Rabin Miller Primality Test

Motivation
Algorithm
Conclusion
References
Rabin Miller Probabilistic Primality Test

Akhilesh Chaganti,Shauddin Rehan Ahmed Gautham Raj G,Pattabi Ramiah
Indian Institute of Technology Hyderabad
November 29, 2010
A -Typeset by LTEX-
Motivation
Algorithm
Conclusion
References
Contents
1
Motivation
Cryptography - Encryption mechanisms The properties of numbers The element of randomization
Motivation
Algorithm
Conclusion
References
Contents
1
Motivation
Algorithm
denition Interpretation of the algorithm Pseudocode Expected Running Time Error Bounds Implementation Witnessing and Non Witnessing
Motivation
Algorithm
Conclusion
References
Contents
1
Motivation
Algorithm
Conclusion
Motivation
Algorithm
Conclusion
References
Contents
1
Motivation
Algorithm
3 4
Conclusion References
Motivation
Algorithm
Conclusion
References
Cryptography - Encryption mechanisms

Cryptography is a very important and heavily growing branch of computer science which is based on number theory. The famous problem of this eld is the public key encryption mechanisms which is used extensively in network security.
Motivation
Algorithm
Conclusion
References

Cryptography is a very important and heavily growing branch of computer science which is based on number theory. The famous problem of this eld is the public key encryption mechanisms which is used extensively in network security. The main way of implementing this encryption mechanism is to introduce the notion of a one-way function. It can interpreted as a function which is easy to compute and very hard to compute back its inverse.
Motivation
Algorithm
Conclusion
References

Cryptography is a very important and heavily growing branch of computer science which is based on number theory. The famous problem of this eld is the public key encryption mechanisms which is used extensively in network security. The main way of implementing this encryption mechanism is to introduce the notion of a one-way function. It can interpreted as a function which is easy to compute and very hard to compute back its inverse. An important implementation of the public key encryption system is based on a conjecture of multiplying two prime numbers as a one way function
Motivation
Algorithm
Conclusion
References
The properties of numbers

Till date it is observed that the multiplication of two very large prime numbers is almost a one-way process i.e. it is easy to get the product of numbers but computing the prime factors for a given (large) number is hard. This provides motivation for the primality testing of a (large) number which can be inturn used in encryption mechanisms.
Motivation
Algorithm
Conclusion
References

Till date it is observed that the multiplication of two very large prime numbers is almost a one-way process i.e. it is easy to get the product of numbers but computing the prime factors for a given (large) number is hard. This provides motivation for the primality testing of a (large) number which can be inturn used in encryption mechanisms. Is the problem of primality testing easy (deterministic polynomial time algorithm)??
Motivation
Algorithm
Conclusion
References

Till date it is observed that the multiplication of two very large prime numbers is almost a one-way process i.e. it is easy to get the product of numbers but computing the prime factors for a given (large) number is hard. This provides motivation for the primality testing of a (large) number which can be inturn used in encryption mechanisms. Is the problem of primality testing easy (deterministic polynomial time algorithm)?? Yes. In 2002, 3 Indians(@ IIT Kanpur) proposed an algorithm (The AKS algorithm) which tests the primality of the given number n in 15 the order of O(log 2 n)
Motivation
Algorithm
Conclusion
References

Till date it is observed that the multiplication of two very large prime numbers is almost a one-way process i.e. it is easy to get the product of numbers but computing the prime factors for a given (large) number is hard. This provides motivation for the primality testing of a (large) number which can be inturn used in encryption mechanisms. Is the problem of primality testing easy (deterministic polynomial time algorithm)?? Yes. In 2002, 3 Indians(@ IIT Kanpur) proposed an algorithm (The AKS algorithm) which tests the primality of the given number n in 15 the order of O(log 2 n) NOTE: The standard measure of the complexity of the number theoritic algorithms is reered to bit complexity.
Motivation
Algorithm
Conclusion
References
The element of randomization
Since, there is no real time ecient algorithm for primality testing we see the need for randomization.There are several randomized algorithms testing primality of number with certain condence (with a controllably small probability of error.)
Motivation
Algorithm
Conclusion
References
The element of randomization
Since, there is no real time ecient algorithm for primality testing we see the need for randomization.There are several randomized algorithms testing primality of number with certain condence (with a controllably small probability of error.) One such algorithm is Rabin Miller Probabilistic Primality test.
Motivation
Algorithm
Conclusion
References
Rabin-Miller Primality Test
Definition Given (b,n), where n is the number to test for the primality, and b is randomly chosen from Zn -{0}. Let n-1 = 2q m, where m is an odd integer. if either b m 1(mod n) or there is an integer i in [0,q-1] such that b m2 -1(mod n) then return probabily prime else return composite NOTE : Rabin-Miller is a Monte Carlo algorithm: there is a nonzero probability of error.
i
Motivation
Algorithm
Conclusion
References
Interpretation of the Algorithm

