There exists a binary GCD algorithm for finding the greatest common divisor of a number. In general, the GCD can be extended to the XGCD, which can help find a multiplicative inverse in a field.
I am working with binary numbers that represent a polynomial. For example, the bitstring 1101 represents x^3 + x^2 + 1. I need to compute the modular inverse of a random polynomial modulo x^p - 1 for some large known prime p. However, I need to do it in constant time (meaning that the runtime should not depend on the number I am inverting). I know how to make the binary GCD constant time and I know how to implement the XGCD for polynomials in order to compute multiplicative inverses. What I don't know is if there exists a binary GCD equivalent (with corresponding XGCD) for (binary) polynomials?
Yes there is. The "binary" GCD works in any ring where the smallest prime exists. For integers it is 2, hence the name binary. For polynomials, it is x. The algorithm follows the same idea: subtract polynomials to eliminate a free term in one of higher degree, factor out the highest possible power of x, and keep going until the result of subtraction becomes zero.
Related
I asked myself if one can compute the nth Fibonacci number in time O(n) or O(1) and why?
Can someone explain please?
Yes. It is called Binet's Formula, or sometimes, incorrectly, De Moivre's Formula (the real De Moivre's formula is another, but De Moivre did discover Binet's formula before Binet), and involves the golden ratio Phi. The mathematical reasoning behind this (see link) is a bit involved, but doable:
While it is an approximate formula, Fibonacci numbers are integers -- so, once you achieve a high enough precision (depends on n), you can just approximate the number from Binet's formula to the closest integer.
Precision however depends on constants, so you basically have two versions, one with float numbers and one with double precision numbers, with the second also running in constant time, but slightly slower. For large n you will need an arbitrary precision number library, and those have processing times that do depend on the numbers involved; as observed by #MattTimmermans, you'll then probably end up with a O(log^2 n) algorithm. This should happen for large enough values of n that you'd be stuck with a large-number library no matter what (but I'd need to test this to be sure).
Otherwise, the Binet formula is mainly made up of two exponentiations and one division (the three sums and divisions by 2 are probably negligible), while the recursive formula mainly employs function calls and the iterative formula uses a loop. While the first formula is O(1), and the other two are O(n), the actual times are more like a, b n + c and d n + e, with values for a, b, c, d and e that depend on the hardware, compiler, implementation etc. . With a modern CPU it is very likely that a is not too larger than b or d, which means that the O(1) formula should be faster for almost every n. But most implementations of the iterative algorithm start with
if (n < 2) {
return n;
}
which is very likely to be faster for n = 0 and n = 1. I feel confident that Binet's formula is faster for any n beyond the single digits.
Instead of thinking about the recursive method, think of building the sequence from the bottom up, starting at 1+1.
You can also use a matrix m like this:
1 1
1 0
and calculate power n of it. then output m^n[0,0].
I have an arbitrary number x. I would like to compute a number that is coprime to x that's close(ish) to the square root of x. I don't need to find them all, and factoring x is expensive. I just need one number.
Constant time, preferably.
You can compute the GCD with the Euclidean algorithm quite efficiently, so if you just try the numbers close to the square root you should find a candidate very quickly.
You are unlikely to get a whole string of numbers that have common factors because if you find a common prime p, the next time you can get hit by the same prime is p later.
I thought of the following problem recently, and I'm quite surprised that there doesn't seem to be anybody who asked this question yet:
Given a string, how many distinct permutations of it exist, modulo ?
I know the formula where is the length of the string, and are the count of each character (considering an alphabet of size ). So, the string toffee would have different permutations.
But this doesn't quite work anymore when can be really large (say ), since computing would go out of the range of long long int, and using BigIntegers would be too slow. Is there any way to compute this in, say, or time?
If I preprocessed the factorials from to , and my "strings" came in the form of an array of length where each element contained the count of each letter, would it be possible to compute it in or time?
Would appreciate any help on this :)
The trick is to note that p = 10^9 + 7 is a prime number. Therefore, we can use multiplicative inverses and Fermat's little theorem to turn the divisions in your formula into multiplications by the inverses:
n! / (a1!*...*ak!) =
n! * a1!^(p - 2) * ... * ak!^(p - 2) (mod p)
Which will be your formula mod p with no divisions and an easy implementation (just use modular exponentiation by squaring).
