See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/306392096

A characterization of Sophie Germain primes

Article  in  International Journal of Number Theory · January 2018

DOI: 10.1142/S1793042118500409

CITATIONS READS
0 267

1 author:

Paolo Leonetti
Università commerciale Luigi Bocconi
38 PUBLICATIONS   77 CITATIONS   

SEE PROFILE

All content following this page was uploaded by Paolo Leonetti on 14 October 2017.

The user has requested enhancement of the downloaded file.

 A CHARACTERIZATION OF SOPHIE GERMAIN PRIMES

PAOLO LEONETTI

Abstract. Let n ≥ 5 be an odd integer. It is shown that {1σ(1) , . . . , nσ(n) } is a complete

1
residue system modulo n for some permutation σ of {1, . . . , n} if and only if 2
(n − 1) is a
Sophie Germain prime. Partial results are obtained also for the case n even.

1. Introduction

The aim of this article is to study an invariance property of complete residue systems modulo
n, which turns out to be related to Sophie Germain primes. We recall that a prime p is a Sophie
Germain prime if 2p + 1 is prime too, with the associated prime 2p + 1 which is then called a
safe prime. These special primes have applications in public key cryptography, pseudorandom
number generation, and primality testing; see, for example, [1, 4, 6]. Originally, they have
been used also in the investigation of cases of Fermat’s last theorem [3, § 3.2]. It has been
conjectured that there exist infinitely many Sophie Germain primes, but this remains unproven;
cf., for instance, [5, § 5.5.5].
Hereafter, we say that an integer n ≥ 2 is nice if {1σ(1) , . . . , nσ(n) } is a complete residue
system modulo n for some permutation σ of {1, . . . , n}. Then, our main result follows:

Theorem 1. Let n ≥ 5 be an odd integer. Then n is nice if and only if n is a safe prime.

Partial results have been obtained also for the case n even:

Theorem 2. Let n ≥ 4 be a nice even integer. Then n = 2p for some prime p such that p − 1
is squarefree. Conversely, if n = 2p, for some safe prime p ≥ 7, then n is nice.

Note that, according to Theorem 2, 10 is not a nice integer and, on the other hand, it is the
double of a safe prime. However, the above results suggest the following:

Conjecture 1. An integer n ≥ 11 is nice if and only if n or 21 n is a safe prime.

Proofs of Theorem 1 and 2 follow in §§ 3 and 4, respectively.

1.1. Notations and conventions. We let Z be the set of integers (endowed with its usual
structure of ordered ring), N the non-negative integers, and N+ = N \ {0} the positive integers.
Also, the set of (positive rational) primes {2, 3, 5, . . .} is denoted by P.

2010 Mathematics Subject Classification. Primary 11A07; Secondary 11A15, 11A41.

Key words and phrases. Complete residue system, permutations, safe primes, Sophie Germain primes.
2 Paolo Leonetti

Unless noted otherwise, the letters n, m, i, j, k, t and z, with or without subscripts, will
stand for positive integers, the letters p and q for primes, and the Greek letters σ and η for
permutations.
Given an integer n ≥ 2, we denote by Zn the quotient ring between Z and its ideal nZ; by an
abuse of notation, sometimes we identify integers with its residue classes in Zn . The radical of
n, that is, the product of the pairwise distinct primes which divide n, will be denoted by rad(n).
Moreover, given p ∈ P, the p-adic valuation of n is υp (n), i.e., the greatest exponent e ∈ N for
which pe divides n.
Given integers n, k ≥ 2, we denote by An,k the set of integers m ∈ {1, . . . , n − 1} which are
divisible by k, and by Qn,k the set of (possibly zero) k-th power residues in Zn . The set of
quadratic residues Qn,2 will be shortened with Qn .
Lastly, we write #S for the cardinality of a set S. We refer to [2] for basic aspects of number
theory (including notation not defined here).

2. Preliminaries

Let us start settling down the cases of small values of n.

Lemma 1. Every integer n ∈ {2, . . . , 7} is nice.

Proof. It is enough to choose the permutation σ according to the following table:

σ(1) σ(2) σ(3) σ(4) σ(5) σ(6) σ(7)
n=2 1 2 ? ? ? ? ?
n=3 2 1 3 ? ? ? ?
n=4 2 1 3 4 ? ? ?
n=5 2 5 1 3 4 ? ?
n=6 2 1 4 5 3 6 ?
n=7 6 2 1 5 7 3 4


Accordingly, let us assume hereafter that n ≥ 8.

Lemma 2. Let n ≥ 8 be a nice integer. Then n = r or n = 2r or n = 4r for some odd squarefree

integer r ≥ 3.

Proof. Let σ be the associated permutation of {1, . . . , n}. Note that n divides nσ(n) and that
mσ(m) is divisible by rad(n) for all m ∈ An,rad(n) .
Since n is nice by hypothesis, i.e., {1σ(1) , . . . , nσ(n) } is a complete residue system in Zn ,
then n does not divide mσ(m) for each m ∈ An,rad(n) . Moreover, since rad(n) divides m by
construction, then n does not divide rad(n)σ(m) for these integers m. In particular, n does not
divide rad(n)#An,rad(n) .
This implies that there exists p ∈ P which divides n and
n Y
υp (n) ≥ 1 + #An,rad(n) = = q υq (n)−1 ≥ pυp (n)−1 .
rad(n)
q∈P, q|n
 A characterization of Sophie Germain primes 3

If p = 2, it follows that υ2 (n) = 1 or υ2 (n) = 2, and υq (n) = 1 for all other primes q which
divide n. Lastly, if p ≥ 3, then υq (n) = 1 for all primes q which divide n, i.e., n is squarefree. 

To conclude the section, we obtain a lower bound for the number of quadratic residues of a
nice integer.

Lemma 3. Let n ≥ 2 be a nice integer. Then #Qn ≥ b 21 nc.

Proof. Since n is nice, the number of quadratic residues in {1σ(1) , . . . , nσ(n) } has to be #Qn .
In particular, #Qn is greater than or equal to the number of even integers in {σ(1), . . . , σ(n)},
that is, #{1, . . . , n} ∩ 2N = b 21 nc. 

3. Proof of Theorem 1

The proof will be splitted into two main parts.

3.1. Only if part. Note that 5 and 7 are safe primes and, at the same time, are nice integers
by Lemma 1. Hence, we can assume hereafter that n is a nice odd integer ≥ 9.

Claim 1. Let n ≥ 9 be a nice odd integer. Then n is prime.

Proof. According to Lemma 2, there are pairwise distinct odd primes q1 , . . . , qk such that n =
q1 · · · qk . Note that, by the Chinese remainder theorem, the function N+ → N+ defined by
n 7→ #Qn is multiplicative. Therefore, by Lemma 3, we obtain
1
#Q1 · · · #Qk ≥ (q1 · · · qk − 1),
2
which simplifies to
k    
Y 1 k−1 1
1+ ≥2 1− .
i=1
qi q1 · · · qk
Considering that n ≥ 8, it follows that
  k−1 Y k    
1 1 1 1
1+ 1+ ≥ 1+ ≥ 2k−1 1 − ,
3 5 i=1
qi 8
which is satisfied only for k = 1. 

Claim 1 will be refined further, by obtaining additional properties of nice primes.

Claim 2. Let p ≥ 11 be a nice prime. Then p − 1 is squarefree.

Proof. Let σ be the associated permutation of {1, . . . , p} and suppose, for the sake of contra-
diction, that there exists a prime q such that q 2 divides p − 1. Then, note that if m is a q-th
power residue or if σ(m) is divisible by q, then mσ(m) is a q-th power in Zp .
Since the number of q-th powers in {1σ(1) , . . . , pσ(p) } has to be #Qp,q and #Ap,q is smaller
than #Qp,q , it follows that m ∈ Qp,q whenever σ(m) ∈ Ap,q . In particular, mσ(m) is a q 2 -th
power in Zp . In turn, this implies that
p−1 p−1 p−1
= #Ap,q ≤ #Qp,q2 = 1 + 2 ≤ 1 +
q q 2q
4 Paolo Leonetti

This is a contradiction because, on one hand, q ≥ 12 (p − 1) by the above inequality, and, the
√
other hand, q ≤ p − 1 by the fact that q 2 divides p − 1. 

