Multiplicative Order of Gauss Periods

Similar documents
On the Complexity of the Dual Bases of the Gaussian Normal Bases

Gauss periods as low complexity normal bases

José Felipe Voloch. Abstract: We discuss the problem of constructing elements of multiplicative high

Prime Divisors of Palindromes

Formulas for cube roots in F 3 m

R. Popovych (Nat. Univ. Lviv Polytechnic )

On the distribution of irreducible trinomials over F 3

Character sums with Beatty sequences on Burgess-type intervals

Graphs with Integral Spectrum

FINITE FIELD ELEMENTS OF HIGH ORDER ARISING FROM MODULAR CURVES

GENERATORS OF FINITE FIELDS WITH POWERS OF TRACE ZERO AND CYCLOTOMIC FUNCTION FIELDS. 1. Introduction

Exponential and character sums with Mersenne numbers

ELEMENTS OF PROVABLE HIGH ORDERS IN FINITE FIELDS

Joachim von zur Gathen. and. Igor Shparlinski. FB Mathematik-Informatik, Universitat-GH Paderborn, and

On the Number of Trace-One Elements in Polynomial Bases for F 2

Number Theoretic Designs for Directed Regular Graphs of Small Diameter

PREDICTING MASKED LINEAR PSEUDORANDOM NUMBER GENERATORS OVER FINITE FIELDS

Parity of the Number of Irreducible Factors for Composite Polynomials

A NOTE ON CHARACTER SUMS IN FINITE FIELDS. 1. Introduction

A combinatorial problem related to Mahler s measure

NOTES Edited by William Adkins. On Goldbach s Conjecture for Integer Polynomials

Arithmetic properties of the Ramanujan function

Gauss Periods as Constructions of Low Complexity Normal Bases

ON CARMICHAEL NUMBERS IN ARITHMETIC PROGRESSIONS

On Carmichael numbers in arithmetic progressions

SECOND-ORDER RECURRENCES. Lawrence Somer Department of Mathematics, Catholic University of America, Washington, D.C

NON-LINEAR COMPLEXITY OF THE NAOR REINGOLD PSEUDO-RANDOM FUNCTION

Efficient Computation of Roots in Finite Fields

Equidivisible consecutive integers

On the Security of Diffie Hellman Bits

Prime numbers with Beatty sequences

On the Distribution of the Subset Sum Pseudorandom Number Generator on Elliptic Curves

CONGRUENCES RELATED TO THE RAMANUJAN/WATSON MOCK THETA FUNCTIONS ω(q) AND ν(q)

Deterministic distinct-degree factorisation of polynomials over finite fields*

Density of non-residues in Burgess-type intervals and applications

Mathematics for Cryptography

Average value of the Euler function on binary palindromes

ELEMENTS OF LARGE ORDER ON VARIETIES OVER PRIME FINITE FIELDS

On the Fractional Parts of a n /n

ON DIVISIBILITY OF SOME POWER SUMS. Tamás Lengyel Department of Mathematics, Occidental College, 1600 Campus Road, Los Angeles, USA.

INCOMPLETE EXPONENTIAL SUMS AND DIFFIE HELLMAN TRIPLES

Divisibility of Trinomials by Irreducible Polynomials over F 2

Elements of large order in prime finite fields

DONG QUAN NGOC NGUYEN

Division of Trinomials by Pentanomials and Orthogonal Arrays

Prime divisors in Beatty sequences

New Minimal Weight Representations for Left-to-Right Window Methods

CONGRUENCES RELATED TO THE RAMANUJAN/WATSON MOCK THETA FUNCTIONS ω(q) AND ν(q)

On Gauss sums and the evaluation of Stechkin s constant

Trace Representation of Legendre Sequences

Low complexity bit-parallel GF (2 m ) multiplier for all-one polynomials

An Approach to Hensel s Lemma

GENERALIZATIONS OF SOME ZERO-SUM THEOREMS. Sukumar Das Adhikari Harish-Chandra Research Institute, Chhatnag Road, Jhusi, Allahabad , INDIA

SUMS OF SECOND ORDER LINEAR RECURRENCES THOMAS MCKENZIE AND SHANNON OVERBAY

Redundant Trinomials for Finite Fields of Characteristic 2

198 VOLUME 46/47, NUMBER 3

ERIC LARSON AND LARRY ROLEN

A note on López-Dahab coordinates

Explicit classes of permutation polynomials of F 3

PERFECT POLYNOMIALS OVER F p WITH p + 1 IRREDUCIBLE DIVISORS. 1. Introduction. Let p be a prime number. For a monic polynomial A F p [x] let d

On the distinctness of binary sequences derived from primitive sequences modulo square-free odd integers

