Fermat’s Little Theorem (2/24) Theorem (flt). If p is prime and GCD(a, p) = 1, then a p – 1  1 (mod p). Again, this says that in a mod p congruence, we.

Slides:



Advertisements
Similar presentations
The Euler Phi-Function Is Multiplicative (3/3)
Advertisements

WS Algorithmentheorie 03 – Randomized Algorithms (Primality Testing) Prof. Dr. Th. Ottmann.
Cryptography and Network Security
Chapter 8 – Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other.
Computability and Complexity
Chapter 8 Introduction to Number Theory. Prime Numbers prime numbers only have divisors of 1 and self –they cannot be written as a product of other numbers.
The Fundamental Theorem of Arithmetic (2/12) Definition (which we all already know). A number greater than 1 is called prime if its only divisors are 1.
COM 5336 Cryptography Lecture 7a Primality Testing
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
Induction and recursion
Great Theoretical Ideas in Computer Science.
Congruence class arithmetic. Definitions: a ≡ b mod m iff a mod m = b mod m. a  [b] iff a ≡ b mod m.
Probabilistic Complexity. Probabilistic Algorithms Def: A probabilistic Turing Machine M is a type of non- deterministic TM, where each non-deterministic.
Elementary Number Theory and Methods of Proof. Basic Definitions An integer n is an even number if there exists an integer k such that n = 2k. An integer.
Inverses and GCDs Supplementary Notes Prepared by Raymond Wong
Copyright © Zeph Grunschlag,
Announcements: HW3 updated. Due next Thursday HW3 updated. Due next Thursday Written quiz tomorrow on chapters 1-2 (next slide) Written quiz tomorrow on.
Chapter 8 – Introduction to Number Theory Prime Numbers  prime numbers only have divisors of 1 and self they cannot be written as a product of other numbers.
CSE 321 Discrete Structures Winter 2008 Lecture 8 Number Theory: Modular Arithmetic.
Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.
Chapter 8 – Introduction to Number Theory Prime Numbers
Chapter 8 – Introduction to Number Theory Prime Numbers  prime numbers only have divisors of 1 and self they cannot be written as a product of other numbers.
Dan Boneh Intro. Number Theory Modular e’th roots Online Cryptography Course Dan Boneh.
CSE 321 Discrete Structures Winter 2008 Lecture 10 Number Theory: Primality.
The Integers and Division

Proof of Euler-Fermat (2/28) Here’s an outline of the proof of the Euler-Fermat Theorem, which mirrors the proof of flt. Given any m, let B = {b i | 0.
Upcoming MA 214 Schedule (2/21) The mid-term exam will be entirely take-home (with very specific “ground rules”). It will be handed out on Wednesday March.
CS 312: Algorithm Analysis Lecture #4: Primality Testing, GCD This work is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License.Creative.
MA/CSSE 473 Day 08 Randomized Primality Testing Carmichael Numbers Miller-Rabin test.
PRIMES is in P Manindra Agrawal NUS Singapore / IIT Kanpur.
Cyclic Groups (9/25) Definition. A group G is called cyclic if there exists an element a in G such that G =  a . That is, every element of G can be written.
Modular Arithmetic with Applications to Cryptography Lecture 47 Section 10.4 Wed, Apr 13, 2005.
CS 312: Algorithm Analysis Lecture #4: Primality Testing, GCD This work is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License.Creative.
By MUHAMMAD YUSRAN BASRI MATH ICP B Many early writers felt that the numbers of the form 2 n -1 were prime for all primes n, but in 1536 Hudalricus.
The Euler-Fermat Theorem Our text calls this “Euler’s Formula”, but I prefer the above name, giving due credit to Fermat. Obvious question: Can Fermat’s.
Cosets and Lagrange’s Theorem (10/28)
Tuesday’s lecture: Today’s lecture: One-way permutations (OWPs)
Computing k th Roots Quickly (4/4) Via the Fast Exp algorithm, we know we can quickly compute large powers of large numbers modulo large numbers. What.
Congruences (2/17) If m (the modulus) is positive and if a and b are integers, then we say a is congruent to b mod m, writing a  b (mod m), provided that.
Application: Algorithms Lecture 20 Section 3.8 Wed, Feb 21, 2007.
Prime Numbers (3/17 ) We all know what a prime number is. Theorem (Euclid). There are infinitely many primes. Euclid’s original proof idea can be stated.
6.3 Primality Testing. p2. (1) Prime numbers 1. How to generate large prime numbers? (1) Generate as candidate a random odd number n of appropriate size.
MA/CSSE 473 Day 10 Primality Testing. MA/CSSE 473 Day 10 In-class exam: Friday, Sept 28 –You may bring a two-sided 8.5x11 inch piece of paper containing.
MA/CSSE 473 Day 09 Modular Division Revisited Fermat's Little Theorem Primality Testing.
CS480 Cryptography and Information Security
L131 Exponential Inverses Finding modular inverses is good enough for decoding simple modular cryptography. However, in RSA encryption consists of exponentiating.
Chapter 9.1. Factoring a number  Objective NCSCOS 1.01 – Write equivalent forms of algebraic expressions to solve problems  Students will know how to.
Karl Heimbuck Dr. Siguna Mueller Department of Mathematics EPSCoR/Honors Program Using Lucas Sequences in Primality Testing.
MA/CSSE 473 Day 9 Primality Testing Encryption Intro.
Perfect Numbers (3/26) Definition. A number is called perfect if it is equal to the sum of its proper divisors. Examples: 6 and 28 are the first two (check!).
Revision. Cryptography depends on some properties of prime numbers. One of these is that it is rather easy to generate large prime numbers, but much harder.
Dr Nazir A. Zafar Advanced Algorithms Analysis and Design Advanced Algorithms Analysis and Design By Dr. Nazir Ahmad Zafar.
MA/CSSE 473 Day 07 Extended Euclid's Algorithm Modular Division
MA/CSSE 473 Day 08 Randomized Primality Testing Carmichael Numbers
Chapter Applications of Number Theory Some Useful Results
Probabilistic Algorithms
Great Theoretical Ideas in Computer Science
Advanced Algorithms Analysis and Design
Handbook of Applied Cryptography - CH4, from 4.1~4.3
Congruence class arithmetic
Advanced Algorithms Analysis and Design
MA/CSSE 473 Day 08 Randomized Primality Testing Carmichael Numbers
Number Theory (Chapter 7)
Copyright © Cengage Learning. All rights reserved.
Induction and recursion
Application: Algorithms
Cryptography Lecture 19.
From the last time: gcd(a, b) can be characterized in two different ways: It is the least positive value of ax + by where x and y range over integers.
Presentation transcript:

Fermat’s Little Theorem (2/24) Theorem (flt). If p is prime and GCD(a, p) = 1, then a p – 1  1 (mod p). Again, this says that in a mod p congruence, we can reduce exponents by p – 1. Why? If n = k(p – 1) + r, then a n = a k(p – 1) + r = (a p – 1 ) k a r  1 k a r = a r (mod p), where the congruence is by the theorem. The proof of flt requires the following: Lemma. If GCD(a, p) =1, then the set of numbers {a, 2a, 3a,..., (p – 1)a}, after all are reduced mod p, is just a rearrangement of the set of numbers {1, 2, 3,..., p – 1). Example: Let p = 7 and let a = 3, then the set is {3, 6, 9, 12, 15, 18}  {3, 6, 2, 5, 1, 4} (mod 7)

Proof of flt a and p are as above. If we take the elements of the reduced set {a, 2a, 3a,..., (p – 1)a} and multiply them all together, we know we get 1  2  3 ...  (p – 1) = (p – 1)! That is, a  2a  3a ...  (p – 1)a  (p – 1)! (mod p). How many a’s are there here? Factoring out the a’s, we get a p – 1 (p – 1)!  (p – 1)! (mod p). But finally, (p – 1)! is relatively prime to p (why?), so can cancel it!! We arrive at a p – 1  1 (mod p). 

A Test for Compositeness Fermat’s Little Theorem gives us a way to verify that a number is composite without factoring it! Suppose n is some odd number and we’d like to know if it’s composite, but we’re having trouble factoring it. Well, compute 2 n –1 (mod n). What if the answer is not 1? Example. I wonder if is prime? Using a computer, I find that  (mod ). Conclusion? In fact = 571  659, which is why I had trouble factoring it. It turns out there are fast algorithms for computing powers to a modulus, but no known fast algorithms for factoring!

But flt Is NOT “if and only if” Unfortunately the converse of flt is not true, i.e., if GCD(a, n) = 1 and if a n – 1  1 (mod n), we CANNOT conclude that n is prime! The smallest counterexample with a base of 2 is 341. That is,  1 (mod 341), BUT 341 is not prime (in fact, 341 = 11  31). Bummer! 341 is called a 2-pseudoprime (i.e., “false prime with respect to base 2”). There are in fact infinitely many. The smallest 3-pseudoprime is 91. Etc. Really disturbing: A Carmichael number is a k-pseudoprime for every base k to which it is relatively prime. 561 is the smallest. There are infinitely many!!

Assignment for Wednesday Fully absorb these slides and all of Chapter 9. We will not pursue pseudoprimes and Carmichael numbers further in this course, but if you’re interested, there are lots of things to study, including Chapter 19 in our text. Do Exercises 9.2 and 9.4.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.