This document discusses the complexity of primality testing. It begins by explaining what prime and composite numbers are, and why primality testing is important for applications like public-key cryptography that rely on the assumption that factoring large composite numbers is computationally difficult. It then covers algorithms for primality testing like the Monte Carlo algorithm and discusses their runtime complexities. It shows that while testing if a number is composite can be done in polynomial time, general number factoring is believed to require exponential time, making primality testing an important problem.
A Primality test is an algorithm for determining whether an input number is Prime. Among other fields of mathematics, it is used for Cryptography. Factorization is thought to be a computationally difficult problem, whereas primality testing is comparatively easy (its running time is polynomial in the size of the input).
Euclid's Algorithm for Greatest Common Divisor - Time Complexity AnalysisAmrinder Arora
Euclid's algorithm for finding greatest common divisor is an elegant algorithm that can be written iteratively as well as recursively. The time complexity of this algorithm is O(log^2 n) where n is the larger of the two inputs.
A Primality test is an algorithm for determining whether an input number is Prime. Among other fields of mathematics, it is used for Cryptography. Factorization is thought to be a computationally difficult problem, whereas primality testing is comparatively easy (its running time is polynomial in the size of the input).
Euclid's Algorithm for Greatest Common Divisor - Time Complexity AnalysisAmrinder Arora
Euclid's algorithm for finding greatest common divisor is an elegant algorithm that can be written iteratively as well as recursively. The time complexity of this algorithm is O(log^2 n) where n is the larger of the two inputs.
I am Charles G. I am a Signal Processing Assignment Expert at matlabassignmentexperts.com. I hold a Ph.D. in Matlab, The Pennsylvania State University. I have been helping students with their homework for the past 6 years. I solve assignments related to Signal Processing.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com.
You can also call on +1 678 648 4277 for any assistance with Signal Processing Assignments.
I am Boniface P. I am a Signal Processing Assignment Expert at matlabassignmentexperts.com. I hold a Ph.D. in Matlab, The University of Edinburg. I have been helping students with their homework for the past 14 years. I solve assignments related to Signal Processing.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com.
You can also call on +1 678 648 4277 for any assistance with Signal Processing Assignments.
I am Geoffrey J. I am a Signal Processing Assignment Expert at matlabassignmentexperts.com. I hold a Ph.D. in Matlab, Arizona State University. I have been helping students with their homework for the past 8 years. I solve assignments related to Signal Processing.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com. You can also call on +1 678 648 4277 for any assistance with Signal Processing Assignments.
I am Duncan V. I am a Digital Signal Processing Assignment Expert at matlabassignmentexperts.com. I hold a Ph.D. in Matlab, Ball State University, Indiana. I have been helping students with their homework for the past 8 years. I solve assignments related to Digital Signal Processing.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com.
You can also call on +1 678 648 4277 for any assistance with Digital Signal Processing Assignments.
I am Elijah L. I am an Algorithm Assignment Expert at programminghomeworkhelp.com. I hold a Bachelor’s Degree in Programming, Leeds University, UK. I have been helping students with their homework for the past 6 years. I solve assignments related to Algorithms.
Visit programminghomeworkhelp.com or email support@programminghomeworkhelp.com.You can also call on +1 678 648 4277 for any assistance with Algorithm assignments.
I am Charles B. I am an Algorithm Assignment Expert at programminghomeworkhelp.com. I hold a Ph.D. in Programming, Texas University, USA. I have been helping students with their homework for the past 6 years. I solve assignments related to Algorithms.
Visit programminghomeworkhelp.com or email support@programminghomeworkhelp.com.You can also call on +1 678 648 4277 for any assistance with Algorithm assignments.
Ch-2 final exam documet compler design elementsMAHERMOHAMED27
The "Project Risk Management" course transformed me from a passive observer of risk to a proactive risk management champion. Here are some key learnings that will forever change my approach to projects:
The Proactive Mindset: I transitioned from simply reacting to problems to anticipating and mitigating them. The course emphasized the importance of proactive risk identification through techniques like brainstorming, SWOT analysis, and FMEA (Failure Mode and Effect Analysis). This allows for early intervention and prevents minor issues from snowballing into major roadblocks.
Risk Assessment and Prioritization: I learned to assess the likelihood and impact of each identified risk. The course introduced qualitative and quantitative risk analysis methods, allowing me to prioritize risks based on their potential severity. This empowers me to focus resources on the most critical threats to project success.
Developing Response Strategies: The course equipped me with a toolbox of risk response strategies. I learned about risk avoidance, mitigation, transference, and acceptance strategies, allowing me to choose the most appropriate approach for each risk. For example, I can now advocate for additional training to mitigate a knowledge gap risk or build buffer time into the schedule to address potential delays.
