On the Complexity Exponent of Polynomial System Solving

Abstract

We present a probabilistic Las Vegas algorithm for solving sufficiently generic square polynomial systems over finite fields. We achieve a nearly quadratic running time in the number of solutions, for densely represented input polynomials. We also prove a nearly linear bit complexity bound for polynomial systems with rational coefficients. Our results are obtained using the combination of the Kronecker solver and a new improved algorithm for fast multivariate modular composition.

This is a preview of subscription content, access via your institution.

References

  1. 1.

    M. Agrawal, N. Kayal, and N. Saxena. PRIMES is in P. Ann. Math., pages 781–793, 2004.

  2. 2.

    B. Bank, M. Giusti, J. Heintz, G. Lecerf, G. Matera, and P. Solernó. Degeneracy loci and polynomial equation solving. Found. Comput. Math., 15(1):159–184, 2015.

    MathSciNet  MATH  Google Scholar 

  3. 3.

    M. Bardet. Étude des systèmes algébriques surdéterminés. Applications aux codes correcteurs et à la cryptographie. PhD thesis, Université Pierre et Marie Curie - Paris VI, 2004. https://tel.archives-ouvertes.fr/tel-00449609.

  4. 4.

    M. Bardet, J.-C. Faugère, and B. Salvy. On the complexity of the \(F_5\) Gröbner basis algorithm. J. Symbolic Comput., 70:49–70, 2015.

    MathSciNet  MATH  Google Scholar 

  5. 5.

    S. J. Berkowitz. On computing the determinant in small parallel time using a small number of processors. Inform. Process. Lett., 18:147–150, 1984.

    MathSciNet  MATH  Google Scholar 

  6. 6.

    J. Berthomieu, J. van der Hoeven, and G. Lecerf. Relaxed algorithms for p-adic numbers. J. Théor. Nombres Bordeaux, 23(3), 2011.

  7. 7.

    J. Berthomieu, G. Lecerf, and G. Quintin. Polynomial root finding over local rings and application to error correcting codes. Appl. Alg. Eng. Comm. Comp., 24(6):413–443, 2013.

    MathSciNet  MATH  Google Scholar 

  8. 8.

    A. Bostan, F. Chyzak, M. Giusti, R. Lebreton, G. Lecerf, B. Salvy, and É Schost. Algorithmes Efficaces en Calcul Formel. Frédéric Chyzak (self-published), Palaiseau, 2017. Electronic version available from https://hal.archives-ouvertes.fr/AECF.

  9. 9.

    A. Bostan, Ph. Flajolet, B. Salvy, and É. Schost. Fast computation of special resultants. J. Symbolic Comput., 41(1):1–29, 2006.

    MathSciNet  MATH  Google Scholar 

  10. 10.

    A. Bostan and É. Schost. Polynomial evaluation and interpolation on special sets of points. J. Complexity, 21(4):420–446, 2005.

    MathSciNet  MATH  Google Scholar 

  11. 11.

    R. P. Brent and H. T. Kung. Fast algorithms for manipulating formal power series. J. ACM, 25(4):581–595, 1978.

    MathSciNet  MATH  Google Scholar 

  12. 12.

    W. D. Brownawell. Bounds for the degrees in the Nullstellensatz. Annal. of Math., 126(3):577–591, 1987.

    MathSciNet  MATH  Google Scholar 

  13. 13.

    P. Bürgisser, M. Clausen, and M. A. Shokrollahi. Algebraic complexity theory, volume 315 of Grundlehren der Mathematischen Wissenschaften. Springer-Verlag, 1997.

  14. 14.

    J. F. Canny, E. Kaltofen, and L. Yagati. Solving systems of nonlinear polynomial equations faster. In Proceedings of the ACM-SIGSAM 1989 International Symposium on Symbolic and Algebraic Computation, ISSAC ’89, pages 121–128. New York, NY, USA, 1989. ACM.

  15. 15.

    D. G. Cantor and E. Kaltofen. On fast multiplication of polynomials over arbitrary algebras. Acta Infor., 28:693–701, 1991.

    MathSciNet  MATH  Google Scholar 

  16. 16.

    J.-M. Couveignes and R. Lercier. Fast construction of irreducible polynomials over finite fields. Israel J. Math., 194(1):77–105, 2013.

    MathSciNet  MATH  Google Scholar 

  17. 17.

    C. D’Andrea, A. Ostafe, I. E. Shparlinski, and M. Sombra. Reduction modulo primes of systems of polynomial equations and algebraic dynamical systems. Trans. Amer. Math. Soc., 371(2):1169–1198, 2019.

    MathSciNet  MATH  Google Scholar 

  18. 18.

    C. Durvye and G. Lecerf. A concise proof of the Kronecker polynomial system solver from scratch. Expo. Math., 26(2):101–139, 2008.

    MathSciNet  MATH  Google Scholar 

  19. 19.

    J.-C. Faugère, P. Gaudry, L. Huot, and G. Renault. Sub-cubic change of ordering for Gröbner basis: a probabilistic approach. In Proceedings of the 39th International Symposium on Symbolic and Algebraic Computation, ISSAC ’14, pages 170–177. New York, NY, USA, 2014. ACM.

  20. 20.

    J.-C. Faugère, P. Gianni, D. Lazard, and T. Mora. Efficient computation of zero-dimensional Gröbner bases by change of ordering. J. Symbolic Comput., 16(4):329–344, 1993.

    MathSciNet  MATH  Google Scholar 

  21. 21.

    J. von zur Gathen and J. Gerhard. Modern computer algebra. Cambridge University Press, New York, 3rd edition, 2013.

    Google Scholar 

  22. 22.

    N. Giménez and G. Matera. On the bit complexity of polynomial system solving. J. Complexity, 51:20–67, 2019.

    MathSciNet  MATH  Google Scholar 

  23. 23.

