我在Haskell中实施了Miller Rabin测试。我试图严格遵循例如在Miller Rabin测试的维基百科条目中给出的伪代码。现在我在网上发现,对于某些证人的选择,测试是确定性的,直到某些给定的界限。我对2 ^ 64下的素数很感兴趣,所以我在这篇文章中找到了足够的界限 What witnesses do i need for Rabin-Miller test for numbers up to 10¹⁸?。但是,代码似乎适用于我测试过的大多数小素数,但对于一些较大的素数则无效。例如,我尝试了十位数的素数5915587277,测试返回false。我认为我的实施是正确的,但希望有人可以发现我犯了错误并且误解了MR测试。在此先感谢您的帮助。此外,抱歉看起来很乱。
isPrime :: Int -> Bool
isPrime n = millerRabinTest n (factorizeN (n-1))
{- factorizeN finds a number s and odd number d such that n -1 = (2^s)d by
succesively dividing n by two if it is even. -}
factorizeN :: Int -> (Int, Int)
factorizeN n = fN n 0
where
fN n s | even n = fN (n `div` 2) (s + 1)
| otherwise = (n,s)
{- this is the main function. it takes w values from a set of witnesses
and checks if n passes the test. If it doesn't, n is not prime, if it does
for all w, it is probably prime. -}
millerRabinTest :: Int -> (Int,Int) -> Bool
millerRabinTest n (d,s) = and [test n (expmod w d n) s | w <- onesToCheck]
{- this is the test that is used in the millerRabinTest function. it sees if
w^d = 1 mod n or n-1 mod n, if not it multiplies by two
and checks again for a total of s-1 times. If it is never true then the number
is not prime -}
test :: Int -> Int -> Int -> Bool
test n w s | w `elem` [1,n-1] = True
| otherwise = or [ (expmod w (2^k) n) `elem` [1,n-1]| k <- [1..s]]
{- set of witnesses that should make the Miller Rabin test deterministic if
n < 2^64. -}
onesToCheck :: [Int]
onesToCheck = [2,325,9375,28178,450775,9780504,1795265022]
{- function that calculates a^e mod n. -}
expmod :: Int -> Int -> Int -> Int
expmod a e n | e == 1 = a `mod` n
| (e `mod` 2) == 0 = (expmod ((a*a) `mod` n) (e `div` 2) n)
| otherwise = (a*(expmod ((a*a) `mod` n) (e `div` 2) n)) `mod` n
答案 0 :(得分:10)
当您计算Int时,expmod可能会在a*a中溢出Int。 Int是一个机器大小的整数,不超过64位。您应该使用Integer(任意精度整数类型)替换程序中{{1}}的某些实例。