DOCSLIB.ORG

Book Pseudocode

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Appendix BOOK PSEUDOCODE All algorithms in this book are written in a particular pseudocode form describable, perhaps, as a "fusion of English and C languages." The motivations for our particular pseudocode design have been summarized in the Preface, where we have indicated our hope that this "mix" will enable all readers to understand, and programmers to code, the algorithms. Also in the Preface we indicated a network source for Mathematica implementations of the book algorithms. That having been said, the purpose of this Appendix is to provide not a rigorous compendium of instruction definitions, for that would require something like an entire treatise on syntactical rules as would be expected to appear in an off-the-shelf C reference. Instead, we give below some explicit examples of how certain pseudocode statements are to be interpreted. English, and comments For the more complicated mathematical manipulations within pseudocode, we elect for English description. Our basic technical motivation for allowing "English" pseudocode at certain junctures is evident in the following example. A statement in the C language if((n== floor(n» && (j == floor(sqrt(j»*floor(sqrt(j»» ... , which really means "if n is an integer and j is a square," we might have cast in this book as if(n, vJ E Z) ... That is, we have endeavored to put "chalkboard mathematics" within conditionals. We have also adopted a particular indentation paradigm. If we had allowed (which we have not) such English as: For all pseudoprimes in S, apply equation (X); Apply equation (Y); then, to the aspiring programmer, it might be ambiguous whether equation (Y) were to be applied for all pseudoprimes, or just once, after the loop on equation (X). So the way we wish such English to appear, assuming the case that equation (Y) is indeed applied only once after looping, is like so: For all pseudoprimes in S, apply equation (X); Apply equation (Y); 498 Appendix BOOK PSEUDOCODE Because of this relegation of English statements to their own lines, the interpretation that equation (Y) is to be invoked once, after the pseudoprime loop, is immediate. Accordingly, when an English statement is sufficiently long that it wraps around, we have adopted reverse indentation, like so: Find a random t E [O,p - 1] such that t2 - a is a quadratic nonresidue (mod p), via Algorithm 2.3.5; x = (t + ~)(p+l)/2; In this last example, one continually chooses random integers t in the stated range until one is found with the required condition, and then one goes to the next step, which calls for a single calculation and the assignment of letter x to the result of the calculation. Also in English will be comments throughout the book pseudocode. These take the following form (and are right-justified, unlike pseudocode itself): x = (t + ~)(p+l)/2; I I Use F p2 arithmetic. The point is, a comment prefaced with "I I" is not to be executed as pseudocode. For example, the above comment is given as a helpful hint, indicating perhaps that to execute the instruction one would first want to have a subroutine to do F p2 arithmetic. Other comments clarify the pseudocode's nomenclature, or provide further information on how actually to carry out the executable statement. Assignment of variables, and conditionals We have elected not to use the somewhat popular assignment syntax x := y, rather, we set x equal to y via the simple expedient x = y. (Note that in this notation for assignment used in our pseudocode, the symbol "=" does not signify a symmetric relation: The assignment x = y is not the same instruction as the assignment y = x.) Because assignment appears on the face of it like equality, the conditional equality x == y means we are not assigning, merely testing whether x and yare equal. (In this case of testing conditional equality, the symbol "==" is indeed symmetric.) Here are some examples of our typical assignments: x = 2; I I Variable x gets the value 2. x = y = 2; I I Both x and y get the value 2. F = {}; I I F becomes the empty set. (a,b,c) = (3,4,5); I I Variable a becomes 3, b becomes 4, c becomes 5. Note the important rule that simultaneous (vector) assignment assumes first the full evaluation of the vector on the right side of the equation, followed by the forcing of values on the left-hand side. For example, the assignment (x,y) = (y2,2x); means that the right-hand vector is evaluated for all components, then the left-hand vector is forced in all components. That is, the example is equivalent to the chain (technically, we assume neither of x, y invokes hidden