DIMACS Techical Report 005-9 Jauary 006 Uiversal Subsets of Z, Liear Iteger Optimizatio, ad Iteger Factorizatio by Zhivko Nedev 1 1 Uiv. of Victoria, zedev@math.uvic.ca. Part of the work was doe while visitig DIMACS. DIMACS is a collaborative project of Rutgers Uiversity, Priceto Uiversity, AT&T Labs Research, Bell Labs, NEC Laboratories America ad Telcordia Techologies, as well as affiliate members Avaya Labs, HP Labs, IBM Research, Microsoft Research, Steves Istitute of Techology, Georgia Istitute of Techology ad Resselaer Polytechic Istitute. DIMACS was fouded as a NSF Sciece ad Techology Ceter.
ABSTRACT We cosider two classes of sets i Z. A o-empty subset U of Z is uiversal (the first class) if for all x U, ad for all 0 < l / at least oe of x ± l (mod ) lies i U. For each uiversal U its complemet, Z \U, is from the secod class ad vice versa. We defie β() to be the miimum cardiality of a uiversal set modulo. Completely characterizig all sets i the secod class we derive a formula for β(). We demostrate that uiversal sets arise i the cotext of a two-player game that was aalyzed for the first time i [3] ad has iterestig coectios to the prime factorizatio of. Fially we model our optimizatio problem, fid β(), as a iteger liear program.
1 Itroductio I this paper we prove equivalece betwee a well kow problem iteger factorizatio ad two ew optimizatio problems. Oe of them has as a domai subsets of Z with special properties. The other oe is a liear iteger optimizatio problem. We also show a coectio betwee these problems ad a two-player game for the first time aalyzed i [3]. For a stadard expositio of the properties of Z ad the iteger factorizatio problem see [5]. For classical algorithms for iteger factorizatio see [1] ad []. The success of RSA cryptographic algorithm [6] is based o the assumptio that it is hard to factor a arbitrary iteger. For a more recet approach towards factorig large itegers see [8]. A stadard text o Liear Iteger Optimizatio is [7]. The iput parameter to all problems cosidered i this paper is a positive iteger > 1. As usual we deote by Z the set {0, 1,,..., 1} with its two operatios: additio ad subtractio modulo. We will be iterested i two special classes of subsets i Z. Defiitio. A oempty subset of {0,..., 1} will be called uiversal modulo if for each elemet x ad for each (iteger) magitude l, with 0 < l /, there is a directio d { 1, +1} such that x + d l (mod ) is also from the set. Trivial examples of uiversal subsets of Z are: Z for every, ad Z \{i} for i Z whe is odd. Notice that ay uiversal set has at least 1 + elemets. Problem 1. For a iteger > 1, what is the size of a smallest uiversal set modulo? How ca such a set be costructed? We defie β() to be the miimal size of a uiversal set modulo. Defiitio. A proper subset of {0,..., 1} will be called middle-iclusive modulo if it is closed uder takig midpoits. That is M Z is middle-iclusive if for all (ot ecessarily distict) a, b M, each solutio to the equatio x = a + b (mod ) is also from M. Notice that whe a = b, the above equatio x = a + b (mod ) has a o-trivial solutio (exactly oe ) oly whe is eve. I this case the o-trivial solutio is a + /. Whe a, b are distict the equatio x = a + b (mod ) has zero, oe or two solutios: if is odd exactly oe solutio; whe is eve, either zero, or two solutios. Trivial examples of middle-iclusive sets are:, ad {i} for i, if is odd. Lemma 1.1. For ay iteger > 1, S is uiversal set modulo if ad oly if Z \S is middle-iclusive set modulo. Proof. ( ) Let S be ay uiversal subset of Z. Let S = Z \S. Obviously S <. Suppose a, b S, x / S ad x = a + b mod. Take the smaller of x a (mod ) ad x + a (mod ), say x a (mod ) /. From the defiitio of uiversal set (it follows that) at least oe of x (x a) (mod ) = a or x + (x a) = x a (mod ) = b is i S, which is a cotradictio. Therefore S is a middle-iclusive subset of Z. ( ) Now let S be ay middle-iclusive subset of Z. Let S = Z \S. Obviously S 1. Let x ad l be such that x S, 0 < l /, ad both x ± l (mod ) S. The
