Primality Testing for Beginners

STUDENT MATHEMATICAL LIBRARY Volume 70

Lasse Rempe-Gillen Rebecca Waldecker http://dx.doi.org/10.1090/stml/070

Primality Testing for Beginners

Student mathematical library Volume 70

Primality Testing for Beginners

Lasse Rempe-Gillen Rebecca Waldecker

American Mathematical Society Providence, Rhode Island Editorial Board Satyan L. Devadoss John Stillwell Gerald B. Folland (Chair) Serge Tabachnikov

The cover illustration is a variant of the Sieve of Eratosthenes (Sec- tion 1.5), showing the integers from 1 to 2704 colored by the number of their prime factors, including repeats. The illustration was created us- ing MATLAB. The back cover shows a phase plot of the Riemann zeta function (see Appendix A), which appears courtesy of Elias Wegert (www.visual.wegert.com).

2010 Mathematics Subject Classiﬁcation. Primary 11-01, 11-02, 11Axx, 11Y11, 11Y16.

For additional information and updates on this book, visit www.ams.org/bookpages/stml-70

Library of Congress Cataloging-in-Publication Data Rempe-Gillen, Lasse, 1978– author. [Primzahltests f¨ur Einsteiger. English] Primality testing for beginners / Lasse Rempe-Gillen, Rebecca Waldecker. pages cm. — (Student mathematical library ; volume 70) Translation of: Primzahltests f¨ur Einsteiger : Zahlentheorie - Algorithmik - Kryptographie. Includes bibliographical references and index. ISBN 978-0-8218-9883-3 (alk. paper) 1. Number theory. I. Waldecker, Rebecca, 1979– author. II. Title. QA241.R45813 2014 512.72—dc23 2013032423

Copying and reprinting. Individual readers of this publication, and nonproﬁt libraries acting for them, are permitted to make fair use of the material, such as to copy a chapter for use in teaching or research. Permission is granted to quote brief passages from this publication in reviews, provided the customary acknowledgment of the source is given. Republication, systematic copying, or multiple reproduction of any material in this publication is permitted only under license from the American Mathematical Society. Requests for such permission should be addressed to the Acquisitions Department, American Mathematical Society, 201 Charles Street, Providence, Rhode Island 02904- 2294 USA. Requests can also be made by e-mail to [email protected]. c 2014 by the authors. Printed in the United States of America. ∞ The paper used in this book is acid-free and falls within the guidelines established to ensure permanence and durability. Visit the AMS home page at http://www.ams.org/ 10 9 8 7 6 5 4 3 2 1 18 17 16 15 14 For our spouses, Emma and Lars

Contents

Preface xi

Introduction 1

Part 1. Foundations

Chapter 1. Natural numbers and primes 13 §1.1. The natural numbers 13 §1.2. Divisibility and primes 26 §1.3. Prime factor decomposition 31 §1.4. The Euclidean algorithm 35 §1.5. The Sieve of Eratosthenes 39 §1.6. There are inﬁnitely many primes 41 Further reading 42

Chapter 2. Algorithms and complexity 43 §2.1. Algorithms 43 §2.2. Decidable and undecidable problems 52 §2.3. Complexity of algorithms and the class P 57 §2.4. The class NP 68

vii viii Contents

§2.5. Randomized algorithms 73 Further reading 81

Chapter 3. Foundations of number theory 83 §3.1. Modular arithmetic 84 §3.2. Fermat’s Little Theorem 94 §3.3. A ﬁrst primality test 104 §3.4. Polynomials 107 §3.5. Polynomials and modular arithmetic 120 Further reading 127

Chapter 4. Prime numbers and cryptography 129 §4.1. Cryptography 129 §4.2. RSA 132 §4.3. Distribution of primes 136 §4.4. Proof of the weak prime number theorem 139 §4.5. Randomized primality tests 143 Further reading 150