functions) Appendix BOOK PSEUDOCODE 499 t = x; / /Variable t is temporary here. x = y2; y = 2t; and it is quite evident by comparison how visually efficient is the single-line vector assignment. Note, too, that the composite assignments x = y2; y = 2x; and y = 2x; x = y2; are both different than the vector assignment, and different from each other. Because our text adheres to the rule that ordered sequences are symbolized by parentheses (as in (x n )) while sets use braces (as in {X,a,a}), we assign sequences, vectors, and so on with a style consistent with the text; e.g., iJ = (0,1,0) is an ordered assignment, whereas a set of three polynomials might be assigned as S = {x2 + 1,x,x3 - x} and the order is unimportant. Moreover, S = {x2 + 1, x, x, x3 - x} is exactly the same assignment, since set notation does not record multiplicity. Note that the distinction between sequence and set assignment is important, in view of the liberal use of braces in modern languages. In the Mathematica language, braces denote "lists" and these in turn can be manipulated as either vectors (sequences) or sets, with vector-algebraic (such as matrix-vector) and set-theoretical (such as union, intersection) operators available. Likewise, the C language allows assignment of data records via braces, as in "float x[3] = {1.1, 2.2, 3.3};" which would fill a vector x in ordered fashion. In this latter case, our pseudocode would say instead x = (1.1,2.2,3.3). The internal conditionals in if0 statements often use classical mathemat- ical notation, but not always. Let us exemplify conditional syntax like so: if(x == y) taskO; / / Testing equality of x, y, 'Without changing either. if(x ::::> y) taskO; / / Testing whether x is greater than or equal to y. if(xly) taskO; / / Testing whether x divides y. if(x == y (mod p)) taskO; / / Testing whether x, y congruent modulo p. Note that a congruence conditional does not take the form x ==== y (mod p), because there need not be any confusion with assignment in such cases. However, it may be possible to have the construction x == y mod p, since as is explained in the text, the notation y mod p refers to the integer y - p Ly / p J. Thus, it may be that x is equal to this integer, or it may be that we wish to assign x this value (in which case we would write x = y mod p). Another conditional form is the whileO statement, exemplified by while(x =f. 0) { task1 0; task20; 500 Appendix BOOK PSEUDOCODE } which means that x is checked for zero value upon entry of the whole loop, then all the interior tasks are to be performed until, after some complete pass of the interior tasks, x is found to be zero and that ends the whileO looping. Operations that change the value of a single variable include these: x = x+c; / / x is increased by c. x = cx; / / x is multiplied by c. x=x«3; / / Shift (integer only) x left by 3 bits, same as x = 8x. x = x» 3; / / Shift right, same as x = Lx/8J. x = x /\ 37; / / Exclusive-or bits of x with O ... 0100101 binary. x = x & 37; / / And bits of x with O... 0100101 binary. ForO loops The forO loop is ubiquitous in this book, in being our primary automaton for executing tasks repeatedly. Again we defer to a set of examples, not trying rigorously to exhaust all possible forms of English-C loops possible, rather, covering some of the common styles appearing in the book. for(a s: x < b) taskO; / / For all integers x E [a, b), ascending order. for(a :::> x :::> b) taskO; / / For all integers x E [b, a], descending order. for(x E [a, b)) taskO; / / For all integers x E [a, b), ascending order. Note that the relative magnitudes of a, b in the above are assumed correct to imply the ascending or descending order; e.g., if a loop starts for ( a :::> ... ), then b should not exceed a (or if it does, the loop is considered empty). Note also that the first and third forO examples above are equivalent; we are just saying that the third form is allowed under our design rules. Note further that neither a nor b is necessarily an integer. This is why we cannot have put in a comment in the first forO example above like: "For x = a, a+l, a+2, ... , b-l," although such a comment does apply if both a, b are integers with a < b. Along such lines, an example of how forO conditionals get into more traditional mathematical notation is for(1 s: a and a2 s: m) taskO; / / Perform task for a = 1,2, ... LrmJ· of which Algorithm 7.5.8 is an example. Other examples of mixed English-C are: for(prime pIP) taskO; / / Perform for all primes p dividing F.
Recommended publications
  • Sieve Algorithms for the Discrete Logarithm in Medium Characteristic Finite Fields Laurent Grémy

