Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computability and Complexity 27-1 Computability and Complexity Andrei Bulatov Primes.

Similar presentations


Presentation on theme: "Computability and Complexity 27-1 Computability and Complexity Andrei Bulatov Primes."— Presentation transcript:

1 Computability and Complexity 27-1 Computability and Complexity Andrei Bulatov Primes

2 Computability and Complexity 27-2 Instance: A positive integer k. Question: Is k prime? Primes The Problem The complement of Primes, the Composite problem, belongs to NP. Therefore Primes is in coNP Recently M.Agarwal et al. Proved that Primes can be solved in polynomial time (see ) However, the probabilistic algorithm we are going describe is far more efficient

3 Computability and Complexity 27-3 Residues For a positive integer n, we denote the set {0,1,2,…,n –1} the set {1,2,…,n – 1} addition, multiplication and exponentiation modulo n together with these operations is called the set of residues modulo n Every integer m, positive or negative, has a corresponding residue — m mod n For example, 17 mod 5 = 2 20 mod 5 = 0-1 mod 5 = 4

4 Computability and Complexity 27-4 Complexity of Arithmetic Given two integers, a and b, we can compute a + b in O(max(log a, log b)) a  b in O(log a  log b) cannot be computed in polynomial time, because the size of this number is blog a It is possible modulo n Let be the binary representation of b (k = log b ) Then that implies First, we consecutively compute in Then we compute the product again in

5 Computability and Complexity 27-5 Prime and Coprime Integers a and b are called coprime if their greatest common divisor is 1 For example, 16 and 27 are coprime, and 15 and 18 are not Theorem (Chinese Remainder Theorem) If p and q are coprime then, for any a and b, there is x such that Theorem (Chinese Remainder Theorem) If p and q are coprime then, for any a and b, there is x such that For example, if p = 5, q = 3, and a = 2, b = 1, then x can be chosen to be 7

6 Computability and Complexity 27-6 Fermat’s Theorem Theorem (Fermat’s Little Theorem) If p is prime then, for any we have Theorem (Fermat’s Little Theorem) If p is prime then, for any we have If the converse were true, we could use it for a probabilistic primality test: Choose k residues modulo n ; Compute their n –1 powers; Accept if all results are 1 (mod n), reject otherwise

7 Computability and Complexity 27-7 Unfortunately, the converse is true just “almost” One can straightforwardly check that, for any, coprime with 561, 561 is a Carmichael number Carmichael Numbers n is said to be a Carmichael number if, for any prime divisor p of n, p –1 | n – 1 Definition A number n passes Fermat’s test if for all a coprime with n A number that passes Fermat’s test is called pseudo-prime Pseudo-prime = Prime + Carmichael

8 Computability and Complexity 27-8 Roots of 1 A square root of 1 modulo n is a number a such that Clearly, 1 and -1 (that is n – 1 ) are always roots of 1, but if n is composite, then it may have more than two roots of 1 For example, 8 has four roots of 1 : 1, -1, 3, and has eight: 1, -1, 188, 373 (find the remaining four) Lemma Any Carmichael number has at least 8 roots of 1 Lemma Any Carmichael number has at least 8 roots of 1

9 Computability and Complexity 27-9 Algorithm On input n if n is even, then if n = 2 accept, otherwise reject select randomly for i = 1 to k do - if then reject - let n – 1 = st where s is odd and is a power of 2 - compute the sequence modulo n - if then let j be the maximal with this property if then reject accept

10 Computability and Complexity Analysis First we show that the algorithm does not give false negatives, that is it accepts all prime numbers If n = 2 then n is accepted. Let n be an odd prime number Then n passes Fermat test n cannot be rejected in the last line, because n has only two roots of 1

11 Computability and Complexity Next we show that if n is composite, then Pr[n accepted ] A number such that a does not pass either Fermat test or the square root test, is called a witness It is enough to prove that Pr[a is a witness ]  1/2, or, in other words, that at least half of the elements of are witnesses For every nonwitness d we find a witness d´ such that if then For a nonwitness a the sequence either contains 1 s only, or it contains -1 followed by 1 s Nonwitnesses of both types are present: 1 is a nonwitness of the first type, and -1 is a nonwitness of the second type

12 Computability and Complexity Let d be a nonwitness of the second type such that the –1 appears in the largest position in the sequence Let and Since n is composite, n = qr for some coprime q and r Note that and By the Chinese Reminder Theorem, there is t such that therefore Hence t is a witness, because but

13 Computability and Complexity Now, for every nonwitness a we set a´ = a · t a ´ is a witness, because and but if then Assume the contrary Then, since we have Finally, we have


Download ppt "Computability and Complexity 27-1 Computability and Complexity Andrei Bulatov Primes."

Similar presentations


Ads by Google