\documentclass[11pt]{article} \usepackage{fullpage} \usepackage{epic} \usepackage{eepic} \usepackage{psfig} %\newcommand{\proof}[1]{ %{\noindent {\it Proof.} {#1} \rule{2mm}{2mm} \vskip \belowdisplayskip} %} %\newtheorem{lemma}{Lemma}[section] %\newtheorem{theorem}[lemma]{Theorem} %\newtheorem{claim}[lemma]{Claim} %\newtheorem{definition}[lemma]{Definition} %\newtheorem{corollary}[lemma]{Corollary} %Theorems and likes \newtheorem{assumption}{Assumption}[section] \newtheorem{theorem}{Theorem}[section] \newtheorem{fact}{Fact}[section] \newtheorem{claim}{Claim}[section] \newtheorem{lemma}{Lemma}[section] \newtheorem{definition}{Definition}[section] \newtheorem{corollary}{Corollary}[section] \newcommand{\bproof}{\noindent{\it Proof}} %\newcommand{\eproof}{\hspace*{\fill}$\Box$~~~~~\bigskip} \newcommand{\eproof}{\hspace*{\fill}\rule{2mm}{2mm}~~~~~\bigskip} \newenvironment{proof}{\bproof: }{\eproof} % symbols and notation \newcommand{\defeq}{\stackrel{\rm def}{=}} % Additional Math Notations (Arun Iyer) \newcommand{\nchoosek}[2]{\left(\begin{array}{c}#1\\#2\end{array}\right)} \DeclareSymbolFont{AMSb}{U}{msb}{m}{n} \DeclareMathSymbol{\N}{\mathbin}{AMSb}{"4E} \DeclareMathSymbol{\Z}{\mathbin}{AMSb}{"5A} \DeclareMathSymbol{\R}{\mathbin}{AMSb}{"52} \DeclareMathSymbol{\Q}{\mathbin}{AMSb}{"51} \DeclareMathSymbol{\I}{\mathbin}{AMSb}{"49} \DeclareMathSymbol{\C}{\mathbin}{AMSb}{"43} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \setlength{\oddsidemargin}{0in} \setlength{\topmargin}{0in} \setlength{\textwidth}{6in} \setlength{\textheight}{8in} \begin{document} \setlength{\fboxrule}{.5mm}\setlength{\fboxsep}{1.2mm} \newlength{\boxlength}\setlength{\boxlength}{\textwidth} \addtolength{\boxlength}{-4mm} \begin{center}\framebox{\parbox{\boxlength}{\bf CS 681: Computational Number Theory and Algebra \hfill Lecture 13: Primality Testing (Continued) \\ Lecturer: Manindra Agrawal \hfill Notes by: Arun Iyer %\\ \begin{flushright} %date September 8, 2005. \end{flushright} }}\end{center} \vspace{5mm} \section{Last Lecture Recap} A potential primality test was proposed which generalised the basic approach of using the idea $a^{n} \equiv a (mod \, n)$ whenever $n$ is prime, over a ring of polynomials. So we have a ring $R$, \begin{displaymath} R = \Z_n[X]/(X^{r}-1) \end{displaymath} where $n$ is square-free. Also we have a map, \begin{displaymath} \psi{(e(X))} = e^n(X), \, e(X) \in R \end{displaymath} The following question was to be answered, "Is $\psi$ an automorphism of R?". \section{Proceeding towards Proof} To check if $\psi$ is a linear map : \begin{center}test $\psi{(e(X))} \, = \, e(\psi{(X)}), \, \forall e(X) \, \in \, R$.