|
Quadratic Frobenius Test
The quadratic Frobenius test (QFT) is a probabilistic primality test to determine whether a number is a probable prime. It is named after Ferdinand Georg Frobenius. The test uses the concepts of quadratic polynomials and the Frobenius automorphism. It should not be confused with the more general Frobenius test using a quadratic polynomial – the QFT restricts the polynomials allowed based on the input, and also has other conditions that must be met. A composite passing this test is a Frobenius pseudoprime, but the converse is not necessarily true. Concept Grantham's stated goal when developing the algorithm was to provide a test that primes would always pass and composites would pass with a probability of less than 1/7710. The test was later extended by Damgård and Frandsen to a test called ''extended quadratic Frobenius test'' (EQFT). Algorithm Let be a positive integer such that is odd, \left(\frac\right) = -1 and \left(\frac\right) = 1, where \left(\frac\right) denotes ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Probabilistic Algorithm
A randomized algorithm is an algorithm that employs a degree of randomness as part of its logic or procedure. The algorithm typically uses uniformly random bits as an auxiliary input to guide its behavior, in the hope of achieving good performance in the "average case" over all possible choices of random determined by the random bits; thus either the running time, or the output (or both) are random variables. One has to distinguish between algorithms that use the random input so that they always terminate with the correct answer, but where the expected running time is finite (Las Vegas algorithms, for example Quicksort), and algorithms which have a chance of producing an incorrect result (Monte Carlo algorithms, for example the Monte Carlo algorithm for the MFAS problem) or fail to produce a result either by signaling a failure or failing to terminate. In some cases, probabilistic algorithms are the only practical means of solving a problem. In common practice, randomized algor ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Primality Test
A primality test is an algorithm for determining whether an input number is prime. Among other fields of mathematics, it is used for cryptography. Unlike integer factorization, primality tests do not generally give prime factors, only stating whether the input number is prime or not. Factorization is thought to be a computationally difficult problem, whereas primality testing is comparatively easy (its running time is polynomial in the size of the input). Some primality tests prove that a number is prime, while others like Miller–Rabin prove that a number is composite. Therefore, the latter might more accurately be called ''compositeness tests'' instead of primality tests. Simple methods The simplest primality test is ''trial division'': given an input number, ''n'', check whether it is evenly divisible by any prime number between 2 and (i.e. that the division leaves no remainder). If so, then ''n'' is composite. Otherwise, it is prime.Riesel (1994) pp.2-3 For example, c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Probable Prime
In number theory, a probable prime (PRP) is an integer that satisfies a specific condition that is satisfied by all prime numbers, but which is not satisfied by most composite numbers. Different types of probable primes have different specific conditions. While there may be probable primes that are composite (called pseudoprimes), the condition is generally chosen in order to make such exceptions rare. Fermat's test for compositeness, which is based on Fermat's little theorem, works as follows: given an integer ''n'', choose some integer ''a'' that is not a multiple of ''n''; (typically, we choose ''a'' in the range ). Calculate . If the result is not 1, then ''n'' is composite. If the result is 1, then ''n'' is likely to be prime; ''n'' is then called a probable prime to base ''a''. A weak probable prime to base ''a'' is an integer that is a probable prime to base ''a'', but which is not a strong probable prime to base ''a'' (see below). For a fixed base ''a'', it is unusual f ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ferdinand Georg Frobenius
