CARMICHAEL NUMBERS Rick Luttmann, PhD Professor Emeritus of Mathematics Sonoma State University 2018 Sacramento Valley Community College Mathematics (SVCCM) Conference American River College (Carmichael) Saturday, March 3, 2018

WHAT’S A CARMICHAEL NUMBER? Short answer: A Carmichael number is a composite counterexample to the converse of Fermat’s Little Theorem. That is, it is a composite number n with the property that for any number b that is relatively prime to n, bn-1  1 (mod n). ARE THERE ANY SUCH NUMBERS?! We’ll see. And BTW what the Hell are we talking about, anyway?!

A valuable tool: Congruence A relation called “congruence modulo m” is defined on the integers when the positive integer m is given. Formally: a  b (mod m) [read “a is congruent to b mod m”] means that (a - b) is a multiple of m [or m is a divisor of (a - b)]. Informally: a and b have the same remainder when divided by m. For example, 39 is congruent to 24 mod 5, because 39 - 24 = 15 and 15 is a multiple of 5; note 39 and 24 both leave 4 as a remainder when divided by 5.

Congruence is an Equivalence Relation It is easily shown that congruence mod m is -- reflexive (every integer is congruent to itself), -- symmetric (the order of naming the two numbers doesn’t matter), and -- transitive (two numbers both congruent to a third are congruent to each other). Thus the set of integers is partitioned into equivalence classes, here commonly called congruence classes; each class corresponds to a possible remainder on division by m. So there are m classes, one each corresponding to 0, 1, 2, …, m-1. For example there are five equivalence classes modulo 5: the multiples of 5; the numbers 1 more than a multiple of 5; …; the numbers 4 more than a multiple of 5.

Congruence behaves very much like equality All the things one is accustomed to doing to equations in algebra can be done to congruences (except division! A factor f can be canceled from both sides provided f is relatively prime to m). For example, the same thing (or congruent things) may be added to both sides of a congruence: If a  b (mod m) then a + c  b + c (mod m); if a  b (mod m) and c  d (mod m), then a + c  b + d (mod m). Both sides of a congruence may be multiplied by the same thing (or congruent things): if a  b (mod m) then ac  bc (mod m); if a  b (mod m) and c  d (mod m), then ac  bd (mod m). In particular both sides of a congruence may be raised to any positive integer power: a  b (mod m) implies an  bn (mod m).

Fermat’s “Little Theorem” If p is prime, then for every b, bp  b (mod p); alternate form: if b ≢ 0 (mod p), i.e., if b is relatively prime to p, then bp-1  1 (mod p). We have a condition that is true of every prime. But is it characteristic of the primes, that is, true only for primes? If not, i.e., if the condition is true for some composites as well -- we have Carmichael numbers! Note that the contrapositive can be used to prove a number is composite without actually finding any factors of it! This is remarkable. For example, let’s test p = 33 (although we certainly know 33 is composite). Let’s take b = 2. If 33 were prime, then 232 would be congruent to 1 mod 33. But check: 232 = (25)6·4  (-1)6·4 = 4 ≢ 1. (Note 25 = 32 = 33 - 1  -1.) My choice of b = 2 was pretty arbitrary. Other values of b might work just as well, though b = 2 is simplest. But all I needed is one.

“This number is probably prime”! The test above for n being composite won’t ever work on a composite n if for every b relatively prime to n, bn-1  1 (mod n), i.e., when n is Carmichael. For this reason, Carmichael numbers are also sometimes called “pseudoprimes”. They behave like primes to a certain extent. But in some sense the more values of b which result in n not being shown to be composite, the more likely it is that n is prime. That’s why if we’re testing a large number n for non-primality, and it satisfies bn-1  1 (mod n) for lots of values of b and never fails for any, then n is “probably” prime.