\end{center} Let $p$ be a prime divisor of $n$. Let $h(x)$ be an irreducible factor of $x^r-1$ over $F_p$. Let $F = F_p[X]/(h(X))$. Let $deg(h) = d$ then $|F|=p^d$. Field $F$ occurs as one of the components in the direct sum representation of $R$. \begin{lemma} \label{First Size Reduction Lemma} (First Size Reduction Lemma)\\Let $S \subseteq F$ such that, \begin{enumerate} \item $\psi(S) \, \subseteq \, S$ \item $\forall e(X) \, \in S, \, \psi{(e(X))}\, = \, e(\psi(X))$ \item $|S| \, > \, n^{2\sqrt{r}}$ \end{enumerate} Then $n \, = \, p^j$ for some $j$. \end{lemma} \begin{proof} Let $\phi(e(X)) \, = \, e^p(X) , \, e(X) \, \in \, F$. Let $G \, = \, \left\{\, \phi^i\psi^j(X) \, | \, i,j \geq 0, \, X \in F \, \right\}$. Let $t = |G|$.\\Choose a pair $(\alpha,\beta),(\gamma,\delta)$ such that, \begin{enumerate} \item $(\alpha,\beta) \, \neq \, (\gamma,\delta)$ \item $0 \, \leq \, \alpha,\beta,\gamma,\delta \, \leq \, \sqrt{t}$ \item $\phi^{\alpha}\psi^{\beta}(X) \, = \, \phi^{\gamma}\psi^{\delta}(X)$ \end{enumerate} Such a pair always exists due to pigeonhole principle.\\ Consider $\phi^{\alpha}\psi^{\beta}(e(X)), e(X) \in S$. Then,\begin{center} \begin{tabular}{lclc} $\phi^{\alpha}\psi^{\beta}(e(X))$ & $=$ & $\phi^{\alpha}\psi^{\beta - 1}(e(\psi{(X)}))$ & \ldots [By definition of S]\\ & $=$ & $\phi^{\alpha}\psi^{\beta - 2}(e(\psi^{2}{(X)}))$ & $\vdots$\\ & & $\vdots$ & $\vdots$\\ & $=$ & $\phi^{\alpha}(e(\psi^{\beta}{(X)}))$ & $\vdots$\\ & $=$ & $\phi^{\alpha-1}(e(\phi\psi^{\beta}{(X)}))$ & \ldots [Since $\phi$ is linear over $F$]\\ & & $\vdots$ & $\vdots$\\ & $=$ & $e(\phi^{\alpha}\psi^{\beta}(X))$ & $\vdots$ \end{tabular}\end{center} Similarly, it can be shown that, \begin{displaymath} \phi^{\gamma}\psi^{\delta}(e(X)) \, = \, e(\phi^{\gamma}\psi^{\delta}(X)) \end{displaymath} Hence, \begin{displaymath} \phi^{\alpha}\psi^{\beta}(e(X)) \, = \, \phi^{\gamma}\psi^{\delta}(e(X)), \, \forall e(X) \, \in \, S \end{displaymath} This implies that, $\phi^{\alpha}\psi^{\beta}(y) - \phi^{\gamma}\psi^{\delta}(y)$ has atleast $|S|$ many roots in $F$.\\ Let $P(y) \, = \, \phi^{\alpha}\psi^{\beta}(y) - \phi^{\gamma}\psi^{\delta}(y) \, = \, y^{n^\beta p^\alpha} - y^{n^\delta p^\gamma}$. \\$deg(P) \, = \, max\left\{n^\beta p^\alpha,n^\delta p^\gamma\right\} \, \leq \, n^{2\sqrt{t}}$.