Fast Computation of Shifted Popov Forms of Polynomial Matrices via Systems of Modular Polynomial Equations
aa r X i v : . [ c s . S C ] M a y Fast Computation of Shifted Popov Forms of PolynomialMatrices via Systems of Modular Polynomial Equations
Vincent Neiger
ENS de LyonLaboratoire LIP, CNRS, Inria, UCBL, U. Lyon [email protected]
ABSTRACT
We give a Las Vegas algorithm which computes the shiftedPopov form of an m × m nonsingular polynomial matrix ofdegree d in expected e O ( m ω d ) field operations, where ω is theexponent of matrix multiplication and e O ( · ) indicates thatlogarithmic factors are omitted. This is the first algorithmin e O ( m ω d ) for shifted row reduction with arbitrary shifts.Using partial linearization, we reduce the problem to thecase d ⌈ σ/m ⌉ where σ is the generic determinant bound,with σ/m bounded from above by both the average rowdegree and the average column degree of the matrix. Thecost above becomes e O ( m ω ⌈ σ/m ⌉ ), improving upon the costof the fastest previously known algorithm for row reduction,which is deterministic.Our algorithm first builds a system of modular equationswhose solution set is the row space of the input matrix, andthen finds the basis in shifted Popov form of this set. We givea deterministic algorithm for this second step supportingarbitrary moduli in e O ( m ω − σ ) field operations, where m isthe number of unknowns and σ is the sum of the degrees ofthe moduli. This extends previous results with the same costbound in the specific cases of order basis computation andM-Pad´e approximation, in which the moduli are products ofknown linear factors. Keywords
Shifted Popov form; polynomial matrices; row reduction;Hermite form; system of modular equations.
1. INTRODUCTION
In this paper, we consider two problems of linear alge-bra over the ring K [ X ] of univariate polynomials, for somefield K : computing the shifted Popov form of a matrix, andsolving systems of modular equations. A polynomial matrix P is row reduced [22, Section 6.3.2]if its rows have some type of minimal degree (we give precise ISSAC’16, July 19–22, 2016, Waterloo, ON, Canada.ACM ISBN. DOI: http://dx.doi.org/10.1145/2930889.2930936 definitions below). Besides, if P satisfies an additional nor-malization property, then it is said to be in Popov form [22,Section 6.7.2]. Given a matrix A , the efficient computationof a (row) reduced form of A and of the Popov form of A has received a lot of attention recently [14, 28, 16].In many applications one rather considers the degrees ofthe rows of P shifted by some integers which specify degreeweights on the columns of P , for example in list-decodingalgorithms [2, 7], robust Private Information Retrieval [12],and more generally in polynomial versions of the Copper-smith method [9, 10]. A well-known specific shifted Popovform is the Hermite form; there has been recent progress onits fast computation [17, 15, 35]. The case of an arbitraryshift has been studied in [6].For a shift s = ( s , . . . , s n ) ∈ Z n , the s -degree of p =[ p , . . . , p n ] ∈ K [ X ] × n is max j n (deg( p j ) + s j ); the s -rowdegree of P ∈ K [ X ] m × n is rdeg s ( P ) = ( d , . . . , d m ) with d i the s -degree of the i -th row of P . Then, the s -leadingmatrix of P = [ p i,j ] ij is the matrix lm s ( P ) ∈ K m × n whoseentry ( i, j ) is the coefficient of degree d i − s j of p i,j .Now, we assume that m n and P has full rank. Then, P is said to be s -reduced [22, 6] if lm s ( P ) has full rank. Fora full rank A ∈ K [ X ] m × n , an s -reduced form of A is an s -reduced matrix P whose row space is the same as that of A ; by row space we mean the K [ X ]-module generated bythe rows of the matrix. Equivalently, P is left-unimodularlyequivalent to A and the tuple rdeg s ( P ) sorted in nonde-creasing order is lexicographically minimal among the s -rowdegrees of all matrices left-unimodularly equivalent to A .Specific s -reduced matrices are those in s -Popov form [22,5, 6], as defined below. One interesting property is that the s -Popov form is canonical: there is a unique s -reduced formof A which is in s -Popov form, called the s -Popov form of A . Definition 1.1 (Pivot).
Let p = [ p j ] j ∈ K [ X ] × n benonzero and let s ∈ Z n . The s -pivot index of p is the largestindex j such that rdeg s ( p ) = deg( p j ) + s j . Then we call p j and deg( p j ) the s -pivot entry and the s -pivot degree of p . We remark that adding a constant to the entries of s doesnot change the notion of s -pivot. For example, we will some-times assume min( s ) = 0 without loss of generality. Definition 1.2 (Shifted Popov form).
Let m n ,let P ∈ K [ X ] m × n be full rank, and let s ∈ Z n . Then, P issaid to be in s -Popov form if the s -pivot indices of its rowsare strictly increasing, the corresponding s -pivot entries aremonic, and in each column of P which contains a pivot thenonpivot entries have degree less than the pivot entry.In this case, the s -pivot degree of P is δ = ( δ , . . . , δ m ) ∈ N m , with δ i the s -pivot degree of the i -th row of P . ere, although we will encounter Popov forms of rectan-gular matrices in intermediate nullspace computations, ourmain focus is on computing shifted Popov forms of squarenonsingular matrices . For the general case, studied in [6], afast solution would require further developments. A squarematrix in s -Popov form has its s -pivot entries on the di-agonal, and its s -pivot degree is the tuple of degrees of itsdiagonal entries and coincides with its column degree. Problem 1 (Shifted Popov normal form).
Input: the base field K , a nonsingular matrix A ∈ K [ X ] m × m , a shift s ∈ Z m . Output: the s -Popov form of A . Two well-known specific cases are the Popov form [27, 22]for the uniform shift s = , and the Hermite form [19, 22]for the shift h = (0 , δ, δ, . . . , ( m − δ ) ∈ N m with δ = m deg( A ) [6, Lemma 2.6]. For a broader perspective onshifted reduced forms, we refer the reader to [6].For such problems involving m × m matrices of degree d ,one often wishes to obtain a cost bound similar to that ofpolynomial matrix multiplication in the same dimensions: e O ( m ω d ) operations in K . Here, ω is so that we can multiply m × m matrices over a commutative ring in O ( m ω ) opera-tions in that ring, the best known bound being ω < .
