Algorithmic Methods in Algebra and Number Theory Edited by MICHAEL POHST Mathematisches Institut, Universitiit Dusseldorf, 4000 Dusseldorf, FRG
Reprinted from the Journal of Symbolic Computation Volume 4, Number 1, 1987
ACADEMIC PRESS · 1987 Harcourt Brace Jovanovich, Publishers
London San Diego New York Boston Sydney Tokyo Toronto
ACADEMIC PRESS LIMITED 24-28 Oval Road, London, NWI 7DX United States Edition published by ACADEMIC PRESS INC. Orlando, Florida 32887 Copyright © 1987 by Academic Press Limited All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system without written permission from the publishers.
British Library Cataloguing in Publication Data Algorithmic Methods in Algebra and Number Theory. I. Problem solving-Data processing 1. Algorithms I. Pohst, \1 i~:had 001.4'2 QA76.5 ISBN 0-12-559190-X
Printed in Great Britain by The Whitefriars Press Ltd, Tonbridge
Dedicated to Professor Hans Zassenhaus on the occasion of his 75th birthday
Contents Introduction Computing the Decomposition of Primes p and p-adic Absolute Values in Semisingle Algebras over Q . R. BoFFGEN and M. A. REICHERT On Principal Ideal Testing in Algebraic Number Fields
3
11
J. BucHMANN and H. C. WILLIAMS Computing the Measure of a Polynomial L. CERLIENCO, M. MIGNOTTE and F. PIRAS Application of Symbolic Manipulation to the Heeke Transformations of Modular Forms in Two Variables, II H. CoHN and J. I. DEuTSCH
21
35
Computation of Class Numbers by an Analytic Method. C. ECKHARDT
41
What is the Rank of the Demjanenko Matrix? H. G. FoLz and H. G. ZIMMER
53
The Construction of Maximal Orders Over a Dedekind Domain D. J. fORD
69
Deterministic Irreducibility Testing of Polynomials over Large Finite Fields E. KALTOFEN
77
Polynomials for Primitive Nonsolvable Permutation Groups of Degree d ~ 15 G. MALLE
83
Polynome mit der Galoisgruppe M 11 iiber Q . B. H. MATZAT und A. ZEH-MARSCHKE
93
Computation of Integral Bases in Certain E. MAUS
s. Extensions of Q
99
On the Resolution of Thue Inequalities A. PErno
I 03
Towards a Soluble Quotient Algorithm W. PLESKEN
Ill
A Modification of the LLL Reduction Algorithm M. PoHST
123
Bibliography of Hans Zassenhaus
129
HANS ZASSENHA US
J. Symbolic Computation (1987) 4, 1-2
Introduction This volume has been compiled in honour of the well known mathematician Hans Zasscnhaus on the occasion of his 75th birthday. As colleagues, collaborators and friends, we dedicate this work to him in the hope that it might inspire present and future researchers, in a similar fashion to the way in which his brilliant ideas filled us with the creati>e urge. Hans Zassenhaus was born in Koblenz (West Germany) on 28 May 1912 and brought up in Hamburg. There he studied mathematics under the supervision of E. Artin, E. Heeke, and E. Sperner. and was also a student of physics and biology. He was awarded his PhD at the early age of 22 with a thesis on "Kennzeichnung linearer Gruppen als Permutationsgruppen··. In the subsequent two years, which he spent at Rostock as a teaching assistant, he wrote his famous monograph on group theory which is still among th..: standard textbooks on that subject. In 1938-back in Hamburg-he qualified for a full teaching appointment with a paper on Lie rings of prime characteristic. In 1946 he was appointed associate professor and director of the Institute for Applied \1athcmatics which he had founded at Hamburg University in the same year. Accepting the challenge of an offer to help McGill University in the building up of Canadian graduate education in mathematics he left his country in 1949 for Montreal, Canada, where he was later joined by his wife and children. As Peter Redpath Professor at McGill University he supervised the PhD studies of many Canadian students. In 1957 he became a Canadian citizen. In 1959 he moved to the USA where he taught at Notre Dame (1959-1963) and at Ohio State University in Columbus. At OSU he hdd the position of research professor until his retirement five years ago. During these years he frequently visited other universities as a guest professor. We briefly mention the academic year 1955-56 at Princeton, two years at the California Institute of Technology as a Fairchild Distinguished Scholar, a Gauss professorship at Gottingen in 1967 and the US Senior Scientist Award of the Humboldt-Stiftung. In 1956 he became a Fellow of the Royal Canadian Society and in 1969 Editor-in-Chief of the Journal of Number Theory. Among the mathematicians of our time he is one of the few still active in different areas-we have already mentioned his contributions to group theory. Most graduate students learn his famous "butterfly lemma" which nowadays forms a substantial part of the proof of the Jordan-Holder-Schreier theorem. In 1978 (jointly with R. Bulow, J. Neubiiser and H. Wondraschek) he wrote a book on crystallographic groups which seems to be better known to physicists than to the mathematical community. Orders (and their ideal theory) are also among the central objectives of his research. The constructive approach clearly dominates. In a joint paper with E. C. Dade and 0. Taussky it was proven that the (n- 1)st power of a fractional ideal of an order of rank n over the integers is always invertible. The authors obtained the idea of that theorem by numerical calculations on a computer and then each of them gave a different proof. This was an early and powerful demonstration of the usefulness of mathematical experimenting by computer. Later on he developed several algorithms for the embedding of an order into its maximal order. Each algorithm improved the preceding one and the numerical results obtained by each algorithm led to further theoretical improvements0747-7171"87.040001 +02 $03.00'0
r
1987 Academic Press Ltd.
2
Introduction
p-adic methods especially became more and more important. Consequently he improved Hensel's lemma and his version is nowadays a standard tool for factoring polynomials. The connections to algebraic number theory-the construction of an integral basisare obvious. He declared the central tasks of constructive number theory to be (i) The computation of the group of an equation. (ii) The computation of an integral basis. (iii) The computation of the unit group. (iv) The computation of the class group of an algebraic number field. For the solution of each of those problems he presented powerful algorithms whi~.:h were further improved during recent years. They will all be presented in a forthcoming book written jointly with myself. Lie algebras are another of his important research objectives. He especially studied their applicability to mathematical physics. Many papers (jointly with J. Patera and P. Winternitz) and a forthcoming book with P. Winternitz deal with the subject. Evidently a substantial part of his many papers is written from a constructive point of view. This was certainly exceptional for mathematicians after Hilbert up to some ten years ago. Contrary to many of his colleagues he was always on good terms with • computer scientists and strongly favoured co-operation between the mathematician and the computer scientist. We would like to thank him for these efforts. From the preceding summary of his research it is obvious that every description of his work is necessarily incomplete. Not to mention that we cannot go into detail of how he is capable of developing new ideas and writing up these new results faster than many others can read and understand the preprints appearing. Even though this can be frustrating, other workers usually profit a great deal from his brilliant ideas. Discussions with him are, in general, exceptionally fruitful. Though he held a research professorship at OSU he still felt that teaching was among his principal obligations. It is usually not easy to follow his ideas in a standard course, but knowing a little about the subject his approach inspires the students towards mathematical experimentation of their own and thus to obtaining new insights by themselves. For example, he took part in the Arnold Ross summer school project for gifted children whenever he could. His friends and colleagues wish him many more years of good health and enjoyment of mathematics. Michael Pobst Guest Editor· This special issue of the Journal of Symbolic Computation is dedicated to Professor Hans Zassenhaus on the occasion of his 75th birthday. Professor Zassenhaus was one of the earliest pioneers in symbolic and algebraic computation. His approach to solving problems in algebra was always strongly directed towards actual construction and design of algorithms. Thus, his research work that started 50 years ago not only shaped crucial areas of mathematics but is also an innovative stimulus to most recent developments of integration between mathematics and computer science. The Journal of Symholic Computation, therefore, is proud to dedicate this issue to Professor Zassenhaus. Professor Michael Pohst very kindly accepted the invitation of the Journal to edit this special issue and we are indebted to him for all the knowledge and effort he put into compiling this collection of papers. The Editor
J. Symbolic Computation (1987) 4, 3-10
Computing the Decomposition of Primes p and p-adic Absolute Values in Semi-simple Algebras over 0 R. BOFFGEN AND M. A. REICHERT Universitiit des Saar/andes. Fachbereich Mathematik, D-6600 Saurhn'icken. F.R.G.
Letfbe a monic separable polynomial over the rational integers land p be a rational prime. We set up an algorithm which yields the extended p-adic values of a given element :x in the semi-simple algebra A1 = Q[X] 1f Firstly, we determine the decomposition of pin A1 and an approximate factorisation off over the p-adic completion o. by means of the ORDMAX algorithm of Ford-Zassenhaus. Then it is an easy matter to calculate the values of ex. In case it would be necessary to improve the factorisation, we thirdly give a modification of the HenselZasscnhaus factorisatiOn method which works even if the factors are not relatively prime modulo p. Finally. some examples are given at the end of the paper.
1. Introduction
Let vr denote the normalised p-adic valuation for a prime p of 0 and also its unique extension to the p-adic completion QP of 0. Let fe.l[X] be a monic separable polynomial. A1 and Ar.r be the semi-simple algebras Q[X]/f and Qp[X]!f, respectively, (1'1 and ~v.r their maximal orders. In this paper we aim at giving an algorithm for computing firstly the decomposition law of pin .-t1 ,
n ftf', r
p~
(I)
r, e;E N,
i= 1
)t; prime divisors in A1 • and secondly the extensions vft;' I normalise the vi'; in such a way that v1 ;CA1 )=Zv{co}.
~ i ~ r,
of vP in A1 . Here we
2. Remarks on the Arithmetic in A1 In this section we give an exposition of the theoretical background of the algorithm. The main theorem describing the decomposition of p in A1 has been stated by Kummer (Weiss, 1963). THEOREM I. Let fe Z[X] be monic and separable, and wE Ap.f be a generator of (I)P· 1 over the p-adic integers ZP, i.e. I, w, w 2 , •• • , wd•gf-t form an integral basis of Ap,f· If mw E Zp[X] is the minimal polynomial of w, and
=n mr' (mod p), r
mw
m;EZp[X],
r, e;E N,
(2)
i=l
its factorisation modulo p, the decomposition of p in Ap.f results in p
~
0747-7171.87 040003 +08 $0.\.00·0
n/zr·.
fl;
(3)
prime diL·isors in Ap,f•
i= 1
I"
1987 Academic Press Ltd.
4
R. Biiffgen and M. A. Reichert
and therefore in A1
n jtf', r
p;;:
Pi
prime divisors in A!. 0
(4)
i= 1
The theorem can be directly applied if
A1 :
= l[X]/f s; (I)J
is p-maximal, that is, if p does not divide the 71.- module index of D.r in (!' r· In this case, the decomposition law can already be read from the factorisation of/modulo p. However, A1 need not to be p-maximal. In order to compute a generator of rp. 1 , we apply the ORDMAX algorithm which has been developed by Ford and Zassenhaus (Ford, 1987), and refined and also implemented by the first author at the Universitiit des Saarlandes (Boffgen, 1987). We do not enter into the details of this algorithm, but wish to show how to make use of it for our intentions. Let d(/) be the discriminant off, and f.J. = vp(d(/))+ l. The ORDMAX yields first a factorisation off modulo pi' of the form
n fi (mod p"), r
!=
(5)
i= I
with re N as in (1). /;e 7l.[X] monic. separable. and irreducible over OP (see Boffgen, 1987, Ch. 9.1, steps 4.2 and 4.4.2a), b), but in place of k using f.J. as defined above). Second, in any field Ki: = OP[X]//;, it yields a generator wi of the maximal order IJi c Ki (see Boffgen, 1987, Ch. 7.10, step 2). According to Theorem 1 (Kummer), its minimal polynomial mw, has the properties (i) mw, e l[X],
(ii) mw,
= mr• (mod p), with ei EN
as in (2).
111j E
.Z[X] irreducible modulo p.
Consequently, the decomposition of pin Ki reads p ;;: ?~',
(3')
'li prime divisor in Ki,
and in Ap.g
= Op[X]/g;;: EB Ki for i= 1
P;;:
Il ?~··
g
= TI
i= 1
/;:
?i prime divisors in Ar.g·
(3")
i= 1
The decomposition law in Ap,J• and hence in A1 itself, is given by (3") together with the Structural Stability theorem of Zassenhaus ( 1980). THEOREM 2. If for two monic and separable polynomials f, g E 7l.r[X] there holds the congruence f= g mod p• for v = vp(d(f))+ 1,
then the semi-simple algebras Ap,J
=
Qp[X]/f,
Ap.g = QP[X]jg
are isomorphic over Or. In particular, the decomposition laws of the two algebras coincide. 0 REMARK.
Under the above assumptions we get, by means of the algorithm ORDMAX.
Decomposition of Primes
(i) a polynomial r
g=Tif i= 1
such that f e Z[X] monic, separable, irreducible, g =/(mod p~'),
fl = vp(d(f))+ 1,
such that (ii) The decomposition law of pin Ap.g, hence in Ap,f• hence in A1 . In what follows we always look at A1 as a subset, embedded into Ap.f· The clements 1XE
Ap,f = QP[X]/f
are represented in the canonical way as polynomials
h.eOr[X], such that
1 =
degh, 0,
(7)
l ~ i ~ r,
(8)
be the factorisation off in Zr[X], and
K; =
QP[X]j};,
finite extension fields over QP. According to the isomorphism
Ap.f
~ EB K;
(9)
i= 1
the elements IX e Ap, 1 can be described as r-tuples (& 1 ,
a;:Ap. 1 -'>->K;,
.•• ,
&,), &; e K;. Here the projections
l~i~r,
are given as follows: in addition to (6), let hi ..• e QP[X] such that
h; .• =h. mod};,
deg h; .• < deg};.
(10)
Then we define
&; = a;(1X) = a;(h.) = h;,.,
h;,. = h;,.+J;Op[X].
The above facts, together with Weiss (1963), can be combined to give THEOREM 3. Let fe Z[X] monic, separable, (7) its factorisation over QP, Ap.f and K; subject to (8), (9). Let (3) be the decomposition of the rational prime p in Ap,f· Then the extensions of the p-adic valuation vP to AP.f are given by
v;,: Ap,f---> Q v {oo} (12)
REMARK. For IX e Ap.f there is an i, I
~
i
~
r, such that v;,(IX) = oo, if and only if ct is zero or
b
R. Biiffgen and M. A. Reichert
a zero-divisor in AM. In this case h, = 0 or gcd(h,.f) ¥- I. respectively. According to the notation in (4), for I ~ i ~ r, let Lj. 1 denote the restriction of r;, on A1 .
3. The Algorithm Now we are in a position to set up the algorithm for computing the v;. 1 values (l ~ i ~ r) of ct E A1 . Without loss of generality we assume x to be integral over iQ, such that h,e.Z[X]. INPUT:
fe.Z[X] monic and separable; p a rational prime; ha E Z[ X], deg ha < degf
OUTPUT:
the decomposition law of p in A1 ; the values v,.,(ct), 1 ~ i ~ r.
STEP 1:
Setk+-vp(d(f))+leN. Determine the decomposition law either on the basis of the factorisation of /modulo p if A1 p-maximal, or by means of the algorithm ORDMAX.
STEP 2:
Set t+-gcd(h,,f)e.Z[X].
STEP 3:
Establish the factorisation off modulo pk: r
! = 0 .t; (mod pk),
;; E
.Z[X] relatively prime,
i= 1
and set n1 +-deg/;. Execute the following steps for each i, I
~ i~
r.
