On the period of the linear congruential and power generators

We consider the periods of the linear congruential and the power generators modulo $n$ and, for fixed choices of initial parameters, give lower bounds that hold for ``most'' $n$ when $n$ ranges over three different sets: the set of primes, the set of products of two primes (of similar size), and the set of all integers. For most $n$ in these sets, the period is at least $n^{1/2+\epsilon(n)}$ for any monotone function $\epsilon(n)$ tending to zero as $n$ tends to infinity. Assuming the Generalized Riemann Hypothesis, for most $n$ in these sets the period is greater than $n^{1-\epsilon}$ for any $\epsilon >0$. Moreover, the period is unconditionally greater than $n^{1/2+\delta}$, for some fixed $\delta>0$, for a positive proportion of $n$ in the above mentioned sets. These bounds are related to lower bounds on the multiplicative order of an integer $e$ modulo $p-1$, modulo $\lambda(pl)$, and modulo $\lambda(m)$ where $p,l$ range over the primes, $m$ ranges over the integers, and where $\lambda(n)$ is the order of the largest cyclic subgroup of $(\Z/n\Z)^\times$.Comment: 20 pages. One of the quoted results (Theorem 23 in the previous version) is stated for any unbounded monotone function psi(x), but it appears that the proof only supports the case when psi(x) is increasing rather slowly. As a workaround, we provide a modified version of Theorem 23, and change the argument in the proof of Theorem 27 (Theorem 25 in the previous version

The iterated Carmichael \lambda-function and the number of cycles of the power generator

Iteration of the modular l-th power function f(x) = x^l (mod n) provides a common pseudorandom number generator (known as the Blum-Blum-Shub generator when l=2). The period of this pseudorandom number generator is closely related to \lambda(\lambda(n)), where \lambda(n) denotes Carmichael's function, namely the maximal multiplicative order of any integer modulo n. In this paper, we show that for almost all n, the size of \lambda(\lambda(n)) is n/exp((1+o(1))(log log n)^2 log log log n). We conjecture an analogous formula for the k-th iterate of \lambda. We deduce that for almost all n, the psuedorandom number generator described above has at least exp((1+o(1))(log log n)^2 log log log n) disjoint cycles. In addition, we show that this expression is accurate for almost all n under the assumption of the Generalized Riemann Hypothesis for Kummerian fields. We also consider the number of iterations of \lambda it takes to reduce an integer n to 1, proving that this number is less than (1+o(1))(log log n)/log 2 infinitely often and speculating that log log n is the true order of magnitude almost always.Comment: 28 page

Primitive sets with large counting functions

A set of positive integers is said to be primitive if no element of the set is a multiple of another. If $S$ is a primitive set and $S(x)$ is the number of elements of $S$ not exceeding $x$, then a result of Erd\H os implies that $\int_2^\infty (S(t)/t^2\log t) dt$ converges. We establish an approximate converse to this theorem, showing that if $F$ satisfies some mild conditions and $\int_2^\infty (F(t)/t^2\log t) dt$ converges, then there exists a primitive set $S$ with $S(x) \gg F(x)$.Comment: 7 pages. Revision includes a strengthening of Theorem 1: an upper bound for S(x) of the same order of magnitude as the lower bound is now establishe

Squarefree smooth numbers and Euclidean prime generators

We show that for each prime p > 7, every residue mod p can be represented by a squarefree number with largest prime factor at most p. We give two applications to recursive prime generators akin to the one Euclid used to prove the infinitude of primes.Comment: 8 pages, to appear in Proceedings of the AM

Deterministic elliptic curve primality proving for a special sequence of numbers

We give a deterministic algorithm that very quickly proves the primality or compositeness of the integers N in a certain sequence, using an elliptic curve E/Q with complex multiplication by the ring of integers of Q(sqrt(-7)). The algorithm uses O(log N) arithmetic operations in the ring Z/NZ, implying a bit complexity that is quasi-quadratic in log N. Notably, neither of the classical "N-1" or "N+1" primality tests apply to the integers in our sequence. We discuss how this algorithm may be applied, in combination with sieving techniques, to efficiently search for very large primes. This has allowed us to prove the primality of several integers with more than 100,000 decimal digits, the largest of which has more than a million bits in its binary representation. At the time it was found, it was the largest proven prime N for which no significant partial factorization of N-1 or N+1 is known.Comment: 16 pages, corrected a minor sign error in 5.