Part 2. The AKS Algorithm

Chapter 5. The starting point: Fermat for polynomials 153 §5.1. A generalization of Fermat’s Theorem 153 §5.2. The idea of the AKS algorithm 159 §5.3. The Agrawal-Biswas test 163

Chapter 6. The theorem of Agrawal, Kayal, and Saxena 169 §6.1. Statement of the theorem 170 §6.2. The idea of the proof 171 §6.3. The number of polynomials in P 173 §6.4. Cyclotomic polynomials 178 Contents ix

Chapter 7. The algorithm 183 §7.1. How quickly does the order of n modulo r grow? 183 §7.2. The algorithm of Agrawal, Kayal, and Saxena 186 §7.3. Further comments 189 Further reading 192

Appendix A. Open questions 193 Further reading 205

Appendix B. Solutions and comments to important exercises 207

Bibliography 233

List of symbols 237

Index 239

Preface

“How on earth can you do research in mathematics?”, we are of- ten asked. The idea of ongoing research in other sciences is deeply embedded in the public consciousness, not only in those fields that may lead to self-driving cars or new life-saving drugs, but also in the most theoretical areas such as particle physics, where scientists try to puzzle out the likely nature of matter on the smallest possible scales. In contrast, even among members of the public who profess their enjoyment of mathematics there is little awareness that many mathematical questions remain open and that these are the subject of intensive investigation. One of the difficulties in challenging this perception lies in the highly specialized nature of modern mathematics itself. Even profes- sional mathematicians are usually unable to fully appreciate research advances outside their own branches of mathematics. Of course there are exceptions to this rule, such as Fermat’s Last Theorem,which was proved by Andrew Wiles in the 1990s and could hardly be sim- pler to state: “If n>2, then there are no non-zero integers a, b,and c such that an + bn = cn.” Yet in this case the proof is particularly long and difficult, and only a small number of experts worldwide are able to fully comprehend it.

xi xii Preface

In the summer of 2002, the computer scientist Manindra Agrawal and his students Neeraj Kayal and Nitin Saxena achieved a remark- able feat: they discovered an eﬃcient and deterministic test for the primality of a natural number. (To learn about the meaning of these notions, keep reading!) We were fascinated by this result not only because it answers a long-standing open question, but because the mathematics behind it is beautiful and, compared to other modern research advances, extremely accessible. We decided to use this opportunity to get young people in touch with actual mathematical research by oﬀering a course on the subject at a German summer academy for secondary-school students in 2005. Inspired by the participants and their enthusiasm, we started to transform the course material into a book manuscript, the German version of which appeared in 2009. The book you hold in your hands is an English-language edition of this text. During the translation process, we have also corrected a few errors, changed some of the presentation for pedagogical reasons, and updated the content with new results, where appropriate. We thank the students from our original summer course for their motivation and dedication and all those who have since helped us for their comments and suggestions regarding both the German and English editions. We also thank you – our reader – for your interest in this little volume, and we hope that you will enjoy reading the book as much as we did writing it.

Lasse Rempe-Gillen and Rebecca Waldecker August 2013 Bibliography

[AB] Agrawal, M. and Biswas, S.: Primality and identity testing via Chinese remaindering. Journal of the ACM 50 (2003), no. 4, 429– 443. [AKS] Agrawal, M., Kayal, N., and Saxena, K.: PRIMES is in P. Annals of Math. 160 (2004), no. 2, 781–793. [AO]¨ A˘garg¨un, A. G¨oksel and Ozkan,¨ E. Mehmet: A historical survey of the fundamental theorem of arithmetic. Historia Math. 28 (2001), no. 3, 207–214. [Be] Beutelspacher, A.: Cryptology. Mathematical Association of America, 1994. [Bo] Bornemann, F.: Primes is in P: A breakthrough for “Everyman”. Notices of the AMS 50 (2003), no. 5, 545–552. [Br] Bryant, V.: Yet Another Introduction to Analysis, Cambridge Uni- versity Press, 1990. [Ch] Chen, J. R.: On the representation of a larger even integer as the sum of a prime and the product of at most two primes. Sci. Sinica 16 (1973), 157–176. [Co] Conrey, J. B.: The Riemann Hypothesis. Notices of the AMS 50 (2003), no. 3, 341–353. [CLR] Cormen, T. H., Leiserson, C. E., and Rivest, R. L.: Introduction to Algorithms. Third Edition, MIT Press, 2009. [CM] Coron, J.-S. and May, A.: Deterministic polynomial-time equiva- lence of computing the RSA secret key and factoring. J. Cryptology 20 (2007), 39–50.

