This paper introduces a new efficient algorithm for computing Gröbner bases. To avoid as much as possible intermediate computation, the algorithm computes successive truncated Gröbner bases and it replaces the classical polynomial reduction found in the Buchberger algorithm by the simultaneous reduction of several polynomials. This powerful reduction mechanism is achieved by means of a symbolic precomputation and by extensive use of sparse linear algebra methods. Current techniques in linear algebra used in Computer Algebra are reviewed together with other methods coming from the numerical field. Some previously untractable problems (Cyclic 9) are presented as well as an empirical comparison of a first implementation of this algorithm with other well known programs. This comparison pays careful attention to methodology issues. All the benchmarks and CPU times used in this paper are frequently updated and available on a Web page. Even though the new algorithm does not improve the worst case complexity it is several times faster than previous implementations both for integers and modulo computations. 1

. redlog is a package that extends the computer algebra system reduce to a computer logic system, i.e., a system that provides algorithms for the symbolic manipulation of first-order formulas over some temporarily fixed language and theory. In contrast to theorem provers, the methods applied know about the underlying algebraic theory and make use of it. Though the focus is on simplification, parametric linear optimization, and quantifier elimination, redlog is designed as a general-purpose system. We describe the functionality of redlog as it appears to the user, and explain the design issues and implementation techniques. ? The second author was supported by the dfg (Schwerpunktprogramm: Algorithmische Zahlentheorie und Algebra) 1 Introduction redlog stands for reduce logic system. It provides an extension of the computer algebra system (cas) reduce to a computer logic system (cls) implementing symbolic algorithms on first-order formulas w.r.t. temporarily fixed firstorder languag...

A propositional proof system can be viewed as a non-deterministic algorithm for the (co-NP complete) unsatisfiability problem. Many such proof systems, such as resolution, are also used as the basis for heuristics which deterministically search for short proofs in the system. We discuss a propositional proof system based on algebraic reasoning, which we call the Groebner proof system because of a tight connection to the Groebner basis algorithm. For an appropriate measure of proof size, we show that (a degree-limited implementation of) the Groebner basis algorithm finds a Groebner proof of a tautology in time polynomial in the size of the smallest such proof, In other words, unlike most proof systems, the non-deterministic algorithm can be converted to a deterministic one without loss in power. We then compare the power of the Groebner proof system to more studied systems. We show that the Groebner system polynomially simulates Horn clause resolution, quasi-polynomially simulates tree-...

Abstract. In this paper, we review and explain the existing algebraic cryptanalysis of multivariate cryptosystems from the hidden field equation (HFE) family. These cryptanalysis break cryptosystems in the HFE family by solving multivariate systems of equations. In this paper we present a new and efficient attack of this cryptosystem based on fast algorithms for computing Gröbner basis. In particular it was was possible to break the first HFE challenge (80 bits) in only two days of CPU time by using the new algorithm F5 implemented in C. From a theoretical point of view we study the algebraic properties of the equations produced by instance of the HFE cryptosystems and show why they yield systems of equations easier to solve than random systems of quadratic equations of the same sizes. Moreover we are able to bound the maximal degree occuring in the Gröbner basis computation. As a consequence, we gain a deeper understanding of the algebraic cryptanalysis against these cryptosystems. We use this understanding to devise a specific algorithm based on sparse linear algebra. In general, we conclude that the cryptanalysis of HFE can be performed in polynomial time. We also revisit the security estimates for existing schemes in the HFE family. 1

... In this article, we develop a theory of @-finite sequences and functions which provides a unified framework to express algorithms proving and discovering multivariate identities. This approach is vindicated by an implementation.

In 1965, Buchberger introduced the notion of Gröbner bases for a polynomial ideal and an algorithm (Buchberger Algorithm) for their computation ([B1],[B2]). Since the end of the Seventies, Gröbner bases have been an essential tool in the development of computational

Abstract not found

We report on the development of a two-dimensional geometric constraint solver. The solver is a major component of a new generation of CAD systems that we are developing based on a high-level geometry representation. The solver uses a graph-reduction directed algebraic approach, and achieves interactive speed. We describe the architecture of the solver and its basic capabilities. Then, we discuss in detail how to extend the scope of the solver, with special emphasis placed on the theoretical and human factors involved in finding a solution --- in an exponentially large search space --- so that the solution is appropriate to the application and the way of finding it is intuitive to an untrained user. 1 Introduction Solving a system of geometric constraints is a problem that has been considered by several communities, and using different approaches. For example, the symbolic computation community has considered the general problem, in the Supported in part by ONR contract N00014-90-J-...

In this paper we study O-dimensional polynomial ideals defined by a dual basis, i.e. as the set of polynomials which are in the kernel of a set of linear morhpisms from the polynomial ring to the base field. For such ideals, we give polynomial complexity algorithms to compute a Gröbner basis, generalizing the Buchberger-Möller algorithm for computing a basis of an ideals vanishing at a set of points and the FGLM basis conversion algorithm. As an application

Abstract not found