STEP 4:
If(; divides t modulo pk, set v~ 1 (x) +-00, and skip steps 5 and 6.
STEP 5:
Compute i 1 modulo pk, and N 1e.Z such that
N1
If N1 STEP 6:
=Ng,
109 (&1)
mod pk.
=0 mod pk, increase k and go to step 3. e.
Set v_..(o:) +---' vp(N;). '
ni
4. p-Adic Approximation of Polynomial Factorisation In this section we establish the quadratic Hensel lift method as in Rychlik (1923), but using only the so-called reduced resultant in place of the classical resultant. To this we give a modification of the method of Zassenhaus (1969, 1984), where we get rid of the assumption that the factors of the polynomial modulo a prime power pk are relatively prime modulo p. Specifically, in step 3 we start out with a complete factorisation off modulo pk as an approximate factorisation off over QP. In the course of the algorithm we eventually have to improve the approximation in order to get a factorisation off modulo pk', k' greater thank.
Decomposition of Primes DEFINITION.
7
For f, g E 71.. we define res(/, g):= (f7L[X] +g7L[X])n71..
((13)
as the reduced resultant ideal off and g, and denote the Vp·value of a generator of res(/, g) by vp(res(f, g)). Let
!= f1.kf2.k (mod l).
for
h.ke7L[X],
i=l,2, kei\1,
(14)
k>21,
where
I= vp(res(/1 ,k, /2.k)). ·Moreover, let A;,t E 71..[X] such that there holds the resultant equation Specifically, for THEOREM
= P1 (mod l). .4u/2.k + A 2,tfu = I +p"'Ao.t• 1 A;.k = p- A;.tEp- 17L[X], m = k-1, and Aue71..[X].
(15)
At,d2.k+A2.kfu
(16)
4. Under the above assumptions, for the polynomials
9o.k = p-"'(f-f,.d2.k)ep'7L[X],
( 17)
h.2m =/;,k+p"'gi,k•
where one has
(i) /;, 2 me71..[X], (ii) f /1. 2mf2. 2m(mod p2m), (iii) 2m> k. 0
=
REMARK. By Theorem 4 we have improved the factorisation (14) of /modulo factorisation modulo p 2 m. Moreover, if we set
l
upon a
Ai.2m = A;.k-l A;.k(guAt,k +9t,kA2.k + Ao.k) e7L[X], we obtain a second resultant equation on the level p 2"': 1
2
A,, 2J2. 2m+ A2. 2mf1. 2m= p (mod p "').
(15')
It is an easy exercise to verify the formulas established above. Notice that 2m > k > 21, therefore, starting from the new resultant equation, we are able to further improve the factorisation. The algorithm proceeds in quadratic steps up to a constant factor p 21 .
5. Examples The following examples have been computed on a Siemens 7.570-P at the Rechenzentrum der Universitiit des Saarlandes. We have used a storage of 800 K byte. In each case we have listed:
-f(X)e7L[X], defining A1 = Q[X]/.f; -the discriminant d(f); r
-the factorisation!=
0 /;(mod p•). v ~ JJ., as in (5);
i= 1
8
R. BOffgen and M. A. Reichert
-the decomposition of the rational prime p ~
n r
/tf;
as in (1);
i= 1
- h. E Q[ X], the representation of an element a E A f due to (6); -the values v;.for i = 1, ... , r, as in (12); -the executio~ times for the first (decomposition) and the second part (values) of the example. Example 1. Cyclotomic field, where the decomposition law is well known. Example 2. A field of degree 21. Example 3. f(X) = 5 12 g(1, X /5), where Gal(g(t, X)) ~ :H 12 (B. Heinrich Matzat, Karlsruhe, W. Germany). The high execution time comes from the factor of degree 8: In step 5 the calculation of the norm is very time consuming. Moreover, we have t'fo(N3 ) = 8, N 3 = 0 mod pM, so N 3 has to be calculated once more, after we have set up the factorisation off modulo p 16 according to section 4.
EXAMPLE
I.
/(X)= X 12 +X 11 +X 10 +X 9 +X 8 +X 1 +X 6 +X 5 +X 4 +X 3 +X 2 +X+ 1. Discriminant= 1792160394037
= 13 11 .
Factorisation of f(X) mod 13 13 : 1
/(X)= X 12 +X 11 +X 10 +X 9 +X 8 +X +X 6 +X 5 +X 4 3
2
+X +X +X + l mod 13
13
.
Decomposition of P = 13 inK= Q(X)/f(X):
p=2'l2. CPU time for decomposition law: 2 sec. Factorisation of f(X) mod 53 8 :
/(X)= (X+ l3977326649904)•(X +4271517168614)• (X+ 1684374218587) *(X+ 59485046836771) * (X+ 59218733333735) •(X + 9571962549965) * (X+ 53494558429165) •(X + 52990795504056) * (X +500892l0866757)•(X +219652608ll250)• (X+ 19655666986627) *(X +27153689112736) mod 53 8 . Decomposition of p =53 in K = Q(X)/(/(X):
P = jz, * /t2 * /tJ * /t4 *Its* /J 2 -lll'tilJ 2 > 0 belongs to the ideal bOL of norm N 2 " 1 in the field L = flilpi+q, the composite of pi> and fli+r>. Here, I= [L: f 10 ] = [L: Fli + "] ::::; II- I. Each Q-isomorphism of fli) or F 1;+r) into C has precisely I distinct extensions to a Q-isomorphism of L into C. Let r 1 • r 2 , •.• , r 1• be the Q-isomorphisms of L into C and assume that r 1 is the identity and r 2 is complex conjugation. Using (3.5) and (3.6), we find bounds on the conjugates of y1 and get nl
N 2 " 1 ::::;
·d k=3 f1 jrk(i';)l
::::; yf2•1-2Mf'-z
(Ii
Mk)'l Nztnl-2>.
0
k=l k -l:i
Notice that we can substitute a smaller value for c4 (i) if we know the degree /. For example. ifF is normal, we can put
c4 (i)
= 2"12 P/(2M;).
The following corollary of this result is of great importance in the sequel. CoROLLARY.
If ,) < c 5 =min {(c 1, c 3 )- 1, (c 2 c 4 (j))- 1 jl::::; i::::; s, s+ I ::::;j ::::;m},
then 11 is a minimum of/>.
J. Buchmann and H. C. Williams
!6
PROOF.
By Proposition 3.1 the bound on b implies that there is either an i e {1, 2, ... , s}
with or an r· e 11s +I • s·+,........ m} WI'th IJ.lc;,Jl -IJ.l·ci)ll < N/c4(i). Since this contradicts Proposition 3.2, J.l must be a minimum oft.
o
4. The Algorithm and its Complexity By using the Corollary of Proposition 3.2 we can derive the following method for computing a minimum of If. ALGORITHM
4.1
(I) Compute J.l such that 2q[l is a shortest non-zero vector in the integral lattice 2ql Since 2qt is an integral lattice, we do not have to contend with round-off errors during this computation. (2) Compute c 1 , c2 , c 3 (i) (I~ i ~ s), c 4 (i) (s+ I~ i ~ m), and c5 • (3) If b < c 5 , then J.l is a minimum of I. Return J.l and end. (4) Increase q and go to 1.
In order to establish that Algorithm 4.1 will work, we need to prove THEOREM
4.2. For a fixed n there exists a computable constant c6 such that
if q > c6 log D.
then
(i) fi is non-singular, (ii) b 1• · · · • O>j- 1 • Wj- O>j, Wj + 1, · · .. Wn) ·
From (2.1 ), (2.4), and Hadamard's inequality, we get jdetil) hence, _Since jdet 01
~
c 7 Dt•-tltlrq;
ldet fi-det ill~ c8 Dt•-llt 2
= JD,
rq.
(4.2)
we see from (2.3), (4.1), and (4.2) that we can choose c 6 such that (4.3)
In order to prove (ii) it is sufficient to give computable upper bounds, which are
Principal Ideal Testing
17
polynomial in D. on W, M and JHi (1 ~ i ~ n). From (2.1) we know that ~ CqD(1 2 :
IIQII
(4.4)
hence, by Cramer"s rule and Hadamard's inequality, we get
ll!"r 1 11 and since T =
~ ctoo \a\J as well as to compute # P. The algorithms presented
here are of independent interest and can be used for different problems.
2. Numerical Approach
2.1.
SZEGO'S THEOREM
The measure of P is also given by the formula M(P) = exp { l/21t
[x
log \P(ei8 )\ dO}-
So that, applying a general theorem of Szego (see e.g. Dym & McKean, 1972) we get the following result. THEOREM
B. Let P he a non-::ero polynomial with complex coefficients. Then
M(P) = Inf {1\PQ\b; Q monic}.
L. Cerlienco et a/.
24
Moreover, for any fixed degree n, it is possible to compute I.(P):
= Inf {IIPQib; Q monic and
deg
(Q) = n}
(see Lawton, 1975).
Thus, we have
M(P) ~ I.(P)
and
~
for.n
0
M(P) when n-c.o·
I.(P)--+
For n = 0 we get Theorem A and n = I gives the more precise result: CoROLLARY. The measure of d
p =
L a;zi i=O
satisfies
A GRAEFFE-LIKE ~IETHOD
2.2. If
d
P(:) = ad.
fl (:- :x;), i= 1
define
ar. fl (z-:xf"') d
P.,(z):=
for m~O.
i=l
These polynomials can be easily computed: P0 = P; if P.,(z) = F(z 2 )+ zG(; 2 ),
then
P., + 1 (:) = F 2 (:)- :G 2 (z).
These polynomials verify
M(P.,) = Moreover,
M(P) 2 "'.
M(P.,) ~ IIPIIz by Theorem A and obviously IIP.. I\2
~
2d . M(P)
mdeed,
(·
I!P.. I\ 2
~
(2d)! d . M(P.,) ).
So we get: PROPOSITION
I. With the previous notations 2-d.z-o" .IIP.. IIf'" ~ M(P) ~
IIP.. IIr'".
This method has been discovered independently M. Langevin, C. Stewart, etc.).
D
by several people (D. Boyd,
REMARK. Here is the proof of Kronecker's theorem. Suppose that ex is an algebraic integer with M(:x) = l. Let P be the minimal polynomial of :x over 71.. Then, P is monic and the P..'s have degree d and bounded coefficients, because
I!PII2
~ 2dM(P,.) = 2dM(P) 2 "' = 2d.
So, the set of P.. ·sis finite. This implies that the set of the cx 2 "''s is also finite. Thus, there exist two different values m and m', for which :x 2 '"' = cx 2 "'. QED
Computing the Measure of a Polynomial
25
2.3. HOW TO GUESS # P
Suppose that the roots of P satisfy the inequality
l:x tl ;;:,: ... ;;:,: I1Xkl > I ;;:,:: J:xk+ tl ;;:,: · · · ;;:,J:xdJ, so that # P = k. Consider again the polynomials Pm defined above and put d
Pm(z)
=L
bjmlzi.
i=O
To stmplify the notation we suppose that P is monic. Obviously.
Jb~m}iJ :( (~) J:x1 ... :xiJ 2 and
Jb~~d ;;:.JIX
1 .•.
cxil 2 m-
m
for 0 :( i :( d
(~)max {Jail ... !Xi, I; Ut, ... ,ji) =f. (1, ... , i)Vm.
(**)
These remarks lead easily to the following result. PROPOSITION 2. Suppose Pis a monic polynomial and the blm' are giren as ahvre. For a small enough fixed e > 0 (namely, for l - e > J:xkl- 1) and for m ;;:. 0, define the integer I as the larg
Jhl~\1
Then
:( (l-e) 2 miW'I fori= d-1, d-2, .. .. J-h. I = # P ji1r m > m0 (e).
D
REMARK. It is possible to give an effective form of the previous proposition. The first step is a lower bound of JJ: = Jcxkl( >I). By (M I),
ll:xkl- II ;;:. l/M(JcxkJ-1 ), JJ;;:.: l +(M(IO!kJ-I))- 1,
or and, by (M4),
.\-1 ( J:xkl) :( Jl ( J:xd! ).
2
Since Jcxkl is of the form cxk. :xk .• for some index k' (maybe k' = k), its degree is at most d(d-1) and property (M2) implies M(lcxkl 2 ) :( M(cxk) 24 , so that I1Xkl is an algebraic number of degree at most 2d(d -1) and of measure bounded above by
M(Jcxkl) :( M(1Xk) 24
:(
M(P)2d.
Using (M3) and Theorem A we get JJ;;:,: I +2-2d(d-l)IIPII2 24 .
The second, and last, step consists in estimates of the i;;:.d-k, the estimate (•) implies Jb}~\J
b\m 1 which involve
:( 2dJO!l · · · l)!d-i- tl 2 m:( 24 JO!l • · · 1Xd-iJ 2 mJJ- 2 m,
whereas ( **) leads to so that
Jbl':'\1 :( AJJ_ 2 mJbjm 11.
fori= d-l, d-2, .. ., d-k.
where A= 24(l-2 4JJ-z·y
1
,
JJ and d. For
L. Cerlienco et a/.
26
From the obvious upper bound we get
\1
lh~m. .
Notice that A. ~ on mare
2d+
1
~
). -llb~m_lk_ 1l·
form~ m1 (effective). Now take e, 0 < e < 1- JJ-
1
•
The conditions
I - e ~ JJ- 1 ;_ 2 .....
and
1-e
.. . , vk, Mk(a) = 0 implies Pk(a) = 0. We are now able to prove the following proposition. PROPOSITION
4. Put
d
P(z) =
fl
(z-ctaEJ"[z].
i= 1
Let ~;. I ..:; i ~ d, bed linearly recursir;e sequences with tile same minimal scale P(.:). Denote by 3 = (~J) the d x x matrix whose rows consist of the sequences~; and denote by 2i:h.····i• (j~ I, I ~k~d. O~j 1 < ... 0
( 1.2c)
and with coefficients s(:x) defined over integers of the field Q(.j2). The modular forms are holomorphic and are called cusp forms if s(O) = 0. We consider only forms of even degree 2k, so
r[azyz ++ v~. a:z: + ~:]. [(yz + b)(y'z' +D')rzk = f(z, z') y::: +v
(1.3a)
a, {3, y. bE Z[fl], ab-f3y =I
(l.3b)
with conjugates as shown. Following the evolving notation (Gundlach, 1965; Cohn, 1982; t Research supported in part by NSF Grant MCS 82-01717 and by Grant # 665266 from the PSC-CUNY Research Award Program of the City University of New York. 0747-7171;87 040035 +06 $03.000
1 .,
I'187 Academic Press Ltd.
Jo
H. Cohn and J. I.
D~utsch
Nagaoka, 1983) the Eisenstein series lead to convergent forms written as
8 H 2(z, z') =I +q (: + 144+48r) +0(q 2 ) H4 (z, z')
=q
(1.4a)
G
-2+r) +0(q 2 )
(1.4b)
H 6 (z, z') = q + O(q 2 )
(1.4c)
where subscripts of H indicate the degrees. These are symmetric forms satisfying f(z, z') = f(z', z), and serve as generators of the symmetric forms of even degree. Now Gundlach's results show nonsymmetric forms to exist. The one of lowest even degree has degree 14. Its q-r expansion begins as follows: H 14 (z,z')=q 2 G-r)+...
(1.5)
Since the interchange z +-> z' leads to r +-> 1/r, note that H 14 satisfies the alternating condition H 14 (z, z') = -H 14(z', z). An explicit formula for H 14 remained elusive, however , until more advanced methods were used such as the theory of Siegel modular functions and the theory of algebraic curves (see Nagaoka, 1983; Muller. 1983; Hirzebruch, 1977). The net result was the discovery that
Ht 4 = H 4 H 6 (HzH4+4H 6 )·
(H 6 Hi -1728H~ -288H 2 H 4 H 6 -1024H! +4HiHi).
(1.6)
The last factor is the difficult one which was not explicitly given in Gundlach's paper. It is our present objective.
2. Use of the Heeke Transform The general purpose of the past and present paper is to show the computational power of the Heeke transformation. We take the transformation, again, in the context of a prime n E Z[y'2] which comes from the factorisation of a rational prime p = nn',
n > 0,
Txf(z, z') = f(nz, n'z')p 2 k+
L
P-
n' > 0 1
I
[z + z' +j]
j -, -, . 1t
j=O
(2.la) (2.1b)
1t
This operator transforms the space of modular (cusp) forms into itself and therefore is more powerful than the mere use of Fourier series. The action on the coefficients of the Heeke transform is Txf(z, z')
J+
= (plk + p)s(O) + L [p 2ks [ ;-
J
ps(cm) qbr"
(2.2)
(see Cohn & Deutsch, · 1987). For n = 2+J2, n' = 2-j2(p = 2) the Heeke transformation is seen to split the symmetric from the alternating forms while for other p (with nfn' ¥ unit) the forms intermix. Thus in the paper just cited we show how to ·determine the alternating form H 14 from some symmetric forms, e.g.
(2.3)
Heeke Transformations of Modular Forms
37
In doing so we required the prior formula (1.6) from H 14 however. We shall now derive alone. this formula for H 14 by the use of T~ for n = 2 +
J2
3. The Starting Form Our starting point is a result following from Gundlach (op. cit. p. 119) that for some factor G 12 of degree 12 the alternating form H 14 satisfies the relation
Hi4 =
H4H 6 (H 2 H 4+4H6 )G 12 .
(3.1)
The form G 12 is really Gundlach's G2 . In principal, ifMACSYMA had greater speed and capacity, we should not need to meet the theory halfway. We could write, in total ignorance of the form (3.1) the trial modular form
Hi 4 =
I:.AiikH~HiH~
(2i+4j+6k = 28).
(3.2)
The sum would have 24 terms and 24 unknown coefficients Aiik and the machine could hunt for several (actually 9) distinct combinations for which the square root of the right hand side is single-valued in q and r, and the Heeke transform produces an eigenvector. One of these would be our H 14 of course; another would be the Eisenstein series of degree 14. etc. Because of machine limitations, it becomes necessary to proceed from (3.1) with the unknown function G 12 given as the more restricted expression G 12 = AH 0 H~+aH~+bH 2 H 4 Ho+cHt+dHiHi+BH 4 Hj,+CH~.
(3.3)
This is the most general form of degree 12 with A, B, C, a, b, c, d as unknown coefficients. The other factor, however in (3.1) is
H 4 H 0 (H 2 H.~ +4H = q 6)
3
G G -2+r)
+2+r) + ...
(3.4)
Hence C = 0, for otherwise H 14 would equal
JCqJ;z
(r- ~) + ...
and would not be single valued. So G 12 must likewise start with an odd power of q. If we examine the starting terms we see three levels for q depending on which unknown coefficients vanish. namely
(3.5)
If A
= B = 0 the
odd exponent for q requires a
= b = d = 0.
This leads to a contradiction
since H 14 would then have the starting term I
.jCq ( ~ -r 3
) (
r-2+
J)3;2 .
~
This would not be permissible since (r-2+
~r2
is not the square of a single valued polynomial in rand 1/r. (Note that an infinite power series in r and 1/r would violate the condition lal < bji in ( 1.2a)). For the same reason we cannot have A = 0 and B "# 0. Hence with A -:1 0 we can adjust constants to set A = I and find that for H 14 to have a single valued starting term B must equal 0. That is, if G 12
= q+Bq (r-2+
n
+ ...
as before, no nonzero value of B will make G 12 jq a perfect square. We thus obtain the starting value
Hi 4 = H4 H 6 (H 2 H4 +4H6 )G 12 {G 12 = H 6 H~+aH~+bH 2 H 4 H 6 +cH!+dH~Hi
(3.6)
with unknown coefficients a, b, c, d.
4. The Computation We generate the Fourier series (see Cohn & Deutsch op. cit.) for H 2 , H 4 , H 6 up to q 7 and this yields the square root, H 14 up to q5 in (3.6) as a single-valued power series with coefficients involving a, b, c, d. We use the Taylor series facility of MACSYMA extensively. Since the alternating form H 14 splits off an eigenspace under T2 +-.~ 2 (4.1) Actually, ). = 80 as we saw before in Cohn and Deutsch (op. cit.) from the true value of H 14, but for now we must assume that A. and the coefficients in H 14 are unknown. We match coefficients to check (4.1) as shown in the attached Table I. We omit those iJ. for which the term qbr•(iJ.= a+bJi) has zero coefficient on both sides of (4.1). The expansion up to q5 was necessary to make enough coefficients possible and this degree of accuracy, in essence, exhausted the capacity of MACSYMA! There are six lines in Table I, which seems to overdetermine the five unknowns a, b, c, d, ). but it is necessary to avoid extraneous roots. We make the immediate observations from the indicated lines: (iv)
d=4
(ii)
A.= -(b+ 128)/2
(i)
c = 4b+ 128.
This eliminates d, A., and c and reduces the unknowns to a and b. By further use of
H.:ck~
3'J
fransformattons of Modular forms
Table I. Coefficients used from equation (4.1)
(i) (ii)
(it")
(v)
(l'i) £1
1X/(2+J2)
3 +(12a + 1952)1> 2 .,. ( -3a 2 - 704a+ 17592)b-496a 2 - 262144a + 341798..\]. 16
t Note s(:x) is from H 14 and ;_,p) ts from T2 . , -;ff •~·
Table 1, we determine these equations from the lines shown:
b2 -(a+352)b-160a+36864 = 0
(iii)
b3 +280b 2 +(20a+ 10240)b+3328a-589824
(v) (vi)
3
2
=
0
2
2
15b -(12a+ 1488)b +(3a +840a-27648)b+448a +240128a-7077888 = 0.
From (iir) MACSYMA finds
a=
W- 352b + 36864)/(b + 160)
(4.4)
and substitutes it into (v) and (vi) to produce two polynomial equations in b. These factor as
(b+288>W+ t72b 2 + t792b+98304) = 4
(b + 288)(3b + 1532b
3
-
206208b
2
-
o
(4.5a)
28893184b + 320 1302528) = 0.
(4.5b)
Hence b = -288, with no extraneous roots since the accompanying factors are seen by MACSYMA to yield a greatest common divisor equal to one. The values are now
a= -1728,
b = -288,
c = -1024,
d = 4,
.l. = 80
(4.6)
and the alternating form H 14 is discovered.
5. Concluding Remarks In using MACSYMA for this calculation we began to run into the 15 minute time limit for any foreground process on the CCNY VAX. To compute the Taylor series for G 12 in
40
H. Cohn and J. I. Deutsch
terms of a, b, c and d up to q9 took 4.59 minutes on a MACSYMA with 1.5 megabytes of list space and an augmented "fixnum" region. We had seven "garbage collections" in the calculation with none of the utilisation ratios falling below 80%. To calculate the square of H 14 using the above G 12 took 4.91 minutes on the same MACSYMA with II "garbage collections" while the utilisation ratio fell as low as 71%. After opening a new MACSYMA session with the square of H 14 saved from before, we could not calculate the square root within the machine's time limit. Only by truncating the Taylor series for Hi 4 at q 7 could we then take the square root. This operation took 46.5 ~econds on a MACSYMA with 1.75 megabytes of list space and only one "garbage collection", and gave the square root up to q5 , fortunately enough to nail down b exactly. Indeed H 14 and its square, expressed in terms of a, h, c and d consume almost the whole of a MACSYMA file of approximately 56,gOO bytes. Actually, if we are ambitious about more extensive use of symbolic manipulation a more worthy goal would be to generate modular equations, say of norm seven. This has only been done for the case of Q(j2) and norm 2 (see Cohn, 1982). For functions of one variable such a goal is not unrealistic, for instance see Kaltofen & Yui ( 1984a) where the modular equation of order 7 is derived and a more detailed bibliography of the case of 'One variable is given. Also see Kaltofen & Yui (1984b) for the modular equation of order II. An alternative p-adic method for obtaining the modular equation has been developed by A. 0. L. Atkin. For two variables the corresponding modular equations could surely strain any symbolic system to its breaking point. The methods of this paper can be extended to other real quadratic fields of class number one and fundamental unit of norm -I for which the ring of modular forms is known, such as Z[jS] (see Gundlach, 1963). We are grateful to the Science Computing Laboratory at the City College (CUNY) for making the VAX version of MACSYMA available.
References Cohn. H. (1982). An explicit modular equation in two variables and Hilbert"s twelfth problem. Math. Comput. 38, 227-236. Cohn, H., Deutsch, J. I. (1987). Application of symbolic manipulation to Heeke transformations of modular forms in two variables. Math. Comput. 48, 139-146. Gundlach. K. B. (1963). Die Bestimmung der Funktionen zur Hilbertschen Modulgruppe des Zahlkopers Q(j5). Math. Ann. 152, 226--256. Gundlach, K. B. (1965). Die Bestimmung der Funktionen zu einigen Hilbertschen Modulgruppen. J. Reine Angew. Math. 220, 109-153. Hirzebruch, F. (1977). The ring of Hilbert modular forms for real quadratic fields of small discriminant. Springer Lee. Notes Math. 627, 287-323. Kaltofen, E., Yui, N. (1984a). Explicit construction of the Hilbert class fields of imaginary quadratic fields with class numbers 7 and 11. (Eurosam 84). Springer Lee. Notes Comp. Sci. 174, 310-320. Kaltofen, E., Yui, N. (1984b). On the modular equation of order 11. Proceedings of the 1984 MACSYM A Users Conference. pp. 472-485. General Electric. Miiller, R. (1983). Hilbertsche Modulformen und Modulfunktionen zu Q(jS). Math. Ann. 266, 83-103. Nagaoka, S. (1983). On Hilbert modular forms III. Proc. Japan Acad. (ser. A) 59, 346-348.
J. Symho/ic Computation (1987) 4, 41-52
Computation of Class Numbers by an Analytic Methodt CARSTEN ECKHARDT Universitiir Giittingen, Mathemutisches lnstitut, Bunsenstr. 3-5, D-3400 Gouingen, F.R.G.
A method for determining the class number h of an algebraic number field is presented. The method is based on a series expansion for h.
Introduction
The purpose of this paper is to develop an algorithm which computes the class number h of an algebraic number field K/Q assuming that certain invariants of K, especially its regulator, are already known. In section I we derive a series representation for h using the functional equation satisfied by the zeta-function of K and the analytic class number formula. As we shall see in the second section, we have to sum O(y idl ·log ldl"12 ) terms of the series, where d is the discriminant of K, to be sure that the deviation from the exact value of h is less than I, 2. Since h is a natural number this degree of precision suffices to determine h exactly. The next thing to be considered is the numerical evaluation of the terms of the series. Here we have to determine how the rational primes split in the field K and evaluate a certain special function. We conclude the exposition with some remarks concerning the implementation of the algorithm in practice and a few examples. Effective algorithms for computing class numbers already exist. First of all there is an algebraic method which is based on the proof of the finiteness of h by the geometry of numbers. The paper (Pohst & Zassenhaus, 1985) contains a detailed description, but no complexity analysis. Powerful algorithms are available for quadratic and complex cubic fields (see Lenstra, 1982; Dueck & Williams, 1985). These are based on algebraic and analytic concepts and need O(ldl 1' 5 +•) operations to determine h, provided that some generalised Riemann hypothesis is true. The basic ideas contained in this paper are due to S. J. Patterson. I would like to thank him and E. Maus for many valuable hints and their encouragement during the preparation of (Eckhardt, 1986) and this paper. We conclude this introduction with a list of notations used. 0 n
r1
ring of algebraic integers in K, degree of K/Q, number of real places of K,
t Based on the author's Diplomarbeit (Eckhardt, !986). 07~7-7171
87.040041
+I~
Sll.' 00 0
t'l 1987 Academic Press Ltd.
C. Eckhardt
42
w (.(s)
number of complex places of K; discriminant of K, regulator of K, number of roots of unity in K, and the zeta-function of K.
We assume that the values of r 1 , r 2 , d, wand Rare known. Let l(m) denote the number of ideals with norm m in 0. The zeta-function of K is then expressed by the Dirichlet series C.(s)
"' = L
l(m)m-•
Re(s) > I.
m=l
We use the notations= u+it.
I. A Class Number Formula
In this section we are going to derive a series representation for the class number h. The following theorem summarises some well known facts concerning the zeta function of K .
.
THEOREM
I. I. Let
G(s): = ( 7t -ir ~.(s)
G)
r
((27t) -·qs))''jdjT
:= G(s}C.(s). . ..
~
Then the function ~. has an analytic continuation to the whole complex plane as a meromorphic function and satisfies the functional equation ~.(s) = ~.(1-s).
The only singularities
of~.
are simple poles at s
= 0 and s = I.
We have
See Lang, 1970, p. 259, Theorem 2. To compute the residue of ~.(s) at s = 1 we consider
PROOF:
V := _21. Ttl
f ~.(s)A. ~R
-s
ds.
Here the path of integration is the rectangle with vertices u +it, (1- u) +it, (I - u)- it, u-it for fixed u, t, A.> I. By Theorem 1.1 and Cauchy's theorem we obtain
2''R
V = - h ( r 1 -l). w
We show that the integrals over the horizontal sides of R vanish as t -> oo. We need the following
Computation of Class Numbers LEMMA 1.2 Let 0' 1
43
< 0. Then in the half-plane Re(s) ~ u 1 we have uniformly (K(s)
= O(t" I. Therefore it is possible to express (is) by its Dirichlet series. One obtains
1 -2 0
1tl
Jr
(a)
G(s)(K(s)A. -· ds
Jr
1
= -2 0
1t1
G(s) (
f
(~ j G(s)(m).)-• ds) -1t1 J(a)
f.
/(m)
L"'
I(m)F(A. · m),
m= 1
I(m)m-·) A.-· ds
m= I
(a)
m=l
where for x > 0 1 F(x) := - . 27tl
j
J
G(s)x-• ds.
(a)
The interchange of integration and summation on the right side of the first equation is justified by Theorems 77, 77b of (Behnke & Sommer, 1962). We note that the definition of F makes sense for u > 0 and that the value ofF does not depend on u. The remaining integral over (I- u) can be treated in the same way if we first apply the functional equation
= A.- 1
L"' l(m)F(mA.m=l
1
).
-4
L.
t.d.harc.lt
We are now in the position to state the result of this section: THEOREM
1.3. Let A.> I. Then we have h = ~ ~I(m)(F().m)-A. - 1 F(). - 1 m))
2''R
).
1
-1
.