    M. Giusti. Some effectivity problems in polynomial ideal theory. In J. Fitch, editor, EUROSAM 84: International Symposium on Symbolic and Algebraic Computation Cambridge, England, July 9–11, 1984, pages 159–171. Berlin, Heidelberg, 1984. Springer Berlin Heidelberg.

  24. 24.

    M. Giusti, K. Hägele, J. Heintz, J. L. Montaña, J. E. Morais, and L. M. Pardo. Lower bounds for Diophantine approximations. J. Pure Appl. Algebra, 117/118:277–317, 1997.

    MathSciNet  MATH  Google Scholar 

  25. 25.

    M. Giusti, J. Heintz, J. E. Morais, J. Morgenstern, and L. M. Pardo. Straight-line programs in geometric elimination theory. J. Pure Appl. Algebra, 124(1-3):101–146, 1998.

    MathSciNet  MATH  Google Scholar 

  26. 26.

    M. Giusti, J. Heintz, J. E. Morais, and L. M. Pardo. When polynomial equation systems can be “solved” fast? In Applied algebra, algebraic algorithms and error-correcting codes (Paris, 1995), volume 948 of Lecture Notes in Comput. Sci., pages 205–231. Springer-Verlag, 1995.

  27. 27.

    M. Giusti, G. Lecerf, and B. Salvy. A Gröbner free alternative for polynomial system solving. J. complexity, 17(1):154–211, 2001.

    MathSciNet  MATH  Google Scholar 

  28. 28.

    B. Grenet, J. van der Hoeven, and G. Lecerf. Deterministic root finding over finite fields using Graeffe transforms. Appl. Alg. Eng. Comm. Comp., 27(3):237–257, 2016.

    MathSciNet  MATH  Google Scholar 

  29. 29.

    D. Harvey and J. van der Hoeven. Faster polynomial multiplication over finite fields using cyclotomic coefficient rings. J. Complexity, 54:101404, 2019.

    MathSciNet  MATH  Google Scholar 

  30. 30.

    D. Harvey and J. van der Hoeven. Integer multiplication in time \(O (n \log n)\). Technical Report, HAL, 2019. http://hal.archives-ouvertes.fr/hal-02070778.

  31. 31.

    D. Harvey and J. van der Hoeven. Polynomial multiplication over finite fields in time \(O (n \log n)\). Technical Report, HAL, 2019. http://hal.archives-ouvertes.fr/hal-02070816.

  32. 32.

    J. Heintz. Definability and fast quantifier elimination in algebraically closed fields. Theor. Comput. Sci., 24(3):239–277, 1983.

    MathSciNet  MATH  Google Scholar 

  33. 33.

    J. van der Hoeven and G. Lecerf. Modular composition via complex roots. Technical Report, CNRS & École polytechnique, 2017. http://hal.archives-ouvertes.fr/hal-01455731.

  34. 34.

    J. van der Hoeven and G. Lecerf. Modular composition via factorization. J. Complexity, 48:36–68, 2018.

    MathSciNet  MATH  Google Scholar 

  35. 35.

    J. van der Hoeven and G. Lecerf. Accelerated tower arithmetic. J. Complexity, 55:101402, 2019.

    MathSciNet  MATH  Google Scholar 

  36. 36.

    J. van der Hoeven and G. Lecerf. Fast multivariate multi-point evaluation revisited. J. Complexity, 56:101405 2020.

    MathSciNet  MATH  Google Scholar 

  37. 37.

    J. van der Hoeven, G. Lecerf, B. Mourrain et al. Mathemagix. From 2002. http://www.mathemagix.org.

  38. 38.

    Xiaohan Huang and V. Y. Pan. Fast rectangular matrix multiplication and applications. J. Complexity, 14(2):257–299, 1998.

    MathSciNet  MATH  Google Scholar 

  39. 39.

    G. Jeronimo and J. Sabia. Effective equidimensional decomposition of affine varieties. J. Pure Appl. Algebra, 169(2–3):229–248, 2002.

    MathSciNet  MATH  Google Scholar 

  40. 40.

    E. Kaltofen and V. Shoup. Fast polynomial factorization over high algebraic extensions of finite fields. In Proceedings of the 1997 International Symposium on Symbolic and Algebraic Computation, ISSAC ’97, pages 184–188. New York, NY, USA, 1997. ACM.

  41. 41.

    K. S. Kedlaya and C. Umans. Fast modular composition in any characteristic. In FOCS’08: IEEE Conference on Foundations of Computer Science, pages 146–155. Washington, DC, USA, 2008. IEEE Computer Society.

  42. 42.

    K. S. Kedlaya and C. Umans. Fast polynomial factorization and modular composition. SIAM J. Comput., 40(6):1767–1802, 2011.

    MathSciNet  MATH  Google Scholar 

  43. 43.

    T. Krick, L. M. Pardo, and M. Sombra. Sharp estimates for the arithmetic Nullstellensatz. Duke Math. J., 109(3):521–598, 2001.

    MathSciNet  MATH  Google Scholar 

  44. 44.

    L. Kronecker. Grundzüge einer arithmetischen Theorie der algebraischen Grössen. J.reine angew. Math., 92:1–122, 1882.

    MathSciNet  MATH  Google Scholar 

  45. 45.

    Y. N. Lakshman. On the complexity of computing a Gröbner basis for the radical of a zero dimensional ideal. In Proceedings of the Twenty-second Annual ACM Symposium on Theory of Computing, STOC ’90, pages 555–563. New York, NY, USA, 1990. ACM.

  46. 46.

