factor/basis/math/miller-rabin/miller-rabin.factor

! Copyright (C) 2008 Doug Coleman.
! See http://factorcode.org/license.txt for BSD license.
USING: combinators kernel locals math math.functions math.ranges
random sequences sets combinators.short-circuit math.bitwise
math math.order ;
IN: math.miller-rabin

<PRIVATE

: >odd ( n -- int ) 0 set-bit ; foldable

: >even ( n -- int ) 0 clear-bit ; foldable

: next-even ( m -- n ) >even 2 + ;

: next-odd ( m -- n ) dup even? [ 1 + ] [ 2 + ] if ;

TUPLE: positive-even-expected n ;

:: (miller-rabin) ( n trials -- ? )
    n 1 - :> n-1
    n-1 factor-2s :> s :> r
    0 :> a!
    trials [
        drop
        2 n 2 - [a,b] random a!
        a s n ^mod 1 = [
            f
        ] [
            r iota [
                2^ s * a swap n ^mod n - -1 =
            ] any? not 
        ] if
    ] any? not ;

PRIVATE>

: miller-rabin* ( n numtrials -- ? )
    over {
        { [ dup 1 <= ] [ 3drop f ] }
        { [ dup 2 = ] [ 3drop t ] }
        { [ dup even? ] [ 3drop f ] }
        [ drop (miller-rabin) ]
    } cond ;

: miller-rabin ( n -- ? ) 10 miller-rabin* ;

ERROR: prime-range-error n ;

: next-prime ( n -- p )
    dup 1 < [ prime-range-error ] when
    dup 1 = [
        drop 2
    ] [
        next-odd dup miller-rabin [ next-prime ] unless
    ] if ;

: random-bits* ( numbits -- n )
    1 - [ random-bits ] keep set-bit ;

: random-prime ( numbits -- p )
    random-bits* next-prime ;

ERROR: no-relative-prime n ;

<PRIVATE

: (find-relative-prime) ( n guess -- p )
    over 1 <= [ over no-relative-prime ] when
    dup 1 <= [ drop 3 ] when
    2dup gcd nip 1 > [ 2 + (find-relative-prime) ] [ nip ] if ;

PRIVATE>

: find-relative-prime* ( n guess -- p )
    #! find a prime relative to n with initial guess
    >odd (find-relative-prime) ;

: find-relative-prime ( n -- p )
    dup random find-relative-prime* ;

ERROR: too-few-primes ;

: unique-primes ( numbits n -- seq )
    #! generate two primes
    swap
    dup 5 < [ too-few-primes ] when
    2dup [ random-prime ] curry replicate
    dup all-unique? [ 2nip ] [ drop unique-primes ] if ;

! Safe primes are of the form p = 2q + 1, p,q are prime
! See http://en.wikipedia.org/wiki/Safe_prime

<PRIVATE

: safe-prime-candidate? ( n -- ? )
    1 + 6 divisor? ;

: next-safe-prime-candidate ( n -- candidate )
    next-prime dup safe-prime-candidate?
    [ next-safe-prime-candidate ] unless ;

PRIVATE>

: safe-prime? ( q -- ? )
    {
        [ 1 - 2 / dup integer? [ miller-rabin ] [ drop f ] if ]
        [ miller-rabin ]
    } 1&& ;

: next-safe-prime ( n -- q )
    next-safe-prime-candidate
    dup safe-prime? [ next-safe-prime ] unless ;

: random-safe-prime ( numbits -- p )
    random-bits* next-safe-prime ;
initial math cleanup 2008-10-03 03:19:03 -04:00			`! Copyright (C) 2008 Doug Coleman.`
			`! See http://factorcode.org/license.txt for BSD license.`
Remove useless with-scope and unneeded uses 2008-12-27 17:13:03 -05:00			`USING: combinators kernel locals math math.functions math.ranges`
Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`random sequences sets combinators.short-circuit math.bitwise`
			`math math.order ;`
Initial import 2007-09-20 18:09:08 -04:00			`IN: math.miller-rabin`

Mark parts of math.miller-rabin as private 2008-12-26 14:58:46 -05:00			`<PRIVATE`

Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`: >odd ( n -- int ) 0 set-bit ; foldable`
Initial import 2007-09-20 18:09:08 -04:00
fix miller-rabin 2009-05-06 15:10:29 -04:00			`: >even ( n -- int ) 0 clear-bit ; foldable`

Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`: next-even ( m -- n ) >even 2 + ;`

			`: next-odd ( m -- n ) dup even? [ 1 + ] [ 2 + ] if ;`

other algorithms use factor-2s, put it back to normal 2008-01-13 12:51:46 -05:00			`TUPLE: positive-even-expected n ;`

refactor miller-rabin a bit still uses too many locals, but at least they're not symbols 2008-05-10 14:06:40 -04:00			`:: (miller-rabin) ( n trials -- ? )`
_finally_ cleaned up miller-rabin. it's passable now 2009-05-06 00:25:26 -04:00			`n 1 - :> n-1`
			`n-1 factor-2s :> s :> r`
			`0 :> a!`
			`trials [`
fix miller-rabin, safe primes 2009-05-06 13:21:30 -04:00			`drop`
Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`2 n 2 - [a,b] random a!`
_finally_ cleaned up miller-rabin. it's passable now 2009-05-06 00:25:26 -04:00			`a s n ^mod 1 = [`
fix miller-rabin, safe primes 2009-05-06 13:21:30 -04:00			`f`
			`] [`
fix miller-rabin, it's correct but a little ugly still. bed time 2009-05-06 01:54:14 -04:00			`r iota [`
			`2^ s * a swap n ^mod n - -1 =`
fix miller-rabin, safe primes 2009-05-06 13:21:30 -04:00			`] any? not`
			`] if`
			`] any? not ;`
fix miller-rabin, it's correct but a little ugly still. bed time 2009-05-06 01:54:14 -04:00
Mark parts of math.miller-rabin as private 2008-12-26 14:58:46 -05:00			`PRIVATE>`

