arxiv: v2 [cs.sc] 22 Jun 2017

Transcription

1 Sparse Polynomial Interpolation with Finitely Many Values for the Coefficients arxiv: v [cs.sc] Jun 017 Qiaolong Huang and Xiao-Shan Gao KLMM, UCAS, Academy of Mathematics and Systems Science Chinese Academy of Sciences, Beijing , China Abstract In this paper, we give new sparse interpolation algorithms for black box polynomial f whose coefficients are from a finite set. In the univariate case, we recover f from one evaluation f(β) for a sufficiently large number β. In the multivariate case, we introduce the modified Kronecker substitution to reduce the interpolation of a multivariate polynomial to that of the univariate case. Both algorithms have polynomial bit-size complexity. Keywords. Sparse polynomial interpolation, modified Kronecker substitution, polynomial time algorithms. 1 Introduction The interpolation for a sparse multivariate polynomial f(x 1,..., x n ) given as a black box is a basic computational problem. Interpolation algorithms were given when we know an upper bound for the terms of f [3] and upper bounds for the terms and the degrees of f [13]. These algorithms were significantly improved and these works can be found in the references of [1]. In this paper, we consider the sparse interpolation for f whose coefficients are taken from a known finite set. For example, f could be in Z[x 1,..., x n ] with an upper bound on the absolute values of coefficients of f, or f is in Q[x 1,..., x n ] with upper bounds both on the absolute values of coefficients and their denominators. This kind of interpolation is motivated by the following applications. The interpolation of sparse rational functions leads to interpolation of sparse polynomials whose coefficients have bounded denominators [6, p.6]. In [7], a new method is introduced to reduce the interpolation of a multivariate polynomial f into the interpolation of univariate polynomials, where we need to obtain the terms of f from a larger set of terms and the method given in this paper is needed to solve this problem. In the univariate case, we show that if β is larger than a given bound depending on the coefficients of f, then f can be recovered from f(β). Based on this idea, we give a sparse Partially supported by a grant from NSFC No

2 interpolation algorithm for univariate polynomials with rational numbers as coefficients, whose bit complexity is O((td log H(log C + log H)) or Õ(td), where t is the number of terms of f, d is the degree of f, C and H are upper bounds for the coefficients and the denominators of the coefficients of f. It seems that the algorithm has the optimal bit complexity Õ(td) in all known deterministic and exact interpolation algorithms for black box univariate polynomials as discussed in Remark.17. In the multivariate case, we show that by choosing a good prime, the interpolation of a multivariate polynomial can be reduced to that of the univariate case in polynomial-time. As a consequence, a new sparse interpolation algorithm for multivariate polynomials is given, which has polynomial bit-size complexity. We also give its probabilistic version. There exist many methods for reducing the interpolation of a multivariate polynomial into that of univariate polynomials, like the classical Kronecker substitution, randomize Kronecker substitutions[], Zipple s algorithm[13], Klivans-Spielman s algorithm[9], Garg- Schost s algorithm [4], and Giesbrecht-Roche s algorithm[5]. Using the original Kronecker substitution [10], interpolation for multivariate polynomials can be easily reduced to the univariate case. The main problem with this approach is that the highest degree of the univariate polynomial and the height of the data in the algorithm are exponential. In this paper, we give the following modified Kronecker substitution x i = x mod((d+1)i 1,p), i = 1,,..., n to reduce multivariate interpolations to univariate interpolations. Our approach simplifies and builds on previous work by Garg-Schost[4], Giesbrecht-Roche[5], and Klivans-Spielman[9]. The first two are for straight-line programs. Our interpolation algorithm works for the more general setting of black box sampling. The rest of this paper is organized as follows. In Section, we give interpolation algorithms about univariate polynomials. In Section 3, we give interpolation algorithms about multivariate polynomials. In Section 4, experimental results are presented. Univariate polynomial interpolation.1 Sparse interpolation with finitely many coefficients In this section, we always assume f(x) = c 1 x d 1 + c x d + + c t x dt (1) where d 1, d,..., d t N, d 1 < d < < d t, and c 1, c,, c t A, where A C is a finite set. Introduce the following notations where ε 1 := min a,b A,a b a b and ε := min a A,a 0 a. C := max a A ( a ), ε := min(ε 1, ε ) () Theorem.1 If β C ε + 1, then f(x) can be uniquely determined by f(β).

