Presentation is loading. Please wait.

Presentation is loading. Please wait.

Primes in P Deterministic polynomial-time algorithm of Agrawal, Kayal and Saxena Presented by Vladimir Braverman.

Published byRachel Robinson Modified over 8 years ago

Similar presentations

Presentation on theme: "Primes in P Deterministic polynomial-time algorithm of Agrawal, Kayal and Saxena Presented by Vladimir Braverman."— Presentation transcript:

1 Primes in P Deterministic polynomial-time algorithm of Agrawal, Kayal and Saxena Presented by Vladimir Braverman

2 History Sieve of Eratosthenes 240BC Randomized, polynomial-time algorithm of Miller-Rabin, 1980 (practically used) Adleman, Pomerance and Rumeley (APR) a deterministic algorithm, an almost polynomial time N loglogN, 1983 Agrawal, Kayal and Saxena, deterministic, polinomial-time algorithm 2002

3 Impact Data security Number Theory Theory of algorithms Doesn’t have a practical value yet

4 The Heroes Neeraj Kayal and Nitin Saxena are PhD students (22 years old). Indian Institute of Technology, Kanpur Agrawal was recently awarded the Clay Research Award, one of the coveted honors in mathematical research.

5 Polynomial identity idea Algorithms in Number Theory Number Theory Group Theory Finite Fields Primes in P

6 Content Background – Algorithms in number theory – Rings – Number Theory Basic idea: Polynomial identity Algorithm – Pseudo code – Correctness – Running time

7 Algorithms in number theory Lemma 1 – 0 < a,b < n – ab can be calculated in O( log 3 (n)) – Maximal integer less than b/a can be calculated in O(log 2 (n)) – a mod b can be calculated in O(log 2 (n)) – Gcd(a,b) can be calculated in O(log 3 (n))

8 Algebra A ring is a set together with addition and multiplication 1. Additive associativity: 2. Additive commutativity: 3. Additive identity. 4. Additive inverse 5. Multiplicative associativity: 6. Left and right distributivity: A ring is therefore an Abelian group under addition and a semigroup under multiplication.

9 Algebra (cont) A polynomial f is defined to be a formal expression of the form where the coefficients a 0,..., a n are elements of some ring R and X is considered to be a formal symbol.ring Two polynomials are considered to be equal if and only if the sequences of their coefficients are equal.

10 Algebra (end) Polynomials with coefficients in R can be added by simply adding corresponding coefficients and multiplied using the distributive low and the rules X a = a X for all elements a of the ring R X k X l = X k+l for all natural numbers k and l. The set of all polynomials with coefficients in the ring R forms itself a ring, the ring of polynomials over R, which is denoted by R[X].

11 Algorithms in number theory (cont) Lemma 2 Let 1 < a,b, r and n = max(a,r). Than a b mod r can be calculated in O( log 2 (n) + log(b) log 2 (r)) Lemma 3 Let 1< a,r < n. The r coefficients of (x-a) n mod (x r -1) in Z n [x] can be computed in O(r 2 log 3 (n)) time.

12 Algorithms in number theory (cont) Lemma 4 Let n > 2 be an integer. There is an algorithm that decides in O(√n log 2 (n)) whether n is prime. Algorithm: – r:=2; s:=4 (s = r 2 ) – While s <= n – Do If n mod r = 0 return NO Else r:=r+1; s:=2r-1 Endif – EndWhile – Return Yes

13 Algorithms in number theory (cont) Lemma 4 (cont) – The correctness follows from the fact that n is not prime iff there is an integer r <= √n that divides n. – The while-loop makes at most √n iterations each one taking (log 2 n) time.

14 Algorithms in number theory (end) Lemma 5 Let n > 2 be an integer. There is an algorithm that computes the largest prime factor of n in O(√n log 2 (n)). Lemma 6 Let n > 2 be an integer. There is an algorithm that decides in O(log 4 (n) log (log (n)) ) whether there exist integers a,b such that n = a b.

