Fermat pseudoprime

In number theory, the Fermat pseudoprimes make up the most important class of pseudoprimes that come from Fermat's little theorem.

Definition

Fermat's little theorem states that if ''p'' is prime and ''a'' is coprime to ''p'', then ''a''^''p''−1 − 1 is divisible by ''p''. For an integer ''a'' > 1, if a composite integer ''x'' divides ''a''^''x''−1 − 1, then ''x'' is called a Fermat pseudoprime to base ''a''.

In other words, a composite integer is a Fermat pseudoprime to base ''a'' if it successfully passes the Fermat primality test for the base ''a''. The false statement that all numbers that pass the Fermat primality test for base 2, are prime, is called the Chinese hypothesis.

The smallest base-2 Fermat pseudoprime is 341. It is not a prime, since it equals 11·31, but it satisfies Fermat's little theorem: 2³⁴⁰ ≡ 1 (mod 341) and thus passes the
Fermat primality test for the base 2.

Pseudoprimes to base 2 are sometimes called Sarrus numbers, after P. F. Sarrus who discovered that 341 has this property, Poulet numbers, after P. Poulet who made a table of such numbers, or Fermatians .

A Fermat pseudoprime is often called a pseudoprime, with the modifier Fermat being understood.

An integer ''x'' that is a Fermat pseudoprime for all values of ''a'' that are coprime to ''x'' is called a Carmichael number.

Properties

Distribution

There are infinitely many pseudoprimes to any given base ''a'' > 1. In 1904, Cipolla showed how to produce an infinite number of pseudoprimes base ''a'' > 1: Let ''p'' be any odd prime that does not divide ''a''² - 1. Let ''A'' = (''a''^''p'' - 1)/(''a'' - 1) and let ''B'' = (''a''^''p'' + 1)/(''a'' + 1). Then ''n'' = ''AB'' is composite, and is a pseudoprime to base ''a''. For example, if ''a'' = 2 and ''p'' = 5, then ''A'' = 31, ''B'' = 11, and ''n'' = 341 is a pseudoprime to base 2.

In fact, there are infinitely many strong pseudoprimes to any base greater than 1 (see Theorem 1 of
) and infinitely many Carmichael numbers, but they are comparatively rare. There are three pseudoprimes to base 2 below 1000, 245 below one million, and 21853 less than 25·10⁹. There are 4842 strong pseudoprimes base 2 and 2163 Carmichael numbers below this limit (see Table 1 of ).

Starting at 17·257, the product of consecutive Fermat numbers is a base-2 pseudoprime, and so are all Fermat composites and Mersenne composites.

Factorizations

The factorizations of the 60 Poulet numbers up to 60787, including 13 Carmichael numbers (in bold), are in the following table.

A Poulet number all of whose divisors ''d'' divide 2^''d'' − 2 is called a super-Poulet number. There are infinitely many Poulet numbers which are not super-Poulet Numbers.

Smallest Fermat pseudoprimes

The smallest pseudoprime for each base ''a'' ≤ 200 is given in the following table; the colors mark the number of prime factors. Unlike in the definition at the start of the article, pseudoprimes below ''a'' are excluded in the table. (For that to allow pseudoprimes below ''a'', see )

List of Fermat pseudoprimes in fixed base ''n''

For more information (base 31 to 100), see to , and for all bases up to 150, se
table of Fermat pseudoprimes (text in German)
this page does not define ''n'' is a pseudoprime to a base congruent to 1 or -1 (mod ''n'')

Which bases ''b'' make ''n'' a Fermat pseudoprime?

If composite $n$ is even, then $n$ is a Fermat pseudoprime to the trivial base $b \equiv 1 \pmod n$.
If composite $n$ is odd, then $n$ is a Fermat pseudoprime to the trivial bases $b \equiv \pm 1 \pmod n$.

For any composite $n$, the ''number'' of distinct bases $b$ modulo $n$, for which $n$ is a Fermat pseudoprime base $b$, is

:$\prod_^k \gcd(p_i - 1, n - 1)$
where $p_1, \dots, p_k$ are the distinct prime factors of $n$. This includes the trivial bases.

For example, for $n = 341 = 11 \cdot 31$, this product is $\gcd(10, 340) \cdot \gcd(30, 340) = 100$. For $n = 341$, the smallest such nontrivial base is $b = 2$.

Every odd composite $n$ is a Fermat pseudoprime to at least two nontrivial bases modulo $n$ unless $n$ is a power of 3.

For composite ''n'' < 200, the following is a table of all bases ''b'' < ''n'' which ''n'' is a Fermat pseudoprime. If a composite number ''n'' is not in the table (or ''n'' is in the sequence ), then ''n'' is a pseudoprime only to the trivial base 1 modulo ''n''.

For more information (''n'' = 201 to 5000), see, this page does not define ''n'' is a pseudoprime to a base congruent to 1 or -1 (mod ''n''). When ''p'' is a prime, ''p''² is a Fermat pseudoprime to base ''b'' if and only if ''p'' is a Wieferich prime to base ''b''. For example, 1093² = 1194649 is a Fermat pseudoprime to base 2, and 11² = 121 is a Fermat pseudoprime to base 3.

The number of the values of ''b'' for ''n'' are (For ''n'' prime, the number of the values of ''b'' must be ''n'' - 1, since all ''b'' satisfy the Fermat little theorem)
:1, 1, 2, 1, 4, 1, 6, 1, 2, 1, 10, 1, 12, 1, 4, 1, 16, 1, 18, 1, 4, 1, 22, 1, 4, 1, 2, 3, 28, 1, 30, 1, 4, 1, 4, 1, 36, 1, 4, 1, 40, 1, 42, 1, 8, 1, 46, 1, 6, 1, ...

