Shuhong Gao

Optimal normal bases

Let K ⊂ L be a finite Galois extension of fields, of degree n. Let G be the Galois group, and let (<α)<∈G be a normal basis for L over K. An argument due to Mullin, Onyszchuk, Vanstone and Wilson (Discrete Appl. Math. 22 (1988/89), 149–161) shows that the matrix that describes the map x → αx on this basis has at least 2n - 1 nonzero entries. If it contains exactly 2n - 1 nonzero entries, then the normal basis is said to be optimal. In the present paper we determine all optimal normal bases. In the case that K is finite our result confirms a conjecture that was made by Mullin et al. on the basis of a computer search.

Factoring multivariate polynomials via partial differential equations

A new method is presented for factorization of bivariate polynomials over any field of characteristic zero or of relatively large characteristic. It is based on a simple partial differential equation that gives a system of linear equations. As in Berlekamps and Niederreiters algorithms for factoring univariate polynomials, the dimension of the solution space of the linear system is equal to the number of absolutely irreducible factors of the polynomial to be factored, and any basis for the solution space gives a complete factorization by computing gcds and by factoring univariate polynomials over the ground field. The new method finds absolute and rational factorizations simultaneously and is easy to implement for finite fields, local fields, number fields, and the complex number field. The theory of the new method allows an effective Hilbert irreducibility theorem, thus an efficient reduction of polynomials from multivariate to bivariate.

A New Algorithm for Decoding Reed-Solomon Codes

A new algorithm is developed for decoding Reed-Solomon codes. It uses fast Fourier transforms and computes the message symbols directly without explicitly finding error locations or error magnitudes. In the decoding radius (up to half of the minimum distance), the new method is easily adapted for error and erasure decoding. It can also detect all errors outside the decoding radius. Compared with the BerlekampMassey algorithm, discovered in the late 1960’s, the new method seems simpler and more natural yet it has a similar time complexity.

Algorithms for Exponentiation in Finite Fields

Gauss periods yield (self-dual) normal bases in finite fields, and these normal bases can be used to implement arithmetic efficiently. It is shown that for a small prime power q and infinitely many integersn , multiplication in a normal basis of Fqn over Fq can be computed with O(n logn loglog n), division with O(n log2n loglog n) operations in Fq, and exponentiation of an arbitrary element in Fqn withO (n2loglog n) operations in Fq. We also prove that using a polynomial basis exponentiation in F 2 n can be done with the same number of operations in F 2 for all n. The previous best estimates were O(n2) for multiplication in a normal basis, andO (n2log n loglog n) for exponentiation in a polynomial basis.

Approximate factorization of multivariate polynomials via differential equations

The input to our algorithm is a multivariate polynomial, whose complex rational coefficients are considered imprecise with an unknown error that causes f to be irreducible over the complex numbers C. We seek to perturb the coefficients by a small quantitity such that the resulting polynomial factors over C. Ideally, one would like to minimize the perturbation in some selected distance measure, but no efficient algorithm for that is known. We give a numerical multivariate greatest common divisor algorithm and use it on a numerical variant of algorithms by W. M. Ruppert and S. Gao. Our numerical factorizer makes repeated use of singular value decompositions. We demonstrate on a significant body of experimental data that our algorithm is practical and can find factorizable polynomials within a distance that is about the same in relative magnitude as the input error, even when the relative error in the input is substantial (10-3).

Decomposition of Polytopes and Polynomials

Motivated by a connection with the factorization of multivariate polynomials, we study integral convex polytopes and their integral decompositions in the sense of the Minkowski sum. We first show that deciding decomposability of integral polygons is NP-complete then present a pseudo-polynomial-time algorithm for decomposing polygons. For higher-dimensional polytopes, we give a heuristic algorithm which is based upon projections and uses randomization. Applications of our algorithms include absolute irreducibility testing and factorization of polynomials via their Newton polytopes.

On orders of optimal normal basis generators

In this paper we give some experimental results on the multiplicative orders of optimal normal basis generators in F 2 n over F 2 for n < 1200 whenever the complete factorization of 2 n - 1 is known. Our results show that a subclass of optimal normal basis generators always have high multiplicative orders, at least O((2 n - 1)/n), and are very often primitive. For a given optimal normal basis generator a in F 2 n and an arbitrary integer e, we show that α e can be computed in O(n. v(e)) bit operations, where v(e) is the number of 1s in the binary representation of e.

Constructive problems for irreducible polynomials over finite fields

This paper discusses the techniques used in searching for irreducible trinomials in finite fields. We first collect some specific constructions of irreducible trinomials, then we show how to get new irreducible trinomials from given ones. We also make some comments on the irreducibility testing algorithms and on a primitivity testing algorithm although no experimantal results on primitive polynomials are reported on. Finally, updated tables of irreducible trinomials over F2 are included.

Gauss periods and fast exponentiation in finite fields

Gauss periods can be used to implement finite field arithmetic efficiently. For a small prime p and infinitely many integers n, exponentiation of an arbitrary element in F p n can be done with O(n2 loglog n) operations in F p , and exponentiation of a Gauss period with O(n2) operations in F p . Comparing to the previous estimate O(n2 log nloglog n), using polynomial bases, this shows that normal bases generated by Gauss periods offer some asymptotic computational advantage. Experimental results indicate that Gauss periods are often primitive elements in finite fields.

Gauss periods: orders and cryptographical applications

Experimental results on the multiplicative orders of Gauss periods in finite fields are presented. These results indicate that Gauss periods have high order and are often primitive (self-dual) normal elements in finite fields. It is shown that Gauss periods can be exponentiated in quadratic time. An application is an efficient pseudorandom bit generator.