15 Number theory Lemma 7 If p is prime number than for any i < p ( p i ) = 0 mod p Proof ( p i ) = p(p-1)…(p-i+1) / i! Since gcd(p, i!) = 1 the lemma is proved

16 Number theory(cont) Lemma 8 If p is prime number than for any a, a p = a mod p Proof (induction) a = 1 a -> a+1 (a+1) p =  ( p i ) a i (a+1) p = a p +1 = a+1 mod p

17 Polynomial identity Theorem 1 Let a, n be integers – If n is a prime number, then (x-a) n = x n -a in the ring Z n [x] – If gcd(a, n) =1 and n is not a prime number, then (x-a) n <> x n -a in the ring Z n [x]

18 Proof of Theorem 1 (x-a) n =  ( n i ) x i (-a) n-I. 1. Prime case – If n is prime, ( n i ) = 0 mod n, according to Lemma 7 – Therefore(x-a) n = x n – a n = x n – a mod n, according to Lemma 8 2. n is not a prime and gcd(n,a) = 1 q – prime factor of n, q k | n, k – maximal gcd (a,q) = 1 and gcd (a n-q, q k ) = 1

19 Proof of Theorem 1(Cont) Lemma: q k doesn’t divide ( n q ) Proof: (by contradiction) Suppose, ( n q ) = b q k. Than, n(n-1)…(n-q+1)/q! = b q k. n = (q-1)! b q k+1 /(n-1)…(n-q+1). For each 0 < j < q, q doesn’t divide (n-j). Indeed, since q | n and (n-j) = 0 mod q we have j = 0 mod q. Therefore, (q-1)! b /(n-1)…(n-q+1) is an integer and q k+1 | n that contradicts with maximal property of k

20 Proof of Theorem 1(Cont) (x-a) p The coefficient of x p is ( n q )(-1) n-q a n-q If it is divisible by n, than ( n q )a n-q = bn Hence, ( n q )a n-q /q k = bn / q k Right-hand side is integer and gcd(a n-q,q k ) = 1 Therefore q k | ( n q ) that contradicts Lemma We proved that (x-a) n <> x n -a in the ring Z n [x]

21 Improved polynomial identity Theorem 2 Let n be an integer and let q, r be prime numbers and 1. gcd (m,n) = 1 for all m < r 2. q divides r-1 3. q ≥ 2√r log(n) + 2 4. n (r-1)/q ≠ 1 mod r 5. (x-a) a = (x n -a) mod (x r -1) in Z n [x] for a < 2√r log(n) + 1 Then n is a power of prime number.

22 Lemma 9 There exist constants 0 < c 1 < c 2 such that for any large n, there exists a prime number r 1. c 1 log 6 (n) < r < c 2 log 6 (n) 2. r-1 has a prime factor q, q ≥ 2√r log(n) + 2 3. n (r-1)/q ≠ 1 mod r

23 Algorithm Prime(n) r := 2; found := false; While r < n and found = false Do if gcd(r,n) ≠ 1 then return NO – If r is a prime and r > 2 – Then q := largest prime factor of r-1 If q ≥ 2√r log(n) + 2 and n (r-1)/q ≠ 1 mod r Then found = true Endif – Endif – If found = false then r++ endif Endwhile

24 Algorithm Prime(n) (Cont) For a:= 1 to 2√r log(n) + 1 Do if (x-a) a ≠ (x n -a) mod (x r -1) in Z n [x] – Then return NO – Endif Endfor If n = a b for some integers a,b ≥ 2 Then return NO Else return YES Endif

25 Correctness of the algorithm (Sketch of the proof ) If n is prime, Algorithm doesn’t return NO during While loop, since gcd(n,r) = 1 By Theorem 1, (x-a) a ≠ (x n -a) mod (x r -1) in Z n [x] Thus, the algorithm doesn’t return NO during For loop N is not in the form a b, therefore YES is returned If n is not a prime, then, according to Theorem 2, the algorithm returns NO

