|
|
| Line 1: |
Line 1: |
| In [[mathematics]] and [[computer algebra]] the [[factorization of polynomials|factorization of a polynomial]] consists of decomposing it into a [[product (mathematics)|product]] of [[irreducible polynomial|irreducible factors]]. This decomposition is theoretically possible and is unique for [[polynomial]]s with [[coefficient]]s in any [[field (mathematics)|field]], but rather strong restrictions on the field of the coefficients are needed to allow the computation of the factorization by means of an [[algorithm]]. In practice, algorithms have been designed only for polynomials with coefficients in a [[finite field]], in the [[field of rationals]] or in a [[finitely generated field extension]] of one of them.
| | Many people contemplate that the practice of reading newspapers is very good and this habit can surely profit the people in getting news of all of the kinds. In the world of India, there are people of several languages and religions who are living together. This will be the main reason why there is a presence of different newspapers here. In all the states of India, newspapers are publishing India news recently. They also provide all the latest news India. In all of the states, the state news is published India latest news is also published. Different languages are found over here in latest India info.<br><br>Manage about the ugg news heading? With this question the interviewer is trying to see for anyone aware of this major events going on around you, and if you've got thought about those get togethers. Your opinion of the events is not quite as important considering that the fact you are aware the issues and have thought on them. Always stay up up to now on current events.<br><br>ugg boots contain a simple design but with durability. ugg boots are mainly made from twin-sided sheepskin with fleece inside and maybe a tanned outer surface. Simple but unique stitching could be clearly seen on the outside. And their soles are created from rubber. Each one of these combined, Ugg boot offer an important experience with utmost warmth and comfort as well as durability in an easy style.<br><br>A associated with nice shoes or boots: in places where rain a lot, the dogs' paws suffer when they walk each morning mud or possibly the dirt. It is the same in too hot places, at which the roads can burn them. Target sells very cute and cheap boots for doggies.<br><br>Boots apparel is Wipe out struggling to be. The right set of fashion boots apparel could be just what you would like to complete your outfits. They look stylish whether these types of balancing having a sarong or peeking rid of under denim. Before you spend your hard-earned money, anyone might have notice down some techniques for arranging making significance investment on the pair of favor boots fashion accessories.<br><br>So break out of your fashion rule mentality and let your imagination go undomesticated. Get yourself a pair of ugg classic tall boots and wear them with you jeans, wear them to work on casual Friday, or pair them up with your Sunday quite. Wear these functional yet attractive boots in daily life and even while on on holiday.<br><br>In case you loved this short article and you would like to receive more details regarding [http://horizonafrica.com/img/ Cheap UGG Boots Australia Factory outlet online free shipping] assure visit our internet site. |
| | |
| The case of the '''factorization of [[univariate]] polynomials over a finite field''', which is the subject of this article, is especially important, because all the algorithms (including the case of multivariate polynomials over the rational numbers), which are sufficiently efficient to be implemented, reduce the problem to this case (see [[Polynomial factorization]]). It is also interesting for various applications of finite fields, such as [[coding theory]] ([[cyclic redundancy]] codes and [[BCH code]]s), [[cryptography]] ([[public key cryptography]] by the means of [[elliptic curve cryptography|elliptic curves]]), and [[computational number theory]].
| |
| | |
| Since the second half of the twentieth century, major improvements have been made into this problem, that have resulted in that factorization of polynomials of a [[Degree of a polynomial|degree]] up to 1,000 over medium-sized (less than one million elements) [[prime field]]s is now considered a routine task.
| |
| | |
| As the reduction of the factorization of [[multivariate polynomial]]s to that of univariate polynomials does not have any specificity in the case of coefficients in a finite field, only polynomials with one variable are considered in this article.
| |
| | |
| ==Background==
| |
| ===Finite field===
| |
| {{main|Finite field}}
| |
| The theory of finite fields, whose origins can be traced back to the works of [[Gauss]] and [[Galois]], has played a part in various branches of mathematics. Due to the applicability of the concept in other topics of mathematics and sciences like computer science there has been a resurgence of interest in finite fields and this is partly due to important applications in [[coding theory]] and [[cryptography]]. Applications of finite fields introduce some of these developments in [[cryptography]], [[computer algebra]] and [[coding theory]].
