- #1
Playdo
- 88
- 0
[Note: P and p throughout are probabilities]
Fact: The hypergeometric distribution is the precise probability of crawing from a dichotomous (S-F) population without replacement.
A family of probabilistic sieves can be constructed using this fact as follows.
Step 1: Suppose we know all of the primes less than the root of some natural number N given by [itex]\pi(\sqrt{N})[/itex].
Step 2: Draw at random one prime from this set to be tested as a factor of N. If there are M divisors of N below it's square root (N is composite) the probability of getting a divisor on the first draw is given by
(1) [tex]P(X=1)=h(1,1,M,\pi(\sqrt(N))) = \frac{C(M,1)C(\pi(\sqrt(N)),0)}{C(\pi(\sqrt(N)),1)}[/itex]
Where C(x,y) is the number of combinations of size y that can be taken from x.
Generalize 1: Generalize this to sample size n by using n draws without replacement and get
(2) [tex]P(X>1)=\sum_{x=1}^nh(1,n,M,\pi(\sqrt(N)))[/itex]
Generalize 2: Use parallel processing by partitioning the set of primes less that root N to two computers (S1 and S2) where S1 is given the whole set minus one prime peculiar to S2, and S2 is given the whole set minus one prime peculiar to S1. The probability of finding a divisor is then
(3) [tex]P_{S1}(X>1)+P_{S2}(X>1)=\sum_{x=1}^nh(1,n,M,\pi(\sqrt(N))-1)+\sum_{x=1}^nh(1,n,M,\pi(\sqrt(N))-1)[/itex]
Another discrete ditribution that can be used to try to maximize likelihood of findin a divisor on a random search is the negative binomial distribution. In this case we start with the set of primes less than root N and assume there are M divisors in this set (N is not prime). Now after each trial we replace the number we removed and draw again at random. The negative binomial distribution gives the probability that we will find a divisor in n trials.
(4) [tex]nb(x;r,p)=C(x+r-1,r-1)p^r(1-p)^x[/tex]
Applying this to our problem where [itex]p = \frac{M}{\pi(\sqrt(N))}[/itex] and r = 1 and x is the number of failures (non-divisors) that proceed the first success (finding a divisor). We are only looking for one success, we get
(5) [tex]nb(x;1,\frac{M}{\pi(\sqrt(N))})=C(x,0)\frac{M}{\pi(\sqrt(N))}(1-\frac{M}{\pi(\sqrt(N))})^x[/tex]
This is intuitive in that the probability of getting x falses before finding the first divisor decreases if there are more divisors (M) below root N.
Now that (barring any mistakes on the details) describes a method for using a simple draw and replace or draw without replacement process for finding divisors of N. But it utilizes prior knowledge of the set of primes less than root N. We can get around that somewhat by using modular sieves to produce proxy sets. For example using base six, you first have to clear the register byshowing that N is realtively prime to six, but then for 36<N<49 the primes less than root N are proxied well by the set {1,5}.
We will never know the number of divisors less than root N but there are ways of estimating size and number of divisors. But even without that we can look at the discrete distributions given above and choose experiments that have the best chance of finding a divisor in the shortest number of steps.
Philosophically it is interesting that these discrete distributions get used all the time to model real world phenomena. Furthermore I skipped the binomial experiment which is also possibly useful here and that distribution limits out as a Poisson. In fact the condition for that limit is that
(6) [tex] b(x;n,p) -> p(x;\lambda) [/tex]
if n-> infinity and p->0 in such a way that np = lambda
Well in the above experiments n does go to infinity as N goes to infinity and if we are using replacement (we must for this set up) the probability p of success in finding a divisor during any trial is precisely [itex]\frac{M}{\pi(\sqrt(N))}[/itex]. So the product
(7) [tex] P(X=1)=b(1;n,p)=C(n,1)p(1-p)^{n-1}=np(1-p)^{n-1}[/tex]
(8) [tex] P(X=1) = frac{nM}{\pi(\sqrt(N))}(1-\frac{M}{\pi(\sqrt(N))})^{n-1}[/tex]
The Poisson approximation requires
(9) [tex]\lim_{n /rightarrow {\infinity}}\lim_{p\rightarrow 0}{frac{M}{\pi(\sqrt(N))}=\lambda>0[/tex]
Is there a way within the context that we could allow the limit to proceed in this manner? Suppose that we know there is only one divisor less than the square root of N ( Some RSA numbers are like this) then w have
(10) [tex] p = \frac{1}{\pi(\sqrt(N))}[/tex]
This clear goes to zero as N goes to infinity. Then since [itex]n\leq\pi(\sqrt(N))[/itex]
(11) [tex] np = \frac{n}{\pi(\sqrt(N))}\leq\frac{\pi(\sqrt(N))}{\pi(\sqrt(N))}=1[/tex]
So there is a lambda that works and we could say that the binomial distributions limit out at a Poisson distribution with lambda less than one.
This limiting distribution must be related to the prime number theorem in some way.
The distribution is
(12) [tex]p(x;\lambda*)<p(x;1)=\frac{e^{-1}}{x!}[/tex]
lambda* must be a fundamental constant describing the distribution of primes.