Initial import 2007-09-20 18:09:08 -04:00			`: miller-rabin* ( n numtrials -- ? )`
			`over {`
			`{ [ dup 1 <= ] [ 3drop f ] }`
			`{ [ dup 2 = ] [ 3drop t ] }`
start cleanup of miller-rabin 2008-01-13 01:07:49 -05:00			`{ [ dup even? ] [ 3drop f ] }`
Remove useless with-scope and unneeded uses 2008-12-27 17:13:03 -05:00			`[ drop (miller-rabin) ]`
Initial import 2007-09-20 18:09:08 -04:00			`} cond ;`

			`: miller-rabin ( n -- ? ) 10 miller-rabin* ;`

Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`ERROR: prime-range-error n ;`

Initial import 2007-09-20 18:09:08 -04:00			`: next-prime ( n -- p )`
Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`dup 1 < [ prime-range-error ] when`
			`dup 1 = [`
			`drop 2`
			`] [`
			`next-odd dup miller-rabin [ next-prime ] unless`
			`] if ;`

			`: random-bits* ( numbits -- n )`
			`1 - [ random-bits ] keep set-bit ;`
Initial import 2007-09-20 18:09:08 -04:00
			`: random-prime ( numbits -- p )`
Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`random-bits* next-prime ;`
Initial import 2007-09-20 18:09:08 -04:00
find-relative-prime didn't handle numbers <= 1 correctly 2008-05-10 14:18:13 -04:00			`ERROR: no-relative-prime n ;`

Mark parts of math.miller-rabin as private 2008-12-26 14:58:46 -05:00			`<PRIVATE`

Initial import 2007-09-20 18:09:08 -04:00			`: (find-relative-prime) ( n guess -- p )`
find-relative-prime didn't handle numbers <= 1 correctly 2008-05-10 14:18:13 -04:00			`over 1 <= [ over no-relative-prime ] when`
			`dup 1 <= [ drop 3 ] when`
Initial import 2007-09-20 18:09:08 -04:00			`2dup gcd nip 1 > [ 2 + (find-relative-prime) ] [ nip ] if ;`

Mark parts of math.miller-rabin as private 2008-12-26 14:58:46 -05:00			`PRIVATE>`

Initial import 2007-09-20 18:09:08 -04:00			`: find-relative-prime* ( n guess -- p )`
			`#! find a prime relative to n with initial guess`
			`>odd (find-relative-prime) ;`

			`: find-relative-prime ( n -- p )`
fix word name 2008-01-13 15:09:59 -05:00			`dup random find-relative-prime* ;`
Initial import 2007-09-20 18:09:08 -04:00
error message 2008-04-25 01:25:37 -04:00			`ERROR: too-few-primes ;`

Initial import 2007-09-20 18:09:08 -04:00			`: unique-primes ( numbits n -- seq )`
			`#! generate two primes`
Clean up some code to not use combinators.lib and sequences.lib 2008-12-17 20:52:47 -05:00			`swap`
			`dup 5 < [ too-few-primes ] when`
			`2dup [ random-prime ] curry replicate`
			`dup all-unique? [ 2nip ] [ drop unique-primes ] if ;`
fix miller-rabin, it's correct but a little ugly still. bed time 2009-05-06 01:54:14 -04:00
			`! Safe primes are of the form p = 2q + 1, p,q are prime`
			`! See http://en.wikipedia.org/wiki/Safe_prime`

			`<PRIVATE`

			`: safe-prime-candidate? ( n -- ? )`
			`1 + 6 divisor? ;`

			`: next-safe-prime-candidate ( n -- candidate )`
			`next-prime dup safe-prime-candidate?`
			`[ next-safe-prime-candidate ] unless ;`

			`PRIVATE>`

			`: safe-prime? ( q -- ? )`
			`{`
			`[ 1 - 2 / dup integer? [ miller-rabin ] [ drop f ] if ]`
			`[ miller-rabin ]`
			`} 1&& ;`

			`: next-safe-prime ( n -- q )`
			`next-safe-prime-candidate`
Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`dup safe-prime? [ next-safe-prime ] unless ;`
fix miller-rabin, safe primes 2009-05-06 13:21:30 -04:00
fix miller-rabin, it's correct but a little ugly still. bed time 2009-05-06 01:54:14 -04:00			`: random-safe-prime ( numbits -- p )`
Document miller-rabin, more unit tests for some corner cases 2009-05-06 17:26:06 -04:00			`random-bits* next-safe-prime ;`