x = (x + l) + (x l) (mod ). From the defiitio of middle-iclusive subset it follows that x should be i S, which is a cotradictio. Therefore S is uiversal. Corollary 1. For ay > 1, β(), the miimal size of a uiversal set modulo, equals mius the maximal size of a middle-iclusive set modulo, i.e. β() = max M, where M rus over all middle-iclusive sets modulo. Formula for β() Theorem.1. For all Z + if = k for some k. β() = p 1 p where p is the smallest odd prime factor of. We will prove the above theorem by completely characterizig for ay Z + all middleiclusive subsets of Z with at least oe elemet. Defiitio. Let d ad r be itegers, with d, d > 0, ad 0 r < d. We will deote by C (r, d) the subset of Z that is the arithmetic progressio startig at r ad havig a commo differece d. That is C (r, d) = { r + i d 0 i < d }. It is coveiet to have the followig descriptio. Suppose we have a roud table with positios labeled as 0, 1,..., 1 i a clockwise maer. If i, j Z are two such positios, the we deote with d + (i, j) the umber of positios that have to be passed if we travel aroud the table clockwise from positio i to positio j. Obviously if i < j the d + (i, j) = j i, ad d + (j, i) = j + i. The followig lemma characterizes all middle-iclusive subsets of Z. Lemma.. Let > 1. If d > 1 is a odd divisor of, the C (r, d) is a middle-iclusive subset of Z for ay r. Coversely if M is a o-empty middle-iclusive subset of Z, the there are itegers r ad d with: d odd, d > 1, d, ad 0 r < d such that M = C (r, d). Proof. ( ) Let d be odd, d > 1, ad d. Let also r satisfy 0 r < d. Let S = C (r, d). Sice d > 1 we have that S <. Let a ad b be (ot ecessarily distict) from S ad let x be ay solutio to the equatio x = a + b (mod ). The a = r + i d, b = r + j d, ad x = r + (i + j)d (mod ). Therefore x is either r + i+j d (mod ) or r + +i+j d (mod ). I either case x S ad it follows that S is middle-iclusive. ( ) Let M be ay o-empty middle-iclusive subset of Z. We cosider two cases: M = 1 ad M. Case 1: M = 1. Let M = {r}. The must be odd, otherwise M would have at least two elemets: r ad r + /. So the coditios of the lemma hold. 3
Case : M. Let the elemets of M be sorted i icreasig order: M = {0 i 1 < i < i 3 <... < i l 1}. By defiitio M <, so l <. Take ay three cosecutive elemets of M, for example: i j 1, i j, i j+1. Here the idex arithmetic is doe modulo l, which for example meas that i l 1, i l, i 1 are three cosecutive elemets of M. If d + (i j 1, i j ) is eve the i j 1 + d +(i j 1,i j ) (mod ) Z, but it is ot i M. This is a cotradictio because M is middle-iclusive. It follows that d + (i j 1, i j ) must be odd for all j. But the d + (i j 1, i j+1 ) = d + (i j 1, i j )+d + (i j, i j+1 ) must be eve. If d + (i j 1, i j ) d + (i j, i j+1 ), the the middle poit from i j 1 to i j+1 is from Z ad is differet from i j. It should be the i M but it is ot, a cotradictio. Therefore d + (i j 1, i j ) = d + (i j, i j+1 ) for all j. It follows that d + (i j 1, i j ) = d + (i k 1, i k ) all j, k. Let d be the commo value (which is odd as oted above) for d + (i j 1, i j ). It follows that M = {i 1, i,..., i l } = {i 1, i 1 + d, i 1 + d,..., i 1 + ( 1) d}. d Proof of Theorem.1 Case 1: = k for some k > 0. Suppose there exists a o-empty middle-iclusive subset M of Z. From the characterizatio lemma there exists a odd d, with d > 1 ad d, which is a cotradictio. Therefore the oly possible middle-ilcusive subset of Z is the empty oe. It follows the that the oly possible uiversal subset is S = Z. Thus β( = k ) =. Case : = d 1 f, where d 1 is odd ad d 1 3. Sice from the characterizatio lemma all o-empty middle-iclusive subsets M are of the form C (r, d), where d is odd ad d > 1 we wat to fid the largest such subset. Obviously C (r, p) where p is the smallest odd prime factor of has the biggest cardiality. Notice that C (r, p) = p irrespective of r, 0 r < p. Therefore β() = C (r, p) or β() = p = p 1 p, whe k. Observatio Obviously, if we agree that fidig the smallest odd prime factor of a iteger ad iteger factorizatio are equivalet problems, the we wat to compute β(). This is because kowig p, the smallest prime odd factor of, we ca fid β() = p 1 ad vice versa. p 3 Coectio with the Nagger-Mover game Here we establish a coectio betwee the uiversal subsets of Z ad the followig twoplayer game that was first aalyzed i [3] (where it was called The Nagger-Mover game). The game is played at a circular table with seats cosecutively labelled 0 to 1. The two 4