The algorithm enables one to probabilistically test the primality of a number n as follows: If n fails the test(i.e. results in n is composite) for any b in [1,n-1] then n is denitely composite (although, interestingly, no factor is provided by the algorithm). A composite number has at most 1 chance in 4k of passing all k of a series of k tests, where b is chosen randomly from [ 1 , n - 1 ] for each test. Therefore, if a suspected prime, n, passes k of k tests, we can conclude with a certainty of at least 1 (1/4)k that n is prime. NOTE: Rabin-Miller Test is co-RP-algorithm for testing the primality of the given number PRIMES co-RP
Motivation
Algorithm
Conclusion
References
Pseudocode
Pseudocode Input: n 4, an odd integer to be tested for primality; Input: k, a parameter that determines the accuracy of the test Output: composite if n is composite, otherwise probably prime write n 1 as 2s d with d odd by factoring powers of 2 from n 1 LOOP: repeat k times: pick a randomly in the range [2, n 2] x ad mod n if x = 1 or x = n 1 then do next LOOP for r = 1 .. s1 x x 2 mod n if x = 1 then return composite if x = n 1 then do next LOOP return composite return probabily prime
Motivation
Algorithm
Conclusion
References
Expected Running Time
Running Time Using modular exponentiation by repeated squaring, the running time of this algorithm is O(k log 3 n), where k is the number of dierent values of a we test; thus this is a reasonably ecient polynomial-time algorithm when compared the deterministic one.
Motivation
Algorithm
Conclusion
References
Coming back to the bound. . .
The algorithm enables one to probabilistically test the primality of a number n as follows: If n fails the test(i.e. results in n is composite) for any b in [1,n-1] then n is denitely composite (although, interestingly, no factor is provided by the algorithm). A composite number has at most 1 chance in 4k of passing all k of a series of k tests, where b is chosen randomly from [ 1 , n - 1 ] for each test. Therefore, if a suspected prime, n, passes k of k tests, we can conclude with a certainty of at least 1 (1/4)k that n is prime.
Motivation
Algorithm
Conclusion
References
Implementation on a known prime
We will now demonstrate this algorithm on a number that we denitely know is prime. Lets take n = 29.
Motivation
Algorithm
Conclusion
References
We will now demonstrate this algorithm on a number that we denitely know is prime. Lets take n = 29. So n-1 = 28, which can be written as 22 .7 So, here q = 2 and m = 7. Take b = 10.
Motivation
Algorithm
Conclusion
References
We will now demonstrate this algorithm on a number that we denitely know is prime. Lets take n = 29. So n-1 = 28, which can be written as 22 .7 So, here q = 2 and m = 7. Take b = 10. Applying the algorithm 107 17 (mod 29) which is not congruent to 1 or -1. So,we continue the test.
Motivation
Algorithm
Conclusion
References
We will now demonstrate this algorithm on a number that we denitely know is prime. Lets take n = 29. So n-1 = 28, which can be written as 22 .7 So, here q = 2 and m = 7. Take b = 10. Applying the algorithm 107 17 (mod 29) which is not congruent to 1 or -1. So,we continue the test. (107 )2 -1(mod 29) Inconclusive state
Motivation
Algorithm
Conclusion
References
Implementation on a known composite

We will now demonstrate this algorithm on a number that we denitely know is composite. Lets take n = 13 7 = 221.
Motivation
Algorithm
Conclusion
References

We will now demonstrate this algorithm on a number that we denitely know is composite. Lets take n = 13 7 = 221. n-1 = 220 = 22 55, here q = 2 and m = 55. Take b = 5.
Motivation
Algorithm
Conclusion
References

We will now demonstrate this algorithm on a number that we denitely know is composite. Lets take n = 13 7 = 221. n-1 = 220 = 22 55, here q = 2 and m = 55. Take b = 5. Applying this algorithm for i = 0, 555 112 (mod 221) = 1 or -1 (mod 221). So, lets take i = 1, (555 )2 168 (mod 221) = -1 (mod 221)
Motivation
Algorithm
Conclusion
References