Extend Fermats Small Theorem to r p 1 mod p 3 for divisors r of p ± 1

SUM-PRODUCT ESTIMATES APPLIED TO WARING S PROBLEM MOD P

GAUSS PERIODS: ORDERS AND CRYPTOGRAPHICAL APPLICATIONS

ON THE SUM OF ELEMENT ORDERS OF FINITE ABELIAN GROUPS

Two Diophantine Approaches to the Irreducibility of Certain Trinomials

ON A THEOREM OF MORLAYE AND JOLY AND ITS GENERALIZATION arxiv: v2 [math.nt] 14 Dec 2017

On the Bounded Sum-of-digits Discrete Logarithm Problem in Finite Fields

ON THE ASYMPTOTIC EFFECTIVENESS OF WEIL DESCENT ATTACKS

Cullen Numbers in Binary Recurrent Sequences

Geometry. Relations in SO(3) Supported by Geodetic Angles. J. H. Conway, 1 C. Radin, 2 and L. Sadun Introduction and Results

A second infinite family of Steiner triple systems without almost parallel classes

arxiv: v1 [math.nt] 9 Jan 2019

ELEMENTARY PROOFS OF VARIOUS FACTS ABOUT 3-CORES

PURELY PERIODIC SECOND ORDER LINEAR RECURRENCES

The Degree of the Splitting Field of a Random Polynomial over a Finite Field

Some congruences for Andrews Paule s broken 2-diamond partitions

CONSTRUCTING SUPERSINGULAR ELLIPTIC CURVES. Reinier Bröker

On the number of cyclic subgroups of a finite Abelian group

Small exponent point groups on elliptic curves

DIVISIBILITY AND DISTRIBUTION OF PARTITIONS INTO DISTINCT PARTS

Explicit Factorizations of Cyclotomic and Dickson Polynomials over Finite Fields

On the Linear Complexity of Legendre-Sidelnikov Sequences

Four classes of permutation polynomials of F 2 m

On the elliptic curve analogue of the sum-product problem

Searching for Primitive Roots in Finite Fields. Victor Shoup. University of Toronto. Toronto, Ontario M5S 1A4

On a Generalization of the Coin Exchange Problem for Three Variables

The Degree of the Splitting Field of a Random Polynomial over a Finite Field

On the representation of primes by polynomials (a survey of some recent results)

ON VALUES OF CYCLOTOMIC POLYNOMIALS. V

Three Ways to Test Irreducibility

Factorization of integer-valued polynomials with square-free denominator

Jacobi s Two-Square Theorem and Related Identities

CS 5319 Advanced Discrete Structure. Lecture 9: Introduction to Number Theory II

Character sums with exponential functions over smooth numbers

Imaginary quadratic fields with noncyclic ideal class groups

Secure Bilinear Diffie-Hellman Bits

ON THE CONSTANT IN BURGESS BOUND FOR THE NUMBER OF CONSECUTIVE RESIDUES OR NON-RESIDUES Kevin J. McGown

On the Optimal Pre-Computation of Window τ NAF for Koblitz Curves

NUMBER FIELDS WITHOUT SMALL GENERATORS

Transcription:

Multiplicative Order of Gauss Periods Omran Ahmadi Department of Electrical and Computer Engineering University of Toronto Toronto, Ontario, M5S 3G4, Canada oahmadid@comm.utoronto.ca Igor E. Shparlinski Department of Computing Macquarie University Sydney, NSW 2109, Australia igor@ics.mq.edu.au José Felipe Voloch Department of Mathematics University of Texas Austin TX 78712 USA voloch@math.utexas.edu Abstract We obtain a lower bound on the multiplicative order of Gauss periods which generate normal bases over finite fields. This bound improves the previous bound of J. von zur Gathen and I. E. Shparlinski. 1 Introduction For a prime power q we use F q to denote the finite field with q elements. 1