233 234 Bibliography

[CP] Crandall, R. and Pomerance, C.: Prime Numbers: A Computa- tional Perspective. Springer, 2005. [De] Derbyshire, J.: Prime Obsession: Bernhard Riemann and the Greatest Unsolved Problem in Mathematics. Penguin, 2004. [Dst] Diestel, R.: Graph Theory. Fourth edition, Springer, 2010. [Dtz] Dietzfelbinger, M.: Primality Testing in Polynomial Time: From Randomized Algorithms to “PRIMES Is in P”. Springer, 2004. [Do] Doxiadis, A.K.: Uncle Petros and Goldbach’s Conjecture: A Novel of Mathematical Obsession. Bloomsbury, 2001. [EFT] Ebbinghaus, H.-D., Flum, J., and Thomas, W.: Mathematical Logic. Second edition, Springer, 1994. [Eb] Ebbinghaus et al.: Numbers. Third printing, Springer, 1996. [Ec] Eccles, P.: An Introduction to Mathematical Reasoning: Numbers, Sets and Functions. Cambridge University Press, 1997. [Frl] Fraleigh, J. B.: A First Course in Abstract Algebra. Seventh edition, Pearson, 2003. [Frz] Franzén, T.: Gödel’s Theorem: An Incomplete Guide to Its Use and Abuse. Peters, 2005. [Fü] Fürer, M.: Faster Integer Multiplication. Proceedings of the 39th Annual ACM Symposium on Theory of Computing (2007), 57–66. [G] Granville, A.: It is easy to determine whether a given integer is prime. Bull.Amer.Math.Soc.42 (2005), no. 1, 3–38. [GT] Green, B. and Tao, T.: The primes contain arbitrarily long arithmetic progressions. Annals of Math. (2) 167 (2008), no. 2, 481–547. [Hal] Halmos, P. R.: Naive Set Theory. Van Nostrand, 1960. [Har] Hardy, G. H.: A Mathematician’s Apology. Cambridge University Press, 1940. [HW] Hardy, G. H. and Wright, E. M.: An Introduction to the Theory of Numbers. Oxford University Press, 2008. [He] Helfgott, H. A.: Major arcs for Goldbach’s problem, preprint, arXiv:1305.2897, 2013. [Ho] Hofstadter, D.: Godel, Escher, Bach: An Eternal Golden Braid. Penguin Books Ltd., 1980. [HMU] Hopcroft, J. E., Motwani, R., and Ullman, J. D.: Intro- duction to Automata Theory, Languages, and Computation. Pearson/Addison-Wesley, 2007. [HP] Humphreys, J. F. and Prest, M. Y.: Numbers, Groups and Codes. Second edition, Cambridge University Press, 2004. Bibliography 235