38 [11,25]. For example, one can compute -reduced [14, 16], -Popov [28], and Hermite [15, 35] forms of m × m nonsingularmatrices of degree d in e O ( m ω d ) field operations.Nevertheless, d may be significantly larger than the av-erage degree of the entries of the matrix, in which case thecost e O ( m ω d ) seems unsatisfactory. Recently, for the com-putation of order bases [30, 34], nullspace bases [36], inter-polation bases [20, 21], and matrix inversion [37], fast algo-rithms do take into account some types of average degreesof the matrices rather than their degree. Here, in particu-lar, we achieve a similar improvement for the computationof shifted Popov forms of a matrix.Given A = [ a i,j ] ij ∈ K [ X ] m × m , we denote by σ ( A ) the generic bound for deg(det( A )) [16, Section 6], that is, σ ( A ) = max π ∈ S m X i m deg( a i,π i ) (1)where S m is the set of permutations of { , . . . , m } , anddeg( p ) is defined over K [ X ] as deg(0) = 0 and deg( p ) =deg( p ) for p = 0. We have deg(det( A )) σ ( A ) m deg( A ),and σ ( A ) min( | rdeg( A ) | , | cdeg( A ) | ) with | rdeg( A ) | and | cdeg( A ) | the sums of the row and column degrees of A . Wenote that σ ( A ) can be substantially smaller than | rdeg( A ) | and | cdeg( A ) | , for example if A has one row and one columnof uniformly large degree and other entries of low degree. Theorem
There is a Las Vegas randomized algo-rithm which solves Problem 1 in expected e O ( m ω ⌈ σ ( A ) /m ⌉ ) ⊆ e O ( m ω deg( A )) field operations. The ceiling function indicates that the cost is e O ( m ω ) when σ ( A ) is small compared to m , in which case A has mostlyconstant entries. Here we are mainly interested in the case m ∈ O ( σ ( A )): the cost bound may be written e O ( m ω − σ ( A ))and is both in e O ( m ω − | rdeg( A ) | ) and e O ( m ω − | cdeg( A ) | ).Previous work on fast algorithms related to Problem 1 issummarized in Table 1. The fastest known algorithm for the Ref. Problem Cost bound[18] Hermite form e O ( m d )[31] Hermite form e O ( m ω +1 d )[33] Popov & Hermite forms e O ( m ω +1 d + ( md ) ω )[1, 2] weak Popov form e O ( m ω +1 d )[26] Popov & Hermite forms O ( m d )[14] -reduction e O ( m ω d ) ⋆ [28] Popov form of -reduced e O ( m ω d )[17] Hermite form e O ( m ω d ) ⋆ [16] -reduction e O ( m ω d )[35] Hermite form e O ( m ω d )[16]+[28] s -Popov form for any s e O ( m ω ( d + µ )) Here s -Popov form for any s e O ( m ω ⌈ σ ( A ) /m ⌉ ) ⋆ Table 1: Fast algorithms for shifted reduction prob-lems ( d = deg( A ); ⋆ = probabilistic; µ = max( s ) − min( s )) .0 -Popov form is deterministic and has cost e O ( m ω d ) with d =deg( A ); it first computes a -reduced form of A [16], andthen its -Popov form via normalization [28]. Obtaining theHermite form in e O ( m ω d ) was first achieved by a probabilisticalgorithm in [15], and then deterministically in [35].For an arbitrary s , the algorithm in [6] is fraction-free anduses a number of operations that is, depending on s , at leastquintic in m and quadratic in deg( A ).When s is not uniform there is a folklore solution basedon the fact that Q is in s -Popov form if and only if QD is in -Popov form, with D = diag( X s , . . . , X s m ) and assuming s >
0. Then, this solution computes the -Popov form P of AD using [16, 28] and returns PD − . This approach uses e O ( m ω ( d + µ )) operations where µ = max( s ) − min( s ), whichis not satisfactory when µ is large. For example, its costfor computing the Hermite form is e O ( m ω +2 d ). This is theworst case since one can assume without loss of generalitythat µ ∈ O ( m deg(det( A ))) ⊆ O ( m d ) [21, Appendix A].Here we obtain, to the best of our knowledge, the bestknown cost bound e O ( m ω ⌈ σ ( A ) /m ⌉ ) ⊆ e O ( m ω d ) for an ar-bitrary shift s . This removes the dependency in µ , whichmeans in some cases a speedup by a factor m . Besides, thisis also an improvement for both specific cases s = and s = h when A has unbalanced degrees.One of the main difficulties in row reduction algorithms isto control the size of the manipulated matrices, that is, thenumber of coefficients from K needed for their dense repre-sentation. A major issue when dealing with arbitrary shiftsis that the size of an s -reduced form of A may be beyondour target cost. This is a further motivation for focusing onthe computation of the s -Popov form of A : by definition,the sum of its column degrees is deg(det( A )), and thereforeits size is at most m + m deg(det( A )), independently of s .Consider for example A = (cid:2) B
00 B (cid:3) for any -reduced B and B in K [ X ] m × m . Then, taking s = (0 , . . . , , d, . . . , d )with d > (cid:2) B
0C B (cid:3) is an s -reduced form of A for any C ∈ K [ X ] m × m with deg( C ) d ; for some C it has sizeΘ( m d ), with d arbitrary large independently of deg( A ).Furthermore, the size of the unimodular transformationleading from A to P may be beyond the target cost, which iswhy fast algorithms for -reduction and Hermite form do notdirectly perform unimodular transformations on A to reducethe degrees of its entries. Instead, they proceed in two steps:first, they work on A to find some equations which describeits row space, and then they find a basis of solutions to theseequations in -reduced form or Hermite form. We will followa similar two-step strategy for an arbitrary shift.t seems that some new ingredient is needed, since for both s = and s = h the fastest algorithms use shift-specificproperties at some point of the process: namely, the factsthat a -reduced form of A has degree at most deg( A ) andthat the Hermite form of A is triangular.As in [17], we first compute the Smith form S of A andpartial information on a right unimodular transformation V ;this is where the probabilistic aspect comes from. This givesa description of the row space of A as the set of row vectors p ∈ K [ X ] × m such that pV = qS for some q ∈ K [ X ] × m .Since S is diagonal, this can be seen as a system of modularequations: the second step is the fast computation of a basisof solutions in s -Popov form, which is our new ingredient. Hereafter, K [ X ] =0 denotes the set of nonzero polynomi-als. We fix some moduli M = ( m , . . . , m n ) ∈ K [ X ] n =0 , andfor A , B ∈ K [ X ] m × n we write A = B mod M if there ex-ists Q ∈ K [ X ] m × n such that A = B + Q diag( M ). Given F ∈ K [ X ] m × n specifying the equations, we call solution for ( M , F ) any p ∈ K [ X ] × m such that pF = 0 mod M .The set of all such p is a K [ X ]-submodule of K [ X ] × m which contains lcm( m , . . . , m n ) K [ X ] × m , and is thus free ofrank m [24, p. 146]. Then, we represent any basis of thismodule as the rows of a matrix P ∈ K [ X ] m × m , called a solu-tion basis for ( M , F ). Here, for example for the applicationto Problem 1, we are interested in such bases that are s -reduced, in which case P is said to be an s -minimal solutionbasis for ( M , F ). The unique such basis which is in s -Popovform is called the s -Popov solution basis for ( M , F ). Problem 2 (Minimal solution basis).