Communication and Monitoring: The course highlighted the importance of clear communication regarding risks. I learned to effectively communicate risks to stakeholders, ensuring everyone is aware of potential challenges and mitigation plans. Additionally, I gained valuable insights into risk monitoring and tracking, allowing for continuous evaluation and adaptation as the project progresses.
In essence, "Project Risk Management" equipped me with the knowledge and tools to navigate the inevitable uncertainties of projects. By embracing a proactive approach, I can now lead projects with greater confidence, increasing the chances of achieving successful outcomes.
This file contains the contents about dynamic programming, greedy approach, graph algorithm, spanning tree concepts, backtracking and branch and bound approach.
I am Charles G. I am a Signal Processing Assignment Expert at matlabassignmentexperts.com. I hold a Ph.D. in Matlab, The Pennsylvania State University. I have been helping students with their homework for the past 6 years. I solve assignments related to Signal Processing.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com.
You can also call on +1 678 648 4277 for any assistance with Signal Processing Assignments.
I am Boniface P. I am a Signal Processing Assignment Expert at matlabassignmentexperts.com. I hold a Ph.D. in Matlab, The University of Edinburg. I have been helping students with their homework for the past 14 years. I solve assignments related to Signal Processing.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com.
You can also call on +1 678 648 4277 for any assistance with Signal Processing Assignments.
I am Geoffrey J. I am a Signal Processing Assignment Expert at matlabassignmentexperts.com. I hold a Ph.D. in Matlab, Arizona State University. I have been helping students with their homework for the past 8 years. I solve assignments related to Signal Processing.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com. You can also call on +1 678 648 4277 for any assistance with Signal Processing Assignments.
I am Duncan V. I am a Digital Signal Processing Assignment Expert at matlabassignmentexperts.com. I hold a Ph.D. in Matlab, Ball State University, Indiana. I have been helping students with their homework for the past 8 years. I solve assignments related to Digital Signal Processing.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com.
You can also call on +1 678 648 4277 for any assistance with Digital Signal Processing Assignments.
I am Elijah L. I am an Algorithm Assignment Expert at programminghomeworkhelp.com. I hold a Bachelor’s Degree in Programming, Leeds University, UK. I have been helping students with their homework for the past 6 years. I solve assignments related to Algorithms.
Visit programminghomeworkhelp.com or email support@programminghomeworkhelp.com.You can also call on +1 678 648 4277 for any assistance with Algorithm assignments.
I am Charles B. I am an Algorithm Assignment Expert at programminghomeworkhelp.com. I hold a Ph.D. in Programming, Texas University, USA. I have been helping students with their homework for the past 6 years. I solve assignments related to Algorithms.
Visit programminghomeworkhelp.com or email support@programminghomeworkhelp.com.You can also call on +1 678 648 4277 for any assistance with Algorithm assignments.
Ch-2 final exam documet compler design elementsMAHERMOHAMED27
The "Project Risk Management" course transformed me from a passive observer of risk to a proactive risk management champion. Here are some key learnings that will forever change my approach to projects:
The Proactive Mindset: I transitioned from simply reacting to problems to anticipating and mitigating them. The course emphasized the importance of proactive risk identification through techniques like brainstorming, SWOT analysis, and FMEA (Failure Mode and Effect Analysis). This allows for early intervention and prevents minor issues from snowballing into major roadblocks.
Risk Assessment and Prioritization: I learned to assess the likelihood and impact of each identified risk. The course introduced qualitative and quantitative risk analysis methods, allowing me to prioritize risks based on their potential severity. This empowers me to focus resources on the most critical threats to project success.
Developing Response Strategies: The course equipped me with a toolbox of risk response strategies. I learned about risk avoidance, mitigation, transference, and acceptance strategies, allowing me to choose the most appropriate approach for each risk. For example, I can now advocate for additional training to mitigate a knowledge gap risk or build buffer time into the schedule to address potential delays.
Communication and Monitoring: The course highlighted the importance of clear communication regarding risks. I learned to effectively communicate risks to stakeholders, ensuring everyone is aware of potential challenges and mitigation plans. Additionally, I gained valuable insights into risk monitoring and tracking, allowing for continuous evaluation and adaptation as the project progresses.
In essence, "Project Risk Management" equipped me with the knowledge and tools to navigate the inevitable uncertainties of projects. By embracing a proactive approach, I can now lead projects with greater confidence, increasing the chances of achieving successful outcomes.
This file contains the contents about dynamic programming, greedy approach, graph algorithm, spanning tree concepts, backtracking and branch and bound approach.
I am Charles B. I am a Programming Exam Expert at programmingexamhelp.com. I hold a Ph.D. in Programming Texas University, USA. I have been helping students with their exams for the past 9 years. You can hire me to take your exam in Programming.
Visit programmingexamhelp.com or email support@programmingexamhelp.com. You can also call on +1 678 648 4277 for any assistance with the Programming Exam.