26 Running time (Sketch of the proof ) While loop ActionTimeReason gcdO(log 3 (n))Lemma 1 r is primeO(√r log 2 (r))Lemma 4 largest prime factor of r-1O(√r log 2 (r))Lemma 5 n (r-1)/q mod rO(log 2 (n) + log 3 (r))Lemma 2 One while-loop iterationO(log 2 (n) + (√r log 2 (r)) Number of while iterationsO(log 6 (n))Lemma 9 While-loopO( log 9 (n) log 2 (log(n)) )r=O(log 6 (n))

27 Running time(Cont) For loop Testing if n is perfect power – O(log 4 (n) log(log(n))), by Lemma 6 ActionTimeReason Coefficient of (x-a) n mod (x r -1) in Z n [x] Note that the same time for (x n -a) O(r 2 log 3 (n))Lemma 3 For-loopO(log 19 (n))r=O(log 6 (n)), Lemma 9

28 References Agrawal, Kayal and Saxena. Primes in P M. Smid. Primality testing in polynomial time F. Bornemann. PRIMES Is in P: A breakthrough for “Everyman”

29 END

Download ppt "Primes in P Deterministic polynomial-time algorithm of Agrawal, Kayal and Saxena Presented by Vladimir Braverman."

Similar presentations

1 Lect. 12: Number Theory. Contents Prime and Relative Prime Numbers Modular Arithmetic Fermat’s and Euler’s Theorem Extended Euclid’s Algorithm.

1 Lect. 12: Number Theory. Contents Prime and Relative Prime Numbers Modular Arithmetic Fermat’s and Euler’s Theorem Extended Euclid’s Algorithm.
1 In this lecture  Number Theory ● Rational numbers ● Divisibility  Proofs ● Direct proofs (cont.) ● Common mistakes in proofs ● Disproof by counterexample.

1 In this lecture  Number Theory ● Rational numbers ● Divisibility  Proofs ● Direct proofs (cont.) ● Common mistakes in proofs ● Disproof by counterexample.
Cryptography and Network Security

Cryptography and Network Security
Chapter 3 Elementary Number Theory and Methods of Proof.

Chapter 3 Elementary Number Theory and Methods of Proof.
1 Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Presentation by Adi Akavia.

1 Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Presentation by Adi Akavia.
Number Theory and Cryptography

Number Theory and Cryptography
Basic properties of the integers

Basic properties of the integers
Cryptography and Network Security Chapter 4

Cryptography and Network Security Chapter 4
Cryptography and Network Security Chapter 4 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 4 Fourth Edition by William Stallings.
Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Slides by Adi Akavia.

Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Slides by Adi Akavia.
Inverses and GCDs Supplementary Notes Prepared by Raymond Wong

Inverses and GCDs Supplementary Notes Prepared by Raymond Wong
Discrete Structures Chapter 2 Part B Mathematical Induction

Discrete Structures Chapter 2 Part B Mathematical Induction
K. -C. Yang and J. -L. Lin National Tsing Hua University

K. -C. Yang and J. -L. Lin National Tsing Hua University
Introduction Polynomials

Introduction Polynomials
Chapter 4 – Finite Fields Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public.

Chapter 4 – Finite Fields Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic Curve, IDEA, Public.
1 Section 3.3 Mathematical Induction. 2 Technique used extensively to prove results about large variety of discrete objects Can only be used to prove.

1 Section 3.3 Mathematical Induction. 2 Technique used extensively to prove results about large variety of discrete objects Can only be used to prove.

Cryptography Lecture 6 Stefan Dziembowski

Cryptography Lecture 6 Stefan Dziembowski
M. Khalily Dermany Islamic Azad University.  finite number of element  important in number theory, algebraic geometry, Galois theory, cryptography,

M. Khalily Dermany Islamic Azad University.  finite number of element  important in number theory, algebraic geometry, Galois theory, cryptography,
Chapter 2 The Fundamentals: Algorithms, the Integers, and Matrices

Chapter 2 The Fundamentals: Algorithms, the Integers, and Matrices

Similar presentations

Ads by Google