| |
| | |
| A finite field or [[Galois field]] is a field with a [[Wikt:finite|finite]] order (number of elements). The order of a finite field is always a [[prime]] or a power of prime. For each [[prime power]] ''q'' = ''p<sup>r</sup>'', there exists exactly one finite field with ''q'' elements, [[up to]] isomorphism. This field is denoted ''GF''(''q'') or '''F'''<sub>''q''</sub>. If ''p'' is prime, ''GF''(''p'') is the [[prime field]] of order ''p''; it is the field of [[residue class#Ring of congruence classes|residue class]]es modulo ''p'', and its ''p'' elements are denoted 0, 1, ..., ''p''−1. Thus ''a'' = ''b'' in ''GF''(''p'') means the same as ''a'' ≡ ''b'' (mod ''p'').
| |
| | |
| ===Irreducible polynomials===
| |
| Let ''F'' be a finite field. As for general fields, a non-constant polynomial ''f'' in ''F''[''x''] is said to be [[irreducible polynomial|irreducible]] over ''F'' if it is not the product of two polynomials of positive degree. A polynomial of positive degree that is not irreducible over ''F'' is called ''reducible over'' ''F''.
| |
| | |
| Irreducible polynomials allow to construct the finite fields of non prime order. In fact, for a prime power ''q'', let '''F'''<sub>''q''</sub> be the finite field with ''q'' elements, unique up to an isomorphism. A polynomial ''f'' of degree ''n'' greater than one, which is irreducible over '''F'''<sub>''q''</sub>, defines a field extension of degree ''n'' which is isomorphic to the field with ''q''<sup>''n''</sup> elements: the elements of this extension are the polynomials of degree lower than ''n''; addition, subtraction and multiplication by an element of '''F'''<sub>''q''</sub> are those of the polynomials; the product of two elements it the remainder of the division by ''f'' of their product as polynomials; the inverse of an element may be computed by the extended GCD algorithm (see [[Polynomial greatest common divisor|Arithmetic of algebraic extensions]]).
| |
| | |
| It follows that, to compute in a finite field of non prime order, one needs to generate an irreducible polynomial. For this, the common method is to take a polynomial at random and test it for irreducibility. For sake of efficiency of the multiplication in the field, it is usual to search for polynomials of the shape ''x''<sup>''n''</sup> + ''ax'' + ''b''.
| |
| | |
| Irreducible polynomials over finite fields are also useful for [[Pseudorandom]] number generators using feedback shift registers and [[discrete logarithm]] over '''F'''<sub>2<sup>''n''</sup></sub>.
| |
| | |
| ====Example====
| |
| The polynomial ''P'' = ''x''<sup>4</sup> + 1 is irreducible over '''Q''' but not over any finite field.
| |
| | |
| * On any field extension of '''F'''<sub>2</sub>, ''P'' = (''x''+1)<sup>4</sup>.
| |
| | |
| *On every other finite field, at least one of −1, 2 and −2 is a square, because the product of two non squares is a square and so we have
| |
| #If <math>-1=a^2,</math> then <math>P=(x^2+a)(x^2-a).</math>
| |
| #If <math>2=b^2,</math> then <math>P=(x^2+bx+1)(x^2-bx+1).</math>
| |
| #If <math>-2=c^2,</math> then <math>P=(x^2+cx-1)(x^2-cx-1).</math>
| |
| | |
| ===Complexity===
| |
| Polynomial factoring algorithms use basic polynomial operations such as products, divisions, gcd, powers of one polynomial modulo another, etc. A [[Multiplication_algorithm#Polynomial_multiplication|multiplication]] of two polynomials of degree at most ''n'' can be done in [[Big O notation|''O''(''n''<sup>2</sup>)]] operations in '''F'''<sub>''q''</sub> using "classical" arithmetic, or in ''O''(''n''log(''n'')) operations in '''F'''<sub>''q''</sub> using [[Multiplication_algorithm#Fast_multiplication_algorithms_for_large_inputs|"fast" arithmetic]]. A [[Euclidean division]] (division with remainder) can be performed within the same time bounds. The cost of a [[polynomial greatest common divisor]] between two polynomials of degree at most ''n'' can be taken as ''O''(''n''<sup>2</sup>) operations in '''F'''<sub>''q''</sub> using classical methods, or as ''O''(''n''log<sup>2</sup>(''n'')) operations in '''F'''<sub>''q''</sub> using fast methods. For polynomials ''h'', ''g'' of degree at most ''n'', the exponentiation ''h<sup>q</sup>'' mod ''g'' can be done with ''O''(log(''q'')) polynomial products, using [[exponentiation by squaring]] method, that is ''O''(''n''<sup>2</sup>log(''q'')) operations in '''F'''<sub>''q''</sub> using classical methods, or ''O''(''n''log(''q'')log(''n'')) operations in '''F'''<sub>''q''</sub> using fast methods.
