Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Linear Sieve

Linear Sieve

Ratings: (0)|Views: 83|Likes:
Published by Arif_Cse
This is an algorithm of prime number
This is an algorithm of prime number

More info:

Published by: Arif_Cse on Aug 16, 2008
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





may be used to establish an authenticated connection tobe used conventionally. The intrinsic security require-ments of a public-key authentication server are easier tomeet than those of a conventional one, but a completeevaluation of the system problems in implementing sucha server in a real system, and the need to retain a securerecord of old public keys to guarantee future correctarbitration of old signatures may minimize this advan-tage. We conclude that the choice of technique shouldbe based on the economy and cryptographic strength ofthe encryption techniques themselves, rather than fortheir effects on protocol complexity.Finally, protocols such as those developed here areprone to extremely subtle errors that are unlikely to bedetected in normal operation. The need for techniquesto verify the correctness of such protocols is great, andwe encourage those interested in such problems to con-sider this area.
We are indebted to a number ofpeople who have read drafts of this paper and madecareful and helpful comments, notably: Peter Denning,Stockton Gaines, Jim Gray, Steve Kent, Gerry Popek,Ron Rivest, Jerry Saltzer, and Robin Walker.
Received September 1977; revised April 1978; final revision May 1978References!. Branstad, D. Security aspects of computer networks, Proc. AIAAComptr. Network Syst. Conf., April 1973, paper 73-427.2. Branstad, D. Encryption protection in computer datacommunications. Proc. Fourth Data Communications Symp., Oct.1975, pp. 8.1-8.7 (available from ACM, New York).3. DiMe, W., and Hellman, M. Multiuser CryptographicTechniques, Proc AFIPS 1976 NCC, AFIPS Press, Montvale, N.J.,pp. 109-112.4. Feistel, H. Cryptographic coding for data bank privacy. Res.Rep. RC2827, IBM T.J. Watson Res. Ctr., Yorktown Heights, N.Y.,March 1970.5. Kent, S. Encryption-based protection protocols for interactiveuser-computer communication, M.S. Th., EECS Dept., M.I.T., 1976;also available as Tech. Rep. 162, Lab. for Comptr. Sci., M.I.T.,Cambridge, Mass., 1976.6. Kent, S. Encryption-based protection for interactive user/computer communication. Proc. Fifth Data Communication Symp.,Sept. 1977, pp. 5-7-5-13 (available from ACM, New York).7. National Bureau of Standards. Data Encryption Standard. Fed.Inform. Processing Standards Pub. 46, NBS, Washington, D.C., Jan.1977.8. Pohlig, S. Algebraic and combinatoric aspects of cryptography.Tech. Rep. No. 6602-1, Stanford Electron. Labs., Stanford, Calif.,Oct. 1977.9. Rivest, R.L., et al. A method for obtaining digital signatures andpublic-key cryptosystems.
Comm. ACM 21,
2 (Feb. 1978), 120-126.999
Programming S.L. GrahamTechniques Editor
A Linear SieveAlgorithm for FindingPrime Numbers
David GriesCornell University
Jayadev Misra
University of Texas at Austin
A new algorithm is presented for finding aH primesbetween 2 and n. The algorithm executes in timeproportional to n (assuming that multiplication ofintegers not larger than n can be performed in unittime). The method has the same
arithmetic complexity
as the algorithm presented by Mairson [6]; however,our version is perhaps simpler and more elegant. It isalso easily extended to find the prime factorization ofa// integers between 2 and n in time proportional to n.Key Words and Phrases: primes, algorithms, datastructuresCR Categories: 5.25, 5.24, 5.29I. Introduction
An algorithm is presented for fmding all primesbetween 2 and n, for n _ 4, that executes in timeproportional to n. Like the sieve of Eratosthenes, it worksby removing nonprimes from the set {2 .... n}. Unlikethe sieve of Eratosthenes, no attempt is ever made toremove a nonprime that was removed earlier; this allowsus to develop a linear algorithm.The algorithm deals with sets S satisfying S C{2 .... n}. Two operations will be required on such sets:
Permission to copy without fee all or part of this material isgranted provided that the copies are not made or distributed for directcommercial advantage, the ACM copyright notice and the title of thepublication and its date appear, and notice is given that copying is bypermission of the Association for Computing Machinery. To copyotherwise, or to republish, requires a fee and/or specific permission.This research was partially supported by the National ScienceFoundation under Grants DCR75-09842 and MCS76-22360.Authors' addresses: D. Gries, Computer Science Department,Cornell University, Ithaca, NY 14853; J. Misra, Computer ScienceDepartment, University of Texas at Austin, Austin, TX 78712.© 1978 ACM 0001-0782/78/12(10-0999 $00.75Communications December 1978of Volume 21the ACM Number 12
