1

A composite $n=2^sd+1$ is a strong pseudoprime to base a if n satisfies either $a^d\equiv 1 \pmod n$ or $a^{2^{r}d}\equiv -1 \pmod n$ for some $0\le r\lt s$.

It can be shown that
1.By considering $m=\frac{a^{2p}-1}{a^{2}-1}$, where $p$ is an odd prime not dividing $a^{2}-1$, there are infinitely many Fermat pseudoprimes to base $a$.
2.If $n$ is a Fermat pseudoprime to base $2$ then $2^{n}-1$ is a strong pseudoprime to base $2$.

With $1$ and $2$, it is deduced that there are infinitely many strong pseudoprimes to base $2$. How can we generalize this to show that there are infinitely many strong pseudoprimes to any given base $a$?

Eberhard
  • 158
user744839
  • 35

1 Answers1

2

EDIT: I can try to tweak my original proof to make it correct, but I think it would be more illuminating to prove a stronger statement (which is where my ideas for weaker proofs would come from).

Consider the cyclotomic polynomails evaluated at $a$, $\Phi_n(a)$. We have that $\frac{\Phi_n(a)}{\gcd (n,\Phi_n(a))}$ are precisely the primes $p$ such that the multiplicative order $a$ modulo $p$ equals $n$. This is more or less by definition of cyclotomic polynomials, but can be seen for example in the proof given in Elementary Proof of Zsigmondy's Theorem.

We have from this that $\frac{\Phi_n(a)}{\gcd (n,\Phi_n(a))}\equiv 1\mod n$. Except for finitely many cases, these are greater than $1$, and thus $\frac{\Phi_n(a)}{\gcd (n,\Phi_n(a))}=2^sn+1$.

Now let $n$ be an odd number. We have that $\frac{\Phi_n(a)}{\gcd (n,\Phi_n(a))}$ is either prime or a strong pseudoprime, because $a^n\equiv 1\mod \frac{\Phi_n(a)}{\gcd (n,\Phi_n(a))}$. (because $\frac{\Phi_n(a)}{\gcd (n,\Phi_n(a))}|a^n-1$).

We can see that $\frac{\Phi_n(a)}{\gcd (n,\Phi_n(a))}$ must be infinitely often composite (this is not necessarily obvious, but is explained in more generality here (sorry I don't know of a better reference)). Thus there are infinitely many strong pseudoprimes to base $a$ (these are even stronger pseudoprimes called overpseudoprimes).

There is a slight error in my original proof below:

Let $m_a$ be a composite odd number coprime with $a$. Then $N=\frac{a^{m_a}-1}{a-1}$ is a Strong Pseudoprime base $a$.

We can show this as follows: We have that $N$ is composite because $m_a$ is composite (Zsigmondy Theorem). Then note that the multiplicative order of $a$ modulo $p$ is $m_a$. But $m_a$ is odd as given, so $a^{m_a}=1\mod N$ \sout{where $N=2^sm_a+1$, as desired.}

We can do a similar analysis to get the second option ($a^{2^rd}=-1\mod N$).

Tejas Rao
  • 1,890
  • Thanks for your valuable advice!// May I further clarify the followings 1.By Zsigmondy's theorem, there exists a prime $p$ that divides $a^{m_a}-1$ and does not divide $a^k-1$for k<$m_a$. Is the $p$ in your solution referring to this prime p?\

    2.Should we say that the multiplicative order of $a$ divides $m_a$ instead of exactly equals $m_a$?\

    3.From the Zsigmondy's theorem, we got the congruence $a^{m_a}\equiv 1 \pmod p$, how can we extend this to $a^{m_a}\equiv 1 \pmod N$?\

    4.How can N be expressed as $2^{s} m_a+1$?

     – user744839 Nov 13 '21 at 05:02
  • I use Zsigmondy's Theorem to show that $N$ is composite, because $a^d-1$ is a factor of $a^{m_a}-1$ when $d|m_a$. Also the $p$ in my solution is a typo, it should be $a$ modulo $N$, not $a$ modulo $p$; I corrected this now. 2. The multiplicative order of $a$ modulo $p$ divides $m_a$, you are right, but the multiplicative order of $a$ modulo $N$ is precisely equal to $m_a$. 3. As explained above, the $p$ was a typo, we immediately get $a^{m_a}=1\mod N$. You can see this as follows: $N|(a^{m_a}-1)/(a-1)\Longrightarrow a^{m_a}-1=0\mod N\Longrightarrow a^{m_a}=1\mod N$.
    • – Tejas Rao Nov 13 '21 at 05:42
  • Also, since $a^n-1<N$ for $n|m_a$, $n\neq m_a$, we have that $m_a$ is the multiplicative order of $a$ modulo $N$. 4. You are right, this is not immediately true; I will edit answer if I have time. – Tejas Rao Nov 13 '21 at 05:48