    Y. N. Lakshman. A single exponential bound on the complexity of computing Gröbner bases of zero dimensional ideals. In T. Mora and C. Traverso, editors, Effective Methods in Algebraic Geometry, pages 227–234. Boston, MA, 1991. Birkhäuser Boston.

    Google Scholar 

  47. 47.

    Y. N. Lakshman and D. Lazard. On the complexity of zero-dimensional algebraic systems. In T. Mora and C. Traverso, editors, Effective Methods in Algebraic Geometry, pages 217–225. Boston, MA, 1991. Birkhäuser Boston.

    Google Scholar 

  48. 48.

    D. Lazard. Gröbner bases, Gaussian elimination and resolution of systems of algebraic equations. In J. A. Hulzen, editor, Computer Algebra: EUROCAL’83, European Computer Algebra Conference London, England, March 28–30, 1983 Proceedings, pages 146–156. Springer Berlin Heidelberg, 1983.

  49. 49.

    F. Le Gall. Powers of tensors and fast matrix multiplication. In K. Nabeshima, editor, ISSAC’14: International Symposium on Symbolic and Algebraic Computation, pages 296–303. New York, NY, USA, 2014. ACM.

  50. 50.

    G. Lecerf. Computing the equidimensional decomposition of an algebraic closed set by means of lifting fibers. J. Complexity, 19(4):564–596, 2003.

    MathSciNet  MATH  Google Scholar 

  51. 51.

    G. Lecerf. On the complexity of the Lickteig–Roy subresultant algorithm. J. Symbolic Comput., 92:243–268, 2019.

    MathSciNet  MATH  Google Scholar 

  52. 52.

    P. Lelong. Mesure de Mahler et calcul de constantes universelles pour les polynomes de \(N\) variables. Math. Ann., 299(1):673–695, 1994.

    MathSciNet  MATH  Google Scholar 

  53. 53.

    H. Matsumura. Commutative ring theory, volume 8 of Cambridge Studies in Advanced Mathematics. Cambridge university press, 1989.

  54. 54.

    D. McKinnon. An arithmetic analogue of Bezout’s theorem. Compos. Math., 126(2):147–155, 2001.

    MathSciNet  MATH  Google Scholar 

  55. 55.

    J. M. McNamee and V. Y. Pan. Numerical Methods for Roots of Polynomials, Part II, volume 16 of Studies in Computational Mathematics. Elsevier, 2013.

  56. 56.

    B. Mourrain, V. Y. Pan, and O. Ruatta. Accelerated solution of multivariate polynomial systems of equations. SIAM J. Comput., 32(2):435–454, 2003.

    MathSciNet  MATH  Google Scholar 

  57. 57.

    B. Mourrain and Ph. Trébuchet. Solving projective complete intersection faster. In Proceedings of the 2000 International Symposium on Symbolic and Algebraic Computation, ISSAC ’00, pages 234–241. New York, NY, USA, 2000. ACM.

  58. 58.

    B. Mourrain and Ph. Trébuchet. Generalized normal forms and polynomial system solving. In Proceedings of the 2005 International Symposium on Symbolic and Algebraic Computation, ISSAC ’05, pages 253–260. New York, NY, USA, 2005. ACM.

  59. 59.

    B. Mourrain and Ph. Trébuchet. Border basis representation of a general quotient algebra. In Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation, ISSAC ’12, pages 265–272. New York, NY, USA, 2012. ACM.

  60. 60.

    A. K. Narayanan. Fast computation of isomorphisms between finite fields using elliptic curves. In L. Budaghyan and F. Rodríguez-Henríquez, editors, Arithmetic of Finite Fields. 7th International Workshop, WAIFI 2018, Bergen, Norway, June 14–16, 2018, Revised Selected Papers, volume 11321 of Lecture Notes in Comput. Sci., pages 74–91. Springer, Cham, 2018.

  61. 61.

    C. H. Papadimitriou. Computational Complexity. Addison-Wesley, 1994.

  62. 62.

    P. Philippon. Sur des hauteurs alternatives. I. Math. Ann., 289(1):255–283, 1991.

    MathSciNet  MATH  Google Scholar 

  63. 63.

    A. Poteaux and É. Schost. On the complexity of computing with zero-dimensional triangular sets. J. Symbolic Comput., 50:110–138, 2013.

    MathSciNet  MATH  Google Scholar 

  64. 64.

    A. Schönhage. Schnelle Berechnung von Kettenbruchentwicklungen. Acta Informatica, 1(2):139–144, 1971.

    MATH  Google Scholar 

  65. 65.

    A. Schönhage, A. F. W. Grotefeld, and E. Vetter. Fast algorithms: A multitape Turing machine implementation. B. I. Wissenschaftsverlag, Mannheim, 1994.

    Google Scholar 

  66. 66.

    J. T. Schwartz. Fast probabilistic algorithms for verification of polynomial identities. J. ACM, 27(4):701–717, 1980.

    MathSciNet  MATH  Google Scholar 

  67. 67.

    V. Shoup. New algorithms for finding irreducible polynomials over finite fields. Math. Comp., 54(189):435–447, 1990.

    MathSciNet  MATH  Google Scholar 

  68. 68.

    P. S. Wang. A p-adic algorithm for univariate partial fractions. In Proceedings of the Fourth ACM Symposium on Symbolic and Algebraic Computation, SYMSAC ’81, pages 212–217. New York, NY, USA, 1981. ACM.

  69. 69.

    R. Zippel. Probabilistic algorithms for sparse polynomials. In Proceedings EUROSAM’ 79, number 72 in Lect. Notes Comput. Sci., pages 216–226. Springer-Verlag, 1979.

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Joris van der Hoeven.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Communicated by Teresa Krick.

