Results 1  10
of
23
Subquadratictime factoring of polynomials over finite fields
 Math. Comp
, 1998
"... Abstract. New probabilistic algorithms are presented for factoring univariate polynomials over finite fields. The algorithms factor a polynomial of degree n over a finite field of constant cardinality in time O(n 1.815). Previous algorithms required time Θ(n 2+o(1)). The new algorithms rely on fast ..."
Abstract

Cited by 68 (11 self)
 Add to MetaCart
Abstract. New probabilistic algorithms are presented for factoring univariate polynomials over finite fields. The algorithms factor a polynomial of degree n over a finite field of constant cardinality in time O(n 1.815). Previous algorithms required time Θ(n 2+o(1)). The new algorithms rely on fast matrix multiplication techniques. More generally, to factor a polynomial of degree n over the finite field Fq with q elements, the algorithms use O(n 1.815 log q) arithmetic operations in Fq. The new “baby step/giant step ” techniques used in our algorithms also yield new fast practical algorithms at superquadratic asymptotic running time, and subquadratictime methods for manipulating normal bases of finite fields. 1.
Metatheory and Reflection in Theorem Proving: A Survey and Critique
, 1995
"... One way to ensure correctness of the inference performed by computer theorem provers is to force all proofs to be done step by step in a simple, more or less traditional, deductive system. Using techniques pioneered in Edinburgh LCF, this can be made palatable. However, some believe such an appro ..."
Abstract

Cited by 53 (2 self)
 Add to MetaCart
One way to ensure correctness of the inference performed by computer theorem provers is to force all proofs to be done step by step in a simple, more or less traditional, deductive system. Using techniques pioneered in Edinburgh LCF, this can be made palatable. However, some believe such an approach will never be efficient enough for large, complex proofs. One alternative, commonly called reflection, is to analyze proofs using a second layer of logic, a metalogic, and so justify abbreviating or simplifying proofs, making the kinds of shortcuts humans often do or appealing to specialized decision algorithms. In this paper we contrast the fullyexpansive LCF approach with the use of reflection. We put forward arguments to suggest that the inadequacy of the LCF approach has not been adequately demonstrated, and neither has the practical utility of reflection (notwithstanding its undoubted intellectual interest). The LCF system with which we are most concerned is the HOL proof ...
Searching for Primitive Roots in Finite Fields
, 1992
"... Let GF(p n ) be the finite field with p n elements where p is prime. We consider the problem of how to deterministically generate in polynomial time a subset of GF(p n ) that contains a primitive root, i.e., an element that generates the multiplicative group of nonzero elements in GF(p n ). ..."
Abstract

Cited by 40 (3 self)
 Add to MetaCart
Let GF(p n ) be the finite field with p n elements where p is prime. We consider the problem of how to deterministically generate in polynomial time a subset of GF(p n ) that contains a primitive root, i.e., an element that generates the multiplicative group of nonzero elements in GF(p n ). We present three results. First, we present a solution to this problem for the case where p is small, i.e., p = n O(1) . Second, we present a solution to this problem under the assumption of the Extended Riemann Hypothesis (ERH) for the case where p is large and n = 2. Third, we give a quantitative improvement of a theorem of Wang on the least primitive root for GF(p) assuming the ERH. Appeared in Mathematics of Computation 58, pp. 369380, 1992. An earlier version of this paper appeared in the 22nd Annual ACM Symposium on Theory of Computing (1990), pp. 546554. 1980 Mathematics Subject Classification (1985 revision): 11T06. 1. Introduction Consider the problem of finding a primitive ...
Open Problems in Number Theoretic Complexity, II
"... this paper contains a list of 36 open problems in numbertheoretic complexity. We expect that none of these problems are easy; we are sure that many of them are hard. This list of problems reflects our own interests and should not be viewed as definitive. As the field changes and becomes deeper, new ..."
Abstract

Cited by 26 (0 self)
 Add to MetaCart
this paper contains a list of 36 open problems in numbertheoretic complexity. We expect that none of these problems are easy; we are sure that many of them are hard. This list of problems reflects our own interests and should not be viewed as definitive. As the field changes and becomes deeper, new problems will emerge and old problems will lose favor. Ideally there will be other `open problems' papers in future ANTS proceedings to help guide the field. It is likely that some of the problems presented here will remain open for the forseeable future. However, it is possible in some cases to make progress by solving subproblems, or by establishing reductions between problems, or by settling problems under the assumption of one or more well known hypotheses (e.g. the various extended Riemann hypotheses, NP 6= P; NP 6= coNP). For the sake of clarity we have often chosen to state a specific version of a problem rather than a general one. For example, questions about the integers modulo a prime often have natural generalizations to arbitrary finite fields, to arbitrary cyclic groups, or to problems with a composite modulus. Questions about the integers often have natural generalizations to the ring of integers in an algebraic number field, and questions about elliptic curves often generalize to arbitrary curves or abelian varieties. The problems presented here arose from many different places and times. To those whose research has generated these problems or has contributed to our present understanding of them but to whom inadequate acknowledgement is given here, we apologize. Our list of open problems is derived from an earlier `open problems' paper we wrote in 1986 [AM86]. When we wrote the first version of this paper, we feared that the problems presented were so difficult...
Explicit bounds for primes in residue classes
 Math. Comp
, 1996
"... Abstract. Let E/K be an abelian extension of number fields, with E ̸ = Q. Let ∆ and n denote the absolute discriminant and degree of E. Letσdenote an element of the Galois group of E/K. Weprovethefollowingtheorems, assuming the Extended Riemann Hypothesis: () (1) There is a degree1 prime p of K su ..."
Abstract