Complexity will be O(k log p + n), since we have O(k) multiplications, and for each one, an O(log p) exponentiation, and we must also compute n! and the factorial of each count.
This is easier to implement than cancelling out factors in the fraction.
The number of distinct permutations of a string is always an integer, despite being the result of a division. That's because the factors of the denominator essentially "knock out" some of the factors of the numerator. So you can eliminate the division as a post-factorial operation, instead dividing out the particular factors of the factorial which you've matched up with factors of the denominator.
Once you've got the division removed, you're just left with modular multiplication, which is simple.
Yes .. a solution exists. You can read about Modular multiplicative inverse algorithm. This
As the answer is with modulo 1000000007(which is a prime also), you can try Fermat's little theorem to solve this problem. If modulo number is mod Complexity is O(N + K * log(mod)).
If N isn't gigantic (that is, it's small enough to sift it using something like Sieve of Eratosthenes), you can calculate the prime factorisation of N! with a modified version of the sieve.
Then you can use the prime factorisation to calculate the division, cancelling out the factors present on both sides of the division.
Though this doesn't take into account the fact that you want the result modulo a prime number (where better solutions exist), it's probably useful to know in the general case.
This is the pseudo code for calculating integer factorisation took from CLRS. But what is the point in calculating GCD involved in Line 8 and the need for doubling k when i == k in Line 13.? Help please.
That pseudocode is not Pollard-rho factorization despite the label. It is one trial of the related Brent's factorization method. In Pollard-rho factorization, in the ith step you compute x_i and x_(2i), and check the GCD of x_(2i)-x_i with n. In Brent's factorization method, you compute GCD(x_(2^a)-x_(2^a+b),n) for b=1,2, ..., 2^a. (I used the indices starting with 1 to agree with the pseudocode, but elsewhere the sequence is initialized with x_0.) In the code, k=2^a and i=2^a+b. When you detect that i has reached the next power of 2, you increase k to 2^(a+1).
GCDs can be computed very rapidly by Euclid's algorithm without knowing the factorizations of the numbers. Any time you find a nontrivial GCD with n, this helps you to factor n. In both Pollard-rho factorization and Brent's algorithm, one idea is that if you iterate a polynomial such as x^2-c, the differences between the values of the iterates mod n tend to be good candidates for numbers that share nontrivial factors with n. This is because (by the Chinese Remainder Theorem) iterating the polynomial mod n is the same as simultaneously iterating the polynomial mod each prime power in the prime factorization of n. If x_i=x_j mod p1^e1 but not mod p2^e2, then GCD(xi-xj,n) will have p1^e1 as a factor but not p2^e2, so it will be a nontrivial factor.
This is one trial because x_1 is initialized once. If you get unlucky, the value you choose for x_1 starts a preperiodic sequence that repeats at the same time mod each prime power in the prime factorization of n, even though n is not prime. For example, suppose n=1711=29*59, and x_1 = 4, x_2=15, x_3=224, x_4=556, x_5=1155, x_6=1155, ... This sequence does not help you to find a nontrivial factorization, since all of the GCDs of differences between distinct elements and 1711 are 1. If you start with x_1=5, then x_2=24, x_3=575, x_4=401, x_5=1677, x_6=1155, x_7=1155, ... In either factorization method, you would find that GCD(x_4-x_2,1711)=GCD(377,1711)=29, a nontrivial factor of 1711. Not only are some sequences not helpful, others might work, but it might be faster to give up and start with another initial value. So, normally you don't keep increasing i forever, normally there is a termination threshold where you might try a different initial value.
Can calculating Exponentiation, that is, computing x^n , can be done in o(n) time?If so, how would I show this?
Yes and no.
On one hand, using exponent by squaring, which uses the fact that x^n = (x^(n/2))^2, so by repeatidly squaring the number, you can effectively cut down number of multiplications to O(logN). So, if we assume bounded integer size- it is possible to do it in o(N).
However, since k^n requires log_2(k^n) = n*log_2(k) bits to represent - you cannot do it in o(n), assuming unbounded integers - since the number of bits you need to calculate is itself, Omega(n).