Linear Changes of Variables

Linear Changes of Variables

This appendix is devoted to subjecting a multivariate polynomial f to a linear change of variables. More precisely, given \(f \in \mathbb {A} [x_1, \ldots , x_n]\) and an \(n \times n\) matrix \(N = (N_{i, j})_{1 \leqslant i \leqslant n, 1 \leqslant j \leqslant n}\) over a commutative ring \(\mathbb {A}\), then we wish to compute

$$\begin{aligned} (f \circ N) (x_1, \ldots , x_n) :=f (N_{1, 1} x_1 + \cdots + N_{1, n} x_n, \ldots , N_{n, 1} x_1 + \cdots + N_{n, n} x_n) . \end{aligned}$$

The fast algorithms that we propose below do not seem to be available in the literature. They are suitable for any coefficient ring with sufficiently many elements, and they are also well suited for homogeneous polynomials.

Algebraic Complexity Model

In this subsection we focus on the algebraic model (computation trees for instance), we let \(\mathbb {A}\) be an effective commutative ring, and \(\mathsf {M}\) is a cost function such that two polynomials in \(\mathbb {A} [x]_{< \ell }\) may be multiplied with cost \(\mathsf {M} (\ell )\). The evaluation of a multivariate polynomial at points in a block of points \(S^n\), where S is a finite subset of \(\mathbb {A}\), is usually achieved by the successive use of fast univariate evaluations, as recalled in the following lemma.

Lemma 27

Let \(\ell \geqslant 1\), let \(f \in \mathbb {A} [x_1, \ldots , x_n]\) be of partial degree \(< \ell \) in \(x_i\) for \(i = 1, \ldots , n\), and let S be a subset of \(\mathbb {A}\) of cardinality \(\ell \). Then, all the values of f at \(S^n\) can be computed with \(O (n \ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell )\) arithmetic operations in \(\mathbb {A}\).

Proof

We interpret \(f \in \mathbb {A} [x_1, \ldots , x_n]\) as a univariate polynomial in \(x_n\),

$$\begin{aligned} f (x_1, \ldots , x_n) = f_0 (x_1, \ldots , x_{n - 1}) + \cdots + f_{\ell - 1} (x_1, \ldots , x_{n - 1}) x_n^{\ell - 1} . \end{aligned}$$

We evaluate \(f_0, \ldots , {f_{\ell - 1}}\) at \(S^{n - 1}\) recursively. Then, for each \((\alpha _1, \ldots , \alpha _{n - 1}) \in S^{n - 1}\), we evaluate \(f (\alpha _1, \ldots , \alpha _{n - 1}, x_n)\) at all the points of S, with a total cost \(O (\ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell )\). Denoting by \(\mathsf {T} (n, \ell )\) the cost of the algorithm in terms of operations in \(\mathbb {A}\), we thus obtain

$$\begin{aligned} \mathsf {T} (n, \ell )= & {} \ell \mathsf {T} (n - 1, \ell ) + O (\ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell ) . \end{aligned}$$

By induction over n, it follows that

$$\begin{aligned} \mathsf {T} (n, \ell )= & {} O (n \ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell ), \end{aligned}$$

which implies the claimed bound. \(\square \)

The next lemma, also well known, concerns the corresponding interpolation problem.

Lemma 28

Let \(\ell \geqslant 1\), let \(\alpha _1, \ldots , \alpha _{\ell }\) be pairwise distinct points in \(\mathbb {A}\) such that \(\alpha _i - \alpha _j\) is invertible whenever \(i \ne j\), let \(\beta _{i_1, \ldots , i_n}\) be a family of values in \(\mathbb {A}\) for \((i_1, \ldots , i_n)\) running over \(\{ 1, \ldots , \ell \}^n\). The unique polynomial \(f \in \mathbb {A} [x_1, \ldots , x_n]\) of partial degrees \(< \ell \) and such that \(f (\alpha _{i_1}, \ldots , \alpha _{i_n}) = \beta _{i_1, \ldots , i_n}\) for all \((i_1, \ldots , i_n) \in \{ 1, \ldots , \ell \}^n\) can be computed with \(O (n \ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell )\) arithmetic operations in \(\mathbb {A}\), including inversions.

Proof

Again we interpret \(f \in \mathbb {A} [x_1, \ldots , x_n]\) as a univariate polynomial in \(x_n\),

$$\begin{aligned} f (x_1, \ldots , x_n) = f_0 (x_1, \ldots , x_{n - 1}) + \cdots + f_{\ell - 1} (x_1, \ldots , x_{n - 1}) x_n^{\ell - 1} . \end{aligned}$$
(17)

For all \((i_1, \ldots , i_{n - 1}) \in \{ 0, \ldots , \ell - 1 \}^{n - 1}\) we interpolate the values \(f_0 (\alpha _{i_1}, \ldots , \alpha _{i_{n - 1}})\), \(\ldots , {f_{\ell - 1} (\alpha _{i_1}, \ldots , \alpha _{i_{n - 1}})}\) with \(\ell ^{n - 1} O ({{\textsf {{M}} }} (\ell ) \log \ell )\) operations in \(\mathbb {A}\). We then recursively interpolate \(f_0, \ldots , f_{\ell - 1}\) and form f as in (17). The total cost is obtained as in the proof of the previous lemma. \(\square \)

The aim of the following proposition is the fast evaluation of f at a set of points of the form \(N (S^n) + B\), for any matrix N and any vector B.

Proposition 8

Let \(\ell \geqslant 1\), let \(f \in \mathbb {A} [x_1, \ldots , x_n]\) be of partial degree \(< \ell \) in \(x_i\) for \(i = 1, \ldots , n\), let \(S = \{ \alpha _1, \ldots , \alpha _{\ell } \}\) be a subset of \(\mathbb {A}\) of cardinality \(\ell \) such that \(\alpha _i - \alpha _j\) is invertible whenever \(i \ne j\), let N be a \(n \times n\) matrix over \(\mathbb {A}\), and let \(B \in \mathbb {A}^n\). Let X be the column vector with entries \(x_1, \ldots , x_n\). If an LU-decomposition of N is given, then \(f (N (S^n) + B)\) and \(f (NX + B)\) can be computed with \(O (n \ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell + n^{\omega })\) arithmetic operations in \(\mathbb {A}\), including inversions.