    Sieve Algorithms for the Discrete Logarithm in Medium Characteristic Finite Fields Laurent Grémy

    Sieve algorithms for the discrete logarithm in medium characteristic finite fields Laurent Grémy To cite this version: Laurent Grémy. Sieve algorithms for the discrete logarithm in medium characteristic finite fields. Cryptography and Security [cs.CR]. Université de Lorraine, 2017. English. NNT : 2017LORR0141. tel-01647623 HAL Id: tel-01647623 https://tel.archives-ouvertes.fr/tel-01647623 Submitted on 24 Nov 2017 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. AVERTISSEMENT Ce document est le fruit d'un long travail approuvé par le jury de soutenance et mis à disposition de l'ensemble de la communauté universitaire élargie. Il est soumis à la propriété intellectuelle de l'auteur. Ceci implique une obligation de citation et de référencement lors de l’utilisation de ce document. D'autre part, toute contrefaçon, plagiat, reproduction illicite encourt une poursuite pénale. Contact : [email protected] LIENS Code de la Propriété Intellectuelle. articles L 122. 4 Code de la Propriété Intellectuelle. articles L 335.2- L 335.10 http://www.cfcopies.com/V2/leg/leg_droi.php
  • The Number Field Sieve for Discrete Logarithms

    The Number Field Sieve for Discrete Logarithms

    The Number Field Sieve for Discrete Logarithms Henrik Røst Haarberg Master of Science Submission date: June 2016 Supervisor: Kristian Gjøsteen, MATH Norwegian University of Science and Technology Department of Mathematical Sciences Abstract We present two general number field sieve algorithms solving the discrete logarithm problem in finite fields. The first algorithm pre- sented deals with discrete logarithms in prime fields Fp, while the second considers prime power fields Fpn . We prove, using the standard heuristic, that these algorithms will run in sub-exponential time. We also give an overview of different index calculus algorithms solving the discrete logarithm problem efficiently for different possible relations between the characteristic and the extension degree. To be able to give a good introduction to the algorithms, we present theory necessary to understand the underlying algebraic structures used in the algorithms. This theory is largely algebraic number theory. 1 Contents 1 Introduction 4 1.1 Discrete logarithms . .4 1.2 The general number field sieve and L-notation . .4 2 Theory 6 2.1 Number fields . .6 2.1.1 Dedekind domains . .7 2.1.2 Module structure . .9 2.1.3 Norm of ideals . .9 2.1.4 Units . 10 2.2 Prime ideals . 10 2.3 Smooth numbers . 13 2.3.1 Density . 13 2.3.2 Exponent vectors . 13 3 The number field sieve in prime fields 15 3.1 Overview . 15 3.2 Calculating logarithms . 15 3.3 Sieving . 17 3.4 Schirokauer maps . 18 3.5 Linear algebra . 20 3.5.1 A note about smooth t and g .............. 22 3.6 Run time .
  • 11.6 Discrete Logarithms Over Finite Fields

