Presentation is loading. Please wait.

Presentation is loading. Please wait.

Karl Heimbuck Dr. Siguna Mueller Department of Mathematics EPSCoR/Honors Program Using Lucas Sequences in Primality Testing.

Published byCathleen Craig Modified over 7 years ago

Similar presentations

Presentation on theme: "Karl Heimbuck Dr. Siguna Mueller Department of Mathematics EPSCoR/Honors Program Using Lucas Sequences in Primality Testing."— Presentation transcript:

1 Karl Heimbuck Dr. Siguna Mueller Department of Mathematics EPSCoR/Honors Program Using Lucas Sequences in Primality Testing

2 Why do we need prime numbers? Digital security Public-key cryptography

3 Fermat’s Little Theorem If p is a prime number and a is an integer, then: a p-1  1 mod p if gcd(a,p) = 1 This holds for all primes but some composites as well.

4 Pseudoprimes: What are they? A pseudoprime fulfills a primality test but is in fact a composite. 561, which is composite, passes the Fermat test as a prime would 2 560  1 mod 561 561 = 3 * 11 * 17

5 Carmichael Numbers Properties If a prime number p is a factor of the Carmichael number n, then p – 1|n – 1. Squarefree Have at least 3 prime factors Carmichael numbers fulfill the Fermat test for any base a such that gcd(a,n) = 1. The Fermat test is not good enough!

6 Refinements of FLT a (p-1)/2  1 mod p Miller-Rabin Test The Miller-Rabin test works very well in practice but could still be improved upon.

7 Lucas Sequences Let P and Q be integers and D = P 2 – 4Q List of U ’s and V ’s such that U n = PU n-1 – QU n-2 V n = PV n-1 – QV n-2 Initial terms U 0 = 0 U 1 = 1 V 0 = 2 V 1 = P

8 Example of a Lucas Sequence P = 2 and Q = -1 U 0 = 0V 0 = 2 U 1 = 1V 1 = 2 U 2 = 2V 2 = 6 U 3 = 5V 3 = 14 U 4 = 12V 4 = 34 U 5 = 29V 5 = 82 U 6 = 70V 6 = 198 U 7 = 169V 7 = 478 U 8 = 408V 8 = 1154

9 Initial observations U n+1  0 mod n OR U n-1  0 mod n U n  ± 1 mod n V n  2 mod n V n+1  P mod n OR V n-1  P mod n

10 Example For P = 2 and Q = -1, test n = 7 for primality U 7 = 169 U n+1 = U 8 = 408  2 mod 7 U n-1 = U 6 = 70  0 mod 7 U n = U 7 = 169  1 mod 7 V 7 = 478 V 7 = 478  2 mod 7 V 8 = 1154  6 mod 7 V 6 = 198  2 mod 7 (where P = 2)

11 Question Can we refine the conditions to know when we have +1 and when we have -1? Let’s make use of the discriminant D = P 2 – 4Q by looking at the Legendre/Jacobi symbol, denoted .  = 1 if D is a square modulo n  = -1 if D is not a square modulo n

12 Refined Lucas tests Test 1: U n- ε  0 mod n Test 2: U n  ε mod n Test 3: V n  2 mod n Test 4: V n- ε  P mod n

13 Pseudoprime Trouble! Let’s test n = 341 for primality using Test 2 with P = 2 and Q = 4.  = -1 U 341 = -22397447421778042105574422805684442781216454972346495 348999891000963791871180160945380877493271607115776 U 341  -1 mod 341 341 passes Test 2 as a prime number 341 = 11 * 31 Does the same pseudoprime pass both Test 1 and Test 2?

14 More Trouble! Let’s test n = 341 using Test 1 U n- ε = U n-(-1) = U 342  0 mod 341 341 passes Test 1 as well Let’s go on to Test 3

15 Out of the woods! What about Test 3? V 341  219 mod 341 Does not pass Test 3 so 341 must be composite. We can combine the Lucas tests to create a more refined primality test. Which combination works best? Doesn’t seem to be a most effective combination. Results seemed to favor a combination of one of the tests on V with one of the tests on U but this cannot be proven.

16 What if we combine a Lucas test with the Fermat test? 88831 passes all of the tests for P = 2 and Q = -4 88831= 211 * 421 Does not pass the Fermat test when using 2 as our base, 2 88830  87988 mod 88831

17 Which combinations work best? Would not want to use Test 1 and the Fermat test together because they essentially end up testing the same condition when  = -1. Aside from avoiding that there does not seem to be a best combination of Fermat with any of the other 3 tests.

18 Stronger Conditions If  = = -1 and n is a prime number, then U (n-  )/2  0 mod n. If  = = 1 and n is a prime number, then V (n-  )/2  0 mod n. Did not extensively test these.

19 What do we do with the Lucas pseudoprimes? Can we characterize them? Doesn’t seem that way. But doing so would be a nice way to adjust the tests and assure that they do not slip through.

