The Lucas test for primes. #

THIS FILE IS SYNCHRONIZED WITH MATHLIB4. Any changes to this file require a corresponding PR to mathlib4.

This file implements the Lucas test for primes (not to be confused with the Lucas-Lehmer test for Mersenne primes). A number a witnesses that n is prime if a has order n-1 in the multiplicative group of integers mod n. This is checked by verifying that a^(n-1) = 1 (mod n) and a^d ≠ 1 (mod n) for any divisor d | n - 1. This test is the basis of the Pratt primality certificate.

TODO #

Bonus: Show the reverse implication i.e. if a number is prime then it has a Lucas witness. Use units.is_cyclic from ring_theory/integral_domain to show the group is cyclic.
Write a tactic that uses this theorem to generate Pratt primality certificates
Integrate Pratt primality certificates into the norm_num primality verifier

Implementation notes #

Note that the proof for lucas_primality relies on analyzing the multiplicative group modulo p. Despite this, the theorem still holds vacuously for p = 0 and p = 1: In these cases, we can take q to be any prime and see that hd does not hold, since a^((p-1)/q) reduces to 1.

source

theorem lucas_primality (p : ℕ) (a : zmod p) (ha : a ^ (p - 1) = 1) (hd : ∀ (q : ℕ), nat.prime q → q ∣ p - 1 → a ^ ((p - 1) / q) ≠ 1) :

nat.prime p

If a^(p-1) = 1 mod p, but a^((p-1)/q) ≠ 1 mod p for all prime factors q of p-1, then p is prime. This is true because a has order p-1 in the multiplicative group mod p, so this group must itself have order p-1, which only happens when p is prime.