Bordeaux 1 University MHT 933 – Master 2
Mathematics Year 2008-2009
Final Exam. 2008 December 19th, 8h-12h
Handwritten lecture notes are allowed as well as the course typescript. You may compose in either English or French.
Exercise 1 (Primes as sums of squares) Part 1
1. Let x =a+bi and y = c+di 6= 0 be two Gaussian integers: x, y ∈Z[i]
where i is a square root of −1. Prove that there exists an element q ∈ Z[i]
such that
|x−qy|2 ≤ 1 2|y|2 and show how to compute such a q.
2. Deduce from this an algorithm to compute gcd(u, v)1 where u, v are non zero elements of Z[i].
3. Show that this algorithm has word complexity in O(ne 2) for operands bounded by 2n in modulus2.
4. Let p ≡ 1 mod 4 be a prime. Let m be the smallest positive quadratic non-residue mod p and let us put x = m(p−1)/4 modp. Show that the com- putation of gcd(p, x+i) in Z[i] gives a decomposition of p as a sum of two squares.
5. Prove that this decomposition is essentially unique.
6. Write a deterministic algorithm with inputpand outpout the decomposi- tion ofpas a sum of two squares. Evaluate the complexity of this algorithm3. 7. We have already seen during the lectures that Minkowski’s Theorem ap- plied to the free Z-module generated by the columns of
p r 0 1
1Our gcd is not unique: we can multiply it by±1 or±i. This gives four possibilities.
Here, we consider any one of those four possibilities to be “the” gcd.
2This naive algorithm can be improved and it is possible to obtain a word complexity in O(n) (A. Weilert 2000) using a divide and conquer approach.e
3You can assume GRH and use Bach’s bound: m≤2(logp)2.
1
(wherer2 ≡ −1 mod p) leads to the existence of such a decomposition. Show how the LLL algorithm gives a solution, write another algorithm for the same problem and compare the new complexity to the previous one.
Part 2
From now on, p is a prime such that p≡3 mod 4.
8. Letxbe a quadratic residue modp. Find an easy way to obtain a square root of x modp.
9. Prove that there exist α, β ∈Z such that α2+β2 ≡ −1 modp.
10. Show how to find such a pair thanks to the smallest positive quadratic non-residue m.
11. Let Λ⊂R4 be the free Z-module generated by the columns of
p 0 α β 0 p β −α
0 0 1 0
0 0 0 1
.
Prove that there exists (a, b, c, d)∈Λ such that 0< a2+b2+c2+d2 <2p,
and deduce from this that p can be written as a sum of four squares. Is this decomposition unique?
12. Explain how this result implies that every non negative integer can be written as a sum of four squares (Lagrange 1770).
13. Show how we can obtain, thanks to LLL-algorithm, a decomposition of p as a sum of four squares.
14. Write a deterministic algorithm with inputp and with output a decom- position of p as a sum of four squares.
15. Assuming GRH and Bach’s bound, compute the word complexity of this algorithm.
Exercise 2 (Niederreiter’s algorithm)
In what follows, pis a prime, f ∈Fp[X] is monic, squarefree and has degree d ≥ 1. Consider the field of rational functions Fp(X) and the differential equation (E) over Fp(X):
(E) : y(p−1)+yp = 0.
2
Define N as the set of g ∈Fp[X] such thatg/f is a solution of (E).
1. Show that N is a linear subspace of Fp[X] (considered as an Fp-vector space), that every g ∈ N has degree< d and that f0 ∈ N4.
2. Suppose that f = f1· · ·fr is the decomposition of f as a product of irreducible monic polynomials of Fp[X]. Show that N admits
f10f
f1 , . . . ,fr0f fr as a Fp-basis.
3. Prove that g = Pd−1
i=0 giXi is an element of N if and only if G = (g0, . . . , gd−1) satisfies an equation
Mp(f) + Idd
·Gt= 0, where Mp(f) is a matrix of Md×d(Fp) such that
rank Mp(f) + Idd
=d−r,
and corresponds to an endomorphism of {P ∈Fp[X]; degP < d} to be pre- cised.
4. Assume thatf is not irreducible over Fp. How can an element ofN yield a nontrivial factor of f? What is the probability for a random element ofN to do this?
5. Write a deterministic algorithm usingN, linear algebra (like in Berlekamp’s algorithm) and giving a non-trivial factor of f.
6. Explicit the matrix Mp(f) in the case p= 2 and prove that the previous algorithm leads to the complete factorization of f over F2 in O(dω) opera- tions in F2. What is the advantage of this algorithm on Berlekamp’s?
7. Now, let B ⊂ Fp[X]/hfi be the Berlekamp algebra of f. Consider the map
Φ : N −→ B
g 7−→ g·(f0)−1 modf.
Prove that Φ is well defined and that it is a vector space isomorphism.
F 8. Let q =pn a power of p. Let us define over the set Fq((X−1)) of formal Laurent series over Fq the Hasse-Teichmuller derivative by:
H(q−1)X∞
i=ω
siX−i
=
∞
X
i=ω
−i q−1
siX−i−q+1.
4In this question and in the following one, you can make use of the decomposition f =Q
1≤i≤d(x−λi) where theλi are the distinct roots off in a splitting fieldEoff over Fp.
3
Show how to generalize the previous method to obtain a factorization of a monic squarefree polynomial f ∈Fq[X] thanks to the differential equation
H(q−1)(y) =yq where y∈Fq((X−1)).
Exercise 3 (Lenstra’s numbers)
We say that an integer N >0 is a Lenstra number if and only if aN+1 ≡amodN for every a∈Z.
For instance 2 and 6 are two Lenstra numbers.
1. Prove that N is a Lenstra number if and only if it is squarefree and p−1|N for every prime divisor pof N.
2. Show that the set of Lenstra numbers is finite and give the complete list of its elements.
4
