11351)}$.

${\displaystyle \gcd (a_p^{(N-1)/p}-1,N)=\gcd (2^{2\cdot 5\cdot 227}-1,11351)=1.}$

So ${\displaystyle a_5=2}$ satisfies the necessary conditions. Choose ${\displaystyle a_{227}=7}$.

${\displaystyle a_p^{N-1}\equiv 7^{11350}\equiv 1(\mathrm{mod}11351)}$

and

${\displaystyle \gcd (a_p^{(N-1)/p}-1,N)=\gcd (7^{2\cdot 25}-1,11351)=1.}$

So both ${\displaystyle a_p}$'s work and thus N is prime.

We have chosen a small prime for calculation purposes but in practice when we start factoring A we will get factors that themselves must be checked for primality. It is not a proof of primality until we know our factors of A are prime as well. If we get a factor of A where primality is not certain, the test must be performed on this factor as well. This gives rise to a so-called down-run procedure, where the primality of a number is evaluated via the primality of a series of smaller numbers.

In our case, we can say with certainty that 2, 5, and 227 are prime, and thus we have proved our result. The certificate in our case is the list of ${\displaystyle a_p}$'s, which can quickly be checked in the corollary.

If our example had given rise to a down-run sequence, the certificate would be more complicated. It would first consist of our initial round of ${\displaystyle a_p}$'s which correspond to the 'prime' factors of A; Next, for the factor(s) of A of which primality was uncertain, we would have more ${\displaystyle a_p}$'s, and so on for factors of these factors until we reach factors of which primality is certain. This can continue for many layers if the initial prime is large, but the important thing to note, is that a simple certificate can be produced, containing at each level the prime to be tested, and the corresponding ${\displaystyle a_p}$'s, which can easily be verified. If at any level we cannot find ${\displaystyle a_p}$'s then we cannot say that N is prime.

The biggest difficulty with this test is the necessity of discovering prime factors of N - 1, in essence, factoring N − 1. In practice this could be extremely difficult. Finding ${\displaystyle a_p}$'s is a less difficult problem.^[5]

References

43 year old Petroleum Engineer Harry from Deep River, usually spends time with hobbies and interests like renting movies, property developers in singapore new condominium and vehicle racing. Constantly enjoys going to destinations like Camino Real de Tierra Adentro.

External links

Template:Number-theoretic algorithms