Normal bases are a very useful notion in the theory of finite fields,, see [5, 16, 17] for the definition, basic properties and references. One of the most interesting constructions of normal bases come from Gauss periods, see [7, 8, 9, 10, 11, 12, 13] and references therein. In particular, Gauss periods of type (n, 2) are of special interest, which can be defined as follows. Let r = 2n + 1 be a prime number coprime with q and β F q 2n be a primitive rth root of unity. Then the element α = β + β 1 F q n (1) is called a Gauss period of type (n, 2). The Gauss period of type (n, 2) can be defined for composite r too, see [7], however we do not consider them in this paper (neither we study Gauss period of type (n, k) for k 2). It is well-known that the minimal polynomial of β over F q is of degree t, where t is the multiplicative order of q modulo r. Thus t 2n. It is also well known that α given by (1), generates a normal basis of F q n if an only if gcd(2n/t, n) = 1, which, therefore, is possible if and only if t = 2n = r 1, that is, q is a primitive root modulo r; t = n = (r 1)/2 and n is odd, that is, q generates the subgroup of quadratic residues modulo r 3 (mod 4) In one direction this follows from [5, Lemma 5.4 and Theorem 5.5] and in the other direction it follows by examining the proof of these results see also [1] and [3]. It is shown [11] that in the first case, that is, for t = r 1, α is of multiplicative order L n 2 2n+O(1), (2) see also [12]. This gives an explicit example of finite field elements of exponentially large order. Here we use some new arguments to improve the bound (2). Recent results of Q. Cheng [6] give polynomial time constructions of elements of large order for certain values of (q, n). Our construction seems to apply to different sets of pairs (q, n) and complement the results of [6]. Furthermore it is interesting to establish tighter bounds on the size of the multiplicative order of such classical objects as Gauss periods of type (n, 2), especially of those which generate normal bases. 2

Let P (s, v) be the number of integer partitions of an integer s where each part appears no more than v times, that is, the number of solutions to the equation s u j j = s in non-negative integers u 1,..., u s v. Theorem 1. Let p be the characteristic of F q and let q be a primitive root modulo a prime r = 2n + 1. Then the multiplicative order L n of α, given by (1), satisfies the bound L n P (n 1, p 1). Now we can use some standard estimates to derive an asymptotic lower bound on L n. Corollary 2. Let p be the characteristic of F q and let q be a primitive root modulo a prime r = 2n + 1. Then, uniformly over q, the multiplicative order L n of α, given by (1), satisfies the bound L n exp (( π 2(p 1) 3p + o(1) ) n ) as n. ( Note that when in the worst case (when p = 2) exp π ) 2/6 = 6.1337... ( while exp π ) 2/3 = 13.0019... (which corresponds to p ). On the other hand, we have 2 2 = 2.6651.... 2 Proof of Theorem 1 Let us consider the set { P = (u 1,..., u ) Z 0 } u j j = n 1, u 1,..., u n p 1. Now, for j = 1, 2,..., n 1 we define an integer z j by q z j j (mod r), 0 z j < r (which is possible since q is a primitive root modulo r). 3,

For every partition U = (u 1,..., u ) P we put Q U = u j q z j. We now consider the powers α Q U = α u jq z j = ) β + β 1 u j q z j ) uj = β qz j + β qz j taken for all U P. Since β r = 1, we have α Q U = β j + β j) u j = β () β 2j + 1 ) u j. (3) Clearly it suffices to show that for two distinct partitions U, V P we have α QU α Q V. We now assume that there are two distinct partitions U = (u 1,..., u ), V = (v 1,..., v ) P with By (3) we conclude that α Q U = α Q V. (4) β 2j + 1 ) u j = β 2j + 1 ) v j. Since the characteristic polynomial of β is the r-th cyclotomic polynomial Φ r (X), we obtain polynomial divisibility Φ r (X) U(X) V (X) (5) where U(X) = X 2j + 1 ) u j, V (X) = X 2j + 1 ) v j, 4

are polynomials of degree 2(n 1) < 2n = r 1 = deg Φ r (X). Hence (5) implies that U(X) = V (X). After removing common factors, the identity X 2j + 1 ) u j = X 2j + 1 ) v j leads to the relation h H ( X 2h + 1 ) yh = k K ( X 2k + 1 ) z k (6) for two disjoint sets H, K {1,..., n 1} and some positive integers y h, h H, and z k, k K. Since It is now clear that since ( ) gcd y h z k, p = 1, h H k K the term X 2f where f is the smallest element of H K occurs only on one side of (6), which makes this identity impossible. Therefore (4) cannot hold and the result follows. 3 Proof of Corollary 2 Unfortunately, a uniform with respect to v lower bound on P (s, v) does not seem to be in the literature. However, by [2, Corollary 1.3] we have P (s, v) = Q(s, v + 1) where Q(s, d) is the number of integer partitions of an integer s where each part is not divisible by d, that is, the number of solutions to the equation s u j j = s in non-negative integers u 1,..., u s such that u j = 0 for j 0 (mod d), j = 1,..., n. By [14, Corollary 7.2], applied to a set {1,..., (l 1)/2} for a fixed prime l (thus r = (l 1)/2) implies that (( ) ) 2(l 1) n Q(s, l) exp π + o(1). (7) 3l 5