Input: the base field K , moduli M = ( m , . . . , m n ) ∈ K [ X ] n =0 , a matrix F ∈ K [ X ] m × n such that deg( F ∗ ,j ) < deg( m j ) , a shift s ∈ Z m . Output: an s -minimal solution basis for ( M , F ) . Well-known specific cases of this problem are
Hermite-Pad´e approximation with a single equation modulo somepower of X , and M-Pad´e approximation [3, 32] with modulithat are products of known linear factors. Moreover, an s -order basis for F and ( σ , . . . , σ n ) [34] is an s -minimalsolution basis for ( M , F ) with M = ( X σ , . . . , X σ n ).An overview of fast algorithms for Problem 2 is given inTable 2. For M-Pad´e approximation, and thus in particularfor order basis computation, there is an algorithm to com-pute the s -Popov solution basis using e O ( m ω − σ ) operations,with σ = deg( m ) + · · · + deg( m n ) [21]. Here, for n ∈ O ( m ),we extend this result to arbitrary moduli. Theorem
Assuming n ∈ O ( m ) , there is a determin-istic algorithm which solves Problem 2 using e O ( m ω − σ ) fieldoperations, with σ = deg( m ) + · · · + deg( m n ) , and returnsthe s -Popov solution basis for ( M , F ) . We note that Problem 2 is a minimal interpolation ba-sis problem [5, 20] when the so-called multiplication matrix M is block diagonal with companion blocks. Indeed, p isa solution for ( M , F ) if and only if p is an interpolant for ( E , M ) [20, Definition 1.1], where E ∈ K m × σ is the con-catenation of the coefficient vectors of the columns of F and M ∈ K σ × σ is diag( M , . . . , M n ) with M j the companion matrix associated with m j . In this context, the multiplica-tion p · E defined by M as in [5, 20] precisely correspondsto pF mod M .In particular, Theorem 1.4 follows from [20, Theorem 1.4]when σ ∈ O ( m ). If some of the moduli have small degree,we use this result for base cases of our recursive algorithm. Ref. Cost bound Moduli Particularities[3, 32] O ( m σ ) split[4] O ( mσ ) m j = X σ/n partial basis[4] e O ( m ω σ ) m j = X σ/n [14] e O ( m ω σ/n ) m j = X σ/n [30] e O ( m ω ⌈ σ/m ⌉ ) m j = X σ/n partial basis, | s | σ [34] e O ( m ω ⌈ σ/m ⌉ ) m j = X σ/n | s | σ [8] e O ( m ω − σ ),probabilistic any returns a single smalldegree solution[20] e O ( m ω − σ ) split | s | σ [20] e O ( mσ ω − ) any s -Popov, σ ∈ O ( m )[21] e O ( m ω − σ ) split s -Popov Here e O ( m ω − σ ) any s -Popov Table 2: Fast algorithms for Problem 2 ( n ∈ O ( m ); partial basis = returns small degree rows of an s -minimalsolution basis; split = product of known linear factors) . In the case of M-Pad´e approximation, knowing the modulias products of linear factors leads to rewriting the problemas a minimal interpolation basis computation with M inJordan form [5, 20]. Since M is upper triangular, one canthen rely on recurrence relations to solve the problem itera-tively [3, 32, 4, 5]. The fast algorithms in [4, 14, 34, 20, 21],beyond the techniques used to achieve efficiency, are essen-tially divide-and-conquer versions of this iterative solutionand are thus based on the same recurrence relations.However, for arbitrary moduli the matrix M is not trian-gular and there is no such recurrence in general. Then, anatural idea is to relate solution bases to nullspace bases:Problem 2 asks to find P such that there is some quotient Q with [ P | Q ] N = for N = [ F T |− diag( M )] T . More precisely,[ P | Q ] can be obtained as a u -minimal nullspace basis of N for the shift u = ( s − min( s ) , ) ∈ N m + n .Using recent ingredients from [17, 21] outlined in the nextparagraphs, the main remaining difficulty is to deal with thisnullspace problem when n = 1. Here, we give a e O ( m ω − σ )algorithm to solve it using its specific properties: N is thecolumn [ F T | m ] T with deg( F ) < deg( m ) = σ , and the lastentry of u is min( u ). First, when max( u ) ∈ O ( σ ) we showthat [ P | Q ] can be efficiently obtained as a submatrix of the u -Popov order basis for N and order O ( σ ). Then, whenmax( u ) is large compared to σ and assuming u is sorted non-decreasingly, P has a lower block triangular shape. We showhow this shape can be revealed, along with the s -pivot degreeof P , using a divide-and-conquer approach which splits u into two shifts of amplitude about max( u ) / n > n which is classical in such contexts: two solution bases P (1) and P (2) are computed recursively in shifted Popovform and are multiplied together to obtain the s -minimalsolution basis P (2) P (1) for ( M , F ). However this product isusually not in s -Popov form and may have size beyond ourtarget cost. Thus, as in [21], instead of computing P (2) P (1) ,we use P (2) and P (1) to deduce the s -pivot degree of P .In both recursions above, we focus on finding the s -pivotdegree of P . Using ideas and results from [17, 21], we showthat this knowledge about the degrees in P allows us tocomplete the computation of P within the target cost. . FAST COMPUTATION OF THE SHIFTEDPOPOV SOLUTION BASIS Hereafter, we call s -minimal degree of ( M , F ) the s -pivotdegree δ of the s -Popov solution basis for ( M , F ); δ coin-cides with the column degree of this basis. A central resultfor the cost analysis is that | δ | = δ + · · · + δ m is at most σ = deg( m )+ · · · +deg( m n ). This is classical for M-Pad´e ap-proximation [32, Theorem 4.1] and holds for minimal inter-polation bases in general (see for example [20, Lemma 7.17]). This subsection summarizes and slightly extends resultsfrom [17, Section 3]. We first show that the s -Popov solutionbasis for ( M , F ) is the principal m × m submatrix of the u -Popov nullspace basis of [ F T | diag( M )] T for some u ∈ Z m + n . Lemma
Let M = ( m , . . . , m n ) ∈ K [ X ] n =0 , s ∈ Z m , F ∈ K [ X ] m × n with deg( F ∗ ,j ) < deg( m j ) , P ∈ K [ X ] m × m ,and w ∈ Z n be such that max( w ) min( s ) . Then, P isthe s -Popov solution basis for ( M , F ) if and only if [ P | Q ] isthe u -Popov nullspace basis of [ F T | diag( M )] T for some Q ∈ K [ X ] m × n and u = ( s , w ) ∈ Z m + n . In this case, deg( Q ) < deg( P ) and [ P | Q ] has s -pivot index (1 , , . . . , m ) . Proof.
Let N = [ F T | diag( M )] T . It is easily verified that P is a solution basis for ( M , F ) if and only if there is some Q ∈ K [ X ] m × n such that [ P | Q ] is a nullspace basis of N .Now, having deg( F ∗ ,j ) < deg( m j ) implies that any [ p | q ] ∈ K [ X ] × ( m + n ) in the nullspace of N satisfies deg( q ) < deg( p ),and since max( w ) min( s ) we get rdeg w ( q ) < rdeg s ( p ). Inparticular, for any matrix [ P | Q ] ∈ K [ X ] m × ( m + n ) such that[ P | Q ] N = 0, we have lm u ([ P | Q ]) = [lm s ( P ) | ]. This im-plies that P is in s -Popov form if and only if [ P | Q ] is in u -Popov form with s -pivot index (1 , . . . , m ).We now show that, when we have a priori knowledgeabout the s -pivot entries of a s -Popov nullspace basis, itcan be computed efficiently via an s -Popov order basis. Lemma
Let s ∈ Z m + n and let N ∈ K [ X ] ( m + n ) × n beof full rank. Let B ∈ K [ X ] m × ( m + n ) be the s -Popov nullspacebasis for N , ( π , . . . , π m ) be its s -pivot index, ( δ , . . . , δ m ) beits s -pivot degree, and δ > deg( B ) be a degree bound. Then,let u = ( u , . . . , u m + n ) ∈ Z m + n with u j = ( − δ − if j
6∈ { π , . . . , π m } , − δ i if j = π i . Writing ( σ , . . . , σ n ) for the column degree of N , let τ j = σ j + δ + 1 for j n and let A be the u -Popov orderbasis for N and ( τ , . . . , τ n ) . Then, B is the submatrix of A formed by its rows at indices { π , . . . , π m } . Proof.
