Dietzfelbinger M. Primality testing in polynomial time ... - tiera.ru

More documents

Recommendations

Info

110 7. More Algebra: Polynomials and Fields deg(g1), deg(g2) < d. By the induction hypothesis, we may write g1 and g2 as products of a field element and monic irreducible polynomials. Putting these two products together yields the desired representation for f. “Uniqueness”: This is proved indirectly. Assume for a contradiction that there are nonzero polynomials with two essentially distinct factorizations. Let f be one such polynomial with minimal degree. Assume f = a · h1 ···hs = a ′ · h ′ 1 ···h′ t are two different factorizations. Clearly, then, s, t ≥ 1. Now h ′ 1 is a divisor of a · (a ′ ) −1 · h1 ···hs. By applying Lemma 7.4.3 repeatedly, we see that h ′ 1 must divide hj for some j, 1≤ j ≤ s. By reordering the hj, we can arrange it so that j =1.Thus,writeh1 = h ′ 1 · q. Because h1 is irreducible and h ′ 1 is not in F ∗ ,wemusthaveq∈F∗ . From the assumption that h ′ 1 and h1 are monic, we conclude h ′ 1 = h1. This means that a · h2 ···hs = a ′ · h ′ 2 ···h ′ t are two different factorizations of a polynomial of degree smaller than deg(f), contradicting our choice of f. — This shows that there are no polynomials with two different factorizations. ⊓⊔ It should be mentioned that in general no polynomial time algorithm is known that can find the representation of a polynomial f as a product of irreducible factors. Special cases (like F [X] whereF is a field with a small cardinality) can be treated quite efficiently. However, for our purposes, no such algorithm is needed, since the factorization of polynomials is not used algorithmically, but only as a tool in the correctness proof of the deterministic primality test. The concept of an irreducible polynomial is central in a method for constructing finite fields other than the fields Zp. Theorem 7.4.5. Let F be a field, and let h ∈ F [X] be a monic irreducible polynomial over F . Then the structure F [X]/(h) from Definition 7.3.1 is a field. (If F is finite, this field has |F | deg(h) elements.) Proof. We have seen already in Proposition 7.3.3 that F [X]/(h) isaring.It remains to show that every element of F [X]/(h) −{0} has an inverse with respect to multiplication modulo h. But this we have proved already: Let f ∈ F [X]/(h) −{0} be arbitrary. Since deg(f) < deg(h), it is not possible that h divides f. By Lemma 7.4.2 there are polynomials s, t ∈ F [X] sothat 1=s·h+t·f. This means that 1 ≡ t·f ≡ (t mod h)·f (mod h), i.e., t mod h is a multiplicative inverse of f in F [X]/(h) −{0}. ⊓⊔ As an example, the reader may go back and have another look at the multiplication table of the ring Z3[X]/(X 2 + 1) (Table 7.1). Each of the eight nonzero elements has a multiplicative inverse, as is immediately read off from the table. For example, the entry 01, which corresponds to the polynomial
7.5 Roots of Polynomials 111 X, has the inverse 02, which corresponds to 2X. Indeed, X · 2X =2X 2 = 2 · (−1) = 2 · 2 ≡ 1, calculated in Z3[X]/(X 2 + 1). Similarly, in Z5[X]/(X 2 + 4X + 1), the polynomial X has the inverse (4X +1),sinceX · (4X +1)= 4X 2 + X ≡ 4(X 2 +4X +1)+1≡ 1. It should be mentioned that (in contrast to the more difficult task of factoring polynomials into irreducible factors) a version of the Extended Euclidean Algorithm 3.2.4 known from the integers yields an efficient procedure to calculate inverses in the field F [X]/(h) −{0}. Since this algorithm is not relevant for our task, we do not describe it here. The question remains if there are sufficiently many irreducible polynomials to make Theorem 7.4.5 a useful approach to obtaining finite fields. It is a well-known fact, to be proved by methods not described in this book, that for every field F and for every d ≥ 0 there is at least one irreducible (monic) polynomial of degree d over F , which then leads to the construction of a field that consists of d-tuples of elements of F .IfF is finite, the cardinality of this field is |F | d . Starting with the fields Zp for p aprimenumber,weobtain fields of cardinality p d for every prime number p and every exponent d. Inthe other direction, it is not hard to show by basic methods from linear algebra that if there is a finite field of cardinality q then q is the power of a prime number p. The field F [X]/(h) has the interesting property that it contains a root of the polynomial h. This fact will