Number-theoretic Algorithms ∗ Richard P. Brent ANU ∗ Copyright c 2011, R. P. Brent. comp4600, 2011 1. Polynomials and integers Reference: CLRS, Chapter 30. We first consider algorithms for integer and polynomial arithmetic, particularly multiplication. Let us formally define what we mean by a “polynomial”. Polynomials over a ring Let be a ring. With a symbol x / we form R ∈ R the expressions ν P (x) = pν x ν X in which the sum is taken over a finite number of different integers ν 0, and where the ≥ “coefficients” p belong to the ring . Such ν R expressions are called “polynomials” or more precisely “polynomials in x over ”; the symbol R x is called an indeterminate. We regard two polynomials as equal if they differ only by zero coefficients. For example, 7x +0x2 =0+7x =7x. 2 The ring [x] R The set of polynomials in an indeterminate x over a ring is written as [x]. Addition and R R multiplication in [x] are defined in the natural R way. With this definition, [x] forms a ring. R In applications of interest to us, is often a R field, e.g. the field Q of rationals, the field R of real numbers, the field C of complex numbers, or a finite (Galois) field GF(p) = Z/pZ, where p is a prime. We are sometimes interested in polynomials over rings which are not fields, e.g. the ring Z of integers, or the ring Z/mZ of integers modulo m, where m is a composite number. In most cases the rings are commutative (an exception is the ring of n n matrices over a field, n > 1). × The degree of P (x) [x] is ∈ R deg(P ) = max ν p =0 . { | ν 6 } ∪ {−∞} Note: is included in case P = 0. −∞ 3 Examples P (x)=5+2x3 9x7 is a polynomial over the − ring of integers, and deg(P )=7. P (x) = 0 is a polynomial over whatever ring you choose, and deg(P ) = . −∞ P (x) = πx99 is a polynomial over R. 5 2 P (y)=1+ 7 y is a polynomial over Q. P (z)=(1+ √2) (7 5√2)z is a polynomial − − over Q(√2), a finite extension of Q. If P,Q R[x] then ∈ deg(P + Q) max(deg(P ), deg(Q)) ≤ and deg(PQ) = deg(P ) + deg(Q) . This relation motivates our definition deg(0) = (as in Knuth but not in CLRS). −∞ 4 Polynomials in several variables If x, y are indeterminates we can consider polynomials in y whose coefficients are polynomials in x, e.g. P (x)(y) = P (x, y)=(5+3x)+(7+2x2)y3 is a polynomial in y whose coefficients are polynomials in x. In this case P [x][y]. ∈ R We usually write P (x)(y) as λ ν P (x, y) = pλ,ν x y . Xλ,ν There are several possible definitions of the degree of a multivariate polynomial. For example, we could define deg(P (x, y)) = max λ + ν p =0 . { | λ,ν 6 } ∪ {−∞} 5 Interpretation as functions We often interpret a polynomial P (x) (x) as ∈ R a function f : . R → R For example, the Chebyshev polynomials Tn(x) are polynomials of degree n over R or C, defined by T0(x)=1, T1(x) = x, and T (x)=2xT (x) T (x) for n 1. n+1 n − n−1 ≥ We can also regard Tn(x) as a function which satisfies the equation T (cos θ) = cos nθ for θ C. n ∈ 6 Formal power series If we have an infinite sequence (a0, a1,...) and an indeterminate x then we can define a formal power series A(x) by ν A(x) = aνx . νX≥0 The coefficients aν are assumed to lie in a ring which may in particular cases be a field such R as R or C. We can define addition and multiplication of power series in the obvious way: if C(x) = A(x) + B(x) then cν = aν + bν and if C(x) = A(x)B(x) then cν = aλbν−λ . 0≤Xλ≤ν With these definitions the formal power series over form a ring. R 7 Definition of ord Analogous to the degree of a polynomial, it is useful to define ord(A) = min ν a =0 + , { | ν 6 }∪{ ∞} where the + is included in case A = 0. ∞ Exercise: ord(A + B) min(ord(A), ord(B)) ≥ and ord(AB) = ord(A) + ord(B) . Exercise: If we consider power series over a field F , then A(x) has a multiplicative inverse (i.e. B(x) such that A(x)B(x)=1) iff ord(A)=0. Remark: If in the definition we allow a finite number of nonzero coefficients aν with ν < 0, then we get Laurent series. The Laurent series over a field F form a field. 