[J] Jameson, G. J. O.: The Prime Number Theorem. Cambridge Uni- versity Press, 2008. [Ke] Kelly, T.: The myth of the Skytale. CRYPTOLOGICA, Vol. XXII, no. 3 (1998). [KS] Kurzweil, H. and Stellmacher, B.: The Theory of Finite Groups. Springer, 2004. [LaPe] Laubenbacher, R. and Pengelley, D.: “Voici ce que j’ai trouv´e”: Sophie Germain’s grand plan to solve Fermat’s Last Theorem. His- toria Mathematica 37, Issue 4, (2010), 641–692. [LP] Lenstra, H. W. Jr. and Pomerance, C.: Primality testing with Gaussian periods. Preprint, 2005, revised April 2011. http://www.math.dartmouth.edu/∼carlp/aks041411.pdf. [LPa] Lewis, H. R. and Papadimitriou, C. H.: Elements of the Theory of Computation. Prentice Hall International, 1998. [LiN] Lidl, R. and Niederreiter, H.: Finite Fields. Addison-Wesley, 1983. [Lo] Lorenz, F.: Algebra. Volume I: Fields and Galois Theory. Springer, 2006. [ME] Murty, M. R. and Esmonde, J.: Problems in Algebraic Number Theory. Springer, 2004. [N] Nair, M.: On Chebyshev-type inequalities for primes. Amer. Math. Monthly 89, no. 2 (1982), 126–129. [NZM] Niven, I., Zuckerman, H. S., and Montgomery, H. L.: An Intro- duction to the Theory of Numbers. John Wiley & Sons, 1991. [P] Papadimitriou, C. H.: Computational Complexity. Addison- Wesley, 1995. [RSA] Rivest, R., Shamir, A., and Adleman, L.: A method for obtain- ing digital signatures and public-key cryptosystems. Comm. of the ACM 21 (1978), no. 2, 120–126. [Rob] Robinson, S.: Still guarding secrets after years of attacks, RSA earns accolades for its founders. SIAM News 36, no. 5 (2003). [Ro] Ross, S.: A First Course in Probability. Eighth edition, Pearson, 2008. [Ros] Ross, P. M.: On Chen’s theorem that each large even number has the form p1 + p2 or p1 + p2p3. J. London Math. Soc. 10 (1975), 500–506. [S] Singh, S.: The Code Book: Science of Secrecy from Ancient Egypt to Quantum Cryptography. Anchor Books, 2000. [TZ] Tao, T. and Ziegler, T.: The primes contain arbitrarily long polynomial progressions. Acta Math. 201, no. 2 (2008), 213–305. 236 Bibliography

[vK] von Koch, H.: Ueber die Riemann’sche Primzahlfunction. Math. Annalen 55, no. 3 (1901), 441–464. [Za] Zagier, D.: Newman’s short proof of the prime number theorem. American Math. Monthly 104 (1997), 705-708. [Zh] Zhang, Y.: Bounded gaps between primes. Annals of Math.,to appear. List of symbols

∅ (the empty set), page 8 C (the complex numbers), page 203 N (the natural numbers, not including zero), page 7

N0 (the natural numbers, including zero), page 7 Q (the rational numbers), page 7 R (the real numbers), page 7 Z (the integers), page 7 ∞ (infinity), page 8 e (Euler’s constant, e =2,71828 ...), page 9 π (the area of a circle of radius 1, π =3.14159 ...), page 48 #M (number of elements of M), page 8 N ⊆ M (N is a subset of M), page 8 N M (N is a proper subset of M), page 8 x ∈ M (x is an element of M), page 8 y/∈ M (y is not an element of M), page 8 NP (efficiently verifiable problems), page 69 P (efficiently computable problems), page 60 RP (problems with efficient Monte Carlo solutions), page 75 ZPP (problems with efficient Las Vegas solutions), page 78 f : N → M (f is a function from N to M), page 9 f(n)=O(g(n)) (f grows asymptotically at most as quickly as g), page 59 := (is defined as), page 8 a ≤ b (a is less than or equal to b), page 7 alogarithm of x), page 9 log x (the logarithm of x to base 2), page 9 n · ··· i=1 xi (the product x1 x2 xn), page 8