Without loss of generality, it can be assumed that, if p is a nice (odd) prime with associated
permutation σ, then
σ(1) = p − 1. (1)
Indeed, by Fermat’s little theorem, mp−1 = 1 in Zp for each m ∈ {1, . . . , p − 1}, implying
that necessarily σ(1) = p − 1 or σ(p) = p − 1. On the other hand, if p is a nice prime with
associated permutation σ, then p is a nice prime with another associated permutation σ̃ defined
by σ̃(p) = σ(1), σ̃(1) = σ(p), and σ̃(m) = σ(m) for each m ∈ {2, . . . , p − 1}.
To conclude the first part of the proof, it is enough to show the following:

Claim 3. Let p ≥ 11 be a nice prime. Then p is a safe prime.

Proof. Let p ≥ 11 be a nice prime with associated permutation σ. According to Claim 2, p − 1

is squarefree, i.e., there exist pairwise distinct odd q1 , . . . , qk ∈ P such that p − 1 = 2q1 · · · qk
(note that k ≥ 1 by the fact that 21 (p − 1) ≥ 5). Then, we claim that k = 1.
Let us suppose, for the sake of contradiction, that k ≥ 2 and define the (even) integers
p−1 p−1
z1 = and z2 = .
q1 q2
Then, at least one between z1 and z2 does not divide σ(p). Indeed, in the opposite case,
p − 1 = lcm(z1 , z2 ) would divide σ(p). On the other hand, since σ(p) belongs to {1, . . . , p},
then we have necessarily σ(p) = p − 1, which contradicts (1). Hence, there exists an integer in
{z1 , z2 }, let us say z, which does not divide σ(p), that is, σ(p) does not belong to Ap,z .
At this point, since mσ(m) is a z-th power in Zp whenever σ(m) belongs to Ap,z and #Qp,z =
1 + #Ap,z , then Qp,z \ {0} = Ap,z in Zp . Denoting by ξ a primitive root of Zp , it follows that
there exists a permutation η of {z, 2z, . . . , p − 1} such that

{ξ zη(z) , ξ (2z)η(2z) , . . . , ξ (p−1)η(p−1) } = {ξ z , ξ 2z , . . . , ξ p−1 }

in Zp . By Fermat’s little theorem and the fact that p is nice, we have by force η(p − 1) = p − 1.
Therefore
{ξ zη(z) , ξ (2z)η(2z) , . . . , ξ (p−1−z)η(p−1−z) } = {ξ z , ξ 2z , . . . , ξ p−1−z }
in Zp , with the consequence that

{zη(z), (2z)η(2z), . . . , (p − 1 − z)η(p − 1 − z)} = {z, 2z, . . . , p − 1 − z}

in Zp−1 . Moreover, dividing all elements by z and denoting by q the prime z1 (p − 1), it follows
that
{η(z), 2η(2z), . . . , (q − 1)η(p − 1 − z)} = {1, 2, . . . , q − 1}
in Zq . In particular, the products of the elements of each set must be the same in Zq . This is a
contradiction, indeed the product of the set on the right is (q − 1)! ≡ −1 (mod q) by Wilson’s
 A characterization of Sophie Germain primes 5

theorem, while on the left side

q−1
Y q−1
Y
(q − 1)! η(zj) = (q − 1)! zj = (q − 1)!2 z q−1 ≡ 1 (mod q),
j=1 j=1

by Fermat’s little theorem and the fact that gcd(q, z) = 1. 