First, B is in u -Popov form with rdeg u ( B ) = .Define C ∈ K [ X ] ( m + n ) × ( m + n ) whose i -th row is B j, ∗ if i = π j and A i, ∗ if i
6∈ { π , . . . , π m } : we want to prove C = A .Let p = [ p j ] j ∈ K [ X ] × ( m + n ) be a row of A , and assumerdeg u ( p ) <
0. This means deg( p j ) < − u j for all j , so thatdeg( p ) < max( − u ) = δ + 1. Then, for all 1 j n we havedeg( pN ∗ ,j ) < σ j + δ + 1 = τ j , and from pN ∗ ,j = 0 mod X τ j we obtain pN ∗ ,j = 0, which is absurd by minimality of B .As a result, rdeg u ( A ) > = rdeg u ( B ) componentwise.Besides, CF = 0 mod ( X τ , . . . , X τ n ) and since C has its u -pivot entries on the diagonal, it is u -reduced: by minimal-ity of A , we obtain rdeg u ( A ) = rdeg u ( C ). Then, it is easilyverified that C is in u -Popov form, hence C = A . In particular, computing the s -Popov nullspace basis B ,when its s -pivot index, its s -pivot degree, and δ > deg( B )are known, can be done in e O ( m ω − ( σ + nδ )) with σ = σ + · · · + σ n using the order basis algorithm in [21].As for Problem 2, with Lemma 2.1 this gives an algorithmfor computing P and the quotients Q = − PF / diag( M )when we know a priori the s -minimal degree δ of ( M , F ).Here, we would choose δ = max( δ ) > deg([ P | Q ]): in somecases δ = Θ( σ ) and this has cost bound e O ( m ω − ( σ + nσ )),which exceeds our target e O ( m ω − σ ). An issue is that Q hassize O ( mnσ ) when P has columns of large degree; yet herewe are not interested in Q . This can be solved using partiallinearization to expand the columns of large degree in P intomore columns of smaller degree as in the next result, whichholds in general for interpolation bases [21, Lemma 4.2]. Lemma
Let M ∈ K [ X ] n =0 with entries having degrees ( σ , . . . , σ n ) . Let F ∈ K [ X ] m × n and s ∈ Z m . Furthermore,let δ = ( δ , . . . , δ m ) denote the s -minimal degree of ( M , F ) .Writing σ = σ + · · · + σ n , let δ = ⌈ σ/m ⌉ > , and for i ∈ { , . . . , m } write δ i = ( α i − δ + β i with α i > and β i < δ , and let e m = α + · · · + α m . Define e δ ∈ N e m as e δ = ( δ, . . . , δ, β | {z } α , . . . , δ, . . . , δ, β m | {z } α m ) (2) and the expansion-compression matrix E ∈ K [ X ] e m × m as E = X δ ... X ( α − δ ... X δ ... X ( αm − δ . (3) Let d = − e δ ∈ Z e m and P ∈ K [ X ] e m × e m be the d -Popov solu-tion basis for ( M , E F mod M ) . Then, P has d -pivot degree e δ and the s -Popov solution basis for ( M , F ) is the submatrixof P E formed by its rows at indices { α + · · · + α i , i m } . This leads to Algorithm 1, which solves Problem 2 effi-ciently when the s -minimal degree δ is known a priori . Algorithm 1 (KnownDegPolModSys).
Input: polynomials M = ( m , . . . , m n ) ∈ K [ X ] n =0 , a matrix F ∈ K [ X ] m × n with deg( F ∗ ,j ) < deg( m j ), a shift s ∈ Z m , δ = ( δ , . . . , δ m ) the s -minimal degree of ( M , F ). Output: the s -Popov solution basis for ( M , F ). δ ← ⌈ (deg( m ) + · · · + deg( m n )) /m ⌉ , α i ← ⌊ δ i /δ ⌋ + 1 for 1 i m , e m ← α + · · · + α m , e δ as in (2), E as in (3), e F ← E F mod M
2. u ← ( − e δ , − δ − , . . . , − δ − ∈ Z e m + n τ ← (deg( m j ) + δ + 1) j n e P ← the u -Popov order basis for [ e F T | diag( M )] T and τ P ← the principal e m × e m submatrix of e P4.
Return the submatrix of P E formed by the rows atindices α + · · · + α i for 1 i m Proposition
Algorithm
KnownDegPolModSys iscorrect. Writing σ = deg( m ) + · · · + deg( m n ) and assuming σ > m > n , it uses e O ( m ω − σ ) operations in K . Proof.
By Lemmas 2.3 and 2.1, since min( − e δ ) > − δ − u = ( − e δ , − δ − , . . . , − δ − − δ -Popov solutionasis for ( M , e F ) is the principal e m × e m submatrix of the u -Popov nullspace basis B for [ e F T | diag( M )] T , and B has u -pivot index { , . . . , e m } , u -pivot degree e δ , and deg( B ) δ .Then, by Lemma 2.2, B is formed by the first e m rows of e P at Step , hence P is the d -Popov solution basis for ( M , F ).The correctness then follows from Lemma 2.3.Since | δ | σ , E has e m m rows and E F mod M can becomputed in e O ( mσ ) operations using fast polynomial divi-sion [13]. The cost bound of Step follows from [21, Theo-rem 1.4] since τ + · · · + τ n = σ + n (1 + ⌈ σ/m ⌉ ) ∈ O ( σ ). We now present our main new ingredients, focusing onthe case n = 1. First, we show that when the shift s has asmall amplitude amp( s ) = max( s ) − min( s ), one can solveProblem 2 via an order basis computation at small order. Lemma
Let m ∈ K [ X ] =0 , s ∈ Z m , and F ∈ K [ X ] m × with deg( F ) < deg( m ) = σ . Then, for any τ > amp( s ) + 2 σ ,the s -Popov solution basis for ( m , F ) is the principal m × m submatrix of the u -Popov order basis for [ F T | m ] T and τ , with u = ( s , min( s )) ∈ Z m +1 . Proof.
Let A = (cid:2) P qp q (cid:3) denote the u -Popov order basisfor [ F T | m ] T and τ , where P ∈ K [ X ] m × m and q ∈ K [ X ].Consider B = [ ¯ P | ¯ q ] the u -Popov nullspace basis of [ F T | m ] T :thanks to Lemma 2.1, it is enough to prove that B = [ P | q ].First, we have rdeg( p ) deg( q ) by choice of u , so that q m = 0 implies deg( pF + q m ) = deg( q )+ σ . Since pF + q m =0 mod X τ , this gives deg( q ) + σ > τ . This also shows thatthe u -pivot entries of B are located in ¯ P .Then, since the sum of the u -pivot degrees of A is at most τ , the sum of the s -pivot degrees of P is at most σ ; with [ P | q ]in u -Popov form, this gives deg( q ) < σ + amp( s ) τ − σ .We obtain deg( PF + q m ) < τ , so that PF + q m = 0. Thus,the minimality of B and A gives the conclusion.When amp( s ) ∈ O ( σ ), this gives a fast solution to ourproblem. In what follows, we present a divide-and-conquerapproach on amp( s ), with base case amp( s ) ∈ O ( σ ).We first give an overview, assuming s is non-decreasing.A key ingredient is that when amp( s ) is large compared to σ , then P has a lower block triangular shape, since it is in s -Popov form with sum of s -pivot degrees | δ | σ . Typi-cally, if s i +1 − s i > σ for some i then P = h P (1) ∗ P (2) i with P (1) ∈ K [ X ] i × i . Even though the block sizes are unknown ingeneral, we show that they can be revealed efficiently alongwith δ by a divide-and-conquer algorithm, as follows.First, we use a recursive call with the first j entries s (0) of s and F (0) of F , where j is such that amp( s (0) ) is abouthalf of amp( s ). This reveals the first i j entries δ (1) of δ and the first i rows [ P (1) | ] of P , with P (1) ∈ K [ X ] i × i .A central point is that amp( s (2) ) is about half of amp( s ) aswell, where s (2) is the tail of s starting at the entry i + 1.Then, knowing the degrees δ (1) allows us to set up anorder basis computation that yields a residual , that is, acolumn G ∈ K [ X ] ( m − i ) × and a modulus n such that wecan continue the computation of P using a second recursivecall, which consists in computing the s (2) -Popov solutionbasis for ( n , G ). From these two calls we obtain δ , and thenwe recover P using Algorithm 1.Now we present the details. We fix F ∈ K [ X ] m × , m ∈ K [ X ] =0 with σ = deg( m ) > deg( F ), s ∈ Z m , P the s -Popov solution basis for ( m , F ), and δ its s -pivot degree. In whatfollows, π s = ( π , . . . , π m ) is any permutation of { , . . . , m } such that ( s π , . . . , s π m ) is non-decreasing.Then, for t = ( t , . . . , t m ) ∈ Z m we write t [ i : j ] for the sub-tuple of t formed by its entries at indices { π i , . . . , π j } , andfor a matrix M ∈ K [ X ] m × m we write M [ i : j,k : l ] for the sub-matrix of M formed by its rows at indices { π i , π i +1 , . . . , π j } and columns at indices { π k , π k +1 , . . . , π l } . The main ideasin this subsection can be understood by focusing on the caseof a non-decreasing s , taking π i = i for all i : then we have t [ i : j ] = ( t i , t i +1 , . . . , t j ) and M [ i : j,k : l ] = ( M u,v ) i u j,k v l .We now introduce the notion of splitting index, which willhelp us to locate zero blocks in P . Definition 2.6 (Splitting index).