Basic Computer Engineering Unit II as per RGPV SyllabusNANDINI SHARMA
Algorithm, Flowchart, Categories of Programming Languages, OOPs vs POP, concepts of OOPs, Inheritance, C++ Programming, How to write C++ program as a beginner, Array, Structure, etc
Delivering Micro-Credentials in Technical and Vocational Education and TrainingAG2 Design
Explore how micro-credentials are transforming Technical and Vocational Education and Training (TVET) with this comprehensive slide deck. Discover what micro-credentials are, their importance in TVET, the advantages they offer, and the insights from industry experts. Additionally, learn about the top software applications available for creating and managing micro-credentials. This presentation also includes valuable resources and a discussion on the future of these specialised certifications.
For more detailed information on delivering micro-credentials in TVET, visit this https://tvettrainer.com/delivering-micro-credentials-in-tvet/
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionTechSoup
Let’s explore the intersection of technology and equity in the final session of our DEI series. Discover how AI tools, like ChatGPT, can be used to support and enhance your nonprofit's DEI initiatives. Participants will gain insights into practical AI applications and get tips for leveraging technology to advance their DEI goals.
This slide is special for master students (MIBS & MIFB) in UUM. Also useful for readers who are interested in the topic of contemporary Islamic banking.
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
How to Build a Module in Odoo 17 Using the Scaffold MethodCeline George
Odoo provides an option for creating a module by using a single line command. By using this command the user can make a whole structure of a module. It is very easy for a beginner to make a module. There is no need to make each file manually. This slide will show how to create a module using the scaffold method.
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...NelTorrente
In this research, it concludes that while the readiness of teachers in Caloocan City to implement the MATATAG Curriculum is generally positive, targeted efforts in professional development, resource distribution, support networks, and comprehensive preparation can address the existing gaps and ensure successful curriculum implementation.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
Azure Interview Questions and Answers PDF By ScholarHat
The Complexity Of Primality Testing
1. THE COMPLEXITY OF
PRIMALITY TESTING
Presented By:
Mohammad Elsheikh Salim Elsheikh
lecturer - Shendi University (Sudan)
Mohammad_elgarrai@yahoo.com
Supervision of:
DR.Mohammed El-Hafiz
الرحيم الرحمن هللا بسم
SUDAN UNIVERSITY OF SCIENCE AND
TECHNOLOGY
COLLEGE OF COMPUTER SCIENCE AND
INFORMATION TECHNOLOGY
PHD 4
2. SEMINAR OBJECTIVES
2
SEMINAR OBJECTIVES
Explaining Primality Testing Problem.
Why Primality Testing is important .
Which Field required it.
Algorithm that can solve this problem and it
complexity classes.
3. Introduction
Prime numbers have attracted much attention
from mathematicians for many centuries.
However, the first actual use of prime numbers
in an important area outside of the theory of
numbers was discovered only in the mid to
late 1900s.
This was in the establishment of a technical
system to be used in maintaining the secrecy
of electronic communications.
4. Definition
Factor: when two or more numbers are multiplied,
each number is called a factor of the product. 6 =
2 * 3
Prime number: is a whole number greater than 1
that has exactly two positive factors, 1 and itself.
Example :
2, 3, 5, 7, 11, 13, and 17.
Composite number: is a whole number that has
more than two positive factors. Example: 4, 6,
8….
504 is composite, and its prime factorization is
23 x 32 x 7.
0 and 1 > Neither prime nor composite.
5. The Importance of Testing
Primality5
Primality testing are essential ingredients in
computer-security systems.
There are a number of techniques that
enhance computer security, rely on the
assumption that it is hard to factor
numbers, that is, given a composite
number, to find its prime factors.
6. The Importance of Testing
Primality6
In particular, these schemes, based on what
are called RSA codes, use integers of, say,
128 bits that are the product of two primes,
each of about 64 bits.
Two scenarios to explain it:
Public-Key Cryptography
Public-Key Signatures
7. Co. The Importance of Testing
Primality7
Public-Key Cryptography
y
f()> steps is …
etc.
What about k
9. Co. The Importance of Testing
Primality9
Both scenarios above are believed to work
and to be secure, in the sense that it really
does take exponential time to factor the
product of two large primes:
1. The construction of public keys requires that
we be able to find large primes quickly.
2. The security depends on there being no
polynomial way to factor in general.
10. Introduction to Modular
Arithmetic10
First we explain what is the Remainders.
Given two integers a and b, as long as b ≠ 0, we
can find q (quotient) and r (remainder), such that
a =q*b + r.
Let’s let b = 5.
• 0 = 0*5 + 0
• 1 = 0*5 + 1
• 2 = 0*5 + 2
• 3 = 0*5 + 3
• 4 = 0*5 + 4
• 5 = 1*5 + 0
• 6 = 1*5 + 1
• 7 = 1*5 + 2
• 8 = 1*5 + 3
• 9 = 1*5 + 4
• 10 = 2*5 + 0
.
