- Source: Probable prime
In number theory, a probable prime (PRP) is an integer that satisfies a specific condition that is satisfied by all prime numbers, but which is not satisfied by most composite numbers. Different types of probable primes have different specific conditions. While there may be probable primes that are composite (called pseudoprimes), the condition is generally chosen in order to make such exceptions rare.
Fermat's test for compositeness, which is based on Fermat's little theorem, works as follows: given an integer n, choose some integer a that is not a multiple of n; (typically, we choose a in the range 1 < a < n − 1). Calculate an − 1 modulo n. If the result is not 1, then n is composite. If the result is 1, then n is likely to be prime; n is then called a probable prime to base a. A weak probable prime to base a is an integer that is a probable prime to base a, but which is not a strong probable prime to base a (see below).
For a fixed base a, it is unusual for a composite number to be a probable prime (that is, a pseudoprime) to that base. For example, up to 25 × 109, there are 11,408,012,595 odd composite numbers, but only 21,853 pseudoprimes base 2.: 1005 The number of odd primes in the same interval is 1,091,987,404.
Properties
Probable primality is a basis for efficient primality testing algorithms, which find application in cryptography. These algorithms are usually probabilistic in nature. The idea is that while there are composite probable primes to base a for any fixed a, we may hope there exists some fixed P<1 such that for any given composite n, if we choose a at random, then the probability that n is pseudoprime to base a is at most P. If we repeat this test k times, choosing a new a each time, the probability of n being pseudoprime to all the as tested is hence at most Pk, and as this decreases exponentially, only moderate k is required to make this probability negligibly small (compared to, for example, the probability of computer hardware error).
This is unfortunately false for weak probable primes, because there exist Carmichael numbers; but it is true for more refined notions of probable primality, such as strong probable primes (P = 1/4, Miller–Rabin algorithm), or
Euler probable primes (P = 1/2, Solovay–Strassen algorithm).
Even when a deterministic primality proof is required, a useful first step is to test for probable primality. This can quickly eliminate (with certainty) most composites.
A PRP test is sometimes combined with a table of small pseudoprimes to quickly establish the primality of a given number smaller than some threshold.
Variations
An Euler probable prime to base a is an integer that is indicated prime by the somewhat stronger theorem that for any prime p, a(p−1)/2 equals
(
a
p
)
{\displaystyle ({\tfrac {a}{p}})}
modulo p, where
(
a
p
)
{\displaystyle ({\tfrac {a}{p}})}
is the Jacobi symbol. An Euler probable prime which is composite is called an Euler–Jacobi pseudoprime to base a. The smallest Euler-Jacobi pseudoprime to base 2 is 561.: 1004 There are 11347 Euler-Jacobi pseudoprimes base 2 that are less than 25·109.: 1005
This test may be improved by using the fact that the only square roots of 1 modulo a prime are 1 and −1. Write n = d · 2s + 1, where d is odd. The number n is a strong probable prime (SPRP) to base a if:
a
d
≡
1
(
mod
n
)
,
{\displaystyle a^{d}\equiv 1{\pmod {n}},\;}
or
a
d
⋅
2
r
≡
−
1
(
mod
n
)
for some
0
≤
r
≤
s
−
1.
{\displaystyle a^{d\cdot 2^{r}}\equiv -1{\pmod {n}}{\text{ for some }}0\leq r\leq s-1.\,}
A composite strong probable prime to base a is called a strong pseudoprime to base a. Every strong probable prime to base a is also an Euler probable prime to the same base, but not vice versa.
The smallest strong pseudoprime base 2 is 2047.: 1004 There are 4842 strong pseudoprimes base 2 that are less than 25·109.: 1005
There are also Lucas probable primes, which are based on Lucas sequences. A Lucas probable prime test can be used alone. The Baillie–PSW primality test combines a Lucas test with a strong probable prime test.
= Example of testing for a strong probably prime
=To test whether 97 is a strong probable prime base 2:
Step 1: Find
d
{\displaystyle d}
and
s
{\displaystyle s}
for which
96
=
d
⋅
2
s
{\displaystyle 96=d\cdot 2^{s}}
, where
d
{\displaystyle d}
is odd
Beginning with
s
=
0
{\displaystyle s=0}
,
d
{\displaystyle d}
would be
96
{\displaystyle 96}
Increasing
s
{\displaystyle s}
, we see that
d
=
3
{\displaystyle d=3}
and
s
=
5
{\displaystyle s=5}
, since
96
=
3
⋅
2
5
{\displaystyle 96=3\cdot 2^{5}}
Step 2: Choose
a
{\displaystyle a}
,
1
<
a
<
97
−
1
{\displaystyle 1
. We will choose
a
=
2
{\displaystyle a=2}
.
Step 3: Calculate
a
d
mod
n
{\displaystyle a^{d}{\bmod {n}}}
, i.e.
2
3
mod
9
7
{\displaystyle 2^{3}{\bmod {9}}7}
. Since it isn't congruent to
1
{\displaystyle 1}
, we continue to test the next condition
Step 4: Calculate
2
3
⋅
2
r
mod
9
7
{\displaystyle 2^{3\cdot 2^{r}}{\bmod {9}}7}
for
0
≤
r
<
s
{\displaystyle 0\leq r
. If it is congruent to
96
{\displaystyle 96}
,
97
{\displaystyle 97}
is probably prime. Otherwise,
97
{\displaystyle 97}
is definitely composite
r
=
0
:
2
3
≡
8
(
mod
97
)
{\displaystyle r=0:2^{3}\equiv 8{\pmod {97}}}
r
=
1
:
2
6
≡
64
(
mod
97
)
{\displaystyle r=1:2^{6}\equiv 64{\pmod {97}}}
r
=
2
:
2
12
≡
22
(
mod
97
)
{\displaystyle r=2:2^{12}\equiv 22{\pmod {97}}}
r
=
3
:
2
24
≡
96
(
mod
97
)
{\displaystyle r=3:2^{24}\equiv 96{\pmod {97}}}
Therefore,
97
{\displaystyle 97}
is a strong probable prime base 2 (and is therefore a probable prime base 2).
See also
Provable prime
Baillie–PSW primality test
Euler–Jacobi pseudoprime
Lucas pseudoprime
Miller–Rabin primality test
Perrin primality test
Carmichael number
External links
The prime glossary – Probable prime
The PRP Top 10000 (the largest known probable primes)
References
Kata Kunci Pencarian:
- Nikol Pashinyan
- Naoya Inoue
- Daftar startup Y Combinator
- Baptis selam
- Probable prime
- List of largest known primes and probable primes
- List of prime numbers
- Miller–Rabin primality test
- Lucas pseudoprime
- Repunit
- Mersenne prime
- Primality test
- Pseudoprime
- Megaprime