players are called the Nagger ad the Mover. If the curret positio is i, a roud cosists of the Nagger callig a magitude l with 0 < l /, after which the Mover calls a directio (+ or ). The positio is the updated to i + l mod or i l mod accordig to whether the Mover called + or. Nagger s aim i the game is to maximize the cardiality of the set of all positios occupied i the course of the game (while Mover s is to miimize it). I [3], a simple formula was give (i terms of the prime factorizatio of ) for the size of such a set (the fuctio f () was used for the size) if both players play optimally. Here we give a simpler proof tha the oe give i [3], for the formula for the fuctio f () (we will prove f () = β()). We claim that β() is precisely the evetual size of the occupied set if both players play optimally. To see this, first let U be ay uiversal set that cotais the curret positio. Cosider the followig strategy for the Mover. At each tur whe preseted with a pair (x, l) cosistig of the curret positio x ad the magitude l selected by the Nagger, the Mover chooses a directio so that the ext positio is also from U. This is always possible, because U is uiversal ad at least oe of x ± l (mod ) is i U. Sice ay uiversal set may be traslated to cotai the iitial positio, the Mover has a strategy to esure that o more tha β() positios are occupied, irrespective of Nagger s strategy. Coversely, cosider the followig strategy for the Nagger. At each tur he is preseted oly with the curret positio x. The strategy for the Nagger is to choose (if possible) such a l that both x±l (mod ) have ot bee visited yet. If such a l does ot exist the he chooses l sequetially to be 1,,...,, 1,,...,,.... We cosider the set S of positios that arise ifiitely ofte i the sequece of plays. Sice there are fiitely may positios, the set S is o-empty. We claim that S is uiversal. To see this, ote that for ay x S, the Nagger will choose ay of the magitudes 0 < l / ifiitely may times. Cosequetly the Mover will be preseted with the pair (x, l) where x S ad l is a magitude from 1 to ifiitely may times. Therefore at least oe of x ± l (mod ) will be visited ifiitely may times ad as such it belogs to S. We see the that S must be uiversal. So the set of positios visited ifiitely ofte has cardiality at least β(). 4 Liear Iteger Optimizatio problem Now we will show equivalece betwee a liear iteger optimizatio problem ad our problem 1: fid mi S, where S is ay uiversal subset of Z. Let S Z be ay optimal solutio for the above optimizatio problem. Let x i, for i = 0, 1,..., 1 be biary variables such that: 1 if i S x i = 0 if i / S 5
The S = x 0 + x 1 +... + x 1 ad the optimizatio goal, mi S, i (problem 1) becomes: mi x 0 + x 1 +... + x 1 Now we have to model that S is uiversal, i.e. for all x S, ad for all iteger l, with 0 < l /, at least oe of x ± l (mod ) lies i S. It is equivalet to: if x i = 1 the for each j = 1... at least oe of the two variables x i+j ad x i j must be 1. Here the additio ad the subtractio operatios i the idices are by modulo arithmetic. Oe way to model this costrait is by x i (x i+j + x i j ) x i. If x i = 0 this iequality is trivially satisfied: there is o costrait o x i+j ad x i j comig from idex i. Ad if x i = 1 the this costrait ( ad 1 more) becomes x i+j + x i j 1 at least oe of x i+j, x i j is 1. Sice this is a oliear costrait we would like to