.
.
.
.
11. What is modular arithmetic?
Arithmetic with the remainders upon division
by a fixed number n.
It is based upon the idea that the remainder of
the sum / difference / product of two numbers
is the remainder of the sum / difference /
product of the remainders.
For example, if n=5,
(31+7)%5 = 38%5 = 3, and
(31%5+7%5)%5 = (1+2 )%5 =3
12. Introduction to Modular
Arithmetic12
Example: Suppose p = 13 Then
3 + 5 ≡13 8 <=> (3 + 5) modulo 13 = 8
7 + 10 ≡13 4.
o 7 + 10 = 17 => 17 > 13 => 17-13 = 4
-5 ≡13 8.
o 13 – 5 = 8 => 8 < 13
11- 4 ≡13 7
4 - 11 ≡13 6.
o 4 - 11 = -7 => no negative so we must add 13 to get 6.
14. Introduction to Modular
Arithmetic14
Some useful facts, which we shall not prove
here are:
If p is a prime, then ap-1 = 1 modulo p. This
statement is called Fermat’s theorem.
The degree of a modulo a prime p is always a
divisor of p - 1.
If p is a prime, there is always some a that has
degree p - 1 modulo p.
15. The Complexity of Modular-
Arithmetic Computations15
Compute modulo some prime p, and the binary
representation of p is n-bits long; i.e., p itself is
around 2n.
The running time of a computation is stated in
terms of n, the input length, rather than p, the
“value” of the input. For Instance, counting up
to p takes time O(2n),
Will not be polynomial-time, as a function of n.
16. The Complexity of Modular-
Arithmetic Computations16
Add two numbers modulo p in O(n) time on a
typical computer or multitape TM.
Recall that we simply add the binary numbers,
and if the result is p or greater, then subtract p.
Likewise, we can multiply two numbers in
O(n2) time, either on a computer or a Turing
machine.
After multiplying the numbers in the ordinary
way, and getting a result of at most 2n-bits, we
divide by p and take the remainder.
17. The Complexity of Modular-
Arithmetic Computations17
Raising a number x to an exponent is trickier,
since that exponent may itself be exponential
in n.
Since p - 1 is around 2n , if we were to multiply
x by itself p - 2 times, we would need O(2n)
multiplications, and even though each
multiplication involved only n-bit numbers and
could be carried out in O(n2) time,
The total time would be O(n22n), which is not
polynomial in n.
18. The Complexity of Modular-
Arithmetic Computations18
Fortunately, there is a “recursive-doubling”
trick that lets us compute xp-1 in time that is
polynomial in n:
1. Compute the at most n exponents x,x2,x4,x8,... ,
until the exponent exceeds p - 1. Each value is
an n-bit number that is computed in O(n2) time
by squaring the previous value in the sequence,
so the total work is O(n3).
2. Find the binary representation of p - 1, say
p - 1 = an-1 … a1a0. We can write:
19. The Complexity of Modular-
Arithmetic Computations19
where each aj is either 0 or 1. Therefore,
which is the product of those values for
which aj=1. Since we computed each of those
s in step (1), and each is an n-bit number,
we can compute the product of these n or
fewer numbers in O(n3) time.
Thus, the entire computation of xp-1 takes
O(n3) time.
20. Random-Polynomial Primality
Testing20
The method actually used to generate n-bit
primes is to pick an n-bit number at random
and apply the Monte-Carlo algorithm to
recognize composite numbers some large
number of times, say 50.
If any test says that the number is composite,
then we know it is not a prime. If all 50 fail to
say that it is composite, there is no more than
250 probability that it really is composite.
Thus, we can fairly safely say that the number
is prime and base our secure operation on that
fact.
21. Random-Polynomial Primality
Testing21
Monte - Carlo algorithm for the composite
numbers:
1. Pick an x at random in the range 1 to p - 1.
2. Compute xp-1 modulo p. Note that if p is an n-
bit number, then this calculation takes O(n3)
time
3. If xp-1 ≠ 1 modulo p, accept; x is composite.
Otherwise, halt without accepting.
* If p is prime, then xp-1 = 1 modulo p, so we
always halt without accepting;
22. Random-Polynomial Primality
Testing22
Carmichael numbers:
The smallest Carmichael number is 561, That
is, one can show x560 = 1 modulo 561 for all x
that are not divisible by 3, 11, or 17,
Even though 561 = 3 x 11 x 17 is evidently
composite.
Thus, we shall claim, but without a complete
proof, that:
Theorem : The set of composite numbers is in
RP.
23. Random-Polynomial Primality
Testing23
Can We Factor in Random Polynomial Time?
The previous algorithm may tell us that a number
is composite, but does not tell us how to factor the
composite number.
It is believed that there is no way to factor
numbers, even using randomness, that takes
only polynomial time, or even expected
polynomial time.
