sign in sign up
<<
Home , Mersenne prime, Power of 10, Prime number

CS 4973 - Mersenne Project Strategy Overivew

Mersenne Prime Overview

p Definition 1. A is a prime of the form Mp = 2 − 1, where p itself is prime. p 1 It should be noted that not all of the form Mp = 2 − 1 are prime. For instance, M11 = 2 1 − 1 = 2047 = 23 · 89. The following table gives a partial list of the 51 known Mersenne primes.

# 2p − 1 Digits 1 22 − 1 1 2 23 − 1 1 3 25 − 1 2 4 27 − 1 3 5 213 − 1 4 6 217 − 1 6 7 219 − 1 6 8 231 − 1 10 9 261 − 1 19 ...... 50 277,232,917 − 1 23,249,425 51 282,589,933 − 1 24,862,048

Lucas–Lehmer

From the table given above, it should be pretty clear that simply running through a for Mp becomes computationally expensive. Note that we will be looking for Mersenne primes for p > 82, 589, 933 having more than 24,862,048 digits. There are way more primes, whose number of digits is less than 25 million, than we can check in a realistic time frame. E.g. There are 1,000,000,000,000 primes less than or equal to 29,996,224,275,833, which only has 14 digits. Thus, we need a different approach to determine if Mp is prime for some p. This is where the Lucas–Lehmer Primality Test (LLT) comes in.

First we define the sn as follows: ( 4, n = 0 (1) sn = 2 sn−1 − 2, n > 0

Theorem 1. The Mersenne number Mp is prime if and only if Sp−2 ≡ 0 mod Mp Here we must remember that mod is simply the remainder after . For instance, 58 mod 6 = 4 since 58 = 6 · 9 + 4. Note that the sequence terminates at term p − 2, where p is the value of the exponent in Mp. Thus, for our consideration, the least amount of iterations we must calculate is 82, 589, 933 − 2 = 82, 589, 931. Since for 2 n > 0, sn = sn−1 − 2 we expect the number of digits in each iteration to approximately double. This test becomes computationally impossible as it currently is states. For example, the following table lists the approximate values of sn. Note that s23 has 4,797,843 digits, and we need to be able to compute s82,589,931. There are simply not enough on a (or perhaps atoms in the universe) to store all the digits of s82,589,931. In to circumvent this large number problem, through the properties of modular , we can modify the sequence sn as follows (call it tn instead):

( 4, n = 0 (2) tn = 2 tn−1 − 2 mod Mp, n > 0 1 2

# sn # sn # sn 0 4 8 2.62 × 10146 16 1.43 × 1037483 1 14 9 6.87 × 10292 17 2.04 × 1074966 2 194 10 4.72 × 10585 18 4.15 × 10149932 3 37634 11 2.23 × 101171 19 1.72 × 10299865 4 1.42 × 109 12 4.98 × 102342 20 2.96 × 10599730 5 2.01 × 1018 13 2.48 × 104685 21 8.77 × 101199460 6 4.02 × 1036 14 6.15 × 109370 22 7.70 × 102398921 7 1.62 × 1073 15 3.78 × 1018741 23 5.93 × 104797843

If Mp is an of length k, then the largest tn will be is 2k + 1, and then applying mod by Mp cuts the length back down to at most k. We next do a couple of examples: 13 We start with M13 = 2 − 1 = 8191. We will have to compute t0, t1,... t11 and then check to see if t11 = 0.

# tn 0 4 1 14 2 194 3 37634 mod 8191 = 4870 4 23716898 mod 8191 = 3953 5 15626207 mod 8191 = 5970 6 35640898 mod 8191 = 1857 7 3448447 mod 8191 = 36 8 1294 9 1674434 mod 8191 = 3470 10 12040898 mod 8191 = 128 11 16382 mod 8191 = 0

Since we know that M13 is indeed a Mersenne prime, we should end up with t11 = 0, which we have. Next we will perform the same process for M11 = 2047 which we know to not be a Mersenne prime, and we shall see that t9 6= 0:

# tn 0 4 1 14 2 194 3 37634 mod 2047 = 788 4 620942 mod 2047 = 701 5 491399 mod 2047 = 119 6 14159 mod 2047 = 1877 7 3523127 mod 2047 = 240 8 57598 mod 2047 = 282 9 79522 mod 2047 = 1736

Implementing LLT

Since we are going to be looking at values of p greater than 83,000,000, which has 25 million digits, we must start 38,382,750 with s26 =≈ 1.52 × 10 and mod it by Mp where p > 82, 589, 933 to get t26. Note that sk = tk for 0 ≤ k < 26, and after performing the mod required to get t26, to obtain t27, we must t26, subtract two, and then mod it by Mp. This process is repeated for 26 ≤ k ≤ p−2. In general, the two main computational components to deal with are

(1) squaring tk−1 at each iteration 3

2 (2) modding tk−1 − 2 by Mp

We will focus on (2) first, as it may impact how we deal with (1). As stated at the beginning of this document, when performing the integer operation a mod b, we simply compute the remainder after dividing a by b. However, when performing division of two numbers, both of which will have millions of digits, it behooves us to find a shortcut if possible. And one such shortcut exists.