Ferdinand Georg Frobenius (26 October 1849 – 3 August 1917) was a German mathematician, best known for his contributions to the theory of elliptic functions, differential equations, number theory, and to group theory. He is known for the famous determinantal identities, known as Frobenius–Stickelberger formulae, governing elliptic functions, and for developing the theory of biquadratic forms. He was also the first to introduce the notion of rational approximations of functions (nowadays known as Padé approximants), and gave the first full proof for the Cayley–Hamilton theorem. He also lent his name to certain differential-geometric objects in modern mathematical physics, known as Frobenius manifolds. Biography Ferdinand Georg Frobenius was born on 26 October 1849 in Charlottenburg, a suburb of Berlin from parents Christian Ferdinand Frobenius, a Protestant parson, and Christine Elizabeth Friedrich. He entered the Joachimsthal Gymnasium in 1860 when he was nearly eleven. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Quadratic Polynomial
In mathematics, a quadratic polynomial is a polynomial of degree two in one or more variables. A quadratic function is the polynomial function defined by a quadratic polynomial. Before 20th century, the distinction was unclear between a polynomial and its associated polynomial function; so "quadratic polynomial" and "quadratic function" were almost synonymous. This is still the case in many elementary courses, where both terms are often abbreviated as "quadratic". For example, a univariate (single-variable) quadratic function has the form :f(x)=ax^2+bx+c,\quad a \ne 0, where is its variable. The graph of a univariate quadratic function is a parabola, a curve that has an axis of symmetry parallel to the -axis. If a quadratic function is equated with zero, then the result is a quadratic equation. The solutions of a quadratic equation are the zeros of the corresponding quadratic function. The bivariate case in terms of variables and has the form : f(x,y) = a x^2 + bx y+ c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Frobenius Automorphism
In commutative algebra and field theory, the Frobenius endomorphism (after Ferdinand Georg Frobenius) is a special endomorphism of commutative rings with prime characteristic , an important class which includes finite fields. The endomorphism maps every element to its -th power. In certain contexts it is an automorphism, but this is not true in general. Definition Let be a commutative ring with prime characteristic (an integral domain of positive characteristic always has prime characteristic, for example). The Frobenius endomorphism ''F'' is defined by :F(r) = r^p for all ''r'' in ''R''. It respects the multiplication of ''R'': :F(rs) = (rs)^p = r^ps^p = F(r)F(s), and is 1 as well. Moreover, it also respects the addition of . The expression can be expanded using the binomial theorem. Because is prime, it divides but not any for ; it therefore will divide the numerator, but not the denominator, of the explicit formula of the binomial coefficients :\frac, if . Th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Frobenius Pseudoprime
In number theory, a Frobenius pseudoprime is a pseudoprime, whose definition was inspired by the quadratic Frobenius test described by Jon Grantham in a 1998 preprint and published in 2000. Frobenius pseudoprimes can be defined with respect to polynomials of degree at least 2, but they have been most extensively studied in the case of quadratic polynomials. Frobenius pseudoprimes w.r.t. quadratic polynomials Definition of Frobenius pseudoprimes with respect to a monic quadratic polynomial x^2 - Px + Q, where the discriminant D = P^2-4Q is not a square, can be expressed in terms of Lucas sequences U_n(P,Q) and V_n(P,Q) as follows. A composite number ''n'' is a Frobenius (P,Q) pseudoprime if and only if : (1) \qquad \gcd(n,2QD)=1, : (2) \qquad U_(P,Q) \equiv 0 \pmod n, and : (3) \qquad V_(P,Q) \equiv 2Q^ \pmod, where \delta=\left(\tfrac Dn\right) is the Jacobi symbol. When condition (2) is satisfied, condition (3) becomes equivalent to : (3') \qquad V_n(P,Q) \equiv P\pmod. Therefor ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Composite Number
A composite number is a positive integer that can be formed by multiplying two smaller positive integers. Equivalently, it is a positive integer that has at least one divisor other than 1 and itself. Every positive integer is composite, prime, or the unit 1, so the composite numbers are exactly the numbers that are not prime and not a unit. For example, the integer 14 is a composite number because it is the product of the two smaller integers 2 × 7. Likewise, the integers 2 and 3 are not composite numbers because each of them can only be divided by one and itself. The composite numbers up to 150 are: :4, 6, 8, 9, 10, 12, 14, 15, 16, 18, 20, 21, 22, 24, 25, 26, 27, 28, 30, 32, 33, 34, 35, 36, 38, 39, 40, 42, 44, 45, 46, 48, 49, 50, 51, 52, 54, 55, 56, 57, 58, 60, 62, 63, 64, 65, 66, 68, 69, 70, 72, 74, 75, 76, 77, 78, 80, 81, 82, 84, 85, 86, 87, 88, 90, 91, 92, 93, 94, 95, 96, 98, 99, 100, 102, 104, 105, 106, 108, 110, 111, 112, 114, 115, 116, 117, 118, 1 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ivan Damgård
