Logout Open In App
Open In App
Warning: foreach() argument must be of type array|object, bool given in /var/www/html/web/app/themes/studypress-core-theme/template-parts/header/mobile-offcanvas.php on line 20

Chapter 17: Problem 28

Let \(n\) be a large, positive integer. We can factor \(n\) using trial division in time \(n^{1 / 2+o(1)} ;\) however, using fast polynomial arithmetic in \(\mathbb{Z}_{n}[X],\) one can get a simple, deterministic, and rigorous algorithm that factors \(n\) in time \(n^{1 / 4+o(1)} .\) Note that all of the factoring algorithms discussed in Chapter \(15,\) while faster, are either probabilistic, or deterministic but heuristic. Assume that we can multiply polynomials in \(\mathbb{Z}_{n}[X]\) of length at most \(\ell\) using \(M(\ell)\) operations in \(\mathbb{Z}_{n},\) where \(M\) is a well-behaved complexity function, and \(M(\ell)=\ell^{1+o(1)}\) (the algorithm from Exercise 17.24 would suffice). (a) Let \(\ell\) be a positive integer, and for \(i=1, \ldots, \ell,\) let $$ a_{i}:=\prod_{j=0}^{\ell-1}(i \ell-j) \bmod n $$ Using fast polynomial arithmetic, show how to compute \(\left(a_{1}, \ldots, a_{\ell}\right)\) in time \(\ell^{1+o(1)} \operatorname{len}(n)^{O(1)}\) (b) Using the result of part (a), show how to factor \(n\) in time \(n^{1 / 4+o(1)}\) using a deterministic algorithm.

Short Answer

Expert verified
Answer: 1. Set \(\ell = \left \lceil n^{1 / 4} \right \rceil\). 2. Compute the sequence \((a_1,\dots,a_\ell)\) using fast polynomial arithmetic as described in part (a) of the solution. 3. For each \(a_i\), calculate the greatest common divisor (GCD) of \(n\) and \(a_i\): $$\operatorname{GCD}(n, a_i)$$ 4. If a nontrivial factor is found (neither 1 nor n), we can stop and factor n as product of that factor and its complement. The time complexity of these steps is \(O(n^{1/4 + o(1)})\).

Step by step solution

01

Part (a)

To calculate the sequence \(a_i\), we have the following product: $$ a_i = \prod_{j=0}^{\ell-1}(i \ell-j) \pmod{n} \quad \forall i=1,\dots,\ell. $$ Now, use polynomial representation for each term in the product as: $$ P_i(X) = i\ell - X \quad \forall i=1,\dots,\ell. $$ Then, we can rewrite the expression for \(a_i\) as: $$ a_i = P_i(\ell) \pmod{n} \quad \forall i=1,\dots,\ell. $$ Now, compute the product of these polynomials: $$ P(X) = \prod_{i=1}^{\ell} P_i(X) \pmod{n}. $$ We can compute this product using the divide and conquer technique as in fast polynomial multiplication in \(O(\ell^{1+\epsilon} (\log \ell)^{O(1)})\) time using exercise 17.24 (sufficient for our purpose), and then, calculate the sequence \((a_1, \dots, a_\ell)\) by evaluating this polynomial at \(\ell\), modulo n. In summary, 1. Compute \(P(X) = \prod_{i=1}^{\ell} P_i(X) \pmod{n}\) in \(O(\ell^{1+\epsilon} (\log \ell)^{O(1)})\) time using fast polynomial multiplication. 2. Calculate the values of \(a_i = P_i(\ell) \pmod{n}\) for \(i = 1,\dots,\ell\) as our desired sequence.
02

Part (b)

In this part, we will use the result of part (a) to factorize n efficiently. Follow these steps: 1. Set \(\ell = \left \lceil n^{1 / 4} \right \rceil\). 2. Compute the sequence \((a_1,\dots,a_\ell)\) as described in part (a). 3. For each \(a_i\), calculate the greatest common divisor (GCD) of \(n\) and \(a_i\) as follows: $$\operatorname{GCD}(n, a_i)$$ If we find a nontrivial factor (which is neither 1 nor n), we can stop and factor n as product of that factor and its complement. The algorithm's complexity is determined by the polynomial multiplication and GCD calculations: 1. Polynomial multiplication has complexity \(O(\ell^{1+\epsilon} (\log \ell)^{O(1)})\). 2. GCD calculations for each \(a_i\) takes \(O(\ell \operatorname{len}(n)^{O(1)})\). The total complexity will be \(O(\ell^{1+\epsilon} (\log \ell)^{O(1)}+\ell \operatorname{len}(n)^{O(1)})\), which is within the required time complexity of \(O(n^{1/4 + o(1)})\) since \(\ell = n^{1/4}\) and \(\operatorname{len}(n) = O(\log n)\).