237 238 List of symbols

n ··· i=1 xi (the sum x1 + x2 + + xn), page 8 x (the largest integer n ≤ x), page 9 x (the smallest integer n ≥ x), page 9 |x| (absolute value of x), page 9 n!(n factorial), page 9 k | n (k divides n), page 26 gcd(a, b) (the greatest common divisor of a and b), page 27 lcm(a, b) (the least common multiple of a and b), page 27 cp(n) (the set of integers from 1 to n−1 that are coprime to n), page 98 ϕ(n) (the number of integers from 1 to n − 1 that are coprime to n), page 98 π(n) (the number of primes ≤ n), page 137 M mod n (the remainder of M after division by n), page 86 a ≡ b (mod n)(a is congruent to b modulo n), page 84 ordn(a) (the order of a modulo n), page 94 deg P (the degree of the polynomial P ), page 108 degn(P ) (the degree of P modulo n), page 121 P ≡ Q (mod H) (P and Q are congruent modulo H), page 113 P ≡ Q (mod n) (P and Q are congruent modulo n), page 120 P ≡ Q (mod n, H) (P and Q are congruent modulo n and H), page 122 P (the set of all integer polynomials P satisfying (6.1.2)), page 171 r(n, k) (the smallest prime r with r | n or ordr (n) >k), page 184 Index

3n + 1 problem, 51 PANCAKE, 44 QUICKSORT, 76 Aaronson, Scott, 73 randomized, 73 absolute value, 9 Schönhage-Strassen, 68 Ackermann, Wilhelm analysis Ackermann function, 68 mathematical, 143 Adleman, Leonard, 1, 132, 135, Annals of Mathematics, 4, 25, 199 Arenstorf 192 , Richard F., 204 age of the universe, 40 arithmetic Agrawal, Manindra, 163 modular, 84 AKS algorithm, 4, 186 arithmetic progression, 199 al-Khwarizmi, Abu Abdallah asymptotic growth, 59 Muhammad ibn Musa, 50 asymptotic running time, 60 Alberti, Leon Battista, 131 average running time, 78 algorithm, 43, 45 axiom, 14 ADDITION, 46, 61 Peano axioms, 25 AKS, 4, 186 COLLATZ, 51 Bachmann, Paul, 66 CRIME-BESTSELLER, 44 base, 104 deterministic, 73 basis of the induction, 17 efficient, 60 best-selling crime novel, 44 Euclidean, 29, 35, 36, 43, 50, 66 Bezout´ , Etienne´ inefficient, 40 Bézout’s Lemma, 37, 39, 87 Karatsuba, 67 binary number system, 46, 51 Las Vegas, 77 binomial coefficients, 19 MILLER-RABIN, 145 explicit formula, 23 Monte Carlo, 75 recursive formula, 19 N*(PI+E), 48 binomial theorem, 19 of Agrawal, Kayal, and Saxena, Biswas, Somenath, 163 4, 186 bounded from above/below, 22