Proof

We write \(B =:(\beta _1, \ldots , \beta _n)\). We first assume that \(N = (N_{i, j})_{1 \leqslant i \leqslant n, 1 \leqslant j \leqslant n}\) is upper triangular, and we partition \(N (S^n) + B\) into

$$\begin{aligned} N (S^n) + B= & {} \bigsqcup _{i = 1}^{\ell } N (S^{n - 1} \times \{ \alpha _i \}) + B\\= & {} \bigsqcup _{i = 1}^{\ell } (\tilde{N} (S^{n - 1}) + \tilde{B}_i) \times \{ N_{n, n} \alpha _i + \beta _n \}, \end{aligned}$$

where \(\tilde{N} :=(N_{i, j})_{1 \leqslant i \leqslant n - 1, 1 \leqslant j \leqslant n - 1}\) and \(\tilde{B}_i :=\alpha _i \left( \begin{array}{c} N_{1, n}\\ \vdots \\ N_{n - 1, n} \end{array}\right) + \left( \begin{array}{c} \beta _1\\ \vdots \\ \beta _{n - 1} \end{array}\right) \). We compute

$$\begin{aligned} g_i (x_1, \ldots , x_{n - 1}) :=_{} f (x_1, \ldots , x_{n - 1}, N_{n, n} \alpha _i + \beta _n) \end{aligned}$$

for \(i = 1, \ldots , \ell \) using \(O (\ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell )\) operations in \(\mathbb {A}\). For \(i = 1, \ldots , \ell \), we then evaluate \(g_i (x_1, \ldots , x_{n - 1})\) at \(\tilde{N} (S^{n - 1}) + \tilde{B}_i\) by induction. The base case \(n = 0\) takes constant time O(1). Consequently, for any n, the total number of operations in \(\mathbb {A}\) is \(O (n \ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell )\), by the same argument as in the proof of Lemma 27. We recover \(f (N (x_1, \ldots , x_n) + B)\) with \(O (n \ell ^{n - 1} {{\textsf {{M}} }} (\ell ) \log \ell )\) operations in \(\mathbb {A}\) by Lemma 28.

If N is lower triangular then we may revert of the variables in f and the columns of N in order to reduce to the upper triangular case. Alternatively, we may adapt the latter decomposition of the set of points, as follows:

$$\begin{aligned} N (S^n) + B= & {} \bigsqcup _{i = 1}^{\ell } N (\{ \alpha _i \} \times S^{n - 1}) + B\\= & {} \bigsqcup _{i = 1}^{\ell } \{ N_{1, 1} \alpha _i + \beta _1 \} \times (\tilde{N} (S^{n - 1}) + \tilde{B}_i), \end{aligned}$$

where \(\tilde{N} :=(N_{i, j})_{2 \leqslant i \leqslant n, 2 \leqslant j \leqslant n}\) and \(\tilde{B}_i :=\alpha _i \left( \begin{array}{c} N_{2, 1}\\ \vdots \\ N_{n, 1} \end{array}\right) + \left( \begin{array}{c} \beta _2\\ \vdots \\ \beta _n \end{array}\right) \). So we compute

$$\begin{aligned} g_i (x_2, \ldots , x_n) :=_{} f (N_{1, 1} \alpha _i + \beta _1, x_2, \ldots , x_n) \end{aligned}$$

and evaluate \(g_i (x_2, \ldots , x_n)\) at \(\tilde{N} (S^{n - 1}) + \tilde{B}_i\) by induction, for \(i = 1, \ldots , \ell \).

Finally if N is general, then it suffices to use the given LU-decomposition, where L is lower triangular with 1 on the diagonal, and U is upper triangular. In fact we have \(f (LU (S^n) + B) = (f \circ L) (U (S^n) + L^{- 1} B)\), so we compute \(f \circ L\) and then \((f \circ L) (U (S^n) + L^{- 1} B)\) and \((f \circ L) (UX + L^{- 1} B)\). \(\square \)

In the next lemma, the same technique is adapted to homogeneous polynomials.

Lemma 29

Let \(f \in \mathbb {A} [x_0, \ldots , x_n]\) be homogeneous of degree \(d \geqslant 1\), let N be a \((n + 1) \times (n + 1)\) matrix over \(\mathbb {A}\), and let \(S = \{ \alpha _0, \ldots , \alpha _d \}\) be a subset of \(\mathbb {A}\) of cardinality \(d + 1\) such that \(\alpha _i - \alpha _j\) is invertible whenever \(i \ne j\). If an LU-decomposition of N is given, then \(f \circ N\) can be computed with \(O (n (d + 1)^{n - 1} {{\textsf {{M}} }} (d) \log d)\) arithmetic operations in \(\mathbb {A}\).