Unlock Step-by-Step Solutions & Ace Your Exams!

  • Full Textbook Solutions

    Get detailed explanations and key concepts

  • Unlimited Al creation

    Al flashcards, explanations, exams and more...

  • Ads-free access

    To over 500 millions flashcards

  • Money-back guarantee

    We refund you if you fail your exam.

Start your free trial

Over 30 million students worldwide already upgrade their learning with Vaia!

Key Concepts

These are the key concepts you need to understand to accurately answer the question.

Fast Polynomial Arithmetic
Fast polynomial arithmetic refers to methods that allow computation with polynomials to be more efficient. Instead of performing operations term by term, algorithms are used to handle polynomials as a whole. This is crucial when dealing with large polynomials, especially over rings like \( \mathbb{Z}_n[X] \), where direct computation can be very slow.

The divide and conquer technique is one common approach used in fast polynomial arithmetic. By breaking down a problem into smaller subproblems and solving each independently, the overall process becomes more manageable and less time-consuming. Fast polynomial multiplication is a key component, utilizing methods such as the Karatsuba algorithm or FFT-based techniques, which reduces the time complexity significantly compared to classical methods.
  • Efficiency gains: From exponential to polynomial time improvements.
  • Applications: Key in modern algorithms for computer algebra systems.
  • Useful for: Problems involving polynomial evaluation, multiplication, and factorization.
Deterministic Algorithm
A deterministic algorithm is one that will always produce the same output given the same initial input. This type of algorithm doesn't rely on random numbers or probabilities, ensuring reliability and predictability in results.

In the context of factoring a polynomial over \( \mathbb{Z}_n[X] \), a deterministic algorithm is preferred over probabilistic ones when guaranteed results are required. Probabilistic algorithms might perform faster on average but lack the assurance of correctness for every instance.
  • Predictable: Same inputs lead to the same outputs every time.
  • Utility: Ideal for problems requiring guaranteed correctness.
  • Trade-offs: Might be slower in some instances, but provides certainty.
Deterministic algorithms are often paired with fast polynomial arithmetic to achieve more efficient solutions without sacrificing accuracy or reliability.
Polynomial Multiplication
Polynomial multiplication is the process of multiplying two polynomials to get a resultant polynomial. For polynomials over a ring like \( \mathbb{Z}_n \), direct term-by-term multiplication can be inefficient. Sophisticated techniques like those used in fast polynomial arithmetic are employed instead.

The complexity of polynomial multiplication can be significantly reduced from the naive \( O(n^2) \) to about \( O(n \log n) \) using more advanced algorithms:
  • Karatsuba Algorithm: Breaks down the polynomials into smaller parts, improving the complexity to \( O(n^{\log_2 3}) \).
  • FFT-Based Multiplication (Fast Fourier Transform): Converts polynomials into point-value form to allow multiplication to occur more quickly.
Each of these methods capitalizes on manipulating polynomials as structured data rather than as a collection of separate terms, making polynomial computations feasible for large datasets.
Trial Division
Trial division is a straightforward method for finding factors of a number. It involves testing potential divisors sequentially to check if they divide the number without leaving a remainder. For large numbers, this can be incredibly time-consuming, as it might require testing many potential factors.

However, the efficiency of trial division can be expressed as \( n^{1/2+o(1)} \), which isn't practical for very large numbers. Despite its simplicity, trial division is not usually employed alone for large number factorization due to its inefficiency.
  • Simple: Easy to understand and implement.
  • Drawbacks: Slow for large integers, as it tests many potential factors.
  • Modern Use: Often used in combination with more sophisticated methods for smaller factor checks.
For large factorization tasks, combining trial division with methods like fast polynomial arithmetic can reduce computation time, offering a more balanced approach to problem-solving.

One App. One Place for Learning.

All the tools & learning materials you need for study success - in one app.

Get started for free

Most popular questions from this chapter

Given polynomials \(g, h \in R[X],\) show how to compute their composition \(g(h) \in R[X]\) using \(O\left(\operatorname{len}(g)^{2} \operatorname{len}(h)^{2}\right)\) operations in \(R\).