Proof of Fermat’s Little Theorem: Let p be prime, and let b be relatively prime to p, which means in this case that b is not a multiple of p. No two of the p-1 numbers 1b, 2b, 3b, …, (p -1)b are congruent mod p. In case this is not obvious: if mb  nb (mod p), then p divides b(m-n). Since p does not divide b, it must divide m-n. But m and n are both between 1 and p -1, and their difference is therefore strictly between -p and p. The only multiple of p in that interval is 0. So m - n = 0, m = n, and then mb and nb determine the same congruence class. Thus the numbers 1b, 2b, 3b, …, (p-1)b are just a scrambling of the numbers 1, 2, 3, …, p -1, and thus the products of the two sets are equal. The first product is bp-1 times (p-1)!; the second product is just (p-1)!. So bp-1(p-1)!  (p-1)! (mod p) and therefore bp-1  1 (mod p).

Illustration: p = 13, b = 5 5 is relatively prime to 13, so we need to show 512  1 (mod 13). Multiply all the numbers 1, 2, …, 12 by 5 and reduce mod 13: 5, 10, 15  2, 20  7, 25  12, 30  4, 35  9, 40  1, 45  6, 50  11, 55  3, 60  8. All numbers from 1 through 12 are present, just in a different order. But multiplication is commutative, so order doesn’t matter. 12! = 1·2·…·12 = 5·10·2·7·12·4·9·1·6·11·3·8  (5·1)·(5·2)·…·(5·12)  512·12! Cancel the 12!, and 512  1 (mod 13).

The first three Carmichael numbers are 561, 1105, and 1729. It’s not as hard as it might seem to verify, at least, that these three numbers are Carmichael. (It is harder to prove that all the numbers skipped are not Carmichael!) For 561: Note that its prime factorization is 3·11·17. We must show that for any b relatively prime to 561, b560  1 (mod 561). Suppose a number b is relatively prime to 561; then it is also relatively prime to 3, 11, and 17. Therefore by Fermat’s Little Theorem, b2  1 (mod 3), b10  1 (mod 11), and b16  1 (mod 17). But 2, 10, and 16 all divide 560, so that means b560  1 (mod 3) [by raising both sides of b2  1 (mod 3) to the integer power 560/2], b560  1 (mod 11) [by raising both sides of b10  1 (mod 11) to the integer power 560/10], b560  1 (mod 17) [by raising both sides of b16  1 (mod 17) to the integer power 560/16]. Thus, since 3, 11, and 17 are relatively prime, b560  1 (mod 561).

The same strategy works for 1105 = 5·13·17 because 4, 12, and 16 all divide 1104, and for 1729 = 7·13·19 because 6, 12, and 18 all divide 1728. For 1105: Its prime factorization is 5·13·17. We must show that for any b relatively prime to 1105, b1104  1 (mod 1105). Let b be relatively prime to 1105; then it is also relatively prime to 5, 13, and 17. Therefore by Fermat’s Little Theorem, b4  1 (mod 5), b12  1 (mod 13), and b16  1 (mod 17). But 4, 12, and 16 all divide 1104, so that means b1104  1 (mod 5) [by raising both sides of b4  1 (mod 5) to the integer power 1104/4 = 276], b1104  1 (mod 13) [by raising both sides of b12  1 (mod 13) to the integer power 1104/12 = 92], b1104  1 (mod 17) [by raising both sides of b16  1 (mod 17) to the integer power 1104/16 = 69]. Thus, since 5, 13, and 17 are relatively prime, b1104  1 (mod 1105).

Folklore regarding 1,729 and 1,105. That 1729 is the third Carmichael number requires us to update a famous story told by G H Hardy about Ramanujan. Hardy came to visit Ramanujan to work jointly on some problems. Hardy commented that he had arrived in a taxicab with the undistinguished serial number 1729 and he hoped this wasn’t a bad omen for their work that day. Ramanujan replied with some indignation that 1729 is certainly NOT undistinguished: It is the smallest number that can be written in two distinct ways as a sum of two cubes! 1729 = 123 + 13 but also = 103 + 93; a simple check of sums of pairs of the numbers 13, 23, …, 123 verifies that no other pairs have equal sums. Hardy remarked that Ramanujan apparently regarded every number as a personal friend. Another way to express the above property of 1729 is that it’s expressible as the sum of two cubes in more ways (2) than any smaller number. Interestingly, the second Carmichael number, 1105, is expressible as the sum of two squares in more ways (4) than any smaller number.