Ivan Bjerre Damgård (born 1956) is a Danish cryptographer and currently a professor at the Department of Computer Science, Aarhus University, Denmark. Academic background In 1983, he obtained a master's degree in mathematics (with minors in music and computer science) at Aarhus University. He began his PhD studies in 1985 at the same university, and was for a period a guest researcher at CWI in Amsterdam in 1987. He earned his PhD degree in May, 1988, with the thesis ''Ubetinget beskyttelse i kryptografiske protokoller'' (Unconditional protection in cryptographic protocols) and has been employed at Aarhus University ever since. Damgård became full professor in 2005. Research Damgård co-invented the Merkle–Damgård construction, which is used in influential cryptographic hash functions such as SHA-2, SHA-1 and MD5. He discovered the structure independently of Ralph Merkle and published it in 1989. Ivan Damgård is one of the founders of the Cryptomathic Cryptomath ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Jacobi Symbol
Jacobi symbol for various ''k'' (along top) and ''n'' (along left side). Only are shown, since due to rule (2) below any other ''k'' can be reduced modulo ''n''. Quadratic residues are highlighted in yellow — note that no entry with a Jacobi symbol of −1 is a quadratic residue, and if ''k'' is a quadratic residue modulo a coprime ''n'', then , but not all entries with a Jacobi symbol of 1 (see the and rows) are quadratic residues. Notice also that when either ''n'' or ''k'' is a square, all values are nonnegative. The Jacobi symbol is a generalization of the Legendre symbol. Introduced by Jacobi in 1837, it is of theoretical interest in modular arithmetic and other branches of number theory, but its main use is in computational number theory, especially primality testing and integer factorization; these in turn are important in cryptography. Definition For any integer ''a'' and any positive odd integer ''n'', the Jacobi symbol is defined as the product of the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Modular Arithmetic
In mathematics, modular arithmetic is a system of arithmetic for integers, where numbers "wrap around" when reaching a certain value, called the modulus. The modern approach to modular arithmetic was developed by Carl Friedrich Gauss in his book ''Disquisitiones Arithmeticae'', published in 1801. A familiar use of modular arithmetic is in the 12-hour clock, in which the day is divided into two 12-hour periods. If the time is 7:00 now, then 8 hours later it will be 3:00. Simple addition would result in , but clocks "wrap around" every 12 hours. Because the hour number starts over at zero when it reaches 12, this is arithmetic ''modulo'' 12. In terms of the definition below, 15 is ''congruent'' to 3 modulo 12, so "15:00" on a 24-hour clock is displayed "3:00" on a 12-hour clock. Congruence Given an integer , called a modulus, two integers and are said to be congruent modulo , if is a divisor of their difference (that is, if there is an integer such that ). Congruence modulo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Multiplicative Group Of Integers Modulo N
In modular arithmetic, the integers coprime (relatively prime) to ''n'' from the set \ of ''n'' non-negative integers form a group under multiplication modulo ''n'', called the multiplicative group of integers modulo ''n''. Equivalently, the elements of this group can be thought of as the congruence classes, also known as ''residues'' modulo ''n'', that are coprime to ''n''. Hence another name is the group of primitive residue classes modulo ''n''. In the theory of rings, a branch of abstract algebra, it is described as the group of units of the ring of integers modulo ''n''. Here ''units'' refers to elements with a multiplicative inverse, which, in this ring, are exactly those coprime to ''n''. This quotient group, usually denoted (\mathbb/n\mathbb)^\times, is fundamental in number theory. It is used in cryptography, integer factorization, and primality testing. It is an abelian, finite group whose order is given by Euler's totient function: , (\mathbb/n\mathbb)^\times, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