If that assumption were incorrect, then the
applications that we discussed would be insecure
and could not be used.
24. Nondeterministic Primality
Tests24
That the language of primes is in NP ∩ co-NP.
Therefore the language of composite numbers,
the complement of the primes, is also in NP ∩
co-NP.
The case is that the primes or the composite
numbers are not NP-complete, for if either
were true then we would have the unexpected
equality NP = co-NP.
One part is easy:
The composite numbers are obviously in NP,
so the primes are in co-NP. We prove that fact
25. Nondeterministic Primality
Tests25
Theorem: The set of composite numbers is in NP.
PROOF;
The nondeterministic, polynomial-time algorithm for the composite
numbers is:
Step one:
Take p as an n-bit number p,
Guess a factor f of at most n-bits.
f ≠ 1 and f ≠ p.
The time taken by any sequence of choices is O(n).
Step Two:
Divide p by f,
Check that the remainder is 0.
Accept if so.
The time taken is O(n2) on a multi tape TM.
26. Nondeterministic Primality
Tests26
Recognizing the primes with a NTM is harder.
While we were able to guess a reason (a
factor) that a number is not a prime, and then
check that our guess is correct, how do we
“guess” a reason a number is a prime? The
nondeterministic polynomial-time algorithm is
based on the fact (asserted but not proved)
that if p is a prime, then there is a number x
between 1 and p – 1 that has degree p - 1
27. Nondeterministic Primality
Tests27
While we could guess a number x easily, using
the nondeterministic capability of a NTM, it is
not immediately obvious how one then checks
that x has degree p-1.
The reason is that if we apply the definition of
degree directly, we need to check that none of
x2,x3,... ,xp-2 are 1.
To do so requires that we perform p - 3
multiplications, and that requires time at least
2n, if p is an n-bit number.
28. Nondeterministic Primality
Tests28
A better strategy is to make use of another fact that we assert
but do not prove:
the degree of x modulo a prime p is a divisor of p - 1.
Thus, if we knew the prime factors of p - 1, it would be sufficient
to check that x(p-1)/q =1 for each prime factor q of p - 1.
If none of these powers of x is equal to 1, then the degree of
x must be p-1 .
The number of these tests is O(n).
Of course we cannot factor p - 1 into primes easily.
However, non-deterministically we can guess the prime
factors of p - 1, and:
a) Check that their product is indeed p -1.
b) Check that each is a prime, using the nondeterministic,
polynomial-time algorithm that we have been designing,
recursively.
29. Nondeterministic Primality
Tests29
Theorem: The set of primes is in NP.
PROOF: Given a number p of n-bits, we do the
following.
First, if n is no more than 2 (i.e., p is 1, 2, or 3),
directly; 2 and 3 are primes, while 1 is not. Otherwise:
1. Guess a list of factors (q1, q2,… , qk), whose binary
representations total at most 2n bits, and none of
which has more than n - 1 bits. It is permitted for the
same prime to appear several times, since p-1 may
have a factor that is a prime raised to a power
greater than 1;
e.g. p = 13 > p - 1 = 12 > factors list is (2, 2, 3).
This part is nondeterministic, but each branch takes
O(n) time.
30. Nondeterministic Primality
Tests30
2. Multiply the q’s together, and verify that their product is p-1.
This part takes no more than O(n2) time and is
deterministic.
3. If their product is p - 1, recursively verify that each is a
prime, using the algorithm being described here.
4. If the q’s are all prime, guess a value of x and check that
x(p1-1)/qj≠1 for any of the qj’s. This test assures that x has
degree p - 1 modulo p, since if it did not, then its degree
would have to divide at least one (p-1)/qj, and we just
verified that it did not.
Note in justification that any x, raised to any power of its
degree, must be 1.
Thus, there are at most k exponentiations, which is surely
no more than n exponentiations, and each one can be
performed in O(n3) time, giving us a total time of O(n4) for
this step.
32. Nondeterministic Primality
Tests32
Product of the children of any node is less than
the value of the node itself.
The work required at a node with value i,
exclusive of work done in recursive calls, is at
most a(log2 i)4 for some constant a;
Thus, The work required by any one level, we
is the maximize of the sum ∑j a (log2(ij))4,
subject to the constraint that the product i1i2…
is at most p. Because the fourth power is
convex,
33. Nondeterministic Primality
Tests33
the maximum occurs when all of the value is in
one of the ij’s . If i1=p, and there are no other ij’s,
then the sum is a(log2p)4.
That is at most an4, since n is the number of bits
in p, and therefore log2p is at most n.
Our conclusion is that the work required at each
depth is at most O(n4). Since there are at most n
levels, O(n5) work suffices in any branch of the
nondeterministic test for whether p is prime.
Now we know that both the primes and their
complement are in NP.
