1. The document discusses primality testing algorithms. It describes Fermat's primality test which uses Fermat's Little Theorem to test if a number is prime or composite. 2. It presents a Monte Carlo algorithm for primality testing that chooses random numbers a between 1 and n-1, and tests if an-1 = 1 (mod n). If equality does not hold, n is composite. If it holds for many a values, n is probably prime. 3. The algorithm runs in polynomial time by choosing random numbers a in binary representation using O(logn) coin tosses, and testing the congruence in O(logn) time using fast exponentiation.

1. Scribe:NimritaKoul
EntryNumber:2007mcs3136
Professor:Prof.Kavitha.Professor:Prof.Kavitha.
LectureDate:18/2/08
1

2. Aprimalitytestisatesttodetermine
whetherornotagivennumberisprime
2
whetherornotagivennumberisprime
withoutactuallydecomposingthe
numberintoitsconstituentprimefactors.

3. Theproblemofprimalitytesting
Fermat'sprimalitytest
MonteCarloalgorithmforprimalitytesting
AnalysisofAlgorithm..Claims1,2,3AnalysisofAlgorithm..Claims1,2,3
ModifiedAlgorithm
3

4. Givenanoddintegern+>=3,
Todetermineif“n”isprimeorcomposite
Goal:Designanalgorithmforthisproblem
whoserunningtimeispolynomialintheinputwhoserunningtimeispolynomialintheinput
length,ifnisvalueofinputitslengthisceiling
logn.
4

5. Fermat'slittletheoremstatesthatifpisprimeand1<=a<p,
thenap-1=1(modp).
Ifwewanttotestifpisprime,thenwecanpickrandoma's
intheintervalandseeiftheequalityholds.Iftheequality
doesnotholdforavalueofa,thenpiscomposite.Ifthe
equalitydoesholdformanyvaluesofa,thenwecansay
thatpisprobablyprime,orapseudoprime.thatpisprobablyprime,orapseudoprime.
Itmaybeinourteststhatwedonotpickanyvaluefora
suchthattheequalityfails.Anyasuchthatan-1=1(modn)
whenniscompositeisknownasaFermatliar.Ifwedopick
anasuchthatan-1≠1(modn)
thenaisknownasaFermatwitnessforthecompositenessof
n.
5

6. 1.Choosearandomnumber“a”uniformlyat
randomfromtheset{1,2,3,….,n-1}.
Torepresentsuchanumberinbinary,logn
bitswillberequired,togettheselognbitswe
tossacoinlogntimes,itmaygiveanumber
bitswillberequired,togettheselognbitswe
tossacoinlogntimes,itmaygiveanumber
greaterthannandinthatcasewediscardit
andtossagain.
Thissteprequireslogntime.
6

7. 2.Ifgdc(a,n)≠1thenreturncomposite
Elseaisrelativelyprimeton.
Supposen=p2thenfrom1,2,---,p2-1thereareSupposen=p2thenfrom1,2,---,p2-1thereare
psuchnumberswhichhavesamegcdasn,
thereforetheprobabilitytopicksuchano.is
p/p2=1/p.
7

8. Claim1:Ifnisprimethenforalla,suchthata
doesnotdividen,gcd(a,n)=1then
an-1=1(modn)
Foranyx,yandn,
Ifx=y(modn),thentheremainderwhenxisdividedby
nissameasremainderwhenyisdividedbynor(x-y)
isamultipleofn
i.e.x=k1n+r
y=k2n+r
8

9. Ifwepartitionthesetofnumberswithrespect
totheremaindersweobtaindifferentclassesof
integerswhereeachclassincludesnumbers
withsameremainderwhendividedbyn.
E.g.Z0={0,n,2n,,-n,-2n}
Z={1,n+1,2n+1,-n+1,-2n+1…}Z1={1,n+1,2n+1,-n+1,-2n+1…}
.
.
Zn={0,1,2,……,n-1}
9

10. SupposeClaim1’sconverseiftruei.e.,
Converseofclaim1:ifniscompositethenits
notthecasethatforallainZn*,an-1=1modn.
i.e.,thereexistsatleastoneainZn*suchthat
a≠1modn.
i.e.,thereexistsatleastoneainZn*suchthat
an-1≠1modn.
Inotherwords,ifaiscompositethenthere
existsanainZn*suchthatan-1≠1modn.
Theconverseofclaimoneisnottrue,theredo
existcarmichaelnos.withthepropertythatfor
allainZn*,wehavean-1=1modn.
10

11. AGroupisapairconsistingofasetwithanoperation
definedonitsuchthatthegroupisclosedunderthe
operation,theoperationisassociative,thegrouphas
anidentityelementwithrespecttotheoperationand
foreachelementinthesetthereexistsaninverse,such
thattheoperationonanelementanditsinverseyields
theidentityelement.
E.g.,Setofintegersunderbinaryadditionformsa
group(Z,+),i.e.,
Foranya,binZ,sum(a+b)isinZ
(a+b)+c=a+(b+c),i.e.,thesumisassociative
Thegrouphasanidentityelement0for+operation.
ForeachelementainZwehaveanelement–asuchthata+(-
a)=(-a)+a=0.
11

12. (Zn,+n)isagroup,where+nissummodulon.
Ifgcd(a,b)=g,wherea,b,&gareintegers,then
thereexistintegerssayx&ysuchthat
xa+yb=g
IfZn
*isasetofnumbersbetween1&n-1whichare
relativelyprimeton,then(Zn
*,*n)formsagroup.
12

13. IfGisafinitegroup&HisasubgroupofG
thensizeofGisdivisiblebysizeofH.
If(G,o)isagroup,HisasubsetofG,such
that(H,o)formsagroupthenHisasubgroup
ofG.
that(H,o)formsagroupthenHisasubgroup
ofG.
13

14. IfH=G,theproofistrivial.
LetH≠G,&H={h1,h2,h3,…….hk}
LetgєG-H,then
g1H={g1h1,g2h2,……….g1hk}g1H={g1h1,g2h2,……….g1hk}
g2H={g2h1,g2h2,……….g2hk}
.
.
gnH={gnh1,gnh2,…………gnhk}
Everytimewecreateknewelements(cosets).
14

15. Chooseano.auniformlyatrandomfrom
{1,2,..n-1}.
Ifgcd(a,n)≠1thenreturncomposite
ElseElse
computeb=an-1modn.
Ifb≠1thenreturncomposite
Else{aєZn*}
computeb=an-1modn
Ifb≠1thenreturncomposite
elsereturnprime
15

16. IfthereexistsanainZn*suchthatan-1≠1mod
nthenweclaimthatatleasthalfofthe
elementsofZn*satisfytheconditionthatan-1
≠1modn.
LetSbetheno.ofelementsinZn*suchthataє
Zn*,an-1≠1modn.
ThenH=Zn*-S={aєZn*,an-1≠1modn}
HformsasubgroupofZn*.
16

17. ConsidersetH={aєZn*:an-1=1modn}
1)aєH&bєH=>abєH
(ab)n-1=an-1bn-1=1modn
2)aєH=>an-1=1modn=(a-1)n-1=1modn2)aєH=>a=1modn=(a)=1modn
ThereforeHisasubgroupofZn*
|H|<=|Z|/2becauseHisastrictsubgroupofZn*
i.e.atleastoneelementinZn*doesn’tfallinH.So
maxsizeofHishalfofZn*.
17