1. Polynomial Factorization Olga Sergeeva Ferien-Akademie 2004, September 19 – October 1

2. Overview Univariate Factorization Overview of the algorithms and the required simplifications Factoring over finite fields Factorization based on Hensel lifting LLL algorithm Multivariate Factorization Problems overview The idea of the algorithm Analysis of correctness probability.

3. Univariate Factorization – algorithms We consider factorization of polynomials over the rational integers, Z, and different approaches to this problem.

4. Univariate Factorization – algorithms We consider factorization of polynomials over the rational integers, Z, and different approaches to this problem. Algorithms, solving the problem for univariate polynomials: Kronecker, interpolation algorithm

5. Univariate Factorization – algorithms We consider factorization of polynomials over the rational integers, Z, and different approaches to this problem. Algorithms, solving the problem for univariate polynomials: Kronecker, interpolation algorithm Algorithm, which uses Hensel lifting techniques and factorization over finite fields

6. Univariate Factorization – algorithms We consider factorization of polynomials over the rational integers, Z, and different approaches to this problem. Algorithms, solving the problem for univariate polynomials: Kronecker, interpolation algorithm Algorithm, which uses Hensel lifting techniques and factorization over finite fields A. K. Lenstra, H. W. Lenstra and Lovasz – polynomial time algorithm using basic reduction techniques for lattices.

7. Univariate Factorization – simplifications When factoring a univariate polynomial over Z, the following simplifications are effective: removing the integer content of F(Z)

8. Univariate Factorization – simplifications When factoring a univariate polynomial over Z, the following simplifications are effective: removing the integer content of F(Z) computing square free decomposition (with use of GCD computations or modular interpolation techniques).

9. Univariate Factorization – simplifications When factoring a univariate polynomial over Z, the following simplifications are effective: removing the integer content of F(Z) computing square free decomposition (with use of GCD computations or modular interpolation techniques). one could try to monicize F(Z), but this increases the size of the coefficients of F and in most cases in not worthwhile:

10. Examples Factorization of polynomials over Z will not be more fine-grained, but will only be coarser than factorization over a. For example, has complex roots and thus it is irreducible over Z. But it is factorizable over any. For instance,

11. Univariate Factorization – over Let be a polynomial with coefficients from First, we get rid of squares:

12. Univariate Factorization – over Let be a polynomial with coefficients from First, we get rid of squares:

13. Factorization over - theoretical basis

14. Is there any use of this theorem? Let us now understand that the equation is in fact equal to a system of linear equations over Due to the fact that we are over, (because almost all the binomials are divided by p).

15. And what? Also, and we get a system of linear equations

16. And what? Also, and we get a system of linear equations The dimension of its solution space is k, where k is the number of irreducible factors of f.

17. The last slide about finite fields We now know, how many factors there are. Let to be a basis. If k=1 then the f is irreducible In the case k>1, we search for, for all. As a result, we get a number of divisors of f: If s<k, we calculate and so on.

18. The last slide about finite fields We now know, how many factors there are. Let to be a basis. If k=1 then the f is irreducible In the case k>1, we search for, for all. As a result, we get a number of divisors of f: If s<k, we calculate and so on. At the end, we will get all the k factors: for two different factors there exists an element from the basis such that

19. No, this is the last one

20. Z Univariate Factorization over Z Square free decomposition computing: Let be factorization of over Z. Z Then. So over Z We can divide by and thus get a polynomial free of squares. From now and on, cont(f)=1 and GCD(f,f’)=1.

21. Univariate Factorization algorithm (UFA) The classical univariate factorization algorithm consists of three steps: 1.Choose a ‘good’ random rational prime p and factor into irreducible factors modulo p:

22. Univariate Factorization algorithm (UFA) The classical univariate factorization algorithm consists of three steps: 1.Choose a ‘good’ random rational prime p and factor into irreducible factors modulo p: 2.Use Newton’s iteration to lift the to factors modulo

23. Univariate Factorization algorithm (UFA) The classical univariate factorization algorithm consists of three steps: 1.Choose a ‘good’ random rational prime p and factor into irreducible factors modulo p: 2.Use Newton’s iteration to lift the to factors modulo 3.Combine the, as needed, into true divisors of over Z.

24. UFA: step 1 Step 1, ‘choose a ‘good’ random rational prime p and factor into irreducible factors modulo p’:

25. UFA: step 1 Step 1, ‘choose a ‘good’ random rational prime p and factor into irreducible factors modulo p’: The best primes in the first step are those for which the factorization of modulo p is as close as possible to the factorization of over Z. This is a reason to try several primes and pick the one that fives the coarsest factorization.

26. UFA: step 1 Step 1, ‘choose a ‘good’ random rational prime p and factor into irreducible factors modulo p’: The best primes in the first step are those for which the factorization of modulo p is as close as possible to the factorization of over Z. This is a reason to try several primes and pick the one that fives the coarsest factorization. Over these prime modulo, we compare square free decompositions After, apply one of the univariate finite field factorization algorithms.

27. Hensel techniques reminder We will use this factorization to get the factorization of f modulo

28. Hensel techniques reminder We will use this factorization to get the factorization of f modulo More precisely, if we have we will call Hensel continuation of this factorization a factorization

29. Hensel techniques reminder Lemma (Hensel) If then for any factorization, satisfying the above conditions, there exists its Hensel continuation, and the polynomials are defined uniquely modulo

30. UFA: step 2 Step 2, ‘Use Newton’s iteration to lift the to factors modulo ’. We choose l considering the bounds on the coefficients of the factors.

31. UFA: step 2 Step 2, ‘Use Newton’s iteration to lift the to factors modulo ’. We choose l considering the bounds on the coefficients of the factors. Theorem (Mignotte) Let

32. UFA: step 2 We have an upper bound for the coefficients factors of f, say M. We then choose l such that Let be a factor of f.

33. UFA: step 3 Step 3, ‘Combine the, as needed, into true divisors of over Z ’

34. UFA: step 3 Step 3, ‘Combine the, as needed, into true divisors of over Z ’ This is the most time consuming step. We need: once we have a potential factor of modulo, to convert it to a factor over Z do a test division to see if it is actually a factor

35. UFA: step 3 Step 3, ‘Combine the, as needed, into true divisors of over Z ’ This is the most time consuming step. We need: once we have a potential factor of modulo, to convert it to a factor over Z do a test division to see if it is actually a factor Trick letting not to perform excessive trial divisions: If the check failed for integers, there is no need to perform it for polynomials.

36. Asymptotically Good Algorithms Lenstra, Lenstra, Lovasz. Factoring polynomials with rational coefficients. 1982 Algorithm takes operations.

37. Asymptotically Good Algorithms: definitions A subset is called a lattice, if there exists a basis in such, that

38. Asymptotically Good Algorithms: idea The beginning is the same with the previous algorithm: the polynomial f is factored modulo prime number p. Then an irreducible factor h modulo the power of p is computed, using Hensel’s techniques.

39. Asymptotically Good Algorithms: idea The beginning is the same with the previous algorithm: the polynomial f is factored modulo prime number p. Then an irreducible factor h modulo the power of p is computed, using Hensel’s techniques. After this an irreducible factor of f in Z [x] such, that is searched for. In our terms, will imply that the coefficients of are the points of some lattice and will imply that the coefficients of are ‘not too large’ (in other words, a short vector in the lattice corresponds to the searched irreducible factor).

40. Lattices and factorization Summing up, we need an algorithm for constructing an irreducible factor of f given an irreducible factor h modulo p (with lc(h)=1). It is convenient to generalize the problem: Given an irreducible factor h modulo of square free polynomial f, with lc(h)=1, find irreducible such that modulo p.

41. Lattices and factorization Let n=deg f, l=deg h. Fix some and consider the set S of polynomials over Z [x] with degree not higher than m, dividable by h modulo

42. Lattices and factorization Let n=deg f, l=deg h. Fix some and consider the set S of polynomials over Z [x] with degree not higher than m, dividable by h modulo If, belongs to S.

43. Lattices and factorization Let n=deg f, l=deg h. Fix some and consider the set S of polynomials over Z [x] with degree not higher than m, dividable by h modulo If, belongs to S. We can think of polynomials of degree less than or equal to m as of points in Then the polynomials from S form a lattice L with basis

44. Lattices and factorization: two theorems Theorem 1. If a polynomial is such that

45. Lattices and factorization: two theorems Theorem 1. If a polynomial is such that Theorem 2. Let Suppose that. a)Then b)Suppose that for some (1) Let t be the largest of such j. Then

46. Auxiliary algorithm With fixed m, the algorithm checks if If it is, the algorithm calculates Input: f of degree n; prime p; natural k; h such that lc(h)=1 and, also h(mod p)is irreducible and f(mod p) is not divided by ; natural such that

47. Auxiliary algorithm With fixed m, the algorithm checks if If it is, the algorithm calculates Input: f of degree n; prime p; natural k; h such that lc(h)=1 and, also h(mod p)is irreducible and f(mod p) is not divided by ; natural such that Work: For the lattice with basis find reduced basis If then and the algorithm stops Otherwise, and

48. The main algorithm Calculation of. l=deg h < deg f=n. Work: Calculate the least k for which is held with m=n-1. For the factorization calculate its Hensel lifting, Let u be the greatest integer: Run the auxiliary algorithm for until we get And if we don’t get it, deg > n-1 and is equal to f.

49. Multivariate factorization The reductions and simplifications, which were used in the case of univariate polynomials, are not proper when dealing with multivariate ones. Performing this type of square free decomposition before factoring F leads to exponential intermediate expression swell.

50. Multivariate factorization: idea The basic approach used to factor multivariate polynomials is much the same as the exponential time algorithm for u.p. Rouphly speaking, we reduce the problem of factoring a polynomial of n variables to the case of polynomial of n-1 variables, pointing at one (or two) variables at the end.

51. Hilbert irreducibility theorem Let be an irreducible polynomial over Q and let R(N) denote the number of n-tuples over Z with |x i |<N such that is reducible. Then, where c depends only on the degree of F.

52. Hilbert theorem: disadvantages There is no upper bound on the number of random points needed. The approach can not be applied when working over finite field.

53. Bertini’s theorem Let be an irreducible polynomial of R[Z], where and is an intergal domain. Let the degree of in be d, Let the total degree of the in be. Let L be a subset of of cardinality. Then is irreducible over