Let d ∈ N m , t ∈ Z m and π t = ( µ i ) i . Then, i ∈ { , . . . , m − } is a splittingindex for ( d , t ) if d µ j + t µ j − t µ i +1 < for all j ∈ { , . . . , i } . In particular, if i is a splitting index for ( δ , s ), then wehave [ P [: i, : i ] | P [: i,i +1:] ] = [ P [: i, : i ] | ]. Our algorithm first looksfor such a splitting index, and then uses P [: i,i +1:] = to splitthe problem into two subproblems of dimensions i and m − i .To find a splitting index, we rely on the following property:if ( d , t ) does not admit a splitting index, then | d | > amp( t ).This allows us to partition s into ℓ subtuples which all con-tain a splitting index, as follows.Given α ∈ Z > we let ℓ = 1+ ⌊ amp( s ) /α ⌋ and we considerthe subtuples s , . . . , s ℓ of s where s k consists of the entriesof s in { min( s ) + ( k − α, . . . , min( s ) + kα − } ; this givesa subroutine Partition ( s , α ) = ( s , . . . , s ℓ ). Now we take α > σ and we assume s π i +1 − s π i σ for 1 i < m withoutloss of generality [21, Appendix A]. Then, for 1 k < ℓ ,since | δ | σ and amp( t ) > σ with t = ( s k , min( s k +1 )), bythe above remark s k contains a splitting index for ( δ , s ).Still, we do not know in advance which entries of s k cor-respond to splitting indices for ( δ , s ). Thus we recursivelycompute the s -Popov solution basis P (0) for s , . . . , s ℓ/ , andwe are now going to prove that this gives us a splitting indexwhich divides the computation into two subproblems, thefirst of which has been already solved by computing P (0) . Lemma
Let j ∈ { , . . . , m } , s (0) = s [: j ] , P (0) be the s (0) -Popov solution basis for ( m , F [: j ] ) , and δ (0) be its s (0) -pivot degree. Suppose that there is a splitting index i j for ( δ (0) , s (0) ) . Let P (1) ∈ K [ X ] i × i be the s (1) -Popov solu-tion basis for ( m , F [: i ] ) with s (1) = s [: i ] , and let δ (1) be its s (1) -pivot degree. Then i is a splitting index for ( δ , s ) and P [: i, : i ] = P (1) = P (0)[: i, : i ] , hence δ [: i ] = δ (1) = δ (0)[: i ] (where P (0) and δ (0) are indexed by { π , . . . , π j } sorted increasingly). Proof.
Since i is a splitting index for ( δ (0) , s (0) ) we have[ P (0)[: i, : i ] | P (0)[: i,i +1:] ] = [ Q | ] for some Q ∈ K [ X ] i × i . Now, forany B ∈ K [ X ] m × m with [ B [: i, : i ] | B [: i,i +1:] ] = [ P (1) | ], B [: i, :] is in s -Popov form with its rows being solutions for ( M , F ).Then, by minimality of P , P [: i, :] has s -pivot degree at most δ (1) componentwise, so that i is also a splitting index for( δ , s ), and in particular [ P [: i, : i ] | P [: i,i +1:] ] = [ R | ] for some R ∈ K [ X ] i × i . It remains to prove that Q = R = P (1) .Since RF [: i ] = 0 mod m and R = P [: i, : i ] is in s (1) -Popovform, proving that all solutions p ∈ K [ X ] × i for ( m , F [: i ] )are in the row space of R is enough to obtain R = P (1) .Since q ∈ K [ X ] × m defined by [ q [: i ] | q [ i +1:] ] = [ p | ] is a so-lution for ( m , F ), q = λ P for some λ ∈ K [ X ] × m . Now P isnonsingular, thus P [: i,i +1:] = implies that [ λ [: i ] | λ [ i +1:] ] = µ | ] with µ ∈ K [ X ] × i , hence p = q [: i ] = λ [: i ] P [: i, : i ] + λ [ i +1:] P [ i +1: , : i ] = µ Q . Similar arguments give Q = P (1) .The next two lemmas show that knowing δ (1) , which is δ [: i ] , allows us to compute a so-called residual ( n , G ) fromwhich we can complete the computation of δ and P . Lemma
Let s (2) = s [ i +1:] , d = − δ (1) + min( s (2) ) − σ ∈ Z i , v ∈ Z m be such that [ v [: i ] | v [ i +1:] ] = [ d | s (2) ] , and u = ( v , min( d )) ∈ Z m +1 . Let (cid:2) A qp q (cid:3) be the u -Popov orderbasis for [ F T | m ] T and σ , where A ∈ K [ X ] m × m and q ∈ K [ X ] . Then we have deg( q ) > σ , A [: i,i +1:] = , p [ i +1:] = ,and [ A [: i, : i ] | q [: i ] ] = [ P (1) | q (1) ] with q (1) = − P (1) F [: i ] / m . Proof.
Since u = ( v , min( v )) we have deg( p ) deg( q ),and since deg( F ) < deg( m ) the degree of pF + q m is deg( q )+ σ ; then pF + q m = 0 mod X σ implies deg( q )+ σ > σ . Now,since A is in v -Popov form and deg( A ) σ − deg( q ) < σ ,from min( s (2) ) > max( d )+2 σ we get A [: i,i +1:] = . Besides, p [ i +1:] = since either deg( q ) < σ and then min( s (2) ) > min( d )+deg( q ), or A is the identity matrix and then p = .Furthermore, by Lemma 2.1 [ P (1) | q (1) ] is the ( d , min( d ))-Popov nullspace basis for [ F T [: i ] | m ] T , with ( d , min( d ))-pivotindex { , . . . , i } , ( d , min( d ))-pivot degree δ (1) and degree atmost max( δ (1) ). Then, as in the proof of Lemma 2.2, onecan show that [ A [: i, : i ] | q [: i ] ] = [ P (1) | q (1) ].Thus, up to row and column permutations this order basisis (cid:20) P (1) (1) ∗ P (2) ∗∗ q (cid:21) with P (2) = A [ i +1: ,i +1:] ∈ K [ X ] ( m − i ) × ( m − i ) in s (2) -Popov form; let δ (2) denote its s (2) -pivot degree. Lemma
Let n = X − σ ( p [ i +1:] F [ i +1:] + q m ) ∈ K [ X ] and G = X − σ ( A [ i +1: , :] F + q [ i +1:] m ) ∈ K [ X ] ( m − i ) × . Then, deg( G ) < deg( n ) σ −| δ (1) |−| δ (2) | . Let P (3) be the t -Popovsolution basis for ( n , G ) with t = rdeg s (2) ( P (2) ) and δ (3) beits t -pivot degree. Then, ( δ [: i ] , δ [ i +1:] ) = ( δ (1) , δ (2) + δ (3) ) . Proof.
The sum | δ (1) | + | δ (2) | + deg( q ) of the u -pivotdegrees of (cid:2) A qp q (cid:3) is at most the order 2 σ . Thus, we havedeg( n ) = deg( q ) − σ σ − | δ (1) | − | δ (2) | , deg( A [ i +1: , : i ] ) < | δ (1) | σ , deg( A [ i +1: ,i +1:] ) | δ (2) | σ , and deg( q [ i +1:] ) < deg( q ). This implies deg( G ) < deg( q ) − σ = deg( n ).Let q (3) = − P (3) G / n and t = rdeg u ([ p | q ]) = deg( q ) +min( d ) min( s (2) ) min( t ). By Lemma 2.1, [ P (3) | q (3) ] isthe ( t , t )-Popov nullspace basis for [ G T | n ] T . Defining B ∈ K [ X ] m × m and c ∈ K [ X ] m × by h B [: i, : i ] B [: i,i +1:] c [: i ] B [ i +1: , : i ] B [ i +1: ,i +1:] c [ i +1:] i = h I 0 00 P (3) q (3) i , then [ B c ] (cid:2) A qp q (cid:3) is a u -minimal nullspace ba-sis of [ F T | m ] T [36, Theorem 3.9]. Thus Lemma 2.1 impliesthat ¯ P = [ B c ] (cid:2) Ap (cid:3) is a v -minimal solution basis for ( m , F ).It is easily checked that P is in v -Popov form, so that the v -Popov form of ¯ P is P and its v -pivot degree is δ . Besides h ¯ P [: i, : i ] ¯ P [: i,i +1:] ¯ P [ i +1: , : i ] ¯ P [ i +1: ,i +1:] i = h P (1) (3) A , + q (3) A , P (3) P (2) i , so that( δ [: i ] , δ [ i +1:] ) = ( δ (1) , δ (2) + δ (3) ) [21, Section 3].This results in Algorithm 2. It takes as input α whichdictates the amplitude of the subtuples that partition s ; asmentioned above, the initial call can be made with α = 2 σ . Proposition
Algorithm
PolModSysOne is cor-rect and uses e O ( m ω − σ ) operations in K . Proof.
The correctness follows from the results in thissubsection. By [21, Theorem 1.4], each leaf of the recursionat Step in dimension m uses e O ( m ω − α ) operations. Algorithm 2 (PolModSysOne).
Input: a polynomial m ∈ K [ X ] =0 of degree σ , a column F ∈ K [ X ] m × with deg( F ) < deg( m ), a shift s ∈ Z m , aparameter α ∈ Z > with α > σ . Output: the s -Popov solution basis for ( m , F ) and the s -minimal degree δ of ( m , F ). If amp( s ) α : a. A ← the ( s , min( s ))-Popov order basis for [ F T | m ] T and 2 α + 2 σ ; return the principal m × m submatrixof A and the degrees of its diagonal entries Else: /* ℓ = 1 + ⌊ amp( s ) /α ⌋ > */ a. ( s , . . . , s ℓ ) ← Partition ( s , α ), j ← sum of the lengths of s , . . . , s ⌈ ℓ/ ⌉ , s (0) ← s [: j ] ,( P (0) , δ (0) ) ← PolModSysOne ( m , F [: j ] , s (0) , α ) b. i ← the largest splitting index for ( δ (0) , s (0) ), δ (1) ← δ (0)[: i ] , s (2) ← s [ i +1:] , d = − δ (1) + min( s (2) ) − σ , v ∈ Z m with [ v [: i ] | v [ i +1:] ] ← [ d | s (2) ], u = ( v , min( d )) c. (cid:2) A qp q (cid:3) ← u -Popov order basis for [ F T | m ] T and 2 σ , δ (2) ← the s (2) -pivot degree of A [ i +1: ,i +1:] G ← X − σ ( A [ i +1: , :] F + q [ i +1:] m ), n ← X − σ ( p [ i +1:] F [ i +1:] + q m ). d. t ← s (2) + δ (2) = rdeg s (2) ( A [ i +1: ,i +1:] ),( P (3) , δ (3) ) ← PolModSysOne ( n , G , t , α ) e. δ ∈ N m with ( δ [: i ] , δ [ i +1:] ) ← ( δ (1) , δ (2) + δ (3) ) P ← KnownDegPolModSys ( m , F , s , δ ) f. Return ( P , δ )Running the algorithm with initial input α = 2 σ , the re-cursive tree has depth O (log( ℓ )) = O (log(1 + amp( s ) / σ )),with amp( s ) / σ ∈ O ( m ) [21, Appendix A]. All recursivecalls are for a modulus of degree σ < α . The order ba-sis computation at Step uses e O ( m ω − σ ) operations; thecomputation of G and n at Step can be done in time e O ( m ω − σ ) using partial linearization as in Lemma 2.11 be-low; Step uses e O ( m ω − σ ) operations by Proposition 2.4.On a given level of the tree, the sum of the dimensions ofthe column vector in input of each sub-problem is in O ( m ).Since a ω − + b ω − ( a + b ) ω − for all a, b >
0, each level ofthe tree uses a total of e O ( m ω − α ) operations. Now that we have an efficient algorithm for n = 1, ourmain algorithm uses a divide-and-conquer approach on n .Similarly to [21, Algorithm 1], from the two bases obtainedrecursively we first deduce the s -minimal degree δ , and thenwe use this knowledge to compute P with Algorithm 1.When σ = deg( m ) + · · · + deg( m n ) ∈ O ( m ), we rely onthe algorithm LinearizationMIB in [20, Algorithm 9].The computation of the so-called residual at Step canbe done efficiently using partial linearization, as follows.
Lemma
Let M = ( m j ) j ∈ K [ X ] n =0 , P ∈ K [ X ] m × m , F ∈ K [ X ] m × n with m > n and deg( F ∗ ,j ) < σ j = deg( m j ) ,and let σ > m such that σ > σ + · · · + σ n and | cdeg( P ) | σ .Then PF mod M can be computed in e O ( m ω − σ ) operations. Proof.
Using notation from Lemma 2.3, we let e P ∈ K [ X ] m × e m such that P = e P E and deg( e P ) < ⌈| cdeg( P ) | /m ⌉ .As above, e F = E F mod M can be computed in time e O ( mσ ).Here we want to compute PF mod M = e P e F mod M . lgorithm 3 (PolModSys). Input: polynomials M = ( m , . . . , m n ) ∈ K [ X ] n =0 , a matrix F ∈ K [ X ] m × n with deg( F ∗ ,j ) < deg( m j ), a shift s ∈ Z m . Output: the s -Popov solution basis for ( M , F ) and the s -minimal degree δ of ( M , F ). If σ = deg( m ) + · · · + deg( m n ) m : a. Build E ∈ K m × σ and M ∈ K σ × σ as in Section 1.2 b. Return
LinearizationMIB ( E , M , s , ⌈ log ( σ ) ⌉ ) Else if n = 1: Return PolModSysOne ( m , F , s , σ ) Else: a. M (1) , F (1) ← ( m , . . . , m ⌊ n/ ⌋ ), F ∗ , ... ⌊ n/ ⌋ M (2) , F (2) ← ( m ⌊ n/ ⌋ +1 , . . . , m n ), F ∗ , ⌊ n/ ⌋ +1 ...n b. P (1) , δ (1) ← PolModSys ( M (1) , F (1) , s ) c. R ← P (1) F (2) mod M (2) d. P (2) , δ (2) ← PolModSys ( M (2) , R , rdeg s ( P (1) )) e. P ← KnownDegPolModSys ( M , F , s , δ (1) + δ (2) ) f. Return ( P , δ (1) + δ (2) )We have deg( e P ) ⌈ σ/m ⌉ σ/m . Since | cdeg( e F ) | < σ and n m e m m , e F can be partially linearized into O ( m ) columns of degree O ( σ/m ). Then, e P e F is computed in e O ( m ω − σ ) operations. The j -th column of e P e F has e m m rows and degree less than σ j +2 σ/m : it can be reduced mod-ulo m j in e O ( σ + mσ j ) operations [13, Chapter 9]; summingover 1 j n with n m , this is in e O ( mσ ). Proof of Theorem 1.4.
The correctness and the cost e O ( m ω − σ ) for Steps and of Algorithm 3 follow from [20,Theorem 1.4] and Proposition 2.10. With the costs of Steps and given in Proposition 2.4 and Lemma 2.11, weobtain the announced cost bound.Now, using notation in Step , suppose P (1) and P (2) arethe s - and rdeg s ( P (1) )-Popov solution bases for ( M (1) , F (1) )and ( M (2) , R ). Then P (2) P (1) is a solution basis for ( M , F ):if p is a solution for ( M , F ), it is one for ( M (1) , F (1) ) andthus p = λ P (1) for some λ , and it is one for ( M (2) , F (2) )so that pF (2) = λ P (1) F (2) = λ R = mod M (2) and thus λ = µ P (2) for some µ ; then p = µ P (2) P (1) .Then P (2) P (1) is an s -minimal solution basis for ( M , F )and its s -Popov form has s -pivot degree δ (1) + δ (2) [21, Sec-tion 3]. The correctness follows from Proposition 2.4.
3. FAST COMPUTATION OF THE SHIFTEDPOPOV FORM OF A MATRIX3.1 Fast shifted Popov form algorithm
Our fast method for computing the s -Popov form of anonsingular A ∈ K [ X ] m × m uses two steps, as follows. Compute the Smith form of A , giving the moduli M , anda corresponding right unimodular transformation, givingthe equations F , so that A is a solution basis for ( M , F ). Find the s -Popov solution basis for ( M , F ).We first show the correctness of this approach. Lemma
Let A ∈ K [ X ] m × m be nonsingular and S = UAV be the Smith form of A with U and V unimodular. Let M ∈ K [ X ] m =0 and F ∈ K [ X ] m × m be such that S = diag( M ) and F = V mod M . Then A is a solution basis for ( M , F ) . Proof.
Let p ∈ K [ X ] × m . If p is in the row space of A then p is a solution for ( M , F ) since AV = U − S with U − over K [ X ]. Now if pF = 0 mod M , then pV = qS for some q and p = qUA is in the row space of A .Concerning the cost of Step , such M and F can be ob-tained in expected e O ( m ω deg( A )) operations, by computing a row reduced form of A [16, Theorem 18], diag( M ) the Smith form of R [29, Algorithm 12], ( ∗ , F ) a reduced Smith transform for R [15, Figure 3.2];as in [15, Figure 6.1], Steps and should be performedin conjunction with the preconditioning techniques detailedin [23]. One may take for M only the nontrivial Smith fac-tors, and for F only the nonzero columns of the transform.The product of the moduli in M is det( A ) so that thesum of their degrees is deg(det( A )). Then, according toTheorem 1.4, Step of the algorithm outlined above costs e O ( m ω − deg(det( A ))) operations. Thus this algorithm solvesProblem 1 in expected e O ( m ω deg( A )) field operations. In this subsection, we use the partial linearization tech-niques from [16, Section 6] to prove the following result.
Proposition
Let A ∈ K [ X ] m × m be nonsingular andlet s ∈ Z m . With no field operation, one can build a nonsin-gular e A ∈ K [ X ] e m × e m and a shift u ∈ Z e m such that e m m , deg( e A ) ⌈ σ ( A ) /m ⌉ , and the s -Popov form of A is theprincipal m × m submatrix of the u -Popov form of e A . With the algorithm in the previous subsection, this impliesTheorem 1.3. In the specific case of Hermite form computa-tion, for which there is a deterministic algorithm with costbound e O ( m ω deg( A )) [35], one can verify that this leads to a deterministic algorithm using e O ( m ω ⌈ σ ( A ) /m ⌉ ) operations.(However, for s = this does not give a e O ( m ω ⌈ σ ( A ) /m ⌉ ) deterministic algorithm for the Popov form using [16, 28],since the corresponding u is ( , t, . . . , t ) with t > deg( A ).) Definition 3.3 (Column partial linearization).
Let A ∈ K [ X ] m × m and δ = ( δ i ) i ∈ N m . Then let δ =1+ ⌊ ( δ + · · · + δ m ) /m ⌋ , let α i > and β i < δ be such that δ i = ( α i − δ + β i for i m , let e m = α + · · · + α m , andlet E = [ I | E T ] T ∈ K [ X ] e m × m be the expansion-compressionmatrix with I the identity matrix and E = X δ ... X ( α − δ ... X δ ... X ( αm − δ . (4) The column partial linearization L c δ ( A ) ∈ K [ X ] e m × e m of A is defined as follows: • the first m rows of L c δ ( A ) form the unique matrix e A ∈ K [ X ] m × e m such that A = e A E and e A has all columnsof degree less than δ except possibly those at indices m + ( α −
1) + · · · + ( α i − for i m , • for i m , the row m +( α − · · · +( α i − − of L c δ ( A ) is [0 , . . . , , − X δ , , . . . , , , , . . . , where − X δ is at index i and is on the diagonal, for i m and j α i − , the row m +( α − · · · +( α i − − j of L c δ ( A ) is [0 , . . . , , − X δ , , , . . . , where is on the diagonal. Defining the row partial linearization L r δ ( A ) of A simi-larly, both linearizations are related by L r δ ( A ) = L c δ ( A T ) T .Now we show that for a well-chosen u , one can directlyread the s -Popov form of A as a submatrix of the u -Popovform of L r δ ( A ) (resp. L c δ ( A )). Lemma
Let A ∈ K [ X ] m × m be nonsingular, s ∈ Z m , P be the s -Popov form of A , and δ ∈ N m . We have that:(i) if e m is the dimension of L r δ ( A ) and u = ( s , t, . . . , t ) is in Z e m with t > max( s ) + deg( P ) , then the u -Popovform of L r δ ( A ) is (cid:20) P 0 ∗ I (cid:21) ;(ii) if e m is the dimension of L c δ ( A ) , E is as in (4) , and u = ( s , t ) ∈ Z e m for any t ∈ Z e m − m , then the u -Popovform of L c δ ( A ) (cid:20) I 0E I (cid:21) is (cid:20) P 00 I (cid:21) ;(iii) if e m is the dimension of L c δ ( A ) and u = ( s , t, . . . , t ) is in Z e m with t > max( s ) + deg( P ) , then the u -Popovform of L c δ ( A ) is (cid:20) P 0 ∗ I (cid:21) . Proof. ( i ) L r δ ( A ) is left-unimodularly equivalent to [ A 0B I ]for some B ∈ K [ X ] ( e m − m ) × m [16, Theorem 10 (i)]. Then, let R be the remainder of B modulo P , that is, the uniquematrix in K [ X ] ( e m − m ) × m which has column degree boundedby the column degree of P componentwise and such that R = B + QP for some matrix Q (see for example [22, The-orem 6.3-15], noting that P is -column reduced).Let W denote the unimodular matrix such that P = WA .Then, [ W 0QW I ][ A 0B I ] = [
P 0R I ] is left-unimodularly equivalentto L r δ ( A ). Besides, since deg( R ) < deg( P ), we have that[ P 0R I ] is in u -Popov form by choice of t .( ii ) The matrix [ P 00 I ] is obviously in u -Popov form: itremains to prove that it is left-unimodularly equivalent to L c δ ( A )[ I 0E I ]. Let T denote the trailing principal submatrix T = L c δ ( A ) m +1 ... e m,m +1 ... e m , and let W be the unimodularmatrix such that WP = A . Then, T is unit lower trian-gular, thus unimodular, and by construction of L c δ ( A ), forsome matrix B we have L c δ ( A )[ I 0E I ] = [
A B0 T ] = [
W B0 T ][ P 00 I ].( iii ) From ( ii ), L c δ ( A ) is left-unimodularly equivalent to[ P 00 I ][ I 0 − E I ] = [
P 0 − E I ]. Using arguments in the proof of ( i )above, by choice of t the u -Popov form of [ P 0 − E I ] is [
P 0R I ]with R the remainder of − E modulo P .In the usual case where deg( P ) is not known a priori , onemay choose t using the inequality deg( P ) deg(det( P )) =deg(det( A )) m deg( A ).This result implies Proposition 3.2 thanks to the followingremark from [16]. Let π , π be permutation matrices suchthat B = π A π = [ b i,j ] ij satisfies deg( b i,i ) > deg( b j,k ) forall j, k > i and 1 i m . Defining d = ( d i ) i ∈ N m by d i =deg( b i,i ) = (cid:26) deg( b i,i ) if b i,i = 00 otherwise , we have d + · · · + d m σ ( A ) by definition of σ ( A ) in (1). Let δ = π − d , where d is seen as a column vector, and γ = cdeg( L r δ ( A )). Thenthe matrix e A = L c γ ( L r δ ( A )) is e m × e m with e m < m , andwe have deg( e A ) ⌈ σ ( A ) /m ⌉ [16, Corollary 3]. Lemma 3.4further shows that the s -Popov form of A is the principal m × m submatrix of the u -Popov form of e A , for the shift u = ( s , t, . . . , t ) ∈ Z e m with t = max( s ) + m deg( A ). Acknowledgements.