be very important later. Proposition 7.4.6. Let F and h be as in the previous theorem, and let F ′ = F [X]/(h) be the corresponding field. Then the element ζ = X mod h ∈ F ′ is arootofh, i.e., in F ′ we have h(ζ) =0. (Note that if deg(h) ≥ 2thenζ = X ∈ F ′ − F .Ifdeg(h) =1,thenh = X + a for some a ∈ F and ζ = −a.) Proof. We use Proposition 7.3.3 for calculating modulo h in F [X], and Example 7.1.14(b) to obtain h(ζ) =h(X mod h) modh = h(X) modh = h mod h =0. ⊓⊔ 7.5 Roots of Polynomials From calculus it is well known that if we consider nonzero polynomials over R, then linear functions x ↦→ ax+b have at most one root, quadratic functions x ↦→ ax 2 + bx + c have at most two, cubic polynomials have at most three, and so on. We note here that this is a property that holds in all fields. The basis for this observation is simply division with remainder, which shows that if a is a root of f then f contains X − a as a factor. Theorem 7.5.1. Let F be a field, and let f ∈ F [X] with f �= 0, i.e., d = deg(f) ≥ 0. Then
Page 1 and 2:
Lecture Notes in Computer Science 3
Page 3 and 4:
Martin Dietzfelbinger Primality Tes
Page 5 and 6:
To Angelika, Lisa, Matthias, and Jo
Page 7 and 8:
VIII Preface toundingly it gets by
Page 9 and 10:
X Contents 5. The Miller-Rabin Test
Page 11 and 12:
2 1. Introduction: Efficient Primal
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
10 1. Introduction: Efficient Prima
Page 21 and 22:
12 1. Introduction: Efficient Prima
Page 23 and 24:
14 2. Algorithms for Numbers and Th
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
3. Fundamentals from Number Theory
Page 33 and 34:
3.1 Divisibility and Greatest Commo
Page 35 and 36:
3.2 The Euclidean Algorithm 27 Prop
Page 37 and 38:
3.2 The Euclidean Algorithm 29 (b)
Page 39 and 40:
3.2 The Euclidean Algorithm 31 We n
Page 41 and 42:
3.3 Modular Arithmetic 33 Lemma 3.3
Page 43 and 44:
3.4 The Chinese Remainder Theorem 3
Page 45 and 46:
3.4 The Chinese Remainder Theorem 3
Page 47 and 48:
3.5 Prime Numbers 39 3.5.1 Basic Ob
Page 49 and 50:
3.5 Prime Numbers 41 steps in the v
Page 51 and 52:
3.5 Prime Numbers 43 r ≥ 0. Clear
Page 53 and 54:
ϕ(n) = � 3.6 Chebychev’s Theor
Page 55 and 56:
3.6 Chebychev’s Theorem on the De
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
56 4. Basics from Algebra: Groups,
Page 65 and 66: 58 4. Basics from Algebra: Groups,
Page 79 and 80: 5. The Miller-Rabin Test In this ch
Page 81 and 82: 5.1 The Fermat Test 75 multiples of
Page 83 and 84: 5.1 The Fermat Test 77 the set {n |
Page 85 and 86: 5.2 Nontrivial Square Roots of 1 79
Page 87 and 88: 5.2 Nontrivial Square Roots of 1 81
Page 89 and 90: Lemma 5.3.1. (a) L A n ⊆ BA n . (
Page 91 and 92: 6. The Solovay-Strassen Test The pr
Page 93 and 94: 6.2 The Jacobi Symbol 87 Definition
Page 95 and 96: a 6.3 The Law of Quadratic Reciproc
Page 97 and 98: 6.3 The Law of Quadratic Reciprocit
Page 99 and 100: 6.4 Primality Testing by Quadratic
Page 101 and 102: 7. More Algebra: Polynomials and Fi
Page 103 and 104: 7.1 Polynomials over Rings 97 Defin
Page 105 and 106: 7.1 Polynomials over Rings 99 Remar
Page 107 and 108: 7.1 Polynomials over Rings 101 (b)
Page 109 and 110: 7.2 Division with Remainder and Div
Page 111 and 112: 7.3 Quotients of Rings of Polynomia
Page 113 and 114: 7.3 Quotients of Rings of Polynomia
Page 115: 7.4 Irreducible Polynomials and Fac
Page 119 and 120: 7.6 Roots of the Polynomial X r −
Page 121 and 122: 8. Deterministic Primality Testing
Page 123 and 124: 8.2 The Algorithm of Agrawal, Kayal
Page 125 and 126: 8.3 The Running Time 119 Time for t
Page 127 and 128: 8.3 The Running Time 121 Lemma 8.3.
Page 129 and 130: 8.5 Proof of the Main Theorem 123 B
Page 131 and 132: 8.5 Proof of the Main Theorem 125 L
Page 133 and 134: 8.5 Proof of the Main Theorem 127 P
Page 135 and 136: 8.5 Proof of the Main Theorem 129 (
Page 137 and 138: 8.5 Proof of the Main Theorem 131 i
Page 139 and 140: 134 A. Appendix Proof. For k < 0ork
Page 141 and 142: 136 A. Appendix as an abbreviation
Page 143 and 144: 138 A. Appendix a 1 2 3 4 5 6 7 8 9
Page 145 and 146: 140 A. Appendix Lemma A.3.3. If p
Page 147 and 148: 142 A. Appendix Induction step: Ass
Page 149 and 150: 144 References 20. Gauss, C.F., Dis
Page 151 and 152: 146 Index efficient algorithm, 2 eq
show all

Dietzfelbinger M. Primality testing in polynomial time ... - tiera.ru

Create successful ePaper yourself

Delete template?

Save as template?