Download Complexity of multiplication of polynomials of small

Complexity of multiplication of polynomials of
small degree over finite fields
(Extended abstract)
Shy Artzi? and Michael Kaminski
Department of Computer Science
Technion – Israel Institute of Technology
Haifa 32000
Israel
Abstract. Let µq (n) denote the number of multiplications required for
computation of the product of two polynomials of degree n over a qelement field by means of a quadratic algorithm. It is known that if
q ≥ 2n, then µq (n) = 2n + 1. This bound is achieved by evaluating the
polynomials at 2n+1 different points (possibly, including ∞), multiplying
the values, and interpolating the result. However, this method does not
work when the number of the field elements is less than 2n. It is known
from the literature that, for q/2 < n ≤ q + 1, µq (n) = 3n + 1 − bq/2c. In
this paper we show that the same tight bound also holds in the extended
range q/2 < n ≤ q + log2 q − 4.8, for an even q and q/2 < n ≤ q + log2 q −
5.8, for an odd q.
1
Introduction
In infinite fields it is possible to compute the coefficients of the product of two
polynomials of degree n in 2n+1 non-scalar multiplications. It is known from [31]
that each algorithm for computing the above product in 2n + 1 non-scalar multiplications must evaluate the multiplicands at a minimum of 2n distinct points,
multiply the samples, and interpolate the result. However in finite fields this
method fails, if 2n exceeds the number of field elements. Thus, in general, the
above bound cannot be achieved in finite fields.
Let Fq denote the q-element field and let µq (n) denote the number of multiplications required to compute the coefficients of the product of two polynomials
of degree n over Fq by means of quadratic algorithms. The best lower bound on
µq (n) known from the literature, is 3.52n, if q = 2, see [6] and 3n−o(n) for q > 2,
see [19]. Also, for small values of n, the following upper bound on µq (n) can be
easily reached my an algorithm based on the Chinese Remainder Theorem.
Proposition 1. ([19, Appendix B]) For n ≤ (q 2 + 1)/2, µq (n) ≤ 3n + 1 − bq/2c,
?
Contact author. E-mail: [email protected], Fax: 972-4-8244798
On the other hand, it follows from [9] that µq ≤ 4(1 + √ 1 ) + o(n), if q is
q−3
a square greater than or equal to 25. Thus, establishing the exact value of µq (n)
should be of interest.
It was shown in [19] that for q/2 < n ≤ q + 1,
µq (n) = 3n + 1 − bq/2c.
(1)
As we have mentioned above, for n ≤ q/2, µq (n) = 2n + 1. In this paper we
extend (1) to range q/2 < n ≤ q + log2 q − 4.8, for an even q and q/2 < n ≤
q + log2 q − 5.8, for an odd q. Namely, we shall prove the following theorem.
Theorem 1. If q is even and q/2 < n ≤ q + log2 q − 4.8 or q is odd and
q/2 < n ≤ q + log2 q − 5.8, then µq (n) = 3n + 1 − bq/2c.
It is known from [28] that if a set of bilinear forms over an infinite field can
be computed in t multiplications/divisions, then it can be computed in t multiplications by an algorithm without divisions whose total number of operations
differs from that of the original one by a factor of a small constant. But it is
unknown whether a similar result holds for finite fields, cf. [7]. However one can
easily prove that quadratic algorithms for computing a set of bilinear forms are
optimal within the algorithms without divisions. Also we would like to note that
all the algorithms for polynomial multiplication over finite fields known from the
literature are quadratic (and even bilinear), see [23] and [27].
The proofs are based on the theory of linear recurring sequences and an
analysis of Hankel matrices1 representing bilinear forms defined by linear combinations of the coefficients of the product of two polynomials. This technique
can was also applied in [19] to analysis of algorithms for multiplication of polynomials modulo a polynomial.
The paper is organized as follows. In the next section we define the notion of a
quadratic algorithm and in Section 3 we introduce some notation and definitions
and state the major auxiliary technical lemmas. The proof of Theorem 1 is
sketched in Section 4. Finally, the last section contains some concluding remarks.
2
Quadratic algorithms for polynomial multiplication
In this paper we restrict ourselves to quadratic algorithms which are defined
below.
We denote by x = (x0 , x1 , . . . , xn )T and y = (y0 , y1 , . . . , yn )T column vectors
of indeterminate. We remind the reader that a quadratic algorithm for computing
a set of bilinear forms of x and y is a straight-line algorithm whose non-scalar
multiplications are of the form L0 ∗ L00 , where L0 and L00 are linear forms in x
and y and each bilinear form in the set is a linear
P combination of these products.
We have to compute zk = zk (x, y) =
xi yj , k = 0, . . . , 2n. Let z =
i+j=k
(z0 , z1 , . . . , z2n )T . Assume that µq (n) = t, i.e., all the bilinear forms defined
1
The definition of Hankel matrices is given in Section 3
by the components of z can be computed in t multiplications. Namely, there
exist t pairs linear forms L01 (x, y), L001 (x, y), . . . , L0t (x, y), L00t (x, y) of x and y
such that each zk is a linear combination of products {L0i (x, y)L00i (x, y)}i=1,...,t .
Let p = (L01 (x, y)L001 (x, y), . . . , L0t (x, y)L00t (x, y))T . It is known from [10] that
t ≥ 2n + 1. By the definition of quadratic algorithms there exists a (2n + 1) × t
matrix U whose entries are constants from F such that z = U p.
We contend first that rankU = 2n + 1. Obviously, zk (x, y) = xT Ak y, where
Ak = (ai,j,k ) is an (n + 1) × (n + 1) Hankel matrix defined by
½
1, if i + j = k + 2
.
(2)
ai,j,k =
0, otherwise
Since matrices A0 , A1 , . . . , A2n are linearly independent, the rows of U are independent as well. This proves our contention.
Permuting the components of p, if necessary, we may assume that the first
2n + 1 columns of U are linearly independent. Hence there exist a non-singular
(2n + 1) × (2n + 1) matrix W and a (2n + 1) × (t − 2n − 1) matrix V such that
W z = (I2n+1 , V )p,
where I2n+1 denotes the (2n + 1) × (2n + 1) identity matrix. That is, the first
2n + 1 columns of the product W U are those of I2n+1 .
Let
W z = (xT H1 y, xT H2 y, . . . , xT H2n+1 y)T .
Let H = {H1 , H2 , . . . , H2n+1 }. We fix matrices H1 , H2 , . . . , H2n+1 till the end
of this paper. Note that each matrix Hk ∈ H a linear combination of matrices
A0 , A1 , . . . , A2n defined by (2):
Hk =
2n
X
si Ai ,
s0 , s1 , . . . , s2n ∈ Fq .
i=0
Therefore, Hk is of the form