8 Convergence We have defined power series quite formally, so no question of convergence or divergence arises. For example, the power series ν A(x) = 22 xν νX≥0 is a perfectly well-defined formal power series. We can think of it as a generating function ν which “generates” the coefficients 22 . However, if we want to regard a power series over a field F as a function then questions of convergence arise (and this does not always make sense, e.g. if F is a finite field). In this course power series will only be used as generating functions, so we can ignore questions of convergence. 9 Truncated power series If A(x) and B(x) are two power series over the same ring , we write R A(x) = B(x) mod xn iff ord(A(x) B(x)) n. − ≥ In other words, iff a = b for 0 ν < n. ν ν ≤ If P (x) is a polynomial then we can regard P (x) as a power series with only a finite number of nonzero terms. If A(x) is a power series and n 0 then clearly ≥ there is a unique polynomial P (x) such that deg(P ) < n and A(x) = P (x) mod xn. Proof: define aν if 0 ν < n pν = ≤ ( 0 otherwise 10 Representation of polynomials A polynomial P (x) of degree n can be represented as an array A[0 .. n] provided the base type of the array can represent the coefficients of P (x). In other words, we require A[ν] to represent pν . Similarly, a multivariate polynomial can be represented as a multidimensional array. Sparse polynomials A polynomial is said to be sparse if “most” of the coefficients a0,...,adeg(A) are zero (and similarly for multivariate polynomials). We shall not attempt to define what “most” means but it typically means “at least 90%”. In order to save storage (and arithmetic) it may be desirable to store sparse polynomials as linked lists, so only the nonzero coefficients need to be stored. 11 Multiple-precision integers A (large) nonnegative integer N <βt can be represented as t−1 ν N = aν β , νX=0 where β > 1 is the base or radix, the aν are “base β digits” and (usually) satisfy 0 a <β, ≤ ν and t is the number of digits. (For signed integers we can use a “sign and magnitude” representation, i.e. N = s N , where s = 1.) | | ± Clearly there is a close correspondence between the integer N represented as above and the polynomial t−1 ν P (x) = aν x . νX=0 Note that N = P (β). Because of this correspondence, many algorithms for operating on large integers are closely related to algorithms for operating on polynomials. 12 Other operations on polynomials and power series There are some operations on polynomials which have no analogue for integers, e.g. differentiation, composition, reversion. The formal derivative P ′(x) of a polynomial or ν power series P (x) = pν x is defined by ′ P ν−1 P (x) = νpνx . ν>X0 For a polynomial P (x) over a field of characteristic zero (e.g. Q, R or C), we can define a formal integral by x xν+1 P (t) dt = pν . 0 ν +1 Z νX≥0 13 Composition and reversion The composition of two power series P (x) and Q(x), where ord(Q(x)) > 0, is defined to be the power series C(x), where ν C(x) = P (Q(x)) = pν Q(x) . νX≥0 Note that ord(Q(x)n) n, so each coefficient c ≥ n of C(x) is defined by a finite sum involving p0,...,pn and q1,...,qn; thus no questions of convergence arise. If P (x) and Q(x) are power series, ord(P (x)) = 1, ord(Q(x)) = 1, and P (Q(x)) = Q(P (x)) = x, then we say that Q(x) is the reversion of P (x), and we write Q(x) = P (x)(−1). For example, if P (x) = x/(1 x) = x + x2 + x3 + , and − ··· Q(x) = x/(1 + x) = x x2 + x3 , then it is − −··· easy to verify that Q(x) = P (x)(−1). 14 Arithmetic on polynomials Suppose we are given two polynomials A(x) and B(x) over , of degree (at most) n, and want to R compute the product C(x) = A(x)B(x). From the definition, ck = aibj , i+Xj=k for 0 k 2n, where we assume 0 i n, ≤ ≤ ≤ ≤ 0 j n (sometimes it is convenient to define ≤ ≤ ai =0 if i > n, etc). The number of terms in the sum for ck is k +1 if 0 k n, and 2n +1 k if n<k 2n ≤ ≤ − ≤ (check this !), so the total number of multiplications involved is n2 + O(n).