DETERMINING PRIMITIVE ROOTS by Christoph and John C. Witzgall September 15, 2015.

DETERMININGPRIMITIVE ROOTS

byChristoph and John C. Witzgall

September 15, 2015

REDUCTION MODULO P>0For P > 0 , any integer X may be represented as

X = S×P + r, 0 ≤ r < P,with r the

remainder of X modulo P

and S the value of integer (“long”) division of X by P. We say that X is reduced to r modulo P.

ARITHMETIC MODULO P>0

The reduction process is used to define the arithmetic modulo P.

For remainders a, b between 0 and P-1, the operations

a + b, a - b, a×bare evaluated using their integer face value, if necessary, reducing the results modulo P.

THE GROUP GP

For P a prime, the remainders,

1, 2, 3, … , P–1

under multiplication modulo P form the group,

GP

our subject of interest.

CYCLES MODULO 71

CYCLES MODULO 7

1 2

CYCLES MODULO 7

1 2 4

CYCLES MODULO 7

1 2 4 8 -7

CYCLES MODULO 7

1 2 4 1

CYCLES MODULO 7

1 2 4 1 2

CYCLES MODULO 7

1 2 4 1 2 4

CYCLES MODULO 7

1 2 4 1 2 4 8 -7

CYCLES MODULO 7

1 2 4 1 2 4 1 . . .

CYCLES MODULO 7

(1 2 4)1

CYCLES MODULO 7

(1 2 4)1 3

CYCLES MODULO 7

(1 2 4)1 3 9 -7

CYCLES MODULO 7

(1 2 4)1 3 2

CYCLES MODULO 7

(1 2 4)1 3 2 6

CYCLES MODULO 7

(1 2 4)1 3 2 6 18 -14

CYCLES MODULO 7

(1 2 4)1 3 2 6 4

CYCLES MODULO 7

(1 2 4)1 3 2 6 4 12 -7

CYCLES MODULO 7

(1 2 4)1 3 2 6 4 5

CYCLES MODULO 7

(1 2 4)1 3 2 6 4 5 15 -14

CYCLES MODULO 7

(1 2 4)1 3 2 6 4 5 1

CYCLES MODULO 7

C(2) = (1 2 4)C(3) = (1 3 2 6 5) 3 = primitive rootC(4) = (1 4 2)C(5) = (1 5 6 2 3) 5 = primitive rootC(6) = (1 6)

GROUPS

Groups considered here are finite and abelian. The notation

|G| = “order of G”Means “number of elements.” Fundamentally,

(2) N = |G| => aN = 1 for a Є G H G => |H| divides |G|⊆

CYCLESThe cycle

C(a) = (1, a, a2, … , aN-1), aN = 1,encapsulates the period of a sequence of consecu-tive powers of an element a Є G.

(3) N = |C(a)|, aR = 1 => N|R

The entries in C(a) form a group. Such groups, generated by a single element are called cyclic.

SUBCYCLES Suppose N = ǀC(a)ǀ, KǀN, M = N/K. Then

C(aK ) = (1 aK a2K … ) is a subcycle of C(a). Its length is given by (4) Proposition: |C(aK )| = N/K = M

Proof: aKM = aN = 1. If aKJ = 1 for 0 < J ≤ Mthen N|KJ. Thus M|J, so that J = M.

SPREADS

Subgroups H1, H2 G together ⊂

generate what we call their

spread H1 ᴗ H2

Spread

H1 H2

Inter section

ORDERS OF SPREADS

For subgroups H1, H2 of abelian group G:

Theorem: |H1 ∩ H2| × |H1 H∪ 2| = |H1|×|H2|

Proof: H1×H2, |H1×H2| = |H1|×|H2|, the group of

pairs (a, b); a Є H1, b Є H₂, (a₁ b₁)×(a₂ b₂) = (a₁b₁ a₂b₂).

Φ(a₁ a₂) = a₁×a₂ is a homomorphism onto H1 H∪ 2.

Φ-1(1) isomorphic to H1 ∩ H2 : |Φ-1 (1)| = |H1 ∩ H2|

|H1 H∪ 1| = = =

COROLLARY

By (2), |H1 ∩ H2|is a common divisor of |H1|,|H2| .

Thus |H1 ∩ H2| divides gcd(|H1|,|H2|).

H1,H2 relatively prime <=> gcd(|H1|,|H2|)=1:

|H1 ∩ H2|= 1

(5) gcd(|H1|,|H2|)=1=>

|H1 H∪ 2|= |

PRIMITIVE ROOTS

(6) Primitive Root Theorem: Gp is cyclic

This means that Gp may be generated by

a single one of its elements. Each such generator is a primitive root of P. We propose:• A constructive proof based on prime

factorization of P-1• An algorithm for computing primitive roots.

APPROACHIn what follows, we aim to prove the

(7) Theorem: The spread of two cycles C(a) and C(b) in GP is cyclic

by characterizing a generator x Є GP :

__

C(a) C(b) = C(x) ∪

Successively collapsing pairs of cycles into single ones then yields a primitive root.

RELATIVELY PRIME CYCLES

We call cycles C(a), C(b) in group G relatively prime if ǀC(a)ǀ, ǀC(b)ǀ are relatively prime.

(8) Theorem: The spread of relatively prime cycles C(a) and C(b) is cyclic:

C(a) C(b) = C(a∪ ×b).

(Proof after the next slide.)

CONVENTION

For what follows in this presentation, we are using the notation

A = | C(a)| , B = | C(b)|

for the orders of cycles C(a) and C(b).

PROOF OF THEOREM (8)By (5) and (1), |C(a) C(b)| = A∪ ×B = lcm (A, B).