s0
 s1

·

·

·
sn

s1 · · · sn
s2 · · · sn+1 


·
·
.

·
·


·
·
sn+1 · · · s2n
Matrices in such from are called Hankel matrices. They constitute a major tool
in this paper.
We conclude this section with an observation that if n ≤ (q 2 + 1)/2, then
rankHk ≤ n, k = 1, 2, . . . , 2n + 1. Indeed, permuting rows and columns of
(I2n+1 , V ), if necessary, we may assume that k = 2n + 1. Since computing of
µq (xT H2n+1 y) requires rankH2n+1 multiplications, V has, at least, rankH2n+1 −
1 columns. Therefore µq (n) = t ≥ 2n + rankH2n+1 . Combining this with Proposition 1, we obtain the desired inequality.
3
Hankel matrices and linear recurring sequences
In this section we introduce some notation and prove the major auxiliary lemmas
needed for the proof of Theorems 1.
Let k be a positive integer and let a0 , . . . , ak−1 be given elements of F. A
sequence σ = s0 , s1 , . . . , s` of elements of Fq satisfying the relation
sm+k = ak−1 sm+k−1 + ak−2 sm+k−2 + . . . + a0 sm ,
m = 0, 1, . . . , ` − k
is called a (finite k-th-order homogeneous) linear recurring sequence in Fq . The
terms s0 , s1 , . . . , sk−1 are referred as initial values. The polynomial
f (α) = αk − ak−1 αk−1 − ak−2 αk−2 − . . . − a0 ∈ F [α]
is called a characteristic polynomial of σ. Proposition 2 below shows that if a
finite linear recurring sequence is “sufficiently long”, then it possesses an important property of infinite linear recurring sequences.
Proposition 2. ([19, Proposition 1]) Let σ and f (α) be as above, and let fσ (α)
be a characteristic polynomial of σ of the minimal degree. If deg fσ (α)+deg f (α) ≤
` + 1, then fσ (α) divides f (α).
A uniquely determined monic polynomial fσ (α) ∈ F [α] given by Proposition 2 is called the minimal polynomial of σ.
For a sequence σ = s0 , s1 , . . . , s2n we define the (n + 1) × (n + 1) Hankel
matrix H(σ) by