2. Error Estimates Tn this section we shall study the error term lh-h*(N)I, h*(N) being the approximation to the class number obtained by truncating the series occurring in Theorem 1.3 after n terms: h* N) = ~ ~ ... .,_,./(m)(F(A.m)-r F(r m)) ( 2''R A. 1 -1 1
1
This will be achieved in three steps: the first two will be to describe the asymptotic behaviour of the function F and of the ideal counting function /(m). The third step will then be the estimation of the sum
L
l(m)F().m).
m>N
For our first goal we need some results about Mellin Transforms which will be summarised in the following definition and theorem. DEFINITION
2.1. Let a< b, 0 < f3.;;;
1!
be given. We define two classes M 1 , M 2 of functions:
M 1 consists of those functions 'P which are ho1omorphic in the strip a < re(s) < b and satisfy for any e, fJ > 0
for all sin a+e.;;; u.;;; b-e. M 2 consists of those functions which are holomorphic in the sector larg(.s)l < except the origin and satisfy for any e, fJ > 0 l(s)l < K*lsl-c for all sin larg(s)l.;;; /3-fJ and all c with a+e.;;; c.;;; b-e. THEOREM
2.2. For 'I'EM 1 , EM 2 we have M(s) :=
1 M- 1'1'(x):= -2. 1!1
t'"
(t)t•- 1 dt
r 'P(s)x-· ds
J
E
E
M1
M2
(Mellin Transform) (Inverse Mellin Transform).
( 0
!G 1
(s)l < k · exp ( (- ~ +c5}tl)
for all sin the strip 0 N
Jidf we can replace summation by integration and obtain
T), the implied constant being effectively computable from (4). Expressions (3) and (4) provide efficient estimates for Tin practice. On the other hand a straightforward calculation using the estimates for f, T and f(x, a) yields THEOREM
2.6. There exists a constant C which depends only on the degree n of K, such that
lh- h*(N)I < 1 for N > Cldl 112 log ldl"12 . In fact a value for C may be computed explicitly for every n, but it is not recommended to use this value in actual computations.
3. Evaluation of the Series, Implementation and Examples In the first part of this section we shall describe how the function F can be evaluated. One possible approach to this problem is to search integral tables hoping that F is already known. We Jist three special cases in which F can be represented by standard special functions: 1. r 1 = 0, r 2 = 1: (K imaginary quadratic)
F(x) = exp ( -2rr
~}
2. r 1 = 2, r 2 = 0: (K real quadratic) F(x) = 4 · K0 ( 2rr
~).
3. r 1 = 0, r 2 = 2: (K totally complex quartic)
K 0 denotes the modified Bessel-function of order zero. In all cases we used the integral representation for F derived in the previous section. One needs (Gradshteyn & Ryzhik, 1965, p. 340) to obtain the last two results. It seems somewhat unlikely however that F coincides with some "known" function in general. We therefore sketch how a series expansion for F can be obtained. For simplicity write F*(x) :=
~ 2m
[
J(al
G*(s)x-s ds
for x, a > 0 and G*(s) := Then
(s)''
r "2
f(s)''.
50
C. Eckhardt
THEOREM
3.1. With the notations introduced above we have ex)
F*(x) =
L
res,= -iG*(s)x-•).
j=O
SKETCH
OF PROOF.
Using methods similar to those developed in Section 1 one proves
for N EN. Then we use the functional equation f(s+ 1) = s · f(s)
.
I
to show that for even N
If
(p-1)/2 and n(/31 + I)< p. Here we must have m({J1 +1)~p because m(f31+1)>p would imply that n(f31+1)>p since n > m. Similarly, we know that (p-I )/2 < n(/31 +I) because n(/]1 + I) ~ (p-I )/2 would imply that m(/]1 +I) < (p-1 )/2 since m < n. Altogether these facts yield
{m(f31+ I)} P - { n(/31 + I) }P = (p- m({Jj + I))- (p- n(/31 +I)) =
(n-m)(/]1 + I)> 0.
_CASE 4. m(/]1 +I) > (p-1 )/2 and n({J1 +I)> p. Here it follows that m(f31 +I) ~ p for otherwise m(/31 +I)> p would imply that (m+n)(/11 + I)> 2p which contradicts (•). Also we must have n({t1 + I)~ p+(p-1)/2 since otherwise n(/]1 + I) > p + (p-1 )/2 would lead to (m + n)(/]1 + I) > p +(p-I) and hence to
The Rank of the Demjanenko Matrix (m+n)(/Ji+l)~2p,
61
which again contradicts (•). Therefore, by virtue of (•), we end up
with
{m(Pi+ l)}p-{n({Ji+ I)]P
= (p-m({ti+ 1))-(n(/Ji+ 1)-p) = 2p-(m+n)((Ji+ l) > 0.
By definition of e1 , this establishes the proof of Lemma 2. The above construction produces a submatrix of D of rank to find an estimate for the cardinality of the set B. LEMMA
3. The set
B
={P
3, ...,
~
#B. It remains therefore
=[P ~ 1Jfor =3, 4..... 2}
/Jp- 2 I Pj
p-
j
has cardinality #B ~ 2[JP]-3. PRooF. For any j E {3, 4, ... , p- 3}, let us consider the difference
p-1 j
p-1
-
p-1
J+T = j(j+l)·
There are two possible cases. CASE
I. j(j+ I)> p-1 and thus
~~~ ~)] = 0. Let j 0 E { 3, 4, ... , p- 3} denote the minimal value of j satisfying j(j + I)> p- I. Then j0
={
[f] }according as [JPJ([JP] + l) {>}p-l. ~
[yP]+l
Using the hypothesis j(j + l) >p-I and the properties of the symbol [ ]. one derives in this case for the difference the possible values
[p~ I]-[~: II]={~}· Therefore, each value from
Pp-2
=
[p-1]
p-2 = I
is assumed in B as we see by looking at the growth of
in steps of I as j ranges over the values p-2, p-3 .... ,j0 . Hence, in this case we get at least [JP] different values in B.
62
H. G. Folz and H. G. Zimmer
CASE
2.
j(j + I) ,;;; p- I and thus
J
p-1 · - >-1 [ jU+I) 7 .
Here we conclude that
[p-1] [p-1]
----->-1 j j+l 7 .
Therefore. in this case all the values {t 3 , {t 4 ,
... ,
{310 _ 1 are distinct and we get another
3} d"fti [.jP]I . B accord.mg as Jo . r: 1 erent va ues m { (yp]-2
= { (yfp] r:
[yp]+l
}.
On combining these two cases we end up with the asserted estimate
#B =
[,/pJ+ {[~]- 3 };:, 2[./P]-3. [yip]-2
Thus Theorem 2 is established.
4. Application to Elliptic Curves In Folz ( 1985) the first author proved the boundedness conjecture for the torsion group of a 2-deficient elliptic curve E over an algebraic number field K: If pis the prime order of a torsion point on E over K, then p ~ C(K) for a bound C(K) depending only on the ground field K. Here an elliptic curve over K is called 2-de.ficient if it is given by an equation of the form y 2 = x(x 2 + a 2 x + a 4 ) with integer coefficients a 2 , a4 in K such that both a4 and a~- 4a 4 are squares of integral divisors of K. The bound C(K) can, iri. fact, be made more explicit. Suppose that E has semi-stable reduction at all finite places of K and has multiplicative reduction at the finite places dividing 2. Assume, furthermore. that the given torsion point of order p and all its multiples have integer coordinates in K. Let R denote the rank of the elliptic curve y 2 = x 3 - x over a certain finite field extension L of K depending only on K. Then we obtain the ""explicit'" bound (see Zimmer, 1986)
p,;;; C(K)
= 22x"(Jx)R+1.
if p is a non-exceptional prime, and p,;;; C(K) = 2zx"(3zR•l-lxR+I),
if p is exceptional. Here u stands for the number of infinite primes of L and x designates a constant depending only on K. This shows the significance of the distinction between exceptional and non-exceptional primes. It is actually this boundedness theorem in connection with which the problem of the rank of the Demjanenko matrix arose. ·The above bound with respect to exceptional primes p, which corresponds to the worst case, was derived on the basis of Theorem I. It would, therefore, be desirable to sharpen this theorem as follows:
The Rank of the Demjanenko Matrix
63
I. The rank of the Demjanenko matrix DA with respect to an arbitrary prime p and any subset A s;; P of cardinality k satisfies
CONJECTURE
rkDA ~ cfi with a constant c not depending on p.
If true, Conjecture I would improve the above worst-case bound (cf. Folz, 1985,
_p. 76) to
Of course. it would be important to determine the exceptional primes in the sense of the above Question 2. They are expected to occur only rarely-as Table I shows. But for them one should strengthen Theorem 2 as follows.
2. The rank of the Demjanenko matrix D = DA with respect to an arbitrary prime p and the maximal set A = P of cardinality k = (p-1 )/2 satisfies
CoNJECTt.:RE
rk D >-p-I -c :>-
2
with a constant c not depending on p.
If true. Conjecture 2 would almost yield the optimal bound obtained above in the case of non-exceptional primes, viz. p~ C(K) = 2 2 x"3'"(3x)R+t,
but this time for all primes p, exceptional or non-exceptional. It would be most desirable to prove Conjecture 2. but this seems to be a rather difficult task. There appears to be a better chance to establish Conjecture I instead. To this end. it might be more promising to use the submatrix D'A instead of the Demjanenko matrix DA itself because D'A is easier to handle. In any case, and independently of this relationship to elliptic curves, it would be interesting to answer the above questions 1-3. We wish to thank the referees for some valuable hints and for the suggestion to include some examples.
References Folz. H. G. ( 1985). Ein Beschriinktheitssatz fUr die Torsion von 2-defizienten elliptischen Kurven Uber a1gebraischen Zahlkiirpern. Dissertation, Saarbrlicken, 1985. Zimmer, H. G. (1986). Zur Arithmctik der elliptischen Kurvcn. Bcricht Nr. 271 ( 19X6) dcr Mathematisch· Statistischen Sektion in der Forschungsgesellschaft Joanneum, A-8010 Graz, Austria, Steyrergassc 17.
Appendix
In conclusion. we display here three examples of the enlarged Demjanenko submatrix (Figs 1-3) D' = D'(p) = (t:j(m))m;2 ..... p:i= u ..... p-1 and two examples of the ordinary Demjanenko submatrix (Figs 4 and 5) D'
=
D'(p)
= (l>i(m))m ~ 2... lr+ 1),2., = 1.2.
..lp-1).2·
64
H. G. Folz and H. G. Zimmer
To make the distribution pattern of ones and zeros more transparent, we have replaced 1 by an asterisk and 0 by a hyphen. Recall that p = 29, 113 and 163 are exceptional primes, whereas p = 31, 61 are non-exceptional.
m\i
2 3 4 5 6
f I
•
f
'
I
• ' I
7
8 9 10
I I
11
I
•
"'
12 I 13 I
•
*
14 I •
15 16 17 18 19
I
•· '.
I I
•
I
•
I
•·
lll·
I
·•
I I
f
20 21 22 23 24 25 26
27
I
I
-
I I I I I
-
28 29 I rk D (29) = rk D' (29) = 11
Fig. I. p = 29.
m\i
2 3
I I
5 6 7 8 9
f
•
•·
•·
4
*
t
l•f·l·+-••--•--•--••-•*-••--·-- t-- , . -. ' - l.f -- f-- t
52 ! f--t--f--f--ff-:1+-+t-:1-:t--:t--t--+--++- H-ff-H--+--t-
-f ..... · - · · - - I --1--- I ·-
II-'~
53 I r-t--•--+---t--+---•--H--t+--+t-f+--t•-*•-f.ll'--f --•·-t-- ~- -t-·• · - »- •-•• -• •- t•-+J -••-•• 54 I :1--·~-t--+--t-+-:t--f--f--J.--•--•-•--t --•--•-55 I +-t+-+f•t-t--t•··U-fol-f+-+f--tt-t•-t-t--tf.-++- 1 ·-- t-- -•--.o.--t -~•- , - -+ .• , -- ,._ -• __ .,. __ , __ ,..
-·--I--·--·--.--.... ., __ , .• -- ,. __ ·-
56
!t•-tf---ff-f'f-1-t--ff--1---f--+--f--•+---t--t+•ff•t
72 I t-t-+-t--:t-t-t-•-+-+-•-••-•-•-•-,.-t-+--t--f--r-- ...-t-t--1-+-,.- •. -•- •.• - • •- •73 11--t-rt-••-•-t-t--t--t-•-•-•-- t-t-f--+ -*•- •- •- • -u- :- -..,-'-. •. 'M x • ·,' ., -~-' ,,_, -+ 74 lf'-f'-f-f•f--...-f-•-:t·f--:t-f-+-+-f·-f'• .. -:t-+•-f---t- t • f • f ·t•· I· t • f • ·~- t• ~- ~- f---f-:t • 75 lt-J--f-f-f-t--1-f-•-t-f·:l---:1--f-f•f -1-ofl- +-+-t -.f-f· H·f-1· I· I· .. · I · C· ¥ • 1--+-t--f- +·• 76 I f-t-f-t-+-t-f--1-f-+-f-f-f--t---•-•-,. +-1-1' _, --t _,._ ~ -·- f-•.' .,. . ·- ~ ' .• - 1--· -·-·-
1
0 ". •
4
17 I +-f'-·-·-·-·-·-·-·--1--+-f-f -•-+-+-• -~ ·-~--~- +-+-•-• -f- 1-~ '.I 78 1•-t·t-+-t-•-•-•-•-,-t-+t-t-f-+-t-r-•-•-•-, • •• ~-•-•·t·l
79 80 81 82
lf·t-f.-f--f-1-f-t-*·f-•-~-+-f~f-1-·f··l-t-•·~-+
I •-•-•-+-+-•-•-·-·-·-·-·-•-+-•-·-·-,.-flo- f
~ t-
~-t-1
~ ':1· .. - ~- • - .. -
·-~
~-·-~
,.,.,.~·l·c-v-
I. • ·-.- k- ~-.I
•I-' .
1- t·
ric 0 (163)
1-•-
~
rk 0' (163)
~
79
Fig. 5. p
=
163.
•-•
1
1--t-1·•-4
t - f - - t - f -~ -4
1*-+--t·t--t-•-•-t-t-+- t-.f-f-.f- .. -t-f-f-4 -f-1- ~ -+- •-~-~- l · +··I· t • ~ • •- ~- ~1-+-+-f-f•f-+-+- f-+ -f-f-t-f-•-t-t-1-+-f-f-- •-~-f--if · t _,_,. -•-+ -f •
I
u- f-f-'1" .•
·~··-•-•-~-•-
•-~-•
I
-I · t -
--t-+- ,__ • · t
_,. - ... - J-• -~- t-
I I
J. Symbolic Computation (1987) 4, 69-75
The Construction of Maximal Orders Over a Dedekind Domain DAVID J. FORD Concordia University, J'v!ontreal. Quebec, Canada
Introduction Suppose R is a complete local Dedekind domain with quotient field F, and let /(x) be a monic polynomial in R[x] having non-zero discriminant. We present here a new algorithm to construct the maximal order of the algebra A 1 = F[x]/f(x)F[x]. The new algorithm incorporates ideas of Zassenhaus (1975, 1980) concerning P-adic stability and the algebraic decomposition of A 1 . We show that it is always possible either (i) to construct an integral element :x in A 1 such that the order R[:x] is maximal. or (ii) to facto rise f(x) properly in R[x], say /(x) = / 1(x)/2 (x), so that A 1 and A1 , El1 A 12 are isomorphic F -algebras, and the maximal order of A 1 is obtained readily as the sum of the maximal orders of A h and A h'
Experimental evidence with deg (/) = n ~ 15 indicates an improvement by a factor of O(n 12 ' J in c:x.:cution time over the "second round" algorithm of Zassenhaus ( 1967, 1972).