Proof

Assume first that \(N = (N_{i, j})_{0 \leqslant i \leqslant n, 0 \leqslant j \leqslant n}\) is lower triangular and let \(\tilde{N} :=(N_{i, j})_{1 \leqslant i \leqslant n, 1 \leqslant j \leqslant n}\). We are led to compose \(f (N_{0, 0}, x_1, \ldots , x_n)\) with

$$\begin{aligned} \tilde{N} \left( \begin{array}{c} x_1\\ \vdots \\ x_n \end{array}\right) + \left( \begin{array}{c} N_{1, 0}\\ \vdots \\ N_{n, 0} \end{array}\right) \end{aligned}$$

by means of Proposition 8. If N is upper triangular then it suffices to revert the variables \(x_0, \ldots , x_n\) in f, and the columns of N, in order to reduce to the lower triangular case. Alternatively, we may set \(\tilde{N} :=(N_{i, j})_{0 \leqslant i \leqslant n - 1, 0 \leqslant j \leqslant n - 1}\) and compose \(f (x_0, \ldots , x_{n - 1}, N_{n, n})\) with

$$\begin{aligned} \tilde{N} \left( \begin{array}{c} x_1\\ \vdots \\ x_n \end{array}\right) + \left( \begin{array}{c} N_{0, n}\\ \vdots \\ N_{n - 1, n} \end{array}\right) , \end{aligned}$$

in order to obtain \((f \circ N) (x_0, \ldots , x_{n - 1}, 1)\). Finally, for any N, it suffices to use the given LU-decomposition. \(\square \)

Proposition 9

Let \(f \in \mathbb {A} [x_0, \ldots , x_n]\) be homogeneous of degree \(d \geqslant 2\), let N be a \({(n + 1)} \times {(n + 1)}\) matrix over \(\mathbb {A}\), and let \(S = \{ \alpha _0, \ldots , \alpha _d \}\) be a subset of \(\mathbb {A}\) of cardinality \(d + 1\) such that \(\alpha _i - \alpha _j\) is invertible whenever \(i \ne j\). If an LU-decomposition of N is given, then \(f \circ N\) can be computed with \(O (n^2 d^{n - 1} {{\textsf {{M}} }} (d) \log d)\) arithmetic operations in \(\mathbb {A}\).

Proof

The total number of coefficients in f is \(O (d^n)\) by inequality (2). We decompose

$$\begin{aligned} f = x_0 g_0 + x_1 g_1 + \cdots + x_n g_n, \end{aligned}$$
(18)

where \(x_n g_n (x_0, x_1, \ldots , x_n)\) is made of the terms of f which are multiple of \(x_n\), then \(x_{n - 1} g_{n - 1}\) is made of the terms of \(f - x_n g_n\) which are multiple of \(x_{n - 1}\), ..., and finally \(x_0 g_0\) is made of the terms of \(f - (x_1 g_1 + \cdots + x_n g_n)\) which are multiple of \(x_0\) (that is a \(\mathbb {A}\)-multiple of a power of \(x_0\)). In this way, we are led to compute \(g_i \circ N\) for \(i = 0, \ldots , n\), with \(g_i\) of degree \(\leqslant d - 1\); this requires \(O (n^2 d^{n - 1} {{\textsf {{M}} }} (d) \log d)\) operations in \(\mathbb {A}\), by Lemma 29. Then \(f \circ N\) can be recovered with further \(\tilde{O} (n^2 d^n)\) operations. \(\square \)

Remark 4

If one can use specific sequences of points \(\alpha _i\), for instance in geometric progressions, then multi-point evaluations and interpolations in one variable and in degree d over \(\mathbb {A}\) cost \(O ({{\textsf {{M}} }} (d))\) by means of [10], that saves a factor of \(\log d\) in the above complexity estimates.

Coefficients in a Galois Ring

For the purpose of the present paper, we need to adapt the results of the previous subsection to the case when \(\mathbb {A}\) is the Galois Ring \({\text {GR}}\, (p^{\kappa }, k)\), and in the context of Turing machines. In the next lemmas we use the lexicographic order on \(\mathbb {N}^n\), written \(<_{{\text {lex}}\,}\), defined by

$$\begin{aligned} \alpha<_{{\text {lex}}\,} \beta \quad \Leftrightarrow \quad \left( \exists j \in \{ 1, \ldots , n \}, \quad \alpha _n = \beta _n \wedge \cdots \wedge \alpha _{j + 1} = \beta _{j + 1} \wedge \alpha _j < \beta _j \right) . \end{aligned}$$

In terms of Turing machines, we need the following variants of Lemmas 27 and 28.

Lemma 30

Let \(\ell \geqslant 1\), let \(f \in {\text {GR}}\, (p^{\kappa }, k) [x_1, \ldots , x_n]\) be of partial degree \(< \ell \) in \(x_i\) for \(i = 1, \ldots , n\), and let \(\alpha _1, \ldots , \alpha _{\ell }\) be values in \({\text {GR}}\, (p^{\kappa }, k)\). Then, the values \(f (\alpha _{i_1}, \ldots , \alpha _{i_n})\) for \((i_1, \ldots , i_n)\) running over \(\{ 1, \ldots , \ell \}^n\) in the lexicographic order \(<_{{\text {lex}}\,}\) can be computed in time

$$\begin{aligned} n \ell ^n \tilde{O} (\log ^2 \ell \kappa k \log p) . \end{aligned}$$

Proof

The proof follows the one of Lemma 27 while taking data reorganizations into account. More precisely, using one \(\ell ^{n - 1} \times \ell \) matrix transposition, we reorganize the values of the \(f_i\) after the recursive calls into the sequence of

$$\begin{aligned} f_0 (\alpha _{i_1}, \ldots , \alpha _{i_{n - 1}}), \ldots , f_{\ell - 1} (\alpha _{i_1}, \ldots , \alpha _{i_{n - 1}}) \end{aligned}$$

for \((i_1, \ldots , i_{n - 1})\) running over \(\{ 1, \ldots , \ell \}^{n - 1}\) in the lexicographic order \(<_{{\text {lex}}\,}\). Then, after the multi-point evaluations of \(f (\alpha _{i_1}, \ldots , \alpha _{i_{n - 1}}, x_n)\), we need to transpose the \(\ell \times \ell ^{n - 1}\) array made of the values of f, in order to ensure the lexicographic ordering in the output. The cost of these transpositions is \(O (\ell ^n \log \ell \kappa k \log p)\) by Lemma 1, which is negligible. \(\square \)