    11.6 Discrete Logarithms Over Finite Fields

    Algorithms 61 11.6 Discrete logarithms over finite fields Andrew Odlyzko, University of Minnesota Surveys and detailed expositions with proofs can be found in [7, 25, 26, 28, 33, 34, 47]. 11.6.1 Basic definitions 11.6.1 Remark Discrete exponentiation in a finite field is a direct analog of ordinary exponentiation. The exponent can only be an integer, say n, but for w in a field F , wn is defined except when w = 0 and n ≤ 0, and satisfies the usual properties, in particular wm+n = wmwn and (for u and v in F )(uv)m = umvm. The discrete logarithm is the inverse function, in analogy with the ordinary logarithm for real numbers. If F is a finite field, then it has at least one primitive element g; i.e., all nonzero elements of F are expressible as powers of g, see Chapter ??. 11.6.2 Definition Given a finite field F , a primitive element g of F , and a nonzero element w of F , the discrete logarithm of w to base g, written as logg(w), is the least non-negative integer n such that w = gn. 11.6.3 Remark The value logg(w) is unique modulo q − 1, and 0 ≤ logg(w) ≤ q − 2. It is often convenient to allow it to be represented by any integer n such that w = gn. 11.6.4 Remark The discrete logarithm of w to base g is often called the index of w with respect to the base g. More generally, we can define discrete logarithms in groups.
  • The Factoring Dead: Preparing for the Cryptopocalypse

    The Factoring Dead: Preparing for the Cryptopocalypse

    THE FACTORING DEAD: PREPARING FOR THE CRYPTOPOCALYPSE Javed Samuel — javed[at]isecpartners[dot]com iSEC Partners, Inc 123 Mission Street, Suite 1020 San Francisco, CA 94105 https://www.isecpartners.com March 20, 2014 Abstract This paper will explain the latest breakthroughs in the academic cryptography community and look ahead at what practical issues could arise for popular cryptosystems. Specifically, we will focus on the recent major devel- opments in discrete mathematics and their potential ability to undermine our trust in the most basic asymmetric primitives, including RSA. We will explain the basic theories behind RSA and the state-of-the-art in large number- ing factoring, and how several recent papers may point the way to massive improvements in this area. The paper will then switch to the practical aspects of the doomsday scenario, and will answer the question “What happens the day after RSA is broken?” We will point out the many obvious and hidden uses of RSA and related algorithms and outline how software engineers and security teams can operate in a post-RSA world. We will also discuss the results of our survey of popular products and software, and point out the ways in which individuals can prepare for the “zombie cryptopocalypse”. 1 INTRODUCTION Over the past few years, there have been numerous attacks on the current SSL infrastructure. These have ranged from BEAST [97], CRIME [88], Lucky 13 [2][86], RC4 bias attacks [1][91] and BREACH [42]. These attacks all show the fragility of the current SSL architecture as vulnerabilities have been found in a variety of features ranging from compression, timing and padding [90].
  • USING NUMBER FIELDS to COMPUTE LOGARITHMS in FINITE FIELDS 1. Introduction Let Q = Pn, Where P Is a Prime Number and N a Positiv

    USING NUMBER FIELDS to COMPUTE LOGARITHMS in FINITE FIELDS 1. Introduction Let Q = Pn, Where P Is a Prime Number and N a Positiv

    MATHEMATICS OF COMPUTATION Volume 69, Number 231, Pages 1267{1283 S 0025-5718(99)01137-0 Article electronically published on May 24, 1999 USING NUMBER FIELDS TO COMPUTE LOGARITHMS IN FINITE FIELDS OLIVER SCHIROKAUER Abstract. We describe an adaptation of the number field sieve to the problem of computing logarithms in a finite field. We conjecture that the running time of the algorithm, when restricted to finite fields of an arbitrary but fixed 1=3 degree, is Lq[1=3; (64=9) + o(1)]; where q is the cardinality of the field, s 1−s Lq [s; c]=exp(c(log q) (log log q) ); and the o(1) is for q !1.Thenumber field sieve factoring algorithm is conjectured to factor a number the size of q inthesameamountoftime. 1. Introduction n Let q = p ,wherep is a prime number and n a positive integer, and let Fq be the field of q elements. Let t and v be nonzero elements in Fq such that v is in the multiplicative subgroup generated by t,andletx be the smallest nonnegative integer such that tx = v. We call the exponent x the discrete logarithm of v with respect to the base t and write x =logt v. In this paper we present an algorithm to compute logt v. The most succesful methods to date to compute discrete logarithms in a finite field are all descendants of the index calculus method described by Kraitchik in the 1920's (see [14] and [15]) and rediscovered and modified by numerous mathe- maticians since then (see [25] and [31]).
  • UC San Diego Electronic Theses and Dissertations