Fact: The hypergeometric distribution is the precise probability of crawing from a dichotomous (S-F) population without replacement.
A family of probabilistic sieves can be constructed using this fact as follows.
Step 1: Suppose we know all of the primes less than the root of some natural number N given by [itex]\pi(\sqrt{N})[/itex].
Step 2: Draw at random one prime from this set to be tested as a factor of N. If there are M divisors of N below it's square root (N is composite) the probability of getting a divisor on the first draw is given by
(1) [tex]P(X=1)=h(1,1,M,\pi(\sqrt(N))) = \frac{C(M,1)C(\pi(\sqrt(N)),0)}{C(\pi(\sqrt(N)),1)}[/itex]
Where C(x,y) is the number of combinations of size y that can be taken from x.
Generalize 1: Generalize this to sample size n by using n draws without replacement and get
(2) [tex]P(X>1)=\sum_{x=1}^nh(1,n,M,\pi(\sqrt(N)))[/itex]
Generalize 2: Use parallel processing by partitioning the set of primes less that root N to two computers (S1 and S2) where S1 is given the whole set minus one prime peculiar to S2, and S2 is given the whole set minus one prime peculiar to S1. The probability of finding a divisor is then
(3) [tex]P_{S1}(X>1)+P_{S2}(X>1)=\sum_{x=1}^nh(1,n,M,\pi(\sqrt(N))-1)+\sum_{x=1}^nh(1,n,M,\pi(\sqrt(N))-1)[/itex]
Another discrete ditribution that can be used to try to maximize likelihood of findin a divisor on a random search is the negative binomial distribution. In this case we start with the set of primes less than root N and assume there are M divisors in this set (N is not prime). Now after each trial we replace the number we removed and draw again at random. The negative binomial distribution gives the probability that we will find a divisor in n trials.
(4) [tex]nb(x;r,p)=C(x+r-1,r-1)p^r(1-p)^x[/tex]
Applying this to our problem where [itex]p = \frac{M}{\pi(\sqrt(N))}[/itex] and r = 1 and x is the number of failures (non-divisors) that proceed the first success (finding a divisor). We are only looking for one success, we get
(5) [tex]nb(x;1,\frac{M}{\pi(\sqrt(N))})=C(x,0)\frac{M}{\pi(\sqrt(N))}(1-\frac{M}{\pi(\sqrt(N))})^x[/tex]
This is intuitive in that the probability of getting x falses before finding the first divisor decreases if there are more divisors (M) below root N.
Now that (barring any mistakes on the details) describes a method for using a simple draw and replace or draw without replacement process for finding divisors of N. But it utilizes prior knowledge of the set of primes less than root N. We can get around that somewhat by using modular sieves to produce proxy sets. For example using base six, you first have to clear the register byshowing that N is realtively prime to six, but then for 36<N<49 the primes less than root N are proxied well by the set {1,5}.
We will never know the number of divisors less than root N but there are ways of estimating size and number of divisors. But even without that we can look at the discrete distributions given above and choose experiments that have the best chance of finding a divisor in the shortest number of steps.
Philosophically it is interesting that these discrete distributions get used all the time to model real world phenomena. Furthermore I skipped the binomial experiment which is also possibly useful here and that distribution limits out as a Poisson. In fact the condition for that limit is that
(6) [tex] b(x;n,p) -> p(x;\lambda) [/tex]
if n-> infinity and p->0 in such a way that np = lambda
Well in the above experiments n does go to infinity as N goes to infinity and if we are using replacement (we must for this set up) the probability p of success in finding a divisor during any trial is precisely [itex]\frac{M}{\pi(\sqrt(N))}[/itex]. So the product
(7) [tex] P(X=1)=b(1;n,p)=C(n,1)p(1-p)^{n-1}=np(1-p)^{n-1}[/tex]
(8) [tex] P(X=1) = frac{nM}{\pi(\sqrt(N))}(1-\frac{M}{\pi(\sqrt(N))})^{n-1}[/tex]
The Poisson approximation requires
(9) [tex]\lim_{n /rightarrow {\infinity}}\lim_{p\rightarrow 0}{frac{M}{\pi(\sqrt(N))}=\lambda>0[/tex]
Is there a way within the context that we could allow the limit to proceed in this manner? Suppose that we know there is only one divisor less than the square root of N ( Some RSA numbers are like this) then w have
(10) [tex] p = \frac{1}{\pi(\sqrt(N))}[/tex]
This clear goes to zero as N goes to infinity. Then since [itex]n\leq\pi(\sqrt(N))[/itex]
(11) [tex] np = \frac{n}{\pi(\sqrt(N))}\leq\frac{\pi(\sqrt(N))}{\pi(\sqrt(N))}=1[/tex]
So there is a lambda that works and we could say that the binomial distributions limit out at a Poisson distribution with lambda less than one.
This limiting distribution must be related to the prime number theorem in some way.
The distribution is
(12) [tex]p(x;\lambda*)<p(x;1)=\frac{e^{-1}}{x!}[/tex]
lambda* must be a fundamental constant describing the distribution of primes.
Last edited:
