Lecture 26: Checking Order; Fun Facts on Mersenne and Fermat Numbers

Summary

Today we spent time discussing techniques for checking whether a given number is a primitive root for a given modulus. Hopefully this cleared up some confusion that people had when they worked on Homework 9. We then spent time discussing properties of the Fermat and Mersenne Numbers.

Calculating Order

One of the problems that several people seemed to have in the last homework assignment is verifying that a given element was a primitive root mod $p^2$, where p was an odd prime. For instance, many people made the following

Erroneous claim: Since $3^{\phi(17^2)} \equiv 1 \mod{17^2}$, 3 is a primitive root mod $17^2$.

The reason that this is justification is invalid is that one doesn't check that $\mbox{ord}_{17^2}(3) = \phi(17^2)$ in this manner. In fact, checking $3^{\phi(17^2)} \equiv 1 \mod{17^2}$ only tells us that the order of 3 mod 172 is a divisor of $\phi(17^2)$ — a fact which we could have justified without doing any computations at all! To show that the order of 3 mod 172 really is "maximal," then, we need another technique. With this as motivation, let's review the process for verifying that a given element is a primitive root.

The case where the modulus is prime

Suppose that we want to show that a is a primitive root mod p, where p is a prime number. In order to verify this claim, we need to show that the smallest n which satisfies the equation

(1)
\begin{align} a^n \equiv 1 \mod{p} \end{align}

is $n = p-1$. Since we know that $a^{\phi(p)} = a^{p-1} \equiv 1 mod{p}$ by Fermat's Little Theorem, all we really need to do is check that

(2)
\begin{align} a^s \not\equiv 1 \mod{p} \quad \mbox{ for all }s<p-1. \end{align}

Of course, checking this is really overkill. We already know that the order of an element mod p isn't just any number smaller than $\phi(p)=p-1$, it actually has to be a divisor of $p_1$. Hence to check that a has order $p-1$, we need to check that

(3)
\begin{align} a^d \not\equiv 1 \mod{p} \quad \mbox{for all divisors }d \mbox{ of }p. \end{align}

As it happens, though, even this is more than we need to check. From our work in class last time, it turns out that all we really need to show is that

(4)
\begin{align} a^{\frac{p-1}{q}} \not\equiv 1 \mod{p} \mbox{ for every prime divisor }q \mbox{ of } p. \end{align}

This final simplification really cuts down on the number of computations we have to do.

Example: Finding a primitive root mod 61

Suppose we want to determine whether 2 is a primitive root mod 61. Since 61 is prime, we have $\phi(61) = 60 = 2^2\cdot 3 \cdot 5$. According to the criteria we just wrote down, we can prove that 2 is a primitive root by calculating

(5)
\begin{split} 2^{\frac{60}{2}} &\mod{61}\\ 2^{\frac{60}{3}} &\mod{61}\\ 2^{\frac{60}{5}} &\mod{61}. \end{split}

If all these quantities are not equivalent to 1, then 2 will be a primitive root. If even one of these quantities is equal to 1, then 2 will not be a primitive root. $\square$

Primitive Roots Mod p2

Now suppose you want to check if a is a primitive root mod p2. In theory, this should mean that you check

(6)
\begin{align} a^d \not\equiv 1 \mod{p^2} \quad \mbox{ for every divisor }d \mbox{ of }\phi(p^2) = p(p-1). \end{align}

From our discussions in class on Monday, though, we can find a better way.

Specifically, suppose that you have already determined that a is a primitive root mod p (using the ideas presented in the previous section). Then we proved in class that

(7)
\begin{split} a &\mbox{ is a primitive root }\mod{p^2} &\mbox{ if } a^{p-1} \not\equiv 1 \mod{p^2}\\ a+p \mbox{ is a primitive root}\mod{p^2} &\mbox{ if }a^{p-1} \equiv 1 \mod{p^2}.\\ \end{split}

Hence if you calculate $a^{p-1} \mod{p^2}$, whatever answer you get will tell you how to find a primitive root mod p2.

Primitive Roots Mod pm and 2pm

Suppose now that you want to find a primitive root mod pm. The theory we discussed in class on Monday shows that any primitive root a mod p2 will also be a primitive root mod pm. Furthermore, if that primitive root a is odd, then a is a primitive root mod 2pm. (And if it isn't odd, then $a+p^m$ is a primitive root mod $2p^m$.

Fun Topics with Fermat and Mersenne Numbers

The rest of the class was spent talking about "fun" topics related to Fermat and Mersenne numbers. These topics won't be covered on the test, but they are worth thinking about nonetheless.

Recall from last class period that we had the following primality test (known as the Lucas-Lehmer test):

For a number n, if there exists a number a so that

$a^{n-1} \equiv 1 \mod{n}$

and for all primes q dividing $n-1$ we have

$a^{\frac{n-1}{q}} \not\equiv 1 \mod{n}$

then n is a prime number.

This test was good, but it did require that we know something about the factorization of $n-1$. For more numbers, a prime factorization for $n-1$ is just as difficult to compute as a prime factorization for n. But for some numbers, like the Fermat numbers $F_n = 2^{2^n}+1$, such a factorization is quite easy. In fact, for these special numbers we have

Pepin's Primality Test: $F_n$ is a prime number if and only if $n=0$ or

$3^{\frac{F_n-1}{2}} \equiv -1 \mod{F_n}$.