    UC San Diego Electronic Theses and Dissertations

    UC San Diego UC San Diego Electronic Theses and Dissertations Title Norm-Euclidean Galois fields Permalink https://escholarship.org/uc/item/359664zv Author McGown, Kevin Joseph Publication Date 2010 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA, SAN DIEGO Norm-Euclidean Galois Fields A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in Mathematics by Kevin Joseph McGown Committee in charge: Professor Harold Stark, Chair Professor Wee Teck Gan Professor Ronald Graham Professor Russell Impagliazzo Professor Cristian Popescu 2010 Copyright Kevin Joseph McGown, 2010 All rights reserved. The dissertation of Kevin Joseph McGown is ap- proved, and it is acceptable in quality and form for publication on microfilm and electronically: Chair University of California, San Diego 2010 iii DEDICATION To my wife iv TABLE OF CONTENTS Signature Page . iii Dedication . iv Table of Contents . v List of Tables . vii Acknowledgements . viii Vita . ix Abstract of the Dissertation . x 1 Introduction . 1 1.1 First Notions . 1 1.2 History . 2 1.3 Open Problems . 4 1.4 Main Results . 5 2 Preliminaries . 11 2.1 Algebraic Number Fields . 11 2.2 Dirichlet Characters . 13 2.3 Residue Symbols in Number Fields . 15 2.4 Class Field Theory . 15 2.5 Zeta Functions and L-Functions . 17 2.6 Number Fields with Class Number One . 19 2.7 Heilbronn's Criterion . 21 3 Norm-Euclidean Galois Fields . 22 3.1 Conditions for the Failure of the Euclidean Property . 22 3.2 An Algorithm and Some Computations .
  • Selecting Polynomials for the Function Field Sieve

    Selecting Polynomials for the Function Field Sieve

    Selecting polynomials for the Function Field Sieve Razvan Barbulescu The Function Field Sieve (FFS) algorithm is dedicated to computing discrete logarithms in n a finite field Fqn , where q is a prime power, small compared to q . Introduced by Adleman in [Adl94] and inspired by the Number Field Sieve (NFS), the algorithm collects pairs of polynomials (a; b) 2 Fq[t] such that the norms of a − bx in two function fields are both smooth (the sieving stage), i.e having only irreducible divisors of small degree. It then solves a sparse linear system (the linear algebra stage), whose solutions, called virtual logarithms, allow to compute the discrete algorithm of any element during a final stage (individual logarithm stage). The choice of the defining polynomials f and g for the two function fields can be seen as a preliminary stage of the algorithm. It takes a small amount of time but it can greatly influence the sieving stage by slightly changing the probabilities of smoothness. In order to solve the discrete logarithm in Fqn , the main required property of f; g 2 Fq[t][x] is that their resultant Resx(f; g) has an irreducible factor '(t) of degree n. Various methods have been proposed to build such polynomials, but the best results in practice correspond to the method of Joux and Lercier [JL02]. Its particularity is that one of the two polynomials, say g, is linear. Moreover, for any polynomial f in Fq[t][x] and any input Fqn , one can associate a linear polynomial g satisfying the requirements of the FFS.
  • The Impact of the Number Field Sieve on the Discrete Logarithm Problem In

