Fermat pseudoprimes

By a primality test we mean a criterion which, if it is not satisfied, guarantees that a natural number n is composite. If the number passes several of these tests – that is, if it satisfies the criterion in each case – then it is likely, though in general not certain, that it is a prime. It turns out that in cryptography it is often enough to know that a number is ‘probably’ a prime and this is where the concept originates. A method which definitely establishes that a number is a prime is called deterministic; otherwise it is called probabilistic. The simplest example of a deterministic method is based on the criterion that n be not divisible by any integer between 2 and √n; if n passes the test for each possible divisor then it is, without doubt, a prime. But verifying in a particular instance is a very time-consuming process.

Suppose now that n is composite and odd. If there exists an integer b, with (b, n) = 1, such that bn−1 ≡ 1 (modn) then n is called a pseudoprime (or Fermat pseudoprime) to the base b. Thus a pseudoprime is a number that has a property analogous to that in Fermat's theorem (see Section 3.3) but is not a prime. For example, since the order of 2 (mod21) is 6, we obtain 820 ≡ 1 (mod21) and so 21 is a pseudoprime to the base 8; but 220 ≡ 4 (mod21), whence 21 is not a pseudoprime to the base 2.