OOn the Distribution of Witnesses in the Miller-Rabin Test
Matt KownackiJanuary 27, 2018
Abstract:
We show that the set of normalized Miller-Rabin witnesses becomes equidistributedin the unit interval. This will be done by exhibiting cancellation in certain exponential sums.
Contents S . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32.2 Cancellation Lemma . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42.3 Estimation of S and S . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52.4 Proof of Theorem 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 a r X i v : . [ m a t h . N T ] A ug Introduction and Notation
For convenience, the following notation will be put to use. For a set S , S will denote the numberof elements of S .The greatest common divisor of two integers a and b will be represented as ( a, b ).We willdenote the group of units modulo n as ( Z /n Z ) ∗ . A function f ( n ) is said to be o ( g ( n )) if lim n →∞ f ( n ) g ( n ) = 0.Likewise, a function f ( n ) is said to be O ( g ( n )) if | f ( n ) | ≤ c | g ( n ) | for some constant c . The function e ( x )is an exponential function to be defined as e ( x ) = e πix . Definition 1.
Let n be an odd integer and write n − d s with d odd. Then an integer a , < a < n ,is a Miller-Rabin witness (for the compositeness of n ) if the following conditions hold(1) ( a, n ) = 1 (2) a d (cid:54)≡ n (3) For all integers j with ≤ j < s, a d i (cid:54)≡ − n Given n , let W ( n ) denote the set of such witnesses. There are two theorems of note proved byMiller and Rabin respectively. Theorem [Miller] [3]
Let n be odd and composite. Assuming the Generalized Riemann Hypothesis, thenmin W ( n ) = O (log( n ) )The specific constant was later proved to be 2 by Erich Bach [1], so the least witness would be nolarger than 2 log n , assuming GRH. Theorem [Rabin] [5]
Let n be odd and composite, then W ( n ) obeys the following bound W ( n ) > n − W ( n ) in Z /n Z . The main result being the following. Theorem 1. As n → ∞ along odd composite numbers, then the normalized witness set becomes equidis-tributed in the unit interval. By this we mean : ∀ [ a, b ] ⊂ [0 ,
1] { W ( n ) n ∩ [ a, b ] } W ( n ) → b − a , as n → ∞ To illustrate this, see Figure 1. The proof is elementary, the main ingredient being reduction of certainexponential sums into Gauss sums.
Proof.
By Rabin’s bound for W ( n ) and Weyl’s Criterion, it suffices to show that for fixed k (cid:54) = 0 , k ∈ Z that( (cid:63) ) S = (cid:80) w ∈ W ( n ) e ( kwn ) = o ( n )2igure 1: Witnesses of n=1056331 per interval in intervals of length n .Let W ( n ) = { , , , ..., n − } \ W ( n ) be the set of non-witnesses, and define S = (cid:88) w ∈ W ( n ) e ( kwn )so that S + S = 0. Then since n (cid:54) | k , for k (cid:54) = 0, ( (cid:63) ) is equivalent to( † ) | S | = o ( n ) W ( n ) can be partitioned based on its membership conditions as follows: W ( n ) = { w ∈ W ( n ) | ( w, n ) > } . W ( n ) = { w ∈ W ( n ) | w d ≡ n } . W ( n ) = { w ∈ W ( n ) |∃ j < s, w j d ≡ − n } .Hence, W ( n ) = W ( n ) (cid:70) W ( n ) (cid:70) W ( n ) and ( † ) follows from showing S j = (cid:88) w ∈ W j ( n ) e ( kwn ) = o ( n ) j = 1 , , S Lemma 2.
For each fixed k (cid:54) = 0 , | S | = O k (1) as n → ∞ .Proof. For S we can represent the sum over those w as (cid:88) ( w,n ) > e ( k wn ) = − (cid:88) ( w,n )=1 e ( k wn )Then upon a M¨obius inversion [4] of this sum we arrive at: (cid:88) ( w,n )=1 e ( k wn ) = (cid:88) s | ( n,k ) sµ ( ns )3s this sum is just a divisor sum,and that ( n, k ) ≤ k , we find that for any (cid:15) > | S | = (cid:12)(cid:12)(cid:12)(cid:12)(cid:12)(cid:12) (cid:88) s | ( n,k ) sµ ( ns ) (cid:12)(cid:12)(cid:12)(cid:12)(cid:12)(cid:12) ≤ | (cid:88) s | ( n,k ) s | < k (cid:15) Thus S is of order O k (1) as n → ∞ . The following lemma will be applied to the estimation of S and S . Lemma 3.