The author sincerely thanks theanonymous reviewers for their careful reading and detailedcomments, which were very helpful for preparing the finalversion of this paper. He also thanks C.-P. Jeannerod, G.Labahn, ´E. Schost, A. Storjohann, and G. Villard for theirinteresting and useful comments. The author gratefully ac-knowledges financial support provided through the inter-national mobility grants
Explo’ra Doc from R´egion Rhˆone-Alpes , PALSE , and
Mitacs Globalink - Inria .
4. REFERENCES [1] M. Alekhnovich. Linear Diophantine equations over polynomials and softdecoding of Reed-Solomon codes. In
FOCS’02 , pages 439–448. IEEE, 2002.[2] M. Alekhnovich. Linear Diophantine equations over polynomials and softdecoding of Reed-Solomon codes.
IEEE Trans. Inf. Theory , 51(7):2257–2265,July 2005.[3] B. Beckermann. A reliable method for computing M-Pad´e approximants onarbitrary staircases.
J. Comput. Appl. Math. , 40(1):19–42, 1992.[4] B. Beckermann and G. Labahn. A uniform approach for the fastcomputation of matrix-type Pad´e approximants.
SIAM J. Matrix Anal. Appl. ,15(3):804–823, July 1994.[5] B. Beckermann and G. Labahn. Fraction-free computation of matrixrational interpolants and matrix gcds.
SIAM J. Matrix Anal. Appl. ,22(1):114–144, 2000.[6] B. Beckermann, G. Labahn, and G. Villard. Normal forms for generalpolynomial matrices.
J. Symbolic Comput. , 41(6):708–737, 2006.[7] P. Busse.
Multivariate List Decoding of Evaluation Codes with a Gr¨obner BasisPerspective . PhD thesis, University of Kentucky, 2008.[8] M. Chowdhury, C.-P. Jeannerod, V. Neiger, ´E. Schost, and G. Villard.Faster algorithms for multivariate interpolation with multiplicities andsimultaneous polynomial approximations.
IEEE Trans. Inf. Theory ,61(5):2370–2387, 2015.[9] H. Cohn and N. Heninger. Approximate common divisors via lattices. In
Tenth Algorithmic Number Theory Symposium , pages 271–293. MathematicalSciences Publishers (MSP), 2012-2013.[10] H. Cohn and N. Heninger. Ideal forms of Coppersmith’s theorem andGuruswami-Sudan list decoding.
Advances in Mathematics of Communications ,9(3):311–339, 2015.[11] D. Coppersmith and S. Winograd. Matrix multiplication via arithmeticprogressions.
J. Symbolic Comput. , 9(3):251–280, 1990.[12] C. Devet, I. Goldberg, and N. Heninger. Optimally robust privateinformation retrieval. Cryptology ePrint Archive, Report 2012/083, 2012.[13] J. von zur Gathen and J. Gerhard.
Modern Computer Algebra (third edition) .Cambridge University Press, 2013.[14] P. Giorgi, C.-P. Jeannerod, and G. Villard. On the complexity ofpolynomial matrix computations. In
ISSAC’03 , pages 135–142. ACM, 2003.[15] S. Gupta. Hermite forms of polynomial matrices. Master’s thesis,University of Waterloo, 2011.[16] S. Gupta, S. Sarkar, A. Storjohann, and J. Valeriote. Triangular x -basisdecompositions and derandomization of linear algebra algorithms over K [ x ]. J. Symbolic Comput. , 47(4):422–453, 2012.[17] S. Gupta and A. Storjohann. Computing Hermite forms of polynomialmatrices. ISSAC’11, pages 155–162. ACM, 2011.[18] J. L. Hafner and K. McCurley. Asymptotically fast triangularization ofmatrices over rings.
SIAM Journal on Computing , 20(6):1068–1083, 1991.[19] C. Hermite. Sur l’introduction des variables continues dans la th´eorie desnombres.
Journal f¨ur die reine und angewandte Mathematik , 41:191–216, 1851.[20] C.-P. Jeannerod, V. Neiger, ´E. Schost, and G. Villard. Computing minimalinterpolation bases. HAL Open archive - https://hal.inria.fr/hal-01241781,2015.[21] C.-P. Jeannerod, V. Neiger, ´E. Schost, and G. Villard. Fast computationof minimal interpolation bases in Popov form for arbitrary shifts. HALOpen archive - https://hal.inria.fr/hal-01265983, 2016.[22] T. Kailath.
Linear Systems . Prentice-Hall, 1980.[23] E. Kaltofen, M.S. Krishnamoorthy, and D. Saunders. Parallel algorithmsfor matrix normal forms.
Linear Algebra Appl. , 136:189–208, 1990.[24] S. Lang.
Algebra (Revised Third Edition) . Springer-Verlag New-York Inc., 2002.[25] F. Le Gall. Powers of tensors and fast matrix multiplication. In
ISSAC’14 ,pages 296–303. ACM, 2014.[26] T. Mulders and A. Storjohann. On lattice reduction for polynomialmatrices.
J. Symbolic Comput. , 35:377–401, 2003.[27] V. M. Popov. Invariant description of linear, time-invariant controllablesystems.
SIAM Journal on Control , 10(2):252–264, 1972.[28] S. Sarkar and A. Storjohann. Normalization of row reduced matrices. In
ISSAC’11 , pages 297–304. ACM, 2011.[29] A. Storjohann. High-order lifting and integrality certification.
J. SymbolicComput. , 36(3-4):613–648, 2003.[30] A. Storjohann. Notes on computing minimal approximant bases. In
Dagstuhl Seminar Proceedings , 2006.[31] A. Storjohann and G. Labahn. Asymptotically fast computation of Hermitenormal forms of integer matrices. ISSAC’96, pages 259–266. ACM, 1996.[32] M. Van Barel and A. Bultheel. A general module theoretic framework forvector M-Pad´e and matrix rational interpolation.
Numer. Algorithms ,3:451–462, 1992.[33] G. Villard. Computing Popov and Hermite forms of polynomial matrices.ISSAC’96, pages 250–258. ACM, 1996.[34] W. Zhou and G. Labahn. Efficient algorithms for order basis computation.
J. Symbolic Comput. , 47(7):793–819, 2012.[35] W. Zhou and G. Labahn. A fast, deterministic algorithm for computing aHermite normal form of a polynomial matrix. arXiv e-Print archive -http://arxiv.org/abs/1602.02049, 2016.[36] W. Zhou, G. Labahn, and A. Storjohann. Computing minimal nullspacebases. In
ISSAC’12 , pages 366–373. ACM, 2012.[37] W. Zhou, G. Labahn, and A. Storjohann. A deterministic algorithm forinverting a polynomial matrix.