|
2019-04-09, 13:49
|
#375 | |
Feb 2017
Nowhere
464310 Posts |
Quote:
n = p * q, p == 3 (mod 4), q = 2*p - 1 also prime. The condition that b^(n-1) == 1 (mod n) is that kronecker(b, q) = +1, a condition that is never satisfied by b = 2, and is generally satisfied by about half of the bases b. The further condition that b^((n-1)/2) == 1 or -1 (mod n) is that kronecker(b,p) = (b/q)4 (4-th power residue character, 1 or -1 since kronecker(b,q) = +1, congruent to Mod(b,q)^((q-1)/4)). This condition appears to eliminate about half the bases b for which kronecker(b,q) = +1. So, for r rounds, one would expect perhaps a 1/4^r probability of n failing to test as composite. I ran ispseudoprime(n,k) for k = 1 to 4 on the first 35 numbers on the list. This does Rabin-Miller with k randomly chosen bases. Only a few failed to test as composite for any k, and only 2 or 3 for more than one k. All of the 35 numbers tested as composite for every run with k = 4. I also checked the conditions for prime bases b up to 100, 1000, and 2000. In each case, about 1/4 of the prime bases b satisfied the conditions for n failing to test as composite. So it seems to me that, in order for n to fail to test composite by Rabin-Miller for at least ten bases, the bases almost have to be chosen rather carefully to insure that outcome. Unless, of course, the "ten rounds" were all done to the same base, or powers of one base... Last fiddled with by Dr Sardonicus on 2019-04-09 at 13:54 |
|
|
|
|
2019-04-09, 16:12
|
#376 | |
Sep 2003
5·11·47 Posts |
Quote:
The ones I'm seeing definitely fit the category of (b^n+1)/(b+1) for odd b. Apart from the ones already mentioned, for b=13 there was n=8669, 19993. |
|
|
|
|
|
2019-04-09, 19:37
|
#377 |
|
Mar 2018
2018 Posts |
That page is very "historical". Those small numbers are from years ago. The weak PRP's I was talking about were much higher digit counts and thus not seen on that page.
Here are some picked from some different parts of my logs. http://factordb.com/index.php?id=1100000000933198724 http://factordb.com/index.php?id=1100000000851496321 http://factordb.com/index.php?id=1100000000851706313 http://factordb.com/index.php?id=1100000000851982326 http://factordb.com/index.php?id=1100000001177551445 http://factordb.com/index.php?id=1100000001137959890 http://factordb.com/index.php?id=1100000001197237994 http://factordb.com/index.php?id=1100000001109177324 http://factordb.com/index.php?id=1100000001254036805 http://factordb.com/index.php?id=1100000001224177583 http://factordb.com/index.php?id=1100000001269922385 http://factordb.com/index.php?id=1100000001109152306 |
|
|
|
|
2019-04-09, 20:16
|
#378 | ||
"Robert Gerbicz"
Oct 2005
Hungary
22×7×53 Posts |
Quote:
Quote:
https://www.mersenneforum.org/showpo...postcount=1546 Note that we know the bases in the Miller-Rabin tests if you check out the gmp source code, so this is not just submitting randomly such p*(2*p-1) numbers, and hoping for a luck; in fact I've submitted the number only if it has order>=10. Also note that the bases depends on n, so not fixed! And before the Rabin tests there is also a Fermat test for the fixed(!) base=210. And be careful: older gmp versions used different generation for the random bases, but in the recent versions they haven't changed it. Since the bases are not fixed, it could be very hard/impossible to construct large order numbers, so to do an Arnault attack: http://www.ams.org/journals/mcom/199...-1260124-2.pdf . |
||
|
|
|
|
2019-04-10, 13:06
|
#379 | |
|
Feb 2017
Nowhere
4,643 Posts |
Quote:
Alas, I doubt trying to read source code would tell me much, except that I'm not very good at reading code, which I already know... But the fact that the bases depend on n, rather than being fixed, is new to me. It would be interesting to see the "lucky" bases that let some of the n's "pass" so many rounds of Rabin-Miller. If the fixed base for the Fermat test had been taken to be 2 instead of 210, the list would have been much shorter. :-D Last fiddled with by Dr Sardonicus on 2019-04-10 at 13:21 |
|
|
|
|
|
2019-04-10, 16:05
|
#380 |
|
Feb 2017
Nowhere
4,643 Posts |
I found Thomas R. Nicely's page GNU GMP mpz_probab_prime_p pseudoprimes which has a few "high-order" Miller-Rabin PRP composites. It looks like order-10 and higher ones were being found as early as 2004.