Table I. Execution of the Algorithm for n = 27.p q S
3579I11335752 3 (~) 5 6 7 9 10 11 122 3 5 ~) 7 9 10 11 (~
23 5 7 9Oll2 3 5 7 9 112 3 5 7 9 112 3 5 7 9 112 3 5 7 9 112 3 5 7 (~) 112 3 5 7 112 3 5 7 112 3 5 7 11
13 14 15 (~ 17 18 19 20 21 22 23 24 25 26 2713 14 15 17 18 19 20 21 22 23 ~ 25 26 2713 14 15 17 18 19 ~) 21 22 23 25 26 2713 (~ 15 17 18 19 21 22 23 25 26 2713 15 17 O 19 21 22 23 25 26 2713 15 17 19 21 ~ 23 25 26 2713 15 17 19 21 23 25 ~ 2713 15 17 19 21 23 25 O13 O 17 19 21 23 2513 17 19 O 23 2513 17 19 23 O
remove(S, 0next(S, 0
is defined for i ~ S and implements S := S - {i}.is a function defined only for i E S such that there is aninteger larger than i in S; it yields the next larger integerinS.
In order to achieve linearity, the total time spentexecuting these operations must be no worse than pro-portional to n. Thus this algorithm provides an interest-ing context for a discussion of selection of data structures.2. The AlgorithmFor i ~ 2, denote by
the lowest prime that dividesi evenly. The algorithm is based on the following theo-rem.THEOREM
2. I. A nonprime x can be written uniquely
x =pk.q
where (1)p is prime, p =
(2) 1 _ k; (3)p = q orp
< lp(q).
PROOF. By the unique factorization theorem (see, forexample, LeVeque [5]), x can be written uniquely as
X ~ rtl /Ira
pl ..... pmwhere m _> 1, the pi are primes, pi < pi+l for 1 ___ i < m,and m = 1 implies
nl >
1. Hence the following yields theonly choice for/7, q, and k of the theorem:
Ifm = 1, letp =p,, q =pl, and k = nl - 1. Ifm >1, letp =p~, q =p~ ..... p~ and k = nl. []
Subsequently, we write x ---
X(P, q, k)
to denote thatx is nonprime and x = p,. q where p, q, and k have theproperties described in Theorem 2.1.A prime cannot be written as described in the theo-rem, so the algorithm to delete nonprimes from S needonly produce all combinations of (p, q, k) and delete thecorresponding nonprimes x =
X(P, q, k).
The trick is toproduce each combination exactly once, and in such anorder that the next combination can be efficiently cal-culated from the current one. For this purpose, we usethe total ordering a on nonprimes x =
X(P, q, k)
inducedby the lexicographic ordering of the corresponding triples
Let x = X(P, q, k) and 5c =X(P, ~/, k). Then
xa& ¢~ p </5
(p = ,b
q < ~)
(p = ,b
q = ~/and k < k).
Table I illustrates this ordering and at the same timedepicts how the algorithm works. The rows give succes-sive values for pairs (p, q), together with the contents ofthe set S before nonprimes with this p and q are deleted.In each row, the nonprimes x =
X(P, q, k)
to be deletedfor k = 1, 2, 3 have been circled.The algorithm uses a variable S, which initially con-tains the set {2 .... n} and from which nonprimes are tobe deleted, and integer variables p, q, k, and x used togenerate nonprirnes in the order defined by a. Theinvariant relation P used in the loop of the algorithm isgiven in Definition 2. It is not difficult to follow; condi-tions (1)-(3) describe properties of p, q, and k, condition(4) describes the properties of the value x under consid-eration for deletion, and condition (5) describes thecurrent contents of set S.
DEFINITION 2.P ~ (1)p prime, 4 _<p2 _< n;(2)p = q orp <
Ip(q);p.q <_ n;
(3) 1 _< k;(4) x =
X(P, q,
(5) S = {2 .... n} - {YlYnonprime andy a x}.The goal of the loop of the algorithm is to have Scontain only the primes in {2 .... n}. The object of eachiteration of the loop is to get us closer to this goal, whilekeeping P invariantly true. We now investigate opera-tions with this property.If x =
X(P, q, k) <_ n,
then clearly x is to be deletedfrom S, and P can be restored by executing k, x := k +
l,p.x. 1
Ifx > n, we need to determine the next nonprimey (say), according to ordering a, to be deleted from S.Remarkably enough, Lemmas 1 and 2 indicate thatunder suitable conditions
y = p. next(S, q),
so that onecan change p, q, k, x to denote the next nonprime to
'A concurrent assignment xl, x2, ... := el, e2, ... calls forconcurrent evaluation of the
followed by simultaneous assignmentof the values
to the variables
(which must be all different). See
Communications December 1978of Volume 21the ACM Number 12