Definitions n is the degree off Pis the unique prime ideal in R. R =RIP is the residue class field mod P of R. L': F--+ 0 u {oo} is the additive P-adic valuation of F. n is an element of P with v(n) = l. p is the characteristic of R. f\1 0 = N u {0} is the set of non-negative rational integers. ~ indicates F-algebra isomorphism. For g(x) e R[x]: (i) d(g) is the discriminant of g(x): (ii) g(x) is the image of g(x) in R[x]. For a e A1 , Jl«(x) is the minimal polynomial of a over F. We say a e A1 is "primary" if ex is integral over R and ji,(x) is a power of an irreducible polynomial in R[x]. If a is primary, v«(x) denotes a monic polynomial in R[x] such that v.(x) is the unique irreducible factor of ji«(x) in R[x]. For a E suppose tt,(x) = x'"+c 1 x"'- 1 + ... +em. Then we define
A,.
I
0747-7171 87 040069+07 $03.00 ll
.
v(c·)
"'i"'m
J
mm -.1- .
v*Cx) =
,. I 9X7 Academic Press Ltd.
70
D. J. Ford
So v*(a) is the slope of the initial segment of the Newton polygon of f.l.(x). (See, e.g., Weiss, 1963, Section 3-1.) We define: Sf
= the
Of= [a
order R[x]/f(x)R[x]; Aflv*(a) ~
E
0}
=the maximal order in Af; and J 1 ={a e A 1 1v*(:r:) > 0}.
,
Let f(x) =
f1 /;(x)
be the complete factorisation of f(x) into (necessarily distinct)
j= I
irreducible factors in R[x]. Then Ei = F[x]/Jj(x)F[x] is an algebraic extension field of F for 1 ~ j ~ r, and Af ~ E 1 El1 ... E9 E,. If ai is the E./component of a, then
,u,(x) = LCM f.l. (x). l~j~r
v*(a) =
Furthermore
(see
Weiss.
1963,
proposition
3-1-1),
J
min vir:xi), where vi is the unique extension of v to Ei. For a, 1 ~j~r
f3 e A1 , the
following are direct consequences of the properties of r: (i) :x e F = r*(a) = v(a); (ii) t•*(a+ /3) ~min {v*(a), v*(/3)}, with equality when v*(a) =/= v*(f3); (iii) r*(Y.fJ) ~ r*(:r:)+v*(fi), with equality when a or f3 lie in F; (iv) v*(a•) = sv*(a) for s E 1'>.1 0 .
For primary :x, f3 it follows that
> 0 => l·,(x) = x; r*(:x) = 0 v*(:t{3) = 0; P*(a- /3) > 0 => v,(x) = v11(x); R[a],Jf is a tield, and v,(x) is the minimal polynomial of x+Jf over R+Jf.
(v) r·*(a)
(vi) (vii) (viii) (ix)
Criteria for Maximality From (Berwick, 1927) we have the following criterion for the maximality of the order Sf= R[x]jf(x)R[x]:
S1 is maximal 0. In 1975 Zassenhaus gave an equivalent criterion, better suited for computation: Determine monic / 1,f2 ,f3 , f 4 e R[x] such that]', is the square-free part of ]JJ2 =], = GC D(],, ] 2 ). ]f ] 4 =], and set h = (f- If / 4 )/7t. Then Sf is maximal-= h and ] 3 are relatively prime.
] 3
We call a
E
Af a "Berwick Element" if
(i) a is integral, and (ii) deg (p.) = n, and (iii) .U.(x) is square-free.
If a is a Berwick element of A f• then the order R[a] is maximal, by the Berwick criterion.
Maximal Orders Over a Dedekind Domain ~
e A1 an "Eisenstein Element" if ~ is primary, and deg (l'a) < n, and deg (p..) = n, and v*(v,(~)) = deg (l'a)/n.
We call (i) (ii) (iii) (iv)
7I
The order R[~J is maximal if~ is an Eisenstein element. To see this. let k = n/deg (v,), and seth= (p.,-l'~)/7t. Then v*(v.(:x)) = 1/k, and v*(h(:x)) = 0. so ~·.is not a factor of h. and R[cx] is maximal by the Zassenhaus criterion.
Algebraic Decomposition Let a= t•(d(/)). and let ~ = x +((x)R[x]. In his proof of Lemma 3 Zassenhaus ( 1975) shows how, given b > a and g(x) e R[x] with deg (g) < n, to construct a P-adically convergent sequence such that
= cp = cp = ... = cp(mod Ph[~]). so = R[cp 1] = R[cp 2 ] = ... = R[cp], and, setting f* = f+7ta+bg, (i) ~
1
2
that
R[~]
(ii) f*(cp) = 0, so that A 1 = F[~] = F[cp]
~
Ar.
=
Since ~ cp(mod Ph[~]). (hC;)-h(cp))/7tb must he integral for any htx) E R[x]. Consequently, h(~)/7tb is integral if and only if h(cp)/7tb is integral. Because rr"O 1 s;; R[~]. an integral basis for 0 !*• expressed as polynomials in cp, can immediately be rewritten in terms of~ to give an integral basis for 0 1 . In (Zassenhaus, 1980) it is established that it suffices to choose a+ b > r(d(j)) for the F-algebras A1 and A r to be isomorphic. Therefore in what follows, as in (Ford, 1978). we take a +b = v(d(f)) + 1. (This bound can in fact be improved further by using the "reduced discriminant"; see (Zassenhaus, 1984).) Suppose a non-trivial approximate factorisation
f(x) is known, with
f 1 (x), f 2 (x)
=f,(x)/ (x)(mod 2
pv(dCfll+ 1 [x])
e R[x] monic and necessarily relatively prime. Then A 1 ~ Ar. 12 ~ A 11 EBA~z
so that an integral basis for A 1 is known as soon as integral bases for A1 , and A" are known. Let ~be a non-primary integral element of A 1 . We can determine h" h2 , a 1 , a 2 e R[x], h1 and h2 monic, deg (a 1) < deg (h 2), deg (a 2) < deg (h 1), such that ii.(x)
= li,(x)hix)
and a,(x)h,(x)+iiix)h2(x) =
T.
For j =I, 2 we set ei = a/':x)h/:x) and perform the refinement ei
+-
3eJ- 2ej
72
D. J. Ford
repeatedly until no change in ei occurs modulo pv
(i) Iii) (iii) (iv)
D9 = deg (v 9 ) N 9 = deg (p 9 )/Do 80 = 8 0 1 = v9 (8)
(v) r*(0 1 ) = L 9 jM 9, L 9, .\1 9 E N 0 , relatively prime (vi) r9 Ln-s 9 .\19 =I. r,1• s9 E N,J (vii) &2 = 1)'1! n:'", so that r*l{l 2 ) = 11 ,\.-1 9 •
e
The initial choice for a is = x+ f(x)R[x]. Should an element 8 E 0 1 be encountered with D8 j D, then, assuming :x + 8 is primary, D,+ 9 =LCM(D,,D9 )>D,. and a is replaced by :x+O. Should an clement tJE0 1 be encountered with M 9 j M"" we choose a, b, c E N 0 such that a.\-l,+b:\-1 9 -c = GCD(M.;M 9). Then
I (otherwise a would be a Berwick element) and M,. < N. (otherwise a would be an Eisenstein element). From the inclusion Y0 1 0. and so we immediately replace =t with =t +I. Then v*(at) = 1/2, soL.= 1, M. = 2. We set f3 = a~j2 = W2 .. Then Jl.,(x)
= x 4 -x 2 = x 2 (x 2 -l)(mod 2),
so [3 is not primary. Again we construct approximate idempotents,
e5
= ( -793620a
3
+9801a 2 +421584a+ 287472)/2, and
e6 = l-e 5 . The resulting approximate factors of / 2 (x) are
f 5(x)
=
/ 6 (x) =
x 2 +345960x+90558 and x 2 +185104x+89968.
We find that f 5 (x) = x 2 (mod 2), and that / 5 (x) satisfies the Zassenhaus criterion. Therefore a ll.z-basis for O!s is I, 5 • We likewise find that f 6 (x) = x 2 (mod 2), but in this case the Zassenhaus criterion is not satisfied. We set a = ~ 6 +I, since v*(~ 6 ) > 0. We find v*(a 1 ) = 2, soL.= 2 and M. =I. To reduce L. to 1, we replace :x by :x0 +:x 2 = (3e 6 +2)/2. We now have L. = 1 and M, = I.
e
Maximal Orders Over a Dedekind Domain
75
We set f3 = rx 2 /2 = 3~ 6 /4. We find v*(f3) = 0, and L11 = M tJ = I. We set y = [3, and so L 1 = M 7 = I. We computer= 10, and set 6 =/',reduced modulo l 2 [:x], giving v*(f3). We replace f3 with 6- y = (- 3~ 6 + 12)/4. Now v*(f3) = I, and L 11 = M 11 = I. We set y = 16869{1/:xt, which becomes (-3~.,-4)/8 when reduced modulo 2l 2 [~ 6 ]. It now occurs that vy(x) = x 2 - x-I, while v.(x) = x- 1, so that DJD,. Accordingly, we replace :x with :x+y = (9~ 6 +4)/8. Now p., = x 2 + x +I, and l 2 [:x] is 2-maximal by the Berwick criterion. We have determined that I, (9~ 6 +4)/8 is a l 2 -basis for 0 1 •. Using e5 and e6 and the Z 2-bases for Ofs and 0 16 , we obtain the following 1 2 -basis for 012: I, ~ 2 • ~~/2. (~~+4.;~-2.; 2 +8)/16. Finally, we use et and e2 and the bases for 0 1 , and 0 12 to construct a Z 2-basis for 0/ I,~.
e.
~3. ;2,
(~ - 3~ -~ 4 - 5.; 3 -6.; 2 +6.; +8);16. 6
5
Experimental Results The new algorithm was compared with the "Second Round" algorithm of Zassenhaus (1967: Ford, 1978), using as test data a set of 624 monic, irreducible polynomials with rational integer coefficients, of degrees 3 through 15, inclusive, with S1 = l[x]jf(x)l[x] non-maximal in each case. Each algorithm was programmed in the ALGEB language (see Ford, 1978) and was run on a Digital Equipment PDP-11/10 computer with 64k bytes of memory, under the RT-11 operating system. Using the least squares method to fit a line to the set of points (deg (j), log (r)), where r is the ratio of execution times for the two algorithms, we found the line to have slope 1.21, and to cross the x-axis at n = 9. From this evidence we conclude that the new algorithm is generally preferable when deg (j) > 9, and we conjecture that the average ratio of execution times for the two algorithms is approximately O(nt- 2 t).
References Berwick, W. E. H. (1927). Integral bases. Cambridge Tracts in Mathematics and Mathematical Physics, No. 22, Cambridge. Ford. D. J. (1978). On the Computation of the Maximal Order in a Dedekind Domain. Ph.D. Dissertation, Ohio State University. Weiss. E. (1963). Algebraic number theorv. New York: McGraw-Hill. Zassenhaus, H. (1967). Ein Algorithmus zur Berechnung einer Minimalbasis tiber gegebener Ordnung. In: Funktionalanalysis. pp. 90-103. Basel: Birkhiiuser Verlag. Zassenhaus, H. (1972). On the Second Round of the Maximal Order Program. In: Applications of number theory to numerical analysis. pp. 398-431. New York: Academic Press. Zassenhaus, H. (1975). On Hensel Factorization, II. Symposia Math~matica. Volume XV, pp. 499-513. London: Academic Press. Zassenhaus. H. (1980). On Structural Stability. Commun. A/g. 8, 1799-1844. Zassenhaus, H. (1984). R. Land's Ver(einerung des D. Ford'schen Ordmax·Af!(orithmus. Manuscript. Saarbrucken. 1984.
J. Symholic Compulalion ( 1987) 4, 77-82
Deterministic Irreducibility Testing of Polynomials over Large Finite Fieldst ERICH KALTOFEN Rensselaer Polytechnic Institute, Department of Computer Science, Trov, New York 111 ~I and ,\fathematical Sciences Research lnsJilute, I 000 Ct'nrennial Drive, Berkeley, California 94720, U.S.A.
We present a sequential deterministic polynomial-time algorithm for testing dense multivariate polynomials over a large finite field for irreducibility. All previously known algorithms were of a probabilistic nature. Our deterministic solution is based on our algorithm l"l1r absolute irreducibility testing combined with Berlekamp's algorithm.
I. Introduction Berlekamp ( 1970) first showed how the factoring problem for univariate polynomials over l.trge tinite fields could be solved in polynomial-time by introducing random choic.:s. How.:ver, already Butler ( 1954) had established that the determination of the number of factors in polynomial-time does not require random choices. Although great effort has been spent in the last fifteen years to remove the necessity for random choices for the factoring problem (cf. Zassenhaus, 1969; Shanks, 1972; Moenck. 1977; Cantor & Zassenhaus, 1981; Camion, 1983; Schoof, 1985; Huang, 1985; ~on zur Gathen, 1985; Adleman & Lenstra, 1986), the problem remains in general unresolved. Only within the last five years has it been shown that for multivariate polynomials probabilistic polynomial time solutions exist as well (cf. Chistov & Grigoryev, 1982; von zur Gathen & Kaltofen, 1985; Lenstra, 1985). However, in the dense representation case thes.: results did not quite parallel the univariate factorisation theory. The reason was that all the algorithms known needed to factor a univariate polynomial in order to determine irreducibility and therefore were not deterministic. Here we present an algorithm that tests dense multivariate polynomials over large finite fields for irreducibility in deterministic polynomial time. Contrary to most univariate deterministic factoring results, our solution is not subject to any unproven mathematical conjecture, such as the Riemann hypothesis. We have observed (Kaltofen, 1985a) that absolute irreducibility of multivariate polynomials over large finite fields could be decided in polynomial time. Here we essentially modify the algorithm presented there to solve the problem of irreducibility over the field itself. It comes as a small surprise that irreducibility can be related to absolute irreducibility. Absolute irreducibility is a purely rational question, that is it can be decided by field arithmetic alone (Noether, 1922), whereas irreducibility over certain constructive fields can be shown undecidable (Frohlich & Shepherdson, 1955). Our solution, which t This material is based upon work supported by the National Science Foundation under Grant No. DCR85-04391 and by an IBM Faculty Development Award. Part of this work was done while the author was visiting the Tektronix Computer Research Laboratory in Beaverton, Oregon. 0747-7171 S7 040077 + 06 5!L1.ll0 0
('l
llJS7 Academic Prl!ss Ltd.
78
E. Kaltofen
makes use of the Butler-Berlekamp Q-matrix construction seems to establish this relationship only for finite fields. It is therefore very special and does not contradict the differences of the problems known for arbitrary fields. In this paper we restrict ourselves to bivariate polynomials. It is fairly easy to generalise our algorithms to dense multivariate polynomials, see e.g. Algorithm 2 in Kaltofen (1985b). Notation: !Fq denotes a finite field with q elements; degx(J) denotes the highest degree of x infe!Fq[y, x] and deg(J) the total degree off The coefficient of the highest power of x in f. a polynomial in y, is referred to as the leading coefficient off in x and will be denoted by ldcfx(/). We calif monic in x if ldcfA/) is the one of IFq. By F[[z]] we denote the formal power series over Fin z.
2. Previous Results Needed We now discuss several facts needed in the deterministic irreducibility test. First we observe that the input polynomial fe 1Fq[y, x] can be assumed monic in x and .flO, x) can be assumed squarefree. The preprocessing necessary to enforce these conditions is dis~ussed, e.g. in Kaltofen (1985b), §4, or in Kaltofen ( 1985a), §2. Notice that the translation necessary to make f(O, x) sq uarcfree requires q
~
2 degx(f) degy(f).