|
|
|
|
|
2019-04-10, 19:04
|
#381 | |
|
"Robert Gerbicz"
Oct 2005
Hungary
22×7×53 Posts |
Quote:
Using fixed base is just dangerous, see Arnault; probably this was the reason why they are using random base, an easier case shows why we can almost eliminate the fixed base=210 for Fermat test in my search: very basic, with Fermat's little theorem and Euler's criterion: n=p*q=p*(2*p-1) n-1==0 mod (p-1) ---> 210^(n-1)==1 mod p n-1==p-1==(q-1)/2 mod (q-1) ---> 210^(n-1)==210^((q-1)/2)==(210/q) mod q so n is Fermat pseudoprime iff (210/q)=1 and this depends only on p%420 (we already know p%4=3). Note that this calculation is independent from the base and since calculation of (base/q) is faster than powmod it is better to get first these, because if (base/q)=-1 then n isn't even a Fermat pseudoprime so it can't be a strong pseudoprime for base. And you can do this with the first ten random bases (with early exit), if you want to see only order>=10. Last fiddled with by R. Gerbicz on 2019-04-10 at 19:10 Reason: grammar, typo |
|
|
|
|
|
2019-04-23, 19:15
|
#382 |
Jun 2009
22·32·19 Posts |
I am having problems uploading a certificate. It is not absurdly large (32MB unzipped) but somehow it does not work. Everything seems fine but then the upload certificate page appears again and there is no sign of the certificate being processed or even stored. I tried zipped and unzipped.
|
|
|
|
|
2019-04-23, 19:38
|
#383 |
"Ed Hall"
Dec 2009
Adirondack Mtns
11×347 Posts |
I haven't been able to send zipped certificates since the last large down-time, but I was sending individual OK. I just tried one that had already been sent and got "Number already proven." This is what I expected.
I'm using Primo 4.3.0 LX64. Edit attempt: "The server is too busy at the moment. Please try again later." fingers drumming... "The server is too busy at the moment. Please try again later." fingers drumming... "The server is too busy at the moment. Please try again later." fingers drumming... I wnet ahead and submitted a new certificate and all went as expected for unzipped. Since I haven't been able to send zipped, I didn't try this time. Last fiddled with by EdH on 2019-04-23 at 19:48 Reason: wanted to see the server busy message... |
|
|
|
|
2019-04-25, 19:25
|
#384 |
|
Jun 2009
22×32×19 Posts |
I sent it to Markus via email and he plugged it into the db seemingly without problems. I do not understand.
|
|
|
|
|
2019-04-25, 19:39
|
#385 | |
|
"Ed Hall"
Dec 2009
Adirondack Mtns
381710 Posts |
Quote:
|
|
|
|
|
 |
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| A suggestion for factordb. | enzocreti | FactorDB | 15 | 2021-06-24 07:15 |
| Extending Factordb | carpetpool | FactorDB | 6 | 2017-01-23 11:04 |
| FactorDB PRP's | smh | FactorDB | 231 | 2015-07-28 02:30 |
| bugged sequence in factordb | firejuggler | Aliquot Sequences | 2 | 2010-06-15 14:03 |
| FactorDB question | Raman | Factoring | 15 | 2010-01-28 10:24 |
