Miller_rabin prime number test [Fermat Theorem] [quadratic probe theorem] [same remainder formula] [Wilson Theorem]

Partially referenced from:

Http://blog.csdn.net/fisher_jiang/article/details/986654

Most of the references are from:

Http://www.matrix67.com/blog/archives/234

From scratch ~

Same formula
Definition of the same formula

If the difference between two positive integers A and B can be divisible by N, we will say that A and B share the same modulus n as a between B (mod N)

Same-remainder operation

+-* Yes. Note the following when:

1. If C and N are mutually qualitative, A/C then B/c (mod n) simple explanation:If AC ≡ BC (mod m) and C and M are mutually dependent, A ≡ B (mod m)(That is to say, the two sides of the same formula can be divided by one and the number of modules in each other ).
   Proof: The condition tells us that ac-MP = BC-MQ and the transfer item can be Ac-BC = MP-MQ, that is, (a-B) C = m (p-Q ). This indicates that (a-B) C must contain the Factor M, but C and M are mutually qualitative, so only a-B may be divisible by M, that is, a then B (mod m ). [Matrix67]
2. If A/C contains B/C (mod N), C and N are not necessarily mutually compatible. counterexample: 4-64 (mod 10) divided by c = 2 (n = 10) 2-32 (mod 10)

Wilson's Theorem

When and only when P is a prime number: (p-1 )! Interval-1 (mod P ).

In short, the number between {2 .. P-2} can be paired by two. The product is the same as the 1-module p.

Therefore, the concatenation part can be changed to 1, with only 1 * (PM) left. The last formula is used to verify the result.

[But why can we pair them? I haven't understood it yet. I'll understand it later.]

WilsonThe theorem has a high theoretical value. However, the actual calculation amount required for prime number testing is too large to test the large prime number. So far, no effective deterministic algorithm for prime number testing has been found.

Fermat Theorem

The famous ferma's small theorem provides a powerful tool for prime number determination.

Ferma's theorem:If P is a prime number and (0 <A <p ),

It is easy to prove.

Euler's Theorem

Euler extends this theorem, which is called Euler's theorem. In some cases, it is called Euler's extension of Fermat's theorem. In the Euler's theorem, a function f (m) is used to represent the number of integers smaller than M and M (the two numbers have only a common approx. 1 is called an interol ). For convenience, we usually use the mark (m) to represent this function (known as the Euler function ).

Euler points out that if a and m are mutually unique

We can see that when M is a prime number, Phi (m) is equal to m-1 (all positive integers smaller than m are mutually prime with m), so it is a promotion of Fermat's theorem. The proof of the theorem is almost the same as that of the Fermat small theorem, but the formula to be considered becomes the product of all numbers of M-Prime:

Fermat prime number Test

Someone discovered this in 1819.Inverse Proposition of Fermat TheoremThe first counterexample: although the power of 2 is 340 divided by 341 and more than 1, 341 = 11*31. Later, it was discovered that the inverse proposition of the Fermat theorem at the time of a = 2 was not true even when the number of 561,645,110 equals. People call all the Union numbers that can divide 2 ^ (n-1)-1 as Pseudo Prime ).

N that is not satisfied must not be a prime number. If n is satisfied, it is mostly a prime number. In this way, a more efficient method for determining the prime number than the Trial Division appears: Create a Pseudo Prime Number table and record all the Pseudo Prime numbers in a certain range, then, all the satisfied and not in the Pseudo Prime Number table, n is the prime number. This method is faster because we can use the binary method to quickly calculate the value (Fast Power ).

However, when the Pseudo Prime Number table is not used, the algorithm error probability is too high and needs to be improved.

We only considered the case of a = 2. A sum may pass the test when a = 2, but the calculation result when a = 3 does exclude the possibility of prime numbers. Therefore, the definition of Pseudo Prime numbers has been extended, and the number n that satisfies a ^ (n-1) mod n = 1 is calledPseudo Prime to base).

Randomly select a number of positive integers smaller than the number to be tested as the base number A for several tests. If one test fails, the number is immediately thrown back to the combined number world. This isFermat Testing.

Ferma's TheoremAfter all, it is only a necessary condition for determining prime numbers. the integer n that satisfies the condition of the Fermat theorem is not necessarily a prime number. some operators also meet the condition of the ferma theorem ***. these are called Carmichael numbers. The first three Carmichael numbers are 561,1105, 1729.
The number of Carmichael is very small. In 1 ~ Of the integers in the range of 100000000, there are only 255 Carmichael numbers.

* ** The premise of the Fermat theorem is that a and n are mutually qualitative. When N itself is a prime number, if a <n, then a and n are always mutually Prime. If n is not a prime number, if a and n are not mutually Prime, The Fermat Theorem cannot be used. That is to say, the Carmichael number should exclude the absence of A and N.

Use the followingQuadratic probe TheoremThe above prime number determination algorithm can be further improved to avoid the Carmichael number as a prime number.

Optimization of the quadratic probe theorem of miller_rabin prime number Testing Algorithm

The work of Miller and Rabin brought a revolutionary step to the Fermat kernel test and established the Miller-Rabin kernel test algorithm. The new test is based on the following theorem:

If P is a prime number and X is a positive integer smaller than P, then either x = 1 or X = p-1.