We can also assume this because otherwise even the factorisation problem in 1Fq[_\'. x] can be solved in deterministic polynomial time, cf. von zur Gathen & Kaltofen (1985). §4.2. It should be also noted that the monicity requirement can be at all avoided by slightly changing the algorithm along the lines of von zur Gat hen & Kaltofen ( 1985), Remark 2.4. An even simpler way to get monicity than the methods referred to above would be to translate the original polynomial asf(x, y+bx) for a suitable be fq, see Kaltofen (l985c), Lemma 6.1. We could also have restricted ourselves to q being a prime since the algorithm in Trager ( 1976) can reduce the problem of irreducibility testing over algebraic extensions to that of irreducibility testing over the base field in deterministic polynomial time. However, this restriction does not simplify our proofs but would drastically increase the complexity of the complete algorithm. We now outline the basic algorithm from Kaltofen (l985b) for testing multivariate polynomials for irreducibility. We will not prove the correctness of this algorithm here but refer the reader to Kaltofen (l985b), §5, for more details on the algorithm and the necessary arguments. ALGORITHM l
[Givenf(y, x) e F[y, x] monic in x,f(O, x) squarefree, Fan arbitrary field, and given an irreducible factor t(z) of /(0, z) in F[z], this algorithm determines irreducibility off over F:] (~) [Compute approximation of root in G[[y]], where G = F[z]/(t(z)):] n ..... degx(f); d +- degy(/); k +- (2n- 1)d; a0 i>Drs of degree one and therefore is a rational function field. A generating function x of Lover Q will be determined up to rational multiples by (x) = d'3 . 2 · .:J.~~/. In the splitting field k(t) of? with (k: Q) = 2 the divisor? splits into the product of ;; 1 and ft2 , and the following equalities of divisors hold: 1t i-..-
=
(t+w),
ft3
~2 =
;,3
(t-w),
with w 2 = n
E
Q.
In f.:= kL over k(t) the two divisors of 'l split further to
-ft; = &t 1 · j}~ 2 · ~- 3 for i = l, 2.
f.
Let ...ffJ3 .i be a _prim~ divisor of 9 3 .J in Then rational nuElben!_ ex, /3, y and b are determined by .1\. 1 · .-!1'3 ~ 11 = (x +ex), Jli1. 2 · &3 ~/ = (x + /3) and dl'1, 3 • .~3 ~ 12 = (x 2 + yx +b). Writing -: k-> k, Kr->K for the generating automorphism of kjQ we have #2.1.;;3~/ =(x+cx)=(x+i), !)2 _ 2 .;;3 ~/ =(x+~) and .#2 , 3 ·Ji3 ?=(x 2 +yx+b). This leads to (t +w )
_ }. _ :Jt.t ·!}f. 2 · &iu _ ((x +ex) 4 (x + f3) 2 (x 2 +yx +b)) &6 . 92 2 fiJ 3.1 3,2 X
--=--
and the equation of divisors conjugate to this in [jL. So there exists '1 2
4
2
E
kx with
2
x (t+w) = '1(x+a) (x+f3) (x +yx+b)
x 2 (t-w) = i;(x+2 . 3 ((x+K) 8(x+i.)4(x+p)) (t+w)=~=-2 = 2 jt 1 .:3'~, 1 ·91 , 2 ·&'1 • 3 p(x)q(x) and the conjugate of it in
L;L.
By the equality of divisors there exists a 11
2
p(x) q(x)(t + w) = 11(x +
K)
8
E
k x with
4
(x + J.) (x + p),
p(x) q(x)(t- w) = ij(x + K) (x+ l) 4 (x + p). 2
8
(1)
Eliminating t from (1) yields the polynomial identity in X 2wp(X?q(X)
= 11(X + K) 8(X +A) 4 (X + p)-ij(X + i() 8 (X +l)4 (X + p),
(2)
showing 11 = ij. Subtract equation (2) differentiated with respect to X multiplied by p(X)q(X) from (2) multiplied by 2p(X)'q(X)+p(X)q(X)' to get u 7 v3 (uvw(2p'q + pq')- pq(8vw+4uw + uv))
= u 7 i?(uvw(2p' q + pq')- pq(8vw + 4uw + uv))
(3)
Polynomials with Primitive Galois Groups
!!9
with u = X+ K, v = X+). and w = X+ p. The divisors .J~. 1 · Jt 2 and &~. 1 · ,}~. 2 do not have a common factor, so neither do u 7 v3 and u7 ii 3 • So (3) may be divided up into u 7 v3 + uvw(2p' q + pq')- pq(8vw + 4uw + uv) 7 3
ii ii
= o.
+ uvw(2p'q + pq')- pq(8vw+4uw+uv) = 0.
Comparison of coefficients leads to a system of twenty nonlinear equations in fourteen unknowns. Because x was determined only up to linear substitutions, we may choose ;, +A: = 0 and (as K + K: = 0 does not give a solution) K + K: = 4. The resulting system of equations has exactly two solutions in k = O(j=2), which were found with the algorithm in Malle & Trinks (1985); with()= ±vt='2 they arc 11 3 = -l !lz = 4. Jlt = -8, Jlo = -¥. v3 = 16, v 2 = 72, v1 = 128, v0 = 188, K = 2+3(), ..1. = -IJ and p = -20. Now t may be fixed by setting 17 = I. THEOREM 4: The splitting field N of the polynomial f(X, t) = X 13 + 16X 12 -132X 11 -2016X 10 -9060X 9 -43776X 8 -144096X 7
-377088X 6 -l015056X 5 -1743616X 4 -3388480X 3 -3177984X 2 -3311040X +989184-t(3X4 -4X 3 + 12X 2 -24X -68) 2 (X'l+ 16X 3 + 72X 2 + 128X + 18S) has the Galois group PSL 3 (f 3) over O(t) and ramification structure '6"* = (C 2 , C8 • C'8 )*.
CoROLLARY 3: The polynomialf(X. r) has the Galois group PSL 3 (f 3 ) over Qjor all values r E l with
r
=I
(mod 385).
PRooF: The Galois group of f(X, r) is isomorphic to a subgroup of Gal(f(X, t)). For r I (mod 385) the polynomial j\X. r) has the factorisations
=
}{X. r) =(X +6)(X 4 +5X 3 +4X 2 +3)
(X 8 + 3X 7 + 3X 6 + 6X 4 + 4X 3 + 4X 2 +I) (mod 7), f(X, r) :=(X+ I)(X 3 + 5X 2 +9X + 8)(X 3 + 5X 2 +4X + 3)
(X 3 +3X 2 +5X+7)(X 3 +4X 2 +2X+9) (mod 11), and remains irreducible modulo 5. So Gal(!( X. r)) contains elements of orders 3, 8 and 13 and is isomorphic to PSL 3 (f 3 ). • 4. Transitive subgroups of S6 as Galois groups Apart from A 6 and S 5 , the symmetric group S6 on six symbols possesses two further maximal subgroups; these are G7 2 (imprimitive on two sets of three symbols each) of index ten and G48 (imprimitive on three sets of two symbols each) of index fifteen. Clearly by the result of Shafarevich these solvable groups are known to occur as Galois groups over the rationals. Here polynomials of degree six with corresponding Galois groups will be given. In Matzat (1984), Lemma 6.1, the existence of a regular field extension NjQ(c) having Galois group S6 and ramification structure '6"* = (C 2 , C5 , C6 )* was proved. Denote by L 0 the fixed field in N of an intransitive subgroup S5 in a permutation representation of S6 of degree six. In Matzat ( 1984) L 0 was shown to be a rational function field and a generating
90
G. Malle
trinomial of degree six for N/O(t) was calculated. The outer automorphism of S6 transforms f(f* into~!= (C2, C 5 , C~)* where C2 and C(; contain elements of cycle shapes (2, 2, 2) and (3. 2. 1) respectively. The fixed field L 1 of a transitive subgroup S 5 in S6 is a rational function field. Using the primitive permutation representations of S6 of degrees ten and fifteen in Sims ( 1970) and Satz B in Malle & Matzat ( 1985) the fixed fields L 2 , L 3 of subgroups G72 and G48 are seen to be rational function fields, of degrees ten and fifteen over Q(t). So with the methods of the preceding sections generating polynomials of degrees six, ten and fifteen for N/O(t) may be calculated. THEOREM
5: The splitting field of each of the four polynomials
fo(X. T) = X 6 -6X 5 + T,
f 1(W, f 2 (Y, f 3 (Z,
T)
=
W6 -120W 5 +64(W+8) 2 (W+5)T,
T) = (Y 2 -14 Y +4) 5 -27(Y -16)Y 3 T. T) = (Z 2 - 4W -l}{2Z + 15) 2(Z- 6)(Z 2- 2Z- 15) 3 T
zs
is tqual to N and the orders of ramification in the ramified places oo, 0 and 5 5 are 6, 5 and 2 respectively.
PRooF: The polynomial f 0 (X. T) is obtained from f(x. t) in Matzat (1984) by the
transformation X:= 5x, T := 5 5 t. The remaining three polynomials are calculated along the lines of the first three sections, with only the last case leading to a moderately complicated system of nonlinear equations which can be solved with the algorithm of Malle & Trinks ( 1985). • We can now find trinomials having Galois groups PGL 2 (f 5 );;:;:: S5 , G72 and G48 • For this let w, y, z be zeros inN of f 1 (W, T). f 2 (Y. T), f 3 (Z, T) respectively. So without loss of generality L 1 = Q(w). L 2 = Q( y), L 3 = Q(z) and we have:
... THEOREM
6: (a) N is the splitting field over Q(w) of
s w5 (w-120) 6 gt(X, w) =X -6X - 64(w+8)2(w+ 5) and has the Galois group PGL 2 (f 5 ) and the ramification structure~!= (C 2 , C 3 , C 5 • C6 )*. (b) N is the splitting field over Q(v) of g 1(X, v 2 -5)
E
Q(v)[X]
with the Galois group PSL 2(f 5 ) and the ramification structure~~= (C 3 , C 3 , C 3 , C 5 , C 5 )*. (c) The splitting field N of the polynomial 6 s (y2-14y+4)s gz(X, y) =X -6X + 27( y-16)y3
has the Galois group G72 over Q(y) and the ramification structure ~: = (4 · C 2 • C2, C 6 )*. · (d) The splitting field N of the polynomial
(X
g3
4z5(z2-4W ) - x6-6xs 'z + 27(2z+ 1W(z-6)(; 2 -2z-1W
Polynomials with Primitive Galois Groups
has
the
Galois
G48
group
over
Q(:)
and
the
ramification
91
structure
~~ = (3 · C2 , 2 · C'z, C 3 , C 6 )*.
(e) N is the splitting field of
giX, 3(5u 2 -l)/(3u 2 +I)) e Q(u)[X] over Q(u) with the Galois group Z 2 x A 4 = (6 · C2 • C 3 • C 3 , C &• C&)*.
~ G24
< G48 and ramification structure
~t
PRooF: By definition Q(w), Q(y), 0(:) are the fixed fields of PGL 2 (1F 5), G72 and G48 in NjQ(t), so the polynomials in (a), (c) and (d) may be obtained from Theorem 5. The precise ramification in LJQ(t) yields the stated ramification structures. The fixed fields of PSL 2 (1F 5) ~ A 5 in N/L 1 and of G24 in N;'L 3 turn out to be rational function fields Q(v) and Q(u). So generating equations for NjQ(v) and NjQ(u) may be calculated from the ones for N/L 1 and NjL 3 as in the case of PSL 2 (1F 11 ) in section 2. • CoROLLARY 4: (a) The polynomial g 1 (X, w) has the Galois group PGL 2 (1F 5 ) over Q for all values w e l with
w
=1 (mod 209).
(b) For vel with
v 2
the Galois group of g 1 (X, v (c) For y e l with
-
=
I (mod 35)
5) over Q is isomorphic to PSL 2 (1F 5 ). y
= 1 (mod
187)
the Galois group of g 2 (X, y) orer Q is isomorphic to Gn (d) For~ e l with ~
=1 (mod 247)
the Galois group of g 3 (X, 0 otw Q is isomorphic to G48 • (e) For~ e l with ~
=
I (mod 143)
the Galois group of g 3 (X, 3(5~ -1 )/(3e + I)) over Q is isomorphic to G24 . To prove Corollary 4, the factorisations of the gi modulo certain primes must be studied, similar to the way in the preceding sections. Theorem 6 gives trinomials for all the transitive subgroups of S6 with rational fixed field in N, as can be seen from the ramification structures. For certain exceptional specialisations of the parameters, three further transitive subgroups of S6 can be obtained as Galois groups of trinomials over Q: 2
EXAMPLE:
(a) giX, 2) = X 6 -6X 5 +2 6 55 r 3 r 1 has the Galois group G36 < G72 . (b) g3(X, 10) = X 6 -6X 5 + 25 55 11 5 3- 3 r 2 13 -J has the Galois group G~4 ~ s4 (acting on the subgroups of type Z 4 ). (c) g 2(X, -2/7) = g 3 (X, -15/7) = X 6 -6X 5 +2 6 36 lt 5 r 6 19- 1 has the Galois group Z&.
92
G. Maile
Finally I want to thank Priv. Doz. Dr. B. H. Matzat for the constant encouragement without which this work probably would not have been completed.
References Malle, G .. Matzat. B. H. (1985). Realisierung von Gruppen PSL 2 (1',) als Galoisgruppen iiber Q. Maih. Ann. 272, 549-565. Malle. G., Trinks. W. ( 1985). Zur Behandlung algebraischer Gleichungssysteme mit dem Computer. Preprint. Matza!, B. H. (J9R4). Konstruktion von Zahl- und Funktioncnk6rpern mit vorgegebener Galoisgruppe. J. reine an~ew. Math. 349, 179-220. Matza!. B. H. (1985). Zwei Aspekte konstruktiver Galoistheorie. J. Algehra 96,499-531. Matzat, B. H .. Zeh-Marschke, A. (1986). Realisierung der Mathieugruppen M 11 und M 12 als Galoisgruppen iiber Q. J. Numbl!r Thl!orv 23, 195-202. Shih. K. ( 1974). On the construction of Galois extensions of function fields and number fields. Math. Ann. 207, 99-120. Sims, C. C. ( 1970). The primitive permutation groups of degree not exceeding 20. Computational Prohlems in Abstract Algehra, pp. 169-183. :-lew York: Pergamon Press.
J. S_rmholic Computation (1987) 4, 93-97
Polynome mit der Galoisgruppe lvf 11 iiber 0 B. HEINRICH MATZAT UNO ANDREAS ZEH-MARSCHKE ;'v/athematisches lnstitut II. L'nirersitiit Karlsmhe I TH'. Eng/erstra}Je 2, D-7500 Karl.1ruhe I, BR Dl!ut.H·hland
We construct a polynomialy(x. X) e Q(x)[X] with the Galois group Gal (!J(x. X))~ .\1 1 1 and compute infinitely many >pecia!izations XI-+~ e 0 such that Gal (y(~. X))~ .\1 11 .