For M > 0: (a×b)M = 1 <=> aM = (bM ) -1 Є C(a) ∩ C(b) <=> aM = b M = 1 <=> A|M and B|M by (3)In other words, the exponent

M = lcm(A, B) = A×B is the smallest positive exponent with (a×b)M = 1. Thus C(a) C(b) = C (a×b).∪

CYCLES MODULO 11C(2) = (1 2 4 8 5 10 9 7 3 6)C(3) = (1 3 9 5 4) C(4) = (1 4 5 9 3)C(5) = (1 5 3 4 9)C(6) = (1 6 3 7 9 10 5 8 4 2)C(7) = (1 7 5 2 3 10 4 6 9 8)C(8) = (1 8 9 6 4 10 3 2 5 7)C(9) = (1 9 4 3 5)C(10) = ( 1 10)

Cycles of equal lengths have the same elements.

LAGRANGE (9) Theorem: In group G P , all cycles of equal

order contain the same set of elements.

Proof: M = ǀC(a)ǀ implies by (2) that

xM – 1 = 0 for x C(a).

By Lagrange's theorem, a polynomial of degree M has at most M distinct roots. As C(a) already has M distinct elements, there is no other group.

SEPARATION

We call U|A and V|B separators of A and B if

(11) ( i) lcm(A/U, B/V) = lcm(A, B) ( ii) gcd(A/U, B/V) = 1

(12) Theorem: If U and V separate A and B, C(a) C(b) = C(a∪ U × bV).

SEPARATOR PRODUCT

(13) Proposition: If U, V are separators of A, B,

U×V = gcd(A, B)

Proof: By (1) and (11),

U×V = =

=

FACTORIZATION

A = 120 B = 1260The prime factors involved in both are

2, 3, 5, 7Prime factorizations of A and B:

A = 120 = 8 × 3 × 5 × 1 B = 1260 = 4 × 9 × 5 × 7

lcm(A, B) = 8 × 9 × 5 × 7 gcd(A, B) = 4 × 3 × 5 × 1

THE GIST

A= 120 = 8 × 3 × 5 × 1 8 × 1 × 5 × 1 = 40 =A/U B=1260 = 4 × 9 × 5 × 7 1 × 9 × 1 × 7 = 63 =B/V

U = 3 × 1 = 3, V = 4 × 5 = 20

Reducing the factors of lower multiplicity to 0 leaves lcm(A, B) unchanged, while reducing A by U and B by V, effecting separation.

Stepwise Separation

We call W > 1 a partial separator of A,B if

(13) gcd(A, B/W) = gcd(A, B)/W

By (1) lcm(A, B) remains unchanged,

lcm(A, B/W) = = = lcm(A,B),

while gcd(A, B) is reduced.

CUMULATIVE MULTIPLICATION

The following is at the heart of stepwise separation:

(14)

Proposition: If W1 is a partial separator for A, B, and W2 is one for A, B/W1 , then

W1 W2

is a partial separator for A, B, too.

Proof: gcd(A, B/(W1W2 )) = gcd(A, B/W1 )/W2

= gcd(A, B)/(W1W2)).

PARTIAL SEPARATOR

(15) Theorem: With C = gcd(A, B),W = gcd(A/C, C) > 1

is a partial separator of A, B.

Proof: In view of (14), it suffices to show that any prime divisor Q|W is a partial separator of A, B. The multiplicity, mult(Q|A), of Q in A exceeds mult(Q|C). Then

gcd(Q, B/C) ≤ gcd(A/C, B/C) = 1,Implies gcd(Q, B/C) = 1 so that

mult(Q|B) = mult(Q|C) < mult (Q|A). Thus gcd(A, B/Q) = gcd(A, B)/Q.

TERMINATION(16) Theorem: If C = gcd(A, B), and W = gcd(A/C, C) = 1 then there are full separators U = C, and V = 1.

Proof: gcd(A/C) = 1 implies that the division by C removes from A all divisors common with B. Thus gcd(A/C, B) = 1 = gcd(A/U, B/V), so that

lcm(A/U, B/V) = lcm(A/C, B) = (AB)/C = lcm(A, B)

U = C and V = 1 thus meet conditions (11).

EXAMPLEWe revisit the 1. A = 120, B = 1260 C = gcd(A, B) = 60, A/C = 2 W = gcd(A/C, C) = gcd(2,60) = 22. A = 120, B = (B/2) = 630 C = gcd(A, B) = 30, A/C = 4 W = gcd(A/C, C) = gcd(4,30) = 23. A = 120, B = (B/2) = 315 C = gcd(A, B) = 15, A/C = 8 W = gcd(A/C, C) = gcd(8, 315) = 1

4. U = C = 15, V = 2 × 2 = 4

SEPARATION ALGORITHM

Given: integer A, B > 0; Wanted: separators U,V.Step 1: 1 → V, gcd(A, B) → CStep 2: If C = 1 → step 7Step 3: A/C → XStep 4: gcd (X, C) → WStep 5: If W = 1 → step 7Step 6: V×W → V, C/W → C, X×W → X, → step 4Step 7: C → U, → terminate

NUMBERS

• 1228 primes ≤ 10,000 primitive roots calculated

• 24% separation required

• 470 instances of primitive root = 2

Copies of this Power Point are available at the following link http://math.nist.gov/mcsd/Seminars/2015/2015-09-15-Witzgall.html

THANK YOU FOR COMING!

http://math.nist.gov/mcsd/Seminars/2015/2015-09-15-Witzgall.html

http://math.nist.gov/mcsd/Seminars/2015/2015-09-15-Witzgall.html

DETERMINING PRIMITIVE ROOTS by Christoph and John C. Witzgall September 15, 2015.

Documents

Transcript of DETERMINING PRIMITIVE ROOTS by Christoph and John C. Witzgall September 15, 2015.