Given a polynomial \(g \in R[X]\) and an element \(x \in R,\) a particularly elegant and efficient way of computing \(g(x)\) is called Horner's rule. Suppose \(g=\sum_{i=0}^{k-1} a_{i} X^{i},\) where \(k \geq 0\) and \(a_{i} \in R\) for \(i=0, \ldots, k-1 .\) Horner's rule computes \(g(x)\) as follows: $$ y \leftarrow 0_{R} $$ for \(i \leftarrow k-1\) down to 0 do $$ y \leftarrow y x+a_{i} $$ output \(y\) Show that this algorithm correctly computes \(g(x)\) using \(k\) multiplications in \(R\) and \(k\) additions in \(R\).

Let \(F\) be a field. Let \(z=s / t,\) where \(s, t \in F[X], \operatorname{deg}(s)<\operatorname{deg}(t)\) and \(\operatorname{gcd}(s, t)=1\). (a) Show that if \(F\) is finite, there exist integers \(k, k^{\prime}\) such that \(0 \leq k

This exercise develops a fast algorithm, called the fast Fourier transform or FFT, for computing the function \(\mathcal{E}_{n, \omega} .\) This is a recursive algorithm 17.6 Faster polynomial arithmetic (*) FFT \(\left(n, \omega ; a_{0}, \ldots, a_{2^{n}-1}\right)\) that takes as input an integer \(n \geq 0,\) a primitive \(2^{n}\) th root of unity \(\omega \in R,\) and elements \(a_{0}, \ldots, a_{2^{n}-1} \in R,\) and runs as follows: if \(n=0\) then return \(a_{0}\) else $$ \begin{array}{l} \left(\alpha_{0}, \ldots, \alpha_{2^{n-1}-1}\right) \leftarrow \mathrm{FFT}\left(n-1, \omega^{2} ; a_{0}, a_{2}, \ldots, a_{2^{n}-2}\right) \\\ \left(\beta_{0}, \ldots, \beta_{2^{n-1}-1}\right) \leftarrow \mathrm{FFT}\left(n-1, \omega^{2} ; a_{1}, a_{3}, \ldots, a_{2^{n}-1}\right) \\\ \text { for } i \leftarrow 0 \text { to } 2^{n-1}-1 \mathrm{do} \\ \quad \gamma_{i} \leftarrow \alpha_{i}+\beta_{i} \omega^{i}, \gamma_{i+2^{n-1}} \leftarrow \alpha_{i}-\beta_{i} \omega^{i} \\ \text { return }\left(\gamma_{0}, \ldots, \gamma_{2^{n}-1}\right) \end{array} $$

This problem is the analog of Exercise 3.48 for \(R[X] .\) Let us first define the notion of a "floating point" reversed Laurent series \(\hat{z},\) which is represented as a pair \((g, e),\) where \(g \in R[X]\) and \(e \in \mathbb{Z}-\) the value of \(\hat{z}\) is \(g X^{e} \in R\left(\left(X^{-1}\right)\right),\) and we call len \((g)\) the precision of \(\hat{z} .\) We say that \(\hat{z}\) is a length \(k\) approximation of \(z \in R\left(\left(X^{-1}\right)\right)\) if \(\hat{z}\) has precision \(k\) and \(\hat{z}=(1+\varepsilon) z\) for \(\varepsilon \in R\left(\left(X^{-1}\right)\right)\) with \(\operatorname{deg}(\varepsilon) \leq-k,\) which is the same as saying that the high-order \(k\) coefficients of \(\hat{z}\) and \(z\) are equal. Show that given \(h \in R[X]\) with \(\operatorname{lc}(h) \in R^{*},\) and positive integer \(k,\) we can compute a length \(k\) approximation of \(1 / h \in R\left(\left(X^{-1}\right)\right)\) using \(O(M(k))\) operations in \(R\). Hint: using Newton iteration, show how to go from a length \(t\) approximation of \(1 / h\) to a length \(2 t\) approximation, making use of just the high-order \(2 t\) coefficients of \(h,\) and using \(O(M(t))\) operations in \(R\).
See all solutions

Recommended explanations on Math Textbooks

Theoretical and Mathematical Physics

Read Explanation

Discrete Mathematics

Read Explanation

Applied Mathematics

Read Explanation

Mechanics Maths

Read Explanation

Geometry

Read Explanation

Decision Maths

Read Explanation
View all explanations

What do you think about this solution?

We value your feedback to improve our textbook solutions.

Study anywhere. Anytime. Across all devices.

Sign-up for free