In RSA, what is $P[x \notin \mathbb{Z}_N^*]$

Question

In the RSA problem, picking a message $x \in \mathbb{Z}_N \setminus \mathbb{Z}_N^*$ implies factorizing $N$. Since factorization with respect to the standard RSA generator is hard assuming the RSA problem is hard, it is likely that selecting $x \in \mathbb{Z}_N \setminus \mathbb{Z}_N^*$ is hard. Thus, one may ask the question:

Given $x$ uniformly distributed over $\mathbb{Z}_N$ what is the probability that $x \notin \mathbb{Z}_N^*?$

with the hope that it is negligible. So I write:

$P[x \notin \mathbb{Z}_N^*] = 1 - \frac{\phi(N)}{N} = \frac{1}{p}+\frac{1}{q} - \frac{1}{pq}$

However, how does one prove this is negligible?

Answer 1

With fgrieu's idea:

If we consider the generator working on a security parameter of $n$ bits (meaning resistance to $\mathcal O(2^n)$ computational effort), then each of the prime $p$ and $q$ must be at least (about) $n$-bit, otherwise trial division would factor the public modulus. Then, $N=p\,q$ with $p$ and $q$ distinct primes at least $2^n$ implies $P[x \notin \mathbb{Z}_N^*]=1-\frac{(p-1)(q-1)}{p\,q}<\frac1p+\frac1q<\frac2{2^n}$, that is $\mathcal O(2^{-n})$ which is negligible.