Korselt’s Criterion: A necessary and sufficient condition for a composite number n to be Carmichael is that n be a product of distinct primes, n = p1p2 … pk, such that for each i between 1 and k, pi - 1 divides n – 1. We have used sufficiency already, and it is pretty obvious that it always works. Korselt showed that the condition is also necessary. When Korselt published his paper in 1899, no one (including Korselt!) knew any Carmichael numbers, or even knew if any existed. In 1910, Robert Daniel Carmichael actually found (the first) 15 examples of these numbers using Korselt’s Criterion, and conjectured that there are infinitely many. OK, I lied: It turns out that in fact someone did know some Carmichael numbers before Carmichael (avant la lettre) and even before Korselt published his Criterion, namely, in 1885 the Czech mathematician Vaclav Simerka discovered the first seven Carmichael numbers, but his work remained unnoticed. He did not use, and apparently did not know, Korselt’s Criterion.

Details of Korselt’s Criterion It can be shown that all these primes pi must be odd, and that there must be at least 3 of them, i.e., k ≥ 3. Theorem: For n = p1p2 … pk to be Carmichael, at the very least n must be square-free, that is, all pi must be distinct. Proof: The lcm of a bunch of primes is not simply their product if some are repeated. Corollary 1: All pi must be odd, that is, 2 is not among them; in turn, n must be odd. Proof: Suppose n is a square-free even composite, that is 2 divides n, and since n is composite there must be another prime p that divides n; moreover, that p cannot be 2 and so must be odd, because n is square-free. Since (p – 1)|(n – 1) for n to be Carmichael, we would have an even (p – 1) dividing an odd (n – 1), an impossibility. Corollary 2: A Carmichael number n has at least three factors, i.e., k ≥ 3. Proof: Let n = pq, and let (p – 1)|(n – 1) and (q – 1)|(n – 1). From (p – 1)|pq – 1) we come easily to (p – 1)|(pq – 1) – q(p - 1) = q – 1. By a symmetric argument, (q – 1)|(p – 1). Hence p = q. So n is not square-free, therefore not Carmichael.

Here are more Carmichael Numbers C(n) denotes the nth Carmichael number n C(n) Factorization n C(n) Factorization n C(n) Factorization 1 561 3·11·17 11 41,041 7·11·13·41 21 172,081 7·13·31·61 2 1,105 5·13·17 12 46,657 13·37·97 22 188,461 7·13·19·109 3 1,729 7·13·19 13 52,633 7·73·103 23 252,601 41·61·101 4 2,465 5·17·29 14 62,745 3·5·47·89 24 278,545 5·17·29·113 5 2,821 7·13·31 15 63,973 7·13·19·37 25 294,409 37·73·109 6 6,601 7·23·41 16 75,361 11·13·17·31 26 314,821 13·61·397 7 8,911 7·19·67 17 101,101 7·11·13·101 27 334,153 19·43·409 8 10,585 5·29·73 18 115,921 13·37·241 28 340,561 13·17·23·67 9 15,841 7·31·73 19 126,217 7·13·19·73 29 399,001 31·61·211 10 29,341 13·37·61 20 162,401 17·41·233 30 410,041 41·73·137

“The First … ” The first Carmichael numbers with 4 factors: 41041, 62745, 63973, 75361, 101101, 126217, 172081, 188461, 278545, 340561, 449065, 552721, 656601, 658801, 670033, 748657, 838201, 852841 The first Carmichael numbers with 5 factors: 825265, 1050985, 9890881, 10877581, 12945745, 13992265, 16778881 The first Carmichael numbers with 6 factors: 321197185, 413631505, 417241045, 496050841, 509033161, 611397865 The first Carmichael numbers with k factors for k = 3 4 5 6 7 8 9 561 41041 825265, 321197185, 5394826801, 232250619601, 9746347772161 10 11 12 1436697831295441, 60977817398996785, 7156857700403137441 Interesting? The smallest Carmichael number with nine prime factors, nearly 10 trillion, has eight of its nine prime factors among the smallest 12 odd primes; the ninth prime is 641, which plays a fundamental role in Euler’s proof that Fermat’s conjecture about Fermat primes is wrong. In 1992 Löh and Niebuhr discovered several very large Carmichael numbers. The largest has over one million prime factors and over 16 million digits!