replace it by a liear oe if possible (see [4]). Because x i, x i+j ad x i j are boolea variables it ca be achieved i several ways. The simplest possible maybe is x i+j + x i j x i. Here is the equivalet to Problem 1 liear iteger optimizatio problem with a iput parameter Z +. Problem. mi x 0 + x 1 + x +... + x 1 subject to: x 0+1 + x 1 x 0 x 0+ + x x 0... x 0+ + x x 0 x 1+1 + x 1 1 x 1 x 1+ + x 1 x 1... x 1+ + x +1 x 1... x 1+1 + x 1 1 x 1 x 1+ + x 1 x 1... x 1+ + x 1 x 1 x 0 + x 1 + x +... + x 1 1 group of costraits for x 0 group of costraits for x 1 group of costraits for x 1 The last iequality is equivalet to the o-emptiess coditio i the defiitio for uiversal subsets of Z : S 1. There is a trivial observatio: the umber of variables that are 6
1 i ay feasible solutio must be at least 1 +. So the last costrait ca be replaced with: x 0 + x 1 + x +... + x 1 1 + This follows directly from the last costrait: at least oe variable x i = 1 for some i ad from the group of iequalities for that x i. For example for = 3 the liear iteger optimizatio problem becomes: mi x 0 + x 1 + x subject to: } x 1 + x x 0 group of costraits for x0 } x + x 0 x 1 group of costraits for x1 } x 0 + x 1 x group of costraits for x x 0 + x 1 + x 1 There are boolea variables ad groups of costraits. Each group has iequalities. Oe ca easily see that the problem is completely symmetric for all the variables: x 0, x 1,..., x 1. We have proved the followig: Theorem 4.1. The above 0,1 miimizatio problem has a optimal value for the fuctio 1 i=0 x i as follows: a) if = k the the optimal value is mi = k = b) if = α 1 p α p α 3 3 p α l l, where p is the smallest prime factor of bigger tha, the the optimal value is mi = p 1 p c) (corollary of b) if is a prime the mi = 1 Solvig efficietly the above optimizatio problem leads to a factorizatio algorithm: if p is the smallest factor (of ) ad mi is the miimal value for the goal fuctio the p = mi Corollary. Primality testig: takig oly the costraits from the above optimizatio problem, ad addig oe more costrait: x 0 + x 1 + x +... + x 1 we ca ask: is there a feasible solutio for this set of costraits? Obviously this is equivalet to aswerig if is prime. 5 Ope Problems Oe of the reasos we ca ot solve efficietly Problem is that the umber of variables ad the umber of costraits is expoetial i the umber of bits eeded to store. Therefore we state the followig ope problems. 7
Q1: For ay Z + what is the liear iteger optimizatio problem with miimal complexity such that the miimal value of its optimizatio fuctio gives the smallest prime factor of? Q: Is there a polyomial algorithm(of log ruig time) to solve the above {0, 1} liear optimizatio problem for certai types of, or ca we prove a lower boud of o-polyomial type? 6 Ackowledgmets We are very grateful to the followig people ad places for their advice, discussios ad support: Gary MacGillivray, Athoy Quas, Valerie Kig ad Uiversity of Victoria; Uriel Feige; S. Muthu Muthukrisha ad the DIMACS Ceter; Jeffrey O. Shallit ad the School of Computer Sciece at Uiversity of Waterloo. Refereces [1] Eric Bach ad Jeffrey Shallit, Algorithmic Number Theory, The MIT Press, 1996. [] Thomas H. Corme, Charles E. Leiserso, Roald L. Rivest, Clifford Stei, Itroductio to Algorithms, The MIT Press, 001. [3] Zhivko Nedev ad S. Muthukrisha, The Nagger-Mover Game, submitted to SIAM Joural o Discrete Mathematics, 005. [4] Nikola S. Nikolov, persoal commuicatio, Uiversity of Limerick, Irelad [5] Iva Nive, Herbert Zuckerma ad Hugh Motgomery, A Itroductio to the Theory of Numbers, Joh Wiley ad Sos Ic, 1991. [6] R. L. Rivest, A. Shamir ad L. Adlema, A Method for Obtaiig Digital Sigatures ad Public-key Cryptosystems, Commuicatios of the ACM 1, (Feb. 1978), 10 16. [7] Alexader Schrijver, Theory of Liear ad Iteger Programmig, Joh Wiley ad Sos Ic, 1998. [8] A. Shamir, E. Tromer: Factorig Large Number with the TWIRL Device. I: Cripto 003. Volume 79 of LNCS, Spriger (003) 1-6. 8