239 240 Index

Caesar, Julius, 66 proof by, 15 Caesar cipher, 130 converse, 7 calculus coprime, 27 integral/differential, 143 corollary, 7 Carmichael,RobertD. coset, 100 Carmichael number, 106, 107, counterexample 146 smallest, 15 Chebyshev, Pafnuty Lvovich, 139 cryptography, 129 Chen, Jingrun, 195, 198 public-key, 132 Chinese Remainder Theorem, 89 CSR, 92 Church, Alonzo, 50, 54 cyclotomic polynomial, 178 Church-Turing thesis, 50 cipher de la Vallee´ Poussin, digraphic substitution, 131 Charles-Jean, 139 mono-alphabetic, 130 de Vigenere` , Blaise, 131 playfair, 131 decidable problem, 52 poly-alphabetic, 131 decimal number system, 51 RSA, 132 decision problem, 52 ciphertext, 130 decomposition Clement’s Theorem, 199 into irreducible factors, 125 Clement,PaulA. into prime factors, 31 Clement’s Theorem, 199 defined as, 8 coefficient, 108 definition, 6 leading, 108 recursive, 18 Collatz Conjecture, 51 degree of a polynomial, 108 Collatz, Lothar, 51 modulo n, 121 colorability, 70 descent combinatorics, 19 infinite, 15 common divisor, 27 determinism, 45 greatest, 27 deterministic algorithm, 73 common factor, 27 diagonalization, 57 highest, 27 differential calculus, 143 common multiple, 27 Diffie, Whitfield, 135 least, 27 digraphic substitution ciphers, 131 complete set of residues, 92 Diophantine equation, 92 complex numbers, 181, 193, 203 direct proof, 18 complex analysis, 139 Dirichlet, Gustav Lejeune complexity theory, 58 Dirichlet’s Prime Number composite number, 26 Theorem, 200 COMPOSITES, 53 Disquisitiones Arithmetica,34 conclusion, 6 divide and conquer, 62 congruence, 84 division modulo a polynomial, 113 long, 29 of polynomials modulo n, 120 polynomial long division, 110 congruence class, 93 with remainder, 28 congruent, 84 division algorithm, 28 constant polynomial, 108 division theorem, 28 contradiction division with remainder, 28 Index 241

for polynomials, 111 field, 93 divisor, 26 finite arithmetic progression, 199 common, 27 Fouvry, Etienne,´ 190, 191 greatest common, 27 fraction, 7 non-trivial, 26 frequency analysis, 130 of a polynomial, 110, 112 function, 9 of a polynomial modulo n, 122 one-way, 132 trivial, 26 Fundamental Theorem of zero, 119 Arithmetic, 31 zero divisor, 91, 93 Furer¨ , Martin, 68 dual problem, 53 Gauss, Carl Friedrich, 104, 139 efficiency, 60 Disquisitiones Arithmetica,34 efficiently verifiable problem, 69 Gauss summation, 22 Eisenstein, Ferdinand, 203 gcd, 27 irreducibility criterion, 126 Generalized Riemann Hypothesis, elements of a set, 8 149, 192, 195 Germain empty set, 8 , Sophie, 189, 191, 202 Godel¨ encryption ,Kurt,57 RSA, 2 incompleteness theorem, 57 Goldbach Entscheidungsproblem, 50, 54 , Christian, 195 Eratosthenes of Cyrene, 40 Goldbach Conjecture, 195 Sieve of, 39, 43, 61 Weak Goldbach Conjecture, 196 Euclid, 34, 38, 41, 200 Goldberg’s Conjecture, 197 Euclid number, 200 graph, 56 Euclidean algorithm, 29, 35, 36, 43, Great Internet Mersenne Prime 50, 66 Search, 201 Euler, Leonhard, 194, 195 greatest common divisor, 27 Green Euler’s constant, 9 ,Ben Green-Tao Theorem, 199 Fermat-Euler Theorem, 99 group, 104 phi function, 104 totient function, 98, 104 Hadamard, Jacques, 139 even integers, 7 halting problem, 54 even number, 22, 84 Hardy, Godfrey Harold, 1, 190, 205 factorial, 9 Heath-Brown, David Rodney, 192 Factoring Challenge, 2 Helfgott, Harald, 197 Fermat number, 203 Hellman, Martin, 135 Fermat prime, 203 highest common factor, 27 Fermat test, 105 Hilbert’s decision problem, 54 Fermat ,Pierrede,2,25 Hilbert, David, 49, 194 Fermat’s Last Theorem, xi, 25, Entscheidungsproblem, 50, 54 189, 191 Tenth Problem, 56 Fermat’s Little Theorem, 25, 96 hypothesis, 6 Fermat-Euler Theorem, 99 Last Theorem of, 197 induction theorem of Fermat-Miller, 145 basis of, 17 Fibonacci numbers, 19, 66 mathematical, 16 242 Index