The least base ''b'' > 1 which ''n'' is a pseudoprime to base ''b'' (or prime number) are
:2, 3, 2, 5, 2, 7, 2, 9, 8, 11, 2, 13, 2, 15, 4, 17, 2, 19, 2, 21, 8, 23, 2, 25, 7, 27, 26, 9, 2, 31, 2, 33, 10, 35, 6, 37, 2, 39, 14, 41, 2, 43, 2, 45, 8, 47, 2, 49, 18, 51, ...

The number of the values of ''b'' for ''n'' must divides $\varphi$(''n''), or (''n'') = 1, 1, 2, 2, 4, 2, 6, 4, 6, 4, 10, 4, 12, 6, 8, 8, 16, 6, 18, 8, 12, 10, 22, 8, 20, 12, 18, 12, 28, 8, 30, 16, 20, 16, 24, 12, 36, 18, 24, 16, 40, 12, 42, 20, 24, 22, 46, 16, 42, 20, ... (The quotient can be any natural number, and the quotient = 1 if and only if ''n'' is a prime or a Carmichael number (561, 1105, 1729, 2465, 2821, 6601, 8911, 10585, 15841, ... ), the quotient = 2 if and only if ''n'' is in the sequence: 4, 6, 15, 91, 703, 1891, 2701, 11305, 12403, 13981, 18721, ... )

The least number with ''n'' values of ''b'' are (or 0 if no such number exists)
:1, 3, 28, 5, 66, 7, 232, 45, 190, 11, 276, 13, 1106, 0, 286, 17, 1854, 19, 3820, 891, 2752, 23, 1128, 595, 2046, 0, 532, 29, 1770, 31, 9952, 425, 1288, 0, 2486, 37, 8474, 0, 742, 41, 3486, 43, 7612, 5589, 2356, 47, 13584, 325, 9850, 0, ... (if and only if ''n'' is even and not totient of squarefree number, then the ''n''th term of this sequence is 0)

Weak pseudoprimes

A composite number ''n'' which satisfy that $b^n \equiv b \pmod n$ is called weak pseudoprime to base ''b''. A pseudoprime to base a (under the usual definition) satisfies this condition. Conversely, a weak pseudoprime that is coprime with the base is a pseudoprime in the usual sense, otherwise this may or may not be the case. The least weak pseudoprime to base ''b'' = 1, 2, ... are:
:4, 341, 6, 4, 4, 6, 6, 4, 4, 6, 10, 4, 4, 14, 6, 4, 4, 6, 6, 4, 4, 6, 22, 4, 4, 9, 6, 4, 4, 6, 6, 4, 4, 6, 9, 4, 4, 38, 6, 4, 4, 6, 6, 4, 4, 6, 46, 4, 4, 10, ...

All terms are less than or equal to the smallest Carmichael number, 561. Except for 561, only semiprimes can occur in the above sequence, but not all semiprimes less than 561 occur, a semiprime ''pq'' (''p'' ≤ ''q'') less than 561 occurs in the above sequences if and only if ''p'' − 1 divides ''q'' − 1. (see ) Besides, the smallest pseudoprime to base ''n'' (also not necessary exceeding ''n'') () is also usually semiprime, the first counterexample is (648) = 385 = 5 × 7 × 11.

If we require ''n'' > ''b'', they are (for ''b'' = 1, 2, ...)
:4, 341, 6, 6, 10, 10, 14, 9, 12, 15, 15, 22, 21, 15, 21, 20, 34, 25, 38, 21, 28, 33, 33, 25, 28, 27, 39, 36, 35, 49, 49, 33, 44, 35, 45, 42, 45, 39, 57, 52, 82, 66, 77, 45, 55, 69, 65, 49, 56, 51, ...

Carmichael numbers are weak pseudoprimes to all bases.

The smallest even weak pseudoprime in base 2 is 161038 (see ).

Euler–Jacobi pseudoprimes

Another approach is to use more refined notions of pseudoprimality, e.g. strong pseudoprimes or Euler–Jacobi pseudoprimes, for which there are no analogues of Carmichael numbers. This leads to probabilistic algorithms such as the Solovay–Strassen primality test, the Baillie–PSW primality test, and the Miller–Rabin primality test, which produce what are known as industrial-grade primes. Industrial-grade primes are integers for which primality has not been "certified" (i.e. rigorously proven), but have undergone a test such as the Miller–Rabin test which has nonzero, but arbitrarily low, probability of failure.

Applications

The rarity of such pseudoprimes has important practical implications. For example, public-key cryptography algorithms such as RSA require the ability to quickly find large primes. The usual algorithm to generate prime numbers is to generate random odd numbers and test them for primality. However, deterministic primality tests are slow. If the user is willing to tolerate an arbitrarily small chance that the number found is not a prime number but a pseudoprime, it is possible to use the much faster and simpler Fermat primality test.

References

External links

*W. F. Galway and Jan Feitsma
Tables of pseudoprimes to base 2 and related data
(comprehensive list of all pseudoprimes to base 2 below 2⁶⁴, including factorization, strong pseudoprimes, and Carmichael numbers)

{{Pierre de Fermat

Pseudoprimes
Asymmetric-key algorithms