35. Reference
35
Agrawal, Manindra. "PRIMES is in P Manindra Agrawal, Neeraj Kayal and
Nitin Saxena* Department of Computer Science & Engineering Indian
Institute of Technology Kanpur Kanpur-208016, INDIA." (2002).
Homer, Steven, and Alan L. Selman. Computability and complexity theory.
Springer Science & Business Media, 2011.
Hopcroft, John E., Rajeev Motwani, and Jeffrey D. Ullman. "Introduction to
automata theory, languages, and computation." ACM SIGACT News 32, no.
1 (2001): 60-65.
Kozen, Dexter. Theory of computation. Springer Science & Business
Media, 2006.
Lenstra Jr, Hendrik W., and Carl Pomerance. "Primality testing with
Gaussian periods." Lecture Notes in Computer Science (2002): 1-1
Lewis, Harry R., and Christos H. Papadimitriou. Elements of the Theory of
Computation. Prentice Hall PTR, 1997.
Xavier, SP Eugene. Theory Of Automata, Formal Languages And
Computation (As Per Uptu Syllabus). New Age International, 2005.
36. Known Problems with Primes
1. Density
How many primes are in {1…n}?
2. Generation
List all the primes in {1…n}.
3. Testing
Given a positive integer n, is n prime?
4. Random choice
Pick a random prime number in {1...n}.
Ancient Greek, Persian, and Chinese philosophers all studied properties of prime numbers.
RSA (for R. Rivest, A. Shamir, and L, Adelman, the inventors of the technique)
Public-Key Cryptography
You want to buy a book from an on-line bookseller. The seller asks for your credit-card number, but it is too risky to type the number into a form and have the form transmitted over phone fines or the Internet. The reason is that someone could be snooping on your line, or otherwise intercept packets as they travel over the Internet.
To avoid a snooper being able to read your card number, the seller sends your browser a key k, perhaps the 128-bit product of two primes that the sellers computer has generated just for this purpose. Your browser uses a function у = fk(x) that takes both the key k and the data x that you need to encrypt.
The function f, which is part of the RSA scheme, may be generally known, including to potential snoopers, but it is believed that without knowing the factorization of k, the inverse function fk-1 such that x = fk-1(y) cannot be computed in time that is less than exponential in the length of k.
Thus, even if a snooper sees у and knows how f works, without first figuring out what k is and then factoring it, the snooper cannot recover x, which is in this case your credit-card number. On the other hand, the on-line seller, knowing the factorization of key k because they generated it in the first place, can easily apply fk-1 and recover x from y.
Public-Key Signatures
The original scenario for which RSA codes were developed is the following. You would like to be able to “sign” email so that people could easily determine that the email was from you, and yet no one could “forge” your name to an email.
For instance, you might wish to sign the message x “I promise to pay Sally Lee $10”, but you don’t want Sally to be able to create the signed message herself, or for a third party to create such a signed message without your knowledge.
To support these aims, you pick a key k, whose prime factors only you know. You publish k widely, say on your Web site, so anyone can apply the function fk to any message. If you want to sign the message x above and send it to Sally, you compute у = fk-1(x) and send у to Sally instead. Sally can get fk, your public key, from your Web site, and with it compute x = fk(y). Thus, she knows that you have indeed promised to pay $10.
If you deny having sent the message y, Sally can argue before a judge that only you know the function fk-1, and it would be “impossible” for either her or any third party to have discovered that function. Thus, only you could have created y. This system relies on the likely-but-unproven assumption that it is too hard to factor numbers that are the product of two large primes.
Requirements Regarding Complexity of Primality Testing
Both scenarios above are believed to work and to be secure, in the sense that it really does take exponential time to factor the product of two large primes. The complexity theory we have studied here and in Chapter 10 enter into the study of security and cryptography in two ways:
1. The construction of public keys requires that we be able to find large primes quickly. It is a basic fact of number theory that the probability of an n-bit number being a prime is on the order of 1/n. Thus, if we had a polynomial-time {in n, not in the value of the prime itself) way to test whether an n-bit number was prime, we could pick numbers at random, test them, and stop when we found one to be prime. That would give us a polynomial-time Las-Vegas algorithm for discovering primes, since the expected number of numbers we have to test before meeting a prime of n bits is about n. For instance, if we want 64-bit primes, we would have to test about 64 integers on the average, although by bad luck we could have to try indefinitely more than that. Unfortunately, there does not appear to be a guaranteed, polynomial-time test for primes, although there is a Monte-Carlo Algorithm that is polynomial-time, as we shall see in Section 11.5,4.