3.2. If part. Let p ≥ 5 be a Sophie Germain prime. We claim that the prime n = 2p + 1 is
nice.
Let ξ and τ be generators of (the group of units of) Zn and Z2p , respectively. Note that τ
is odd. To conclude the proof of Theorem 1, we have to construct an explicit permutation σ of
{1, . . . , n} such that {1σ(1) , . . . , nσ(n) } is equal to {1, . . . , n} in Zn .
To this aim, it is enough to set

σ(1) = 2p, σ(2p) = p, σ(2p + 1) = 2p + 1,

together with
(
if i = 0, . . . , 21 (p − 3)


 i
(jτ )
 (jτ )i mod 2p
σ ξ = ,
if i = 12 (p − 1), . . . , p − 2


(jτ )i+1 mod 2p

for each j ∈ {1, 2}, where (x mod 2p) denotes the integer y ∈ {1, . . . , 2p} such that 2p divides
x − y.
Finally, let us check that this permutation really works. Define the sets
0 1 p−2
Aj = {ξ (jτ ) , ξ (jτ ) , . . . , ξ (jτ ) }

in Zn , for each j ∈ {1, 2}, and note that {1, 2p, 2p + 1} ∪ A1 ∪ A2 is equal to {1, . . . , n} in Zn .
Then, it is easy to see that, for each j ∈ {1, 2}, the map

Aj → Aj : m 7→ mσ(m)

is actually a bijection. Indeed, for each j ∈ {1, 2}, it holds

σ ξ(jτ )i
  ( 2i

(jτ )i ξ (jτ ) if i = 0, . . . , 12 (p − 3)
ξ = 2i+1 .
ξ (jτ ) if i = 21 (p − 1), . . . , p − 2

This completes the proof. (Straightforward details are left to the reader.)

4. Proof of Theorem 2

4.1. First part. Note that 4 and 6 are nice integers by Lemma 1 and both of them are in the
form 2p for some prime p such that p − 1 is squarefree. Hence, let us hereafter that n is a nice
even integer ≥ 8. In the same spirit of Claim 1, we will prove that 21 n ∈ P.

Claim 4. Let n ≥ 8 be a nice even integer. Then n = 2p for some prime p.

6 Paolo Leonetti

Proof. According to Lemma 2, there exist α ∈ {1, 2} and pairwise distinct odd primes q1 , . . . , qk ,
with k ≥ 1, such that n = 2α q1 · · · qk . Moreover, by Lemma 3 and the multiplicativity of
n 7→ #Qn , we obtain
Yk
#Q2α #Qqi ≥ 2α−1 q1 · · · qk .
i=1
Considering that #Q2α = 2 for α ∈ {1, 2} and #Qq = 21 (q + 1) for each odd q ∈ P, the above
inequality simplifies to
k  
Y 1 1 1
+ ≥ 2−α .
i=1
2 2qi 2
On the other hand, note that, for all integers k ≥ 2, it holds
k    k  2
Y 1 1 1 1 2 1
+ ≤ + ≤ < .
i=1
2 2q i 2 2 · 3 3 2
It follows that α = 1 and k = 1, i.e., n = 2p for some prime p. 

To complete the first part of the proof of Theorem 2, it will be enough to show that p − 1 is
squarefree. Accordingly, we will first show that 4 does not divide p − 1 and, then, that q 2 does
not divide p − 1 for each odd prime q.
Let σ be a permutation associated to 2p. Note that the number of quadratic residues in Z2p
is p + 1, and, on the other hand, the number of even positive integers ≤ 2p is p. It follows that m
has to be a quadratic residue whenever σ(m) is even. Moreover, the residue modulo 2p of mσ(m)
will be uniquely determined by the Chinese remainder theorem, given its residues modulo p and
modulo 2 (in this respect, note that mk ≡ m (mod 2) for all m, k ∈ N+ ).

Claim 5. Let p ≥ 5 be a prime such that 2p is nice. Then 4 does not divide p − 1.

Proof. Let us suppose, for the sake of contradiction, that 4 divides p − 1. Then p − 1 and
2p − 1 are quadratic residues in Z2p . By the above observations, at least one between p − 1 and
2p − 1 has an even image under σ. This would contradict the fact that 1σ(1) ≡ 1 (mod 2p) and
(p + 1)σ(p+1) ≡ p + 1 (mod 2p) since, for all k ∈ N+ , we have (2p − 1)2k ≡ 1 (mod 2p) and
(p − 1)2k ≡ p + 1 (mod 2p). 