| |
| | |
| In the algorithms that follow, the complexities are expressed in terms of number of arithmetic operations in '''F'''<sub>''q''</sub>, using classical algorithms for the arithmetic of polynomials.
| |
| | |
| ==Factoring algorithms==
| |
| Many algorithms for factoring polynomials over finite fields include the following three stages:
| |
| | |
| ===Square-free factorization===
| |
| The algorithm determines a [[square-free polynomial|square-free]] factorization for polynomials whose coefficients come from the finite field '''F'''<sub>''q''</sub> of order ''q'' = ''p<sup>m</sup>'' with ''p'' a prime. This algorithm firstly determines the [[derivative]] and then computes the gcd of the polynomial and its derivative. If it is not one then the gcd is again divided into the original polynomial, provided that the derivative is not zero (a case that exists for non-constant polynomials defined over finite fields).
| |
| | |
| This algorithm uses the fact that, if the derivative of a polynomial is zero, then it is a polynomial in ''x''<sup>''p''</sup>, which is the ''p''th power of the polynomial obtained by substituting ''x'' by ''x''<sup>1/''p''</sup>.
| |
| | |
| This algorithm works also over a field of [[characteristic (algebra)|characteristic]] zero, with the only difference that it never enters in the blocks of instructions where ''p''th roots are computed. However, in this case, [[Square-free polynomial#Yun's algorithm|Yun's algorithm]] is much more efficient because it computes the greatest common divisors of polynomials of lower degrees. A consequence is that, when factoring a polynomial over the integers, the algorithm which follows is not used: one compute first the square-free factorization over the integers, and to factor the resulting polynomials, one chooses a ''p'' such that they remain square-free modulo ''p''.
| |
| | |
| '''Algorithm''': '''SFF''' (Square-Free Factorization)
| |
| '''Input''': A [[monic polynomial]] ''f'' in '''F'''<sub>''q''</sub>[''x'']
| |
| '''Output''': Square-free factorization of ''f''
| |
| | |
| ''i''←1; ''R'' ← 1; ''g'' ← ''f''′;
| |
| '''if''' ''g'' ≠ 0 '''then''' {
| |
| ''c'' ← '''gcd'''(''f'', ''g'');
| |
| ''w'' ← ''f''/''c'';
| |
| '''while''' ''w'' ≠ 1 do {
| |
| ''y'' ← '''gcd'''(''w'', ''c''); ''z'' ← ''w''/''y'';
| |
| ''R'' ← ''R''·''z''<sup>''i''</sup>; ''i'' ← i+1;
| |
| ''w'' ← ''y''; ''c'' ← ''c''/''y'' }
| |
| '''if''' ''c'' ≠ 1 '''then''' {
| |
| ''c'' ← ''c''<sup>1/''p''</sup>;
| |
| '''Output'''(''R''·'''SFF'''(''c'')<sup>''p''</sup>) }
| |
| else '''Output'''(''R'')
| |
| '''else''' {
| |
| ''f'' ← ''f''<sup>1/''p''</sup>;
| |
| '''Output'''('''SFF'''(''f'')<sup>''p''</sup>) }
| |
| '''end'''.