3 Proof. Firstly, for k = 1,,, we have β C ε + 1 = β 1 C ε = β 1 > C ε β k 1 β k = εβ k > C βk 1 β 1 = εβ k > C(β k 1 + β k + + β + 1) From (1), we have f(β) = c 1 β d 1 + c β d + + c t β dt. Assume that there is another form f(β) = a 1 β k 1 + a β k + + a s β ks, where a 1, a 1,..., a s A and k 1 < k < < k s. It suffices to show that c t β dt = a s β ks. The rest can be proved by induction. First assume that d t k s. Without loss of generality, let d t > k s. Then we have 0 = (c 1 β d 1 + c β d + + c t β dt ) (a 1 β k 1 + a β k + + a s β ks ) c t β dt C(β dt β + 1) C(β ks + + β + 1) c t β dt C(β dt β + 1) > c t β dt εβ dt 0 It is a contradiction, so d t = k s. Assume c t a s, then 0 = (c 1 β d 1 + c β d + + c t β dt ) (a 1 β k 1 + a β k + + a s β ks ) c t a s β dt C(β dt β + 1) > c t a s β dt εβ dt 0 It is a contradiction, so c t = a s. The theorem has been proved.. The sparse interpolation algorithm The idea of the algorithm is first to obtain the maximum term m of f, then subtract m(β) from f(β) and repeat the procedure until f(β) becomes 0. We first show how to compute the leading degree d t. Lemma. If β C ε f(β) + 1, then = β k { > ε, if k d t < ε, if k > d t Proof. From f(β) = c 1 β d 1 + c β d + + c t β dt C(β dt + + β + 1) = C( βd t +1 1 β 1 ) and f(β) = c 1 β d 1 + c β d + + c t β dt c t β dt C(β dt β + 1) = c t β dt C βd t 1 β 1, we have c t β dt C βdt 1 β 1 f(β) C(βdt+1 1 β 1 ). 3

4 When k d t, f(β) c β k t β dt k C β 1 (βdt k 1 ) εβ dt k ε β k (βdt k 1 ) ε β k βdt k + ε ε. When k > d t, f(β) C β k β 1 (βdt+1 k 1 ) ε β k (βdt+1 k 1 ) ε β k βdt+1 k ε 1 1 > β k < ε β k. If we can use logarithm operation, we can change the above lemma into the following form. Lemma.3 If β C ε + 1, then d t = log β f(β) ε. Proof. By lemma., we know f(β) and log β f(β) +1 > ε and f(β) +1 < log β ε, this can be reduced into log β f(β) < ε. Then we have log β f(β) f(β) ε 1 < d t < log β ε > log β ε. As d t is an integer, then we have d t = log β f(β) ε. Based on Lemma.3, we have the following algorithm which will be used in several places. Algorithm.4 (UDeg) Input: f(β), ε, where β C ε + 1. Output: the degree of f(x). Step 1: return log β ( f(β) ε ). Remark.5 If we cannot use logarithm operation, then it is easy to show that we need O(log D) arithmetic operations to obtain the degree based on Lemma.. In the following section, we will regard logarithm as a basic step. Now we will show how to compute the leading coefficient c t. Lemma.6 If β C ε + 1, then c t is the only element in A that satisfies f(β) c t < ε. Proof. First we show that c t satisfies f(β) where g(x) := c t 1 x d t 1 + c t x d t + + c 1 x d 1. So f(β) Lemma., we have g(β) β < ε f(β) d t. So c t < ε. c t < ε. We rewrite f(β) as f(β) = c tβ dt + g(β), = c t + g(β). As deg(g) < d t, by Assume there is another c A also have f(β) β c < ε d t, then c t c f(β) f(β) c + β c d t t < ε. This is only happen when c t = c, so we prove the uniqueness. Based on Lemma.6, we give the algorithm to obtain the leading coefficient. Algorithm.7 (ULCoef) Input: f(β), β, ε, d t Output: the leading coefficient of f(x) Step 1: Find the element c in A such that f(β) c < ε. Step : Return c. 4