Aufder Jahrcstagung der Deutschcn Mathematikl!r-Vereinigung 1967 in Karlsruhe stellte Zassenhaus die Aufgabe, wenigstens Polynome mit der zweitkleinsten nichtabelschen einfachen Gruppe PSL 2 (f7 ) als Galoisgruppe iiber dem Korper der rationalen Zahlen :ll zu linden. Auf Anregung Leopoldts. das Problem experimentell anzugehen. schrieben dann der erste Autor und einige seiner Studienkollegen ein Programmsystem. mit dem man die Grundaufgaben dcr algebraischen Zahlentheorie (Bcrechnung von Grundeinheiten und der ldealklassengruppe) fiir algebraische Zahlkorper \utn Grad 7 mit kleiner Diskriminante losen konnte. Dieses gab mittels Primzerlegung eines erzeugenden Polynomsj(X) modulo p nach dem Dedekindschen Kriterium auch eincn Hinwei.~ auf die vermutliche Galoisgruppe Gal (/(X)) von /(X). Bereits beim ersten Testlauf im Friihjahr 1968 stellte sich das Polynom f(.'() = X 7 - 7 X + 3 mit dcr vcrm utlichcn Galoisgruppe PSL 2 (1F 7 ) ein, was dann in der Diplomarbeit von Trinks (1969) verifiziert wurde. Die niichste besonders reizvoll erscheinende Gruppe war die kleinste sporadische einfache Gruppe, also die Mathieugruppe .'\Itt· Ein entsprechendes Programm fiir den Grad II erbrachte aber keinen Kandidaten mit dem Verdacht auf die Galoisgruppe M 11 . Selbst als der erste Autor 1971 Polynome f(t, X)e Q(r)[X] mit Gal (J(r, X));;: A tl konstruierte, diese sind spiiter bei Matzat ( 1984), §6, aufgenommen worden. wurde keine Spezialisierung t~-+r e Q gefunden mit Gal (f(r, X));;: M 11 . Hierdurch wurde deutlich. daf3 man das Auffinden von Polynomen mit speziellen Galoisgruppen nicht einer Computersuche iiberlassen konnte. sondern daf3 man diese Aufgabe konstruktiv anpacken muf3te. Nachdem der erste Au tor anhand der Arbeit von Shih ( 1974) erkannt hatte, wie man das Existenzproblem fiir Galoiserweiterungen mit vorgegebener Gruppe G iiber Q(r) in ein Klassenzahl-1- Problem fur Erzeugendensystemklassen von G (in einer Verzweigungsstruktur) umsetzen kann (Matzat (1984), Teil I) gelang ihm 1976 die Konstruktion eines Polynoms f 8 (t, X) vom Grad 8 mit der Galoisgruppe PSL 2 (f 7 ) iiber Q(r) (siehe Matzat ( 1984), §7): 8 7 2 2 / 8 (r. X)= X + 6X + 3(7t + 144)(7X +6X + 36).t Ein weiteres Polynom(7 (t, X) vom Grad 7 mit Gal (/7 (1. X));;: PSL 2 (1F 7 ) steht bei Malle, t Die Po!ynome j~ und verdanken wir J. McKay.
f'7
sind
0747-717U7 ()40093 +05 $!l.1.00 0
10
den Originalarbeitcn mit cinem Druckfchlcr bchaftcl. Diesen Hinweis
'· !9X7 A.:adcmic Press Ltd.
94
B. H. Matzat und A. Zeh-Marschke
Matzat ( 1985), 2.:
Ht, X)= X 7 -56X 6 +609X 5 + ti90X 4 + 6356X 3 +4536X 2 -6804X -5832-rX 3 (X + l).t Mit denselben Methoden konstruierten 1984 beide Autoren das Polynom /(r, X)= X 12 + 20X 11 + t62X 10 + 3348·5 - 1 X 9 + 35559·5 -z X 8 + 5R32·5 - 1 X 7 - 84564·5- 3 X 6 - 857304·5 - 4 X 5 + 807003·5- sX 4 + 1810836·5- 5 X 3 - 511758·5- 6 X 2 + 2125764·5- 7 X+ 531441·5- 8 - cX 2
mit der Galoisgruppe M 12 iiber O(t) (siehe Matzat, Zeh-Marschke (1986)). Mit dem Hilbertschen Irreduzibilitiitssatz liefern diese Polynome dann jeweils unendlich viele Polynome iiher 0 mit den Galoisgruppen PSL 2(1F 7 ) bzw. M 12 • Ober weitere derartige Ergebnisse und den Kenntnisstand beim Umkehrproblem der Galoisschen Theorie wird bei Matzat ( 1987) berichtet. Hier wird nachgetragen, wie man das von Matzat, Zeh-Marschke (1986) konstruierte Polynom /(t, X) mit der Galoisgruppe M 12 iiber O(t) zu Polynomen mit den Galoisgruppen M 11 iiber Q(x) und Q spezialisieren kann. Dies beruht auf der simp len Bf:MERKU!';G
I. Es seien k ein K or per und f(t, X)
=/1(X)-t/2 (X)Ek(t)[XJ
ein separables Polynom mit der Galoisgruppe G. Dann hesit:t das Polynom g(x, X):= ./~(x)ft (X)-/1 (x)fz(X) E k(x)[X]
·
X-x
die Fixgruppe einer Nullstelle vonf(t, X) als Ga/oisgruppe. HEWErs. Es seien Nfk(r) der Zerfiillungskorper von .f(t. X) iiber k(t) in einer algebraisch abgeschlossenen Hiille von k(t) und XE N eine Nullstelle von f(t, X). Dann wird N iiber k(t, x) durch die Nullstellen von g(x, X) erzeugt. Wegen k(r, x) = k(x) ist Gal (g(x. X))= Gx. wobei Gx::;; G die Fixgruppe von x in G =Gal (f(t, X)) ist. 0
Wendet man diese Bemerkung auf das obige Polynom mit der Galoisgruppe M 12 an, so erhiilt man die erste Aussage im folgenden RESULTAT.
Das Polynom 11
g(x. X)=
I
a,.(x)XV E Q(x)[X]
v=O
mit
a 11 (x) = x 2 • a 10 (x) = a 11 (x)x +20x 2 , a 9 (x) = a 10(x)x + 162x 2 , 1 2 a 8 (x) = a 9 (x)x + 3348·5- x , a 7 (x) = a 8 (x)x + 35559·5- 2 x2 , 1 2 a 6 (x) = a 7 (x)x+5832·5- x , a 5 (x) = a 6 (x)x-84564·5- 3 x 2 , a 4 (x) = a 5 (.x)x- 857304·5 - 4 x 2 , a 3 (x) = a 4 (x)x + 807003·5- 5 x 2 , a 2 (x) = a 3 (x)x+ 1810836·5- 5 x 2 , a 1 (x) = -2125764·5- 7 x-531441·5- 8 , a0 (x) = -531441·5- 8 x t Die Polynome / 8 und verdanken wir J. McKay.
/~
sind in den Originalarbeiten mit einem Druckfehler behaftet. Diesen Hinweis
Polynome mit der Galoisgruppe M11 iiber 0
hesitzt eine :u M 11 isomorphe Galoisgruppe. Spezialisiert man hierin x zu
~E
95
IZ. mit
.; =I mod 133, so ist die Galoisgruppe von
g(~.
X)eQ[X] isomorph zu M 11 .
BEWEIS. Der zweite Teil des Resultats ergibt sich so: y(l, X)= X 1 1 + 21 X 10 + 183X 9 +4263·5-' X 8 + 56874·5- 2 X 7 + 86034·5- 2 X 6 +345606·5- 3 +870726·5 - 4 X 4 + 5160633·5- sX 3 + 6971469·5- sx 2 -11160261·5- s x- 531441·5 -M
xs
zerfallt modulo 7 in Primfaktoren der Grade 8, 2 und I und ist modulo 19 irreduzibel. Damit ist Gal (g(l, X)) eine Untergruppe dcr M 11 mit Elementen der Ordnungen 8 und II, also gleich M 11 . Da die verwendeten Kongruenzen fiir aile ~ E ;z mit .; I mod 7·19 richtig bleiben, ist Gal(g(~.X))~M 11 fiir .;=:1mod133. 0
=
Ein weitergehendes Resultat tiber die Spezialisierungen von g(x, X) bekommt man aus der BEMERKUNG 2. Es seien k ein Zahlkorper,.f(t, X)Ek(r)[X] ein separables Polynom mit der Galoisgruppe G und :V k(l) Jer Zerjdllwzgskc)rper r;onf(c, X) iiber k(t). Ferner ge/te ji"ir dus Geschlecht eines }eden von k(t) verschiedenen Zwischenklirpers K ron N/k(t) die VnJ?leichung g(K) ~ 2. Dann gibt es nur end/ich ril!le rEk mit Gal (j(r. X)) ;j:o G. BEWEIS. Nach dem Dedekindschen Kriterium ist genau dann Gal (j~r. X))~ G. wenn der ziihlerdivisor des Primpolynoms t- r E k(t), dieser sei l:r, weder Teiler des Ziihlers noch des Nenners der Diskriminante D(f) von{( c. X) ist und in N/k(t) triige ist. Also ist fUr die nicht in D(f) aufgehenden p, im Fall Gal (/(r, X)) ;l; G der Zerlegungskorper K eines Primteilers von p, in .V 'vun k(t) verschieden. Wegen y(K):;.;, 2 gibt as nach der von Faltings (1983), Satz 7, bewiesenen Mordellschen Vermutung nur endlich viele Primdivisoren vom Grad 1 in K. Da weiter die Anzahl aller Zwischenkorper von .V, k(t) endlich ist, existieren nur endlich viele Primdivisoren vom Grad I von k(t)/k. die in Nik(t) nicht triige sind, also auch nur endlich vicle r E k mit Gal (j~r. X)) ;l; G. o FoLGERUNG. Fur das oben angegebene Polynom g(x, X) mit der Ga/oisgruppe M 11 gibt es nur endlich vie/e ~EO mit Gal (g(~. X)) ;l;.J:fit· BEWEIS. Die Verzweigungsstruktur von N /O(x) in G = M 11 ist nach Matzat, ZehMarschke (1986), Bemerkung 3, [* = (8. c4A• CsA)*. Mit Hilfe der Permutationscharaktere der maximalen Untergruppen V1 :=M 10 , U2 :=PSL 2 (1F 11 ), U3 :=M9 ·Z 2 , U4 : = S 5 • U5 : = M 8 · S3 von G bei Fischer, McKay (1978) erhiilt man die Zyklendarstellung der Elemente der Galoisgruppen der minimalen von Q(x) verschiedenen Zwischenkorper Ki: = Nu; von N/O(x) und daraus unter Verwendung der Hurwitzschen Relativgeschlechtsformel deren Geschlechter g(K 1 ) = 18, g(K 2 ) = 25, g(K 3 ) = 120, g(K 4 ) = 145, g(K 5 ) = 382. Folglich besitzen aile von Q(x) verschiedenen Zwischenkorper K von N/O(x) ein Geschlecht g(K) mit 18 ~ y(K) ~ g(N) = 19009. o NACHTRAG. Auf Anregung des Rderenten werden noch die Diskriminanten der Polynome
M1 , . . . , >,are the conjugates of ll. Examples are given by certain series of trinomial equations for :x.
Introduction Little is known about the arithmetic of non-solvable Galois extensions LjQ. This comes partly from the fact that numerical examples are difficult to provide. Existing computer programs for integral bases. units and class numbers cannot be used because of the high degree and the huge discriminants of these extensions. Instead of a direct approach one may consider L as the Galois hull of an extension E of smallest degree 11 and develop the connection between the arithmetic of E and L. The arithmetic of E has been studied with this aim in mind for special series of non-solvable equations of degree 11 = 5 in Maus (1984) and numerical examples are fairly well accessible in general for, say, 11 ~ 10 and discriminants ~ 10 6 by computational methods (see, for instance, the forthcoming book by Pohst & Zassenhaus, 1987). Of course, Lis completely determined byE, but in general it seems to be a highly non-trivial problem to derive the arithmetic of L from that of E. The purpose of this note is to exhibit such relations between integral bases of E and L for certain s.-extensions. Our result is based on a simple discriminant formula and includes a result of Elstrodt et a/. ( 1985). Examples are provided by the series of s. extensions obtained by Uchida (1970), Yamamoto (1970), Osada (1987) and Maus (1984). A Discriminant Formula
For a finite separable extension N S=
::J
M of fields the discriminant of a set
{flt, ... , flm}
c N,
m = (N: M)
is defined as dNtM(S)
= det (TrNtMfli{Jj) = det (u.{Jy,
where the u. range over all distinct embeddings of NjM in a given algebraic closure of M. Let F be a field and letfbe an irreducible polynomial of degree 11;?: 2 in F[x] with the property that the decomposition field L off is a Galois extension with Galois group Let a= at, ... , :x. be the roots off inLand let E = F(rt.) and D = dE 1A1. a, ... , rt."- 1 ). It is
s•.
0747-7171 87'040099+04 $0J.OO 0
(' 1987 Academic Press Ltd.
100
E. Maus
well known that D coincides with the discriminant
d(f)
n
=
(:x;-exy
O 0
j=2
and
2)
2
HiT =- T2'-
1lo rl• ~ < 0,
hence 0 < T
Tiyi,
then (2) and (3) imply that
I
1 m ,,,. IYI
:s; T fo
.
Assume now that IYI > T I
lJ;m I''"
and
jcx,y-xl :>;
Tlyl.
106
A. Petho
Then, by Lemma 3 we obtain
ylla·- ~~ ~ (lilll1j~T) IYI~- 2
=
(~J?oll/n ~~~)"-\.
The coefficient of k is less than 1 because of the hypothesis on y, thus the theorem is proved. 3. Reduction of Large Upper Bounds THEOREM 2. Let (x, y) e 71. be a solution of (I) with (3), such that (x, y) = I and IYI ~ y 0 . Let a 1 = [a 0 ; a 1 , . • . , ab, .. .], where b is chosen such that qb-l > y 0 • Let 2
h ;?: I, A = max h] . [qh-., T11mfa I•'"(A- +2)1/< 2-
Assume that
then taking k = -!-
Ia.-YXI
I T then ja 1 y-xl
~
fa llfn ,
Tlyl, hence by Lemma 3 and by the choice of Twe obtain (8)
Resolution of Thue Inequalities
107
REMARK. The reason for the practical applicability of Theorem 2 is the following. We know that the denominators of the convergents grow exponentially, while we expect that the partial quotients are growing at most polynomially. Hence, if y 0 is large, then we expect a new upper bound which is as large as a power of log y 0 • A similar idea was used by de Weger (1986).
4. On the Small Solutions
To compute the solutions of(l) below the bound (6) requires much peripheral work. In the "medium large" range we can use a combination of Theorems I and W, choosing k = I, 2, ... , until the number of possibilities is not too large. The smallest positive root of Hk(t) increases with k, hence the bound for y decreases in each step. Instead of using Theorem W for large k it is better to apply the following THEOREM
3. Let (x, y) e 7L 2 be a solution of (I) and (3), and let T be the smallest positive
root of n
H(t)
=
j=2
Then either 1
lyl
~-
lm 11/n '7'"
T Jo
or
fo
T
1x-!X1YI
and
1 I -m 11/n and lx-!X1YI < iYI >PROOF.
TI (1}- t).
t"- 1 -
~
I--:-m 11tn
(9)
io
[!io n --JIYI mI -:-
n i=2
1
I I < I m~ 1 " . --.-=--! 1)- T Jo
(10)
It is clear that 0 < T < min 1). The second inequality of (9) is true by Lemma 4, 2nns. Phtlos. Thms. Rol". Soc. Lmdun S,·r . . I Z63. 17:1-1':11. Baulin. V. ·1. (1960). On an indeterminate equation of the third degree with least positi\e discriminant (Russian). Tu/"sk Gos. Ped hl\1. l!'cen Zap. Fi=. Ma11I. Nauk. Vip. 7, 138-170. Ellison. W. J. (1971). Recipes for solving diophantine problems by Baker\ method. S ... , wk such that h;=w;(9 1 , ••• ,g.) for i=l, ... ,k. Finally, let M be a simple finite dimensional FPH module, FP = 7l.jp7l. for some prime number p, and (: H x H-+ M a 2-cocyle giving rise to an exact sequence: (0:
-
~ 1-+M-+H-+H-+1.
fi must be given explicitly enough that multiplication can be carried out and equality of elements can be decided. For example, if H is finite and soluble, it suffices that His given by an AG presentation, that M is given by matrices over FP describing the action of the t Supported by the Nuffield Foundation. 0747-7171/87/040111 + 12 $03.00t0
,(' 19!!7 Academic Press Lid.