    The Impact of the Number Field Sieve on the Discrete Logarithm Problem In

    Algorithmic Number Theory MSRI Publications Volume 44, 2008 The impact of the number field sieve on the discrete logarithm problem in finite fields OLIVER SCHIROKAUER 1. Introduction n Let p be a prime number and n a positive integer, and let q p . Let ކq D be the field of q elements and denote by ކq the multiplicative subgroup of ކq. Assume t and u are elements in ކq with the property that u is in the subgroup generated by t. The discrete logarithm of u with respect to the base t, written log u, is the least non-negative integer x such that t x u. t D In this paper we describe two methods to compute discrete logarithms, both of which derive from the number field sieve (NFS) factoring algorithm described in [Stevenhagen 2008] and [Lenstra and Lenstra 1993]. When factoring an integer N with the NFS, we first choose a number ring R as in [Stevenhagen 2008] for which there is a ring homomorphism R ޚ=N ޚ. Then we combine smooth W ! 2 2 elements in R and in ޚ to obtain squares ˛1 a R and ˛2 a ޚ R, D 1 2 D 2 2 Â such that .˛1/ .˛2/. If .a1/ .a2/, then the gcd of N and a a2, D 6D ˙ 10 where a10 is a representative in ޚ for .a1/, is a non-trivial factor of N . When using the strategy to compute discrete logarithms in ކq, we choose either two number rings or two polynomial rings, call them R1 and R2, such that there are ring homomorphisms 1 R1 ކq and 2 R2 ކq.
  • The Tower Number Field Sieve

    The Tower Number Field Sieve

    The Tower Number Field Sieve Razvan Barbulescu1, Pierrick Gaudry2, and Thorsten Kleinjung3 1 CNRS and IMJ-PRG(UPMC/CNRS), France, 2 CNRS and Loria(Inria/Univ. Lorraine/CNRS), France 3 EPFL IC LACAL, Station 14, CH-1015 Lausanne, Switzerland [email protected], [email protected], thorsten.kleinjung@epfl.ch Abstract. The security of pairing-based crypto-systems relies on the difficulty to compute discrete logarithms in finite fields Fpn where n is a small integer larger than 1. The state-of-art algorithm is the number field sieve (NFS) together with its many variants. When p has a special form (SNFS), as in many pairings constructions, NFS has a faster vari- ant due to Joux and Pierrot. We present a new NFS variant for SNFS computations, which is better for some cryptographically relevant cases, according to a precise comparison of norm sizes. The new algorithm is an adaptation of Schirokauer’s variant of NFS based on tower extensions, for which we give a middlebrow presentation. Keywords: discrete logarithm, number field sieve, pairings. 1 Introduction The discrete logarithm problem (DLP) in finite fields is a central topic in public key cryptography. The case of Fpn where p is prime and n is a small integer greater than 1, albeit less studied than the prime case, is at the foundation of pairing-based cryptography. The number field sieve (NFS) started life as a factoring algorithm but was rapidly extended to compute discrete logarithms in Fp [33,19,20] and has today a large number of variants. In 2000 Schirokauer [34] proposed the tower number field sieve (TNFS), as the first variant of NFS to solve DLP in fields Fpn with n > 1.
  • Some Aspects and Applications of the Riemann Hypothesis Over Finite Fields

    Some Aspects and Applications of the Riemann Hypothesis Over Finite Fields

    SOME ASPECTS AND APPLICATIONS OF THE RIEMANN HYPOTHESIS OVER FINITE FIELDS E. KOWALSKI Abstract. We give a survey of some aspects of the Riemann Hypothe- sis over finite fields, as it was proved by Deligne, and its applications to analytic number theory. In particular, we concentrate on the formalism leading to Deligne's Equidistribution Theorem. 1. Introduction The goal of this survey is to present some aspects of the Riemann Hy- pothesis over finite fields. The context is Deligne's celebrated work ([5], [6]) and its applications, and the text is roughly split in two parts. In the first part, we try to introduce and motivate the framework in which the powerful formalism of ´etalecohomology and the Riemann Hypothesis operate, em- phasizing aspects leading to Deligne's remarkable Equidistribution Theorem. The second part (starting in Section 5) is a discussion of this theorem, which involves naturally \families" of exponential sums and L-functions over finite fields, and of some (mostly) recent applications of the Riemann Hypoth- esis and Deligne's theorem, concluding with a short list of open problems (emphasizing general, \philosophical" issues, rather than specific questions). This is written with a target audience of readers who are not experts in algebraic geometry, in particular analytic number theorists. We use a few basic examples as references, notably Gauss sums, Kloosterman sums (and their average Sato-Tate distribution) and the very simple { but enlighten- ing { case of finite (zero-dimensional) algebraic varieties. The emphasis is throughout in situations which, at least at first sight, are not immediately or obviously analogue to the classical Riemann Hypothesis for the Riemann zeta and Dirichlet L-functions.
  • Zetapack: a System for the Computation of Zeta and L-Functions with Mathematica