Lemma 31

Assume \(\ell \geqslant 1\) and \(p^k \geqslant \ell \). Let \(\alpha _1, \ldots , \alpha _{\ell }\) be pairwise distinct values in \({\text {GR}}\, (p^{\kappa }, k)\) such that \(\alpha _i - \alpha _j\) is invertible modulo p for all \(i \ne j\), and let \(\beta _{i_1, \ldots , i_n}\) be a family of values in \({\text {GR}}\, (p^{\kappa }, k)\) for \((i_1, \ldots , i_n)\) running over \(\{ 1, \ldots , \ell \}^n\) in the lexicographic order \(<_{{\text {lex}}\,}\). The unique polynomial \(f \in {\text {GR}}\, (p^{\kappa }, k) [x_1, \ldots , x_n]\) of partial degree \(< \ell \) in \(x_i\) for \(i = 1, \ldots , n\), and such that \(f (\alpha _{i_1}, \ldots , \alpha _{i_n}) = \beta _{i_1, \ldots , i_n}\) for all \((i_1, \ldots , i_n)\) in \(\{ 1, \ldots , \ell \}^n\), can be computed in time

$$\begin{aligned} n \ell ^n \tilde{O} (\log ^2 \ell \kappa k \log p) . \end{aligned}$$

Proof

The proof follows the one of Lemma 28, by doing the data reorganizations in the opposite direction from the one in the proof of Lemma 30. \(\square \)

From now, for convenience, we discard the case \(\ell = 1\). In this way, whenever \(\ell \geqslant 2\), we may use \(n^{O (1)} = \log ^{O (1)} (\ell ^n)\).

Proposition 10

Assume \(\ell \geqslant 2\) and \(p^k \geqslant \ell \). Let \(f \in {\text {GR}}\, (p^{\kappa }, k) [x_1, \ldots , x_n]\) be of partial degree \(< \ell \) in \(x_i\) for \(i = 1, \ldots , n\), and let N be a \(n \times n\) matrix over \({\text {GR}}\, (p^{\kappa }, k)\). If an LU-decomposition of N is given, then \(f \circ N\) can be computed in time \(\tilde{O} (\ell ^n \kappa k \log p)\).

Proof

We first generate a subset \(S :=\{ \alpha _1, \ldots , \alpha _{\ell } \}\) of \({\text {GR}}\, (p, k)\) of cardinality \(\ell \) in time \(\tilde{O} (\ell k \log p)\); this ensures the invertibility of \(\alpha _i - \alpha _j\) for \(i \ne j\). The proof then follows the one of Proposition 8 while taking data reorganizations into account. When N is upper triangular, the computation of \(g_1, \ldots , g_{\ell }\) requires the multi-point evaluation of f regarded in \({\text {GR}}\, (p^{\kappa }, k) [x_1, \ldots , x_{n - 1}] [x_n]\): we may simply appeal to the fast univariate algorithm because it only involves additions, subtractions and products by elements of \({\text {GR}}\, (p^{\kappa }, k)\) over the ground ring \({\text {GR}}\, (p^{\kappa }, k) [x_1, \ldots , x_{n - 1}]\). Consequently \(g_1, \ldots , g_{\ell }\) may be obtained in time \(\ell ^{n - 1} \tilde{O} (\ell \kappa k \log p)\), by Lemma 4. In addition, the \(\ell ^{n - 1} \times \ell \) array of values of the \(g_i\) must be transposed at the end, in order to guarantee the lexicographic ordering necessary to interpolate \(f \circ N\).

When N is lower triangular, the data reorganization costs essentially the same, except that the computation of \(g_1, \ldots , g_{\ell }\) takes time \(\ell ^{n - 1} \tilde{O} (\ell \kappa k \log p)\) by Lemmas 10 and 4. \(\square \)

Before achieving the proof of Proposition 1, we further need the following lemma in order to change the representation of a homogeneous polynomial.

Lemma 32

Let f be a homogeneous polynomial of degree \(d \geqslant 2\) in \({\text {GR}}\, (p^{\kappa }, k) [x_0\), \(\ldots , x_n]\), represented as before by \(f^{\flat } (x_1, \ldots , x_n) :=f (1, x_1, \ldots , x_n)\) and d, and let \(i \in \{ 0, \ldots , n \}\). Then, for any \(\alpha \in {\text {GR}}\, (p^{\kappa }, k)\) we can compute \(f^{\diamond } (x_0, \ldots , x_{i - 1}, x_{i + 1}\), \(\ldots , x_{n - 1}) :=f (x_0, \ldots , x_{i - 1},\alpha \), \(x_{i + 1}, \ldots , x_{n - 1})\) in time \(\tilde{O} (d^n \kappa k \log p)\).

Proof

For simplicity the proof is done for \(i = n\), but it extends in a coefficientwise manner to any i. A sparse representation of f is made of a sequence of pairs of coefficients and vector exponents. More precisely, if \(f = \sum _{e \in \mathbb {N}^{n + 1}} f_e x_0^{e_0} \cdots x_n^{e_n}\) then a sparse representation of it is the sequence of the pairs \((f_e, e)\), for all the nonzero coefficients \(f_e\). The bit size of a vector exponent is \(O (n + \log d)\), and therefore the bit size of a sparse representation of f is \(O (d^n (n + \log d) \kappa k \log p)\) by (2).

In order to prove the lemma, we first convert f, given in dense representation, into a sparse representation. When \(n = 1\) the sparse representation of \(f^{\flat }\) may be obtained in time \(O (d \log d \kappa k \log p)\). Otherwise \(n \geqslant 2\) and we regard \(f^{\flat }\) in \({\text {GR}}\, (p^{\kappa }, k) [x_1, \ldots , x_{n - 1}] [x_n]\),

$$\begin{aligned} f^{\flat } (x_1, \ldots , x_n) = f_0^{\flat } (x_1, \ldots , x_{n - 1}) + \cdots + f_d^{\flat } (x_1, \ldots , x_{n - 1}) x_n^d, \end{aligned}$$

and recursively compute the sparse representation of \(f_i^{\flat }\) for \(i = 0, \ldots , d\). These representations may naturally be glued together into a sparse representation of \(f^{\flat }\), in time \(O (d^n (n + \log d) \kappa k \log p)\), by adding the exponent of \(x_n\) into each exponent vector. A straightforward induction leads to a total time \(O (d^n (n + \log d) \kappa k \log p)\) for the change of representation of \(f^{\flat }\). Then the sparse representation of f may be deduced with additional time \(O (d^n (n + \log d) \kappa k \log p)\) by appending the exponent of \(x_0\) needed for homogenization.

Second, from the latter sparse representation of f we may simply discard the exponents of \(x_n\) and multiply the coefficients with the corresponding powers of \(\alpha \), in order to obtain a sparse representation of \(f^{\diamond }\) in time \(\tilde{O} (d^n \kappa k \log p)\).

Finally it remains to construct the dense representation of \(f^{\diamond }\) from its sparse representation. To this aim we sort the sparse representation in increasing lexicographic order on the exponent vectors in time \(O (d^n \log (d^n) (n + \log d) \kappa k \log p)\). We next compute the dense representation by induction over n. Writing

$$\begin{aligned} f^{\diamond } (x_0, \ldots , x_{n - 1}) = f_0^{\diamond } (x_0, \ldots , x_{n - 2}) + \cdots + f_{\ell - 1}^{\diamond } (x_0, \ldots , x_{n - 2}) x_{n - 1}^{\ell - 1}, \end{aligned}$$

the sparse representations of \(f_0^{\diamond }, \ldots , f_{\ell - 1}^{\diamond }\) are computed by induction, after removal of the powers of \(x_{n - 1}\). The induction ends when \(n = 0\), in which case the conversion to dense representation requires time \(O (d \log d \kappa k \log p)\). In total, the dense representation of \(f^{\diamond }\) can be computed in time \(O (d^n \log (d^n) (n + \log d) \kappa k \log p)\). \(\square \)

Proof of Proposition 1

We follow the proofs of Lemma 29 and Proposition 9, still while taking into account the cost of data reorganizations.

In the proof of Lemma 29, the cost of obtaining \(f (N_{0, 0}, x_1, \ldots , x_n)\) and \(f (x_0, \ldots , x_{n - 1}, N_{n, n})\) is given by Lemma 32, that is \(\tilde{O} (d^n \kappa k \log p)\).

In the proof of Proposition 9 we first need to compute the decomposition (18) of f. The polynomial

$$\begin{aligned} g_n (x_0, \ldots , x_n)= & {} f_1 (x_0, \ldots , x_{n - 1}) + f_2 (x_0, \ldots , x_{n - 1}) x_n + \cdots \\&+ f_d (x_0, \ldots , x_{n - 1}) x_n^{d - 1} \end{aligned}$$

is represented by

$$\begin{aligned} g_n^{\flat } (x_1, \ldots , x_n):= & {} f_1^{\flat } (x_1, \ldots , x_{n - 1}) + f_2^{\flat } (x_1, \ldots , x_{n - 1}) x_n + \cdots \\&+ f_d^{\flat } (x_1, \ldots , x_{n - 1}) x_n^{d - 1} \end{aligned}$$

and \(d - 1\). Consequently \(g_n^{\flat }\) may be easily obtained in time \(O (d^n \kappa k \log p)\). Then the rest of the decomposition \(g_{n - 1}^{\flat }, \ldots , g_0^{\flat }\) is obtained from \(f_0^{\flat } (x_1, \ldots , x_{n - 1})\), recursively. The total cost for obtaining all the \(g_i^{\flat }\) is therefore bounded by \(\tilde{O} (d^n \kappa k \log p)\).

For any \(c \in {\text {GR}}\, (p^{\kappa }, k)\), any \(i \in \{ 0, \ldots , n \}\), and any \(j \in \{ 1, \ldots , n \}\), the computations of \({c (g_i \circ N)} (1, x_1, \ldots , x_n)\) and of \(cx_j (g_i \circ N) (1, x_1, \ldots , x_n)\) take time \(d^n \tilde{O} (\kappa k \log p)\) since their supports have cardinality \(O (d^n)\) by (2).

Finally, from

$$\begin{aligned} f \circ N = \sum _{i = 0}^n \left( \sum _{j = 0}^n N_{i, j} x_j \right) (g_i \circ N) \end{aligned}$$

we obtain the representation of \(f \circ N\) as

$$\begin{aligned} (f \circ N) (1, x_1, \ldots , x_n) = \sum _{i = 0}^n \left( N_{i, 0} + \sum _{j = 1}^n N_{i, j} x_j \right) (g_i \circ N) (1, x_1, \ldots , x_n), \end{aligned}$$

using additional time \(\tilde{O} (d^n \kappa k \log p)\). The cost of the data reorganizations in the proof of Proposition 9 is negligible. \(\square \)

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

van der Hoeven, J., Lecerf, G. On the Complexity Exponent of Polynomial System Solving. Found Comput Math 21, 1–57 (2021). https://doi.org/10.1007/s10208-020-09453-0

Download citation

Keywords

  • Polynomial system solving
  • Geometric resolution
  • Complexity bounds

Mathematics Subject Classification

  • 14-04
  • 14Q20
  • 14B05
  • 68W30