s0 s1 · · · sn
 s1 s2 · · · sn+1 


· ·

·

.
· ·

·


· ·

·
sn sn+1 · · · s2n
Let H i (σ) denote the (i + 1)th row of H(σ). Let rankH(σ) ≤ n and let k be
the minimal integer for which there exist a0 , a1 , . . . , ak−1 ∈ Fq such that
k−1
X
ai H i (σ) = H k (σ).
i=0
We define sequence σ̃ = s̃0 , s̃1 , . . . , s̃2n by the linear recurrence
s̃i+k = ak−1 s̃i+k−1 + ak−2 s̃i+k−2 + · · · + a0 s̃i ,
(3)
with initial values s̃i = si , i = 0, 1, . . . , k − 1.
Let σ̄ = σ − σ̃. We shall denote H(σ), H(σ̃), and H(σ̄) by H, H̃, and H̄,
k−1
P
respectively. Let fH (α) = αk −
ai αi , i.e., fH (α) is a characteristic polynomial
i=0
of the sequence defined by recurrence (3), and, in particular, of σ̃.2 Finally, we
define the divisor f H (α) by f H (α) = fH (α)(α − ∞)rankH̄ . By [19, Proposition
2], rankH = deg f H (α).
Let S be a set of (n + 1) × (n + 1) Hankel matrices of rank not exceeding n.
Define fS (α) = lcm{f H (α) : H ∈ S}.3 In what follows we shall need Lemmas 1
and 2, below.
Let V be a vector space over Fq , v1 , v2 , . . . , vm ∈ V . We denote the linear
subspace of V spanned by v1 , v2 , . . . , vm by [v1 , v2 , . . . , vm ].
Lemma 1. ([19, Lemma 1]) Let S be a set of (n + 1) × (n + 1) Hankel matrices
of rank not exceeding n. Then dim[S] ≤ deg f S (α).
For Lemma 2 below we shall need the following notation. For a set S of
(n + 1) × (n + 1) Hankel matrices we denote by µq (S) the quadratic complexity
of S, i.e., the the minimal number of multiplications required to compute the
set of bilinear forms {xXy T : H ∈ S} by means of a quadratic algorithm.
Lemma 2. ([19, Lemmas 2 and 3]) Let S be a set of (n+1)×n Hankel matrices
of rank not exceeding n. Then µq (S) ≥ min(deg f S (α), n + 1).4
Since matrices H1 , H2 , . . . , H2n+1 defined in the previous section are linearly
independent, by Lemma 1, deg f H (α) ≥ 2n + 1. However, Lemma 2 bounds us
to n + 1. In this paper we improve the lower bound given by Lemma 2 as follows.
Lemma 3. Let S be a set of (n + 1) × (n + 1) Hankel matrices of rank not
exceeding n such that for each H 0 , H 00 ∈ S divisors f H 0 (α) and f H 00 (α) are
coprime. Let d = max{deg f H (α) : H ∈ S}. Then computing the set of bilinear
forms of x and y defined by the elements of S requires at least min(deg f S (α), n+
blog2 ( n + 1)c − 1) multiplications.
d
Even though, using Lemma 3 instead of Lemma 2 in the proofs in [19] would
improve the lower bound only by o(n), this lemma allows to extend the range of
n for which the exact value of µq (n) can be calculated. To apply Lemma 3 we
shall need the following results.
Proposition 3. ([4, Proposition 1] Let S ⊆ H. then µq (n) ≥ 2n + 1 − |S| +
µq (S).5
Corollary 1. Let n ≤ (q 2 + 1)/2. If for some S ⊆ H, µq (S) − |S| ≥ n − bq/2c,
then µq (n) = 3n + 1 − bq/2c.
Proof. The corollary follows from Propositions 1 and 3.
2
3
4
5
In fact, fH (α) is the minimal polynomial of those sequences, see [19, Section 3].
lcm is an abbreviation for “the least common multiple”.