Let α, n ∈ N and let b be an element in ( Z /n Z ) ∗ . Let W (cid:48) = { w ∈ ( Z /n Z ) ∗ | w α ≡ b mod n } . Fix k (cid:54) = 0 ∈ Z , and define the sum S (cid:48) = (cid:88) w ∈ W (cid:48) e ( k wn ) then | S (cid:48) | = O k ( √ n ) as n → ∞ .Proof. Let b be the inverse of b ∈ ( Z /n Z ) ∗ and consider φ ( n ) (cid:80) χ χ ( bw α ) , a sum over Dirichlet charactersmodulo n , note that 1 φ ( n ) (cid:88) χ χ ( bw α ) = (cid:26) w ∈ W (cid:48) otherwise Insert this into the sum and interchange the order of summation to obtain S (cid:48) = (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) (cid:88) w α ≡ b mod n e ( k wn ) (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) = (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) (cid:88) w α ≡ b mod n e ( k wn ) 1 φ ( n ) (cid:88) χ χ ( bw α ) (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) = (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) φ ( n ) (cid:88) χ χ ( b ) (cid:88) w mod n e ( k wn ) χ α ( w ) (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) ≤ φ ( n ) (cid:88) χ (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) (cid:88) w mod n χ α ( w ) e ( k wn ) (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) For each χ , χ α could be the trivial character mod n or not. If it is the trivial character then the insidesum breaks down into a Ramanujan sum, and is estimated as in Lemma 2. If it is nontrivial, note that (cid:80) w mod n χ α ( w ) e ( k wn ) is a type of Gauss sum, and it is a known fact [2] that for primitive characters (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) (cid:88) w mod n χ α ( w ) e ( kwn ) (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) ≤ √ n If χ α is imprimitive with conductor q , writing n = ql , there are two cases to be handled. If l (cid:54) | k ,then the sum is zero. If l | k then (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) (cid:88) w mod n χ α ( w ) e ( k wn ) (cid:12)(cid:12)(cid:12)(cid:12)(cid:12) ≤ l √ q We have that χ α is induced by a character χ which is primitive modulo q . Upon writing w = qj + r with r mod q and j mod l we have that (cid:88) w mod n χ α ( w ) e ( k wn ) = (cid:88) j mod l (cid:88) r mod q χ ( qj + r ) e ( k qj + rql )4enote the inside sum by S (cid:48)(cid:48) = (cid:88) r mod q χ ( qj + r ) e ( k qj + rql )To handle the first case, that l (cid:54) | k , multiply S (cid:48)(cid:48) by e ( kl ) and note that e ( kl ) S (cid:48)(cid:48) = S (cid:48)(cid:48) = 0. For thesecond case, we have k = k (cid:48) l , and S (cid:48)(cid:48) = (cid:88) r mod q χ ( qj + r ) e ( k qj + rql ) = (cid:88) r mod q χ ( r ) e ( kl rq ) = (cid:88) r mod q χ ( r ) e ( k (cid:48) rq )Now S (cid:48)(cid:48) can be handled as above(as χ is primitive modulo q ), and it is summed exactly l times.As we have l | k and q | n , we have l ≤ k and q ≤ n , so (cid:80) w mod n χ α ( w ) e ( k wn ) = O k ( √ n ).It follows that | S (cid:48) | = O k ( √ n ) as n → ∞ . S and S Lemma 4.
For each fixed k (cid:54) = 0 , | S | = O k ( √ n ) as n → ∞ .Proof. S is a sum over the set W ( n ) = { w ∈ W ( n ) | w d ≡ n } . As W ( n ) is of the type W (cid:48) , thenwe can apply Lemma 3. Lemma 5.
For each fixed k (cid:54) = 0 , | S | = O k ( √ n log n ) as n → ∞ .Proof. S is the sum over the set W ( n ) = { w ∈ W ( n ) |∃ j < s, w j d ≡ − n } . We can write S as: S = s − (cid:88) j =0 (cid:88) w jd ≡− n e ( k wn )Applying the cancellation lemma to the innermost sum and then bounding the outside sum by log n yieldsthat | S | = O k ( √ n log n ) as n → ∞ . As previously stated, the statement ( (cid:63) ) is equivalent to | S | = (cid:12)(cid:12)(cid:12)(cid:12)(cid:12)(cid:12) (cid:88) w ∈ W ( n ) e ( kwn ) (cid:12)(cid:12)(cid:12)(cid:12)(cid:12)(cid:12) ≤ | S | + | S | + | S | = o ( n )(with each sum shown individually to be o ( n ) in Lemmas 2,4, and 5 respectively). The main result thenfollows from Weyl’s criterion. The author would like to express an enormous amount of gratitude to his advisor, AlexKontorovich, for his wealth of experience and indispensable wisdom, Katie McKeon, whose advice andassistance made this possible, and numerous other students, staff and faculty at the DIMACS REU fortheir encouragement and support. 5 eferences [1] Eric Bach. Explicit bounds for primality testing and related problems.
J. Math. Comp. , 55(191):355–380, 1990.[2] Cohen. Henri.
Number Theory Vol. I. Tools and Diophantine Equations , volume 239 of
GraduateTexts in Mathematics . Springer-Verlag, New York, 2007.[3] Gary L. Miller. Riemann’s hypothesis and tests for primality.
J. Comput. System Sci. , 13(3):300–317,1976. Working papers presented at the ACM-SIGACT Symposium on the Theory of Computing(Albuquerque, N.M., 1975).[4] Melvyn B. Nathanson.
Additive number theory , volume 164 of
Graduate Texts in Mathematics .Springer-Verlag, New York, 1996. The classical bases.[5] Michael O. Rabin. Probabilistic algorithm for testing primality.