2. The security of RSA-based cryptography depends on there being no polynomial (in the number of bits of the key) way to factor in general, in particular no way to factor a number known to be the product of exactly two large primes. We would be very happy if we could show that the set of primes is an NP-complete language, or even that the set of composite numbers was NP-complete. For then, a polynomial factoring algorithm would prove P = NP, since it would yield polynomial-time tests for both these languages. Alas, we shall see in Section 11.5.5 that both the primes and the composite numbers axe in NP. Since they are complements of each other, should either be NP-complete, it would follow that NP = co-NP, which we doubt is the case. Further, the fact that the set of primes is in RP means that if we could show the primes to be NP-complete then we could conclude RP = co-NP, another unlikely situation.
basic concepts regarding modular arithmetic, that is, the usual arithmetic operations executed modulo some integer,
often a prime. Let p be any integer. The integers modulo p are 0,1,... ,p - 1.
We can define addition and multiplication modulo p to apply only to this set of p integers by performing the ordinary calculation and then computing the remainder when the result is divided by p.
Addition is quite straightforward, since the sum is either less than p, in which case we have nothing additional to do, or it is between p and 2p - 2, in which case we subtract p to get an integer in the range 0,1,... ,p - 1.
Modular addition obeys the usual algebraic laws;
it is commutative, associative, and has 0 as the identity.
Subtraction is still the inverse of addition, and we can compute the modular difference x - у by subtracting as usual, and adding p if the result is below 0.
The negation of x, which is -X, is the same as 0 - x, just as in ordinary arithmetic.
Thus, -0 = 0, and if x ≠ 0, then -x is the same as p - x.
Multiplication modulo p is performed by multiplying as ordinary numbers,
and then taking the remainder of the result divided by p.
Multiplication also satisfies the usual algebraic laws;
it is commutative and associative, 1 is the identity, 0 is the annihilator, and multiplication distributes over addition.
However, division by nonzero values is trickier, and even the existence of inverses for integers modulo p depends on whether or not p is a prime.
In general, if x is one of the integers modulo p, that is, 0 ≤ x < p, then x-1, or 1/x is that number y, if it exists, such that x y = 1 modulo p.
Basic concepts regarding modular arithmetic,
The usual arithmetic operations executed modulo some integer, often a prime.
Let p be any integer. The integers modulo p are 0,1,... ,p - 1.
We can define addition and multiplication modulo p to apply only to this set of p integers by performing the ordinary calculation and then computing the remainder when the result is divided by p.
Addition is quite straightforward, since the sum is either less than p, in which case we have nothing additional to do, or it is between p and 2p - 2, in which case we subtract p to get an integer in the range 0,1,... ,p - 1.
Modular addition obeys the usual algebraic laws;
it is commutative, associative, and has 0 as the identity.
Subtraction is still the inverse of addition, and we can compute the modular difference x - у by subtracting as usual, and adding p if the result is below 0.
The negation of x, which is -X, is the same as 0 - x, just as in ordinary arithmetic. Thus, -0 = 0, and if x ≠ 0, then -x is the same as p - x.
Example 11.22: In Fig. 11.9 we see the multiplication table for the nonzero integers modulo the prime 7.
The entry in row i and column j is the product ij modulo 7. Notice that each of the nonzero integers has an inverse;
2 and 4 are each other’s inverses, so are 3 and 5, while 1 and 6 are their own inverses. That is, 2 x 4, 3 x 5, 1 x 1, and 6 x 6 are all 1.
Thus, we can divide by any nonzero number x/y by computing y-1 and then multiplying x x y-1 For instance, 3/4 = 3x4-1=3x2=6.
Compare this situation with the multiplication table modulo 6.
First, we observe that only 1 and 5 even have inverses;
they are each their own inverse. Other numbers have no inverse.
In addition, there are numbers that are not 0, but whose product is 0, such as 2 and 3.
That situation never occurs for ordinary integer arithmetic, and it never happens when arithmetic is modulo a prime.
There is another distinction between multiplication modulo a prime and modulo a composite number that turns out to be quite important for primality tests.
The degree of a number a modulo p is the smallest positive power of a that is equal to 1.
Return
Example 11.23: Consider again the multiplication table modulo 7 in Fig. 11.9.
The degree of 2 is 3, since 22 = 4, and 23 = 1.
The degree of 3 is 6, since 32 = 2, 33 = 6, 34 = 4, 35 = 5, and 36 = 1.
By similar calculations, we find that 4 has degree 3, 5 has degree 6, б has degree 2, and 1 has degree 1.
There is another distinction between multiplication modulo a prime and modulo a composite number that turns out to be quite important for primality tests.
The degree of a number a modulo p is the smallest positive power of a that is equal to 1.
Go back moluda 7
Before proceeding to the applications of modular arithmetic to primality testing,
We must establish some basic facts about the running time of the essential operations.
Suppose we wish to compute modulo some prime p, and the binary representation of p is n bits long; i.e., p itself is around 2n.
So any computation that Involves p steps, will not be polynomial-time, as a function of n.
However, we can surely add two numbers modulo p in O(n) time on a typical computer or multitape TM. Recall that we simply add the binary numbers, and if the result is p or greater, then subtract p.