Cited by 17 (1 self)
 Add to MetaCart
Abstract. Let E/K be an abelian extension of number fields, with E ̸ = Q. Let ∆ and n denote the absolute discriminant and degree of E. Letσdenote an element of the Galois group of E/K. Weprovethefollowingtheorems, assuming the Extended Riemann Hypothesis: () (1) There is a degree1 prime p of K such that p = σ, satis
Comments on search procedures for primitive roots
 Math.Comp.66
, 1997
"... Abstract. Let p be an odd prime. Assuming the Extended Riemann Hypothesis, we show how to construct O((log p) 4 (log log p) −3) residues modulo p, one of which must be a primitive root, in deterministic polynomial time. Granting some wellknown character sum bounds, the proof is elementary, leading ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
Abstract. Let p be an odd prime. Assuming the Extended Riemann Hypothesis, we show how to construct O((log p) 4 (log log p) −3) residues modulo p, one of which must be a primitive root, in deterministic polynomial time. Granting some wellknown character sum bounds, the proof is elementary, leading to an explicit algorithm. 1.
Constructing nonresidues in finite fields and the extended Riemann hypothesis
 Math. Comp
, 1991
"... Abstract. We present a new deterministic algorithm for the problem of constructing kth power nonresidues in finite fields Fpn,wherepis prime and k is a prime divisor of pn −1. We prove under the assumption of the Extended Riemann Hypothesis (ERH), that for fixed n and p →∞, our algorithm runs in pol ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
Abstract. We present a new deterministic algorithm for the problem of constructing kth power nonresidues in finite fields Fpn,wherepis prime and k is a prime divisor of pn −1. We prove under the assumption of the Extended Riemann Hypothesis (ERH), that for fixed n and p →∞, our algorithm runs in polynomial time. Unlike other deterministic algorithms for this problem, this polynomialtime bound holds even if k is exponentially large. More generally, assuming the ERH, in time (n log p) O(n) we can construct a set of elements
Computing modular polynomials
 London Math. Soc., Journal of Computational Mathematics
, 2005
"... The ℓ th modular polynomial, φℓ(x,y), parameterizes pairs of elliptic curves with an isogeny of degree ℓ between them. Modular polynomials provide the defining equations for modular curves, and are useful in many different aspects of computational number theory and cryptography. For example, computa ..."
Abstract

Cited by 7 (3 self)
 Add to MetaCart
The ℓ th modular polynomial, φℓ(x,y), parameterizes pairs of elliptic curves with an isogeny of degree ℓ between them. Modular polynomials provide the defining equations for modular curves, and are useful in many different aspects of computational number theory and cryptography. For example, computations with modular polynomials have been used to speed elliptic curve pointcounting
Towards a deterministic polynomialtime Primality Test
, 2002
"... We examine a primality testing algorithm presented in [Man99] and the related conjecture in [Bha01]. We show that this test is stronger than most of the popular tests today: the Fermat test, the Solovay Strassen test and a strong form of the Fibonacci test. From this, we show the correctness of the ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
We examine a primality testing algorithm presented in [Man99] and the related conjecture in [Bha01]. We show that this test is stronger than most of the popular tests today: the Fermat test, the Solovay Strassen test and a strong form of the Fibonacci test. From this, we show the correctness of the algorithm based on a widely believed conjecture, the Extended Riemann Hypothesis. We also show that any n which is accepted by the algorithm must be an odd squarefree number. Thus, it is arguably the simplest and yet the strongest test for primality. Based on our computations and results proved in this paper we feel that unlike other tests, this test is very promising as the related conjecture seems provable.
Primality Testing Revisited
, 1992
"... . Rabin's algorithm is commonly used in computer algebra systems and elsewhere for primality testing. This paper presents an experience with this in the Axiom* computer algebra system. As a result of this experience, we suggest certain strengthenings of the algorithm. Introduction It is customary ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
. Rabin's algorithm is commonly used in computer algebra systems and elsewhere for primality testing. This paper presents an experience with this in the Axiom* computer algebra system. As a result of this experience, we suggest certain strengthenings of the algorithm. Introduction It is customary in computer algebra to use the algorithm presented by Rabin [1980] to determine if numbers are prime (and primes are needed throughout algebraic algorithms). As is well known, a single iteration of Rabin's algorithm, applied to the number N , has probability at most 0.25 of reporting "N is probably prime", when in fact N is composite. For most N , the probability is much less than 0.25. Here, "probability" refers to the fact that Rabin's algorithm begins with the choice of a "random" seed x, not congruent to 0 modulo N . In practice, however, true randomness is hard to achieve, and computer algebra systems often use a fixed set of x  for example Axiom release 1 uses the set f3; 5; 7; 11;...