| |
| | |
| ====Example====
| |
| Let
| |
| | |
| :<math> f = x^{11} + 2 x^9 + 2x^8 + x^6 + x^5 + 2x^3 + 2x^2 +1 \in \mathbf{F}_3[x]</math>
| |
| | |
| The algorithm computes first
| |
| | |
| :<math> c = \gcd(f, f') = x^9 + 2x^6 + x^3 + 2.</math>
| |
| | |
| Since the derivative is non-zero we have {{math|1=''w'' = ''f''/''c'' = ''x''<sup>2</sup> + 2}} and we enter the while loop. After one loop we have {{math|1=''y'' = ''x'' + 2}}, {{math|1=''z'' = ''x'' + 1}} and {{math|1=''R'' = ''x'' + 1}} with updates {{math|1=''i'' = 2}}, {{math|1=''w'' = ''x'' + 2}} and {{math|1=''c'' = ''x''<sup>8</sup> + ''x''<sup>7</sup> + ''x''<sup>6</sup> + ''x''<sup>2</sup>+''x''+1}}. The second time through the loop gives {{math|1=''y'' = ''x'' + 2}}, {{math|1=''z'' = 1}}, {{math|1=''R'' = ''x'' + 1}}, with updates {{math|1=''i'' = 3}}, {{math|1=''w'' = ''x'' + 2}} and {{math|1=''c'' = ''x''<sup>7</sup> + 2''x''<sup>6</sup> + ''x'' + 2}}. The third time through the loop also does not change {{math|1=''R''}}. For the fourth time through the loop we get {{math|1= ''y'' = 1}}, {{math|1=''z'' = ''x'' + 2}}, {{math|1=''R'' = (''x'' + 1)(''x'' + 2)<sup>4</sup>}}, with updates {{math|1=''i'' = 5}}, {{math|1=''w'' = 1}} and {{math|1=''c'' = ''x''<sup>6</sup> + 1}}. Since ''w'' = 1, we exit the while loop. Since ''c'' ≠ 1, it must be a perfect cube. The cube root of ''c'', obtained by replacing ''x''<sup>3</sup> by ''x'' is ''x''<sup>2</sup> + 1, and calling the square-free procedure recursively determines that it is square-free. Therefore, cubing it and combining it with the value of ''R'' to that point gives the square-free decomposition
| |
| | |
| :<math> f= (x+1)(x^2+1)^3(x+2)^4.</math>
| |
| | |
| ===Distinct-degree factorization===
| |
| This algorithm splits a square-free polynomial into a product of polynomials whose irreducible factors all have the same degree. Let ''f'' ∈ '''F'''<sub>''q''</sub>[''x''] of degree ''n'' be the polynomial to be factored.
| |
| | |
| '''Algorithm''' Distinct-degree factorization(DDF)
| |
| '''Input''': A monic square-free polynomial ''f'' ∈ '''F'''<sub>''q''</sub>[''x'']
| |
| '''Output''': The set of all pairs (''g'', ''d''), such that
| |
| ''f'' has an irreducible factor of degree ''d'' and
| |
| ''g'' is the product of all monic irreducible factors of ''f'' of degree ''d''.
| |
| '''Begin'''
| |
| <math>i:=1;\qquad S:=\emptyset,\qquad f^*:=f;</math>
| |
| '''while''' <math>\deg f^*\ge 2i</math> '''do'''
| |
| <math>g=\gcd(f^*, x^{q^i}-x)</math>
| |
| '''if''' ''g'' ≠ 1, '''then'''
| |
| <math>S:=S\cup{(g,i)}</math>;
| |
| ''f*'' := ''f*''/''g'';
| |
| '''end if'''
| |
| ''i'' := ''i''+1;
| |
| '''end while''';
| |
| '''if''' ''f*'' ≠ 1, '''then''' <math>S:= S\cup{(f^*,\deg f^*)}</math>;
| |
| '''if''' ''S'' = ∅
| |
| '''then return''' {(''f'', 1)}
| |
| '''else return''' ''S''
| |
| '''End'''
| |
| The correctness of the algorithm is based on the following:
| |
| | |
| <blockquote>'''Lemma.''' For ''i'' ≥ 1 the polynomial
| |
| | |
| :<math>x^{q^i}-x \in \mathbf{F}_q[x]</math>
| |
| | |
| is the product of all monic irreducible polynomials in '''F'''<sub>''q''</sub>[''x''] whose degree divides ''i''.</blockquote>
| |
| | |
| At first glance, this is not efficient since it involves computing the GCD of polynomials of a degree which is exponential in the degree of the input polynomial. However
| |
| | |
| :<math>g=\gcd \left (f^*, x^{q^i}-x \right )</math>