Therefore there is a function λ(s) as s, such that (7) holds uniformly over all primes l λ(s). Now taking l as the largest prime with we obtain l min{p, λ(n 1)} P (n 1, p 1) P (n 1, l 1) = Q(n 1, l). Applying (7) we obtain the desired estimate. Indeed, if l = p this is obvious. If l λ(n 1) < p then by the prime number theorem l λ(n 1) as n. Therefore, l 1 l 4 Remarks = 1 + O(1/λ(n 1)) and p 1 p = 1 + O(1/λ(n 1)). It seems to be natural to use the approach of [4, 21], based on the polynomial ABC-theorem, see [18], in order to obtain good bounds on L n. In fact this is possible indeed, however it seems to lead to a result which is slightly weaker than the bound of Theorem 1. In fact, instead of the set P one seems to need to consider sets of the shape { } R s (N) = (u 1,..., u s ) Z 0 s u j j = N with s αn 1/2 and N = βn, where α and β are positive constants (which are to be optimised). We remark that an asymptotic formula for #R s (N) is given by a result of G. Szekeres [19, 20]. Using this approach we have been able to get a stronger bound than (2) but marginally weaker than that of Theorem 1. Still, it seems quite plausible that a use of the polynomial ABCtheorem may lead to stronger bounds. We pose this as an open question. Acknowledgements The authors are very gratefully to George Andrews for providing several crucial references. 6

This work was initiated during very pleasant visits by I. S. to Department of Combinatorics & Optimization of the University of Waterloo the Department of Mathematics of the University of Texas; the hospitality, support and stimulating research atmosphere of these institutions are gratefully acknowledged. During the preparation of this paper, I. S. was supported in part by ARC grant DP0556431. References [1] O. Ahmadi, D. Hankerson, and A. Menezes, Software implementation of arithmetic in F 3 m, Proc. International Workshop on the Arithmetic of Finite Fields (WAIFI 2007), Lecture Notes in Computer Science, Springer-Verlag, Berlin, to appear. [2] G. E. Andrews, The theory of partitions, Addison-Wesley, 1976. [3] D. Ash, I. Blake, and S. Vanstone, Low complexity normal bases, Discrete Applied Mathematics, 25 (1989), 191 210. [4] D. J. Bernstein, Sharper ABC-based bounds for congruent polynomials, J. Théorie des Nombres Bordeaux, 17 (2005), 721 725. [5] I. F. Blake, X.H. Gao, A. J. Menezes, R. C. Mullin, S. A. Vanstone and T. Yaghoobian, Applications of finite fields, Kluwer Acad. Publ., 1993. [6] Q. Cheng, On the construction of finite field elements of large order, Finite Fields and Their Appl., 11 (2005), 358 366. [7] S. Feisel, J. von zur Gathen and A. Shokrollahi, Normal bases via general Gauss periods, Math. Comp., 68 (1999), 271 290. [8] S. Gao, J. von zur Gathen and D. Panario, Gauss periods: Orders and cryptographical applications, Math. Comp., 67 (1998), 343 352. [9] J. von zur Gathen and M. J. Nöcker, Fast arithmetic with general Gauss periods, Theor. Comput. Sci., 315, (2004), 419 452. [10] J. von zur Gathen and M. J. Nöcker, Polynomial and normal bases for finite fields, J. Cryptology, 18 (2005), 337 355. 7

[11] J. von zur Gathen and I. E. Shparlinski, Orders of Gauss periods in finite fields, Appl. Algebra in Engin., Commun. and Comp., 9 (1998), 15 24. [12] J. von zur Gathen and I. E. Shparlinski, Constructing elements of large order in finite fields, Lecture Notes in Computer Science, vol. 1719, Springer-Verlag, Berlin, 1999, 404 409. [13] J. von zur Gathen and I. E. Shparlinski, Gauss periods in finite fields, Proc. 5th Conference of Finite Fields and their Applications, Augsburg, 1999, Springer-Verlag, Berlin, 2001, 162 177. [14] P. Hagis, A problem onpartitions with a prime modulus p 3, Trans. Amer. Math. Soc., 102 (1962), 30 62. [15] G. H. Hardy and E. M. Wright, An Introduction to the theory of numbers, The Clarendon Press, Oxford University Press, New York, 1979. [16] R. Lidl and H. Niederreiter, Finite fields, Cambridge University Press, Cambridge, 1997. [17] I. E. Shparlinski, Finite fields: Theory and computation, Kluwer Acad. Publ., Dordrecht, 1999. [18] N. Snyder, An alternate proof of Mason s theorem, Elemente der Mathematik, 55 (2000), 93 94. [19] G. Szekeres, An asympytotic formula in the theory of partitions, Quart. J. Math, 2 (1951), 85 108. [20] G. Szekeres, Some asympytotic formulae in the theory of partitions (II), Quart. J. Math, 4 (1953), 96 111. [21] J. F. Voloch, On some subgroups of the multiplicative group of finite rings, J. Théorie des Nombres Bordeaux, 16 (2004), 233 239. 8

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback