Download Lecture 6 1 Multipoint evaluation of a polynomial

Computational Number Theory and Algebra
May 7, 2012
Lecture 6
Lecturers: Markus Bläser, Chandan Saha
Scribe: Chandan Saha
In the last class, we saw that polynomial division has the same asymptotic complexity as polynomial
multiplication. In today’s lecture, we will see two more problems that have (nearly) the same complexity as
polynomial multiplication, namely - multipoint evaluation and interpolation of a polynomial. The topics of
discussion for today’s class are:
• Multipoint evaluation of a polynomial,
• Polynomial interpolation,
• Resultant of two polynomials.
1
Multipoint evaluation of a polynomial
Let f (x) ∈ R[x] be a given polynomial of degree less than n = 2k , where R is a commutative ring with
unity. The multipoint evaluation problem is the task of evaluating f at n distinct points u0 , . . . , un−1 of R.
(We have seen an application of multipoint evaluations in the Reed-Solomon encoding procedure where R
is a finite field.) It is easy to design an algorithm that uses O(n2 ) addition and mutiplication operations in
R - but, we can do better. The idea is to use recursion.
Qn/2−1
Qn/2−1
Let P0 = `=0 (x − u` ) and P1 = `=0 (x − un/2+` ). Define, r0 = f mod P0 and r1 = f mod P1 .
Now, notice that r0 (ui ) = f (ui ) for all 0 ≤ i ≤ n/2 − 1, and similarly r1 (ui ) = f (ui ) for all n/2 ≤ i ≤ n − 1.
This immediately suggests a recursive algorithm: Compute P0 , P1 , r0 , r1 and reduce the problem to multipoint
evaluation problems on r0 and r1 that have degree bounded by n/2 = 2k−1 .
def Q2i −1
We are almost done, except that we would need the polynomials Pi,j = `=0 (x − uj·2i +` ) for 0 ≤ i ≤ k
and 0 ≤ j < 2k−i , at deeper levels of the recursion. So, we (pre)compute all these Pi,j ’s using the relations:
P0,j = (x − uj ) and Pi+1,j = Pi,2j · Pi,2j+1 .
i
(1)
i
Since deg(Pi,j ) = 2 , we can compute Pi+1,j from Pi,2j and Pi,2j+1 using O(M(2 )) operations. Summing
over all 0 ≤ j < 2k−i−1 for a fixed i + 1, we spend 2k−i−1 · O(M(2i )) = O(M(n)) operations (by Observation
1). Now summing over all 0 ≤ i ≤ k − 1, we can bound the complexity of this (pre)computation step by
O(M(n) log n) operations over R.
Algorithm 1 Multipoint evaluation
(Pre)computation step: Compute Pi,j for all 0 ≤ i ≤ k and 0 ≤ j < 2k−i .
1. If n = 1 return f .
2. Let r0 = f mod Pk−1,0 and r1 = f mod Pk−1,1 .
3. Recursively, evaluate r0 at u0 , . . . , un/2−1 .
4. Recursively, evaluate r1 at un/2 , . . . , un−1 .
5. Output r0 (u0 ), . . . , r0 (un/2−1 ), r1 (un/2 ), . . . , r1 (un−1 ).
Time complexity - As discussed before, the (pre)computation step takes O(M(n) log n) operations in R.
In step 2, r0 and r1 can be computed by using the divison algorithm (discussed in the previous lecture),
which takes O(M(n)) operations. Hence, the time taken by the recursive steps of the algorithm is,
T (n)
=
2 · T (n/2) + O(M(n))
= O(M(n) log n).
Therefore, the total time taken by the algorithm (including the (pre)computation step) is O(M(n) log n).
6-1
2
Polynomial interpolation
Polynomial interpolation is, in a way, the converse task of multipoint evaluation: Given a set of n = 2k tuples
(u0 , v0 ), . . . , (un−1 , vn−1 ), where ui , vi belong to a field F and ui ’s are distinct, find the unique polynomial
f ∈ F[x] of degree less than n such that f (ui ) = vi for all 0 ≤ i < n. Just like multipoint evaluation, there
is a divide and conquer strategy for interpolating f using Lagrange’s formula,
f (x) =
n−1
X
n−1
Y
vi ·
i=0
j=0,j6=i
x − uj
ui − uj
(Note that the interpolation problem makes sense even over a ring R if (ui − uj )’s are units in R.) We would
Qn−1
1
like to compute f (x) using the above formula. Let us denote the product j=0,j6=i ui −u
by si . We can
j
rewrite the Lagrange’s formula as,
f (x) =
n−1
X
vi si ·
i=0
n−1
Y
(x − uj )
j=0,j6=i
At first, let us see how to compute all si , 0 ≤ i ≤ n − 1, efficiently. Recall the definition of the polynomials
0
0
Pi,j ’s from the previous section. Notice that, si −1 = Pk,0
(ui ) for every 0 ≤ i ≤ n − 1, where Pk,0
is the
Qn−1
formal derivative of the polynomial Pk,0 = j=0 (x − uj ) (see excercise 1). Which means, we can evaluate
−1
0
Pk,0
at points u0 , . . . , un−1 to obtain s−1
0 , . . . , sn−1 - which is just a multipoint evaluation problem. To find
0
Pk,0 , we first compute Pk,0 using the recursive formula (equation 1), and then compute its formal derivative.
Therefore, s0 , . . . , sn−1 can be computed using O(M(n) log n) operations over F (assume that computing
inverse in F is a unit F-operation). Once we compute the si ’s, we can also compute all the vi0 = vi si .
With this (pre)computation of the vi0 s, the interpolation problem reduces to the following problem: Given
0
(u0 , v00 ), . . . , (un−1 , vn−1
), compute the polynomial,
f (x) =
n−1
X
vi0 ·
i=0
n−1
Y
(x − uj )
j=0,j6=i
Now, observe that f has the following structure: f = r0 (x)Pk−1,1 + r1 (x)Pk−1,0 , where
n/2−1
r0 (x) =
X
i=0
n/2−1
vi0 ·
Y
(x − uj ) and r1 (x) =
j=0,j6=i
n−1
X
i=n/2
n−1
Y
vi0 ·
(x − uj )
j=n/2,j6=i
This suggests the following recursive procedure for polynomial interpolation.
Algorithm 2 Polynomial interpolation
(Pre)computation: Compute Pi,j for 0 ≤ i ≤ k and 0 ≤ j < 2k−i .
1. If n = 1 return v00 .
Pn/2−1
Qn/2−1
2. Recursively, compute r0 = i=0 vi0 · j=0,j6=i (x − uj ).
Pn−1
Qn−1
3. Recursively, compute r1 = i=n/2 vi0 · j=n/2,j6=i (x − uj ).
4. Output r0 Pk−1,1 + r1 Pk−1,0 .
Compute vi0 for 0 ≤ i < n.
Time complexity:
As discussed before, the (pre)computation step takes O(M(n) log n) operations
0
over F. The recursive steps of the algorithm compute r0 from (u0 , v00 ), . . . , (un/2−1 , vn/2−1
) and r1 from
0
0
(un/2 , vn/2 ), . . . , (un−1 , vn−1 ) respectively. Finally, step 4 does two multiplications of polynomials whose
degrees are bounded by n/2. Hence, the overall complexity of the recursive steps is
T (n) = 2 · T (n/2) + O(M(n)) = O(M(n) log n).
Therefore, the total time taken by the algorithm (including the (pre)computation step) is O(M(n) log n).
6-2
3
The Resultant
Let R be an integral domain and F be its field of fractions. (If you are not familiar with integral domain,
assume that R is Z, and F is Q, the field of rational numbers.) Let f and g be two polynomials in R[x] of
degree n and m, respectively. Let gcd(f, g) denote the unique, monic largest common divisor of f and g
over F.
Lemma 1 The gcd(f, g) is nontrivial (meaning, gcd(f, g) 6= 1) if and only if there exists polynomials s, t ∈
F[x], with deg(s) < m and deg(t) < n, such that sf + tg = 0.
Proof Suppose h = gcd(f, g). If gcd(f, g) 6= 1 then deg(h) > 1. Now, if we take s = hg and t = − fh then
deg(s) < m, deg(t) < n and sf + tg = 0.
To show the other direction, suppose that there exist s and t with deg(s) < m, deg(t) < n and sf +tg = 0.
If gcd(f, g) = 1 then by “unique factorization” over F, g should divide s. But, this is not possible as
deg(s) < deg(g). Hence gcd(f, g) is nontrivial.
Pn
Pm
Let f = i=0 fi xi and g = j=0 gj xj , where fi , gj ∈ F for 0 ≤ i ≤ n and 0 ≤ j ≤ m. Since, deg(f ) = n
Pm−1
Pn−1
and deg(g) = m, fn and gm are nonzero. Suppose s = k=0 αk xk and t = `=0 β` x` . Treat the coefficients
α0 , . . . , αm−1 and β0 , . . . , βn−1 as variables. Now, consider the relation sf + tg = 0. By multiplying s, f
and t, g, and then equating the coefficients of xi to zero for all 0 ≤ i ≤ n + m − 1, we get a system of
n + m homogeneous linear equations in the variables αm−1 , . . . , α0 , βn−1 , . . . , β0 . The coefficient matrix
of this linear system is called the Sylvester matrix of f and g, and is denoted by S(f, g) (which means,
S(f, g) · (αm−1 , . . . , α0 , βn−1 , . . . , β0 )T = 0.) Verify that S(f, g) is the following (n + m) × (n + m) matrix.

fn
fn−1
..
.
..
.
..
.











S(f, g) = 
 f1


 f0






fn
..
.
..
.
..
.
..
.
..
.
..
.
f0
..
gm
gm−1
..
.
.
fn
g1
fn−1
..
.
..
.
..
.
..
.
f0
g0

gm
..
.
..
.
..
.
..
.
..
.
..
.
g0
..
.
..
.
..
.
gm
..
.
..
.
..
.
g0






















.
(n+m)×(n+m)
The resultant of f and g is defined as, Resx (f, g) = det(S(f, g)). By Lemma 1, the above linear system
has a nonzero solution if and only if gcd(f, g) is nontrivial. This has the following implication.
Lemma 2 The gcd(f, g) is nontrivial if and only if Resx (f, g) = det(S(f, g)) = 0.
Another useful fact about the resultant is the following.
Lemma 3 There exist s, t ∈ R[x], with deg(s) < m and deg(t) < n, such that sf + tg = Resx (f, g).
Proof If gcd(f, g) 6= 1, then from Lemma 1 and 2 it follows that, there exist s0 , t0 ∈ F[x], with deg(s0 ) < m
and deg(t0 ) < n, such that s0 f + t0 g = 0 = Resx (f, g). Since a coefficient of s0 or t0 is of the form ab , where
a, b ∈ R and b 6= 0, by clearing out the denominators of the coefficients of s0 and t0 we get s, t ∈ R[x] such
that sf + tg = 0. Clearly, deg(s) = deg(s0 ) < m and deg(t) = deg(t0 ) < n.
6-3
Suppose gcd(f, g) = 1. By the extended Euclidean algorithm (see Appendix), there exist s0 , t0 ∈ F[x],
Pm−1
Pn−1
with deg(s0 ) < m and deg(t0 ) < n, such that s0 f + t0 g = 1. Let s0 = k=0 αk xk and t0 = `=0 β` x` . Once
again, by multiplying s0 , f and t0 , g, and then equating the coefficients of xi for 0 ≤ i ≤ n + m − 1, we get a
linear system in αm−1 , . . . , α0 , βn−1 , . . . , β0 with S(f, g) as the coefficient matrix. By Cramer’s rule, every
αk (similarly, β` ) is of the form a/Resx (f, g), where a ∈ R. Hence, the polynomials s = Resx (f, g) · s0 and
t = Resx (f, g) · t0 both belong to R[x]. Therefore, sf + tg = Resx (f, g).
Exercises: P
n−1
1. Let p(x) = i=0 pi xi , where pi ∈ F, be a polynomial over a field F. Define the formal derivative of p(x)
Pn−1
as, p0 (x) = i=1 ipi xi−1 . Show that, for any p, q ∈ F[x], (p + q)0 = p0 + q 0 and (pq)0 = pq 0 + p0 q. Infer that,
0
in section 2 indeed si −1 = Pk,0
(ui ).
Reading home work: Basics of finite fields
1. Read the first two chapters of the book [LN94] (till pg-63). You can also read Chapter 19 of [Sho09], or
Chapter 25 (section 25.4) of [GG03].
Appendix
GCD of polynomials: Extended Euclidean algorithm
The classical Euclidean algorithm computes r = f mod g and then recursively computes the gcd of r and
g. The extended Euclidean algorithm, given below, computes two polynomials s and t such that sf + tg =
gcd(f, g) = d, with deg(s) < deg(g) and deg(t) < deg(f ). We can use this algorithm to compute modular
inverse. For instance, if f and g are relatively coprime then s = f −1 mod g.
Algorithm 3 Extended Euclidean algorithm
1. Let (r, r0 ) ← (f, g), (s, s0 ) ← (1, 0) and (t, t0 ) ← (0, 1).
2. while r0 6= 0 do
q ← b rr0 c, r00 ← r mod r0
(r, s, t, r0 , s0 , t0 ) ← (r0 , s0 , t0 , r00 , s − s0 q, t − t0 q)
3. Let d ← r.
4. Output d, s, t.
It is not difficult to analyse this algorithm and show that the time complexity is bounded by O(n2 ) operations
over the underlying field F, where n is the bound on the degree of f and g (refer to chapter 4 of [Sho09]). But
then, there is also a faster version of the extended Euclidean algorithm that uses O(M(n) log n) operations
over F (refer to chapter 11 of [GG03]). GCD of integers - Just like polynomials, gcd of two N -bit integers
f, g can be computed using the extended Euclidean algorithm, which outputs two integers s and t such that
sf + tg = gcd(f, g). The time taken by a faster version of the extended Euclidean algorithm over integers is
O(MI (N ) log N ) bit operations (refer to chapter 3 and 11 of [GG03]).
References
[GG03] Joachim Von Zur Gathen and Jurgen Gerhard. Modern Computer Algebra. Cambridge University
Press, New York, NY, USA, 2003.
[LN94] Rudolf Lidl and Harald Neiderreiter. Introduction to finite fields and their applications. Cambridge
University Press, 1994.
[Sho09] Victor Shoup. A Computational Introduction to Number Theory and Algebra. Cambridge University
Press, New York, 2009. Available from http://shoup.net/ntb/.
6-4