20 Conclusion The Lucas tests could be an effective primality testing tool but may still need a little tweaking. Combinations of a Lucas test with a Fermat test seem to work better than combinations of a Lucas test with another Lucas test. It is more effective to combine one Lucas test with the Fermat test than to combine two Lucas tests with the Fermat test. Run time is much quicker The payoff isn’t significant

21 What’s next? Can one characterize Lucas pseudoprimes? Will a certain base work best when using the Fermat test? Proposal by Bailie, Wagstaff, Pomerance and Selfride Let a = 2, use the same  as defined earlier, and a specific P and Q. It appears that there are no pseudoprimes for these conditions. Do any exist or not?

22 Thanks! ESPCoR Rick Matlock Barbara Kissack Honors Program Dr. Mueller

Download ppt "Karl Heimbuck Dr. Siguna Mueller Department of Mathematics EPSCoR/Honors Program Using Lucas Sequences in Primality Testing."

Similar presentations

The AKS Primality Test Ilse Haim Directed Reading Program

The AKS Primality Test Ilse Haim Directed Reading Program
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.
Cryptography and Network Security

Cryptography and Network Security
Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.

Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.
Computability and Complexity

Computability and Complexity
Chapter 8 Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other numbers.

Chapter 8 Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other numbers.
Primality Testing Patrick Lee 12 July 2003 (updated on 13 July 2003)

Primality Testing Patrick Lee 12 July 2003 (updated on 13 July 2003)
Announcements: 1. Congrats on reaching the halfway point once again! 2. DES graded soon 3. Short “pop” quiz on Ch 3. (Thursday at earliest) 4. Reminder:

Announcements: 1. Congrats on reaching the halfway point once again! 2. DES graded soon 3. Short “pop” quiz on Ch 3. (Thursday at earliest) 4. Reminder:
BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.

BY : Darshana Chaturvedi.  INTRODUCTION  RSA ALGORITHM  EXAMPLES  RSA IS EFFECTIVE  FERMAT’S LITTLE THEOREM  EUCLID’S ALGORITHM  REFERENCES.
Chapter 8 More Number Theory. Prime Numbers Prime numbers only have divisors of 1 and itself They cannot be written as a product of other numbers Prime.

Chapter 8 More Number Theory. Prime Numbers Prime numbers only have divisors of 1 and itself They cannot be written as a product of other numbers Prime.
Fermat’s Little Theorem (2/24) Theorem (flt). If p is prime and GCD(a, p) = 1, then a p – 1  1 (mod p). Again, this says that in a mod p congruence, we.

Fermat’s Little Theorem (2/24) Theorem (flt). If p is prime and GCD(a, p) = 1, then a p – 1  1 (mod p). Again, this says that in a mod p congruence, we.
Introduction to Modern Cryptography Lecture 6 1. Testing Primitive elements in Z p 2. Primality Testing. 3. Integer Multiplication & Factoring as a One.

Introduction to Modern Cryptography Lecture 6 1. Testing Primitive elements in Z p 2. Primality Testing. 3. Integer Multiplication & Factoring as a One.
COM 5336 Cryptography Lecture 7a Primality Testing

COM 5336 Cryptography Lecture 7a Primality Testing
Primality Testing Math 52 Jonathan Sands Work by: Megan Howley Yangxi Leng Juncai Liu.

Primality Testing Math 52 Jonathan Sands Work by: Megan Howley Yangxi Leng Juncai Liu.
and Factoring Integers (I)

and Factoring Integers (I)
Announcements: 1. Pass in Homework 5 now. 2. Term project groups and topics due by Friday 1.Can use discussion forum to find teammates 3. HW6 posted, due.

Announcements: 1. Pass in Homework 5 now. 2. Term project groups and topics due by Friday 1.Can use discussion forum to find teammates 3. HW6 posted, due.
1 Chapter 7– Introduction to Number Theory Instructor: 孫宏民 Room: EECS 6402, Tel:03- 5742968, Fax : 886-3-572-3694.

1 Chapter 7– Introduction to Number Theory Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.

The RSA Cryptosystem and Factoring Integers (II) Rong-Jaye Chen.
Announcements: 1. Congrats on reaching the halfway point once again! 2. Reminder: HW5 due tomorrow, HW6 due Tuesday after break 3. Term project groups.

Announcements: 1. Congrats on reaching the halfway point once again! 2. Reminder: HW5 due tomorrow, HW6 due Tuesday after break 3. Term project groups.
Announcements: 1. Pass in worksheet on using RSA now. 2. DES graded soon 3. Short “pop” quiz on Ch 3 (Thursday at earliest) 4. Term project groups and.

Announcements: 1. Pass in worksheet on using RSA now. 2. DES graded soon 3. Short “pop” quiz on Ch 3 (Thursday at earliest) 4. Term project groups and.

Similar presentations

Ads by Google