| |
| | |
| may be replaced by
| |
| | |
| :<math>g=\gcd \left (f^*, \left (x^{q^i}-x \mod f^* \right ) \right ).</math>
| |
| | |
| Therefore we have to compute:
| |
| | |
| :<math>x^{q^i}-x \mod f^*,</math>
| |
| | |
| there are two methods:
| |
| | |
| <blockquote>'''Method I.''' Start from the value of
| |
| | |
| :<math>x^{q^{i-1}}\mod f^* </math>
| |
| | |
| computed at the preceding step and to compute its ''q''-th power modulo the new ''f*'', using [[exponentiation by squaring]] method. This needs
| |
| | |
| :<math>O \left (\log(q) \deg(f)^2 \right )</math>
| |
| | |
| arithmetic operations in '''F'''<sub>''q''</sub> at each step, and thus
| |
| | |
| :<math>O \left (\log(q) \deg(f)^3 \right )</math>
| |
| | |
| arithmetic operations for the whole algorithm.</blockquote>
| |
| | |
| <blockquote>'''Method II.''' Using the fact that the ''q''-th power is a linear map over '''F'''<sub>''q''</sub> we may compute its matrix with
| |
| | |
| :<math>O \left (\deg(f)^2(\log(q)+\deg(f)) \right )</math>
| |
| | |
| operations. Then at each iteration of the loop, compute the product of a matrix by a vector (with ''O''(deg(''f'')<sup>2</sup>) operations). This induces a total number of operations in '''F'''<sub>''q''</sub> which is
| |
| | |
| :<math>O \left (\deg(f)^2 (\log(q)+\deg(f)) \right ).</math>
| |
| | |
| Thus this second method is more efficient and is usually preferred. Moreover, the matrix that is computed in this method is used, by most algorithms, for equal-degree factorization (see below); thus using it for the distinct-degree factorization saves further computing time.</blockquote>
| |
| | |
| ===Equal-degree factorization===
| |
| {{main|Cantor–Zassenhaus algorithm}}
| |
| In this section, we consider the factorization of a monic squarefree univariate polynomial ''f'', of degree ''n'', over a finite field '''F'''<sub>''q''</sub>, which has ''r'' ≥ 2 pairwise distinct irreducible factors <math> f_1,\ldots,f_r</math> each of degree ''d''.
| |
| | |
| We first describe an algorithm by Cantor and Zassenhaus (1981) and then a variant that has a slightly better complexity. Both are probabilistic algorithms whose running time depends on random choices ([[Las Vegas algorithm]]s), and have a good average running time. In next section we describe an algorithm by Shoup (1990), which is also an equal-degree factorization algorithm, but is deterministic. All these algorithms require an odd order ''q'' for the field of coefficients. For more factorization algorithms see e.g. Knuth's book [[The Art of Computer Programming]] volume 2.
| |
| | |
| Algorithm Cantor–Zassenhaus algorithm.
| |
| Input: A finite field '''F'''<sub>''q''</sub> of odd order ''q''.
| |
| A monic square free polynomial ''f'' in '''F'''<sub>''q''</sub>[''x''] of degree ''n'' = ''rd'',
| |
| which has ''r'' ≥ 2 irreducible factors each of degree ''d''
| |
| Output: The set of monic irreducible factors of ''f''.
| |
| | |
| Factors:={''f''};
| |
| while Size(Factors) < ''r'' do,
| |
| Choose ''h'' in '''F'''<sub>''q''</sub>[''x''] with deg(''h'') < ''n'' at random;
| |
| <math>g:=h^{\frac{q^d-1}{2}}- 1 \pmod f</math>
| |
| for each ''u'' in Factors with deg(''u'') > ''d'' do
| |
| if gcd(''g'', ''u'') ≠ 1 and gcd(''g'', ''u'') ≠ ''u'', then
| |
| Factors:= Factors<math>\,\setminus\, \{u\}\cup\{(\gcd(g,u),u/\gcd(g,u))\}</math>;
| |
| endif;
| |
| endwhile
| |
| return Factors.