 j x k (3) x mod (2p − 1) = x mod 2p + mod (2p − 1) 2p In binary fashion, this states that the first p bits of x plus the remaining leftmost bits of x are equivalent x mod (2p − 1). This equivalence can be used repeatedly until at most p bits remain. In this way, the remainder after dividing x by the Mersenne number (2p − 1) is computed without using division. 6 As an example, let us compute 28352 mod (2 − 1). In binary form, we have that 28352 = 1101110110000002, and 6 of course, 2 −1 = 63 = 1111112. The least significant 6 bits of 1101110110000002 are 0000002 and the remainder are 1101110112. Adding these two together gives 1101110112. repeating this process again, the least significant 6 bits are 1110112, with the remainder of bits being 1102. This gives 1110112 + 1102 = 10000012. This last result is still 7 digits long, so we must apply the reduction once more: The least significant digits are 0000012, and the remaining single digit is 12. Adding these together gives 102. Converting to base 10 since the result had 6 or fewer digits, we 6 have 102 = 2. One can calculate readily that indeed, 28352 mod (2 − 1) = 2. We write this out in a stepwise fashion as follows: 6 28352 mod (2 − 1) = 1101110110000002 mod 1111112

= (0000002 + 1101110112) mod 1111112

= 1101110112 mod 1111112

= (1110112 + 1102) mod 1111112

= 10000012 mod 1111112

= (0000012 + 12) mod 1111112

= 102 mod 1111112

= 102 = 2.

Next up, we focus on (1), the squaring of tk−1. The best non-FFT way to perform , which is also reasonably straight forward to understand and implement is the Karatsuba Algorithm. We will start with the base 10 overview first The idea is that if we wish to multiply two numbers x and y, we choose a large enough a a a so that we can express x as x = x0 · 10 + x1 and y = y0 · 10 + y1, with 10 > x1, y1. Then we have 2a a (4) x · y = x0 · y0 · 10 + (x0 · y1 + x1 · y0)10 + x1 · y1 If x and y are of the same length, say 2n, then instead of multiplying two length 2n numbers together, we multiply 4 pairs of digits of length n with three additions. If we wish to reduce the number of to three, we can use the identity

x0 · y1 + x1 · y0 = (x0 + x1)(y0 + y1) − x0 · y0 − x1 · y1.

Note that the last two terms on the right hand side of the above must be computed anyways, since x0 ·y0 is multiplied 2a by the 10 term, and x1 · y1 is the ‘constant’ term. Note that this does introduce the operation of subtraction into the process. We must also be careful of choosing a correct value of a. It should most likely be as balanced as possible (close to half the places, but at least half). So here is the process in outline form:

a a a (1) Find a value of a so that x = x0 · 10 + x1 and y = y0 · 10 + y1, with 10 > x1, y1 (2) Perform multiplication z0 = x0 · y0 (3) Perform multiplication z2 = x1 · y1 (4) Perform two additions and a multiplication (x0 + x1)(y0 + y1) (5) Perform two subtractions z1 = (x0 + x1)(y0 + y1) − z0 − z2 2a a (6) Perform two additions x · y = z0 · 10 + z1 · 10 + z2.

If we are wanting to square a number, then x0 = y0 and x1 = y1 so that 4

2a a (5) x · x = x0 · x0 · 10 + 2 · x0 · x1 · 10 + x1 · x1 If we were so inclined, we could rewrite the middle term using the identity:

2x0 · x1 = x0 · x0 + x1 · x1 − (x0 + x1) · (x0 + x1), where three multiplications can be reduced to two with some additions and subtractions. That being said, one of the multiplications is multiplying by two, so it may actually be faster to leave the middle term’s coefficient as 2·x0 ·x1.

We will do an example of squaring a number using this method. Let us compute 541, 2972. We let a = 3 so that we have 541, 297 = 541 · 103 + 297. Thus 541, 2972 = (541 · 103 + 297) · (541 · 103 + 297) = 541 · 541 · 106 + 2 · 541 · 297 · 103 + 297 · 297 = 292, 681 · 106 + 321, 354 · 103 + 88, 209 = 292, 681, 000, 000 + 321, 354, 000 + 88, 209 = 293, 002, 442, 209 Note that when multiplying two 6 digit numbers together, we only needed to multiply 3 digit numbers together! We will next perform the Karatsuba Algorithm in the squaring of a . We will square 427 = 1101010112. 4 We will choose our power of the base to be a = 4 so that we have 1101010112 = 110102 · 2 + 10112. Thus 2 4 4 1101010112 = (110102 · 2 + 10112) · (110102 · 2 + 10112) 8 4 = 110102 · 110102 · 2 + 2 · 110102 · 10112 · 2 + 10112 · 10112 8 5 = 110102 · 110102 · 2 + ·110102 · 10112 · 2 + 10112 · 10112 8 5 = 10101001002 · 2 + 1000111102 · 2 + 11110012

= 1010100100000000002 + 100011110000002 + 11110012

= 1011001000001110012 Converting the final binary result to base ten gives the value of 182, 329, which is exactly 4272! Note that from line 3 to line 4 of the above string of calculations, we converted the extra multiplication by 2 into adding another power to 2 to the exponent (going from 24 to 25).