That is, computing the set of bilinear forms of x and y defined by the elements of
S requires at least min(deg f S (α), n + 1) multiplications.
We denote by |S| the cardinality of S.
Let
½
cq =
0 if q is even
.
1 if q is odd
(4)
In the next section for q/2 < n ≤ q + log2 q − cq we sketch a construction of a
subset S of H such that µq (S) − |S| ≥ n − bq/2c.
4
Sketch of the proof of Theorem 1
Let H = {H1 , H2 , . . . , H2n+1 } be as in Section 2 and let f H (α) =
Q̀
j=1
e
pj j (α) be
the decomposition of f H (α) into its irreducible factors.
Let H ≥3 be a minimal subset of H such that
e
e
– f H ≥3 (α) is divisible by all pj j (α) with deg pj j (α) ≥ 3 and
– for each H 6∈ H ≥3 , deg f H ≥3 ∪{H} (α) ≤ deg f H ≥3 (α) + 2.
Remark 1. By the definitions of H ≥3 , deg f H ≥3 (α) ≥ 3|H ≥3 |.
Let H =2 be a minimal subset of H \ H ≥3 such that
e
– f H =2 (α) is divisible by all pj j (α) of degree 2 which are coprime with f H ≥3 (α).
Remark 2. It follows from the definitions of H =2 that for each subset H ⊆ of
H =2 , deg f H ≥3 ∪H ⊆ (α) = deg f H ≥3 (α) + 2|H ⊆ |.
We proceed with a sequence of statements of properties of H ≥3 and H =2 .
The proofs of these properties are similar each to other. We omit some of them
and only sketch the others because of the space constraints.
Lemma 4. We have
|H =2 | + deg f H ≥3 (α) − |H ≥3 | ≥ n − bq/2c.
From now on we assume that q ≥ 3 and q < n < 2q. We also fix a subset H ⊆
of H =2 .
Lemma 5. If |H ⊆ | < 3(q − cq )/2 − n,6 then deg f H ≥3 (α) < n + 1 − 2|H ⊆ |.
Lemma 6. If n < 3(q − cq )/2, then
1. µq (H ≥3 ) ≥ deg f H≥3 (α),
2. deg f H≥3 (α) − 2|H ≥3 | ≤ n − q + cq , and
3. |H ≥3 | ≤ n − q + cq .
6
See (4) for the definition of cq .
Proof. Clause 1 of the Lemma follows from Lemma 5 with H ⊆ = ∅ and Lemma 2.
The proof of clause 2 is a bit longer. By Lemma 1, deg f H (α) ≥ 2n + 1 and,
by the definition of H ≥3 and H =2 , each H ∈ H \ {H ≥3 ∪ H =2 } contributes
only a linear factor to f H (α). Therefore,
deg f H ≥3 ∪H =2 (α) ≥ 2n − q (≥ n + 1).
(5)
Let H ⊆ be a minimal subset of H =2 such that deg f H ≥3 ∪H ⊆ (α) ≥ n + 1.
Combining Proposition 3 with the 3n + 1 − bq/2c upper bound on µq (n) we
obtain
3n + 1 − bq/2c ≥ µq (n) ≥ 2n + 1 − |H ≥3 ∪ H ⊆ | + µq (H ≥3 ∪ H ⊆ ).
Therefore, by (5) and Lemma 2,
|H ≥3 ∪ H ⊆ | = |H ≥3 | + |H ⊆ | ≥ bq/2c + 1.
(6)
By the definition of H ⊆ and Remark 2,
|H ⊆ | = d(n + 1) − deg f H ≥3 (α))/2e
which together with (6) implies the desired inequality.
Finally, clause 3 of the lemma follows from clause 2 and Remark 1.
Corollary 2. If n < 3(q − cq )/2, then deg f H ≥3 (α) ≤ 3(n − q + cq ).
Proof. The inequality immediately follows from clauses 2 and 3 of Lemma 6.
Lemma 7. Let H max be a maximal subset of [H ≥3 ∪H ⊆ ]\{0(n+1)×(n+1) } such
that
– divisors of the elements of H max are pairwise coprime,
– divisors of the elements of H max are coprime with f H ≥3 (α), and
– for each H ∈ H max , if jH is the number of elements of H ⊆ which participate
in representation of H as a linear combination over H ≥3 ∪ H ⊆ , then jH <
(n + 1)/2.
Let
n < (6(q − cq ) − 2)/5.
(7)
Then, for each H ∈ H max ,
1. jH ≤ deg f H ≥3 (α) + 1 and
2. deg f H (α) = 2jH .
It could happen that divisors of some matrices in H ⊆ do not divide f H max (α)
or, in other words, there are matrices in H ⊆ which do not participate in representation of elements of H max as a linear combination over H ≥3 ∪ H ⊆ . We
denote the set of such matrices by H −
⊆ , i.e.,
H−
⊆ = {H ∈ H ⊆ : gcd(f H (α), f Hmax (α)) = 1}.
Some basic properties of H −
⊆ are summarized in Lemmas 8 and 9 below.
Lemma 8. If (7), then
1. |H −
⊆ | + |H ≥3 | ≤ deg f H ≥3 (α) and
2. f H max (α) = f H ≥3 ∪(H ⊆ \H − ) (α)/f H ≥3 (α).
⊆
Lemma 9. If
|H −
⊆ | < (4q − 3n − 3cq − 1)/2,
(8)
then there is a matrix in [H ≥3 ∪ H −
⊆ ] whose divisor is f H ≥3 ∪H − (α).
⊆
We denote a matrix whose existence is provided by Lemma 9 by HH ≥3 ∪H −
⊆
and we define a set of Hankel matrices H +
⊆ by
H+
⊆ = H max ∪ {HH ≥3 ∪H − }.
(9)
n < (8q − 7cq − 1)/7,
(10)
⊆
Lemma 10. If
then
1. the divisors of the elements of H +
⊆ are pairwise coprime,
2. f H + (α) = f H ≥3 ∪H ⊆ (α), and
⊆
3. for each H ∈ H +
⊆ , 2 ≤ deg f H (α) ≤ max{2, 3 deg f H≥3 (α) − 2|H ≥3 |}.
Proof. Since (10) implies (7), by clause 1 of Lemma 8,
2|H −
⊆ | ≤ 2 deg f H ≥3 (α) − 2|H ≥3 |.
(11)
Also, n < (8q − 7cq − 1)/7 implies n < 3(q − cq )/2. Thus, combining (11) with
clause 2 of Lemma 6 and its corollary (Corollary 2), we obtain that |H −
⊆| ≤
4(n−q+cq ), which, together with (10) implies (8). Thus, we may apply Lemmas 7
and 9 which together with (9) impliy the first clause of the lemma.
The second clause of Lemma 10 follows from the second clause of Lemma 8
(and (9), of course).
As for the last clause of the lemma, let H ∈ H +
⊆ . If H ∈ Hmax , then, by
Lemma 7,
2 ≤ deg f H (α) ≤ 2(deg f H≥3 (α) + 1) ≤ max{2, 3 deg f H≥3 (α) − 2|H ≥3 |},
where the last inequality follows from Remark 1.
If H = HH ≥3 ∪H − , then 2 ≤ deg f H (α). By Remark 2 and Lemma 9,
⊆
deg f H (α) = deg f H≥3 (α) + 2|H −
⊆ |,
which together with (11) implies
deg f H (α) ≤ 3 deg f H≥3 (α) − 2|H ≥3 |.
Finally, Lemma 11 below provides a subset S of H that is the prerequisite
of the corollary to Proposition 3 (Corollary 1).
Lemma 11. If
q < n ≤ q + log2 q − 4.8 − cq ,
(12)
then there exists a subset S of H such that µq (S) − |S| ≥ n − bq/2c.
Proof. Obviously, (12) implies (10). By clause 1 of Lemma 10, we may apply
Lemma 3 to H +
⊆ and obtain
µq (H +
⊆ ) ≥ min(deg f H + (α), n + blog2 (
⊆
n
+ 1)c − 1),
d
(13)
where d = max{deg f H (α) : H ∈ H +
⊆ }.
We shall distinguish between the cases of deg f H + (α) < n+blog2 ( n +1)c−1
d
=2
and deg f H + (α) ≥ n + blog2 ( n + 1)c − 1.
d
=2
If deg f H + (α) < n + blog2 ( n + 1)c − 1, by Remark 2,
d
=2
µq (H +
=2 ) ≥ deg f H ≥3 (α) + 2|H =2 |.
(14)
+
Let S = H ≥3 ∪ H =2 . Since H +
=2 ⊆ [H ≥3 ∪ H =2 ], µq (S) ≥ µq (H =2 ) and,
“subtracting |S| = |H ≥3 | + |H =2 | from (14)” results in
µq (S) − |S| ≥ deg f H ≥3 (α) + |H =2 | − |H ≥3 |.
(15)
Now, the desired inequality follows from (15) and Lemma 4.
The case of
n
deg f H + (α) ≥ n + blog2 ( + 1)c − 1
(16)
=2
d
is based on a long sequence of delicate calculations and we only sketch it.7 So,
assume (16) and let H ⊆ be a minimal subset of H =2 such that
deg f H + (α) ≥ n + blog2 (
⊆
n
+ 1)c − 1.
d
(17)
Then, by Remark 2,
|H ⊆ | = d(n + blog2 (
n
+ 1)c − 1 − deg f H ≥3 (α))/2e.
d
(18)
Let S = H ≥3 ∪ H ⊆ . Since H +
⊆ ⊆ [H ≥3 ∪ H ⊆ ], by (13),
µq (S) ≥ µq (H +
⊆ ) ≥ n + blog2 (
n
+ 1)c − 1.
d
(19)
We have to prove that µq (S) − |S| ≥ n − bq/2c. Since |S| = |H ≥3 | + |H ⊆ |,
it suffices to show that
n
blog2 ( + 1)c + bq/2c ≥ |H ≥3 | + |H ⊆ | + 1.
(20)
d
7
In particular, constants 4.8 and 5.8 come from this case.
By the lemma assumption,
n − q < log2 q − 4.8 − cq ≤ log2 n − 4.8 − cq .
(21)
Using clause 3 of Lemma10, it can be shown that
− log2 d + deg f H ≥3 (α) − 2|H ≥3 | ≥ 1 − log2 7 ≈ −1.8.
(22)
Replacing 4.8 in (21) with the “lefthand side minus 3” of (22) we obtain
n − q ≤ log2
n
+ deg f H ≥3 (α) − 2|H ≥3 | − 3 − cq ,
d
that implies a weaker inequality
n − q ≤ blog2 (
n
+ 1)c + deg f H ≥3 (α) − 2|H ≥3 | − 2 − cq ,
d
Finally, combining the last inequality with (18), we obtain (20).
Now Theorem 1 follows from the corollary to Proposition 3 (Corollary 1) and
Lemma 11.
5
Concluding remarks
Extension of range of n for which we proved a tight lower bound was based on
Lemma 3 that extends Lemma 2 for a special set of Hankel matrices. It seems that
extending lower bounds on µq (S) beyond min(deg f S (α), n + blog2 ( n + 1)c − 1)
d
would allow to obtain the tight bound on µ(n) for a wider range of n.
References
1. A.A. Aho, J.E. Hopcroft, and J.D. Ullman, The Design and Analysis of Computer
Algorithms, Addison-Wesley, Reading, Massachusetts, 1974.
2. S. Artzi, Lower Bounds on the Complexity of Polynomial Multiplication over Finite
Fields (in Hebrew), M.Sc. thesis, Department of Computer Science, Technion - Israel
Institute of Technology, 2000.
3. A. Averbuch, Z. Galil, and S. Winograd, Classification of all the minimal bilinear
algorithms for computing the coefficients of the product of two polynomials modulo
a polynomial in the algebra G[u]|hQ(u)` h, ` > 1, Theoretical Computer Science 58
(1988), 17-56.
4. A. Averbuch, N.H. Bshouty, and M. Kaminski, A classification of quadratic algorithms for multiplying polynomials of small degree over finite fields, Journal of
Algorithms 13 (1992), 577-588.
5. R.W. Brockett and D. Dobkin, On the Optimal Evaluation of a set of Bilinear
Forms, Linear Algebra and Its Applications 19 (1978), 207-235.
6. M.R. Brown and D.P. Dobkin, An Improved Lower Bound on Polynomial Multiplication, IEEE Transactions on Computers 29 (1980), 337-340.
7. N.H. Bshouty and M. Kaminski, Multiplication of polynomials over finite fields,
SIAM Journal on Computing 19 (1990), 452-456.
8. P. Burgisser, M. Clausen, and A. Shokrollahi (with the collaboration of T. Lickteig),
Algebraic complexity theory, Springer, Berlin, 1997.
9. D.V. Chudnovsky and G.V. Chudnovsky, Algebraic complexities and algebraic
curves over finite fields, Journal of Complexity 4 (1988), 285-316.
10. C.M. Feduccia and Y. Zalcstein, Algebras having linear multiplicative complexity,
Journal of the ACM 24 (1977), 311-331.
11. E. Feig, On Systems of Bilinear Forms Whose Minimal Division-Free Algorithms
Are All Bilinear, Journal Algorithms 2 (1981), 261-281.
12. E. Feig, Certain Systems of Bilinear Forms Whose Minimal Algorithms Are All
Quadratic, Journal Algorithms 4 (1983), 137-149.
13. J. Hopcroft and J. Munsinski, Duality applied to the complexity of matrix multiplication, SIAM Journal on Computing 2 (1973), 159-173.
14. N. Jacobson, Basic Algebra I, W.H. Freeman and Co., New York, 1985.
15. J. Ja’ Ja’, Optimal evaluation of pairs of bilinear forms, SIAM Journal on Computing 8 (1979), 443-462.
16. J. Ja’ Ja’, Computation of Bilinear Forms over Finite Fields, Journal of the ACM
27 (1980), 822-830.
17. J. Ja’ Ja’, On the complexity of bilinear forms with commutativity. SIAM Journal
on Computing 9 (1979), 713-728.
18. M. Kaminski, A lower bound for polynomial multiplication, Theoretical Computer
Science 40 (1985), 319-322.
19. M. Kaminski and N.H. Bshouty, Multiplicative complexity of polynomial multiplication over finite fields, Journal of the ACM 36 (1989), 150-170.
20. A. Karustsuba and Y. Ofman, Multiplication of Multidigit Numbers on Automata,
Dokladi Akademii Nauk SSSR 145, (1962), 293-294 (in Russian).
21. S. Lang, Algebra, Addison-Wesley, Reading, MA, 1965.
22. A. Lempel and S. Winograd, A New Approach to Error-Correcting Codes, IEEE
Transactions on Information Theory 23 (1977), 503-508.
23. A. Lempel, G. Seroussi, S. Winograd, On the Complexity of Multiplication in
Finite Fields, Theoretical Computer Science 22 (1983), 285-296.
24. R. Lidl and H. Niederreiter, Finite Fields, Encyclopedia of Mathematics and its
Applications, Vol. 20, G.-C. Rota, ed., Addison-Wesley, Reading, Massachusetts,
1983.
25. R. Moenck and A. Borodin, Fast modular transforms via divisions, in Proc. 13th
Annual Sympposium on Switching and Automata Theory, pp. 90-96, The Institute
of Electrical and Electronic Engineers, New York, 1972.
26. W.W. Peterson and E.J. Weldon, Error-Correcting Codes, MIT Press, 1972.
27. A. Schönhage, Schnelle Multiplikation von Polynomen über Körpern der Charakteristik 2, Acta Informatica 7 (1977), 395-398.
28. V. Strassen, Vermeidung von Divisionen, Journal fur Reine und Angewandte Mathematik 264 (1973), 184-202.
29. A.L. Toom, The complexity of a scheme of functional elements realizing the multiplication of integers, Soviet Mathematics Docladi 4 (1963), 714-716.
30. S. Winograd, On the Number of Multiplications Necessary to Compute Certain
Functions, Communications of Pure and Applied Mathematics 23 (1970), 165-179.
31. S. Winograd, Some Bilinear Forms Whose Multiplicative Complexity Depends on
the Field Constants, Mathematical System Theory 10 (1976/77), 169-180.