1 / 29

Randomness and Computation: Some Prime Examples

Randomness and Computation: Some Prime Examples. Did you get that file ok? Was the transmission accurate?. How would I know?. Earth has transferred a huge file X to Moon. Moon received Y. Earth: X. Moon: Y.

csingletary
Télécharger la présentation

Randomness and Computation: Some Prime Examples

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Randomness and Computation: Some Prime Examples

  2. Did you get that file ok? Was the transmission accurate? How would I know? Earth has transferred a huge file X to Moon. Moon received Y. Earth: X Moon: Y

  3. Let p(n) be the number of primes between 1 and n. I wonder how fast p(n) grows? Conjecture [1790s]: Legendre Gauss

  4. Their estimates

  5. Two independent proofs of the Prime Density Theorem [1896]: De la Vallée Poussin J-S Hadamard

  6. The Prime Density Theorem • This theorem remains one of the celebrated achievements of number theory. In fact, an even sharper conjecture remains one of the great open problems of mathematics!

  7. The Riemann Hypothesis [1859] Riemann

  8. Slightly easier to show (n)/n ≥ 1/(2 log n) (We’ll use this, but won’t prove it here.)

  9. Random (log n)-bit number is a random number from 1..n (just add one) (n) / n ≥ 1/(2log n) means that a random (log n)-bit number has at least a 1/2log n chance of being prime.

  10. Random k-bit number is a random number from 1..2k (2k) / 2k≥ 1/2k means that a random k-bit number has at least a 1/2k chance of being prime.

  11. Really useful fact • A random k-bit number has at least a 1/2k chance of being prime. So if we pick 2k random k-bit numbers the expected number of primes on the list is at least 1

  12. Picking A Random Prime • Many modern cryptosystems (e.g., RSA) include the instructions: • “Pick a random n-bit prime.” • How can this be done efficiently?

  13. Picking A Random Prime • “Pick a random n-bit prime.” • Strategy: • Generate random n-bit numbers • Test each one for primality • [more on this later in the lecture]

  14. Tremendously Useful Inequality • x,1 + x ≤ ex (note: so for small x, 1 + x ≈ ex) Corollaries x,1 – x ≤ e-x x≠0,1 + 1/x ≤ e1/x x>0,(1 + 1/x)x ≤ e x≠0,1 - 1/x ≤ e-1/x x>0,(1 - 1/x)x ≤ 1/e

  15. Picking A Random Prime • “Pick a random n-bit prime.” • Generate kn random n-bit numbers • Each trial has a ≥ 1/2n chance of being prime. • Pr[ all kn trials yield composites ] ≤(1-1/2n)kn = (1-1/2n)2n * k/2≤ 1/ek/2

  16. Picking A Random Prime • “Pick a random n-bit prime.” • Strategy: • Generate random n-bit numbers • Test each one for primality For 1000-bit primes, if we try out 10000 random 1000-bit numbers, chance of failing ≤ e-5 ≤ .0068

  17. Moral of the story • Picking a random prime is “almost as easy as”picking a random number. • (Provided we can check for primality.)

  18. Checking for Primality • Fermat’s Little Theorem: • An integer n > 1 is prime if and only if • an-1 1 (mod n) • for all a such that 1 ≤ a ≤ n-1 “Fake Square Root of 1” Theorem: If a and n are positive integers such that a2 1 (mod n) but a 1 (mod n) then n is composite

  19. Miller-Rabin Randomized Primality Test • If n > 2 and n is even, return “composite” • Pick a uniformly at random from {1,2,…,n-1} • If an-1  1 (mod n), return “composite” • Let n-1 = t2s for some s > 0 and odd t • For i = 1, 2, …, s • if a2it 1 (mod n) but a2i-1t 1 (mod n) • return “composite” • Return “passed test”

  20. Monte Carlo Algorithm • The Miller-Rabin randomized primality test might return “passed test” even when the number is actually composite!

  21. What does the test tell us? • If n is prime, the test says “passed test” • If n is composite, the test says • “composite” with probability at least ¾ • “passed test” with probability at most ¼ • I.e., the answer is incorrect with probability at most ¼ • If n is composite and the test is run k times, the probability that it says “passed test” each time is at most (1/4)k. If the test ever says “composite” the number is composite.

  22. Did you get that file ok? Was the transmission accurate? How would I know? Earth has transferred a huge file X to Moon. Moon received Y Earth: X Moon: Y

  23. p = random (2 log n)-bit prime Send (p, X mod p) Answer to “X  Y (mod p) ?” Are X and Y the same n-bit numbers? (assume no transmission errors either way) Earth: X Moon: Y

  24. Why is this any good? • Easy case: • If X = Y, then X  Y (mod p) and answer to • “X  Y (mod p) ?” is Yes!

  25. Why is this any good? • Harder case: • What if X  Y? We want answer to “X  Y (mod p) ?” to be No! • But answer is Yes! if X  Y (mod p), i.e., p | (X-Y) • How likely is this? • Define Z = (X-Y). To mess up, p must divide Z. • Z is an n-bit number  Z is at most 2n. • But each prime is ≥ 2. Hence Z has at most n prime divisors.

  26. Almost there… • Z has at most n prime divisors. • How many (2log n)-bit primes are there? • Recall (2k) ≥ 2k /2k • at least 22logn/2*2log n = n2/(4 log n) >> 2n primes. At most half of them divide Z. Hence the probability that a random (2 log n)-bit prime divides Z is at most ½. Make mistake (answer Yes!) with probability at most ½.

  27. Theorem: Let X and Y be distinctn-bit numbers. Let p be a random (2 log n)-bit prime. Then Prob [X = Y mod p] < 1/2 Earth-Moon protocol makes mistake with probability at most 1/2!

  28. Are X and Y the same n-bit numbers? Pick k random (2 log n)-bit primes: P1, P2, .., Pk Send (X mod Pi) for 1 ≤ i ≤ k k answers to “X = Y mod Pi ?” (assume no transmission errors either way) EARTH: X MOON: Y

  29. Exponentially smaller error probability • If X=Y, always accept. • If X  Y, • Prob [X = Y mod Pi for all i] ≤ (1/2)k

More Related