This is obvious, because it is equivalent to P divisible, that is, P divisible (x + 1) (x-1 ).

Since P is a prime number, it is only possible that the X-1 can be divisible by P (at this time x = 1) or x + 1 can be divisible by P (at this time x = PM ).

The following example shows how the theorem is applied to the Fermat test. As mentioned above, 341 can pass a 2-based Fermat test, because 2 ^ 340 mod 341 = 1. If 341 is a prime number, 2 ^ 170mod 341 may only be 1 or 340. If 2 ^ 170 mod 341 is equal to 1, we can continue to view the result of dividing 2 ^ 85 by 341. We found that 2 ^ 85 mod 341 = 32, this result removed the prime number crown on the head of 341.

This is Miller-Rabin's method for the testing of the kernel. Constantly extract factor 2 from the exponent N-1 and express n-1 as (where D is an odd number ). Then what we need to calculate is the remainder divided by N. Therefore, it must be equal to 1 or n-1. If it is equal to 1, the theorem continues to apply, so that we can continue to open the square until a certain I is satisfied or 2 in the final index is used up.In this way, the Fermat theorem is enhanced in the following form:

Extract factor 2 as much as possible and express n-1 as if n is a prime number, or if there is an I
(0 <= I <R) (note that I can be equal to 0, which will unify the situation to the end)

Miller-Rabin is also an uncertain algorithm. We call the sum of Miller-Rabin tests based on A as the base-strong Pseudo Prime (strong Pseudo Prime ). The first base-2 strong Pseudo Prime Number is 2047. The first strong Pseudo Prime Number base on 2 and 3 is as large as 1 373 653.
The code of the Miller-Rabin algorithm is also very simple: Calculate the values of D and R (bitwise operations can be used to accelerate, that is, fast product, and fast power), and then calculate the value of binary calculation, finally, it is squared to R times.

/* Corresponds to hoj 1356 prime judge */# include <cstdio> # define MT 5 using namespace STD; typedef long ll; int prime [] = {2, 3, 7, 61,242 51}; inline ll mulmod (ll a, LL B, ll K) {// * indicates the core statement/* // a % = K; // B % = K; If (B <0) {// convert B to positive A =-A; B =-B;} ll Re = 0, temp = A; // Re is the final result, and temp maintains a loop. when re needs temp, add it. Otherwise, temp continues to multiply while (B) {If (B & 1) RE + = temp; // binary thought, you need to add * // RE % = K; B> = 1; // the next bit is waiting for detection ** t EMP <= 1; // temp always gets tired *** // TEMP % = K;} return RE % K; * // * actually, using the above functions in hoj 1356 is a battle (mod is too many times ...) ~ The following method should be used:... */Return (A * B) % K; //-_-B} // at this time, there is no need to re-model, so only the core statement ~ Fast Power and fast product are both binary ideas. The core is the same inline ll powermod (ll a, LL B, ll K) {ll Re = 1, temp = A; while (B) {If (B & 1) Re = mulmod (Re, temp, k); // just convert "add" into answer to "Multiply" into answer temp = mulmod (temp, temp, k); B >>= 1;} return re;} int twicedetect (ll a, LL B, ll K) {int T = 0; ll X, Y; while (B & 1) = 0) {B> = 1; t ++;} // B = D * 2 ^ t; B = D; y = x = powermod (a, B, k); // X = y = a ^ d % N // The Quadratic test theorem is reversely recursive, of course, the following positive iteration method can also be used for testing. Try while (t --) {Y = mulmod (x, x, k); If (y = 1 & X! = 1 & X! = K-1) // Note Y! When it is set to 1, no judgment is made, that is, return 0; // The result of X = p-1 in a certain link in recursion is meaningless to the X operator, however, the iteration cannot be break, but ignore can only continue. X = y; // continue to the previous iteration. At least the last iteration should be equal to 1 (Fermat theorem)} return y;} bool miller_rabin (ll n) {int I; ll TMP; for (I = 0; I <MT; I ++) {TMP = prime [I]; If (n = prime [I]) return true; If (twicedetect (TMP, n-1, n )! = 1) break;} return (I = MT);} int main () {ll N; while (scanf ("% LLD", & n) = 1) {If (n> 1) & miller_rabin (N) {printf ("Yes \ n") ;}else {printf ("NO \ n ");}} return 0 ;}

Miller-Rabin is currently the most widely used algorithm for the determination of large numbers. Generally, the base number is still randomly selected, but when the number of tests is not large, there are some tips to select the base number. For example, if the number to be tested is less than 4 759 123 141, you only need to test three bases 2, 7, and 61. Of course, the more you test, the larger the correct range. If you use the first seven prime numbers (2, 3, 5, 7, 11, 13, and 17) each time, all the numbers that do not exceed 341 550 071 728 320 are correct. If the base number is 2, 3, 7, 61, and 24251, the unique strong Pseudo Prime Number in 10 ^ 16 is 46 856.
248 255 981. These conclusions make the Miller-Rabin algorithm very useful in Oi. It is generally believed that the accuracy rate of Miller-Rabin testing is acceptable. The loss rate of the random selection of K bases for testing is approximately 4 ^ (-K ).

Partially referenced from:

Http://blog.csdn.net/fisher_jiang/article/details/986654

Most of the references are from:

Http://www.matrix67.com/blog/archives/234