delete by executing q :=
q); k, x := 1,
Similarly, Lemmas 3 and 4 state the conditions underwhich y =
next(S, p)2.
We shall prove these lemmas inSection 3.LEMMA 1.
lnvariant P implies that next(S, q) is de-fined, next(S, q) < n, and p < lp(next(S, q)). Writing y= X(P, next(S, q),
we have x a y.
Suppose (P and x > n). Write y =X(P, next(S, q),
Then no nonprime z in S satisfies x,
lnvariant P implies that next(S, p) is de-fined, next(S, p) < n, and next(S, p) is prime. Writing y= x(next(S,p), next(S,p),
we have x ay.
Suppose (P
x > n and p. next(S, q) >n). Write y = next(S, p) 2. Then no nonprime z in S satisfiesxazay.
We write Algorithm 1 using guarded commands [1].The arguments necessary to ascertain correctness will bediscussed in Section 3. Note that variable k is used onlyin assignments to itself, so that all references to it may bedeleted. It has been included only to clarify the relation-ship between p, q, and x.
{n --> 4}
1,4, {2 .... n};do
x <-- n --~ remove(S,
k,x:=k+ 1,p.xllx > n andp.next(S, q) < n ~ q
k,x:= l,p.q
l1 x > n and
p. next(S, q) > n
next(S, p)2 <_ n
--~ p :=
q,k,x:=p, l,p.pod
{S = {.y[2 --<y --< nandy prime)
Algorithm 2 is essentially the same algorithm asAlgorithm 1 but written more conventionally. We feelthat Algorithm 1 is easier to understand and provecorrect; one loop with one invariant is easier to under-stand in this instance than three nested loops with threeinvariants.
ALGORITHM 2.p, S := 2, (2 .... n};while p.p _< n do begin
q :=p;
p.q < n
do begin
x :=p.q;
while x _< n do begin
x := p.x
q := next(S, q)
p := next(S, p)
3. Showing Correctness and Linearity
In this section the proofs of Lemmas 1-4 are given.The axiomatic proof method with respect to guardedcommands [1] is also discussed and some of the detailsof the proof are given.In preparation for proving Lemmas 1 and 2, we firstprove the following.LEMMA 5.
Consider any nonprime z = X(P, ?t, fc). Wehave (P
x a z
~ <_ n) implies ?t E S.
PROOF. If ~ (_n) is prime it is in S. Suppose ~ isnonprime. From x a z and the decompositions of x andz we deduce
lp(x) = p <_ p < lp(~)
so that x a ~. Fromthe definition of S and x a ~ we deduce ~ E S. []Our proofs of Lemmas 1 and 2 rest on the remarkablefact that for any positive integer i > I there is a prime vsatisfying i < v < 2i. 2PROOF OF LEnA 1. Let v be a prime satisfyingq < v < 2.q. From P we conclude
p <_ q < next(S, q) < v < 2. q < p. q < n
and hence
next(S, q) < n.
Secondly, no nonprime in Shas a divisor less than p, so that
p < lp(next(S, q)).
Toshow that
p # lp(next(S, q)),
consider the fact that anynonprime z =
X(P, ~t, f~) in S
must have q _ ~. Hence thesmallest such nonprime z that may be in S is
next(S, q) < p.q, next(S, q)
cannot be a nonprime with
p = lp(next(S, q)).
Hence p <
lp(next(S, q)).
The relation x a y =
X(P, next(S, q),
1) follows immediately.PROOF OF LEMMA 2. From x =
X(P, q, k) > n
Y = X(P, next(S, q),
1), we see that a z in S satisfying xa z a y would have a decomposition z =
X(P, ?t, k)
q < ?t < next(S, q).
But ~ would not be in S, contradictingLemma 5.PROOF OF LEMMA 3. Let v be a prime satisfyingp < v < 2.p. From P we have
p < next(S,p) <-- v < 2.p <--p2 <_ n
next(S, p) < n.
Secondly, no nonprime in S has adivisor less than p, so that for all nonprimes z E S wehave p2 _< z. Since
next(S, p) < p2, next(S, p)
must beprime. The fact
x a y -- x(next(S, p), next(S, p),
1)follows immediately.PROOF OF LEMMA 4. This is similar to the proof ofLemma 2 and is left to the reader.We now discuss the proof method and give somedetails. The main part of Algorithm 1 is a loop of theform
do B1 ~
SL1 II B2 ~ SL2 II B3 ~ SL3 od
Showing correctness involves exhibiting an invariant P(ours is given in Definition 2) and an integer function t,and showing that the following hold:
2 As might be imagined, this is difficult to prove. J. Bertrandconjectured this fact in 1845, after showing empirically that it was truefor i _< 106. Chebyshev proved the conjecture in 1850 (see [5] fordetails). Our first draft of a proof and algorithm did not rely on thisfact at all. It used weaker lemmas with more complicated proofs andrequired the additional element n + 1 to be in S so that
next(S, i)
would be sure to be defined. For example, the original Lemma l read:
Let y = p.next(S, q). Suppose P
x > n. Then either next(S, q) = n
+ 1;
ory = X(P, next (S, q),
1) and x cxy.!001Communications December 1978of Volume 21the ACM Number 12

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->