We conclude with the following:

Claim 6. Let p ≥ 7 be a prime such that 2p is nice. Then p − 1 is squarefree.

Proof. Note 12 (p − 1) is odd by Claim 5 and, by hypothesis, ≥ 3. Hence, let us suppose, for the
sake of contradiction, that there exists an odd prime q such that q 2 divides p − 1.
In addition, we have #Q2p,q = 2 + 2q (p − 1) which is greater, on the other hand, than
#A2p,q = 2q (p − 1). With a reasoning similar to Claim 2, the number of q 2 -th power residues
in Z2p has to be greater than or equal to the number of multiples of q in {1, . . . , 2p}, implying
that  
2(p − 1) p−1 p−1
= #A2p,q ≤ #Q2p,q2 = 2 + 2 ≤ 2 1 + .
q q 6q
 A characterization of Sophie Germain primes 7

√
It follows that q ≥ 56 (p − 1). This is a contradiction because q ≤ p − 1 by the fact that q 2
√
divides p − 1 while, on the other hand, 56 (p − 1) > p − 1 for all primes p ≥ 7. 

4.2. Second part. Let p ≥ 7 be a Sophie Germain prime. We claim that the integer n =
2(2p + 1) is nice. The proof follows the same lines of reasoning in § 3.2, therefore we provide
here only a sketch.
Let ξ and τ be generators of Zn and Z2p , respectively. Then, define the permutation σ of
{1, . . . , n} by

σ(1) = 2p, σ(2p) = p, σ(2p + 1) = 4p + 1, σ(2p + 2) = 4p, σ(4p + 1) = 3p, σ(4p + 2) = 4p + 2,

together with
(
if i = 0, . . . , 21 (p − 3)



(jτ )i
 2p(t − 1) + (jτ )i mod 2p
σ (tξ) = ,
if i = 21 (p − 1), . . . , p − 2


2p(t − 1) + (jτ )i+1 mod 2p

for each t, j ∈ {1, 2}, where (x mod 2p) represents the integer y ∈ {1, . . . , 2p} such that 2p
divides x − y.
Finally, we have to check that this permutation really works. For each t, j ∈ {1, 2} define the
sets
0 1 p−2
At,j = {(tξ)(jτ ) , (tξ)(jτ ) , . . . , (tξ)(jτ ) }
in Zn . Again, it is not difficult to check that, for each t, j ∈ {1, 2}, the map

At,j → At,j : m 7→ mσ(m)

is actually a bijection. Indeed, for each t, j ∈ {1, 2}, it holds

σ ξ(jτ )i
  ( 2i

(jτ )i (tξ)(jτ ) if i = 0, . . . , 21 (p − 3)
(tξ) = 2i+1 ,
(tξ)(jτ ) if i = 12 (p − 1), . . . , p − 2
which completes the proof.

5. Acknowledgements

The author is grateful to Salvatore Tringali (University of Graz) for suggestions which
improved the readability of the article.

References
[1] M. Agrawal, N. Kayal, and N. Saxena, PRIMES is in P, Ann. of Math. 160 (2004), No. 2, 781–793.
[2] T.M. Apostol, Introduction to Analytic Number Theory, Undergrad. Texts Math., Springer-Verlag: New
York, 1976.
[3] H.M. Edwards, Fermat’s Last Theorem: A Genetic Introduction to Algebraic Number Theory, Springer,
2000.
[4] R.A.J. Matthews, Maximally periodic reciprocals, Bull. Inst. Math. Appl. 28 (1992), 147–148.
[5] V. Shoup, A Computational Introduction to Number Theory and Algebra, Cambridge University Press, 2009.
[6] W.-S. Yap, S.L. Yeo, S.-H. Heng, and M. Henricksen, Security analysis of GCM for communication, Security
Comm. Networks 7 (2014), No. 5, 854–864.
 8 Paolo Leonetti

Università L. Bocconi, via Roentgen 1, 20136 Milano, Italy.

E-mail address: [email protected]

View publication stats