\\ However, since $|S| \, > \, n^{2\sqrt{r}}$ and $t \leq r$, it implies, \begin{center}\begin{tabular}{rrclc} $\Longrightarrow$ & $P$ & $=$ & $0$ &\\ $\Longrightarrow$ & $n^\beta p^\alpha$ & $=$ & $n^\delta p^\gamma$ &\\ $\Longrightarrow$ & $n^{\alpha^{\prime}}$ & $=$ & $p^{\beta^{\prime}}$ & \ldots [for some $\alpha^{\prime},\beta^{\prime}$]\\ $\Longrightarrow$ & $n$ & $=$ & $p^j$ & \ldots [for some $j$] \end{tabular}\end{center} Hence Proved. \end{proof} \\Let $T=\left\{ \, X^{j} + a \, | \, 0 \leq j \leq r, \, 0 \leq 2\sqrt{r}logn, \, X \in F \, \right\}$. Now $|T| \, \leq \, 2r^{\frac{3}{2}}logn$, which is small if $r$ is small. Let $S$ be the multiplication closure of $T$ in $F$. \begin{lemma} \label{Second Size Reduction Lemma} (Second Size Reduction Lemma)\\ If $p>t>4log^2n$ and $\psi(e(X)) = e(\psi(X)), \forall e(X) \in T$, then \begin{enumerate} \item $\psi(S) \, \subseteq \, S$ \item $\psi{(e(X))} \, = \, e(\psi{(X)})$ \item $|S| \, > \, n^{2\sqrt{t}}$ \end{enumerate} \end{lemma} \begin{proof} \begin{enumerate} \item Let $e(X) \in S$. Therefore, $e(X) = \prod_{i=1}^{k} e_i(X), \, e_i(X) \in T$. \begin{center}\begin{tabular}{lcl} $\psi{(e(X))}$ & $=$ & $\psi{(\prod_{i=1}^{k} e_i(X))}$\\ & $=$ & $\prod_{i=1}^{k}e_i(\psi{(X)})$ \end{tabular}\end{center} Since $e_i(\psi{X}) \in T$, $\psi{(e(X))} \in S$. \item $\psi{(e(X))} = \prod_{i=1}^{k}e_i(\psi{(X)}) = e(\psi{(X)})$ \item Let $Q = \left\{ \, \prod_{i=1}^{t}(y+a_i) \, | \, 0 \leq a_i \leq 2\sqrt{r}logn \, \right\}$.\\ Let $q(y) \, \in \, Q$. Then, $q(X) \, \in \, S$. \begin{center}\begin{tabular}{lcl} Number of polynomials in Q & $=$ & $\nchoosek{2\sqrt{r}logn+t}{t}$\\ & $>$ & $\nchoosek{2\sqrt{r}logn + 2\sqrt{t}logn}{2\sqrt{t}logn}$\\ & $\geq$ & $\nchoosek{4\sqrt{t}logn}{2\sqrt{t}logn}$\\ & $>$ & $2^{2\sqrt{t}logn}$\\ & $=$ & $n^{2\sqrt{t}}$ \end{tabular}\end{center} Now, we make a claim,\\Claim : The map $y \mapsto X$ is 1-1 on Q\\Proof : Let $q_1(y), q_2(y) \in Q, \, q_1 \neq q_2$. Suppose that $q_1(X) = q_2(X)$ in $F$. We have $q_1(X),q_2(X) \in S$ and, \begin{center}\begin{tabular}{rrcl} & $q_1(X)$ & $=$ & $q_2(X)$\\ $\Longrightarrow$ & $\psi{(q_1(X))}$ & $=$ & $\psi{(q_2(X))}$ \\ $\Longrightarrow$ & $q_1(\psi{(X)})$ & $=$ & $q_2(\psi{(X)})$ \\ $\Longrightarrow$ & $q_1(\psi^j{(X)})$ & $=$ & $q_2(\psi^j{(X)})$ \\ $\Longrightarrow$ & $q_1(\phi^i\psi^j{(X)})$ & $=$ & $q_2(\phi^i\psi^j{(X)})$ \\ $\Longrightarrow$ & $q_1(e(X))$ & $=$ & $q_2(e(X))$ \end{tabular}\end{center} The above implies that every $e(X) \in G$ is a root of the polynomial $q_1(y) - q_2(y)$ in $F$. But $deg(q_1(y)-q_2(y)) \leq t-1$, which gives us a contradiction. Therefore the map is 1-1.\\ The above proof tells us that $|S|=|Q| \geq n^{2\sqrt{t}}$. \end{enumerate} Hence Proved. \end{proof} \end{document}