We will now demonstrate this algorithm on a number that we denitely know is composite. Lets take n = 13 7 = 221. n-1 = 220 = 22 55, here q = 2 and m = 55. Take b = 5. Applying this algorithm for i = 0, 555 112 (mod 221) = 1 or -1 (mod 221). So, lets take i = 1, (555 )2 168 (mod 221) = -1 (mod 221) After using all the values of i, we are still in a false case. So we can denitely say its a composite number.
Motivation
Algorithm
Conclusion
References

We will now demonstrate this algorithm on a number that we denitely know is composite. Lets take n = 13 7 = 221. n-1 = 220 = 22 55, here q = 2 and m = 55. Take b = 5. Applying this algorithm for i = 0, 555 112 (mod 221) = 1 or -1 (mod 221). So, lets take i = 1, (555 )2 168 (mod 221) = -1 (mod 221) After using all the values of i, we are still in a false case. So we can denitely say its a composite number. However, if b = 21. Then (21)55 200 (mod 221) which is not congruent to 1 or -1. So we continue the test. We obtain (2155 )2 -1 (mod 221) That is for a composite number 221 which is inconclusive.
Motivation
Algorithm
Conclusion
References

We will now demonstrate this algorithm on a number that we denitely know is composite. Lets take n = 13 7 = 221. n-1 = 220 = 22 55, here q = 2 and m = 55. Take b = 5. Applying this algorithm for i = 0, 555 112 (mod 221) = 1 or -1 (mod 221). So, lets take i = 1, (555 )2 168 (mod 221) = -1 (mod 221) After using all the values of i, we are still in a false case. So we can denitely say its a composite number. However, if b = 21. Then (21)55 200 (mod 221) which is not congruent to 1 or -1. So we continue the test. We obtain (2155 )2 -1 (mod 221) That is for a composite number 221 which is inconclusive. We call such a base a non-witness to the compositeness of 221.
Motivation
Algorithm
Conclusion
References
Witnessing and non witnessing bases
Non-Witness The base b in [1,n-1] results in inconclusive for a composite number, then b is a non-witness to the compositness of n. example For 221, we have six non-witnesses namely 1 , 21 , 47 , 174 , 200 and 220. We denote number of non-witnesses of n by nw(n). So, in our example nw(221) = 6.
Motivation
Algorithm
Conclusion
References
Rabin stated that the number witness to compostiness has a lower bound. Theorem If n > 4 is composite, then the number of bases, b, in [1, n-1] such that b is a witness to the compositeness of n is at least 3 (n-1) / 4. The following corollary describing the upper bound on non-witnesses to compositeness follows directly from theorem 1. Corollary If n > 4 is composite then at most (n-1) / 4 of the bases, b, in [1, n-1] are non-witnesses to the compositeness of n. Thus, we can get a bound on probability of passing the statement false, even when the number is actually composite as 1/4.
Motivation
Algorithm
Conclusion
References
Conclusion
conclusions and Remarks Although, there are number of primality tests, Rabin-Miller test is the most commonly used. Compared to any other test which provides the condence as much as Rabin-Miller test, it is the test which can be implemented with ease and that to in O(n3 ) Rabin-Miller test also produces pseudo primes but not absolute pseudo primes like Fermat and Euler tests for primality. So denitely better than the above test There are also deterministic variants of the test assuming the truth of unproven Generalized Riemann Hypothesis.
Motivation
Algorithm
Conclusion
References
References
[Motwani R.,Raghavan P.] Randomized Algorithms , ISBN 0-521-61390-6 [Brian C. Higgins] The Rabin-Miller Primality Test : Some results on number of non-witnesses to compositeness. [Rabin Miller Primality test] http://en.wikipedia.org/

Rabin Miller Primality Test

Caricato da

Informazioni sul documento

Descrizione originale:

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Rabin Miller Primality Test

Caricato da

Copyright:

Formati disponibili

Motivation

Rabin Miller Probabilistic Primality Test

November 29, 2010

Cryptography - Encryption mechanisms

Cryptography - Encryption mechanisms

Cryptography - Encryption mechanisms

The properties of numbers

The properties of numbers

The properties of numbers

The properties of numbers

The element of randomization

The element of randomization

Rabin-Miller Primality Test

Interpretation of the Algorithm

Expected Running Time

Coming back to the bound. . .

Implementation on a known prime

Implementation on a known prime

Implementation on a known prime

Implementation on a known prime

Implementation on a known composite

Implementation on a known composite

Implementation on a known composite

Implementation on a known composite

Implementation on a known composite

Implementation on a known composite

Witnessing and non witnessing bases

Potrebbero piacerti anche