| |
| | |
| The correctness of this algorithm relies on the fact that the ring '''F'''<sub>''q''</sub>[''x'']/''f'' is a direct product of the fields '''F'''<sub>''q''</sub>[''x'']/''f<sub>i</sub>'' where ''f<sub>i</sub>'' runs on the irreducible factors of ''f''. As all these fields have ''q<sup>d</sup>'' elements, the component of ''g'' in any of these fields is zero with probability
| |
| | |
| :<math>\frac{q^d-1}{2q^d} \sim \tfrac{1}{2}.</math>
| |
| | |
| This implies that the polynomial gcd(''g'', ''u'') is the product of the factors of ''g'' for which the component of ''g'' is zero.
| |
| | |
| It has been shown that the average number of iterations of the while loop of the algorithm is less than <math>2.5 \log_2 r</math>, giving an average number of arithmetic operations in'''F'''<sub>''q''</sub> which is <math>O(dn^2\log(r)\log(q))</math>.<ref>{{citation|first1=Philippe|last1=Flajolet|first2=Jean-Marc | last2=Steayaert |title=A branching process arising in dynamic hashing, trie searching and polynomial factorization| booktitle = Automata, languages and programming (Aarhus, 1982)| series = Lecture Notes in Comput. Sci.|volume = 140|pages = 239–251|publisher = Springer|year=1982}}</ref> | |
| | |
| In the typical case where ''d''log(''q'') > ''n'', this complexity may be reduced to
| |
| | |
| :<math>O(n^2(\log(r)\log(q)+n))</math>
| |
| | |
| by choosing ''h'' in the kernel of the linear map
| |
| | |
| :<math> v \to v^q-v \pmod f</math>
| |
| | |
| and replacing the instruction
| |
| | |
| :<math>g:=h^{\frac{q^d-1}{2}}- 1 \pmod f</math>
| |
| | |
| by
| |
| | |
| :<math>g:=h^{\frac{q-1}{2}}- 1 \pmod f.</math>
| |
| | |
| The proof of validity is the same as above, replacing the direct product of the fields '''F'''<sub>''q''</sub>[''x'']/''f<sub>i</sub>'' by the direct product of their subfields with ''q'' elements. The complexity is decomposed in <math>O(n^2\log(r)\log(q))</math> for the algorithm itself, <math>O(n^2(\log(q)+n))</math> for the computation of the matrix of the linear map (which may be already computed in the square-free factorization) and ''O''(''n''<sup>3</sup>) for computing its kernel. It may be noted that this algorithm works also if the factors have not the same degree (in this case the number ''r'' of factors, needed for stopping the while loop, is found as the dimension of the kernel). Nevertheless, the complexity is slightly better if square-free factorization is done before using this algorithm (as ''n'' may decrease with square-free factorization, this reduces the complexity of the critical steps).
| |
| | |
| ===Victor Shoup's algorithm===
| |
| Like the algorithms of the preceding section, [[Victor Shoup]]'s algorithm is an equal-degree factorization algorithm.<ref>Victor Shoup, On the deterministic complexity of factoring polynomials over finite fields, Information Processing Letters 33:261-267, 1990</ref> Unlike them, it is a deterministic algorithm. However, it is less efficient, in practice, that the algorithms of preceding section. For Shoup's algorithm, the input is restricted to polynomials over prime fields '''F'''<sub>''q''</sub>.
| |
| | |
| Let ''g'' = ''g''<sub>1</sub> ... ''g<sub>k</sub>'' be the desired factorization, where the ''g<sub>i</sub>'' are distinct monic irreducible polynomials of degree ''d''. Let ''n'' = deg(''g'') = ''kd''. We consider the [[ring (mathematics)|ring]] ''R'' = '''F'''<sub>''q''</sub>[''x'']/''g'' and denote also by ''x'' the image of ''x'' in ''R''. The ring ''R'' is the direct product of the fields ''R<sub>i</sub>'' = '''F'''<sub>''q''</sub>[''x'']/''g<sub>i</sub>'', and we denote by ''p<sub>i</sub>'' the natural [[homomorphism]] from the ''R'' onto ''R<sub>i</sub>''. The [[Galois group]] of ''R<sub>i</sub>'' over '''F'''<sub>''q''</sub> is cyclic of order ''d'', generated by the [[field automorphism]] ''u'' → ''u<sup>p</sup>''. It follows that the roots of ''g<sub>i</sub>'' in ''R<sub>i</sub>'' are
| |
| | |
| :<math> p_i(x), p_i(x^q), p_i \left (x^{q^2} \right ), p_i \left (x^{q^{d-1}} \right ).</math>
| |
| | |
| If ''q'' > ''n'', the [[Newton's identities]] allow to compute the ''s<sub>i</sub>'' with
| |
| | |
| Like in the preceding algorithm, this algorithm uses the same [[subalgebra]] ''B'' of ''R'' as the [[Berlekamp's algorithm]], sometimes called the "Berlekamp subagebra" and defined as
| |
| | |
| :<math>\begin{align}
| |
| B &= \left \{\alpha \in R \ : \ p_1(\alpha), \cdots, p_k(\alpha) \in \mathbf{F}_q \right \} \\
| |
| &= \{u\in R \ : \ u^q=u\}
| |
| \end{align}</math>
| |
| | |
| A subset ''S'' of ''B'' is said a [[separating set]] if, for every 1 ≤ ''i'' < ''j'' ≤ ''k'' there exists ''s'' ∈ ''S'' such that <math>p_i(s) \ne p_j(s)</math>. In the preceding algorithm, a separating set is constructed by choosing at random the elements of ''S''. In Shoup's algorithm, the separating set is constructed in the following way. Let ''s'' in ''R''[''Y''] be such that
| |
| | |
| :<math>\begin{align}
| |
| s&=(Y-x) \left (Y-x^q \right )\cdots \left (Y-x^{q^{d-1}} \right ) \\
| |
| &=s_0+\cdots+s_{d-1}Y^{d-1}+Y^d
| |
| \end{align}</math>
| |
| | |
| Then <math>\{s_0,\dots ,s_{d-1}\}</math> is a separating set because <math>p_i(s)=g_i</math> for ''i'' =1, ..., ''k'' (the two monic polynomials have the same roots). As the ''g<sub>i</sub>'' are pairwise distinct, for every pair of distinct indexes (''i'', ''j''), at least one of the coefficients ''s<sub>h</sub>'' will satisfy <math>p_i(s_h)\ne p_j(s_h).</math>
| |
| | |
| Having a separating set, Shoup's algorithm proceeds as the last algorithm of the preceding section, simply by replacing the instruction "choose at random ''h'' in the kernel of the linear map <math> v \to v^q-v \pmod f</math>" by "choose ''h'' + ''i'' with ''h'' in ''S'' and ''i'' in {1, ..., ''k''−1}".
| |
| | |
| ==Rabin's test of irreducibility==
| |
| Like distinct-degree factorization algorithm, Rabin's algorithm<ref>{{cite journal |last1=Rabin |first1=Michael |year=1980 |title=Probabilistic algorithms in finite fields |journal=SIAM Journal on Computing |volume=9 |issue=2 |pages=273–280 |doi=10.1137/0209024 }}</ref> is based on the Lemma stated above. Distinct-degree factorization algorithm tests every ''d'' not greater than half the degree of the input polynomial. Rabin's algorithm takes advantage that the factors are not needed for considering fewer ''d''. Otherwise, it is similar to distinct-degree factorization algorithm. It is based on the following fact.
| |
| | |
| Let ''p''<sub>1</sub>, ..., ''p<sub>k</sub>'', be all the prime divisors of ''n'', and denote <math>n/p_i=n_i</math>, for 1 ≤ ''i'' ≤ ''k'' polynomial ''f'' in '''F'''<sub>''q''</sub>[''x''] of degree ''n'' is irreducible in '''F'''<sub>''q''</sub>[''x''] if and only if <math> \gcd \left (f,x^{q^{n_i}}-x \right )=1</math>, for 1 ≤ ''i'' ≤ ''k'', and ''f'' divides <math>x^{q^n}-x</math>. In fact, if ''f'' has a factor of degree not dividing ''n'', then ''f'' does not divide <math>x^{q^n}-x</math>; if ''f'' has a factor of degree dividing ''n'', then this factor divides at least one of the <math>x^{q^{n_i}}-x.</math>
| |
| | |
| '''Algorithm''' Rabin Irreducibility Test
| |
| '''Input''': A monic polynomial ''f'' in '''F'''<sub>''q''</sub>[''x''] of degree ''n'',
| |
| ''p''<sub>1</sub>, ..., ''p<sub>k</sub>'' all distinct prime divisors of ''n''.
| |
| '''Output''': Either "''f'' is irreducible" or "''f'' is reducible".
| |
| '''Begin'''
| |
| '''for''' ''j'' = 1 to ''k'' '''do'''
| |
| <math>n_j=n/p_j</math>;
| |
| '''for''' ''i'' = 1 to ''k'' '''do'''
| |
| <math>h:=x^{q^{n_i}}-x \bmod f</math>;
| |
| ''g'' := gcd(''f'', ''h'');
| |
| '''if''' ''g'' ≠ 1, '''then return''' 'f is reducible' '''and STOP''';
| |
| '''end for''';
| |
| <math>g:= x^{q^{n}}-x \bmod f</math>;
| |
| '''if''' ''g'' = 0, '''then return''' "f is irreducible",
| |
| '''else return''' "''f'' is reducible"
| |
| '''end.'''
| |
| | |
| The basic idea of this algorithm is to compute <math> x^{q^{n_i}} \bmod f</math> starting from the smallest <math> n_1,\ldots,n_k</math> by repeated squaring or using the [[Finite_field#Frobenius_automorphisms|Frobenius automorphism]], and then to take the correspondent gcd. Using the elementary polynomial arithmetic, the computation of the matrix of the Frobenius automorphism needs <math>O(n^2 (n+\log q))</math> operations in '''F'''<sub>''q''</sub>, the computation of
| |
| | |
| :<math>x^{q^{n_i}}-x \pmod f</math>
| |
| | |
| needs ''O''(''n''<sup>3</sup>) further operations, and the algorithm itself needs ''O''(''kn''<sup>2</sup>) operations, giving a total of <math>O(n^2 (n+\log q))</math> operations in '''F'''<sub>''q''</sub>. Using fast arithmetic (complexity <math>O(n\log n)</math> for multiplication and division, and <math>O(n(\log n)^2)</math> for GCD computation), the computation of the <math>x^{q^{n_i}}-x \bmod f</math> by repeated squaring is <math>O(n^2\log n\log q)</math>, and the algorithm itself is <math>O(kn(\log n)^2)</math>, giving a total of <math>O(n^2\log n\log q)</math> operations in '''F'''<sub>''q''</sub>.
| |
| | |
| ==See also==
| |
| * [[Berlekamp's algorithm]]
| |
| * [[Cantor–Zassenhaus algorithm]]
| |
| * [[Polynomial factorization]]
| |
| | |
| ==References==
| |
| *KEMPFERT,H (1969) On the ''Factorization of Polynomials'' Department of Mathematics, The Ohio State University,Columbus,Ohio 43210
| |
| *Shoup,Victor (1996) ''Smoothness and Factoring Polynomials over Finite Fields'' Computer Science Department University of Toronto
| |
| * Von Zur Gathen, J., Panario, D. (2001) Factoring Polynomials Over Finite Fields: A Survey . Fachbereich Mathematik-Informatik, Universitat Paderborn. Department of Computer Science, University of Toronto.
| |
| *Gao Shuhong, Panario Daniel,''Test and Construction of Irreducible Polynomials over Finite Fields'' Department of mathematical Sciences, Clemson University, South Carolina, 29634-1907, USA. and Department of computer science University of Toronto, Canada M5S-1A4
| |
| *Shoup, Victor (1989) New Algorithms for Finding Irreducible Polynomials over Finite Fields Computer Science Department University of Wisconsin–Madison
| |
| *Geddes, K.O. (1990) Algorithms for Computer Algebra
| |
| | |
| ==External links==
| |
| * Some irreducible polynomials http://www.math.umn.edu/~garrett/m/algebra/notes/07.pdf
| |
| * Field and Galois Theory :http://www.jmilne.org/math/CourseNotes/FT.pdf
| |
| * Galois Field:http://designtheory.org/library/encyc/topics/gf.pdf
| |
| * Factoring polynomials over finite fields: http://www.science.unitn.it/~degraaf/compalg/polfact.pdf
| |
| | |
| ==Notes==
| |
| {{Reflist}}
| |
| | |
| [[Category:Polynomials]]
| |
| [[Category:Algebra]]
| |
| [[Category:Computer algebra]]
| |
| [[Category:Coding theory]]
| |
| [[Category:Cryptography]]
| |
| [[Category:Computational number theory]]
| |