Likewise, we can multiply two numbers in O(n2) time, either on a computer or a Turing machine.
After multiplying the numbers in the ordinary way, and getting a result of at most 2n-bits, we divide by p and take the remainder.
As we shall see, an important step is raising x to the power p - 1.
xp-1 (or any other power of x up to p) in time
We shall now discuss how to use randomized computation to find large prime numbers.
More precisely, we shall show that the language of composite numbers is in RP.
Recall Fermat’s theorem tells us that if p is a prime,
then xp-1 modulo p is always 1, It is also a fact that if p is a composite number,
and there is any x at all for which xp-1 modulo p is not 1,
then for at least half the values of x in the range 1 to p-1, we shall find xp-1 ≠ 1.
-
that is one part of the Monte-Carlo requirement,
that if the input is not in the language, then we never accept.
For almost all the composite numbers, at least half the values of x will have xp-1 ≠ 1,
so we have at least 50% chance of acceptance on any one run of this algorithm;
that is the other requirement for an algorithm to be Monte-Carlo.
كارمايكل:
In number theory, a Carmichael number is a composite number which satisfies the modular arithmetic congruence relation:
xn = x modulo n
Fermat’s فيرما
What we have described so far would be a demonstration that the composite numbers are in RP,
if it were not for the existence of a small number of composite numbers с that have xc-1 ≠ 1 modulo c,
for the majority of x in the range 1 to с - 1, in particular for those x that do not share a common prime factor with c.
require us to do another, more complex test to detect that they are composite.
Let us now take up another interesting and significant result about testing primality:
That the language of primes is in NP ∩ co-NP.
Therefore the language of composite numbers, the complement of the primes, is also in NP ∩ co-NP.
The significance of this fact is that it is unlikely to be the case that the primes or the composite numbers are NP-complete, for if either were true then we would have the unexpected equality NP = co-NP.
One part is easy:
The composite numbers are obviously in NP, so the primes are in co-NP. We prove that fact first.
This part is nondeterministic, with all possible values of f being guessed along some sequence of choices.
This part is deterministic and can be carried out in time O(n2) on a multi tape TM.
If p is composite, then it must have at least one factor f other than 1 and p.
The NTM, since it guesses all possible numbers of up to n bits, will in some branch guess f.
That branch leads to acceptance.
Conversely, acceptance by the NTM implies that a factor of p other than 1 or p itself has been found.
Thus, the NTM described accepts the language consisting of all and only the composite numbers.
The number of these tests is O(n), so we can perform them all in a polynomial-time algorithm.
The details of the algorithm, and the proof that it is nondeterministic, polynomial-time, are in the proof of the theorem below.
e.g., if p = 13, then the prime factors of p - 1 = 12 are in the list (2,2,3). This part is nondeterministic, but each branch takes O(n) time.
كما في الجزء المتعلق
Modular complixty
The exponentiations can be done by the efficient method described in Section 11.5.3.
Lastly, we must verify that this nondeterministic algorithm is polynomial-time.
Each of the steps except the recursive step (3) takes time at most O(n4) along any nondeterministic branch.
While this recursion is complicated, we can visualize the recursive calls as a tree suggested by
Fig. 11.11. At the root is the prime p of n bits that we want to verify.
The children of the root are the qj’s, which are the guessed factors of p - 1 that we must also verify are primes.
Below each qj are the guessed factors of qj - 1 that we must verify, and so on, until we get down to numbers of at most 2 bits, which are leaves of the tree.
Since the product of the children of any node is less than the value of the node itself,
we see that the product of the values of nodes at any depth from the root is at most p.
The work required at a node with value i,
exclusive of work done in recursive calls, is at most a(log2 i)4 for some constant a;
the reason is that we determined this work to be on the order of the fourth power
of the number of bits needed to represent that value in binary.
the reason is that we determined this work to be on the order of the fourth power of the number of bits needed to represent that value in binary.
Since the product of the children of any node is less than the value of the node itself, we see that the product of the values of nodes at any depth from the root is at most p. The work required at a node with value i, exclusive of work done in recursive calls, is at most a(log2 i)4 for some constant a;
Thus, to get an upper bound on the work required by any one level, we must maximize the sum ∑ja(log2(ij))4,
subject to the constraint that the product i1i2… is at most p. Because the fourth power is convex, عدسة محدب
the maximum occurs when all of the value is in one of the ij’s . If i1=p, and there are no other ij’s, then the sum is a(log2p)4.
That is at most an4, since n is the number of bits in the binary representation of p, and therefore log2p is at most n.
Our conclusion is that the work required at each depth is at most O(n4). Since there are at most n levels, O(n5) work suffices in any branch of the nondeterministic test for whether p is prime.
Now we know that both the primes and their complement are in NP.
If either were NP-complete, then we would have a proof that NP=co-NP.