112
W. Plcsken
generators hi and ( by the elements of M given by s;(ii 1, .... iik) for i = I. ... , I with iii a fixed pre-image of hi under IJ. Of course, if(~) splits it is assumed that the iii generate a complement of Min fi. i.e. si(ii 1 . . . . . iik) =I fori= 1, ... , I. With these data given, it is a question of solving linear equations over 1:"", to check whether e: G-+ H lifts to an epimorphism e: G-+ fi. i.e. an epimorphism satisfying il17 =e. Namely. let Yi = w/ii 1, .•. , iik) for i =I, .... 11. Then YiiJ = gi and the equations for (m 1 ••••• m.)eM" r 1(m 1 ij 1 •• ••• m.?J.)= I (i= l, ... ,m) are FP-linear equations for the coordinates dimKH;(G, M,) in this case.) The same methods work in Case 2b for r i= p. In the final Case 2b, r = p, MG is isomorphic to M, K~, where M, is the module for
® K
~ and KN the one-dimensional KN module with trivial N action. K~ and therefore also
MG are uniserial with all composition factors isomorphic, namely trivial in the first and M, in the second case. One has an exact sequence: 0--> M,--> MG--> M~p- l)--> 0, where M~p-tl = MG/soc(MG) is uniserial with p-1 composition factors all isomorphic to M,. The long exact sequence gives
Ht(G, MG)--> Ht(G,
Ill Ht(N, M)
M~p-
tl) __.. H 1 (G, M,)--> H 1 (G, MG)--> ...
Ill H 1 (N, M).
So the known group H 2 (G, MG) and the not yet known group Ht(G, M~p-t)) both contribute to H 2 (G, M,). Checking whether a cocycle representing a class in H 2 (G, MG) is cohomologous to one which takes values in the socle soc(MG)::::: M, is a matter of solving
Towards a Soluble Quotient Algorithm
119
linear equations similarly to section 2 facilitated by the uniseriality of MG. Secondly. H 1(G. M~.P- 11 ) can be computed from the long-exact sequence obtained from 0--> M~p-!)_. MG--> Me -->0, which gives
H0 (G,
Me)->H 1(G, M~P-" 1 )->H 1 (G. MG)->H 1(G, M,)
IIi H 1(N, M). Note: H0 (G. Me)= 0 unless G acts trivially on Me. It was only for this case that the first cohomology groups were computed as well. It might be possible to avoid this. if one computes the pre-image of H 2 (G, .\1e)--> H 2 (G, MG) in such a way that one computes all rather than only one pre-image of at least one element in the image of this map.
5. A Soluble 7t-quotient Algorithm Assume the group G is given by a finite presentation as at the beginning of section 2. Whether or not G has a non-trivial soluble factor group can be checked by computing the isomorphism type of the abelianised group G/G', which is a matter of writing the abelianised relations of G into matrix form and to transform it to its Smith normal form (cf. Havas & Sterling, 1979). Assume a finite set 1t of primes is chosen. The aim is to compute soluble rr factor groups of G. i.e. epimorphisms e of G onto finite soluble groups H given by an AG presentation. such that all prime divisors of IHI lie in rr. In case a biggest soluble rr quotient H of G exists, H and the epimorphism of G onto H are to be computed. If GiG' is infinite no biggest soluble 1t quotient exists. Otherwise one applies the nilpotent quotient algorithm (Macdonald, 1974; Wamsley. 1974; Havas & Newman, 1980) to compute epimorphisms of G onto its biggest p factor group (if they exist) for p Err. pI !G/G'J, After this initialising step one proceeds along the lines of section 2: Whenever an epimorphism of G onto a finite soluble group H is constructed, one tries to lift it to extensions of simple 71./pll.H modules M(pE7t) by H, the modules being constructed as outlined in section 3 and the 2-cocycles as sketched in section 4. If no lifts are possible the biggest soluble 1t quotient is found. Conversely, given enough space and time the biggest 1t quotient of G can be found this way, if it exists (cf. also section 6). The following remarks may help to organise the actual procedure in such a way that the number of extensions of H which are tested for lifting are minimised. For convenience, identify a cohomology class in H 2 (H, M) with its inflation in H 2 (i'/, M). where is an extension of H to which the epimorphism e : G--> H has been lifted in one or more steps. How to deal with trivial classes effectively has been said in section 2. In this sense there are three disjoint possibilities for a non-trivial 2-cocycle taking values in M:
H
(a) it leads to a lift of e; (b) it has led to a lift and will never lead to a lift again; (c) it has not Jed to a lift and will never allow a lift. Using Baer sums one quickly convinces oneself that once e has been lifted beyon£i the semidirect product Ma H, a = amax defined in section 2. the type (b) classes in H 2 (lf, M) form a subgroup and only one representative from each coset has to be tested for liftability. There is one more remark which might speed up things. Assume a= amax has been computed for the simple H module M as outlined in section 2 and amax > 0. If any ll.H
Plesk~n
120
W.
module
M is
given, which maps onto ;\1", then one can use this in the following way:
Say m 1 • . . . , m.eM" have been chosen to define the lift 1:. of 1: (in th..: notation of section 2). Let m1. . . . . ii1.e.\i be pre-images of m 1 , • . . , m. under the epimorphism M--+ M''. Then one obtains a lift onto the factor group of (iii!, ... , in.>.:H~ H modulo (r,(iii!Yt· .. .,
m.?J.) I i =I. ... , m)
II•
where the index l.H denotes the l.H span. C. Leedham-Green has pointed out that one can avoid a good deal of the cohomology computation by combining this algorithm here with the "nilpotent section part" of his algorithm in Leedham-Green (1984). Together with the above remark this might get rid of the cohomology altogether if one can construct the projective indecomposables of 7l.ipflH. But this has not yet been investigated in detail.
6. Testing for Free Abelian Sections In this process of constructing epimorphisms c: of G given as in section 2 onto bigger and bigger finite (soluble) groups H. one might start to wonder whether Ker 1: has an 'infinite free abelian factor group. How to test this from a list of representativ..:s of isomorphism classes of irreducible QG modules will be discussed now. Let G. H and c be given as in section 2 with H finite, and let .\/ be an irr..:ducible QH module. Since H is finite, any extension of M by H splits. Now the whole discussion of section 2 r..:m.tins valid if one replac..:s the condition of~ 1resp. 0 if and only if r. lifts onto a homomorphism i: into V~ H with Ker c:jKer e isomorphic to some ZH lattice in V. Ea..:h element in
Tt>wards a Soluble Quotient Algorithm
1~1
e
S(*)/S(**) oj' p power order gives rise to a lifting of;; with Ker G/ Kerf.~ L;L :!{,_ .'vt of p power order. Conversely. if X= L;L is an H submodule of M of p power order with p fiHI such that£ can be lifted to~ with Ker c;;Ker ~ X. then this lifting comes from an element
e
.'H
of p power order of S(*)iS(**). This is clear from the analysis of section 2, since by SchurZassenhaus theorem the extension of X by H splits. Call a prime p relevant with respect to V if pJIHI and S(*) 1S(**)l contains an clement of order p. Note. since pfiHI, the property only depends on V and not on the choice of the lattice. Call a family V1 , •. .• ~~of OH modules complete, if each irreducible OH module can be k
embedded into
EB i
~;. These complete systems clearly satisfy the following rdevanl
= 1
property: for any dividing !HI any i = I. ... , k. The introduced at the PROPOSITION. (I)
v;
choice L, of ZH lattices in ~; with OL, = and for any prime p not simple Z;p:ZH module can be embedded into one of the ~~~ L,, analysis giH·n above yidds the following insight about the set rr 11 beginning of this section:
Assume Hi= I and let V1,
•• ••
~~he
...tny prime p relerant with respect to some
a complete(amil,r o(?H modules. Then
~;
is contained in
rrH.
k
(2) rrn
~
set
t+- :llml}t,
bm+-bm-tbl•
llmt+-Pmt-1•
!lmj+-Jlmj-lJitj
hm+-hm-th1, (I ~j~l-1).
In case bm = 0 go to 9. For bm =f. 0 and I< m-1 go to 6. STFP 5. (LLL condition violated on level m?) For go to 7. STEP 6. (Decrease I) Set 1+-1-1. For 1>0 go to 4. Else set m+-m+l. For m>fi terminate, otherwise go to 3. STEP 7. (Bm = 11 = 0?) Set 11+- tlm.m- 1 , B+- Bm+!-l 1 Bm_
(lli.m-1).._(·1 \ !li.m
0
!lm.m-1)(0 I
I
~
Jl
1•
ForB= 0 go to 8. Else 'ct
)(Jii.m-1) !li.m
(m+l
~i~fJ).
STEP 8. (Interchange bm- 1' bm) Set Bm- 1 +-B.
·I) (
(bm (Jlm-l.j) +- ( Pm.j ) hm-1) ( hm ) .,_ bm ) ( hm +- hm- 1 ' bm bm- 1 • !lm. j Jlm- 1.j For m > 2 decrease m by I. Then go to 3. t : r; denotes the nearest integer to the rt:al numhcr x.
(l~j~m-~).
126
M. Pohst
STEP 9. (Relation vector mj found) Set
~ g
+ 1, {3 +- {3- 1,
rna+-
hm; set
(m :E; i :E; {3).
h;+-h;+r
b;+-b;+ 1 ,
For :x
11 +- 11
terminate. Else update (m ~ i ~ {3; 1 ~j < i),
b;*, Jlij• B;
set r
+-
m+ 1
and go to 2. REMARKS. (i) :x denotes the number of input vectors a; which have been tested already; fi denotes the number of vectors b; which are momentarily tested for linear independence; a is the number of relation vectors found by the algorithm; p is the (non-decreasing) number of linearly independent vectors already determined. (ii) The output consists of p linearly independent vectors b 1 , . . . , bP subject to g
b;
= 2::
hijaj
(I :E; i :E; p; h;
j~t
= (h; 1• . . . , h;9 )' E1'.9)
forming a basis of A 9 = l'.a 1 + ... + l'.a 9 and 0 :E; g- p relation vectors ID 11 • If a 1 , . . • , a 9 are linearly independent MLLL performs exactly as the original LLL algorithm. (iii) If a 1 , . . • , a 9 are linearly dependent the algorithm operates on linearly dependent vectors b 1 . . . . . bp, hence B11 = 0. In Step 7 the possibility Bm = 0. Jl i= 0 can occur only a finite number of times since in that case Bm _ 1 is multiplied by a factor of I, 4. which is even better than the factor 3/4 occurring in the original algorithm. The possibility Bm = 11 = 0, however, implies that after Steps 7, 8 have been carried out we even have a linear dependency between b 1, . . . . bm-t (where we had one between bto ... , bm before). In this way we obtain a linear dependency among fewer and fewer vectors: finally, bm must become zero in Step 4. (iv) Each time a relation m 11 between vectors b 1 , ••• , bp is found it is removed from the data and we extend the remaining vectors to a new system b 1 • . . . , b11 from the a;. We note that b1 , • . . , bp_ 1 are always linearly independent after Step 2. If we especially search for a short relation vector m, it can be obtained by applying the original LLL algorithm to the (linearly independent) output vectors m 1 , . . . , m9 _P. (v) If the lattice under consideration is not integral. roundoff errors can cause a problem in the decision whether b1 is actually zero. Let p
Ap =
2::
l'.bj c;; A.
j=l
In case of
bt i= 0 we obtain for
its discriminant p
d(Ap) =
flllbtll
j= l
and for the shortest vector of A 11 • say y i= 0, the estimate
IIYII 2
2
:E; (y~d(Ap) ) 11 P,
where rZ denotes Hermite's constant. If we know a lower bound M 1 for the minimum of any lattice containing Ap. then we find
M~ ~ ~·~d(Ap) 1 = ~~
n
l!bjll 2
j= l
A Modification of the LLL Reduction Algorithm
127
so that llbtll cannot be too small. For example. if we know a basis, say c 1 ••••• c,. of some lattice /'\ containing Ap. then we can obtain a lower bound M 1 as follows. Let llc 1 ll ~ ... ~ llc,jj. From Hadamard's inequality we conclude
hence. :VII)'
(d(/'\)/j0 11c)lr 2
This method is very important for unit computations in algebraic number fields. The following simple example is to illustrate the mode of operation of the algorithm. EXAMPLE.
Let g = 4 and a 1 =(1.1.0)',
a 2 =(1.0. 1)',
a 3 =(1.3, -2)',
a 4 =(2,3. -1)'.
After the initialisation we obtain :X=
p=
3.
bi = ai
(i =
I. 2. 3), m = 2
in Step 2. Since a 1 , a 2 are already LLL reduced the algorithm proceeds to Step 6 where m is increased by l. Now we obtain b3 = (3. 3. 0)' and h 3 = (0, 2. I, 0)' in Step 4. Via Steps 5. 7, 8 (where b2 and b 3 are interchanged) and Step 3 we get to Step 4 and obtain b2 = 0 as well as the relation vector m 1 = ( - 3. 2, I, 0)' in Step 9 afterwards. Next we get to Step 2 again and obtain the updated values IX= 4, P= 3, b1 = a 1 • b 2 = a 2 , b3 = a 4 , m = 2. Similarly, as before the second relation vector m2 = (- 3, I, 0, I)' is determined. A detailed discussion of the M L L L algorithm for non-integral lattices in connection with unit computations will appear as a joint paper by J. Buchmann and the author in th~ near future. We finally note that the complexity analysis of the original LLL algorithm can be almost literally transferred to the new algorithm. After the author had finished this paper he learnt from J. Buchmann that there is a preprint by Hastad et a/. ( 1986) in which an algorithm similar to MLLL is presented. Since the essential transformations (see Steps 7. 8 of MLLL) are not carried out in detail there it was impossible to decide how related both algorithms are. In any case, there is no factor of 1/4 speeding up the algorithm and their approach is totally different.
References Buchmann. J., Pethii. A. ( 1987). Computation of independent units in number fields by Dirichlet's method. Math. Comp. (in press). . Has tad. J., Just, B., Lagarias. J. C.. Schnorr. C. P. ( 1986). Polynomial time algorithms for finding integer relations among real numbers. Proceedings of STACS '86. Lecture Notes in Computer Science. Lenstra, A. K., Lenstra, H. W., Lovasz. L. ( 1982). Factoring polynomials with rational coefficients. Math. Ann. 261, 513-534. Odlyzko. A. ( 1984). Cryptoanalytic attacks on the multiplicative knapsack cryptosystem and on Shamir's fast signature system. IEEE Trans. Inform. Theory IT-30, 594-600.