5 Now we can give the complete algorithm. Algorithm.8 (UPolySI) Input: A black box univariate polynomial f(x), whose coefficients are in A. Output: The exact form of f(x). Step 1: Find the bounds C and ε of A, as defined in (). Step : Let β := C ε + 1. Step 3: Let g := 0, u := f(β). Step 4: while u 0 do d :=UDeg(u, ε, β); c :=ULCoef(u, β, ε, d); u := u cβ d ; g := g + cx d ; end do. Step 5: Return g. Note that, the complexity of Algorithm.7 depends on A, which is denoted by O A. Note that O A A. We have the following theorem. Theorem.9 The arithmetic complexity of the Algorithm.8 is O(tO A ) O(t A ), where t is the number of terms in f. Proof. Since finding the maximum degree needs one operation and finding the coefficient of the maximum term needs O A operations, and finding the maximum term needs O(O A ) operations. We prove the theorem..3 The rational number coefficients case In this section, we assume that the coefficients of f(x) are rational numbers in A = { b a 0 < a H, b C, a, b Z} (3) a 1 and we have ε = H(H 1). Notice that in Algorithm.8, only Algorithm.7 (ULCoef) needs refinement. We first consider the following general problem about rational numbers. Lemma.10 Let 0 < r 1 < r be rational numbers. Then we can find the smallest d > 0 such that a rational number with denominator d is in (r 1, r ) with computational complexity O(log(r r 1 )). 5

6 Proof. We consider three cases. 1. If one of the r 1 and r is an integer and the other one is not, then the smallest positive integer d such that (r r 1 )d > 1 is the smallest denominator, and d = 1 r r 1.. Both of r 1, r are integers. If r r 1 > 1, then 1 is the smallest denominator. If r r 1 = 1, then is the smallest denominator. 3. Both of r 1, r are not integers. This is the most complicated case. First, we check if there exists an integer in (r 1, r ). If r 1 < r, then r 1 is in the interval which has the smallest denominator 1. Now we consider the case that (r 1, r ) does not contain an integer. Assume r 1 < d 1 d < r, where d > 1 is the smallest denominator. Denote w :=trunc(r 1 ), ɛ 1 := r 1 w,ɛ := r w. Then ɛ 1 < ɛ < 1 and d is the smallest positive integer such that (dr 1, dr ) contains an integer. Since dr 1 = d(w + ɛ 1 ), dr = d(w + ɛ ), d is the smallest positive integer such that interval (dɛ 1, dɛ ) contains an integer. Since dr 1 = d(w+ɛ 1 ), dr = d(w+ɛ ), d is the smallest positive integer such that interval (dɛ 1, dɛ ) contains an integer. We still denote it d 1. Then dɛ 1 < d 1 < dɛ, so d 1 ɛ < d < d 1 ɛ 1, and we can see that d 1 is the the smallest integer such that ( d 1 ɛ, d 1 ɛ 1 ) contains an integer. Suppose we know how to compute the number d 1. Then d = d 1 ɛ when d 1 ɛ is not an integer, and d = d 1 ɛ + 1 when d 1 ɛ is an integer. Note that d 1 is the smallest denominator such that some rational number d d 1 is in ( 1 ɛ, 1 ɛ 1 ). To find d 1, we need to repeat the above procedure to ( 1 ɛ, 1 ɛ 1 ) and obtain a sequence of intervals (r 1, r ) ( 1 ɛ, 1 ɛ 1 ). The denominators of end points of the intervals becomes smaller after each repetition. So the algorithm will terminates. Now we prove that the number of operations of the procedure is O(log(r r 1 )). First, we know the length of the interval (r 1, r ) is r r 1. Now we prove that every time we run one or two recursive steps, the length of the new interval will be times bigger. Let ( b 1 a 1, b a ) be the first interval. If it contains an integer, then we finish the algorithm. We assume that case does not happen, so we can assume b 1 a 1 1, b a 1. Then the second interval is ( a b, a 1 b 1 ). a1 1, then we have a b 1 b Now the new interval length is a 1 b 1 a b. If b 1 a 1 b a b 1 a 1 = a 1 b a b 1 b 1 b a 1 b a b 1 = a 1a b 1 b. a 1 a If b 1 a 1 > 1, then we let a 1 = b 1 + c 1, a = b + c and the third interval is ( b 1 c1, b c ). Then we have b b 1 c c1 b = b 1 a a 1 c 1 b c b 1 c 1 c a 1 b a b 1 = a 1a c 1 c a 1 a >. In this case, if we have an interval whose length is bigger than 1, then the recursion will terminate. So if (r r 1 ) k 1, then k is the upper bound of the number of recursions. So the complexity is O(log(r r 1 )). We proved the lemma. Based on Lemma.10, we present a recursive algorithm to compute the rational number in an interval (r 1, r ) with the smallest denominator. Algorithm.11 (MiniDenom) Input: r 1, r are positive rational numbers. Output: the minimum denominator of rational numbers in (r 1, r ) 6

7 Step 1: if one of r 1, r is an integer and the other one is not an integer then return 1 r r 1. Step : if both of r 1 and r are integers and r r 1 > 1 then return 1. if both of r 1 and r are integers and r r 1 = 1 then return. Step 3: if r 1 < r, then return 1. Step 4: let w :=trunc(r 1 ), ɛ 1 := r 1 w,ɛ := r w; d 1 := MiniDenom( 1 ɛ, 1 ɛ 1 ); if d 1 ɛ is a integer then return d 1 ɛ + 1 else return d 1 ɛ. We now show how to compute the leading coefficient of f(x). Lemma.1 Suppose c t = b a, where gcd(a, b) = 1, a > 0, and I i = ( f(β) β i ε f(β) d t i, β i+ ε d t i), i = 1,,..., H. Then I a Z = {b} and if I a0 Z = {b 0 } then b a = b 0 a 0. Proof. By lemma.6, we have f(β) ε < b a < f(β) the existence is proved. As the length of ( f(β) + ε f(β), so β a ε d t a < b < f(β) β a + ε d t a, and a, f(β) a + ε a) is < ε a εh 1 H 1 1, β a ε d t so b is the unique integer in the interval. Assume that there is another a 0 {1,,..., H}, such that ( f(β) β a d t 0 ε a 0, f(β) β a d t 0 + ε a 0) contains the integer b 0. Then f(β) β a d t 0 ε a 0 < b 0 < f(β) β a d t 0 + ε a 0, so f(β) ε < b 0 a 0 < f(β) + ε. If a b a 0 b 0, then a b a 0 b 0 = ab 0 a 0 b 1 bb 0 H(H 1) = ε, which contradicts to that the length of the interval is less than ε. Let r 1 := f(β) ε, r := f(β) + ε. By Lemma.1, if a 0 is the smallest positive integer such that (a 0 r 1, a 0 r ) contains the unique integer b 0, then we have c t = b 0 a 0. Note that a 0 is the smallest integer such that (a 0 r 1, a 0 r ) contains the unique integer b 0 if and only if a 0 is the smallest integer such that b 0 /a 0 is in (r 1, r ), and such an a 0 can be found with Algorithm.11. This observation leads to the following algorithm to find the leading coefficient of f(x). Algorithm.13 (ULCoefRat) Input: f(β), β, ε, d t Output: the leading coefficient of f(x). Step 1 if f(β) > 0, then r 1 := f(β) Step : Let a := MiniDenom (r 1, r ); ε, r := f(β) + ε ; else r 1 := f(β) β ε d t, r := f(β) β + ε d t ; Step 3: Return a( f(β) ε ) a Replacing Algorithm ULCoef with Algrothm ULCoefRat in Algorithm UPolySI, we obtain the following interpolation algorithm for sparse polynomials with rational coefficients. 7

8 Algorithm.14 (UPolySIRat) Input: A black box polynomial f(x) Q[x] whose coefficients are in A given in (3). Output: The exact form of f(x). Theorem.15 The arithmetic operations of Algorithm.14 are O(t log H) and the bit complexity is O(td log H(log C + log H)), where d is the degree of f(x). Proof. In order to obtain the degree, we need one log arithmetic operation in field Q, while in order to obtain the coefficient, we need O(log H) arithmetic operations, so the total complexity is O(t log H). Assume f(β) = a 1 h 1 β d 1 + a h β d + + at h t β dt and let H i := h 1 h i 1 h i+1 h t. Then we have f(β) = a 1H 1 β d 1 + a H β d + + a t H t β dt h 1 h h t Then a 1 H 1 β d 1 +a H β d + +a t H t β dt H t 1 C(β dt + +β+1) = H t 1 β 1 (βdt+1 1), so its bit length is O(t log H +d log C +d log H). It is easy to see that the bit length of h 1 h h t is O(t log H). So the total bit complexity is O((t log H)(t log H + D log C + D log H)). As t d, the bit complexity is O(td log H(log C + log H)). Corollary.16 If the coefficients of f(x) are integers in [ C, C], then Algorithm.14 computes f(x) with arithmetic complexity O(t) and with bit complexity O(td log C). Remark.17 The bit complexity of Algorithm.14 is Õ(td), which seems to be the optimal bit complexity for deterministic and exact interpolation algorithms for a black box polynomial f(x) Q[x]. For a t-sparse polynomial, t terms are needed and the arithmetic complexity is at least O(t). For β C, we have f(β) C βd+1 1 β 1, where C is defined in (). If β 1, then the height of f(β) is d log β + log C or Õ(d). For a deterministic and exact algorithm, β satisfying β = 1 seems not usable. So the bit complexity is at least Õ(td). For instance, the height of the data in Ben-or and Tiwari s algorithm is already Õ(td) [3, 8]. C 3 Multivariate polynomial sparse interpolation with modified Kronecker substitution In this section, we give a deterministic and a probabilistic polynomial-time reduction of multivariate polynomial interpolation to univariate polynomial interpolation. 3.1 Find a good prime We will show how to find a prime number which can be used in the reduction. 8

9 We assume f(x 1, x,..., x n ) is a multivariate polynomial in Q[x 1, x,..., x n ] with a degree bound D, a term bound T, and p is a prime. We use the substitution For convenience of description, we denote x i = x mod((d+1)i 1,p), i = 1,,..., n. (4) f x,p := f(x, x mod((d+1),p),..., x mod((d+1)n 1,p) ). (5) Then the degree of f x,p is no more than D(p 1) and the number of terms of f x,p is no more than T. If the number of terms of f x,p is the same as that of f(x 1, x,..., x n ), there is no collision in different monomials and we call such prime as a good prime for f(x 1, x,..., x n ). If p is a good prime, then we can consider a new substitution: x i = q i x mod((d+1)i 1,p), i = 1,,..., n, (6) where q i, i = 1,,..., n is the i-th prime. In this case, each coefficient will change according to monomials of f. Note that in [4], the substitution is f(x, x (D+1),..., x (D+1)n 1 )mod(x p 1). We show how to find a good prime p. We first give a lemma. Lemma 3.1 Suppose p is a prime. If mod(a 1 + a (D + 1) + + a n (D + 1) n 1, p) 0, then a 1 + a mod(d + 1, p) + + a n mod((d + 1) n 1, p) 0. Proof. If a 1 + a mod(d + 1, p) + + a n mod((d + 1) n 1, p) = 0, then mod(a 1 + a (D + 1) + + a n (D + 1) n 1, p) = 0, which contradicts to the assumption. Now, we have the following theorem to find the good prime. Theorem 3. Let f(x 1, x,..., x n ) be polynomial with degree at most D and t T terms. If T (T 1) N > log [(D + 1) n 1] 1 4 T + 1 T then there at least one of N distinct odd primes p 1, p,..., p N is a good prime for f. Proof. Assume m 1, m,..., m t are all the monomials in f, and m i = x e i,1 1 x e i, x e i,n n. In order for p to be a good prime, we need e i,1 + e i, (mod(d + 1, p)) + + e i,n (mod((d + 1) n 1, p)) e j,1 + e j, (mod(d + 1, p)) + + e j,n (mod((d + 1) n 1, p)), for all i j. This can be change into (e i,1 e j,1 ) + (e i, e j, )(mod(d + 1, p)) + + (e i,n e j,n )(mod((d + 1) n 1, p)) 0. By Lemma 3.1, it is enough to show mod((e i,1 e j,1 ) + (e i, e j, )(D + 1) + + (e i,n e j,n )(D + 1) n 1, p) 0, i j Firstly, (e i,1 e j,1 ) + (e i, e j, )(D + 1) + + (e i,n e j,n )(D + 1) n 1 D(1 + (D + 1) + + (D + 1) n 1 ) = (D + 1) n 1. We assume that f(x) = a 1 x k 1 + a x k + + a t x kt is the polynomial after the Kronecker substitution, where k i = e i,1 + e i, (D + 1) + + e i,n (D + 1) n 1. If t =, it is trivial. So now 9

10 we assume t > and we analyse how many kinds of primes the number i>j (k i k j ) has. Without lose of generality, assume k 1, k..., k w are even, k w+1, k w+..., k t are odd, denote v := t w. It is easy to see that k i k j has factor if 1 i j w or w + 1 i j t. If one of the w and v is zero, then i>j (k i k j ) has a factor t(t 1). If both w, v are not zero, then i>j (k i k j ) has a factor w(w 1) + v(v 1). We give a lower bound of w(w 1) + v(v 1). As w(w 1) + v(v 1) = w +v t 1/(w+v) t = 1 4 t 1 t, i>j (k i k j ) at least has a factor 1 4 t 1 t. Since k i k j (D + 1) n 1, we have i>j (k i k j ) [(D + 1) n 1] t(t 1). If p 1, p,..., p N are distinct primes satisfying p 1 p... p N > [(D + 1)n 1] t(t 1) 1 4 t 1 t Then at least one of the primes is a good prime. Since p i, N > t(t 1) log [(D + 1) n 1] 1 4 t + 1 t. As we just know the upper bound T of t, we can choose T t different positive integer k t+1, k t+,..., k T which are different from k 1, k,..., k t. So we still can use T as the number of the terms. We have proved the lemma. 3. A deterministic algorithm Lemma 3.3 Assume f = c 1 H 1 x d 1 + c H x d + + ct H t x dt, where c 1, c,..., c t Z, H 1, H,..., H t Z +, d 1, d,..., d t N, d 1 < d < < d t, c i H i C, H 1, H,..., H t, d 1, d,..., d t are known. Let H max := max{h 1, H,..., H t }. If β CH max + 1, then we can recover c 1, c,..., c t from f(β). Proof. It suffices to show that c t can be recovered from f(β). As β 1 CH max CH t, then 1 CHt β 1. So f(β)h t c t β dt = c 1H t H 1 β d 1 + c H t H β d + + c t 1H t H t 1 p d t 1 CH t ( βd t 1 β 1 ) 1 (βdt 1). So f(β)ht c t < 1 f(β)ht. That is 1 < c t < f(β)ht + 1. Since c t is an integer, c t = f(β)ht 1. The rest can be proved by induction. Algorithm 3.4 (MPolySIMK) Input: A black box polynomial f(x 1, x,..., x n ) A[x 1, x,..., x n ], whose coefficients are in A given in (3), an upper bound D for the degree, an upper bound T of the number of terms, a list of n different primes q 1, q,..., q n (q 1 < < q n ). Output: The exact form of f(x 1, x,..., x n ). Step 1: Randomly choose N different odd primes p 1, p,..., p N, where T (T 1) N = log [(D + 1) n 1] 1 4 T + 1 T

11 Step : for i = 1,,..., N do Let f i := UPolySIRat(f x,pi, A, T ) via Algorithm.14, where f x,pi is defined in (5). Step 3: Let S := {}; for i = 1,,..., N do if f i failure, then S := S {f i }. end do; Step 4: Repeat: Choose one integer i such that f i has the most number of the terms in S. if f i (j) = f x,pi (j) for j = 1,,..., D(p i 1) + 1 then break Repeat; S := S\{f i } end Repeat Let i 0 be the integer found and f i0 = c 1 H 1 x d 1 + c H x d + + ct H t x dt, d 1 < d < < d t Step 5: Let β := Cq D n max{h 1, H,..., H t } + 1.[Lemma 3.3] Denote g = f(q 1 x, q x mod(d+1,p i 0 ),..., q n x mod((d+1)n 1,p i0 ) ). Let u := g(β). Step 6: Let h := 0. for i = t, t 1,..., 1 do Let b := u β d i H i 1 Factor b c i into q e 1 1 qe qen n. h := h + c i H i x e 1 1 xe xen n. u := u b H i β d i end do; Step 7: return h. Remark 3.5 If p i is not a good prime for f, then the substitution f x,pi of f has collisions. f x,pi may have some coefficients not in A. So we need to modify Step 4 of Algorithm.14 as follows, with T as an extra input. For c = a b, if c > C, b > H, or the number of the terms of f i are more than T, then we let f i = failure. Theorem 3.6 Algorithm 3.4 is correct and its bit complexity is Õ(n T 5 D log H log C + n T 5 D log H + n 3 T 6 D ). Proof. First, we show the correctness. If p i is a good prime for f, then all the coefficients of f x,pi are in A. So in step, Algorithm.14 can be used to find f i = f x,pi. It is sufficient to show that the prime p i0 that corresponding to i 0 obtained in step 4 is a good prime. In step 4, if there exists a j 0 such that f i (j 0 ) f x,pi (j 0 ), then f i f x,pi. This only happens 11

12 when some of the coefficients of f x,pi are not in A. That is, p i is not a good prime for f. So we throw it away. If f i0 (j) = f x,pi0 (j) for j = 1,,..., D(p i0 1) + 1 for some i 0. Since degf i0 D(p i0 1), we have f i0 = f x,pi0. Assume by contradiction that p i0 is not a good prime for f, then the number of terms of f i0 is less than that of f. Since S includes at least one f i1 such that p i1 is good prime for f, the number of terms in f i1 is more than f i0. It contradicts to that f i0 has the most number of the terms in S. So p i0 is a good prime for f. As f i0 = c 1 H 1 x d 1 + c H x d + + ct H t x dt, d 1 < d < < d t, we can assume f = c 1 H 1 m 1 + c H m + + ct H t m t, where m i = x e i,1 1 x e i, x e i,n n. We can write g as g = f(q 1 x, q x mod(d+1,p i ) 0,..., q n x mod((d+1)n 1,p i0 ) ) = c 1q e 1,1 1 q e 1, q e 1,n n H 1 x d 1 + c q e,1 1 q e, q e,n n H x d + + ctqet,1 1 q e t, q e t,n n H t x dt. Since c iq e i,1 1 q e i, q e i,n n H i Cqn D, by Lemma 3.3, in step 6, b = c i q e i,1 1 q e i, q e i,n n. By factoring b c i = q e i,1 1 q e i, q e i,n n, we obtain the degrees of m i. We have proved the correctness. We now analyse the complexity. In step, we call Algorithm UPolySIRat O(nT log D) times. The degree of f x,pi is bounded by D(p i 1). Since the i-th prime is O(i log i) and we use at most O(nT log D) primes, the degree bound is Õ(nT D). So by Theorem.15, the bit complexity of getting all f i is Õ((nT 3 D log H)(log C + log H)(nT log D)), this is Õ(n T 5 D log H log C + n T 5 D log H). In step 4, since degf i is Õ(nT D), by fast multipoint evaluation [1, p.99], it needs Õ(nT D) operations. The number of the f i that we need to check is at most Õ(nT log D), so the total arithmetic operation for evaluations is Õ(n T 4 D). As the coefficients of f i are in A and the number of terms is less than T, the data is Õ(T C(nT D) nt D H T ). So the height of the data is Õ(nT D + log C + T log H). The total bit complexity of step 4 is Õ(n 3 T 6 D + n T 4 D log C + n T 5 D log H). In step 6, we need to obtain t terms of g. We analyse the bit complexity of one step of the cycle. To obtain b, we need O(1) arithmetic operations. The height of the data is Õ(nT D(log C + D log n + log H)), so the bit complexity is Õ(nT D log C + nt D + nt D log H). To factor b c i, we need n log D operations. The data of b and c i is Õ(CqD n H), so the bit complexity is Õ(n log D log C + nd + n log D log H). So the total bit complexity of step 6 is Õ(nT 3 D log C + nt 3 D + nt 3 D log H). Therefore, the bit complexity is Õ(n T 5 D log H log C + n T 5 D log H + n 3 T 6 D ). Remark 3.7 If A = {a C a, a Z}, we can modified the Algorithm 3.4. Assume A T = {a T C a, a Z}. In step, we let f i := UPolySIRat(f x,pi, A T ). As f x,pi is an integer polynomial with coefficients bounded by T C, f i = f x,pi. So in step 4, we just find the smallest integer i 0 that f i0 has the most number of the terms in S. In this case, p i0 is a good prime for f. The bit complexity of the algorithm will be Õ(n T 5 D log C + nt 3 D ). 3.3 Probabilistic Algorithm Giesbrecht and Roche [5, Lemma.1] proved that if λ = max{1, 5 3nT (T 1) ln D}, then a prime p chosen at random in [λ, λ] is a good prime for f(x 1,..., x n ) with probability at least 1. Based on this result, we give a probabilistic algorithm. 1

13 Algorithm 3.8 (ProMPolySIMK) Input: A black box polynomial f(x 1,..., x n ) A[x 1,..., x n ], whose coefficients are in A given in (3), an upper bound D for the degree, an upper bound T of the number of terms, a list of n different primes q 1, q,..., q n (q 1 < < q n ). Output: The exact form of f(x 1,..., x n ) with probability 1. Step 1: Let λ := max{1, 5 3nT (T 1) ln D}, randomly choose a prime p in [λ, λ]. Step : Let f p := UPolySIRat(f x,p, A, T ) via Algorithm.14. if f p = failure then return failure; Assume f p = c 1 H 1 x d 1 + c H x d + + ct H t x dt, d 1 < d < < d t Step 3: Let β := Cq D n max{h 1, H,..., H t } + 1.[Lemma 3.3] Denote g(x) = f(q 1 x, q x mod(d+1,p),..., q n x mod((d+1)n 1,p) ). Let u := g(β); Step 4: Let s := 0; for i = t, t 1,..., 1 do Let b := u β d i H i 1 Factor b c i = kq e 1 1 qe qen n, where q i k, i = 1,,..., n if k 1 or e 1 + e + + e n > D then return failure; s := s + c i H i x e 1 1 xe xen n. u := u b H i x d i end do; if u = 0 then return s else return failure; Theorem 3.9 The bit complexity of Algorithm 3.8 is Õ(nT 3 D log H log C + nt 3 D log H + nt 3 D ). Proof. In step, the degree of f x,p is bounded by D(p 1). Since the p is O(nT log D), the degree bound is Õ(nT D). By Theorem.15, the complexity is Õ((nT 3 D log H)(log C + log H)), or Õ(nT 3 D log H log C + nt 3 D log H). In step 4, we need to obtain t terms of g. We analyse the bit complexity of one step of the cycle. To obtain b, we need O(1) arithmetic operations. The height of the data is Õ(nT D(log C + D log n + log H)), so the bit complexity is Õ(nT D log C + nt D + nt D log H). To factor b c i, we need n log D operations. The height of b and c i is Õ(CqD n H), so the bit complexity is Õ(n log D log C + nd + n log D log H). So the total bit complexity of step 4 is Õ(nT 3 D log C + nt 3 D + nt 3 D log H). Therefore, the total bit complexity of the algorithm is Õ(nT 3 D log H log C + nt 3 D + nt 3 D log H). 13

14 Remark 3.10 In Algorithm 3.8, we also modify step 4 of Algorithm.14 as remark Experimental results In this section, practical performances of the algorithms will be presented. The data are collected on a desktop with Windows system, 3.60GHz Core i CPU, and 8GB RAM memory. The implementations in Maple can be found in We randomly construct five polynomials, then regard them as black box polynomials and reconstruct them with the algorithms. The average times are collected. The results for univariate interpolation are shown in Figures 1,, 3, 4. In each figure, three of the parameters C, H, D, T are fixed and one of them is variant. From these figures, we can see that Algorithm UPolySIRat is linear in T, approximately linear in D, logarithmic in C and H. The results in the multivariate case are shown in Figures 5, 6. We just test the probabilistic algorithm. From these figures, we can see that Algorithm ProMPolySIMK are polynomial in T and D. Figure 1: UPolySIRat: average running times with varying T Figure : UPolySIRat: average running times with varying D Figure 3: UPolySIRat: average running times with varying C Figure 4: UPolySIRat: average running times with varying H 14

15 Figure 5: ProMPolySIMK: average running times with varying T Figure 6: ProMPolySIMK: average running times with varying D 5 Conclusion In this paper, a new type of sparse interpolation is considered, that is, the coefficients of the black box polynomial f are from a finite set. Specifically, we assume that the coefficients are rational numbers such that the upper bounds of the absolute values of these numbers and their denominators are given, respectively. We first give an interpolation algorithm for a univariate polynomial f, where f is obtained from one evaluation f(β) for a sufficiently large number β. Then, we introduce the modified Kronecker substitution to reduce the interpolation of a multivariate polynomial into the univariate case. Both algorithms have polynomial bit-size complexity and the algorithms can be used to recover quite large polynomials. References [1] A. Arnold. Sparse Polynomial Interpolation and Testing. PhD Thesis, Waterloo Unversity, Canada, 016. [] A. Arnold and D.S. Roche. Multivariate sparse interpolation using randomized Kronecker substitutions. ISSAC 14, July 3-5, 014, Kobe, Japan. [3] M. Ben-Or and P. Tiwari. A deterministic algorithm for sparse multivariate polynomial interpolation. 0th Annual ACM Symp. Theory Comp., , [4] S. Garg and E. Schost. Interpolation of polynomials given by straight-line programs. Theoretical Computer Science, 410(7-9):659-66, 009. [5] M. Giesbrecht and D.S. Roche. Diversification improves interpolation. Proc. ISSAC 11, , ACM Press, 011. [6] Q.L. Huang and X.S Gao. Sparse sational function interpolation with finitely many values for the coefficients. arxiv: , 017. [7] Q.L. Huang and X.S Gao. New algorithms for sparse interpolation and identity testing of multivariate polynomials. Preprint, 017. [8] E. Kaltofen and L. Yagati. Improved sparse multivariate polynomial interpolation algorithms. Proc. ISSAC 88, ,

16 [9] A.R. Klivans and D. Spielman. Randomness efficient identity testing of multivariate polynomials. In Proc. STOC 01, 16-3, ACM Press, 001. [10] L. Kronecker. Grundzüge einer arithmetischen theorie der algebraischen grössen. Journal für die reine und angewandte Mathematik, 9:1-1, 188. [11] Y.N. Lakshman and B.D. Saunders. Sparse polynomial interpolation in nonstandard bases. SIAM J. Comput., 4(), , [1] J. von zur Gathen and J. Gerhard. Modern Computer Algebra. Cambridge University Press, [13] R. Zippel. Interpolating polynomials from their values. Journal of Symbolic Computation, 9(3), ,