variants, 18, 25 integral, 139 induction hypothesis, 17 natural, 9 induction step, 17 Logarithmic Integral Function, 193 inefficient algorithm, 40 long division, 29 infinite descent, 15 polynomial, 110 input, 52 Lucas, Edouard´ instance, 52 Lucas test, 201 positive/negative, 53 integer, 7 Markov, Andrei Andreyevich even, 7 Markov inequality, 78, 81 odd, 7 mathematical analysis, 143 integral, 143 mathematical induction, 16 integral calculus, 143 variants, 18, 25 integral domain, 119 Mersenne prime integral logarithm, 139 Great Internet Mersenne Prime intractable problem, 60 Search, 201 inverse modulo n,87 Mersenne,Marin irreducible polynomial, 114 Mersenne number, 200 Eisenstein criterion, 126 Mersenne prime, 201 modulo p, 123 Millennium Prize Problems, 72, 194 Miller, Gary Lee, 3, 149 Jacobi symbol, 149 theorem of Fermat-Miller, 145 Karatsuba, Anatoly Alexeevitch Miller-Rabin primality test, 145 Karatsuba algorithm, 67 modular arithmetic, 84 Kasiski, Friedrich W., 131 modulo a polynomial, 113 key monic, 108 private, 132 mono-alphabetic cipher, 130 public, 132 Monte Carlo algorithm, 75 Monte Carlo method, 73 Lagrange, Joseph-Louis multiple, 17, 26 Lagrange’s Theorem, 101, 104 common, 27 Landau, Edmund least common, 27 Landau symbols, 66 multiplicative inverse, 87 Las Vegas algorithm, 77 Las Vegas method, 73 National Lottery, 19 lcm, 27 natural logarithm, 9 leading coefficient, 108 natural numbers, 7, 13 least common multiple, 27 negative instance, 53 Legendre symbol, 149 non-trivial divisor, 26 Legendre, Adrien-Marie, 139 of a polynomial, 112 lemma, 7 NP,68,69 Bézout’s Lemma, 39, 87 NP-complete problem, 72 Lenstra, Hendrik W., 190 number Library of Alexandria, 40 Carmichael, 106, 107 linear factor, 112, 117, 124 complex, 181, 193, 203 Littlewood, John E., 190, 205 composite, 26 logarithm Euclid, 200 base 2, 9 even/odd, 22, 84 Index 243

integer, 7 Correspondence Problem, 56 natural, 7, 13 power perfect, 200 perfect, 9 prime, 1, 26 Pratt, Vaughan, 72 rational, 7 prime, 1, 26 real, 7 Fermat, 203 number of atoms in the universe, Mersenne, 201 40, 68, 197 root of unity modulo a prime, 144 O-notation, 59, 66 Sophie Germain prime, 190 odd integers, 7 twin, 42 odd number, 22, 84 prime factor, 30 one-way function, 132 prime factor decomposition, 31 order modulo n,94 prime gap, 41 output, 52 prime number theorem, 137 PRIMES, 53 P,60 primitive root, 103 pairwise, 23 primitive root of unity, 181 pancake, 44 private key, 132 particle physics, xi problem, 52 Pascal’s triangle, 19, 96 3n +1,51 Pausanias, 130 class NP,68,69 Peano axioms, 25 class P,60 Peano, Giuseppe,25 class RP,75 Peano axioms, 25 class ZPP,78 perfect number, 200 COMPOSITES, 53 perfect power, 9 decision, 52 plaintext, 130 dual, 53 playfair cipher, 131 efficiently computable, 60 poly-alphabetic cipher, 131 efficiently verifiable, 69 Polybius square, 130 halting problem, 54 polynomial, 108 Hilbert’s Entscheidungsproblem, constant, 108 50, 54 cyclotomic, 178 Hilbert’s Tenth Problem, 56 in X/Y /Z, 109 intractable, 60 in several variables, 56, 73 NP-complete, 72 integer/rational, 108 Post Correspondence Problem, irreducible, 114 56 irreducible (modulo p), 123 PRIMES, 53 monic, 108 search, 52 over a field, 119 SUM, 52 reducible, 118 (un)decidable, 52 zero, 108 product notation, 8 polynomial running time, 60 proof, 6 polynomial zero, 116, 123 by contradiction, 15 Pomerance, Carl, 190 direct, 18 positive instance, 53 pseudo-prime, 105 Post,Emil strong, 146 244 Index public key, 132 sum notation, 8 public-key cryptography, 132 Sylvester, James Joseph, 104