    Zetapack: a System for the Computation of Zeta and L-Functions with Mathematica

    ZetaPack: A system for the computation of zeta and L-functions with Mathematica Kevin A. Broughan Version: 6th July 2007 2 Contents Contents 3 0.1 Preface . 9 0.2 Description . 9 0.3 Installation . 9 0.4 Acknowledgements . 10 0.5 Dedication . 10 1 Zeta and L-functions 11 1.1 Introduction . 11 1.2 Classes of zeta and L-functions . 12 1.2.1 The Selberg class . 12 1.2.2 Properties of the Selberg Class . 13 1.2.3 Selberg's conjectures . 14 1.2.4 Consequences of the Selberg de nitions and conjectures . 15 1.2.5 Functions in the Selberg class . 15 1.2.6 Dokchitser L-functions . 15 1.2.7 Functions in the Dokchitser class . 16 1.3 Automorphic forms for GL(n; R) ............................. 16 1.3.1 Iwasawa decomposition . 16 1.3.2 Algebras of di erential operators . 17 1.3.3 The power function . 17 1.3.4 Maass forms . 18 1.3.5 Fourier expansions . 18 1.3.6 Jacquet's Whittaker function . 19 1.3.7 Hecke operators . 20 1.3.8 Godement-Jacquet L-function . 21 1.3.9 Functional equation . 22 1.4 Dictionaries . 23 1.5 ZetaPack functions . 23 1.6 The L-function data type . 24 2 A database of elementary Dirichlet Series 27 2.1 Introduction . 27 2.2 Multiplicative Functions . 27 3 4 CONTENTS 2.3 Database summary . 29 2.4 Operations on Dirichlet series . 31 2.5 Inverting a Riemann zeta related Dirichlet series . 32 2.6 Euler Products . 33 2.7 Evaluating the Riemann zeta function .
  • 1 Introduction

    1 Introduction

    Algorithms for Finite Fields 1 Introduction This course will discuss efficient ways to do computations over finite fields. First, we will search for efficient ways to factor polynomials over finite fields. There is a probabilistic polynomial time algorithm for this, as we’ll see. Second, we’ll discuss computations involving discrete logarithms. That is, suppose h ∈< g >, find n such that h = gn. As of the first class day, there is no polynomial time algorithm for this problem. It is possible that there is no such algorithm. Third, we will look at primality testing for integers. There is a deterministic polynomial time algorithm for this problem, and it is essentially a finite field algorithm. It starts with a ring depending of the number to be tested, which is a field if and only if the number is prime. For every prime number p and positive integer n, there exists a field n with p elements, and any two such fields are isomorphic. Fpn denotes n “the” finite field with p elements. When n = 1, we have Fp = Z/pZ. One pn way of describing Fpn is as the splitting field of x − x in the algebraic closure of Fp. This is unsatisfactory, however, since this does not show how to compute the algebraic closure. A better way is to choose an irreducible f(x) ∈ Fp[x] of degree n and think of Fpn as Fp[x]/(f(x)). This is better n−1 since we may describe each element in this field as a0 + a1x + ... + an−1x for ai ∈ Fp.