By powers of 10 -- THEY THIN OUT! Number of Carmichael numbers less than 10k: 101: 0 108 : 255 1015: 105212 102: 0 109 : 646 1016: 246683 103: 1 1010: 1547 1017: 585355 104: 7 1011: 3605 1018: 1401644 105: 16 1012: 8241 1019: 3381806 106: 43 1013: 19279 1020: 8220777 107: 105 1014: 44706 1021: 20138200 Their density is declining: by a factor of about ¼ for every 10-fold increase in n. Up to 1021 there is on average only one Carmichael number per 50 trillion numbers!

But there are infinitely many! In 1994 (just a blink of an eye ago in a subject that is millenia old), it was proven by W R Alford, Andrew Granville, and Carl Pomerance that there are infinitely many Carmichael numbers -- as previously conjectured by Carmichael in 1910 and argued heuristically by Paul Erdös in the 1950’s. Let H(n) denote the number of Carmichael numbers ≤ n. Note H(C(n)) = n. What Alford et al showed is that, for all sufficiently large n, H(n) exceeds n2/7. (It is not necessary to know how large “sufficiently large” is.) Whatever, H(n) -> ∞. n = 1000 is not sufficiently large, since 10002/7 is between 7 and 8, but there is only one Carmichael number (561) less than or equal to 1000. n = 10,000,000 = 107 might be sufficiently large, since (107)2/7 is 100, and there are 105 Carmichael numbers less than or equal to 10,000,000. Subsequent research showed that the exponent 2/7 = .285… is not best possible. In 2005 Harman improved the exponent first to .332 and then to .33336704, slightly larger than 1/3. (“Sufficiently large” might have to be increased as the exponent increases.) Upper bounds on H(n) are also known.

Theorems on number of factors of Carmichael numbers Let r be called an “F-number” if there are infinitely many Carmichael numbers with exactly r prime factors. Let F denote the set of all r’s that are F-numbers. Theorem: F is non-empty Theorem: F is infinite! Conjecture: F contains all r ≥ 3 If a prime p1 is specified, there are only finitely many pairs of primes p2 and p3 such that p1 p2 p3 is Carmichael. More generally, if k distinct primes are specified, there are only finitely many Carmichael numbers with exactly k + 2 prime factors including these.

Chernick Carmichael Numbers In 1939, J Chernick proved that numbers of the form (6m+1)(12m+1)(18m+1) are Carmichael providing that all three factors are prime. For example, if m = 1, this form gives 7·13·19 = 1729 = C(3), the Hardy-Ramanujan number. For m = 6, we obtain 37·73·109 = 294,409 = C(25), the 25th Carmichael number. For m = 35, we obtain 56,052,361. For m = 45, we obtain 118,901,521. The next values of m that produce primes (and hence Carmichael numbers) are 51 -> 172,947,529, 55 -> 216,821,881, 56 -> 228,842,209, and 100 ->1,299,963,601. Note that this product may be Carmichael even if not all factors are prime, e.g., m = 5. Then we get 31·61·91; 31 and 61 are prime, but 91 = 7·13. Yet the product 7·13·31·61 = 172,081 = C(21). It is not known whether there are infinitely many Carmichael numbers of this form. It is known, however, that a necessary (but not sufficient) condition on m for the three factors to be prime is that m be congruent to 0 or 1 mod 5 (so in base 10, m would end with digit 0, 1, 5, or 6). Chernick’s form can be extended to (6m+1)(12m+1)(18m+1)(36m+1), to (6m+1)(12m+1)(18m+1)(36m+1)(72m+1), etc. Note that subsequent factors must have m coefficients that are consecutive multiples of 36. All factors must still be prime. For example, the four-factor form with m = 1 yields 7·13·19·37 = 63,973 = C(15).

USES OF CARMICHAEL NUMBERS The inevitable question: WHAT ARE CARMICHAEL NUMBERS GOOD FOR? They make excellent PINs!