Quicksort, 76 Tao, Terence, 199 Green-Tao Theorem, 199 Rabin, Michael Oser, 3, 149 Tenenbaum,Gérald, 204 ´ Ramare, Olivier, 196 theorem, 7 randomized algorithm, 73 theorem of Agrawal, Kayal, and rational numbers, 7 Saxena, 169 real numbers, 7 theorem of Fermat-Miller, 145 recursive definition, 18 totient function, 98 reduced set of residues, 92 triples of prime numbers, 198 reducible polynomial, 118 trivial divisor, 26 Riemann ζ-function, 193 Turing, Alan, 50, 54, 131 Riemann Hypothesis, 139, 193 twin primes, 42, 197 Generalized, 149, 192, 195, 197 Riemann, Bernhard, 193 uncountable set, 57 Rivest, Ronald, 1, 132, 135 undecidable problem, 52 root of unity, 181 unique modulo n,88 modulo a prime, 144 universe primitive, 181 age, 40 RP,75 number of atoms, 40, 68, 197 RSA, 2, 132 RSA number, 2 Vigenère square, 131 Vinogradov RSR, 92 , Ivan Matveyevich running time Vinogradov’s Theorem, 196 von Koch asymptotic, 60 , Helge, 139, 194 average, 78 Weak Goldbach Conjecture, 196 exponential, 60 well-ordering principle, 14 function, 58 What’s my line?, 62 polynomial, 60 Wheatstone, Charles, 131 Wiles, Andrew, xi, 25, 192 Schonhage¨ , Arnold, 68 Wilson’s Theorem, 149, 204 Schönhage-Strassen algorithm, 68 Wilson, John, 149, 204 search problem, 52 witness, 69 set, 8 uncountable, 57 zero Shamir , Adi, 1, 132, 135 polynomial, 116, 123 Sieve of Eratosthenes, 39, 43, 61 zero divisor, 91, 93, 115, 119 Skytale, 130 zero of a polynomial, 109 smallest counterexample, 15 zero polynomial, 108 Solovay , Robert Martin, 149 Zhang, Yitang, 198 Sophie Germain prime, 190, 202 ZPP,78 Strassen, Volker, 68, 149 string, 52, 58 strong pseudo-prime, 146 subset, 8 successor, 24 sufficiently large, 59 How can you tell whether a number is prime? What if the number has hundreds or thousands of digits? This question may seem abstract or irrelevant, but in fact, primality tests are performed every time we make a secure online transaction. In 2002, Agrawal, Kayal, and Saxena answered a long-standing open question in this context by presenting a deterministic test (the AKS algorithm) with polynomial running time that checks whether a number is prime or not. What is more, their methods are essentially elementary, providing us with a unique opportunity to give a complete explanation of a current mathematical breakthrough to a wide audience. Rempe-Gillen and Waldecker introduce the aspects of number theory, algorithm theory, and cryptography that are relevant for the AKS algorithm and explain in detail why and how this test works. This book is specifi cally designed to make the reader familiar with the background that is necessary to appreciate the AKS algorithm and begins at a level that is suitable for secondary school students, teachers, and interested amateurs. Throughout the book, the reader becomes involved in the topic by means of numerous exercises.

For additional information and updates on this book, visit www.ams.org/bookpages/stml-70

AMS on the Web STML/70 www.ams.org