This test is great, because it gives an "efficient" way to determine the primality of a Fermat Number. Unfortunately, though, "efficient" is a relative term: though these numbers grow at a doubly-exponential rate, this test takes an exponential amount of time to compute. While an exponential algorithm is way better than a doubly-exponential algorithm

Now some people wondered if we could use this test on Mersenne numbers, $M_n = 2^n-1$. Unfortunately, it's hard to find a good factorization of $M_n-1 = 2^n-2 = 2(2^{n-1}-1)$. There is, however, a primality test that one can use on Mersenne numbers.

(Lucas-Lehmer Test for Mersenne Numbers): For a given p, define $u_0 = 4$ and recursively define

$u_i = u_{i-1}^2-2$.

Then $M_p$ is a prime if and only if $u_{p-2} \equiv 0 \mod{M_p}$.

Example

To check that $M_3 = 2^3-1 = 7$, let's compute the u sequence. We only need to go to $u_{3-2} = u_1$:

(8)
\begin{split} u_0 &\equiv 4 \mod{M_3}\\ u_1 &\equiv 4^2-2 \equiv 14 \equiv 0 \mod{M_3}. \end{split}

According to our test, this means that $M_3$ is a prime number (surprise, surprise).

On the other hand, determining whether $M_{11}$ is prime or not might not be so clear. To do so, we'll need to look at the sequence $u_0,u_1,\cdots, u_9$ and determine whether $u_9 \not\equiv 0 \mod{M_{11}}$. It turns out that $u_9 \not\equiv 0 \mod{M_{11}}$, which means that $M_{11}$ isn't prime. $\square$

Notice that this above test, while it tells us whether or not a given $M_p$ is prime or composite, it does not give us a factorization in the case that the number winds up being composite. For instance, Lucas used his test in 1876 to show that $M_{67}$ is not prime, but he did not give a factorization. This would have to wait for Cole's amazing speech during a conference in 1903, which had him silently verifying the factorization

(9)
\begin{align} M_{67} = 193,707,721 \times 761,838,257,287. \end{align}

His speech was the only one at the conference that got a standing ovation.

Though there's not very much known about the primality or compositeness of general Mersenne numbers, there are certain cases when it's known that $M_p$ is composite.

Suppose that p is a prime congruence to 3 mod 4, and that $2p+1$ is a prime. Then $2p+1 \mid M_p$. In particular, if $p>3$ then $M_p$ is composite.

Proof: Since $p \equiv 3 \mod{4}$ we have $p = 4k+3$. Hence $2p+1 = 2(4k+3)+1 = 8k+7 \equiv 7 \mod{8}$, and this means that 2 is a square mod 2p+1. According to Euler's Criterion, we get

(10)
\begin{align} 1 \equiv \left(\frac{2}{2p+1}\right) \equiv 2^{\frac{2p+1-1}{2}} \equiv 2^p \mod{2p+1}. \end{align}

This translates to $2p+1 \mid 2^p-1 = M_p$.

In the case that $p>3$, we have $M_p > 2p+1$, and so this divisor $2p+1$ is a proper divisor (making $M_p$ prime). $\square$

To finish our discussion on Fermat and Mersenne numbers, we're going to give a new proof of the infinitude of primes using Fermat numbers. This is somewhat amazing, since we don't really know much about how Fermat numbers factor. To prove this result, we'll need the following fact about Fermat numbers.

Lemma: $F_n -2 = F_0 \cdot F_1 \cdots F_{n-1}$.

Proof: We'll check this by induction. The base case $n=1$ follows because

(11)
\begin{split} F_1-2 &= 2^{2^1}+1-2 = 4+1-2 = 3\\ F_0 &= 2^{2^0}+1 = 2^1+1=3. \end{split}

For the inductive step, let's compute $F_n-2$:

(12)
\begin{equation} F_n-2 = 2^{2^n}+1-2 = 2^{2^n}-1 = (2^{2^{n-1}}-1)(2^{2^{n-1}}+1) = (F_{n-1}-2)F_{n-1}. \end{equation}

Now by induction we know $F_{n-1} -2 = F_0 \cdots F_{n-2}$, which we substitute into the equation above to prove

(13)
\begin{align} F_n-2 = (F_0 \cdot F_1 \cdots F_{n-2})F_{n-1} = F_0 \cdot F_1 \cdots F_{n-1}. \end{align}

$\square$

Theorem: There are infinitely many prime numbers.

Proof: We'll show there are infinitely many prime numbers by showing that all the Fermat numbers are relatively prime to each other; i.e., that no two Fermat numbers share a common factor. This will prove there are infinitely many prime numbers, since each of the Fermat numbers will have a "new" prime factor.

So let's check that all Fermat numbers are relatively prime by contradiction. We'll assume that there exists Fermat numbers $F_j$ and $F_n$ that have a common prime divisor p, and we'll shows that this leads to a contradiction. Since one of n or j has to be bigger than the other, let's assume that $n>j$. By the previous Lemma, we know that

(14)
\begin{align} p \mid F_n-2 = F_0 \cdots F_{n-1}, \end{align}

since the product on the right hand side contains $F_j$. Hence we know that p divides the integral linear combination

(15)
\begin{align} p \mid F_n - (F_n-2)= 2. \end{align}

But if $p mid 2$ then we must have $p=2$. Notice, though, that each $F_n$ is an odd number (since it takes the form $2^{2^n}+1$), and so it is impossible for $2 \mid F_n$ to be true. We conclude that our assumption about a common prime factor is false, and therefore the Fermat numbers are pairwise relatively prime as desired. $\square$

Add a New Comment
page revision: 4, last edited: 18 Mar 2009 16:39
Edit Tags History Files Print Site tools + Options
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License